Jump to content

Welcome to Geeks to Go - Register now for FREE

Geeks To Go is a helpful hub, where thousands of volunteer geeks quickly serve friendly answers and support. Check out the forums and get free advice from the experts. Register now to gain access to all of our features, it's FREE and only takes one minute. Once registered and logged in, you will be able to create topics, post replies to existing threads, give reputation to your fellow members, get your own private messenger, post status updates, manage your profile and so much more.

Create Account How it Works
Photo

Slow Internet pages-runs hot-won't reboot [Solved]

slow internet *32 programs wont shut down

  • This topic is locked This topic is locked

#1
Dougrbi

Dougrbi

    Member

  • Member
  • PipPip
  • 57 posts

I have a samsung laptop using Windows 7 64 bit. I continue to have an issue using the internet, the web pages run very slow regardless of what I'm looking at. It oftern hangs with a Script error. When using the internet the laptop heats up pretty extensivly. Looking at my tasks list it shows all kinds of processes running at *32. It still runs hot when I the internet is just sitting and I'm not changing pages and Taskmanager says I'm only using 1-5% CPU.

 

A couple of other notes that may have a berring. When I shut down the laptop, by using the shut down or rebood option, I always get a pop up that says a program needs to close but it doesn't show the program. I force stop it and then the screen shuts down but the laptop itself will not shut down or re-start, I have to hard boot it my hold the power button.

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version:11-07-2015
Ran by Home (administrator) on HOME-PC on 11-07-2015 11:04:06
Running from C:\Users\Home\Downloads
Loaded Profiles: Home (Available Profiles: Home)
Platform: Windows 7 Home Premium Service Pack 1 (X64) OS Language: English (United States)
Internet Explorer Version 11 (Default browser: FF)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo...very-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(AMD) C:\Windows\System32\atiesrxx.exe
(AMD) C:\Windows\System32\atieclxx.exe
(Avast Software s.r.o.) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(Advanced Micro Devices, Inc.) C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Atheros Commnucations) C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe
(Atheros Commnucations) C:\Program Files (x86)\Bluetooth Suite\AthBtTray.exe
(AMD) C:\Program Files (x86)\ATI Technologies\HydraVision\HydraDM.exe
(CyberLink Corp.) C:\Program Files (x86)\CyberLink\Media+Player10\Media+Player10Serv.exe
(CyberLink) C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvc.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Office\Office14\ONENOTEM.EXE
() C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Apple Inc.) C:\Program Files (x86)\iTunes\iTunesHelper.exe
(AMD) C:\Program Files (x86)\ATI Technologies\HydraVision\HydraDM64.exe
(Atheros) C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe
(SAMSUNG ELECTRONICS CO., Ltd.) C:\Program Files (x86)\Samsung\Easy Software Manager\SWMAgent.exe
(Microsoft Corporation) C:\Windows\System32\GWX\GWX.exe
(Samsung Electronics Co., Ltd.) C:\Program Files (x86)\Samsung\Easy Settings\SmartSetting.exe
(Samsung Electronics Co., Ltd.) C:\Program Files (x86)\Samsung\Easy Settings\MovieColorEnhancer.exe
(Samsung Electronics Co., Ltd.) C:\Program Files (x86)\Samsung\Easy Settings\dmhkcore.exe
(Samsung Electronics) C:\Program Files (x86)\Samsung\Easy Settings\EasySpeedUpManager.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Coupons.com Inc.) C:\Program Files (x86)\Coupons\CouponPrinterService.exe
() C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe
(Syntek America Inc.) C:\Windows\System32\StkCSrv.exe
(Ulead Systems, Inc.) C:\Program Files (x86)\Common Files\Ulead Systems\DVD\ULCDRSvr.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe
(Microsoft Corporation) C:\Program Files (x86)\Common Files\microsoft shared\Virtualization Handler\CVHSVC.EXE
(SEC) C:\Program Files (x86)\Samsung\Samsung Recovery Solution 5\WCScheduler.exe
(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
(SAMSUNG Electronics) C:\Program Files (x86)\Samsung\Easy Support Center\SSCKbdHk.exe
(Avast Software s.r.o.) C:\Program Files\AVAST Software\Avast\AvastUI.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(ATI Technologies Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_18_0_0_203.exe
(Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_18_0_0_203.exe
(Farbar) C:\Users\Home\Downloads\FRST64(1).exe


==================== Registry (Whitelisted) ==================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [12666984 2011-08-09] (Realtek Semiconductor)
HKLM\...\Run: [AtherosBtStack] => C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe [791200 2011-07-15] (Atheros Commnucations)
HKLM\...\Run: [AthBtTray] => C:\Program Files (x86)\Bluetooth Suite\AthBtTray.exe [657568 2011-07-15] (Atheros Commnucations)
HKLM-x32\...\Run: [RemoteControl10] => C:\Program Files (x86)\CyberLink\Media+Player10\Media+Player10Serv.exe [87336 2010-09-19] (CyberLink Corp.)
HKLM-x32\...\Run: [CLMLServer] => C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvc.exe [103720 2009-11-01] (CyberLink)
HKLM-x32\...\Run: [APSDaemon] => C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [43848 2014-02-12] (Apple Inc.)
HKLM-x32\...\Run: [UVS10 Preload] => C:\Program Files (x86)\Ulead Systems\Ulead VideoStudio SE DVD\uvPL.exe [36864 2006-08-09] (Ulead Systems, Inc.)
HKLM-x32\...\Run: [DivXUpdate] => C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe [1259376 2011-07-28] ()
HKLM-x32\...\Run: [iTunesHelper] => C:\Program Files (x86)\iTunes\iTunesHelper.exe [152392 2014-02-21] (Apple Inc.)
HKLM-x32\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvastUI.exe [5515496 2015-06-14] (Avast Software s.r.o.)
HKLM-x32\...\Run: [StartCCC] => C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\amd64\CLIStart.exe [767200 2014-04-17] (Advanced Micro Devices, Inc.)
HKLM-x32\...\Run: [] => [X]
HKLM-x32\...\Run: [Razer Synapse] => "C:\Program Files (x86)\Razer\Synapse\RzSynapse.exe"
HKU\S-1-5-21-334125316-4088546140-4129291110-1000\...\Run: [HydraVisionDesktopManager] => C:\Program Files (x86)\ATI Technologies\HydraVision\HydraDM.exe [1967616 2014-04-17] (AMD)
HKU\S-1-5-21-334125316-4088546140-4129291110-1000\...\MountPoints2: {b56f25e4-b1de-11e2-a04a-e81132e57328} - F:\iStudio.exe
HKU\S-1-5-21-334125316-4088546140-4129291110-1000\Control Panel\Desktop\\SCRNSAVE.EXE ->
AppInit_DLLs-x32: c:\progra~3\bprote~1\22463~1.83\protec~1.dll => "c:\progra~3\bprote~1\22463~1.83\protec~1.dll" File not found
Startup: C:\Users\Home\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OneNote 2010 Screen Clipper and Launcher.lnk [2013-05-14]
ShortcutTarget: OneNote 2010 Screen Clipper and Launcher.lnk -> C:\Program Files (x86)\Microsoft Office\Office14\ONENOTEM.EXE (Microsoft Corporation)
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll [2015-06-14] (Avast Software s.r.o.)

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = https://www.yahoo.co...ast&type=agc511
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = https://search.yahoo...p={searchTerms}
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL =
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL =
HKU\S-1-5-21-334125316-4088546140-4129291110-1000\Software\Microsoft\Internet Explorer\Main,Search Page = https://search.yahoo...p={searchTerms}
HKU\S-1-5-21-334125316-4088546140-4129291110-1000\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.yahoo.co...ast&type=agc511
HKU\S-1-5-21-334125316-4088546140-4129291110-1000\Software\Microsoft\Internet Explorer\Main,Search Bar = https://www.yahoo.co...ast&type=agc511
URLSearchHook: HKU\S-1-5-21-334125316-4088546140-4129291110-1000 - (No Name) - {cdf97ee2-ded0-4369-835e-99dd08225fa5} - No File
SearchScopes: HKLM-x32 -> DefaultScope {9CB96984-43C3-4D44-90EF-01466EFCF7BB} URL = https://search.yahoo...p={searchTerms}
SearchScopes: HKLM-x32 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = http://www.bing.com/...rc=IE-SearchBox
SearchScopes: HKLM-x32 -> {9CB96984-43C3-4D44-90EF-01466EFCF7BB} URL = https://search.yahoo...p={searchTerms}
SearchScopes: HKU\.DEFAULT -> {0DCA4611-4A6A-405A-9390-AE8AE05D1117} URL =
SearchScopes: HKU\.DEFAULT -> {483830EE-A4CD-4b71-B0A3-3D82E62A6909} URL =
SearchScopes: HKU\S-1-5-21-334125316-4088546140-4129291110-1000 -> DefaultScope {9CB96984-43C3-4D44-90EF-01466EFCF7BB} URL = https://search.yahoo...p={searchTerms}
SearchScopes: HKU\S-1-5-21-334125316-4088546140-4129291110-1000 -> {4A65902A-94AB-4445-B7D1-71CB4661223D} URL = http://www.search.as...rms}&psv=&pt=tb
SearchScopes: HKU\S-1-5-21-334125316-4088546140-4129291110-1000 -> {9CB96984-43C3-4D44-90EF-01466EFCF7BB} URL = https://search.yahoo...p={searchTerms}
SearchScopes: HKU\S-1-5-21-334125316-4088546140-4129291110-1000 -> {DECA3892-BA8F-44b8-A993-A466AD694AE4} URL = http://search.yahoo....erms}&fr=mkg028
BHO: SteadyVideoBHO Class -> {6C680BAE-655C-4E3D-8FC4-E6A520C3D928} -> C:\Program Files\AMD\SteadyVideo\SteadyVideo.dll [2012-02-14] (Advanced Micro Devices)
BHO: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll [2015-06-14] (Avast Software s.r.o.)
BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2010-09-20] (Microsoft Corp.)
BHO: Skype add-on for Internet Explorer -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll [2013-05-14] (Skype Technologies S.A.)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL [2013-03-06] (Microsoft Corporation)
BHO-x32: No Name -> {02478D38-C3F9-4efb-9B51-7695ECA05670} ->  No File
BHO-x32: SteadyVideoBHO Class -> {6C680BAE-655C-4E3D-8FC4-E6A520C3D928} -> C:\Program Files (x86)\amd\SteadyVideo\SteadyVideo.dll [2012-02-14] (Advanced Micro Devices)
BHO-x32: No Name -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} ->  No File
BHO-x32: CIESpeechBHO Class -> {8D10F6C4-0E01-4BD4-8601-11AC1FDF8126} -> C:\Program Files (x86)\Bluetooth Suite\IEPlugIn.dll [2011-07-15] (Atheros Commnucations)
BHO-x32: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2015-06-14] (Avast Software s.r.o.)
BHO-x32: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2010-09-20] (Microsoft Corp.)
BHO-x32: WinZip Courier BHO -> {A8FB70FA-0FDF-4601-9DC4-BFA1B357204F} -> C:\Program Files (x86)\WinZip Courier\wzwmcie.dll [2011-10-21] (WinZip Computing, S.L.)
BHO-x32: Skype Browser Helper -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll [2013-05-14] (Skype Technologies S.A.)
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL [2013-03-06] (Microsoft Corporation)
BHO-x32: Java™ Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll No File
Toolbar: HKLM - avast! WebRep - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} -  No File
Toolbar: HKLM-x32 - No Name - {cdf97ee2-ded0-4369-835e-99dd08225fa5} -  No File
Toolbar: HKU\S-1-5-21-334125316-4088546140-4129291110-1000 -> No Name - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} -  No File
Toolbar: HKU\S-1-5-21-334125316-4088546140-4129291110-1000 -> No Name - {CDF97EE2-DED0-4369-835E-99DD08225FA5} -  No File
DPF: HKLM-x32 {67DABFBF-D0AB-41FA-9C46-CC0F21721616} http://download.divx...owserPlugin.cab
DPF: HKLM-x32 {784797A8-342D-4072-9486-03C8D0F2F0A1} http://www.battlefie...r_5.0.137.0.cab
DPF: HKLM-x32 {BEA7310D-06C4-4339-A784-DC3804819809} http://mywayphotos.r...veX_Control.cab
Handler-x32: amisie - {183A003A-3D01-4E94-A2C5-AD0108C68370} - C:\Program Files (x86)\AMIS\IeDtbPlugin.dll [2011-11-18] (TODO: <Company name>)
Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll [2013-05-14] (Skype Technologies S.A.)
Handler-x32: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll [2013-05-14] (Skype Technologies S.A.)
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll [2014-05-02] (Skype Technologies)
Filter: video/mp4 - {20C75730-7C25-476B-95DC-C65810F9E489} - C:\Program Files\AMD\SteadyVideo\VideoMIMEFilter.dll [2011-06-08] (Advanced Micro Devices)
Filter-x32: video/mp4 - {20C75730-7C25-476B-95DC-C65810F9E489} - C:\Program Files (x86)\amd\SteadyVideo\VideoMIMEFilter.dll [2011-06-08] (Advanced Micro Devices)
Filter: video/x-flv - {20C75730-7C25-476B-95DC-C65810F9E489} - C:\Program Files\AMD\SteadyVideo\VideoMIMEFilter.dll [2011-06-08] (Advanced Micro Devices)
Filter-x32: video/x-flv - {20C75730-7C25-476B-95DC-C65810F9E489} - C:\Program Files (x86)\amd\SteadyVideo\VideoMIMEFilter.dll [2011-06-08] (Advanced Micro Devices)
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{2285E1E2-9E54-4A84-89D4-31545250291B}: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{426C2543-89C8-4372-B79E-3158476DC50E}: [DhcpNameServer] 192.168.1.1

FireFox:
========
FF ProfilePath: C:\Users\Home\AppData\Roaming\Mozilla\Firefox\Profiles\1jsrj84y.default
FF Plugin: @adobe.com/FlashPlayer -> C:\windows\system32\Macromed\Flash\NPSWF64_18_0_0_203.dll [2015-07-08] ()
FF Plugin: @divx.com/DivX VOD Helper,version=1.0.0 -> C:\Program Files\DivX\DivX OVS Helper\npovshelper.dll [2011-06-20] (DivX, LLC.)
FF Plugin: @java.com/DTPlugin,version=10.6.2 -> C:\windows\system32\npDeployJava1.dll [2012-08-24] (Oracle Corporation)
FF Plugin: @microsoft.com/GENUINE -> disabled No File
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.40416.0\npctrl.dll [2015-04-16] ( Microsoft Corporation)
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\windows\SysWOW64\Macromed\Flash\NPSWF32_18_0_0_203.dll [2015-07-08] ()
FF Plugin-x32: @Apple.com/iTunes,version=1.0 -> C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll [2014-02-20] ()
FF Plugin-x32: @divx.com/DivX VOD Helper,version=1.0.0 -> C:\Program Files (x86)\DivX\DivX OVS Helper\npovshelper.dll [2011-06-20] (DivX, LLC.)
FF Plugin-x32: @microsoft.com/GENUINE -> disabled No File
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files (x86)\Microsoft Silverlight\5.1.40416.0\npctrl.dll [2015-04-15] ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL [2010-03-24] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2010-11-09] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3508.1109 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2010-11-09] (Microsoft Corporation)
FF Plugin-x32: @pandonetworks.com/PandoWebPlugin -> C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll No File
FF Plugin-x32: @raidcall.en/RCplugin -> C:\Users\Home\AppData\Roaming\raidcall\plugins\nprcplugin.dll [2014-03-10] (Raidcall)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.27.5\npGoogleUpdate3.dll [2015-05-15] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.27.5\npGoogleUpdate3.dll [2015-05-15] (Google Inc.)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2015-03-17] (Adobe Systems Inc.)
FF Plugin HKU\S-1-5-21-334125316-4088546140-4129291110-1000: @Skype Limited.com/Facebook Video Calling Plugin -> C:\Users\Home\AppData\Local\Facebook\Video\Skype\npFacebookVideoCalling.dll [2014-07-24] (Skype Limited)
FF Plugin HKU\S-1-5-21-334125316-4088546140-4129291110-1000: CouponNetwork.com/CMDUniversalCouponPrintActivator -> C:\Users\Home\AppData\Roaming\CATALI~2\NPBCSK~1.DLL [2013-06-07] (Catalina Marketing Corporation)
FF HKLM-x32\...\Firefox\Extensions: [[email protected]] - C:\Program Files\AVAST Software\Avast\WebRep\FF
FF Extension: Avast Online Security - C:\Program Files\AVAST Software\Avast\WebRep\FF [2012-08-04]

Chrome:
=======
CHR Profile: C:\Users\Home\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Google Docs) - C:\Users\Home\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2013-05-04]
CHR Extension: (Google Drive) - C:\Users\Home\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2013-05-04]
CHR Extension: (YouTube) - C:\Users\Home\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2013-05-04]
CHR Extension: (3D Graffiti) - C:\Users\Home\AppData\Local\Google\Chrome\User Data\Default\Extensions\cjabfebkdmghefegjmochekfnmiikkko [2013-12-11]
CHR Extension: (Google Search) - C:\Users\Home\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2013-05-04]
CHR Extension: (Nova Skin) - C:\Users\Home\AppData\Local\Google\Chrome\User Data\Default\Extensions\elehggeipnonifpmldkddlfckfmbmamo [2013-05-04]
CHR Extension: (Avast Online Security) - C:\Users\Home\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki [2015-01-11]
CHR Extension: (Chrome Hotword Shared Module) - C:\Users\Home\AppData\Local\Google\Chrome\User Data\Default\Extensions\lccekmodgklaepjeofjdjpbminllajkg [2015-03-12]
CHR Extension: (Skype Click to Call) - C:\Users\Home\AppData\Local\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl [2013-07-13]
CHR Extension: (Google Wallet) - C:\Users\Home\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2013-08-20]
CHR Extension: (Gmail) - C:\Users\Home\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2013-05-04]
CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx [2015-06-14]
CHR HKLM-x32\...\Chrome\Extension: [lifbcibllhkdhoafpjfnlhfpfgnpldfl] - C:\Program Files (x86)\Skype\Toolbars\Skype for Chromium\skype_chrome_extension.crx [2013-05-14]

==================== Services (Whitelisted) =================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 AMD FUEL Service; C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe [344064 2014-04-17] (Advanced Micro Devices, Inc.) [File not signed]
R2 Atheros Bt&Wlan Coex Agent; C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe [146592 2011-07-15] (Atheros) [File not signed]
S2 AtherosSvc; C:\Program Files (x86)\Bluetooth Suite\adminservice.exe [91296 2011-07-15] (Atheros Commnucations) [File not signed]
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [343336 2015-06-14] (Avast Software s.r.o.)
R2 CouponPrinterService; C:\Program Files (x86)\Coupons\CouponPrinterService.exe [177648 2014-09-05] (Coupons.com Inc.)
R2 HPSLPSVC; C:\Users\Home\AppData\Local\Temp\7zS0AC8\hpslpsvc64.dll [1039360 2011-11-14] (Hewlett-Packard Co.) [File not signed]
R2 RichVideo; C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe [244904 2009-12-01] () [File not signed]
R2 StkSSrv; C:\Windows\System32\StkCSrv.exe [24576 2007-02-12] (Syntek America Inc.)
R2 UleadBurningHelper; C:\Program Files (x86)\Common Files\Ulead Systems\DVD\ULCDRSvr.exe [49152 2006-09-28] (Ulead Systems, Inc.) [File not signed]
R2 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-26] (Microsoft Corporation)
U4 AvastVBoxSvc; C:\Program Files\AVAST Software\Avast\ng\vbox\AvastVBoxSVC.exe [X]

==================== Drivers (Whitelisted) ====================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 AODDriver4.3; C:\Program Files\ATI Technologies\ATI.ACE\Fuel\amd64\AODDriver2.sys [59616 2014-02-11] (Advanced Micro Devices)
R2 aswHwid; C:\Windows\system32\drivers\aswHwid.sys [29168 2015-06-14] ()
R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [89944 2015-06-14] (Avast Software s.r.o.)
R1 aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [93528 2015-06-14] (Avast Software s.r.o.)
R0 aswRvrt; C:\Windows\System32\Drivers\aswRvrt.sys [65736 2015-06-14] ()
R1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [1047320 2015-06-14] (Avast Software s.r.o.)
R1 aswSP; C:\Windows\system32\drivers\aswSP.sys [442264 2015-06-26] (Avast Software s.r.o.)
R2 aswStm; C:\Windows\system32\drivers\aswStm.sys [137288 2015-06-14] (Avast Software s.r.o.)
R0 aswVmm; C:\Windows\System32\Drivers\aswVmm.sys [272248 2015-06-14] ()
S3 rtport; C:\windows\SysWOW64\drivers\rtport.sys [15144 2011-11-17] (Windows ® 2003 DDK 3790 provider)
S3 rzendpt; C:\Windows\System32\DRIVERS\rzendpt.sys [39592 2014-09-04] (Razer Inc)
R2 SGDrv; C:\Windows\System32\DRIVERS\SGdrv64.sys [7680 2011-04-11] (Phoenix Technologies Ltd.)
S3 StkCMini; C:\Windows\System32\Drivers\StkCMini.sys [632704 2007-06-28] (Syntek)
S3 EagleX64; \??\C:\windows\system32\drivers\EagleX64.sys [X]
S3 MBAMSwissArmy; \??\C:\windows\system32\drivers\MBAMSwissArmy.sys [X]
U4 VBoxAswDrv; \??\C:\Program Files\AVAST Software\Avast\ng\vbox\VBoxAswDrv.sys [X]
S3 X6va008; \??\C:\windows\SysWOW64\Drivers\X6va008 [X]

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One Month Created files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2015-07-11 11:02 - 2015-07-11 11:02 - 02130944 _____ (Farbar) C:\Users\Home\Downloads\FRST64(1).exe
2015-07-06 16:02 - 2015-07-06 16:02 - 00000000 ___RD C:\Users\Home\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\BT Devices
2015-07-05 00:51 - 2015-07-06 18:02 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2015-07-04 10:23 - 2015-07-04 10:24 - 01125056 _____ (Adobe Systems Incorporated) C:\Users\Home\Downloads\flashplayer18_ga_install.exe
2015-06-18 06:01 - 2015-06-18 06:01 - 00000000 __SHD C:\found.000
2015-06-14 07:43 - 2015-06-14 07:43 - 00364472 _____ (Avast Software s.r.o.) C:\windows\system32\aswBoot.exe
2015-06-14 07:43 - 2015-06-14 07:43 - 00043112 _____ (Avast Software s.r.o.) C:\windows\avastSS.scr
2015-06-14 06:48 - 2015-06-14 06:48 - 00000000 ____D C:\Users\Home\AppData\Local\GWX
2015-06-14 06:20 - 2015-06-14 06:20 - 00000000 ____D C:\Users\Default\AppData\Roaming\AVAST Software
2015-06-14 06:20 - 2015-06-14 06:20 - 00000000 ____D C:\Users\Default User\AppData\Roaming\AVAST Software
2015-06-13 20:15 - 2015-05-01 06:17 - 00124112 _____ (Microsoft Corporation) C:\windows\system32\PresentationCFFRasterizerNative_v0300.dll
2015-06-13 20:15 - 2015-05-01 06:16 - 00102608 _____ (Microsoft Corporation) C:\windows\SysWOW64\PresentationCFFRasterizerNative_v0300.dll

==================== One Month Modified files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2015-07-11 11:04 - 2015-05-25 07:12 - 00023281 _____ C:\Users\Home\Downloads\FRST.txt
2015-07-11 11:04 - 2015-05-25 07:12 - 00000000 ____D C:\FRST
2015-07-11 10:54 - 2009-07-13 21:45 - 00028848 ____H C:\windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2015-07-11 10:54 - 2009-07-13 21:45 - 00028848 ____H C:\windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2015-07-11 10:49 - 2011-09-28 19:39 - 02007171 _____ C:\windows\WindowsUpdate.log
2015-07-11 10:48 - 2011-12-20 17:38 - 00000924 _____ C:\windows\Tasks\FacebookUpdateTaskUserS-1-5-21-334125316-4088546140-4129291110-1000UA.job
2015-07-11 10:25 - 2012-05-30 18:17 - 00000830 _____ C:\windows\Tasks\Adobe Flash Player Updater.job
2015-07-11 10:07 - 2013-05-04 10:33 - 00000898 _____ C:\windows\Tasks\GoogleUpdateTaskMachineUA.job
2015-07-11 05:07 - 2013-05-04 10:33 - 00000894 _____ C:\windows\Tasks\GoogleUpdateTaskMachineCore.job
2015-07-10 13:48 - 2011-12-20 17:38 - 00000902 _____ C:\windows\Tasks\FacebookUpdateTaskUserS-1-5-21-334125316-4088546140-4129291110-1000Core.job
2015-07-10 09:39 - 2012-08-04 21:37 - 00004182 _____ C:\windows\System32\Tasks\avast! Emergency Update
2015-07-08 18:28 - 2012-05-30 18:17 - 00778416 _____ (Adobe Systems Incorporated) C:\windows\SysWOW64\FlashPlayerApp.exe
2015-07-08 18:28 - 2012-05-30 18:17 - 00003768 _____ C:\windows\System32\Tasks\Adobe Flash Player Updater
2015-07-08 18:28 - 2011-12-27 18:52 - 00142512 _____ (Adobe Systems Incorporated) C:\windows\SysWOW64\FlashPlayerCPLApp.cpl
2015-07-07 15:18 - 2013-05-04 10:33 - 00002143 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2015-07-06 18:02 - 2012-06-28 17:19 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2015-07-06 16:00 - 2009-07-13 22:08 - 00000006 ____H C:\windows\Tasks\SA.DAT
2015-07-06 16:00 - 2009-07-13 21:51 - 00180314 _____ C:\windows\setupact.log
2015-07-04 10:26 - 2011-12-28 19:06 - 00000000 ____D C:\Users\Home\AppData\Local\Adobe
2015-06-29 10:23 - 2009-07-13 22:13 - 00801932 _____ C:\windows\system32\PerfStringBackup.INI
2015-06-26 07:43 - 2012-08-04 21:37 - 00442264 _____ (Avast Software s.r.o.) C:\windows\system32\Drivers\aswsp.sys
2015-06-24 03:12 - 2015-05-31 16:21 - 00003886 _____ C:\windows\System32\Tasks\Adobe Acrobat Update Task
2015-06-23 16:55 - 2009-07-13 20:20 - 00000000 ____D C:\windows\rescache
2015-06-23 13:30 - 2010-11-20 20:27 - 00300704 ____N (Microsoft Corporation) C:\windows\system32\MpSigStub.exe
2015-06-20 18:30 - 2011-12-20 17:34 - 00000000 ____D C:\Users\Home\AppData\Roaming\Skype
2015-06-20 10:32 - 2010-11-20 20:47 - 00900272 _____ C:\windows\PFRO.log
2015-06-17 05:27 - 2011-12-23 10:11 - 00000000 ____D C:\Users\Home\AppData\Local\CrashDumps
2015-06-17 05:21 - 2009-07-13 22:08 - 00032628 _____ C:\windows\Tasks\SCHEDLGU.TXT
2015-06-14 07:43 - 2014-04-23 19:32 - 00137288 _____ (Avast Software s.r.o.) C:\windows\system32\Drivers\aswStm.sys
2015-06-14 07:43 - 2014-04-23 19:32 - 00029168 _____ C:\windows\system32\Drivers\aswHwid.sys
2015-06-14 07:43 - 2014-04-23 19:28 - 00272248 _____ C:\windows\system32\Drivers\aswVmm.sys
2015-06-14 07:43 - 2014-04-23 19:28 - 00065736 _____ C:\windows\system32\Drivers\aswRvrt.sys
2015-06-14 07:43 - 2012-08-04 21:37 - 01047320 _____ (Avast Software s.r.o.) C:\windows\system32\Drivers\aswSnx.sys
2015-06-14 07:43 - 2012-08-04 21:37 - 00093528 _____ (Avast Software s.r.o.) C:\windows\system32\Drivers\aswRdr2.sys
2015-06-14 07:43 - 2012-08-04 21:37 - 00089944 _____ (Avast Software s.r.o.) C:\windows\system32\Drivers\aswMonFlt.sys
2015-06-14 06:51 - 2014-11-30 13:15 - 00000000 __SHD C:\Users\Home\AppData\Local\EmieBrowserModeList
2015-06-14 06:51 - 2014-06-20 17:19 - 00000000 __SHD C:\Users\Home\AppData\Local\EmieUserList
2015-06-14 06:51 - 2014-06-20 17:19 - 00000000 __SHD C:\Users\Home\AppData\Local\EmieSiteList
2015-06-14 06:47 - 2009-07-13 22:09 - 00000000 ____D C:\windows\System32\Tasks\WPD
2015-06-14 06:47 - 2009-07-13 21:57 - 00001547 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Media Player.lnk
2015-06-14 06:44 - 2012-05-19 10:47 - 00000000 ____D C:\Program Files\Microsoft Silverlight
2015-06-14 06:44 - 2012-05-19 10:47 - 00000000 ____D C:\Program Files (x86)\Microsoft Silverlight
2015-06-14 06:44 - 2009-07-13 21:45 - 00440728 _____ C:\windows\system32\FNTCACHE.DAT
2015-06-14 06:23 - 2015-04-04 05:36 - 00000000 ___SD C:\windows\SysWOW64\GWX
2015-06-14 06:23 - 2015-04-04 05:36 - 00000000 ___SD C:\windows\system32\GWX
2015-06-14 06:23 - 2014-12-11 04:38 - 00000000 ____D C:\windows\system32\appraiser
2015-06-14 06:23 - 2014-04-30 03:01 - 00000000 ___SD C:\windows\system32\CompatTel
2015-06-14 06:23 - 2011-09-28 19:11 - 00000000 ____D C:\Program Files\Windows Journal
2015-06-14 06:23 - 2009-07-13 20:20 - 00000000 ____D C:\windows\system32\AdvancedInstallers
2015-06-14 06:22 - 2009-07-13 20:20 - 00000000 ____D C:\windows\PolicyDefinitions
2015-06-13 21:29 - 2011-12-23 11:21 - 00818628 _____ C:\windows\SysWOW64\PerfStringBackup.INI
2015-06-13 21:28 - 2011-12-23 11:21 - 00000000 ____D C:\Program Files (x86)\Microsoft Application Virtualization Client
2015-06-13 21:05 - 2012-02-16 20:17 - 00000000 ____D C:\ProgramData\Microsoft Help
2015-06-13 20:50 - 2013-07-21 03:00 - 00000000 ____D C:\windows\system32\MRT
2015-06-13 20:14 - 2012-05-19 10:48 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight

==================== Files in the root of some directories =======

2014-09-30 16:45 - 2014-09-30 16:45 - 0893239 _____ () C:\Users\Home\AppData\Local\a.zip
2014-09-30 16:45 - 2014-09-30 16:45 - 2162416 _____ (Catalina Marketing Corp) C:\Users\Home\AppData\Local\BcsKtYcHW.dll
2013-02-10 17:47 - 2013-02-10 17:47 - 0003584 _____ () C:\Users\Home\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2013-01-28 19:22 - 2013-01-28 19:22 - 0000092 _____ () C:\Users\Home\AppData\Local\fusioncache.dat
2011-09-28 18:09 - 2011-09-28 18:09 - 0000109 _____ () C:\ProgramData\{1FBF6C24-C1FD-4101-A42B-0C564F9E8E79}.log
2011-09-28 18:02 - 2011-09-28 18:03 - 0000113 _____ () C:\ProgramData\{34FBC7C4-CD31-4D93-A428-0E524EAC4586}.log
2011-09-28 18:06 - 2011-09-28 18:07 - 0000105 _____ () C:\ProgramData\{40BF1E83-20EB-11D8-97C5-0009C5020658}.log
2011-09-28 18:03 - 2011-09-28 18:06 - 0000106 _____ () C:\ProgramData\{80E158EA-7181-40FE-A701-301CE6BE64AB}.log
2011-09-28 18:07 - 2011-09-28 18:09 - 0000110 _____ () C:\ProgramData\{CB099890-1D5F-11D5-9EA9-0050BAE317E1}.log

Some files in TEMP:
====================
C:\Users\Home\AppData\Local\Temp\14-4-mobility-win7-win8-win8.1-64-dd-ccc-whql.exe
C:\Users\Home\AppData\Local\Temp\bdfilters.dll
C:\Users\Home\AppData\Local\Temp\Couponscom.exe
C:\Users\Home\AppData\Local\Temp\DivXInstaller.exe
C:\Users\Home\AppData\Local\Temp\fp_pl_pfs_installer.exe
C:\Users\Home\AppData\Local\Temp\htmlayout.dll
C:\Users\Home\AppData\Local\Temp\jansi-32-git-Bukkit-1.3.1-R2.0-b2340jnks.dll
C:\Users\Home\AppData\Local\Temp\jansi-64-git-Bukkit-1.3.1-R1.0-b2320jnks.dll
C:\Users\Home\AppData\Local\Temp\jansi-64-git-Bukkit-1.3.1-R2.0-b2340jnks.dll
C:\Users\Home\AppData\Local\Temp\jre-7u13-windows-i586-iftw.exe
C:\Users\Home\AppData\Local\Temp\jre-7u5-windows-i586-iftw.exe
C:\Users\Home\AppData\Local\Temp\PCCheckupInstaller.exe
C:\Users\Home\AppData\Local\Temp\raptrpatch.exe
C:\Users\Home\AppData\Local\Temp\raptr_stub.exe
C:\Users\Home\AppData\Local\Temp\SkypeSetup.exe
C:\Users\Home\AppData\Local\Temp\swt-win32-3349.dll
C:\Users\Home\AppData\Local\Temp\tbappb.dll
C:\Users\Home\AppData\Local\Temp\uninst1.exe
C:\Users\Home\AppData\Local\Temp\uninstall15280609.exe
C:\Users\Home\AppData\Local\Temp\Uninstaller-4176.exe
C:\Users\Home\AppData\Local\Temp\Uninstaller-5156.exe
C:\Users\Home\AppData\Local\Temp\Uninstaller-6852.exe
C:\Users\Home\AppData\Local\Temp\xmlUpdater.exe


==================== Bamital & volsnap Check =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed


LastRegBack: 2015-07-10 11:50

==================== End of log ============================

Additional scan result of Farbar Recovery Scan Tool (x64) Version:11-07-2015
Ran by Home at 2015-07-11 11:05:50
Running from C:\Users\Home\Downloads
Boot Mode: Normal
==========================================================


==================== Accounts: =============================

Administrator (S-1-5-21-334125316-4088546140-4129291110-500 - Administrator - Disabled)
ASPNET (S-1-5-21-334125316-4088546140-4129291110-1005 - Limited - Enabled)
Guest (S-1-5-21-334125316-4088546140-4129291110-501 - Limited - Disabled)
Home (S-1-5-21-334125316-4088546140-4129291110-1000 - Administrator - Enabled) => C:\Users\Home
HomeGroupUser$ (S-1-5-21-334125316-4088546140-4129291110-1002 - Limited - Enabled)

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: avast! Antivirus (Enabled - Up to date) {17AD7D40-BA12-9C46-7131-94903A54AD8B}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: avast! Antivirus (Enabled - Up to date) {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736}

==================== Installed Programs ======================

(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

„Windows Live Essentials“ (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
„Windows Live Mail“ (x32 Version: 15.4.3502.0922 - „Microsoft Corporation“) Hidden
„Windows Live Messenger“ (x32 Version: 15.4.3502.0922 - „Microsoft Corporation“) Hidden
„Windows Live“ fotogalerija (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Adobe Acrobat Reader DC (HKLM-x32\...\{AC76BA86-7AD7-1033-7B44-AC0F074E4100}) (Version: 15.007.20033 - Adobe Systems Incorporated)
Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 18.0.0.144 - Adobe Systems Incorporated)
Adobe Flash Player 18 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 18.0.0.203 - Adobe Systems Incorporated)
Adobe Flash Player 18 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 18.0.0.203 - Adobe Systems Incorporated)
Amazon Kindle (HKLM-x32\...\Amazon Kindle) (Version:  - Amazon)
AMD Catalyst Install Manager (HKLM\...\{3FAEEEBE-48F4-84C1-2B49-96AE73E67E3E}) (Version: 8.0.916.0 - Advanced Micro Devices, Inc.)
AMIS 3.1.3 (U.S. English) (HKLM-x32\...\AMIS) (Version: 3.1.3 - DAISY Consortium)
Apple Application Support (HKLM-x32\...\{AAC5D43E-816D-4C2D-8E51-55FFF35BE301}) (Version: 3.0.1 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{787136D2-F0F8-4625-AA3F-72D7795AC842}) (Version: 7.1.1.3 - Apple Inc.)
applicationupdater (HKU\S-1-5-21-334125316-4088546140-4129291110-1000\...\SOE-C:/Users/Home/AppData/Local/Sony Online Entertainment/ApplicationUpdater) (Version:  - Sony Online Entertainment)
Avast Free Antivirus (HKLM-x32\...\avast) (Version: 10.2.2218 - AVAST Software)
Bluetooth Win7 Suite (64) (HKLM\...\{230D1595-57DA-4933-8C4E-375797EBB7E1}) (Version: 7.3.0.120 - Atheros Communications)
Bonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 - Apple Inc.)
Catalina Savings Printer (HKLM-x32\...\{37331C16-3E97-4A20-80D8-BFB43AB0E2FB}) (Version: 1.0.0 - Catalina Marketing Corp) <==== ATTENTION
Coupon Printer for Windows (HKLM-x32\...\Coupon Printer for Windows5.0.1.2) (Version: 5.0.1.2 - Coupons.com Incorporated)
CyberLink Media Suite (HKLM-x32\...\InstallShield_{1FBF6C24-C1FD-4101-A42B-0C564F9E8E79}) (Version: 8.0.2227 - CyberLink Corp.)
CyberLink Media+ Player10 (HKLM-x32\...\InstallShield_{34FBC7C4-CD31-4D93-A428-0E524EAC4586}) (Version: 10.0.1110.00 - CyberLink Corp.)
CyberLink MediaShow (HKLM-x32\...\InstallShield_{80E158EA-7181-40FE-A701-301CE6BE64AB}) (Version: 5.0.1130a - CyberLink Corp.)
CyberLink Power2Go (HKLM-x32\...\InstallShield_{40BF1E83-20EB-11D8-97C5-0009C5020658}) (Version: 6.1.3802 - CyberLink Corp.)
CyberLink PowerDirector (HKLM-x32\...\InstallShield_{CB099890-1D5F-11D5-9EA9-0050BAE317E1}) (Version: 8.0.3306 - CyberLink Corp.)
CyberLink YouCam (HKLM-x32\...\InstallShield_{01FB4998-33C4-4431-85ED-079E3EEFE75D}) (Version: 3.1.4417 - CyberLink Corp.)
D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
Diablo III (HKLM-x32\...\Diablo III) (Version:  - Blizzard Entertainment)
Dota 2 (HKLM-x32\...\Steam App 570) (Version:  - Valve)
Easy File Share (HKLM-x32\...\{95BB7324-77D3-4BF3-8CF6-29F0857AC175}) (Version: 1.1.1699 - Samsung Electronics Co., Ltd.)
Easy Migration (HKLM-x32\...\{AD86049C-3D9C-43E1-BE73-643F57D83D50}) (Version: 1.0 - Samsung Electronics Co., Ltd.)
Easy Settings (HKLM-x32\...\{17283B95-21A8-4996-97DA-547A48DB266F}) (Version: 1.1 - Samsung Electronics Co., Ltd.)
Easy Software Manager (HKLM-x32\...\{DE256D8B-D971-456D-BC02-CB64DA24F115}) (Version: 1.1.44.25 - Samsung Electronics Co., Ltd.)
Easy Support Center 1.0 (HKLM-x32\...\{F687E657-F636-44DF-8125-9FEEA2C362F5}) (Version: 1.1.41 - Samsung)
Facebook Video Calling 3.1.0.521 (HKLM-x32\...\{2091F234-EB58-4B80-8C96-8EB78C808CF7}) (Version: 3.1.521 - Skype Limited)
Fotogalerija Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Fraps (HKLM-x32\...\Fraps) (Version:  - )
Galeria de Fotografias do Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Galería fotográfica de Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Galeria fotografii usługi Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Galerie de photos Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Galerie foto Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 43.0.2357.132 - Google Inc.)
Google Update Helper (x32 Version: 1.3.25.11 - Google Inc.) Hidden
Google Update Helper (x32 Version: 1.3.27.5 - Google Inc.) Hidden
HydraVision (x32 Version: 4.2.252.0 - Advanced Micro Devices, Inc.) Hidden
iSEEK AnswerWorks English Runtime (HKLM-x32\...\{18A8E78B-9EF2-496E-B310-BCD8E4C1DAB3}) (Version: 010.000.0101 - Vantage Linguistics)
iTunes (HKLM\...\{B8BA155B-1E75-405F-9CB4-8A99615D09DC}) (Version: 11.1.5.5 - Apple Inc.)
Junk Mail filter update (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Mesh Runtime (x32 Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Microsoft .NET Framework 1.1 (HKLM-x32\...\Microsoft .NET Framework 1.1  (1033)) (Version:  - )
Microsoft .NET Framework 4.5.2 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.51209 - Microsoft Corporation)
Microsoft Games for Windows - LIVE Redistributable (HKLM-x32\...\{832D9DE0-8AFC-4689-9819-4DBBDEBD3E4F}) (Version: 3.5.92.0 - Microsoft Corporation)
Microsoft Office Click-to-Run 2010 (HKLM-x32\...\Office14.Click2Run) (Version: 14.0.4763.1000 - Microsoft Corporation)
Microsoft Office Professional 2010 (HKLM-x32\...\Office14.SingleImage) (Version: 14.0.7015.1000 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.40416.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 (HKLM-x32\...\{770657D0-A123-3C07-8E44-1C83EC895118}) (Version: 8.0.50727.4053 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}) (Version: 8.0.59192 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64)) (Version: 10.0.50903 - Microsoft Corporation)
Microsoft XNA Framework Redistributable 4.0 (HKLM-x32\...\{2BFC7AA0-544C-4E3A-8796-67F3BE655BE9}) (Version: 4.0.20823.0 - Microsoft Corporation)
Minecraft (HKLM-x32\...\{02BAAFC5-4E16-42E6-A9F6-8DDE0B7ED3B8}) (Version: 1.0.0.0 - Mojang)
Mozilla Firefox 39.0 (x86 en-US) (HKLM-x32\...\Mozilla Firefox 39.0 (x86 en-US)) (Version: 39.0 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 35.0.1 - Mozilla)
MSXML 4.0 SP2 (KB954430) (HKLM-x32\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM-x32\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
NETGEAR Live Parental Controls Management Utility 2.1.6 (HKLM-x32\...\NETGEAR Live Parental Controls Management Utility) (Version: 2.1.6 - )
Notepad++ (HKLM-x32\...\Notepad++) (Version: 5.9.8 - )
NVIDIA PhysX (HKLM-x32\...\{3F5C371F-8EA2-4F25-9D3D-D0B4526E3AEA}) (Version: 9.10.0513 - NVIDIA Corporation)
Open Broadcaster Software (HKLM-x32\...\Open Broadcaster Software) (Version:  - )
Poczta usługi Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Podstawowe programy Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Pošta Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
puush (HKLM-x32\...\{C3592426-531E-4110-911D-BFECE2CE284B}) (Version: 1.0.0.0 - Dean Herbert)
Quicken 2012 (HKLM-x32\...\{0A1E0BDA-5E8F-436d-8BE5-7E97C5CB899D}) (Version: 21.1.7.18 - Intuit)
Quicken 2015 (HKLM-x32\...\{00C2D443-43D9-4550-ABEA-318288E23E57}) (Version: 24.1.8.1 - Intuit)
Raccolta foto di Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
RaidCall (HKLM-x32\...\RaidCall) (Version: 7.3.0-1.0.10926.49 - raidcall.com)
Razer Synapse 2.0 (HKLM-x32\...\{0D78BEE2-F8FF-4498-AF1A-3FF81CED8AC6}) (Version: 1.18.18.23036 - Razer Inc.)
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 7.45.516.2011 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6433 - Realtek Semiconductor Corp.)
Samsung Recovery Solution 5 (HKLM-x32\...\{145DE957-0679-4A2A-BB5C-1D3E9808FAB2}) (Version: 5.0.1.5 - Samsung)
Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{DE28B448-32E8-4E8F-84F0-A52B21A49B5B}) (Version:  - Microsoft)
Skype Click to Call (HKLM-x32\...\{B6CF2967-C81E-40C0-9815-C05774FEF120}) (Version: 6.9.12585 - Skype Technologies S.A.)
Skype™ 7.0 (HKLM-x32\...\{24991BA0-F0EE-44AD-9CC8-5EC50AECF6B7}) (Version: 7.0.102 - Skype Technologies S.A.)
Software Launcher (HKLM-x32\...\{B750B5C2-CC17-4967-905B-29F4EB986131}) (Version: 1.0.2 - Samsung)
StarCraft II (HKLM-x32\...\StarCraft II) (Version:  - Blizzard Entertainment)
Ulead VideoStudio SE DVD (HKLM-x32\...\{8F8D9297-FDD2-405A-97E7-E52C7B2F97B3}) (Version: 10.0 - Ulead Systems)
USB Video/Audio Device Driver (HKLM-x32\...\{3717C4F2-7412-4793-9BB8-D73D2817B3D6}) (Version: 1.00.0000 - EETI)
USB2.0 ATV (HKLM-x32\...\{3C873221-12B9-475D-8DCB-62D0B2179AF9}) (Version: 6.10.000.001 - Regulus)
USB2.0 ATV (HKLM-x32\...\USB2.0 ATV) (Version:  - )
USB2.0 Capture Device (HKLM-x32\...\{E337B156-DF81-48D8-8977-B1574EE87BCF}) (Version: 1.0.3.0 - )
User Guide (HKLM-x32\...\{BAE68339-B0F6-4D33-9554-5A3DB2DFF5DA}) (Version: 1.3 - )
VC80CRTRedist - 8.0.50727.6195 (x32 Version: 1.2.0 - DivX, Inc) Hidden
VLC media player (HKLM-x32\...\VLC media player) (Version: 2.2.1 - VideoLAN)
VoiceOver Kit (HKLM-x32\...\{6B4AD1A9-E73A-4184-9D6B-072F8A3C5EBA}) (Version: 1.42.128.0 - Apple Inc.)
Windows Live 程式集 (HKLM-x32\...\WinLiveSuite) (Version: 15.4.3508.1109 - Microsoft Corporation)
WinRAR 4.10 (32-bit) (HKLM-x32\...\WinRAR archiver) (Version: 4.10.0 - win.rar GmbH)
WinZip 16.0 (HKLM\...\{CD95F661-A5C4-44F5-A6AA-ECDD91C240CB}) (Version: 16.0.9691 - WinZip Computing, S.L. )
WinZip Courier (HKLM-x32\...\{CD95F661-A5C4-11AF-B2CC-ABCD21A325B8}) (Version: 3.5.9658 - WinZip Computing, S.L. )
Συλλογή φωτογραφιών του Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Основные компоненты Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Почта Windows Live (x32 Version: 15.4.3502.0922 - Корпорация Майкрософт) Hidden
Фотоальбом Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Фотогалерия на Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
גלריית התמונות של Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
بريد Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
معرض صور Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden

==================== Custom CLSID (Whitelisted): ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== Restore Points =========================

03-03-2015 06:13:25 Windows Update
04-03-2015 06:03:35 Windows Update
10-03-2015 05:26:19 Windows Update
12-03-2015 05:11:49 Windows Update
13-03-2015 11:03:15 Windows Update
17-03-2015 17:27:21 Windows Update
20-03-2015 19:32:42 Windows Update
21-03-2015 14:55:31 Removed Apple Software Update
24-03-2015 17:34:38 Windows Update
25-03-2015 05:12:28 Windows Update
31-03-2015 19:19:02 Windows Update
04-04-2015 05:34:14 Windows Update
07-04-2015 19:25:02 Windows Update
10-04-2015 20:26:21 Windows Update
14-04-2015 05:17:40 Windows Update
16-04-2015 05:12:50 Windows Update
16-04-2015 20:00:07 Windows Update
17-04-2015 05:20:52 Windows Update
21-04-2015 06:41:39 Windows Update
03-05-2015 07:59:54 Windows Update
11-05-2015 06:29:04 Windows Update
23-05-2015 13:03:19 Scheduled Checkpoint
24-05-2015 20:47:28 Removed Java 7 Update 6 (64-bit)
24-05-2015 20:49:47 Removed JavaFX 2.1.1
24-05-2015 20:50:55 Removed Java 7 Update 21
24-05-2015 20:52:37 Removed Java™ 6 Update 30
24-05-2015 20:54:25 Removed Java™ 7 Update 5 (64-bit)
13-06-2015 20:08:41 Windows Update
14-06-2015 07:40:53 avast! antivirus system restore point
23-06-2015 16:27:31 Windows Update
06-07-2015 05:42:09 Windows Update
11-07-2015 05:13:45 Windows Update

==================== Hosts content: ===============================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2009-07-13 19:34 - 2009-06-10 14:00 - 00000824 ____A C:\windows\system32\Drivers\etc\hosts

==================== Scheduled Tasks (Whitelisted) =============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {12BC5BF5-1D17-4751-A538-CC1CFD7750B7} - System32\Tasks\YourFile Update => C:\Program Files (x86)\YourFileDownloader\YourFileUpdater.exe <==== ATTENTION
Task: {19DE47E6-366D-4FF1-9620-8957A02DD489} - System32\Tasks\FacebookUpdateTaskUserS-1-5-21-334125316-4088546140-4129291110-1000UA => C:\Users\Home\AppData\Local\Facebook\Update\FacebookUpdate.exe [2012-07-11] (Facebook Inc.)
Task: {1EEA398A-C5AE-4FB1-B7B1-8B708D03C7E8} - System32\Tasks\SCCSpeedBoot => C:\Program Files (x86)\Samsung\Easy Settings\SCCSpeedBoot.exe [2011-08-22] (Samsung Electronics Co., Ltd.)
Task: {21C0EE2D-F666-49CE-8089-D233D08E966B} - System32\Tasks\SidebarExecute => C:\Program Files (x86)\Windows Sidebar\sidebar.exe [2010-11-20] (Microsoft Corporation)
Task: {27D867A0-697C-45F3-84A7-08B02204C2D3} - System32\Tasks\{1BBC2081-BB8B-4686-B78C-4549DA0E86CE} => Iexplore.exe http://ui.skype.com/...;page=tsInstall
Task: {2FD8CEE5-E78B-43E1-948D-2F9B517350C2} - System32\Tasks\advSRS5 => C:\Program Files (x86)\Samsung\Samsung Recovery Solution 5\WCScheduler.exe [2011-06-24] (SEC)
Task: {30ACE19C-ED19-404F-A67E-B14E0E269F40} - System32\Tasks\{FD274B06-E0BF-413F-A218-2703C5DDADED} => C:\Users\Home\Desktop\Diablo-III-Setup-enUS.exe
Task: {3D08CD9F-F111-4F5E-8903-ECCBA51CD9C8} - \RunAsStdUser Task No Task File <==== ATTENTION
Task: {430257C2-3A55-42E4-AB3B-103D51554063} - System32\Tasks\FacebookUpdateTaskUserS-1-5-21-334125316-4088546140-4129291110-1000Core => C:\Users\Home\AppData\Local\Facebook\Update\FacebookUpdate.exe [2012-07-11] (Facebook Inc.)
Task: {5FD8C8E3-F090-410A-BADB-6C07A3525834} - System32\Tasks\Easy Software Manager Agent => C:\Program Files (x86)\Samsung\Easy Software Manager\SWMAgent.exe [2012-03-16] (SAMSUNG ELECTRONICS CO., Ltd.)
Task: {62353BEC-6C8C-4270-BA69-578CB3D1C167} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2013-05-04] (Google Inc.)
Task: {692C3D2B-9928-4BD3-B09A-EA9E2A4153EF} - System32\Tasks\MirageAgent => C:\Program Files (x86)\CyberLink\YouCam\YCMMirage.exe [2011-08-17] (CyberLink)
Task: {709CA7D6-589C-479A-9623-341E889754C8} - System32\Tasks\{FA433B94-22D6-47E8-A166-485F797391E5} => C:\Users\Home\Documents\Colby work\Diablo-III-Setup-enUS.exe
Task: {7E5C8813-5627-4316-9EAB-D97E67027E69} - System32\Tasks\Adobe Flash Player Updater => C:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2015-07-08] (Adobe Systems Incorporated)
Task: {7F8ECCA7-BC41-46E3-AC11-7D606D0B25DC} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2015-06-12] (Adobe Systems Incorporated)
Task: {84729F5D-146C-472F-AE15-23A73DF7D73F} - System32\Tasks\SmartSetting => C:\Program Files (x86)\Samsung\Easy Settings\SmartSetting.exe [2011-09-06] (Samsung Electronics Co., Ltd.)
Task: {87EE47C4-DE91-46CE-A973-72668A25EF14} - System32\Tasks\SamsungSupportCenter => C:\Program Files (x86)\Samsung\Easy Support Center\SSCKbdHk.exe [2011-09-08] (SAMSUNG Electronics)
Task: {8FECA477-C977-4CAE-B2C8-2178417990B1} - System32\Tasks\{99EAFCAC-55CC-43DE-B9EE-8A613E0536CB} => C:\Users\Home\Documents\Colby work\Diablo-III-Setup-enUS.exe
Task: {9A34A057-179F-442C-B98C-2A0709B6595F} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2013-05-04] (Google Inc.)
Task: {9CEBB59C-DE68-4C02-B9C7-719A62B252F4} - System32\Tasks\EasyDisplayMgr => C:\Program Files (x86)\Samsung\Easy Settings\dmhkcore.exe [2011-09-06] (Samsung Electronics Co., Ltd.)
Task: {A68AB399-F127-49C7-831A-4766EB1A0ADB} - System32\Tasks\avast! Emergency Update => C:\Program Files\AVAST Software\Avast\AvastEmUpdate.exe [2015-06-18] (Avast Software s.r.o.)
Task: {B87476B7-9D7F-425A-B17F-FA6FD82A9145} - System32\Tasks\MovieColorEnhancer => C:\Program Files (x86)\Samsung\Easy Settings\MovieColorEnhancer.exe [2011-08-18] (Samsung Electronics Co., Ltd.)
Task: {E9B283B5-EE3F-4AAA-8011-4043840BE319} - System32\Tasks\EasySpeedUpManager => C:\Program Files (x86)\Samsung\Easy Settings\EasySpeedUpManager.exe [2011-09-27] (Samsung Electronics)
Task: {EBAB32D6-8D4C-4EA7-A2EB-1D664AAD45CA} - System32\Tasks\EasyBatteryManager => C:\Program Files (x86)\Samsung\Easy Settings\EBM\EasyBatteryMgr4.exe [2011-08-18] (SAMSUNG Electronics co., LTD.)
Task: {FB310930-4ADF-4D45-B788-6FEBA2E3B02E} - System32\Tasks\EasyPartitionManager => C:\Windows\MSetup\BA46-12225A02\EPM.exe
Task: {FED7BE1B-71D8-45D6-BCD5-F8DA7AADD105} - System32\Tasks\{97A2B22A-EF82-4BC0-9636-FDBDB10CDADC} => pcalua.exe -a "C:\Program Files (x86)\TeamSpeak 3 Client\package_inst.exe" -d C:\Users\Home\Downloads -c "C:\Users\Home\Downloads\BF3_ts3_skin.ts3_style"
Task: C:\windows\Tasks\Adobe Flash Player Updater.job => C:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\windows\Tasks\FacebookUpdateTaskUserS-1-5-21-334125316-4088546140-4129291110-1000Core.job => C:\Users\Home\AppData\Local\Facebook\Update\FacebookUpdate.exe
Task: C:\windows\Tasks\FacebookUpdateTaskUserS-1-5-21-334125316-4088546140-4129291110-1000UA.job => C:\Users\Home\AppData\Local\Facebook\Update\FacebookUpdate.exe
Task: C:\windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

==================== Loaded Modules (Whitelisted) ==============

2012-02-12 17:51 - 2012-01-09 20:44 - 00193536 _____ () C:\Program Files (x86)\WinRAR\rarext64.dll
2014-04-17 22:29 - 2014-04-17 22:29 - 00214528 _____ () C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Container.PerformanceTuning.dll
2014-02-11 07:08 - 2014-02-11 07:08 - 00817152 _____ () C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Device.dll
2014-02-11 07:08 - 2014-02-11 07:08 - 03650560 _____ () C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Platform.dll
2014-04-17 22:29 - 2014-04-17 22:29 - 00127488 _____ () C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Container.Wlan.dll
2011-07-28 16:08 - 2011-07-28 16:08 - 01259376 _____ () C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe
2011-09-28 18:06 - 2009-12-01 00:21 - 00244904 ____N () C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe
2014-04-17 22:29 - 2014-04-17 22:29 - 00102400 _____ () C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Proxy.Native.dll
2015-06-14 07:43 - 2015-06-14 07:43 - 00104400 _____ () C:\Program Files\AVAST Software\Avast\log.dll
2015-06-14 07:43 - 2015-06-14 07:43 - 00081728 _____ () C:\Program Files\AVAST Software\Avast\JsonRpcServer.dll
2015-07-06 05:06 - 2015-07-06 05:06 - 02956288 _____ () C:\Program Files\AVAST Software\Avast\defs\15070601\algo.dll
2015-07-07 05:17 - 2015-07-07 05:17 - 02956288 _____ () C:\Program Files\AVAST Software\Avast\defs\15070700\algo.dll
2015-07-11 10:08 - 2015-07-11 10:08 - 02956288 _____ () C:\Program Files\AVAST Software\Avast\defs\15071101\algo.dll
2009-11-01 22:20 - 2009-11-01 22:20 - 00619816 _____ () C:\Program Files (x86)\CyberLink\Power2Go\CLMediaLibrary.dll
2009-11-01 22:23 - 2009-11-01 22:23 - 00013096 _____ () C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvcPS.dll
2011-07-28 16:09 - 2011-07-28 16:09 - 00096112 _____ () C:\Program Files (x86)\DivX\DivX Update\DivXUpdateCheck.dll
2011-09-28 17:03 - 2011-02-16 09:03 - 00203776 _____ () C:\Program Files (x86)\Samsung\Easy Settings\WinCRT.dll
2014-02-12 20:58 - 2014-02-12 20:58 - 00073544 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll
2014-02-12 20:58 - 2014-02-12 20:58 - 01044808 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll
2011-09-28 17:03 - 2006-08-11 20:48 - 00049152 _____ () C:\Program Files (x86)\Samsung\Easy Settings\HookDllPS2.dll
2011-09-28 17:17 - 2010-05-07 07:22 - 01636864 _____ () C:\Program Files (x86)\Samsung\Samsung Recovery Solution 5\Resdll.dll
2015-06-14 07:43 - 2015-06-14 07:43 - 40540672 _____ () C:\Program Files\AVAST Software\Avast\libcef.dll
2015-07-08 18:28 - 2015-07-08 18:28 - 17418416 _____ () C:\windows\SysWOW64\Macromed\Flash\NPSWF32_18_0_0_203.dll

==================== Alternate Data Streams (Whitelisted) =========

(If an entry is included in the fixlist, only the ADS will be removed.)

AlternateDataStreams: C:\Users\Home\Documents\Anniversary 2013.jpeg:3or4kl4x13tuuug3Byamue2s4b
AlternateDataStreams: C:\Users\Home\Documents\Anniversary 2013.jpeg:{4c8cc155-6c1e-11d1-8e41-00c04fb9386d}
AlternateDataStreams: C:\Users\Home\Documents\Copy of Anniversary 2013.jpeg:3or4kl4x13tuuug3Byamue2s4b
AlternateDataStreams: C:\Users\Home\Documents\Copy of Anniversary 2013.jpeg:{4c8cc155-6c1e-11d1-8e41-00c04fb9386d}
AlternateDataStreams: C:\Users\Home\Documents\First aid card 2014 (2).jpg:3or4kl4x13tuuug3Byamue2s4b
AlternateDataStreams: C:\Users\Home\Documents\First aid card 2014 (2).jpg:{4c8cc155-6c1e-11d1-8e41-00c04fb9386d}
AlternateDataStreams: C:\Users\Home\Documents\HS diploma (2).jpg:3or4kl4x13tuuug3Byamue2s4b
AlternateDataStreams: C:\Users\Home\Documents\HS diploma (2).jpg:{4c8cc155-6c1e-11d1-8e41-00c04fb9386d}
AlternateDataStreams: C:\Users\Home\Documents\ParaPro Test (2).jpg:3or4kl4x13tuuug3Byamue2s4b
AlternateDataStreams: C:\Users\Home\Documents\ParaPro Test (2).jpg:{4c8cc155-6c1e-11d1-8e41-00c04fb9386d}

==================== Safe Mode (Whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)


==================== EXE Association (Whitelisted) ===============

(If an entry is included in the fixlist, the registry item will be restored to default or removed.)


==================== Internet Explorer trusted/restricted ===============

(If an entry is included in the fixlist, it will be removed from the registry.)

IE trusted site: HKU\.DEFAULT\...\clonewarsadventures.com -> clonewarsadventures.com
IE trusted site: HKU\.DEFAULT\...\freerealms.com -> freerealms.com
IE trusted site: HKU\.DEFAULT\...\soe.com -> soe.com
IE trusted site: HKU\.DEFAULT\...\sony.com -> sony.com


==================== Other Areas ============================

(Currently there is no automatic fix for this section.)

HKU\S-1-5-21-334125316-4088546140-4129291110-1000\Control Panel\Desktop\\Wallpaper -> C:\Users\Home\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
DNS Servers: 192.168.1.1

==================== MSCONFIG/TASK MANAGER disabled items ==

(Currently there is no automatic fix for this section.)


==================== FirewallRules (Whitelisted) ===============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [{56B2C0EC-1689-4295-8BB5-046CDBF17F88}] => (Allow) C:\Program Files (x86)\Windows Live\Contacts\wlcomm.exe
FirewallRules: [{9C762B49-15CF-49AB-97ED-098E2DBB1109}] => (Allow) LPort=2869
FirewallRules: [{5CC2F9F3-4720-4CFA-8ACA-92F786F2D4F6}] => (Allow) LPort=1900
FirewallRules: [{51261F48-3A30-4983-9CBD-2A6D76BAEE11}] => (Allow) C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe
FirewallRules: [{18C528A1-B5F7-4A47-8F2C-5DFED180D20E}] => (Allow) C:\Program Files (x86)\Windows Live\Mesh\MOE.exe
FirewallRules: [{21DECD02-71E8-40A2-BA6A-67D0BC265146}] => (Allow) C:\Program Files (x86)\CyberLink\Media+Player10\Media+Player10.exe
FirewallRules: [{81662B34-DE7C-4B3A-93F0-3BD7B06B06DF}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDirector\PDR8.EXE
FirewallRules: [{A4D0D664-C854-475F-B5FC-FFFA1942312A}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [{4B3F9F7F-5772-40B4-BD5C-E344CE7EC8E8}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{EA84A04B-B073-463A-B6E6-BDADABB44C12}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{871274A5-0D18-4406-8BA0-D814D8F4CB33}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{864C58A9-B4DC-438E-A219-B2BB594BB928}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{CEE0A4E7-F543-47D3-9F19-365420FAA424}] => (Allow) C:\Users\Home\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\AAV7HY4V\crossfire_downloader.exe
FirewallRules: [{97089F23-CFFC-4429-96EA-7DC88AC993B9}] => (Allow) C:\Users\Home\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\AAV7HY4V\crossfire_downloader.exe
FirewallRules: [{024222F9-0DED-435D-B75E-A168BC6C7BEA}] => (Allow) C:\Program Files (x86)\Z8Games\CrossFire\CF_G4box.exe
FirewallRules: [{5FD006D9-CB76-4716-BB07-30641E4E7487}] => (Allow) C:\Program Files (x86)\Z8Games\CrossFire\CF_G4box.exe
FirewallRules: [{91B37B3C-4BE5-48E4-84D4-8759274F3B39}] => (Allow) C:\Users\Home\AppData\Local\Temp\7zS0AC8\hppiw.exe
FirewallRules: [{C7736043-250D-4FE1-8E88-75BD85D505A7}] => (Allow) C:\Users\Home\AppData\Local\Temp\7zS0AC8\hppiw.exe
FirewallRules: [{4DEFF884-4039-4C50-A3BA-D091D67B9E6A}] => (Allow) C:\Users\Home\AppData\Local\Temp\7zS0D27\HPDiagnosticCoreUI.exe
FirewallRules: [{EDAA4923-7BEA-48D5-BBBE-A66C840CF745}] => (Allow) C:\Users\Home\AppData\Local\Temp\7zS0D27\HPDiagnosticCoreUI.exe
FirewallRules: [{19010AA4-C769-41F2-8E68-66A8FA814740}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.954\Agent.exe
FirewallRules: [{31DE17D0-714D-45B7-8A3A-346CA212F713}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.954\Agent.exe
FirewallRules: [{39F310E4-A845-4F4A-90AA-EB72E082E303}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.976\Agent.exe
FirewallRules: [{20C42B27-7235-4C5E-BA32-29A72715D6EB}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.976\Agent.exe
FirewallRules: [{3D755B21-85B1-4120-9321-0BD102B9FD80}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.998\Agent.exe
FirewallRules: [{30292736-C91F-4D13-A79B-313EF5FF2585}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.998\Agent.exe
FirewallRules: [{D578F268-D6BE-4C4C-AD1C-D58D5C22F9F7}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.1040\Agent.exe
FirewallRules: [{BD30B93E-6D26-4F1F-AD55-415C1DCE5AB5}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.1040\Agent.exe
FirewallRules: [TCP Query User{81451EAA-CDF5-4C6A-BF73-9E4CBF798147}C:\program files (x86)\java\jre7\bin\javaw.exe] => (Allow) C:\program files (x86)\java\jre7\bin\javaw.exe
FirewallRules: [UDP Query User{B8C7D0FB-9EF5-4F65-9D09-E49F52D627A8}C:\program files (x86)\java\jre7\bin\javaw.exe] => (Allow) C:\program files (x86)\java\jre7\bin\javaw.exe
FirewallRules: [TCP Query User{FD24A75F-19B0-4B6B-98BA-4DB2A3021815}C:\program files (x86)\java\jre6\bin\java.exe] => (Allow) C:\program files (x86)\java\jre6\bin\java.exe
FirewallRules: [UDP Query User{6EC022AA-A2AB-433F-A272-EACA717F1B70}C:\program files (x86)\java\jre6\bin\java.exe] => (Allow) C:\program files (x86)\java\jre6\bin\java.exe
FirewallRules: [{D2CF3661-3DC0-4A08-AC62-F79E0A64D909}] => (Allow) C:\Program Files (x86)\Diablo III\Diablo III.exe
FirewallRules: [{6B487E8E-0B9D-4BA1-8FE6-1B29CA0D0696}] => (Allow) C:\Program Files (x86)\Diablo III\Diablo III.exe
FirewallRules: [{E9D2CF25-DEDE-471D-A673-2CE886144568}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{A77E816E-F3C7-445E-82D5-30C942AC1CDA}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{70495CB5-A936-4659-B479-534228FAC569}] => (Allow) C:\Windows\SysWOW64\PnkBstrA.exe
FirewallRules: [{99033FE4-DFE2-4B45-BB02-602C4638C314}] => (Allow) C:\Windows\SysWOW64\PnkBstrA.exe
FirewallRules: [{CF0EBF1A-F483-4117-947B-BD8004A91522}] => (Allow) C:\Windows\SysWOW64\PnkBstrB.exe
FirewallRules: [{32B23D4A-75E7-4172-B7DC-0FCFFE1C850D}] => (Allow) C:\Windows\SysWOW64\PnkBstrB.exe
FirewallRules: [{968553EC-475F-4726-9CBD-BB990434B715}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Microsoft Flight\Flight.exe
FirewallRules: [{2D1582E3-21C7-438D-85D8-8C74F8D65F87}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Microsoft Flight\Flight.exe
FirewallRules: [{A79BE788-18B4-4406-A89C-3728BF0EE6DF}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Combat Arms\NMService.exe
FirewallRules: [{79990B7B-71BA-4706-BAF6-ABBAB2745C3A}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Combat Arms\NMService.exe
FirewallRules: [TCP Query User{B563E875-EE56-4809-90B5-FECF0808C0C1}C:\program files (x86)\steam\steamapps\common\combat arms\engine.exe] => (Block) C:\program files (x86)\steam\steamapps\common\combat arms\engine.exe
FirewallRules: [UDP Query User{6C261B29-EAFB-4877-88EE-C698679A34C1}C:\program files (x86)\steam\steamapps\common\combat arms\engine.exe] => (Block) C:\program files (x86)\steam\steamapps\common\combat arms\engine.exe
FirewallRules: [TCP Query User{80DB5FF5-5A3D-4718-88CF-1E3F2EE8F239}C:\program files (x86)\steam\steamapps\legend270\team fortress 2\hl2.exe] => (Allow) C:\program files (x86)\steam\steamapps\legend270\team fortress 2\hl2.exe
FirewallRules: [UDP Query User{8C1FF1AD-63FC-4429-A087-BE22D5811E70}C:\program files (x86)\steam\steamapps\legend270\team fortress 2\hl2.exe] => (Allow) C:\program files (x86)\steam\steamapps\legend270\team fortress 2\hl2.exe
FirewallRules: [{36A7B904-A6F2-4CB3-9DDF-4D1AEB504E39}] => (Allow) C:\Program Files (x86)\Yahoo!\Messenger\YahooMessenger.exe
FirewallRules: [{1171EF6E-072A-4B78-939C-3358FF38EACF}] => (Allow) C:\Program Files (x86)\Yahoo!\Messenger\YahooMessenger.exe
FirewallRules: [TCP Query User{DB7D59D0-50D2-4460-BDFB-0E83E9062038}C:\program files (x86)\yahoo!\messenger\yahoomessenger.exe] => (Allow) C:\program files (x86)\yahoo!\messenger\yahoomessenger.exe
FirewallRules: [UDP Query User{EC6CB71E-E7B8-4024-90A7-D58FC3CD3DEE}C:\program files (x86)\yahoo!\messenger\yahoomessenger.exe] => (Allow) C:\program files (x86)\yahoo!\messenger\yahoomessenger.exe
FirewallRules: [TCP Query User{6FC8B7F5-A4B3-413B-8A91-15F651512AE7}C:\ProgramData\Battle.net\Agent\agent.1040\Agent.exe] => (Allow) C:\ProgramData\Battle.net\Agent\agent.1040\Agent.exe
FirewallRules: [UDP Query User{53562F7E-6FC6-4868-8C1C-413B1A082DF6}C:\ProgramData\Battle.net\Agent\agent.1040\Agent.exe] => (Allow) C:\ProgramData\Battle.net\Agent\agent.1040\Agent.exe
FirewallRules: [{5C7DECFB-3DD0-4AA3-9887-9BC05DD6444D}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.1225\Agent.exe
FirewallRules: [{47545785-AEB5-4EE4-8A09-95A46EB142BC}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.1225\Agent.exe
FirewallRules: [{540F564C-333C-4E1C-A579-C8226AF16483}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.1225\Agent.exe
FirewallRules: [{5B19509A-5CD7-4D82-80BA-0E91A2D38B75}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.1225\Agent.exe
FirewallRules: [TCP Query User{6B2827BF-2D79-4545-9C02-7090848B3390}C:\program files\java\jre7\bin\java.exe] => (Allow) C:\program files\java\jre7\bin\java.exe
FirewallRules: [UDP Query User{99B5A5D0-DCF1-402A-925E-3CE011359210}C:\program files\java\jre7\bin\java.exe] => (Allow) C:\program files\java\jre7\bin\java.exe
FirewallRules: [TCP Query User{0FACF995-D51C-46A8-ADEB-14CD3172B67D}C:\program files\java\jre7\bin\javaw.exe] => (Allow) C:\program files\java\jre7\bin\javaw.exe
FirewallRules: [UDP Query User{685442AB-6C92-4B2F-945A-7A8A4E668837}C:\program files\java\jre7\bin\javaw.exe] => (Allow) C:\program files\java\jre7\bin\javaw.exe
FirewallRules: [{FA8B96AB-E2C7-4333-9087-5A331E805D7E}] => (Allow) C:\program files\java\jre7\bin\javaw.exe
FirewallRules: [{C1BE317F-9B1D-4C3A-BB8C-E41656AECC02}] => (Allow) C:\program files\java\jre7\bin\javaw.exe
FirewallRules: [{262E3679-68E1-4B21-8A98-1583C57EE8A6}] => (Allow) C:\Program Files (x86)\TeamViewer\Version7\TeamViewer.exe
FirewallRules: [{3F2D7C5B-8181-4D80-BB68-A936D63AC49B}] => (Allow) C:\Program Files (x86)\TeamViewer\Version7\TeamViewer.exe
FirewallRules: [{9FBB9C9B-556B-4717-83CF-54F23756F441}] => (Allow) C:\Program Files (x86)\TeamViewer\Version7\TeamViewer_Service.exe
FirewallRules: [{8549B102-985A-4939-ACD4-743F54105764}] => (Allow) C:\Program Files (x86)\TeamViewer\Version7\TeamViewer_Service.exe
FirewallRules: [TCP Query User{1B376445-4608-43B5-8060-319BDF01D55D}C:\windows\system32\java.exe] => (Allow) C:\windows\system32\java.exe
FirewallRules: [UDP Query User{70DBF92B-2254-488A-8515-2CB7100D7DAD}C:\windows\system32\java.exe] => (Allow) C:\windows\system32\java.exe
FirewallRules: [{D421D8F8-B2DB-4DE2-A445-341F7405A406}] => (Block) C:\windows\system32\java.exe
FirewallRules: [{C98E6088-605C-4A14-BB3D-7E2C377903F7}] => (Block) C:\windows\system32\java.exe
FirewallRules: [{20660EC0-C349-4904-A4D2-B54261D23060}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.1363\Agent.exe
FirewallRules: [{B51E3993-65BF-484A-BED9-60524CC91AA1}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.1363\Agent.exe
FirewallRules: [TCP Query User{243CD544-1658-4AE4-AD4E-B5E5AFE8CC15}F:\halo\halo (this one).exe] => (Block) F:\halo\halo (this one).exe
FirewallRules: [UDP Query User{76AE0308-0CFB-4AC6-B5B0-AD6F58BFDA64}F:\halo\halo (this one).exe] => (Block) F:\halo\halo (this one).exe
FirewallRules: [{1A324471-3BD8-48CA-914C-DF5625B3CBE8}] => (Allow) C:\Program Files (x86)\YourFileDownloader\Downloader.exe
FirewallRules: [{DFBC809B-82F5-484F-BBE9-0DB9CE8C1FAE}] => (Allow) C:\Program Files (x86)\YourFileDownloader\Downloader.exe
FirewallRules: [{1BC52C06-A490-4FD0-8ECD-3D946CC7A0F8}] => (Allow) C:\Program Files (x86)\YourFileDownloader\YourFile.exe
FirewallRules: [{6D8A1114-BB08-48BC-98F0-54E4D0344E47}] => (Allow) C:\Program Files (x86)\YourFileDownloader\YourFile.exe
FirewallRules: [TCP Query User{8E7285D5-1613-41D4-93FB-EDBBEE691475}C:\program files (x86)\meteorentertainment\hawken\installedhawkenfiles\binaries\win32\hawkengame-win32-shipping.exe] => (Allow) C:\program files (x86)\meteorentertainment\hawken\installedhawkenfiles\binaries\win32\hawkengame-win32-shipping.exe
FirewallRules: [UDP Query User{382E6430-BAB7-4AA9-8FAD-5C4C39DD6D33}C:\program files (x86)\meteorentertainment\hawken\installedhawkenfiles\binaries\win32\hawkengame-win32-shipping.exe] => (Allow) C:\program files (x86)\meteorentertainment\hawken\installedhawkenfiles\binaries\win32\hawkengame-win32-shipping.exe
FirewallRules: [TCP Query User{832B81A4-87CF-4FEA-A84A-A58AE1DA314B}C:\users\public\sony online entertainment\installed games\planetside 2\planetside2.exe] => (Block) C:\users\public\sony online entertainment\installed games\planetside 2\planetside2.exe
FirewallRules: [UDP Query User{1326AC88-823A-4092-9175-D40EC8A03EE2}C:\users\public\sony online entertainment\installed games\planetside 2\planetside2.exe] => (Block) C:\users\public\sony online entertainment\installed games\planetside 2\planetside2.exe
FirewallRules: [{F8FF3337-9982-4213-9EF3-F27AC2DB1D97}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.1544\Agent.exe
FirewallRules: [{393367B8-529C-4209-A470-80BDDB6284C5}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.1544\Agent.exe
FirewallRules: [TCP Query User{A8E3371C-84AC-4376-B569-AEDC06B470DC}C:\program files (x86)\java\jre7\bin\java.exe] => (Allow) C:\program files (x86)\java\jre7\bin\java.exe
FirewallRules: [UDP Query User{05A64D00-A9B3-4266-83F8-0F431CBE90B9}C:\program files (x86)\java\jre7\bin\java.exe] => (Allow) C:\program files (x86)\java\jre7\bin\java.exe
FirewallRules: [{7949C18F-3ED0-438C-8996-083AEF269D2C}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{15DDF5E3-21EB-4AE3-9BBE-E9F0F59B5C2C}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [TCP Query User{7FCC21D6-B40A-46C6-B043-50A6F180C289}C:\program files (x86)\steam\steamapps\common\lord of the rings online\lotroclient.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\lord of the rings online\lotroclient.exe
FirewallRules: [UDP Query User{A552BE48-FC25-4E6B-B74F-28831C73314D}C:\program files (x86)\steam\steamapps\common\lord of the rings online\lotroclient.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\lord of the rings online\lotroclient.exe
FirewallRules: [{177CDF67-F1DB-4DD8-9E3F-B860F7EEE294}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.1737\Agent.exe
FirewallRules: [{36081120-B878-4E8E-8150-B9F9DFEB0317}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.1737\Agent.exe
FirewallRules: [{97A97849-B254-42BA-9F60-5AA4AA24B6EF}] => (Allow) C:\Users\Home\AppData\Local\Warframe\Downloaded\Public\Warframe.exe
FirewallRules: [{DA717C8C-CE21-48C0-B973-E2189A4C2A07}] => (Allow) C:\Users\Home\AppData\Local\Warframe\Downloaded\Public\Warframe.x64.exe
FirewallRules: [{A1955790-294C-41A0-AED1-9486328C40EF}] => (Allow) C:\Users\Home\AppData\Local\Warframe\Downloaded\Public\Warframe.exe
FirewallRules: [{4FBDAE69-1C8D-42E7-ADED-EED59350AB18}] => (Allow) C:\Users\Home\AppData\Local\Warframe\Downloaded\Public\Warframe.x64.exe
FirewallRules: [{51DD3554-4FA6-4B86-8F46-F834B92A2BDF}] => (Allow) C:\Users\Home\AppData\Local\Warframe\Downloaded\Public\Warframe.exe
FirewallRules: [{2DFDEC35-46C1-411A-9B12-0984FA008F1D}] => (Allow) C:\Users\Home\AppData\Local\Warframe\Downloaded\Public\Warframe.x64.exe
FirewallRules: [{2BB35F2B-BC84-4407-A26B-ABB03F14C49C}] => (Allow) C:\Users\Home\AppData\Local\Warframe\Downloaded\Public\Tools\Launcher.exe
FirewallRules: [{14FE3853-29F2-4E9A-8F82-274A4A10DA3D}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\deadpixels\Dead Pixels Launcher.exe
FirewallRules: [{D4DE402A-4400-4819-AC5B-91845BD80B9E}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\deadpixels\Dead Pixels Launcher.exe
FirewallRules: [{23A01D02-8EA5-404A-A4B2-718E568961D3}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.2045\Agent.exe
FirewallRules: [{C4860338-B596-4224-A7BC-12F2A5C7A977}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.2045\Agent.exe
FirewallRules: [{F6C4B838-B4C6-4B51-9F68-5DB4D41C5F77}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\deadpixels\Dead Pixels Launcher.exe
FirewallRules: [{48A85AE0-1EAE-405D-9B30-574A92EC0FA5}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\deadpixels\Dead Pixels Launcher.exe
FirewallRules: [{31981ABB-6492-4104-AE6A-70C6428F6F65}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.2380\Agent.exe
FirewallRules: [{DEAA22B9-6A42-4249-9C4D-C3CBE53F6624}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.2380\Agent.exe
FirewallRules: [{F0A12BD3-8E3B-474B-8C70-394B3DB221EC}] => (Allow) C:\Program Files (x86)\StarCraft II\StarCraft II.exe
FirewallRules: [{0BC5E159-8245-4ACC-AF8F-669ABB9E1CC2}] => (Allow) C:\Program Files (x86)\StarCraft II\StarCraft II.exe
FirewallRules: [{60039772-F099-4285-9198-50D19D446E21}] => (Allow) C:\Program Files (x86)\StarCraft II\StarCraft II Public Test.exe
FirewallRules: [{7BBA747A-FE06-4568-9BA7-3184A0A9CB5D}] => (Allow) C:\Program Files (x86)\StarCraft II\StarCraft II Public Test.exe
FirewallRules: [TCP Query User{2E4F923B-79DD-40DB-B5C9-71A9AFA025E2}C:\program files (x86)\starcraft ii\versions\base26490\sc2.exe] => (Allow) C:\program files (x86)\starcraft ii\versions\base26490\sc2.exe
FirewallRules: [UDP Query User{BDD21891-5F92-4F56-ACD2-815188D8144A}C:\program files (x86)\starcraft ii\versions\base26490\sc2.exe] => (Allow) C:\program files (x86)\starcraft ii\versions\base26490\sc2.exe
FirewallRules: [TCP Query User{D19E5A3C-5928-4300-82F4-8DFAF45AF349}C:\program files (x86)\raidcall\raidcall.exe] => (Block) C:\program files (x86)\raidcall\raidcall.exe
FirewallRules: [UDP Query User{2EC7481F-E1BB-43D9-B576-37CE9DD226FA}C:\program files (x86)\raidcall\raidcall.exe] => (Block) C:\program files (x86)\raidcall\raidcall.exe
FirewallRules: [{CD6493F2-4ECA-403E-8D09-890D23DAF169}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Terraria\Terraria.exe
FirewallRules: [{74150B72-A4AE-4CF8-AC4A-7FC1159E1FEB}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Terraria\Terraria.exe
FirewallRules: [{6EC3D619-1B2E-4356-9B77-7B2D18D4C78D}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Transformers War for Cybertron\Binaries\TWFC.exe
FirewallRules: [{0664B5DF-A211-4BE6-8E26-5919D8633B8D}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Transformers War for Cybertron\Binaries\TWFC.exe
FirewallRules: [{884766DC-A0AA-4213-9555-F9D023342AAB}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\DayZ\DayZ.exe
FirewallRules: [{AD7EF638-79AB-4CC9-B28D-5441E5160D7F}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\DayZ\DayZ.exe
FirewallRules: [TCP Query User{ADE1037F-2743-49DE-8F27-C277B523482B}C:\users\home\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\home\appdata\roaming\spotify\spotify.exe
FirewallRules: [UDP Query User{7E38EADE-E09C-4973-82DA-847DAB683361}C:\users\home\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\home\appdata\roaming\spotify\spotify.exe
FirewallRules: [TCP Query User{CC26DA72-22DF-4A16-8AF3-B085BA5BDE2E}C:\program files (x86)\lolreplay\lolreplay.exe] => (Allow) C:\program files (x86)\lolreplay\lolreplay.exe
FirewallRules: [UDP Query User{FD0FB1AF-455F-4593-9B22-CBB9EEDBAF0D}C:\program files (x86)\lolreplay\lolreplay.exe] => (Allow) C:\program files (x86)\lolreplay\lolreplay.exe
FirewallRules: [{75E69186-8596-4846-818C-3855C236F320}] => (Allow) C:\Program Files (x86)\iTunes\iTunes.exe
FirewallRules: [{AB91AF19-8A9E-4D35-98C1-4F0DA5C35381}] => (Allow) C:\Users\Home\AppData\Local\Warframe\Downloaded\Public\Tools\RemoteCrashSender.exe
FirewallRules: [TCP Query User{3D8899B1-E1F9-4BB0-BE71-F52415C6E16B}C:\program files (x86)\diablo iii\diablo iii.exe] => (Allow) C:\program files (x86)\diablo iii\diablo iii.exe
FirewallRules: [UDP Query User{7DF2B7A7-D5C6-47F2-89F9-C68450E195EF}C:\program files (x86)\diablo iii\diablo iii.exe] => (Allow) C:\program files (x86)\diablo iii\diablo iii.exe
FirewallRules: [{ED708A3B-2347-409C-A94D-3B61A568E469}] => (Allow) C:\Program Files (x86)\Raptr\raptr.exe
FirewallRules: [{FDD9A9F0-5B49-4B89-B174-B64D03E72075}] => (Allow) C:\Program Files (x86)\Raptr\raptr.exe
FirewallRules: [{61A86C6D-01EF-4AE1-AB32-539879946CFF}] => (Allow) C:\Program Files (x86)\Raptr\raptr_im.exe
FirewallRules: [{D35522BE-2915-4DC9-BB8B-4D510C4B61A3}] => (Allow) C:\Program Files (x86)\Raptr\raptr_im.exe
FirewallRules: [{A9EB237D-16C1-468C-AE26-AB005259D4B9}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.2816\Agent.exe
FirewallRules: [{8B6256FE-7CBA-4DF8-8688-45BB3A48EE3A}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.2816\Agent.exe
FirewallRules: [TCP Query User{2BB326F0-215F-4DBB-B9FD-BADFD16D608D}C:\users\home\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\home\appdata\roaming\spotify\spotify.exe
FirewallRules: [UDP Query User{620769A8-2B4F-4D9B-8EB7-52E00EBE8B56}C:\users\home\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\home\appdata\roaming\spotify\spotify.exe
FirewallRules: [{CB6CE769-E7F6-4E21-8E3E-680A038EE440}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.2880\Agent.exe
FirewallRules: [{D95AFB17-7A98-420D-A94C-8870C814B4CD}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.2880\Agent.exe
FirewallRules: [{101355E7-70EA-4D9F-800E-E3927C306925}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.2880\Agent.exe
FirewallRules: [{9958DD32-BAF6-4414-BEB2-452E906E7788}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.2880\Agent.exe
FirewallRules: [{B0AAC4ED-7C6B-4E9C-B877-5120BE12B424}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3023\Agent.exe
FirewallRules: [{D184D2E5-C232-44C8-B217-7C2F938C0B6A}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3023\Agent.exe
FirewallRules: [{5B9CD88C-307D-4318-ABE2-EB9E873EFDAA}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3147\Agent.exe
FirewallRules: [{4A35C224-2E7F-48FC-99B7-9582BB757964}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3147\Agent.exe
FirewallRules: [TCP Query User{49EA2474-7E5C-4AB3-867A-8B01AD192D0A}C:\programdata\battle.net\agent\agent.3147\agent.exe] => (Allow) C:\programdata\battle.net\agent\agent.3147\agent.exe
FirewallRules: [UDP Query User{018310B9-A31C-4C54-819A-2B92DB779D77}C:\programdata\battle.net\agent\agent.3147\agent.exe] => (Allow) C:\programdata\battle.net\agent\agent.3147\agent.exe
FirewallRules: [TCP Query User{9208CEC9-AB33-4926-A79C-461D26BAD8BC}C:\program files (x86)\hi-rez studios\hirezgames\smite\binaries\win32\smite.exe] => (Allow) C:\program files (x86)\hi-rez studios\hirezgames\smite\binaries\win32\smite.exe
FirewallRules: [UDP Query User{B76780A0-D6F4-4E91-8DF5-BC2C20970EE0}C:\program files (x86)\hi-rez studios\hirezgames\smite\binaries\win32\smite.exe] => (Allow) C:\program files (x86)\hi-rez studios\hirezgames\smite\binaries\win32\smite.exe
FirewallRules: [{DD68675A-78D1-4C86-A4AF-BA8988BF18E8}] => (Allow) C:\Users\Home\AppData\Local\Facebook\Video\Skype\FacebookVideoCalling.exe
FirewallRules: [{E7A5C568-84FE-48BA-8F14-4342CDE57E3D}] => (Allow) C:\Program Files (x86)\Battle.net\Battle.net.exe
FirewallRules: [{06BE8F64-D66A-4C96-8592-9CC5D1DAC0FE}] => (Allow) C:\Program Files (x86)\Battle.net\Battle.net.exe
FirewallRules: [TCP Query User{7F3F5915-0189-42D4-AE5F-CD04BE40023B}C:\riot games\league of legends\rads\projects\lol_patcher\releases\0.0.0.14\deploy\lolpatcher.exe] => (Allow) C:\riot games\league of legends\rads\projects\lol_patcher\releases\0.0.0.14\deploy\lolpatcher.exe
FirewallRules: [UDP Query User{881642C1-8E73-4BC7-A4AC-391A0F977CBD}C:\riot games\league of legends\rads\projects\lol_patcher\releases\0.0.0.14\deploy\lolpatcher.exe] => (Allow) C:\riot games\league of legends\rads\projects\lol_patcher\releases\0.0.0.14\deploy\lolpatcher.exe
FirewallRules: [TCP Query User{CF25205A-C247-46D9-BB94-6894993BFAD3}C:\riot games\league of legends\rads\projects\lol_patcher\releases\0.0.0.14\deploy\lolpatcherux.exe] => (Allow) C:\riot games\league of legends\rads\projects\lol_patcher\releases\0.0.0.14\deploy\lolpatcherux.exe
FirewallRules: [UDP Query User{EB5DAC5C-0174-4407-9821-2852B7CDF227}C:\riot games\league of legends\rads\projects\lol_patcher\releases\0.0.0.14\deploy\lolpatcherux.exe] => (Allow) C:\riot games\league of legends\rads\projects\lol_patcher\releases\0.0.0.14\deploy\lolpatcherux.exe
FirewallRules: [TCP Query User{8DA5C16F-1DE3-4CDE-8588-2CB52E649A3D}C:\program files (x86)\minecraft\runtime\jre-x64\1.8.0_25\bin\javaw.exe] => (Allow) C:\program files (x86)\minecraft\runtime\jre-x64\1.8.0_25\bin\javaw.exe
FirewallRules: [UDP Query User{9B514FE5-3170-4D47-8896-F6B18B69EB25}C:\program files (x86)\minecraft\runtime\jre-x64\1.8.0_25\bin\javaw.exe] => (Allow) C:\program files (x86)\minecraft\runtime\jre-x64\1.8.0_25\bin\javaw.exe
FirewallRules: [{7A745AF7-8316-4922-B6F0-4E02E1CD9557}] => (Allow) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
FirewallRules: [{2723FB92-F207-4A9D-8AFF-CE788710D0B6}] => (Allow) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
FirewallRules: [{570496AA-6B88-426B-8374-28843004CA0F}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Counter-Strike Global Offensive\csgo.exe
FirewallRules: [{4C176787-7A91-46A6-B330-B18C0590E174}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Counter-Strike Global Offensive\csgo.exe
FirewallRules: [{1C5E1448-5154-417D-B325-415D6E32D33E}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\dota.exe
FirewallRules: [{BF3788D4-B672-4A5D-8820-0C8CCC77187C}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\dota.exe
FirewallRules: [{A94A1739-4055-46BA-A38C-0CDB9416C9AE}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3507\Agent.exe
FirewallRules: [{9A95A0E4-0943-4856-8053-FF35312B7792}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3507\Agent.exe
FirewallRules: [{0F2A6FFE-7049-4456-A9FD-A0206FD2B773}] => (Allow) C:\Program Files (x86)\Hearthstone\Hearthstone.exe
FirewallRules: [{472C8B67-4F95-48CE-AD29-43896464431F}] => (Allow) C:\Program Files (x86)\Hearthstone\Hearthstone.exe
FirewallRules: [{FBA5F4DC-4710-4FF7-BEF9-32E8E1EA0AD3}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3634\Agent.exe
FirewallRules: [{5B26650B-2003-447D-93D5-E10411EE8B31}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3634\Agent.exe
FirewallRules: [{CF57295E-7AE2-4C21-B5F9-2B10120EF521}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3634\Agent.exe
FirewallRules: [{8C41FE0F-5E31-4367-BE17-A269DA20D0B4}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3634\Agent.exe
FirewallRules: [{2F24505A-DAD6-4F61-8621-2C459CCB0FE7}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{700CDD4D-CF04-4086-8259-F16E8E19B1A3}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [TCP Query User{272F8D82-779E-4A89-AC34-906EFAD8A49B}C:\program files (x86)\mozilla firefox\firefox.exe] => (Block) C:\program files (x86)\mozilla firefox\firefox.exe
FirewallRules: [UDP Query User{FA509831-9261-43E7-97DB-FC2A3573C04E}C:\program files (x86)\mozilla firefox\firefox.exe] => (Block) C:\program files (x86)\mozilla firefox\firefox.exe
FirewallRules: [{BF81B984-6089-411F-A35F-0794C5CD7BFF}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

==================== Faulty Device Manager Devices =============


==================== Event log errors: =========================

Application errors:
==================
Error: (07/10/2015 06:05:01 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 5045571

Error: (07/10/2015 06:05:01 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 5045571

Error: (07/10/2015 06:04:59 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second

Error: (07/10/2015 05:48:25 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 15584

Error: (07/10/2015 05:48:25 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 15584

Error: (07/10/2015 05:48:25 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second

Error: (07/08/2015 07:48:48 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 9157

Error: (07/08/2015 07:48:48 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 9157

Error: (07/08/2015 07:48:48 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second

Error: (07/08/2015 07:48:47 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 8128


System errors:
=============
Error: (07/11/2015 07:46:11 AM) (Source: Schannel) (EventID: 4120) (User: NT AUTHORITY)
Description: The following fatal alert was generated: 10. The internal error state is 10.

Error: (07/11/2015 06:06:07 AM) (Source: Schannel) (EventID: 4120) (User: NT AUTHORITY)
Description: The following fatal alert was generated: 10. The internal error state is 10.

Error: (07/10/2015 09:50:10 AM) (Source: BROWSER) (EventID: 8032) (User: )
Description: The browser service has failed to retrieve the backup list too many times on transport \Device\NetBT_Tcpip_{2285E1E2-9E54-4A84-89D4-31545250291B}.
The backup browser is stopping.

Error: (07/10/2015 05:08:19 AM) (Source: Schannel) (EventID: 4120) (User: NT AUTHORITY)
Description: The following fatal alert was generated: 10. The internal error state is 10.

Error: (07/09/2015 07:36:55 AM) (Source: BROWSER) (EventID: 8032) (User: )
Description: The browser service has failed to retrieve the backup list too many times on transport \Device\NetBT_Tcpip_{2285E1E2-9E54-4A84-89D4-31545250291B}.
The backup browser is stopping.

Error: (07/08/2015 06:33:23 PM) (Source: BROWSER) (EventID: 8032) (User: )
Description: The browser service has failed to retrieve the backup list too many times on transport \Device\NetBT_Tcpip_{2285E1E2-9E54-4A84-89D4-31545250291B}.
The backup browser is stopping.

Error: (07/06/2015 04:01:43 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: A timeout was reached (30000 milliseconds) while waiting for the AtherosSvc service to connect.

Error: (07/05/2015 04:19:25 PM) (Source: NetBT) (EventID: 4321) (User: )
Description: The name "WORKGROUP      :1d" could not be registered on the interface with IP address 192.168.1.2.
The computer with the IP address 192.168.1.3 did not allow the name to be claimed by
this computer.

Error: (07/05/2015 07:22:41 AM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: The Avast Antivirus service terminated unexpectedly.  It has done this 1 time(s).  The following corrective action will be taken in 5000 milliseconds: Restart the service.

Error: (07/05/2015 07:13:25 AM) (Source: BROWSER) (EventID: 8032) (User: )
Description: The browser service has failed to retrieve the backup list too many times on transport \Device\NetBT_Tcpip_{2285E1E2-9E54-4A84-89D4-31545250291B}.
The backup browser is stopping.


Microsoft Office:
=========================
Error: (07/10/2015 06:05:01 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 5045571

Error: (07/10/2015 06:05:01 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 5045571

Error: (07/10/2015 06:04:59 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second

Error: (07/10/2015 05:48:25 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 15584

Error: (07/10/2015 05:48:25 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 15584

Error: (07/10/2015 05:48:25 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second

Error: (07/08/2015 07:48:48 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 9157

Error: (07/08/2015 07:48:48 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 9157

Error: (07/08/2015 07:48:48 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second

Error: (07/08/2015 07:48:47 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 8128


==================== Memory info ===========================

Processor: AMD A6-3400M APU with Radeon™ HD Graphics
Percentage of memory in use: 41%
Total physical RAM: 3563.8 MB
Available physical RAM: 2075.79 MB
Total Virtual: 7125.82 MB
Available Virtual: 3819.82 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:179 GB) (Free:2.46 GB) NTFS
Drive d: () (Fixed) (Total:266.78 GB) (Free:266.68 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (Size: 465.8 GB) (Disk ID: 26DC4940)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=179 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=266.8 GB) - (Type=OF Extended)
Partition 4: (Not Active) - (Size=19.9 GB) - (Type=27)

==================== End of log ============================


  • 0

Advertisements


#2
Essexboy

Essexboy

    GeekU Moderator

  • Retired Staff
  • 69,964 posts
Hi, sorry for the delay. If you still require assistance could you post a fresh FRST scan please
  • 0

#3
Dougrbi

Dougrbi

    Member

  • Topic Starter
  • Member
  • PipPip
  • 57 posts

I can not run or download frst64. it flashes then quits. I will have to work on it. the scan I did is 3 days old.


  • 0

#4
Essexboy

Essexboy

    GeekU Moderator

  • Retired Staff
  • 69,964 posts
You are exceedingly tight on free space on your C drive, could you free up 10 to 15 GB

Download Speedfan and install it. Once it's installed, run the program and post here the information it shows. The information I want you to post is the stuff that is circled in the example picture I have attached.
If you are running on a vista machine, please go to where you installed the program and run the program as administrator.

speedfan.png
(this is a screenshot from a vista machine)
  • 0

#5
Dougrbi

Dougrbi

    Member

  • Topic Starter
  • Member
  • PipPip
  • 57 posts

I don't know why my C drive is maxed out, There is really no reason for it that I can find. I just noticed it when I looked at it, could this be part of the problem.

 

HD0:40C

Temp:48C

GPU: 48C

Core: 48C


  • 0

#6
Dougrbi

Dougrbi

    Member

  • Topic Starter
  • Member
  • PipPip
  • 57 posts

This is the error I get when I try to run FRST.

 

C:\Users\Home\AppData\Local\Temp\NCLt2dL2.exe.part could not be saved, because the source file could not be read.

Try again later, or contact the server administrator.


  • 0

#7
Essexboy

Essexboy

    GeekU Moderator

  • Retired Staff
  • 69,964 posts
OK the first thing you must do is clear some space on your hard drive

Could you uninstall or back up at least 10GB so that the free space is about 10% of the total drive

Drive c: () (Fixed) (Total:179 GB) (Free:2.46 GB) NTFS

Then run FRST fix again
  • 0

#8
Dougrbi

Dougrbi

    Member

  • Topic Starter
  • Member
  • PipPip
  • 57 posts

I freed up 10 GB and still can't run FRST

C:\Users\Home\AppData\Local\Temp\e8ywAsj8.exe.part could not be saved, because the source file could not be read.

Try again later, or contact the server administrator

 

Also the Computer get very hot when I use a browser for say Facebook, or any news site. It just starts running hot. I'm not sure what else to do. I don't have many files on the computer. I deleted all programs I don't use and found a bunch of photos to get rid of but I really can't find anything to delete that would be hogging a huge amount of memory. I have to head to work so I can't respond until the evening.


  • 0

#9
Essexboy

Essexboy

    GeekU Moderator

  • Retired Staff
  • 69,964 posts
Could you follow the steps here to ensure that your computer vents are clear

http://www.howtogeek...heating-laptop/
  • 0

#10
Dougrbi

Dougrbi

    Member

  • Topic Starter
  • Member
  • PipPip
  • 57 posts

Everything is all clear and clean. I still can't run FRST.


  • 0

Advertisements


#11
Essexboy

Essexboy

    GeekU Moderator

  • Retired Staff
  • 69,964 posts
OK two things to try... First we will download and run a fresh FRST if that fails I will run a different programme

Please download Farbar Recovery Scan Tool and save it to your Desktop.

Note: You need to run the version compatible with your system. If you are not sure which version applies to your system download both of them and try to run them. Only one of them will run on your system, that will be the right version.
  • Right click to run as administrator (XP users click run after receipt of Windows Security Warning - Open File). When the tool opens click Yes to disclaimer.
  • Select additions at the bottom
  • Press Scan button.
    frst.JPG
  • It will produce a log called FRST.txt in the same directory the tool is run from.
  • Please attach both logs generated.
IF THAT FAILS

Download OTL to your Desktop
Secondary link
  • Double click on the icon to run it. Make sure all other windows are closed and to let it run uninterrupted.

    OTL_Main_Tutorial.gif
  • Select All Users
  • Select LOP and Purity
  • Under the Custom Scan box paste this in

    netsvcs
    BASESERVICES
    %SYSTEMDRIVE%\*.exe
    c:\program files (x86)\Google\Desktop
    c:\program files\Google\Desktop
    dir "%systemdrive%\*" /S /A:L /C
    /md5start
    rpcss.dll
    /md5stop
    CREATERESTOREPOINT
  • Click the Run Scan button. Do not change any settings unless otherwise told to do so. The scan wont take long.
    • When the scan completes, it will open two notepad windows. OTL.Txt and Extras.Txt. These are saved in the same location as OTL.
    • Attach both logs

  • 0

#12
Dougrbi

Dougrbi

    Member

  • Topic Starter
  • Member
  • PipPip
  • 57 posts

OTL logfile created on: 7/19/2015 6:48:06 AM - Run 1
OTL by OldTimer - Version 3.2.69.0     Folder = C:\Users\Home\Downloads
64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.11.9600.17914)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy
 
3.48 Gb Total Physical Memory | 2.30 Gb Available Physical Memory | 65.96% Memory free
6.96 Gb Paging File | 4.72 Gb Available in Paging File | 67.79% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 179.00 Gb Total Space | 9.63 Gb Free Space | 5.38% Space Free | Partition Type: NTFS
Drive D: | 266.78 Gb Total Space | 266.68 Gb Free Space | 99.96% Space Free | Partition Type: NTFS
 
Computer Name: HOME-PC | User Name: Home | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
 
========== Processes (SafeList) ==========
 
PRC - File not found --
PRC - [2015/07/19 06:46:15 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Home\Downloads\OTL.exe
PRC - [2015/07/07 20:12:28 | 000,082,128 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
PRC - [2015/07/05 00:52:03 | 000,377,000 | ---- | M] (Mozilla Corporation) -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe
PRC - [2015/06/14 07:44:09 | 005,515,496 | ---- | M] (Avast Software s.r.o.) -- C:\Program Files\AVAST Software\Avast\AvastUI.exe
PRC - [2015/06/14 07:43:28 | 000,343,336 | ---- | M] (Avast Software s.r.o.) -- C:\Program Files\AVAST Software\Avast\AvastSvc.exe
PRC - [2014/10/08 18:18:56 | 000,211,104 | ---- | M] (Microsoft Corporation) -- C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe
PRC - [2014/04/17 22:14:26 | 001,967,616 | ---- | M] (AMD) -- C:\Program Files (x86)\ATI Technologies\HydraVision\HydraDM.exe
PRC - [2012/03/16 18:46:34 | 002,805,328 | ---- | M] (SAMSUNG ELECTRONICS CO., Ltd.) -- C:\Program Files (x86)\Samsung\Easy Software Manager\SWMAgent.exe
PRC - [2011/09/27 16:23:10 | 005,458,312 | ---- | M] (Samsung Electronics) -- C:\Program Files (x86)\Samsung\Easy Settings\EasySpeedUpManager.exe
PRC - [2011/09/08 04:04:50 | 003,398,736 | ---- | M] (SAMSUNG Electronics) -- C:\Program Files (x86)\Samsung\Easy Support Center\SSCKbdHk.exe
PRC - [2011/09/06 01:36:42 | 002,275,408 | ---- | M] (Samsung Electronics Co., Ltd.) -- C:\Program Files (x86)\Samsung\Easy Settings\SmartSetting.exe
PRC - [2011/09/06 01:35:54 | 001,087,056 | ---- | M] (Samsung Electronics Co., Ltd.) -- C:\Program Files (x86)\Samsung\Easy Settings\dmhkcore.exe
PRC - [2011/08/18 21:36:46 | 000,784,976 | ---- | M] (Samsung Electronics Co., Ltd.) -- C:\Program Files (x86)\Samsung\Easy Settings\MovieColorEnhancer.exe
PRC - [2011/08/17 00:19:18 | 000,136,488 | ---- | M] (CyberLink) -- C:\Program Files (x86)\CyberLink\YouCam\YCMMirage.exe
PRC - [2011/07/28 16:08:12 | 001,259,376 | ---- | M] () -- C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe
PRC - [2011/07/15 18:16:16 | 000,146,592 | ---- | M] (Atheros) -- C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe
PRC - [2011/06/24 01:52:30 | 004,403,280 | ---- | M] (SEC) -- C:\Program Files (x86)\Samsung\Samsung Recovery Solution 5\WCScheduler.exe
PRC - [2010/09/19 20:24:42 | 000,087,336 | ---- | M] (CyberLink Corp.) -- C:\Program Files (x86)\CyberLink\Media+Player10\Media+Player10Serv.exe
PRC - [2009/11/01 22:21:26 | 000,103,720 | ---- | M] (CyberLink) -- C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvc.exe
PRC - [2006/09/28 02:20:00 | 000,049,152 | ---- | M] (Ulead Systems, Inc.) -- C:\Program Files (x86)\Common Files\Ulead Systems\DVD\ULCDRSvr.exe
 
 
========== Modules (No Company Name) ==========
 
MOD - [2015/06/14 07:43:33 | 040,540,672 | ---- | M] () -- C:\Program Files\AVAST Software\Avast\libcef.dll
MOD - [2015/06/14 07:43:30 | 000,104,400 | ---- | M] () -- C:\Program Files\AVAST Software\Avast\log.dll
MOD - [2015/06/14 07:43:28 | 000,081,728 | ---- | M] () -- C:\Program Files\AVAST Software\Avast\JsonRpcServer.dll
MOD - [2011/07/28 16:09:42 | 000,096,112 | ---- | M] () -- C:\Program Files (x86)\DivX\DivX Update\DivXUpdateCheck.dll
MOD - [2011/07/28 16:08:12 | 001,259,376 | ---- | M] () -- C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe
MOD - [2011/02/16 09:03:20 | 000,203,776 | ---- | M] () -- C:\Program Files (x86)\Samsung\Easy Settings\WinCRT.dll
MOD - [2010/05/07 07:22:18 | 001,636,864 | ---- | M] () -- C:\Program Files (x86)\Samsung\Samsung Recovery Solution 5\Resdll.dll
MOD - [2009/11/01 22:23:36 | 000,013,096 | ---- | M] () -- C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvcPS.dll
MOD - [2009/11/01 22:20:10 | 000,619,816 | ---- | M] () -- C:\Program Files (x86)\CyberLink\Power2Go\CLMediaLibrary.dll
MOD - [2006/08/11 20:48:40 | 000,049,152 | ---- | M] () -- C:\Program Files (x86)\Samsung\Easy Settings\HookDllPS2.dll
 
 
========== Services (SafeList) ==========
 
SRV:64bit: - File not found [Disabled | Unknown] -- C:\Program Files\AVAST Software\Avast\ng\vbox\AvastVBoxSVC.exe -- (AvastVBoxSvc)
SRV:64bit: - [2015/06/20 12:34:46 | 000,114,688 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\windows\SysNative\IEEtwCollector.exe -- (IEEtwCollectorService)
SRV:64bit: - [2015/06/14 07:43:28 | 000,343,336 | ---- | M] (Avast Software s.r.o.) [Auto | Running] -- C:\Program Files\AVAST Software\Avast\AvastSvc.exe -- (avast! Antivirus)
SRV:64bit: - [2015/05/25 11:19:13 | 001,255,424 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\diagtrack.dll -- (DiagTrack)
SRV:64bit: - [2014/04/17 22:29:26 | 000,344,064 | ---- | M] (Advanced Micro Devices, Inc.) [Auto | Running] -- C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe -- (AMD FUEL Service)
SRV:64bit: - [2014/04/17 18:29:24 | 000,239,616 | ---- | M] (AMD) [Auto | Running] -- C:\Windows\SysNative\atiesrxx.exe -- (AMD External Events Utility)
SRV:64bit: - [2013/05/26 22:50:47 | 001,011,712 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV:64bit: - [2010/09/22 02:10:10 | 000,057,184 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Program Files\Windows Live\Mesh\wlcrasvc.exe -- (wlcrasvc)
SRV:64bit: - [2007/02/12 10:45:26 | 000,024,576 | ---- | M] (Syntek America Inc.) [Auto | Running] -- C:\Windows\SysNative\StkCSrv.exe -- (StkSSrv)
SRV - [2015/07/14 19:25:37 | 000,268,976 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)
SRV - [2015/07/07 20:12:28 | 000,082,128 | ---- | M] (Adobe Systems Incorporated) [Auto | Running] -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe -- (AdobeARMservice)
SRV - [2015/07/05 00:52:03 | 000,148,136 | ---- | M] (Mozilla Foundation) [On_Demand | Stopped] -- C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance)
SRV - [2014/10/08 18:18:56 | 000,211,104 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe -- (sftvsa)
SRV - [2014/10/08 18:18:50 | 000,534,184 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe -- (sftlist)
SRV - [2014/09/16 14:10:54 | 000,569,024 | ---- | M] (Valve Corporation) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Steam\SteamService.exe -- (Steam Client Service)
SRV - [2014/09/05 13:11:55 | 000,177,648 | ---- | M] (Coupons.com Inc.) [Auto | Running] -- C:\Program Files (x86)\Coupons\CouponPrinterService.exe -- (CouponPrinterService)
SRV - [2014/04/11 23:08:08 | 000,103,608 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32)
SRV - [2014/03/20 15:49:18 | 000,067,224 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32)
SRV - [2011/11/14 02:16:38 | 001,039,360 | ---- | M] (Hewlett-Packard Co.) [Auto | Running] -- C:\Users\Home\AppData\Local\Temp\7zS0AC8\HPSLPSVC64.DLL -- (HPSLPSVC)
SRV - [2011/07/15 18:16:16 | 000,146,592 | ---- | M] (Atheros) [Auto | Running] -- C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe -- (Atheros Bt&Wlan Coex Agent)
SRV - [2011/07/15 18:10:34 | 000,091,296 | ---- | M] (Atheros Commnucations) [Auto | Running] -- C:\Program Files (x86)\Bluetooth Suite\AdminService.exe -- (AtherosSvc)
SRV - [2006/09/28 02:20:00 | 000,049,152 | ---- | M] (Ulead Systems, Inc.) [Auto | Running] -- C:\Program Files (x86)\Common Files\Ulead Systems\DVD\ULCDRSvr.exe -- (UleadBurningHelper)
 
 
========== Driver Services (SafeList) ==========
 
DRV:64bit: - File not found [Kernel | Disabled | Unknown] -- C:\Program Files\AVAST Software\Avast\ng\vbox\VBoxAswDrv.sys -- (VBoxAswDrv)
DRV:64bit: - [2015/06/26 07:43:55 | 000,442,264 | ---- | M] (Avast Software s.r.o.) [File_System | System | Running] -- C:\Windows\SysNative\drivers\aswsp.sys -- (aswSP)
DRV:64bit: - [2015/06/14 07:43:36 | 000,137,288 | ---- | M] (Avast Software s.r.o.) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\aswStm.sys -- (aswStm)
DRV:64bit: - [2015/06/14 07:43:35 | 000,272,248 | ---- | M] () [Kernel | Boot | Running] -- C:\windows\SysNative\drivers\aswVmm.sys -- (aswVmm)
DRV:64bit: - [2015/06/14 07:43:35 | 000,093,528 | ---- | M] (Avast Software s.r.o.) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\aswRdr2.sys -- (aswRdr)
DRV:64bit: - [2015/06/14 07:43:35 | 000,089,944 | ---- | M] (Avast Software s.r.o.) [File_System | Auto | Running] -- C:\Windows\SysNative\drivers\aswMonFlt.sys -- (aswMonFlt)
DRV:64bit: - [2015/06/14 07:43:35 | 000,065,736 | ---- | M] () [Kernel | Boot | Running] -- C:\windows\SysNative\drivers\aswRvrt.sys -- (aswRvrt)
DRV:64bit: - [2015/06/14 07:43:35 | 000,029,168 | ---- | M] () [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\aswHwid.sys -- (aswHwid)
DRV:64bit: - [2015/06/14 07:43:20 | 001,047,320 | ---- | M] (Avast Software s.r.o.) [File_System | System | Running] -- C:\Windows\SysNative\drivers\aswSnx.sys -- (aswSnx)
DRV:64bit: - [2014/10/08 18:18:54 | 000,273,576 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Sftplaylh.sys -- (Sftplay)
DRV:64bit: - [2014/10/08 18:18:54 | 000,029,352 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\Sftredirlh.sys -- (Sftredir)
DRV:64bit: - [2014/10/08 18:18:54 | 000,023,208 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Sftvollh.sys -- (Sftvol)
DRV:64bit: - [2014/10/08 18:18:50 | 000,766,632 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Sftfslh.sys -- (Sftfs)
DRV:64bit: - [2014/09/04 20:27:52 | 000,160,424 | ---- | M] (Razer Inc) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\rzudd.sys -- (rzudd)
DRV:64bit: - [2014/09/04 20:27:52 | 000,039,592 | ---- | M] (Razer Inc) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\rzendpt.sys -- (rzendpt)
DRV:64bit: - [2014/04/17 19:36:46 | 015,376,384 | ---- | M] (Advanced Micro Devices, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\atikmdag.sys -- (amdkmdag)
DRV:64bit: - [2014/04/17 18:07:06 | 000,638,976 | ---- | M] (Advanced Micro Devices, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\atikmpag.sys -- (amdkmdap)
DRV:64bit: - [2014/02/11 17:36:52 | 000,059,616 | ---- | M] (Advanced Micro Devices) [Kernel | Auto | Running] -- C:\Program Files\ATI Technologies\ATI.ACE\Fuel\amd64\aoddriver2.sys -- (AODDriver4.3)
DRV:64bit: - [2013/12/19 09:45:50 | 000,094,720 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\AtihdW76.sys -- (AtiHDAudioService)
DRV:64bit: - [2013/04/15 12:51:58 | 000,102,808 | ---- | M] (Logitech) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ladfGSRamd64.sys -- (LADF_RenderOnly)
DRV:64bit: - [2013/04/15 12:51:52 | 000,410,008 | ---- | M] (Logitech) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ladfGSCamd64.sys -- (LADF_CaptureOnly)
DRV:64bit: - [2013/03/18 16:51:08 | 000,054,784 | ---- | M] (Apple, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\usbaapl64.sys -- (USBAAPL64)
DRV:64bit: - [2012/02/29 23:46:16 | 000,023,408 | ---- | M] (Microsoft Corporation) [Recognizer | Boot | Unknown] -- C:\windows\SysNative\drivers\fs_rec.sys -- (Fs_Rec)
DRV:64bit: - [2011/09/08 04:04:52 | 000,013,824 | ---- | M] (SAMSUNG ELECTRONICS) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\SABI.sys -- (SABI)
DRV:64bit: - [2011/08/17 13:44:46 | 000,053,376 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\usbfilter.sys -- (usbfilter)
DRV:64bit: - [2011/08/17 00:19:38 | 000,031,216 | ---- | M] (CyberLink Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\clwvd.sys -- (clwvd)
DRV:64bit: - [2011/08/03 04:57:04 | 002,768,384 | ---- | M] (Atheros Communications, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\athrx.sys -- (athr)
DRV:64bit: - [2011/07/15 18:13:34 | 000,289,440 | ---- | M] (Atheros) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\btfilter.sys -- (BtFilter)
DRV:64bit: - [2011/07/15 18:13:18 | 000,283,296 | ---- | M] (Atheros) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\btath_rcp.sys -- (BTATH_RCP)
DRV:64bit: - [2011/07/15 18:13:12 | 000,059,040 | ---- | M] (Atheros) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\btath_lwflt.sys -- (BTATH_LWFLT)
DRV:64bit: - [2011/07/15 18:13:08 | 000,166,048 | ---- | M] (Atheros) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\btath_hcrp.sys -- (BTATH_HCRP)
DRV:64bit: - [2011/07/15 18:13:02 | 000,036,000 | ---- | M] (Atheros) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\btath_flt.sys -- (AthBTPort)
DRV:64bit: - [2011/07/15 18:12:58 | 000,029,344 | ---- | M] (Atheros) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\btath_bus.sys -- (BTATH_BUS)
DRV:64bit: - [2011/07/15 18:12:52 | 000,109,216 | ---- | M] (Atheros) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\btath_avdt.sys -- (btath_avdt)
DRV:64bit: - [2011/07/15 18:12:46 | 000,259,744 | ---- | M] (Atheros) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\btath_a2dp.sys -- (BTATH_A2DP)
DRV:64bit: - [2011/05/16 23:55:28 | 000,533,096 | ---- | M] (Realtek                                            ) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Rt64win7.sys -- (RTL8167)
DRV:64bit: - [2011/04/11 03:55:24 | 000,007,680 | ---- | M] (Phoenix Technologies Ltd.) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\SGDrv64.sys -- (SGDrv)
DRV:64bit: - [2011/03/10 23:41:12 | 000,107,904 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata)
DRV:64bit: - [2011/03/10 23:41:12 | 000,027,008 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata)
DRV:64bit: - [2011/03/04 11:46:20 | 000,078,976 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amd_sata.sys -- (amd_sata)
DRV:64bit: - [2011/03/04 11:46:20 | 000,038,528 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amd_xata.sys -- (amd_xata)
DRV:64bit: - [2010/11/20 20:24:33 | 000,059,392 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbFlt.sys -- (TsUsbFlt)
DRV:64bit: - [2010/11/20 20:23:47 | 000,109,056 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\sdbus.sys -- (sdbus)
DRV:64bit: - [2010/11/20 20:23:47 | 000,078,720 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD)
DRV:64bit: - [2010/11/20 20:23:47 | 000,031,232 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbGD.sys -- (TsUsbGD)
DRV:64bit: - [2009/11/23 18:38:00 | 000,016,008 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\LGVirHid.sys -- (LGVirHid)
DRV:64bit: - [2009/11/23 18:37:50 | 000,022,408 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\LGBusEnum.sys -- (LGBusEnum)
DRV:64bit: - [2009/07/13 18:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs)
DRV:64bit: - [2009/07/13 18:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2)
DRV:64bit: - [2009/07/13 18:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor)
DRV:64bit: - [2009/06/10 13:37:05 | 006,108,416 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\igdkmd64.sys -- (igfx)
DRV:64bit: - [2009/06/10 13:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv)
DRV:64bit: - [2009/06/10 13:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv)
DRV:64bit: - [2009/06/10 13:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a)
DRV:64bit: - [2009/06/10 13:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir)
DRV:64bit: - [2009/03/18 17:35:42 | 000,033,856 | -H-- | M] (LogMeIn, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hamachi.sys -- (hamachi)
DRV:64bit: - [2007/06/28 10:45:26 | 000,632,704 | ---- | M] (Syntek) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\StkCMini.sys -- (StkCMini)
DRV - [2012/12/29 13:59:38 | 000,028,664 | ---- | M] (Almico Software) [Kernel | Auto | Running] -- C:\Windows\SysWOW64\speedfan.sys -- (speedfan)
DRV - [2011/11/17 21:16:48 | 000,015,144 | ---- | M] (Windows ® 2003 DDK 3790 provider) [Kernel | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\rtport.sys -- (rtport)
DRV - [2009/07/13 18:19:10 | 000,019,008 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\wimmount.sys -- (WIMMount)
 
 
========== Standard Registry (SafeList) ==========
 
 
========== Internet Explorer ==========
 
IE:64bit: - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE:64bit: - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/...ms}&FORM=IE8SRC
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar = https://www.yahoo.co...ast&type=agc511
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = https://search.yahoo...p={searchTerms}
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = https://www.yahoo.co...ast&type=agc511
IE - HKLM\..\SearchScopes,DefaultScope = {9CB96984-43C3-4D44-90EF-01466EFCF7BB}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/...rc=IE-SearchBox
IE - HKLM\..\SearchScopes\{9CB96984-43C3-4D44-90EF-01466EFCF7BB}: "URL" = https://search.yahoo...p={searchTerms}
 
 
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 
IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 
 
 
IE - HKU\S-1-5-21-334125316-4088546140-4129291110-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar = https://www.yahoo.co...ast&type=agc511
IE - HKU\S-1-5-21-334125316-4088546140-4129291110-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = https://search.yahoo...p={searchTerms}
IE - HKU\S-1-5-21-334125316-4088546140-4129291110-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = https://www.yahoo.co...ast&type=agc511
IE - HKU\S-1-5-21-334125316-4088546140-4129291110-1000\..\URLSearchHook: {cdf97ee2-ded0-4369-835e-99dd08225fa5} - No CLSID value found
IE - HKU\S-1-5-21-334125316-4088546140-4129291110-1000\..\SearchScopes,DefaultScope = {9CB96984-43C3-4D44-90EF-01466EFCF7BB}
IE - HKU\S-1-5-21-334125316-4088546140-4129291110-1000\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/...Box&FORM=IESR02
IE - HKU\S-1-5-21-334125316-4088546140-4129291110-1000\..\SearchScopes\{4A65902A-94AB-4445-B7D1-71CB4661223D}: "URL" = http://www.search.as...rms}&psv=&pt=tb
IE - HKU\S-1-5-21-334125316-4088546140-4129291110-1000\..\SearchScopes\{9CB96984-43C3-4D44-90EF-01466EFCF7BB}: "URL" = https://search.yahoo...p={searchTerms}
IE - HKU\S-1-5-21-334125316-4088546140-4129291110-1000\..\SearchScopes\{B71ECEC2-6500-4F2E-B2A6-6FAF0A5B247D}: "URL" = http://www.google.co...utputEncoding?}
IE - HKU\S-1-5-21-334125316-4088546140-4129291110-1000\..\SearchScopes\{DECA3892-BA8F-44b8-A993-A466AD694AE4}: "URL" = http://search.yahoo....erms}&fr=mkg028
IE - HKU\S-1-5-21-334125316-4088546140-4129291110-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 
========== FireFox ==========
 
FF - prefs.js..browser.search.countryCode: "US"
FF - prefs.js..browser.search.isUS: true
FF - prefs.js..browser.search.region: "US"
FF - prefs.js..extensions.enabledAddons: %7B972ce4c6-7e08-4474-a285-3208198ce6fd%7D:39.0
FF - user.js - File not found
 
FF:64bit: - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\windows\system32\Macromed\Flash\NPSWF64_18_0_0_209.dll File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@divx.com/DivX VOD Helper,version=1.0.0: C:\Program Files\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)
FF:64bit: - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.6.2: C:\windows\system32\npDeployJava1.dll (Oracle Corporation)
FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files\Microsoft Silverlight\5.1.40416.0\npctrl.dll ( Microsoft Corporation)
FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0: C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\windows\SysWOW64\Macromed\Flash\NPSWF32_18_0_0_209.dll ()
FF - HKLM\Software\MozillaPlugins\@divx.com/DivX VOD Helper,version=1.0.0: C:\Program Files (x86)\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files (x86)\Microsoft Silverlight\5.1.40416.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0: C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/SharePoint,version=14.0: C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3502.0922: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3508.1109: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@pandonetworks.com/PandoWebPlugin: C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll File not found
FF - HKLM\Software\MozillaPlugins\@raidcall.en/RCplugin: C:\Users\Home\AppData\Roaming\raidcall\plugins\nprcplugin.dll (Raidcall)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files (x86)\Google\Update\1.3.28.1\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files (x86)\Google\Update\1.3.28.1\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
 
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\[email protected]: C:\Program Files\AVAST Software\Avast\WebRep\FF [2015/06/14 07:43:37 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 39.0\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 39.0\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins
 
[2015/02/19 20:08:38 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Home\AppData\Roaming\Mozilla\Extensions
[2015/04/03 17:48:05 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Home\AppData\Roaming\Mozilla\Firefox\Profiles\1jsrj84y.default\extensions
[2015/07/05 00:51:48 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\Mozilla Firefox\browser\extensions
[2015/07/05 00:52:04 | 000,000,000 | ---D | M] (Default) -- C:\Program Files (x86)\Mozilla Firefox\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
 
========== Chrome  ==========
 
CHR - Extension: No name found = C:\Users\Home\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake\0.9_0\
CHR - Extension: No name found = C:\Users\Home\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\6.4_0\
CHR - Extension: No name found = C:\Users\Home\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.7_0\
CHR - Extension: No name found = C:\Users\Home\AppData\Local\Google\Chrome\User Data\Default\Extensions\cjabfebkdmghefegjmochekfnmiikkko\1_0\
CHR - Extension: No name found = C:\Users\Home\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.30_0\
CHR - Extension: No name found = C:\Users\Home\AppData\Local\Google\Chrome\User Data\Default\Extensions\elehggeipnonifpmldkddlfckfmbmamo\2.0_0\
CHR - Extension: No name found = C:\Users\Home\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki\10.2.0.190_0\
CHR - Extension: No name found = C:\Users\Home\AppData\Local\Google\Chrome\User Data\Default\Extensions\lccekmodgklaepjeofjdjpbminllajkg\0.3.0.5_0\
CHR - Extension: No name found = C:\Users\Home\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.1.1.0_0\
CHR - Extension: No name found = C:\Users\Home\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\8.1_0\
 
O1 HOSTS File: ([2009/06/10 14:00:26 | 000,000,824 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts
O2:64bit: - BHO: (SteadyVideoBHO Class) - {6C680BAE-655C-4E3D-8FC4-E6A520C3D928} - C:\Program Files\AMD\SteadyVideo\SteadyVideo.dll (Advanced Micro Devices)
O2:64bit: - BHO: (avast! Online Security) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (Avast Software s.r.o.)
O2 - BHO: (no name) - {02478D38-C3F9-4efb-9B51-7695ECA05670} - No CLSID value found.
O2 - BHO: (SteadyVideoBHO Class) - {6C680BAE-655C-4E3D-8FC4-E6A520C3D928} - C:\Program Files (x86)\AMD\SteadyVideo\SteadyVideo.dll (Advanced Micro Devices)
O2 - BHO: (no name) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - No CLSID value found.
O2 - BHO: (CIESpeechBHO Class) - {8D10F6C4-0E01-4BD4-8601-11AC1FDF8126} - C:\Program Files (x86)\Bluetooth Suite\IEPlugIn.dll (Atheros Commnucations)
O2 - BHO: (avast! Online Security) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (Avast Software s.r.o.)
O2 - BHO: (Skype Browser Helper) - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O2 - BHO: (Java™ Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll File not found
O3:64bit: - HKLM\..\Toolbar: (no name) - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - No CLSID value found.
O3:64bit: - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
O3 - HKLM\..\Toolbar: (no name) - {cdf97ee2-ded0-4369-835e-99dd08225fa5} - No CLSID value found.
O3 - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
O3 - HKU\S-1-5-21-334125316-4088546140-4129291110-1000\..\Toolbar\WebBrowser: (no name) - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - No CLSID value found.
O3 - HKU\S-1-5-21-334125316-4088546140-4129291110-1000\..\Toolbar\WebBrowser: (no name) - {CDF97EE2-DED0-4369-835E-99DD08225FA5} - No CLSID value found.
O4:64bit: - HKLM..\Run: [AthBtTray] C:\Program Files (x86)\Bluetooth Suite\AthBtTray.exe (Atheros Commnucations)
O4:64bit: - HKLM..\Run: [AtherosBtStack] C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe (Atheros Commnucations)
O4:64bit: - HKLM..\Run: [RtHDVCpl] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe (Realtek Semiconductor)
O4 - HKLM..\Run: []  File not found
O4 - HKLM..\Run: [APSDaemon] "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe" File not found
O4 - HKLM..\Run: [AvastUI.exe] C:\Program Files\AVAST Software\Avast\AvastUI.exe (Avast Software s.r.o.)
O4 - HKLM..\Run: [CLMLServer] C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvc.exe (CyberLink)
O4 - HKLM..\Run: [DivXUpdate] C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe ()
O4 - HKLM..\Run: [Razer Synapse] "C:\Program Files (x86)\Razer\Synapse\RzSynapse.exe" File not found
O4 - HKLM..\Run: [RemoteControl10] C:\Program Files (x86)\CyberLink\Media+Player10\Media+Player10Serv.exe (CyberLink Corp.)
O4 - HKLM..\Run: [StartCCC] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\amd64\CLIStart.exe (Advanced Micro Devices, Inc.)
O4 - HKLM..\Run: [UVS10 Preload] C:\Program Files (x86)\Ulead Systems\Ulead VideoStudio SE DVD\uvPL.exe (Ulead Systems, Inc.)
O4 - HKU\S-1-5-19..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation)
O4 - HKU\S-1-5-20..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation)
O4 - HKU\S-1-5-21-334125316-4088546140-4129291110-1000..\Run: [HydraVisionDesktopManager] C:\Program Files (x86)\ATI Technologies\HydraVision\HydraDM.exe (AMD)
O4 - HKU\S-1-5-19..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found
O4 - HKU\S-1-5-20..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLUA = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: PromptOnSecureDesktop = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: SoftwareSASGeneration = 1
O7 - HKU\S-1-5-21-334125316-4088546140-4129291110-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O8:64bit: - Extra context menu item: Free YouTube Download - C:\Users\Home\AppData\Roaming\DVDVideoSoftIEHelpers\freeyoutubedownload.htm File not found
O8 - Extra context menu item: Free YouTube Download - C:\Users\Home\AppData\Roaming\DVDVideoSoftIEHelpers\freeyoutubedownload.htm File not found
O9 - Extra 'Tools' menuitem : Send by Bluetooth to - {7815BE26-237D-41A8-A98F-F7BD75F71086} - C:\Program Files (x86)\Bluetooth Suite\IEPlugIn.dll (Atheros Commnucations)
O9 - Extra Button: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O1364bit: - gopher Prefix: missing
O13 - gopher Prefix: missing
O15 - HKU\.DEFAULT\..Trusted Domains: clonewarsadventures.com ([]* in Trusted sites)
O15 - HKU\.DEFAULT\..Trusted Domains: freerealms.com ([]* in Trusted sites)
O15 - HKU\.DEFAULT\..Trusted Domains: soe.com ([]* in Trusted sites)
O15 - HKU\.DEFAULT\..Trusted Domains: sony.com ([]* in Trusted sites)
O15 - HKU\S-1-5-18\..Trusted Domains: clonewarsadventures.com ([]* in Trusted sites)
O15 - HKU\S-1-5-18\..Trusted Domains: freerealms.com ([]* in Trusted sites)
O15 - HKU\S-1-5-18\..Trusted Domains: soe.com ([]* in Trusted sites)
O15 - HKU\S-1-5-18\..Trusted Domains: sony.com ([]* in Trusted sites)
O15 - HKU\S-1-5-19\..Trusted Domains: clonewarsadventures.com ([]* in )
O15 - HKU\S-1-5-19\..Trusted Domains: freerealms.com ([]* in )
O15 - HKU\S-1-5-19\..Trusted Domains: soe.com ([]* in )
O15 - HKU\S-1-5-19\..Trusted Domains: sony.com ([]* in )
O15 - HKU\S-1-5-20\..Trusted Domains: clonewarsadventures.com ([]* in )
O15 - HKU\S-1-5-20\..Trusted Domains: freerealms.com ([]* in )
O15 - HKU\S-1-5-20\..Trusted Domains: soe.com ([]* in )
O15 - HKU\S-1-5-20\..Trusted Domains: sony.com ([]* in )
O15 - HKU\S-1-5-21-334125316-4088546140-4129291110-1000\..Trusted Domains: clonewarsadventures.com ([]* in Trusted sites)
O15 - HKU\S-1-5-21-334125316-4088546140-4129291110-1000\..Trusted Domains: freerealms.com ([]* in Trusted sites)
O15 - HKU\S-1-5-21-334125316-4088546140-4129291110-1000\..Trusted Domains: soe.com ([]* in Trusted sites)
O15 - HKU\S-1-5-21-334125316-4088546140-4129291110-1000\..Trusted Domains: sony.com ([]* in Trusted sites)
O16 - DPF: {67DABFBF-D0AB-41FA-9C46-CC0F21721616} http://download.divx...owserPlugin.cab(Reg Error: Key error.)
O16 - DPF: {784797A8-342D-4072-9486-03C8D0F2F0A1} http://www.battlefie...r_5.0.137.0.cab(Battlefield Heroes Updater)
O16 - DPF: {BEA7310D-06C4-4339-A784-DC3804819809} http://mywayphotos.r...veX_Control.cab(Photo Upload Plugin Class)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{2285E1E2-9E54-4A84-89D4-31545250291B}: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{426C2543-89C8-4372-B79E-3158476DC50E}: DhcpNameServer = 192.168.1.1
O18:64bit: - Protocol\Handler\amisie - No CLSID value found
O18:64bit: - Protocol\Handler\livecall - No CLSID value found
O18:64bit: - Protocol\Handler\ms-help - No CLSID value found
O18:64bit: - Protocol\Handler\msnim - No CLSID value found
O18:64bit: - Protocol\Handler\skype4com - No CLSID value found
O18:64bit: - Protocol\Handler\wlmailhtml - No CLSID value found
O18:64bit: - Protocol\Handler\wlpg - No CLSID value found
O18 - Protocol\Handler\amisie {183A003A-3D01-4E94-A2C5-AD0108C68370} - C:\Program Files (x86)\AMIS\IeDtbPlugin.dll (TODO: <Company name>)
O18 - Protocol\Handler\skype4com - No CLSID value found
O18:64bit: - Protocol\Filter\video/mp4 {20C75730-7C25-476B-95DC-C65810F9E489} - C:\Program Files\AMD\SteadyVideo\VideoMIMEFilter.dll (Advanced Micro Devices)
O18:64bit: - Protocol\Filter\video/x-flv {20C75730-7C25-476B-95DC-C65810F9E489} - C:\Program Files\AMD\SteadyVideo\VideoMIMEFilter.dll (Advanced Micro Devices)
O18 - Protocol\Filter\video/mp4 {20C75730-7C25-476B-95DC-C65810F9E489} - C:\Program Files (x86)\AMD\SteadyVideo\VideoMIMEFilter.dll (Advanced Micro Devices)
O18 - Protocol\Filter\video/x-flv {20C75730-7C25-476B-95DC-C65810F9E489} - C:\Program Files (x86)\AMD\SteadyVideo\VideoMIMEFilter.dll (Advanced Micro Devices)
O20 - AppInit_DLLs: (c:\progra~3\bprote~1\22463~1.83\protec~1.dll) -  File not found
O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (userinit.exe) - C:\windows\SysWow64\userinit.exe (Microsoft Corporation)
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O32 - HKLM CDRom: AutoRun - 1
O33 - MountPoints2\{b56f25e4-b1de-11e2-a04a-e81132e57328}\Shell - "" = AutoRun
O33 - MountPoints2\{b56f25e4-b1de-11e2-a04a-e81132e57328}\Shell\AutoRun\command - "" = F:\iStudio.exe
O34 - HKLM BootExecute: (autocheck autochk *)
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)
 
 
CREATERESTOREPOINT
Restore point Set: OTL Restore Point
 
========== Files/Folders - Created Within 30 Days ==========
 
[2015/07/17 05:38:14 | 000,000,000 | R--D | C] -- C:\Users\Home\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\BT Devices
[2015/07/16 20:03:32 | 000,000,000 | ---D | C] -- C:\Users\Home\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\SpeedFan
[2015/07/16 20:03:31 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\SpeedFan
[2015/07/14 19:45:51 | 001,145,856 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\aeinv.dll
[2015/07/14 19:45:51 | 001,085,440 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\appraiser.dll
[2015/07/14 19:45:51 | 000,765,440 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\invagent.dll
[2015/07/14 19:45:51 | 000,726,528 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\generaltel.dll
[2015/07/14 19:45:51 | 000,433,664 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\devinv.dll
[2015/07/14 19:45:51 | 000,067,584 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\acmigration.dll
[2015/07/14 19:45:51 | 000,017,856 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\CompatTelRunner.exe
[2015/07/14 19:45:50 | 000,227,328 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\aepdu.dll
[2015/07/14 19:45:46 | 000,254,976 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\cewmdm.dll
[2015/07/14 19:45:46 | 000,210,432 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\cewmdm.dll
[2015/07/14 19:45:40 | 003,154,944 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\wucltux.dll
[2015/07/14 19:45:40 | 000,696,320 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\wuapi.dll
[2015/07/14 19:45:40 | 000,566,784 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\wuapi.dll
[2015/07/14 19:45:40 | 000,173,056 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\wuwebv.dll
[2015/07/14 19:45:40 | 000,139,776 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\wuauclt.exe
[2015/07/14 19:45:40 | 000,093,184 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\wudriver.dll
[2015/07/14 19:45:40 | 000,091,136 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\WinSetupUI.dll
[2015/07/14 19:45:40 | 000,037,376 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\wuapp.exe
[2015/07/14 19:45:40 | 000,034,816 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\wuapp.exe
[2015/07/14 19:45:40 | 000,030,208 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\wups.dll
[2015/07/14 19:45:35 | 000,192,000 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\wuwebv.dll
[2015/07/14 19:45:35 | 000,098,304 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\wudriver.dll
[2015/07/14 19:45:35 | 000,037,888 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\wups2.dll
[2015/07/14 19:45:35 | 000,036,864 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\wups.dll
[2015/07/14 19:45:35 | 000,012,288 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\wu.upgrade.ps.dll
[2015/07/14 19:45:27 | 000,404,992 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\gdi32.dll
[2015/07/14 19:45:26 | 005,923,840 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\jscript9.dll
[2015/07/14 19:45:26 | 000,814,080 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\jscript9diag.dll
[2015/07/14 19:45:24 | 000,620,032 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\jscript9diag.dll
[2015/07/14 19:45:21 | 000,479,232 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\ieui.dll
[2015/07/14 19:45:18 | 000,615,936 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\ieui.dll
[2015/07/14 19:44:40 | 000,114,688 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\ieetwcollector.exe
[2015/07/14 19:44:40 | 000,076,288 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\mshtmled.dll
[2015/07/14 19:44:40 | 000,048,640 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\ieetwproxystub.dll
[2015/07/14 19:44:40 | 000,047,616 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\ieetwproxystub.dll
[2015/07/14 19:44:40 | 000,030,720 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\iernonce.dll
[2015/07/14 19:44:39 | 000,064,000 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\MshtmlDac.dll
[2015/07/14 19:44:38 | 000,720,384 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\ie4uinit.exe
[2015/07/14 19:44:38 | 000,034,304 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\iernonce.dll
[2015/07/14 19:44:37 | 000,077,824 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\JavaScriptCollectionAgent.dll
[2015/07/14 19:44:37 | 000,060,416 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\JavaScriptCollectionAgent.dll
[2015/07/14 19:44:34 | 002,052,608 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\inetcpl.cpl
[2015/07/14 19:44:34 | 000,710,144 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\ieapfltr.dll
[2015/07/14 19:44:34 | 000,062,464 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\iesetup.dll
[2015/07/14 19:44:33 | 000,968,704 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\MsSpellCheckingFacility.exe
[2015/07/14 19:44:33 | 000,664,064 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\jscript.dll
[2015/07/14 19:44:33 | 000,115,712 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\ieUnatt.exe
[2015/07/14 19:44:33 | 000,004,096 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\ieetwcollectorres.dll
[2015/07/14 19:44:32 | 000,801,280 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\msfeeds.dll
[2015/07/14 19:44:32 | 000,316,928 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\dxtrans.dll
[2015/07/14 19:44:31 | 000,800,768 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\ieapfltr.dll
[2015/07/14 19:44:31 | 000,066,560 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\iesetup.dll
[2015/07/14 19:44:30 | 002,125,824 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\inetcpl.cpl
[2015/07/14 19:44:29 | 001,155,072 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\mshtmlmedia.dll
[2015/07/14 19:44:29 | 000,584,192 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\vbscript.dll
[2015/07/14 19:44:28 | 000,341,504 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\html.iec
[2015/07/14 19:44:28 | 000,168,960 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\msrating.dll
[2015/07/14 19:44:28 | 000,144,384 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\ieUnatt.exe
[2015/07/14 19:44:27 | 000,490,496 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\dxtmsft.dll
[2015/07/14 19:44:26 | 001,359,360 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\mshtmlmedia.dll
[2015/07/14 19:44:26 | 000,092,160 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\mshtmled.dll
[2015/07/14 19:44:25 | 000,816,640 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\jscript.dll
[2015/07/14 19:44:24 | 000,417,792 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\html.iec
[2015/07/14 19:44:23 | 000,199,680 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\msrating.dll
[2015/07/14 19:44:23 | 000,088,064 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\MshtmlDac.dll
[2015/07/14 19:44:17 | 002,087,424 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\ole32.dll
[2015/07/14 19:44:13 | 001,480,192 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\crypt32.dll
[2015/07/14 19:44:13 | 000,229,376 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\wintrust.dll
[2015/07/14 19:44:13 | 000,140,288 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\cryptnet.dll
[2015/07/14 19:43:58 | 001,461,760 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\lsasrv.dll
[2015/07/14 19:43:58 | 001,216,512 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\rpcrt4.dll
[2015/07/14 19:43:57 | 000,309,760 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\ncrypt.dll
[2015/07/14 19:43:57 | 000,136,192 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\sspicli.dll
[2015/07/14 19:43:57 | 000,064,000 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\auditpol.exe
[2015/07/14 19:43:57 | 000,050,176 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\auditpol.exe
[2015/07/14 19:43:57 | 000,044,032 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\cryptbase.dll
[2015/07/14 19:43:57 | 000,029,184 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\sspisrv.dll
[2015/07/14 19:43:57 | 000,028,160 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\secur32.dll
[2015/07/14 19:43:56 | 000,686,080 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\adtschema.dll
[2015/07/14 19:43:56 | 000,686,080 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\adtschema.dll
[2015/07/14 19:43:56 | 000,146,432 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\msaudite.dll
[2015/07/14 19:43:56 | 000,146,432 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\msaudite.dll
[2015/07/14 19:43:56 | 000,060,416 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\msobjs.dll
[2015/07/14 19:43:56 | 000,060,416 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\msobjs.dll
[2015/07/14 19:43:33 | 003,242,496 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\msi.dll
[2015/07/14 19:43:32 | 001,941,504 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\authui.dll
[2015/07/14 19:43:32 | 001,805,824 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\authui.dll
[2015/07/14 19:43:31 | 000,504,320 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\msihnd.dll
[2015/07/14 19:43:31 | 000,337,408 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\msihnd.dll
[2015/07/14 19:43:31 | 000,112,064 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\consent.exe
[2015/07/14 19:43:31 | 000,025,088 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\msimsg.dll
[2015/07/14 19:43:31 | 000,025,088 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\msimsg.dll
[2015/07/14 19:43:08 | 000,372,224 | ---- | C] (Adobe Systems Incorporated) -- C:\windows\SysNative\atmfd.dll
[2015/07/14 19:43:08 | 000,299,008 | ---- | C] (Adobe Systems Incorporated) -- C:\windows\SysWow64\atmfd.dll
[2015/07/14 19:43:08 | 000,100,864 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\fontsub.dll
[2015/07/14 19:43:08 | 000,070,656 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\fontsub.dll
[2015/07/14 19:43:08 | 000,046,080 | ---- | C] (Adobe Systems) -- C:\windows\SysNative\atmlib.dll
[2015/07/14 19:43:08 | 000,041,984 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\lpk.dll
[2015/07/14 19:43:08 | 000,034,304 | ---- | C] (Adobe Systems) -- C:\windows\SysWow64\atmlib.dll
[2015/07/14 19:43:08 | 000,014,336 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\dciman32.dll
[2015/07/05 00:51:47 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Mozilla Firefox
[2015/06/24 01:29:00 | 001,217,192 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\FM20.DLL
[46 C:\windows\SysWow64\*.tmp files -> C:\windows\SysWow64\*.tmp -> ]
[2 C:\Users\Home\Documents\*.tmp files -> C:\Users\Home\Documents\*.tmp -> ]
[1 C:\windows\*.tmp files -> C:\windows\*.tmp -> ]
 
========== Files - Modified Within 30 Days ==========
 
[2015/07/19 07:02:00 | 000,000,898 | ---- | M] () -- C:\windows\tasks\GoogleUpdateTaskMachineUA.job
[2015/07/19 06:43:04 | 000,028,848 | -H-- | M] () -- C:\windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2015/07/19 06:43:04 | 000,028,848 | -H-- | M] () -- C:\windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2015/07/19 06:28:07 | 000,000,830 | ---- | M] () -- C:\windows\tasks\Adobe Flash Player Updater.job
[2015/07/19 06:28:06 | 000,067,584 | --S- | M] () -- C:\windows\bootstat.dat
[2015/07/18 20:02:00 | 000,000,894 | ---- | M] () -- C:\windows\tasks\GoogleUpdateTaskMachineCore.job
[2015/07/17 05:37:38 | 3736,920,064 | -HS- | M] () -- C:\hiberfil.sys
[2015/07/16 20:03:32 | 000,000,967 | ---- | M] () -- C:\Users\Home\Desktop\SpeedFan.lnk
[2015/07/16 20:03:31 | 000,000,045 | ---- | M] () -- C:\windows\SysWow64\initdebug.nfo
[2015/07/15 06:04:22 | 000,440,728 | ---- | M] () -- C:\windows\SysNative\FNTCACHE.DAT
[2015/07/14 19:25:37 | 000,778,416 | ---- | M] (Adobe Systems Incorporated) -- C:\windows\SysWow64\FlashPlayerApp.exe
[2015/07/14 19:25:37 | 000,142,512 | ---- | M] (Adobe Systems Incorporated) -- C:\windows\SysWow64\FlashPlayerCPLApp.cpl
[2015/07/14 19:04:25 | 000,002,143 | ---- | M] () -- C:\Users\Public\Desktop\Google Chrome.lnk
[2015/07/09 10:59:59 | 000,017,856 | ---- | M] (Microsoft Corporation) -- C:\windows\SysNative\CompatTelRunner.exe
[2015/07/09 10:58:56 | 000,192,000 | ---- | M] (Microsoft Corporation) -- C:\windows\SysNative\wuwebv.dll
[2015/07/09 10:58:56 | 000,037,888 | ---- | M] (Microsoft Corporation) -- C:\windows\SysNative\wups2.dll
[2015/07/09 10:58:56 | 000,036,864 | ---- | M] (Microsoft Corporation) -- C:\windows\SysNative\wups.dll
[2015/07/09 10:58:55 | 003,154,944 | ---- | M] (Microsoft Corporation) -- C:\windows\SysNative\wucltux.dll
[2015/07/09 10:58:55 | 000,696,320 | ---- | M] (Microsoft Corporation) -- C:\windows\SysNative\wuapi.dll
[2015/07/09 10:58:55 | 000,098,304 | ---- | M] (Microsoft Corporation) -- C:\windows\SysNative\wudriver.dll
[2015/07/09 10:58:41 | 000,726,528 | ---- | M] (Microsoft Corporation) -- C:\windows\SysNative\generaltel.dll
[2015/07/09 10:58:34 | 000,091,136 | ---- | M] (Microsoft Corporation) -- C:\windows\SysNative\WinSetupUI.dll
[2015/07/09 10:58:31 | 000,765,440 | ---- | M] (Microsoft Corporation) -- C:\windows\SysNative\invagent.dll
[2015/07/09 10:58:26 | 000,433,664 | ---- | M] (Microsoft Corporation) -- C:\windows\SysNative\devinv.dll
[2015/07/09 10:58:25 | 000,012,288 | ---- | M] (Microsoft Corporation) -- C:\windows\SysNative\wu.upgrade.ps.dll
[2015/07/09 10:58:24 | 001,085,440 | ---- | M] (Microsoft Corporation) -- C:\windows\SysNative\appraiser.dll
[2015/07/09 10:58:23 | 000,227,328 | ---- | M] (Microsoft Corporation) -- C:\windows\SysNative\aepdu.dll
[2015/07/09 10:58:23 | 000,067,584 | ---- | M] (Microsoft Corporation) -- C:\windows\SysNative\acmigration.dll
[2015/07/09 10:58:20 | 000,139,776 | ---- | M] (Microsoft Corporation) -- C:\windows\SysNative\wuauclt.exe
[2015/07/09 10:58:20 | 000,037,376 | ---- | M] (Microsoft Corporation) -- C:\windows\SysNative\wuapp.exe
[2015/07/09 10:50:11 | 001,145,856 | ---- | M] (Microsoft Corporation) -- C:\windows\SysNative\aeinv.dll
[2015/07/09 10:43:25 | 000,173,056 | ---- | M] (Microsoft Corporation) -- C:\windows\SysWow64\wuwebv.dll
[2015/07/09 10:43:25 | 000,093,184 | ---- | M] (Microsoft Corporation) -- C:\windows\SysWow64\wudriver.dll
[2015/07/09 10:43:25 | 000,030,208 | ---- | M] (Microsoft Corporation) -- C:\windows\SysWow64\wups.dll
[2015/07/09 10:43:24 | 000,566,784 | ---- | M] (Microsoft Corporation) -- C:\windows\SysWow64\wuapi.dll
[2015/07/09 10:42:47 | 000,034,816 | ---- | M] (Microsoft Corporation) -- C:\windows\SysWow64\wuapp.exe
[2015/07/04 11:07:11 | 002,087,424 | ---- | M] (Microsoft Corporation) -- C:\windows\SysNative\ole32.dll
[2015/07/03 11:05:54 | 000,041,984 | ---- | M] (Microsoft Corporation) -- C:\windows\SysNative\lpk.dll
[2015/07/03 11:05:43 | 000,100,864 | ---- | M] (Microsoft Corporation) -- C:\windows\SysNative\fontsub.dll
[2015/07/03 11:05:34 | 000,014,336 | ---- | M] (Microsoft Corporation) -- C:\windows\SysNative\dciman32.dll
[2015/07/03 11:05:26 | 000,046,080 | ---- | M] (Adobe Systems) -- C:\windows\SysNative\atmlib.dll
[2015/07/03 10:56:59 | 000,070,656 | ---- | M] (Microsoft Corporation) -- C:\windows\SysWow64\fontsub.dll
[2015/07/03 10:56:52 | 000,034,304 | ---- | M] (Adobe Systems) -- C:\windows\SysWow64\atmlib.dll
[2015/07/03 09:52:31 | 000,372,224 | ---- | M] (Adobe Systems Incorporated) -- C:\windows\SysNative\atmfd.dll
[2015/07/03 09:42:38 | 000,299,008 | ---- | M] (Adobe Systems Incorporated) -- C:\windows\SysWow64\atmfd.dll
[2015/07/02 13:46:34 | 000,479,232 | ---- | M] (Microsoft Corporation) -- C:\windows\SysWow64\ieui.dll
[2015/07/02 13:12:26 | 000,615,936 | ---- | M] (Microsoft Corporation) -- C:\windows\SysNative\ieui.dll
[2015/07/01 13:49:45 | 000,136,192 | ---- | M] (Microsoft Corporation) -- C:\windows\SysNative\sspicli.dll
[2015/07/01 13:49:45 | 000,029,184 | ---- | M] (Microsoft Corporation) -- C:\windows\SysNative\sspisrv.dll
[2015/07/01 13:49:42 | 000,028,160 | ---- | M] (Microsoft Corporation) -- C:\windows\SysNative\secur32.dll
[2015/07/01 13:49:41 | 001,216,512 | ---- | M] (Microsoft Corporation) -- C:\windows\SysNative\rpcrt4.dll
[2015/07/01 13:49:23 | 000,309,760 | ---- | M] (Microsoft Corporation) -- C:\windows\SysNative\ncrypt.dll
[2015/07/01 13:49:11 | 001,461,760 | ---- | M] (Microsoft Corporation) -- C:\windows\SysNative\lsasrv.dll
[2015/07/01 13:48:34 | 000,044,032 | ---- | M] (Microsoft Corporation) -- C:\windows\SysNative\cryptbase.dll
[2015/07/01 13:47:18 | 000,064,000 | ---- | M] (Microsoft Corporation) -- C:\windows\SysNative\auditpol.exe
[2015/07/01 13:43:51 | 000,060,416 | ---- | M] (Microsoft Corporation) -- C:\windows\SysNative\msobjs.dll
[2015/07/01 13:43:37 | 000,146,432 | ---- | M] (Microsoft Corporation) -- C:\windows\SysNative\msaudite.dll
[2015/07/01 13:39:24 | 000,686,080 | ---- | M] (Microsoft Corporation) -- C:\windows\SysNative\adtschema.dll
[2015/07/01 13:29:46 | 000,050,176 | ---- | M] (Microsoft Corporation) -- C:\windows\SysWow64\auditpol.exe
[2015/07/01 13:27:04 | 000,060,416 | ---- | M] (Microsoft Corporation) -- C:\windows\SysWow64\msobjs.dll
[2015/07/01 13:26:52 | 000,146,432 | ---- | M] (Microsoft Corporation) -- C:\windows\SysWow64\msaudite.dll
[2015/07/01 13:24:59 | 000,686,080 | ---- | M] (Microsoft Corporation) -- C:\windows\SysWow64\adtschema.dll
[2015/06/29 10:23:21 | 000,801,932 | ---- | M] () -- C:\windows\SysNative\PerfStringBackup.INI
[2015/06/29 10:23:21 | 000,675,370 | ---- | M] () -- C:\windows\SysNative\perfh009.dat
[2015/06/29 10:23:21 | 000,128,042 | ---- | M] () -- C:\windows\SysNative\perfc009.dat
[2015/06/27 17:24:56 | 000,002,239 | ---- | M] () -- C:\Users\Home\Application Data\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk
[2015/06/26 19:47:11 | 000,814,080 | ---- | M] (Microsoft Corporation) -- C:\windows\SysNative\jscript9diag.dll
[2015/06/26 19:43:26 | 005,923,840 | ---- | M] (Microsoft Corporation) -- C:\windows\SysNative\jscript9.dll
[2015/06/26 18:58:17 | 000,620,032 | ---- | M] (Microsoft Corporation) -- C:\windows\SysWow64\jscript9diag.dll
[2015/06/26 07:43:55 | 000,442,264 | ---- | M] (Avast Software s.r.o.) -- C:\windows\SysNative\drivers\aswsp.sys
[2015/06/24 01:29:00 | 001,217,192 | ---- | M] (Microsoft Corporation) -- C:\windows\SysWow64\FM20.DLL
[2015/06/20 13:06:50 | 000,004,096 | ---- | M] (Microsoft Corporation) -- C:\windows\SysNative\ieetwcollectorres.dll
[2015/06/20 12:50:10 | 000,066,560 | ---- | M] (Microsoft Corporation) -- C:\windows\SysNative\iesetup.dll
[2015/06/20 12:49:17 | 000,048,640 | ---- | M] (Microsoft Corporation) -- C:\windows\SysNative\ieetwproxystub.dll
[2015/06/20 12:49:09 | 000,417,792 | ---- | M] (Microsoft Corporation) -- C:\windows\SysNative\html.iec
[2015/06/20 12:49:08 | 000,584,192 | ---- | M] (Microsoft Corporation) -- C:\windows\SysNative\vbscript.dll
[2015/06/20 12:48:29 | 000,088,064 | ---- | M] (Microsoft Corporation) -- C:\windows\SysNative\MshtmlDac.dll
[2015/06/20 12:39:43 | 000,034,304 | ---- | M] (Microsoft Corporation) -- C:\windows\SysNative\iernonce.dll
[2015/06/20 12:34:46 | 000,114,688 | ---- | M] (Microsoft Corporation) -- C:\windows\SysNative\ieetwcollector.exe
[2015/06/20 12:34:45 | 000,144,384 | ---- | M] (Microsoft Corporation) -- C:\windows\SysNative\ieUnatt.exe
[2015/06/20 12:34:42 | 000,816,640 | ---- | M] (Microsoft Corporation) -- C:\windows\SysNative\jscript.dll
[2015/06/20 12:25:28 | 000,968,704 | ---- | M] (Microsoft Corporation) -- C:\windows\SysNative\MsSpellCheckingFacility.exe
[2015/06/20 12:21:39 | 000,490,496 | ---- | M] (Microsoft Corporation) -- C:\windows\SysNative\dxtmsft.dll
[2015/06/20 12:13:07 | 000,077,824 | ---- | M] (Microsoft Corporation) -- C:\windows\SysNative\JavaScriptCollectionAgent.dll
[2015/06/20 12:08:16 | 000,199,680 | ---- | M] (Microsoft Corporation) -- C:\windows\SysNative\msrating.dll
[2015/06/20 12:07:37 | 000,092,160 | ---- | M] (Microsoft Corporation) -- C:\windows\SysNative\mshtmled.dll
[2015/06/20 12:05:03 | 000,316,928 | ---- | M] (Microsoft Corporation) -- C:\windows\SysNative\dxtrans.dll
[2015/06/20 11:48:40 | 000,720,384 | ---- | M] (Microsoft Corporation) -- C:\windows\SysNative\ie4uinit.exe
[2015/06/20 11:48:26 | 000,801,280 | ---- | M] (Microsoft Corporation) -- C:\windows\SysNative\msfeeds.dll
[2015/06/20 11:46:53 | 001,359,360 | ---- | M] (Microsoft Corporation) -- C:\windows\SysNative\mshtmlmedia.dll
[2015/06/20 11:46:48 | 002,125,824 | ---- | M] (Microsoft Corporation) -- C:\windows\SysNative\inetcpl.cpl
[2015/06/20 11:02:50 | 000,800,768 | ---- | M] (Microsoft Corporation) -- C:\windows\SysNative\ieapfltr.dll
[2015/06/19 11:25:35 | 000,062,464 | ---- | M] (Microsoft Corporation) -- C:\windows\SysWow64\iesetup.dll
[2015/06/19 11:24:43 | 000,047,616 | ---- | M] (Microsoft Corporation) -- C:\windows\SysWow64\ieetwproxystub.dll
[2015/06/19 11:24:27 | 000,341,504 | ---- | M] (Microsoft Corporation) -- C:\windows\SysWow64\html.iec
[2015/06/19 11:23:26 | 000,064,000 | ---- | M] (Microsoft Corporation) -- C:\windows\SysWow64\MshtmlDac.dll
[2015/06/19 11:16:51 | 000,030,720 | ---- | M] (Microsoft Corporation) -- C:\windows\SysWow64\iernonce.dll
[2015/06/19 11:13:15 | 000,664,064 | ---- | M] (Microsoft Corporation) -- C:\windows\SysWow64\jscript.dll
[2015/06/19 11:13:10 | 000,115,712 | ---- | M] (Microsoft Corporation) -- C:\windows\SysWow64\ieUnatt.exe
[2015/06/19 10:57:45 | 000,060,416 | ---- | M] (Microsoft Corporation) -- C:\windows\SysWow64\JavaScriptCollectionAgent.dll
[2015/06/19 10:53:49 | 000,168,960 | ---- | M] (Microsoft Corporation) -- C:\windows\SysWow64\msrating.dll
[2015/06/19 10:52:57 | 000,076,288 | ---- | M] (Microsoft Corporation) -- C:\windows\SysWow64\mshtmled.dll
[2015/06/19 10:40:04 | 002,052,608 | ---- | M] (Microsoft Corporation) -- C:\windows\SysWow64\inetcpl.cpl
[2015/06/19 10:39:13 | 001,155,072 | ---- | M] (Microsoft Corporation) -- C:\windows\SysWow64\mshtmlmedia.dll
[2015/06/19 10:11:02 | 000,710,144 | ---- | M] (Microsoft Corporation) -- C:\windows\SysWow64\ieapfltr.dll
[46 C:\windows\SysWow64\*.tmp files -> C:\windows\SysWow64\*.tmp -> ]
[2 C:\Users\Home\Documents\*.tmp files -> C:\Users\Home\Documents\*.tmp -> ]
[1 C:\windows\*.tmp files -> C:\windows\*.tmp -> ]
 
========== Files Created - No Company Name ==========
 
[2015/07/16 20:03:32 | 000,000,967 | ---- | C] () -- C:\Users\Home\Desktop\SpeedFan.lnk
[2015/07/16 20:03:30 | 000,000,045 | ---- | C] () -- C:\windows\SysWow64\initdebug.nfo
[2014/04/17 22:28:30 | 000,038,912 | ---- | C] () -- C:\windows\SysWow64\kdbsdk32.dll
[2014/04/17 19:22:56 | 000,995,342 | ---- | C] () -- C:\windows\SysWow64\amdocl_as32.exe
[2014/04/17 19:22:56 | 000,798,734 | ---- | C] () -- C:\windows\SysWow64\amdocl_ld32.exe
[2014/04/17 18:25:52 | 000,157,144 | ---- | C] () -- C:\windows\SysWow64\ativvsva.dat
[2014/04/17 18:25:50 | 000,204,952 | ---- | C] () -- C:\windows\SysWow64\ativvsvl.dat
[2013/08/21 09:14:28 | 004,640,720 | ---- | C] () -- C:\Users\Home\ts3_recording_13_08_21_9_14_21.wav
[2013/08/13 20:46:22 | 000,898,640 | ---- | C] () -- C:\Users\Home\ts3_recording_13_08_13_20_46_16.wav
[2013/05/31 16:29:14 | 000,000,048 | ---- | C] () -- C:\Users\Home\jagex_cl_runescape_LIVE_BETA.dat
[2013/02/26 19:22:41 | 000,000,045 | ---- | C] () -- C:\Users\Home\jagex_cl_loginapplet_LIVE.dat
[2013/02/24 01:13:44 | 000,000,044 | ---- | C] () -- C:\Users\Home\jagex_cl_runescape_LIVE1.dat
[2013/02/15 15:32:45 | 000,000,024 | ---- | C] () -- C:\Users\Home\jagexappletviewer.preferences
[2013/02/10 17:47:23 | 000,003,584 | ---- | C] () -- C:\Users\Home\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2013/01/28 19:22:38 | 000,000,092 | ---- | C] () -- C:\Users\Home\AppData\Local\fusioncache.dat
[2012/03/25 20:10:00 | 000,000,043 | ---- | C] () -- C:\Users\Home\jagex_cl_runescape_LIVE.dat
[2012/03/25 20:10:00 | 000,000,024 | ---- | C] () -- C:\Users\Home\random.dat
 
========== ZeroAccess Check ==========
 
[2009/07/13 21:55:00 | 000,000,227 | RHS- | M] () -- C:\windows\assembly\Desktop.ini
 
[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
 
[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
 
[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] /64
 
[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
"" = C:\Windows\SysNative\shell32.dll -- [2015/02/12 22:22:33 | 014,177,280 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
 
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2015/02/12 22:26:18 | 012,875,264 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\fastprox.dll -- [2009/07/13 18:40:51 | 000,909,312 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
 
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2010/11/20 20:24:25 | 000,606,208 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\wbemess.dll -- [2009/07/13 18:41:56 | 000,505,856 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both
 
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]
 
========== LOP Check ==========
 
[2015/06/14 06:20:56 | 000,000,000 | ---D | M] -- C:\Users\Default\AppData\Roaming\AVAST Software
[2015/06/14 06:20:56 | 000,000,000 | ---D | M] -- C:\Users\Default User\AppData\Roaming\AVAST Software
[2014/12/29 23:59:29 | 000,000,000 | ---D | M] -- C:\Users\Home\AppData\Roaming\.minecraft
[2012/11/17 12:16:06 | 000,000,000 | ---D | M] -- C:\Users\Home\AppData\Roaming\.techniclauncher
[2012/06/27 21:01:22 | 000,000,000 | -H-D | M] -- C:\Users\Home\AppData\Roaming\8DEC0C44
[2014/04/23 19:48:44 | 000,000,000 | ---D | M] -- C:\Users\Home\AppData\Roaming\AVAST Software
[2014/07/24 18:39:59 | 000,000,000 | ---D | M] -- C:\Users\Home\AppData\Roaming\Awesomium
[2012/07/21 20:22:12 | 000,000,000 | ---D | M] -- C:\Users\Home\AppData\Roaming\BANDISOFT
[2014/04/28 14:54:35 | 000,000,000 | ---D | M] -- C:\Users\Home\AppData\Roaming\Battle.net
[2013/02/19 09:11:02 | 000,000,000 | ---D | M] -- C:\Users\Home\AppData\Roaming\Catalina Marketing Corp
[2014/04/27 20:00:22 | 000,000,000 | ---D | M] -- C:\Users\Home\AppData\Roaming\Curse
[2014/04/27 20:02:33 | 000,000,000 | ---D | M] -- C:\Users\Home\AppData\Roaming\Curse Advertising
[2012/01/15 19:01:12 | 000,000,000 | ---D | M] -- C:\Users\Home\AppData\Roaming\DriverCure
[2013/05/05 09:42:33 | 000,000,000 | ---D | M] -- C:\Users\Home\AppData\Roaming\DVDVideoSoft
[2014/09/16 07:10:06 | 000,000,000 | ---D | M] -- C:\Users\Home\AppData\Roaming\EncryptStick
[2014/05/23 20:55:47 | 000,000,000 | ---D | M] -- C:\Users\Home\AppData\Roaming\ftblauncher
[2014/12/29 23:52:44 | 000,000,000 | ---D | M] -- C:\Users\Home\AppData\Roaming\java
[2014/04/28 15:03:45 | 000,000,000 | ---D | M] -- C:\Users\Home\AppData\Roaming\library_dir
[2012/06/28 22:56:57 | 000,000,000 | ---D | M] -- C:\Users\Home\AppData\Roaming\LolClient
[2012/08/27 06:58:51 | 000,000,000 | ---D | M] -- C:\Users\Home\AppData\Roaming\Netgear Live Parental Controls
[2012/08/24 09:19:21 | 000,000,000 | ---D | M] -- C:\Users\Home\AppData\Roaming\Notepad++
[2013/08/09 10:59:22 | 000,000,000 | ---D | M] -- C:\Users\Home\AppData\Roaming\OBS
[2013/11/13 04:31:48 | 000,000,000 | ---D | M] -- C:\Users\Home\AppData\Roaming\Origin
[2012/08/25 07:54:46 | 000,000,000 | ---D | M] -- C:\Users\Home\AppData\Roaming\PerformerSoft
[2013/08/12 23:21:56 | 000,000,000 | ---D | M] -- C:\Users\Home\AppData\Roaming\puush
[2013/11/11 14:45:47 | 000,000,000 | ---D | M] -- C:\Users\Home\AppData\Roaming\raidcall
[2014/05/17 09:12:26 | 000,000,000 | ---D | M] -- C:\Users\Home\AppData\Roaming\Raptr
[2014/02/01 10:57:49 | 000,000,000 | ---D | M] -- C:\Users\Home\AppData\Roaming\rcru
[2013/09/30 16:34:23 | 000,000,000 | ---D | M] -- C:\Users\Home\AppData\Roaming\Riot Games
[2012/07/19 14:03:12 | 000,000,000 | ---D | M] -- C:\Users\Home\AppData\Roaming\six-zsync
[2013/01/13 17:45:15 | 000,000,000 | ---D | M] -- C:\Users\Home\AppData\Roaming\skyz
[2012/02/27 14:04:12 | 000,000,000 | ---D | M] -- C:\Users\Home\AppData\Roaming\SoftGrid Client
[2012/01/15 19:01:12 | 000,000,000 | ---D | M] -- C:\Users\Home\AppData\Roaming\SpeedyPC Software
[2013/05/25 12:24:31 | 000,000,000 | ---D | M] -- C:\Users\Home\AppData\Roaming\TeamViewer
[2011/12/23 11:21:55 | 000,000,000 | ---D | M] -- C:\Users\Home\AppData\Roaming\TP
[2014/03/14 21:07:18 | 000,000,000 | ---D | M] -- C:\Users\Home\AppData\Roaming\TS3Client
[2013/02/01 21:58:52 | 000,000,000 | ---D | M] -- C:\Users\Home\AppData\Roaming\Tunngle
[2012/01/06 15:04:40 | 000,000,000 | ---D | M] -- C:\Users\Home\AppData\Roaming\Ulead Systems
[2012/11/03 16:28:58 | 000,000,000 | ---D | M] -- C:\Users\Home\AppData\Roaming\YourFileDownloader
 
========== Purity Check ==========
 
 
 
========== Custom Scans ==========
 
========== Base Services ==========
SRV:64bit: - [2015/03/03 21:41:26 | 000,072,192 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\aelupsvc.dll -- (AeLookupSvc)
SRV:64bit: - [2015/06/15 14:45:34 | 000,070,656 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\appinfo.dll -- (Appinfo)
SRV:64bit: - [2009/07/13 18:38:55 | 000,079,360 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\alg.exe -- (ALG)
SRV:64bit: - [2010/11/20 20:23:51 | 000,849,920 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\qmgr.dll -- (BITS)
SRV:64bit: - [2010/11/20 20:24:00 | 000,705,024 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\BFE.DLL -- (BFE)
SRV:64bit: - [2015/07/01 13:47:38 | 000,031,232 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\lsass.exe -- (KeyIso)
SRV:64bit: - [2009/07/13 18:40:50 | 000,402,944 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\es.dll -- (EventSystem)
SRV - [2009/07/13 18:15:19 | 000,271,360 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysWOW64\es.dll -- (EventSystem)
SRV:64bit: - [2012/07/04 15:13:27 | 000,136,704 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\browser.dll -- (Browser)
SRV:64bit: - [2015/04/27 12:23:13 | 000,188,416 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\cryptsvc.dll -- (CryptSvc)
SRV - [2015/04/27 12:04:37 | 000,143,872 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysWOW64\cryptsvc.dll -- (CryptSvc)
SRV:64bit: - [2010/11/20 20:24:01 | 000,512,000 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\rpcss.dll -- (DcomLaunch)
SRV:64bit: - [2010/11/20 20:24:00 | 000,317,952 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\dhcpcore.dll -- (Dhcp)
SRV - [2010/11/20 20:24:09 | 000,254,464 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysWOW64\dhcpcore.dll -- (Dhcp)
SRV:64bit: - [2011/03/02 23:24:16 | 000,183,296 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\dnsrslvr.dll -- (Dnscache)
SRV:64bit: - [2009/07/13 18:40:35 | 000,111,104 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\eapsvc.dll -- (EapHost)
SRV:64bit: - [2009/07/13 18:41:00 | 000,038,912 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\hidserv.dll -- (hidserv)
SRV - [2009/07/13 18:15:24 | 000,049,152 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysWOW64\hidserv.dll -- (hidserv)
SRV:64bit: - [2009/07/13 18:41:10 | 000,359,424 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\ipnathlp.dll -- (SharedAccess)
SRV:64bit: - [2010/11/20 20:23:48 | 000,501,248 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\IPSECSVC.DLL -- (PolicyAgent)
No service found with a name of MsMpSvc
No service found with a name of NisSrv
SRV:64bit: - [2009/07/13 18:41:54 | 000,524,288 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\swprv.dll -- (swprv)
SRV:64bit: - [2009/07/13 18:41:26 | 000,067,584 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\SysNative\mmcss.dll -- (MMCSS)
SRV:64bit: - [2009/07/13 18:41:52 | 000,360,448 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\netman.dll -- (Netman)
SRV:64bit: - [2009/07/13 18:41:52 | 000,459,776 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\netprofm.dll -- (netprofm)
SRV - [2009/07/13 18:16:03 | 000,360,448 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysWOW64\netprofm.dll -- (netprofm)
SRV:64bit: - [2014/12/05 21:17:27 | 000,303,616 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\nlasvc.dll -- (NlaSvc)
SRV:64bit: - [2009/07/13 18:41:53 | 000,025,600 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\nsisvc.dll -- (nsi)
SRV:64bit: - [2011/05/24 04:42:55 | 000,404,480 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\umpnpmgr.dll -- (PlugPlay)
SRV:64bit: - [2012/02/10 23:36:02 | 000,559,104 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\spoolsv.exe -- (Spooler)
SRV:64bit: - [2015/07/01 13:47:38 | 000,031,232 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\lsass.exe -- (ProtectedStorage)
No service found with a name of EMDMgmt
SRV:64bit: - [2009/07/13 18:41:53 | 000,099,328 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\rasauto.dll -- (RasAuto)
SRV:64bit: - [2010/11/20 20:24:17 | 000,344,064 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\rasmans.dll -- (RasMan)
SRV:64bit: - [2010/11/20 20:24:01 | 000,512,000 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\rpcss.dll -- (RpcSs)
SRV:64bit: - [2010/11/20 20:24:16 | 000,030,720 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\seclogon.dll -- (seclogon)
SRV:64bit: - [2015/07/01 13:47:38 | 000,031,232 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\lsass.exe -- (SamSs)
SRV:64bit: - [2009/07/13 18:41:58 | 000,097,280 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\wscsvc.dll -- (wscsvc)
SRV:64bit: - [2010/11/20 20:23:48 | 000,236,032 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\srvsvc.dll -- (LanmanServer)
SRV:64bit: - [2010/11/20 20:23:55 | 000,370,688 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\shsvcs.dll -- (ShellHWDetection)
SRV - [2010/11/20 20:24:03 | 000,328,192 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysWOW64\shsvcs.dll -- (ShellHWDetection)
No service found with a name of slsvc
SRV:64bit: - [2010/11/20 20:24:16 | 001,110,016 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\schedsvc.dll -- (Schedule)
SRV:64bit: - [2010/11/20 20:24:32 | 000,316,928 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\tapisrv.dll -- (TapiSrv)
SRV - [2010/11/20 20:24:00 | 000,242,176 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysWOW64\tapisrv.dll -- (TapiSrv)
SRV:64bit: - [2009/07/13 18:41:55 | 000,044,544 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\themeservice.dll -- (Themes)
SRV:64bit: - [2014/12/18 20:06:55 | 000,210,432 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\profsvc.dll -- (ProfSvc)
SRV:64bit: - [2010/11/20 20:23:55 | 001,600,512 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\VSSVC.exe -- (VSS)
SRV:64bit: - [2015/02/02 20:30:55 | 000,680,960 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\audiosrv.dll -- (AudioSrv)
SRV:64bit: - [2015/02/02 20:30:55 | 000,680,960 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\audiosrv.dll -- (AudioEndpointBuilder)
SRV:64bit: - [2010/11/20 20:25:06 | 000,170,496 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\sdrsvc.dll -- (SDRSVC)
SRV:64bit: - [2013/05/26 22:50:47 | 001,011,712 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV:64bit: - [2010/11/20 20:23:55 | 001,646,080 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\wevtsvc.dll -- (eventlog)
SRV:64bit: - [2010/11/20 20:24:28 | 000,828,416 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\MPSSVC.dll -- (MpsSvc)
SRV:64bit: - [2010/11/20 20:24:48 | 000,580,096 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\wiaservc.dll -- (stisvc)
SRV:64bit: - [2015/06/15 14:44:47 | 000,128,000 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\windows\SysNative\msiexec.exe -- (msiserver)
SRV - [2015/06/15 14:42:49 | 000,073,216 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\windows\SysWow64\msiexec.exe -- (msiserver)
SRV:64bit: - [2009/07/13 18:41:56 | 000,242,688 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\wbem\WMIsvc.dll -- (Winmgmt)
SRV:64bit: - [2015/07/09 10:58:55 | 002,603,008 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\wuaueng.dll -- (wuauserv)
SRV:64bit: - [2010/11/20 20:24:09 | 000,252,416 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\dot3svc.dll -- (dot3svc)
SRV:64bit: - [2009/07/13 18:41:56 | 000,886,784 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\wlansvc.dll -- (Wlansvc)
SRV:64bit: - [2010/11/20 20:24:32 | 000,118,784 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\wkssvc.dll -- (LanmanWorkstation)
 
< %SYSTEMDRIVE%\*.exe >
 
< c:\program files (x86)\Google\Desktop >
[2009/07/13 22:08:49 | 000,000,006 | -H-- | C] () -- C:\windows\Tasks\SA.DAT
[2009/07/13 22:08:49 | 000,032,628 | ---- | C] () -- C:\windows\Tasks\SCHEDLGU.TXT
[2012/05/30 18:17:58 | 000,000,830 | ---- | C] () -- C:\windows\Tasks\Adobe Flash Player Updater.job
[2013/05/04 10:33:09 | 000,000,894 | ---- | C] () -- C:\windows\Tasks\GoogleUpdateTaskMachineCore.job
[2013/05/04 10:33:10 | 000,000,898 | ---- | C] () -- C:\windows\Tasks\GoogleUpdateTaskMachineUA.job
 
< c:\program files\Google\Desktop >
 
< dir "%systemdrive%\*" /S /A:L /C >
 Volume in drive C has no label.
 Volume Serial Number is 6E24-6113
 Directory of C:\
07/13/2009  10:08 PM    <JUNCTION>     Documents and Settings [C:\Users]
               0 File(s)              0 bytes
 Directory of C:\ProgramData
07/13/2009  10:08 PM    <JUNCTION>     Application Data [C:\ProgramData]
07/13/2009  10:08 PM    <JUNCTION>     Desktop [C:\Users\Public\Desktop]
07/13/2009  10:08 PM    <JUNCTION>     Documents [C:\Users\Public\Documents]
07/13/2009  10:08 PM    <JUNCTION>     Favorites [C:\Users\Public\Favorites]
07/13/2009  10:08 PM    <JUNCTION>     Start Menu [C:\ProgramData\Microsoft\Windows\Start Menu]
07/13/2009  10:08 PM    <JUNCTION>     Templates [C:\ProgramData\Microsoft\Windows\Templates]
               0 File(s)              0 bytes
 Directory of C:\Users
07/13/2009  10:08 PM    <SYMLINKD>     All Users [C:\ProgramData]
07/13/2009  10:08 PM    <JUNCTION>     Default User [C:\Users\Default]
               0 File(s)              0 bytes
 Directory of C:\Users\All Users
07/13/2009  10:08 PM    <JUNCTION>     Application Data [C:\ProgramData]
07/13/2009  10:08 PM    <JUNCTION>     Desktop [C:\Users\Public\Desktop]
07/13/2009  10:08 PM    <JUNCTION>     Documents [C:\Users\Public\Documents]
07/13/2009  10:08 PM    <JUNCTION>     Favorites [C:\Users\Public\Favorites]
07/13/2009  10:08 PM    <JUNCTION>     Start Menu [C:\ProgramData\Microsoft\Windows\Start Menu]
07/13/2009  10:08 PM    <JUNCTION>     Templates [C:\ProgramData\Microsoft\Windows\Templates]
               0 File(s)              0 bytes
 Directory of C:\Users\Default
07/13/2009  10:08 PM    <JUNCTION>     Application Data [C:\Users\Default\AppData\Roaming]
07/13/2009  10:08 PM    <JUNCTION>     Cookies [C:\Users\Default\AppData\Roaming\Microsoft\Windows\Cookies]
07/13/2009  10:08 PM    <JUNCTION>     Local Settings [C:\Users\Default\AppData\Local]
07/13/2009  10:08 PM    <JUNCTION>     My Documents [C:\Users\Default\Documents]
07/13/2009  10:08 PM    <JUNCTION>     NetHood [C:\Users\Default\AppData\Roaming\Microsoft\Windows\Network Shortcuts]
07/13/2009  10:08 PM    <JUNCTION>     PrintHood [C:\Users\Default\AppData\Roaming\Microsoft\Windows\Printer Shortcuts]
07/13/2009  10:08 PM    <JUNCTION>     Recent [C:\Users\Default\AppData\Roaming\Microsoft\Windows\Recent]
07/13/2009  10:08 PM    <JUNCTION>     SendTo [C:\Users\Default\AppData\Roaming\Microsoft\Windows\SendTo]
07/13/2009  10:08 PM    <JUNCTION>     Start Menu [C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu]
07/13/2009  10:08 PM    <JUNCTION>     Templates [C:\Users\Default\AppData\Roaming\Microsoft\Windows\Templates]
               0 File(s)              0 bytes
 Directory of C:\Users\Default\AppData\Local
07/13/2009  10:08 PM    <JUNCTION>     Application Data [C:\Users\Default\AppData\Local]
07/13/2009  10:08 PM    <JUNCTION>     History [C:\Users\Default\AppData\Local\Microsoft\Windows\History]
07/13/2009  10:08 PM    <JUNCTION>     Temporary Internet Files [C:\Users\Default\AppData\Local\Microsoft\Windows\Temporary Internet Files]
               0 File(s)              0 bytes
 Directory of C:\Users\Default\Documents
07/13/2009  10:08 PM    <JUNCTION>     My Music [C:\Users\Default\Music]
07/13/2009  10:08 PM    <JUNCTION>     My Pictures [C:\Users\Default\Pictures]
07/13/2009  10:08 PM    <JUNCTION>     My Videos [C:\Users\Default\Videos]
               0 File(s)              0 bytes
 Directory of C:\Users\Home
12/19/2011  08:20 AM    <JUNCTION>     Application Data [C:\Users\Home\AppData\Roaming]
12/19/2011  08:20 AM    <JUNCTION>     Cookies [C:\Users\Home\AppData\Roaming\Microsoft\Windows\Cookies]
12/19/2011  08:20 AM    <JUNCTION>     Local Settings [C:\Users\Home\AppData\Local]
12/19/2011  08:20 AM    <JUNCTION>     My Documents [C:\Users\Home\Documents]
12/19/2011  08:20 AM    <JUNCTION>     NetHood [C:\Users\Home\AppData\Roaming\Microsoft\Windows\Network Shortcuts]
12/19/2011  08:20 AM    <JUNCTION>     PrintHood [C:\Users\Home\AppData\Roaming\Microsoft\Windows\Printer Shortcuts]
12/19/2011  08:20 AM    <JUNCTION>     Recent [C:\Users\Home\AppData\Roaming\Microsoft\Windows\Recent]
12/19/2011  08:20 AM    <JUNCTION>     SendTo [C:\Users\Home\AppData\Roaming\Microsoft\Windows\SendTo]
12/19/2011  08:20 AM    <JUNCTION>     Start Menu [C:\Users\Home\AppData\Roaming\Microsoft\Windows\Start Menu]
12/19/2011  08:20 AM    <JUNCTION>     Templates [C:\Users\Home\AppData\Roaming\Microsoft\Windows\Templates]
               0 File(s)              0 bytes
 Directory of C:\Users\Home\AppData\Local
12/19/2011  08:20 AM    <JUNCTION>     Application Data [C:\Users\Home\AppData\Local]
12/19/2011  08:20 AM    <JUNCTION>     History [C:\Users\Home\AppData\Local\Microsoft\Windows\History]
12/19/2011  08:20 AM    <JUNCTION>     Temporary Internet Files [C:\Users\Home\AppData\Local\Microsoft\Windows\Temporary Internet Files]
               0 File(s)              0 bytes
 Directory of C:\Users\Home\Documents
12/19/2011  08:20 AM    <JUNCTION>     My Music [C:\Users\Home\Music]
12/19/2011  08:20 AM    <JUNCTION>     My Pictures [C:\Users\Home\Pictures]
12/19/2011  08:20 AM    <JUNCTION>     My Videos [C:\Users\Home\Videos]
               0 File(s)              0 bytes
 Directory of C:\Users\Public\Documents
07/13/2009  10:08 PM    <JUNCTION>     My Music [C:\Users\Public\Music]
07/13/2009  10:08 PM    <JUNCTION>     My Pictures [C:\Users\Public\Pictures]
07/13/2009  10:08 PM    <JUNCTION>     My Videos [C:\Users\Public\Videos]
               0 File(s)              0 bytes
     Total Files Listed:
               0 File(s)              0 bytes
              50 Dir(s)  10,904,743,936 bytes free
 
< MD5 for: RPCSS.DLL  >
[2010/11/20 20:24:01 | 000,512,000 | ---- | M] (Microsoft Corporation) MD5=5C627D1B1138676C0A7AB2C2C190D123 -- C:\windows\SysNative\rpcss.dll
[2010/11/20 20:24:01 | 000,512,000 | ---- | M] (Microsoft Corporation) MD5=5C627D1B1138676C0A7AB2C2C190D123 -- C:\Windows\winsxs\amd64_microsoft-windows-com-base-qfe-rpcss_31bf3856ad364e35_6.1.7601.17514_none_c7f0e16b547f887d\rpcss.dll
 
========== Alternate Data Streams ==========
 
@Alternate Data Stream - 168 bytes -> C:\Users\Home\Documents\ParaPro Test (2).jpg:3or4kl4x13tuuug3Byamue2s4b
@Alternate Data Stream - 168 bytes -> C:\Users\Home\Documents\HS diploma (2).jpg:3or4kl4x13tuuug3Byamue2s4b
@Alternate Data Stream - 168 bytes -> C:\Users\Home\Documents\First aid card 2014 (2).jpg:3or4kl4x13tuuug3Byamue2s4b
@Alternate Data Stream - 168 bytes -> C:\Users\Home\Documents\Copy of Anniversary 2013.jpeg:3or4kl4x13tuuug3Byamue2s4b
@Alternate Data Stream - 168 bytes -> C:\Users\Home\Documents\Anniversary 2013.jpeg:3or4kl4x13tuuug3Byamue2s4b

< End of report >
 

OTL Extras logfile created on: 7/19/2015 6:48:07 AM - Run 1
OTL by OldTimer - Version 3.2.69.0     Folder = C:\Users\Home\Downloads
64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.11.9600.17914)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy
 
3.48 Gb Total Physical Memory | 2.30 Gb Available Physical Memory | 65.96% Memory free
6.96 Gb Paging File | 4.72 Gb Available in Paging File | 67.79% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 179.00 Gb Total Space | 9.63 Gb Free Space | 5.38% Space Free | Partition Type: NTFS
Drive D: | 266.78 Gb Total Space | 266.68 Gb Free Space | 99.96% Space Free | Partition Type: NTFS
 
Computer Name: HOME-PC | User Name: Home | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
 
========== Extra Registry (SafeList) ==========
 
 
========== File Associations ==========
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.html[@ = htmlfile] -- C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation)
.url[@ = InternetShortcut] -- C:\windows\SysNative\rundll32.exe (Microsoft Corporation)
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\windows\SysWow64\control.exe (Microsoft Corporation)
.html [@ = htmlfile] -- C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation)
 
[HKEY_USERS\S-1-5-21-334125316-4088546140-4129291110-1000\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation)
 
========== Shell Spawning ==========
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
htmlfile [opennew] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
http [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
https [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
InternetShortcut [open] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll",OpenURL %l (Microsoft Corporation)
InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" (VideoLAN)
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" (VideoLAN)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Applications\iexplore.exe [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
CLSID\{871C5380-42A0-1069-A2EA-08002B30309D} [OpenHomePage] -- "C:\Program Files\Internet Explorer\iexplore.exe" (Microsoft Corporation)
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
htmlfile [opennew] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
http [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
https [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" (VideoLAN)
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" (VideoLAN)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Applications\iexplore.exe [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
CLSID\{871C5380-42A0-1069-A2EA-08002B30309D} [OpenHomePage] -- Reg Error: Value error.
 
========== Security Center Settings ==========
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = 28 4D B2 76 41 04 CA 01  [binary data]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
 
========== Firewall Settings ==========
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0
 
========== Authorized Applications List ==========
 
 
========== Vista Active Open Ports Exception List ==========
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{05C39229-1746-4659-A585-38CC80BE341B}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{05F7F579-0DC3-4681-9C5D-BF29B6A4E895}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=c:\windows\system32\svchost.exe |
"{05FF99EA-88D4-4237-8CFA-49315355F839}" = lport=2177 | protocol=17 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{07B04B91-C359-42CD-9021-00EF2691171D}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{0B4807CE-2008-4383-95F1-F88BEF518842}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{13781AB8-428E-45E1-81E0-B602C736152B}" = lport=10243 | protocol=6 | dir=in | app=system |
"{1912A526-04A6-409B-8154-26081792F5C8}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{228FC258-6BA9-4322-8A0D-5F0BC30542EB}" = lport=137 | protocol=17 | dir=in | app=system |
"{2BB35F2B-BC84-4407-A26B-ABB03F14C49C}" = rport=80 | protocol=6 | dir=out | app=c:\users\home\appdata\local\warframe\downloaded\public\tools\launcher.exe |
"{2DFDEC35-46C1-411A-9B12-0984FA008F1D}" = rport=80 | protocol=6 | dir=out | app=c:\users\home\appdata\local\warframe\downloaded\public\warframe.x64.exe |
"{3B89B4B1-6018-460D-87EA-346822F97E99}" = rport=445 | protocol=6 | dir=out | app=system |
"{4B3B8379-0411-49A8-A1FB-2EA45114C827}" = lport=139 | protocol=6 | dir=in | app=system |
"{4B8654FE-9367-4C57-90FE-7575BF6877DE}" = rport=3702 | protocol=17 | dir=out | svc=fdrespub | app=%systemroot%\system32\svchost.exe |
"{4EBC129E-938C-4D45-B155-21C09DF115A1}" = lport=3702 | protocol=17 | dir=in | svc=fdphost | app=%systemroot%\system32\svchost.exe |
"{51DD3554-4FA6-4B86-8F46-F834B92A2BDF}" = rport=80 | protocol=6 | dir=out | app=c:\users\home\appdata\local\warframe\downloaded\public\warframe.exe |
"{5CC2F9F3-4720-4CFA-8ACA-92F786F2D4F6}" = lport=1900 | protocol=17 | dir=in | name=windows live communications platform (ssdp) |
"{827D5BAC-4ABC-4B0C-AC9C-84741E715F52}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{8650E0F0-5D59-4BFC-A4F2-7677E7BF142D}" = rport=138 | protocol=17 | dir=out | app=system |
"{9C762B49-15CF-49AB-97ED-098E2DBB1109}" = lport=2869 | protocol=6 | dir=in | name=windows live communications platform (upnp) |
"{A9A0A047-36F0-486E-9988-650C636DEC6E}" = rport=137 | protocol=17 | dir=out | app=system |
"{AB2817FF-F5C2-43BD-B2D1-818EE1707FC9}" = lport=3702 | protocol=17 | dir=in | svc=fdrespub | app=%systemroot%\system32\svchost.exe |
"{AB91AF19-8A9E-4D35-98C1-4F0DA5C35381}" = rport=80 | protocol=6 | dir=out | app=c:\users\home\appdata\local\warframe\downloaded\public\tools\remotecrashsender.exe |
"{B57F9E12-ED90-4FD2-88BD-971B4BF8A496}" = rport=2177 | protocol=6 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{BAFF0C79-0A4F-4E81-AD20-210D960A5C0A}" = lport=445 | protocol=6 | dir=in | app=system |
"{BEDF9DB7-9F6F-477E-BE01-8D2B08375C84}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | [email protected],-28539 |
"{C0D9703A-2646-453A-853D-4AA08A74EA57}" = lport=rpc | protocol=6 | dir=in | svc=spooler | app=%systemroot%\system32\spoolsv.exe |
"{CCB53B96-E352-4EEB-B0D3-5F9711D7B639}" = lport=6004 | protocol=17 | dir=in | app=c:\program files (x86)\microsoft office\office14\outlook.exe |
"{D7393B0B-E7FE-49BE-9788-B41710AEA9FA}" = rport=10243 | protocol=6 | dir=out | app=system |
"{D920AC9A-B3F3-4FFC-9FB2-1974878FBC8A}" = lport=2869 | protocol=6 | dir=in | app=system |
"{DACE1D04-E978-4867-A24C-D04B5A5AC1FA}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{DED6F7E6-A9DD-441F-A208-35E363EF2F61}" = rport=2177 | protocol=17 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{DF4D543C-4A8C-43AD-B158-29868AE344BD}" = rport=3702 | protocol=17 | dir=out | svc=fdphost | app=%systemroot%\system32\svchost.exe |
"{E49FD7E8-846C-4865-9D1E-329A880CD8D2}" = lport=138 | protocol=17 | dir=in | app=system |
"{E5BFFA6D-4D0A-42CD-842C-F77E09C640F6}" = lport=5353 | protocol=17 | dir=in | app=c:\program files (x86)\google\chrome\application\chrome.exe |
"{E6213B06-AE4B-4B08-9071-544CFEEBDE86}" = lport=2177 | protocol=6 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{E6A86364-188C-4D1B-ADFE-EFD6741889B7}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{EA7AF893-9FEB-4481-84E7-EA98C56E6396}" = rport=139 | protocol=6 | dir=out | app=system |
"{EBB1379C-ED9A-41D6-8375-F63301DA4DA5}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{F6162B04-0DF0-4ACB-9DBD-864AECC71704}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
 
========== Vista Active Application Exception List ==========
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{0010CD9A-3926-4416-92C8-ADD364E9FCC3}" = protocol=6 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{024222F9-0DED-435D-B75E-A168BC6C7BEA}" = protocol=6 | dir=in | app=c:\program files (x86)\z8games\crossfire\cf_g4box.exe |
"{0664B5DF-A211-4BE6-8E26-5919D8633B8D}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\transformers war for cybertron\binaries\twfc.exe |
"{06BE8F64-D66A-4C96-8592-9CC5D1DAC0FE}" = protocol=17 | dir=in | app=c:\program files (x86)\battle.net\battle.net.exe |
"{0BC5E159-8245-4ACC-AF8F-669ABB9E1CC2}" = protocol=17 | dir=in | app=c:\program files (x86)\starcraft ii\starcraft ii.exe |
"{0E606C3F-F8C0-4563-AFC7-808C7C99460B}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
"{0F2A6FFE-7049-4456-A9FD-A0206FD2B773}" = protocol=6 | dir=in | app=c:\program files (x86)\hearthstone\hearthstone.exe |
"{101355E7-70EA-4D9F-800E-E3927C306925}" = protocol=6 | dir=in | app=c:\programdata\battle.net\agent\agent.2880\agent.exe |
"{1171EF6E-072A-4B78-939C-3358FF38EACF}" = protocol=17 | dir=in | app=c:\program files (x86)\yahoo!\messenger\yahoomessenger.exe |
"{14FE3853-29F2-4E9A-8F82-274A4A10DA3D}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\deadpixels\dead pixels launcher.exe |
"{15DDF5E3-21EB-4AE3-9BBE-E9F0F59B5C2C}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steam.exe |
"{177CDF67-F1DB-4DD8-9E3F-B860F7EEE294}" = protocol=6 | dir=in | app=c:\programdata\battle.net\agent\agent.1737\agent.exe |
"{18C528A1-B5F7-4A47-8F2C-5DFED180D20E}" = dir=in | app=c:\program files (x86)\windows live\mesh\moe.exe |
"{19010AA4-C769-41F2-8E68-66A8FA814740}" = protocol=6 | dir=in | app=c:\programdata\battle.net\agent\agent.954\agent.exe |
"{19DA8319-5F75-42EC-BF33-E14CBA085428}" = protocol=17 | dir=in | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{1A324471-3BD8-48CA-914C-DF5625B3CBE8}" = protocol=6 | dir=in | app=c:\program files (x86)\yourfiledownloader\downloader.exe |
"{1BC52C06-A490-4FD0-8ECD-3D946CC7A0F8}" = protocol=6 | dir=in | app=c:\program files (x86)\yourfiledownloader\yourfile.exe |
"{1C5E1448-5154-417D-B325-415D6E32D33E}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\dota 2 beta\dota.exe |
"{20660EC0-C349-4904-A4D2-B54261D23060}" = protocol=6 | dir=in | app=c:\programdata\battle.net\agent\agent.1363\agent.exe |
"{20C42B27-7235-4C5E-BA32-29A72715D6EB}" = protocol=17 | dir=in | app=c:\programdata\battle.net\agent\agent.976\agent.exe |
"{21DECD02-71E8-40A2-BA6A-67D0BC265146}" = dir=in | app=c:\program files (x86)\cyberlink\media+player10\media+player10.exe |
"{23A01D02-8EA5-404A-A4B2-718E568961D3}" = protocol=6 | dir=in | app=c:\programdata\battle.net\agent\agent.2045\agent.exe |
"{262E3679-68E1-4B21-8A98-1583C57EE8A6}" = protocol=6 | dir=in | app=c:\program files (x86)\teamviewer\version7\teamviewer.exe |
"{2723FB92-F207-4A9D-8AFF-CE788710D0B6}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\bin\steamwebhelper.exe |
"{276A3E6E-C447-47A3-9293-139B56D49903}" = protocol=17 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{2D1582E3-21C7-438D-85D8-8C74F8D65F87}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\microsoft flight\flight.exe |
"{2EE12CF9-6249-4DC4-B468-E21C17213FE2}" = protocol=1 | dir=out | [email protected],-28544 |
"{2F24505A-DAD6-4F61-8621-2C459CCB0FE7}" = protocol=6 | dir=in | app=c:\program files (x86)\mozilla firefox\firefox.exe |
"{30292736-C91F-4D13-A79B-313EF5FF2585}" = protocol=17 | dir=in | app=c:\programdata\battle.net\agent\agent.998\agent.exe |
"{31981ABB-6492-4104-AE6A-70C6428F6F65}" = protocol=6 | dir=in | app=c:\programdata\battle.net\agent\agent.2380\agent.exe |
"{31DE17D0-714D-45B7-8A3A-346CA212F713}" = protocol=17 | dir=in | app=c:\programdata\battle.net\agent\agent.954\agent.exe |
"{32B23D4A-75E7-4172-B7DC-0FCFFE1C850D}" = protocol=17 | dir=in | app=c:\windows\syswow64\pnkbstrb.exe |
"{36081120-B878-4E8E-8150-B9F9DFEB0317}" = protocol=17 | dir=in | app=c:\programdata\battle.net\agent\agent.1737\agent.exe |
"{367BE098-6B38-4A0E-8116-70098A85FA78}" = protocol=1 | dir=in | [email protected],-28543 |
"{36A7B904-A6F2-4CB3-9DDF-4D1AEB504E39}" = protocol=6 | dir=in | app=c:\program files (x86)\yahoo!\messenger\yahoomessenger.exe |
"{393367B8-529C-4209-A470-80BDDB6284C5}" = protocol=17 | dir=in | app=c:\programdata\battle.net\agent\agent.1544\agent.exe |
"{39F310E4-A845-4F4A-90AA-EB72E082E303}" = protocol=6 | dir=in | app=c:\programdata\battle.net\agent\agent.976\agent.exe |
"{3AFEBF99-4CCE-4808-A6FD-D38ACBFDE3F9}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{3D755B21-85B1-4120-9321-0BD102B9FD80}" = protocol=6 | dir=in | app=c:\programdata\battle.net\agent\agent.998\agent.exe |
"{3F2D7C5B-8181-4D80-BB68-A936D63AC49B}" = protocol=17 | dir=in | app=c:\program files (x86)\teamviewer\version7\teamviewer.exe |
"{4508F759-E13E-481A-8032-A6B15A5DC53E}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe |
"{458B8816-AA24-4961-BC4B-BE05ECEA1557}" = protocol=58 | dir=in | [email protected],-28545 |
"{468EB81E-BFA2-4B78-9BD0-B2E5F18C4FB6}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe |
"{472C8B67-4F95-48CE-AD29-43896464431F}" = protocol=17 | dir=in | app=c:\program files (x86)\hearthstone\hearthstone.exe |
"{47545785-AEB5-4EE4-8A09-95A46EB142BC}" = protocol=17 | dir=in | app=c:\programdata\battle.net\agent\agent.1225\agent.exe |
"{48A85AE0-1EAE-405D-9B30-574A92EC0FA5}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\deadpixels\dead pixels launcher.exe |
"{4A35C224-2E7F-48FC-99B7-9582BB757964}" = protocol=17 | dir=in | app=c:\programdata\battle.net\agent\agent.3147\agent.exe |
"{4C176787-7A91-46A6-B330-B18C0590E174}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\counter-strike global offensive\csgo.exe |
"{4DEFF884-4039-4C50-A3BA-D091D67B9E6A}" = protocol=6 | dir=in | app=c:\users\home\appdata\local\temp\7zs0d27\hpdiagnosticcoreui.exe |
"{4FBDAE69-1C8D-42E7-ADED-EED59350AB18}" = protocol=17 | dir=out | app=c:\users\home\appdata\local\warframe\downloaded\public\warframe.x64.exe |
"{51261F48-3A30-4983-9CBD-2A6D76BAEE11}" = dir=in | app=c:\program files (x86)\windows live\messenger\msnmsgr.exe |
"{540F564C-333C-4E1C-A579-C8226AF16483}" = protocol=6 | dir=in | app=c:\programdata\battle.net\agent\agent.1225\agent.exe |
"{56B2C0EC-1689-4295-8BB5-046CDBF17F88}" = dir=in | app=c:\program files (x86)\windows live\contacts\wlcomm.exe |
"{570496AA-6B88-426B-8374-28843004CA0F}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\counter-strike global offensive\csgo.exe |
"{5AF39F49-22CC-4268-BAE3-0BA940AA1D18}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
"{5B19509A-5CD7-4D82-80BA-0E91A2D38B75}" = protocol=17 | dir=in | app=c:\programdata\battle.net\agent\agent.1225\agent.exe |
"{5B26650B-2003-447D-93D5-E10411EE8B31}" = protocol=17 | dir=in | app=c:\programdata\battle.net\agent\agent.3634\agent.exe |
"{5B9CD88C-307D-4318-ABE2-EB9E873EFDAA}" = protocol=6 | dir=in | app=c:\programdata\battle.net\agent\agent.3147\agent.exe |
"{5C7DECFB-3DD0-4AA3-9887-9BC05DD6444D}" = protocol=6 | dir=in | app=c:\programdata\battle.net\agent\agent.1225\agent.exe |
"{5DF42514-D678-4861-BCCE-89917E458F71}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
"{5FD006D9-CB76-4716-BB07-30641E4E7487}" = protocol=17 | dir=in | app=c:\program files (x86)\z8games\crossfire\cf_g4box.exe |
"{60039772-F099-4285-9198-50D19D446E21}" = protocol=6 | dir=in | app=c:\program files (x86)\starcraft ii\starcraft ii public test.exe |
"{61A86C6D-01EF-4AE1-AB32-539879946CFF}" = protocol=6 | dir=in | app=c:\program files (x86)\raptr\raptr_im.exe |
"{6B487E8E-0B9D-4BA1-8FE6-1B29CA0D0696}" = protocol=17 | dir=in | app=c:\program files (x86)\diablo iii\diablo iii.exe |
"{6D8A1114-BB08-48BC-98F0-54E4D0344E47}" = protocol=17 | dir=in | app=c:\program files (x86)\yourfiledownloader\yourfile.exe |
"{6EC3D619-1B2E-4356-9B77-7B2D18D4C78D}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\transformers war for cybertron\binaries\twfc.exe |
"{700CDD4D-CF04-4086-8259-F16E8E19B1A3}" = protocol=17 | dir=in | app=c:\program files (x86)\mozilla firefox\firefox.exe |
"{70495CB5-A936-4659-B479-534228FAC569}" = protocol=6 | dir=in | app=c:\windows\syswow64\pnkbstra.exe |
"{74150B72-A4AE-4CF8-AC4A-7FC1159E1FEB}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\terraria\terraria.exe |
"{7949C18F-3ED0-438C-8996-083AEF269D2C}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steam.exe |
"{79990B7B-71BA-4706-BAF6-ABBAB2745C3A}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\combat arms\nmservice.exe |
"{7A745AF7-8316-4922-B6F0-4E02E1CD9557}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\bin\steamwebhelper.exe |
"{7BBA747A-FE06-4568-9BA7-3184A0A9CB5D}" = protocol=17 | dir=in | app=c:\program files (x86)\starcraft ii\starcraft ii public test.exe |
"{81662B34-DE7C-4B3A-93F0-3BD7B06B06DF}" = dir=in | app=c:\program files (x86)\cyberlink\powerdirector\pdr8.exe |
"{83901D16-B2B3-42ED-B1B3-123B11BE6F40}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
"{8549B102-985A-4939-ACD4-743F54105764}" = protocol=17 | dir=in | app=c:\program files (x86)\teamviewer\version7\teamviewer_service.exe |
"{884766DC-A0AA-4213-9555-F9D023342AAB}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\dayz\dayz.exe |
"{8B6256FE-7CBA-4DF8-8688-45BB3A48EE3A}" = protocol=17 | dir=in | app=c:\programdata\battle.net\agent\agent.2816\agent.exe |
"{8C41FE0F-5E31-4367-BE17-A269DA20D0B4}" = protocol=17 | dir=in | app=c:\programdata\battle.net\agent\agent.3634\agent.exe |
"{91B37B3C-4BE5-48E4-84D4-8759274F3B39}" = protocol=6 | dir=in | app=c:\users\home\appdata\local\temp\7zs0ac8\hppiw.exe |
"{968553EC-475F-4726-9CBD-BB990434B715}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\microsoft flight\flight.exe |
"{97089F23-CFFC-4429-96EA-7DC88AC993B9}" = protocol=17 | dir=in | app=c:\users\home\appdata\local\microsoft\windows\temporary internet files\content.ie5\aav7hy4v\crossfire_downloader.exe |
"{97A97849-B254-42BA-9F60-5AA4AA24B6EF}" = protocol=17 | dir=in | app=c:\users\home\appdata\local\warframe\downloaded\public\warframe.exe |
"{99033FE4-DFE2-4B45-BB02-602C4638C314}" = protocol=17 | dir=in | app=c:\windows\syswow64\pnkbstra.exe |
"{9958DD32-BAF6-4414-BEB2-452E906E7788}" = protocol=17 | dir=in | app=c:\programdata\battle.net\agent\agent.2880\agent.exe |
"{9A95A0E4-0943-4856-8053-FF35312B7792}" = protocol=17 | dir=in | app=c:\programdata\battle.net\agent\agent.3507\agent.exe |
"{9FBB9C9B-556B-4717-83CF-54F23756F441}" = protocol=6 | dir=in | app=c:\program files (x86)\teamviewer\version7\teamviewer_service.exe |
"{A0043614-8DC1-4967-A0B6-D3B0887D73E1}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{A010BDB0-35FA-4F3E-B503-E02AF59256BA}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{A01CB9D4-8FE3-492B-9474-863788967DDB}" = protocol=58 | dir=out | [email protected],-28546 |
"{A131FA2A-1DC8-4949-91D2-00D9F75B8D08}" = protocol=6 | dir=in | app=c:\program files (x86)\microsoft office\office14\onenote.exe |
"{A1955790-294C-41A0-AED1-9486328C40EF}" = protocol=17 | dir=out | app=c:\users\home\appdata\local\warframe\downloaded\public\warframe.exe |
"{A208AB73-A199-41DA-9E86-7268FFFE30D7}" = protocol=17 | dir=in | app=c:\program files (x86)\microsoft office\office14\onenote.exe |
"{A77E816E-F3C7-445E-82D5-30C942AC1CDA}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steam.exe |
"{A79BE788-18B4-4406-A89C-3728BF0EE6DF}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\combat arms\nmservice.exe |
"{A94A1739-4055-46BA-A38C-0CDB9416C9AE}" = protocol=6 | dir=in | app=c:\programdata\battle.net\agent\agent.3507\agent.exe |
"{A9EB237D-16C1-468C-AE26-AB005259D4B9}" = protocol=6 | dir=in | app=c:\programdata\battle.net\agent\agent.2816\agent.exe |
"{AD7EF638-79AB-4CC9-B28D-5441E5160D7F}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\dayz\dayz.exe |
"{B0AAC4ED-7C6B-4E9C-B877-5120BE12B424}" = protocol=6 | dir=in | app=c:\programdata\battle.net\agent\agent.3023\agent.exe |
"{B51E3993-65BF-484A-BED9-60524CC91AA1}" = protocol=17 | dir=in | app=c:\programdata\battle.net\agent\agent.1363\agent.exe |
"{B8D94772-08A3-41E9-8B7E-E71F0103E56F}" = protocol=6 | dir=out | app=system |
"{BD30B93E-6D26-4F1F-AD55-415C1DCE5AB5}" = protocol=17 | dir=in | app=c:\programdata\battle.net\agent\agent.1040\agent.exe |
"{BF3788D4-B672-4A5D-8820-0C8CCC77187C}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\dota 2 beta\dota.exe |
"{C1BE317F-9B1D-4C3A-BB8C-E41656AECC02}" = protocol=6 | dir=in | app=c:\program files\java\jre7\bin\javaw.exe |
"{C4860338-B596-4224-A7BC-12F2A5C7A977}" = protocol=17 | dir=in | app=c:\programdata\battle.net\agent\agent.2045\agent.exe |
"{C7736043-250D-4FE1-8E88-75BD85D505A7}" = protocol=17 | dir=in | app=c:\users\home\appdata\local\temp\7zs0ac8\hppiw.exe |
"{C98E6088-605C-4A14-BB3D-7E2C377903F7}" = protocol=6 | dir=in | app=c:\windows\system32\java.exe |
"{CA001D4C-BA9F-4987-AEAF-AE19052DA3BB}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{CB6CE769-E7F6-4E21-8E3E-680A038EE440}" = protocol=6 | dir=in | app=c:\programdata\battle.net\agent\agent.2880\agent.exe |
"{CD6493F2-4ECA-403E-8D09-890D23DAF169}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\terraria\terraria.exe |
"{CEE0A4E7-F543-47D3-9F19-365420FAA424}" = protocol=6 | dir=in | app=c:\users\home\appdata\local\microsoft\windows\temporary internet files\content.ie5\aav7hy4v\crossfire_downloader.exe |
"{CF0EBF1A-F483-4117-947B-BD8004A91522}" = protocol=6 | dir=in | app=c:\windows\syswow64\pnkbstrb.exe |
"{CF57295E-7AE2-4C21-B5F9-2B10120EF521}" = protocol=6 | dir=in | app=c:\programdata\battle.net\agent\agent.3634\agent.exe |
"{D184D2E5-C232-44C8-B217-7C2F938C0B6A}" = protocol=17 | dir=in | app=c:\programdata\battle.net\agent\agent.3023\agent.exe |
"{D2CF3661-3DC0-4A08-AC62-F79E0A64D909}" = protocol=6 | dir=in | app=c:\program files (x86)\diablo iii\diablo iii.exe |
"{D35522BE-2915-4DC9-BB8B-4D510C4B61A3}" = protocol=17 | dir=in | app=c:\program files (x86)\raptr\raptr_im.exe |
"{D421D8F8-B2DB-4DE2-A445-341F7405A406}" = protocol=17 | dir=in | app=c:\windows\system32\java.exe |
"{D4DE402A-4400-4819-AC5B-91845BD80B9E}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\deadpixels\dead pixels launcher.exe |
"{D578F268-D6BE-4C4C-AD1C-D58D5C22F9F7}" = protocol=6 | dir=in | app=c:\programdata\battle.net\agent\agent.1040\agent.exe |
"{D69FCD4F-3978-4DB0-B35B-A8EC948B3E41}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
"{D95AFB17-7A98-420D-A94C-8870C814B4CD}" = protocol=17 | dir=in | app=c:\programdata\battle.net\agent\agent.2880\agent.exe |
"{DA717C8C-CE21-48C0-B973-E2189A4C2A07}" = protocol=17 | dir=in | app=c:\users\home\appdata\local\warframe\downloaded\public\warframe.x64.exe |
"{DEAA22B9-6A42-4249-9C4D-C3CBE53F6624}" = protocol=17 | dir=in | app=c:\programdata\battle.net\agent\agent.2380\agent.exe |
"{DFBC809B-82F5-484F-BBE9-0DB9CE8C1FAE}" = protocol=17 | dir=in | app=c:\program files (x86)\yourfiledownloader\downloader.exe |
"{E4C67AB5-0988-49AD-BF83-4A773222E007}" = protocol=6 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
"{E7A5C568-84FE-48BA-8F14-4342CDE57E3D}" = protocol=6 | dir=in | app=c:\program files (x86)\battle.net\battle.net.exe |
"{E9D2CF25-DEDE-471D-A673-2CE886144568}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steam.exe |
"{ED708A3B-2347-409C-A94D-3B61A568E469}" = protocol=6 | dir=in | app=c:\program files (x86)\raptr\raptr.exe |
"{EDAA4923-7BEA-48D5-BBBE-A66C840CF745}" = protocol=17 | dir=in | app=c:\users\home\appdata\local\temp\7zs0d27\hpdiagnosticcoreui.exe |
"{F0A12BD3-8E3B-474B-8C70-394B3DB221EC}" = protocol=6 | dir=in | app=c:\program files (x86)\starcraft ii\starcraft ii.exe |
"{F6C4B838-B4C6-4B51-9F68-5DB4D41C5F77}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\deadpixels\dead pixels launcher.exe |
"{F8FF3337-9982-4213-9EF3-F27AC2DB1D97}" = protocol=6 | dir=in | app=c:\programdata\battle.net\agent\agent.1544\agent.exe |
"{FA8B96AB-E2C7-4333-9087-5A331E805D7E}" = protocol=17 | dir=in | app=c:\program files\java\jre7\bin\javaw.exe |
"{FBA5F4DC-4710-4FF7-BEF9-32E8E1EA0AD3}" = protocol=6 | dir=in | app=c:\programdata\battle.net\agent\agent.3634\agent.exe |
"{FDD9A9F0-5B49-4B89-B174-B64D03E72075}" = protocol=17 | dir=in | app=c:\program files (x86)\raptr\raptr.exe |
"TCP Query User{0FACF995-D51C-46A8-ADEB-14CD3172B67D}C:\program files\java\jre7\bin\javaw.exe" = protocol=6 | dir=in | app=c:\program files\java\jre7\bin\javaw.exe |
"TCP Query User{1B376445-4608-43B5-8060-319BDF01D55D}C:\windows\system32\java.exe" = protocol=6 | dir=in | app=c:\windows\system32\java.exe |
"TCP Query User{243CD544-1658-4AE4-AD4E-B5E5AFE8CC15}F:\halo\halo (this one).exe" = protocol=6 | dir=in | app=f:\halo\halo (this one).exe |
"TCP Query User{272F8D82-779E-4A89-AC34-906EFAD8A49B}C:\program files (x86)\mozilla firefox\firefox.exe" = protocol=6 | dir=in | app=c:\program files (x86)\mozilla firefox\firefox.exe |
"TCP Query User{2BB326F0-215F-4DBB-B9FD-BADFD16D608D}C:\users\home\appdata\roaming\spotify\spotify.exe" = protocol=6 | dir=in | app=c:\users\home\appdata\roaming\spotify\spotify.exe |
"TCP Query User{2E4F923B-79DD-40DB-B5C9-71A9AFA025E2}C:\program files (x86)\starcraft ii\versions\base26490\sc2.exe" = protocol=6 | dir=in | app=c:\program files (x86)\starcraft ii\versions\base26490\sc2.exe |
"TCP Query User{3D8899B1-E1F9-4BB0-BE71-F52415C6E16B}C:\program files (x86)\diablo iii\diablo iii.exe" = protocol=6 | dir=in | app=c:\program files (x86)\diablo iii\diablo iii.exe |
"TCP Query User{49EA2474-7E5C-4AB3-867A-8B01AD192D0A}C:\programdata\battle.net\agent\agent.3147\agent.exe" = protocol=6 | dir=in | app=c:\programdata\battle.net\agent\agent.3147\agent.exe |
"TCP Query User{6B2827BF-2D79-4545-9C02-7090848B3390}C:\program files\java\jre7\bin\java.exe" = protocol=6 | dir=in | app=c:\program files\java\jre7\bin\java.exe |
"TCP Query User{6FC8B7F5-A4B3-413B-8A91-15F651512AE7}C:\ProgramData\Battle.net\Agent\agent.1040\Agent.exe" = protocol=6 | dir=in | app=c:\programdata\battle.net\agent\agent.1040\agent.exe |
"TCP Query User{7F3F5915-0189-42D4-AE5F-CD04BE40023B}C:\riot games\league of legends\rads\projects\lol_patcher\releases\0.0.0.14\deploy\lolpatcher.exe" = protocol=6 | dir=in | app=c:\riot games\league of legends\rads\projects\lol_patcher\releases\0.0.0.14\deploy\lolpatcher.exe |
"TCP Query User{7FCC21D6-B40A-46C6-B043-50A6F180C289}C:\program files (x86)\steam\steamapps\common\lord of the rings online\lotroclient.exe" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\lord of the rings online\lotroclient.exe |
"TCP Query User{80DB5FF5-5A3D-4718-88CF-1E3F2EE8F239}C:\program files (x86)\steam\steamapps\legend270\team fortress 2\hl2.exe" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\legend270\team fortress 2\hl2.exe |
"TCP Query User{81451EAA-CDF5-4C6A-BF73-9E4CBF798147}C:\program files (x86)\java\jre7\bin\javaw.exe" = protocol=6 | dir=in | app=c:\program files (x86)\java\jre7\bin\javaw.exe |
"TCP Query User{832B81A4-87CF-4FEA-A84A-A58AE1DA314B}C:\users\public\sony online entertainment\installed games\planetside 2\planetside2.exe" = protocol=6 | dir=in | app=c:\users\public\sony online entertainment\installed games\planetside 2\planetside2.exe |
"TCP Query User{8DA5C16F-1DE3-4CDE-8588-2CB52E649A3D}C:\program files (x86)\minecraft\runtime\jre-x64\1.8.0_25\bin\javaw.exe" = protocol=6 | dir=in | app=c:\program files (x86)\minecraft\runtime\jre-x64\1.8.0_25\bin\javaw.exe |
"TCP Query User{8E7285D5-1613-41D4-93FB-EDBBEE691475}C:\program files (x86)\meteorentertainment\hawken\installedhawkenfiles\binaries\win32\hawkengame-win32-shipping.exe" = protocol=6 | dir=in | app=c:\program files (x86)\meteorentertainment\hawken\installedhawkenfiles\binaries\win32\hawkengame-win32-shipping.exe |
"TCP Query User{9208CEC9-AB33-4926-A79C-461D26BAD8BC}C:\program files (x86)\hi-rez studios\hirezgames\smite\binaries\win32\smite.exe" = protocol=6 | dir=in | app=c:\program files (x86)\hi-rez studios\hirezgames\smite\binaries\win32\smite.exe |
"TCP Query User{A8E3371C-84AC-4376-B569-AEDC06B470DC}C:\program files (x86)\java\jre7\bin\java.exe" = protocol=6 | dir=in | app=c:\program files (x86)\java\jre7\bin\java.exe |
"TCP Query User{ADE1037F-2743-49DE-8F27-C277B523482B}C:\users\home\appdata\roaming\spotify\spotify.exe" = protocol=6 | dir=in | app=c:\users\home\appdata\roaming\spotify\spotify.exe |
"TCP Query User{B563E875-EE56-4809-90B5-FECF0808C0C1}C:\program files (x86)\steam\steamapps\common\combat arms\engine.exe" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\combat arms\engine.exe |
"TCP Query User{CC26DA72-22DF-4A16-8AF3-B085BA5BDE2E}C:\program files (x86)\lolreplay\lolreplay.exe" = protocol=6 | dir=in | app=c:\program files (x86)\lolreplay\lolreplay.exe |
"TCP Query User{CF25205A-C247-46D9-BB94-6894993BFAD3}C:\riot games\league of legends\rads\projects\lol_patcher\releases\0.0.0.14\deploy\lolpatcherux.exe" = protocol=6 | dir=in | app=c:\riot games\league of legends\rads\projects\lol_patcher\releases\0.0.0.14\deploy\lolpatcherux.exe |
"TCP Query User{D19E5A3C-5928-4300-82F4-8DFAF45AF349}C:\program files (x86)\raidcall\raidcall.exe" = protocol=6 | dir=in | app=c:\program files (x86)\raidcall\raidcall.exe |
"TCP Query User{DB7D59D0-50D2-4460-BDFB-0E83E9062038}C:\program files (x86)\yahoo!\messenger\yahoomessenger.exe" = protocol=6 | dir=in | app=c:\program files (x86)\yahoo!\messenger\yahoomessenger.exe |
"TCP Query User{FD24A75F-19B0-4B6B-98BA-4DB2A3021815}C:\program files (x86)\java\jre6\bin\java.exe" = protocol=6 | dir=in | app=c:\program files (x86)\java\jre6\bin\java.exe |
"UDP Query User{018310B9-A31C-4C54-819A-2B92DB779D77}C:\programdata\battle.net\agent\agent.3147\agent.exe" = protocol=17 | dir=in | app=c:\programdata\battle.net\agent\agent.3147\agent.exe |
"UDP Query User{05A64D00-A9B3-4266-83F8-0F431CBE90B9}C:\program files (x86)\java\jre7\bin\java.exe" = protocol=17 | dir=in | app=c:\program files (x86)\java\jre7\bin\java.exe |
"UDP Query User{1326AC88-823A-4092-9175-D40EC8A03EE2}C:\users\public\sony online entertainment\installed games\planetside 2\planetside2.exe" = protocol=17 | dir=in | app=c:\users\public\sony online entertainment\installed games\planetside 2\planetside2.exe |
"UDP Query User{2EC7481F-E1BB-43D9-B576-37CE9DD226FA}C:\program files (x86)\raidcall\raidcall.exe" = protocol=17 | dir=in | app=c:\program files (x86)\raidcall\raidcall.exe |
"UDP Query User{382E6430-BAB7-4AA9-8FAD-5C4C39DD6D33}C:\program files (x86)\meteorentertainment\hawken\installedhawkenfiles\binaries\win32\hawkengame-win32-shipping.exe" = protocol=17 | dir=in | app=c:\program files (x86)\meteorentertainment\hawken\installedhawkenfiles\binaries\win32\hawkengame-win32-shipping.exe |
"UDP Query User{53562F7E-6FC6-4868-8C1C-413B1A082DF6}C:\ProgramData\Battle.net\Agent\agent.1040\Agent.exe" = protocol=17 | dir=in | app=c:\programdata\battle.net\agent\agent.1040\agent.exe |
"UDP Query User{620769A8-2B4F-4D9B-8EB7-52E00EBE8B56}C:\users\home\appdata\roaming\spotify\spotify.exe" = protocol=17 | dir=in | app=c:\users\home\appdata\roaming\spotify\spotify.exe |
"UDP Query User{685442AB-6C92-4B2F-945A-7A8A4E668837}C:\program files\java\jre7\bin\javaw.exe" = protocol=17 | dir=in | app=c:\program files\java\jre7\bin\javaw.exe |
"UDP Query User{6C261B29-EAFB-4877-88EE-C698679A34C1}C:\program files (x86)\steam\steamapps\common\combat arms\engine.exe" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\combat arms\engine.exe |
"UDP Query User{6EC022AA-A2AB-433F-A272-EACA717F1B70}C:\program files (x86)\java\jre6\bin\java.exe" = protocol=17 | dir=in | app=c:\program files (x86)\java\jre6\bin\java.exe |
"UDP Query User{70DBF92B-2254-488A-8515-2CB7100D7DAD}C:\windows\system32\java.exe" = protocol=17 | dir=in | app=c:\windows\system32\java.exe |
"UDP Query User{76AE0308-0CFB-4AC6-B5B0-AD6F58BFDA64}F:\halo\halo (this one).exe" = protocol=17 | dir=in | app=f:\halo\halo (this one).exe |
"UDP Query User{7DF2B7A7-D5C6-47F2-89F9-C68450E195EF}C:\program files (x86)\diablo iii\diablo iii.exe" = protocol=17 | dir=in | app=c:\program files (x86)\diablo iii\diablo iii.exe |
"UDP Query User{7E38EADE-E09C-4973-82DA-847DAB683361}C:\users\home\appdata\roaming\spotify\spotify.exe" = protocol=17 | dir=in | app=c:\users\home\appdata\roaming\spotify\spotify.exe |
"UDP Query User{881642C1-8E73-4BC7-A4AC-391A0F977CBD}C:\riot games\league of legends\rads\projects\lol_patcher\releases\0.0.0.14\deploy\lolpatcher.exe" = protocol=17 | dir=in | app=c:\riot games\league of legends\rads\projects\lol_patcher\releases\0.0.0.14\deploy\lolpatcher.exe |
"UDP Query User{8C1FF1AD-63FC-4429-A087-BE22D5811E70}C:\program files (x86)\steam\steamapps\legend270\team fortress 2\hl2.exe" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\legend270\team fortress 2\hl2.exe |
"UDP Query User{99B5A5D0-DCF1-402A-925E-3CE011359210}C:\program files\java\jre7\bin\java.exe" = protocol=17 | dir=in | app=c:\program files\java\jre7\bin\java.exe |
"UDP Query User{9B514FE5-3170-4D47-8896-F6B18B69EB25}C:\program files (x86)\minecraft\runtime\jre-x64\1.8.0_25\bin\javaw.exe" = protocol=17 | dir=in | app=c:\program files (x86)\minecraft\runtime\jre-x64\1.8.0_25\bin\javaw.exe |
"UDP Query User{A552BE48-FC25-4E6B-B74F-28831C73314D}C:\program files (x86)\steam\steamapps\common\lord of the rings online\lotroclient.exe" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\lord of the rings online\lotroclient.exe |
"UDP Query User{B76780A0-D6F4-4E91-8DF5-BC2C20970EE0}C:\program files (x86)\hi-rez studios\hirezgames\smite\binaries\win32\smite.exe" = protocol=17 | dir=in | app=c:\program files (x86)\hi-rez studios\hirezgames\smite\binaries\win32\smite.exe |
"UDP Query User{B8C7D0FB-9EF5-4F65-9D09-E49F52D627A8}C:\program files (x86)\java\jre7\bin\javaw.exe" = protocol=17 | dir=in | app=c:\program files (x86)\java\jre7\bin\javaw.exe |
"UDP Query User{BDD21891-5F92-4F56-ACD2-815188D8144A}C:\program files (x86)\starcraft ii\versions\base26490\sc2.exe" = protocol=17 | dir=in | app=c:\program files (x86)\starcraft ii\versions\base26490\sc2.exe |
"UDP Query User{EB5DAC5C-0174-4407-9821-2852B7CDF227}C:\riot games\league of legends\rads\projects\lol_patcher\releases\0.0.0.14\deploy\lolpatcherux.exe" = protocol=17 | dir=in | app=c:\riot games\league of legends\rads\projects\lol_patcher\releases\0.0.0.14\deploy\lolpatcherux.exe |
"UDP Query User{EC6CB71E-E7B8-4024-90A7-D58FC3CD3DEE}C:\program files (x86)\yahoo!\messenger\yahoomessenger.exe" = protocol=17 | dir=in | app=c:\program files (x86)\yahoo!\messenger\yahoomessenger.exe |
"UDP Query User{FA509831-9261-43E7-97DB-FC2A3573C04E}C:\program files (x86)\mozilla firefox\firefox.exe" = protocol=17 | dir=in | app=c:\program files (x86)\mozilla firefox\firefox.exe |
"UDP Query User{FD0FB1AF-455F-4593-9B22-CBB9EEDBAF0D}C:\program files (x86)\lolreplay\lolreplay.exe" = protocol=17 | dir=in | app=c:\program files (x86)\lolreplay\lolreplay.exe |
 
========== HKEY_LOCAL_MACHINE Uninstall List ==========
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{0919C44F-F18A-4E3B-A737-03685272CE72}" = Windows Live Remote Service Resources
"{1685AE50-97ED-485B-80F6-145071EE14B0}" = Windows Live Remote Service Resources
"{17A4FD95-A507-43F1-BC92-D8572AF8340A}" = Windows Live Remote Service Resources
"{19F09425-3C20-4730-9E2A-FC2E17C9F362}" = Windows Live Remote Service Resources
"{1B8ABA62-74F0-47ED-B18C-A43128E591B8}" = Windows Live ID Sign-in Assistant
"{1D8E6291-B0D5-35EC-8441-6616F567A0F7}" = Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219
"{1EB2CFC3-E1C5-4FC4-B1F8-549DD6242C67}" = Windows Live Remote Service Resources
"{206BD2C5-DE08-4577-A0D7-D441A79D5A3A}" = Windows Live Remote Client Resources
"{22AB5CFD-B3DB-414E-9F99-4D024CCF1DA6}" = Windows Live Remote Client Resources
"{230D1595-57DA-4933-8C4E-375797EBB7E1}" = Bluetooth Win7 Suite (64)
"{2426E29F-9E8C-4C0B-97FC-0DB690C1ED98}" = Windows Live Remote Client Resources
"{26784146-6E05-3FF9-9335-786C7C0FB5BE}" = Microsoft .NET Framework 4.5.2
"{27F3F8DE-AC95-4E10-90A6-EBA999DDBCAF}" = Windows Live Remote Service Resources
"{29CFD07F-4971-41B0-B14D-621ACCC264AC}" = Windows Live Remote Service Resources
"{2C1A6191-9804-4FDC-AB01-6F9183C91A13}" = Windows Live Remote Client Resources
"{2C637DB1-3E0A-4089-8366-C6C0B01E5C2B}" = AMD Steady Video Plug-In
"{2F304EF4-0C31-47F4-8557-0641AAE4197C}" = Windows Live Remote Client Resources
"{34384A2A-2CA2-4446-AB0E-1F360BA2AAC5}" = Windows Live Remote Service Resources
"{350FD0E7-175A-4F86-84EF-05B77FCD7161}" = Windows Live Remote Service Resources
"{37B8F9C7-03FB-3253-8781-2517C99D7C00}" = Microsoft Visual C++ 2012 x64 Additional Runtime - 11.0.61030
"{3921492E-82D2-4180-8124-E347AD2F2DB4}" = Windows Live Remote Client Resources
"{3FAEEEBE-48F4-84C1-2B49-96AE73E67E3E}" = AMD Catalyst Install Manager
"{41F22D89-7F71-E83A-08E7-7E7473F4A55D}" = AMD Accelerated Video Transcoding
"{456FB9B5-AFBC-4761-BBDC-BA6BAFBB818F}" = Windows Live Remote Client Resources
"{480F28F0-8BCE-404A-A52E-0DBB7D1CE2EF}" = Windows Live Remote Service Resources
"{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148
"{4C2E49C0-9276-4324-841D-774CCCE5DB48}" = Windows Live Remote Client Resources
"{4C9845D5-9FAD-4C52-B389-CAEF0F216215}" = Windows Live Remote Client Resources
"{503F672D-6C84-448A-8F8F-4BC35AC83441}" = AMD APP SDK Runtime
"{5141AA6E-5FAC-4473-BFFB-BEE69DDC7F2B}" = Windows Live Remote Service Resources
"{5151E2DB-0748-4FD1-86A2-72E2F94F8BE7}" = Windows Live Remote Service Resources
"{57F2BD1C-14A3-4785-8E48-2075B96EB2DF}" = Windows Live Remote Service Resources
"{5E2CD4FB-4538-4831-8176-05D653C3E6D4}" = Windows Live Remote Service Resources
"{5F44A3A1-5D24-4708-8776-66B42B174C64}" = Windows Live Remote Client Resources
"{5FCD6EFE-C2E7-4D77-8212-4BA223D8DF8E}" = Windows Live Remote Client Resources
"{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161
"{5FEAD3E5-A158-4B66-B92B-0C959D7CF838}" = Windows Live Remote Service Resources
"{61407251-7F7D-4303-810D-226A04D5CFF3}" = Windows Live Remote Service Resources
"{641B32DB-8226-4250-86C9-34671162F5D5}" = Windows Live Remote Client Resources
"{656DEEDE-F6AC-47CA-A568-A1B4E34B5760}" = Windows Live Remote Service Resources
"{692CCE55-9EAE-4F57-A834-092882E7FE0B}" = Windows Live Remote Client Resources
"{69F860CB-69A0-991D-C0A7-2967286A8DDC}" = ccc-utility64
"{6A2482BC-733A-404A-939A-2D5BC636E6F9}" = Windows Live Remote Service Resources
"{6C9D3F1D-DBBE-46F9-96A0-726CC72935AF}" = Windows Live Remote Service Resources
"{6CBFDC3C-CF21-4C02-A6DC-A5A2707FAF55}" = Windows Live Remote Service Resources
"{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}" = Microsoft Visual C++ 2005 Redistributable (x64)
"{78654366-5889-4A70-90D9-04B00709EEE0}" = Windows Live Remote Client Resources
"{7AEC844D-448A-455E-A34E-E1032196BBCD}" = Windows Live Remote Service Resources
"{7EE0022B-77A5-4008-BA8E-69C26F5C9955}" = AMD Fuel
"{811D5159-D798-491F-B9C6-9BDBF6B02D06}" = Windows Live Remote Service Resources
"{8220EEFE-38CD-377E-8595-13398D740ACE}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17
"{825C7D3F-D0B3-49D5-A42B-CBB0FBE85E99}" = Windows Live Remote Client Resources
"{847B0532-55E3-4AAF-8D7B-E3A1A7CD17E5}" = Windows Live Remote Client Resources
"{850B8072-2EA7-4EDC-B930-7FE569495E76}" = Windows Live Remote Client Resources
"{8970AE69-40BE-4058-9916-0ACB1B974A3D}" = Windows Live Remote Client Resources
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8EB588BD-D398-40D0-ADF7-BE1CEEF7C116}" = Windows Live Remote Client Resources
"{90140000-002A-0000-1000-0000000FF1CE}" = Microsoft Office Office 64-bit Components 2010
"{90140000-002A-0409-1000-0000000FF1CE}" = Microsoft Office Shared 64-bit MUI (English) 2010
"{90140000-006D-0409-1000-0000000FF1CE}" = Microsoft Office Click-to-Run 2010
"{90140000-0116-0409-1000-0000000FF1CE}" = Microsoft Office Shared 64-bit Setup Metadata MUI (English) 2010
"{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033" = Microsoft .NET Framework 4.5.2
"{9495AEB4-AB97-39DE-8C42-806EEF75ECA7}" = Microsoft Visual Studio 2010 Tools for Office Runtime (x64)
"{95120000-00B9-0409-1000-0000000FF1CE}" = Microsoft Application Error Reporting
"{97A295A7-8840-4B35-BB61-27A8F4512CA3}" = Windows Live Remote Service Resources
"{9E9C960F-7F47-46D5-A95D-950B354DE2B8}" = Windows Live Remote Service Resources
"{A060182D-CDBE-4AD6-B9B4-860B435D6CBD}" = Windows Live Remote Client Resources
"{A508D5A2-3AC1-4594-A718-A663D6D3CF11}" = Windows Live Remote Service Resources
"{A679FBE4-BA2D-4514-8834-030982C8B31A}" = Windows Live Remote Service Resources
"{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}" = Microsoft Visual C++ 2005 Redistributable (x64)
"{AE91E0F3-C49A-4EF4-8B98-A07BD409EB90}" = Windows Live Remote Service Resources
"{B0BF8602-EA52-4B0A-A2BD-EDABB0977030}" = Windows Live Remote Client Resources
"{B680A663-1A15-47A5-A07C-7DF9A97558B7}" = Windows Live Remote Client Resources
"{B750FA38-7AB0-42CB-ACBB-E7DBE9FF603F}" = Windows Live Remote Client Resources
"{C3ECDE27-BD89-71E3-254D-DF32AF7C389D}" = AMD Wireless Display v3.0
"{C504EC13-E122-4939-BD6E-EE5A3BAA5FEC}" = Windows Live Remote Client Resources
"{C9F05151-95A9-4B9B-B534-1760E2D014A5}" = Windows Live Remote Client Resources
"{CB8EC858-84C9-5A45-F786-86929EE4298B}" = AMD Drag and Drop Transcoding
"{CF2BEA3C-26EA-32F8-AA9B-331F7E34BA97}" = Microsoft Visual C++ 2012 x64 Minimum Runtime - 11.0.61030
"{CFF3C688-2198-4BC3-A399-598226949C39}" = Windows Live Remote Client Resources
"{D07A61E5-A59C-433C-BCBD-22025FA2287B}" = Windows Live Language Selector
"{D1C1556C-7FF3-48A3-A5D6-7126F0FAFB66}" = Windows Live Remote Client Resources
"{D3E4F422-7E0F-49C7-8B00-F42490D7A385}" = Windows Live Remote Service Resources
"{D5876F0A-B2E9-4376-B9F5-CD47B7B8D820}" = Windows Live Remote Client Resources
"{D930AF5C-5193-4616-887D-B974CEFC4970}" = Windows Live Remote Service Resources
"{DA54F80E-261C-41A2-A855-549A144F2F59}" = Windows Live MIME IFilter
"{DBEDAF67-C5A3-4C91-951D-31F3FE63AF3F}" = Windows Live Remote Client Resources
"{DF6D988A-EEA0-4277-AAB8-158E086E439B}" = Windows Live Remote Client
"{E02A6548-6FDE-40E2-8ED9-119D7D7E641F}" = Windows Live Remote Service
"{ED421F97-E1C3-4E78-9F54-A53888215D58}" = Windows Live Remote Client Resources
"{EFB20CF5-1A6D-41F3-8895-223346CE6291}" = Windows Live Remote Service Resources
"{F0793412-6407-4870-9A8C-6FE198A4EB12}" = Windows Live Remote Client Resources
"{F6CB2C5F-B2C1-4DF1-BF44-39D0DC06FE6F}" = Windows Live Remote Service Resources
"{FAA3933C-6F0D-4350-B66B-9D7F7031343E}" = Windows Live Remote Service Resources
"{FAD0EC0B-753B-4A97-AD34-32AC1EC8DB69}" = Windows Live Remote Client Resources
"Microsoft Visual Studio 2010 Tools for Office Runtime (x64)" = Microsoft Visual Studio 2010 Tools for Office Runtime (x64)
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{000F2A10-9CDF-47BF-9CF2-9AC87567B433}" = Windows Live Photo Common
"{001296EA-6321-1D93-6D07-C56469336B6F}" = CCC Help Chinese Traditional
"{00884F14-05BD-4D8E-90E5-1ABF78948CA4}" = Windows Live Mesh
"{00C2D443-43D9-4550-ABEA-318288E23E57}" = Quicken 2015
"{0119B342-476F-4F5A-B712-144B5CFA781F}" = Windows Live Movie Maker
"{0125DB4D-98A0-4DBF-B68A-23BF08FFA6A3}" = Windows Live Messenger
"{01FB4998-33C4-4431-85ED-079E3EEFE75D}" = CyberLink YouCam
"{02BAAFC5-4E16-42E6-A9F6-8DDE0B7ED3B8}" = Minecraft
"{03241D8D-2217-42F7-9FCB-6A68D141C14D}" = Windows Live 软件包
"{039480EE-6933-4845-88B8-77FD0C3D059D}" = Windows Live Mesh
"{05E379CC-F626-4E7D-8354-463865B303BF}" = Windows Live UX Platform Language Pack
"{0654EA5D-308A-4196-882B-5C09744A5D81}" = Windows Live Photo Common
"{073F306D-9851-4969-B828-7B6444D07D55}" = Windows Live Photo Common
"{0785A0B6-07DF-43CF-B147-E1EB4CEA0345}" = Windows Live Messenger
"{07E15DDE-CAD9-434D-B24D-35708E3BEA09}" = Windows Live 필수 패키지
"{08BF5606-B92B-91D9-550E-45C40EF82146}" = CCC Help Swedish
"{09922FFE-D153-44AE-8B60-EA3CB8088F93}" = Windows Live UX Platform Language Pack
"{0A1E0BDA-5E8F-436d-8BE5-7E97C5CB899D}" = Quicken 2012
"{0A4C4B29-5A9D-4910-A13C-B920D5758744}" = بريد Windows Live
"{0A9256E0-C924-46DE-921B-F6C4548A1C64}" = Windows Live Messenger
"{0B0F231F-CE6A-483D-AA23-77B364F75917}" = Windows Live Installer
"{0C1931EB-8339-4837-8BEC-75029BF42734}" = Windows Live UX Platform Language Pack
"{0C975FCC-A06E-4CB6-8F54-A9B52CF37781}" = Windows Liven sähköposti
"{0D261C88-454B-46FE-B43B-640E621BDA11}" = Windows Live Mail
"{0D78BEE2-F8FF-4498-AF1A-3FF81CED8AC6}" = Razer Synapse 2.0
"{0EC0B576-90F9-43C3-8FAD-A4902DF4B8F4}" = Galeria de Fotografias do Windows Live
"{10186F1A-6A14-43DF-A404-F0105D09BB07}" = Windows Live Mail
"{110668B7-54C6-47C9-BAC4-1CE77F156AF5}" = Windows Live Mesh
"{11417707-1F72-4279-95A3-01E0B898BBF5}" = Windows Live Mesh
"{11778DA1-0495-4ED9-972F-F9E0B0367CD5}" = Windows Live Writer
"{11960C5F-F2A2-1A1C-F884-2579A22E70BA}" = CCC Help Finnish
"{1203DC60-D9BD-44F9-B372-2B8F227E6094}" = Windows Live Temel Parçalar
"{128133D3-037A-4C62-B1B7-55666A10587A}" = Windows Live UX Platform Language Pack
"{133D9D67-D475-4407-AC3C-D558087B2453}" = Windows Live Movie Maker
"{145DE957-0679-4A2A-BB5C-1D3E9808FAB2}" = Samsung Recovery Solution 5
"{14B441B7-774D-4170-98EA-A13667AE6218}" = Windows Live Writer Resources
"{168E7302-890A-4138-9109-A225ACAF7AD1}" = Windows Live Photo Common
"{17283B95-21A8-4996-97DA-547A48DB266F}" = Easy Settings
"{17835B63-8308-427F-8CF5-D76E0D5FE457}" = Windows Live Essentials
"{17F99FCE-8F03-4439-860A-25C5A5434E18}" = Windows Live Essentials
"{18A8E78B-9EF2-496E-B310-BCD8E4C1DAB3}" = iSEEK AnswerWorks English Runtime
"{198EA334-8A3F-4CB2-9D61-6C10B8168A6F}" = Windows Live Writer
"{19ADD3BF-C42B-47DC-81C6-5E9731B668C4}" = „Windows Live Essentials“
"{19BA08F7-C728-469C-8A35-BFBD3633BE08}" = Windows Live Movie Maker
"{1A72337E-D126-4BAF-AC89-E6122DB71866}" = Windows Liven valokuvavalikoima
"{1A82AE99-84D3-486D-BAD6-675982603E14}" = Windows Live Writer
"{1D6C2068-807F-4B76-A0C2-62ED05656593}" = Windows Live Writer
"{1D968C74-5200-4331-F74D-83E30797B736}" = CCC Help Italian
"{1DA6D447-C54D-4833-84D4-3EA31CAECE9B}" = Windows Live UX Platform Language Pack
"{1DDB95A4-FD7B-4517-B3F1-2BCAA96879E6}" = Windows Live Writer Resources
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{1F2B6EDD-9374-B327-8F8E-E31AF6A805B0}" = CCC Help German
"{1F6AB0E7-8CDD-4B93-8A23-AA9EB2FEFCE4}" = Junk Mail filter update
"{1FBF6C24-C1FD-4101-A42B-0C564F9E8E79}" = CyberLink Media Suite
"{1FC83EAE-74C8-4C72-8400-2D8E40A017DE}" = Windows Live Writer
"{200FEC62-3C34-4D60-9CE8-EC372E01C08F}" = Windows Live SOXE Definitions
"{21B49B4A-BBC3-4A09-9C68-6C3CC0B1EA01}" = Windows Live Messenger
"{220C7F8C-929D-4F71-9DC7-F7A6823B38E4}" = Windows Live UX Platform Language Pack
"{249EE21B-8EDD-4F36-8A23-E580E9DBE80A}" = Windows Live Mail
"{24DF33E0-F924-4D0D-9B96-11F28F0D602D}" = Windows Live UX Platform Language Pack
"{2511AAD7-82DF-4B97-B0B3-E1B933317010}" = Windows Live Writer Resources
"{25A381E1-0AB9-4E7A-ACCE-BA49D519CF4E}" = Windows Live Mail
"{25CD4B12-8CC5-433E-B723-C9CB41FA8C5A}" = Windows Live Writer
"{26513CE5-7A51-478D-93BD-AC1D38103463}" = Windows Live Messenger
"{26E3C07C-7FF7-4362-9E99-9E49E383CF16}" = Windows Live Writer Resources
"{2720009D-9566-45A7-A370-0E6DAC313F3F}" = „Windows Live Mail“
"{285722F0-59D5-9468-BA6F-72985A2CE931}" = CCC Help Czech
"{28B9D2D8-4304-483F-AD71-51890A063A74}" = Windows Live Photo Common
"{29373E24-AC72-424E-8F2A-FB0F9436F21F}" = Windows Live Photo Common
"{2A07C35B-8384-4DA4-9A95-442B6C89A073}" = Windows Live Essentials
"{2AD2DD70-27F7-4343-BB4E-DE50A32D854B}" = Windows Live Messenger
"{2B68CAC1-5B99-3465-8982-E4FAB2AE036A}" = CCC Help Russian
"{2BA5FD10-653F-4CAF-9CCD-F685082A1DC1}" = Windows Live Writer
"{2BFC7AA0-544C-4E3A-8796-67F3BE655BE9}" = Microsoft XNA Framework Redistributable 4.0
"{2C4E06CC-1F04-4C25-8B3C-93A9049EC42C}" = Windows Live UX Platform Language Pack
"{2C7E8AA1-9C03-4606-BF34-5D99D07964DA}" = Windows Live Messenger
"{2C865FB0-051E-4D22-AC62-428E035AEAF0}" = Windows Live Mesh
"{2CC0789D-D31B-445F-8970-6E058BE39754}" = Windows Live UX Platform Language Pack
"{2D3E034E-F76B-410A-A169-55755D2637BB}" = Windows Live Mesh
"{2E50E321-4747-4EB5-9ECB-BBC6C3AC0F31}" = Windows Live Writer Resources
"{303143DD-1F6D-4BC5-9342-FFC2E19B2DBD}" = Windows Live Messenger
"{3125D9DE-8D7A-4987-95F3-8A42389833D8}" = Windows Live Writer Resources
"{317D56AC-0DB3-48F5-929A-42032DAC9AD7}" = Windows Live Writer
"{31AC9515-5F70-41D1-F740-B1978B8D48EA}" = CCC Help Greek
"{31B9D218-FED2-4C6C-B19F-7294FFC130B0}" = Adobe AIR
"{3336F667-9049-4D46-98B6-4C743EEBC5B1}" = Windows Live Photo Gallery
"{34319F1F-7CF2-4CC9-B357-1AE7D2FF3AC5}" = Windows Live
"{34AB675C-1965-44B5-B5A7-B02EE6196AD3}" = Windows Live Messenger
"{34C4F5AF-D757-4E6A-ABCA-65AB5A50A1A8}" = Windows Live Messenger
"{34F4D9A4-42C2-4348-BEF4-E553C84549E7}" = Windows Live Photo Gallery
"{34FBC7C4-CD31-4D93-A428-0E524EAC4586}" = CyberLink Media+ Player10
"{368BEC2C-B7A2-4762-9213-2D8465D533CA}" = Windows Live UX Platform Language Pack
"{370F888E-42A7-4911-9E34-7D74632E17EB}" = Windows Live Photo Common
"{3717C4F2-7412-4793-9BB8-D73D2817B3D6}" = USB Video/Audio Device Driver
"{37B33B16-2535-49E7-8990-32668708A0A3}" = Windows Live UX Platform Language Pack
"{39BDD209-5704-480C-9F4A-B69D0370DDBB}" = Windows Live Messenger
"{39F95B0B-A0B7-4FA7-BB6C-197DA2546468}" = Windows Live Mesh
"{3AE82D96-752D-1505-8F07-FF9504D6D0E5}" = Catalyst Control Center Localization All
"{3B72C1E0-26A1-40F6-8516-D50C651DFB3C}" = Windows Live Essentials
"{3B8F240C-B75E-4A1E-BDCC-6C7F033078A3}" = Windows Live UX Platform Language Pack
"{3B9A92DA-6374-4872-B646-253F18624D5F}" = Windows Live Writer
"{3C873221-12B9-475D-8DCB-62D0B2179AF9}" = USB2.0 ATV
"{3D0C22FA-96D7-4789-BC5B-991A5A99BFFA}" = Windows Live Messenger
"{3D2E0EFF-7E27-ED90-809A-7E59FB05AE63}" = CCC Help Portuguese
"{3F4143A1-9C21-4011-8679-3BC1014C6886}" = Windows Live Mesh
"{3F5C371F-8EA2-4F25-9D3D-D0B4526E3AEA}" = NVIDIA PhysX
"{40BF1E83-20EB-11D8-97C5-0009C5020658}" = CyberLink Power2Go
"{40BFD84C-64CD-42CC-9909-8734C50429C6}" = Windows Live UX Platform Language Pack
"{410DF0AA-882D-450D-9E1B-F5397ACFFA80}" = Windows Live Essentials
"{4264C020-850B-4F08-ACBE-98205D9C336C}" = Windows Live Writer
"{429DF1A0-3610-4E9E-8ACE-3C8AC1BA8FCA}" = Windows Live Photo Gallery
"{43B43577-2514-4CE0-B14A-7E85C17C0453}" = Windows Live Essentials
"{442032CB-900C-49C7-B4B4-2B76525DD403}" = Windows Live Photo Common
"{4444F27C-B1A8-464E-9486-4C37BAB39A09}" = Фотогалерия на Windows Live
"{458F399F-62AC-4747-99F5-499BBF073D29}" = Windows Live Writer Resources
"{4664ED39-C80A-48F7-93CD-EBDCAFAB6CC5}" = Windows Live Writer Resources
"{46872828-6453-4138-BE1C-CE35FBF67978}" = Windows Live Mesh
"{481C8C2A-D764-E7B9-8155-316540E71082}" = Catalyst Control Center InstallProxy
"{488F0347-C4A7-4374-91A7-30818BEDA710}" = Galerie de photos Windows Live
"{48C0DC5E-820A-44F2-890E-29B68EDD3C78}" = Windows Live Writer
"{4A04DB63-8F81-4EF4-9D09-61A2057EF419}" = Windows Live Essentials
"{4A275FD1-2F24-4274-8C01-813F5AD1A92D}" = Windows Live Messenger
"{4B28D47A-5FF0-45F8-8745-11DC2A1C9D0F}" = Windows Live Writer
"{4C378B16-46B7-4DA1-A2CE-2EE676F74680}" = Windows Live UX Platform Language Pack
"{4D141929-141B-4605-95D6-2B8650C1C6DA}" = Windows Live UX Platform Language Pack
"{4D83F339-5A5C-4B21-8FD3-5D407B981E72}" = Windows Live Photo Common
"{4F35DF91-F834-41F7-A287-0E377D55C486}" = Windows Live Photo Common
"{50300123-F8FC-4B50-B449-E847D04F1BA2}" = Windows Live Messenger
"{506FC723-8E6C-4417-9CFF-351F99130425}" = Windows Live UX Platform Language Pack
"{517EAAB9-C35E-4949-B8C2-20C241162BBB}" = Windows Live Pošta
"{51FFAC89-B6B0-4E6E-B76F-6D4E2E83086A}" = Windows Live 메일
"{523DF2BB-3A85-4047-9898-29DC8AEB7E69}" = Windows Live UX Platform Language Pack
"{5275D81E-83AD-4DE4-BC2B-6E6BA3A33244}" = Windows Live Writer Resources
"{539A0CEA-17E4-4FE4-A5E8-EC5D40610A79}" = „Windows Live Messenger“
"{545192D4-E817-4EAA-834D-623EA50CF268}" = Windows Live UX Platform Language Pack
"{565B9F3F-3617-6859-B821-6F103537489D}" = CCC Help Danish
"{579684A4-DDD5-4CA3-9EA8-7BE7D9593DB4}" = Windows Live UX Platform Language Pack
"{588CE0C0-860B-49A8-AFCF-3C69465B345F}" = Windows Live Mesh
"{59F0E916-7B87-4F09-888B-850F3F0700B5}" = Catalyst Control Center - Branding
"{5C2F5C1B-9732-4F81-8FBF-6711627DC508}" = Windows Live Fotogalleri
"{5CF5B1A5-CBC3-42F0-8533-5A5090665862}" = Windows Live Mesh
"{5D163056-96B7-440F-A836-89BA5D3CFF2F}" = Windows Live Photo Common
"{5D273F60-0525-48BA-A5FB-D0CAA4A952AE}" = Windows Live Movie Maker
"{5D2E7BD7-4B6F-4086-BA8A-E88484750624}" = Windows Live Writer Resources
"{5D90ABE5-8A35-4947-8269-6F40BCE47A95}" = Windows Live Messenger
"{5DA7D148-D2D2-4C67-8444-2F0F9BD88A06}" = Windows Live Writer
"{5E627606-53B9-42D1-97E1-D03F6229E248}" = Windows Live UX Platform Language Pack
"{5F6E678A-7E61-448A-86CB-BC2AD1E04138}" = Windows Live Messenger
"{6057E21C-ABE9-4059-AE3E-3BEB9925E660}" = Windows Live Messenger
"{60C3C026-DB53-4DAB-8B97-7C1241F9A847}" = Windows Live Movie Maker
"{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}" = Google Update Helper
"{61506B53-EE02-46CE-8464-3F806947978F}" = Windows Live Mesh
"{62687B11-58B5-4A18-9BC3-9DF4CE03F194}" = Windows Live Writer Resources
"{63AE67AA-1AB1-4565-B4EF-ABBC5C841E8D}" = Windows Live Messenger
"{63CF7D0C-B6E7-4EE9-8253-816B613CC437}" = Windows Live Mail
"{640798A0-A4FB-4C52-AC72-755134767F1E}" = Windows Live Movie Maker
"{64376910-1860-4CEF-8B34-AA5D205FC5F1}" = Poczta usługi Windows Live
"{644063FA-ABA3-42AC-A8AC-3EDC0706018B}" = Windows Live Mesh
"{6491AB99-A11E-41FD-A5E7-32DE8A097B8E}" = Windows Live Essentials
"{64B2D6B3-71AC-45A7-A6A1-2E07ABF58341}" = Windows Live Movie Maker
"{677AAD91-1790-4FC5-B285-0E6A9D65F7DC}" = Windows Live Mail
"{6807427D-8D68-4D30-AF5B-0B38F8F948C8}" = Windows Live Writer Resources
"{682B3E4F-696A-42DE-A41C-4C07EA1678B4}" = Windows Live SOXE
"{6986737B-F286-40D1-87AF-938339DCF6AB}" = Windows Live Messenger
"{69C9C672-400A-43A0-B2DE-9DB38C371282}" = Windows Live Writer
"{69CAC24D-B1DC-4B97-A1BE-FE21843108FE}" = Windows Live Writer Resources
"{6A4ABCDC-0A49-4132-944E-01FBCCB3465C}" = Windows Live UX Platform Language Pack
"{6A563426-3474-41C6-B847-42B39F1485B2}" = Windows Live Messenger
"{6ABE832B-A5C7-44C1-B697-3E123B7B4D5B}" = Windows Live Mesh
"{6B3BAE39-4ED1-4EEB-9769-A3AA0AA58CB4}" = Windows Live Movie Maker
"{6B556C37-8919-4991-AC34-93D018B9EA49}" = Windows Live Photo Common
"{6CB36609-E3A6-446C-A3C1-C71E311D2B9C}" = Windows Live Movie Maker
"{6D30E864-46AE-435B-8230-8B5D42B4AE37}" = Windows Live Messenger
"{6DCE9C3E-3DB7-4C3C-8B80-BC55781BB7B6}" = Windows Live Writer Resources
"{6DEC8BD5-7574-47FA-B080-492BBBE2FEA3}" = Windows Live Movie Maker
"{6EB5B377-BD22-2E2E-772F-4A993EAC38FD}" = Catalyst Control Center Graphics Previews Common
"{6EE9F44A-B8C7-4CDB-B2A9-441AF2AE315A}" = Windows Live Messenger
"{6EF2BE2C-3121-48B7-B7A6-C56046B3A588}" = Windows Live Movie Maker
"{6F37D92B-41AA-44B7-80D2-457ABDE11896}" = Windows Live Photo Common
"{709E38A9-7F80-4598-96CC-44B0D553FECE}" = Windows Live Messenger
"{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable
"{7115EEBC-DA7B-434C-B81C-EA5B26EA9A94}" = Windows Live Writer Resources
"{71684DFF-CDED-450C-AF0C-4A1A6438A1A5}" = Windows Live Essentials
"{71A81378-79D5-40CC-9BDC-380642D1A87F}" = Windows Live Writer
"{71C95134-F6A9-45E7-B7B3-07CA6012BF2A}" = Windows Live Mesh
"{7272F232-A7E0-4B2B-A5D2-71B7C5E2379C}" = Windows Live Fotótár
"{7327080F-6673-421F-BBD9-B618F357EEB3}" = Windows Live UX Platform Language Pack
"{734104DE-C2BF-412F-BB97-FCCE1EC94229}" = Windows Live Writer Resources
"{7373E17D-18E0-44A7-AC3A-6A3BFB85D3B3}" = Windows Live Movie Maker
"{73FC3510-6421-40F7-9503-EDAE4D0CF70D}" = Windows Live Photo Common
"{7465A996-0FCA-4D2D-A52C-F833B0829B5B}" = Windows Live Movie Maker
"{7496FD31-E5CB-4AE4-82D3-31099558BF6A}" = Windows Live Mesh
"{74E8A7F6-575D-42C7-9178-E87D1B3BEFE8}" = Windows Live UX Platform Language Pack
"{753F0A72-59C3-41CE-A36A-F2DF2079275C}" = Windows Live Mail
"{76BAD284-3559-25EE-AB8C-FBAA8042B24B}" = CCC Help English
"{770657D0-A123-3C07-8E44-1C83EC895118}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
"{77477AEA-5757-47D8-8B33-939F43D82218}" = Windows Live UX Platform Language Pack
"{777C7020-402D-4F73-D4C8-B375AFB5CFF7}" = CCC Help Polish
"{7780682A-47C9-480D-90BE-247539342595}" = Windows Live UX Platform Language Pack
"{77BC9EAF-14C7-4338-9B1C-D5A3E142C0B8}" = Windows Live Photo Common
"{77DAF553-291A-4471-988C-5677D90DB57E}" = Windows Live Writer Resources
"{77F69CA1-E53D-4D77-8BA3-FA07606CC851}" = Фотоальбом Windows Live
"{78906B56-0E81-42A7-AC25-F54C946E1538}" = Windows Live Photo Common
"{78DAE910-CA72-450E-AD22-772CB1A00678}" = Windows Live Mesh
"{7A9D47BA-6D50-4087-866F-0800D8B89383}" = Podstawowe programy Windows Live
"{7ADFA72D-2A9F-4DEC-80A5-2FAA27E23F0F}" = Windows Live Photo Common
"{7AF8E500-B349-4A77-8265-9854E9A47925}" = Windows Live Movie Maker
"{7B982EBD-D017-4527-BF1A-FC489EC6B100}" = Windows Live 照片库
"{7BA19818-F717-4DFB-BC11-FAF17B2B8AEE}" = Pošta Windows Live
"{7C2A3479-A5A0-412B-B0E6-6D64CBB9B251}" = Windows Live Photo Common
"{7CB529B2-6C74-4878-9C3F-C29C3C3BBDC6}" = Windows Live Writer Resources
"{7D0DE76C-874E-4BDE-A204-F4240160693E}" = Windows Live Photo Common
"{7D1C7B9F-2744-4388-B128-5C75B8BCCC84}" = Windows Live Essentials
"{7E017923-16F8-4E32-94EF-0A150BD196FE}" = Windows Live Writer
"{7E090AA3-1AA3-749F-4C2F-16CDB816651F}" = CCC Help Turkish
"{7E90B133-FF47-48BB-91B8-36FC5A548FE9}" = Windows Live Writer Resources
"{7F6021AE-E688-4D03-843A-C2260482BA0D}" = Windows Live Messenger
"{7FF11E53-C002-4F40-8D68-6BE751E5DD62}" = Windows Live Writer Resources
"{804DE397-F82C-4867-9085-E0AA539A3294}" = Windows Live Writer
"{80956555-A512-4190-9CAD-B000C36D6B6B}" = Windows Live Messenger
"{80E158EA-7181-40FE-A701-301CE6BE64AB}" = CyberLink MediaShow
"{80E8C65A-8F70-4585-88A2-ABC54BABD576}" = Windows Live Mesh
"{8162B13E-896E-40DF-EB30-5252BF25CC03}" = CCC Help Norwegian
"{827D3E4A-0186-48B7-9801-7D1E9DD40C07}" = Windows Live Essentials
"{82803FF3-563F-414F-A403-8D4C167D4120}" = Windows Live Mail
"{829CDAAD-5AF1-482F-978B-591C16A34ACC}" = Windows Live Messenger
"{832D9DE0-8AFC-4689-9819-4DBBDEBD3E4F}" = Microsoft Games for Windows - LIVE Redistributable
"{837b34e3-7c30-493c-8f6a-2b0f04e2912c}" = Microsoft Visual C++ 2005 Redistributable
"{83C292B7-38A5-440B-A731-07070E81A64F}" = Windows Live PIMT Platform
"{841F1FB4-FDF8-461C-A496-3E1CFD84C0B5}" = Windows Live Mesh
"{84267681-BF16-40B6-9564-27BC57D7D71C}" = Windows Live Photo Common
"{84A411F9-40A5-4CDA-BF46-E09FBB2BC313}" = Windows Live Essentials
"{85373DA7-834E-4850-8AF5-1D99F7526857}" = Windows Live Photo Common
"{859D4022-B76D-40DE-96EF-C90CDA263F44}" = Windows Live Writer
"{861B1145-7762-4794-B40C-3FF0A389DFE6}" = Windows Live Photo Gallery
"{86E6D3A7-3ADC-44C0-B94E-85D2A9DD36B0}" = Windows Live Writer
"{873E4648-6F6E-47F6-A7B2-A6F8DFABDCE6}" = Windows Live Messenger
"{8833FFB6-5B0C-4764-81AA-06DFEED9A476}" = Realtek Ethernet Controller Driver
"{885F1BCD-C344-4758-85BD-09640CF449A5}" = Windows Live Photo Gallery
"{8909CFA8-97BF-4077-AC0F-6925243FFE08}" = Windows Liven asennustyökalu
"{89CE7F9B-B4DF-8585-638B-6BD807ADE9C7}" = HydraVision
"{8A17260E-6572-1DE2-6E73-C297A31093C1}" = CCC Help Chinese Standard
"{8C6D6116-B724-4810-8F2D-D047E6B7D68E}" = Mesh Runtime
"{8CF5D47D-27B7-49D6-A14F-10550B92749D}" = Windows Live UX Platform Language Pack
"{8DD46C6A-0056-4FEC-B70A-28BB16A1F11F}" = MSVCRT
"{8E0AFE95-5099-1CB1-A3D1-1BFB2546F1F1}" = CCC Help Thai
"{8F8D9297-FDD2-405A-97E7-E52C7B2F97B3}" = Ulead VideoStudio SE DVD
"{90140000-0015-0409-0000-0000000FF1CE}" = Microsoft Office Access MUI (English) 2010
"{90140000-0016-0409-0000-0000000FF1CE}" = Microsoft Office Excel MUI (English) 2010
"{90140000-0018-0409-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (English) 2010
"{90140000-0019-0409-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (English) 2010
"{90140000-001A-0409-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (English) 2010
"{90140000-001B-0409-0000-0000000FF1CE}" = Microsoft Office Word MUI (English) 2010
"{90140000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2010
"{90140000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2010
"{90140000-001F-0C0A-0000-0000000FF1CE}" = Microsoft Office Proof (Spanish) 2010
"{90140000-002C-0409-0000-0000000FF1CE}" = Microsoft Office Proofing (English) 2010
"{90140000-003D-0000-0000-0000000FF1CE}" = Microsoft Office Single Image 2010
"{90140000-006E-0409-0000-0000000FF1CE}" = Microsoft Office Shared MUI (English) 2010
"{90140000-00A1-0409-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (English) 2010
"{90140000-0115-0409-0000-0000000FF1CE}" = Microsoft Office Shared Setup Metadata MUI (English) 2010
"{90140000-0117-0409-0000-0000000FF1CE}" = Microsoft Office Access Setup Metadata MUI (English) 2010
"{903EDF14-4E28-4463-AA5E-4AEE71C0263B}" = Windows Live Movie Maker
"{924B4D82-1B97-48EB-8F1E-55C4353C22DB}" = Windows Live Mail
"{92EA4134-10D1-418A-91E1-5A0453131A38}" = Windows Live Movie Maker
"{933B4015-4618-4716-A828-5289FC03165F}" = VC80CRTRedist - 8.0.50727.6195
"{93E464B3-D075-4989-87FD-A828B5C308B1}" = Windows Live Writer Resources
"{95BB7324-77D3-4BF3-8CF6-29F0857AC175}" = Easy File Share
"{97F77D62-5110-4FA3-A2D3-410B92D31199}" = Windows Live Fotogaléria
"{99BE7F5D-AB52-4404-9E03-4240FFAA7DE9}" = Windows Live Mesh
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9BD262D0-B788-4546-A0A5-F4F56EC3834B}" = Windows Live Photo Common
"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
"{9D56775A-93F3-44A3-8092-840E3826DE30}" = Windows Live Mail
"{9DA3F03B-2CEE-4344-838E-117861E61FAF}" = Windows Live Mail
"{9DB90178-B5B0-45BD-B0A7-D40A6A1DF1CA}" = Windows Live Movie Maker
"{9E771D5B-C429-4CBC-8730-3EBD9EC99E4C}" = Windows Live Movie Maker
"{9FAE6E8D-E686-49F5-A574-0A58DFD9580C}" = Windows Live Mail
"{A0B91308-6666-4249-8FF6-1E11AFD75FE1}" = Windows Live Mail
"{A0C91188-C88F-4E86-93E6-CD7C9A266649}" = Windows Live Mesh
"{A101F637-2E56-42C0-8E08-F1E9086BFAF3}" = Windows Live Movie Maker
"{A1668729-C4D2-49AE-877B-FB608362FFF1}" = Windows Live Essentials
"{A199DB88-E22D-4CE7-90AC-B8BE396D7BF4}" = Windows Live Movie Maker
"{A41A708E-3BE6-4561-855D-44027C1CF0F8}" = Windows Live Photo Common
"{A60B3BF0-954B-42AF-B8D8-2C1D34B613AA}" = Windows Live Photo Gallery
"{A726AE06-AAA3-43D1-87E3-70F510314F04}" = Windows Live Writer
"{A83F6EE0-A42E-66D8-88B6-90A475602565}" = CCC Help Hungarian
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{A9BDCA6B-3653-467B-AC83-94367DA3BFE3}" = Windows Live Photo Common
"{AAAFC670-569B-4A2F-82B4-42945E0DE3EF}" = Windows Live Writer
"{AAF454FC-82CA-4F29-AB31-6A109485E76E}" = Windows Live Writer
"{AB0B2113-5B96-4B95-8AD1-44613384911F}" = Windows Live Mesh
"{AB78C965-5C67-409B-8433-D7B5BDB12073}" = Windows Live Writer Resources
"{ABD534B7-E951-470E-92C2-CD5AF1735726}" = Windows Live Essentials
"{ABE2F2AA-7ADC-4717-9573-BF3F83C696AC}" = Windows Live Mail
"{AC76BA86-0804-1033-1959-001824147215}" = Adobe Refresh Manager
"{AC76BA86-7AD7-1033-7B44-AC0F074E4100}" = Adobe Acrobat Reader DC
"{ACFBE99B-6981-4513-B17E-A2683CEB9EE5}" = Windows Live Mesh
"{AD001A69-88CC-4766-B2DB-3C1DFAB9AC72}" = Windows Live Mesh
"{AD86049C-3D9C-43E1-BE73-643F57D83D50}" = Easy Migration
"{ADE85655-8D1E-4E4B-BF88-5E312FB2C74F}" = Windows Live Mail
"{ADFE4AED-7F8E-4658-8D6E-742B15B9F120}" = Windows Live Photo Common
"{AF01B90A-D25C-4F60-AECD-6EEDF509DC11}" = Windows Live Mesh
"{B0AD205F-60D0-4084-AFB8-34D9A706D9A8}" = Windows Live Essentials
"{B113D18C-67B0-4FB7-B329-E89B66194AE6}" = Windows Live Fotogalerie
"{B1239994-A850-44E2-BED8-E70A21124E16}" = Windows Live Mail
"{B2BCA478-EC0F-45EE-A9E9-5EABE87EA72D}" = Windows Live Photo Common
"{B33B61FE-701F-425F-98AB-2B85725CBF68}" = Windows Live Photo Common
"{B3BE54A4-8DFE-4593-8E66-56AB7133B812}" = Windows Live Writer
"{B4712CB7-27D7-4F61-8805-BCF9BE1CFC4A}" = Windows Live Writer Resources
"{B618C3BF-5142-4630-81DD-F96864F97C7E}" = Windows Live Essentials
"{B63F0CE3-CCD0-490A-9A9C-E1A3B3A17137}" = Почта Windows Live
"{B750B5C2-CC17-4967-905B-29F4EB986131}" = Software Launcher
"{B7B67AA5-12DA-4F01-918D-B1BF66779D8A}" = Windows Live Writer Resources
"{B81722D3-0A95-4BDE-AA1A-A2A5D12FCDB2}" = Windows Live Foto-galerija
"{B9B66F77-9D00-4CA4-BDF1-BBA8236B4DB6}" = Windows Live Writer
"{BAE68339-B0F6-4D33-9554-5A3DB2DFF5DA}" = User Guide
"{BD4EBDB5-EB14-4120-BB04-BE0A26C7FB3E}" = Windows Live Photo Common
"{BD695C2F-3EA0-4DA4-92D5-154072468721}" = Windows Live Fotoğraf Galerisi
"{BF022D76-9F72-4203-B8FA-6522DC66DFDA}" = Windows Live Movie Maker
"{BF35168D-F6F9-4202-BA87-86B5E3C9BF7A}" = Windows Live Mesh
"{C00C2A91-6CB3-483F-80B3-2958E29468F1}" = Συλλογή φωτογραφιών του Windows Live
"{C01FCACE-CC3D-49A2-ADC2-583A49857C58}" = Windows Live Essentials
"{C086E8FA-7445-4E07-1310-4616EC120EE7}" = CCC Help Dutch
"{C08D5964-C42F-48EE-A893-2396F9562A7C}" = Windows Live Mesh
"{C1C9D199-B4DD-4895-92DD-9A726A2FE341}" = Windows Live Writer
"{C29FC15D-E84B-4EEC-8505-4DED94414C59}" = Windows Live Writer Resources
"{C2AB7DC4-489E-4BE9-887A-52262FBADBE0}" = Windows Live Photo Common
"{C2F88EE6-D343-F986-E8F1-F012B294CEA7}" = CCC Help Korean
"{C3592426-531E-4110-911D-BFECE2CE284B}" = puush
"{C454280F-3C3E-4929-B60E-9E6CED5717E7}" = Windows Live Mail
"{C66824E4-CBB3-4851-BB3F-E8CFD6350923}" = Windows Live Mail
"{C8421D85-CA0E-4E93-A9A9-B826C4FB88EA}" = Windows Live Mail
"{C877E454-FA36-409A-A00E-1240CEC61BBD}" = „Windows Live“ fotogalerija
"{C893D8C0-1BA0-4517-B11C-E89B65E72F70}" = Windows Live Photo Common
"{C8A2793D-EFF2-4069-95BF-A28192E39DEB}" = Windows Live Writer
"{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}" = Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030
"{CB099890-1D5F-11D5-9EA9-0050BAE317E1}" = CyberLink PowerDirector
"{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}" = Microsoft .NET Framework 1.1
"{CB3F59BB-7858-41A1-A7EA-4B8A6FC7D431}" = Galeria fotografii usługi Windows Live
"{CB66242D-12B1-4494-82D2-6F53A7E024A3}" = Galerie foto Windows Live
"{CB7224D9-6DCA-43F1-8F83-6B1E39A00F92}" = Windows Live Movie Maker
"{CD442136-9115-4236-9C14-278F6A9DCB3F}" = Windows Live Movie Maker
"{CD7CB1E6-267A-408F-877D-B532AD2C882E}" = Windows Live Photo Common
"{CDC39BF2-9697-4959-B893-A2EE05EF6ACB}" = Windows Live Writer
"{CE929F09-3853-4180-BD90-30764BFF7136}" = גלריית התמונות של Windows Live
"{CE95A79E-E4FC-4FFF-8A75-29F04B942FF2}" = Windows Live UX Platform
"{CF671BFE-6BA3-44E7-98C1-500D9C51D947}" = Windows Live Photo Gallery
"{CF936193-C584-458C-B793-15FA945621AF}" = Windows Live fotoattēlu galerija
"{CF9DEFAA-12CD-4D04-AA45-F9F667D21E2E}" = Windows Live Movie Maker
"{D06F10C5-3EDD-4B29-A3B5-16BBB9A047F8}" = Windows Live Mesh
"{D07B1FDA-876B-4914-9E9A-309732B6D44F}" = Windows Live Mail
"{D0B44725-3666-492D-BEF6-587A14BD9BD9}" = MSVCRT_amd64
"{D27DF849-C8C7-4892-A7F1-E0B381A1BD01}" = Windows Live Writer
"{D299197D-CDEA-41A6-A363-F532DE4114FD}" = Windows Live UX Platform Language Pack
"{D31169F2-CD71-4337-B783-3E53F29F4CAD}" = Windows Live Mail
"{D37C1AFD-4B44-12B5-B833-1AA7725C32A4}" = AMD Catalyst Control Center
"{D436F577-1695-4D2F-8B44-AC76C99E0002}" = Windows Live Photo Common
"{D45240D3-B6B3-4FF9-B243-54ECE3E10066}" = Windows Live Communications Platform
"{D54A52A8-DF24-4CE8-850B-074CA47DFA74}" = Windows Live Messenger
"{D57D43BF-699A-429F-AF8C-AF1867222800}" = Windows Live 사진 갤러리
"{D588365A-AE39-4F27-BDAE-B4E72C8E900C}" = Windows Live Mail
"{D6CBB3B2-F510-483D-AE0D-1CF3F43CF1EE}" = Windows Live Writer Resources
"{D6F25CF9-4E87-43EB-B324-C12BE9CDD668}" = Windows Live UX Platform Language Pack
"{D8735515-0DB5-DCBD-C303-37D32DE4363F}" = CCC Help Japanese
"{D987098B-3AD4-4E88-B80E-CF27A32D1955}" = Windows Live Writer Resources
"{DA29F644-2420-4448-8128-1331BE588999}" = Windows Live Writer
"{DAEF48AD-89C8-4A93-B1DD-45B7E4FB6071}" = Windows Live Movie Maker
"{DB1208F4-B2FE-44E9-BFE6-8824DBD7891B}" = Windows Live Movie Maker
"{DBAA2B17-D596-4195-A169-BA2166B0D69B}" = Windows Live Mail
"{DCAB6BA7-6533-44BF-9235-E5BF33B7431C}" = Windows Live Writer
"{DDC1E1BD-7615-4186-89E1-F5F43F9B6491}" = Windows Live Movie Maker
"{DDC8BDEE-DCAC-404D-8257-3E8D4B782467}" = Windows Live Writer Resources
"{DE256D8B-D971-456D-BC02-CB64DA24F115}" = Easy Software Manager
"{DE7C13A6-E4EA-4296-B0D5-5D7E8AD69501}" = Windows Live Writer
"{DE8F99FD-2FC7-4C98-AA67-2729FDE1F040}" = Windows Live Writer Resources
"{DECDCB7C-58CC-4865-91AF-627F9798FE48}" = Windows Live Mesh
"{DEF91E0F-D266-453D-B6F2-1BA002B40CB6}" = Windows Live Essentials
"{DF71ABBB-B834-41C0-BB58-80B0545D754C}" = Windows Live UX Platform Language Pack
"{E09C4DB7-630C-4F06-A631-8EA7239923AF}" = D3DX10
"{E337B156-DF81-48D8-8977-B1574EE87BCF}" = USB2.0 Capture Device
"{E4E88B54-4777-4659-967A-2EED1E6AFD83}" = Windows Live Movie Maker
"{E4F406B9-319B-2C33-54CE-84A46DA47BFB}" = CCC Help French
"{E5377D46-83C5-445A-A1F1-830336B42A10}" = Windows Live Galerija fotografija
"{E55E0C35-AC3C-4683-BA2F-834348577B80}" = Windows Live Writer
"{E59969EA-3B5B-4B24-8B94-43842A7FBFE9}" = Fotogalerija Windows Live
"{E5DD4723-FE0B-436E-A815-DC23CF902A0B}" = Windows Live UX Platform Language Pack
"{E62E0550-C098-43A2-B54B-03FB1E634483}" = Windows Live Writer
"{E727A662-AF9F-4DEE-81C5-F4A1686F3DFC}" = Windows Live Writer Resources
"{E7688C7D-DE09-4D43-9785-534EDE9BC18E}" = Windows Live Messenger
"{E83DC314-C926-4214-AD58-147691D6FE9F}" = Основные компоненты Windows Live
"{E8524B28-3BBB-4763-AC83-0E83FE31C350}" = Windows Live Writer
"{E85A4EFC-82F2-4CEE-8A8E-62FDAD353A66}" = Galería fotográfica de Windows Live
"{E9D98402-21AB-4E9F-BF6B-47AF36EF7E97}" = Windows Live Writer Resources
"{EA777812-4905-4C08-8F6E-13BDCC734609}" = Windows Live UX Platform Language Pack
"{EAB1BDF2-734A-4D44-9169-7615D185C974}" = Windows Live Mesh
"{EB4DF488-AAEF-406F-A341-CB2AAA315B90}" = Windows Live Messenger
"{EC20FB81-9B5E-4B97-92A2-8DC52548EFCE}" = Windows Live Mesh
"{EC58A9C9-22D8-FA14-785E-37B8C290AA8D}" = CCC Help Spanish
"{ED16B700-D91F-44B0-867C-7EB5253CA38D}" = Raccolta foto di Windows Live
"{EE492B20-FB15-4A98-883C-3054354A11F8}" = Windows Live Messenger
"{EEF99142-3357-402C-B298-DEC303E12D92}" = Windows Live 影像中心
"{EF7EAB13-46FC-49DD-8E3C-AAF8A286C5BB}" = Windows Live 程式集
"{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}" = Microsoft SQL Server 2005 Compact Edition [ENU]
"{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}" = Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219
"{F0F9505B-3ACF-4158-9311-D0285136AA00}" = Windows Live Essentials
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{F4BEA6C1-AAC3-4810-AAEA-588E26E0F237}" = Windows Live UX Platform Language Pack
"{F52C5BE7-3F57-464E-8A54-908402E43CE8}" = Windows Live Writer Resources
"{F66430D8-08E6-4C96-B9B7-90E66E27D58C}" = Windows Live Mail
"{F687E657-F636-44DF-8125-9FEEA2C362F5}" = Easy Support Center 1.0
"{F694D1F7-1F12-4550-9B7A-C871273ABAD5}" = Windows Live Messenger
"{F7A46527-DF1F-4B0F-9637-98547E189442}" = Windows Live Galeria de Fotos
"{F7E80BA7-A09D-4DD1-828B-C4A0274D4720}" = Windows Live Mesh
"{F80E5450-3EF3-4270-B26C-6AC53BEC5E76}" = Windows Live Movie Maker
"{F95E4EE0-0C6E-4273-B6B9-91FD6F071D76}" = Windows Live Essentials
"{FA6CF94F-DACF-4FE7-959D-55C421B91B17}" = Windows Live Mail
"{FB3D07AE-73D0-47A9-AC12-6F50BF8B6202}" = Windows Live Movie Maker
"{FB79FDB7-4DE1-453D-99FE-9A880F57380E}" = Windows Live Fotogalerie
"{FBCA06D2-4642-4F33-B20A-A7AB3F0D2E69}" = معرض صور Windows Live
"{FCDE76CB-989D-4E32-9739-6A272D2B0ED7}" = Windows Live Mesh
"{FE044230-9CA5-43F7-9B58-5AC5A28A1F33}" = Windows Live Essentials
"{FE62C88B-425B-4BDE-8B70-CD5AE3B83176}" = Windows Live Essentials
"{FEEF7F78-5876-438B-B554-C4CC426A4302}" = Windows Live Essentials
"{FF105207-8423-4E13-B0B1-50753170B245}" = Windows Live Movie Maker
"{FF3DFA01-1E98-46B4-A065-DA8AD47C9598}" = Windows Live Movie Maker
"{FF737490-5A2D-4269-9D82-97DB2F7C0B09}" = Windows Live Movie Maker
"Adobe AIR" = Adobe AIR
"Adobe Flash Player ActiveX" = Adobe Flash Player 18 ActiveX
"Adobe Flash Player NPAPI" = Adobe Flash Player 18 NPAPI
"Amazon Kindle" = Amazon Kindle
"AMIS" = AMIS 3.1.3 (U.S. English)
"avast" = Avast Free Antivirus
"Coupon Printer for Windows5.0.1.2" = Coupon Printer for Windows
"Diablo III" = Diablo III
"Fraps" = Fraps
"Google Chrome" = Google Chrome
"InstallShield_{01FB4998-33C4-4431-85ED-079E3EEFE75D}" = CyberLink YouCam
"InstallShield_{1FBF6C24-C1FD-4101-A42B-0C564F9E8E79}" = CyberLink Media Suite
"InstallShield_{34FBC7C4-CD31-4D93-A428-0E524EAC4586}" = CyberLink Media+ Player10
"InstallShield_{40BF1E83-20EB-11D8-97C5-0009C5020658}" = CyberLink Power2Go
"InstallShield_{80E158EA-7181-40FE-A701-301CE6BE64AB}" = CyberLink MediaShow
"InstallShield_{CB099890-1D5F-11D5-9EA9-0050BAE317E1}" = CyberLink PowerDirector
"Microsoft .NET Framework 1.1  (1033)" = Microsoft .NET Framework 1.1
"Mozilla Firefox 39.0 (x86 en-US)" = Mozilla Firefox 39.0 (x86 en-US)
"MozillaMaintenanceService" = Mozilla Maintenance Service
"NETGEAR Live Parental Controls Management Utility" = NETGEAR Live Parental Controls Management Utility 2.1.6
"Notepad++" = Notepad++
"Office14.Click2Run" = Microsoft Office Click-to-Run 2010
"Office14.SingleImage" = Microsoft Office Professional 2010
"Open Broadcaster Software" = Open Broadcaster Software
"RaidCall" = RaidCall
"SpeedFan" = SpeedFan (remove only)
"StarCraft II" = StarCraft II
"USB2.0 ATV" = USB2.0 ATV
"VLC media player" = VLC media player
"WinLiveSuite" = Windows Live 程式集
"WinRAR archiver" = WinRAR 4.10 (32-bit)
 
========== HKEY_USERS Uninstall List ==========
 
[HKEY_USERS\S-1-5-21-334125316-4088546140-4129291110-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"SOE-C:/Users/Home/AppData/Local/Sony Online Entertainment/ApplicationUpdater" = applicationupdater
 
========== Last 20 Event Log Errors ==========
 
[ Application Events ]
Error - 7/10/2015 9:05:01 PM | Computer Name = Home-PC | Source = Bonjour Service | ID = 100
Description =
 
Error - 7/12/2015 8:58:52 AM | Computer Name = Home-PC | Source = Microsoft-Windows-RestartManager | ID = 10007
Description = Application or service 'Apple Mobile Device' could not be restarted.
 
Error - 7/12/2015 9:13:38 AM | Computer Name = Home-PC | Source = Microsoft-Windows-CAPI2 | ID = 513
Description = Cryptographic Services failed while processing the OnIdentity() call
 in the System Writer Object.  Details: AddLegacyDriverFiles: Unable to back up image
 of binary GEAR ASPI Filter Driver.  System Error: The system cannot find the file
specified.  .
 
Error - 7/12/2015 9:15:12 AM | Computer Name = Home-PC | Source = Microsoft-Windows-CAPI2 | ID = 513
Description = Cryptographic Services failed while processing the OnIdentity() call
 in the System Writer Object.  Details: AddLegacyDriverFiles: Unable to back up image
 of binary GEAR ASPI Filter Driver.  System Error: The system cannot find the file
specified.  .
 
Error - 7/12/2015 1:10:31 PM | Computer Name = Home-PC | Source = WinMgmt | ID = 10
Description =
 
Error - 7/15/2015 8:11:43 AM | Computer Name = Home-PC | Source = Google Update | ID = 20
Description =
 
Error - 7/15/2015 9:04:57 AM | Computer Name = Home-PC | Source = WinMgmt | ID = 10
Description =
 
Error - 7/15/2015 9:05:23 AM | Computer Name = Home-PC | Source = WinMgmt | ID = 10
Description =
 
Error - 7/16/2015 10:47:00 AM | Computer Name = Home-PC | Source = WinMgmt | ID = 10
Description =
 
Error - 7/17/2015 8:38:52 AM | Computer Name = Home-PC | Source = WinMgmt | ID = 10
Description =
 
[ Media Center Events ]
Error - 5/16/2013 10:21:53 PM | Computer Name = Home-PC | Source = MCUpdate | ID = 0
Description = 7:21:53 PM - Failed to retrieve NetTV (Error: The request failed with
 HTTP status 403: Forbidden.)  
 
Error - 5/16/2013 10:21:53 PM | Computer Name = Home-PC | Source = MCUpdate | ID = 0
Description = 7:21:53 PM - Failed to retrieve MCEClientUX (Error: The request failed
 with HTTP status 403: Forbidden.)  
 
Error - 5/16/2013 11:22:20 PM | Computer Name = Home-PC | Source = MCUpdate | ID = 0
Description = 8:22:20 PM - Failed to retrieve NetTV (Error: The request failed with
 HTTP status 403: Forbidden.)  
 
Error - 5/16/2013 11:22:23 PM | Computer Name = Home-PC | Source = MCUpdate | ID = 0
Description = 8:22:20 PM - Failed to retrieve MCEClientUX (Error: The request failed
 with HTTP status 403: Forbidden.)  
 
Error - 5/17/2013 12:22:41 AM | Computer Name = Home-PC | Source = MCUpdate | ID = 0
Description = 9:22:41 PM - Failed to retrieve NetTV (Error: The request failed with
 HTTP status 403: Forbidden.)  
 
Error - 5/17/2013 1:24:43 AM | Computer Name = Home-PC | Source = MCUpdate | ID = 0
Description = 10:24:42 PM - Failed to retrieve NetTV (Error: The request failed
with HTTP status 403: Forbidden.)  
 
Error - 5/17/2013 6:27:45 AM | Computer Name = Home-PC | Source = MCUpdate | ID = 0
Description = 3:27:45 AM - Failed to retrieve NetTV (Error: The request failed with
 HTTP status 403: Forbidden.)  
 
Error - 5/17/2013 10:24:28 AM | Computer Name = Home-PC | Source = MCUpdate | ID = 0
Description = 7:24:28 AM - Failed to retrieve NetTV (Error: Invalid security token.)

 
Error - 5/17/2013 10:25:05 AM | Computer Name = Home-PC | Source = MCUpdate | ID = 0
Description = 7:24:28 AM - Failed to retrieve SportsSchedule (Error: The request
 failed with HTTP status 403: Forbidden.)  
 
Error - 5/17/2013 11:25:21 AM | Computer Name = Home-PC | Source = MCUpdate | ID = 0
Description = 8:25:21 AM - Failed to retrieve NetTV (Error: The request failed with
 HTTP status 403: Forbidden.)  
 
[ System Events ]
Error - 7/11/2015 10:46:11 AM | Computer Name = Home-PC | Source = Schannel | ID = 36888
Description = The following fatal alert was generated: 10. The internal error state
 is 10.
 
Error - 7/12/2015 8:58:52 AM | Computer Name = Home-PC | Source = Service Control Manager | ID = 7009
Description = A timeout was reached (30000 milliseconds) while waiting for the Apple
 Mobile Device service to connect.
 
Error - 7/12/2015 8:58:52 AM | Computer Name = Home-PC | Source = Service Control Manager | ID = 7000
Description = The Apple Mobile Device service failed to start due to the following
 error:   %%1053
 
Error - 7/15/2015 4:28:09 PM | Computer Name = Home-PC | Source = BROWSER | ID = 8032
Description =
 
Error - 7/17/2015 8:26:10 AM | Computer Name = Home-PC | Source = Schannel | ID = 36888
Description = The following fatal alert was generated: 10. The internal error state
 is 10.
 
Error - 7/17/2015 8:39:00 AM | Computer Name = Home-PC | Source = Service Control Manager | ID = 7009
Description = A timeout was reached (30000 milliseconds) while waiting for the Application
 Virtualization Client service to connect.
 
Error - 7/17/2015 8:39:00 AM | Computer Name = Home-PC | Source = Service Control Manager | ID = 7000
Description = The Application Virtualization Client service failed to start due
to the following error:   %%1053
 
Error - 7/17/2015 8:39:00 AM | Computer Name = Home-PC | Source = Service Control Manager | ID = 7001
Description = The Client Virtualization Handler service depends on the Application
 Virtualization Client service which failed to start because of the following error:
   %%1053
 
Error - 7/17/2015 3:45:52 PM | Computer Name = Home-PC | Source = BROWSER | ID = 8032
Description =
 
Error - 7/18/2015 5:30:58 PM | Computer Name = Home-PC | Source = BROWSER | ID = 8032
Description =
 
 
< End of report >


  • 0

#13
Essexboy

Essexboy

    GeekU Moderator

  • Retired Staff
  • 69,964 posts
You do need to clear some disc space as windows needs at least 15% free to function properly
Drive C: | 179.00 Gb Total Space | 9.63 Gb Free Space | 5.38% Space Free | Partition Type: NTFS

Warning This fix is only relevant for this system and no other, using on another computer may cause problems

Be advised that when the fix commences it will shut down all running processes and you may lose the desktop and icons, they will return on reboot

Run OTL
  • Under the Custom Scans/Fixes box at the bottom, paste in the following
    OTL_Fix.GIF[/*]
    [/list]
    :Commands
    [CREATERESTOREPOINT]
    
    :OTL
    O2 - BHO: (no name) - {02478D38-C3F9-4efb-9B51-7695ECA05670} - No CLSID value found.
    O2 - BHO: (no name) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - No CLSID value found.
    O3:64bit: - HKLM\..\Toolbar: (no name) - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - No CLSID value found.
    O3:64bit: - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
    O3 - HKLM\..\Toolbar: (no name) - {cdf97ee2-ded0-4369-835e-99dd08225fa5} - No CLSID value found.
    O3 - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
    O3 - HKU\S-1-5-21-334125316-4088546140-4129291110-1000\..\Toolbar\WebBrowser: (no name) - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - No CLSID value found.
    O3 - HKU\S-1-5-21-334125316-4088546140-4129291110-1000\..\Toolbar\WebBrowser: (no name) - {CDF97EE2-DED0-4369-835E-99DD08225FA5} - No CLSID value found.
    @Alternate Data Stream - 168 bytes -> C:\Users\Home\Documents\ParaPro Test (2).jpg:3or4kl4x13tuuug3Byamue2s4b
    @Alternate Data Stream - 168 bytes -> C:\Users\Home\Documents\HS diploma (2).jpg:3or4kl4x13tuuug3Byamue2s4b
    @Alternate Data Stream - 168 bytes -> C:\Users\Home\Documents\First aid card 2014 (2).jpg:3or4kl4x13tuuug3Byamue2s4b
    @Alternate Data Stream - 168 bytes -> C:\Users\Home\Documents\Copy of Anniversary 2013.jpeg:3or4kl4x13tuuug3Byamue2s4b
    @Alternate Data Stream - 168 bytes -> C:\Users\Home\Documents\Anniversary 2013.jpeg:3or4kl4x13tuuug3Byamue2s4b
    
    :Commands
    [resethosts]
    [emptytemp]
    [Reboot]
    • Then click the Run Fix button at the top
    • Let the program run unhindered, reboot the PC when it is done

    THEN

    Download and Install Combofix

    Download ComboFix from one of the following locations:
    Link 1
    Link 2

    VERY IMPORTANT !!! Save ComboFix.exe to your Desktop

    * IMPORTANT - Disable your AntiVirus and AntiSpyware applications, usually via a right click on the System Tray icon. They may otherwise interfere with our tools. If you have difficulty properly disabling your protective programs, refer to this link here
    [list][*]Double click on ComboFix.exe & follow the prompts.
    [*]Accept the disclaimer and allow to update if it asks

    [img width=426 height=293]http://img.photobuck...claimer_ENG.png

NSIS_extraction.png
  • When finished, it shall produce a log for you.
  • Please include the C:\ComboFix.txt in your next reply.
  • Notes:
    1. Do not mouse-click Combofix's window while it is running. That may cause it to stall.
    2. Do not "re-run" Combofix. If you have a problem, reply back for further instructions.

    3. If after the reboot you get errors about programmes being marked for deletion then reboot, that will cure it.


    Please make sure you include the combo fix log in your next reply as well as describe how your computer is running now

  • 0

#14
Dougrbi

Dougrbi

    Member

  • Topic Starter
  • Member
  • PipPip
  • 57 posts

ComboFix 15-07-18.01 - Home 07/19/2015   9:30.1.4 - x64
Microsoft Windows 7 Home Premium   6.1.7601.1.1252.1.1033.18.3564.1351 [GMT -7:00]
Running from: c:\users\Home\Downloads\ComboFix.exe
AV: avast! Antivirus *Disabled/Updated* {17AD7D40-BA12-9C46-7131-94903A54AD8B}
SP: avast! Antivirus *Disabled/Updated* {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736}
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
(((((((((((((((((((((((((((((((((((((((   Other Deletions   )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
C:\CFLog
c:\cflog\EPLog.txt
c:\users\Home\Documents\~WRL0228.tmp
c:\users\Home\Documents\~WRL0298.tmp
.
.
(((((((((((((((((((((((((   Files Created from 2015-06-19 to 2015-07-19  )))))))))))))))))))))))))))))))
.
.
2015-07-19 16:44 . 2015-07-19 16:44    --------    d-----w-    c:\users\Default\AppData\Local\temp
2015-07-19 16:34 . 2015-07-19 16:34    75888    ----a-w-    c:\programdata\Microsoft\Windows Defender\Definition Updates\{3F064358-7DA6-4F53-9217-AB4DD962680B}\offreg.4652.dll
2015-07-19 16:02 . 2015-07-19 16:02    --------    d-----w-    C:\_OTL
2015-07-17 11:36 . 2015-06-12 07:50    12221144    ----a-w-    c:\programdata\Microsoft\Windows Defender\Definition Updates\{3F064358-7DA6-4F53-9217-AB4DD962680B}\mpengine.dll
2015-07-17 03:03 . 2015-07-17 12:29    --------    d-----w-    c:\program files (x86)\SpeedFan
2015-07-15 02:44 . 2015-06-20 19:57    49664    ----a-w-    c:\program files\Internet Explorer\DiagnosticsHub_is.dll
2015-07-15 02:43 . 2015-07-01 20:49    1216512    ----a-w-    c:\windows\system32\rpcrt4.dll
2015-06-24 08:29 . 2015-06-24 08:29    1217192    ----a-w-    c:\windows\SysWow64\FM20.DLL
.
.
.
((((((((((((((((((((((((((((((((((((((((   Find3M Report   ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2015-07-15 02:25 . 2012-05-31 01:17    778416    ----a-w-    c:\windows\SysWow64\FlashPlayerApp.exe
2015-07-15 02:25 . 2011-12-28 01:52    142512    ----a-w-    c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2015-07-03 15:43 . 2012-03-21 21:56    130333168    ----a-w-    c:\windows\system32\MRT.exe
2015-06-26 14:43 . 2012-08-05 04:37    442264    ----a-w-    c:\windows\system32\drivers\aswsp.sys
2015-06-23 20:30 . 2010-11-21 03:27    300704    ------w-    c:\windows\system32\MpSigStub.exe
2015-06-14 14:43 . 2014-04-24 02:32    137288    ----a-w-    c:\windows\system32\drivers\aswStm.sys
2015-06-14 14:43 . 2015-06-14 14:43    364472    ----a-w-    c:\windows\system32\aswBoot.exe
2015-06-14 14:43 . 2014-04-24 02:32    29168    ----a-w-    c:\windows\system32\drivers\aswHwid.sys
2015-06-14 14:43 . 2014-04-24 02:28    272248    ----a-w-    c:\windows\system32\drivers\aswVmm.sys
2015-06-14 14:43 . 2014-04-24 02:28    65736    ----a-w-    c:\windows\system32\drivers\aswRvrt.sys
2015-06-14 14:43 . 2012-08-05 04:37    93528    ----a-w-    c:\windows\system32\drivers\aswRdr2.sys
2015-06-14 14:43 . 2012-08-05 04:37    89944    ----a-w-    c:\windows\system32\drivers\aswMonFlt.sys
2015-06-14 14:43 . 2015-06-14 14:43    43112    ----a-w-    c:\windows\avastSS.scr
2015-06-14 14:43 . 2012-08-05 04:37    1047320    ----a-w-    c:\windows\system32\drivers\aswSnx.sys
2015-05-25 18:24 . 2015-06-10 12:43    5569984    ----a-w-    c:\windows\system32\ntoskrnl.exe
2015-05-25 18:21 . 2015-06-10 12:43    1728960    ----a-w-    c:\windows\system32\ntdll.dll
2015-05-25 18:19 . 2015-06-10 12:43    243712    ----a-w-    c:\windows\system32\wow64.dll
2015-05-25 18:19 . 2015-06-10 12:43    362496    ----a-w-    c:\windows\system32\wow64win.dll
2015-05-25 18:19 . 2015-06-10 12:43    13312    ----a-w-    c:\windows\system32\wow64cpu.dll
2015-05-25 18:19 . 2015-06-10 12:43    215040    ----a-w-    c:\windows\system32\winsrv.dll
2015-05-25 18:19 . 2015-06-10 12:43    1255424    ----a-w-    c:\windows\system32\diagtrack.dll
2015-05-25 18:19 . 2015-06-10 12:43    879104    ----a-w-    c:\windows\system32\tdh.dll
2015-05-25 18:19 . 2015-06-10 12:43    503808    ----a-w-    c:\windows\system32\srcore.dll
2015-05-25 18:19 . 2015-06-10 12:43    113664    ----a-w-    c:\windows\system32\sechost.dll
2015-05-25 18:19 . 2015-06-10 12:43    50176    ----a-w-    c:\windows\system32\srclient.dll
2015-05-25 18:19 . 2015-06-10 12:43    16384    ----a-w-    c:\windows\system32\ntvdm64.dll
2015-05-25 18:19 . 2015-06-10 12:43    424960    ----a-w-    c:\windows\system32\KernelBase.dll
2015-05-25 18:19 . 2015-06-10 12:43    1162752    ----a-w-    c:\windows\system32\kernel32.dll
2015-05-25 18:18 . 2015-06-10 12:43    43520    ----a-w-    c:\windows\system32\csrsrv.dll
2015-05-25 18:18 . 2015-06-10 12:43    879104    ----a-w-    c:\windows\system32\advapi32.dll
2015-05-25 18:18 . 2015-06-10 12:43    404992    ----a-w-    c:\windows\system32\tracerpt.exe
2015-05-25 18:18 . 2015-06-10 12:43    47104    ----a-w-    c:\windows\system32\typeperf.exe
2015-05-25 18:18 . 2015-06-10 12:43    112640    ----a-w-    c:\windows\system32\smss.exe
2015-05-25 18:18 . 2015-06-10 12:43    296960    ----a-w-    c:\windows\system32\rstrui.exe
2015-05-25 18:18 . 2015-06-10 12:43    43008    ----a-w-    c:\windows\system32\relog.exe
2015-05-25 18:18 . 2015-06-10 12:43    104448    ----a-w-    c:\windows\system32\logman.exe
2015-05-25 18:18 . 2015-06-10 12:43    19456    ----a-w-    c:\windows\system32\diskperf.exe
2015-05-25 18:18 . 2015-06-10 12:43    338432    ----a-w-    c:\windows\system32\conhost.exe
2015-05-25 18:11 . 2015-06-10 12:43    4608    ---ha-w-    c:\windows\system32\api-ms-win-core-processthreads-l1-1-0.dll
2015-05-25 18:11 . 2015-06-10 12:43    4096    ---ha-w-    c:\windows\system32\api-ms-win-core-synch-l1-1-0.dll
2015-05-25 18:11 . 2015-06-10 12:43    3584    ---ha-w-    c:\windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll
2015-05-25 18:11 . 2015-06-10 12:43    3584    ---ha-w-    c:\windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll
2015-05-25 18:11 . 2015-06-10 12:43    3072    ---ha-w-    c:\windows\system32\api-ms-win-core-string-l1-1-0.dll
2015-05-25 18:11 . 2015-06-10 12:43    6144    ---ha-w-    c:\windows\system32\api-ms-win-security-base-l1-1-0.dll
2015-05-25 18:11 . 2015-06-10 12:43    4096    ---ha-w-    c:\windows\system32\api-ms-win-core-localregistry-l1-1-0.dll
2015-05-25 18:11 . 2015-06-10 12:43    3584    ---ha-w-    c:\windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll
2015-05-25 18:11 . 2015-06-10 12:43    3584    ---ha-w-    c:\windows\system32\api-ms-win-core-misc-l1-1-0.dll
2015-05-25 18:11 . 2015-06-10 12:43    3584    ---ha-w-    c:\windows\system32\api-ms-win-core-memory-l1-1-0.dll
2015-05-25 18:11 . 2015-06-10 12:43    3584    ---ha-w-    c:\windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll
2015-05-25 18:11 . 2015-06-10 12:43    3072    ---ha-w-    c:\windows\system32\api-ms-win-core-io-l1-1-0.dll
2015-05-25 18:11 . 2015-06-10 12:43    4608    ---ha-w-    c:\windows\system32\api-ms-win-core-threadpool-l1-1-0.dll
2015-05-25 18:11 . 2015-06-10 12:43    4096    ---ha-w-    c:\windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll
2015-05-25 18:11 . 2015-06-10 12:43    3072    ---ha-w-    c:\windows\system32\api-ms-win-core-xstate-l1-1-0.dll
2015-05-25 18:11 . 2015-06-10 12:43    3072    ---ha-w-    c:\windows\system32\api-ms-win-core-util-l1-1-0.dll
2015-05-25 18:11 . 2015-06-10 12:43    3072    ---ha-w-    c:\windows\system32\api-ms-win-core-profile-l1-1-0.dll
2015-05-25 18:11 . 2015-06-10 12:42    6656    ----a-w-    c:\windows\system32\apisetschema.dll
2015-05-25 18:11 . 2015-06-10 12:42    4096    ---ha-w-    c:\windows\system32\api-ms-win-core-localization-l1-1-0.dll
2015-05-25 18:11 . 2015-06-10 12:43    5120    ---ha-w-    c:\windows\system32\api-ms-win-core-file-l1-1-0.dll
2015-05-25 18:11 . 2015-06-10 12:43    3584    ---ha-w-    c:\windows\system32\api-ms-win-core-heap-l1-1-0.dll
2015-05-25 18:11 . 2015-06-10 12:43    3072    ---ha-w-    c:\windows\system32\api-ms-win-core-handle-l1-1-0.dll
2015-05-25 18:11 . 2015-06-10 12:43    3072    ---ha-w-    c:\windows\system32\api-ms-win-core-fibers-l1-1-0.dll
2015-05-25 18:11 . 2015-06-10 12:43    3072    ---ha-w-    c:\windows\system32\api-ms-win-core-interlocked-l1-1-0.dll
2015-05-25 18:11 . 2015-06-10 12:43    3072    ---ha-w-    c:\windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll
2015-05-25 18:11 . 2015-06-10 12:43    3072    ---ha-w-    c:\windows\system32\api-ms-win-core-delayload-l1-1-0.dll
2015-05-25 18:11 . 2015-06-10 12:43    3072    ---ha-w-    c:\windows\system32\api-ms-win-core-debug-l1-1-0.dll
2015-05-25 18:11 . 2015-06-10 12:43    3072    ---ha-w-    c:\windows\system32\api-ms-win-core-datetime-l1-1-0.dll
2015-05-25 18:11 . 2015-06-10 12:42    3072    ---ha-w-    c:\windows\system32\api-ms-win-core-console-l1-1-0.dll
2015-05-25 18:07 . 2015-06-10 12:43    3989440    ----a-w-    c:\windows\SysWow64\ntkrnlpa.exe
2015-05-25 18:07 . 2015-06-10 12:43    3934144    ----a-w-    c:\windows\SysWow64\ntoskrnl.exe
2015-05-25 18:04 . 2015-06-10 12:43    1310744    ----a-w-    c:\windows\SysWow64\ntdll.dll
2015-05-25 18:01 . 2015-06-10 12:43    635392    ----a-w-    c:\windows\SysWow64\tdh.dll
2015-05-25 18:01 . 2015-06-10 12:43    43008    ----a-w-    c:\windows\SysWow64\srclient.dll
2015-05-25 18:01 . 2015-06-10 12:43    92160    ----a-w-    c:\windows\SysWow64\sechost.dll
2015-05-25 18:01 . 2015-06-10 12:43    14336    ----a-w-    c:\windows\SysWow64\ntvdm64.dll
2015-05-25 18:01 . 2015-06-10 12:43    641536    ----a-w-    c:\windows\SysWow64\advapi32.dll
2015-05-25 18:01 . 2015-06-10 12:43    44032    ----a-w-    c:\windows\apppatch\acwow64.dll
2015-05-25 18:00 . 2015-06-10 12:43    40448    ----a-w-    c:\windows\SysWow64\typeperf.exe
2015-05-25 18:00 . 2015-06-10 12:43    364544    ----a-w-    c:\windows\SysWow64\tracerpt.exe
2015-05-25 18:00 . 2015-06-10 12:43    25600    ----a-w-    c:\windows\SysWow64\setup16.exe
2015-05-25 18:00 . 2015-06-10 12:43    37888    ----a-w-    c:\windows\SysWow64\relog.exe
2015-05-25 18:00 . 2015-06-10 12:43    82944    ----a-w-    c:\windows\SysWow64\logman.exe
2015-05-25 18:00 . 2015-06-10 12:43    17408    ----a-w-    c:\windows\SysWow64\diskperf.exe
2015-05-25 17:59 . 2015-06-10 12:43    5120    ----a-w-    c:\windows\SysWow64\wow32.dll
2015-05-25 17:59 . 2015-06-10 12:43    274944    ----a-w-    c:\windows\SysWow64\KernelBase.dll
2015-05-25 17:55 . 2015-06-10 12:43    4096    ---ha-w-    c:\windows\SysWow64\api-ms-win-core-sysinfo-l1-1-0.dll
2015-05-25 17:55 . 2015-06-10 12:43    5120    ---ha-w-    c:\windows\SysWow64\api-ms-win-core-file-l1-1-0.dll
2015-05-25 17:55 . 2015-06-10 12:43    4096    ---ha-w-    c:\windows\SysWow64\api-ms-win-core-synch-l1-1-0.dll
2015-05-25 17:55 . 2015-06-10 12:43    4608    ---ha-w-    c:\windows\SysWow64\api-ms-win-core-processthreads-l1-1-0.dll
2015-05-25 17:55 . 2015-06-10 12:43    3584    ---ha-w-    c:\windows\SysWow64\api-ms-win-core-processenvironment-l1-1-0.dll
2015-05-25 17:55 . 2015-06-10 12:43    3072    ---ha-w-    c:\windows\SysWow64\api-ms-win-core-string-l1-1-0.dll
2015-05-25 17:55 . 2015-06-10 12:43    3072    ---ha-w-    c:\windows\SysWow64\api-ms-win-core-rtlsupport-l1-1-0.dll
2015-05-25 17:55 . 2015-06-10 12:43    3072    ---ha-w-    c:\windows\SysWow64\api-ms-win-core-profile-l1-1-0.dll
2015-05-25 17:55 . 2015-06-10 12:43    4096    ---ha-w-    c:\windows\SysWow64\api-ms-win-core-misc-l1-1-0.dll
2015-05-25 17:55 . 2015-06-10 12:43    4096    ---ha-w-    c:\windows\SysWow64\api-ms-win-core-localregistry-l1-1-0.dll
2015-05-25 17:55 . 2015-06-10 12:43    3584    ---ha-w-    c:\windows\SysWow64\api-ms-win-core-namedpipe-l1-1-0.dll
2015-05-25 17:55 . 2015-06-10 12:43    3584    ---ha-w-    c:\windows\SysWow64\api-ms-win-core-memory-l1-1-0.dll
2015-05-25 17:55 . 2015-06-10 12:43    3584    ---ha-w-    c:\windows\SysWow64\api-ms-win-core-libraryloader-l1-1-0.dll
2015-05-25 17:55 . 2015-06-10 12:43    3584    ---ha-w-    c:\windows\SysWow64\api-ms-win-core-interlocked-l1-1-0.dll
2015-05-25 17:55 . 2015-06-10 12:43    3584    ---ha-w-    c:\windows\SysWow64\api-ms-win-core-heap-l1-1-0.dll
2015-05-25 17:55 . 2015-06-10 12:43    3072    ---ha-w-    c:\windows\SysWow64\api-ms-win-core-io-l1-1-0.dll
.
.
(((((((((((((((((((((((((((((((((((((   Reg Loading Points   ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"HydraVisionDesktopManager"="c:\program files (x86)\ATI Technologies\HydraVision\HydraDM.exe" [2014-04-18 1967616]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"RemoteControl10"="c:\program files (x86)\CyberLink\Media+Player10\Media+Player10Serv.exe" [2010-09-20 87336]
"CLMLServer"="c:\program files (x86)\CyberLink\Power2Go\CLMLSvc.exe" [2009-11-02 103720]
"UVS10 Preload"="c:\program files (x86)\Ulead Systems\Ulead VideoStudio SE DVD\uvPL.exe" [2006-08-09 36864]
"DivXUpdate"="c:\program files (x86)\DivX\DivX Update\DivXUpdate.exe" [2011-07-28 1259376]
"AvastUI.exe"="c:\program files\AVAST Software\Avast\AvastUI.exe" [2015-06-14 5515496]
"StartCCC"="c:\program files (x86)\ATI Technologies\ATI.ACE\Core-Static\amd64\CLIStart.exe" [2014-04-18 767200]
.
c:\users\Home\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
OneNote 2010 Screen Clipper and Launcher.lnk - c:\program files (x86)\Microsoft Office\Office14\ONENOTEM.EXE /tsr [2013-6-25 228552]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 0 (0x0)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableLUA"= 0 (0x0)
"EnableUIADesktopToggle"= 0 (0x0)
"PromptOnSecureDesktop"= 0 (0x0)
"SoftwareSASGeneration"= 1 (0x1)
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\windows]
"LoadAppInit_DLLs"=1 (0x1)
.
R2 aswStm;aswStm;c:\windows\system32\drivers\aswStm.sys;c:\windows\SYSNATIVE\drivers\aswStm.sys [x]
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [x]
R3 EagleX64;EagleX64;c:\windows\system32\drivers\EagleX64.sys;c:\windows\SYSNATIVE\drivers\EagleX64.sys [x]
R3 IEEtwCollectorService;Internet Explorer ETW Collector Service;c:\windows\system32\IEEtwCollector.exe;c:\windows\SYSNATIVE\IEEtwCollector.exe [x]
R3 LADF_CaptureOnly;LADF Capture Filter Driver;c:\windows\system32\DRIVERS\ladfGSCamd64.sys;c:\windows\SYSNATIVE\DRIVERS\ladfGSCamd64.sys [x]
R3 LADF_RenderOnly;LADF Render Filter Driver;c:\windows\system32\DRIVERS\ladfGSRamd64.sys;c:\windows\SYSNATIVE\DRIVERS\ladfGSRamd64.sys [x]
R3 LGBusEnum;Logitech GamePanel Virtual Bus Enumerator Driver;c:\windows\system32\drivers\LGBusEnum.sys;c:\windows\SYSNATIVE\drivers\LGBusEnum.sys [x]
R3 LGVirHid;Logitech Gamepanel Virtual HID Device Driver;c:\windows\system32\drivers\LGVirHid.sys;c:\windows\SYSNATIVE\drivers\LGVirHid.sys [x]
R3 MBAMSwissArmy;MBAMSwissArmy;c:\windows\system32\drivers\MBAMSwissArmy.sys;c:\windows\SYSNATIVE\drivers\MBAMSwissArmy.sys [x]
R3 rzendpt;rzendpt;c:\windows\system32\DRIVERS\rzendpt.sys;c:\windows\SYSNATIVE\DRIVERS\rzendpt.sys [x]
R3 rzudd;Razer Mouse Driver;c:\windows\system32\DRIVERS\rzudd.sys;c:\windows\SYSNATIVE\DRIVERS\rzudd.sys [x]
R3 StkCMini;Syntek AVStream USB2.0 ATV;c:\windows\system32\Drivers\StkCMini.sys;c:\windows\SYSNATIVE\Drivers\StkCMini.sys [x]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys;c:\windows\SYSNATIVE\drivers\tsusbflt.sys [x]
R3 TsUsbGD;Remote Desktop Generic USB Device;c:\windows\system32\drivers\TsUsbGD.sys;c:\windows\SYSNATIVE\drivers\TsUsbGD.sys [x]
R3 USBAAPL64;Apple Mobile USB Driver;c:\windows\system32\Drivers\usbaapl64.sys;c:\windows\SYSNATIVE\Drivers\usbaapl64.sys [x]
R3 WatAdminSvc;Windows Activation Technologies Service;c:\windows\system32\Wat\WatAdminSvc.exe;c:\windows\SYSNATIVE\Wat\WatAdminSvc.exe [x]
R3 X6va008;X6va008;c:\windows\SysWOW64\Drivers\X6va008;c:\windows\SysWOW64\Drivers\X6va008 [x]
R4 wlcrasvc;Windows Live Mesh remote connections service;c:\program files\Windows Live\Mesh\wlcrasvc.exe;c:\program files\Windows Live\Mesh\wlcrasvc.exe [x]
S0 amd_sata;amd_sata;c:\windows\system32\DRIVERS\amd_sata.sys;c:\windows\SYSNATIVE\DRIVERS\amd_sata.sys [x]
S0 amd_xata;amd_xata;c:\windows\system32\DRIVERS\amd_xata.sys;c:\windows\SYSNATIVE\DRIVERS\amd_xata.sys [x]
S0 aswRvrt;avast! Revert; [x]
S0 aswVmm;avast! VM Monitor; [x]
S1 aswSnx;aswSnx;c:\windows\system32\drivers\aswSnx.sys;c:\windows\SYSNATIVE\drivers\aswSnx.sys [x]
S1 aswSP;aswSP;c:\windows\system32\drivers\aswSP.sys;c:\windows\SYSNATIVE\drivers\aswSP.sys [x]
S1 SABI;SAMSUNG Kernel Driver For Windows 7;c:\windows\system32\Drivers\SABI.sys;c:\windows\SYSNATIVE\Drivers\SABI.sys [x]
S2 AMD External Events Utility;AMD External Events Utility;c:\windows\system32\atiesrxx.exe;c:\windows\SYSNATIVE\atiesrxx.exe [x]
S2 AMD FUEL Service;AMD FUEL Service;c:\program files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe;c:\program files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe [x]
S2 AODDriver4.3;AODDriver4.3;c:\program files\ATI Technologies\ATI.ACE\Fuel\amd64\AODDriver2.sys;c:\program files\ATI Technologies\ATI.ACE\Fuel\amd64\AODDriver2.sys [x]
S2 aswHwid;avast! HardwareID;c:\windows\system32\drivers\aswHwid.sys;c:\windows\SYSNATIVE\drivers\aswHwid.sys [x]
S2 aswMonFlt;aswMonFlt;c:\windows\system32\drivers\aswMonFlt.sys;c:\windows\SYSNATIVE\drivers\aswMonFlt.sys [x]
S2 Atheros Bt&Wlan Coex Agent;Atheros Bt&Wlan Coex Agent;c:\program files (x86)\Bluetooth Suite\Ath_CoexAgent.exe;c:\program files (x86)\Bluetooth Suite\Ath_CoexAgent.exe [x]
S2 AtherosSvc;AtherosSvc;c:\program files (x86)\Bluetooth Suite\adminservice.exe;c:\program files (x86)\Bluetooth Suite\adminservice.exe [x]
S2 CouponPrinterService;Coupon Printer Service;c:\program files (x86)\Coupons\CouponPrinterService.exe;c:\program files (x86)\Coupons\CouponPrinterService.exe [x]
S2 cvhsvc;Client Virtualization Handler;c:\program files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE;c:\program files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE [x]
S2 DiagTrack;Diagnostics Tracking Service;c:\windows\System32\svchost.exe;c:\windows\SYSNATIVE\svchost.exe [x]
S2 sftlist;Application Virtualization Client;c:\program files (x86)\Microsoft Application Virtualization Client\sftlist.exe;c:\program files (x86)\Microsoft Application Virtualization Client\sftlist.exe [x]
S2 SGDrv;SGDrv;c:\windows\system32\DRIVERS\SGdrv64.sys;c:\windows\SYSNATIVE\DRIVERS\SGdrv64.sys [x]
S2 StkSSrv;Syntek AVStream USB2.0 ATV Service;c:\windows\System32\StkCSrv.exe;c:\windows\SYSNATIVE\StkCSrv.exe [x]
S3 AthBTPort;Atheros Virtual Bluetooth Class;c:\windows\system32\DRIVERS\btath_flt.sys;c:\windows\SYSNATIVE\DRIVERS\btath_flt.sys [x]
S3 AtiHDAudioService;AMD Function Driver for HD Audio Service;c:\windows\system32\drivers\AtihdW76.sys;c:\windows\SYSNATIVE\drivers\AtihdW76.sys [x]
S3 BTATH_A2DP;Bluetooth A2DP Audio Driver;c:\windows\system32\drivers\btath_a2dp.sys;c:\windows\SYSNATIVE\drivers\btath_a2dp.sys [x]
S3 btath_avdt;Atheros Bluetooth AVDT Service;c:\windows\system32\drivers\btath_avdt.sys;c:\windows\SYSNATIVE\drivers\btath_avdt.sys [x]
S3 BTATH_BUS;Atheros Bluetooth Bus;c:\windows\system32\DRIVERS\btath_bus.sys;c:\windows\SYSNATIVE\DRIVERS\btath_bus.sys [x]
S3 BTATH_HCRP;Bluetooth HCRP Server driver;c:\windows\system32\DRIVERS\btath_hcrp.sys;c:\windows\SYSNATIVE\DRIVERS\btath_hcrp.sys [x]
S3 BTATH_LWFLT;Bluetooth LWFLT Device;c:\windows\system32\DRIVERS\btath_lwflt.sys;c:\windows\SYSNATIVE\DRIVERS\btath_lwflt.sys [x]
S3 BTATH_RCP;Bluetooth AVRCP Device;c:\windows\system32\DRIVERS\btath_rcp.sys;c:\windows\SYSNATIVE\DRIVERS\btath_rcp.sys [x]
S3 BtFilter;BtFilter;c:\windows\system32\DRIVERS\btfilter.sys;c:\windows\SYSNATIVE\DRIVERS\btfilter.sys [x]
S3 clwvd;CyberLink WebCam Virtual Driver;c:\windows\system32\DRIVERS\clwvd.sys;c:\windows\SYSNATIVE\DRIVERS\clwvd.sys [x]
S3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt64win7.sys;c:\windows\SYSNATIVE\DRIVERS\Rt64win7.sys [x]
S3 Sftfs;Sftfs;c:\windows\system32\DRIVERS\Sftfslh.sys;c:\windows\SYSNATIVE\DRIVERS\Sftfslh.sys [x]
S3 Sftplay;Sftplay;c:\windows\system32\DRIVERS\Sftplaylh.sys;c:\windows\SYSNATIVE\DRIVERS\Sftplaylh.sys [x]
S3 Sftredir;Sftredir;c:\windows\system32\DRIVERS\Sftredirlh.sys;c:\windows\SYSNATIVE\DRIVERS\Sftredirlh.sys [x]
S3 Sftvol;Sftvol;c:\windows\system32\DRIVERS\Sftvollh.sys;c:\windows\SYSNATIVE\DRIVERS\Sftvollh.sys [x]
S3 sftvsa;Application Virtualization Service Agent;c:\program files (x86)\Microsoft Application Virtualization Client\sftvsa.exe;c:\program files (x86)\Microsoft Application Virtualization Client\sftvsa.exe [x]
S3 usbfilter;AMD USB Filter Driver;c:\windows\system32\DRIVERS\usbfilter.sys;c:\windows\SYSNATIVE\DRIVERS\usbfilter.sys [x]
.
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\active setup\installed components\{8A69D345-D564-463c-AFF1-A69D9E530F96}]
2015-07-15 02:01    991048    ----a-w-    c:\program files (x86)\Google\Chrome\Application\43.0.2357.134\Installer\chrmstp.exe
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\active setup\installed components\{A6EADE66-0000-0000-484E-7E8A45000000}]
2015-07-03 05:09    285368    ----a-w-    c:\program files (x86)\Adobe\Acrobat Reader DC\Esl\AiodLite.dll
.
Contents of the 'Scheduled Tasks' folder
.
2015-07-19 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-05-31 02:25]
.
2015-07-19 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2013-05-04 17:33]
.
2015-07-19 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2013-05-04 17:33]
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\00avast]
@="{472083B0-C522-11CF-8763-00608CC02F24}"
[HKEY_CLASSES_ROOT\CLSID\{472083B0-C522-11CF-8763-00608CC02F24}]
2015-06-14 14:43    722400    ----a-w-    c:\program files\AVAST Software\Avast\ashShA64.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"RtHDVCpl"="c:\program files\Realtek\Audio\HDA\RAVCpl64.exe" [2011-08-09 12666984]
"AtherosBtStack"="c:\program files (x86)\Bluetooth Suite\BtvStack.exe" [2011-07-16 791200]
"AthBtTray"="c:\program files (x86)\Bluetooth Suite\AthBtTray.exe" [2011-07-16 657568]
.
------- Supplementary Scan -------
.
uLocal Page = c:\windows\system32\blank.htm
uStart Page = https://www.yahoo.co...ast&type=agc511
mStart Page = https://www.yahoo.co...ast&type=agc511
mLocal Page = c:\windows\SysWOW64\blank.htm
mSearch Page = https://search.yahoo...p={searchTerms}
mSearch Bar = https://www.yahoo.co...ast&type=agc511
IE: E&xport to Microsoft Excel - c:\progra~2\MICROS~1\Office14\EXCEL.EXE/3000
IE: Free YouTube Download - c:\users\Home\AppData\Roaming\DVDVideoSoftIEHelpers\freeyoutubedownload.htm
IE: Se&nd to OneNote - c:\progra~2\MICROS~1\Office14\ONBttnIE.dll/105
Trusted Zone: clonewarsadventures.com
Trusted Zone: freerealms.com
Trusted Zone: soe.com
Trusted Zone: sony.com
TCP: DhcpNameServer = 192.168.1.1
Handler: amisie - {183A003A-3D01-4E94-A2C5-AD0108C68370} - c:\program files (x86)\AMIS\IeDtbPlugin.dll
FF - ProfilePath - c:\users\Home\AppData\Roaming\Mozilla\Firefox\Profiles\1jsrj84y.default\
.
- - - - ORPHANS REMOVED - - - -
.
URLSearchHooks-{cdf97ee2-ded0-4369-835e-99dd08225fa5} - (no file)
Wow6432Node-HKLM-Run-APSDaemon - c:\program files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe
Wow6432Node-HKLM-Run-<NO NAME> - (no file)
Wow6432Node-HKLM-Run-Razer Synapse - c:\program files (x86)\Razer\Synapse\RzSynapse.exe
HKLM_Wow6432Node-ActiveSetup-{2D46B6DC-2207-486B-B523-A557E6D54B47} - start
AddRemove-ApplicationUpdater - c:\users\Home\AppData\Local\Sony Online Entertainment\ApplicationUpdater\Uninstaller.exe
.
.
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\X6va008]
"ImagePath"="\??\c:\windows\SysWOW64\Drivers\X6va008"
.
--------------------- LOCKED REGISTRY KEYS ---------------------
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\windows\\system32\\Macromed\\Flash\\FlashUtil64_18_0_0_209_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\LocalServer32]
@="c:\\windows\\system32\\Macromed\\Flash\\FlashUtil64_18_0_0_209_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}]
@Denied: (A 2) (Everyone)
@="IFlashBroker6"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_18_0_0_209_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\LocalServer32]
@="c:\\windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_18_0_0_209_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Shockwave Flash Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\windows\\SysWOW64\\Macromed\\Flash\\Flash32_18_0_0_209.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
@="0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
@="ShockwaveFlash.ShockwaveFlash.18"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\windows\\SysWOW64\\Macromed\\Flash\\Flash32_18_0_0_209.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="ShockwaveFlash.ShockwaveFlash"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Macromedia Flash Factory Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\windows\\SysWOW64\\Macromed\\Flash\\Flash32_18_0_0_209.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
@="FlashFactory.FlashFactory.1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\windows\\SysWOW64\\Macromed\\Flash\\Flash32_18_0_0_209.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="FlashFactory.FlashFactory"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}]
@Denied: (A 2) (Everyone)
@="IFlashBroker6"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Office\Common\Smart Tag\Actions\{B7EFF951-E52F-45CC-9EF7-57124F2177CC}]
@Denied: (A) (Everyone)
"Solution"="{15727DE6-F92D-4E46-ACB4-0E2C58B31A18}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Schema Library\ActionsPane3]
@Denied: (A) (Everyone)
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Schema Library\ActionsPane3\0]
"Key"="ActionsPane3"
"Location"="c:\\Program Files (x86)\\Common Files\\Microsoft Shared\\VSTO\\ActionsPane3.xsd"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
Completion time: 2015-07-19  09:49:27
ComboFix-quarantined-files.txt  2015-07-19 16:49
.
Pre-Run: 14,673,211,392 bytes free
Post-Run: 14,491,926,528 bytes free
.
- - End Of File - - F8ADC04388FDF8C39482F58D444FEA6E
2E5DEBB2116B3417023E0D6562D7ED07

 

OTL log is below.

All processes killed
========== COMMANDS ==========
Restore point Set: OTL Restore Point
========== OTL ==========
Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{02478D38-C3F9-4efb-9B51-7695ECA05670}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{02478D38-C3F9-4efb-9B51-7695ECA05670}\ not found.
Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}\ not found.
64bit-Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Toolbar\\{318A227B-5E9F-45bd-8999-7F8F10CA4CF5} deleted successfully.
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{318A227B-5E9F-45bd-8999-7F8F10CA4CF5}\ deleted successfully.
64bit-Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Toolbar\\Locked deleted successfully.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Toolbar\\{cdf97ee2-ded0-4369-835e-99dd08225fa5} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{cdf97ee2-ded0-4369-835e-99dd08225fa5}\ not found.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Toolbar\\Locked deleted successfully.
Registry value HKEY_USERS\S-1-5-21-334125316-4088546140-4129291110-1000\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA}\ not found.
Registry value HKEY_USERS\S-1-5-21-334125316-4088546140-4129291110-1000\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{CDF97EE2-DED0-4369-835E-99DD08225FA5} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{CDF97EE2-DED0-4369-835E-99DD08225FA5}\ not found.
Unable to delete ADS C:\Users\Home\Documents\ParaPro Test (2).jpg:3or4kl4x13tuuug3Byamue2s4b .
Unable to delete ADS C:\Users\Home\Documents\HS diploma (2).jpg:3or4kl4x13tuuug3Byamue2s4b .
Unable to delete ADS C:\Users\Home\Documents\First aid card 2014 (2).jpg:3or4kl4x13tuuug3Byamue2s4b .
Unable to delete ADS C:\Users\Home\Documents\Copy of Anniversary 2013.jpeg:3or4kl4x13tuuug3Byamue2s4b .
Unable to delete ADS C:\Users\Home\Documents\Anniversary 2013.jpeg:3or4kl4x13tuuug3Byamue2s4b .
========== COMMANDS ==========
C:\windows\System32\drivers\etc\Hosts moved successfully.
HOSTS file reset successfully
 
[EMPTYTEMP]
 
User: All Users
 
User: Default
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
->Flash cache emptied: 313312 bytes
 
User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
->Flash cache emptied: 0 bytes
 
User: Home
->Temp folder emptied: 1471952044 bytes
->Temporary Internet Files folder emptied: 10983 bytes
->Java cache emptied: 17768 bytes
->FireFox cache emptied: 353415204 bytes
->Google Chrome cache emptied: 226652571 bytes
->Flash cache emptied: 844 bytes
 
User: Public
 
%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 0 bytes
%systemroot%\System32 .tmp files removed: 0 bytes
%systemroot%\System32 (64bit) .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 1245386318 bytes
%systemroot%\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files folder emptied: 33298 bytes
%systemroot%\system32\config\systemprofile\AppData\LocalLow\Sun\Java\Deployment folder emptied: 747 bytes
%systemroot%\sysnative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files folder emptied: 42503832 bytes
RecycleBin emptied: 0 bytes
 
Total Files Cleaned = 3,186.00 mb
 
 
OTL by OldTimer - Version 3.2.69.0 log created on 07192015_090212

Files\Folders moved on Reboot...
C:\Users\Home\AppData\Local\Temp\7zS0AC8\HPSLPSVC64.DLL moved successfully.
C:\Users\Home\AppData\Local\Temp\FXSAPIDebugLogFile.txt moved successfully.
C:\Users\Home\AppData\Local\Microsoft\Windows\Temporary Internet Files\counters.dat moved successfully.
File move failed. C:\windows\temp\_avast_\AvastLock.txt scheduled to be moved on reboot.
File move failed. C:\windows\SysNative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\counters.dat scheduled to be moved on reboot.

PendingFileRenameOperations files...

Registry entries deleted on Reboot...


It only freed up about 4 GB. The D: Drive is completly empty. I am not really sure why that is. I'm also don't know why the drive would be so full. I have pictures but it doesn't apear to be that much. It is like something is stored on the machine that is sucking up lots of strorage room. Do you see anything that I should delete?


  • 0

#15
Essexboy

Essexboy

    GeekU Moderator

  • Retired Staff
  • 69,964 posts
You could transfer all the pictures/music to your D drive ... As it stands I can see no sign of malware
  • 0






Similar Topics


Also tagged with one or more of these keywords: slow internet, *32 programs, wont shut down

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP