Hello I recently got infected by this file http://goo.gl/YNGP8A - Dont open will get infected.
Anyway as soon as i opened the file nothing happened. But then suddenly malwarebytes kept giving me notifications saying it had quarantined a certain file. so i check my quarantined files and it shows multiple of the same file which keeps on comming up and being quarantined
Anyway i did a malwarebytes scan and it showed me this
i applied actions, but then again the same file kept coming up saying it has been quarantined (sorry for bad spelling)
Anyway i looked up for some help and it suggested i try Junkware removal tool, so i tried that, did not solve the problem, so i tried adwcleaner, which still did not help so i downloaded Rouge killer and that aswell did not solve my problem. I am Still Infected!
Also my computer has been getting slower ever since and also my webcam turned on randomly for 1 minute then went off, so i maybe assuming a RAT? remote administration tool?
anyway please help me
OTL log
OTL logfile created on: 15/12/2014 6:49:57 AM - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Jordan\Downloads
64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.11.9600.17501)
Locale: 00000C09 | Country: Australia | Language: ENA | Date Format: d/MM/yyyy
7.90 Gb Total Physical Memory | 4.17 Gb Available Physical Memory | 52.79% Memory free
15.81 Gb Paging File | 11.44 Gb Available in Paging File | 72.36% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 677.56 Gb Total Space | 366.00 Gb Free Space | 54.02% Space Free | Partition Type: NTFS
Drive D: | 20.78 Gb Total Space | 2.24 Gb Free Space | 10.79% Space Free | Partition Type: NTFS
Drive E: | 6.51 Gb Total Space | 0.00 Gb Free Space | 0.00% Space Free | Partition Type: UDF
Computer Name: JORDAN-HP | User Name: Jordan | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Quick Scan | Include 64bit Scans
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days
========== Processes (SafeList) ==========
PRC - File not found --
PRC - [2014/12/15 06:45:57 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Jordan\Downloads\OTL.exe
PRC - [2014/12/13 21:32:05 | 001,378,640 | ---- | M] (BitTorrent Inc.) -- C:\Users\Jordan\AppData\Roaming\uTorrent\uTorrent.exe
PRC - [2014/12/11 03:41:07 | 001,880,752 | ---- | M] (Adobe Systems, Inc.) -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_15_0_0_246.exe
PRC - [2014/12/09 20:47:31 | 000,337,520 | ---- | M] (Mozilla Corporation) -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe
PRC - [2014/11/21 06:12:56 | 000,969,016 | ---- | M] (Malwarebytes Corporation) -- C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe
PRC - [2014/11/21 06:12:54 | 001,871,160 | ---- | M] (Malwarebytes Corporation) -- C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe
PRC - [2014/11/21 06:12:46 | 007,229,752 | ---- | M] (Malwarebytes Corporation) -- C:\Program Files (x86)\Malwarebytes Anti-Malware\mbam.exe
PRC - [2014/09/19 22:39:03 | 001,245,752 | ---- | M] (Spotify Ltd) -- C:\Users\Jordan\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe
PRC - [2014/07/11 15:47:50 | 000,093,184 | ---- | M] (Microsoft) -- C:\Program Files (x86)\spotflux\services\SpotfluxConnectionManager.exe
PRC - [2014/07/11 15:47:50 | 000,020,992 | ---- | M] (Microsoft) -- C:\Program Files (x86)\spotflux\services\SpotfluxUpdateService.exe
PRC - [2014/02/25 19:38:48 | 000,105,448 | ---- | M] (Razer Inc.) -- C:\Program Files (x86)\Razer\Razer Game Booster\RzKLService.exe
PRC - [2013/06/12 16:56:44 | 000,076,888 | ---- | M] () -- C:\Windows\SysWOW64\PnkBstrA.exe
PRC - [2013/05/25 03:16:05 | 000,421,632 | ---- | M] () -- C:\Program Files (x86)\4G Hostless Modem\TELSTRA PRE-PAID 4G USB\CheckNDISPort_df.exe
PRC - [2013/04/20 00:21:53 | 000,440,648 | ---- | M] () -- C:\Program Files (x86)\4G Hostless Modem\TELSTRA PRE-PAID 4G USB\CancelAutoPlay_df.exe
PRC - [2012/12/13 02:02:57 | 000,291,608 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel® USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe
PRC - [2012/11/05 16:14:34 | 001,343,904 | ---- | M] (Hewlett-Packard Development Company, L.P.) -- C:\Program Files (x86)\Hewlett-Packard\HP CoolSense\CoolSense.exe
PRC - [2012/06/16 12:24:19 | 000,138,272 | R--- | M] (Symantec Corporation) -- C:\Program Files (x86)\Norton Internet Security\Engine\19.9.1.14\ccsvchst.exe
PRC - [2012/03/05 13:38:38 | 000,578,944 | ---- | M] (Hewlett-Packard Development Company, L.P.) -- C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPMSGSVC.exe
PRC - [2012/03/05 13:38:38 | 000,035,200 | ---- | M] (Hewlett-Packard Development Company, L.P.) -- C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPWMISVC.exe
PRC - [2011/12/17 06:37:30 | 000,363,800 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe
PRC - [2011/12/17 06:37:26 | 000,277,784 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe
PRC - [2011/12/17 06:37:18 | 000,128,280 | ---- | M] () -- C:\Program Files (x86)\Intel\Intel® Management Engine Components\FWService\IntelMeFWService.exe
PRC - [2011/12/17 06:37:10 | 000,161,560 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\Jhi_service.exe
PRC - [2011/12/06 10:00:50 | 000,148,768 | ---- | M] (Broadcom Corporation.) -- C:\Program Files\WIDCOMM\Bluetooth Software\Bluetooth Headset Helper.exe
PRC - [2011/12/03 05:18:16 | 001,000,288 | ---- | M] (Evernote Corp., 333 W Evelyn Ave. Mountain View, CA 94041) -- C:\Program Files (x86)\Evernote\Evernote\EvernoteClipper.exe
PRC - [2011/11/30 13:04:56 | 000,013,592 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe
PRC - [2011/11/29 08:08:00 | 000,136,488 | ---- | M] (CyberLink) -- C:\Program Files (x86)\CyberLink\YouCam\YCMMirage.exe
PRC - [2011/08/20 08:48:44 | 000,379,960 | ---- | M] (Hewlett-Packard Development Company, L.P.) -- C:\Program Files (x86)\Hewlett-Packard\HP On Screen Display\HPOSD.exe
PRC - [2011/06/07 06:55:28 | 000,064,952 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
PRC - [2010/11/21 13:24:03 | 000,302,592 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\cmd.exe
PRC - [2009/12/02 22:23:38 | 000,209,768 | ---- | M] (Microsoft Corporation) -- C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe
PRC - [2009/12/02 22:23:32 | 000,483,688 | ---- | M] (Microsoft Corporation) -- C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe
PRC - [2009/07/14 11:14:42 | 000,027,136 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\timeout.exe
========== Modules (No Company Name) ==========
MOD - [2014/12/11 03:41:07 | 016,841,392 | ---- | M] () -- C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_15_0_0_246.dll
MOD - [2014/12/09 20:47:31 | 003,758,192 | ---- | M] () -- C:\Program Files (x86)\Mozilla Firefox\mozjs.dll
MOD - [2014/11/14 16:01:22 | 001,669,632 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\Microsoft.VisualBas#\bb21380c3d4870a81038f30e1a00bcd5\Microsoft.VisualBasic.ni.dll
MOD - [2014/10/16 22:12:48 | 001,051,136 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Management\99cdfef98595ed91f14936cf52a49c54\System.Management.ni.dll
MOD - [2014/10/16 15:21:46 | 012,435,968 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\1453d9e9a4989833ef3db4b22549ba1a\System.Windows.Forms.ni.dll
MOD - [2014/10/16 15:21:38 | 001,593,344 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Drawing\836e10dfd0811b303553216f5cb092ef\System.Drawing.ni.dll
MOD - [2014/10/16 15:21:32 | 005,467,648 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Xml\d49908aa93a23c84847b1f8b1b667860\System.Xml.ni.dll
MOD - [2014/10/16 15:21:29 | 000,978,432 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Configuration\237d509a79aeef6e4635b09450d98f2a\System.Configuration.ni.dll
MOD - [2014/10/16 15:21:06 | 007,991,808 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System\908ba9e296e92b4e14bdc2437edac603\System.ni.dll
MOD - [2014/09/10 20:26:19 | 011,497,984 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\mscorlib\38bf604432e1a30c954b2ee40d6a2d1c\mscorlib.ni.dll
MOD - [2013/05/25 03:16:05 | 000,421,632 | ---- | M] () -- C:\Program Files (x86)\4G Hostless Modem\TELSTRA PRE-PAID 4G USB\CheckNDISPort_df.exe
MOD - [2013/04/20 00:21:53 | 000,440,648 | ---- | M] () -- C:\Program Files (x86)\4G Hostless Modem\TELSTRA PRE-PAID 4G USB\CancelAutoPlay_df.exe
MOD - [2011/09/01 09:44:40 | 000,315,392 | ---- | M] () -- C:\Program Files (x86)\Evernote\Evernote\libtidy.dll
MOD - [2011/09/01 09:44:38 | 000,433,664 | ---- | M] () -- C:\Program Files (x86)\Evernote\Evernote\libxml2.dll
MOD - [2010/01/21 01:34:10 | 008,793,952 | ---- | M] () -- C:\Program Files (x86)\Microsoft Office\Office14\1033\GrooveIntlResource.dll
MOD - [2010/01/09 20:18:18 | 004,254,560 | ---- | M] () -- C:\Program Files (x86)\Common Files\microsoft shared\OFFICE14\Cultures\OFFICE.ODF
========== Services (SafeList) ==========
SRV:64bit: - [2014/11/22 12:35:29 | 000,114,688 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\IEEtwCollector.exe -- (IEEtwCollectorService)
SRV:64bit: - [2013/05/27 15:50:47 | 001,011,712 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV:64bit: - [2012/12/13 02:13:09 | 000,314,880 | ---- | M] (IDT, Inc.) [Auto | Running] -- C:\Program Files\IDT\WDM\stacsv64.exe -- (STacSV)
SRV:64bit: - [2012/09/24 13:40:56 | 000,031,040 | ---- | M] (Hewlett-Packard Company) [Auto | Running] -- C:\Windows\SysNative\hpservice.exe -- (hpsrv)
SRV:64bit: - [2012/03/01 10:07:58 | 000,235,520 | ---- | M] (AMD) [Auto | Running] -- C:\Windows\SysNative\atiesrxx.exe -- (AMD External Events Utility)
SRV:64bit: - [2011/12/09 09:38:24 | 000,607,456 | ---- | M] (Intel® Corporation) [Auto | Running] -- C:\Program Files\Intel\iCLS Client\HeciServer.exe -- (Intel®
SRV:64bit: - [2011/12/06 09:59:58 | 001,084,192 | ---- | M] (Broadcom Corporation.) [Auto | Running] -- C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe -- (btwdins)
SRV:64bit: - [2010/10/11 20:48:14 | 000,346,168 | ---- | M] (Hewlett-Packard Company) [Auto | Running] -- C:\Program Files\Hewlett-Packard\HP Client Services\HPClientServices.exe -- (HPClientSvc)
SRV:64bit: - [2010/09/23 12:10:10 | 000,057,184 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Program Files\Windows Live\Mesh\wlcrasvc.exe -- (wlcrasvc)
SRV - [2014/12/12 03:11:47 | 000,174,112 | ---- | M] (EasyAntiCheat Ltd) [On_Demand | Stopped] -- C:\Windows\SysWOW64\EasyAntiCheat.exe -- (EasyAntiCheat)
SRV - [2014/12/11 03:41:07 | 000,267,440 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)
SRV - [2014/12/09 20:47:31 | 000,114,800 | ---- | M] (Mozilla Foundation) [On_Demand | Stopped] -- C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance)
SRV - [2014/11/21 06:12:56 | 000,969,016 | ---- | M] (Malwarebytes Corporation) [Auto | Running] -- C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe -- (MBAMService)
SRV - [2014/11/21 06:12:54 | 001,871,160 | ---- | M] (Malwarebytes Corporation) [Auto | Running] -- C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe -- (MBAMScheduler)
SRV - [2014/11/19 06:23:34 | 000,833,728 | ---- | M] (Valve Corporation) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Steam\SteamService.exe -- (Steam Client Service)
SRV - [2014/07/11 15:47:50 | 000,093,184 | ---- | M] (Microsoft) [Auto | Running] -- C:\Program Files (x86)\spotflux\services\SpotfluxConnectionManager.exe -- (SpotfluxConnectionManager)
SRV - [2014/07/11 15:47:50 | 000,020,992 | ---- | M] (Microsoft) [Auto | Running] -- C:\Program Files (x86)\spotflux\services\SpotfluxUpdateService.exe -- (SpotfluxUpdateService)
SRV - [2014/04/15 20:37:24 | 000,038,480 | ---- | M] () [On_Demand | Stopped] -- C:\Program Files (x86)\idcloak VPN\systray\routingservice.exe -- (idcloakRouting)
SRV - [2014/04/15 20:37:24 | 000,032,568 | ---- | M] (The OpenVPN Project) [On_Demand | Stopped] -- C:\Program Files (x86)\idcloak VPN\openvpn\openvpnserv.exe -- (idcloakVPN)
SRV - [2014/03/21 08:49:18 | 000,067,224 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32)
SRV - [2014/02/25 19:38:48 | 000,105,448 | ---- | M] (Razer Inc.) [Auto | Running] -- C:\Program Files (x86)\Razer\Razer Game Booster\RzKLService.exe -- (RzKLService)
SRV - [2013/11/04 18:31:56 | 000,092,160 | ---- | M] (Hewlett-Packard Company) [Auto | Running] -- C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSA_Service.exe -- (HP Support Assistant Service)
SRV - [2013/09/11 21:21:54 | 000,105,144 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32)
SRV - [2013/06/12 16:56:44 | 000,076,888 | ---- | M] () [Auto | Running] -- C:\Windows\SysWOW64\PnkBstrA.exe -- (PnkBstrA)
SRV - [2013/03/01 11:48:58 | 000,118,520 | ---- | M] (Riverbed Technology, Inc.) [On_Demand | Stopped] -- C:\Program Files (x86)\WinPcap\rpcapd.exe -- (rpcapd)
SRV - [2012/06/16 12:24:19 | 000,138,272 | R--- | M] (Symantec Corporation) [Auto | Running] -- C:\Program Files (x86)\Norton Internet Security\Engine\19.9.1.14\ccSvcHst.exe -- (NIS)
SRV - [2012/03/05 13:38:38 | 000,035,200 | ---- | M] (Hewlett-Packard Development Company, L.P.) [Auto | Running] -- C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPWMISVC.exe -- (HPWMISVC)
SRV - [2012/02/28 06:04:30 | 000,276,248 | ---- | M] (Intel Corporation) [On_Demand | Stopped] -- C:\Windows\SysWOW64\IntelCpHeciSvc.exe -- (cphs)
SRV - [2011/12/17 06:37:30 | 000,363,800 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe -- (UNS)
SRV - [2011/12/17 06:37:26 | 000,277,784 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe -- (LMS)
SRV - [2011/12/17 06:37:18 | 000,128,280 | ---- | M] () [Auto | Running] -- C:\Program Files (x86)\Intel\Intel® Management Engine Components\FWService\IntelMeFWService.exe -- (Intel®
SRV - [2011/12/17 06:37:10 | 000,161,560 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\Jhi_service.exe -- (jhi_service)
SRV - [2011/11/30 13:04:56 | 000,013,592 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe -- (IAStorDataMgrSvc)
SRV - [2011/06/07 06:55:28 | 000,064,952 | ---- | M] (Adobe Systems Incorporated) [Auto | Running] -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe -- (AdobeARMservice)
SRV - [2010/10/13 03:59:12 | 000,206,072 | ---- | M] (WildTangent, Inc.) [On_Demand | Stopped] -- C:\Program Files (x86)\WildTangent Games\App\GamesAppService.exe -- (GamesAppService)
SRV - [2009/12/02 22:23:38 | 000,209,768 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe -- (sftvsa)
SRV - [2009/12/02 22:23:32 | 000,483,688 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe -- (sftlist)
========== Driver Services (SafeList) ==========
DRV:64bit: - [2014/12/15 04:10:36 | 000,129,752 | ---- | M] (Malwarebytes Corporation) [File_System | Boot | Running] -- C:\Windows\SysNative\drivers\MBAMSwissArmy.sys -- (MBAMSwissArmy)
DRV:64bit: - [2014/12/13 20:48:21 | 000,035,064 | ---- | M] () [Kernel | On_Demand | Unknown] -- C:\Windows\SysNative\drivers\TrueSight.sys -- (TrueSight)
DRV:64bit: - [2014/11/21 06:14:22 | 000,063,704 | ---- | M] (Malwarebytes Corporation) [File_System | On_Demand | Running] -- C:\Windows\SysNative\drivers\mwac.sys -- (MBAMWebAccessControl)
DRV:64bit: - [2014/11/21 06:14:08 | 000,025,816 | ---- | M] (Malwarebytes Corporation) [File_System | On_Demand | Running] -- C:\Windows\SysNative\drivers\mbam.sys -- (MBAMProtector)
DRV:64bit: - [2014/07/11 15:47:50 | 000,060,160 | ---- | M] (NetFilterSDK.com) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\netfilter2.sys -- (netfilter2)
DRV:64bit: - [2014/04/15 20:37:24 | 000,040,664 | ---- | M] (The OpenVPN Project) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\tap0901.sys -- (tap0901)
DRV:64bit: - [2014/03/02 15:07:08 | 000,283,064 | ---- | M] (Disc Soft Ltd) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\dtsoftbus01.sys -- (dtsoftbus01)
DRV:64bit: - [2014/01/22 08:52:10 | 000,206,080 | ---- | M] (DEVGURU Co., LTD.(www.devguru.co.kr)) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ssudmdm.sys -- (ssudmdm)
DRV:64bit: - [2014/01/22 08:52:10 | 000,108,800 | ---- | M] (DEVGURU Co., LTD.(www.devguru.co.kr)) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ssudbus.sys -- (dg_ssudbus)
DRV:64bit: - [2013/05/29 09:12:28 | 000,039,104 | ---- | M] (Spotflux, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\tapSF0901.sys -- (tapSF0901)
DRV:64bit: - [2013/03/01 11:49:12 | 000,036,600 | ---- | M] (Riverbed Technology, Inc.) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\npf.sys -- (NPF)
DRV:64bit: - [2013/02/12 14:12:06 | 000,019,968 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\usb8023x.sys -- (usb_rndisx)
DRV:64bit: - [2013/02/12 14:12:05 | 000,019,968 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\usb80236.sys -- (usbrndis6)
DRV:64bit: - [2012/12/13 14:50:36 | 000,054,784 | ---- | M] (Apple, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\usbaapl64.sys -- (USBAAPL64)
DRV:64bit: - [2012/12/13 02:13:10 | 000,536,064 | ---- | M] (IDT, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\stwrt64.sys -- (STHDA)
DRV:64bit: - [2012/12/13 02:08:50 | 000,425,232 | ---- | M] (Synaptics Incorporated) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\SynTP.sys -- (SynTP)
DRV:64bit: - [2012/12/13 02:08:49 | 000,021,264 | ---- | M] (Synaptics Incorporated) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Smb_driver.sys -- (SmbDrv)
DRV:64bit: - [2012/12/13 02:02:57 | 000,786,200 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\iusb3xhc.sys -- (iusb3xhc)
DRV:64bit: - [2012/12/13 02:02:57 | 000,355,096 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\iusb3hub.sys -- (iusb3hub)
DRV:64bit: - [2012/12/13 02:02:57 | 000,016,152 | ---- | M] (Intel Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\iusb3hcs.sys -- (iusb3hcs)
DRV:64bit: - [2012/12/13 02:00:29 | 004,747,840 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\BCMWL664.SYS -- (BCM43XX)
DRV:64bit: - [2012/11/12 17:06:32 | 000,175,736 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\SYMEVENT64x86.SYS -- (SymEvent)
DRV:64bit: - [2012/09/24 13:40:56 | 000,043,840 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Accelerometer.sys -- (Accelerometer)
DRV:64bit: - [2012/09/24 13:40:56 | 000,031,040 | ---- | M] (Hewlett-Packard Company) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\hpdskflt.sys -- (hpdskflt)
DRV:64bit: - [2012/08/21 13:01:20 | 000,033,240 | ---- | M] (GEAR Software Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\GEARAspiWDM.sys -- (GEARAspiWDM)
DRV:64bit: - [2012/07/06 12:17:58 | 000,037,536 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\NISx64\1309010.00E\srtspx64.sys -- (SRTSPX)
DRV:64bit: - [2012/07/06 12:17:57 | 000,737,952 | ---- | M] (Symantec Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\NISx64\1309010.00E\srtsp64.sys -- (SRTSP)
DRV:64bit: - [2012/06/07 14:43:38 | 000,167,072 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\NISx64\1309010.00E\ccsetx64.sys -- (ccSet_NIS)
DRV:64bit: - [2012/05/22 11:37:12 | 001,129,120 | ---- | M] (Symantec Corporation) [File_System | On_Demand | Running] -- C:\Windows\SysNative\drivers\NISx64\1309010.00E\symefa64.sys -- (SymEFA)
DRV:64bit: - [2012/04/18 12:13:32 | 000,405,624 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\NISx64\1309010.00E\symnets.sys -- (SymNetS)
DRV:64bit: - [2012/04/18 11:42:14 | 000,190,072 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\NISx64\1309010.00E\ironx64.sys -- (SymIRON)
DRV:64bit: - [2012/03/01 16:46:16 | 000,023,408 | ---- | M] (Microsoft Corporation) [Recognizer | Boot | Unknown] -- C:\Windows\SysNative\drivers\fs_rec.sys -- (Fs_Rec)
DRV:64bit: - [2012/03/01 10:33:40 | 010,729,984 | ---- | M] (Advanced Micro Devices, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\atikmdag.sys -- (amdkmdag)
DRV:64bit: - [2012/03/01 09:05:32 | 000,328,192 | ---- | M] (Advanced Micro Devices, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\atikmpag.sys -- (amdkmdap)
DRV:64bit: - [2012/02/28 05:55:24 | 014,741,632 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\igdpmd64.sys -- (intelkmd)
DRV:64bit: - [2012/02/06 04:40:30 | 000,107,904 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata)
DRV:64bit: - [2012/02/06 04:40:30 | 000,027,008 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata)
DRV:64bit: - [2012/01/18 19:15:50 | 000,031,360 | ---- | M] (Advanced Micro Devices, Inc.) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdkmpfd.sys -- (amdkmpfd)
DRV:64bit: - [2011/12/06 21:23:08 | 000,331,264 | ---- | M] (Intel® Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\IntcDAud.sys -- (IntcDAud)
DRV:64bit: - [2011/12/03 15:52:44 | 000,620,584 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\btwampfl.sys -- (btwampfl)
DRV:64bit: - [2011/11/30 12:40:32 | 000,568,600 | ---- | M] (Intel Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\iaStor.sys -- (iaStor)
DRV:64bit: - [2011/11/10 19:04:14 | 000,060,184 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\HECIx64.sys -- (MEIx64)
DRV:64bit: - [2011/11/04 06:00:48 | 000,134,696 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\bcbtums.sys -- (bcbtums)
DRV:64bit: - [2011/09/22 09:33:50 | 000,258,664 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\RtsP2Stor.sys -- (RSP2STOR)
DRV:64bit: - [2011/08/24 15:57:24 | 000,565,352 | ---- | M] (Realtek ) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Rt64win7.sys -- (RTL8167)
DRV:64bit: - [2011/07/26 04:18:36 | 000,451,192 | R--- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\NISx64\1309010.00E\symds64.sys -- (SymDS)
DRV:64bit: - [2011/07/07 11:35:40 | 000,167,976 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\btwaudio.sys -- (btwaudio)
DRV:64bit: - [2011/06/24 04:59:28 | 000,178,728 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\btwavdt.sys -- (btwavdt)
DRV:64bit: - [2011/06/24 04:59:26 | 000,021,544 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\btwrchid.sys -- (btwrchid)
DRV:64bit: - [2011/05/21 15:49:36 | 000,089,640 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\btwdpan.sys -- (BTWDPAN)
DRV:64bit: - [2011/02/14 17:17:44 | 000,039,976 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\btwl2cap.sys -- (btwl2cap)
DRV:64bit: - [2010/11/21 13:24:33 | 000,059,392 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbFlt.sys -- (TsUsbFlt)
DRV:64bit: - [2010/11/21 13:23:47 | 000,109,056 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\sdbus.sys -- (sdbus)
DRV:64bit: - [2010/11/21 13:23:47 | 000,078,720 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD)
DRV:64bit: - [2010/11/21 13:23:47 | 000,031,232 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbGD.sys -- (TsUsbGD)
DRV:64bit: - [2010/07/29 02:13:50 | 000,031,088 | ---- | M] (CyberLink Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\clwvd.sys -- (clwvd)
DRV:64bit: - [2009/12/02 22:23:38 | 000,022,376 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Sftvollh.sys -- (Sftvol)
DRV:64bit: - [2009/12/02 22:23:34 | 000,025,960 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Running] -- C:\Windows\SysNative\drivers\Sftredirlh.sys -- (Sftredir)
DRV:64bit: - [2009/12/02 22:23:32 | 000,269,672 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Sftplaylh.sys -- (Sftplay)
DRV:64bit: - [2009/12/02 22:23:26 | 000,721,768 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Sftfslh.sys -- (Sftfs)
DRV:64bit: - [2009/09/03 16:30:20 | 000,128,512 | ---- | M] (Texas Instruments) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\tiehdusb.sys -- (TIEHDUSB)
DRV:64bit: - [2009/08/13 22:10:18 | 000,073,984 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\xusb21.sys -- (xusb21)
DRV:64bit: - [2009/07/14 11:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs)
DRV:64bit: - [2009/07/14 11:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2)
DRV:64bit: - [2009/07/14 11:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor)
DRV:64bit: - [2009/06/11 07:01:11 | 001,485,312 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\VSTDPV6.SYS -- (SrvHsfV92)
DRV:64bit: - [2009/06/11 07:01:11 | 000,740,864 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\VSTCNXT6.SYS -- (SrvHsfWinac)
DRV:64bit: - [2009/06/11 07:01:11 | 000,292,864 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\VSTAZL6.SYS -- (SrvHsfHDA)
DRV:64bit: - [2009/06/11 06:35:35 | 000,408,960 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\nvm62x64.sys -- (NVENETFD)
DRV:64bit: - [2009/06/11 06:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv)
DRV:64bit: - [2009/06/11 06:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv)
DRV:64bit: - [2009/06/11 06:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a)
DRV:64bit: - [2009/06/11 06:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir)
DRV:64bit: - [2008/05/06 16:06:00 | 000,014,464 | ---- | M] (Western Digital Technologies) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\wdcsam64.sys -- (WDC_SAM)
DRV - [2014/05/31 21:56:35 | 000,021,712 | ---- | M] (Phoenix Technologies) [Kernel | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\DrvAgent64.SYS -- (DrvAgent64)
DRV - [2011/08/19 18:00:00 | 001,151,096 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_19.1.0.28\Definitions\BASHDefs\20110819.004\BHDrvx64.sys -- (BHDrvx64)
DRV - [2011/08/10 11:00:00 | 002,048,632 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Stopped] -- C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_19.1.0.28\Definitions\VirusDefs\20110810.019\EX64.SYS -- (NAVEX15)
DRV - [2011/08/10 11:00:00 | 000,117,880 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Stopped] -- C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_19.1.0.28\Definitions\VirusDefs\20110810.019\ENG64.SYS -- (NAVENG)
DRV - [2011/07/21 03:43:24 | 000,488,568 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_19.1.0.28\Definitions\IPSDefs\20110726.001\IDSviA64.sys -- (IDSVia64)
DRV - [2009/07/14 11:19:10 | 000,019,008 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\wimmount.sys -- (WIMMount)
========== Standard Registry (SafeList) ==========
========== Internet Explorer ==========
IE:64bit: - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE:64bit: - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/...ms}&FORM=IE8SRC
IE:64bit: - HKLM\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = http://www.google.co...g}&sourceid=ie7
IE:64bit: - HKLM\..\SearchScopes\{D944BB61-2E34-4DBF-A683-47E505C587DC}: "URL" = http://rover.ebay.co...e={searchTerms}
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com
IE - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/...ms}&FORM=IE8SRC
IE - HKLM\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = http://www.google.co...g}&sourceid=ie7
IE - HKLM\..\SearchScopes\{D944BB61-2E34-4DBF-A683-47E505C587DC}: "URL" = http://rover.ebay.co...e={searchTerms}
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://g.jp.msn.com/HPALL/14
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com
IE - HKCU\..\SearchScopes,DefaultScope = {6A1806CD-94D4-4689-BA73-E35EA1EA9990}
IE - HKCU\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/...Box&FORM=IE8SRC
IE - HKCU\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = http://www.google.co...1I7NDKB_enGB516
IE - HKCU\..\SearchScopes\{D944BB61-2E34-4DBF-A683-47E505C587DC}: "URL" = http://rover.ebay.co...e={searchTerms}
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local
========== FireFox ==========
FF - prefs.js..browser.search.highlightCount: 0
FF - prefs.js..browser.search.isUS: false
FF - prefs.js..browser.startup.homepage: "about:home"
FF - prefs.js..extensions.enabledAddons: translator%40zoli.bod:2.1.0.3
FF - prefs.js..extensions.enabledAddons: %7Be4a8a97b-f2ed-450b-b12d-ee082ba24781%7D:2.3
FF - prefs.js..extensions.enabledAddons: %7B972ce4c6-7e08-4474-a285-3208198ce6fd%7D:34.0.5
FF - prefs.js..network.proxy.ftp: "119.235.16.41"
FF - prefs.js..network.proxy.ftp_port: 8080
FF - prefs.js..network.proxy.socks: "119.235.16.41"
FF - prefs.js..network.proxy.socks_port: 8080
FF - prefs.js..network.proxy.ssl: "119.235.16.41"
FF - prefs.js..network.proxy.ssl_port: 8080
FF - prefs.js..network.proxy.type: 4
FF - user.js - File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF64_15_0_0_246.dll File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.25.2: C:\Windows\system32\npDeployJava1.dll File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0: C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_15_0_0_246.dll ()
FF - HKLM\Software\MozillaPlugins\@adobe.com/ShockwavePlayer: C:\Windows\SysWOW64\Adobe\Director\np32dsw.dll (Adobe Systems, Inc.)
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=: File not found
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF - HKLM\Software\MozillaPlugins\@intel-webapi.intel.com/Intel WebAPI ipt;version=2.0.52: C:\Program Files (x86)\Intel\Intel® Management Engine Components\IPT\npIntelWebAPIIPT.dll (Intel Corporation)
FF - HKLM\Software\MozillaPlugins\@intel-webapi.intel.com/Intel WebAPI updater: C:\Program Files (x86)\Intel\Intel® Management Engine Components\IPT\npIntelWebAPIUpdater.dll (Intel Corporation)
FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=11.25.2: C:\Program Files (x86)\Java\jre1.8.0_25\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=11.25.2: C:\Program Files (x86)\Java\jre1.8.0_25\bin\plugin2\npjp2.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files (x86)\Microsoft Silverlight\4.0.50401.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0: C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/SharePoint,version=14.0: C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3502.0922: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3538.0513: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@pandonetworks.com/PandoWebPlugin: C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll File not found
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files (x86)\Google\Update\1.3.23.9\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files (x86)\Google\Update\1.3.23.9\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@videolan.org/vlc,version=2.1.3: C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF - HKLM\Software\MozillaPlugins\@WildTangent.com/GamesAppPresenceDetector,Version=1.0: C:\Program Files (x86)\WildTangent Games\App\BrowserIntegration\Registered\0\NP_wtapp.dll ()
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF - HKCU\Software\MozillaPlugins\@Skype Limited.com/Facebook Video Calling Plugin: C:\Users\Jordan\AppData\Local\Facebook\Video\Skype\npFacebookVideoCalling.dll (Skype Limited)
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{BBDA0591-3099-440a-AA10-41764D9DB4DB}: C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_19.1.0.28\IPSFFPlgn\ [2012/11/11 15:56:15 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{2D3F3651-74B9-4795-BDEC-6DA2F431CB62}: C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_19.1.0.28\coFFPlgn\ [2014/12/15 03:23:37 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 34.0.5\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2014/12/09 20:47:28 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 34.0.5\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2014/12/09 20:47:28 | 000,000,000 | ---D | M]
FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Firefox 34.0.5\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2014/12/09 20:47:28 | 000,000,000 | ---D | M]
FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Firefox 34.0.5\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2014/12/09 20:47:28 | 000,000,000 | ---D | M]
[2013/01/04 00:43:42 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Jordan\AppData\Roaming\Mozilla\Extensions
[2014/12/15 04:02:41 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Jordan\AppData\Roaming\Mozilla\Firefox\Profiles\sih3gr05.default\extensions
[2014/12/15 04:02:41 | 000,000,000 | ---D | M] (YOUtuabeAdBloCkoeo) -- C:\Users\Jordan\AppData\Roaming\Mozilla\Firefox\Profiles\sih3gr05.default\extensions\[email protected]
[2014/12/15 04:02:41 | 000,000,000 | ---D | M] (BuyNsaVe) -- C:\Users\Jordan\AppData\Roaming\Mozilla\Firefox\Profiles\sih3gr05.default\extensions\[email protected]
[2013/01/15 09:56:44 | 000,060,290 | ---- | M] () (No name found) -- C:\Users\Jordan\AppData\Roaming\Mozilla\Firefox\Profiles\sih3gr05.default\extensions\[email protected]
[2014/11/03 16:24:36 | 000,304,000 | ---- | M] () (No name found) -- C:\Users\Jordan\AppData\Roaming\Mozilla\Firefox\Profiles\sih3gr05.default\extensions\{e4a8a97b-f2ed-450b-b12d-ee082ba24781}.xpi
[2014/12/09 20:47:28 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\Mozilla Firefox\browser\extensions
[2014/12/09 20:47:32 | 000,000,000 | ---D | M] (Default) -- C:\Program Files (x86)\Mozilla Firefox\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
========== Chrome ==========
CHR - default_search_provider: Google (Enabled)
CHR - default_search_provider: search_url = {google:baseURL}search?q={searchTerms}&{google:RLZ}{google:originalQueryForSuggestion}{google:assistedQueryStats}{google:searchFieldtrialParameter}{google:bookmarkBarPinned}{google:searchClient}{google:sourceId}{google:instantExtendedEnabledParameter}{google:omniboxStartMarginParameter}ie={inputEncoding}
CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client={google:suggestClient}&gs_ri={google:suggestRid}&xssi=t&q={searchTerms}&{google:cursorPosition}{google:currentPageUrl}{google:pageClassification}sugkey={google:suggestAPIKeyParameter},
CHR - homepage: http://www.google.com/
CHR - plugin: Error reading preferences file
CHR - Extension: Google Docs = C:\Users\Jordan\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake\0.7_0\
CHR - Extension: Google Drive = C:\Users\Jordan\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\6.3_0\
CHR - Extension: YouTube = C:\Users\Jordan\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.6_0\
CHR - Extension: Google Search = C:\Users\Jordan\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.20_0\
CHR - Extension: Google Wallet = C:\Users\Jordan\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.6.1_0\
CHR - Extension: Speed Surfing = C:\Users\Jordan\AppData\Local\Google\Chrome\User Data\Default\Extensions\oglbipcbkmlknhfhabolnniekmlhfoek\174\
CHR - Extension: Gmail = C:\Users\Jordan\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0\
O1 HOSTS File: ([2009/06/11 07:00:26 | 000,000,824 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts
O2:64bit: - BHO: (Google Toolbar Helper) - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
O2:64bit: - BHO: (HP Network Check Helper) - {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPluginx64.dll (Hewlett-Packard)
O2 - BHO: (Norton Identity Protection) - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - C:\Program Files (x86)\Norton Internet Security\Engine\19.9.1.14\coieplg.dll (Symantec Corporation)
O2 - BHO: (Norton Vulnerability Protection) - {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\Program Files (x86)\Norton Internet Security\Engine\19.9.1.14\ips\ipsbho.dll (Symantec Corporation)
O2 - BHO: (Java Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre1.8.0_25\bin\ssv.dll (Oracle Corporation)
O2 - BHO: (Java Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre1.8.0_25\bin\jp2ssv.dll (Oracle Corporation)
O2 - BHO: (HP Network Check Helper) - {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll (Hewlett-Packard)
O3:64bit: - HKLM\..\Toolbar: (Google Toolbar) - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
O3 - HKLM\..\Toolbar: (Norton Toolbar) - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton Internet Security\Engine\19.9.1.14\coieplg.dll (Symantec Corporation)
O3:64bit: - HKCU\..\Toolbar\WebBrowser: (Google Toolbar) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
O4:64bit: - HKLM..\Run: [HotKeysCmds] C:\Windows\SysNative\hkcmd.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [IgfxTray] C:\Windows\SysNative\igfxtray.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [Persistence] C:\Windows\SysNative\igfxpers.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [SetDefault] C:\Program Files\Hewlett-Packard\HP LaunchBox\SetDefault.exe (Hewlett-Packard Development Company, L.P.)
O4:64bit: - HKLM..\Run: [SysTrayApp] C:\Program Files\IDT\WDM\sttray64.exe (IDT, Inc.)
O4 - HKLM..\Run: [APSDaemon] C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe (Apple Inc.)
O4 - HKLM..\Run: [CancelAutoPlay_df] C:\Program Files (x86)\4G Hostless Modem\TELSTRA PRE-PAID 4G USB\CancelAutoPlay_df.exe ()
O4 - HKLM..\Run: [CheckNDISPortf0aca3] C:\Program Files (x86)\4G Hostless Modem\TELSTRA PRE-PAID 4G USB\CheckNDISPort_df.exe ()
O4 - HKLM..\Run: [HP CoolSense] C:\Program Files (x86)\Hewlett-Packard\HP CoolSense\CoolSense.exe (Hewlett-Packard Development Company, L.P.)
O4 - HKLM..\Run: [HP Quick Launch] C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPMSGSVC.exe (Hewlett-Packard Development Company, L.P.)
O4 - HKLM..\Run: [HPOSD] C:\Program Files (x86)\Hewlett-Packard\HP On Screen Display\HPOSD.exe (Hewlett-Packard Development Company, L.P.)
O4 - HKLM..\Run: [StartCCC] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe (Advanced Micro Devices, Inc.)
O4 - HKLM..\Run: [USB3MON] C:\Program Files (x86)\Intel\Intel® USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe (Intel Corporation)
O4 - HKCU..\Run: [Facebook Update] C:\Users\Jordan\AppData\Local\Facebook\Update\FacebookUpdate.exe (Facebook Inc.)
O4 - HKCU..\Run: [MKLOL] C:\Program Files (x86)\MKJogo\MKLOL\MK.exe (MK)
O4 - HKCU..\Run: [Spotify Web Helper] C:\Users\Jordan\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe (Spotify Ltd)
O4:64bit: - HKLM..\RunOnce: [NCPluginUpdater] C:\Program Files (x86)\Hewlett-Packard\HP Health Check\ActiveCheck\product_line\NCPluginUpdater.exe (Hewlett-Packard)
O4 - Startup: C:\Users\Jordan\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\EvernoteClipper.lnk = C:\Program Files (x86)\Evernote\Evernote\EvernoteClipper.exe (Evernote Corp., 333 W Evelyn Ave. Mountain View, CA 94041)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: AllowLegacyWebView = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: AllowUnhashedWebView = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O8:64bit: - Extra context menu item: Send image to &Bluetooth Device... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm ()
O8:64bit: - Extra context menu item: Send page to &Bluetooth Device... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
O8 - Extra context menu item: Send image to &Bluetooth Device... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm ()
O8 - Extra context menu item: Send page to &Bluetooth Device... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
O9:64bit: - Extra Button: @C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPluginx64.dll,-103 - {25510184-5A38-4A99-B273-DCA8EEF6CD08} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\NCLauncherFromIE.exe (Hewlett-Packard)
O9:64bit: - Extra 'Tools' menuitem : @C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPluginx64.dll,-102 - {25510184-5A38-4A99-B273-DCA8EEF6CD08} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\NCLauncherFromIE.exe (Hewlett-Packard)
O9:64bit: - Extra Button: @C:\Program Files\WIDCOMM\Bluetooth Software\btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
O9:64bit: - Extra 'Tools' menuitem : @C:\Program Files\WIDCOMM\Bluetooth Software\btrez.dll,-12650 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
O9 - Extra Button: @C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll,-103 - {25510184-5A38-4A99-B273-DCA8EEF6CD08} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\NCLauncherFromIE.exe (Hewlett-Packard)
O9 - Extra 'Tools' menuitem : @C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll,-102 - {25510184-5A38-4A99-B273-DCA8EEF6CD08} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\NCLauncherFromIE.exe (Hewlett-Packard)
O9 - Extra Button: @C:\Program Files (x86)\Evernote\Evernote\Resource.dll,-101 - {A95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\Program Files (x86)\Evernote\Evernote\EvernoteIE.dll (Evernote Corp., 333 W Evelyn Ave. Mountain View, CA 94041)
O9 - Extra 'Tools' menuitem : @C:\Program Files (x86)\Evernote\Evernote\Resource.dll,-101 - {A95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\Program Files (x86)\Evernote\Evernote\EvernoteIE.dll (Evernote Corp., 333 W Evelyn Ave. Mountain View, CA 94041)
O9 - Extra Button: Send To Bluetooth - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
O9 - Extra 'Tools' menuitem : Send to &Bluetooth Device... - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000010 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000010 [] - C:\Program Files (x86)\Bonjour\mdnsNSP.dll (Apple Inc.)
O1364bit: - gopher Prefix: missing
O13 - gopher Prefix: missing
O15 - HKCU\..Trusted Domains: clonewarsadventures.com ([]* in Trusted sites)
O15 - HKCU\..Trusted Domains: freerealms.com ([]* in Trusted sites)
O15 - HKCU\..Trusted Domains: soe.com ([]* in Trusted sites)
O15 - HKCU\..Trusted Domains: sony.com ([]* in Trusted sites)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.254
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{1D332844-4724-4D54-9728-B6F328429063}: DhcpNameServer = 192.168.42.129
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{7FCC6CC5-0DE4-437A-89D4-4E08DF133DB0}: DhcpNameServer = 192.168.0.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{FC5521F9-7EAE-4ED8-A9FC-F1E2222470C1}: DhcpNameServer = 192.168.1.254
O18:64bit: - Protocol\Handler\livecall - No CLSID value found
O18:64bit: - Protocol\Handler\ms-help - No CLSID value found
O18:64bit: - Protocol\Handler\msnim - No CLSID value found
O18:64bit: - Protocol\Handler\skype4com - No CLSID value found
O18:64bit: - Protocol\Handler\wlmailhtml - No CLSID value found
O18:64bit: - Protocol\Handler\wlpg - No CLSID value found
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (userinit.exe) - C:\Windows\SysWow64\userinit.exe (Microsoft Corporation)
O20 - HKCU Winlogon: Shell - (C:\Users\Jordan\AppData\Roaming\AutoHotkey\AutoHotkey.exe) - C:\Users\Jordan\AppData\Roaming\AutoHotkey\AutoHotkey.exe (EFD Software)
O20:64bit: - Winlogon\Notify\igfxcui: DllName - (igfxdev.dll) - C:\Windows\SysNative\igfxdev.dll (Intel Corporation)
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2014/11/16 17:47:24 | 000,000,000 | RHSD | M] - C:\Autorun.inf -- [ NTFS ]
O32 - AutoRun File - [2014/11/16 17:47:24 | 000,000,000 | RHSD | M] - D:\Autorun.inf -- [ NTFS ]
O34 - HKLM BootExecute: (autocheck autochk *)
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)
========== Files/Folders - Created Within 30 Days ==========
[2014/12/15 04:52:17 | 000,000,000 | ---D | C] -- C:\Users\Jordan\AppData\Roaming\009DBC25-96F5-42A9-A935-FEC38F2218B8
[2014/12/15 04:02:15 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\DeltaFix
[2014/12/15 04:02:01 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Speed Surfing
[2014/12/15 04:01:52 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\YOUtuabeAdBloCkoeo
[2014/12/15 04:01:45 | 000,000,000 | ---D | C] -- C:\Program Files\95CCB571-1C54-4FE1-A9C7-42F8796C7F80
[2014/12/15 04:01:36 | 000,000,000 | ---D | C] -- C:\Program Files\010
[2014/12/15 04:01:34 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\BuyNsaVe
[2014/12/15 04:01:34 | 000,000,000 | ---D | C] -- C:\ProgramData\15943647030891824691
[2014/12/15 04:01:27 | 000,000,000 | ---D | C] -- C:\ProgramData\kbmkapgflchcioppcafdhfflnnngficm
[2014/12/13 20:48:19 | 000,000,000 | ---D | C] -- C:\ProgramData\RogueKiller
[2014/12/13 08:07:34 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\AutoHotkey
[2014/12/13 08:06:55 | 000,000,000 | -HSD | C] -- C:\Users\Jordan\AppData\Roaming\AutoHotkey
[2014/12/12 03:29:05 | 000,000,000 | ---D | C] -- C:\Users\Jordan\Documents\7 Days To Die
[2014/12/12 03:27:52 | 000,174,112 | ---- | C] (EasyAntiCheat Ltd) -- C:\Windows\SysWow64\EasyAntiCheat.exe
[2014/12/12 00:36:30 | 000,000,000 | ---D | C] -- C:\Users\Jordan\TopBot
[2014/12/11 06:54:29 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\appraiser
[2014/12/09 20:47:28 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Mozilla Firefox
[2014/12/05 22:48:48 | 000,000,000 | ---D | C] -- C:\Users\Jordan\.soulgames
[2014/12/04 03:03:36 | 000,000,000 | ---D | C] -- C:\Users\Jordan\Documents\TBot
[2014/12/04 00:06:27 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\HitLeap
[2014/12/03 23:52:50 | 000,000,000 | ---D | C] -- C:\Users\Jordan\AppData\Roaming\java
[2014/12/03 20:03:41 | 000,000,000 | -HSD | C] -- C:\Config.Msi
[2014/12/03 19:50:41 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Java
[2014/11/16 17:47:24 | 000,000,000 | RHSD | C] -- C:\Autorun.inf
[2014/11/16 17:43:35 | 000,000,000 | ---D | C] -- C:\UsbFix
[2014/11/16 17:42:53 | 000,129,752 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\MBAMSwissArmy.sys
[2014/11/16 17:42:40 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
[2014/11/16 17:42:38 | 000,093,400 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\mbamchameleon.sys
[2014/11/16 17:42:38 | 000,063,704 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\mwac.sys
[2014/11/16 17:42:38 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Malwarebytes Anti-Malware
[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]
========== Files - Modified Within 30 Days ==========
[2014/12/15 06:52:00 | 000,000,898 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2014/12/15 06:41:00 | 000,000,830 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
[2014/12/15 05:33:36 | 000,091,599 | ---- | M] () -- C:\Users\Jordan\Desktop\virus 2.PNG
[2014/12/15 05:18:50 | 000,160,216 | ---- | M] () -- C:\Users\Jordan\Desktop\virus.PNG
[2014/12/15 05:03:17 | 000,000,932 | ---- | M] () -- C:\Windows\tasks\FacebookUpdateTaskUserS-1-5-21-63926621-1045450870-166368686-1000UA.job
[2014/12/15 04:10:36 | 000,129,752 | ---- | M] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\MBAMSwissArmy.sys
[2014/12/15 03:30:45 | 000,031,472 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2014/12/15 03:30:45 | 000,031,472 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2014/12/15 03:25:45 | 000,000,336 | ---- | M] () -- C:\Windows\tasks\HPCeeScheduleForJordan.job
[2014/12/15 03:21:32 | 000,000,894 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2014/12/15 03:20:49 | 000,065,536 | ---- | M] () -- C:\Windows\SysNative\Ikeext.etl
[2014/12/15 03:20:46 | 000,000,266 | ---- | M] () -- C:\Windows\tasks\AutoKMS.job
[2014/12/15 03:20:41 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2014/12/15 03:20:35 | 2070,691,839 | -HS- | M] () -- C:\hiberfil.sys
[2014/12/13 20:48:21 | 000,035,064 | ---- | M] () -- C:\Windows\SysNative\drivers\TrueSight.sys
[2014/12/13 20:43:29 | 000,783,360 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2014/12/13 20:43:29 | 000,667,548 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2014/12/13 20:43:29 | 000,126,934 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2014/12/13 19:39:02 | 000,000,024 | ---- | M] () -- C:\Users\Jordan\random.dat
[2014/12/13 19:15:00 | 000,000,045 | ---- | M] () -- C:\Users\Jordan\jagex_cl_oldschool_LIVE.dat
[2014/12/13 08:07:56 | 000,001,352 | ---- | M] () -- C:\Users\Jordan\Documents\AutoHotkey.ahk
[2014/12/12 23:53:40 | 000,000,910 | ---- | M] () -- C:\Windows\tasks\FacebookUpdateTaskUserS-1-5-21-63926621-1045450870-166368686-1000Core.job
[2014/12/12 03:11:47 | 000,174,112 | ---- | M] (EasyAntiCheat Ltd) -- C:\Windows\SysWow64\EasyAntiCheat.exe
[2014/12/11 21:26:01 | 000,000,344 | ---- | M] () -- C:\Windows\tasks\HPCeeScheduleForJORDAN-HP$.job
[2014/12/08 04:53:50 | 000,000,045 | ---- | M] () -- C:\Users\Jordan\jagex_cl_runescape_LIVE.dat
[2014/12/04 03:03:27 | 000,008,037 | ---- | M] () -- C:\Users\Jordan\Desktop\topbot.jar
[2014/11/21 06:14:22 | 000,063,704 | ---- | M] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\mwac.sys
[2014/11/21 06:14:12 | 000,093,400 | ---- | M] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\mbamchameleon.sys
[2014/11/21 06:14:08 | 000,025,816 | ---- | M] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\mbam.sys
[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]
========== Files Created - No Company Name ==========
[2014/12/15 05:33:36 | 000,091,599 | ---- | C] () -- C:\Users\Jordan\Desktop\virus 2.PNG
[2014/12/15 05:18:50 | 000,160,216 | ---- | C] () -- C:\Users\Jordan\Desktop\virus.PNG
[2014/12/13 20:48:21 | 000,035,064 | ---- | C] () -- C:\Windows\SysNative\drivers\TrueSight.sys
[2014/12/13 08:07:56 | 000,001,352 | ---- | C] () -- C:\Users\Jordan\Documents\AutoHotkey.ahk
[2014/12/10 19:12:32 | 000,000,336 | ---- | C] () -- C:\Windows\tasks\HPCeeScheduleForJordan.job
[2014/12/04 03:03:25 | 000,008,037 | ---- | C] () -- C:\Users\Jordan\Desktop\topbot.jar
[2014/08/16 21:12:56 | 000,000,058 | ---- | C] () -- C:\Windows\JQHApp.dat
[2014/07/13 05:14:03 | 000,000,045 | ---- | C] () -- C:\Users\Jordan\jagex_cl_runescape_LIVE.dat
[2014/07/13 05:11:21 | 000,000,045 | ---- | C] () -- C:\Users\Jordan\jagex_cl_oldschool_LIVE.dat
[2014/07/13 05:11:21 | 000,000,024 | ---- | C] () -- C:\Users\Jordan\random.dat
[2014/04/05 19:40:13 | 000,000,600 | ---- | C] () -- C:\Users\Jordan\AppData\Local\PUTTY.RND
[2014/04/05 19:35:27 | 000,000,600 | ---- | C] () -- C:\Users\Jordan\AppData\Roaming\winscp.rnd
[2014/03/23 11:22:52 | 000,000,032 | R--- | C] () -- C:\ProgramData\hash.dat
[2013/06/04 20:26:20 | 000,291,088 | ---- | C] () -- C:\Windows\SysWow64\PnkBstrB.exe
[2013/06/04 20:26:14 | 000,076,888 | ---- | C] () -- C:\Windows\SysWow64\PnkBstrA.exe
[2013/03/01 11:47:36 | 000,053,299 | ---- | C] () -- C:\Windows\SysWow64\pthreadVC.dll
[2013/01/15 17:58:47 | 000,964,074 | ---- | C] () -- C:\Users\Jordan\AppData\Roaming\Log.dat
[2012/12/04 12:13:31 | 000,000,040 | -HS- | C] () -- C:\ProgramData\.zreglib
========== ZeroAccess Check ==========
[2009/07/14 14:55:00 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini
[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] /64
[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
"" = C:\Windows\SysNative\shell32.dll -- [2014/06/25 12:05:42 | 014,175,744 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2014/06/25 11:41:30 | 012,874,240 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\fastprox.dll -- [2009/07/14 11:40:51 | 000,909,312 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2010/11/21 13:24:25 | 000,606,208 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\wbemess.dll -- [2009/07/14 11:41:56 | 000,505,856 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]
========== LOP Check ==========
[2014/12/06 02:13:45 | 000,000,000 | ---D | M] -- C:\Users\Jordan\AppData\Roaming\.minecraft
[2014/12/13 05:35:57 | 000,000,000 | ---D | M] -- C:\Users\Jordan\AppData\Roaming\.StarMade
[2014/12/15 04:52:31 | 000,000,000 | ---D | M] -- C:\Users\Jordan\AppData\Roaming\009DBC25-96F5-42A9-A935-FEC38F2218B8
[2014/12/15 06:56:22 | 000,000,000 | -HSD | M] -- C:\Users\Jordan\AppData\Roaming\AutoHotkey
[2014/12/13 20:42:43 | 000,000,000 | ---D | M] -- C:\Users\Jordan\AppData\Roaming\DAEMON Tools Lite
[2013/12/13 19:56:57 | 000,000,000 | ---D | M] -- C:\Users\Jordan\AppData\Roaming\DAEMON Tools Ultra
[2012/12/03 17:53:00 | 000,000,000 | ---D | M] -- C:\Users\Jordan\AppData\Roaming\Digiarty
[2013/04/20 15:17:10 | 000,000,000 | ---D | M] -- C:\Users\Jordan\AppData\Roaming\DMCache
[2012/11/11 16:43:17 | 000,000,000 | ---D | M] -- C:\Users\Jordan\AppData\Roaming\Easeware
[2013/06/12 20:44:36 | 000,000,000 | ---D | M] -- C:\Users\Jordan\AppData\Roaming\fltk.org
[2013/01/13 00:57:49 | 000,000,000 | ---D | M] -- C:\Users\Jordan\AppData\Roaming\FlvtoConverter
[2014/08/17 22:23:53 | 000,000,000 | ---D | M] -- C:\Users\Jordan\AppData\Roaming\Graphmatica
[2013/02/26 20:15:38 | 000,000,000 | ---D | M] -- C:\Users\Jordan\AppData\Roaming\Groovedown_Uninstall
[2014/10/11 22:27:52 | 000,000,000 | ---D | M] -- C:\Users\Jordan\AppData\Roaming\HexHunterZ
[2014/12/03 23:52:50 | 000,000,000 | ---D | M] -- C:\Users\Jordan\AppData\Roaming\java
[2014/08/03 21:19:10 | 000,000,000 | ---D | M] -- C:\Users\Jordan\AppData\Roaming\LolClient
[2013/08/24 16:37:08 | 000,000,000 | ---D | M] -- C:\Users\Jordan\AppData\Roaming\MKKE
[2014/04/18 13:42:19 | 000,000,000 | ---D | M] -- C:\Users\Jordan\AppData\Roaming\Notepad++
[2013/06/04 19:28:32 | 000,000,000 | ---D | M] -- C:\Users\Jordan\AppData\Roaming\Origin
[2014/04/05 18:48:29 | 000,000,000 | ---D | M] -- C:\Users\Jordan\AppData\Roaming\redsn0w
[2014/08/03 19:25:07 | 000,000,000 | ---D | M] -- C:\Users\Jordan\AppData\Roaming\Riot Games
[2014/04/10 17:59:35 | 000,000,000 | ---D | M] -- C:\Users\Jordan\AppData\Roaming\SIX Networks
[2014/11/07 03:40:14 | 000,000,000 | ---D | M] -- C:\Users\Jordan\AppData\Roaming\SoftGrid Client
[2013/04/28 09:30:55 | 000,000,000 | ---D | M] -- C:\Users\Jordan\AppData\Roaming\Spotflux
[2014/10/13 22:13:28 | 000,000,000 | ---D | M] -- C:\Users\Jordan\AppData\Roaming\Spotify
[2012/12/13 21:00:30 | 000,000,000 | ---D | M] -- C:\Users\Jordan\AppData\Roaming\SteamForce Sessions
[2012/11/11 16:01:55 | 000,000,000 | ---D | M] -- C:\Users\Jordan\AppData\Roaming\Synaptics
[2013/01/11 04:51:05 | 000,000,000 | ---D | M] -- C:\Users\Jordan\AppData\Roaming\SystemRequirementsLab
[2014/12/05 21:17:42 | 000,000,000 | ---D | M] -- C:\Users\Jordan\AppData\Roaming\TeamViewer
[2014/03/23 16:56:36 | 000,000,000 | ---D | M] -- C:\Users\Jordan\AppData\Roaming\Three Rings Design
[2013/01/06 01:40:18 | 000,000,000 | ---D | M] -- C:\Users\Jordan\AppData\Roaming\TP
[2014/12/05 21:45:17 | 000,000,000 | ---D | M] -- C:\Users\Jordan\AppData\Roaming\TS3Client
[2014/12/15 06:57:49 | 000,000,000 | ---D | M] -- C:\Users\Jordan\AppData\Roaming\uTorrent
[2012/11/19 16:53:50 | 000,000,000 | ---D | M] -- C:\Users\Jordan\AppData\Roaming\XBMC
========== Purity Check ==========
< End of report >
Extras by OTL
OTL Extras logfile created on: 15/12/2014 6:49:57 AM - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Jordan\Downloads
64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.11.9600.17501)
Locale: 00000C09 | Country: Australia | Language: ENA | Date Format: d/MM/yyyy
7.90 Gb Total Physical Memory | 4.17 Gb Available Physical Memory | 52.79% Memory free
15.81 Gb Paging File | 11.44 Gb Available in Paging File | 72.36% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 677.56 Gb Total Space | 366.00 Gb Free Space | 54.02% Space Free | Partition Type: NTFS
Drive D: | 20.78 Gb Total Space | 2.24 Gb Free Space | 10.79% Space Free | Partition Type: NTFS
Drive E: | 6.51 Gb Total Space | 0.00 Gb Free Space | 0.00% Space Free | Partition Type: UDF
Computer Name: JORDAN-HP | User Name: Jordan | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Quick Scan | Include 64bit Scans
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days
========== Extra Registry (SafeList) ==========
========== File Associations ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.html[@ = htmlfile] -- C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation)
.url[@ = InternetShortcut] -- C:\Windows\SysNative\rundll32.exe (Microsoft Corporation)
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\SysWow64\control.exe (Microsoft Corporation)
.html [@ = htmlfile] -- C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation)
[HKEY_CURRENT_USER\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation)
========== Shell Spawning ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
htmlfile [opennew] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
http [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
https [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
InternetShortcut [open] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll",OpenURL %l (Microsoft Corporation)
InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" (VideoLAN)
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" (VideoLAN)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Applications\iexplore.exe [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
CLSID\{871C5380-42A0-1069-A2EA-08002B30309D} [OpenHomePage] -- "C:\Program Files\Internet Explorer\iexplore.exe" (Microsoft Corporation)
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
htmlfile [opennew] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
http [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
https [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" (VideoLAN)
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" (VideoLAN)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Applications\iexplore.exe [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
CLSID\{871C5380-42A0-1069-A2EA-08002B30309D} [OpenHomePage] -- Reg Error: Value error.
========== Security Center Settings ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = 28 4D B2 76 41 04 CA 01 [binary data]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
========== Firewall Settings ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0
========== Authorized Applications List ==========
========== Vista Active Open Ports Exception List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{04EE93A2-FE14-4C17-B9F7-4C7C6CCD5A12}" = lport=2177 | protocol=17 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{080B9DF6-3A8F-43E9-BCD9-6B65E8BDC371}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{08691BD8-084D-4B86-85CF-5698A14BDC80}" = lport=138 | protocol=17 | dir=in | app=system |
"{19C3EFA7-C35E-4B6B-B56B-5C1C7A2496A5}" = lport=2869 | protocol=6 | dir=in | app=system |
"{204D0C83-EF42-437A-AD3C-EB8200BA1FAA}" = lport=139 | protocol=6 | dir=in | app=system |
"{3AB40453-616E-4375-85DA-7FAF3100928D}" = rport=137 | protocol=17 | dir=out | app=system |
"{444B7C21-9AFE-42FB-B6C4-54D8CA6E48F9}" = rport=2177 | protocol=6 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{48A385A1-4050-44F2-962F-D6E87C205F8E}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | [email protected],-28539 |
"{54C4022F-D585-494B-9818-7775FCA88B0A}" = lport=2177 | protocol=6 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{573CF8CA-B94F-4E5D-BDB2-7B5DDEEBA644}" = rport=2177 | protocol=17 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{60B5F1BF-9A7C-49BB-8918-9B27BA300F00}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{66802F11-C85D-455D-84F5-39FBE169092B}" = lport=10243 | protocol=6 | dir=in | app=system |
"{69225799-A930-46CB-8CBF-8997F9037608}" = rport=445 | protocol=6 | dir=out | app=system |
"{82F2BBE2-29D0-407E-BE4C-13DAA9ABD65A}" = lport=445 | protocol=6 | dir=in | app=system |
"{86AAE7B9-DC31-47ED-9C38-06E15D521024}" = lport=137 | protocol=17 | dir=in | app=system |
"{8743751B-A661-48CB-AC56-2CE9D88EE6C2}" = lport=2869 | protocol=6 | dir=in | name=windows live communications platform (upnp) |
"{A1BE7D08-0063-4A13-920F-F3F570C4980A}" = lport=rpc | protocol=6 | dir=in | svc=spooler | app=%systemroot%\system32\spoolsv.exe |
"{A523B1BB-0022-4715-B743-32FFFA1AB145}" = rport=139 | protocol=6 | dir=out | app=system |
"{B9A6BE11-CE9E-42FE-BD3A-60E83C166710}" = lport=6004 | protocol=17 | dir=in | app=c:\program files (x86)\microsoft office\office14\outlook.exe |
"{BF20291F-F463-46EC-99EA-E6973A24C4FA}" = lport=1900 | protocol=17 | dir=in | name=windows live communications platform (ssdp) |
"{D7E9F63D-8142-4CEB-9C67-54B5DAF499CA}" = rport=138 | protocol=17 | dir=out | app=system |
"{D941EB1D-F1FB-428D-9D70-D5968ED64C24}" = rport=10243 | protocol=6 | dir=out | app=system |
"{DC01BAAF-C3B1-42D0-8048-67CE9FCA8358}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{FC85BCA2-DD88-4C00-9F90-8E99513CA0B7}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
========== Vista Active Application Exception List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{040E259D-6E29-48B2-ACC8-A3B0AE097360}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\dayz\dayz_be.exe |
"{04FEBEBE-3737-4524-B537-EA920BE5E24D}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\just cause 2 - multiplayer mod\jcmplauncher.exe |
"{057D1477-9A5A-4E95-A2F1-06B135811993}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\starmade\starmade-starter.exe |
"{0A331D7C-5977-466B-8674-CFDFFB9A814A}" = protocol=6 | dir=in | app=c:\program files (x86)\bohemia interactive\arma 2\arma2.exe |
"{0B28035B-51F1-4AC2-BFFB-84C1A7243DB4}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\counter-strike source\hl2.exe |
"{115C1153-74C1-4B9F-B966-502E904C2250}" = protocol=6 | dir=in | app=c:\program files (x86)\microsoft office\office14\onenote.exe |
"{1633B933-00E2-4845-ADB0-26E40E858605}" = protocol=6 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{17404459-ADD5-4D77-9F14-A93E71DE21AA}" = protocol=6 | dir=in | app=c:\program files (x86)\bohemia interactive\arma 2\arma2oa.exe |
"{1F619A33-94DA-4CF8-B936-FF0AC4BE9BAA}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\rust\rust.exe |
"{2602B436-7E64-4CAA-A43A-16899A212FFB}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\garrysmod\hl2.exe |
"{2605055E-509F-4AA5-8A2C-5B4C05B773D9}" = protocol=6 | dir=in | app=c:\program files (x86)\microsoft office\office14\groove.exe |
"{2E20285E-3A5C-4859-B2F0-85C9D86E8846}" = protocol=17 | dir=in | app=c:\program files (x86)\bohemia interactive\arma 2\arma2.exe |
"{305D105C-F0F0-4814-8056-7A8137569D04}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\rust\rust.exe |
"{3290AE11-A76C-4FD4-920E-48F059191A42}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
"{41A2E038-6515-4D45-9A88-2D99F8CE3D9A}" = protocol=6 | dir=in | app=c:\program files (x86)\ea games\dead space 2\deadspace2.exe |
"{43C86283-1B72-462F-8169-01D0882D877F}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{4728114D-79B1-4F99-BED7-22BBA5B0B673}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{47C1A6F6-4F53-4733-84A6-E4C5745CAB73}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\bin\steamwebhelper.exe |
"{4BF148A4-5D5E-4AB1-93F9-F8581F56F925}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\the forest\theforest.exe |
"{4CFBF424-6789-483B-B729-046F046F7AC7}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\penumbra black plague\redist\penumbra.exe |
"{4E2F0DF6-78B0-4996-9157-51C016173560}" = protocol=17 | dir=in | app=c:\program files (x86)\microsoft office\office14\onenote.exe |
"{4E765E08-B0E8-46D2-9E79-5BE822C28DE9}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\csnz\bin\cstrike-online.exe |
"{50669AC5-52DC-4A3C-8ABE-6944549FB2E5}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\mortalkombat_kompleteedition\disccontentpc\mkke.exe |
"{541F849E-5052-4678-92BF-3BA3D7EC524F}" = protocol=58 | dir=out | [email protected],-28546 |
"{55F7CC8A-57B7-4876-A9A4-8D4B980493DB}" = dir=in | app=c:\program files (x86)\common files\apple\apple application support\webkit2webprocess.exe |
"{58237174-EC69-4526-B83D-0D112C425AB5}" = protocol=17 | dir=in | app=c:\program files (x86)\microsoft office\office14\groove.exe |
"{5A63F8A8-C6E0-47E1-A08B-3CD6ED65C7E8}" = dir=in | app=c:\program files (x86)\windows live\messenger\msnmsgr.exe |
"{5A9B85B4-3F7E-496D-8CFA-404894983853}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
"{6311E64A-4448-471B-B67E-9E18D8C39B51}" = protocol=6 | dir=in | app=c:\windows\syswow64\msiexec.exe |
"{65A529DF-9431-4FCD-BD17-049B9A22D28F}" = dir=in | app=c:\users\jordan\appdata\local\facebook\video\skype\facebookvideocalling.exe |
"{67CA53C1-089C-47A4-B0D1-C9B64E5EE38A}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\7 days to die\7daystodie.exe |
"{69BBF1E8-3B6F-4488-86B3-6CD289A1C425}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\garrysmod\hl2.exe |
"{6A261CFE-81C4-4F23-8C7D-D2ED99081C14}" = protocol=17 | dir=in | app=c:\windows\syswow64\pnkbstra.exe |
"{6EE060F7-0A4D-457D-9852-39626F559325}" = dir=in | app=c:\program files (x86)\windows live\mesh\moe.exe |
"{70193046-0C0A-45E6-8397-9D3802B9ED77}" = protocol=6 | dir=in | app=c:\users\jordan\appdata\roaming\utorrent\utorrent.exe |
"{71E5FCF9-303B-40C8-8C57-CB9D6E921C3B}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\amnesia the dark descent\launcher.exe |
"{724AEE77-0882-471F-8BE5-4B2782B5D571}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\7 days to die\7daystodie_eac.exe |
"{7638003D-7767-432E-B5BC-8DC36224D827}" = protocol=17 | dir=in | app=c:\program files (x86)\ea games\dead space 2\deadspace2.exe |
"{7D5CB822-B7B7-4004-8335-BAD5C61E24E2}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\mortalkombat_kompleteedition\disccontentpc\mklauncher.exe |
"{834CE016-727E-45FC-AFDB-CDBDFD057B27}" = protocol=6 | dir=in | app=c:\windows\syswow64\pnkbstra.exe |
"{86D24A54-0164-4CA3-AA0E-57FC82556D1B}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\7 days to die\7daystodie.exe |
"{88F13D82-5D68-4E3B-B41E-0B97674FBD84}" = protocol=6 | dir=in | app=c:\windows\syswow64\pnkbstrb.exe |
"{8DFEF1D3-DB54-4330-AE34-BA4D0F4BEA1A}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\dayz\dayz.exe |
"{91873EDF-27DC-462C-AF1A-C07FA11390C1}" = protocol=17 | dir=in | app=c:\windows\syswow64\msiexec.exe |
"{92567A04-B63D-4364-B35C-E405EACF39D1}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
"{95AEA05E-DA04-4808-9000-746D3CE9E2DB}" = protocol=17 | dir=in | app=c:\users\jordan\appdata\roaming\utorrent\utorrent.exe |
"{974A9474-4708-42DA-BF5B-99ED78B7AEBF}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
"{976B1A46-2F1C-429A-AD3C-CEB79DDEF43F}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\call of duty modern warfare 3\iw5sp.exe |
"{98241DBE-DF17-422B-AED0-6D2A065E8221}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\7 days to die\7daystodie_eac.exe |
"{987A704A-0F81-4B1F-BF43-D63D060B5E60}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\mortalkombat_kompleteedition\disccontentpc\mklauncher.exe |
"{9DD7EF32-086B-434F-9D65-64966CF08416}" = protocol=1 | dir=in | [email protected],-28543 |
"{A1159060-91EE-4214-9D83-FE981BC4E20F}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{A1255E3C-6115-495B-B8AD-368CADB3E208}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\csnz\bin\cstrike-online.exe |
"{A2F0BB20-9208-4C6B-81A4-5C357BA3AB0F}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\call of duty modern warfare 3\iw5sp.exe |
"{AD31C137-1BFF-400C-941E-5531316F32B4}" = protocol=6 | dir=out | app=system |
"{B0B55E61-FE81-45F3-BDF7-E740029AA59D}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\amnesia the dark descent\amnesia.exe |
"{B289037B-78FD-4432-A3DA-3D6A15DF73F2}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\just cause 2\justcause2.exe |
"{B4E14C89-4D7E-407D-A801-D12AA0285816}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\amnesia the dark descent\launcher.exe |
"{B652A52F-4D4E-4A2C-871C-348526E1B0A3}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\skyrim\skyrimlauncher.exe |
"{B6B4115D-FAB9-40D9-93E8-556DA1B8AA5F}" = protocol=6 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
"{B78A96BB-F2F4-42FD-B567-582689A082E6}" = protocol=17 | dir=in | app=c:\windows\syswow64\pnkbstrb.exe |
"{B84014BE-6623-4953-B415-B2B4511CF1A7}" = protocol=1 | dir=out | [email protected],-28544 |
"{B8CC3E08-A0DA-44E9-85E2-B3E4C7C16612}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\dayz\dayz.exe |
"{C1259572-FB8E-4962-ACE4-A2DC262AE31B}" = dir=in | app=c:\program files (x86)\itunes\itunes.exe |
"{C1D1B89D-FB2B-4CC1-B1A8-8DD22A18BF15}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steam.exe |
"{C309B660-5EB6-494D-BAB1-ECB1B6DF5597}" = protocol=6 | dir=in | app=c:\program files (x86)\bohemia interactive\arma 2\expansion\beta\arma2oa.exe |
"{C53AD2B0-40BC-4D82-B547-2DD52D8FD445}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\the forest\theforest.exe |
"{C761AC06-87CA-49D1-8A6C-4EF443F8BE20}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\skyrim\skyrimlauncher.exe |
"{C8BD235A-1A6C-4EEF-90A8-95131F042644}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
"{C8F2515F-5C99-4525-8771-926D9063F4E3}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\starmade\starmade-starter.exe |
"{CC07ADF9-454B-45F2-9966-7B4421C37425}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe |
"{CCE7DEBD-7BA2-4FDC-9BD7-04CD4C00E629}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\counter-strike source\hl2.exe |
"{D170BB84-50DA-498D-B757-686E3E7E6D9B}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\bin\steamwebhelper.exe |
"{D23D7735-95FA-4514-A293-F401C8D0ED7F}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\dishonored\binaries\win32\dishonored.exe |
"{D42D486F-3E19-47D4-94D7-B77C1B5020FE}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\rust\legacy\rust.exe |
"{D4898FB8-0846-4577-88E8-2CA52A122E79}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steam.exe |
"{D4C575AC-9587-4EF8-A012-C95D6F3798EE}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\just cause 2 - multiplayer mod\jcmplauncher.exe |
"{D8687CF7-F196-4C79-B6C0-A4CED169F21F}" = dir=in | app=c:\program files (x86)\windows live\contacts\wlcomm.exe |
"{DECE9089-77F2-4EDC-A1A3-282798A0A3BF}" = protocol=58 | dir=in | [email protected],-28545 |
"{E0E19EA4-1CFD-48D2-B581-84EDE062005E}" = protocol=17 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{E5A394E5-CDDF-478E-AE7B-8C387523A5BD}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{E5EB0213-D68E-45E0-9C6E-2A62B4D082B0}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\dishonored\binaries\win32\dishonored.exe |
"{E7A171D3-66C4-45B6-A3E2-E47EE1C4F543}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{E8F9325C-EA98-4A9F-923E-89BE15C46214}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\rust\legacy\rust.exe |
"{ECFD4652-DB23-4B03-8968-46DC443CD365}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\mortalkombat_kompleteedition\disccontentpc\mkke.exe |
"{ED334D46-27E8-4E00-872F-C626361532F3}" = protocol=17 | dir=in | app=c:\program files (x86)\bohemia interactive\arma 2\expansion\beta\arma2oa.exe |
"{F214C2F7-A740-45A7-82CA-C71337C91340}" = protocol=17 | dir=in | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{F31013E2-3C2D-4502-9A7F-B5FD4D1A1BC2}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\amnesia the dark descent\amnesia.exe |
"{F34169C6-0F41-4B2F-B727-EC43608CA5EB}" = protocol=17 | dir=in | app=c:\program files (x86)\bohemia interactive\arma 2\arma2oa.exe |
"{F776C9D4-E0F0-45FA-9FBF-DC5B3BF30C6E}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\penumbra black plague\redist\penumbra.exe |
"{F91449B3-A5B2-411B-BD8F-E817D1981C2E}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\dayz\dayz_be.exe |
"{FB4DAEDB-EE17-4119-A043-7CD03C1B82AC}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\just cause 2\justcause2.exe |
"TCP Query User{05461AA8-D113-4369-9A51-CE51105757FD}C:\program files (x86)\steam\steam.exe" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steam.exe |
"TCP Query User{173F453C-00CE-4886-A4EB-7B863240BE2F}C:\users\jordan\appdata\roaming\spotify\spotify.exe" = protocol=6 | dir=in | app=c:\users\jordan\appdata\roaming\spotify\spotify.exe |
"TCP Query User{2A9A88DE-A9A0-4169-B0B2-7A146F0735C2}C:\windows\microsoft.net\framework\v2.0.50727\vbc.exe" = protocol=6 | dir=in | app=c:\windows\microsoft.net\framework\v2.0.50727\vbc.exe |
"TCP Query User{3782DB3D-1BBF-46F8-A07F-5E13E0A42E66}C:\program files (x86)\bohemia interactive\arma 2\expansion\beta\arma2oa.exe" = protocol=6 | dir=in | app=c:\program files (x86)\bohemia interactive\arma 2\expansion\beta\arma2oa.exe |
"TCP Query User{393C2D71-F870-46EE-B11C-007145F214A2}C:\users\jordan\appdata\roaming\spotify\spotify.exe" = protocol=6 | dir=in | app=c:\users\jordan\appdata\roaming\spotify\spotify.exe |
"TCP Query User{3CC3A9A7-9BE4-4E0C-8586-10B68F2027B2}C:\windows\syswow64\javaw.exe" = protocol=6 | dir=in | app=c:\windows\syswow64\javaw.exe |
"TCP Query User{3F710CD0-C5E5-4343-8285-6D577D175B78}C:\program files (x86)\steam\steamapps\common\dishonored\binaries\win32\dishonored.exe" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\dishonored\binaries\win32\dishonored.exe |
"TCP Query User{59C0A3D9-176E-4D6B-91D4-B8DC1B3633B1}C:\program files (x86)\steam\steamapps\common\mortalkombat_kompleteedition\disccontentpc\mkke.exe" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\mortalkombat_kompleteedition\disccontentpc\mkke.exe |
"TCP Query User{5AAE0F64-DB46-469B-963F-4CF79200ACD7}C:\users\jordan\appdata\roaming\utorrent\utorrent.exe" = protocol=6 | dir=in | app=c:\users\jordan\appdata\roaming\utorrent\utorrent.exe |
"TCP Query User{62942D9F-2ABB-45A3-A0C7-D19922A14603}C:\program files (x86)\rockstar games\gta san andreas\gta_sa.exe" = protocol=6 | dir=in | app=c:\program files (x86)\rockstar games\gta san andreas\gta_sa.exe |
"TCP Query User{68BBD9D6-BBF4-4537-A6F6-A63EA557B85E}C:\program files (x86)\java\jre1.8.0_25\bin\javaw.exe" = protocol=6 | dir=in | app=c:\program files (x86)\java\jre1.8.0_25\bin\javaw.exe |
"TCP Query User{7D33E0A2-102B-49FD-A162-99704C3F72CF}C:\users\jordan\documents\steam cracking\cracking\steamforce.exe" = protocol=6 | dir=in | app=c:\users\jordan\documents\steam cracking\cracking\steamforce.exe |
"TCP Query User{8AD5B031-EC51-479A-88E3-51C9E358A996}C:\users\jordan\desktop\utorrentportable\app\utorrent\utorrent.exe" = protocol=6 | dir=in | app=c:\users\jordan\desktop\utorrentportable\app\utorrent\utorrent.exe |
"TCP Query User{8FC2BDD9-A01A-4ADF-835B-E7DC9884F79A}C:\users\jordan\appdata\roaming\utorrent\utorrent.exe" = protocol=6 | dir=in | app=c:\users\jordan\appdata\roaming\utorrent\utorrent.exe |
"TCP Query User{A252DE50-62CC-417E-8F9F-BF5407F0D3F3}C:\program files (x86)\ea games\dead space 2\deadspace2.exe" = protocol=6 | dir=in | app=c:\program files (x86)\ea games\dead space 2\deadspace2.exe |
"TCP Query User{A9B6870E-B5F3-4692-BF57-9EB48C23B24E}C:\windows\system32\java.exe" = protocol=6 | dir=in | app=c:\windows\system32\java.exe |
"TCP Query User{B8024063-8A35-4788-8D61-71AFE65545E7}C:\users\jordan\desktop\games and stuff\dawn of war - dark crusade\darkcrusade.exe" = protocol=6 | dir=in | app=c:\users\jordan\desktop\games and stuff\dawn of war - dark crusade\darkcrusade.exe |
"TCP Query User{FD877894-1D69-45FF-A6E9-A056473624AF}C:\program files (x86)\idcloak vpn\idcloakvpn.exe" = protocol=6 | dir=in | app=c:\program files (x86)\idcloak vpn\idcloakvpn.exe |
"UDP Query User{03160A77-AA27-44F8-86A9-C82C5507484C}C:\users\jordan\appdata\roaming\spotify\spotify.exe" = protocol=17 | dir=in | app=c:\users\jordan\appdata\roaming\spotify\spotify.exe |
"UDP Query User{233F662C-7C2E-4F43-9E5E-F52F44940AA8}C:\program files (x86)\rockstar games\gta san andreas\gta_sa.exe" = protocol=17 | dir=in | app=c:\program files (x86)\rockstar games\gta san andreas\gta_sa.exe |
"UDP Query User{28B278A9-93C4-4D3C-931D-65FFC94D9A87}C:\users\jordan\desktop\utorrentportable\app\utorrent\utorrent.exe" = protocol=17 | dir=in | app=c:\users\jordan\desktop\utorrentportable\app\utorrent\utorrent.exe |
"UDP Query User{45FD539C-E860-463E-A234-56927A2518D5}C:\program files (x86)\steam\steamapps\common\dishonored\binaries\win32\dishonored.exe" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\dishonored\binaries\win32\dishonored.exe |
"UDP Query User{4D0A36BD-DEEC-4971-84FD-F6D688F11461}C:\users\jordan\desktop\games and stuff\dawn of war - dark crusade\darkcrusade.exe" = protocol=17 | dir=in | app=c:\users\jordan\desktop\games and stuff\dawn of war - dark crusade\darkcrusade.exe |
"UDP Query User{55B6358F-00D9-4E88-852E-2FD17AFDB832}C:\program files (x86)\ea games\dead space 2\deadspace2.exe" = protocol=17 | dir=in | app=c:\program files (x86)\ea games\dead space 2\deadspace2.exe |
"UDP Query User{5E39775F-8412-4B68-B360-3ECD4512A636}C:\program files (x86)\java\jre1.8.0_25\bin\javaw.exe" = protocol=17 | dir=in | app=c:\program files (x86)\java\jre1.8.0_25\bin\javaw.exe |
"UDP Query User{78251F41-288A-4279-82CF-D3C4EFDAB2C8}C:\program files (x86)\bohemia interactive\arma 2\expansion\beta\arma2oa.exe" = protocol=17 | dir=in | app=c:\program files (x86)\bohemia interactive\arma 2\expansion\beta\arma2oa.exe |
"UDP Query User{93B5C5F7-283B-4C1E-B86E-B17604E49219}C:\windows\system32\java.exe" = protocol=17 | dir=in | app=c:\windows\system32\java.exe |
"UDP Query User{A56E6153-6C4B-458A-AAFC-C18E5DBEB33D}C:\program files (x86)\idcloak vpn\idcloakvpn.exe" = protocol=17 | dir=in | app=c:\program files (x86)\idcloak vpn\idcloakvpn.exe |
"UDP Query User{A678920A-6089-4FF5-827C-B1E05C4B9236}C:\users\jordan\appdata\roaming\utorrent\utorrent.exe" = protocol=17 | dir=in | app=c:\users\jordan\appdata\roaming\utorrent\utorrent.exe |
"UDP Query User{A6B61DB4-2829-437C-AA47-A19DE7350061}C:\windows\syswow64\javaw.exe" = protocol=17 | dir=in | app=c:\windows\syswow64\javaw.exe |
"UDP Query User{B4C15654-DBF9-4072-8680-53B4FBA030A9}C:\program files (x86)\steam\steamapps\common\mortalkombat_kompleteedition\disccontentpc\mkke.exe" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\mortalkombat_kompleteedition\disccontentpc\mkke.exe |
"UDP Query User{C9A86592-640C-4315-B8B9-104761B91663}C:\users\jordan\appdata\roaming\spotify\spotify.exe" = protocol=17 | dir=in | app=c:\users\jordan\appdata\roaming\spotify\spotify.exe |
"UDP Query User{CAAB1C09-7287-4FB3-81FC-270C3C0D6ED4}C:\windows\microsoft.net\framework\v2.0.50727\vbc.exe" = protocol=17 | dir=in | app=c:\windows\microsoft.net\framework\v2.0.50727\vbc.exe |
"UDP Query User{CF801CF3-BC18-4554-BEC5-36B28670E000}C:\users\jordan\documents\steam cracking\cracking\steamforce.exe" = protocol=17 | dir=in | app=c:\users\jordan\documents\steam cracking\cracking\steamforce.exe |
"UDP Query User{E48D99E8-716C-418D-B544-B6C3C835F3F5}C:\users\jordan\appdata\roaming\utorrent\utorrent.exe" = protocol=17 | dir=in | app=c:\users\jordan\appdata\roaming\utorrent\utorrent.exe |
"UDP Query User{F8B03FB6-8F3D-4A92-A9A2-4991B12032F8}C:\program files (x86)\steam\steam.exe" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steam.exe |
========== HKEY_LOCAL_MACHINE Uninstall List ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{180C8888-50F1-426B-A9DC-AB83A1989C65}" = Windows Live Language Selector
"{1ACC8FFB-9D84-4C05-A4DE-D28A9BC91698}" = Windows Live ID Sign-in Assistant
"{1D8E6291-B0D5-35EC-8441-6616F567A0F7}" = Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219
"{2856A1C2-70C5-4EC3-AFF7-E5B51E5530A2}" = HP Client Services
"{2EDC2FA3-1F34-34E5-9085-588C9EFD1CC6}" = Microsoft Visual C++ 2012 x64 Minimum Runtime - 11.0.60610
"{2EF5D87E-B7BD-458F-8428-E4D0B8B4E65C}" = Apple Mobile Device Support
"{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148
"{503F672D-6C84-448A-8F8F-4BC35AC83441}" = AMD APP SDK Runtime
"{51F9B09B-2FE4-8B3A-628A-0C0654E253AF}" = AMD Catalyst Install Manager
"{54CE68A8-4F2D-4328-B1F7-D6C720405F7F}" = HP 3D DriveGuard
"{5A847522-375C-4D05-BD3D-88C450CC047F}" = HP Launch Box
"{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161
"{6199B534-A1B6-46ED-873B-97B0ECF8F81E}" = Intel® Trusted Connect Service Client
"{656DEEDE-F6AC-47CA-A568-A1B4E34B5760}" = Windows Live Remote Service Resources
"{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}" = Microsoft Visual C++ 2005 Redistributable (x64)
"{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}" = Bonjour
"{6E7F4CA3-B2DE-413C-A7A1-43AA5BE19EA1}" = Broadcom Bluetooth Software
"{764384C5-BCA9-307C-9AAC-FD443662686A}" = Microsoft Visual C++ 2012 x64 Additional Runtime - 11.0.60610
"{7DEBE4EB-6B40-3766-BB35-5CBBC385DA37}" = Microsoft .NET Framework 4.5.1
"{8220EEFE-38CD-377E-8595-13398D740ACE}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17
"{847B0532-55E3-4AAF-8D7B-E3A1A7CD17E5}" = Windows Live Remote Client Resources
"{90140000-002A-0000-1000-0000000FF1CE}" = Microsoft Office Office 64-bit Components 2010
"{90140000-002A-0409-1000-0000000FF1CE}" = Microsoft Office Shared 64-bit MUI (English) 2010
"{90140000-006D-0409-1000-0000000FF1CE}" = Microsoft Office Click-to-Run 2010
"{90140000-0116-0409-1000-0000000FF1CE}" = Microsoft Office Shared 64-bit Setup Metadata MUI (English) 2010
"{929FBD26-9020-399B-9A7A-751D61F0B942}" = Microsoft Visual C++ 2013 x64 Additional Runtime - 12.0.21005
"{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033" = Microsoft .NET Framework 4.5.1
"{95120000-00B9-0409-1000-0000000FF1CE}" = Microsoft Application Error Reporting
"{A749D8E6-B613-3BE3-8F5F-045C84EBA29B}" = Microsoft Visual C++ 2013 x64 Minimum Runtime - 12.0.21005
"{C1636CC2-9CDE-BD26-AB7E-04EEC0586ACF}" = ccc-utility64
"{CC4D56B7-6F18-470B-8734-ABCD75BCF4F1}" = HP Auto
"{D601CEAD-2E4F-4BBB-85CC-C29A4CE6A3C0}" = iTunes
"{DA54F80E-261C-41A2-A855-549A144F2F59}" = Windows Live MIME IFilter
"{DF6D988A-EEA0-4277-AAB8-158E086E439B}" = Windows Live Remote Client
"{E02A6548-6FDE-40E2-8ED9-119D7D7E641F}" = Windows Live Remote Service
"{F9DF0B5D-554B-45D2-8698-7C467FAF4BCA}" = HP Security Assistant
"7511B29C86C398B4D11A0B0E4176CAD68D1B7057" = Windows Driver Package - Texas Instruments Inc. (TIEHDUSB) USB (09/02/2009 1.0.0.1)
"95CCB571-1C54-4FE1-A9C7-42F8796C7F80" = couponarific
"Broadcom 802.11 Wireless LAN Adapter" = Broadcom 802.11 Wireless LAN Adapter
"CCleaner" = CCleaner
"EC3E466026556D3EB760B01C4772277614354E11" = Windows Driver Package - Texas Instruments Inc. (SilvrLnk) USB (06/11/2009 1.0.0.0)
"SynTPDeinstKey" = Synaptics Pointing Device Driver
"WinRAR archiver" = WinRAR 4.20 (64-bit)
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{01FB4998-33C4-4431-85ED-079E3EEFE75D}" = CyberLink YouCam
"{04739CDC-C74E-5F8E-4193-07998397FDC7}" = CCC Help Thai
"{048298C9-A4D3-490B-9FF9-AB023A9238F3}" = Steam
"{052A6070-7503-EA5A-9003-F89ACE36C5C9}" = Catalyst Control Center InstallProxy
"{06B35857-386E-E360-3E16-9ADDC424B912}" = CCC Help Czech
"{07FA4960-B038-49EB-891B-9F95930AA544}" = HP Customer Experience Enhancements
"{0B0F231F-CE6A-483D-AA23-77B364F75917}" = Windows Live Installer
"{0C93288C-31CC-A9B3-8741-CE0E4DEA87D5}" = CCC Help Portuguese
"{11AF9A96-6D83-4C3B-8DCB-16EA2A358E3F}" = HP CoolSense
"{12DA0E6F-5543-440C-BAA2-28BF01070AFA}{fc67e7a0}" = ManticoreTree
"{13A4EE12-23EA-3371-91EE-EFB36DDFFF3E}" = Microsoft Visual C++ 2013 x86 Minimum Runtime - 12.0.21005
"{15FB0187-64B5-C394-BE5C-F8BCC94F8844}" = CCC Help German
"{18455581-E099-4BA8-BC6B-F34B2F06600C}" = Google Toolbar for Internet Explorer
"{19BA08F7-C728-469C-8A35-BFBD3633BE08}" = Windows Live Movie Maker
"{1C87FC3A-D943-7B80-9AF7-E97BA76383E9}" = Catalyst Control Center Localization All
"{1DB45541-4D10-5969-76DA-1C1C050D3543}" = CCC Help Hungarian
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{1F6AB0E7-8CDD-4B93-8A23-AA9EB2FEFCE4}" = Junk Mail filter update
"{200FEC62-3C34-4D60-9CE8-EC372E01C08F}" = Windows Live SOXE Definitions
"{2091F234-EB58-4B80-8C96-8EB78C808CF7}" = Facebook Video Calling 3.1.0.521
"{20D0C76D-61ED-E33E-D13E-107EB89B2C41}" = CCC Help Korean
"{2318C2B1-4965-11d4-9B18-009027A5CD4F}" = Google Toolbar for Internet Explorer
"{240C3DDD-C5E9-4029-9DF7-95650D040CF2}" = Intel® USB 3.0 eXtensible Host Controller Driver
"{24991BA0-F0EE-44AD-9CC8-5EC50AECF6B7}" = Skype™ 6.20
"{26A24AE4-039D-4CA4-87B4-2F83218025F0}" = Java 8 Update 25
"{2902F983-B4C1-44BA-B85D-5C6D52E2C441}" = Windows Live Mesh ActiveX Control for Remote Connections
"{29E2F696-A2BB-4E88-BBCD-D6963DAFEE9E}" = Graphmatica
"{2A3FC24C-6EC0-4519-A52B-FDA4EA9B2D24}" = Windows Live Messenger
"{2FA94A64-C84E-49d1-97DD-7BF06C7BBFB2}.WildTangent Games App" = Update Installer for WildTangent Games App
"{3336F667-9049-4D46-98B6-4C743EEBC5B1}" = Windows Live Photo Gallery
"{34F4D9A4-42C2-4348-BEF4-E553C84549E7}" = Windows Live Photo Gallery
"{3677D4D8-E5E0-49FC-B86E-06541CF00BBE}" = opensource
"{3D6AD258-61EA-35F5-812C-B7A02152996E}" = Microsoft Visual C++ 2012 x86 Additional Runtime - 11.0.60610
"{3E29EE6C-963A-4aae-86C1-DC237C4A49FC}" = Intel® Rapid Storage Technology
"{44998254-6F6A-4D79-A243-343AB2391BA9}" = Kerbal Space Program
"{46DFC994-41C8-4441-5C9B-ED785F1B9B3A}" = CCC Help Norwegian
"{46ED2B64-85C7-4E1F-920C-A555B21F2E4C}" = NVIDIA PhysX
"{46F044A5-CE8B-4196-984E-5BD6525E361D}" = Apple Application Support
"{487C8590-8C6A-83C9-3E93-94F82435F111}" = CCC Help Italian
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{4E358233-4432-79FE-FFD1-D6A13ED27C1B}" = CCC Help Turkish
"{53B17A98-5BF0-40BC-AAFF-850A357975AC}" = HP Quick Launch
"{579684A4-DDD5-4CA3-9EA8-7BE7D9593DB4}" = Windows Live UX Platform Language Pack
"{5AAB423D-ED89-33D7-F261-CF8BBD05AB58}" = CCC Help English
"{612C34C7-5E90-47D8-9B5C-0F717DD82726}" = swMSM
"{65153EA5-8B6E-43B6-857B-C6E4FC25798A}" = Intel® Management Engine Components
"{675D093B-815D-47FD-AB2C-192EC751E8E2}" = HP Software Framework
"{682B3E4F-696A-42DE-A41C-4C07EA1678B4}" = Windows Live SOXE
"{69EF6E65-38DF-DCA5-871E-58CCE6244703}" = CCC Help French
"{6F0CE19C-0170-8757-4B6E-4122DAC59CF8}" = CCC Help Finnish
"{6F340107-F9AA-47C6-B54C-C3A19F11553F}" = Hewlett-Packard ACLM.NET v1.2.2.3
"{70B446D1-E03B-4ab0-9B3C-0832142C9AA8}.WildTangent Games App-hp" = WildTangent Games App (HP Games)
"{74A8E1BE-D438-4C35-ABFF-3A1EAF17526E}" = Blio
"{768A6276-5822-489C-8A2B-67190F745655}" = ESU for Microsoft Windows 7 SP1
"{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}" = Apple Software Update
"{79BF4901-1EC4-4726-B3C2-A7859706C6E7}" = League of Legends
"{7f51bdb9-ee21-49ee-94d6-90afc321780e}" = Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.21005
"{8070C698-EE73-5106-DBE4-2E2EA03A2CEC}" = PX Profile Update
"{837b34e3-7c30-493c-8f6a-2b0f04e2912c}" = Microsoft Visual C++ 2005 Redistributable
"{83C292B7-38A5-440B-A731-07070E81A64F}" = Windows Live PIMT Platform
"{842C4394-47F7-60DE-480B-C09116B63559}" = BuyNsaVe
"{8833FFB6-5B0C-4764-81AA-06DFEED9A476}" = Realtek Ethernet Controller Driver
"{887B5E9E-721A-6D8A-130F-4AC35788754C}" = CCC Help Russian
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8C6D6116-B724-4810-8F2D-D047E6B7D68E}" = Mesh Runtime
"{8CE152BA-1D16-11E1-867D-984BE15F174E}" = Evernote v. 4.5.2
"{8DD46C6A-0056-4FEC-B70A-28BB16A1F11F}" = MSVCRT
"{8F4F99A0-DCDF-BA51-9993-8C10575BD2A5}" = Catalyst Control Center Profiles Mobile
"{8F9890A8-25EE-FAC3-AE90-24C804E8059E}" = CCC Help Swedish
"{90140000-0011-0000-0000-0000000FF1CE}" = Microsoft Office Professional Plus 2010
"{90140000-0015-0409-0000-0000000FF1CE}" = Microsoft Office Access MUI (English) 2010
"{90140000-0016-0409-0000-0000000FF1CE}" = Microsoft Office Excel MUI (English) 2010
"{90140000-0018-0409-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (English) 2010
"{90140000-0019-0409-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (English) 2010
"{90140000-001A-0409-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (English) 2010
"{90140000-001B-0409-0000-0000000FF1CE}" = Microsoft Office Word MUI (English) 2010
"{90140000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2010
"{90140000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2010
"{90140000-001F-0C0A-0000-0000000FF1CE}" = Microsoft Office Proof (Spanish) 2010
"{90140000-002C-0409-0000-0000000FF1CE}" = Microsoft Office Proofing (English) 2010
"{90140000-0044-0409-0000-0000000FF1CE}" = Microsoft Office InfoPath MUI (English) 2010
"{90140000-006E-0409-0000-0000000FF1CE}" = Microsoft Office Shared MUI (English) 2010
"{90140000-00A1-0409-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (English) 2010
"{90140000-00BA-0409-0000-0000000FF1CE}" = Microsoft Office Groove MUI (English) 2010
"{90140000-0115-0409-0000-0000000FF1CE}" = Microsoft Office Shared Setup Metadata MUI (English) 2010
"{90140000-0117-0409-0000-0000000FF1CE}" = Microsoft Office Access Setup Metadata MUI (English) 2010
"{90140011-0066-0409-0000-0000000FF1CE}" = Microsoft Office Starter 2010 - English
"{92343DD0-2CFF-A544-22DB-D74383916A0F}" = Catalyst Control Center
"{929CE49F-1CA7-4CF3-A9A1-6D757443C63F}" = Microsoft Games for Windows - LIVE Redistributable
"{92EA4134-10D1-418A-91E1-5A0453131A38}" = Windows Live Movie Maker
"{933B4015-4618-4716-A828-5289FC03165F}" = VC80CRTRedist - 8.0.50727.6195
"{95140000-0070-0000-0000-0000000FF1CE}" = Microsoft Office 2010
"{95716cce-fc71-413f-8ad5-56c2892d4b3a}" = Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.60610
"{96D06FDD-6AF4-4309-BC1B-1C9588B0575E}" = Dead Space™ 2
"{97BC9B9D-E69F-A36F-C366-101CC711F84A}" = CCC Help Chinese Traditional
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
"{9D56775A-93F3-44A3-8092-840E3826DE30}" = Windows Live Mail
"{9FEB8236-74CD-4194-8717-38771ED0EFE9}" = Catalyst Control Center - Branding
"{A0C91188-C88F-4E86-93E6-CD7C9A266649}" = Windows Live Mesh
"{A152DD5F-8669-0218-1FE2-2615BD56B164}" = CCC Help Japanese
"{a1909659-0a08-4554-8af1-2175904903a1}" = Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.60610
"{A407FC22-36BF-4C82-A516-59D94BC505A9}" = System Requirements Lab Detection
"{A6F7C682-D48B-B8B8-05F5-2CEC9AE84940}" = CCC Help Danish
"{A726AE06-AAA3-43D1-87E3-70F510314F04}" = Windows Live Writer
"{A8B94669-8654-4126-BD28-D0D2412CDED6}" = TI Connect 1.6
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{A9BDCA6B-3653-467B-AC83-94367DA3BFE3}" = Windows Live Photo Common
"{AAAFC670-569B-4A2F-82B4-42945E0DE3EF}" = Windows Live Writer
"{AAF454FC-82CA-4F29-AB31-6A109485E76E}" = Windows Live Writer
"{AC76BA86-7AD7-FFFF-7B44-AA0000000001}" = Adobe Reader X (10.1.0) MUI
"{AD11DADE-C597-45D9-D8C5-1D2EB0B89613}" = Speed Surfing
"{AE856388-AFAD-4753-81DF-D96B19D0A17C}" = HP Setup Manager
"{AEFF9E60-3E93-41EE-9895-311F7D1C5FFD}" = TELSTRA PRE-PAID 4G USB
"{AF0CE7C0-A3E4-4D73-988B-B29187EC6E9A}" = QuickTime
"{B762EAD9-3075-E644-6675-40F8F3958B8B}" = CCC Help Spanish
"{C1594429-8296-4652-BF54-9DBE4932A44C}" = Realtek PCIE Card Reader
"{C66824E4-CBB3-4851-BB3F-E8CFD6350923}" = Windows Live Mail
"{CA736A99-E2DA-D981-026C-F4214D9EF825}" = CCC Help Chinese Standard
"{CCA5EAAD-92F4-4B7A-B5EE-14294C66AB61}" = PlayReady PC Runtime x86
"{ce085a78-074e-4823-8dc1-8a721b94b76d}" = Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.21005
"{CE95A79E-E4FC-4FFF-8A75-29F04B942FF2}" = Windows Live UX Platform
"{D0B44725-3666-492D-BEF6-587A14BD9BD9}" = MSVCRT_amd64
"{D417C96A-FCC7-4590-A1BB-FAF73F5BC98E}" = GTA San Andreas
"{D436F577-1695-4D2F-8B44-AC76C99E0002}" = Windows Live Photo Common
"{D45240D3-B6B3-4FF9-B243-54ECE3E10066}" = Windows Live Communications Platform
"{D63CABED-BF83-CD05-CF34-F27FB569AD8E}" = CCC Help Dutch
"{D8BCE5B9-67CF-4F3F-93AE-3ACC754C72EB}" = HP Power Manager
"{DBCD5E64-7379-4648-9444-8A6558DCB614}" = HP Recovery Manager
"{DDC8BDEE-DCAC-404D-8257-3E8D4B782467}" = Windows Live Writer Resources
"{DECDCB7C-58CC-4865-91AF-627F9798FE48}" = Windows Live Mesh
"{E09C4DB7-630C-4F06-A631-8EA7239923AF}" = D3DX10
"{E35A3B13-78CD-4967-8AC8-AA9FDA693EDE}" = HP Support Assistant
"{E381E901-0523-423C-8785-C93DCAB30F48}" = Catalyst Control Center Graphics Previews Common
"{E3A5A8AB-58F6-45FF-AFCB-C9AE18C05001}" = IDT Audio
"{E5B21F11-6933-4E0B-A25C-7963E3C07D11}" = Windows Live Messenger
"{E7D4E834-93EB-351F-B8FB-82CDAE623003}" = Microsoft Visual C++ 2012 x86 Minimum Runtime - 11.0.60610
"{E8C91E70-04EB-FF32-7DC7-82BAE939A292}" = CCC Help Greek
"{ED1BD69A-07E3-418C-91F1-D856582581BF}" = HP On Screen Display
"{EDA2B6DE-C67C-4FD7-AF6A-9D79E002707C}" = HP Documentation
"{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}" = Microsoft SQL Server 2005 Compact Edition [ENU]
"{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}" = Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219
"{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}" = Intel® Display Audio Driver
"{F3FCB08B-E752-444D-86A0-0634A4F3B23D}" = System Requirements Lab CYRI
"{F5E7D9AF-60F6-4A30-87E3-4EA94D322CE1}" = HP Setup
"{F8A9085D-4C7A-41a9-8A77-C8998A96C421}" = Intel® Control Center
"{F8CFEB22-A2E7-3971-9EDA-4B11EDEFC185}" = Microsoft Visual C++ 2013 x86 Additional Runtime - 12.0.21005
"{FC16CD6A-245A-964A-B41A-BD2BC7CB6565}" = CCC Help Polish
"{FE044230-9CA5-43F7-9B58-5AC5A28A1F33}" = Windows Live Essentials
"Adobe Flash Player ActiveX" = Adobe Flash Player 15 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 15 Plugin
"Adobe Shockwave Player" = Adobe Shockwave Player 11.6
"ArmA 2" = ArmA 2 Uninstall
"ARMA 2 Operation Arrowhead" = ARMA 2 Operation Arrowhead Uninstall
"BattlEye for OA" = BattlEye for OA Uninstall
"DAEMON Tools Lite" = DAEMON Tools Lite
"Flvto Youtube Downloader" = Flvto Youtube Downloader
"Generic Mod Manager_is1" = Fallout Mod Manager 0.13.21
"Google Chrome" = Google Chrome
"idcloak VPN" = idcloak VPN
"InstallShield_{01FB4998-33C4-4431-85ED-079E3EEFE75D}" = CyberLink YouCam
"League of Legends 3.0.0" = League of Legends
"Malwarebytes Anti-Malware_is1" = Malwarebytes Anti-Malware version 2.0.4.1028
"Mozilla Firefox 34.0.5 (x86 en-US)" = Mozilla Firefox 34.0.5 (x86 en-US)
"MozillaMaintenanceService" = Mozilla Maintenance Service
"NIS" = Norton Internet Security
"Office14.Click2Run" = Microsoft Office Click-to-Run 2010
"Office14.PROPLUS" = Microsoft Office Professional Plus 2010
"OpenAL" = OpenAL
"Razer Game Booster_is1" = Razer Game Booster
"Rugby_is1" = 1.0
"Spotflux" = Spotflux
"Steam App 205100" = Dishonored
"Steam App 221100" = DayZ
"Steam App 22120" = Penumbra: Black Plague
"Steam App 237110" = Mortal Kombat Komplete Edition
"Steam App 240" = Counter-Strike: Source
"Steam App 242760" = The Forest
"Steam App 244770" = StarMade
"Steam App 251570" = 7 Days to Die
"Steam App 252490" = Rust
"Steam App 259080" = Just Cause 2: Multiplayer Mod
"Steam App 260" = Counter-Strike: Source Beta
"Steam App 273110" = Counter-Strike Nexon: Zombies
"Steam App 4000" = Garry's Mod
"Steam App 57300" = Amnesia: The Dark Descent
"Steam App 72850" = The Elder Scrolls V: Skyrim
"Steam App 8190" = Just Cause 2
"Usbfix" = UsbFix
"VLC media player" = VLC media player 2.1.3
"WildTangent hp Master Uninstall" = HP Games
"WinLiveSuite" = Windows Live Essentials
"WinPcapInst" = WinPcap 4.1.3
"WTA-07ef8042-0624-43bc-9d09-5855a9781985" = Chuzzle Deluxe
"WTA-0e98f6ea-7765-4e73-ab64-f7dce249926c" = Final Drive Fury
"WTA-1306cd70-a298-454c-a6a7-c66b13a4c53d" = Hoyle Card Games
"WTA-258864cc-2ec0-43d8-9d37-30294899bba0" = Bejeweled 3
"WTA-2b3e84c4-8e78-4b9a-94d8-1a5a342a9b37" = Poker Superstars III
"WTA-2e7e7b24-b3ba-42d6-b1e0-ebb7726e7c0c" = Cradle of Rome 2
"WTA-2f583063-5bd1-476d-b0d1-6b82d26e0e71" = Torchlight
"WTA-36ebc515-c945-4956-b123-a788b97fbfae" = Jewel Quest Mysteries: The Seventh Gate Collector's Edition
"WTA-3bde7a99-0c72-460c-bf76-d41a95e04667" = Penguins!
"WTA-3ff6a673-6b82-4541-a88b-2656ab00382c" = Zuma's Revenge
"WTA-48e4f496-fe63-4e2b-a61e-dc13851e6fe3" = The Treasures of Mystery Island: The Ghost Ship
"WTA-4c31c7e7-0015-40c6-a6d3-dde74787cbea" = Letters from Nowhere 2
"WTA-5092fad0-a9d5-43a9-b886-fd420a7c95c2" = Jewel Match 3
"WTA-5b41006e-0595-44d7-b187-e5f9852a818c" = Plants vs. Zombies - Game of the Year
"WTA-5f9ac036-028f-4d02-bbd1-c4634dde4915" = John Deere Drive Green
"WTA-6753a642-2d67-4418-9221-298f3038adfc" = Farm Frenzy
"WTA-6e3f4d16-2020-4950-9c3d-75a895289f7e" = Dora's World Adventure
"WTA-733a3522-97f7-4c5c-808a-ddf5a2f00f8f" = Polar Bowler
"WTA-7f109111-d8af-4e30-b808-025ef90c1fe1" = RollerCoaster Tycoon 3: Platinum
"WTA-a6a4b2d0-9047-4818-85ed-f60c01f47a7b" = Virtual Villagers 4 - The Tree of Life
"WTA-aff948a7-e32d-4af6-9ea7-6deb8272e24f" = Polar Golfer
"WTA-de539978-b0d6-409e-b7da-c6b310cb1e25" = Luxor HD
"WTA-de974ade-ad73-41cc-a181-085136604b6f" = Farmscapes
"WTA-eddd44e2-8fd7-42e6-a3d0-5930c354759a" = Mah Jong Medley
"WTA-fc736800-f3af-4406-a8ab-2024d60342e5" = FATE
"WTA-fe0c4620-be55-4f05-be90-f16dd677651d" = Blackhawk Striker 2
========== HKEY_CURRENT_USER Uninstall List ==========
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{974C4B12-4D02-4879-85E0-61C95CC63E9E}" = Fallout 3
"MKLOL" = MKLOL
"Puzzle Pirates" = Puzzle Pirates
"Spotify" = Spotify
"uTorrent" = µTorrent
========== Last 20 Event Log Errors ==========
[ Application Events ]
Error - 14/12/2014 1:22:12 PM | Computer Name = Jordan-HP | Source = WinMgmt | ID = 10
Description =
Error - 14/12/2014 2:01:23 PM | Computer Name = Jordan-HP | Source = Application Error | ID = 1000
Description = Faulting application name: plugin-container.exe, version: 34.0.5.5443,
time stamp: 0x5475dd5d Faulting module name: mozalloc.dll, version: 34.0.5.5443,
time stamp: 0x5475d664 Exception code: 0x80000003 Fault offset: 0x00001425 Faulting
process id: 0x1a7c Faulting application start time: 0x01d017c623c0fb53 Faulting application
path: C:\Program Files (x86)\Mozilla Firefox\plugin-container.exe Faulting module
path: C:\Program Files (x86)\Mozilla Firefox\mozalloc.dll Report Id: 36a0da14-83bb-11e4-8fd8-e006e6e103fb
[ Hewlett-Packard Events ]
Error - 3/12/2012 11:39:19 PM | Computer Name = Jordan-HP | Source = HPSF.exe | ID = 2000
Description = HP Error ID: -2147467261 at HP.SupportFramework.Utilities.CustomerExperience.HPSASession.AddNavigationProperties()
Message:
Object reference not set to an instance of an object. StackTrace: at HP.SupportFramework.Utilities.CustomerExperience.HPSASession.AddNavigationProperties()
Source:
HP.SupportFramework.Utilities Name: HPSF.exe Version: 07.00.01.01 Path: C:\Program
Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe Format: en-US RAM: 8094
Ram
Utilization: 20 TargetSite: HP.SupportFramework.HPSFReporting._Property[] AddNavigationProperties()
Error - 4/12/2012 1:13:51 AM | Computer Name = Jordan-HP | Source = HPSF.exe | ID = 2000
Description = HP Error ID: -2147467261 at HP.SupportFramework.Utilities.CustomerExperience.HPSASession.AddNavigationProperties()
Message:
Object reference not set to an instance of an object. StackTrace: at HP.SupportFramework.Utilities.CustomerExperience.HPSASession.AddNavigationProperties()
Source:
HP.SupportFramework.Utilities Name: HPSF.exe Version: 07.00.01.01 Path: C:\Program
Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe Format: en-US RAM: 8094
Ram
Utilization: 30 TargetSite: HP.SupportFramework.HPSFReporting._Property[] AddNavigationProperties()
Error - 4/12/2012 9:00:34 AM | Computer Name = Jordan-HP | Source = HPSF.exe | ID = 2000
Description = HP Error ID: -2147467261 at HP.SupportFramework.Utilities.CustomerExperience.HPSASession.AddNavigationProperties()
Message:
Object reference not set to an instance of an object. StackTrace: at HP.SupportFramework.Utilities.CustomerExperience.HPSASession.AddNavigationProperties()
Source:
HP.SupportFramework.Utilities Name: HPSF.exe Version: 07.00.01.01 Path: C:\Program
Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe Format: en-US RAM: 8094
Ram
Utilization: 20 TargetSite: HP.SupportFramework.HPSFReporting._Property[] AddNavigationProperties()
[ System Events ]
Error - 13/12/2014 10:01:20 AM | Computer Name = Jordan-HP | Source = DCOM | ID = 10010
Description =
< End of report >
Edited by Xcode5, 14 December 2014 - 03:05 PM.