After installing Google Chrome, my computer became a jungle of popup adds, redirect tabs, to porn sights, shopping sights, tab that said i had outdated software, my java was corrupt, my flash player was missing, and so on. and my computer started running slower to point takes 5 min to lode a page. hers what the program found.
OTL Extras logfile created on: 6/29/2014 12:35:55 AM - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\jac\Desktop
64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.11.9600.17126)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy
1.74 Gb Total Physical Memory | 0.41 Gb Available Physical Memory | 23.63% Memory free
3.48 Gb Paging File | 1.14 Gb Available in Paging File | 32.71% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 218.79 Gb Total Space | 138.24 Gb Free Space | 63.18% Space Free | Partition Type: NTFS
Computer Name: JAC-PC | User Name: jac | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Quick Scan | Include 64bit Scans
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days
========== Extra Registry (SafeList) ==========
========== File Associations ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.html[@ = ChromeHTML] -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.)
.url[@ = InternetShortcut] -- C:\Windows\SysNative\rundll32.exe (Microsoft Corporation)
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\SysWow64\control.exe (Microsoft Corporation)
.html [@ = ChromeHTML] -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.)
[HKEY_CURRENT_USER\SOFTWARE\Classes\<extension>]
.html [@ = ChromeHTML] -- Reg Error: Key error. File not found
========== Shell Spawning ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [open] -- "C:\Program Files\Internet Explorer\IEXPLORE.EXE" %1 (Microsoft Corporation)
htmlfile [opennew] -- "C:\Program Files\Internet Explorer\IEXPLORE.EXE" %1 (Microsoft Corporation)
htmlfile [print] -- "C:\Windows\system32\rundll32.exe" "C:\Windows\system32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
http [open] -- "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" -- "%1" (Google Inc.)
https [open] -- "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" -- "%1" (Google Inc.)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
InternetShortcut [open] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll",OpenURL %l (Microsoft Corporation)
InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- "C:\Users\jac\AppData\Roaming\File Scout\filescout.exe" /open "%1"
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [mplayerc.enqueue] -- "C:\Program Files (x86)\Media Player Classic - Home Cinema\mpc-hc.exe" /add "%1" (MPC-HC Team)
Directory [mplayerc.play] -- "C:\Program Files (x86)\Media Player Classic - Home Cinema\mpc-hc.exe" "%1" (MPC-HC Team)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Applications\iexplore.exe [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
CLSID\{871C5380-42A0-1069-A2EA-08002B30309D} [OpenHomePage] -- "C:\Program Files\Internet Explorer\iexplore.exe" (Microsoft Corporation)
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [open] -- "C:\Program Files\Internet Explorer\IEXPLORE.EXE" %1 (Microsoft Corporation)
htmlfile [opennew] -- "C:\Program Files\Internet Explorer\IEXPLORE.EXE" %1 (Microsoft Corporation)
http [open] -- "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" -- "%1" (Google Inc.)
https [open] -- "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" -- "%1" (Google Inc.)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- "C:\Users\jac\AppData\Roaming\File Scout\filescout.exe" /open "%1"
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [mplayerc.enqueue] -- "C:\Program Files (x86)\Media Player Classic - Home Cinema\mpc-hc.exe" /add "%1" (MPC-HC Team)
Directory [mplayerc.play] -- "C:\Program Files (x86)\Media Player Classic - Home Cinema\mpc-hc.exe" "%1" (MPC-HC Team)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Applications\iexplore.exe [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
CLSID\{871C5380-42A0-1069-A2EA-08002B30309D} [OpenHomePage] -- Reg Error: Value error.
========== Security Center Settings ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = 28 4D B2 76 41 04 CA 01 [binary data]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
========== Firewall Settings ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
"DisableUnicastResponsesToMulticastBroadcast" = 0
========== Authorized Applications List ==========
========== Vista Active Open Ports Exception List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{0363B13D-41B4-46BB-904D-AEB829379A3E}" = lport=2869 | protocol=6 | dir=in | app=system |
"{094203C3-C734-4E33-92D0-D33F0B8B9962}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{10193CF8-EA83-4AFC-A773-EC93506DC447}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss |
[email protected],-28539 |
"{14F1FF64-2174-45B8-BDF3-4F4555B4C14A}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=svchost.exe |
"{16CB96F0-65AE-4BC7-8190-84BA6733253F}" = rport=3702 | protocol=17 | dir=out | svc=fdrespub | app=%systemroot%\system32\svchost.exe |
"{20AB6D5D-A9C2-4CD1-AEF8-AF9935EADCAE}" = lport=rpc | protocol=6 | dir=in | svc=spooler | app=%systemroot%\system32\spoolsv.exe |
"{2CF801D0-7C11-4AF3-A39E-69FB4607749A}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{3EAED623-1B2E-481C-AE89-B8D784345D33}" = rport=137 | protocol=17 | dir=out | app=system |
"{44607C0F-7663-417D-9904-49D2DA9754AD}" = lport=2869 | protocol=6 | dir=in | app=system |
"{45641ED0-7B43-4569-91F8-77C1B56701A3}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{476F1577-1AB0-4118-A821-1A3CB516DA73}" = rport=2177 | protocol=17 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{499A7B8C-902D-453F-ADE0-BB59F6E4FF4D}" = lport=10243 | protocol=6 | dir=in | app=system |
"{4C46884E-29A5-457A-AA8A-796BF636367F}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{4EF6F555-6ADF-499A-8658-5018E9951B8C}" = lport=139 | protocol=6 | dir=in | app=system |
"{4F19DB93-A7FD-4518-B8E4-939627B91720}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{4F579520-84DF-4151-846F-FEE8C6A71783}" = lport=53 | protocol=17 | dir=in | svc=sharedaccess | app=%systemroot%\system32\svchost.exe |
"{571DE35D-EC5A-486C-A3CE-8CEBDB3F4DFC}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{599879E5-F65B-4C09-AAF8-920740585F1B}" = lport=3702 | protocol=17 | dir=in | svc=fdrespub | app=%systemroot%\system32\svchost.exe |
"{59B016EB-3BCC-458C-B755-2C141FCB052C}" = rport=10243 | protocol=6 | dir=out | app=system |
"{5A8EE3B5-D85D-404D-BC36-07FBB13EBA8F}" = lport=68 | protocol=17 | dir=in | svc=sharedaccess | app=%systemroot%\system32\svchost.exe |
"{5F16AA3E-F958-4405-B9F5-FBE238A0F86F}" = lport=2177 | protocol=17 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{686F34BB-BFE2-4045-A355-E79FBB88A5D7}" = lport=67 | protocol=17 | dir=in | svc=sharedaccess | app=%systemroot%\system32\svchost.exe |
"{71F8C4F5-E774-471B-9006-BE31A0DD4322}" = lport=138 | protocol=17 | dir=in | app=system |
"{7E6D6FBE-8315-46F8-BAF7-C540181C9AC7}" = rport=445 | protocol=6 | dir=out | app=system |
"{813DB8C1-02D4-43BD-8DDC-3DDE7BAAC464}" = rport=139 | protocol=6 | dir=out | app=system |
"{8E5223F5-D03C-4DE8-85AB-E5EA0826498A}" = rport=138 | protocol=17 | dir=out | app=system |
"{91222E1B-676F-4885-84CD-5EF258815015}" = rport=2177 | protocol=6 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{946DC07F-77EB-450E-91F7-01590C5B6088}" = lport=547 | protocol=17 | dir=in | svc=sharedaccess | app=%systemroot%\system32\svchost.exe |
"{958E6EC0-208B-4AE1-94D8-33F172DF40DD}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{A6289B5B-F280-4282-B393-66018AE20043}" = lport=3702 | protocol=17 | dir=in | svc=fdphost | app=%systemroot%\system32\svchost.exe |
"{AC20F168-36B2-4E83-A36F-11BFE16F9894}" = lport=10245 | protocol=6 | dir=in | app=system |
"{B1E0470B-1DD0-40A9-A5F3-F75F026F3D80}" = rport=3702 | protocol=17 | dir=out | svc=fdphost | app=%systemroot%\system32\svchost.exe |
"{BAAFD493-1CF5-4C79-B443-34ACA326396D}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{BD08662B-A64C-43F0-9925-92ECA4624B1B}" = lport=137 | protocol=17 | dir=in | app=system |
"{BD686471-7819-46F4-ABD5-9C753A6C5230}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{C3A27885-C8C5-4031-ADFC-CD6FD61AF7BB}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{C6B28F02-D1A2-4932-9F73-1F4D23A23F78}" = rport=2869 | protocol=6 | dir=out | app=system |
"{C7070A73-BE5D-4C5C-B2D3-3719F2085A46}" = lport=2177 | protocol=6 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{D3DA0A2F-C470-4F04-9051-FDB87B89E35F}" = lport=2869 | protocol=6 | dir=in | app=system |
"{E0DB0FDD-E3DA-4F86-B0C1-91C960CF1D63}" = lport=445 | protocol=6 | dir=in | app=system |
"{E37983D3-6963-4FF6-B387-6D7B5B637FDE}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{E951CBEC-CBD7-4D6B-B857-7892A79FE6BE}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe |
========== Vista Active Application Exception List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{0878BACB-F057-4536-9BB8-CAF43830F3B3}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
"{0F1E3349-7927-4E57-9714-A220EE52F51B}" = protocol=6 | dir=in | app=c:\program files\acer\acer updater\alu.exe |
"{2440A297-A10A-4F5D-9853-30C74AACA553}" = protocol=1 | dir=out |
[email protected],-28544 |
"{2D70506C-09BB-486A-8BEC-E6948B94864F}" = dir=out | svc=sharedaccess | app=%systemroot%\system32\svchost.exe |
"{2FD82DEF-EF9D-4470-8B4F-43EB9F46BD28}" = protocol=58 | dir=out |
[email protected],-28546 |
"{3AD304EE-73E3-4A4F-94E4-23B390E37E6A}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{419F0689-7D9A-49B1-9A25-8DEC48E00D53}" = protocol=6 | dir=out | app=system |
"{5444B8D4-2667-4979-878C-667B4760511E}" = dir=in | app=c:\program files (x86)\windows live\messenger\wlcsdk.exe |
"{5598B996-A9A6-4313-84B7-A6FA46648F84}" = protocol=1 | dir=in |
[email protected],-28543 |
"{5B8E1D3C-4B54-4493-946B-F66A5B9EECB5}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{5CDCDE3C-FEF0-4587-A683-2CBB9F948573}" = protocol=17 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{68D9755C-74A6-480C-B7CE-992BC7BEC72B}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe |
"{6A108692-9992-42F8-A087-C024C117104F}" = protocol=58 | dir=in |
[email protected],-148 |
"{6D28F682-E363-4E03-9C5A-82C57A1DD0DC}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe |
"{77327C78-AF7C-448D-BE22-4892D5405BE6}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
"{83AE5921-F8ED-4A86-9F88-55DF6458EBFD}" = protocol=6 | dir=in | app=c:\users\jac\appdata\local\temp\7zs7255\hppiw.exe |
"{8794A92A-CE51-4CD2-A988-AFC0CB21817E}" = protocol=6 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
"{8918FCD4-127E-48C0-9695-BF75C80917FD}" = protocol=17 | dir=in | app=c:\users\jac\appdata\local\temp\7zs4f40\hppiw.exe |
"{8E4A56A9-A7EC-4606-A02D-022E9E985B47}" = protocol=17 | dir=in | app=c:\program files\acer\acer updater\alu.exe |
"{9EB3763D-3D5F-4A3E-8755-D70C17D3DD09}" = dir=in | app=c:\program files (x86)\windows live\messenger\msnmsgr.exe |
"{A49BC8B6-93A3-43F0-BD47-C255E90A9CD1}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
"{A8A1E9FD-E7E3-453A-B666-2369CD0A052A}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
"{B34A2D29-E34F-4B9F-87FA-EE941A57CEF1}" = dir=in | app=c:\program files (x86)\windows live\sync\windowslivesync.exe |
"{B401C967-B64D-4052-930C-FC013500E616}" = protocol=6 | dir=in | app=c:\users\jac\appdata\local\temp\7zs4f40\hppiw.exe |
"{B46D03EC-1FC8-4D43-ACD9-557813459468}" = dir=in | app=c:\program files (x86)\freefileviewer\ffvcheckforupdates.exe |
"{B47581ED-CF4A-43C5-B595-67531D7C80F2}" = protocol=17 | dir=in | app=c:\program files (x86)\avg\avg2012\avgemca.exe |
"{BC18A98B-FD0A-43B6-A069-CEACF6642D52}" = protocol=58 | dir=in |
[email protected],-28545 |
"{C2117CF0-963E-411E-8F2E-5C5A05A27449}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{C71FD72A-D5F5-47FF-898A-309F889640DA}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe |
"{CF9037D9-62B9-41A3-ABDB-2C6AD2C7A45A}" = protocol=6 | dir=in | app=c:\program files (x86)\avg\avg2012\avgemca.exe |
"{D5775238-D910-4AE5-9DEF-4D971B22EA49}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
"{DB67F1D9-6692-458C-90C1-E4E4352F89A1}" = protocol=17 | dir=in | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{E122C10F-BD19-4977-B012-FE7EE7629A9C}" = protocol=17 | dir=in | app=c:\users\jac\appdata\local\temp\7zs7255\hppiw.exe |
"{EB93E737-78D6-4661-89D8-1B2FA09D5191}" = dir=in | app=c:\program files (x86)\cyberlink\powerdvd9\powerdvd9.exe |
"{EDA2C1AC-8580-42AE-8097-85D79BEFDD51}" = protocol=6 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{F11AE6B1-A79A-407A-93F8-C6A5FA60149F}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{F95A4BD0-A25A-4500-B129-D3AAD57EF07B}" = protocol=6 | dir=in | app=c:\programdata\esafe\egdpsvc.exe |
"TCP Query User{6FCE808B-C09D-42CC-B692-7A8A58FDB462}C:\windows\system32\mmc.exe" = protocol=6 | dir=in | app=c:\windows\system32\mmc.exe |
"TCP Query User{A862D01F-F53E-4668-9DF4-1244BD302696}C:\windows\system32\mmc.exe" = protocol=6 | dir=in | app=c:\windows\system32\mmc.exe |
"UDP Query User{034A2A48-E8D2-4CB0-8D9E-9ACBF3A01310}C:\windows\system32\mmc.exe" = protocol=17 | dir=in | app=c:\windows\system32\mmc.exe |
"UDP Query User{CA5890A7-A621-4569-8806-D5E04ED59578}C:\windows\system32\mmc.exe" = protocol=17 | dir=in | app=c:\windows\system32\mmc.exe |
========== HKEY_LOCAL_MACHINE Uninstall List ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{1F557316-CFC0-41BD-AFF7-8BC49CE444D7}" = Shredder
"{21B133D6-5979-47F0-BE1C-F6A6B304693F}" = Visual Studio 2010 x64 Redistributables
"{23D2AFC7-C01E-4413-9D9A-0BABF52569BF}" = Microsoft Mouse and Keyboard Center
"{39F4C6F9-618A-4E5B-8FB2-6BD661174E32}" = Intel® Turbo Boost Technology Monitor
"{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148
"{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161
"{7DEBE4EB-6B40-3766-BB35-5CBBC385DA37}" = Microsoft .NET Framework 4.5.1
"{8220EEFE-38CD-377E-8595-13398D740ACE}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033" = Microsoft .NET Framework 4.5.1
"{95120000-00B9-0409-1000-0000000FF1CE}" = Microsoft Application Error Reporting
"{A84DB02B-9C2B-4272-9D2D-A80E00A56513}" = Broadcom Gigabit NetLink Controller
"{ac225167-00fc-452d-94c5-bb93600e7d9a}" = Buzzdock
"{BCA9334F-B6C9-4F65-9A73-AC5A329A4D04}" = PlayReady PC Runtime amd64
"Broadcom 802.11 Network Adapter" = Broadcom 802.11 Network Adapter
"File-Extensions.org Search" = File-Extensions.org Search
"Microsoft Mouse and Keyboard Center" = Microsoft Mouse and Keyboard Center
"SynTPDeinstKey" = Synaptics Pointing Device Driver
"webget" = webget
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{00010409-78E1-11D2-B60F-006097C998E7}" = Microsoft Office 2000 Professional
"{0D7CD0D9-4A88-4A63-8F91-3F4E8F371768}" = MyWinLocker
"{0F9224B1-9331-4D56-A21B-6D4747F6ACB4}" = iRip
"{178832DE-9DE0-4C87-9F82-9315A9B03985}" = Windows Live Writer
"{18455581-E099-4BA8-BC6B-F34B2F06600C}" = Google Toolbar for Internet Explorer
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{205C6BDD-7B73-42DE-8505-9A093F35A238}" = Windows Live Upload Tool
"{22B775E7-6C42-4FC5-8E10-9A5E3257BD94}" = MSVCRT
"{2318C2B1-4965-11d4-9B18-009027A5CD4F}" = Google Toolbar for Internet Explorer
"{25780A42-8553-4a2e-AA54-F413C5D8DA19}_is1" = PC Cleaner
"{2624B969-7135-4EB1-B0F6-2D8C397B45F7}_is1" = Media Player Classic - Home Cinema v1.5.2.3456
"{287ECFA4-719A-2143-A09B-D6A12DE54E40}" = Acrobat.com
"{2AA44AF4-C116-4219-B800-4573E7E6D421}_is1" = Advanced Disk Recovery
"{2FA94A64-C84E-49d1-97DD-7BF06C7BBFB2}.WildTangent Games App" = Update Installer for WildTangent Games App
"{3B4E636E-9D65-4D67-BA61-189800823F52}" = Windows Live Communications Platform
"{3D5044A5-97B8-45C0-B956-BB2376569188}" = Windows Live Movie Maker
"{3DB0448D-AD82-4923-B305-D001E521A964}" = Acer ePower Management
"{3E29EE6C-963A-4aae-86C1-DC237C4A49FC}" = Intel® Rapid Storage Technology
"{45338B07-A236-4270-9A77-EBB4115517B5}" = Windows Live Sign-in Assistant
"{45EBDA59-D33B-433A-956E-B2F236468B56}" = MUSICMATCH Jukebox
"{51C7AD07-C3F6-4635-8E8A-231306D810FE}" = Cisco LEAP Module
"{57C7C46A-D35D-492d-A328-4F8C9B5B4B52}" = PrintScreen
"{5D6D605B-E4B7-490B-A794-9284BC3D2A8B}" = Driver Detective
"{6412CECE-8172-4BE5-935B-6CECACD2CA87}" = Windows Live Mail
"{64BF0187-F3D2-498B-99EA-163AF9AE6EC9}" = Cisco EAP-FAST Module
"{65153EA5-8B6E-43B6-857B-C6E4FC25798A}" = Intel® Management Engine Components
"{70B446D1-E03B-4ab0-9B3C-0832142C9AA8}.WildTangent Games App-acer" = WildTangent Games App
"{70B446D1-E03B-4ab0-9B3C-0832142C9AA8}.WildTangent Games App-wildgames" = WildTangent Games App
"{72B776E5-4530-4C4B-9453-751DF87D9D93}" = Backup Manager Basic
"{738BF5C3-AF7B-4BB0-B7EF-E505EFC756BE}" = MyWinLocker Suite
"{7760D94E-B1B5-40A0-9AA0-ABF942108755}" = Acer Crystal Eye Webcam
"{7F811A54-5A09-4579-90E1-C93498E230D9}" = Acer eRecovery Management
"{81128EE8-8EAD-4DB0-85C6-17C2CE50FF71}" = Windows Live Essentials
"{84EBDF39-4B33-49D7-A0BD-EB6E2C4E81C1}" = Windows Live Sync
"{90120000-0020-0409-0000-0000000FF1CE}" = Compatibility Pack for the 2007 Office system
"{90140000-2005-0000-0000-0000000FF1CE}" = Microsoft Office File Validation Add-In
"{91110409-6000-11D3-8CFE-0150048383C9}" = Microsoft Office Professional Edition 2003
"{95140000-0070-0000-0000-0000000FF1CE}" = Microsoft Office 2010
"{96AE7E41-E34E-47D0-AC07-1091A8127911}" = Realtek USB 2.0 Card Reader
"{99C91FC5-DB5B-4AA0-BB70-5D89C5A4DF96}" = Software Version Updater
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
"{A8516AC9-AAF1-47F9-9766-03E2D4CDBCF8}" = CyberLink PowerDVD 9
"{A85FD55B-891B-4314-97A5-EA96C0BD80B5}" = Windows Live Messenger
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{AC76BA86-7AD7-FFFF-7B44-A91000000001}" = Adobe Reader 9.1 MUI
"{B194272D-1F92-46DF-99EB-8D5CE91CB4EC}" = Adobe AIR
"{C2695E83-CF1D-43D1-84FE-B3BEC561012A}" = Shredder
"{D3D5C4E8-040F-4C6F-8105-41D43CF94F44}" = NTI Media Maker 9
"{D6C630BF-8DBB-4042-8562-DC9A52CB6E7E}" = Intel® Turbo Boost Technology Driver
"{D6C75F0B-3BC1-4FC9-B8C5-3F7E8ED059CA}" = Windows Live Photo Gallery
"{E2DFE069-083E-4631-9B6C-43C48E991DE5}" = Junk Mail filter update
"{ED5776D5-59B4-46B7-AF81-5F2D94D7C640}" = Cisco PEAP Module
"{EE171732-BEB4-4576-887D-CB62727F01CA}" = Acer Updater
"{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}" = Microsoft SQL Server 2005 Compact Edition [ENU]
"{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}" = Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219
"{F0E12BBA-AD66-4022-A453-A1C8A0C4D570}" = Microsoft Choice Guard
"{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}" = Intel® Graphics Media Accelerator Driver
"{F6BD194C-4190-4D73-B1B1-C48C99921BFE}" = Windows Live Call
"{F8A9085D-4C7A-41a9-8A77-C8998A96C421}" = Intel® Control Center
"{FB061A6F-DB7F-4BDB-B83B-63E0BBD09E2D}" = JavaAPMManagementPack
"{FCDBEA60-79F0-4FAE-BBA8-55A26C609A49}" = Visual Studio 2008 x64 Redistributables
"118382203" = Mahjongg Dimensions
"Acer Registration" = Acer Registration
"Acer Welcome Center" = Welcome Center
"Adobe AIR" = Adobe AIR
"Adobe Flash Player ActiveX" = Adobe Flash Player 13 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 13 Plugin
"flash-Enhancer" = flash-Enhancer
"FreeFileViewer_is1" = Free File Viewer 2014
"Google Chrome" = Google Chrome
"Identity Card" = Identity Card
"inethnfd" = Network System Driver
"InstallShield_{72B776E5-4530-4C4B-9453-751DF87D9D93}" = Acer Backup Manager
"InstallShield_{738BF5C3-AF7B-4BB0-B7EF-E505EFC756BE}" = MyWinLocker Suite
"InstallShield_{A8516AC9-AAF1-47F9-9766-03E2D4CDBCF8}" = CyberLink PowerDVD 9
"InstallShield_{D3D5C4E8-040F-4C6F-8105-41D43CF94F44}" = NTI Media Maker 9
"Lightspark" = Lightspark 0.5.3-git
"LManager" = Launch Manager
"Logitech Resource Center" = Logitech Resource Center
"MyWebSearch bar Uninstall" = My Web Search (My Fun Cards)
"Software Updater_is1" = Software Updater version 1.8.4
"WildTangent acer Master Uninstall" = Acer Games
"WildTangent wildgames Master Uninstall" = WildTangent Games
"WinLiveSuite_Wave3" = Windows Live Essentials
"WT088300" = Bejeweled 2 Deluxe
"WT088310" = Build-a-lot 2
"WT088312" = Chuzzle Deluxe
"WT088350" = Jewel Quest Solitaire 2
"WT088364" = Plants vs. Zombies
"WT088449" = Penguins!
"WT088517" = Zuma's Revenge
"WTA-4d71a376-b00a-497e-a74b-83e74a938ba8" = Cradle Of Egypt Collector's Edition
"WTA-60a8f095-bc97-480c-ae1e-ed10d58f34b2" = Mahjong Secrets
"XnView_is1" = XnView 2.22
"Yahoo! Companion" = Yahoo Toolbar
========== HKEY_CURRENT_USER Uninstall List ==========
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"FLV Media Player Packages" = FLV Media Player Packages
========== Last 20 Event Log Errors ==========
[ Application Events ]
Error - 10/17/2013 9:01:30 PM | Computer Name = jac-PC | Source = CVHSVC | ID = 100
Description =
Error - 10/17/2013 9:05:34 PM | Computer Name = jac-PC | Source = SideBySide | ID = 16842787
Description = Activation context generation failed for "C:\Program Files (x86)\Windows
Live\Photo Gallery\MovieMaker.Exe".Error in manifest or policy file "C:\Program
Files (x86)\Windows Live\Photo Gallery\WLMFDS.DLL" on line 8. Component identity
found in manifest does not match the identity of the component requested. Reference
is WLMFDS,processorArchitecture="AMD64",type="win32",version="1.0.0.1". Definition
is WLMFDS,processorArchitecture="x86",type="win32",version="1.0.0.1". Please use
sxstrace.exe for detailed diagnosis.
Error - 10/17/2013 9:15:25 PM | Computer Name = jac-PC | Source = CVHSVC | ID = 100
Description =
Error - 10/17/2013 9:37:58 PM | Computer Name = jac-PC | Source = SideBySide | ID = 16842787
Description = Activation context generation failed for "C:\Program Files (x86)\Windows
Live\Photo Gallery\MovieMaker.Exe".Error in manifest or policy file "C:\Program
Files (x86)\Windows Live\Photo Gallery\WLMFDS.DLL" on line 8. Component identity
found in manifest does not match the identity of the component requested. Reference
is WLMFDS,processorArchitecture="AMD64",type="win32",version="1.0.0.1". Definition
is WLMFDS,processorArchitecture="x86",type="win32",version="1.0.0.1". Please use
sxstrace.exe for detailed diagnosis.
Error - 10/17/2013 9:37:58 PM | Computer Name = jac-PC | Source = SideBySide | ID = 16842787
Description = Activation context generation failed for "C:\Program Files (x86)\Windows
Live\Photo Gallery\MovieMaker.Exe".Error in manifest or policy file "C:\Program
Files (x86)\Windows Live\Photo Gallery\WLMFDS.DLL" on line 8. Component identity
found in manifest does not match the identity of the component requested. Reference
is WLMFDS,processorArchitecture="AMD64",type="win32",version="1.0.0.1". Definition
is WLMFDS,processorArchitecture="x86",type="win32",version="1.0.0.1". Please use
sxstrace.exe for detailed diagnosis.
Error - 10/17/2013 9:47:52 PM | Computer Name = jac-PC | Source = CVHSVC | ID = 100
Description =
Error - 10/17/2013 10:25:25 PM | Computer Name = jac-PC | Source = SideBySide | ID = 16842787
Description = Activation context generation failed for "C:\Program Files (x86)\Windows
Live\Photo Gallery\MovieMaker.Exe".Error in manifest or policy file "C:\Program
Files (x86)\Windows Live\Photo Gallery\WLMFDS.DLL" on line 8. Component identity
found in manifest does not match the identity of the component requested. Reference
is WLMFDS,processorArchitecture="AMD64",type="win32",version="1.0.0.1". Definition
is WLMFDS,processorArchitecture="x86",type="win32",version="1.0.0.1". Please use
sxstrace.exe for detailed diagnosis.
Error - 10/17/2013 10:35:15 PM | Computer Name = jac-PC | Source = CVHSVC | ID = 100
Description =
Error - 10/18/2013 6:38:55 AM | Computer Name = jac-PC | Source = SideBySide | ID = 16842787
Description = Activation context generation failed for "C:\Program Files (x86)\Windows
Live\Photo Gallery\MovieMaker.Exe".Error in manifest or policy file "C:\Program
Files (x86)\Windows Live\Photo Gallery\WLMFDS.DLL" on line 8. Component identity
found in manifest does not match the identity of the component requested. Reference
is WLMFDS,processorArchitecture="AMD64",type="win32",version="1.0.0.1". Definition
is WLMFDS,processorArchitecture="x86",type="win32",version="1.0.0.1". Please use
sxstrace.exe for detailed diagnosis.
Error - 10/18/2013 6:38:55 AM | Computer Name = jac-PC | Source = SideBySide | ID = 16842787
Description = Activation context generation failed for "C:\Program Files (x86)\Windows
Live\Photo Gallery\MovieMaker.Exe".Error in manifest or policy file "C:\Program
Files (x86)\Windows Live\Photo Gallery\WLMFDS.DLL" on line 8. Component identity
found in manifest does not match the identity of the component requested. Reference
is WLMFDS,processorArchitecture="AMD64",type="win32",version="1.0.0.1". Definition
is WLMFDS,processorArchitecture="x86",type="win32",version="1.0.0.1". Please use
sxstrace.exe for detailed diagnosis.
[ Media Center Events ]
Error - 6/16/2014 4:38:53 PM | Computer Name = jac-PC | Source = MCUpdate | ID = 0
Description = 1:38:33 PM - Error connecting to the internet. 1:38:33 PM - Unable
to contact server..
Error - 6/19/2014 4:20:44 AM | Computer Name = jac-PC | Source = MCUpdate | ID = 0
Description = 1:20:44 AM - Error connecting to the internet. 1:20:44 AM - Unable
to contact server..
Error - 6/19/2014 4:21:11 AM | Computer Name = jac-PC | Source = MCUpdate | ID = 0
Description = 1:20:49 AM - Error connecting to the internet. 1:20:49 AM - Unable
to contact server..
Error - 6/21/2014 10:46:42 PM | Computer Name = jac-PC | Source = MCUpdate | ID = 0
Description = 7:46:42 PM - Error connecting to the internet. 7:46:42 PM - Unable
to contact server..
Error - 6/21/2014 10:47:00 PM | Computer Name = jac-PC | Source = MCUpdate | ID = 0
Description = 7:46:47 PM - Error connecting to the internet. 7:46:47 PM - Unable
to contact server..
Error - 6/26/2014 3:55:04 AM | Computer Name = jac-PC | Source = MCUpdate | ID = 0
Description = 12:55:03 AM - Error connecting to the internet. 12:55:03 AM - Unable
to contact server..
Error - 6/26/2014 3:55:31 AM | Computer Name = jac-PC | Source = MCUpdate | ID = 0
Description = 12:55:09 AM - Error connecting to the internet. 12:55:09 AM - Unable
to contact server..
Error - 6/26/2014 4:58:18 AM | Computer Name = jac-PC | Source = MCUpdate | ID = 0
Description = 1:58:18 AM - Error connecting to the internet. 1:58:18 AM - Unable
to contact server..
Error - 6/26/2014 4:58:24 AM | Computer Name = jac-PC | Source = MCUpdate | ID = 0
Description = 1:58:23 AM - Error connecting to the internet. 1:58:23 AM - Unable
to contact server..
Error - 6/28/2014 11:41:52 PM | Computer Name = jac-PC | Source = MCUpdate | ID = 0
Description = 8:39:53 PM - Error connecting to the internet. 8:39:54 PM - Unable
to contact server..
[ System Events ]
Error - 6/29/2014 3:21:15 AM | Computer Name = jac-PC | Source = Service Control Manager | ID = 7031
Description = The Print Spooler service terminated unexpectedly. It has done this
11 time(s). The following corrective action will be taken in 60000 milliseconds:
Restart the service.
Error - 6/29/2014 3:24:15 AM | Computer Name = jac-PC | Source = Service Control Manager | ID = 7031
Description = The Print Spooler service terminated unexpectedly. It has done this
12 time(s). The following corrective action will be taken in 60000 milliseconds:
Restart the service.
Error - 6/29/2014 3:27:15 AM | Computer Name = jac-PC | Source = Service Control Manager | ID = 7031
Description = The Print Spooler service terminated unexpectedly. It has done this
13 time(s). The following corrective action will be taken in 60000 milliseconds:
Restart the service.
Error - 6/29/2014 3:30:15 AM | Computer Name = jac-PC | Source = Service Control Manager | ID = 7031
Description = The Print Spooler service terminated unexpectedly. It has done this
14 time(s). The following corrective action will be taken in 60000 milliseconds:
Restart the service.
Error - 6/29/2014 3:33:15 AM | Computer Name = jac-PC | Source = Service Control Manager | ID = 7031
Description = The Print Spooler service terminated unexpectedly. It has done this
15 time(s). The following corrective action will be taken in 60000 milliseconds:
Restart the service.
Error - 6/29/2014 3:36:15 AM | Computer Name = jac-PC | Source = Service Control Manager | ID = 7031
Description = The Print Spooler service terminated unexpectedly. It has done this
16 time(s). The following corrective action will be taken in 60000 milliseconds:
Restart the service.
Error - 6/29/2014 3:39:15 AM | Computer Name = jac-PC | Source = Service Control Manager | ID = 7031
Description = The Print Spooler service terminated unexpectedly. It has done this
17 time(s). The following corrective action will be taken in 60000 milliseconds:
Restart the service.
Error - 6/29/2014 3:42:16 AM | Computer Name = jac-PC | Source = Service Control Manager | ID = 7031
Description = The Print Spooler service terminated unexpectedly. It has done this
18 time(s). The following corrective action will be taken in 60000 milliseconds:
Restart the service.
Error - 6/29/2014 3:45:16 AM | Computer Name = jac-PC | Source = Service Control Manager | ID = 7031
Description = The Print Spooler service terminated unexpectedly. It has done this
19 time(s). The following corrective action will be taken in 60000 milliseconds:
Restart the service.
Error - 6/29/2014 3:48:16 AM | Computer Name = jac-PC | Source = Service Control Manager | ID = 7031
Description = The Print Spooler service terminated unexpectedly. It has done this
20 time(s). The following corrective action will be taken in 60000 milliseconds:
Restart the service.
< End of report >
OTL logfile created on: 6/29/2014 12:35:55 AM - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\jac\Desktop
64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.11.9600.17126)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy
1.74 Gb Total Physical Memory | 0.41 Gb Available Physical Memory | 23.63% Memory free
3.48 Gb Paging File | 1.14 Gb Available in Paging File | 32.71% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 218.79 Gb Total Space | 138.24 Gb Free Space | 63.18% Space Free | Partition Type: NTFS
Computer Name: JAC-PC | User Name: jac | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Quick Scan | Include 64bit Scans
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days
========== Processes (SafeList) ==========
PRC - [2014/06/29 00:35:15 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\jac\Desktop\OTL.exe
PRC - [2014/06/29 00:01:08 | 000,318,744 | ---- | M] () -- C:\Program Files (x86)\webget\updatewebget.exe
PRC - [2014/06/28 23:56:52 | 000,318,744 | ---- | M] () -- C:\Program Files (x86)\webget\bin\utilwebget.exe
PRC - [2014/06/26 16:45:42 | 000,096,536 | ---- | M] () -- C:\Program Files (x86)\webget\bin\webget.BrowserAdapter.exe
PRC - [2014/06/15 19:03:56 | 000,159,744 | ---- | M] () -- C:\Windows\SysWOW64\netupdsrv.exe
PRC - [2014/06/15 19:03:34 | 000,180,224 | ---- | M] () -- C:\Windows\SysWOW64\nethtsrv.exe
PRC - [2014/06/05 06:58:39 | 000,860,488 | ---- | M] (Google Inc.) -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
PRC - [2014/05/27 12:13:24 | 000,640,512 | ---- | M] () -- C:\Program Files (x86)\FlashLive! Updater\flsystem32.exe
PRC - [2014/05/27 12:13:24 | 000,640,512 | ---- | M] () -- C:\Program Files (x86)\SystemShield Pro\bcsmon32.exe
PRC - [2014/05/23 13:11:16 | 000,640,512 | ---- | M] () -- C:\Program Files (x86)\Java Component Manager\srvlet32.exe
PRC - [2014/04/08 14:52:54 | 000,620,480 | ---- | M] (Oberon Media ) -- C:\Program Files (x86)\GamesBar\update\SearchEngineProtection.exe
PRC - [2012/06/06 20:18:01 | 000,058,288 | ---- | M] (Absolute Software Corp.) -- C:\Windows\SysWOW64\rpcnet.exe
PRC - [2012/04/05 15:48:02 | 000,255,376 | ---- | M] (Acer Incorporated) -- C:\Program Files\Acer\Acer Updater\UpdaterService.exe
PRC - [2010/06/28 16:23:06 | 000,255,744 | ---- | M] (NewTech Infosystems, Inc.) -- C:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\IScheduleSvc.exe
PRC - [2010/06/22 14:34:48 | 000,321,104 | ---- | M] (Dritek System Inc.) -- C:\Program Files (x86)\Launch Manager\dsiwmis.exe
PRC - [2010/06/22 14:34:48 | 000,305,744 | ---- | M] (Dritek System Inc.) -- C:\Program Files (x86)\Launch Manager\LMworker.exe
PRC - [2010/06/22 14:34:46 | 000,968,272 | ---- | M] (Dritek System Inc.) -- C:\Program Files (x86)\Launch Manager\LManager.exe
PRC - [2010/06/09 19:54:22 | 000,206,208 | ---- | M] () -- C:\Windows\PLFSetI.exe
PRC - [2010/05/26 19:41:06 | 000,305,520 | ---- | M] (Egis Technology Inc.) -- C:\Program Files (x86)\EgisTec MyWinLocker\x86\MWLService.exe
PRC - [2010/04/13 09:57:58 | 000,013,336 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe
PRC - [2010/04/13 09:57:56 | 000,284,696 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe
PRC - [2010/03/18 12:57:02 | 002,320,920 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe
PRC - [2010/03/18 12:56:56 | 000,268,824 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe
PRC - [2010/01/08 06:21:22 | 000,023,584 | ---- | M] (Acer Incorporated) -- C:\Program Files (x86)\Acer\Registration\GREGsvc.exe
PRC - [2008/11/09 13:48:14 | 000,602,392 | ---- | M] (Yahoo! Inc.) -- C:\Program Files (x86)\Yahoo!\SoftwareUpdate\YahooAUService.exe
PRC - [2003/10/01 10:01:12 | 000,114,688 | ---- | M] (MUSICMATCH, Inc.) -- C:\Program Files (x86)\MUSICMATCH\MUSICMATCH Jukebox\mm_tray.exe
========== Modules (No Company Name) ==========
MOD - [2014/06/26 16:45:42 | 000,096,536 | ---- | M] () -- C:\Program Files (x86)\webget\bin\webget.BrowserAdapter.exe
MOD - [2014/06/26 16:45:41 | 000,183,576 | ---- | M] () -- C:\Program Files (x86)\webget\bin\webgetBAApp.dll
MOD - [2014/06/05 06:58:38 | 000,414,536 | ---- | M] () -- C:\Program Files (x86)\Google\Chrome\Application\35.0.1916.153\ppgooglenaclpluginchrome.dll
MOD - [2014/06/05 06:58:37 | 014,612,296 | ---- | M] () -- C:\Program Files (x86)\Google\Chrome\Application\35.0.1916.153\PepperFlash\pepflashplayer.dll
MOD - [2014/06/05 06:58:36 | 004,217,672 | ---- | M] () -- C:\Program Files (x86)\Google\Chrome\Application\35.0.1916.153\pdf.dll
MOD - [2014/06/05 06:58:32 | 000,716,616 | ---- | M] () -- C:\Program Files (x86)\Google\Chrome\Application\35.0.1916.153\libglesv2.dll
MOD - [2014/06/05 06:58:31 | 000,126,280 | ---- | M] () -- C:\Program Files (x86)\Google\Chrome\Application\35.0.1916.153\libegl.dll
MOD - [2014/06/05 06:58:30 | 001,732,424 | ---- | M] () -- C:\Program Files (x86)\Google\Chrome\Application\35.0.1916.153\ffmpegsumo.dll
MOD - [2014/05/27 12:13:24 | 000,640,512 | ---- | M] () -- C:\Program Files (x86)\FlashLive! Updater\flsystem32.exe
MOD - [2014/05/27 12:13:24 | 000,640,512 | ---- | M] () -- C:\Program Files (x86)\SystemShield Pro\bcsmon32.exe
MOD - [2014/05/23 13:11:16 | 000,640,512 | ---- | M] () -- C:\Program Files (x86)\Java Component Manager\srvlet32.exe
MOD - [2014/05/16 01:12:41 | 000,452,608 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\IAStorUtil\8fff17f06bbc5391cc3557542fd45f38\IAStorUtil.ni.dll
MOD - [2014/05/15 23:38:53 | 000,774,144 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Runtime.Remo#\98c91b8d3f1d54c41ada5f37e0935303\System.Runtime.Remoting.ni.dll
MOD - [2014/03/14 22:25:44 | 000,236,544 | ---- | M] () -- C:\Program Files (x86)\SystemShield Pro\sqlite3.dll
MOD - [2014/03/14 22:25:44 | 000,236,544 | ---- | M] () -- C:\Program Files (x86)\Java Component Manager\sqlite3.dll
MOD - [2014/03/14 22:25:44 | 000,236,544 | ---- | M] () -- C:\Program Files (x86)\FlashLive! Updater\sqlite3.dll
MOD - [2014/02/15 00:08:30 | 012,436,480 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\8bc548587e91ecf0552a40e47bbf99cc\System.Windows.Forms.ni.dll
MOD - [2014/02/15 00:08:22 | 001,593,344 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Drawing\5c24d3b0041ebf4f48a93615b9fa3de9\System.Drawing.ni.dll
MOD - [2014/02/15 00:08:17 | 005,464,064 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Xml\217ece46920546d718414291d463bb1c\System.Xml.ni.dll
MOD - [2014/02/15 00:08:13 | 000,978,432 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Configuration\f96e07044730442ee1f3dd90db984e6a\System.Configuration.ni.dll
MOD - [2014/02/15 00:08:00 | 003,348,480 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\WindowsBase\1d696b2d3de530f7ee971070263667ff\WindowsBase.ni.dll
MOD - [2014/02/15 00:07:57 | 007,989,760 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System\b3a78269847005365001c33870cd121f\System.ni.dll
MOD - [2014/02/15 00:07:49 | 011,499,520 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\mscorlib\ede2c6c842840e009f01bcc74fa4c457\mscorlib.ni.dll
MOD - [2010/06/09 19:54:22 | 000,206,208 | ---- | M] () -- C:\Windows\PLFSetI.exe
MOD - [2009/05/20 14:02:04 | 000,072,200 | ---- | M] () -- C:\Program Files (x86)\Launch Manager\CdDirIo.dll
MOD - [2003/10/01 10:01:14 | 000,065,536 | ---- | M] () -- C:\Program Files (x86)\MUSICMATCH\MUSICMATCH Jukebox\TrackUtils.dll
MOD - [2003/10/01 10:01:12 | 000,208,896 | ---- | M] () -- C:\Program Files (x86)\MUSICMATCH\MUSICMATCH Jukebox\CoreDll.dll
========== Services (SafeList) ==========
SRV:64bit: - [2014/05/30 02:21:05 | 000,111,616 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\SysNative\IEEtwCollector.exe -- (IEEtwCollectorService)
SRV:64bit: - [2013/05/26 22:50:47 | 001,011,712 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV:64bit: - [2012/04/05 15:48:02 | 000,255,376 | ---- | M] (Acer Incorporated) [Auto | Running] -- C:\Program Files\Acer\Acer Updater\UpdaterService.exe -- (Updater Service)
SRV:64bit: - [2012/04/05 15:48:02 | 000,255,376 | ---- | M] (Acer Incorporated) [Auto | Running] -- C:\Program Files\Acer\Acer Updater\UpdaterService.exe -- (Live Updater Service)
SRV:64bit: - [2010/11/20 06:25:18 | 000,049,664 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\snmp.exe -- (SNMP)
SRV:64bit: - [2010/11/20 06:24:49 | 000,015,872 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\inetsrv\inetinfo.exe -- (IISADMIN)
SRV:64bit: - [2010/06/11 15:27:26 | 000,868,896 | ---- | M] (Acer Incorporated) [Auto | Running] -- C:\Program Files\Acer\Acer ePower Management\ePowerSvc.exe -- (ePowerSvc)
SRV:64bit: - [2009/11/02 12:48:18 | 000,126,352 | ---- | M] (Intel® Corporation) [On_Demand | Stopped] -- C:\Program Files\Intel\TurboBoost\TurboBoost.exe -- (TurboBoost)
SRV:64bit: - [2009/07/13 18:39:56 | 000,010,752 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\inetsrv\WMSvc.exe -- (WMSVC)
SRV:64bit: - [2009/07/13 18:39:47 | 000,081,920 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\SysNative\tlntsvr.exe -- (TlntSvr)
SRV:64bit: - [2009/07/13 18:38:59 | 000,019,456 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\CISVC.EXE -- (CISVC)
SRV - [2014/06/29 00:01:08 | 000,318,744 | ---- | M] () [Auto | Running] -- C:\Program Files (x86)\webget\updatewebget.exe -- (Update webget)
SRV - [2014/06/28 23:56:52 | 000,318,744 | ---- | M] () [Auto | Running] -- C:\Program Files (x86)\webget\bin\utilwebget.exe -- (Util webget)
SRV - [2014/06/15 19:03:56 | 000,159,744 | ---- | M] () [Auto | Running] -- C:\Windows\SysWOW64\netupdsrv.exe -- (ServiceUpdater)
SRV - [2014/06/15 19:03:34 | 000,180,224 | ---- | M] () [Auto | Running] -- C:\Windows\SysWOW64\nethtsrv.exe -- (NetHttpService)
SRV - [2014/05/15 00:43:17 | 000,257,712 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)
SRV - [2013/10/15 06:02:44 | 000,240,736 | ---- | M] (WildTangent) [On_Demand | Stopped] -- C:\Program Files (x86)\WildTangent Games\App\GamesAppIntegrationService.exe -- (GamesAppIntegrationService)
SRV - [2013/09/11 22:21:54 | 000,105,144 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32)
SRV - [2013/07/19 04:01:38 | 001,039,360 | ---- | M] (Hewlett-Packard Co.) [Auto | Running] -- C:\Users\jac\AppData\Local\Temp\7zS4F40\HPSLPSVC64.DLL -- (HPSLPSVC)
SRV - [2012/06/06 20:18:01 | 000,058,288 | ---- | M] (Absolute Software Corp.) [Auto | Running] -- C:\Windows\SysWOW64\rpcnet.exe -- (rpcnet)
SRV - [2010/11/20 05:19:20 | 000,397,824 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysWOW64\inetsrv\iisw3adm.dll -- (WAS)
SRV - [2010/11/20 05:19:20 | 000,397,824 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysWOW64\inetsrv\iisw3adm.dll -- (W3SVC)
SRV - [2010/11/20 05:18:03 | 000,061,440 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysWOW64\inetsrv\apphostsvc.dll -- (AppHostSvc)
SRV - [2010/11/20 05:17:42 | 000,047,616 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysWOW64\snmp.exe -- (SNMP)
SRV - [2010/10/12 10:59:12 | 000,206,072 | ---- | M] (WildTangent, Inc.) [On_Demand | Stopped] -- C:\Program Files (x86)\WildTangent Games\App\GamesAppService.exe -- (GamesAppService)
SRV - [2010/07/20 01:51:54 | 000,655,624 | ---- | M] (Acresso Software Inc.) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe -- (FLEXnet Licensing Service)
SRV - [2010/06/28 16:23:06 | 000,255,744 | ---- | M] (NewTech Infosystems, Inc.) [Auto | Running] -- C:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\IScheduleSvc.exe -- (NTI IScheduleSvc)
SRV - [2010/06/22 14:34:48 | 000,321,104 | ---- | M] (Dritek System Inc.) [Auto | Running] -- C:\Program Files (x86)\Launch Manager\dsiwmis.exe -- (DsiWMIService)
SRV - [2010/05/26 19:41:06 | 000,305,520 | ---- | M] (Egis Technology Inc.) [Auto | Running] -- C:\Program Files (x86)\EgisTec MyWinLocker\x86\MWLService.exe -- (MWLService)
SRV - [2010/04/13 09:57:58 | 000,013,336 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe -- (IAStorDataMgrSvc)
SRV - [2010/03/18 12:57:02 | 002,320,920 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe -- (UNS)
SRV - [2010/03/18 12:56:56 | 000,268,824 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe -- (LMS)
SRV - [2010/01/08 06:21:22 | 000,023,584 | ---- | M] (Acer Incorporated) [Auto | Running] -- C:\Program Files (x86)\Acer\Registration\GREGsvc.exe -- (GREGService)
SRV - [2009/06/10 14:23:09 | 000,066,384 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32)
SRV - [2008/11/09 13:48:14 | 000,602,392 | ---- | M] (Yahoo! Inc.) [Auto | Running] -- C:\Program Files (x86)\Yahoo!\SoftwareUpdate\YahooAUService.exe -- (YahooAUService)
========== Driver Services (SafeList) ==========
DRV:64bit: - [2014/06/20 17:34:32 | 000,061,112 | ---- | M] (StdLib) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\{55685567-4840-4a91-962b-49a412e9485a}w64.sys -- ({55685567-4840-4a91-962b-49a412e9485a}w64)
DRV:64bit: - [2014/06/15 19:04:10 | 000,046,160 | ---- | M] (nethfdrv) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\nethfdrv.sys -- (nethfdrv)
DRV:64bit: - [2014/06/03 17:00:12 | 000,061,112 | ---- | M] (StdLib) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\{55685567-4840-4a91-962b-49a412e9485a}Gw64.sys -- ({55685567-4840-4a91-962b-49a412e9485a}Gw64)
DRV:64bit: - [2014/04/08 10:18:56 | 004,745,280 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\BCMWL664.SYS -- (BCM43XX)
DRV:64bit: - [2014/04/08 10:00:52 | 000,009,216 | ---- | M] (SpeedJet Technology INC.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\SjtWinIo.sys -- (SjtWinIo)
DRV:64bit: - [2014/03/19 15:27:44 | 000,076,496 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\dc3d.sys -- (dc3d)
DRV:64bit: - [2014/03/19 15:23:14 | 000,050,896 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\point64.sys -- (Point64)
DRV:64bit: - [2014/03/19 15:23:14 | 000,029,904 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\nuidfltr.sys -- (NuidFltr)
DRV:64bit: - [2013/11/25 05:22:36 | 000,046,368 | ---- | M] (AVG Technologies) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\avgtpx64.sys -- (avgtp)
DRV:64bit: - [2013/10/01 19:22:20 | 000,056,832 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbFlt.sys -- (TsUsbFlt)
DRV:64bit: - [2013/02/11 21:12:06 | 000,019,968 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\usb8023x.sys -- (usb_rndisx)
DRV:64bit: - [2012/08/23 07:10:20 | 000,019,456 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\rdpvideominiport.sys -- (RdpVideoMiniport)
DRV:64bit: - [2012/06/21 17:04:52 | 000,549,704 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\SRS_AE_amd64.sys -- (SRS_AE_Service)
DRV:64bit: - [2012/02/29 23:46:16 | 000,023,408 | ---- | M] (Microsoft Corporation) [Recognizer | Boot | Unknown] -- C:\Windows\SysNative\drivers\fs_rec.sys -- (Fs_Rec)
DRV:64bit: - [2012/01/10 22:28:18 | 012,311,904 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\igdkmd64.sys -- (igfx)
DRV:64bit: - [2011/05/13 04:21:02 | 000,157,672 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ssadbus.sys -- (ssadbus)
DRV:64bit: - [2011/03/10 23:41:12 | 000,107,904 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata)
DRV:64bit: - [2011/03/10 23:41:12 | 000,027,008 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata)
DRV:64bit: - [2010/11/20 06:33:35 | 000,078,720 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD)
DRV:64bit: - [2010/11/20 03:49:51 | 000,146,432 | ---- | M] (Microsoft Corporation) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\rmcast.sys -- (RMCAST)
DRV:64bit: - [2010/11/11 01:11:50 | 000,136,264 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\sscdbus.sys -- (sscdbus)
DRV:64bit: - [2010/07/08 20:51:50 | 000,017,408 | ---- | M] (NTI Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\UBHelper.sys -- (UBHelper)
DRV:64bit: - [2010/06/17 02:18:28 | 000,246,376 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\RtsUStor.sys -- (RSUSBSTOR)
DRV:64bit: - [2010/05/15 05:48:28 | 000,384,040 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\k57nd60a.sys -- (k57nd60a)
DRV:64bit: - [2010/04/19 19:35:14 | 000,018,432 | ---- | M] (NTI Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\NTIDrvr.sys -- (NTIDrvr)
DRV:64bit: - [2010/04/13 09:44:22 | 000,540,696 | ---- | M] (Intel Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\iaStor.sys -- (iaStor)
DRV:64bit: - [2010/02/26 16:32:14 | 000,158,976 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Impcd.sys -- (Impcd)
DRV:64bit: - [2010/02/03 06:38:32 | 000,271,872 | ---- | M] (Intel® Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\IntcDAud.sys -- (IntcDAud)
DRV:64bit: - [2009/12/10 04:25:10 | 000,301,104 | ---- | M] (Synaptics Incorporated) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\SynTP.sys -- (SynTP)
DRV:64bit: - [2009/11/02 12:48:02 | 000,013,784 | ---- | M] () [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\TurboB.sys -- (TurboB)
DRV:64bit: - [2009/09/16 22:54:54 | 000,056,344 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\HECIx64.sys -- (HECIx64)
DRV:64bit: - [2009/07/13 18:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs)
DRV:64bit: - [2009/07/13 18:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2)
DRV:64bit: - [2009/07/13 18:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor)
DRV:64bit: - [2009/06/10 13:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv)
DRV:64bit: - [2009/06/10 13:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv)
DRV:64bit: - [2009/06/10 13:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a)
DRV:64bit: - [2009/06/10 13:32:37 | 001,627,520 | ---- | M] (NXP Semiconductors) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\Ph3xIB64.sys -- (Ph3xIB64)
DRV:64bit: - [2009/06/10 13:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir)
DRV:64bit: - [2009/06/02 19:15:30 | 000,060,464 | ---- | M] (Egis Technology Inc.) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\mwlPSDVDisk.sys -- (mwlPSDVDisk)
DRV:64bit: - [2009/06/02 19:15:30 | 000,022,576 | ---- | M] (Egis Technology Inc.) [File_System | System | Running] -- C:\Windows\SysNative\drivers\mwlPSDFilter.sys -- (mwlPSDFilter)
DRV:64bit: - [2009/06/02 19:15:30 | 000,020,016 | ---- | M] (Egis Technology Inc.) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\mwlPSDNserv.sys -- (mwlPSDNServ)
DRV:64bit: - [2008/07/29 04:47:00 | 001,075,712 | ---- | M] (Atheros Communications, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\athrxusb.sys -- (athrusb)
DRV - [2014/04/25 22:40:52 | 000,028,256 | ---- | M] (MusicMatch, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysWow64\drivers\MxlW2k.sys -- (MxlW2k)
DRV - [2009/07/13 18:19:10 | 000,019,008 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\wimmount.sys -- (WIMMount)
========== Standard Registry (SafeList) ==========
========== Internet Explorer ==========
IE:64bit: - HKLM\..\SearchScopes,DefaultScope = {6A1806CD-94D4-4689-BA73-E35EA1EA9990}
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKLM\..\SearchScopes,DefaultScope = {6A1806CD-94D4-4689-BA73-E35EA1EA9990}
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default Download Directory = C:\Users\jac\Documents\CyberLink\PowerDVD9\Snapshot
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,SearchDefaultBranded = 1
IE - HKCU\..\URLSearchHook: {81017EA9-9AA8-4A6A-9734-7AF40E7D593F} - C:\Program Files (x86)\Yahoo!\Companion\Installs\cpn6\yt.dll (Yahoo! Inc.)
IE - HKCU\..\SearchScopes,DefaultScope = {E16F8E87-0C5A-4613-A6ED-6A9DD11B6189}
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 1
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = <local>
========== FireFox ==========
FF:64bit: - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF64_13_0_0_214.dll File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files\Microsoft Silverlight\5.1.30214.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_13_0_0_214.dll ()
FF - HKLM\Software\MozillaPlugins\@avg.com/AVG SiteSafety plugin,version=11.0.0.1,application/x-avg-sitesafety-plugin: File not found
FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files (x86)\Microsoft Silverlight\5.1.30214.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=14.0.8081.0709: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@mywebsearch.com/Plugin: File not found
FF - HKLM\Software\MozillaPlugins\@oberon-media.com/ONCAdapter: C:\Program Files (x86)\Common Files\Oberon Media\NCAdapter\1.0.0.14\npapicomadapter.dll (Oberon-Media )
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files (x86)\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files (x86)\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@VideoDownloadConverter_ScriptHelper.com/Plugin: File not found
FF - HKLM\Software\MozillaPlugins\@WildTangent.com/GamesAppPresenceDetector,Version=1.0: C:\Program Files (x86)\WildTangent Games\App\BrowserIntegration\Registered\1\NP_wtapp.dll ()
FF - HKCU\Software\MozillaPlugins\@lightspark.github.com/Lightspark;version=1: C:\Program Files (x86)\Lightspark 0.5.3-git\nplightsparkplugin.dll ( )
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\
[email protected]: C:\Users\jac\AppData\Roaming\Mozilla\Extensions\
[email protected] [2014/03/19 16:25:09 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\
[email protected]: C:\Program Files (x86)\AmiExt\flashEnhancer\ff [2014/05/20 05:08:33 | 000,000,000 | ---D | M]
FF - HKEY_CURRENT_USER\software\mozilla\Firefox\Extensions\\
[email protected]: C:\Users\jac\AppData\Roaming\Mozilla\Extensions\
[email protected] [2014/03/19 16:25:09 | 000,000,000 | ---D | M]
[2014/03/19 16:21:19 | 000,000,000 | ---D | M] (No name found) -- C:\Users\jac\AppData\Roaming\Mozilla\Extensions
[2014/03/19 16:25:09 | 000,000,000 | ---D | M] (Speed Analysis 3) -- C:\Users\jac\AppData\Roaming\Mozilla\Extensions\
[email protected]
[2014/03/19 16:25:09 | 000,000,000 | ---D | M] (No name found) -- C:\Users\jac\AppData\Roaming\Mozilla\Firefox\Profiles\extensions
[2013/11/04 21:58:34 | 000,000,000 | ---D | M] (No name found) -- C:\Users\jac\AppData\Roaming\Mozilla\Firefox\Profiles\extensions\extensions
[2013/06/26 10:40:28 | 000,228,503 | ---- | M] () (No name found) -- C:\Users\jac\AppData\Roaming\Mozilla\Firefox\Profiles\extensions\
[email protected]
[2013/09/12 20:50:18 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\Mozilla Firefox\extensions
[2014/05/20 05:08:33 | 000,000,000 | ---D | M] (flash-Enhancer) -- C:\PROGRAM FILES (X86)\AMIEXT\FLASHENHANCER\FF
========== Chrome ==========
CHR - default_search_provider: Google (Enabled)
CHR - default_search_provider: search_url = {google:baseURL}search?q={searchTerms}&{google:RLZ}{google:originalQueryForSuggestion}{google:assistedQueryStats}{google:searchFieldtrialParameter}{google:bookmarkBarPinned}{google:searchClient}{google:sourceId}{google:instantExtendedEnabledParameter}{google:omniboxStartMarginParameter}ie={inputEncoding}
CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client={google:suggestClient}&gs_ri={google:suggestRid}&xssi=t&q={searchTerms}&{google:cursorPosition}{google:currentPageUrl}{google:pageClassification}sugkey={google:suggestAPIKeyParameter},
CHR - plugin: Widevine Content Decryption Module (Enabled) = C:\Users\jac\AppData\Local\Google\Chrome\User Data\WidevineCDM\1.4.2.464\_platform_specific\win_x86\widevinecdmadapter.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\Program Files (x86)\Google\Chrome\Application\35.0.1916.153\PepperFlash\pepflashplayer.dll
CHR - plugin: Chrome Remote Desktop Viewer (Enabled) = internal-remoting-viewer
CHR - plugin: Native Client (Enabled) = C:\Program Files (x86)\Google\Chrome\Application\35.0.1916.153\ppGoogleNaClPluginChrome.dll
CHR - plugin: Chrome PDF Viewer (Disabled) = C:\Program Files (x86)\Google\Chrome\Application\35.0.1916.153\pdf.dll
CHR - plugin: Adobe Acrobat (Disabled) = C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Browser\nppdf32.dll
CHR - plugin: Oberon com adapter (Enabled) = C:\Program Files (x86)\Common Files\Oberon Media\NCAdapter\1.0.0.14\npapicomadapter.dll
CHR - plugin: Google Update (Enabled) = C:\Program Files (x86)\Google\Update\1.3.24.7\npGoogleUpdate3.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\Program Files (x86)\Lightspark 0.5.3-git\nplightsparkplugin.dll
CHR - plugin: WildTangent Games App V2 Presence Detector (Enabled) = C:\Program Files (x86)\WildTangent Games\App\BrowserIntegration\Registered\1\NP_wtapp.dll
CHR - plugin: Windows Live® Photo Gallery (Enabled) = C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_13_0_0_214.dll
CHR - plugin: Silverlight Plug-In (Enabled) = c:\Program Files (x86)\Microsoft Silverlight\5.1.30214.0\npctrl.dll
CHR - Extension: Facebook App for Google Chromeâ„¢ = C:\Users\jac\AppData\Local\Google\Chrome\User Data\Default\Extensions\ainkhhbgcdbenmmbaoacambbhjfgnmmm\2.2.0.3_0\
CHR - Extension: TooManyTabs for Chrome = C:\Users\jac\AppData\Local\Google\Chrome\User Data\Default\Extensions\amigcgbheognjmfkaieeeadojiibgbdp\2.2_0\
CHR - Extension: Google Docs = C:\Users\jac\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake\0.7_0\
CHR - Extension: Google Drive = C:\Users\jac\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\6.3_0\
CHR - Extension: Speedial = C:\Users\jac\AppData\Local\Google\Chrome\User Data\Default\Extensions\bakijjialdiiboeaknfpmflphhmljfkd\9.4.25_1\
CHR - Extension: Google Voice Search Hotword (Beta) = C:\Users\jac\AppData\Local\Google\Chrome\User Data\Default\Extensions\bepbmhgboaologfdajaanbcjmnhjmhfn\0.1.1.5019_0\
CHR - Extension: YouTube = C:\Users\jac\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.6_0\
CHR - Extension: Google+ Notifications = C:\Users\jac\AppData\Local\Google\Chrome\User Data\Default\Extensions\boemmnepglcoinjcdlfcpcbmhiecichi\1.1.0.618_0\
CHR - Extension: X New Tab Page = C:\Users\jac\AppData\Local\Google\Chrome\User Data\Default\Extensions\cbmbfafhdccfgdgnbkgogehiklmemkoh\4.7.4_0\
CHR - Extension: Google Search = C:\Users\jac\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.20_0\
CHR - Extension: Jewel Quest Deluxe = C:\Users\jac\AppData\Local\Google\Chrome\User Data\Default\Extensions\ehehgijaidopomcfpkigakimeoglkjpa\1.0.28.2_0\
CHR - Extension: Gmail Offline = C:\Users\jac\AppData\Local\Google\Chrome\User Data\Default\Extensions\ejidjjhkpiempkbhmpbfngldlkglhimk\1.20_0\
CHR - Extension: Music Player Client = C:\Users\jac\AppData\Local\Google\Chrome\User Data\Default\Extensions\empibeblplajighpdgkaohlnhhcgpndh\3.2.0_0\
CHR - Extension: Google Analytics Opt-out Add-on (by Google) = C:\Users\jac\AppData\Local\Google\Chrome\User Data\Default\Extensions\fllaojicojecljbmefodhfapmkghcbnh\1_0\
CHR - Extension: Avira Browser Safety = C:\Users\jac\AppData\Local\Google\Chrome\User Data\Default\Extensions\flliilndjeohchalpbbcdekjklbdgfkk\1.1.17_0\
CHR - Extension: IBA Opt-out (by Google) = C:\Users\jac\AppData\Local\Google\Chrome\User Data\Default\Extensions\gbiekjoijknlhijdjbaadobpkdhmoebb\1.5_0\
CHR - Extension: Protect My Choices = C:\Users\jac\AppData\Local\Google\Chrome\User Data\Default\Extensions\hdgloanjhdcenjgiafkpbehddcnonlic\1.1.2_0\
CHR - Extension: Keep My Opt-Outs = C:\Users\jac\AppData\Local\Google\Chrome\User Data\Default\Extensions\hhnjdplhmcnkiecampfdgfjilccfpfoe\1.0.15_0\
CHR - Extension: internet Download Manager IDM 2014 = C:\Users\jac\AppData\Local\Google\Chrome\User Data\Default\Extensions\jeaonhdehfkagimhonjjkganppeimocb\0.0.1_0\
CHR - Extension: Day Dream = C:\Users\jac\AppData\Local\Google\Chrome\User Data\Default\Extensions\kehaomklgejfcialkgeifblijmjgbggd\1.0_1\
CHR - Extension: Google Play = C:\Users\jac\AppData\Local\Google\Chrome\User Data\Default\Extensions\komhbcfkdcgmcdoenjcjheifdiabikfi\3.0_0\
CHR - Extension: Extension Defender = C:\Users\jac\AppData\Local\Google\Chrome\User Data\Default\Extensions\lkakdehcmmnojcdalpkfgmhphnicaonm\1.0.2_0\
CHR - Extension: Enhancements for Gmail = C:\Users\jac\AppData\Local\Google\Chrome\User Data\Default\Extensions\mgdnblnolcinnndenjnollpiplgkbjcn\2.8.30_0\
CHR - Extension: Awesome New Tab Pageâ„¢ = C:\Users\jac\AppData\Local\Google\Chrome\User Data\Default\Extensions\mgmiemnjjchgkmgbeljfocdjjnpjnmcg\2014.112.31_0\
CHR - Extension: Google Wallet = C:\Users\jac\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.6.1_0\
CHR - Extension: System = C:\Users\jac\AppData\Local\Google\Chrome\User Data\Default\Extensions\ocjnemjmlhjkeilmaidemofakmpclcbi\2.4_0\
CHR - Extension: Internet Speed Booster 2 = C:\Users\jac\AppData\Local\Google\Chrome\User Data\Default\Extensions\odhamimojfifikhbhhhcmaekhkinpmge\1.0_0\
CHR - Extension: My Chrome Theme = C:\Users\jac\AppData\Local\Google\Chrome\User Data\Default\Extensions\oehpjpccmlcalbenfhnacjeocbjdonic\2.0_0\
CHR - Extension: Total Files Converter = C:\Users\jac\AppData\Local\Google\Chrome\User Data\Default\Extensions\pejanhiokofaalbconflcaagklbechcd\1.12.2_0\
CHR - Extension: Senet Online = C:\Users\jac\AppData\Local\Google\Chrome\User Data\Default\Extensions\pfmcegikaljcfolenjkadbbaicbgjcpb\1.10_0\
CHR - Extension: Super Notifier = C:\Users\jac\AppData\Local\Google\Chrome\User Data\Default\Extensions\pfpnamijjddnpholapdkhokmgnfkdfpp\3.0_0\
CHR - Extension: Gmail = C:\Users\jac\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0\
O1 HOSTS File: ([2009/06/10 14:00:26 | 000,000,824 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts
O2:64bit: - BHO: (no name) - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - No CLSID value found.
O2:64bit: - BHO: (Google Toolbar Helper) - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
O2 - BHO: (&Yahoo! Toolbar Helper) - {02478D38-C3F9-4efb-9B51-7695ECA05670} - C:\Program Files (x86)\Yahoo!\Companion\Installs\cpn6\yt.dll (Yahoo! Inc.)
O2 - BHO: (no name) - {07B18EA1-A523-4961-B6BB-170DE4475CCA} - No CLSID value found.
O2 - BHO: (no name) - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - No CLSID value found.
O2 - BHO: (flash-Enhancer) - {5A60B6BB-FA81-4EFA-AB9C-A820E2143736} - C:\Program Files (x86)\AmiExt\flashEnhancer\ie\flashEnhancer.dll ()
O2 - BHO: (SingleInstance Class) - {FDAD4DA1-61A2-4FD8-9C17-86F7AC245081} - C:\Program Files (x86)\Yahoo!\Companion\Installs\cpn0\YTSingleInstance.dll (Yahoo! Inc)
O3:64bit: - HKLM\..\Toolbar: (Google Toolbar) - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
O3:64bit: - HKLM\..\Toolbar: (no name) - {ae07101b-46d4-4a98-af68-0333ea26e113} - No CLSID value found.
O3:64bit: - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
O3 - HKLM\..\Toolbar: (no name) - {07B18EA9-A523-4961-B6BB-170DE4475CCA} - No CLSID value found.
O3 - HKLM\..\Toolbar: (no name) - {ae07101b-46d4-4a98-af68-0333ea26e113} - No CLSID value found.
O3 - HKLM\..\Toolbar: (Yahoo Toolbar) - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files (x86)\Yahoo!\Companion\Installs\cpn6\yt.dll (Yahoo! Inc.)
O3 - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
O3:64bit: - HKCU\..\Toolbar\WebBrowser: (Google Toolbar) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
O4:64bit: - HKLM..\Run: [Acer ePower Management] C:\Program Files\Acer\Acer ePower Management\ePowerTray.exe (Acer Incorporated)
O4:64bit: - HKLM..\Run: [IgfxTray] C:\Windows\SysNative\igfxtray.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [PLFSetI] C:\Windows\PLFSetI.exe ()
O4 - HKLM..\Run: [IAStorIcon] C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe (Intel Corporation)
O4 - HKLM..\Run: [LManager] C:\Program Files (x86)\Launch Manager\LManager.exe (Dritek System Inc.)
O4 - HKLM..\Run: [MMTray] C:\Program Files (x86)\MUSICMATCH\MUSICMATCH Jukebox\mm_tray.exe (MUSICMATCH, Inc.)
O4 - HKLM..\Run: [Win32 BCS Monitor] C:\Program Files (x86)\SystemShield Pro\bcsmon32.exe ()
O4 - HKLM..\Run: [Windows Servelet Manager] C:\Program Files (x86)\Java Component Manager\srvlet32.exe ()
O4 - HKLM..\Run: [Windows X32 Service Manager] C:\Program Files (x86)\FlashLive! Updater\flsystem32.exe ()
O4 - HKCU..\Run: [Driver Detective] C:\Program Files (x86)\PC Drivers HeadQuarters\Driver Detective\DriversHQ.DriverDetective.Client.exe (PC Drivers Headquarters)
O4 - HKCU..\Run: [iLivid] "C:\Users\jac\AppData\Local\iLivid\iLivid.exe" -autorun File not found
O4 - HKCU..\Run: [PCKeeper2] "C:\Program Files\Kromtech\PCKeeper\\PCKeeper.exe" /autorun File not found
O4 - HKCU..\Run: [SearchEngineProtection] C:\Program Files (x86)\GamesBar\update\SearchEngineProtection.exe (Oberon Media )
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O1364bit: - gopher Prefix: missing
O13 - gopher Prefix: missing
O15 - HKCU\..Trusted Domains: t-mobile.com ([account.my] https in Trusted sites)
O15 - HKCU\..Trusted Domains: t-mobile.com ([eipverify] https in Trusted sites)
O15 - HKCU\..Trusted Domains: t-mobile.com ([my] https in Local intranet)
O15 - HKCU\..Trusted Domains: yahoo.com ([www] http in Trusted sites)
O15 - HKCU\..Trusted Domains: yahoo.com ([www] https in Local intranet)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.43.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{5E6CEDD8-75F1-49F7-92E9-8BC75DA634FE}: DhcpNameServer = 192.168.43.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{8932F0D3-24C0-48A0-9CCC-C7445315744F}: DhcpNameServer = 192.168.42.129
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{B13E5748-4483-456A-AE13-6137C6269B54}: DhcpNameServer = 192.168.42.129
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{CB4BF23F-273E-4982-A534-FE9721A04C15}: DhcpNameServer = 192.168.42.129
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{CBC62C07-1413-48F5-BFC6-1679F55518ED}: DhcpNameServer = 192.168.42.129
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{D26BD4C1-0EB4-4584-96D8-0D1E0743BEE5}: DhcpNameServer = 192.168.42.129
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{E865C159-9CB5-419C-9BD5-4FC78AC49C16}: DhcpNameServer = 192.168.42.129
O18:64bit: - Protocol\Handler\ipp - No CLSID value found
O18:64bit: - Protocol\Handler\ipp\0x00000001 - No CLSID value found
O18:64bit: - Protocol\Handler\linkscanner - No CLSID value found
O18:64bit: - Protocol\Handler\livecall - No CLSID value found
O18:64bit: - Protocol\Handler\msdaipp - No CLSID value found
O18:64bit: - Protocol\Handler\msdaipp\0x00000001 - No CLSID value found
O18:64bit: - Protocol\Handler\msdaipp\oledb - No CLSID value found
O18:64bit: - Protocol\Handler\msnim - No CLSID value found
O18:64bit: - Protocol\Handler\mso-offdap - No CLSID value found
O18:64bit: - Protocol\Handler\mso-offdap11 - No CLSID value found
O18:64bit: - Protocol\Handler\viprotocol - No CLSID value found
O18:64bit: - Protocol\Handler\wlmailhtml - No CLSID value found
O18 - Protocol\Handler\ipp\0x00000001 {E1D2BF42-A96B-11D1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\linkscanner - No CLSID value found
O18 - Protocol\Handler\msdaipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\viprotocol - No CLSID value found
O18:64bit: - Protocol\Filter\text/xml - No CLSID value found
O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (userinit.exe) - C:\Windows\SysWow64\userinit.exe (Microsoft Corporation)
O20:64bit: - Winlogon\Notify\igfxcui: DllName - (igfxdev.dll) - C:\Windows\SysNative\igfxdev.dll (Intel Corporation)
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O32 - HKLM CDRom: AutoRun - 1
O34 - HKLM BootExecute: (autocheck autochk *)
O34 - HKLM BootExecute: (MACHINE BootExecut)
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)
========== Files/Folders - Created Within 30 Days ==========
[2014/06/29 00:35:05 | 000,602,112 | ---- | C] (OldTimer Tools) -- C:\Users\jac\Desktop\OTL.exe
[2014/06/27 23:55:26 | 000,000,000 | ---D | C] -- C:\Users\jac\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps
[2014/06/23 14:17:38 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\FlashLive! Updater
[2014/06/23 14:17:37 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\FlashLive! Updater
[2014/06/23 14:00:09 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SystemShield Pro
[2014/06/23 14:00:09 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\SystemShield Pro
[2014/06/23 13:17:59 | 000,000,000 | ---D | C] -- C:\utorent
[2014/06/23 04:26:24 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Mouse and Keyboard Center
[2014/06/23 04:25:20 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft Mouse and Keyboard Center
[2014/06/22 05:01:27 | 000,000,000 | ---D | C] -- C:\ProgramData\UAB
[2014/06/22 05:00:15 | 000,000,000 | ---D | C] -- C:\Users\jac\AppData\Local\PC_Drivers_Headquarters
[2014/06/22 04:57:56 | 000,000,000 | ---D | C] -- C:\ProgramData\PC Drivers HeadQuarters
[2014/06/22 04:56:02 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\PC Drivers HeadQuarters
[2014/06/22 04:39:32 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Software Check
[2014/06/22 04:39:31 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Software Check
[2014/06/22 03:58:20 | 000,000,000 | ---D | C] -- C:\Users\jac\21414
[2014/06/22 03:56:28 | 000,061,112 | ---- | C] (StdLib) -- C:\Windows\SysNative\drivers\{55685567-4840-4a91-962b-49a412e9485a}w64.sys
[2014/06/22 02:54:30 | 000,000,000 | ---D | C] -- C:\Program Files\PlayReady
[2014/06/22 01:18:50 | 000,000,000 | R--D | C] -- C:\Users\jac\Videos
[2014/06/20 02:08:15 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Config
[2014/06/16 16:33:07 | 000,000,000 | R--D | C] -- C:\Users\jac\Desktop\New folder
[2014/06/15 19:04:10 | 000,046,160 | ---- | C] (nethfdrv) -- C:\Windows\SysNative\drivers\nethfdrv.sys
[2014/06/13 20:30:24 | 000,000,000 | -H-D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\PCCDisabled
[2014/06/11 03:53:27 | 000,000,000 | ---D | C] -- C:\Users\jac\AppData\Roaming\XnView
[2014/06/11 03:53:10 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\XnView
[2014/06/11 03:53:06 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\XnView
[2014/06/11 02:03:31 | 000,000,000 | ---D | C] -- C:\Users\jac\AppData\Roaming\Media Player Classic
[2014/06/10 14:37:11 | 000,000,000 | ---D | C] -- C:\Insoft LLC
[2014/06/10 05:59:27 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Software Updater
[2014/06/10 05:59:27 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Software Updater
[2014/06/08 03:29:58 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\The Little App Factory
[2014/06/08 03:29:58 | 000,000,000 | ---D | C] -- C:\Users\jac\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\iRip
[2014/06/08 02:42:31 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\File Extensions
[2014/06/08 02:42:30 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\File Extensions
[2014/06/08 00:30:03 | 000,000,000 | ---D | C] -- C:\Users\jac\AppData\Local\IsolatedStorage
[2014/06/08 00:25:09 | 000,000,000 | ---D | C] -- C:\Users\jac\AppData\Roaming\0V1L2Z2Z1T1I1L1T
[2014/06/05 03:18:41 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\GamingWonderland Chrome Extension
[2014/06/04 13:09:49 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java Component Manager
[2014/06/04 13:09:49 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Java Component Manager
[2014/06/04 13:09:09 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Media Player Classic - Home Cinema
[2014/06/04 13:06:22 | 000,000,000 | ---D | C] -- C:\Users\jac\AppData\Local\WeatherAlerts
[2014/06/04 12:49:41 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\SearchProtect
[2014/06/04 12:49:38 | 000,000,000 | ---D | C] -- C:\Users\jac\AppData\Local\SearchProtect
[2014/06/04 09:32:46 | 000,000,000 | ---D | C] -- C:\Users\jac\AppData\Roaming\FreeFileViewer
[2014/06/04 08:50:11 | 000,061,112 | ---- | C] (StdLib) -- C:\Windows\SysNative\drivers\{55685567-4840-4a91-962b-49a412e9485a}Gw64.sys
[2014/06/04 08:28:08 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\S-1-5-21-1647098789-2583005755-139993268-1000
[2014/06/04 08:18:34 | 000,000,000 | ---D | C] -- C:\Users\jac\AppData\Local\FreeFileViewer
[2014/06/04 07:51:34 | 000,000,000 | ---D | C] -- C:\ProgramData\Pure Networks
[2014/06/04 07:42:37 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\webget
[2014/06/04 07:41:42 | 000,000,000 | ---D | C] -- C:\Users\jac\AppData\Local\FileTypeAssistant
[2014/06/04 07:41:35 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\File Type Assistant
[2014/06/04 07:40:35 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\FreeFileViewer
[2014/06/04 07:40:19 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\FreeFileViewer
[2014/06/04 04:04:23 | 000,000,000 | ---D | C] -- C:\Users\jac\AppData\Local\Kromtech
[2014/06/04 04:03:37 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Amazon
[2014/06/04 04:01:04 | 000,000,000 | ---D | C] -- C:\ProgramData\Kromtech
[2014/05/30 22:28:03 | 000,000,000 | ---D | C] -- C:\Windows\SoftwareDistribution
[2014/05/30 03:23:38 | 000,000,000 | ---D | C] -- C:\Users\jac\AppData\Roaming\YahooCouponAddOn
[2014/05/30 03:23:38 | 000,000,000 | ---D | C] -- C:\Users\jac\AppData\Local\visi_coupon
[7 C:\Windows\SysWow64\*.tmp files -> C:\Windows\SysWow64\*.tmp -> ]
[15 C:\*.tmp files -> C:\*.tmp -> ]
[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]
========== Files - Modified Within 30 Days ==========
[2014/06/29 00:41:23 | 003,772,416 | ---- | M] () -- C:\Users\jac\AppData\Local\ChromeHitoryDB
[2014/06/29 00:35:15 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\jac\Desktop\OTL.exe
[2014/06/29 00:16:04 | 000,000,892 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2014/06/28 23:58:51 | 000,009,920 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2014/06/28 23:58:51 | 000,009,920 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2014/06/28 23:56:56 | 000,910,774 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2014/06/28 23:56:56 | 000,756,728 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2014/06/28 23:56:56 | 000,153,078 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2014/06/28 23:53:52 | 000,017,920 | ---- | M] () -- C:\Windows\SysNative\rpcnetp.exe
[2014/06/28 23:53:50 | 000,058,288 | ---- | M] (Absolute Software Corp.) -- C:\Windows\SysWow64\rpcnet.dll
[2014/06/28 23:52:04 | 000,000,398 | ---- | M] () -- C:\Windows\tasks\FreeFileViewerUpdateChecker.job
[2014/06/28 23:52:00 | 000,000,334 | ---- | M] () -- C:\Windows\tasks\AmiUpdXp.job
[2014/06/28 23:51:53 | 000,000,888 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2014/06/28 23:51:27 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2014/06/28 23:51:17 | 1401,974,784 | -HS- | M] () -- C:\hiberfil.sys
[2014/06/28 20:42:00 | 000,000,830 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
[2014/06/26 22:51:24 | 000,007,168 | ---- | M] () -- C:\Users\jac\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2014/06/23 13:16:23 | 000,000,193 | ---- | M] () -- C:\Windows\WORDPAD.INI
[2014/06/23 04:26:24 | 000,000,000 | -H-- | M] () -- C:\Windows\SysNative\drivers\Msft_Kernel_point64_01011.Wdf
[2014/06/23 04:26:14 | 000,000,000 | -H-- | M] () -- C:\Windows\SysNative\drivers\Msft_Kernel_NuidFltr_01011.Wdf
[2014/06/23 04:15:16 | 000,000,000 | -H-- | M] () -- C:\Windows\SysNative\drivers\Msft_Kernel_NuidFltr_01009.Wdf
[2014/06/23 01:12:09 | 000,000,000 | -H-- | M] () -- C:\Windows\SysNative\drivers\Msft_Kernel_dc3d_01011.Wdf
[2014/06/23 01:09:40 | 000,000,000 | -H-- | M] () -- C:\Windows\SysNative\drivers\Msft_Kernel_dc3d_01009.Wdf
[2014/06/21 21:42:19 | 000,000,853 | ---- | M] () -- C:\Users\jac\Desktop\web sigh to look at jac.rtf
[2014/06/20 17:34:32 | 000,061,112 | ---- | M] (StdLib) -- C:\Windows\SysNative\drivers\{55685567-4840-4a91-962b-49a412e9485a}w64.sys
[2014/06/16 23:43:39 | 000,001,451 | ---- | M] () -- C:\Users\jac\Desktop\Internet Explorer.lnk
[2014/06/15 19:04:10 | 000,046,160 | ---- | M] (nethfdrv) -- C:\Windows\SysNative\drivers\nethfdrv.sys
[2014/06/15 19:03:56 | 000,159,744 | ---- | M] () -- C:\Windows\SysWow64\netupdsrv.exe
[2014/06/15 19:03:46 | 000,108,544 | ---- | M] () -- C:\Windows\SysWow64\installd.exe
[2014/06/15 19:03:34 | 000,180,224 | ---- | M] () -- C:\Windows\SysWow64\nethtsrv.exe
[2014/06/15 19:03:24 | 000,108,544 | ---- | M] () -- C:\Windows\SysWow64\hfnapi.dll
[2014/06/15 19:03:16 | 000,246,784 | ---- | M] () -- C:\Windows\SysWow64\hfpapi.dll
[2014/06/13 06:15:59 | 000,002,100 | ---- | M] () -- C:\Users\Public\Desktop\Google Chrome.lnk
[2014/06/11 03:55:34 | 000,000,957 | ---- | M] () -- C:\Users\jac\Desktop\XnView.lnk
[2014/06/11 03:53:10 | 000,000,941 | ---- | M] () -- C:\Users\jac\Application Data\Microsoft\Internet Explorer\Quick Launch\XnView.lnk
[2014/06/11 02:00:11 | 000,002,195 | ---- | M] () -- C:\Users\jac\Desktop\Media Player Classic - Home Cinema.lnk
[2014/06/10 07:26:11 | 000,000,000 | ---- | M] () -- C:\END
[2014/06/10 06:40:17 | 000,001,648 | ---- | M] () -- C:\Windows\SysNative\ASOROSet.bin
[2014/06/08 01:08:26 | 000,000,476 | ---- | M] () -- C:\Windows\wininit.ini
[2014/06/04 08:41:20 | 000,000,045 | ---- | M] () -- C:\Users\jac\AppData\Roaming\WB.CFG
[2014/06/04 07:40:35 | 000,001,101 | ---- | M] () -- C:\Users\jac\Application Data\Microsoft\Internet Explorer\Quick Launch\FreeFileViewer.lnk
[2014/06/03 17:00:12 | 000,061,112 | ---- | M] (StdLib) -- C:\Windows\SysNative\drivers\{55685567-4840-4a91-962b-49a412e9485a}Gw64.sys
[7 C:\Windows\SysWow64\*.tmp files -> C:\Windows\SysWow64\*.tmp -> ]
[15 C:\*.tmp files -> C:\*.tmp -> ]
[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]
========== Files Created - No Company Name ==========
[2014/06/23 04:26:24 | 000,000,000 | -H-- | C] () -- C:\Windows\SysNative\drivers\Msft_Kernel_point64_01011.Wdf
[2014/06/23 04:26:14 | 000,000,000 | -H-- | C] () -- C:\Windows\SysNative\drivers\Msft_Kernel_NuidFltr_01011.Wdf
[2014/06/23 04:15:16 | 000,000,000 | -H-- | C] () -- C:\Windows\SysNative\drivers\Msft_Kernel_NuidFltr_01009.Wdf
[2014/06/23 01:12:09 | 000,000,000 | -H-- | C] () -- C:\Windows\SysNative\drivers\Msft_Kernel_dc3d_01011.Wdf
[2014/06/23 01:09:40 | 000,000,000 | -H-- | C] () -- C:\Windows\SysNative\drivers\Msft_Kernel_dc3d_01009.Wdf
[2014/06/21 21:42:18 | 000,000,853 | ---- | C] () -- C:\Users\jac\Desktop\web sigh to look at jac.rtf
[2014/06/16 23:43:39 | 000,001,451 | ---- | C] () -- C:\Users\jac\Desktop\Internet Explorer.lnk
[2014/06/15 19:03:56 | 000,159,744 | ---- | C] () -- C:\Windows\SysWow64\netupdsrv.exe
[2014/06/15 19:03:46 | 000,108,544 | ---- | C] () -- C:\Windows\SysWow64\installd.exe
[2014/06/15 19:03:34 | 000,180,224 | ---- | C] () -- C:\Windows\SysWow64\nethtsrv.exe
[2014/06/15 19:03:24 | 000,108,544 | ---- | C] () -- C:\Windows\SysWow64\hfnapi.dll
[2014/06/15 19:03:16 | 000,246,784 | ---- | C] () -- C:\Windows\SysWow64\hfpapi.dll
[2014/06/11 06:03:56 | 000,000,987 | ---- | C] () -- C:\Users\jac\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\XnView.lnk
[2014/06/11 03:53:10 | 000,000,957 | ---- | C] () -- C:\Users\jac\Desktop\XnView.lnk
[2014/06/11 03:53:10 | 000,000,941 | ---- | C] () -- C:\Users\jac\Application Data\Microsoft\Internet Explorer\Quick Launch\XnView.lnk
[2014/06/11 02:00:11 | 000,002,195 | ---- | C] () -- C:\Users\jac\Desktop\Media Player Classic - Home Cinema.lnk
[2014/06/08 01:05:41 | 000,002,040 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Media Center.lnk
[2014/06/08 01:05:41 | 000,001,547 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Media Player.lnk
[2014/06/08 01:05:41 | 000,001,451 | ---- | C] () -- C:\Users\jac\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
[2014/06/04 13:27:18 | 000,001,648 | ---- | C] () -- C:\Windows\SysNative\ASOROSet.bin
[2014/06/04 13:09:51 | 003,772,416 | ---- | C] () -- C:\Users\jac\AppData\Local\ChromeHitoryDB
[2014/06/04 12:49:41 | 000,000,000 | ---- | C] () -- C:\END
[2014/06/04 08:41:20 | 000,000,045 | ---- | C] () -- C:\Users\jac\AppData\Roaming\WB.CFG
[2014/06/04 07:41:01 | 000,000,398 | ---- | C] () -- C:\Windows\tasks\FreeFileViewerUpdateChecker.job
[2014/06/04 07:40:35 | 000,001,101 | ---- | C] () -- C:\Users\jac\Application Data\Microsoft\Internet Explorer\Quick Launch\FreeFileViewer.lnk
[2014/05/19 06:54:39 | 000,000,476 | ---- | C] () -- C:\Windows\wininit.ini
[2014/04/08 13:00:57 | 000,000,376 | ---- | C] () -- C:\Windows\ODBC.INI
[2014/04/08 10:53:54 | 000,193,400 | ---- | C] () -- C:\Windows\flicker.dll
[2014/04/08 10:53:54 | 000,066,424 | ---- | C] () -- C:\Windows\setpwlin.exe
[2014/03/16 07:34:15 | 000,000,017 | ---- | C] () -- C:\Windows\SysWow64\shortcut_ex.dat
[2013/12/22 19:43:33 | 000,018,526 | ---- | C] () -- C:\Users\jac\AppData\Roaming\UserTile.png
[2013/12/18 20:36:02 | 000,518,216 | ---- | C] () -- C:\Users\jac\Type2Sign.aspx
[2013/12/17 14:03:28 | 000,158,925 | ---- | C] () -- C:\Users\jac\Type2Sign3.pdf
[2013/12/14 16:40:27 | 000,038,867 | ---- | C] () -- C:\Windows\hpomdl03.dat.temp
[2013/12/11 07:58:55 | 000,000,143 | ---- | C] () -- C:\Windows\hpoins03.dat.temp
[2013/12/11 07:42:41 | 000,000,143 | ---- | C] () -- C:\Windows\hpoins03.dat
[2013/11/07 00:58:31 | 000,000,209 | ---- | C] () -- C:\Windows\settings.ini
[2013/11/04 13:32:40 | 000,007,629 | ---- | C] () -- C:\Users\jac\AppData\Local\Resmon.ResmonCfg
[2013/11/04 05:01:47 | 000,007,168 | ---- | C] () -- C:\Users\jac\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2013/11/01 23:14:51 | 000,000,193 | ---- | C] () -- C:\Windows\WORDPAD.INI
========== ZeroAccess Check ==========
[2009/07/13 21:55:00 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini
[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] /64
[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
"" = C:\Windows\SysNative\shell32.dll -- [2014/03/24 19:43:12 | 014,175,744 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2014/03/24 19:09:54 | 012,874,240 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\fastprox.dll -- [2009/07/13 18:40:51 | 000,909,312 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2010/11/20 05:19:02 | 000,606,208 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\wbemess.dll -- [2009/07/13 18:41:56 | 000,505,856 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]
========== LOP Check ==========
[2014/06/08 00:25:09 | 000,000,000 | ---D | M] -- C:\Users\jac\AppData\Roaming\0V1L2Z2Z1T1I1L1T
[2014/01/18 00:25:33 | 000,000,000 | ---D | M] -- C:\Users\jac\AppData\Roaming\Arkadium
[2012/12/18 20:26:54 | 000,000,000 | ---D | M] -- C:\Users\jac\AppData\Roaming\AVG
[2011/12/07 20:02:08 | 000,000,000 | ---D | M] -- C:\Users\jac\AppData\Roaming\Awem
[2013/09/12 20:49:18 | 000,000,000 | ---D | M] -- C:\Users\jac\AppData\Roaming\Babylon
[2014/03/19 16:20:51 | 000,000,000 | ---D | M] -- C:\Users\jac\AppData\Roaming\DikobrazGames
[2013/12/14 17:53:58 | 000,000,000 | ---D | M] -- C:\Users\jac\AppData\Roaming\DriverCure
[2014/03/19 16:25:03 | 000,000,000 | ---D | M] -- C:\Users\jac\AppData\Roaming\File Scout
[2011/12/05 22:19:16 | 000,000,000 | ---D | M] -- C:\Users\jac\AppData\Roaming\FloodLightGames
[2014/06/04 09:35:54 | 000,000,000 | ---D | M] -- C:\Users\jac\AppData\Roaming\FreeFileViewer
[2013/09/28 02:21:21 | 000,000,000 | ---D | M] -- C:\Users\jac\AppData\Roaming\iWin
[2014/04/08 14:56:55 | 000,000,000 | ---D | M] -- C:\Users\jac\AppData\Roaming\Oberon Media
[2013/09/13 19:03:05 | 000,000,000 | ---D | M] -- C:\Users\jac\AppData\Roaming\PerformerSoft
[2013/10/26 19:29:53 | 000,000,000 | ---D | M] -- C:\Users\jac\AppData\Roaming\ShopAtHome
[2014/03/25 12:24:09 | 000,000,000 | ---D | M] -- C:\Users\jac\AppData\Roaming\SoftGrid Client
[2013/09/12 20:41:20 | 000,000,000 | ---D | M] -- C:\Users\jac\AppData\Roaming\SpeedAnalysis3
[2012/06/15 17:23:55 | 000,000,000 | ---D | M] -- C:\Users\jac\AppData\Roaming\SpeedyPC Software
[2014/06/10 06:44:57 | 000,000,000 | ---D | M] -- C:\Users\jac\AppData\Roaming\Systweak
[2011/12/19 23:00:03 | 000,000,000 | ---D | M] -- C:\Users\jac\AppData\Roaming\TP
[2012/11/12 22:25:47 | 000,000,000 | ---D | M] -- C:\Users\jac\AppData\Roaming\TuneUp Software
[2014/03/19 16:25:10 | 000,000,000 | ---D | M] -- C:\Users\jac\AppData\Roaming\WildTangent
[2012/01/07 20:28:22 | 000,000,000 | ---D | M] -- C:\Users\jac\AppData\Roaming\Windows Live Writer
[2014/06/16 22:13:01 | 000,000,000 | ---D | M] -- C:\Users\jac\AppData\Roaming\XnView
[2014/05/30 03:23:38 | 000,000,000 | ---D | M] -- C:\Users\jac\AppData\Roaming\YahooCouponAddOn
========== Purity Check ==========
========== Alternate Data Streams ==========
@Alternate Data Stream - 968 bytes -> C:\Users\jac\Documents\Emailing_ -NSYNC My Name Is Joe 12 I Believe in You.eml:OECustomProperty
@Alternate Data Stream - 405 bytes -> C:\ProgramData\Temp:029E021F
@Alternate Data Stream - 133 bytes -> C:\ProgramData\Temp:0B4227B4
< End of report >
Edited by colliejjr, 29 June 2014 - 02:50 AM.