Jump to content


Photo
- - - - -

2nd GPU running at 99% load


  • This topic is locked This topic is locked
13 replies to this topic

#1 rambag3

rambag3

    Journeyman

  • Members
  • PipPip
  • 47 posts

Posted 29 June 2014 - 05:26 PM

So my 2nd GPU a Saphire 7850 has sometimes over the last week started up and gone straight to 99% load while my main GPU an XFX 280x is at idle.

 

This is with the computer idling nothing opened except speedfan and then GPU-Z to check the gpu usage.

 

Task manager doesn't show anything running out of the ordinary that I can tell so here is the log, any help is much appreciated.

 

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 7:21:18 PM, on 6/29/2014
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v11.0 (11.00.9600.17126)
Boot mode: Normal

Running processes:
C:\Windows\SysWOW64\Rundll32.exe
C:\Users\Evan Kopilow\AppData\Local\FluxSoftware\Flux\flux.exe
C:\Users\Evan Kopilow\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe
C:\Program Files (x86)\Razer\Synapse\RzSynapse.exe
C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
D:\iTunes\iTunesHelper.exe
D:\Program Files (x86)\Steam\steam.exe
C:\Program Files (x86)\Samsung Magician\Samsung Magician.exe
D:\Program Files (x86)\SpeedFan\speedfan.exe
C:\Users\Evan Kopilow\Desktop\GPU-Z.0.7.8.exe
C:\Users\Evan Kopilow\AppData\Roaming\Dropbox\bin\Dropbox.exe
C:\Program Files (x86)\Mozilla Firefox\firefox.exe
C:\Program Files (x86)\Trend Micro\HiJackThis\HiJackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft....k/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www22.verizon...ogin/Login.aspx
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft..../?LinkId=255141
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft....k/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft....k/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft..../?LinkId=255141
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
R3 - URLSearchHook: uTorrentControl2 Toolbar - {687578b9-7132-4a7a-80e4-30ee31099e03} - C:\Program Files (x86)\uTorrentControl2\prxtbuTor.dll
F2 - REG:system.ini: UserInit=userinit.exe
O2 - BHO: Winamp Toolbar Loader - {25CEE8EC-5730-41bc-8B58-22DDC8AB8C20} - C:\Program Files (x86)\Winamp Toolbar\winamptb.dll
O2 - BHO: uTorrentControl2 - {687578b9-7132-4a7a-80e4-30ee31099e03} - C:\Program Files (x86)\uTorrentControl2\prxtbuTor.dll
O2 - BHO: Java™ Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll
O2 - BHO: (no name) - {95B7759C-8C7F-4BF1-B163-73684A933233} - (no file)
O2 - BHO: Java™ Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll
O3 - Toolbar: Winamp Toolbar - {EBF2BA02-9094-4c5a-858B-BB198F3D8DE2} - C:\Program Files (x86)\Winamp Toolbar\winamptb.dll
O3 - Toolbar: uTorrentControl2 Toolbar - {687578b9-7132-4a7a-80e4-30ee31099e03} - C:\Program Files (x86)\uTorrentControl2\prxtbuTor.dll
O4 - HKLM\..\Run: [APSDaemon] "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"
O4 - HKLM\..\Run: [StartCCC] "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\amd64\CLIStart.exe" MSRun
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [Razer Synapse] "C:\Program Files (x86)\Razer\Synapse\RzSynapse.exe"
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
O4 - HKLM\..\Run: [iTunesHelper] "D:\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime
O4 - HKCU\..\Run: [f.lux] "C:\Users\Evan Kopilow\AppData\Local\FluxSoftware\Flux\flux.exe" /noshow
O4 - HKCU\..\Run: [Spotify Web Helper] "C:\Users\Evan Kopilow\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe"
O4 - HKCU\..\Run: [Skype] "C:\Program Files (x86)\Skype\Phone\Skype.exe" /minimized /regrun
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')
O4 - Startup: Dropbox.lnk = Evan Kopilow\AppData\Roaming\Dropbox\bin\Dropbox.exe
O4 - Startup: Samsung Magician.lnk = C:\Program Files (x86)\Samsung Magician\Samsung Magician.exe
O4 - Startup: SpeedFan.lnk = C:\Program Files (x86)\SpeedFan\speedfan.exe
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL
O23 - Service: SAS Core Service (!SASCORE) - SUPERAntiSpyware.com - D:\Program Files\SUPERAntiSpyware\SASCORE64.EXE
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: AMD External Events Utility - Unknown owner - C:\Windows\system32\atiesrxx.exe (file missing)
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
O23 - Service: AppleChargerSrv - Unknown owner - C:\Windows\system32\AppleChargerSrv.exe (file missing)
O23 - Service: Bonjour Service - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: Intel® Content Protection HECI Service (cphs) - Intel Corporation - C:\Windows\SysWow64\IntelCpHeciSvc.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: Freemake Improver - Freemake - C:\ProgramData\Freemake\FreemakeUtilsService\FreemakeUtilsService.exe
O23 - Service: Futuremark SystemInfo Service - Futuremark Corporation - C:\Program Files (x86)\Futuremark\Futuremark SystemInfo\FMSISvc.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\Windows\system32\IEEtwCollector.exe (file missing)
O23 - Service: IHA_MessageCenter - Verizon - C:\Program Files (x86)\Verizon\IHA_MessageCenter\Bin\Verizon_IHAMessageCenter.exe
O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Intel® Management and Security Application Local Management Service (LMS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: NBService - Nero AG - D:\Program Files (x86)\Nero 7\Nero BackItUp\NBService.exe
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: NMIndexingService - Nero AG - C:\Program Files (x86)\Common Files\Ahead\Lib\NMIndexingService.exe
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files (x86)\Skype\Updater\Updater.exe
O23 - Service: Smart TimeLock Service (Smart TimeLock) - Gigabyte Technology CO., LTD. - C:\Program Files (x86)\GIGABYTE\Smart6\Timelock\TimeMgmtDaemon.exe
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: Soluto Launcher Service (SolutoLauncherService) - Soluto - C:\Program Files\Soluto\SolutoLauncherService.exe
O23 - Service: Soluto Remote Service (SolutoRemoteService) - Soluto - C:\Program Files\Soluto\SolutoRemoteService.exe
O23 - Service: Soluto PCGenome Core Service (SolutoService) - Soluto - C:\Program Files\Soluto\SolutoService.exe
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files (x86)\Common Files\Steam\SteamService.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: Intel® Management and Security Application User Notification Service (UNS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)

--
End of file - 10896 bytes
 



#2 guestolo

guestolo

    Site Donator

  • Admin
  • PipPipPipPipPipPipPip
  • 16,247 posts

Posted 01 July 2014 - 09:19 AM

Download OTL.exe by OldTimer to your Desktop.
  • Close all windows and double click on OTL.exe to run it
  • right click on OTL.exe and choose to "Run as Administrator"
  • Click Run Scan and let the program run uninterrupted.
  • It will produce two logs for you, one will pop up - OTL.txt, the other will be saved on your Desktop - Extras.txt. Post both logs in this thread.

Do you want to post your own logs from FRST?
Follow the instructions posted Click Here


#3 rambag3

rambag3

    Journeyman

  • Members
  • PipPip
  • 47 posts

Posted 01 July 2014 - 10:46 PM

OTL log:

 

OTL logfile created on: 7/2/2014 12:40:39 AM - Run 1
OTL by OldTimer - Version 3.2.69.0     Folder = C:\Users\Evan Kopilow\Desktop
64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.11.9600.17126)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy
 
15.92 Gb Total Physical Memory | 13.15 Gb Available Physical Memory | 82.58% Memory free
31.84 Gb Paging File | 28.75 Gb Available in Paging File | 90.32% Paging File free
Paging file location(s): c:\pagefile.sys 0 0 [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 232.78 Gb Total Space | 146.28 Gb Free Space | 62.84% Space Free | Partition Type: NTFS
Drive D: | 931.51 Gb Total Space | 594.45 Gb Free Space | 63.82% Space Free | Partition Type: NTFS
Drive E: | 931.51 Gb Total Space | 865.01 Gb Free Space | 92.86% Space Free | Partition Type: NTFS
Drive F: | 111.79 Gb Total Space | 71.39 Gb Free Space | 63.86% Space Free | Partition Type: NTFS
Drive G: | 702.83 Mb Total Space | 479.74 Mb Free Space | 68.26% Space Free | Partition Type: UDF
Drive H: | 55.90 Gb Total Space | 45.31 Gb Free Space | 81.06% Space Free | Partition Type: NTFS
 
Computer Name: LJSMONSTER | User Name: Evan Kopilow | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
 
========== Processes (SafeList) ==========
 
PRC - [2014/07/02 00:39:57 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Evan Kopilow\Desktop\OTL.exe
PRC - [2014/06/10 16:25:03 | 001,176,632 | ---- | M] (Spotify Ltd) -- C:\Users\Evan Kopilow\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe
PRC - [2014/05/31 16:26:48 | 000,585,048 | ---- | M] (Razer Inc.) -- C:\Program Files (x86)\Razer\Synapse\RzSynapse.exe
PRC - [2014/05/29 13:36:52 | 000,543,424 | ---- | M] (Valve Corporation) -- C:\Program Files (x86)\Common Files\Steam\SteamService.exe
PRC - [2014/05/29 13:36:48 | 001,754,816 | ---- | M] (Valve Corporation) -- D:\Program Files (x86)\Steam\Steam.exe
PRC - [2014/05/19 20:45:22 | 033,322,312 | ---- | M] (Dropbox, Inc.) -- C:\Users\Evan Kopilow\AppData\Roaming\Dropbox\bin\Dropbox.exe
PRC - [2014/05/19 20:34:36 | 004,737,440 | ---- | M] (Samsung Electronics.) -- C:\Program Files (x86)\Samsung Magician\Samsung Magician.exe
PRC - [2013/12/21 02:04:16 | 000,065,432 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
PRC - [2013/10/15 19:06:12 | 001,016,712 | ---- | M] (Flux Software LLC) -- C:\Users\Evan Kopilow\AppData\Local\FluxSoftware\Flux\flux.exe
PRC - [2011/08/08 17:39:32 | 002,656,536 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe
PRC - [2011/08/08 17:39:26 | 000,325,912 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe
PRC - [2010/04/22 15:05:26 | 001,011,712 | ---- | M] (Gigabyte Technology CO., LTD.) -- C:\Program Files (x86)\GIGABYTE\smart6\timelock\AlarmClock.exe
PRC - [2009/10/13 16:39:46 | 000,114,688 | ---- | M] (Gigabyte Technology CO., LTD.) -- C:\Program Files (x86)\GIGABYTE\smart6\timelock\TimeMgmtDaemon.exe
 
 
========== Modules (No Company Name) ==========
 
MOD - [2014/07/02 00:34:08 | 000,043,008 | ---- | M] () -- c:\Users\Evan Kopilow\AppData\Local\Temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmppwy5tq.dll
MOD - [2014/05/29 13:37:34 | 002,139,840 | ---- | M] () -- D:\Program Files (x86)\Steam\video.dll
MOD - [2014/05/29 13:36:54 | 001,116,864 | ---- | M] () -- D:\Program Files (x86)\Steam\bin\chromehtml.dll
MOD - [2014/05/19 20:20:50 | 000,103,424 | ---- | M] () -- C:\Program Files (x86)\Samsung Magician\PAL.dll
MOD - [2014/05/19 20:20:10 | 000,039,424 | ---- | M] () -- C:\Program Files (x86)\Samsung Magician\SATA.dll
MOD - [2014/05/19 20:20:10 | 000,031,232 | ---- | M] () -- C:\Program Files (x86)\Samsung Magician\SMINI.dll
MOD - [2014/05/19 20:19:48 | 000,029,696 | ---- | M] () -- C:\Program Files (x86)\Samsung Magician\SAS.dll
MOD - [2014/05/19 20:19:46 | 000,038,400 | ---- | M] () -- C:\Program Files (x86)\Samsung Magician\SAT.dll
MOD - [2014/05/16 21:36:10 | 000,756,224 | ---- | M] () -- D:\Program Files (x86)\Steam\SDL2.dll
MOD - [2014/05/06 11:24:38 | 000,013,824 | ---- | M] () -- C:\Program Files (x86)\Samsung Magician\SAMSUNG_SSD.dll
MOD - [2014/05/01 19:35:22 | 020,628,160 | ---- | M] () -- D:\Program Files (x86)\Steam\bin\libcef.dll
MOD - [2014/04/29 20:08:08 | 001,135,104 | ---- | M] () -- D:\Program Files (x86)\Steam\libavcodec-55.dll
MOD - [2014/04/29 20:08:08 | 000,471,552 | ---- | M] () -- D:\Program Files (x86)\Steam\libavutil-53.dll
MOD - [2014/04/29 20:08:08 | 000,404,992 | ---- | M] () -- D:\Program Files (x86)\Steam\libavformat-55.dll
MOD - [2014/04/29 20:08:08 | 000,340,992 | ---- | M] () -- D:\Program Files (x86)\Steam\libavresample-1.dll
MOD - [2014/04/28 20:37:22 | 000,519,168 | ---- | M] () -- D:\Program Files (x86)\Steam\libswscale-2.dll
MOD - [2014/02/12 13:56:33 | 000,399,872 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Xml.Linq\b6c7a1ca929c1b10f36b683c9f1a0517\System.Xml.Linq.ni.dll
MOD - [2014/02/12 13:56:15 | 000,190,976 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\UIAutomationTypes\75b6a68103e1b76063d9f69b8275ae61\UIAutomationTypes.ni.dll
MOD - [2014/02/12 13:56:14 | 000,018,944 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\Presentatio49d6fefe#\47e7fc401facd4a5d3f2237f16948f36\PresentationFramework-SystemXml.ni.dll
MOD - [2014/02/12 13:56:14 | 000,014,336 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\Presentatio4b37ff64#\0d3cb1df8b6af32cebdc6e2cc4948c69\PresentationFramework-SystemXmlLinq.ni.dll
MOD - [2014/02/12 00:24:08 | 018,813,440 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\Presentatio5ae0f00f#\a4b45c44490c75bc2fb22780e7ef087d\PresentationFramework.ni.dll
MOD - [2014/02/12 00:24:01 | 001,889,792 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Xaml\3fe705796c6a41d4889d9001d1c56af8\System.Xaml.ni.dll
MOD - [2014/02/12 00:23:59 | 012,894,208 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Windows.Forms\f4f6ee0df2aa4189bf36e6335cb92761\System.Windows.Forms.ni.dll
MOD - [2014/02/12 00:23:59 | 001,180,672 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Management\0893e0e7137e3b2da905da6216b75344\System.Management.ni.dll
MOD - [2014/02/12 00:23:55 | 011,025,920 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\PresentationCore\a74542efbeb46445949a39026c501132\PresentationCore.ni.dll
MOD - [2014/02/12 00:23:50 | 006,990,336 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Core\dce99d8de14d8a015313db98c72552ee\System.Core.ni.dll
MOD - [2014/02/12 00:23:50 | 001,644,544 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Drawing\5cd2aee5e7c07227c694d89219688ab3\System.Drawing.ni.dll
MOD - [2014/02/12 00:23:49 | 007,662,080 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Xml\bada32953bb6b16a53d653eae23d78dc\System.Xml.ni.dll
MOD - [2014/02/12 00:23:49 | 000,806,400 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Servd1dec626#\34b53ecafa1d7ccc7ca961d722b5d983\System.ServiceModel.Internals.ni.dll
MOD - [2014/02/12 00:23:49 | 000,122,880 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\SMDiagnostics\78652b7fa68ee058bff6a118c657f565\SMDiagnostics.ni.dll
MOD - [2014/02/12 00:23:48 | 002,825,216 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\SystemWebsite removed for spammingnteb92aa12#\f6d7bb59f318c130d68816a89335d05e\SystemWebsite removed for spammingntime.Serialization.ni.dll
MOD - [2014/02/12 00:23:47 | 003,950,080 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\WindowsBase\acf97bfe2a931d4a47253b26b7218991\WindowsBase.ni.dll
MOD - [2014/02/12 00:23:45 | 000,470,528 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\Presentatio1c9175f8#\75f8bc4cf08030c4a53b6d5e0ae20046\PresentationFramework.Aero.ni.dll
MOD - [2014/02/12 00:23:44 | 010,060,800 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System\ff26cc03e6d57d8abd13b990332e67c6\System.ni.dll
MOD - [2014/02/12 00:23:44 | 000,976,384 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Configuration\bbc48ec4245e502ae19b0601d3799c9e\System.Configuration.ni.dll
MOD - [2014/02/12 00:23:39 | 016,953,856 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\mscorlib\ce5f61c5754789df97be8dc991c47d07\mscorlib.ni.dll
MOD - [2014/01/20 14:17:04 | 000,073,544 | ---- | M] () -- C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll
MOD - [2014/01/20 14:16:38 | 001,044,808 | ---- | M] () -- C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll
MOD - [2014/01/02 21:09:26 | 003,610,624 | ---- | M] () -- C:\Users\Evan Kopilow\AppData\Roaming\Dropbox\bin\wxmsw28uh_vc.dll
MOD - [2013/08/23 15:01:44 | 025,100,288 | ---- | M] () -- C:\Users\Evan Kopilow\AppData\Roaming\Dropbox\bin\libcef.dll
MOD - [2013/06/14 19:49:12 | 001,100,800 | ---- | M] () -- D:\Program Files (x86)\Steam\bin\avcodec-53.dll
MOD - [2013/06/14 19:49:12 | 000,192,000 | ---- | M] () -- D:\Program Files (x86)\Steam\bin\avformat-53.dll
MOD - [2013/06/14 19:49:12 | 000,124,416 | ---- | M] () -- D:\Program Files (x86)\Steam\bin\avutil-51.dll
 
 
========== Services (SafeList) ==========
 
SRV:64bit: - [2014/05/30 05:21:05 | 000,111,616 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\IEEtwCollector.exe -- (IEEtwCollectorService)
SRV:64bit: - [2014/03/11 12:34:10 | 000,347,872 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Program Files\Microsoft Security Client\NisSrv.exe -- (NisSrv)
SRV:64bit: - [2014/03/11 12:34:10 | 000,023,808 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Microsoft Security Client\MsMpEng.exe -- (MsMpSvc)
SRV:64bit: - [2013/12/06 16:52:10 | 000,239,616 | ---- | M] (AMD) [Auto | Running] -- C:\Windows\SysNative\atiesrxx.exe -- (AMD External Events Utility)
SRV:64bit: - [2013/05/27 01:50:47 | 001,011,712 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV:64bit: - [2013/04/21 14:23:50 | 000,182,848 | ---- | M] (Soluto) [Auto | Running] -- C:\Program Files\Soluto\SolutoLauncherService.exe -- (SolutoLauncherService)
SRV:64bit: - [2013/04/21 14:23:48 | 000,721,472 | ---- | M] (Soluto) [Auto | Running] -- C:\Program Files\Soluto\SolutoService.exe -- (SolutoService)
SRV:64bit: - [2013/04/21 14:16:00 | 001,245,248 | ---- | M] (Soluto) [On_Demand | Stopped] -- C:\Program Files\Soluto\SolutoRemoteService.exe -- (SolutoRemoteService)
SRV:64bit: - [2010/04/06 16:30:38 | 000,031,272 | ---- | M] () [On_Demand | Stopped] -- C:\Windows\SysNative\AppleChargerSrv.exe -- (AppleChargerSrv)
SRV - [2014/06/18 02:23:30 | 000,119,408 | ---- | M] (Mozilla Foundation) [On_Demand | Stopped] -- C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance)
SRV - [2014/06/11 10:48:44 | 000,262,320 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)
SRV - [2014/05/29 13:36:52 | 000,543,424 | ---- | M] (Valve Corporation) [On_Demand | Running] -- C:\Program Files (x86)\Common Files\Steam\SteamService.exe -- (Steam Client Service)
SRV - [2014/05/21 09:32:04 | 000,358,984 | ---- | M] (Verizon) [Auto | Running] -- C:\Program Files (x86)\Verizon\IHA_MessageCenter\Bin\Verizon_IHAMessageCenter.exe -- (IHA_MessageCenter)
SRV - [2013/12/21 02:04:16 | 000,065,432 | ---- | M] (Adobe Systems Incorporated) [Auto | Running] -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe -- (AdobeARMservice)
SRV - [2013/11/07 02:52:56 | 000,279,000 | ---- | M] (Intel Corporation) [On_Demand | Stopped] -- C:\Windows\SysWOW64\IntelCpHeciSvc.exe -- (cphs)
SRV - [2013/10/23 08:15:08 | 000,172,192 | R--- | M] (Skype Technologies) [On_Demand | Running] -- C:\Program Files (x86)\Skype\Updater\Updater.exe -- (SkypeUpdate)
SRV - [2013/09/11 22:21:54 | 000,105,144 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32)
SRV - [2013/08/14 16:46:02 | 000,101,888 | ---- | M] (Freemake) [On_Demand | Stopped] -- C:\ProgramData\Freemake\FreemakeUtilsService\FreemakeUtilsService.exe -- (Freemake Improver)
SRV - [2013/05/23 16:12:02 | 000,143,120 | ---- | M] (SUPERAntiSpyware.com) [Auto | Running] -- D:\Program Files\SUPERAntiSpyware\SASCore64.exe -- (!SASCORE)
SRV - [2011/12/09 14:39:52 | 000,135,584 | ---- | M] (Futuremark Corporation) [On_Demand | Stopped] -- C:\Program Files (x86)\Futuremark\Futuremark SystemInfo\FMSISvc.exe -- (Futuremark SystemInfo Service)
SRV - [2011/08/08 17:39:32 | 002,656,536 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe -- (UNS)
SRV - [2011/08/08 17:39:26 | 000,325,912 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe -- (LMS)
SRV - [2009/10/13 16:39:46 | 000,114,688 | ---- | M] (Gigabyte Technology CO., LTD.) [Auto | Running] -- C:\Program Files (x86)\GIGABYTE\smart6\timelock\TimeMgmtDaemon.exe -- (Smart TimeLock)
SRV - [2009/06/10 17:23:09 | 000,066,384 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32)
SRV - [2007/01/15 17:14:38 | 000,774,144 | ---- | M] (Nero AG) [On_Demand | Stopped] -- D:\Program Files (x86)\Nero 7\Nero BackItUp\NBService.exe -- (NBService)
 
 
========== Driver Services (SafeList) ==========
 
DRV:64bit: - [2014/05/19 02:47:28 | 000,155,816 | ---- | M] (Razer Inc) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\rzudd.sys -- (rzudd)
DRV:64bit: - [2014/03/11 09:52:30 | 000,133,928 | ---- | M] (Microsoft Corporation) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\NisDrvWFP.sys -- (NisDrv)
DRV:64bit: - [2014/01/22 09:52:10 | 000,206,080 | ---- | M] (DEVGURU Co., LTD.(www.devguru.co.kr)) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ssudmdm.sys -- (ssudmdm)
DRV:64bit: - [2014/01/22 09:52:10 | 000,108,800 | ---- | M] (DEVGURU Co., LTD.(www.devguru.co.kr)) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ssudbus.sys -- (dg_ssudbus)
DRV:64bit: - [2013/12/06 17:52:14 | 013,207,552 | ---- | M] (Advanced Micro Devices, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\atikmdag.sys -- (amdkmdag)
DRV:64bit: - [2013/12/06 16:21:44 | 000,626,176 | ---- | M] (Advanced Micro Devices, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\atikmpag.sys -- (amdkmdap)
DRV:64bit: - [2013/11/07 02:52:44 | 005,363,200 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\igdkmd64.sys -- (igfx)
DRV:64bit: - [2013/10/01 22:22:20 | 000,056,832 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbFlt.sys -- (TsUsbFlt)
DRV:64bit: - [2013/09/24 10:53:50 | 000,094,208 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\AtihdW76.sys -- (AtiHDAudioService)
DRV:64bit: - [2013/09/20 11:52:42 | 000,016,152 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\SWDUMon.sys -- (SWDUMon)
DRV:64bit: - [2013/04/21 14:15:34 | 000,054,728 | ---- | M] (Soluto LTD.) [File_System | Boot | Running] -- C:\Windows\SysNative\drivers\Soluto.sys -- (Soluto)
DRV:64bit: - [2012/12/13 14:50:36 | 000,054,784 | ---- | M] (Apple, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\usbaapl64.sys -- (USBAAPL64)
DRV:64bit: - [2012/11/02 16:38:36 | 000,050,856 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\point64.sys -- (Point64)
DRV:64bit: - [2012/11/01 22:52:50 | 000,075,928 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\dc3d.sys -- (dc3d)
DRV:64bit: - [2012/08/23 10:10:20 | 000,019,456 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\rdpvideominiport.sys -- (RdpVideoMiniport)
DRV:64bit: - [2012/08/23 10:08:26 | 000,030,208 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbGD.sys -- (TsUsbGD)
DRV:64bit: - [2012/08/21 13:01:20 | 000,033,240 | ---- | M] (GEAR Software Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\GEARAspiWDM.sys -- (GEARAspiWDM)
DRV:64bit: - [2012/05/06 12:56:42 | 000,082,816 | ---- | M] (VSO Software) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\pcouffin.sys -- (pcouffin)
DRV:64bit: - [2012/03/01 02:46:16 | 000,023,408 | ---- | M] (Microsoft Corporation) [Recognizer | Boot | Unknown] -- C:\Windows\SysNative\drivers\fs_rec.sys -- (Fs_Rec)
DRV:64bit: - [2011/09/21 10:25:54 | 000,021,992 | ---- | M] (CPUID) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\cpuz135_x64.sys -- (cpuz135)
DRV:64bit: - [2011/05/16 10:55:28 | 000,533,096 | ---- | M] (Realtek                                            ) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Rt64win7.sys -- (RTL8167)
DRV:64bit: - [2011/03/11 02:41:12 | 000,107,904 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata)
DRV:64bit: - [2011/03/11 02:41:12 | 000,027,008 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata)
DRV:64bit: - [2011/01/10 18:16:08 | 000,021,104 | ---- | M] () [Kernel | System | Running] -- C:\Windows\SysNative\drivers\AppleCharger.sys -- (AppleCharger)
DRV:64bit: - [2010/11/20 23:23:47 | 000,078,720 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD)
DRV:64bit: - [2010/10/19 23:34:26 | 000,056,344 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\HECIx64.sys -- (MEIx64)
DRV:64bit: - [2009/08/21 02:52:10 | 000,079,976 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\xusb21.sys -- (xusb21)
DRV:64bit: - [2009/07/13 21:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs)
DRV:64bit: - [2009/07/13 21:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2)
DRV:64bit: - [2009/07/13 21:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor)
DRV:64bit: - [2009/06/10 16:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv)
DRV:64bit: - [2009/06/10 16:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv)
DRV:64bit: - [2009/06/10 16:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a)
DRV:64bit: - [2009/06/10 16:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir)
DRV:64bit: - [1999/12/31 20:00:00 | 000,331,264 | ---- | M] (Intel® Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\IntcDAud.sys -- (IntcDAud)
DRV:64bit: - [1999/12/31 20:00:00 | 000,088,832 | ---- | M] (Etron Technology Inc) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\EtronXHCI.sys -- (EtronXHCI)
DRV:64bit: - [1999/12/31 20:00:00 | 000,065,152 | ---- | M] (Etron Technology Inc) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\EtronHub3.sys -- (EtronHub3)
DRV - [2014/07/02 00:33:50 | 000,025,640 | ---- | M] (Windows ® Server 2003 DDK provider) [Kernel | On_Demand | Running] -- C:\Windows\gdrv.sys -- (gdrv)
DRV - [2013/01/03 15:07:47 | 000,030,528 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Windows\GVTDrv64.sys -- (GVTDrv64)
DRV - [2012/08/23 17:02:26 | 000,025,640 | ---- | M] (Windows ® Server 2003 DDK provider) [Kernel | On_Demand | Stopped] -- C:\Windows\etdrv.sys -- (etdrv)
DRV - [2011/07/22 12:26:56 | 000,014,928 | ---- | M] (SUPERAdBlocker.com and SUPERAntiSpyware.com) [Kernel | System | Running] -- D:\Program Files\SUPERAntiSpyware\sasdifsv64.sys -- (SASDIFSV)
DRV - [2011/07/12 17:55:18 | 000,012,368 | ---- | M] (SUPERAdBlocker.com and SUPERAntiSpyware.com) [Kernel | System | Running] -- D:\Program Files\SUPERAntiSpyware\saskutil64.sys -- (SASKUTIL)
DRV - [2009/07/13 21:19:10 | 000,019,008 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\wimmount.sys -- (WIMMount)
 
 
========== Standard Registry (SafeList) ==========
 
 
========== Internet Explorer ==========
 
IE:64bit: - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE:64bit: - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKLM\..\URLSearchHook: {687578b9-7132-4a7a-80e4-30ee31099e03} - C:\Program Files (x86)\uTorrentControl2\prxtbuTor.dll (Conduit Ltd.)
IE - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
 
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Secondary Start Pages =  [binary data]
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www22.verizon...ogin/Login.aspx
IE - HKCU\..\URLSearchHook: {687578b9-7132-4a7a-80e4-30ee31099e03} - C:\Program Files (x86)\uTorrentControl2\prxtbuTor.dll (Conduit Ltd.)
IE - HKCU\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKCU\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE11SR
IE - HKCU\..\SearchScopes\{0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9}: "URL" = http://search.babylon.com/?q={searchTerms}&AF=110018&babsrc=SP_ss&mntrId=d4f84c3200000000000050e549e97722
IE - HKCU\..\SearchScopes\{3BD44F0E-0596-4008-AEE0-45D47E3A8F0E}: "URL" = http://searchservice...l=Brwsr-v6IE&q={searchTerms}
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local
 
========== FireFox ==========
 
FF - prefs.js..browser.search.selectedEngine: "Google"
FF - prefs.js..browser.search.useDBForOrder: true
FF - prefs.js..browser.startup.homepage: "http://www.google.com/"
FF - prefs.js..extensions.enabledAddons: TFToolbarX%40torrent-finder:1.3.1
FF - prefs.js..extensions.enabledAddons: ex1%40icrewmax.com:3.6
FF - prefs.js..extensions.enabledAddons: artur.dubovoy%40gmail.com:5.9.1
FF - prefs.js..extensions.enabledAddons: %7B73a6fe31-595d-460b-a920-fcc0f8843232%7D:2.6.8.29
FF - prefs.js..extensions.enabledAddons: %7B37fa1426-b82d-11db-8314-0800200c9a66%7D:3.4.2
FF - prefs.js..extensions.enabledAddons: %7B972ce4c6-7e08-4474-a285-3208198ce6fd%7D:30.0
FF - prefs.js..keyword.URL: "http://search.condui...46415219&UM=&q="
 
 
FF:64bit: - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF64_14_0_0_125.dll File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files\Microsoft Silverlight\5.1.30214.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_14_0_0_125.dll ()
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=:  File not found
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: D:\iTunes\Mozilla Plugins\npitunes.dll ()
FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.55.2: C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.55.2: C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files (x86)\Microsoft Silverlight\5.1.30214.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@pandonetworks.com/PandoWebPlugin: C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks)
FF - HKLM\Software\MozillaPlugins\@raidcall.en/RCplugin: C:\Users\Evan Kopilow\AppData\Roaming\raidcall\plugins\nprcplugin.dll (Raidcall)
FF - HKLM\Software\MozillaPlugins\@videolan.org/vlc,version=2.0.8: D:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF - HKLM\Software\MozillaPlugins\@videolan.org/vlc,version=2.1.0: C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF - HKLM\Software\MozillaPlugins\@videolan.org/vlc,version=2.1.1: C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF - HKLM\Software\MozillaPlugins\@videolan.org/vlc,version=2.1.2: C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF - HKLM\Software\MozillaPlugins\@videolan.org/vlc,version=2.1.3: C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF - HKCU\Software\MozillaPlugins\pandonetworks.com/PandoWebPlugin: C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks)
 
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 30.0\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2014/06/18 02:23:15 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 30.0\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2014/06/18 02:23:15 | 000,000,000 | ---D | M]
FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Firefox 30.0\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2014/06/18 02:23:15 | 000,000,000 | ---D | M]
FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Firefox 30.0\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2014/06/18 02:23:15 | 000,000,000 | ---D | M]
 
[2012/04/10 10:50:54 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Evan Kopilow\AppData\Roaming\Mozilla\Extensions
[2014/06/27 19:29:50 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Evan Kopilow\AppData\Roaming\Mozilla\Firefox\Profiles\qpz899co.default\extensions
[2013/04/07 13:02:48 | 000,000,000 | ---D | M] (Winamp Toolbar) -- C:\Users\Evan Kopilow\AppData\Roaming\Mozilla\Firefox\Profiles\qpz899co.default\extensions\{0b38152b-1b20-484d-a11f-5e04a9b0661f}
[2013/11/11 22:52:22 | 000,000,000 | ---D | M] (uTorrentControl2) -- C:\Users\Evan Kopilow\AppData\Roaming\Mozilla\Firefox\Profiles\qpz899co.default\extensions\{687578b9-7132-4a7a-80e4-30ee31099e03}
[2014/05/14 17:37:37 | 000,000,000 | ---D | M] ("Flash Video Downloader - Full HD Download") -- C:\Users\Evan Kopilow\AppData\Roaming\Mozilla\Firefox\Profiles\qpz899co.default\extensions\artur.dubovoyEmail Removed
[2014/04/24 15:50:52 | 000,057,781 | ---- | M] () (No name found) -- C:\Users\Evan Kopilow\AppData\Roaming\Mozilla\Firefox\Profiles\qpz899co.default\extensions\[email protected]
[2014/04/08 03:16:26 | 000,625,308 | ---- | M] () (No name found) -- C:\Users\Evan Kopilow\AppData\Roaming\Mozilla\Firefox\Profiles\qpz899co.default\extensions\[email protected]
[2013/01/30 10:35:10 | 000,119,925 | ---- | M] () (No name found) -- C:\Users\Evan Kopilow\AppData\Roaming\Mozilla\Firefox\Profiles\qpz899co.default\extensions\[email protected]
[2014/06/20 21:41:17 | 000,009,259 | ---- | M] () (No name found) -- C:\Users\Evan Kopilow\AppData\Roaming\Mozilla\Firefox\Profiles\qpz899co.default\extensions\[email protected]
[2014/06/27 19:29:50 | 000,220,046 | ---- | M] () (No name found) -- C:\Users\Evan Kopilow\AppData\Roaming\Mozilla\Firefox\Profiles\qpz899co.default\extensions\{37fa1426-b82d-11db-8314-0800200c9a66}.xpi
[2014/06/24 08:52:53 | 000,516,098 | ---- | M] () (No name found) -- C:\Users\Evan Kopilow\AppData\Roaming\Mozilla\Firefox\Profiles\qpz899co.default\extensions\{73a6fe31-595d-460b-a920-fcc0f8843232}.xpi
[2014/06/10 17:17:35 | 000,967,387 | ---- | M] () (No name found) -- C:\Users\Evan Kopilow\AppData\Roaming\Mozilla\Firefox\Profiles\qpz899co.default\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi
[2014/06/18 02:23:15 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\Mozilla Firefox\extensions
[2014/06/18 02:23:15 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0033-ABCDEFFEDCBA}
[2014/06/18 02:23:15 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0035-ABCDEFFEDCBA}
[2014/06/18 02:23:15 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\Mozilla Firefox\browser\extensions
[2014/06/18 02:23:31 | 000,000,000 | ---D | M] (Default) -- C:\Program Files (x86)\Mozilla Firefox\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
File not found (No name found) -- C:\PROGRAMDATA\AVG SECURE SEARCH\FIREFOXEXT\17.2.0.38
[2011/12/09 13:23:32 | 000,012,800 | ---- | M] (Nullsoft, Inc.) -- C:\Program Files (x86)\mozilla firefox\plugins\npwachk.dll
 
O1 HOSTS File: ([2009/06/10 17:00:26 | 000,000,824 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts
O2 - BHO: (Winamp Toolbar Loader) - {25CEE8EC-5730-41bc-8B58-22DDC8AB8C20} - C:\Program Files (x86)\Winamp Toolbar\winamptb.dll (AOL Inc.)
O2 - BHO: (uTorrentControl2 Toolbar) - {687578b9-7132-4a7a-80e4-30ee31099e03} - C:\Program Files (x86)\uTorrentControl2\prxtbuTor.dll (Conduit Ltd.)
O2 - BHO: (Java™ Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
O2 - BHO: (no name) - {95B7759C-8C7F-4BF1-B163-73684A933233} - No CLSID value found.
O2 - BHO: (Java™ Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
O3 - HKLM\..\Toolbar: (uTorrentControl2 Toolbar) - {687578b9-7132-4a7a-80e4-30ee31099e03} - C:\Program Files (x86)\uTorrentControl2\prxtbuTor.dll (Conduit Ltd.)
O3 - HKLM\..\Toolbar: (Winamp Toolbar) - {EBF2BA02-9094-4c5a-858B-BB198F3D8DE2} - C:\Program Files (x86)\Winamp Toolbar\winamptb.dll (AOL Inc.)
O3 - HKCU\..\Toolbar\WebBrowser: (uTorrentControl2 Toolbar) - {687578B9-7132-4A7A-80E4-30EE31099E03} - C:\Program Files (x86)\uTorrentControl2\prxtbuTor.dll (Conduit Ltd.)
O3 - HKCU\..\Toolbar\WebBrowser: (Winamp Toolbar) - {EBF2BA02-9094-4C5A-858B-BB198F3D8DE2} - C:\Program Files (x86)\Winamp Toolbar\winamptb.dll (AOL Inc.)
O4:64bit: - HKLM..\Run: [HotKeysCmds] C:\Windows\SysNative\hkcmd.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [IgfxTray] C:\Windows\SysNative\igfxtray.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [IntelliPoint] C:\Program Files\Microsoft Mouse and Keyboard Center\ipoint.exe (Microsoft Corporation)
O4:64bit: - HKLM..\Run: [IntelliType Pro] C:\Program Files\Microsoft Mouse and Keyboard Center\itype.exe (Microsoft Corporation)
O4:64bit: - HKLM..\Run: [MSC] C:\Program Files\Microsoft Security Client\msseces.exe (Microsoft Corporation)
O4:64bit: - HKLM..\Run: [Persistence] C:\Windows\SysNative\igfxpers.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [RtHDVCpl] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe (Realtek Semiconductor)
O4 - HKLM..\Run: []  File not found
O4 - HKLM..\Run: [APSDaemon] C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe (Apple Inc.)
O4 - HKLM..\Run: [Razer Synapse] C:\Program Files (x86)\Razer\Synapse\RzSynapse.exe (Razer Inc.)
O4 - HKLM..\Run: [StartCCC] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\amd64\CLIStart.exe (Advanced Micro Devices, Inc.)
O4 - HKCU..\Run: [BackgroundContainer] C:\Users\Evan Kopilow\AppData\Local\Conduit\BackgroundContainer\BackgroundContainer.dll (Conduit Ltd.)
O4 - HKCU..\Run: [f.lux] C:\Users\Evan Kopilow\AppData\Local\FluxSoftware\Flux\flux.exe (Flux Software LLC)
O4:64bit: - HKLM..\RunOnce: [RPMKickstart] C:\Program Files\GIGABYTE\SMART6\Recovery\RPMKickstart.exe (Gigabyte Technology CO., LTD.)
O4 - Startup: C:\Users\Evan Kopilow\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Samsung Magician.lnk = C:\Windows\SysWOW64\schtasks.exe (Microsoft Corporation)
O4 - Startup: C:\Users\Evan Kopilow\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\SpeedFan.lnk =  File not found
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: PromptOnSecureDesktop = 0
O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000007 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000007 [] - C:\Program Files (x86)\Bonjour\mdnsNSP.dll (Apple Inc.)
O1364bit: - gopher Prefix: missing
O13 - gopher Prefix: missing
O15 - HKCU\..Trusted Domains: verizon.net ([activate] https in Trusted sites)
O15 - HKCU\..Trusted Domains: verizon.net ([activatemydsl] https in Trusted sites)
O15 - HKCU\..Trusted Domains: verizon.net ([activatemyfios] https in Trusted sites)
O15 - HKCU\..Trusted Domains: verizon.net ([activatemyhsi] https in Trusted sites)
O15 - HKCU\..Trusted Domains: verizon.net ([activatemywifi] https in Trusted sites)
O15 - HKCU\..Trusted Domains: verizon.net ([wbadownload] https in Trusted sites)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/...indows-i586.cab (Java Plug-in 10.55.2)
O16 - DPF: {CAFEEFAC-0017-0000-0051-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.7.0_51)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 10.55.2)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{0D22C8E2-A8B1-4FA7-8886-7DFC39D6AA92}: DhcpNameServer = 192.168.1.1
O18:64bit: - Protocol\Handler\skype4com - No CLSID value found
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: UserInit - (c:\windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: UserInit - (c:\program files\soluto\soluto.exe /userinit) - c:\program files\soluto\soluto.exe (Soluto)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (userinit.exe) - C:\Windows\SysWow64\userinit.exe (Microsoft Corporation)
O20:64bit: - Winlogon\Notify\igfxcui: DllName - (igfxdev.dll) - C:\Windows\SysNative\igfxdev.dll (Intel Corporation)
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O32 - HKLM CDRom: AutoRun - 1
O33 - MountPoints2\{5625bff4-8119-11e2-a428-50e549e97722}\Shell - "" = AutoRun
O33 - MountPoints2\{5625bff4-8119-11e2-a428-50e549e97722}\Shell\AutoRun\command - "" = H:\ToolLauncher-Bootstrap.exe
O33 - MountPoints2\{8fec731b-8330-11e1-982c-806e6f6e6963}\Shell - "" = AutoRun
O33 - MountPoints2\{8fec731b-8330-11e1-982c-806e6f6e6963}\Shell\AutoRun\command - "" = D:\Run.exe
O33 - MountPoints2\{a0a3cf5c-c480-11e2-b96d-50e549e97722}\Shell - "" = AutoRun
O33 - MountPoints2\{a0a3cf5c-c480-11e2-b96d-50e549e97722}\Shell\AutoRun\command - "" = J:\VZW_Software_upgrade_assistant.exe
O33 - MountPoints2\J\Shell - "" = AutoRun
O33 - MountPoints2\J\Shell\AutoRun\command - "" = J:\VZW_Software_upgrade_assistant.exe
O34 - HKLM BootExecute: (autocheck autochk *)
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)
 
========== Files/Folders - Created Within 30 Days ==========
 
[2014/07/02 00:39:55 | 000,602,112 | ---- | C] (OldTimer Tools) -- C:\Users\Evan Kopilow\Desktop\OTL.exe
[2014/07/02 00:35:13 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Samsung Magician
[2014/06/29 19:18:35 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Trend Micro
[2014/06/29 19:18:35 | 000,000,000 | ---D | C] -- C:\Users\Evan Kopilow\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\HiJackThis
[2014/06/24 13:19:18 | 000,000,000 | ---D | C] -- C:\Users\Evan Kopilow\Desktop\Phone pictures
[2014/06/18 02:23:15 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Mozilla Firefox
[2014/06/14 18:36:14 | 000,000,000 | ---D | C] -- C:\Users\Evan Kopilow\AppData\Local\Adobe
[2014/06/10 16:26:01 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Skype
[2014/06/10 16:05:12 | 000,592,896 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\jscript9diag.dll
[2014/06/10 16:05:12 | 000,069,632 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mshtmled.dll
[2014/06/10 16:05:12 | 000,051,200 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieetwproxystub.dll
[2014/06/10 16:05:12 | 000,048,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieetwproxystub.dll
[2014/06/10 16:05:12 | 000,032,256 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\JavaScriptCollectionAgent.dll
[2014/06/10 16:05:11 | 000,061,952 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\iesetup.dll
[2014/06/10 16:05:11 | 000,038,400 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\JavaScriptCollectionAgent.dll
[2014/06/10 16:05:10 | 001,964,544 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\inetcpl.cpl
[2014/06/10 16:05:10 | 000,631,808 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msfeeds.dll
[2014/06/10 16:05:10 | 000,452,096 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\dxtmsft.dll
[2014/06/10 16:05:10 | 000,440,832 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieui.dll
[2014/06/10 16:05:10 | 000,111,616 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieetwcollector.exe
[2014/06/10 16:05:10 | 000,032,768 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\iernonce.dll
[2014/06/10 16:05:10 | 000,004,096 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieetwcollectorres.dll
[2014/06/10 16:05:09 | 002,040,832 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\inetcpl.cpl
[2014/06/10 16:05:09 | 000,608,768 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ie4uinit.exe
[2014/06/10 16:05:09 | 000,066,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\iesetup.dll
[2014/06/10 16:05:08 | 001,068,032 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mshtmlmedia.dll
[2014/06/10 16:05:08 | 000,704,512 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieapfltr.dll
[2014/06/10 16:05:08 | 000,112,128 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieUnatt.exe
[2014/06/10 16:05:08 | 000,033,792 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\iernonce.dll
[2014/06/10 16:05:07 | 000,574,976 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieui.dll
[2014/06/10 16:05:07 | 000,295,424 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\dxtrans.dll
[2014/06/10 16:05:07 | 000,164,864 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msrating.dll
[2014/06/10 16:05:06 | 005,782,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\jscript9.dll
[2014/06/10 16:05:06 | 001,249,280 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mshtmlmedia.dll
[2014/06/10 16:05:06 | 000,752,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\jscript9diag.dll
[2014/06/10 16:05:06 | 000,548,352 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\vbscript.dll
[2014/06/10 16:05:06 | 000,139,264 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieUnatt.exe
[2014/06/10 16:05:06 | 000,085,504 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mshtmled.dll
[2014/06/10 16:05:05 | 000,940,032 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\MsSpellCheckingFacility.exe
[2014/06/10 16:05:05 | 000,846,336 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieapfltr.dll
[2014/06/10 16:05:05 | 000,195,584 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msrating.dll
[2014/06/10 16:04:58 | 003,178,496 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\rdpcorets.dll
[2014/06/10 16:04:58 | 000,288,192 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\FWPKCLNT.SYS
[2014/06/10 16:04:58 | 000,016,384 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\RdpGroupPolicyExtension.dll
[2014/06/10 16:04:57 | 000,801,280 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\usp10.dll
[2014/06/10 16:04:57 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msxml6r.dll
[2014/06/10 16:04:57 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msxml6r.dll
[2014/06/10 16:04:57 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msxml3r.dll
[2014/06/10 16:04:57 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msxml3r.dll
[2014/06/10 16:04:56 | 000,506,368 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\aepdu.dll
[2014/06/10 16:04:55 | 000,424,448 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\aeinv.dll
[2012/05/06 12:56:42 | 000,082,816 | ---- | C] (VSO Software) -- C:\Users\Evan Kopilow\AppData\Roaming\pcouffin.sys
 
========== Files - Modified Within 30 Days ==========
 
[2014/07/02 00:40:51 | 000,022,064 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2014/07/02 00:40:51 | 000,022,064 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2014/07/02 00:39:57 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Evan Kopilow\Desktop\OTL.exe
[2014/07/02 00:39:42 | 000,782,510 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2014/07/02 00:39:42 | 000,662,400 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2014/07/02 00:39:42 | 000,122,268 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2014/07/02 00:35:13 | 000,001,744 | ---- | M] () -- C:\Users\Evan Kopilow\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Samsung Magician.lnk
[2014/07/02 00:33:50 | 000,025,640 | ---- | M] (Windows ® Server 2003 DDK provider) -- C:\Windows\gdrv.sys
[2014/07/02 00:33:48 | 000,000,350 | ---- | M] () -- C:\Windows\tasks\AVG-Secure-Search-Update_JUNE2013_TB_rmv.job
[2014/07/02 00:33:48 | 000,000,350 | ---- | M] () -- C:\Windows\tasks\AVG-Secure-Search-Update_JUNE2013_HP_rmv.job
[2014/07/02 00:33:41 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2014/07/02 00:33:34 | 4229,779,454 | -HS- | M] () -- C:\hiberfil.sys
[2014/06/29 20:06:00 | 000,000,830 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
[2014/06/29 19:23:04 | 000,016,037 | ---- | M] () -- C:\Users\Evan Kopilow\Desktop\99 load.gif
[2014/06/29 19:18:35 | 000,003,007 | ---- | M] () -- C:\Users\Evan Kopilow\Desktop\HiJackThis.lnk
[2014/06/29 19:17:30 | 001,402,880 | ---- | M] () -- C:\Users\Evan Kopilow\Desktop\HiJackThis.msi
[2014/06/28 06:46:28 | 580,129,489 | ---- | M] () -- C:\Windows\MEMORY.DMP
[2014/06/25 13:30:44 | 000,001,117 | ---- | M] () -- C:\Users\Public\Desktop\Vz  In-Home Agent.lnk
[2014/06/24 13:20:03 | 000,001,058 | ---- | M] () -- C:\Users\Evan Kopilow\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk
[2014/06/18 11:46:14 | 000,002,044 | ---- | M] () -- C:\Users\Evan Kopilow\Application Data\Microsoft\Internet Explorer\Quick Launch\Mozilla Firefox.lnk
[2014/06/11 10:48:44 | 000,699,056 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerApp.exe
[2014/06/11 10:48:44 | 000,071,344 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl
[2014/06/08 05:13:05 | 000,506,368 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\aepdu.dll
[2014/06/08 05:08:04 | 000,424,448 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\aeinv.dll
 
========== Files Created - No Company Name ==========
 
[2014/07/02 00:35:13 | 000,001,744 | ---- | C] () -- C:\Users\Evan Kopilow\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Samsung Magician.lnk
[2014/06/29 19:23:04 | 000,016,037 | ---- | C] () -- C:\Users\Evan Kopilow\Desktop\99 load.gif
[2014/06/29 19:18:35 | 000,003,007 | ---- | C] () -- C:\Users\Evan Kopilow\Desktop\HiJackThis.lnk
[2014/06/29 19:17:29 | 001,402,880 | ---- | C] () -- C:\Users\Evan Kopilow\Desktop\HiJackThis.msi
[2014/06/25 13:30:44 | 000,001,117 | ---- | C] () -- C:\Users\Public\Desktop\Vz  In-Home Agent.lnk
[2014/06/24 08:59:45 | 000,001,058 | ---- | C] () -- C:\Users\Evan Kopilow\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk
[2014/02/12 12:05:09 | 000,000,114 | ---- | C] () -- C:\Users\Evan Kopilow\AppData\Roaming\Dogecoin.conf
[2013/12/06 17:44:26 | 000,038,912 | ---- | C] () -- C:\Windows\SysWow64\kdbsdk32.dll
[2013/11/07 02:52:42 | 000,077,312 | ---- | C] () -- C:\Windows\SysWow64\igdde32.dll
[2013/03/28 22:13:14 | 000,798,734 | ---- | C] () -- C:\Windows\SysWow64\amdocl_ld32.exe
[2013/03/28 22:13:12 | 000,995,342 | ---- | C] () -- C:\Windows\SysWow64\amdocl_as32.exe
[2012/12/10 21:45:50 | 000,002,048 | ---- | C] () -- C:\Users\Evan Kopilow\comdrv8z.bin
[2012/11/20 00:17:57 | 000,000,193 | ---- | C] () -- C:\ProgramData\Microsoft.SqlServer.Compact.351.64.bc
[2012/10/10 03:22:28 | 000,272,928 | ---- | C] () -- C:\Windows\SysWow64\igvpkrng600.bin
[2012/10/10 03:22:20 | 000,963,452 | ---- | C] () -- C:\Windows\SysWow64\igcodeckrng600.bin
[2012/05/06 12:57:06 | 000,001,057 | ---- | C] () -- C:\Users\Evan Kopilow\AppData\Roaming\vso_ts_preview.xml
[2012/05/06 12:56:42 | 000,099,384 | ---- | C] () -- C:\Users\Evan Kopilow\AppData\Roaming\inst.exe
[2012/05/06 12:56:42 | 000,007,859 | ---- | C] () -- C:\Users\Evan Kopilow\AppData\Roaming\pcouffin.cat
[2012/05/06 12:56:42 | 000,001,167 | ---- | C] () -- C:\Users\Evan Kopilow\AppData\Roaming\pcouffin.inf
[2012/04/13 10:54:19 | 000,007,601 | ---- | C] () -- C:\Users\Evan Kopilow\AppData\Local\Resmon.ResmonCfg
 
========== ZeroAccess Check ==========
 
[2009/07/14 00:55:00 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini
 
[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
 
[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
 
[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] /64
 
[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
"" = C:\Windows\SysNative\shell32.dll -- [2014/03/24 22:43:12 | 014,175,744 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
 
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2014/03/24 22:09:54 | 012,874,240 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\fastprox.dll -- [2009/07/13 21:40:51 | 000,909,312 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
 
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2010/11/20 23:24:25 | 000,606,208 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\wbemess.dll -- [2009/07/13 21:41:56 | 000,505,856 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both
 
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]

< End of report >
 

 

Extras Log

 

OTL Extras logfile created on: 7/2/2014 12:40:39 AM - Run 1
OTL by OldTimer - Version 3.2.69.0     Folder = C:\Users\Evan Kopilow\Desktop
64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.11.9600.17126)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy
 
15.92 Gb Total Physical Memory | 13.15 Gb Available Physical Memory | 82.58% Memory free
31.84 Gb Paging File | 28.75 Gb Available in Paging File | 90.32% Paging File free
Paging file location(s): c:\pagefile.sys 0 0 [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 232.78 Gb Total Space | 146.28 Gb Free Space | 62.84% Space Free | Partition Type: NTFS
Drive D: | 931.51 Gb Total Space | 594.45 Gb Free Space | 63.82% Space Free | Partition Type: NTFS
Drive E: | 931.51 Gb Total Space | 865.01 Gb Free Space | 92.86% Space Free | Partition Type: NTFS
Drive F: | 111.79 Gb Total Space | 71.39 Gb Free Space | 63.86% Space Free | Partition Type: NTFS
Drive G: | 702.83 Mb Total Space | 479.74 Mb Free Space | 68.26% Space Free | Partition Type: UDF
Drive H: | 55.90 Gb Total Space | 45.31 Gb Free Space | 81.06% Space Free | Partition Type: NTFS
 
Computer Name: LJSMONSTER | User Name: Evan Kopilow | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
 
========== Extra Registry (SafeList) ==========
 
 
========== File Associations ==========
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.html[@ = htmlfile] -- C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation)
.url[@ = InternetShortcut] -- C:\Windows\SysNative\rundll32.exe (Microsoft Corporation)
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\SysWow64\control.exe (Microsoft Corporation)
.html [@ = htmlfile] -- C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation)
 
[HKEY_CURRENT_USER\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation)
 
========== Shell Spawning ==========
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [edit] -- Reg Error: Key error.
htmlfile [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
htmlfile [opennew] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
htmlfile [print] -- "%systemroot%\system32\rundll32.exe" "%systemroot%\system32\mshtml.dll",PrintHTML "%1"
http [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
https [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
InternetShortcut [open] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll",OpenURL %l (Microsoft Corporation)
InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" (VideoLAN)
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" (VideoLAN)
Directory [Winamp.Bookmark] -- "C:\Program Files (x86)\Winamp\winamp.exe" /BOOKMARK "%1" (Nullsoft, Inc.)
Directory [Winamp.Enqueue] -- "C:\Program Files (x86)\Winamp\winamp.exe" /ADD "%1" (Nullsoft, Inc.)
Directory [Winamp.Play] -- "C:\Program Files (x86)\Winamp\winamp.exe" "%1" (Nullsoft, Inc.)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Applications\iexplore.exe [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
CLSID\{871C5380-42A0-1069-A2EA-08002B30309D} [OpenHomePage] -- "C:\Program Files\Internet Explorer\iexplore.exe" (Microsoft Corporation)
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [edit] -- Reg Error: Key error.
htmlfile [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
htmlfile [opennew] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
htmlfile [print] -- "%systemroot%\system32\rundll32.exe" "%systemroot%\system32\mshtml.dll",PrintHTML "%1"
http [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
https [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" (VideoLAN)
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" (VideoLAN)
Directory [Winamp.Bookmark] -- "C:\Program Files (x86)\Winamp\winamp.exe" /BOOKMARK "%1" (Nullsoft, Inc.)
Directory [Winamp.Enqueue] -- "C:\Program Files (x86)\Winamp\winamp.exe" /ADD "%1" (Nullsoft, Inc.)
Directory [Winamp.Play] -- "C:\Program Files (x86)\Winamp\winamp.exe" "%1" (Nullsoft, Inc.)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Applications\iexplore.exe [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
CLSID\{871C5380-42A0-1069-A2EA-08002B30309D} [OpenHomePage] -- Reg Error: Value error.
 
========== Security Center Settings ==========
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = 28 4D B2 76 41 04 CA 01  [binary data]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
 
========== Firewall Settings ==========
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0
 
========== Authorized Applications List ==========
 
 
========== Vista Active Open Ports Exception List ==========
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{0DCE5A06-F21C-4AD2-964C-4641AA4709FD}" = lport=137 | protocol=17 | dir=in | app=system |
"{3BA67F86-F891-4826-81AF-26AE1A80C860}" = rport=137 | protocol=17 | dir=out | app=system |
"{3C63694B-7791-48B3-9575-94B9DF18F0DA}" = rport=2177 | protocol=6 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{4CBCD34D-190F-48AC-A4E0-06DF50B8A28D}" = rport=138 | protocol=17 | dir=out | app=system |
"{502E23E6-DF24-4941-B7DF-AB64E2A1C163}" = lport=2177 | protocol=17 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{52E363CB-BF0F-482C-97AD-3EC3AD85CEB6}" = lport=139 | protocol=6 | dir=in | app=system |
"{5843A95D-1266-453C-B517-A3FCF8FA58AA}" = rport=445 | protocol=6 | dir=out | app=system |
"{5B963802-FFC2-4C69-86AA-BB4B44B2EDF3}" = lport=2869 | protocol=6 | dir=in | app=system |
"{5DBB556B-1BB2-4806-9677-BF4C9D1C3233}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{6F403AA1-27B0-4018-944C-F760C32F3304}" = rport=10243 | protocol=6 | dir=out | app=system |
"{78A2382A-3913-495D-BB4E-10F1B50B3420}" = rport=2177 | protocol=17 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{7E81D403-93DE-4DA8-B4FA-27B08389648B}" = lport=50000 | protocol=17 | dir=in | name=iha_messagecenter |
"{8BAD8132-F7E7-44D7-988E-E63203A0DDCD}" = lport=10243 | protocol=6 | dir=in | app=system |
"{8BB652FA-B3F3-4B75-910E-36629F16BA70}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{8FE7C698-410F-4071-B537-12860C7B3468}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{98C3ED1B-F310-45DF-8B90-ABEAEC0A8B87}" = lport=138 | protocol=17 | dir=in | app=system |
"{ACA8B32F-5C01-4C4B-B71D-00B1FBA52F28}" = rport=139 | protocol=6 | dir=out | app=system |
"{C64A6A6C-C8A4-4120-9B36-DD15852DF519}" = lport=445 | protocol=6 | dir=in | app=system |
"{D4E2101C-8041-4AC0-A133-EAB9C074615F}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{D5E47525-ACC9-4BEA-B083-BEA2BB83B371}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{D65D1416-0316-4EEF-AAE8-2A2BBEBDDA88}" = lport=rpc | protocol=6 | dir=in | svc=spooler | app=%systemroot%\system32\spoolsv.exe |
"{DF67E36B-4752-484A-BAD5-010A0A9CFE35}" = lport=50000 | protocol=17 | dir=in | name=iha_messagecenter |
"{E208381E-C511-4DE1-B16C-2C7ED34F99B0}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{EA90D2CD-5281-4D6C-8056-F693CE66FB2F}" = lport=2177 | protocol=6 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{FAD99143-C763-4CE4-BB5C-FB85CA96C324}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | [email protected],-28539 |
 
========== Vista Active Application Exception List ==========
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{0230F39C-B415-47E9-AA00-C331F6092DDF}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe |
"{0806DE3C-6081-49E0-864B-C37DE5029396}" = dir=in | app=c:\program files\soluto\solutoconsole.exe |
"{092DF1FF-BCDF-41DC-920F-6F474136A7A4}" = protocol=6 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe |
"{0A98DC46-20EE-4FAE-86F1-2B152080DBBC}" = protocol=58 | dir=out | [email protected],-28546 |
"{0C47B138-66B8-4891-A313-2BFFE1CFA422}" = protocol=6 | dir=in | app=c:\program files (x86)\bonjour\mdnsresponder.exe |
"{1274B5D1-A88D-4B3D-8142-FA5FA0EF9B40}" = protocol=17 | dir=in | app=d:\program files (x86)\steam\steamapps\common\skyrim\skyrimlauncher.exe |
"{1624EA34-0629-4F06-BB43-3C5EDFA5F5DC}" = dir=in | app=d:\itunes\itunes.exe |
"{17D34ED3-DA47-414E-9857-5AE6A9EF554B}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{1EA63A46-1742-4413-96F4-396591ADE0FF}" = protocol=6 | dir=in | app=h:\program files (x86)\steam\steamapps\common\steamapps\common\dota 2 beta\dota.exe |
"{20ACA34B-EFF4-4C1F-8FE8-62FEA4CC6562}" = protocol=6 | dir=in | app=c:\program files (x86)\pando networks\media booster\pmb.exe |
"{23B2E341-F426-4C1F-B7D6-E079118B40EE}" = protocol=17 | dir=in | app=c:\program files (x86)\bonjour\mdnsresponder.exe |
"{268EE43C-920B-49CD-9E61-CDE41DEAC51D}" = protocol=17 | dir=in | app=h:\program files (x86)\steam\steamapps\common\steamapps\common\dota 2 beta\dota.exe |
"{28A68795-EEF0-47D9-9F34-EF1066E9BEFF}" = protocol=6 | dir=in | app=d:\program files (x86)\steam\steamapps\common\kerbal space program demo\ksp.exe |
"{2AE915A0-9C34-4C62-B212-612A6EE9DADF}" = protocol=17 | dir=in | app=h:\program files (x86)\steam\steamapps\common\steamapps\common\dota 2 beta\dota.exe |
"{2E12A77A-664E-4089-983E-69D57171B456}" = protocol=17 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{304760CD-B699-48E9-8458-BCBD8F6EB111}" = protocol=6 | dir=in | app=d:\program files (x86)\steam\steamapps\common\nmrih\sdk\bin\hammer.bat |
"{31C456AB-1A1C-4534-8C33-1E535A1BF596}" = protocol=17 | dir=in | app=h:\program files (x86)\steam\steamapps\common\steamapps\common\dota 2 beta\dota.exe |
"{34E6BA5D-192B-48BF-BE92-466D849EF48F}" = protocol=6 | dir=in | app=d:\program files (x86)\steam\steamapps\common\left 4 dead 2\left4dead2.exe |
"{370E374B-3281-4B20-BD88-E9A627B3D226}" = protocol=17 | dir=in | app=d:\program files (x86)\steam\steamapps\common\kerbal space program demo\ksp.exe |
"{3D363E8A-6E9D-4CC4-98C1-EB703F9A7D1B}" = protocol=17 | dir=in | app=h:\program files (x86)\steam\steamapps\common\steamapps\common\dota 2 beta\dota.exe |
"{3DB46DAC-5426-4FDB-A9A9-21D1917C7014}" = protocol=17 | dir=in | app=h:\program files (x86)\steam\steamapps\common\steamapps\common\dota 2 beta\dota.exe |
"{4015E30C-4FD7-437E-8EA6-27C476F623B8}" = protocol=17 | dir=in | app=c:\users\evan kopilow\appdata\roaming\utorrent\utorrent.exe |
"{42872D4C-0448-42CA-B858-90CA26BED7EE}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
"{4A077DDF-8498-423A-815C-E7C03067051B}" = protocol=17 | dir=in | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{4A947C45-322D-453C-A619-FE0203A7163A}" = dir=in | app=c:\program files (x86)\pando networks\media booster\pmb.exe |
"{4E0D2FC4-9831-41CB-90EB-BCA4E2B67CC0}" = protocol=6 | dir=in | app=h:\program files (x86)\steam\steamapps\common\steamapps\common\dota 2 beta\dota.exe |
"{5167ECAF-65E5-4FE7-B68A-BA6797D7C4A3}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{54F08BFC-5360-4470-9158-0F1CC3FA2EB7}" = protocol=58 | dir=in | [email protected],-28545 |
"{59C8BE3D-8254-47E8-8FBA-2BA81D701DF9}" = protocol=17 | dir=in | app=d:\program files (x86)\steam\steamapps\common\nmrih\sdk\hl2.exe |
"{6440A917-C11E-458F-8AC0-E6208068074A}" = protocol=1 | dir=out | [email protected],-28544 |
"{6650C762-1DB4-4858-83DC-A9610636C0CA}" = protocol=6 | dir=in | app=d:\program files (x86)\steam\steamapps\common\skyrim\skyrimlauncher.exe |
"{6D675BA4-7678-4290-89E3-A16A6D13D5B0}" = protocol=17 | dir=in | app=h:\program files (x86)\steam\steamapps\common\steamapps\common\dota 2 beta\dota.exe |
"{6E517FE3-6CDC-4D7D-B912-8E1D8CF9C2CA}" = protocol=17 | dir=in | app=c:\program files (x86)\pando networks\media booster\pmb.exe |
"{75307B20-1338-4F42-BF26-A7E37EE80430}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
"{798A242B-EEAE-47D0-A5B5-092D6BDDF385}" = protocol=6 | dir=in | app=h:\program files (x86)\steam\steamapps\common\steamapps\common\dota 2 beta\dota.exe |
"{79B797ED-8957-4E07-B9A7-62AB96D4901F}" = dir=in | app=c:\program files\soluto\soluto.exe |
"{7D92DDF0-CFF2-40BD-8625-3818B31F0A63}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{81E0959F-54E4-4CFF-8114-9792F7579E00}" = protocol=6 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
"{82FE5C01-36BC-4F0A-8BC3-113B39B1A795}" = protocol=17 | dir=in | app=h:\program files (x86)\steam\steamapps\common\steamapps\common\dota 2 beta\dota.exe |
"{85FA3C64-79B9-4277-81D4-6E39C1E03CDA}" = protocol=6 | dir=in | app=h:\program files (x86)\steam\steamapps\common\steamapps\common\dota 2 beta\dota.exe |
"{878B3EA7-5257-4620-8918-A0E909C0FC2F}" = protocol=6 | dir=in | app=h:\program files (x86)\steam\steamapps\common\steamapps\common\dota 2 beta\dota.exe |
"{87E6C5B4-D2A5-489B-8985-88579AD848BB}" = protocol=17 | dir=in | app=h:\program files (x86)\steam\steamapps\common\steamapps\common\dota 2 beta\dota.exe |
"{8EC88EC3-407A-48A8-8AAE-D61E1B71211F}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
"{8F0D45BE-905A-4EC3-B569-340B07619FD5}" = protocol=17 | dir=in | app=c:\program files (x86)\pando networks\media booster\pmb.exe |
"{91184FF2-3570-48D2-A98B-AB812CF30FF8}" = protocol=17 | dir=in | app=c:\users\evan kopilow\appdata\roaming\dropbox\bin\dropbox.exe |
"{95A5E6F8-2473-493F-960A-D38576B9059D}" = protocol=17 | dir=in | app=h:\program files (x86)\steam\steamapps\common\steamapps\common\dota 2 beta\dota.exe |
"{9688FCBA-6FE9-4D86-8F8F-AA692105E705}" = protocol=17 | dir=in | app=d:\program files (x86)\steam\steam.exe |
"{9BCB56D5-09AE-4CF5-9EE1-DA353271AE6A}" = protocol=6 | dir=in | app=d:\program files (x86)\steam\steam.exe |
"{9C293150-7A5E-49F1-A1CD-68C1E85B9F59}" = protocol=6 | dir=in | app=h:\program files (x86)\steam\steamapps\common\steamapps\common\dota 2 beta\dota.exe |
"{A0891DB9-DAE3-47CA-9FF2-55BB63267B86}" = protocol=6 | dir=in | app=d:\program files (x86)\steam\steamapps\common\left 4 dead 2\left4dead2.exe |
"{A55DA2FB-65F4-47B5-8739-FDBE1CA6AFAA}" = protocol=6 | dir=in | app=h:\program files (x86)\steam\steamapps\common\steamapps\common\dota 2 beta\dota.exe |
"{A866A9FC-A676-4F8B-96FE-727270CECCAF}" = protocol=6 | dir=in | app=h:\program files (x86)\steam\steamapps\common\steamapps\common\dota 2 beta\dota.exe |
"{AA755212-E330-4E34-B28B-CD70F20157B0}" = protocol=6 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{ACB57E32-889F-4B54-959B-F7DFE4DBB46E}" = protocol=6 | dir=in | app=c:\users\evan kopilow\appdata\roaming\dropbox\bin\dropbox.exe |
"{ACB6ACB9-711C-4BBF-A123-8CF856E7C925}" = protocol=17 | dir=in | app=h:\program files (x86)\steam\steamapps\common\steamapps\common\dota 2 beta\dota.exe |
"{AE80C2EC-3D93-44FC-BBCF-CBAFBBC6F3A1}" = protocol=6 | dir=in | app=d:\program files (x86)\steam\steamapps\common\nmrih\sdk\hl2.exe |
"{B1D8F613-85D0-45C3-9037-AE992A23E1A4}" = protocol=6 | dir=in | app=h:\program files (x86)\steam\steamapps\common\steamapps\common\dota 2 beta\dota.exe |
"{B40D757B-6324-44A4-925E-7244C4C5BFDF}" = dir=in | app=c:\program files\soluto\solutocleanup.exe |
"{B644141D-3665-4044-BDEC-393C60D005A2}" = protocol=6 | dir=in | app=h:\program files (x86)\steam\steamapps\common\steamapps\common\dota 2 beta\dota.exe |
"{BACDB48F-CBA9-4C4C-922F-3B62FFE37940}" = protocol=6 | dir=out | app=system |
"{C1848C58-0D85-4894-A0B3-53FC3610EC20}" = protocol=17 | dir=in | app=d:\program files (x86)\steam\steamapps\common\nmrih\sdk\bin\hammer.bat |
"{C34D519F-034C-49D3-8B33-532E3686D671}" = protocol=1 | dir=in | [email protected],-28543 |
"{C54F265C-F475-44C8-A5B8-7E2DF63A8182}" = protocol=17 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe |
"{C989BE19-DE19-46E4-A848-560C3209695D}" = protocol=6 | dir=in | app=d:\program files (x86)\steam\steamapps\common\nmrih\sdk\bin\hammer.bat |
"{CC12915A-D66A-4635-BABD-5660BE949251}" = dir=in | app=c:\program files\soluto\solutoservice.exe |
"{CC4ECB68-2F82-4470-BA1D-76E953AF064C}" = protocol=17 | dir=in | app=d:\program files (x86)\steam\steamapps\common\left 4 dead 2\left4dead2.exe |
"{CEC81A77-2340-49D6-AEC8-FB9621A462D7}" = protocol=17 | dir=in | app=h:\program files (x86)\steam\steamapps\common\steamapps\common\dota 2 beta\dota.exe |
"{CFBD644E-213D-472C-85EC-43151BB7B905}" = dir=in | app=c:\program files\soluto\solutoupdateservice.exe |
"{D30CA595-DFEF-4FC2-8C98-3D5F6DEC4250}" = protocol=17 | dir=in | app=d:\program files (x86)\steam\steamapps\common\nmrih\sdk\bin\hammer.bat |
"{D31EDDAF-1825-4538-BA98-747D6D467FB2}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{D31F5A70-4D42-46E6-A873-31F0D84ECCF4}" = protocol=6 | dir=in | app=d:\program files (x86)\steam\steamapps\common\nmrih\sdk\hl2.exe |
"{D71561FC-8783-4EC7-A0BB-D711C6ADF629}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
"{D71A0659-B39C-401C-92A7-424617BCDB84}" = protocol=17 | dir=in | app=d:\program files (x86)\steam\steamapps\common\nmrih\sdk\hl2.exe |
"{E0D12DB7-3BD4-4C57-9703-0EDE9467AF44}" = protocol=6 | dir=in | app=c:\program files (x86)\pando networks\media booster\pmb.exe |
"{E28EE023-5760-4134-9473-D643500139F6}" = protocol=6 | dir=in | app=h:\program files (x86)\steam\steamapps\common\steamapps\common\dota 2 beta\dota.exe |
"{E6B838E0-00B3-40E8-8F7D-C615C37B0261}" = protocol=6 | dir=in | app=h:\program files (x86)\steam\steamapps\common\steamapps\common\dota 2 beta\dota.exe |
"{EA724E49-6217-4F51-BD8B-D699A1BCC494}" = protocol=17 | dir=in | app=d:\program files (x86)\steam\steamapps\common\left 4 dead 2\left4dead2.exe |
"{EE72B8CE-A039-4D5C-8388-EDD942C621E6}" = protocol=6 | dir=in | app=d:\program files (x86)\steam\steamapps\common\warframe\tools\launcher.exe |
"{EE7C6967-85A7-4984-8347-28D25923C939}" = protocol=6 | dir=in | app=h:\program files (x86)\steam\steamapps\common\steamapps\common\dota 2 beta\dota.exe |
"{EE9614F2-16A9-4E42-B209-231F500DB551}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
"{EFBA5D43-E9D9-4234-A62E-4E7D4109E24B}" = protocol=6 | dir=in | app=c:\users\evan kopilow\appdata\roaming\utorrent\utorrent.exe |
"{F406055C-7959-4CDE-BCB7-D95D247B62A9}" = protocol=6 | dir=in | app=h:\program files (x86)\steam\steamapps\common\steamapps\common\dota 2 beta\dota.exe |
"{F72DD429-6F71-4553-8845-17B71C2003B6}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{F7F8A43D-CA4B-48E0-A1C6-CC32B27AB34B}" = protocol=17 | dir=in | app=h:\program files (x86)\steam\steamapps\common\steamapps\common\dota 2 beta\dota.exe |
"{F9A91492-14A6-4B73-82EE-D1CB3CBAD307}" = protocol=17 | dir=in | app=h:\program files (x86)\steam\steamapps\common\steamapps\common\dota 2 beta\dota.exe |
"{FD6DE2B6-4651-48D9-A56C-9D1783272E57}" = protocol=17 | dir=in | app=d:\program files (x86)\steam\steamapps\common\warframe\tools\launcher.exe |
"{FDC4918B-C137-40DF-A0B6-D01BB35866C7}" = protocol=17 | dir=in | app=h:\program files (x86)\steam\steamapps\common\steamapps\common\dota 2 beta\dota.exe |
"TCP Query User{1B25C47D-01B5-4DA5-BE2C-609F497F02E0}C:\dogecoin\reddcoin\reddcoin-qt.exe" = protocol=6 | dir=in | app=c:\dogecoin\reddcoin\reddcoin-qt.exe |
"TCP Query User{298F8AC4-EAB7-4699-8A5B-A804AC14B6AD}H:\users\evan kopilow\desktop\dogecoin-qt-v150-win\dogecoin-qt.exe" = protocol=6 | dir=in | app=h:\users\evan kopilow\desktop\dogecoin-qt-v150-win\dogecoin-qt.exe |
"TCP Query User{3635184F-401E-4B0A-835D-2B5F1B4FD80B}C:\dogecoin\dogecoin-qt.exe" = protocol=6 | dir=in | app=c:\dogecoin\dogecoin-qt.exe |
"TCP Query User{4A1A5646-9FDF-4390-83EE-51845686E4C2}C:\program files (x86)\winamp\winamp.exe" = protocol=6 | dir=in | app=c:\program files (x86)\winamp\winamp.exe |
"TCP Query User{4C79C210-0BBD-4331-8875-C08ABD75C76D}C:\dogecoin\dogecoin-qt-1_6_0-win\dogecoin-qt.exe" = protocol=6 | dir=in | app=c:\dogecoin\dogecoin-qt-1_6_0-win\dogecoin-qt.exe |
"TCP Query User{6E2424F4-B99E-421E-8C4E-E6438E3803C1}C:\users\evan kopilow\appdata\local\temp\temp2_reddcoin-qt-v11-win.zip\reddcoin-qt.exe" = protocol=6 | dir=in | app=c:\users\evan kopilow\appdata\local\temp\temp2_reddcoin-qt-v11-win.zip\reddcoin-qt.exe |
"TCP Query User{7148B591-4280-40E3-AD7B-C042AB6E01DF}C:\users\evan kopilow\appdata\roaming\dropbox\bin\dropbox.exe" = protocol=6 | dir=in | app=c:\users\evan kopilow\appdata\roaming\dropbox\bin\dropbox.exe |
"TCP Query User{797239E7-6A6C-4589-8D3E-DB58916C88FE}C:\dogecoin\reddcoin-qt.exe" = protocol=6 | dir=in | app=c:\dogecoin\reddcoin-qt.exe |
"TCP Query User{7F82BB50-B52C-4767-B9E6-611CE1057579}C:\users\evan kopilow\appdata\local\temp\temp4_reddcoin-qt-v11-win.zip\reddcoin-qt.exe" = protocol=6 | dir=in | app=c:\users\evan kopilow\appdata\local\temp\temp4_reddcoin-qt-v11-win.zip\reddcoin-qt.exe |
"TCP Query User{8092CB38-2418-4B24-B40E-46338ACCFB23}H:\doge\dogecoin-qt-v150-win\dogecoin-qt.exe" = protocol=6 | dir=in | app=h:\doge\dogecoin-qt-v150-win\dogecoin-qt.exe |
"TCP Query User{916F2ED2-8E31-4E64-8721-4F4DD22FDD0B}C:\program files (x86)\winamp\winamp.exe" = protocol=6 | dir=in | app=c:\program files (x86)\winamp\winamp.exe |
"TCP Query User{B6523883-C29D-43D8-B0D0-B090652A39A2}C:\users\evan kopilow\appdata\local\temp\temp3_reddcoin-qt-v11-win.zip\reddcoin-qt.exe" = protocol=6 | dir=in | app=c:\users\evan kopilow\appdata\local\temp\temp3_reddcoin-qt-v11-win.zip\reddcoin-qt.exe |
"TCP Query User{B6D5B5A4-A908-4A73-8608-8E19F6C142AF}C:\users\evan kopilow\appdata\local\temp\temp1_reddcoin-qt-v11-win.zip\reddcoin-qt.exe" = protocol=6 | dir=in | app=c:\users\evan kopilow\appdata\local\temp\temp1_reddcoin-qt-v11-win.zip\reddcoin-qt.exe |
"TCP Query User{D23DB6D9-F464-4FC7-84C5-A55FB399FA75}H:\program files (x86)\feathercoin\feathercoin-qt.exe" = protocol=6 | dir=in | app=h:\program files (x86)\feathercoin\feathercoin-qt.exe |
"TCP Query User{DD942523-A760-4BA4-906D-43D2B7A5760F}C:\users\evan kopilow\appdata\local\temp\temp1_reddcoin-qt-v113-win.zip\reddcoin-qt.exe" = protocol=6 | dir=in | app=c:\users\evan kopilow\appdata\local\temp\temp1_reddcoin-qt-v113-win.zip\reddcoin-qt.exe |
"TCP Query User{DF0B201B-42A5-49DD-AECF-0999B8105784}C:\users\evan kopilow\appdata\roaming\spotify\spotify.exe" = protocol=6 | dir=in | app=c:\users\evan kopilow\appdata\roaming\spotify\spotify.exe |
"TCP Query User{E023A80E-435D-40DC-B9DB-0FA06C6F9520}C:\users\evan kopilow\desktop\temp folder\dogecoin-qt-1_6_0-win\dogecoin-qt.exe" = protocol=6 | dir=in | app=c:\users\evan kopilow\desktop\temp folder\dogecoin-qt-1_6_0-win\dogecoin-qt.exe |
"TCP Query User{F3FBD4C4-3550-467D-8DFD-729FEC857D89}D:\program files (x86)\steam\steam.exe" = protocol=6 | dir=in | app=d:\program files (x86)\steam\steam.exe |
"TCP Query User{F8C1F04A-A34C-487A-83D3-A1D06B0B083C}C:\program files (x86)\dogecoin\dogecoin-qt.exe" = protocol=6 | dir=in | app=c:\program files (x86)\dogecoin\dogecoin-qt.exe |
"UDP Query User{07067C23-9594-448B-9D80-A4AA29F863C1}C:\users\evan kopilow\appdata\local\temp\temp1_reddcoin-qt-v11-win.zip\reddcoin-qt.exe" = protocol=17 | dir=in | app=c:\users\evan kopilow\appdata\local\temp\temp1_reddcoin-qt-v11-win.zip\reddcoin-qt.exe |
"UDP Query User{157E0844-E61A-42E8-BFD5-9ECBEA211D8B}C:\users\evan kopilow\appdata\local\temp\temp2_reddcoin-qt-v11-win.zip\reddcoin-qt.exe" = protocol=17 | dir=in | app=c:\users\evan kopilow\appdata\local\temp\temp2_reddcoin-qt-v11-win.zip\reddcoin-qt.exe |
"UDP Query User{1D9F1C50-FE35-4E54-A173-A56695993C2A}C:\users\evan kopilow\appdata\roaming\spotify\spotify.exe" = protocol=17 | dir=in | app=c:\users\evan kopilow\appdata\roaming\spotify\spotify.exe |
"UDP Query User{2393905C-0933-4E21-A851-E20EC6F9D6B7}C:\users\evan kopilow\desktop\temp folder\dogecoin-qt-1_6_0-win\dogecoin-qt.exe" = protocol=17 | dir=in | app=c:\users\evan kopilow\desktop\temp folder\dogecoin-qt-1_6_0-win\dogecoin-qt.exe |
"UDP Query User{2D3B6ACD-73F3-4F5E-8B33-F18F93938E51}C:\program files (x86)\dogecoin\dogecoin-qt.exe" = protocol=17 | dir=in | app=c:\program files (x86)\dogecoin\dogecoin-qt.exe |
"UDP Query User{3EE93C9A-5851-4201-850A-836134AC2EB0}H:\program files (x86)\feathercoin\feathercoin-qt.exe" = protocol=17 | dir=in | app=h:\program files (x86)\feathercoin\feathercoin-qt.exe |
"UDP Query User{3EF86482-2354-4C9C-9963-1FAF21038E1B}C:\program files (x86)\winamp\winamp.exe" = protocol=17 | dir=in | app=c:\program files (x86)\winamp\winamp.exe |
"UDP Query User{43EDBE19-705F-4994-AAC5-95488D3AD2FE}C:\users\evan kopilow\appdata\local\temp\temp1_reddcoin-qt-v113-win.zip\reddcoin-qt.exe" = protocol=17 | dir=in | app=c:\users\evan kopilow\appdata\local\temp\temp1_reddcoin-qt-v113-win.zip\reddcoin-qt.exe |
"UDP Query User{4E2AD9DD-DC14-4158-8C27-C26406274378}C:\dogecoin\reddcoin\reddcoin-qt.exe" = protocol=17 | dir=in | app=c:\dogecoin\reddcoin\reddcoin-qt.exe |
"UDP Query User{5874CD06-29F9-47EC-BF45-5A9A296BF1DF}C:\dogecoin\dogecoin-qt.exe" = protocol=17 | dir=in | app=c:\dogecoin\dogecoin-qt.exe |
"UDP Query User{7A338AC5-85AD-4BBE-8B9E-A73A338BC70C}H:\users\evan kopilow\desktop\dogecoin-qt-v150-win\dogecoin-qt.exe" = protocol=17 | dir=in | app=h:\users\evan kopilow\desktop\dogecoin-qt-v150-win\dogecoin-qt.exe |
"UDP Query User{7C1DF78B-81D6-4C6A-A6D4-AB76066F39A1}C:\dogecoin\reddcoin-qt.exe" = protocol=17 | dir=in | app=c:\dogecoin\reddcoin-qt.exe |
"UDP Query User{804C135B-8F0D-49F3-B130-AA7019E4F2D4}C:\dogecoin\dogecoin-qt-1_6_0-win\dogecoin-qt.exe" = protocol=17 | dir=in | app=c:\dogecoin\dogecoin-qt-1_6_0-win\dogecoin-qt.exe |
"UDP Query User{A6267DBB-78F8-4F3F-A328-E8BD1BC42BED}C:\users\evan kopilow\appdata\roaming\dropbox\bin\dropbox.exe" = protocol=17 | dir=in | app=c:\users\evan kopilow\appdata\roaming\dropbox\bin\dropbox.exe |
"UDP Query User{B59BA677-FD4A-485C-BE7B-8CE2AAA8031C}D:\program files (x86)\steam\steam.exe" = protocol=17 | dir=in | app=d:\program files (x86)\steam\steam.exe |
"UDP Query User{C7A0A52B-A185-4CF4-AB84-BF68D34B5049}C:\users\evan kopilow\appdata\local\temp\temp4_reddcoin-qt-v11-win.zip\reddcoin-qt.exe" = protocol=17 | dir=in | app=c:\users\evan kopilow\appdata\local\temp\temp4_reddcoin-qt-v11-win.zip\reddcoin-qt.exe |
"UDP Query User{D47A43BD-3D65-4244-BA86-5377C70E15D0}C:\users\evan kopilow\appdata\local\temp\temp3_reddcoin-qt-v11-win.zip\reddcoin-qt.exe" = protocol=17 | dir=in | app=c:\users\evan kopilow\appdata\local\temp\temp3_reddcoin-qt-v11-win.zip\reddcoin-qt.exe |
"UDP Query User{DFD86AD8-14B4-42EE-B8CB-DB6E48890041}C:\program files (x86)\winamp\winamp.exe" = protocol=17 | dir=in | app=c:\program files (x86)\winamp\winamp.exe |
"UDP Query User{E14C04B8-21B8-4A9C-9DDE-F0FB3A717A83}H:\doge\dogecoin-qt-v150-win\dogecoin-qt.exe" = protocol=17 | dir=in | app=h:\doge\dogecoin-qt-v150-win\dogecoin-qt.exe |
 
========== HKEY_LOCAL_MACHINE Uninstall List ==========
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{0D924CB2-2EA4-4044-BAF7-770202D6BD0D}" = iTunes
"{0DA20600-6130-443B-9D4B-F30520315FA6}" = Bonjour Print Services
"{13815D81-44B6-7ADA-2A41-FFFC64DD6FAB}" = ccc-utility64
"{14297226-E0A0-3781-8911-E9D529552663}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729
"{1D8E6291-B0D5-35EC-8441-6616F567A0F7}" = Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219
"{23170F69-40C1-2702-0920-000001000000}" = 7-Zip 9.20 (x64 edition)
"{308051DA-0048-7A07-FE8B-9B6EC119A9E8}" = AMD Catalyst Install Manager
"{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148
"{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161
"{678A75C7-5953-B109-57EE-46C7BA4C29C1}" = AMD Drag and Drop Transcoding
"{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}" = Bonjour
"{7AB6F8D7-7804-4662-BE8C-1AFCCD602D9F}" = Microsoft Mouse and Keyboard Center
"{7DEBE4EB-6B40-3766-BB35-5CBBC385DA37}" = Microsoft .NET Framework 4.5.1
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033" = Microsoft .NET Framework 4.5.1
"{95120000-00B9-0409-1000-0000000FF1CE}" = Microsoft Application Error Reporting
"{A2CB1ACB-94A2-32BA-A15E-7D80319F7589}" = Microsoft Visual C++ 2012 x64 Minimum Runtime - 11.0.50727
"{AC53FC8B-EE18-3F9C-9B59-60937D0B182C}" = Microsoft Visual C++ 2012 x64 Additional Runtime - 11.0.50727
"{AEF57B06-B494-8180-AFC7-05EFB1DB2B64}" = ccc-utility64
"{BD1BCEF8-5CD6-D8ED-7D36-31C2172076EA}" = AMD Media Foundation Decoders
"{BFAE8D5B-F918-486F-B74E-90762DF11C5C}" = Microsoft Security Client
"{CDDCBBF1-2703-46BC-938B-BCC81A1EEAAA}" = SUPERAntiSpyware
"{D0795B21-0CDA-4a92-AB9E-6E92D8111E44}" = SAMSUNG USB Driver for Mobile Phones
"{D1933119-5298-40F6-9D90-43FBF25EF0FE}" = Soluto
"{D9C50188-12D5-4D3E-8F00-682346C2AA5F}" = Microsoft Xbox 360 Accessories 1.2
"{ED273D26-E354-1A5B-A0D0-CB5258D43BD2}" = AMD Wireless Display v3.0
"{FCC4426F-0296-D30D-729C-E76C8E7252C7}" = AMD Accelerated Video Transcoding
"{FE86CB0C-FCB3-4358-B4B0-B0A41E33B3DD}" = Apple Mobile Device Support
"CCleaner" = CCleaner
"CPUID CPU-Z_is1" = CPUID CPU-Z 1.60
"Microsoft Mouse and Keyboard Center" = Microsoft Mouse and Keyboard Center
"Microsoft Security Client" = Microsoft Security Essentials
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{046B79EE-7ED3-37A4-621A-FE297EF484C2}" = CCC Help Greek
"{048298C9-A4D3-490B-9FF9-AB023A9238F3}" = Steam
"{0A590981-75A9-B968-4A29-718E5A8E1416}" = CCC Help Dutch
"{0D78BEE2-F8FF-4498-AF1A-3FF81CED8AC6}" = Razer Synapse 2.0
"{0E6B8EA7-4FDF-F730-8F28-05720874BE71}" = CCC Help Chinese Traditional
"{1003E625-BE5B-390B-7B60-D483D0B75A26}" = CCC Help Russian
"{10CB5DDD-38E1-2EB2-F62C-C1948A99943E}" = AMD Catalyst Control Center
"{1194740D-0DB8-A508-31BA-E722597B4516}" = Catalyst Control Center Graphics Previews Common
"{141B8BA9-BFFD-4635-AF64-078E31010EC3}_is1" = FINAL FANTASY VII
"{15134cb0-b767-4960-a911-f2d16ae54797}" = Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.50727
"{1690611F-D4EA-A00D-DAAD-91D216869679}" = CCC Help Polish
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{1FB16E3B-3AFB-46CB-6E83-2F5A0CF4ED16}" = Catalyst Control Center Localization All
"{22154f09-719a-4619-bb71-5b3356999fbf}" = Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.50727
"{26A24AE4-039D-4CA4-87B4-2F83217025FF}" = Java 7 Update 55
"{26EED5E6-EC40-35A9-602A-C3CF03A9C1E6}" = CCC Help Portuguese
"{29AE3F9F-7158-4ca7-B1ED-28A73ECDB215}_is1" = Samsung Magician
"{2C33E65D-9187-8F2E-40D8-BD9E24E341FB}" = CCC Help Italian
"{2E3A81FB-7952-F8CB-9AD5-50544E2F4838}" = CCC Help Czech
"{2F73A7B2-E50E-39A6-9ABC-EF89E4C62E36}" = Microsoft Visual C++ 2012 x86 Minimum Runtime - 11.0.50727
"{36B6FF8B-38E3-E64C-F840-75F6AAEBE3EA}" = Catalyst Control Center Graphics Previews Common
"{38F6C932-2274-4897-479D-03AA6BA5B567}" = CCC Help Turkish
"{3AB00888-CA03-0BFD-3F3C-C877767192B0}" = CCC Help Swedish
"{3ACA2563-E786-BDD4-C87B-09909BB3F61C}" = CCC Help Thai
"{3B35725F-C623-4A1E-B5CC-99C0868679E3}" = Smart 6 B11.0512.1
"{3BC2C64B-0DA0-974B-6311-AED4F3711DCE}" = CCC Help Danish
"{3DECD372-76A1-4483-BF10-B547790A3261}" = ON_OFF Charge B11.0110.1
"{4172E797-CE12-AC47-05B7-0E48BDB33E75}" = CCC Help Russian
"{4428AEE6-FA5E-2913-8D12-B410E85E11AA}" = CCC Help Spanish
"{457D7505-D665-4F95-91C3-ECB8C56E9ACA}" = Easy Tune 6 B11.0630.1
"{45A66726-69BC-466B-A7A4-12FCBA4883D7}" = HiJackThis
"{47F460DA-D1BE-4D85-8DF2-AA1F31D3445F}" = OpenOffice 4.0.1
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{4FF1533E-FF2C-A04A-25DD-A8AEC6FA106B}" = CCC Help Chinese Standard
"{553C904F-57A2-4113-888E-BA0C3D1C69C0}" = Microsoft VC9 runtime libraries
"{5A67D2EA-FB70-4033-A6F3-606AD85B2015}_is1" = Driver Sweeper version 3.2.0
"{5BAC4DE5-4062-EE34-3337-5F92FE5D5032}" = CCC Help Spanish
"{6071CB80-DABC-B10D-F244-7F410FB3B150}" = CCC Help Polish
"{6343B6BA-F97F-B336-9ED8-FFD43776E84D}" = CCC Help Finnish
"{65153EA5-8B6E-43B6-857B-C6E4FC25798A}" = Intel® Management Engine Components
"{6D6C1253-F5A2-4E0C-9070-F3C1176C1033}" = Nero 7 Ultra Edition
"{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable
"{75C3C9C0-6CE6-42FA-A0E9-658E8F539124}" = PCMark 7
"{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}" = Apple Software Update
"{7A3C7E05-EE37-47D6-99E1-2EB05A3DA3F7}" = Skype™ 6.16
"{7ADCABE0-E651-6EA5-5128-26E203DAA5E1}" = CCC Help Korean
"{834265C4-CDF4-44D3-BD24-31531617EFB8}" = IHA_MessageCenter
"{8833FFB6-5B0C-4764-81AA-06DFEED9A476}" = Realtek Ethernet Controller Driver
"{8D3A11D0-D925-FA0F-43F3-242E49975CD2}" = CCC Help Danish
"{8EF39A9F-6A57-9706-86A5-9312D9ED8016}" = CCC Help Portuguese
"{8F80DAA3-8A1D-09E9-57E6-DB0223CF2CE4}" = CCC Help French
"{92352C97-C657-DB89-5F3A-E8C3789D9C89}" = CCC Help Chinese Traditional
"{92606477-9366-4D3B-8AE3-6BE4B29727AB}" = League of Legends
"{95545E55-3309-1929-FF41-2908A9706742}" = CCC Help Turkish
"{980A182F-E0A2-4A40-94C1-AE0C1235902E}" = Pando Media Booster
"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
"{9CA5F712-9CAA-B3CB-02D3-7134DFC8801E}" = CCC Help French
"{A128A816-FD3F-990E-DD80-E1735BD718AE}" = CCC Help Italian
"{A2EBACDD-09BB-4894-AE25-7168DB3BFA7F}" = TouchBIOS B11.0623.1
"{A54C01BD-1277-4722-B42B-EC9800A90B1E}_is1" = Free FLAC to MP3 Converter 1.0
"{A922C4B7-50E0-4787-A94C-59DBF3C65DBE}" = Apple Application Support
"{AC76BA86-7AD7-1033-7B44-AB0000000001}" = Adobe Reader XI (11.0.07)
"{AFC71277-DE19-6505-8CBC-71D29163F44A}" = CCC Help German
"{AFC9ECA9-6A4E-1370-98F3-002B63B5AF8E}" = CCC Help Thai
"{B2DC3F08-2EB2-49A5-AA24-15DFC8B1CB83}" = @BIOS
"{B3406262-5701-E9CC-D6B3-BA38C34125A9}" = CCC Help English
"{B67BAFBA-4C9F-48FA-9496-933E3B255044}" = QuickTime
"{B88F2045-CF9A-996C-1670-6F7D65F1D18A}" = CCC Help Norwegian
"{BBC2068D-CE9C-48F5-A6EA-4B44B9DB14A5}" = Catalyst Control Center - Branding
"{BED96D0C-7743-3CE3-F7DF-A0A4475FBF2F}" = CCC Help Hungarian
"{BEE64C14-BEF1-4610-8A68-A16EAA47B882}" = Futuremark SystemInfo
"{C5B6078F-5D37-A122-2E6E-EDC623E8C787}" = CCC Help Czech
"{C7068E1F-22C6-9408-7B24-584F32F66D70}" = CCC Help Finnish
"{C75FAD21-EC08-42F3-92D6-C9C0AB355345}" = AutoGreen B10.1021.1
"{C779648B-410E-4BBA-B75B-5815BCEFE71D}" = Safari
"{C87B855D-DD8F-E419-C640-34936E813EA9}" = CCC Help Greek
"{CB79256B-C0E0-40C6-8EB7-BDD796203581}" = Catalyst Control Center - Branding
"{CC2BAF9A-926F-791D-772C-F582CD8A47B0}" = Catalyst Control Center InstallProxy
"{CE1CA06F-0AD8-CA2A-3A3A-872E8191C198}" = CCC Help Norwegian
"{CECECCED-B7F3-B1A3-3241-0C5D775F8E70}" = CCC Help Chinese Standard
"{D3CEF909-78DC-9D3D-37BD-52F5324C01DA}" = CCC Help Hungarian
"{D4DE3DB4-7734-47E5-8D92-B80146311406}" = Samsung Data Migration
"{DB6AB705-C9BD-40E3-8929-2EA57F36A4FF}_is1" = ConvertXtoDVD 4.1.19.365
"{DFBB738C-71D8-4DC5-B8D2-D65C37680E27}" = Etron USB3.0 Host Controller
"{E297492A-E114-CAE0-502E-5F36C386DD30}" = CCC Help Dutch
"{E6533A85-ED92-F897-2B68-58AC3BD87F94}" = CCC Help English
"{EBAC163A-588E-1E5A-3CE8-826E9A449244}" = CCC Help Korean
"{ED65BD75-CEF3-C0C2-9E9C-FA567484FF60}" = CCC Help Japanese
"{EEB34D84-92A1-7BE3-6DB7-ABD1C4912D6B}" = Catalyst Control Center InstallProxy
"{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}" = Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219
"{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}" = Intel® Processor Graphics
"{F1289D68-1C48-930F-51CF-577BDB371252}" = CCC Help Swedish
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{F1EA61A2-B88F-44AD-3143-419ECB6C7E9A}" = CCC Help Japanese
"{F3F340A5-64EC-AEEC-4BDF-DC537D390BF5}" = CCC Help German
"{F6567C5A-C3EA-2E05-E89E-C8C52E33150D}" = Catalyst Control Center
"{F8A9085D-4C7A-41a9-8A77-C8998A96C421}" = Intel® Control Center
"{FCB3772C-B7D0-4933-B1A9-3707EBACC573}" = Intel® OpenCL CPU Runtime
"{FDB30193-FDA0-3DAA-ACCA-A75EEFE53607}" = Microsoft Visual C++ 2012 x86 Additional Runtime - 11.0.50727
"{FE54AF33-9364-7053-670F-A15AD658214C}" = Catalyst Control Center Localization All
"{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022
"Adobe Flash Player ActiveX" = Adobe Flash Player 13 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 14 Plugin
"Anomos" = Anomos 0.9.5
"Cheat Engine 6.2_is1" = Cheat Engine 6.2
"DVD Shrink_is1" = DVD Shrink 3.2
"Feathercoin" = Feathercoin 0.8.6
"Free Video To Audio Converter 2012_is1" = Free Video To Audio Converter 2012 4.5.1
"Freemake Video Converter_is1" = Freemake Video Converter version 4.0.3
"InstallShield_{457D7505-D665-4F95-91C3-ECB8C56E9ACA}" = Easy Tune 6 B11.0630.1
"InstallShield_{C75FAD21-EC08-42F3-92D6-C9C0AB355345}" = AutoGreen B10.1021.1
"InstallShield_{DFBB738C-71D8-4DC5-B8D2-D65C37680E27}" = Etron USB3.0 Host Controller
"Mozilla Firefox 30.0 (x86 en-US)" = Mozilla Firefox 30.0 (x86 en-US)
"MozillaMaintenanceService" = Mozilla Maintenance Service
"NETGEAR Live Parental Controls Management Utility" = NETGEAR Live Parental Controls Management Utility 2.1.5
"OpenSSL Light (32-bit)_is1" = OpenSSL 0.9.8l Light (32-bit)
"RaidCall" = RaidCall
"SoftwareUpdUtility" = Download Updater (AOL LLC)
"Steam App 224260" = No More Room in Hell
"Steam App 230410" = Warframe
"Steam App 231410" = Kerbal Space Program Demo
"Steam App 550" = Left 4 Dead 2
"Steam App 570" = Dota 2
"Steam App 72850" = The Elder Scrolls V: Skyrim
"TechPowerUp GPU-Z" = TechPowerUp GPU-Z
"uTorrentControl2 Toolbar" = uTorrentControl2 Toolbar
"VLC media player" = VLC media player 2.1.3
"VzInHomeAgent" = Vz In-Home Agent
"Winamp" = Winamp
"Winamp Toolbar" = Winamp Toolbar
 
========== HKEY_CURRENT_USER Uninstall List ==========
 
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"Dogecoin" = Dogecoin
"Dropbox" = Dropbox
"Feathercoin" = Feathercoin
"Flux" = f.lux
"Reddcoin" = Reddcoin
"Spotify" = Spotify
"uTorrent" = µTorrent
"Winamp Detect" = Winamp Detector Plug-in
"Winamp Toolbar" = Winamp Toolbar
 
========== Last 20 Event Log Errors ==========
 
[ Application Events ]
Error - 9/19/2013 8:29:31 PM | Computer Name = LjsMonster | Source = Windows Search Service | ID = 3028
Description =
 
Error - 9/19/2013 8:29:31 PM | Computer Name = LjsMonster | Source = Windows Search Service | ID = 3058
Description =
 
Error - 9/19/2013 8:29:31 PM | Computer Name = LjsMonster | Source = Windows Search Service | ID = 7010
Description =
 
Error - 9/19/2013 8:29:31 PM | Computer Name = LjsMonster | Source = Windows Search Service | ID = 7040
Description =
 
Error - 9/19/2013 8:29:31 PM | Computer Name = LjsMonster | Source = Windows Search Service | ID = 7042
Description =
 
Error - 9/19/2013 8:34:48 PM | Computer Name = LjsMonster | Source = WinMgmt | ID = 10
Description =
 
Error - 9/19/2013 8:45:47 PM | Computer Name = LjsMonster | Source = WinMgmt | ID = 10
Description =
 
Error - 9/19/2013 10:35:07 PM | Computer Name = LjsMonster | Source = Application Error | ID = 1000
Description = Faulting application name: FlashPlayerPlugin_11_8_800_168.exe, version:
 11.8.800.168, time stamp: 0x52223bb7  Faulting module name: FlashPlayerPlugin_11_8_800_168.exe,
 version: 11.8.800.168, time stamp: 0x52223bb7  Exception code: 0x40000015  Fault offset:
 0x00017e40  Faulting process id: 0xefc  Faulting application start time: 0x01ceb59d7461fb97
Faulting
 application path: C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_11_8_800_168.exe
Faulting
 module path: C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_11_8_800_168.exe
Report
 Id: 42e15045-219d-11e3-b137-50e549e97722
 
Error - 9/20/2013 1:45:49 AM | Computer Name = LjsMonster | Source = MsiInstaller | ID = 11923
Description =
 
Error - 9/20/2013 1:49:36 AM | Computer Name = LjsMonster | Source = MsiInstaller | ID = 11923
Description =
 
[ System Events ]
Error - 5/22/2014 8:47:44 PM | Computer Name = LjsMonster | Source = Service Control Manager | ID = 7009
Description = A timeout was reached (30000 milliseconds) while waiting for the Steam
 Client Service service to connect.
 
Error - 5/22/2014 8:47:44 PM | Computer Name = LjsMonster | Source = Service Control Manager | ID = 7000
Description = The Steam Client Service service failed to start due to the following
 error:   %%1053
 
Error - 5/28/2014 3:53:58 PM | Computer Name = LjsMonster | Source = Service Control Manager | ID = 7009
Description = A timeout was reached (30000 milliseconds) while waiting for the Steam
 Client Service service to connect.
 
Error - 5/28/2014 3:53:58 PM | Computer Name = LjsMonster | Source = Service Control Manager | ID = 7000
Description = The Steam Client Service service failed to start due to the following
 error:   %%1053
 
Error - 6/2/2014 11:46:53 AM | Computer Name = LjsMonster | Source = Service Control Manager | ID = 7009
Description = A timeout was reached (30000 milliseconds) while waiting for the Steam
 Client Service service to connect.
 
Error - 6/2/2014 11:46:53 AM | Computer Name = LjsMonster | Source = Service Control Manager | ID = 7000
Description = The Steam Client Service service failed to start due to the following
 error:   %%1053
 
Error - 6/10/2014 4:08:56 PM | Computer Name = LjsMonster | Source = Microsoft-Windows-WindowsUpdateClient | ID = 20
Description = Installation Failure: Windows failed to install the following update
 with error 0x800f0902: Security Update for Windows 7 for x64-based Systems (KB2939576).
 
Error - 6/10/2014 4:08:56 PM | Computer Name = LjsMonster | Source = Microsoft-Windows-WindowsUpdateClient | ID = 20
Description = Installation Failure: Windows failed to install the following update
 with error 0x800f0902: Security Update for Windows 7 for x64-based Systems (KB2957189).
 
Error - 6/28/2014 6:46:33 AM | Computer Name = LjsMonster | Source = EventLog | ID = 6008
Description = The previous system shutdown at 6:45:31 AM on ?6/?28/?2014 was unexpected.
 
Error - 6/28/2014 6:46:33 AM | Computer Name = LJSMONSTER | Source = BugCheck | ID = 1001
Description =
 
 
< End of report >
 



#4 guestolo

guestolo

    Site Donator

  • Admin
  • PipPipPipPipPipPipPip
  • 16,247 posts

Posted 03 July 2014 - 08:03 AM

Sorry for the delay, nothing looking too bad, but please try the following:

-AdwCleaner-
Please download AdwCleaner by Xplode onto your desktop.
  • Close all open programs and internet browsers.
  • Double click on AdwCleaner.exe to run the tool.
  • Click the Scan button and wait for the process to complete.
  • Click on the Clean button follow the prompts.
  • A log file will automatically open after the scan has finished and the PC has rebooted.
  • Please post the content of that log file with your next answer.
  • You can also find the log file at C:\AdwCleaner
-Junkware-Removal-Tool-
  • Please download Junkware Removal Tool to your desktop.
  • Shut down your protection software now to avoid potential conflicts.
  • Run the tool by double-clicking it. If you are using Windows Vista, 7, or 8; instead of double-clicking, right-mouse click JRT.exe and select "Run as Administrator".
  • The tool will open and start scanning your system.
  • Please be patient as this can take a while to complete depending on your system's specifications.
  • On completion, a log (JRT.txt) is saved to your desktop and will automatically open.
  • Post the contents of JRT.txt into your next message.
In addition:
Right click on OTL.exe again and choose to "Run as Administrator"
Run another scan, only one log will be created this time named Otl.txt
Can you post it's contents please

Do you want to post your own logs from FRST?
Follow the instructions posted Click Here


#5 rambag3

rambag3

    Journeyman

  • Members
  • PipPip
  • 47 posts

Posted 03 July 2014 - 09:18 AM

ADW Cleaner log

 

# AdwCleaner v3.214 - Report created 03/07/2014 at 11:12:26
# Updated 29/06/2014 by Xplode
# Operating System : Windows 7 Home Premium Service Pack 1 (64 bits)
# Username : Evan Kopilow - LJSMONSTER
# Running from : C:\Users\Evan Kopilow\Desktop\AdwCleaner.exe
# Option : Clean

***** [ Services ] *****


***** [ Files / Folders ] *****

Folder Deleted : C:\ProgramData\Babylon
Folder Deleted : C:\ProgramData\Winamp Toolbar
Folder Deleted : C:\Program Files (x86)\Conduit
Folder Deleted : C:\Program Files (x86)\Winamp Toolbar
Folder Deleted : C:\Program Files (x86)\uTorrentControl2
Folder Deleted : C:\Program Files (x86)\Common Files\Software Update Utility
Folder Deleted : C:\Users\Evan Kopilow\AppData\Local\Babylon
Folder Deleted : C:\Users\Evan Kopilow\AppData\Local\Conduit
Folder Deleted : C:\Users\Evan Kopilow\AppData\Local\Winamp Toolbar
Folder Deleted : C:\Users\Evan Kopilow\AppData\LocalLow\Conduit
Folder Deleted : C:\Users\Evan Kopilow\AppData\LocalLow\PriceGong
Folder Deleted : C:\Users\Evan Kopilow\AppData\LocalLow\uTorrentControl2
Folder Deleted : C:\Users\Evan Kopilow\AppData\Roaming\Babylon
Folder Deleted : C:\Users\Evan Kopilow\AppData\Roaming\Mozilla\Firefox\Profiles\qpz899co.default\ConduitCommon
Folder Deleted : C:\Users\Evan Kopilow\AppData\Roaming\Mozilla\Firefox\Profiles\qpz899co.default\Smartbar
Folder Deleted : C:\Users\Evan Kopilow\AppData\Roaming\Mozilla\Firefox\Profiles\qpz899co.default\WinampToolbarData
Folder Deleted : C:\Users\Evan Kopilow\AppData\Roaming\Mozilla\Firefox\Profiles\qpz899co.default\CT3072253
Folder Deleted : C:\Users\Evan Kopilow\AppData\Roaming\Mozilla\Firefox\Profiles\qpz899co.default\Extensions\{0B38152B-1B20-484D-A11F-5E04A9B0661F}
Folder Deleted : C:\Users\Evan Kopilow\AppData\Roaming\Mozilla\Firefox\Profiles\qpz899co.default\Extensions\{687578b9-7132-4a7a-80e4-30ee31099e03}
File Deleted : C:\Users\EVANKO~1\AppData\Local\Temp\Uninstall.exe
File Deleted : C:\Program Files (x86)\Mozilla Firefox\plugins\npdnu.dll
File Deleted : C:\Program Files (x86)\Mozilla Firefox\plugins\npdnu.xpt
File Deleted : C:\Program Files (x86)\Mozilla Firefox\plugins\npdnupdater2.dll
File Deleted : C:\Program Files (x86)\Mozilla Firefox\plugins\npdnupdater2.xpt
File Deleted : C:\Users\Evan Kopilow\AppData\Roaming\Mozilla\Firefox\Profiles\qpz899co.default\user.js
File Deleted : C:\Windows\System32\Tasks\BackgroundContainer Startup Task

***** [ Shortcuts ] *****


***** [ Registry ] *****

Key Deleted : HKCU\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage\conduit.com
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage\conduitapps.com
Value Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Run [BackgroundContainer]
Key Deleted : HKLM\SOFTWARE\Classes\AppID\dnu.EXE
Key Deleted : HKLM\SOFTWARE\Classes\AppID\escort.DLL
Key Deleted : HKLM\SOFTWARE\Classes\AppID\ScriptHelper.EXE
Key Deleted : HKLM\SOFTWARE\Classes\AppID\winamptbServer.exe
Key Deleted : HKLM\SOFTWARE\Classes\dnUpdate
Key Deleted : HKLM\SOFTWARE\Classes\dnUpdater.DownloadUIBrowser
Key Deleted : HKLM\SOFTWARE\Classes\dnUpdater.DownloadUIBrowser.1
Key Deleted : HKLM\SOFTWARE\Classes\dnUpdater.DownloadUpdController
Key Deleted : HKLM\SOFTWARE\Classes\dnUpdater.DownloadUpdController.1
Key Deleted : HKLM\SOFTWARE\Classes\Prod.cap
Key Deleted : HKLM\SOFTWARE\Classes\WinampTb.AOLTBSearch
Key Deleted : HKLM\SOFTWARE\Classes\WinampTb.AOLTBSearch.1
Key Deleted : HKLM\SOFTWARE\Classes\WinampTb.AOLToolBand
Key Deleted : HKLM\SOFTWARE\Classes\WinampTb.AOLToolBand.1
Key Deleted : HKLM\SOFTWARE\Classes\WinampTb.Downloader
Key Deleted : HKLM\SOFTWARE\Classes\WinampTb.Downloader.1
Key Deleted : HKLM\SOFTWARE\Classes\WinampTb.ToolbarInfo
Key Deleted : HKLM\SOFTWARE\Classes\WinampTb.ToolbarInfo.1
Key Deleted : HKLM\SOFTWARE\Classes\WinampTb.ToolbarParams
Key Deleted : HKLM\SOFTWARE\Classes\WinampTb.ToolbarParams.1
Key Deleted : HKLM\SOFTWARE\Classes\WinampTbServer.AolToolbarHelper
Key Deleted : HKLM\SOFTWARE\Classes\WinampTbServer.AolToolbarHelper.1
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\apnstub_RASAPI32
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\apnstub_RASMANCS
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\au__rasapi32
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\au__rasmancs
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\MyBabylontb_RASAPI32
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\MyBabylontb_RASMANCS
Key Deleted : HKLM\SOFTWARE\Classes\Toolbar.CT3072253
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{09C554C3-109B-483C-A06B-F14172F1A947}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{6C259840-5BA8-46E6-8ED1-EF3BA47D8BA1}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{B27D9527-3762-4D71-963D-FB7A94FDD678}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{BB711CB0-C70B-482E-9852-EC05EBD71DBB}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{BDB69379-802F-4EAF-B541-F8DE92DD98DB}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{25CEE8EC-5730-41BC-8B58-22DDC8AB8C20}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{35B8892D-C3FB-4D88-990D-31DB2EBD72BD}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{3C471948-F874-49F5-B338-4F214A2EE0B1}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{408CFAD9-8F13-4747-8EC7-770A339C7237}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{57BCA5FA-5DBB-45A2-B558-1755C3F6253B}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{687578B9-7132-4A7A-80E4-30EE31099E03}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{6EF4E91D-DDD5-4478-BCA7-DA04435934C0}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{7B089B94-D1DC-4C6B-87E1-8156E22C1D96}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{841FD004-57A2-4B49-BBDB-5897394619DB}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{94496571-6AC5-4836-82D5-D46260C44B17}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{B38D6EDE-390B-4620-8365-29E16459EBDA}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{BC9FD17D-30F6-4464-9E53-596A90AFF023}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{CC5AD34C-6F10-4CB3-B74A-C2DD4D5060A3}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{DE9028D0-5FFA-4E69-94E3-89EE8741F468}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{E1164984-B567-47BD-A7FF-240C2594404A}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{E15A9BFD-D16D-496D-8222-44CADF316E70}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{EBF2BA02-9094-4C5A-858B-BB198F3D8DE2}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{F20F11FD-203E-45A9-B7BB-AFC1B4FEA7A6}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{FE178B09-C8AA-4734-804D-1849BCCA0C29}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{D4AAF2A6-F6D1-49A5-BA1A-B20735DF1955}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{0F54B66A-21CF-4548-AE59-A6B83EE6676F}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{3F607E46-0D3C-4442-B1DE-DE7FA4768F5C}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{51A971CA-D36E-4D13-A799-2CF0A491D04D}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{56FBEA9F-EF93-4318-B75F-A96FC7C7BD7B}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{660E6F4F-840D-436D-B668-433D9591BAC5}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{66DD22B9-6521-4B05-97DB-0EBC00B1DA5D}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{78B3C85E-44FF-4DC8-B3AD-156F39DC75E5}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{841FD004-57A2-4B49-BBDB-5897394619DB}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{E1164984-B567-47BD-A7FF-240C2594404A}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{E19FDA06-5BDF-43C2-B794-BCD8A4C2051F}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{E7435878-65B9-44D1-A443-81754E5DFC90}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{FAB076F5-E4DD-4EA4-AFEE-F18BF972B057}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{FE0273D1-99DF-4AC0-87D5-1371C6271785}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{07CAC314-E962-4F78-89AB-DD002F2490EE}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{13ABD093-D46F-40DF-A608-47E162EC799D}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{507591C2-2F4E-46A7-92D6-E6CFF82E5F26}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{538CD77C-BFDD-49B0-9562-77419CAB89D1}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{92380354-381A-471F-BE2E-DD9ACD9777EA}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{93E3D79C-0786-48FF-9329-93BC9F6DC2B3}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{25CEE8EC-5730-41BC-8B58-22DDC8AB8C20}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{687578B9-7132-4A7A-80E4-30EE31099E03}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{95B7759C-8C7F-4BF1-B163-73684A933233}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{25CEE8EC-5730-41BC-8B58-22DDC8AB8C20}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{687578B9-7132-4A7A-80E4-30EE31099E03}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{EBF2BA02-9094-4C5A-858B-BB198F3D8DE2}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{F25AF245-4A81-40DC-92F9-E9021F207706}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{D4AAF2A6-F6D1-49A5-BA1A-B20735DF1955}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{25CEE8EC-5730-41BC-8B58-22DDC8AB8C20}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{687578B9-7132-4A7A-80E4-30EE31099E03}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{EBF2BA02-9094-4C5A-858B-BB198F3D8DE2}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{7B089B94-D1DC-4C6B-87E1-8156E22C1D96}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{D4AAF2A6-F6D1-49A5-BA1A-B20735DF1955}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{A8C2644D-BF72-4A89-A88C-D85F565F2F46}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{357E7254-CBD5-4AEA-AD32-8622993457EB}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{E74B6F30-AA4B-465B-9E7B-B13E3C2AF45E}
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{0ECDF796-C2DC-4D79-A620-CCE0C0A66CC9}
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{3BD44F0E-0596-4008-AEE0-45D47E3A8F0E}
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{AFDBDDAA-5D3F-42EE-B79C-185A7020515B}
Value Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{687578B9-7132-4A7A-80E4-30EE31099E03}]
Value Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{EBF2BA02-9094-4C5A-858B-BB198F3D8DE2}]
Value Deleted : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{687578B9-7132-4A7A-80E4-30EE31099E03}]
Value Deleted : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{EBF2BA02-9094-4C5A-858B-BB198F3D8DE2}]
Value Deleted : HKCU\Software\Microsoft\Internet Explorer\URLSearchHooks [{687578B9-7132-4A7A-80E4-30EE31099E03}]
Value Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\URLSearchHooks [{687578B9-7132-4A7A-80E4-30EE31099E03}]
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{0F54B66A-21CF-4548-AE59-A6B83EE6676F}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{3F607E46-0D3C-4442-B1DE-DE7FA4768F5C}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{51A971CA-D36E-4D13-A799-2CF0A491D04D}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{56FBEA9F-EF93-4318-B75F-A96FC7C7BD7B}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{660E6F4F-840D-436D-B668-433D9591BAC5}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{66DD22B9-6521-4B05-97DB-0EBC00B1DA5D}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{78B3C85E-44FF-4DC8-B3AD-156F39DC75E5}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{841FD004-57A2-4B49-BBDB-5897394619DB}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{E1164984-B567-47BD-A7FF-240C2594404A}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{E19FDA06-5BDF-43C2-B794-BCD8A4C2051F}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{E7435878-65B9-44D1-A443-81754E5DFC90}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{FAB076F5-E4DD-4EA4-AFEE-F18BF972B057}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{FE0273D1-99DF-4AC0-87D5-1371C6271785}
Key Deleted : HKCU\Software\2YourFace
Key Deleted : HKCU\Software\Conduit
Key Deleted : HKCU\Software\IGearSettings
Key Deleted : HKCU\Software\Winamp Toolbar
Key Deleted : HKCU\Software\AppDataLow\Toolbar
Key Deleted : HKCU\Software\AppDataLow\Software\BackgroundContainer
Key Deleted : HKCU\Software\AppDataLow\Software\Conduit
Key Deleted : HKCU\Software\AppDataLow\Software\PriceGong
Key Deleted : HKCU\Software\AppDataLow\Software\SmartBar
Key Deleted : HKCU\Software\AppDataLow\Software\uTorrentControl2
Key Deleted : HKLM\Software\Babylon
Key Deleted : HKLM\Software\Conduit
Key Deleted : HKLM\Software\Winamp Toolbar
Key Deleted : HKLM\Software\uTorrentControl2
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\Winamp Toolbar
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\SoftwareUpdUtility
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Winamp Toolbar
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\uTorrentControl2 Toolbar

***** [ Browsers ] *****

-\\ Internet Explorer v11.0.9600.17126


-\\ Mozilla Firefox v30.0 (en-US)

[ File : C:\Users\Evan Kopilow\AppData\Roaming\Mozilla\Firefox\Profiles\qpz899co.default\prefs.js ]

Line Deleted : user_pref("CT3072253..clientLogIsEnabled", true);


Line Deleted : user_pref("CT3072253.ALLOW_SHOWING_HIDDEN_TOOLBAR", false);

Line Deleted : user_pref("CT3072253.BrowserCompStateIsOpen_129573915102477663", true);
Line Deleted : user_pref("CT3072253.BrowserCompStateIsOpen_129749445530228833", true);
Line Deleted : user_pref("CT3072253.BrowserCompStateIsOpen_129749445881800338", true);
Line Deleted : user_pref("CT3072253.BrowserCompStateIsOpen_129805375651312503", true);
Line Deleted : user_pref("CT3072253.BrowserCompStateIsOpen_130067979083742856", true);
Line Deleted : user_pref("CT3072253.BrowserCompStateIsOpen_1359634299000", true);

Line Deleted : user_pref("CT3072253.CTID", "CT3072253");
Line Deleted : user_pref("CT3072253.ConfigurationLastCheckTime", "Mon Nov 11 2013 14:41:55 GMT-0500 (Eastern Standard Time)");
Line Deleted : user_pref("CT3072253.CurrentServerDate", "12-11-2013");
Line Deleted : user_pref("CT3072253.DSInstall", false);
Line Deleted : user_pref("CT3072253.DialogsAlignMode", "LTR");
Line Deleted : user_pref("CT3072253.DialogsGetterLastCheckTime", "Wed Nov 06 2013 12:10:44 GMT-0500 (Eastern Standard Time)");
Line Deleted : user_pref("CT3072253.DownloadReferralCookieData", "");
Line Deleted : user_pref("CT3072253.ENABALE_HISTORY", "{\"dataType\":\"string\",\"data\":\"true\"}");
Line Deleted : user_pref("CT3072253.FirstServerDate", "13-4-2012");
Line Deleted : user_pref("CT3072253.FirstTime", true);
Line Deleted : user_pref("CT3072253.FirstTimeFF3", true);
Line Deleted : user_pref("CT3072253.FixPageNotFoundErrors", true);
Line Deleted : user_pref("CT3072253.GroupingServerCheckInterval", 1440);

Line Deleted : user_pref("CT3072253.HPInstall", false);
Line Deleted : user_pref("CT3072253.HasUserGlobalKeys", true);
Line Deleted : user_pref("CT3072253.HomePageProtectorEnabled", false);

Line Deleted : user_pref("CT3072253.Initialize", true);
Line Deleted : user_pref("CT3072253.InitializeCommonPrefs", true);
Line Deleted : user_pref("CT3072253.InstallationAndCookieDataSentCount", 3);
Line Deleted : user_pref("CT3072253.InstallationId", "ConduitXPEIntegration");
Line Deleted : user_pref("CT3072253.InstallationType", "ConduitXPEIntegration");
Line Deleted : user_pref("CT3072253.InstalledDate", "Sat Apr 14 2012 02:20:20 GMT-0400 (Eastern Daylight Time)");
Line Deleted : user_pref("CT3072253.IsAlertDBUpdated", true);
Line Deleted : user_pref("CT3072253.IsGrouping", false);
Line Deleted : user_pref("CT3072253.IsInitSetupIni", true);
Line Deleted : user_pref("CT3072253.IsMulticommunity", false);
Line Deleted : user_pref("CT3072253.IsOpenThankYouPage", true);
Line Deleted : user_pref("CT3072253.IsOpenUninstallPage", false);
Line Deleted : user_pref("CT3072253.LanguagePackLastCheckTime", "Mon Nov 11 2013 14:41:55 GMT-0500 (Eastern Standard Time)");
Line Deleted : user_pref("CT3072253.LanguagePackReloadIntervalMM", 1440);

Line Deleted : user_pref("CT3072253.LastLogin_3.10.0.1", "Sun Apr 15 2012 23:16:07 GMT-0400 (Eastern Daylight Time)");
Line Deleted : user_pref("CT3072253.LastLogin_3.12.2.3", "Thu May 31 2012 01:02:48 GMT-0400 (Eastern Daylight Time)");
Line Deleted : user_pref("CT3072253.LastLogin_3.13.0.6", "Wed Jul 18 2012 00:43:20 GMT-0400 (Eastern Daylight Time)");
Line Deleted : user_pref("CT3072253.LastLogin_3.14.1.0", "Mon Aug 27 2012 23:35:38 GMT-0400 (Eastern Daylight Time)");
Line Deleted : user_pref("CT3072253.LastLogin_3.15.1.0", "Mon Nov 19 2012 01:26:46 GMT-0500 (Eastern Standard Time)");
Line Deleted : user_pref("CT3072253.LastLogin_3.16.0.3", "Sun Feb 10 2013 13:27:59 GMT-0500 (Eastern Standard Time)");
Line Deleted : user_pref("CT3072253.LastLogin_3.18.0.7", "Sun Jul 14 2013 23:15:02 GMT-0400 (Eastern Standard Time)");
Line Deleted : user_pref("CT3072253.LastLogin_3.19.0.3", "Mon Sep 09 2013 15:49:38 GMT-0400 (Eastern Standard Time)");
Line Deleted : user_pref("CT3072253.LastLogin_3.20.0.4", "Mon Nov 11 2013 18:41:55 GMT-0500 (Eastern Standard Time)");
Line Deleted : user_pref("CT3072253.LatestVersion", "3.20.0.4");
Line Deleted : user_pref("CT3072253.Locale", "en");
Line Deleted : user_pref("CT3072253.MCDetectTooltipHeight", "83");

Line Deleted : user_pref("CT3072253.MCDetectTooltipWidth", "295");
Line Deleted : user_pref("CT3072253.MyStuffEnabledAtInstallation", true);
Line Deleted : user_pref("CT3072253.OriginalFirstVersion", "3.10.0.1");
Line Deleted : user_pref("CT3072253.SearchAPILastCheckTime", "Mon Nov 11 2013 14:41:55 GMT-0500 (Eastern Standard Time)");
Line Deleted : user_pref("CT3072253.SearchCaption", "uTorrentControl2 Customized Web Search");
Line Deleted : user_pref("CT3072253.SearchEngineBeforeUnload", "Google");
Line Deleted : user_pref("CT3072253.SearchFromAddressBarIsInit", true);

Line Deleted : user_pref("CT3072253.SearchInNewTabEnabled", true);
Line Deleted : user_pref("CT3072253.SearchInNewTabIntervalMM", 1440);
Line Deleted : user_pref("CT3072253.SearchInNewTabLastCheckTime", "Mon Sep 09 2013 10:44:59 GMT-0400 (Eastern Standard Time)");


Line Deleted : user_pref("CT3072253.SearchInNewTabUserEnabled", false);
Line Deleted : user_pref("CT3072253.SearchProtectorEnabled", false);
Line Deleted : user_pref("CT3072253.SearchProtectorToolbarDisabled", false);
Line Deleted : user_pref("CT3072253.SendProtectorDataViaLogin", true);
Line Deleted : user_pref("CT3072253.ServiceMapLastCheckTime", "Mon Nov 11 2013 14:41:55 GMT-0500 (Eastern Standard Time)");
Line Deleted : user_pref("CT3072253.SettingsLastCheckTime", "Mon Nov 11 2013 14:41:54 GMT-0500 (Eastern Standard Time)");
Line Deleted : user_pref("CT3072253.SettingsLastUpdate", "1384160275");

Line Deleted : user_pref("CT3072253.ThirdPartyComponentsInterval", 504);
Line Deleted : user_pref("CT3072253.ThirdPartyComponentsLastCheck", "Sat Apr 14 2012 02:20:20 GMT-0400 (Eastern Daylight Time)");
Line Deleted : user_pref("CT3072253.ThirdPartyComponentsLastUpdate", "1312887586");
Line Deleted : user_pref("CT3072253.ToolbarShrinkedFromSetup", false);
Line Deleted : user_pref("CT3072253.TrustedApiDomains", "conduit.com,conduit-hosting.com,conduit-services.com,client.conduit-storage.com,OurToolbar.com,CommunityToolbars.com,ForumToolbar.com,MyBlogToolbar.com,MyCity[...]
Line Deleted : user_pref("CT3072253.UserID", "UN66950574046415219");
Line Deleted : user_pref("CT3072253.ValidationData_Toolbar", 0);
Line Deleted : user_pref("CT3072253.addressBarTakeOverEnabledInHidden", "true");
Line Deleted : user_pref("CT3072253.alertChannelId", "1463702");
Line Deleted : user_pref("CT3072253.autoDisableScopes", -1);
Line Deleted : user_pref("CT3072253.backendstorage.cbcountry_000", "5553");
Line Deleted : user_pref("CT3072253.backendstorage.cbfirsttime", "5361742041707220313420323031322030323A32303A323120474D542D3034303020284561737465726E204461796C696768742054696D6529");
Line Deleted : user_pref("CT3072253.backendstorage.url_history0001", "68747470733A2F2F7777772E66616365626F6F6B2E636F6D2F3F7265663D6C6F676F3A3A3A636C69636B68616E646C65723A3A3A313333343532313139313635302C2C2C687474707[...]
Line Deleted : user_pref("CT3072253.cbcountry_000.from_oldbar.enc", "VVM=");
Line Deleted : user_pref("CT3072253.cbfirsttime.from_oldbar.enc", "U2F0IEFwciAxNCAyMDEyIDAyOjIwOjIxIEdNVC0wNDAwIChFYXN0ZXJuIERheWxpZ2h0IFRpbWUp");
Line Deleted : user_pref("CT3072253.countryCode", "US");
Line Deleted : user_pref("CT3072253.firstTimeDialogOpened", true);
Line Deleted : user_pref("CT3072253.fixPageNotFoundErrorByUser", "TRUE");
Line Deleted : user_pref("CT3072253.fixPageNotFoundErrorInHidden", "true");
Line Deleted : user_pref("CT3072253.fullUserID", "UN66950574046415219.UP.2133");

Line Deleted : user_pref("CT3072253.globalFirstTimeInfoLastCheckTime", "Sat Apr 14 2012 02:20:20 GMT-0400 (Eastern Daylight Time)");
Line Deleted : user_pref("CT3072253.homepageProtectorEnableByLogin", true);
Line Deleted : user_pref("CT3072253.initDone", true);
Line Deleted : user_pref("CT3072253.installId", "ConduitXPEIntegration");
Line Deleted : user_pref("CT3072253.installType", "ConduitXPEIntegration");
Line Deleted : user_pref("CT3072253.isAppTrackingManagerOn", true);
Line Deleted : user_pref("CT3072253.isCheckedStartAsHidden", true);
Line Deleted : user_pref("CT3072253.isEnableAllDialogs", "{\"dataType\":\"string\",\"data\":\"true\"}");
Line Deleted : user_pref("CT3072253.isFirstTimeToolbarLoading", "false");
Line Deleted : user_pref("CT3072253.isPerformedSmartBarTransition", "true");
Line Deleted : user_pref("CT3072253.isToolbarShrinked", "{\"dataType\":\"string\",\"data\":\"false\"}");
Line Deleted : user_pref("CT3072253.keyword", true);

Line Deleted : user_pref("CT3072253.lastVersion", "10.20.101.5");
Line Deleted : user_pref("CT3072253.myStuffEnabled", true);
Line Deleted : user_pref("CT3072253.myStuffPublihserMinWidth", 400);

Line Deleted : user_pref("CT3072253.myStuffServiceIntervalMM", 1440);

Line Deleted : user_pref("CT3072253.navigateToUrlOnSearch", false);
Line Deleted : user_pref("CT3072253.navigationAliasesJson", "{\"EB_SEARCH_TERM\":\"\",\"EB_MAIN_FRAME_URL\":\"hxxp%3A%2F%2Fwww.reddit.com%2Fr%2FOkCupid%2Fcomments%2F1s0och%2Fhow_i_spent_the_last_8_months_hello_again[...]


Line Deleted : user_pref("CT3072253.originalSearchEngine", "Google");
Line Deleted : user_pref("CT3072253.revertSettingsEnabled", true);
Line Deleted : user_pref("CT3072253.searchFromAddressBarEnabledByUser", "true");
Line Deleted : user_pref("CT3072253.searchInNewTabEnabledByUser", "false");
Line Deleted : user_pref("CT3072253.searchInNewTabEnabledInHidden", "true");
Line Deleted : user_pref("CT3072253.searchProtectorDialogDelayInSec", 10);
Line Deleted : user_pref("CT3072253.searchProtectorEnableByLogin", true);
Line Deleted : user_pref("CT3072253.searchSuggestEnabledByUser", "true");
Line Deleted : user_pref("CT3072253.selectToSearchBoxEnabled", "{\"dataType\":\"string\",\"data\":\"true\"}");
Line Deleted : user_pref("CT3072253.serviceLayer_service_login_isFirstLoginInvoked", "{\"dataType\":\"boolean\",\"data\":\"true\"}");
Line Deleted : user_pref("CT3072253.serviceLayer_service_login_loginCount", "{\"dataType\":\"number\",\"data\":\"4\"}");
Line Deleted : user_pref("CT3072253.serviceLayer_service_toolbarGrouping_activeCTID", "{\"dataType\":\"string\",\"data\":\"CT3072253\"}");

Line Deleted : user_pref("CT3072253.serviceLayer_service_toolbarGrouping_activeToolbarName", "{\"dataType\":\"string\",\"data\":\"uTorrentControl2 \"}");
Line Deleted : user_pref("CT3072253.serviceLayer_service_toolbarGrouping_invoked", "{\"dataType\":\"string\",\"data\":\"true\"}");
Line Deleted : user_pref("CT3072253.serviceLayer_service_usage_toolbarUsageCount", "{\"dataType\":\"number\",\"data\":\"2\"}");
Line Deleted : user_pref("CT3072253.serviceLayer_services_Configuration_lastUpdate", "1386110715870");
Line Deleted : user_pref("CT3072253.serviceLayer_services_login_10.20.101.5_lastUpdate", "1386110715707");
Line Deleted : user_pref("CT3072253.serviceLayer_services_searchAPI_lastUpdate", "1386110715828");
Line Deleted : user_pref("CT3072253.serviceLayer_services_serviceMap_lastUpdate", "1386110715684");
Line Deleted : user_pref("CT3072253.serviceLayer_services_toolbarSettings_lastUpdate", "1386117915829");
Line Deleted : user_pref("CT3072253.serviceLayer_services_translation_lastUpdate", "1386110715524");
Line Deleted : user_pref("CT3072253.settingsINI", true);
Line Deleted : user_pref("CT3072253.showToolbarPermission", "false");
Line Deleted : user_pref("CT3072253.smartbar.CTID", "CT3072253");
Line Deleted : user_pref("CT3072253.smartbar.Uninstall", "0");
Line Deleted : user_pref("CT3072253.smartbar.toolbarName", "uTorrentControl2 ");
Line Deleted : user_pref("CT3072253.testingCtid", "");
Line Deleted : user_pref("CT3072253.toolbarAppMetaDataLastCheckTime", "Mon Nov 11 2013 14:41:55 GMT-0500 (Eastern Standard Time)");
Line Deleted : user_pref("CT3072253.toolbarBornServerTime", "13-4-2012");
Line Deleted : user_pref("CT3072253.toolbarContextMenuLastCheckTime", "Sat Apr 14 2012 02:20:20 GMT-0400 (Eastern Daylight Time)");
Line Deleted : user_pref("CT3072253.toolbarCurrentServerTime", "4-12-2013");
Line Deleted : user_pref("CT3072253.toolbarDisabled", "true");
Line Deleted : user_pref("CT3072253.toolbarLoginClientTime", "Mon Nov 11 2013 21:52:26 GMT-0500 (Eastern Standard Time)");
Line Deleted : user_pref("CT3072253.upgradeFromOBVersion", true);
Line Deleted : user_pref("CT3072253.url_history0001.from_oldbar.enc", "aHR0cHM6Ly93d3cuZmFjZWJvb2suY29tLz9yZWY9bG9nbzo6OmNsaWNraGFuZGxlcjo6OjEzMzQ1MjExOTE2NTAsLCxodHRwczovL3d3dy5mYWNlYm9vay5jb20vP3JlZj1sb2dvOjo6Y2xp[...]
Line Deleted : user_pref("CT3072253.usagesFlag", 2);
Line Deleted : user_pref("CT3072253_Firefox.csv", "[{\"from\":\"Abs Layer\",\"action\":\"loading toolbar\",\"time\":1386110713356,\"isWithState\":\"\",\"timeFromStart\":0,\"timeFromPrev\":0}]");




















Line Deleted : user_pref("CommunityToolbar.LatestToolbarVersionInstalled", "3.16.0.3");

Line Deleted : user_pref("CommunityToolbar.ToolbarsList", "CT3072253");
Line Deleted : user_pref("CommunityToolbar.ToolbarsList2", "CT3072253");
Line Deleted : user_pref("CommunityToolbar.ToolbarsList4", "CT3072253");
Line Deleted : user_pref("CommunityToolbar.globalUserId", "149f1479-f2d8-4f9d-9a82-b65ee4eb3b4a");
Line Deleted : user_pref("CommunityToolbar.isAlertUrlAddedToFeedItemTable", true);
Line Deleted : user_pref("CommunityToolbar.isClickActionAddedToFeedItemTable", true);
Line Deleted : user_pref("CommunityToolbar.keywordURLSelectedCTID", "CT3072253");
Line Deleted : user_pref("CommunityToolbar.notifications.alertDialogsGetterLastCheckTime", "Mon Dec 03 2012 00:09:28 GMT-0500 (Eastern Standard Time)");
Line Deleted : user_pref("CommunityToolbar.notifications.alertInfoInterval", 60);
Line Deleted : user_pref("CommunityToolbar.notifications.alertInfoLastCheckTime", "Mon Dec 03 2012 00:09:36 GMT-0500 (Eastern Standard Time)");

Line Deleted : user_pref("CommunityToolbar.notifications.locale", "en");
Line Deleted : user_pref("CommunityToolbar.notifications.loginIntervalMin", 1440);
Line Deleted : user_pref("CommunityToolbar.notifications.loginLastCheckTime", "Mon Dec 03 2012 00:09:28 GMT-0500 (Eastern Standard Time)");
Line Deleted : user_pref("CommunityToolbar.notifications.loginLastUpdateTime", "1313487611");
Line Deleted : user_pref("CommunityToolbar.notifications.messageShowTimeSec", 20);

Line Deleted : user_pref("CommunityToolbar.notifications.showTrayIcon", false);
Line Deleted : user_pref("CommunityToolbar.notifications.userCloseIntervalMin", 300);
Line Deleted : user_pref("CommunityToolbar.notifications.userId", "a9177cd5-4d39-4b41-b3e3-2d67f050c1fa");

Line Deleted : user_pref("CommunityToolbar.originalSearchEngine", "Google");

Line Deleted : user_pref("Smartbar.keywordURLSelectedCTID", "CT3072253");
Line Deleted : user_pref("browser.babylon.HPOnNewTab", "search.babylon.com");
Line Deleted : user_pref("extensions.BabylonToolbar_i.newTab", true);

Line Deleted : user_pref("extensions.atlantis.sys.delta2", 5);
Line Deleted : user_pref("extensions.fvd_single.surfcanyon.ramp.start_time", "1394021605488");

Line Deleted : user_pref("smartbar.addressBarOwnerCTID", "CT3072253");

Line Deleted : user_pref("smartbar.machineId", "5MZW3UMCXOO+YBLFZD/DWABDK78SWWZVCDQXZMYTPM3JENDXBLVXVRG2HJ0HJYJMSBGN8X5HR+MYJLKHCCX4NG");

*************************

AdwCleaner[R0].txt - [37042 octets] - [03/07/2014 11:11:56]
AdwCleaner[S0].txt - [36261 octets] - [03/07/2014 11:12:26]

########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [36322 octets] ##########
 



#6 rambag3

rambag3

    Journeyman

  • Members
  • PipPip
  • 47 posts

Posted 03 July 2014 - 09:29 AM

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 6.1.4 (04.06.2014:1)
OS: Windows 7 Home Premium x64
Ran by Evan Kopilow on Thu 07/03/2014 at 11:19:27.41
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~




~~~ Services



~~~ Registry Values



~~~ Registry Keys



~~~ Files



~~~ Folders

Successfully deleted: [Folder] "C:\Users\Evan Kopilow\AppData\Roaming\getrighttogo"
Successfully deleted: [Folder] "C:\Windows\syswow64\ai_recyclebin"



~~~ FireFox

Successfully deleted: [File] C:\user.js
Successfully deleted the following from C:\Users\Evan Kopilow\AppData\Roaming\mozilla\firefox\profiles\qpz899co.default\prefs.js

user_pref("extensions.atlantis.profile.XG33v9.doneTime", "0");
user_pref("extensions.atlantis.profile.XG33v9.efficiency", "3");
user_pref("extensions.atlantis.profile.XG33v9.overnights", "");
user_pref("extensions.atlantis.profile.XG33v9.rotation_file_fmt", 3);
user_pref("extensions.atlantis.profile.XG33v9.showTime", "0");
Emptied folder: C:\Users\Evan Kopilow\AppData\Roaming\mozilla\firefox\profiles\qpz899co.default\minidumps [160 files]



~~~ Event Viewer Logs were cleared





~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on Thu 07/03/2014 at 11:23:53.69
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
 



#7 guestolo

guestolo

    Site Donator

  • Admin
  • PipPipPipPipPipPipPip
  • 16,247 posts

Posted 03 July 2014 - 11:36 AM

In addition:
Right click on OTL.exe again and choose to "Run as Administrator"
Run another scan, only one log will be created this time named Otl.txt
Can you post it's contents please

Can you do that step please


Do you want to post your own logs from FRST?
Follow the instructions posted Click Here


#8 rambag3

rambag3

    Journeyman

  • Members
  • PipPip
  • 47 posts

Posted 05 July 2014 - 02:52 PM

OTL logfile created on: 7/5/2014 4:47:45 PM - Run 2
OTL by OldTimer - Version 3.2.69.0     Folder = C:\Users\Evan Kopilow\Desktop
64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.11.9600.17126)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy
 
15.92 Gb Total Physical Memory | 13.05 Gb Available Physical Memory | 81.98% Memory free
31.84 Gb Paging File | 28.66 Gb Available in Paging File | 90.01% Paging File free
Paging file location(s): c:\pagefile.sys 0 0 [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 232.78 Gb Total Space | 146.13 Gb Free Space | 62.77% Space Free | Partition Type: NTFS
Drive D: | 931.51 Gb Total Space | 622.20 Gb Free Space | 66.80% Space Free | Partition Type: NTFS
Drive E: | 931.51 Gb Total Space | 865.01 Gb Free Space | 92.86% Space Free | Partition Type: NTFS
Drive F: | 111.79 Gb Total Space | 71.39 Gb Free Space | 63.86% Space Free | Partition Type: NTFS
Drive G: | 702.83 Mb Total Space | 479.74 Mb Free Space | 68.26% Space Free | Partition Type: UDF
Drive H: | 55.90 Gb Total Space | 45.11 Gb Free Space | 80.70% Space Free | Partition Type: NTFS
 
Computer Name: LJSMONSTER | User Name: Evan Kopilow | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
 
========== Processes (SafeList) ==========
 
PRC - [2014/07/02 00:39:57 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Evan Kopilow\Desktop\OTL.exe
PRC - [2014/06/30 17:46:52 | 000,542,400 | ---- | M] (Valve Corporation) -- C:\Program Files (x86)\Common Files\Steam\SteamService.exe
PRC - [2014/06/30 17:46:50 | 001,753,280 | ---- | M] (Valve Corporation) -- D:\Program Files (x86)\Steam\Steam.exe
PRC - [2014/06/18 02:23:31 | 000,275,568 | ---- | M] (Mozilla Corporation) -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe
PRC - [2014/06/10 16:25:03 | 001,176,632 | ---- | M] (Spotify Ltd) -- C:\Users\Evan Kopilow\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe
PRC - [2014/05/31 16:26:48 | 000,585,048 | ---- | M] (Razer Inc.) -- C:\Program Files (x86)\Razer\Synapse\RzSynapse.exe
PRC - [2014/05/21 09:32:02 | 001,721,416 | ---- | M] (Verizon) -- C:\Program Files (x86)\Verizon\IHA_MessageCenter\Bin\VzDetectAgent.exe
PRC - [2014/05/19 20:45:22 | 033,322,312 | ---- | M] (Dropbox, Inc.) -- C:\Users\Evan Kopilow\AppData\Roaming\Dropbox\bin\Dropbox.exe
PRC - [2014/05/19 20:34:36 | 004,737,440 | ---- | M] (Samsung Electronics.) -- C:\Program Files (x86)\Samsung Magician\Samsung Magician.exe
PRC - [2013/12/21 02:04:16 | 000,065,432 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
PRC - [2013/10/15 19:06:12 | 001,016,712 | ---- | M] (Flux Software LLC) -- C:\Users\Evan Kopilow\AppData\Local\FluxSoftware\Flux\flux.exe
PRC - [2013/03/15 15:28:12 | 004,683,768 | ---- | M] (Almico Software (www.almico.com)) -- D:\Program Files (x86)\SpeedFan\speedfan.exe
PRC - [2011/08/08 17:39:32 | 002,656,536 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe
PRC - [2011/08/08 17:39:26 | 000,325,912 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe
PRC - [2010/04/22 15:05:26 | 001,011,712 | ---- | M] (Gigabyte Technology CO., LTD.) -- C:\Program Files (x86)\GIGABYTE\smart6\timelock\AlarmClock.exe
PRC - [2009/10/13 16:39:46 | 000,114,688 | ---- | M] (Gigabyte Technology CO., LTD.) -- C:\Program Files (x86)\GIGABYTE\smart6\timelock\TimeMgmtDaemon.exe
 
 
========== Modules (No Company Name) ==========
 
MOD - [2014/07/05 15:15:02 | 000,192,512 | ---- | M] () -- C:\Users\Evan Kopilow\AppData\Local\Temp\sfamcc00001.dll
MOD - [2014/07/05 15:15:02 | 000,158,720 | ---- | M] () -- C:\Users\Evan Kopilow\AppData\Local\Temp\sfareca00001.dll
MOD - [2014/07/05 15:14:33 | 000,043,008 | ---- | M] () -- c:\Users\Evan Kopilow\AppData\Local\Temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmpmp_v8c.dll
MOD - [2014/06/30 17:47:12 | 002,139,328 | ---- | M] () -- D:\Program Files (x86)\Steam\video.dll
MOD - [2014/06/30 17:46:52 | 001,116,864 | ---- | M] () -- D:\Program Files (x86)\Steam\bin\chromehtml.dll
MOD - [2014/06/26 18:40:28 | 000,764,416 | ---- | M] () -- D:\Program Files (x86)\Steam\SDL2.dll
MOD - [2014/06/18 02:23:19 | 003,852,912 | ---- | M] () -- C:\Program Files (x86)\Mozilla Firefox\mozjs.dll
MOD - [2014/05/30 21:27:20 | 001,116,672 | ---- | M] () -- D:\Program Files (x86)\Steam\libavcodec-55.dll
MOD - [2014/05/30 21:27:20 | 000,438,784 | ---- | M] () -- D:\Program Files (x86)\Steam\libavutil-53.dll
MOD - [2014/05/30 21:27:20 | 000,399,360 | ---- | M] () -- D:\Program Files (x86)\Steam\libavformat-55.dll
MOD - [2014/05/30 21:27:20 | 000,331,264 | ---- | M] () -- D:\Program Files (x86)\Steam\libavresample-1.dll
MOD - [2014/05/19 20:20:50 | 000,103,424 | ---- | M] () -- C:\Program Files (x86)\Samsung Magician\PAL.dll
MOD - [2014/05/19 20:20:10 | 000,039,424 | ---- | M] () -- C:\Program Files (x86)\Samsung Magician\SATA.dll
MOD - [2014/05/19 20:20:10 | 000,031,232 | ---- | M] () -- C:\Program Files (x86)\Samsung Magician\SMINI.dll
MOD - [2014/05/19 20:19:48 | 000,029,696 | ---- | M] () -- C:\Program Files (x86)\Samsung Magician\SAS.dll
MOD - [2014/05/19 20:19:46 | 000,038,400 | ---- | M] () -- C:\Program Files (x86)\Samsung Magician\SAT.dll
MOD - [2014/05/06 11:24:38 | 000,013,824 | ---- | M] () -- C:\Program Files (x86)\Samsung Magician\SAMSUNG_SSD.dll
MOD - [2014/05/01 19:35:22 | 020,628,160 | ---- | M] () -- D:\Program Files (x86)\Steam\bin\libcef.dll
MOD - [2014/04/28 20:37:22 | 000,519,168 | ---- | M] () -- D:\Program Files (x86)\Steam\libswscale-2.dll
MOD - [2014/02/12 13:56:33 | 000,399,872 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Xml.Linq\b6c7a1ca929c1b10f36b683c9f1a0517\System.Xml.Linq.ni.dll
MOD - [2014/02/12 13:56:15 | 000,190,976 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\UIAutomationTypes\75b6a68103e1b76063d9f69b8275ae61\UIAutomationTypes.ni.dll
MOD - [2014/02/12 13:56:14 | 000,018,944 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\Presentatio49d6fefe#\47e7fc401facd4a5d3f2237f16948f36\PresentationFramework-SystemXml.ni.dll
MOD - [2014/02/12 13:56:14 | 000,014,336 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\Presentatio4b37ff64#\0d3cb1df8b6af32cebdc6e2cc4948c69\PresentationFramework-SystemXmlLinq.ni.dll
MOD - [2014/02/12 00:24:08 | 018,813,440 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\Presentatio5ae0f00f#\a4b45c44490c75bc2fb22780e7ef087d\PresentationFramework.ni.dll
MOD - [2014/02/12 00:24:01 | 001,889,792 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Xaml\3fe705796c6a41d4889d9001d1c56af8\System.Xaml.ni.dll
MOD - [2014/02/12 00:23:59 | 012,894,208 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Windows.Forms\f4f6ee0df2aa4189bf36e6335cb92761\System.Windows.Forms.ni.dll
MOD - [2014/02/12 00:23:59 | 001,180,672 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Management\0893e0e7137e3b2da905da6216b75344\System.Management.ni.dll
MOD - [2014/02/12 00:23:55 | 011,025,920 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\PresentationCore\a74542efbeb46445949a39026c501132\PresentationCore.ni.dll
MOD - [2014/02/12 00:23:50 | 006,990,336 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Core\dce99d8de14d8a015313db98c72552ee\System.Core.ni.dll
MOD - [2014/02/12 00:23:50 | 001,644,544 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Drawing\5cd2aee5e7c07227c694d89219688ab3\System.Drawing.ni.dll
MOD - [2014/02/12 00:23:49 | 007,662,080 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Xml\bada32953bb6b16a53d653eae23d78dc\System.Xml.ni.dll
MOD - [2014/02/12 00:23:49 | 000,806,400 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Servd1dec626#\34b53ecafa1d7ccc7ca961d722b5d983\System.ServiceModel.Internals.ni.dll
MOD - [2014/02/12 00:23:49 | 000,122,880 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\SMDiagnostics\78652b7fa68ee058bff6a118c657f565\SMDiagnostics.ni.dll
MOD - [2014/02/12 00:23:48 | 002,825,216 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\SystemWebsite removed for spammingnteb92aa12#\f6d7bb59f318c130d68816a89335d05e\SystemWebsite removed for spammingntime.Serialization.ni.dll
MOD - [2014/02/12 00:23:47 | 003,950,080 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\WindowsBase\acf97bfe2a931d4a47253b26b7218991\WindowsBase.ni.dll
MOD - [2014/02/12 00:23:45 | 000,470,528 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\Presentatio1c9175f8#\75f8bc4cf08030c4a53b6d5e0ae20046\PresentationFramework.Aero.ni.dll
MOD - [2014/02/12 00:23:44 | 010,060,800 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System\ff26cc03e6d57d8abd13b990332e67c6\System.ni.dll
MOD - [2014/02/12 00:23:44 | 000,976,384 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Configuration\bbc48ec4245e502ae19b0601d3799c9e\System.Configuration.ni.dll
MOD - [2014/02/12 00:23:39 | 016,953,856 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\mscorlib\ce5f61c5754789df97be8dc991c47d07\mscorlib.ni.dll
MOD - [2014/01/20 14:17:04 | 000,073,544 | ---- | M] () -- C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll
MOD - [2014/01/20 14:16:38 | 001,044,808 | ---- | M] () -- C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll
MOD - [2014/01/02 21:09:26 | 003,610,624 | ---- | M] () -- C:\Users\Evan Kopilow\AppData\Roaming\Dropbox\bin\wxmsw28uh_vc.dll
MOD - [2013/08/23 15:01:44 | 025,100,288 | ---- | M] () -- C:\Users\Evan Kopilow\AppData\Roaming\Dropbox\bin\libcef.dll
MOD - [2013/06/14 19:49:12 | 001,100,800 | ---- | M] () -- D:\Program Files (x86)\Steam\bin\avcodec-53.dll
MOD - [2013/06/14 19:49:12 | 000,192,000 | ---- | M] () -- D:\Program Files (x86)\Steam\bin\avformat-53.dll
MOD - [2013/06/14 19:49:12 | 000,124,416 | ---- | M] () -- D:\Program Files (x86)\Steam\bin\avutil-51.dll
 
 
========== Services (SafeList) ==========
 
SRV:64bit: - [2014/05/30 05:21:05 | 000,111,616 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\IEEtwCollector.exe -- (IEEtwCollectorService)
SRV:64bit: - [2014/03/11 12:34:10 | 000,347,872 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Program Files\Microsoft Security Client\NisSrv.exe -- (NisSrv)
SRV:64bit: - [2014/03/11 12:34:10 | 000,023,808 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Microsoft Security Client\MsMpEng.exe -- (MsMpSvc)
SRV:64bit: - [2013/12/06 16:52:10 | 000,239,616 | ---- | M] (AMD) [Auto | Running] -- C:\Windows\SysNative\atiesrxx.exe -- (AMD External Events Utility)
SRV:64bit: - [2013/05/27 01:50:47 | 001,011,712 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV:64bit: - [2013/04/21 14:23:50 | 000,182,848 | ---- | M] (Soluto) [Auto | Running] -- C:\Program Files\Soluto\SolutoLauncherService.exe -- (SolutoLauncherService)
SRV:64bit: - [2013/04/21 14:23:48 | 000,721,472 | ---- | M] (Soluto) [Auto | Running] -- C:\Program Files\Soluto\SolutoService.exe -- (SolutoService)
SRV:64bit: - [2013/04/21 14:16:00 | 001,245,248 | ---- | M] (Soluto) [On_Demand | Stopped] -- C:\Program Files\Soluto\SolutoRemoteService.exe -- (SolutoRemoteService)
SRV:64bit: - [2010/04/06 16:30:38 | 000,031,272 | ---- | M] () [On_Demand | Stopped] -- C:\Windows\SysNative\AppleChargerSrv.exe -- (AppleChargerSrv)
SRV - [2014/06/30 17:46:52 | 000,542,400 | ---- | M] (Valve Corporation) [On_Demand | Running] -- C:\Program Files (x86)\Common Files\Steam\SteamService.exe -- (Steam Client Service)
SRV - [2014/06/18 02:23:30 | 000,119,408 | ---- | M] (Mozilla Foundation) [On_Demand | Stopped] -- C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance)
SRV - [2014/06/11 10:48:44 | 000,262,320 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)
SRV - [2014/05/21 09:32:04 | 000,358,984 | ---- | M] (Verizon) [Auto | Running] -- C:\Program Files (x86)\Verizon\IHA_MessageCenter\Bin\Verizon_IHAMessageCenter.exe -- (IHA_MessageCenter)
SRV - [2013/12/21 02:04:16 | 000,065,432 | ---- | M] (Adobe Systems Incorporated) [Auto | Running] -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe -- (AdobeARMservice)
SRV - [2013/11/07 02:52:56 | 000,279,000 | ---- | M] (Intel Corporation) [On_Demand | Stopped] -- C:\Windows\SysWOW64\IntelCpHeciSvc.exe -- (cphs)
SRV - [2013/10/23 08:15:08 | 000,172,192 | R--- | M] (Skype Technologies) [On_Demand | Stopped] -- C:\Program Files (x86)\Skype\Updater\Updater.exe -- (SkypeUpdate)
SRV - [2013/09/11 22:21:54 | 000,105,144 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32)
SRV - [2013/08/14 16:46:02 | 000,101,888 | ---- | M] (Freemake) [On_Demand | Stopped] -- C:\ProgramData\Freemake\FreemakeUtilsService\FreemakeUtilsService.exe -- (Freemake Improver)
SRV - [2013/05/23 16:12:02 | 000,143,120 | ---- | M] (SUPERAntiSpyware.com) [Auto | Running] -- D:\Program Files\SUPERAntiSpyware\SASCore64.exe -- (!SASCORE)
SRV - [2011/12/09 14:39:52 | 000,135,584 | ---- | M] (Futuremark Corporation) [On_Demand | Stopped] -- C:\Program Files (x86)\Futuremark\Futuremark SystemInfo\FMSISvc.exe -- (Futuremark SystemInfo Service)
SRV - [2011/08/08 17:39:32 | 002,656,536 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe -- (UNS)
SRV - [2011/08/08 17:39:26 | 000,325,912 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe -- (LMS)
SRV - [2009/10/13 16:39:46 | 000,114,688 | ---- | M] (Gigabyte Technology CO., LTD.) [Auto | Running] -- C:\Program Files (x86)\GIGABYTE\smart6\timelock\TimeMgmtDaemon.exe -- (Smart TimeLock)
SRV - [2009/06/10 17:23:09 | 000,066,384 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32)
SRV - [2007/01/15 17:14:38 | 000,774,144 | ---- | M] (Nero AG) [On_Demand | Stopped] -- D:\Program Files (x86)\Nero 7\Nero BackItUp\NBService.exe -- (NBService)
 
 
========== Driver Services (SafeList) ==========
 
DRV:64bit: - [2014/05/19 02:47:28 | 000,155,816 | ---- | M] (Razer Inc) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\rzudd.sys -- (rzudd)
DRV:64bit: - [2014/03/11 09:52:30 | 000,133,928 | ---- | M] (Microsoft Corporation) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\NisDrvWFP.sys -- (NisDrv)
DRV:64bit: - [2014/01/22 09:52:10 | 000,206,080 | ---- | M] (DEVGURU Co., LTD.(www.devguru.co.kr)) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ssudmdm.sys -- (ssudmdm)
DRV:64bit: - [2014/01/22 09:52:10 | 000,108,800 | ---- | M] (DEVGURU Co., LTD.(www.devguru.co.kr)) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ssudbus.sys -- (dg_ssudbus)
DRV:64bit: - [2013/12/06 17:52:14 | 013,207,552 | ---- | M] (Advanced Micro Devices, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\atikmdag.sys -- (amdkmdag)
DRV:64bit: - [2013/12/06 16:21:44 | 000,626,176 | ---- | M] (Advanced Micro Devices, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\atikmpag.sys -- (amdkmdap)
DRV:64bit: - [2013/11/07 02:52:44 | 005,363,200 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\igdkmd64.sys -- (igfx)
DRV:64bit: - [2013/10/01 22:22:20 | 000,056,832 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbFlt.sys -- (TsUsbFlt)
DRV:64bit: - [2013/09/24 10:53:50 | 000,094,208 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\AtihdW76.sys -- (AtiHDAudioService)
DRV:64bit: - [2013/09/20 11:52:42 | 000,016,152 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\SWDUMon.sys -- (SWDUMon)
DRV:64bit: - [2013/04/21 14:15:34 | 000,054,728 | ---- | M] (Soluto LTD.) [File_System | Boot | Running] -- C:\Windows\SysNative\drivers\Soluto.sys -- (Soluto)
DRV:64bit: - [2012/12/13 14:50:36 | 000,054,784 | ---- | M] (Apple, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\usbaapl64.sys -- (USBAAPL64)
DRV:64bit: - [2012/11/02 16:38:36 | 000,050,856 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\point64.sys -- (Point64)
DRV:64bit: - [2012/11/01 22:52:50 | 000,075,928 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\dc3d.sys -- (dc3d)
DRV:64bit: - [2012/08/23 10:10:20 | 000,019,456 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\rdpvideominiport.sys -- (RdpVideoMiniport)
DRV:64bit: - [2012/08/23 10:08:26 | 000,030,208 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbGD.sys -- (TsUsbGD)
DRV:64bit: - [2012/08/21 13:01:20 | 000,033,240 | ---- | M] (GEAR Software Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\GEARAspiWDM.sys -- (GEARAspiWDM)
DRV:64bit: - [2012/05/06 12:56:42 | 000,082,816 | ---- | M] (VSO Software) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\pcouffin.sys -- (pcouffin)
DRV:64bit: - [2012/03/01 02:46:16 | 000,023,408 | ---- | M] (Microsoft Corporation) [Recognizer | Boot | Unknown] -- C:\Windows\SysNative\drivers\fs_rec.sys -- (Fs_Rec)
DRV:64bit: - [2011/09/21 10:25:54 | 000,021,992 | ---- | M] (CPUID) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\cpuz135_x64.sys -- (cpuz135)
DRV:64bit: - [2011/05/16 10:55:28 | 000,533,096 | ---- | M] (Realtek                                            ) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Rt64win7.sys -- (RTL8167)
DRV:64bit: - [2011/03/11 02:41:12 | 000,107,904 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata)
DRV:64bit: - [2011/03/11 02:41:12 | 000,027,008 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata)
DRV:64bit: - [2011/01/10 18:16:08 | 000,021,104 | ---- | M] () [Kernel | System | Running] -- C:\Windows\SysNative\drivers\AppleCharger.sys -- (AppleCharger)
DRV:64bit: - [2010/11/20 23:23:47 | 000,078,720 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD)
DRV:64bit: - [2010/10/19 23:34:26 | 000,056,344 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\HECIx64.sys -- (MEIx64)
DRV:64bit: - [2009/08/21 02:52:10 | 000,079,976 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\xusb21.sys -- (xusb21)
DRV:64bit: - [2009/07/13 21:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs)
DRV:64bit: - [2009/07/13 21:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2)
DRV:64bit: - [2009/07/13 21:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor)
DRV:64bit: - [2009/06/10 16:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv)
DRV:64bit: - [2009/06/10 16:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv)
DRV:64bit: - [2009/06/10 16:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a)
DRV:64bit: - [2009/06/10 16:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir)
DRV:64bit: - [1999/12/31 20:00:00 | 000,331,264 | ---- | M] (Intel® Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\IntcDAud.sys -- (IntcDAud)
DRV:64bit: - [1999/12/31 20:00:00 | 000,088,832 | ---- | M] (Etron Technology Inc) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\EtronXHCI.sys -- (EtronXHCI)
DRV:64bit: - [1999/12/31 20:00:00 | 000,065,152 | ---- | M] (Etron Technology Inc) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\EtronHub3.sys -- (EtronHub3)
DRV - [2014/07/05 15:14:15 | 000,025,640 | ---- | M] (Windows ® Server 2003 DDK provider) [Kernel | On_Demand | Running] -- C:\Windows\gdrv.sys -- (gdrv)
DRV - [2013/01/03 15:07:47 | 000,030,528 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Windows\GVTDrv64.sys -- (GVTDrv64)
DRV - [2012/08/23 17:02:26 | 000,025,640 | ---- | M] (Windows ® Server 2003 DDK provider) [Kernel | On_Demand | Stopped] -- C:\Windows\etdrv.sys -- (etdrv)
DRV - [2011/07/22 12:26:56 | 000,014,928 | ---- | M] (SUPERAdBlocker.com and SUPERAntiSpyware.com) [Kernel | System | Running] -- D:\Program Files\SUPERAntiSpyware\sasdifsv64.sys -- (SASDIFSV)
DRV - [2011/07/12 17:55:18 | 000,012,368 | ---- | M] (SUPERAdBlocker.com and SUPERAntiSpyware.com) [Kernel | System | Running] -- D:\Program Files\SUPERAntiSpyware\saskutil64.sys -- (SASKUTIL)
DRV - [2009/07/13 21:19:10 | 000,019,008 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\wimmount.sys -- (WIMMount)
 
 
========== Standard Registry (SafeList) ==========
 
 
========== Internet Explorer ==========
 
IE:64bit: - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE:64bit: - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKLM\..\SearchScopes,DefaultScope =
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
 
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Secondary Start Pages =  [binary data]
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www22.verizon...ogin/Login.aspx
IE - HKCU\..\SearchScopes,DefaultScope =
IE - HKCU\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE11SR
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local
 
========== FireFox ==========
 
FF - prefs.js..browser.search.selectedEngine: "Google"
FF - prefs.js..browser.search.useDBForOrder: true
FF - prefs.js..browser.startup.homepage: "http://www.google.com/"
FF - prefs.js..extensions.enabledAddons: TFToolbarX%40torrent-finder:1.3.1
FF - prefs.js..extensions.enabledAddons: ex1%40icrewmax.com:3.6
FF - prefs.js..extensions.enabledAddons: artur.dubovoy%40gmail.com:5.9.1
FF - prefs.js..extensions.enabledAddons: %7B37fa1426-b82d-11db-8314-0800200c9a66%7D:3.4.2
FF - prefs.js..extensions.enabledAddons: %7B73a6fe31-595d-460b-a920-fcc0f8843232%7D:2.6.8.31
FF - prefs.js..extensions.enabledAddons: %7B972ce4c6-7e08-4474-a285-3208198ce6fd%7D:30.0
FF - user.js - File not found
 
FF:64bit: - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF64_14_0_0_125.dll File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files\Microsoft Silverlight\5.1.30214.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_14_0_0_125.dll ()
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=:  File not found
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: D:\iTunes\Mozilla Plugins\npitunes.dll ()
FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.55.2: C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.55.2: C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files (x86)\Microsoft Silverlight\5.1.30214.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@pandonetworks.com/PandoWebPlugin: C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks)
FF - HKLM\Software\MozillaPlugins\@raidcall.en/RCplugin: C:\Users\Evan Kopilow\AppData\Roaming\raidcall\plugins\nprcplugin.dll (Raidcall)
FF - HKLM\Software\MozillaPlugins\@videolan.org/vlc,version=2.0.8: D:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF - HKLM\Software\MozillaPlugins\@videolan.org/vlc,version=2.1.0: C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF - HKLM\Software\MozillaPlugins\@videolan.org/vlc,version=2.1.1: C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF - HKLM\Software\MozillaPlugins\@videolan.org/vlc,version=2.1.2: C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF - HKLM\Software\MozillaPlugins\@videolan.org/vlc,version=2.1.3: C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF - HKCU\Software\MozillaPlugins\pandonetworks.com/PandoWebPlugin: C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks)
 
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 30.0\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2014/06/18 02:23:15 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 30.0\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2014/07/03 11:12:31 | 000,000,000 | ---D | M]
FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Firefox 30.0\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2014/06/18 02:23:15 | 000,000,000 | ---D | M]
FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Firefox 30.0\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2014/07/03 11:12:31 | 000,000,000 | ---D | M]
 
[2012/04/10 10:50:54 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Evan Kopilow\AppData\Roaming\Mozilla\Extensions
[2014/07/03 11:12:30 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Evan Kopilow\AppData\Roaming\Mozilla\Firefox\Profiles\qpz899co.default\extensions
[2014/05/14 17:37:37 | 000,000,000 | ---D | M] ("Flash Video Downloader - Full HD Download") -- C:\Users\Evan Kopilow\AppData\Roaming\Mozilla\Firefox\Profiles\qpz899co.default\extensions\artur.dubovoyEmail Removed
[2014/04/24 15:50:52 | 000,057,781 | ---- | M] () (No name found) -- C:\Users\Evan Kopilow\AppData\Roaming\Mozilla\Firefox\Profiles\qpz899co.default\extensions\[email protected]
[2014/04/08 03:16:26 | 000,625,308 | ---- | M] () (No name found) -- C:\Users\Evan Kopilow\AppData\Roaming\Mozilla\Firefox\Profiles\qpz899co.default\extensions\[email protected]
[2013/01/30 10:35:10 | 000,119,925 | ---- | M] () (No name found) -- C:\Users\Evan Kopilow\AppData\Roaming\Mozilla\Firefox\Profiles\qpz899co.default\extensions\[email protected]
[2014/06/20 21:41:17 | 000,009,259 | ---- | M] () (No name found) -- C:\Users\Evan Kopilow\AppData\Roaming\Mozilla\Firefox\Profiles\qpz899co.default\extensions\[email protected]
[2014/06/27 19:29:50 | 000,220,046 | ---- | M] () (No name found) -- C:\Users\Evan Kopilow\AppData\Roaming\Mozilla\Firefox\Profiles\qpz899co.default\extensions\{37fa1426-b82d-11db-8314-0800200c9a66}.xpi
[2014/07/02 01:32:28 | 000,538,404 | ---- | M] () (No name found) -- C:\Users\Evan Kopilow\AppData\Roaming\Mozilla\Firefox\Profiles\qpz899co.default\extensions\{73a6fe31-595d-460b-a920-fcc0f8843232}.xpi
[2014/06/10 17:17:35 | 000,967,387 | ---- | M] () (No name found) -- C:\Users\Evan Kopilow\AppData\Roaming\Mozilla\Firefox\Profiles\qpz899co.default\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi
[2014/06/18 02:23:15 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\Mozilla Firefox\extensions
[2014/06/18 02:23:15 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0033-ABCDEFFEDCBA}
[2014/06/18 02:23:15 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0035-ABCDEFFEDCBA}
[2014/06/18 02:23:15 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\Mozilla Firefox\browser\extensions
[2014/06/18 02:23:31 | 000,000,000 | ---D | M] (Default) -- C:\Program Files (x86)\Mozilla Firefox\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
File not found (No name found) -- C:\PROGRAMDATA\AVG SECURE SEARCH\FIREFOXEXT\17.2.0.38
[2011/12/09 13:23:32 | 000,012,800 | ---- | M] (Nullsoft, Inc.) -- C:\Program Files (x86)\mozilla firefox\plugins\npwachk.dll
 
O1 HOSTS File: ([2009/06/10 17:00:26 | 000,000,824 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts
O2 - BHO: (Java™ Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
O2 - BHO: (Java™ Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
O4:64bit: - HKLM..\Run: [HotKeysCmds] C:\Windows\SysNative\hkcmd.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [IgfxTray] C:\Windows\SysNative\igfxtray.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [IntelliPoint] C:\Program Files\Microsoft Mouse and Keyboard Center\ipoint.exe (Microsoft Corporation)
O4:64bit: - HKLM..\Run: [IntelliType Pro] C:\Program Files\Microsoft Mouse and Keyboard Center\itype.exe (Microsoft Corporation)
O4:64bit: - HKLM..\Run: [MSC] C:\Program Files\Microsoft Security Client\msseces.exe (Microsoft Corporation)
O4:64bit: - HKLM..\Run: [Persistence] C:\Windows\SysNative\igfxpers.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [RtHDVCpl] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe (Realtek Semiconductor)
O4 - HKLM..\Run: []  File not found
O4 - HKLM..\Run: [APSDaemon] C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe (Apple Inc.)
O4 - HKLM..\Run: [Razer Synapse] C:\Program Files (x86)\Razer\Synapse\RzSynapse.exe (Razer Inc.)
O4 - HKLM..\Run: [StartCCC] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\amd64\CLIStart.exe (Advanced Micro Devices, Inc.)
O4 - HKCU..\Run: [f.lux] C:\Users\Evan Kopilow\AppData\Local\FluxSoftware\Flux\flux.exe (Flux Software LLC)
O4:64bit: - HKLM..\RunOnce: [RPMKickstart] C:\Program Files\GIGABYTE\SMART6\Recovery\RPMKickstart.exe (Gigabyte Technology CO., LTD.)
O4 - Startup: C:\Users\Evan Kopilow\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Samsung Magician.lnk = C:\Windows\SysWOW64\schtasks.exe (Microsoft Corporation)
O4 - Startup: C:\Users\Evan Kopilow\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\SpeedFan.lnk =  File not found
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: PromptOnSecureDesktop = 0
O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000007 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000007 [] - C:\Program Files (x86)\Bonjour\mdnsNSP.dll (Apple Inc.)
O1364bit: - gopher Prefix: missing
O13 - gopher Prefix: missing
O15 - HKCU\..Trusted Domains: verizon.net ([activate] https in Trusted sites)
O15 - HKCU\..Trusted Domains: verizon.net ([activatemydsl] https in Trusted sites)
O15 - HKCU\..Trusted Domains: verizon.net ([activatemyfios] https in Trusted sites)
O15 - HKCU\..Trusted Domains: verizon.net ([activatemyhsi] https in Trusted sites)
O15 - HKCU\..Trusted Domains: verizon.net ([activatemywifi] https in Trusted sites)
O15 - HKCU\..Trusted Domains: verizon.net ([wbadownload] https in Trusted sites)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/...indows-i586.cab (Java Plug-in 10.55.2)
O16 - DPF: {CAFEEFAC-0017-0000-0051-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.7.0_51)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 10.55.2)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{0D22C8E2-A8B1-4FA7-8886-7DFC39D6AA92}: DhcpNameServer = 192.168.1.1
O18:64bit: - Protocol\Handler\skype4com - No CLSID value found
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: UserInit - (c:\windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: UserInit - (c:\program files\soluto\soluto.exe /userinit) - c:\program files\soluto\soluto.exe (Soluto)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (userinit.exe) - C:\Windows\SysWow64\userinit.exe (Microsoft Corporation)
O20:64bit: - Winlogon\Notify\igfxcui: DllName - (igfxdev.dll) - C:\Windows\SysNative\igfxdev.dll (Intel Corporation)
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O32 - HKLM CDRom: AutoRun - 1
O33 - MountPoints2\{5625bff4-8119-11e2-a428-50e549e97722}\Shell - "" = AutoRun
O33 - MountPoints2\{5625bff4-8119-11e2-a428-50e549e97722}\Shell\AutoRun\command - "" = H:\ToolLauncher-Bootstrap.exe
O33 - MountPoints2\{8fec731b-8330-11e1-982c-806e6f6e6963}\Shell - "" = AutoRun
O33 - MountPoints2\{8fec731b-8330-11e1-982c-806e6f6e6963}\Shell\AutoRun\command - "" = D:\Run.exe
O33 - MountPoints2\{a0a3cf5c-c480-11e2-b96d-50e549e97722}\Shell - "" = AutoRun
O33 - MountPoints2\{a0a3cf5c-c480-11e2-b96d-50e549e97722}\Shell\AutoRun\command - "" = J:\VZW_Software_upgrade_assistant.exe
O33 - MountPoints2\J\Shell - "" = AutoRun
O33 - MountPoints2\J\Shell\AutoRun\command - "" = J:\VZW_Software_upgrade_assistant.exe
O34 - HKLM BootExecute: (autocheck autochk *)
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)
 
========== Files/Folders - Created Within 30 Days ==========
 
[2014/07/03 11:19:26 | 000,000,000 | ---D | C] -- C:\Windows\ERUNT
[2014/07/03 11:11:54 | 000,000,000 | ---D | C] -- C:\AdwCleaner
[2014/07/03 11:10:07 | 001,016,261 | ---- | C] (Thisisu) -- C:\Users\Evan Kopilow\Desktop\JRT.exe
[2014/07/02 20:07:24 | 000,000,000 | -HSD | C] -- C:\Users\Evan Kopilow\AppData\Local\EmieUserList
[2014/07/02 20:07:24 | 000,000,000 | -HSD | C] -- C:\Users\Evan Kopilow\AppData\Local\EmieSiteList
[2014/07/02 00:39:55 | 000,602,112 | ---- | C] (OldTimer Tools) -- C:\Users\Evan Kopilow\Desktop\OTL.exe
[2014/07/02 00:35:13 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Samsung Magician
[2014/06/29 19:18:35 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Trend Micro
[2014/06/29 19:18:35 | 000,000,000 | ---D | C] -- C:\Users\Evan Kopilow\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\HiJackThis
[2014/06/24 13:19:18 | 000,000,000 | ---D | C] -- C:\Users\Evan Kopilow\Desktop\Phone pictures
[2014/06/18 02:23:15 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Mozilla Firefox
[2014/06/14 18:36:14 | 000,000,000 | ---D | C] -- C:\Users\Evan Kopilow\AppData\Local\Adobe
[2014/06/10 16:26:01 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Skype
[2014/06/10 16:05:12 | 000,592,896 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\jscript9diag.dll
[2014/06/10 16:05:12 | 000,069,632 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mshtmled.dll
[2014/06/10 16:05:12 | 000,051,200 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieetwproxystub.dll
[2014/06/10 16:05:12 | 000,048,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieetwproxystub.dll
[2014/06/10 16:05:12 | 000,032,256 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\JavaScriptCollectionAgent.dll
[2014/06/10 16:05:11 | 000,061,952 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\iesetup.dll
[2014/06/10 16:05:11 | 000,038,400 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\JavaScriptCollectionAgent.dll
[2014/06/10 16:05:10 | 001,964,544 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\inetcpl.cpl
[2014/06/10 16:05:10 | 000,631,808 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msfeeds.dll
[2014/06/10 16:05:10 | 000,452,096 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\dxtmsft.dll
[2014/06/10 16:05:10 | 000,440,832 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieui.dll
[2014/06/10 16:05:10 | 000,111,616 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieetwcollector.exe
[2014/06/10 16:05:10 | 000,032,768 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\iernonce.dll
[2014/06/10 16:05:10 | 000,004,096 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieetwcollectorres.dll
[2014/06/10 16:05:09 | 002,040,832 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\inetcpl.cpl
[2014/06/10 16:05:09 | 000,608,768 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ie4uinit.exe
[2014/06/10 16:05:09 | 000,066,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\iesetup.dll
[2014/06/10 16:05:08 | 001,068,032 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mshtmlmedia.dll
[2014/06/10 16:05:08 | 000,704,512 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieapfltr.dll
[2014/06/10 16:05:08 | 000,112,128 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieUnatt.exe
[2014/06/10 16:05:08 | 000,033,792 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\iernonce.dll
[2014/06/10 16:05:07 | 000,574,976 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieui.dll
[2014/06/10 16:05:07 | 000,295,424 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\dxtrans.dll
[2014/06/10 16:05:07 | 000,164,864 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msrating.dll
[2014/06/10 16:05:06 | 005,782,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\jscript9.dll
[2014/06/10 16:05:06 | 001,249,280 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mshtmlmedia.dll
[2014/06/10 16:05:06 | 000,752,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\jscript9diag.dll
[2014/06/10 16:05:06 | 000,548,352 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\vbscript.dll
[2014/06/10 16:05:06 | 000,139,264 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieUnatt.exe
[2014/06/10 16:05:06 | 000,085,504 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mshtmled.dll
[2014/06/10 16:05:05 | 000,940,032 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\MsSpellCheckingFacility.exe
[2014/06/10 16:05:05 | 000,846,336 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieapfltr.dll
[2014/06/10 16:05:05 | 000,195,584 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msrating.dll
[2014/06/10 16:04:58 | 003,178,496 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\rdpcorets.dll
[2014/06/10 16:04:58 | 000,288,192 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\FWPKCLNT.SYS
[2014/06/10 16:04:58 | 000,016,384 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\RdpGroupPolicyExtension.dll
[2014/06/10 16:04:57 | 000,801,280 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\usp10.dll
[2014/06/10 16:04:57 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msxml6r.dll
[2014/06/10 16:04:57 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msxml6r.dll
[2014/06/10 16:04:57 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msxml3r.dll
[2014/06/10 16:04:57 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msxml3r.dll
[2014/06/10 16:04:56 | 000,506,368 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\aepdu.dll
[2014/06/10 16:04:55 | 000,424,448 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\aeinv.dll
[2012/05/06 12:56:42 | 000,082,816 | ---- | C] (VSO Software) -- C:\Users\Evan Kopilow\AppData\Roaming\pcouffin.sys
 
========== Files - Modified Within 30 Days ==========
 
[2014/07/05 16:06:00 | 000,000,830 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
[2014/07/05 15:21:40 | 000,022,064 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2014/07/05 15:21:40 | 000,022,064 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2014/07/05 15:19:18 | 000,782,510 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2014/07/05 15:19:18 | 000,662,400 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2014/07/05 15:19:18 | 000,122,268 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2014/07/05 15:14:15 | 000,025,640 | ---- | M] (Windows ® Server 2003 DDK provider) -- C:\Windows\gdrv.sys
[2014/07/05 15:14:13 | 000,000,350 | ---- | M] () -- C:\Windows\tasks\AVG-Secure-Search-Update_JUNE2013_TB_rmv.job
[2014/07/05 15:14:13 | 000,000,350 | ---- | M] () -- C:\Windows\tasks\AVG-Secure-Search-Update_JUNE2013_HP_rmv.job
[2014/07/05 15:13:16 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2014/07/05 15:13:10 | 4229,779,454 | -HS- | M] () -- C:\hiberfil.sys
[2014/07/03 11:10:56 | 001,346,519 | ---- | M] () -- C:\Users\Evan Kopilow\Desktop\AdwCleaner.exe
[2014/07/03 11:10:11 | 001,016,261 | ---- | M] (Thisisu) -- C:\Users\Evan Kopilow\Desktop\JRT.exe
[2014/07/02 00:39:57 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Evan Kopilow\Desktop\OTL.exe
[2014/07/02 00:35:13 | 000,001,744 | ---- | M] () -- C:\Users\Evan Kopilow\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Samsung Magician.lnk
[2014/06/29 19:23:04 | 000,016,037 | ---- | M] () -- C:\Users\Evan Kopilow\Desktop\99 load.gif
[2014/06/29 19:18:35 | 000,003,007 | ---- | M] () -- C:\Users\Evan Kopilow\Desktop\HiJackThis.lnk
[2014/06/29 19:17:30 | 001,402,880 | ---- | M] () -- C:\Users\Evan Kopilow\Desktop\HiJackThis.msi
[2014/06/28 06:46:28 | 580,129,489 | ---- | M] () -- C:\Windows\MEMORY.DMP
[2014/06/25 13:30:44 | 000,001,117 | ---- | M] () -- C:\Users\Public\Desktop\Vz  In-Home Agent.lnk
[2014/06/18 11:46:14 | 000,002,044 | ---- | M] () -- C:\Users\Evan Kopilow\Application Data\Microsoft\Internet Explorer\Quick Launch\Mozilla Firefox.lnk
[2014/06/11 10:48:44 | 000,699,056 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerApp.exe
[2014/06/11 10:48:44 | 000,071,344 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl
[2014/06/08 05:13:05 | 000,506,368 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\aepdu.dll
[2014/06/08 05:08:04 | 000,424,448 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\aeinv.dll
 
========== Files Created - No Company Name ==========
 
[2014/07/03 11:10:51 | 001,346,519 | ---- | C] () -- C:\Users\Evan Kopilow\Desktop\AdwCleaner.exe
[2014/07/02 00:35:13 | 000,001,744 | ---- | C] () -- C:\Users\Evan Kopilow\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Samsung Magician.lnk
[2014/06/29 19:23:04 | 000,016,037 | ---- | C] () -- C:\Users\Evan Kopilow\Desktop\99 load.gif
[2014/06/29 19:18:35 | 000,003,007 | ---- | C] () -- C:\Users\Evan Kopilow\Desktop\HiJackThis.lnk
[2014/06/29 19:17:29 | 001,402,880 | ---- | C] () -- C:\Users\Evan Kopilow\Desktop\HiJackThis.msi
[2014/06/25 13:30:44 | 000,001,117 | ---- | C] () -- C:\Users\Public\Desktop\Vz  In-Home Agent.lnk
[2014/02/12 12:05:09 | 000,000,114 | ---- | C] () -- C:\Users\Evan Kopilow\AppData\Roaming\Dogecoin.conf
[2013/12/06 17:44:26 | 000,038,912 | ---- | C] () -- C:\Windows\SysWow64\kdbsdk32.dll
[2013/11/07 02:52:42 | 000,077,312 | ---- | C] () -- C:\Windows\SysWow64\igdde32.dll
[2013/03/28 22:13:14 | 000,798,734 | ---- | C] () -- C:\Windows\SysWow64\amdocl_ld32.exe
[2013/03/28 22:13:12 | 000,995,342 | ---- | C] () -- C:\Windows\SysWow64\amdocl_as32.exe
[2012/12/10 21:45:50 | 000,002,048 | ---- | C] () -- C:\Users\Evan Kopilow\comdrv8z.bin
[2012/11/20 00:17:57 | 000,000,193 | ---- | C] () -- C:\ProgramData\Microsoft.SqlServer.Compact.351.64.bc
[2012/10/10 03:22:28 | 000,272,928 | ---- | C] () -- C:\Windows\SysWow64\igvpkrng600.bin
[2012/10/10 03:22:20 | 000,963,452 | ---- | C] () -- C:\Windows\SysWow64\igcodeckrng600.bin
[2012/05/06 12:57:06 | 000,001,057 | ---- | C] () -- C:\Users\Evan Kopilow\AppData\Roaming\vso_ts_preview.xml
[2012/05/06 12:56:42 | 000,099,384 | ---- | C] () -- C:\Users\Evan Kopilow\AppData\Roaming\inst.exe
[2012/05/06 12:56:42 | 000,007,859 | ---- | C] () -- C:\Users\Evan Kopilow\AppData\Roaming\pcouffin.cat
[2012/05/06 12:56:42 | 000,001,167 | ---- | C] () -- C:\Users\Evan Kopilow\AppData\Roaming\pcouffin.inf
[2012/04/13 10:54:19 | 000,007,601 | ---- | C] () -- C:\Users\Evan Kopilow\AppData\Local\Resmon.ResmonCfg
 
========== ZeroAccess Check ==========
 
[2009/07/14 00:55:00 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini
 
[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
 
[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
 
[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] /64
 
[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
"" = C:\Windows\SysNative\shell32.dll -- [2014/03/24 22:43:12 | 014,175,744 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
 
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2014/03/24 22:09:54 | 012,874,240 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\fastprox.dll -- [2009/07/13 21:40:51 | 000,909,312 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
 
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2010/11/20 23:24:25 | 000,606,208 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\wbemess.dll -- [2009/07/13 21:41:56 | 000,505,856 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both
 
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]

< End of report >
 

 

Sorry about that



#9 guestolo

guestolo

    Site Donator

  • Admin
  • PipPipPipPipPipPipPip
  • 16,247 posts

Posted 05 July 2014 - 06:17 PM

Double click on OTL.exe and Run it

  • Under the Custom Scans/Fixes box at the bottom, copy/paste in the following in the quote box below. don't include the word Quote please

     

     

    :OTL

    FF - prefs.js..extensions.enabledAddons: TFToolbarX%40torrent-finder:1.3.1
    FF - prefs.js..extensions.enabledAddons: ex1%40icrewmax.com:3.6
    FF - prefs.js..extensions.enabledAddons: %7B37fa1426-b82d-11db-8314-0800200c9a66%7D:3.4.2
    FF - prefs.js..extensions.enabledAddons: %7B73a6fe31-595d-460b-a920-fcc0f8843232%7D:2.6.8.31
    FF - prefs.js..extensions.enabledAddons: %7B972ce4c6-7e08-4474-a285-3208198ce6fd%7D:30.0

    File not found (No name found) -- C:\PROGRAMDATA\AVG SECURE SEARCH\FIREFOXEXT\17.2.0.38

    O33 - MountPoints2\{5625bff4-8119-11e2-a428-50e549e97722}\Shell - "" = AutoRun
    O33 - MountPoints2\{5625bff4-8119-11e2-a428-50e549e97722}\Shell\AutoRun\command - "" = H:\ToolLauncher-Bootstrap.exe
    O33 - MountPoints2\{8fec731b-8330-11e1-982c-806e6f6e6963}\Shell - "" = AutoRun
    O33 - MountPoints2\{8fec731b-8330-11e1-982c-806e6f6e6963}\Shell\AutoRun\command - "" = D:\Run.exe
    O33 - MountPoints2\{a0a3cf5c-c480-11e2-b96d-50e549e97722}\Shell - "" = AutoRun
    O33 - MountPoints2\{a0a3cf5c-c480-11e2-b96d-50e549e97722}\Shell\AutoRun\command - "" = J:\VZW_Software_upgrade_assistant.exe
    O33 - MountPoints2\J\Shell - "" = AutoRun
    O33 - MountPoints2\J\Shell\AutoRun\command - "" = J:\VZW_Software_upgrade_assistant.exe
    :Files
    ipconfig /flushdns /c
    :Commands

    [EmptyJava}

    [EmptyFlash]
    [EmptyTemp]

    [Reboot]

  • Then click the Run Fix button at the top
  • Let the program run unhindered, reboot the PC when it is done


On startup, Allow OTL to run if prompted
A log should open, can you post it please
A copy of this log can also be found in
C:\_OTL\Moved Files folder

 

Keep me informed how the computer is now running please


Do you want to post your own logs from FRST?
Follow the instructions posted Click Here


#10 rambag3

rambag3

    Journeyman

  • Members
  • PipPip
  • 47 posts

Posted 05 July 2014 - 08:44 PM

All processes killed
========== OTL ==========
Prefs.js: TFToolbarX%40torrent-finder:1.3.1 removed from extensions.enabledAddons
Prefs.js: ex1%40icrewmax.com:3.6 removed from extensions.enabledAddons
Prefs.js: %7B37fa1426-b82d-11db-8314-0800200c9a66%7D:3.4.2 removed from extensions.enabledAddons
Prefs.js: %7B73a6fe31-595d-460b-a920-fcc0f8843232%7D:2.6.8.31 removed from extensions.enabledAddons
Prefs.js: %7B972ce4c6-7e08-4474-a285-3208198ce6fd%7D:30.0 removed from extensions.enabledAddons
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{5625bff4-8119-11e2-a428-50e549e97722}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{5625bff4-8119-11e2-a428-50e549e97722}\ not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{5625bff4-8119-11e2-a428-50e549e97722}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{5625bff4-8119-11e2-a428-50e549e97722}\ not found.
File H:\ToolLauncher-Bootstrap.exe not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{8fec731b-8330-11e1-982c-806e6f6e6963}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{8fec731b-8330-11e1-982c-806e6f6e6963}\ not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{8fec731b-8330-11e1-982c-806e6f6e6963}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{8fec731b-8330-11e1-982c-806e6f6e6963}\ not found.
File D:\Run.exe not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{a0a3cf5c-c480-11e2-b96d-50e549e97722}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{a0a3cf5c-c480-11e2-b96d-50e549e97722}\ not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{a0a3cf5c-c480-11e2-b96d-50e549e97722}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{a0a3cf5c-c480-11e2-b96d-50e549e97722}\ not found.
File J:\VZW_Software_upgrade_assistant.exe not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\J\ deleted successfully.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\J\ not found.
File J:\VZW_Software_upgrade_assistant.exe not found.
========== FILES ==========
< ipconfig /flushdns /c >
Windows IP Configuration
Successfully flushed the DNS Resolver Cache.
C:\Users\Evan Kopilow\Desktop\cmd.bat deleted successfully.
C:\Users\Evan Kopilow\Desktop\cmd.txt deleted successfully.
========== COMMANDS ==========
Error: Unable to interpret <[EmptyJava}> in the current context!
 
[EMPTYFLASH]
 
User: All Users
 
User: Default
 
User: Default User
 
User: Evan Kopilow
->Flash cache emptied: 61148 bytes
 
User: Public
 
Total Flash Files Cleaned = 0.00 mb
 
 
[EMPTYTEMP]
 
User: All Users
 
User: Default
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
 
User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
 
User: Evan Kopilow
->Temp folder emptied: 2585068008 bytes
->Temporary Internet Files folder emptied: 7089811 bytes
->Java cache emptied: 149158085 bytes
->FireFox cache emptied: 390454767 bytes
->Apple Safari cache emptied: 123629568 bytes
->Flash cache emptied: 0 bytes
 
User: Public
 
%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 0 bytes
%systemroot%\System32 .tmp files removed: 0 bytes
%systemroot%\System32 (64bit) .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 798809692 bytes
%systemroot%\sysnative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files folder emptied: 36073306 bytes
RecycleBin emptied: 0 bytes
 
Total Files Cleaned = 3,901.00 mb
 
 
OTL by OldTimer - Version 3.2.69.0 log created on 07052014_223749

Files\Folders moved on Reboot...
C:\Users\Evan Kopilow\AppData\Local\Temp\FXSAPIDebugLogFile.txt moved successfully.
File move failed. C:\Users\Evan Kopilow\AppData\Local\Microsoft\Windows\Temporary Internet Files\counters.dat scheduled to be moved on reboot.

PendingFileRenameOperations files...

Registry entries deleted on Reboot...
 



#11 guestolo

guestolo

    Site Donator

  • Admin
  • PipPipPipPipPipPipPip
  • 16,247 posts

Posted 05 July 2014 - 08:56 PM

how's things running on your end with the computer?


Do you want to post your own logs from FRST?
Follow the instructions posted Click Here


#12 rambag3

rambag3

    Journeyman

  • Members
  • PipPip
  • 47 posts

Posted 05 July 2014 - 08:59 PM

Everything seems fine, the big problem is, the 99% load was very random and only started a couple of weeks ago. So it's hard to know if anything was fixed.

 

I will update you if anything changes. What did you have me remove if I may ask?



#13 guestolo

guestolo

    Site Donator

  • Admin
  • PipPipPipPipPipPipPip
  • 16,247 posts

Posted 05 July 2014 - 10:54 PM

Adwcleaner and jrt do virtually the same thing

Here's a quote
 

AdwCleaner is a program that searches for and deletes Adware, Toolbars, Potentially Unwanted Programs (PUP), and browser Hijackers from your computer.  By using AdwCleaner you can easily remove many of these types of programs for a better user experience on your computer and while browsing the web.

The types of programs that AdwCleaner targets are typically bundled with free programs that you download from the web.  In many cases when you download and install a program, the install will state that these programs will be installed along with the program you downloaded.  Unless you perform a Custom install, these unwanted programs will automatically be installed on your computer leaving you with extra browser toolbars, adware, and other unwanted programs.  AdwCleaner is designed to search for and remove these types of programs.

 

In addition we used otl to clean temp files

 

I'm on my way to work camp tommorrow so I'll pop in when I can

Yes please keep me updated how things are running


Do you want to post your own logs from FRST?
Follow the instructions posted Click Here


#14 guestolo

guestolo

    Site Donator

  • Admin
  • PipPipPipPipPipPipPip
  • 16,247 posts

Posted 28 July 2015 - 03:44 PM

As your problems appear resolved I'll lock this topic


Do you want to post your own logs from FRST?
Follow the instructions posted Click Here