i attach the Otl scan log
thank you for help
OTL logfile created on: 1/4/2014 3:14:22 AM - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Cowboys\Desktop
64bit- An unknown product (Version = 6.2.9200) - Type = NTWorkstation
Internet Explorer (Version = 9.10.9200.16736)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy
3.80 Gb Total Physical Memory | 1.61 Gb Available Physical Memory | 42.44% Memory free
4.49 Gb Paging File | 2.02 Gb Available in Paging File | 44.91% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 455.11 Gb Total Space | 410.74 Gb Free Space | 90.25% Space Free | Partition Type: NTFS
Computer Name: RICHARD | User Name: Cowboys | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
========== Processes (SafeList) ==========
PRC - [2014/01/04 03:10:20 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Cowboys\Desktop\OTL.exe
PRC - [2013/12/25 19:19:14 | 000,761,536 | ---- | M] () -- C:\Program Files (x86)\Mobogenie\DaemonProcess.exe
PRC - [2013/12/16 02:09:22 | 004,180,256 | ---- | M] (Conduit) -- C:\Program Files (x86)\SearchProtect\SearchProtect\bin\cltmng.exe
PRC - [2013/12/16 02:09:22 | 002,849,056 | ---- | M] (Conduit) -- C:\Program Files (x86)\SearchProtect\UI\bin\cltmngui.exe
PRC - [2013/12/16 02:09:22 | 002,251,552 | ---- | M] (Conduit) -- C:\Program Files (x86)\SearchProtect\Main\bin\CltMngSvc.exe
PRC - [2013/11/22 15:26:12 | 000,276,376 | ---- | M] (Mozilla Corporation) -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe
PRC - [2013/11/11 22:02:14 | 003,478,544 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files (x86)\AVG\AVG2014\avgidsagent.exe
PRC - [2013/11/07 22:03:50 | 004,956,176 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files (x86)\AVG\AVG2014\avgui.exe
PRC - [2013/10/29 23:21:38 | 002,561,088 | ---- | M] () -- C:\Program Files (x86)\IDMSQ\idmsq.exe
PRC - [2013/09/24 01:33:08 | 000,348,008 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files (x86)\AVG\AVG2014\avgwdsvc.exe
PRC - [2013/08/07 21:21:44 | 001,083,704 | ---- | M] (PC Health Labs) -- C:\Program Files (x86)\PC Health Kit\PCHKReminder.exe
PRC - [2013/08/07 21:21:26 | 000,489,272 | ---- | M] (PC Health Labs) -- C:\Program Files (x86)\PC Health Kit\PCHKSmartScan.exe
PRC - [2013/07/08 11:33:36 | 001,497,120 | ---- | M] (SPAMfighter ApS) -- C:\Program Files (x86)\Fighters\Tray\FightersTray.exe
PRC - [2012/11/22 21:44:08 | 002,716,048 | ---- | M] (ManyCam LLC) -- C:\Program Files (x86)\ManyCam\Bin\ManyCam.exe
PRC - [2012/08/25 01:12:44 | 000,010,240 | ---- | M] (Microsoft Corporation) -- C:\Windows\sppsvc.exe
PRC - [2012/05/14 11:55:06 | 003,150,928 | ---- | M] (VS Revo Group) -- C:\Program Files (x86)\VS Revo Group\Revo Uninstaller\Revouninstaller.exe
========== Modules (No Company Name) ==========
MOD - [2014/01/03 22:44:10 | 000,086,016 | ---- | M] () -- C:\Users\Cowboys\AppData\Local\Temp\XTMP1MC3VE\DEMFA5.tmp
MOD - [2014/01/03 22:44:10 | 000,086,016 | ---- | M] () -- C:\Users\Cowboys\AppData\Local\Temp\XTMP1MC3VE\DEME3C.tmp
MOD - [2014/01/03 22:44:10 | 000,086,016 | ---- | M] () -- C:\Users\Cowboys\AppData\Local\Temp\XTMP1MC3VE\DEM1034.tmp
MOD - [2014/01/03 22:44:09 | 000,120,832 | ---- | M] () -- C:\Users\Cowboys\AppData\Local\Temp\XTMP1MC3VE\DEMB57.tmp
MOD - [2014/01/03 22:44:09 | 000,086,016 | ---- | M] () -- C:\Users\Cowboys\AppData\Local\Temp\XTMP1MC3VE\DEMDFB.tmp
MOD - [2014/01/03 22:44:08 | 000,120,832 | ---- | M] () -- C:\Users\Cowboys\AppData\Local\Temp\XTMP1MC3VE\DEMA0D.tmp
MOD - [2014/01/03 22:44:08 | 000,120,832 | ---- | M] () -- C:\Users\Cowboys\AppData\Local\Temp\XTMP1MC3VE\DEM8A4.tmp
MOD - [2014/01/03 22:44:08 | 000,120,832 | ---- | M] () -- C:\Users\Cowboys\AppData\Local\Temp\XTMP1MC3VE\DEM75A.tmp
MOD - [2014/01/03 22:44:07 | 000,120,832 | ---- | M] () -- C:\Users\Cowboys\AppData\Local\Temp\XTMP1MC3VE\DEM5C1.tmp
MOD - [2014/01/03 22:44:07 | 000,120,832 | ---- | M] () -- C:\Users\Cowboys\AppData\Local\Temp\XTMP1MC3VE\DEM40A.tmp
MOD - [2014/01/03 22:44:06 | 000,120,832 | ---- | M] () -- C:\Users\Cowboys\AppData\Local\Temp\XTMP1MC3VE\DEMFE47.tmp
MOD - [2014/01/03 22:44:06 | 000,120,832 | ---- | M] () -- C:\Users\Cowboys\AppData\Local\Temp\XTMP1MC3VE\DEME.tmp
MOD - [2014/01/03 22:44:06 | 000,120,832 | ---- | M] () -- C:\Users\Cowboys\AppData\Local\Temp\XTMP1MC3VE\DEM243.tmp
MOD - [2014/01/03 22:44:05 | 000,120,832 | ---- | M] () -- C:\Users\Cowboys\AppData\Local\Temp\XTMP1MC3VE\DEMFBB5.tmp
MOD - [2014/01/03 22:44:05 | 000,120,832 | ---- | M] () -- C:\Users\Cowboys\AppData\Local\Temp\XTMP1MC3VE\DEMFAC8.tmp
MOD - [2014/01/03 22:44:04 | 000,120,832 | ---- | M] () -- C:\Users\Cowboys\AppData\Local\Temp\XTMP1MC3VE\DEMF8C3.tmp
MOD - [2014/01/03 22:44:04 | 000,120,832 | ---- | M] () -- C:\Users\Cowboys\AppData\Local\Temp\XTMP1MC3VE\DEMF7A8.tmp
MOD - [2014/01/03 22:44:04 | 000,120,832 | ---- | M] () -- C:\Users\Cowboys\AppData\Local\Temp\XTMP1MC3VE\DEMF709.tmp
MOD - [2014/01/03 22:44:03 | 000,120,832 | ---- | M] () -- C:\Users\Cowboys\AppData\Local\Temp\XTMP1MC3VE\DEMF67B.tmp
MOD - [2014/01/03 22:44:03 | 000,120,832 | ---- | M] () -- C:\Users\Cowboys\AppData\Local\Temp\XTMP1MC3VE\DEMF5FC.tmp
MOD - [2014/01/03 22:44:03 | 000,120,832 | ---- | M] () -- C:\Users\Cowboys\AppData\Local\Temp\XTMP1MC3VE\DEMF53E.tmp
MOD - [2014/01/03 22:44:03 | 000,120,832 | ---- | M] () -- C:\Users\Cowboys\AppData\Local\Temp\XTMP1MC3VE\DEMF471.tmp
MOD - [2014/01/03 22:44:03 | 000,120,832 | ---- | M] () -- C:\Users\Cowboys\AppData\Local\Temp\XTMP1MC3VE\DEMF2D9.tmp
MOD - [2014/01/03 22:44:02 | 000,120,832 | ---- | M] () -- C:\Users\Cowboys\AppData\Local\Temp\XTMP1MC3VE\DEMF23A.tmp
MOD - [2014/01/03 22:44:01 | 000,072,704 | ---- | M] () -- C:\Users\Cowboys\AppData\Local\Temp\XTMP1MC3VE\DEMEB4E.tmp
MOD - [2014/01/03 22:44:01 | 000,072,192 | ---- | M] () -- C:\Users\Cowboys\AppData\Local\Temp\XTMP1MC3VE\DEMED75.tmp
MOD - [2014/01/03 22:44:01 | 000,072,192 | ---- | M] () -- C:\Users\Cowboys\AppData\Local\Temp\XTMP1MC3VE\DEMEC79.tmp
MOD - [2014/01/03 22:44:00 | 000,072,192 | ---- | M] () -- C:\Users\Cowboys\AppData\Local\Temp\XTMP1MC3VE\DEMEADF.tmp
MOD - [2014/01/03 22:44:00 | 000,064,000 | ---- | M] () -- C:\Users\Cowboys\AppData\Local\Temp\XTMP1MC3VE\DEME868.tmp
MOD - [2014/01/03 22:44:00 | 000,057,344 | ---- | M] () -- C:\Users\Cowboys\AppData\Local\Temp\XTMP1MC3VE\DEME9B4.tmp
MOD - [2014/01/03 22:44:00 | 000,053,760 | ---- | M] () -- C:\Users\Cowboys\AppData\Local\Temp\XTMP1MC3VE\DEME8F6.tmp
MOD - [2014/01/03 22:44:00 | 000,053,760 | ---- | M] () -- C:\Users\Cowboys\AppData\Local\Temp\XTMP1MC3VE\DEME75C.tmp
MOD - [2014/01/03 22:43:59 | 000,075,776 | ---- | M] () -- C:\Users\Cowboys\AppData\Local\Temp\XTMP1MC3VE\DEME70C.tmp
MOD - [2014/01/03 22:43:59 | 000,075,776 | ---- | M] () -- C:\Users\Cowboys\AppData\Local\Temp\XTMP1MC3VE\DEME61F.tmp
MOD - [2014/01/03 22:43:59 | 000,075,776 | ---- | M] () -- C:\Users\Cowboys\AppData\Local\Temp\XTMP1MC3VE\DEME3BA.tmp
MOD - [2014/01/03 22:43:59 | 000,056,320 | ---- | M] () -- C:\Users\Cowboys\AppData\Local\Temp\XTMP1MC3VE\DEME514.tmp
MOD - [2014/01/03 22:43:58 | 000,075,776 | ---- | M] () -- C:\Users\Cowboys\AppData\Local\Temp\XTMP1MC3VE\DEME186.tmp
MOD - [2014/01/03 22:43:58 | 000,075,776 | ---- | M] () -- C:\Users\Cowboys\AppData\Local\Temp\XTMP1MC3VE\DEME05B.tmp
MOD - [2014/01/03 22:43:58 | 000,056,832 | ---- | M] () -- C:\Users\Cowboys\AppData\Local\Temp\XTMP1MC3VE\DEMDEA3.tmp
MOD - [2014/01/03 22:43:57 | 000,075,776 | ---- | M] () -- C:\Users\Cowboys\AppData\Local\Temp\XTMP1MC3VE\DEMDC1F.tmp
MOD - [2014/01/03 22:43:57 | 000,033,792 | ---- | M] () -- C:\Users\Cowboys\AppData\Local\Temp\YTMP7MC8AA\TAADE53.tmp
MOD - [2014/01/03 22:43:56 | 000,075,776 | ---- | M] () -- C:\Users\Cowboys\AppData\Local\Temp\XTMP1MC3VE\DEMDA86.tmp
MOD - [2014/01/03 22:43:56 | 000,075,776 | ---- | M] () -- C:\Users\Cowboys\AppData\Local\Temp\XTMP1MC3VE\DEMD95B.tmp
MOD - [2014/01/03 22:43:56 | 000,068,608 | ---- | M] () -- C:\Users\Cowboys\AppData\Local\Temp\XTMP1MC3VE\DEMD794.tmp
MOD - [2014/01/03 22:43:55 | 000,075,776 | ---- | M] () -- C:\Users\Cowboys\AppData\Local\Temp\XTMP1MC3VE\DEMD6D3.tmp
MOD - [2014/01/03 22:43:55 | 000,056,320 | ---- | M] () -- C:\Users\Cowboys\AppData\Local\Temp\XTMP1MC3VE\DEMD713.tmp
MOD - [2014/01/03 22:43:55 | 000,055,296 | ---- | M] () -- C:\Users\Cowboys\AppData\Local\Temp\XTMP1MC3VE\DEMD744.tmp
MOD - [2013/12/25 19:19:14 | 000,761,536 | ---- | M] () -- C:\Program Files (x86)\Mobogenie\DaemonProcess.exe
MOD - [2013/11/22 15:25:50 | 003,551,640 | ---- | M] () -- C:\Program Files (x86)\Mozilla Firefox\mozjs.dll
MOD - [2013/10/29 23:21:38 | 002,561,088 | ---- | M] () -- C:\Program Files (x86)\IDMSQ\idmsq.exe
MOD - [2012/11/22 21:40:32 | 002,010,624 | ---- | M] () -- C:\Program Files (x86)\ManyCam\Bin\opencv_core220.dll
MOD - [2012/11/22 21:40:32 | 001,241,088 | ---- | M] () -- C:\Program Files (x86)\ManyCam\Bin\opencv_imgproc220.dll
MOD - [2012/11/22 21:40:32 | 000,775,680 | ---- | M] () -- C:\Program Files (x86)\ManyCam\Bin\opencv_highgui220.dll
MOD - [2012/11/22 21:40:32 | 000,241,152 | ---- | M] () -- C:\Program Files (x86)\ManyCam\Bin\opencv_objdetect220.dll
MOD - [2012/11/22 21:40:32 | 000,201,216 | ---- | M] () -- C:\Program Files (x86)\ManyCam\Bin\opencv_video220.dll
========== Services (SafeList) ==========
SRV:64bit: - [2013/12/10 10:10:24 | 000,513,528 | ---- | M] () [Auto | Running] -- C:\Program Files\Level Quality Watcher\v1.01\levelqualitywatcher64.exe -- (Level Quality Watcher)
SRV:64bit: - [2013/08/15 22:39:26 | 002,371,728 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\WSService.dll -- (WSService)
SRV:64bit: - [2013/07/01 17:44:21 | 000,016,048 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Windows Defender\MsMpEng.exe -- (WinDefend)
SRV:64bit: - [2013/06/24 15:54:45 | 000,263,680 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\wcmsvc.dll -- (Wcmsvc)
SRV:64bit: - [2013/06/01 02:19:58 | 000,207,872 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\DeviceSetupManager.dll -- (DsmSvc)
SRV:64bit: - [2013/05/03 23:58:02 | 000,470,528 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\netprofmsvc.dll -- (netprofm)
SRV:64bit: - [2013/05/03 23:57:05 | 000,179,712 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\bisrv.dll -- (BrokerInfrastructure)
SRV:64bit: - [2013/04/08 21:48:42 | 000,169,472 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\AudioEndpointBuilder.dll -- (AudioEndpointBuilder)
SRV:64bit: - [2013/03/01 19:45:07 | 000,171,008 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\TimeBrokerServer.dll -- (TimeBroker)
SRV:64bit: - [2013/03/01 19:45:05 | 000,180,224 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\SystemEventsBrokerServer.dll -- (SystemEventsBroker)
SRV:64bit: - [2013/01/09 16:23:16 | 001,964,544 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\wlidsvc.dll -- (wlidsvc)
SRV:64bit: - [2013/01/09 16:22:35 | 000,438,272 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\lsm.dll -- (LSM)
SRV:64bit: - [2012/11/05 21:36:55 | 002,675,712 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\spool\drivers\x64\3\PrintConfig.dll -- (PrintNotify)
SRV:64bit: - [2012/09/19 23:31:18 | 000,116,736 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\fhsvc.dll -- (fhsvc)
SRV:64bit: - [2012/07/25 20:07:47 | 000,065,536 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\wiarpc.dll -- (WiaRpc)
SRV:64bit: - [2012/07/25 20:07:40 | 000,283,648 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\vaultsvc.dll -- (VaultSvc)
SRV:64bit: - [2012/07/25 20:07:25 | 000,012,800 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\svsvc.dll -- (svsvc)
SRV:64bit: - [2012/07/25 20:06:34 | 000,743,936 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\netlogon.dll -- (Netlogon)
SRV:64bit: - [2012/07/25 20:06:33 | 000,161,792 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\NcaSvc.dll -- (NcaSvc)
SRV:64bit: - [2012/07/25 20:06:33 | 000,073,728 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\NcdAutoSetup.dll -- (NcdAutoSetup)
SRV:64bit: - [2012/07/25 20:05:55 | 000,059,904 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\keyiso.dll -- (KeyIso)
SRV:64bit: - [2012/07/25 20:05:34 | 000,037,376 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\efssvc.dll -- (EFS)
SRV:64bit: - [2012/07/25 20:05:24 | 000,342,016 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\das.dll -- (DeviceAssociationService)
SRV:64bit: - [2012/07/25 20:05:08 | 000,122,368 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\AUInstallAgent.dll -- (AllUserInstallAgent)
SRV:64bit: - [2012/07/25 20:05:04 | 000,187,392 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\appmgmts.dll -- (AppMgmt)
SRV:64bit: - [2012/07/25 17:24:02 | 000,336,384 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\icsvc.dll -- (vmicvss)
SRV:64bit: - [2012/07/25 17:24:02 | 000,336,384 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\icsvc.dll -- (vmictimesync)
SRV:64bit: - [2012/07/25 17:24:02 | 000,336,384 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\icsvc.dll -- (vmicshutdown)
SRV:64bit: - [2012/07/25 17:24:02 | 000,336,384 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\icsvc.dll -- (vmicrdv)
SRV:64bit: - [2012/07/25 17:24:02 | 000,336,384 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\icsvc.dll -- (vmickvpexchange)
SRV:64bit: - [2012/07/25 17:24:02 | 000,336,384 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\icsvc.dll -- (vmicheartbeat)
SRV:64bit: - [2012/07/11 11:54:58 | 000,140,672 | ---- | M] (SUPERAntiSpyware.com) [Auto | Running] -- C:\Program Files\SUPERAntiSpyware\SASCore64.exe -- (!SASCORE)
SRV - [2013/12/16 02:09:22 | 002,251,552 | ---- | M] (Conduit) [Auto | Running] -- C:\Program Files (x86)\SearchProtect\Main\bin\CltMngSvc.exe -- (CltMngSvc)
SRV - [2013/11/22 15:26:11 | 000,117,656 | ---- | M] (Mozilla Foundation) [On_Demand | Stopped] -- C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance)
SRV - [2013/11/11 22:02:14 | 003,478,544 | ---- | M] (AVG Technologies CZ, s.r.o.) [Auto | Running] -- C:\Program Files (x86)\AVG\AVG2014\avgidsagent.exe -- (AVGIDSAgent)
SRV - [2013/09/24 01:33:08 | 000,348,008 | ---- | M] (AVG Technologies CZ, s.r.o.) [Auto | Running] -- C:\Program Files (x86)\AVG\AVG2014\avgwdsvc.exe -- (avgwd)
SRV - [2013/09/19 15:45:18 | 000,038,440 | ---- | M] (Just Develop It) [Auto | Running] -- C:\Program Files (x86)\MyPC Backup\BackupStack.exe -- (BackupStack)
SRV - [2013/02/28 17:45:16 | 000,161,384 | R--- | M] (Skype Technologies) [Auto | Stopped] -- C:\Program Files (x86)\Skype\Updater\Updater.exe -- (SkypeUpdate)
SRV - [2012/11/05 21:36:55 | 002,675,712 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\system32\spool\DRIVERS\x64\3\PrintConfig.dll -- (PrintNotify)
SRV - [2012/08/25 01:12:44 | 000,010,240 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\sppsvc.exe -- (SLSvc)
SRV - [2012/07/25 20:20:04 | 000,018,432 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysWOW64\StorSvc.dll -- (StorSvc)
========== Driver Services (SafeList) ==========
DRV:64bit: - [2013/11/05 21:55:48 | 000,150,808 | ---- | M] (AVG Technologies CZ, s.r.o.) [File_System | System | Running] -- C:\Windows\SysNative\Drivers\avgdiska.sys -- (Avgdiska)
DRV:64bit: - [2013/11/04 21:52:42 | 000,240,920 | ---- | M] (AVG Technologies CZ, s.r.o.) [File_System | System | Running] -- C:\Windows\SysNative\Drivers\avgidsdrivera.sys -- (AVGIDSDriver)
DRV:64bit: - [2013/10/31 23:00:18 | 000,212,280 | ---- | M] (AVG Technologies CZ, s.r.o.) [File_System | System | Running] -- C:\Windows\SysNative\Drivers\avgldx64.sys -- (Avgldx64)
DRV:64bit: - [2013/10/31 22:49:46 | 000,294,712 | ---- | M] (AVG Technologies CZ, s.r.o.) [File_System | Boot | Running] -- C:\Windows\SysNative\Drivers\avgloga.sys -- (Avgloga)
DRV:64bit: - [2013/10/24 22:25:58 | 000,194,872 | ---- | M] (AVG Technologies CZ, s.r.o.) [File_System | Boot | Running] -- C:\Windows\SysNative\Drivers\avgidsha.sys -- (AVGIDSHA)
DRV:64bit: - [2013/10/21 22:28:28 | 000,252,728 | ---- | M] (AVG Technologies CZ, s.r.o.) [Kernel | System | Running] -- C:\Windows\SysNative\Drivers\avgwfpa.sys -- (Avgwfpa)
DRV:64bit: - [2013/10/10 04:53:35 | 000,096,600 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\Drivers\wfplwfs.sys -- (WFPLWFS)
DRV:64bit: - [2013/10/01 00:52:08 | 000,123,704 | ---- | M] (AVG Technologies CZ, s.r.o.) [File_System | Boot | Running] -- C:\Windows\SysNative\Drivers\avgmfx64.sys -- (Avgmfx64)
DRV:64bit: - [2013/09/10 00:43:02 | 000,031,544 | ---- | M] (AVG Technologies CZ, s.r.o.) [File_System | Boot | Running] -- C:\Windows\SysNative\Drivers\avgrkx64.sys -- (Avgrkx64)
DRV:64bit: - [2013/09/04 15:35:06 | 000,020,496 | ---- | M] (AVG Technologies CZ, s.r.o.) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\Drivers\avgboota.sys -- (Avgboota)
DRV:64bit: - [2013/08/28 06:32:28 | 000,524,528 | ---- | M] (Synaptics Incorporated) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\Drivers\SynTP.sys -- (SynTP)
DRV:64bit: - [2013/08/15 22:41:13 | 000,058,200 | ---- | M] (Microsoft Corporation) [Kernel | System | Stopped] -- C:\Windows\SysNative\Drivers\dam.sys -- (dam)
DRV:64bit: - [2013/08/09 23:30:22 | 000,151,896 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\Drivers\tpm.sys -- (TPM)
DRV:64bit: - [2013/07/09 01:04:07 | 000,120,144 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\msgpioclx.sys -- (GPIOClx0101)
DRV:64bit: - [2013/07/01 18:41:47 | 000,447,320 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\USBHUB3.SYS -- (USBHUB3)
DRV:64bit: - [2013/07/01 18:41:47 | 000,337,752 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\USBXHCI.SYS -- (USBXHCI)
DRV:64bit: - [2013/07/01 18:41:47 | 000,213,336 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\UCX01000.SYS -- (UCX01000)
DRV:64bit: - [2013/07/01 17:44:14 | 000,036,288 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\WdBoot.sys -- (WdBoot)
DRV:64bit: - [2013/07/01 15:08:49 | 000,247,216 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\WdFilter.sys -- (WdFilter)
DRV:64bit: - [2013/06/28 23:15:54 | 000,195,416 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\sdbus.sys -- (sdbus)
DRV:64bit: - [2013/05/31 20:08:57 | 000,037,632 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\BthAvrcpTg.sys -- (BthAvrcpTg)
DRV:64bit: - [2013/05/04 00:34:15 | 000,284,416 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\Drivers\spaceport.sys -- (spaceport)
DRV:64bit: - [2013/03/02 03:57:46 | 000,077,544 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\Drivers\storahci.sys -- (storahci)
DRV:64bit: - [2013/03/02 03:39:38 | 000,069,864 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\Drivers\pdc.sys -- (pdc)
DRV:64bit: - [2013/01/09 18:53:32 | 000,028,904 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\msgpiowin32.sys -- (msgpiowin32)
DRV:64bit: - [2012/11/26 20:55:44 | 000,029,952 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\BthhfHid.sys -- (bthhfhid)
DRV:64bit: - [2012/11/19 21:54:31 | 000,039,936 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\hidi2c.sys -- (hidi2c)
DRV:64bit: - [2012/11/05 20:55:44 | 000,022,528 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\fxppm.sys -- (FxPPM)
DRV:64bit: - [2012/10/12 01:08:01 | 000,027,880 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\rdpvideominiport.sys -- (RdpVideoMiniport)
DRV:64bit: - [2012/10/11 00:25:48 | 000,056,552 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\sdstor.sys -- (sdstor)
DRV:64bit: - [2012/10/10 20:08:10 | 000,044,928 | ---- | M] (ManyCam LLC) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\Drivers\mcvidrv_x64.sys -- (ManyCam)
DRV:64bit: - [2012/10/10 20:08:08 | 000,029,696 | ---- | M] (ManyCam LLC) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\Drivers\mcaudrv_x64.sys -- (mcaudrv_simple)
DRV:64bit: - [2012/09/20 00:55:27 | 003,265,256 | ---- | M] (Broadcom Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\Drivers\evbda.sys -- (ebdrv)
DRV:64bit: - [2012/09/20 00:55:24 | 000,533,224 | ---- | M] (Broadcom Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\Drivers\bxvbda.sys -- (b06bdrv)
DRV:64bit: - [2012/09/15 00:09:10 | 012,311,776 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\Drivers\igdkmd64.sys -- (igfx)
DRV:64bit: - [2012/08/01 03:03:18 | 003,618,304 | ---- | M] (Qualcomm Atheros Communications, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\Drivers\athw8x.sys -- (athr)
DRV:64bit: - [2012/07/25 22:26:46 | 000,025,328 | ---- | M] (Microsoft Corporation) [Recognizer | Boot | Unknown] -- C:\Windows\SysNative\drivers\fs_rec.sys -- (Fs_Rec)
DRV:64bit: - [2012/07/25 22:26:45 | 000,033,792 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\Drivers\condrv.sys -- (condrv)
DRV:64bit: - [2012/07/25 22:00:58 | 000,322,800 | ---- | M] (VIA Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\Drivers\VSTXRAID.SYS -- (VSTXRAID)
DRV:64bit: - [2012/07/25 22:00:58 | 000,106,224 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\VerifierExt.sys -- (VerifierExt)
DRV:64bit: - [2012/07/25 22:00:58 | 000,097,008 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\uaspstor.sys -- (UASPStor)
DRV:64bit: - [2012/07/25 22:00:57 | 000,077,040 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\Drivers\acpiex.sys -- (acpiex)
DRV:64bit: - [2012/07/25 22:00:55 | 000,064,240 | ---- | M] (Marvell Semiconductor, Inc.) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\Drivers\mvumis.sys -- (mvumis)
DRV:64bit: - [2012/07/25 22:00:55 | 000,030,960 | ---- | M] (Promise Technology, Inc.) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\Drivers\stexstor.sys -- (stexstor)
DRV:64bit: - [2012/07/25 22:00:52 | 000,092,400 | ---- | M] (LSI Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\Drivers\lsi_sas2.sys -- (LSI_SAS2)
DRV:64bit: - [2012/07/25 22:00:52 | 000,081,136 | ---- | M] (LSI Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\Drivers\lsi_sss.sys -- (LSI_SSS)
DRV:64bit: - [2012/07/25 22:00:52 | 000,064,752 | ---- | M] (Hewlett-Packard Company) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\Drivers\HpSAMD.sys -- (HpSAMD)
DRV:64bit: - [2012/07/25 22:00:51 | 000,113,904 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\Drivers\EhStorTcgDrv.sys -- (EhStorTcgDrv)
DRV:64bit: - [2012/07/25 22:00:51 | 000,081,136 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\Drivers\EhStorClass.sys -- (EhStorClass)
DRV:64bit: - [2012/07/25 22:00:49 | 000,258,288 | ---- | M] (AMD Technologies Inc.) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\Drivers\amdsbs.sys -- (amdsbs)
DRV:64bit: - [2012/07/25 22:00:49 | 000,106,736 | ---- | M] (LSI) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\Drivers\3ware.sys -- (3ware)
DRV:64bit: - [2012/07/25 22:00:49 | 000,076,016 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\Drivers\amdsata.sys -- (amdsata)
DRV:64bit: - [2012/07/25 22:00:48 | 000,026,352 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\Drivers\amdxata.sys -- (amdxata)
DRV:64bit: - [2012/07/25 21:57:54 | 000,361,200 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\Drivers\clfs.sys -- (CLFS)
DRV:64bit: - [2012/07/25 21:53:16 | 000,067,824 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\vpci.sys -- (vpci)
DRV:64bit: - [2012/07/25 20:17:38 | 000,036,592 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\terminpt.sys -- (terminpt)
DRV:64bit: - [2012/07/25 19:29:14 | 000,010,752 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\mshidumdf.sys -- (mshidumdf)
DRV:64bit: - [2012/07/25 19:29:08 | 000,048,640 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\Drivers\BasicDisplay.sys -- (BasicDisplay)
DRV:64bit: - [2012/07/25 19:29:03 | 000,024,576 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\HyperVideo.sys -- (HyperVideo)
DRV:64bit: - [2012/07/25 19:28:52 | 000,029,696 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\Drivers\BasicRender.sys -- (BasicRender)
DRV:64bit: - [2012/07/25 19:27:58 | 000,012,288 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\vmgencounter.sys -- (gencounter)
DRV:64bit: - [2012/07/25 19:27:41 | 000,018,432 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\Drivers\kdnic.sys -- (kdnic)
DRV:64bit: - [2012/07/25 19:27:37 | 000,010,752 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\acpitime.sys -- (acpitime)
DRV:64bit: - [2012/07/25 19:27:33 | 000,023,552 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\Drivers\npsvctrig.sys -- (npsvctrig)
DRV:64bit: - [2012/07/25 19:27:29 | 000,019,968 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\WpdUpFltr.sys -- (WpdUpFltr)
DRV:64bit: - [2012/07/25 19:27:16 | 000,010,240 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\acpipagr.sys -- (acpipagr)
DRV:64bit: - [2012/07/25 19:27:01 | 000,011,776 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\hyperkbd.sys -- (hyperkbd)
DRV:64bit: - [2012/07/25 19:26:46 | 000,062,976 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\SerCx.sys -- (SerCx)
DRV:64bit: - [2012/07/25 19:26:43 | 000,059,392 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\SpbCx.sys -- (SpbCx)
DRV:64bit: - [2012/07/25 19:26:34 | 000,030,208 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\TsUsbGD.sys -- (TsUsbGD)
DRV:64bit: - [2012/07/25 19:26:13 | 000,051,200 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\bthhfenum.sys -- (BthHFEnum)
DRV:64bit: - [2012/07/25 19:25:57 | 000,033,280 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\dmvsc.sys -- (dmvsc)
DRV:64bit: - [2012/07/25 19:25:56 | 000,057,344 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\TsUsbFlt.sys -- (TsUsbFlt)
DRV:64bit: - [2012/07/25 19:25:26 | 000,203,776 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\Vid.sys -- (Vid)
DRV:64bit: - [2012/07/25 19:25:22 | 000,067,584 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\storvsp.sys -- (storvsp)
DRV:64bit: - [2012/07/25 19:25:13 | 000,045,056 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\wpcfltr.sys -- (wpcfltr)
DRV:64bit: - [2012/07/25 19:25:12 | 000,117,248 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\vmbusr.sys -- (vmbusr)
DRV:64bit: - [2012/07/25 19:25:12 | 000,066,048 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\vpcivsp.sys -- (vpcivsp)
DRV:64bit: - [2012/07/25 19:25:01 | 000,126,464 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\NdisImPlatform.sys -- (NdisImPlatform)
DRV:64bit: - [2012/07/25 19:23:53 | 000,068,608 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\mslldp.sys -- (MsLldp)
DRV:64bit: - [2012/07/25 19:23:42 | 000,097,792 | ---- | M] (Microsoft Corporation) [Kernel | Auto | Running] -- C:\Windows\SysNative\Drivers\Ndu.sys -- (Ndu)
DRV:64bit: - [2012/07/20 12:42:06 | 000,009,216 | ---- | M] (TOSHIBA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\Drivers\FwLnk.sys -- (FwLnk)
DRV:64bit: - [2012/06/22 05:02:52 | 000,110,744 | ---- | M] (Qualcomm Atheros Co., Ltd.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\Drivers\L1C63x64.sys -- (L1C)
DRV:64bit: - [2011/07/22 09:26:56 | 000,014,928 | ---- | M] (SUPERAdBlocker.com and SUPERAntiSpyware.com) [Kernel | System | Running] -- C:\Program Files\SUPERAntiSpyware\sasdifsv64.sys -- (SASDIFSV)
DRV:64bit: - [2011/07/12 14:55:18 | 000,012,368 | ---- | M] (SUPERAdBlocker.com and SUPERAntiSpyware.com) [Kernel | System | Running] -- C:\Program Files\SUPERAntiSpyware\saskutil64.sys -- (SASKUTIL)
DRV:64bit: - [2009/09/17 20:54:54 | 000,056,344 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\Drivers\HECIx64.sys -- (HECIx64)
DRV:64bit: - [2008/05/06 17:06:00 | 000,014,464 | ---- | M] (Western Digital Technologies) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\wdcsam64.sys -- (WDC_SAM)
DRV:64bit: - [2007/11/09 06:00:30 | 000,026,968 | ---- | M] (TOSHIBA Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\Drivers\TVALZ_O.SYS -- (TVALZ)
========== Standard Registry (SafeList) ==========
========== Internet Explorer ==========
IE:64bit: - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE:64bit: - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/...ms}&FORM=IE8SRC
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKLM\..\SearchScopes,DefaultScope = {D581C697-E0A1-4E8E-9021-BA85AEF6D57F}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/...ms}&FORM=IE8SRC
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://search.condui...67E526778&SSPV=
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = http://t.msn.com/
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = en-US
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 33 B7 AF EE 9B 3C CE 01 [binary data]
IE - HKCU\..\URLSearchHook: {D8278076-BC68-4484-9233-6E7F1628B56C} - No CLSID value found
IE - HKCU\..\SearchScopes,DefaultScope = {014DB5FA-EAFB-4592-A95B-F44D3EE87FA9}
IE - HKCU\..\SearchScopes\{014DB5FA-EAFB-4592-A95B-F44D3EE87FA9}: "URL" = http://search.condui...rchTerms}&SSPV=
IE - HKCU\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/...Box&FORM=IE10SR
IE - HKCU\..\SearchScopes\{1C3A39F4-25B8-4177-A958-31A52389F6CE}: "URL" = http://asksearch.ask...={searchTerms}
IE - HKCU\..\SearchScopes\{D581C697-E0A1-4E8E-9021-BA85AEF6D57F}: "URL" = http://search.condui...5414927383&UM=2
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
========== FireFox ==========
FF - prefs.js..CT3298566.browser.search.defaultthis.engineName: "true"
FF - prefs.js..browser.search.defaultenginename: "Conduit Search"
FF - prefs.js..browser.search.defaultthis.engineName: "MixiDJ V30 Customized Web Search"
FF - prefs.js..browser.search.defaulturl: "http://search.condui...={searchTerms}"
FF - prefs.js..browser.search.order.1: "Ask Search"
FF - prefs.js..browser.search.selectedEngine: "Conduit Search"
FF - prefs.js..browser.search.useDBForOrder: true
FF - prefs.js..browser.startup.homepage: "msn.com"
FF - prefs.js..extensions.enabledAddons: %7Bb0b5a63d-7609-4029-823b-9a3acc4bd1ff%7D:1.135
FF - prefs.js..extensions.enabledAddons: ext%40WebexpEnhancedV1alpha2079.net:1.1
FF - prefs.js..extensions.enabledAddons: %7BF32E7E42-9AFA-47CA-A0C4-D07EE651D404%7D:1.0
FF - prefs.js..extensions.enabledAddons: support%40searchdonkeyapp.com:2.6.49
FF - prefs.js..extensions.enabledAddons: idmsq%40idmsq.com:1.0
FF - prefs.js..extensions.enabledAddons: 617adace-7eff-4533-a99b-c3035e421e39%4079b1df57-9584-4f9d-8a2b-ae1803a7ae55.com:0.93.44
FF - prefs.js..extensions.enabledAddons: crossriderapp12555%40crossrider.com:0.93.88
FF - prefs.js..extensions.enabledAddons: wecarereminder%40bryan:4.1.23.4
FF - prefs.js..extensions.enabledAddons: 39e612de-2951-40c2-ab4a-82e121c42778%404e0cecc2-7c67-4374-bc4c-f15656d80ab7.com:0.93.124
FF - prefs.js..extensions.enabledAddons: %7B1122b43d-30ee-403f-9bfa-3cc99b0caddd%7D:10.23.0.822
FF - prefs.js..extensions.enabledAddons: %7B972ce4c6-7e08-4474-a285-3208198ce6fd%7D:23.0.1
FF - prefs.js..keyword.URL: "http://search.condui...274330&UM=2&q="
FF:64bit: - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files\Microsoft Silverlight\5.1.20913.0\npctrl.dll ( Microsoft Corporation)
FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0: C:\PROGRA~1\MICROS~1\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files (x86)\Microsoft Silverlight\5.1.20913.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0: C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/SharePoint,version=14.0: C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@videolan.org/vlc,version=2.0.4: C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\[email protected]: C:\Program Files (x86)\WebexpEnhancedV1\WebexpEnhancedV1alpha2079\ff [2013/12/29 17:08:04 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 23.0.1\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 23.0.1\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins
FF - HKEY_CURRENT_USER\software\mozilla\Firefox\Extensions\\{b0b5a63d-7609-4029-823b-9a3acc4bd1ff}: C:\Program Files (x86)\Re-markit\135.xpi [2013/11/22 14:52:29 | 000,005,702 | ---- | M] ()
FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Firefox 23.0.1\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components
FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Firefox 23.0.1\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins
[2013/12/29 17:36:57 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Cowboys\AppData\Roaming\Mozilla\Extensions
[2014/01/03 23:51:08 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Cowboys\AppData\Roaming\Mozilla\Firefox\Profiles\36c045zd.default\extensions
[2014/01/03 18:01:29 | 000,000,000 | ---D | M] (MixiDJ V30) -- C:\Users\Cowboys\AppData\Roaming\Mozilla\Firefox\Profiles\36c045zd.default\extensions\{1122b43d-30ee-403f-9bfa-3cc99b0caddd}
[2013/11/21 10:24:08 | 000,000,000 | ---D | M] (Yahoo! Toolbar) -- C:\Users\Cowboys\AppData\Roaming\Mozilla\Firefox\Profiles\36c045zd.default\extensions\{635abd67-4fe9-1b23-4f01-e679fa7484c1}
[2013/12/29 17:36:57 | 000,000,000 | ---D | M] (ArcadeParlor) -- C:\Users\Cowboys\AppData\Roaming\Mozilla\Firefox\Profiles\36c045zd.default\extensions\{F32E7E42-9AFA-47CA-A0C4-D07EE651D404}
[2013/12/29 17:16:27 | 000,000,000 | ---D | M] ("Plus-HD-1.2") -- C:\Users\Cowboys\AppData\Roaming\Mozilla\Firefox\Profiles\36c045zd.default\extensions\39e612de-2951-40c2-ab4a-82e121c42778@4e0cecc2-7c67-4374-bc4c-f15656d80ab7.com
[2013/11/22 14:54:04 | 000,000,000 | ---D | M] ("Newzio 1.4") -- C:\Users\Cowboys\AppData\Roaming\Mozilla\Firefox\Profiles\36c045zd.default\extensions\617adace-7eff-4533-a99b-c3035e421e39@79b1df57-9584-4f9d-8a2b-ae1803a7ae55.com
[2014/01/03 18:01:40 | 000,000,000 | ---D | M] ("jollywallet") -- C:\Users\Cowboys\AppData\Roaming\Mozilla\Firefox\Profiles\36c045zd.default\extensions\[email protected]
[2013/07/22 01:31:26 | 000,000,000 | ---D | M] (GetSavin) -- C:\Users\Cowboys\AppData\Roaming\Mozilla\Firefox\Profiles\36c045zd.default\extensions\getsavin@jetpack
[2013/12/29 18:29:26 | 000,000,000 | ---D | M] (Internet Download Manager Squared) -- C:\Users\Cowboys\AppData\Roaming\Mozilla\Firefox\Profiles\36c045zd.default\extensions\[email protected]
[2013/11/22 14:52:47 | 000,000,000 | ---D | M] (ScorpionSaver) -- C:\Users\Cowboys\AppData\Roaming\Mozilla\Firefox\Profiles\36c045zd.default\extensions\ScorpionSaver@jetpack
[2013/12/29 17:37:39 | 000,000,000 | ---D | M] (SearchDonkey) -- C:\Users\Cowboys\AppData\Roaming\Mozilla\Firefox\Profiles\36c045zd.default\extensions\[email protected]
[2014/01/03 18:01:31 | 000,000,000 | ---D | M] (We-Care App) -- C:\Users\Cowboys\AppData\Roaming\Mozilla\Firefox\Profiles\36c045zd.default\extensions\wecarereminder@bryan
[2014/01/03 02:25:31 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Cowboys\AppData\Roaming\Mozilla\Firefox\Profiles\36c045zd.default\extensions\39e612de-2951-40c2-ab4a-82e121c42778@4e0cecc2-7c67-4374-bc4c-f15656d80ab7.com\extensionData
[2014/01/03 02:25:32 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Cowboys\AppData\Roaming\Mozilla\Firefox\Profiles\36c045zd.default\extensions\39e612de-2951-40c2-ab4a-82e121c42778@4e0cecc2-7c67-4374-bc4c-f15656d80ab7.com\extensionData\plugins
[2014/01/03 02:25:32 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Cowboys\AppData\Roaming\Mozilla\Firefox\Profiles\36c045zd.default\extensions\39e612de-2951-40c2-ab4a-82e121c42778@4e0cecc2-7c67-4374-bc4c-f15656d80ab7.com\extensionData\userCode
[2014/01/03 02:25:02 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Cowboys\AppData\Roaming\Mozilla\Firefox\Profiles\36c045zd.default\extensions\617adace-7eff-4533-a99b-c3035e421e39@79b1df57-9584-4f9d-8a2b-ae1803a7ae55.com\extensionData
[2014/01/03 02:25:04 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Cowboys\AppData\Roaming\Mozilla\Firefox\Profiles\36c045zd.default\extensions\617adace-7eff-4533-a99b-c3035e421e39@79b1df57-9584-4f9d-8a2b-ae1803a7ae55.com\extensionData\plugins
[2014/01/03 02:25:06 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Cowboys\AppData\Roaming\Mozilla\Firefox\Profiles\36c045zd.default\extensions\617adace-7eff-4533-a99b-c3035e421e39@79b1df57-9584-4f9d-8a2b-ae1803a7ae55.com\extensionData\userCode
[2014/01/03 18:01:37 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Cowboys\AppData\Roaming\Mozilla\Firefox\Profiles\36c045zd.default\extensions\[email protected]\extensionData
[2014/01/03 18:01:37 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Cowboys\AppData\Roaming\Mozilla\Firefox\Profiles\36c045zd.default\extensions\[email protected]\extensionData\plugins
[2014/01/03 18:01:36 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Cowboys\AppData\Roaming\Mozilla\Firefox\Profiles\36c045zd.default\extensions\[email protected]\extensionData\userCode
[2013/05/31 12:19:14 | 000,053,942 | ---- | M] () (No name found) -- C:\Users\Cowboys\AppData\Roaming\Mozilla\Firefox\Profiles\36c045zd.default\extensions\[email protected]
[2014/01/03 17:40:21 | 000,530,247 | ---- | M] () (No name found) -- C:\Users\Cowboys\AppData\Roaming\Mozilla\Firefox\Profiles\36c045zd.default\extensions\[email protected]
[2013/04/20 21:47:09 | 000,002,508 | ---- | M] () -- C:\Users\Cowboys\AppData\Roaming\Mozilla\Firefox\Profiles\36c045zd.default\searchplugins\ask-search.xml
[2014/01/04 02:59:29 | 000,000,969 | ---- | M] () -- C:\Users\Cowboys\AppData\Roaming\Mozilla\Firefox\Profiles\36c045zd.default\searchplugins\conduit-search.xml
[2013/12/29 17:18:55 | 000,000,850 | ---- | M] () -- C:\Users\Cowboys\AppData\Roaming\Mozilla\Firefox\Profiles\36c045zd.default\searchplugins\conduit.xml
[2014/01/03 22:43:02 | 000,004,136 | ---- | M] () -- C:\Users\Cowboys\AppData\Roaming\Mozilla\Firefox\Profiles\36c045zd.default\searchplugins\SweetIM Search.xml
[2013/11/22 15:25:39 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\Mozilla Firefox\browser\extensions
[2013/11/22 15:26:15 | 000,000,000 | ---D | M] (Default) -- C:\Program Files (x86)\Mozilla Firefox\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
[2013/11/22 14:52:29 | 000,005,702 | ---- | M] () (No name found) -- C:\PROGRAM FILES (X86)\RE-MARKIT\135.XPI
[2013/12/29 17:08:04 | 000,000,000 | ---D | M] (Webexp Enhanced) -- C:\PROGRAM FILES (X86)\WEBEXPENHANCEDV1\WEBEXPENHANCEDV1ALPHA2079\FF
O1 HOSTS File: ([2013/12/29 17:48:50 | 000,000,867 | ---- | M]) - C:\Windows\SysNative\Drivers\etc\hosts
O1 - Hosts: 127.0.0.1 d2lk34kybukd05.cloudfront.net
O2:64bit: - BHO: (jollywallet) - {11111111-1111-1111-1111-110111251155} - C:\Program Files (x86)\jollywallet\jollywallet-bho64.dll (jollywallet)
O2:64bit: - BHO: (Plus-HD-1.2) - {11111111-1111-1111-1111-110311121155} - C:\Program Files (x86)\Plus-HD-1.2\Plus-HD-1.2-bho64.dll (Plus HD)
O2:64bit: - BHO: (Newzio 1.4) - {11111111-1111-1111-1111-110411081152} - C:\Program Files (x86)\Newzio 1.4\Newzio 1.4-bho64.dll (AlgoClicks)
O2 - BHO: (no name) - {078B4C00-A911-41F3-9FD1-E07ACA3FFA55} - No CLSID value found.
O2 - BHO: (Re-markit) - {0f03b11d-409d-4280-8e9a-1eba82866e4e} - C:\Program Files (x86)\Re-markit\135.dll ()
O2 - BHO: (no name) - {10AD2C61-0898-4348-8600-14A342F22AC3} - No CLSID value found.
O2 - BHO: (jollywallet) - {11111111-1111-1111-1111-110111251155} - C:\Program Files (x86)\jollywallet\jollywallet-bho.dll (jollywallet)
O2 - BHO: (Plus-HD-1.2) - {11111111-1111-1111-1111-110311121155} - C:\Program Files (x86)\Plus-HD-1.2\Plus-HD-1.2-bho.dll (Plus HD)
O2 - BHO: (Newzio 1.4) - {11111111-1111-1111-1111-110411081152} - C:\Program Files (x86)\Newzio 1.4\Newzio 1.4-bho.dll (AlgoClicks)
O2 - BHO: (Webexp Enhanced) - {1b427ba3-08c1-419d-8a7e-90e527e5a76e} - C:\Program Files (x86)\WebexpEnhancedV1\WebexpEnhancedV1alpha2079\ie\WebexpEnhancedV1alpha2079.dll ()
O2 - BHO: (DownloadTerms) - {2C4BA31C-0C15-11E2-90C7-9BFCBEB168B3} - C:\Users\Cowboys\AppData\Local\DownloadTerms\temp.dat ()
O2 - BHO: (ArcadeParlor Games) - {39AD0726-986D-40F9-972B-E3BFA24B7745} - C:\Users\Cowboys\AppData\Local\ArcadeParlor\Arcadeparlor.dll ()
O2 - BHO: (Idmsq Extension) - {3AA4FC9D-FB51-44a2-B09F-0457857CA7C2} - C:\Users\Cowboys\AppData\Roaming\IDMSQ\idmsqext.dll (Or Interactive Ltd)
O2 - BHO: (no name) - {44ed99e2-16a6-4b89-80d6-5b21cf42e78b} - No CLSID value found.
O2 - BHO: (Define) - {B78F92C8-DEB3-11E2-9A0A-FB64281D6ADE} - C:\Users\Cowboys\AppData\Local\DefineExt\temp.dat ()
O2 - BHO: (no name) - {D824F0DE-3D60-4F57-9EB1-66033ECD8ABB} - No CLSID value found.
O2 - BHO: (PricePeep) - {FD6D90C0-E6EE-4BC6-B9F7-9ED319698007} - C:\Program Files (x86)\PricePeep\pricepeep.dll (PricePeep)
O4:64bit: - HKLM..\Run: [HotKeysCmds] C:\Windows\SysNative\hkcmd.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [IgfxTray] C:\Windows\SysNative\igfxtray.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [Persistence] C:\Windows\SysNative\igfxpers.exe (Intel Corporation)
O4 - HKLM..\Run: [AVG_UI] C:\Program Files (x86)\AVG\AVG2014\avgui.exe (AVG Technologies CZ, s.r.o.)
O4 - HKLM..\Run: [CommonToolkitTray] C:\Program Files (x86)\Fighters\Tray\FightersTray.exe (SPAMfighter ApS)
O4 - HKLM..\Run: [mobilegeni daemon] C:\Program Files (x86)\Mobogenie\DaemonProcess.exe ()
O4 - HKCU..\Run: [IDMSQ] C:\Program Files (x86)\IDMSQ\idmsq.exe ()
O4 - HKCU..\Run: [ManyCam] C:\Program Files (x86)\ManyCam\Bin\ManyCam.exe (ManyCam LLC)
O4 - HKCU..\Run: [NextLive] C:\Users\Cowboys\AppData\Roaming\newnext.me\nengine.dll (NewNextDotMe)
O4 - HKCU..\Run: [PC Health Kit] C:\Program Files (x86)\PC Health Kit\PCHKLauncher.exe (PC Health Labs)
O4 - HKCU..\Run: [SUPERAntiSpyware] C:\Program Files\SUPERAntiSpyware\SUPERANTISPYWARE.EXE (SUPERAntiSpyware)
O4 - Startup: C:\Users\Cowboys\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\FrostWire On Startup.lnk = C:\Program Files (x86)\FrostWire 5\FrostWire.exe (FrostWire)
O4 - Startup: C:\Users\Cowboys\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\MyPC Backup.lnk = C:\Program Files (x86)\MyPC Backup\MyPC Backup.exe (MyPCBackup.com)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableCursorSuppression = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O1364bit: - gopher Prefix: missing
O13 - gopher Prefix: missing
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 209.18.47.61 209.18.47.62
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{99FDA86E-2988-470C-9036-4E60AD873C82}: DhcpNameServer = 209.18.47.61 209.18.47.62
O18:64bit: - Protocol\Handler\ms-help - No CLSID value found
O18:64bit: - Protocol\Handler\skype4com - No CLSID value found
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O20:64bit: - AppInit_DLLs: (C:\PROGRA~2\SearchProtect\SearchProtect\bin\SPVC64Loader.dll) - C:\Program Files (x86)\SearchProtect\SearchProtect\bin\SPVC64Loader.dll (Conduit)
O20:64bit: - AppInit_DLLs: (C:\PROGRA~2\OPTIMI~1\OPTPRO~2.DLL) - File not found
O20 - AppInit_DLLs: (c:\progra~2\searchprotect\searchprotect\bin\spvc32loader.dll) - c:\Program Files (x86)\SearchProtect\SearchProtect\bin\SPVC32Loader.dll (Conduit)
O20 - AppInit_DLLs: (c:\progra~2\optimi~1\optpro~1.dll) - File not found
O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (userinit.exe) - C:\Windows\SysWow64\userinit.exe (Microsoft Corporation)
O20:64bit: - Winlogon\Notify\igfxcui: DllName - (igfxdev.dll) - C:\Windows\SysNative\igfxdev.dll (Intel Corporation)
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O30 - LSA: Security Packages - (livessp) - File not found
O32 - HKLM CDRom: AutoRun - 1
O33 - MountPoints2\{43f3e49a-aa2b-11e2-be92-00266cad965b}\Shell - "" = AutoRun
O33 - MountPoints2\{43f3e49a-aa2b-11e2-be92-00266cad965b}\Shell\AutoRun\command - "" = "F:\LaunchU3.exe" -a
O34 - HKLM BootExecute: (autocheck autochk *)
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)
========== Files/Folders - Created Within 30 Days ==========
[2014/01/04 03:10:19 | 000,602,112 | ---- | C] (OldTimer Tools) -- C:\Users\Cowboys\Desktop\OTL.exe
[2014/01/04 01:04:52 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft CAPICOM 2.1.0.2
[2014/01/04 01:00:44 | 000,000,000 | -HSD | C] -- C:\Config.Msi
[2014/01/03 23:31:19 | 000,312,320 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msieftp.dll
[2014/01/03 23:31:19 | 000,273,408 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msieftp.dll
[2014/01/03 22:43:15 | 000,000,000 | ---D | C] -- C:\Users\Cowboys\AppData\Local\SearchProtect
[2014/01/03 21:23:13 | 000,000,000 | ---D | C] -- C:\SUPERDelete
[2014/01/03 17:32:19 | 000,000,000 | ---D | C] -- C:\Users\Cowboys\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\CCleaner
[2014/01/03 17:32:18 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\CCleaner
[2014/01/03 17:29:41 | 000,000,000 | ---D | C] -- C:\Users\Cowboys\AppData\Roaming\SUPERAntiSpyware.com
[2014/01/03 17:29:22 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SUPERAntiSpyware
[2014/01/03 17:29:19 | 000,000,000 | ---D | C] -- C:\ProgramData\SUPERAntiSpyware.com
[2014/01/03 17:29:19 | 000,000,000 | ---D | C] -- C:\Program Files\SUPERAntiSpyware
[2014/01/03 17:27:47 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\VS Revo Group
[2014/01/03 17:27:47 | 000,000,000 | ---D | C] -- C:\Users\Cowboys\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Revo Uninstaller
[2013/12/29 18:37:20 | 000,000,000 | ---D | C] -- C:\Users\Cowboys\AppData\Roaming\PC Health Kit
[2013/12/29 18:37:14 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PC Health Kit
[2013/12/29 18:37:12 | 000,000,000 | ---D | C] -- C:\Users\Cowboys\AppData\Roaming\AVG2014
[2013/12/29 18:37:11 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\PC Health Kit
[2013/12/29 18:36:25 | 000,000,000 | ---D | C] -- C:\Users\Cowboys\AppData\Roaming\TuneUp Software
[2013/12/29 18:36:25 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVG
[2013/12/29 18:34:18 | 000,000,000 | -H-D | C] -- C:\$AVG
[2013/12/29 18:34:18 | 000,000,000 | ---D | C] -- C:\ProgramData\AVG2014
[2013/12/29 18:33:33 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\AVG
[2013/12/29 18:31:08 | 000,829,264 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msvcr100.dll
[2013/12/29 18:31:08 | 000,608,080 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msvcp100.dll
[2013/12/29 18:31:04 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\WNLT
[2013/12/29 18:31:03 | 000,000,000 | ---D | C] -- C:\Users\Cowboys\AppData\Local\Avg2014
[2013/12/29 18:30:34 | 000,000,000 | -H-D | C] -- C:\ProgramData\Common Files
[2013/12/29 18:30:34 | 000,000,000 | ---D | C] -- C:\Users\Cowboys\AppData\Local\MFAData
[2013/12/29 18:30:34 | 000,000,000 | ---D | C] -- C:\ProgramData\MFAData
[2013/12/29 18:30:34 | 000,000,000 | ---D | C] -- C:\Users\Cowboys\AppData\Local\Avg2013
[2013/12/29 18:28:11 | 000,837,560 | ---- | C] (Download Manager ) -- C:\Users\Cowboys\Desktop\setup (2).exe
[2013/12/29 17:49:02 | 000,000,000 | ---D | C] -- C:\ProgramData\OEM Links
[2013/12/29 17:48:59 | 000,000,000 | ---D | C] -- C:\MININT
[2013/12/29 17:48:49 | 000,000,000 | ---D | C] -- C:\Users\Cowboys\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\IDMSQ
[2013/12/29 17:48:49 | 000,000,000 | ---D | C] -- C:\Users\Cowboys\AppData\Roaming\IDMSQ
[2013/12/29 17:48:46 | 000,000,000 | ---D | C] -- C:\Users\Cowboys\AppData\Roaming\Systweak
[2013/12/29 17:48:44 | 000,020,312 | ---- | C] (Systweak Inc., (www.systweak.com)) -- C:\Windows\SysNative\roboot64.exe
[2013/12/29 17:48:18 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\IDMSQ
[2013/12/29 17:47:41 | 000,000,000 | ---D | C] -- C:\Users\Cowboys\AppData\Roaming\IDM2
[2013/12/29 17:41:00 | 000,000,000 | ---D | C] -- C:\ProgramData\Winferno
[2013/12/29 17:39:47 | 000,000,000 | -HSD | C] -- C:\Windows\SysWow64\AI_RecycleBin
[2013/12/29 17:39:45 | 000,000,000 | ---D | C] -- C:\Users\Cowboys\AppData\Roaming\VideoBuzz
[2013/12/29 17:39:45 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VideoBuzz
[2013/12/29 17:39:45 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\VideoBuzz
[2013/12/29 17:39:41 | 000,000,000 | ---D | C] -- C:\ProgramData\Adobe
[2013/12/29 17:39:40 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Adobe
[2013/12/29 17:39:39 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Adobe AIR
[2013/12/29 17:39:37 | 000,000,000 | ---D | C] -- C:\Users\Cowboys\AppData\Local\Adobe
[2013/12/29 17:38:53 | 000,000,000 | ---D | C] -- C:\Users\Cowboys\AppData\Roaming\Fighters
[2013/12/29 17:38:45 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Fighters
[2013/12/29 17:38:25 | 000,000,000 | ---D | C] -- C:\ProgramData\Fighters
[2013/12/29 17:38:25 | 000,000,000 | ---D | C] -- C:\Program Files\Fighters
[2013/12/29 17:38:25 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Fighters
[2013/12/29 17:36:59 | 000,000,000 | ---D | C] -- C:\Users\Cowboys\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\ArcadeParlor
[2013/12/29 17:36:52 | 000,000,000 | ---D | C] -- C:\Users\Cowboys\AppData\Local\ArcadeParlor
[2013/12/29 17:36:37 | 000,835,656 | ---- | C] (Capital Intellect Inc) -- C:\Windows\SysWow64\WINCTL5.OCX
[2013/12/29 17:36:37 | 000,499,785 | ---- | C] (Capital Intellect Inc) -- C:\Windows\SysWow64\WINUTIL8.DLL
[2013/12/29 17:36:37 | 000,393,216 | ---- | C] (Capital Intellect Inc) -- C:\Windows\SysWow64\WINLCTL6.DLL
[2013/12/29 17:36:30 | 000,516,832 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\CapiCom.dll
[2013/12/29 17:36:29 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Winferno
[2013/12/29 17:36:29 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Winferno
[2013/12/29 17:22:50 | 000,000,000 | ---D | C] -- C:\Program Files\Uninstaller
[2013/12/29 17:18:16 | 000,000,000 | ---D | C] -- C:\Users\Cowboys\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\MyPC Backup
[2013/12/29 17:18:13 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\MyPC Backup
[2013/12/29 17:16:34 | 000,000,000 | ---D | C] -- C:\Users\Cowboys\.android
[2013/12/29 17:16:30 | 000,000,000 | ---D | C] -- C:\Users\Cowboys\AppData\Local\cache
[2013/12/29 17:16:26 | 000,000,000 | ---D | C] -- C:\Users\Cowboys\AppData\Roaming\newnext.me
[2013/12/29 17:16:26 | 000,000,000 | ---D | C] -- C:\Users\Cowboys\AppData\Local\genienext
[2013/12/29 17:15:31 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VideoPlayer
[2013/12/29 17:15:23 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\VideoPlayer
[2013/12/29 17:15:13 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Mobogenie
[2013/12/29 17:14:57 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Plus-HD-1.2
[2013/12/29 17:14:41 | 000,000,000 | ---D | C] -- C:\Users\Cowboys\AppData\Local\Programs
[2013/12/29 17:08:05 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\SearchProtect
[2013/12/29 17:07:57 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\WebexpEnhancedV1
[2013/12/09 15:34:36 | 000,000,000 | ---D | C] -- C:\Program Files\Level Quality Watcher
[2013/12/08 20:42:08 | 000,000,000 | ---D | C] -- C:\Users\Cowboys\Documents\Richard
========== Files - Modified Within 30 Days ==========
[2014/01/04 03:10:20 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Cowboys\Desktop\OTL.exe
[2014/01/04 02:54:00 | 000,001,310 | ---- | M] () -- C:\Windows\tasks\Newzio 1.4-updater.job
[2014/01/04 01:33:01 | 000,000,364 | ---- | M] () -- C:\Windows\tasks\AmiUpdXp.job
[2014/01/04 00:48:24 | 000,000,296 | ---- | M] () -- C:\Windows\tasks\ArcadeParlor.job
[2014/01/03 23:17:00 | 000,001,348 | ---- | M] () -- C:\Windows\tasks\Plus-HD-1.2-updater.job
[2014/01/03 23:17:00 | 000,001,150 | ---- | M] () -- C:\Windows\tasks\Plus-HD-1.2-enabler.job
[2014/01/03 23:16:00 | 000,001,250 | ---- | M] () -- C:\Windows\tasks\Plus-HD-1.2-codedownloader.job
[2014/01/03 23:15:01 | 000,002,124 | ---- | M] () -- C:\Windows\tasks\Plus-HD-1.2-firefoxinstaller.job
[2014/01/03 23:15:01 | 000,001,996 | ---- | M] () -- C:\Windows\tasks\Plus-HD-1.2-chromeinstaller.job
[2014/01/03 23:02:33 | 000,848,230 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2014/01/03 23:02:33 | 000,719,418 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2014/01/03 23:02:33 | 000,132,748 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2014/01/03 22:44:37 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2014/01/03 22:43:13 | 000,000,458 | ---- | M] () -- C:\Windows\tasks\RegPowerClean.job
[2014/01/03 22:43:07 | 000,000,444 | ---- | M] () -- C:\Windows\tasks\RPCReminder.job
[2014/01/03 22:42:55 | 000,000,404 | ---- | M] () -- C:\Windows\tasks\SLOW-PCfighter64-Cowboys-Notification.job
[2014/01/03 22:42:55 | 000,000,404 | ---- | M] () -- C:\Windows\tasks\Re-markit Update.job
[2014/01/03 22:42:55 | 000,000,402 | ---- | M] () -- C:\Windows\tasks\SLOW-PCfighter64-Cowboys-Startup.job
[2014/01/03 22:42:45 | 000,000,290 | ---- | M] () -- C:\Windows\tasks\AutoKMS.job
[2014/01/03 22:42:35 | 268,435,456 | -HS- | M] () -- C:\swapfile.sys
[2014/01/03 22:42:33 | 3267,231,744 | -HS- | M] () -- C:\hiberfil.sys
[2014/01/03 17:32:19 | 000,001,007 | ---- | M] () -- C:\Users\Cowboys\Desktop\CCleaner.lnk
[2014/01/03 17:29:23 | 000,001,808 | ---- | M] () -- C:\Users\Public\Desktop\SUPERAntiSpyware Free Edition.lnk
[2014/01/03 17:27:48 | 000,001,264 | ---- | M] () -- C:\Users\Cowboys\Desktop\Revo Uninstaller.lnk
[2014/01/03 02:22:11 | 000,438,536 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT
[2013/12/29 18:36:25 | 000,000,965 | ---- | M] () -- C:\Users\Public\Desktop\AVG 2014.lnk
[2013/12/29 18:28:13 | 000,837,560 | ---- | M] (Download Manager ) -- C:\Users\Cowboys\Desktop\setup (2).exe
[2013/12/29 17:49:07 | 000,001,097 | ---- | M] () -- C:\Users\Cowboys\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\MyPC Backup.lnk
[2013/12/29 17:49:07 | 000,001,087 | ---- | M] () -- C:\Users\Cowboys\Desktop\MyPC Backup.lnk
[2013/12/29 17:39:46 | 000,000,949 | ---- | M] () -- C:\Users\Public\Desktop\VideoBuzz.lnk
[2013/12/29 17:15:32 | 000,001,033 | ---- | M] () -- C:\Users\Public\Desktop\VideoPlayer.lnk
[2013/12/09 15:38:19 | 000,003,159 | ---- | M] () -- C:\Review - Shortcut.lnk
========== Files Created - No Company Name ==========
[2014/01/03 22:32:06 | 000,001,262 | ---- | C] () -- C:\Users\Cowboys\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\4 - Control Panel.lnk
[2014/01/03 17:32:19 | 000,001,007 | ---- | C] () -- C:\Users\Cowboys\Desktop\CCleaner.lnk
[2014/01/03 17:29:23 | 000,001,808 | ---- | C] () -- C:\Users\Public\Desktop\SUPERAntiSpyware Free Edition.lnk
[2014/01/03 17:27:48 | 000,001,264 | ---- | C] () -- C:\Users\Cowboys\Desktop\Revo Uninstaller.lnk
[2014/01/03 02:21:46 | 000,438,536 | ---- | C] () -- C:\Windows\SysNative\FNTCACHE.DAT
[2013/12/29 18:36:25 | 000,000,965 | ---- | C] () -- C:\Users\Public\Desktop\AVG 2014.lnk
[2013/12/29 17:39:46 | 000,000,949 | ---- | C] () -- C:\Users\Public\Desktop\VideoBuzz.lnk
[2013/12/29 17:38:53 | 000,000,404 | ---- | C] () -- C:\Windows\tasks\SLOW-PCfighter64-Cowboys-Notification.job
[2013/12/29 17:38:53 | 000,000,402 | ---- | C] () -- C:\Windows\tasks\SLOW-PCfighter64-Cowboys-Startup.job
[2013/12/29 17:36:52 | 000,000,296 | ---- | C] () -- C:\Windows\tasks\ArcadeParlor.job
[2013/12/29 17:36:48 | 000,000,444 | ---- | C] () -- C:\Windows\tasks\RPCReminder.job
[2013/12/29 17:36:42 | 000,000,458 | ---- | C] () -- C:\Windows\tasks\RegPowerClean.job
[2013/12/29 17:36:36 | 000,425,984 | ---- | C] () -- C:\Windows\SysWow64\WinCMR.dll
[2013/12/29 17:18:17 | 000,001,097 | ---- | C] () -- C:\Users\Cowboys\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\MyPC Backup.lnk
[2013/12/29 17:18:17 | 000,001,087 | ---- | C] () -- C:\Users\Cowboys\Desktop\MyPC Backup.lnk
[2013/12/29 17:17:13 | 000,001,348 | ---- | C] () -- C:\Windows\tasks\Plus-HD-1.2-updater.job
[2013/12/29 17:17:02 | 000,001,150 | ---- | C] () -- C:\Windows\tasks\Plus-HD-1.2-enabler.job
[2013/12/29 17:16:45 | 000,001,250 | ---- | C] () -- C:\Windows\tasks\Plus-HD-1.2-codedownloader.job
[2013/12/29 17:15:32 | 000,001,033 | ---- | C] () -- C:\Users\Public\Desktop\VideoPlayer.lnk
[2013/12/29 17:15:26 | 000,002,124 | ---- | C] () -- C:\Windows\tasks\Plus-HD-1.2-firefoxinstaller.job
[2013/12/29 17:15:03 | 000,001,996 | ---- | C] () -- C:\Windows\tasks\Plus-HD-1.2-chromeinstaller.job
[2013/12/09 15:38:19 | 000,003,159 | ---- | C] () -- C:\Review - Shortcut.lnk
[2013/11/21 10:21:42 | 000,083,968 | ---- | C] () -- C:\Windows\SysWow64\OEMLicense.dll
[2012/09/15 00:07:48 | 000,128,204 | ---- | C] () -- C:\Windows\SysWow64\igcompkrng575.bin
[2012/09/15 00:07:48 | 000,105,608 | ---- | C] () -- C:\Windows\SysWow64\igfcg575m.bin
[2012/09/15 00:07:46 | 000,867,020 | ---- | C] () -- C:\Windows\SysWow64\igkrng575.bin
[2012/09/14 23:49:48 | 013,913,600 | ---- | C] () -- C:\Windows\SysWow64\ig4icd32.dll
[2012/07/26 01:13:10 | 000,215,943 | ---- | C] () -- C:\Windows\SysWow64\dssec.dat
[2012/07/26 01:13:09 | 000,000,741 | ---- | C] () -- C:\Windows\SysWow64\NOISE.DAT
[2012/07/26 00:21:26 | 000,067,584 | --S- | C] () -- C:\Windows\bootstat.dat
[2012/07/25 18:17:42 | 000,043,520 | ---- | C] () -- C:\Windows\SysWow64\BWContextHandler.dll
[2012/07/25 13:37:29 | 000,043,131 | ---- | C] () -- C:\Windows\mib.bin
[2012/07/25 13:28:31 | 000,364,544 | ---- | C] () -- C:\Windows\SysWow64\msjetoledb40.dll
[2012/06/02 07:31:19 | 000,673,088 | ---- | C] () -- C:\Windows\SysWow64\mlang.dat
========== ZeroAccess Check ==========
[2013/04/03 13:00:28 | 000,000,000 | -HSD | M] -- C:\$Recycle.bin\S-1-5-18\$6b2a20d155397d57cb619a8e14385e05\L
[2013/04/03 13:00:28 | 000,000,000 | -HSD | M] -- C:\$Recycle.bin\S-1-5-18\$6b2a20d155397d57cb619a8e14385e05\U
[2013/12/29 17:18:20 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini
[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] /64
[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
"" = C:\Windows\SysNative\shell32.dll -- [2013/08/01 23:28:20 | 019,758,080 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2013/08/01 22:08:10 | 017,561,088 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] /64
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2012/07/25 20:18:27 | 000,784,896 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\wbemess.dll -- [2012/07/25 20:07:41 | 000,455,680 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]
========== Alternate Data Streams ==========
@Alternate Data Stream - 128 bytes -> C:\ProgramData\Temp:D346F792
@Alternate Data Stream - 126 bytes -> C:\ProgramData\Temp:373E1720
< End of report >
OTL Extras logfile created on: 1/4/2014 3:14:22 AM - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Cowboys\Desktop
64bit- An unknown product (Version = 6.2.9200) - Type = NTWorkstation
Internet Explorer (Version = 9.10.9200.16736)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy
3.80 Gb Total Physical Memory | 1.61 Gb Available Physical Memory | 42.44% Memory free
4.49 Gb Paging File | 2.02 Gb Available in Paging File | 44.91% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 455.11 Gb Total Space | 410.74 Gb Free Space | 90.25% Space Free | Partition Type: NTFS
Computer Name: RICHARD | User Name: Cowboys | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
========== Extra Registry (SafeList) ==========
========== File Associations ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.html[@ = htmlfile] -- C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation)
.url[@ = InternetShortcut] -- C:\Windows\SysNative\rundll32.exe (Microsoft Corporation)
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\SysWow64\control.exe (Microsoft Corporation)
.html [@ = htmlfile] -- C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation)
[HKEY_CURRENT_USER\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation)
========== Shell Spawning ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
htmlfile [opennew] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
http [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
https [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
InternetShortcut [open] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll",OpenURL %l (Microsoft Corporation)
InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- C:\Windows\SysWow64\OpenWith.exe "%1" (Microsoft Corporation)
Directory [AddToPlaylistVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" (VideoLAN)
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" (VideoLAN)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Applications\iexplore.exe [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
CLSID\{871C5380-42A0-1069-A2EA-08002B30309D} [OpenHomePage] -- "C:\Program Files\Internet Explorer\iexplore.exe" (Microsoft Corporation)
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
htmlfile [opennew] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
http [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
https [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- C:\Windows\SysWow64\OpenWith.exe "%1" (Microsoft Corporation)
Directory [AddToPlaylistVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" (VideoLAN)
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" (VideoLAN)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Applications\iexplore.exe [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
CLSID\{871C5380-42A0-1069-A2EA-08002B30309D} [OpenHomePage] -- Reg Error: Value error.
========== Security Center Settings ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = CE 37 E6 AF FF 6A CD 01 [binary data]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
========== Firewall Settings ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0
========== Authorized Applications List ==========
========== Vista Active Open Ports Exception List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{007B8704-9C44-4D20-9C46-D002DB24EDD7}" = lport=445 | protocol=6 | dir=in | app=system |
"{072E9F91-46D9-4978-A6CB-9DC0CD46BCEA}" = rport=2177 | protocol=6 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{2118444D-2EA8-43F3-BF95-7910BA3A4C5E}" = rport=139 | protocol=6 | dir=out | app=system |
"{2F06E2A2-0AF2-4517-90F1-9AEA892616BB}" = lport=2177 | protocol=17 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{2F41D6EC-2882-4B2B-8033-7516D443DB51}" = lport=137 | protocol=17 | dir=in | app=system |
"{37412B1A-AE6D-46FD-8AC8-43A6A5E72BFA}" = lport=2177 | protocol=6 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{4A252507-9C7E-48FC-86E0-CA0BB240B748}" = lport=2869 | protocol=6 | dir=in | app=system |
"{51C0E2ED-62EB-40D7-B331-EF7751D70C53}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{5AF8F941-D3EF-449A-AE6C-E1BE2B7AA62B}" = lport=10243 | protocol=6 | dir=in | app=system |
"{5ECB62B9-47B2-4187-85FC-0E8F18A2A43A}" = rport=445 | protocol=6 | dir=out | app=system |
"{5F0A30C6-5CDF-4883-A59F-99904994D741}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{8080CEE0-847B-4D7B-B540-A7871DC61F97}" = rport=2177 | protocol=17 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{85A230A9-8DF4-4F49-A422-6BD27B14EB8A}" = lport=139 | protocol=6 | dir=in | app=system |
"{8C21298F-9013-4FD6-8C66-D4BADE486F5D}" = lport=138 | protocol=17 | dir=in | app=system |
"{93B34C5A-7086-44DC-B8BE-583F42D2600D}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{9CB4A698-FA3E-4D71-A09A-C808CBD68B8D}" = rport=138 | protocol=17 | dir=out | app=system |
"{9D231723-F93A-4FF6-B4BF-555931E2E3D8}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | [email protected],-28539 |
"{B5F586D0-563E-4F6C-A952-35A62B759EFD}" = rport=137 | protocol=17 | dir=out | app=system |
"{C235E0B7-DE0A-4BF7-9E67-FF2562B4FE0A}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{C3E24F9F-3A2A-466C-95BF-8876A65F3F59}" = lport=rpc | protocol=6 | dir=in | svc=spooler | app=%systemroot%\system32\spoolsv.exe |
"{DC430587-22A1-49E3-858A-816E5A4A155F}" = rport=10243 | protocol=6 | dir=out | app=system |
========== Vista Active Application Exception List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{0A5121C9-0441-41A0-99E9-548B77F8CA93}" = protocol=17 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{0A80207C-044B-462B-9FD4-57303A7DAABF}" = dir=out | name=@{microsoft.windowsphotos_16.4.4204.712_x64__8wekyb3d8bbwe?ms-resource://microsoft.windowsphotos/photo/residappname} |
"{0C01769F-5541-46B8-8FA9-B4C268A393A2}" = protocol=6 | dir=in | app=c:\windows\system32\dmwu.exe |
"{0C1EF04C-6218-4892-851B-81AAE2A5B803}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
"{0D7D8580-9C05-4061-97CE-299ED7E9D600}" = protocol=6 | dir=in | app=c:\windows\syswow64\arfc\wrtc.exe |
"{1B6A12FE-94C0-49AD-A99E-218B572A9606}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
"{1CBA397B-C33E-4427-8683-3DFD98B2980C}" = dir=out | name=@{microsoft.bingsports_1.2.0.135_x64__8wekyb3d8bbwe?ms-resource://microsoft.bingsports/resources/bingsports} |
"{230BBF20-337C-42DD-9D62-9CF0D526611B}" = dir=in | name=@{microsoft.reader_6.2.8516.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.reader/resources/shortdisplayname} |
"{26FD479A-C2E7-4BA9-815B-3DBDD2569769}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{2B375DB0-BFBB-4FA2-B883-971AD30047C1}" = protocol=6 | dir=in | app=c:\program files (x86)\microsoft office\office14\onenote.exe |
"{2D2EC517-2491-43DD-AED1-246B5362850D}" = protocol=17 | dir=in | app=c:\program files (x86)\avg\avg2014\avgemca.exe |
"{2DA5661A-0286-48B2-A157-0FC6F5AF61CE}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{2F981F6E-DF6A-4C30-B5F8-C1465BEB4A57}" = protocol=6 | dir=in | app=c:\program files (x86)\frostwire 5\frostwire.exe |
"{30DD5401-98AD-49E2-B4CE-0370B9941602}" = protocol=58 | dir=out | [email protected],-28546 |
"{3357484D-8B2A-4F72-B671-7CADF12418B8}" = protocol=17 | dir=in | app=c:\windows\syswow64\arfc\wrtc.exe |
"{364CEA90-73E8-4B88-8987-7F325FE87303}" = protocol=1 | dir=out | [email protected],-28544 |
"{40EE01D0-5783-460A-A3C2-7F92DAAF9D41}" = dir=out | name=@{microsoft.bingmaps_1.2.0.136_x64__8wekyb3d8bbwe?ms-resource://microsoft.bingmaps/resources/appdisplayname} |
"{4DC8CD32-50DE-4C41-BC2D-517993B24856}" = protocol=17 | dir=in | app=c:\windows\system32\dmwu.exe |
"{5275FE9C-FC78-40F7-8CD9-CCADFCB1C4A3}" = protocol=6 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
"{5ABD2EDE-4F7C-41A9-91B3-671340243FCA}" = dir=in | name=@{microsoft.bing_1.2.0.137_x64__8wekyb3d8bbwe?ms-resource://microsoft.bing/resources/app_name} |
"{5F88414A-964C-4CC0-B914-19B43430A038}" = dir=out | name=@{microsoft.reader_6.2.8516.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.reader/resources/shortdisplayname} |
"{62CD4448-E0CC-49FF-B755-4E7B7A39246D}" = protocol=17 | dir=in | app=c:\windows\syswow64\arfc\wrtc.exe |
"{646BAD69-3C97-476B-811D-AF4C6C5DF44A}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{64787DE6-87FB-46FE-ACBA-B183E8E3FAC0}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe |
"{6AEEB339-D44E-4201-9D06-A5C6B591A1AF}" = dir=out | name=@{microsoft.microsoftskydrive_16.4.4204.712_x64__8wekyb3d8bbwe?ms-resource://microsoft.microsoftskydrive/resources/shortproductname} |
"{6B310A11-B30E-474F-810A-A3AAFF4315B4}" = protocol=17 | dir=in | app=c:\program files (x86)\avg\avg2014\avgdiagex.exe |
"{6C2571C0-45A5-407B-B0BD-A9CF2DF340C1}" = protocol=17 | dir=in | app=c:\program files (x86)\avg\avg2014\avgnsa.exe |
"{6CD04080-9540-4D85-92FB-CFCBDD49B330}" = protocol=6 | dir=in | app=c:\program files (x86)\avg\avg2014\avgemca.exe |
"{759E9A92-B036-4E4A-9516-22ED38CBCB7B}" = protocol=6 | dir=in | app=c:\windows\syswow64\arfc\wrtc.exe |
"{7992745F-CEBB-46BF-83B7-14B21A742AE6}" = dir=out | name=@{microsoft.xboxlivegames_1.0.927.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.xboxlivegames/resources/34150} |
"{7F8D58D0-A927-4862-87C3-243FF3CCF59B}" = protocol=6 | dir=in | app=c:\windows\system32\dmwu.exe |
"{808F1451-4108-46FD-ADBB-F17324B5F0BD}" = dir=out | name=@{c:\windows\winstore\resources.pri?ms-resource://winstore/resources/displayname} |
"{8333ED0F-F55E-4AD8-B33D-4AF7C5E05176}" = dir=in | name=@{microsoft.windowscommunicationsapps_16.4.4206.722_x64__8wekyb3d8bbwe?ms-resource://microsoft.windowscommunicationsapps/resources/communicationspackagename} |
"{8BA80F34-7C68-421D-9EC9-8B713C99B838}" = dir=in | name=@{microsoft.windowsphotos_16.4.4204.712_x64__8wekyb3d8bbwe?ms-resource://microsoft.windowsphotos/photo/residappname} |
"{94AEBAC1-F2A4-49A1-83F9-86255014C6A0}" = dir=out | name=@{microsoft.zunemusic_1.0.927.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.zunemusic/resources/33273} |
"{97FECC87-2D78-424B-8ED1-5B5E35B287AC}" = protocol=17 | dir=in | app=c:\program files (x86)\microsoft office\office14\onenote.exe |
"{994BD382-0B88-4F6F-96DA-1D54F14F8A02}" = protocol=6 | dir=out | app=system |
"{9DD4DF63-E03B-4982-B59F-691A676F317B}" = dir=out | name=@{microsoft.bingnews_1.2.0.135_x64__8wekyb3d8bbwe?ms-resource://microsoft.bingnews/resources/news} |
"{9E2168AB-AA79-4C70-A141-29C8A5D4FED8}" = protocol=1 | dir=in | [email protected],-28543 |
"{9E4DDA52-0E1E-49A3-87E1-6FF6430CB7C5}" = dir=out | name=@{microsoft.windowscommunicationsapps_16.4.4206.722_x64__8wekyb3d8bbwe?ms-resource://microsoft.windowscommunicationsapps/resources/communicationspackagename} |
"{A4F6FAF2-9658-47DA-A4F5-96B1CA6410F0}" = protocol=6 | dir=in | app=c:\program files (x86)\avg\avg2014\avgdiagex.exe |
"{A8540F15-16A6-4122-9587-FC01B563A277}" = dir=out | name=@{microsoft.bingweather_1.2.0.135_x64__8wekyb3d8bbwe?ms-resource://microsoft.bingweather/resources/apptitle} |
"{A9ED8E66-0DBB-4F3D-8F24-0E246F1D3A3C}" = dir=out | name=@{microsoft.zunevideo_1.0.927.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.zunevideo/resources/33270} |
"{AD1EFD4E-5F2F-4E4D-A96C-D5B2E23E69D4}" = protocol=17 | dir=in | app=c:\program files (x86)\frostwire 5\frostwire.exe |
"{B459163D-7D52-482F-960F-40B3AE83335D}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
"{B7E5F5DB-CEBA-4893-BFA3-EB0EF021A747}" = protocol=17 | dir=in | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{BD76A22F-47CC-4CA1-9B30-78F4DC935322}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
"{C5DEBEF7-B64D-4C72-9350-3FF7388DBF71}" = protocol=6 | dir=in | app=c:\program files (x86)\avg\avg2014\avgmfapx.exe |
"{C8C3CCB7-A861-42CC-A82E-FF55D7DEF252}" = protocol=17 | dir=in | app=c:\program files (x86)\avg\avg2014\avgmfapx.exe |
"{C8E52D02-3A94-4479-8632-3DC8411C67D3}" = protocol=58 | dir=in | [email protected],-28545 |
"{C955A725-C634-46FC-8020-7F097F649895}" = dir=out | name=@{microsoft.bing_1.2.0.137_x64__8wekyb3d8bbwe?ms-resource://microsoft.bing/resources/app_name} |
"{C977D9BA-2532-473A-82E9-9AD6151A9B03}" = protocol=6 | dir=in | app=c:\program files (x86)\microsoft office\office14\groove.exe |
"{D55D82F0-47C7-4405-928F-D56478B27005}" = protocol=17 | dir=in | app=c:\windows\system32\dmwu.exe |
"{D5914AD7-942D-46E5-BAA0-535B1EC0EEDD}" = dir=out | name=@{microsoft.bingfinance_1.2.0.135_x64__8wekyb3d8bbwe?ms-resource://microsoft.bingfinance/resources/apptitle} |
"{DF6B9A75-C469-4BBB-A9D7-0DEA832F3161}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
"{E7985E1D-C36F-4787-80A8-6350D07E9266}" = dir=in | name=@{c:\windows\winstore\resources.pri?ms-resource://winstore/resources/displayname} |
"{ECC35790-9E64-4D59-8E6A-A1ADA2C2EE61}" = protocol=6 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{F218D9E1-DC0D-4433-8B08-DE1138B0D9ED}" = dir=out | name=@{microsoft.bingtravel_1.2.0.145_x64__8wekyb3d8bbwe?ms-resource://microsoft.bingtravel/resources/apptitle} |
"{F5C8C53B-F905-4BB8-BC11-1BDB2A0C4FB8}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{F5D01A0E-16B6-403D-8EAA-B79D46B15938}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{F689FDFC-2B88-4784-90C2-B1FA7D765788}" = protocol=6 | dir=in | app=c:\program files (x86)\avg\avg2014\avgnsa.exe |
"TCP Query User{219952B2-AE62-4C1F-951A-2DB6F70119CA}C:\program files (x86)\frostwire 5\frostwire.exe" = protocol=6 | dir=in | app=c:\program files (x86)\frostwire 5\frostwire.exe |
"TCP Query User{71B7DDC2-6D79-43BA-889C-EC4810DC0D88}C:\windows\microsoft.net\framework\v2.0.50727\vbc.exe" = protocol=6 | dir=in | app=c:\windows\microsoft.net\framework\v2.0.50727\vbc.exe |
"UDP Query User{8AE15409-765B-472D-BDEA-D946DD2546D6}C:\windows\microsoft.net\framework\v2.0.50727\vbc.exe" = protocol=17 | dir=in | app=c:\windows\microsoft.net\framework\v2.0.50727\vbc.exe |
"UDP Query User{FC546CBA-3821-4259-81EB-7E8C8C0C4700}C:\program files (x86)\frostwire 5\frostwire.exe" = protocol=17 | dir=in | app=c:\program files (x86)\frostwire 5\frostwire.exe |
========== HKEY_LOCAL_MACHINE Uninstall List ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{34883B9C-CDFE-46F0-9C5B-935484C218C3}" = AVG 2014
"{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161
"{7F624BD1-4FE0-432F-B928-68302E156D04}" = AVG 2014
"{8220EEFE-38CD-377E-8595-13398D740ACE}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8C775E70-A791-4DA8-BCC3-6AB7136F4484}" = Visual Studio 2012 x64 Redistributables
"{90140000-002A-0000-1000-0000000FF1CE}" = Microsoft Office Office 64-bit Components 2010
"{90140000-002A-0409-1000-0000000FF1CE}" = Microsoft Office Shared 64-bit MUI (English) 2010
"{90140000-0116-0409-1000-0000000FF1CE}" = Microsoft Office Shared 64-bit Setup Metadata MUI (English) 2010
"{CDDCBBF1-2703-46BC-938B-BCC81A1EEAAA}" = SUPERAntiSpyware
"AVG" = AVG 2014
"MyPC Backup" = MyPC Backup
"SynTPDeinstKey" = Synaptics Pointing Device Driver
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{0228288D-975E-42F7-9993-E91A82E6BBD9}" = CWA Reminder by We-Care.com v4.1.24.3
"{19DC5AB8-0792-4875-8F1B-896C5A9CE6AE}" = Level Quality Watcher
"{4E76FF7E-AEBA-4C87-B788-CD47E5425B9D}" = Skype™ 6.3
"{52E225FC-FCB4-41F7-837B-6E37FB05BD7B}" = Adobe AIR
"{90140000-0011-0000-0000-0000000FF1CE}" = Microsoft Office Professional Plus 2010
"{90140000-0015-0409-0000-0000000FF1CE}" = Microsoft Office Access MUI (English) 2010
"{90140000-0016-0409-0000-0000000FF1CE}" = Microsoft Office Excel MUI (English) 2010
"{90140000-0018-0409-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (English) 2010
"{90140000-0019-0409-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (English) 2010
"{90140000-001A-0409-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (English) 2010
"{90140000-001B-0409-0000-0000000FF1CE}" = Microsoft Office Word MUI (English) 2010
"{90140000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2010
"{90140000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2010
"{90140000-001F-0C0A-0000-0000000FF1CE}" = Microsoft Office Proof (Spanish) 2010
"{90140000-002C-0409-0000-0000000FF1CE}" = Microsoft Office Proofing (English) 2010
"{90140000-0044-0409-0000-0000000FF1CE}" = Microsoft Office InfoPath MUI (English) 2010
"{90140000-006E-0409-0000-0000000FF1CE}" = Microsoft Office Shared MUI (English) 2010
"{90140000-00A1-0409-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (English) 2010
"{90140000-00BA-0409-0000-0000000FF1CE}" = Microsoft Office Groove MUI (English) 2010
"{90140000-0115-0409-0000-0000000FF1CE}" = Microsoft Office Shared Setup Metadata MUI (English) 2010
"{90140000-0117-0409-0000-0000000FF1CE}" = Microsoft Office Access Setup Metadata MUI (English) 2010
"{98EFF19A-30AB-4E4B-B943-F06B1C63EBF8}" = Visual Studio 2012 x86 Redistributables
"{99C91FC5-DB5B-4AA0-BB70-5D89C5A4DF96}" = Software Version Updater
"{B25D67C4-E885-43F8-8085-B532F6261529}" = VideoBuzz
"{ea7fa9ad-26fe-499a-bdc2-c6498a9e085c}" = Re-markit
"Adobe AIR" = Adobe AIR
"CCleaner" = CCleaner
"DMUninstaller" = DMUninstaller
"FrostWire 5" = FrostWire 5.5.5
"IDMSQ" = Internet Download Manager² 1.0
"ImgBurn" = ImgBurn
"jollywallet" = jollywallet
"ManyCam" = ManyCam 3.1.16
"Mobogenie" = Mobogenie
"Mozilla Firefox 23.0.1 (x86 en-US)" = Mozilla Firefox 23.0.1 (x86 en-US)
"MozillaMaintenanceService" = Mozilla Maintenance Service
"Newzio 1.4" = Newzio 1.4
"Office14.PROPLUS" = Microsoft Office Professional Plus 2010
"PC Health Kit_is1" = PC Health Kit v3.2
"Plus-HD-1.2" = Plus-HD-1.2
"PricePeep" = PricePeep
"RegPowerClean_is1" = Winferno Registry Power Cleaner
"Revo Uninstaller" = Revo Uninstaller 1.94
"SearchProtect" = Search Protect
"VideoPlayer" = VideoPlayer v2.0.6
"VLC media player" = VLC media player 2.0.4
========== HKEY_CURRENT_USER Uninstall List ==========
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{B74443DB-5A88-4583-860A-F0D06EF399E3}" = ArcadeParlor
"Define Ext" = Define Ext
"DownloadTerms" = DownloadTerms
========== Last 20 Event Log Errors ==========
[ Application Events ]
Error - 12/29/2013 9:43:31 PM | Computer Name = Richard | Source = Application Error | ID = 1000
Description = Faulting application name: IEXPLORE.EXE, version: 10.0.9200.16537,
time stamp: 0x5123410e Faulting module name: IEFRAME.dll, version: 10.0.9200.16736,
time stamp: 0x5258cf1a Exception code: 0xc0000005 Fault offset: 0x0000000000009fbb
Faulting
process ID: 0x2438 Faulting application start time: 0x01cf050089ba9f97 Faulting application
path: C:\Program Files\Internet Explorer\IEXPLORE.EXE Faulting module path: C:\Windows\SYSTEM32\IEFRAME.dll
Report
ID: c9060394-70f3-11e3-bea0-00266cad965b Faulting package full name: Faulting package-relative
application ID:
Error - 12/29/2013 9:43:34 PM | Computer Name = Richard | Source = MsiInstaller | ID = 1013
Description =
Error - 12/29/2013 9:55:44 PM | Computer Name = Richard | Source = Application Hang | ID = 1002
Description = The program IEXPLORE.EXE version 10.0.9200.16537 stopped interacting
with Windows and was closed. To see if more information about the problem is available,
check the problem history in the Action Center control panel. Process ID: 26ac Start
Time: 01cf0501d3ed034e Termination Time: 328 Application Path: C:\Program Files (x86)\Internet
Explorer\IEXPLORE.EXE Report Id: 7a4c7ff9-70f5-11e3-bea0-00266cad965b Faulting package
full name: Faulting package-relative application ID:
Error - 12/29/2013 9:56:27 PM | Computer Name = Richard | Source = Application Hang | ID = 1002
Description = The program IEXPLORE.EXE version 10.0.9200.16537 stopped interacting
with Windows and was closed. To see if more information about the problem is available,
check the problem history in the Action Center control panel. Process ID: 3fa8 Start
Time: 01cf050240599e6c Termination Time: 406 Application Path: C:\Program Files (x86)\Internet
Explorer\IEXPLORE.EXE Report Id: 9437a08f-70f5-11e3-bea0-00266cad965b Faulting package
full name: Faulting package-relative application ID:
Error - 12/29/2013 9:58:22 PM | Computer Name = Richard | Source = Application Error | ID = 1000
Description = Faulting application name: IEXPLORE.EXE, version: 10.0.9200.16537,
time stamp: 0x512347f7 Faulting module name: ntdll.dll, version: 6.2.9200.16578,
time stamp: 0x515fac6e Exception code: 0xc0000374 Fault offset: 0x000daa3c Faulting
process ID: 0x5cd4 Faulting application start time: 0x01cf0501b763ef8d Faulting application
path: C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE Faulting module path:
C:\Windows\SYSTEM32\ntdll.dll Report ID: dc5182c3-70f5-11e3-bea0-00266cad965b Faulting
package full name: Faulting package-relative application ID:
Error - 12/29/2013 9:58:42 PM | Computer Name = Richard | Source = Application Hang | ID = 1002
Description = The program IEXPLORE.EXE version 10.0.9200.16537 stopped interacting
with Windows and was closed. To see if more information about the problem is available,
check the problem history in the Action Center control panel. Process ID: 4d04 Start
Time: 01cf050129786bed Termination Time: 140 Application Path: C:\Program Files (x86)\Internet
Explorer\IEXPLORE.EXE Report Id: e54bd840-70f5-11e3-bea0-00266cad965b Faulting package
full name: Faulting package-relative application ID:
Error - 12/30/2013 5:44:14 PM | Computer Name = Richard | Source = MsiInstaller | ID = 11920
Description =
Error - 1/3/2014 2:28:34 AM | Computer Name = Richard | Source = Application Error | ID = 1000
Description = Faulting application name: Explorer.EXE, version: 6.2.9200.16628,
time stamp: 0x51a94434 Faulting module name: twinui.dll, version: 6.2.9200.16680,
time stamp: 0x51fb45f3 Exception code: 0xc0000005 Fault offset: 0x0000000000100be2
Faulting
process ID: 0x4324 Faulting application start time: 0x01cf084cf3ce195a Faulting application
path: C:\Windows\Explorer.EXE Faulting module path: C:\Windows\System32\twinui.dll
Report
ID: 44d4f037-7440-11e3-bea0-00266cad965b Faulting package full name: Faulting package-relative
application ID:
Error - 1/3/2014 5:17:08 AM | Computer Name = Richard | Source = Application Error | ID = 1000
Description = Faulting application name: MsiExec.exe, version: 5.0.9200.16384, time
stamp: 0x5010a60b Faulting module name: ntdll.dll, version: 6.2.9200.16578, time
stamp: 0x515fac6e Exception code: 0xc0000005 Fault offset: 0x00051e8a Faulting process
ID: 0x6524 Faulting application start time: 0x01cf08648dc5d0e1 Faulting application
path: c:\Windows\syswow64\MsiExec.exe Faulting module path: C:\Windows\SYSTEM32\ntdll.dll
Report
ID: d19cadae-7457-11e3-bea0-00266cad965b Faulting package full name: Faulting package-relative
application ID:
Error - 1/4/2014 1:43:27 AM | Computer Name = Richard | Source = .NET Runtime | ID = 1026
Description =
Error - 1/4/2014 1:43:31 AM | Computer Name = Richard | Source = Application Error | ID = 1000
Description = Faulting application name: slsvc.exe, version: 6.2.9200.16384, time
stamp: 0x50298688 Faulting module name: KERNELBASE.dll, version: 6.2.9200.16451,
time stamp: 0x50988aa6 Exception code: 0xe0434352 Fault offset: 0x000000000003811c
Faulting
process ID: 0x95c Faulting application start time: 0x01cf090fd940d118 Faulting application
path: C:\Windows\slsvc.exe Faulting module path: C:\Windows\system32\KERNELBASE.dll
Report
ID: 241b2c26-7503-11e3-bea3-b4749f712b1f Faulting package full name: Faulting package-relative
application ID:
[ System Events ]
Error - 1/3/2014 5:16:37 AM | Computer Name = Richard | Source = Service Control Manager | ID = 7031
Description = The Windows Installer service terminated unexpectedly. It has done
this 1 time(s). The following corrective action will be taken in 120000 milliseconds:
Restart the service.
Error - 1/3/2014 5:18:37 AM | Computer Name = Richard | Source = Service Control Manager | ID = 7032
Description = The Service Control Manager tried to take a corrective action (Restart
the service) after the unexpected termination of the Windows Installer service,
but this action failed with the following error: %%1056
Error - 1/3/2014 5:20:26 AM | Computer Name = Richard | Source = Service Control Manager | ID = 7043
Description = The Windows Update service did not shut down properly after receiving
a pre-shutdown control.
Error - 1/3/2014 5:23:01 AM | Computer Name = Richard | Source = Service Control Manager | ID = 7009
Description = A timeout was reached (30000 milliseconds) while waiting for the Computer
Backup (MyPC Backup) service to connect.
Error - 1/3/2014 5:23:01 AM | Computer Name = Richard | Source = Service Control Manager | ID = 7000
Description = The Computer Backup (MyPC Backup) service failed to start due to the
following error: %%1053
Error - 1/3/2014 8:19:53 PM | Computer Name = Richard | Source = EventLog | ID = 6008
Description = The previous system shutdown at 2:22:23 AM on ?1/?3/?2014 was unexpected.
Error - 1/3/2014 8:20:30 PM | Computer Name = Richard | Source = Service Control Manager | ID = 7009
Description = A timeout was reached (30000 milliseconds) while waiting for the Computer
Backup (MyPC Backup) service to connect.
Error - 1/3/2014 8:20:30 PM | Computer Name = Richard | Source = Service Control Manager | ID = 7000
Description = The Computer Backup (MyPC Backup) service failed to start due to the
following error: %%1053
Error - 1/4/2014 12:27:47 AM | Computer Name = Richard | Source = Service Control Manager | ID = 7034
Description = The AVGIDSAgent service terminated unexpectedly. It has done this
1 time(s).
Error - 1/4/2014 6:15:23 AM | Computer Name = Richard | Source = Service Control Manager | ID = 7034
Description = The AVGIDSAgent service terminated unexpectedly. It has done this
1 time(s).
< End of report >