Ok, I think I got all the logs. One other thing I forgot to mention initially is that when Windows tries to update it ALWAYS FAILS to update. Not sure if this is related problem or not . THanks!
Also, just noticed, after I did all the below, my Word files aren't opening on desktop. Saying the files to open my short cuts aren't there. It's making them an "office" product as opposed to Word Starter (which is the type of file they are) I didn't purchase Office. If I go to a file that is still showing as Word and open others from there, they will open, but the desktop shortcut iccons look like a office product as opposed to a word only file.
# AdwCleaner v3.003 - Report created 12/09/2013 at 08:32:27
# Updated 07/09/2013 by Xplode
# Operating System : Windows 7 Home Premium Service Pack 1 (64 bits)
# Username : Evan - EVANSPC
# Running from : C:\Users\Evan\Downloads\AdwCleaner (2).exe
# Option : Clean
***** [ Services ] *****
[#] Service Deleted : BrowserDefendert
***** [ Files / Folders ] *****
Folder Deleted : C:\ProgramData\Babylon
Folder Deleted : C:\ProgramData\BrowserDefender
Folder Deleted : C:\Program Files (x86)\Gophoto.it
Folder Deleted : C:\Program Files (x86)\LyricSing
Folder Deleted : C:\Program Files (x86)\Common Files\AVG Secure Search
Folder Deleted : C:\Users\Evan\AppData\Local\Temp\delta
Folder Deleted : C:\Users\Evan\AppData\Local\Temp\CT3291327
Folder Deleted : C:\Users\Evan\AppData\Roaming\BabSolution
Folder Deleted : C:\Users\Evan\AppData\Roaming\Babylon
Folder Deleted : C:\Users\Evan\AppData\Roaming\SearchProtect
Folder Deleted : C:\Users\Evan\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\BrowserDefender
Folder Deleted : C:\Users\Evan\AppData\Roaming\Mozilla\Firefox\Profiles\ruo31qt8.default\jetpack
Folder Deleted : C:\Users\Evan\AppData\Roaming\Mozilla\Firefox\Profiles\ruo31qt8.default\Smartbar
Folder Deleted : C:\Users\Evan\AppData\Roaming\Mozilla\Firefox\Profiles\ruo31qt8.default\CT3291327
Folder Deleted : C:\Users\Evan\AppData\Roaming\Mozilla\Firefox\Profiles\ruo31qt8.default\Extensions\{da51d4f6-3e7e-4ef8-b400-9198e0874606}
File Deleted : C:\Users\Evan\AppData\Roaming\Mozilla\Firefox\Profiles\ruo31qt8.default\Extensions\
[email protected]File Deleted : C:\Users\Evan\AppData\Roaming\Mozilla\Firefox\Profiles\ruo31qt8.default\Extensions\
[email protected]File Deleted : C:\END
File Deleted : C:\Users\Evan\AppData\Roaming\Mozilla\Firefox\Profiles\ruo31qt8.default\bprotector_extensions.sqlite
File Deleted : C:\Users\Evan\AppData\Roaming\Mozilla\Firefox\Profiles\ruo31qt8.default\bprotector_prefs.js
File Deleted : C:\Users\Evan\AppData\Roaming\Mozilla\Firefox\Profiles\ruo31qt8.default\searchplugins\Babylon.xml
File Deleted : C:\Users\Evan\AppData\Roaming\Mozilla\Firefox\Profiles\ruo31qt8.default\user.js
File Deleted : C:\Windows\System32\Tasks\BrowserDefendert
File Deleted : C:\Windows\System32\Tasks\Scheduled Update for Ask Toolbar
***** [ Shortcuts ] *****
***** [ Registry ] *****
Key Deleted : HKLM\SOFTWARE\Google\Chrome\Extensions\ndibdjnfmopecpmkdieinmbadjfpblof
Key Deleted : HKLM\SOFTWARE\Google\Chrome\Extensions\pfmopbbadnfoelckkcmjjeaaegjpjjbk
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\bProtectSettings
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{C26644C4-2A12-4CA6-8F2E-0EDE6CF018F3}
Key Deleted : HKLM\SOFTWARE\Classes\Applications\ilividsetup.exe
Key Deleted : HKLM\SOFTWARE\Classes\Prod.cap
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\apnstub_RASAPI32
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\apnstub_RASMANCS
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\askpartnercobrandingtool_RASAPI32
Key Deleted : HKLM\SOFTWARE\Microsoft\tracing\askpartnercobrandingtool_RASMANCS
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\AskSLib_RASAPI32
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\AskSLib_RASMANCS
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\datamngrUI_RASAPI32
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\datamngrUI_RASMANCS
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\iLividSetup_RASAPI32
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\iLividSetup_RASMANCS
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\Searchqu Toolbar uninstall_RASAPI32
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\Searchqu Toolbar uninstall_RASMANCS
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\TaskScheduler_RASAPI32
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\TaskScheduler_RASMANCS
Key Deleted : HKCU\Software\855d6d9e26aef17
Key Deleted : HKLM\SOFTWARE\855d6d9e26aef17
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\SoftonicDownloader_for_game-maker_RASAPI32
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\SoftonicDownloader_for_game-maker_RASMANCS
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{608D3067-77E8-463D-9084-908966806826}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{DE9028D0-5FFA-4E69-94E3-89EE8741F468}
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{0ECDF796-C2DC-4D79-A620-CCE0C0A66CC9}
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{91607FA7-3C2F-4F90-93E3-D5337A6B0AC2}
Key Deleted : HKCU\Software\1ClickDownload
Key Deleted : HKCU\Software\BabSolution
Key Deleted : HKCU\Software\Conduit
Key Deleted : HKCU\Software\DataMngr
[#] Key Deleted : HKCU\Software\DataMngr_Toolbar
Key Deleted : HKCU\Software\Delta
Key Deleted : HKCU\Software\ilivid
Key Deleted : HKCU\Software\AppDataLow\Software\SmartBar
Key Deleted : HKLM\Software\Babylon
Key Deleted : HKLM\Software\BabylonToolbar
Key Deleted : HKLM\Software\DataMngr
Key Deleted : HKLM\Software\Delta
Key Deleted : HKLM\Software\SearchProtect
***** [ Browsers ] *****
-\\ Internet Explorer v10.0.9200.16660
Setting Restored : HKCU\Software\Microsoft\Internet Explorer\Main [Start Page]
-\\ Mozilla Firefox v20.0.1 (en-US)
[ File : C:\Users\Evan\AppData\Roaming\Mozilla\Firefox\Profiles\ruo31qt8.default\prefs.js ]
Line Deleted : user_pref("CT3291327.1000082.isPlayDisplay", "true");
Line Deleted : user_pref("CT3291327.1000082.state", "{\"state\":\"stopped\",\"text\":\"Californi...\",\"description\":\"California Rock - Rock\",\"url\":\"hxxp://www.feedlive.net/california.asx\"}");
Line Deleted : user_pref("CT3291327.ENABALE_HISTORY", "{\"dataType\":\"string\",\"data\":\"true\"}");
Line Deleted : user_pref("CT3291327.ENABLE_RETURN_WEB_SEARCH_ON_THE_PAGE", "{\"dataType\":\"string\",\"data\":\"true\"}");
Line Deleted : user_pref("CT3291327.FF19Solved", "true");
Line Deleted : user_pref("CT3291327.FirstTime", "true");
Line Deleted : user_pref("CT3291327.FirstTimeFF3", "true");
Line Deleted : user_pref("CT3291327.PG_ENABLE", "dHJ1ZQ==");
Line Deleted : user_pref("CT3291327.SearchFromAddressBarUrl", "hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT3291327&SearchSource=2&CUI=UN37979959181153114&UM=2&q=");
Line Deleted : user_pref("CT3291327.UserID", "UN37979959181153114");
Line Deleted : user_pref("CT3291327.addressBarTakeOverEnabledInHidden", "true");
Line Deleted : user_pref("CT3291327.autoDisableScopes", 0);
Line Deleted : user_pref("CT3291327.browser.search.defaultthis.engineName", "true");
Line Deleted : user_pref("CT3291327.countryCode", "US");
Line Deleted : user_pref("CT3291327.defaultSearch", "true");
Line Deleted : user_pref("CT3291327.embeddedsData", "[{\"appId\":\"130075605338768184\",\"apiPermissions\":{\"crossDomainAjax\":true,\"getMainFrameTitle\":true,\"getMainFrameUrl\":true,\"getSearchTerm\":true,\"insta[...]
Line Deleted : user_pref("CT3291327.enableAlerts", "true");
Line Deleted : user_pref("CT3291327.enableSearchFromAddressBar", "true");
Line Deleted : user_pref("CT3291327.firstTimeDialogOpened", "true");
Line Deleted : user_pref("CT3291327.fixPageNotFoundError", "true");
Line Deleted : user_pref("CT3291327.fixPageNotFoundErrorByUser", "true");
Line Deleted : user_pref("CT3291327.fixPageNotFoundErrorInHidden", "true");
Line Deleted : user_pref("CT3291327.fixUrls", true);
Line Deleted : user_pref("CT3291327.fullUserID", "UN37979959181153114.IN.20130726075350");
Line Deleted : user_pref("CT3291327.installDate", "26/07/2013 07:53:49");
Line Deleted : user_pref("CT3291327.installId", "stub.exe");
Line Deleted : user_pref("CT3291327.installSessionId", "{2656ED82-F46B-4D2A-9710-9FD04149F40F}");
Line Deleted : user_pref("CT3291327.installSp", "TRUE");
Line Deleted : user_pref("CT3291327.installType", "conduitnsisintegration");
Line Deleted : user_pref("CT3291327.installUsage", "2013-08-05T05:01:48.2070054+03:00");
Line Deleted : user_pref("CT3291327.installUsageEarly", "2013-08-05T05:01:41.2963826+03:00");
Line Deleted : user_pref("CT3291327.installerVersion", "1.5.4.4");
Line Deleted : user_pref("CT3291327.isCheckedStartAsHidden", true);
Line Deleted : user_pref("CT3291327.isEnableAllDialogs", "{\"dataType\":\"string\",\"data\":\"true\"}");
Line Deleted : user_pref("CT3291327.isFirstTimeToolbarLoading", "false");
Line Deleted : user_pref("CT3291327.isToolbarShrinked", "{\"dataType\":\"string\",\"data\":\"false\"}");
Line Deleted : user_pref("CT3291327.keyword", "true");
Line Deleted : user_pref("CT3291327.lastNewTabSettings", "{\"isEnabled\":true,\"newTabUrl\":\"hxxp://search.conduit.com/?ctid=CT3291327&octid=CT3291327&SearchSource=15&CUI=UN37979959181153114&SSPV=&Lay=1&UM=2\"}");
Line Deleted : user_pref("CT3291327.lastVersion", "10.16.70.5");
Line Deleted : user_pref("CT3291327.mam_gk_appStateReportTime.enc", "MTM3NTY2ODExNDUyNA==");
Line Deleted : user_pref("CT3291327.mam_gk_appState_ACplus.enc", "b24=");
Line Deleted : user_pref("CT3291327.mam_gk_appState_CouponBuddy.enc", "b24=");
Line Deleted : user_pref("CT3291327.mam_gk_appState_Discover.enc", "b24=");
Line Deleted : user_pref("CT3291327.mam_gk_appState_Easytobook.enc", "b24=");
Line Deleted : user_pref("CT3291327.mam_gk_appState_Easytobook_targeted.enc", "b24=");
Line Deleted : user_pref("CT3291327.mam_gk_appState_Find-a-Pro.enc", "b24=");
Line Deleted : user_pref("CT3291327.mam_gk_appState_PiclickV2-WebSearch.enc", "b24=");
Line Deleted : user_pref("CT3291327.mam_gk_appState_PriceGong.enc", "b24=");
Line Deleted : user_pref("CT3291327.mam_gk_appState_WindowShopper.enc", "b24=");
Line Deleted : user_pref("CT3291327.mam_gk_appsData.enc", "eyJhcHBzIjpbeyJpZCI6IlByaWNlR29uZyIsInVybCI6Imh0dHA6Ly9wcmljZWdvbmcuY29uZHVpdGFwcHMuY29tL01BTS92MS9odG1sX2NvbXAuaHRtbCIsIm9wdGlvbnNEaWFsb2ciOnsiZGlzcGxheU5h[...]
Line Deleted : user_pref("CT3291327.mam_gk_appsDefaultEnabled.enc", "dHJ1ZQ==");
Line Deleted : user_pref("CT3291327.mam_gk_calledSetupService.enc", "MQ==");
Line Deleted : user_pref("CT3291327.mam_gk_configuration.enc", "eyJjb25maWd1cmF0aW9uIjpbeyJpZCI6IlBpY2xpY2tWMi1XZWJTZWFyY2giLCJjcml0ZXJpYXMiOlt7ImNyaXRlcmlhSWQiOiJlZWMzNDMyMC0wNjI4LTRjYTItYTRjZS01YWQyNWM4NTY2ZGIiLCJ[...]
Line Deleted : user_pref("CT3291327.mam_gk_currentVersion.enc", "MS45LjAuNA==");
Line Deleted : user_pref("CT3291327.mam_gk_first_time.enc", "MQ==");
Line Deleted : user_pref("CT3291327.mam_gk_installer_preapproved.enc", "ZmFsc2U=");
Line Deleted : user_pref("CT3291327.mam_gk_lastLoginTime.enc", "MTM3NTY2ODExMTQxOA==");
Line Deleted : user_pref("CT3291327.mam_gk_localization.enc", "eyJnYWRnZXRDb250ZW50UG9saWN5Ijp7IlRleHQiOiJDb250ZW50IFBvbGljeSJ9LCJnYWRnZXREZXNjcmlwdGlvblByaW1hcnkiOnsiVGV4dCI6IlZhbHVlIEFwcHMgZW5yaWNoZXMgeW91ciB3ZWIg[...]
Line Deleted : user_pref("CT3291327.mam_gk_pgUnloadedOnce.enc", "dHJ1ZQ==");
Line Deleted : user_pref("CT3291327.mam_gk_settings1.9.0.4.enc", "eyJTdGF0dXMiOiJzdWNjZWVkZWQiLCJEYXRhIjp7ImludGVydmFsIjoyNDAsInN0YW1wIjoiMzVfMCIsImlzVGVzdCI6dHJ1ZSwiVXNlckNvdW50cnlDb2RlIjoiVVMiLCJpc1dlbGNvbWVFeHBlc[...]
Line Deleted : user_pref("CT3291327.mam_gk_showWelcomeGadget.enc", "ZmFsc2U=");
Line Deleted : user_pref("CT3291327.mam_gk_userId.enc", "MjJiMzMyOTQtY2NkOC00NmJjLThjNWYtNTQ5MmE5Y2ZjZmE5");
Line Deleted : user_pref("CT3291327.migrateAppsAndComponents", true);
Line Deleted : user_pref("CT3291327.missingMachineIdSent", "true");
Line Deleted : user_pref("CT3291327.navigationAliasesJson", "{\"EB_SEARCH_TERM\":\"\",\"EB_MAIN_FRAME_URL\":\"\",\"EB_MAIN_FRAME_TITLE\":\"\",\"EB_TOOLBAR_SUB_DOMAIN\":\"hxxp://KeyBar114.OurToolbar.com/\",\"EB_TOOLB[...]
Line Deleted : user_pref("CT3291327.openThankYouPage", "false");
Line Deleted : user_pref("CT3291327.openUninstallPage", "true");
Line Deleted : user_pref("CT3291327.originalHomepage", "hxxp://search.babylon.com/?affID=119776&babsrc=HP_ss&mntrId=cc80ff3f0000000000005a59f95e5257");
Line Deleted : user_pref("CT3291327.originalSearchAddressUrl", "hxxp://search.babylon.com/?affID=119776&babsrc=KW_ss&mntrId=cc80ff3f0000000000005a59f95e5257&q=");
Line Deleted : user_pref("CT3291327.originalSearchEngine", "Search the web (Babylon)");
Line Deleted : user_pref("CT3291327.originalSearchEngineName", "Search the web (Babylon)");
Line Deleted : user_pref("CT3291327.price-gong.isManagedApp", "true");
Line Deleted : user_pref("CT3291327.revertSettingsEnabled", "false");
Line Deleted : user_pref("CT3291327.search.searchAppId", "130075605338768184");
Line Deleted : user_pref("CT3291327.search.searchCount", "0");
Line Deleted : user_pref("CT3291327.searchFromAddressBarEnabledByUser", "true");
Line Deleted : user_pref("CT3291327.searchInNewTabEnabledByUser", "true");
Line Deleted : user_pref("CT3291327.searchInNewTabEnabledInHidden", "true");
Line Deleted : user_pref("CT3291327.searchRevert", "false");
Line Deleted : user_pref("CT3291327.searchSuggestEnabledByUser", "true");
Line Deleted : user_pref("CT3291327.searchUserMode", "2");
Line Deleted : user_pref("CT3291327.selectToSearchBoxEnabled", "{\"dataType\":\"string\",\"data\":\"true\"}");
Line Deleted : user_pref("CT3291327.serviceLayer_service_login_isFirstLoginInvoked", "{\"dataType\":\"boolean\",\"data\":\"true\"}");
Line Deleted : user_pref("CT3291327.serviceLayer_service_login_loginCount", "{\"dataType\":\"number\",\"data\":\"2\"}");
Line Deleted : user_pref("CT3291327.serviceLayer_service_toolbarGrouping_activeCTID", "{\"dataType\":\"string\",\"data\":\"CT3291327\"}");
Line Deleted : user_pref("CT3291327.serviceLayer_service_toolbarGrouping_activeDownloadUrl", "{\"dataType\":\"string\",\"data\":\"hxxp://KeyBar114.OurToolbar.com//xpi\"}");
Line Deleted : user_pref("CT3291327.serviceLayer_service_toolbarGrouping_activeToolbarName", "{\"dataType\":\"string\",\"data\":\"KeyBar 1.14\"}");
Line Deleted : user_pref("CT3291327.serviceLayer_service_toolbarGrouping_invoked", "{\"dataType\":\"string\",\"data\":\"true\"}");
Line Deleted : user_pref("CT3291327.serviceLayer_service_usage_toolbarUsageCount", "{\"dataType\":\"number\",\"data\":\"2\"}");
Line Deleted : user_pref("CT3291327.serviceLayer_services_Configuration_lastUpdate", "1375668092550");
Line Deleted : user_pref("CT3291327.serviceLayer_services_appTrackingFirstTime_lastUpdate", "1375668095616");
Line Deleted : user_pref("CT3291327.serviceLayer_services_appsMetadata_lastUpdate", "1375668095300");
Line Deleted : user_pref("CT3291327.serviceLayer_services_gottenAppsContextMenu_lastUpdate", "1375668095438");
Line Deleted : user_pref("CT3291327.serviceLayer_services_installUsage_ToolbarInstallEarly_lastUpdate", "1375668092558");
Line Deleted : user_pref("CT3291327.serviceLayer_services_installUsage_ToolbarInstall_lastUpdate", "1375668100353");
Line Deleted : user_pref("CT3291327.serviceLayer_services_login_10.16.70.5_lastUpdate", "1375668100360");
Line Deleted : user_pref("CT3291327.serviceLayer_services_otherAppsContextMenu_lastUpdate", "1375668095534");
Line Deleted : user_pref("CT3291327.serviceLayer_services_searchAPI_lastUpdate", "1375668092565");
Line Deleted : user_pref("CT3291327.serviceLayer_services_serviceMap_lastUpdate", "1375668091321");
Line Deleted : user_pref("CT3291327.serviceLayer_services_toolbarContextMenu_lastUpdate", "1375668095314");
Line Deleted : user_pref("CT3291327.serviceLayer_services_toolbarSettings_lastUpdate", "1375668092578");
Line Deleted : user_pref("CT3291327.serviceLayer_services_translation_lastUpdate", "1375668099799");
Line Deleted : user_pref("CT3291327.settingsINI", true);
Line Deleted : user_pref("CT3291327.shouldFirstTimeDialog", "false");
Line Deleted : user_pref("CT3291327.showToolbarPermission", "false");
Line Deleted : user_pref("CT3291327.smartbar.CTID", "CT3291327");
Line Deleted : user_pref("CT3291327.smartbar.Uninstall", "0");
Line Deleted : user_pref("CT3291327.smartbar.homepage", "true");
Line Deleted : user_pref("CT3291327.smartbar.toolbarName", "KeyBar 1.14 ");
Line Deleted : user_pref("CT3291327.startPage", "true");
Line Deleted : user_pref("CT3291327.toolbarBornServerTime", "5-8-2013");
Line Deleted : user_pref("CT3291327.toolbarCurrentServerTime", "5-8-2013");
Line Deleted : user_pref("CT3291327.toolbarLoginClientTime", "Sun Aug 04 2013 21:01:40 GMT-0500 (Central Daylight Time)");
Line Deleted : user_pref("CT3291327.versionFromInstaller", "10.16.70.5");
Line Deleted : user_pref("CT3291327.xpeMode", "3");
Line Deleted : user_pref("CT3291327_Firefox.csv", "[{\"from\":\"Abs Layer\",\"action\":\"loading toolbar\",\"time\":1375668082112,\"isWithState\":\"\",\"timeFromStart\":0,\"timeFromPrev\":0}]");
Line Deleted : user_pref("Smartbar.ConduitHomepagesList", "hxxp://search.conduit.com/?ctid=CT3291327&CUI=UN37979959181153114&UM=2&SearchSource=13");
Line Deleted : user_pref("Smartbar.ConduitSearchEngineList", "KeyBar 1.14 Customized Web Search");
Line Deleted : user_pref("Smartbar.ConduitSearchUrlList", "hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT3291327&SearchSource=2&CUI=UN37979959181153114&UM=2&q=");
Line Deleted : user_pref("Smartbar.SearchFromAddressBarSavedUrl", "hxxp://search.babylon.com/?affID=119776&babsrc=KW_ss&mntrId=cc80ff3f0000000000005a59f95e5257&q=");
Line Deleted : user_pref("Smartbar.keywordURLSelectedCTID", "CT3291327");
Line Deleted : user_pref("browser.newtab.url", "hxxp://www1.delta-search.com/?babsrc=NT_ss&mntrId=CC805A59F95E5257&affID=123485&tsp=4955");
Line Deleted : user_pref("browser.search.defaultenginename", "KeyBar 1.14 Customized Web Search");
Line Deleted : user_pref("browser.search.defaultthis.engineName", "KeyBar 1.14 Customized Web Search");
Line Deleted : user_pref("browser.search.defaulturl", "hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT3291327&CUI=UN37979959181153114&UM=2&SearchSource=3&q={searchTerms}");
Line Deleted : user_pref("browser.startup.homepage", "hxxp://search.conduit.com/?ctid=CT3291327&CUI=UN37979959181153114&UM=2&SearchSource=13");
Line Deleted : user_pref("extensions.BabylonToolbar_i.newTab", true);
Line Deleted : user_pref("extensions.BabylonToolbar_i.newTabUrl", "hxxp://search.babylon.com/?affID=119776&babsrc=NT_ss&mntrId=cc80ff3f0000000000005a59f95e5257");
Line Deleted : user_pref("extensions.delta.autoRvrt", "false");
Line Deleted : user_pref("extensions.delta.newTab", false);
Line Deleted : user_pref("extensions.delta.rvrt", "false");
Line Deleted : user_pref("extensions.wrc.SearchRules.ask.com.style", ".WRCN {display:none} #yui-main .tsrc_vnru .title + .WRCN, #yui-main #teoma-results .title + .WRCN {display:inline !important; background: url(\"I[...]
Line Deleted : user_pref("extensions.wrc.SearchRules.ask.com.url", "^hxxp(s)?\\:\\/\\/(.+\\.)?ask\\.com\\/.*");
Line Deleted : user_pref("keyword.URL", "hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT3291327&SearchSource=2&CUI=UN37979959181153114&UM=2&q=");
Line Deleted : user_pref("smartbar.addressBarOwnerCTID", "CT3291327");
Line Deleted : user_pref("smartbar.conduitHomepageList", "hxxp://search.conduit.com/?ctid=CT3291327&CUI=UN37979959181153114&UM=2&SearchSource=13");
Line Deleted : user_pref("smartbar.conduitSearchAddressUrlList", "hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT3291327&SearchSource=2&CUI=UN37979959181153114&UM=2&q=");
Line Deleted : user_pref("smartbar.defaultSearchOwnerCTID", "CT3291327");
Line Deleted : user_pref("smartbar.homePageOwnerCTID", "CT3291327");
Line Deleted : user_pref("smartbar.machineId", "");
-\\ Google Chrome v
[ File : C:\Users\Evan\AppData\Local\Google\Chrome\User Data\Default\preferences ]
*************************
AdwCleaner[R0].txt - [19917 octets] - [12/09/2013 08:14:42]
AdwCleaner[S0].txt - [19582 octets] - [12/09/2013 08:32:27]
########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [19643 octets] ##########
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 6.0.0 (09.12.2013:1)
OS: Windows 7 Home Premium x64
Ran by Evan on Thu 09/12/2013 at 8:48:55.39
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
~~~ Services
~~~ Registry Values
Successfully repaired: [Registry Value] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Windows\\AppInit_DLLs
~~~ Registry Keys
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\Interface\{2CE4D4CF-B278-4126-AD1E-B622DA2E8339}
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\torch
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\InternetRegistry\REGISTRY\USER\S-1-5-21-4046523146-1281529262-768510782-1001\Software\SweetIM
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\sweetim
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\torch
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\torchsetupfull_rasapi32
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\torchsetupfull_rasmancs
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\iLividSetupV1 (4)_RASAPI32
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\iLividSetupV1 (4)_RASMANCS
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\st-softonic-sntb[1]_RASAPI32
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\st-softonic-sntb[1]_RASMANCS
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Tracing\iLividSetupV1 (4)_RASAPI32
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Tracing\iLividSetupV1 (4)_RASMANCS
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Tracing\st-softonic-sntb[1]_RASAPI32
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Tracing\st-softonic-sntb[1]_RASMANCS
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchScopes\{AFF39B82-75E1-4602-8B42-A9851EA1C0C1}
~~~ Files
~~~ Folders
Successfully deleted: [Folder] "C:\Users\Evan\appdata\local\software"
Successfully deleted: [Folder] "C:\Users\Evan\appdata\locallow\datamngr"
Successfully deleted: [Folder] "C:\Windows\syswow64\ai_recyclebin"
Successfully deleted: [Empty Folder] C:\Users\Evan\appdata\local\{0276CE73-7A65-4E5C-A224-8B1038987B07}
Successfully deleted: [Empty Folder] C:\Users\Evan\appdata\local\{027F2FC7-D8DA-44BA-B49B-F9B7473D26C9}
Successfully deleted: [Empty Folder] C:\Users\Evan\appdata\local\{02952872-A6C1-4656-AAE9-24A9B2091D2A}
Successfully deleted: [Empty Folder] C:\Users\Evan\appdata\local\{040983C8-E550-4131-9921-990BE204C075}
Successfully deleted: [Empty Folder] C:\Users\Evan\appdata\local\{05958333-F194-4599-9CFD-D9E39B37799B}
Successfully deleted: [Empty Folder] C:\Users\Evan\appdata\local\{0690BE3F-3A7C-4EF2-9A01-A406E59D2466}
Successfully deleted: [Empty Folder] C:\Users\Evan\appdata\local\{0B6571CD-DA0C-4498-9C80-2C743423192B}
Successfully deleted: [Empty Folder] C:\Users\Evan\appdata\local\{0E3D9E8B-E747-44E7-8C09-3E1A0BABB4ED}
Successfully deleted: [Empty Folder] C:\Users\Evan\appdata\local\{0F049A8E-4D92-4CEB-B280-1910BFF888F1}
Successfully deleted: [Empty Folder] C:\Users\Evan\appdata\local\{12F2263F-65B2-49F5-BBD4-23C7AA13F94D}
Successfully deleted: [Empty Folder] C:\Users\Evan\appdata\local\{15308E58-4B23-46F5-8AC6-2DD19E2CAA49}
Successfully deleted: [Empty Folder] C:\Users\Evan\appdata\local\{157C43CC-6281-4F8E-A5D5-212A01CDAD0E}
Successfully deleted: [Empty Folder] C:\Users\Evan\appdata\local\{1840F12B-8186-4A7E-B8F7-B2BDB2221E90}
Successfully deleted: [Empty Folder] C:\Users\Evan\appdata\local\{1B4A3D47-16D6-40A2-9928-989B4C7BD418}
Successfully deleted: [Empty Folder] C:\Users\Evan\appdata\local\{1E553122-6A77-4EA5-8E11-A6BFE40AF7DA}
Successfully deleted: [Empty Folder] C:\Users\Evan\appdata\local\{1FB57DF2-ABD4-42E3-80B9-4171F5ACB31C}
Successfully deleted: [Empty Folder] C:\Users\Evan\appdata\local\{2199B912-A863-4D88-BEFC-43F90080FA55}
Successfully deleted: [Empty Folder] C:\Users\Evan\appdata\local\{24681726-F71A-49B4-A018-7F30707814BC}
Successfully deleted: [Empty Folder] C:\Users\Evan\appdata\local\{2CE53162-71DD-40E5-8BA9-E74BD317AD71}
Successfully deleted: [Empty Folder] C:\Users\Evan\appdata\local\{308DDCAF-A43F-4346-A379-F404856EC6E0}
Successfully deleted: [Empty Folder] C:\Users\Evan\appdata\local\{3866519A-0B7E-4223-ABC3-C5F88DE2AA85}
Successfully deleted: [Empty Folder] C:\Users\Evan\appdata\local\{3AF6D013-3DCB-45B3-90DA-CA18E4F45451}
Successfully deleted: [Empty Folder] C:\Users\Evan\appdata\local\{3C41FEE6-A4DE-4EDE-A958-B0DE157EB18E}
Successfully deleted: [Empty Folder] C:\Users\Evan\appdata\local\{3EC6FF13-7DEA-42D2-A97B-0A6207FD1C95}
Successfully deleted: [Empty Folder] C:\Users\Evan\appdata\local\{419CCF39-3F17-47E6-A4D3-70AB803AD628}
Successfully deleted: [Empty Folder] C:\Users\Evan\appdata\local\{461521A1-12A1-4274-8C97-930970206B36}
Successfully deleted: [Empty Folder] C:\Users\Evan\appdata\local\{47BC10E2-B76D-44EE-AE79-238DDA93C646}
Successfully deleted: [Empty Folder] C:\Users\Evan\appdata\local\{4804CC66-6A42-4CDA-88C4-847AE3B8038D}
Successfully deleted: [Empty Folder] C:\Users\Evan\appdata\local\{49504263-4309-4A13-83E0-5A4D9462CA00}
Successfully deleted: [Empty Folder] C:\Users\Evan\appdata\local\{49DF9666-A81B-4257-91CC-6DE30DC44E05}
Successfully deleted: [Empty Folder] C:\Users\Evan\appdata\local\{4E07DD86-7127-4C12-B3B8-712A0E830C60}
Successfully deleted: [Empty Folder] C:\Users\Evan\appdata\local\{4E5B4542-5319-4C82-9C7A-734A3152E1D5}
Successfully deleted: [Empty Folder] C:\Users\Evan\appdata\local\{50E5ECDA-9383-4224-8A9D-7E09F162BE94}
Successfully deleted: [Empty Folder] C:\Users\Evan\appdata\local\{515F2CEA-3A4A-4582-879F-24567EA4F934}
Successfully deleted: [Empty Folder] C:\Users\Evan\appdata\local\{53256196-0EAD-4A5B-8FE4-6790A747D7DB}
Successfully deleted: [Empty Folder] C:\Users\Evan\appdata\local\{5ABF0CCC-8B88-4B28-A5F3-398DAA632003}
Successfully deleted: [Empty Folder] C:\Users\Evan\appdata\local\{5CC247A7-612B-4387-AF32-034B7B6B2CF0}
Successfully deleted: [Empty Folder] C:\Users\Evan\appdata\local\{5D05AEE2-BBD5-4114-88B7-367C7B5267F3}
Successfully deleted: [Empty Folder] C:\Users\Evan\appdata\local\{5DB527C4-2416-49B0-B98B-81C53B3EDEE8}
Successfully deleted: [Empty Folder] C:\Users\Evan\appdata\local\{5FFC2BB8-5D8C-4EC6-AF1B-665BFD8BB7AE}
Successfully deleted: [Empty Folder] C:\Users\Evan\appdata\local\{6238E4A4-2B83-48FB-ABE7-BD3E0B0FAB8B}
Successfully deleted: [Empty Folder] C:\Users\Evan\appdata\local\{6265480F-B347-4387-885A-B28157938982}
Successfully deleted: [Empty Folder] C:\Users\Evan\appdata\local\{65D053D5-0754-4AD8-87CD-3BE89C5F0058}
Successfully deleted: [Empty Folder] C:\Users\Evan\appdata\local\{66C92298-20B8-493E-9769-EDCB93C9C3D1}
Successfully deleted: [Empty Folder] C:\Users\Evan\appdata\local\{67D19D74-F33C-4A9D-AC8E-1A5E908C0D85}
Successfully deleted: [Empty Folder] C:\Users\Evan\appdata\local\{6986CADF-7FEB-4A6F-9276-041E674A7DD0}
Successfully deleted: [Empty Folder] C:\Users\Evan\appdata\local\{702AF69B-7AD8-4812-A35B-9A4F9DC8C6AD}
Successfully deleted: [Empty Folder] C:\Users\Evan\appdata\local\{704C6628-DCF2-48BE-944D-F8F317B4435B}
Successfully deleted: [Empty Folder] C:\Users\Evan\appdata\local\{72F0282E-9158-499D-B9F0-25CFE9275E98}
Successfully deleted: [Empty Folder] C:\Users\Evan\appdata\local\{734771F1-0ACE-4FD1-9A25-C4CC143F25EB}
Successfully deleted: [Empty Folder] C:\Users\Evan\appdata\local\{742B2F27-042E-4CE5-ACFA-A3952F89D52F}
Successfully deleted: [Empty Folder] C:\Users\Evan\appdata\local\{76366777-1ADF-4522-B1F8-9A537B27C18A}
Successfully deleted: [Empty Folder] C:\Users\Evan\appdata\local\{7A9D8A2F-FD30-497E-BF38-8081DB7D26D0}
Successfully deleted: [Empty Folder] C:\Users\Evan\appdata\local\{7B7944C9-B933-4974-AF79-55E49F860121}
Successfully deleted: [Empty Folder] C:\Users\Evan\appdata\local\{7BF07A24-A62B-4BDA-8A3D-D79D564C10A7}
Successfully deleted: [Empty Folder] C:\Users\Evan\appdata\local\{7D1AA490-3582-4F2C-A071-83969DB18A25}
Successfully deleted: [Empty Folder] C:\Users\Evan\appdata\local\{7D645B4A-6801-4A53-B18E-2D2072170962}
Successfully deleted: [Empty Folder] C:\Users\Evan\appdata\local\{7EF00E5B-3CE8-44C5-8005-19EF933D8A66}
Successfully deleted: [Empty Folder] C:\Users\Evan\appdata\local\{80CE96AD-2F16-4B4C-8C5B-C770C5C0D7F6}
Successfully deleted: [Empty Folder] C:\Users\Evan\appdata\local\{81F6522E-E308-4F32-A4E5-0F17A33B1122}
Successfully deleted: [Empty Folder] C:\Users\Evan\appdata\local\{83648C9A-88B1-42FE-98EF-EE0E55082848}
Successfully deleted: [Empty Folder] C:\Users\Evan\appdata\local\{85416FE3-E611-449F-9788-81D53AAEB677}
Successfully deleted: [Empty Folder] C:\Users\Evan\appdata\local\{8B560B28-7534-4216-8B38-0E333A40CD0C}
Successfully deleted: [Empty Folder] C:\Users\Evan\appdata\local\{8BAEC98B-8548-44ED-9172-269D16C5F642}
Successfully deleted: [Empty Folder] C:\Users\Evan\appdata\local\{8CA67213-B14B-4660-8E30-99FE9EFDCFF3}
Successfully deleted: [Empty Folder] C:\Users\Evan\appdata\local\{8D6FE5C9-4460-41B7-B127-4789828C6A6A}
Successfully deleted: [Empty Folder] C:\Users\Evan\appdata\local\{8E2BA52C-EB4B-4D60-B77F-5C9674BEF25F}
Successfully deleted: [Empty Folder] C:\Users\Evan\appdata\local\{8EA8DEA8-3154-43EF-A38D-5DE6FA6BD922}
Successfully deleted: [Empty Folder] C:\Users\Evan\appdata\local\{92D3FB98-DC23-412E-815C-C05C2E5732CC}
Successfully deleted: [Empty Folder] C:\Users\Evan\appdata\local\{9582B2ED-E414-4B3E-A4E8-D722991F727D}
Successfully deleted: [Empty Folder] C:\Users\Evan\appdata\local\{971D1FBD-C4A1-4B91-97A9-3E52F860F0F9}
Successfully deleted: [Empty Folder] C:\Users\Evan\appdata\local\{98FD5603-9622-44E5-B6F3-C8835E14DBDB}
Successfully deleted: [Empty Folder] C:\Users\Evan\appdata\local\{993B4C4B-8D94-45DC-8F08-A482177B0366}
Successfully deleted: [Empty Folder] C:\Users\Evan\appdata\local\{99586C72-A6D4-4E83-B9BC-7DEBF7C412C8}
Successfully deleted: [Empty Folder] C:\Users\Evan\appdata\local\{9AD79EC1-CE04-4D84-A754-783DE191F566}
Successfully deleted: [Empty Folder] C:\Users\Evan\appdata\local\{9BB21593-708F-42F7-931A-84F7584CE793}
Successfully deleted: [Empty Folder] C:\Users\Evan\appdata\local\{9BB5A2CC-77E0-493C-8C16-CD6ED41B1AE4}
Successfully deleted: [Empty Folder] C:\Users\Evan\appdata\local\{9BF4164F-D92D-4942-9EEB-B48358F4C75A}
Successfully deleted: [Empty Folder] C:\Users\Evan\appdata\local\{9CF5D2D6-A98A-48AC-8BF7-1F6A706B14E9}
Successfully deleted: [Empty Folder] C:\Users\Evan\appdata\local\{A0377432-3A86-4EA0-ACD9-BB6A85F04E16}
Successfully deleted: [Empty Folder] C:\Users\Evan\appdata\local\{A1F0AEF8-ABBB-4137-B3C2-F5293FBA7B5B}
Successfully deleted: [Empty Folder] C:\Users\Evan\appdata\local\{A2983D64-A72F-454A-9789-4F23E62BF836}
Successfully deleted: [Empty Folder] C:\Users\Evan\appdata\local\{A4F8D20F-CAD0-456F-B8DA-ABADA545278A}
Successfully deleted: [Empty Folder] C:\Users\Evan\appdata\local\{A5D97765-0119-414D-B4B6-60F9D49D9D67}
Successfully deleted: [Empty Folder] C:\Users\Evan\appdata\local\{AA5E2BED-1A68-4BF5-85CD-16C166D55E85}
Successfully deleted: [Empty Folder] C:\Users\Evan\appdata\local\{AE260CAF-C6C4-4C29-B364-5D99FB3C0C37}
Successfully deleted: [Empty Folder] C:\Users\Evan\appdata\local\{AFDB0E97-A508-48A9-8F09-0AC1DF7B1AF5}
Successfully deleted: [Empty Folder] C:\Users\Evan\appdata\local\{B2640F19-2C6F-4653-8170-4C363FF6CE2D}
Successfully deleted: [Empty Folder] C:\Users\Evan\appdata\local\{B7AD80B1-3573-4325-91D1-FF29BBB21E3F}
Successfully deleted: [Empty Folder] C:\Users\Evan\appdata\local\{B7ADFEAE-E0CB-4F38-99AB-83D46743E2E7}
Successfully deleted: [Empty Folder] C:\Users\Evan\appdata\local\{B803B952-E3C7-48F2-A5F7-0AC329F425AE}
Successfully deleted: [Empty Folder] C:\Users\Evan\appdata\local\{C1711E57-684E-4E45-B4BF-67DC1348002A}
Successfully deleted: [Empty Folder] C:\Users\Evan\appdata\local\{C50238F8-90EF-462A-B173-E577D85838E3}
Successfully deleted: [Empty Folder] C:\Users\Evan\appdata\local\{C52982ED-192B-426E-8357-9B3BD222B1BF}
Successfully deleted: [Empty Folder] C:\Users\Evan\appdata\local\{C591D302-A663-4435-B5D8-E38D0399499D}
Successfully deleted: [Empty Folder] C:\Users\Evan\appdata\local\{C62042D7-299B-4E6B-BD51-C1F6A3A1CBB8}
Successfully deleted: [Empty Folder] C:\Users\Evan\appdata\local\{CDA84C63-0468-4BB0-B587-5A81DB1EE84D}
Successfully deleted: [Empty Folder] C:\Users\Evan\appdata\local\{CE5732A7-55A0-4EC8-BF58-FA2397EE90E0}
Successfully deleted: [Empty Folder] C:\Users\Evan\appdata\local\{D0B63667-85C6-4832-9289-9F8E234F1F51}
Successfully deleted: [Empty Folder] C:\Users\Evan\appdata\local\{D1702FE1-C579-429A-B59B-A421FA325430}
Successfully deleted: [Empty Folder] C:\Users\Evan\appdata\local\{D1912243-22AA-4FFE-956A-CB5E3008EA98}
Successfully deleted: [Empty Folder] C:\Users\Evan\appdata\local\{D3FF6D66-2BFA-4CBE-88C2-AC1272BF6705}
Successfully deleted: [Empty Folder] C:\Users\Evan\appdata\local\{D4D7F4C4-85C1-498C-9845-83C089B1EA53}
Successfully deleted: [Empty Folder] C:\Users\Evan\appdata\local\{D6C7A541-BAAE-4789-AE2D-3CD5837ED9D7}
Successfully deleted: [Empty Folder] C:\Users\Evan\appdata\local\{DA4ECF57-48E2-418C-AF7A-F938190E4975}
Successfully deleted: [Empty Folder] C:\Users\Evan\appdata\local\{DD2146C4-F0F7-4CAA-A15E-0A77998A82EE}
Successfully deleted: [Empty Folder] C:\Users\Evan\appdata\local\{DF7503CA-9862-4F35-829A-C44CF2BCC173}
Successfully deleted: [Empty Folder] C:\Users\Evan\appdata\local\{E143D590-AE2F-4AF6-99EB-CC047CEBCF28}
Successfully deleted: [Empty Folder] C:\Users\Evan\appdata\local\{E4D0A64F-735D-42E3-A52C-DCF59C2041CC}
Successfully deleted: [Empty Folder] C:\Users\Evan\appdata\local\{E8233691-10A0-40F3-A556-3F68E22A6A21}
Successfully deleted: [Empty Folder] C:\Users\Evan\appdata\local\{E884809B-448C-473F-85BB-396F38FCBE49}
Successfully deleted: [Empty Folder] C:\Users\Evan\appdata\local\{EC37D898-15DA-492D-A894-20CADF309756}
Successfully deleted: [Empty Folder] C:\Users\Evan\appdata\local\{EDE3EA1C-D939-4ECD-B650-36619FBC2E65}
Successfully deleted: [Empty Folder] C:\Users\Evan\appdata\local\{EF5AE5DE-A1FB-4088-8F55-367B9573E8C1}
Successfully deleted: [Empty Folder] C:\Users\Evan\appdata\local\{F193F5C4-54FE-4F6C-AFB6-D89E934F153D}
Successfully deleted: [Empty Folder] C:\Users\Evan\appdata\local\{F5D03959-EC66-4C7E-840E-0E3686B87639}
Successfully deleted: [Empty Folder] C:\Users\Evan\appdata\local\{F672AF27-F6E2-4797-8FD2-D5FFDC33ACEF}
Successfully deleted: [Empty Folder] C:\Users\Evan\appdata\local\{F6C4EA3E-92B8-4ED1-A949-AC260A50AAD1}
Successfully deleted: [Empty Folder] C:\Users\Evan\appdata\local\{FAECAA97-1746-4CA4-8CA6-A0E7DCF1F226}
Successfully deleted: [Empty Folder] C:\Users\Evan\appdata\local\{FB509FBF-5043-47CF-98D3-0AF4FA63365C}
Successfully deleted: [Empty Folder] C:\Users\Evan\appdata\local\{FD58E7E1-5C5A-49B7-ABDF-4253F6F1A02E}
Successfully deleted: [Empty Folder] C:\Users\Evan\appdata\local\{FF4949E4-85A4-4FB4-B8FA-DDABDDBC4250}
~~~ FireFox
Failed to delete: [File] "C:\Program Files (x86)\Mozilla Firefox\searchplugins\bing.xml.old"
Successfully deleted: [File] "C:\Program Files (x86)\Mozilla Firefox\searchplugins\bing.xml.old"
Successfully deleted: [File] C:\Users\Evan\AppData\Roaming\mozilla\firefox\profiles\ruo31qt8.default\searchplugins\bing-zugo.xml
Successfully deleted the following from C:\Users\Evan\AppData\Roaming\mozilla\firefox\profiles\ruo31qt8.default\prefs.js
user_pref("ibryte_browseforchange.installpixelfired", true);
user_pref("ibryte_playbryte.installpixelfired", true);
user_pref("{5911488E-9D1E-40ec-8CBB-06B231CC153F}.update_url", "hxxp://tbupdate.zugo.com/ztb/update?partner_id={partner_id}&product_id={product_id}&affiliate_id={affiliate_id}
Emptied folder: C:\Users\Evan\AppData\Roaming\mozilla\firefox\profiles\ruo31qt8.default\minidumps [70 files]
~~~ Chrome
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Google\Chrome\Extensions\bgnnidmnbdkmhfkjgdnngciimpdgohok
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Google\Chrome\Extensions\kiplfnciaokpcennlkldkdaeaaomamof
~~~ Event Viewer Logs were cleared
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on Thu 09/12/2013 at 9:06:12.36
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
OTL logfile created on: 9/12/2013 9:43:25 AM - Run 2
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Evan\Downloads
64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.10.9200.16660)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy
3.68 Gb Total Physical Memory | 1.83 Gb Available Physical Memory | 49.81% Memory free
7.36 Gb Paging File | 5.18 Gb Available in Paging File | 70.38% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 449.66 Gb Total Space | 382.73 Gb Free Space | 85.12% Space Free | Partition Type: NTFS
Computer Name: EVANSPC | User Name: Evan | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
========== Processes (SafeList) ========== PRC - [2013/05/24 19:47:30 | 027,776,968 | ---- | M] (Dropbox, Inc.) -- C:\Users\Evan\AppData\Roaming\Dropbox\bin\Dropbox.exe
PRC - [2013/05/09 03:58:30 | 004,858,968 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\AvastUI.exe
PRC - [2013/05/09 03:58:30 | 000,046,808 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\AvastSvc.exe
PRC - [2013/05/09 03:58:27 | 000,137,960 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\afwServ.exe
PRC - [2013/04/04 14:50:32 | 000,701,512 | ---- | M] (Malwarebytes Corporation) -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe
PRC - [2013/04/04 14:50:32 | 000,532,040 | ---- | M] (Malwarebytes Corporation) -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe
PRC - [2013/04/04 14:50:32 | 000,418,376 | ---- | M] (Malwarebytes Corporation) -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe
PRC - [2012/11/18 16:31:11 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Evan\Downloads\OTL (1).exe
PRC - [2011/12/06 16:00:14 | 000,784,240 | ---- | M] () -- C:\Program Files (x86)\Motorola\MotoHelper\MotoHelperAgent.exe
PRC - [2011/12/06 16:00:14 | 000,214,896 | ---- | M] () -- C:\Program Files (x86)\Motorola\MotoHelper\MotoHelperService.exe
PRC - [2011/10/01 09:30:22 | 000,219,496 | ---- | M] (Microsoft Corporation) -- C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe
PRC - [2011/10/01 09:30:18 | 000,508,776 | ---- | M] (Microsoft Corporation) -- C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe
PRC - [2011/06/16 23:40:58 | 000,087,368 | ---- | M] (Nero AG) -- C:\Program Files (x86)\Motorola Media Link\Lite\NServiceEntry.exe
PRC - [2011/03/31 07:38:38 | 000,416,848 | ---- | M] (Dritek System Inc.) -- C:\Program Files (x86)\Launch Manager\LMutilps32.exe
PRC - [2011/03/31 07:38:36 | 000,352,848 | ---- | M] (Dritek System Inc.) -- C:\Program Files (x86)\Launch Manager\dsiwmis.exe
PRC - [2011/02/22 12:02:16 | 000,120,104 | ---- | M] (CyberLink Corp.) -- C:\Program Files (x86)\Acer\clear.fi\MVP\clear.fiAgent.exe
PRC - [2011/02/22 12:01:38 | 000,169,352 | ---- | M] () -- C:\Program Files (x86)\Acer\clear.fi\MVP\.\Kernel\DMR\DMREngine.exe
PRC - [2011/02/18 18:21:22 | 000,177,448 | ---- | M] (CyberLink Corp.) -- C:\Program Files (x86)\Acer\clear.fi\Movie\clear.fiMovieService.exe
PRC - [2011/02/15 13:36:10 | 000,257,344 | ---- | M] (NTI Corporation) -- C:\Program Files (x86)\NTI\Acer Backup Manager\IScheduleSvc.exe
PRC - [2011/02/15 13:35:34 | 000,297,280 | ---- | M] (NTI Corporation) -- C:\Program Files (x86)\NTI\Acer Backup Manager\BackupManagerTray.exe
PRC - [2011/01/31 15:55:14 | 000,244,624 | ---- | M] (Acer Incorporated) -- C:\Program Files\Acer\Acer Updater\UpdaterService.exe
PRC - [2010/09/27 21:00:56 | 000,340,336 | ---- | M] (Egis Technology Inc.) -- C:\Program Files (x86)\EgisTec MyWinLockerSuite\x86\SuiteTray.exe
PRC - [2010/09/17 18:10:16 | 000,407,920 | ---- | M] (Egis Technology Inc.) -- C:\Program Files (x86)\EgisTec IPS\PmmUpdate.exe
PRC - [2010/09/17 18:10:02 | 000,201,584 | ---- | M] (Egis Technology Inc.) -- C:\Program Files (x86)\EgisTec IPS\EgisUpdate.exe
PRC - [2010/04/13 11:57:58 | 000,013,336 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe
PRC - [2010/04/13 11:57:56 | 000,284,696 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe
PRC - [2010/03/17 23:57:02 | 002,320,920 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe
PRC - [2010/03/17 23:56:56 | 000,268,824 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe
PRC - [2010/01/08 08:21:22 | 000,023,584 | ---- | M] (Acer Incorporated) -- C:\Program Files (x86)\Acer\Registration\GREGsvc.exe
========== Modules (No Company Name) ========== MOD - [2013/08/15 08:21:04 | 011,914,752 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Web\8dc1c182cd1f10cd2abcfecd01fe9eeb\System.Web.ni.dll
MOD - [2013/08/15 08:20:54 | 000,771,584 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Runtime.Remo#\e06dbdafb38c38517aef61ac41e2fd9d\System.Runtime.Remoting.ni.dll
MOD - [2013/08/15 08:19:43 | 012,436,480 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\28ea347a952d20959ac6ae02d7457d39\System.Windows.Forms.ni.dll
MOD - [2013/08/15 08:19:32 | 001,593,344 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Drawing\5aa44bce7933e4de09d935848f868a4b\System.Drawing.ni.dll
MOD - [2013/08/15 08:19:13 | 003,348,480 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\WindowsBase\1f6f220f9efe936d1158c79b9d4b451f\WindowsBase.ni.dll
MOD - [2013/08/15 08:19:00 | 005,464,064 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Xml\09db78d6068543df01862a023aca785a\System.Xml.ni.dll
MOD - [2013/08/15 08:18:54 | 000,978,432 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Configuration\8f7d83126a3cf283e5ac97f2d6d99f12\System.Configuration.ni.dll
MOD - [2013/08/15 08:18:51 | 007,989,760 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System\5d22a30e587e2cac106b81fb351e7c08\System.ni.dll
MOD - [2013/07/16 18:13:41 | 011,499,520 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\mscorlib\9a6c1b7af18b4d5a91dc7f8d6617522f\mscorlib.ni.dll
MOD - [2013/03/13 15:48:52 | 024,978,944 | ---- | M] () -- C:\Users\Evan\AppData\Roaming\Dropbox\bin\libcef.dll
MOD - [2012/11/13 18:32:50 | 003,558,400 | ---- | M] () -- C:\Users\Evan\AppData\Roaming\Dropbox\bin\wxmsw28uh_vc.dll
MOD - [2011/12/06 16:00:14 | 000,784,240 | ---- | M] () -- C:\Program Files (x86)\Motorola\MotoHelper\MotoHelperAgent.exe
MOD - [2011/09/27 08:23:00 | 000,087,912 | ---- | M] () -- C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll
MOD - [2011/09/27 08:22:40 | 001,242,472 | ---- | M] () -- C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll
MOD - [2011/02/22 12:01:38 | 000,206,216 | ---- | M] () -- C:\Program Files (x86)\Acer\clear.fi\MVP\Kernel\DMR\CLNetMediaDMA.dll
MOD - [2011/02/22 12:01:38 | 000,169,352 | ---- | M] () -- C:\Program Files (x86)\Acer\clear.fi\MVP\.\Kernel\DMR\DMREngine.exe
MOD - [2011/02/15 13:37:10 | 000,465,640 | ---- | M] () -- C:\Program Files (x86)\NTI\Acer Backup Manager\sqlite3.dll
========== Services (SafeList) ========== SRV:
64bit: - [2013/05/27 00:50:47 | 001,011,712 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV:
64bit: - [2013/05/09 03:58:30 | 000,046,808 | ---- | M] (AVAST Software) [Auto | Running] -- C:\Program Files\AVAST Software\Avast\AvastSvc.exe -- (avast! Antivirus)
SRV:
64bit: - [2013/05/09 03:58:27 | 000,137,960 | ---- | M] (AVAST Software) [Auto | Running] -- C:\Program Files\AVAST Software\Avast\afwServ.exe -- (avast! Firewall)
SRV:
64bit: - [2012/09/08 08:31:05 | 000,140,672 | ---- | M] (SUPERAntiSpyware.com) [Auto | Running] -- C:\Program Files\SUPERAntiSpyware\SASCORE64.EXE -- (!SASCORE)
SRV:
64bit: - [2011/01/31 15:55:14 | 000,244,624 | ---- | M] (Acer Incorporated) [Auto | Running] -- C:\Program Files\Acer\Acer Updater\UpdaterService.exe -- (Live Updater Service)
SRV:
64bit: - [2010/09/22 20:10:10 | 000,057,184 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Program Files\Windows Live\Mesh\wlcrasvc.exe -- (wlcrasvc)
SRV - [2013/09/10 20:05:35 | 000,257,416 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)
SRV - [2013/04/12 23:37:22 | 000,115,608 | ---- | M] (Mozilla Foundation) [On_Demand | Stopped] -- C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance)
SRV - [2013/04/04 14:50:32 | 000,701,512 | ---- | M] (Malwarebytes Corporation) [Auto | Running] -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe -- (MBAMService)
SRV - [2013/04/04 14:50:32 | 000,418,376 | ---- | M] (Malwarebytes Corporation) [Auto | Running] -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe -- (MBAMScheduler)
SRV - [2011/12/06 16:00:14 | 000,214,896 | ---- | M] () [Auto | Running] -- C:\Program Files (x86)\Motorola\MotoHelper\MotoHelperService.exe -- (MotoHelper)
SRV - [2011/10/01 09:30:22 | 000,219,496 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe -- (sftvsa)
SRV - [2011/10/01 09:30:18 | 000,508,776 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe -- (sftlist)
SRV - [2011/08/09 14:28:18 | 000,655,624 | ---- | M] (Acresso Software Inc.) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe -- (FLEXnet Licensing Service)
SRV - [2011/06/16 23:40:58 | 000,087,368 | ---- | M] (Nero AG) [Auto | Running] -- C:\Program Files (x86)\Motorola Media Link\Lite\NServiceEntry.exe -- (DeviceMonitorService)
SRV - [2011/03/31 07:38:36 | 000,352,848 | ---- | M] (Dritek System Inc.) [Auto | Running] -- C:\Program Files (x86)\Launch Manager\dsiwmis.exe -- (DsiWMIService)
SRV - [2011/02/15 13:36:10 | 000,257,344 | ---- | M] (NTI Corporation) [Auto | Running] -- C:\Program Files (x86)\NTI\Acer Backup Manager\IScheduleSvc.exe -- (NTI IScheduleSvc)
SRV - [2010/10/22 14:08:18 | 001,039,360 | ---- | M] (Hewlett-Packard Co.) [Auto | Running] -- C:\Program Files (x86)\HP\Digital Imaging\bin\HPSLPSVC64.DLL -- (HPSLPSVC)
SRV - [2010/10/12 12:59:12 | 000,206,072 | ---- | M] (WildTangent, Inc.) [On_Demand | Stopped] -- C:\Program Files (x86)\WildTangent Games\App\GamesAppService.exe -- (GamesAppService)
SRV - [2010/09/27 20:09:54 | 000,172,912 | ---- | M] (Egis Technology Inc. ) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\EgisTec\Services\EgisTicketService.exe -- (EgisTec Ticket Service)
SRV - [2010/06/01 17:31:28 | 002,804,568 | ---- | M] (Symantec Corporation) [Auto | Running] -- C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuAgent.exe -- (NOBU)
SRV - [2010/04/13 11:57:58 | 000,013,336 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe -- (IAStorDataMgrSvc)
SRV - [2010/03/18 13:16:28 | 000,130,384 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32)
SRV - [2010/03/17 23:57:02 | 002,320,920 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe -- (UNS)
SRV - [2010/03/17 23:56:56 | 000,268,824 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe -- (LMS)
SRV - [2010/01/08 08:21:22 | 000,023,584 | ---- | M] (Acer Incorporated) [Auto | Running] -- C:\Program Files (x86)\Acer\Registration\GREGsvc.exe -- (GREGService)
SRV - [2009/06/10 16:23:09 | 000,066,384 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32)
========== Driver Services (SafeList) ========== DRV:
64bit: - [2013/06/27 17:17:35 | 001,030,952 | ---- | M] (AVAST Software) [File_System | System | Running] -- C:\Windows\SysNative\drivers\aswSnx.sys -- (aswSnx)
DRV:
64bit: - [2013/06/27 17:17:35 | 000,378,944 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\aswSP.sys -- (aswSP)
DRV:
64bit: - [2013/06/27 17:17:35 | 000,189,936 | ---- | M] () [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\aswVmm.sys -- (aswVmm)
DRV:
64bit: - [2013/05/09 03:59:07 | 000,072,016 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\aswRdr2.sys -- (aswRdr)
DRV:
64bit: - [2013/05/09 03:59:07 | 000,065,336 | ---- | M] () [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\aswRvrt.sys -- (aswRvrt)
DRV:
64bit: - [2013/05/09 03:59:07 | 000,064,288 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\aswTdi.sys -- (aswTdi)
DRV:
64bit: - [2013/05/09 03:59:06 | 000,270,824 | ---- | M] (AVAST Software) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\aswNdis2.sys -- (aswNdis2)
DRV:
64bit: - [2013/05/09 03:59:06 | 000,131,232 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\aswFW.sys -- (aswFW)
DRV:
64bit: - [2013/05/09 03:59:06 | 000,080,816 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:\Windows\SysNative\drivers\aswMonFlt.sys -- (aswMonFlt)
DRV:
64bit: - [2013/05/09 03:59:06 | 000,033,400 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:\Windows\SysNative\drivers\aswFsBlk.sys -- (aswFsBlk)
DRV:
64bit: - [2013/05/09 03:59:06 | 000,022,600 | ---- | M] (AVAST Software) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\aswKbd.sys -- (aswKbd)
DRV:
64bit: - [2013/04/04 14:50:32 | 000,025,928 | ---- | M] (Malwarebytes Corporation) [File_System | On_Demand | Running] -- C:\Windows\SysNative\drivers\mbam.sys -- (MBAMProtector)
DRV:
64bit: - [2013/02/11 23:12:06 | 000,019,968 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\usb8023x.sys -- (usb_rndisx)
DRV:
64bit: - [2012/09/03 11:12:36 | 000,031,080 | ---- | M] (AVG Technologies) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\avgtpx64.sys -- (avgtp)
DRV:
64bit: - [2012/03/01 01:46:16 | 000,023,408 | ---- | M] (Microsoft Corporation) [Recognizer | Boot | Unknown] -- C:\Windows\SysNative\drivers\fs_rec.sys -- (Fs_Rec)
DRV:
64bit: - [2011/11/08 13:59:12 | 000,011,776 | ---- | M] (Motorola Inc) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\motusbdevice.sys -- (motusbdevice)
DRV:
64bit: - [2011/10/01 09:30:22 | 000,022,376 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Sftvollh.sys -- (Sftvol)
DRV:
64bit: - [2011/10/01 09:30:18 | 000,268,648 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Sftplaylh.sys -- (Sftplay)
DRV:
64bit: - [2011/10/01 09:30:18 | 000,025,960 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Running] -- C:\Windows\SysNative\drivers\Sftredirlh.sys -- (Sftredir)
DRV:
64bit: - [2011/10/01 09:30:10 | 000,764,264 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Sftfslh.sys -- (Sftfs)
DRV:
64bit: - [2011/09/06 15:10:01 | 000,012,368 | ---- | M] (ALWIL Software) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\aswNdis.sys -- (aswNdis)
DRV:
64bit: - [2011/08/02 18:38:56 | 000,051,712 | ---- | M] (Apple, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\usbaapl64.sys -- (USBAAPL64)
DRV:
64bit: - [2011/07/22 11:26:56 | 000,014,928 | ---- | M] (SUPERAdBlocker.com and SUPERAntiSpyware.com) [Kernel | System | Running] -- C:\Program Files\SUPERAntiSpyware\sasdifsv64.sys -- (SASDIFSV)
DRV:
64bit: - [2011/07/12 16:55:18 | 000,012,368 | ---- | M] (SUPERAdBlocker.com and SUPERAntiSpyware.com) [Kernel | System | Running] -- C:\Program Files\SUPERAntiSpyware\saskutil64.sys -- (SASKUTIL)
DRV:
64bit: - [2011/04/18 23:51:36 | 000,062,584 | ---- | M] (Egis Technology Inc.) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\mwlPSDVDisk.sys -- (mwlPSDVDisk)
DRV:
64bit: - [2011/04/18 23:51:36 | 000,022,912 | ---- | M] (Egis Technology Inc.) [File_System | System | Running] -- C:\Windows\SysNative\drivers\mwlPSDFilter.sys -- (mwlPSDFilter)
DRV:
64bit: - [2011/04/18 23:51:36 | 000,020,328 | ---- | M] (Egis Technology Inc.) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\mwlPSDNserv.sys -- (mwlPSDNServ)
DRV:
64bit: - [2011/04/05 06:26:26 | 000,142,632 | ---- | M] (ELAN Microelectronics Corp.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\ETD.sys -- (ETD)
DRV:
64bit: - [2011/04/04 15:55:54 | 000,021,504 | ---- | M] (Motorola) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\motccgp.sys -- (motccgp)
DRV:
64bit: - [2011/03/31 15:53:40 | 000,030,208 | ---- | M] (Motorola) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\motmodem.sys -- (motmodem)
DRV:
64bit: - [2011/03/17 04:42:38 | 002,712,064 | ---- | M] (Atheros Communications, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\athrx.sys -- (athr)
DRV:
64bit: - [2011/03/11 01:41:12 | 000,107,904 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata)
DRV:
64bit: - [2011/03/11 01:41:12 | 000,027,008 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata)
DRV:
64bit: - [2011/03/09 23:01:45 | 000,018,432 | ---- | M] (NTI Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\NTIDrvr.sys -- (NTIDrvr)
DRV:
64bit: - [2011/03/09 23:01:45 | 000,017,408 | ---- | M] (NTI Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\UBHelper.sys -- (UBHelper)
DRV:
64bit: - [2011/03/01 09:33:16 | 004,720,704 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\BCMWL664.SYS -- (BCM43XX)
DRV:
64bit: - [2011/01/17 17:56:14 | 000,412,712 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\k57nd60a.sys -- (k57nd60a)
DRV:
64bit: - [2010/11/20 22:24:33 | 000,059,392 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbFlt.sys -- (TsUsbFlt)
DRV:
64bit: - [2010/11/20 22:23:47 | 000,078,720 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD)
DRV:
64bit: - [2010/11/20 22:23:47 | 000,031,232 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbGD.sys -- (TsUsbGD)
DRV:
64bit: - [2010/09/21 20:47:10 | 000,243,712 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\RtsUStor.sys -- (RSUSBSTOR)
DRV:
64bit: - [2010/07/19 19:10:40 | 010,603,904 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\igdkmd64.sys -- (igfx)
DRV:
64bit: - [2010/04/13 11:44:22 | 000,540,696 | ---- | M] (Intel Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\iaStor.sys -- (iaStor)
DRV:
64bit: - [2010/04/01 15:44:06 | 000,026,624 | ---- | M] (Motorola) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\Motousbnet.sys -- (Motousbnet)
DRV:
64bit: - [2010/02/26 18:32:14 | 000,158,976 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Impcd.sys -- (Impcd)
DRV:
64bit: - [2009/09/17 00:54:54 | 000,056,344 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\HECIx64.sys -- (HECIx64)
DRV:
64bit: - [2009/07/13 20:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs)
DRV:
64bit: - [2009/07/13 20:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2)
DRV:
64bit: - [2009/07/13 20:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor)
DRV:
64bit: - [2009/07/13 19:39:20 | 000,023,040 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\WSDPrint.sys -- (WSDPrintDevice)
DRV:
64bit: - [2009/07/13 19:35:32 | 000,012,288 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\serscan.sys -- (StillCam)
DRV:
64bit: - [2009/06/10 15:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv)
DRV:
64bit: - [2009/06/10 15:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv)
DRV:
64bit: - [2009/06/10 15:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a)
DRV:
64bit: - [2009/06/10 15:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir)
DRV:
64bit: - [2009/05/18 14:17:08 | 000,034,152 | ---- | M] (GEAR Software Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\GEARAspiWDM.sys -- (GEARAspiWDM)
DRV:
64bit: - [2009/01/29 18:18:12 | 000,009,216 | ---- | M] (Motorola) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\motccgpfl.sys -- (motccgpfl)
DRV:
64bit: - [2009/01/29 18:11:38 | 000,006,144 | ---- | M] (Motorola Inc) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\motfilt.sys -- (BTCFilterService)
DRV:
64bit: - [2007/11/02 16:52:02 | 000,008,576 | ---- | M] (Motorola) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\motswch.sys -- (MotoSwitchService)
DRV - [2009/07/13 20:19:10 | 000,019,008 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\wimmount.sys -- (WIMMount)
========== Standard Registry (SafeList) ========== ========== Internet Explorer ========== IE:
64bit: - HKLM\..\SearchScopes,DefaultScope =
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKLM\..\SearchScopes,DefaultScope =
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" =
http://www.bing.com/...ms}&FORM=IE8SRC IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page =
http://www.google.comIE - HKCU\..\SearchScopes,DefaultScope =
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local;192.168.*.*
========== FireFox ========== FF - prefs.js..browser.search.suggest.enabled: false
FF - prefs.js..browser.search.useDBForOrder: true
FF - prefs.js..extensions.enabledAddons: 2020Player_WEB%402020Technologies.com:5.0.91.0
FF - prefs.js..extensions.enabledAddons: text_links%40arcadeweb.com:1.0.0
FF - prefs.js..extensions.enabledAddons: wrc%40avast.com:8.0.1489
FF - prefs.js..extensions.enabledAddons: %7Bda51d4f6-3e7e-4ef8-b400-9198e0874606%7D:10.16.70.5
FF - prefs.js..extensions.enabledAddons: %7B972ce4c6-7e08-4474-a285-3208198ce6fd%7D:20.0.1
FF - user.js - File not found
FF:
64bit: - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF64_11_8_800_168.dll File not found
FF:
64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF:
64bit: - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files\Microsoft Silverlight\5.1.20513.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_8_800_168.dll ()
FF - HKLM\Software\MozillaPlugins\@adobe.com/ShockwavePlayer: C:\Windows\system32\Adobe\Director\np32dsw.dll (Adobe Systems, Inc.)
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=: File not found
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF - HKLM\Software\MozillaPlugins\@Google.com/GoogleEarthPlugin: C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.9.2: C:\Windows\SysWOW64\npDeployJava1.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.5.1: C:\Program Files (x86)\Oracle\JavaFX 2.1 Runtime\bin\plugin2\npjp2.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files (x86)\Microsoft Silverlight\5.1.20513.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/SharePoint,version=14.0: C:\PROGRA~2\MICROS~4\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3502.0922: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3508.1109: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3555.0308: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@pandonetworks.com/PandoWebPlugin: C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll File not found
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files (x86)\Google\Update\1.3.21.153\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files (x86)\Google\Update\1.3.21.153\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@WildTangent.com/GamesAppPresenceDetector,Version=1.0: C:\Program Files (x86)\WildTangent Games\App\BrowserIntegration\Registered\4\NP_wtapp.dll ()
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF - HKCU\Software\MozillaPlugins\@nsroblox.roblox.com/launcher: C:\Users\Evan\AppData\Local\Roblox\Versions\version-221a4807685c44e7\\NPRobloxProxy.dll ()
FF - HKCU\Software\MozillaPlugins\@Skype Limited.com/Facebook Video Calling Plugin: C:\Users\Evan\AppData\Local\Facebook\Video\Skype\npFacebookVideoCalling.dll (Skype Limited)
FF - HKCU\Software\MozillaPlugins\@talk.google.com/GoogleTalkPlugin: C:\Users\Evan\AppData\Roaming\Mozilla\plugins\npgoogletalk.dll (Google)
FF - HKCU\Software\MozillaPlugins\@talk.google.com/O1DPlugin: C:\Users\Evan\AppData\Roaming\Mozilla\plugins\npo1d.dll (Google)
FF - HKCU\Software\MozillaPlugins\@talk.google.com/O3DPlugin: C:\Users\Evan\AppData\Roaming\Mozilla\plugins\npgtpo3dautoplugin.dll ()
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Users\Evan\AppData\Local\Google\Update\1.3.21.153\npGoogleUpdate3.dll (Google Inc.)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Users\Evan\AppData\Local\Google\Update\1.3.21.153\npGoogleUpdate3.dll (Google Inc.)
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\
[email protected]: C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3 [2011/10/26 11:56:05 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\
[email protected]: C:\Program Files\AVAST Software\Avast\WebRep\FF [2013/06/14 11:07:07 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 20.0.1\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2013/04/12 23:37:25 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 20.0.1\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins
FF - HKEY_CURRENT_USER\software\mozilla\Firefox\Extensions\\
[email protected]: C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3 [2011/10/26 11:56:05 | 000,000,000 | ---D | M]
[2012/08/01 07:28:16 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Evan\AppData\Roaming\Mozilla\Extensions
[2013/09/12 08:32:37 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Evan\AppData\Roaming\Mozilla\Firefox\Profiles\ruo31qt8.default\extensions
[2012/03/19 12:12:58 | 000,000,000 | ---D | M] (20-20 3D Viewer - WEB) -- C:\Users\Evan\AppData\Roaming\Mozilla\Firefox\Profiles\ruo31qt8.default\extensions\
[email protected][2013/08/04 21:02:06 | 000,001,096 | ---- | M] () -- C:\Users\Evan\AppData\Roaming\Mozilla\Firefox\Profiles\ruo31qt8.default\searchplugins\keybar-114-customized-web-search.xml
[2013/04/12 23:36:45 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\Mozilla Firefox\extensions
[2013/06/14 11:07:07 | 000,000,000 | ---D | M] (avast! Online Security) -- C:\PROGRAM FILES\AVAST SOFTWARE\AVAST\WEBREP\FF
[2011/12/03 14:26:02 | 000,000,000 | ---D | M] ("ArcadeWeb") -- C:\USERS\EVAN\APPDATA\ROAMING\MOZILLA\EXTENSIONS\{EC8030F7-C20A-464F-9B0E-13A3A9E97384}\
[email protected]File not found (No name found) -- C:\USERS\EVAN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\RUO31QT8.DEFAULT\EXTENSIONS\{DA51D4F6-3E7E-4EF8-B400-9198E0874606}
[2013/04/12 23:37:24 | 000,263,064 | ---- | M] (Mozilla Foundation) -- C:\Program Files (x86)\mozilla firefox\components\browsercomps.dll
[2012/12/23 19:09:01 | 000,002,465 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\bing.xml
[2013/03/05 20:24:59 | 000,002,086 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\twitter.xml
========== Chrome ========== O1 HOSTS File: ([2012/11/20 14:18:42 | 000,000,098 | ---- | M]) - C:\Windows\SysNative\drivers\etc\Hosts
O1 - Hosts: 127.0.0.1 localhost
O1 - Hosts: ::1 localhost
O2:
64bit: - BHO: (avast! WebRep) - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software)
O2 - BHO: (Java Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Oracle\JavaFX 2.1 Runtime\bin\ssv.dll (Oracle Corporation)
O2 - BHO: (avast! WebRep) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
O2 - BHO: (Java Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Oracle\JavaFX 2.1 Runtime\bin\jp2ssv.dll (Oracle Corporation)
O3:
64bit: - HKLM\..\Toolbar: (avast! WebRep) - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software)
O3 - HKLM\..\Toolbar: (avast! WebRep) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
O4:
64bit: - HKLM..\Run: [ETDCtrl] C:\Program Files\Elantech\ETDCtrl.exe (ELAN Microelectronics Corp.)
O4:
64bit: - HKLM..\Run: [HotKeysCmds] C:\Windows\SysNative\hkcmd.exe (Intel Corporation)
O4:
64bit: - HKLM..\Run: [IgfxTray] C:\Windows\SysNative\igfxtray.exe (Intel Corporation)
O4:
64bit: - HKLM..\Run: [Persistence] C:\Windows\SysNative\igfxpers.exe (Intel Corporation)
O4:
64bit: - HKLM..\Run: [RtHDVCpl] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe (Realtek Semiconductor)
O4 - HKLM..\Run: [] File not found
O4 - HKLM..\Run: [APSDaemon] C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe (Apple Inc.)
O4 - HKLM..\Run: [ArcadeMovieService] C:\Program Files (x86)\Acer\clear.fi\Movie\clear.fiMovieService.exe (CyberLink Corp.)
O4 - HKLM..\Run: [avast] C:\Program Files\AVAST Software\Avast\avastUI.exe (AVAST Software)
O4 - HKLM..\Run: [BackupManagerTray] C:\Program Files (x86)\NTI\Acer Backup Manager\BackupManagerTray.exe (NTI Corporation)
O4 - HKLM..\Run: [EgisTecPMMUpdate] C:\Program Files (x86)\EgisTec IPS\PmmUpdate.exe (Egis Technology Inc.)
O4 - HKLM..\Run: [EgisUpdate] C:\Program Files (x86)\EgisTec IPS\EgisUpdate.exe (Egis Technology Inc.)
O4 - HKLM..\Run: [IAStorIcon] C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe (Intel Corporation)
O4 - HKLM..\Run: [Norton Online Backup] C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuClient.exe (Symantec Corporation)
O4 - HKLM..\Run: [Sendori Tray] "C:\Program Files (x86)\Sendori\SendoriTray.exe" File not found
O4 - HKLM..\Run: [SuiteTray] C:\Program Files (x86)\EgisTec MyWinLockerSuite\x86\SuiteTray.exe (Egis Technology Inc.)
O4 - HKCU..\Run: [cdloader] C:\Users\Evan\AppData\Roaming\mjusbsp\cdloader2.exe (magicJack L.P.)
O4 - HKCU..\Run: [Facebook Update] C:\Users\Evan\AppData\Local\Facebook\Update\FacebookUpdate.exe (Facebook Inc.)
O4 - HKCU..\Run: [SUPERAntiSpyware] C:\Program Files\SUPERAntiSpyware\SUPERANTISPYWARE.EXE (SUPERAntiSpyware)
O4 - Startup: C:\Users\Evan\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk = C:\Users\Evan\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O7 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: LogonHoursAction = 2
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DontDisplayLogonHoursWarnings = 1
O10:
64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000007 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000007 [] - C:\Program Files (x86)\Bonjour\mdnsNSP.dll (Apple Inc.)
O13 - gopher Prefix: missing
O16 - DPF: {7530BFB8-7293-4D34-9923-61A11451AFC5}
http://download.eset...lineScanner.cab (Reg Error: Key error.)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93}
http://java.sun.com/...indows-i586.cab (Java Plug-in 10.5.1)
O16 - DPF: {CAFEEFAC-0016-0000-0029-ABCDEFFEDCBA}
http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_29)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA}
http://java.sun.com/...indows-i586.cab (Java Plug-in 10.5.1)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{AF479938-5C98-4782-90A5-D39C7AC4C15B}: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{E6E055BB-98EE-4114-892B-59092F877D86}: DhcpNameServer = 192.168.42.129
O18:
64bit: - Protocol\Handler\livecall - No CLSID value found
O18:
64bit: - Protocol\Handler\msnim - No CLSID value found
O18:
64bit: - Protocol\Handler\wlmailhtml - No CLSID value found
O18:
64bit: - Protocol\Handler\wlpg - No CLSID value found
O20:
64bit: - HKLM Winlogon: Shell - (Explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:
64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysWOW64\userinit.exe (Microsoft Corporation)
O20:
64bit: - Winlogon\Notify\igfxcui: DllName - (igfxdev.dll) - C:\Windows\SysNative\igfxdev.dll (Intel Corporation)
O21:
64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O32 - HKLM CDRom: AutoRun - 1
O34 - HKLM BootExecute: (autocheck autochk *)
O35:
64bit: - HKLM\..comfile [open] -- "%1" %*
O35:
64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:
64bit: - HKLM\...com [@ = comfile] -- "%1" %*
O37:
64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)
========== Files/Folders - Created Within 30 Days ========== [2013/09/12 08:48:51 | 000,000,000 | ---D | C] -- C:\Windows\ERUNT
[2013/09/12 08:06:31 | 000,000,000 | ---D | C] -- C:\AdwCleaner
[2013/08/14 23:37:35 | 000,391,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieui.dll
[2013/08/14 23:37:34 | 000,526,336 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieui.dll
[2013/08/14 23:37:31 | 000,061,440 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\iesetup.dll
[2013/08/14 23:37:30 | 000,071,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\RegisterIEPKEYs.exe
[2013/08/14 23:37:30 | 000,067,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\iesetup.dll
[2013/08/14 23:37:30 | 000,039,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\iernonce.dll
[2013/08/14 23:37:30 | 000,033,280 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\iernonce.dll
[2013/08/14 23:37:29 | 000,136,704 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\iesysprep.dll
[2013/08/14 23:37:29 | 000,109,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\iesysprep.dll
[2013/08/14 23:37:29 | 000,089,600 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\RegisterIEPKEYs.exe
[2013/08/14 23:37:29 | 000,051,712 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ie4uinit.exe
[2013/08/14 23:37:23 | 000,603,136 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msfeeds.dll
[2013/08/14 23:37:22 | 000,855,552 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\jscript.dll
[2013/08/14 23:37:21 | 000,690,688 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\jscript.dll
[2013/08/14 23:37:20 | 003,958,784 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\jscript9.dll
[2013/08/14 23:25:00 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\MRT
[2013/08/14 09:00:55 | 001,472,512 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\crypt32.dll
[2013/08/14 09:00:53 | 000,224,256 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wintrust.dll
[2013/08/14 09:00:51 | 000,139,776 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\cryptnet.dll
[2013/08/14 08:59:59 | 001,888,768 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\WMVDECOD.DLL
[2013/08/14 08:59:58 | 001,620,992 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\WMVDECOD.DLL
[2013/08/14 08:59:56 | 001,217,024 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\rpcrt4.dll
[2013/08/14 08:59:45 | 003,913,664 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ntoskrnl.exe
[2013/08/14 08:59:41 | 003,968,960 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ntkrnlpa.exe
[2013/08/14 08:59:40 | 005,550,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ntoskrnl.exe
[2013/08/14 08:59:38 | 001,732,032 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ntdll.dll
[2013/08/14 08:59:35 | 000,243,712 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wow64.dll
[2013/08/14 08:59:32 | 000,014,336 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ntvdm64.dll
[2013/08/14 08:59:22 | 000,005,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wow32.dll
[2013/08/14 08:59:20 | 000,025,600 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\setup16.exe
[2013/08/14 08:59:20 | 000,007,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\instnm.exe
[2013/08/14 08:59:18 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\user.exe
[1 C:\Users\Evan\Desktop\*.tmp files -> C:\Users\Evan\Desktop\*.tmp -> ]
========== Files - Modified Within 30 Days ========== [2013/09/12 09:49:00 | 000,000,904 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-4046523146-1281529262-768510782-1001UA.job
[2013/09/12 09:42:14 | 000,000,512 | ---- | M] () -- C:\Users\Evan\Desktop\MBR.dat
[2013/09/12 09:42:00 | 000,000,894 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2013/09/12 09:05:00 | 000,000,830 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
[2013/09/12 08:43:15 | 000,016,976 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2013/09/12 08:43:15 | 000,016,976 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2013/09/12 08:39:40 | 000,733,504 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2013/09/12 08:39:40 | 000,616,680 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2013/09/12 08:39:40 | 000,104,604 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2013/09/12 08:34:45 | 000,000,890 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2013/09/12 08:34:12 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2013/09/12 08:34:07 | 2962,255,872 | -HS- | M] () -- C:\hiberfil.sys
[2013/09/12 08:03:01 | 000,000,508 | ---- | M] () -- C:\Windows\tasks\SUPERAntiSpyware Scheduled Task f740b301-be2e-4adf-b5cf-ad7cc5dd55e3.job
[2013/09/11 16:45:01 | 000,000,924 | ---- | M] () -- C:\Windows\tasks\FacebookUpdateTaskUserS-1-5-21-4046523146-1281529262-768510782-1001UA.job
[2013/09/11 16:45:01 | 000,000,902 | ---- | M] () -- C:\Windows\tasks\FacebookUpdateTaskUserS-1-5-21-4046523146-1281529262-768510782-1001Core.job
[2013/09/11 10:00:00 | 000,000,508 | ---- | M] () -- C:\Windows\tasks\SUPERAntiSpyware Scheduled Task a39e6601-b5e7-4df7-8b21-269bdcb13c35.job
[2013/09/11 09:24:57 | 000,610,034 | ---- | M] () -- C:\Users\Evan\Desktop\IBR9-2013.pdf
[2013/09/10 20:05:34 | 000,692,616 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerApp.exe
[2013/09/10 20:05:34 | 000,071,048 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl
[2013/09/09 22:49:00 | 000,000,852 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-4046523146-1281529262-768510782-1001Core.job
[2013/09/09 08:58:09 | 493,391,071 | ---- | M] () -- C:\Windows\MEMORY.DMP
[2013/09/09 08:12:12 | 000,002,018 | ---- | M] () -- C:\Users\Public\Desktop\Adobe Reader 9.lnk
[2013/09/05 18:56:36 | 000,002,362 | ---- | M] () -- C:\Users\Evan\Desktop\Google Chrome.lnk
[2013/08/30 16:19:43 | 000,081,043 | ---- | M] () -- C:\Users\Evan\Desktop\fancy3.jpg
[2013/08/30 16:19:18 | 000,081,711 | ---- | M] () -- C:\Users\Evan\Desktop\fancytiff.jpg
[2013/08/30 16:19:08 | 000,073,661 | ---- | M] () -- C:\Users\Evan\Desktop\fancy.jpg
[1 C:\Users\Evan\Desktop\*.tmp files -> C:\Users\Evan\Desktop\*.tmp -> ]
========== Files Created - No Company Name ========== [2013/09/11 09:24:54 | 000,610,034 | ---- | C] () -- C:\Users\Evan\Desktop\IBR9-2013.pdf
[2013/08/30 16:19:43 | 000,081,043 | ---- | C] () -- C:\Users\Evan\Desktop\fancy3.jpg
[2013/08/30 16:19:17 | 000,081,711 | ---- | C] () -- C:\Users\Evan\Desktop\fancytiff.jpg
[2013/08/30 16:19:06 | 000,073,661 | ---- | C] () -- C:\Users\Evan\Desktop\fancy.jpg
[2013/04/07 14:14:01 | 000,000,017 | ---- | C] () -- C:\Windows\SysWow64\shortcut_ex.dat
[2013/03/25 17:47:26 | 000,207,259 | ---- | C] () -- C:\Windows\hpwins28.dat.temp
[2012/08/01 07:28:50 | 000,000,815 | ---- | C] () -- C:\Windows\wininit.ini
[2012/03/05 10:57:17 | 000,000,632 | RHS- | C] () -- C:\Users\Evan\ntuser.pol
[2012/02/29 14:55:10 | 000,000,418 | ---- | C] () -- C:\Windows\hpwmdl28.dat.temp
[2012/01/02 15:01:08 | 000,000,069 | ---- | C] () -- C:\Windows\NeroDigital.ini
[2011/10/28 08:46:17 | 000,000,043 | ---- | C] () -- C:\Users\Evan\jagex_cl_runescape_LIVE.dat
[2011/10/28 08:46:17 | 000,000,024 | ---- | C] () -- C:\Users\Evan\random.dat
[2011/10/26 11:45:52 | 000,206,572 | ---- | C] () -- C:\Windows\hpwins28.dat
[2011/10/18 14:37:27 | 000,749,728 | ---- | C] () -- C:\Windows\SysWow64\PerfStringBackup.INI
[2010/06/18 03:18:40 | 000,417,902 | ---- | C] () -- C:\Users\Evan\Scary Scream.mp3
========== ZeroAccess Check ========== [2009/07/13 23:55:00 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini
[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] /64
[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
"" = C:\Windows\SysNative\shell32.dll -- [2013/02/27 00:52:56 | 014,172,672 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2013/02/26 23:55:05 | 012,872,704 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\fastprox.dll -- [2009/07/13 20:40:51 | 000,909,312 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2010/11/20 22:24:25 | 000,606,208 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\wbemess.dll -- [2009/07/13 20:41:56 | 000,505,856 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]
========== Alternate Data Streams ========== @Alternate Data Stream - 408 bytes -> C:\ProgramData\Temp:5C321E34
< End of report >
OTL Extras logfile created on: 9/12/2013 9:43:25 AM - Run 2
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Evan\Downloads
64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.10.9200.16660)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy
3.68 Gb Total Physical Memory | 1.83 Gb Available Physical Memory | 49.81% Memory free
7.36 Gb Paging File | 5.18 Gb Available in Paging File | 70.38% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 449.66 Gb Total Space | 382.73 Gb Free Space | 85.12% Space Free | Partition Type: NTFS
Computer Name: EVANSPC | User Name: Evan | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
========== Extra Registry (All) ========== ========== File Associations ========== 64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.chm[@ = chm.file] -- C:\Windows\hh.exe (Microsoft Corporation)
.cpl[@ = cplfile] -- C:\Windows\SysNative\control.exe (Microsoft Corporation)
.hlp[@ = hlpfile] -- C:\Windows\winhlp32.exe (Microsoft Corporation)
.hta[@ = htafile] -- C:\Windows\SysWOW64\mshta.exe (Microsoft Corporation)
.html[@ = htmlfile] -- C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation)
.inf[@ = inffile] -- C:\Windows\SysNative\NOTEPAD.EXE (Microsoft Corporation)
.ini[@ = inifile] -- C:\Windows\SysNative\NOTEPAD.EXE (Microsoft Corporation)
.url[@ = InternetShortcut] -- C:\Windows\SysNative\rundll32.exe (Microsoft Corporation)
.js[@ = JSFile] -- C:\Windows\SysNative\WScript.exe (Microsoft Corporation)
.jse[@ = JSEFile] -- C:\Windows\SysNative\WScript.exe (Microsoft Corporation)
.reg[@ = regfile] -- C:\Windows\regedit.exe (Microsoft Corporation)
.txt[@ = txtfile] -- C:\Windows\SysNative\NOTEPAD.EXE (Microsoft Corporation)
.vbe[@ = VBEFile] -- C:\Windows\SysNative\WScript.exe (Microsoft Corporation)
.vbs[@ = VBSFile] -- C:\Windows\SysNative\WScript.exe (Microsoft Corporation)
.wsf[@ = WSFFile] -- C:\Windows\SysNative\WScript.exe (Microsoft Corporation)
.wsh[@ = WSHFile] -- C:\Windows\SysNative\WScript.exe (Microsoft Corporation)
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.bat [@ = batfile] -- "%1" %*
.chm [@ = chm.file] -- C:\Windows\hh.exe (Microsoft Corporation)
.cmd [@ = cmdfile] -- "%1" %*
.com [@ = comfile] -- "%1" %*
.cpl [@ = cplfile] -- C:\Windows\SysWow64\control.exe (Microsoft Corporation)
.exe [@ = exefile] -- "%1" %*
.hlp [@ = hlpfile] -- C:\Windows\winhlp32.exe (Microsoft Corporation)
.hta [@ = htafile] -- C:\Windows\SysWOW64\mshta.exe (Microsoft Corporation)
.html [@ = htmlfile] -- C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation)
.inf [@ = inffile] -- C:\Windows\SysWow64\NOTEPAD.EXE (Microsoft Corporation)
.ini [@ = inifile] -- C:\Windows\SysWow64\NOTEPAD.EXE (Microsoft Corporation)
.url [@ = InternetShortcut] -- C:\Windows\SysWow64\rundll32.exe (Microsoft Corporation)
.js [@ = JSFile] -- C:\Windows\SysWow64\WScript.exe (Microsoft Corporation)
.jse [@ = JSEFile] -- C:\Windows\SysWow64\WScript.exe (Microsoft Corporation)
.pif [@ = piffile] -- "%1" %*
.reg [@ = regfile] -- C:\Windows\SysWow64\regedit.exe (Microsoft Corporation)
.scr [@ = scrfile] -- "%1" /S
.txt [@ = txtfile] -- C:\Windows\SysWow64\NOTEPAD.EXE (Microsoft Corporation)
.vbe [@ = VBEFile] -- C:\Windows\SysWow64\WScript.exe (Microsoft Corporation)
.vbs [@ = VBSFile] -- C:\Windows\SysWow64\WScript.exe (Microsoft Corporation)
.wsf [@ = WSFFile] -- C:\Windows\SysWow64\WScript.exe (Microsoft Corporation)
.wsh [@ = WSHFile] -- C:\Windows\SysWow64\WScript.exe (Microsoft Corporation)
[HKEY_CURRENT_USER\SOFTWARE\Classes\<extension>]
.html [@ = ChromeHTML] -- C:\Users\Evan\AppData\Local\Google\Chrome\Application\chrome.exe (Google Inc.)
========== Shell Spawning ========== 64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [edit] -- %SystemRoot%\System32\NOTEPAD.EXE %1 (Microsoft Corporation)
batfile [open] -- "%1" %*
batfile [print] -- %SystemRoot%\System32\NOTEPAD.EXE /p %1 (Microsoft Corporation)
chm.file [open] -- "%SystemRoot%\hh.exe" %1 (Microsoft Corporation)
cmdfile [edit] -- %SystemRoot%\System32\NOTEPAD.EXE %1 (Microsoft Corporation)
cmdfile [open] -- "%1" %*
cmdfile [print] -- %SystemRoot%\System32\NOTEPAD.EXE /p %1 (Microsoft Corporation)
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
hlpfile [open] -- %SystemRoot%\winhlp32.exe %1 (Microsoft Corporation)
htafile [open] -- C:\Windows\SysWOW64\mshta.exe "%1" %* (Microsoft Corporation)
htmlfile [edit] -- Reg Error: Key error.
htmlfile [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
htmlfile [opennew] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
htmlfile [print] -- "%systemroot%\system32\rundll32.exe" "%systemroot%\system32\mshtml.dll",PrintHTML "%1"
http [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
https [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
inffile [open] -- %SystemRoot%\System32\NOTEPAD.EXE %1 (Microsoft Corporation)
inffile [print] -- %SystemRoot%\system32\NOTEPAD.EXE /p %1 (Microsoft Corporation)
inifile [open] -- %SystemRoot%\system32\NOTEPAD.EXE %1 (Microsoft Corporation)
inifile [print] -- %SystemRoot%\system32\NOTEPAD.EXE /p %1 (Microsoft Corporation)
InternetShortcut [open] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll",OpenURL %l (Microsoft Corporation)
InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
jsfile [edit] -- C:\Windows\System32\Notepad.exe %1 (Microsoft Corporation)
jsfile [open] -- %SystemRoot%\System32\WScript.exe "%1" %* (Microsoft Corporation)
jsfile [print] -- C:\Windows\System32\Notepad.exe /p %1 (Microsoft Corporation)
jsefile [edit] -- C:\Windows\System32\Notepad.exe %1 (Microsoft Corporation)
jsefile [open] -- C:\Windows\System32\WScript.exe "%1" %* (Microsoft Corporation)
jsefile [print] -- C:\Windows\System32\Notepad.exe /p %1 (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [edit] -- %SystemRoot%\system32\notepad.exe "%1" (Microsoft Corporation)
regfile [open] -- regedit.exe "%1" (Microsoft Corporation)
regfile [merge] -- Reg Error: Key error.
regfile [print] -- %SystemRoot%\system32\notepad.exe /p "%1" (Microsoft Corporation)
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
txtfile [open] -- %SystemRoot%\system32\NOTEPAD.EXE %1 (Microsoft Corporation)
txtfile [print] -- %SystemRoot%\system32\NOTEPAD.EXE /p %1 (Microsoft Corporation)
txtfile [printto] -- %SystemRoot%\system32\notepad.exe /pt "%1" "%2" "%3" "%4" (Microsoft Corporation)
vbefile [edit] -- "%SystemRoot%\System32\Notepad.exe" %1 (Microsoft Corporation)
vbefile [open] -- %SystemRoot%\System32\WScript.exe "%1" %* (Microsoft Corporation)
vbefile [print] -- "%SystemRoot%\System32\Notepad.exe" /p %1 (Microsoft Corporation)
vbsfile [edit] -- "%SystemRoot%\System32\Notepad.exe" %1 (Microsoft Corporation)
vbsfile [open] -- %SystemRoot%\System32\WScript.exe "%1" %* (Microsoft Corporation)
vbsfile [print] -- "%SystemRoot%\System32\Notepad.exe" /p %1 (Microsoft Corporation)
wsffile [edit] -- "%SystemRoot%\System32\Notepad.exe" %1 (Microsoft Corporation)
wsffile [open] -- "%SystemRoot%\System32\WScript.exe" "%1" %* (Microsoft Corporation)
wsffile [print] -- "%SystemRoot%\System32\Notepad.exe" /p %1 (Microsoft Corporation)
wshfile [open] -- "%SystemRoot%\System32\WScript.exe" "%1" %* (Microsoft Corporation)
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Applications\iexplore.exe [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
CLSID\{871C5380-42A0-1069-A2EA-08002B30309D} [OpenHomePage] -- "C:\Program Files\Internet Explorer\iexplore.exe" (Microsoft Corporation)
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [edit] -- %SystemRoot%\System32\NOTEPAD.EXE %1 (Microsoft Corporation)
batfile [open] -- "%1" %*
batfile [print] -- %SystemRoot%\System32\NOTEPAD.EXE /p %1 (Microsoft Corporation)
chm.file [open] -- "%SystemRoot%\hh.exe" %1 (Microsoft Corporation)
cmdfile [edit] -- %SystemRoot%\System32\NOTEPAD.EXE %1 (Microsoft Corporation)
cmdfile [open] -- "%1" %*
cmdfile [print] -- %SystemRoot%\System32\NOTEPAD.EXE /p %1 (Microsoft Corporation)
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
hlpfile [open] -- %SystemRoot%\winhlp32.exe %1 (Microsoft Corporation)
htafile [open] -- C:\Windows\SysWOW64\mshta.exe "%1" %* (Microsoft Corporation)
htmlfile [edit] -- Reg Error: Key error.
htmlfile [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
htmlfile [opennew] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
htmlfile [print] -- "%systemroot%\system32\rundll32.exe" "%systemroot%\system32\mshtml.dll",PrintHTML "%1"
http [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
https [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
inffile [open] -- %SystemRoot%\System32\NOTEPAD.EXE %1 (Microsoft Corporation)
inffile [print] -- %SystemRoot%\system32\NOTEPAD.EXE /p %1 (Microsoft Corporation)
inifile [open] -- %SystemRoot%\system32\NOTEPAD.EXE %1 (Microsoft Corporation)
inifile [print] -- %SystemRoot%\system32\NOTEPAD.EXE /p %1 (Microsoft Corporation)
InternetShortcut [open] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll",OpenURL %l (Microsoft Corporation)
InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
jsfile [edit] -- C:\Windows\System32\Notepad.exe %1 (Microsoft Corporation)
jsfile [open] -- %SystemRoot%\System32\WScript.exe "%1" %* (Microsoft Corporation)
jsfile [print] -- C:\Windows\System32\Notepad.exe /p %1 (Microsoft Corporation)
jsefile [edit] -- C:\Windows\System32\Notepad.exe %1 (Microsoft Corporation)
jsefile [open] -- C:\Windows\System32\WScript.exe "%1" %* (Microsoft Corporation)
jsefile [print] -- C:\Windows\System32\Notepad.exe /p %1 (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [edit] -- %SystemRoot%\system32\notepad.exe "%1" (Microsoft Corporation)
regfile [open] -- regedit.exe "%1" (Microsoft Corporation)
regfile [merge] -- Reg Error: Key error.
regfile [print] -- %SystemRoot%\system32\notepad.exe /p "%1" (Microsoft Corporation)
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
txtfile [open] -- %SystemRoot%\system32\NOTEPAD.EXE %1 (Microsoft Corporation)
txtfile [print] -- %SystemRoot%\system32\NOTEPAD.EXE /p %1 (Microsoft Corporation)
txtfile [printto] -- %SystemRoot%\system32\notepad.exe /pt "%1" "%2" "%3" "%4" (Microsoft Corporation)
vbefile [edit] -- "%SystemRoot%\System32\Notepad.exe" %1 (Microsoft Corporation)
vbefile [open] -- %SystemRoot%\System32\WScript.exe "%1" %* (Microsoft Corporation)
vbefile [print] -- "%SystemRoot%\System32\Notepad.exe" /p %1 (Microsoft Corporation)
vbsfile [edit] -- "%SystemRoot%\System32\Notepad.exe" %1 (Microsoft Corporation)
vbsfile [open] -- %SystemRoot%\System32\WScript.exe "%1" %* (Microsoft Corporation)
vbsfile [print] -- "%SystemRoot%\System32\Notepad.exe" /p %1 (Microsoft Corporation)
wsffile [edit] -- "%SystemRoot%\System32\Notepad.exe" %1 (Microsoft Corporation)
wsffile [open] -- "%SystemRoot%\System32\WScript.exe" "%1" %* (Microsoft Corporation)
wsffile [print] -- "%SystemRoot%\System32\Notepad.exe" /p %1 (Microsoft Corporation)
wshfile [open] -- "%SystemRoot%\System32\WScript.exe" "%1" %* (Microsoft Corporation)
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Applications\iexplore.exe [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
CLSID\{871C5380-42A0-1069-A2EA-08002B30309D} [OpenHomePage] -- Reg Error: Value error.
========== Security Center Settings ========== 64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1
"FirewallDisableNotify" = 0
"AntiVirusDisableNotify" = 0
"UpdatesDisableNotify" = 0
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = 28 4D B2 76 41 04 CA 01 [binary data]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
========== System Restore Settings ========== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"DisableSR" = 0
========== Firewall Settings ========== 64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall]
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\DomainProfile]
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\StandardProfile]
[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\DomainProfile]
[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\StandardProfile]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0
========== Authorized Applications List ========== [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
========== Vista Active Open Ports Exception List ========== [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{01394FED-2C91-4C47-A7EC-13288771BDC2}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss |
[email protected],-28539 |
"{01433AB3-EB1F-4E05-891C-25ABB0A9E7DB}" = rport=137 | protocol=17 | dir=out | app=system |
"{08986512-BC1D-4B2C-B324-16420C3892E9}" = rport=427 | protocol=17 | dir=in | svc=hpslpsvc | app=c:\windows\system32\svchost.exe |
"{1CC1E6C0-3F69-4252-BDD1-775DDD2E643D}" = lport=138 | protocol=17 | dir=in | app=system |
"{2AF74A9E-7B61-4FD0-8A72-1B2CAB38ABC3}" = lport=2177 | protocol=17 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{2C80425F-18EF-4E65-BADE-451CBF5A9789}" = lport=137 | protocol=17 | dir=in | app=system |
"{32DCCFD0-8EBA-44C1-8E94-3B1807640878}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{3981646F-B23B-4422-9960-2CE794F225B4}" = lport=2177 | protocol=6 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{3F7C7240-0B53-47EC-BE1C-30592952E440}" = lport=2869 | protocol=6 | dir=in | app=system |
"{484CE47B-BEAF-4E1B-A5CC-875BF59940DE}" = lport=rpc | protocol=6 | dir=in | svc=spooler | app=%systemroot%\system32\spoolsv.exe |
"{55724988-186D-44F8-A968-94011F06AF29}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{617C1F1D-D6D9-4CAD-A013-8F217BAE42C8}" = rport=139 | protocol=6 | dir=out | app=system |
"{65A46D41-604D-43AE-A3E5-BEC7AF512BE8}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{6F1E673C-C536-42B1-BBD6-E9DBEB0F97F9}" = rport=2177 | protocol=17 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{7092585D-CA23-4AA8-90BE-DFFE1A83C901}" = lport=139 | protocol=6 | dir=in | app=system |
"{7DD6775F-5F8B-4D5C-9240-83ED035D6492}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{7DDF8B23-E2DB-4394-877D-88781891C2A9}" = rport=445 | protocol=6 | dir=out | app=system |
"{825BC122-D6BA-4B65-B131-56BECB2BFA2F}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{842061A0-2DC9-4DC1-A10B-290FD7E1E2CC}" = rport=138 | protocol=17 | dir=out | app=system |
"{88EC4423-239D-4F14-8724-CB90A13C9083}" = lport=1900 | protocol=17 | dir=in | name=windows live communications platform (ssdp) |
"{8E304BB7-F867-4E92-9BD0-BAEDB56B0431}" = lport=10243 | protocol=6 | dir=in | app=system |
"{A0E0AC03-FE2E-4395-9FE7-086F4B6E75C2}" = rport=10243 | protocol=6 | dir=out | app=system |
"{AA9C802F-F2BD-4774-9BA9-DFBC5C603644}" = lport=2869 | protocol=6 | dir=in | name=windows live communications platform (upnp) |
"{C8E2A43A-81B5-474B-8EDF-3D9AABF7B796}" = lport=445 | protocol=6 | dir=in | app=system |
"{CBBEED1D-064A-4F24-A734-446771852FEC}" = rport=2177 | protocol=6 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{D2E1A62E-CE45-4CA5-BDB4-442C5D4490B0}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
========== Vista Active Application Exception List ========== [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{04D1465C-1807-4791-983C-B9430B717CE9}" = dir=in | app=c:\program files (x86)\acer\clear.fi\mvp\kernel\clml\clmlsvc.exe |
"{06BB339D-BF4C-4559-81D9-8691B04269D0}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hpqusgm.exe |
"{11EB90A9-957B-4E6F-A800-C4BFF2755CBE}" = dir=in | app=c:\program files (x86)\acer\clear.fi\mvp\clear.fiagent.exe |
"{219C9C1B-8FF7-4DEE-A24A-B808D6438C5B}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hpoews01.exe |
"{227C4E5A-914D-47E3-80D8-E1089CC940A5}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
"{2E5F0F5E-87F4-4FE8-AE0E-944624621AD0}" = protocol=17 | dir=in | app=c:\users\evan\appdata\roaming\dropbox\bin\dropbox.exe |
"{2EBF1664-FF90-49E1-AA7E-62688ADC8FB5}" = protocol=58 | dir=in |
[email protected],-28545 |
"{2F9E69A5-3C5D-46CD-9DF0-8020182CB2C0}" = protocol=6 | dir=in | app=c:\program files (x86)\frostwire 5\frostwire.exe |
"{3A63D09C-B03D-4662-8DE2-B6B84FE6518D}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hposfx08.exe |
"{3F8A0029-D970-4077-B63E-EE3C5D02E91A}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe |
"{443DF061-54AC-4547-AC1A-B6DD3BC78901}" = dir=in | app=c:\program files (x86)\acer\clear.fi\mvp\kernel\dmr\dmrengine.exe |
"{4524C0F8-5A24-4D15-8210-D0ED66225C5E}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hpqfxt08.exe |
"{4FBC4B3F-92E1-4426-B740-457EBC6696BA}" = protocol=6 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe |
"{4FF2E6F1-3947-4903-93C6-B0A66CA936B0}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hpfccopy.exe |
"{5528598B-C462-4ECB-ACD6-EDC2ED0C817E}" = protocol=1 | dir=in |
[email protected],-28543 |
"{55A84D97-600B-4DD8-B648-D26690FDE54F}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{58A03610-3E74-427C-8256-30E616E5FE33}" = dir=in | app=c:\program files (x86)\windows live\contacts\wlcomm.exe |
"{5CC57C4C-D3A1-447F-B76E-D868420F4B4E}" = protocol=1 | dir=out |
[email protected],-28544 |
"{5CC808F5-A796-435B-A9CD-4F187B159A4F}" = protocol=17 | dir=in | app=c:\program files (x86)\bonjour\mdnsresponder.exe |
"{63B8EE0F-E1DC-4301-8551-9FCE193F7648}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{67D129A0-FCDD-4C79-B7FB-710C1CE92CF5}" = dir=in | app=c:\program files (x86)\itunes\itunes.exe |
"{6BA4F0C3-6E5A-4F96-8109-30D58CFB2D52}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hposid01.exe |
"{6D4ADB25-3721-4AB5-B64F-5409B6D26CD5}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hpqusgh.exe |
"{6D5BFA71-E60C-4FA4-B1C4-49D094576F3D}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
"{7374E92D-A1ED-42B0-9949-1ED09D72848B}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hpqkygrp.exe |
"{742EAE0B-B3C8-4E0F-9821-CD9ADC5D7AA6}" = protocol=17 | dir=in | app=c:\program files\common files\mcafee\mcsvchost\mcsvhost.exe |
"{756AC999-590F-4FF2-B895-E19C7963CE33}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
"{78F2AB84-C066-43F0-880F-4260EA149B1F}" = dir=in | app=c:\program files (x86)\common files\apple\apple application support\webkit2webprocess.exe |
"{794B97B1-25B1-477B-8ABF-834BD0A572BC}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hpofxs08.exe |
"{8162076C-A1BB-4BC0-B686-4FD30A40B57A}" = protocol=6 | dir=in | app=c:\users\evan\appdata\roaming\dropbox\bin\dropbox.exe |
"{81923247-6374-46BD-BD33-E62DCDACDF84}" = protocol=17 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{82171A90-1918-4FE6-8FF9-E7046E955CBA}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
"{82C41BBB-D2D5-47F5-A78C-E80AC19A949C}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{83C1161B-840F-4E03-AAD9-D1B79F8716AE}" = dir=in | app=c:\program files (x86)\windows live\messenger\msnmsgr.exe |
"{89113A14-E2ED-4C31-B3B3-EC743806B618}" = protocol=58 | dir=out |
[email protected],-28546 |
"{984D0582-E176-4371-B6B6-156ED07EDF2A}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hpqgplgtupl.exe |
"{9DDDA98C-DCA9-4E82-BDD8-632D236DD93C}" = protocol=6 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{A1C5BFA6-31A7-4807-9E1C-6499373D730B}" = protocol=6 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
"{A6483A7A-DC10-4082-9FC1-D89792BC0DE3}" = dir=in | app=c:\program files (x86)\acer\clear.fi\mvp\kernel\dmr\dmrengine.exe |
"{AC7BCBE6-DEBE-456C-B67E-26AC953945BF}" = dir=in | app=c:\program files (x86)\acer\clear.fi\movie\touchmovie.exe |
"{AE9681FF-B544-4D0B-A70B-7CB126CD275A}" = dir=in | app=c:\users\evan\appdata\local\facebook\video\skype\facebookvideocalling.exe |
"{B12A3D03-1FF3-43CC-AFD5-5D6489C21518}" = dir=in | app=c:\program files (x86)\acer\clear.fi\mvp\kernel\dmr\dmrengine.exe |
"{B52A0F61-6028-4ABE-A4DD-53036C05C4F8}" = dir=in | app=c:\program files (x86)\windows live\mesh\moe.exe |
"{B8615B31-9EAE-4BF9-987E-4597DAF01CEC}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hpzwiz01.exe |
"{C0DC918D-0524-46D5-A6C2-C7788443675C}" = protocol=6 | dir=in | app=c:\program files\common files\mcafee\mcsvchost\mcsvhost.exe |
"{D18EF1FD-CDA4-413E-BB91-E01B89E92ADC}" = dir=in | app=c:\program files (x86)\acer\clear.fi\movie\touchmovieservice.exe |
"{D2B662B0-D17A-4C7B-B040-58C3AB45FA4E}" = protocol=6 | dir=out | app=system |
"{D6D7A743-A4EC-43A9-AEEA-D9C3EF71F0DE}" = protocol=17 | dir=in | app=c:\program files (x86)\frostwire 5\frostwire.exe |
"{D7BBE4FB-C35F-4EA6-92E0-359A197A9F21}" = dir=in | app=c:\program files (x86)\hp\hp software update\hpwucli.exe |
"{D9C93FF8-AAE3-4B84-B4A7-114743808B2B}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hpqste08.exe |
"{DB9F1171-E943-409E-B6FD-76202DC75251}" = protocol=17 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe |
"{DD0840D2-13D1-473E-853E-56CB68F67DCC}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hpofxm08.exe |
"{E109F8CE-F645-4C66-848B-A10DEC263951}" = dir=in | app=c:\program files (x86)\hp\digital imaging\smart web printing\smartwebprintexe.exe |
"{E86C8B36-6736-4D1D-99B0-8BE540BC7144}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hpqtra08.exe |
"{E894F427-F8B0-4C5A-AC92-1E9CBAED6FDF}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hpiscnapp.exe |
"{E98AFD87-AE0E-4AC2-AA3F-B0B853B7EA50}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{EB22D0B8-169C-40F2-873B-5FAC4774075D}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hpqgpc01.exe |
"{ECE973A0-6DA4-4D4B-92DD-D1357EED80BA}" = dir=in | app=c:\program files (x86)\acer\clear.fi\mvp\clear.fi.exe |
"{EFB07D05-2B42-4D88-8F35-974F9D8A628A}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
"{F387E469-FC23-4A1E-B6E3-398C329C228B}" = protocol=17 | dir=in | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{F7FC4F6D-7F74-4FF1-8FC1-9719FF91AB88}" = protocol=6 | dir=in | app=c:\program files (x86)\bonjour\mdnsresponder.exe |
"{FAE5332C-7BC0-46E2-A7D9-A70127BD8CC1}" = dir=in | app=d:\setup\hpznui40.exe |
"TCP Query User{0F7A4A99-C429-4CDE-9390-13F5447D7FF6}C:\users\evan\appdata\roaming\mjusbsp\magicjack.exe" = protocol=6 | dir=in | app=c:\users\evan\appdata\roaming\mjusbsp\magicjack.exe |
"TCP Query User{4563F81F-469B-4085-9D4A-361A43B5979B}C:\program files (x86)\videolan\vlc\vlc.exe" = protocol=6 | dir=in | app=c:\program files (x86)\videolan\vlc\vlc.exe |
"TCP Query User{B693764C-47BB-41C7-B053-0266C0112128}C:\program files (x86)\motorola media link\lite\mml.exe" = protocol=6 | dir=in | app=c:\program files (x86)\motorola media link\lite\mml.exe |
"TCP Query User{D3ADFBB2-01EF-4DB4-BF5E-49F9D75FC7ED}C:\users\evan\appdata\roaming\dropbox\bin\dropbox.exe" = protocol=6 | dir=in | app=c:\users\evan\appdata\roaming\dropbox\bin\dropbox.exe |
"TCP Query User{EF92F1BE-3417-48EF-B96B-07EC52A8A229}C:\program files (x86)\motorola media link\lite\mml.exe" = protocol=6 | dir=in | app=c:\program files (x86)\motorola media link\lite\mml.exe |
"UDP Query User{04B64D93-9BE6-479E-804B-CFF587C1E1B2}C:\users\evan\appdata\roaming\mjusbsp\magicjack.exe" = protocol=17 | dir=in | app=c:\users\evan\appdata\roaming\mjusbsp\magicjack.exe |
"UDP Query User{5221344D-255D-4EAC-B68B-DEC124B8B624}C:\program files (x86)\videolan\vlc\vlc.exe" = protocol=17 | dir=in | app=c:\program files (x86)\videolan\vlc\vlc.exe |
"UDP Query User{CC6C453F-B4BE-45FC-BB0D-07939326DD84}C:\program files (x86)\motorola media link\lite\mml.exe" = protocol=17 | dir=in | app=c:\program files (x86)\motorola media link\lite\mml.exe |
"UDP Query User{E5B633BD-5B6F-4874-98C1-5D243444D794}C:\program files (x86)\motorola media link\lite\mml.exe" = protocol=17 | dir=in | app=c:\program files (x86)\motorola media link\lite\mml.exe |
"UDP Query User{E7731B66-A515-4B7C-8CB6-0914795E83BF}C:\users\evan\appdata\roaming\dropbox\bin\dropbox.exe" = protocol=17 | dir=in | app=c:\users\evan\appdata\roaming\dropbox\bin\dropbox.exe |
========== HKEY_LOCAL_MACHINE Uninstall List ========== 64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{027E5FAB-1476-4C59-AAB4-32EF28520399}" = Windows Live Language Selector
"{0B78ECB0-1A6B-4E6D-89D7-0E7CE77F0427}" = MyWinLocker
"{1ACC8FFB-9D84-4C05-A4DE-D28A9BC91698}" = Windows Live ID Sign-in Assistant
"{1F557316-CFC0-41BD-AFF7-8BC49CE444D7}" = Shredder
"{55D55008-E5F6-47D6-B16F-B2A40D4D145F}" = 64 Bit HP CIO Components Installer
"{5E11C972-1E76-45FE-8F92-14E0D1140B1B}" = iTunes
"{5E2CD4FB-4538-4831-8176-05D653C3E6D4}" = Windows Live Remote Service Resources
"{656DEEDE-F6AC-47CA-A568-A1B4E34B5760}" = Windows Live Remote Service Resources
"{6BFAB6C1-6D46-46DB-A538-A269907C9F2F}" = Network64
"{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}" = Bonjour
"{75104836-CAC7-444E-A39E-3F54151942F5}" = Apple Mobile Device Support
"{7E0E61CC-1C99-429D-BEA7-C4DD5B898D2A}" = HP Officejet 4500 G510n-z
"{847B0532-55E3-4AAF-8D7B-E3A1A7CD17E5}" = Windows Live Remote Client Resources
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{90140000-006D-0409-1000-0000000FF1CE}" = Microsoft Office Click-to-Run 2010
"{95120000-00B9-0409-1000-0000000FF1CE}" = Microsoft Application Error Reporting
"{A4DDB2AB-ECCD-4C3A-8633-77D5A1A0E542}" = Network64
"{B0C6CCC9-0BAB-4636-A06F-B43B6FBC25DF}" = Motorola Mobile Drivers Installation 5.4.0
"{B750FA38-7AB0-42CB-ACBB-E7DBE9FF603F}" = Windows Live Remote Client Resources
"{C91DCB72-F5BB-410D-A91A-314F5D1B4284}" = Broadcom Gigabit NetLink Controller
"{CDDCBBF1-2703-46BC-938B-BCC81A1EEAAA}" = SUPERAntiSpyware
"{DA54F80E-261C-41A2-A855-549A144F2F59}" = Windows Live MIME IFilter
"{DF6D988A-EEA0-4277-AAB8-158E086E439B}" = Windows Live Remote Client
"{E02A6548-6FDE-40E2-8ED9-119D7D7E641F}" = Windows Live Remote Service
"{F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}" = Microsoft .NET Framework 4 Client Profile
"Elantech" = ETDWare PS/2-X64 8.0.6.3_WHQL
"HP Document Manager" = HP Document Manager 2.0
"HP Imaging Device Functions" = HP Imaging Device Functions 13.0
"HP Smart Web Printing" = HP Smart Web Printing 4.5
"HP Solution Center & Imaging Support Tools" = HP Solution Center 13.0
"HPExtendedCapabilities" = HP Customer Participation Program 13.0
"HPOCR" = OCR Software by I.R.I.S. 13.0
"MediaInfo" = MediaInfo 0.7.52
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"Shop for HP Supplies" = Shop for HP Supplies
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{01FB4998-33C4-4431-85ED-079E3EEFE75D}" = Acer Crystal Eye Webcam
"{05E379CC-F626-4E7D-8354-463865B303BF}" = Windows Live UX Platform Language Pack
"{0B0F231F-CE6A-483D-AA23-77B364F75917}" = Windows Live Installer
"{0B61BBD5-DA3C-409A-8730-0C3DC3B0F270}" = Backup Manager V3
"{0F367CA3-3B2F-43F9-A44A-25A8EE69E45D}" = Scan
"{1111706F-666A-4037-7777-211328764D10}" = JavaFX 2.1.1
"{14C4C3B6-F1F4-401F-8C86-03E8E19AAC8C}" = MediaEspresso
"{175F0111-2968-4935-8F70-33108C6A4DE3}" = MarketResearch
"{17DF9714-60C9-43C9-A9C2-32BCAED44CBE}" = MyWinLocker Suite
"{19BA08F7-C728-469C-8A35-BFBD3633BE08}" = Windows Live Movie Maker
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{1F6AB0E7-8CDD-4B93-8A23-AA9EB2FEFCE4}" = Junk Mail filter update
"{200FEC62-3C34-4D60-9CE8-EC372E01C08F}" = Windows Live SOXE Definitions
"{21A2F5EE-1DC5-488A-BE7E-E526F8C61488}" = DeviceDiscovery
"{2637C347-9DAD-11D6-9EA2-00055D0CA761}" = clear.fi
"{26A24AE4-039D-4CA4-87B4-2F83216029FF}" = Java 6 Update 29
"{26A24AE4-039D-4CA4-87B4-2F83217021FF}" = Java 7 Update 21
"{287ECFA4-719A-2143-A09B-D6A12DE54E40}" = Acrobat.com
"{2902F983-B4C1-44BA-B85D-5C6D52E2C441}" = Windows Live Mesh ActiveX Control for Remote Connections
"{2A3FC24C-6EC0-4519-A52B-FDA4EA9B2D24}" = Windows Live Messenger
"{2EEA7AA4-C203-4b90-A34F-19FB7EF1C81C}" = BufferChm
"{2EFA4E4C-7B5F-48F7-A1C0-1AA882B7A9C3}" = HP Update
"{2FA94A64-C84E-49d1-97DD-7BF06C7BBFB2}.WildTangent Games App" = Update Installer for WildTangent Games App
"{3336F667-9049-4D46-98B6-4C743EEBC5B1}" = Windows Live Photo Gallery
"{34319F1F-7CF2-4CC9-B357-1AE7D2FF3AC5}" = Windows Live
"{343666E2-A059-48AC-AD67-230BF74E2DB2}" = Apple Application Support
"{34F4D9A4-42C2-4348-BEF4-E553C84549E7}" = Windows Live Photo Gallery
"{378397D6-FD32-4092-A854-6A75CB7EDA46}" = MOTOROLA MEDIA LINK
"{39F15B50-A977-4CA6-B1C3-6A8724CDA025}" = MyWinLocker 4
"{3A4D5E2D-988D-4ee9-8E7F-3AC200A2B8F5}" = 4500G510nz_Software_Min
"{3B9A92DA-6374-4872-B646-253F18624D5F}" = Windows Live Writer
"{3E29EE6C-963A-4aae-86C1-DC237C4A49FC}" = Intel® Rapid Storage Technology
"{3F2A323E-60C4-41E8-8CCB-9715D1D750C3}" = Angry Birds Space
"{40A66DF6-22D3-44B5-A7D3-83B118A2C0DC}" = Norton Online Backup
"{43AAE145-83CF-4C96-9A5E-756CEFCE879F}" = clear.fi Client
"{43CDF946-F5D9-4292-B006-BA0D92013021}" = WebReg
"{440B915A-0C85-45DB-92AE-75AE14704A64}" = Fax
"{47FA2C44-D148-4DBC-AF60-B91934AA4842}" = Adobe AIR
"{488F0347-C4A7-4374-91A7-30818BEDA710}" = Galerie de photos Windows Live
"{491ADA37-04EE-2ECE-9F86-DDC0106047AC}" = Times Reader
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{4A70EF07-7F88-4434-BB61-D1DE8AE93DD4}" = SolutionCenter
"{55D003F4-9599-44BF-BA9E-95D060730DD3}" = Contrôle ActiveX Windows Live Mesh pour connexions à distance
"{579684A4-DDD5-4CA3-9EA8-7BE7D9593DB4}" = Windows Live UX Platform Language Pack
"{5B05FF91-F20C-4832-A8DE-E1912639C17C}" = 4500G510nz
"{612C34C7-5E90-47D8-9B5C-0F717DD82726}" = swMSM
"{62687B11-58B5-4A18-9BC3-9DF4CE03F194}" = Windows Live Writer Resources
"{63FF21C9-A810-464F-B60A-3111747B1A6D}" = GPBaseService2
"{65153EA5-8B6E-43B6-857B-C6E4FC25798A}" = Intel® Management Engine Components
"{682B3E4F-696A-42DE-A41C-4C07EA1678B4}" = Windows Live SOXE
"{68A10D12-0D0F-4212-BDE6-D87FAD32A8FA}" = SmartWebPrinting
"{690879A5-18EF-447B-98D6-B699D51008AB}" = 4500_G510nz_Help
"{6B2FFB21-AC88-45C3-9A7D-4BB3E744EC91}" = HPSSupply
"{6BBA26E9-AB03-4FE7-831A-3535584CA002}" = Toolbox
"{6DEC8BD5-7574-47FA-B080-492BBBE2FEA3}" = Windows Live Movie Maker
"{70B446D1-E03B-4ab0-9B3C-0832142C9AA8}.WildTangent Games App-acer" = WildTangent Games App
"{70B446D1-E03B-4ab0-9B3C-0832142C9AA8}.WildTangent Games App-wildgames" = WildTangent Games App
"{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable
"{716E0306-8318-4364-8B8F-0CC4E9376BAC}" = MSXML 4.0 SP2 Parser and SDK
"{72199E33-4F2A-4B7F-8E25-95DDDD50A678}" = Acer System Information
"{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}" = Apple Software Update
"{7BE15435-2D3E-4B58-867F-9C75BED0208C}" = QuickTime
"{7F811A54-5A09-4579-90E1-C93498E230D9}" = Acer eRecovery Management
"{837b34e3-7c30-493c-8f6a-2b0f04e2912c}" = Microsoft Visual C++ 2005 Redistributable
"{83C292B7-38A5-440B-A731-07070E81A64F}" = Windows Live PIMT Platform
"{841F1FB4-FDF8-461C-A496-3E1CFD84C0B5}" = Windows Live Mesh
"{8C6D6116-B724-4810-8F2D-D047E6B7D68E}" = Mesh Runtime
"{8DD46C6A-0056-4FEC-B70A-28BB16A1F11F}" = MSVCRT
"{90140011-0066-0409-0000-0000000FF1CE}" = Microsoft Office Starter 2010 - English
"{92A51949-EE4C-466D-AAF0-99E74A49A63F}" = DocMgr
"{92EA4134-10D1-418A-91E1-5A0453131A38}" = Windows Live Movie Maker
"{94CAC2F1-C856-47F4-AF24-65A1E75AEDB9}" = MotoHelper MergeModules
"{95140000-0070-0000-0000-0000000FF1CE}" = Microsoft Office 2010
"{95140000-00AF-0409-0000-0000000FF1CE}" = Microsoft PowerPoint Viewer
"{96AD3B61-EAE2-11E2-9E72-B8AC6F98CCE3}" = Google Earth
"{96AE7E41-E34E-47D0-AC07-1091A8127911}" = Realtek USB 2.0 Card Reader
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9B362566-EC1B-4700-BB9C-EC661BDE2175}" = DocProc
"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
"{9D56775A-93F3-44A3-8092-840E3826DE30}" = Windows Live Mail
"{9FAE6E8D-E686-49F5-A574-0A58DFD9580C}" = Windows Live Mail
"{A0C91188-C88F-4E86-93E6-CD7C9A266649}" = Windows Live Mesh
"{A726AE06-AAA3-43D1-87E3-70F510314F04}" = Windows Live Writer
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{A9BDCA6B-3653-467B-AC83-94367DA3BFE3}" = Windows Live Photo Common
"{AAAFC670-569B-4A2F-82B4-42945E0DE3EF}" = Windows Live Writer
"{AAF454FC-82CA-4F29-AB31-6A109485E76E}" = Windows Live Writer
"{AB61A2E9-37D3-485D-9085-19FBDF8CEF4A}" = Windows Live Messenger
"{AC76BA86-7AD7-FFFF-7B44-A91000000001}" = Adobe Reader 9.5.5 MUI
"{AE8705FB-E13C-40A9-8A2D-68D6733FBFC2}" = Status
"{B906C11A-D193-4143-9FA7-E2EE8A5A8F21}" = clear.fi
"{B92C5909-1D37-4C51-8397-A28BB28E5DC3}" = Facebook Video Calling 1.2.0.287
"{BD7204BA-DD64-499E-9B55-6A282CDF4FA4}" = Destinations
"{C2695E83-CF1D-43D1-84FE-B3BEC561012A}" = Shredder
"{C43326F5-F135-4551-8270-7F7ABA0462E1}" = HPProductAssistant
"{C66824E4-CBB3-4851-BB3F-E8CFD6350923}" = Windows Live Mail
"{C893D8C0-1BA0-4517-B11C-E89B65E72F70}" = Windows Live Photo Common
"{CE95A79E-E4FC-4FFF-8A75-29F04B942FF2}" = Windows Live UX Platform
"{D0B44725-3666-492D-BEF6-587A14BD9BD9}" = MSVCRT_amd64
"{D3D5C4E8-040F-4C6F-8105-41D43CF94F44}" = NTI Media Maker 9
"{D436F577-1695-4D2F-8B44-AC76C99E0002}" = Windows Live Photo Common
"{D45240D3-B6B3-4FF9-B243-54ECE3E10066}" = Windows Live Communications Platform
"{DC0A5F99-FD66-433F-9D3A-05DCBA64BE42}" = TrayApp
"{DDC8BDEE-DCAC-404D-8257-3E8D4B782467}" = Windows Live Writer Resources
"{DECDCB7C-58CC-4865-91AF-627F9798FE48}" = Windows Live Mesh
"{E09C4DB7-630C-4F06-A631-8EA7239923AF}" = D3DX10
"{E0B19DF7-B1C7-4937-82C4-0E4B1E346965}" = eBay Worldwide
"{E5B21F11-6933-4E0B-A25C-7963E3C07D11}" = Windows Live Messenger
"{EB38C3E0-4863-3123-9114-5BE86EC8E5C7}" = Google Talk Plugin
"{EE171732-BEB4-4576-887D-CB62727F01CA}" = Acer Updater
"{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}" = Microsoft SQL Server 2005 Compact Edition [ENU]
"{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}" = Intel® Graphics Media Accelerator Driver
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{F8A9085D-4C7A-41a9-8A77-C8998A96C421}" = Intel® Control Center
"{FE044230-9CA5-43F7-9B58-5AC5A28A1F33}" = Windows Live Essentials
"Acer Registration" = Acer Registration
"Acer Screensaver" = Acer ScreenSaver
"Acer Welcome Center" = Welcome Center
"Adobe AIR" = Adobe AIR
"Adobe Flash Player ActiveX" = Adobe Flash Player 11 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 11 Plugin
"Adobe Shockwave Player" = Adobe Shockwave Player 11.6
"avast" = avast! Internet Security
"BN_DesktopReader" = NOOK for PC
"Busytown" = Busytown Uninstall
"com.nyt.timesreader.78C54164786ADE80CB31E1C5D95607D0938C987A.1" = Times Reader
"Identity Card" = Identity Card
"InstallShield_{01FB4998-33C4-4431-85ED-079E3EEFE75D}" = Acer Crystal Eye Webcam
"InstallShield_{0B61BBD5-DA3C-409A-8730-0C3DC3B0F270}" = Acer Backup Manager
"InstallShield_{17DF9714-60C9-43C9-A9C2-32BCAED44CBE}" = MyWinLocker Suite
"InstallShield_{2637C347-9DAD-11D6-9EA2-00055D0CA761}" = clear.fi
"InstallShield_{D3D5C4E8-040F-4C6F-8105-41D43CF94F44}" = NTI Media Maker 9
"LManager" = Launch Manager
"
[email protected]" = LyricsSing
"ly.logic.LogiclyDesktop" = Logicly
"Malwarebytes' Anti-Malware_is1" = Malwarebytes Anti-Malware version 1.75.0.1300
"MotoHelper" = MotoHelper 2.1.32 Driver 5.4.0
"Mozilla Firefox 20.0.1 (x86 en-US)" = Mozilla Firefox 20.0.1 (x86 en-US)
"MozillaMaintenanceService" = Mozilla Maintenance Service
"Office14.Click2Run" = Microsoft Office Click-to-Run 2010
"Quick Screen Capture 3.0_is1" = Quick Screen Capture 3.0
"Revo Uninstaller" = Revo Uninstaller 1.94
"SpywareBlaster_is1" = SpywareBlaster 5.0
"WildTangent acer Master Uninstall" = Acer Games
"WildTangent wildgames Master Uninstall" = WildTangent Games
"WinLiveSuite" = Windows Live Essentials
"WinRAR archiver" = WinRAR 5.00 beta 7 (32-bit)
"WTA-036dc91c-3596-41cf-afb5-8fe9d76b3bfa" = Dora's World Adventure
"WTA-10f999da-3c38-4d87-99a6-08e748bc4ba3" = Zuma's Revenge
"WTA-2426fbc3-e9a4-4c29-a0e0-0e1d4e09dac2" = Chuzzle Deluxe
"WTA-307d684f-8bcc-4503-bd58-e0668db6dcee" = Bejeweled 2 Deluxe
"WTA-33f18576-3d19-4dd3-8aed-e5f1426eec54" = Torchlight
"WTA-3ad4add0-74f7-4427-af1c-b53fd4ae149e" = Poker Superstars III
"WTA-3aec2ce0-a643-49ae-8194-e6c66943a931" = Polar Golfer
"WTA-3fee7dc0-7906-4d83-af4b-9082669c7728" = Penguins!
"WTA-55a36a0e-cdb4-40e8-8991-ea915b04200d" = Virtual Villagers 4 - The Tree of Life
"WTA-5a6d223e-900a-444b-8c22-6305da7969cb" = Agatha Christie - 4:50 from Paddington
"WTA-5b83c434-767d-4534-ae04-0b469d42494a" = FATE: The Cursed King
"WTA-6416da14-ff05-49d1-b29a-b02e570a0151" = Final Drive: Nitro
"WTA-7b109e19-a2a7-4b5e-89d9-97cd63d3c014" = Polar Bowler
"WTA-925d71b3-6eb9-4e84-832d-7508c57cde5c" = Mystery P.I. - Stolen in San Francisco
"WTA-acf2bd08-527f-443b-9b95-0fe1fe832281" = Build-a-lot 2
"WTA-b66be362-fd3d-4611-b53b-23a494960737" = Plants vs. Zombies - Game of the Year
"WTA-c31c13b2-3d44-43d5-a9d1-8506d541cea9" = Diner Dash 2 Restaurant Rescue
"WTA-dab7998f-5b94-454a-a1c2-5fc158365431" = Jewel Quest Heritage
"WTA-e550e22e-d07b-4a1b-8e1a-7f6d371cf0db" = FATE - The Traitor Soul
"WTA-f226e527-daaa-41cf-bc32-d211e6ba9153" = Namco All-Stars: PAC-MAN
========== HKEY_CURRENT_USER Uninstall List ========== [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{373B1718-8CC5-4567-8EE2-9033AD08A680}" = Roblox for Evan
"Dropbox" = Dropbox
"Google Chrome" = Google Chrome
"magicJack" = magicJack
< End of report >
Edited by isaacevanava, 13 September 2013 - 07:14 AM.