Jump to content

Welcome to Geeks to Go - Register now for FREE

Need help with your computer or device? Want to learn new tech skills? You're in the right place!
Geeks to Go is a friendly community of tech experts who can solve any problem you have. Just create a free account and post your question. Our volunteers will reply quickly and guide you through the steps. Don't let tech troubles stop you. Join Geeks to Go now and get the support you need!

How it Works Create Account
Photo

Slow/Buggy Computer and a few unknown processes.


  • Please log in to reply

#1
Iic400

Iic400

    New Member

  • Member
  • Pip
  • 1 posts

Hi, my computer has been very slow and buggy for quite a while now. My memory/CPU usage is usually near maxed out. Also it takes forever to restart and often it won't even restart, it will freeze and I have to manually hold the power button. I am unsure what to do. I was Googling different processes and I am finding conflicting information on DLLHost.exe *32 and Monitor.exe *32.

The Monitor.exe does not allow me to see the file location. I get an error that says this

c:\Config.Msi is not accessible. Access is denied.

I ran the OTS app and this is what it show's me.

OTL logfile created on: 1/21/2015 3:18:54 PM - Run 1
OTL by OldTimer - Version 3.2.69.0     Folder = C:\Users\Computer\Downloads
64bit- Ultimate Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.11.9600.17501)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy
 
3.00 Gb Total Physical Memory | 0.63 Gb Available Physical Memory | 20.89% Memory free
7.34 Gb Paging File | 2.23 Gb Available in Paging File | 30.38% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 465.66 Gb Total Space | 92.84 Gb Free Space | 19.94% Space Free | Partition Type: NTFS
 
Computer Name: STUDIO-PC | User Name: Computer | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Quick Scan | Include 64bit Scans
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days
 
[color=#E56717]========== Processes (SafeList) ==========[/color]
 
PRC - File not found -- 
PRC - [2015/01/21 15:18:28 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Computer\Downloads\OTL.exe
PRC - [2015/01/18 19:39:45 | 006,737,976 | ---- | M] (Spotify Ltd) -- C:\Users\Studio\AppData\Roaming\Spotify\spotify.exe
PRC - [2015/01/18 19:39:30 | 000,374,840 | ---- | M] () -- C:\Users\Studio\AppData\Roaming\Spotify\Data\SpotifyHelper.exe
PRC - [2015/01/08 17:35:57 | 000,856,904 | ---- | M] (Google Inc.) -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
PRC - [2015/01/01 18:10:16 | 006,737,976 | ---- | M] (Spotify Ltd) -- C:\Users\Computer\AppData\Roaming\Spotify\spotify.exe
PRC - [2015/01/01 18:10:06 | 001,676,344 | ---- | M] (Spotify Ltd) -- C:\Users\Computer\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe
PRC - [2015/01/01 18:10:05 | 000,374,840 | ---- | M] () -- C:\Users\Computer\AppData\Roaming\Spotify\Data\SpotifyHelper.exe
PRC - [2013/10/23 02:02:32 | 000,414,496 | ---- | M] (NVIDIA Corporation) -- C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
PRC - [2013/10/17 18:34:57 | 001,028,384 | ---- | M] (NVIDIA Corporation) -- C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\NvTmru.exe
PRC - [2013/10/17 18:34:26 | 001,914,656 | ---- | M] (NVIDIA Corporation) -- C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
PRC - [2013/06/20 00:58:03 | 000,391,040 | ---- | M] () -- C:\Program Files (x86)\VTech\DownloadManager\System\AgentMonitor.exe
PRC - [2013/04/21 12:26:20 | 001,515,688 | ---- | M] (SPEEDbit) -- C:\Program Files (x86)\SpeedBit Video Accelerator\VideoAccelerator.exe
PRC - [2013/04/21 12:26:20 | 000,281,768 | ---- | M] (SPEEDbit) -- C:\Program Files (x86)\SpeedBit Video Accelerator\VideoAcceleratorService.exe
PRC - [2012/07/03 08:04:58 | 000,507,312 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files (x86)\Common Files\Java\Java Update\jucheck.exe
PRC - [2012/05/24 13:47:02 | 007,591,424 | ---- | M] () -- C:\Program Files\PreSonus\AudioBox\AudioBox.exe
PRC - [2012/04/03 22:53:50 | 000,063,928 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
PRC - [2011/07/28 16:08:12 | 001,259,376 | ---- | M] () -- C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe
PRC - [2011/05/12 13:23:38 | 000,512,000 | ---- | M] () -- C:\Program Files (x86)\Froyo_Android_Driver\Bin\MonServiceUDisk.exe
PRC - [2010/09/30 02:06:46 | 000,169,408 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files (x86)\Adobe\Elements 9 Organizer\PhotoshopElementsFileAgent.exe
PRC - [2010/07/29 00:40:56 | 000,311,760 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\AAM Updates Notifier.exe
PRC - [2007/01/18 14:59:30 | 006,223,360 | ---- | M] (Arobas Music) -- C:\Program Files (x86)\Guitar Pro 5\GP5.exe
 
 
[color=#E56717]========== Modules (No Company Name) ==========[/color]
 
MOD - [2015/01/08 17:35:54 | 009,009,480 | ---- | M] () -- C:\Program Files (x86)\Google\Chrome\Application\39.0.2171.99\pdf.dll
MOD - [2015/01/08 17:35:51 | 001,077,064 | ---- | M] () -- C:\Program Files (x86)\Google\Chrome\Application\39.0.2171.99\libglesv2.dll
MOD - [2015/01/08 17:35:49 | 000,211,272 | ---- | M] () -- C:\Program Files (x86)\Google\Chrome\Application\39.0.2171.99\libegl.dll
MOD - [2015/01/08 17:35:48 | 001,677,128 | ---- | M] () -- C:\Program Files (x86)\Google\Chrome\Application\39.0.2171.99\ffmpegsumo.dll
MOD - [2015/01/01 18:10:08 | 036,966,968 | ---- | M] () -- C:\Users\Computer\AppData\Roaming\Spotify\Data\libcef.dll
MOD - [2015/01/01 18:10:06 | 000,108,600 | ---- | M] () -- C:\Users\Computer\AppData\Roaming\Spotify\Data\libEGL.dll
MOD - [2015/01/01 18:10:05 | 000,886,840 | ---- | M] () -- C:\Users\Computer\AppData\Roaming\Spotify\Data\libGLESv2.dll
MOD - [2015/01/01 18:10:05 | 000,867,896 | ---- | M] () -- C:\Users\Computer\AppData\Roaming\Spotify\Data\ffmpegsumo.dll
MOD - [2015/01/01 18:10:05 | 000,374,840 | ---- | M] () -- C:\Users\Computer\AppData\Roaming\Spotify\Data\SpotifyHelper.exe
 
 
[color=#E56717]========== Services (SafeList) ==========[/color]
 
SRV:[b]64bit:[/b] - [2014/11/21 19:35:29 | 000,114,688 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\IEEtwCollector.exe -- (IEEtwCollectorService)
SRV:[b]64bit:[/b] - [2014/08/22 14:14:34 | 000,368,624 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Program Files\Microsoft Security Client\NisSrv.exe -- (NisSrv)
SRV:[b]64bit:[/b] - [2014/08/22 14:14:34 | 000,023,784 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Microsoft Security Client\MsMpEng.exe -- (MsMpSvc)
SRV:[b]64bit:[/b] - [2014/03/04 01:37:04 | 002,541,688 | ---- | M] (Speedbit Ltd.) [Disabled | Stopped] -- C:\Program Files\Common Files\SpeedBit\SBUpdate\sbu.exe -- (SBUpd)
SRV:[b]64bit:[/b] - [2013/10/17 18:35:48 | 015,122,208 | ---- | M] (NVIDIA Corporation) [Auto | Stopped] -- C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe -- (NvStreamSvc)
SRV:[b]64bit:[/b] - [2013/05/26 22:50:47 | 001,011,712 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV:[b]64bit:[/b] - [2012/09/05 11:38:06 | 006,364,024 | ---- | M] (Native Instruments GmbH) [Auto | Running] -- C:\Program Files\Common Files\Native Instruments\Hardware\NIHardwareService.exe -- (NIHardwareService)
SRV:[b]64bit:[/b] - [2009/07/13 18:40:01 | 000,193,536 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\appmgmts.dll -- (AppMgmt)
SRV - [2014/04/13 22:50:50 | 000,770,832 | ---- | M] (BlueStack Systems, Inc.) [Disabled | Stopped] -- C:\Program Files (x86)\BlueStacks\HD-UpdaterService.exe -- (BstHdUpdaterSvc)
SRV - [2014/04/13 22:49:18 | 000,385,808 | ---- | M] (BlueStack Systems, Inc.) [Disabled | Stopped] -- C:\Program Files (x86)\BlueStacks\HD-LogRotatorService.exe -- (BstHdLogRotatorSvc)
SRV - [2014/04/13 22:48:56 | 000,402,192 | ---- | M] (BlueStack Systems, Inc.) [Disabled | Stopped] -- C:\Program Files (x86)\BlueStacks\HD-Service.exe -- (BstHdAndroidSvc)
SRV - [2014/03/20 15:49:18 | 000,067,224 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32)
SRV - [2013/10/23 02:02:32 | 000,414,496 | ---- | M] (NVIDIA Corporation) [Auto | Running] -- C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe -- (Stereo Service)
SRV - [2013/10/17 18:34:26 | 001,914,656 | ---- | M] (NVIDIA Corporation) [Auto | Running] -- C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe -- (nvUpdatusService)
SRV - [2013/04/21 12:26:20 | 000,281,768 | ---- | M] (SPEEDbit) [Disabled | Running] -- C:\Program Files (x86)\SpeedBit Video Accelerator\VideoAcceleratorService.exe -- (VideoAcceleratorService)
SRV - [2012/07/09 00:40:10 | 000,104,912 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32)
SRV - [2012/04/05 14:50:08 | 000,008,704 | ---- | M] (Hi-Rez Studios) [Disabled | Paused] -- C:\Program Files (x86)\Hi-Rez Studios\HiPatchService.exe -- (HiPatchService)
SRV - [2012/04/03 22:53:50 | 000,063,928 | ---- | M] (Adobe Systems Incorporated) [Auto | Running] -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe -- (AdobeARMservice)
SRV - [2011/05/12 13:23:38 | 000,512,000 | ---- | M] () [Auto | Running] -- C:\Program Files (x86)\Froyo_Android_Driver\Bin\MonServiceUDisk.exe -- (UDisk Monitor)
SRV - [2010/09/30 02:06:46 | 000,169,408 | ---- | M] (Adobe Systems Incorporated) [Auto | Running] -- C:\Program Files (x86)\Adobe\Elements 9 Organizer\PhotoshopElementsFileAgent.exe -- (AdobeActiveFileMonitor9.0)
 
 
[color=#E56717]========== Driver Services (SafeList) ==========[/color]
 
DRV:[b]64bit:[/b] - [2014/07/17 17:05:06 | 000,125,584 | ---- | M] (Microsoft Corporation) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\NisDrvWFP.sys -- (NisDrv)
DRV:[b]64bit:[/b] - [2014/06/27 12:32:31 | 000,052,832 | ---- | M] (http://libusb-win32.sourceforge.net) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\libusb0.sys -- (libusb0)
DRV:[b]64bit:[/b] - [2014/03/04 01:37:06 | 000,041,368 | ---- | M] () [Kernel | On_Demand | Running] -- C:\Program Files\Common Files\SpeedBit\SBUpdate\sbw.sys -- (SBUpdd)
DRV:[b]64bit:[/b] - [2013/09/27 16:01:44 | 000,039,200 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\nvvad64v.sys -- (nvvad_WaveExtensible)
DRV:[b]64bit:[/b] - [2013/06/16 05:38:15 | 000,196,384 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\nvhda64v.sys -- (NVHDA)
DRV:[b]64bit:[/b] - [2012/08/29 03:50:38 | 000,057,408 | ---- | M] (MusicLab, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\mlkumidi.sys -- (mlkumidi)
DRV:[b]64bit:[/b] - [2012/05/30 21:10:48 | 000,126,944 | ---- | M] (Power Software Ltd) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\scdemu.sys -- (SCDEmu)
DRV:[b]64bit:[/b] - [2012/05/24 12:51:10 | 000,252,280 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\paeusbaudio_x64.sys -- (paeusbaudio)
DRV:[b]64bit:[/b] - [2012/05/24 12:51:10 | 000,071,544 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\paeusbaudiodsp_x64.sys -- (paeusbaudiodsp)
DRV:[b]64bit:[/b] - [2012/05/24 12:51:10 | 000,053,112 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\paeusbaudioks_x64.sys -- (paeusbaudioks)
DRV:[b]64bit:[/b] - [2012/02/29 23:46:16 | 000,023,408 | ---- | M] (Microsoft Corporation) [Recognizer | Boot | Unknown] -- C:\Windows\SysNative\drivers\fs_rec.sys -- (Fs_Rec)
DRV:[b]64bit:[/b] - [2011/05/09 17:09:00 | 000,122,368 | ---- | M] (Incorporated) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\CT_U_USBSER.sys -- (Generalusbserialser20675)
DRV:[b]64bit:[/b] - [2010/11/20 06:33:35 | 000,078,720 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD)
DRV:[b]64bit:[/b] - [2010/11/20 06:32:47 | 000,027,008 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata)
DRV:[b]64bit:[/b] - [2010/11/20 06:32:46 | 000,107,904 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata)
DRV:[b]64bit:[/b] - [2010/11/20 04:07:05 | 000,059,392 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbFlt.sys -- (TsUsbFlt)
DRV:[b]64bit:[/b] - [2010/11/20 04:03:42 | 000,020,992 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\rdpvideominiport.sys -- (RdpVideoMiniport)
DRV:[b]64bit:[/b] - [2010/04/27 16:57:20 | 000,016,200 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\WmVirHid.sys -- (WmVirHid)
DRV:[b]64bit:[/b] - [2010/04/27 16:57:12 | 000,026,440 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\WmBEnum.sys -- (WmBEnum)
DRV:[b]64bit:[/b] - [2010/04/27 14:03:12 | 000,077,512 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\WmXlCore.sys -- (WmXlCore)
DRV:[b]64bit:[/b] - [2010/04/27 14:02:42 | 000,043,976 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\WmFilter.sys -- (WmFilter)
DRV:[b]64bit:[/b] - [2010/03/19 02:00:00 | 000,055,856 | ---- | M] (Sonic Solutions) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\PxHlpa64.sys -- (PxHlpa64)
DRV:[b]64bit:[/b] - [2010/01/21 01:03:10 | 000,027,648 | ---- | M] (LG Electronics Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lgx64diag.sys -- (UsbDiag)
DRV:[b]64bit:[/b] - [2010/01/21 01:03:08 | 000,033,280 | ---- | M] (LG Electronics Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lgx64modem.sys -- (USBModem)
DRV:[b]64bit:[/b] - [2010/01/21 01:03:06 | 000,017,920 | ---- | M] (LG Electronics Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lgx64bus.sys -- (usbbus)
DRV:[b]64bit:[/b] - [2009/07/13 18:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs)
DRV:[b]64bit:[/b] - [2009/07/13 18:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2)
DRV:[b]64bit:[/b] - [2009/07/13 18:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor)
DRV:[b]64bit:[/b] - [2009/07/13 17:01:09 | 000,679,936 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\xnacc.sys -- (xnacc)
DRV:[b]64bit:[/b] - [2009/06/10 14:01:06 | 001,146,880 | ---- | M] (LSI Corp) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\agrsm64.sys -- (AGERESoftModem)
DRV:[b]64bit:[/b] - [2009/06/10 13:35:35 | 000,408,960 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\nvm62x64.sys -- (NVENETFD)
DRV:[b]64bit:[/b] - [2009/06/10 13:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv)
DRV:[b]64bit:[/b] - [2009/06/10 13:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv)
DRV:[b]64bit:[/b] - [2009/06/10 13:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a)
DRV:[b]64bit:[/b] - [2009/06/10 13:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir)
DRV - [2014/04/13 22:49:10 | 000,121,616 | ---- | M] (BlueStack Systems) [Kernel | Auto | Running] -- C:\Program Files (x86)\BlueStacks\HD-Hypervisor-amd64.sys -- (BstHdDrv)
DRV - [2009/07/13 18:19:10 | 000,019,008 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\wimmount.sys -- (WIMMount)
 
 
[color=#E56717]========== Standard Registry (SafeList) ==========[/color]
 
 
[color=#E56717]========== Internet Explorer ==========[/color]
 
IE:[b]64bit:[/b] - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE:[b]64bit:[/b] - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
 
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = http://www.msn.com/?ocid=iehp
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = en-US
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 00 F9 E6 0C 99 25 D0 01  [binary data]
IE - HKCU\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKCU\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IESR02
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 
 
[color=#E56717]========== FireFox ==========[/color]
 
FF:[b]64bit:[/b] - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF64_16_0_0_257.dll File not found
FF:[b]64bit:[/b] - HKLM\Software\MozillaPlugins\@divx.com/DivX VOD Helper,version=1.0.0: C:\Program Files\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)
FF:[b]64bit:[/b] - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF:[b]64bit:[/b] - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files\Microsoft Silverlight\5.1.31211.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_16_0_0_257.dll ()
FF - HKLM\Software\MozillaPlugins\@adobe.com/ShockwavePlayer: C:\Windows\SysWOW64\Adobe\Director\np32dsw.dll (Adobe Systems, Inc.)
FF - HKLM\Software\MozillaPlugins\@divx.com/DivX Browser Plugin,version=1.0.0: C:\Program Files (x86)\DivX\DivX Plus Web Player\npdivx32.dll (DivX, LLC)
FF - HKLM\Software\MozillaPlugins\@divx.com/DivX VOD Helper,version=1.0.0: C:\Program Files (x86)\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)
FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.9.2: C:\Windows\SysWOW64\npDeployJava1.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.9.2: C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files (x86)\Microsoft Silverlight\5.1.31211.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@nexon.net/NxGame: C:\ProgramData\NexonUS\NGM\npNxGameUS.dll (Nexon)
FF - HKLM\Software\MozillaPlugins\@nvidia.com/3DVision: C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)
FF - HKLM\Software\MozillaPlugins\@nvidia.com/3DVisionStreaming: C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files (x86)\Google\Update\1.3.25.11\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files (x86)\Google\Update\1.3.25.11\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF - HKCU\Software\MozillaPlugins\@unity3d.com/UnityPlayer,version=1.0: C:\Users\Computer\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll (Unity Technologies ApS)
 
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{23fcfd51-4958-4f00-80a3-ae97e717ed8b}: C:\Program Files (x86)\DivX\DivX Plus Web Player\firefox\DivXHTML5 [2012/05/28 20:53:32 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Thunderbird\Extensions\\[email protected]: C:\Program Files\ESET\ESET NOD32 Antivirus\Mozilla Thunderbird
 
 
[color=#E56717]========== Chrome  ==========[/color]
 
CHR - default_search_provider:  (Disabled)
CHR - default_search_provider: search_url = 
CHR - default_search_provider: suggest_url = 
CHR - plugin: Error reading preferences file
CHR - Extension: No name found = C:\Users\Computer\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek\0.8_0\
CHR - Extension: No name found = C:\Users\Computer\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake\0.7_0\
CHR - Extension: No name found = C:\Users\Computer\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\6.3_0\
CHR - Extension: No name found = C:\Users\Computer\AppData\Local\Google\Chrome\User Data\Default\Extensions\bepbmhgboaologfdajaanbcjmnhjmhfn\0.1.1.5023_0\
CHR - Extension: No name found = C:\Users\Computer\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.6_0\
CHR - Extension: No name found = C:\Users\Computer\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.20_0\
CHR - Extension: No name found = C:\Users\Computer\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap\1.0_0\
CHR - Extension: No name found = C:\Users\Computer\AppData\Local\Google\Chrome\User Data\Default\Extensions\geggofhlfbcmanadhknllmlajiafopoh\1.1_0\
CHR - Extension: No name found = C:\Users\Computer\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom\2.16.3_0\
CHR - Extension: No name found = C:\Users\Computer\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.6.1_0\
CHR - Extension: No name found = C:\Users\Computer\AppData\Local\Google\Chrome\User Data\Default\Extensions\nneajnkjbffgblleaoojgaacokifdkhm\2.1.2.145_0\
CHR - Extension: No name found = C:\Users\Computer\AppData\Local\Google\Chrome\User Data\Default\Extensions\palpbfjgianahgbbeodmcohjdmaelbeo\1.0_0\
CHR - Extension: No name found = C:\Users\Computer\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_1\
 
O1 HOSTS File: ([2009/06/10 14:00:26 | 000,000,824 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts
O2:[b]64bit:[/b] - BHO: (Privacy Safeguard BHO) - {1036AD63-AEAC-460B-9060-C96005D4DC86} - C:\Program Files\PrivacySafeGuard\PrivacySafeGuard-x64.dll (PrivaceySafeguard)
O2 - BHO: (no name) - {1036AD63-AEAC-460B-9060-C96005D4DC86} - No CLSID value found.
O2 - BHO: (DivX Plus Web Player HTML5 <video>) - {326E768D-4182-46FD-9C16-1449A49795F4} - C:\Program Files (x86)\DivX\DivX Plus Web Player\ie\DivXHTML5\DivXHTML5.dll (DivX, LLC)
O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
O2 - BHO: (Privacy Safeguard BHO) - {A42D2EB4-DD31-4BB5-8AA5-8D4E04806DBE} - C:\Program Files\PrivacySafeGuard\PrivacySafeGuard.dll (PrivaceySafeguard)
O2 - BHO: (TopArcadeHits Games) - {A7A9D7E7-E0C0-4202-9F13-6A06BD073CDA} - C:\Users\Studio\AppData\Local\TopArcadeHits\Toparcadehits.dll ()
O2 - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
O4:[b]64bit:[/b] - HKLM..\Run: [AdobeAAMUpdater-1.0] C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe (Adobe Systems Incorporated)
O4:[b]64bit:[/b] - HKLM..\Run: [MSC] c:\Program Files\Microsoft Security Client\msseces.exe (Microsoft Corporation)
O4:[b]64bit:[/b] - HKLM..\Run: [Nvtmru] C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\nvtmru.exe (NVIDIA Corporation)
O4:[b]64bit:[/b] - HKLM..\Run: [ShadowPlay] C:\Windows\SysNative\nvspcap64.dll (NVIDIA Corporation)
O4 - HKCU..\Run: [RESTART_STICKY_NOTES] C:\Windows\System32\StikyNot.exe File not found
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O10 - Protocol_Catalog9\Catalog_Entries\000000000001 - C:\Program Files (x86)\SpeedBit Video Accelerator\SBLSP.dll (SPEEDbit)
O10 - Protocol_Catalog9\Catalog_Entries\000000000002 - C:\Program Files (x86)\SpeedBit Video Accelerator\SBLSP.dll (SPEEDbit)
O10 - Protocol_Catalog9\Catalog_Entries\000000000003 - C:\Program Files (x86)\SpeedBit Video Accelerator\SBLSP.dll (SPEEDbit)
O10 - Protocol_Catalog9\Catalog_Entries\000000000004 - C:\Program Files (x86)\SpeedBit Video Accelerator\SBLSP.dll (SPEEDbit)
O10 - Protocol_Catalog9\Catalog_Entries\000000000005 - C:\Program Files (x86)\SpeedBit Video Accelerator\SBLSP.dll (SPEEDbit)
O10 - Protocol_Catalog9\Catalog_Entries\000000000006 - C:\Program Files (x86)\SpeedBit Video Accelerator\SBLSP.dll (SPEEDbit)
O10 - Protocol_Catalog9\Catalog_Entries\000000000007 - C:\Program Files (x86)\SpeedBit Video Accelerator\SBLSP.dll (SPEEDbit)
O10 - Protocol_Catalog9\Catalog_Entries\000000000008 - C:\Program Files (x86)\SpeedBit Video Accelerator\SBLSP.dll (SPEEDbit)
O10 - Protocol_Catalog9\Catalog_Entries\000000000019 - C:\Program Files (x86)\SpeedBit Video Accelerator\SBLSP.dll (SPEEDbit)
O13[b]64bit:[/b] - gopher Prefix: missing
O13 - gopher Prefix: missing
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab (Shockwave Flash Object)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.2.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{24E88E3D-1BE2-4E95-8E12-2228B8D0E37D}: DhcpNameServer = 192.168.2.1
O20:[b]64bit:[/b] - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:[b]64bit:[/b] - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (userinit.exe) - C:\Windows\SysWow64\userinit.exe (Microsoft Corporation)
O21:[b]64bit:[/b] - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O32 - HKLM CDRom: AutoRun - 1
O34 - HKLM BootExecute: (autocheck autochk *)
O35:[b]64bit:[/b] - HKLM\..comfile [open] -- "%1" %*
O35:[b]64bit:[/b] - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:[b]64bit:[/b] - HKLM\...com [@ = comfile] -- "%1" %*
O37:[b]64bit:[/b] - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)
 
[color=#E56717]========== Files/Folders - Created Within 30 Days ==========[/color]
 
[2015/01/21 14:06:40 | 000,000,000 | -HSD | C] -- C:\Config.Msi
[2015/01/19 18:44:57 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\ShoeBox
[2015/01/18 22:19:42 | 000,000,000 | ---D | C] -- C:\HaxeProjects
[2015/01/18 19:58:31 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\FlashDevelop
[2015/01/18 19:58:11 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\FlashDevelop
[2015/01/18 17:22:16 | 000,000,000 | ---D | C] -- C:\Development
[2015/01/18 16:52:24 | 000,000,000 | ---D | C] -- C:\Users\Computer\bin
[2015/01/18 14:00:34 | 000,000,000 | ---D | C] -- C:\Users\Computer\AppData\Local\Native Instruments
[2015/01/18 14:00:25 | 000,000,000 | ---D | C] -- C:\Users\Computer\AppData\Roaming\Audacity
[2015/01/18 13:48:25 | 000,000,000 | ---D | C] -- C:\Users\Computer\Documents\REAPER Media
[2015/01/18 13:46:54 | 000,000,000 | ---D | C] -- C:\Users\Computer\AppData\Roaming\REAPER
[2015/01/18 01:22:27 | 000,000,000 | ---D | C] -- C:\Users\Computer\Documents\KidsGame
[2015/01/16 03:09:25 | 000,000,000 | ---D | C] -- C:\ProgramData\VS
[2015/01/14 21:09:25 | 000,000,000 | ---D | C] -- C:\Users\Computer\MyProject
[2015/01/14 19:23:36 | 000,000,000 | ---D | C] -- C:\Users\Computer\Tut01
[2015/01/14 17:21:55 | 000,000,000 | ---D | C] -- C:\Users\Computer\Documents\Haxe
[2015/01/14 17:09:05 | 000,000,000 | ---D | C] -- C:\Users\Computer\Documents\First_Tutorial
[2015/01/14 16:44:06 | 000,000,000 | ---D | C] -- C:\Users\Computer\.android
[2015/01/14 16:43:34 | 000,000,000 | ---D | C] -- C:\Users\Computer\lime setup linux
[2015/01/14 15:18:52 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft Synchronization Services
[2015/01/14 15:18:38 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft Synchronization Services
[2015/01/14 15:17:15 | 000,000,000 | ---D | C] -- C:\Users\Computer\Documents\Visual Studio 2010
[2015/01/14 15:16:30 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Visual Studio 2010 Express
[2015/01/14 15:14:06 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft Visual Studio 10.0
[2015/01/14 15:13:32 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft Visual Studio 10.0
[2015/01/14 15:13:31 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft Help Viewer
[2015/01/14 15:13:10 | 000,000,000 | ---D | C] -- C:\Windows\PCHEALTH
[2015/01/14 14:23:04 | 003,324,232 | ---- | C] (Microsoft Corporation) -- C:\Users\Computer\vc_web.exe
[2015/01/14 13:32:47 | 000,000,000 | ---D | C] -- C:\HaxeToolkit
[2015/01/14 03:00:58 | 000,000,000 | ---D | C] -- C:\d98944030c1d3e8bf758
[2015/01/12 17:46:25 | 000,000,000 | ---D | C] -- C:\Users\Computer\AppData\Local\FlashDevelop
[2015/01/02 17:34:17 | 000,000,000 | ---D | C] -- C:\Users\Computer\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Bruteforce Save Data
[2015/01/02 17:13:10 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Bruteforce Save Data
[2015/01/02 17:12:40 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Bruteforce Save Data
[2015/01/01 18:10:17 | 000,000,000 | ---D | C] -- C:\Users\Computer\AppData\Local\Spotify
[2015/01/01 18:06:45 | 000,000,000 | ---D | C] -- C:\Users\Computer\AppData\Roaming\Spotify
[2014/12/29 17:50:42 | 000,000,000 | ---D | C] -- C:\Users\Computer\AppData\Local\Unity
[2 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]
 
[color=#E56717]========== Files - Modified Within 30 Days ==========[/color]
 
[2015/01/21 15:36:20 | 000,000,898 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2015/01/21 13:21:47 | 000,000,268 | ---- | M] () -- C:\Windows\tasks\TopArcadeHits.job
[2015/01/21 10:49:37 | 000,014,224 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2015/01/21 10:49:37 | 000,014,224 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2015/01/21 10:35:56 | 000,000,894 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2015/01/21 10:25:15 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2015/01/20 18:30:43 | 000,007,607 | ---- | M] () -- C:\Users\Computer\AppData\Local\Resmon.ResmonCfg
[2015/01/20 18:27:44 | 000,000,090 | ---- | M] () -- C:\Users\Computer\mm.cfg
[2015/01/18 19:58:31 | 000,001,967 | ---- | M] () -- C:\Users\Public\Desktop\FlashDevelop.lnk
[2015/01/18 19:37:48 | 2414,731,264 | -HS- | M] () -- C:\hiberfil.sys
[2015/01/18 17:22:29 | 000,000,125 | ---- | M] () -- C:\Users\Computer\.hxcpp_config.xml
[2015/01/18 17:22:29 | 000,000,109 | ---- | M] () -- C:\Users\Computer\.hxcpp_config.xml.bak
[2015/01/18 16:40:54 | 000,000,000 | ---- | M] () -- C:\Users\Computer\HelloWorld
[2015/01/18 14:46:36 | 000,000,828 | ---- | M] () -- C:\Users\Public\Desktop\REAPER (x64).lnk
[2015/01/18 13:49:16 | 000,781,782 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2015/01/18 13:49:16 | 000,662,058 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2015/01/18 13:49:16 | 000,121,926 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2015/01/16 09:09:38 | 000,002,183 | ---- | M] () -- C:\Users\Public\Desktop\Google Chrome.lnk
[2015/01/14 17:48:21 | 000,001,995 | ---- | M] () -- C:\Users\Computer\Application Data\Microsoft\Internet Explorer\Quick Launch\FlashDevelop.lnk
[2015/01/14 16:49:13 | 188,724,991 | ---- | M] () -- C:\Users\Computer\android-ndk-r8b-windows.zip
[2015/01/14 16:39:04 | 113,510,621 | ---- | M] () -- C:\Users\Computer\android-sdk_r22.0.5-windows.zip
[2015/01/02 17:45:18 | 000,001,097 | ---- | M] () -- C:\Users\Computer\Desktop\Bruteforce Save Data.lnk
[2015/01/01 18:10:16 | 000,001,821 | ---- | M] () -- C:\Users\Computer\Desktop\Spotify.lnk
[2015/01/01 00:32:49 | 000,001,024 | ---- | M] () -- C:\.rnd
[2014/12/28 14:06:51 | 000,010,541 | ---- | M] () -- C:\Users\Computer\Desktop\castlevania - SOTN - lost paintings.gp5
[2 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]
 
[color=#E56717]========== Files Created - No Company Name ==========[/color]
 
[2015/01/20 18:30:43 | 000,007,607 | ---- | C] () -- C:\Users\Computer\AppData\Local\Resmon.ResmonCfg
[2015/01/19 18:44:57 | 000,000,869 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ShoeBox.lnk
[2015/01/18 19:58:31 | 000,001,967 | ---- | C] () -- C:\Users\Public\Desktop\FlashDevelop.lnk
[2015/01/18 17:22:29 | 000,000,109 | ---- | C] () -- C:\Users\Computer\.hxcpp_config.xml.bak
[2015/01/18 16:40:54 | 000,000,000 | ---- | C] () -- C:\Users\Computer\HelloWorld
[2015/01/14 16:43:59 | 188,724,991 | ---- | C] () -- C:\Users\Computer\android-ndk-r8b-windows.zip
[2015/01/14 16:43:51 | 000,000,125 | ---- | C] () -- C:\Users\Computer\.hxcpp_config.xml
[2015/01/14 16:35:43 | 113,510,621 | ---- | C] () -- C:\Users\Computer\android-sdk_r22.0.5-windows.zip
[2015/01/14 13:36:20 | 000,001,995 | ---- | C] () -- C:\Users\Computer\Application Data\Microsoft\Internet Explorer\Quick Launch\FlashDevelop.lnk
[2015/01/12 17:46:34 | 000,000,090 | ---- | C] () -- C:\Users\Computer\mm.cfg
[2015/01/02 17:34:17 | 000,001,097 | ---- | C] () -- C:\Users\Computer\Desktop\Bruteforce Save Data.lnk
[2015/01/01 18:10:16 | 000,001,821 | ---- | C] () -- C:\Users\Computer\Desktop\Spotify.lnk
[2015/01/01 18:10:16 | 000,001,807 | ---- | C] () -- C:\Users\Computer\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Spotify.lnk
[2015/01/01 00:32:49 | 000,001,024 | ---- | C] () -- C:\.rnd
[2014/06/27 12:33:05 | 000,000,398 | RHS- | C] () -- C:\ProgramData\ntuser.pol
[2014/05/27 21:23:07 | 000,753,873 | ---- | C] () -- C:\Windows\unins000.exe
[2014/05/27 21:23:07 | 000,216,064 | ---- | C] ( ) -- C:\Windows\SysWow64\Lagarith.dll
[2014/05/27 21:23:06 | 000,068,315 | ---- | C] () -- C:\Windows\unins000.dat
[2013/04/03 07:10:52 | 000,091,264 | ---- | C] () -- C:\Windows\SysWow64\EasyHook32.dll
[2013/01/25 20:27:15 | 000,773,560 | ---- | C] () -- C:\Windows\SysWow64\PerfStringBackup.INI
 
[color=#E56717]========== ZeroAccess Check ==========[/color]
 
[2015/01/18 22:18:07 | 000,925,807 | ---- | M] () -- C:\$Recycle.bin\S-1-5-21-4089192388-3312144820-1747304832-1001\$RBP5IJD\export\windows\neko\obj\ApplicationMain.n
[2015/01/18 19:07:55 | 000,058,029 | ---- | M] () -- C:\$Recycle.bin\S-1-5-21-4089192388-3312144820-1747304832-1001\$RCQ04Y8\2,2,3\run.n
[2015/01/18 22:27:00 | 000,925,807 | ---- | M] () -- C:\$Recycle.bin\S-1-5-21-4089192388-3312144820-1747304832-1001\$RMK6FDZ\export\windows\neko\obj\ApplicationMain.n
[2009/07/13 21:55:00 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini
 
[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
 
[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
 
[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] /64
 
[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
"" = C:\Windows\SysNative\shell32.dll -- [2014/03/24 19:43:12 | 014,175,744 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
 
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2014/03/24 19:09:54 | 012,874,240 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\fastprox.dll -- [2009/07/13 18:40:51 | 000,909,312 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
 
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2010/11/20 05:19:02 | 000,606,208 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\wbemess.dll -- [2009/07/13 18:41:56 | 000,505,856 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both
 
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]
 
[color=#E56717]========== LOP Check ==========[/color]
 
[2015/01/18 14:06:19 | 000,000,000 | ---D | M] -- C:\Users\Computer\AppData\Roaming\Audacity
[2014/11/02 19:31:31 | 000,000,000 | ---D | M] -- C:\Users\Computer\AppData\Roaming\PowerISO
[2015/01/18 14:26:20 | 000,000,000 | ---D | M] -- C:\Users\Computer\AppData\Roaming\REAPER
[2015/01/21 15:35:41 | 000,000,000 | ---D | M] -- C:\Users\Computer\AppData\Roaming\Spotify
 
[color=#E56717]========== Purity Check ==========[/color]
 
 

< End of report >

OTS also created an Extra.txt. Here it is
 

OTL Extras logfile created on: 1/21/2015 3:18:54 PM - Run 1
OTL by OldTimer - Version 3.2.69.0     Folder = C:\Users\Computer\Downloads
64bit- Ultimate Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.11.9600.17501)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy
 
3.00 Gb Total Physical Memory | 0.63 Gb Available Physical Memory | 20.89% Memory free
7.34 Gb Paging File | 2.23 Gb Available in Paging File | 30.38% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 465.66 Gb Total Space | 92.84 Gb Free Space | 19.94% Space Free | Partition Type: NTFS
 
Computer Name: STUDIO-PC | User Name: Computer | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Quick Scan | Include 64bit Scans
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days
 
[color=#E56717]========== Extra Registry (SafeList) ==========[/color]
 
 
[color=#E56717]========== File Associations ==========[/color]
 
[b]64bit:[/b] [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.html[@ = htmlfile] -- C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation)
.url[@ = InternetShortcut] -- C:\Windows\SysNative\rundll32.exe (Microsoft Corporation)
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\SysWow64\control.exe (Microsoft Corporation)
.html [@ = htmlfile] -- C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation)
 
[HKEY_CURRENT_USER\SOFTWARE\Classes\<extension>]
.html [@ = ChromeHTML] -- Reg Error: Key error. File not found
 
[color=#E56717]========== Shell Spawning ==========[/color]
 
[b]64bit:[/b] [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [edit] -- Reg Error: Key error.
htmlfile [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
htmlfile [opennew] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
htmlfile [print] -- "%systemroot%\system32\rundll32.exe" "%systemroot%\system32\mshtml.dll",PrintHTML "%1"
http [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
https [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
InternetShortcut [open] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll",OpenURL %l (Microsoft Corporation)
InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Applications\iexplore.exe [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
CLSID\{871C5380-42A0-1069-A2EA-08002B30309D} [OpenHomePage] -- "C:\Program Files\Internet Explorer\iexplore.exe" (Microsoft Corporation)
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [edit] -- Reg Error: Key error.
htmlfile [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
htmlfile [opennew] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
htmlfile [print] -- "%systemroot%\system32\rundll32.exe" "%systemroot%\system32\mshtml.dll",PrintHTML "%1"
http [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
https [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Applications\iexplore.exe [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
CLSID\{871C5380-42A0-1069-A2EA-08002B30309D} [OpenHomePage] -- Reg Error: Value error.
 
[color=#E56717]========== Security Center Settings ==========[/color]
 
[b]64bit:[/b] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1
 
[b]64bit:[/b] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
 
[b]64bit:[/b] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = 28 4D B2 76 41 04 CA 01  [binary data]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
 
[b]64bit:[/b] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
 
[color=#E56717]========== Firewall Settings ==========[/color]
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
 
[color=#E56717]========== Authorized Applications List ==========[/color]
 
 
[color=#E56717]========== Vista Active Open Ports Exception List ==========[/color]
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{00C82B1A-71B0-4F51-9F9E-DAAE47FBC51C}" = lport=10243 | protocol=6 | dir=in | app=system | 
"{05FC86C2-705D-4D90-936A-9392F6F1DB4E}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe | 
"{1680F660-366B-4316-8652-65448588B9A0}" = rport=2177 | protocol=6 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe | 
"{1724EF9B-4A86-4356-B85D-F26F9DED742F}" = lport=138 | protocol=17 | dir=in | app=system | 
"{3982CC0C-F620-4804-AEC3-920D35895476}" = lport=445 | protocol=6 | dir=in | app=system | 
"{4D904DD4-A2E8-4C48-8407-1D2598F71554}" = lport=2869 | protocol=6 | dir=in | app=system | 
"{6AD10FFC-D264-4E81-BCF8-867E611278EE}" = rport=10243 | protocol=6 | dir=out | app=system | 
"{70ECE3A3-C88B-4EB2-A790-6769033EA868}" = rport=445 | protocol=6 | dir=out | app=system | 
"{75E1509B-361A-47F3-8718-1ECCA12AE438}" = lport=139 | protocol=6 | dir=in | app=system | 
"{79ED9A1F-2094-4FB4-9C1F-CBC4032AC08C}" = lport=5353 | protocol=17 | dir=in | app=c:\program files (x86)\google\chrome\application\chrome.exe | 
"{7EF2BEC0-8CB1-4010-BD60-4D5F05054C0C}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe | 
"{814E9757-485B-4DB6-9D43-D95BE9EBD13A}" = lport=5353 | protocol=17 | dir=in | app=c:\program files\nvidia corporation\nvstreamsrv\nvstreamsvc.exe | 
"{8F7FC876-5FF7-4C5C-9603-2BDA6D746FB6}" = lport=2177 | protocol=6 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe | 
"{94DAAD78-1A94-4FAB-84AC-035A605F4BE8}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe | 
"{971D104B-9C52-4AE8-A426-CDE815E363F8}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe | 
"{9E92BC2C-44D5-49D5-8A7F-0031F087AE63}" = lport=48000 | protocol=17 | dir=in | app=c:\program files\nvidia corporation\nvstreamsrv\nvstreamer.exe | 
"{9F02DF6A-4043-4452-B494-FDD49556C91C}" = rport=139 | protocol=6 | dir=out | app=system | 
"{A89D4FBE-B95F-41D3-99A4-8EA554428316}" = lport=2177 | protocol=17 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe | 
"{C1D0A7D5-4FA3-442D-BDEF-119CEF10BF0C}" = lport=47987 | protocol=6 | dir=in | app=c:\program files\nvidia corporation\nvstreamsrv\nvstreamsvc.exe | 
"{C238D024-3E4D-4B32-96B2-743E9B127186}" = lport=3702 | protocol=17 | dir=in | app=c:\program files (x86)\microsoft visual studio 11.0\common7\ide\wdexpress.exe | 
"{CF51BDD6-7B28-49D5-AB45-3C48B96A38DA}" = lport=rpc | protocol=6 | dir=in | svc=spooler | app=%systemroot%\system32\spoolsv.exe | 
"{D9F78FCB-76A3-45F6-B144-EDEFE7677AF0}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | [email protected],-28539 | 
"{DC1B31F6-76BA-46C2-BF6A-C68343B87F66}" = lport=137 | protocol=17 | dir=in | app=system | 
"{E39D49D0-6B60-42E3-A9FF-72C11A1FAD50}" = rport=2177 | protocol=17 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe | 
"{EBDFBDB3-3163-4E11-A3C8-50E176BE5CE2}" = rport=137 | protocol=17 | dir=out | app=system | 
"{EECDDFE0-25C7-4251-A74F-455104F41CFC}" = lport=47991 | protocol=6 | dir=in | app=c:\program files\nvidia corporation\nvstreamsrv\nvstreamer.exe | 
"{F4121A16-46CF-4848-8AAF-0A3957A69E83}" = rport=138 | protocol=17 | dir=out | app=system | 
 
[color=#E56717]========== Vista Active Application Exception List ==========[/color]
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{05034D63-7919-4135-AA76-A02FB8F81F88}" = protocol=17 | dir=in | app=c:\program files (x86)\bittorrent\bittorrent.exe | 
"{1616D187-943B-4CBC-88CB-33EBD2CF9183}" = protocol=6 | dir=in | app=c:\programdata\nexonus\ngm\ngm.exe | 
"{1A65CE5C-E87D-4899-A67A-98D7DE6EBDC0}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe | 
"{1E5884E5-719D-4B97-B227-C9C71505CDB0}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe | 
"{31299493-DB07-4239-84BC-253BC967E903}" = protocol=17 | dir=in | app=c:\program files\presonus\audiobox\audiobox.exe | 
"{33F7CEAD-7020-41A6-87FA-45B68DC1C905}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe | 
"{37937766-770E-4503-8546-6DD1917F65C8}" = protocol=17 | dir=in | app=c:\programdata\nexonus\ngm\ngm.exe | 
"{3FE82413-87CE-4561-8149-9D8F5F926A1C}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe | 
"{4436958E-E371-4C5C-8E86-6DE137387AF1}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe | 
"{45765113-84AC-4280-8E6F-50C93944EEB4}" = protocol=6 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe | 
"{510BD060-34FA-4BC3-9F8C-1C339205CAEB}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe | 
"{5688374F-8BF6-4CA5-8993-7305F7D903B3}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe | 
"{572FAFEB-FAD1-4654-9988-42C143B78EFA}" = protocol=17 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe | 
"{6AE9EF86-723A-411D-BDCC-BBBD11B7803A}" = protocol=1 | dir=out | [email protected],-28544 | 
"{6B5E3729-EEBC-4BA1-BDC5-DF6A782CE9D8}" = protocol=17 | dir=in | app=%programfiles(x86)%\windows media player\wmplayer.exe | 
"{77D46CCB-201C-46D5-BED0-8F5078C5E458}" = protocol=6 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe | 
"{7F6E1DBD-1AFA-4623-8701-16125C7E9FAF}" = protocol=58 | dir=in | [email protected],-28545 | 
"{890E9544-9F7F-42A6-8AE1-249BEE681149}" = protocol=6 | dir=in | app=c:\program files\presonus\audiobox\audiobox.exe | 
"{931D97C4-6BD2-4305-B8F2-553993538AD2}" = protocol=6 | dir=in | app=c:\program files (x86)\ps3 media server\pms.exe | 
"{A5035889-1E3C-4D20-B77D-FB4552EA3455}" = protocol=1 | dir=in | [email protected],-28543 | 
"{AD784D34-7FD9-40BD-AE22-E753FF16D3B4}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe | 
"{B085C48B-B32E-46C5-9DC1-121AC8943BD0}" = protocol=6 | dir=in | app=c:\program files (x86)\bittorrent\bittorrent.exe | 
"{B1C2ED5C-A5B8-4C1F-8FCB-3D4F3C7ECBD9}" = protocol=17 | dir=in | app=c:\program files (x86)\ps3 media server\pms.exe | 
"{D10E3CC0-6E24-40D2-A33F-58450D674CD6}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe | 
"{D6C45E47-00C6-4C39-9EFD-8924FEC4EB6A}" = protocol=6 | dir=out | app=system | 
"{EC1BAA95-445E-4635-BEF2-F00E4010AFF8}" = protocol=58 | dir=out | [email protected],-28546 | 
"{FC82025B-3B3E-438E-A6CF-70DD61C978C4}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe | 
"TCP Query User{2330782F-47FF-4AF0-9E61-CBDE7747CF3C}C:\program files (x86)\flashdevelop\flashdevelop.exe" = protocol=6 | dir=in | app=c:\program files (x86)\flashdevelop\flashdevelop.exe | 
"TCP Query User{273820FF-8C88-4BE8-A0BC-23D2DD4078FF}C:\program files\presonus\audiobox\audiobox.exe" = protocol=6 | dir=in | app=c:\program files\presonus\audiobox\audiobox.exe | 
"TCP Query User{2D6E50C0-922C-4187-9C6E-B3FDC98DF3C2}C:\users\computer\appdata\roaming\spotify\spotify.exe" = protocol=6 | dir=in | app=c:\users\computer\appdata\roaming\spotify\spotify.exe | 
"TCP Query User{307E69B4-1C09-406F-97FF-56B08653E9AF}C:\users\studio\appdata\roaming\spotify\spotify.exe" = protocol=6 | dir=in | app=c:\users\studio\appdata\roaming\spotify\spotify.exe | 
"TCP Query User{7BCBA59A-D760-4B07-ACE0-C1A970486259}C:\program files (x86)\java\jre7\bin\javaw.exe" = protocol=6 | dir=in | app=c:\program files (x86)\java\jre7\bin\javaw.exe | 
"TCP Query User{7C2F7415-91C8-45DC-BC70-65CF15C95D89}C:\users\studio\downloads\left 4 dead 2 full game mp - sp v 2.1.0.2 ^^nosteam^^\left4dead 2\left4dead2.exe" = protocol=6 | dir=in | app=c:\users\studio\downloads\left 4 dead 2 full game mp - sp v 2.1.0.2 ^^nosteam^^\left4dead 2\left4dead2.exe | 
"TCP Query User{8873D538-2AC1-49E6-A061-264E1E8C2D06}C:\program files (x86)\hi-rez studios\hirezgames\tribes\binaries\win32\tribesascend.exe" = protocol=6 | dir=in | app=c:\program files (x86)\hi-rez studios\hirezgames\tribes\binaries\win32\tribesascend.exe | 
"TCP Query User{B492F392-F606-47D6-BCE9-DF7A566DAB1C}C:\program files (x86)\voxox\voxox.exe" = protocol=6 | dir=in | app=c:\program files (x86)\voxox\voxox.exe | 
"TCP Query User{D9960D2A-E32A-4B6D-88DD-D281ACE61B45}C:\users\studio\appdata\roaming\spotify\spotify.exe" = protocol=6 | dir=in | app=c:\users\studio\appdata\roaming\spotify\spotify.exe | 
"TCP Query User{DEC10893-6974-4F9F-9BF4-D9420B176492}C:\program files (x86)\flashdevelop\tools\webserver\server.exe" = protocol=6 | dir=in | app=c:\program files (x86)\flashdevelop\tools\webserver\server.exe | 
"UDP Query User{0E861AC1-4570-49BD-ACF0-EE80FBD4BA20}C:\program files (x86)\flashdevelop\flashdevelop.exe" = protocol=17 | dir=in | app=c:\program files (x86)\flashdevelop\flashdevelop.exe | 
"UDP Query User{2D9447D4-C0E7-494A-9BDA-D79F80F60268}C:\users\studio\appdata\roaming\spotify\spotify.exe" = protocol=17 | dir=in | app=c:\users\studio\appdata\roaming\spotify\spotify.exe | 
"UDP Query User{625303DD-0B78-48FC-843F-CB52BFBFBCB8}C:\users\studio\appdata\roaming\spotify\spotify.exe" = protocol=17 | dir=in | app=c:\users\studio\appdata\roaming\spotify\spotify.exe | 
"UDP Query User{6D35FFA9-372D-4622-815A-61FED3B0E79F}C:\program files\presonus\audiobox\audiobox.exe" = protocol=17 | dir=in | app=c:\program files\presonus\audiobox\audiobox.exe | 
"UDP Query User{9C6EA706-B721-426E-973D-32E13F566BCD}C:\program files (x86)\voxox\voxox.exe" = protocol=17 | dir=in | app=c:\program files (x86)\voxox\voxox.exe | 
"UDP Query User{A3910DAF-8927-4FC1-8309-97D830152957}C:\program files (x86)\hi-rez studios\hirezgames\tribes\binaries\win32\tribesascend.exe" = protocol=17 | dir=in | app=c:\program files (x86)\hi-rez studios\hirezgames\tribes\binaries\win32\tribesascend.exe | 
"UDP Query User{A77B05B5-9719-498C-A22D-B2EC350A34CA}C:\program files (x86)\java\jre7\bin\javaw.exe" = protocol=17 | dir=in | app=c:\program files (x86)\java\jre7\bin\javaw.exe | 
"UDP Query User{AEB9D36C-B2FC-41C6-BF1F-3860B438AC11}C:\users\computer\appdata\roaming\spotify\spotify.exe" = protocol=17 | dir=in | app=c:\users\computer\appdata\roaming\spotify\spotify.exe | 
"UDP Query User{C21F6F29-727D-497D-94AD-54A32093351B}C:\program files (x86)\flashdevelop\tools\webserver\server.exe" = protocol=17 | dir=in | app=c:\program files (x86)\flashdevelop\tools\webserver\server.exe | 
"UDP Query User{CC6C90EB-9CF9-41C3-8A7C-4438D425A635}C:\users\studio\downloads\left 4 dead 2 full game mp - sp v 2.1.0.2 ^^nosteam^^\left4dead 2\left4dead2.exe" = protocol=17 | dir=in | app=c:\users\studio\downloads\left 4 dead 2 full game mp - sp v 2.1.0.2 ^^nosteam^^\left4dead 2\left4dead2.exe | 
 
[color=#E56717]========== HKEY_LOCAL_MACHINE Uninstall List ==========[/color]
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{01D57CF6-B5BC-4D03-AFF5-7960CFBD05A9}" = Native Instruments Guitar Rig 5
"{071c9b48-7c32-4621-a0ac-3f809523288f}" = Microsoft Visual C++ 2005 Redistributable (x64)
"{0886900B-B2F3-452C-B580-60F1253F7F80}" = Native Instruments Controller Editor
"{0B8565BA-BAD5-4732-B122-5FD78EFC50A9}" = Native Instruments Service Center
"{0E8670B8-3965-4930-ADA6-570348B67153}" = Microsoft SQL Server 2012 Transact-SQL ScriptDom 
"{13D558FE-A863-402C-B115-160007277033}" = Microsoft SQL Server 2012 Express LocalDB 
"{1444D2EE-C7AD-44A8-844F-2634B49353D1}" = Logitech Gaming Software 5.10
"{1864B4F0-8888-5A57-9930-C2B307597966}" = MusicLab RealGuitar
"{1AD147D0-BE0E-3D6C-AC11-64F6DC4163F1}" = Microsoft .NET Framework 4.5
"{1C7C8AAF-A16D-32E8-89E5-F6D165DE0BCE}" = Microsoft Visual C++ 2010  x64 Runtime - 10.0.40219
"{1D8E6291-B0D5-35EC-8441-6616F567A0F7}" = Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219
"{23F2C78C-E131-4CA0-8F84-3473FB7728BA}" = Microsoft Security Client
"{27EF252D-800C-ED42-9904-459FE0046225}" = Windows Software Development Kit for Windows Store Apps DirectX x64 Remote
"{2930FB47-6452-4476-BF16-D77F748646DB}" = Native Instruments Guitar Rig Mobile I/O
"{2B997E80-3BEC-3222-9114-98DBE1182B2E}" = Microsoft Visual C++ 2012 x64 Debug Runtime - 11.0.50727
"{2EDC2FA3-1F34-34E5-9085-588C9EFD1CC6}" = Microsoft Visual C++ 2012 x64 Minimum Runtime - 11.0.60610
"{30B7A7A6-D519-3332-BEB3-D105EFC7389A}" = Microsoft Visual Studio 2012 Express Prerequisites x64 - ENU
"{36E619BC-A234-4EC3-849B-779A7C865A45}" = Microsoft SQL Server 2012 Data-Tier App Framework 
"{49D665A2-4C2A-476E-9AB8-FCC425F526FC}" = Microsoft SQL Server 2012 Native Client 
"{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148
"{4FFA2088-8317-3B14-93CD-4C699DB37843}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729
"{554BB593-3543-4AEB-A192-2AC87EC3FF31}_is1" = AudioBox version 1.2
"{5FB4C443-6BD6-1514-2717-3827D65AE6FB}" = Windows Software Development Kit DirectX x64 Remote
"{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161
"{68A48EF1-DF03-394F-AF40-1E4FE42BB8DD}" = Microsoft Visual Studio Team Foundation Server 2012 Object Model Language Pack - ENU
"{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}" = Microsoft Visual C++ 2005 Redistributable (x64)
"{6F07A6C2-9068-3673-A120-DC10012468C6}" = Microsoft Visual Studio Team Foundation Server 2012 Object Model
"{764384C5-BCA9-307C-9AAC-FD443662686A}" = Microsoft Visual C++ 2012 x64 Additional Runtime - 11.0.60610
"{78909610-D229-459C-A936-25D92283D3FD}" = Microsoft SQL Server Compact 4.0 SP1 x64 ENU
"{7930FB47-6452-4476-BF16-D77F748646DB}" = Native Instruments Guitar Rig Session I/O
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033" = Microsoft .NET Framework 4.5
"{9495AEB4-AB97-39DE-8C42-806EEF75ECA7}" = Microsoft Visual Studio 2010 Tools for Office Runtime (x64)
"{9D573E71-1077-4C7E-B4DB-4E22A5D2B48B}" = Microsoft SQL Server 2012 Command Line Utilities 
"{A30B7FD7-04A1-46e1-ABDF-FD592C113253}" = MusicLab Virtual MIDI Driver
"{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}" = Microsoft Visual C++ 2005 Redistributable (x64)
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision" = NVIDIA 3D Vision Driver 331.65
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.ControlPanel" = NVIDIA Control Panel 331.65
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver" = NVIDIA Graphics Driver 331.65
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience" = NVIDIA GeForce Experience 1.7
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB" = NVIDIA 3D Vision Controller Driver 331.65
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX" = NVIDIA PhysX System Software 9.13.0725
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update" = NVIDIA Update 9.3.16
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_GFExperience.LEDVisualizer" = NVIDIA LED Visualizer 1.0
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_GFExperience.NvStreamC" = GeForce Experience NvStream Client Components
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_GFExperience.NvStreamSrv" = SHIELD Streaming
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver" = NVIDIA HD Audio Driver 1.3.26.4
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_installer" = NVIDIA Install Application
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NVIDIA.Update" = NVIDIA Update Components
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_ShadowPlay" = NVIDIA ShadowPlay 9.3.16
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_VirtualAudio.Driver" = NVIDIA Virtual Audio 1.2.9
"{B820C985-D9F1-45B5-A7F5-0C5863CBEA04}_is1" = Privacy SafeGuard version 1.0
"{B962AD08-335F-46f7-A182-257D37672E5C}" = Native Instruments Rig Kontrol 3
"{BCA26999-EC22-3007-BB79-638913079C9A}" = Microsoft Visual Studio 2010 Express Prerequisites x64 - ENU
"{BEB0F91E-F2EA-48A1-B938-7857ABF2A93D}" = Microsoft SQL Server 2012 Transact-SQL Compiler Service 
"{D4AD39AD-091E-4D33-BB2B-59F6FCB8ADC3}" = Microsoft SQL Server Compact 3.5 SP2 x64 ENU
"{E5748D30-7E6D-3A8E-BFE6-C1D02C6DDABB}" = Microsoft Help Viewer 1.1
"{F1949145-EB64-4DE7-9D81-E6D27937146C}" = Microsoft System CLR Types for SQL Server 2012 (x64)
"{FA0A244E-F3C2-4589-B42A-3D522DE79A42}" = Microsoft SQL Server 2012 Management Objects  (x64)
"8F14F2ECEDE68D26EA515B48DC25B39103C4FE8D" = Windows Driver Package - Leapfrog (Leapfrog-USBLAN) Net  (09/10/2009 02.03.05.012)
"EqualizerAPO" = Equalizer APO
"Microsoft Help Viewer 1.1" = Microsoft Help Viewer 1.1
"Microsoft Security Client" = Microsoft Security Essentials
"Microsoft Visual Studio 2010 Tools for Office Runtime (x64)" = Microsoft Visual Studio 2010 Tools for Office Runtime (x64)
"REAPER" = REAPER (x64)
"WinRAR archiver" = WinRAR 4.11 (64-bit)
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{007F778D-F15C-4EAB-AE92-071D21FAF632}" = Adobe Photoshop Elements 9
"{03534DA5-2F88-4B8E-A978-849B979E1B8F}" = TuxGuitar
"{08D2E121-7F6A-43EB-97FD-629B44903403}" = Microsoft_VC90_CRT_x86
"{09412B73-6159-40D6-B0B9-C11B30A7531E}" = Microsoft Visual Studio 2012 Preparation
"{0BAE37D6-5A05-7975-A491-995FB43664A0}" = ShoeBox
"{0F3C9093-6C13-484D-8385-93AA21BEC025}" = Microsoft Visual C++ 2012 32bit Compilers - ENU Resources
"{1111706F-666A-4037-7777-210328764D10}" = JavaFX 2.1.0
"{1948E039-EC79-4591-951D-9867A8C14C90}" = Microsoft .NET Framework 4.5 SDK
"{1B9BBB23-65CB-3AEE-BFC6-633E7CA299FD}" = Microsoft Visual Studio Team Foundation Server 2012 Team Explorer Language Pack - ENU
"{1BE2AFE6-209E-3862-AE45-DA9D3D21BD65}" = Microsoft Visual Studio Express 2012 for Windows Desktop
"{1C163D33-33B3-33EB-A617-0D4D852BE8E1}" = Microsoft Visual C++ 2012 x86 Debug Runtime - 11.0.50727
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{222C5507-AC43-388F-808E-2266EC57E043}" = Microsoft Visual Studio Express 2012 for Windows Desktop - ENU
"{23176E97-26CB-C72A-19EB-BFB21AC1D15A}" = Windows Software Development Kit DirectX x86 Remote
"{26A24AE4-039D-4CA4-87B4-2F83217009FF}" = Java 7 Update 9
"{2C0CC01A-DDBC-3AED-AF18-E741242FD727}" = Microsoft Visual Studio Ultimate 2012 XAML UI Designer enu Resources
"{2F8B731A-5F2D-3EA8-8B25-C3E5E43F4BDB}" = Microsoft Visual C++  Compilers 2010 Standard - enu - x86
"{32136776-FE3F-453D-80DA-CDD993BDB2A3}" = Entity Framework Designer for Visual Studio 2012 - enu
"{34D1DFAF-1398-49D3-BFC7-B014845B3C9F}" = AVOX Evo RTAS
"{38FC6E9A-F719-431A-A83D-4C86D5FD6555}" = Microsoft Visual Studio 2012 Shell (Minimum) Resources
"{3A9FC03D-C685-4831-94CF-4EDFD3749497}" = Microsoft SQL Server Compact 3.5 SP2 ENU
"{3D6AD258-61EA-35F5-812C-B7A02152996E}" = Microsoft Visual C++ 2012 x86 Additional Runtime - 11.0.60610
"{40C4903E-EDFB-4CAE-A611-41FEBA585921}" = VTech Download Agent Library
"{42F61556-29ED-8122-F39E-6F04EA5FF279}" = Windows Software Development Kit for Windows Store Apps DirectX x86 Remote
"{433EACD8-4747-4A6A-826A-FFA9F39B0D40}" = Elements 9 Organizer
"{46F8CF66-AB83-38A7-99B2-A5BE507EE472}" = Microsoft Visual C++ 2010 Express - ENU
"{48F1E00A-7CA1-4469-B5B4-6362AA34CC50}" = Harmony Engine Evo RTAS
"{490BF87E-1F75-4453-BF55-9F540543A3CA}" = Steinberg Drum Loop Expansion 01
"{49402ED1-A795-4435-A745-1B781BE621A6}" = Microsoft NuGet - Visual Studio Express 2012 for Windows Desktop
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{4A19D6AC-ADE0-4A07-80FF-9C9812C45557}" = Steinberg Cubase 5
"{4D454CF8-12FD-464D-B57B-B46FE27B78BB}" = Steinberg LoopMash Content
"{4F2B8233-35EE-4197-8C3B-EACCBF712029}" = Microsoft SQL Server Data Tools - enu (11.1.20828.01)
"{532B917B-8235-4FA5-BE36-643A8BB053A5}" = Steinberg REVerence Content 01
"{58206080-3E1F-4418-8117-D190FC71BF58}" = RealStrat 1.0
"{5AB7D739-1735-3A9E-BE73-C43507CB4E6F}" = Microsoft Visual Studio 2010 Service Pack 1
"{5CBFF3F3-2D40-34EE-BCA5-A95BC19E400D}" = Microsoft .NET Framework 4.5 Multi-Targeting Pack
"{5D9ED403-94DE-3BA0-B1D6-71F4BDA412E6}" = Microsoft Visual C++ 2010  x86 Runtime - 10.0.40219
"{60D5EF2A-4E0C-2C30-38F6-59C26E134F4A}" = Windows Software Development Kit
"{612C34C7-5E90-47D8-9B5C-0F717DD82726}" = swMSM
"{65AA5B18-A330-4F35-BCDF-EA85EC888906}" = AVOX Evo VST
"{689FD579-0642-4D3E-AB61-F63B79C5075A}" = BlueStacks Notification Center
"{69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4}" = Windows Media Player Firefox Plugin
"{6D6D43E5-218C-4B05-92D3-2240810F4760}" = Microsoft SQL Server 2012 T-SQL Language Service 
"{6DAB46E3-D017-3E2B-85D8-F57A230384C0}" = Microsoft Visual Studio Team Foundation Server 2012 Team Explorer
"{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable
"{7B5AA67E-FEA0-40BB-BAB5-CA56645A589C}" = NVIDIA PhysX
"{7B77622E-DE90-48EA-B2C7-227B1DE58A01}" = Adobe AIR
"{800F484E-9D69-492D-B656-7BAA32586142}" = Microsoft Visual Studio 2012 Shell (Minimum)
"{820C677A-41B2-48C3-8136-FEE35A052E73}" = Microsoft Visual Studio 2012 Shell (Minimum) Interop Assemblies
"{865D9ED1-EAC2-436D-AFA7-0B750EB5AAAB}" = Steinberg HALionOne Studio Drum Set
"{8CC3E646-468B-4B96-B13C-AC99FFDD1844}" = Harmony Engine Evo VST
"{9169C939-ED01-446A-BD0C-29873BAF4E48}" = Prerequisites for SSDT 
"{92D58719-BBC1-4CC3-A08B-56C9E884CC2C}" = Microsoft_VC80_CRT_x86
"{933B4015-4618-4716-A828-5289FC03165F}" = VC80CRTRedist - 8.0.50727.6195
"{95120000-00B9-0409-0000-0000000FF1CE}" = Microsoft Application Error Reporting
"{95716cce-fc71-413f-8ad5-56c2892d4b3a}" = Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.60610
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
"{A1785BD4-3486-4E7E-8074-E3FC61B8F315}" = Microsoft Visual C++ 2012 x86-x64 Compilers
"{a1909659-0a08-4554-8af1-2175904903a1}" = Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.60610
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{AC76BA86-7AD7-1033-7B44-AA1000000001}" = Adobe Reader X (10.1.3)
"{AC997F93-0757-4ED4-A701-F40C2D654D09}" = Steinberg HALionOne GM Drum Set
"{B362A397-B38A-3A23-A190-611F9C7EB4F9}" = Microsoft Visual C++ 2012 Core Libraries
"{B3DAF54F-DB25-4586-9EF1-96D24BB14088}" = Windows Movie Maker 2.6
"{BC4A54D6-6591-4D01-AE21-C9ABAAF69D7F}" = Microsoft Expression Encoder 4
"{BD86F1AC-B594-46E4-85DC-1258AC9E2232}" = Steinberg Groove Agent ONE Content
"{C1BE4600-7D15-3D1E-8AA2-B3241DB1D063}" = Microsoft Visual Studio Ultimate 2012 XAML UI Designer Core
"{C3ABE126-2BB2-4246-BFE1-6797679B3579}" = LG USB Modem Driver
"{CFEF48A8-BFB8-3EAC-8BA5-DE4F8AA267CE}" = Microsoft .NET Framework 4 Multi-Targeting Pack
"{D11F66FF-82B3-DDB8-1146-525370552BE1}" = Windows Software Development Kit for Windows Store Apps
"{D1A19B02-817E-4296-A45B-07853FD74D57}" = Microsoft_VC80_MFC_x86
"{D23CBFDA-C46B-4920-BA70-FC7878A3F05A}" = Steinberg HALionOne Studio Set
"{D82CDA0D-C182-42C8-8FF2-5649C98D6003}" = Steinberg HALionOne Pro Set
"{D92BBB52-82FF-42ED-8A3C-4E062F944AB7}" = Microsoft_VC80_MFCLOC_x86
"{DA1C1761-5F4F-4332-AB9D-29EDF3F8EA0A}" = Microsoft SQL Server 2012 Management Objects 
"{e0efdce9-a486-4676-8aa5-65bb08cbf34c}" = Microsoft Visual Studio Express 2012 for Windows Desktop - ENU
"{E2082604-4BA5-44BB-BBFB-AF0F3CB8C6AB}" = Microsoft System CLR Types for SQL Server 2012
"{E22AD5D3-EB60-4A8F-835C-6C10E369DCE2}" = Steinberg HALionOne Expression Set
"{E2AE009D-37E5-4724-A6B8-0ED6A6BA4F68}" = Elements STI Installer
"{E70E7159-93B1-470D-9FBD-D8E9EF34B538}" = Steinberg HALionOne
"{E7D4E834-93EB-351F-B8FB-82CDAE623003}" = Microsoft Visual C++ 2012 x86 Minimum Runtime - 11.0.60610
"{E818AE7C-244B-4A50-9C86-C0E4A8B69159}" = Microsoft Visual Studio 2012 Tools for SQL Server Compact 4.0 SP1 ENU
"{EA2DB6E0-72C5-4ef9-A3A0-E6705F4A6A9E}" = Nexon Game Manager
"{EC8282AB-48DD-91D2-7387-01CD6E100A5D}" = Adobe Photoshop.com Inspiration Browser
"{F057965A-D974-4C64-ADB1-4381CD4B8956}" = Steinberg HALionOne GM Set
"{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}" = Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219
"{F302F4F0-588D-6501-1ACF-BE3FDCC9135D}" = Adobe Community Help
"{F3AFD063-8BAD-485E-B641-E7F5A2C5AE71}" = Steinberg HALionOne Additional Content Set 01
"{F96D619D-99D6-4C9C-A393-0CD22DE1CA66}_is1" = Ezvid
"{F9EC30D1-F688-4708-9850-CB5120074AAA}" = Microsoft Expression Encoder 4 Screen Capture Codec
"{FAE0523E-08A4-4717-8E8E-6EC6F32CBE88}" = Microsoft SQL Server Data Tools Build Utilities - enu (11.1.20828.01)
"{FBA6F90E-36EC-4FC9-9B25-3834E3BD46A8}" = Microsoft SQL Server 2012 Data-Tier App Framework 
"{FEB375AB-6EEC-3929-8FAF-188ED81DD8B5}" = Microsoft Help Viewer 2.0
"Adobe AIR" = Adobe AIR
"Adobe Flash Player ActiveX" = Adobe Flash Player 16 ActiveX
"Adobe Flash Player NPAPI" = Adobe Flash Player 16 NPAPI
"Adobe Photoshop Elements 9" = Adobe Photoshop Elements 9
"Adobe Shockwave Player" = Adobe Shockwave Player 11.6
"Android USB Driver_is1" = Android USB Driver
"ASIO4ALL" = ASIO4ALL
"Audacity_is1" = Audacity 2.0.5
"BitTorrent" = BitTorrent
"BlueStacks App Player" = BlueStacks App Player
"Bruteforce Save Data" = Bruteforce Save Data
"chc.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1" = Adobe Community Help
"Cheat Engine 6.1_is1" = Cheat Engine 6.1
"Collab" = Collab
"DivX Setup" = DivX Setup
"Dolphin" = Dolphin
"Encoder_4.0.3205.0" = Microsoft Expression Encoder 4
"EndItAll_is1" = EndItAll 2.0
"FL Studio 8" = FL Studio 8
"FlashDevelop" = FlashDevelop
"Game Maker 7.0" = Game Maker 7.0
"Game Maker 8.0" = Game Maker 8.0
"GoldWave v5.67" = GoldWave v5.67
"Google Chrome" = Google Chrome
"Guitar Pro 5_is1" = Guitar Pro 5.2
"IL Download Manager" = IL Download Manager
"KLiteCodecPack_is1" = K-Lite Codec Pack 9.3.0 (Standard)
"LAME_is1" = LAME v3.99.3 (for Windows)
"Live 8.2.2" = Live 8.2.2
"MapleStory" = MapleStory
"Microsoft Help Viewer 2.0" = Microsoft Help Viewer 2.0
"Microsoft Visual C++ 2010 Express - ENU" = Microsoft Visual C++ 2010 Express - ENU
"Microsoft Visual Studio 2010 Service Pack 1" = Microsoft Visual Studio 2010 Service Pack 1
"Native Instruments Controller Editor" = Native Instruments Controller Editor
"Native Instruments Guitar Rig 5" = Native Instruments Guitar Rig 5
"Native Instruments Guitar Rig Mobile I/O" = Native Instruments Guitar Rig Mobile I/O
"Native Instruments Guitar Rig Session I/O" = Native Instruments Guitar Rig Session I/O
"Native Instruments Rig Kontrol 3" = Native Instruments Rig Kontrol 3
"Native Instruments Service Center" = Native Instruments Service Center
"NVIDIA StereoUSB Driver" = NVIDIA 3D Vision Controller Driver
"NVIDIAStereo" = NVIDIA Stereoscopic 3D Driver
"PhotoshopdotcomInspirationBrowser.4C35C4D325D350FE0114230CBADCA2DDD0AC8D25.1" = Adobe Photoshop.com Inspiration Browser
"Pianoteq22" = Pianoteq v2.2.0
"PoiZone" = PoiZone
"PowerISO" = PowerISO
"PS3 Media Server" = PS3 Media Server
"ShoeBox" = ShoeBox
"shortcircuit" = shortcircuit
"SixaxisPairTool_is1" = SixaxisPairTool 0.2.5
"SONAR85Producer_x64_is1" = SONAR 8.5 Producer x64
"SpeedBit Video Accelerator" = SpeedBit Video Accelerator
"Stellar Phoenix Photo Recovery_is1" = Stellar Phoenix Photo Recovery
"Toxic Biohazard" = Toxic Biohazard
"VTechDownloadManager" = Learning Lodge™
 
[color=#E56717]========== HKEY_CURRENT_USER Uninstall List ==========[/color]
 
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"Spotify" = Spotify
"UnityWebPlayer" = Unity Web Player
 
[color=#E56717]========== Last 20 Event Log Errors ==========[/color]
 
[ Application Events ]
Error - 1/21/2015 2:31:17 AM | Computer Name = Studio-PC | Source = NvStreamSvc | ID = 131073
Description = 
 
Error - 1/21/2015 2:31:22 AM | Computer Name = Studio-PC | Source = NvStreamSvc | ID = 131073
Description = 
 
Error - 1/21/2015 1:24:55 PM | Computer Name = Studio-PC | Source = NvStreamSvc | ID = 131073
Description = 
 
Error - 1/21/2015 1:25:17 PM | Computer Name = Studio-PC | Source = NvStreamSvc | ID = 131073
Description = 
 
Error - 1/21/2015 1:25:28 PM | Computer Name = Studio-PC | Source = NvStreamSvc | ID = 131073
Description = 
 
Error - 1/21/2015 1:25:33 PM | Computer Name = Studio-PC | Source = NvStreamSvc | ID = 131073
Description = 
 
Error - 1/21/2015 1:25:38 PM | Computer Name = Studio-PC | Source = NvStreamSvc | ID = 131073
Description = 
 
Error - 1/21/2015 1:25:38 PM | Computer Name = Studio-PC | Source = NvStreamSvc | ID = 131073
Description = 
 
Error - 1/21/2015 1:26:19 PM | Computer Name = Studio-PC | Source = Application Error | ID = 1000
Description = Faulting application name: DivXUpdate.exe, version: 1.0.6.15, time
 stamp: 0x4e31ebcf  Faulting module name: netprofm.dll_unloaded, version: 0.0.0.0,
 time stamp: 0x4a5bda75  Exception code: 0xc0000005  Fault offset: 0x5e082505  Faulting
 process id: 0x1a14  Faulting application start time: 0x01d034d25d166670  Faulting application
 path: C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe  Faulting module path:
 netprofm.dll  Report Id: 9c434930-a192-11e4-81db-90e6ba6567a5
 
Error - 1/21/2015 2:30:16 PM | Computer Name = Studio-PC | Source = System Restore | ID = 8193
Description = 
 
Error - 1/21/2015 6:38:06 PM | Computer Name = Studio-PC | Source = Microsoft-Windows-CAPI2 | ID = 513
Description = Cryptographic Services failed while processing the OnIdentity() call
 in the System Writer Object.  Details: AddLegacyDriverFiles: Unable to back up image
 of binary Tpkd.  System Error: The system cannot find the file specified.  .
 
[ System Events ]
Error - 1/18/2015 10:38:07 PM | Computer Name = Studio-PC | Source = Service Control Manager | ID = 7023
Description = The BlueStacks Android Service service terminated with the following
 error:   %%1064
 
Error - 1/20/2015 3:57:19 AM | Computer Name = Studio-PC | Source = Microsoft-Windows-HAL | ID = 12
Description = The platform firmware has corrupted memory across the previous system
 power transition.  Please check for updated firmware for your system.
 
Error - 1/20/2015 12:57:32 PM | Computer Name = Studio-PC | Source = Service Control Manager | ID = 7034
Description = The SpeedBit Update service terminated unexpectedly.  It has done 
this 1 time(s).
 
Error - 1/21/2015 2:12:39 PM | Computer Name = Studio-PC | Source = DCOM | ID = 10010
Description = 
 
Error - 1/21/2015 3:34:37 PM | Computer Name = Studio-PC | Source = Microsoft Antimalware | ID = 2001
Description = %%860 has encountered an error trying to update signatures.     New Signature
 Version:      Previous Signature Version: 1.191.2930.0     Update Source: %%859     Update Stage:
 %%854     Source Path: http://www.microsoft.com     Signature Type: %%800     Update Type: %%803

	User:
 NT AUTHORITY\SYSTEM     Current Engine Version:      Previous Engine Version: 1.1.11302.0

	Error
 code: 0x80070643     Error description: Fatal error during installation. 
 
Error - 1/21/2015 3:39:50 PM | Computer Name = Studio-PC | Source = Microsoft-Windows-WindowsUpdateClient | ID = 20
Description = Installation Failure: Windows failed to install the following update
 with error 0x80070643: Definition Update for Microsoft Security Essentials - KB2310138
 (Definition 1.191.2937.0).
 
Error - 1/21/2015 4:45:34 PM | Computer Name = Studio-PC | Source = Service Control Manager | ID = 7031
Description = The Windows Search service terminated unexpectedly.  It has done this
 1 time(s).  The following corrective action will be taken in 30000 milliseconds:
 Restart the service.
 
Error - 1/21/2015 4:48:21 PM | Computer Name = Studio-PC | Source = Service Control Manager | ID = 7031
Description = The Windows Media Player Network Sharing Service service terminated
 unexpectedly.  It has done this 1 time(s).  The following corrective action will
 be taken in 30000 milliseconds: Restart the service.
 
Error - 1/21/2015 6:06:53 PM | Computer Name = Studio-PC | Source = Service Control Manager | ID = 7034
Description = The BlueStacks Log Rotator Service service terminated unexpectedly.
  It has done this 1 time(s).
 
Error - 1/21/2015 6:06:56 PM | Computer Name = Studio-PC | Source = Service Control Manager | ID = 7034
Description = The BlueStacks Updater Service service terminated unexpectedly.  It
 has done this 1 time(s).
 
 
< End of report >
 

Any help or advice would be greatly appreciated. 


Edited by Iic400, 21 January 2015 - 05:56 PM.

  • 0

Advertisements


#2
RKinner

RKinner

    Malware Expert

  • Expert
  • 24,598 posts
  • MVP

What make and model is this PC?  We may need to try and find a newer version of the BIOS.

 

MS says this error:

 

Error - 1/20/2015 3:57:19 AM | Computer Name = Studio-PC | Source = Microsoft-Windows-HAL | ID = 12
Description = The platform firmware has corrupted memory across the previous system
power transition
. Please check for updated firmware for your system.

 

 

is probably caused by a bad BIOS but since it's memory related let's run the built-in memory test:

 

http://www.sevenforu...stics-tool.html

 

to rule that out.

 

Then let's check the hard drive:

 

1. Double-click My Computer, and then right-click the hard disk that you want to check. C:
2. Click Properties, and then click Tools.
3. Under Error-checking, click Check Now. A dialog box that shows the Check disk options is displayed,
4. Check both boxes and then click Start.
You will receive the following message:
The disk check could not be performed because the disk check utility needs exclusive access to some Windows files on the disk. These files can be accessed by restarting Windows. Do you want to schedule the disk check to occur the next time you restart the computer?
Click Yes to schedule the disk check, but don't restart yet.
 
Right click on (My) Computer and select Manage (Continue) Then the Event Viewer. Next select Windows Logs.  Right click on System and Clear Log, Clear. Repeat for Application. Reboot. The disk check will run and will probably take an hour or more to finish.
 
 
Start, All Programs, Accessories then right click on Command Prompt and Run as Administrator.  Then type (with an Enter after each line).
 
sfc /scannow
 
(SPACE after sfc.  This will check your critical system files. Does this finish without complaint?

 IF it says it couldn't fix everything then:


  Copy the next two lines:


  findstr  /c:"[SR]"  \windows\logs\cbs\cbs.log  >  \windows\logs\cbs\junk.txt 
  notepad \windows\logs\cbs\junk.txt 


  Start, All Programs, Accessories, right click on Command Prompt and Run as Administrator, Continue.  Right click and Paste or Edit then Paste and the copied line should appear.
  Hit Enter if notepad does not open.  Copy and paste the text from notepad into a reply.  Close notepad.  Close the Command Window.

In either case continue with:

 
 
1. Please download the Event Viewer Tool by Vino Rosso
and save it to your Desktop:
2. Right-click VEW.exe and Run AS Administrator
3. Under 'Select log to query', select:
 
* System
4. Under 'Select type to list', select:
* Error
* Warning
 
 
Then use the 'Number of events' as follows:
 
 
1. Click the radio button for 'Number of events'
Type 20 in the 1 to 20 box
Then click the Run button.
Notepad will open with the output log.

 

Then run Speccy 

 

Get the free version of Speccy:
 
http://www.filehippo...download_speccy  (Look in the upper right for the Download
Latest Version button  - Do NOT press the large Start Download button on the upper left!)  Download, Save and Install it.  Run Speccy.  When it finishes (the little icon in the bottom left will stop moving), File, Save as Text File,  (to your desktop) note the name it gives. OK.  Open the file in notepad and delete the line that gives the serial number of your Operating System.  (It will be near the top about 10 lines down.) Attach the file to your next post.  Uninstall Speccy.
 
 
Now we will check to see if something is slowing it down:
 
Get Process Explorer
 
Save it to your desktop then run it (Vista or Win7 - right click and Run As Administrator).  
 
View, Select Column, check Verified Signer, OK
Options, Verify Image Signatures
 
 
Click twice on the CPU column header  to sort things by CPU usage with the big hitters at the top.  
 
Wait a full minute then:
 
File, Save As, Save.  Open the file Procexp.txt on your desktop and copy and paste the text to a reply.
 

  • 0






Similar Topics

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP