Jump to content

Welcome to Geeks to Go - Register now for FREE

Geeks To Go is a helpful hub, where thousands of volunteer geeks quickly serve friendly answers and support. Check out the forums and get free advice from the experts. Register now to gain access to all of our features, it's FREE and only takes one minute. Once registered and logged in, you will be able to create topics, post replies to existing threads, give reputation to your fellow members, get your own private messenger, post status updates, manage your profile and so much more.

Create Account How it Works
Photo

Slow Boot Time and Browser Pop up issues [Solved]

Systems Slow response browser

  • This topic is locked This topic is locked

#1
nfmaharaj

nfmaharaj

    Member

  • Member
  • PipPip
  • 44 posts

I am really hoping that someone could help me. My system had a virus and a friend removed it, but ever since my system have not been working as it use to. I am having very slow response time when it is shutting down and booting up, also while searching the web or viewing a web page, I keeping getting pop up windows stating the following:

 

The page at www.bluegral.org says:

 

1) Windows Firewall Warning!

*** YOUR COMPUTER MAY HAVE ADWARE/SPYWARE VIRUS ***

Call 1-844-839-7975 immediately for assistance on how to remove potential viruses.

The Call is Toll Free.

Possible network damages if potential viruses are not removed immediately.

UNKNOWN DATA EXPOSED TO RISK:

1. Your credit card details and banking information.

2. Your email passwords and other account passwords.

3. Your Facebook, Skype, AIM, ICQ and other chat logs.

4. Your private photos, family photos, and other sensitive files.

5. Your webcam could be accessed remotely by stalkers with a VPN virus.

MORE ABOUT THE VIRUS:

Seeing these pop-up's means that you may have a virus installed on your computer which puts the security of your personal data at a serious risk. It's stronly advised that you call the number above and get your computer inspected especially for shopping.

Call 1-844-839-7975 immediately for assistance on how to perform your check. The call is tollfree

 

I even got this same pop up window while viewing you web page and I had to use the task manager to end my browser task and then relaunch the browser to try again. I am in desperate need of someone assistance. Please help me! 

 

OTL logfile created on: 10/18/2014 8:50:03 PM - Run 1
OTL by OldTimer - Version 3.2.69.0     Folder = C:\Users\Nigel\Downloads
64bit- Ultimate Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.11.9600.17358)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy
 
8.00 Gb Total Physical Memory | 4.35 Gb Available Physical Memory | 54.43% Memory free
19.99 Gb Paging File | 13.86 Gb Available in Paging File | 69.31% Paging File free
Paging file location(s): C:\pagefile.sys 6142 6142K:\pagef [Binary data over 200 bytes]
 
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 298.09 Gb Total Space | 136.40 Gb Free Space | 45.76% Space Free | Partition Type: NTFS
Drive F: | 6.67 Mb Total Space | 0.00 Mb Free Space | 0.00% Space Free | Partition Type: CDFS
Drive G: | 3.73 Gb Total Space | 2.43 Gb Free Space | 65.18% Space Free | Partition Type: FAT32
Drive H: | 7.47 Gb Total Space | 0.49 Gb Free Space | 6.50% Space Free | Partition Type: FAT32
Drive K: | 465.76 Gb Total Space | 205.98 Gb Free Space | 44.22% Space Free | Partition Type: NTFS
 
Computer Name: NIGEL-PC | User Name: Nigel | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Quick Scan | Include 64bit Scans
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days
 
========== Processes (SafeList) ==========
 
PRC - [2014/10/18 20:49:37 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Nigel\Downloads\OTL.exe
PRC - [2014/10/01 11:09:30 | 000,968,504 | ---- | M] (Malwarebytes Corporation) -- C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe
PRC - [2014/10/01 11:09:28 | 001,871,160 | ---- | M] (Malwarebytes Corporation) -- C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe
PRC - [2014/10/01 11:09:20 | 007,229,752 | ---- | M] (Malwarebytes Corporation) -- C:\Program Files (x86)\Malwarebytes Anti-Malware\mbam.exe
PRC - [2014/09/16 22:15:08 | 002,460,488 | ---- | M] (NVIDIA Corporation) -- C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
PRC - [2014/09/16 22:14:57 | 001,795,912 | ---- | M] (NVIDIA Corporation) -- C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
PRC - [2014/08/29 22:49:43 | 000,852,808 | ---- | M] (Google Inc.) -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
PRC - [2014/08/27 20:29:36 | 001,217,032 | ---- | M] (TorchMedia Inc.) -- C:\Users\Nigel\AppData\Local\Torch\Update\TorchCrashHandler.exe
PRC - [2014/08/27 20:27:52 | 000,857,096 | ---- | M] (Torch Media Inc.) -- C:\Users\Nigel\AppData\Local\Torch\Application\torch.exe
PRC - [2014/08/27 20:27:50 | 001,127,432 | ---- | M] (Torch Media Inc.) -- C:\Users\Nigel\AppData\Local\Torch\Update\33.0.0.7723\TorchUpdate.exe
PRC - [2014/08/20 04:21:40 | 000,042,680 | ---- | M] (Anvisoft) -- C:\Program Files (x86)\Anvisoft\Cloud System Booster\CSBSvc.exe
PRC - [2014/07/02 13:44:41 | 000,411,936 | ---- | M] (NVIDIA Corporation) -- C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
PRC - [2014/02/27 22:12:22 | 000,893,312 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\AAM Updates Notifier.exe
PRC - [2013/05/07 14:34:36 | 000,193,256 | ---- | M] (Anvisoft) -- C:\Program Files (x86)\Anvisoft\Cloud System Booster\extentions\Toolbox\Startup Booster\StartupTimeSrv.exe
PRC - [2012/12/05 16:40:02 | 000,597,880 | ---- | M] (BlueStack Systems, Inc.) -- C:\Program Files (x86)\BlueStacks\HD-Agent.exe
PRC - [2012/12/05 16:39:48 | 000,638,840 | ---- | M] (BlueStack Systems, Inc.) -- C:\Program Files (x86)\BlueStacks\HD-Frontend.exe
PRC - [2012/12/05 16:39:08 | 000,393,080 | ---- | M] (BlueStack Systems, Inc.) -- C:\Program Files (x86)\BlueStacks\HD-Service.exe
PRC - [2012/12/05 16:39:04 | 000,366,456 | ---- | M] (BlueStack Systems) -- C:\Program Files (x86)\BlueStacks\HD-SharedFolder.exe
PRC - [2012/12/05 16:38:56 | 000,260,472 | ---- | M] (BlueStack Systems) -- C:\Program Files (x86)\BlueStacks\HD-BlockDevice.exe
PRC - [2012/12/05 16:38:54 | 000,375,672 | ---- | M] (BlueStack Systems) -- C:\Program Files (x86)\BlueStacks\HD-Network.exe
PRC - [2011/09/02 20:08:34 | 000,410,911 | ---- | M] () -- C:\Program Files (x86)\BlueStacks\HD-Adb.exe
PRC - [2007/09/02 14:58:52 | 000,495,616 | ---- | M] () -- C:\Program Files (x86)\RocketDock\RocketDock.exe
 
 
========== Modules (No Company Name) ==========
 
MOD - [2014/10/14 21:58:13 | 001,443,328 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\NAudio\9135f51b99401f75b42b5850ebe85393\NAudio.ni.dll
MOD - [2014/10/14 21:58:12 | 000,814,080 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\HD-Frontend\03fe6a5794936ee0cad471ab7dde5f01\HD-Frontend.ni.exe
MOD - [2014/10/14 21:58:06 | 000,155,136 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\JSON\8577fb8117ee0f360b8745c1a7ad55fb\JSON.ni.dll
MOD - [2014/10/14 21:57:56 | 000,643,072 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\HD-Agent\0d48018172c6fd456907ec7f1c986564\HD-Agent.ni.exe
MOD - [2014/10/14 21:49:47 | 000,212,992 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.ServiceProce#\a229c5bed4a12b5db6ca55d223ada6df\System.ServiceProcess.ni.dll
MOD - [2014/10/14 21:49:35 | 011,922,944 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Web\b4001d722e320fa42cd87b04b5249b2d\System.Web.ni.dll
MOD - [2014/10/14 21:48:54 | 012,435,968 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\1453d9e9a4989833ef3db4b22549ba1a\System.Windows.Forms.ni.dll
MOD - [2014/10/14 21:48:46 | 001,593,344 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Drawing\836e10dfd0811b303553216f5cb092ef\System.Drawing.ni.dll
MOD - [2014/10/14 21:48:41 | 005,467,648 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Xml\d49908aa93a23c84847b1f8b1b667860\System.Xml.ni.dll
MOD - [2014/10/14 21:48:37 | 000,978,432 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Configuration\237d509a79aeef6e4635b09450d98f2a\System.Configuration.ni.dll
MOD - [2014/10/14 21:48:20 | 007,991,808 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System\908ba9e296e92b4e14bdc2437edac603\System.ni.dll
MOD - [2014/09/11 04:44:25 | 011,497,984 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\mscorlib\38bf604432e1a30c954b2ee40d6a2d1c\mscorlib.ni.dll
MOD - [2014/08/29 22:49:41 | 000,331,592 | ---- | M] () -- C:\Program Files (x86)\Google\Chrome\Application\37.0.2062.103\ppgooglenaclpluginchrome.dll
MOD - [2014/08/29 22:49:40 | 014,669,128 | ---- | M] () -- C:\Program Files (x86)\Google\Chrome\Application\37.0.2062.103\PepperFlash\pepflashplayer.dll
MOD - [2014/08/29 22:49:38 | 008,577,864 | ---- | M] () -- C:\Program Files (x86)\Google\Chrome\Application\37.0.2062.103\pdf.dll
MOD - [2014/08/29 22:49:33 | 001,098,056 | ---- | M] () -- C:\Program Files (x86)\Google\Chrome\Application\37.0.2062.103\libglesv2.dll
MOD - [2014/08/29 22:49:31 | 000,174,408 | ---- | M] () -- C:\Program Files (x86)\Google\Chrome\Application\37.0.2062.103\libegl.dll
MOD - [2014/08/29 22:49:30 | 001,660,232 | ---- | M] () -- C:\Program Files (x86)\Google\Chrome\Application\37.0.2062.103\ffmpegsumo.dll
MOD - [2014/08/27 20:27:52 | 004,008,040 | ---- | M] () -- C:\Users\Nigel\AppData\Local\Torch\Application\33.0.0.7712\pdf.dll
MOD - [2014/08/27 20:27:52 | 001,915,400 | ---- | M] () -- C:\Users\Nigel\AppData\Local\Torch\Application\33.0.0.7712\ffmpegsumo.dll
MOD - [2014/08/27 20:27:52 | 000,908,808 | ---- | M] () -- C:\Users\Nigel\AppData\Local\Torch\Application\33.0.0.7712\libglesv2.dll
MOD - [2014/08/27 20:27:52 | 000,460,808 | ---- | M] () -- C:\Users\Nigel\AppData\Local\Torch\Application\33.0.0.7712\ppgooglenaclpluginchrome.dll
MOD - [2014/08/27 20:27:52 | 000,108,552 | ---- | M] () -- C:\Users\Nigel\AppData\Local\Torch\Application\33.0.0.7712\libegl.dll
MOD - [2014/08/27 20:27:52 | 000,051,720 | ---- | M] () -- C:\Users\Nigel\AppData\Local\Torch\Application\33.0.0.7712\chrome_elf.dll
MOD - [2014/08/11 08:24:22 | 000,645,592 | ---- | M] () -- C:\Users\Nigel\AppData\Local\Torch\User Data\Default\Extensions\dipchieogpecpggdacaaffcjemkggfbi\1.0.0.7593_0\plugin\sqlite3.dll
MOD - [2013/09/05 01:14:10 | 004,300,456 | ---- | M] () -- C:\Program Files (x86)\Common Files\microsoft shared\OFFICE14\Cultures\OFFICE.ODF
MOD - [2011/09/02 20:08:34 | 000,410,911 | ---- | M] () -- C:\Program Files (x86)\BlueStacks\HD-Adb.exe
MOD - [2010/10/20 15:45:26 | 008,801,120 | ---- | M] () -- C:\Program Files (x86)\Microsoft Office\Office14\1033\GrooveIntlResource.dll
MOD - [2007/09/02 14:58:52 | 000,495,616 | ---- | M] () -- C:\Program Files (x86)\RocketDock\RocketDock.exe
MOD - [2007/09/02 14:57:36 | 000,069,632 | ---- | M] () -- C:\Program Files (x86)\RocketDock\RocketDock.dll
 
 
========== Services (SafeList) ==========
 
SRV:64bit: - [2014/09/18 21:25:49 | 000,111,616 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\IEEtwCollector.exe -- (IEEtwCollectorService)
SRV:64bit: - [2014/09/16 22:14:56 | 001,148,744 | ---- | M] (NVIDIA Corporation) [Auto | Running] -- C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe -- (GfExperienceService)
SRV:64bit: - [2014/09/16 22:14:52 | 019,439,944 | ---- | M] (NVIDIA Corporation) [Auto | Running] -- C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe -- (NvStreamSvc)
SRV:64bit: - [2014/08/22 15:14:34 | 000,368,624 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Program Files\Microsoft Security Client\NisSrv.exe -- (NisSrv)
SRV:64bit: - [2014/08/22 15:14:34 | 000,023,784 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Microsoft Security Client\MsMpEng.exe -- (MsMpSvc)
SRV:64bit: - [2013/05/27 01:50:47 | 001,011,712 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV:64bit: - [2012/11/16 16:44:58 | 000,238,080 | ---- | M] (AMD) [Auto | Running] -- C:\Windows\SysNative\atiesrxx.exe -- (AMD External Events Utility)
SRV:64bit: - [2012/06/01 01:36:12 | 000,350,720 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\inetsrv\ftpsvc.dll -- (ftpsvc)
SRV:64bit: - [2010/11/20 23:24:51 | 000,049,664 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\snmp.exe -- (SNMP)
SRV:64bit: - [2010/11/20 23:24:39 | 000,065,536 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\nfsclnt.exe -- (NfsClnt)
SRV:64bit: - [2010/11/20 23:24:38 | 000,189,440 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\mqtgsvc.exe -- (MSMQTriggers)
SRV:64bit: - [2010/11/20 23:24:38 | 000,015,872 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\inetsrv\inetinfo.exe -- (IISADMIN)
SRV:64bit: - [2009/07/13 21:41:19 | 000,045,568 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\lpdsvc.dll -- (LPDSVC)
SRV:64bit: - [2009/07/13 21:41:10 | 000,035,328 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\iprip.dll -- (iprip)
SRV:64bit: - [2009/07/13 21:40:01 | 000,193,536 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\appmgmts.dll -- (AppMgmt)
SRV:64bit: - [2009/07/13 21:39:56 | 000,010,752 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\inetsrv\WMSvc.exe -- (WMSVC)
SRV:64bit: - [2009/07/13 21:39:47 | 000,081,920 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\SysNative\tlntsvr.exe -- (TlntSvr)
SRV:64bit: - [2009/07/13 21:39:47 | 000,010,240 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\TCPSVCS.EXE -- (simptcp)
SRV:64bit: - [2009/07/13 21:39:20 | 000,009,216 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\mqsvc.exe -- (MSMQ)
SRV:64bit: - [2009/07/13 21:38:59 | 000,019,456 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\SysNative\CISVC.EXE -- (CISVC)
SRV - [2014/10/01 11:09:30 | 000,968,504 | ---- | M] (Malwarebytes Corporation) [Auto | Running] -- C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe -- (MBAMService)
SRV - [2014/10/01 11:09:28 | 001,871,160 | ---- | M] (Malwarebytes Corporation) [Auto | Running] -- C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe -- (MBAMScheduler)
SRV - [2014/09/24 04:33:30 | 000,267,440 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)
SRV - [2014/09/16 22:14:57 | 001,795,912 | ---- | M] (NVIDIA Corporation) [Auto | Running] -- C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe -- (NvNetworkService)
SRV - [2014/09/12 05:43:14 | 000,064,704 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe -- (AdobeARMservice)
SRV - [2014/08/27 20:29:36 | 001,217,032 | ---- | M] (TorchMedia Inc.) [Auto | Running] -- C:\Users\Nigel\AppData\Local\Torch\Update\TorchCrashHandler.exe -- (TorchCrashHandler)
SRV - [2014/08/20 04:21:40 | 000,042,680 | ---- | M] (Anvisoft) [Auto | Running] -- C:\Program Files (x86)\Anvisoft\Cloud System Booster\CSBSvc.exe -- (AnviCsbSvc)
SRV - [2014/07/02 13:44:41 | 000,411,936 | ---- | M] (NVIDIA Corporation) [Auto | Running] -- C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe -- (Stereo Service)
SRV - [2014/05/15 13:29:06 | 000,342,336 | ---- | M] (IObit) [Disabled | Stopped] -- C:\Program Files (x86)\IObit\IObit Malware Fighter\IMFsrv.exe -- (IMFservice)
SRV - [2014/03/20 18:49:18 | 000,067,224 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32)
SRV - [2013/12/10 16:27:02 | 001,418,336 | ---- | M] (RealNetworks, Inc.) [Disabled | Stopped] -- c:\Program Files (x86)\Real\RealPlayer\RPDS\Bin\rpdsvc.exe -- (RealPlayer Desktop Service)
SRV - [2013/12/02 11:58:48 | 002,151,232 | ---- | M] (IObit) [Auto | Stopped] -- C:\Program Files (x86)\IObit\LiveUpdate\LiveUpdate.exe -- (LiveUpdateSvc)
SRV - [2013/10/25 15:39:32 | 000,029,320 | ---- | M] () [Disabled | Stopped] -- C:\Program Files (x86)\Real\UpdateService\RealPlayerUpdateSvc.exe -- (RealPlayerUpdateSvc)
SRV - [2013/09/11 22:21:54 | 000,105,144 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32)
SRV - [2013/07/23 02:46:22 | 000,240,288 | ---- | M] (Microsoft Corporation.) [On_Demand | Stopped] -- C:\Program Files (x86)\Microsoft\BingBar\7.2.241.0\SeaPort.EXE -- (BBUpdate)
SRV - [2013/07/23 02:46:22 | 000,193,696 | ---- | M] (Microsoft Corporation.) [Disabled | Stopped] -- C:\Program Files (x86)\Microsoft\BingBar\7.2.241.0\BBSvc.EXE -- (BBSvc)
SRV - [2013/05/07 14:34:36 | 000,193,256 | ---- | M] (Anvisoft) [Auto | Running] -- C:\Program Files (x86)\Anvisoft\Cloud System Booster\extentions\Toolbox\Startup Booster\StartupTimeSrv.exe -- ( AnviStartupTime)
SRV - [2013/04/16 16:03:25 | 000,115,608 | ---- | M] (Mozilla Foundation) [On_Demand | Stopped] -- C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance)
SRV - [2013/01/25 11:34:04 | 000,166,408 | ---- | M] (Microsoft Corp.) [Disabled | Stopped] -- C:\Program Files (x86)\Microsoft\BingDesktop\BingDesktopUpdater.exe -- (BingDesktopUpdate)
SRV - [2012/12/05 16:39:26 | 000,384,888 | ---- | M] (BlueStack Systems, Inc.) [On_Demand | Stopped] -- C:\Program Files (x86)\BlueStacks\HD-LogRotatorService.exe -- (BstHdLogRotatorSvc)
SRV - [2012/12/05 16:39:08 | 000,393,080 | ---- | M] (BlueStack Systems, Inc.) [Auto | Running] -- C:\Program Files (x86)\BlueStacks\HD-Service.exe -- (BstHdAndroidSvc)
SRV - [2012/11/29 21:31:04 | 000,038,608 | ---- | M] () [Disabled | Stopped] -- C:\Program Files (x86)\RealNetworks\RealDownloader\rndlresolversvc.exe -- (RealNetworks Downloader Resolver Service)
SRV - [2010/11/20 23:25:10 | 000,047,616 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysWOW64\snmp.exe -- (SNMP)
SRV - [2010/11/20 23:24:51 | 000,397,824 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysWOW64\inetsrv\iisw3adm.dll -- (WAS)
SRV - [2010/11/20 23:24:51 | 000,397,824 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysWOW64\inetsrv\iisw3adm.dll -- (W3SVC)
SRV - [2010/11/20 23:24:51 | 000,061,440 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysWOW64\inetsrv\apphostsvc.dll -- (AppHostSvc)
SRV - [2010/02/19 14:37:14 | 000,517,096 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe -- (SwitchBoard)
SRV - [2009/07/13 21:14:42 | 000,009,216 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysWOW64\TCPSVCS.EXE -- (simptcp)
 
 
========== Driver Services (SafeList) ==========
 
DRV:64bit: - [2014/10/18 18:52:29 | 000,129,752 | ---- | M] (Malwarebytes Corporation) [File_System | On_Demand | Running] -- C:\Windows\SysNative\drivers\MBAMSwissArmy.sys -- (MBAMSwissArmy)
DRV:64bit: - [2014/10/18 03:33:36 | 000,079,064 | ---- | M] (Malwarebytes Corporation) [Kernel | Boot | Unknown] -- C:\Windows\SysNative\drivers\lvfamxfn.sys -- (vqmwpufq)
DRV:64bit: - [2014/10/01 11:11:26 | 000,063,704 | ---- | M] (Malwarebytes Corporation) [File_System | On_Demand | Running] -- C:\Windows\SysNative\drivers\mwac.sys -- (MBAMWebAccessControl)
DRV:64bit: - [2014/10/01 11:11:16 | 000,093,400 | ---- | M] (Malwarebytes Corporation) [File_System | System | Running] -- C:\Windows\SysNative\drivers\mbamchameleon.sys -- (mbamchameleon)
DRV:64bit: - [2014/10/01 11:11:12 | 000,025,816 | ---- | M] (Malwarebytes Corporation) [File_System | On_Demand | Running] -- C:\Windows\SysNative\drivers\mbam.sys -- (MBAMProtector)
DRV:64bit: - [2014/09/16 22:14:52 | 000,019,272 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys -- (NvStreamKms)
DRV:64bit: - [2014/09/04 15:14:38 | 000,038,048 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\nvvad64v.sys -- (nvvad_WaveExtensible)
DRV:64bit: - [2014/07/28 14:52:00 | 000,054,784 | ---- | M] (Apple, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\usbaapl64.sys -- (USBAAPL64)
DRV:64bit: - [2014/07/17 18:05:06 | 000,125,584 | ---- | M] (Microsoft Corporation) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\NisDrvWFP.sys -- (NisDrv)
DRV:64bit: - [2014/01/22 01:41:37 | 000,197,408 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\nvhda64v.sys -- (NVHDA)
DRV:64bit: - [2014/01/07 09:02:06 | 000,029,904 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\nuidfltr.sys -- (NuidFltr)
DRV:64bit: - [2014/01/07 08:42:08 | 000,076,496 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\dc3d.sys -- (dc3d)
DRV:64bit: - [2013/12/11 15:32:24 | 000,036,608 | ---- | M] (Advanced Micro Devices, Inc.) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdkmpfd.sys -- (amdkmpfd)
DRV:64bit: - [2013/10/28 19:02:16 | 000,170,712 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\bcbtums.sys -- (bcbtums)
DRV:64bit: - [2013/10/01 22:22:20 | 000,056,832 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbFlt.sys -- (TsUsbFlt)
DRV:64bit: - [2013/07/25 17:53:46 | 000,023,040 | ---- | M] (Apple Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\netaapl64.sys -- (Netaapl)
DRV:64bit: - [2013/06/06 01:17:46 | 000,021,160 | ---- | M] (Advanced Micro Devices, Inc.) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\amdkmafd.sys -- (amdkmafd)
DRV:64bit: - [2013/06/01 20:38:25 | 000,009,216 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\gmPS2up.sys -- (gmPS2up)
DRV:64bit: - [2013/05/31 00:27:22 | 000,136,784 | ---- | M] (Qualcomm Atheros) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\btath_rcp.sys -- (BTATH_RCP)
DRV:64bit: - [2013/05/31 00:27:20 | 000,347,336 | ---- | M] (Qualcomm Atheros) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\btath_a2dp.sys -- (BTATH_A2DP)
DRV:64bit: - [2013/05/31 00:27:20 | 000,179,432 | ---- | M] (Qualcomm Atheros) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\btath_hcrp.sys -- (BTATH_HCRP)
DRV:64bit: - [2013/05/31 00:27:20 | 000,115,912 | ---- | M] (Qualcomm Atheros) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\btath_avdt.sys -- (btath_avdt)
DRV:64bit: - [2013/05/31 00:27:20 | 000,089,800 | ---- | M] (Qualcomm Atheros) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\btath_flt.sys -- (AthBTPort)
DRV:64bit: - [2013/05/31 00:27:20 | 000,077,464 | ---- | M] (Qualcomm Atheros) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\btath_lwflt.sys -- (BTATH_LWFLT)
DRV:64bit: - [2013/05/31 00:27:20 | 000,034,384 | ---- | M] (Qualcomm Atheros) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\btath_bus.sys -- (BTATH_BUS)
DRV:64bit: - [2013/05/25 01:10:44 | 000,096,768 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\AtihdW76.sys -- (AtiHDAudioService)
DRV:64bit: - [2013/04/23 15:50:24 | 000,132,920 | ---- | M] (Motorola Solutions, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\btmaux.sys -- (btmaux)
DRV:64bit: - [2013/03/18 15:25:48 | 000,088,376 | ---- | M] (Motorola Solutions, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\btmaud.sys -- (btmaudio)
DRV:64bit: - [2013/01/29 19:15:04 | 000,050,800 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\point64.sys -- (Point64)
DRV:64bit: - [2013/01/21 08:53:42 | 000,398,816 | ---- | M] (Marvell) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\yk62x64.sys -- (yukonw7)
DRV:64bit: - [2012/12/03 14:49:38 | 000,011,944 | ---- | M] (Advanced Micro Devices Inc.) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdide64.sys -- (amdide64)
DRV:64bit: - [2012/11/16 17:08:32 | 011,922,944 | ---- | M] (Advanced Micro Devices, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\atikmdag.sys -- (atikmdag)
DRV:64bit: - [2012/11/16 17:08:32 | 011,922,944 | ---- | M] (Advanced Micro Devices, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\atikmdag.sys -- (amdkmdag)
DRV:64bit: - [2012/11/16 15:39:12 | 000,359,936 | ---- | M] (Advanced Micro Devices, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\atikmpag.sys -- (amdkmdap)
DRV:64bit: - [2012/11/01 14:31:08 | 000,040,712 | ---- | M] (Anchorfree Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\taphss6.sys -- (taphss6)
DRV:64bit: - [2012/08/28 07:27:24 | 000,058,536 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\usbfilter.sys -- (usbfilter)
DRV:64bit: - [2012/08/23 10:12:16 | 000,029,696 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\terminpt.sys -- (terminpt)
DRV:64bit: - [2012/08/23 10:10:20 | 000,019,456 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\rdpvideominiport.sys -- (RdpVideoMiniport)
DRV:64bit: - [2012/08/23 10:08:26 | 000,030,208 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbGD.sys -- (TsUsbGD)
DRV:64bit: - [2012/07/16 15:38:24 | 000,026,208 | ---- | M] (JMicron Technology Corp.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\johci.sys -- (johci)
DRV:64bit: - [2012/03/01 02:46:16 | 000,023,408 | ---- | M] (Microsoft Corporation) [Recognizer | Boot | Unknown] -- C:\Windows\SysNative\drivers\fs_rec.sys -- (Fs_Rec)
DRV:64bit: - [2012/01/10 06:00:20 | 000,018,456 | ---- | M] (HandSet Incorporated) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\massfilter_hs.sys -- (massfilter_hs)
DRV:64bit: - [2011/03/11 02:41:12 | 000,107,904 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata)
DRV:64bit: - [2011/03/11 02:41:12 | 000,027,008 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata)
DRV:64bit: - [2010/11/20 23:24:41 | 000,104,960 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\rpcxdr.sys -- (RpcXdr)
DRV:64bit: - [2010/11/20 23:24:39 | 000,246,272 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Running] -- C:\Windows\SysNative\drivers\nfsrdr.sys -- (NfsRdr)
DRV:64bit: - [2010/11/20 23:24:15 | 000,146,432 | ---- | M] (Microsoft Corporation) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\rmcast.sys -- (RMCAST)
DRV:64bit: - [2010/11/20 23:23:48 | 000,117,248 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\tsusbhub.sys -- (tsusbhub)
DRV:64bit: - [2010/11/20 23:23:48 | 000,088,960 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\Synth3dVsc.sys -- (Synth3dVsc)
DRV:64bit: - [2010/11/20 23:23:48 | 000,071,168 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\dmvsc.sys -- (dmvsc)
DRV:64bit: - [2010/11/20 23:23:47 | 000,078,720 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD)
DRV:64bit: - [2010/11/15 15:08:34 | 000,084,008 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\btwdpan.sys -- (BTWDPAN)
DRV:64bit: - [2010/02/18 10:18:24 | 000,046,136 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdiox64.sys -- (amdiox64)
DRV:64bit: - [2009/12/30 11:21:26 | 000,031,800 | ---- | M] (VS Revo Group) [File_System | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\revoflt.sys -- (Revoflt)
DRV:64bit: - [2009/10/19 10:37:50 | 000,250,928 | ---- | M] (Alps Electric Co., Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\Apfiltr.sys -- (ApfiltrService)
DRV:64bit: - [2009/07/28 21:26:48 | 000,017,136 | ---- | M] (JMicron Technology Corp.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\jmccgp.sys -- (JmUsbCcgp)
DRV:64bit: - [2009/07/13 21:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs)
DRV:64bit: - [2009/07/13 21:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2)
DRV:64bit: - [2009/07/13 21:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor)
DRV:64bit: - [2009/07/13 20:26:13 | 000,189,440 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\mqac.sys -- (MQAC)
DRV:64bit: - [2009/07/13 19:35:55 | 000,010,240 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\psxdrv.sys -- (PsxDrv)
DRV:64bit: - [2009/06/22 15:08:30 | 000,714,752 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\y_cx88x.sys -- (cxpl_mhd)
DRV:64bit: - [2009/06/10 16:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv)
DRV:64bit: - [2009/06/10 16:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv)
DRV:64bit: - [2009/06/10 16:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\b57nd60a.sys --
 
Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 18-10-2014 01
Ran by Nigel (administrator) on NIGEL-PC on 19-10-2014 00:21:12
Running from C:\Users\Nigel\Downloads
Loaded Profile: Nigel (Available profiles: Nigel & Guest & Classic .NET AppPool & DefaultAppPool)
Platform: Windows 7 Ultimate Service Pack 1 (X64) OS Language: English (United States)
Internet Explorer Version 11
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo...very-scan-tool/
 
==================== Processes (Whitelisted) =================
 
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
 
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\MsMpEng.exe
(AMD) C:\Windows\System32\atiesrxx.exe
(AMD) C:\Windows\System32\atieclxx.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Anvisoft) C:\Program Files (x86)\Anvisoft\Cloud System Booster\extentions\Toolbox\Startup Booster\StartupTimeSrv.exe
(Microsoft Corporation) C:\Windows\System32\alg.exe
(Anvisoft) C:\Program Files (x86)\Anvisoft\Cloud System Booster\CSBSvc.exe
(Microsoft Corporation) C:\Program Files\Microsoft Mouse and Keyboard Center\itype.exe
(Microsoft Corporation) C:\Program Files\Microsoft Mouse and Keyboard Center\ipoint.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe
(Microsoft Corporation) C:\Windows\System32\inetsrv\inetinfo.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
(Microsoft Corporation) C:\Windows\System32\mqsvc.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(Microsoft Corporation) C:\Windows\System32\TCPSVCS.EXE
(Microsoft Corporation) C:\Windows\System32\snmp.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(TorchMedia Inc.) C:\Users\Nigel\AppData\Local\Torch\Update\TorchCrashHandler.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
(Microsoft Corporation) C:\Windows\System32\nfsclnt.exe
(Microsoft Corporation) C:\Windows\System32\rundll32.exe
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\NisSrv.exe
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\msseces.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
(Microsoft Corporation) C:\Windows\System32\taskmgr.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe
() C:\Program Files (x86)\RocketDock\RocketDock.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbam.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\AAM Updates Notifier.exe
(BlueStack Systems, Inc.) C:\Program Files (x86)\BlueStacks\HD-Agent.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
(OldTimer Tools) C:\Users\Nigel\Downloads\OTL.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Internet Services\ApplePhotoStreams.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudDrive.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
 
 
==================== Registry (Whitelisted) ==================
 
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
 
HKLM\...\Run: [MSC] => C:\Program Files\Microsoft Security Client\msseces.exe [1331288 2014-08-22] (Microsoft Corporation)
HKLM-x32\...\Run: [] => [X]
HKLM-x32\...\RunOnce: [Malwarebytes Anti-Malware (cleanup)] => C:\ProgramData\Malwarebytes\Malwarebytes Anti-Malware\mbamdor.exe [54072 2014-10-01] (Malwarebytes Corporation)
HKLM\...\Policies\Explorer: [NoSharedDocuments] 0
HKLM\...\Policies\Explorer: [NoDevMgrUpdate] 0
HKLM\...\Policies\Explorer: [NoSetTaskbar] 0
HKLM\...\Policies\Explorer: [NoDeletePrinter] 0
HKLM\...\Policies\Explorer: [NoDFSTab] 0
HKLM\...\Policies\Explorer: [NoChangeStartMenu] 0
HKLM\...\Policies\Explorer: [NoEncryptOnMove] 0
HKLM\...\Policies\Explorer: [NoRunasInstallPrompt] 0
HKLM\...\Policies\Explorer: [NoResolveSearch] 0
HKLM\...\Policies\Explorer: [NoHardwareTab] 0
HKLM\...\Policies\Explorer: [NoStartMenuSubFolders] 0
HKU\S-1-5-19\...\Policies\Explorer: [NoFolderOptions] 0
HKU\S-1-5-19\...\Policies\Explorer: [NoViewOnDrive] 0
HKU\S-1-5-19\...\Policies\Explorer: [NoControlPanel] 0
HKU\S-1-5-19\...\Policies\Explorer: [DisableLocalMachineRun] 0
HKU\S-1-5-19\...\Policies\Explorer: [DisableLocalMachineRunOnce] 0
HKU\S-1-5-19\...\Policies\Explorer: [DisableCurrentUserRun] 0
HKU\S-1-5-19\...\Policies\Explorer: [DisableCurrentUserRunOnce] 0
HKU\S-1-5-19\...\Policies\Explorer: [NoViewContextMenu] 0
HKU\S-1-5-19\...\Policies\Explorer: [NoShellSearchButton] 0
HKU\S-1-5-19\...\Policies\Explorer: [NoFind] 0
HKU\S-1-5-19\...\Policies\Explorer: [NoFile] 0
HKU\S-1-5-19\...\Policies\Explorer: [HideClock] 0
HKU\S-1-5-19\...\Policies\Explorer: [NoTrayContextMenu] 0
HKU\S-1-5-19\...\Policies\Explorer: [NoTrayItemsDisplay] 0
HKU\S-1-5-19\...\Policies\Explorer: [NoSetFolders] 0
HKU\S-1-5-19\...\Policies\Explorer: [NoDevMgrUpdate] 0
HKU\S-1-5-19\...\Policies\Explorer: [NoSetTaskbar] 0
HKU\S-1-5-19\...\Policies\Explorer: [NoDeletePrinter] 0
HKU\S-1-5-19\...\Policies\Explorer: [NoDFSTab] 0
HKU\S-1-5-19\...\Policies\Explorer: [NoChangeStartMenu] 0
HKU\S-1-5-19\...\Policies\Explorer: [NoLogoff] 0
HKU\S-1-5-19\...\Policies\Explorer: [NoWindowsUpdate] 0
HKU\S-1-5-19\...\Policies\Explorer: [NoEncryptOnMove] 0
HKU\S-1-5-19\...\Policies\Explorer: [NoRunasInstallPrompt] 0
HKU\S-1-5-19\...\Policies\Explorer: [NoResolveSearch] 0
HKU\S-1-5-19\...\Policies\Explorer: [NoSaveSettings] 0
HKU\S-1-5-19\...\Policies\Explorer: [NoStartMenuSubFolders] 0
HKU\S-1-5-20\...\Policies\Explorer: [NoFolderOptions] 0
HKU\S-1-5-20\...\Policies\Explorer: [NoViewOnDrive] 0
HKU\S-1-5-20\...\Policies\Explorer: [NoControlPanel] 0
HKU\S-1-5-20\...\Policies\Explorer: [DisableLocalMachineRun] 0
HKU\S-1-5-20\...\Policies\Explorer: [DisableLocalMachineRunOnce] 0
HKU\S-1-5-20\...\Policies\Explorer: [DisableCurrentUserRun] 0
HKU\S-1-5-20\...\Policies\Explorer: [DisableCurrentUserRunOnce] 0
HKU\S-1-5-20\...\Policies\Explorer: [NoViewContextMenu] 0
HKU\S-1-5-20\...\Policies\Explorer: [NoShellSearchButton] 0
HKU\S-1-5-20\...\Policies\Explorer: [NoFind] 0
HKU\S-1-5-20\...\Policies\Explorer: [NoFile] 0
HKU\S-1-5-20\...\Policies\Explorer: [HideClock] 0
HKU\S-1-5-20\...\Policies\Explorer: [NoTrayContextMenu] 0
HKU\S-1-5-20\...\Policies\Explorer: [NoTrayItemsDisplay] 0
HKU\S-1-5-20\...\Policies\Explorer: [NoSetFolders] 0
HKU\S-1-5-20\...\Policies\Explorer: [NoDevMgrUpdate] 0
HKU\S-1-5-20\...\Policies\Explorer: [NoSetTaskbar] 0
HKU\S-1-5-20\...\Policies\Explorer: [NoDeletePrinter] 0
HKU\S-1-5-20\...\Policies\Explorer: [NoDFSTab] 0
HKU\S-1-5-20\...\Policies\Explorer: [NoChangeStartMenu] 0
HKU\S-1-5-20\...\Policies\Explorer: [NoLogoff] 0
HKU\S-1-5-20\...\Policies\Explorer: [NoWindowsUpdate] 0
HKU\S-1-5-20\...\Policies\Explorer: [NoEncryptOnMove] 0
HKU\S-1-5-20\...\Policies\Explorer: [NoRunasInstallPrompt] 0
HKU\S-1-5-20\...\Policies\Explorer: [NoResolveSearch] 0
HKU\S-1-5-20\...\Policies\Explorer: [NoSaveSettings] 0
HKU\S-1-5-20\...\Policies\Explorer: [NoStartMenuSubFolders] 0
HKU\S-1-5-21-425073729-1472267466-4260431720-1000\...\Run: [iCloudServices] => C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe [43816 2014-08-08] (Apple Inc.)
HKU\S-1-5-21-425073729-1472267466-4260431720-1000\...\Run: [ApplePhotoStreams] => C:\Program Files (x86)\Common Files\Apple\Internet Services\ApplePhotoStreams.exe [43816 2014-08-14] (Apple Inc.)
HKU\S-1-5-21-425073729-1472267466-4260431720-1000\...\Run: [iCloudDrive] => C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudDrive.exe [43816 2014-08-15] (Apple Inc.)
HKU\S-1-5-21-425073729-1472267466-4260431720-1000\...\Policies\Explorer: [NoThumbnailCache] 1
HKU\S-1-5-21-425073729-1472267466-4260431720-1000\...\Policies\Explorer: [NoInstrumentation] 0
HKU\S-1-5-21-425073729-1472267466-4260431720-1000\...\Policies\Explorer: [NoDevMgrUpdate] 0
HKU\S-1-5-21-425073729-1472267466-4260431720-1000\...\Policies\Explorer: [NoSetTaskbar] 0
HKU\S-1-5-21-425073729-1472267466-4260431720-1000\...\Policies\Explorer: [NoDeletePrinter] 0
HKU\S-1-5-21-425073729-1472267466-4260431720-1000\...\Policies\Explorer: [NoDFSTab] 0
HKU\S-1-5-21-425073729-1472267466-4260431720-1000\...\Policies\Explorer: [NoChangeStartMenu] 0
HKU\S-1-5-21-425073729-1472267466-4260431720-1000\...\Policies\Explorer: [NoEncryptOnMove] 0
HKU\S-1-5-21-425073729-1472267466-4260431720-1000\...\Policies\Explorer: [NoRunasInstallPrompt] 0
HKU\S-1-5-21-425073729-1472267466-4260431720-1000\...\Policies\Explorer: [NoResolveSearch] 0
HKU\S-1-5-21-425073729-1472267466-4260431720-1000\...\Policies\Explorer: [NoHardwareTab] 0
HKU\S-1-5-21-425073729-1472267466-4260431720-1000\...\Policies\Explorer: [NoStartMenuSubFolders] 0
HKU\S-1-5-21-425073729-1472267466-4260431720-1000\...\Policies\Explorer: [NoInternetOpenWith] 0
HKU\S-1-5-21-425073729-1472267466-4260431720-1000\...\Policies\Explorer: [NoInternetIcon] 0
HKU\S-1-5-18\...\Run: [Advanced SystemCare Ultimate] => "C:\Program Files (x86)\IObit\Advanced SystemCare Ultimate\ASCTray.exe" /AutoStart
HKU\S-1-5-18\...\Policies\Explorer: [DisableLocalMachineRun] 0
HKU\S-1-5-18\...\Policies\Explorer: [DisableLocalMachineRunOnce] 0
HKU\S-1-5-18\...\Policies\Explorer: [DisableCurrentUserRun] 0
HKU\S-1-5-18\...\Policies\Explorer: [DisableCurrentUserRunOnce] 0
HKU\S-1-5-18\...\Policies\Explorer: [NoShellSearchButton] 0
HKU\S-1-5-18\...\Policies\Explorer: [NoFile] 0
HKU\S-1-5-18\...\Policies\Explorer: [HideClock] 0
HKU\S-1-5-18\...\Policies\Explorer: [NoTrayItemsDisplay] 0
HKU\S-1-5-18\...\Policies\Explorer: [NoSetFolders] 0
HKU\S-1-5-18\...\Policies\Explorer: [NoDevMgrUpdate] 0
HKU\S-1-5-18\...\Policies\Explorer: [NoSetTaskbar] 0
HKU\S-1-5-18\...\Policies\Explorer: [NoDeletePrinter] 0
HKU\S-1-5-18\...\Policies\Explorer: [NoDFSTab] 0
HKU\S-1-5-18\...\Policies\Explorer: [NoChangeStartMenu] 0
HKU\S-1-5-18\...\Policies\Explorer: [NoLogoff] 0
HKU\S-1-5-18\...\Policies\Explorer: [NoEncryptOnMove] 0
HKU\S-1-5-18\...\Policies\Explorer: [NoRunasInstallPrompt] 0
HKU\S-1-5-18\...\Policies\Explorer: [NoResolveSearch] 0
HKU\S-1-5-18\...\Policies\Explorer: [NoSaveSettings] 0
HKU\S-1-5-18\...\Policies\Explorer: [NoStartMenuSubFolders] 0
SecurityProviders: schannel.dll
ShellIconOverlayIdentifiers: [ AccExtIco1] -> {AB9CF9F8-8A96-4F9D-BF21-CE85714C3A47} => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSync\CoreSync_x64.dll ()
ShellIconOverlayIdentifiers: [ AccExtIco2] -> {853B7E05-C47D-4985-909A-D0DC5C6D7303} => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSync\CoreSync_x64.dll ()
ShellIconOverlayIdentifiers: [ AccExtIco3] -> {42D38F2E-98E9-4382-B546-E24E4D6D04BB} => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSync\CoreSync_x64.dll ()
GroupPolicy: Group Policy on Chrome detected <======= ATTENTION
CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION
 
==================== Internet (Whitelisted) ====================
 
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
 
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = en-US
HKCU\Software\Microsoft\Internet Explorer\Main,First Home Page = http://g.msn.com/1me10IE11ENUS/MSE_WCP
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.microsoft...=ie&ar=iesearch
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft...=ie&ar=iesearch
Toolbar: HKLM - Webroot Toolbar - {97ab88ef-346b-4179-a0b1-7445896547a5} -  No File
Toolbar: HKLM - IObit Apps Toolbar - {03EB0E9C-7A91-4381-A220-9B52B641CDB1} -  No File
Toolbar: HKLM-x32 - No Name - {97ab88ef-346b-4179-a0b1-7445896547a5} -  No File
Toolbar: HKLM-x32 - No Name - {03EB0E9C-7A91-4381-A220-9B52B641CDB1} -  No File
Toolbar: HKLM-x32 - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
Toolbar: HKLM-x32 - Adobe Acrobat Create PDF Toolbar - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
DPF: HKLM-x32 {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload2.m...ash/swflash.cab
Winsock: Catalog5 01 C:\Windows\SysWOW64\mswsock.dll [231424] (Microsoft Corporation) ATTENTION: The LibraryPath should be "%SystemRoot%\system32\NLAapi.dll"
Winsock: Catalog5-x64 01 %SystemRoot%\System32\mswsock.dll [327168] (Microsoft Corporation) ATTENTION: The LibraryPath should be "%SystemRoot%\system32\NLAapi.dll"
Hosts: There are more than one entry in Hosts. See Hosts section of Addition.txt
Tcpip\Parameters: [DhcpNameServer] 192.168.1.254
 
FireFox:
========
FF ProfilePath: C:\Users\Nigel\AppData\Roaming\Mozilla\Firefox\Profiles\xxxk6g1a.default
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_15_0_0_152.dll ()
FF Plugin: @divx.com/DivX VOD Helper,version=1.0.0 -> C:\Program Files\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)
FF Plugin: @microsoft.com/GENUINE -> disabled No File
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~1\MICROS~3\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF Plugin: adobe.com/AdobeAAMDetect_x86_64 -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect64.dll (Adobe Systems)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_15_0_0_152.dll ()
FF Plugin-x32: @Apple.com/iTunes,version=1.0 -> C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF Plugin-x32: @canon.com/EPPEX -> C:\Program Files\Canon\Easy-PhotoPrint EX\NPEZFFPI.DLL (CANON INC.)
FF Plugin-x32: @divx.com/DivX VOD Helper,version=1.0.0 -> C:\Program Files (x86)\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)
FF Plugin-x32: @divx.com/DivX Web Player Plug-In,version=1.0.0 -> C:\Program Files (x86)\DivX\DivX Web Player\npdivx32.dll (DivX, LLC)
FF Plugin-x32: @google.com/npPicasa3,version=3.0.0 -> C:\Program Files (x86)\Google\Picasa3\npPicasa3.dll (Google, Inc.)
FF Plugin-x32: @java.com/DTPlugin,version=10.67.2 -> C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.67.2 -> C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @microsoft.com/GENUINE -> disabled No File
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files (x86)\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)
FF Plugin-x32: @real.com/nppl3260;version=17.0.2.206 -> c:\program files (x86)\real\realplayer\Netscape6\nppl3260.dll (RealNetworks, Inc.)
FF Plugin-x32: @real.com/nprpplugin;version=17.0.2.206 -> c:\program files (x86)\real\realplayer\Netscape6\nprpplugin.dll (RealPlayer)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.24.15\npGoogleUpdate3.dll No File
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.24.15\npGoogleUpdate3.dll No File
FF Plugin-x32: @videolan.org/vlc,version=2.0.5 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.0.6 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.1.1 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.1.2 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.1.3 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin-x32: Adobe Acrobat -> C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\Air\nppdf32.dll (Adobe Systems Inc.)
FF Plugin-x32: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect32.dll (Adobe Systems)
FF Plugin HKCU: @talk.google.com/GoogleTalkPlugin -> C:\Users\Nigel\AppData\Roaming\Mozilla\plugins\npgoogletalk.dll (Google)
FF Plugin HKCU: @talk.google.com/O1DPlugin -> C:\Users\Nigel\AppData\Roaming\Mozilla\plugins\npo1d.dll (Google)
FF Plugin HKCU: @tools.google.com/Google Update;version=3 -> C:\Users\Nigel\AppData\Local\Google\Update\1.3.24.7\npGoogleUpdate3.dll No File
FF Plugin HKCU: @tools.google.com/Google Update;version=9 -> C:\Users\Nigel\AppData\Local\Google\Update\1.3.24.7\npGoogleUpdate3.dll No File
FF user.js: detected! => C:\Users\Nigel\AppData\Roaming\Mozilla\Firefox\Profiles\xxxk6g1a.default\user.js
FF Plugin ProgramFiles/Appdata: C:\Users\Nigel\AppData\Roaming\mozilla\plugins\npgoogletalk.dll (Google)
FF Plugin ProgramFiles/Appdata: C:\Users\Nigel\AppData\Roaming\mozilla\plugins\npo1d.dll (Google)
FF SearchPlugin: C:\Users\Nigel\AppData\Roaming\Mozilla\Firefox\Profiles\xxxk6g1a.default\searchplugins\EasyLife.xml
FF SearchPlugin: C:\Users\Nigel\AppData\Roaming\Mozilla\Firefox\Profiles\xxxk6g1a.default\searchplugins\safeguard-secure-search.xml
FF SearchPlugin: C:\Users\Nigel\AppData\Roaming\Mozilla\Firefox\Profiles\xxxk6g1a.default\searchplugins\Searchab.xml
FF SearchPlugin: C:\Users\Nigel\AppData\Roaming\Mozilla\Firefox\Profiles\xxxk6g1a.default\searchplugins\yahoo_ff.xml
FF Extension: Key Download - C:\Users\Nigel\AppData\Roaming\Mozilla\Firefox\Profiles\xxxk6g1a.default\Extensions\[email protected] [2013-03-01]
FF Extension: Ads Removal - C:\Users\Nigel\AppData\Roaming\Mozilla\Firefox\Profiles\xxxk6g1a.default\Extensions\[email protected] [2014-08-22]
FF Extension: TinyWallet - C:\Users\Nigel\AppData\Roaming\Mozilla\Firefox\Profiles\xxxk6g1a.default\Extensions\[email protected] [2014-10-12]
FF Extension: DictAddon - C:\Users\Nigel\AppData\Roaming\Mozilla\Firefox\Profiles\xxxk6g1a.default\Extensions\[email protected] [2013-11-24]
FF Extension: QuickShare Widget - C:\Users\Nigel\AppData\Roaming\Mozilla\Firefox\Profiles\xxxk6g1a.default\Extensions\{78f95c9b-16b5-4f71-a733-87632abd4c0c} [2013-08-13]
FF Extension: Universal Downloader - C:\Users\Nigel\AppData\Roaming\Mozilla\Firefox\Profiles\xxxk6g1a.default\Extensions\{9051303c-7e41-4311-a783-d6fe5ef2832d} [2014-10-12]
FF Extension: uTorrentControl_v6  - C:\Users\Nigel\AppData\Roaming\Mozilla\Firefox\Profiles\xxxk6g1a.default\Extensions\{96f454ea-9d38-474f-b504-56193e00c1a5} [2013-08-18]
FF Extension: HDvid Codec - C:\Users\Nigel\AppData\Roaming\Mozilla\Firefox\Profiles\xxxk6g1a.default\Extensions\[email protected] [2013-04-08]
FF Extension: PutLocker Downloader - C:\Users\Nigel\AppData\Roaming\Mozilla\Firefox\Profiles\xxxk6g1a.default\Extensions\[email protected] [2013-06-26]
FF Extension: Speed Analysis 2 - C:\Users\Nigel\AppData\Roaming\Mozilla\Firefox\Profiles\xxxk6g1a.default\Extensions\[email protected] [2014-01-16]
FF Extension: Adblock Plus - C:\Users\Nigel\AppData\Roaming\Mozilla\Firefox\Profiles\xxxk6g1a.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2013-03-01]
FF Extension: No Name - C:\Program Files (x86)\Mozilla Firefox\extensions\[email protected] [2013-08-08]
FF Extension: WordOv - C:\Program Files (x86)\Mozilla Firefox\extensions\[email protected] [2013-10-19]
FF HKLM-x32\...\Firefox\Extensions: [[email protected]] - C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\Browser\WCFirefoxExtn
FF Extension: Adobe Acrobat - Create PDF - C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\Browser\WCFirefoxExtn [2014-05-21]
 
Chrome: 
=======
CHR dev: Chrome dev build detected! <======= ATTENTION
CHR Profile: C:\Users\Nigel\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Google Slides) - C:\Users\Nigel\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2014-09-25]
CHR Extension: (Google Docs) - C:\Users\Nigel\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2014-09-25]
CHR Extension: (Google Drive) - C:\Users\Nigel\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2014-09-25]
CHR Extension: (Google Voice Search Hotword (Beta)) - C:\Users\Nigel\AppData\Local\Google\Chrome\User Data\Default\Extensions\bepbmhgboaologfdajaanbcjmnhjmhfn [2014-09-25]
CHR Extension: (YouTube) - C:\Users\Nigel\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2014-09-25]
CHR Extension: (Google Search) - C:\Users\Nigel\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2014-09-25]
CHR Extension: (Video downloader pro) - C:\Users\Nigel\AppData\Local\Google\Chrome\User Data\Default\Extensions\dbjlfogfpagepnaojhfbdlhjhildeaem [2014-09-26]
CHR Extension: (Video Downloader professional) - C:\Users\Nigel\AppData\Local\Google\Chrome\User Data\Default\Extensions\elicpjhcidhpjomhibiffojpinpmmpil [2014-09-26]
CHR Extension: (Google Sheets) - C:\Users\Nigel\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2014-09-25]
CHR Extension: (Video Downloader) - C:\Users\Nigel\AppData\Local\Google\Chrome\User Data\Default\Extensions\hnmpgleggfcndpeflbjhpjfckfmojnpo [2014-09-26]
CHR Extension: (Google Wallet) - C:\Users\Nigel\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2014-09-25]
CHR Extension: (Gmail) - C:\Users\Nigel\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2014-09-25]
CHR HKLM-x32\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj] - C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\Browser\WCChromeExtn\WCChromeExtn.crx [2014-09-12]
 
==================== Services (Whitelisted) =================
 
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
 
R2  AnviStartupTime; C:\Program Files (x86)\Anvisoft\Cloud System Booster\extentions\Toolbox\Startup Booster\StartupTimeSrv.exe [193256 2013-05-07] (Anvisoft)
R2 AnviCsbSvc; C:\Program Files (x86)\Anvisoft\Cloud System Booster\CSBSvc.exe [42680 2014-08-20] (Anvisoft)
S4 BingDesktopUpdate; C:\Program Files (x86)\Microsoft\BingDesktop\BingDesktopUpdater.exe [166408 2013-01-25] (Microsoft Corp.)
S2 BstHdAndroidSvc; C:\Program Files (x86)\BlueStacks\HD-Service.exe [393080 2012-12-05] (BlueStack Systems, Inc.)
S3 BstHdLogRotatorSvc; C:\Program Files (x86)\BlueStacks\HD-LogRotatorService.exe [384888 2012-12-05] (BlueStack Systems, Inc.)
R2 ftpsvc; C:\Windows\system32\inetsrv\ftpsvc.dll [350720 2012-06-01] (Microsoft Corporation)
R2 GfExperienceService; C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe [1148744 2014-09-16] (NVIDIA Corporation)
R2 IISADMIN; C:\Windows\system32\inetsrv\inetinfo.exe [15872 2010-11-20] (Microsoft Corporation)
S4 IMFservice; C:\Program Files (x86)\IObit\IObit Malware Fighter\IMFsrv.exe [342336 2014-05-15] (IObit)
R2 iprip; C:\Windows\System32\iprip.dll [35328 2009-07-13] (Microsoft Corporation)
S2 LiveUpdateSvc; C:\Program Files (x86)\IObit\LiveUpdate\LiveUpdate.exe [2151232 2013-12-02] (IObit)
R2 LPDSVC; C:\Windows\system32\lpdsvc.dll [45568 2009-07-13] (Microsoft Corporation)
R2 MBAMScheduler; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe [1871160 2014-10-01] (Malwarebytes Corporation)
R2 MBAMService; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe [968504 2014-10-01] (Malwarebytes Corporation)
R2 MsMpSvc; C:\Program Files\Microsoft Security Client\MsMpEng.exe [23784 2014-08-22] (Microsoft Corporation)
R3 MSMQ; C:\Windows\system32\mqsvc.exe [9216 2009-07-13] (Microsoft Corporation)
S3 MSMQTriggers; C:\Windows\system32\mqtgsvc.exe [189440 2010-11-20] (Microsoft Corporation)
R2 NfsClnt; C:\Windows\system32\nfsclnt.exe [65536 2010-11-20] (Microsoft Corporation)
R3 NisSrv; C:\Program Files\Microsoft Security Client\NisSrv.exe [368624 2014-08-22] (Microsoft Corporation)
R2 NvNetworkService; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1795912 2014-09-16] (NVIDIA Corporation)
R2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [19439944 2014-09-16] (NVIDIA Corporation)
S4 RealNetworks Downloader Resolver Service; C:\Program Files (x86)\RealNetworks\RealDownloader\rndlresolversvc.exe [38608 2012-11-29] ()
S4 RealPlayer Desktop Service; c:\program files (x86)\real\realplayer\RPDS\Bin\rpdsvc.exe [1418336 2013-12-10] (RealNetworks, Inc.)
S4 RealPlayerUpdateSvc; C:\Program Files (x86)\Real\UpdateService\RealPlayerUpdateSvc.exe [29320 2013-10-25] ()
R2 simptcp; C:\Windows\SysWOW64\tcpsvcs.exe [9216 2009-07-13] (Microsoft Corporation)
R2 SNMP; C:\Windows\System32\snmp.exe [49664 2010-11-20] (Microsoft Corporation)
R2 SNMP; C:\Windows\SysWOW64\snmp.exe [47616 2010-11-20] (Microsoft Corporation)
S3 SwitchBoard; C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Adobe Systems Incorporated) [File not signed]
S4 TlntSvr; C:\Windows\System32\tlntsvr.exe [81920 2009-07-13] (Microsoft Corporation)
R2 TorchCrashHandler; C:\Users\Nigel\AppData\Local\Torch\Update\TorchCrashHandler.exe [1217032 2014-08-27] (TorchMedia Inc.) <==== ATTENTION
R2 W3SVC; C:\Windows\system32\inetsrv\iisw3adm.dll [453120 2010-11-20] (Microsoft Corporation)
S3 WMSVC; C:\Windows\system32\inetsrv\wmsvc.exe [10752 2009-07-13] (Microsoft Corporation)
S3 avgfws; No ImagePath
S3 AVGIDSAgent; No ImagePath
S3 avgwd; No ImagePath
S3 hshld; No ImagePath
S3 HssTrayService; No ImagePath
S3 HssWd; No ImagePath
 
==================== Drivers (Whitelisted) ====================
 
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
 
R0 amdide64; C:\Windows\System32\DRIVERS\amdide64.sys [11944 2012-12-03] (Advanced Micro Devices Inc.)
S0 amdkmafd; C:\Windows\System32\DRIVERS\amdkmafd.sys [21160 2013-06-06] (Advanced Micro Devices, Inc.)
R0 amdkmpfd; C:\Windows\System32\DRIVERS\amdkmpfd.sys [36608 2013-12-11] (Advanced Micro Devices, Inc.)
S1 AntiLog32; No ImagePath
S3 AtiHDAudioService; C:\Windows\System32\drivers\AtihdW76.sys [96768 2013-05-25] (Advanced Micro Devices) [File not signed]
S4 Avgfwfd; No ImagePath
R3 bcbtums; C:\Windows\System32\drivers\bcbtums.sys [170712 2013-10-28] (Broadcom Corporation.)
R2 BstHdDrv; C:\Program Files (x86)\BlueStacks\HD-Hypervisor-amd64.sys [71032 2012-12-05] (BlueStack Systems)
S3 BTATH_LWFLT; C:\Windows\System32\DRIVERS\btath_lwflt.sys [77464 2013-05-31] (Qualcomm Atheros)
R3 btmaudio; C:\Windows\System32\drivers\btmaud.sys [88376 2013-03-18] (Motorola Solutions, Inc.)
R3 btmaux; C:\Windows\System32\DRIVERS\btmaux.sys [132920 2013-04-23] (Motorola Solutions, Inc.)
S4 btwaudio; No ImagePath
S3 btwavdt; No ImagePath
R3 BTWDPAN; C:\Windows\System32\DRIVERS\btwdpan.sys [84008 2010-11-15] (Broadcom Corporation.)
S4 btwl2cap; No ImagePath
S4 btwrchid; No ImagePath
S3 cxpl_mhd; C:\Windows\System32\drivers\y_cx88x.sys [714752 2009-06-22] (Conexant Systems, Inc.) [File not signed]
S3 FileMonitor; C:\Program Files (x86)\IObit\IObit Malware Fighter\Drivers\win7_amd64\FileMonitor.sys [23048 2013-03-23] (IObit)
S3 gmPS2up; C:\Windows\System32\DRIVERS\gmPS2up.sys [9216 2013-06-01] () [File not signed]
R1 HBtnKey; C:\Windows\System32\DRIVERS\wstbtndb.sys [9856 2007-09-14] (Lenovo)
S3 JmUsbCcgp; C:\Windows\System32\DRIVERS\jmccgp.sys [17136 2009-07-28] (JMicron Technology Corp.)
R3 johci; C:\Windows\System32\DRIVERS\johci.sys [26208 2012-07-16] (JMicron Technology Corp.)
S3 massfilter_hs; C:\Windows\System32\DRIVERS\massfilter_hs.sys [18456 2012-01-10] (HandSet Incorporated)
R1 mbamchameleon; C:\Windows\system32\drivers\mbamchameleon.sys [93400 2014-10-01] (Malwarebytes Corporation)
R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25816 2014-10-01] (Malwarebytes Corporation)
R3 MBAMSwissArmy; C:\Windows\system32\drivers\MBAMSwissArmy.sys [129752 2014-10-18] (Malwarebytes Corporation)
R3 MBAMWebAccessControl; C:\Windows\system32\drivers\mwac.sys [63704 2014-10-01] (Malwarebytes Corporation)
R0 MpFilter; C:\Windows\System32\DRIVERS\MpFilter.sys [269008 2014-07-17] (Microsoft Corporation)
R3 MQAC; C:\Windows\System32\drivers\mqac.sys [189440 2009-07-13] (Microsoft Corporation)
R3 NfsRdr; C:\Windows\System32\drivers\nfsrdr.sys [246272 2010-11-20] (Microsoft Corporation)
R2 NisDrv; C:\Windows\System32\DRIVERS\NisDrvWFP.sys [125584 2014-07-17] (Microsoft Corporation)
R3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [19272 2014-09-16] (NVIDIA Corporation)
R3 nvvad_WaveExtensible; C:\Windows\System32\drivers\nvvad64v.sys [38048 2014-09-04] (NVIDIA Corporation)
S3 PsxDrv; C:\Windows\System32\drivers\psxdrv.sys [10240 2009-07-13] (Microsoft Corporation)
S3 RegFilter; C:\Program Files (x86)\IObit\IObit Malware Fighter\drivers\win7_amd64\regfilter.sys [34848 2013-11-19] (IObit.com)
R3 RpcXdr; C:\Windows\System32\drivers\rpcxdr.sys [104960 2010-11-20] (Microsoft Corporation)
S1 SASDIFSV; No ImagePath
S1 SASKUTIL; No ImagePath
R3 taphss6; C:\Windows\System32\DRIVERS\taphss6.sys [40712 2012-11-01] (Anchorfree Inc.)
S3 UrlFilter; C:\Program Files (x86)\IObit\IObit Malware Fighter\drivers\win7_amd64\UrlFilter.sys [23016 2013-11-19] (IObit.com)
S4 VGPU; No ImagePath
U0 vqmwpufq; C:\Windows\System32\drivers\lvfamxfn.sys [79064 2014-10-18] (Malwarebytes Corporation)
S4 zghsdiag; No ImagePath
S4 zghsmdm; No ImagePath
S4 zghsnmea; No ImagePath
S3 cpuz134; \??\C:\Users\Nigel\AppData\Local\Temp\cpuz134\cpuz134_x64.sys [X]
U0 helpsvc; No ImagePath
U2 ImapiService; No ImagePath
U2 Irmon; No ImagePath
R2 sbapifs; system32\DRIVERS\sbapifs.sys [X]
U0 SR; No ImagePath
U2 srservice; No ImagePath
U0 UPS; No ImagePath
U2 WZCSVC; No ImagePath
 
==================== NetSvcs (Whitelisted) ===================
 
(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)
 
 
==================== One Month Created Files and Folders ========
 
(If an entry is included in the fixlist, the file\folder will be moved.)
 
2014-10-19 00:21 - 2014-10-19 00:21 - 00033655 _____ () C:\Users\Nigel\Downloads\FRST.txt
2014-10-19 00:20 - 2014-10-19 00:21 - 00000000 ____D () C:\FRST
2014-10-19 00:18 - 2014-10-19 00:18 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Wajam
2014-10-19 00:18 - 2014-10-19 00:18 - 00000000 ____D () C:\Program Files (x86)\Wajam
2014-10-19 00:17 - 2014-10-19 00:17 - 02112000 _____ (Farbar) C:\Users\Nigel\Downloads\FRST64.exe
2014-10-18 23:10 - 2014-10-18 23:10 - 00000000 ___RD () C:\Users\Nigel\iCloudDrive
2014-10-18 23:10 - 2014-10-18 23:10 - 00000000 ____D () C:\Users\Nigel\AppData\Local\Apple Inc
2014-10-18 21:53 - 2014-10-18 21:53 - 00224536 _____ () C:\Users\Nigel\Desktop\Computer_OTL_Extras_Report.Txt
2014-10-18 21:49 - 2014-10-18 21:49 - 00145572 _____ () C:\Users\Nigel\Desktop\Computer_OTL_Results.Txt
2014-10-18 21:09 - 2014-10-18 21:09 - 00224536 _____ () C:\Users\Nigel\Downloads\Extras.Txt
2014-10-18 21:09 - 2014-10-18 21:09 - 00145572 _____ () C:\Users\Nigel\Downloads\OTL.Txt
2014-10-18 20:49 - 2014-10-18 20:49 - 00602112 _____ (OldTimer Tools) C:\Users\Nigel\Downloads\OTL.exe
2014-10-18 19:43 - 2014-10-18 19:43 - 00401920 _____ (Farbar) C:\Users\Nigel\Downloads\MiniToolBox.exe
2014-10-18 19:42 - 2014-10-18 19:43 - 04890736 _____ (Piriform Ltd) C:\Users\Nigel\Downloads\spsetup126.exe
2014-10-18 19:22 - 2014-10-18 19:22 - 00110528 _____ () C:\Users\Nigel\AppData\Local\GDIPFONTCACHEV1.DAT
2014-10-18 03:33 - 2014-10-18 03:33 - 00079064 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\lvfamxfn.sys
2014-10-17 15:03 - 2014-10-17 15:47 - 00000000 ____D () C:\Users\Nigel\Downloads\iPhone_IPSW
2014-10-17 15:00 - 2014-10-17 15:26 - 1200488975 _____ () C:\Users\Nigel\Downloads\iPhone3,3_7.0.2_11A501_Restore.ipsw
2014-10-17 13:54 - 2014-10-17 13:57 - 00000000 ____D () C:\Users\Nigel\Desktop\Computer_Software
2014-10-17 13:50 - 2014-10-17 13:51 - 00001680 _____ () C:\Windows\system32\Drivers\kgpcpy.cfg
2014-10-17 13:50 - 2014-10-17 13:50 - 00000384 _____ () C:\Windows\SysWOW64\Drivers\kgpfr2.cfg
2014-10-17 13:34 - 2014-10-17 13:36 - 00000000 ____D () C:\Users\Nigel\Desktop\StopZilla
2014-10-17 13:18 - 2014-10-17 13:18 - 00712443 _____ () C:\Users\Nigel\Desktop\Installer (Right Click and select extract).zip
2014-10-17 12:41 - 2014-10-17 15:18 - 00001088 _____ () C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2014-10-17 12:33 - 2014-10-17 12:34 - 00000000 ____D () C:\Program Files\CCleaner
2014-10-17 12:33 - 2014-10-17 12:33 - 00002772 _____ () C:\Windows\System32\Tasks\CCleanerSkipUAC
2014-10-17 12:33 - 2014-10-17 12:33 - 00000794 _____ () C:\Users\Public\Desktop\CCleaner.lnk
2014-10-17 12:33 - 2014-10-17 12:33 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner
2014-10-17 09:46 - 2014-10-17 11:56 - 00005440 _____ () C:\Users\Nigel\Desktop\Computer_Help.txt
2014-10-17 08:57 - 2014-10-17 08:58 - 16955453 _____ () C:\Users\Nigel\Desktop\evasi0n7-win-1.0.8-ccb6ff816eb8789bf039cf3ca00edbedc199464f.zip
2014-10-16 19:02 - 2014-10-16 19:03 - 00000000 ____D () C:\ProgramData\Reimage Express
2014-10-16 19:02 - 2014-10-16 19:02 - 00004274 _____ () C:\Windows\System32\Tasks\ReimageUpdater
2014-10-16 19:02 - 2014-10-16 19:02 - 00001877 _____ () C:\Users\Public\Desktop\Reimage Express.lnk
2014-10-16 19:02 - 2014-10-16 19:02 - 00000000 ____D () C:\ProgramData\Reimage Protector
2014-10-16 19:02 - 2014-10-16 19:02 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Reimage Express
2014-10-16 00:15 - 2014-10-16 00:19 - 00003204 _____ () C:\Windows\System32\Tasks\YourFileDownloader Installer Starter
2014-10-15 15:50 - 2014-10-15 15:50 - 00006948 _____ () C:\Windows\system32\ScanResults.xml
2014-10-15 15:41 - 2014-10-15 15:41 - 00000464 _____ () C:\Windows\system32\ScannerSettings
2014-10-14 21:07 - 2014-10-16 15:25 - 00000300 _____ () C:\Users\Nigel\Desktop\reimage key.txt
2014-10-14 19:02 - 2014-10-14 20:20 - 00000585 _____ () C:\Windows\w32dasm8.ini
2014-10-14 19:02 - 2014-10-14 19:02 - 00003218 _____ () C:\Windows\System32\Tasks\{E593581A-1EAB-4FD9-B360-D63A08BB6A7B}
2014-10-14 18:06 - 2014-10-14 18:06 - 00000000 ____D () C:\Program Files (x86)\Microsoft ASP.NET
2014-10-14 17:19 - 2014-09-04 01:23 - 00424448 _____ (Microsoft Corporation) C:\Windows\system32\rastls.dll
2014-10-14 17:19 - 2014-09-04 01:04 - 00372736 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rastls.dll
2014-10-14 17:18 - 2014-08-18 23:11 - 00693176 _____ (Microsoft Corporation) C:\Windows\system32\winload.efi
2014-10-14 17:18 - 2014-08-18 23:10 - 00616352 _____ (Microsoft Corporation) C:\Windows\system32\winresume.efi
2014-10-14 17:18 - 2014-08-18 23:08 - 00503808 _____ (Microsoft Corporation) C:\Windows\system32\srcore.dll
2014-10-14 17:18 - 2014-08-18 23:08 - 00063488 _____ (Microsoft Corporation) C:\Windows\system32\setbcdlocale.dll
2014-10-14 17:18 - 2014-08-18 23:07 - 00296960 _____ (Microsoft Corporation) C:\Windows\system32\rstrui.exe
2014-10-14 17:18 - 2014-08-18 23:07 - 00146944 _____ (Microsoft Corporation) C:\Windows\system32\appidpolicyconverter.exe
2014-10-14 17:18 - 2014-08-18 23:07 - 00058880 _____ (Microsoft Corporation) C:\Windows\system32\appidapi.dll
2014-10-14 17:18 - 2014-08-18 23:07 - 00032256 _____ (Microsoft Corporation) C:\Windows\system32\appidsvc.dll
2014-10-14 17:18 - 2014-08-18 22:41 - 00050688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\appidapi.dll
2014-10-14 17:18 - 2014-08-18 22:06 - 00061440 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\appid.sys
2014-10-14 17:18 - 2014-07-06 22:07 - 14632960 _____ (Microsoft Corporation) C:\Windows\system32\wmp.dll
2014-10-14 17:18 - 2014-07-06 22:07 - 00782848 _____ (Microsoft Corporation) C:\Windows\system32\wmdrmsdk.dll
2014-10-14 17:18 - 2014-07-06 22:07 - 00229376 _____ (Microsoft Corporation) C:\Windows\system32\wintrust.dll
2014-10-14 17:18 - 2014-07-06 22:06 - 05551032 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2014-10-14 17:18 - 2014-07-06 22:06 - 04120576 _____ (Microsoft Corporation) C:\Windows\system32\mf.dll
2014-10-14 17:18 - 2014-07-06 22:06 - 01574400 _____ (Microsoft Corporation) C:\Windows\system32\quartz.dll
2014-10-14 17:18 - 2014-07-06 22:06 - 01480192 _____ (Microsoft Corporation) C:\Windows\system32\crypt32.dll
2014-10-14 17:18 - 2014-07-06 22:06 - 01202176 _____ (Microsoft Corporation) C:\Windows\system32\drmv2clt.dll
2014-10-14 17:18 - 2014-07-06 22:06 - 01069056 _____ (Microsoft Corporation) C:\Windows\system32\cryptui.dll
2014-10-14 17:18 - 2014-07-06 22:06 - 00842240 _____ (Microsoft Corporation) C:\Windows\system32\blackbox.dll
2014-10-14 17:18 - 2014-07-06 22:06 - 00679424 _____ (Microsoft Corporation) C:\Windows\system32\audiosrv.dll
2014-10-14 17:18 - 2014-07-06 22:06 - 00641024 _____ (Microsoft Corporation) C:\Windows\system32\msscp.dll
2014-10-14 17:18 - 2014-07-06 22:06 - 00631808 _____ (Microsoft Corporation) C:\Windows\system32\evr.dll
2014-10-14 17:18 - 2014-07-06 22:06 - 00500224 _____ (Microsoft Corporation) C:\Windows\system32\AUDIOKSE.dll
2014-10-14 17:18 - 2014-07-06 22:06 - 00497664 _____ (Microsoft Corporation) C:\Windows\system32\drmmgrtn.dll
2014-10-14 17:18 - 2014-07-06 22:06 - 00440832 _____ (Microsoft Corporation) C:\Windows\system32\AudioEng.dll
2014-10-14 17:18 - 2014-07-06 22:06 - 00432128 _____ (Microsoft Corporation) C:\Windows\system32\mfplat.dll
2014-10-14 17:18 - 2014-07-06 22:06 - 00325632 _____ (Microsoft Corporation) C:\Windows\system32\msnetobj.dll
2014-10-14 17:18 - 2014-07-06 22:06 - 00296448 _____ (Microsoft Corporation) C:\Windows\system32\AudioSes.dll
2014-10-14 17:18 - 2014-07-06 22:06 - 00284672 _____ (Microsoft Corporation) C:\Windows\system32\EncDump.dll
2014-10-14 17:18 - 2014-07-06 22:06 - 00206848 _____ (Microsoft Corporation) C:\Windows\system32\mfps.dll
2014-10-14 17:18 - 2014-07-06 22:06 - 00188416 _____ (Microsoft Corporation) C:\Windows\system32\pcasvc.dll
2014-10-14 17:18 - 2014-07-06 22:06 - 00187904 _____ (Microsoft Corporation) C:\Windows\system32\cryptsvc.dll
2014-10-14 17:18 - 2014-07-06 22:06 - 00082432 _____ (Microsoft Corporation) C:\Windows\system32\cryptsp.dll
2014-10-14 17:18 - 2014-07-06 22:06 - 00055808 _____ (Microsoft Corporation) C:\Windows\system32\rrinstaller.exe
2014-10-14 17:18 - 2014-07-06 22:06 - 00024576 _____ (Microsoft Corporation) C:\Windows\system32\mfpmp.exe
2014-10-14 17:18 - 2014-07-06 22:05 - 00126464 _____ (Microsoft Corporation) C:\Windows\system32\audiodg.exe
2014-10-14 17:18 - 2014-07-06 21:52 - 00663552 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\PEAuth.sys
2014-10-14 17:18 - 2014-07-06 21:40 - 11411456 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wmp.dll
2014-10-14 17:18 - 2014-07-06 21:40 - 03208704 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mf.dll
2014-10-14 17:18 - 2014-07-06 21:40 - 01329664 _____ (Microsoft Corporation) C:\Windows\SysWOW64\quartz.dll
2014-10-14 17:18 - 2014-07-06 21:40 - 01174528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\crypt32.dll
2014-10-14 17:18 - 2014-07-06 21:40 - 01005056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptui.dll
2014-10-14 17:18 - 2014-07-06 21:40 - 00988160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\drmv2clt.dll
2014-10-14 17:18 - 2014-07-06 21:40 - 00744960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\blackbox.dll
2014-10-14 17:18 - 2014-07-06 21:40 - 00617984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wmdrmsdk.dll
2014-10-14 17:18 - 2014-07-06 21:40 - 00504320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msscp.dll
2014-10-14 17:18 - 2014-07-06 21:40 - 00489984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\evr.dll
2014-10-14 17:18 - 2014-07-06 21:40 - 00442880 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AUDIOKSE.dll
2014-10-14 17:18 - 2014-07-06 21:40 - 00406016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\drmmgrtn.dll
2014-10-14 17:18 - 2014-07-06 21:40 - 00374784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AudioEng.dll
2014-10-14 17:18 - 2014-07-06 21:40 - 00354816 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfplat.dll
2014-10-14 17:18 - 2014-07-06 21:40 - 00265216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msnetobj.dll
2014-10-14 17:18 - 2014-07-06 21:40 - 00195584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AudioSes.dll
2014-10-14 17:18 - 2014-07-06 21:40 - 00179200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wintrust.dll
2014-10-14 17:18 - 2014-07-06 21:40 - 00143872 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptsvc.dll
2014-10-14 17:18 - 2014-07-06 21:40 - 00103424 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfps.dll
2014-10-14 17:18 - 2014-07-06 21:40 - 00081408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptsp.dll
2014-10-14 17:18 - 2014-07-06 21:39 - 03970488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntkrnlpa.exe
2014-10-14 17:18 - 2014-07-06 21:39 - 03914680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntoskrnl.exe
2014-10-14 17:18 - 2014-07-06 21:39 - 00050176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rrinstaller.exe
2014-10-14 17:18 - 2014-07-06 21:39 - 00023040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfpmp.exe
2014-10-14 17:18 - 2014-06-27 20:21 - 00619056 _____ (Microsoft Corporation) C:\Windows\system32\winload.exe
2014-10-14 17:18 - 2014-06-27 20:21 - 00532176 _____ (Microsoft Corporation) C:\Windows\system32\winresume.exe
2014-10-14 17:18 - 2014-06-27 20:21 - 00457400 _____ (Microsoft Corporation) C:\Windows\system32\ci.dll
2014-10-14 17:18 - 2014-06-18 18:23 - 01943696 _____ (Microsoft Corporation) C:\Windows\system32\dfshim.dll
2014-10-14 17:18 - 2014-06-18 18:23 - 01131664 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dfshim.dll
2014-10-14 17:18 - 2014-06-18 18:23 - 00156824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mscorier.dll
2014-10-14 17:18 - 2014-06-18 18:23 - 00156312 _____ (Microsoft Corporation) C:\Windows\system32\mscorier.dll
2014-10-14 17:18 - 2014-06-18 18:23 - 00081560 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mscories.dll
2014-10-14 17:18 - 2014-06-18 18:23 - 00073880 _____ (Microsoft Corporation) C:\Windows\system32\mscories.dll
2014-10-14 17:17 - 2014-08-18 23:08 - 00050176 _____ (Microsoft Corporation) C:\Windows\system32\srclient.dll
2014-10-14 17:17 - 2014-08-18 23:07 - 00017920 _____ (Microsoft Corporation) C:\Windows\system32\appidcertstorecheck.exe
2014-10-14 17:17 - 2014-08-18 22:41 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\srclient.dll
2014-10-14 17:17 - 2014-07-06 22:06 - 00009728 _____ (Microsoft Corporation) C:\Windows\system32\spwmp.dll
2014-10-14 17:17 - 2014-07-06 22:06 - 00005120 _____ (Microsoft Corporation) C:\Windows\system32\msdxm.ocx
2014-10-14 17:17 - 2014-07-06 22:06 - 00005120 _____ (Microsoft Corporation) C:\Windows\system32\dxmasf.dll
2014-10-14 17:17 - 2014-07-06 22:05 - 12625920 _____ (Microsoft Corporation) C:\Windows\system32\wmploc.DLL
2014-10-14 17:17 - 2014-07-06 22:02 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\mferror.dll
2014-10-14 17:17 - 2014-07-06 21:40 - 00008192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\spwmp.dll
2014-10-14 17:17 - 2014-07-06 21:40 - 00004096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msdxm.ocx
2014-10-14 17:17 - 2014-07-06 21:40 - 00004096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxmasf.dll
2014-10-14 17:17 - 2014-07-06 21:39 - 12625408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wmploc.DLL
2014-10-14 17:17 - 2014-07-06 21:37 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mferror.dll
2014-10-14 17:16 - 2014-09-17 22:00 - 03241472 _____ (Microsoft Corporation) C:\Windows\system32\msi.dll
2014-10-14 17:16 - 2014-09-17 21:32 - 02363904 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msi.dll
2014-10-14 17:14 - 2014-10-06 22:54 - 00378552 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2014-10-14 17:14 - 2014-10-06 22:04 - 00331448 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2014-10-14 17:14 - 2014-09-25 18:50 - 13619200 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2014-10-14 17:14 - 2014-09-25 18:46 - 00365056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2014-10-14 17:14 - 2014-09-25 18:46 - 00243200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2014-10-14 17:14 - 2014-09-25 18:46 - 00069632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2014-10-14 17:14 - 2014-09-25 18:43 - 11807232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2014-10-14 17:14 - 2014-09-25 18:32 - 02017280 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2014-10-14 17:14 - 2014-09-25 18:31 - 02108416 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2014-10-14 17:14 - 2014-09-18 22:25 - 23631360 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-10-14 17:14 - 2014-09-18 21:56 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-10-14 17:14 - 2014-09-18 21:55 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2014-10-14 17:14 - 2014-09-18 21:44 - 17484800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2014-10-14 17:14 - 2014-09-18 21:41 - 02796032 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2014-10-14 17:14 - 2014-09-18 21:40 - 00547328 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2014-10-14 17:14 - 2014-09-18 21:40 - 00066048 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2014-10-14 17:14 - 2014-09-18 21:39 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2014-10-14 17:14 - 2014-09-18 21:38 - 00083968 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2014-10-14 17:14 - 2014-09-18 21:36 - 05829632 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2014-10-14 17:14 - 2014-09-18 21:31 - 00051200 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2014-10-14 17:14 - 2014-09-18 21:30 - 00033792 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2014-10-14 17:14 - 2014-09-18 21:27 - 00595968 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2014-10-14 17:14 - 2014-09-18 21:26 - 00139264 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2014-10-14 17:14 - 2014-09-18 21:25 - 04201472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2014-10-14 17:14 - 2014-09-18 21:25 - 00758272 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2014-10-14 17:14 - 2014-09-18 21:25 - 00111616 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2014-10-14 17:14 - 2014-09-18 21:18 - 00940032 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2014-10-14 17:14 - 2014-09-18 21:14 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2014-10-14 17:14 - 2014-09-18 21:14 - 00446464 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2014-10-14 17:14 - 2014-09-18 21:06 - 00072704 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2014-10-14 17:14 - 2014-09-18 21:02 - 00454656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2014-10-14 17:14 - 2014-09-18 21:01 - 00195584 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2014-10-14 17:14 - 2014-09-18 21:01 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2014-10-14 17:14 - 2014-09-18 21:01 - 00051200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2014-10-14 17:14 - 2014-09-18 21:00 - 00085504 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2014-10-14 17:14 - 2014-09-18 20:59 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2014-10-14 17:14 - 2014-09-18 20:58 - 00289280 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2014-10-14 17:14 - 2014-09-18 20:55 - 02187264 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2014-10-14 17:14 - 2014-09-18 20:54 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2014-10-14 17:14 - 2014-09-18 20:53 - 00032768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2014-10-14 17:14 - 2014-09-18 20:51 - 00440320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2014-10-14 17:14 - 2014-09-18 20:50 - 00112128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2014-10-14 17:14 - 2014-09-18 20:49 - 00597504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2014-10-14 17:14 - 2014-09-18 20:42 - 00731136 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2014-10-14 17:14 - 2014-09-18 20:42 - 00710656 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2014-10-14 17:14 - 2014-09-18 20:40 - 01249280 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2014-10-14 17:14 - 2014-09-18 20:36 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2014-10-14 17:14 - 2014-09-18 20:33 - 02309632 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2014-10-14 17:14 - 2014-09-18 20:32 - 00164864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2014-10-14 17:14 - 2014-09-18 20:20 - 00607744 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2014-10-14 17:14 - 2014-09-18 20:18 - 01068032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2014-10-14 17:14 - 2014-09-18 20:14 - 01447936 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2014-10-14 17:14 - 2014-09-18 19:59 - 01810944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2014-10-14 17:14 - 2014-09-18 19:59 - 00775168 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2014-10-14 17:14 - 2014-09-18 19:53 - 01190400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2014-10-14 17:14 - 2014-09-18 19:52 - 00678400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2014-10-14 17:14 - 2014-09-12 21:58 - 00077312 _____ (Microsoft Corporation) C:\Windows\system32\packager.dll
2014-10-14 17:14 - 2014-09-12 21:40 - 00067072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\packager.dll
2014-10-14 17:14 - 2014-07-16 22:07 - 00681984 _____ (Microsoft Corporation) C:\Windows\system32\termsrv.dll
2014-10-14 17:14 - 2014-07-16 22:07 - 00455168 _____ (Microsoft Corporation) C:\Windows\system32\winlogon.exe
2014-10-14 17:14 - 2014-07-16 22:07 - 00235520 _____ (Microsoft Corporation) C:\Windows\system32\winsta.dll
2014-10-14 17:14 - 2014-07-16 22:07 - 00150528 _____ (Microsoft Corporation) C:\Windows\system32\rdpcorekmts.dll
2014-10-14 17:14 - 2014-07-16 22:07 - 00086528 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll
2014-10-14 17:14 - 2014-07-16 22:07 - 00022016 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll
2014-10-14 17:14 - 2014-07-16 21:40 - 00157696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\winsta.dll
2014-10-14 17:14 - 2014-07-16 21:39 - 00065536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSpkg.dll
2014-10-14 17:14 - 2014-07-16 21:39 - 00017408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\credssp.dll
2014-10-14 17:14 - 2014-07-16 21:21 - 00212480 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\rdpwd.sys
2014-10-14 17:14 - 2014-07-16 21:21 - 00039936 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tssecsrv.sys
2014-10-14 17:12 - 2014-10-09 22:05 - 00507392 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll
2014-10-14 17:12 - 2014-10-09 22:05 - 00276480 _____ (Microsoft Corporation) C:\Windows\system32\generaltel.dll
2014-10-14 17:12 - 2014-10-09 22:00 - 00424448 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2014-10-14 17:12 - 2014-08-28 22:07 - 03179520 _____ (Microsoft Corporation) C:\Windows\system32\rdpcorets.dll
2014-10-14 17:10 - 2014-09-28 20:58 - 03198976 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2014-10-14 17:10 - 2014-09-04 22:11 - 06584320 _____ (Microsoft Corporation) C:\Windows\system32\mstscax.dll
2014-10-14 17:10 - 2014-09-04 21:52 - 05703168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mstscax.dll
2014-10-12 14:48 - 2014-10-12 14:48 - 00000000 ____D () C:\Users\Nigel\Documents\Optimizer Pro
2014-10-12 14:45 - 2014-10-17 12:37 - 00000000 ____D () C:\Users\Nigel\Downloads\Software
2014-10-12 14:41 - 2014-10-12 18:46 - 00000000 ____D () C:\Program Files (x86)\globalUpdate
2014-10-12 14:41 - 2014-10-12 14:41 - 00000000 ____D () C:\Users\Nigel\AppData\Local\globalUpdate
2014-10-12 00:14 - 2014-10-12 00:14 - 00000000 ____D () C:\Users\Nigel\Downloads\Foot_Farm
2014-10-11 17:53 - 2014-10-16 19:02 - 00000000 ____D () C:\Program Files\Reimage
2014-10-11 17:52 - 2014-10-17 08:42 - 00000165 _____ () C:\Windows\Reimage.ini
2014-10-10 10:45 - 2014-10-10 10:46 - 191527745 _____ () C:\Users\Nigel\Downloads\Armageddon.mp4
2014-10-10 10:42 - 2014-10-10 10:46 - 00000000 ____D () C:\ProgramData\VideoDownloaderUltimateWinApp
2014-10-10 10:42 - 2014-10-10 10:42 - 00000934 _____ () C:\Users\Nigel\Desktop\Video Downloader Ultimate.lnk
2014-10-10 10:41 - 2014-10-10 10:41 - 01562232 _____ (Link64 GmbH) C:\Users\Nigel\Downloads\VideoDownloaderUltimate_winapp_installer.exe
2014-10-04 11:31 - 2014-10-04 11:31 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iCloud
2014-10-01 07:11 - 2014-09-24 22:08 - 00371712 _____ (Microsoft Corporation) C:\Windows\system32\qdvd.dll
2014-10-01 07:11 - 2014-09-24 21:40 - 00519680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\qdvd.dll
2014-09-29 11:51 - 2014-09-29 11:51 - 00000000 ____D () C:\Users\Nigel\AppData\Local\DDMSettings
2014-09-26 01:13 - 2014-09-26 01:35 - 00000000 ____D () C:\Users\Nigel\AppData\Local\pangu
2014-09-26 00:57 - 2014-09-26 00:58 - 35796928 _____ () C:\Users\Nigel\Downloads\Pangu_v1.2.1.exe
2014-09-24 12:44 - 2014-09-04 15:14 - 00038048 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvvad64v.sys
2014-09-24 12:44 - 2014-09-04 15:14 - 00032416 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvaudcap32v.dll
2014-09-24 07:28 - 2014-09-09 18:11 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\tzres.dll
2014-09-24 07:28 - 2014-09-09 17:47 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tzres.dll
2014-09-22 12:28 - 2014-09-22 12:28 - 00000823 _____ () C:\Users\Nigel\Desktop\µTorrent.lnk
2014-09-22 12:22 - 2014-10-18 11:46 - 00000000 ____D () C:\Users\Nigel\AppData\Roaming\uTorrent
2014-09-22 12:14 - 2014-10-19 00:14 - 00073728 _____ () C:\Windows\SysWOW64\tasks.dll
2014-09-22 06:05 - 2014-09-22 06:05 - 00003350 _____ () C:\Windows\System32\Tasks\Eakona Update
2014-09-22 05:33 - 2014-09-22 05:35 - 00000000 ____D () C:\ProgramData\7326f70cff8ae1e5
2014-09-22 05:32 - 2014-10-17 13:00 - 00000000 ____D () C:\Users\Administrator
2014-09-22 05:32 - 2014-09-22 05:32 - 00000000 ____D () C:\Users\Nigel\AppData\Local\Comodo
2014-09-22 05:32 - 2014-09-22 05:32 - 00000000 ____D () C:\Users\Nigel\AppData\Local\Chromatic Browser
2014-09-22 05:32 - 2014-09-22 05:32 - 00000000 ____D () C:\Users\Guest\AppData\Local\Torch
2014-09-22 05:32 - 2014-09-22 05:32 - 00000000 ____D () C:\Users\Guest\AppData\Local\Comodo
2014-09-22 05:32 - 2014-09-22 05:32 - 00000000 ____D () C:\Users\Guest\AppData\Local\Chromatic Browser
2014-09-22 05:32 - 2014-09-22 05:32 - 00000000 ____D () C:\Users\fbwuser\AppData\Local\Torch
2014-09-22 05:32 - 2014-09-22 05:32 - 00000000 ____D () C:\Users\fbwuser\AppData\Local\Google
2014-09-22 05:32 - 2014-09-22 05:32 - 00000000 ____D () C:\Users\fbwuser\AppData\Local\Comodo
2014-09-22 05:32 - 2014-09-22 05:32 - 00000000 ____D () C:\Users\fbwuser\AppData\Local\Chromatic Browser
2014-09-22 05:32 - 2014-09-22 05:32 - 00000000 ____D () C:\Users\Administrator\AppData\Local\Torch
2014-09-22 05:32 - 2014-09-22 05:32 - 00000000 ____D () C:\Users\Administrator\AppData\Local\Google
2014-09-22 05:32 - 2014-09-22 05:32 - 00000000 ____D () C:\Users\Administrator\AppData\Local\Comodo
2014-09-22 05:32 - 2014-09-22 05:32 - 00000000 ____D () C:\Users\Administrator\AppData\Local\Chromatic Browser
2014-09-22 05:17 - 2014-09-22 05:20 - 00450352 _____ (Microsoft Corporation) C:\Users\Nigel\Downloads\FixitCenter_Run.exe
2014-09-20 12:50 - 2014-10-19 00:04 - 00002960 _____ () C:\Windows\System32\Tasks\ReclaimerUpdateFiles_Nigel
2014-09-20 12:50 - 2014-10-19 00:04 - 00000370 _____ () C:\Windows\Tasks\ReclaimerUpdateFiles_Nigel.job
2014-09-20 12:50 - 2014-10-18 13:14 - 00002956 _____ () C:\Windows\System32\Tasks\ReclaimerUpdateXML_Nigel
2014-09-20 12:50 - 2014-10-18 13:14 - 00000366 _____ () C:\Windows\Tasks\ReclaimerUpdateXML_Nigel.job
2014-09-20 12:50 - 2014-10-04 09:09 - 00000376 _____ () C:\Windows\Tasks\RNUpgradeHelperLogonPrompt_Nigel.job
2014-09-20 12:50 - 2014-10-04 08:45 - 00002666 _____ () C:\Windows\System32\Tasks\RNUpgradeHelperLogonPrompt_Nigel
2014-09-20 12:50 - 2014-09-20 12:50 - 00003612 _____ () C:\Windows\System32\Tasks\RNUpgradeHelperResumePrompt_Nigel
2014-09-20 10:17 - 2014-09-20 10:17 - 00003172 _____ () C:\Windows\System32\Tasks\Csb_IdleScan_Task
 
==================== One Month Modified Files and Folders =======
 
(If an entry is included in the fixlist, the file\folder will be moved.)
 
2014-10-18 23:39 - 2013-09-29 15:40 - 00000908 _____ () C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-425073729-1472267466-4260431720-1000UA.job
2014-10-18 23:33 - 2013-02-27 22:11 - 00000830 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2014-10-18 23:31 - 2013-02-28 03:11 - 00000896 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2014-10-18 23:10 - 2013-10-14 23:38 - 00000000 ____D () C:\Users\Nigel\AppData\Local\204F97F3-3D38-41EE-A1A9-FA8BE5878D8B.aplzod
2014-10-18 23:10 - 2013-02-27 19:24 - 00000000 ____D () C:\Users\Nigel\AppData\Roaming\Apple Computer
2014-10-18 23:10 - 2013-02-20 22:07 - 00000000 ____D () C:\Users\Nigel
2014-10-18 22:59 - 2014-06-09 02:51 - 00129752 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2014-10-18 17:39 - 2013-09-29 15:40 - 00000856 _____ () C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-425073729-1472267466-4260431720-1000Core.job
2014-10-18 15:36 - 2014-09-13 00:16 - 00003300 _____ () C:\Windows\System32\Tasks\Chrome Launcher
2014-10-18 15:29 - 2013-02-21 01:01 - 02046805 _____ () C:\Windows\WindowsUpdate.log
2014-10-18 11:46 - 2014-05-21 11:46 - 00000258 _____ () C:\Windows\Tasks\CCleanerClean.job
2014-10-18 11:46 - 2013-03-01 02:36 - 00000000 ____D () C:\ProgramData\BlueStacksSetup
2014-10-18 03:33 - 2009-07-13 23:20 - 00000000 ____D () C:\Windows\AppCompat
2014-10-18 02:00 - 2013-09-28 13:55 - 00000000 ____D () C:\Users\Nigel\AppData\Local\Adobe
2014-10-17 16:59 - 2013-05-29 22:37 - 00000000 ____D () C:\Users\Nigel\AppData\Roaming\vlc
2014-10-17 15:18 - 2014-06-09 02:48 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
2014-10-17 15:18 - 2014-06-09 02:48 - 00000000 ____D () C:\Program Files (x86)\Malwarebytes Anti-Malware
2014-10-17 13:59 - 2009-07-14 00:45 - 00026768 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-10-17 13:59 - 2009-07-14 00:45 - 00026768 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-10-17 13:50 - 2009-07-13 23:20 - 00000000 ____D () C:\Windows\system32\inetsrv
2014-10-17 13:49 - 2014-05-17 10:54 - 00000000 ____D () C:\ProgramData\TorchCrashHandler
2014-10-17 13:47 - 2009-07-14 01:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-10-17 13:46 - 2013-03-19 17:06 - 00000000 ____D () C:\ProgramData\NVIDIA
2014-10-17 12:04 - 2013-04-22 19:16 - 00000000 ____D () C:\Windows\Minidump
2014-10-17 09:05 - 2014-09-16 14:05 - 00000829 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Total Uninstall 6.lnk
2014-10-17 09:05 - 2014-09-16 14:05 - 00000000 ____D () C:\Program Files\Total Uninstall 6
2014-10-16 16:56 - 2013-03-01 15:33 - 00847994 _____ () C:\Windows\system32\perfh019.dat
2014-10-16 16:56 - 2013-03-01 15:33 - 00204178 _____ () C:\Windows\system32\perfc019.dat
2014-10-16 16:56 - 2013-03-01 15:09 - 00787002 _____ () C:\Windows\system32\perfh005.dat
2014-10-16 16:56 - 2013-03-01 15:09 - 00195964 _____ () C:\Windows\system32\perfc005.dat
2014-10-16 16:56 - 2009-07-14 01:13 - 02972908 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-10-16 15:18 - 2013-07-13 02:52 - 00000000 ____D () C:\Users\Nigel\AppData\Local\CrashDumps
2014-10-16 00:43 - 2014-05-22 12:07 - 00000000 ____D () C:\Users\Nigel\Desktop\Miscel
2014-10-14 21:24 - 2014-04-23 06:02 - 00000000 ___SD () C:\Windows\system32\CompatTel
2014-10-14 21:24 - 2009-07-13 23:20 - 00000000 ____D () C:\Windows\SysWOW64\lv-LV
2014-10-14 21:24 - 2009-07-13 23:20 - 00000000 ____D () C:\Windows\SysWOW64\Dism
2014-10-14 21:24 - 2009-07-13 23:20 - 00000000 ____D () C:\Windows\system32\lv-LV
2014-10-14 21:24 - 2009-07-13 23:20 - 00000000 ____D () C:\Windows\system32\Dism
2014-10-14 19:14 - 2013-12-13 17:25 - 00000000 ____D () C:\Users\DefaultAppPool
2014-10-14 19:14 - 2013-12-11 04:29 - 00000000 ____D () C:\Users\Classic .NET AppPool
2014-10-14 18:23 - 2013-03-01 23:36 - 00000000 ____D () C:\ProgramData\Microsoft Help
2014-10-14 18:05 - 2013-07-13 02:28 - 00000000 ____D () C:\Windows\system32\MRT
2014-10-14 17:22 - 2013-02-27 17:35 - 103265616 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2014-10-14 15:35 - 2013-03-01 18:15 - 00000000 ____D () C:\Users\Guest
2014-10-14 15:20 - 2014-08-20 02:49 - 00000000 ____D () C:\Users\Nigel\AppData\Local\WinZip
2014-10-14 15:20 - 2014-07-21 23:19 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome
2014-10-14 15:20 - 2009-07-13 23:20 - 00000000 ____D () C:\Windows\system32\Msdtc
2014-10-14 15:20 - 2009-07-13 23:20 - 00000000 ____D () C:\Windows\registration
2014-10-08 14:40 - 2009-07-13 23:20 - 00000000 ____D () C:\Windows\system32\NDF
2014-10-06 20:20 - 2009-07-13 23:20 - 00000000 ____D () C:\Windows\L2Schemas
2014-10-05 00:14 - 2014-06-09 01:35 - 00000000 ____D () C:\Program Files (x86)\GetPrivate
2014-10-04 08:09 - 2013-09-07 04:38 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Revo Uninstaller Pro
2014-10-02 12:45 - 2013-09-20 20:09 - 00000000 ___HD () C:\Windows\msdownld.tmp
2014-10-02 12:45 - 2011-04-12 04:28 - 00000000 ____D () C:\Windows\ShellNew
2014-10-02 12:05 - 2014-05-21 22:28 - 00002485 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Acrobat XI Pro.lnk
2014-10-02 12:05 - 2014-05-21 22:28 - 00002200 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe FormsCentral.lnk
2014-10-02 12:05 - 2014-05-21 22:28 - 00002021 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Acrobat Distiller XI.lnk
2014-10-02 02:19 - 2013-04-20 01:19 - 00000000 ____D () C:\Users\Nigel\AppData\Roaming\dvdcss
2014-10-01 11:11 - 2014-06-09 02:48 - 00093400 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys
2014-10-01 11:11 - 2014-06-09 02:48 - 00063704 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys
2014-10-01 11:11 - 2013-12-11 13:28 - 00025816 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys
2014-09-24 12:45 - 2013-03-19 17:04 - 00000000 ____D () C:\Program Files\NVIDIA Corporation
2014-09-24 04:33 - 2013-02-27 22:11 - 00701104 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2014-09-24 04:33 - 2013-02-27 22:11 - 00071344 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2014-09-24 04:33 - 2013-02-27 22:11 - 00003768 _____ () C:\Windows\System32\Tasks\Adobe Flash Player Updater
2014-09-22 05:32 - 2014-07-12 21:30 - 00000990 __RSH () C:\ProgramData\ntuser.pol
2014-09-22 05:32 - 2013-03-01 18:17 - 00000000 ____D () C:\Users\Guest\AppData\Local\Google
2014-09-22 05:32 - 2013-02-28 03:11 - 00000000 ____D () C:\Users\Nigel\AppData\Local\Google
2014-09-22 05:32 - 2013-02-28 03:11 - 00000000 ____D () C:\Program Files (x86)\Google
2014-09-22 02:42 - 2010-11-20 23:27 - 00278152 ____N (Microsoft Corporation) C:\Windows\system32\MpSigStub.exe
2014-09-22 00:14 - 2014-05-22 04:24 - 00003476 _____ () C:\Windows\System32\Tasks\GPUpdateCheck
 
Some content of TEMP:
====================
C:\Users\Nigel\AppData\Local\Temp\GPUpd54433B021.exe
C:\Users\Nigel\AppData\Local\Temp\upwhpipm.mwl.exe
C:\Users\Nigel\AppData\Local\Temp\vlc-2.1.5-win32.exe
 
 
==================== Bamital & volsnap Check =================
 
(There is no automatic fix for files that do not pass verification.)
 
C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed
 
 
LastRegBack: 2014-10-16 21:17
 
==================== End Of Log ============================
 
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 18-10-2014 01
Ran by Nigel at 2014-10-19 00:22:23
Running from C:\Users\Nigel\Downloads
Boot Mode: Normal
==========================================================
 
 
==================== Security Center ========================
 
(If an entry is included in the fixlist, it will be removed.)
 
AV: Microsoft Security Essentials (Enabled - Up to date) {4F35CFC4-45A3-FC37-EF17-759A02E39AB1}
AS: Microsoft Security Essentials (Enabled - Up to date) {F4542E20-6399-F3B9-D5A7-4EE87964D00C}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: IObit Malware Fighter (Disabled - Up to date) {A751AC20-3B48-5237-898A-78C4436BB78D}
 
==================== Installed Programs ======================
 
(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
 
µTorrent (HKCU\...\uTorrent) (Version: 3.4.2.34309 - BitTorrent Inc.)
Adobe Acrobat XI Pro (HKLM-x32\...\{AC76BA86-1033-FFFF-7760-000000000006}) (Version: 11.0.09 - Adobe Systems)
Adobe AIR (x32 Version: 3.4.0.2710 - Adobe Systems Incorporated) Hidden
Adobe Bridge CC (64 Bit) (HKLM-x32\...\{359F8007-6486-429C-A8C5-D67F6897C88C}) (Version: 6.0 - Adobe Systems Incorporated)
Adobe Community Help (x32 Version: 3.4.980 - Adobe Systems Incorporated.) Hidden
Adobe Creative Cloud (HKLM-x32\...\Adobe Creative Cloud) (Version: 2.5.1.369 - Adobe Systems Incorporated)
Adobe Exchange Panel (HKLM-x32\...\{41A12FFC-89E9-4743-A51E-00975CA31F40}) (Version: 1 - Adobe Systems Incorporated)
Adobe Flash Player 15 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 15.0.0.167 - Adobe Systems Incorporated)
Adobe Flash Player 15 Plugin (HKLM-x32\...\Adobe Flash Player Plugin) (Version: 15.0.0.152 - Adobe Systems Incorporated)
Adobe Photoshop CS5.1 (HKLM-x32\...\{9158FF30-78D7-40EF-B83E-451AC5334640}) (Version: 12.1 - Adobe Systems Incorporated)
Adobe Touch App Plugins (HKLM-x32\...\{1EC083EE-5B76-4A2A-B95A-CAF460AA29D6}) (Version: 1.0 - Adobe Systems Incorporated)
AMD APP SDK Runtime (Version: 10.0.938.2 - Advanced Micro Devices Inc.) Hidden
AMD Catalyst Control Center (x32 Version: 2013.0830.1944.33589 - Advanced Micro Devices, Inc.) Hidden
AMD Catalyst Install Manager (HKLM\...\{13351E83-6DCD-4E97-2A8C-5D496259A47F}) (Version: 8.0.915.0 - Advanced Micro Devices, Inc.)
AMD Drag and Drop Transcoding (Version: 2.00.0000 - Advanced Micro Devices, Inc.) Hidden
AMD Fuel (Version: 2013.0830.1944.33589 - Advanced Micro Devices, Inc.) Hidden
AMD Media Foundation Decoders (Version: 1.0.71116.1554 - Advanced Micro Devices, Inc.) Hidden
Apple Application Support (HKLM-x32\...\{78002155-F025-4070-85B3-7C0453561701}) (Version: 3.0.6 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{B678797F-DF38-4556-8A31-8B818E261868}) (Version: 8.0.0.23 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)
Bing Bar (HKLM-x32\...\{D322A9E3-758B-4D60-A7C4-65C88FD378D0}) (Version: 7.2.241.0 - Microsoft Corporation)
Bing Desktop (HKLM-x32\...\{7D095455-D971-4D4C-9EFD-9AF6A6584F3A}) (Version: 1.1.166.0 - Microsoft Corporation)
BlueStacks App Player (HKLM-x32\...\BlueStacks App Player) (Version: 0.7.8.829 - BlueStack Systems, Inc.)
Bonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 - Apple Inc.)
Canon Easy-WebPrint EX (HKLM-x32\...\Easy-WebPrint EX) (Version: 1.3.5.0 - Canon Inc.)
Canon MG2100 series MP Drivers (HKLM\...\{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_MG2100_series) (Version:  - Canon Inc.)
Canon MG2100 series On-screen Manual (HKLM-x32\...\Canon MG2100 series On-screen Manual) (Version:  - )
Canon MG2100 series User Registration (HKLM-x32\...\Canon MG2100 series User Registration) (Version:  - )
Canon MP Navigator EX 5.0 (HKLM-x32\...\MP Navigator EX 5.0) (Version:  - )
Canon My Image Garden (HKLM-x32\...\Canon My Image Garden) (Version: 2.0.1 - Canon Inc.)
Canon My Image Garden Design Files (HKLM-x32\...\Canon My Image Garden Design Files) (Version: 2.0.0 - Canon Inc.)
Canon My Printer (HKLM-x32\...\CanonMyPrinter) (Version: 3.1.0 - Canon Inc.)
Canon Solution Menu EX (HKLM-x32\...\CanonSolutionMenuEX) (Version:  - )
Catalyst Control Center - Branding (x32 Version: 1.00.0000 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center - Branding (x32 Version: 1.00.0000 - ATI) Hidden
Catalyst Control Center Core Implementation (x32 Version: 2009.0702.1239.20840 - ATI) Hidden
Catalyst Control Center Graphics Full Existing (x32 Version: 2009.0702.1239.20840 - ATI) Hidden
Catalyst Control Center Graphics Full New (x32 Version: 2009.0702.1239.20840 - ATI) Hidden
Catalyst Control Center Graphics Light (x32 Version: 2009.0702.1239.20840 - ATI) Hidden
Catalyst Control Center Graphics Previews Common (x32 Version: 2013.0830.1944.33589 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Graphics Previews Vista (x32 Version: 2009.0702.1239.20840 - ATI) Hidden
Catalyst Control Center InstallProxy (x32 Version: 2012.0704.2139.36919 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center InstallProxy (x32 Version: 2013.0830.1944.33589 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Localization All (x32 Version: 2009.0702.1239.20840 - ATI) Hidden
Catalyst Control Center Localization All (x32 Version: 2013.0830.1944.33589 - Advanced Micro Devices, Inc.) Hidden
CCC Help Chinese Standard (x32 Version: 2009.0702.1238.20840 - ATI) Hidden
CCC Help Chinese Standard (x32 Version: 2013.0830.1943.33589 - Advanced Micro Devices, Inc.) Hidden
CCC Help Chinese Traditional (x32 Version: 2009.0702.1238.20840 - ATI) Hidden
CCC Help Chinese Traditional (x32 Version: 2013.0830.1943.33589 - Advanced Micro Devices, Inc.) Hidden
CCC Help Czech (x32 Version: 2009.0702.1238.20840 - ATI) Hidden
CCC Help Czech (x32 Version: 2013.0830.1943.33589 - Advanced Micro Devices, Inc.) Hidden
CCC Help Danish (x32 Version: 2009.0702.1238.20840 - ATI) Hidden
CCC Help Danish (x32 Version: 2013.0830.1943.33589 - Advanced Micro Devices, Inc.) Hidden
CCC Help Dutch (x32 Version: 2009.0702.1238.20840 - ATI) Hidden
CCC Help Dutch (x32 Version: 2013.0830.1943.33589 - Advanced Micro Devices, Inc.) Hidden
CCC Help English (x32 Version: 2009.0702.1238.20840 - ATI) Hidden
CCC Help English (x32 Version: 2013.0830.1943.33589 - Advanced Micro Devices, Inc.) Hidden
CCC Help Finnish (x32 Version: 2009.0702.1238.20840 - ATI) Hidden
CCC Help Finnish (x32 Version: 2013.0830.1943.33589 - Advanced Micro Devices, Inc.) Hidden
CCC Help French (x32 Version: 2009.0702.1238.20840 - ATI) Hidden
CCC Help French (x32 Version: 2013.0830.1943.33589 - Advanced Micro Devices, Inc.) Hidden
CCC Help German (x32 Version: 2009.0702.1238.20840 - ATI) Hidden
CCC Help German (x32 Version: 2013.0830.1943.33589 - Advanced Micro Devices, Inc.) Hidden
CCC Help Greek (x32 Version: 2009.0702.1238.20840 - ATI) Hidden
CCC Help Greek (x32 Version: 2013.0830.1943.33589 - Advanced Micro Devices, Inc.) Hidden
CCC Help Hungarian (x32 Version: 2009.0702.1238.20840 - ATI) Hidden
CCC Help Hungarian (x32 Version: 2013.0830.1943.33589 - Advanced Micro Devices, Inc.) Hidden
CCC Help Italian (x32 Version: 2009.0702.1238.20840 - ATI) Hidden
CCC Help Italian (x32 Version: 2013.0830.1943.33589 - Advanced Micro Devices, Inc.) Hidden
CCC Help Japanese (x32 Version: 2009.0702.1238.20840 - ATI) Hidden
CCC Help Japanese (x32 Version: 2013.0830.1943.33589 - Advanced Micro Devices, Inc.) Hidden
CCC Help Korean (x32 Version: 2009.0702.1238.20840 - ATI) Hidden
CCC Help Korean (x32 Version: 2013.0830.1943.33589 - Advanced Micro Devices, Inc.) Hidden
CCC Help Norwegian (x32 Version: 2009.0702.1238.20840 - ATI) Hidden
CCC Help Norwegian (x32 Version: 2013.0830.1943.33589 - Advanced Micro Devices, Inc.) Hidden
CCC Help Polish (x32 Version: 2009.0702.1238.20840 - ATI) Hidden
CCC Help Polish (x32 Version: 2013.0830.1943.33589 - Advanced Micro Devices, Inc.) Hidden
CCC Help Portuguese (x32 Version: 2009.0702.1238.20840 - ATI) Hidden
CCC Help Portuguese (x32 Version: 2013.0830.1943.33589 - Advanced Micro Devices, Inc.) Hidden
CCC Help Russian (x32 Version: 2009.0702.1238.20840 - ATI) Hidden
CCC Help Russian (x32 Version: 2013.0830.1943.33589 - Advanced Micro Devices, Inc.) Hidden
CCC Help Spanish (x32 Version: 2009.0702.1238.20840 - ATI) Hidden
CCC Help Spanish (x32 Version: 2013.0830.1943.33589 - Advanced Micro Devices, Inc.) Hidden
CCC Help Swedish (x32 Version: 2009.0702.1238.20840 - ATI) Hidden
CCC Help Swedish (x32 Version: 2013.0830.1943.33589 - Advanced Micro Devices, Inc.) Hidden
CCC Help Thai (x32 Version: 2009.0702.1238.20840 - ATI) Hidden
CCC Help Thai (x32 Version: 2013.0830.1943.33589 - Advanced Micro Devices, Inc.) Hidden
CCC Help Turkish (x32 Version: 2009.0702.1238.20840 - ATI) Hidden
CCC Help Turkish (x32 Version: 2013.0830.1943.33589 - Advanced Micro Devices, Inc.) Hidden
ccc-core-static (x32 Version: 2009.0702.1239.20840 - ATI) Hidden
ccc-utility64 (Version: 2009.0702.1239.20840 - ATI) Hidden
ccc-utility64 (Version: 2013.0830.1944.33589 - Advanced Micro Devices, Inc.) Hidden
CCleaner (HKLM\...\CCleaner) (Version: 4.18 - Piriform)
Cisco EAP-FAST Module (HKLM-x32\...\{64BF0187-F3D2-498B-99EA-163AF9AE6EC9}) (Version: 2.2.14 - Cisco Systems, Inc.)
Cisco LEAP Module (HKLM-x32\...\{51C7AD07-C3F6-4635-8E8A-231306D810FE}) (Version: 1.0.19 - Cisco Systems, Inc.)
Cisco PEAP Module (HKLM-x32\...\{ED5776D5-59B4-46B7-AF81-5F2D94D7C640}) (Version: 1.1.6 - Cisco Systems, Inc.)
Cloud System Booster (HKLM-x32\...\Cloud System Booster) (Version: 3.5 - Anvisoft)
DC-Bass Source 1.3.0 (HKLM-x32\...\DC-Bass Source) (Version:  - )
Definition Update for Microsoft Office 2010 (KB982726) 64-Bit Edition (HKLM\...\{90140000-0011-0000-1000-0000000FF1CE}_Office14.PROPLUS_{42CBCE27-DE9B-4094-B9EB-D4C4C135FFA8}) (Version:  - Microsoft)
DirectVobSub 2.40.4209 (HKLM-x32\...\vsfilter_is1) (Version: 2.40.4209 - MPC-HC Team)
DivX Setup (HKLM-x32\...\DivX Setup) (Version: 2.6.3.52 - DivX, LLC)
DMG Extractor (HKCU\...\DMG Extractor) (Version: 1.2.3.0 - Reincubate Ltd)
Driver Booster (HKLM-x32\...\Driver Booster_is1) (Version: 1.5 - IObit)
ffdshow v1.1.4399 [2012-03-22] (HKLM-x32\...\ffdshow_is1) (Version: 1.1.4399.0 - )
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 37.0.2062.103 - Google Inc.)
Google Talk (remove only) (HKCU\...\{226b64e8-dc75-4eea-a6c8-abcb496320f2}-Google Talk) (Version:  - )
Google Talk Plugin (HKLM-x32\...\{217CEB43-6D22-3E1F-A311-DC0D7BFEE0A2}) (Version: 5.4.1.18709 - Google)
Google Toolbar for Internet Explorer (HKLM-x32\...\{2318C2B1-4965-11d4-9B18-009027A5CD4F}) (Version: 7.5.5111.1712 - Google Inc.)
Google Toolbar for Internet Explorer (x32 Version: 1.0.0 - Google Inc.) Hidden
Google Update Helper (x32 Version: 1.3.24.15 - Google Inc.) Hidden
iCloud (HKLM\...\{6096C0CC-7E19-4355-87F0-627EC5AA146D}) (Version: 4.0.3.56 - Apple Inc.)
ImTOO iPhone Photo Transfer (HKLM-x32\...\ImTOO iPhone Photo Transfer) (Version: 1.1.4.20131114 - ImTOO)
ImTOO iPhone SMS Backup (HKLM-x32\...\ImTOO iPhone SMS Backup) (Version: 1.0.13.20140211 - ImTOO)
IObit Apps Toolbar v8.3 (HKLM-x32\...\{B14D51F5-F44F-4D77-86D0-777D6CB6C235}) (Version: 8.3 - Spigot, Inc.) <==== ATTENTION
IObit Malware Fighter (HKLM-x32\...\IObit Malware Fighter_is1) (Version: 2.4 - IObit)
iPhone Backup Extractor (HKCU\...\iPhone Backup Extractor) (Version: 4.6.6.0 - Reincubate Ltd)
iPhoneBrowser (HKLM-x32\...\{C1FCDCA1-2759-4E5E-84EE-3A665BB2F513}) (Version: 1.9.3 - Cranium Consulting and Custom Software)
iTunes (HKLM\...\{F46AA0F1-E284-4878-A462-5F11B9166C0E}) (Version: 11.4.0.18 - Apple Inc.)
Java 7 Update 67 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F03217067FF}) (Version: 7.0.670 - Oracle)
Java Auto Updater (x32 Version: 2.1.9.0 - Sun Microsystems, Inc.) Hidden
JMicron 1394 Filter Driver (HKLM-x32\...\{13C96625-28E4-4c58-ADE0-CDAFC64752EB}) (Version: 1.00.25.03 - JMicron Technology Corp.)
Lagarith Lossless Codec (1.3.27) (HKLM-x32\...\{F59AC46C-10C3-4023-882C-4212A92283B3}_is1) (Version:  - )
LAME v3.99.3 (for Windows) (HKLM-x32\...\LAME_is1) (Version:  - )
Malwarebytes Anti-Malware version 2.0.3.1025 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.0.3.1025 - Malwarebytes Corporation)
Marvell Miniport Driver (HKLM-x32\...\Marvell Miniport Driver) (Version: 12.10.14.3 - Marvell)
Microsoft .NET Framework 4.5.1 (CSY) (Version: 4.5.50938 - Microsoft Corporation) Hidden
Microsoft .NET Framework 4.5.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 (RUS) (Version: 4.5.50938 - Корпорация Майкрософт) Hidden
Microsoft .NET Framework 4.5.1 (Version: 4.5.50938 - Microsoft Corporation) Hidden
Microsoft ASP.NET MVC 4 Runtime (HKLM-x32\...\{3FE312D5-B862-40CE-8E4E-A6D8ABF62736}) (Version: 4.0.40804.0 - Microsoft Corporation)
Microsoft Mouse and Keyboard Center (HKLM\...\Microsoft Mouse and Keyboard Center) (Version: 2.1.177.0 - Microsoft Corporation)
Microsoft Mouse and Keyboard Center (Version: 2.1.177.0 - Microsoft Corporation) Hidden
Microsoft Office Access MUI (English) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Access Setup Metadata MUI (English) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Excel MUI (English) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Groove MUI (English) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office InfoPath MUI (English) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Language Pack 2010 - English (HKLM\...\Office14.OMUI.en-us) (Version: 14.0.7015.1000 - Microsoft Corporation)
Microsoft Office O MUI (English) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Office 32-bit Components 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office OneNote MUI (English) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Outlook MUI (English) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office PowerPoint MUI (English) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Professional Plus 2010 (HKLM\...\Office14.PROPLUS) (Version: 14.0.7015.1000 - Microsoft Corporation)
Microsoft Office Professional Plus 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (English) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (French) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (Spanish) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Proofing (English) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Publisher MUI (English) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared 32-bit MUI (English) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared MUI (English) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared Setup Metadata MUI (English) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office SharePoint Designer MUI (English) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Word MUI (English) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office X MUI (English) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Security Client (Version: 4.6.0305.0 - Microsoft Corporation) Hidden
Microsoft Security Essentials (HKLM\...\Microsoft Security Client) (Version: 4.6.305.0 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.30514.0 - Microsoft Corporation)
Microsoft Silverlight 5 Toolkit December 2011 (HKLM-x32\...\{EC35EE8E-87D1-4E3E-B5CC-D8B1544615F5}) (Version: 5.0.51209.1124 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{071c9b48-7c32-4621-a0ac-3f809523288f}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.30319 (HKLM\...\{DA5E371C-6333-3D8A-93A4-6FD5B20BCC6E}) (Version: 10.0.30319 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.50727 (HKLM-x32\...\{15134cb0-b767-4960-a911-f2d16ae54797}) (Version: 11.0.50727.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 x64 Additional Runtime - 11.0.50727 (Version: 11.0.50727 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x64 Minimum Runtime - 11.0.50727 (Version: 11.0.50727 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x86 Additional Runtime - 11.0.61030 (x32 Version: 11.0.61030 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x86 Minimum Runtime - 11.0.61030 (x32 Version: 11.0.61030 - Microsoft Corporation) Hidden
Microsoft Windows Debugging Symbols (HKLM-x32\...\{8DD62FB6-083D-40B9-9D7D-48449FDDDED5}) (Version: 7601 - Microsoft)
Microsoft Windows Debugging Symbols (HKLM-x32\...\{C6DB958A-50CC-481B-9ED8-3BAD236F7B49}) (Version: 7601 - Microsoft)
Microsoft WSE 3.0 Runtime (HKLM-x32\...\{E3E71D07-CD27-46CB-8448-16D4FB29AA13}) (Version: 3.0.5305.0 - Microsoft Corp.)
Microsoft_VC80_ATL_x86 (x32 Version: 8.0.50727.4053 - Adobe) Hidden
Microsoft_VC80_ATL_x86_x64 (Version: 8.0.50727.4053 - Adobe) Hidden
Microsoft_VC80_CRT_x86 (x32 Version: 8.0.50727.4053 - Adobe) Hidden
Microsoft_VC80_CRT_x86_x64 (Version: 8.0.50727.4053 - Adobe) Hidden
Microsoft_VC80_MFC_x86 (x32 Version: 8.0.50727.4053 - Adobe) Hidden
Microsoft_VC80_MFC_x86_x64 (Version: 8.0.50727.4053 - Adobe) Hidden
Microsoft_VC80_MFCLOC_x86 (x32 Version: 8.0.50727.4053 - Adobe) Hidden
Microsoft_VC80_MFCLOC_x86_x64 (Version: 80.50727.4053 - Adobe) Hidden
Microsoft_VC90_ATL_x86 (x32 Version: 1.00.0000 - Adobe) Hidden
Microsoft_VC90_ATL_x86_x64 (Version: 1.00.0000 - Adobe) Hidden
Microsoft_VC90_CRT_x86 (x32 Version: 1.00.0000 - Adobe) Hidden
Microsoft_VC90_CRT_x86_x64 (Version: 1.00.0000 - Adobe) Hidden
Microsoft_VC90_MFC_x86 (x32 Version: 1.00.0000 - Adobe) Hidden
Microsoft_VC90_MFC_x86_x64 (Version: 1.00.0000 - Adobe) Hidden
Microsoft_VC90_MFCLOC_x86 (x32 Version: 1.00.0000 - Adobe) Hidden
Microsoft_VC90_MFCLOC_x86_x64 (Version: 1.00.0000 - Adobe) Hidden
Mozilla Firefox 18.0.2 (x86 en-US) (HKLM-x32\...\Mozilla Firefox 18.0.2 (x86 en-US)) (Version: 18.0.2 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 18.0.2 - Mozilla)
MSXML 4.0 SP2 (KB954430) (HKLM-x32\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM-x32\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
Notification Center (HKLM-x32\...\{FDAD2767-11CA-4D38-9CC4-48770CE3CC7B}) (Version: 0.7.8.829 - BlueStack Systems, Inc.)
NVIDIA 3D Vision Controller Driver 340.50 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB) (Version: 340.50 - NVIDIA Corporation)
NVIDIA 3D Vision Driver 340.52 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 340.52 - NVIDIA Corporation)
NVIDIA Control Panel 340.52 (Version: 340.52 - NVIDIA Corporation) Hidden
NVIDIA GeForce Experience 2.1.2 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 2.1.2 - NVIDIA Corporation)
NVIDIA GeForce Experience Service (Version: 16.13.42 - NVIDIA Corporation) Hidden
NVIDIA Graphics Driver 340.52 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 340.52 - NVIDIA Corporation)
NVIDIA HD Audio Driver 1.3.30.1 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.30.1 - NVIDIA Corporation)
NVIDIA Install Application (Version: 2.1002.162.1274 - NVIDIA Corporation) Hidden
NVIDIA LED Visualizer 1.0 (Version: 1.0 - NVIDIA Corporation) Hidden
NVIDIA Network Service (Version: 2.0 - NVIDIA Corporation) Hidden
NVIDIA PhysX (x32 Version: 9.13.1220 - NVIDIA Corporation) Hidden
NVIDIA PhysX System Software 9.13.1220 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.13.1220 - NVIDIA Corporation)
NVIDIA ShadowPlay 16.13.42 (Version: 16.13.42 - NVIDIA Corporation) Hidden
NVIDIA Stereoscopic 3D Driver (x32 Version: 7.17.12.6514 - NVIDIA Corporation) Hidden
NVIDIA Update 16.13.42 (Version: 16.13.42 - NVIDIA Corporation) Hidden
NVIDIA Update Core (Version: 16.13.42 - NVIDIA Corporation) Hidden
NVIDIA Virtual Audio 1.2.25 (Version: 1.2.25 - NVIDIA Corporation) Hidden
OpenSource Flash Video Splitter 1.0.0.5 (HKLM-x32\...\OpenSource Flash Video Splitter) (Version: 1.0.0.5 - )
PDF Settings CS5 (x32 Version: 10.0 - Adobe Systems Incorporated) Hidden
PE988 (HKLM\...\{6F8ECA7B-420F-4D63-B866-B83737EB3E76}) (Version: 6.0.77 - YUAN)
Picasa 3 (HKLM-x32\...\Picasa 3) (Version: 3.9 - Google, Inc.)
QuickShare (HKLM-x32\...\{62BC7EFB-47F5-4619-9B74-7DDA72D5AF7E}) (Version: 1.6.1.949 - Linkury Inc.) <==== ATTENTION
QuickTime 7 (HKLM-x32\...\{111EE7DF-FC45-40C7-98A7-753AC46B12FB}) (Version: 7.75.80.95 - Apple Inc.)
RealDownloader (x32 Version: 1.3.0 - RealNetworks, Inc.) Hidden
RealNetworks - Microsoft Visual C++ 2008 Runtime (x32 Version: 9.0 - RealNetworks, Inc) Hidden
RealNetworks - Microsoft Visual C++ 2010 Runtime (x32 Version: 10.0 - RealNetworks, Inc) Hidden
RealPlayer Cloud (HKLM-x32\...\RealPlayer 17.0) (Version: 17.0.2 - RealNetworks)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7246 - Realtek Semiconductor Corp.)
RealUpgrade 1.1 (x32 Version: 1.1.0 - RealNetworks, Inc.) Hidden
Recuva (HKLM\...\Recuva) (Version: 1.51 - Piriform)
Reimage Express (HKLM\...\Reimage Express) (Version: 1.0.3.2 - Reimage)
Revo Uninstaller Pro 3.1.1 (HKLM\...\{67579783-0FB7-4F7B-B881-E5BE47C9DBE0}_is1) (Version: 3.1.1 - VS Revo Group, Ltd.)
RocketDock 1.3.5 (HKLM-x32\...\RocketDock_is1) (Version:  - Punk Software)
Service Pack 2 for Microsoft Office 2010 (KB2687455) 64-Bit Edition (HKLM\...\{90140000-0011-0000-1000-0000000FF1CE}_Office14.PROPLUS_{A3364707-2F53-4C83-8F68-C9877A9080C7}) (Version:  - Microsoft)
Service Pack 2 for Microsoft Office 2010 (KB2687455) 64-Bit Edition (Version:  - Microsoft) Hidden
Service Pack 2 for Microsoft Office 2010 Language Pack (KB2687449) 64-Bit Edition (HKLM\...\{90140000-0100-0409-1000-0000000FF1CE}_Office14.OMUI.en-us_{E8C86A07-99F1-4750-A6CF-C4ED5211A146}) (Version:  - Microsoft)
Service Pack 2 for Microsoft Office 2010 Language Pack (KB2687449) 64-Bit Edition (Version:  - Microsoft) Hidden
SHIELD Streaming (Version: 3.1.200 - NVIDIA Corporation) Hidden
SHIELD Wireless Controller Driver (Version: 16.13.42 - NVIDIA Corporation) Hidden
Torch (HKCU\...\Torch) (Version: 33.0.0.7723 - Torch Media, Inc) <==== ATTENTION
Total Uninstall 6.5.0 (HKLM\...\Total Uninstall 6_is1) (Version: 6.5.0 - Gavrila Martau)
Update for Microsoft Access 2010 (KB2553446) 64-Bit Edition (HKLM\...\{90140000-0011-0000-1000-0000000FF1CE}_Office14.PROPLUS_{FEF4C57D-0975-4D3C-ACC7-DCD038C3788F}) (Version:  - Microsoft)
Update for Microsoft Excel 2010 (KB2889836) 64-Bit Edition (HKLM\...\{90140000-0011-0000-1000-0000000FF1CE}_Office14.PROPLUS_{AC36E3B7-5095-43B9-9A74-928420F88714}) (Version:  - Microsoft)
Update for Microsoft Filter Pack 2.0 (KB2878281) 64-Bit Edition (HKLM\...\{90140000-0011-0000-1000-0000000FF1CE}_Office14.PROPLUS_{84B191B5-5319-463A-A305-8C4D53B1D20A}) (Version:  - Microsoft)
Update for Microsoft InfoPath 2010 (KB2817369) 64-Bit Edition (HKLM\...\{90140000-0011-0000-1000-0000000FF1CE}_Office14.PROPLUS_{DB0B0CDF-77EC-47B0-94E2-4738573A1E58}) (Version:  - Microsoft)
Update for Microsoft InfoPath 2010 (KB2817396) 64-Bit Edition (HKLM\...\{90140000-0011-0000-1000-0000000FF1CE}_Office14.PROPLUS_{1AA82E2E-7DB7-4C70-910C-BBB657A6B3A5}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2553092) (HKLM\...\{90140000-0011-0000-1000-0000000FF1CE}_Office14.PROPLUS_{E636FE63-842B-4F4B-9884-DA189ACC0B91}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2553092) (HKLM\...\{90140000-0044-0409-1000-0000000FF1CE}_Office14.OMUI.en-us_{E636FE63-842B-4F4B-9884-DA189ACC0B91}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2553092) (HKLM\...\{90140000-0044-0409-1000-0000000FF1CE}_Office14.PROPLUS_{E636FE63-842B-4F4B-9884-DA189ACC0B91}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2589298) 64-Bit Edition (HKLM\...\{90140000-0011-0000-1000-0000000FF1CE}_Office14.PROPLUS_{79C725A1-3964-421C-A528-78C1C083C7C7}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2589352) 64-Bit Edition (HKLM\...\{90140000-0011-0000-1000-0000000FF1CE}_Office14.PROPLUS_{95BE5D45-A3DD-4CB1-8C35-D75DD7B4D862}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2589352) 64-Bit Edition (HKLM\...\{90140000-0043-0000-1000-0000000FF1CE}_Office14.PROPLUS_{95BE5D45-A3DD-4CB1-8C35-D75DD7B4D862}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2589375) 64-Bit Edition (HKLM\...\{90140000-0011-0000-1000-0000000FF1CE}_Office14.PROPLUS_{EBD18DE5-BC84-4B57-9A30-097044871F9A}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2597087) 64-Bit Edition (HKLM\...\{90140000-0011-0000-1000-0000000FF1CE}_Office14.PROPLUS_{4AD36582-256B-433D-8593-F31773A15CA4}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2597087) 64-Bit Edition (HKLM\...\{90140000-0043-0000-1000-0000000FF1CE}_Office14.PROPLUS_{4AD36582-256B-433D-8593-F31773A15CA4}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2687502) 64-Bit Edition (HKLM\...\{90140000-001F-0409-1000-0000000FF1CE}_Office14.OMUI.en-us_{B114A387-8A14-4C43-AE51-82F17EB81D49}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2687502) 64-Bit Edition (HKLM\...\{90140000-001F-0409-1000-0000000FF1CE}_Office14.PROPLUS_{B114A387-8A14-4C43-AE51-82F17EB81D49}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2760598) 64-Bit Edition (HKLM\...\{90140000-0011-0000-1000-0000000FF1CE}_Office14.PROPLUS_{F216169C-2B40-429B-8370-B5BA06EC5423}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2760598) 64-Bit Edition (HKLM\...\{90140000-0043-0000-1000-0000000FF1CE}_Office14.PROPLUS_{F216169C-2B40-429B-8370-B5BA06EC5423}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2760631) 64-Bit Edition (HKLM\...\{90140000-0011-0000-1000-0000000FF1CE}_Office14.PROPLUS_{B6AD7E27-012A-4B63-82BA-AF62893E5435}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2794737) 64-Bit Edition (HKLM\...\{90140000-0011-0000-1000-0000000FF1CE}_Office14.PROPLUS_{07DC9C6C-E916-4F42-8677-716930ED0393}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2794737) 64-Bit Edition (HKLM\...\{90140000-0100-0409-1000-0000000FF1CE}_Office14.OMUI.en-us_{07DC9C6C-E916-4F42-8677-716930ED0393}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2825635) 64-Bit Edition (HKLM\...\{90140000-0011-0000-1000-0000000FF1CE}_Office14.PROPLUS_{6E760BBA-B83F-4C2D-918F-5F91EF6C9861}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2825640) 64-Bit Edition (HKLM\...\{90140000-0011-0000-1000-0000000FF1CE}_Office14.PROPLUS_{43F59F4D-7179-497E-BE99-BC6F7D1DDCBA}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2825640) 64-Bit Edition (HKLM\...\{90140000-0044-0409-1000-0000000FF1CE}_Office14.OMUI.en-us_{43F59F4D-7179-497E-BE99-BC6F7D1DDCBA}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2825640) 64-Bit Edition (HKLM\...\{90140000-0044-0409-1000-0000000FF1CE}_Office14.PROPLUS_{43F59F4D-7179-497E-BE99-BC6F7D1DDCBA}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2837581) 64-Bit Edition (HKLM\...\{90140000-0011-0000-1000-0000000FF1CE}_Office14.PROPLUS_{D1F3B526-7EB2-4701-92DB-0784988D78DE}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2837606) 64-Bit Edition (HKLM\...\{90140000-0011-0000-1000-0000000FF1CE}_Office14.PROPLUS_{52BEF8AE-9324-40A1-9A92-E5A8FB63A475}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2878252) 64-Bit Edition (HKLM\...\{90140000-0011-0000-1000-0000000FF1CE}_Office14.PROPLUS_{56551B9F-2FE1-4705-ACF0-8FA920535E18}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2878252) 64-Bit Edition (HKLM\...\{90140000-0043-0000-1000-0000000FF1CE}_Office14.PROPLUS_{56551B9F-2FE1-4705-ACF0-8FA920535E18}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2881028) 64-Bit Edition (HKLM\...\{90140000-001F-040C-1000-0000000FF1CE}_Office14.OMUI.en-us_{4B9B2BAF-EE1F-4B60-A4D9-17B7BEEB13A1}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2881028) 64-Bit Edition (HKLM\...\{90140000-001F-040C-1000-0000000FF1CE}_Office14.PROPLUS_{4B9B2BAF-EE1F-4B60-A4D9-17B7BEEB13A1}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2881028) 64-Bit Edition (HKLM\...\{90140000-001F-0C0A-1000-0000000FF1CE}_Office14.OMUI.en-us_{860EE8B1-0B9F-4A8A-91FE-649CD3C6754C}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2881028) 64-Bit Edition (HKLM\...\{90140000-001F-0C0A-1000-0000000FF1CE}_Office14.PROPLUS_{860EE8B1-0B9F-4A8A-91FE-649CD3C6754C}) (Version:  - Microsoft)
Update for Microsoft OneNote 2010 (KB2837595) 64-Bit Edition (HKLM\...\{90140000-0011-0000-1000-0000000FF1CE}_Office14.PROPLUS_{3029C408-1DD1-4273-8E58-87CB1B638FC8}) (Version:  - Microsoft)
Update for Microsoft OneNote 2010 (KB2837595) 64-Bit Edition (HKLM\...\{90140000-0043-0000-1000-0000000FF1CE}_Office14.PROPLUS_{3029C408-1DD1-4273-8E58-87CB1B638FC8}) (Version:  - Microsoft)
Update for Microsoft Outlook 2010 (KB2687567) 64-Bit Edition (HKLM\...\{90140000-0011-0000-1000-0000000FF1CE}_Office14.PROPLUS_{DDDC32A5-9528-4771-B91A-97A8E1D7957B}) (Version:  - Microsoft)
Update for Microsoft Outlook 2010 (KB2687567) 64-Bit Edition (HKLM\...\{90140000-001A-0409-1000-0000000FF1CE}_Office14.OMUI.en-us_{DBAC8ED2-9287-499E-AD66-590C7413C7DE}) (Version:  - Microsoft)
Update for Microsoft Outlook 2010 (KB2687567) 64-Bit Edition (HKLM\...\{90140000-001A-0409-1000-0000000FF1CE}_Office14.PROPLUS_{DBAC8ED2-9287-499E-AD66-590C7413C7DE}) (Version:  - Microsoft)
Update for Microsoft PowerPoint 2010 (KB2837579) 64-Bit Edition (HKLM\...\{90140000-0011-0000-1000-0000000FF1CE}_Office14.PROPLUS_{A20A650C-F820-4CE4-AEA5-EC140192FAFB}) (Version:  - Microsoft)
Update for Microsoft PowerPoint 2010 (KB2837579) 64-Bit Edition (HKLM\...\{90140000-0018-0409-1000-0000000FF1CE}_Office14.OMUI.en-us_{393B360E-62F8-463D-B914-1ECDC1359A46}) (Version:  - Microsoft)
Update for Microsoft PowerPoint 2010 (KB2837579) 64-Bit Edition (HKLM\...\{90140000-0018-0409-1000-0000000FF1CE}_Office14.PROPLUS_{393B360E-62F8-463D-B914-1ECDC1359A46}) (Version:  - Microsoft)
Update for Microsoft SharePoint Workspace 2010 (KB2760601) 64-Bit Edition (HKLM\...\{90140000-0011-0000-1000-0000000FF1CE}_Office14.PROPLUS_{77374F16-2DC6-4EEF-AFAD-C59FDA2E010D}) (Version:  - Microsoft)
Update for Microsoft SharePoint Workspace 2010 (KB2760601) 64-Bit Edition (HKLM\...\{90140000-0043-0000-1000-0000000FF1CE}_Office14.PROPLUS_{77374F16-2DC6-4EEF-AFAD-C59FDA2E010D}) (Version:  - Microsoft)
Update for Microsoft Visio 2010 (KB2880526) 64-Bit Edition (HKLM\...\{90140000-0011-0000-1000-0000000FF1CE}_Office14.PROPLUS_{F6F342A1-530B-4D48-A468-1E3F70928984}) (Version:  - Microsoft)
Update for Microsoft Visio Viewer 2010 (KB2837587) 64-Bit Edition (HKLM\...\{90140000-0011-0000-1000-0000000FF1CE}_Office14.PROPLUS_{C950A55F-82E3-4CC8-8FA2-E8A2A0F651F3}) (Version:  - Microsoft)
UpdateService (x32 Version: 1.0.0 - RealNetworks, Inc.) Hidden
VC80CRTRedist - 8.0.50727.6195 (x32 Version: 1.2.0 - DivX, Inc) Hidden
VideoDownloaderUltimate (HKCU\...\VideoDownloaderUltimateWinApp) (Version: 1.0.1.23 - Link64)
Visual Studio 2010 x64 Redistributables (HKLM\...\{21B133D6-5979-47F0-BE1C-F6A6B304693F}) (Version: 13.0.0.1 - AVG Technologies)
Visual Studio 2012 x64 Redistributables (HKLM\...\{8C775E70-A791-4DA8-BCC3-6AB7136F4484}) (Version: 14.0.0.1 - AVG Technologies)
Visual Studio 2012 x86 Redistributables (HKLM-x32\...\{98EFF19A-30AB-4E4B-B943-F06B1C63EBF8}) (Version: 14.0.0.1 - AVG Technologies CZ, s.r.o.)
VLC media player 2.1.3 (HKLM-x32\...\VLC media player) (Version: 2.1.3 - VideoLAN)
Wajam (HKLM-x32\...\Wajam) (Version: 2.15 (i2.5) - Wajam) <==== ATTENTION
Windows Driver Package - Advanced Micro Devices (amdide64) hdc  (12/04/2012 5.2.2.0179) (HKLM\...\92CABF192AE59FEC7A26BF526AE067A4C700A858) (Version: 12/04/2012 5.2.2.0179 - Advanced Micro Devices)
Windows Driver Package - Apple (Netaapl) Net  (07/12/2011 1.8.4.2) (HKLM\...\E3446990DE8D5843AECCB8B0EF4E7D8DBF5E78B2) (Version: 07/12/2011 1.8.4.2 - Apple)
Windows Driver Package - Broadcom Corporation (BTHUSB) Bluetooth  (01/20/2010 6.3.0.3500) (HKLM\...\79B5284AC8847651E6939E5B2FB1A473E6C9D19B) (Version: 01/20/2010 6.3.0.3500 - Broadcom Corporation)
Windows Driver Package - Broadcom Corporation (BTHUSB) Bluetooth  (01/28/2010 6.3.0.3800) (HKLM\...\5BB2352543C023211B5CDA6229832626C218EB7F) (Version: 01/28/2010 6.3.0.3800 - Broadcom Corporation)
Windows Driver Package - YUAN TV DRIVER (cxpl_mhd) Media  (11/08/2011 6.0.32.0077) (HKLM\...\34BE71CBF435D6B34FFAF9BA68AD921E99CF4065) (Version: 11/08/2011 6.0.32.0077 - YUAN TV DRIVER)
Windows Resource Kit Tools - SubInAcl.exe (HKLM-x32\...\{D3EE034D-5B92-4A55-AA02-2E6D0A6A96EE}) (Version: 5.2.3790.1164 - Microsoft Corporation)
WinZip 18.5 (HKLM\...\{CD95F661-A5C4-44F5-A6AA-ECDD91C240E3}) (Version: 18.5.11111 - WinZip Computing, S.L. )
XBMC (HKCU\...\XBMC) (Version:  - Team XBMC)
Xvid Video Codec (HKLM-x32\...\Xvid Video Codec 1.3.2) (Version: 1.3.2 - Xvid Team)
 
==================== Custom CLSID (selected items): ==========================
 
(If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)
 
 
==================== Restore Points  =========================
 
20-09-2014 22:02:49 Windows Update
21-09-2014 23:00:41 Windows Backup
22-09-2014 09:35:15 Microsoft Antimalware Checkpoint
24-09-2014 09:37:16 Windows Update
24-09-2014 16:21:35 Windows Update
24-09-2014 16:45:02 Installed DirectX
28-09-2014 09:37:09 Windows Update
28-09-2014 23:00:28 Windows Backup
02-10-2014 05:14:16 Windows Update
04-10-2014 15:26:38 Removed iCloud
04-10-2014 15:30:47 Installed iCloud
05-10-2014 15:50:44 Windows Update
05-10-2014 23:00:22 Windows Backup
08-10-2014 19:37:35 Windows Update
10-10-2014 04:01:33 Microsoft Antimalware Checkpoint
12-10-2014 00:32:26 Windows Update
12-10-2014 23:01:33 Windows Backup
14-10-2014 18:00:01 Restore Operation
14-10-2014 19:36:04 Windows Backup
14-10-2014 21:20:04 Windows Update
16-10-2014 19:17:02 Windows Backup
16-10-2014 23:08:12 Reimage Express Restore Point
17-10-2014 12:55:06 Reimage Express Restore Point
17-10-2014 13:09:23 Uninstalled with Total Uninstall ""
17-10-2014 15:53:12 Revo Uninstaller's restore point - Google+ Auto Backup
17-10-2014 16:51:36 Installed STOPzilla
17-10-2014 17:00:05 STOPzilla Restore Point.
17-10-2014 18:00:24 Removed STOPzilla
18-10-2014 17:58:42 Windows Update
 
==================== Hosts content: ==========================
 
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
 
2014-03-01 02:10 - 2014-10-17 12:54 - 00449758 ____A C:\Windows\system32\Drivers\etc\hosts
127.0.0.1 localhost
127.0.0.1 activate.adobe.com
127.0.0.1 3dns-3.adobe.com
127.0.0.1 adobe-dns-2.adobe.com
127.0.0.1 adobe-dns-3.adobe.com
127.0.0.1 ereg.wip3.adobe.com
127.0.0.1 activate-sea.adobe.com
127.0.0.1 wip3.adobe.com
127.0.0.1 wwis-dubc1-vip60.adobe.com
127.0.0.1 activate-sjc0.adobe.com
127.0.0.1 practivate.adobe.com
127.0.0.1 ereg.adobe.com
127.0.0.1 activate.wip3.adobe.com
127.0.0.1 3dns-2.adobe.com
127.0.0.1 adobe-dns.adobe.com
127.0.0.1 www.iobit.com
127.0.0.1 www.007guard.com
127.0.0.1 007guard.com
127.0.0.1 008i.com
127.0.0.1 www.008k.com
127.0.0.1 008k.com
127.0.0.1 www.00hq.com
127.0.0.1 00hq.com
127.0.0.1 010402.com
127.0.0.1 www.032439.com
127.0.0.1 032439.com
127.0.0.1 www.0scan.com
127.0.0.1 0scan.com
127.0.0.1 1000gratisproben.com
 
There are 1000 more lines.
 
 
==================== Scheduled Tasks (whitelisted) =============
 
(If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.)
 
Task: {000612EA-70A0-4C63-89A1-8C5AEA7EFE8D} - System32\Tasks\{2C7ACBC0-7276-4542-8CD7-529B4D9AA8CC} => C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe [2013-05-07] (ATI Technologies Inc.)
Task: {006F7C01-5F0E-4150-9C4D-DE30C78C24A1} - System32\Tasks\{5FB22839-DCD7-44B2-8A12-F735271B7366} => C:\Program Files (x86)\AMD AVT\bin\kdbsync.exe [2012-11-27] ()
Task: {02E826AC-35DE-482B-94B2-15A0559936CE} - System32\Tasks\{81C5B8D4-8F2D-4A27-9184-EED41C281D3E} => C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe [2013-05-07] (ATI Technologies Inc.)
Task: {05A07841-8538-4FA8-A72E-58D63EF246DB} - System32\Tasks\{A2992F5E-09C1-403A-B59B-A743630AD888} => C:\Users\Nigel\Desktop\System Drivers\SetupBtwDownloadSE.exe
Task: {079ADE9F-71D9-4F2F-ACD6-13E8E77D1F92} - System32\Tasks\Csb_IdleScan_Task => C:/Program Files (x86)/Anvisoft/Cloud System Booster/CloudSystemBooster.exe [2014-08-20] (Anvisoft)
Task: {093963F0-A29D-40AE-99C1-75A26902A885} - System32\Tasks\Test TimeTrigger => C:\Users\Nigel\AppData\Local\Temp\Runner.exe <==== ATTENTION
Task: {0A818F3C-A3E3-4122-B3F0-19729F7CCE12} - System32\Tasks\{7DB33574-0FEC-4FC6-92B5-1663FE05B401} => C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe [2013-05-07] (ATI Technologies Inc.)
Task: {0DCD46B0-0A93-41AF-A417-D30980C7434D} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2014-09-24] (Adobe Systems Incorporated)
Task: {1038BF1B-FF84-473E-9470-CF2542F8734B} - System32\Tasks\{621D54F1-F962-49FF-80F3-E4901E48F97F} => C:\NVIDIA\DisplayDriver\326.01\Win8_WinVista_Win7\International\Display.Driver\NvCplSetupInt.exe
Task: {10ADD4C1-18C7-4959-B6A6-55B7612B9981} - System32\Tasks\{9B93F1C1-BAE0-4547-A7F4-436DCB981174} => C:\NVIDIA\DisplayDriver\326.01\Win8_WinVista_Win7\International\Display.Driver\NvCplSetupInt.exe
Task: {123565F3-0D19-410B-A6DA-88F89AD0DB10} - System32\Tasks\Microsoft_Hardware_Launch_mousekeyboardcenter_exe => c:\Program Files\Microsoft Mouse and Keyboard Center\mousekeyboardcenter.exe [2013-01-29] (Microsoft)
Task: {12EFB081-B6B7-498C-B0EB-5B466DCAC3DB} - System32\Tasks\{C1FD0AF3-F142-4A98-8F71-C27459CCC326} => C:\Users\Public\Documents\ATISetup.exe [2013-02-14] (Advanced Micro Devices, Inc.)
Task: {169AAA98-589D-4EF5-99E6-164E9E990614} - System32\Tasks\{73CE8116-3FE9-4BB0-9ECF-FF9EF71B71CC} => C:\AMD\Support\13-4_vista_win7_win8_64_dd_ccc_whql\Setup.exe [2013-03-28] (Advanced Micro Devices, Inc.)
Task: {169CA07C-AC46-4953-8DA6-2580DBCF974F} - System32\Tasks\{2D439E47-B377-4F2A-84A7-1FFFB9315E27} => C:\Users\Nigel\Desktop\System Drivers\SetupBtwDownloadSE.exe
Task: {186E7797-9FE8-4A70-9B8A-BB997C6DC598} - System32\Tasks\{CC0FD0E2-776D-4B23-B75B-DA619AA69C1B} => C:\Users\Nigel\Desktop\SetupBtwDownloadSE.exe
Task: {1AFB0322-06B1-4B25-A4D1-2EC13633A456} - System32\Tasks\{10054E13-B4D2-4038-A149-7D7CD286D5BC} => C:\Program Files\Microsoft Silverlight\5.1.20125.0\Silverlight.Configuration.exe
Task: {1FE31CA9-9587-4D90-B97B-4874FE0DD994} - System32\Tasks\{3809E01F-7D74-419D-A04E-475AC9AC0104} => C:\Users\Nigel\Desktop\System Drivers\SetupBtwDownloadSE.exe
Task: {2199150D-38EE-40E0-932A-C547AFC1CDCE} - System32\Tasks\Java Update Scheduler => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [2012-07-03] (Sun Microsystems, Inc.)
Task: {229C7C40-7C76-407C-ABBF-B9A8B0729DA3} - System32\Tasks\Chrome Launcher => C:\Program Files (x86)\Techsnab\Chrome Launcher\chrome-links.exe [2014-09-13] ()
Task: {22E21245-ACCB-45D9-86D9-43D186C24EE0} - System32\Tasks\{1C9473D9-9587-4262-BED4-CE9A0A5B7132} => C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe [2013-05-07] (ATI Technologies Inc.)
Task: {22ED1B6B-B453-4340-A791-B7610BD18DAD} - System32\Tasks\ss u helper-S-9665547 => c:\programdata\wintersoft\ss u helper\ss u helper.exe
Task: {23925085-F16B-480C-893C-00F6B4471DB4} - System32\Tasks\{6FCAAA83-1380-4B01-827E-618BDC4C8749} => C:\Users\Nigel\Desktop\SetupBtwDownloadSE.exe
Task: {251F1F0E-642E-4773-9A4F-BEB433A9277B} - System32\Tasks\{0F35E7D5-B3FA-4E4F-B3C2-695339938076} => C:\Users\Public\Documents\ATISetup.exe [2013-02-14] (Advanced Micro Devices, Inc.)
Task: {26D1CC47-7787-49E1-91F4-1C5B5053B481} - System32\Tasks\{28980DF0-B3B8-477B-B624-7B366C1E9F82} => C:\NVIDIA\DisplayDriver\326.01\Win8_WinVista_Win7\International\Display.Driver\NvCplSetupInt.exe
Task: {293E9808-104D-47BB-BAAD-6C879853839B} - System32\Tasks\Microsoft_Hardware_Launch_itype_exe => c:\Program Files\Microsoft Mouse and Keyboard Center\itype.exe [2013-01-29] (Microsoft Corporation)
Task: {2963DDCF-57EB-43AE-890A-DF5A98B7AEC7} - System32\Tasks\GPUpdateCheck => C:\Program Files (x86)\GetPrivate\gpup.exe [2014-09-22] ()
Task: {29FCDBB3-E067-422E-B938-73B7521C3370} - System32\Tasks\{84129D00-A527-4272-9EAF-734B4C1137A6} => C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe [2013-05-07] (ATI Technologies Inc.)
Task: {317E9D0C-E965-4647-AF45-C426E3C47409} - System32\Tasks\RealDownloaderDownloaderScheduledTaskS-1-5-21-425073729-1472267466-4260431720-1000 => C:\Program Files (x86)\RealNetworks\RealDownloader\recordingmanager.exe [2012-11-29] (RealNetworks, Inc.)
Task: {32608733-4D6D-47E7-89BF-37F1B22B89B9} - System32\Tasks\{DAE296A8-D8A2-4199-8500-2224FE88CDAF} => C:\NVIDIA\DisplayDriver\326.01\Win8_WinVista_Win7\International\Display.Driver\NvCplSetupInt.exe
Task: {349B5B62-DEAF-4B16-93FE-DE7C169ABE66} - System32\Tasks\ReclaimerUpdateFiles_Nigel => C:\Users\Nigel\AppData\Roaming\Real\Update\UpgradeHelper\RealPlayer\11.02\agent\rnupgagent.exe [2014-09-20] (RealNetworks, Inc.)
Task: {368FD478-750D-48DA-98C1-91A0AC9154BA} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-425073729-1472267466-4260431720-1000Core => C:\Users\Nigel\AppData\Local\Google\Update\GoogleUpdate.exe
Task: {3885C983-81FD-4929-94F2-BADDDEC585E8} - System32\Tasks\{E9D746C0-8108-4D3F-856F-0B8E88844D63} => C:\Users\Nigel\AppData\Roaming\Easeware\DriverEasy\drivers\sqnb3bkh.g5k\13-4_vista_win7_win8_64_dd_ccc_whql.exe
Task: {3A28F420-CA2E-41C7-98E6-090BD717828D} - System32\Tasks\{1BB641A5-4C01-461B-A3CA-3EE7A8AFC753} => C:\Users\Nigel\Desktop\System Drivers\SetupBtwDownloadSE.exe
Task: {3A662C89-E799-4D3F-A277-2C6AE51F2D5D} - System32\Tasks\RNUpgradeHelperLogonPrompt_Nigel => C:\Users\Nigel\AppData\Roaming\Real\Update\UpgradeHelper\RealPlayer\11.02\agent\rnupgagent.exe [2014-09-20] (RealNetworks, Inc.)
Task: {3AE4BFDD-06D3-4A72-A031-752C12C5A1FC} - System32\Tasks\{3CED81EB-75E9-4886-9345-6F8A59F71133} => C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe [2013-05-07] (ATI Technologies Inc.)
Task: {3AE64DE5-B4CB-4FEE-8261-3C44EC6592F2} - System32\Tasks\{DA2D6784-B468-41D6-A9C3-E6456F0ECEDC} => C:\AMD\Support\13-4_vista_win7_win8_64_dd_ccc_whql\Setup.exe [2013-03-28] (Advanced Micro Devices, Inc.)
Task: {3C0C5E3A-2FD6-4BE1-9044-A2D75313532F} - System32\Tasks\{3A0372C4-11E7-4A9F-97D8-DA624D7A58FD} => C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe [2013-05-07] (ATI Technologies Inc.)
Task: {3FC269B9-8C6C-4A9E-9628-2490CDAF8E1D} - System32\Tasks\{F565868D-6352-46C1-9D78-ACC152BA5AFC} => C:\Users\Nigel\AppData\Roaming\Easeware\DriverEasy\drivers\sqnb3bkh.g5k\13-4_vista_win7_win8_64_dd_ccc_whql.exe
Task: {4351F10C-E69D-4B69-945D-08C1F0EBDD8A} - System32\Tasks\{8F6CAC86-F380-4C50-8006-36939E72777D} => C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe [2013-05-07] (ATI Technologies Inc.)
Task: {449F4E01-3C7C-4D28-ABBA-828539A83685} - System32\Tasks\{C418A8B2-9255-49E4-A6E9-4D7CA82ADDD3} => C:\Program Files (x86)\AMD AVT\bin\kdbsync.exe [2012-11-27] ()
Task: {44E0ECA0-F601-4090-B027-8CD419F677AD} - System32\Tasks\SmartDefrag_Schedule => C:\Program Files (x86)\IObit\Smart Defrag 2\SmartDefrag.exe
Task: {459C1231-E4FD-4849-B9C5-FBA0C5BB8245} - System32\Tasks\{2A23BB18-DE5C-43BD-BC52-72961C9849D3} => C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe [2013-05-07] (ATI Technologies Inc.)
Task: {467D8819-3E3A-417E-863A-3DF0E112FCB5} - System32\Tasks\{AE34398D-666B-4CCE-BC8F-DB48148EA13F} => C:\Users\Nigel\AppData\Roaming\Easeware\DriverEasy\drivers\sqnb3bkh.g5k\13-4_vista_win7_win8_64_dd_ccc_whql.exe
Task: {4BE74FA7-42CD-41FE-B40D-F9E9C441537E} - System32\Tasks\{BAF80243-FBA1-4E89-95EB-C0D3AA496914} => C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe [2013-05-07] (ATI Technologies Inc.)
Task: {4F2DEE36-7405-4E0C-8129-21A2BBD59B4E} - System32\Tasks\{AEE3B048-B798-479B-B577-03A229A26271} => C:\Program Files (x86)\AMD AVT\bin\kdbsync.exe [2012-11-27] ()
Task: {51745400-A8A2-46E2-A2AA-F90FD82B42A5} - System32\Tasks\{924020A1-5A40-46D8-ADE0-8DF0D267C4CA} => C:\Users\Nigel\Downloads\USB Human Interface Device 33b51d98912fa395f47d492c06592e62\USB Human Interface Device 33b51d98912fa395f47d492c06592e62.exe
Task: {51DF843C-2317-46CB-8DCD-9786748EF292} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-425073729-1472267466-4260431720-1000UA => C:\Users\Nigel\AppData\Local\Google\Update\GoogleUpdate.exe
Task: {56459790-A92F-4CDA-AF94-876D74EBEC31} - System32\Tasks\{9FAA2EAA-5333-4F67-897D-042DC1118AEF} => C:\NVIDIA\DisplayDriver\326.01\Win8_WinVista_Win7\International\Display.Driver\NvCplSetupInt.exe
Task: {5852944E-E3BF-47B0-A8CD-EE9B9FCC856C} - System32\Tasks\{48E4D8DA-0C19-4658-B79C-C5078590BEEF} => C:\Program Files (x86)\JMicron\JOHCI_DIR\setup.exe [2010-07-30] (JMicron Technology Corp.)
Task: {59D050C2-9DFB-4BBB-9BEF-9B5072BDAE74} - System32\Tasks\{FE23A538-ED0A-40E0-87B2-0FA07139C608} => C:\Users\Nigel\Desktop\SetupBtwDownloadSE.exe
Task: {5A655E23-C498-4B5F-A959-B0588BD8C6CB} - System32\Tasks\{73825FD6-27E8-44E3-A92D-5506AD1B97FA} => C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe [2013-05-07] (ATI Technologies Inc.)
Task: {5C75FAF9-9DA8-4844-8416-2228A7785B44} - System32\Tasks\{FC2419A3-3ADC-4196-AAA4-5A5977A662CF} => C:\Program Files (x86)\JMicron\JOHCI_DIR\setup.exe [2010-07-30] (JMicron Technology Corp.)
Task: {6032B365-3830-4CD5-AE92-FE6D4561AE51} - System32\Tasks\{881571A8-9200-4CB5-B498-2A83A9E86DA6} => C:\NVIDIA\DisplayDriver\326.01\Win8_WinVista_Win7\International\Display.Driver\NvCplSetupInt.exe
Task: {60E328B8-E650-45BE-8878-404EE5B610F8} - System32\Tasks\{87D481AC-6BB3-4473-B7AD-3607DCEA8756} => C:\Program Files (x86)\AMD AVT\bin\kdbsync.exe [2012-11-27] ()
Task: {6260FD1A-D38B-44C5-A055-52AB153435FD} - System32\Tasks\{11B3F5B9-1B08-4582-8226-996CDA70793D} => C:\Users\Nigel\Desktop\System Drivers\SetupBtwDownloadSE.exe
Task: {65685772-F1F4-4A8B-8875-60D89FD5137A} - \TidyNetwork Update No Task File <==== ATTENTION
Task: {667FC555-EBE8-4B7E-A24B-C32A0943A876} - System32\Tasks\Microsoft_MKC_Logon_Task_itype.exe => c:\Program Files\Microsoft Mouse and Keyboard Center\itype.exe [2013-01-29] (Microsoft Corporation)
Task: {67309B44-4BBA-46A8-94CE-66F0E4118D55} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2011-06-01] (Apple Inc.)
Task: {7033CB6B-822E-422C-B3A5-285638759605} - System32\Tasks\{F92FDF9D-A098-4E5B-A8B0-BFD8B84ACFF9} => C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe [2013-05-07] (ATI Technologies Inc.)
Task: {708D0DCC-2C04-499E-BB51-26648D454A7B} - System32\Tasks\{C174E770-DDA8-43A4-B145-1DDB63E80EFB} => C:\Users\Nigel\Desktop\SetupBtwDownloadSE.exe
Task: {77090DF9-6BCB-46BD-A052-595EF90E516D} - System32\Tasks\RealDownloaderRealUpgradeLogonTaskS-1-5-21-425073729-1472267466-4260431720-1000 => C:\Program Files (x86)\RealNetworks\RealDownloader\realupgrade.exe [2012-11-29] (RealNetworks, Inc.)
Task: {779B01EA-C171-4A33-A0AA-D9A09F0EEE26} - System32\Tasks\ReimageUpdater => C:\Program Files\Reimage\Reimage Protector\ReiGuard.exe
Task: {786EC165-195D-4716-B28B-926E119BD975} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2014-09-26] (Piriform Ltd)
Task: {79C33A83-58DD-44FC-87EE-B1EAC391332E} - System32\Tasks\{4A2DD742-0F4E-41E5-8164-8C4079E1D14C} => C:\Program Files (x86)\JMicron\JOHCI_DIR\setup.exe [2010-07-30] (JMicron Technology Corp.)
Task: {7BFC570D-1D85-4F51-9A51-840363EE6994} - System32\Tasks\CCleanerClean => C:\Program Files\CCleaner\CCleaner.exe [2014-09-26] (Piriform Ltd)
Task: {7C43B3B7-D555-40E2-9548-D0461CBC676F} - System32\Tasks\{7B644DAF-35C5-439A-952A-E355469DEE4A} => C:\AMD\Support\13-4_vista_win7_win8_64_dd_ccc_whql\Setup.exe [2013-03-28] (Advanced Micro Devices, Inc.)
Task: {7CC66EF8-31F6-4E5C-BFE2-92851B0A97E8} - System32\Tasks\ReclaimerUpdateXML_Nigel => C:\Users\Nigel\AppData\Roaming\Real\Update\UpgradeHelper\RealPlayer\11.02\agent\rnupgagent.exe [2014-09-20] (RealNetworks, Inc.)
Task: {7D16292D-72E8-4AE0-A281-77217F353C3C} - System32\Tasks\{C6D7FCF8-E7B1-4703-8194-D75C03B4DF37} => C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe [2013-05-07] (ATI Technologies Inc.)
Task: {7EC72E42-E0D9-4DB7-B499-3BC25912A497} - System32\Tasks\{4AACEB05-CFC0-4279-9403-CC99773EDDCF} => C:\Users\Nigel\Desktop\System Drivers\SetupBtwDownloadSE.exe
Task: {7F733B87-02E8-479E-8440-514AE88C24A7} - System32\Tasks\{6D7101B6-EC94-4CD8-9786-A08EE5E54F8F} => C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe [2013-05-07] (ATI Technologies Inc.)
Task: {807F5556-47D5-4EC7-8562-1CC7C96009B0} - System32\Tasks\Eakona Update => C:\ProgramData\Eakona\update15.exe
Task: {81A0FB29-85F8-4BFA-8F27-A54082550447} - System32\Tasks\Driver Booster SkipUAC (Nigel) => C:\Program Files (x86)\IObit\Driver Booster\DriverBooster.exe [2014-08-06] (IObit)
Task: {83AFC484-8A32-40B4-8A02-9E064C609D88} - System32\Tasks\RealDownloaderRealUpgradeScheduledTaskS-1-5-21-425073729-1472267466-4260431720-1000 => C:\Program Files (x86)\RealNetworks\RealDownloader\realupgrade.exe [2012-11-29] (RealNetworks, Inc.)
Task: {84589CC3-E682-4196-B545-F1A996BDD4B1} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: {84CFA5CB-FE45-4E62-8842-A69B2BC7833D} - System32\Tasks\{544F44BF-F291-4E18-8BF3-60C0E38A8E9D} => C:\Program Files (x86)\FVD Player\FVD Player.exe
Task: {8565466B-33EA-453A-9A44-FB10FED0EBE0} - System32\Tasks\RealPlayerRealUpgradeLogonTaskS-1-5-21-425073729-1472267466-4260431720-1000 => C:\Program Files (x86)\Real\RealUpgrade\RealUpgrade.exe [2013-10-25] (RealNetworks, Inc.)
Task: {8C433082-E77E-4688-BF0E-6CB3A25A77DD} - System32\Tasks\{1D1A5A4A-8E61-4697-AC2F-51D7EE009786} => C:\Users\Nigel\Desktop\SetupBtwDownloadSE.exe
Task: {90473550-E850-4BFB-9244-5EE77EF732AA} - System32\Tasks\{1F60F57D-30CA-4034-BC06-941D7B6CD9F0} => C:\Program Files (x86)\FVD Player\FVD Player.exe
Task: {951DCD93-192C-435E-A657-97B8861D29D7} - System32\Tasks\{72C600E9-A2FB-4A6C-8EDB-4B7FD35F3BE0} => C:\Users\Nigel\Desktop\System Drivers\SetupBtwDownloadSE.exe
Task: {96424976-48F4-4F52-A759-B19F12A6F4AF} - System32\Tasks\YourFileDownloader Installer Starter => C:\Users\Nigel\AppData\Local\Temp\YourFileDownloaderxVijv0Nbf2.exe <==== ATTENTION
Task: {96878061-26E9-49D3-8B8B-6CC548CA5809} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: {992CD035-8FA6-4179-8F27-6451EAC9B25E} - System32\Tasks\Microsoft_Hardware_Launch_ipoint_exe => c:\Program Files\Microsoft Mouse and Keyboard Center\ipoint.exe [2013-01-29] (Microsoft Corporation)
Task: {9B7E1E6B-8E4C-4230-9B53-6F404F3C8FA3} - System32\Tasks\RNUpgradeHelperResumePrompt_Nigel => C:\Users\Nigel\AppData\Roaming\Real\Update\UpgradeHelper\RealPlayer\11.02\agent\rnupgagent.exe [2014-09-20] (RealNetworks, Inc.)
Task: {A08E06B3-13BE-4A64-8BE4-BA75BFE3CF80} - System32\Tasks\{DCD6F798-3E9A-4E0B-BD8F-4F1A56C6E1A5} => C:\Users\Nigel\Downloads\USB Human Interface Device 33b51d98912fa395f47d492c06592e62\USB Human Interface Device 33b51d98912fa395f47d492c06592e62.exe
Task: {A5E73495-E96E-4AB8-AF93-C21EC0416E5A} - System32\Tasks\{1A248453-EA28-4123-BDBE-21B643214981} => C:\Users\Nigel\Desktop\System Drivers\SetupBtwDownloadSE.exe
Task: {A5FEAF99-0991-43FE-AA1F-D8046B57BAEE} - System32\Tasks\{E053BCD8-88B4-40F6-B0E9-54B4C0E2DB24} => C:\Program Files (x86)\AMD AVT\bin\kdbsync.exe [2012-11-27] ()
Task: {A865B493-DC39-4096-A89C-F345384C3AF4} - System32\Tasks\{6F328AA4-E7BC-4E55-8580-8DD694CC3ADB} => C:\Users\Nigel\Desktop\SetupBtwDownloadSE.exe
Task: {A8818490-0854-4337-B395-4A370F92FE89} - System32\Tasks\{21766169-89C2-49F6-BB8F-AB224E395A1B} => C:\NVIDIA\DisplayDriver\326.01\Win8_WinVista_Win7\International\Display.Driver\NvCplSetupInt.exe
Task: {AB23705A-DE13-4C0F-9DC8-275734E6618D} - System32\Tasks\Microsoft\Windows\WindowsBackup\AutomaticBackup => Rundll32.exe /d sdengin2.dll,ExecuteScheduledBackup
Task: {AB54D713-8B71-4989-A1B2-F224EB44A3AE} - System32\Tasks\{8571D682-9355-4007-A9C8-52B226CC06A8} => C:\Program Files (x86)\AMD AVT\bin\kdbsync.exe [2012-11-27] ()
Task: {AEA2DCEC-1540-4417-808E-F885D955417D} - System32\Tasks\{F42A0C80-5557-42CB-8465-6164EBAD88A8} => C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe [2013-05-07] (ATI Technologies Inc.)
Task: {AEB6797F-3C8C-4FEC-ADF2-D899CAF39D65} - System32\Tasks\{4BD65B01-0AE9-4A43-B2F7-CF6128EA21A9} => C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe [2013-05-07] (ATI Technologies Inc.)
Task: {AF7D2CEF-584D-4481-8C36-2503A983A9DB} - System32\Tasks\AdobeAAMUpdater-1.0-Nigel-PC-Nigel => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [2014-02-27] (Adobe Systems Incorporated)
Task: {B2EE0003-6F1B-4C22-8D48-992FB5AABE0A} - System32\Tasks\Microsoft_MKC_Logon_Task_ipoint.exe => c:\Program Files\Microsoft Mouse and Keyboard Center\ipoint.exe [2013-01-29] (Microsoft Corporation)
Task: {B41A22EC-4CB5-4AFE-8BEA-5B01E5AE43EE} - System32\Tasks\{E400AB86-5A44-4228-A3CE-AF605BA9AF62} => C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe [2013-05-07] (ATI Technologies Inc.)
Task: {B7FC23B2-7EC7-4C96-8161-B3CFB715E737} - System32\Tasks\{9ED700B8-ECDA-427C-B8E3-2791A2E2DCD7} => C:\Program Files (x86)\AMD AVT\bin\kdbsync.exe [2012-11-27] ()
Task: {BBC765F7-D309-4BD8-BA18-A107F6F5948E} - System32\Tasks\{077AA7A5-1BD3-4EFA-ABDB-DFB6174D3071} => C:\NVIDIA\DisplayDriver\326.01\Win8_WinVista_Win7\International\Display.Driver\NvCplSetupInt.exe
Task: {C11C6FBD-A367-4737-8923-386DAD5DC884} - System32\Tasks\{B15A5C3F-6909-4D9D-AEEA-7873D50CBFC1} => C:\Users\Nigel\AppData\Roaming\Easeware\DriverEasy\drivers\sqnb3bkh.g5k\13-4_vista_win7_win8_64_dd_ccc_whql.exe
Task: {C3F97A9C-6154-4CED-BFDC-028EF0188789} - System32\Tasks\{F153F805-2E31-4E5B-97C7-FD71BC0BEB55} => C:\NVIDIA\DisplayDriver\326.01\Win8_WinVista_Win7\International\Display.Driver\NvCplSetupInt.exe
Task: {C435B79A-12EE-4AF1-9117-FC0211600E4D} - System32\Tasks\{50FFBF50-AA52-4ED1-B6A2-ABE0AB7A1FA8} => C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe [2013-05-07] (ATI Technologies Inc.)
Task: {CF517E06-FF2E-40D8-90A8-38618541F7C7} - System32\Tasks\{25E512C9-6BF5-4F04-AD7A-771D90B5EA74} => C:\Program Files (x86)\AMD AVT\bin\kdbsync.exe [2012-11-27] ()
Task: {D7F7BD77-BA36-439A-912A-E42FFD28F48F} - System32\Tasks\{D8FD28E2-15C2-4D62-A60C-F8B55E46DD86} => C:\NVIDIA\DisplayDriver\326.01\Win8_WinVista_Win7\International\Display.Driver\NvCplSetupInt.exe
Task: {DDD4F934-C2EF-42A7-A324-93D7B98AF47E} - System32\Tasks\{9FBD2980-03DB-418A-8BE2-EFEF5DFC542B} => C:\NVIDIA\DisplayDriver\326.01\Win8_WinVista_Win7\International\Display.Driver\NvCplSetupInt.exe
Task: {DF1AD657-5EA2-47B0-98BF-F60D6C449CB5} - System32\Tasks\{74F22C14-D49E-46A3-89CB-999F91FAE2D9} => C:\Users\Nigel\Desktop\SetupBtwDownloadSE.exe
Task: {DF61FCD0-E3FE-4055-9FCD-C17C2A9196F3} - System32\Tasks\{5F84FB09-08A8-499F-B17F-7CCCA4EE158D} => C:\Users\Nigel\Desktop\System Drivers\SetupBtwDownloadSE.exe
Task: {E5004064-C3D0-4FB4-BC0E-D9653316B938} - System32\Tasks\{154733BA-4DA3-4301-AD83-0230D0C5461D} => C:\NVIDIA\DisplayDriver\326.01\Win8_WinVista_Win7\International\Display.Driver\NvCplSetupInt.exe
Task: {E605B7D6-DB52-4020-9B63-D4FB2ED3B067} - System32\Tasks\{FB5E2E38-F3B5-4A82-9033-18D3A4773C95} => C:\Users\Nigel\Desktop\SetupBtwDownloadSE.exe
Task: {E9FBC6F9-B382-4931-B10F-BE788B37743E} - System32\Tasks\{52EC31A4-035C-4281-B156-1FFA146BEFB5} => C:\Program Files (x86)\FVD Player\FVD Player.exe
Task: {EF39CFC0-6789-43E7-B770-1BD31EACB6A4} - System32\Tasks\{698C9EF4-C460-4000-8D89-333C6772CA58} => C:\Program Files (x86)\JMicron\JOHCI_DIR\setup.exe [2010-07-30] (JMicron Technology Corp.)
Task: {F0ADDC43-8010-4AD0-9C2A-3DCDF5A12CCD} - System32\Tasks\RealPlayerRealUpgradeScheduledTaskS-1-5-21-425073729-1472267466-4260431720-1000 => C:\Program Files (x86)\Real\RealUpgrade\RealUpgrade.exe [2013-10-25] (RealNetworks, Inc.)
Task: {FCA5B4FE-154E-4649-82C9-519B0DFFAEA0} - System32\Tasks\{EC9BF912-F05C-4B56-B200-82F74A037AD0} => C:\Program Files\Microsoft Silverlight\5.1.20125.0\Silverlight.Configuration.exe
Task: {FE0838BE-005B-4A21-A157-EEBC70F1FF49} - \GPUP No Task File <==== ATTENTION
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\CCleanerClean.job => C:\Program Files\CCleaner\CCleaner.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-425073729-1472267466-4260431720-1000Core.job => C:\Users\Nigel\AppData\Local\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-425073729-1472267466-4260431720-1000UA.job => C:\Users\Nigel\AppData\Local\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\ReclaimerUpdateFiles_Nigel.job => C:\Users\Nigel\AppData\Roaming\Real\Update\UpgradeHelper\RealPlayer\11.02\agent\rnupgagent.exe
Task: C:\Windows\Tasks\ReclaimerUpdateXML_Nigel.job => C:\Users\Nigel\AppData\Roaming\Real\Update\UpgradeHelper\RealPlayer\11.02\agent\rnupgagent.exe
Task: C:\Windows\Tasks\RNUpgradeHelperLogonPrompt_Nigel.job => C:\Users\Nigel\AppData\Roaming\Real\Update\UpgradeHelper\RealPlayer\11.02\agent\rnupgagent.exe
 
==================== Loaded Modules (whitelisted) =============
 
2013-03-19 17:05 - 2014-07-02 14:55 - 00116568 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax64.dll
2014-03-20 11:24 - 2014-03-20 11:24 - 00667808 _____ () C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSync\CoreSync_x64.dll
2013-09-05 01:17 - 2013-09-05 01:17 - 04300456 _____ () C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Cultures\OFFICE.ODF
2010-10-20 15:23 - 2010-10-20 15:23 - 08801632 _____ () C:\Program Files\Microsoft Office\Office14\1033\GrooveIntlResource.dll
2014-02-01 06:54 - 2007-09-02 14:58 - 00495616 _____ () C:\Program Files (x86)\RocketDock\RocketDock.exe
2014-01-20 14:17 - 2014-01-20 14:17 - 00073544 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll
2014-01-20 14:16 - 2014-01-20 14:16 - 01044808 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll
2014-02-01 06:54 - 2007-09-02 14:57 - 00069632 _____ () C:\Program Files (x86)\RocketDock\RocketDock.dll
2013-09-05 01:14 - 2013-09-05 01:14 - 04300456 _____ () C:\Program Files (x86)\Common Files\microsoft shared\OFFICE14\Cultures\OFFICE.ODF
2010-10-20 15:45 - 2010-10-20 15:45 - 08801120 _____ () C:\Program Files (x86)\Microsoft Office\Office14\1033\GrooveIntlResource.dll
2014-09-07 07:51 - 2014-08-29 22:49 - 01098056 _____ () C:\Program Files (x86)\Google\Chrome\Application\37.0.2062.103\libglesv2.dll
2014-09-07 07:51 - 2014-08-29 22:49 - 00174408 _____ () C:\Program Files (x86)\Google\Chrome\Application\37.0.2062.103\libegl.dll
2014-09-07 07:51 - 2014-08-29 22:49 - 08577864 _____ () C:\Program Files (x86)\Google\Chrome\Application\37.0.2062.103\pdf.dll
2014-09-07 07:51 - 2014-08-29 22:49 - 00331592 _____ () C:\Program Files (x86)\Google\Chrome\Application\37.0.2062.103\ppGoogleNaClPluginChrome.dll
2014-09-07 07:51 - 2014-08-29 22:49 - 01660232 _____ () C:\Program Files (x86)\Google\Chrome\Application\37.0.2062.103\ffmpegsumo.dll
2014-09-07 07:51 - 2014-08-29 22:49 - 14669128 _____ () C:\Program Files (x86)\Google\Chrome\Application\37.0.2062.103\PepperFlash\pepflashplayer.dll
 
==================== Alternate Data Streams (whitelisted) =========
 
(If an entry is included in the fixlist, only the Alternate Data Streams will be removed.)
 
AlternateDataStreams: C:\Windows\system32\Drivers\ktlxumic.sys:changelist
 
==================== Safe Mode (whitelisted) ===================
 
(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
 
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\IMFservice => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\WRkrn => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\WRSVC => ""="Service"
 
==================== EXE Association (whitelisted) =============
 
(If an entry is included in the fixlist, the default will be restored. None default entries will be removed.)
 
HKU\.DEFAULT\Software\Classes\.exe: exefile => "%1" %* <===== ATTENTION!
HKU\.DEFAULT\Software\Classes\exefile: "%1" %* <===== ATTENTION!
HKU\S-1-5-19\Software\Classes\.exe: exefile => "%1" %* <===== ATTENTION!
HKU\S-1-5-19\Software\Classes\exefile: "%1" %* <===== ATTENTION!
HKU\S-1-5-20\Software\Classes\.exe: exefile => "%1" %* <===== ATTENTION!
HKU\S-1-5-20\Software\Classes\exefile: "%1" %* <===== ATTENTION!
HKU\S-1-5-21-425073729-1472267466-4260431720-1000\Software\Classes\.exe: exefile =>  <===== ATTENTION!
HKU\S-1-5-21-425073729-1472267466-4260431720-1000\Software\Classes\exefile:  <===== ATTENTION!
 
==================== MSCONFIG/TASK MANAGER disabled items =========
 
(Currently there is no automatic fix for this section.)
 
MSCONFIG\Services: ASCAntivirusSrv => 2
MSCONFIG\Services: Bluetooth Device Monitor => 2
MSCONFIG\Services: Bluetooth Media Service => 2
MSCONFIG\Services: Bluetooth OBEX Service => 2
MSCONFIG\Services: btwdins => 2
MSCONFIG\Services: DefaultTabSearch => 2
MSCONFIG\Services: DefaultTabUpdate => 2
MSCONFIG\Services: Fax => 3
MSCONFIG\Services: hshld => 2
MSCONFIG\Services: HssTrayService => 3
MSCONFIG\Services: HssWd => 2
MSCONFIG\Services: IMFservice => 2
MSCONFIG\Services: RealNetworks Downloader Resolver Service => 3
MSCONFIG\Services: RealPlayer Desktop Service => 3
MSCONFIG\Services: RealPlayerUpdateSvc => 3
MSCONFIG\Services: WRSVC => 2
MSCONFIG\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^Install Webroot IE RunOnce.lnk => C:\Windows\pss\Install Webroot IE RunOnce.lnk.CommonStartup
MSCONFIG\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^LaunchU3.exe.lnk => C:\Windows\pss\LaunchU3.exe.lnk.CommonStartup
MSCONFIG\startupfolder: C:^Users^Nigel^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^A1Clean.lnk => C:\Windows\pss\A1Clean.lnk.Startup
MSCONFIG\startupfolder: C:^Users^Nigel^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^JustCloud.lnk => C:\Windows\pss\JustCloud.lnk.Startup
MSCONFIG\startupfolder: C:^Users^Nigel^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^Microsoft SharePoint Workspace.lnk => C:\Windows\pss\Microsoft SharePoint Workspace.lnk.Startup
MSCONFIG\startupreg: Acrobat Assistant 8.0 => c:\program files (x86)\adobe\acrobat 11.0\acrobat\acrotray.exe
MSCONFIG\startupreg: Adobe ARM => "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
MSCONFIG\startupreg: Adobe Creative Cloud => "C:\Program Files (x86)\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe" --showwindow=false --onOSstartup=true
MSCONFIG\startupreg: AdobeAAMUpdater-1.0 => c:\program files (x86)\common files\adobe\oobe\pdapp\uwa\updaterstartuputility.exe
MSCONFIG\startupreg: AdobeCS5.5ServiceManager => "C:\Program Files (x86)\Common Files\Adobe\CS5.5ServiceManager\CS5.5ServiceManager.exe" -launchedbylogin
MSCONFIG\startupreg: Apoint => 
MSCONFIG\startupreg: Bench Communicator Watcher => 
MSCONFIG\startupreg: Bench Settings Cleaner => 
MSCONFIG\startupreg: BService => 
MSCONFIG\startupreg: BService64 => 
MSCONFIG\startupreg: CCleaner Monitoring => "C:\Program Files\CCleaner\CCleaner64.exe" /MONITOR
MSCONFIG\startupreg: IObit Malware Fighter => 
MSCONFIG\startupreg: mmonitor => C:\Program Files (x86)\Anvisoft\Cloud System Booster\extentions\toolbox\Anvi RAM Booster\Anvi_RAM_Booster.exe hide=1
MSCONFIG\startupreg: OfficeSyncProcess => "C:\Program Files\Microsoft Office\Office14\MSOSYNC.EXE"
MSCONFIG\startupreg: SearchProtection => 
MSCONFIG\startupreg: swg => c:\program files (x86)\google\googletoolbarnotifier\googletoolbarnotifier.exe
MSCONFIG\startupreg: SwitchBoard => C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe
MSCONFIG\startupreg: uTorrent => "C:\Users\Nigel\AppData\Roaming\uTorrent\uTorrent.exe"  /MINIMIZED
MSCONFIG\startupreg: VideoDownloaderUltimate => C:\ProgramData\VideoDownloaderUltimateWinApp\VideoDownloaderUltimate.exe /repair
MSCONFIG\startupreg: Wd => 
MSCONFIG\startupreg: WRSVC => 
 
========================= Accounts: ==========================
 
Administrator (S-1-5-21-425073729-1472267466-4260431720-500 - Administrator - Disabled)
fbwuser (S-1-5-21-425073729-1472267466-4260431720-1009 - Limited - Enabled)
Guest (S-1-5-21-425073729-1472267466-4260431720-501 - Limited - Disabled) => C:\Users\Guest
Nigel (S-1-5-21-425073729-1472267466-4260431720-1000 - Administrator - Enabled) => C:\Users\Nigel
 
==================== Faulty Device Manager Devices =============
 
Name: AntiLog32
Description: AntiLog32
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer: 
Service: AntiLog32
Problem: : This device is not present, is not working properly, or does not have all its drivers installed. (Code 24)
Resolution: The device is installed incorrectly. The problem could be a hardware failure, or a new driver might be needed.
Devices stay in this state if they have been prepared for removal.
After you remove the device, this error disappears.Remove the device, and this error should be resolved.
 
Name: Microsoft PS/2 Mouse
Description: Microsoft PS/2 Mouse
Class Guid: {4d36e96f-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: i8042prt
Problem: : This device is not present, is not working properly, or does not have all its drivers installed. (Code 24)
Resolution: The device is installed incorrectly. The problem could be a hardware failure, or a new driver might be needed.
Devices stay in this state if they have been prepared for removal.
After you remove the device, this error disappears.Remove the device, and this error should be resolved.
 
Name: SASDIFSV
Description: SASDIFSV
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer: 
Service: SASDIFSV
Problem: : This device is not present, is not working properly, or does not have all its drivers installed. (Code 24)
Resolution: The device is installed incorrectly. The problem could be a hardware failure, or a new driver might be needed.
Devices stay in this state if they have been prepared for removal.
After you remove the device, this error disappears.Remove the device, and this error should be resolved.
 
Name: SASKUTIL
Description: SASKUTIL
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer: 
Service: SASKUTIL
Problem: : This device is not present, is not working properly, or does not have all its drivers installed. (Code 24)
Resolution: The device is installed incorrectly. The problem could be a hardware failure, or a new driver might be needed.
Devices stay in this state if they have been prepared for removal.
After you remove the device, this error disappears.Remove the device, and this error should be resolved.
 
 
==================== Event log errors: =========================
 
Application errors:
==================
Error: (10/18/2014 09:49:25 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Client application bug: DNSServiceResolve(60:c5:47:d2:e5:[email protected]::62c5:47ff:fed2:e5ca._apple-mobdev._tcp.local.) active for over two minutes. This places considerable burden on the network.
 
Error: (10/18/2014 09:49:25 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Client application bug: DNSServiceResolve(60:c5:47:d2:e5:[email protected]::62c5:47ff:fed2:e5ca._apple-mobdev._tcp.local.) active for over two minutes. This places considerable burden on the network.
 
Error: (10/18/2014 09:47:13 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: ERROR: handle_resolve_request bad interfaceIndex 24
 
Error: (10/18/2014 09:47:13 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: ERROR: handle_resolve_request bad interfaceIndex 23
 
Error: (10/18/2014 09:47:13 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: ERROR: handle_resolve_request bad interfaceIndex 22
 
Error: (10/18/2014 09:47:13 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: ERROR: handle_resolve_request bad interfaceIndex 21
 
Error: (10/18/2014 09:47:13 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: ERROR: handle_resolve_request bad interfaceIndex 20
 
Error: (10/18/2014 09:47:13 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: ERROR: handle_resolve_request bad interfaceIndex 19
 
Error: (10/18/2014 09:47:13 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: ERROR: handle_resolve_request bad interfaceIndex 18
 
Error: (10/18/2014 09:47:13 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: ERROR: handle_resolve_request bad interfaceIndex 17
 
 
System errors:
=============
Error: (10/17/2014 02:17:49 PM) (Source: Microsoft Antimalware) (EventID: 2001) (User: )
Description: %NT AUTHORITY60 has encountered an error trying to update signatures.
 
New Signature Version: 
 
Previous Signature Version: 1.185.3447.0
 
Update Source: %NT AUTHORITY59
 
Update Stage: 4.6.0305.00
 
Source Path: 4.6.0305.01
 
Signature Type: %NT AUTHORITY602
 
Update Type: %NT AUTHORITY604
 
User: NT AUTHORITY\SYSTEM
 
Current Engine Version: %NT AUTHORITY605
 
Previous Engine Version: %NT AUTHORITY606
 
Error code: %NT AUTHORITY607
 
Error description: %NT AUTHORITY608
 
Error: (10/17/2014 02:17:49 PM) (Source: Microsoft Antimalware) (EventID: 2001) (User: )
Description: %NT AUTHORITY60 has encountered an error trying to update signatures.
 
New Signature Version: 
 
Previous Signature Version: 1.185.3447.0
 
Update Source: %NT AUTHORITY59
 
Update Stage: 4.6.0305.00
 
Source Path: 4.6.0305.01
 
Signature Type: %NT AUTHORITY602
 
Update Type: %NT AUTHORITY604
 
User: NT AUTHORITY\SYSTEM
 
Current Engine Version: %NT AUTHORITY605
 
Previous Engine Version: %NT AUTHORITY606
 
Error code: %NT AUTHORITY607
 
Error description: %NT AUTHORITY608
 
Error: (10/17/2014 02:07:29 PM) (Source: Microsoft Antimalware) (EventID: 2001) (User: )
Description: %NT AUTHORITY60 has encountered an error trying to update signatures.
 
New Signature Version: 
 
Previous Signature Version: 1.185.3447.0
 
Update Source: %NT AUTHORITY59
 
Update Stage: 4.6.0305.00
 
Source Path: 4.6.0305.01
 
Signature Type: %NT AUTHORITY602
 
Update Type: %NT AUTHORITY604
 
User: NT AUTHORITY\SYSTEM
 
Current Engine Version: %NT AUTHORITY605
 
Previous Engine Version: %NT AUTHORITY606
 
Error code: %NT AUTHORITY607
 
Error description: %NT AUTHORITY608
 
Error: (10/17/2014 02:07:29 PM) (Source: Microsoft Antimalware) (EventID: 2001) (User: )
Description: %NT AUTHORITY60 has encountered an error trying to update signatures.
 
New Signature Version: 
 
Previous Signature Version: 1.185.3447.0
 
Update Source: %NT AUTHORITY59
 
Update Stage: 4.6.0305.00
 
Source Path: 4.6.0305.01
 
Signature Type: %NT AUTHORITY602
 
Update Type: %NT AUTHORITY604
 
User: NT AUTHORITY\SYSTEM
 
Current Engine Version: %NT AUTHORITY605
 
Previous Engine Version: %NT AUTHORITY606
 
Error code: %NT AUTHORITY607
 
Error description: %NT AUTHORITY608
 
Error: (10/17/2014 02:02:33 PM) (Source: Service Control Manager) (EventID: 7011) (User: )
Description: A timeout (30000 milliseconds) was reached while waiting for a transaction response from the szserver service.
 
Error: (10/17/2014 01:51:42 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: The LiveUpdate service terminated unexpectedly.  It has done this 1 time(s).
 
Error: (10/17/2014 01:51:38 PM) (Source: Service Control Manager) (EventID: 7026) (User: )
Description: The following boot-start or system-start driver(s) failed to load: 
amdkmafd
is3srv
SASDIFSV
SASKUTIL
 
Error: (10/17/2014 01:51:38 PM) (Source: Service Control Manager) (EventID: 7022) (User: )
Description: The Diagnostic Service Host service hung on starting.
 
Error: (10/17/2014 01:49:31 PM) (Source: SNMP) (EventID: 1500) (User: )
Description: The SNMP Service encountered an error while accessing the registry key SYSTEM\CurrentControlSet\Services\SNMP\Parameters\TrapConfiguration.
 
Error: (10/17/2014 01:46:33 PM) (Source: BTHUSB) (EventID: 5) (User: )
Description: The Bluetooth driver expected an HCI event with a certain size but did not receive it.
 
 
Microsoft Office Sessions:
=========================
Error: (10/18/2014 09:49:25 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Client application bug: DNSServiceResolve(60:c5:47:d2:e5:[email protected]::62c5:47ff:fed2:e5ca._apple-mobdev._tcp.local.) active for over two minutes. This places considerable burden on the network.
 
Error: (10/18/2014 09:49:25 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Client application bug: DNSServiceResolve(60:c5:47:d2:e5:[email protected]::62c5:47ff:fed2:e5ca._apple-mobdev._tcp.local.) active for over two minutes. This places considerable burden on the network.
 
Error: (10/18/2014 09:47:13 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: ERROR: handle_resolve_request bad interfaceIndex 24
 
Error: (10/18/2014 09:47:13 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: ERROR: handle_resolve_request bad interfaceIndex 23
 
Error: (10/18/2014 09:47:13 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: ERROR: handle_resolve_request bad interfaceIndex 22
 
Error: (10/18/2014 09:47:13 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: ERROR: handle_resolve_request bad interfaceIndex 21
 
Error: (10/18/2014 09:47:13 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: ERROR: handle_resolve_request bad interfaceIndex 20
 
Error: (10/18/2014 09:47:13 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: ERROR: handle_resolve_request bad interfaceIndex 19
 
Error: (10/18/2014 09:47:13 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: ERROR: handle_resolve_request bad interfaceIndex 18
 
Error: (10/18/2014 09:47:13 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: ERROR: handle_resolve_request bad interfaceIndex 17
 
 
==================== Memory info =========================== 
 
Processor: AMD Athlon™ 7450 Dual-Core Processor
Percentage of memory in use: 46%
Total physical RAM: 8191.3 MB
Available physical RAM: 4353.17 MB
Total Pagefile: 20473.48 MB
Available Pagefile: 15278.39 MB
Total Virtual: 8192 MB
Available Virtual: 8191.83 MB
 
==================== Drives ================================
 
Drive c: (New Volume) (Fixed) (Total:298.09 GB) (Free:136.02 GB) NTFS ==>[Drive with boot components (obtained from BCD)]
Drive f: (U3 System) (CDROM) (Total:0.01 GB) (Free:0 GB) CDFS
Drive g: (NIGEL SYS) (Removable) (Total:3.73 GB) (Free:2.43 GB) FAT32
Drive h: (PKBACK# 001) (Removable) (Total:7.47 GB) (Free:0.49 GB) FAT32
Drive k: () (Fixed) (Total:465.76 GB) (Free:205.98 GB) NTFS
 
==================== MBR & Partition Table ==================
 
========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 298.1 GB) (Disk ID: D93C5615)
Partition 1: (Active) - (Size=298.1 GB) - (Type=07 NTFS)
 
========================================================
Disk: 1 (Size: 465.8 GB) (Disk ID: DD63B194)
Partition 1: (Not Active) - (Size=465.8 GB) - (Type=42)
 
========================================================
Disk: 7 (MBR Code: Windows XP) (Size: 3.7 GB) (Disk ID: C3072E18)
Partition 1: (Active) - (Size=3.7 GB) - (Type=0C)
 
========================================================
Disk: 8 (Size: 7.5 GB) (Disk ID: FDBE976B)
Partition 1: (Not Active) - (Size=7.5 GB) - (Type=0B)
 
==================== End Of Log ============================

Edited by nfmaharaj, 18 October 2014 - 10:37 PM.

  • 0

Advertisements


#2
iammykyl

iammykyl

    Tech Staff

  • Technician
  • 7,047 posts

:welcome: nfmaharaj.

AS your machine may still be infected, please go to the link below and follow the instructions from Step 2.   If you still have problems after being given a clean bill of health, come back to this topic and describe  the problems you are still having.

http://www.geekstogo...cleaning-guide/


  • 0

#3
nfmaharaj

nfmaharaj

    Member

  • Topic Starter
  • Member
  • PipPip
  • 44 posts

Thank you for helping me..... Still waiting for it to finish running the scan results


  • 0

#4
nfmaharaj

nfmaharaj

    Member

  • Topic Starter
  • Member
  • PipPip
  • 44 posts

Below is the results from the scan...... 

OTL logfile created on: 10/18/2014 8:50:03 PM - Run 1
OTL by OldTimer - Version 3.2.69.0     Folder = C:\Users\Nigel\Downloads
64bit- Ultimate Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.11.9600.17358)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy
 
8.00 Gb Total Physical Memory | 4.35 Gb Available Physical Memory | 54.43% Memory free
19.99 Gb Paging File | 13.86 Gb Available in Paging File | 69.31% Paging File free
Paging file location(s): C:\pagefile.sys 6142 6142K:\pagef [Binary data over 200 bytes]
 
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 298.09 Gb Total Space | 136.40 Gb Free Space | 45.76% Space Free | Partition Type: NTFS
Drive F: | 6.67 Mb Total Space | 0.00 Mb Free Space | 0.00% Space Free | Partition Type: CDFS
Drive G: | 3.73 Gb Total Space | 2.43 Gb Free Space | 65.18% Space Free | Partition Type: FAT32
Drive H: | 7.47 Gb Total Space | 0.49 Gb Free Space | 6.50% Space Free | Partition Type: FAT32
Drive K: | 465.76 Gb Total Space | 205.98 Gb Free Space | 44.22% Space Free | Partition Type: NTFS
 
Computer Name: NIGEL-PC | User Name: Nigel | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Quick Scan | Include 64bit Scans
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days
 
========== Processes (SafeList) ==========
 
PRC - [2014/10/18 20:49:37 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Nigel\Downloads\OTL.exe
PRC - [2014/10/01 11:09:30 | 000,968,504 | ---- | M] (Malwarebytes Corporation) -- C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe
PRC - [2014/10/01 11:09:28 | 001,871,160 | ---- | M] (Malwarebytes Corporation) -- C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe
PRC - [2014/10/01 11:09:20 | 007,229,752 | ---- | M] (Malwarebytes Corporation) -- C:\Program Files (x86)\Malwarebytes Anti-Malware\mbam.exe
PRC - [2014/09/16 22:15:08 | 002,460,488 | ---- | M] (NVIDIA Corporation) -- C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
PRC - [2014/09/16 22:14:57 | 001,795,912 | ---- | M] (NVIDIA Corporation) -- C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
PRC - [2014/08/29 22:49:43 | 000,852,808 | ---- | M] (Google Inc.) -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
PRC - [2014/08/27 20:29:36 | 001,217,032 | ---- | M] (TorchMedia Inc.) -- C:\Users\Nigel\AppData\Local\Torch\Update\TorchCrashHandler.exe
PRC - [2014/08/27 20:27:52 | 000,857,096 | ---- | M] (Torch Media Inc.) -- C:\Users\Nigel\AppData\Local\Torch\Application\torch.exe
PRC - [2014/08/27 20:27:50 | 001,127,432 | ---- | M] (Torch Media Inc.) -- C:\Users\Nigel\AppData\Local\Torch\Update\33.0.0.7723\TorchUpdate.exe
PRC - [2014/08/20 04:21:40 | 000,042,680 | ---- | M] (Anvisoft) -- C:\Program Files (x86)\Anvisoft\Cloud System Booster\CSBSvc.exe
PRC - [2014/07/02 13:44:41 | 000,411,936 | ---- | M] (NVIDIA Corporation) -- C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
PRC - [2014/02/27 22:12:22 | 000,893,312 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\AAM Updates Notifier.exe
PRC - [2013/05/07 14:34:36 | 000,193,256 | ---- | M] (Anvisoft) -- C:\Program Files (x86)\Anvisoft\Cloud System Booster\extentions\Toolbox\Startup Booster\StartupTimeSrv.exe
PRC - [2012/12/05 16:40:02 | 000,597,880 | ---- | M] (BlueStack Systems, Inc.) -- C:\Program Files (x86)\BlueStacks\HD-Agent.exe
PRC - [2012/12/05 16:39:48 | 000,638,840 | ---- | M] (BlueStack Systems, Inc.) -- C:\Program Files (x86)\BlueStacks\HD-Frontend.exe
PRC - [2012/12/05 16:39:08 | 000,393,080 | ---- | M] (BlueStack Systems, Inc.) -- C:\Program Files (x86)\BlueStacks\HD-Service.exe
PRC - [2012/12/05 16:39:04 | 000,366,456 | ---- | M] (BlueStack Systems) -- C:\Program Files (x86)\BlueStacks\HD-SharedFolder.exe
PRC - [2012/12/05 16:38:56 | 000,260,472 | ---- | M] (BlueStack Systems) -- C:\Program Files (x86)\BlueStacks\HD-BlockDevice.exe
PRC - [2012/12/05 16:38:54 | 000,375,672 | ---- | M] (BlueStack Systems) -- C:\Program Files (x86)\BlueStacks\HD-Network.exe
PRC - [2011/09/02 20:08:34 | 000,410,911 | ---- | M] () -- C:\Program Files (x86)\BlueStacks\HD-Adb.exe
PRC - [2007/09/02 14:58:52 | 000,495,616 | ---- | M] () -- C:\Program Files (x86)\RocketDock\RocketDock.exe
 
 
========== Modules (No Company Name) ==========
 
MOD - [2014/10/14 21:58:13 | 001,443,328 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\NAudio\9135f51b99401f75b42b5850ebe85393\NAudio.ni.dll
MOD - [2014/10/14 21:58:12 | 000,814,080 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\HD-Frontend\03fe6a5794936ee0cad471ab7dde5f01\HD-Frontend.ni.exe
MOD - [2014/10/14 21:58:06 | 000,155,136 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\JSON\8577fb8117ee0f360b8745c1a7ad55fb\JSON.ni.dll
MOD - [2014/10/14 21:57:56 | 000,643,072 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\HD-Agent\0d48018172c6fd456907ec7f1c986564\HD-Agent.ni.exe
MOD - [2014/10/14 21:49:47 | 000,212,992 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.ServiceProce#\a229c5bed4a12b5db6ca55d223ada6df\System.ServiceProcess.ni.dll
MOD - [2014/10/14 21:49:35 | 011,922,944 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Web\b4001d722e320fa42cd87b04b5249b2d\System.Web.ni.dll
MOD - [2014/10/14 21:48:54 | 012,435,968 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\1453d9e9a4989833ef3db4b22549ba1a\System.Windows.Forms.ni.dll
MOD - [2014/10/14 21:48:46 | 001,593,344 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Drawing\836e10dfd0811b303553216f5cb092ef\System.Drawing.ni.dll
MOD - [2014/10/14 21:48:41 | 005,467,648 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Xml\d49908aa93a23c84847b1f8b1b667860\System.Xml.ni.dll
MOD - [2014/10/14 21:48:37 | 000,978,432 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Configuration\237d509a79aeef6e4635b09450d98f2a\System.Configuration.ni.dll
MOD - [2014/10/14 21:48:20 | 007,991,808 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System\908ba9e296e92b4e14bdc2437edac603\System.ni.dll
MOD - [2014/09/11 04:44:25 | 011,497,984 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\mscorlib\38bf604432e1a30c954b2ee40d6a2d1c\mscorlib.ni.dll
MOD - [2014/08/29 22:49:41 | 000,331,592 | ---- | M] () -- C:\Program Files (x86)\Google\Chrome\Application\37.0.2062.103\ppgooglenaclpluginchrome.dll
MOD - [2014/08/29 22:49:40 | 014,669,128 | ---- | M] () -- C:\Program Files (x86)\Google\Chrome\Application\37.0.2062.103\PepperFlash\pepflashplayer.dll
MOD - [2014/08/29 22:49:38 | 008,577,864 | ---- | M] () -- C:\Program Files (x86)\Google\Chrome\Application\37.0.2062.103\pdf.dll
MOD - [2014/08/29 22:49:33 | 001,098,056 | ---- | M] () -- C:\Program Files (x86)\Google\Chrome\Application\37.0.2062.103\libglesv2.dll
MOD - [2014/08/29 22:49:31 | 000,174,408 | ---- | M] () -- C:\Program Files (x86)\Google\Chrome\Application\37.0.2062.103\libegl.dll
MOD - [2014/08/29 22:49:30 | 001,660,232 | ---- | M] () -- C:\Program Files (x86)\Google\Chrome\Application\37.0.2062.103\ffmpegsumo.dll
MOD - [2014/08/27 20:27:52 | 004,008,040 | ---- | M] () -- C:\Users\Nigel\AppData\Local\Torch\Application\33.0.0.7712\pdf.dll
MOD - [2014/08/27 20:27:52 | 001,915,400 | ---- | M] () -- C:\Users\Nigel\AppData\Local\Torch\Application\33.0.0.7712\ffmpegsumo.dll
MOD - [2014/08/27 20:27:52 | 000,908,808 | ---- | M] () -- C:\Users\Nigel\AppData\Local\Torch\Application\33.0.0.7712\libglesv2.dll
MOD - [2014/08/27 20:27:52 | 000,460,808 | ---- | M] () -- C:\Users\Nigel\AppData\Local\Torch\Application\33.0.0.7712\ppgooglenaclpluginchrome.dll
MOD - [2014/08/27 20:27:52 | 000,108,552 | ---- | M] () -- C:\Users\Nigel\AppData\Local\Torch\Application\33.0.0.7712\libegl.dll
MOD - [2014/08/27 20:27:52 | 000,051,720 | ---- | M] () -- C:\Users\Nigel\AppData\Local\Torch\Application\33.0.0.7712\chrome_elf.dll
MOD - [2014/08/11 08:24:22 | 000,645,592 | ---- | M] () -- C:\Users\Nigel\AppData\Local\Torch\User Data\Default\Extensions\dipchieogpecpggdacaaffcjemkggfbi\1.0.0.7593_0\plugin\sqlite3.dll
MOD - [2013/09/05 01:14:10 | 004,300,456 | ---- | M] () -- C:\Program Files (x86)\Common Files\microsoft shared\OFFICE14\Cultures\OFFICE.ODF
MOD - [2011/09/02 20:08:34 | 000,410,911 | ---- | M] () -- C:\Program Files (x86)\BlueStacks\HD-Adb.exe
MOD - [2010/10/20 15:45:26 | 008,801,120 | ---- | M] () -- C:\Program Files (x86)\Microsoft Office\Office14\1033\GrooveIntlResource.dll
MOD - [2007/09/02 14:58:52 | 000,495,616 | ---- | M] () -- C:\Program Files (x86)\RocketDock\RocketDock.exe
MOD - [2007/09/02 14:57:36 | 000,069,632 | ---- | M] () -- C:\Program Files (x86)\RocketDock\RocketDock.dll
 
 
========== Services (SafeList) ==========
 
SRV:64bit: - [2014/09/18 21:25:49 | 000,111,616 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\IEEtwCollector.exe -- (IEEtwCollectorService)
SRV:64bit: - [2014/09/16 22:14:56 | 001,148,744 | ---- | M] (NVIDIA Corporation) [Auto | Running] -- C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe -- (GfExperienceService)
SRV:64bit: - [2014/09/16 22:14:52 | 019,439,944 | ---- | M] (NVIDIA Corporation) [Auto | Running] -- C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe -- (NvStreamSvc)
SRV:64bit: - [2014/08/22 15:14:34 | 000,368,624 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Program Files\Microsoft Security Client\NisSrv.exe -- (NisSrv)
SRV:64bit: - [2014/08/22 15:14:34 | 000,023,784 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Microsoft Security Client\MsMpEng.exe -- (MsMpSvc)
SRV:64bit: - [2013/05/27 01:50:47 | 001,011,712 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV:64bit: - [2012/11/16 16:44:58 | 000,238,080 | ---- | M] (AMD) [Auto | Running] -- C:\Windows\SysNative\atiesrxx.exe -- (AMD External Events Utility)
SRV:64bit: - [2012/06/01 01:36:12 | 000,350,720 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\inetsrv\ftpsvc.dll -- (ftpsvc)
SRV:64bit: - [2010/11/20 23:24:51 | 000,049,664 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\snmp.exe -- (SNMP)
SRV:64bit: - [2010/11/20 23:24:39 | 000,065,536 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\nfsclnt.exe -- (NfsClnt)
SRV:64bit: - [2010/11/20 23:24:38 | 000,189,440 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\mqtgsvc.exe -- (MSMQTriggers)
SRV:64bit: - [2010/11/20 23:24:38 | 000,015,872 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\inetsrv\inetinfo.exe -- (IISADMIN)
SRV:64bit: - [2009/07/13 21:41:19 | 000,045,568 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\lpdsvc.dll -- (LPDSVC)
SRV:64bit: - [2009/07/13 21:41:10 | 000,035,328 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\iprip.dll -- (iprip)
SRV:64bit: - [2009/07/13 21:40:01 | 000,193,536 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\appmgmts.dll -- (AppMgmt)
SRV:64bit: - [2009/07/13 21:39:56 | 000,010,752 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\inetsrv\WMSvc.exe -- (WMSVC)
SRV:64bit: - [2009/07/13 21:39:47 | 000,081,920 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\SysNative\tlntsvr.exe -- (TlntSvr)
SRV:64bit: - [2009/07/13 21:39:47 | 000,010,240 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\TCPSVCS.EXE -- (simptcp)
SRV:64bit: - [2009/07/13 21:39:20 | 000,009,216 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\mqsvc.exe -- (MSMQ)
SRV:64bit: - [2009/07/13 21:38:59 | 000,019,456 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\SysNative\CISVC.EXE -- (CISVC)
SRV - [2014/10/01 11:09:30 | 000,968,504 | ---- | M] (Malwarebytes Corporation) [Auto | Running] -- C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe -- (MBAMService)
SRV - [2014/10/01 11:09:28 | 001,871,160 | ---- | M] (Malwarebytes Corporation) [Auto | Running] -- C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe -- (MBAMScheduler)
SRV - [2014/09/24 04:33:30 | 000,267,440 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)
SRV - [2014/09/16 22:14:57 | 001,795,912 | ---- | M] (NVIDIA Corporation) [Auto | Running] -- C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe -- (NvNetworkService)
SRV - [2014/09/12 05:43:14 | 000,064,704 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe -- (AdobeARMservice)
SRV - [2014/08/27 20:29:36 | 001,217,032 | ---- | M] (TorchMedia Inc.) [Auto | Running] -- C:\Users\Nigel\AppData\Local\Torch\Update\TorchCrashHandler.exe -- (TorchCrashHandler)
SRV - [2014/08/20 04:21:40 | 000,042,680 | ---- | M] (Anvisoft) [Auto | Running] -- C:\Program Files (x86)\Anvisoft\Cloud System Booster\CSBSvc.exe -- (AnviCsbSvc)
SRV - [2014/07/02 13:44:41 | 000,411,936 | ---- | M] (NVIDIA Corporation) [Auto | Running] -- C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe -- (Stereo Service)
SRV - [2014/05/15 13:29:06 | 000,342,336 | ---- | M] (IObit) [Disabled | Stopped] -- C:\Program Files (x86)\IObit\IObit Malware Fighter\IMFsrv.exe -- (IMFservice)
SRV - [2014/03/20 18:49:18 | 000,067,224 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32)
SRV - [2013/12/10 16:27:02 | 001,418,336 | ---- | M] (RealNetworks, Inc.) [Disabled | Stopped] -- c:\Program Files (x86)\Real\RealPlayer\RPDS\Bin\rpdsvc.exe -- (RealPlayer Desktop Service)
SRV - [2013/12/02 11:58:48 | 002,151,232 | ---- | M] (IObit) [Auto | Stopped] -- C:\Program Files (x86)\IObit\LiveUpdate\LiveUpdate.exe -- (LiveUpdateSvc)
SRV - [2013/10/25 15:39:32 | 000,029,320 | ---- | M] () [Disabled | Stopped] -- C:\Program Files (x86)\Real\UpdateService\RealPlayerUpdateSvc.exe -- (RealPlayerUpdateSvc)
SRV - [2013/09/11 22:21:54 | 000,105,144 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32)
SRV - [2013/07/23 02:46:22 | 000,240,288 | ---- | M] (Microsoft Corporation.) [On_Demand | Stopped] -- C:\Program Files (x86)\Microsoft\BingBar\7.2.241.0\SeaPort.EXE -- (BBUpdate)
SRV - [2013/07/23 02:46:22 | 000,193,696 | ---- | M] (Microsoft Corporation.) [Disabled | Stopped] -- C:\Program Files (x86)\Microsoft\BingBar\7.2.241.0\BBSvc.EXE -- (BBSvc)
SRV - [2013/05/07 14:34:36 | 000,193,256 | ---- | M] (Anvisoft) [Auto | Running] -- C:\Program Files (x86)\Anvisoft\Cloud System Booster\extentions\Toolbox\Startup Booster\StartupTimeSrv.exe -- ( AnviStartupTime)
SRV - [2013/04/16 16:03:25 | 000,115,608 | ---- | M] (Mozilla Foundation) [On_Demand | Stopped] -- C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance)
SRV - [2013/01/25 11:34:04 | 000,166,408 | ---- | M] (Microsoft Corp.) [Disabled | Stopped] -- C:\Program Files (x86)\Microsoft\BingDesktop\BingDesktopUpdater.exe -- (BingDesktopUpdate)
SRV - [2012/12/05 16:39:26 | 000,384,888 | ---- | M] (BlueStack Systems, Inc.) [On_Demand | Stopped] -- C:\Program Files (x86)\BlueStacks\HD-LogRotatorService.exe -- (BstHdLogRotatorSvc)
SRV - [2012/12/05 16:39:08 | 000,393,080 | ---- | M] (BlueStack Systems, Inc.) [Auto | Running] -- C:\Program Files (x86)\BlueStacks\HD-Service.exe -- (BstHdAndroidSvc)
SRV - [2012/11/29 21:31:04 | 000,038,608 | ---- | M] () [Disabled | Stopped] -- C:\Program Files (x86)\RealNetworks\RealDownloader\rndlresolversvc.exe -- (RealNetworks Downloader Resolver Service)
SRV - [2010/11/20 23:25:10 | 000,047,616 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysWOW64\snmp.exe -- (SNMP)
SRV - [2010/11/20 23:24:51 | 000,397,824 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysWOW64\inetsrv\iisw3adm.dll -- (WAS)
SRV - [2010/11/20 23:24:51 | 000,397,824 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysWOW64\inetsrv\iisw3adm.dll -- (W3SVC)
SRV - [2010/11/20 23:24:51 | 000,061,440 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysWOW64\inetsrv\apphostsvc.dll -- (AppHostSvc)
SRV - [2010/02/19 14:37:14 | 000,517,096 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe -- (SwitchBoard)
SRV - [2009/07/13 21:14:42 | 000,009,216 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysWOW64\TCPSVCS.EXE -- (simptcp)
 
 
========== Driver Services (SafeList) ==========
 
DRV:64bit: - [2014/10/18 18:52:29 | 000,129,752 | ---- | M] (Malwarebytes Corporation) [File_System | On_Demand | Running] -- C:\Windows\SysNative\drivers\MBAMSwissArmy.sys -- (MBAMSwissArmy)
DRV:64bit: - [2014/10/18 03:33:36 | 000,079,064 | ---- | M] (Malwarebytes Corporation) [Kernel | Boot | Unknown] -- C:\Windows\SysNative\drivers\lvfamxfn.sys -- (vqmwpufq)
DRV:64bit: - [2014/10/01 11:11:26 | 000,063,704 | ---- | M] (Malwarebytes Corporation) [File_System | On_Demand | Running] -- C:\Windows\SysNative\drivers\mwac.sys -- (MBAMWebAccessControl)
DRV:64bit: - [2014/10/01 11:11:16 | 000,093,400 | ---- | M] (Malwarebytes Corporation) [File_System | System | Running] -- C:\Windows\SysNative\drivers\mbamchameleon.sys -- (mbamchameleon)
DRV:64bit: - [2014/10/01 11:11:12 | 000,025,816 | ---- | M] (Malwarebytes Corporation) [File_System | On_Demand | Running] -- C:\Windows\SysNative\drivers\mbam.sys -- (MBAMProtector)
DRV:64bit: - [2014/09/16 22:14:52 | 000,019,272 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys -- (NvStreamKms)
DRV:64bit: - [2014/09/04 15:14:38 | 000,038,048 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\nvvad64v.sys -- (nvvad_WaveExtensible)
DRV:64bit: - [2014/07/28 14:52:00 | 000,054,784 | ---- | M] (Apple, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\usbaapl64.sys -- (USBAAPL64)
DRV:64bit: - [2014/07/17 18:05:06 | 000,125,584 | ---- | M] (Microsoft Corporation) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\NisDrvWFP.sys -- (NisDrv)
DRV:64bit: - [2014/01/22 01:41:37 | 000,197,408 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\nvhda64v.sys -- (NVHDA)
DRV:64bit: - [2014/01/07 09:02:06 | 000,029,904 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\nuidfltr.sys -- (NuidFltr)
DRV:64bit: - [2014/01/07 08:42:08 | 000,076,496 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\dc3d.sys -- (dc3d)
DRV:64bit: - [2013/12/11 15:32:24 | 000,036,608 | ---- | M] (Advanced Micro Devices, Inc.) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdkmpfd.sys -- (amdkmpfd)
DRV:64bit: - [2013/10/28 19:02:16 | 000,170,712 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\bcbtums.sys -- (bcbtums)
DRV:64bit: - [2013/10/01 22:22:20 | 000,056,832 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbFlt.sys -- (TsUsbFlt)
DRV:64bit: - [2013/07/25 17:53:46 | 000,023,040 | ---- | M] (Apple Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\netaapl64.sys -- (Netaapl)
DRV:64bit: - [2013/06/06 01:17:46 | 000,021,160 | ---- | M] (Advanced Micro Devices, Inc.) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\amdkmafd.sys -- (amdkmafd)
DRV:64bit: - [2013/06/01 20:38:25 | 000,009,216 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\gmPS2up.sys -- (gmPS2up)
DRV:64bit: - [2013/05/31 00:27:22 | 000,136,784 | ---- | M] (Qualcomm Atheros) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\btath_rcp.sys -- (BTATH_RCP)
DRV:64bit: - [2013/05/31 00:27:20 | 000,347,336 | ---- | M] (Qualcomm Atheros) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\btath_a2dp.sys -- (BTATH_A2DP)
DRV:64bit: - [2013/05/31 00:27:20 | 000,179,432 | ---- | M] (Qualcomm Atheros) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\btath_hcrp.sys -- (BTATH_HCRP)
DRV:64bit: - [2013/05/31 00:27:20 | 000,115,912 | ---- | M] (Qualcomm Atheros) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\btath_avdt.sys -- (btath_avdt)
DRV:64bit: - [2013/05/31 00:27:20 | 000,089,800 | ---- | M] (Qualcomm Atheros) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\btath_flt.sys -- (AthBTPort)
DRV:64bit: - [2013/05/31 00:27:20 | 000,077,464 | ---- | M] (Qualcomm Atheros) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\btath_lwflt.sys -- (BTATH_LWFLT)
DRV:64bit: - [2013/05/31 00:27:20 | 000,034,384 | ---- | M] (Qualcomm Atheros) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\btath_bus.sys -- (BTATH_BUS)
DRV:64bit: - [2013/05/25 01:10:44 | 000,096,768 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\AtihdW76.sys -- (AtiHDAudioService)
DRV:64bit: - [2013/04/23 15:50:24 | 000,132,920 | ---- | M] (Motorola Solutions, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\btmaux.sys -- (btmaux)
DRV:64bit: - [2013/03/18 15:25:48 | 000,088,376 | ---- | M] (Motorola Solutions, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\btmaud.sys -- (btmaudio)
DRV:64bit: - [2013/01/29 19:15:04 | 000,050,800 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\point64.sys -- (Point64)
DRV:64bit: - [2013/01/21 08:53:42 | 000,398,816 | ---- | M] (Marvell) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\yk62x64.sys -- (yukonw7)
DRV:64bit: - [2012/12/03 14:49:38 | 000,011,944 | ---- | M] (Advanced Micro Devices Inc.) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdide64.sys -- (amdide64)
DRV:64bit: - [2012/11/16 17:08:32 | 011,922,944 | ---- | M] (Advanced Micro Devices, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\atikmdag.sys -- (atikmdag)
DRV:64bit: - [2012/11/16 17:08:32 | 011,922,944 | ---- | M] (Advanced Micro Devices, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\atikmdag.sys -- (amdkmdag)
DRV:64bit: - [2012/11/16 15:39:12 | 000,359,936 | ---- | M] (Advanced Micro Devices, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\atikmpag.sys -- (amdkmdap)
DRV:64bit: - [2012/11/01 14:31:08 | 000,040,712 | ---- | M] (Anchorfree Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\taphss6.sys -- (taphss6)
DRV:64bit: - [2012/08/28 07:27:24 | 000,058,536 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\usbfilter.sys -- (usbfilter)
DRV:64bit: - [2012/08/23 10:12:16 | 000,029,696 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\terminpt.sys -- (terminpt)
DRV:64bit: - [2012/08/23 10:10:20 | 000,019,456 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\rdpvideominiport.sys -- (RdpVideoMiniport)
DRV:64bit: - [2012/08/23 10:08:26 | 000,030,208 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbGD.sys -- (TsUsbGD)
DRV:64bit: - [2012/07/16 15:38:24 | 000,026,208 | ---- | M] (JMicron Technology Corp.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\johci.sys -- (johci)
DRV:64bit: - [2012/03/01 02:46:16 | 000,023,408 | ---- | M] (Microsoft Corporation) [Recognizer | Boot | Unknown] -- C:\Windows\SysNative\drivers\fs_rec.sys -- (Fs_Rec)
DRV:64bit: - [2012/01/10 06:00:20 | 000,018,456 | ---- | M] (HandSet Incorporated) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\massfilter_hs.sys -- (massfilter_hs)
DRV:64bit: - [2011/03/11 02:41:12 | 000,107,904 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata)
DRV:64bit: - [2011/03/11 02:41:12 | 000,027,008 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata)
DRV:64bit: - [2010/11/20 23:24:41 | 000,104,960 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\rpcxdr.sys -- (RpcXdr)
DRV:64bit: - [2010/11/20 23:24:39 | 000,246,272 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Running] -- C:\Windows\SysNative\drivers\nfsrdr.sys -- (NfsRdr)
DRV:64bit: - [2010/11/20 23:24:15 | 000,146,432 | ---- | M] (Microsoft Corporation) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\rmcast.sys -- (RMCAST)
DRV:64bit: - [2010/11/20 23:23:48 | 000,117,248 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\tsusbhub.sys -- (tsusbhub)
DRV:64bit: - [2010/11/20 23:23:48 | 000,088,960 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\Synth3dVsc.sys -- (Synth3dVsc)
DRV:64bit: - [2010/11/20 23:23:48 | 000,071,168 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\dmvsc.sys -- (dmvsc)
DRV:64bit: - [2010/11/20 23:23:47 | 000,078,720 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD)
DRV:64bit: - [2010/11/15 15:08:34 | 000,084,008 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\btwdpan.sys -- (BTWDPAN)
DRV:64bit: - [2010/02/18 10:18:24 | 000,046,136 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdiox64.sys -- (amdiox64)
DRV:64bit: - [2009/12/30 11:21:26 | 000,031,800 | ---- | M] (VS Revo Group) [File_System | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\revoflt.sys -- (Revoflt)
DRV:64bit: - [2009/10/19 10:37:50 | 000,250,928 | ---- | M] (Alps Electric Co., Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\Apfiltr.sys -- (ApfiltrService)
DRV:64bit: - [2009/07/28 21:26:48 | 000,017,136 | ---- | M] (JMicron Technology Corp.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\jmccgp.sys -- (JmUsbCcgp)
DRV:64bit: - [2009/07/13 21:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs)
DRV:64bit: - [2009/07/13 21:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2)
DRV:64bit: - [2009/07/13 21:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor)
DRV:64bit: - [2009/07/13 20:26:13 | 000,189,440 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\mqac.sys -- (MQAC)
DRV:64bit: - [2009/07/13 19:35:55 | 000,010,240 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\psxdrv.sys -- (PsxDrv)
DRV:64bit: - [2009/06/22 15:08:30 | 000,714,752 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\y_cx88x.sys -- (cxpl_mhd)
DRV:64bit: - [2009/06/10 16:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv)
DRV:64bit: - [2009/06/10 16:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv)
DRV:64bit: - [2009/06/10 16:34:23 | 000,270,848 |%2

  • 0

#5
nfmaharaj

nfmaharaj

    Member

  • Topic Starter
  • Member
  • PipPip
  • 44 posts

Below is the results from the scan...... 

OTL logfile created on: 10/18/2014 8:50:03 PM - Run 1
OTL by OldTimer - Version 3.2.69.0     Folder = C:\Users\Nigel\Downloads
64bit- Ultimate Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.11.9600.17358)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy
 
8.00 Gb Total Physical Memory | 4.35 Gb Available Physical Memory | 54.43% Memory free
19.99 Gb Paging File | 13.86 Gb Available in Paging File | 69.31% Paging File free
Paging file location(s): C:\pagefile.sys 6142 6142K:\pagef [Binary data over 200 bytes]
 
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 298.09 Gb Total Space | 136.40 Gb Free Space | 45.76% Space Free | Partition Type: NTFS
Drive F: | 6.67 Mb Total Space | 0.00 Mb Free Space | 0.00% Space Free | Partition Type: CDFS
Drive G: | 3.73 Gb Total Space | 2.43 Gb Free Space | 65.18% Space Free | Partition Type: FAT32
Drive H: | 7.47 Gb Total Space | 0.49 Gb Free Space | 6.50% Space Free | Partition Type: FAT32
Drive K: | 465.76 Gb Total Space | 205.98 Gb Free Space | 44.22% Space Free | Partition Type: NTFS
 
Computer Name: NIGEL-PC | User Name: Nigel | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Quick Scan | Include 64bit Scans
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days
 
========== Processes (SafeList) ==========
 
PRC - [2014/10/18 20:49:37 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Nigel\Downloads\OTL.exe
PRC - [2014/10/01 11:09:30 | 000,968,504 | ---- | M] (Malwarebytes Corporation) -- C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe
PRC - [2014/10/01 11:09:28 | 001,871,160 | ---- | M] (Malwarebytes Corporation) -- C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe
PRC - [2014/10/01 11:09:20 | 007,229,752 | ---- | M] (Malwarebytes Corporation) -- C:\Program Files (x86)\Malwarebytes Anti-Malware\mbam.exe
PRC - [2014/09/16 22:15:08 | 002,460,488 | ---- | M] (NVIDIA Corporation) -- C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
PRC - [2014/09/16 22:14:57 | 001,795,912 | ---- | M] (NVIDIA Corporation) -- C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
PRC - [2014/08/29 22:49:43 | 000,852,808 | ---- | M] (Google Inc.) -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
PRC - [2014/08/27 20:29:36 | 001,217,032 | ---- | M] (TorchMedia Inc.) -- C:\Users\Nigel\AppData\Local\Torch\Update\TorchCrashHandler.exe
PRC - [2014/08/27 20:27:52 | 000,857,096 | ---- | M] (Torch Media Inc.) -- C:\Users\Nigel\AppData\Local\Torch\Application\torch.exe
PRC - [2014/08/27 20:27:50 | 001,127,432 | ---- | M] (Torch Media Inc.) -- C:\Users\Nigel\AppData\Local\Torch\Update\33.0.0.7723\TorchUpdate.exe
PRC - [2014/08/20 04:21:40 | 000,042,680 | ---- | M] (Anvisoft) -- C:\Program Files (x86)\Anvisoft\Cloud System Booster\CSBSvc.exe
PRC - [2014/07/02 13:44:41 | 000,411,936 | ---- | M] (NVIDIA Corporation) -- C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
PRC - [2014/02/27 22:12:22 | 000,893,312 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\AAM Updates Notifier.exe
PRC - [2013/05/07 14:34:36 | 000,193,256 | ---- | M] (Anvisoft) -- C:\Program Files (x86)\Anvisoft\Cloud System Booster\extentions\Toolbox\Startup Booster\StartupTimeSrv.exe
PRC - [2012/12/05 16:40:02 | 000,597,880 | ---- | M] (BlueStack Systems, Inc.) -- C:\Program Files (x86)\BlueStacks\HD-Agent.exe
PRC - [2012/12/05 16:39:48 | 000,638,840 | ---- | M] (BlueStack Systems, Inc.) -- C:\Program Files (x86)\BlueStacks\HD-Frontend.exe
PRC - [2012/12/05 16:39:08 | 000,393,080 | ---- | M] (BlueStack Systems, Inc.) -- C:\Program Files (x86)\BlueStacks\HD-Service.exe
PRC - [2012/12/05 16:39:04 | 000,366,456 | ---- | M] (BlueStack Systems) -- C:\Program Files (x86)\BlueStacks\HD-SharedFolder.exe
PRC - [2012/12/05 16:38:56 | 000,260,472 | ---- | M] (BlueStack Systems) -- C:\Program Files (x86)\BlueStacks\HD-BlockDevice.exe
PRC - [2012/12/05 16:38:54 | 000,375,672 | ---- | M] (BlueStack Systems) -- C:\Program Files (x86)\BlueStacks\HD-Network.exe
PRC - [2011/09/02 20:08:34 | 000,410,911 | ---- | M] () -- C:\Program Files (x86)\BlueStacks\HD-Adb.exe
PRC - [2007/09/02 14:58:52 | 000,495,616 | ---- | M] () -- C:\Program Files (x86)\RocketDock\RocketDock.exe
 
 
========== Modules (No Company Name) ==========
 
MOD - [2014/10/14 21:58:13 | 001,443,328 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\NAudio\9135f51b99401f75b42b5850ebe85393\NAudio.ni.dll
MOD - [2014/10/14 21:58:12 | 000,814,080 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\HD-Frontend\03fe6a5794936ee0cad471ab7dde5f01\HD-Frontend.ni.exe
MOD - [2014/10/14 21:58:06 | 000,155,136 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\JSON\8577fb8117ee0f360b8745c1a7ad55fb\JSON.ni.dll
MOD - [2014/10/14 21:57:56 | 000,643,072 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\HD-Agent\0d48018172c6fd456907ec7f1c986564\HD-Agent.ni.exe
MOD - [2014/10/14 21:49:47 | 000,212,992 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.ServiceProce#\a229c5bed4a12b5db6ca55d223ada6df\System.ServiceProcess.ni.dll
MOD - [2014/10/14 21:49:35 | 011,922,944 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Web\b4001d722e320fa42cd87b04b5249b2d\System.Web.ni.dll
MOD - [2014/10/14 21:48:54 | 012,435,968 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\1453d9e9a4989833ef3db4b22549ba1a\System.Windows.Forms.ni.dll
MOD - [2014/10/14 21:48:46 | 001,593,344 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Drawing\836e10dfd0811b303553216f5cb092ef\System.Drawing.ni.dll
MOD - [2014/10/14 21:48:41 | 005,467,648 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Xml\d49908aa93a23c84847b1f8b1b667860\System.Xml.ni.dll
MOD - [2014/10/14 21:48:37 | 000,978,432 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Configuration\237d509a79aeef6e4635b09450d98f2a\System.Configuration.ni.dll
MOD - [2014/10/14 21:48:20 | 007,991,808 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System\908ba9e296e92b4e14bdc2437edac603\System.ni.dll
MOD - [2014/09/11 04:44:25 | 011,497,984 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\mscorlib\38bf604432e1a30c954b2ee40d6a2d1c\mscorlib.ni.dll
MOD - [2014/08/29 22:49:41 | 000,331,592 | ---- | M] () -- C:\Program Files (x86)\Google\Chrome\Application\37.0.2062.103\ppgooglenaclpluginchrome.dll
MOD - [2014/08/29 22:49:40 | 014,669,128 | ---- | M] () -- C:\Program Files (x86)\Google\Chrome\Application\37.0.2062.103\PepperFlash\pepflashplayer.dll
MOD - [2014/08/29 22:49:38 | 008,577,864 | ---- | M] () -- C:\Program Files (x86)\Google\Chrome\Application\37.0.2062.103\pdf.dll
MOD - [2014/08/29 22:49:33 | 001,098,056 | ---- | M] () -- C:\Program Files (x86)\Google\Chrome\Application\37.0.2062.103\libglesv2.dll
MOD - [2014/08/29 22:49:31 | 000,174,408 | ---- | M] () -- C:\Program Files (x86)\Google\Chrome\Application\37.0.2062.103\libegl.dll
MOD - [2014/08/29 22:49:30 | 001,660,232 | ---- | M] () -- C:\Program Files (x86)\Google\Chrome\Application\37.0.2062.103\ffmpegsumo.dll
MOD - [2014/08/27 20:27:52 | 004,008,040 | ---- | M] () -- C:\Users\Nigel\AppData\Local\Torch\Application\33.0.0.7712\pdf.dll
MOD - [2014/08/27 20:27:52 | 001,915,400 | ---- | M] () -- C:\Users\Nigel\AppData\Local\Torch\Application\33.0.0.7712\ffmpegsumo.dll
MOD - [2014/08/27 20:27:52 | 000,908,808 | ---- | M] () -- C:\Users\Nigel\AppData\Local\Torch\Application\33.0.0.7712\libglesv2.dll
MOD - [2014/08/27 20:27:52 | 000,460,808 | ---- | M] () -- C:\Users\Nigel\AppData\Local\Torch\Application\33.0.0.7712\ppgooglenaclpluginchrome.dll
MOD - [2014/08/27 20:27:52 | 000,108,552 | ---- | M] () -- C:\Users\Nigel\AppData\Local\Torch\Application\33.0.0.7712\libegl.dll
MOD - [2014/08/27 20:27:52 | 000,051,720 | ---- | M] () -- C:\Users\Nigel\AppData\Local\Torch\Application\33.0.0.7712\chrome_elf.dll
MOD - [2014/08/11 08:24:22 | 000,645,592 | ---- | M] () -- C:\Users\Nigel\AppData\Local\Torch\User Data\Default\Extensions\dipchieogpecpggdacaaffcjemkggfbi\1.0.0.7593_0\plugin\sqlite3.dll
MOD - [2013/09/05 01:14:10 | 004,300,456 | ---- | M] () -- C:\Program Files (x86)\Common Files\microsoft shared\OFFICE14\Cultures\OFFICE.ODF
MOD - [2011/09/02 20:08:34 | 000,410,911 | ---- | M] () -- C:\Program Files (x86)\BlueStacks\HD-Adb.exe
MOD - [2010/10/20 15:45:26 | 008,801,120 | ---- | M] () -- C:\Program Files (x86)\Microsoft Office\Office14\1033\GrooveIntlResource.dll
MOD - [2007/09/02 14:58:52 | 000,495,616 | ---- | M] () -- C:\Program Files (x86)\RocketDock\RocketDock.exe
MOD - [2007/09/02 14:57:36 | 000,069,632 | ---- | M] () -- C:\Program Files (x86)\RocketDock\RocketDock.dll
 
 
========== Services (SafeList) ==========
 
SRV:64bit: - [2014/09/18 21:25:49 | 000,111,616 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\IEEtwCollector.exe -- (IEEtwCollectorService)
SRV:64bit: - [2014/09/16 22:14:56 | 001,148,744 | ---- | M] (NVIDIA Corporation) [Auto | Running] -- C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe -- (GfExperienceService)
SRV:64bit: - [2014/09/16 22:14:52 | 019,439,944 | ---- | M] (NVIDIA Corporation) [Auto | Running] -- C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe -- (NvStreamSvc)
SRV:64bit: - [2014/08/22 15:14:34 | 000,368,624 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Program Files\Microsoft Security Client\NisSrv.exe -- (NisSrv)
SRV:64bit: - [2014/08/22 15:14:34 | 000,023,784 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Microsoft Security Client\MsMpEng.exe -- (MsMpSvc)
SRV:64bit: - [2013/05/27 01:50:47 | 001,011,712 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV:64bit: - [2012/11/16 16:44:58 | 000,238,080 | ---- | M] (AMD) [Auto | Running] -- C:\Windows\SysNative\atiesrxx.exe -- (AMD External Events Utility)
SRV:64bit: - [2012/06/01 01:36:12 | 000,350,720 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\inetsrv\ftpsvc.dll -- (ftpsvc)
SRV:64bit: - [2010/11/20 23:24:51 | 000,049,664 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\snmp.exe -- (SNMP)
SRV:64bit: - [2010/11/20 23:24:39 | 000,065,536 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\nfsclnt.exe -- (NfsClnt)
SRV:64bit: - [2010/11/20 23:24:38 | 000,189,440 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\mqtgsvc.exe -- (MSMQTriggers)
SRV:64bit: - [2010/11/20 23:24:38 | 000,015,872 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\inetsrv\inetinfo.exe -- (IISADMIN)
SRV:64bit: - [2009/07/13 21:41:19 | 000,045,568 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\lpdsvc.dll -- (LPDSVC)
SRV:64bit: - [2009/07/13 21:41:10 | 000,035,328 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\iprip.dll -- (iprip)
SRV:64bit: - [2009/07/13 21:40:01 | 000,193,536 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\appmgmts.dll -- (AppMgmt)
SRV:64bit: - [2009/07/13 21:39:56 | 000,010,752 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\inetsrv\WMSvc.exe -- (WMSVC)
SRV:64bit: - [2009/07/13 21:39:47 | 000,081,920 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\SysNative\tlntsvr.exe -- (TlntSvr)
SRV:64bit: - [2009/07/13 21:39:47 | 000,010,240 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\TCPSVCS.EXE -- (simptcp)
SRV:64bit: - [2009/07/13 21:39:20 | 000,009,216 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\mqsvc.exe -- (MSMQ)
SRV:64bit: - [2009/07/13 21:38:59 | 000,019,456 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\SysNative\CISVC.EXE -- (CISVC)
SRV - [2014/10/01 11:09:30 | 000,968,504 | ---- | M] (Malwarebytes Corporation) [Auto | Running] -- C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe -- (MBAMService)
SRV - [2014/10/01 11:09:28 | 001,871,160 | ---- | M] (Malwarebytes Corporation) [Auto | Running] -- C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe -- (MBAMScheduler)
SRV - [2014/09/24 04:33:30 | 000,267,440 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)
SRV - [2014/09/16 22:14:57 | 001,795,912 | ---- | M] (NVIDIA Corporation) [Auto | Running] -- C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe -- (NvNetworkService)
SRV - [2014/09/12 05:43:14 | 000,064,704 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe -- (AdobeARMservice)
SRV - [2014/08/27 20:29:36 | 001,217,032 | ---- | M] (TorchMedia Inc.) [Auto | Running] -- C:\Users\Nigel\AppData\Local\Torch\Update\TorchCrashHandler.exe -- (TorchCrashHandler)
SRV - [2014/08/20 04:21:40 | 000,042,680 | ---- | M] (Anvisoft) [Auto | Running] -- C:\Program Files (x86)\Anvisoft\Cloud System Booster\CSBSvc.exe -- (AnviCsbSvc)
SRV - [2014/07/02 13:44:41 | 000,411,936 | ---- | M] (NVIDIA Corporation) [Auto | Running] -- C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe -- (Stereo Service)
SRV - [2014/05/15 13:29:06 | 000,342,336 | ---- | M] (IObit) [Disabled | Stopped] -- C:\Program Files (x86)\IObit\IObit Malware Fighter\IMFsrv.exe -- (IMFservice)
SRV - [2014/03/20 18:49:18 | 000,067,224 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32)
SRV - [2013/12/10 16:27:02 | 001,418,336 | ---- | M] (RealNetworks, Inc.) [Disabled | Stopped] -- c:\Program Files (x86)\Real\RealPlayer\RPDS\Bin\rpdsvc.exe -- (RealPlayer Desktop Service)
SRV - [2013/12/02 11:58:48 | 002,151,232 | ---- | M] (IObit) [Auto | Stopped] -- C:\Program Files (x86)\IObit\LiveUpdate\LiveUpdate.exe -- (LiveUpdateSvc)
SRV - [2013/10/25 15:39:32 | 000,029,320 | ---- | M] () [Disabled | Stopped] -- C:\Program Files (x86)\Real\UpdateService\RealPlayerUpdateSvc.exe -- (RealPlayerUpdateSvc)
SRV - [2013/09/11 22:21:54 | 000,105,144 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32)
SRV - [2013/07/23 02:46:22 | 000,240,288 | ---- | M] (Microsoft Corporation.) [On_Demand | Stopped] -- C:\Program Files (x86)\Microsoft\BingBar\7.2.241.0\SeaPort.EXE -- (BBUpdate)
SRV - [2013/07/23 02:46:22 | 000,193,696 | ---- | M] (Microsoft Corporation.) [Disabled | Stopped] -- C:\Program Files (x86)\Microsoft\BingBar\7.2.241.0\BBSvc.EXE -- (BBSvc)
SRV - [2013/05/07 14:34:36 | 000,193,256 | ---- | M] (Anvisoft) [Auto | Running] -- C:\Program Files (x86)\Anvisoft\Cloud System Booster\extentions\Toolbox\Startup Booster\StartupTimeSrv.exe -- ( AnviStartupTime)
SRV - [2013/04/16 16:03:25 | 000,115,608 | ---- | M] (Mozilla Foundation) [On_Demand | Stopped] -- C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance)
SRV - [2013/01/25 11:34:04 | 000,166,408 | ---- | M] (Microsoft Corp.) [Disabled | Stopped] -- C:\Program Files (x86)\Microsoft\BingDesktop\BingDesktopUpdater.exe -- (BingDesktopUpdate)
SRV - [2012/12/05 16:39:26 | 000,384,888 | ---- | M] (BlueStack Systems, Inc.) [On_Demand | Stopped] -- C:\Program Files (x86)\BlueStacks\HD-LogRotatorService.exe -- (BstHdLogRotatorSvc)
SRV - [2012/12/05 16:39:08 | 000,393,080 | ---- | M] (BlueStack Systems, Inc.) [Auto | Running] -- C:\Program Files (x86)\BlueStacks\HD-Service.exe -- (BstHdAndroidSvc)
SRV - [2012/11/29 21:31:04 | 000,038,608 | ---- | M] () [Disabled | Stopped] -- C:\Program Files (x86)\RealNetworks\RealDownloader\rndlresolversvc.exe -- (RealNetworks Downloader Resolver Service)
SRV - [2010/11/20 23:25:10 | 000,047,616 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysWOW64\snmp.exe -- (SNMP)
SRV - [2010/11/20 23:24:51 | 000,397,824 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysWOW64\inetsrv\iisw3adm.dll -- (WAS)
SRV - [2010/11/20 23:24:51 | 000,397,824 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysWOW64\inetsrv\iisw3adm.dll -- (W3SVC)
SRV - [2010/11/20 23:24:51 | 000,061,440 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysWOW64\inetsrv\apphostsvc.dll -- (AppHostSvc)
SRV - [2010/02/19 14:37:14 | 000,517,096 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe -- (SwitchBoard)
SRV - [2009/07/13 21:14:42 | 000,009,216 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysWOW64\TCPSVCS.EXE -- (simptcp)
 
 
========== Driver Services (SafeList) ==========
 
DRV:64bit: - [2014/10/18 18:52:29 | 000,129,752 | ---- | M] (Malwarebytes Corporation) [File_System | On_Demand | Running] -- C:\Windows\SysNative\drivers\MBAMSwissArmy.sys -- (MBAMSwissArmy)
DRV:64bit: - [2014/10/18 03:33:36 | 000,079,064 | ---- | M] (Malwarebytes Corporation) [Kernel | Boot | Unknown] -- C:\Windows\SysNative\drivers\lvfamxfn.sys -- (vqmwpufq)
DRV:64bit: - [2014/10/01 11:11:26 | 000,063,704 | ---- | M] (Malwarebytes Corporation) [File_System | On_Demand | Running] -- C:\Windows\SysNative\drivers\mwac.sys -- (MBAMWebAccessControl)
DRV:64bit: - [2014/10/01 11:11:16 | 000,093,400 | ---- | M] (Malwarebytes Corporation) [File_System | System | Running] -- C:\Windows\SysNative\drivers\mbamchameleon.sys -- (mbamchameleon)
DRV:64bit: - [2014/10/01 11:11:12 | 000,025,816 | ---- | M] (Malwarebytes Corporation) [File_System | On_Demand | Running] -- C:\Windows\SysNative\drivers\mbam.sys -- (MBAMProtector)
DRV:64bit: - [2014/09/16 22:14:52 | 000,019,272 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys -- (NvStreamKms)
DRV:64bit: - [2014/09/04 15:14:38 | 000,038,048 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\nvvad64v.sys -- (nvvad_WaveExtensible)
DRV:64bit: - [2014/07/28 14:52:00 | 000,054,784 | ---- | M] (Apple, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\usbaapl64.sys -- (USBAAPL64)
DRV:64bit: - [2014/07/17 18:05:06 | 000,125,584 | ---- | M] (Microsoft Corporation) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\NisDrvWFP.sys -- (NisDrv)
DRV:64bit: - [2014/01/22 01:41:37 | 000,197,408 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\nvhda64v.sys -- (NVHDA)
DRV:64bit: - [2014/01/07 09:02:06 | 000,029,904 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\nuidfltr.sys -- (NuidFltr)
DRV:64bit: - [2014/01/07 08:42:08 | 000,076,496 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\dc3d.sys -- (dc3d)
DRV:64bit: - [2013/12/11 15:32:24 | 000,036,608 | ---- | M] (Advanced Micro Devices, Inc.) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdkmpfd.sys -- (amdkmpfd)
DRV:64bit: - [2013/10/28 19:02:16 | 000,170,712 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\bcbtums.sys -- (bcbtums)
DRV:64bit: - [2013/10/01 22:22:20 | 000,056,832 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbFlt.sys -- (TsUsbFlt)
DRV:64bit: - [2013/07/25 17:53:46 | 000,023,040 | ---- | M] (Apple Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\netaapl64.sys -- (Netaapl)
DRV:64bit: - [2013/06/06 01:17:46 | 000,021,160 | ---- | M] (Advanced Micro Devices, Inc.) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\amdkmafd.sys -- (amdkmafd)
DRV:64bit: - [2013/06/01 20:38:25 | 000,009,216 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\gmPS2up.sys -- (gmPS2up)
DRV:64bit: - [2013/05/31 00:27:22 | 000,136,784 | ---- | M] (Qualcomm Atheros) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\btath_rcp.sys -- (BTATH_RCP)
DRV:64bit: - [2013/05/31 00:27:20 | 000,347,336 | ---- | M] (Qualcomm Atheros) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\btath_a2dp.sys -- (BTATH_A2DP)
DRV:64bit: - [2013/05/31 00:27:20 | 000,179,432 | ---- | M] (Qualcomm Atheros) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\btath_hcrp.sys -- (BTATH_HCRP)
DRV:64bit: - [2013/05/31 00:27:20 | 000,115,912 | ---- | M] (Qualcomm Atheros) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\btath_avdt.sys -- (btath_avdt)
DRV:64bit: - [2013/05/31 00:27:20 | 000,089,800 | ---- | M] (Qualcomm Atheros) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\btath_flt.sys -- (AthBTPort)
DRV:64bit: - [2013/05/31 00:27:20 | 000,077,464 | ---- | M] (Qualcomm Atheros) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\btath_lwflt.sys -- (BTATH_LWFLT)
DRV:64bit: - [2013/05/31 00:27:20 | 000,034,384 | ---- | M] (Qualcomm Atheros) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\btath_bus.sys -- (BTATH_BUS)
DRV:64bit: - [2013/05/25 01:10:44 | 000,096,768 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\AtihdW76.sys -- (AtiHDAudioService)
DRV:64bit: - [2013/04/23 15:50:24 | 000,132,920 | ---- | M] (Motorola Solutions, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\btmaux.sys -- (btmaux)
DRV:64bit: - [2013/03/18 15:25:48 | 000,088,376 | ---- | M] (Motorola Solutions, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\btmaud.sys -- (btmaudio)
DRV:64bit: - [2013/01/29 19:15:04 | 000,050,800 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\point64.sys -- (Point64)
DRV:64bit: - [2013/01/21 08:53:42 | 000,398,816 | ---- | M] (Marvell) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\yk62x64.sys -- (yukonw7)
DRV:64bit: - [2012/12/03 14:49:38 | 000,011,944 | ---- | M] (Advanced Micro Devices Inc.) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdide64.sys -- (amdide64)
DRV:64bit: - [2012/11/16 17:08:32 | 011,922,944 | ---- | M] (Advanced Micro Devices, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\atikmdag.sys -- (atikmdag)
DRV:64bit: - [2012/11/16 17:08:32 | 011,922,944 | ---- | M] (Advanced Micro Devices, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\atikmdag.sys -- (amdkmdag)
DRV:64bit: - [2012/11/16 15:39:12 | 000,359,936 | ---- | M] (Advanced Micro Devices, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\atikmpag.sys -- (amdkmdap)
DRV:64bit: - [2012/11/01 14:31:08 | 000,040,712 | ---- | M] (Anchorfree Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\taphss6.sys -- (taphss6)
DRV:64bit: - [2012/08/28 07:27:24 | 000,058,536 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\usbfilter.sys -- (usbfilter)
DRV:64bit: - [2012/08/23 10:12:16 | 000,029,696 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\terminpt.sys -- (terminpt)
DRV:64bit: - [2012/08/23 10:10:20 | 000,019,456 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\rdpvideominiport.sys -- (RdpVideoMiniport)
DRV:64bit: - [2012/08/23 10:08:26 | 000,030,208 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbGD.sys -- (TsUsbGD)
DRV:64bit: - [2012/07/16 15:38:24 | 000,026,208 | ---- | M] (JMicron Technology Corp.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\johci.sys -- (johci)
DRV:64bit: - [2012/03/01 02:46:16 | 000,023,408 | ---- | M] (Microsoft Corporation) [Recognizer | Boot | Unknown] -- C:\Windows\SysNative\drivers\fs_rec.sys -- (Fs_Rec)
DRV:64bit: - [2012/01/10 06:00:20 | 000,018,456 | ---- | M] (HandSet Incorporated) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\massfilter_hs.sys -- (massfilter_hs)
DRV:64bit: - [2011/03/11 02:41:12 | 000,107,904 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata)
DRV:64bit: - [2011/03/11 02:41:12 | 000,027,008 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata)
DRV:64bit: - [2010/11/20 23:24:41 | 000,104,960 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\rpcxdr.sys -- (RpcXdr)
DRV:64bit: - [2010/11/20 23:24:39 | 000,246,272 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Running] -- C:\Windows\SysNative\drivers\nfsrdr.sys -- (NfsRdr)
DRV:64bit: - [2010/11/20 23:24:15 | 000,146,432 | ---- | M] (Microsoft Corporation) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\rmcast.sys -- (RMCAST)
DRV:64bit: - [2010/11/20 23:23:48 | 000,117,248 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\tsusbhub.sys -- (tsusbhub)
DRV:64bit: - [2010/11/20 23:23:48 | 000,088,960 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\Synth3dVsc.sys -- (Synth3dVsc)
DRV:64bit: - [2010/11/20 23:23:48 | 000,071,168 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\dmvsc.sys -- (dmvsc)
DRV:64bit: - [2010/11/20 23:23:47 | 000,078,720 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD)
DRV:64bit: - [2010/11/15 15:08:34 | 000,084,008 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\btwdpan.sys -- (BTWDPAN)
DRV:64bit: - [2010/02/18 10:18:24 | 000,046,136 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdiox64.sys -- (amdiox64)
DRV:64bit: - [2009/12/30 11:21:26 | 000,031,800 | ---- | M] (VS Revo Group) [File_System | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\revoflt.sys -- (Revoflt)
DRV:64bit: - [2009/10/19 10:37:50 | 000,250,928 | ---- | M] (Alps Electric Co., Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\Apfiltr.sys -- (ApfiltrService)
DRV:64bit: - [2009/07/28 21:26:48 | 000,017,136 | ---- | M] (JMicron Technology Corp.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\jmccgp.sys -- (JmUsbCcgp)
DRV:64bit: - [2009/07/13 21:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs)
DRV:64bit: - [2009/07/13 21:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2)
DRV:64bit: - [2009/07/13 21:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor)
DRV:64bit: - [2009/07/13 20:26:13 | 000,189,440 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\mqac.sys -- (MQAC)
DRV:64bit: - [2009/07/13 19:35:55 | 000,010,240 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\psxdrv.sys -- (PsxDrv)
DRV:64bit: - [2009/06/22 15:08:30 | 000,714,752 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\y_cx88x.sys -- (cxpl_mhd)
DRV:64bit: - [2009/06/10 16:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv)
DRV:64bit: - [2009/06/10 16:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv)
DRV:64bit: - [2009/06/10 16:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a)
DRV:64bit: - [2009/06/10 16:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir)
DRV:64bit: - [2009/05/18 14:17:08 | 000,034,152 | ---- | M] (GEAR Software Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\GEARAspiWDM.sys -- (GEARAspiWDM)
DRV:64bit: - [2009/05/05 01:30:28 | 000,016,440 | ---- | M] (Advanced Micro Devices Inc.) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\AtiPcie.sys -- (AtiPcie)
DRV:64bit: - [2007/09/14 23:12:36 | 000,009,856 | ---- | M] (Lenovo) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\wstbtndb.sys -- (HBtnKey)
DRV - [2013/11/19 16:10:36 | 000,034,848 | ---- | M] (IObit.com) [Kernel | On_Demand | Stopped] -- C:\Program Files (x86)\IObit\IObit Malware Fighter\Drivers\win7_amd64\RegFilter.sys -- (RegFilter)
DRV - [2013/11/19 16:10:36 | 000,023,016 | ---- | M] (IObit.com) [Kernel | On_Demand | Stopped] -- C:\Program Files (x86)\IObit\IObit Malware Fighter\Drivers\win7_amd64\UrlFilter.sys -- (UrlFilter)
DRV - [2013/03/23 15:48:48 | 000,023,048 | ---- | M] (IObit) [File_System | On_Demand | Stopped] -- C:\Program Files (x86)\IObit\IObit Malware Fighter\Drivers\win7_amd64\FileMonitor.sys -- (FileMonitor)
DRV - [2012/12/05 16:39:18 | 000,071,032 | ---- | M] (BlueStack Systems) [Kernel | Auto | Running] -- C:\Program Files (x86)\BlueStacks\HD-Hypervisor-amd64.sys -- (BstHdDrv)
DRV - [2009/07/13 21:19:10 | 000,019,008 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\wimmount.sys -- (WIMMount)
 
 
========== Standard Registry (SafeList) ==========
 
 
========== Internet Explorer ==========
 
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = about:blank
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = about:blank
IE:64bit: - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE:64bit: - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/...ms}&FORM=IE8SRC
IE:64bit: - HKLM\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = http://www.google.co...g}&sourceid=ie7
IE:64bit: - HKLM\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = about:blank
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = 
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,NewTabPageShow = 1
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar = http://www.google.com
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://www.google.com
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = http://www.google.com
IE - HKLM\..\SearchScopes,DefaultScope = {67C334C0-408D-4E6D-B5A7-0ADD6AFFA252}
IE - HKLM\..\SearchScopes\{67C334C0-408D-4E6D-B5A7-0ADD6AFFA252}: "URL" = http://www.google.co...utputEncoding?}
IE - HKLM\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,First Home Page = http://g.msn.com/1me10IE11ENUS/MSE_WCP
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,NewTabPageShow = 1
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar = http://www.google.com
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://www.google.com
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = http://www.google.com
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = en-US
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Search,Default_Search_URL = http://www.google.com/ie
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.google.com/ie
IE - HKCU\..\SearchScopes,DefaultScope = {67C334C0-408D-4E6D-B5A7-0ADD6AFFA252}
IE - HKCU\..\SearchScopes\{67C334C0-408D-4E6D-B5A7-0ADD6AFFA252}: "URL" = http://www.google.co...utputEncoding?}
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 
========== FireFox ==========
 
FF - prefs.js - File not found
 
 
FF:64bit: - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF64_15_0_0_152.dll File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@divx.com/DivX VOD Helper,version=1.0.0: C:\Program Files\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)
FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0: C:\PROGRA~1\MICROS~3\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF:64bit: - HKLM\Software\MozillaPlugins\adobe.com/AdobeAAMDetect:  File not found
FF:64bit: - HKLM\Software\MozillaPlugins\adobe.com/AdobeAAMDetect_x86_64: C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect64.dll (Adobe Systems)
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_15_0_0_152.dll ()
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=:  File not found
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF - HKLM\Software\MozillaPlugins\@canon.com/EPPEX: C:\Program Files\Canon\Easy-PhotoPrint EX\NPEZFFPI.DLL (CANON INC.)
FF - HKLM\Software\MozillaPlugins\@checkpoint.com/FFApi:  File not found
FF - HKLM\Software\MozillaPlugins\@divx.com/DivX VOD Helper,version=1.0.0: C:\Program Files (x86)\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)
FF - HKLM\Software\MozillaPlugins\@divx.com/DivX Web Player Plug-In,version=1.0.0: C:\Program Files (x86)\DivX\DivX Web Player\npdivx32.dll (DivX, LLC)
FF - HKLM\Software\MozillaPlugins\@google.com/npPicasa3,version=3.0.0: C:\Program Files (x86)\Google\Picasa3\npPicasa3.dll (Google, Inc.)
FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.67.2: C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.67.2: C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files (x86)\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0: C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/SharePoint,version=14.0: C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@nvidia.com/3DVision: C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)
FF - HKLM\Software\MozillaPlugins\@nvidia.com/3DVisionStreaming: C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)
FF - HKLM\Software\MozillaPlugins\@real.com/nppl3260;version=17.0.2.206: c:\program files (x86)\real\realplayer\Netscape6\nppl3260.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprndlchromebrowserrecordext;version=1.3.0:  File not found
FF - HKLM\Software\MozillaPlugins\@real.com/nprndlhtml5videoshim;version=1.3.0:  File not found
FF - HKLM\Software\MozillaPlugins\@real.com/nprndlpepperflashvideoshim;version=1.3.0:  File not found
FF - HKLM\Software\MozillaPlugins\@real.com/nprpplugin;version=17.0.2.206: c:\program files (x86)\real\realplayer\Netscape6\nprpplugin.dll (RealPlayer)
FF - HKLM\Software\MozillaPlugins\@realnetworks.com/npdlplugin;version=1:  File not found
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files (x86)\Google\Update\1.3.24.15\npGoogleUpdate3.dll File not found
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files (x86)\Google\Update\1.3.24.15\npGoogleUpdate3.dll File not found
FF - HKLM\Software\MozillaPlugins\@videolan.org/vlc,version=2.0.5: C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF - HKLM\Software\MozillaPlugins\@videolan.org/vlc,version=2.0.6: C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF - HKLM\Software\MozillaPlugins\@videolan.org/vlc,version=2.1.1: C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF - HKLM\Software\MozillaPlugins\@videolan.org/vlc,version=2.1.2: C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF - HKLM\Software\MozillaPlugins\@videolan.org/vlc,version=2.1.3: C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF - HKLM\Software\MozillaPlugins\Adobe Acrobat: C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\Air\nppdf32.dll (Adobe Systems Inc.)
FF - HKLM\Software\MozillaPlugins\adobe.com/AdobeAAMDetect: C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect32.dll (Adobe Systems)
FF - HKCU\Software\MozillaPlugins\@lightspark.github.com/Lightspark;version=1:  File not found
FF - HKCU\Software\MozillaPlugins\@talk.google.com/GoogleTalkPlugin: C:\Users\Nigel\AppData\Roaming\Mozilla\plugins\npgoogletalk.dll (Google)
FF - HKCU\Software\MozillaPlugins\@talk.google.com/O1DPlugin: C:\Users\Nigel\AppData\Roaming\Mozilla\plugins\npo1d.dll (Google)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Users\Nigel\AppData\Local\Google\Update\1.3.24.7\npGoogleUpdate3.dll File not found
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Users\Nigel\AppData\Local\Google\Update\1.3.24.7\npGoogleUpdate3.dll File not found
 
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\[email protected]: C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\Browser\WCFirefoxExtn [2014/10/02 12:01:53 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 18.0.2\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2013/08/13 19:54:52 | 000,000,000 | ---D | M]
 
[2013/04/04 02:05:04 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Nigel\AppData\Roaming\Mozilla\Extensions
[2013/08/06 22:33:54 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Nigel\AppData\Roaming\Mozilla\Firefox\extensions
[2013/02/28 03:11:29 | 000,000,000 | ---D | M] (uTorrentControl_v2) -- C:\Users\Nigel\AppData\Roaming\Mozilla\Firefox\extensions\{7473b6bd-4691-4744-a82b-7854eb3d70b6}
[2014/09/25 22:32:29 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Nigel\AppData\Roaming\Mozilla\Firefox\Profiles\extensions
[2014/01/29 16:56:16 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Nigel\AppData\Roaming\Mozilla\Firefox\Profiles\extensions\defaults
[2014/09/16 14:48:17 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Nigel\AppData\Roaming\Mozilla\Firefox\Profiles\extensions\extensions
[2013/12/09 17:37:44 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Nigel\AppData\Roaming\Mozilla\Firefox\Profiles\extensions\searchplugins
[2014/09/16 15:01:29 | 000,000,000 | ---D | M] (Ads Removal) -- C:\Users\Nigel\AppData\Roaming\Mozilla\Firefox\Profiles\extensions\extensions\[email protected]
[2014/04/27 04:42:58 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Nigel\AppData\Roaming\Mozilla\Firefox\Profiles\extensions\extensions\staged
[2014/01/29 16:56:16 | 000,000,000 | ---D | M] (DictAddon) -- C:\Users\Nigel\AppData\Roaming\Mozilla\Firefox\Profiles\extensions\extensions\[email protected]
[2014/10/14 15:20:29 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Nigel\AppData\Roaming\Mozilla\Firefox\Profiles\xxxk6g1a.default\Extensions
[2014/01/29 16:56:19 | 000,000,000 | ---D | M] ("QuickShare Widget") -- C:\Users\Nigel\AppData\Roaming\Mozilla\Firefox\Profiles\xxxk6g1a.default\Extensions\{78f95c9b-16b5-4f71-a733-87632abd4c0c}
[2014/10/14 15:20:25 | 000,000,000 | ---D | M] ("Universal Downloader") -- C:\Users\Nigel\AppData\Roaming\Mozilla\Firefox\Profiles\xxxk6g1a.default\Extensions\{9051303c-7e41-4311-a783-d6fe5ef2832d}
[2014/01/29 16:56:20 | 000,000,000 | ---D | M] (uTorrentControl_v6) -- C:\Users\Nigel\AppData\Roaming\Mozilla\Firefox\Profiles\xxxk6g1a.default\Extensions\{96f454ea-9d38-474f-b504-56193e00c1a5}
[2014/01/29 16:56:17 | 000,000,000 | ---D | M] ("Key Download") -- C:\Users\Nigel\AppData\Roaming\Mozilla\Firefox\Profiles\xxxk6g1a.default\Extensions\[email protected]
[2014/09/16 15:01:29 | 000,000,000 | ---D | M] (Ads Removal) -- C:\Users\Nigel\AppData\Roaming\Mozilla\Firefox\Profiles\xxxk6g1a.default\Extensions\[email protected]
[2014/10/14 15:20:25 | 000,000,000 | ---D | M] (TinyWallet) -- C:\Users\Nigel\AppData\Roaming\Mozilla\Firefox\Profiles\xxxk6g1a.default\Extensions\[email protected]
[2014/10/14 15:20:29 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Nigel\AppData\Roaming\Mozilla\Firefox\Profiles\xxxk6g1a.default\Extensions\staged
[2014/01/29 16:56:18 | 000,000,000 | ---D | M] (DictAddon) -- C:\Users\Nigel\AppData\Roaming\Mozilla\Firefox\Profiles\xxxk6g1a.default\Extensions\[email protected]
[2013/04/08 13:11:52 | 000,216,492 | ---- | M] () (No name found) -- C:\Users\Nigel\AppData\Roaming\Mozilla\Firefox\Profiles\xxxk6g1a.default\Extensions\[email protected]
[2013/06/26 13:40:28 | 000,230,299 | ---- | M] () (No name found) -- C:\Users\Nigel\AppData\Roaming\Mozilla\Firefox\Profiles\xxxk6g1a.default\Extensions\[email protected]
[2014/01/17 01:31:05 | 000,157,230 | ---- | M] () (No name found) -- C:\Users\Nigel\AppData\Roaming\Mozilla\Firefox\Profiles\xxxk6g1a.default\Extensions\[email protected]
[2014/01/19 08:23:03 | 000,940,775 | ---- | M] () (No name found) -- C:\Users\Nigel\AppData\Roaming\Mozilla\Firefox\Profiles\xxxk6g1a.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi
[2013/09/28 12:19:35 | 000,000,593 | ---- | M] () -- C:\Users\Nigel\AppData\Roaming\Mozilla\Firefox\Profiles\xxxk6g1a.default\searchplugins\EasyLife.xml
[2013/10/03 15:18:44 | 000,003,746 | ---- | M] () -- C:\Users\Nigel\AppData\Roaming\Mozilla\Firefox\Profiles\xxxk6g1a.default\searchplugins\safeguard-secure-search.xml
[2013/03/01 01:19:26 | 000,002,090 | ---- | M] () -- C:\Users\Nigel\AppData\Roaming\Mozilla\Firefox\Profiles\xxxk6g1a.default\searchplugins\Searchab.xml
[2013/08/16 20:18:01 | 000,000,915 | ---- | M] () -- C:\Users\Nigel\AppData\Roaming\Mozilla\Firefox\Profiles\xxxk6g1a.default\searchplugins\yahoo.xml
[2013/12/09 17:37:34 | 000,000,905 | ---- | M] () -- C:\Users\Nigel\AppData\Roaming\Mozilla\Firefox\Profiles\xxxk6g1a.default\searchplugins\yahoo_ff.xml
[2014/09/23 03:51:42 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\Mozilla Firefox\extensions
[2013/08/08 01:20:48 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\Mozilla Firefox\extensions\[email protected]
[2013/10/19 12:49:01 | 000,000,000 | ---D | M] (WordOv) -- C:\Program Files (x86)\Mozilla Firefox\extensions\[email protected]
[2013/04/16 16:03:26 | 000,263,064 | ---- | M] (Mozilla Foundation) -- C:\Program Files (x86)\mozilla firefox\components\browsercomps.dll
[2013/04/16 16:03:22 | 000,002,465 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\bing.xml
[2013/04/16 16:03:22 | 000,002,086 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\twitter.xml
 
========== Chrome  ==========
 
CHR - plugin: Error reading preferences file
CHR - Extension: Google Slides = C:\Users\Nigel\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek\0.8_2\
CHR - Extension: Google Docs = C:\Users\Nigel\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake\0.7_1\
CHR - Extension: Google Drive = C:\Users\Nigel\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\6.3_1\
CHR - Extension: Google Voice Search Hotword (Beta) = C:\Users\Nigel\AppData\Local\Google\Chrome\User Data\Default\Extensions\bepbmhgboaologfdajaanbcjmnhjmhfn\0.1.1.5023_2\
CHR - Extension: YouTube = C:\Users\Nigel\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.6_1\
CHR - Extension: Google Search = C:\Users\Nigel\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.20_1\
CHR - Extension: Video downloader pro = C:\Users\Nigel\AppData\Local\Google\Chrome\User Data\Default\Extensions\dbjlfogfpagepnaojhfbdlhjhildeaem\1.0_1\
CHR - Extension: Video Downloader professional = C:\Users\Nigel\AppData\Local\Google\Chrome\User Data\Default\Extensions\elicpjhcidhpjomhibiffojpinpmmpil\1.97.43_1\
CHR - Extension: Google Sheets = C:\Users\Nigel\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap\1.0_1\
CHR - Extension: Video Downloader = C:\Users\Nigel\AppData\Local\Google\Chrome\User Data\Default\Extensions\hnmpgleggfcndpeflbjhpjfckfmojnpo\1.0.4.4_1\
CHR - Extension: Google Wallet = C:\Users\Nigel\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.6.1_2\
CHR - Extension: Gmail = C:\Users\Nigel\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_2\
 
O1 HOSTS File: ([2014/10/17 12:54:44 | 000,449,758 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O1 - Hosts: 127.0.0.1 activate.adobe.com
O1 - Hosts: 127.0.0.1 3dns-3.adobe.com
O1 - Hosts: 127.0.0.1 adobe-dns-2.adobe.com
O1 - Hosts: 127.0.0.1 adobe-dns-3.adobe.com
O1 - Hosts: 127.0.0.1 ereg.wip3.adobe.com
O1 - Hosts: 127.0.0.1 activate-sea.adobe.com
O1 - Hosts: 127.0.0.1 wip3.adobe.com
O1 - Hosts: 127.0.0.1 wwis-dubc1-vip60.adobe.com
O1 - Hosts: 127.0.0.1 activate-sjc0.adobe.com
O1 - Hosts: 127.0.0.1 practivate.adobe.com
O1 - Hosts: 127.0.0.1 ereg.adobe.com
O1 - Hosts: 127.0.0.1 activate.wip3.adobe.com
O1 - Hosts: 127.0.0.1 3dns-2.adobe.com
O1 - Hosts: 127.0.0.1 adobe-dns.adobe.com
O1 - Hosts: 127.0.0.1 www.iobit.com
O1 - Hosts: ::1 localhost
O1 - Hosts: 127.0.0.1 www.007guard.com
O1 - Hosts: 127.0.0.1 007guard.com
O1 - Hosts: 127.0.0.1 008i.com
O1 - Hosts: 127.0.0.1 www.008k.com
O1 - Hosts: 127.0.0.1 008k.com
O1 - Hosts: 127.0.0.1 www.00hq.com
O1 - Hosts: 127.0.0.1 00hq.com
O1 - Hosts: 127.0.0.1 010402.com
O1 - Hosts: 15466 more lines...
O3:64bit: - HKLM\..\Toolbar: (no name) - {03EB0E9C-7A91-4381-A220-9B52B641CDB1} - No CLSID value found.
O3:64bit: - HKLM\..\Toolbar: (no name) - {97ab88ef-346b-4179-a0b1-7445896547a5} - No CLSID value found.
O3 - HKLM\..\Toolbar: (no name) - {03EB0E9C-7A91-4381-A220-9B52B641CDB1} - No CLSID value found.
O3 - HKLM\..\Toolbar: (Adobe Acrobat Create PDF Toolbar) - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O3 - HKLM\..\Toolbar: (no name) - {97ab88ef-346b-4179-a0b1-7445896547a5} - No CLSID value found.
O4:64bit: - HKLM..\Run: [MSC] C:\Program Files\Microsoft Security Client\msseces.exe (Microsoft Corporation)
O4 - HKLM..\Run: []  File not found
O4 - HKLM..\RunOnce: [Malwarebytes Anti-Malware (cleanup)] C:\ProgramData\Malwarebytes\Malwarebytes Anti-Malware\mbamdor.exe (Malwarebytes Corporation)
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\control panel present
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\restrictions present
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoSharedDocuments = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 181
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDevMgrUpdate = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoSetTaskbar = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDeletePrinter = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDFSTab = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoChangeStartMenu = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoEncryptOnMove = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoRunasInstallPrompt = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoResolveSearch = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoResolveTrack = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoHardwareTab = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoStartMenuSubFolders = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: verbosestatus = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O7 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKCU\Software\Policies\Microsoft\Internet Explorer\restrictions present
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoThumbnailCache = 1
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDevMgrUpdate = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoSetTaskbar = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDeletePrinter = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDFSTab = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoChangeStartMenu = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoEncryptOnMove = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoRunasInstallPrompt = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoResolveSearch = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoResolveTrack = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoHardwareTab = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoStartMenuSubFolders = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoInternetOpenWith = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoLowDiskSpaceChecks = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoInternetIcon = 0
O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000008 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000008 [] - C:\Program Files (x86)\Bonjour\mdnsNSP.dll (Apple Inc.)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/...indows-i586.cab (Java Plug-in 10.67.2)
O16 - DPF: {CAFEEFAC-0017-0000-0055-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.7.0_55)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 10.67.2)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload2.m...ash/swflash.cab (Shockwave Flash Object)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.254
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{C4194BE8-D4B9-4BBA-82A4-5A98B613C948}: DhcpNameServer = 173.209.204.253 173.209.207.253
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{D2E0C605-D102-4906-95C8-485C32FAF129}: DhcpNameServer = 192.168.1.254
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{F47AA5AA-D61F-4D05-9E56-B41C8D56A233}: DhcpNameServer = 172.18.145.103 172.18.145.103
O18 - Protocol\Handler\ms-help - No CLSID value found
O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysWOW64\userinit.exe (Microsoft Corporation)
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2008/05/06 08:26:23 | 000,000,309 | R--- | M] () - F:\autorun.inf -- [ CDFS ]
O34 - HKLM BootExecute: (autocheck autochk *)
O34 - HKLM BootExecute: (MACHINE BootExecut)
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKCU\...exe [@ = exefile] -- Reg Error: Key error. File not found
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)
 
========== Files/Folders - Created Within 30 Days ==========
 
[2014/10/18 03:33:36 | 000,079,064 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\lvfamxfn.sys
[2014/10/17 13:54:13 | 000,000,000 | ---D | C] -- C:\Users\Nigel\Desktop\Computer_Software
[2014/10/17 13:34:14 | 000,000,000 | ---D | C] -- C:\Users\Nigel\Desktop\StopZilla
[2014/10/17 12:33:26 | 000,000,000 | ---D | C] -- C:\Program Files\CCleaner
[2014/10/16 19:02:25 | 000,000,000 | ---D | C] -- C:\ProgramData\Reimage Protector
[2014/10/16 19:02:10 | 000,000,000 | ---D | C] -- C:\ProgramData\Reimage Express
[2014/10/14 18:06:33 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft ASP.NET
[2014/10/12 14:48:45 | 000,000,000 | ---D | C] -- C:\Users\Nigel\Documents\Optimizer Pro
[2014/10/12 14:41:54 | 000,000,000 | ---D | C] -- C:\Users\Nigel\AppData\Local\globalUpdate
[2014/10/12 14:41:54 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\globalUpdate
[2014/10/11 17:53:16 | 000,000,000 | ---D | C] -- C:\Program Files\Reimage
[2014/10/10 10:42:06 | 000,000,000 | ---D | C] -- C:\ProgramData\VideoDownloaderUltimateWinApp
[2014/09/29 11:51:51 | 000,000,000 | ---D | C] -- C:\Users\Nigel\AppData\Local\DDMSettings
[2014/09/26 01:13:02 | 000,000,000 | ---D | C] -- C:\Users\Nigel\AppData\Local\pangu
[2014/09/22 12:22:49 | 000,000,000 | ---D | C] -- C:\Users\Nigel\AppData\Roaming\uTorrent
[2014/09/22 05:33:17 | 000,000,000 | ---D | C] -- C:\ProgramData\7326f70cff8ae1e5
[2014/09/22 05:32:45 | 000,000,000 | ---D | C] -- C:\Users\Nigel\AppData\Local\Chromatic Browser
[2014/09/22 05:32:41 | 000,000,000 | ---D | C] -- C:\Users\Nigel\AppData\Local\Comodo
[2013/05/25 18:03:31 | 009,842,040 | ---- | C] (Webroot Software, Inc.) -- C:\Program Files (x86)\Common Files\wruninstall.exe
[17 C:\Windows\SysNative\*.tmp files -> C:\Windows\SysNative\*.tmp -> ]
[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]
 
========== Files - Modified Within 30 Days ==========
 
[2014/10/18 20:39:00 | 000,000,908 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-425073729-1472267466-4260431720-1000UA.job
[2014/10/18 20:33:01 | 000,000,830 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
[2014/10/18 20:31:00 | 000,000,896 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2014/10/18 20:05:37 | 000,000,162 | -H-- | M] () -- C:\Users\Nigel\Desktop\~$ror_Message.rtf
[2014/10/18 18:52:29 | 000,129,752 | ---- | M] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\MBAMSwissArmy.sys
[2014/10/18 17:39:00 | 000,000,856 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-425073729-1472267466-4260431720-1000Core.job
[2014/10/18 13:14:12 | 000,000,366 | ---- | M] () -- C:\Windows\tasks\ReclaimerUpdateXML_Nigel.job
[2014/10/18 12:14:00 | 000,073,728 | ---- | M] () -- C:\Windows\SysWow64\tasks.dll
[2014/10/18 11:46:01 | 000,000,258 | ---- | M] () -- C:\Windows\tasks\CCleanerClean.job
[2014/10/18 03:33:36 | 000,079,064 | ---- | M] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\lvfamxfn.sys
[2014/10/17 15:18:22 | 000,001,088 | ---- | M] () -- C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
[2014/10/17 13:59:32 | 000,026,768 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2014/10/17 13:59:32 | 000,026,768 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2014/10/17 13:51:34 | 000,001,680 | ---- | M] () -- C:\Windows\SysNative\drivers\kgpcpy.cfg
[2014/10/17 13:50:43 | 000,000,384 | ---- | M] () -- C:\Windows\SysWow64\drivers\kgpfr2.cfg
[2014/10/17 13:46:45 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2014/10/17 13:46:21 | 2146,934,783 | -HS- | M] () -- C:\hiberfil.sys
[2014/10/17 13:18:26 | 000,712,443 | ---- | M] () -- C:\Users\Nigel\Desktop\Installer (Right Click and select extract).zip
[2014/10/17 13:07:14 | 000,001,376 | ---- | M] () -- C:\Users\Nigel\Desktop\Error_Message.rtf
[2014/10/17 12:54:44 | 000,449,758 | ---- | M] () -- C:\Windows\SysNative\drivers\etc\hosts
[2014/10/17 12:33:40 | 000,000,794 | ---- | M] () -- C:\Users\Public\Desktop\CCleaner.lnk
[2014/10/17 08:58:44 | 016,955,453 | ---- | M] () -- C:\Users\Nigel\Desktop\evasi0n7-win-1.0.8-ccb6ff816eb8789bf039cf3ca00edbedc199464f.zip
[2014/10/17 08:42:07 | 000,000,165 | ---- | M] () -- C:\Windows\Reimage.ini
[2014/10/17 01:03:22 | 000,000,370 | ---- | M] () -- C:\Windows\tasks\ReclaimerUpdateFiles_Nigel.job
[2014/10/16 19:02:24 | 000,001,877 | ---- | M] () -- C:\Users\Public\Desktop\Reimage Express.lnk
[2014/10/16 16:56:01 | 002,972,908 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2014/10/16 16:56:01 | 000,847,994 | ---- | M] () -- C:\Windows\SysNative\perfh019.dat
[2014/10/16 16:56:01 | 000,787,002 | ---- | M] () -- C:\Windows\SysNative\perfh005.dat
[2014/10/16 16:56:01 | 000,779,768 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2014/10/16 16:56:01 | 000,204,178 | ---- | M] () -- C:\Windows\SysNative\perfc019.dat
[2014/10/16 16:56:01 | 000,195,964 | ---- | M] () -- C:\Windows\SysNative\perfc005.dat
[2014/10/16 16:56:01 | 000,166,176 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2014/10/15 15:50:19 | 000,006,948 | ---- | M] () -- C:\Windows\SysNative\ScanResults.xml
[2014/10/15 15:41:50 | 000,000,464 | ---- | M] () -- C:\Windows\SysNative\ScannerSettings
[2014/10/14 20:20:02 | 000,000,585 | ---- | M] () -- C:\Windows\w32dasm8.ini
[2014/10/10 10:42:30 | 000,000,934 | ---- | M] () -- C:\Users\Nigel\Desktop\Video Downloader Ultimate.lnk
[2014/10/04 09:09:58 | 000,000,376 | ---- | M] () -- C:\Windows\tasks\RNUpgradeHelperLogonPrompt_Nigel.job
[2014/10/01 11:11:26 | 000,063,704 | ---- | M] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\mwac.sys
[2014/10/01 11:11:16 | 000,093,400 | ---- | M] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\mbamchameleon.sys
[2014/10/01 11:11:12 | 000,025,816 | ---- | M] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\mbam.sys
[2014/09/22 12:28:19 | 000,000,823 | ---- | M] () -- C:\Users\Nigel\Desktop\µTorrent.lnk
[2014/09/22 05:32:54 | 000,000,990 | RHS- | M] () -- C:\ProgramData\ntuser.pol
[17 C:\Windows\SysNative\*.tmp files -> C:\Windows\SysNative\*.tmp -> ]
[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]
 
========== Files Created - No Company Name ==========
 
[2014/10/18 20:05:37 | 000,000,162 | -H-- | C] () -- C:\Users\Nigel\Desktop\~$ror_Message.rtf
[2014/10/17 13:50:40 | 000,000,384 | ---- | C] () -- C:\Windows\SysWow64\drivers\kgpfr2.cfg
[2014/10/17 13:50:33 | 000,001,680 | ---- | C] () -- C:\Windows\SysNative\drivers\kgpcpy.cfg
[2014/10/17 13:18:19 | 000,712,443 | ---- | C] () -- C:\Users\Nigel\Desktop\Installer (Right Click and select extract).zip
[2014/10/17 13:07:14 | 000,001,376 | ---- | C] () -- C:\Users\Nigel\Desktop\Error_Message.rtf
[2014/10/17 12:41:16 | 000,001,088 | ---- | C] () -- C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
[2014/10/17 12:33:40 | 000,000,794 | ---- | C] () -- C:\Users\Public\Desktop\CCleaner.lnk
[2014/10/17 08:57:08 | 016,955,453 | ---- | C] () -- C:\Users\Nigel\Desktop\evasi0n7-win-1.0.8-ccb6ff816eb8789bf039cf3ca00edbedc199464f.zip
[2014/10/16 19:02:24 | 000,001,877 | ---- | C] () -- C:\Users\Public\Desktop\Reimage Express.lnk
[2014/10/15 15:50:19 | 000,006,948 | ---- | C] () -- C:\Windows\SysNative\ScanResults.xml
[2014/10/15 15:41:50 | 000,000,464 | ---- | C] () -- C:\Windows\SysNative\ScannerSettings
[2014/10/14 19:02:50 | 000,000,585 | ---- | C] () -- C:\Windows\w32dasm8.ini
[2014/10/11 17:52:06 | 000,000,165 | ---- | C] () -- C:\Windows\Reimage.ini
[2014/10/10 10:42:30 | 000,000,934 | ---- | C] () -- C:\Users\Nigel\Desktop\Video Downloader Ultimate.lnk
[2014/09/22 12:28:19 | 000,000,823 | ---- | C] () -- C:\Users\Nigel\Desktop\µTorrent.lnk
[2014/09/22 12:14:01 | 000,073,728 | ---- | C] () -- C:\Windows\SysWow64\tasks.dll
[2014/09/20 12:50:22 | 000,000,376 | ---- | C] () -- C:\Windows\tasks\RNUpgradeHelperLogonPrompt_Nigel.job
[2014/09/20 12:50:20 | 000,000,370 | ---- | C] () -- C:\Windows\tasks\ReclaimerUpdateFiles_Nigel.job
[2014/09/20 12:50:18 | 000,000,366 | ---- | C] () -- C:\Windows\tasks\ReclaimerUpdateXML_Nigel.job
[2014/09/01 04:18:44 | 000,001,248 | ---- | C] () -- C:\Users\Nigel\AppData\Roaming\DXDCU
[2014/09/01 04:18:44 | 000,001,248 | ---- | C] () -- C:\Users\Nigel\AppData\Roaming\BOAJA
[2014/07/12 21:30:38 | 000,000,990 | RHS- | C] () -- C:\ProgramData\ntuser.pol
[2014/05/27 15:04:27 | 000,000,715 | ---- | C] () -- C:\Windows\SysWow64\Settings.ini
[2014/02/24 12:35:01 | 000,102,400 | ---- | C] () -- C:\Windows\SysWow64\Zipit.dll
[2014/02/24 12:35:01 | 000,047,616 | ---- | C] ( ) -- C:\Windows\SysWow64\Zipdll.dll
[2014/02/22 16:27:07 | 000,014,336 | ---- | C] () -- C:\Users\Nigel\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2013/12/27 16:17:33 | 000,000,163 | ---- | C] () -- C:\Windows\efix.ini
[2013/12/11 11:27:31 | 000,256,000 | ---- | C] () -- C:\Windows\PEV.exe
[2013/12/11 11:27:31 | 000,208,896 | ---- | C] () -- C:\Windows\MBR.exe
[2013/12/11 11:27:31 | 000,098,816 | ---- | C] () -- C:\Windows\sed.exe
[2013/12/11 11:27:31 | 000,080,412 | ---- | C] () -- C:\Windows\grep.exe
[2013/12/11 11:27:31 | 000,068,096 | ---- | C] () -- C:\Windows\zip.exe
[2013/12/04 20:49:57 | 000,000,600 | ---- | C] () -- C:\Users\Nigel\AppData\Local\PUTTY.RND
[2013/10/07 14:54:47 | 000,007,598 | ---- | C] () -- C:\Users\Nigel\AppData\Local\Resmon.ResmonCfg
[2013/10/06 17:33:25 | 000,001,672 | ---- | C] () -- C:\Users\Nigel\Recent - Shortcut.lnk
[2013/09/26 19:13:02 | 000,000,000 | -H-- | C] () -- C:\ProgramData\DP45977C.lfl
[2013/08/24 04:21:25 | 000,645,632 | ---- | C] () -- C:\Windows\SysWow64\xvidcore.dll
[2013/08/24 04:21:25 | 000,240,640 | ---- | C] () -- C:\Windows\SysWow64\xvidvfw.dll
[2013/08/24 04:21:06 | 000,216,064 | ---- | C] ( ) -- C:\Windows\SysWow64\lagarith.dll
[2013/08/24 04:21:06 | 000,178,688 | ---- | C] () -- C:\Windows\SysWow64\unrar.dll
[2013/08/24 04:21:05 | 000,715,038 | ---- | C] () -- C:\Windows\unins000.exe
[2013/08/24 04:21:05 | 000,001,990 | ---- | C] () -- C:\Windows\unins000.dat
[2013/08/12 08:14:22 | 000,000,103 | ---- | C] () -- C:\Users\Nigel\AppData\Roaming\WB.CFG
[2013/08/06 23:39:00 | 000,000,296 | ---- | C] () -- C:\Program Files (x86)\JmUninst.bat
[2013/05/14 11:22:30 | 000,033,193 | ---- | C] () -- C:\Users\Nigel\AppData\Roaming\UserTile.png
[2013/05/04 13:05:45 | 000,048,028 | ---- | C] () -- C:\Windows\wininit.ini
[2013/04/24 19:58:17 | 000,000,000 | ---- | C] () -- C:\Windows\ativpsrm.bin
[2013/04/17 09:26:52 | 000,000,036 | ---- | C] () -- C:\Windows\avgui.INI
[2013/04/05 06:16:58 | 002,945,982 | ---- | C] () -- C:\Windows\SysWow64\PerfStringBackup.INI
[2013/03/24 23:05:25 | 000,079,360 | ---- | C] () -- C:\Windows\SysWow64\ff_vfw.dll
[2013/03/01 01:12:40 | 000,000,884 | RHS- | C] () -- C:\Users\Nigel\ntuser.pol
[2012/11/27 00:18:46 | 000,038,912 | ---- | C] () -- C:\Windows\SysWow64\kdbsdk32.dll
[2012/11/16 16:01:08 | 000,204,952 | ---- | C] () -- C:\Windows\SysWow64\ativvsvl.dat
[2012/11/16 16:01:08 | 000,157,144 | ---- | C] () -- C:\Windows\SysWow64\ativvsva.dat
 
========== ZeroAccess Check ==========
 
[2013/04/22 14:00:11 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini
 
[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
 
[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
 
[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] /64
 
[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
"" = C:\Windows\SysNative\shell32.dll -- [2014/06/24 22:05:42 | 014,175,744 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
 
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2014/06/24 21:41:30 | 012,874,240 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\fastprox.dll -- [2009/07/13 21:40:51 | 000,909,312 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
 
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2010/11/20 23:24:25 | 000,606,208 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\wbemess.dll -- [2009/07/13 21:41:56 | 000,505,856 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both
 
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]
 
========== LOP Check ==========
 
[2013/10/14 18:52:43 | 000,000,000 | ---D | M] -- C:\Users\Nigel\AppData\Roaming\BlueSprig
[2013/06/26 10:39:23 | 000,000,000 | ---D | M] -- C:\Users\Nigel\AppData\Roaming\Canon
[2013/09/26 04:17:42 | 000,000,000 | ---D | M] -- C:\Users\Nigel\AppData\Roaming\CDXReader
[2014/05/22 11:16:45 | 000,000,000 | ---D | M] -- C:\Users\Nigel\AppData\Roaming\chc.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1
[2013/02/27 19:14:12 | 000,000,000 | ---D | M] -- C:\Users\Nigel\AppData\Roaming\CheckPoint
[2014/05/22 09:01:31 | 000,000,000 | ---D | M] -- C:\Users\Nigel\AppData\Roaming\com.adobe.formscentral.FormsCentralForAcrobat
[2013/04/25 10:44:16 | 000,000,000 | ---D | M] -- C:\Users\Nigel\AppData\Roaming\Conduit
[2014/03/16 14:08:41 | 000,000,000 | ---D | M] -- C:\Users\Nigel\AppData\Roaming\Cyberduck
[2013/11/24 03:14:10 | 000,000,000 | ---D | M] -- C:\Users\Nigel\AppData\Roaming\Dropbox
[2014/07/24 10:30:11 | 000,000,000 | ---D | M] -- C:\Users\Nigel\AppData\Roaming\DSite
[2013/10/09 07:57:18 | 000,000,000 | ---D | M] -- C:\Users\Nigel\AppData\Roaming\FixCleaner
[2013/05/27 03:27:44 | 000,000,000 | ---D | M] -- C:\Users\Nigel\AppData\Roaming\gtk-2.0
[2014/02/28 15:17:33 | 000,000,000 | ---D | M] -- C:\Users\Nigel\AppData\Roaming\ImTOO
[2014/09/16 14:56:39 | 000,000,000 | ---D | M] -- C:\Users\Nigel\AppData\Roaming\IObit
[2014/08/04 01:16:06 | 000,000,000 | ---D | M] -- C:\Users\Nigel\AppData\Roaming\iolo
[2014/08/04 01:01:11 | 000,000,000 | ---D | M] -- C:\Users\Nigel\AppData\Roaming\ioloGovernor
[2013/07/24 23:21:29 | 000,000,000 | ---D | M] -- C:\Users\Nigel\AppData\Roaming\KeyingTool
[2014/02/24 12:56:53 | 000,000,000 | ---D | M] -- C:\Users\Nigel\AppData\Roaming\LavFilters
[2014/01/10 20:55:22 | 000,000,000 | ---D | M] -- C:\Users\Nigel\AppData\Roaming\libimobiledevice
[2014/07/08 14:53:34 | 000,000,000 | ---D | M] -- C:\Users\Nigel\AppData\Roaming\Media Finder
[2013/05/16 10:27:34 | 000,000,000 | ---D | M] -- C:\Users\Nigel\AppData\Roaming\Open Download Manager
[2013/09/30 13:18:28 | 000,000,000 | ---D | M] -- C:\Users\Nigel\AppData\Roaming\Oracle
[2014/07/09 15:10:32 | 000,000,000 | ---D | M] -- C:\Users\Nigel\AppData\Roaming\PC TEKNIX
[2013/05/15 16:09:29 | 000,000,000 | ---D | M] -- C:\Users\Nigel\AppData\Roaming\PicsAid
[2013/05/12 16:52:20 | 000,000,000 | ---D | M] -- C:\Users\Nigel\AppData\Roaming\player
[2013/10/22 04:23:32 | 000,000,000 | ---D | M] -- C:\Users\Nigel\AppData\Roaming\Reincubate
[2014/05/22 09:00:50 | 000,000,000 | ---D | M] -- C:\Users\Nigel\AppData\Roaming\SolidDocuments
[2014/09/16 14:47:02 | 000,000,000 | ---D | M] -- C:\Users\Nigel\AppData\Roaming\Systweak
[2014/10/18 11:46:23 | 000,000,000 | ---D | M] -- C:\Users\Nigel\AppData\Roaming\uTorrent
[2014/05/22 04:26:02 | 000,000,000 | ---D | M] -- C:\Users\Nigel\AppData\Roaming\v9
[2014/05/22 04:23:48 | 000,000,000 | ---D | M] -- C:\Users\Nigel\AppData\Roaming\wi_upd
[2013/04/02 00:05:20 | 000,000,000 | -HSD | M] -- C:\Users\Nigel\AppData\Roaming\wyUpdate AU
[2014/09/08 04:29:42 | 000,000,000 | ---D | M] -- C:\Users\Nigel\AppData\Roaming\XBMC
 
========== Purity Check ==========
 
 
 
< End of report >

  • 0

#6
nfmaharaj

nfmaharaj

    Member

  • Topic Starter
  • Member
  • PipPip
  • 44 posts
OTL Extras logfile created on: 10/18/2014 8:50:03 PM - Run 1
OTL by OldTimer - Version 3.2.69.0     Folder = C:\Users\Nigel\Downloads
64bit- Ultimate Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.11.9600.17358)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy
 
8.00 Gb Total Physical Memory | 4.35 Gb Available Physical Memory | 54.43% Memory free
19.99 Gb Paging File | 13.86 Gb Available in Paging File | 69.31% Paging File free
Paging file location(s): C:\pagefile.sys 6142 6142K:\pagef [Binary data over 200 bytes]
 
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 298.09 Gb Total Space | 136.40 Gb Free Space | 45.76% Space Free | Partition Type: NTFS
Drive F: | 6.67 Mb Total Space | 0.00 Mb Free Space | 0.00% Space Free | Partition Type: CDFS
Drive G: | 3.73 Gb Total Space | 2.43 Gb Free Space | 65.18% Space Free | Partition Type: FAT32
Drive H: | 7.47 Gb Total Space | 0.49 Gb Free Space | 6.50% Space Free | Partition Type: FAT32
Drive K: | 465.76 Gb Total Space | 205.98 Gb Free Space | 44.22% Space Free | Partition Type: NTFS
 
Computer Name: NIGEL-PC | User Name: Nigel | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Quick Scan | Include 64bit Scans
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days
 
========== Extra Registry (SafeList) ==========
 
 
========== File Associations ==========
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cmd[@ = cmdfile] -- Reg Error: Key error. File not found
.html[@ = ChromeHTML] -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.)
.url[@ = InternetShortcut] -- C:\Windows\SysNative\rundll32.exe (Microsoft Corporation)
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cmd [@ = cmdfile] -- Reg Error: Key error. File not found
.cpl [@ = cplfile] -- C:\Windows\SysWow64\control.exe (Microsoft Corporation)
.html [@ = ChromeHTML] -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.)
 
[HKEY_CURRENT_USER\SOFTWARE\Classes\<extension>]
.exe [@ = exefile] -- Reg Error: Key error. File not found
.html [@ = htmlfile] -- Reg Error: Key error. File not found
 
========== Shell Spawning ==========
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- Reg Error: Key error.
comfile [open] -- "%1" %*
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [edit] -- Reg Error: Key error.
htmlfile [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
htmlfile [opennew] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
htmlfile [print] -- rundll32.exe %SystemRoot%\system32\mshtml.dll,PrintHTML "%1" (Microsoft Corporation)
http [open] -- "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" -- "%1" (Google Inc.)
https [open] -- "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" -- "%1" (Google Inc.)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
InternetShortcut [open] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll",OpenURL %l (Microsoft Corporation)
InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" (VideoLAN)
Directory [Bridge] -- C:\Program Files\Adobe\Adobe Bridge CC (64 Bit)\Bridge.exe "%L" (Adobe Systems Incorporated)
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [Menu_CMD] -- cmd.exe /k "cd %L" (Microsoft Corporation)
Directory [PlayWithVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" (VideoLAN)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Applications\iexplore.exe [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
CLSID\{871C5380-42A0-1069-A2EA-08002B30309D} [OpenHomePage] -- "C:\Program Files\Internet Explorer\iexplore.exe" (Microsoft Corporation)
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- Reg Error: Key error.
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [edit] -- Reg Error: Key error.
htmlfile [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
htmlfile [opennew] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
http [open] -- "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" -- "%1" (Google Inc.)
https [open] -- "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" -- "%1" (Google Inc.)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" (VideoLAN)
Directory [Bridge] -- C:\Program Files\Adobe\Adobe Bridge CC (64 Bit)\Bridge.exe "%L" (Adobe Systems Incorporated)
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [Menu_CMD] -- cmd.exe /k "cd %L" (Microsoft Corporation)
Directory [PlayWithVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" (VideoLAN)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Applications\iexplore.exe [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
CLSID\{871C5380-42A0-1069-A2EA-08002B30309D} [OpenHomePage] -- Reg Error: Value error.
 
========== Security Center Settings ==========
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1
"FirewallDisableNotify" = 0
"AntiVirusDisableNotify" = 0
"UpdatesDisableNotify" = 0
"AutoUpdateDisableNotify" = 0
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = 28 4D B2 76 41 04 CA 01  [binary data]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"AntiVirusDisableNotify" = 0
"FirewallDisableNotify" = 0
"FirewallOverride" = 0
"AntivirusOverride" = 0
"UacDisableNotify" = 0
"AntiSpywareDisableNotify" = 0
"AutoUpdateDisableNotify" = 0
"InternetSettingsDisableNotify" = 0
"UpdatesDisableNotify" = 0
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
"DisableMonitoring" = 0
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus]
"DisableMonitoring" = 0
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall]
"DisableMonitoring" = 0
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
 
========== System Restore Settings ==========
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"DisableSR" = 0
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Sr]
"Start" = 0
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SrService]
"Start" = 2
 
========== Firewall Settings ==========
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall]
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\DomainProfile]
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\StandardProfile]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\DomainProfile]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\StandardProfile]
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0
"DisableUnicastResponsesToMulticastBroadcast" = 0
"DefaultOutboundAction" = 0
"DefaultInboundAction" = 1
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0
"DefaultOutboundAction" = 0
"DefaultInboundAction" = 1
"DisableUnicastResponsesToMulticastBroadcast" = 0
"DoNotAllowExceptions" = 0
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0
"DisableUnicastResponsesToMulticastBroadcast" = 0
"DefaultOutboundAction" = 0
"DefaultInboundAction" = 1
"DoNotAllowExceptions" = 0
 
========== Authorized Applications List ==========
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
 
 
========== Vista Active Open Ports Exception List ==========
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{00AFB5BF-2E94-4A69-86E9-69F64E5709DD}" = rport=443 | protocol=6 | dir=out | app=system | 
"{01E1F8A9-A4F0-443C-BF23-9320ABA14252}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe | 
"{02C8E6B3-DAC3-443B-9B57-90045E99574E}" = lport=47991 | protocol=6 | dir=in | app=c:\program files\nvidia corporation\nvstreamsrv\nvstreamer.exe | 
"{0333E795-B9C8-4FCA-8507-221311DA740D}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | app=%systemroot%\system32\svchost.exe | 
"{04CEF706-1B52-4434-97C8-BDC0D0C663C8}" = rport=138 | protocol=17 | dir=out | app=system | 
"{05FA277B-8282-4F08-836C-7684C10855A6}" = lport=3702 | protocol=17 | dir=in | svc=fdphost | app=%systemroot%\system32\svchost.exe | 
"{06BC5B9F-239F-4E3E-B1F2-BDD0EE1A166B}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe | 
"{084CB40E-0A6C-4966-B37B-1CA8C84AB5FE}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe | 
"{09A41241-4E49-4CF0-9985-DB950600BA02}" = lport=47991 | protocol=6 | dir=in | app=c:\program files\nvidia corporation\nvstreamsrv\nvstreamer.exe | 
"{09C3DD2C-9506-430C-A8AB-E07E1F53EFC4}" = lport=47987 | protocol=6 | dir=in | app=c:\program files\nvidia corporation\nvstreamsrv\nvstreamsvc.exe | 
"{0A7302A7-0A92-4FB5-B809-491BBAA5642B}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe | 
"{0A80B945-B749-443F-A5B7-29843AFEBF6B}" = lport=5353 | protocol=17 | dir=in | app=c:\program files\nvidia corporation\nvstreamsrv\nvstreamsvc.exe | 
"{0FD14836-3F87-482F-87BB-7CEF3597C8C9}" = lport=48000 | protocol=17 | dir=in | app=c:\program files\nvidia corporation\nvstreamsrv\nvstreamer.exe | 
"{10A067D5-38F8-4A3D-B42F-C16558BDD1B2}" = lport=808 | protocol=6 | dir=in | svc=nettcpactivator | app=c:\windows\microsoft.net\framework64\v4.0.30319\smsvchost.exe | 
"{10B05511-1454-4C81-B9A6-FAEC6216B216}" = lport=48000 | protocol=17 | dir=in | app=c:\program files\nvidia corporation\nvstreamsrv\nvstreamer.exe | 
"{121575A6-3CC5-4457-8626-3E42C916C99E}" = lport=rpc | protocol=6 | dir=in | svc=eventlog | app=%systemroot%\system32\svchost.exe | 
"{12A609DE-774C-41B5-8ED0-46F366AB86EE}" = lport=48000 | protocol=17 | dir=in | app=c:\program files\nvidia corporation\nvstreamsrv\nvstreamer.exe | 
"{139B0DD4-2AF5-4593-9D9F-9795DCE195AA}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | app=%systemroot%\system32\svchost.exe | 
"{13D0E2ED-4082-4E84-94E2-3755935749FF}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe | 
"{14D6C418-116F-42D2-87E1-C2FBA645C24B}" = lport=47987 | protocol=6 | dir=in | app=c:\program files\nvidia corporation\nvstreamsrv\nvstreamsvc.exe | 
"{14F2A384-4A45-46E5-837A-F23A372A17D8}" = rport=2177 | protocol=17 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe | 
"{15173A0D-B9DC-4C52-8C12-A323FB25B751}" = lport=80 | protocol=6 | dir=in | app=c:\program files (x86)\nvidia corporation\netservice\nvnetworkservice.exe | 
"{16AE91D6-E854-43F6-9BC2-C96C341CA06B}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | app=%systemroot%\system32\svchost.exe | 
"{16DD91BF-8864-45DE-BFEE-421C25F21F09}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe | 
"{189DDCE8-FCC8-49D3-8319-1AF7E3D978C4}" = lport=48000 | protocol=17 | dir=in | app=c:\program files\nvidia corporation\nvstreamsrv\nvstreamer.exe | 
"{1965A692-2953-4FBE-9618-7A29B307F760}" = lport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe | 
"{1CF48B1D-1F50-4036-85CE-E3E03D95EDC4}" = lport=6004 | protocol=17 | dir=in | app=c:\program files\microsoft office\office14\outlook.exe | 
"{1DD170CC-3610-4795-9509-1D53ED239DF0}" = lport=2869 | protocol=6 | dir=in | app=system | 
"{1EEB4F84-D9E8-41CF-B256-36A55F6F35F7}" = rport=3702 | protocol=17 | dir=out | svc=fdphost | app=%systemroot%\system32\svchost.exe | 
"{2362107B-D9FA-47BF-BBBF-D79852355468}" = lport=3540 | protocol=17 | dir=in | svc=pnrpsvc | app=%systemroot%\system32\svchost.exe | 
"{250AE486-B31E-486D-B48E-9634276A706D}" = lport=7777 | protocol=17 | dir=in | app=%systemroot%\ehome\ehshell.exe | 
"{255066A2-6C24-4772-A633-44C4BE771CAD}" = lport=rpc | protocol=6 | dir=in | svc=schedule | app=%systemroot%\system32\svchost.exe | 
"{29B1C961-B999-49F2-A1CD-2346A193E5E9}" = lport=rpc | protocol=6 | dir=in | svc=ktmrm | app=%systemroot%\system32\svchost.exe | 
"{2D7E0199-D43F-4A89-B819-96F9568D2BBE}" = lport=5353 | protocol=17 | dir=in | app=c:\program files\nvidia corporation\nvstreamsrv\nvstreamsvc.exe | 
"{2DCB6DF5-DD2B-450C-9801-7F79F84B916C}" = lport=47987 | protocol=6 | dir=in | app=c:\program files\nvidia corporation\nvstreamsrv\nvstreamsvc.exe | 
"{304FE3C7-B995-46BC-8BF0-35212FF5DFAF}" = lport=5985 | protocol=6 | dir=in | app=system | 
"{32851210-2C88-4E9F-81F2-6406330FA937}" = lport=5353 | protocol=17 | dir=in | app=c:\program files (x86)\google\chrome\application\chrome.exe | 
"{33210664-3863-4F2F-A7E6-95A9322A87A3}" = lport=2177 | protocol=6 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe | 
"{33FBE966-9E0B-4D10-81B4-BD660CA744F0}" = lport=47987 | protocol=6 | dir=in | app=c:\program files\nvidia corporation\nvstreamsrv\nvstreamsvc.exe | 
"{3499F694-CC6F-47AA-BC7C-12578DF0DE69}" = lport=10245 | protocol=6 | dir=in | app=system | 
"{34CDFBF0-7120-4F34-8DF9-EB3B813AF1DE}" = lport=138 | protocol=17 | dir=in | app=system | 
"{35C2B672-BFD3-4D1A-A7FF-D17FA9F0C73C}" = lport=48000 | protocol=17 | dir=in | app=c:\program files\nvidia corporation\nvstreamsrv\nvstreamer.exe | 
"{36600BD8-062F-4084-9C03-426D60FBC498}" = lport=48000 | protocol=17 | dir=in | app=c:\program files\nvidia corporation\nvstreamsrv\nvstreamer.exe | 
"{366BB697-7DDB-4F07-9C2B-315E8B5F636D}" = lport=10244 | protocol=6 | dir=in | app=system | 
"{383ACA7F-6E32-4BA5-B8A4-9A42D32D722B}" = rport=5358 | protocol=6 | dir=out | app=system | 
"{384D51C4-419D-46A9-AF13-2FBC20E263E3}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe | 
"{39E9287B-D26C-41FD-A930-B69F84C73ADE}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe | 
"{44B1E8D0-2917-4329-A5BF-43A9F7E93D6E}" = lport=3540 | protocol=17 | dir=in | svc=pnrpsvc | app=%systemroot%\system32\svchost.exe | 
"{464C08BA-807B-434F-B58D-43538F8390E3}" = lport=80 | protocol=6 | dir=in | app=system | 
"{46DA4E57-1E33-4354-B4BE-4068AB5EB51C}" = lport=137 | protocol=17 | dir=in | app=system | 
"{4E7000D7-66F1-4FAF-99B1-75C70C3E66B0}" = rport=445 | protocol=6 | dir=out | app=system | 
"{4E8A78BE-5515-4DD6-B16E-99A60D38EB3B}" = lport=554 | protocol=6 | dir=in | app=%systemroot%\ehome\ehshell.exe | 
"{4F04F0BC-3063-41D9-8995-E181F4100500}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe | 
"{4F188572-D0DC-4517-9B39-34AAAA44CD07}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe | 
"{536DAC90-E013-44DF-B645-FE0828DE959D}" = lport=3702 | protocol=17 | dir=in | app=%systemroot%\system32\netproj.exe | 
"{5558C60C-F8B3-4076-940E-DAF8683C2333}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe | 
"{577F9885-8872-445C-8C6A-A3C1563B2C74}" = rport=3702 | protocol=17 | dir=out | app=%systemroot%\system32\netproj.exe | 
"{5784785B-AD1E-4F56-BF68-396587BE06A4}" = rport=139 | protocol=6 | dir=out | app=system | 
"{587F079E-2427-4C13-AE0B-CF9D5F8608EE}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe | 
"{5DD1F306-4DA2-4D84-82C9-B326DC813C3E}" = rport=1723 | protocol=6 | dir=out | app=system | 
"{60A8DBDA-6ADF-4C8C-B698-A1F3C4A117B4}" = lport=5353 | protocol=17 | dir=in | app=c:\program files\nvidia corporation\nvstreamsrv\nvstreamsvc.exe | 
"{683B30F2-9A8A-4251-A254-0324F4C57CD4}" = lport=rpc | protocol=6 | dir=in | svc=policyagent | app=%systemroot%\system32\svchost.exe | 
"{693BEBE9-7236-4344-8349-CCD95D2D1F4A}" = lport=5353 | protocol=17 | dir=in | app=c:\program files\nvidia corporation\nvstreamsrv\nvstreamsvc.exe | 
"{6AD4EB5A-C828-4B59-8553-C1D6E79BBAE7}" = lport=139 | protocol=6 | dir=in | app=system | 
"{6BB75BC3-E8FB-4340-8BCA-D19D070E43BE}" = lport=443 | protocol=6 | dir=out | app=system | 
"{6F722873-0BCE-4EB0-BC2F-3491E04CB69E}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe | 
"{70A7A546-4A81-4710-9FC4-6DDBBDC9C571}" = lport=47991 | protocol=6 | dir=in | app=c:\program files\nvidia corporation\nvstreamsrv\nvstreamer.exe | 
"{74AC58C7-3756-4BA0-8EBC-EA52EEA418C9}" = lport=5358 | protocol=6 | dir=in | app=system | 
"{75AC6DFB-A29B-4B00-A34F-0107E166EA93}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | app=%systemroot%\system32\svchost.exe | 
"{7B588E4D-06E2-4F5F-ABE7-185B83672630}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe | 
"{7C71FA94-D3E1-49FB-9A34-F5D6AEC43C9B}" = lport=445 | protocol=6 | dir=in | app=system | 
"{7E84C960-8CFC-4401-A675-111BC6FDB3E9}" = lport=47987 | protocol=6 | dir=in | app=c:\program files\nvidia corporation\nvstreamsrv\nvstreamsvc.exe | 
"{805021AE-A454-4A89-B9E0-3F6D77FEE1FA}" = lport=47984 | protocol=6 | dir=in | app=c:\program files\nvidia corporation\nvstreamsrv\nvstreamsvc.exe | 
"{80C43962-A2DF-49AB-83A2-84898D5EBD7C}" = lport=48000 | protocol=17 | dir=in | app=c:\program files\nvidia corporation\nvstreamsrv\nvstreamer.exe | 
"{81263E89-FC22-4BDA-9405-4776A52550E3}" = lport=47991 | protocol=6 | dir=in | app=c:\program files\nvidia corporation\nvstreamsrv\nvstreamer.exe | 
"{841F2662-C87B-4D84-8D6F-A8B1A3E0A3C0}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe | 
"{852BA833-E7E8-49B8-8F5F-A1746C613F12}" = lport=47987 | protocol=6 | dir=in | app=c:\program files\nvidia corporation\nvstreamsrv\nvstreamsvc.exe | 
"{8718F17D-5A56-4532-8ECB-DAAE758560AE}" = lport=443 | protocol=6 | dir=out | app=system | 
"{8AC75DA3-D616-4F2B-8F6C-166D85733592}" = lport=808 | protocol=6 | dir=in | svc=nettcpactivator | app=c:\windows\microsoft.net\framework64\v4.0.30319\smsvchost.exe | 
"{8C37B5C6-D532-4C65-BEED-B88A780ADF2C}" = rport=5357 | protocol=6 | dir=out | app=system | 
"{91118396-AA06-49F3-9F12-C1BA6D524548}" = lport=47987 | protocol=6 | dir=in | app=c:\program files\nvidia corporation\nvstreamsrv\nvstreamsvc.exe | 
"{9287C5D3-9B4D-42DC-9034-E3AE5BB2A520}" = rport=3702 | protocol=17 | dir=out | svc=peerdistsvc | app=%systemroot%\system32\svchost.exe | 
"{93E3387A-5A46-4E30-86B7-06FE54351453}" = lport=47987 | protocol=6 | dir=in | app=c:\program files\nvidia corporation\nvstreamsrv\nvstreamsvc.exe | 
"{9630ECDE-262A-4EDB-AF74-EB87F8681BD0}" = rport=443 | protocol=6 | dir=out | app=system | 
"{9755ED2A-F206-4025-9A7A-01726C90CD23}" = lport=445 | protocol=6 | dir=in | app=system | 
"{97D3300E-4F36-4FEA-9B20-A0EBC791BCBA}" = lport=80 | protocol=6 | dir=in | app=system | 
"{99861FA8-3DAC-4407-8A0C-9A138FE3E7D0}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe | 
"{9C4CF416-FB28-43C2-8722-AE30221EA5D5}" = lport=rpc | protocol=6 | dir=in | svc=spooler | app=%systemroot%\system32\spoolsv.exe | 
"{9DA535F6-E63A-4735-9751-3C6E408A8C71}" = lport=47987 | protocol=6 | dir=in | app=c:\program files\nvidia corporation\nvstreamsrv\nvstreamsvc.exe | 
"{9FF5BE60-0C06-4930-B6D1-2196F02E2BB3}" = lport=3390 | protocol=6 | dir=in | app=system | 
"{A0C23D06-AB86-4146-A635-93CCA5B5A259}" = lport=443 | protocol=6 | dir=in | app=system | 
"{A1F114B8-7FE1-49D9-A800-AE991553A9C7}" = lport=rpc | protocol=6 | dir=in | app=%systemroot%\system32\vdsldr.exe | 
"{A212F3CB-68B4-4F52-ABA5-03423745C7DE}" = lport=5353 | protocol=17 | dir=in | app=c:\program files\nvidia corporation\nvstreamsrv\nvstreamsvc.exe | 
"{A3AFDBDF-7DE2-4BDD-8B6B-4BD7A0FE8149}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe | 
"{A3B10212-05BE-4EC2-89B0-45A6E1540177}" = lport=3702 | protocol=17 | dir=in | svc=fdrespub | app=%systemroot%\system32\svchost.exe | 
"{A7CE5058-47BD-4B72-AFBC-645D5D4998C9}" = rport=80 | protocol=6 | dir=out | app=system | 
"{A9AEC67C-DE2C-4B59-8FD0-6F3B5CCAA43E}" = rport=3540 | protocol=17 | dir=out | svc=pnrpsvc | app=%systemroot%\system32\svchost.exe | 
"{AABFB6E7-46B8-4101-A057-BB5D1DD621EE}" = lport=135 | protocol=6 | dir=in | svc=rpcss | app=%systemroot%\system32\svchost.exe | 
"{AFF6DF99-EC12-4C0F-9219-B49CA9261060}" = lport=5353 | protocol=17 | dir=in | app=c:\program files\nvidia corporation\nvstreamsrv\nvstreamsvc.exe | 
"{B02E0412-032C-491A-9C0C-74DFC9A8C98B}" = lport=5353 | protocol=17 | dir=in | app=c:\program files (x86)\google\chrome\application\chrome.exe | 
"{B3124643-78C1-460C-989D-69A4D7565D61}" = rport=3702 | protocol=17 | dir=out | svc=fdrespub | app=%systemroot%\system32\svchost.exe | 
"{B3544E20-F8B0-4FAC-B4F8-C8D03F7640F6}" = lport=3702 | protocol=17 | dir=in | svc=peerdistsvc | app=%systemroot%\system32\svchost.exe | 
"{B38EE2F3-6A48-497A-BD10-FA712C3B3D4E}" = lport=5357 | protocol=6 | dir=in | app=system | 
"{B3CC803A-FF24-4D96-A8CD-E66DFAD89388}" = lport=47991 | protocol=6 | dir=in | app=c:\program files\nvidia corporation\nvstreamsrv\nvstreamer.exe | 
"{B74C9501-6DE8-4AF5-8950-8142D7D8529C}" = lport=2177 | protocol=17 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe | 
"{B870704C-FCE9-4B77-9BFE-27C8BE770003}" = lport=445 | protocol=6 | dir=in | app=system | 
"{B9F1F3BB-81E3-4219-A7D5-C837354BBBEC}" = lport=1701 | protocol=17 | dir=in | app=system | 
"{BC83C053-CCD9-42AC-9AEE-9C72EA46A4DA}" = lport=3702 | protocol=17 | dir=in | app=%systemroot%\system32\p2phost.exe | 
"{BC9BDF6A-846A-4207-B852-1730CB81A8EF}" = lport=2869 | protocol=6 | dir=in | app=system | 
"{BD9A3F39-D3D2-4119-BF72-0ED02BD197D5}" = lport=5353 | protocol=17 | dir=in | app=c:\program files\nvidia corporation\nvstreamsrv\nvstreamsvc.exe | 
"{C10434C9-567C-4255-A586-B3D97857235D}" = lport=rpc | protocol=6 | dir=in | svc=vds | app=%systemroot%\system32\vds.exe | 
"{C23E779C-B454-4032-91CC-164E81E05CB2}" = lport=48000 | protocol=17 | dir=in | app=c:\program files\nvidia corporation\nvstreamsrv\nvstreamer.exe | 
"{C3DD591A-B314-4AE5-8FD8-212031377876}" = lport=443 | protocol=6 | dir=in | app=c:\program files (x86)\nvidia corporation\netservice\nvnetworkservice.exe | 
"{C60F6756-011D-44B9-8A75-57AA67FE9703}" = lport=5353 | protocol=17 | dir=in | app=c:\program files\nvidia corporation\nvstreamsrv\nvstreamsvc.exe | 
"{CAEF45DD-3F00-486F-9206-4F041808027A}" = lport=47991 | protocol=6 | dir=in | app=c:\program files\nvidia corporation\nvstreamsrv\nvstreamer.exe | 
"{CC1CDDF9-4B74-4E00-A001-2055BF01B863}" = lport=1723 | protocol=6 | dir=in | app=system | 
"{CD4452C6-EBCC-48FB-B8FF-5B1851431319}" = lport=135 | protocol=6 | dir=in | svc=rpcss | app=%systemroot%\system32\svchost.exe | 
"{CE06DABC-0903-4CD8-BF98-3AD9432C7209}" = rport=2177 | protocol=6 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe | 
"{D1827B22-4B9D-41EC-A223-7D2E6560411C}" = rport=137 | protocol=17 | dir=out | app=system | 
"{D5F00AB7-D62F-4434-9BC5-C189B0E03C66}" = lport=2869 | protocol=6 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe | 
"{DDA67FF2-C3C5-45BC-A5EE-CE9A471B5367}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | app=%systemroot%\system32\svchost.exe | 
"{DF59DD5D-F0C3-46D6-BA4C-58F91ECB9D9F}" = lport=48000 | protocol=17 | dir=in | app=c:\program files\nvidia corporation\nvstreamsrv\nvstreamer.exe | 
"{E1215202-62B5-4426-819E-30E3B4234458}" = lport=443 | protocol=6 | dir=in | app=system | 
"{E1BC8B9D-42AD-407F-9FF5-D85BDB30F957}" = rport=3702 | protocol=17 | dir=out | app=%systemroot%\system32\p2phost.exe | 
"{E51DB67E-7E02-4C26-A08B-56C02E561BBB}" = rport=1701 | protocol=17 | dir=out | app=system | 
"{E5B22CE8-B7D4-48E6-9038-6EF06F32830C}" = lport=47991 | protocol=6 | dir=in | app=c:\program files\nvidia corporation\nvstreamsrv\nvstreamer.exe | 
"{E8CF7B46-43A1-49FD-94E2-7199031F1FD9}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | [email protected],-28539 | 
"{EB0A1A98-9E96-4927-8203-504D8AA74D36}" = lport=47991 | protocol=6 | dir=in | app=c:\program files\nvidia corporation\nvstreamsrv\nvstreamer.exe | 
"{ECF62968-D5F6-4D08-9A0B-753467410589}" = rport=3540 | protocol=17 | dir=out | svc=pnrpsvc | app=%systemroot%\system32\svchost.exe | 
"{EF2955B1-8A8B-4615-AA12-240601F8EEEC}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe | 
"{F116A981-31EB-4E84-8015-75E4BB482BAA}" = lport=5353 | protocol=17 | dir=in | app=c:\program files\nvidia corporation\nvstreamsrv\nvstreamsvc.exe | 
"{F25EA382-3D84-406D-9D48-C5B52331CEC2}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | app=%systemroot%\system32\svchost.exe | 
"{F539C5B7-EE12-43B6-A19C-6ED749C5C1DF}" = lport=162 | protocol=17 | dir=in | svc=snmptrap | app=%systemroot%\system32\snmptrap.exe | 
"{F6414E4C-2123-4B9B-8FFB-6258F8D3E83E}" = lport=47991 | protocol=6 | dir=in | app=c:\program files\nvidia corporation\nvstreamsrv\nvstreamer.exe | 
"{F73C843F-8ACC-46CA-8B7C-D324038E1950}" = lport=3540 | protocol=17 | dir=in | svc=pnrpsvc | app=%systemroot%\system32\svchost.exe | 
"{F73CF64D-7463-4775-9D4D-1ADCF91D64F8}" = lport=48000 | protocol=17 | dir=in | app=c:\program files\nvidia corporation\nvstreamsrv\nvstreamer.exe | 
"{F8FF1C63-6202-4F6D-9495-099A5CF90986}" = lport=445 | protocol=6 | dir=in | app=system | 
"{FA8ED1D9-584D-442D-9D4F-6CA920B392B7}" = lport=47991 | protocol=6 | dir=in | app=c:\program files\nvidia corporation\nvstreamsrv\nvstreamer.exe | 
"{FD9A36CB-E14A-4E13-8990-AE06A57C9065}" = lport=5353 | protocol=17 | dir=in | app=c:\program files\nvidia corporation\nvstreamsrv\nvstreamsvc.exe | 
"{FEDD7968-A689-4311-829E-873F7C740D37}" = lport=443 | protocol=6 | dir=in | app=system | 
 
========== Vista Active Application Exception List ==========
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{0026FE76-D8EC-42DD-959A-2D6D824895C8}" = protocol=6 | dir=in | app=c:\windows\system32\xpsrchvw.exe | 
"{01730B98-EDCB-4296-ACCE-D055BC2F06FC}" = protocol=6 | dir=in | app=c:\drivers\jmicron 1394 filter driver\setup.exe | 
"{019F51EE-B7A5-49F2-9754-31EDC6A19688}" = protocol=6 | dir=in | app=c:\program files (x86)\nvidia corporation\nvidia geforce experience\gfexperience.exe | 
"{02A54A58-69DA-49F2-B296-3D328223519C}" = dir=in | app=c:\users\nigel\appdata\local\torch\application\torch.exe | 
"{03CC35B7-7A91-4DA7-A1AD-940A2450E2F0}" = protocol=17 | dir=in | app=c:\program files (x86)\lavmediacodec\unins000.exe | 
"{043F72B2-13BA-46C4-BBD4-30EBD403E7BE}" = protocol=6 | dir=in | app=c:\program files\vs revo group\revo uninstaller pro\unins000.exe | 
"{044635AC-4BED-4DD9-901D-31699E9E28DA}" = protocol=6 | dir=in | app=c:\users\nigel\appdata\roaming\reincubate\iphone backup extractor\iphonebackupextractor.exe | 
"{04EDAD18-54FD-4E47-A503-66FD5FFCA354}" = protocol=6 | dir=in | app=c:\program files (x86)\adobe\acrobat 11.0\formscentral\formscentralforacrobat.exe | 
"{04EEECF4-DF45-4C35-8F63-AB6BEC6AEC48}" = protocol=6 | dir=in | app=c:\program files (x86)\iobit\driver booster\unins000.exe | 
"{0531A9DC-5654-48E7-BD97-688A60948418}" = protocol=6 | dir=in | app=c:\program files (x86)\amd avt\bin\kdbsync.exe | 
"{0540E8A4-E3E1-43E5-AB70-A490FBA5251C}" = protocol=17 | dir=in | app=c:\program files (x86)\bluestacks\hd-service.exe | 
"{06DB2FA9-FCFA-4934-877F-70828C6EE14D}" = protocol=17 | dir=in | app=c:\program files (x86)\marvell\miniport driver\ykx32ie.exe | 
"{07B61234-7AC6-47DE-8850-E2757C342739}" = protocol=17 | dir=in | app=c:\program files (x86)\canon\solution menu ex\cnsemain.exe | 
"{0822F52B-0B0D-4C81-8A8D-5AAA2AEF7D6D}" = protocol=17 | dir=in | app=c:\users\nigel\appdata\roaming\google\google talk\uninstall.exe | 
"{09004C3C-C84B-4554-B217-9DE93B4C5A4D}" = protocol=17 | dir=in | app=c:\program files\recuva\recuva64.exe | 
"{09505DE2-2FE0-4510-AA16-E41D8EC9244A}" = protocol=6 | dir=in | app=c:\users\nigel\appdata\roaming\reincubate\dmg extractor\dmgextractor.exe | 
"{09A00FA5-49E1-4B9B-B8F2-AACE4DF65201}" = protocol=17 | dir=in | app=c:\program files (x86)\jmicron\johci_dir\setup.exe | 
"{09C24A4B-C6F6-4C90-A114-6BF54E4B72B6}" = protocol=17 | dir=in | app=c:\program files (x86)\adobe\adobe help\adobe help.exe | 
"{0A77ADB2-1426-4122-A637-3C5742331A41}" = protocol=6 | dir=in | app=c:\program files\adobe\adobe photoshop cs5.1 (64 bit)\photoshop.exe | 
"{0AACFED5-0845-4E6D-B2DA-4EE47D7884DC}" = protocol=17 | dir=in | app=c:\program files (x86)\nvidia corporation\nvidia geforce experience\7z.exe | 
"{0B05BE72-F945-476A-8B74-4189217A4303}" = protocol=17 | dir=in | app=c:\program files (x86)\amd app\bin\x86_64\amdocl_as.exe | 
"{0B079E79-27D5-4004-9EBC-8D6C64F57D2C}" = protocol=6 | dir=in | app=c:\program files\microsoft office\office14\groove.exe | 
"{0BE2AD05-3D40-420D-A7D3-FEC472374D5C}" = protocol=17 | dir=in | app=c:\program files (x86)\google\picasa3\picasa3.exe | 
"{0C5124BA-F53F-45AD-A902-B7E430E2C770}" = protocol=6 | dir=in | app=c:\program files (x86)\xvid\miniconvert.exe | 
"{0C76785C-3AAF-4F2E-85E8-C39FA365DA6A}" = protocol=17 | dir=in | app=c:\program files (x86)\xvid\miniconvert.exe | 
"{0E77E202-AE90-48CE-96EE-2CF3DF09B438}" = protocol=17 | dir=out | app=%systemroot%\ehome\ehshell.exe | 
"{0EA8BD38-F5FE-422C-A4C5-FA8305083CB2}" = protocol=6 | dir=in | app=c:\program files (x86)\ati technologies\ati.ace\branding\cccinstall.exe | 
"{0EC89C8D-04C5-464B-B4AE-17F438811E73}" = protocol=6 | dir=in | app=c:\users\nigel\appdata\roaming\reincubate\dmg extractor\dmgextractor-uninstaller.exe | 
"{0F29B9CE-8EF6-4ECC-AE95-81C502878726}" = protocol=17 | dir=in | app=c:\program files (x86)\adobe\acrobat 11.0\acrobat\acrodist.exe | 
"{0F7A4D75-97C7-4E43-8495-4F43B949B051}" = protocol=17 | dir=in | app=c:\program files (x86)\iphonebrowser\iphonebrowser.exe | 
"{0FFD6331-F67C-42E1-BE6B-F3D02C9964EB}" = protocol=6 | dir=in | app=c:\program files (x86)\ffdshow\unins000.exe | 
"{100F8ACB-CF15-44B1-9BE0-A6996C419BE4}" = protocol=17 | dir=in | app=c:\amd\support\13-4_vista_win7_win8_64_dd_ccc_whql\setup.exe | 
"{10F1A709-6243-431C-A04B-25AE20D377AD}" = protocol=17 | dir=in | app=c:\users\nigel\appdata\local\google\google talk plugin\googletalkplugin.exe | 
"{112EE6FA-FA44-4104-8324-C4C2B6AD8FA6}" = protocol=6 | dir=in | app=c:\program files (x86)\canon\ijereg\mg2100 series\ijereg.exe | 
"{115DDE4F-B178-456B-9040-0C112A52D44D}" = protocol=17 | dir=in | app=c:\program files (x86)\realtek\audio\asio\install.exe | 
"{12B0C17B-93A1-4D91-85C9-925A7135F461}" = protocol=17 | dir=in | app=c:\users\nigel\appdata\roaming\reincubate\dmg extractor\dmgextractor.exe | 
"{12BDF8BA-F7BD-47CE-9EF3-4CC9698C3E44}" = protocol=17 | dir=in | app=c:\program files (x86)\nvidia corporation\3d vision\nvstview.exe | 
"{136588C6-23E5-486C-8A5F-26F1B364ECC1}" = protocol=6 | dir=in | app=c:\program files (x86)\real\realplayer\realconverter.exe | 
"{13CA5B37-E5A8-4E7F-980D-B4FABD1705B1}" = protocol=6 | dir=in | app=c:\program files (x86)\bluestacks\hd-network.exe | 
"{144E1502-F3E7-42B4-8FE1-A736E2000172}" = protocol=6 | dir=in | app=c:\program files (x86)\java\jre7\bin\javacpl.exe | 
"{14C1264E-FB5A-4BD0-B156-3642348CAEC9}" = protocol=6 | dir=in | app=c:\drivers\alps pointing-device driver\apoint.exe | 
"{1571FCAA-C59F-4595-9DC7-FFECA61291C9}" = protocol=6 | dir=in | app=c:\program files (x86)\xvid\avic.exe | 
"{16840EC5-95B8-46B0-80B1-78A0978BD9E0}" = protocol=17 | dir=in | app=c:\program files (x86)\realtek high definition audio cc88d7248b3128d9fba630624b7a1b79\ravbg64.exe | 
"{176711F1-4490-4F29-82D9-700241734D98}" = protocol=17 | dir=in | app=c:\drivers\setup.exe | 
"{17B29C7C-6873-4AA3-9C0C-85582E8C6DC3}" = protocol=6 | dir=in | app=c:\program files (x86)\jmicron\johci_dir\setup.exe | 
"{17D3945E-090A-426F-BEE0-2FD30FEB4BC1}" = protocol=17 | dir=in | app=c:\program files (x86)\realtek high definition audio cc88d7248b3128d9fba630624b7a1b79\ravcpl64.exe | 
"{1821521A-197D-472D-AFC3-F3749803289F}" = protocol=6 | dir=out | app=%systemroot%\system32\p2phost.exe | 
"{188AAE52-016F-45D4-9618-456963A53C74}" = protocol=6 | dir=in | app=c:\program files (x86)\canon\ijereg\mg2100 series\ijereg.exe | 
"{18D64866-905E-4DCD-9328-5BF8CCCE0E69}" = protocol=17 | dir=in | app=c:\program files (x86)\bluestacks\hd-png2ico.exe | 
"{19C1D082-8E26-45F9-AE49-2D8DE9AD352D}" = protocol=17 | dir=in | app=c:\program files\microsoft silverlight\sllauncher.exe | 
"{19F872CB-9ADA-424F-9608-C1058EA07A11}" = protocol=17 | dir=in | app=c:\program files\microsoft office\office14\groove.exe | 
"{1A24E1D2-37F2-4716-8939-7BE47273E97C}" = protocol=17 | dir=in | app=c:\users\nigel\appdata\roaming\reincubate\dmg extractor\dmgextractor-uninstaller.exe | 
"{1AB223FB-033F-4D47-AEB0-4AF8FBA89A7C}" = protocol=17 | dir=in | app=c:\users\nigel\appdata\roaming\reincubate\dmg extractor\dmgextractor-uninstaller.exe | 
"{1B7EDAD7-4283-4E3D-9C28-C605FF3680FC}" = protocol=6 | dir=in | app=c:\program files (x86)\marvell\miniport driver\ykx32ie.exe | 
"{1BF3B0D4-1B68-4546-A88C-469095367142}" = protocol=17 | dir=in | app=c:\program files (x86)\microsoft\bingdesktop\bingdesktop.exe | 
"{1C344A13-68D5-4DEE-8B61-19093D596F5D}" = protocol=6 | dir=in | app=c:\windows\ehome\ehshell.exe | 
"{1C61DEC0-9E78-403E-86A2-696A7A00A2B0}" = protocol=17 | dir=in | app=c:\drivers\alps pointing-device driver\dpinst.exe | 
"{1D371DD0-3251-4412-B21A-5CF0827F9615}" = protocol=6 | dir=in | app=c:\users\nigel\appdata\roaming\reincubate\dmg extractor\dmgextractor.exe | 
"{1DF68A93-2887-43FE-BDBE-9231A9E0684E}" = protocol=17 | dir=in | app=c:\program files (x86)\usb human interface device 33b51d98912fa395f47d492c06592e62\usb human interface device 33b51d98912fa395f47d492c06592e62.exe | 
"{1EA993D2-5151-4F74-A19E-9A05DD42446D}" = protocol=6 | dir=in | app=c:\users\nigel\appdata\local\google\google talk plugin\googletalkplugin.exe | 
"{2008D0E4-C8D4-470D-8D4E-8C9012A89F9C}" = protocol=17 | dir=in | app=c:\program files (x86)\xvid\uninstall.exe | 
"{206A7ACF-B6BC-4DE6-9248-4468C13E0121}" = protocol=17 | dir=out | svc=pnrpsvc | app=%systemroot%\system32\svchost.exe | 
"{2127486D-9D72-4BEE-B543-82CC4FF67D71}" = protocol=17 | dir=in | app=c:\program files (x86)\internet explorer\ieinstal.exe | 
"{225D4A10-7DE6-42F0-8477-06F39EA81384}" = protocol=17 | dir=in | app=c:\program files (x86)\xvid\autoupdate-windows.exe | 
"{230ECF8B-1019-4629-9938-AE42AB7ADDBF}" = protocol=17 | dir=in | app=c:\users\nigel\appdata\roaming\reincubate\iphone backup extractor\iphonebackupextractor-uninstaller.exe | 
"{238074F9-5DA0-494A-8CBF-E61FA9F35ECA}" = protocol=6 | dir=in | app=c:\drivers\setup.exe | 
"{23EF7569-0DA5-4B79-B528-A513D80583E5}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe | 
"{243C506F-F8D4-454F-A603-A0C468309C30}" = protocol=6 | dir=in | app=c:\program files (x86)\adobe\adobe help\adobe help.exe | 
"{24969188-5CA2-465D-AD37-AEC747D75A27}" = protocol=6 | dir=in | app=c:\program files (x86)\nvidia corporation\3d vision\nvstview.exe | 
"{24FA55C1-B313-4935-9E48-0E923C444FC6}" = protocol=6 | dir=in | app=c:\program files (x86)\microsoft\bingdesktop\bingdesktop.exe | 
"{25083BFF-61FB-486F-A0DC-26A9E315E3DC}" = protocol=17 | dir=in | app=c:\program files (x86)\rocketdock\rocketdock.exe | 
"{25645B6C-BF54-4552-BBC4-61C8898BD9FA}" = protocol=6 | dir=in | app=c:\program files (x86)\canon\mp navigator ex 5.0\mpnex50.exe | 
"{25ABC1FB-D8F5-41FE-8957-27D015BDD18F}" = protocol=6 | dir=in | app=c:\program files (x86)\imtoo\iphone photo transfer\ipodmanager-loader.exe | 
"{26E8E955-AB51-4FF0-B1CD-07AECC70054A}" = protocol=6 | dir=in | app=c:\program files (x86)\canon\ijereg\mg2100 series\uninst.exe | 
"{27B319C8-0502-4B95-895A-370E45625EF0}" = protocol=17 | dir=in | app=c:\program files\recuva\uninst.exe | 
"{285427D4-9902-436E-9DF5-37BFD78DC2FA}" = protocol=17 | dir=in | app=c:\program files (x86)\rocketdock\rocketdock.exe | 
"{285628C0-5014-4E55-985C-4E355AA7E6CB}" = protocol=17 | dir=in | app=c:\program files (x86)\jmicron\johci_dir\setup.exe | 
"{28B67163-101C-492D-8AF5-C65D7857CA83}" = protocol=17 | dir=in | app=c:\program files (x86)\amd avt\bin\kdbsync.exe | 
"{29ECF76E-E358-45F9-9CE3-ADC17EAB4E19}" = protocol=6 | dir=in | app=c:\program files (x86)\canon\solution menu ex\cnsemain.exe | 
"{2B01A47D-0867-46E7-BEBB-B29CF863EA8D}" = protocol=17 | dir=in | app=c:\program files (x86)\bluetooth\gbu521_win_vista_7_v6.5.1.2700\setup.exe | 
"{2D51A7CD-AAD5-4893-9FB6-A1DE27BA47EE}" = protocol=17 | dir=in | app=c:\program files (x86)\xvid\minicalc.exe | 
"{2D8A04D4-3538-4977-9FDE-EE726BAB2FE8}" = protocol=1 | dir=out | [email protected],-28544 | 
"{2F09F88B-BEBC-4001-96AC-0EC8631C2F62}" = protocol=17 | dir=in | app=c:\program files (x86)\ffdshow\unins000.exe | 
"{30446EB7-8CDE-4443-8B5C-75BF138085DF}" = protocol=6 | dir=in | app=c:\program files (x86)\adobe\adobe photoshop cs5.1\photoshop.exe | 
"{31D05B1E-5BF4-4D2C-9B31-1025512808A0}" = protocol=6 | dir=in | app=c:\program files (x86)\nvidia corporation\nvidia geforce experience\7z.exe | 
"{32BCBFE6-ABCF-4360-A969-4F0C4F794790}" = protocol=6 | dir=in | app=c:\users\nigel\appdata\roaming\reincubate\iphone backup extractor\iphonebackupextractor.exe | 
"{33389913-544C-4FAF-B6D5-1F9CC00822B5}" = protocol=6 | dir=in | app=c:\amd\support\13-4_vista_win7_win8_64_dd_ccc_whql\setup.exe | 
"{33AEDA95-0CEC-4E69-A4B1-2EA843784BE4}" = protocol=6 | dir=in | app=c:\windows\system32\msra.exe | 
"{33BE2C4F-5685-4D34-AB7D-A0B710C3F23E}" = protocol=6 | dir=in | app=c:\drivers\alps pointing-device driver\apoint.exe | 
"{341C3961-8C9D-421C-B912-0EDB5E213A17}" = protocol=6 | dir=in | app=c:\program files\internet explorer\iexplore.exe | 
"{349E5602-2CEC-4FAE-9750-33701E354249}" = protocol=6 | dir=in | app=c:\program files (x86)\xvid\uninstall.exe | 
"{35C17DB1-C92C-41C2-9E57-009EBAEAD95F}" = protocol=17 | dir=in | app=c:\drivers\alps pointing-device driver\apoint.exe | 
"{36135EE6-0CFC-4159-806C-6F3698D79B0C}" = protocol=17 | dir=in | app=c:\program files (x86)\canon\solution menu ex\cnsemain.exe | 
"{36B7FDB1-14D5-4C4A-B259-682A119C7DC2}" = protocol=17 | dir=in | app=c:\drivers\alps pointing-device driver\apoint.exe | 
"{375F8037-4229-4C2D-8BB9-1D53EBA7CD17}" = protocol=6 | dir=in | app=c:\program files (x86)\amd app\bin\x86_64\amdocl_ld.exe | 
"{3779B263-3046-4A6D-AF31-BA58EF12F041}" = protocol=17 | dir=in | app=c:\program files (x86)\lavmediacodec\unins000.exe | 
"{38E1A705-8847-4CE1-8D67-ADC93F29EA4A}" = protocol=6 | dir=in | app=c:\program files (x86)\mozilla firefox\firefox.exe | 
"{38F8487C-434E-47DF-977E-37723640CF59}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe | 
"{392466DB-56F4-4A5B-B862-B327D1A8CC9F}" = protocol=17 | dir=in | app=%programfiles(x86)%\windows media player\wmplayer.exe | 
"{39EEC179-1AA6-4874-BD0D-61A92D98B88B}" = protocol=17 | dir=in | app=c:\program files (x86)\canon\ij manual\canon mg2100 series\uninstall.exe | 
"{3A4DA030-5213-4B34-92CE-7578D07FB20D}" = protocol=6 | dir=in | app=c:\program files\recuva\uninst.exe | 
"{3ABB15B9-6D53-4503-9948-90A88E26E726}" = protocol=6 | dir=in | app=c:\program files (x86)\real\realplayer\realtrimmer.exe | 
"{3B9129E9-29FE-4FD0-9C13-1D550E11E055}" = protocol=17 | dir=in | app=c:\program files (x86)\adobe\adobe utilities - cs5.5\extendscript toolkit cs5.5\extendscript toolkit.exe | 
"{3C52575A-1DFE-4C3D-995F-13B5E2609550}" = protocol=17 | dir=in | app=c:\program files (x86)\java\jre7\bin\javacpl.exe | 
"{3C805611-E86B-402F-A5F4-D76C43E47824}" = protocol=17 | dir=in | app=c:\program files (x86)\directvobsub\unins000.exe | 
"{3CB305CD-13DA-4331-A414-AD4281514B09}" = protocol=6 | dir=in | app=c:\program files (x86)\divx\divx converter\divxconverterlauncher.exe | 
"{3E5296E7-E47F-4BD5-AD7B-CD8A6A5E764B}" = protocol=17 | dir=in | app=c:\program files\adobe\adobe photoshop cs5.1 (64 bit)\photoshop.exe | 
"{3E79BB4A-9B50-4BC4-9C16-0A1B42FB3AD3}" = protocol=6 | dir=in | app=c:\mydrivers\download\broadcom_bluetooth_6.5.1.1240\setup.exe | 
"{3F0CF510-ED7F-4D36-B902-EDE11A40BB6A}" = protocol=17 | dir=in | app=c:\program files (x86)\real\realplayer\realconverter.exe | 
"{403C4BE0-958C-45C0-A737-693E0306A42D}" = protocol=6 | dir=in | app=c:\mydrivers\download\301.42-desktop-win7-64-international-whql.exe | 
"{42132327-1C57-4470-9DAB-4932D641AAF6}" = protocol=17 | dir=in | app=c:\windows\system32\msra.exe | 
"{422E9015-C1B0-45DF-9CC7-EDD0F33BC417}" = protocol=17 | dir=in | app=c:\program files (x86)\real\realplayer\realtrimmer.exe | 
"{428D089C-8E96-48F5-9A2A-D5B6586BB660}" = protocol=17 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe | 
"{43C76E9B-B533-4F07-9549-CF7880F0252E}" = protocol=6 | dir=in | app=c:\program files (x86)\realtek high definition audio cc88d7248b3128d9fba630624b7a1b79\aertsr64.exe | 
"{44A3D437-2B40-4109-ADD0-CC59237C5DF4}" = protocol=17 | dir=in | app=c:\program files (x86)\microsoft silverlight\sllauncher.exe | 
"{44B9B569-A650-4774-9531-CB5AD59EE499}" = protocol=6 | dir=in | app=c:\program files (x86)\canon\ij manual\canon mg2100 series\uninstall.exe | 
"{4504BBF4-B532-468B-8F34-91238E32ADC6}" = protocol=6 | dir=in | app=c:\program files (x86)\common files\installshield\professional\runtime\11\50\intel32\isbew64.exe | 
"{45453047-B88C-479A-8A84-9CBED07F0092}" = protocol=17 | dir=in | app=c:\amd\support\13-1-legacy_vista_win7_win8_64_dd_ccc\setup.exe | 
"{478C845B-FFF2-41A3-98AA-CE1C5A29D3BF}" = protocol=6 | dir=in | app=c:\program files (x86)\usb human interface device 33b51d98912fa395f47d492c06592e62\usb human interface device 33b51d98912fa395f47d492c06592e62.exe | 
"{47D9E222-F3F4-4C2D-9CFA-0111896213AA}" = protocol=6 | dir=in | app=c:\program files\adobe\adobe bridge cc (64 bit)\bridge.exe | 
"{495B0958-5143-439D-BB26-4BF1210CA81D}" = protocol=17 | dir=in | app=c:\mydrivers\download\301.42-desktop-win7-64-international-whql.exe | 
"{49F81EDF-5E61-428C-B6D6-F9D2813BEBE7}" = protocol=17 | dir=in | app=c:\program files (x86)\nvidia corporation\nvidia geforce experience\gfexperience.exe | 
"{4A4B0550-3622-424D-8F0D-816377574886}" = protocol=17 | dir=in | app=c:\program files (x86)\marvell\miniport driver\ykx64ie.exe | 
"{4CBB1271-70C3-4381-9E59-33A3E778271F}" = protocol=6 | dir=in | app=c:\program files (x86)\adobe\adobe bridge cs5.1\bridge.exe | 
"{4D7AFCDA-A831-4120-9A5A-AEBA43CF8148}" = protocol=6 | dir=in | app=c:\program files (x86)\bluetooth\setupbtwdownloadse.exe | 
"{4DBFAF52-F1E9-45F4-82EE-58EE4C423079}" = protocol=6 | dir=in | app=c:\program files (x86)\ffdshow\makeavis.exe | 
"{4DFF184B-8AAC-4B8B-8C3F-68203A404180}" = protocol=6 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe | 
"{4F8AB7FA-F35E-4D88-8B55-9077A424E1CB}" = protocol=17 | dir=in | app=c:\amd\support\13-4_vista_win7_win8_64_dd_ccc_whql\setup.exe | 
"{4F9F156A-FE2B-41B5-A956-87D2F331D60C}" = protocol=17 | dir=in | app=c:\program files (x86)\realtek high definition audio cc88d7248b3128d9fba630624b7a1b79\ravcpl64.exe | 
"{5141401F-FEE7-43A6-8076-928B40AB3C6E}" = protocol=6 | dir=in | app=c:\program files (x86)\bluestacks\hd-png2ico.exe | 
"{51F02513-7E26-4586-84F5-0F508AD84DE2}" = protocol=17 | dir=in | app=c:\program files\vs revo group\revo uninstaller pro\unins000.exe | 
"{52A78DF7-3255-4D2E-9ED4-70FB8CE86402}" = protocol=6 | dir=in | app=c:\program files (x86)\ati technologies\ati.ace\core-static\ccc.exe | 
"{5403A5E0-5BFA-463A-BC5F-83E50D5785F1}" = protocol=6 | dir=in | app=c:\program files (x86)\bluestacks\hd-startlauncher.exe | 
"{554C33A1-90C4-483D-B08F-F66B85CD4936}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe | 
"{55E4FDCF-C9F5-43BD-B038-479EA054950A}" = protocol=6 | dir=out | app=%systemroot%\ehome\ehshell.exe | 
"{55F0AFDC-36BB-4937-8AC1-CAF1917BD2B4}" = protocol=17 | dir=in | app=c:\windows\system32\xpsrchvw.exe | 
"{5606239E-00F8-405F-A2A8-28E2D1A0BAF2}" = protocol=17 | dir=in | app=c:\program files\adobe\adobe photoshop cs5.1 (64 bit)\photoshop.exe | 
"{5658DDD6-A62E-443D-953E-BE50F31930B8}" = protocol=6 | dir=in | app=c:\program files (x86)\google\picasa3\picasa3.exe | 
"{56A63059-F257-4A1D-A04B-1938EAF4FAB1}" = protocol=17 | dir=in | app=c:\program files (x86)\marvell\miniport driver\ykx32ie.exe | 
"{56E4EA65-AF29-4557-ACF4-9DE90A9B4A04}" = protocol=17 | dir=in | app=c:\program files (x86)\iobit\iobit malware fighter\imf.exe | 
"{5702DB4E-78FC-4E18-A8CE-24C534B08683}" = protocol=6 | dir=in | app=%systemroot%\system32\msra.exe | 
"{5729F493-3400-4197-B1E7-D439BCA6C7B3}" = protocol=6 | dir=in | app=c:\program files (x86)\bluetooth\gbu521_win_vista_7_v6.5.1.2700\setup.exe | 
"{57BC5E8A-0C4E-46E4-89E0-8C967FC0E2D3}" = protocol=6 | dir=in | app=%systemroot%\system32\plasrv.exe | 
"{587341DD-88A1-44E5-8B1E-39A0C801C71E}" = protocol=6 | dir=in | app=c:\program files (x86)\bluestacks\hd-png2ico.exe | 
"{59053DCA-6A52-4B56-8D82-BC5A9F662802}" = protocol=6 | dir=in | app=c:\program files (x86)\bluestacks\hd-startlauncher.exe | 
"{593888DA-A0BA-41AB-8726-265F50D936C8}" = protocol=17 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe | 
"{59531F5F-2AF4-4819-8E75-B03E0EDBE6CD}" = protocol=6 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe | 
"{59959E57-C1CE-4778-8937-B020E05A261B}" = protocol=17 | dir=in | app=c:\program files\adobe\adobe bridge cc (64 bit)\bridge.exe | 
"{5A47967B-F43B-4F79-91AC-346AD063E379}" = protocol=6 | dir=in | app=c:\program files (x86)\realtek\audio\drivers\rtlupd64.exe | 
"{5A5728A9-1BB2-4A11-8854-E2FBBA98857E}" = protocol=17 | dir=in | app=c:\program files (x86)\mozilla firefox\firefox.exe | 
"{5AACFB6B-894B-4039-8D65-6C4AAD9BB510}" = protocol=6 | dir=in | app=c:\program files (x86)\lavmediacodec\unins000.exe | 
"{5AD5E9A0-2582-4009-8E2F-555BEF719300}" = protocol=6 | dir=in | app=c:\program files (x86)\videolan\vlc\vlc.exe | 
"{5ADF9250-B540-4293-A40E-93F9761CC87F}" = protocol=17 | dir=in | app=c:\users\nigel\appdata\roaming\reincubate\iphone backup extractor\iphonebackupextractor.exe | 
"{5C11BF96-A5F8-488B-9682-969454B09C30}" = protocol=17 | dir=in | app=c:\program files (x86)\bluestacks\hd-service.exe | 
"{5C27B651-FC65-481C-89B4-58DED9E60BE8}" = protocol=6 | dir=in | app=c:\program files (x86)\realtek high definition audio cc88d7248b3128d9fba630624b7a1b79\ravbg64.exe | 
"{5C2AAC7F-120B-4592-8737-B55F7FF98657}" = protocol=17 | dir=in | app=c:\program files (x86)\microsoft\bingdesktop\bingdesktop.exe | 
"{5C6CFDF0-2308-4429-A5F0-1DCEE1C4AC47}" = protocol=17 | dir=in | app=c:\mydrivers\download\301.42-desktop-win7-64-international-whql.exe | 
"{5D65D8B0-2E01-493C-99B1-D1448EEAE12A}" = protocol=17 | dir=in | app=c:\program files (x86)\iobit\driver booster\driverbooster.exe | 
"{5D91335D-22C8-4D2F-89B7-0046E66F38E8}" = protocol=6 | dir=in | app=%systemroot%\system32\netproj.exe | 
"{5DB97660-6EFD-4033-A74A-4BE35FD7B053}" = protocol=6 | dir=in | app=c:\program files (x86)\microsoft\eie10_en-us_wol_win764.exe | 
"{5E528C74-C6DB-4C78-A1E9-F94BF7A0D549}" = protocol=6 | dir=in | app=c:\program files (x86)\divx\divx player\divx player.exe | 
"{5F99348C-A643-418F-A9D8-A5153F429FBA}" = protocol=6 | dir=in | app=c:\program files (x86)\ffdshow\unins000.exe | 
"{60384FB2-5B67-46A1-8447-6421D638B2C2}" = protocol=17 | dir=in | app=c:\mydrivers\download\broadcom_bluetooth_6.5.1.1240\setup.exe | 
"{61B41052-9F6E-4D95-B6AD-BAB04407F9F1}" = protocol=17 | dir=in | app=c:\program files (x86)\amd avt\bin\kdbsync.exe | 
"{61D21354-84DA-460E-BFF3-BB5629EBE244}" = protocol=17 | dir=in | app=c:\windows\system32\xpsrchvw.exe | 
"{61E00B2E-74C6-4AC6-98F5-A700EF0B9579}" = protocol=6 | dir=in | svc=winmgmt | app=%systemroot%\system32\svchost.exe | 
"{62BB9D4F-27C2-40F9-B033-4293605FB563}" = protocol=6 | dir=in | app=c:\program files (x86)\adobe\adobe device central cs5.5\devicecentral.exe | 
"{62E8DE9B-118D-4D9B-9E4B-D2665EAFE38D}" = dir=in | app=c:\users\nigel\appdata\local\torch\plugins\hola\hola_plugin_x64.exe | 
"{63A06CAF-B92A-4B61-B3C6-DC0C9B5C13D0}" = protocol=6 | dir=in | app=c:\windows\system32\msra.exe | 
"{6471FFA9-C0D9-4EDE-B7B7-9A2D8C851BAE}" = protocol=6 | dir=in | app=c:\program files (x86)\marvell\miniport driver\ykx64ie.exe | 
"{64D430F9-6186-4E8C-8A70-281DC17FFC18}" = protocol=6 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe | 
"{6642FB21-95E0-45B1-ADBB-5DE26AE066FB}" = protocol=6 | dir=in | app=c:\windows\installer\{540cbbef-1433-4e5c-9817-4597493aa45f}\icon.exe | 
"{678CBBD9-3219-412F-BB6A-E5B7CF48E24A}" = protocol=17 | dir=in | app=c:\program files (x86)\realtek high definition audio cc88d7248b3128d9fba630624b7a1b79\aertsr64.exe | 
"{680909AE-5B57-4C24-A1EF-BEF90892A26F}" = protocol=6 | dir=in | app=c:\program files (x86)\realtek high definition audio cc88d7248b3128d9fba630624b7a1b79\ravcpl64.exe | 
"{684725C6-6FBE-4FF4-96C1-24DB4170AD72}" = protocol=6 | dir=in | app=c:\program files (x86)\xvid\minicalc.exe | 
"{684F0135-F1EE-4DF5-8F14-D058DF2934DA}" = protocol=17 | dir=in | app=c:\program files (x86)\canon\ijereg\mg2100 series\ijereg.exe | 
"{6859F853-CE1D-47E4-8E20-B1B9C1492993}" = protocol=17 | dir=in | app=c:\windows\system32\msra.exe | 
"{68A65B1F-08FB-4CE1-989E-12FDF3722046}" = protocol=17 | dir=in | app=c:\program files (x86)\imtoo\iphone photo transfer\ipodmanager-loader.exe | 
"{68CCA9FD-D31F-4938-8FFB-7684D4AB53F5}" = protocol=6 | dir=in | app=c:\program files (x86)\mozilla firefox\firefox.exe | 
"{68E338E7-AD64-4B01-B6E6-5E1D36CB7C07}" = protocol=6 | dir=in | app=c:\program files (x86)\microsoft silverlight\sllauncher.exe | 
"{694DCF29-D2A8-4E90-B274-4813C3022B78}" = protocol=6 | dir=in | app=c:\program files (x86)\xvid\autoupdate-windows.exe | 
"{6B42034F-71CC-408F-BE5E-36E49090862B}" = protocol=6 | dir=in | app=c:\users\nigel\appdata\roaming\google\google talk\uninstall.exe | 
"{6BD6027E-6EE1-4EF9-9395-927E503F5169}" = protocol=6 | dir=in | app=%systemroot%\system32\msdtc.exe | 
"{6CD4B757-4FE7-4464-BFC7-EA7742573456}" = protocol=17 | dir=in | app=c:\program files (x86)\nvidia corporation\nvidia geforce experience\gfexperience.exe | 
"{6CE977AB-6805-40CD-BA1D-561186C6EF72}" = protocol=6 | dir=in | app=c:\program files (x86)\bluetooth\gbu521_win_vista_7_v6.5.1.2700\setup.exe | 
"{6D147E5B-389A-4443-8939-DD0B26F85F91}" = protocol=6 | dir=in | app=c:\program files\microsoft security client\msseces.exe | 
"{6D23C461-239D-4654-B030-CD49AF09352A}" = protocol=17 | dir=in | app=c:\program files\recuva\recuva64.exe | 
"{6D413ED2-0084-4E5B-9989-CFBA7884049D}" = protocol=17 | dir=in | app=c:\program files (x86)\videolan\vlc\vlc.exe | 
"{6E2DDE41-09DF-43DE-A74E-0247C39F959E}" = protocol=6 | dir=in | app=c:\program files (x86)\real\realplayer\realtrimmer.exe | 
"{6E713056-D5BB-4BAE-9853-6F8338F9C4B1}" = protocol=17 | dir=in | app=c:\program files (x86)\videolan\vlc\vlc.exe | 
"{703C0A6B-74E7-4DAA-B7D4-A6B996EC9B54}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe | 
"{70427F26-D69D-4A5D-8818-A6D122D1D462}" = protocol=17 | dir=in | app=c:\amd\support\13-1_vista_win7_win8_64_dd_ccc_whql\setup.exe | 
"{723F7C23-836F-4E54-91B3-7AACD586E1C8}" = protocol=17 | dir=in | app=c:\program files (x86)\bluestacks\hd-startlauncher.exe | 
"{73E3DD24-7592-4456-A2F0-ADFCAE7C3327}" = protocol=6 | dir=in | app=c:\program files (x86)\real\realplayer\realconverter.exe | 
"{73E86E9F-7D2D-4A61-B0A9-74C5A631EF83}" = protocol=6 | dir=in | app=c:\program files (x86)\google\picasa3\picasa3.exe | 
"{74EFE5EF-91A9-4188-8BDE-603EB61256B8}" = protocol=17 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe | 
"{772C2D37-D3B1-4ED5-A1E6-8F6F287AC43E}" = protocol=6 | dir=in | app=%systemroot%\system32\wbem\unsecapp.exe | 
"{78BE7E4B-074F-4174-AD0F-70E654247FE1}" = protocol=6 | dir=in | app=c:\amd\support\13-1_vista_win7_win8_64_dd_ccc_whql\setup.exe | 
"{790DF2C3-228C-449B-9B9C-A810FB9EA9D2}" = dir=in | app=c:\program files (x86)\common files\apple\apple application support\webkit2webprocess.exe | 
"{7950298D-C8B4-41BB-B68C-42A69F1CF34E}" = protocol=17 | dir=in | app=c:\program files (x86)\canon\ijereg\mg2100 series\ijereg.exe | 
"{7B004621-3C75-458C-B6E3-B5B6914FD164}" = protocol=6 | dir=out | svc=fdphost | app=%systemroot%\system32\svchost.exe | 
"{7B11101F-7159-4EF7-BB1C-7B6AF16B0097}" = protocol=6 | dir=in | app=c:\program files (x86)\adobe\adobe device central cs5.5\devicecentral.exe | 
"{7B4DE5D7-577C-4DDC-A853-2876AB88EAA2}" = protocol=6 | dir=in | app=c:\program files (x86)\iphonebrowser\iphonebrowser.exe | 
"{7B9588C3-3038-46C9-94C7-DFBD52276188}" = protocol=17 | dir=in | app=c:\users\nigel\appdata\roaming\utorrent\utorrent.exe | 
"{7B9DE126-853F-4434-A7F5-E7D2E3666EC3}" = protocol=17 | dir=in | app=c:\program files\microsoft office\office14\onenote.exe | 
"{7BCA243D-FE5A-4D7E-8223-653FA4291AAA}" = protocol=17 | dir=in | app=c:\program files (x86)\ati technologies\ati.ace\branding\cccinstall.exe | 
"{7C4E9A49-26CB-4859-AAC0-2D21F3B8857F}" = protocol=17 | dir=in | app=c:\drivers\alps pointing-device driver\apntex.exe | 
"{7CB946AC-8321-499D-9BE9-D4ACE765BB13}" = protocol=6 | dir=in | app=c:\program files (x86)\iobit\driver booster\unins000.exe | 
"{7D5ADBB4-7C33-4437-AE54-A1EA9171E026}" = protocol=17 | dir=in | app=c:\program files (x86)\ffdshow\makeavis.exe | 
"{7E46AA61-B71D-4AAB-82A7-31214BABC44A}" = protocol=6 | dir=in | app=c:\mydrivers\download\301.42-desktop-win7-64-international-whql.exe | 
"{7E91CF3A-917A-4758-B79F-E4634012FE26}" = protocol=6 | dir=in | app=c:\program files (x86)\videolan\vlc\vlc.exe | 
"{7E9EED24-7E6B-4BE2-B8AB-5DA6F4276DE2}" = protocol=6 | dir=in | app=c:\program files (x86)\xvid\avic.exe | 
"{7EAB8BAF-A7FA-4206-860C-A73883D66730}" = protocol=6 | dir=in | app=c:\program files\recuva\recuva64.exe | 
"{7EFD9B6F-06B1-4FE7-8FB4-B7658CE2F43D}" = protocol=6 | dir=in | app=c:\users\nigel\appdata\roaming\google\google talk\uninstall.exe | 
"{81753CD3-E732-4B27-924B-8CF61D8D62D7}" = protocol=6 | dir=in | app=c:\drivers\alps pointing-device driver\apntex.exe | 
"{820993F4-6D48-4415-A23E-768A5A6D6A09}" = dir=in | app=c:\program files (x86)\itunes\itunes.exe | 
"{8212503E-C54F-42A8-B358-FB9FCD8768A7}" = protocol=6 | dir=in | app=c:\program files (x86)\bluestacks\hd-network.exe | 
"{83012282-B716-4D90-868D-BA31AB7C7E08}" = protocol=17 | dir=in | app=c:\program files (x86)\mozilla firefox\firefox.exe | 
"{8311668F-D8FF-44B4-9441-8F8642605FF0}" = protocol=6 | dir=in | app=c:\program files (x86)\realtek high definition audio cc88d7248b3128d9fba630624b7a1b79\rtkaudioservice64.exe | 
"{842230E2-D143-4090-A163-516FC93719A9}" = protocol=6 | dir=in | app=c:\program files (x86)\realtek\audio\asio\install.exe | 
"{845FF651-C8B3-43C2-B511-42D29070F754}" = protocol=6 | dir=out | app=%systemroot%\system32\netproj.exe | 
"{846CFE60-A5F8-4749-BA25-DF359AF269BF}" = protocol=6 | dir=in | app=c:\program files (x86)\microsoft\eie10_en-us_wol_win764.exe | 
"{8510492F-1AB9-49D9-A30F-28D54E7EE007}" = protocol=6 | dir=in | app=c:\program files (x86)\directvobsub\unins000.exe | 
"{86483658-40C9-480A-9AF1-24BFA5D293F8}" = protocol=6 | dir=in | app=c:\program files (x86)\ati technologies\ati.ace\branding\cccinstall.exe | 
"{8694F1C4-B1A3-4CDB-BB46-55F4CD54E153}" = protocol=17 | dir=in | app=c:\program files (x86)\iphonebrowser\iphonebrowser.exe | 
"{88E60203-2734-4D8F-8870-E0E68D189629}" = protocol=6 | dir=in | app=c:\amd\support\13-1_vista_win7_win8_64_dd_ccc_whql\setup.exe | 
"{88E8495E-562C-4A7B-8188-745970464B50}" = protocol=6 | dir=in | app=c:\program files (x86)\realtek\audio\asio\install.exe | 
"{88F950AB-6B92-4C87-A4C0-EC4CAF1A26EF}" = protocol=6 | dir=in | app=c:\program files (x86)\iobit\iobit malware fighter\imf.exe | 
"{8971C685-13FB-4ACD-9E94-7FB54FA91A62}" = protocol=6 | dir=in | app=c:\program files (x86)\xvid\uninstall.exe | 
"{89AEB560-FE0C-463E-BDDF-34941D32FE6C}" = protocol=17 | dir=in | app=c:\program files (x86)\directvobsub\unins000.exe | 
"{8B097A75-8B8D-4972-BD02-85640E6F3B86}" = protocol=6 | dir=in | app=c:\program files (x86)\marvell\miniport driver\ykx64ie.exe | 
"{8B1BA0B7-13EB-47C1-99BB-C54A146AA7E7}" = protocol=17 | dir=in | app=c:\program files (x86)\bluetooth\gbu521_win_vista_7_v6.5.1.2700\setup.exe | 
"{8C4DB92F-FDF6-458C-A0BF-85D927B608EB}" = protocol=17 | dir=in | app=c:\program files (x86)\bonjour\mdnsresponder.exe | 
"{8CC0546E-BF91-454C-97E0-2DFD91CC703B}" = protocol=17 | dir=in | app=c:\program files (x86)\divx\divx converter\divxconverterlauncher.exe | 
"{8D0A6406-9EE8-4FF7-AD54-87AD9C6B9D01}" = protocol=17 | dir=in | app=c:\program files (x86)\divx\divx media server\divxmediaserver.exe | 
"{8D3D0DB3-58AE-41CC-8448-03E5BC036A95}" = protocol=17 | dir=in | app=c:\program files (x86)\adobe\adobe photoshop cs5.1\photoshop.exe | 
"{8E0826A2-971E-43C5-AC2C-794C1FFC9F15}" = protocol=6 | dir=in | app=c:\drivers\alps pointing-device driver\dpinst.exe | 
"{8E13E62B-1EAE-42A3-9A8A-9CCCAAE1BCBE}" = protocol=6 | dir=in | app=c:\windows\installer\{540cbbef-1433-4e5c-9817-4597493aa45f}\icon.exe | 
"{8E253E2E-AE85-4803-A962-CF6A9D553F0B}" = protocol=17 | dir=in | app=c:\program files (x86)\amd app\bin\x86_64\amdocl_ld.exe | 
"{8EB6A390-172F-4EA6-8F42-EFA257B0E95B}" = protocol=6 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe | 
"{8F5393D7-F327-4D0E-9C66-1624BC2CC33A}" = protocol=17 | dir=in | app=c:\program files (x86)\marvell\miniport driver\ykx64ie.exe | 
"{8F8100D5-4D4D-4D25-9FD7-7235B4A6A31E}" = protocol=6 | dir=in | app=c:\program files\recuva\uninst.exe | 
"{8FF6CC80-624D-4F54-AE60-78C4F344741B}" = protocol=17 | dir=in | app=c:\program files\microsoft security client\msseces.exe | 
"{9001B4D0-2BAD-4365-B331-FF29E091B27F}" = protocol=6 | dir=out | svc=mcx2svc | app=%systemroot%\system32\svchost.exe | 
"{90C5029D-7DBE-465B-8AFA-7F6BF7A948E9}" = protocol=17 | dir=in | app=c:\users\nigel\appdata\roaming\reincubate\iphone backup extractor\iphonebackupextractor-uninstaller.exe | 
"{912568F2-19C2-4324-A869-BA673BE085BE}" = protocol=6 | dir=in | app=c:\program files (x86)\canon\my image garden\cnmigmain.exe | 
"{915A9D80-5FC6-4AE0-894E-555CBCCBFFCF}" = protocol=6 | dir=in | app=c:\program files (x86)\adobe\adobe utilities - cs5.5\extendscript toolkit cs5.5\extendscript toolkit.exe | 
"{9170ABC8-D10B-4B85-B0FF-AE6ACF8005B8}" = protocol=6 | dir=in | app=c:\users\nigel\appdata\roaming\reincubate\iphone backup extractor\iphonebackupextractor-uninstaller.exe | 
"{926A9765-58B1-47DB-B26B-24FFD7835418}" = protocol=6 | dir=out | app=%systemroot%\system32\wudfhost.exe | 
"{92CB32CC-509A-4783-BA3E-D9E20398C130}" = protocol=6 | dir=out | svc=winmgmt | app=%systemroot%\system32\svchost.exe | 
"{92EF4635-FE0A-43EB-A709-4F40ACF75904}" = protocol=17 | dir=in | app=c:\program files (x86)\microsoft\eie10_en-us_wol_win764.exe | 
"{936CCC89-01DF-4C6D-A5C4-09ACD0949307}" = protocol=6 | dir=out | app=%systemroot%\system32\msra.exe | 
"{93D4A0A3-7987-4C59-9904-3466A5432808}" = protocol=17 | dir=in | app=c:\amd\support\13-1_vista_win7_win8_64_dd_ccc_whql\setup.exe | 
"{9410A204-FA95-44F2-92BD-C9489AB99700}" = protocol=6 | dir=in | app=%systemroot%\system32\p2phost.exe | 
"{94177459-831A-4C9F-BE2F-0944A3E3645D}" = protocol=17 | dir=in | app=c:\program files (x86)\adobe\adobe utilities - cs5.5\extendscript toolkit cs5.5\extendscript toolkit.exe | 
"{95F871F6-2B4F-4D1F-80D6-967364116624}" = protocol=17 | dir=in | app=c:\program files (x86)\bluestacks\hd-png2ico.exe | 
"{96897D66-BBF5-4340-A69D-C2E1E331BDEC}" = protocol=17 | dir=in | app=c:\program files (x86)\ati technologies\ati.ace\core-static\ccc.exe | 
"{96C590CC-1394-46B5-8147-45660DF339F6}" = protocol=6 | dir=in | app=c:\drivers\setup.exe | 
"{96C8E367-5225-4618-827F-BC163CF672CB}" = protocol=17 | dir=in | app=c:\mydrivers\download\broadcom_bluetooth_6.5.1.1240\setup.exe | 
"{96FF2AFD-19D0-48EA-9425-55DEC588A2B1}" = protocol=6 | dir=in | app=c:\program files (x86)\realtek high definition audio cc88d7248b3128d9fba630624b7a1b79\ravbg64.exe | 
"{977289FB-D4E7-45EA-B630-D8A89881F9B1}" = protocol=17 | dir=in | app=c:\program files (x86)\internet explorer\ieinstal.exe | 
"{9783B612-F626-4D45-89B9-95441B9C9303}" = protocol=17 | dir=in | app=c:\users\nigel\appdata\roaming\reincubate\dmg extractor\dmgextractor.exe | 
"{983D69ED-6CBB-4D42-9C55-66B110503F7B}" = protocol=6 | dir=out | svc=msiscsi | app=%systemroot%\system32\svchost.exe | 
"{990D4926-BB51-49DC-A412-3E7D21FF80BB}" = protocol=6 | dir=in | app=c:\program files (x86)\adobe\acrobat 11.0\acrobat\acrodist.exe | 
"{9B3ECB6F-90F9-470C-8D40-D2C318FE4117}" = protocol=17 | dir=in | app=c:\program files (x86)\xvid\miniconvert.exe | 
"{9BC46F36-A865-4CAC-B7BE-BA2F43DC386A}" = protocol=6 | dir=in | app=c:\program files (x86)\bluetooth\setupbtwdownloadse.exe | 
"{9CB8BC87-73A7-4E50-9D7C-D43E44058CB6}" = protocol=6 | dir=in | app=c:\program files (x86)\amd app\bin\x86_64\amdocl_as.exe | 
"{9E2C4376-1EFB-4516-B3FB-7173FD95720A}" = protocol=6 | dir=in | app=c:\program files (x86)\nvidia corporation\nvidia geforce experience\7z.exe | 
"{9EE9FA49-7925-4BC5-A946-B74CC1897889}" = protocol=6 | dir=in | app=c:\program files (x86)\nvidia corporation\nvidia geforce experience\gfexperience.exe | 
"{9F3E4CB8-1E89-45C0-9648-6D1CC37A6ABE}" = protocol=17 | dir=in | app=c:\program files\vs revo group\revo uninstaller pro\revouninpro.exe | 
"{9F6CC6BB-78E6-4F82-B915-EE0F25F58F22}" = protocol=6 | dir=in | app=c:\program files (x86)\marvell\miniport driver\ykx32ie.exe | 
"{A00FA833-D31F-4D26-8EDE-55105B925BC7}" = protocol=6 | dir=in | app=c:\program files\adobe\adobe photoshop cs5.1 (64 bit)\photoshop.exe | 
"{A12E4ECC-5653-493F-ABE4-1BE423465C36}" = protocol=6 | dir=in | app=c:\drivers\alps pointing-device driver\apntex.exe | 
"{A1B21D05-1975-4888-AF87-2BF47FBB8D95}" = protocol=6 | dir=in | app=c:\program files (x86)\xvid\statsreader.exe | 
"{A30F00FA-2240-4961-9A1E-C3CBE5040878}" = protocol=17 | dir=in | app=c:\program files (x86)\canon\my image garden\cnmigmain.exe | 
"{A39B29FD-DE5C-4A5E-84F2-B038EC8484C0}" = protocol=6 | dir=in | app=c:\program files (x86)\realtek high definition audio cc88d7248b3128d9fba630624b7a1b79\ravcpl64.exe | 
"{A3ACABB8-06C2-4E18-A5D5-E33C28B778F1}" = protocol=17 | dir=in | app=c:\program files (x86)\bluetooth\setupbtwdownloadse.exe | 
"{A468EB9C-C1A1-47A8-A529-8B6800CBAE6D}" = protocol=17 | dir=in | app=c:\drivers\jmicron 1394 filter driver\setup.exe | 
"{A52043D0-0D7D-4673-9366-356391F8770A}" = protocol=6 | dir=in | app=c:\program files (x86)\jmicron\johci_dir\setup.exe | 
"{A544C9D7-D917-40DC-A08D-6D7137BCA2D8}" = protocol=6 | dir=in | app=c:\program files (x86)\rocketdock\rocketdock.exe | 
"{A5BB369C-A523-4546-9DF4-85F2664A890A}" = protocol=6 | dir=in | app=c:\program files (x86)\xvid\statsreader.exe | 
"{A619F688-288D-4F83-A405-55F8653BE31E}" = protocol=6 | dir=in | app=c:\program files\vs revo group\revo uninstaller pro\revouninpro.exe | 
"{A71324CF-B4CC-4F12-A1BE-74E525EB7A90}" = protocol=17 | dir=in | app=c:\program files\microsoft security client\msseces.exe | 
"{A8B461DB-95D1-4691-9B22-BFD559EB8315}" = protocol=17 | dir=in | app=c:\program files (x86)\bluestacks\hd-network.exe | 
"{A8FC8A23-4D0A-43F6-A573-963E5E2860A9}" = protocol=6 | dir=in | app=c:\program files (x86)\real\realplayer\rpds\bin\rpdsvc.exe | 
"{A96ABB86-D271-40FD-A313-1721307520E6}" = protocol=17 | dir=in | app=c:\windows\installer\{540cbbef-1433-4e5c-9817-4597493aa45f}\icon.exe | 
"{A9F371CA-BD9E-488E-94A3-EB5DA9F9DB73}" = protocol=17 | dir=in | app=c:\program files (x86)\adobe\adobe help\adobe help.exe | 
"{AA4D31DA-B949-4542-AE38-01FAEC17240F}" = protocol=17 | dir=in | app=c:\program files (x86)\real\realplayer\realconverter.exe | 
"{AB167400-D1DB-4B13-8250-57A934E96A79}" = protocol=17 | dir=in | app=c:\program files (x86)\adobe\acrobat 11.0\formscentral\formscentralforacrobat.exe | 
"{AB7CA6F1-53F3-4336-A41F-ED4B8A30D9A9}" = protocol=6 | dir=in | app=c:\program files (x86)\bluestacks\hd-runapp.exe | 
"{ACC1F9FB-561D-484E-9960-2471E3346A64}" = protocol=6 | dir=in | app=c:\program files\internet explorer\iexplore.exe | 
"{AD47D806-5EAD-44DC-AECB-A4224669CCD2}" = protocol=6 | dir=in | app=c:\program files (x86)\canon\ij manual\canon mg2100 series\uninstall.exe | 
"{AD8962C6-FCAB-4102-8F1D-6C2501A797C4}" = protocol=17 | dir=in | app=c:\program files (x86)\microsoft\eie10_en-us_wol_win764.exe | 
"{AD970CE3-E72B-402B-A341-9232ED19AEDC}" = protocol=17 | dir=in | app=c:\program files (x86)\realtek high definition audio cc88d7248b3128d9fba630624b7a1b79\rtkaudioservice64.exe | 
"{AECF39DC-8071-49C9-89CB-03FCC7729F0F}" = protocol=17 | dir=in | app=c:\program files (x86)\ati technologies\ati.ace\core-static\ccc.exe | 
"{AF1F3AC5-61E1-4383-86E5-5B8A5BA733F4}" = protocol=17 | dir=in | app=c:\program files (x86)\ffdshow\makeavis.exe | 
"{B026BA9B-4856-45E4-88CE-9A2AFB6D0EF6}" = protocol=6 | dir=in | app=c:\program files (x86)\nvidia corporation\nvidia geforce experience\7z.exe | 
"{B22EC182-B3CD-4AC7-9484-67875CEAF26B}" = protocol=17 | dir=in | app=c:\program files (x86)\nvidia corporation\nvidia geforce experience\7z.exe | 
"{B31C86C9-1C35-4D6F-9B09-2DE7ABAD6976}" = protocol=17 | dir=in | app=c:\program files (x86)\amd app\bin\x86_64\amdocl_as.exe | 
"{B32B8525-F3DF-4224-89D6-F64137F09569}" = protocol=17 | dir=in | app=c:\program files (x86)\amd app\bin\x86_64\amdocl_ld.exe | 
"{B33CB9CE-EC0C-4034-A4A2-C3C60C588BDF}" = protocol=17 | dir=in | app=c:\program files (x86)\bluestacks\hd-startlauncher.exe | 
"{B45397C9-78AD-47FD-B2BC-C443B2391889}" = protocol=47 | dir=out | app=system | 
"{B4D8F19A-F5D0-4F20-AE8A-C6528B0D5FC0}" = protocol=6 | dir=in | app=c:\program files (x86)\canon\mp navigator ex 5.0\mpnex50.exe | 
"{B56A60A2-7585-4210-B38C-C14BEA837EFE}" = protocol=6 | dir=in | app=c:\program files (x86)\ffdshow\makeavis.exe | 
"{B5A700DD-C8DB-457E-97E1-7EDB2C74DF41}" = protocol=17 | dir=in | app=c:\program files (x86)\xvid\statsreader.exe | 
"{B62EA6D8-37A4-4096-BFC1-F310A1474FB3}" = protocol=6 | dir=in | app=c:\program files (x86)\usb human interface device 33b51d98912fa395f47d492c06592e62\usb human interface device 33b51d98912fa395f47d492c06592e62.exe | 
"{B8837CBA-D961-4AF9-9F5D-29658E8C805A}" = protocol=17 | dir=in | app=c:\program files\internet explorer\iexplore.exe | 
"{B8C81F1B-000D-439F-AF29-DA784474F34E}" = protocol=17 | dir=in | app=c:\program files (x86)\ffdshow\unins000.exe | 
"{B8CA9E47-8772-4C43-8DCD-340ADA9712D8}" = protocol=17 | dir=in | app=c:\program files (x86)\adobe\adobe bridge cs5.1\bridge.exe | 
"{B9D065A2-C270-45AF-92B4-4CE16EB506A6}" = protocol=17 | dir=in | app=c:\program files (x86)\realtek high definition audio cc88d7248b3128d9fba630624b7a1b79\ravbg64.exe | 
"{B9F09114-0F22-4DBD-AB9F-77E01B8E2340}" = protocol=6 | dir=in | app=c:\program files\vs revo group\revo uninstaller pro\unins000.exe | 
"{B9F7C672-E849-408C-A7E2-381FC6F06D07}" = protocol=6 | dir=in | app=c:\mydrivers\download\broadcom_bluetooth_6.5.1.1240\setup.exe | 
"{BA3F0D72-08B5-4C5F-9E12-795B8042254B}" = protocol=17 | dir=in | app=c:\program files (x86)\bluestacks\hd-runapp.exe | 
"{BABD8696-29DE-46A6-918F-991AAB420E3C}" = protocol=6 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe | 
"{BB355AFE-C28F-41CB-90FE-C08BA82546A5}" = protocol=6 | dir=in | app=c:\amd\support\13-4_vista_win7_win8_64_dd_ccc_whql\setup.exe | 
"{BC9022E4-25E1-405F-AAE1-6D5A83A1419D}" = protocol=17 | dir=in | app=c:\drivers\setup.exe | 
"{BC9878C4-6FE2-4C77-AA76-27D784AF9289}" = protocol=6 | dir=in | app=c:\program files (x86)\realtek high definition audio cc88d7248b3128d9fba630624b7a1b79\rtkaudioservice64.exe | 
"{BD1C9492-67F0-46C3-8CD7-3046B03E6411}" = protocol=17 | dir=in | app=c:\program files (x86)\bluestacks\hd-runapp.exe | 
"{BD22969D-C260-4F08-A35E-D197F08F7C2F}" = protocol=6 | dir=in | app=c:\program files (x86)\java\jre7\bin\javacpl.exe | 
"{BE5C664C-0658-4872-A826-AA5C0FB30E11}" = protocol=17 | dir=in | app=c:\program files (x86)\canon\mp navigator ex 5.0\mpnex50.exe | 
"{BEAE117D-45B6-460B-A536-6C78A87BFD2B}" = protocol=6 | dir=in | app=c:\program files (x86)\xvid\miniconvert.exe | 
"{BF5B8C62-FEC3-4527-914A-DE85B9C4AD10}" = protocol=17 | dir=in | app=c:\program files (x86)\canon\ijereg\mg2100 series\uninst.exe | 
"{BF6579C0-D770-4AA8-989A-FA534E1A7063}" = protocol=17 | dir=in | app=c:\program files (x86)\canon\ijereg\mg2100 series\uninst.exe | 
"{BFF1EBCF-7744-4E22-B0AC-FD6058592D7A}" = protocol=17 | dir=in | app=c:\program files (x86)\xvid\statsreader.exe | 
"{C00C20D6-3865-4FD9-867F-BF07085570D3}" = protocol=6 | dir=in | app=c:\program files (x86)\bluestacks\hd-runapp.exe | 
"{C0265CD9-E6A4-43CB-A2D6-9CE37C2B38AB}" = protocol=6 | dir=in | app=c:\program files (x86)\canon\ijereg\mg2100 series\uninst.exe | 
"{C088A559-150E-42B0-9828-AFFCB9C6A20F}" = protocol=6 | dir=in | app=c:\program files (x86)\ati technologies\ati.ace\core-static\ccc.exe | 
"{C0BCEE55-3A52-47C2-8270-5FCB747DF327}" = protocol=17 | dir=in | app=c:\program files (x86)\xvid\uninstall.exe | 
"{C1D902DF-5AD6-4AED-AD48-2F5C3087048F}" = protocol=17 | dir=in | app=c:\program files (x86)\usb human interface device 33b51d98912fa395f47d492c06592e62\usb human interface device 33b51d98912fa395f47d492c06592e62.exe | 
"{C28414E9-709B-4235-92DE-AF3B61727A51}" = protocol=6 | dir=in | app=c:\program files (x86)\amd app\bin\x86_64\amdocl_ld.exe | 
"{C317A0B1-DCBE-43C3-97CF-7C7511FE5621}" = protocol=6 | dir=in | app=c:\program files (x86)\realtek\audio\drivers\rtlupd64.exe | 
"{C389D420-4D5D-4E07-9620-BDC7789FCA8A}" = protocol=17 | dir=in | app=c:\program files (x86)\java\jre7\bin\javacpl.exe | 
"{C3C64C3A-3276-4500-B5D8-B38BADC50371}" = protocol=17 | dir=in | app=c:\users\nigel\appdata\roaming\google\google talk\uninstall.exe | 
"{C4123B51-5A97-4972-8571-9099556F6D9E}" = protocol=6 | dir=in | app=c:\program files (x86)\xvid\autoupdate-windows.exe | 
"{C45208E0-72E7-4CD7-8AB1-7C24D5A69B2A}" = protocol=17 | dir=in | app=c:\program files\microsoft silverlight\sllauncher.exe | 
"{C592C007-5599-418E-B9B9-82D903556905}" = protocol=17 | dir=in | app=c:\drivers\alps pointing-device driver\dpinst.exe | 
"{C6C53426-77D7-4171-99DD-932FA1F24E89}" = protocol=17 | dir=in | app=c:\program files (x86)\realtek high definition audio cc88d7248b3128d9fba630624b7a1b79\aertsr64.exe | 
"{C761551A-D0D2-470A-8FC4-4778EC829A72}" = protocol=6 | dir=in | app=c:\program files (x86)\lavmediacodec\unins000.exe | 
"{C76B898D-B2D1-4316-93CB-C59568166C51}" = protocol=6 | dir=in | app=c:\drivers\alps pointing-device driver\dpinst.exe | 
"{C86EA3D7-73AE-46D5-A2E9-DC53F7D5CC16}" = protocol=47 | dir=in | app=system | 
"{C8A027B7-A2CB-4DD5-85A7-0EDD16B43A6D}" = protocol=6 | dir=in | app=c:\program files (x86)\microsoft\bingdesktop\bingdesktop.exe | 
"{C8C6D125-F52F-4876-9954-3E2767DA6139}" = protocol=6 | dir=in | app=c:\program files (x86)\xvid\minicalc.exe | 
"{C8F09DA0-6A98-4E9F-B446-7A4CE26D079E}" = protocol=17 | dir=in | app=c:\program files (x86)\common files\installshield\professional\runtime\11\50\intel32\isbew64.exe | 
"{C927495A-53DB-4E62-BD90-B22A74C20B7F}" = protocol=6 | dir=in | app=c:\drivers\jmicron 1394 filter driver\setup.exe | 
"{C97DC00B-8FE3-4E1D-803D-C21A8E87201C}" = protocol=6 | dir=in | app=c:\program files (x86)\divx\divx media server\divxmediaserver.exe | 
"{C9B967F4-93CC-4553-BA61-60463758B469}" = protocol=6 | dir=in | app=c:\program files (x86)\rocketdock\rocketdock.exe | 
"{C9DF4BE8-A60C-46F3-82F1-6EF909D5D6C6}" = protocol=6 | dir=in | app=c:\program files (x86)\common files\installshield\professional\runtime\11\50\intel32\isbew64.exe | 
"{CA00688E-659B-4CFD-A0E4-711897EE4BFD}" = protocol=58 | dir=in | [email protected],-28545 | 
"{CA73EECE-F1A4-4CC3-9D08-F6C45F5610E8}" = protocol=17 | dir=in | app=c:\program files (x86)\canon\my image garden\cnmigmain.exe | 
"{CAB51A6D-0044-4117-B600-9DBF19F6BAA5}" = protocol=6 | dir=in | app=c:\program files (x86)\adobe\adobe utilities - cs5.5\extendscript toolkit cs5.5\extendscript toolkit.exe | 
"{CAC4F7A0-E1CE-4C90-9D8C-865B0A797B86}" = protocol=17 | dir=in | app=c:\program files (x86)\iobit\driver booster\unins000.exe | 
"{CB8270E1-E299-4535-AE1D-D73FC67B8034}" = protocol=6 | dir=in | app=c:\program files (x86)\directvobsub\unins000.exe | 
"{CBD778F6-DF0D-43A0-9605-0093DB13B631}" = protocol=17 | dir=in | app=c:\program files (x86)\iobit\driver booster\driverbooster.exe | 
"{CBEE6F08-9DD7-45C4-A93B-01BC966CD271}" = protocol=17 | dir=in | app=c:\drivers\alps pointing-device driver\apntex.exe | 
"{CC13E1D2-C58F-435D-8CEE-F6CF501FD350}" = protocol=17 | dir=in | app=c:\program files\recuva\uninst.exe | 
"{CC92343E-6D72-4A5E-BA5F-11F06F29EC08}" = protocol=6 | dir=out | app=%systemroot%\ehome\mcx2prov.exe | 
"{CCBC0D12-43E6-48FD-967F-646D373A4D77}" = protocol=6 | dir=in | app=c:\program files\recuva\recuva64.exe | 
"{CCD15CA9-8735-4CD8-9A25-157A81288508}" = protocol=17 | dir=in | app=c:\program files (x86)\divx\divx player\divx player.exe | 
"{CD6CEB1C-7327-439D-830D-370CCB7143F1}" = protocol=17 | dir=in | app=c:\program files (x86)\bluestacks\hd-network.exe | 
"{CDE188D9-F28F-41BD-B478-C640E0F56E52}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe | 
"{CFFE5841-4C28-428F-9900-9453E1CAD0EC}" = protocol=17 | dir=in | app=c:\program files\vs revo group\revo uninstaller pro\revouninpro.exe | 
"{D05DFA89-4E55-47FB-9A80-326F318DED1F}" = protocol=17 | dir=in | app=c:\windows\ehome\ehshell.exe | 
"{D0C0948A-01F9-4A80-A62F-A325B52DBC13}" = protocol=17 | dir=in | app=c:\program files (x86)\realtek high definition audio cc88d7248b3128d9fba630624b7a1b79\rtkaudioservice64.exe | 
"{D0E28AC4-7463-48DF-B116-E3D0A1BCE057}" = protocol=6 | dir=in | app=c:\amd\support\13-1-legacy_vista_win7_win8_64_dd_ccc\setup.exe | 
"{D17FE6B1-425D-48BB-83B1-12D6E7DFA0BE}" = protocol=17 | dir=in | app=c:\program files (x86)\adobe\adobe bridge cs5.1\bridge.exe | 
"{D2F0A658-27DE-4D55-99BF-30126763B9F4}" = protocol=17 | dir=in | app=c:\program files (x86)\adobe\adobe photoshop cs5.1\photoshop.exe | 
"{D339BE3F-8E89-4A8B-B3E4-6A363CB2D814}" = protocol=6 | dir=in | app=c:\program files (x86)\amd app\bin\x86_64\amdocl_as.exe | 
"{D343B2F8-9AC9-4CC1-B80C-471034A7DF56}" = protocol=17 | dir=in | app=c:\program files (x86)\bluetooth\setupbtwdownloadse.exe | 
"{D4560B79-C8DC-4DC7-826F-3300D37B7E46}" = protocol=6 | dir=out | app=%systemroot%\ehome\mcrmgr.exe | 
"{D5B1525E-69BF-46D6-805B-F15FCC3F6B61}" = protocol=6 | dir=in | app=c:\program files\microsoft silverlight\sllauncher.exe | 
"{D5DFB56B-BF21-4E86-A106-36F4A7F9444C}" = protocol=17 | dir=in | app=c:\program files (x86)\iobit\driver booster\unins000.exe | 
"{D663D7B4-D9AE-47F0-BA03-72166A2001CC}" = protocol=6 | dir=in | app=c:\program files (x86)\bonjour\mdnsresponder.exe | 
"{D696F585-C0BE-46D6-B19D-1A452575AD8E}" = protocol=6 | dir=in | app=c:\program files (x86)\canon\solution menu ex\cnsemain.exe | 
"{D6F6CE09-B4C5-4296-A0F3-93F400500C72}" = protocol=17 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe | 
"{D72D3869-BF85-4830-A7B1-6B689AF6BCF3}" = protocol=6 | dir=in | app=c:\program files\microsoft silverlight\sllauncher.exe | 
"{D761AB2E-94F1-4090-9CE1-4462F9F3B2DF}" = protocol=17 | dir=in | app=c:\program files (x86)\realtek\audio\drivers\rtlupd64.exe | 
"{D82A3C5F-EC49-418D-9AF5-E7B45B35C97F}" = protocol=6 | dir=in | app=c:\program files (x86)\imtoo\iphone sms backup\isms-loader.exe | 
"{D89BA053-5F50-426E-8671-BB9B9480BBEF}" = protocol=17 | dir=in | app=c:\program files (x86)\realtek\audio\drivers\rtlupd64.exe | 
"{D8FFECBA-2660-4820-B590-C668BB5F3D7A}" = protocol=17 | dir=in | app=c:\program files (x86)\canon\ij manual\canon mg2100 series\uninstall.exe | 
"{D98E3697-B546-45F5-8E48-3042A2432434}" = protocol=17 | dir=in | app=c:\program files (x86)\xvid\autoupdate-windows.exe | 
"{D9BB6FC4-69A7-4BB7-8B25-EFCA1D92C1FF}" = protocol=17 | dir=in | app=c:\program files (x86)\canon\mp navigator ex 5.0\mpnex50.exe | 
"{DADF703F-64F1-4430-B58B-FEB628B25B0B}" = protocol=6 | dir=in | app=c:\program files (x86)\internet explorer\ieinstal.exe | 
"{DB592DAC-8D45-4734-AA82-745577F4B368}" = protocol=17 | dir=in | app=c:\program files (x86)\realtek\audio\asio\install.exe | 
"{DB97EF84-1B72-4422-A55B-B8767836882A}" = protocol=17 | dir=in | app=c:\program files (x86)\xvid\minicalc.exe | 
"{DCB7A8C1-08CD-46A2-B300-67B3277BE26C}" = protocol=17 | dir=in | app=c:\program files (x86)\ati technologies\ati.ace\branding\cccinstall.exe | 
"{DD198176-D938-46E8-A14D-7E7D839115CF}" = protocol=17 | dir=in | app=c:\program files (x86)\adobe\adobe extension manager cs5.5\adobe extension manager cs5.5.exe | 
"{DD845287-566E-4A29-B0F1-54581F08381C}" = protocol=6 | dir=in | app=c:\program files\microsoft office\office14\onenote.exe | 
"{DDA15FAC-C9D6-4CC1-9656-5CC4A6111B02}" = protocol=6 | dir=out | svc=fdphost | app=%systemroot%\system32\svchost.exe | 
"{DED3E371-4135-4878-B68C-BAE5979E14F2}" = protocol=6 | dir=in | app=c:\program files (x86)\bluestacks\hd-service.exe | 
"{DEF1BFEB-C7FD-4F28-A5F7-0073EE793A35}" = protocol=17 | dir=in | app=c:\program files (x86)\real\realplayer\realtrimmer.exe | 
"{DF0F89DD-D55F-44F8-9CC7-272EE996766D}" = protocol=17 | dir=in | app=c:\program files\internet explorer\iexplore.exe | 
"{E0701C87-ACA2-4B9B-B003-55C6C46677EB}" = protocol=17 | dir=in | app=c:\program files (x86)\xvid\avic.exe | 
"{E0D91D92-8EF1-4394-AB58-C33E9474686D}" = protocol=6 | dir=in | app=c:\users\nigel\appdata\roaming\reincubate\dmg extractor\dmgextractor-uninstaller.exe | 
"{E114AF09-1687-4552-B98E-90595BE2A873}" = protocol=6 | dir=in | app=c:\program files (x86)\amd avt\bin\kdbsync.exe | 
"{E1717608-B53C-40F4-A14A-C7A1951020EB}" = protocol=6 | dir=in | app=c:\program files (x86)\canon\my image garden\cnmigmain.exe | 
"{E1ED14C9-6177-4DB9-9CA8-8CBFAFE6BA61}" = protocol=17 | dir=in | app=c:\program files\vs revo group\revo uninstaller pro\unins000.exe | 
"{E2491623-9D38-4F5E-A15A-51ACAF3B8400}" = protocol=6 | dir=in | app=c:\program files (x86)\iobit\iobit malware fighter\imf.exe | 
"{E2F7D9E0-4EE1-43F8-95B7-2272A26366F3}" = protocol=17 | dir=in | app=c:\program files (x86)\xvid\avic.exe | 
"{E35AA5EF-C44A-4A72-A1CC-0661E7D1942B}" = protocol=6 | dir=in | svc=msiscsi | app=%systemroot%\system32\svchost.exe | 
"{E3D291BC-7224-4BF0-8624-39FBF8CB6BB6}" = protocol=17 | dir=in | app=c:\windows\ehome\ehshell.exe | 
"{E4A8BB98-3BB1-41FD-907D-31742F033940}" = protocol=6 | dir=in | app=c:\windows\ehome\ehshell.exe | 
"{E52E80DC-DE90-4155-9469-DD6697CF2C68}" = protocol=6 | dir=in | app=c:\program files (x86)\bluestacks\hd-service.exe | 
"{E5B59D62-7E46-4D45-A76B-CF69F29339FA}" = protocol=6 | dir=out | app=%systemroot%\system32\msdtc.exe | 
"{E5C59FF3-4AD9-48B1-9A4B-3D656B98ED17}" = protocol=6 | dir=in | app=c:\program files (x86)\adobe\adobe extension manager cs5.5\adobe extension manager cs5.5.exe | 
"{E5D8A154-AB8A-444A-8A8F-C1919B563589}" = protocol=6 | dir=in | app=c:\program files (x86)\adobe\adobe photoshop cs5.1\photoshop.exe | 
"{E6768302-9D40-4B1E-8794-E70B9F00EB14}" = protocol=6 | dir=in | app=c:\program files (x86)\adobe\adobe bridge cs5.1\bridge.exe | 
"{E67F7D96-699F-4B45-8ED9-EB861C318D38}" = protocol=17 | dir=in | app=c:\program files (x86)\adobe\adobe device central cs5.5\devicecentral.exe | 
"{E7CA3EAF-30B1-4C3B-8654-35052C09CFF6}" = protocol=6 | dir=in | app=c:\program files (x86)\adobe\adobe help\adobe help.exe | 
"{E7D8668C-C1A7-43E7-8300-564D8BD0115B}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe | 
"{E88408E2-6DC3-4407-8649-5F80B75963B5}" = protocol=6 | dir=in | app=c:\program files (x86)\internet explorer\ieinstal.exe | 
"{E893F002-A82C-42DC-B7CC-C7C9BB1EE4B3}" = protocol=17 | dir=in | app=c:\program files (x86)\iobit\iobit malware fighter\imf.exe | 
"{E9265ACC-83D4-47F5-A17E-83B4408F10B0}" = protocol=17 | dir=in | app=c:\program files (x86)\microsoft silverlight\sllauncher.exe | 
"{EA6C248A-B953-4ED8-9454-20F33831BD97}" = protocol=58 | dir=out | [email protected],-28546 | 
"{EB205B3C-6924-4659-BD96-4FE8B1B22AE6}" = protocol=6 | dir=in | app=c:\program files (x86)\iphonebrowser\iphonebrowser.exe | 
"{EB595AF0-7968-4F5E-9CBD-B9766EAC0EB1}" = protocol=17 | dir=in | app=c:\program files (x86)\imtoo\iphone sms backup\isms-loader.exe | 
"{EDBA38BB-36FD-4E27-B415-3E84DB36F0D0}" = protocol=6 | dir=in | app=c:\program files (x86)\iobit\driver booster\driverbooster.exe | 
"{EEBA1167-40E8-4643-AC26-DC28901E89E8}" = protocol=17 | dir=in | app=c:\program files (x86)\common files\installshield\professional\runtime\11\50\intel32\isbew64.exe | 
"{EF66EFC6-324B-43E2-9CC8-61608A2F7852}" = protocol=6 | dir=in | app=c:\users\nigel\appdata\roaming\reincubate\iphone backup extractor\iphonebackupextractor-uninstaller.exe | 
"{EFF4FCC5-F65F-47DD-90AE-49C0FD43E5CB}" = protocol=6 | dir=in | app=c:\program files (x86)\realtek high definition audio cc88d7248b3128d9fba630624b7a1b79\aertsr64.exe | 
"{F0831EC5-CFFB-4048-B6F2-8AE1A5E76EE7}" = protocol=6 | dir=in | app=c:\program files (x86)\iobit\driver booster\driverbooster.exe | 
"{F1B634B4-33E3-4A16-98E1-157271DADB92}" = protocol=6 | dir=in | app=c:\program files\microsoft security client\msseces.exe | 
"{F24D70E4-EE5A-4B16-9B24-1A16F5076705}" = protocol=17 | dir=in | app=c:\amd\support\13-1-legacy_vista_win7_win8_64_dd_ccc\setup.exe | 
"{F2E0013C-D2B1-4F46-93DB-2DE1B29C35A6}" = protocol=17 | dir=in | app=c:\program files (x86)\google\picasa3\picasa3.exe | 
"{F2FF505B-3FFF-4DD6-A8CD-DA90AE821D81}" = protocol=6 | dir=in | app=c:\program files\vs revo group\revo uninstaller pro\revouninpro.exe | 
"{F3FC7462-FD3A-4965-B77C-750BCF0876F5}" = protocol=1 | dir=in | [email protected],-28543 | 
"{F502784D-92BB-4A84-B1CB-E98E3F030B2D}" = protocol=6 | dir=in | app=c:\users\nigel\appdata\roaming\utorrent\utorrent.exe | 
"{F5565C96-02C4-4F32-AB51-AD51400F293E}" = protocol=6 | dir=in | app=c:\amd\support\13-1-legacy_vista_win7_win8_64_dd_ccc\setup.exe | 
"{F5A9FE89-1725-4D2A-8B52-BD0195CDF8BF}" = protocol=17 | dir=in | app=c:\users\nigel\appdata\roaming\reincubate\iphone backup extractor\iphonebackupextractor.exe | 
"{F5EE08AC-4A7A-4C4C-9EAE-4FD9B211EDA0}" = protocol=17 | dir=in | app=c:\drivers\jmicron 1394 filter driver\setup.exe | 
"{F61C944D-8D06-4B60-AA6E-5C9CEBD657C5}" = protocol=6 | dir=in | app=c:\program files (x86)\adobe\adobe extension manager cs5.5\adobe extension manager cs5.5.exe | 
"{F736D320-F6C8-4CCE-87EF-8F905623D25C}" = protocol=17 | dir=in | app=c:\windows\installer\{540cbbef-1433-4e5c-9817-4597493aa45f}\icon.exe | 
"{F849139E-5C5E-48EB-873E-835291788231}" = protocol=6 | dir=in | app=c:\windows\system32\xpsrchvw.exe | 
"{FA4AE3C6-D69F-4D9F-BE06-F23B61C8642E}" = protocol=17 | dir=in | app=c:\program files (x86)\adobe\adobe device central cs5.5\devicecentral.exe | 
"{FC8F5910-76DD-49EB-B95C-5356447F3DB4}" = protocol=17 | dir=in | app=c:\program files (x86)\adobe\adobe extension manager cs5.5\adobe extension manager cs5.5.exe | 
"{FD9740E1-8E13-4B7C-956D-3E95B478CD99}" = protocol=6 | dir=in | app=c:\program files (x86)\microsoft silverlight\sllauncher.exe | 
"TCP Query User{299A6658-78ED-4A40-8CEE-FE1CE590A560}C:\program files (x86)\xbmc\xbmc.exe" = protocol=6 | dir=in | app=c:\program files (x86)\xbmc\xbmc.exe | 
"TCP Query User{3084D11B-09EC-415D-9763-2D5EC6DAF01A}C:\program files (x86)\divx\divx media server\divxmediaserver.exe" = protocol=6 | dir=in | app=c:\program files (x86)\divx\divx media server\divxmediaserver.exe | 
"TCP Query User{56BE873C-838E-412A-926C-47C015E665D5}C:\programdata\videodownloaderultimatewinapp\videodownloaderultimate.exe" = protocol=6 | dir=in | app=c:\programdata\videodownloaderultimatewinapp\videodownloaderultimate.exe | 
"TCP Query User{99950138-8886-4777-A1DC-F19137F38CA5}C:\windows\microsoft.net\framework\v2.0.50727\vbc.exe" = protocol=6 | dir=in | app=c:\windows\microsoft.net\framework\v2.0.50727\vbc.exe | 
"UDP Query User{5D731DAA-31C2-4BC7-9E52-D0EDACC28150}C:\program files (x86)\divx\divx media server\divxmediaserver.exe" = protocol=17 | dir=in | app=c:\program files (x86)\divx\divx media server\divxmediaserver.exe | 
"UDP Query User{668B83B3-F85E-4A21-B81A-15265548BDF6}C:\windows\microsoft.net\framework\v2.0.50727\vbc.exe" = protocol=17 | dir=in | app=c:\windows\microsoft.net\framework\v2.0.50727\vbc.exe | 
"UDP Query User{9E36A869-72D3-4E27-A36E-A4EC9B7F8E99}C:\program files (x86)\xbmc\xbmc.exe" = protocol=17 | dir=in | app=c:\program files (x86)\xbmc\xbmc.exe | 
"UDP Query User{9EB3D29B-023E-4D46-B6ED-7686CFCF4EDD}C:\programdata\videodownloaderultimatewinapp\videodownloaderultimate.exe" = protocol=17 | dir=in | app=c:\programdata\videodownloaderultimatewinapp\videodownloaderultimate.exe | 
 
========== HKEY_LOCAL_MACHINE Uninstall List ==========
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{071c9b48-7c32-4621-a0ac-3f809523288f}" = Microsoft Visual C++ 2005 Redistributable (x64)
"{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_MG2100_series" = Canon MG2100 series MP Drivers
"{13351E83-6DCD-4E97-2A8C-5D496259A47F}" = AMD Catalyst Install Manager
"{1D8E6291-B0D5-35EC-8441-6616F567A0F7}" = Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219
"{1E9FC118-651D-4934-97BE-E53CAE5C7D45}" = Microsoft_VC80_MFCLOC_x86_x64
"{21B133D6-5979-47F0-BE1C-F6A6B304693F}" = Visual Studio 2010 x64 Redistributables
"{23F2C78C-E131-4CA0-8F84-3473FB7728BA}" = Microsoft Security Client
"{23F8B360-3E60-3B05-8330-19FD4F9F4525}" = Microsoft .NET Framework 4.5.1 (RUS)
"{24F93B56-61F5-415F-85B9-AA444DA34AFC}" = Microsoft Mouse and Keyboard Center
"{2D9FC0E7-A616-F52C-FE18-2460ACB578C8}" = AMD Fuel
"{3AA627AF-DD36-F927-D91F-207FB3CC32D9}" = ccc-utility64
"{4161341F-AE84-E404-4291-4E0322CCE809}" = AMD Media Foundation Decoders
"{4569AD91-47F4-4D9E-8FC9-717EC32D7AE1}" = Microsoft_VC80_CRT_x86_x64
"{503F672D-6C84-448A-8F8F-4BC35AC83441}" = AMD APP SDK Runtime
"{50813B8C-FCBB-3C61-8039-EAAA93029066}" = Microsoft .NET Framework 4.5.1 (CSY)
"{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161
"{6096C0CC-7E19-4355-87F0-627EC5AA146D}" = iCloud
"{67579783-0FB7-4F7B-B881-E5BE47C9DBE0}_is1" = Revo Uninstaller Pro 3.1.1
"{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}" = Bonjour
"{6F8ECA7B-420F-4D63-B866-B83737EB3E76}" = PE988
"{7DEBE4EB-6B40-3766-BB35-5CBBC385DA37}" = Microsoft .NET Framework 4.5.1
"{7FD0FD0D-AC40-A3BF-F2D4-54EFEDB0008F}" = AMD Drag and Drop Transcoding
"{8220EEFE-38CD-377E-8595-13398D740ACE}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17
"{8557397C-A42D-486F-97B3-A2CBC2372593}" = Microsoft_VC90_ATL_x86_x64
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8C775E70-A791-4DA8-BCC3-6AB7136F4484}" = Visual Studio 2012 x64 Redistributables
"{90140000-0011-0000-1000-0000000FF1CE}" = Microsoft Office Professional Plus 2010
"{90140000-0015-0409-1000-0000000FF1CE}" = Microsoft Office Access MUI (English) 2010
"{90140000-0016-0409-1000-0000000FF1CE}" = Microsoft Office Excel MUI (English) 2010
"{90140000-0017-0409-1000-0000000FF1CE}" = Microsoft Office SharePoint Designer MUI (English) 2010
"{90140000-0018-0409-1000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (English) 2010
"{90140000-0019-0409-1000-0000000FF1CE}" = Microsoft Office Publisher MUI (English) 2010
"{90140000-001A-0409-1000-0000000FF1CE}" = Microsoft Office Outlook MUI (English) 2010
"{90140000-001B-0409-1000-0000000FF1CE}" = Microsoft Office Word MUI (English) 2010
"{90140000-001F-0409-1000-0000000FF1CE}" = Microsoft Office Proof (English) 2010
"{90140000-001F-040C-1000-0000000FF1CE}" = Microsoft Office Proof (French) 2010
"{90140000-001F-0C0A-1000-0000000FF1CE}" = Microsoft Office Proof (Spanish) 2010
"{90140000-002C-0409-1000-0000000FF1CE}" = Microsoft Office Proofing (English) 2010
"{90140000-0043-0000-1000-0000000FF1CE}" = Microsoft Office Office 32-bit Components 2010
"{90140000-0043-0409-1000-0000000FF1CE}" = Microsoft Office Shared 32-bit MUI (English) 2010
"{90140000-0044-0409-1000-0000000FF1CE}" = Microsoft Office InfoPath MUI (English) 2010
"{90140000-006E-0409-1000-0000000FF1CE}" = Microsoft Office Shared MUI (English) 2010
"{90140000-00A1-0409-1000-0000000FF1CE}" = Microsoft Office OneNote MUI (English) 2010
"{90140000-00BA-0409-1000-0000000FF1CE}" = Microsoft Office Groove MUI (English) 2010
"{90140000-0100-0409-1000-0000000FF1CE}" = Microsoft Office O MUI (English) 2010
"{90140000-0101-0409-1000-0000000FF1CE}" = Microsoft Office X MUI (English) 2010
"{90140000-0115-0409-1000-0000000FF1CE}" = Microsoft Office Shared Setup Metadata MUI (English) 2010
"{90140000-0117-0409-1000-0000000FF1CE}" = Microsoft Office Access Setup Metadata MUI (English) 2010
"{90BF0360-A1DB-4599-A643-95AB90A52C1E}" = Microsoft_VC90_MFCLOC_x86_x64
"{925D058B-564A-443A-B4B2-7E90C6432E55}" = Microsoft_VC80_ATL_x86_x64
"{92A3CA0D-55CD-4C5D-BA95-5C2600C20F26}" = Microsoft_VC90_CRT_x86_x64
"{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033" = Microsoft .NET Framework 4.5.1
"{A2CB1ACB-94A2-32BA-A15E-7D80319F7589}" = Microsoft Visual C++ 2012 x64 Minimum Runtime - 11.0.50727
"{A472B9E4-0AFF-4F7B-B25D-F64F8E928AAB}" = Microsoft_VC90_MFC_x86_x64
"{AC53FC8B-EE18-3F9C-9B59-60937D0B182C}" = Microsoft Visual C++ 2012 x64 Additional Runtime - 11.0.50727
"{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}" = Microsoft Visual C++ 2005 Redistributable (x64)
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision" = NVIDIA 3D Vision Driver 340.52
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.ControlPanel" = NVIDIA Control Panel 340.52
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver" = NVIDIA Graphics Driver 340.52
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience" = NVIDIA GeForce Experience 2.1.2
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB" = NVIDIA 3D Vision Controller Driver 340.50
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX" = NVIDIA PhysX System Software 9.13.1220
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update" = NVIDIA Update 16.13.42
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_GFExperience.LEDVisualizer" = NVIDIA LED Visualizer 1.0
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_GFExperience.NvStreamSrv" = SHIELD Streaming
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_GfExperienceService" = NVIDIA GeForce Experience Service
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver" = NVIDIA HD Audio Driver 1.3.30.1
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_installer" = NVIDIA Install Application
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Network.Service" = NVIDIA Network Service
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_ShadowPlay" = NVIDIA ShadowPlay 16.13.42
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_ShieldWirelessController" = SHIELD Wireless Controller Driver
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Update.Core" = NVIDIA Update Core
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_VirtualAudio.Driver" = NVIDIA Virtual Audio 1.2.25
"{B678797F-DF38-4556-8A31-8B818E261868}" = Apple Mobile Device Support
"{C8C1BAD5-54E6-4146-AD07-3A8AD36569C3}" = Microsoft_VC80_MFC_x86_x64
"{CD95F661-A5C4-44F5-A6AA-ECDD91C240E3}" = WinZip 18.5
"{DA5E371C-6333-3D8A-93A4-6FD5B20BCC6E}" = Microsoft Visual C++ 2010  x64 Redistributable - 10.0.30319
"{EBAE9144-AF3E-4AF5-B45F-64896D651E27}" = ccc-utility64
"{F46AA0F1-E284-4878-A462-5F11B9166C0E}" = iTunes
"34BE71CBF435D6B34FFAF9BA68AD921E99CF4065" = Windows Driver Package - YUAN TV DRIVER (cxpl_mhd) Media  (11/08/2011 6.0.32.0077)
"5BB2352543C023211B5CDA6229832626C218EB7F" = Windows Driver Package - Broadcom Corporation (BTHUSB) Bluetooth  (01/28/2010 6.3.0.3800)
"79B5284AC8847651E6939E5B2FB1A473E6C9D19B" = Windows Driver Package - Broadcom Corporation (BTHUSB) Bluetooth  (01/20/2010 6.3.0.3500)
"92CABF192AE59FEC7A26BF526AE067A4C700A858" = Windows Driver Package - Advanced Micro Devices (amdide64) hdc  (12/04/2012 5.2.2.0179)
"CCleaner" = CCleaner
"E3446990DE8D5843AECCB8B0EF4E7D8DBF5E78B2" = Windows Driver Package - Apple (Netaapl) Net  (07/12/2011 1.8.4.2)
"Microsoft Mouse and Keyboard Center" = Microsoft Mouse and Keyboard Center
"Microsoft Security Client" = Microsoft Security Essentials
"Office14.OMUI.en-us" = Microsoft Office Language Pack 2010 - English
"Office14.PROPLUS" = Microsoft Office Professional Plus 2010
"Recuva" = Recuva
"Reimage Express" = Reimage Express
"Total Uninstall 6_is1" = Total Uninstall 6.5.0
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{033E378E-6AD3-4AD5-BDEB-CBD69B31046C}" = Microsoft_VC90_ATL_x86
"{03E830A5-822B-D6FB-3257-E1E6A188CF22}" = Catalyst Control Center Graphics Full Existing
"{08D2E121-7F6A-43EB-97FD-629B44903403}" = Microsoft_VC90_CRT_x86
"{0B30D22F-AB4F-9379-CDE1-3019D68D72B7}" = CCC Help Chinese Traditional
"{0E4AD541-61D5-0DF8-44C9-797C3EEBDE2C}" = CCC Help English
"{0F3647F8-E51D-4FCC-8862-9A8D0C5ACF25}" = Microsoft_VC80_ATL_x86
"{1008F030-1D06-C7C2-14F7-18CE3307F51F}" = CCC Help Portuguese
"{111EE7DF-FC45-40C7-98A7-753AC46B12FB}" = QuickTime 7
"{13C96625-28E4-4c58-ADE0-CDAFC64752EB}" = JMicron 1394 Filter Driver
"{14DC0059-00F1-4F62-BD1A-AB23CD51A95E}" = Adobe AIR
"{15134cb0-b767-4960-a911-f2d16ae54797}" = Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.50727
"{174F94E5-581E-EFCA-60FF-72B99A893BAE}" = CCC Help Thai
"{17B5E42B-670F-BE6A-7CBE-B9DFF74D81DC}" = CCC Help Norwegian
"{18455581-E099-4BA8-BC6B-F34B2F06600C}" = Google Toolbar for Internet Explorer
"{1D359627-1E53-8D9B-46A6-242B1D7A8B9D}" = CCC Help Turkish
"{1EC083EE-5B76-4A2A-B95A-CAF460AA29D6}" = Adobe Touch App Plugins
"{217CEB43-6D22-3E1F-A311-DC0D7BFEE0A2}" = Google Talk Plugin
"{21C205CD-3770-9454-ECC1-88BB0E2AD807}" = Catalyst Control Center Localization All
"{2318C2B1-4965-11d4-9B18-009027A5CD4F}" = Google Toolbar for Internet Explorer
"{244C6FE3-82BC-D9F0-91F9-D9909E926FCE}" = CCC Help Greek
"{26A24AE4-039D-4CA4-87B4-2F03217067FF}" = Java 7 Update 67
"{28C2DED6-325B-4CC7-983A-1777C8F7FBAB}" = RealUpgrade 1.1
"{28E941CF-3D09-C540-07FF-81FDB66E8BC9}" = CCC Help Swedish
"{2C4A0A98-66EA-427A-46B4-FED4A141E4CE}" = Catalyst Control Center Graphics Full New
"{32F898BE-7D45-EBC2-29F3-B0B704CC8FBB}" = ccc-core-static
"{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}" = Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030
"{3521BDBD-D453-5D9F-AA55-44B75D214629}" = Adobe Community Help
"{359F8007-6486-429C-A8C5-D67F6897C88C}" = Adobe Bridge CC (64 Bit)
"{3C9EF074-E7E8-1DAD-7B24-E2ACDC48FBDE}" = CCC Help English
"{3FE312D5-B862-40CE-8E4E-A6D8ABF62736}" = Microsoft ASP.NET MVC 4 Runtime
"{41A12FFC-89E9-4743-A51E-00975CA31F40}" = Adobe Exchange Panel
"{41ACCBEB-F6BD-B9DF-8CCE-32A70F14432B}" = Catalyst Control Center Graphics Previews Vista
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{4A5FF1B1-7C05-19F4-17D7-B1809CDFA0CD}" = CCC Help Polish
"{4D6873BC-73C0-487D-A4B4-BA78D9EF465C}" = Catalyst Control Center - Branding
"{4F07D6C9-3AB0-0567-FA40-FA091398E7BE}" = CCC Help Italian
"{51C7AD07-C3F6-4635-8E8A-231306D810FE}" = Cisco LEAP Module
"{56978E45-6A6B-8DF7-B37C-58043F182D6C}" = CCC Help Swedish
"{62BC7EFB-47F5-4619-9B74-7DDA72D5AF7E}" = QuickShare
"{635FED5B-2C6D-49BE-87E6-7A6FCD22BC5A}" = Microsoft_VC90_MFC_x86
"{64BF0187-F3D2-498B-99EA-163AF9AE6EC9}" = Cisco EAP-FAST Module
"{6672A809-A0D9-A47E-7CFE-AF0B0D599D40}" = Catalyst Control Center Localization All
"{6AFE5E25-121D-6054-62B8-F3354C82FAAF}" = CCC Help Hungarian
"{6E1DA1BE-264E-621C-3631-9A160E953ECE}" = Catalyst Control Center InstallProxy
"{708FC368-197E-1AAB-8018-49AC1BA28B34}" = CCC Help Hungarian
"{764182F2-8B5E-5B6B-A439-02D06550F663}" = CCC Help Dutch
"{7770E71B-2D43-4800-9CB3-5B6CAAEBEBEA}" = RealNetworks - Microsoft Visual C++ 2008 Runtime
"{78002155-F025-4070-85B3-7C0453561701}" = Apple Application Support
"{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}" = Apple Software Update
"{7BDECEC6-87A7-A7AA-8AE8-A8D663F3B9E5}" = CCC Help Finnish
"{7D095455-D971-4D4C-9EFD-9AF6A6584F3A}" = Bing Desktop
"{7D6835C4-F6C7-7D78-5DC7-593E025A58FD}" = CCC Help Korean
"{80407BA7-7763-4395-AB98-5233F1B34E65}" = NVIDIA PhysX
"{87CE7117-D736-8108-AD6A-4F0D117E94B6}" = CCC Help Spanish
"{888934B4-09FC-4CB3-2AA4-87C2F5030C79}" = CCC Help Finnish
"{88B2ABCF-9C00-47C1-8FC4-369B98845DD7}" = Catalyst Control Center - Branding
"{8BB6D134-BFBA-F4B7-D086-6EF765576DBE}" = CCC Help Norwegian
"{8C617D96-CDAA-9025-AAEA-659B477B4B7C}" = CCC Help Czech
"{8DD62FB6-083D-40B9-9D7D-48449FDDDED5}" = Microsoft Windows Debugging Symbols
"{9158FF30-78D7-40EF-B83E-451AC5334640}" = Adobe Photoshop CS5.1
"{92D58719-BBC1-4CC3-A08B-56C9E884CC2C}" = Microsoft_VC80_CRT_x86
"{92E5F54C-888C-51E5-A388-7B360B174311}" = CCC Help Russian
"{933B4015-4618-4716-A828-5289FC03165F}" = VC80CRTRedist - 8.0.50727.6195
"{952D22C8-CA9F-65ED-B7C3-7CEDC08121E7}" = Catalyst Control Center Core Implementation
"{98EFF19A-30AB-4E4B-B943-F06B1C63EBF8}" = Visual Studio 2012 x86 Redistributables
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
"{A018A4CE-0D6F-BEB5-EDC2-D9386B2BF1B3}" = Catalyst Control Center Graphics Light
"{A04C1E78-8EC0-7A07-FDA7-843920FE9D36}" = CCC Help Japanese
"{A69B5801-707A-D310-2DD1-0DE7EFF761AC}" = CCC Help Greek
"{A78FE97A-C0C8-49CE-89D0-EDD524A17392}" = PDF Settings CS5
"{A7A39878-C21D-D6D5-0F34-A01FF3E79B7F}" = CCC Help Korean
"{A7CD6CCE-C2BC-3B61-F0CC-A842F02FB6C0}" = CCC Help Italian
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{AAECF7BA-E83B-4A10-87EA-DE0B333F8734}" = RealNetworks - Microsoft Visual C++ 2010 Runtime
"{AC76BA86-1033-FFFF-7760-000000000006}" = Adobe Acrobat XI Pro
"{AF7EBCA4-9FAF-4DC8-8D09-67854BB84D34}" = RealDownloader
"{B14D51F5-F44F-4D77-86D0-777D6CB6C235}" = IObit Apps Toolbar v8.3
"{B175520C-86A2-35A7-8619-86DC379688B9}" = Microsoft Visual C++ 2012 x86 Additional Runtime - 11.0.61030
"{B3576D1B-5763-4E8C-43CE-1B6908D0B22D}" = CCC Help German
"{B6D38690-755E-4F40-A35A-23F8BC2B86AC}" = Microsoft_VC90_MFCLOC_x86
"{B951569A-7EC8-CF90-74AF-53610BC15097}" = CCC Help Chinese Standard
"{BD95A8CD-1D9F-35AD-981A-3E7925026EBB}" = Microsoft Visual C++ 2012 x86 Minimum Runtime - 11.0.61030
"{C1FCDCA1-2759-4E5E-84EE-3A665BB2F513}" = iPhoneBrowser
"{C42B66AB-B0A2-516D-63BE-6D9608A3B9BC}" = CCC Help Dutch
"{C68F1F36-9B04-2CC8-15A4-DC9606E760EB}" = CCC Help Danish
"{C6DB958A-50CC-481B-9ED8-3BAD236F7B49}" = Microsoft Windows Debugging Symbols
"{C9B21EB7-9E61-55EF-DC76-ADB8DDEEFE56}" = CCC Help Polish
"{CC45C792-5348-9446-1FBB-2A287A19D48E}" = AMD Catalyst Control Center
"{CC9AD130-069C-E5AF-A56C-48E58781BE24}" = CCC Help Chinese Standard
"{D0A0DC26-EDD5-C03D-6AFC-8F10D2FD974F}" = CCC Help Chinese Traditional
"{D1A19B02-817E-4296-A45B-07853FD74D57}" = Microsoft_VC80_MFC_x86
"{D322A9E3-758B-4D60-A7C4-65C88FD378D0}" = Bing Bar
"{D3EE034D-5B92-4A55-AA02-2E6D0A6A96EE}" = Windows Resource Kit Tools - SubInAcl.exe
"{D805E716-EE94-64C4-04FB-BE98A4BF6CF6}" = CCC Help Spanish
"{D92BBB52-82FF-42ED-8A3C-4E062F944AB7}" = Microsoft_VC80_MFCLOC_x86
"{E002447E-6B41-DCF6-8133-987BF12C5B50}" = CCC Help Czech
"{E3AE96D6-E196-45B4-AF62-2B41998B9E37}" = UpdateService
"{E3E71D07-CD27-46CB-8448-16D4FB29AA13}" = Microsoft WSE 3.0 Runtime
"{E647D018-2209-C4B6-493F-ECB57E6620D1}" = CCC Help French
"{E7970ADC-319A-A32B-7D8D-9404F4807365}" = CCC Help German
"{E7E71065-1152-440D-F258-5B6DE3817E41}" = Catalyst Control Center Graphics Previews Common
"{EADF01C1-9C48-5157-AF54-8E5DC3540185}" = CCC Help Turkish
"{EB48CCF6-69EC-F24E-0F24-6A13DFF63A05}" = CCC Help French
"{EC35EE8E-87D1-4E3E-B5CC-D8B1544615F5}" = Microsoft Silverlight 5 Toolkit December 2011
"{ED5776D5-59B4-46B7-AF81-5F2D94D7C640}" = Cisco PEAP Module
"{EF2E00AB-F454-C823-0408-8F2098F2CDCB}" = CCC Help Portuguese
"{EF2E4024-2B49-F761-B36F-167033D7F005}" = CCC Help Japanese
"{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}" = Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{F59AC46C-10C3-4023-882C-4212A92283B3}_is1" = Lagarith Lossless Codec (1.3.27)
"{F88FFBE5-6A07-6206-0B13-4F648A6718C9}" = Catalyst Control Center InstallProxy
"{F9EB0701-776E-BF9F-5B57-760A16422520}" = CCC Help Thai
"{FA5BA14A-631B-3AFB-8918-B75443396D4C}" = CCC Help Danish
"{FDAD2767-11CA-4D38-9CC4-48770CE3CC7B}" = Notification Center
"{FE8DA369-A02D-F0E4-231C-7D73A2D62028}" = CCC Help Russian
"{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022
"Adobe Creative Cloud" = Adobe Creative Cloud
"Adobe Flash Player ActiveX" = Adobe Flash Player 15 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 15 Plugin
"BlueStacks App Player" = BlueStacks App Player
"Canon MG2100 series On-screen Manual" = Canon MG2100 series On-screen Manual
"Canon MG2100 series User Registration" = Canon MG2100 series User Registration
"Canon My Image Garden" = Canon My Image Garden
"Canon My Image Garden Design Files" = Canon My Image Garden Design Files
"CanonMyPrinter" = Canon My Printer
"CanonSolutionMenuEX" = Canon Solution Menu EX
"Cloud System Booster" = Cloud System Booster
"DC-Bass Source" = DC-Bass Source 1.3.0
"DivX Setup" = DivX Setup
"Driver Booster_is1" = Driver Booster
"Easy-WebPrint EX" = Canon Easy-WebPrint EX
"ffdshow_is1" = ffdshow v1.1.4399 [2012-03-22]
"Google Chrome" = Google Chrome
"ImTOO iPhone Photo Transfer" = ImTOO iPhone Photo Transfer
"ImTOO iPhone SMS Backup" = ImTOO iPhone SMS Backup
"IObit Malware Fighter_is1" = IObit Malware Fighter
"LAME_is1" = LAME v3.99.3 (for Windows)
"Malwarebytes Anti-Malware_is1" = Malwarebytes Anti-Malware version 2.0.3.1025
"Marvell Miniport Driver" = Marvell Miniport Driver
"Mozilla Firefox 18.0.2 (x86 en-US)" = Mozilla Firefox 18.0.2 (x86 en-US)
"MozillaMaintenanceService" = Mozilla Maintenance Service
"MP Navigator EX 5.0" = Canon MP Navigator EX 5.0
"NVIDIAStereo" = NVIDIA Stereoscopic 3D Driver
"OpenSource Flash Video Splitter" = OpenSource Flash Video Splitter 1.0.0.5
"Picasa 3" = Picasa 3
"RealPlayer 17.0" = RealPlayer Cloud
"RocketDock_is1" = RocketDock 1.3.5
"VLC media player" = VLC media player 2.1.3
"vsfilter_is1" = DirectVobSub 2.40.4209
"Xvid Video Codec 1.3.2" = Xvid Video Codec
 
========== HKEY_CURRENT_USER Uninstall List ==========
 
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{226b64e8-dc75-4eea-a6c8-abcb496320f2}-Google Talk" = Google Talk (remove only)
"DMG Extractor" = DMG Extractor
"iPhone Backup Extractor" = iPhone Backup Extractor
"Torch" = Torch
"uTorrent" = µTorrent
"VideoDownloaderUltimateWinApp" = VideoDownloaderUltimate
"XBMC" = XBMC
 
========== Last 20 Event Log Errors ==========
 
[ Application Events ]
Error - 10/17/2014 3:13:19 PM | Computer Name = Nigel-PC | Source = Bonjour Service | ID = 100
Description = ERROR: handle_resolve_request bad interfaceIndex 16
 
Error - 10/17/2014 3:13:19 PM | Computer Name = Nigel-PC | Source = Bonjour Service | ID = 100
Description = ERROR: handle_resolve_request bad interfaceIndex 17
 
Error - 10/17/2014 3:13:19 PM | Computer Name = Nigel-PC | Source = Bonjour Service | ID = 100
Description = ERROR: handle_resolve_request bad interfaceIndex 18
 
Error - 10/17/2014 3:13:19 PM | Computer Name = Nigel-PC | Source = Bonjour Service | ID = 100
Description = ERROR: handle_resolve_request bad interfaceIndex 19
 
Error - 10/17/2014 3:13:19 PM | Computer Name = Nigel-PC | Source = Bonjour Service | ID = 100
Description = ERROR: handle_resolve_request bad interfaceIndex 20
 
Error - 10/17/2014 3:13:19 PM | Computer Name = Nigel-PC | Source = Bonjour Service | ID = 100
Description = ERROR: handle_resolve_request bad interfaceIndex 21
 
Error - 10/17/2014 3:13:19 PM | Computer Name = Nigel-PC | Source = Bonjour Service | ID = 100
Description = ERROR: handle_resolve_request bad interfaceIndex 22
 
Error - 10/17/2014 3:13:19 PM | Computer Name = Nigel-PC | Source = Bonjour Service | ID = 100
Description = ERROR: handle_resolve_request bad interfaceIndex 23
 
Error - 10/17/2014 3:13:19 PM | Computer Name = Nigel-PC | Source = Bonjour Service | ID = 100
Description = ERROR: handle_resolve_request bad interfaceIndex 24
 
Error - 10/18/2014 1:58:46 PM | Computer Name = Nigel-PC | Source = Microsoft-Windows-CAPI2 | ID = 513
Description = Cryptographic Services failed while processing the OnIdentity() call
 in the System Writer Object.  Details: AddLegacyDriverFiles: Unable to back up image
 of binary szkg5.  System Error: The system cannot find the file specified.  .
 
[ System Events ]
Error - 10/17/2014 1:46:33 PM | Computer Name = Nigel-PC | Source = BTHUSB | ID = 327685
Description = The Bluetooth driver expected an HCI event with a certain size but
 did not receive it.
 
Error - 10/17/2014 1:49:31 PM | Computer Name = Nigel-PC | Source = SNMP | ID = 16713180
Description = The SNMP Service encountered an error while accessing the registry
 key SYSTEM\CurrentControlSet\Services\SNMP\Parameters\TrapConfiguration.
 
Error - 10/17/2014 1:51:38 PM | Computer Name = Nigel-PC | Source = Service Control Manager | ID = 7022
Description = The Diagnostic Service Host service hung on starting.
 
Error - 10/17/2014 1:51:38 PM | Computer Name = Nigel-PC | Source = Service Control Manager | ID = 7026
Description = The following boot-start or system-start driver(s) failed to load:
   amdkmafd  is3srv  SASDIFSV  SASKUTIL
 
Error - 10/17/2014 1:51:42 PM | Computer Name = Nigel-PC | Source = Service Control Manager | ID = 7034
Description = The LiveUpdate service terminated unexpectedly.  It has done this 
1 time(s).
 
Error - 10/17/2014 2:02:33 PM | Computer Name = Nigel-PC | Source = Service Control Manager | ID = 7011
Description = A timeout (30000 milliseconds) was reached while waiting for a transaction
 response from the szserver service.
 
Error - 10/17/2014 2:07:29 PM | Computer Name = Nigel-PC | Source = Microsoft Antimalware | ID = 2001
Description = %%860 has encountered an error trying to update signatures.     New Signature
 Version:      Previous Signature Version: 1.185.3447.0     Update Source: %%859     Update Stage:
 %%853     Source Path: http://www.microsoft.com     Signature Type: %%800     Update Type: %%803
 
User:
 NT AUTHORITY\SYSTEM     Current Engine Version:      Previous Engine Version: 1.1.11005.0
 
Error
 code: 0x80240022     Error description: The program can't check for definition updates.
 
 
Error - 10/17/2014 2:07:29 PM | Computer Name = Nigel-PC | Source = Microsoft Antimalware | ID = 2001
Description = %%860 has encountered an error trying to update signatures.     New Signature
 Version:      Previous Signature Version: 1.185.3447.0     Update Source: %%859     Update Stage:
 %%853     Source Path: http://www.microsoft.com     Signature Type: %%800     Update Type: %%803
 
User:
 NT AUTHORITY\SYSTEM     Current Engine Version:      Previous Engine Version: 1.1.11005.0
 
Error
 code: 0x80240022     Error description: The program can't check for definition updates.
 
 
Error - 10/17/2014 2:17:49 PM | Computer Name = Nigel-PC | Source = Microsoft Antimalware | ID = 2001
Description = %%860 has encountered an error trying to update signatures.     New Signature
 Version:      Previous Signature Version: 1.185.3447.0     Update Source: %%859     Update Stage:
 %%853     Source Path: http://www.microsoft.com     Signature Type: %%800     Update Type: %%803
 
User:
 NT AUTHORITY\SYSTEM     Current Engine Version:      Previous Engine Version: 1.1.11005.0
 
Error
 code: 0x80240022     Error description: The program can't check for definition updates.
 
 
Error - 10/17/2014 2:17:49 PM | Computer Name = Nigel-PC | Source = Microsoft Antimalware | ID = 2001
Description = %%860 has encountered an error trying to update signatures.     New Signature
 Version:      Previous Signature Version: 1.185.3447.0     Update Source: %%859     Update Stage:
 %%853     Source Path: http://www.microsoft.com     Signature Type: %%800     Update Type: %%803
 
User:
 NT AUTHORITY\SYSTEM     Current Engine Version:      Previous Engine Version: 1.1.11005.0
 
Error
 code: 0x80240022     Error description: The program can't check for definition updates.
 
 
 
< End of report >

  • 0

#7
iammykyl

iammykyl

    Tech Staff

  • Technician
  • 7,047 posts

Gday.

Sorry, I may not have made my instructions clear.

 

You need to post those logs in the new topic you just started so the experts on the Malware forum can help you.

Go back to your new topic > http://www.geekstogo...s/#entry2446540

and at the bottom of your post, click on the edit button, then past the 2 logs into the window, then > click on the Save Changes button.  


  • 0

#8
nfmaharaj

nfmaharaj

    Member

  • Topic Starter
  • Member
  • PipPip
  • 44 posts

Sorry about that, Its done now...


  • 0

#9
Naathim

Naathim

    GeekU Minion

  • Expert
  • 4,568 posts

Minion%20Welcome.jpg

My name's Naathim and I'm a GeekU Minion! Now that we are mates and will be working together to clean your machine out of any junkware, feel free to call me Naat :)

Before we start please note the following:

icon_arrow.gif Analysis and research take some time, also sometimes real life gets in the way, please be patient.
icon_arrow.gif Limit your internet access to posting here, some infections just wait to steal typed-in passwords.
icon_arrow.gif Don't run any scripts or tools on your own, unsupervised usage may cause more harm than good.
icon_arrow.gif Paste the logs in your posts, attachments make my work harder and more complicated.
icon_arrow.gif Stay with me to the end, the absence of symtoms doesn't mean that your machine is fully operational.
icon_arrow.gif Note that we may live in totally different time zones, what may cause some delays between answers.

icon_idea.gif I can't foresee everything, so if anything unexpected happens, please stop and inform me!
icon_idea.gif There are no silly questions. Never be afraid to ask if in doubt!

Let's start and enjoy the fight! :)


Since you are a 64-bit System user, I'd like you to provide me another set of reports which will give a better look at what's going on there :)


FRST.gif Scan with Farbar Recovery Scan Tool

Please download Farbar Recovery Scan Tool x64 and save it to your Desktop.
  • Right-click on FRST.gif icon and select RunAsAdmin.jpg Run as Administrator to start the tool.
    (XP users click run after receipt of Windows Security Warning - Open File).
  • When the tool opens click Yes to disclaimer.
  • Make sure that Addition option is checked.
  • Press Scan button and wait.
  • The tool will produce two logfiles on your desktop: FRST.txt and Addition.txt.
Please copy and paste their content into your next reply.
  • 0

#10
nfmaharaj

nfmaharaj

    Member

  • Topic Starter
  • Member
  • PipPip
  • 44 posts

Hi Naat, and thank you in advance for your assistance. I am not sure if I needed to post the results into my original post or as a reply. So I am going to do both.

 

Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 18-10-2014 01
Ran by Nigel (administrator) on NIGEL-PC on 19-10-2014 00:21:12
Running from C:\Users\Nigel\Downloads
Loaded Profile: Nigel (Available profiles: Nigel & Guest & Classic .NET AppPool & DefaultAppPool)
Platform: Windows 7 Ultimate Service Pack 1 (X64) OS Language: English (United States)
Internet Explorer Version 11
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo...very-scan-tool/
 
==================== Processes (Whitelisted) =================
 
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
 
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\MsMpEng.exe
(AMD) C:\Windows\System32\atiesrxx.exe
(AMD) C:\Windows\System32\atieclxx.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Anvisoft) C:\Program Files (x86)\Anvisoft\Cloud System Booster\extentions\Toolbox\Startup Booster\StartupTimeSrv.exe
(Microsoft Corporation) C:\Windows\System32\alg.exe
(Anvisoft) C:\Program Files (x86)\Anvisoft\Cloud System Booster\CSBSvc.exe
(Microsoft Corporation) C:\Program Files\Microsoft Mouse and Keyboard Center\itype.exe
(Microsoft Corporation) C:\Program Files\Microsoft Mouse and Keyboard Center\ipoint.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe
(Microsoft Corporation) C:\Windows\System32\inetsrv\inetinfo.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
(Microsoft Corporation) C:\Windows\System32\mqsvc.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(Microsoft Corporation) C:\Windows\System32\TCPSVCS.EXE
(Microsoft Corporation) C:\Windows\System32\snmp.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(TorchMedia Inc.) C:\Users\Nigel\AppData\Local\Torch\Update\TorchCrashHandler.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
(Microsoft Corporation) C:\Windows\System32\nfsclnt.exe
(Microsoft Corporation) C:\Windows\System32\rundll32.exe
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\NisSrv.exe
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\msseces.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
(Microsoft Corporation) C:\Windows\System32\taskmgr.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe
() C:\Program Files (x86)\RocketDock\RocketDock.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbam.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\AAM Updates Notifier.exe
(BlueStack Systems, Inc.) C:\Program Files (x86)\BlueStacks\HD-Agent.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
(OldTimer Tools) C:\Users\Nigel\Downloads\OTL.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Internet Services\ApplePhotoStreams.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudDrive.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
 
 
==================== Registry (Whitelisted) ==================
 
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
 
HKLM\...\Run: [MSC] => C:\Program Files\Microsoft Security Client\msseces.exe [1331288 2014-08-22] (Microsoft Corporation)
HKLM-x32\...\Run: [] => [X]
HKLM-x32\...\RunOnce: [Malwarebytes Anti-Malware (cleanup)] => C:\ProgramData\Malwarebytes\Malwarebytes Anti-Malware\mbamdor.exe [54072 2014-10-01] (Malwarebytes Corporation)
HKLM\...\Policies\Explorer: [NoSharedDocuments] 0
HKLM\...\Policies\Explorer: [NoDevMgrUpdate] 0
HKLM\...\Policies\Explorer: [NoSetTaskbar] 0
HKLM\...\Policies\Explorer: [NoDeletePrinter] 0
HKLM\...\Policies\Explorer: [NoDFSTab] 0
HKLM\...\Policies\Explorer: [NoChangeStartMenu] 0
HKLM\...\Policies\Explorer: [NoEncryptOnMove] 0
HKLM\...\Policies\Explorer: [NoRunasInstallPrompt] 0
HKLM\...\Policies\Explorer: [NoResolveSearch] 0
HKLM\...\Policies\Explorer: [NoHardwareTab] 0
HKLM\...\Policies\Explorer: [NoStartMenuSubFolders] 0
HKU\S-1-5-19\...\Policies\Explorer: [NoFolderOptions] 0
HKU\S-1-5-19\...\Policies\Explorer: [NoViewOnDrive] 0
HKU\S-1-5-19\...\Policies\Explorer: [NoControlPanel] 0
HKU\S-1-5-19\...\Policies\Explorer: [DisableLocalMachineRun] 0
HKU\S-1-5-19\...\Policies\Explorer: [DisableLocalMachineRunOnce] 0
HKU\S-1-5-19\...\Policies\Explorer: [DisableCurrentUserRun] 0
HKU\S-1-5-19\...\Policies\Explorer: [DisableCurrentUserRunOnce] 0
HKU\S-1-5-19\...\Policies\Explorer: [NoViewContextMenu] 0
HKU\S-1-5-19\...\Policies\Explorer: [NoShellSearchButton] 0
HKU\S-1-5-19\...\Policies\Explorer: [NoFind] 0
HKU\S-1-5-19\...\Policies\Explorer: [NoFile] 0
HKU\S-1-5-19\...\Policies\Explorer: [HideClock] 0
HKU\S-1-5-19\...\Policies\Explorer: [NoTrayContextMenu] 0
HKU\S-1-5-19\...\Policies\Explorer: [NoTrayItemsDisplay] 0
HKU\S-1-5-19\...\Policies\Explorer: [NoSetFolders] 0
HKU\S-1-5-19\...\Policies\Explorer: [NoDevMgrUpdate] 0
HKU\S-1-5-19\...\Policies\Explorer: [NoSetTaskbar] 0
HKU\S-1-5-19\...\Policies\Explorer: [NoDeletePrinter] 0
HKU\S-1-5-19\...\Policies\Explorer: [NoDFSTab] 0
HKU\S-1-5-19\...\Policies\Explorer: [NoChangeStartMenu] 0
HKU\S-1-5-19\...\Policies\Explorer: [NoLogoff] 0
HKU\S-1-5-19\...\Policies\Explorer: [NoWindowsUpdate] 0
HKU\S-1-5-19\...\Policies\Explorer: [NoEncryptOnMove] 0
HKU\S-1-5-19\...\Policies\Explorer: [NoRunasInstallPrompt] 0
HKU\S-1-5-19\...\Policies\Explorer: [NoResolveSearch] 0
HKU\S-1-5-19\...\Policies\Explorer: [NoSaveSettings] 0
HKU\S-1-5-19\...\Policies\Explorer: [NoStartMenuSubFolders] 0
HKU\S-1-5-20\...\Policies\Explorer: [NoFolderOptions] 0
HKU\S-1-5-20\...\Policies\Explorer: [NoViewOnDrive] 0
HKU\S-1-5-20\...\Policies\Explorer: [NoControlPanel] 0
HKU\S-1-5-20\...\Policies\Explorer: [DisableLocalMachineRun] 0
HKU\S-1-5-20\...\Policies\Explorer: [DisableLocalMachineRunOnce] 0
HKU\S-1-5-20\...\Policies\Explorer: [DisableCurrentUserRun] 0
HKU\S-1-5-20\...\Policies\Explorer: [DisableCurrentUserRunOnce] 0
HKU\S-1-5-20\...\Policies\Explorer: [NoViewContextMenu] 0
HKU\S-1-5-20\...\Policies\Explorer: [NoShellSearchButton] 0
HKU\S-1-5-20\...\Policies\Explorer: [NoFind] 0
HKU\S-1-5-20\...\Policies\Explorer: [NoFile] 0
HKU\S-1-5-20\...\Policies\Explorer: [HideClock] 0
HKU\S-1-5-20\...\Policies\Explorer: [NoTrayContextMenu] 0
HKU\S-1-5-20\...\Policies\Explorer: [NoTrayItemsDisplay] 0
HKU\S-1-5-20\...\Policies\Explorer: [NoSetFolders] 0
HKU\S-1-5-20\...\Policies\Explorer: [NoDevMgrUpdate] 0
HKU\S-1-5-20\...\Policies\Explorer: [NoSetTaskbar] 0
HKU\S-1-5-20\...\Policies\Explorer: [NoDeletePrinter] 0
HKU\S-1-5-20\...\Policies\Explorer: [NoDFSTab] 0
HKU\S-1-5-20\...\Policies\Explorer: [NoChangeStartMenu] 0
HKU\S-1-5-20\...\Policies\Explorer: [NoLogoff] 0
HKU\S-1-5-20\...\Policies\Explorer: [NoWindowsUpdate] 0
HKU\S-1-5-20\...\Policies\Explorer: [NoEncryptOnMove] 0
HKU\S-1-5-20\...\Policies\Explorer: [NoRunasInstallPrompt] 0
HKU\S-1-5-20\...\Policies\Explorer: [NoResolveSearch] 0
HKU\S-1-5-20\...\Policies\Explorer: [NoSaveSettings] 0
HKU\S-1-5-20\...\Policies\Explorer: [NoStartMenuSubFolders] 0
HKU\S-1-5-21-425073729-1472267466-4260431720-1000\...\Run: [iCloudServices] => C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe [43816 2014-08-08] (Apple Inc.)
HKU\S-1-5-21-425073729-1472267466-4260431720-1000\...\Run: [ApplePhotoStreams] => C:\Program Files (x86)\Common Files\Apple\Internet Services\ApplePhotoStreams.exe [43816 2014-08-14] (Apple Inc.)
HKU\S-1-5-21-425073729-1472267466-4260431720-1000\...\Run: [iCloudDrive] => C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudDrive.exe [43816 2014-08-15] (Apple Inc.)
HKU\S-1-5-21-425073729-1472267466-4260431720-1000\...\Policies\Explorer: [NoThumbnailCache] 1
HKU\S-1-5-21-425073729-1472267466-4260431720-1000\...\Policies\Explorer: [NoInstrumentation] 0
HKU\S-1-5-21-425073729-1472267466-4260431720-1000\...\Policies\Explorer: [NoDevMgrUpdate] 0
HKU\S-1-5-21-425073729-1472267466-4260431720-1000\...\Policies\Explorer: [NoSetTaskbar] 0
HKU\S-1-5-21-425073729-1472267466-4260431720-1000\...\Policies\Explorer: [NoDeletePrinter] 0
HKU\S-1-5-21-425073729-1472267466-4260431720-1000\...\Policies\Explorer: [NoDFSTab] 0
HKU\S-1-5-21-425073729-1472267466-4260431720-1000\...\Policies\Explorer: [NoChangeStartMenu] 0
HKU\S-1-5-21-425073729-1472267466-4260431720-1000\...\Policies\Explorer: [NoEncryptOnMove] 0
HKU\S-1-5-21-425073729-1472267466-4260431720-1000\...\Policies\Explorer: [NoRunasInstallPrompt] 0
HKU\S-1-5-21-425073729-1472267466-4260431720-1000\...\Policies\Explorer: [NoResolveSearch] 0
HKU\S-1-5-21-425073729-1472267466-4260431720-1000\...\Policies\Explorer: [NoHardwareTab] 0
HKU\S-1-5-21-425073729-1472267466-4260431720-1000\...\Policies\Explorer: [NoStartMenuSubFolders] 0
HKU\S-1-5-21-425073729-1472267466-4260431720-1000\...\Policies\Explorer: [NoInternetOpenWith] 0
HKU\S-1-5-21-425073729-1472267466-4260431720-1000\...\Policies\Explorer: [NoInternetIcon] 0
HKU\S-1-5-18\...\Run: [Advanced SystemCare Ultimate] => "C:\Program Files (x86)\IObit\Advanced SystemCare Ultimate\ASCTray.exe" /AutoStart
HKU\S-1-5-18\...\Policies\Explorer: [DisableLocalMachineRun] 0
HKU\S-1-5-18\...\Policies\Explorer: [DisableLocalMachineRunOnce] 0
HKU\S-1-5-18\...\Policies\Explorer: [DisableCurrentUserRun] 0
HKU\S-1-5-18\...\Policies\Explorer: [DisableCurrentUserRunOnce] 0
HKU\S-1-5-18\...\Policies\Explorer: [NoShellSearchButton] 0
HKU\S-1-5-18\...\Policies\Explorer: [NoFile] 0
HKU\S-1-5-18\...\Policies\Explorer: [HideClock] 0
HKU\S-1-5-18\...\Policies\Explorer: [NoTrayItemsDisplay] 0
HKU\S-1-5-18\...\Policies\Explorer: [NoSetFolders] 0
HKU\S-1-5-18\...\Policies\Explorer: [NoDevMgrUpdate] 0
HKU\S-1-5-18\...\Policies\Explorer: [NoSetTaskbar] 0
HKU\S-1-5-18\...\Policies\Explorer: [NoDeletePrinter] 0
HKU\S-1-5-18\...\Policies\Explorer: [NoDFSTab] 0
HKU\S-1-5-18\...\Policies\Explorer: [NoChangeStartMenu] 0
HKU\S-1-5-18\...\Policies\Explorer: [NoLogoff] 0
HKU\S-1-5-18\...\Policies\Explorer: [NoEncryptOnMove] 0
HKU\S-1-5-18\...\Policies\Explorer: [NoRunasInstallPrompt] 0
HKU\S-1-5-18\...\Policies\Explorer: [NoResolveSearch] 0
HKU\S-1-5-18\...\Policies\Explorer: [NoSaveSettings] 0
HKU\S-1-5-18\...\Policies\Explorer: [NoStartMenuSubFolders] 0
SecurityProviders: schannel.dll
ShellIconOverlayIdentifiers: [ AccExtIco1] -> {AB9CF9F8-8A96-4F9D-BF21-CE85714C3A47} => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSync\CoreSync_x64.dll ()
ShellIconOverlayIdentifiers: [ AccExtIco2] -> {853B7E05-C47D-4985-909A-D0DC5C6D7303} => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSync\CoreSync_x64.dll ()
ShellIconOverlayIdentifiers: [ AccExtIco3] -> {42D38F2E-98E9-4382-B546-E24E4D6D04BB} => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSync\CoreSync_x64.dll ()
GroupPolicy: Group Policy on Chrome detected <======= ATTENTION
CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION
 
==================== Internet (Whitelisted) ====================
 
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
 
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = en-US
HKCU\Software\Microsoft\Internet Explorer\Main,First Home Page = http://g.msn.com/1me10IE11ENUS/MSE_WCP
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.microsoft...=ie&ar=iesearch
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft...=ie&ar=iesearch
Toolbar: HKLM - Webroot Toolbar - {97ab88ef-346b-4179-a0b1-7445896547a5} -  No File
Toolbar: HKLM - IObit Apps Toolbar - {03EB0E9C-7A91-4381-A220-9B52B641CDB1} -  No File
Toolbar: HKLM-x32 - No Name - {97ab88ef-346b-4179-a0b1-7445896547a5} -  No File
Toolbar: HKLM-x32 - No Name - {03EB0E9C-7A91-4381-A220-9B52B641CDB1} -  No File
Toolbar: HKLM-x32 - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
Toolbar: HKLM-x32 - Adobe Acrobat Create PDF Toolbar - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
DPF: HKLM-x32 {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload2.m...ash/swflash.cab
Winsock: Catalog5 01 C:\Windows\SysWOW64\mswsock.dll [231424] (Microsoft Corporation) ATTENTION: The LibraryPath should be "%SystemRoot%\system32\NLAapi.dll"
Winsock: Catalog5-x64 01 %SystemRoot%\System32\mswsock.dll [327168] (Microsoft Corporation) ATTENTION: The LibraryPath should be "%SystemRoot%\system32\NLAapi.dll"
Hosts: There are more than one entry in Hosts. See Hosts section of Addition.txt
Tcpip\Parameters: [DhcpNameServer] 192.168.1.254
 
FireFox:
========
FF ProfilePath: C:\Users\Nigel\AppData\Roaming\Mozilla\Firefox\Profiles\xxxk6g1a.default
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_15_0_0_152.dll ()
FF Plugin: @divx.com/DivX VOD Helper,version=1.0.0 -> C:\Program Files\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)
FF Plugin: @microsoft.com/GENUINE -> disabled No File
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~1\MICROS~3\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF Plugin: adobe.com/AdobeAAMDetect_x86_64 -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect64.dll (Adobe Systems)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_15_0_0_152.dll ()
FF Plugin-x32: @Apple.com/iTunes,version=1.0 -> C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF Plugin-x32: @canon.com/EPPEX -> C:\Program Files\Canon\Easy-PhotoPrint EX\NPEZFFPI.DLL (CANON INC.)
FF Plugin-x32: @divx.com/DivX VOD Helper,version=1.0.0 -> C:\Program Files (x86)\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)
FF Plugin-x32: @divx.com/DivX Web Player Plug-In,version=1.0.0 -> C:\Program Files (x86)\DivX\DivX Web Player\npdivx32.dll (DivX, LLC)
FF Plugin-x32: @google.com/npPicasa3,version=3.0.0 -> C:\Program Files (x86)\Google\Picasa3\npPicasa3.dll (Google, Inc.)
FF Plugin-x32: @java.com/DTPlugin,version=10.67.2 -> C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.67.2 -> C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @microsoft.com/GENUINE -> disabled No File
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files (x86)\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)
FF Plugin-x32: @real.com/nppl3260;version=17.0.2.206 -> c:\program files (x86)\real\realplayer\Netscape6\nppl3260.dll (RealNetworks, Inc.)
FF Plugin-x32: @real.com/nprpplugin;version=17.0.2.206 -> c:\program files (x86)\real\realplayer\Netscape6\nprpplugin.dll (RealPlayer)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.24.15\npGoogleUpdate3.dll No File
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.24.15\npGoogleUpdate3.dll No File
FF Plugin-x32: @videolan.org/vlc,version=2.0.5 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.0.6 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.1.1 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.1.2 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.1.3 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin-x32: Adobe Acrobat -> C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\Air\nppdf32.dll (Adobe Systems Inc.)
FF Plugin-x32: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect32.dll (Adobe Systems)
FF Plugin HKCU: @talk.google.com/GoogleTalkPlugin -> C:\Users\Nigel\AppData\Roaming\Mozilla\plugins\npgoogletalk.dll (Google)
FF Plugin HKCU: @talk.google.com/O1DPlugin -> C:\Users\Nigel\AppData\Roaming\Mozilla\plugins\npo1d.dll (Google)
FF Plugin HKCU: @tools.google.com/Google Update;version=3 -> C:\Users\Nigel\AppData\Local\Google\Update\1.3.24.7\npGoogleUpdate3.dll No File
FF Plugin HKCU: @tools.google.com/Google Update;version=9 -> C:\Users\Nigel\AppData\Local\Google\Update\1.3.24.7\npGoogleUpdate3.dll No File
FF user.js: detected! => C:\Users\Nigel\AppData\Roaming\Mozilla\Firefox\Profiles\xxxk6g1a.default\user.js
FF Plugin ProgramFiles/Appdata: C:\Users\Nigel\AppData\Roaming\mozilla\plugins\npgoogletalk.dll (Google)
FF Plugin ProgramFiles/Appdata: C:\Users\Nigel\AppData\Roaming\mozilla\plugins\npo1d.dll (Google)
FF SearchPlugin: C:\Users\Nigel\AppData\Roaming\Mozilla\Firefox\Profiles\xxxk6g1a.default\searchplugins\EasyLife.xml
FF SearchPlugin: C:\Users\Nigel\AppData\Roaming\Mozilla\Firefox\Profiles\xxxk6g1a.default\searchplugins\safeguard-secure-search.xml
FF SearchPlugin: C:\Users\Nigel\AppData\Roaming\Mozilla\Firefox\Profiles\xxxk6g1a.default\searchplugins\Searchab.xml
FF SearchPlugin: C:\Users\Nigel\AppData\Roaming\Mozilla\Firefox\Profiles\xxxk6g1a.default\searchplugins\yahoo_ff.xml
FF Extension: Key Download - C:\Users\Nigel\AppData\Roaming\Mozilla\Firefox\Profiles\xxxk6g1a.default\Extensions\[email protected] [2013-03-01]
FF Extension: Ads Removal - C:\Users\Nigel\AppData\Roaming\Mozilla\Firefox\Profiles\xxxk6g1a.default\Extensions\[email protected] [2014-08-22]
FF Extension: TinyWallet - C:\Users\Nigel\AppData\Roaming\Mozilla\Firefox\Profiles\xxxk6g1a.default\Extensions\[email protected] [2014-10-12]
FF Extension: DictAddon - C:\Users\Nigel\AppData\Roaming\Mozilla\Firefox\Profiles\xxxk6g1a.default\Extensions\[email protected] [2013-11-24]
FF Extension: QuickShare Widget - C:\Users\Nigel\AppData\Roaming\Mozilla\Firefox\Profiles\xxxk6g1a.default\Extensions\{78f95c9b-16b5-4f71-a733-87632abd4c0c} [2013-08-13]
FF Extension: Universal Downloader - C:\Users\Nigel\AppData\Roaming\Mozilla\Firefox\Profiles\xxxk6g1a.default\Extensions\{9051303c-7e41-4311-a783-d6fe5ef2832d} [2014-10-12]
FF Extension: uTorrentControl_v6  - C:\Users\Nigel\AppData\Roaming\Mozilla\Firefox\Profiles\xxxk6g1a.default\Extensions\{96f454ea-9d38-474f-b504-56193e00c1a5} [2013-08-18]
FF Extension: HDvid Codec - C:\Users\Nigel\AppData\Roaming\Mozilla\Firefox\Profiles\xxxk6g1a.default\Extensions\[email protected] [2013-04-08]
FF Extension: PutLocker Downloader - C:\Users\Nigel\AppData\Roaming\Mozilla\Firefox\Profiles\xxxk6g1a.default\Extensions\[email protected] [2013-06-26]
FF Extension: Speed Analysis 2 - C:\Users\Nigel\AppData\Roaming\Mozilla\Firefox\Profiles\xxxk6g1a.default\Extensions\[email protected] [2014-01-16]
FF Extension: Adblock Plus - C:\Users\Nigel\AppData\Roaming\Mozilla\Firefox\Profiles\xxxk6g1a.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2013-03-01]
FF Extension: No Name - C:\Program Files (x86)\Mozilla Firefox\extensions\[email protected] [2013-08-08]
FF Extension: WordOv - C:\Program Files (x86)\Mozilla Firefox\extensions\[email protected] [2013-10-19]
FF HKLM-x32\...\Firefox\Extensions: [[email protected]] - C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\Browser\WCFirefoxExtn
FF Extension: Adobe Acrobat - Create PDF - C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\Browser\WCFirefoxExtn [2014-05-21]
 
Chrome: 
=======
CHR dev: Chrome dev build detected! <======= ATTENTION
CHR Profile: C:\Users\Nigel\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Google Slides) - C:\Users\Nigel\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2014-09-25]
CHR Extension: (Google Docs) - C:\Users\Nigel\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2014-09-25]
CHR Extension: (Google Drive) - C:\Users\Nigel\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2014-09-25]
CHR Extension: (Google Voice Search Hotword (Beta)) - C:\Users\Nigel\AppData\Local\Google\Chrome\User Data\Default\Extensions\bepbmhgboaologfdajaanbcjmnhjmhfn [2014-09-25]
CHR Extension: (YouTube) - C:\Users\Nigel\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2014-09-25]
CHR Extension: (Google Search) - C:\Users\Nigel\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2014-09-25]
CHR Extension: (Video downloader pro) - C:\Users\Nigel\AppData\Local\Google\Chrome\User Data\Default\Extensions\dbjlfogfpagepnaojhfbdlhjhildeaem [2014-09-26]
CHR Extension: (Video Downloader professional) - C:\Users\Nigel\AppData\Local\Google\Chrome\User Data\Default\Extensions\elicpjhcidhpjomhibiffojpinpmmpil [2014-09-26]
CHR Extension: (Google Sheets) - C:\Users\Nigel\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2014-09-25]
CHR Extension: (Video Downloader) - C:\Users\Nigel\AppData\Local\Google\Chrome\User Data\Default\Extensions\hnmpgleggfcndpeflbjhpjfckfmojnpo [2014-09-26]
CHR Extension: (Google Wallet) - C:\Users\Nigel\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2014-09-25]
CHR Extension: (Gmail) - C:\Users\Nigel\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2014-09-25]
CHR HKLM-x32\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj] - C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\Browser\WCChromeExtn\WCChromeExtn.crx [2014-09-12]
 
==================== Services (Whitelisted) =================
 
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
 
R2  AnviStartupTime; C:\Program Files (x86)\Anvisoft\Cloud System Booster\extentions\Toolbox\Startup Booster\StartupTimeSrv.exe [193256 2013-05-07] (Anvisoft)
R2 AnviCsbSvc; C:\Program Files (x86)\Anvisoft\Cloud System Booster\CSBSvc.exe [42680 2014-08-20] (Anvisoft)
S4 BingDesktopUpdate; C:\Program Files (x86)\Microsoft\BingDesktop\BingDesktopUpdater.exe [166408 2013-01-25] (Microsoft Corp.)
S2 BstHdAndroidSvc; C:\Program Files (x86)\BlueStacks\HD-Service.exe [393080 2012-12-05] (BlueStack Systems, Inc.)
S3 BstHdLogRotatorSvc; C:\Program Files (x86)\BlueStacks\HD-LogRotatorService.exe [384888 2012-12-05] (BlueStack Systems, Inc.)
R2 ftpsvc; C:\Windows\system32\inetsrv\ftpsvc.dll [350720 2012-06-01] (Microsoft Corporation)
R2 GfExperienceService; C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe [1148744 2014-09-16] (NVIDIA Corporation)
R2 IISADMIN; C:\Windows\system32\inetsrv\inetinfo.exe [15872 2010-11-20] (Microsoft Corporation)
S4 IMFservice; C:\Program Files (x86)\IObit\IObit Malware Fighter\IMFsrv.exe [342336 2014-05-15] (IObit)
R2 iprip; C:\Windows\System32\iprip.dll [35328 2009-07-13] (Microsoft Corporation)
S2 LiveUpdateSvc; C:\Program Files (x86)\IObit\LiveUpdate\LiveUpdate.exe [2151232 2013-12-02] (IObit)
R2 LPDSVC; C:\Windows\system32\lpdsvc.dll [45568 2009-07-13] (Microsoft Corporation)
R2 MBAMScheduler; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe [1871160 2014-10-01] (Malwarebytes Corporation)
R2 MBAMService; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe [968504 2014-10-01] (Malwarebytes Corporation)
R2 MsMpSvc; C:\Program Files\Microsoft Security Client\MsMpEng.exe [23784 2014-08-22] (Microsoft Corporation)
R3 MSMQ; C:\Windows\system32\mqsvc.exe [9216 2009-07-13] (Microsoft Corporation)
S3 MSMQTriggers; C:\Windows\system32\mqtgsvc.exe [189440 2010-11-20] (Microsoft Corporation)
R2 NfsClnt; C:\Windows\system32\nfsclnt.exe [65536 2010-11-20] (Microsoft Corporation)
R3 NisSrv; C:\Program Files\Microsoft Security Client\NisSrv.exe [368624 2014-08-22] (Microsoft Corporation)
R2 NvNetworkService; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1795912 2014-09-16] (NVIDIA Corporation)
R2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [19439944 2014-09-16] (NVIDIA Corporation)
S4 RealNetworks Downloader Resolver Service; C:\Program Files (x86)\RealNetworks\RealDownloader\rndlresolversvc.exe [38608 2012-11-29] ()
S4 RealPlayer Desktop Service; c:\program files (x86)\real\realplayer\RPDS\Bin\rpdsvc.exe [1418336 2013-12-10] (RealNetworks, Inc.)
S4 RealPlayerUpdateSvc; C:\Program Files (x86)\Real\UpdateService\RealPlayerUpdateSvc.exe [29320 2013-10-25] ()
R2 simptcp; C:\Windows\SysWOW64\tcpsvcs.exe [9216 2009-07-13] (Microsoft Corporation)
R2 SNMP; C:\Windows\System32\snmp.exe [49664 2010-11-20] (Microsoft Corporation)
R2 SNMP; C:\Windows\SysWOW64\snmp.exe [47616 2010-11-20] (Microsoft Corporation)
S3 SwitchBoard; C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Adobe Systems Incorporated) [File not signed]
S4 TlntSvr; C:\Windows\System32\tlntsvr.exe [81920 2009-07-13] (Microsoft Corporation)
R2 TorchCrashHandler; C:\Users\Nigel\AppData\Local\Torch\Update\TorchCrashHandler.exe [1217032 2014-08-27] (TorchMedia Inc.) <==== ATTENTION
R2 W3SVC; C:\Windows\system32\inetsrv\iisw3adm.dll [453120 2010-11-20] (Microsoft Corporation)
S3 WMSVC; C:\Windows\system32\inetsrv\wmsvc.exe [10752 2009-07-13] (Microsoft Corporation)
S3 avgfws; No ImagePath
S3 AVGIDSAgent; No ImagePath
S3 avgwd; No ImagePath
S3 hshld; No ImagePath
S3 HssTrayService; No ImagePath
S3 HssWd; No ImagePath
 
==================== Drivers (Whitelisted) ====================
 
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
 
R0 amdide64; C:\Windows\System32\DRIVERS\amdide64.sys [11944 2012-12-03] (Advanced Micro Devices Inc.)
S0 amdkmafd; C:\Windows\System32\DRIVERS\amdkmafd.sys [21160 2013-06-06] (Advanced Micro Devices, Inc.)
R0 amdkmpfd; C:\Windows\System32\DRIVERS\amdkmpfd.sys [36608 2013-12-11] (Advanced Micro Devices, Inc.)
S1 AntiLog32; No ImagePath
S3 AtiHDAudioService; C:\Windows\System32\drivers\AtihdW76.sys [96768 2013-05-25] (Advanced Micro Devices) [File not signed]
S4 Avgfwfd; No ImagePath
R3 bcbtums; C:\Windows\System32\drivers\bcbtums.sys [170712 2013-10-28] (Broadcom Corporation.)
R2 BstHdDrv; C:\Program Files (x86)\BlueStacks\HD-Hypervisor-amd64.sys [71032 2012-12-05] (BlueStack Systems)
S3 BTATH_LWFLT; C:\Windows\System32\DRIVERS\btath_lwflt.sys [77464 2013-05-31] (Qualcomm Atheros)
R3 btmaudio; C:\Windows\System32\drivers\btmaud.sys [88376 2013-03-18] (Motorola Solutions, Inc.)
R3 btmaux; C:\Windows\System32\DRIVERS\btmaux.sys [132920 2013-04-23] (Motorola Solutions, Inc.)
S4 btwaudio; No ImagePath
S3 btwavdt; No ImagePath
R3 BTWDPAN; C:\Windows\System32\DRIVERS\btwdpan.sys [84008 2010-11-15] (Broadcom Corporation.)
S4 btwl2cap; No ImagePath
S4 btwrchid; No ImagePath
S3 cxpl_mhd; C:\Windows\System32\drivers\y_cx88x.sys [714752 2009-06-22] (Conexant Systems, Inc.) [File not signed]
S3 FileMonitor; C:\Program Files (x86)\IObit\IObit Malware Fighter\Drivers\win7_amd64\FileMonitor.sys [23048 2013-03-23] (IObit)
S3 gmPS2up; C:\Windows\System32\DRIVERS\gmPS2up.sys [9216 2013-06-01] () [File not signed]
R1 HBtnKey; C:\Windows\System32\DRIVERS\wstbtndb.sys [9856 2007-09-14] (Lenovo)
S3 JmUsbCcgp; C:\Windows\System32\DRIVERS\jmccgp.sys [17136 2009-07-28] (JMicron Technology Corp.)
R3 johci; C:\Windows\System32\DRIVERS\johci.sys [26208 2012-07-16] (JMicron Technology Corp.)
S3 massfilter_hs; C:\Windows\System32\DRIVERS\massfilter_hs.sys [18456 2012-01-10] (HandSet Incorporated)
R1 mbamchameleon; C:\Windows\system32\drivers\mbamchameleon.sys [93400 2014-10-01] (Malwarebytes Corporation)
R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25816 2014-10-01] (Malwarebytes Corporation)
R3 MBAMSwissArmy; C:\Windows\system32\drivers\MBAMSwissArmy.sys [129752 2014-10-18] (Malwarebytes Corporation)
R3 MBAMWebAccessControl; C:\Windows\system32\drivers\mwac.sys [63704 2014-10-01] (Malwarebytes Corporation)
R0 MpFilter; C:\Windows\System32\DRIVERS\MpFilter.sys [269008 2014-07-17] (Microsoft Corporation)
R3 MQAC; C:\Windows\System32\drivers\mqac.sys [189440 2009-07-13] (Microsoft Corporation)
R3 NfsRdr; C:\Windows\System32\drivers\nfsrdr.sys [246272 2010-11-20] (Microsoft Corporation)
R2 NisDrv; C:\Windows\System32\DRIVERS\NisDrvWFP.sys [125584 2014-07-17] (Microsoft Corporation)
R3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [19272 2014-09-16] (NVIDIA Corporation)
R3 nvvad_WaveExtensible; C:\Windows\System32\drivers\nvvad64v.sys [38048 2014-09-04] (NVIDIA Corporation)
S3 PsxDrv; C:\Windows\System32\drivers\psxdrv.sys [10240 2009-07-13] (Microsoft Corporation)
S3 RegFilter; C:\Program Files (x86)\IObit\IObit Malware Fighter\drivers\win7_amd64\regfilter.sys [34848 2013-11-19] (IObit.com)
R3 RpcXdr; C:\Windows\System32\drivers\rpcxdr.sys [104960 2010-11-20] (Microsoft Corporation)
S1 SASDIFSV; No ImagePath
S1 SASKUTIL; No ImagePath
R3 taphss6; C:\Windows\System32\DRIVERS\taphss6.sys [40712 2012-11-01] (Anchorfree Inc.)
S3 UrlFilter; C:\Program Files (x86)\IObit\IObit Malware Fighter\drivers\win7_amd64\UrlFilter.sys [23016 2013-11-19] (IObit.com)
S4 VGPU; No ImagePath
U0 vqmwpufq; C:\Windows\System32\drivers\lvfamxfn.sys [79064 2014-10-18] (Malwarebytes Corporation)
S4 zghsdiag; No ImagePath
S4 zghsmdm; No ImagePath
S4 zghsnmea; No ImagePath
S3 cpuz134; \??\C:\Users\Nigel\AppData\Local\Temp\cpuz134\cpuz134_x64.sys [X]
U0 helpsvc; No ImagePath
U2 ImapiService; No ImagePath
U2 Irmon; No ImagePath
R2 sbapifs; system32\DRIVERS\sbapifs.sys [X]
U0 SR; No ImagePath
U2 srservice; No ImagePath
U0 UPS; No ImagePath
U2 WZCSVC; No ImagePath
 
==================== NetSvcs (Whitelisted) ===================
 
(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)
 
 
==================== One Month Created Files and Folders ========
 
(If an entry is included in the fixlist, the file\folder will be moved.)
 
2014-10-19 00:21 - 2014-10-19 00:21 - 00033655 _____ () C:\Users\Nigel\Downloads\FRST.txt
2014-10-19 00:20 - 2014-10-19 00:21 - 00000000 ____D () C:\FRST
2014-10-19 00:18 - 2014-10-19 00:18 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Wajam
2014-10-19 00:18 - 2014-10-19 00:18 - 00000000 ____D () C:\Program Files (x86)\Wajam
2014-10-19 00:17 - 2014-10-19 00:17 - 02112000 _____ (Farbar) C:\Users\Nigel\Downloads\FRST64.exe
2014-10-18 23:10 - 2014-10-18 23:10 - 00000000 ___RD () C:\Users\Nigel\iCloudDrive
2014-10-18 23:10 - 2014-10-18 23:10 - 00000000 ____D () C:\Users\Nigel\AppData\Local\Apple Inc
2014-10-18 21:53 - 2014-10-18 21:53 - 00224536 _____ () C:\Users\Nigel\Desktop\Computer_OTL_Extras_Report.Txt
2014-10-18 21:49 - 2014-10-18 21:49 - 00145572 _____ () C:\Users\Nigel\Desktop\Computer_OTL_Results.Txt
2014-10-18 21:09 - 2014-10-18 21:09 - 00224536 _____ () C:\Users\Nigel\Downloads\Extras.Txt
2014-10-18 21:09 - 2014-10-18 21:09 - 00145572 _____ () C:\Users\Nigel\Downloads\OTL.Txt
2014-10-18 20:49 - 2014-10-18 20:49 - 00602112 _____ (OldTimer Tools) C:\Users\Nigel\Downloads\OTL.exe
2014-10-18 19:43 - 2014-10-18 19:43 - 00401920 _____ (Farbar) C:\Users\Nigel\Downloads\MiniToolBox.exe
2014-10-18 19:42 - 2014-10-18 19:43 - 04890736 _____ (Piriform Ltd) C:\Users\Nigel\Downloads\spsetup126.exe
2014-10-18 19:22 - 2014-10-18 19:22 - 00110528 _____ () C:\Users\Nigel\AppData\Local\GDIPFONTCACHEV1.DAT
2014-10-18 03:33 - 2014-10-18 03:33 - 00079064 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\lvfamxfn.sys
2014-10-17 15:03 - 2014-10-17 15:47 - 00000000 ____D () C:\Users\Nigel\Downloads\iPhone_IPSW
2014-10-17 15:00 - 2014-10-17 15:26 - 1200488975 _____ () C:\Users\Nigel\Downloads\iPhone3,3_7.0.2_11A501_Restore.ipsw
2014-10-17 13:54 - 2014-10-17 13:57 - 00000000 ____D () C:\Users\Nigel\Desktop\Computer_Software
2014-10-17 13:50 - 2014-10-17 13:51 - 00001680 _____ () C:\Windows\system32\Drivers\kgpcpy.cfg
2014-10-17 13:50 - 2014-10-17 13:50 - 00000384 _____ () C:\Windows\SysWOW64\Drivers\kgpfr2.cfg
2014-10-17 13:34 - 2014-10-17 13:36 - 00000000 ____D () C:\Users\Nigel\Desktop\StopZilla
2014-10-17 13:18 - 2014-10-17 13:18 - 00712443 _____ () C:\Users\Nigel\Desktop\Installer (Right Click and select extract).zip
2014-10-17 12:41 - 2014-10-17 15:18 - 00001088 _____ () C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2014-10-17 12:33 - 2014-10-17 12:34 - 00000000 ____D () C:\Program Files\CCleaner
2014-10-17 12:33 - 2014-10-17 12:33 - 00002772 _____ () C:\Windows\System32\Tasks\CCleanerSkipUAC
2014-10-17 12:33 - 2014-10-17 12:33 - 00000794 _____ () C:\Users\Public\Desktop\CCleaner.lnk
2014-10-17 12:33 - 2014-10-17 12:33 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner
2014-10-17 09:46 - 2014-10-17 11:56 - 00005440 _____ () C:\Users\Nigel\Desktop\Computer_Help.txt
2014-10-17 08:57 - 2014-10-17 08:58 - 16955453 _____ () C:\Users\Nigel\Desktop\evasi0n7-win-1.0.8-ccb6ff816eb8789bf039cf3ca00edbedc199464f.zip
2014-10-16 19:02 - 2014-10-16 19:03 - 00000000 ____D () C:\ProgramData\Reimage Express
2014-10-16 19:02 - 2014-10-16 19:02 - 00004274 _____ () C:\Windows\System32\Tasks\ReimageUpdater
2014-10-16 19:02 - 2014-10-16 19:02 - 00001877 _____ () C:\Users\Public\Desktop\Reimage Express.lnk
2014-10-16 19:02 - 2014-10-16 19:02 - 00000000 ____D () C:\ProgramData\Reimage Protector
2014-10-16 19:02 - 2014-10-16 19:02 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Reimage Express
2014-10-16 00:15 - 2014-10-16 00:19 - 00003204 _____ () C:\Windows\System32\Tasks\YourFileDownloader Installer Starter
2014-10-15 15:50 - 2014-10-15 15:50 - 00006948 _____ () C:\Windows\system32\ScanResults.xml
2014-10-15 15:41 - 2014-10-15 15:41 - 00000464 _____ () C:\Windows\system32\ScannerSettings
2014-10-14 21:07 - 2014-10-16 15:25 - 00000300 _____ () C:\Users\Nigel\Desktop\reimage key.txt
2014-10-14 19:02 - 2014-10-14 20:20 - 00000585 _____ () C:\Windows\w32dasm8.ini
2014-10-14 19:02 - 2014-10-14 19:02 - 00003218 _____ () C:\Windows\System32\Tasks\{E593581A-1EAB-4FD9-B360-D63A08BB6A7B}
2014-10-14 18:06 - 2014-10-14 18:06 - 00000000 ____D () C:\Program Files (x86)\Microsoft ASP.NET
2014-10-14 17:19 - 2014-09-04 01:23 - 00424448 _____ (Microsoft Corporation) C:\Windows\system32\rastls.dll
2014-10-14 17:19 - 2014-09-04 01:04 - 00372736 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rastls.dll
2014-10-14 17:18 - 2014-08-18 23:11 - 00693176 _____ (Microsoft Corporation) C:\Windows\system32\winload.efi
2014-10-14 17:18 - 2014-08-18 23:10 - 00616352 _____ (Microsoft Corporation) C:\Windows\system32\winresume.efi
2014-10-14 17:18 - 2014-08-18 23:08 - 00503808 _____ (Microsoft Corporation) C:\Windows\system32\srcore.dll
2014-10-14 17:18 - 2014-08-18 23:08 - 00063488 _____ (Microsoft Corporation) C:\Windows\system32\setbcdlocale.dll
2014-10-14 17:18 - 2014-08-18 23:07 - 00296960 _____ (Microsoft Corporation) C:\Windows\system32\rstrui.exe
2014-10-14 17:18 - 2014-08-18 23:07 - 00146944 _____ (Microsoft Corporation) C:\Windows\system32\appidpolicyconverter.exe
2014-10-14 17:18 - 2014-08-18 23:07 - 00058880 _____ (Microsoft Corporation) C:\Windows\system32\appidapi.dll
2014-10-14 17:18 - 2014-08-18 23:07 - 00032256 _____ (Microsoft Corporation) C:\Windows\system32\appidsvc.dll
2014-10-14 17:18 - 2014-08-18 22:41 - 00050688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\appidapi.dll
2014-10-14 17:18 - 2014-08-18 22:06 - 00061440 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\appid.sys
2014-10-14 17:18 - 2014-07-06 22:07 - 14632960 _____ (Microsoft Corporation) C:\Windows\system32\wmp.dll
2014-10-14 17:18 - 2014-07-06 22:07 - 00782848 _____ (Microsoft Corporation) C:\Windows\system32\wmdrmsdk.dll
2014-10-14 17:18 - 2014-07-06 22:07 - 00229376 _____ (Microsoft Corporation) C:\Windows\system32\wintrust.dll
2014-10-14 17:18 - 2014-07-06 22:06 - 05551032 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2014-10-14 17:18 - 2014-07-06 22:06 - 04120576 _____ (Microsoft Corporation) C:\Windows\system32\mf.dll
2014-10-14 17:18 - 2014-07-06 22:06 - 01574400 _____ (Microsoft Corporation) C:\Windows\system32\quartz.dll
2014-10-14 17:18 - 2014-07-06 22:06 - 01480192 _____ (Microsoft Corporation) C:\Windows\system32\crypt32.dll
2014-10-14 17:18 - 2014-07-06 22:06 - 01202176 _____ (Microsoft Corporation) C:\Windows\system32\drmv2clt.dll
2014-10-14 17:18 - 2014-07-06 22:06 - 01069056 _____ (Microsoft Corporation) C:\Windows\system32\cryptui.dll
2014-10-14 17:18 - 2014-07-06 22:06 - 00842240 _____ (Microsoft Corporation) C:\Windows\system32\blackbox.dll
2014-10-14 17:18 - 2014-07-06 22:06 - 00679424 _____ (Microsoft Corporation) C:\Windows\system32\audiosrv.dll
2014-10-14 17:18 - 2014-07-06 22:06 - 00641024 _____ (Microsoft Corporation) C:\Windows\system32\msscp.dll
2014-10-14 17:18 - 2014-07-06 22:06 - 00631808 _____ (Microsoft Corporation) C:\Windows\system32\evr.dll
2014-10-14 17:18 - 2014-07-06 22:06 - 00500224 _____ (Microsoft Corporation) C:\Windows\system32\AUDIOKSE.dll
2014-10-14 17:18 - 2014-07-06 22:06 - 00497664 _____ (Microsoft Corporation) C:\Windows\system32\drmmgrtn.dll
2014-10-14 17:18 - 2014-07-06 22:06 - 00440832 _____ (Microsoft Corporation) C:\Windows\system32\AudioEng.dll
2014-10-14 17:18 - 2014-07-06 22:06 - 00432128 _____ (Microsoft Corporation) C:\Windows\system32\mfplat.dll
2014-10-14 17:18 - 2014-07-06 22:06 - 00325632 _____ (Microsoft Corporation) C:\Windows\system32\msnetobj.dll
2014-10-14 17:18 - 2014-07-06 22:06 - 00296448 _____ (Microsoft Corporation) C:\Windows\system32\AudioSes.dll
2014-10-14 17:18 - 2014-07-06 22:06 - 00284672 _____ (Microsoft Corporation) C:\Windows\system32\EncDump.dll
2014-10-14 17:18 - 2014-07-06 22:06 - 00206848 _____ (Microsoft Corporation) C:\Windows\system32\mfps.dll
2014-10-14 17:18 - 2014-07-06 22:06 - 00188416 _____ (Microsoft Corporation) C:\Windows\system32\pcasvc.dll
2014-10-14 17:18 - 2014-07-06 22:06 - 00187904 _____ (Microsoft Corporation) C:\Windows\system32\cryptsvc.dll
2014-10-14 17:18 - 2014-07-06 22:06 - 00082432 _____ (Microsoft Corporation) C:\Windows\system32\cryptsp.dll
2014-10-14 17:18 - 2014-07-06 22:06 - 00055808 _____ (Microsoft Corporation) C:\Windows\system32\rrinstaller.exe
2014-10-14 17:18 - 2014-07-06 22:06 - 00024576 _____ (Microsoft Corporation) C:\Windows\system32\mfpmp.exe
2014-10-14 17:18 - 2014-07-06 22:05 - 00126464 _____ (Microsoft Corporation) C:\Windows\system32\audiodg.exe
2014-10-14 17:18 - 2014-07-06 21:52 - 00663552 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\PEAuth.sys
2014-10-14 17:18 - 2014-07-06 21:40 - 11411456 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wmp.dll
2014-10-14 17:18 - 2014-07-06 21:40 - 03208704 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mf.dll
2014-10-14 17:18 - 2014-07-06 21:40 - 01329664 _____ (Microsoft Corporation) C:\Windows\SysWOW64\quartz.dll
2014-10-14 17:18 - 2014-07-06 21:40 - 01174528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\crypt32.dll
2014-10-14 17:18 - 2014-07-06 21:40 - 01005056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptui.dll
2014-10-14 17:18 - 2014-07-06 21:40 - 00988160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\drmv2clt.dll
2014-10-14 17:18 - 2014-07-06 21:40 - 00744960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\blackbox.dll
2014-10-14 17:18 - 2014-07-06 21:40 - 00617984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wmdrmsdk.dll
2014-10-14 17:18 - 2014-07-06 21:40 - 00504320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msscp.dll
2014-10-14 17:18 - 2014-07-06 21:40 - 00489984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\evr.dll
2014-10-14 17:18 - 2014-07-06 21:40 - 00442880 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AUDIOKSE.dll
2014-10-14 17:18 - 2014-07-06 21:40 - 00406016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\drmmgrtn.dll
2014-10-14 17:18 - 2014-07-06 21:40 - 00374784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AudioEng.dll
2014-10-14 17:18 - 2014-07-06 21:40 - 00354816 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfplat.dll
2014-10-14 17:18 - 2014-07-06 21:40 - 00265216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msnetobj.dll
2014-10-14 17:18 - 2014-07-06 21:40 - 00195584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AudioSes.dll
2014-10-14 17:18 - 2014-07-06 21:40 - 00179200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wintrust.dll
2014-10-14 17:18 - 2014-07-06 21:40 - 00143872 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptsvc.dll
2014-10-14 17:18 - 2014-07-06 21:40 - 00103424 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfps.dll
2014-10-14 17:18 - 2014-07-06 21:40 - 00081408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptsp.dll
2014-10-14 17:18 - 2014-07-06 21:39 - 03970488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntkrnlpa.exe
2014-10-14 17:18 - 2014-07-06 21:39 - 03914680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntoskrnl.exe
2014-10-14 17:18 - 2014-07-06 21:39 - 00050176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rrinstaller.exe
2014-10-14 17:18 - 2014-07-06 21:39 - 00023040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfpmp.exe
2014-10-14 17:18 - 2014-06-27 20:21 - 00619056 _____ (Microsoft Corporation) C:\Windows\system32\winload.exe
2014-10-14 17:18 - 2014-06-27 20:21 - 00532176 _____ (Microsoft Corporation) C:\Windows\system32\winresume.exe
2014-10-14 17:18 - 2014-06-27 20:21 - 00457400 _____ (Microsoft Corporation) C:\Windows\system32\ci.dll
2014-10-14 17:18 - 2014-06-18 18:23 - 01943696 _____ (Microsoft Corporation) C:\Windows\system32\dfshim.dll
2014-10-14 17:18 - 2014-06-18 18:23 - 01131664 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dfshim.dll
2014-10-14 17:18 - 2014-06-18 18:23 - 00156824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mscorier.dll
2014-10-14 17:18 - 2014-06-18 18:23 - 00156312 _____ (Microsoft Corporation) C:\Windows\system32\mscorier.dll
2014-10-14 17:18 - 2014-06-18 18:23 - 00081560 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mscories.dll
2014-10-14 17:18 - 2014-06-18 18:23 - 00073880 _____ (Microsoft Corporation) C:\Windows\system32\mscories.dll
2014-10-14 17:17 - 2014-08-18 23:08 - 00050176 _____ (Microsoft Corporation) C:\Windows\system32\srclient.dll
2014-10-14 17:17 - 2014-08-18 23:07 - 00017920 _____ (Microsoft Corporation) C:\Windows\system32\appidcertstorecheck.exe
2014-10-14 17:17 - 2014-08-18 22:41 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\srclient.dll
2014-10-14 17:17 - 2014-07-06 22:06 - 00009728 _____ (Microsoft Corporation) C:\Windows\system32\spwmp.dll
2014-10-14 17:17 - 2014-07-06 22:06 - 00005120 _____ (Microsoft Corporation) C:\Windows\system32\msdxm.ocx
2014-10-14 17:17 - 2014-07-06 22:06 - 00005120 _____ (Microsoft Corporation) C:\Windows\system32\dxmasf.dll
2014-10-14 17:17 - 2014-07-06 22:05 - 12625920 _____ (Microsoft Corporation) C:\Windows\system32\wmploc.DLL
2014-10-14 17:17 - 2014-07-06 22:02 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\mferror.dll
2014-10-14 17:17 - 2014-07-06 21:40 - 00008192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\spwmp.dll
2014-10-14 17:17 - 2014-07-06 21:40 - 00004096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msdxm.ocx
2014-10-14 17:17 - 2014-07-06 21:40 - 00004096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxmasf.dll
2014-10-14 17:17 - 2014-07-06 21:39 - 12625408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wmploc.DLL
2014-10-14 17:17 - 2014-07-06 21:37 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mferror.dll
2014-10-14 17:16 - 2014-09-17 22:00 - 03241472 _____ (Microsoft Corporation) C:\Windows\system32\msi.dll
2014-10-14 17:16 - 2014-09-17 21:32 - 02363904 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msi.dll
2014-10-14 17:14 - 2014-10-06 22:54 - 00378552 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2014-10-14 17:14 - 2014-10-06 22:04 - 00331448 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2014-10-14 17:14 - 2014-09-25 18:50 - 13619200 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2014-10-14 17:14 - 2014-09-25 18:46 - 00365056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2014-10-14 17:14 - 2014-09-25 18:46 - 00243200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2014-10-14 17:14 - 2014-09-25 18:46 - 00069632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2014-10-14 17:14 - 2014-09-25 18:43 - 11807232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2014-10-14 17:14 - 2014-09-25 18:32 - 02017280 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2014-10-14 17:14 - 2014-09-25 18:31 - 02108416 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2014-10-14 17:14 - 2014-09-18 22:25 - 23631360 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-10-14 17:14 - 2014-09-18 21:56 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-10-14 17:14 - 2014-09-18 21:55 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2014-10-14 17:14 - 2014-09-18 21:44 - 17484800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2014-10-14 17:14 - 2014-09-18 21:41 - 02796032 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2014-10-14 17:14 - 2014-09-18 21:40 - 00547328 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2014-10-14 17:14 - 2014-09-18 21:40 - 00066048 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2014-10-14 17:14 - 2014-09-18 21:39 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2014-10-14 17:14 - 2014-09-18 21:38 - 00083968 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2014-10-14 17:14 - 2014-09-18 21:36 - 05829632 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2014-10-14 17:14 - 2014-09-18 21:31 - 00051200 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2014-10-14 17:14 - 2014-09-18 21:30 - 00033792 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2014-10-14 17:14 - 2014-09-18 21:27 - 00595968 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2014-10-14 17:14 - 2014-09-18 21:26 - 00139264 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2014-10-14 17:14 - 2014-09-18 21:25 - 04201472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2014-10-14 17:14 - 2014-09-18 21:25 - 00758272 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2014-10-14 17:14 - 2014-09-18 21:25 - 00111616 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2014-10-14 17:14 - 2014-09-18 21:18 - 00940032 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2014-10-14 17:14 - 2014-09-18 21:14 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2014-10-14 17:14 - 2014-09-18 21:14 - 00446464 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2014-10-14 17:14 - 2014-09-18 21:06 - 00072704 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2014-10-14 17:14 - 2014-09-18 21:02 - 00454656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2014-10-14 17:14 - 2014-09-18 21:01 - 00195584 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2014-10-14 17:14 - 2014-09-18 21:01 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2014-10-14 17:14 - 2014-09-18 21:01 - 00051200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2014-10-14 17:14 - 2014-09-18 21:00 - 00085504 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2014-10-14 17:14 - 2014-09-18 20:59 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2014-10-14 17:14 - 2014-09-18 20:58 - 00289280 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2014-10-14 17:14 - 2014-09-18 20:55 - 02187264 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2014-10-14 17:14 - 2014-09-18 20:54 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2014-10-14 17:14 - 2014-09-18 20:53 - 00032768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2014-10-14 17:14 - 2014-09-18 20:51 - 00440320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2014-10-14 17:14 - 2014-09-18 20:50 - 00112128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2014-10-14 17:14 - 2014-09-18 20:49 - 00597504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2014-10-14 17:14 - 2014-09-18 20:42 - 00731136 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2014-10-14 17:14 - 2014-09-18 20:42 - 00710656 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2014-10-14 17:14 - 2014-09-18 20:40 - 01249280 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2014-10-14 17:14 - 2014-09-18 20:36 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2014-10-14 17:14 - 2014-09-18 20:33 - 02309632 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2014-10-14 17:14 - 2014-09-18 20:32 - 00164864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2014-10-14 17:14 - 2014-09-18 20:20 - 00607744 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2014-10-14 17:14 - 2014-09-18 20:18 - 01068032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2014-10-14 17:14 - 2014-09-18 20:14 - 01447936 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2014-10-14 17:14 - 2014-09-18 19:59 - 01810944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2014-10-14 17:14 - 2014-09-18 19:59 - 00775168 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2014-10-14 17:14 - 2014-09-18 19:53 - 01190400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2014-10-14 17:14 - 2014-09-18 19:52 - 00678400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2014-10-14 17:14 - 2014-09-12 21:58 - 00077312 _____ (Microsoft Corporation) C:\Windows\system32\packager.dll
2014-10-14 17:14 - 2014-09-12 21:40 - 00067072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\packager.dll
2014-10-14 17:14 - 2014-07-16 22:07 - 00681984 _____ (Microsoft Corporation) C:\Windows\system32\termsrv.dll
2014-10-14 17:14 - 2014-07-16 22:07 - 00455168 _____ (Microsoft Corporation) C:\Windows\system32\winlogon.exe
2014-10-14 17:14 - 2014-07-16 22:07 - 00235520 _____ (Microsoft Corporation) C:\Windows\system32\winsta.dll
2014-10-14 17:14 - 2014-07-16 22:07 - 00150528 _____ (Microsoft Corporation) C:\Windows\system32\rdpcorekmts.dll
2014-10-14 17:14 - 2014-07-16 22:07 - 00086528 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll
2014-10-14 17:14 - 2014-07-16 22:07 - 00022016 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll
2014-10-14 17:14 - 2014-07-16 21:40 - 00157696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\winsta.dll
2014-10-14 17:14 - 2014-07-16 21:39 - 00065536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSpkg.dll
2014-10-14 17:14 - 2014-07-16 21:39 - 00017408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\credssp.dll
2014-10-14 17:14 - 2014-07-16 21:21 - 00212480 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\rdpwd.sys
2014-10-14 17:14 - 2014-07-16 21:21 - 00039936 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tssecsrv.sys
2014-10-14 17:12 - 2014-10-09 22:05 - 00507392 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll
2014-10-14 17:12 - 2014-10-09 22:05 - 00276480 _____ (Microsoft Corporation) C:\Windows\system32\generaltel.dll
2014-10-14 17:12 - 2014-10-09 22:00 - 00424448 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2014-10-14 17:12 - 2014-08-28 22:07 - 03179520 _____ (Microsoft Corporation) C:\Windows\system32\rdpcorets.dll
2014-10-14 17:10 - 2014-09-28 20:58 - 03198976 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2014-10-14 17:10 - 2014-09-04 22:11 - 06584320 _____ (Microsoft Corporation) C:\Windows\system32\mstscax.dll
2014-10-14 17:10 - 2014-09-04 21:52 - 05703168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mstscax.dll
2014-10-12 14:48 - 2014-10-12 14:48 - 00000000 ____D () C:\Users\Nigel\Documents\Optimizer Pro
2014-10-12 14:45 - 2014-10-17 12:37 - 00000000 ____D () C:\Users\Nigel\Downloads\Software
2014-10-12 14:41 - 2014-10-12 18:46 - 00000000 ____D () C:\Program Files (x86)\globalUpdate
2014-10-12 14:41 - 2014-10-12 14:41 - 00000000 ____D () C:\Users\Nigel\AppData\Local\globalUpdate
2014-10-12 00:14 - 2014-10-12 00:14 - 00000000 ____D () C:\Users\Nigel\Downloads\Foot_Farm
2014-10-11 17:53 - 2014-10-16 19:02 - 00000000 ____D () C:\Program Files\Reimage
2014-10-11 17:52 - 2014-10-17 08:42 - 00000165 _____ () C:\Windows\Reimage.ini
2014-10-10 10:45 - 2014-10-10 10:46 - 191527745 _____ () C:\Users\Nigel\Downloads\Armageddon.mp4
2014-10-10 10:42 - 2014-10-10 10:46 - 00000000 ____D () C:\ProgramData\VideoDownloaderUltimateWinApp
2014-10-10 10:42 - 2014-10-10 10:42 - 00000934 _____ () C:\Users\Nigel\Desktop\Video Downloader Ultimate.lnk
2014-10-10 10:41 - 2014-10-10 10:41 - 01562232 _____ (Link64 GmbH) C:\Users\Nigel\Downloads\VideoDownloaderUltimate_winapp_installer.exe
2014-10-04 11:31 - 2014-10-04 11:31 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iCloud
2014-10-01 07:11 - 2014-09-24 22:08 - 00371712 _____ (Microsoft Corporation) C:\Windows\system32\qdvd.dll
2014-10-01 07:11 - 2014-09-24 21:40 - 00519680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\qdvd.dll
2014-09-29 11:51 - 2014-09-29 11:51 - 00000000 ____D () C:\Users\Nigel\AppData\Local\DDMSettings
2014-09-26 01:13 - 2014-09-26 01:35 - 00000000 ____D () C:\Users\Nigel\AppData\Local\pangu
2014-09-26 00:57 - 2014-09-26 00:58 - 35796928 _____ () C:\Users\Nigel\Downloads\Pangu_v1.2.1.exe
2014-09-24 12:44 - 2014-09-04 15:14 - 00038048 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvvad64v.sys
2014-09-24 12:44 - 2014-09-04 15:14 - 00032416 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvaudcap32v.dll
2014-09-24 07:28 - 2014-09-09 18:11 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\tzres.dll
2014-09-24 07:28 - 2014-09-09 17:47 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tzres.dll
2014-09-22 12:28 - 2014-09-22 12:28 - 00000823 _____ () C:\Users\Nigel\Desktop\µTorrent.lnk
2014-09-22 12:22 - 2014-10-18 11:46 - 00000000 ____D () C:\Users\Nigel\AppData\Roaming\uTorrent
2014-09-22 12:14 - 2014-10-19 00:14 - 00073728 _____ () C:\Windows\SysWOW64\tasks.dll
2014-09-22 06:05 - 2014-09-22 06:05 - 00003350 _____ () C:\Windows\System32\Tasks\Eakona Update
2014-09-22 05:33 - 2014-09-22 05:35 - 00000000 ____D () C:\ProgramData\7326f70cff8ae1e5
2014-09-22 05:32 - 2014-10-17 13:00 - 00000000 ____D () C:\Users\Administrator
2014-09-22 05:32 - 2014-09-22 05:32 - 00000000 ____D () C:\Users\Nigel\AppData\Local\Comodo
2014-09-22 05:32 - 2014-09-22 05:32 - 00000000 ____D () C:\Users\Nigel\AppData\Local\Chromatic Browser
2014-09-22 05:32 - 2014-09-22 05:32 - 00000000 ____D () C:\Users\Guest\AppData\Local\Torch
2014-09-22 05:32 - 2014-09-22 05:32 - 00000000 ____D () C:\Users\Guest\AppData\Local\Comodo
2014-09-22 05:32 - 2014-09-22 05:32 - 00000000 ____D () C:\Users\Guest\AppData\Local\Chromatic Browser
2014-09-22 05:32 - 2014-09-22 05:32 - 00000000 ____D () C:\Users\fbwuser\AppData\Local\Torch
2014-09-22 05:32 - 2014-09-22 05:32 - 00000000 ____D () C:\Users\fbwuser\AppData\Local\Google
2014-09-22 05:32 - 2014-09-22 05:32 - 00000000 ____D () C:\Users\fbwuser\AppData\Local\Comodo
2014-09-22 05:32 - 2014-09-22 05:32 - 00000000 ____D () C:\Users\fbwuser\AppData\Local\Chromatic Browser
2014-09-22 05:32 - 2014-09-22 05:32 - 00000000 ____D () C:\Users\Administrator\AppData\Local\Torch
2014-09-22 05:32 - 2014-09-22 05:32 - 00000000 ____D () C:\Users\Administrator\AppData\Local\Google
2014-09-22 05:32 - 2014-09-22 05:32 - 00000000 ____D () C:\Users\Administrator\AppData\Local\Comodo
2014-09-22 05:32 - 2014-09-22 05:32 - 00000000 ____D () C:\Users\Administrator\AppData\Local\Chromatic Browser
2014-09-22 05:17 - 2014-09-22 05:20 - 00450352 _____ (Microsoft Corporation) C:\Users\Nigel\Downloads\FixitCenter_Run.exe
2014-09-20 12:50 - 2014-10-19 00:04 - 00002960 _____ () C:\Windows\System32\Tasks\ReclaimerUpdateFiles_Nigel
2014-09-20 12:50 - 2014-10-19 00:04 - 00000370 _____ () C:\Windows\Tasks\ReclaimerUpdateFiles_Nigel.job
2014-09-20 12:50 - 2014-10-18 13:14 - 00002956 _____ () C:\Windows\System32\Tasks\ReclaimerUpdateXML_Nigel
2014-09-20 12:50 - 2014-10-18 13:14 - 00000366 _____ () C:\Windows\Tasks\ReclaimerUpdateXML_Nigel.job
2014-09-20 12:50 - 2014-10-04 09:09 - 00000376 _____ () C:\Windows\Tasks\RNUpgradeHelperLogonPrompt_Nigel.job
2014-09-20 12:50 - 2014-10-04 08:45 - 00002666 _____ () C:\Windows\System32\Tasks\RNUpgradeHelperLogonPrompt_Nigel
2014-09-20 12:50 - 2014-09-20 12:50 - 00003612 _____ () C:\Windows\System32\Tasks\RNUpgradeHelperResumePrompt_Nigel
2014-09-20 10:17 - 2014-09-20 10:17 - 00003172 _____ () C:\Windows\System32\Tasks\Csb_IdleScan_Task
 
==================== One Month Modified Files and Folders =======
 
(If an entry is included in the fixlist, the file\folder will be moved.)
 
2014-10-18 23:39 - 2013-09-29 15:40 - 00000908 _____ () C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-425073729-1472267466-4260431720-1000UA.job
2014-10-18 23:33 - 2013-02-27 22:11 - 00000830 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2014-10-18 23:31 - 2013-02-28 03:11 - 00000896 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2014-10-18 23:10 - 2013-10-14 23:38 - 00000000 ____D () C:\Users\Nigel\AppData\Local\204F97F3-3D38-41EE-A1A9-FA8BE5878D8B.aplzod
2014-10-18 23:10 - 2013-02-27 19:24 - 00000000 ____D () C:\Users\Nigel\AppData\Roaming\Apple Computer
2014-10-18 23:10 - 2013-02-20 22:07 - 00000000 ____D () C:\Users\Nigel
2014-10-18 22:59 - 2014-06-09 02:51 - 00129752 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2014-10-18 17:39 - 2013-09-29 15:40 - 00000856 _____ () C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-425073729-1472267466-4260431720-1000Core.job
2014-10-18 15:36 - 2014-09-13 00:16 - 00003300 _____ () C:\Windows\System32\Tasks\Chrome Launcher
2014-10-18 15:29 - 2013-02-21 01:01 - 02046805 _____ () C:\Windows\WindowsUpdate.log
2014-10-18 11:46 - 2014-05-21 11:46 - 00000258 _____ () C:\Windows\Tasks\CCleanerClean.job
2014-10-18 11:46 - 2013-03-01 02:36 - 00000000 ____D () C:\ProgramData\BlueStacksSetup
2014-10-18 03:33 - 2009-07-13 23:20 - 00000000 ____D () C:\Windows\AppCompat
2014-10-18 02:00 - 2013-09-28 13:55 - 00000000 ____D () C:\Users\Nigel\AppData\Local\Adobe
2014-10-17 16:59 - 2013-05-29 22:37 - 00000000 ____D () C:\Users\Nigel\AppData\Roaming\vlc
2014-10-17 15:18 - 2014-06-09 02:48 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
2014-10-17 15:18 - 2014-06-09 02:48 - 00000000 ____D () C:\Program Files (x86)\Malwarebytes Anti-Malware
2014-10-17 13:59 - 2009-07-14 00:45 - 00026768 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-10-17 13:59 - 2009-07-14 00:45 - 00026768 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-10-17 13:50 - 2009-07-13 23:20 - 00000000 ____D () C:\Windows\system32\inetsrv
2014-10-17 13:49 - 2014-05-17 10:54 - 00000000 ____D () C:\ProgramData\TorchCrashHandler
2014-10-17 13:47 - 2009-07-14 01:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-10-17 13:46 - 2013-03-19 17:06 - 00000000 ____D () C:\ProgramData\NVIDIA
2014-10-17 12:04 - 2013-04-22 19:16 - 00000000 ____D () C:\Windows\Minidump
2014-10-17 09:05 - 2014-09-16 14:05 - 00000829 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Total Uninstall 6.lnk
2014-10-17 09:05 - 2014-09-16 14:05 - 00000000 ____D () C:\Program Files\Total Uninstall 6
2014-10-16 16:56 - 2013-03-01 15:33 - 00847994 _____ () C:\Windows\system32\perfh019.dat
2014-10-16 16:56 - 2013-03-01 15:33 - 00204178 _____ () C:\Windows\system32\perfc019.dat
2014-10-16 16:56 - 2013-03-01 15:09 - 00787002 _____ () C:\Windows\system32\perfh005.dat
2014-10-16 16:56 - 2013-03-01 15:09 - 00195964 _____ () C:\Windows\system32\perfc005.dat
2014-10-16 16:56 - 2009-07-14 01:13 - 02972908 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-10-16 15:18 - 2013-07-13 02:52 - 00000000 ____D () C:\Users\Nigel\AppData\Local\CrashDumps
2014-10-16 00:43 - 2014-05-22 12:07 - 00000000 ____D () C:\Users\Nigel\Desktop\Miscel
2014-10-14 21:24 - 2014-04-23 06:02 - 00000000 ___SD () C:\Windows\system32\CompatTel
2014-10-14 21:24 - 2009-07-13 23:20 - 00000000 ____D () C:\Windows\SysWOW64\lv-LV
2014-10-14 21:24 - 2009-07-13 23:20 - 00000000 ____D () C:\Windows\SysWOW64\Dism
2014-10-14 21:24 - 2009-07-13 23:20 - 00000000 ____D () C:\Windows\system32\lv-LV
2014-10-14 21:24 - 2009-07-13 23:20 - 00000000 ____D () C:\Windows\system32\Dism
2014-10-14 19:14 - 2013-12-13 17:25 - 00000000 ____D () C:\Users\DefaultAppPool
2014-10-14 19:14 - 2013-12-11 04:29 - 00000000 ____D () C:\Users\Classic .NET AppPool
2014-10-14 18:23 - 2013-03-01 23:36 - 00000000 ____D () C:\ProgramData\Microsoft Help
2014-10-14 18:05 - 2013-07-13 02:28 - 00000000 ____D () C:\Windows\system32\MRT
2014-10-14 17:22 - 2013-02-27 17:35 - 103265616 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2014-10-14 15:35 - 2013-03-01 18:15 - 00000000 ____D () C:\Users\Guest
2014-10-14 15:20 - 2014-08-20 02:49 - 00000000 ____D () C:\Users\Nigel\AppData\Local\WinZip
2014-10-14 15:20 - 2014-07-21 23:19 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome
2014-10-14 15:20 - 2009-07-13 23:20 - 00000000 ____D () C:\Windows\system32\Msdtc
2014-10-14 15:20 - 2009-07-13 23:20 - 00000000 ____D () C:\Windows\registration
2014-10-08 14:40 - 2009-07-13 23:20 - 00000000 ____D () C:\Windows\system32\NDF
2014-10-06 20:20 - 2009-07-13 23:20 - 00000000 ____D () C:\Windows\L2Schemas
2014-10-05 00:14 - 2014-06-09 01:35 - 00000000 ____D () C:\Program Files (x86)\GetPrivate
2014-10-04 08:09 - 2013-09-07 04:38 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Revo Uninstaller Pro
2014-10-02 12:45 - 2013-09-20 20:09 - 00000000 ___HD () C:\Windows\msdownld.tmp
2014-10-02 12:45 - 2011-04-12 04:28 - 00000000 ____D () C:\Windows\ShellNew
2014-10-02 12:05 - 2014-05-21 22:28 - 00002485 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Acrobat XI Pro.lnk
2014-10-02 12:05 - 2014-05-21 22:28 - 00002200 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe FormsCentral.lnk
2014-10-02 12:05 - 2014-05-21 22:28 - 00002021 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Acrobat Distiller XI.lnk
2014-10-02 02:19 - 2013-04-20 01:19 - 00000000 ____D () C:\Users\Nigel\AppData\Roaming\dvdcss
2014-10-01 11:11 - 2014-06-09 02:48 - 00093400 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys
2014-10-01 11:11 - 2014-06-09 02:48 - 00063704 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys
2014-10-01 11:11 - 2013-12-11 13:28 - 00025816 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys
2014-09-24 12:45 - 2013-03-19 17:04 - 00000000 ____D () C:\Program Files\NVIDIA Corporation
2014-09-24 04:33 - 2013-02-27 22:11 - 00701104 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2014-09-24 04:33 - 2013-02-27 22:11 - 00071344 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2014-09-24 04:33 - 2013-02-27 22:11 - 00003768 _____ () C:\Windows\System32\Tasks\Adobe Flash Player Updater
2014-09-22 05:32 - 2014-07-12 21:30 - 00000990 __RSH () C:\ProgramData\ntuser.pol
2014-09-22 05:32 - 2013-03-01 18:17 - 00000000 ____D () C:\Users\Guest\AppData\Local\Google
2014-09-22 05:32 - 2013-02-28 03:11 - 00000000 ____D () C:\Users\Nigel\AppData\Local\Google
2014-09-22 05:32 - 2013-02-28 03:11 - 00000000 ____D () C:\Program Files (x86)\Google
2014-09-22 02:42 - 2010-11-20 23:27 - 00278152 ____N (Microsoft Corporation) C:\Windows\system32\MpSigStub.exe
2014-09-22 00:14 - 2014-05-22 04:24 - 00003476 _____ () C:\Windows\System32\Tasks\GPUpdateCheck
 
Some content of TEMP:
====================
C:\Users\Nigel\AppData\Local\Temp\GPUpd54433B021.exe
C:\Users\Nigel\AppData\Local\Temp\upwhpipm.mwl.exe
C:\Users\Nigel\AppData\Local\Temp\vlc-2.1.5-win32.exe
 
 
==================== Bamital & volsnap Check =================
 
(There is no automatic fix for files that do not pass verification.)
 
C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed
 
 
LastRegBack: 2014-10-16 21:17
 
==================== End Of Log ============================
 
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 18-10-2014 01
Ran by Nigel at 2014-10-19 00:22:23
Running from C:\Users\Nigel\Downloads
Boot Mode: Normal
==========================================================
 
 
==================== Security Center ========================
 
(If an entry is included in the fixlist, it will be removed.)
 
AV: Microsoft Security Essentials (Enabled - Up to date) {4F35CFC4-45A3-FC37-EF17-759A02E39AB1}
AS: Microsoft Security Essentials (Enabled - Up to date) {F4542E20-6399-F3B9-D5A7-4EE87964D00C}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: IObit Malware Fighter (Disabled - Up to date) {A751AC20-3B48-5237-898A-78C4436BB78D}
 
==================== Installed Programs ======================
 
(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
 
µTorrent (HKCU\...\uTorrent) (Version: 3.4.2.34309 - BitTorrent Inc.)
Adobe Acrobat XI Pro (HKLM-x32\...\{AC76BA86-1033-FFFF-7760-000000000006}) (Version: 11.0.09 - Adobe Systems)
Adobe AIR (x32 Version: 3.4.0.2710 - Adobe Systems Incorporated) Hidden
Adobe Bridge CC (64 Bit) (HKLM-x32\...\{359F8007-6486-429C-A8C5-D67F6897C88C}) (Version: 6.0 - Adobe Systems Incorporated)
Adobe Community Help (x32 Version: 3.4.980 - Adobe Systems Incorporated.) Hidden
Adobe Creative Cloud (HKLM-x32\...\Adobe Creative Cloud) (Version: 2.5.1.369 - Adobe Systems Incorporated)
Adobe Exchange Panel (HKLM-x32\...\{41A12FFC-89E9-4743-A51E-00975CA31F40}) (Version: 1 - Adobe Systems Incorporated)
Adobe Flash Player 15 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 15.0.0.167 - Adobe Systems Incorporated)
Adobe Flash Player 15 Plugin (HKLM-x32\...\Adobe Flash Player Plugin) (Version: 15.0.0.152 - Adobe Systems Incorporated)
Adobe Photoshop CS5.1 (HKLM-x32\...\{9158FF30-78D7-40EF-B83E-451AC5334640}) (Version: 12.1 - Adobe Systems Incorporated)
Adobe Touch App Plugins (HKLM-x32\...\{1EC083EE-5B76-4A2A-B95A-CAF460AA29D6}) (Version: 1.0 - Adobe Systems Incorporated)
AMD APP SDK Runtime (Version: 10.0.938.2 - Advanced Micro Devices Inc.) Hidden
AMD Catalyst Control Center (x32 Version: 2013.0830.1944.33589 - Advanced Micro Devices, Inc.) Hidden
AMD Catalyst Install Manager (HKLM\...\{13351E83-6DCD-4E97-2A8C-5D496259A47F}) (Version: 8.0.915.0 - Advanced Micro Devices, Inc.)
AMD Drag and Drop Transcoding (Version: 2.00.0000 - Advanced Micro Devices, Inc.) Hidden
AMD Fuel (Version: 2013.0830.1944.33589 - Advanced Micro Devices, Inc.) Hidden
AMD Media Foundation Decoders (Version: 1.0.71116.1554 - Advanced Micro Devices, Inc.) Hidden
Apple Application Support (HKLM-x32\...\{78002155-F025-4070-85B3-7C0453561701}) (Version: 3.0.6 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{B678797F-DF38-4556-8A31-8B818E261868}) (Version: 8.0.0.23 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)
Bing Bar (HKLM-x32\...\{D322A9E3-758B-4D60-A7C4-65C88FD378D0}) (Version: 7.2.241.0 - Microsoft Corporation)
Bing Desktop (HKLM-x32\...\{7D095455-D971-4D4C-9EFD-9AF6A6584F3A}) (Version: 1.1.166.0 - Microsoft Corporation)
BlueStacks App Player (HKLM-x32\...\BlueStacks App Player) (Version: 0.7.8.829 - BlueStack Systems, Inc.)
Bonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 - Apple Inc.)
Canon Easy-WebPrint EX (HKLM-x32\...\Easy-WebPrint EX) (Version: 1.3.5.0 - Canon Inc.)
Canon MG2100 series MP Drivers (HKLM\...\{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_MG2100_series) (Version:  - Canon Inc.)
Canon MG2100 series On-screen Manual (HKLM-x32\...\Canon MG2100 series On-screen Manual) (Version:  - )
Canon MG2100 series User Registration (HKLM-x32\...\Canon MG2100 series User Registration) (Version:  - )
Canon MP Navigator EX 5.0 (HKLM-x32\...\MP Navigator EX 5.0) (Version:  - )
Canon My Image Garden (HKLM-x32\...\Canon My Image Garden) (Version: 2.0.1 - Canon Inc.)
Canon My Image Garden Design Files (HKLM-x32\...\Canon My Image Garden Design Files) (Version: 2.0.0 - Canon Inc.)
Canon My Printer (HKLM-x32\...\CanonMyPrinter) (Version: 3.1.0 - Canon Inc.)
Canon Solution Menu EX (HKLM-x32\...\CanonSolutionMenuEX) (Version:  - )
Catalyst Control Center - Branding (x32 Version: 1.00.0000 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center - Branding (x32 Version: 1.00.0000 - ATI) Hidden
Catalyst Control Center Core Implementation (x32 Version: 2009.0702.1239.20840 - ATI) Hidden
Catalyst Control Center Graphics Full Existing (x32 Version: 2009.0702.1239.20840 - ATI) Hidden
Catalyst Control Center Graphics Full New (x32 Version: 2009.0702.1239.20840 - ATI) Hidden
Catalyst Control Center Graphics Light (x32 Version: 2009.0702.1239.20840 - ATI) Hidden
Catalyst Control Center Graphics Previews Common (x32 Version: 2013.0830.1944.33589 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Graphics Previews Vista (x32 Version: 2009.0702.1239.20840 - ATI) Hidden
Catalyst Control Center InstallProxy (x32 Version: 2012.0704.2139.36919 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center InstallProxy (x32 Version: 2013.0830.1944.33589 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Localization All (x32 Version: 2009.0702.1239.20840 - ATI) Hidden
Catalyst Control Center Localization All (x32 Version: 2013.0830.1944.33589 - Advanced Micro Devices, Inc.) Hidden
CCC Help Chinese Standard (x32 Version: 2009.0702.1238.20840 - ATI) Hidden
CCC Help Chinese Standard (x32 Version: 2013.0830.1943.33589 - Advanced Micro Devices, Inc.) Hidden
CCC Help Chinese Traditional (x32 Version: 2009.0702.1238.20840 - ATI) Hidden
CCC Help Chinese Traditional (x32 Version: 2013.0830.1943.33589 - Advanced Micro Devices, Inc.) Hidden
CCC Help Czech (x32 Version: 2009.0702.1238.20840 - ATI) Hidden
CCC Help Czech (x32 Version: 2013.0830.1943.33589 - Advanced Micro Devices, Inc.) Hidden
CCC Help Danish (x32 Version: 2009.0702.1238.20840 - ATI) Hidden
CCC Help Danish (x32 Version: 2013.0830.1943.33589 - Advanced Micro Devices, Inc.) Hidden
CCC Help Dutch (x32 Version: 2009.0702.1238.20840 - ATI) Hidden
CCC Help Dutch (x32 Version: 2013.0830.1943.33589 - Advanced Micro Devices, Inc.) Hidden
CCC Help English (x32 Version: 2009.0702.1238.20840 - ATI) Hidden
CCC Help English (x32 Version: 2013.0830.1943.33589 - Advanced Micro Devices, Inc.) Hidden
CCC Help Finnish (x32 Version: 2009.0702.1238.20840 - ATI) Hidden
CCC Help Finnish (x32 Version: 2013.0830.1943.33589 - Advanced Micro Devices, Inc.) Hidden
CCC Help French (x32 Version: 2009.0702.1238.20840 - ATI) Hidden
CCC Help French (x32 Version: 2013.0830.1943.33589 - Advanced Micro Devices, Inc.) Hidden
CCC Help German (x32 Version: 2009.0702.1238.20840 - ATI) Hidden
CCC Help German (x32 Version: 2013.0830.1943.33589 - Advanced Micro Devices, Inc.) Hidden
CCC Help Greek (x32 Version: 2009.0702.1238.20840 - ATI) Hidden
CCC Help Greek (x32 Version: 2013.0830.1943.33589 - Advanced Micro Devices, Inc.) Hidden
CCC Help Hungarian (x32 Version: 2009.0702.1238.20840 - ATI) Hidden
CCC Help Hungarian (x32 Version: 2013.0830.1943.33589 - Advanced Micro Devices, Inc.) Hidden
CCC Help Italian (x32 Version: 2009.0702.1238.20840 - ATI) Hidden
CCC Help Italian (x32 Version: 2013.0830.1943.33589 - Advanced Micro Devices, Inc.) Hidden
CCC Help Japanese (x32 Version: 2009.0702.1238.20840 - ATI) Hidden
CCC Help Japanese (x32 Version: 2013.0830.1943.33589 - Advanced Micro Devices, Inc.) Hidden
CCC Help Korean (x32 Version: 2009.0702.1238.20840 - ATI) Hidden
CCC Help Korean (x32 Version: 2013.0830.1943.33589 - Advanced Micro Devices, Inc.) Hidden
CCC Help Norwegian (x32 Version: 2009.0702.1238.20840 - ATI) Hidden
CCC Help Norwegian (x32 Version: 2013.0830.1943.33589 - Advanced Micro Devices, Inc.) Hidden
CCC Help Polish (x32 Version: 2009.0702.1238.20840 - ATI) Hidden
CCC Help Polish (x32 Version: 2013.0830.1943.33589 - Advanced Micro Devices, Inc.) Hidden
CCC Help Portuguese (x32 Version: 2009.0702.1238.20840 - ATI) Hidden
CCC Help Portuguese (x32 Version: 2013.0830.1943.33589 - Advanced Micro Devices, Inc.) Hidden
CCC Help Russian (x32 Version: 2009.0702.1238.20840 - ATI) Hidden
CCC Help Russian (x32 Version: 2013.0830.1943.33589 - Advanced Micro Devices, Inc.) Hidden
CCC Help Spanish (x32 Version: 2009.0702.1238.20840 - ATI) Hidden
CCC Help Spanish (x32 Version: 2013.0830.1943.33589 - Advanced Micro Devices, Inc.) Hidden
CCC Help Swedish (x32 Version: 2009.0702.1238.20840 - ATI) Hidden
CCC Help Swedish (x32 Version: 2013.0830.1943.33589 - Advanced Micro Devices, Inc.) Hidden
CCC Help Thai (x32 Version: 2009.0702.1238.20840 - ATI) Hidden
CCC Help Thai (x32 Version: 2013.0830.1943.33589 - Advanced Micro Devices, Inc.) Hidden
CCC Help Turkish (x32 Version: 2009.0702.1238.20840 - ATI) Hidden
CCC Help Turkish (x32 Version: 2013.0830.1943.33589 - Advanced Micro Devices, Inc.) Hidden
ccc-core-static (x32 Version: 2009.0702.1239.20840 - ATI) Hidden
ccc-utility64 (Version: 2009.0702.1239.20840 - ATI) Hidden
ccc-utility64 (Version: 2013.0830.1944.33589 - Advanced Micro Devices, Inc.) Hidden
CCleaner (HKLM\...\CCleaner) (Version: 4.18 - Piriform)
Cisco EAP-FAST Module (HKLM-x32\...\{64BF0187-F3D2-498B-99EA-163AF9AE6EC9}) (Version: 2.2.14 - Cisco Systems, Inc.)
Cisco LEAP Module (HKLM-x32\...\{51C7AD07-C3F6-4635-8E8A-231306D810FE}) (Version: 1.0.19 - Cisco Systems, Inc.)
Cisco PEAP Module (HKLM-x32\...\{ED5776D5-59B4-46B7-AF81-5F2D94D7C640}) (Version: 1.1.6 - Cisco Systems, Inc.)
Cloud System Booster (HKLM-x32\...\Cloud System Booster) (Version: 3.5 - Anvisoft)
DC-Bass Source 1.3.0 (HKLM-x32\...\DC-Bass Source) (Version:  - )
Definition Update for Microsoft Office 2010 (KB982726) 64-Bit Edition (HKLM\...\{90140000-0011-0000-1000-0000000FF1CE}_Office14.PROPLUS_{42CBCE27-DE9B-4094-B9EB-D4C4C135FFA8}) (Version:  - Microsoft)
DirectVobSub 2.40.4209 (HKLM-x32\...\vsfilter_is1) (Version: 2.40.4209 - MPC-HC Team)
DivX Setup (HKLM-x32\...\DivX Setup) (Version: 2.6.3.52 - DivX, LLC)
DMG Extractor (HKCU\...\DMG Extractor) (Version: 1.2.3.0 - Reincubate Ltd)
Driver Booster (HKLM-x32\...\Driver Booster_is1) (Version: 1.5 - IObit)
ffdshow v1.1.4399 [2012-03-22] (HKLM-x32\...\ffdshow_is1) (Version: 1.1.4399.0 - )
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 37.0.2062.103 - Google Inc.)
Google Talk (remove only) (HKCU\...\{226b64e8-dc75-4eea-a6c8-abcb496320f2}-Google Talk) (Version:  - )
Google Talk Plugin (HKLM-x32\...\{217CEB43-6D22-3E1F-A311-DC0D7BFEE0A2}) (Version: 5.4.1.18709 - Google)
Google Toolbar for Internet Explorer (HKLM-x32\...\{2318C2B1-4965-11d4-9B18-009027A5CD4F}) (Version: 7.5.5111.1712 - Google Inc.)
Google Toolbar for Internet Explorer (x32 Version: 1.0.0 - Google Inc.) Hidden
Google Update Helper (x32 Version: 1.3.24.15 - Google Inc.) Hidden
iCloud (HKLM\...\{6096C0CC-7E19-4355-87F0-627EC5AA146D}) (Version: 4.0.3.56 - Apple Inc.)
ImTOO iPhone Photo Transfer (HKLM-x32\...\ImTOO iPhone Photo Transfer) (Version: 1.1.4.20131114 - ImTOO)
ImTOO iPhone SMS Backup (HKLM-x32\...\ImTOO iPhone SMS Backup) (Version: 1.0.13.20140211 - ImTOO)
IObit Apps Toolbar v8.3 (HKLM-x32\...\{B14D51F5-F44F-4D77-86D0-777D6CB6C235}) (Version: 8.3 - Spigot, Inc.) <==== ATTENTION
IObit Malware Fighter (HKLM-x32\...\IObit Malware Fighter_is1) (Version: 2.4 - IObit)
iPhone Backup Extractor (HKCU\...\iPhone Backup Extractor) (Version: 4.6.6.0 - Reincubate Ltd)
iPhoneBrowser (HKLM-x32\...\{C1FCDCA1-2759-4E5E-84EE-3A665BB2F513}) (Version: 1.9.3 - Cranium Consulting and Custom Software)
iTunes (HKLM\...\{F46AA0F1-E284-4878-A462-5F11B9166C0E}) (Version: 11.4.0.18 - Apple Inc.)
Java 7 Update 67 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F03217067FF}) (Version: 7.0.670 - Oracle)
Java Auto Updater (x32 Version: 2.1.9.0 - Sun Microsystems, Inc.) Hidden
JMicron 1394 Filter Driver (HKLM-x32\...\{13C96625-28E4-4c58-ADE0-CDAFC64752EB}) (Version: 1.00.25.03 - JMicron Technology Corp.)
Lagarith Lossless Codec (1.3.27) (HKLM-x32\...\{F59AC46C-10C3-4023-882C-4212A92283B3}_is1) (Version:  - )
LAME v3.99.3 (for Windows) (HKLM-x32\...\LAME_is1) (Version:  - )
Malwarebytes Anti-Malware version 2.0.3.1025 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.0.3.1025 - Malwarebytes Corporation)
Marvell Miniport Driver (HKLM-x32\...\Marvell Miniport Driver) (Version: 12.10.14.3 - Marvell)
Microsoft .NET Framework 4.5.1 (CSY) (Version: 4.5.50938 - Microsoft Corporation) Hidden
Microsoft .NET Framework 4.5.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 (RUS) (Version: 4.5.50938 - Корпорация Майкрософт) Hidden
Microsoft .NET Framework 4.5.1 (Version: 4.5.50938 - Microsoft Corporation) Hidden
Microsoft ASP.NET MVC 4 Runtime (HKLM-x32\...\{3FE312D5-B862-40CE-8E4E-A6D8ABF62736}) (Version: 4.0.40804.0 - Microsoft Corporation)
Microsoft Mouse and Keyboard Center (HKLM\...\Microsoft Mouse and Keyboard Center) (Version: 2.1.177.0 - Microsoft Corporation)
Microsoft Mouse and Keyboard Center (Version: 2.1.177.0 - Microsoft Corporation) Hidden
Microsoft Office Access MUI (English) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Access Setup Metadata MUI (English) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Excel MUI (English) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Groove MUI (English) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office InfoPath MUI (English) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Language Pack 2010 - English (HKLM\...\Office14.OMUI.en-us) (Version: 14.0.7015.1000 - Microsoft Corporation)
Microsoft Office O MUI (English) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Office 32-bit Components 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office OneNote MUI (English) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Outlook MUI (English) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office PowerPoint MUI (English) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Professional Plus 2010 (HKLM\...\Office14.PROPLUS) (Version: 14.0.7015.1000 - Microsoft Corporation)
Microsoft Office Professional Plus 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (English) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (French) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (Spanish) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Proofing (English) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Publisher MUI (English) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared 32-bit MUI (English) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared MUI (English) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared Setup Metadata MUI (English) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office SharePoint Designer MUI (English) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Word MUI (English) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office X MUI (English) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Security Client (Version: 4.6.0305.0 - Microsoft Corporation) Hidden
Microsoft Security Essentials (HKLM\...\Microsoft Security Client) (Version: 4.6.305.0 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.30514.0 - Microsoft Corporation)
Microsoft Silverlight 5 Toolkit December 2011 (HKLM-x32\...\{EC35EE8E-87D1-4E3E-B5CC-D8B1544615F5}) (Version: 5.0.51209.1124 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{071c9b48-7c32-4621-a0ac-3f809523288f}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.30319 (HKLM\...\{DA5E371C-6333-3D8A-93A4-6FD5B20BCC6E}) (Version: 10.0.30319 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.50727 (HKLM-x32\...\{15134cb0-b767-4960-a911-f2d16ae54797}) (Version: 11.0.50727.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 x64 Additional Runtime - 11.0.50727 (Version: 11.0.50727 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x64 Minimum Runtime - 11.0.50727 (Version: 11.0.50727 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x86 Additional Runtime - 11.0.61030 (x32 Version: 11.0.61030 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x86 Minimum Runtime - 11.0.61030 (x32 Version: 11.0.61030 - Microsoft Corporation) Hidden
Microsoft Windows Debugging Symbols (HKLM-x32\...\{8DD62FB6-083D-40B9-9D7D-48449FDDDED5}) (Version: 7601 - Microsoft)
Microsoft Windows Debugging Symbols (HKLM-x32\...\{C6DB958A-50CC-481B-9ED8-3BAD236F7B49}) (Version: 7601 - Microsoft)
Microsoft WSE 3.0 Runtime (HKLM-x32\...\{E3E71D07-CD27-46CB-8448-16D4FB29AA13}) (Version: 3.0.5305.0 - Microsoft Corp.)
Microsoft_VC80_ATL_x86 (x32 Version: 8.0.50727.4053 - Adobe) Hidden
Microsoft_VC80_ATL_x86_x64 (Version: 8.0.50727.4053 - Adobe) Hidden
Microsoft_VC80_CRT_x86 (x32 Version: 8.0.50727.4053 - Adobe) Hidden
Microsoft_VC80_CRT_x86_x64 (Version: 8.0.50727.4053 - Adobe) Hidden
Microsoft_VC80_MFC_x86 (x32 Version: 8.0.50727.4053 - Adobe) Hidden
Microsoft_VC80_MFC_x86_x64 (Version: 8.0.50727.4053 - Adobe) Hidden
Microsoft_VC80_MFCLOC_x86 (x32 Version: 8.0.50727.4053 - Adobe) Hidden
Microsoft_VC80_MFCLOC_x86_x64 (Version: 80.50727.4053 - Adobe) Hidden
Microsoft_VC90_ATL_x86 (x32 Version: 1.00.0000 - Adobe) Hidden
Microsoft_VC90_ATL_x86_x64 (Version: 1.00.0000 - Adobe) Hidden
Microsoft_VC90_CRT_x86 (x32 Version: 1.00.0000 - Adobe) Hidden
Microsoft_VC90_CRT_x86_x64 (Version: 1.00.0000 - Adobe) Hidden
Microsoft_VC90_MFC_x86 (x32 Version: 1.00.0000 - Adobe) Hidden
Microsoft_VC90_MFC_x86_x64 (Version: 1.00.0000 - Adobe) Hidden
Microsoft_VC90_MFCLOC_x86 (x32 Version: 1.00.0000 - Adobe) Hidden
Microsoft_VC90_MFCLOC_x86_x64 (Version: 1.00.0000 - Adobe) Hidden
Mozilla Firefox 18.0.2 (x86 en-US) (HKLM-x32\...\Mozilla Firefox 18.0.2 (x86 en-US)) (Version: 18.0.2 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 18.0.2 - Mozilla)
MSXML 4.0 SP2 (KB954430) (HKLM-x32\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM-x32\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
Notification Center (HKLM-x32\...\{FDAD2767-11CA-4D38-9CC4-48770CE3CC7B}) (Version: 0.7.8.829 - BlueStack Systems, Inc.)
NVIDIA 3D Vision Controller Driver 340.50 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB) (Version: 340.50 - NVIDIA Corporation)
NVIDIA 3D Vision Driver 340.52 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 340.52 - NVIDIA Corporation)
NVIDIA Control Panel 340.52 (Version: 340.52 - NVIDIA Corporation) Hidden
NVIDIA GeForce Experience 2.1.2 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 2.1.2 - NVIDIA Corporation)
NVIDIA GeForce Experience Service (Version: 16.13.42 - NVIDIA Corporation) Hidden
NVIDIA Graphics Driver 340.52 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 340.52 - NVIDIA Corporation)
NVIDIA HD Audio Driver 1.3.30.1 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.30.1 - NVIDIA Corporation)
NVIDIA Install Application (Version: 2.1002.162.1274 - NVIDIA Corporation) Hidden
NVIDIA LED Visualizer 1.0 (Version: 1.0 - NVIDIA Corporation) Hidden
NVIDIA Network Service (Version: 2.0 - NVIDIA Corporation) Hidden
NVIDIA PhysX (x32 Version: 9.13.1220 - NVIDIA Corporation) Hidden
NVIDIA PhysX System Software 9.13.1220 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.13.1220 - NVIDIA Corporation)
NVIDIA ShadowPlay 16.13.42 (Version: 16.13.42 - NVIDIA Corporation) Hidden
NVIDIA Stereoscopic 3D Driver (x32 Version: 7.17.12.6514 - NVIDIA Corporation) Hidden
NVIDIA Update 16.13.42 (Version: 16.13.42 - NVIDIA Corporation) Hidden
NVIDIA Update Core (Version: 16.13.42 - NVIDIA Corporation) Hidden
NVIDIA Virtual Audio 1.2.25 (Version: 1.2.25 - NVIDIA Corporation) Hidden
OpenSource Flash Video Splitter 1.0.0.5 (HKLM-x32\...\OpenSource Flash Video Splitter) (Version: 1.0.0.5 - )
PDF Settings CS5 (x32 Version: 10.0 - Adobe Systems Incorporated) Hidden
PE988 (HKLM\...\{6F8ECA7B-420F-4D63-B866-B83737EB3E76}) (Version: 6.0.77 - YUAN)
Picasa 3 (HKLM-x32\...\Picasa 3) (Version: 3.9 - Google, Inc.)
QuickShare (HKLM-x32\...\{62BC7EFB-47F5-4619-9B74-7DDA72D5AF7E}) (Version: 1.6.1.949 - Linkury Inc.) <==== ATTENTION
QuickTime 7 (HKLM-x32\...\{111EE7DF-FC45-40C7-98A7-753AC46B12FB}) (Version: 7.75.80.95 - Apple Inc.)
RealDownloader (x32 Version: 1.3.0 - RealNetworks, Inc.) Hidden
RealNetworks - Microsoft Visual C++ 2008 Runtime (x32 Version: 9.0 - RealNetworks, Inc) Hidden
RealNetworks - Microsoft Visual C++ 2010 Runtime (x32 Version: 10.0 - RealNetworks, Inc) Hidden
RealPlayer Cloud (HKLM-x32\...\RealPlayer 17.0) (Version: 17.0.2 - RealNetworks)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7246 - Realtek Semiconductor Corp.)
RealUpgrade 1.1 (x32 Version: 1.1.0 - RealNetworks, Inc.) Hidden
Recuva (HKLM\...\Recuva) (Version: 1.51 - Piriform)
Reimage Express (HKLM\...\Reimage Express) (Version: 1.0.3.2 - Reimage)
Revo Uninstaller Pro 3.1.1 (HKLM\...\{67579783-0FB7-4F7B-B881-E5BE47C9DBE0}_is1) (Version: 3.1.1 - VS Revo Group, Ltd.)
RocketDock 1.3.5 (HKLM-x32\...\RocketDock_is1) (Version:  - Punk Software)
Service Pack 2 for Microsoft Office 2010 (KB2687455) 64-Bit Edition (HKLM\...\{90140000-0011-0000-1000-0000000FF1CE}_Office14.PROPLUS_{A3364707-2F53-4C83-8F68-C9877A9080C7}) (Version:  - Microsoft)
Service Pack 2 for Microsoft Office 2010 (KB2687455) 64-Bit Edition (Version:  - Microsoft) Hidden
Service Pack 2 for Microsoft Office 2010 Language Pack (KB2687449) 64-Bit Edition (HKLM\...\{90140000-0100-0409-1000-0000000FF1CE}_Office14.OMUI.en-us_{E8C86A07-99F1-4750-A6CF-C4ED5211A146}) (Version:  - Microsoft)
Service Pack 2 for Microsoft Office 2010 Language Pack (KB2687449) 64-Bit Edition (Version:  - Microsoft) Hidden
SHIELD Streaming (Version: 3.1.200 - NVIDIA Corporation) Hidden
SHIELD Wireless Controller Driver (Version: 16.13.42 - NVIDIA Corporation) Hidden
Torch (HKCU\...\Torch) (Version: 33.0.0.7723 - Torch Media, Inc) <==== ATTENTION
Total Uninstall 6.5.0 (HKLM\...\Total Uninstall 6_is1) (Version: 6.5.0 - Gavrila Martau)
Update for Microsoft Access 2010 (KB2553446) 64-Bit Edition (HKLM\...\{90140000-0011-0000-1000-0000000FF1CE}_Office14.PROPLUS_{FEF4C57D-0975-4D3C-ACC7-DCD038C3788F}) (Version:  - Microsoft)
Update for Microsoft Excel 2010 (KB2889836) 64-Bit Edition (HKLM\...\{90140000-0011-0000-1000-0000000FF1CE}_Office14.PROPLUS_{AC36E3B7-5095-43B9-9A74-928420F88714}) (Version:  - Microsoft)
Update for Microsoft Filter Pack 2.0 (KB2878281) 64-Bit Edition (HKLM\...\{90140000-0011-0000-1000-0000000FF1CE}_Office14.PROPLUS_{84B191B5-5319-463A-A305-8C4D53B1D20A}) (Version:  - Microsoft)
Update for Microsoft InfoPath 2010 (KB2817369) 64-Bit Edition (HKLM\...\{90140000-0011-0000-1000-0000000FF1CE}_Office14.PROPLUS_{DB0B0CDF-77EC-47B0-94E2-4738573A1E58}) (Version:  - Microsoft)
Update for Microsoft InfoPath 2010 (KB2817396) 64-Bit Edition (HKLM\...\{90140000-0011-0000-1000-0000000FF1CE}_Office14.PROPLUS_{1AA82E2E-7DB7-4C70-910C-BBB657A6B3A5}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2553092) (HKLM\...\{90140000-0011-0000-1000-0000000FF1CE}_Office14.PROPLUS_{E636FE63-842B-4F4B-9884-DA189ACC0B91}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2553092) (HKLM\...\{90140000-0044-0409-1000-0000000FF1CE}_Office14.OMUI.en-us_{E636FE63-842B-4F4B-9884-DA189ACC0B91}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2553092) (HKLM\...\{90140000-0044-0409-1000-0000000FF1CE}_Office14.PROPLUS_{E636FE63-842B-4F4B-9884-DA189ACC0B91}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2589298) 64-Bit Edition (HKLM\...\{90140000-0011-0000-1000-0000000FF1CE}_Office14.PROPLUS_{79C725A1-3964-421C-A528-78C1C083C7C7}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2589352) 64-Bit Edition (HKLM\...\{90140000-0011-0000-1000-0000000FF1CE}_Office14.PROPLUS_{95BE5D45-A3DD-4CB1-8C35-D75DD7B4D862}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2589352) 64-Bit Edition (HKLM\...\{90140000-0043-0000-1000-0000000FF1CE}_Office14.PROPLUS_{95BE5D45-A3DD-4CB1-8C35-D75DD7B4D862}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2589375) 64-Bit Edition (HKLM\...\{90140000-0011-0000-1000-0000000FF1CE}_Office14.PROPLUS_{EBD18DE5-BC84-4B57-9A30-097044871F9A}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2597087) 64-Bit Edition (HKLM\...\{90140000-0011-0000-1000-0000000FF1CE}_Office14.PROPLUS_{4AD36582-256B-433D-8593-F31773A15CA4}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2597087) 64-Bit Edition (HKLM\...\{90140000-0043-0000-1000-0000000FF1CE}_Office14.PROPLUS_{4AD36582-256B-433D-8593-F31773A15CA4}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2687502) 64-Bit Edition (HKLM\...\{90140000-001F-0409-1000-0000000FF1CE}_Office14.OMUI.en-us_{B114A387-8A14-4C43-AE51-82F17EB81D49}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2687502) 64-Bit Edition (HKLM\...\{90140000-001F-0409-1000-0000000FF1CE}_Office14.PROPLUS_{B114A387-8A14-4C43-AE51-82F17EB81D49}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2760598) 64-Bit Edition (HKLM\...\{90140000-0011-0000-1000-0000000FF1CE}_Office14.PROPLUS_{F216169C-2B40-429B-8370-B5BA06EC5423}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2760598) 64-Bit Edition (HKLM\...\{90140000-0043-0000-1000-0000000FF1CE}_Office14.PROPLUS_{F216169C-2B40-429B-8370-B5BA06EC5423}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2760631) 64-Bit Edition (HKLM\...\{90140000-0011-0000-1000-0000000FF1CE}_Office14.PROPLUS_{B6AD7E27-012A-4B63-82BA-AF62893E5435}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2794737) 64-Bit Edition (HKLM\...\{90140000-0011-0000-1000-0000000FF1CE}_Office14.PROPLUS_{07DC9C6C-E916-4F42-8677-716930ED0393}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2794737) 64-Bit Edition (HKLM\...\{90140000-0100-0409-1000-0000000FF1CE}_Office14.OMUI.en-us_{07DC9C6C-E916-4F42-8677-716930ED0393}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2825635) 64-Bit Edition (HKLM\...\{90140000-0011-0000-1000-0000000FF1CE}_Office14.PROPLUS_{6E760BBA-B83F-4C2D-918F-5F91EF6C9861}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2825640) 64-Bit Edition (HKLM\...\{90140000-0011-0000-1000-0000000FF1CE}_Office14.PROPLUS_{43F59F4D-7179-497E-BE99-BC6F7D1DDCBA}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2825640) 64-Bit Edition (HKLM\...\{90140000-0044-0409-1000-0000000FF1CE}_Office14.OMUI.en-us_{43F59F4D-7179-497E-BE99-BC6F7D1DDCBA}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2825640) 64-Bit Edition (HKLM\...\{90140000-0044-0409-1000-0000000FF1CE}_Office14.PROPLUS_{43F59F4D-7179-497E-BE99-BC6F7D1DDCBA}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2837581) 64-Bit Edition (HKLM\...\{90140000-0011-0000-1000-0000000FF1CE}_Office14.PROPLUS_{D1F3B526-7EB2-4701-92DB-0784988D78DE}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2837606) 64-Bit Edition (HKLM\...\{90140000-0011-0000-1000-0000000FF1CE}_Office14.PROPLUS_{52BEF8AE-9324-40A1-9A92-E5A8FB63A475}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2878252) 64-Bit Edition (HKLM\...\{90140000-0011-0000-1000-0000000FF1CE}_Office14.PROPLUS_{56551B9F-2FE1-4705-ACF0-8FA920535E18}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2878252) 64-Bit Edition (HKLM\...\{90140000-0043-0000-1000-0000000FF1CE}_Office14.PROPLUS_{56551B9F-2FE1-4705-ACF0-8FA920535E18}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2881028) 64-Bit Edition (HKLM\...\{90140000-001F-040C-1000-0000000FF1CE}_Office14.OMUI.en-us_{4B9B2BAF-EE1F-4B60-A4D9-17B7BEEB13A1}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2881028) 64-Bit Edition (HKLM\...\{90140000-001F-040C-1000-0000000FF1CE}_Office14.PROPLUS_{4B9B2BAF-EE1F-4B60-A4D9-17B7BEEB13A1}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2881028) 64-Bit Edition (HKLM\...\{90140000-001F-0C0A-1000-0000000FF1CE}_Office14.OMUI.en-us_{860EE8B1-0B9F-4A8A-91FE-649CD3C6754C}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2881028) 64-Bit Edition (HKLM\...\{90140000-001F-0C0A-1000-0000000FF1CE}_Office14.PROPLUS_{860EE8B1-0B9F-4A8A-91FE-649CD3C6754C}) (Version:  - Microsoft)
Update for Microsoft OneNote 2010 (KB2837595) 64-Bit Edition (HKLM\...\{90140000-0011-0000-1000-0000000FF1CE}_Office14.PROPLUS_{3029C408-1DD1-4273-8E58-87CB1B638FC8}) (Version:  - Microsoft)
Update for Microsoft OneNote 2010 (KB2837595) 64-Bit Edition (HKLM\...\{90140000-0043-0000-1000-0000000FF1CE}_Office14.PROPLUS_{3029C408-1DD1-4273-8E58-87CB1B638FC8}) (Version:  - Microsoft)
Update for Microsoft Outlook 2010 (KB2687567) 64-Bit Edition (HKLM\...\{90140000-0011-0000-1000-0000000FF1CE}_Office14.PROPLUS_{DDDC32A5-9528-4771-B91A-97A8E1D7957B}) (Version:  - Microsoft)
Update for Microsoft Outlook 2010 (KB2687567) 64-Bit Edition (HKLM\...\{90140000-001A-0409-1000-0000000FF1CE}_Office14.OMUI.en-us_{DBAC8ED2-9287-499E-AD66-590C7413C7DE}) (Version:  - Microsoft)
Update for Microsoft Outlook 2010 (KB2687567) 64-Bit Edition (HKLM\...\{90140000-001A-0409-1000-0000000FF1CE}_Office14.PROPLUS_{DBAC8ED2-9287-499E-AD66-590C7413C7DE}) (Version:  - Microsoft)
Update for Microsoft PowerPoint 2010 (KB2837579) 64-Bit Edition (HKLM\...\{90140000-0011-0000-1000-0000000FF1CE}_Office14.PROPLUS_{A20A650C-F820-4CE4-AEA5-EC140192FAFB}) (Version:  - Microsoft)
Update for Microsoft PowerPoint 2010 (KB2837579) 64-Bit Edition (HKLM\...\{90140000-0018-0409-1000-0000000FF1CE}_Office14.OMUI.en-us_{393B360E-62F8-463D-B914-1ECDC1359A46}) (Version:  - Microsoft)
Update for Microsoft PowerPoint 2010 (KB2837579) 64-Bit Edition (HKLM\...\{90140000-0018-0409-1000-0000000FF1CE}_Office14.PROPLUS_{393B360E-62F8-463D-B914-1ECDC1359A46}) (Version:  - Microsoft)
Update for Microsoft SharePoint Workspace 2010 (KB2760601) 64-Bit Edition (HKLM\...\{90140000-0011-0000-1000-0000000FF1CE}_Office14.PROPLUS_{77374F16-2DC6-4EEF-AFAD-C59FDA2E010D}) (Version:  - Microsoft)
Update for Microsoft SharePoint Workspace 2010 (KB2760601) 64-Bit Edition (HKLM\...\{90140000-0043-0000-1000-0000000FF1CE}_Office14.PROPLUS_{77374F16-2DC6-4EEF-AFAD-C59FDA2E010D}) (Version:  - Microsoft)
Update for Microsoft Visio 2010 (KB2880526) 64-Bit Edition (HKLM\...\{90140000-0011-0000-1000-0000000FF1CE}_Office14.PROPLUS_{F6F342A1-530B-4D48-A468-1E3F70928984}) (Version:  - Microsoft)
Update for Microsoft Visio Viewer 2010 (KB2837587) 64-Bit Edition (HKLM\...\{90140000-0011-0000-1000-0000000FF1CE}_Office14.PROPLUS_{C950A55F-82E3-4CC8-8FA2-E8A2A0F651F3}) (Version:  - Microsoft)
UpdateService (x32 Version: 1.0.0 - RealNetworks, Inc.) Hidden
VC80CRTRedist - 8.0.50727.6195 (x32 Version: 1.2.0 - DivX, Inc) Hidden
VideoDownloaderUltimate (HKCU\...\VideoDownloaderUltimateWinApp) (Version: 1.0.1.23 - Link64)
Visual Studio 2010 x64 Redistributables (HKLM\...\{21B133D6-5979-47F0-BE1C-F6A6B304693F}) (Version: 13.0.0.1 - AVG Technologies)
Visual Studio 2012 x64 Redistributables (HKLM\...\{8C775E70-A791-4DA8-BCC3-6AB7136F4484}) (Version: 14.0.0.1 - AVG Technologies)
Visual Studio 2012 x86 Redistributables (HKLM-x32\...\{98EFF19A-30AB-4E4B-B943-F06B1C63EBF8}) (Version: 14.0.0.1 - AVG Technologies CZ, s.r.o.)
VLC media player 2.1.3 (HKLM-x32\...\VLC media player) (Version: 2.1.3 - VideoLAN)
Wajam (HKLM-x32\...\Wajam) (Version: 2.15 (i2.5) - Wajam) <==== ATTENTION
Windows Driver Package - Advanced Micro Devices (amdide64) hdc  (12/04/2012 5.2.2.0179) (HKLM\...\92CABF192AE59FEC7A26BF526AE067A4C700A858) (Version: 12/04/2012 5.2.2.0179 - Advanced Micro Devices)
Windows Driver Package - Apple (Netaapl) Net  (07/12/2011 1.8.4.2) (HKLM\...\E3446990DE8D5843AECCB8B0EF4E7D8DBF5E78B2) (Version: 07/12/2011 1.8.4.2 - Apple)
Windows Driver Package - Broadcom Corporation (BTHUSB) Bluetooth  (01/20/2010 6.3.0.3500) (HKLM\...\79B5284AC8847651E6939E5B2FB1A473E6C9D19B) (Version: 01/20/2010 6.3.0.3500 - Broadcom Corporation)
Windows Driver Package - Broadcom Corporation (BTHUSB) Bluetooth  (01/28/2010 6.3.0.3800) (HKLM\...\5BB2352543C023211B5CDA6229832626C218EB7F) (Version: 01/28/2010 6.3.0.3800 - Broadcom Corporation)
Windows Driver Package - YUAN TV DRIVER (cxpl_mhd) Media  (11/08/2011 6.0.32.0077) (HKLM\...\34BE71CBF435D6B34FFAF9BA68AD921E99CF4065) (Version: 11/08/2011 6.0.32.0077 - YUAN TV DRIVER)
Windows Resource Kit Tools - SubInAcl.exe (HKLM-x32\...\{D3EE034D-5B92-4A55-AA02-2E6D0A6A96EE}) (Version: 5.2.3790.1164 - Microsoft Corporation)
WinZip 18.5 (HKLM\...\{CD95F661-A5C4-44F5-A6AA-ECDD91C240E3}) (Version: 18.5.11111 - WinZip Computing, S.L. )
XBMC (HKCU\...\XBMC) (Version:  - Team XBMC)
Xvid Video Codec (HKLM-x32\...\Xvid Video Codec 1.3.2) (Version: 1.3.2 - Xvid Team)
 
==================== Custom CLSID (selected items): ==========================
 
(If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)
 
 
==================== Restore Points  =========================
 
20-09-2014 22:02:49 Windows Update
21-09-2014 23:00:41 Windows Backup
22-09-2014 09:35:15 Microsoft Antimalware Checkpoint
24-09-2014 09:37:16 Windows Update
24-09-2014 16:21:35 Windows Update
24-09-2014 16:45:02 Installed DirectX
28-09-2014 09:37:09 Windows Update
28-09-2014 23:00:28 Windows Backup
02-10-2014 05:14:16 Windows Update
04-10-2014 15:26:38 Removed iCloud
04-10-2014 15:30:47 Installed iCloud
05-10-2014 15:50:44 Windows Update
05-10-2014 23:00:22 Windows Backup
08-10-2014 19:37:35 Windows Update
10-10-2014 04:01:33 Microsoft Antimalware Checkpoint
12-10-2014 00:32:26 Windows Update
12-10-2014 23:01:33 Windows Backup
14-10-2014 18:00:01 Restore Operation
14-10-2014 19:36:04 Windows Backup
14-10-2014 21:20:04 Windows Update
16-10-2014 19:17:02 Windows Backup
16-10-2014 23:08:12 Reimage Express Restore Point
17-10-2014 12:55:06 Reimage Express Restore Point
17-10-2014 13:09:23 Uninstalled with Total Uninstall ""
17-10-2014 15:53:12 Revo Uninstaller's restore point - Google+ Auto Backup
17-10-2014 16:51:36 Installed STOPzilla
17-10-2014 17:00:05 STOPzilla Restore Point.
17-10-2014 18:00:24 Removed STOPzilla
18-10-2014 17:58:42 Windows Update
 
==================== Hosts content: ==========================
 
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
 
2014-03-01 02:10 - 2014-10-17 12:54 - 00449758 ____A C:\Windows\system32\Drivers\etc\hosts
127.0.0.1 localhost
127.0.0.1 activate.adobe.com
127.0.0.1 3dns-3.adobe.com
127.0.0.1 adobe-dns-2.adobe.com
127.0.0.1 adobe-dns-3.adobe.com
127.0.0.1 ereg.wip3.adobe.com
127.0.0.1 activate-sea.adobe.com
127.0.0.1 wip3.adobe.com
127.0.0.1 wwis-dubc1-vip60.adobe.com
127.0.0.1 activate-sjc0.adobe.com
127.0.0.1 practivate.adobe.com
127.0.0.1 ereg.adobe.com
127.0.0.1 activate.wip3.adobe.com
127.0.0.1 3dns-2.adobe.com
127.0.0.1 adobe-dns.adobe.com
127.0.0.1 www.iobit.com
127.0.0.1 www.007guard.com
127.0.0.1 007guard.com
127.0.0.1 008i.com
127.0.0.1 www.008k.com
127.0.0.1 008k.com
127.0.0.1 www.00hq.com
127.0.0.1 00hq.com
127.0.0.1 010402.com
127.0.0.1 www.032439.com
127.0.0.1 032439.com
127.0.0.1 www.0scan.com
127.0.0.1 0scan.com
127.0.0.1 1000gratisproben.com
 
There are 1000 more lines.
 
 
==================== Scheduled Tasks (whitelisted) =============
 
(If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.)
 
Task: {000612EA-70A0-4C63-89A1-8C5AEA7EFE8D} - System32\Tasks\{2C7ACBC0-7276-4542-8CD7-529B4D9AA8CC} => C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe [2013-05-07] (ATI Technologies Inc.)
Task: {006F7C01-5F0E-4150-9C4D-DE30C78C24A1} - System32\Tasks\{5FB22839-DCD7-44B2-8A12-F735271B7366} => C:\Program Files (x86)\AMD AVT\bin\kdbsync.exe [2012-11-27] ()
Task: {02E826AC-35DE-482B-94B2-15A0559936CE} - System32\Tasks\{81C5B8D4-8F2D-4A27-9184-EED41C281D3E} => C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe [2013-05-07] (ATI Technologies Inc.)
Task: {05A07841-8538-4FA8-A72E-58D63EF246DB} - System32\Tasks\{A2992F5E-09C1-403A-B59B-A743630AD888} => C:\Users\Nigel\Desktop\System Drivers\SetupBtwDownloadSE.exe
Task: {079ADE9F-71D9-4F2F-ACD6-13E8E77D1F92} - System32\Tasks\Csb_IdleScan_Task => C:/Program Files (x86)/Anvisoft/Cloud System Booster/CloudSystemBooster.exe [2014-08-20] (Anvisoft)
Task: {093963F0-A29D-40AE-99C1-75A26902A885} - System32\Tasks\Test TimeTrigger => C:\Users\Nigel\AppData\Local\Temp\Runner.exe <==== ATTENTION
Task: {0A818F3C-A3E3-4122-B3F0-19729F7CCE12} - System32\Tasks\{7DB33574-0FEC-4FC6-92B5-1663FE05B401} => C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe [2013-05-07] (ATI Technologies Inc.)
Task: {0DCD46B0-0A93-41AF-A417-D30980C7434D} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2014-09-24] (Adobe Systems Incorporated)
Task: {1038BF1B-FF84-473E-9470-CF2542F8734B} - System32\Tasks\{621D54F1-F962-49FF-80F3-E4901E48F97F} => C:\NVIDIA\DisplayDriver\326.01\Win8_WinVista_Win7\International\Display.Driver\NvCplSetupInt.exe
Task: {10ADD4C1-18C7-4959-B6A6-55B7612B9981} - System32\Tasks\{9B93F1C1-BAE0-4547-A7F4-436DCB981174} => C:\NVIDIA\DisplayDriver\326.01\Win8_WinVista_Win7\International\Display.Driver\NvCplSetupInt.exe
Task: {123565F3-0D19-410B-A6DA-88F89AD0DB10} - System32\Tasks\Microsoft_Hardware_Launch_mousekeyboardcenter_exe => c:\Program Files\Microsoft Mouse and Keyboard Center\mousekeyboardcenter.exe [2013-01-29] (Microsoft)
Task: {12EFB081-B6B7-498C-B0EB-5B466DCAC3DB} - System32\Tasks\{C1FD0AF3-F142-4A98-8F71-C27459CCC326} => C:\Users\Public\Documents\ATISetup.exe [2013-02-14] (Advanced Micro Devices, Inc.)
Task: {169AAA98-589D-4EF5-99E6-164E9E990614} - System32\Tasks\{73CE8116-3FE9-4BB0-9ECF-FF9EF71B71CC} => C:\AMD\Support\13-4_vista_win7_win8_64_dd_ccc_whql\Setup.exe [2013-03-28] (Advanced Micro Devices, Inc.)
Task: {169CA07C-AC46-4953-8DA6-2580DBCF974F} - System32\Tasks\{2D439E47-B377-4F2A-84A7-1FFFB9315E27} => C:\Users\Nigel\Desktop\System Drivers\SetupBtwDownloadSE.exe
Task: {186E7797-9FE8-4A70-9B8A-BB997C6DC598} - System32\Tasks\{CC0FD0E2-776D-4B23-B75B-DA619AA69C1B} => C:\Users\Nigel\Desktop\SetupBtwDownloadSE.exe
Task: {1AFB0322-06B1-4B25-A4D1-2EC13633A456} - System32\Tasks\{10054E13-B4D2-4038-A149-7D7CD286D5BC} => C:\Program Files\Microsoft Silverlight\5.1.20125.0\Silverlight.Configuration.exe
Task: {1FE31CA9-9587-4D90-B97B-4874FE0DD994} - System32\Tasks\{3809E01F-7D74-419D-A04E-475AC9AC0104} => C:\Users\Nigel\Desktop\System Drivers\SetupBtwDownloadSE.exe
Task: {2199150D-38EE-40E0-932A-C547AFC1CDCE} - System32\Tasks\Java Update Scheduler => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [2012-07-03] (Sun Microsystems, Inc.)
Task: {229C7C40-7C76-407C-ABBF-B9A8B0729DA3} - System32\Tasks\Chrome Launcher => C:\Program Files (x86)\Techsnab\Chrome Launcher\chrome-links.exe [2014-09-13] ()
Task: {22E21245-ACCB-45D9-86D9-43D186C24EE0} - System32\Tasks\{1C9473D9-9587-4262-BED4-CE9A0A5B7132} => C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe [2013-05-07] (ATI Technologies Inc.)
Task: {22ED1B6B-B453-4340-A791-B7610BD18DAD} - System32\Tasks\ss u helper-S-9665547 => c:\programdata\wintersoft\ss u helper\ss u helper.exe
Task: {23925085-F16B-480C-893C-00F6B4471DB4} - System32\Tasks\{6FCAAA83-1380-4B01-827E-618BDC4C8749} => C:\Users\Nigel\Desktop\SetupBtwDownloadSE.exe
Task: {251F1F0E-642E-4773-9A4F-BEB433A9277B} - System32\Tasks\{0F35E7D5-B3FA-4E4F-B3C2-695339938076} => C:\Users\Public\Documents\ATISetup.exe [2013-02-14] (Advanced Micro Devices, Inc.)
Task: {26D1CC47-7787-49E1-91F4-1C5B5053B481} - System32\Tasks\{28980DF0-B3B8-477B-B624-7B366C1E9F82} => C:\NVIDIA\DisplayDriver\326.01\Win8_WinVista_Win7\International\Display.Driver\NvCplSetupInt.exe
Task: {293E9808-104D-47BB-BAAD-6C879853839B} - System32\Tasks\Microsoft_Hardware_Launch_itype_exe => c:\Program Files\Microsoft Mouse and Keyboard Center\itype.exe [2013-01-29] (Microsoft Corporation)
Task: {2963DDCF-57EB-43AE-890A-DF5A98B7AEC7} - System32\Tasks\GPUpdateCheck => C:\Program Files (x86)\GetPrivate\gpup.exe [2014-09-22] ()
Task: {29FCDBB3-E067-422E-B938-73B7521C3370} - System32\Tasks\{84129D00-A527-4272-9EAF-734B4C1137A6} => C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe [2013-05-07] (ATI Technologies Inc.)
Task: {317E9D0C-E965-4647-AF45-C426E3C47409} - System32\Tasks\RealDownloaderDownloaderScheduledTaskS-1-5-21-425073729-1472267466-4260431720-1000 => C:\Program Files (x86)\RealNetworks\RealDownloader\recordingmanager.exe [2012-11-29] (RealNetworks, Inc.)
Task: {32608733-4D6D-47E7-89BF-37F1B22B89B9} - System32\Tasks\{DAE296A8-D8A2-4199-8500-2224FE88CDAF} => C:\NVIDIA\DisplayDriver\326.01\Win8_WinVista_Win7\International\Display.Driver\NvCplSetupInt.exe
Task: {349B5B62-DEAF-4B16-93FE-DE7C169ABE66} - System32\Tasks\ReclaimerUpdateFiles_Nigel => C:\Users\Nigel\AppData\Roaming\Real\Update\UpgradeHelper\RealPlayer\11.02\agent\rnupgagent.exe [2014-09-20] (RealNetworks, Inc.)
Task: {368FD478-750D-48DA-98C1-91A0AC9154BA} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-425073729-1472267466-4260431720-1000Core => C:\Users\Nigel\AppData\Local\Google\Update\GoogleUpdate.exe
Task: {3885C983-81FD-4929-94F2-BADDDEC585E8} - System32\Tasks\{E9D746C0-8108-4D3F-856F-0B8E88844D63} => C:\Users\Nigel\AppData\Roaming\Easeware\DriverEasy\drivers\sqnb3bkh.g5k\13-4_vista_win7_win8_64_dd_ccc_whql.exe
Task: {3A28F420-CA2E-41C7-98E6-090BD717828D} - System32\Tasks\{1BB641A5-4C01-461B-A3CA-3EE7A8AFC753} => C:\Users\Nigel\Desktop\System Drivers\SetupBtwDownloadSE.exe
Task: {3A662C89-E799-4D3F-A277-2C6AE51F2D5D} - System32\Tasks\RNUpgradeHelperLogonPrompt_Nigel => C:\Users\Nigel\AppData\Roaming\Real\Update\UpgradeHelper\RealPlayer\11.02\agent\rnupgagent.exe [2014-09-20] (RealNetworks, Inc.)
Task: {3AE4BFDD-06D3-4A72-A031-752C12C5A1FC} - System32\Tasks\{3CED81EB-75E9-4886-9345-6F8A59F71133} => C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe [2013-05-07] (ATI Technologies Inc.)
Task: {3AE64DE5-B4CB-4FEE-8261-3C44EC6592F2} - System32\Tasks\{DA2D6784-B468-41D6-A9C3-E6456F0ECEDC} => C:\AMD\Support\13-4_vista_win7_win8_64_dd_ccc_whql\Setup.exe [2013-03-28] (Advanced Micro Devices, Inc.)
Task: {3C0C5E3A-2FD6-4BE1-9044-A2D75313532F} - System32\Tasks\{3A0372C4-11E7-4A9F-97D8-DA624D7A58FD} => C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe [2013-05-07] (ATI Technologies Inc.)
Task: {3FC269B9-8C6C-4A9E-9628-2490CDAF8E1D} - System32\Tasks\{F565868D-6352-46C1-9D78-ACC152BA5AFC} => C:\Users\Nigel\AppData\Roaming\Easeware\DriverEasy\drivers\sqnb3bkh.g5k\13-4_vista_win7_win8_64_dd_ccc_whql.exe
Task: {4351F10C-E69D-4B69-945D-08C1F0EBDD8A} - System32\Tasks\{8F6CAC86-F380-4C50-8006-36939E72777D} => C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe [2013-05-07] (ATI Technologies Inc.)
Task: {449F4E01-3C7C-4D28-ABBA-828539A83685} - System32\Tasks\{C418A8B2-9255-49E4-A6E9-4D7CA82ADDD3} => C:\Program Files (x86)\AMD AVT\bin\kdbsync.exe [2012-11-27] ()
Task: {44E0ECA0-F601-4090-B027-8CD419F677AD} - System32\Tasks\SmartDefrag_Schedule => C:\Program Files (x86)\IObit\Smart Defrag 2\SmartDefrag.exe
Task: {459C1231-E4FD-4849-B9C5-FBA0C5BB8245} - System32\Tasks\{2A23BB18-DE5C-43BD-BC52-72961C9849D3} => C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe [2013-05-07] (ATI Technologies Inc.)
Task: {467D8819-3E3A-417E-863A-3DF0E112FCB5} - System32\Tasks\{AE34398D-666B-4CCE-BC8F-DB48148EA13F} => C:\Users\Nigel\AppData\Roaming\Easeware\DriverEasy\drivers\sqnb3bkh.g5k\13-4_vista_win7_win8_64_dd_ccc_whql.exe
Task: {4BE74FA7-42CD-41FE-B40D-F9E9C441537E} - System32\Tasks\{BAF80243-FBA1-4E89-95EB-C0D3AA496914} => C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe [2013-05-07] (ATI Technologies Inc.)
Task: {4F2DEE36-7405-4E0C-8129-21A2BBD59B4E} - System32\Tasks\{AEE3B048-B798-479B-B577-03A229A26271} => C:\Program Files (x86)\AMD AVT\bin\kdbsync.exe [2012-11-27] ()
Task: {51745400-A8A2-46E2-A2AA-F90FD82B42A5} - System32\Tasks\{924020A1-5A40-46D8-ADE0-8DF0D267C4CA} => C:\Users\Nigel\Downloads\USB Human Interface Device 33b51d98912fa395f47d492c06592e62\USB Human Interface Device 33b51d98912fa395f47d492c06592e62.exe
Task: {51DF843C-2317-46CB-8DCD-9786748EF292} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-425073729-1472267466-4260431720-1000UA => C:\Users\Nigel\AppData\Local\Google\Update\GoogleUpdate.exe
Task: {56459790-A92F-4CDA-AF94-876D74EBEC31} - System32\Tasks\{9FAA2EAA-5333-4F67-897D-042DC1118AEF} => C:\NVIDIA\DisplayDriver\326.01\Win8_WinVista_Win7\International\Display.Driver\NvCplSetupInt.exe
Task: {5852944E-E3BF-47B0-A8CD-EE9B9FCC856C} - System32\Tasks\{48E4D8DA-0C19-4658-B79C-C5078590BEEF} => C:\Program Files (x86)\JMicron\JOHCI_DIR\setup.exe [2010-07-30] (JMicron Technology Corp.)
Task: {59D050C2-9DFB-4BBB-9BEF-9B5072BDAE74} - System32\Tasks\{FE23A538-ED0A-40E0-87B2-0FA07139C608} => C:\Users\Nigel\Desktop\SetupBtwDownloadSE.exe
Task: {5A655E23-C498-4B5F-A959-B0588BD8C6CB} - System32\Tasks\{73825FD6-27E8-44E3-A92D-5506AD1B97FA} => C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe [2013-05-07] (ATI Technologies Inc.)
Task: {5C75FAF9-9DA8-4844-8416-2228A7785B44} - System32\Tasks\{FC2419A3-3ADC-4196-AAA4-5A5977A662CF} => C:\Program Files (x86)\JMicron\JOHCI_DIR\setup.exe [2010-07-30] (JMicron Technology Corp.)
Task: {6032B365-3830-4CD5-AE92-FE6D4561AE51} - System32\Tasks\{881571A8-9200-4CB5-B498-2A83A9E86DA6} => C:\NVIDIA\DisplayDriver\326.01\Win8_WinVista_Win7\International\Display.Driver\NvCplSetupInt.exe
Task: {60E328B8-E650-45BE-8878-404EE5B610F8} - System32\Tasks\{87D481AC-6BB3-4473-B7AD-3607DCEA8756} => C:\Program Files (x86)\AMD AVT\bin\kdbsync.exe [2012-11-27] ()
Task: {6260FD1A-D38B-44C5-A055-52AB153435FD} - System32\Tasks\{11B3F5B9-1B08-4582-8226-996CDA70793D} => C:\Users\Nigel\Desktop\System Drivers\SetupBtwDownloadSE.exe
Task: {65685772-F1F4-4A8B-8875-60D89FD5137A} - \TidyNetwork Update No Task File <==== ATTENTION
Task: {667FC555-EBE8-4B7E-A24B-C32A0943A876} - System32\Tasks\Microsoft_MKC_Logon_Task_itype.exe => c:\Program Files\Microsoft Mouse and Keyboard Center\itype.exe [2013-01-29] (Microsoft Corporation)
Task: {67309B44-4BBA-46A8-94CE-66F0E4118D55} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2011-06-01] (Apple Inc.)
Task: {7033CB6B-822E-422C-B3A5-285638759605} - System32\Tasks\{F92FDF9D-A098-4E5B-A8B0-BFD8B84ACFF9} => C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe [2013-05-07] (ATI Technologies Inc.)
Task: {708D0DCC-2C04-499E-BB51-26648D454A7B} - System32\Tasks\{C174E770-DDA8-43A4-B145-1DDB63E80EFB} => C:\Users\Nigel\Desktop\SetupBtwDownloadSE.exe
Task: {77090DF9-6BCB-46BD-A052-595EF90E516D} - System32\Tasks\RealDownloaderRealUpgradeLogonTaskS-1-5-21-425073729-1472267466-4260431720-1000 => C:\Program Files (x86)\RealNetworks\RealDownloader\realupgrade.exe [2012-11-29] (RealNetworks, Inc.)
Task: {779B01EA-C171-4A33-A0AA-D9A09F0EEE26} - System32\Tasks\ReimageUpdater => C:\Program Files\Reimage\Reimage Protector\ReiGuard.exe
Task: {786EC165-195D-4716-B28B-926E119BD975} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2014-09-26] (Piriform Ltd)
Task: {79C33A83-58DD-44FC-87EE-B1EAC391332E} - System32\Tasks\{4A2DD742-0F4E-41E5-8164-8C4079E1D14C} => C:\Program Files (x86)\JMicron\JOHCI_DIR\setup.exe [2010-07-30] (JMicron Technology Corp.)
Task: {7BFC570D-1D85-4F51-9A51-840363EE6994} - System32\Tasks\CCleanerClean => C:\Program Files\CCleaner\CCleaner.exe [2014-09-26] (Piriform Ltd)
Task: {7C43B3B7-D555-40E2-9548-D0461CBC676F} - System32\Tasks\{7B644DAF-35C5-439A-952A-E355469DEE4A} => C:\AMD\Support\13-4_vista_win7_win8_64_dd_ccc_whql\Setup.exe [2013-03-28] (Advanced Micro Devices, Inc.)
Task: {7CC66EF8-31F6-4E5C-BFE2-92851B0A97E8} - System32\Tasks\ReclaimerUpdateXML_Nigel => C:\Users\Nigel\AppData\Roaming\Real\Update\UpgradeHelper\RealPlayer\11.02\agent\rnupgagent.exe [2014-09-20] (RealNetworks, Inc.)
Task: {7D16292D-72E8-4AE0-A281-77217F353C3C} - System32\Tasks\{C6D7FCF8-E7B1-4703-8194-D75C03B4DF37} => C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe [2013-05-07] (ATI Technologies Inc.)
Task: {7EC72E42-E0D9-4DB7-B499-3BC25912A497} - System32\Tasks\{4AACEB05-CFC0-4279-9403-CC99773EDDCF} => C:\Users\Nigel\Desktop\System Drivers\SetupBtwDownloadSE.exe
Task: {7F733B87-02E8-479E-8440-514AE88C24A7} - System32\Tasks\{6D7101B6-EC94-4CD8-9786-A08EE5E54F8F} => C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe [2013-05-07] (ATI Technologies Inc.)
Task: {807F5556-47D5-4EC7-8562-1CC7C96009B0} - System32\Tasks\Eakona Update => C:\ProgramData\Eakona\update15.exe
Task: {81A0FB29-85F8-4BFA-8F27-A54082550447} - System32\Tasks\Driver Booster SkipUAC (Nigel) => C:\Program Files (x86)\IObit\Driver Booster\DriverBooster.exe [2014-08-06] (IObit)
Task: {83AFC484-8A32-40B4-8A02-9E064C609D88} - System32\Tasks\RealDownloaderRealUpgradeScheduledTaskS-1-5-21-425073729-1472267466-4260431720-1000 => C:\Program Files (x86)\RealNetworks\RealDownloader\realupgrade.exe [2012-11-29] (RealNetworks, Inc.)
Task: {84589CC3-E682-4196-B545-F1A996BDD4B1} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: {84CFA5CB-FE45-4E62-8842-A69B2BC7833D} - System32\Tasks\{544F44BF-F291-4E18-8BF3-60C0E38A8E9D} => C:\Program Files (x86)\FVD Player\FVD Player.exe
Task: {8565466B-33EA-453A-9A44-FB10FED0EBE0} - System32\Tasks\RealPlayerRealUpgradeLogonTaskS-1-5-21-425073729-1472267466-4260431720-1000 => C:\Program Files (x86)\Real\RealUpgrade\RealUpgrade.exe [2013-10-25] (RealNetworks, Inc.)
Task: {8C433082-E77E-4688-BF0E-6CB3A25A77DD} - System32\Tasks\{1D1A5A4A-8E61-4697-AC2F-51D7EE009786} => C:\Users\Nigel\Desktop\SetupBtwDownloadSE.exe
Task: {90473550-E850-4BFB-9244-5EE77EF732AA} - System32\Tasks\{1F60F57D-30CA-4034-BC06-941D7B6CD9F0} => C:\Program Files (x86)\FVD Player\FVD Player.exe
Task: {951DCD93-192C-435E-A657-97B8861D29D7} - System32\Tasks\{72C600E9-A2FB-4A6C-8EDB-4B7FD35F3BE0} => C:\Users\Nigel\Desktop\System Drivers\SetupBtwDownloadSE.exe
Task: {96424976-48F4-4F52-A759-B19F12A6F4AF} - System32\Tasks\YourFileDownloader Installer Starter => C:\Users\Nigel\AppData\Local\Temp\YourFileDownloaderxVijv0Nbf2.exe <==== ATTENTION
Task: {96878061-26E9-49D3-8B8B-6CC548CA5809} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: {992CD035-8FA6-4179-8F27-6451EAC9B25E} - System32\Tasks\Microsoft_Hardware_Launch_ipoint_exe => c:\Program Files\Microsoft Mouse and Keyboard Center\ipoint.exe [2013-01-29] (Microsoft Corporation)
Task: {9B7E1E6B-8E4C-4230-9B53-6F404F3C8FA3} - System32\Tasks\RNUpgradeHelperResumePrompt_Nigel => C:\Users\Nigel\AppData\Roaming\Real\Update\UpgradeHelper\RealPlayer\11.02\agent\rnupgagent.exe [2014-09-20] (RealNetworks, Inc.)
Task: {A08E06B3-13BE-4A64-8BE4-BA75BFE3CF80} - System32\Tasks\{DCD6F798-3E9A-4E0B-BD8F-4F1A56C6E1A5} => C:\Users\Nigel\Downloads\USB Human Interface Device 33b51d98912fa395f47d492c06592e62\USB Human Interface Device 33b51d98912fa395f47d492c06592e62.exe
Task: {A5E73495-E96E-4AB8-AF93-C21EC0416E5A} - System32\Tasks\{1A248453-EA28-4123-BDBE-21B643214981} => C:\Users\Nigel\Desktop\System Drivers\SetupBtwDownloadSE.exe
Task: {A5FEAF99-0991-43FE-AA1F-D8046B57BAEE} - System32\Tasks\{E053BCD8-88B4-40F6-B0E9-54B4C0E2DB24} => C:\Program Files (x86)\AMD AVT\bin\kdbsync.exe [2012-11-27] ()
Task: {A865B493-DC39-4096-A89C-F345384C3AF4} - System32\Tasks\{6F328AA4-E7BC-4E55-8580-8DD694CC3ADB} => C:\Users\Nigel\Desktop\SetupBtwDownloadSE.exe
Task: {A8818490-0854-4337-B395-4A370F92FE89} - System32\Tasks\{21766169-89C2-49F6-BB8F-AB224E395A1B} => C:\NVIDIA\DisplayDriver\326.01\Win8_WinVista_Win7\International\Display.Driver\NvCplSetupInt.exe
Task: {AB23705A-DE13-4C0F-9DC8-275734E6618D} - System32\Tasks\Microsoft\Windows\WindowsBackup\AutomaticBackup => Rundll32.exe /d sdengin2.dll,ExecuteScheduledBackup
Task: {AB54D713-8B71-4989-A1B2-F224EB44A3AE} - System32\Tasks\{8571D682-9355-4007-A9C8-52B226CC06A8} => C:\Program Files (x86)\AMD AVT\bin\kdbsync.exe [2012-11-27] ()
Task: {AEA2DCEC-1540-4417-808E-F885D955417D} - System32\Tasks\{F42A0C80-5557-42CB-8465-6164EBAD88A8} => C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe [2013-05-07] (ATI Technologies Inc.)
Task: {AEB6797F-3C8C-4FEC-ADF2-D899CAF39D65} - System32\Tasks\{4BD65B01-0AE9-4A43-B2F7-CF6128EA21A9} => C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe [2013-05-07] (ATI Technologies Inc.)
Task: {AF7D2CEF-584D-4481-8C36-2503A983A9DB} - System32\Tasks\AdobeAAMUpdater-1.0-Nigel-PC-Nigel => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [2014-02-27] (Adobe Systems Incorporated)
Task: {B2EE0003-6F1B-4C22-8D48-992FB5AABE0A} - System32\Tasks\Microsoft_MKC_Logon_Task_ipoint.exe => c:\Program Files\Microsoft Mouse and Keyboard Center\ipoint.exe [2013-01-29] (Microsoft Corporation)
Task: {B41A22EC-4CB5-4AFE-8BEA-5B01E5AE43EE} - System32\Tasks\{E400AB86-5A44-4228-A3CE-AF605BA9AF62} => C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe [2013-05-07] (ATI Technologies Inc.)
Task: {B7FC23B2-7EC7-4C96-8161-B3CFB715E737} - System32\Tasks\{9ED700B8-ECDA-427C-B8E3-2791A2E2DCD7} => C:\Program Files (x86)\AMD AVT\bin\kdbsync.exe [2012-11-27] ()
Task: {BBC765F7-D309-4BD8-BA18-A107F6F5948E} - System32\Tasks\{077AA7A5-1BD3-4EFA-ABDB-DFB6174D3071} => C:\NVIDIA\DisplayDriver\326.01\Win8_WinVista_Win7\International\Display.Driver\NvCplSetupInt.exe
Task: {C11C6FBD-A367-4737-8923-386DAD5DC884} - System32\Tasks\{B15A5C3F-6909-4D9D-AEEA-7873D50CBFC1} => C:\Users\Nigel\AppData\Roaming\Easeware\DriverEasy\drivers\sqnb3bkh.g5k\13-4_vista_win7_win8_64_dd_ccc_whql.exe
Task: {C3F97A9C-6154-4CED-BFDC-028EF0188789} - System32\Tasks\{F153F805-2E31-4E5B-97C7-FD71BC0BEB55} => C:\NVIDIA\DisplayDriver\326.01\Win8_WinVista_Win7\International\Display.Driver\NvCplSetupInt.exe
Task: {C435B79A-12EE-4AF1-9117-FC0211600E4D} - System32\Tasks\{50FFBF50-AA52-4ED1-B6A2-ABE0AB7A1FA8} => C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe [2013-05-07] (ATI Technologies Inc.)
Task: {CF517E06-FF2E-40D8-90A8-38618541F7C7} - System32\Tasks\{25E512C9-6BF5-4F04-AD7A-771D90B5EA74} => C:\Program Files (x86)\AMD AVT\bin\kdbsync.exe [2012-11-27] ()
Task: {D7F7BD77-BA36-439A-912A-E42FFD28F48F} - System32\Tasks\{D8FD28E2-15C2-4D62-A60C-F8B55E46DD86} => C:\NVIDIA\DisplayDriver\326.01\Win8_WinVista_Win7\International\Display.Driver\NvCplSetupInt.exe
Task: {DDD4F934-C2EF-42A7-A324-93D7B98AF47E} - System32\Tasks\{9FBD2980-03DB-418A-8BE2-EFEF5DFC542B} => C:\NVIDIA\DisplayDriver\326.01\Win8_WinVista_Win7\International\Display.Driver\NvCplSetupInt.exe
Task: {DF1AD657-5EA2-47B0-98BF-F60D6C449CB5} - System32\Tasks\{74F22C14-D49E-46A3-89CB-999F91FAE2D9} => C:\Users\Nigel\Desktop\SetupBtwDownloadSE.exe
Task: {DF61FCD0-E3FE-4055-9FCD-C17C2A9196F3} - System32\Tasks\{5F84FB09-08A8-499F-B17F-7CCCA4EE158D} => C:\Users\Nigel\Desktop\System Drivers\SetupBtwDownloadSE.exe
Task: {E5004064-C3D0-4FB4-BC0E-D9653316B938} - System32\Tasks\{154733BA-4DA3-4301-AD83-0230D0C5461D} => C:\NVIDIA\DisplayDriver\326.01\Win8_WinVista_Win7\International\Display.Driver\NvCplSetupInt.exe
Task: {E605B7D6-DB52-4020-9B63-D4FB2ED3B067} - System32\Tasks\{FB5E2E38-F3B5-4A82-9033-18D3A4773C95} => C:\Users\Nigel\Desktop\SetupBtwDownloadSE.exe
Task: {E9FBC6F9-B382-4931-B10F-BE788B37743E} - System32\Tasks\{52EC31A4-035C-4281-B156-1FFA146BEFB5} => C:\Program Files (x86)\FVD Player\FVD Player.exe
Task: {EF39CFC0-6789-43E7-B770-1BD31EACB6A4} - System32\Tasks\{698C9EF4-C460-4000-8D89-333C6772CA58} => C:\Program Files (x86)\JMicron\JOHCI_DIR\setup.exe [2010-07-30] (JMicron Technology Corp.)
Task: {F0ADDC43-8010-4AD0-9C2A-3DCDF5A12CCD} - System32\Tasks\RealPlayerRealUpgradeScheduledTaskS-1-5-21-425073729-1472267466-4260431720-1000 => C:\Program Files (x86)\Real\RealUpgrade\RealUpgrade.exe [2013-10-25] (RealNetworks, Inc.)
Task: {FCA5B4FE-154E-4649-82C9-519B0DFFAEA0} - System32\Tasks\{EC9BF912-F05C-4B56-B200-82F74A037AD0} => C:\Program Files\Microsoft Silverlight\5.1.20125.0\Silverlight.Configuration.exe
Task: {FE0838BE-005B-4A21-A157-EEBC70F1FF49} - \GPUP No Task File <==== ATTENTION
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\CCleanerClean.job => C:\Program Files\CCleaner\CCleaner.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-425073729-1472267466-4260431720-1000Core.job => C:\Users\Nigel\AppData\Local\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-425073729-1472267466-4260431720-1000UA.job => C:\Users\Nigel\AppData\Local\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\ReclaimerUpdateFiles_Nigel.job => C:\Users\Nigel\AppData\Roaming\Real\Update\UpgradeHelper\RealPlayer\11.02\agent\rnupgagent.exe
Task: C:\Windows\Tasks\ReclaimerUpdateXML_Nigel.job => C:\Users\Nigel\AppData\Roaming\Real\Update\UpgradeHelper\RealPlayer\11.02\agent\rnupgagent.exe
Task: C:\Windows\Tasks\RNUpgradeHelperLogonPrompt_Nigel.job => C:\Users\Nigel\AppData\Roaming\Real\Update\UpgradeHelper\RealPlayer\11.02\agent\rnupgagent.exe
 
==================== Loaded Modules (whitelisted) =============
 
2013-03-19 17:05 - 2014-07-02 14:55 - 00116568 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax64.dll
2014-03-20 11:24 - 2014-03-20 11:24 - 00667808 _____ () C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSync\CoreSync_x64.dll
2013-09-05 01:17 - 2013-09-05 01:17 - 04300456 _____ () C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Cultures\OFFICE.ODF
2010-10-20 15:23 - 2010-10-20 15:23 - 08801632 _____ () C:\Program Files\Microsoft Office\Office14\1033\GrooveIntlResource.dll
2014-02-01 06:54 - 2007-09-02 14:58 - 00495616 _____ () C:\Program Files (x86)\RocketDock\RocketDock.exe
2014-01-20 14:17 - 2014-01-20 14:17 - 00073544 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll
2014-01-20 14:16 - 2014-01-20 14:16 - 01044808 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll
2014-02-01 06:54 - 2007-09-02 14:57 - 00069632 _____ () C:\Program Files (x86)\RocketDock\RocketDock.dll
2013-09-05 01:14 - 2013-09-05 01:14 - 04300456 _____ () C:\Program Files (x86)\Common Files\microsoft shared\OFFICE14\Cultures\OFFICE.ODF
2010-10-20 15:45 - 2010-10-20 15:45 - 08801120 _____ () C:\Program Files (x86)\Microsoft Office\Office14\1033\GrooveIntlResource.dll
2014-09-07 07:51 - 2014-08-29 22:49 - 01098056 _____ () C:\Program Files (x86)\Google\Chrome\Application\37.0.2062.103\libglesv2.dll
2014-09-07 07:51 - 2014-08-29 22:49 - 00174408 _____ () C:\Program Files (x86)\Google\Chrome\Application\37.0.2062.103\libegl.dll
2014-09-07 07:51 - 2014-08-29 22:49 - 08577864 _____ () C:\Program Files (x86)\Google\Chrome\Application\37.0.2062.103\pdf.dll
2014-09-07 07:51 - 2014-08-29 22:49 - 00331592 _____ () C:\Program Files (x86)\Google\Chrome\Application\37.0.2062.103\ppGoogleNaClPluginChrome.dll
2014-09-07 07:51 - 2014-08-29 22:49 - 01660232 _____ () C:\Program Files (x86)\Google\Chrome\Application\37.0.2062.103\ffmpegsumo.dll
2014-09-07 07:51 - 2014-08-29 22:49 - 14669128 _____ () C:\Program Files (x86)\Google\Chrome\Application\37.0.2062.103\PepperFlash\pepflashplayer.dll
 
==================== Alternate Data Streams (whitelisted) =========
 
(If an entry is included in the fixlist, only the Alternate Data Streams will be removed.)
 
AlternateDataStreams: C:\Windows\system32\Drivers\ktlxumic.sys:changelist
 
==================== Safe Mode (whitelisted) ===================
 
(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
 
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\IMFservice => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\WRkrn => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\WRSVC => ""="Service"
 
==================== EXE Association (whitelisted) =============
 
(If an entry is included in the fixlist, the default will be restored. None default entries will be removed.)
 
HKU\.DEFAULT\Software\Classes\.exe: exefile => "%1" %* <===== ATTENTION!
HKU\.DEFAULT\Software\Classes\exefile: "%1" %* <===== ATTENTION!
HKU\S-1-5-19\Software\Classes\.exe: exefile => "%1" %* <===== ATTENTION!
HKU\S-1-5-19\Software\Classes\exefile: "%1" %* <===== ATTENTION!
HKU\S-1-5-20\Software\Classes\.exe: exefile => "%1" %* <===== ATTENTION!
HKU\S-1-5-20\Software\Classes\exefile: "%1" %* <===== ATTENTION!
HKU\S-1-5-21-425073729-1472267466-4260431720-1000\Software\Classes\.exe: exefile =>  <===== ATTENTION!
HKU\S-1-5-21-425073729-1472267466-4260431720-1000\Software\Classes\exefile:  <===== ATTENTION!
 
==================== MSCONFIG/TASK MANAGER disabled items =========
 
(Currently there is no automatic fix for this section.)
 
MSCONFIG\Services: ASCAntivirusSrv => 2
MSCONFIG\Services: Bluetooth Device Monitor => 2
MSCONFIG\Services: Bluetooth Media Service => 2
MSCONFIG\Services: Bluetooth OBEX Service => 2
MSCONFIG\Services: btwdins => 2
MSCONFIG\Services: DefaultTabSearch => 2
MSCONFIG\Services: DefaultTabUpdate => 2
MSCONFIG\Services: Fax => 3
MSCONFIG\Services: hshld => 2
MSCONFIG\Services: HssTrayService => 3
MSCONFIG\Services: HssWd => 2
MSCONFIG\Services: IMFservice => 2
MSCONFIG\Services: RealNetworks Downloader Resolver Service => 3
MSCONFIG\Services: RealPlayer Desktop Service => 3
MSCONFIG\Services: RealPlayerUpdateSvc => 3
MSCONFIG\Services: WRSVC => 2
MSCONFIG\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^Install Webroot IE RunOnce.lnk => C:\Windows\pss\Install Webroot IE RunOnce.lnk.CommonStartup
MSCONFIG\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^LaunchU3.exe.lnk => C:\Windows\pss\LaunchU3.exe.lnk.CommonStartup
MSCONFIG\startupfolder: C:^Users^Nigel^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^A1Clean.lnk => C:\Windows\pss\A1Clean.lnk.Startup
MSCONFIG\startupfolder: C:^Users^Nigel^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^JustCloud.lnk => C:\Windows\pss\JustCloud.lnk.Startup
MSCONFIG\startupfolder: C:^Users^Nigel^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^Microsoft SharePoint Workspace.lnk => C:\Windows\pss\Microsoft SharePoint Workspace.lnk.Startup
MSCONFIG\startupreg: Acrobat Assistant 8.0 => c:\program files (x86)\adobe\acrobat 11.0\acrobat\acrotray.exe
MSCONFIG\startupreg: Adobe ARM => "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
MSCONFIG\startupreg: Adobe Creative Cloud => "C:\Program Files (x86)\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe" --showwindow=false --onOSstartup=true
MSCONFIG\startupreg: AdobeAAMUpdater-1.0 => c:\program files (x86)\common files\adobe\oobe\pdapp\uwa\updaterstartuputility.exe
MSCONFIG\startupreg: AdobeCS5.5ServiceManager => "C:\Program Files (x86)\Common Files\Adobe\CS5.5ServiceManager\CS5.5ServiceManager.exe" -launchedbylogin
MSCONFIG\startupreg: Apoint => 
MSCONFIG\startupreg: Bench Communicator Watcher => 
MSCONFIG\startupreg: Bench Settings Cleaner => 
MSCONFIG\startupreg: BService => 
MSCONFIG\startupreg: BService64 => 
MSCONFIG\startupreg: CCleaner Monitoring => "C:\Program Files\CCleaner\CCleaner64.exe" /MONITOR
MSCONFIG\startupreg: IObit Malware Fighter => 
MSCONFIG\startupreg: mmonitor => C:\Program Files (x86)\Anvisoft\Cloud System Booster\extentions\toolbox\Anvi RAM Booster\Anvi_RAM_Booster.exe hide=1
MSCONFIG\startupreg: OfficeSyncProcess => "C:\Program Files\Microsoft Office\Office14\MSOSYNC.EXE"
MSCONFIG\startupreg: SearchProtection => 
MSCONFIG\startupreg: swg => c:\program files (x86)\google\googletoolbarnotifier\googletoolbarnotifier.exe
MSCONFIG\startupreg: SwitchBoard => C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe
MSCONFIG\startupreg: uTorrent => "C:\Users\Nigel\AppData\Roaming\uTorrent\uTorrent.exe"  /MINIMIZED
MSCONFIG\startupreg: VideoDownloaderUltimate => C:\ProgramData\VideoDownloaderUltimateWinApp\VideoDownloaderUltimate.exe /repair
MSCONFIG\startupreg: Wd => 
MSCONFIG\startupreg: WRSVC => 
 
========================= Accounts: ==========================
 
Administrator (S-1-5-21-425073729-1472267466-4260431720-500 - Administrator - Disabled)
fbwuser (S-1-5-21-425073729-1472267466-4260431720-1009 - Limited - Enabled)
Guest (S-1-5-21-425073729-1472267466-4260431720-501 - Limited - Disabled) => C:\Users\Guest
Nigel (S-1-5-21-425073729-1472267466-4260431720-1000 - Administrator - Enabled) => C:\Users\Nigel
 
==================== Faulty Device Manager Devices =============
 
Name: AntiLog32
Description: AntiLog32
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer: 
Service: AntiLog32
Problem: : This device is not present, is not working properly, or does not have all its drivers installed. (Code 24)
Resolution: The device is installed incorrectly. The problem could be a hardware failure, or a new driver might be needed.
Devices stay in this state if they have been prepared for removal.
After you remove the device, this error disappears.Remove the device, and this error should be resolved.
 
Name: Microsoft PS/2 Mouse
Description: Microsoft PS/2 Mouse
Class Guid: {4d36e96f-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: i8042prt
Problem: : This device is not present, is not working properly, or does not have all its drivers installed. (Code 24)
Resolution: The device is installed incorrectly. The problem could be a hardware failure, or a new driver might be needed.
Devices stay in this state if they have been prepared for removal.
After you remove the device, this error disappears.Remove the device, and this error should be resolved.
 
Name: SASDIFSV
Description: SASDIFSV
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer: 
Service: SASDIFSV
Problem: : This device is not present, is not working properly, or does not have all its drivers installed. (Code 24)
Resolution: The device is installed incorrectly. The problem could be a hardware failure, or a new driver might be needed.
Devices stay in this state if they have been prepared for removal.
After you remove the device, this error disappears.Remove the device, and this error should be resolved.
 
Name: SASKUTIL
Description: SASKUTIL
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer: 
Service: SASKUTIL
Problem: : This device is not present, is not working properly, or does not have all its drivers installed. (Code 24)
Resolution: The device is installed incorrectly. The problem could be a hardware failure, or a new driver might be needed.
Devices stay in this state if they have been prepared for removal.
After you remove the device, this error disappears.Remove the device, and this error should be resolved.
 
 
==================== Event log errors: =========================
 
Application errors:
==================
Error: (10/18/2014 09:49:25 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Client application bug: DNSServiceResolve(60:c5:47:d2:e5:[email protected]::62c5:47ff:fed2:e5ca._apple-mobdev._tcp.local.) active for over two minutes. This places considerable burden on the network.
 
Error: (10/18/2014 09:49:25 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Client application bug: DNSServiceResolve(60:c5:47:d2:e5:[email protected]::62c5:47ff:fed2:e5ca._apple-mobdev._tcp.local.) active for over two minutes. This places considerable burden on the network.
 
Error: (10/18/2014 09:47:13 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: ERROR: handle_resolve_request bad interfaceIndex 24
 
Error: (10/18/2014 09:47:13 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: ERROR: handle_resolve_request bad interfaceIndex 23
 
Error: (10/18/2014 09:47:13 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: ERROR: handle_resolve_request bad interfaceIndex 22
 
Error: (10/18/2014 09:47:13 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: ERROR: handle_resolve_request bad interfaceIndex 21
 
Error: (10/18/2014 09:47:13 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: ERROR: handle_resolve_request bad interfaceIndex 20
 
Error: (10/18/2014 09:47:13 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: ERROR: handle_resolve_request bad interfaceIndex 19
 
Error: (10/18/2014 09:47:13 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: ERROR: handle_resolve_request bad interfaceIndex 18
 
Error: (10/18/2014 09:47:13 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: ERROR: handle_resolve_request bad interfaceIndex 17
 
 
System errors:
=============
Error: (10/17/2014 02:17:49 PM) (Source: Microsoft Antimalware) (EventID: 2001) (User: )
Description: %NT AUTHORITY60 has encountered an error trying to update signatures.
 
New Signature Version: 
 
Previous Signature Version: 1.185.3447.0
 
Update Source: %NT AUTHORITY59
 
Update Stage: 4.6.0305.00
 
Source Path: 4.6.0305.01
 
Signature Type: %NT AUTHORITY602
 
Update Type: %NT AUTHORITY604
 
User: NT AUTHORITY\SYSTEM
 
Current Engine Version: %NT AUTHORITY605
 
Previous Engine Version: %NT AUTHORITY606
 
Error code: %NT AUTHORITY607
 
Error description: %NT AUTHORITY608
 
Error: (10/17/2014 02:17:49 PM) (Source: Microsoft Antimalware) (EventID: 2001) (User: )
Description: %NT AUTHORITY60 has encountered an error trying to update signatures.
 
New Signature Version: 
 
Previous Signature Version: 1.185.3447.0
 
Update Source: %NT AUTHORITY59
 
Update Stage: 4.6.0305.00
 
Source Path: 4.6.0305.01
 
Signature Type: %NT AUTHORITY602
 
Update Type: %NT AUTHORITY604
 
User: NT AUTHORITY\SYSTEM
 
Current Engine Version: %NT AUTHORITY605
 
Previous Engine Version: %NT AUTHORITY606
 
Error code: %NT AUTHORITY607
 
Error description: %NT AUTHORITY608
 
Error: (10/17/2014 02:07:29 PM) (Source: Microsoft Antimalware) (EventID: 2001) (User: )
Description: %NT AUTHORITY60 has encountered an error trying to update signatures.
 
New Signature Version: 
 
Previous Signature Version: 1.185.3447.0
 
Update Source: %NT AUTHORITY59
 
Update Stage: 4.6.0305.00
 
Source Path: 4.6.0305.01
 
Signature Type: %NT AUTHORITY602
 
Update Type: %NT AUTHORITY604
 
User: NT AUTHORITY\SYSTEM
 
Current Engine Version: %NT AUTHORITY605
 
Previous Engine Version: %NT AUTHORITY606
 
Error code: %NT AUTHORITY607
 
Error description: %NT AUTHORITY608
 
Error: (10/17/2014 02:07:29 PM) (Source: Microsoft Antimalware) (EventID: 2001) (User: )
Description: %NT AUTHORITY60 has encountered an error trying to update signatures.
 
New Signature Version: 
 
Previous Signature Version: 1.185.3447.0
 
Update Source: %NT AUTHORITY59
 
Update Stage: 4.6.0305.00
 
Source Path: 4.6.0305.01
 
Signature Type: %NT AUTHORITY602
 
Update Type: %NT AUTHORITY604
 
User: NT AUTHORITY\SYSTEM
 
Current Engine Version: %NT AUTHORITY605
 
Previous Engine Version: %NT AUTHORITY606
 
Error code: %NT AUTHORITY607
 
Error description: %NT AUTHORITY608
 
Error: (10/17/2014 02:02:33 PM) (Source: Service Control Manager) (EventID: 7011) (User: )
Description: A timeout (30000 milliseconds) was reached while waiting for a transaction response from the szserver service.
 
Error: (10/17/2014 01:51:42 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: The LiveUpdate service terminated unexpectedly.  It has done this 1 time(s).
 
Error: (10/17/2014 01:51:38 PM) (Source: Service Control Manager) (EventID: 7026) (User: )
Description: The following boot-start or system-start driver(s) failed to load: 
amdkmafd
is3srv
SASDIFSV
SASKUTIL
 
Error: (10/17/2014 01:51:38 PM) (Source: Service Control Manager) (EventID: 7022) (User: )
Description: The Diagnostic Service Host service hung on starting.
 
Error: (10/17/2014 01:49:31 PM) (Source: SNMP) (EventID: 1500) (User: )
Description: The SNMP Service encountered an error while accessing the registry key SYSTEM\CurrentControlSet\Services\SNMP\Parameters\TrapConfiguration.
 
Error: (10/17/2014 01:46:33 PM) (Source: BTHUSB) (EventID: 5) (User: )
Description: The Bluetooth driver expected an HCI event with a certain size but did not receive it.
 
 
Microsoft Office Sessions:
=========================
Error: (10/18/2014 09:49:25 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Client application bug: DNSServiceResolve(60:c5:47:d2:e5:[email protected]::62c5:47ff:fed2:e5ca._apple-mobdev._tcp.local.) active for over two minutes. This places considerable burden on the network.
 
Error: (10/18/2014 09:49:25 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Client application bug: DNSServiceResolve(60:c5:47:d2:e5:[email protected]::62c5:47ff:fed2:e5ca._apple-mobdev._tcp.local.) active for over two minutes. This places considerable burden on the network.
 
Error: (10/18/2014 09:47:13 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: ERROR: handle_resolve_request bad interfaceIndex 24
 
Error: (10/18/2014 09:47:13 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: ERROR: handle_resolve_request bad interfaceIndex 23
 
Error: (10/18/2014 09:47:13 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: ERROR: handle_resolve_request bad interfaceIndex 22
 
Error: (10/18/2014 09:47:13 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: ERROR: handle_resolve_request bad interfaceIndex 21
 
Error: (10/18/2014 09:47:13 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: ERROR: handle_resolve_request bad interfaceIndex 20
 
Error: (10/18/2014 09:47:13 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: ERROR: handle_resolve_request bad interfaceIndex 19
 
Error: (10/18/2014 09:47:13 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: ERROR: handle_resolve_request bad interfaceIndex 18
 
Error: (10/18/2014 09:47:13 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: ERROR: handle_resolve_request bad interfaceIndex 17
 
 
==================== Memory info =========================== 
 
Processor: AMD Athlon™ 7450 Dual-Core Processor
Percentage of memory in use: 46%
Total physical RAM: 8191.3 MB
Available physical RAM: 4353.17 MB
Total Pagefile: 20473.48 MB
Available Pagefile: 15278.39 MB
Total Virtual: 8192 MB
Available Virtual: 8191.83 MB
 
==================== Drives ================================
 
Drive c: (New Volume) (Fixed) (Total:298.09 GB) (Free:136.02 GB) NTFS ==>[Drive with boot components (obtained from BCD)]
Drive f: (U3 System) (CDROM) (Total:0.01 GB) (Free:0 GB) CDFS
Drive g: (NIGEL SYS) (Removable) (Total:3.73 GB) (Free:2.43 GB) FAT32
Drive h: (PKBACK# 001) (Removable) (Total:7.47 GB) (Free:0.49 GB) FAT32
Drive k: () (Fixed) (Total:465.76 GB) (Free:205.98 GB) NTFS
 
==================== MBR & Partition Table ==================
 
========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 298.1 GB) (Disk ID: D93C5615)
Partition 1: (Active) - (Size=298.1 GB) - (Type=07 NTFS)
 
========================================================
Disk: 1 (Size: 465.8 GB) (Disk ID: DD63B194)
Partition 1: (Not Active) - (Size=465.8 GB) - (Type=42)
 
========================================================
Disk: 7 (MBR Code: Windows XP) (Size: 3.7 GB) (Disk ID: C3072E18)
Partition 1: (Active) - (Size=3.7 GB) - (Type=0C)
 
========================================================
Disk: 8 (Size: 7.5 GB) (Disk ID: FDBE976B)
Partition 1: (Not Active) - (Size=7.5 GB) - (Type=0B)
 
==================== End Of Log ============================

  • 0

Advertisements


#11
Naathim

Naathim

    GeekU Minion

  • Expert
  • 4,568 posts

Hi :)

 

I am not sure if I needed to post the results into my original post or as a reply

Always post a new reply.



ckscanner.jpg Scan with CKScanner

Download CKScanner by askey127 and save it to your desktop.

  • Right-click on ckscanner.jpg icon and select RunAsAdmin.jpg Run as Administrator to start the tool.
  • click Search For Files.
  • When finished, click Save List To File.
  • Remember to run this tool once only, if not asked to run it again.

Please include the content of CKFiles.txt in your next reply.


  • 0

#12
nfmaharaj

nfmaharaj

    Member

  • Topic Starter
  • Member
  • PipPip
  • 44 posts
CKScanner 2.4 - Additional Security Risks - These are not necessarily bad
c:\program files (x86)\revo uninstaller pro 3.0.7 final (x86-x64) ml - scenedl  (pimprg)\medicine\crack\x64\revoappbar.exe
c:\program files (x86)\revo uninstaller pro 3.0.7 final (x86-x64) ml - scenedl  (pimprg)\medicine\crack\x64\revouninpro.exe
c:\program files (x86)\revo uninstaller pro 3.0.7 final (x86-x64) ml - scenedl  (pimprg)\medicine\crack\x86\revoappbar.exe
c:\program files (x86)\revo uninstaller pro 3.0.7 final (x86-x64) ml - scenedl  (pimprg)\medicine\crack\x86\revouninpro.exe
c:\users\nigel\appdata\local\torch\user data\default\local storage\http_m.cracks.me.uk_0.localstorage
c:\users\nigel\appdata\local\torch\user data\default\local storage\http_m.cracks.me.uk_0.localstorage-journal
c:\users\nigel\appdata\local\torch\user data\default\local storage\http_reimage-1.2.9.7-crack-serial.ddlzone.com_0.localstorage
c:\users\nigel\appdata\local\torch\user data\default\local storage\http_reimage-1.2.9.7-crack-serial.ddlzone.com_0.localstorage-journal
c:\users\nigel\appdata\local\torch\user data\default\local storage\http_www.crackinn.com_0.localstorage
c:\users\nigel\appdata\local\torch\user data\default\local storage\http_www.crackinn.com_0.localstorage-journal
c:\users\nigel\appdata\local\torch\user data\default\local storage\http_www.keygenguru.com_0.localstorage
c:\users\nigel\appdata\local\torch\user data\default\local storage\http_www.keygenguru.com_0.localstorage-journal
c:\users\nigel\appdata\roaming\utorrent\ccleaner v4.18.4844 business & professional edition incl. crack [atom].torrent
c:\users\nigel\appdata\roaming\utorrent\crack tools [hiew v8.10 + softice v4.05 + w32dasm v8.93].rar.torrent
c:\users\nigel\downloads\software\ccleaner v4.18.4844 business & professional edition incl. crack [atom]\atom.install.notes.readme.txt
c:\users\nigel\downloads\software\ccleaner v4.18.4844 business & professional edition incl. crack [atom]\ccsetup418.exe
c:\users\nigel\downloads\software\ccleaner v4.18.4844 business & professional edition incl. crack [atom]\business edition crack\branding.dll
c:\users\nigel\downloads\software\ccleaner v4.18.4844 business & professional edition incl. crack [atom]\business edition crack\ccleaner.dat
c:\users\nigel\downloads\software\ccleaner v4.18.4844 business & professional edition incl. crack [atom]\professional edition crack\branding.dll
c:\users\nigel\downloads\software\ccleaner v4.18.4844 business & professional edition incl. crack [atom]\professional edition crack\ccleaner.dat
c:\users\nigel\favorites\links\imported from ie\phone\cydia sources\top 5 cydia repos to find cracked iphone apps.url
c:\users\nigel\favorites\links\imported from ie\phone\cydia sources\top 5 websites to download cracked .ipa apps for iphone & ipod.url
c:\users\nigel\favorites\links\imported from ie\phone\iphone\tutorial - how to crack an application.url
hosts 127.0.0.1 activate.adobe.com
hosts 127.0.0.1 3dns-3.adobe.com
hosts 127.0.0.1 adobe-dns-2.adobe.com
hosts 127.0.0.1 adobe-dns-3.adobe.com
hosts 127.0.0.1 ereg.wip3.adobe.com
hosts 127.0.0.1 activate-sea.adobe.com
hosts 127.0.0.1 wip3.adobe.com
hosts 127.0.0.1 wwis-dubc1-vip60.adobe.com
hosts 127.0.0.1 activate-sjc0.adobe.com
hosts 127.0.0.1 practivate.adobe.com
hosts 127.0.0.1 ereg.adobe.com
hosts 127.0.0.1 activate.wip3.adobe.com
hosts 127.0.0.1 3dns-2.adobe.com
hosts 127.0.0.1 adobe-dns.adobe.com
scanner sequence 3.ZZ.11.XOAPSZ
 ----- EOF ----- 

  • 0

#13
Naathim

Naathim

    GeekU Minion

  • Expert
  • 4,568 posts
Hi,

With regards, but you are using illegally obtained software.
 
Let me remind you the terms of use you agreed to abide when becoming the member of this forum:

The posting of links or references to warez or any other type of illegal software is strictly forbidden. By doing so you risk having your user account terminated without warning. We will NOT help anyone we suspect of having obtained their software or services illegally.

 
If you wish to continue with my assistance, you need to remove all illegal software from your machine.
  • 0

#14
nfmaharaj

nfmaharaj

    Member

  • Topic Starter
  • Member
  • PipPip
  • 44 posts

Naat, could you give me the names of the illegal software so I could remove them


  • 0

#15
Naathim

Naathim

    GeekU Minion

  • Expert
  • 4,568 posts

Hi,
 
For sure:
- revo uninstaller pro
- ccleaner
- Reimage Express
 
And some Adobe software. I suspect Adobe Acrobat XI Pro and Adobe Photoshop CS5.1
 
I'd also like to see an additional report:


MGADiag.png Scan with MGADiag

Need to check one more thing.

  • Please download MGADiag by Microsoft and save it to your desktop.
  • Double-click on MGADiag.png icon to start the tool.
  • Press Continue when prompted.
  • When it has finished, press Copy.
  • Press the WindowsKey.png + R on your keyboard at the same time. Type Notepad and click OK.
  • Paste (Ctrl+V) this into notepad and save to your desktop.

Include that report in your reply.


  • 0






Similar Topics


Also tagged with one or more of these keywords: Systems, Slow response, browser

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP