This just started happening. I should say that while surfing the 'net a few days ago, I got to a webpage that showed as the FBI MoneyGram virus that I managed to stop by simply terminating the browser application. I have not seen anything like the total contol of the desktop that seems ot be associated with this virus. Upon perusing some websites about this, I decided to install SpyHunter 4, which I now know to have been a mistake, and have since uninstalled it. It seemed like it was only after this uninstallation that I began to notice problems with the keyboard problems with a side problem being that I could not type 'c' or 'h' - nor save the file (it said there was not enough memory) for a little while in Notepad until I terminated that.
Reading up on some threads at this forum, I went ahead and ran the OTL application, and have the results. Thanks in advance for anyone's assistance.
@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@
OTL.Txt:
OTL logfile created on: 2015-01-02 20:09:31 - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\_ DOWNLOADS
64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.11.9600.17501)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: yyyy-MM-dd
3.97 Gb Total Physical Memory | 0.59 Gb Available Physical Memory | 14.88% Memory free
7.93 Gb Paging File | 4.00 Gb Available in Paging File | 50.45% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 232.88 Gb Total Space | 85.16 Gb Free Space | 36.57% Space Free | Partition Type: NTFS
Drive D: | 218.23 Gb Total Space | 114.47 Gb Free Space | 52.46% Space Free | Partition Type: NTFS
Drive G: | 446.77 Mb Total Space | 0.00 Mb Free Space | 0.00% Space Free | Partition Type: UDF
Drive H: | 446.77 Mb Total Space | 0.00 Mb Free Space | 0.00% Space Free | Partition Type: UDF
Drive I: | 1863.01 Gb Total Space | 137.15 Gb Free Space | 7.36% Space Free | Partition Type: NTFS
Drive J: | 930.86 Gb Total Space | 318.06 Gb Free Space | 34.17% Space Free | Partition Type: NTFS
Drive L: | 930.86 Gb Total Space | 183.46 Gb Free Space | 19.71% Space Free | Partition Type: NTFS
Computer Name: JEAN-PC | User Name: Jean | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Quick Scan | Include 64bit Scans
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days
========== Processes (SafeList) ==========
PRC - [2015-01-02 20:08:01 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\_ DOWNLOADS\OTL.exe
PRC - [2014-12-16 12:04:48 | 000,431,920 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
PRC - [2014-12-16 12:03:11 | 000,431,920 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
PRC - [2014-12-16 12:03:10 | 000,702,768 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe
PRC - [2014-12-11 15:10:28 | 000,337,520 | ---- | M] (Mozilla Corporation) -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe
PRC - [2014-12-09 18:53:47 | 001,880,752 | ---- | M] (Adobe Systems, Inc.) -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_15_0_0_246.exe
PRC - [2014-11-20 14:13:32 | 000,126,200 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Program Files (x86)\Avira\My Avira\Avira.OE.Systray.exe
PRC - [2014-11-20 14:13:28 | 000,166,192 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Program Files (x86)\Avira\My Avira\Avira.OE.ServiceHost.exe
PRC - [2014-11-14 19:59:22 | 000,230,792 | ---- | M] (Google Inc.) -- C:\Program Files (x86)\Google\Update\1.3.25.11\GoogleCrashHandler.exe
PRC - [2014-11-09 21:57:40 | 003,488,784 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files (x86)\AVG\AVG2015\avgidsagent.exe
PRC - [2014-11-09 21:56:14 | 003,653,136 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files (x86)\AVG\AVG2015\avgui.exe
PRC - [2014-11-09 21:49:56 | 000,298,080 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files (x86)\AVG\AVG2015\avgwdsvc.exe
PRC - [2014-08-13 00:44:16 | 009,837,056 | ---- | M] (Apache Software Foundation) -- C:\Program Files (x86)\OpenOffice 4\program\soffice.exe
PRC - [2014-08-13 00:44:16 | 009,828,864 | ---- | M] (Apache Software Foundation) -- C:\Program Files (x86)\OpenOffice 4\program\soffice.bin
PRC - [2014-07-04 10:55:34 | 016,427,384 | ---- | M] (magicJack L.P.) -- C:\Users\Jean\AppData\Roaming\mjusbsp\magicJack.exe
PRC - [2014-05-23 12:09:00 | 000,296,312 | R--- | M] (Western Digital Technologies, Inc.) -- C:\Program Files (x86)\Western Digital\WD Drive Manager\WDDriveService.exe
PRC - [2014-05-23 12:06:20 | 001,852,264 | R--- | M] (Western Digital Technologies, Inc.) -- C:\Program Files (x86)\Western Digital\WD Utilities\WDDriveUtilitiesHelper.exe
PRC - [2014-05-08 07:48:38 | 000,065,432 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
PRC - [2013-12-06 08:47:20 | 001,229,528 | ---- | M] (Secunia) -- C:\Program Files (x86)\Secunia\PSI\psia.exe
PRC - [2013-12-06 08:47:20 | 000,662,232 | ---- | M] (Secunia) -- C:\Program Files (x86)\Secunia\PSI\sua.exe
PRC - [2013-12-06 08:47:18 | 000,565,464 | ---- | M] (Secunia) -- C:\Program Files (x86)\Secunia\PSI\psi_tray.exe
PRC - [2013-09-24 14:02:59 | 000,441,408 | ---- | M] (BillP Studios) -- C:\Program Files (x86)\BillP Studios\WinPatrol\WinPatrol.exe
PRC - [2013-08-26 14:33:22 | 005,271,040 | ---- | M] (Joyent, Inc) -- C:\Program Files (x86)\ATT\8.3.1.7\ma\bin\node.exe
PRC - [2013-08-26 14:33:22 | 000,321,024 | ---- | M] (Alcatel-Lucent) -- C:\Program Files (x86)\ATT\8.3.1.7\ma\bin\MAHostService.exe
PRC - [2013-03-02 18:23:26 | 000,369,152 | ---- | M] (Alcatel-Lucent) -- C:\Program Files (x86)\Common Files\Motive\pcCMService.exe
PRC - [2011-12-16 03:21:10 | 001,687,968 | R--- | M] (Western Digital) -- C:\Program Files (x86)\Western Digital\WD Apps\WDDriveAutoUnlock.exe
PRC - [2009-07-24 00:32:50 | 001,593,344 | ---- | M] () -- C:\Program Files (x86)\ASUS\Wireless Console 3\wcourier.exe
PRC - [2009-07-23 07:13:38 | 000,306,232 | ---- | M] (ASUSTeK Computer Inc.) -- C:\Windows\SysWOW64\Fast Boot\FastBootAgent.exe
PRC - [2009-04-23 11:24:44 | 000,178,744 | ---- | M] (ASUS) -- C:\Program Files (x86)\ASUS\ATK Hotkey\HControl.exe
PRC - [2009-04-01 11:05:34 | 000,098,304 | ---- | M] (ASUS) -- C:\Program Files (x86)\ASUS\ATK Hotkey\HControlUser.exe
PRC - [2008-12-22 07:15:34 | 000,174,648 | ---- | M] (ASUS) -- C:\Program Files (x86)\ASUS\ATK Hotkey\WDC.exe
PRC - [2008-08-13 10:59:56 | 000,301,624 | ---- | M] () -- C:\Program Files (x86)\ASUS\ATK Hotkey\Atouch64.exe
PRC - [2008-08-13 10:59:52 | 000,100,920 | ---- | M] () -- C:\Program Files (x86)\ASUS\ATK Hotkey\AsLdrSrv.exe
PRC - [2008-08-13 06:21:56 | 002,482,176 | ---- | M] (ASUS) -- C:\Program Files (x86)\ASUS\ATK Hotkey\ATKOSD.exe
PRC - [2007-11-30 01:20:44 | 000,051,768 | ---- | M] () -- C:\Program Files (x86)\ASUS\ASUS Live Update\ALU.exe
========== Modules (No Company Name) ==========
MOD - [2014-12-11 15:10:23 | 003,758,192 | ---- | M] () -- C:\Program Files (x86)\Mozilla Firefox\mozjs.dll
MOD - [2014-12-09 18:53:46 | 016,841,392 | ---- | M] () -- C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_15_0_0_246.dll
MOD - [2014-10-18 22:45:21 | 002,542,080 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Data.Linq\5e84979fadb7eb63caedea9f4acefcc9\System.Data.Linq.ni.dll
MOD - [2014-10-18 22:44:11 | 000,018,944 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\Presentatio49d6fefe#\38d6578b4fe29bede85ffff08e3697b6\PresentationFramework-SystemXml.ni.dll
MOD - [2014-10-18 22:44:09 | 000,016,896 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\Presentatio84a7b877#\4df6733efc348c009a4a6e0adccc42a6\PresentationFramework-SystemData.ni.dll
MOD - [2014-10-18 22:06:25 | 000,260,096 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\WindowsForm0b574481#\446bc9f0c3b5824fab519cb5fec5af1b\WindowsFormsIntegration.ni.dll
MOD - [2014-10-18 22:05:52 | 002,997,248 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.IdentityModel\92a3b88ac6300af062edd6503bc5903c\System.IdentityModel.ni.dll
MOD - [2014-10-18 22:05:40 | 019,696,640 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.ServiceModel\316b149dbb031d0e35c9d57bb2fc4b6e\System.ServiceModel.ni.dll
MOD - [2014-10-17 19:31:20 | 000,122,880 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\SMDiagnostics\046058f81b039ab6fd839e03e67595f8\SMDiagnostics.ni.dll
MOD - [2014-10-17 19:31:19 | 000,794,112 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Servd1dec626#\35d3a1b878542de59cb4fc0593992404\System.ServiceModel.Internals.ni.dll
MOD - [2014-10-17 19:31:17 | 002,822,144 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Runteb92aa12#\f9f13cd8fe1cefaad78579a7c3a41464\System.Runtime.Serialization.ni.dll
MOD - [2014-10-17 19:30:32 | 013,643,776 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Web\d12ecb88500237067aa30b40081d51b7\System.Web.ni.dll
MOD - [2014-10-17 17:46:41 | 018,813,440 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\Presentatio5ae0f00f#\3646375313dd2b8e3afecbf945960336\PresentationFramework.ni.dll
MOD - [2014-10-17 17:46:03 | 011,025,920 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\PresentationCore\006d28e7c86f3e70db90ce06ea2f33fb\PresentationCore.ni.dll
MOD - [2014-10-17 17:45:57 | 001,889,792 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Xaml\8b133e0d94535a7534719f70873ca7fe\System.Xaml.ni.dll
MOD - [2014-10-17 17:45:40 | 000,470,528 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\Presentatio1c9175f8#\7971f3a1c08c4043cf981f457855b4d4\PresentationFramework.Aero.ni.dll
MOD - [2014-10-17 17:45:38 | 003,950,080 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\WindowsBase\94bbd298ec8575f3c6151a59538a109c\WindowsBase.ni.dll
MOD - [2014-10-17 17:45:37 | 007,668,736 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Xml\7147fa233a070283dba824da40089bf1\System.Xml.ni.dll
MOD - [2014-10-17 17:45:30 | 000,976,384 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Configuration\0648dbecb7e3fb9523565107e04a5caf\System.Configuration.ni.dll
MOD - [2014-10-17 17:45:15 | 012,894,208 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Windows.Forms\db563d596d76daed04e9b5d25b2f4cb9\System.Windows.Forms.ni.dll
MOD - [2014-10-17 17:45:14 | 007,409,664 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Data\5d2c01ae1ca8c40ed74cdfd7b7b7dcb1\System.Data.ni.dll
MOD - [2014-10-17 17:44:59 | 006,990,336 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Core\691c1ad89d16f49d80e84fa06a79089a\System.Core.ni.dll
MOD - [2014-10-17 17:44:47 | 001,644,544 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Drawing\b4c08872c259018b17b2801da33ac80f\System.Drawing.ni.dll
MOD - [2014-10-17 17:44:39 | 000,223,232 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Serv759bfb78#\902843918d037f5f3511d679bf1e2216\System.ServiceProcess.ni.dll
MOD - [2014-10-17 17:44:37 | 010,100,736 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System\17a393b77ae757f0768501fb95ff5af6\System.ni.dll
MOD - [2014-08-12 23:27:44 | 000,988,160 | ---- | M] () -- C:\Program Files (x86)\OpenOffice 4\program\libxml2.dll
MOD - [2014-07-29 03:34:32 | 000,170,496 | ---- | M] () -- C:\Program Files (x86)\OpenOffice 4\program\libxslt.dll
MOD - [2014-07-04 11:00:12 | 000,084,344 | ---- | M] () -- C:\Users\Jean\AppData\Roaming\mjusbsp\octvqem_apiw.dll
MOD - [2014-03-01 02:41:48 | 000,147,968 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Numerics\4c8a153aa66fcd62db6fff269a2ef2b4\System.Numerics.ni.dll
MOD - [2014-02-28 20:07:25 | 016,953,856 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\mscorlib\ce5f61c5754789df97be8dc991c47d07\mscorlib.ni.dll
MOD - [2013-07-15 11:29:04 | 000,620,718 | ---- | M] () -- C:\Program Files (x86)\BillP Studios\WinPatrol\sqlite3.dll
MOD - [2009-07-24 00:32:50 | 001,593,344 | ---- | M] () -- C:\Program Files (x86)\ASUS\Wireless Console 3\wcourier.exe
MOD - [2007-11-30 01:20:44 | 000,051,768 | ---- | M] () -- C:\Program Files (x86)\ASUS\ASUS Live Update\ALU.exe
========== Services (SafeList) ==========
SRV:64bit: - [2014-11-21 20:35:29 | 000,114,688 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\IEEtwCollector.exe -- (IEEtwCollectorService)
SRV:64bit: - [2014-09-26 10:50:48 | 000,088,712 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\IIS\Microsoft Web Deploy\MsDepSvc.exe -- (MsDepSvc)
SRV:64bit: - [2013-05-26 23:50:47 | 001,011,712 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV:64bit: - [2013-03-02 20:18:16 | 000,460,288 | ---- | M] (Alcatel-Lucent) [Auto | Running] -- C:\Program Files\Common Files\Motive\pcCMService.exe -- (pcCMService64)
SRV:64bit: - [2013-01-17 06:23:56 | 000,292,736 | ---- | M] (Puran Software) [Disabled | Stopped] -- C:\Windows\SysNative\PuranDefragS.exe -- (PuranDefrag)
SRV:64bit: - [2011-12-15 01:40:08 | 001,977,224 | R--- | M] (Western Digital ) [Disabled | Stopped] -- C:\Program Files\Western Digital\WD SmartWare\WDFME.exe -- (WDFMEService)
SRV:64bit: - [2011-12-15 01:40:08 | 001,338,264 | R--- | M] (Western Digital ) [Disabled | Stopped] -- C:\Program Files\Western Digital\WD SmartWare\WDRulesEngine.exe -- (WDRulesService)
SRV:64bit: - [2011-12-15 01:40:06 | 000,319,384 | R--- | M] (WDC) [Auto | Running] -- C:\Program Files\Western Digital\WD SmartWare\WDDMService.exe -- (WDDMService)
SRV:64bit: - [2007-08-07 14:08:40 | 000,094,208 | ---- | M] () [Auto | Stopped] -- C:\Program Files\ATKGFNEX\GFNEXSrv.exe -- (ATKGFNEXSrv)
SRV - [2014-12-16 12:04:48 | 000,431,920 | ---- | M] (Avira Operations GmbH & Co. KG) [Auto | Running] -- C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe -- (AntiVirSchedulerService)
SRV - [2014-12-16 12:03:30 | 000,992,560 | ---- | M] (Avira Operations GmbH & Co. KG) [Disabled | Stopped] -- C:\Program Files (x86)\Avira\AntiVir Desktop\avwebgrd.exe -- (AntiVirWebService)
SRV - [2014-12-16 12:03:11 | 000,431,920 | ---- | M] (Avira Operations GmbH & Co. KG) [Auto | Running] -- C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe -- (AntiVirService)
SRV - [2014-12-11 15:10:25 | 000,114,800 | ---- | M] (Mozilla Foundation) [On_Demand | Stopped] -- C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance)
SRV - [2014-12-09 18:53:48 | 000,267,440 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)
SRV - [2014-11-20 14:13:28 | 000,166,192 | ---- | M] (Avira Operations GmbH & Co. KG) [Auto | Running] -- C:\Program Files (x86)\Avira\My Avira\Avira.OE.ServiceHost.exe -- (Avira.OE.ServiceHost)
SRV - [2014-11-09 21:57:40 | 003,488,784 | ---- | M] (AVG Technologies CZ, s.r.o.) [Auto | Running] -- C:\Program Files (x86)\AVG\AVG2015\avgidsagent.exe -- (AVGIDSAgent)
SRV - [2014-11-09 21:49:56 | 000,298,080 | ---- | M] (AVG Technologies CZ, s.r.o.) [Auto | Running] -- C:\Program Files (x86)\AVG\AVG2015\avgwdsvc.exe -- (avgwd)
SRV - [2014-05-23 12:09:00 | 000,296,312 | R--- | M] (Western Digital Technologies, Inc.) [Auto | Running] -- C:\Program Files (x86)\Western Digital\WD Drive Manager\WDDriveService.exe -- (WDDriveService)
SRV - [2014-05-08 07:48:38 | 000,065,432 | ---- | M] (Adobe Systems Incorporated) [Auto | Running] -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe -- (AdobeARMservice)
SRV - [2014-04-09 07:12:50 | 000,235,696 | ---- | M] (McAfee, Inc.) [On_Demand | Stopped] -- C:\Program Files (x86)\McAfee Security Scan\3.8.150\McCHSvc.exe -- (McComponentHostService)
SRV - [2014-03-20 16:49:18 | 000,067,224 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32)
SRV - [2013-12-06 08:47:20 | 001,229,528 | ---- | M] (Secunia) [Auto | Running] -- C:\Program Files (x86)\Secunia\PSI\psia.exe -- (Secunia PSI Agent)
SRV - [2013-12-06 08:47:20 | 000,662,232 | ---- | M] (Secunia) [Auto | Running] -- C:\Program Files (x86)\Secunia\PSI\sua.exe -- (Secunia Update Agent)
SRV - [2013-09-11 14:21:54 | 000,105,144 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32)
SRV - [2013-08-26 14:33:22 | 000,321,024 | ---- | M] (Alcatel-Lucent) [Auto | Running] -- C:\Program Files (x86)\ATT\8.3.1.7\ma\bin\MAHostService.exe -- (ATT MAHostService)
SRV - [2013-07-24 23:24:42 | 000,162,672 | R--- | M] (Skype Technologies) [Auto | Stopped] -- C:\Program Files (x86)\Skype\Updater\Updater.exe -- (SkypeUpdate)
SRV - [2013-04-25 08:12:00 | 000,580,232 | ---- | M] (WiseCleaner.com) [Auto | Stopped] -- C:\Program Files (x86)\Wise\Wise Care 365\BootTime.exe -- (WiseBootAssistant)
SRV - [2013-03-02 18:23:26 | 000,369,152 | ---- | M] (Alcatel-Lucent) [Auto | Running] -- C:\Program Files (x86)\Common Files\Motive\pcCMService.exe -- (pcCMService)
SRV - [2012-11-24 20:13:12 | 000,821,720 | ---- | M] (Mister Group) [On_Demand | Stopped] -- C:\Program Files (x86)\System Explorer\service\SystemExplorerService64.exe -- (SystemExplorerHelpService)
SRV - [2009-07-23 07:13:38 | 000,306,232 | ---- | M] (ASUSTeK Computer Inc.) [Auto | Running] -- C:\Windows\SysWOW64\Fast Boot\FastBootAgent.exe -- (FastBootAgent)
SRV - [2008-08-13 10:59:52 | 000,100,920 | ---- | M] () [Auto | Running] -- C:\Program Files (x86)\ASUS\ATK Hotkey\AsLdrSrv.exe -- (ASLDRService)
========== Driver Services (SafeList) ==========
DRV:64bit: - [2015-01-02 02:45:35 | 000,129,752 | ---- | M] (Malwarebytes Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\MBAMSwissArmy.sys -- (MBAMSwissArmy)
DRV:64bit: - [2014-10-30 06:31:04 | 000,027,552 | ---- | M] (REALiX) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\HWiNFO64A.SYS -- (HWiNFO32)
DRV:64bit: - [2014-10-29 21:35:16 | 000,263,960 | ---- | M] (AVG Technologies CZ, s.r.o.) [File_System | System | Running] -- C:\Windows\SysNative\drivers\avgidsdrivera.sys -- (AVGIDSDriver)
DRV:64bit: - [2014-10-09 05:16:17 | 000,131,608 | ---- | M] (Avira Operations GmbH & Co. KG) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\avipbb.sys -- (avipbb)
DRV:64bit: - [2014-10-09 05:16:16 | 000,119,272 | ---- | M] (Avira Operations GmbH & Co. KG) [File_System | Auto | Running] -- C:\Windows\SysNative\drivers\avgntflt.sys -- (avgntflt)
DRV:64bit: - [2014-10-05 20:41:40 | 000,124,184 | ---- | M] (AVG Technologies CZ, s.r.o.) [File_System | Boot | Running] -- C:\Windows\SysNative\drivers\avgmfx64.sys -- (Avgmfx64)
DRV:64bit: - [2014-08-28 20:47:24 | 000,243,480 | ---- | M] (AVG Technologies CZ, s.r.o.) [File_System | System | Running] -- C:\Windows\SysNative\drivers\avgldx64.sys -- (Avgldx64)
DRV:64bit: - [2014-08-15 12:54:56 | 001,670,784 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw72DTV.sys -- (hcw72DTV)
DRV:64bit: - [2014-08-15 12:53:26 | 001,668,352 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw72ATV.sys -- (hcw72ATV)
DRV:64bit: - [2014-08-15 12:52:16 | 000,038,656 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw72ADFilter.sys -- (hcw72ADFilter)
DRV:64bit: - [2014-07-18 14:53:26 | 000,313,624 | ---- | M] (AVG Technologies CZ, s.r.o.) [File_System | Boot | Running] -- C:\Windows\SysNative\drivers\avgloga.sys -- (Avgloga)
DRV:64bit: - [2014-06-18 20:03:34 | 000,190,744 | ---- | M] (AVG Technologies CZ, s.r.o.) [File_System | Boot | Running] -- C:\Windows\SysNative\drivers\avgidsha.sys -- (AVGIDSHA)
DRV:64bit: - [2014-06-18 20:03:34 | 000,153,368 | ---- | M] (AVG Technologies CZ, s.r.o.) [File_System | System | Running] -- C:\Windows\SysNative\drivers\avgdiska.sys -- (Avgdiska)
DRV:64bit: - [2014-06-18 20:03:20 | 000,031,512 | ---- | M] (AVG Technologies CZ, s.r.o.) [File_System | Boot | Running] -- C:\Windows\SysNative\drivers\avgrkx64.sys -- (Avgrkx64)
DRV:64bit: - [2014-02-26 04:09:04 | 000,204,032 | ---- | M] (WinISO.com) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\WinisoCDBus.sys -- (WinisoCDBus)
DRV:64bit: - [2013-12-06 08:47:12 | 000,018,456 | ---- | M] (Secunia) [File_System | On_Demand | Running] -- C:\Windows\SysNative\drivers\psi_mf_amd64.sys -- (PSI)
DRV:64bit: - [2013-11-25 19:21:27 | 000,028,600 | ---- | M] (Avira Operations GmbH & Co. KG) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\avkmgr.sys -- (avkmgr)
DRV:64bit: - [2013-11-13 11:42:00 | 000,039,576 | ---- | M] (wj32) [Kernel | On_Demand | Stopped] -- C:\Program Files\Process Hacker 2\kprocesshacker.sys -- (KProcessHacker2)
DRV:64bit: - [2013-10-13 18:32:21 | 000,014,456 | ---- | M] (GFI Software) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\gfibto.sys -- (gfibto)
DRV:64bit: - [2013-10-11 16:43:28 | 000,015,928 | ---- | M] (ASUS) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\ATK64AMD.sys -- (MTsensor)
DRV:64bit: - [2013-10-11 16:15:58 | 000,138,752 | ---- | M] (Intel® Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\IntcHdmi.sys -- (IntcHdmiAddService)
DRV:64bit: - [2013-10-11 16:15:44 | 007,345,632 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\igdkmd64.sys -- (igfx)
DRV:64bit: - [2013-10-11 02:48:36 | 000,073,128 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcdriver.sys -- (hcdriver)
DRV:64bit: - [2013-09-14 00:24:26 | 000,143,096 | ---- | M] (Ray Hinchliffe) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\SIVX64.sys -- (SIVDriver)
DRV:64bit: - [2013-07-11 01:25:54 | 000,380,680 | ---- | M] (ELAN Microelectronics Corp.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\ETD.sys -- (ETD)
DRV:64bit: - [2012-03-01 00:46:16 | 000,023,408 | ---- | M] (Microsoft Corporation) [Recognizer | Boot | Unknown] -- C:\Windows\SysNative\drivers\fs_rec.sys -- (Fs_Rec)
DRV:64bit: - [2012-02-10 21:59:34 | 000,334,936 | ---- | M] (Microsoft Corporation) [File_System | Disabled | Stopped] -- C:\Windows\SysNative\drivers\RsFx0200.sys -- (RsFx0200)
DRV:64bit: - [2011-03-11 00:41:12 | 000,107,904 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata)
DRV:64bit: - [2011-03-11 00:41:12 | 000,027,008 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata)
DRV:64bit: - [2010-11-20 21:24:33 | 000,059,392 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbFlt.sys -- (TsUsbFlt)
DRV:64bit: - [2010-11-20 21:23:47 | 000,078,720 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD)
DRV:64bit: - [2010-11-20 21:23:47 | 000,031,232 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbGD.sys -- (TsUsbGD)
DRV:64bit: - [2010-02-02 14:05:26 | 000,043,008 | ---- | M] (Printing Communications Assoc., Inc. (PCAUSA)) [Kernel | On_Demand | Stopped] -- C:\Program Files\Common Files\Motive\MREMP50a64.sys -- (MREMP50a64)
DRV:64bit: - [2010-02-02 14:05:26 | 000,040,960 | ---- | M] (Printing Communications Assoc., Inc. (PCAUSA)) [Kernel | On_Demand | Stopped] -- C:\Program Files\Common Files\Motive\MRESP50a64.sys -- (MRESP50a64)
DRV:64bit: - [2010-01-26 20:09:02 | 000,047,632 | ---- | M] (CACE Technologies, Inc.) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\npf.sys -- (npf)
DRV:64bit: - [2009-12-01 12:19:16 | 000,649,472 | ---- | M] (eMPIA Technology, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\emBDA64.sys -- (USB28xxBGA)
DRV:64bit: - [2009-12-01 12:18:32 | 000,617,216 | ---- | M] (eMPIA Technology, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\emOEM64.sys -- (USB28xxOEM)
DRV:64bit: - [2009-09-15 09:40:42 | 006,952,960 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\NETw5s64.sys -- (NETw5s64)
DRV:64bit: - [2009-07-13 19:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs)
DRV:64bit: - [2009-07-13 19:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2)
DRV:64bit: - [2009-07-13 19:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor)
DRV:64bit: - [2009-06-10 14:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv)
DRV:64bit: - [2009-06-10 14:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv)
DRV:64bit: - [2009-06-10 14:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a)
DRV:64bit: - [2009-06-10 14:34:18 | 000,057,344 | ---- | M] (Atheros Communications, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\L1C62x64.sys -- (L1C)
DRV:64bit: - [2009-06-10 14:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir)
DRV:64bit: - [2008-05-06 06:06:00 | 000,014,464 | ---- | M] (Western Digital Technologies) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\wdcsam64.sys -- (WDC_SAM)
DRV - [2010-02-02 14:09:42 | 000,021,248 | ---- | M] (Printing Communications Assoc., Inc. (PCAUSA)) [Kernel | On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Motive\MREMP50.sys -- (MREMP50)
DRV - [2010-02-02 14:09:42 | 000,020,096 | ---- | M] (Printing Communications Assoc., Inc. (PCAUSA)) [Kernel | On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Motive\MRESP50.sys -- (MRESP50)
DRV - [2009-08-28 01:26:52 | 000,022,488 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Program Files (x86)\DScaler\DSDrv4amd64.sys -- (DSDrv4AMD64)
DRV - [2009-07-13 19:19:10 | 000,019,008 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\wimmount.sys -- (WIMMount)
========== Standard Registry (SafeList) ==========
========== Internet Explorer ==========
IE:64bit: - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE:64bit: - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/...ms}&FORM=IE8SRC
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKLM\..\SearchScopes,DefaultScope =
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/...ms}&FORM=IE8SRC
IE - HKU\.DEFAULT\..\SearchScopes,DefaultScope =
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-18\..\SearchScopes,DefaultScope =
IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-19\..\SearchScopes,DefaultScope =
IE - HKU\S-1-5-20\..\SearchScopes,DefaultScope =
IE - HKU\S-1-5-21-3001965132-3898090023-1802478263-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = about:blank
IE - HKU\S-1-5-21-3001965132-3898090023-1802478263-1000\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKU\S-1-5-21-3001965132-3898090023-1802478263-1000\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/...Box&FORM=IESR02
IE - HKU\S-1-5-21-3001965132-3898090023-1802478263-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-80-425977601-1203083412-1631309457-2457533047-3321749933\..\SearchScopes,DefaultScope =
========== FireFox ==========
FF - prefs.js..browser.search.defaultenginename: "Google"
FF - prefs.js..browser.search.highlightCount: 0
FF - prefs.js..browser.search.isUS: true
FF - prefs.js..extensions.enabledAddons: autoformer2%40mozilla.org:1.1.0
FF - prefs.js..extensions.enabledAddons: %7B0c8fbd76-bdeb-4c52-9b24-d587ce7b9dc3%7D:2.0.6
FF - prefs.js..extensions.enabledAddons: %7B5C655500-E712-41e7-9349-CE462F844B19%7D:1.0
FF - prefs.js..extensions.enabledAddons: fasttrans%40kemot:1.10.2
FF - prefs.js..extensions.enabledAddons: 2.0%40disconnect.me:3.14.0
FF - prefs.js..extensions.enabledAddons: %7Bb9db16a4-6edc-47ec-a1f4-b86292ed211d%7D:4.9.24
FF - prefs.js..extensions.enabledAddons: %7Be4a8a97b-f2ed-450b-b12d-ee082ba24781%7D:2.3
FF - prefs.js..extensions.enabledAddons: bartap%40philikon.de:2.1b2
FF - prefs.js..extensions.enabledAddons: %7B972ce4c6-7e08-4474-a285-3208198ce6fd%7D:34.0.5
FF - user.js - File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF64_15_0_0_246.dll File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@docu-track.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf: C:\Program Files\Tracker Software\PDF Viewer\npPDFXCviewNPPlugin.dll (Tracker Software Products (Canada) Ltd.)
FF:64bit: - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.60.2: C:\Program Files\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF:64bit: - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.60.2: C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@tracker-software.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf: C:\Program Files\Tracker Software\PDF Viewer\npPDFXCviewNPPlugin.dll (Tracker Software Products (Canada) Ltd.)
FF:64bit: - HKLM\Software\MozillaPlugins\@videolan.org/vlc,version=2.1.0: C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_15_0_0_246.dll ()
FF - HKLM\Software\MozillaPlugins\@docu-track.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf: C:\Program Files\Tracker Software\PDF Viewer\Win32\npPDFXCviewNPPlugin.dll (Tracker Software Products (Canada) Ltd.)
FF - HKLM\Software\MozillaPlugins\@foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.fdf: C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll File not found
FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.55.2: C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.55.2: C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF - HKLM\Software\MozillaPlugins\@Motive.com/NpMotive,version=1.0: C:\Program Files (x86)\ATT\8.3.1.7\ma\bin\npMotive.dll (Alcatel-Lucent)
FF - HKLM\Software\MozillaPlugins\@Motive.com/npMotiveRequest,version=1.0: C:\Program Files (x86)\Common Files\Motive\npMotiveRequest.dll (Alcatel-Lucent)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files (x86)\Google\Update\1.3.25.11\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files (x86)\Google\Update\1.3.25.11\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tracker-software.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf: C:\Program Files\Tracker Software\PDF Viewer\Win32\npPDFXCviewNPPlugin.dll (Tracker Software Products (Canada) Ltd.)
FF - HKLM\Software\MozillaPlugins\@wolfram.com/Mathematica: C:\Program Files (x86)\Common Files\Wolfram Research\Browser\9.0.1.4092550\npmathplugin.dll (Wolfram Research, Inc.)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF - HKCU\Software\MozillaPlugins\vitzo.com/VDownloader: C:\Program Files\VDownloader\Addons\npVDownloader.dll (Vitzo Limited)
64bit-FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\[email protected]: C:\PROGRAM FILES\VDOWNLOADER\ADDONS\FIREFOX [2013-10-12 20:53:19 | 000,000,000 | ---D | M]
64bit-FF - HKEY_LOCAL_MACHINE\software\mozilla\Pale Moon 25.1.0\extensions\\Components: C:\PROGRAM FILES\PALE MOON\COMPONENTS
64bit-FF - HKEY_LOCAL_MACHINE\software\mozilla\Pale Moon 25.1.0\extensions\\Plugins: C:\PROGRAM FILES\PALE MOON\PLUGINS [2014-09-12 16:23:45 | 000,000,000 | ---D | M]
64bit-FF - HKEY_LOCAL_MACHINE\software\mozilla\Waterfox 30.0\extensions\\Components: C:\PROGRAM FILES\WATERFOX\COMPONENTS
64bit-FF - HKEY_LOCAL_MACHINE\software\mozilla\Waterfox 30.0\extensions\\Plugins: C:\PROGRAM FILES\WATERFOX\PLUGINS [2014-09-12 16:23:45 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{ABDE892B-13A8-4d1b-88E6-365A6E755758}: C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\Firefox\Ext
FF - HKEY_LOCAL_MACHINE\software\mozilla\K-Meleon\Extensions\\Plugins: C:\Program Files (x86)\K-Meleon\Plugins [2014-09-11 20:07:58 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\K-Meleon\Extensions\\Components: C:\Program Files (x86)\K-Meleon\Components [2013-10-13 06:34:41 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 34.0.5\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 34.0.5\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2014-12-11 15:10:09 | 000,000,000 | ---D | M]
FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Firefox 34.0.5\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components
FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Firefox 34.0.5\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2014-12-11 15:10:09 | 000,000,000 | ---D | M]
[2013-10-11 17:26:07 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Jean\AppData\Roaming\Mozilla\Extensions
[2014-12-26 19:42:12 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Jean\AppData\Roaming\Mozilla\Firefox\Profiles\2x29j681.default\extensions
[2014-09-06 17:21:30 | 000,000,000 | ---D | M] (DownloadHelper) -- C:\Users\Jean\AppData\Roaming\Mozilla\Firefox\Profiles\2x29j681.default\extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d}
[2014-12-11 17:02:22 | 000,000,000 | ---D | M] (Avira Browser Safety) -- C:\Users\Jean\AppData\Roaming\Mozilla\Firefox\Profiles\2x29j681.default\extensions\[email protected]
[2014-04-13 01:29:36 | 000,000,000 | ---D | M] (Fast Translation) -- C:\Users\Jean\AppData\Roaming\Mozilla\Firefox\Profiles\2x29j681.default\extensions\fasttrans@kemot
[2014-05-14 16:58:17 | 000,947,620 | ---- | M] () (No name found) -- C:\Users\Jean\AppData\Roaming\Mozilla\Firefox\Profiles\2x29j681.default\extensions\[email protected]
[2013-10-15 07:51:51 | 000,031,289 | ---- | M] () (No name found) -- C:\Users\Jean\AppData\Roaming\Mozilla\Firefox\Profiles\2x29j681.default\extensions\[email protected]
[2014-11-15 11:51:28 | 000,024,057 | ---- | M] () (No name found) -- C:\Users\Jean\AppData\Roaming\Mozilla\Firefox\Profiles\2x29j681.default\extensions\[email protected]
[2014-11-26 00:41:14 | 000,790,654 | ---- | M] () (No name found) -- C:\Users\Jean\AppData\Roaming\Mozilla\Firefox\Profiles\2x29j681.default\extensions\[email protected]
[2014-12-18 19:42:21 | 000,590,847 | ---- | M] () (No name found) -- C:\Users\Jean\AppData\Roaming\Mozilla\Firefox\Profiles\2x29j681.default\extensions\[email protected]
[2013-10-15 07:51:50 | 000,020,628 | ---- | M] () (No name found) -- C:\Users\Jean\AppData\Roaming\Mozilla\Firefox\Profiles\2x29j681.default\extensions\{0c8fbd76-bdeb-4c52-9b24-d587ce7b9dc3}.xpi
[2014-10-21 19:09:36 | 000,537,656 | ---- | M] () (No name found) -- C:\Users\Jean\AppData\Roaming\Mozilla\Firefox\Profiles\2x29j681.default\extensions\{1280606b-2510-4fe0-97ef-9b5a22eafe30}.xpi
[2013-10-15 07:51:50 | 000,151,038 | ---- | M] () (No name found) -- C:\Users\Jean\AppData\Roaming\Mozilla\Firefox\Profiles\2x29j681.default\extensions\{5C655500-E712-41e7-9349-CE462F844B19}.xpi
[2014-12-26 19:42:12 | 000,544,302 | ---- | M] () (No name found) -- C:\Users\Jean\AppData\Roaming\Mozilla\Firefox\Profiles\2x29j681.default\extensions\{73a6fe31-595d-460b-a920-fcc0f8843232}.xpi
[2014-07-23 14:21:11 | 000,017,150 | ---- | M] () (No name found) -- C:\Users\Jean\AppData\Roaming\Mozilla\Firefox\Profiles\2x29j681.default\extensions\{c37bac34-849a-4d28-be41-549b2c76c64e}.xpi
[2014-11-12 10:37:17 | 000,979,699 | ---- | M] () (No name found) -- C:\Users\Jean\AppData\Roaming\Mozilla\Firefox\Profiles\2x29j681.default\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi
[2014-12-22 19:42:08 | 000,029,104 | ---- | M] () (No name found) -- C:\Users\Jean\AppData\Roaming\Mozilla\Firefox\Profiles\2x29j681.default\extensions\{d4e0dc9c-c356-438e-afbe-dca439f4399d}.xpi
[2014-10-29 18:12:50 | 000,304,000 | ---- | M] () (No name found) -- C:\Users\Jean\AppData\Roaming\Mozilla\Firefox\Profiles\2x29j681.default\extensions\{e4a8a97b-f2ed-450b-b12d-ee082ba24781}.xpi
[2014-06-10 15:40:58 | 000,001,874 | ---- | M] () -- C:\Users\Jean\AppData\Roaming\Mozilla\Firefox\Profiles\2x29j681.default\searchplugins\duckduckgo.xml
[2014-12-11 15:10:07 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\Mozilla Firefox\extensions
[2014-12-11 15:10:07 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\Mozilla Firefox\browser\extensions
[2014-12-11 15:10:29 | 000,000,000 | ---D | M] (Default) -- C:\Program Files (x86)\Mozilla Firefox\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
[2014-07-28 05:09:22 | 000,186,912 | ---- | M] (Tracker Software Products (Canada) Ltd.) -- C:\Program Files (x86)\mozilla firefox\plugins\npPDFXCviewNPPlugin.dll
========== Chrome ==========
CHR - default_search_provider: (Enabled)
CHR - default_search_provider: search_url =
CHR - default_search_provider: suggest_url =
CHR - plugin: Error reading preferences file
CHR - Extension: No name found = C:\Users\Jean\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake\0.7_0\
CHR - Extension: No name found = C:\Users\Jean\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\6.3_0\
CHR - Extension: No name found = C:\Users\Jean\AppData\Local\Google\Chrome\User Data\Default\Extensions\bepbmhgboaologfdajaanbcjmnhjmhfn\0.1.1.5023_0\
CHR - Extension: No name found = C:\Users\Jean\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.6_0\
CHR - Extension: No name found = C:\Users\Jean\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.20_0\
CHR - Extension: No name found = C:\Users\Jean\AppData\Local\Google\Chrome\User Data\Default\Extensions\eljapbgkmlngdpckoiiibecpemleclhh\1.2_0\
CHR - Extension: No name found = C:\Users\Jean\AppData\Local\Google\Chrome\User Data\Default\Extensions\jeoacafpbcihiomhlakheieifhpjdfeo\5.18.17_0\
CHR - Extension: No name found = C:\Users\Jean\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.6.1_0\
CHR - Extension: No name found = C:\Users\Jean\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_1\
O1 HOSTS File: ([2009-06-10 15:00:26 | 000,000,824 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts
O2:64bit: - BHO: (Java Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
O2:64bit: - BHO: (Java Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
O2 - BHO: (Java Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
O2 - BHO: (Java Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
O4:64bit: - HKLM..\Run: [ETDCtrl] C:\Program Files\Elantech\ETDCtrl.exe (ELAN Microelectronics Corp.)
O4:64bit: - HKLM..\Run: [HotKeysCmds] C:\Windows\SysNative\hkcmd.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [IgfxTray] C:\Windows\SysNative\igfxtray.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [Persistence] C:\Windows\SysNative\igfxpers.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [RtHDVCpl] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe (Realtek Semiconductor)
O4:64bit: - HKLM..\Run: [WD Quick View] C:\Program Files\Western Digital\WD SmartWare\WDDMStatus.exe (Western Digital Technologies, Inc.)
O4 - HKLM..\Run: [AVG_UI] C:\Program Files (x86)\AVG\AVG2015\avgui.exe (AVG Technologies CZ, s.r.o.)
O4 - HKLM..\Run: [avgnt] C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe (Avira Operations GmbH & Co. KG)
O4 - HKLM..\Run: [Avira Systray] C:\Program Files (x86)\Avira\My Avira\Avira.OE.Systray.exe (Avira Operations GmbH & Co. KG)
O4 - HKLM..\Run: [DriveUtilitiesHelper] C:\Program Files (x86)\Western Digital\WD Utilities\WDDriveUtilitiesHelper.exe (Western Digital Technologies, Inc.)
O4 - HKLM..\Run: [HControlUser] C:\Program Files (x86)\ASUS\ATK Hotkey\HControlUser.exe (ASUS)
O4 - HKLM..\Run: [WD Drive Unlocker] C:\Program Files (x86)\Western Digital\WD Apps\WDDriveAutoUnlock.exe (Western Digital)
O4 - HKU\S-1-5-19..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation)
O4 - HKU\S-1-5-20..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation)
O4 - HKU\S-1-5-21-3001965132-3898090023-1802478263-1000..\Run: [cdloader] C:\Users\Jean\AppData\Roaming\mjusbsp\cdloader2.exe (magicJack L.P.)
O4 - HKU\S-1-5-21-3001965132-3898090023-1802478263-1000..\Run: [Process Hacker 2] C:\Program Files\Process Hacker 2\ProcessHacker.exe (wj32)
O4 - HKU\S-1-5-21-3001965132-3898090023-1802478263-1000..\Run: [qBittorrent] C:\Program Files (x86)\qBittorrent\qbittorrent.exe ()
O4 - HKU\S-1-5-21-3001965132-3898090023-1802478263-1000..\Run: [WinPatrol] C:\Program Files (x86)\BillP Studios\WinPatrol\winpatrol.exe (BillP Studios)
O4 - HKU\S-1-5-80-425977601-1203083412-1631309457-2457533047-3321749933..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation)
O4 - HKU\S-1-5-19..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found
O4 - HKU\S-1-5-20..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found
O4 - HKU\S-1-5-80-425977601-1203083412-1631309457-2457533047-3321749933..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O7 - HKU\S-1-5-21-3001965132-3898090023-1802478263-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O1364bit: - gopher Prefix: missing
O13 - gopher Prefix: missing
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.254
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{28897DA9-1DC3-4BC5-9DCE-D7F6F4E2A261}: NameServer = 8.8.8.8,8.8.4.4,4.2.2.1,4.2.2.2,208.67.222.222,208.67.220.220,8.26.56.26,8.20.247.20,156.154.70.1,156.154.71.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{EA7137A8-9ED2-4D96-91B3-DE72362D084A}: DhcpNameServer = 192.168.1.254
O18:64bit: - Protocol\Handler\belarc - No CLSID value found
O18:64bit: - Protocol\Handler\skype4com - No CLSID value found
O18 - Protocol\Handler\belarc {6318E0AB-2E93-11D1-B8ED-00608CC9A71F} - C:\Program Files (x86)\Belarc\BelarcAdvisor\System\BAVoilaX.dll (Belarc, Inc.)
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\System32\Userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (userinit.exe) - C:\Windows\SysWow64\userinit.exe (Microsoft Corporation)
O20:64bit: - Winlogon\Notify\igfxcui: DllName - (igfxdev.dll) - C:\Windows\SysNative\igfxdev.dll (Intel Corporation)
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2015-01-01 12:15:57 | 000,000,000 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O32 - AutoRun File - [2009-06-18 15:12:18 | 000,000,088 | ---- | M] () - G:\autorun.inf -- [ UDF ]
O32 - AutoRun File - [2009-06-18 15:12:18 | 000,000,088 | ---- | M] () - H:\autorun.inf -- [ UDF ]
O33 - MountPoints2\{05102f6e-5689-11e3-9af1-90e6ba1db718}\Shell\AutoRun\command - "" = F:\autorun.exe
O33 - MountPoints2\{05102f6e-5689-11e3-9af1-90e6ba1db718}\Shell\phone\command - "" = F:\autorun.exe
O33 - MountPoints2\{0d9c9f29-87b5-11e4-8be2-806e6f6e6963}\Shell - "" = AutoRun
O33 - MountPoints2\{0d9c9f29-87b5-11e4-8be2-806e6f6e6963}\Shell\AutoRun\command - "" = "F:\WD SmartWare.exe" autoplay=true
O33 - MountPoints2\{0d9c9f32-87b5-11e4-8be2-806e6f6e6963}\Shell - "" = AutoRun
O33 - MountPoints2\{0d9c9f32-87b5-11e4-8be2-806e6f6e6963}\Shell\AutoRun\command - "" = G:\WD SmartWare.exe -- [2009-08-17 11:53:00 | 002,770,432 | ---- | M] (Western Digital)
O33 - MountPoints2\{16b48840-639a-11e4-a986-90e6ba3aa19e}\Shell - "" = AutoRun
O33 - MountPoints2\{16b48840-639a-11e4-a986-90e6ba3aa19e}\Shell\AutoRun\command - "" = G:\WD SmartWare.exe -- [2009-08-17 11:53:00 | 002,770,432 | ---- | M] (Western Digital)
O33 - MountPoints2\{16b4885f-639a-11e4-a986-90e6ba3aa19e}\Shell - "" = AutoRun
O33 - MountPoints2\{16b4885f-639a-11e4-a986-90e6ba3aa19e}\Shell\AutoRun\command - "" = "I:\WD SmartWare.exe" autoplay=true
O33 - MountPoints2\{6ee6bb41-3eba-11e3-b834-90e6ba1db718}\Shell - "" = AutoRun
O33 - MountPoints2\{6ee6bb41-3eba-11e3-b834-90e6ba1db718}\Shell\AutoRun\command - "" = "F:\WD SmartWare.exe" autoplay=true
O33 - MountPoints2\{6ee6bb45-3eba-11e3-b834-90e6ba1db718}\Shell - "" = AutoRun
O33 - MountPoints2\{6ee6bb45-3eba-11e3-b834-90e6ba1db718}\Shell\AutoRun\command - "" = G:\WD SmartWare.exe -- [2009-08-17 11:53:00 | 002,770,432 | ---- | M] (Western Digital)
O33 - MountPoints2\{6ee6bb72-3eba-11e3-b834-90e6ba1db718}\Shell - "" = AutoRun
O33 - MountPoints2\{6ee6bb72-3eba-11e3-b834-90e6ba1db718}\Shell\AutoRun\command - "" = "F:\WD SmartWare.exe" autoplay=true
O33 - MountPoints2\{6ee6bb7e-3eba-11e3-b834-90e6ba1db718}\Shell - "" = AutoRun
O33 - MountPoints2\{6ee6bb7e-3eba-11e3-b834-90e6ba1db718}\Shell\AutoRun\command - "" = G:\WD SmartWare.exe -- [2009-08-17 11:53:00 | 002,770,432 | ---- | M] (Western Digital)
O33 - MountPoints2\{7322162b-78bd-11e3-98e7-90e6ba3aa19e}\Shell - "" = AutoRun
O33 - MountPoints2\{7322162b-78bd-11e3-98e7-90e6ba3aa19e}\Shell\AutoRun\command - "" = G:\WD SmartWare.exe -- [2009-08-17 11:53:00 | 002,770,432 | ---- | M] (Western Digital)
O33 - MountPoints2\{7322162d-78bd-11e3-98e7-90e6ba3aa19e}\Shell - "" = AutoRun
O33 - MountPoints2\{7322162d-78bd-11e3-98e7-90e6ba3aa19e}\Shell\AutoRun\command - "" = "F:\WD SmartWare.exe" autoplay=true
O33 - MountPoints2\{749f377b-814d-11e4-b70a-90e6ba3aa19e}\Shell\AutoRun\command - "" = H:\autorun.exe
O33 - MountPoints2\{749f377b-814d-11e4-b70a-90e6ba3aa19e}\Shell\phone\command - "" = H:\autorun.exe
O33 - MountPoints2\{9c062baa-925f-11e4-8fa2-806e6f6e6963}\Shell - "" = AutoRun
O33 - MountPoints2\{9c062baa-925f-11e4-8fa2-806e6f6e6963}\Shell\AutoRun\command - "" = G:\WD SmartWare.exe -- [2009-08-17 11:53:00 | 002,770,432 | ---- | M] (Western Digital)
O33 - MountPoints2\{9c062bb0-925f-11e4-8fa2-806e6f6e6963}\Shell - "" = AutoRun
O33 - MountPoints2\{9c062bb0-925f-11e4-8fa2-806e6f6e6963}\Shell\AutoRun\command - "" = H:\WD SmartWare.exe -- [2009-08-17 11:53:00 | 002,770,432 | ---- | M] (Western Digital)
O33 - MountPoints2\{b8be37b8-8d41-11e4-8a45-90e6ba3aa19e}\Shell - "" = AutoRun
O33 - MountPoints2\{b8be37b8-8d41-11e4-8a45-90e6ba3aa19e}\Shell\AutoRun\command - "" = "F:\WD SmartWare.exe" autoplay=true
O33 - MountPoints2\{b8be37ca-8d41-11e4-8a45-90e6ba3aa19e}\Shell - "" = AutoRun
O33 - MountPoints2\{b8be37ca-8d41-11e4-8a45-90e6ba3aa19e}\Shell\AutoRun\command - "" = G:\WD SmartWare.exe -- [2009-08-17 11:53:00 | 002,770,432 | ---- | M] (Western Digital)
O33 - MountPoints2\{c73e7de4-78b9-11e4-b6bf-90e6ba3aa19e}\Shell - "" = AutoRun
O33 - MountPoints2\{c73e7de4-78b9-11e4-b6bf-90e6ba3aa19e}\Shell\AutoRun\command - "" = "F:\WD SmartWare.exe" autoplay=true
O33 - MountPoints2\{c73e7dec-78b9-11e4-b6bf-90e6ba3aa19e}\Shell - "" = AutoRun
O33 - MountPoints2\{c73e7dec-78b9-11e4-b6bf-90e6ba3aa19e}\Shell\AutoRun\command - "" = G:\WD SmartWare.exe -- [2009-08-17 11:53:00 | 002,770,432 | ---- | M] (Western Digital)
O33 - MountPoints2\{ecf6aa1d-355f-11e3-93b5-90e6ba1db718}\Shell\AutoRun\command - "" = F:\autorun.exe
O33 - MountPoints2\{ecf6aa1d-355f-11e3-93b5-90e6ba1db718}\Shell\phone\command - "" = F:\autorun.exe
O33 - MountPoints2\G\Shell - "" = AutoRun
O33 - MountPoints2\G\Shell\AutoRun\command - "" = G:\WD SmartWare.exe -- [2009-08-17 11:53:00 | 002,770,432 | ---- | M] (Western Digital)
O33 - MountPoints2\H\Shell - "" = AutoRun
O33 - MountPoints2\H\Shell\AutoRun\command - "" = H:\WD SmartWare.exe -- [2009-08-17 11:53:00 | 002,770,432 | ---- | M] (Western Digital)
O34 - HKLM BootExecute: (autocheck autochk *)
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)
========== Files/Folders - Created Within 30 Days ==========
[2015-01-01 05:01:06 | 000,000,000 | ---D | C] -- C:\Users\Jean\Desktop\RK_Quarantine
[2014-12-23 13:18:09 | 000,000,000 | ---D | C] -- C:\Users\Jean\Desktop\_ COUPONS
[2014-12-11 15:10:07 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Mozilla Firefox
[2014-12-11 03:36:39 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\appraiser
[2014-12-09 18:12:53 | 000,000,000 | ---D | C] -- C:\Users\Jean\AppData\Roaming\Avg_Update_1214av
[2014-12-09 18:11:58 | 000,000,000 | ---D | C] -- C:\ProgramData\Avg_Update_1214av
[2 C:\*.tmp files -> C:\*.tmp -> ]
[1 C:\Windows\SysWow64\*.tmp files -> C:\Windows\SysWow64\*.tmp -> ]
[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]
========== Files - Modified Within 30 Days ==========
[2015-01-02 20:05:00 | 000,000,894 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2015-01-02 19:53:01 | 000,000,830 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
[2015-01-02 18:39:19 | 000,000,950 | ---- | M] () -- C:\Users\Jean\Desktop\magicJack.lnk
[2015-01-02 18:05:36 | 000,031,552 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2015-01-02 18:05:36 | 000,031,552 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2015-01-02 17:52:27 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2015-01-02 17:51:21 | 3193,884,672 | -HS- | M] () -- C:\hiberfil.sys
[2015-01-02 17:22:38 | 000,017,888 | ---- | M] () -- C:\Users\Jean\Desktop\Untitled 1.odt
[2015-01-02 12:02:06 | 000,001,216 | ---- | M] () -- C:\Users\Public\Desktop\CryptoPrevent.lnk
[2015-01-02 03:29:02 | 000,919,700 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2015-01-02 03:29:02 | 000,758,498 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2015-01-02 03:29:02 | 000,160,222 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2015-01-02 02:45:35 | 000,129,752 | ---- | M] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\MBAMSwissArmy.sys
[2015-01-01 15:20:13 | 001,640,622 | ---- | M] () -- C:\Users\Jean\Documents\USBOblivion-64-JEAN-PC-150101-152002.reg
[2015-01-01 12:15:57 | 000,000,000 | ---- | M] () -- C:\autoexec.bat
[2014-12-28 21:20:49 | 000,018,025 | ---- | M] () -- C:\Users\Jean\Desktop\accounts.ods
[2014-12-28 16:49:20 | 000,013,945 | ---- | M] () -- C:\Users\Jean\Desktop\Bag Comparison.ods
[2014-12-19 12:08:31 | 002,214,946 | ---- | M] () -- C:\Users\Jean\Documents\USBOblivion-64-JEAN-PC-141219-120821.reg
[2014-12-15 14:01:01 | 000,001,133 | ---- | M] () -- C:\Users\Public\Desktop\Avira.lnk
[2 C:\*.tmp files -> C:\*.tmp -> ]
[1 C:\Windows\SysWow64\*.tmp files -> C:\Windows\SysWow64\*.tmp -> ]
[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]
========== Files Created - No Company Name ==========
[2015-01-02 17:22:32 | 000,017,888 | ---- | C] () -- C:\Users\Jean\Desktop\Untitled 1.odt
[2015-01-01 15:20:02 | 001,640,622 | ---- | C] () -- C:\Users\Jean\Documents\USBOblivion-64-JEAN-PC-150101-152002.reg
[2015-01-01 12:15:57 | 000,000,000 | ---- | C] () -- C:\autoexec.bat
[2014-12-27 11:27:14 | 000,013,945 | ---- | C] () -- C:\Users\Jean\Desktop\Bag Comparison.ods
[2014-12-19 12:08:21 | 002,214,946 | ---- | C] () -- C:\Users\Jean\Documents\USBOblivion-64-JEAN-PC-141219-120821.reg
[2014-12-15 14:01:01 | 000,001,133 | ---- | C] () -- C:\Users\Public\Desktop\Avira.lnk
[2014-11-30 13:57:35 | 000,000,135 | ---- | C] () -- C:\Windows\ODBC.INI
[2014-11-30 13:57:33 | 000,000,401 | ---- | C] () -- C:\Windows\ODBCINST.INI
[2014-11-30 13:51:42 | 000,038,194 | ---- | C] () -- C:\Windows\Irremote.ini
[2014-11-30 13:49:27 | 000,142,337 | ---- | C] () -- C:\Windows\SysWow64\Wait.exe
[2014-11-30 13:45:02 | 000,004,654 | ---- | C] () -- C:\Windows\HCWPNP.INI
[2014-11-08 14:42:56 | 003,211,264 | ---- | C] () -- C:\Users\Jean\WAStorageEmulatorDb33.mdf
[2014-11-08 14:42:56 | 000,851,968 | ---- | C] () -- C:\Users\Jean\WAStorageEmulatorDb33_log.ldf
[2014-08-03 12:53:32 | 000,055,296 | ---- | C] () -- C:\Windows\SysWow64\drivers\SSIPDDP.SYS
[2013-10-29 16:21:17 | 000,007,596 | ---- | C] () -- C:\Users\Jean\AppData\Local\Resmon.ResmonCfg
[2013-10-17 23:03:06 | 000,032,256 | -HS- | C] () -- C:\Windows\SysWow64\AVSredirect.dll
[2013-10-12 20:53:19 | 000,444,283 | ---- | C] () -- C:\Program Files\Common Files\WinPcapNmap.exe
[2013-10-11 14:29:00 | 000,911,722 | ---- | C] () -- C:\Windows\SysWow64\PerfStringBackup.INI
========== ZeroAccess Check ==========
[2009-07-13 22:55:00 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini
[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] /64
[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
"" = C:\Windows\SysNative\shell32.dll -- [2014-06-24 20:05:42 | 014,175,744 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2014-06-24 19:41:30 | 012,874,240 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\fastprox.dll -- [2009-07-13 19:40:51 | 000,909,312 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2010-11-20 21:24:25 | 000,606,208 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\wbemess.dll -- [2009-07-13 19:41:56 | 000,505,856 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]
========== LOP Check ==========
[2013-10-18 23:22:07 | 000,000,000 | ---D | M] -- C:\Users\Default\AppData\Roaming\TuneUp Software
[2013-10-18 23:22:07 | 000,000,000 | ---D | M] -- C:\Users\Default User\AppData\Roaming\TuneUp Software
[2013-10-13 18:32:20 | 000,000,000 | ---D | M] -- C:\Users\Jean\AppData\Roaming\Ad-Aware Antivirus
[2014-12-20 20:54:09 | 000,000,000 | ---D | M] -- C:\Users\Jean\AppData\Roaming\Audacity
[2014-10-16 08:49:41 | 000,000,000 | ---D | M] -- C:\Users\Jean\AppData\Roaming\Auslogics
[2013-11-25 20:57:59 | 000,000,000 | ---D | M] -- C:\Users\Jean\AppData\Roaming\AVAST Software
[2014-11-19 09:41:02 | 000,000,000 | ---D | M] -- C:\Users\Jean\AppData\Roaming\AVG2015
[2014-12-09 18:12:55 | 000,000,000 | ---D | M] -- C:\Users\Jean\AppData\Roaming\Avg_Update_1214av
[2014-12-17 02:36:31 | 000,000,000 | ---D | M] -- C:\Users\Jean\AppData\Roaming\avidemux
[2014-05-02 16:39:02 | 000,000,000 | ---D | M] -- C:\Users\Jean\AppData\Roaming\BatteryBar
[2014-07-02 03:39:24 | 000,000,000 | ---D | M] -- C:\Users\Jean\AppData\Roaming\calibre
[2013-10-11 20:19:41 | 000,000,000 | ---D | M] -- C:\Users\Jean\AppData\Roaming\Canneverbe Limited
[2014-06-27 15:28:56 | 000,000,000 | ---D | M] -- C:\Users\Jean\AppData\Roaming\Digiarty
[2013-10-11 18:36:28 | 000,000,000 | ---D | M] -- C:\Users\Jean\AppData\Roaming\Dropbox
[2013-10-23 06:52:02 | 000,000,000 | ---D | M] -- C:\Users\Jean\AppData\Roaming\DScaler4
[2013-10-11 18:53:03 | 000,000,000 | ---D | M] -- C:\Users\Jean\AppData\Roaming\Foxit Software
[2013-10-12 14:39:06 | 000,000,000 | ---D | M] -- C:\Users\Jean\AppData\Roaming\freac
[2014-07-26 15:52:27 | 000,000,000 | ---D | M] -- C:\Users\Jean\AppData\Roaming\Gui4Cli
[2014-07-26 15:06:21 | 000,000,000 | ---D | M] -- C:\Users\Jean\AppData\Roaming\HandBrake
[2013-10-14 07:33:34 | 000,000,000 | ---D | M] -- C:\Users\Jean\AppData\Roaming\HeidiSQL
[2014-05-02 13:42:40 | 000,000,000 | ---D | M] -- C:\Users\Jean\AppData\Roaming\Hulubulu
[2014-11-08 14:10:27 | 000,000,000 | ---D | M] -- C:\Users\Jean\AppData\Roaming\JGsoft
[2013-10-11 17:05:02 | 000,000,000 | ---D | M] -- C:\Users\Jean\AppData\Roaming\K-Meleon
[2013-10-14 07:27:02 | 000,000,000 | ---D | M] -- C:\Users\Jean\AppData\Roaming\KompoZer
[2013-12-07 20:26:31 | 000,000,000 | ---D | M] -- C:\Users\Jean\AppData\Roaming\Locate32
[2013-10-12 16:05:44 | 000,000,000 | ---D | M] -- C:\Users\Jean\AppData\Roaming\LockHunter
[2013-10-11 14:52:57 | 000,000,000 | ---D | M] -- C:\Users\Jean\AppData\Roaming\Lunascape
[2015-01-02 18:39:23 | 000,000,000 | ---D | M] -- C:\Users\Jean\AppData\Roaming\mjusbsp
[2013-10-12 17:05:37 | 000,000,000 | ---D | M] -- C:\Users\Jean\AppData\Roaming\Moonchild Productions
[2013-10-17 08:49:13 | 000,000,000 | ---D | M] -- C:\Users\Jean\AppData\Roaming\Notepad++
[2014-11-12 21:35:23 | 000,000,000 | ---D | M] -- C:\Users\Jean\AppData\Roaming\OfficeRecovery
[2013-10-13 08:04:23 | 000,000,000 | ---D | M] -- C:\Users\Jean\AppData\Roaming\OpenOffice
[2013-10-11 14:50:31 | 000,000,000 | ---D | M] -- C:\Users\Jean\AppData\Roaming\Opera Software
[2014-05-11 00:09:43 | 000,000,000 | ---D | M] -- C:\Users\Jean\AppData\Roaming\Oracle
[2013-11-06 19:59:04 | 000,000,000 | ---D | M] -- C:\Users\Jean\AppData\Roaming\PhotoScape
[2014-11-08 08:33:16 | 000,000,000 | ---D | M] -- C:\Users\Jean\AppData\Roaming\PicPick
[2013-10-22 11:06:10 | 000,000,000 | ---D | M] -- C:\Users\Jean\AppData\Roaming\Process Hacker 2
[2013-10-11 19:01:38 | 000,000,000 | ---D | M] -- C:\Users\Jean\AppData\Roaming\ProXoft
[2013-10-14 06:51:57 | 000,000,000 | ---D | M] -- C:\Users\Jean\AppData\Roaming\PyScripter
[2014-09-30 16:57:36 | 000,000,000 | ---D | M] -- C:\Users\Jean\AppData\Roaming\qBittorrent
[2013-10-11 17:15:29 | 000,000,000 | ---D | M] -- C:\Users\Jean\AppData\Roaming\skychart
[2013-10-11 18:50:13 | 000,000,000 | ---D | M] -- C:\Users\Jean\AppData\Roaming\Softland
[2014-05-29 15:43:10 | 000,000,000 | ---D | M] -- C:\Users\Jean\AppData\Roaming\Stellarium
[2013-10-14 07:31:07 | 000,000,000 | ---D | M] -- C:\Users\Jean\AppData\Roaming\Telerik
[2014-11-06 08:25:17 | 000,000,000 | ---D | M] -- C:\Users\Jean\AppData\Roaming\TeraCopy
[2014-11-13 09:44:42 | 000,000,000 | ---D | M] -- C:\Users\Jean\AppData\Roaming\tixati
[2013-10-15 20:47:08 | 000,000,000 | ---D | M] -- C:\Users\Jean\AppData\Roaming\TuneUp Software
[2014-05-12 07:38:05 | 000,000,000 | ---D | M] -- C:\Users\Jean\AppData\Roaming\uTorrent
[2013-10-12 20:55:42 | 000,000,000 | ---D | M] -- C:\Users\Jean\AppData\Roaming\VDownloader
[2014-12-06 09:13:38 | 000,000,000 | ---D | M] -- C:\Users\Jean\AppData\Roaming\WinFF
[2014-05-13 12:37:37 | 000,000,000 | ---D | M] -- C:\Users\Jean\AppData\Roaming\WinISO Computing
[2014-09-08 13:17:50 | 000,000,000 | ---D | M] -- C:\Users\Jean\AppData\Roaming\WinMount
[2013-10-11 18:11:53 | 000,000,000 | ---D | M] -- C:\Users\Jean\AppData\Roaming\WinPatrol
[2013-11-19 23:28:09 | 000,000,000 | ---D | M] -- C:\Users\Jean\AppData\Roaming\www.shadowexplorer.com
========== Purity Check ==========
========== Files - Unicode (All) ==========
[2013-11-25 19:22:03 | 106,156,080 | ---- | M] ()(C:\Windows\SysWow64\???k) -- C:\Windows\SysWow64\器崠၄k
[2013-11-25 16:27:48 | 106,156,080 | ---- | C] ()(C:\Windows\SysWow64\???k) -- C:\Windows\SysWow64\器崠၄k
[2013-11-10 09:04:28 | 103,467,942 | ---- | M] ()(C:\Windows\SysWow64\???¨) -- C:\Windows\SysWow64\㢂薬၄¨
[2013-11-09 15:05:17 | 103,467,942 | ---- | C] ()(C:\Windows\SysWow64\???¨) -- C:\Windows\SysWow64\㢂薬၄¨
[2013-11-09 04:42:04 | 103,378,319 | ---- | M] ()(C:\Windows\SysWow64\???®) -- C:\Windows\SysWow64\仉ゴ၄®
[2013-11-09 04:42:04 | 103,378,319 | ---- | C] ()(C:\Windows\SysWow64\???®) -- C:\Windows\SysWow64\仉ゴ၄®
[2013-11-04 18:40:23 | 105,017,276 | ---- | M] ()(C:\Windows\SysWow64\????) -- C:\Windows\SysWow64\煠拱၄
[2013-11-04 18:40:23 | 105,017,276 | ---- | C] ()(C:\Windows\SysWow64\????) -- C:\Windows\SysWow64\煠拱၄
[2013-10-26 10:08:22 | 103,108,672 | ---- | M] ()(C:\Windows\SysWow64\????) -- C:\Windows\SysWow64\䆪馧၄
[2013-10-25 09:07:55 | 103,108,672 | ---- | C] ()(C:\Windows\SysWow64\????) -- C:\Windows\SysWow64\䆪馧၄
[2013-10-24 00:29:31 | 102,758,948 | ---- | M] ()(C:\Windows\SysWow64\???¤) -- C:\Windows\SysWow64\봂၄¤
[2013-10-24 00:29:31 | 102,758,948 | ---- | C] ()(C:\Windows\SysWow64\???¤) -- C:\Windows\SysWow64\봂၄¤
[2013-10-19 13:44:52 | 101,983,560 | ---- | M] ()(C:\Windows\SysWow64\???¦) -- C:\Windows\SysWow64\臕胎၄¦
[2013-10-18 13:59:41 | 101,983,560 | ---- | C] ()(C:\Windows\SysWow64\???¦) -- C:\Windows\SysWow64\臕胎၄¦
[2013-10-17 14:07:47 | 101,604,844 | ---- | M] ()(C:\Windows\SysWow64\???) -- C:\Windows\SysWow64\먏┈ང
[2013-10-15 07:49:44 | 101,604,844 | ---- | C] ()(C:\Windows\SysWow64\???) -- C:\Windows\SysWow64\먏┈ང
========== Alternate Data Streams ==========
@Alternate Data Stream - 145 bytes -> C:\ProgramData\TEMP:8CE646EE
< End of report >
@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@
Extras.Txt
OTL Extras logfile created on: 2015-01-02 20:09:31 - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\_ DOWNLOADS
64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.11.9600.17501)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: yyyy-MM-dd
3.97 Gb Total Physical Memory | 0.59 Gb Available Physical Memory | 14.88% Memory free
7.93 Gb Paging File | 4.00 Gb Available in Paging File | 50.45% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 232.88 Gb Total Space | 85.16 Gb Free Space | 36.57% Space Free | Partition Type: NTFS
Drive D: | 218.23 Gb Total Space | 114.47 Gb Free Space | 52.46% Space Free | Partition Type: NTFS
Drive G: | 446.77 Mb Total Space | 0.00 Mb Free Space | 0.00% Space Free | Partition Type: UDF
Drive H: | 446.77 Mb Total Space | 0.00 Mb Free Space | 0.00% Space Free | Partition Type: UDF
Drive I: | 1863.01 Gb Total Space | 137.15 Gb Free Space | 7.36% Space Free | Partition Type: NTFS
Drive J: | 930.86 Gb Total Space | 318.06 Gb Free Space | 34.17% Space Free | Partition Type: NTFS
Drive L: | 930.86 Gb Total Space | 183.46 Gb Free Space | 19.71% Space Free | Partition Type: NTFS
Computer Name: JEAN-PC | User Name: Jean | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Quick Scan | Include 64bit Scans
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days
========== Extra Registry (SafeList) ==========
========== File Associations ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.html[@ = K-Meleon.HTML] -- C:\Program Files (x86)\K-Meleon\K-Meleon.exe (http://kmeleon.sf.net/)
.url[@ = InternetShortcut] -- C:\Windows\SysNative\rundll32.exe (Microsoft Corporation)
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\SysWow64\control.exe (Microsoft Corporation)
.html [@ = K-Meleon.HTML] -- C:\Program Files (x86)\K-Meleon\K-Meleon.exe (http://kmeleon.sf.net/)
[HKEY_USERS\S-1-5-21-3001965132-3898090023-1802478263-1000\SOFTWARE\Classes\<extension>]
.html [@ = PaleMoonHTML] -- C:\Program Files\Pale Moon\palemoon.exe (Moonchild Productions)
========== Shell Spawning ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [edit] -- Reg Error: Key error.
htmlfile [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
htmlfile [opennew] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
htmlfile [print] -- "%systemroot%\system32\rundll32.exe" "%systemroot%\system32\mshtml.dll",PrintHTML "%1"
http [open] -- "C:\Program Files (x86)\K-Meleon\K-Meleon.exe" "%1" (http://kmeleon.sf.net/)
https [open] -- "C:\Program Files (x86)\K-Meleon\K-Meleon.exe" "%1" (http://kmeleon.sf.net/)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
InternetShortcut [open] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll",OpenURL %l (Microsoft Corporation)
InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [abcAVI Tag Editor] -- "C:\Program Files (x86)\abcAVI\avi_tags.exe" "%1" (Alexander A. Sorkin)
Directory [AddToPlaylistVLC] -- "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" (VideoLAN)
Directory [Browse with FastStone] -- "C:\Program Files (x86)\FastStone Image Viewer\FSViewer.exe" "%1" ()
Directory [BWMaxView] -- "C:\Program Files (x86)\FastStone MaxView\MaxView.exe" "%1" ()
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithVLC] -- "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" (VideoLAN)
Directory [Unstopcp] -- "C:\Program Files (x86)\Roadkil.Net\UnstopCpy_5_2_Win2K_UP.exe" "%1" * (Roadkil.Net)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Applications\iexplore.exe [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
CLSID\{871C5380-42A0-1069-A2EA-08002B30309D} [OpenHomePage] -- "C:\Program Files\Internet Explorer\iexplore.exe" (Microsoft Corporation)
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [edit] -- Reg Error: Key error.
htmlfile [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
htmlfile [opennew] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
htmlfile [print] -- "%systemroot%\system32\rundll32.exe" "%systemroot%\system32\mshtml.dll",PrintHTML "%1"
http [open] -- "C:\Program Files (x86)\K-Meleon\K-Meleon.exe" "%1" (http://kmeleon.sf.net/)
https [open] -- "C:\Program Files (x86)\K-Meleon\K-Meleon.exe" "%1" (http://kmeleon.sf.net/)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [abcAVI Tag Editor] -- "C:\Program Files (x86)\abcAVI\avi_tags.exe" "%1" (Alexander A. Sorkin)
Directory [AddToPlaylistVLC] -- "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" (VideoLAN)
Directory [Browse with FastStone] -- "C:\Program Files (x86)\FastStone Image Viewer\FSViewer.exe" "%1" ()
Directory [BWMaxView] -- "C:\Program Files (x86)\FastStone MaxView\MaxView.exe" "%1" ()
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithVLC] -- "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" (VideoLAN)
Directory [Unstopcp] -- "C:\Program Files (x86)\Roadkil.Net\UnstopCpy_5_2_Win2K_UP.exe" "%1" * (Roadkil.Net)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Applications\iexplore.exe [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
CLSID\{871C5380-42A0-1069-A2EA-08002B30309D} [OpenHomePage] -- Reg Error: Value error.
========== Security Center Settings ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = 28 4D B2 76 41 04 CA 01 [binary data]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
========== Firewall Settings ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0
========== Authorized Applications List ==========
========== Vista Active Open Ports Exception List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{158A3CEB-C7C4-4DFB-9CC0-1D37EE72A165}" = lport=3702 | protocol=17 | dir=in | app=c:\program files (x86)\microsoft visual studio 11.0\common7\ide\wdexpress.exe |
"{E6DE471F-AC8F-4A24-B318-874C2A718C7E}" = lport=5353 | protocol=17 | dir=in | app=c:\program files (x86)\google\chrome\application\chrome.exe |
========== Vista Active Application Exception List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{03B937A2-90D6-494F-9238-37CB8263737A}" = protocol=17 | dir=in | app=c:\program files (x86)\wolfram research\wolfram cdf player\9.0\wolframcdfplayer.exe |
"{166E4A5A-A84A-4679-8F37-652045D5C041}" = protocol=17 | dir=in | app=c:\users\jean\appdata\roaming\utorrent\utorrent.exe |
"{262BFDE6-ABE3-49CF-AEFB-5568AD9C27A0}" = protocol=6 | dir=in | app=c:\program files (x86)\avg\avg2014\avgmfapx.exe |
"{30579D14-92CA-4A0C-B2E8-BF9301EB5B5B}" = protocol=17 | dir=in | app=c:\users\jean\appdata\roaming\dropbox\bin\dropbox.exe |
"{3EDAE41B-241D-42F2-AD19-9C6B54B464DA}" = protocol=17 | dir=in | app=c:\program files (x86)\wintv\tvserver\capturedcr.exe |
"{4D7000B9-2FC2-44B5-AD37-F5B36420EC3A}" = protocol=6 | dir=in | app=c:\users\jean\appdata\roaming\dropbox\bin\dropbox.exe |
"{4E5E8DA9-DE70-4557-A4A9-10B3593009B5}" = protocol=17 | dir=in | app=c:\program files (x86)\wintv\wintv7\wintv7.exe |
"{5A94D6DB-308D-45AC-8089-0439487F4B91}" = protocol=6 | dir=in | app=c:\program files (x86)\wolfram research\wolfram cdf player\9.0\wolframcdfplayer.exe |
"{62776862-1BC2-42CC-8A26-2CB856E5A87B}" = protocol=6 | dir=in | app=c:\users\jean\appdata\roaming\mjusbsp\magicjack.exe |
"{6745961D-4BB7-4141-B94A-72E8877323CC}" = protocol=17 | dir=in | app=c:\program files\wolfram research\mathematica\7.0\math.exe |
"{6928A23A-784A-4D30-AD31-EB4DDF0F9C45}" = protocol=6 | dir=in | app=c:\program files (x86)\wintv\wintv7\wintv7.exe |
"{69330416-CE34-4651-A77F-6A24AD200EEB}" = protocol=17 | dir=in | app=c:\users\jean\appdata\roaming\mjusbsp\magicjack.exe |
"{6FA0826C-2571-45C4-9E83-20306B238BB4}" = protocol=17 | dir=in | app=c:\program files\wolfram research\mathematica\7.0\mathematica.exe |
"{72A1E9AB-D5FB-4B8B-B70B-60B78B7E98CC}" = protocol=17 | dir=in | app=c:\program files (x86)\qbittorrent\qbittorrent.exe |
"{72F38340-2F46-4F10-8584-EAC9748E05F2}" = protocol=6 | dir=in | app=c:\program files\wolfram research\mathematica\7.0\mathematica.exe |
"{741241FB-DA2C-439A-8C18-297AE2376F9C}" = protocol=6 | dir=in | app=c:\program files (x86)\wintv\wintv7\wintv7.exe |
"{748CB162-5542-4776-BAE7-FCFA86385E6B}" = protocol=17 | dir=in | app=c:\program files (x86)\wintv\tvserver\capturedcr.exe |
"{7CADC34B-169D-4A7C-AAA3-80A6A37B7289}" = protocol=17 | dir=in | app=c:\program files (x86)\avg\avg2014\avgmfapx.exe |
"{89FB1830-E510-4B52-A5AF-5E6783682513}" = protocol=6 | dir=in | app=c:\program files (x86)\wintv\tvserver\capturedcr.exe |
"{92C911C1-13B8-496C-A373-40D1D41F5649}" = protocol=6 | dir=in | app=c:\program files\wolfram research\mathematica\7.0\math.exe |
"{9D31CD13-6916-4088-AB6C-1FE7D8A9D57D}" = protocol=17 | dir=in | app=c:\program files\wolfram research\mathematica\7.0\mathkernel.exe |
"{A5A33BB2-FEB9-48B8-981E-2569275F2C17}" = protocol=6 | dir=in | app=c:\program files\wolfram research\mathematica\7.0\mathkernel.exe |
"{BDE237CB-467B-43DE-8B08-1C71B43A4BE7}" = protocol=6 | dir=in | app=c:\program files (x86)\avg\avg2015\avgdiagex.exe |
"{C09223FD-FEFF-4012-AE23-4E5D00DAC23D}" = protocol=17 | dir=in | app=c:\program files (x86)\avg\avg2014\avgdiagex.exe |
"{C55FE187-B91F-44F6-8F05-B6FC0B339592}" = protocol=17 | dir=in | app=c:\program files (x86)\avg\avg2014\avgmfapx.exe |
"{C6031CED-9BEA-4A81-AA87-F9BAAE226059}" = protocol=6 | dir=in | app=c:\program files (x86)\avg\avg2014\avgdiagex.exe |
"{C61D1558-0AC3-4876-8D16-324D38001D5D}" = protocol=17 | dir=in | app=c:\program files (x86)\avg\avg2015\avgmfapx.exe |
"{C81B1074-278B-4324-966B-0D3C1CF250E4}" = protocol=17 | dir=in | app=c:\program files (x86)\avg\avg2015\avgdiagex.exe |
"{D0ACB39D-F4BB-4A31-9B9A-6655A2E49BED}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{D26E51C3-BF15-4B85-B260-585B013857FC}" = protocol=17 | dir=in | app=c:\users\jean\appdata\roaming\mjusbsp\magicjack.exe |
"{D3691BF6-6C2F-4921-B33A-E6D496F1AA26}" = protocol=6 | dir=in | app=c:\program files (x86)\wintv\tvserver\capturedcr.exe |
"{D413B1CB-B622-48A0-840B-122EC8C11604}" = protocol=6 | dir=in | app=c:\users\jean\appdata\roaming\utorrent\utorrent.exe |
"{DA4CA68A-7B28-4BD3-9134-3F566A926243}" = protocol=6 | dir=in | app=c:\program files (x86)\qbittorrent\qbittorrent.exe |
"{DA56E1E9-9456-4B47-8D78-D27886C25D01}" = protocol=6 | dir=in | app=c:\program files (x86)\wolfram research\wolfram cdf player\9.0\math.exe |
"{DF06C8E5-5192-48C6-BA19-AF7D4A7D8694}" = protocol=6 | dir=in | app=c:\users\jean\appdata\roaming\mjusbsp\magicjack.exe |
"{E12FA7A1-269F-4BB6-B486-0D8648666955}" = protocol=6 | dir=in | app=c:\program files (x86)\avg\avg2015\avgmfapx.exe |
"{EAA95227-11B4-403A-A63E-A86CFC7096C8}" = protocol=17 | dir=in | app=c:\program files (x86)\wintv\wintv7\wintv7.exe |
"{FCA51C6E-EAFD-4CBE-A110-3DC21016FD10}" = protocol=17 | dir=in | app=c:\program files (x86)\wolfram research\wolfram cdf player\9.0\math.exe |
"{FE8060D4-3FE1-4DF2-AC23-9915461B0954}" = protocol=6 | dir=in | app=c:\program files (x86)\avg\avg2014\avgmfapx.exe |
"TCP Query User{0F814DD0-81F0-4FAD-B0B9-86FF3F1025AE}E:\easysetupassistant\easysetupassistant.exe" = protocol=6 | dir=in | app=e:\easysetupassistant\easysetupassistant.exe |
"TCP Query User{36B441EC-13C2-4301-AEBE-05B0805CCB57}C:\program files\tixati\tixati.exe" = protocol=6 | dir=in | app=c:\program files\tixati\tixati.exe |
"TCP Query User{B38CE4A9-5CA2-4B26-818A-D493BC7B4883}C:\program files (x86)\wintv\wintv7\wintv7.exe" = protocol=6 | dir=in | app=c:\program files (x86)\wintv\wintv7\wintv7.exe |
"UDP Query User{21736E15-BAFE-412C-A12B-3EF5A42BF59C}E:\easysetupassistant\easysetupassistant.exe" = protocol=17 | dir=in | app=e:\easysetupassistant\easysetupassistant.exe |
"UDP Query User{71C30F3E-8697-416E-8D3F-CD2C4DAC515F}C:\program files\tixati\tixati.exe" = protocol=17 | dir=in | app=c:\program files\tixati\tixati.exe |
"UDP Query User{E31DB01A-44C4-4EDB-B01D-2E83F49AE717}C:\program files (x86)\wintv\wintv7\wintv7.exe" = protocol=17 | dir=in | app=c:\program files (x86)\wintv\wintv7\wintv7.exe |
========== HKEY_LOCAL_MACHINE Uninstall List ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{03AC245F-4C64-425C-89CF-7783C1D3AB2C}" = Microsoft Sync Framework 2.0 Provider Services (x64) ENU
"{0E8670B8-3965-4930-ADA6-570348B67153}" = Microsoft SQL Server 2012 Transact-SQL ScriptDom
"{13D558FE-A863-402C-B115-160007277033}" = Microsoft SQL Server 2012 Express LocalDB
"{1686C4D1-B1FD-42E8-B7A8-FB4C4DBA5BA8}" = ASUS Power4Gear Hybrid
"{18B2A97C-92C3-4AC7-BE72-F823E0BC895B}" = SQL Server 2012 Database Engine Services
"{1A81DA24-AF0B-4406-970E-54400D6EC118}" = Microsoft Web Deploy 3.5
"{1AB56376-F70E-4951-A097-27CFEC34E5ED}" = AVG 2015
"{1D411379-9CE0-4B13-A19B-72D3222DD620}" = SQL Server 2012 Common Files
"{1D8E6291-B0D5-35EC-8441-6616F567A0F7}" = Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219
"{202AAF1F-69AA-442A-B59F-6B54B1AD07C6}" = SQL Server 2012 Common Files
"{26A24AE4-039D-4CA4-87B4-2F06417060FF}" = Java 7 Update 60 (64-bit)
"{26BFF1F1-5C03-4C55-9C7C-FD65889AFA70}" = SQL Server 2012 Management Studio
"{27EF252D-800C-ED42-9904-459FE0046225}" = Windows Software Development Kit for Windows Store Apps DirectX x64 Remote
"{2B997E80-3BEC-3222-9114-98DBE1182B2E}" = Microsoft Visual C++ 2012 x64 Debug Runtime - 11.0.50727
"{2EDC2FA3-1F34-34E5-9085-588C9EFD1CC6}" = Microsoft Visual C++ 2012 x64 Minimum Runtime - 11.0.60610
"{301DAC0A-285C-4BB1-A68E-7393673E9E69}" = Microsoft SQL Server 2012 Data-Tier App Framework
"{30B7A7A6-D519-3332-BEB3-D105EFC7389A}" = Microsoft Visual Studio 2012 Express Prerequisites x64 - ENU
"{34A7A77A-A23D-44ED-B3B6-EC8198BE2622}" = SQL Server 2012 Full text search
"{350AA351-21FA-3270-8B7A-835434E766AD}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.21022
"{3E0DD83F-BE4C-4478-86A0-AD0D79D1353E}" = Microsoft VSS Writer for SQL Server 2012
"{41357956-5B67-489C-9F7D-FABACC2CD3CB}" = AVG 2015
"{4701DEDE-1888-49E0-BAE5-857875924CA2}" = Microsoft SQL Server System CLR Types (x64)
"{471A5E5F-3725-4484-B5DC-9F782678B7D5}" = EMCO MoveOnBoot 2.3
"{49D665A2-4C2A-476E-9AB8-FCC425F526FC}" = Microsoft SQL Server 2012 Native Client
"{4BB7A109-FDB5-45E3-9DB9-ECB2EA7B80EE}" = WinPatrol
"{4D84C195-86F0-4B34-8FDE-4A17EB41306A}" = Microsoft Web Platform Installer 5.0
"{54FF8FAB-DE27-4187-82F1-EBAE6AEE869A}" = SQL Server 2012 Database Engine Shared
"{5DDC2234-4B37-45BC-AD33-41F1469B4D83}" = Microsoft SQL Server 2012 Setup (English)
"{5FB4C443-6BD6-1514-2717-3827D65AE6FB}" = Windows Software Development Kit DirectX x64 Remote
"{64A3A4F4-B792-11D6-A78A-00B0D0170400}" = Java SE Development Kit 7 Update 40 (64-bit)
"{656E214E-B73F-458C-AD64-ED316F008207}" = SQL Server 2012 BI Development Studio
"{6603C2CE-3C54-4F1D-92F9-8390CD4CCCA8}" = SQL Server 2012 Database Engine Shared
"{662014D2-0450-37ED-ABAE-157C88127BEB}" = Visual Studio 2010 Prerequisites - English
"{6A206A04-6BC1-411B-AA04-4E52EDEEADF2}" = WinPatrol
"{6D8BD3DF-0EA4-4BB1-AA57-0BBA9A804E24}" = Microsoft Azure Authoring Tools - v2.4.1
"{7272DF1C-2F88-43AC-A481-84DD67DF9746}" = SQL Server 2012 Documentation Components
"{735A3951-E139-4E4A-AFAE-BA25E9FF5E6A}" = PDFill FREE PDF Tools
"{764384C5-BCA9-307C-9AAC-FD443662686A}" = Microsoft Visual C++ 2012 x64 Additional Runtime - 11.0.60610
"{78909610-D229-459C-A936-25D92283D3FD}" = Microsoft SQL Server Compact 4.0 SP1 x64 ENU
"{7B72F338-EBCC-32A6-A44C-DEF9B436AEF2}" = Microsoft Visual Studio Team Foundation Server 2012 Object Model
"{7BF61FA9-BDFB-4563-98AD-FCB0DA28CCC7}" = IIS 8.0 Express
"{7DEBE4EB-6B40-3766-BB35-5CBBC385DA37}" = Microsoft .NET Framework 4.5.1
"{84FBCA4A-D650-4B0D-8094-EC0671FA9B91}" = SQL Server 2012 Database Engine Services
"{87D5082F-F857-40FE-9C8A-3F2B6C39F426}" = paint.net
"{88DAAF05-5A72-46D2-A7C5-C3759697E943}" = SyncToy 2.1 (x64)
"{8C775E70-A791-4DA8-BCC3-6AB7136F4484}" = Visual Studio 2012 x64 Redistributables
"{8CCBEC22-D2DB-4DC9-A58A-E1A1F3A38C8A}" = Microsoft Sync Framework 2.0 Core Components (x64) ENU
"{8D006046-B0A3-412D-AB23-7212C3954CB2}" = USB 2.0 Command Verifier - x64 (1.4.10.2)
"{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033" = Microsoft .NET Framework 4.5.1
"{9D573E71-1077-4C7E-B4DB-4E22A5D2B48B}" = Microsoft SQL Server 2012 Command Line Utilities
"{9ED333F8-3E6C-4A38-BAFA-728454121CDA}" = PDF-XChange Viewer
"{9f4f4a9b-eec5-4906-92fe-d1f43ccf5c8d}.sdb" = IIS Express Application Compatibility Database for x64
"{A0F05048-7653-4FCD-9F3A-C740E4052ACE}" = Microsoft SQL Server 2012 RsFx Driver
"{A2CB1ACB-94A2-32BA-A15E-7D80319F7589}" = Microsoft Visual C++ 2012 x64 Minimum Runtime - 11.0.50727
"{A7037EB2-F953-4B12-B843-195F4D988DA1}" = SQL Server 2012 Management Studio
"{A7E19604-93AF-4611-8C9F-CE509C2B286E}_is1" = VDownloader 3.9.1627
"{AAFF73AD-3432-3575-ABD1-14E48EF2F4CB}" = Microsoft Visual C++ 2012 x64 Debug Runtime - 11.0.60610
"{AC53FC8B-EE18-3F9C-9B59-60937D0B182C}" = Microsoft Visual C++ 2012 x64 Additional Runtime - 11.0.50727
"{B3192F55-2CE8-4C8E-9E40-D3B4998276B2}" = SQL Server 2012 Documentation Components
"{B40EE88B-400A-4266-A17B-E3DE64E94431}" = Microsoft SQL Server 2008 Setup Support Files
"{BEB0F91E-F2EA-48A1-B938-7857ABF2A93D}" = Microsoft SQL Server 2012 Transact-SQL Compiler Service
"{BED1EA3D-592D-4305-9D1F-20F03726EFC1}" = Sql Server Customer Experience Improvement Program
"{CC8B009A-98C9-497F-99AF-CEBE35D8C0CF}" = Microsoft SQL Server 2012 T-SQL Language Service
"{CECA0188-BD7A-43EF-B1F7-DDF719099C46}" = SQL Server 2012 Documentation Components
"{D307B5CF-D1F0-48A4-8DA3-54765F535208}" = SQL Server 2012 SQL Data Quality Common
"{D6B04ED9-386E-4157-AF50-64A43700FADC}" = Microsoft Azure Libraries for .NET – v2.4
"{D8CC254C-C671-4664-9A38-FA368D1E2C97}" = SES Driver
"{DBDD570E-0952-475f-9453-AB88F3DD565a}" = Python 2.7.5 (64-bit)
"{DCCB1789-1DA0-4E3A-A52F-7815B602CC98}" = SQL Server 2012 Reporting Services
"{E5748D30-7E6D-3A8E-BFE6-C1D02C6DDABB}" = Microsoft Help Viewer 1.1
"{E5CF6B9C-3ABE-43C9-9413-AD5FFC98F049}" = SRS Premium Sound Control Panel
"{E7DD9E2F-25BB-3488-AA6A-6C5A9A27DA76}" = Microsoft Visual Studio Team Foundation Server 2012 Object Model Language Pack - ENU
"{EC39CC32-E144-42E4-9A59-53C20B408BDE}" = WD SmartWare
"{EE1B54D1-BFBC-4C19-8D66-E0AF3E967896}" = SQL Server 2012 BI Development Studio
"{EE346AB6-C9CF-47BE-8FA2-957604205F3E}" = Microsoft Azure Compute Emulator - v2.4
"{F1949145-EB64-4DE7-9D81-E6D27937146C}" = Microsoft System CLR Types for SQL Server 2012 (x64)
"{FA0A244E-F3C2-4589-B42A-3D522DE79A42}" = Microsoft SQL Server 2012 Management Objects (x64)
"{FCD81E1A-6ED6-4F19-A572-82FFE102654E}" = SQL Server 2012 Reporting Services
"{fdfba1f3-74ae-4255-9c10-a0f552b4610f}.sdb" = IIS Express Application Compatibility Database for x86
"{FE783A39-B07F-41CA-AFDC-CDAB44F8B25F}" = Visual Studio Online Application Insights Status Monitor
"4CA7CFBB29889F25ACB3DF6E3A42BAE29EB43B20" = Windows Driver Package - Western Digital Technologies (WDC_SAM) WDC_SAM (01/19/2011 1.0.0009.0)
"AVG" = AVG 2015
"A-WIN-Extras 9.0.1 4092550_is1" = Mathematica Extras 9.0 (4092550)
"Blender" = Blender
"CCleaner" = CCleaner
"Defraggler" = Defraggler
"doPDF 7 printer_is1" = doPDF 7.3 printer
"EditPad Lite" = EditPad Lite 7.3.4
"Elantech" = ETDWare PS/2-X64 11.5.11.3_WHQL
"ffdshow64_is1" = ffdshow x64 v1.3.4500 [2013-01-06]
"File Shredder_is1" = File Shredder 2.5
"GIMP-2_is1" = GIMP 2.8.10
"HDMI" = Intel® Graphics Media Accelerator Driver
"HWiNFO64_is1" = HWiNFO64 Version 4.46
"LockHunter_is1" = LockHunter 2.0 beta 2, 64 bit
"MatlabR2010a" = MATLAB R2010a
"Microsoft Azure Compute Emulator - v2.4" = Microsoft Azure Compute Emulator - v2.4
"Microsoft Help Viewer 1.1" = Microsoft Help Viewer 1.1
"Microsoft SQL Server 11" = Microsoft SQL Server 2012 (64-bit)
"Microsoft SQL Server SQLServer2012" = Microsoft SQL Server 2012 (64-bit)
"M-WIN-G 7.0.0 1148361_is1" = Wolfram Mathematica 7 for Students (M-WIN-G 7.0.0 1148361)
"MyDefrag v4.3.1_is1" = MyDefrag v4.3.1
"Pale Moon 25.1.0 (x64 en-US)" = Pale Moon 25.1.0 (x64 en-US)
"Personal Backup 5_is1" = Personal Backup 5.5
"Process_Hacker2_is1" = Process Hacker 2.33 (r5590)
"Puran Utilities_is1" = Puran Utilities 2.0
"PyScripter_is1" = PyScripter 2.5.3
"Recuva" = Recuva
"scilab-5.4.1 (64-bit)_is1" = scilab-5.4.1 (64-bit)
"Search and Replace (x64 Shareware)_is1" = Search and Replace (x64)
"Speccy" = Speccy
"spyder-py2.7" = Python 2.7 Spyder 2.2.5
"Stellarium_is1" = Stellarium 0.12.2
"TeraCopy_is1" = TeraCopy 2.3
"VLC media player" = VLC media player 2.1.0
"VPython for Python 2.7_is1" = VPython 6.05
"Waterfox 30.0 (x64 en-US)" = Waterfox 30.0 (x64 en-US)
"WinFF_is1" = WinFF 1.5.2 64 bit (Codename EMMA)
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{012D26C3-E12A-3BDA-8ECE-DF14E721A507}" = Microsoft Visual Studio 2010 Shell (Integrated) - ENU
"{02E7492D-C46F-4A34-A197-D1C3F19A1F4A}" = Microsoft WorldWide Telescope
"{09412B73-6159-40D6-B0B9-C11B30A7531E}" = Microsoft Visual Studio 2012 Preparation
"{0C003412-50FC-4619-8CBB-D8F279770A3B}" = Microsoft Azure Command Line Tools
"{0C03A66F-1FF0-45F9-8D67-0D806EBFFBA1}" = Blend for Visual Studio SDK for Silverlight 5
"{0F5ADA2F-C0B2-4AD6-8FF7-7DFA9D6B4CBA}" = FreeUndelete 2.1.36867.1
"{14F06853-8A15-4731-BBDC-C9B40A866A63}" = Virtual VCR
"{1690CE56-2231-4E59-9006-A0876D949EA8}" = Tools for .Net 3.5
"{191A6F65-6878-398D-A272-EF011B80F371}" = Microsoft Visual Studio Tools for Applications x86 Runtime 3.0
"{1948E039-EC79-4591-951D-9867A8C14C90}" = Microsoft .NET Framework 4.5 SDK
"{1B9BBB23-65CB-3AEE-BFC6-633E7CA299FD}" = Microsoft Visual Studio Team Foundation Server 2012 Team Explorer Language Pack - ENU
"{1BE2AFE6-209E-3862-AE45-DA9D3D21BD65}" = Microsoft Visual Studio Express 2012 for Windows Desktop
"{1C163D33-33B3-33EB-A617-0D4D852BE8E1}" = Microsoft Visual C++ 2012 x86 Debug Runtime - 11.0.50727
"{1C997E1C-5CE9-4AF3-AAA9-DC65E6090827}" = Microsoft Expression Blend SDK for Silverlight 4
"{1D3F5D17-BAD3-4D33-9F4E-AFCC44238626}" = Microsoft Visual Studio 2012 Preparation
"{20FDF948-C8ED-4543-A539-F7F4AEF5AFA2}" = Wireless Console 3
"{21388E37-9EC5-4549-95CA-95D9B2D327A4}" = Avira
"{222C5507-AC43-388F-808E-2266EC57E043}" = Microsoft Visual Studio Express 2012 for Windows Desktop - ENU
"{23176E97-26CB-C72A-19EB-BFB21AC1D15A}" = Windows Software Development Kit DirectX x86 Remote
"{23A3E3F8-91B4-4C5A-9E69-6747CF6D426B}" = Microsoft SQL Server Data Tools - enu (11.1.20905.0)
"{26A24AE4-039D-4CA4-87B4-2F83217051FF}" = Java 7 Update 55
"{27135B83-5AFF-42A3-BCEB-E689BE9E2090}_is1" = Greenfish Icon Editor Pro 3.31
"{27614800-84A9-484E-9CCB-43ED2F1205F5}" = Chessmaster Grandmaster Edition
"{2AC3FCD3-3413-4F95-AEE1-E66618D982AD}" = Vbox2 Advanced
"{2C0CC01A-DDBC-3AED-AF18-E741242FD727}" = Microsoft Visual Studio Ultimate 2012 XAML UI Designer enu Resources
"{2F73A7B2-E50E-39A6-9ABC-EF89E4C62E36}" = Microsoft Visual C++ 2012 x86 Minimum Runtime - 11.0.50727
"{32136776-FE3F-453D-80DA-CDD993BDB2A3}" = Entity Framework Designer for Visual Studio 2012 - enu
"{3717C4F2-7412-4793-9BB8-D73D2817B3D6}" = USB Video/Audio Device Driver
"{37E53780-3944-4A6A-842F-727128E8616E}" = Blend for Visual Studio SDK for .NET 4.5
"{38FC6E9A-F719-431A-A83D-4C86D5FD6555}" = Microsoft Visual Studio 2012 Shell (Minimum) Resources
"{3D6AD258-61EA-35F5-812C-B7A02152996E}" = Microsoft Visual C++ 2012 x86 Additional Runtime - 11.0.60610
"{3DBCCABB-3D5B-4FB4-B1C1-5C29F3EA104C}" = Windows Azure Storage Emulator - v3.3
"{40F485F7-6478-4896-B0D5-F94BE677EB78}_is1" = System Explorer 4.2.2
"{417A3FEE-BDB8-3CAA-819C-766E79CD2E0F}" = Microsoft Visual Studio Express 2012 for Web - ENU
"{42F61556-29ED-8122-F39E-6F04EA5FF279}" = Windows Software Development Kit for Windows Store Apps DirectX x86 Remote
"{44B185C4-2566-4F38-A4F1-092FCDBB51A5}" = CalcTape
"{49402ED1-A795-4435-A745-1B781BE621A6}" = Microsoft NuGet - Visual Studio Express 2012 for Windows Desktop
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{4B9E6EB0-0EED-4E74-9479-F982C3254F71}" = SQL Server Browser for SQL Server 2012
"{4E76FF7E-AEBA-4C87-B788-CD47E5425B9D}" = Skype™ 6.7
"{503336C5-965C-415B-B535-CD42C0FD013E}" = Microsoft ASP.NET MVC 4 - Visual Studio Express 2012 for Web - ENU
"{519C4DB6-B53B-4F5C-8297-89B2BE949FA5}_is1" = Data Lifeguard Diagnostic for Windows 1.25
"{5A03C202-08B4-3F1D-9A60-A4F53EF1B636}" = Microsoft Visual Studio Tools for Applications Design-Time 3.0
"{5C5B24E7-4694-4049-A222-CCE7D3FAC63F}_is1" = CryptoPrevent v4.3.0
"{5CBFF3F3-2D40-34EE-BCA5-A95BC19E400D}" = Microsoft .NET Framework 4.5 Multi-Targeting Pack
"{5D9ED403-94DE-3BA0-B1D6-71F4BDA412E6}" = Microsoft Visual C++ 2010 x86 Runtime - 10.0.40219
"{5E877D64-5A88-46AA-8352-DAFA8CE1FF52}" = IronPython 2.7.4
"{605FFCBB-EC5A-485C-B27E-189F1C8A96E5}" = Microsoft Visual C++ 2012 x86-x64 Compilers
"{60D5EF2A-4E0C-2C30-38F6-59C26E134F4A}" = Windows Software Development Kit
"{623ABB38-F593-3706-B799-EEEC72ED96F4}" = Microsoft Visual Studio Express 2012 for Web - ENU
"{62BC36B2-F9FB-405F-94B4-F2D3A71C402D}" = Microsoft ASP.NET Web Pages 2 - Visual Studio Express 2012 for Web - ENU
"{631471BE-DEAB-454B-A9AC-CE3EB42C28B3}" = Microsoft ASP.NET Web Pages
"{67ED4F6B-BE85-410B-A60E-793CEB7D7DAD}" = Microsoft SQL Server 2012 Data-Tier App Framework
"{6845255F-15CC-4DD1-94D5-D38F370118B3}_is1" = Auslogics Duplicate File Finder
"{690CD55E-D07B-472F-8706-A3A7D0A5CB09}" = SoftPlan version 13 [C:\SoftPlan13]
"{6C44519A-497D-382C-8596-E972C77057C2}" = Microsoft Portable Library Multi-Targeting Pack
"{6D6D43E5-218C-4B05-92D3-2240810F4760}" = Microsoft SQL Server 2012 T-SQL Language Service
"{6DAB46E3-D017-3E2B-85D8-F57A230384C0}" = Microsoft Visual Studio Team Foundation Server 2012 Team Explorer
"{6e8f74e0-43bd-4dce-8477-6ff6828acc07}" = Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.51106
"{71a40c60-27c2-443a-b7c7-6e4f3aad1d5a}" = Microsoft ASP.NET and Web Frameworks 2012.2
"{72800ED3-4CC6-41D3-9741-26D479E29DE4}" = LogicCircuit
"{77E2D875-FD9E-3DEE-9A84-C34FDECB4ECA}" = Microsoft Visual C++ 2012 x86 Debug Runtime - 11.0.60610
"{7AAA27E4-CDB3-49C0-AA2D-41827C001BA3}" = Microsoft Small Basic v1.0
"{7C05592D-424B-46CB-B505-E0013E8E75C9}" = ATK Hotkey
"{7E265513-8CDA-4631-B696-F40D983F3B07}_is1" = CDBurnerXP
"{7f522d2c-fa6d-40e7-bcb8-f769ce3053e2}" = Microsoft Azure Tools for Microsoft Visual Studio 2012 - v2.4
"{800F484E-9D69-492D-B656-7BAA32586142}" = Microsoft Visual Studio 2012 Shell (Minimum)
"{820C677A-41B2-48C3-8136-FEE35A052E73}" = Microsoft Visual Studio 2012 Shell (Minimum) Interop Assemblies
"{834B6E00-F509-40F2-A677-E86261184576}" = Blend for Visual Studio Add-in for Adobe FXG Import
"{83EC8AE9-53A6-474D-95AF-8F5116CC9C4E}" = 3D Home Architect Design Suite Deluxe 8
"{83F2B8F4-5CF3-4BE9-9772-9543EAE4AC5F}" = Microsoft SQL Server 2008 R2 Management Objects
"{90037203-AAD8-412F-8265-DD54FD4EFD10}" = calibre
"{9169C939-ED01-446A-BD0C-29873BAF4E48}" = Prerequisites for SSDT
"{9395F41D-0F80-432E-9A59-B8E477E7E163}" = OpenOffice 4.1.1
"{942CC691-5B98-42A3-8BC5-A246BA69D983}" = Microsoft ASP.NET MVC 4 Runtime
"{95120000-00B9-0409-0000-0000000FF1CE}" = Microsoft Application Error Reporting
"{95716cce-fc71-413f-8ad5-56c2892d4b3a}" = Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.60610
"{98613C99-1399-416C-A07C-1EE1C585D872}" = SeaTools for Windows
"{98EFF19A-30AB-4E4B-B943-F06B1C63EBF8}" = Visual Studio 2012 x86 Redistributables
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9A456DFB-5404-471D-8C7B-0E2A155E999B}" = Microsoft ASP.NET Visual Studio 2012 Uninstall Finalizer
"{9B3A1C97-A361-463E-8817-444F9F88CDFE}" = Microsoft Expression Blend SDK for .NET 4
"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
"{9CCE40CE-A9E6-4916-8729-B008558EEF3F}" = Microsoft Report Viewer 2012 Runtime
"{A15E821D-0A75-4B45-BA20-481051C7F4E5}_is1" = Binary Viewer 4.13.4.26
"{A16656CE-4B17-4484-A13F-22B9500E5223}" = Fast Boot
"{A1785BD4-3486-4E7E-8074-E3FC61B8F315}" = Microsoft Visual C++ 2012 x86-x64 Compilers
"{A261F28E-6053-4414-9B84-AA8FE5F47AD4}_is1" = Cartes du Ciel V3.8
"{A306FD29-7D3A-4287-91AC-9A0180931395}_is1" = Roadkil's Unstoppable Copier Version 5.2
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{AC76BA86-7AD7-1033-7B44-AB0000000001}" = Adobe Reader XI (11.0.08)
"{AE553D7C-E21A-4CDD-BDB3-FBEA09E42993}" = Microsoft Azure Shared Components for Visual Studio 2012 - v1.2
"{B1392E70-34C3-4EB0-A9E6-209797FFAAF7}_is1" = Vintage BASIC version 1.0.2
"{B33F91AB-8BB0-4026-B195-A1C3DA95478E}" = Uninstall Finalizer
"{B7E38540-E355-3503-AFD7-635B2F2F76E1}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4974
"{B96D2269-568B-4CBF-9332-12FAE8B158F7}" = Medieval CUE Splitter
"{BCEBC40A-16A1-4CCD-A917-887749706088}" = Microsoft ASP.NET MVC 3 - Visual Studio Express 2012 for Web
"{BFE16218-BBA6-4FE3-BE07-505AA7C418C7}" = Microsoft NuGet - Visual Studio Express 2012 for Web
"{C0770F76-6923-4EC4-A062-E688B99DCE40}" = Microsoft ASP.NET Visual Studio 2012 Finalizer
"{C1BE4600-7D15-3D1E-8AA2-B3241DB1D063}" = Microsoft Visual Studio Ultimate 2012 XAML UI Designer Core
"{C3F6F200-6D7B-4879-B9EE-700C0CE1FCDA}" = Microsoft SQL Server System CLR Types
"{C75EF0A9-F228-40E9-AA20-B832F8350A4C}" = Microsoft ASP.NET Web Pages - Visual Studio Express 2012 for Web
"{C75F2670-ECC5-4408-9EC8-2884FB019C04}" = Video Grabber
"{CEB3E62B-D8BC-4DC2-838B-C7B547D2C4F6}" = Microsoft ASP.NET and Web Tools 2013.1 - Visual Studio Express 2012 for Web
"{CFEF48A8-BFB8-3EAC-8BA5-DE4F8AA267CE}" = Microsoft .NET Framework 4 Multi-Targeting Pack
"{D11F66FF-82B3-DDB8-1146-525370552BE1}" = Windows Software Development Kit for Windows Store Apps
"{D1725D54-279A-40C5-A70D-23C1785DB920}_is1" = AoA Audio Extractor
"{D2964C0D-477B-4914-B791-1D80E61E85E6}" = Microsoft SQL Server Data Tools Build Utilities - enu (11.1.20905.0)
"{D30F78E6-2A82-48E5-94A9-D295D64501BF}" = MathGV 4.1
"{D3A828A9-FD4A-4463-9CB0-9673C682A0C7}" = Microsoft Visual C++ 2012 32bit Compilers - ENU Resources
"{D3D54F3E-C5C3-443D-978F-87A72E5616E8}" = ATK Generic Function Service
"{D64B6984-242F-32BC-B008-752806E5FC44}" = Microsoft Visual Studio 2010 Shell (Isolated) - ENU
"{D95AA4F4-9FCF-4BD8-AC07-AB1912A202E2}_is1" = Home Plan Pro version 5.2.12.4
"{DA1C1761-5F4F-4332-AB9D-29EDF3F8EA0A}" = Microsoft SQL Server 2012 Management Objects
"{DCDEC776-BADD-48B9-8F9A-DFF513C3D7FA}" = Microsoft ASP.NET MVC 3
"{DD1D9A81-1186-4634-9A6A-1B6F59A8C269}" = Microsoft Azure Storage Tools - v2.5.1
"{DF6A13C0-77DF-41FE-BD05-6D5201EB0CE7}_is1" = Auslogics Disk Defrag
"{E2082604-4BA5-44BB-BBFB-AF0F3CB8C6AB}" = Microsoft System CLR Types for SQL Server 2012
"{E38C00D0-A68B-4318-A8A6-F7D4B5B1DF0E}" = Windows Media Encoder 9 Series
"{E4C33F5B-1B2F-466E-957E-B274F08151A0}" = Microsoft Web Deploy dbSqlPackage Provider - enu
"{E4E1D7C7-6561-4462-96B5-E6439488ED41}" = Flash Cookie Cleaner
"{E5154BC3-432D-4EAB-95D2-6C16CC3110DA}" = Microsoft Azure Tools for Microsoft Visual Studio 2012 Core
"{E61CFDDA-40DD-4400-95CA-12819C50B5C2}" = WD Drive Utilities
"{E657B243-9AD4-4ECC-BE81-4CCF8D667FD0}" = ASUS Live Update
"{E6DC6DDF-3EE7-4630-9F4B-0ADAF0461DAC}" = Microsoft Azure Tools for Microsoft Visual Studio 2012 - v2.4
"{e7c7c227-b742-4878-9425-f09bbf9951db}" = Avira
"{E7D4E834-93EB-351F-B8FB-82CDAE623003}" = Microsoft Visual C++ 2012 x86 Minimum Runtime - 11.0.60610
"{E818AE7C-244B-4A50-9C86-C0E4A8B69159}" = Microsoft Visual Studio 2012 Tools for SQL Server Compact 4.0 SP1 ENU
"{E864A1C8-EEE1-47D0-A7F8-00CC86D26D5E}_is1" = Wise Care 365 version 2.83
"{EA63C5C1-EBBC-477C-9CC7-41454DDFAFF2}" = Microsoft ASP.NET Web Pages 2 Runtime
"{EFC0BA9B-F472-4559-B655-9C47281F9483}" = WD Security
"{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}" = Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{F361FE04-789E-42F3-BBAB-E7B380AA5E06}" = Windows XP Targeting with C++
"{F3BBC56F-2282-4464-952F-A89772181F30}" = Microsoft SQL Server Data Tools – Database Projects – Web installer entry point
"{f56bac4b-ef69-49d9-b010-1d7de651418d}" = Microsoft Visual Studio Express 2012 for Web - ENU
"{FC274982-5AAD-4C20-848D-4424A5043010}_is1" = WinUtilities Free Edition 11.26
"{FCCB88D8-06A1-44C6-B633-B23C239827BE}" = Install Finalizer
"{FDB30193-FDA0-3DAA-ACCA-A75EEFE53607}" = Microsoft Visual C++ 2012 x86 Additional Runtime - 11.0.50727
"{FEB375AB-6EEC-3929-8FAF-188ED81DD8B5}" = Microsoft Help Viewer 2.0
"{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022
"{FFC6E93A-B9AD-3F20-9B06-EE20E24AAEAF}" = Microsoft Visual C++ 2012 Core Libraries
"7-Zip" = 7-Zip 9.22beta
"aaICO_is1" = aaICO - Icon Editor 3
"abcavi_tag_editor_is1" = abcAVI
"Adobe Digital Editions 3.0" = Adobe Digital Editions 3.0
"Adobe Flash Player Plugin" = Adobe Flash Player 15 Plugin
"Advanced Renamer_is1" = Advanced Renamer
"ATT-ATT Management Agent" = ATT Management Agent
"Audacity_is1" = Audacity 2.0.3
"Avidemux 2.6 (64-bit)" = Avidemux 2.6
"Avira AntiVir Desktop" = Avira Free Antivirus
"Battery Status" = Battery Status
"Belarc Advisor" = Belarc Advisor 8.3
"BleachBit" = BleachBit
"CDex" = CDex - Open Source Digital Audio CD Extractor
"Celestia_is1" = Celestia 1.6.1
"Clementine" = Clementine
"CodeLite_is1" = CodeLite
"CrystalDiskInfo_is1" = CrystalDiskInfo 6.2.1 Shizuku Edition
"DiskCheckup_is1" = DiskCheckup v3.2
"DjVuLibre+DjView" = DjVuLibre DjView 3.5.25.4+4.9.2
"DScaler 4 Test Version_is1" = DScaler 4 Test Version
"DVD Decrypter" = DVD Decrypter (Remove Only)
"EncSpot Basic_is1" = EncSpot Basic 2.0
"Euler Mathematical Toolbox_is1" = Euler Math Toolbox Version 23.5
"Everything" = Everything 1.2.1.371
"FastStone Capture" = FastStone Capture 7.6
"FastStone Image Viewer" = FastStone Image Viewer 4.8
"FastStone MaxView" = FastStone MaxView 2.7
"FastStone Photo Resizer" = FastStone Photo Resizer 3.2
"FBReader for Windows" = FBReader for Windows
"foobar2000" = foobar2000 v1.2.9
"FreeBASIC" = FreeBASIC 0.90.1
"FreeCommander XE_is1" = FreeCommander XE
"FreeMat 4.2" = FreeMat
"GIF Viewer" = GIF Viewer 3.1
"Google Chrome" = Google Chrome
"HD Tune_is1" = HD Tune 2.55
"HeidiSQL_is1" = HeidiSQL 8.0.0.4396
"Inkscape" = Inkscape 0.48.4
"InstallShield_{27614800-84A9-484E-9CCB-43ED2F1205F5}" = Chessmaster Grandmaster Edition
"InstallShield_{83EC8AE9-53A6-474D-95AF-8F5116CC9C4E}" = 3D Home Architect Design Suite Deluxe 8
"Jaangle music management" = Jaangle music management
"Juice" = Juice 2.2
"Junior Icon Editor" = Junior Icon Editor
"KeyFinder_is1" = Magical Jelly Bean KeyFinder
"K-Meleon" = K-Meleon 1.5.4 en-US (remove only)
"LAME_is1" = LAME v3.99.3 (for Windows)
"LookInMyPC" = LookInMyPC
"Lunascape6" = Lunascape6 (All Users)
"Malwarebytes Anti-Malware_is1" = Malwarebytes Anti-Malware version 2.0.4.1028
"McAfee Security Scan" = McAfee Security Scan Plus
"Microsoft Help Viewer 2.0" = Microsoft Help Viewer 2.0
"mmswitch" = Morgan Stream Switcher
"MobiDVD" = MobiDVD 1.0.0.6
"Monkey's Audio_is1" = Monkey's Audio
"Mozilla Firefox 34.0.5 (x86 en-US)" = Mozilla Firefox 34.0.5 (x86 en-US)
"MozillaMaintenanceService" = Mozilla Maintenance Service
"MSN Font Color Editor_is1" = MSN Font Color Editor 1.2
"M-WIN-D 9.0.1 4092685_is1" = Wolfram CDF Player (M-WIN-D 9.0.1 4092685)
"NASA World Wind 1.4" = NASA World Wind 1.4
"Notepad++" = Notepad++
"Opera 20.0.1387.91" = Opera Stable 20.0.1387.91
"PicPick" = PicPick
"Plancoin" = Plancoin
"qbittorrent" = qBittorrent 3.1.9.2
"Quackle_is1" = Quackle 0.97 [Beta]
"Rainmeter" = Rainmeter
"Revo Uninstaller" = Revo Uninstaller 1.95
"Right Click Enhancer" = Right Click Enhancer 4.1.1
"Safarp" = Safarp
"Secunia PSI" = Secunia PSI (3.0.0.9016)
"SolveigMM AVI Trimmer 2.1.1307.29" = SolveigMM AVI Trimmer
"SolveigMM Video Editing SDK 3.0.1309.5" = SolveigMM Video Editing SDK
"SpeedFan" = SpeedFan (remove only)
"SpeQ Mathematics" = SpeQ Mathematics 3.4
"STDU Explorer_is1" = STDU Explorer version 1.0.517.0
"SumatraPDF" = SumatraPDF
"tixati" = Tixati
"UltraDefrag" = Ultra Defragmenter
"UnrealCommander_is1" = Unreal Commander v2.02
"VTUploader" = VirusTotal Uploader 2.2
"WAV Joiner" = WAV Joiner
"What's Running_is1" = What's Running 3.0
"Windows Azure Storage Emulator - v3.3" = Windows Azure Storage Emulator - v3.3
"Windows Media Encoder 9" = Windows Media Encoder 9 Series
"WinISO" = WinISO
"WinMerge_is1" = WinMerge 2.14.0
"WinPcapInst" = WinPcap 4.1.1
"WinX Free WMV to AVI Converter_is1" = WinX Free WMV to AVI Converter 5.0.6
"Wise Data Recovery_is1" = Wise Data Recovery 3.41
"Wise Disk Cleaner_is1" = Wise Disk Cleaner 7.94
"Wise Folder Hider_is1" = Wise Folder Hider 1.41
"Wise Game Booster_is1" = Wise Game Booster 1.23
"Wise JetSearch_is1" = Wise JetSearch 1.39
"Wise PC 1stAid_is1" = Wise PC 1stAid 1.32
"Wise Program Uninstaller_is1" = Wise Program Uninstaller 1.55
"Wise Registry Cleaner_is1" = Wise Registry Cleaner 7.86
"Zyzzyva 2.2.3" = Zyzzyva
========== HKEY_USERS Uninstall List ==========
[HKEY_USERS\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
========== HKEY_USERS Uninstall List ==========
[HKEY_USERS\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
========== HKEY_USERS Uninstall List ==========
[HKEY_USERS\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
========== HKEY_USERS Uninstall List ==========
[HKEY_USERS\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
========== HKEY_USERS Uninstall List ==========
[HKEY_USERS\S-1-5-21-3001965132-3898090023-1802478263-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{8EB85C0E-DE7D-4A53-BD66-708B8F2C80B0}" = HHD Software Free Hex Editor Neo 6.01
"Dropbox" = Dropbox
"magicJack" = magicJack
"MultiCommander x64" = MultiCommander (x64)
"Python 3.4.1 (Anaconda3 2.0.1 64-bit)" = Python 3.4.1 (Anaconda3 2.0.1 64-bit)
"WinDirStat" = WinDirStat 1.1.2
========== HKEY_USERS Uninstall List ==========
[HKEY_USERS\S-1-5-80-425977601-1203083412-1631309457-2457533047-3321749933\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
========== Last 20 Event Log Errors ==========
[ Application Events ]
Error - 2015-01-02 01:43:35 | Computer Name = Jean-PC | Source = Report Server Windows Service (SQLEXPRESS) | ID = 107
Description = Report Server Windows Service (SQLEXPRESS) cannot connect to the report
server database.
Error - 2015-01-02 05:07:09 | Computer Name = Jean-PC | Source = Application Error | ID = 1000
Description = Faulting application name: plugin-container.exe, version: 34.0.5.5443,
time stamp: 0x5475dd5d Faulting module name: mozalloc.dll, version: 34.0.5.5443,
time stamp: 0x5475d664 Exception code: 0x80000003 Fault offset: 0x00001425 Faulting
process id: 0x8488 Faulting application start time: 0x01d0266944b71175 Faulting application
path: C:\Program Files (x86)\Mozilla Firefox\plugin-container.exe Faulting module
path: C:\Program Files (x86)\Mozilla Firefox\mozalloc.dll Report Id: ba75032d-925e-11e4-8a45-90e6ba3aa19e
Error - 2015-01-02 05:21:56 | Computer Name = Jean-PC | Source = Report Server Windows Service (SQLEXPRESS) | ID = 107
Description = Report Server Windows Service (SQLEXPRESS) cannot connect to the report
server database.
Error - 2015-01-02 17:22:19 | Computer Name = Jean-PC | Source = Report Server Windows Service (SQLEXPRESS) | ID = 107
Description = Report Server Windows Service (SQLEXPRESS) cannot connect to the report
server database.
Error - 2015-01-02 19:21:05 | Computer Name = Jean-PC | Source = Application Error | ID = 1000
Description = Faulting application name: plugin-container.exe, version: 34.0.5.5443,
time stamp: 0x5475dd5d Faulting module name: mozalloc.dll, version: 34.0.5.5443,
time stamp: 0x5475d664 Exception code: 0x80000003 Fault offset: 0x00001425 Faulting
process id: 0xab4 Faulting application start time: 0x01d026bbb00de477 Faulting application
path: C:\Program Files (x86)\Mozilla Firefox\plugin-container.exe Faulting module
path: C:\Program Files (x86)\Mozilla Firefox\mozalloc.dll Report Id: 05b24f23-92d6-11e4-8fa2-90e6ba3aa19e
Error - 2015-01-02 19:58:54 | Computer Name = Jean-PC | Source = Report Server Windows Service (SQLEXPRESS) | ID = 107
Description = Report Server Windows Service (SQLEXPRESS) cannot connect to the report
server database.
[ System Events ]
Error - 2015-01-02 05:22:33 | Computer Name = Jean-PC | Source = Service Control Manager | ID = 7009
Description = A timeout was reached (30000 milliseconds) while waiting for the Microsoft
.NET Framework NGEN v4.0.30319_X64 service to connect.
Error - 2015-01-02 09:10:30 | Computer Name = Jean-PC | Source = DCOM | ID = 10010
Description =
Error - 2015-01-02 10:53:38 | Computer Name = Jean-PC | Source = Disk | ID = 262151
Description = The device, \Device\Harddisk2\DR6, has a bad block.
Error - 2015-01-02 19:48:02 | Computer Name = Jean-PC | Source = DCOM | ID = 10010
Description =
Error - 2015-01-02 19:52:34 | Computer Name = Jean-PC | Source = Service Control Manager | ID = 7003
Description = The ATKGFNEX Service service depends the following service: ASMMAP64.
This service might not be installed.
Error - 2015-01-02 19:53:51 | Computer Name = Jean-PC | Source = Service Control Manager | ID = 7009
Description = A timeout was reached (30000 milliseconds) while waiting for the SQL
Server (SQLEXPRESS) service to connect.
Error - 2015-01-02 19:54:02 | Computer Name = Jean-PC | Source = Service Control Manager | ID = 7000
Description = The SQL Server (SQLEXPRESS) service failed to start due to the following
error: %%1053
Error - 2015-01-02 19:56:26 | Computer Name = Jean-PC | Source = Service Control Manager | ID = 7022
Description = The SQL Server Reporting Services (SQLEXPRESS) service hung on starting.
Error - 2015-01-02 19:59:13 | Computer Name = Jean-PC | Source = Service Control Manager | ID = 7009
Description = A timeout was reached (30000 milliseconds) while waiting for the Microsoft
.NET Framework NGEN v4.0.30319_X86 service to connect.
Error - 2015-01-02 19:59:43 | Computer Name = Jean-PC | Source = Service Control Manager | ID = 7009
Description = A timeout was reached (30000 milliseconds) while waiting for the Microsoft
.NET Framework NGEN v4.0.30319_X64 service to connect.
< End of report >