O4 - HKLM..\\Run: [IndexSearch] C:\\Program Files (x86)\\Nuance\\PaperPort\\IndexSearch.exe (Nuance Com
This is the Extra.txt,
OTL Extras logfile created on: 4/13/2013 5:17:39 PM - Run 3
OTL by OldTimer - Version 3.2.69.0 Folder = C:\\Users\\Will\\Downloads
64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 8.0.7601.17514)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy
3.93 Gb Total Physical Memory | 1.56 Gb Available Physical Memory | 39.57% Memory free
7.86 Gb Paging File | 5.14 Gb Available in Paging File | 65.41% Paging File free
Paging file location(s): ?:\\pagefile.sys [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\\Windows | %ProgramFiles% = C:\\Program Files (x86)
Drive C: | 453.66 Gb Total Space | 34.33 Gb Free Space | 7.57% Space Free | Partition Type: NTFS
Drive E: | 931.48 Gb Total Space | 279.12 Gb Free Space | 29.97% Space Free | Partition Type: NTFS
Computer Name: WILL-PC | User Name: Will | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
========== Extra Registry (SafeList) ==========
========== File Associations ==========
64bit: [HKEY_LOCAL_MACHINE\\SOFTWARE\\Classes\\<extension>]
.html[@ = ChromeHTML] -- C:\\Program Files (x86)\\Google\\Chrome\\Application\\chrome.exe (Google Inc.)
.url[@ = InternetShortcut] -- C:\\Windows\\SysNative\\rundll32.exe (Microsoft Corporation)
[HKEY_LOCAL_MACHINE\\SOFTWARE\\Classes\\<extension>]
.cpl [@ = cplfile] -- C:\\Windows\\SysWow64\\control.exe (Microsoft Corporation)
.html [@ = ChromeHTML] -- C:\\Program Files (x86)\\Google\\Chrome\\Application\\chrome.exe (Google Inc.)
[HKEY_CURRENT_USER\\SOFTWARE\\Classes\\<extension>]
.html [@ = ChromeHTML] -- Reg Error: Key error. File not found
========== Shell Spawning ==========
64bit: [HKEY_LOCAL_MACHINE\\SOFTWARE\\Classes\\<key>\\shell\\[command]\\command]
batfile [open] -- \"%1\" %*
cmdfile [open] -- \"%1\" %*
comfile [open] -- \"%1\" %*
exefile [open] -- \"%1\" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [edit] -- Reg Error: Key error.
htmlfile [print] -- rundll32.exe %windir%\\system32\\mshtml.dll,PrintHTML \"%1\"
http [open] -- \"C:\\Program Files (x86)\\Google\\Chrome\\Application\\chrome.exe\" -- \"%1\" (Google Inc.)
https [open] -- \"C:\\Program Files (x86)\\Google\\Chrome\\Application\\chrome.exe\" -- \"%1\" (Google Inc.)
inffile [install] -- %SystemRoot%\\System32\\InfDefaultInstall.exe \"%1\" (Microsoft Corporation)
InternetShortcut [open] -- \"C:\\Windows\\System32\\rundll32.exe\" \"C:\\Windows\\System32\\ieframe.dll\",OpenURL %l (Microsoft Corporation)
InternetShortcut [print] -- \"C:\\Windows\\System32\\rundll32.exe\" \"C:\\Windows\\System32\\mshtml.dll\",PrintHTML \"%1\" (Microsoft Corporation)
piffile [open] -- \"%1\" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- \"%1\"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- \"%1\" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\\system32\\rundll32.exe %SystemRoot%\\system32\\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- \"C:\\Program Files (x86)\\VideoLAN\\VLC\\vlc.exe\" --started-from-file --playlist-enqueue \"%1\" ()
Directory [cmd] -- cmd.exe /s /k pushd \"%V\" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\\Explorer.exe (Microsoft Corporation)
Directory [PlayWithVLC] -- \"C:\\Program Files (x86)\\VideoLAN\\VLC\\vlc.exe\" --started-from-file --no-playlist-enqueue \"%1\" ()
Folder [open] -- %SystemRoot%\\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\\Explorer.exe (Microsoft Corporation)
[HKEY_LOCAL_MACHINE\\SOFTWARE\\Classes\\<key>\\shell\\[command]\\command]
batfile [open] -- \"%1\" %*
cmdfile [open] -- \"%1\" %*
comfile [open] -- \"%1\" %*
cplfile [cplopen] -- %SystemRoot%\\System32\\control.exe \"%1\",%* (Microsoft Corporation)
exefile [open] -- \"%1\" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [edit] -- Reg Error: Key error.
htmlfile [print] -- rundll32.exe %windir%\\system32\\mshtml.dll,PrintHTML \"%1\"
http [open] -- \"C:\\Program Files (x86)\\Google\\Chrome\\Application\\chrome.exe\" -- \"%1\" (Google Inc.)
https [open] -- \"C:\\Program Files (x86)\\Google\\Chrome\\Application\\chrome.exe\" -- \"%1\" (Google Inc.)
inffile [install] -- %SystemRoot%\\System32\\InfDefaultInstall.exe \"%1\" (Microsoft Corporation)
piffile [open] -- \"%1\" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- \"%1\"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- \"%1\" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\\system32\\rundll32.exe %SystemRoot%\\system32\\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- \"C:\\Program Files (x86)\\VideoLAN\\VLC\\vlc.exe\" --started-from-file --playlist-enqueue \"%1\" ()
Directory [cmd] -- cmd.exe /s /k pushd \"%V\" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\\Explorer.exe (Microsoft Corporation)
Directory [PlayWithVLC] -- \"C:\\Program Files (x86)\\VideoLAN\\VLC\\vlc.exe\" --started-from-file --no-playlist-enqueue \"%1\" ()
Folder [open] -- %SystemRoot%\\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\\Explorer.exe (Microsoft Corporation)
========== Security Center Settings ==========
64bit: [HKEY_LOCAL_MACHINE\\SOFTWARE\\Microsoft\\Security Center]
\"cval\" = 1
64bit: [HKEY_LOCAL_MACHINE\\SOFTWARE\\Microsoft\\Security Center\\Monitoring]
64bit: [HKEY_LOCAL_MACHINE\\SOFTWARE\\Microsoft\\Security Center\\Svc]
\"VistaSp1\" = 28 4D B2 76 41 04 CA 01 [binary data]
\"AntiVirusOverride\" = 0
\"AntiSpywareOverride\" = 0
\"FirewallOverride\" = 0
64bit: [HKEY_LOCAL_MACHINE\\SOFTWARE\\Microsoft\\Security Center\\Svc\\Vol]
[HKEY_LOCAL_MACHINE\\SOFTWARE\\Microsoft\\Security Center]
[HKEY_LOCAL_MACHINE\\SOFTWARE\\Microsoft\\Security Center\\Svc]
========== Firewall Settings ==========
[HKEY_LOCAL_MACHINE\\SYSTEM\\CurrentControlSet\\Services\\SharedAccess\\Parameters\\FirewallPolicy\\DomainProfile]
\"DisableNotifications\" = 0
\"EnableFirewall\" = 1
[HKEY_LOCAL_MACHINE\\SYSTEM\\CurrentControlSet\\Services\\SharedAccess\\Parameters\\FirewallPolicy\\StandardProfile]
\"DisableNotifications\" = 0
\"EnableFirewall\" = 1
[HKEY_LOCAL_MACHINE\\SYSTEM\\CurrentControlSet\\Services\\SharedAccess\\Parameters\\FirewallPolicy\\PublicProfile]
\"DisableNotifications\" = 0
\"EnableFirewall\" = 1
========== Authorized Applications List ==========
========== Vista Active Open Ports Exception List ==========
[HKEY_LOCAL_MACHINE\\SYSTEM\\CurrentControlSet\\Services\\SharedAccess\\Parameters\\FirewallPolicy\\FirewallRules]
\"{01607785-7ABF-409F-BCA8-A1F27901EA9D}\" = rport=2177 | protocol=6 | dir=out | svc=qwave | app=%systemroot%\\system32\\svchost.exe |
\"{06D14062-A1F8-46EF-A1B7-278D9BC0BCA5}\" = lport=2869 | protocol=6 | dir=in | name=windows live communications platform (upnp) |
\"{0D4B5927-3FAC-4B4B-9B2B-DCB9B30AB36B}\" = lport=554 | protocol=6 | dir=in | app=%systemroot%\\ehome\\ehshell.exe |
\"{1A8E03FC-34B9-41B4-A230-4980E2B348B6}\" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\\system32\\svchost.exe |
\"{2374A1F8-7B29-4881-88C6-65026A95529B}\" = lport=2869 | protocol=6 | dir=in | app=system |
\"{281CDAEB-756F-48AB-A0F3-71F25A46CE47}\" = lport=2177 | protocol=17 | dir=in | svc=qwave | app=%systemroot%\\system32\\svchost.exe |
\"{29D4B0EE-4DED-4390-9326-E7753AEB6137}\" = lport=2869 | protocol=6 | dir=in | app=system |
\"{35A6CC10-D1CA-4F1E-8BB3-E7DC1FA82117}\" = lport=2177 | protocol=6 | dir=in | svc=qwave | app=%systemroot%\\system32\\svchost.exe |
\"{3C13864E-1256-4739-8B84-3D5453B91DBD}\" = rport=2177 | protocol=17 | dir=out | svc=qwave | app=%systemroot%\\system32\\svchost.exe |
\"{5BF7478E-BD59-44AD-82BF-594A6185229C}\" = lport=2177 | protocol=6 | dir=in | svc=qwave | app=%systemroot%\\system32\\svchost.exe |
\"{657D68B9-916E-4FD1-B7F4-80A38E11142E}\" = lport=1900 | protocol=17 | dir=in | name=windows live communications platform (ssdp) |
\"{6B2BC9F7-74B9-4CC9-BD11-814A545319A4}\" = lport=49170 | protocol=6 | dir=in | name=akamai netsession interface |
\"{6CC149A7-AF67-4DFC-9D50-ADEACDCEFFA5}\" = lport=3390 | protocol=6 | dir=in | app=system |
\"{71925C0A-339A-4689-B00B-93360A95B01D}\" = lport=2869 | protocol=6 | dir=in | app=system |
\"{73792F4B-EFA1-4A09-8974-3F22A05C3968}\" = rport=2177 | protocol=17 | dir=out | svc=qwave | app=%systemroot%\\system32\\svchost.exe |
\"{746A95E8-5BEC-49A2-A689-63B0E879ACC5}\" = lport=7777 | protocol=17 | dir=in | app=%systemroot%\\ehome\\ehshell.exe |
\"{81F95C87-528E-4A76-9683-D005C7C1F39C}\" = lport=2869 | protocol=6 | dir=in | app=system |
\"{8526F053-5D76-42CC-B055-A1FF914A4841}\" = lport=5353 | protocol=6 | dir=in | name=adobe csi cs4 |
\"{86E04B6D-C972-4709-88C8-F31286A3E136}\" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\\system32\\svchost.exe |
\"{895E618F-85D7-4787-B699-7738F04DDCF5}\" = lport=49161 | protocol=6 | dir=in | name=akamai netsession interface |
\"{97FBC175-9350-46EF-AAFF-8E0607B34067}\" = rport=10243 | protocol=6 | dir=out | app=system |
\"{9A10AC5E-9833-4731-957E-B4C92978C2C9}\" = lport=10244 | protocol=6 | dir=in | app=system |
\"{9B4F99D1-D17A-42F6-925A-4CEA8CCF867B}\" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\\system32\\svchost.exe |
\"{A296410B-5D1C-4E62-854A-CC8F1A58FB4A}\" = rport=2177 | protocol=17 | dir=out | svc=qwave | app=%systemroot%\\system32\\svchost.exe |
\"{A3EA5E16-C49C-4BC4-880C-26125A158888}\" = lport=554 | protocol=6 | dir=in | app=%systemroot%\\ehome\\ehshell.exe |
\"{A45665F3-1AE5-4849-A2DF-3522DA3936BF}\" = lport=2177 | protocol=17 | dir=in | svc=qwave | app=%systemroot%\\system32\\svchost.exe |
\"{A5516F59-8937-4758-8545-A2756CDF69B1}\" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\\system32\\svchost.exe |
\"{A57FC080-B137-46AE-96FA-E0CA5076F378}\" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\\system32\\svchost.exe |
\"{A980C1BB-EFA5-4B94-AA62-B4C31634E5A4}\" = rport=2177 | protocol=6 | dir=out | svc=qwave | app=%systemroot%\\system32\\svchost.exe |
\"{AF8CE94C-3A11-4CDC-AF36-5E1C9D560801}\" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\\system32\\svchost.exe |
\"{B09E326F-016D-4223-B39E-673651A36D1F}\" = lport=2177 | protocol=6 | dir=in | svc=qwave | app=%systemroot%\\system32\\svchost.exe |
\"{BD63A3D4-2A6F-4357-B8A4-E9E417885861}\" = lport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\\system32\\svchost.exe |
\"{BDE2B7D9-509A-4D2C-A7BC-2407DE528E60}\" = lport=10244 | protocol=6 | dir=in | app=system |
\"{BE7E2C35-5E43-4A0D-9077-377452FD29D1}\" = lport=6004 | protocol=17 | dir=in | app=c:\\program files (x86)\\microsoft office\\office14\\outlook.exe |
\"{BEC79739-67F3-4832-911E-E00511C7A7C9}\" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=svchost.exe |
\"{C5E4458B-FC65-4386-906D-B43C8B4AD35B}\" = lport=7777 | protocol=17 | dir=in | app=%systemroot%\\ehome\\ehshell.exe |
\"{C6D903E9-2893-47D5-ABEC-C5FCDEDC7F62}\" = lport=2177 | protocol=17 | dir=in | svc=qwave | app=%systemroot%\\system32\\svchost.exe |
\"{D25C8EE1-EF45-4A54-AB25-71CFFA0462E1}\" = lport=54925 | protocol=17 | dir=in | name=brothernetwork scanner |
\"{D3AA9005-87E4-48EE-9D02-BD30CE7A6E16}\" = lport=5000 | protocol=17 | dir=in | name=akamai netsession interface |
\"{DCD8BDDC-17E2-4C4E-82C3-F0A1820428B6}\" = rport=2177 | protocol=6 | dir=out | svc=qwave | app=%systemroot%\\system32\\svchost.exe |
\"{E73966A7-1052-476C-842A-0B4A9557DF7E}\" = lport=5000 | protocol=17 | dir=in | name=akamai netsession interface |
\"{F1075EAD-A347-4254-8A58-9592B5ED1F6A}\" = lport=3390 | protocol=6 | dir=in | app=system |
\"{F1CEC399-FA65-4963-B8D0-B736D8452F72}\" = lport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\\system32\\svchost.exe |
\"{FE2B4FDC-AF81-46ED-82CD-9BC905133DE4}\" = lport=10243 | protocol=6 | dir=in | app=system |
========== Vista Active Application Exception List ==========
[HKEY_LOCAL_MACHINE\\SYSTEM\\CurrentControlSet\\Services\\SharedAccess\\Parameters\\FirewallPolicy\\FirewallRules]
\"{002C7BFA-B95E-4AC9-B677-219E1505EEF8}\" = protocol=6 | dir=in | app=c:\\program files (x86)\\common files\\adobe\\cs4servicemanager\\cs4servicemanager.exe |
\"{00A0CA64-A43F-4CFB-B5DF-2156BA87598F}\" = dir=in | app=c:\\program files (x86)\\cyberlink\\powerdvd8\\powerdvd8.exe |
\"{046E13CD-255F-4B5B-B803-3FA2AB4E6BA4}\" = dir=in | app=c:\\program files (x86)\\skype\\phone\\skype.exe |
\"{0702CD25-250B-4A3C-99EA-680FEC7193F6}\" = protocol=6 | dir=out | svc=mcx2svc | app=%systemroot%\\system32\\svchost.exe |
\"{07F8F897-91A4-40E2-9B77-6DA9630EF6D0}\" = protocol=6 | dir=out | app=c:\\program files (x86)\\rosetta stone\\rosetta stone version 3\\rosettastoneversion3.exe |
\"{0C18B113-3642-43E1-95C9-36C5575964C3}\" = protocol=17 | dir=in | app=c:\\program files (x86)\\aim\\aim.exe |
\"{15FB8D83-649A-4E2A-9ABB-2B23B7E28C3A}\" = protocol=6 | dir=out | app=%systemroot%\\ehome\\ehshell.exe |
\"{1A51A826-A63E-48B0-B12C-6C3B150D4CE1}\" = protocol=17 | dir=in | app=c:\\programdata\\battle.net\\agent\\agent.976\\agent.exe |
\"{1F80A01E-D3BE-4684-ABE9-958D8C28A229}\" = protocol=6 | dir=out | app=%systemroot%\\ehome\\mcrmgr.exe |
\"{23BA990C-947A-42F8-8A3F-5B5F9EE8666F}\" = protocol=17 | dir=in | app=%programfiles%\\windows media player\\wmpnetwk.exe |
\"{267DCBD8-7272-4F6F-8966-0C29A9F767C0}\" = protocol=6 | dir=out | app=%programfiles%\\windows media player\\wmpnetwk.exe |
\"{29696CC4-1BC6-4773-B712-1D4791B3A5ED}\" = protocol=6 | dir=in | app=c:\\program files (x86)\\aim\\aim.exe |
\"{2CC07153-6C73-4DE5-9133-CE12735817DC}\" = protocol=17 | dir=in | app=c:\\program files (x86)\\bittorrent\\bittorrent.exe |
\"{317AE793-3605-408C-8155-A3C5EFF76A46}\" = protocol=17 | dir=out | app=%systemroot%\\ehome\\ehshell.exe |
\"{31F9C408-C80D-4610-BD6A-2E9378B2AD34}\" = protocol=17 | dir=in | app=c:\\windows\\syswow64\\pnkbstrb.exe |
\"{33FF3980-B3ED-4026-BB57-4E55F69ACC1A}\" = protocol=17 | dir=in | app=c:\\windows\\syswow64\\pnkbstra.exe |
\"{34FBF20B-2904-4FC7-A27A-BF98DCCD2168}\" = protocol=17 | dir=in | app=%programfiles%\\windows media player\\wmplayer.exe |
\"{369506DB-5BE1-4244-9962-8D08F0718121}\" = protocol=6 | dir=in | app=c:\\program files (x86)\\frostwire\\frostwire.exe |
\"{3B2C5A3C-5D2A-4D19-BC9D-1B5547CADEFF}\" = protocol=17 | dir=in | app=c:\\program files (x86)\\frostwire\\frostwire.exe |
\"{3C164DC9-828B-412C-B8E5-1A0E8ACEDD54}\" = protocol=6 | dir=in | app=c:\\program files (x86)\\microsoft office\\office14\\groove.exe |
\"{3E657B0D-FF17-46F5-93F0-BFADEEA569A3}\" = protocol=17 | dir=in | app=c:\\program files\\bonjour\\mdnsresponder.exe |
\"{417021E2-F87E-4DB5-9DFB-67BF3FE015D2}\" = protocol=6 | dir=in | app=c:\\program files (x86)\\steam\\steamapps\\speedco11\\counter-strike\\hl.exe |
\"{420EBD24-BBCD-43C0-95E8-1F046FDF8495}\" = protocol=6 | dir=out | svc=fdphost | app=%systemroot%\\system32\\svchost.exe |
\"{4308A49A-C8CC-45EA-A5CC-1FCC3E4E7D93}\" = protocol=6 | dir=in | app=c:\\program files (x86)\\steam\\steamapps\\speedco11\\counter-strike source\\hl2.exe |
\"{4A4C00D9-B388-4020-9E1A-90DF8439143C}\" = dir=in | app=c:\\program files (x86)\\skype\\phone\\skype.exe |
\"{4BFD7F08-49D8-45B8-956C-DD3C34098498}\" = dir=in | app=c:\\program files (x86)\\windows live\\sync\\windowslivesync.exe |
\"{4C0C7861-6605-4D01-8AA9-B1F1E427EF27}\" = protocol=17 | dir=in | app=c:\\program files (x86)\\steam\\steamapps\\speedco11\\counter-strike\\hl.exe |
\"{4C5F8589-0FFB-43C3-BB79-858E8FACCAC9}\" = dir=in | app=c:\\program files (x86)\\common files\\apple\\apple application support\\webkit2webprocess.exe |
\"{4E1855C7-7C81-4F1D-95F1-48398C44F501}\" = protocol=17 | dir=in | app=c:\\program files (x86)\\common files\\adobe\\cs4servicemanager\\cs4servicemanager.exe |
\"{5662E1B5-4094-48E4-992F-4CE300D03790}\" = dir=in | app=c:\\program files (x86)\\skype\\phone\\skype.exe |
\"{5A19D8D7-0C91-42B5-AD92-B62A822CF204}\" = protocol=6 | dir=in | app=c:\\windows\\syswow64\\pnkbstra.exe |
\"{5CF40DC0-45B5-4988-B8F7-B8BA48A22F16}\" = protocol=17 | dir=in | app=c:\\program files (x86)\\steam\\steamapps\\speedco11\\counter-strike source\\hl2.exe |
\"{5D1A7B94-A9E0-4EA1-99E8-458454B402B9}\" = dir=in | app=c:\\program files (x86)\\rosetta stone\\rosetta stone version 3\\rosettastoneversion3.exe |
\"{5FC30540-B4A9-46AC-91D6-6DE2D5767B0D}\" = protocol=17 | dir=in | app=c:\\program files (x86)\\frostwire\\frostwire.exe |
\"{6276D144-F514-4E92-8E67-77799F025F8E}\" = protocol=17 | dir=in | app=c:\\program files (x86)\\opera\\opera.exe |
\"{69B176A2-E4BB-4965-BBB8-E56E6373A42C}\" = dir=in | app=c:\\users\\will\\appdata\\local\\facebook\\video\\skype\\facebookvideocalling.exe |
\"{6CE9CBF9-93F3-48BA-9A8C-95C62DC418D1}\" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\\system32\\svchost.exe |
\"{6E67ADF5-3483-44B9-A63C-91BF2CBA9745}\" = protocol=17 | dir=in | app=c:\\program files (x86)\\steam\\steam.exe |
\"{6F53C144-7F9E-4868-AD43-670E45D30ECB}\" = protocol=17 | dir=out | app=%programfiles%\\windows media player\\wmplayer.exe |
\"{706F00CD-3A24-4845-A14E-0FD95D925980}\" = dir=in | app=c:\\program files (x86)\\itunes\\itunes.exe |
\"{74E728FF-0A5D-4EC6-8864-4544BE6BF0AC}\" = protocol=17 | dir=out | app=%programfiles%\\windows media player\\wmplayer.exe |
\"{793B58A3-600F-4A5A-A260-DE6594D75FC7}\" = protocol=6 | dir=in | app=c:\\program files (x86)\\yahoo!\\messenger\\yahoomessenger.exe |
\"{809102C6-44D7-4FB3-985C-AF84C7F4D0B2}\" = protocol=6 | dir=in | app=c:\\program files (x86)\\microsoft office\\office14\\onenote.exe |
\"{832D1380-AF3F-472B-A475-7FC4F4E27AF3}\" = protocol=6 | dir=in | app=c:\\program files (x86)\\shop to win 31\\troubleshooter.exe |
\"{88F7734E-6F2A-42A9-BFCA-3A4180043BDD}\" = protocol=6 | dir=out | app=%programfiles%\\windows media player\\wmplayer.exe |
\"{8B7144E4-66F5-47F8-AA39-DD560DA4ACF9}\" = protocol=6 | dir=in | app=c:\\program files (x86)\\diablo iii\\diablo iii.exe |
\"{8D0CAB07-F10F-4498-929C-DD44D9E2C4FD}\" = protocol=6 | dir=out | app=%programfiles%\\windows media player\\wmplayer.exe |
\"{8FFD7BFE-D52C-40A9-AEAD-384D3542857C}\" = protocol=17 | dir=out | app=%programfiles(x86)%\\windows media player\\wmplayer.exe |
\"{911A59AD-EC91-4B7D-BDF8-4C33BCAFEE33}\" = protocol=17 | dir=in | app=c:\\program files (x86)\\bonjour\\mdnsresponder.exe |
\"{91E4DA6F-A6FF-4E92-8C6D-57BA39B7C9CF}\" = protocol=6 | dir=out | app=%systemroot%\\ehome\\ehshell.exe |
\"{920CAFDB-627B-47CD-AD85-4418D5FC5D6E}\" = protocol=6 | dir=out | app=%systemroot%\\ehome\\mcx2prov.exe |
\"{92C1F98E-3E52-492C-84BA-F6367136715D}\" = protocol=6 | dir=out | svc=fdphost | app=%systemroot%\\system32\\svchost.exe |
\"{948EA0D5-7B71-4E41-88D1-28943B32D402}\" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\\system32\\svchost.exe |
\"{95D3AEE5-7C44-4DCC-9581-452C8C3ACEBD}\" = protocol=6 | dir=in | app=c:\\program files (x86)\\steam\\steam.exe |
\"{980225BD-FB1B-4181-9891-7E2040069800}\" = protocol=17 | dir=in | app=c:\\program files (x86)\\yahoo!\\messenger\\yahoomessenger.exe |
\"{986B5E59-18CC-471A-B662-71FB38A6F6E6}\" = protocol=6 | dir=in | app=c:\\program files (x86)\\frostwire\\frostwire.exe |
\"{9925B2BC-3CE4-4640-A9BD-9489B663AF8E}\" = dir=in | app=c:\\program files (x86)\\skype\\phone\\skype.exe |
\"{9C0A0119-B306-45BB-B318-C6D7C64B68D1}\" = dir=in | app=c:\\program files (x86)\\windows live\\contacts\\wlcomm.exe |
\"{9FFBB601-9991-4383-8EA9-B0CAFE62122C}\" = protocol=17 | dir=in | app=c:\\programdata\\battle.net\\agent\\agent.954\\agent.exe |
\"{A2DF9793-AB76-447D-930B-CC6B2A9CE4FC}\" = protocol=6 | dir=out | app=%programfiles(x86)%\\windows media player\\wmplayer.exe |
\"{A57B482B-1FFF-4504-915E-C01EA0DFCDE8}\" = protocol=17 | dir=out | app=%programfiles%\\windows media player\\wmpnetwk.exe |
\"{A795350C-49FB-49F7-ABF0-33247092E359}\" = protocol=6 | dir=out | svc=mcx2svc | app=%systemroot%\\system32\\svchost.exe |
\"{B12D1CAF-8471-481C-B4CE-D2801D038D0F}\" = dir=in | app=c:\\program files (x86)\\windows live\\messenger\\msnmsgr.exe |
\"{B23E6D98-C2F0-43BE-84D1-51F96D02620C}\" = protocol=17 | dir=in | app=%programfiles(x86)%\\windows media player\\wmplayer.exe |
\"{BC02D76A-0F5D-49A9-8D23-2D03DB840204}\" = protocol=6 | dir=in | app=c:\\program files (x86)\\bonjour\\mdnsresponder.exe |
\"{BEF3668C-47EE-4D51-97E9-8EDD3AB18A69}\" = protocol=6 | dir=in | app=c:\\program files (x86)\\bittorrent\\bittorrent.exe |
\"{BF660A07-7275-447F-A57A-E958C4DFF1C6}\" = protocol=17 | dir=out | app=%systemroot%\\ehome\\ehshell.exe |
\"{C2826DE7-7FA4-4E62-A5D2-C8654EFF0E6A}\" = protocol=17 | dir=in | app=c:\\program files (x86)\\bonjour\\mdnsresponder.exe |
\"{C38BD785-0F88-416E-9976-408C6CB9CF93}\" = protocol=6 | dir=out | app=%systemroot%\\ehome\\mcx2prov.exe |
\"{C783F68D-E2E0-4C2C-98C8-97E6F1EB388C}\" = protocol=6 | dir=in | app=c:\\programdata\\battle.net\\agent\\agent.976\\agent.exe |
\"{CAB3025D-709F-4020-8471-FE289DDE87C6}\" = protocol=17 | dir=in | app=c:\\program files (x86)\\microsoft office\\office14\\onenote.exe |
\"{CCCB7B87-7E40-430F-AA9E-5A74A9FA08FC}\" = protocol=6 | dir=in | app=c:\\program files (x86)\\opera\\opera.exe |
\"{CE2E28A4-DE13-4E5B-9F3C-8345F36AEC9C}\" = protocol=17 | dir=in | app=%programfiles%\\windows media player\\wmplayer.exe |
\"{CF34A7DB-8CF7-413E-BC6B-AE75813400E5}\" = protocol=6 | dir=in | app=%programfiles%\\windows media player\\wmpnetwk.exe |
\"{D50CF4BA-F08B-4FB8-946C-FF9E3D033B46}\" = protocol=6 | dir=out | app=system |
\"{DC310E04-6FE9-4ACE-B70D-4A43A58A7C97}\" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\\system32\\svchost.exe |
\"{DC9406E5-D308-4B98-84D2-66C3D6256E0C}\" = protocol=6 | dir=in | app=c:\\program files\\bonjour\\mdnsresponder.exe |
\"{DD9BECE0-F846-4063-B161-49AF066274FB}\" = protocol=17 | dir=in | app=c:\\program files (x86)\\shop to win 31\\troubleshooter.exe |
\"{E1AD116B-4D3E-4437-8D3D-B0208A37E098}\" = dir=in | app=c:\\program files (x86)\\skype\\phone\\skype.exe |
\"{E6497DEE-E3D8-4659-8A86-E94A6FADCDD1}\" = dir=in | app=c:\\program files (x86)\\skype\\plugin manager\\skypepm.exe |
\"{E9665ABC-4A43-4CDB-81AA-C0E918580A1E}\" = protocol=6 | dir=in | app=c:\\programdata\\battle.net\\agent\\agent.954\\agent.exe |
\"{EB9AC8AE-0ADD-4A47-801C-252A7B56815A}\" = protocol=17 | dir=in | app=c:\\program files (x86)\\diablo iii\\diablo iii.exe |
\"{EC184828-E7AD-4BAD-9DBF-12B8B2891C63}\" = protocol=17 | dir=in | app=c:\\program files (x86)\\microsoft office\\office14\\groove.exe |
\"{ED0FA7FB-E433-4DC6-9144-940EF3F4FB32}\" = protocol=6 | dir=out | app=c:\\program files (x86)\\rosetta stone\\rosetta stone version 3\\support\\bin\\win\\rosettastoneltdservices.exe |
\"{EE2050A4-6527-45BD-91FB-DE8A3E9864BC}\" = dir=in | app=c:\\program files (x86)\\rosetta stone\\rosetta stone version 3\\support\\bin\\win\\rosettastoneltdservices.exe |
\"{F0429B9A-F015-49ED-9A5B-012F67AC9934}\" = protocol=6 | dir=in | app=c:\\program files (x86)\\bonjour\\mdnsresponder.exe |
\"{F90F7FA8-AB13-4A70-8701-AF9B2F6A0D7D}\" = protocol=6 | dir=in | app=c:\\windows\\syswow64\\pnkbstrb.exe |
\"{FDBF0CF1-A62A-4CC1-B4DC-FE0ACBE2B4F1}\" = protocol=6 | dir=out | app=%systemroot%\\ehome\\mcrmgr.exe |
\"TCP Query User{0B01763B-CE0B-449A-B10C-6D560FEA4B22}C:\\program files (x86)\\mozilla firefox\\firefox.exe\" = protocol=6 | dir=in | app=c:\\program files (x86)\\mozilla firefox\\firefox.exe |
\"TCP Query User{0C69E82D-6DD5-415F-BFF3-A1458FA1CC92}C:\\users\\will\\appdata\\local\\akamai\\netsession_win.exe\" = protocol=6 | dir=in | app=c:\\users\\will\\appdata\\local\\akamai\\netsession_win.exe |
\"TCP Query User{243FBB8B-196B-42AC-B0AE-CD2451CEF403}C:\\program files (x86)\\utorrent\\utorrent.exe\" = protocol=6 | dir=in | app=c:\\program files (x86)\\utorrent\\utorrent.exe |
\"TCP Query User{423CC19C-5C26-4458-923B-5E206169AE78}C:\\program files (x86)\\sopcast\\sopcast.exe\" = protocol=6 | dir=in | app=c:\\program files (x86)\\sopcast\\sopcast.exe |
\"TCP Query User{44BFBE1D-F75F-44CD-A136-3C870ECBF980}C:\\program files (x86)\\sopcast\\sopcast.exe\" = protocol=6 | dir=in | app=c:\\program files (x86)\\sopcast\\sopcast.exe |
\"TCP Query User{4DD493AB-F574-43A7-8D75-4EFDB04DCA76}C:\\program files (x86)\\java\\jre6\\bin\\java.exe\" = protocol=6 | dir=in | app=c:\\program files (x86)\\java\\jre6\\bin\\java.exe |
\"TCP Query User{7A0AA433-A99F-4E74-83B8-2CDDB9DEAB51}C:\\game\\softnyxgame\\gunboundis\\gunbound.gme\" = protocol=6 | dir=in | app=c:\\game\\softnyxgame\\gunboundis\\gunbound.gme |
\"TCP Query User{81FF334A-5A0E-440F-B1F5-57A42A3E402C}C:\\program files (x86)\\aim\\aim.exe\" = protocol=6 | dir=in | app=c:\\program files (x86)\\aim\\aim.exe |
\"TCP Query User{A122081C-3479-4E2B-BB16-CF944367DD22}C:\\program files (x86)\\oovoo\\oovoo.exe\" = protocol=6 | dir=in | app=c:\\program files (x86)\\oovoo\\oovoo.exe |
\"TCP Query User{A3ABC6D8-3C3C-4072-A0EF-AB78DE3A0A0C}C:\\program files (x86)\\sopcast\\adv\\sopadver.exe\" = protocol=6 | dir=in | app=c:\\program files (x86)\\sopcast\\adv\\sopadver.exe |
\"TCP Query User{C61FB5FF-8EED-4BB4-9CD3-A4077348567B}C:\\program files (x86)\\microsoft games\\age of empires iii gold edition\\age3.exe\" = protocol=6 | dir=in | app=c:\\program files (x86)\\microsoft games\\age of empires iii gold edition\\age3.exe |
\"TCP Query User{DD568AB8-3A75-4B2C-A90D-AE24EDF53B54}C:\\program files (x86)\\oovoo\\oovoo.exe\" = protocol=6 | dir=in | app=c:\\program files (x86)\\oovoo\\oovoo.exe |
\"TCP Query User{F20308FD-9517-4CE2-9BB9-C8DC3ED3DF43}C:\\program files (x86)\\sopcast\\adv\\sopadver.exe\" = protocol=6 | dir=in | app=c:\\program files (x86)\\sopcast\\adv\\sopadver.exe |
\"TCP Query User{FDA1A3EE-17B1-4EF4-A3F4-1B582B97C268}C:\\users\\will\\appdata\\local\\akamai\\netsession_win.exe\" = protocol=6 | dir=in | app=c:\\users\\will\\appdata\\local\\akamai\\netsession_win.exe |
\"UDP Query User{03E16033-6C59-4233-A966-2BE4FCDB16D0}C:\\program files (x86)\\oovoo\\oovoo.exe\" = protocol=17 | dir=in | app=c:\\program files (x86)\\oovoo\\oovoo.exe |
\"UDP Query User{0F152CC8-AECF-48BC-977F-96166CB3DC9F}C:\\game\\softnyxgame\\gunboundis\\gunbound.gme\" = protocol=17 | dir=in | app=c:\\game\\softnyxgame\\gunboundis\\gunbound.gme |
\"UDP Query User{121659D6-90C2-42B7-84A7-84908BEA8879}C:\\program files (x86)\\sopcast\\adv\\sopadver.exe\" = protocol=17 | dir=in | app=c:\\program files (x86)\\sopcast\\adv\\sopadver.exe |
\"UDP Query User{2452CFCF-4405-48FE-BB69-A8A0B28C86BD}C:\\program files (x86)\\sopcast\\adv\\sopadver.exe\" = protocol=17 | dir=in | app=c:\\program files (x86)\\sopcast\\adv\\sopadver.exe |
\"UDP Query User{24FF6584-B15D-44C5-9012-99957E6211C7}C:\\program files (x86)\\oovoo\\oovoo.exe\" = protocol=17 | dir=in | app=c:\\program files (x86)\\oovoo\\oovoo.exe |
\"UDP Query User{37B75BBF-3960-452D-A5F9-2331BE9F2AFC}C:\\program files (x86)\\sopcast\\sopcast.exe\" = protocol=17 | dir=in | app=c:\\program files (x86)\\sopcast\\sopcast.exe |
\"UDP Query User{66C4275B-1A3C-4358-91EE-399F0836E805}C:\\program files (x86)\\utorrent\\utorrent.exe\" = protocol=17 | dir=in | app=c:\\program files (x86)\\utorrent\\utorrent.exe |
\"UDP Query User{7C239A93-6DB3-4982-86D7-B0D30439B9DE}C:\\program files (x86)\\sopcast\\sopcast.exe\" = protocol=17 | dir=in | app=c:\\program files (x86)\\sopcast\\sopcast.exe |
\"UDP Query User{A3DE9644-A3B0-4967-8AA7-E0EAAEF6517C}C:\\users\\will\\appdata\\local\\akamai\\netsession_win.exe\" = protocol=17 | dir=in | app=c:\\users\\will\\appdata\\local\\akamai\\netsession_win.exe |
\"UDP Query User{ABCFFEDD-CD4D-4B24-9050-1219F594792D}C:\\program files (x86)\\microsoft games\\age of empires iii gold edition\\age3.exe\" = protocol=17 | dir=in | app=c:\\program files (x86)\\microsoft games\\age of empires iii gold edition\\age3.exe |
\"UDP Query User{B00D1901-C158-424B-86FA-790EC0EEFBF7}C:\\program files (x86)\\java\\jre6\\bin\\java.exe\" = protocol=17 | dir=in | app=c:\\program files (x86)\\java\\jre6\\bin\\java.exe |
\"UDP Query User{B40AEDCB-5E69-4083-BB4B-D48911D15B6A}C:\\users\\will\\appdata\\local\\akamai\\netsession_win.exe\" = protocol=17 | dir=in | app=c:\\users\\will\\appdata\\local\\akamai\\netsession_win.exe |
\"UDP Query User{BA4A33FA-735B-4AF4-902A-8539E09FCC8A}C:\\program files (x86)\\mozilla firefox\\firefox.exe\" = protocol=17 | dir=in | app=c:\\program files (x86)\\mozilla firefox\\firefox.exe |
\"UDP Query User{CF0D0CAF-0CE0-42CB-A007-AB2B5959353B}C:\\program files (x86)\\aim\\aim.exe\" = protocol=17 | dir=in | app=c:\\program files (x86)\\aim\\aim.exe |
========== HKEY_LOCAL_MACHINE Uninstall List ==========
64bit: [HKEY_LOCAL_MACHINE\\SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Uninstall]
\"{0225AD21-F3E2-4916-BFF3-65D3F9052582}\" = iTunes
\"{027E5FAB-1476-4C59-AAB4-32EF28520399}\" = Windows Live Language Selector
\"{071c9b48-7c32-4621-a0ac-3f809523288f}\" = Microsoft Visual C++ 2005 Redistributable (x64)
\"{1ACC8FFB-9D84-4C05-A4DE-D28A9BC91698}\" = Windows Live ID Sign-in Assistant
\"{1D8E6291-B0D5-35EC-8441-6616F567A0F7}\" = Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219
\"{295CFB7C-A57E-4313-93E7-68E7CE1D0332}\" = Adobe WinSoft Linguistics Plugin x64
\"{2D74E972-5A85-44DC-9193-8A302BA8C181}\" = Photoshop Camera Raw_x64
\"{2F72F540-1F60-4266-9506-952B21D6640D}\" = Apple Mobile Device Support
\"{4BC310C4-B898-46E2-B5FB-B85A30AA7142}\" = iCloud
\"{6631325A-9B1B-4EE7-8E64-8CC4A6F10643}\" = Adobe Fonts All x64
\"{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}\" = Microsoft Visual C++ 2005 Redistributable (x64)
\"{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}\" = Bonjour
\"{715CAACC-579B-4831-A5F4-A83A8DE3EFE2}\" = PaperPort Image Printer 64-bit
\"{8875A1C0-6308-4790-8CF6-D34E89880052}\" = Adobe Linguistics CS4 x64
\"{887797BF-37A5-4199-B0C9-0D38D6196E9A}\" = Adobe Anchor Service x64 CS4
\"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}\" = Microsoft Silverlight
\"{8C8D673B-20FB-43E6-BCB7-9B3F78F2E762}\" = Adobe Type Support x64 CS4
\"{8DAA31EB-6830-4006-A99F-4DF8AB24714F}\" = Adobe CSI CS4 x64
\"{8E34682C-8118-31F1-BC4C-98CD9675E1C2}\" = Microsoft .NET Framework 4 Extended
\"{90140000-002A-0000-1000-0000000FF1CE}\" = Microsoft Office Office 64-bit Components 2010
\"{90140000-002A-0409-1000-0000000FF1CE}\" = Microsoft Office Shared 64-bit MUI (English) 2010
\"{90140000-0116-0409-1000-0000000FF1CE}\" = Microsoft Office Shared 64-bit Setup Metadata MUI (English) 2010
\"{90BA8112-80B3-4617-A3C1-BD2771B60F74}\" = Adobe CMaps x64 CS4
\"{95120000-00B9-0409-1000-0000000FF1CE}\" = Microsoft Application Error Reporting
\"{A3454894-144A-4D80-B605-C128FE0D7329}\" = Adobe Drive CS4 x64
\"{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}\" = Microsoft Visual C++ 2005 Redistributable (x64)
\"{B6E3757B-5E77-3915-866A-CCFC4B8D194C}\" = Microsoft Visual C++ 2005 ATL Update kb973923 - x64 8.0.50727.4053
\"{CFFF260C-F510-45BB-8F8E-1D4AC1232786}\" = Adobe Photoshop Lightroom 3.3 64-bit
\"{D40172D6-CE2D-4B72-BF5F-26A04A900B7B}\" = Adobe Photoshop CS4 (64 Bit)
\"{DA54F80E-261C-41A2-A855-549A144F2F59}\" = Windows Live MIME IFilter
\"{DFFABE78-8173-4E97-9C5C-22FB26192FC5}\" = Adobe PDF Library Files x64 CS4
\"{F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}\" = Microsoft .NET Framework 4 Client Profile
\"CCleaner\" = CCleaner
\"CNXT_MODEM_HDA_HSF\" = HDAUDIO Soft Data Fax Modem with SmartCP
\"Defraggler\" = Defraggler
\"HDMI\" = Intel(R) Graphics Media Accelerator Driver
\"KLiteCodecPack64_is1\" = K-Lite Codec Pack (64-bit) v4.7.0
\"Microsoft .NET Framework 4 Client Profile\" = Microsoft .NET Framework 4 Client Profile
\"Microsoft .NET Framework 4 Extended\" = Microsoft .NET Framework 4 Extended
\"SynTPDeinstKey\" = Synaptics Pointing Device Driver
\"WinRAR archiver\" = WinRAR archiver
[HKEY_LOCAL_MACHINE\\SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Uninstall]
\"{00ADFB20-AE75-46F4-AD2C-F48B15AC3100}\" = Adobe Color NA Recommended Settings CS4
\"{048298C9-A4D3-490B-9FF9-AB023A9238F3}\" = Steam
\"{05308C4E-7285-4066-BAE3-6B50DA6ED755}\" = Adobe Update Manager CS4
\"{054EFA56-2AC1-48F4-A883-0AB89874B972}\" = Adobe Extension Manager CS4
\"{068724F8-D8BE-4B43-8DDD-B9FE9E49FD76}\" = Scansoft PDF Professional
\"{08C7A49D-2B12-46F6-8B41-26D3B0D1C01F}\" = Visual Studio C++ 9.0 Runtime
\"{098727E1-775A-4450-B573-3F441F1CA243}\" = kuler
\"{0B0F231F-CE6A-483D-AA23-77B364F75917}\" = Windows Live Installer
\"{0D6013AB-A0C7-41DC-973C-E93129C9A29F}\" = Adobe Color JA Extra Settings CS4
\"{0D67A4E4-5BE0-4C9A-8AD8-AB552B433F23}\" = Adobe Setup
\"{0F723FC1-7606-4867-866C-CE80AD292DAF}\" = Adobe CSI CS4
\"{12A1B519-5934-4508-ADBD-335347B0DC87}\" = Video Web Camera
\"{14A487F2-1259-4E6C-AE3C-3C888DDBCB60}_is1\" = Guitar Pro 6
\"{1618734A-3957-4ADD-8199-F973763109A8}\" = Adobe Anchor Service CS4
\"{16E16F01-2E2D-4248-A42F-76261C147B6C}\" = Adobe Drive CS4
\"{16E6D2C1-7C90-4309-8EC4-D2212690AAA4}\" = AdobeColorCommonSetRGB
\"{18455581-E099-4BA8-BC6B-F34B2F06600C}\" = Google Toolbar for Internet Explorer
\"{196467F1-C11F-4F76-858B-5812ADC83B94}\" = MSXML 4.0 SP3 Parser
\"{19BA08F7-C728-469C-8A35-BFBD3633BE08}\" = Windows Live Movie Maker
\"{1ADE23D7-7A1E-4AEC-BA5D-EB8A01BED943}\" = DeepBurner Pro v1.8.0.225
\"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}\" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
\"{1F6AB0E7-8CDD-4B93-8A23-AA9EB2FEFCE4}\" = Junk Mail filter update
\"{200FEC62-3C34-4D60-9CE8-EC372E01C08F}\" = Windows Live SOXE Definitions
\"{2318C2B1-4965-11d4-9B18-009027A5CD4F}\" = Google Toolbar for Internet Explorer
\"{26A24AE4-039D-4CA4-87B4-2F83216015FF}\" = Java(TM) 6 Update 26
\"{28656860-4728-433C-8AD4-D1A930437BC8}\" = Nuance PDF Viewer Plus
\"{287ECFA4-719A-2143-A09B-D6A12DE54E40}\" = Acrobat.com
\"{2A3FC24C-6EC0-4519-A52B-FDA4EA9B2D24}\" = Windows Live Messenger
\"{2BF2E31F-B8BB-40A7-B650-98D28E0F7D47}\" = CyberLink PowerDVD 8
\"{3336F667-9049-4D46-98B6-4C743EEBC5B1}\" = Windows Live Photo Gallery
\"{33CF58F5-48D8-4575-83D6-96F574E4D83A}\" = Nero DriveSpeed
\"{34F4D9A4-42C2-4348-BEF4-E553C84549E7}\" = Windows Live Photo Gallery
\"{359CFC0A-BEB1-440D-95BA-CF63A86DA34F}\" = Nero Recode
\"{35D94F92-1D3A-43C5-8605-EA268B1A7BD9}\" = PDF Settings CS4
\"{368BA326-73AD-4351-84ED-3C0A7A52CC53}\" = Nero Rescue Agent
\"{39F6E2B4-CFE8-C30A-66E8-489651F0F34C}\" = Adobe Media Player
\"{3A4E8896-C2E7-4084-A4A4-B8FD1894E739}\" = Adobe XMP Panels CS4
\"{3D2C9DE6-9ADE-4252-A241-E43723B0CE02}\" = Adobe Color - Photoshop Specific CS4
\"{3DA8DF9A-044E-46C4-8531-DEDBB0EE37FF}\" = Adobe WinSoft Linguistics Plugin
\"{3DB0448D-AD82-4923-B305-D001E521A964}\" = Gateway Power Management
\"{40BF1E83-20EB-11D8-97C5-0009C5020658}\" = CyberLink Power2Go
\"{43E39830-1826-415D-8BAE-86845787B54B}\" = Nero Vision
\"{45A66726-69BC-466B-A7A4-12FCBA4883D7}\" = HiJackThis
\"{45C56AA7-ED1B-4800-A97F-EDDF3F3520B1}\" = Apple Application Support
\"{4943EFF5-229F-435D-BEA9-BE3CAEA783A7}\" = Adobe Service Manager Extension
\"{4A03706F-666A-4037-7777-5F2748764D10}\" = Java Auto Updater
\"{51c183f6-5d1e-452c-b07d-5cd905ca74f4}\" = Nero 9
\"{5570C7F0-43D0-4916-8A9E-AEDD52FA86F4}\" = Adobe Color EU Extra Settings CS4
\"{56415658-366E-4E28-A6BD-68EC63E560E0}\" = Vegas Pro 9.0
\"{56C049BE-79E9-4502-BEA7-9754A3E60F9B}\" = neroxml
\"{579684A4-DDD5-4CA3-9EA8-7BE7D9593DB4}\" = Windows Live UX Platform Language Pack
\"{595A3116-40BB-4E0F-A2E8-D7951DA56270}\" = NeroExpress
\"{5D87C09F-512F-474A-A306-0FE3B89C396F}\" = RuneScape Launcher 1.2
\"{612C34C7-5E90-47D8-9B5C-0F717DD82726}\" = swMSM
\"{62AC81F6-BDD3-4110-9D36-3E9EAAB40999}\" = Nero CoverDesigner
\"{63C24A08-70F3-4C8E-B9FB-9F21A903801D}\" = Adobe Color Video Profiles CS CS4
\"{63E5CDBF-8214-4F03-84F8-CD3CE48639AD}\" = Adobe Photoshop CS4 Support
\"{67E03279-F703-408F-B4BF-46B5FC8D70CD}\" = Microsoft Works
\"{67F0E67A-8E93-4C2C-B29D-47C48262738A}\" = Adobe Device Central CS4
\"{68243FF8-83CA-466B-B2B8-9F99DA5479C4}\" = AdobeColorCommonSetCMYK
\"{682B3E4F-696A-42DE-A41C-4C07EA1678B4}\" = Windows Live SOXE
\"{6B0DC474-A5F0-4091-8913-25E9DA2E7F53}\" = Asoftech Photo Recovery
\"{6C0A559F-8583-4B5A-8B50-20BEE15D8E64}\" = Nuance PaperPort 12
\"{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}\" = Microsoft Visual C++ 2005 Redistributable
\"{72B776E5-4530-4C4B-9453-751DF87D9D93}\" = Backup Manager Basic
\"{72DF62BD-FF36-424E-AA5F-D89BAFF2C249}\" = RollerCoaster Tycoon 2
\"{770657D0-A123-3C07-8E44-1C83EC895118}\" = Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
\"{7748AC8C-18E3-43BB-959B-088FAEA16FB2}\" = Nero StartSmart
\"{7829DB6F-A066-4E40-8912-CB07887C20BB}\" = Nero BurnRights
\"{78D62D17-D970-42DA-B8CF-5E5576293B33}\" = Final Draft 7
\"{7CE12FDF-B758-46A5-A8CD-785EDFDC5B84}\" = Workspace Macro Pro 6.5
\"{7F811A54-5A09-4579-90E1-C93498E230D9}\" = Gateway Recovery Management
\"{820D3F45-F6EE-4AAF-81EF-CE21FF21D230}\" = Adobe Type Support CS4
\"{837b34e3-7c30-493c-8f6a-2b0f04e2912c}\" = Microsoft Visual C++ 2005 Redistributable
\"{83877DB1-8B77-45BC-AB43-2BAC22E093E0}\" = Adobe Bridge CS4
\"{83C292B7-38A5-440B-A731-07070E81A64F}\" = Windows Live PIMT Platform
\"{842B4B72-9E8F-4962-B3C1-1C422A5C4434}\" = Suite Shared Configuration CS4
\"{869200DB-287A-4DC0-B02B-2B6787FBCD4C}\" = Nero DiscSpeed
\"{86CE85E6-DBAC-3FFD-B977-E4B79F83C909}\" = Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570
\"{86D4B82A-ABED-442A-BE86-96357B70F4FE}\" = Ask Toolbar
\"{87686C21-8A15-4b4d-A3F1-11141D9BE094}\" = Battlefield Play4Free
\"{8D15E1B2-D2B7-4A17-B44B-D2DDE5981405}\" = SaveVid Plug-in
\"{8DD46C6A-0056-4FEC-B70A-28BB16A1F11F}\" = MSVCRT
\"{90120000-0020-0409-0000-0000000FF1CE}\" = Compatibility Pack for the 2007 Office system
\"{90140000-0011-0000-0000-0000000FF1CE}\" = Microsoft Office Professional Plus 2010
\"{90140000-0015-0409-0000-0000000FF1CE}\" = Microsoft Office Access MUI (English) 2010
\"{90140000-0016-0409-0000-0000000FF1CE}\" = Microsoft Office Excel MUI (English) 2010
\"{90140000-0018-0409-0000-0000000FF1CE}\" = Microsoft Office PowerPoint MUI (English) 2010
\"{90140000-0019-0409-0000-0000000FF1CE}\" = Microsoft Office Publisher MUI (English) 2010
\"{90140000-001A-0409-0000-0000000FF1CE}\" = Microsoft Office Outlook MUI (English) 2010
\"{90140000-001B-0409-0000-0000000FF1CE}\" = Microsoft Office Word MUI (English) 2010
\"{90140000-001F-0409-0000-0000000FF1CE}\" = Microsoft Office Proof (English) 2010
\"{90140000-001F-040C-0000-0000000FF1CE}\" = Microsoft Office Proof (French) 2010
\"{90140000-001F-0C0A-0000-0000000FF1CE}\" = Microsoft Office Proof (Spanish) 2010
\"{90140000-002C-0409-0000-0000000FF1CE}\" = Microsoft Office Proofing (English) 2010
\"{90140000-0044-0409-0000-0000000FF1CE}\" = Microsoft Office InfoPath MUI (English) 2010
\"{90140000-006E-0409-0000-0000000FF1CE}\" = Microsoft Office Shared MUI (English) 2010
\"{90140000-00A1-0409-0000-0000000FF1CE}\" = Microsoft Office OneNote MUI (English) 2010
\"{90140000-00BA-0409-0000-0000000FF1CE}\" = Microsoft Office Groove MUI (English) 2010
\"{90140000-0115-0409-0000-0000000FF1CE}\" = Microsoft Office Shared Setup Metadata MUI (English) 2010
\"{90140000-0117-0409-0000-0000000FF1CE}\" = Microsoft Office Access Setup Metadata MUI (English) 2010
\"{915153F8-1429-40AE-B005-E3BFA7097672}\" = Audiggle
\"{92EA4134-10D1-418A-91E1-5A0453131A38}\" = Windows Live Movie Maker
\"{931AB7EA-3656-4BB7-864D-022B09E3DD67}\" = Adobe Linguistics CS4
\"{94D398EB-D2FD-4FD1-B8C4-592635E8A191}\" = Adobe CMaps CS4
\"{95120000-00AF-0409-0000-0000000FF1CE}\" = Microsoft Office PowerPoint Viewer 2007 (English)
\"{96AE7E41-E34E-47D0-AC07-1091A8127911}\" = Realtek USB 2.0 Card Reader
\"{99011A6E-5200-11DE-BDB8-7ACD56D89593}\" = Rosetta Stone Version 3
\"{9A25302D-30C0-39D9-BD6F-21E6EC160475}\" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
\"{9AAD03E8-4F65-4DE2-8F6C-1B079C0C8521}\" = Garmin Lifetime Updater
\"{9BE518E6-ECC6-35A9-88E4-87755C07200F}\" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
\"{9D318C86-AF4C-409F-A6AC-7183FF4CF424}\" = Internet TV for Windows Media Center
\"{9D56775A-93F3-44A3-8092-840E3826DE30}\" = Windows Live Mail
\"{9E1BAB75-EB78-440D-94C0-A3857BE2E733}\" = System Requirements Lab
\"{9E82B934-9A25-445B-B8DF-8012808074AC}\" = Nero PhotoSnap
\"{A1B36B88-AF90-43A3-8906-6DBEE89B4FBD}\" = Brother MFL-Pro Suite MFC-J430W
\"{A209525B-3377-43F4-B886-32F6B6E7356F}\" = Nero WaveEditor
\"{A2BCA9F1-566C-4805-97D1-7FDC93386723}\" = Adobe AIR
\"{A726AE06-AAA3-43D1-87E3-70F510314F04}\" = Windows Live Writer
\"{A8F2089B-1F79-4BF6-B385-A2C2B0B9A74D}\" = ImagXpress
\"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}\" = Google Update Helper
\"{A9BDCA6B-3653-467B-AC83-94367DA3BFE3}\" = Windows Live Photo Common
\"{AAAFC670-569B-4A2F-82B4-42945E0DE3EF}\" = Windows Live Writer
\"{AAF454FC-82CA-4F29-AB31-6A109485E76E}\" = Windows Live Writer
\"{AAF89271-2594-468D-B578-96B2E30C41C4}\" = eBay Worldwide
\"{AC76BA86-7AD7-FFFF-7B44-A91000000001}\" = Adobe Reader 9.5.2 MUI
\"{AF0CE7C0-A3E4-4D73-988B-B29187EC6E9A}\" = QuickTime
\"{B10914FD-8812-47A4-85A1-50FCDE7F1F33}\" = Windows Live Sync
\"{B1ADF008-E898-4FE2-8A1F-690D9A06ACAF}\" = DolbyFiles
\"{B29AD377-CC12-490A-A480-1452337C618D}\" = Connect
\"{B2EC4A38-B545-4A00-8214-13FE0E915E6D}\" = Advertising Center
\"{B4092C6D-E886-4CB2-BA68-FE5A88D31DE6}_is1\" = Spybot - Search & Destroy
\"{B65BA85C-0A27-4BC0-A22D-A66F0E5B9494}\" = Adobe Photoshop CS4
\"{B6A98E5F-D6A7-46FB-9E9D-1F7BF443491C}\" = PMB
\"{B78120A0-CF84-4366-A393-4D0A59BC546C}\" = Menu Templates - Starter Kit
\"{B92C5909-1D37-4C51-8397-A28BB28E5DC3}\" = Facebook Video Calling 1.2.0.287
\"{B9E848B3-A64D-4005-8DA1-DC3981C902A8}_is1\" = NavNet
\"{BB4E33EC-8181-4685-96F7-8554293DEC6A}\" = Adobe Output Module
\"{BD5CA0DA-71AD-43DA-B19E-6EEE0C9ADC9A}\" = Nero ControlCenter
\"{C05D8CDB-417D-4335-A38C-A0659EDFD6B8}\" = The Sims™ 3
\"{C52E3EC1-048C-45E1-8D53-10B0C6509683}\" = Adobe Default Language CS4
\"{C5A7CB6C-E76D-408F-BA0E-85605420FE9D}\" = SoundTrax
\"{C6579A65-9CAE-4B31-8B6B-3306E0630A66}\" = Apple Software Update
\"{C66824E4-CBB3-4851-BB3F-E8CFD6350923}\" = Windows Live Mail
\"{CC75AB5C-2110-4A7F-AF52-708680D22FE8}\" = Photoshop Camera Raw
\"{CE95A79E-E4FC-4FFF-8A75-29F04B942FF2}\" = Windows Live UX Platform
\"{D025A639-B9C9-417D-8531-208859000AF8}\" = NeroBurningROM
\"{D0B44725-3666-492D-BEF6-587A14BD9BD9}\" = MSVCRT_amd64
\"{D436F577-1695-4D2F-8B44-AC76C99E0002}\" = Windows Live Photo Common
\"{D45240D3-B6B3-4FF9-B243-54ECE3E10066}\" = Windows Live Communications Platform
\"{D9DCF92E-72EB-412D-AC71-3B01276E5F8B}\" = Nero ShowTime
\"{DDC8BDEE-DCAC-404D-8257-3E8D4B782467}\" = Windows Live Writer Resources
\"{E09C4DB7-630C-4F06-A631-8EA7239923AF}\" = D3DX10
\"{E3E71D07-CD27-46CB-8448-16D4FB29AA13}\" = Microsoft WSE 3.0 Runtime
\"{E4848436-0345-47E2-B648-8B522FCDA623}\" = Adobe Photoshop CS4
\"{E50AE784-FABE-46DA-A1F8-7B6B56DCB22E}\" = Microsoft Office Suite Activation Assistant
\"{E5B21F11-6933-4E0B-A25C-7963E3C07D11}\" = Windows Live Messenger
\"{e7cc6d49-4e70-4df9-b3c8-5e24cf6172bf}\" = Nero 9 Trial
\"{E8A80433-302B-4FF1-815D-FCC8EAC482FF}\" = Nero Installer
\"{EE171732-BEB4-4576-887D-CB62727F01CA}\" = Gateway Updater
\"{EE7257A2-39A2-4D2F-9DAC-F9F25B8AE1D8}\" = Skype™ 5.10
\"{F021F776-6BD4-4301-985D-0C1D27EEC8ED}_is1\" = Mixlr version 1.3.2
\"{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}\" = Microsoft SQL Server 2005 Compact Edition [ENU]
\"{F0E64E2E-3A60-40D8-A55D-92F6831875DA}\" = Adobe Search for Help
\"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}\" = Realtek High Definition Audio Driver
\"{F1861F30-3419-44DB-B2A1-C274825698B3}\" = Nero Disc Copy Gadget
\"{F8EF2B3F-C345-4F20-8FE4-791A20333CD5}\" = Adobe ExtendScript Toolkit CS4
\"{F93C84A6-0DC6-42AF-89FA-776F7C377353}\" = Adobe PDF Library Files CS4
\"{FAA7F8FF-3C05-4A61-8F14-D8A6E9ED6623}\" = ooVoo
\"{FBCDFD61-7DCF-4E71-9226-873BA0053139}\" = Nero InfoTool
\"{FCDD51BB-CAD0-4BB1-B7DF-CE86D1032794}\" = Adobe Fonts All
\"{FE044230-9CA5-43F7-9B58-5AC5A28A1F33}\" = Windows Live Essentials
\"Acoustica Effects Pack\" = Acoustica Effects Pack
\"Acoustica Mixcraft 5\" = Acoustica Mixcraft 5
\"Adobe AIR\" = Adobe AIR
\"Adobe Flash Player ActiveX\" = Adobe Flash Player 11 ActiveX
\"Adobe Flash Player Plugin\" = Adobe Flash Player 11 Plugin
\"Adobe Shockwave Player\" = Adobe Shockwave Player 11.6
\"Adobe_faf656ef605427ee2f42989c3ad31b8\" = Adobe Photoshop CS4
\"Age of Empires III Gold Edition 1.00\" = Age of Empires III Gold Edition 1.00
\"AIM MusicLink 4.1.0.0\" = AIM MusicLink 4.1.0.0
\"AIM_7\" = AIM 7
\"Akamai\" = Akamai NetSession Interface Service
\"Anki\" = Anki
\"Antares Autotune VST RTAS TDM_is1\" = Antares Autotune VST RTAS TDM v5.08
\"Antares Autotune VST_is1\" = Antares Autotune VST v5.09
\"ASIO4ALL\" = ASIO4ALL
\"Audacity 1.3 Beta (Unicode)_is1\" = Audacity 1.3.12 (Unicode)
\"avast\" = avast! Free Antivirus
\"BitTorrent\" = BitTorrent
\"Diablo III\" = Diablo III
\"DVDFab 6_is1\" = DVDFab 6.2.0.5 (11/11/2009)
\"ESET Online Scanner\" = ESET Online Scanner v3
\"FitDay_is1\" = FitDay PC version 1.0
\"FL Studio 9\" = FL Studio 9
\"FrostWire\" = FrostWire 4.21.3
\"Gateway InfoCentre\" = Gateway InfoCentre
\"Gateway Registration\" = Gateway Registration
\"Gateway Screensaver\" = Gateway ScreenSaver
\"Gateway Welcome Center\" = Welcome Center
\"Google Chrome\" = Google Chrome
\"Google Updater\" = Google Updater
\"GunboundIS_is1\" = GunboundIS
\"Hardcore\" = Hardcore
\"Identity Card\" = Identity Card
\"IL Download Manager\" = IL Download Manager
\"InstallShield_{2BF2E31F-B8BB-40A7-B650-98D28E0F7D47}\" = CyberLink PowerDVD 8
\"InstallShield_{40BF1E83-20EB-11D8-97C5-0009C5020658}\" = CyberLink Power2Go
\"InstallShield_{72B776E5-4530-4C4B-9453-751DF87D9D93}\" = Gateway MyBackup
\"LManager\" = Launch Manager
\"Malwarebytes\' Anti-Malware_is1\" = Malwarebytes Anti-Malware version 1.70.0.1100
\"Mozilla Firefox 10.0.2 (x86 en-US)\" = Mozilla Firefox 10.0.2 (x86 en-US)
\"Native Instruments Massive v1.0.1.008 VSTi DXi RTAS\" = Native Instruments Massive v1.0.1.008 VSTi DXi RTAS
\"Office14.PROPLUS\" = Microsoft Office Professional Plus 2010
\"OJOsoft Audio Converter_is1\" = OJOsoft Audio Converter
\"Opera 11.11.2109\" = Opera 11.11
\"Photo Recovery Genius_is1\" = Photo Recovery Genius 1.3
\"PhotoFucket\" = PhotoFucket
\"PoiZone\" = PoiZone
\"PosteRazor_is1\" = PosteRazor
\"PunkBusterSvc\" = PunkBuster Services
\"Reason5_is1\" = Reason 5.0.1
\"SaveVid Plug-in\" = SaveVid Plug-in
\"Sawer\" = Sawer
\"SoftwareUpdUtility\" = Download Updater (AOL LLC)
\"SopCast\" = SopCast 3.2.9
\"Steam App 10\" = Counter-Strike
\"Steam App 240\" = Counter-Strike: Source
\"Steam App 440\" = Team Fortress 2
\"The Weather Channel App\" = The Weather Channel App
\"Total Video Converter 3.61_is1\" = Total Video Converter 3.61 100319
\"Toxic Biohazard\" = Toxic Biohazard
\"Tunatic\" = Tunatic
\"uTorrent\" = µTorrent
\"Veetle TV\" = Veetle TV 0.9.18
\"Virtual DJ - Atomix Productions\" = Virtual DJ - Atomix Productions
\"VLC media player\" = VLC media player 1.0.5
\"WebcamMax\" = WebcamMax
\"WildTangent gateway Master Uninstall\" = Gateway Games
\"WinLiveSuite\" = Windows Live Essentials
\"Wondershare Photo Recovery_is1\" = Wondershare Photo Recovery (build 3.0.3)
\"Yahoo! Companion\" = Yahoo! Toolbar
\"Yahoo! Messenger\" = Yahoo! Messenger
\"Yahoo! Software Update\" = Yahoo! Software Update
========== HKEY_CURRENT_USER Uninstall List ==========
[HKEY_CURRENT_USER\\SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Uninstall]
\"{79A765E1-C399-405B-85AF-466F52E918B0}\" = Ask Toolbar Updater
\"Akamai\" = Akamai NetSession Interface
\"EA SPORTS Game Face Browser Plugin\" = EA SPORTS Game Face Browser Plugin 1.5.3.0
\"EA SPORTS Gameface Browser Plugin\" = EA SPORTS Gameface Browser Plugin 1.3.1.0
\"UnityWebPlayer\" = Unity Web Player
========== Last 20 Event Log Errors ==========
[ Application Events ]
Error - 4/12/2013 5:57:13 PM | Computer Name = Will-PC | Source = Bonjour Service | ID = 100
Description = Client application bug: DNSServiceResolve(4c:b1:99:5c:c5:3e@fe80::4eb1:99ff:fe5c:c53e._apple-mobdev._tcp.local.)
active for over two minutes. This places considerable burden on the network.
Error - 4/12/2013 6:20:07 PM | Computer Name = Will-PC | Source = SideBySide | ID = 16842785
Description = Activation context generation failed for \"C:\\Windows\\Installer\\{67E03279-F703-408F-B4BF-46B5FC8D70CD}\\WksWP.exe\".
Dependent
Assembly msadctls,processorArchitecture=\"x86\",type=\"win32\",version=\"1.0.1801.0\"
could not be found. Please use sxstrace.exe for detailed diagnosis.
Error - 4/12/2013 8:50:01 PM | Computer Name = Will-PC | Source = Bonjour Service | ID = 100
Description = ERROR: mDNSPlatformReadTCP - recv: 10053
Error - 4/12/2013 8:50:01 PM | Computer Name = Will-PC | Source = Bonjour Service | ID = 100
Description = 464: ERROR: read_msg errno 0 (The operation completed successfully.)
Error - 4/12/2013 8:50:50 PM | Computer Name = Will-PC | Source = SideBySide | ID = 16842785
Description = Activation context generation failed for \"C:\\Windows\\Installer\\{67E03279-F703-408F-B4BF-46B5FC8D70CD}\\WksWP.exe\".
Dependent
Assembly msadctls,processorArchitecture=\"x86\",type=\"win32\",version=\"1.0.1801.0\"
could not be found. Please use sxstrace.exe for detailed diagnosis.
Error - 4/12/2013 8:51:57 PM | Computer Name = Will-PC | Source = SideBySide | ID = 16842785
Description = Activation context generation failed for \"C:\\Windows\\Installer\\{67E03279-F703-408F-B4BF-46B5FC8D70CD}\\WksWP.exe\".
Dependent
Assembly msadctls,processorArchitecture=\"x86\",type=\"win32\",version=\"1.0.1801.0\"
could not be found. Please use sxstrace.exe for detailed diagnosis.
Error - 4/12/2013 8:59:14 PM | Computer Name = Will-PC | Source = Bonjour Service | ID = 100
Description = Client application bug: DNSServiceResolve(4c:b1:99:5c:c5:3e@fe80::4eb1:99ff:fe5c:c53e._apple-mobdev._tcp.local.)
active for over two minutes. This places considerable burden on the network.
Error - 4/13/2013 4:45:05 AM | Computer Name = Will-PC | Source = SideBySide | ID = 16842815
Description = Activation context generation failed for \"c:\\Program Files (x86)\\Common
Files\\Adobe AIR\\Versions\\1.0\\Adobe AIR.dll\".Error in manifest or policy file \"c:\\Program
Files (x86)\\Common Files\\Adobe AIR\\Versions\\1.0\\Adobe AIR.dll\" on line 3. The value
\"MAJOR_VERSION.MINOR_VERSION.BUILD_NUMBER_MAJOR.BUILD_NUMBER_MINOR\" of attribute
\"version\" in element \"assemblyIdentity\" is invalid.
Error - 4/13/2013 4:46:00 AM | Computer Name = Will-PC | Source = SideBySide | ID = 16842832
Description = Activation context generation failed for \"c:\\program files (x86)\\ESET\\eset
online scanner\\ESETSmartInstaller.exe\".Error in manifest or policy file \"\" on line
. A component version required by the application conflicts with another component
version already active. Conflicting components are:. Component 1: C:\\Windows\\WinSxS\\manifests\\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Component
2: C:\\Windows\\WinSxS\\manifests\\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.
Error - 4/13/2013 7:43:53 PM | Computer Name = Will-PC | Source = SideBySide | ID = 16842785
Description = Activation context generation failed for \"C:\\Windows\\Installer\\{67E03279-F703-408F-B4BF-46B5FC8D70CD}\\WksWP.exe\".
Dependent
Assembly msadctls,processorArchitecture=\"x86\",type=\"win32\",version=\"1.0.1801.0\"
could not be found. Please use sxstrace.exe for detailed diagnosis.
Error - 4/13/2013 7:44:50 PM | Computer Name = Will-PC | Source = SideBySide | ID = 16842785
Description = Activation context generation failed for \"C:\\Windows\\Installer\\{67E03279-F703-408F-B4BF-46B5FC8D70CD}\\WksWP.exe\".
Dependent
Assembly msadctls,processorArchitecture=\"x86\",type=\"win32\",version=\"1.0.1801.0\"
could not be found. Please use sxstrace.exe for detailed diagnosis.
[ Media Center Events ]
Error - 10/3/2012 5:43:09 AM | Computer Name = Will-PC | Source = Microsoft-Windows-Media Center Extender | ID = 112
Description =
Error - 10/4/2012 3:39:06 AM | Computer Name = Will-PC | Source = Microsoft-Windows-Media Center Extender | ID = 112
Description =
Error - 10/12/2012 4:59:52 AM | Computer Name = Will-PC | Source = Microsoft-Windows-Media Center Extender | ID = 112
Description =
Error - 10/14/2012 5:54:08 AM | Computer Name = Will-PC | Source = Microsoft-Windows-Media Center Extender | ID = 112
Description =
Error - 10/17/2012 5:05:44 AM | Computer Name = Will-PC | Source = Microsoft-Windows-Media Center Extender | ID = 301
Description =
Error - 10/20/2012 4:23:04 AM | Computer Name = Will-PC | Source = Microsoft-Windows-Media Center Extender | ID = 112
Description =
Error - 12/11/2012 5:16:50 AM | Computer Name = Will-PC | Source = Microsoft-Windows-Media Center Extender | ID = 301
Description =
Error - 12/11/2012 5:17:04 AM | Computer Name = Will-PC | Source = Microsoft-Windows-Media Center Extender | ID = 301
Description =
Error - 1/5/2013 6:46:46 AM | Computer Name = Will-PC | Source = MCUpdate | ID = 0
Description = 2:28:22 AM - Failed to retrieve SportsV2 (Error: The operation has
timed out)
Error - 1/5/2013 6:54:28 AM | Computer Name = Will-PC | Source = MCUpdate | ID = 0
Description = 2:50:18 AM - Failed to retrieve Broadband (Error: The request was
aborted: The request was canceled.)
[ System Events ]
Error - 4/10/2013 12:35:20 AM | Computer Name = Will-PC | Source = Service Control Manager | ID = 7023
Description = The Security Center service terminated with the following error: %%16389
Error - 4/10/2013 12:27:16 PM | Computer Name = Will-PC | Source = DCOM | ID = 10010
Description =
Error - 4/11/2013 6:37:26 PM | Computer Name = Will-PC | Source = Service Control Manager | ID = 7011
Description = A timeout (30000 milliseconds) was reached while waiting for a transaction
response from the Dnscache service.
Error - 4/11/2013 6:37:56 PM | Computer Name = Will-PC | Source = Service Control Manager | ID = 7011
Description = A timeout (30000 milliseconds) was reached while waiting for a transaction
response from the Dnscache service.
Error - 4/12/2013 2:20:50 AM | Computer Name = Will-PC | Source = Service Control Manager | ID = 7009
Description = A timeout was reached (30000 milliseconds) while waiting for the SBSD
Security Center Service service to connect.
Error - 4/12/2013 2:20:50 AM | Computer Name = Will-PC | Source = Service Control Manager | ID = 7000
Description = The SBSD Security Center Service service failed to start due to the
following error: %%1053
Error - 4/12/2013 5:44:09 PM | Computer Name = Will-PC | Source = EventLog | ID = 6008
Description = The previous system shutdown at 2:38:21 PM on ?4/?12/?2013 was unexpected.
Error - 4/12/2013 8:49:26 PM | Computer Name = Will-PC | Source = EventLog | ID = 6008
Description = The previous system shutdown at 5:46:57 PM on ?4/?12/?2013 was unexpected.
Error - 4/13/2013 7:42:25 PM | Computer Name = Will-PC | Source = EventLog | ID = 6008
Description = The previous system shutdown at 3:07:07 PM on ?4/?13/?2013 was unexpected.
Error - 4/13/2013 7:48:48 PM | Computer Name = Will-PC | Source = Service Control Manager | ID = 7022
Description = The Windows Media Player Network Sharing Service service hung on starting.
< End of report >
AdwCleaner.txt:
# AdwCleaner v2.200 - Logfile created 04/13/2013 at 20:36:26
# Updated 02/04/2013 by Xplode
# Operating system : Windows 7 Home Premium Service Pack 1 (64 bits)
# User : Will - WILL-PC
# Boot Mode : Normal
# Running from : C:\\Users\\Will\\Downloads\\adwcleaner.exe
# Option [Delete]
***** [Services] *****
***** [Files / Folders] *****
***** [Registry] *****
***** [Internet Browsers] *****
-\\\\ Internet Explorer v8.0.7601.17514
[OK] Registry is clean.
-\\\\ Mozilla Firefox v10.0.2 (en-US)
File : C:\\Users\\Will\\AppData\\Roaming\\Mozilla\\Firefox\\Profiles\\8c1x68tq.default\\prefs.js
[OK] File is clean.
-\\\\ Google Chrome v26.0.1410.64
File : C:\\Users\\Will\\AppData\\Local\\Google\\Chrome\\User Data\\Default\\Preferences
[OK] File is clean.
-\\\\ Opera v11.11.2109.0
File : C:\\Users\\Will\\AppData\\Roaming\\Opera\\Opera\\operaprefs.ini
[OK] File is clean.
*************************
AdwCleaner[R1].txt - [8416 octets] - [13/04/2013 19:48:20]
AdwCleaner[R2].txt - [1172 octets] - [13/04/2013 20:35:49]
AdwCleaner[S1].txt - [8632 octets] - [13/04/2013 20:31:05]
AdwCleaner[S2].txt - [1104 octets] - [13/04/2013 20:36:26]
########## EOF - C:\\AdwCleaner[S2].txt - [1164 octets] ##########
OTL.txt:
OTL logfile created on: 4/13/2013 8:42:55 PM - Run 4
OTL by OldTimer - Version 3.2.69.0 Folder = C:\\Users\\Will\\Downloads
64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 8.0.7601.17514)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy
3.93 Gb Total Physical Memory | 1.94 Gb Available Physical Memory | 49.33% Memory free
7.86 Gb Paging File | 5.72 Gb Available in Paging File | 72.77% Paging File free
Paging file location(s): ?:\\pagefile.sys [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\\Windows | %ProgramFiles% = C:\\Program Files (x86)
Drive C: | 453.66 Gb Total Space | 35.13 Gb Free Space | 7.74% Space Free | Partition Type: NTFS
Drive E: | 931.48 Gb Total Space | 279.12 Gb Free Space | 29.97% Space Free | Partition Type: NTFS
Computer Name: WILL-PC | User Name: Will | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Quick Scan | Include 64bit Scans
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days
========== Processes (SafeList) ==========
PRC - [2013/04/13 00:23:49 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\\Users\\Will\\Downloads\\OTL (1).exe
PRC - [2013/04/09 01:57:09 | 001,312,720 | ---- | M] (Google Inc.) -- C:\\Program Files (x86)\\Google\\Chrome\\Application\\chrome.exe
PRC - [2013/02/08 12:39:05 | 013,102,080 | ---- | M] (The Weather Channel) -- C:\\Program Files (x86)\\The Weather Channel\\The Weather Channel App\\TWCApp.exe
PRC - [2012/12/14 17:49:28 | 000,682,344 | ---- | M] (Malwarebytes Corporation) -- C:\\Program Files (x86)\\Malwarebytes\' Anti-Malware\\mbamservice.exe
PRC - [2012/12/14 17:49:28 | 000,512,360 | ---- | M] (Malwarebytes Corporation) -- C:\\Program Files (x86)\\Malwarebytes\' Anti-Malware\\mbamgui.exe
PRC - [2012/12/14 17:49:28 | 000,398,184 | ---- | M] (Malwarebytes Corporation) -- C:\\Program Files (x86)\\Malwarebytes\' Anti-Malware\\mbamscheduler.exe
PRC - [2012/10/30 15:50:59 | 004,297,136 | ---- | M] (AVAST Software) -- C:\\Program Files\\Alwil Software\\Avast5\\AvastUI.exe
PRC - [2012/10/30 15:50:59 | 000,044,808 | ---- | M] (AVAST Software) -- C:\\Program Files\\Alwil Software\\Avast5\\AvastSvc.exe
PRC - [2012/06/04 09:31:40 | 001,466,760 | ---- | M] (Garmin) -- C:\\Program Files (x86)\\Garmin\\Lifetime Updater\\GarminLifetime.exe
PRC - [2011/08/24 17:30:58 | 000,651,832 | ---- | M] (Sony Corporation) -- C:\\Program Files (x86)\\Sony\\PMB\\PMBVolumeWatcher.exe
PRC - [2011/08/24 17:30:58 | 000,430,136 | ---- | M] (Sony Corporation) -- C:\\Program Files (x86)\\Sony\\PMB\\PMBDeviceInfoProvider.exe
PRC - [2011/05/19 09:51:52 | 002,629,632 | R--- | M] (Brother Industries, Ltd.) -- C:\\Program Files (x86)\\Browny02\\Brother\\BrStMonW.exe
PRC - [2011/04/20 17:58:02 | 001,204,224 | ---- | M] (Brother Industries, Ltd.) -- C:\\Program Files (x86)\\ControlCenter4\\BrCcUxSys.exe
PRC - [2011/04/20 17:53:10 | 000,335,872 | ---- | M] (Brother Industries, Ltd.) -- C:\\Program Files (x86)\\ControlCenter4\\BrCtrlCntr.exe
PRC - [2011/03/19 14:47:46 | 000,189,248 | ---- | M] () -- C:\\Windows\\SysWOW64\\PnkBstrB.exe
PRC - [2011/03/19 14:47:38 | 000,075,136 | ---- | M] () -- C:\\Windows\\SysWOW64\\PnkBstrA.exe
PRC - [2010/03/09 00:42:02 | 000,029,984 | ---- | M] (Nuance Communications, Inc.) -- C:\\Program Files (x86)\\Nuance\\PaperPort\\pptd40nt.exe
PRC - [2010/03/09 00:40:36 | 000,144,672 | ---- | M] (Nuance Communications, Inc.) -- C:\\Program Files (x86)\\Nuance\\PaperPort\\PDFProFiltSrvPP.exe
PRC - [2010/03/05 20:11:30 | 000,636,192 | ---- | M] (Nuance Communications, Inc.) -- C:\\Program Files (x86)\\Nuance\\PDF Viewer Plus\\pdfPro5Hook.exe
PRC - [2010/01/25 08:22:56 | 000,245,760 | ---- | M] (Brother Industries, Ltd.) -- C:\\Program Files (x86)\\Browny02\\BrYNSvc.exe
PRC - [2009/09/23 14:38:18 | 000,935,208 | ---- | M] (Nero AG) -- C:\\Program Files (x86)\\Common Files\\Nero\\Nero BackItUp 4\\NBService.exe
PRC - [2009/08/20 17:25:50 | 000,062,720 | ---- | M] (NewTech Infosystems, Inc.) -- C:\\Program Files (x86)\\NewTech Infosystems\\Gateway MyBackup\\IScheduleSvc.exe
PRC - [2009/07/03 18:47:12 | 000,240,160 | ---- | M] (Acer) -- C:\\Program Files\\Gateway\\Gateway Updater\\UpdaterService.exe
PRC - [2009/06/04 06:04:50 | 001,150,496 | ---- | M] (Acer Incorporated) -- C:\\Program Files (x86)\\Gateway\\Registration\\GregHSRW.exe
PRC - [2009/06/03 21:59:02 | 000,103,720 | ---- | M] (CyberLink) -- C:\\Program Files (x86)\\CyberLink\\Power2Go\\CLMLSvc.exe
PRC - [2009/05/05 16:06:06 | 000,222,496 | ---- | M] (Acresso Corporation) -- C:\\ProgramData\\FLEXnet\\Connect\\11\\ISUSPM.exe
PRC - [2009/01/26 16:31:10 | 001,153,368 | ---- | M] (Safer Networking Ltd.) -- C:\\Program Files (x86)\\Spybot - Search & Destroy\\SDWinSec.exe
PRC - [2008/11/09 13:48:14 | 000,602,392 | ---- | M] (Yahoo! Inc.) -- C:\\Program Files (x86)\\Yahoo!\\SoftwareUpdate\\YahooAUService.exe
========== Modules (No Company Name) ==========
MOD - [2013/04/09 01:57:07 | 000,390,096 | ---- | M] () -- C:\\Program Files (x86)\\Google\\Chrome\\Application\\26.0.1410.64\\ppgooglenaclpluginchrome.dll
MOD - [2013/04/09 01:57:05 | 004,050,896 | ---- | M] () -- C:\\Program Files (x86)\\Google\\Chrome\\Application\\26.0.1410.64\\pdf.dll
MOD - [2013/04/09 01:56:15 | 000,598,480 | ---- | M] () -- C:\\Program Files (x86)\\Google\\Chrome\\Application\\26.0.1410.64\\libglesv2.dll
MOD - [2013/04/09 01:56:14 | 000,124,368 | ---- | M] () -- C:\\Program Files (x86)\\Google\\Chrome\\Application\\26.0.1410.64\\libegl.dll
MOD - [2013/04/09 01:56:13 | 001,606,096 | ---- | M] () -- C:\\Program Files (x86)\\Google\\Chrome\\Application\\26.0.1410.64\\ffmpegsumo.dll
MOD - [2013/02/14 04:17:58 | 001,880,576 | ---- | M] () -- C:\\Windows\\assembly\\NativeImages_v4.0.30319_32\\System.Deployment\\75b362975753a31559874bea5609e59c\\System.Deployment.ni.dll
MOD - [2013/02/14 04:06:57 | 013,199,360 | ---- | M] () -- C:\\Windows\\assembly\\NativeImages_v4.0.30319_32\\System.Windows.Forms\\39f4c7717661667c68f9af8c4f6402b9\\System.Windows.Forms.ni.dll
MOD - [2013/01/10 09:30:30 | 018,080,256 | ---- | M] () -- C:\\Windows\\assembly\\NativeImages_v4.0.30319_32\\System.ServiceModel\\a0445401f2473a1aa4b66c9c0791c7f6\\System.ServiceModel.ni.dll
MOD - [2013/01/10 09:28:31 | 000,196,096 | ---- | M] () -- C:\\Windows\\assembly\\NativeImages_v4.0.30319_32\\UIAutomationTypes\\00b3e4fe5239ad310594f6a6ea0951da\\UIAutomationTypes.ni.dll
MOD - [2013/01/10 09:28:31 | 000,189,440 | ---- | M] () -- C:\\Windows\\assembly\\NativeImages_v4.0.30319_32\\System.Windows.Inpu#\\e6a6e2678f6215574be155e9088c1a01\\System.Windows.Input.Manipulations.ni.dll
MOD - [2013/01/10 09:28:30 | 000,096,768 | ---- | M] () -- C:\\Windows\\assembly\\NativeImages_v4.0.30319_32\\UIAutomationProvider\\a1b65a602c75409c0c1ce7fa1f2a0983\\UIAutomationProvider.ni.dll
MOD - [2013/01/10 09:28:14 | 000,771,584 | ---- | M] () -- C:\\Windows\\assembly\\NativeImages_v4.0.30319_32\\System.Runtime.Remo#\\5ea93652e4752c75bc6fbb195b4eb864\\System.Runtime.Remoting.ni.dll
MOD - [2013/01/10 09:28:10 | 001,021,952 | ---- | M] () -- C:\\Windows\\assembly\\NativeImages_v4.0.30319_32\\System.Runtime.Dura#\\e7b4706dfe18f29486dbaf5d35e01765\\System.Runtime.DurableInstancing.ni.dll
MOD - [2013/01/10 09:28:09 | 000,143,360 | ---- | M] () -- C:\\Windows\\assembly\\NativeImages_v4.0.30319_32\\SMDiagnostics\\ef7642a4f2724135d445e2ea36582e78\\SMDiagnostics.ni.dll
MOD - [2013/01/10 09:28:08 | 002,647,040 | ---- | M] () -- C:\\Windows\\assembly\\NativeImages_v4.0.30319_32\\System.Runtime.Seri#\\910fe53ec2122cf3a2ad11c2b2f5cbfd\\System.Runtime.Serialization.ni.dll
MOD - [2013/01/10 09:28:05 | 000,393,216 | ---- | M] () -- C:\\Windows\\assembly\\NativeImages_v4.0.30319_32\\System.Xml.Linq\\d01a925ecd339eae8ea1da8488eb2283\\System.Xml.Linq.ni.dll
MOD - [2013/01/10 09:27:26 | 001,801,728 | ---- | M] () -- C:\\Windows\\assembly\\NativeImages_v4.0.30319_32\\System.Xaml\\866894ebe5258bf9f45d6b063229e990\\System.Xaml.ni.dll
MOD - [2013/01/10 08:47:02 | 018,002,944 | ---- | M] () -- C:\\Windows\\assembly\\NativeImages_v4.0.30319_32\\PresentationFramewo#\\14f511c47523f19ca591eb207e9e2084\\PresentationFramework.ni.dll
MOD - [2013/01/10 08:46:34 | 000,595,968 | ---- | M] () -- C:\\Windows\\assembly\\NativeImages_v4.0.30319_32\\PresentationFramewo#\\dfeff31ab1e7cd3480c8942290c92f5d\\PresentationFramework.Aero.ni.dll
MOD - [2013/01/10 08:46:33 | 011,451,904 | ---- | M] () -- C:\\Windows\\assembly\\NativeImages_v4.0.30319_32\\PresentationCore\\e10fd15441d278c04a03302880a3e231\\PresentationCore.ni.dll
MOD - [2013/01/10 08:46:08 | 000,745,984 | ---- | M] () -- C:\\Windows\\assembly\\NativeImages_v4.0.30319_32\\System.Security\\581e9ba9c81e2840a917fbd3d9661f85\\System.Security.ni.dll
MOD - [2013/01/10 08:46:05 | 000,982,528 | ---- | M] () -- C:\\Windows\\assembly\\NativeImages_v4.0.30319_32\\System.Configuration\\5de5d8c1c02e33789e3cf7e3f54c0ec9\\System.Configuration.ni.dll
MOD - [2013/01/10 08:46:01 | 005,617,664 | ---- | M] () -- C:\\Windows\\assembly\\NativeImages_v4.0.30319_32\\System.Xml\\43cd41484df96d15df949eb17dd88152\\System.Xml.ni.dll
MOD - [2013/01/10 08:45:23 | 007,069,696 | ---- | M] () -- C:\\Windows\\assembly\\NativeImages_v4.0.30319_32\\System.Core\\27dcf04ed7a3506045597c02a5a1fc31\\System.Core.ni.dll
MOD - [2013/01/10 08:45:08 | 001,667,584 | ---- | M] () -- C:\\Windows\\assembly\\NativeImages_v4.0.30319_32\\System.Drawing\\b573c6a62bb88df0ee2af59b6a8ca910\\System.Drawing.ni.dll
MOD - [2013/01/10 08:45:07 | 003,858,944 | ---- | M] () -- C:\\Windows\\assembly\\NativeImages_v4.0.30319_32\\WindowsBase\\7a9ff5ce3a909d075179a2ac70d8f388\\WindowsBase.ni.dll
MOD - [2013/01/10 08:45:01 | 009,094,656 | ---- | M] () -- C:\\Windows\\assembly\\NativeImages_v4.0.30319_32\\System\\15872842e3e63ddf0f720f406706198e\\System.ni.dll
MOD - [2013/01/10 08:44:46 | 014,412,800 | ---- | M] () -- C:\\Windows\\assembly\\NativeImages_v4.0.30319_32\\mscorlib\\3f95a6d480ed1ebe45cf27b770ba94ed\\mscorlib.ni.dll
MOD - [2011/06/24 22:56:36 | 000,087,328 | ---- | M] () -- C:\\Program Files (x86)\\Common Files\\Apple\\Apple Application Support\\zlib1.dll
MOD - [2011/06/24 22:56:14 | 001,241,888 | ---- | M] () -- C:\\Program Files (x86)\\Common Files\\Apple\\Apple Application Support\\libxml2.dll
MOD - [2009/06/03 21:59:14 | 000,013,096 | ---- | M] () -- C:\\Program Files (x86)\\CyberLink\\Power2Go\\CLMLSvcPS.dll
MOD - [2009/06/03 21:59:02 | 000,619,816 | ---- | M] () -- C:\\Program Files (x86)\\CyberLink\\Power2Go\\CLMediaLibrary.dll
MOD - [2009/02/27 16:38:20 | 000,139,264 | R--- | M] () -- C:\\Program Files (x86)\\Brother\\BrUtilities\\BrLogAPI.dll
========== Services (SafeList) ==========
SRV:64bit: - [2012/10/30 15:50:59 | 000,044,808 | ---- | M] (AVAST Software) [Auto | Running] -- C:\\Program Files\\Alwil Software\\Avast5\\AvastSvc.exe -- (avast! Antivirus)
SRV:64bit: - [2010/04/05 18:02:56 | 001,038,088 | ---- | M] (Acresso Software Inc.) [On_Demand | Stopped] -- C:\\Program Files\\Common Files\\Macrovision Shared\\FLEXnet Publisher\\FNPLicensingService64.exe -- (FLEXnet Licensing Service 64)
SRV:64bit: - [2009/08/05 21:30:58 | 000,844,320 | ---- | M] (Acer Incorporated) [Auto | Running] -- C:\\Program Files\\Gateway\\Gateway Power Management\\ePowerSvc.exe -- (ePowerSvc)
SRV:64bit: - [2009/07/13 18:41:27 | 001,011,712 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\\Program Files\\Windows Defender\\MpSvc.dll -- (WinDefend)
SRV:64bit: - [2009/07/03 18:47:12 | 000,240,160 | ---- | M] (Acer) [Auto | Running] -- C:\\Program Files\\Gateway\\Gateway Updater\\UpdaterService.exe -- (Updater Service)
SRV - [2013/03/25 06:41:23 | 004,561,152 | ---- | M] () [Auto | Running] -- c:\\program files (x86)\\common files\\akamai/netsession_win_ca0e279.dll -- (Akamai)
SRV - [2013/03/12 14:42:31 | 000,253,656 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)
SRV - [2013/01/21 21:24:11 | 000,541,608 | ---- | M] (Valve Corporation) [On_Demand | Stopped] -- C:\\Program Files (x86)\\Common Files\\Steam\\SteamService.exe -- (Steam Client Service)
SRV - [2012/12/14 17:49:28 | 000,682,344 | ---- | M] (Malwarebytes Corporation) [Auto | Running] -- C:\\Program Files (x86)\\Malwarebytes\' Anti-Malware\\mbamservice.exe -- (MBAMService)
SRV - [2012/12/14 17:49:28 | 000,398,184 | ---- | M] (Malwarebytes Corporation) [Auto | Running] -- C:\\Program Files (x86)\\Malwarebytes\' Anti-Malware\\mbamscheduler.exe -- (MBAMScheduler)
SRV - [2012/07/13 13:28:36 | 000,160,944 | R--- | M] (Skype Technologies) [Auto | Stopped] -- C:\\Program Files (x86)\\Skype\\Updater\\Updater.exe -- (SkypeUpdate)
SRV - [2011/08/24 17:30:58 | 000,430,136 | ---- | M] (Sony Corporation) [Auto | Running] -- C:\\Program Files (x86)\\Sony\\PMB\\PMBDeviceInfoProvider.exe -- (PMBDeviceInfoProvider)
SRV - [2011/03/19 14:47:46 | 000,189,248 | ---- | M] () [Auto | Running] -- C:\\Windows\\SysWOW64\\PnkBstrB.exe -- (PnkBstrB)
SRV - [2011/03/19 14:47:38 | 000,075,136 | ---- | M] () [Auto | Running] -- C:\\Windows\\SysWOW64\\PnkBstrA.exe -- (PnkBstrA)
SRV - [2010/04/05 18:02:49 | 000,655,624 | ---- | M] (Acresso Software Inc.) [On_Demand | Stopped] -- C:\\Program Files (x86)\\Common Files\\Macrovision Shared\\FLEXnet Publisher\\FNPLicensingService.exe -- (FLEXnet Licensing Service)
SRV - [2010/03/18 13:16:28 | 000,130,384 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\\Windows\\Microsoft.NET\\Framework\\v4.0.30319\\mscorsvw.exe -- (clr_optimization_v4.0.30319_32)
SRV - [2010/03/09 00:40:36 | 000,144,672 | ---- | M] (Nuance Communications, Inc.) [Auto | Running] -- C:\\Program Files (x86)\\Nuance\\PaperPort\\PDFProFiltSrvPP.exe -- (PDFProFiltSrvPP)
SRV - [2010/01/25 08:22:56 | 000,245,760 | ---- | M] (Brother Industries, Ltd.) [On_Demand | Running] -- C:\\Program Files (x86)\\Browny02\\BrYNSvc.exe -- (BrYNSvc)
SRV - [2009/09/23 14:38:18 | 000,935,208 | ---- | M] (Nero AG) [Auto | Running] -- C:\\Program Files (x86)\\Common Files\\Nero\\Nero BackItUp 4\\NBService.exe -- (Nero BackItUp Scheduler 4.0)
SRV - [2009/08/20 17:25:50 | 000,062,720 | ---- | M] (NewTech Infosystems, Inc.) [Auto | Running] -- C:\\Program Files (x86)\\NewTech Infosystems\\Gateway MyBackup\\IScheduleSvc.exe -- (NTI IScheduleSvc)
SRV - [2009/06/10 14:23:09 | 000,066,384 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\\Windows\\Microsoft.NET\\Framework\\v2.0.50727\\mscorsvw.exe -- (clr_optimization_v2.0.50727_32)
SRV - [2009/06/04 06:04:50 | 001,150,496 | ---- | M] (Acer Incorporated) [Auto | Running] -- C:\\Program Files (x86)\\Gateway\\Registration\\GregHSRW.exe -- (Greg_Service)
SRV - [2009/05/22 11:02:20 | 000,250,616 | ---- | M] (WildTangent, Inc.) [On_Demand | Stopped] -- C:\\Program Files (x86)\\Gateway Games\\Gateway Game Console\\GameConsoleService.exe -- (GameConsoleService)
SRV - [2009/04/28 20:21:18 | 000,436,736 | ---- | M] (Conexant Systems, Inc.) [Auto | Running] -- C:\\Windows\\SysWOW64\\XAudio64.dll -- (HsfXAudioService)
SRV - [2008/11/09 13:48:14 | 000,602,392 | ---- | M] (Yahoo! Inc.) [Auto | Running] -- C:\\Program Files (x86)\\Yahoo!\\SoftwareUpdate\\YahooAUService.exe -- (YahooAUService)
========== Driver Services (SafeList) ==========
DRV:64bit: - [2013/02/11 21:12:06 | 000,019,968 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\\Windows\\SysNative\\drivers\\usb8023x.sys -- (usb_rndisx)
DRV:64bit: - [2012/12/14 17:49:28 | 000,024,176 | ---- | M] (Malwarebytes Corporation) [File_System | On_Demand | Running] -- C:\\Windows\\SysNative\\drivers\\mbam.sys -- (MBAMProtector)
DRV:64bit: - [2012/12/13 14:50:36 | 000,054,784 | ---- | M] (Apple, Inc.) [Kernel | On_Demand | Stopped] -- C:\\Windows\\SysNative\\drivers\\usbaapl64.sys -- (USBAAPL64)
DRV:64bit: - [2012/10/30 15:51:56 | 000,059,728 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\\Windows\\SysNative\\drivers\\aswTdi.sys -- (aswTdi)
DRV:64bit: - [2012/10/30 15:51:55 | 000,984,144 | ---- | M] (AVAST Software) [File_System | System | Running] -- C:\\Windows\\SysNative\\drivers\\aswSnx.sys -- (aswSnx)
DRV:64bit: - [2012/10/30 15:51:55 | 000,370,288 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\\Windows\\SysNative\\drivers\\aswSP.sys -- (aswSP)
DRV:64bit: - [2012/10/30 15:51:55 | 000,071,600 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:\\Windows\\SysNative\\drivers\\aswMonFlt.sys -- (aswMonFlt)
DRV:64bit: - [2012/10/30 15:51:53 | 000,025,232 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:\\Windows\\SysNative\\drivers\\aswFsBlk.sys -- (aswFsBlk)
DRV:64bit: - [2012/10/15 08:59:28 | 000,054,072 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\\Windows\\SysNative\\drivers\\aswRdr2.sys -- (aswRdr)
DRV:64bit: - [2012/08/21 13:01:20 | 000,033,240 | ---- | M] (GEAR Software Inc.) [Kernel | On_Demand | Running] -- C:\\Windows\\SysNative\\drivers\\GEARAspiWDM.sys -- (GEARAspiWDM)
DRV:64bit: - [2012/05/11 07:34:14 | 000,203,320 | ---- | M] (DEVGURU Co., LTD.(www.devguru.co.kr)) [Kernel | On_Demand | Stopped] -- C:\\Windows\\SysNative\\drivers\\ssudmdm.sys -- (ssudmdm)
DRV:64bit: - [2012/05/11 07:34:12 | 000,099,384 | ---- | M] (DEVGURU Co., LTD.(www.devguru.co.kr)) [Kernel | On_Demand | Stopped] -- C:\\Windows\\SysNative\\drivers\\ssudbus.sys -- (dg_ssudbus)
DRV:64bit: - [2012/02/29 23:46:16 | 000,023,408 | ---- | M] (Microsoft Corporation) [Recognizer | Boot | Unknown] -- C:\\Windows\\SysNative\\drivers\\fs_rec.sys -- (Fs_Rec)
DRV:64bit: - [2011/03/10 23:41:12 | 000,107,904 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\\Windows\\SysNative\\drivers\\amdsata.sys -- (amdsata)
DRV:64bit: - [2011/03/10 23:41:12 | 000,027,008 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\\Windows\\SysNative\\drivers\\amdxata.sys -- (amdxata)
DRV:64bit: - [2010/11/20 06:33:35 | 000,078,720 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\\Windows\\SysNative\\drivers\\HpSAMD.sys -- (HpSAMD)
DRV:64bit: - [2010/11/20 04:07:05 | 000,059,392 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\\Windows\\SysNative\\drivers\\TsUsbFlt.sys -- (TsUsbFlt)
DRV:64bit: - [2010/06/30 12:55:57 | 000,086,584 | ---- | M] (Adobe Systems, Inc.) [Kernel | Auto | Running] -- C:\\Windows\\SysNative\\drivers\\adfs.sys -- (adfs)
DRV:64bit: - [2010/03/15 15:38:39 | 000,082,816 | ---- | M] (VSO Software) [Kernel | On_Demand | Running] -- C:\\Windows\\SysNative\\drivers\\pcouffin.sys -- (pcouffin)
DRV:64bit: - [2010/03/12 23:23:32 | 000,834,544 | ---- | M] () [Kernel | Boot | Running] -- C:\\Windows\\SysNative\\drivers\\sptd.sys -- (sptd)
DRV:64bit: - [2010/01/13 16:37:18 | 007,675,392 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\\Windows\\SysNative\\drivers\\NETw5s64.sys -- (NETw5s64)
DRV:64bit: - [2009/09/02 19:54:20 | 007,369,728 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\\Windows\\SysNative\\drivers\\igdkmd64.sys -- (igfx)
DRV:64bit: - [2009/08/09 20:07:14 | 000,222,208 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Stopped] -- C:\\Windows\\SysNative\\drivers\\RtsUStor.sys -- (RSUSBSTOR)
DRV:64bit: - [2009/07/13 18:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\\Windows\\SysNative\\drivers\\amdsbs.sys -- (amdsbs)
DRV:64bit: - [2009/07/13 18:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\\Windows\\SysNative\\drivers\\lsi_sas2.sys -- (LSI_SAS2)
DRV:64bit: - [2009/07/13 18:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\\Windows\\SysNative\\drivers\\stexstor.sys -- (stexstor)
DRV:64bit: - [2009/07/13 17:39:20 | 000,023,040 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\\Windows\\SysNative\\drivers\\WSDPrint.sys -- (WSDPrintDevice)
DRV:64bit: - [2009/07/13 17:35:37 | 000,025,088 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\\Windows\\SysNative\\drivers\\WSDScan.sys -- (WSDScan)
DRV:64bit: - [2009/07/13 17:35:32 | 000,012,288 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\\Windows\\SysNative\\drivers\\serscan.sys -- (StillCam)
DRV:64bit: - [2009/07/13 14:59:33 | 005,020,672 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\\Windows\\SysNative\\drivers\\atikmdag.sys -- (atikmdag)
DRV:64bit: - [2009/06/24 03:23:24 | 000,205,472 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Stopped] -- C:\\Windows\\SysNative\\drivers\\RtHDMIVX.sys -- (RTHDMIAzAudService)
DRV:64bit: - [2009/06/18 05:12:32 | 000,272,432 | ---- | M] (Synaptics Incorporated) [Kernel | On_Demand | Running] -- C:\\Windows\\SysNative\\drivers\\SynTP.sys -- (SynTP)
DRV:64bit: - [2009/06/10 14:01:11 | 001,485,312 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Stopped] -- C:\\Windows\\SysNative\\drivers\\VSTDPV6.SYS -- (SrvHsfV92)
DRV:64bit: - [2009/06/10 14:01:11 | 000,740,864 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Stopped] -- C:\\Windows\\SysNative\\drivers\\VSTCNXT6.SYS -- (SrvHsfWinac)
DRV:64bit: - [2009/06/10 14:01:11 | 000,292,864 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Stopped] -- C:\\Windows\\SysNative\\drivers\\VSTAZL6.SYS -- (SrvHsfHDA)
DRV:64bit: - [2009/06/10 13:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\\Windows\\SysNative\\drivers\\evbda.sys -- (ebdrv)
DRV:64bit: - [2009/06/10 13:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\\Windows\\SysNative\\drivers\\bxvbda.sys -- (b06bdrv)
DRV:64bit: - [2009/06/10 13:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\\Windows\\SysNative\\drivers\\b57nd60a.sys -- (b57nd60a)
DRV:64bit: - [2009/06/10 13:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\\Windows\\SysNative\\drivers\\hcw85cir.sys -- (hcw85cir)
DRV:64bit: - [2009/06/06 09:36:46 | 000,317,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Running] -- C:\\Windows\\SysNative\\drivers\\k57nd60a.sys -- (k57nd60a)
DRV:64bit: - [2009/05/25 13:13:10 | 000,138,752 | ---- | M] (Intel(R) Corporation) [Kernel | On_Demand | Running] -- C:\\Windows\\SysNative\\drivers\\IntcHdmi.sys -- (IntcHdmiAddService)
DRV:64bit: - [2009/05/13 17:51:40 | 005,435,904 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\\Windows\\SysNative\\drivers\\NETw5v64.sys -- (netw5v64)
DRV:64bit: - [2009/05/05 16:46:08 | 000,018,432 | ---- | M] (NewTech Infosystems, Inc.) [Kernel | On_Demand | Running] -- C:\\Windows\\SysNative\\drivers\\NTIDrvr.sys -- (NTIDrvr)
DRV:64bit: - [2009/05/05 16:46:08 | 000,016,896 | ---- | M] (NewTech Infosystems Corporation) [Kernel | On_Demand | Running] -- C:\\Windows\\SysNative\\drivers\\UBHelper.sys -- (UBHelper)
DRV:64bit: - [2009/04/28 20:21:08 | 000,010,240 | ---- | M] (Conexant Systems, Inc.) [Kernel | Auto | Running] -- C:\\Windows\\SysNative\\drivers\\XAudio64.sys -- (XAudio)
DRV:64bit: - [2009/02/12 07:24:56 | 001,485,824 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Running] -- C:\\Windows\\SysNative\\drivers\\CAX_DPV.sys -- (HSF_DPV)
DRV:64bit: - [2009/02/12 07:20:56 | 000,292,864 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Running] -- C:\\Windows\\SysNative\\drivers\\CAXHWAZL.sys -- (CAXHWAZL)
DRV:64bit: - [2009/02/12 07:19:34 | 000,740,864 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Running] -- C:\\Windows\\SysNative\\drivers\\CAX_CNXT.sys -- (winachsf)
DRV:64bit: - [2008/05/06 16:06:00 | 000,014,464 | ---- | M] (Western Digital Technologies) [Kernel | On_Demand | Running] -- C:\\Windows\\SysNative\\drivers\\wdcsam64.sys -- (WDC_SAM)
DRV:64bit: - [2006/06/17 15:27:24 | 000,017,024 | ---- | M] (Conexant) [Kernel | Auto | Running] -- C:\\Windows\\SysNative\\drivers\\mdmxsdk.sys -- (mdmxsdk)
DRV - [2011/09/25 01:31:51 | 000,045,176 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\\Game\\SoftnyxGame\\GunboundIS\\Gun64.sys -- (Gun)
DRV - [2010/06/30 12:55:57 | 000,086,584 | ---- | M] (Adobe Systems, Inc.) [Kernel | Auto | Running] -- C:\\Windows\\SysWow64\\drivers\\adfs.sys -- (adfs)
DRV - [2009/07/13 18:19:10 | 000,019,008 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\\Windows\\SysWOW64\\drivers\\wimmount.sys -- (WIMMount)
DRV - [2009/03/25 20:16:08 | 000,025,608 | ---- | M] (Dritek System Inc.) [Kernel | On_Demand | Running] -- C:\\Windows\\SysWOW64\\drivers\\DKbFltr.sys -- (DKbFltr)
DRV - [2005/02/03 01:50:28 | 000,004,224 | ---- | M] () [File_System | System | Unknown] -- C:\\Windows\\SysWow64\\StarOpen.sys -- (StarOpen)
========== Standard Registry (SafeList) ==========
========== Internet Explorer ==========
IE:64bit: - HKLM\\..\\SearchScopes,DefaultScope =
IE - HKLM\\SOFTWARE\\Microsoft\\Internet Explorer\\Main,Local Page = C:\\Windows\\SysWOW64\\blank.htm
IE - HKLM\\..\\SearchScopes,DefaultScope =
IE - HKCU\\..\\URLSearchHook: - No CLSID value found
IE - HKCU\\..\\SearchScopes,DefaultScope = {6A1806CD-94D4-4689-BA73-E35EA1EA9990}
IE - HKCU\\Software\\Microsoft\\Windows\\CurrentVersion\\Internet Settings: \"ProxyEnable\" = 0
IE - HKCU\\Software\\Microsoft\\Windows\\CurrentVersion\\Internet Settings: \"ProxyOverride\" = *.local;127.0.0.1:9421;<local>
========== FireFox ==========
FF - prefs.js..browser.search.selectedEngine: \"Google\"
FF - prefs.js..browser.search.useDBForOrder: true
FF - prefs.js..extensions.enabledAddons: {195A3098-0BD5-4e90-AE22-BA1C540AFD1E}:4.0.4
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}:6.0.20
FF - prefs.js..extensions.enabledItems: {635abd67-4fe9-1b23-4f01-e679fa7484c1}:2.1.3.20100310105313
FF - prefs.js..extensions.enabledItems: {AB2CE124-6272-4b12-94A9-7303C7397BD1}:5.0.0.6906
FF - prefs.js..extensions.enabledItems: vshare@toolbar:1.0.0
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}:6.0.22
FF - prefs.js..extensions.enabledItems: {6cbc25b0-0a52-11df-8a39-0800200c9a66}:1.0.27
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA}:6.0.23
FF - prefs.js..extensions.enabledItems: {d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}:1.3.9
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA}:6.0.24
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0025-ABCDEFFEDCBA}:6.0.25
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA}:6.0.26
FF - user.js - File not found
FF:64bit: - HKLM\\Software\\MozillaPlugins\\@adobe.com/FlashPlayer: C:\\Windows\\system32\\Macromed\\Flash\\NPSWF64_11_6_602_180.dll File not found
FF:64bit: - HKLM\\Software\\MozillaPlugins\\@microsoft.com/GENUINE: disabled File not found
FF:64bit: - HKLM\\Software\\MozillaPlugins\\@Microsoft.com/NpCtrl,version=1.0: C:\\Program Files\\Microsoft Silverlight\\5.1.20125.0\\npctrl.dll ( Microsoft Corporation)
FF:64bit: - HKLM\\Software\\MozillaPlugins\\@microsoft.com/OfficeAuthz,version=14.0: C:\\PROGRA~1\\MICROS~2\\Office14\\NPAUTHZ.DLL (Microsoft Corporation)
FF - HKLM\\Software\\MozillaPlugins\\@adobe.com/FlashPlayer: C:\\Windows\\SysWOW64\\Macromed\\Flash\\NPSWF32_11_6_602_180.dll ()
FF - HKLM\\Software\\MozillaPlugins\\@adobe.com/ShockwavePlayer: C:\\Windows\\system32\\Adobe\\Director\\np32dsw.dll (Adobe Systems, Inc.)
FF - HKLM\\Software\\MozillaPlugins\\@Apple.com/iTunes,version=: File not found
FF - HKLM\\Software\\MozillaPlugins\\@Apple.com/iTunes,version=1.0: C:\\Program Files (x86)\\iTunes\\Mozilla Plugins\\npitunes.dll ()
FF - HKLM\\Software\\MozillaPlugins\\@java.com/JavaPlugin: C:\\Program Files (x86)\\Java\\jre6\\bin\\new_plugin\\npjp2.dll (Sun Microsystems, Inc.)
FF - HKLM\\Software\\MozillaPlugins\\@messenger.yahoo.com/YahooMessengerStatePlugin;version=1.0.0.6: C:\\Program Files (x86)\\Yahoo!\\Shared\\npYState.dll (Yahoo! Inc.)
FF - HKLM\\Software\\MozillaPlugins\\@microsoft.com/GENUINE: disabled File not found
FF - HKLM\\Software\\MozillaPlugins\\@Microsoft.com/NpCtrl,version=1.0: C:\\Program Files (x86)\\Microsoft Silverlight\\5.1.20125.0\\npctrl.dll ( Microsoft Corporation)
FF - HKLM\\Software\\MozillaPlugins\\@microsoft.com/OfficeAuthz,version=14.0: C:\\PROGRA~2\\MICROS~1\\Office14\\NPAUTHZ.DLL (Microsoft Corporation)
FF - HKLM\\Software\\MozillaPlugins\\@microsoft.com/SharePoint,version=14.0: C:\\PROGRA~2\\MICROS~1\\Office14\\NPSPWRAP.DLL (Microsoft Corporation)
FF - HKLM\\Software\\MozillaPlugins\\@microsoft.com/WLPG,version=15.4.3502.0922: C:\\Program Files (x86)\\Windows Live\\Photo Gallery\\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\\Software\\MozillaPlugins\\@microsoft.com/WLPG,version=15.4.3508.1109: C:\\Program Files (x86)\\Windows Live\\Photo Gallery\\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\\Software\\MozillaPlugins\\@microsoft.com/WLPG,version=15.4.3555.0308: C:\\Program Files (x86)\\Windows Live\\Photo Gallery\\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\\Software\\MozillaPlugins\\@pack.google.com/Google Updater;version=14: C:\\Program Files (x86)\\Google\\Google Updater\\2.4.2432.1652\\npCIDetect14.dll (Google)
FF - HKLM\\Software\\MozillaPlugins\\@tools.google.com/Google Update;version=3: C:\\Program Files (x86)\\Google\\Update\\1.3.21.135\\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\\Software\\MozillaPlugins\\@tools.google.com/Google Update;version=9: C:\\Program Files (x86)\\Google\\Update\\1.3.21.135\\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\\Software\\MozillaPlugins\\@veetle.com/vbp;version=0.9.17: C:\\Program Files (x86)\\Veetle\\VLCBroadcast\\npvbp.dll (Veetle Inc)
FF - HKLM\\Software\\MozillaPlugins\\@veetle.com/veetleCorePlugin,version=0.9.18: C:\\Program Files (x86)\\Veetle\\plugins\\npVeetle.dll (Veetle Inc)
FF - HKLM\\Software\\MozillaPlugins\\@veetle.com/veetlePlayerPlugin,version=0.9.18: C:\\Program Files (x86)\\Veetle\\Player\\npvlc.dll (Veetle Inc)
FF - HKLM\\Software\\MozillaPlugins\\Adobe Reader: C:\\Program Files (x86)\\Adobe\\Reader 9.0\\Reader\\AIR\\nppdf32.dll (Adobe Systems Inc.)
FF - HKCU\\Software\\MozillaPlugins\\@Skype Limited.com/Facebook Video Calling Plugin: C:\\Users\\Will\\AppData\\Local\\Facebook\\Video\\Skype\\npFacebookVideoCalling.dll File not found
FF - HKCU\\Software\\MozillaPlugins\\@tools.google.com/Google Update;version=3: C:\\Users\\Will\\AppData\\Local\\Google\\Update\\1.3.21.53\\npGoogleUpdate3.dll (Google Inc.)
FF - HKCU\\Software\\MozillaPlugins\\@tools.google.com/Google Update;version=9: C:\\Users\\Will\\AppData\\Local\\Google\\Update\\1.3.21.53\\npGoogleUpdate3.dll (Google Inc.)
FF - HKCU\\Software\\MozillaPlugins\\@unity3d.com/UnityPlayer,version=1.0: C:\\Users\\Will\\AppData\\LocalLow\\Unity\\WebPlayer\\loader\\npUnity3D32.dll (Unity Technologies ApS)
FF - HKCU\\Software\\MozillaPlugins\\electronicarts.com/GameFacePlugin: C:\\Users\\Will\\AppData\\Roaming\\Electronic Arts\\Game Face\\npGameFacePlugin.dll (Electronic Arts)
FF - HKEY_LOCAL_MACHINE\\software\\mozilla\\Firefox\\Extensions\\\\
[email protected]: C:\\Program Files\\Alwil Software\\Avast5\\WebRep\\FF [2013/04/11 23:21:02 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\\software\\mozilla\\Mozilla Firefox 10.0.2\\extensions\\\\Components: C:\\Program Files (x86)\\Mozilla Firefox\\components [2012/11/29 22:11:08 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\\software\\mozilla\\Mozilla Firefox 10.0.2\\extensions\\\\Plugins: C:\\Program Files (x86)\\Mozilla Firefox\\plugins [2013/04/13 20:31:29 | 000,000,000 | ---D | M]
[2010/03/12 17:35:58 | 000,000,000 | ---D | M] (No name found) -- C:\\Users\\Will\\AppData\\Roaming\\Mozilla\\Extensions
[2010/03/12 17:35:58 | 000,000,000 | ---D | M] (No name found) -- C:\\Users\\Will\\AppData\\Roaming\\Mozilla\\Extensions\\
[email protected][2013/03/25 01:48:20 | 000,000,000 | ---D | M] (No name found) -- C:\\Users\\Will\\AppData\\Roaming\\Mozilla\\Firefox\\Profiles\\8c1x68tq.default\\extensions
[2012/12/03 14:56:56 | 000,000,000 | ---D | M] (Garmin Communicator) -- C:\\Users\\Will\\AppData\\Roaming\\Mozilla\\Firefox\\Profiles\\8c1x68tq.default\\extensions\\{195A3098-0BD5-4e90-AE22-BA1C540AFD1E}
[2013/03/25 01:48:20 | 000,000,000 | ---D | M] (Yahoo! Toolbar) -- C:\\Users\\Will\\AppData\\Roaming\\Mozilla\\Firefox\\Profiles\\8c1x68tq.default\\extensions\\{635abd67-4fe9-1b23-4f01-e679fa7484c1}
[2011/04/03 00:43:59 | 000,000,000 | ---D | M] (\"Wolfram Toolbar\") -- C:\\Users\\Will\\AppData\\Roaming\\Mozilla\\Firefox\\Profiles\\8c1x68tq.default\\extensions\\
[email protected][2013/03/17 00:40:42 | 000,275,665 | ---- | M] () (No name found) -- C:\\Users\\Will\\AppData\\Roaming\\Mozilla\\Firefox\\Profiles\\8c1x68tq.default\\extensions\\
[email protected][2012/12/30 14:40:50 | 000,005,886 | ---- | M] () (No name found) -- C:\\Users\\Will\\AppData\\Roaming\\Mozilla\\Firefox\\Profiles\\8c1x68tq.default\\extensions\\
[email protected][2013/03/11 11:26:43 | 000,554,915 | ---- | M] () (No name found) -- C:\\Users\\Will\\AppData\\Roaming\\Mozilla\\Firefox\\Profiles\\8c1x68tq.default\\extensions\\{678881e1-5812-e8d4-c5b3-5902ec5dbf68}.xpi
[2011/01/02 04:39:50 | 000,001,832 | ---- | M] () -- C:\\Users\\Will\\AppData\\Roaming\\Mozilla\\Firefox\\Profiles\\8c1x68tq.default\\searchplugins\\bing.xml
[2011/11/10 16:40:30 | 000,000,000 | ---D | M] (No name found) -- C:\\Program Files (x86)\\Mozilla Firefox\\extensions
[2011/10/09 22:16:14 | 000,000,000 | ---D | M] (Skype Click to Call) -- C:\\Program Files (x86)\\Mozilla Firefox\\extensions\\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}
[2011/09/08 10:42:59 | 000,000,000 | ---D | M] (No name found) -- C:\\Program Files (x86)\\Mozilla Firefox\\extensions\\{AB2CE124-6272-4b12-94A9-7303C7397BD1}
[2012/02/18 12:31:28 | 000,134,104 | ---- | M] (Mozilla Foundation) -- C:\\Program Files (x86)\\mozilla firefox\\components\\browsercomps.dll
[2011/05/04 04:52:23 | 000,476,904 | ---- | M] (Sun Microsystems, Inc.) -- C:\\Program Files (x86)\\mozilla firefox\\plugins\\npdeployJava1.dll
[2012/02/13 03:21:58 | 000,002,252 | ---- | M] () -- C:\\Program Files (x86)\\mozilla firefox\\searchplugins\\bing.xml
[2012/02/13 03:21:58 | 000,002,040 | ---- | M] () -- C:\\Program Files (x86)\\mozilla firefox\\searchplugins\\twitter.xml
========== Chrome ==========
CHR - default_search_provider: Google (Enabled)
CHR - default_search_provider: search_url = {google:baseURL}search?q={searchTerms}&{google:RLZ}{google:acceptedSuggestion}{google:originalQueryForSuggestion}{google:assistedQueryStats}{google:searchFieldtrialParameter}{google:searchClient}{google:sourceId}{google:instantExtendedEnabledParameter}ie={inputEncoding}
CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client=chrome&q={searchTerms}&{google:cursorPosition}sugkey={google:suggestAPIKeyParameter}
CHR - plugin: Shockwave Flash (Enabled) = C:\\Program Files (x86)\\Google\\Chrome\\Application\\26.0.1410.64\\PepperFlash\\pepflashplayer.dll
CHR - plugin: Chrome Remote Desktop Viewer (Enabled) = internal-remoting-viewer
CHR - plugin: Native Client (Enabled) = C:\\Program Files (x86)\\Google\\Chrome\\Application\\26.0.1410.64\\ppGoogleNaClPluginChrome.dll
CHR - plugin: Chrome PDF Viewer (Enabled) = C:\\Program Files (x86)\\Google\\Chrome\\Application\\26.0.1410.64\\pdf.dll
CHR - plugin: Adobe Acrobat (Enabled) = C:\\Program Files (x86)\\Adobe\\Reader 9.0\\Reader\\Browser\\nppdf32.dll
CHR - plugin: Java Deployment Toolkit 6.0.260.3 (Enabled) = C:\\Program Files (x86)\\Java\\jre6\\bin\\new_plugin\\npdeployJava1.dll
CHR - plugin: Java(TM) Platform SE 6 U26 (Enabled) = C:\\Program Files (x86)\\Java\\jre6\\bin\\new_plugin\\npjp2.dll
CHR - plugin: downloadUpdater (Enabled) = C:\\Program Files (x86)\\Mozilla Firefox\\plugins\\npdnu.dll
CHR - plugin: downloadUpdater2 (Enabled) = C:\\Program Files (x86)\\Mozilla Firefox\\plugins\\npdnupdater2.dll
CHR - plugin: QuickTime Plug-in 7.7.3 (Enabled) = C:\\Program Files (x86)\\Mozilla Firefox\\plugins\\npqtplugin.dll
CHR - plugin: QuickTime Plug-in 7.7.3 (Enabled) = C:\\Program Files (x86)\\Mozilla Firefox\\plugins\\npqtplugin2.dll
CHR - plugin: QuickTime Plug-in 7.7.3 (Enabled) = C:\\Program Files (x86)\\Mozilla Firefox\\plugins\\npqtplugin3.dll
CHR - plugin: QuickTime Plug-in 7.7.3 (Enabled) = C:\\Program Files (x86)\\Mozilla Firefox\\plugins\\npqtplugin4.dll
CHR - plugin: QuickTime Plug-in 7.7.3 (Enabled) = C:\\Program Files (x86)\\Mozilla Firefox\\plugins\\npqtplugin5.dll
CHR - plugin: QuickTime Plug-in 7.7.3 (Enabled) = C:\\Program Files (x86)\\Mozilla Firefox\\plugins\\npqtplugin6.dll
CHR - plugin: QuickTime Plug-in 7.7.3 (Enabled) = C:\\Program Files (x86)\\Mozilla Firefox\\plugins\\npqtplugin7.dll
CHR - plugin: Microsoft Office 2010 (Enabled) = C:\\PROGRA~2\\MICROS~1\\Office14\\NPAUTHZ.DLL
CHR - plugin: Microsoft Office 2010 (Enabled) = C:\\PROGRA~2\\MICROS~1\\Office14\\NPSPWRAP.DLL
CHR - plugin: Google Updater (Enabled) = C:\\Program Files (x86)\\Google\\Google Updater\\2.4.2432.1652\\npCIDetect14.dll
CHR - plugin: Google Update (Enabled) = C:\\Program Files (x86)\\Google\\Update\\1.3.21.123\\npGoogleUpdate3.dll
CHR - plugin: Silverlight Plug-In (Enabled) = C:\\Program Files (x86)\\Microsoft Silverlight\\4.1.10329.0\\npctrl.dll
CHR - plugin: Veetle TV Player (Enabled) = C:\\Program Files (x86)\\Veetle\\Player\\npvlc.dll
CHR - plugin: Veetle Broadcaster Plugin (Enabled) = C:\\Program Files (x86)\\Veetle\\VLCBroadcast\\npvbp.dll
CHR - plugin: Veetle TV Core (Enabled) = C:\\Program Files (x86)\\Veetle\\plugins\\npVeetle.dll
CHR - plugin: Windows Live Photo Gallery (Enabled) = C:\\Program Files (x86)\\Windows Live\\Photo Gallery\\NPWLPG.dll
CHR - plugin: iTunes Application Detector (Enabled) = C:\\Program Files (x86)\\iTunes\\Mozilla Plugins\\npitunes.dll
CHR - plugin: Unity Player (Enabled) = C:\\Users\\Will\\AppData\\LocalLow\\Unity\\WebPlayer\\loader\\npUnity3D32.dll
CHR - plugin: Facebook Video Calling Plugin (Enabled) = C:\\Users\\Will\\AppData\\Local\\Facebook\\Video\\Skype\\npFacebookVideoCalling.dll
CHR - plugin: Game Face Plugin (Enabled) = C:\\Users\\Will\\AppData\\Roaming\\Electronic Arts\\Game Face\\npGameFacePlugin.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\\Windows\\SysWOW64\\Macromed\\Flash\\NPSWF32_11_5_502_135.dll
CHR - plugin: Shockwave for Director (Enabled) = C:\\Windows\\system32\\Adobe\\Director\\np32dsw.dll
CHR - Extension: DoNotTrackMe = C:\\Users\\Will\\AppData\\Local\\Google\\Chrome\\User Data\\Default\\Extensions\\epanfjkfahimkgomnigadpkobaefekcd\\2.2.8.109_0\\
CHR - Extension: avast! WebRep = C:\\Users\\Will\\AppData\\Local\\Google\\Chrome\\User Data\\Default\\Extensions\\icmlaeflemplmjndnaapfdbbnpncnbda\\7.0.1474_0\\
O1 HOSTS File: ([2013/01/17 15:02:00 | 000,445,878 | R--- | M]) - C:\\Windows\\SysNative\\drivers\\etc\\hosts
O1 - Hosts: 127.0.0.1 www.007guard.com
O1 - Hosts: 127.0.0.1 007guard.com
O1 - Hosts: 127.0.0.1 008i.com
O1 - Hosts: 127.0.0.1 www.008k.com
O1 - Hosts: 127.0.0.1 008k.com
O1 - Hosts: 127.0.0.1 www.00hq.com
O1 - Hosts: 127.0.0.1 00hq.com
O1 - Hosts: 127.0.0.1 010402.com
O1 - Hosts: 127.0.0.1 www.032439.com
O1 - Hosts: 127.0.0.1 032439.com
O1 - Hosts: 127.0.0.1 www.0scan.com
O1 - Hosts: 127.0.0.1 0scan.com
O1 - Hosts: 127.0.0.1 www.1000gratisproben.com
O1 - Hosts: 127.0.0.1 1000gratisproben.com
O1 - Hosts: 127.0.0.1 www.1001namen.com
O1 - Hosts: 127.0.0.1 1001namen.com
O1 - Hosts: 127.0.0.1 www.100888290cs.com
O1 - Hosts: 127.0.0.1 100888290cs.com
O1 - Hosts: 127.0.0.1 www.100sexlinks.com
O1 - Hosts: 127.0.0.1 100sexlinks.com
O1 - Hosts: 127.0.0.1 10sek.com
O1 - Hosts: 127.0.0.1 www.10sek.com
O1 - Hosts: 127.0.0.1 1-2005-search.com
O1 - Hosts: 127.0.0.1 www.1-2005-search.com
O1 - Hosts: 127.0.0.1 123fporn.info
O1 - Hosts: 15309 more lines...
O2:64bit: - BHO: (avast! WebRep) - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - C:\\Program Files\\Alwil Software\\Avast5\\aswWebRepIE64.dll (AVAST Software)
O2:64bit: - BHO: (Google Toolbar Helper) - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\\Program Files (x86)\\Google\\Google Toolbar\\GoogleToolbar_64.dll (Google Inc.)
O2:64bit: - BHO: (Google Toolbar Notifier BHO) - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\\Program Files\\Google\\GoogleToolbarNotifier\\5.7.8313.1002\\swg64.dll (Google Inc.)
O2 - BHO: (Shop to Win) - {284171A7-2F20-7504-35E0-E1B6810714B8} - C:\\Program Files (x86)\\Shop to Win 31\\Shop to Win 31.dll (Shop To Win, LLC)
O2 - BHO: (Spybot-S&D IE Protection) - {53707962-6F74-2D53-2644-206D7942484F} - C:\\Program Files (x86)\\Spybot - Search & Destroy\\SDHelper.dll (Safer Networking Limited)
O2 - BHO: (PlusIEEventHelper Class) - {551A852F-39A6-44A7-9C13-AFBEC9185A9D} - C:\\Program Files (x86)\\Nuance\\PDF Viewer Plus\\bin\\PlusIEContextMenu.dll (Zeon Corporation)
O2 - BHO: (avast! WebRep) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\\Program Files\\Alwil Software\\Avast5\\aswWebRepIE.dll (AVAST Software)
O2 - BHO: (Google Toolbar Notifier BHO) - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\\Program Files (x86)\\Google\\GoogleToolbarNotifier\\5.7.8313.1002\\swg.dll (Google Inc.)
O2 - BHO: (SingleInstance Class) - {FDAD4DA1-61A2-4FD8-9C17-86F7AC245081} - C:\\Program Files (x86)\\Yahoo!\\Companion\\Installs\\cpn2\\YTSingleInstance.dll (Yahoo! Inc)
O3:64bit: - HKLM\\..\\Toolbar: (Google Toolbar) - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\\Program Files (x86)\\Google\\Google Toolbar\\GoogleToolbar_64.dll (Google Inc.)
O3:64bit: - HKLM\\..\\Toolbar: (avast! WebRep) - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - C:\\Program Files\\Alwil Software\\Avast5\\aswWebRepIE64.dll (AVAST Software)
O3:64bit: - HKLM\\..\\Toolbar: (no name) - Locked - No CLSID value found.
O3 - HKLM\\..\\Toolbar: (avast! WebRep) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\\Program Files\\Alwil Software\\Avast5\\aswWebRepIE.dll (AVAST Software)
O3 - HKLM\\..\\Toolbar: (no name) - Locked - No CLSID value found.
O3:64bit: - HKCU\\..\\Toolbar\\WebBrowser: (Google Toolbar) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\\Program Files (x86)\\Google\\Google Toolbar\\GoogleToolbar_64.dll (Google Inc.)
O4:64bit: - HKLM..\\Run: [Acer ePower Management] C:\\Program Files\\Gateway\\Gateway Power Management\\ePowerTray.exe (Acer Incorporated)
O4:64bit: - HKLM..\\Run: [HotKeysCmds] C:\\Windows\\SysNative\\hkcmd.exe (Intel Corporation)
O4:64bit: - HKLM..\\Run: [IgfxTray] C:\\Windows\\SysNative\\igfxtray.exe (Intel Corporation)
O4:64bit: - HKLM..\\Run: [Persistence] C:\\Windows\\SysNative\\igfxpers.exe (Intel Corporation)
O4:64bit: - HKLM..\\Run: [RtHDVCpl] C:\\Program Files\\Realtek\\Audio\\HDA\\RAVCpl64.exe (Realtek Semiconductor)
O4 - HKLM..\\Run: [] File not found
O4 - HKLM..\\Run: [AdobeCS4ServiceManager] C:\\Program Files (x86)\\Common Files\\Adobe\\CS4ServiceManager\\CS4ServiceManager.exe (Adobe Systems Incorporated)
O4 - HKLM..\\Run: [APSDaemon] C:\\Program Files (x86)\\Common Files\\Apple\\Apple Application Support\\APSDaemon.exe (Apple Inc.)
O4 - HKLM..\\Run: [avast] C:\\Program Files\\Alwil Software\\Avast5\\avastUI.exe (AVAST Software)
O4 - HKLM..\\Run: [BrStsMon00] C:\\Program Files (x86)\\Browny02\\Brother\\BrStMonW.exe (Brother Industries, Ltd.)
O4 - HKLM..\\Run: [Camera Assistant Software] C:\\Program Files (x86)\\Video Web Camera\\traybar.exe (Chicony)
O4 - HKLM..\\Run: [CLMLServer] C:\\Program Files (x86)\\CyberLink\\Power2Go\\CLMLSvc.exe (CyberLink)
O4 - HKLM..\\Run: [ControlCenter4] C:\\Program Files (x86)\\ControlCenter4\\BrCcBoot.exe (Brother Industries, Ltd.)
O4 - HKLM..\\Run: [Garmin Lifetime Updater] C:\\Program Files (x86)\\Garmin\\Lifetime Updater\\GarminLifetime.exe (Garmin)
O4 - HKLM..\\Run: [IndexSearch] C:\\Program Files (x86)\\Nuance\\PaperPort\\IndexSearch.exe (Nuance Communications, Inc.)
O4 - HKLM..\\Run: [PaperPort PTD] C:\\Program Files (x86)\\Nuance\\PaperPort\\pptd40nt.exe (Nuance Communications, Inc.)
O4 - HKLM..\\Run: [PDF5 Registry Controller] C:\\Program Files (x86)\\Nuance\\PDF Viewer Plus\\RegistryController.exe (Nuance Communications, Inc.)
O4 - HKLM..\\Run: [PDFHook] C:\\Program Files (x86)\\Nuance\\PDF Viewer Plus\\pdfPro5Hook.exe (Nuance Communications, Inc.)
O4 - HKLM..\\Run: [PDVD8LanguageShortcut] C:\\Program Files (x86)\\CyberLink\\PowerDVD8\\Language\\Language.exe (CyberLink Corp.)
O4 - HKLM..\\Run: [PMBVolumeWatcher] C:\\Program Files (x86)\\Sony\\PMB\\PMBVolumeWatcher.exe (Sony Corporation)
O4 - HKLM..\\Run: [PPort12reminder] C:\\Program Files (x86)\\Nuance\\PaperPort\\Ereg\\Ereg.exe (Nuance Communications, Inc.)
O4 - HKCU..\\Run: [DW7] C:\\Program Files (x86)\\The Weather Channel\\The Weather Channel App\\TWCApp.exe (The Weather Channel)
O4 - HKCU..\\Run: [Facebook Update] \"C:\\Users\\Will\\AppData\\Local\\Facebook\\Update\\FacebookUpdate.exe\" /c /nocrashserver File not found
O4 - HKCU..\\Run: [ISUSPM] C:\\ProgramData\\FLEXnet\\Connect\\11\\ISUSPM.exe (Acresso Corporation)
O6 - HKLM\\SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\policies\\Explorer: NoActiveDesktop = 1
O6 - HKLM\\SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\policies\\Explorer: NoActiveDesktopChanges = 1
O6 - HKLM\\SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\policies\\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\\SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\policies\\System: ConsentPromptBehaviorUser = 3
O7 - HKCU\\SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\policies\\Explorer: NoDriveTypeAutoRun = 145
O8:64bit: - Extra context menu item: Save video on Savevid.com - C:\\Program Files (x86)\\Savevid\\redirect.htm ()
O8 - Extra context menu item: Save video on Savevid.com - C:\\Program Files (x86)\\Savevid\\redirect.htm ()
O9 - Extra \'Tools\' menuitem : Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\\Program Files (x86)\\Spybot - Search & Destroy\\SDHelper.dll (Safer Networking Limited)
O10:64bit: - NameSpace_Catalog5\\Catalog_Entries64\\000000000007 [] - C:\\Program Files\\Bonjour\\mdnsNSP.dll (Apple Inc.)
O10 - NameSpace_Catalog5\\Catalog_Entries\\000000000007 [] - C:\\Program Files (x86)\\Bonjour\\mdnsNSP.dll (Apple Inc.)
O1364bit: - gopher Prefix: missing
O13 - gopher Prefix: missing
O17 - HKLM\\System\\CCS\\Services\\Tcpip\\Parameters: DhcpNameServer = 192.168.1.1
O17 - HKLM\\System\\CCS\\Services\\Tcpip\\Parameters\\Interfaces\\{00BC4D36-12D6-4016-8BC0-DB5C01069066}: DhcpNameServer = 192.168.1.1
O17 - HKLM\\System\\CCS\\Services\\Tcpip\\Parameters\\Interfaces\\{00BC4D36-12D6-4016-8BC0-DB5C01069066}: NameServer = 208.67.222.222,208.67.220.220
O17 - HKLM\\System\\CCS\\Services\\Tcpip\\Parameters\\Interfaces\\{3684E32D-4846-436A-B1F8-95238FCB0EFA}: DhcpNameServer = 168.95.1.1
O18:64bit: - Protocol\\Handler\\livecall - No CLSID value found
O18:64bit: - Protocol\\Handler\\ms-help - No CLSID value found
O18:64bit: - Protocol\\Handler\\ms-itss - No CLSID value found
O18:64bit: - Protocol\\Handler\\msnim - No CLSID value found
O18:64bit: - Protocol\\Handler\\navnet - No CLSID value found
O18:64bit: - Protocol\\Handler\\skype4com - No CLSID value found
O18:64bit: - Protocol\\Handler\\wlmailhtml - No CLSID value found
O18:64bit: - Protocol\\Handler\\wlpg - No CLSID value found
O18 - Protocol\\Handler\\navnet {AD6E5643-7B0C-46AA-95AD-9773FF2A857A} - C:\\Program Files (x86)\\NavNetApp\\ComUtilities.dll (MH)
O18 - Protocol\\Handler\\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\\Program Files (x86)\\Common Files\\Skype\\Skype4COM.dll (Skype Technologies)
O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\\Windows\\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: UserInit - (C:\\Windows\\system32\\userinit.exe) - C:\\Windows\\SysNative\\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\\Windows\\SysWow64\\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\\Windows\\system32\\userinit.exe) - C:\\Windows\\SysWOW64\\userinit.exe (Microsoft Corporation)
O20:64bit: - Winlogon\\Notify\\igfxcui: DllName - (igfxdev.dll) - C:\\Windows\\SysNative\\igfxdev.dll (Intel Corporation)
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O32 - HKLM CDRom: AutoRun - 1
O33 - MountPoints2\\G\\Shell - \"\" = AutoRun
O33 - MountPoints2\\G\\Shell\\AutoRun\\command - \"\" = G:\\LaunchU3.exe -a
O34 - HKLM BootExecute: (autocheck autochk *)
O35:64bit: - HKLM\\..comfile [open] -- \"%1\" %*
O35:64bit: - HKLM\\..exefile [open] -- \"%1\" %*
O35 - HKLM\\..comfile [open] -- \"%1\" %*
O35 - HKLM\\..exefile [open] -- \"%1\" %*
O37:64bit: - HKLM\\...com [@ = comfile] -- \"%1\" %*
O37:64bit: - HKLM\\...exe [@ = exefile] -- \"%1\" %*
O37 - HKLM\\...com [@ = comfile] -- \"%1\" %*
O37 - HKLM\\...exe [@ = exefile] -- \"%1\" %*
O38 - SubSystems\\\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
O38 - SubSystems\\\\Windows: (ServerDll=sxssrv,4)
========== Files/Folders - Created Within 30 Days ==========
[2013/04/13 20:38:46 | 000,000,000 | R--D | C] -- C:\\Users\\Will\\AppData\\Roaming\\Microsoft\\Windows\\Start Menu\\Programs\\CyberLink PowerDVD 8
[2013/04/13 20:20:12 | 000,000,000 | ---D | C] -- C:\\_OTL
[2013/04/12 15:19:59 | 000,000,000 | ---D | C] -- C:\\Program Files (x86)\\Trend Micro
[2013/04/12 15:19:59 | 000,000,000 | ---D | C] -- C:\\Users\\Will\\AppData\\Roaming\\Microsoft\\Windows\\Start Menu\\Programs\\HiJackThis
[2013/04/05 20:57:06 | 000,000,000 | ---D | C] -- C:\\Users\\Will\\AppData\\Local\\ElevatedDiagnostics
[2010/03/15 15:38:39 | 000,082,816 | ---- | C] (VSO Software) -- C:\\Users\\Will\\AppData\\Roaming\\pcouffin.sys
[2 C:\\Users\\Will\\Documents\\*.tmp files -> C:\\Users\\Will\\Documents\\*.tmp -> ]
[1 C:\\Users\\Will\\Desktop\\*.tmp files -> C:\\Users\\Will\\Desktop\\*.tmp -> ]
========== Files - Modified Within 30 Days ==========
[2013/04/13 20:47:33 | 000,009,920 | -H-- | M] () -- C:\\Windows\\SysNative\\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2013/04/13 20:47:33 | 000,009,920 | -H-- | M] () -- C:\\Windows\\SysNative\\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2013/04/13 20:42:00 | 000,000,830 | ---- | M] () -- C:\\Windows\\tasks\\Adobe Flash Player Updater.job
[2013/04/13 20:39:43 | 000,000,894 | ---- | M] () -- C:\\Windows\\tasks\\GoogleUpdateTaskMachineCore.job
[2013/04/13 20:38:20 | 000,067,584 | --S- | M] () -- C:\\Windows\\bootstat.dat
[2013/04/13 20:38:11 | 3166,158,848 | -HS- | M] () -- C:\\hiberfil.sys
[2013/04/13 20:34:30 | 000,000,898 | ---- | M] () -- C:\\Windows\\tasks\\GoogleUpdateTaskMachineUA.job
[2013/04/13 20:21:00 | 000,000,904 | ---- | M] () -- C:\\Windows\\tasks\\G
Please do the following
Temporarily disable your AnitVirus software so it won\'t interfere with the next step
Download ComboFix from the following location
[color=\"#0000FF\"]Link 1[/color]
Save it ONLY to your Desktop
--------------------------------------------------------------------
[color=\"#2E8B57\"]Temporarily Disable your AntiVirus/AntiSpyware applications, usually via a right click on the System Tray icon. They may otherwise interfere with this tool
[/color]
- Double click on ComboFix.exe & follow the prompts.
When finished, it shall produce a log for you. Please include the C:\\ComboFix.txt in your next reply
NOTE: Do not mouseclick inside ComboFix window as it\'s running, it may cause it to stall
ComboFix will/may run again on startup, it will prompt that it\'s creating a log
This process could take up to 10 minutes, let it run uninterrupted please
ComboFix:
ComboFix 13-04-14.01 - Will 04/14/2013 19:25:35.1.2 - x64
Microsoft Windows 7 Home Premium 6.1.7601.1.1252.1.1033.18.4026.1531 [GMT -7:00]
Running from: c:\\users\\Will\\Desktop\\ComboFix.exe
AV: avast! Antivirus *Disabled/Updated* {2B2D1395-420B-D5C9-657E-930FE358FC3C}
SP: avast! Antivirus *Disabled/Updated* {904CF271-6431-DA47-5FCE-A87D98DFB681}
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\\users\\Will\\AppData\\Roaming\\inst.exe
c:\\users\\Will\\Documents\\~WRL0005.tmp
c:\\users\\Will\\Documents\\~WRL2354.tmp
c:\\windows\\wininit.ini
.
.
((((((((((((((((((((((((( Files Created from 2013-03-15 to 2013-04-15 )))))))))))))))))))))))))))))))
.
.
2013-04-15 02:44 . 2013-04-15 02:44 -------- d-----w- c:\\users\\Mcx1-WILL-PC.Will-PC\\AppData\\Local\\temp
2013-04-15 02:44 . 2013-04-15 02:44 -------- d-----w- c:\\users\\Default\\AppData\\Local\\temp
2013-04-14 10:56 . 2013-04-15 02:30 76232 ----a-w- c:\\programdata\\Microsoft\\Windows Defender\\Definition Updates\\{696A7574-F116-41F9-952E-183CD8665039}\\offreg.dll
2013-04-14 03:20 . 2013-04-14 03:20 -------- d-----w- C:\\_OTL
2013-04-12 22:19 . 2013-04-12 22:19 388096 ----a-r- c:\\users\\Will\\AppData\\Roaming\\Microsoft\\Installer\\{45A66726-69BC-466B-A7A4-12FCBA4883D7}\\HiJackThis.exe
2013-04-12 22:19 . 2013-04-12 22:19 -------- d-----w- c:\\program files (x86)\\Trend Micro
2013-04-12 06:32 . 2013-02-15 06:06 3717632 ----a-w- c:\\windows\\system32\\mstscax.dll
2013-04-12 06:32 . 2013-02-15 04:37 3217408 ----a-w- c:\\windows\\SysWow64\\mstscax.dll
2013-04-12 06:32 . 2013-02-15 06:02 158720 ----a-w- c:\\windows\\system32\\aaclient.dll
2013-04-12 06:32 . 2013-02-15 04:34 131584 ----a-w- c:\\windows\\SysWow64\\aaclient.dll
2013-04-12 06:32 . 2013-02-15 06:08 44032 ----a-w- c:\\windows\\system32\\tsgqec.dll
2013-04-12 06:32 . 2013-02-15 03:25 36864 ----a-w- c:\\windows\\SysWow64\\tsgqec.dll
2013-04-12 06:30 . 2013-01-24 06:01 223752 ----a-w- c:\\windows\\system32\\drivers\\fvevol.sys
2013-04-12 06:30 . 2013-03-19 06:04 5550424 ----a-w- c:\\windows\\system32\\ntoskrnl.exe
2013-04-12 06:30 . 2013-03-19 05:04 3968856 ----a-w- c:\\windows\\SysWow64\\ntkrnlpa.exe
2013-04-12 06:30 . 2013-03-19 05:04 3913560 ----a-w- c:\\windows\\SysWow64\\ntoskrnl.exe
2013-04-12 06:30 . 2013-03-19 03:06 112640 ----a-w- c:\\windows\\system32\\smss.exe
2013-04-12 06:30 . 2013-03-19 05:46 43520 ----a-w- c:\\windows\\system32\\csrsrv.dll
2013-04-12 06:30 . 2013-03-19 04:47 6656 ----a-w- c:\\windows\\SysWow64\\apisetschema.dll
2013-04-06 03:57 . 2013-04-06 03:57 -------- d-----w- c:\\users\\Will\\AppData\\Local\\ElevatedDiagnostics
2013-03-26 00:54 . 2013-02-12 04:12 19968 ----a-w- c:\\windows\\system32\\drivers\\usb8023x.sys
2013-03-26 00:54 . 2013-02-12 04:12 19968 ----a-w- c:\\windows\\system32\\drivers\\usb8023.sys
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2013-04-12 10:02 . 2010-03-12 23:23 72702784 ----a-w- c:\\windows\\system32\\MRT.exe
2013-03-12 21:42 . 2012-06-16 04:21 693976 ----a-w- c:\\windows\\SysWow64\\FlashPlayerApp.exe
2013-03-12 21:42 . 2011-06-06 15:20 73432 ----a-w- c:\\windows\\SysWow64\\FlashPlayerCPLApp.cpl
2013-03-12 08:10 . 2010-03-12 23:22 282744 ------w- c:\\windows\\system32\\MpSigStub.exe
2013-02-12 05:45 . 2013-03-13 21:57 135168 ----a-w- c:\\windows\\apppatch\\AppPatch64\\AcXtrnal.dll
2013-02-12 05:45 . 2013-03-13 21:57 308736 ----a-w- c:\\windows\\apppatch\\AppPatch64\\AcGenral.dll
2013-02-12 05:45 . 2013-03-13 21:57 111104 ----a-w- c:\\windows\\apppatch\\AppPatch64\\acspecfc.dll
2013-02-12 05:45 . 2013-03-13 21:57 350208 ----a-w- c:\\windows\\apppatch\\AppPatch64\\AcLayers.dll
2013-02-12 04:48 . 2013-03-13 21:57 474112 ----a-w- c:\\windows\\apppatch\\AcSpecfc.dll
2013-02-12 04:48 . 2013-03-13 21:57 2176512 ----a-w- c:\\windows\\apppatch\\AcGenral.dll
.
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4
.
[HKEY_LOCAL_MACHINE\\SOFTWARE\\Wow6432Node\\~\\Browser Helper Objects\\{284171A7-2F20-7504-35E0-E1B6810714B8}]
2012-08-29 19:39 14432 ----a-w- c:\\program files (x86)\\Shop to Win 31\\Shop to Win 31.dll
.
[HKEY_CURRENT_USER\\SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run]
\"DW7\"=\"c:\\program files (x86)\\The Weather Channel\\The Weather Channel App\\TWCApp.exe\" [2013-02-08 13102080]
\"swg\"=\"c:\\program files (x86)\\Google\\GoogleToolbarNotifier\\GoogleToolbarNotifier.exe\" [2009-08-28 39408]
\"ISUSPM\"=\"c:\\programdata\\FLEXnet\\Connect\\11\\ISUSPM.exe\" [2009-05-05 222496]
.
[HKEY_LOCAL_MACHINE\\SOFTWARE\\Wow6432Node\\Microsoft\\Windows\\CurrentVersion\\Run]
\"Adobe Reader Speed Launcher\"=\"c:\\program files (x86)\\Adobe\\Reader 9.0\\Reader\\Reader_sl.exe\" [2012-07-31 38872]
\"PDVD8LanguageShortcut\"=\"c:\\program files (x86)\\CyberLink\\PowerDVD8\\Language\\Language.exe\" [2009-04-16 50472]
\"Camera Assistant Software\"=\"c:\\program files (x86)\\Video Web Camera\\traybar.exe\" [2009-07-15 630784]
\"CLMLServer\"=\"c:\\program files (x86)\\CyberLink\\Power2Go\\CLMLSvc.exe\" [2009-06-04 103720]
\"AdobeCS4ServiceManager\"=\"c:\\program files (x86)\\Common Files\\Adobe\\CS4ServiceManager\\CS4ServiceManager.exe\" [2010-06-30 611712]
\"Adobe ARM\"=\"c:\\program files (x86)\\Common Files\\Adobe\\ARM\\1.0\\AdobeARM.exe\" [2012-07-11 919008]
\"BCSSync\"=\"c:\\program files (x86)\\Microsoft Office\\Office14\\BCSSync.exe\" [2010-01-22 91520]
\"PMBVolumeWatcher\"=\"c:\\program files (x86)\\Sony\\PMB\\PMBVolumeWatcher.exe\" [2011-08-25 651832]
\"avast\"=\"c:\\program files\\Alwil Software\\Avast5\\avastUI.exe\" [2012-10-30 4297136]
\"APSDaemon\"=\"c:\\program files (x86)\\Common Files\\Apple\\Apple Application Support\\APSDaemon.exe\" [2013-01-28 59720]
\"Garmin Lifetime Updater\"=\"c:\\program files (x86)\\Garmin\\Lifetime Updater\\GarminLifetime.exe\" [2012-06-04 1466760]
\"IndexSearch\"=\"c:\\program files (x86)\\Nuance\\PaperPort\\IndexSearch.exe\" [2010-03-09 46368]
\"PaperPort PTD\"=\"c:\\program files (x86)\\Nuance\\PaperPort\\pptd40nt.exe\" [2010-03-09 29984]
\"PPort12reminder\"=\"c:\\program files (x86)\\Nuance\\PaperPort\\Ereg\\Ereg.exe\" [2010-02-09 328992]
\"PDFHook\"=\"c:\\program files (x86)\\Nuance\\PDF Viewer Plus\\pdfpro5hook.exe\" [2010-03-06 636192]
\"PDF5 Registry Controller\"=\"c:\\program files (x86)\\Nuance\\PDF Viewer Plus\\RegistryController.exe\" [2010-03-06 62752]
\"ControlCenter4\"=\"c:\\program files (x86)\\ControlCenter4\\BrCcBoot.exe\" [2011-04-21 139264]
\"BrStsMon00\"=\"c:\\program files (x86)\\Browny02\\Brother\\BrStMonW.exe\" [2011-05-19 2629632]
\"QuickTime Task\"=\"c:\\program files (x86)\\QuickTime\\QTTask.exe\" [2012-10-25 421888]
\"iTunesHelper\"=\"c:\\program files (x86)\\iTunes\\iTunesHelper.exe\" [2013-02-20 152392]
.
[HKEY_LOCAL_MACHINE\\software\\microsoft\\windows\\currentversion\\policies\\system]
\"ConsentPromptBehaviorAdmin\"= 5 (0x5)
\"ConsentPromptBehaviorUser\"= 3 (0x3)
\"EnableUIADesktopToggle\"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\\software\\wow6432node\\microsoft\\windows\\currentversion\\run-]
\"RemoteControl8\"=\"c:\\program files (x86)\\CyberLink\\PowerDVD8\\PDVD8Serv.exe\"
\"LManager\"=c:\\program files (x86)\\Launch Manager\\LManager.exe
\"BackupManagerTray\"=\"c:\\program files (x86)\\NewTech Infosystems\\Gateway MyBackup\\BackupManagerTray.exe\" -h -k
\"QuickTime Task\"=\"c:\\program files (x86)\\QuickTime\\QTTask.exe\" -atboottime
\"SunJavaUpdateSched\"=\"c:\\program files (x86)\\Common Files\\Java\\Java Update\\jusched.exe\"
.
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\\windows\\Microsoft.NET\\Framework64\\v4.0.30319\\mscorsvw.exe [2010-03-18 138576]
R2 HsfXAudioService;HsfXAudioService;c:\\windows\\system32\\svchost.exe [2009-07-14 27136]
R2 SkypeUpdate;Skype Updater;c:\\program files (x86)\\Skype\\Updater\\Updater.exe [2012-07-13 160944]
R3 dg_ssudbus;SAMSUNG Mobile USB Composite Device Driver (DEVGURU Ver.);c:\\windows\\system32\\DRIVERS\\ssudbus.sys [2012-05-11 99384]
R3 FLEXnet Licensing Service 64;FLEXnet Licensing Service 64;c:\\program files\\Common Files\\Macrovision Shared\\FLEXnet Publisher\\FNPLicensingService64.exe [2010-04-06 1038088]
R3 Gun;Gun;c:\\game\\SoftnyxGame\\GunBoundIS\\Gun64.sys [2011-09-25 45176]
R3 netw5v64;Intel(R) Wireless WiFi Link 5000 Series Adapter Driver for Windows Vista 64 Bit;c:\\windows\\system32\\DRIVERS\\netw5v64.sys [2009-05-14 5435904]
R3 RSUSBSTOR;RtsUStor.Sys Realtek USB Card Reader;c:\\windows\\system32\\Drivers\\RtsUStor.sys [2009-08-10 222208]
R3 SrvHsfHDA;SrvHsfHDA;c:\\windows\\system32\\DRIVERS\\VSTAZL6.SYS [2009-06-10 292864]
R3 SrvHsfV92;SrvHsfV92;c:\\windows\\system32\\DRIVERS\\VSTDPV6.SYS [2009-06-10 1485312]
R3 SrvHsfWinac;SrvHsfWinac;c:\\windows\\system32\\DRIVERS\\VSTCNXT6.SYS [2009-06-10 740864]
R3 ssudmdm;SAMSUNG Mobile USB Modem Drivers (DEVGURU Ver.);c:\\windows\\system32\\DRIVERS\\ssudmdm.sys [2012-05-11 203320]
R3 TsUsbFlt;TsUsbFlt;c:\\windows\\system32\\drivers\\tsusbflt.sys [2010-11-20 59392]
R3 USBAAPL64;Apple Mobile USB Driver;c:\\windows\\system32\\Drivers\\usbaapl64.sys [2012-12-13 54784]
R3 WatAdminSvc;Windows Activation Technologies Service;c:\\windows\\system32\\Wat\\WatAdminSvc.exe [2010-04-21 1255736]
S0 sptd;sptd;c:\\windows\\System32\\Drivers\\sptd.sys [2010-03-13 834544]
S2 Akamai;Akamai NetSession Interface;c:\\windows\\System32\\svchost.exe [2009-07-14 27136]
S2 aswMonFlt;aswMonFlt;c:\\windows\\system32\\drivers\\aswMonFlt.sys [2012-10-30 71600]
S2 ePowerSvc;Acer ePower Service;c:\\program files\\Gateway\\Gateway Power Management\\ePowerSvc.exe [2009-08-06 844320]
S2 Greg_Service;GRegService;c:\\program files (x86)\\Gateway\\Registration\\GregHSRW.exe [2009-06-04 1150496]
S2 MBAMScheduler;MBAMScheduler;c:\\program files (x86)\\Malwarebytes\' Anti-Malware\\mbamscheduler.exe [2012-12-15 398184]
S2 MBAMService;MBAMService;c:\\program files (x86)\\Malwarebytes\' Anti-Malware\\mbamservice.exe [2012-12-15 682344]
S2 NTI IScheduleSvc;NTI IScheduleSvc;c:\\program files (x86)\\NewTech Infosystems\\Gateway MyBackup\\IScheduleSvc.exe [2009-08-21 62720]
S2 PDFProFiltSrvPP;PDFProFiltSrvPP;c:\\program files (x86)\\Nuance\\PaperPort\\PDFProFiltSrvPP.exe [2010-03-09 144672]
S2 PMBDeviceInfoProvider;PMBDeviceInfoProvider;c:\\program files (x86)\\Sony\\PMB\\PMBDeviceInfoProvider.exe [2011-08-25 430136]
S2 SBSDWSCService;SBSD Security Center Service;c:\\program files (x86)\\Spybot - Search & Destroy\\SDWinSec.exe [2009-01-26 1153368]
S2 Updater Service;Updater Service;c:\\program files\\Gateway\\Gateway Updater\\UpdaterService.exe [2009-07-04 240160]
S3 BrYNSvc;BrYNSvc;c:\\program files (x86)\\Browny02\\BrYNSvc.exe [2010-01-25 245760]
S3 CAXHWAZL;CAXHWAZL;c:\\windows\\system32\\DRIVERS\\CAXHWAZL.sys [2009-02-12 292864]
S3 IntcHdmiAddService;Intel(R) High Definition Audio HDMI;c:\\windows\\system32\\drivers\\IntcHdmi.sys [2009-05-25 138752]
S3 k57nd60a;Broadcom NetLink (TM) Gigabit Ethernet - NDIS 6.0;c:\\windows\\system32\\DRIVERS\\k57nd60a.sys [2009-06-06 317480]
S3 MBAMProtector;MBAMProtector;c:\\windows\\system32\\drivers\\mbam.sys [2012-12-15 24176]
S3 NETw5s64;Intel(R) Wireless WiFi Link 5000 Series Adapter Driver for Windows 7 - 64 Bit;c:\\windows\\system32\\DRIVERS\\NETw5s64.sys [2010-01-13 7675392]
S3 pcouffin;VSO Software pcouffin;c:\\windows\\system32\\Drivers\\pcouffin.sys [2010-03-15 82816]
S3 WDC_SAM;WD SCSI Pass Thru driver;c:\\windows\\system32\\DRIVERS\\wdcsam64.sys [2008-05-06 14464]
S3 WSDScan;WSD Scan Support via UMB;c:\\windows\\system32\\DRIVERS\\WSDScan.sys [2009-07-14 25088]
.
.
[HKEY_LOCAL_MACHINE\\software\\wow6432node\\microsoft\\windows nt\\currentversion\\svchost]
Akamai REG_MULTI_SZ Akamai
.
[HKEY_LOCAL_MACHINE\\software\\wow6432node\\microsoft\\active setup\\installed components\\{8A69D345-D564-463c-AFF1-A69D9E530F96}]
2013-04-12 11:35 1642448 ----a-w- c:\\program files (x86)\\Google\\Chrome\\Application\\26.0.1410.64\\Installer\\chrmstp.exe
.
Contents of the \'Scheduled Tasks\' folder
.
2013-04-15 c:\\windows\\Tasks\\Adobe Flash Player Updater.job
- c:\\windows\\SysWOW64\\Macromed\\Flash\\FlashPlayerUpdateService.exe [2012-06-16 21:42]
.
2013-04-14 c:\\windows\\Tasks\\Google Software Updater.job
- c:\\program files (x86)\\Google\\Common\\Google Updater\\GoogleUpdaterService.exe [2009-08-28 10:29]
.
2013-04-15 c:\\windows\\Tasks\\GoogleUpdateTaskMachineCore.job
- c:\\program files (x86)\\Google\\Update\\GoogleUpdate.exe [2010-03-12 22:46]
.
2013-04-15 c:\\windows\\Tasks\\GoogleUpdateTaskMachineUA.job
- c:\\program files (x86)\\Google\\Update\\GoogleUpdate.exe [2010-03-12 22:46]
.
2013-04-14 c:\\windows\\Tasks\\GoogleUpdateTaskUserS-1-5-21-196960314-3850049543-1727019512-1000Core.job
- c:\\users\\Will\\AppData\\Local\\Google\\Update\\GoogleUpdate.exe [2010-03-12 22:46]
.
2013-04-15 c:\\windows\\Tasks\\GoogleUpdateTaskUserS-1-5-21-196960314-3850049543-1727019512-1000UA.job
- c:\\users\\Will\\AppData\\Local\\Google\\Update\\GoogleUpdate.exe [2010-03-12 22:46]
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINE\\software\\microsoft\\windows\\currentversion\\explorer\\shelliconoverlayidentifiers\\00avast]
@=\"{472083B0-C522-11CF-8763-00608CC02F24}\"
[HKEY_CLASSES_ROOT\\CLSID\\{472083B0-C522-11CF-8763-00608CC02F24}]
2012-10-30 22:50 133400 ----a-w- c:\\program files\\Alwil Software\\Avast5\\ashShA64.dll
.
[HKEY_LOCAL_MACHINE\\SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run]
\"RtHDVCpl\"=\"c:\\program files\\Realtek\\Audio\\HDA\\RAVCpl64.exe\" [2009-07-28 7982112]
\"Acer ePower Management\"=\"c:\\program files\\Gateway\\Gateway Power Management\\ePowerTray.exe\" [2009-08-06 828960]
\"IgfxTray\"=\"c:\\windows\\system32\\igfxtray.exe\" [2009-09-03 159232]
\"HotKeysCmds\"=\"c:\\windows\\system32\\hkcmd.exe\" [2009-09-03 380928]
\"Persistence\"=\"c:\\windows\\system32\\igfxpers.exe\" [2009-09-03 358912]
.
HKEY_LOCAL_MACHINE\\SOFTWARE\\Microsoft\\Windows NT\\CurrentVersion\\Svchost - LocalService
FontCache
.
------- Supplementary Scan -------
.
uStart Page = hxxp://www.google.com
uLocal Page = c:\\windows\\system32\\blank.htm
mDefault_Page_URL = hxxp://homepage.gateway.com/rdr.aspx?b=ACGW&l=0409&m=nv78&r=273603104515l0324z145a4812v23q
mStart Page = hxxp://homepage.gateway.com/rdr.aspx?b=ACGW&l=0409&m=nv78&r=273603104515l0324z145a4812v23q
mLocal Page = c:\\windows\\SysWOW64\\blank.htm
uInternet Settings,ProxyOverride = *.local;127.0.0.1:9421;<local>
IE: E&xport to Microsoft Excel - c:\\progra~2\\MICROS~1\\Office14\\EXCEL.EXE/3000
IE: Save video on Savevid.com - c:\\program files (x86)\\Savevid\\redirect.htm
IE: Se&nd to OneNote - c:\\progra~2\\MICROS~1\\Office14\\ONBttnIE.dll/105
TCP: DhcpNameServer = 192.168.1.1
TCP: Interfaces\\{00BC4D36-12D6-4016-8BC0-DB5C01069066}: NameServer = 208.67.222.222,208.67.220.220
TCP: Interfaces\\{00BC4D36-12D6-4016-8BC0-DB5C01069066}\\45F435142353: NameServer = 208.67.222.222,208.67.220.220
FF - ProfilePath - c:\\users\\Will\\AppData\\Roaming\\Mozilla\\Firefox\\Profiles\\8c1x68tq.default\\
FF - prefs.js: browser.search.defaulturl - hxxp://www.bing.com/search?FORM=WLETDF&PC=WLEM&q=
FF - prefs.js: browser.search.selectedEngine - Google
FF - prefs.js: browser.startup.homepage - hxxp://en-US.start3.mozilla.com/firefox?client=firefox-a&rls=org.mozilla:en-US:official
.
- - - - ORPHANS REMOVED - - - -
.
Toolbar-Locked - (no file)
Wow6432Node-HKCU-Run-Facebook Update - c:\\users\\Will\\AppData\\Local\\Facebook\\Update\\FacebookUpdate.exe
Wow6432Node-HKLM-Run-<NO NAME> - (no file)
Toolbar-Locked - (no file)
HKLM-Run-SynTPEnh - c:\\program files (x86)\\Synaptics\\SynTP\\SynTPEnh.exe
AddRemove-Adobe Shockwave Player - c:\\windows\\system32\\Adobe\\Shockwave 11\\uninstaller.exe
.
.
.
[HKEY_LOCAL_MACHINE\\system\\ControlSet001\\services\\Akamai]
\"ServiceDll\"=\"c:\\program files (x86)\\common files\\akamai/netsession_win_ca0e279.dll\"
.
--------------------- LOCKED REGISTRY KEYS ---------------------
.
[HKEY_USERS\\.Default\\Software\\Microsoft\\Windows\\CurrentVersion\\Explorer\\FileExts\\.htm\\UserChoice]
@Denied: (2) (LocalSystem)
\"Progid\"=\"ChromeHTML\"
.
[HKEY_USERS\\.Default\\Software\\Microsoft\\Windows\\CurrentVersion\\Explorer\\FileExts\\.html\\UserChoice]
@Denied: (2) (LocalSystem)
\"Progid\"=\"ChromeHTML\"
.
[HKEY_USERS\\.Default\\Software\\Microsoft\\Windows\\CurrentVersion\\Explorer\\FileExts\\.shtml\\UserChoice]
@Denied: (2) (LocalSystem)
\"Progid\"=\"ChromeHTML\"
.
[HKEY_USERS\\.Default\\Software\\Microsoft\\Windows\\CurrentVersion\\Explorer\\FileExts\\.xht\\UserChoice]
@Denied: (2) (LocalSystem)
\"Progid\"=\"ChromeHTML\"
.
[HKEY_USERS\\.Default\\Software\\Microsoft\\Windows\\CurrentVersion\\Explorer\\FileExts\\.xhtml\\UserChoice]
@Denied: (2) (LocalSystem)
\"Progid\"=\"ChromeHTML\"
.
[HKEY_USERS\\S-1-5-21-196960314-3850049543-1727019512-1000\\Software\\Microsoft\\Windows\\CurrentVersion\\Explorer\\FileExts\\.eml\\UserChoice]
@Denied: (2) (LocalSystem)
\"Progid\"=\"WindowsLiveMail.Email.1\"
.
[HKEY_USERS\\S-1-5-21-196960314-3850049543-1727019512-1000\\Software\\Microsoft\\Windows\\CurrentVersion\\Explorer\\FileExts\\.vcf\\UserChoice]
@Denied: (2) (LocalSystem)
\"Progid\"=\"WindowsLiveMail.VCard.1\"
.
[HKEY_LOCAL_MACHINE\\software\\Classes\\CLSID\\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@=\"FlashBroker\"
\"LocalizedString\"=\"@c:\\\\Windows\\\\system32\\\\Macromed\\\\Flash\\\\FlashUtil64_11_6_602_180_ActiveX.exe,-101\"
.
[HKEY_LOCAL_MACHINE\\software\\Classes\\CLSID\\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\\Elevation]
\"Enabled\"=dword:00000001
.
[HKEY_LOCAL_MACHINE\\software\\Classes\\CLSID\\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\\LocalServer32]
@=\"c:\\\\Windows\\\\system32\\\\Macromed\\\\Flash\\\\FlashUtil64_11_6_602_180_ActiveX.exe\"
.
[HKEY_LOCAL_MACHINE\\software\\Classes\\CLSID\\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\\TypeLib]
@=\"{FAB3E735-69C7-453B-A446-B6823C6DF1C9}\"
.
[HKEY_LOCAL_MACHINE\\software\\Classes\\Interface\\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@=\"IFlashBroker5\"
.
[HKEY_LOCAL_MACHINE\\software\\Classes\\Interface\\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\\ProxyStubClsid32]
@=\"{00020424-0000-0000-C000-000000000046}\"
.
[HKEY_LOCAL_MACHINE\\software\\Classes\\Interface\\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\\TypeLib]
@=\"{FAB3E735-69C7-453B-A446-B6823C6DF1C9}\"
\"Version\"=\"1.0\"
.
[HKEY_LOCAL_MACHINE\\software\\Classes\\Wow6432Node\\CLSID\\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@=\"FlashBroker\"
\"LocalizedString\"=\"@c:\\\\Windows\\\\SysWOW64\\\\Macromed\\\\Flash\\\\FlashUtil32_11_6_602_180_ActiveX.exe,-101\"
.
[HKEY_LOCAL_MACHINE\\software\\Classes\\Wow6432Node\\CLSID\\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\\Elevation]
\"Enabled\"=dword:00000001
.
[HKEY_LOCAL_MACHINE\\software\\Classes\\Wow6432Node\\CLSID\\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\\LocalServer32]
@=\"c:\\\\Windows\\\\SysWOW64\\\\Macromed\\\\Flash\\\\FlashUtil32_11_6_602_180_ActiveX.exe\"
.
[HKEY_LOCAL_MACHINE\\software\\Classes\\Wow6432Node\\CLSID\\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\\TypeLib]
@=\"{FAB3E735-69C7-453B-A446-B6823C6DF1C9}\"
.
[HKEY_LOCAL_MACHINE\\software\\Classes\\Wow6432Node\\CLSID\\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@=\"Shockwave Flash Object\"
.
[HKEY_LOCAL_MACHINE\\software\\Classes\\Wow6432Node\\CLSID\\{D27CDB6E-AE6D-11cf-96B8-444553540000}\\InprocServer32]
@=\"c:\\\\Windows\\\\SysWOW64\\\\Macromed\\\\Flash\\\\Flash32_11_6_602_180.ocx\"
\"ThreadingModel\"=\"Apartment\"
.
[HKEY_LOCAL_MACHINE\\software\\Classes\\Wow6432Node\\CLSID\\{D27CDB6E-AE6D-11cf-96B8-444553540000}\\MiscStatus]
@=\"0\"
.
[HKEY_LOCAL_MACHINE\\software\\Classes\\Wow6432Node\\CLSID\\{D27CDB6E-AE6D-11cf-96B8-444553540000}\\ProgID]
@=\"ShockwaveFlash.ShockwaveFlash.11\"
.
[HKEY_LOCAL_MACHINE\\software\\Classes\\Wow6432Node\\CLSID\\{D27CDB6E-AE6D-11cf-96B8-444553540000}\\ToolboxBitmap32]
@=\"c:\\\\Windows\\\\SysWOW64\\\\Macromed\\\\Flash\\\\Flash32_11_6_602_180.ocx, 1\"
.
[HKEY_LOCAL_MACHINE\\software\\Classes\\Wow6432Node\\CLSID\\{D27CDB6E-AE6D-11cf-96B8-444553540000}\\TypeLib]
@=\"{D27CDB6B-AE6D-11cf-96B8-444553540000}\"
.
[HKEY_LOCAL_MACHINE\\software\\Classes\\Wow6432Node\\CLSID\\{D27CDB6E-AE6D-11cf-96B8-444553540000}\\Version]
@=\"1.0\"
.
[HKEY_LOCAL_MACHINE\\software\\Classes\\Wow6432Node\\CLSID\\{D27CDB6E-AE6D-11cf-96B8-444553540000}\\VersionIndependentProgID]
@=\"ShockwaveFlash.ShockwaveFlash\"
.
[HKEY_LOCAL_MACHINE\\software\\Classes\\Wow6432Node\\CLSID\\{D27CDB70-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@=\"Macromedia Flash Factory Object\"
.
[HKEY_LOCAL_MACHINE\\software\\Classes\\Wow6432Node\\CLSID\\{D27CDB70-AE6D-11cf-96B8-444553540000}\\InprocServer32]
@=\"c:\\\\Windows\\\\SysWOW64\\\\Macromed\\\\Flash\\\\Flash32_11_6_602_180.ocx\"
\"ThreadingModel\"=\"Apartment\"
.
[HKEY_LOCAL_MACHINE\\software\\Classes\\Wow6432Node\\CLSID\\{D27CDB70-AE6D-11cf-96B8-444553540000}\\ProgID]
@=\"FlashFactory.FlashFactory.1\"
.
[HKEY_LOCAL_MACHINE\\software\\Classes\\Wow6432Node\\CLSID\\{D27CDB70-AE6D-11cf-96B8-444553540000}\\ToolboxBitmap32]
@=\"c:\\\\Windows\\\\SysWOW64\\\\Macromed\\\\Flash\\\\Flash32_11_6_602_180.ocx, 1\"
.
[HKEY_LOCAL_MACHINE\\software\\Classes\\Wow6432Node\\CLSID\\{D27CDB70-AE6D-11cf-96B8-444553540000}\\TypeLib]
@=\"{D27CDB6B-AE6D-11cf-96B8-444553540000}\"
.
[HKEY_LOCAL_MACHINE\\software\\Classes\\Wow6432Node\\CLSID\\{D27CDB70-AE6D-11cf-96B8-444553540000}\\Version]
@=\"1.0\"
.
[HKEY_LOCAL_MACHINE\\software\\Classes\\Wow6432Node\\CLSID\\{D27CDB70-AE6D-11cf-96B8-444553540000}\\VersionIndependentProgID]
@=\"FlashFactory.FlashFactory\"
.
[HKEY_LOCAL_MACHINE\\software\\Classes\\Wow6432Node\\Interface\\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@=\"IFlashBroker5\"
.
[HKEY_LOCAL_MACHINE\\software\\Classes\\Wow6432Node\\Interface\\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\\ProxyStubClsid32]
@=\"{00020424-0000-0000-C000-000000000046}\"
.
[HKEY_LOCAL_MACHINE\\software\\Classes\\Wow6432Node\\Interface\\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\\TypeLib]
@=\"{FAB3E735-69C7-453B-A446-B6823C6DF1C9}\"
\"Version\"=\"1.0\"
.
[HKEY_LOCAL_MACHINE\\software\\Wow6432Node\\Microsoft\\Office\\Common\\Smart Tag\\Actions\\{B7EFF951-E52F-45CC-9EF7-57124F2177CC}]
@Denied: (A) (Everyone)
\"Solution\"=\"{15727DE6-F92D-4E46-ACB4-0E2C58B31A18}\"
.
[HKEY_LOCAL_MACHINE\\software\\Wow6432Node\\Microsoft\\Schema Library\\ActionsPane3]
@Denied: (A) (Everyone)
.
[HKEY_LOCAL_MACHINE\\software\\Wow6432Node\\Microsoft\\Schema Library\\ActionsPane3\\0]
\"Key\"=\"ActionsPane3\"
\"Location\"=\"c:\\\\Program Files (x86)\\\\Common Files\\\\Microsoft Shared\\\\VSTO\\\\ActionsPane3.xsd\"
.
[HKEY_LOCAL_MACHINE\\system\\ControlSet001\\Control\\Class\\{4D36E96D-E325-11CE-BFC1-08002BE10318}\\0000\\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
\"BlindDial\"=dword:00000000
.
[HKEY_LOCAL_MACHINE\\system\\ControlSet001\\Control\\Class\\{4D36E96D-E325-11CE-BFC1-08002BE10318}\\0001\\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
\"BlindDial\"=dword:00000000
.
[HKEY_LOCAL_MACHINE\\system\\ControlSet001\\Control\\PCW\\Security]
@Denied: (Full) (Everyone)
.
Completion time: 2013-04-14 19:49:59
ComboFix-quarantined-files.txt 2013-04-15 02:49
.
Pre-Run: 35,274,014,720 bytes free
Post-Run: 34,875,146,240 bytes free
.
- - End Of File - - B35DCD2238707964B9EC4CE9E73648BA
just to keep me up to speed, can you keep me informed how things are now running. What problems your still experiencing
I suppose everything is running a lot quirkier now! Folders and indexes load a lot quicker than usual. But, I noticed if I\'m watching a long movie, or video about 2+ hours long, the audio will get choppy. If I cause a lot of stress to the computer by searching the internet while say... listening to music, my computer will shut down out of nowhere after a couple of hours.
Upon reboot, sometimes it says \"Windows didn\'t shutdown correctly, would you like to start in Safe Mode, start Normally\" and stuff like that
But a handful of times, after my computer shuts down out of the blue, I\'ll start it again immediately, and it will shut down after about 10 seconds.
Upon the final reboot, it\'ll say Windows could not start correctly, would you like to fix these problems? Or start Windows normally.
If I use the start Windows normally button, the laptop will start up perfectly.
Sorry for the wall of text! Just wanted to be as descriptive as possible
Just happened as I was watching a movie:
http://i48.tinypic.com/35jkmbs.jpg
to clarify, the picture shows the screen after I rebooted the computer
Can you follow the article at the link and do a clean boot of Windows 7
Let me know how the computer runs without everything loaded up
http://support.microsoft.com/kb/929135
Just did a clean boot, noticed Avast! is still in my toolbar, but other than that, no programs are there.
I opened up my folder directories and it loaded somewhat quickly.
The startup speed of my computer in general was VERY speedy. The desktop opened up immediately and all my files were still on the desktop. Perhaps the startup of all the programs I have installed delays the startup speed normally? (Weather Channel Application, etc)
I also seem to notice my YouTube videos seem to be REALLY choppy if played at 720p as opposed to 480p. Is it just time to upgrade my laptop because it can\'t handle processing 2013 technology? Or is it a problem with the software?
sorry for the delay, can you get me up to speed....
I was in work camp and had a hard time staying on the forum
I notice if I run a video on youtube, and play music on iTunes at the same time.. audio starts to get choppy here and there, then go away. But if I open up say.. facebook in Google Chrome, the computer will start to lag. If i continue with the lag, it\'ll get considerably slower and eventually the computer will shutdown.
![http://i48.tinypic.com/35jkmbs.jpg](\"http://i48.tinypic.com/35jkmbs.jpg\"){kind=link}