Results 1 to 10 of 10
  1. #1
    Member
    Join Date
    Aug 2013
    Posts
    5
    Points
    0

    Default qualified online log analyzer

    i did a security Analayzer test can someone tell me which logs here which of the items listed here are not all problems or malware. and which are not safe

    Logfile of Advanced SystemCare 3 Security Analyzer
    Scan saved at 2:20:42 AM, on 09/08/2013
    Platform: Windows Vista (WinNT 6.1)
    MSIE: Internet Explorer v9.10 (9.10.9200.16635)
    Boot mode: Normal

    Running processes:
    C:\Program Files (x86)\IObit\Advanced SystemCare 3\AWC.exe
    C:\Program Files (x86)\EgisTec MyWinLocker\x86\mwlDaemon.exe
    C:\Windows\PLFSetI.exe
    C:\Program Files (x86)\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe
    C:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\BackupManagerTray.exe
    C:\Program Files (x86)\EgisTec IPS\PmmUpdate.exe
    C:\Program Files (x86)\Launch Manager\LManager.exe
    C:\Program Files (x86)\LeapFrog\LeapFrog Connect\Monitor.exe
    C:\Program Files (x86)\VMware\VMware Workstation\vmware-tray.exe
    C:\Program Files (x86)\Samsung\Kies\KiesTrayAgent.exe
    C:\Program Files (x86)\Launch Manager\LMworker.exe
    C:\Program Files (x86)\EgisTec IPS\EgisUpdate.exe
    C:\Program Files (x86)\Lavasoft\Ad-Aware\AAWTray.exe
    C:\Program Files (x86)\BitTorrent\BitTorrent.exe
    C:\Program Files (x86)\Mozilla Firefox\firefox.exe
    C:\Users\renee\Downloads\asc5upgrade(1).exe
    O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
    O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~2\MICROS~4\Office14\GROOVEEX.DLL
    O2 - BHO: Groove GFS Browser Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Oracle\JavaFX 2.1 Runtime\bin\ssv.dll
    O2 - BHO: MagniPicc - {77E06197-4C22-BE28-2D38-4F221B84D9F3} - (no file)
    O2 - BHO: MagniPicc - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
    O2 - BHO: URLRedirectionBHO - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~2\MICROS~4\Office14\URLREDIR.DLL
    O2 - BHO: Complitly - {D27FC31C-6E3D-4305-8D53-ACDAEFA5F862} - C:\Users\renee\AppData\Roaming\Complitly\Complitly.dll
    O2 - BHO: Complitly - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Oracle\JavaFX 2.1 Runtime\bin\jp2ssv.dll
    O3 - Toolbar: (no name) - Locked - (no file)
    O4 - HKCU\..\Run: [] C:\Program Files (x86)\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe
    O4 - HKLM\..\Run: [BackupManagerTray] "C:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\BackupManagerTray.exe" -h -k
    O4 - HKLM\..\Run: [SuiteTray] "C:\Program Files (x86)\EgisTec MyWinLockerSuite\x86\SuiteTray.exe"
    O4 - HKLM\..\Run: [EgisUpdate] "C:\Program Files (x86)\EgisTec IPS\EgisUpdate.exe" -d
    O4 - HKLM\..\Run: [EgisTecPMMUpdate] "C:\Program Files (x86)\EgisTec IPS\PmmUpdate.exe"
    O4 - HKLM\..\Run: [StartCCC] "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
    O4 - HKLM\..\Run: [LManager] C:\Program Files (x86)\Launch Manager\LManager.exe
    O4 - HKLM\..\Run: [Monitor] "C:\Program Files (x86)\LeapFrog\LeapFrog Connect\Monitor.exe"
    O4 - HKLM\..\Run: [APSDaemon] "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"
    O4 - HKLM\..\Run: [vmware-tray] "C:\Program Files (x86)\VMware\VMware Workstation\vmware-tray.exe"
    O4 - HKLM\..\Run: [BCSSync] "C:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe" /DelayServices
    O4 - HKLM\..\Run: [KiesTrayAgent] C:\Program Files (x86)\Samsung\Kies\KiesTrayAgent.exe
    O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~3\Office14\EXCEL.EXE/3000
    O8 - Extra context menu item: Se&nd to OneNote - res://C:\PROGRA~1\MICROS~3\Office14\ONBttnIE.dll/105
    O9 - Extra button: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1003 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} -
    O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} -
    O9 - Extra button: OneNote Linked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} -
    O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} (Java Plug-in 10.4.1) - http://java.sun.com/update/1.6.0/jin...ndows-i586.cab
    O16 - DPF: {CAFEEFAC-0016-0000-0030-ABCDEFFEDCBA} (Java Plug-in 1.6.0_30) - http://java.sun.com/update/1.6.0/jin...ndows-i586.cab
    O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} (Java Plug-in 10.4.1) - http://java.sun.com/update/1.6.0/jin...ndows-i586.cab
    O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
    O23 - Service: (AMD External Events Utility) - AMD - C:\Windows\system32\atiesrxx.exe
    O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
    O23 - Service: Bonjour Service - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
    O23 - Service: Dritek WMI Service (DsiWMIService) - Dritek System Inc. - C:\Program Files (x86)\Launch Manager\dsiwmis.exe
    O23 - Service: Acer ePower Service (ePowerSvc) - Acer Incorporated - C:\Program Files\Acer\Acer ePower Management\ePowerSvc.exe
    O23 - Service: GameConsoleService - WildTangent, Inc. - C:\Program Files (x86)\Acer Games\Acer Game Console\GameConsoleService.exe
    O23 - Service: GREGService - Acer Incorporated - C:\Program Files (x86)\Acer\Registration\GREGsvc.exe
    O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
    O23 - Service: KMService - Unknown - C:\Windows\system32\srvany.exe
    O23 - Service: Lavasoft Ad-Aware Service - Lavasoft - C:\Program Files (x86)\Lavasoft\Ad-Aware\AAWService.exe
    O23 - Service: LeapFrog Connect Device Service - LeapFrog Enterprises, Inc. - C:\Program Files (x86)\LeapFrog\LeapFrog Connect\CommandService.exe
    O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
    O23 - Service: MyWinLocker Service (MWLService) - Egis Technology Inc. - C:\Program Files (x86)\EgisTec MyWinLocker\x86\MWLService.exe
    O23 - Service: Norton Online Backup (NOBU) - Symantec Corporation - C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuAgent.exe
    O23 - Service: NTI IScheduleSvc - NewTech Infosystems, Inc. - C:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\IScheduleSvc.exe
    O23 - Service: NTI Backup Now 5 Backup Service (NTIBackupSvc) - NewTech InfoSystems, Inc. - C:\Program Files (x86)\NewTech Infosystems\NTI Backup Now 5\BackupSvc.exe
    O23 - Service: NTI Backup Now 5 Scheduler Service (NTISchedulerSvc) - NTI, Inc. - C:\Program Files (x86)\NewTech Infosystems\NTI Backup Now 5\SchedulerSvc.exe
    O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files (x86)\Skype\Updater\Updater.exe
    O23 - Service: Updater Service - Acer Group - C:\Program Files\Acer\Acer Updater\UpdaterService.exe
    O23 - Service: VMware Authorization Service (VMAuthdService) - VMware, Inc. - C:\Program Files (x86)\VMware\VMware Workstation\vmware-authd.exe
    O23 - Service: VMware DHCP Service (VMnetDHCP) - VMware, Inc. - C:\Windows\system32\vmnetdhcp.exe
    O23 - Service: VMware USB Arbitration Service (VMUSBArbService) - VMware, Inc. - C:\Program Files (x86)\Common Files\VMware\USB\vmware-usbarbitrator64.exe
    O23 - Service: VMware NAT Service - VMware, Inc. - C:\Windows\system32\vmnat.exe
    O23 - Service: VMware Workstation Server (VMwareHostd) - Unknown - C:\Program Files (x86)\VMware\VMware Workstation\vmware-hostd.exe
    O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown - %PROGRAMFILES%\Windows Media Player\wmpnetwk.exe

  2. #2
    Member Spyware Fighter DonnaB's Avatar
    Join Date
    Apr 2009
    Location
    Illiana, Ill. USA
    Posts
    3,521
    Points
    563

    Default

    Hi Misery,

    Welcome to Help2Go!

    Could you provide an extended description of the problems you are experiencing?

    I'd like to do an indepth diagnostics of your system to see what might be the problem.

    Please download WVCheck by Artellos to your desktop.
    • Right click WVCheck.exe and choose Run as administrator
      (If you downloaded the zipped version you will need to extract it.)
    • As indicated by the prompt, This program can take a while depending on your hard drive space.
    • Once the program is done, copy the contents of the notepad file and paste in your reply.


    Next:

    Please download OTL to your Desktop
    • Double click on the to run the program. On Vista/Win7 or 8 right click select Run As Administrator to start the program. If prompted by UAC, please allow it.
    • Make sure all other windows are closed and to let it run uninterrupted.
    • Click the Scan All Users checkbox
      and
    • Check the option for All under the Extra Registry section
    • Click the Run Scan button. Do not change any settings unless otherwise told to do so. The scan won't take long.
      • When the scan completes, it will open two notepad windows. OTL.Txt and Extras.Txt. These are saved in the same location as OTL.
      • Please copy (Edit->Select All, Edit->Copy) the contents of these files and post them in your topic

    • OTL.txt <-- Will be opened, maximized
    • Extras.txt <-- Will be minimized on task bar.

    Please post the contents of both OTL.txt and Extras.txt files in your next reply.

    Donna
    If you think you might be infected with malware or have recently cleansed your computer of malware without the help of an expert, please read and follow the instructions in How to Start Removing Viruses and Spyware from your Computer. This can alleviate time consumed in trouble shooting your current computer problems.

    If your problem is solved, here's how to say thanks!

    Very proud parent of a U.S. Navy "CB"



    "People may forget what you say,
    People may forget what you did,
    but People will never forget how you made them feel!"

  3. #3
    Member
    Join Date
    Aug 2013
    Posts
    5
    Points
    0

    Default

    ok im starting that now

  4. #4
    Member
    Join Date
    Aug 2013
    Posts
    5
    Points
    0

    Default

    Windows Validation Check
    Version: 1.9.12.5
    Log Created On: 1856_09-08-2013
    -----------------------

    Windows Information
    -----------------------
    Windows Version: Windows 7 Service Pack 1
    Windows Mode: Normal
    Systemroot Path: C:\Windows

    WVCheck's Auto Update Check
    -----------------------
    Auto-Update Option: Download updates and install them automatically.
    -----------------------
    Last Success Time for Update Detection: 2013-08-10 00:44:53
    Last Success Time for Update Download: 2013-08-05 00:03:20
    Last Success Time for Update Installation: 2013-08-05 00:04:49


    WVCheck's Registry Check Check
    -----------------------
    Antiwpa: Not Found
    -----------------------
    Chew7Hale: Not Found
    -----------------------


    WVCheck's File Dump
    -----------------------
    C:\Users\renee\AppData\Roaming\BitTorrent\WINDOWS 7 ALL IN ONE(PRE-ACTIVATED).ISO.torrent
    Size: 19156 bytes
    Creation; 7/8/2013 3:24:34
    Modification; 7/8/2013 3:24:34
    MD5; ef289fd2a95072b6a1f5863eab2139ec
    Matched: The words 'activated' and 'windows' in one sentence.
    -----------------------
    C:\Users\renee\Downloads\Treme Season 1 Complete HDTV\TSV Torrents\Software\Windows 7 Ultimate - 32 Bit (Auto Activation) - Cracked.torrent
    Size: 21235 bytes
    Creation; 8/5/2013 23:56:55
    Modification; 8/5/2013 23:56:55
    MD5; 8a9aa36d803d1e208424ed7f54276b67
    Matched: The words 'windows' and 'crack' in one sentence.
    -----------------------
    C:\Windows\System32\slwga.dll
    Size: 14336 bytes
    Creation; 22/7/2011 23:26:2
    Modification; 20/11/2010 5:21:24
    MD5; 19f75d71e4256f5113d64ce2bb66b838
    Matched: slwga.dll
    -----------------------
    C:\Windows\SysWOW64\slwga.dll
    Size: 14336 bytes
    Creation; 22/7/2011 23:26:2
    Modification; 20/11/2010 5:21:24
    MD5; 19f75d71e4256f5113d64ce2bb66b838
    Matched: slwga.dll
    -----------------------
    C:\Windows\winsxs\amd64_microsoft-windows-security-spp-wga_31bf3856ad364e35_6.1.7600.16385_none_5b467ba9bd0679bb\slwga.dll
    Size: 14848 bytes
    Creation; 13/7/2009 17:52:11
    Modification; 13/7/2009 19:41:54
    MD5; cc03cf9f24946dcbd70acb3e1b2f05bf
    Matched: slwga.dll
    -----------------------
    C:\Windows\winsxs\amd64_microsoft-windows-security-spp-wga_31bf3856ad364e35_6.1.7600.16723_none_5b856235bcd79403\slwga.dll
    Size: 15360 bytes
    Creation; 9/2/2011 13:57:28
    Modification; 20/12/2010 23:15:31
    MD5; b7213e92b270761b88b313b62ba0e13b
    Matched: slwga.dll
    -----------------------
    C:\Windows\winsxs\amd64_microsoft-windows-security-spp-wga_31bf3856ad364e35_6.1.7600.20862_none_5be2bf06d6168a3a\slwga.dll
    Size: 15360 bytes
    Creation; 9/2/2011 13:57:28
    Modification; 20/12/2010 23:9:5
    MD5; 86b7d4d7a87ecb9e6bded44c52c8d5d9
    Matched: slwga.dll
    -----------------------
    C:\Windows\winsxs\amd64_microsoft-windows-security-spp-wga_31bf3856ad364e35_6.1.7601.17514_none_5d778f71b9f4fd55\slwga.dll
    Size: 15360 bytes
    Creation; 22/7/2011 23:26:11
    Modification; 20/11/2010 6:27:26
    MD5; b6d6886149573278cba6abd44c4317f5
    Matched: slwga.dll
    -----------------------
    C:\Windows\winsxs\x86_microsoft-windows-security-spp-wga_31bf3856ad364e35_6.1.7600.16385_none_ff27e02604a90885\slwga.dll
    Size: 13824 bytes
    Creation; 13/7/2009 17:36:22
    Modification; 13/7/2009 19:16:15
    MD5; 01fe4bdd0b47a7d8bf34d78d2bc23ddb
    Matched: slwga.dll
    -----------------------
    C:\Windows\winsxs\x86_microsoft-windows-security-spp-wga_31bf3856ad364e35_6.1.7600.16723_none_ff66c6b2047a22cd\slwga.dll
    Size: 14336 bytes
    Creation; 9/2/2011 13:57:28
    Modification; 20/12/2010 22:38:16
    MD5; 2008845b41d561fb77b77bbe0045099e
    Matched: slwga.dll
    -----------------------
    C:\Windows\winsxs\x86_microsoft-windows-security-spp-wga_31bf3856ad364e35_6.1.7600.20862_none_ffc423831db91904\slwga.dll
    Size: 14336 bytes
    Creation; 9/2/2011 13:57:28
    Modification; 20/12/2010 22:29:6
    MD5; 2332de32759ebcc691850e092b2564a6
    Matched: slwga.dll
    -----------------------
    C:\Windows\winsxs\x86_microsoft-windows-security-spp-wga_31bf3856ad364e35_6.1.7601.17514_none_0158f3ee01978c1f\slwga.dll
    Size: 14336 bytes
    Creation; 22/7/2011 23:26:2
    Modification; 20/11/2010 5:21:24
    MD5; 19f75d71e4256f5113d64ce2bb66b838
    Matched: slwga.dll
    -----------------------


    WVCheck's Dir Dump
    -----------------------
    WVCheck found no known bad directories.


    WVCheck's Missing File Check
    -----------------------
    WVCheck found no missing Windows files.


    WVCheck's HOSTS File Check
    -----------------------
    WVCheck found no bad lines in the hosts file.


    WVCheck's MD5 Check
    EXPERIMENTAL!!
    -----------------------
    user32.dll - 5e0db2d8b2750543cd2ebb9ea8e6cdd3


    -------- End of File, program close at 1904_09-08-2013 --------

    OTL logfile created on: 8/9/2013 7:05:46 PM - Run 1
    OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\renee\Downloads
    64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
    Internet Explorer (Version = 9.10.9200.16635)
    Locale: 00000409 | Country: Canada | Language: ENC | Date Format: dd/MM/yyyy

    3.75 Gb Total Physical Memory | 1.41 Gb Available Physical Memory | 37.64% Memory free
    7.49 Gb Paging File | 4.94 Gb Available in Paging File | 65.87% Paging File free
    Paging file location(s): ?:\pagefile.sys [binary data]

    %SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
    Drive C: | 583.38 Gb Total Space | 72.71 Gb Free Space | 12.46% Space Free | Partition Type: NTFS
    Drive E: | 731.81 Mb Total Space | 0.00 Mb Free Space | 0.00% Space Free | Partition Type: UDF

    Computer Name: RENEE-PC | User Name: renee | Logged in as Administrator.
    Boot Mode: Normal | Scan Mode: Current user | Include 64bit Scans
    Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

    ========== Processes (SafeList) ==========

    PRC - [2013/08/09 19:05:22 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\renee\Downloads\OTL.exe
    PRC - [2013/08/08 19:33:48 | 001,303,360 | ---- | M] (Spigot, Inc.) -- C:\Program Files (x86)\Common Files\Spigot\Search Settings\SearchSettings.exe
    PRC - [2013/08/08 19:33:48 | 000,807,800 | ---- | M] (Spigot, Inc.) -- C:\Program Files (x86)\Application Updater\ApplicationUpdater.exe
    PRC - [2013/06/19 18:45:24 | 004,042,560 | ---- | M] (IObit) -- C:\Program Files (x86)\IObit\Advanced SystemCare 6\ASC.exe
    PRC - [2013/06/14 10:03:16 | 001,515,328 | ---- | M] (IObit) -- C:\Program Files (x86)\IObit\IObit Malware Fighter\IMF.exe
    PRC - [2013/05/23 00:16:56 | 000,311,152 | ---- | M] (Samsung Electronics Co., Ltd.) -- C:\Program Files (x86)\Samsung\Kies\KiesTrayAgent.exe
    PRC - [2013/05/18 18:09:26 | 000,882,520 | ---- | M] (BitTorrent Inc.) -- C:\Program Files (x86)\BitTorrent\BitTorrent.exe
    PRC - [2013/04/25 16:54:10 | 000,335,168 | ---- | M] (IObit) -- C:\Program Files (x86)\IObit\IObit Malware Fighter\IMFsrv.exe
    PRC - [2013/04/18 20:38:38 | 000,491,840 | ---- | M] (IObit) -- C:\Program Files (x86)\IObit\Advanced SystemCare 6\ASCTray.exe
    PRC - [2013/04/18 16:58:08 | 000,574,272 | ---- | M] (IObit) -- C:\Program Files (x86)\IObit\Advanced SystemCare 6\ASCService.exe
    PRC - [2011/11/14 00:27:20 | 000,354,416 | ---- | M] (VMware, Inc.) -- C:\Windows\SysWOW64\vmnetdhcp.exe
    PRC - [2011/11/14 00:27:18 | 000,433,264 | ---- | M] (VMware, Inc.) -- C:\Windows\SysWOW64\vmnat.exe
    PRC - [2011/11/14 00:27:06 | 000,103,536 | ---- | M] (VMware, Inc.) -- C:\Program Files (x86)\VMware\VMware Workstation\vmware-tray.exe
    PRC - [2011/11/13 23:55:18 | 011,839,488 | ---- | M] () -- C:\Program Files (x86)\VMware\VMware Workstation\vmware-hostd.exe
    PRC - [2011/11/13 22:49:40 | 000,079,872 | ---- | M] (VMware, Inc.) -- C:\Program Files (x86)\VMware\VMware Workstation\vmware-authd.exe
    PRC - [2010/11/20 06:17:55 | 000,257,536 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\wbem\WmiPrvSE.exe
    PRC - [2010/11/19 14:38:08 | 000,193,880 | ---- | M] (LeapFrog Enterprises, Inc.) -- C:\Program Files (x86)\LeapFrog\LeapFrog Connect\Monitor.exe
    PRC - [2010/11/19 14:29:00 | 004,916,568 | ---- | M] (LeapFrog Enterprises, Inc.) -- C:\Program Files (x86)\LeapFrog\LeapFrog Connect\CommandService.exe
    PRC - [2010/09/17 18:35:56 | 000,684,798 | ---- | M] (WildTangent) -- C:\Users\renee\AppData\Local\Temp\~nsu.tmp\Au_.exe
    PRC - [2010/08/10 19:06:16 | 000,975,952 | ---- | M] (Dritek System Inc.) -- C:\Program Files (x86)\Launch Manager\LManager.exe
    PRC - [2010/08/10 19:06:16 | 000,321,104 | ---- | M] (Dritek System Inc.) -- C:\Program Files (x86)\Launch Manager\dsiwmis.exe
    PRC - [2010/08/10 19:06:16 | 000,305,744 | ---- | M] (Dritek System Inc.) -- C:\Program Files (x86)\Launch Manager\LMworker.exe
    PRC - [2010/06/28 16:23:12 | 000,265,984 | ---- | M] (NewTech Infosystems, Inc.) -- C:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\BackupManagerTray.exe
    PRC - [2010/06/28 16:23:06 | 000,255,744 | ---- | M] (NewTech Infosystems, Inc.) -- C:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\IScheduleSvc.exe
    PRC - [2010/06/09 19:54:22 | 000,206,208 | ---- | M] () -- C:\Windows\PLFSetI.exe
    PRC - [2010/05/26 20:41:24 | 000,349,552 | ---- | M] (Egis Technology Inc.) -- C:\Program Files (x86)\EgisTec MyWinLocker\x86\mwlDaemon.exe
    PRC - [2010/03/10 23:11:56 | 000,407,920 | ---- | M] (Egis Technology Inc.) -- C:\Program Files (x86)\EgisTec IPS\PmmUpdate.exe
    PRC - [2010/03/10 23:11:42 | 000,201,584 | ---- | M] (Egis Technology Inc.) -- C:\Program Files (x86)\EgisTec IPS\EgisUpdate.exe
    PRC - [2010/01/28 17:27:36 | 000,243,232 | ---- | M] (Acer Group) -- C:\Program Files\Acer\Acer Updater\UpdaterService.exe
    PRC - [2010/01/08 07:21:22 | 000,023,584 | ---- | M] (Acer Incorporated) -- C:\Program Files (x86)\Acer\Registration\GREGsvc.exe
    PRC - [2009/09/24 05:17:39 | 000,778,072 | ---- | M] (Lavasoft) -- C:\Program Files (x86)\Lavasoft\Ad-Aware\AAWTray.exe
    PRC - [2009/09/24 05:17:32 | 001,169,232 | ---- | M] (Lavasoft) -- C:\Program Files (x86)\Lavasoft\Ad-Aware\AAWService.exe


    ========== Modules (No Company Name) ==========

    MOD - [2013/08/06 15:15:42 | 000,268,968 | ---- | M] () -- C:\Windows\SysWOW64\sqlite3.dll
    MOD - [2013/07/24 18:49:46 | 000,396,240 | ---- | M] () -- C:\Users\renee\AppData\Local\Google\Chrome\Application\28.0.1500.95\ppgooglenaclpluginchrome.dll
    MOD - [2013/07/24 18:49:45 | 013,599,184 | ---- | M] () -- C:\Users\renee\AppData\Local\Google\Chrome\Application\28.0.1500.95\PepperFlash\pepflashplayer.dll
    MOD - [2013/07/24 18:49:44 | 004,052,944 | ---- | M] () -- C:\Users\renee\AppData\Local\Google\Chrome\Application\28.0.1500.95\pdf.dll
    MOD - [2013/07/24 18:48:54 | 000,601,552 | ---- | M] () -- C:\Users\renee\AppData\Local\Google\Chrome\Application\28.0.1500.95\libglesv2.dll
    MOD - [2013/07/24 18:48:53 | 000,123,344 | ---- | M] () -- C:\Users\renee\AppData\Local\Google\Chrome\Application\28.0.1500.95\libegl.dll
    MOD - [2013/07/24 18:48:51 | 001,597,392 | ---- | M] () -- C:\Users\renee\AppData\Local\Google\Chrome\Application\28.0.1500.95\ffmpegsumo.dll
    MOD - [2013/06/17 16:30:08 | 001,233,728 | ---- | M] () -- C:\Program Files (x86)\IObit\Advanced SystemCare 6\Scan.dll
    MOD - [2013/01/15 18:48:26 | 000,348,992 | ---- | M] () -- C:\Program Files (x86)\IObit\Advanced SystemCare 6\madexcept_.bpl
    MOD - [2013/01/15 18:48:26 | 000,051,008 | ---- | M] () -- C:\Program Files (x86)\IObit\Advanced SystemCare 6\maddisAsm_.bpl
    MOD - [2013/01/15 18:48:24 | 000,183,616 | ---- | M] () -- C:\Program Files (x86)\IObit\Advanced SystemCare 6\madbasic_.bpl
    MOD - [2013/01/15 18:47:56 | 000,893,248 | ---- | M] () -- C:\Program Files (x86)\IObit\Advanced SystemCare 6\webres.dll
    MOD - [2013/01/15 18:47:50 | 000,517,440 | ---- | M] () -- C:\Program Files (x86)\IObit\Advanced SystemCare 6\sqlite3.dll
    MOD - [2011/03/17 00:11:16 | 004,297,568 | ---- | M] () -- C:\Program Files (x86)\Common Files\microsoft shared\OFFICE14\Cultures\OFFICE.ODF
    MOD - [2010/10/20 15:45:26 | 008,801,120 | ---- | M] () -- C:\Program Files (x86)\Microsoft Office\Office14\1033\GrooveIntlResource.dll
    MOD - [2010/06/28 16:20:54 | 000,465,576 | ---- | M] () -- C:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\sqlite3.dll
    MOD - [2010/06/09 19:54:22 | 000,206,208 | ---- | M] () -- C:\Windows\PLFSetI.exe
    MOD - [2010/01/31 23:52:12 | 008,347,648 | ---- | M] () -- C:\Program Files (x86)\LeapFrog\LeapFrog Connect\QtGui4.dll
    MOD - [2010/01/31 23:52:12 | 002,244,608 | ---- | M] () -- C:\Program Files (x86)\LeapFrog\LeapFrog Connect\QtCore4.dll
    MOD - [2009/10/01 07:06:15 | 005,409,632 | ---- | M] () -- C:\Program Files (x86)\Lavasoft\Ad-Aware\Resources.dll
    MOD - [2009/05/20 16:02:04 | 000,072,200 | ---- | M] () -- C:\Program Files (x86)\Launch Manager\CdDirIo.dll


    ========== Services (SafeList) ==========

    SRV:64bit: - [2013/06/20 20:33:08 | 000,366,600 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- c:\Program Files\Microsoft Security Client\NisSrv.exe -- (NisSrv)
    SRV:64bit: - [2013/06/20 20:33:08 | 000,023,808 | ---- | M] (Microsoft Corporation) [Auto | Running] -- c:\Program Files\Microsoft Security Client\MsMpEng.exe -- (MsMpSvc)
    SRV:64bit: - [2013/05/26 23:50:47 | 001,011,712 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
    SRV:64bit: - [2010/06/11 15:27:26 | 000,868,896 | ---- | M] (Acer Incorporated) [Auto | Running] -- C:\Program Files\Acer\Acer ePower Management\ePowerSvc.exe -- (ePowerSvc)
    SRV:64bit: - [2010/04/27 00:49:36 | 000,202,752 | ---- | M] (AMD) [Auto | Running] -- C:\Windows\SysNative\atiesrxx.exe -- (AMD External Events Utility)
    SRV:64bit: - [2010/01/28 17:27:36 | 000,243,232 | ---- | M] (Acer Group) [Auto | Running] -- C:\Program Files\Acer\Acer Updater\UpdaterService.exe -- (Updater Service)
    SRV - [2013/08/08 19:33:48 | 000,807,800 | ---- | M] (Spigot, Inc.) [Auto | Running] -- C:\Program Files (x86)\Application Updater\ApplicationUpdater.exe -- (Application Updater)
    SRV - [2013/08/05 16:33:40 | 002,229,072 | ---- | M] (Secure Speed Dial) [Auto | Stopped] -- C:\Program Files (x86)\Secure Speed Dial\IE\SecureUpdate.exe -- (SecureUpdateSvc)
    SRV - [2013/07/05 07:37:56 | 000,117,144 | ---- | M] (Mozilla Foundation) [On_Demand | Stopped] -- C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance)
    SRV - [2013/06/21 09:53:36 | 000,162,408 | R--- | M] (Skype Technologies) [Auto | Stopped] -- C:\Program Files (x86)\Skype\Updater\Updater.exe -- (SkypeUpdate)
    SRV - [2013/06/11 17:25:31 | 000,256,904 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)
    SRV - [2013/04/25 16:54:10 | 000,335,168 | ---- | M] (IObit) [Auto | Running] -- C:\Program Files (x86)\IObit\IObit Malware Fighter\IMFsrv.exe -- (IMFservice)
    SRV - [2013/04/18 16:58:08 | 000,574,272 | ---- | M] (IObit) [Auto | Running] -- C:\Program Files (x86)\IObit\Advanced SystemCare 6\ASCService.exe -- (AdvancedSystemCareService6)
    SRV - [2012/03/01 12:08:40 | 000,008,192 | ---- | M] () [Auto | Stopped] -- C:\Windows\SysWOW64\srvany.exe -- (KMService)
    SRV - [2011/11/14 00:27:20 | 000,354,416 | ---- | M] (VMware, Inc.) [Auto | Running] -- C:\Windows\SysWOW64\vmnetdhcp.exe -- (VMnetDHCP)
    SRV - [2011/11/14 00:27:18 | 000,433,264 | ---- | M] (VMware, Inc.) [Auto | Running] -- C:\Windows\SysWOW64\vmnat.exe -- (VMware NAT Service)
    SRV - [2011/11/13 23:55:18 | 011,839,488 | ---- | M] () [Auto | Running] -- C:\Program Files (x86)\VMware\VMware Workstation\vmware-hostd.exe -- (VMwareHostd)
    SRV - [2011/11/13 22:49:40 | 000,079,872 | ---- | M] (VMware, Inc.) [Auto | Running] -- C:\Program Files (x86)\VMware\VMware Workstation\vmware-authd.exe -- (VMAuthdService)
    SRV - [2011/08/29 23:11:04 | 000,846,448 | ---- | M] (VMware, Inc.) [Auto | Running] -- C:\Program Files (x86)\Common Files\VMware\USB\vmware-usbarbitrator64.exe -- (VMUSBArbService)
    SRV - [2010/11/19 14:29:00 | 004,916,568 | ---- | M] (LeapFrog Enterprises, Inc.) [Auto | Running] -- C:\Program Files (x86)\LeapFrog\LeapFrog Connect\CommandService.exe -- (LeapFrog Connect Device Service)
    SRV - [2010/08/10 19:06:16 | 000,321,104 | ---- | M] (Dritek System Inc.) [Auto | Running] -- C:\Program Files (x86)\Launch Manager\dsiwmis.exe -- (DsiWMIService)
    SRV - [2010/06/28 16:23:06 | 000,255,744 | ---- | M] (NewTech Infosystems, Inc.) [Auto | Running] -- C:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\IScheduleSvc.exe -- (NTI IScheduleSvc)
    SRV - [2010/06/01 16:31:28 | 002,804,568 | ---- | M] (Symantec Corporation) [Auto | Running] -- C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuAgent.exe -- (NOBU)
    SRV - [2010/05/26 20:41:06 | 000,305,520 | ---- | M] (Egis Technology Inc.) [On_Demand | Stopped] -- C:\Program Files (x86)\EgisTec MyWinLocker\x86\MWLService.exe -- (MWLService)
    SRV - [2010/03/18 14:16:28 | 000,130,384 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32)
    SRV - [2010/01/08 07:21:22 | 000,023,584 | ---- | M] (Acer Incorporated) [Auto | Running] -- C:\Program Files (x86)\Acer\Registration\GREGsvc.exe -- (GREGService)
    SRV - [2009/09/24 05:17:32 | 001,169,232 | ---- | M] (Lavasoft) [Auto | Running] -- C:\Program Files (x86)\Lavasoft\Ad-Aware\AAWService.exe -- (Lavasoft Ad-Aware Service)
    SRV - [2009/06/10 15:23:09 | 000,066,384 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32)


    ========== Driver Services (SafeList) ==========

    DRV:64bit: - [2013/06/18 21:50:08 | 000,139,616 | ---- | M] (Microsoft Corporation) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\NisDrvWFP.sys -- (NisDrv)
    DRV:64bit: - [2013/05/01 22:23:50 | 000,203,672 | ---- | M] (DEVGURU Co., LTD.(DEVGURU :: DEVGURU)) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ssudserd.sys -- (ssudserd)
    DRV:64bit: - [2013/05/01 22:23:50 | 000,203,672 | ---- | M] (DEVGURU Co., LTD.(DEVGURU :: DEVGURU)) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ssudmdm.sys -- (ssudmdm)
    DRV:64bit: - [2013/05/01 22:23:50 | 000,103,064 | ---- | M] (DEVGURU Co., LTD.(DEVGURU :: DEVGURU)) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ssudbus.sys -- (dg_ssudbus)
    DRV:64bit: - [2012/12/13 13:50:36 | 000,054,784 | ---- | M] (Apple, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\usbaapl64.sys -- (USBAAPL64)
    DRV:64bit: - [2012/08/23 08:10:20 | 000,019,456 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\rdpvideominiport.sys -- (RdpVideoMiniport)
    DRV:64bit: - [2012/08/23 08:07:35 | 000,057,856 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbFlt.sys -- (TsUsbFlt)
    DRV:64bit: - [2012/08/21 14:01:20 | 000,033,240 | ---- | M] (GEAR Software Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\GEARAspiWDM.sys -- (GEARAspiWDM)
    DRV:64bit: - [2012/08/17 06:59:00 | 000,035,112 | ---- | M] (TeamViewer GmbH) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\teamviewervpn.sys -- (teamviewervpn)
    DRV:64bit: - [2012/03/01 00:46:16 | 000,023,408 | ---- | M] (Microsoft Corporation) [Recognizer | Boot | Unknown] -- C:\Windows\SysNative\drivers\fs_rec.sys -- (Fs_Rec)
    DRV:64bit: - [2011/11/14 00:28:16 | 000,063,088 | ---- | M] (VMware, Inc.) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\vmx86.sys -- (vmx86)
    DRV:64bit: - [2011/11/14 00:26:30 | 000,030,320 | ---- | M] (VMware, Inc.) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\vmnetuserif.sys -- (VMnetuserif)
    DRV:64bit: - [2011/11/13 22:33:56 | 000,045,680 | ---- | M] (VMware, Inc.) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\vmnetbridge.sys -- (VMnetBridge)
    DRV:64bit: - [2011/11/13 22:33:56 | 000,020,080 | ---- | M] (VMware, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\vmnetadapter.sys -- (VMnetAdapter)
    DRV:64bit: - [2011/08/29 23:11:04 | 000,039,024 | ---- | M] (VMware, Inc.) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\hcmon.sys -- (hcmon)
    DRV:64bit: - [2011/08/08 15:59:12 | 000,116,336 | ---- | M] (VMware, Inc.) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\vmci.sys -- (vmci)
    DRV:64bit: - [2011/03/11 00:41:12 | 000,107,904 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata)
    DRV:64bit: - [2011/03/11 00:41:12 | 000,027,008 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata)
    DRV:64bit: - [2010/11/20 07:33:35 | 000,078,720 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD)
    DRV:64bit: - [2010/07/29 00:25:10 | 000,029,720 | ---- | M] (Initio Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ivusb.sys -- (ivusb)
    DRV:64bit: - [2010/06/10 14:57:20 | 000,040,448 | ---- | M] (Alcor Micro, Corp.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\AmUStor.sys -- (AmUStor)
    DRV:64bit: - [2010/06/08 05:36:18 | 000,406,056 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\k57nd60a.sys -- (k57nd60a)
    DRV:64bit: - [2010/05/11 20:11:38 | 002,229,608 | ---- | M] (Atheros Communications, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\athrx.sys -- (athr)
    DRV:64bit: - [2010/04/28 16:21:38 | 000,018,432 | ---- | M] (NTI Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\NTIDrvr.sys -- (NTIDrvr)
    DRV:64bit: - [2010/04/28 16:21:38 | 000,017,408 | ---- | M] (NTI Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\UBHelper.sys -- (UBHelper)
    DRV:64bit: - [2010/04/27 06:56:34 | 006,659,072 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\atikmdag.sys -- (amdkmdag)
    DRV:64bit: - [2010/04/27 00:17:26 | 000,195,584 | ---- | M] (Advanced Micro Devices, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\atikmpag.sys -- (amdkmdap)
    DRV:64bit: - [2010/04/08 06:12:02 | 000,124,944 | ---- | M] (ATI Technologies, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\AtiHdmi.sys -- (AtiHdmiService)
    DRV:64bit: - [2009/12/22 03:26:36 | 000,038,456 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\usbfilter.sys -- (usbfilter)
    DRV:64bit: - [2009/09/23 06:55:23 | 000,069,152 | ---- | M] (Lavasoft AB) [File_System | Boot | Running] -- C:\Windows\SysNative\drivers\Lbd.sys -- (Lbd)
    DRV:64bit: - [2009/09/17 22:12:06 | 000,292,912 | ---- | M] (Synaptics Incorporated) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\SynTP.sys -- (SynTP)
    DRV:64bit: - [2009/08/23 19:55:32 | 000,016,440 | ---- | M] (Advanced Micro Devices Inc.) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\AtiPcie.sys -- (AtiPcie)
    DRV:64bit: - [2009/07/13 19:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs)
    DRV:64bit: - [2009/07/13 19:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2)
    DRV:64bit: - [2009/07/13 19:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor)
    DRV:64bit: - [2009/07/13 18:39:20 | 000,023,040 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\WSDPrint.sys -- (WSDPrintDevice)
    DRV:64bit: - [2009/07/13 18:35:32 | 000,012,288 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\serscan.sys -- (StillCam)
    DRV:64bit: - [2009/06/19 20:09:57 | 000,054,272 | ---- | M] (Atheros Communications, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\L1E62x64.sys -- (L1E)
    DRV:64bit: - [2009/06/10 14:37:05 | 006,108,416 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\igdkmd64.sys -- (igfx)
    DRV:64bit: - [2009/06/10 14:34:38 | 001,311,232 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\BCMWL664.SYS -- (BCM43XX)
    DRV:64bit: - [2009/06/10 14:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv)
    DRV:64bit: - [2009/06/10 14:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv)
    DRV:64bit: - [2009/06/10 14:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a)
    DRV:64bit: - [2009/06/10 14:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir)
    DRV:64bit: - [2009/06/02 20:15:30 | 000,060,464 | ---- | M] (Egis Technology Inc.) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\mwlPSDVDisk.sys -- (mwlPSDVDisk)
    DRV:64bit: - [2009/06/02 20:15:30 | 000,022,576 | ---- | M] (Egis Technology Inc.) [File_System | System | Running] -- C:\Windows\SysNative\drivers\mwlPSDFilter.sys -- (mwlPSDFilter)
    DRV:64bit: - [2009/06/02 20:15:30 | 000,020,016 | ---- | M] (Egis Technology Inc.) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\mwlPSDNserv.sys -- (mwlPSDNServ)
    DRV:64bit: - [2009/02/24 19:35:44 | 000,255,552 | ---- | M] (MagicISO, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\mcdbus.sys -- (mcdbus)
    DRV:64bit: - [2006/12/13 18:14:14 | 000,065,024 | ---- | M] (Aladdin Knowledge Systems Ltd.) [File_System | Auto | Running] -- C:\Windows\SysNative\drivers\aksdf.sys -- (aksdf)
    DRV:64bit: - [2006/12/04 10:44:14 | 000,314,368 | ---- | M] (Aladdin Knowledge Systems Ltd.) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\hardlock.sys -- (Hardlock)
    DRV:64bit: - [2006/12/04 10:44:14 | 000,090,240 | ---- | M] (Aladdin Knowledge Systems Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\akshasp.sys -- (akshasp)
    DRV:64bit: - [2006/12/04 10:44:14 | 000,018,688 | ---- | M] (Aladdin Knowledge Systems Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\aksusb.sys -- (aksusb)
    DRV - [2013/03/26 19:34:08 | 000,023,016 | ---- | M] (IObit.com) [Kernel | On_Demand | Running] -- C:\Program Files (x86)\IObit\IObit Malware Fighter\Drivers\win7_amd64\UrlFilter.sys -- (UrlFilter)
    DRV - [2013/03/26 19:33:52 | 000,034,336 | ---- | M] (IObit.com) [Kernel | On_Demand | Running] -- C:\Program Files (x86)\IObit\IObit Malware Fighter\Drivers\win7_amd64\RegFilter.sys -- (RegFilter)
    DRV - [2013/03/23 15:48:46 | 000,023,048 | ---- | M] (IObit) [File_System | On_Demand | Running] -- C:\Program Files (x86)\IObit\IObit Malware Fighter\Drivers\win7_amd64\FileMonitor.sys -- (FileMonitor)
    DRV - [2009/07/13 19:19:10 | 000,019,008 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\wimmount.sys -- (WIMMount)
    DRV - [2009/02/24 19:35:44 | 000,255,552 | ---- | M] (MagicISO, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysWOW64\drivers\mcdbus.sys -- (mcdbus)


    ========== Standard Registry (SafeList) ==========


    ========== Internet Explorer ==========

    IE:64bit: - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
    IE:64bit: - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&form=AARTDF&pc=MAAR&src=IE-SearchBox
    IE - HKLM\..\SearchScopes,DefaultScope = {afdbddaa-5d3f-42ee-b79c-185a7020515b}
    IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&form=AARTDF&pc=MAAR&src=IE-SearchBox
    IE - HKLM\..\SearchScopes\{CAFC7B3A-C070-41D0-ADBD-4F01C7540170}: "URL" = http://search.conduit.com/ResultsExt.aspx?q={searchTerms}&SearchSource=4&ctid=CT2818425

    IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = MSN.com
    IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = (1) Search
    IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = Yahoo! Search - Web Search
    IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Before = Search
    IE - HKCU\..\URLSearchHook: {03EB0E9C-7A91-4381-A220-9B52B641CDB1} - C:\Program Files (x86)\IObit Apps Toolbar\IE\7.4\iobitappsToolbarIE.dll (Spigot, Inc.)
    IE - HKCU\..\URLSearchHook: {7aeb3efd-e564-43f1-b658-5058a7c5743b} - No CLSID value found
    IE - HKCU\..\URLSearchHook: {88c7f2aa-f93f-432c-8f0e-b7d85967a527} - No CLSID value found
    IE - HKCU\..\SearchScopes,DefaultScope = {CA6211C8-569A-4A6C-A79B-427BED466AE2}
    IE - HKCU\..\SearchScopes\{afdbddaa-5d3f-42ee-b79c-185a7020515b}: "URL" = http://searchou.com/?affil=7&uid=17591bde-f7b3-11e0-a3ff-206a8a1c3d38&q={searchTerms}
    IE - HKCU\..\SearchScopes\{CA6211C8-569A-4A6C-A79B-427BED466AE2}: "URL" = http://search.yahoo.com/search?fr=chr-greentree_ie&ei=utf-8&ilc=12&type=114576&p={searchTerms}
    IE - HKCU\..\SearchScopes\{CAFC7B3A-C070-41D0-ADBD-4F01C7540170}: "URL" = http://search.conduit.com/ResultsExt.aspx?q={searchTerms}&SearchSource=4&ctid=CT2818425
    IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
    IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local

    ========== FireFox ==========

    FF - prefs.js..browser.search.defaultengine: "Privitize VPN"
    FF - prefs.js..browser.search.defaultenginename: "Yahoo"
    FF - prefs.js..browser.search.defaultenginename,S: S", ""
    FF - prefs.js..browser.search.defaultthis.engineName: "vshare.tv Bar Customized Web Search"
    FF - prefs.js..browser.search.defaulturl: "http://search.conduit.com/ResultsExt.aspx?ctid=CT2818425&SearchSource=3&q={searchTerms}"
    FF - prefs.js..browser.search.order.1: "Privitize VPN"
    FF - prefs.js..browser.search.order.1,S: S", ""
    FF - prefs.js..browser.search.param.yahoo-fr: "chr-greentree_ff&ilc=12&type=114576"
    FF - prefs.js..browser.search.selectedEngine: "Yahoo"
    FF - prefs.js..browser.search.selectedEngine,S: S", ""
    FF - prefs.js..browser.startup.homepage: "http://ca.search.yahoo.com?type=114576&fr=spigot-yhp-ff"
    FF - prefs.js..extensions.enabledAddons: ascsurfingprotection%40iobit.com:1.0
    FF - prefs.js..extensions.enabledAddons: speeddial%40instair.net:1.2.2
    FF - prefs.js..extensions.enabledAddons: iobitapps%40mybrowserbar.com:7.4
    FF - prefs.js..extensions.enabledAddons: %7B972ce4c6-7e08-4474-a285-3208198ce6fd%7D:22.0
    FF - prefs.js..keyword.URL: "http://search.yahoo.com/search?fr=greentree_ff1&ei=utf-8&ilc=12&type=114576&p="
    FF - prefs.js..sweetim.toolbar.previous.browser.search.defaultenginename: ""
    FF - prefs.js..sweetim.toolbar.previous.browser.search.selectedEngine: ""
    FF - prefs.js..browser.startup.homepage: ""
    FF - prefs.js..sweetim.toolbar.previous.keyword.URL: ""


    FF:64bit: - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF64_11_7_700_224.dll File not found
    FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
    FF:64bit: - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files\Microsoft Silverlight\5.1.20513.0\npctrl.dll ( Microsoft Corporation)
    FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0: C:\PROGRA~1\MICROS~3\Office14\NPAUTHZ.DLL (Microsoft Corporation)
    FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_7_700_224.dll ()
    FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=: File not found
    FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
    FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.4.1: C:\Windows\SysWOW64\npDeployJava1.dll (Oracle Corporation)
    FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.4.1: C:\Program Files (x86)\Oracle\JavaFX 2.1 Runtime\bin\plugin2\npjp2.dll (Oracle Corporation)
    FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
    FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files (x86)\Microsoft Silverlight\5.1.20513.0\npctrl.dll ( Microsoft Corporation)
    FF - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0: C:\PROGRA~2\MICROS~4\Office14\NPAUTHZ.DLL (Microsoft Corporation)
    FF - HKLM\Software\MozillaPlugins\@microsoft.com/SharePoint,version=14.0: C:\PROGRA~2\MICROS~4\Office14\NPSPWRAP.DLL (Microsoft Corporation)
    FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3502.0922: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
    FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3508.1109: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
    FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3538.0513: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
    FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3555.0308: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
    FF - HKLM\Software\MozillaPlugins\@veetle.com/veetleCorePlugin,version=0.9.18: C:\Program Files (x86)\Veetle\plugins\npVeetle.dll (Veetle Inc)
    FF - HKLM\Software\MozillaPlugins\@veetle.com/veetlePlayerPlugin,version=0.9.18: C:\Program Files (x86)\Veetle\Player\npvlc.dll (Veetle Inc)
    FF - HKLM\Software\MozillaPlugins\@videolan.org/vlc,version=2.0.5: C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
    FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
    FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Users\renee\AppData\Local\Google\Update\1.3.21.153\npGoogleUpdate3.dll (Google Inc.)
    FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Users\renee\AppData\Local\Google\Update\1.3.21.153\npGoogleUpdate3.dll (Google Inc.)

    FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 22.0\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2013/07/05 07:37:07 | 000,000,000 | ---D | M]
    FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 22.0\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2013/07/05 07:37:09 | 000,000,000 | ---D | M]

    [2010/12/25 11:11:23 | 000,000,000 | ---D | M] (No name found) -- C:\Users\renee\AppData\Roaming\Mozilla\Extensions
    [2013/08/09 17:12:27 | 000,000,000 | ---D | M] (No name found) -- C:\Users\renee\AppData\Roaming\Mozilla\Firefox\Profiles\5gc4zd23.default\extensions
    [2011/10/15 12:22:07 | 000,000,000 | ---D | M] (WebSlingPlayer) -- C:\Users\renee\AppData\Roaming\Mozilla\Firefox\Profiles\5gc4zd23.default\extensions\{9EB34849-81D3-4841-939D-666D522B889A}
    [2013/08/09 03:11:31 | 000,000,000 | ---D | M] (Advanced SystemCare Surfing Protection) -- C:\Users\renee\AppData\Roaming\Mozilla\Firefox\Profiles\5gc4zd23.default\extensions\ascsurfingprotection@iobit.com
    [2013/03/19 17:00:37 | 000,000,000 | ---D | M] (MagniPicc) -- C:\Users\renee\AppData\Roaming\Mozilla\Firefox\Profiles\5gc4zd23.default\extensions\q8z6jbhakq@vtfj-zm.edu
    [2013/08/09 03:12:52 | 000,000,000 | ---D | M] (Secure Speed Dial) -- C:\Users\renee\AppData\Roaming\Mozilla\Firefox\Profiles\5gc4zd23.default\extensions\speeddial@instair.net
    [2011/10/05 11:37:28 | 000,000,929 | ---- | M] () -- C:\Users\renee\AppData\Roaming\Mozilla\Firefox\Profiles\5gc4zd23.default\searchplugins\conduit.xml
    [2013/03/19 16:59:56 | 000,002,090 | ---- | M] () -- C:\Users\renee\AppData\Roaming\Mozilla\Firefox\Profiles\5gc4zd23.default\searchplugins\Searchou.xml
    [2013/08/09 17:12:24 | 000,000,904 | ---- | M] () -- C:\Users\renee\AppData\Roaming\Mozilla\Firefox\Profiles\5gc4zd23.default\searchplugins\yahoo.xml
    [2013/07/05 07:37:07 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\Mozilla Firefox\browser\extensions
    [2013/07/05 07:37:57 | 000,000,000 | ---D | M] (Default) -- C:\Program Files (x86)\Mozilla Firefox\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
    [2013/08/09 17:12:27 | 000,000,000 | ---D | M] (IObit Apps Toolbar) -- C:\PROGRAM FILES (X86)\IOBIT APPS TOOLBAR\FF
    [2011/08/31 04:38:58 | 000,082,944 | ---- | M] (vShare.tv ) -- C:\Program Files (x86)\mozilla firefox\plugins\npvsharetvplg.dll

    ========== Chrome ==========

    CHR - default_search_provider: Yahoo! (Enabled)
    CHR - default_search_provider: search_url = http://search.yahoo.com/search?fr=chr-greentree_gc&ei=utf-8&ilc=12&type=114576&p={searchTerms}
    CHR - default_search_provider: suggest_url = http://ff.search.yahoo.com/gossip?output=fxjson&command={searchTerms}
    CHR - homepage: Yahoo! Search - Web Search
    CHR - plugin: Remoting Viewer (Enabled) = internal-remoting-viewer
    CHR - plugin: Native Client (Enabled) = C:\Users\renee\AppData\Local\Google\Chrome\Application\28.0.1500.95\ppGoogleNaClPluginChrome.dll
    CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Users\renee\AppData\Local\Google\Chrome\Application\28.0.1500.95\pdf.dll
    CHR - plugin: Shockwave Flash (Enabled) = C:\Users\renee\AppData\Local\Google\Chrome\Application\28.0.1500.95\gcswf32.dll
    CHR - plugin: Shockwave Flash (Enabled) = C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_2_202_235.dll
    CHR - plugin: vShare.tv plug-in (Enabled) = C:\Users\renee\AppData\Local\Google\Chrome\User Data\Default\Extensions\kpionmjnkbpcdpcflammlgllecmejgjj\1.3_0\chvsharetvplg.dll
    CHR - plugin: vShare.tv plug-in (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\npvsharetvplg.dll
    CHR - plugin: Adobe Acrobat (Enabled) = C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Browser\nppdf32.dll
    CHR - plugin: QuickTime Plug-in 7.7.1 (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin.dll
    CHR - plugin: QuickTime Plug-in 7.7.1 (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin2.dll
    CHR - plugin: QuickTime Plug-in 7.7.1 (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin3.dll
    CHR - plugin: QuickTime Plug-in 7.7.1 (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin4.dll
    CHR - plugin: QuickTime Plug-in 7.7.1 (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin5.dll
    CHR - plugin: QuickTime Plug-in 7.7.1 (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin6.dll
    CHR - plugin: QuickTime Plug-in 7.7.1 (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin7.dll
    CHR - plugin: Microsoft Office 2010 (Enabled) = C:\PROGRA~2\MICROS~4\Office14\NPAUTHZ.DLL
    CHR - plugin: Microsoft Office 2010 (Enabled) = C:\PROGRA~2\MICROS~4\Office14\NPSPWRAP.DLL
    CHR - plugin: Java(TM) Platform SE 7 U4 (Enabled) = C:\Program Files (x86)\Oracle\JavaFX 2.1 Runtime\bin\plugin2\npjp2.dll
    CHR - plugin: Java Deployment Toolkit 7.0.40.255 (Enabled) = C:\Windows\SysWOW64\npDeployJava1.dll
    CHR - plugin: Veetle TV Player (Enabled) = C:\Program Files (x86)\Veetle\Player\npvlc.dll
    CHR - plugin: Veetle TV Core (Enabled) = C:\Program Files (x86)\Veetle\plugins\npVeetle.dll
    CHR - plugin: VLC Web Plugin (Enabled) = C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll
    CHR - plugin: Windows Live\u0099 Photo Gallery (Enabled) = C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll
    CHR - plugin: iTunes Application Detector (Enabled) = C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll
    CHR - plugin: Google Update (Enabled) = C:\Users\renee\AppData\Local\Google\Update\1.3.21.111\npGoogleUpdate3.dll
    CHR - plugin: Silverlight Plug-In (Enabled) = c:\Program Files (x86)\Microsoft Silverlight\4.1.10329.0\npctrl.dll
    CHR - Extension: YouTube = C:\Users\renee\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.6_0\
    CHR - Extension: Google Search = C:\Users\renee\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.20_0\
    CHR - Extension: Complitly plugin for chrome = C:\Users\renee\AppData\Local\Google\Chrome\User Data\Default\Extensions\defdhglnppeioeflggkmglipcecffkhk\1.1_0\
    CHR - Extension: Secure Speed Dial = C:\Users\renee\AppData\Local\Google\Chrome\User Data\Default\Extensions\glmfgahfleepmdfffonfckpmkondpdkg\1.2.6_0\
    CHR - Extension: Improved Search = C:\Users\renee\AppData\Local\Google\Chrome\User Data\Default\Extensions\hahpjplbmicfkmoccokbjejahjjpnena\1.2_0\
    CHR - Extension: Ebay Shopping Assistant by Spigot = C:\Users\renee\AppData\Local\Google\Chrome\User Data\Default\Extensions\hbcennhacfaagdopikcegfcobcadeocj\1.0_0\
    CHR - Extension: Domain Error Assistant = C:\Users\renee\AppData\Local\Google\Chrome\User Data\Default\Extensions\icdlfehblmklkikfigmjhbmmpmkmpooj\1.1_0\
    CHR - Extension: vshare plugin = C:\Users\renee\AppData\Local\Google\Chrome\User Data\Default\Extensions\kpionmjnkbpcdpcflammlgllecmejgjj\1.3_0\
    CHR - Extension: MagniPicc = C:\Users\renee\AppData\Local\Google\Chrome\User Data\Default\Extensions\lbdkcimfcilfhkadopkmlljleejjplke\1\
    CHR - Extension: Slick Savings = C:\Users\renee\AppData\Local\Google\Chrome\User Data\Default\Extensions\mhkaekfpcppmmioggniknbnbdbcigpkk\2.4_0\
    CHR - Extension: Advanced SystemCare Surfing Protection = C:\Users\renee\AppData\Local\Google\Chrome\User Data\Default\Extensions\nfengeggddojhakldhlpjdlddgkkjkdd\1.0.0_0\
    CHR - Extension: Amazon Shopping Assistant by Spigot = C:\Users\renee\AppData\Local\Google\Chrome\User Data\Default\Extensions\pfndaklgolladniicklehhancnlgocpp\1.0_0\
    CHR - Extension: Gmail = C:\Users\renee\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_1\

    O1 HOSTS File: ([2009/06/10 15:00:26 | 000,000,824 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts
    O2:64bit: - BHO: (Complitly) - {D27FC31C-6E3D-4305-8D53-ACDAEFA5F862} - C:\Users\renee\AppData\Roaming\Complitly\64\Complitly64.dll (SimplyGen)
    O2 - BHO: (IObit Apps Toolbar) - {03EB0E9C-7A91-4381-A220-9B52B641CDB1} - C:\Program Files (x86)\IObit Apps Toolbar\IE\7.4\iobitappsToolbarIE.dll (Spigot, Inc.)
    O2 - BHO: (Secure Speed Dial) - {48A789BF-F6D6-4930-9C8B-77855A63EDE1} - C:\Program Files (x86)\Secure Speed Dial\IE\SpeedDial.dll (Secure Speed Dial)
    O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Oracle\JavaFX 2.1 Runtime\bin\ssv.dll (Oracle Corporation)
    O2 - BHO: (MagniPicc) - {77E06197-4C22-BE28-2D38-4F221B84D9F3} - Reg Error: Value error. File not found
    O2 - BHO: (Advanced SystemCare Browser Protection) - {BA0C978D-D909-49B6-AFE2-8BDE245DC7E6} - C:\Program Files (x86)\IObit\Advanced SystemCare 6\BrowerProtect\ASCPlugin_Protection.dll (IObit)
    O2 - BHO: (Complitly) - {D27FC31C-6E3D-4305-8D53-ACDAEFA5F862} - C:\Users\renee\AppData\Roaming\Complitly\Complitly.dll (SimplyGen)
    O2 - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Oracle\JavaFX 2.1 Runtime\bin\jp2ssv.dll (Oracle Corporation)
    O3:64bit: - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
    O3 - HKLM\..\Toolbar: (IObit Apps Toolbar) - {03EB0E9C-7A91-4381-A220-9B52B641CDB1} - C:\Program Files (x86)\IObit Apps Toolbar\IE\7.4\iobitappsToolbarIE.dll (Spigot, Inc.)
    O3 - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
    O4:64bit: - HKLM..\Run: [Acer ePower Management] C:\Program Files\Acer\Acer ePower Management\ePowerTray.exe (Acer Incorporated)
    O4:64bit: - HKLM..\Run: [AmIcoSinglun64] C:\Program Files (x86)\AmIcoSingLun\AmIcoSinglun64.exe (Alcor Micro Corp.)
    O4:64bit: - HKLM..\Run: [MSC] C:\Program Files\Microsoft Security Client\msseces.exe (Microsoft Corporation)
    O4:64bit: - HKLM..\Run: [mwlDaemon] C:\Program Files (x86)\EgisTec MyWinLocker\x86\mwlDaemon.exe (Egis Technology Inc.)
    O4:64bit: - HKLM..\Run: [PLFSetI] C:\Windows\PLFSetI.exe ()
    O4:64bit: - HKLM..\Run: [RtHDVCpl] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe (Realtek Semiconductor)
    O4 - HKLM..\Run: [] File not found
    O4 - HKLM..\Run: [APSDaemon] C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe (Apple Inc.)
    O4 - HKLM..\Run: [BackupManagerTray] C:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\BackupManagerTray.exe (NewTech Infosystems, Inc.)
    O4 - HKLM..\Run: [EgisTecPMMUpdate] C:\Program Files (x86)\EgisTec IPS\PmmUpdate.exe (Egis Technology Inc.)
    O4 - HKLM..\Run: [EgisUpdate] C:\Program Files (x86)\EgisTec IPS\EgisUpdate.exe (Egis Technology Inc.)
    O4 - HKLM..\Run: [IObit Malware Fighter] C:\Program Files (x86)\IObit\IObit Malware Fighter\IMF.exe (IObit)
    O4 - HKLM..\Run: [KiesTrayAgent] C:\Program Files (x86)\Samsung\Kies\KiesTrayAgent.exe (Samsung Electronics Co., Ltd.)
    O4 - HKLM..\Run: [LManager] C:\Program Files (x86)\Launch Manager\LManager.exe (Dritek System Inc.)
    O4 - HKLM..\Run: [Monitor] C:\Program Files (x86)\LeapFrog\LeapFrog Connect\Monitor.exe (LeapFrog Enterprises, Inc.)
    O4 - HKLM..\Run: [SearchSettings] C:\Program Files (x86)\Common Files\Spigot\Search Settings\SearchSettings.exe (Spigot, Inc.)
    O4 - HKLM..\Run: [StartCCC] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe (Advanced Micro Devices, Inc.)
    O4 - HKLM..\Run: [SuiteTray] C:\Program Files (x86)\EgisTec MyWinLockerSuite\x86\SuiteTray.exe (Egis Technology Inc.)
    O4 - HKLM..\Run: [vmware-tray] C:\Program Files (x86)\VMware\VMware Workstation\vmware-tray.exe (VMware, Inc.)
    O4 - HKCU..\Run: [] C:\Program Files (x86)\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe (Samsung)
    O4 - HKCU..\Run: [Advanced SystemCare 6] C:\Program Files (x86)\IObit\Advanced SystemCare 6\ASCTray.exe (IObit)
    O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Infodelivery present
    O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
    O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
    O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: LinkResolveIgnoreLinkInfo = 0
    O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoResolveSearch = 1
    O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 0
    O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
    O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLUA = 0
    O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: PromptOnSecureDesktop = 0
    O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: LinkResolveIgnoreLinkInfo = 0
    O8:64bit: - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~3\Office14\EXCEL.EXE/3000 File not found
    O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~3\Office14\EXCEL.EXE/3000 File not found
    O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000007 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
    O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000011 - C:\Windows\SysNative\vsocklib.dll (VMware, Inc.)
    O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000012 - C:\Windows\SysNative\vsocklib.dll (VMware, Inc.)
    O10 - NameSpace_Catalog5\Catalog_Entries\000000000007 [] - C:\Program Files (x86)\Bonjour\mdnsNSP.dll (Apple Inc.)
    O10 - Protocol_Catalog9\Catalog_Entries\000000000011 - C:\Windows\SysWOW64\vsocklib.dll (VMware, Inc.)
    O10 - Protocol_Catalog9\Catalog_Entries\000000000012 - C:\Windows\SysWOW64\vsocklib.dll (VMware, Inc.)
    O1364bit: - gopher Prefix: missing
    O13 - gopher Prefix: missing
    O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jin...ndows-i586.cab (Java Plug-in 10.4.1)
    O16 - DPF: {CAFEEFAC-0016-0000-0030-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jin...ndows-i586.cab (Reg Error: Value error.)
    O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jin...ndows-i586.cab (Java Plug-in 10.4.1)
    O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 64.59.176.13 192.168.1.1
    O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{04A6C0A4-68A5-4328-B0B8-918A2D243D79}: DhcpNameServer = 64.59.176.13 192.168.1.1
    O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{E3C58709-A991-449E-AC56-516CC0F6043E}: DhcpNameServer = 64.59.176.13 192.168.1.1
    O18:64bit: - Protocol\Handler\livecall - No CLSID value found
    O18:64bit: - Protocol\Handler\ms-help - No CLSID value found
    O18:64bit: - Protocol\Handler\msnim - No CLSID value found
    O18:64bit: - Protocol\Handler\skype4com - No CLSID value found
    O18:64bit: - Protocol\Handler\wlmailhtml - No CLSID value found
    O18:64bit: - Protocol\Handler\wlpg - No CLSID value found
    O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
    O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
    O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
    O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
    O20 - HKLM Winlogon: UserInit - (userinit.exe) - C:\Windows\SysWow64\userinit.exe (Microsoft Corporation)
    O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
    O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
    O32 - HKLM CDRom: AutoRun - 1
    O32 - AutoRun File - [2010/03/21 22:24:09 | 000,000,175 | R--- | M] () - E:\autorun.inf -- [ UDF ]
    O33 - MountPoints2\{f29ec5c6-574c-11e1-8a40-005056c00008}\Shell - "" = AutoRun
    O33 - MountPoints2\{f29ec5c6-574c-11e1-8a40-005056c00008}\Shell\AutoRun\command - "" = E:\setup.exe -- [2010/03/11 21:44:53 | 001,100,664 | R--- | M] (Microsoft Corporation)
    O33 - MountPoints2\{f29ec5c6-574c-11e1-8a40-005056c00008}\Shell\configure\command - "" = E:\setup.exe -- [2010/03/11 21:44:53 | 001,100,664 | R--- | M] (Microsoft Corporation)
    O33 - MountPoints2\{f29ec5c6-574c-11e1-8a40-005056c00008}\Shell\install\command - "" = E:\setup.exe -- [2010/03/11 21:44:53 | 001,100,664 | R--- | M] (Microsoft Corporation)
    O34 - HKLM BootExecute: (autocheck autochk *)
    O34 - HKLM BootExecute: (lsdelete)
    O35:64bit: - HKLM\..comfile [open] -- "%1" %*
    O35:64bit: - HKLM\..exefile [open] -- "%1" %*
    O35 - HKLM\..comfile [open] -- "%1" %*
    O35 - HKLM\..exefile [open] -- "%1" %*
    O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
    O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
    O37 - HKLM\...com [@ = comfile] -- "%1" %*
    O37 - HKLM\...exe [@ = exefile] -- "%1" %*
    O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
    O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
    O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)

    ========== Files/Folders - Created Within 30 Days ==========

    [2013/08/09 18:26:42 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\IObit Malware Fighter
    [2013/08/09 17:12:23 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\IObit Apps Toolbar
    [2013/08/09 17:12:23 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Application Updater
    [2013/08/09 03:12:33 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Secure Speed Dial
    [2013/08/09 03:11:41 | 000,000,000 | ---D | C] -- C:\ProgramData\{CED89F1A-945F-46EC-B23C-5EAF6D2DB12A}
    [2013/08/09 03:11:36 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Spigot
    [2013/08/09 03:11:26 | 000,000,000 | ---D | C] -- C:\ProgramData\{BDDB56DE-AE4E-48A2-B856-FB60C8498453}
    [2013/08/09 03:11:19 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Advanced SystemCare 6
    [2013/08/09 03:08:27 | 000,000,000 | ---D | C] -- C:\ProgramData\IObit
    [2013/08/05 11:06:39 | 000,000,000 | ---D | C] -- C:\Users\Public\Documents\CrashDump
    [2013/08/04 19:18:17 | 000,000,000 | ---D | C] -- C:\Users\renee\Documents\crib pix
    [2013/08/04 18:04:12 | 000,015,360 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\RdpGroupPolicyExtension.dll
    [2013/08/04 18:04:12 | 000,013,312 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\TsUsbRedirectionGroupPolicyExtension.dll
    [2013/08/04 18:04:12 | 000,013,312 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\TsUsbRedirectionGroupPolicyControl.exe
    [2013/08/04 18:04:10 | 000,057,856 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\TsUsbFlt.sys
    [2013/08/04 18:04:10 | 000,019,456 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\rdpvideominiport.sys
    [2013/08/04 18:04:05 | 000,322,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\aaclient.dll
    [2013/08/04 18:04:05 | 000,269,312 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\aaclient.dll
    [2013/08/04 18:04:05 | 000,243,200 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\rdpudd.dll
    [2013/08/04 18:04:05 | 000,192,000 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\rdpendp_winip.dll
    [2013/08/04 18:04:05 | 000,062,976 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\TSWbPrxy.exe
    [2013/08/04 18:04:05 | 000,054,272 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\MsRdpWebAccess.dll
    [2013/08/04 18:04:05 | 000,046,592 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\MsRdpWebAccess.dll
    [2013/08/04 18:04:05 | 000,044,032 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\tsgqec.dll
    [2013/08/04 18:04:05 | 000,043,520 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\TsUsbGDCoInstaller.dll
    [2013/08/04 18:04:05 | 000,037,376 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\tsgqec.dll
    [2013/08/04 18:04:05 | 000,018,432 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wksprtPS.dll
    [2013/08/04 18:04:05 | 000,016,896 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wksprtPS.dll
    [2013/08/04 18:04:04 | 003,174,912 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\rdpcorets.dll
    [2013/08/04 18:04:04 | 001,123,840 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mstsc.exe
    [2013/08/04 18:04:04 | 001,048,064 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mstsc.exe
    [2013/08/04 18:04:04 | 000,384,000 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wksprt.exe
    [2013/08/04 18:04:04 | 000,228,864 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\rdpendp_winip.dll
    [2013/08/04 18:04:02 | 004,916,224 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mstscax.dll
    [2013/08/04 18:04:01 | 005,773,824 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mstscax.dll
    [2013/08/04 18:03:20 | 000,514,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\qdvd.dll
    [2013/08/04 18:03:20 | 000,366,592 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\qdvd.dll
    [2013/08/04 18:03:18 | 001,448,448 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\lsasrv.dll
    [2013/08/04 08:29:53 | 000,000,000 | ---D | C] -- C:\Users\renee\Desktop\crib pix
    [2013/08/03 03:01:02 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\MRT
    [2013/08/02 01:08:55 | 000,035,112 | ---- | C] (TeamViewer GmbH) -- C:\Windows\SysNative\drivers\teamviewervpn.sys
    [2013/08/02 01:08:45 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\TeamViewer
    [2013/07/27 08:05:53 | 001,490,656 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\WdfCoInstaller01007.dll
    [2013/07/27 08:05:53 | 000,708,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\WinUSBCoInstaller.dll
    [2013/07/27 08:05:53 | 000,203,672 | ---- | C] (DEVGURU Co., LTD.(DEVGURU :: DEVGURU)) -- C:\Windows\SysNative\drivers\ssudserd.sys
    [2013/07/27 08:05:52 | 000,203,672 | ---- | C] (DEVGURU Co., LTD.(DEVGURU :: DEVGURU)) -- C:\Windows\SysNative\drivers\ssudmdm.sys
    [2013/07/27 08:05:52 | 000,103,064 | ---- | C] (DEVGURU Co., LTD.(DEVGURU :: DEVGURU)) -- C:\Windows\SysNative\drivers\ssudbus.sys
    [2013/07/27 04:44:13 | 000,000,000 | ---D | C] -- C:\Users\renee\AppData\Roaming\IObit
    [2013/07/27 04:44:12 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\IObit
    [2013/07/20 00:01:08 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype
    [2013/07/20 00:01:08 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Skype
    [2013/07/20 00:01:02 | 000,000,000 | R--D | C] -- C:\Program Files (x86)\Skype
    [2013/07/16 14:05:44 | 000,000,000 | ---D | C] -- C:\Users\renee\AppData\Local\B1E
    [2013/07/16 14:05:37 | 000,000,000 | ---D | C] -- C:\Users\renee\AppData\Roaming\B1Toolbar
    [2013/07/15 22:32:43 | 000,000,000 | ---D | C] -- C:\Users\renee\AppData\Local\{A1BE6986-C576-4109-B3D7-AEA4CAC5DA48}
    [2013/07/15 00:46:01 | 000,000,000 | ---D | C] -- C:\Users\renee\AppData\Local\{496A1CDF-1743-408E-A78A-4C94C0539E63}
    [2013/07/13 03:52:19 | 000,000,000 | ---D | C] -- C:\Users\renee\AppData\Local\{E2929E6E-886C-4CF9-9628-4ABB67AA7180}
    [2013/07/13 03:15:43 | 000,526,336 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieui.dll
    [2013/07/13 03:15:43 | 000,391,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieui.dll
    [2013/07/13 03:15:41 | 000,071,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\RegisterIEPKEYs.exe
    [2013/07/13 03:15:41 | 000,067,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\iesetup.dll
    [2013/07/13 03:15:41 | 000,061,440 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\iesetup.dll
    [2013/07/13 03:15:41 | 000,051,712 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ie4uinit.exe
    [2013/07/13 03:15:41 | 000,039,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\iernonce.dll
    [2013/07/13 03:15:41 | 000,033,280 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\iernonce.dll
    [2013/07/13 03:15:40 | 000,136,704 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\iesysprep.dll
    [2013/07/13 03:15:40 | 000,109,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\iesysprep.dll
    [2013/07/13 03:15:40 | 000,089,600 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\RegisterIEPKEYs.exe
    [2013/07/13 03:15:38 | 000,603,136 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msfeeds.dll
    [2013/07/13 03:15:37 | 000,855,552 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\jscript.dll
    [2013/07/13 03:15:37 | 000,690,688 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\jscript.dll
    [2013/07/13 03:15:36 | 003,958,784 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\jscript9.dll
    [2013/07/12 16:53:15 | 000,624,128 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\qedit.dll
    [2013/07/12 16:53:14 | 000,509,440 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\qedit.dll
    [2013/07/12 16:53:09 | 001,887,744 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\WMVDECOD.DLL
    [2013/07/12 16:53:08 | 001,620,480 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\WMVDECOD.DLL
    [2013/07/12 16:51:22 | 001,643,520 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\DWrite.dll
    [1 C:\Windows\SysWow64\*.tmp files -> C:\Windows\SysWow64\*.tmp -> ]
    [1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]

    ========== Files - Modified Within 30 Days ==========

    [2013/08/09 18:35:00 | 000,000,908 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-2447266277-936606115-3744986921-1000UA.job
    [2013/08/09 18:26:42 | 000,001,177 | ---- | M] () -- C:\Users\Public\Desktop\IObit Malware Fighter.lnk
    [2013/08/09 18:25:00 | 000,000,830 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
    [2013/08/09 18:10:31 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
    [2013/08/09 17:09:23 | 000,017,600 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
    [2013/08/09 17:09:23 | 000,017,600 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
    [2013/08/09 17:03:23 | 000,000,394 | ---- | M] () -- C:\Windows\tasks\Ad-Aware Update (Weekly).job
    [2013/08/09 17:01:30 | 3018,461,184 | -HS- | M] () -- C:\hiberfil.sys
    [2013/08/09 16:35:00 | 000,000,856 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-2447266277-936606115-3744986921-1000Core.job
    [2013/08/09 03:11:19 | 000,001,276 | ---- | M] () -- C:\Users\Public\Desktop\Uninstaller.lnk
    [2013/08/09 03:11:19 | 000,001,225 | ---- | M] () -- C:\Users\Public\Desktop\Advanced SystemCare 6.lnk
    [2013/08/06 15:15:42 | 000,268,968 | ---- | M] () -- C:\Windows\SysWow64\sqlite3.dll
    [2013/08/05 10:06:54 | 000,730,656 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
    [2013/08/05 10:06:54 | 000,631,558 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
    [2013/08/05 10:06:54 | 000,112,236 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
    [2013/08/05 03:59:16 | 000,090,112 | ---- | M] () -- C:\Users\renee\Documents\wallet.dat
    [2013/08/04 22:18:32 | 001,564,701 | ---- | M] () -- C:\Users\renee\Desktop\VPLCX125.pdf
    [2013/08/04 17:56:42 | 000,001,945 | ---- | M] () -- C:\Windows\epplauncher.mif
    [2013/07/31 15:40:08 | 000,002,368 | ---- | M] () -- C:\Users\renee\Desktop\Google Chrome.lnk
    [2013/07/28 00:00:33 | 000,000,000 | -H-- | M] () -- C:\Windows\SysNative\drivers\Msft_Kernel_WinUsb_01007.Wdf
    [2013/07/27 05:23:23 | 000,004,790 | ---- | M] () -- C:\Users\renee\Desktop\m.xspf
    [2013/07/27 04:44:37 | 000,002,048 | ---- | M] () -- C:\Users\renee\Application Data\Microsoft\Internet Explorer\Quick Launch\Mozilla Firefox.lnk
    [2013/07/20 00:01:08 | 000,002,515 | ---- | M] () -- C:\Users\Public\Desktop\Skype.lnk
    [2013/07/16 14:05:45 | 000,000,047 | ---- | M] () -- C:\chid
    [2013/07/13 03:49:22 | 000,416,688 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT
    [1 C:\Windows\SysWow64\*.tmp files -> C:\Windows\SysWow64\*.tmp -> ]
    [1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]

    ========== Files Created - No Company Name ==========

    [2013/08/09 18:26:42 | 000,001,177 | ---- | C] () -- C:\Users\Public\Desktop\IObit Malware Fighter.lnk
    [2013/08/09 03:12:39 | 000,268,968 | ---- | C] () -- C:\Windows\SysWow64\sqlite3.dll
    [2013/08/09 03:11:19 | 000,001,276 | ---- | C] () -- C:\Users\Public\Desktop\Uninstaller.lnk
    [2013/08/09 03:11:19 | 000,001,225 | ---- | C] () -- C:\Users\Public\Desktop\Advanced SystemCare 6.lnk
    [2013/08/08 23:02:26 | 000,000,394 | ---- | C] () -- C:\Windows\tasks\Ad-Aware Update (Weekly).job
    [2013/08/05 03:59:02 | 000,090,112 | ---- | C] () -- C:\Users\renee\Documents\wallet.dat
    [2013/08/04 22:18:11 | 001,564,701 | ---- | C] () -- C:\Users\renee\Desktop\VPLCX125.pdf
    [2013/07/28 00:00:33 | 000,000,000 | -H-- | C] () -- C:\Windows\SysNative\drivers\Msft_Kernel_WinUsb_01007.Wdf
    [2013/07/27 05:23:23 | 000,004,790 | ---- | C] () -- C:\Users\renee\Desktop\m.xspf
    [2013/07/20 00:01:08 | 000,002,515 | ---- | C] () -- C:\Users\Public\Desktop\Skype.lnk
    [2013/07/16 14:05:45 | 000,000,047 | ---- | C] () -- C:\chid
    [2013/04/18 19:07:00 | 000,030,568 | ---- | C] () -- C:\Windows\MusiccityDownload.exe
    [2013/04/18 19:06:46 | 000,974,848 | ---- | C] () -- C:\Windows\SysWow64\cis-2.4.dll
    [2013/04/18 19:06:46 | 000,081,920 | ---- | C] () -- C:\Windows\SysWow64\issacapi_bs-2.3.dll
    [2013/04/18 19:06:46 | 000,065,536 | ---- | C] () -- C:\Windows\SysWow64\issacapi_pe-2.3.dll
    [2013/04/18 19:06:46 | 000,057,344 | ---- | C] () -- C:\Windows\SysWow64\issacapi_se-2.3.dll
    [2013/01/01 10:19:44 | 000,000,016 | ---- | C] () -- C:\Windows\popcinfo.dat
    [2012/03/14 14:47:26 | 000,024,576 | ---- | C] () -- C:\Windows\SysWow64\hdduinst.exe
    [2012/03/14 14:47:25 | 000,153,088 | ---- | C] () -- C:\Windows\SysWow64\UNWISE.EXE
    [2012/03/14 14:46:31 | 000,282,624 | ---- | C] () -- C:\Windows\SysWow64\RayTracer.dll
    [2012/03/14 14:46:31 | 000,106,496 | ---- | C] () -- C:\Windows\SysWow64\MiscFunctions.dll
    [2012/03/14 14:46:31 | 000,065,536 | ---- | C] () -- C:\Windows\SysWow64\CombinePolygons.dll
    [2012/03/14 14:46:31 | 000,028,672 | ---- | C] () -- C:\Windows\SysWow64\VBDataConverter.dll
    [2012/03/14 14:46:31 | 000,015,872 | ---- | C] () -- C:\Windows\SysWow64\Kcdpprm32.dll
    [2012/03/14 14:46:31 | 000,015,872 | ---- | C] () -- C:\Windows\SysWow64\Kcdmath32.dll
    [2012/03/14 14:46:29 | 000,446,464 | ---- | C] () -- C:\Windows\SysWow64\Tx32.dll
    [2012/03/01 12:08:58 | 000,008,192 | ---- | C] () -- C:\Windows\SysWow64\srvany.exe
    [2012/02/24 13:59:22 | 000,002,828 | -HS- | C] () -- C:\Windows\SysWow64\KGyGaAvL.sys
    [2011/11/23 22:30:56 | 000,040,023 | ---- | C] () -- C:\Users\renee\AppData\Roaming\UserTile.png
    [2011/11/11 09:14:48 | 000,739,570 | ---- | C] () -- C:\Windows\SysWow64\PerfStringBackup.INI

    ========== ZeroAccess Check ==========

    [2009/07/13 22:55:00 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini

    [HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64

    [HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]

    [HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] /64

    [HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]

    [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
    "" = C:\Windows\SysNative\shell32.dll -- [2013/02/26 23:52:56 | 014,172,672 | ---- | M] (Microsoft Corporation)
    "ThreadingModel" = Apartment

    [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
    "" = %SystemRoot%\system32\shell32.dll -- [2013/02/26 22:55:05 | 012,872,704 | ---- | M] (Microsoft Corporation)
    "ThreadingModel" = Apartment

    [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] /64
    "" = C:\Windows\SysNative\wbem\fastprox.dll -- [2009/07/13 19:40:51 | 000,909,312 | ---- | M] (Microsoft Corporation)
    "ThreadingModel" = Free

    [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
    "" = %systemroot%\system32\wbem\fastprox.dll -- [2010/11/20 06:19:02 | 000,606,208 | ---- | M] (Microsoft Corporation)
    "ThreadingModel" = Free

    [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] /64
    "" = C:\Windows\SysNative\wbem\wbemess.dll -- [2009/07/13 19:41:56 | 000,505,856 | ---- | M] (Microsoft Corporation)
    "ThreadingModel" = Both

    [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]

    < End of report >

  5. #5
    Member
    Join Date
    Aug 2013
    Posts
    5
    Points
    0

    Default

    Windows Validation Check
    Version: 1.9.12.5
    Log Created On: 1856_09-08-2013
    -----------------------

    Windows Information
    -----------------------
    Windows Version: Windows 7 Service Pack 1
    Windows Mode: Normal
    Systemroot Path: C:\Windows

    WVCheck's Auto Update Check
    -----------------------
    Auto-Update Option: Download updates and install them automatically.
    -----------------------
    Last Success Time for Update Detection: 2013-08-10 00:44:53
    Last Success Time for Update Download: 2013-08-05 00:03:20
    Last Success Time for Update Installation: 2013-08-05 00:04:49


    WVCheck's Registry Check Check
    -----------------------
    Antiwpa: Not Found
    -----------------------
    Chew7Hale: Not Found
    -----------------------


    WVCheck's File Dump
    -----------------------
    C:\Users\renee\AppData\Roaming\BitTorrent\WINDOWS 7 ALL IN ONE(PRE-ACTIVATED).ISO.torrent
    Size: 19156 bytes
    Creation; 7/8/2013 3:24:34
    Modification; 7/8/2013 3:24:34
    MD5; ef289fd2a95072b6a1f5863eab2139ec
    Matched: The words 'activated' and 'windows' in one sentence.
    -----------------------
    C:\Users\renee\Downloads\Treme Season 1 Complete HDTV\TSV Torrents\Software\Windows 7 Ultimate - 32 Bit (Auto Activation) - Cracked.torrent
    Size: 21235 bytes
    Creation; 8/5/2013 23:56:55
    Modification; 8/5/2013 23:56:55
    MD5; 8a9aa36d803d1e208424ed7f54276b67
    Matched: The words 'windows' and 'crack' in one sentence.
    -----------------------
    C:\Windows\System32\slwga.dll
    Size: 14336 bytes
    Creation; 22/7/2011 23:26:2
    Modification; 20/11/2010 5:21:24
    MD5; 19f75d71e4256f5113d64ce2bb66b838
    Matched: slwga.dll
    -----------------------
    C:\Windows\SysWOW64\slwga.dll
    Size: 14336 bytes
    Creation; 22/7/2011 23:26:2
    Modification; 20/11/2010 5:21:24
    MD5; 19f75d71e4256f5113d64ce2bb66b838
    Matched: slwga.dll
    -----------------------
    C:\Windows\winsxs\amd64_microsoft-windows-security-spp-wga_31bf3856ad364e35_6.1.7600.16385_none_5b467ba9bd0679bb\slwga.dll
    Size: 14848 bytes
    Creation; 13/7/2009 17:52:11
    Modification; 13/7/2009 19:41:54
    MD5; cc03cf9f24946dcbd70acb3e1b2f05bf
    Matched: slwga.dll
    -----------------------
    C:\Windows\winsxs\amd64_microsoft-windows-security-spp-wga_31bf3856ad364e35_6.1.7600.16723_none_5b856235bcd79403\slwga.dll
    Size: 15360 bytes
    Creation; 9/2/2011 13:57:28
    Modification; 20/12/2010 23:15:31
    MD5; b7213e92b270761b88b313b62ba0e13b
    Matched: slwga.dll
    -----------------------
    C:\Windows\winsxs\amd64_microsoft-windows-security-spp-wga_31bf3856ad364e35_6.1.7600.20862_none_5be2bf06d6168a3a\slwga.dll
    Size: 15360 bytes
    Creation; 9/2/2011 13:57:28
    Modification; 20/12/2010 23:9:5
    MD5; 86b7d4d7a87ecb9e6bded44c52c8d5d9
    Matched: slwga.dll
    -----------------------
    C:\Windows\winsxs\amd64_microsoft-windows-security-spp-wga_31bf3856ad364e35_6.1.7601.17514_none_5d778f71b9f4fd55\slwga.dll
    Size: 15360 bytes
    Creation; 22/7/2011 23:26:11
    Modification; 20/11/2010 6:27:26
    MD5; b6d6886149573278cba6abd44c4317f5
    Matched: slwga.dll
    -----------------------
    C:\Windows\winsxs\x86_microsoft-windows-security-spp-wga_31bf3856ad364e35_6.1.7600.16385_none_ff27e02604a90885\slwga.dll
    Size: 13824 bytes
    Creation; 13/7/2009 17:36:22
    Modification; 13/7/2009 19:16:15
    MD5; 01fe4bdd0b47a7d8bf34d78d2bc23ddb
    Matched: slwga.dll
    -----------------------
    C:\Windows\winsxs\x86_microsoft-windows-security-spp-wga_31bf3856ad364e35_6.1.7600.16723_none_ff66c6b2047a22cd\slwga.dll
    Size: 14336 bytes
    Creation; 9/2/2011 13:57:28
    Modification; 20/12/2010 22:38:16
    MD5; 2008845b41d561fb77b77bbe0045099e
    Matched: slwga.dll
    -----------------------
    C:\Windows\winsxs\x86_microsoft-windows-security-spp-wga_31bf3856ad364e35_6.1.7600.20862_none_ffc423831db91904\slwga.dll
    Size: 14336 bytes
    Creation; 9/2/2011 13:57:28
    Modification; 20/12/2010 22:29:6
    MD5; 2332de32759ebcc691850e092b2564a6
    Matched: slwga.dll
    -----------------------
    C:\Windows\winsxs\x86_microsoft-windows-security-spp-wga_31bf3856ad364e35_6.1.7601.17514_none_0158f3ee01978c1f\slwga.dll
    Size: 14336 bytes
    Creation; 22/7/2011 23:26:2
    Modification; 20/11/2010 5:21:24
    MD5; 19f75d71e4256f5113d64ce2bb66b838
    Matched: slwga.dll
    -----------------------


    WVCheck's Dir Dump
    -----------------------
    WVCheck found no known bad directories.


    WVCheck's Missing File Check
    -----------------------
    WVCheck found no missing Windows files.


    WVCheck's HOSTS File Check
    -----------------------
    WVCheck found no bad lines in the hosts file.


    WVCheck's MD5 Check
    EXPERIMENTAL!!
    -----------------------
    user32.dll - 5e0db2d8b2750543cd2ebb9ea8e6cdd3


    -------- End of File, program close at 1904_09-08-2013 --------

    OTL logfile created on: 8/9/2013 7:05:46 PM - Run 1
    OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\renee\Downloads
    64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
    Internet Explorer (Version = 9.10.9200.16635)
    Locale: 00000409 | Country: Canada | Language: ENC | Date Format: dd/MM/yyyy

    3.75 Gb Total Physical Memory | 1.41 Gb Available Physical Memory | 37.64% Memory free
    7.49 Gb Paging File | 4.94 Gb Available in Paging File | 65.87% Paging File free
    Paging file location(s): ?:\pagefile.sys [binary data]

    %SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
    Drive C: | 583.38 Gb Total Space | 72.71 Gb Free Space | 12.46% Space Free | Partition Type: NTFS
    Drive E: | 731.81 Mb Total Space | 0.00 Mb Free Space | 0.00% Space Free | Partition Type: UDF

    Computer Name: RENEE-PC | User Name: renee | Logged in as Administrator.
    Boot Mode: Normal | Scan Mode: Current user | Include 64bit Scans
    Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

    ========== Processes (SafeList) ==========

    PRC - [2013/08/09 19:05:22 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\renee\Downloads\OTL.exe
    PRC - [2013/08/08 19:33:48 | 001,303,360 | ---- | M] (Spigot, Inc.) -- C:\Program Files (x86)\Common Files\Spigot\Search Settings\SearchSettings.exe
    PRC - [2013/08/08 19:33:48 | 000,807,800 | ---- | M] (Spigot, Inc.) -- C:\Program Files (x86)\Application Updater\ApplicationUpdater.exe
    PRC - [2013/06/19 18:45:24 | 004,042,560 | ---- | M] (IObit) -- C:\Program Files (x86)\IObit\Advanced SystemCare 6\ASC.exe
    PRC - [2013/06/14 10:03:16 | 001,515,328 | ---- | M] (IObit) -- C:\Program Files (x86)\IObit\IObit Malware Fighter\IMF.exe
    PRC - [2013/05/23 00:16:56 | 000,311,152 | ---- | M] (Samsung Electronics Co., Ltd.) -- C:\Program Files (x86)\Samsung\Kies\KiesTrayAgent.exe
    PRC - [2013/05/18 18:09:26 | 000,882,520 | ---- | M] (BitTorrent Inc.) -- C:\Program Files (x86)\BitTorrent\BitTorrent.exe
    PRC - [2013/04/25 16:54:10 | 000,335,168 | ---- | M] (IObit) -- C:\Program Files (x86)\IObit\IObit Malware Fighter\IMFsrv.exe
    PRC - [2013/04/18 20:38:38 | 000,491,840 | ---- | M] (IObit) -- C:\Program Files (x86)\IObit\Advanced SystemCare 6\ASCTray.exe
    PRC - [2013/04/18 16:58:08 | 000,574,272 | ---- | M] (IObit) -- C:\Program Files (x86)\IObit\Advanced SystemCare 6\ASCService.exe
    PRC - [2011/11/14 00:27:20 | 000,354,416 | ---- | M] (VMware, Inc.) -- C:\Windows\SysWOW64\vmnetdhcp.exe
    PRC - [2011/11/14 00:27:18 | 000,433,264 | ---- | M] (VMware, Inc.) -- C:\Windows\SysWOW64\vmnat.exe
    PRC - [2011/11/14 00:27:06 | 000,103,536 | ---- | M] (VMware, Inc.) -- C:\Program Files (x86)\VMware\VMware Workstation\vmware-tray.exe
    PRC - [2011/11/13 23:55:18 | 011,839,488 | ---- | M] () -- C:\Program Files (x86)\VMware\VMware Workstation\vmware-hostd.exe
    PRC - [2011/11/13 22:49:40 | 000,079,872 | ---- | M] (VMware, Inc.) -- C:\Program Files (x86)\VMware\VMware Workstation\vmware-authd.exe
    PRC - [2010/11/20 06:17:55 | 000,257,536 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\wbem\WmiPrvSE.exe
    PRC - [2010/11/19 14:38:08 | 000,193,880 | ---- | M] (LeapFrog Enterprises, Inc.) -- C:\Program Files (x86)\LeapFrog\LeapFrog Connect\Monitor.exe
    PRC - [2010/11/19 14:29:00 | 004,916,568 | ---- | M] (LeapFrog Enterprises, Inc.) -- C:\Program Files (x86)\LeapFrog\LeapFrog Connect\CommandService.exe
    PRC - [2010/09/17 18:35:56 | 000,684,798 | ---- | M] (WildTangent) -- C:\Users\renee\AppData\Local\Temp\~nsu.tmp\Au_.exe
    PRC - [2010/08/10 19:06:16 | 000,975,952 | ---- | M] (Dritek System Inc.) -- C:\Program Files (x86)\Launch Manager\LManager.exe
    PRC - [2010/08/10 19:06:16 | 000,321,104 | ---- | M] (Dritek System Inc.) -- C:\Program Files (x86)\Launch Manager\dsiwmis.exe
    PRC - [2010/08/10 19:06:16 | 000,305,744 | ---- | M] (Dritek System Inc.) -- C:\Program Files (x86)\Launch Manager\LMworker.exe
    PRC - [2010/06/28 16:23:12 | 000,265,984 | ---- | M] (NewTech Infosystems, Inc.) -- C:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\BackupManagerTray.exe
    PRC - [2010/06/28 16:23:06 | 000,255,744 | ---- | M] (NewTech Infosystems, Inc.) -- C:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\IScheduleSvc.exe
    PRC - [2010/06/09 19:54:22 | 000,206,208 | ---- | M] () -- C:\Windows\PLFSetI.exe
    PRC - [2010/05/26 20:41:24 | 000,349,552 | ---- | M] (Egis Technology Inc.) -- C:\Program Files (x86)\EgisTec MyWinLocker\x86\mwlDaemon.exe
    PRC - [2010/03/10 23:11:56 | 000,407,920 | ---- | M] (Egis Technology Inc.) -- C:\Program Files (x86)\EgisTec IPS\PmmUpdate.exe
    PRC - [2010/03/10 23:11:42 | 000,201,584 | ---- | M] (Egis Technology Inc.) -- C:\Program Files (x86)\EgisTec IPS\EgisUpdate.exe
    PRC - [2010/01/28 17:27:36 | 000,243,232 | ---- | M] (Acer Group) -- C:\Program Files\Acer\Acer Updater\UpdaterService.exe
    PRC - [2010/01/08 07:21:22 | 000,023,584 | ---- | M] (Acer Incorporated) -- C:\Program Files (x86)\Acer\Registration\GREGsvc.exe
    PRC - [2009/09/24 05:17:39 | 000,778,072 | ---- | M] (Lavasoft) -- C:\Program Files (x86)\Lavasoft\Ad-Aware\AAWTray.exe
    PRC - [2009/09/24 05:17:32 | 001,169,232 | ---- | M] (Lavasoft) -- C:\Program Files (x86)\Lavasoft\Ad-Aware\AAWService.exe


    ========== Modules (No Company Name) ==========

    MOD - [2013/08/06 15:15:42 | 000,268,968 | ---- | M] () -- C:\Windows\SysWOW64\sqlite3.dll
    MOD - [2013/07/24 18:49:46 | 000,396,240 | ---- | M] () -- C:\Users\renee\AppData\Local\Google\Chrome\Application\28.0.1500.95\ppgooglenaclpluginchrome.dll
    MOD - [2013/07/24 18:49:45 | 013,599,184 | ---- | M] () -- C:\Users\renee\AppData\Local\Google\Chrome\Application\28.0.1500.95\PepperFlash\pepflashplayer.dll
    MOD - [2013/07/24 18:49:44 | 004,052,944 | ---- | M] () -- C:\Users\renee\AppData\Local\Google\Chrome\Application\28.0.1500.95\pdf.dll
    MOD - [2013/07/24 18:48:54 | 000,601,552 | ---- | M] () -- C:\Users\renee\AppData\Local\Google\Chrome\Application\28.0.1500.95\libglesv2.dll
    MOD - [2013/07/24 18:48:53 | 000,123,344 | ---- | M] () -- C:\Users\renee\AppData\Local\Google\Chrome\Application\28.0.1500.95\libegl.dll
    MOD - [2013/07/24 18:48:51 | 001,597,392 | ---- | M] () -- C:\Users\renee\AppData\Local\Google\Chrome\Application\28.0.1500.95\ffmpegsumo.dll
    MOD - [2013/06/17 16:30:08 | 001,233,728 | ---- | M] () -- C:\Program Files (x86)\IObit\Advanced SystemCare 6\Scan.dll
    MOD - [2013/01/15 18:48:26 | 000,348,992 | ---- | M] () -- C:\Program Files (x86)\IObit\Advanced SystemCare 6\madexcept_.bpl
    MOD - [2013/01/15 18:48:26 | 000,051,008 | ---- | M] () -- C:\Program Files (x86)\IObit\Advanced SystemCare 6\maddisAsm_.bpl
    MOD - [2013/01/15 18:48:24 | 000,183,616 | ---- | M] () -- C:\Program Files (x86)\IObit\Advanced SystemCare 6\madbasic_.bpl
    MOD - [2013/01/15 18:47:56 | 000,893,248 | ---- | M] () -- C:\Program Files (x86)\IObit\Advanced SystemCare 6\webres.dll
    MOD - [2013/01/15 18:47:50 | 000,517,440 | ---- | M] () -- C:\Program Files (x86)\IObit\Advanced SystemCare 6\sqlite3.dll
    MOD - [2011/03/17 00:11:16 | 004,297,568 | ---- | M] () -- C:\Program Files (x86)\Common Files\microsoft shared\OFFICE14\Cultures\OFFICE.ODF
    MOD - [2010/10/20 15:45:26 | 008,801,120 | ---- | M] () -- C:\Program Files (x86)\Microsoft Office\Office14\1033\GrooveIntlResource.dll
    MOD - [2010/06/28 16:20:54 | 000,465,576 | ---- | M] () -- C:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\sqlite3.dll
    MOD - [2010/06/09 19:54:22 | 000,206,208 | ---- | M] () -- C:\Windows\PLFSetI.exe
    MOD - [2010/01/31 23:52:12 | 008,347,648 | ---- | M] () -- C:\Program Files (x86)\LeapFrog\LeapFrog Connect\QtGui4.dll
    MOD - [2010/01/31 23:52:12 | 002,244,608 | ---- | M] () -- C:\Program Files (x86)\LeapFrog\LeapFrog Connect\QtCore4.dll
    MOD - [2009/10/01 07:06:15 | 005,409,632 | ---- | M] () -- C:\Program Files (x86)\Lavasoft\Ad-Aware\Resources.dll
    MOD - [2009/05/20 16:02:04 | 000,072,200 | ---- | M] () -- C:\Program Files (x86)\Launch Manager\CdDirIo.dll


    ========== Services (SafeList) ==========

    SRV:64bit: - [2013/06/20 20:33:08 | 000,366,600 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- c:\Program Files\Microsoft Security Client\NisSrv.exe -- (NisSrv)
    SRV:64bit: - [2013/06/20 20:33:08 | 000,023,808 | ---- | M] (Microsoft Corporation) [Auto | Running] -- c:\Program Files\Microsoft Security Client\MsMpEng.exe -- (MsMpSvc)
    SRV:64bit: - [2013/05/26 23:50:47 | 001,011,712 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
    SRV:64bit: - [2010/06/11 15:27:26 | 000,868,896 | ---- | M] (Acer Incorporated) [Auto | Running] -- C:\Program Files\Acer\Acer ePower Management\ePowerSvc.exe -- (ePowerSvc)
    SRV:64bit: - [2010/04/27 00:49:36 | 000,202,752 | ---- | M] (AMD) [Auto | Running] -- C:\Windows\SysNative\atiesrxx.exe -- (AMD External Events Utility)
    SRV:64bit: - [2010/01/28 17:27:36 | 000,243,232 | ---- | M] (Acer Group) [Auto | Running] -- C:\Program Files\Acer\Acer Updater\UpdaterService.exe -- (Updater Service)
    SRV - [2013/08/08 19:33:48 | 000,807,800 | ---- | M] (Spigot, Inc.) [Auto | Running] -- C:\Program Files (x86)\Application Updater\ApplicationUpdater.exe -- (Application Updater)
    SRV - [2013/08/05 16:33:40 | 002,229,072 | ---- | M] (Secure Speed Dial) [Auto | Stopped] -- C:\Program Files (x86)\Secure Speed Dial\IE\SecureUpdate.exe -- (SecureUpdateSvc)
    SRV - [2013/07/05 07:37:56 | 000,117,144 | ---- | M] (Mozilla Foundation) [On_Demand | Stopped] -- C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance)
    SRV - [2013/06/21 09:53:36 | 000,162,408 | R--- | M] (Skype Technologies) [Auto | Stopped] -- C:\Program Files (x86)\Skype\Updater\Updater.exe -- (SkypeUpdate)
    SRV - [2013/06/11 17:25:31 | 000,256,904 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)
    SRV - [2013/04/25 16:54:10 | 000,335,168 | ---- | M] (IObit) [Auto | Running] -- C:\Program Files (x86)\IObit\IObit Malware Fighter\IMFsrv.exe -- (IMFservice)
    SRV - [2013/04/18 16:58:08 | 000,574,272 | ---- | M] (IObit) [Auto | Running] -- C:\Program Files (x86)\IObit\Advanced SystemCare 6\ASCService.exe -- (AdvancedSystemCareService6)
    SRV - [2012/03/01 12:08:40 | 000,008,192 | ---- | M] () [Auto | Stopped] -- C:\Windows\SysWOW64\srvany.exe -- (KMService)
    SRV - [2011/11/14 00:27:20 | 000,354,416 | ---- | M] (VMware, Inc.) [Auto | Running] -- C:\Windows\SysWOW64\vmnetdhcp.exe -- (VMnetDHCP)
    SRV - [2011/11/14 00:27:18 | 000,433,264 | ---- | M] (VMware, Inc.) [Auto | Running] -- C:\Windows\SysWOW64\vmnat.exe -- (VMware NAT Service)
    SRV - [2011/11/13 23:55:18 | 011,839,488 | ---- | M] () [Auto | Running] -- C:\Program Files (x86)\VMware\VMware Workstation\vmware-hostd.exe -- (VMwareHostd)
    SRV - [2011/11/13 22:49:40 | 000,079,872 | ---- | M] (VMware, Inc.) [Auto | Running] -- C:\Program Files (x86)\VMware\VMware Workstation\vmware-authd.exe -- (VMAuthdService)
    SRV - [2011/08/29 23:11:04 | 000,846,448 | ---- | M] (VMware, Inc.) [Auto | Running] -- C:\Program Files (x86)\Common Files\VMware\USB\vmware-usbarbitrator64.exe -- (VMUSBArbService)
    SRV - [2010/11/19 14:29:00 | 004,916,568 | ---- | M] (LeapFrog Enterprises, Inc.) [Auto | Running] -- C:\Program Files (x86)\LeapFrog\LeapFrog Connect\CommandService.exe -- (LeapFrog Connect Device Service)
    SRV - [2010/08/10 19:06:16 | 000,321,104 | ---- | M] (Dritek System Inc.) [Auto | Running] -- C:\Program Files (x86)\Launch Manager\dsiwmis.exe -- (DsiWMIService)
    SRV - [2010/06/28 16:23:06 | 000,255,744 | ---- | M] (NewTech Infosystems, Inc.) [Auto | Running] -- C:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\IScheduleSvc.exe -- (NTI IScheduleSvc)
    SRV - [2010/06/01 16:31:28 | 002,804,568 | ---- | M] (Symantec Corporation) [Auto | Running] -- C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuAgent.exe -- (NOBU)
    SRV - [2010/05/26 20:41:06 | 000,305,520 | ---- | M] (Egis Technology Inc.) [On_Demand | Stopped] -- C:\Program Files (x86)\EgisTec MyWinLocker\x86\MWLService.exe -- (MWLService)
    SRV - [2010/03/18 14:16:28 | 000,130,384 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32)
    SRV - [2010/01/08 07:21:22 | 000,023,584 | ---- | M] (Acer Incorporated) [Auto | Running] -- C:\Program Files (x86)\Acer\Registration\GREGsvc.exe -- (GREGService)
    SRV - [2009/09/24 05:17:32 | 001,169,232 | ---- | M] (Lavasoft) [Auto | Running] -- C:\Program Files (x86)\Lavasoft\Ad-Aware\AAWService.exe -- (Lavasoft Ad-Aware Service)
    SRV - [2009/06/10 15:23:09 | 000,066,384 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32)


    ========== Driver Services (SafeList) ==========

    DRV:64bit: - [2013/06/18 21:50:08 | 000,139,616 | ---- | M] (Microsoft Corporation) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\NisDrvWFP.sys -- (NisDrv)
    DRV:64bit: - [2013/05/01 22:23:50 | 000,203,672 | ---- | M] (DEVGURU Co., LTD.(DEVGURU :: DEVGURU)) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ssudserd.sys -- (ssudserd)
    DRV:64bit: - [2013/05/01 22:23:50 | 000,203,672 | ---- | M] (DEVGURU Co., LTD.(DEVGURU :: DEVGURU)) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ssudmdm.sys -- (ssudmdm)
    DRV:64bit: - [2013/05/01 22:23:50 | 000,103,064 | ---- | M] (DEVGURU Co., LTD.(DEVGURU :: DEVGURU)) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ssudbus.sys -- (dg_ssudbus)
    DRV:64bit: - [2012/12/13 13:50:36 | 000,054,784 | ---- | M] (Apple, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\usbaapl64.sys -- (USBAAPL64)
    DRV:64bit: - [2012/08/23 08:10:20 | 000,019,456 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\rdpvideominiport.sys -- (RdpVideoMiniport)
    DRV:64bit: - [2012/08/23 08:07:35 | 000,057,856 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbFlt.sys -- (TsUsbFlt)
    DRV:64bit: - [2012/08/21 14:01:20 | 000,033,240 | ---- | M] (GEAR Software Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\GEARAspiWDM.sys -- (GEARAspiWDM)
    DRV:64bit: - [2012/08/17 06:59:00 | 000,035,112 | ---- | M] (TeamViewer GmbH) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\teamviewervpn.sys -- (teamviewervpn)
    DRV:64bit: - [2012/03/01 00:46:16 | 000,023,408 | ---- | M] (Microsoft Corporation) [Recognizer | Boot | Unknown] -- C:\Windows\SysNative\drivers\fs_rec.sys -- (Fs_Rec)
    DRV:64bit: - [2011/11/14 00:28:16 | 000,063,088 | ---- | M] (VMware, Inc.) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\vmx86.sys -- (vmx86)
    DRV:64bit: - [2011/11/14 00:26:30 | 000,030,320 | ---- | M] (VMware, Inc.) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\vmnetuserif.sys -- (VMnetuserif)
    DRV:64bit: - [2011/11/13 22:33:56 | 000,045,680 | ---- | M] (VMware, Inc.) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\vmnetbridge.sys -- (VMnetBridge)
    DRV:64bit: - [2011/11/13 22:33:56 | 000,020,080 | ---- | M] (VMware, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\vmnetadapter.sys -- (VMnetAdapter)
    DRV:64bit: - [2011/08/29 23:11:04 | 000,039,024 | ---- | M] (VMware, Inc.) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\hcmon.sys -- (hcmon)
    DRV:64bit: - [2011/08/08 15:59:12 | 000,116,336 | ---- | M] (VMware, Inc.) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\vmci.sys -- (vmci)
    DRV:64bit: - [2011/03/11 00:41:12 | 000,107,904 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata)
    DRV:64bit: - [2011/03/11 00:41:12 | 000,027,008 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata)
    DRV:64bit: - [2010/11/20 07:33:35 | 000,078,720 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD)
    DRV:64bit: - [2010/07/29 00:25:10 | 000,029,720 | ---- | M] (Initio Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ivusb.sys -- (ivusb)
    DRV:64bit: - [2010/06/10 14:57:20 | 000,040,448 | ---- | M] (Alcor Micro, Corp.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\AmUStor.sys -- (AmUStor)
    DRV:64bit: - [2010/06/08 05:36:18 | 000,406,056 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\k57nd60a.sys -- (k57nd60a)
    DRV:64bit: - [2010/05/11 20:11:38 | 002,229,608 | ---- | M] (Atheros Communications, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\athrx.sys -- (athr)
    DRV:64bit: - [2010/04/28 16:21:38 | 000,018,432 | ---- | M] (NTI Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\NTIDrvr.sys -- (NTIDrvr)
    DRV:64bit: - [2010/04/28 16:21:38 | 000,017,408 | ---- | M] (NTI Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\UBHelper.sys -- (UBHelper)
    DRV:64bit: - [2010/04/27 06:56:34 | 006,659,072 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\atikmdag.sys -- (amdkmdag)
    DRV:64bit: - [2010/04/27 00:17:26 | 000,195,584 | ---- | M] (Advanced Micro Devices, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\atikmpag.sys -- (amdkmdap)
    DRV:64bit: - [2010/04/08 06:12:02 | 000,124,944 | ---- | M] (ATI Technologies, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\AtiHdmi.sys -- (AtiHdmiService)
    DRV:64bit: - [2009/12/22 03:26:36 | 000,038,456 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\usbfilter.sys -- (usbfilter)
    DRV:64bit: - [2009/09/23 06:55:23 | 000,069,152 | ---- | M] (Lavasoft AB) [File_System | Boot | Running] -- C:\Windows\SysNative\drivers\Lbd.sys -- (Lbd)
    DRV:64bit: - [2009/09/17 22:12:06 | 000,292,912 | ---- | M] (Synaptics Incorporated) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\SynTP.sys -- (SynTP)
    DRV:64bit: - [2009/08/23 19:55:32 | 000,016,440 | ---- | M] (Advanced Micro Devices Inc.) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\AtiPcie.sys -- (AtiPcie)
    DRV:64bit: - [2009/07/13 19:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs)
    DRV:64bit: - [2009/07/13 19:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2)
    DRV:64bit: - [2009/07/13 19:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor)
    DRV:64bit: - [2009/07/13 18:39:20 | 000,023,040 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\WSDPrint.sys -- (WSDPrintDevice)
    DRV:64bit: - [2009/07/13 18:35:32 | 000,012,288 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\serscan.sys -- (StillCam)
    DRV:64bit: - [2009/06/19 20:09:57 | 000,054,272 | ---- | M] (Atheros Communications, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\L1E62x64.sys -- (L1E)
    DRV:64bit: - [2009/06/10 14:37:05 | 006,108,416 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\igdkmd64.sys -- (igfx)
    DRV:64bit: - [2009/06/10 14:34:38 | 001,311,232 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\BCMWL664.SYS -- (BCM43XX)
    DRV:64bit: - [2009/06/10 14:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv)
    DRV:64bit: - [2009/06/10 14:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv)
    DRV:64bit: - [2009/06/10 14:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a)
    DRV:64bit: - [2009/06/10 14:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir)
    DRV:64bit: - [2009/06/02 20:15:30 | 000,060,464 | ---- | M] (Egis Technology Inc.) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\mwlPSDVDisk.sys -- (mwlPSDVDisk)
    DRV:64bit: - [2009/06/02 20:15:30 | 000,022,576 | ---- | M] (Egis Technology Inc.) [File_System | System | Running] -- C:\Windows\SysNative\drivers\mwlPSDFilter.sys -- (mwlPSDFilter)
    DRV:64bit: - [2009/06/02 20:15:30 | 000,020,016 | ---- | M] (Egis Technology Inc.) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\mwlPSDNserv.sys -- (mwlPSDNServ)
    DRV:64bit: - [2009/02/24 19:35:44 | 000,255,552 | ---- | M] (MagicISO, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\mcdbus.sys -- (mcdbus)
    DRV:64bit: - [2006/12/13 18:14:14 | 000,065,024 | ---- | M] (Aladdin Knowledge Systems Ltd.) [File_System | Auto | Running] -- C:\Windows\SysNative\drivers\aksdf.sys -- (aksdf)
    DRV:64bit: - [2006/12/04 10:44:14 | 000,314,368 | ---- | M] (Aladdin Knowledge Systems Ltd.) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\hardlock.sys -- (Hardlock)
    DRV:64bit: - [2006/12/04 10:44:14 | 000,090,240 | ---- | M] (Aladdin Knowledge Systems Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\akshasp.sys -- (akshasp)
    DRV:64bit: - [2006/12/04 10:44:14 | 000,018,688 | ---- | M] (Aladdin Knowledge Systems Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\aksusb.sys -- (aksusb)
    DRV - [2013/03/26 19:34:08 | 000,023,016 | ---- | M] (IObit.com) [Kernel | On_Demand | Running] -- C:\Program Files (x86)\IObit\IObit Malware Fighter\Drivers\win7_amd64\UrlFilter.sys -- (UrlFilter)
    DRV - [2013/03/26 19:33:52 | 000,034,336 | ---- | M] (IObit.com) [Kernel | On_Demand | Running] -- C:\Program Files (x86)\IObit\IObit Malware Fighter\Drivers\win7_amd64\RegFilter.sys -- (RegFilter)
    DRV - [2013/03/23 15:48:46 | 000,023,048 | ---- | M] (IObit) [File_System | On_Demand | Running] -- C:\Program Files (x86)\IObit\IObit Malware Fighter\Drivers\win7_amd64\FileMonitor.sys -- (FileMonitor)
    DRV - [2009/07/13 19:19:10 | 000,019,008 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\wimmount.sys -- (WIMMount)
    DRV - [2009/02/24 19:35:44 | 000,255,552 | ---- | M] (MagicISO, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysWOW64\drivers\mcdbus.sys -- (mcdbus)


    ========== Standard Registry (SafeList) ==========


    ========== Internet Explorer ==========

    IE:64bit: - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
    IE:64bit: - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&form=AARTDF&pc=MAAR&src=IE-SearchBox
    IE - HKLM\..\SearchScopes,DefaultScope = {afdbddaa-5d3f-42ee-b79c-185a7020515b}
    IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&form=AARTDF&pc=MAAR&src=IE-SearchBox
    IE - HKLM\..\SearchScopes\{CAFC7B3A-C070-41D0-ADBD-4F01C7540170}: "URL" = http://search.conduit.com/ResultsExt.aspx?q={searchTerms}&SearchSource=4&ctid=CT2818425

    IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = MSN.com
    IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = (1) Search
    IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = Yahoo! Search - Web Search
    IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Before = Search
    IE - HKCU\..\URLSearchHook: {03EB0E9C-7A91-4381-A220-9B52B641CDB1} - C:\Program Files (x86)\IObit Apps Toolbar\IE\7.4\iobitappsToolbarIE.dll (Spigot, Inc.)
    IE - HKCU\..\URLSearchHook: {7aeb3efd-e564-43f1-b658-5058a7c5743b} - No CLSID value found
    IE - HKCU\..\URLSearchHook: {88c7f2aa-f93f-432c-8f0e-b7d85967a527} - No CLSID value found
    IE - HKCU\..\SearchScopes,DefaultScope = {CA6211C8-569A-4A6C-A79B-427BED466AE2}
    IE - HKCU\..\SearchScopes\{afdbddaa-5d3f-42ee-b79c-185a7020515b}: "URL" = http://searchou.com/?affil=7&uid=17591bde-f7b3-11e0-a3ff-206a8a1c3d38&q={searchTerms}
    IE - HKCU\..\SearchScopes\{CA6211C8-569A-4A6C-A79B-427BED466AE2}: "URL" = http://search.yahoo.com/search?fr=chr-greentree_ie&ei=utf-8&ilc=12&type=114576&p={searchTerms}
    IE - HKCU\..\SearchScopes\{CAFC7B3A-C070-41D0-ADBD-4F01C7540170}: "URL" = http://search.conduit.com/ResultsExt.aspx?q={searchTerms}&SearchSource=4&ctid=CT2818425
    IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
    IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local

    ========== FireFox ==========

    FF - prefs.js..browser.search.defaultengine: "Privitize VPN"
    FF - prefs.js..browser.search.defaultenginename: "Yahoo"
    FF - prefs.js..browser.search.defaultenginename,S: S", ""
    FF - prefs.js..browser.search.defaultthis.engineName: "vshare.tv Bar Customized Web Search"
    FF - prefs.js..browser.search.defaulturl: "http://search.conduit.com/ResultsExt.aspx?ctid=CT2818425&SearchSource=3&q={searchTerms}"
    FF - prefs.js..browser.search.order.1: "Privitize VPN"
    FF - prefs.js..browser.search.order.1,S: S", ""
    FF - prefs.js..browser.search.param.yahoo-fr: "chr-greentree_ff&ilc=12&type=114576"
    FF - prefs.js..browser.search.selectedEngine: "Yahoo"
    FF - prefs.js..browser.search.selectedEngine,S: S", ""
    FF - prefs.js..browser.startup.homepage: "http://ca.search.yahoo.com?type=114576&fr=spigot-yhp-ff"
    FF - prefs.js..extensions.enabledAddons: ascsurfingprotection%40iobit.com:1.0
    FF - prefs.js..extensions.enabledAddons: speeddial%40instair.net:1.2.2
    FF - prefs.js..extensions.enabledAddons: iobitapps%40mybrowserbar.com:7.4
    FF - prefs.js..extensions.enabledAddons: %7B972ce4c6-7e08-4474-a285-3208198ce6fd%7D:22.0
    FF - prefs.js..keyword.URL: "http://search.yahoo.com/search?fr=greentree_ff1&ei=utf-8&ilc=12&type=114576&p="
    FF - prefs.js..sweetim.toolbar.previous.browser.search.defaultenginename: ""
    FF - prefs.js..sweetim.toolbar.previous.browser.search.selectedEngine: ""
    FF - prefs.js..browser.startup.homepage: ""
    FF - prefs.js..sweetim.toolbar.previous.keyword.URL: ""


    FF:64bit: - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF64_11_7_700_224.dll File not found
    FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
    FF:64bit: - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files\Microsoft Silverlight\5.1.20513.0\npctrl.dll ( Microsoft Corporation)
    FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0: C:\PROGRA~1\MICROS~3\Office14\NPAUTHZ.DLL (Microsoft Corporation)
    FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_7_700_224.dll ()
    FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=: File not found
    FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
    FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.4.1: C:\Windows\SysWOW64\npDeployJava1.dll (Oracle Corporation)
    FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.4.1: C:\Program Files (x86)\Oracle\JavaFX 2.1 Runtime\bin\plugin2\npjp2.dll (Oracle Corporation)
    FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
    FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files (x86)\Microsoft Silverlight\5.1.20513.0\npctrl.dll ( Microsoft Corporation)
    FF - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0: C:\PROGRA~2\MICROS~4\Office14\NPAUTHZ.DLL (Microsoft Corporation)
    FF - HKLM\Software\MozillaPlugins\@microsoft.com/SharePoint,version=14.0: C:\PROGRA~2\MICROS~4\Office14\NPSPWRAP.DLL (Microsoft Corporation)
    FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3502.0922: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
    FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3508.1109: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
    FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3538.0513: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
    FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3555.0308: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
    FF - HKLM\Software\MozillaPlugins\@veetle.com/veetleCorePlugin,version=0.9.18: C:\Program Files (x86)\Veetle\plugins\npVeetle.dll (Veetle Inc)
    FF - HKLM\Software\MozillaPlugins\@veetle.com/veetlePlayerPlugin,version=0.9.18: C:\Program Files (x86)\Veetle\Player\npvlc.dll (Veetle Inc)
    FF - HKLM\Software\MozillaPlugins\@videolan.org/vlc,version=2.0.5: C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
    FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
    FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Users\renee\AppData\Local\Google\Update\1.3.21.153\npGoogleUpdate3.dll (Google Inc.)
    FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Users\renee\AppData\Local\Google\Update\1.3.21.153\npGoogleUpdate3.dll (Google Inc.)

    FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 22.0\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2013/07/05 07:37:07 | 000,000,000 | ---D | M]
    FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 22.0\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2013/07/05 07:37:09 | 000,000,000 | ---D | M]

    [2010/12/25 11:11:23 | 000,000,000 | ---D | M] (No name found) -- C:\Users\renee\AppData\Roaming\Mozilla\Extensions
    [2013/08/09 17:12:27 | 000,000,000 | ---D | M] (No name found) -- C:\Users\renee\AppData\Roaming\Mozilla\Firefox\Profiles\5gc4zd23.default\extensions
    [2011/10/15 12:22:07 | 000,000,000 | ---D | M] (WebSlingPlayer) -- C:\Users\renee\AppData\Roaming\Mozilla\Firefox\Profiles\5gc4zd23.default\extensions\{9EB34849-81D3-4841-939D-666D522B889A}
    [2013/08/09 03:11:31 | 000,000,000 | ---D | M] (Advanced SystemCare Surfing Protection) -- C:\Users\renee\AppData\Roaming\Mozilla\Firefox\Profiles\5gc4zd23.default\extensions\ascsurfingprotection@iobit.com
    [2013/03/19 17:00:37 | 000,000,000 | ---D | M] (MagniPicc) -- C:\Users\renee\AppData\Roaming\Mozilla\Firefox\Profiles\5gc4zd23.default\extensions\q8z6jbhakq@vtfj-zm.edu
    [2013/08/09 03:12:52 | 000,000,000 | ---D | M] (Secure Speed Dial) -- C:\Users\renee\AppData\Roaming\Mozilla\Firefox\Profiles\5gc4zd23.default\extensions\speeddial@instair.net
    [2011/10/05 11:37:28 | 000,000,929 | ---- | M] () -- C:\Users\renee\AppData\Roaming\Mozilla\Firefox\Profiles\5gc4zd23.default\searchplugins\conduit.xml
    [2013/03/19 16:59:56 | 000,002,090 | ---- | M] () -- C:\Users\renee\AppData\Roaming\Mozilla\Firefox\Profiles\5gc4zd23.default\searchplugins\Searchou.xml
    [2013/08/09 17:12:24 | 000,000,904 | ---- | M] () -- C:\Users\renee\AppData\Roaming\Mozilla\Firefox\Profiles\5gc4zd23.default\searchplugins\yahoo.xml
    [2013/07/05 07:37:07 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\Mozilla Firefox\browser\extensions
    [2013/07/05 07:37:57 | 000,000,000 | ---D | M] (Default) -- C:\Program Files (x86)\Mozilla Firefox\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
    [2013/08/09 17:12:27 | 000,000,000 | ---D | M] (IObit Apps Toolbar) -- C:\PROGRAM FILES (X86)\IOBIT APPS TOOLBAR\FF
    [2011/08/31 04:38:58 | 000,082,944 | ---- | M] (vShare.tv ) -- C:\Program Files (x86)\mozilla firefox\plugins\npvsharetvplg.dll

    ========== Chrome ==========

    CHR - default_search_provider: Yahoo! (Enabled)
    CHR - default_search_provider: search_url = http://search.yahoo.com/search?fr=chr-greentree_gc&ei=utf-8&ilc=12&type=114576&p={searchTerms}
    CHR - default_search_provider: suggest_url = http://ff.search.yahoo.com/gossip?output=fxjson&command={searchTerms}
    CHR - homepage: Yahoo! Search - Web Search
    CHR - plugin: Remoting Viewer (Enabled) = internal-remoting-viewer
    CHR - plugin: Native Client (Enabled) = C:\Users\renee\AppData\Local\Google\Chrome\Application\28.0.1500.95\ppGoogleNaClPluginChrome.dll
    CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Users\renee\AppData\Local\Google\Chrome\Application\28.0.1500.95\pdf.dll
    CHR - plugin: Shockwave Flash (Enabled) = C:\Users\renee\AppData\Local\Google\Chrome\Application\28.0.1500.95\gcswf32.dll
    CHR - plugin: Shockwave Flash (Enabled) = C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_2_202_235.dll
    CHR - plugin: vShare.tv plug-in (Enabled) = C:\Users\renee\AppData\Local\Google\Chrome\User Data\Default\Extensions\kpionmjnkbpcdpcflammlgllecmejgjj\1.3_0\chvsharetvplg.dll
    CHR - plugin: vShare.tv plug-in (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\npvsharetvplg.dll
    CHR - plugin: Adobe Acrobat (Enabled) = C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Browser\nppdf32.dll
    CHR - plugin: QuickTime Plug-in 7.7.1 (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin.dll
    CHR - plugin: QuickTime Plug-in 7.7.1 (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin2.dll
    CHR - plugin: QuickTime Plug-in 7.7.1 (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin3.dll
    CHR - plugin: QuickTime Plug-in 7.7.1 (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin4.dll
    CHR - plugin: QuickTime Plug-in 7.7.1 (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin5.dll
    CHR - plugin: QuickTime Plug-in 7.7.1 (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin6.dll
    CHR - plugin: QuickTime Plug-in 7.7.1 (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin7.dll
    CHR - plugin: Microsoft Office 2010 (Enabled) = C:\PROGRA~2\MICROS~4\Office14\NPAUTHZ.DLL
    CHR - plugin: Microsoft Office 2010 (Enabled) = C:\PROGRA~2\MICROS~4\Office14\NPSPWRAP.DLL
    CHR - plugin: Java(TM) Platform SE 7 U4 (Enabled) = C:\Program Files (x86)\Oracle\JavaFX 2.1 Runtime\bin\plugin2\npjp2.dll
    CHR - plugin: Java Deployment Toolkit 7.0.40.255 (Enabled) = C:\Windows\SysWOW64\npDeployJava1.dll
    CHR - plugin: Veetle TV Player (Enabled) = C:\Program Files (x86)\Veetle\Player\npvlc.dll
    CHR - plugin: Veetle TV Core (Enabled) = C:\Program Files (x86)\Veetle\plugins\npVeetle.dll
    CHR - plugin: VLC Web Plugin (Enabled) = C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll
    CHR - plugin: Windows Live\u0099 Photo Gallery (Enabled) = C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll
    CHR - plugin: iTunes Application Detector (Enabled) = C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll
    CHR - plugin: Google Update (Enabled) = C:\Users\renee\AppData\Local\Google\Update\1.3.21.111\npGoogleUpdate3.dll
    CHR - plugin: Silverlight Plug-In (Enabled) = c:\Program Files (x86)\Microsoft Silverlight\4.1.10329.0\npctrl.dll
    CHR - Extension: YouTube = C:\Users\renee\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.6_0\
    CHR - Extension: Google Search = C:\Users\renee\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.20_0\
    CHR - Extension: Complitly plugin for chrome = C:\Users\renee\AppData\Local\Google\Chrome\User Data\Default\Extensions\defdhglnppeioeflggkmglipcecffkhk\1.1_0\
    CHR - Extension: Secure Speed Dial = C:\Users\renee\AppData\Local\Google\Chrome\User Data\Default\Extensions\glmfgahfleepmdfffonfckpmkondpdkg\1.2.6_0\
    CHR - Extension: Improved Search = C:\Users\renee\AppData\Local\Google\Chrome\User Data\Default\Extensions\hahpjplbmicfkmoccokbjejahjjpnena\1.2_0\
    CHR - Extension: Ebay Shopping Assistant by Spigot = C:\Users\renee\AppData\Local\Google\Chrome\User Data\Default\Extensions\hbcennhacfaagdopikcegfcobcadeocj\1.0_0\
    CHR - Extension: Domain Error Assistant = C:\Users\renee\AppData\Local\Google\Chrome\User Data\Default\Extensions\icdlfehblmklkikfigmjhbmmpmkmpooj\1.1_0\
    CHR - Extension: vshare plugin = C:\Users\renee\AppData\Local\Google\Chrome\User Data\Default\Extensions\kpionmjnkbpcdpcflammlgllecmejgjj\1.3_0\
    CHR - Extension: MagniPicc = C:\Users\renee\AppData\Local\Google\Chrome\User Data\Default\Extensions\lbdkcimfcilfhkadopkmlljleejjplke\1\
    CHR - Extension: Slick Savings = C:\Users\renee\AppData\Local\Google\Chrome\User Data\Default\Extensions\mhkaekfpcppmmioggniknbnbdbcigpkk\2.4_0\
    CHR - Extension: Advanced SystemCare Surfing Protection = C:\Users\renee\AppData\Local\Google\Chrome\User Data\Default\Extensions\nfengeggddojhakldhlpjdlddgkkjkdd\1.0.0_0\
    CHR - Extension: Amazon Shopping Assistant by Spigot = C:\Users\renee\AppData\Local\Google\Chrome\User Data\Default\Extensions\pfndaklgolladniicklehhancnlgocpp\1.0_0\
    CHR - Extension: Gmail = C:\Users\renee\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_1\

    O1 HOSTS File: ([2009/06/10 15:00:26 | 000,000,824 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts
    O2:64bit: - BHO: (Complitly) - {D27FC31C-6E3D-4305-8D53-ACDAEFA5F862} - C:\Users\renee\AppData\Roaming\Complitly\64\Complitly64.dll (SimplyGen)
    O2 - BHO: (IObit Apps Toolbar) - {03EB0E9C-7A91-4381-A220-9B52B641CDB1} - C:\Program Files (x86)\IObit Apps Toolbar\IE\7.4\iobitappsToolbarIE.dll (Spigot, Inc.)
    O2 - BHO: (Secure Speed Dial) - {48A789BF-F6D6-4930-9C8B-77855A63EDE1} - C:\Program Files (x86)\Secure Speed Dial\IE\SpeedDial.dll (Secure Speed Dial)
    O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Oracle\JavaFX 2.1 Runtime\bin\ssv.dll (Oracle Corporation)
    O2 - BHO: (MagniPicc) - {77E06197-4C22-BE28-2D38-4F221B84D9F3} - Reg Error: Value error. File not found
    O2 - BHO: (Advanced SystemCare Browser Protection) - {BA0C978D-D909-49B6-AFE2-8BDE245DC7E6} - C:\Program Files (x86)\IObit\Advanced SystemCare 6\BrowerProtect\ASCPlugin_Protection.dll (IObit)
    O2 - BHO: (Complitly) - {D27FC31C-6E3D-4305-8D53-ACDAEFA5F862} - C:\Users\renee\AppData\Roaming\Complitly\Complitly.dll (SimplyGen)
    O2 - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Oracle\JavaFX 2.1 Runtime\bin\jp2ssv.dll (Oracle Corporation)
    O3:64bit: - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
    O3 - HKLM\..\Toolbar: (IObit Apps Toolbar) - {03EB0E9C-7A91-4381-A220-9B52B641CDB1} - C:\Program Files (x86)\IObit Apps Toolbar\IE\7.4\iobitappsToolbarIE.dll (Spigot, Inc.)
    O3 - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
    O4:64bit: - HKLM..\Run: [Acer ePower Management] C:\Program Files\Acer\Acer ePower Management\ePowerTray.exe (Acer Incorporated)
    O4:64bit: - HKLM..\Run: [AmIcoSinglun64] C:\Program Files (x86)\AmIcoSingLun\AmIcoSinglun64.exe (Alcor Micro Corp.)
    O4:64bit: - HKLM..\Run: [MSC] C:\Program Files\Microsoft Security Client\msseces.exe (Microsoft Corporation)
    O4:64bit: - HKLM..\Run: [mwlDaemon] C:\Program Files (x86)\EgisTec MyWinLocker\x86\mwlDaemon.exe (Egis Technology Inc.)
    O4:64bit: - HKLM..\Run: [PLFSetI] C:\Windows\PLFSetI.exe ()
    O4:64bit: - HKLM..\Run: [RtHDVCpl] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe (Realtek Semiconductor)
    O4 - HKLM..\Run: [] File not found
    O4 - HKLM..\Run: [APSDaemon] C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe (Apple Inc.)
    O4 - HKLM..\Run: [BackupManagerTray] C:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\BackupManagerTray.exe (NewTech Infosystems, Inc.)
    O4 - HKLM..\Run: [EgisTecPMMUpdate] C:\Program Files (x86)\EgisTec IPS\PmmUpdate.exe (Egis Technology Inc.)
    O4 - HKLM..\Run: [EgisUpdate] C:\Program Files (x86)\EgisTec IPS\EgisUpdate.exe (Egis Technology Inc.)
    O4 - HKLM..\Run: [IObit Malware Fighter] C:\Program Files (x86)\IObit\IObit Malware Fighter\IMF.exe (IObit)
    O4 - HKLM..\Run: [KiesTrayAgent] C:\Program Files (x86)\Samsung\Kies\KiesTrayAgent.exe (Samsung Electronics Co., Ltd.)
    O4 - HKLM..\Run: [LManager] C:\Program Files (x86)\Launch Manager\LManager.exe (Dritek System Inc.)
    O4 - HKLM..\Run: [Monitor] C:\Program Files (x86)\LeapFrog\LeapFrog Connect\Monitor.exe (LeapFrog Enterprises, Inc.)
    O4 - HKLM..\Run: [SearchSettings] C:\Program Files (x86)\Common Files\Spigot\Search Settings\SearchSettings.exe (Spigot, Inc.)
    O4 - HKLM..\Run: [StartCCC] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe (Advanced Micro Devices, Inc.)
    O4 - HKLM..\Run: [SuiteTray] C:\Program Files (x86)\EgisTec MyWinLockerSuite\x86\SuiteTray.exe (Egis Technology Inc.)
    O4 - HKLM..\Run: [vmware-tray] C:\Program Files (x86)\VMware\VMware Workstation\vmware-tray.exe (VMware, Inc.)
    O4 - HKCU..\Run: [] C:\Program Files (x86)\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe (Samsung)
    O4 - HKCU..\Run: [Advanced SystemCare 6] C:\Program Files (x86)\IObit\Advanced SystemCare 6\ASCTray.exe (IObit)
    O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Infodelivery present
    O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
    O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
    O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: LinkResolveIgnoreLinkInfo = 0
    O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoResolveSearch = 1
    O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 0
    O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
    O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLUA = 0
    O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: PromptOnSecureDesktop = 0
    O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: LinkResolveIgnoreLinkInfo = 0
    O8:64bit: - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~3\Office14\EXCEL.EXE/3000 File not found
    O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~3\Office14\EXCEL.EXE/3000 File not found
    O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000007 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
    O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000011 - C:\Windows\SysNative\vsocklib.dll (VMware, Inc.)
    O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000012 - C:\Windows\SysNative\vsocklib.dll (VMware, Inc.)
    O10 - NameSpace_Catalog5\Catalog_Entries\000000000007 [] - C:\Program Files (x86)\Bonjour\mdnsNSP.dll (Apple Inc.)
    O10 - Protocol_Catalog9\Catalog_Entries\000000000011 - C:\Windows\SysWOW64\vsocklib.dll (VMware, Inc.)
    O10 - Protocol_Catalog9\Catalog_Entries\000000000012 - C:\Windows\SysWOW64\vsocklib.dll (VMware, Inc.)
    O1364bit: - gopher Prefix: missing
    O13 - gopher Prefix: missing
    O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jin...ndows-i586.cab (Java Plug-in 10.4.1)
    O16 - DPF: {CAFEEFAC-0016-0000-0030-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jin...ndows-i586.cab (Reg Error: Value error.)
    O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jin...ndows-i586.cab (Java Plug-in 10.4.1)
    O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 64.59.176.13 192.168.1.1
    O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{04A6C0A4-68A5-4328-B0B8-918A2D243D79}: DhcpNameServer = 64.59.176.13 192.168.1.1
    O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{E3C58709-A991-449E-AC56-516CC0F6043E}: DhcpNameServer = 64.59.176.13 192.168.1.1
    O18:64bit: - Protocol\Handler\livecall - No CLSID value found
    O18:64bit: - Protocol\Handler\ms-help - No CLSID value found
    O18:64bit: - Protocol\Handler\msnim - No CLSID value found
    O18:64bit: - Protocol\Handler\skype4com - No CLSID value found
    O18:64bit: - Protocol\Handler\wlmailhtml - No CLSID value found
    O18:64bit: - Protocol\Handler\wlpg - No CLSID value found
    O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
    O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
    O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
    O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
    O20 - HKLM Winlogon: UserInit - (userinit.exe) - C:\Windows\SysWow64\userinit.exe (Microsoft Corporation)
    O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
    O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
    O32 - HKLM CDRom: AutoRun - 1
    O32 - AutoRun File - [2010/03/21 22:24:09 | 000,000,175 | R--- | M] () - E:\autorun.inf -- [ UDF ]
    O33 - MountPoints2\{f29ec5c6-574c-11e1-8a40-005056c00008}\Shell - "" = AutoRun
    O33 - MountPoints2\{f29ec5c6-574c-11e1-8a40-005056c00008}\Shell\AutoRun\command - "" = E:\setup.exe -- [2010/03/11 21:44:53 | 001,100,664 | R--- | M] (Microsoft Corporation)
    O33 - MountPoints2\{f29ec5c6-574c-11e1-8a40-005056c00008}\Shell\configure\command - "" = E:\setup.exe -- [2010/03/11 21:44:53 | 001,100,664 | R--- | M] (Microsoft Corporation)
    O33 - MountPoints2\{f29ec5c6-574c-11e1-8a40-005056c00008}\Shell\install\command - "" = E:\setup.exe -- [2010/03/11 21:44:53 | 001,100,664 | R--- | M] (Microsoft Corporation)
    O34 - HKLM BootExecute: (autocheck autochk *)
    O34 - HKLM BootExecute: (lsdelete)
    O35:64bit: - HKLM\..comfile [open] -- "%1" %*
    O35:64bit: - HKLM\..exefile [open] -- "%1" %*
    O35 - HKLM\..comfile [open] -- "%1" %*
    O35 - HKLM\..exefile [open] -- "%1" %*
    O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
    O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
    O37 - HKLM\...com [@ = comfile] -- "%1" %*
    O37 - HKLM\...exe [@ = exefile] -- "%1" %*
    O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
    O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
    O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)

    ========== Files/Folders - Created Within 30 Days ==========

    [2013/08/09 18:26:42 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\IObit Malware Fighter
    [2013/08/09 17:12:23 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\IObit Apps Toolbar
    [2013/08/09 17:12:23 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Application Updater
    [2013/08/09 03:12:33 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Secure Speed Dial
    [2013/08/09 03:11:41 | 000,000,000 | ---D | C] -- C:\ProgramData\{CED89F1A-945F-46EC-B23C-5EAF6D2DB12A}
    [2013/08/09 03:11:36 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Spigot
    [2013/08/09 03:11:26 | 000,000,000 | ---D | C] -- C:\ProgramData\{BDDB56DE-AE4E-48A2-B856-FB60C8498453}
    [2013/08/09 03:11:19 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Advanced SystemCare 6
    [2013/08/09 03:08:27 | 000,000,000 | ---D | C] -- C:\ProgramData\IObit
    [2013/08/05 11:06:39 | 000,000,000 | ---D | C] -- C:\Users\Public\Documents\CrashDump
    [2013/08/04 19:18:17 | 000,000,000 | ---D | C] -- C:\Users\renee\Documents\crib pix
    [2013/08/04 18:04:12 | 000,015,360 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\RdpGroupPolicyExtension.dll
    [2013/08/04 18:04:12 | 000,013,312 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\TsUsbRedirectionGroupPolicyExtension.dll
    [2013/08/04 18:04:12 | 000,013,312 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\TsUsbRedirectionGroupPolicyControl.exe
    [2013/08/04 18:04:10 | 000,057,856 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\TsUsbFlt.sys
    [2013/08/04 18:04:10 | 000,019,456 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\rdpvideominiport.sys
    [2013/08/04 18:04:05 | 000,322,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\aaclient.dll
    [2013/08/04 18:04:05 | 000,269,312 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\aaclient.dll
    [2013/08/04 18:04:05 | 000,243,200 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\rdpudd.dll
    [2013/08/04 18:04:05 | 000,192,000 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\rdpendp_winip.dll
    [2013/08/04 18:04:05 | 000,062,976 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\TSWbPrxy.exe
    [2013/08/04 18:04:05 | 000,054,272 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\MsRdpWebAccess.dll
    [2013/08/04 18:04:05 | 000,046,592 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\MsRdpWebAccess.dll
    [2013/08/04 18:04:05 | 000,044,032 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\tsgqec.dll
    [2013/08/04 18:04:05 | 000,043,520 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\TsUsbGDCoInstaller.dll
    [2013/08/04 18:04:05 | 000,037,376 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\tsgqec.dll
    [2013/08/04 18:04:05 | 000,018,432 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wksprtPS.dll
    [2013/08/04 18:04:05 | 000,016,896 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wksprtPS.dll
    [2013/08/04 18:04:04 | 003,174,912 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\rdpcorets.dll
    [2013/08/04 18:04:04 | 001,123,840 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mstsc.exe
    [2013/08/04 18:04:04 | 001,048,064 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mstsc.exe
    [2013/08/04 18:04:04 | 000,384,000 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wksprt.exe
    [2013/08/04 18:04:04 | 000,228,864 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\rdpendp_winip.dll
    [2013/08/04 18:04:02 | 004,916,224 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mstscax.dll
    [2013/08/04 18:04:01 | 005,773,824 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mstscax.dll
    [2013/08/04 18:03:20 | 000,514,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\qdvd.dll
    [2013/08/04 18:03:20 | 000,366,592 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\qdvd.dll
    [2013/08/04 18:03:18 | 001,448,448 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\lsasrv.dll
    [2013/08/04 08:29:53 | 000,000,000 | ---D | C] -- C:\Users\renee\Desktop\crib pix
    [2013/08/03 03:01:02 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\MRT
    [2013/08/02 01:08:55 | 000,035,112 | ---- | C] (TeamViewer GmbH) -- C:\Windows\SysNative\drivers\teamviewervpn.sys
    [2013/08/02 01:08:45 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\TeamViewer
    [2013/07/27 08:05:53 | 001,490,656 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\WdfCoInstaller01007.dll
    [2013/07/27 08:05:53 | 000,708,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\WinUSBCoInstaller.dll
    [2013/07/27 08:05:53 | 000,203,672 | ---- | C] (DEVGURU Co., LTD.(DEVGURU :: DEVGURU)) -- C:\Windows\SysNative\drivers\ssudserd.sys
    [2013/07/27 08:05:52 | 000,203,672 | ---- | C] (DEVGURU Co., LTD.(DEVGURU :: DEVGURU)) -- C:\Windows\SysNative\drivers\ssudmdm.sys
    [2013/07/27 08:05:52 | 000,103,064 | ---- | C] (DEVGURU Co., LTD.(DEVGURU :: DEVGURU)) -- C:\Windows\SysNative\drivers\ssudbus.sys
    [2013/07/27 04:44:13 | 000,000,000 | ---D | C] -- C:\Users\renee\AppData\Roaming\IObit
    [2013/07/27 04:44:12 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\IObit
    [2013/07/20 00:01:08 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype
    [2013/07/20 00:01:08 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Skype
    [2013/07/20 00:01:02 | 000,000,000 | R--D | C] -- C:\Program Files (x86)\Skype
    [2013/07/16 14:05:44 | 000,000,000 | ---D | C] -- C:\Users\renee\AppData\Local\B1E
    [2013/07/16 14:05:37 | 000,000,000 | ---D | C] -- C:\Users\renee\AppData\Roaming\B1Toolbar
    [2013/07/15 22:32:43 | 000,000,000 | ---D | C] -- C:\Users\renee\AppData\Local\{A1BE6986-C576-4109-B3D7-AEA4CAC5DA48}
    [2013/07/15 00:46:01 | 000,000,000 | ---D | C] -- C:\Users\renee\AppData\Local\{496A1CDF-1743-408E-A78A-4C94C0539E63}
    [2013/07/13 03:52:19 | 000,000,000 | ---D | C] -- C:\Users\renee\AppData\Local\{E2929E6E-886C-4CF9-9628-4ABB67AA7180}
    [2013/07/13 03:15:43 | 000,526,336 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieui.dll
    [2013/07/13 03:15:43 | 000,391,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieui.dll
    [2013/07/13 03:15:41 | 000,071,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\RegisterIEPKEYs.exe
    [2013/07/13 03:15:41 | 000,067,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\iesetup.dll
    [2013/07/13 03:15:41 | 000,061,440 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\iesetup.dll
    [2013/07/13 03:15:41 | 000,051,712 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ie4uinit.exe
    [2013/07/13 03:15:41 | 000,039,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\iernonce.dll
    [2013/07/13 03:15:41 | 000,033,280 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\iernonce.dll
    [2013/07/13 03:15:40 | 000,136,704 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\iesysprep.dll
    [2013/07/13 03:15:40 | 000,109,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\iesysprep.dll
    [2013/07/13 03:15:40 | 000,089,600 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\RegisterIEPKEYs.exe
    [2013/07/13 03:15:38 | 000,603,136 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msfeeds.dll
    [2013/07/13 03:15:37 | 000,855,552 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\jscript.dll
    [2013/07/13 03:15:37 | 000,690,688 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\jscript.dll
    [2013/07/13 03:15:36 | 003,958,784 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\jscript9.dll
    [2013/07/12 16:53:15 | 000,624,128 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\qedit.dll
    [2013/07/12 16:53:14 | 000,509,440 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\qedit.dll
    [2013/07/12 16:53:09 | 001,887,744 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\WMVDECOD.DLL
    [2013/07/12 16:53:08 | 001,620,480 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\WMVDECOD.DLL
    [2013/07/12 16:51:22 | 001,643,520 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\DWrite.dll
    [1 C:\Windows\SysWow64\*.tmp files -> C:\Windows\SysWow64\*.tmp -> ]
    [1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]

    ========== Files - Modified Within 30 Days ==========

    [2013/08/09 18:35:00 | 000,000,908 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-2447266277-936606115-3744986921-1000UA.job
    [2013/08/09 18:26:42 | 000,001,177 | ---- | M] () -- C:\Users\Public\Desktop\IObit Malware Fighter.lnk
    [2013/08/09 18:25:00 | 000,000,830 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
    [2013/08/09 18:10:31 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
    [2013/08/09 17:09:23 | 000,017,600 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
    [2013/08/09 17:09:23 | 000,017,600 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
    [2013/08/09 17:03:23 | 000,000,394 | ---- | M] () -- C:\Windows\tasks\Ad-Aware Update (Weekly).job
    [2013/08/09 17:01:30 | 3018,461,184 | -HS- | M] () -- C:\hiberfil.sys
    [2013/08/09 16:35:00 | 000,000,856 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-2447266277-936606115-3744986921-1000Core.job
    [2013/08/09 03:11:19 | 000,001,276 | ---- | M] () -- C:\Users\Public\Desktop\Uninstaller.lnk
    [2013/08/09 03:11:19 | 000,001,225 | ---- | M] () -- C:\Users\Public\Desktop\Advanced SystemCare 6.lnk
    [2013/08/06 15:15:42 | 000,268,968 | ---- | M] () -- C:\Windows\SysWow64\sqlite3.dll
    [2013/08/05 10:06:54 | 000,730,656 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
    [2013/08/05 10:06:54 | 000,631,558 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
    [2013/08/05 10:06:54 | 000,112,236 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
    [2013/08/05 03:59:16 | 000,090,112 | ---- | M] () -- C:\Users\renee\Documents\wallet.dat
    [2013/08/04 22:18:32 | 001,564,701 | ---- | M] () -- C:\Users\renee\Desktop\VPLCX125.pdf
    [2013/08/04 17:56:42 | 000,001,945 | ---- | M] () -- C:\Windows\epplauncher.mif
    [2013/07/31 15:40:08 | 000,002,368 | ---- | M] () -- C:\Users\renee\Desktop\Google Chrome.lnk
    [2013/07/28 00:00:33 | 000,000,000 | -H-- | M] () -- C:\Windows\SysNative\drivers\Msft_Kernel_WinUsb_01007.Wdf
    [2013/07/27 05:23:23 | 000,004,790 | ---- | M] () -- C:\Users\renee\Desktop\m.xspf
    [2013/07/27 04:44:37 | 000,002,048 | ---- | M] () -- C:\Users\renee\Application Data\Microsoft\Internet Explorer\Quick Launch\Mozilla Firefox.lnk
    [2013/07/20 00:01:08 | 000,002,515 | ---- | M] () -- C:\Users\Public\Desktop\Skype.lnk
    [2013/07/16 14:05:45 | 000,000,047 | ---- | M] () -- C:\chid
    [2013/07/13 03:49:22 | 000,416,688 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT
    [1 C:\Windows\SysWow64\*.tmp files -> C:\Windows\SysWow64\*.tmp -> ]
    [1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]

    ========== Files Created - No Company Name ==========

    [2013/08/09 18:26:42 | 000,001,177 | ---- | C] () -- C:\Users\Public\Desktop\IObit Malware Fighter.lnk
    [2013/08/09 03:12:39 | 000,268,968 | ---- | C] () -- C:\Windows\SysWow64\sqlite3.dll
    [2013/08/09 03:11:19 | 000,001,276 | ---- | C] () -- C:\Users\Public\Desktop\Uninstaller.lnk
    [2013/08/09 03:11:19 | 000,001,225 | ---- | C] () -- C:\Users\Public\Desktop\Advanced SystemCare 6.lnk
    [2013/08/08 23:02:26 | 000,000,394 | ---- | C] () -- C:\Windows\tasks\Ad-Aware Update (Weekly).job
    [2013/08/05 03:59:02 | 000,090,112 | ---- | C] () -- C:\Users\renee\Documents\wallet.dat
    [2013/08/04 22:18:11 | 001,564,701 | ---- | C] () -- C:\Users\renee\Desktop\VPLCX125.pdf
    [2013/07/28 00:00:33 | 000,000,000 | -H-- | C] () -- C:\Windows\SysNative\drivers\Msft_Kernel_WinUsb_01007.Wdf
    [2013/07/27 05:23:23 | 000,004,790 | ---- | C] () -- C:\Users\renee\Desktop\m.xspf
    [2013/07/20 00:01:08 | 000,002,515 | ---- | C] () -- C:\Users\Public\Desktop\Skype.lnk
    [2013/07/16 14:05:45 | 000,000,047 | ---- | C] () -- C:\chid
    [2013/04/18 19:07:00 | 000,030,568 | ---- | C] () -- C:\Windows\MusiccityDownload.exe
    [2013/04/18 19:06:46 | 000,974,848 | ---- | C] () -- C:\Windows\SysWow64\cis-2.4.dll
    [2013/04/18 19:06:46 | 000,081,920 | ---- | C] () -- C:\Windows\SysWow64\issacapi_bs-2.3.dll
    [2013/04/18 19:06:46 | 000,065,536 | ---- | C] () -- C:\Windows\SysWow64\issacapi_pe-2.3.dll
    [2013/04/18 19:06:46 | 000,057,344 | ---- | C] () -- C:\Windows\SysWow64\issacapi_se-2.3.dll
    [2013/01/01 10:19:44 | 000,000,016 | ---- | C] () -- C:\Windows\popcinfo.dat
    [2012/03/14 14:47:26 | 000,024,576 | ---- | C] () -- C:\Windows\SysWow64\hdduinst.exe
    [2012/03/14 14:47:25 | 000,153,088 | ---- | C] () -- C:\Windows\SysWow64\UNWISE.EXE
    [2012/03/14 14:46:31 | 000,282,624 | ---- | C] () -- C:\Windows\SysWow64\RayTracer.dll
    [2012/03/14 14:46:31 | 000,106,496 | ---- | C] () -- C:\Windows\SysWow64\MiscFunctions.dll
    [2012/03/14 14:46:31 | 000,065,536 | ---- | C] () -- C:\Windows\SysWow64\CombinePolygons.dll
    [2012/03/14 14:46:31 | 000,028,672 | ---- | C] () -- C:\Windows\SysWow64\VBDataConverter.dll
    [2012/03/14 14:46:31 | 000,015,872 | ---- | C] () -- C:\Windows\SysWow64\Kcdpprm32.dll
    [2012/03/14 14:46:31 | 000,015,872 | ---- | C] () -- C:\Windows\SysWow64\Kcdmath32.dll
    [2012/03/14 14:46:29 | 000,446,464 | ---- | C] () -- C:\Windows\SysWow64\Tx32.dll
    [2012/03/01 12:08:58 | 000,008,192 | ---- | C] () -- C:\Windows\SysWow64\srvany.exe
    [2012/02/24 13:59:22 | 000,002,828 | -HS- | C] () -- C:\Windows\SysWow64\KGyGaAvL.sys
    [2011/11/23 22:30:56 | 000,040,023 | ---- | C] () -- C:\Users\renee\AppData\Roaming\UserTile.png
    [2011/11/11 09:14:48 | 000,739,570 | ---- | C] () -- C:\Windows\SysWow64\PerfStringBackup.INI

    ========== ZeroAccess Check ==========

    [2009/07/13 22:55:00 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini

    [HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64

    [HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]

    [HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] /64

    [HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]

    [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
    "" = C:\Windows\SysNative\shell32.dll -- [2013/02/26 23:52:56 | 014,172,672 | ---- | M] (Microsoft Corporation)
    "ThreadingModel" = Apartment

    [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
    "" = %SystemRoot%\system32\shell32.dll -- [2013/02/26 22:55:05 | 012,872,704 | ---- | M] (Microsoft Corporation)
    "ThreadingModel" = Apartment

    [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] /64
    "" = C:\Windows\SysNative\wbem\fastprox.dll -- [2009/07/13 19:40:51 | 000,909,312 | ---- | M] (Microsoft Corporation)
    "ThreadingModel" = Free

    [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
    "" = %systemroot%\system32\wbem\fastprox.dll -- [2010/11/20 06:19:02 | 000,606,208 | ---- | M] (Microsoft Corporation)
    "ThreadingModel" = Free

    [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] /64
    "" = C:\Windows\SysNative\wbem\wbemess.dll -- [2009/07/13 19:41:56 | 000,505,856 | ---- | M] (Microsoft Corporation)
    "ThreadingModel" = Both

    [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]

    < End of report >

  6. #6
    Member
    Join Date
    Aug 2013
    Posts
    5
    Points
    0

    Default extras

    OTL Extras logfile created on: 8/9/2013 7:05:46 PM - Run 1
    OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\renee\Downloads
    64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
    Internet Explorer (Version = 9.10.9200.16635)
    Locale: 00000409 | Country: Canada | Language: ENC | Date Format: dd/MM/yyyy

    3.75 Gb Total Physical Memory | 1.41 Gb Available Physical Memory | 37.64% Memory free
    7.49 Gb Paging File | 4.94 Gb Available in Paging File | 65.87% Paging File free
    Paging file location(s): ?:\pagefile.sys [binary data]

    %SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
    Drive C: | 583.38 Gb Total Space | 72.71 Gb Free Space | 12.46% Space Free | Partition Type: NTFS
    Drive E: | 731.81 Mb Total Space | 0.00 Mb Free Space | 0.00% Space Free | Partition Type: UDF

    Computer Name: RENEE-PC | User Name: renee | Logged in as Administrator.
    Boot Mode: Normal | Scan Mode: Current user | Include 64bit Scans
    Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

    ========== Extra Registry (SafeList) ==========


    ========== File Associations ==========

    64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
    .html[@ = htmlfile] -- C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation)
    .url[@ = InternetShortcut] -- C:\Windows\SysNative\rundll32.exe (Microsoft Corporation)

    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
    .cpl [@ = cplfile] -- C:\Windows\SysWow64\control.exe (Microsoft Corporation)
    .html [@ = htmlfile] -- C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation)

    [HKEY_CURRENT_USER\SOFTWARE\Classes\<extension>]
    .html [@ = FirefoxHTML] -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation)

    ========== Shell Spawning ==========

    64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
    batfile [open] -- "%1" %*
    cmdfile [open] -- "%1" %*
    comfile [open] -- "%1" %*
    exefile [open] -- "%1" %*
    helpfile [open] -- Reg Error: Key error.
    htmlfile [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
    htmlfile [opennew] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
    http [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
    https [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
    inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
    InternetShortcut [open] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll",OpenURL %l (Microsoft Corporation)
    InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
    piffile [open] -- "%1" %*
    regfile [merge] -- Reg Error: Key error.
    scrfile [config] -- "%1"
    scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
    scrfile [open] -- "%1" /S
    txtfile [edit] -- Reg Error: Key error.
    Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
    Directory [AddToPlaylistVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" (VideoLAN)
    Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
    Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
    Directory [PlayWithVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" (VideoLAN)
    Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
    Folder [explore] -- Reg Error: Value error.
    Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
    Applications\iexplore.exe [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
    CLSID\{871C5380-42A0-1069-A2EA-08002B30309D} [OpenHomePage] -- "C:\Program Files\Internet Explorer\iexplore.exe" (Microsoft Corporation)

    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
    batfile [open] -- "%1" %*
    cmdfile [open] -- "%1" %*
    comfile [open] -- "%1" %*
    cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
    exefile [open] -- "%1" %*
    helpfile [open] -- Reg Error: Key error.
    htmlfile [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
    htmlfile [opennew] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
    http [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
    https [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
    inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
    piffile [open] -- "%1" %*
    regfile [merge] -- Reg Error: Key error.
    scrfile [config] -- "%1"
    scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
    scrfile [open] -- "%1" /S
    txtfile [edit] -- Reg Error: Key error.
    Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
    Directory [AddToPlaylistVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" (VideoLAN)
    Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
    Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
    Directory [PlayWithVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" (VideoLAN)
    Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
    Folder [explore] -- Reg Error: Value error.
    Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
    Applications\iexplore.exe [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
    CLSID\{871C5380-42A0-1069-A2EA-08002B30309D} [OpenHomePage] -- Reg Error: Value error.

    ========== Security Center Settings ==========

    64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
    "cval" = 1

    64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

    64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
    "VistaSp1" = 28 4D B2 76 41 04 CA 01 [binary data]
    "AntiVirusOverride" = 0
    "AntiSpywareOverride" = 0
    "FirewallOverride" = 0

    64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]

    ========== Firewall Settings ==========

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
    "DisableNotifications" = 0
    "EnableFirewall" = 1

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
    "DisableNotifications" = 0
    "EnableFirewall" = 1

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
    "DisableNotifications" = 0
    "EnableFirewall" = 1

    ========== Authorized Applications List ==========


    ========== Vista Active Open Ports Exception List ==========

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
    "{10188CEB-BA43-4E09-81CA-659720744B4D}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe |
    "{14FAB9C6-1BB8-4618-8746-67EAF5B07C8E}" = rport=138 | protocol=17 | dir=out | app=system |
    "{1D7564F9-1638-40C7-A481-737A0B33D28B}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
    "{2A58B04F-6221-481B-AB36-9E5AA6B246B2}" = lport=2869 | protocol=6 | dir=in | name=windows live communications platform (upnp) |
    "{2DA86666-4842-4641-B6ED-35FC982D32D9}" = lport=2869 | protocol=6 | dir=in | app=system |
    "{2E62B999-555F-4143-B240-62D98146FF17}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe |
    "{30AAD36F-2DDD-4FCF-AA52-6CC6071C2439}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe |
    "{39243E9F-E635-4746-878C-00EF56C0A54C}" = lport=10243 | protocol=6 | dir=in | app=system |
    "{3A2629F1-7EB5-4D94-97EE-F5D6382CF4CA}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
    "{44CD13C9-6C6D-44CD-A28E-9399B0BC96FA}" = rport=137 | protocol=17 | dir=out | app=system |
    "{807515CD-1AD1-462F-A37C-B8DEA2179E1E}" = rport=2177 | protocol=17 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
    "{94042E44-20EB-40A6-AB18-DE0A4DF61DAF}" = lport=2177 | protocol=6 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
    "{A875FAEB-01B0-4A4E-A3D0-9FD7313F56F0}" = lport=2177 | protocol=17 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
    "{ABF10D8B-A4F3-48E7-81DB-ED62C42C9410}" = lport=139 | protocol=6 | dir=in | app=system |
    "{B9E374EE-BC6D-4CB6-B0D8-EA3AC2D6479B}" = lport=rpc | protocol=6 | dir=in | svc=spooler | app=%systemroot%\system32\spoolsv.exe |
    "{BAF6CFF3-B857-4EBF-A960-B132D3A7C5E0}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=svchost.exe |
    "{BE0FF9EF-BA07-4606-89FE-407C89C243D9}" = rport=139 | protocol=6 | dir=out | app=system |
    "{C3C8CFAD-A454-4719-8C33-23CF8AA2E976}" = lport=445 | protocol=6 | dir=in | app=system |
    "{CE811C3F-446E-4506-AD91-526C480D43D3}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe |
    "{CEA75ED0-6B7D-492C-9F31-0FADCBFCF618}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | name=@firewallapi.dll,-28539 |
    "{CFD33EC6-1B8F-4B08-BA71-B05F241FA373}" = rport=2177 | protocol=6 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
    "{DB021C0A-D8CF-414A-8649-623E418EEB44}" = lport=2869 | protocol=6 | dir=in | app=system |
    "{DBDEB7E4-B544-488E-8F7E-83188C430E15}" = lport=6004 | protocol=17 | dir=in | app=c:\program files (x86)\microsoft office\office14\outlook.exe |
    "{E9DE68E0-B552-417D-B31F-76904E3E2ABF}" = lport=1900 | protocol=17 | dir=in | name=windows live communications platform (ssdp) |
    "{EDDCC3AF-50B0-4FA9-9567-85B2897BCDF8}" = rport=445 | protocol=6 | dir=out | app=system |
    "{EF0F6FD5-36C1-4CC4-AAB2-77FAAB8D8A06}" = lport=138 | protocol=17 | dir=in | app=system |
    "{F3F8A656-C92F-4598-A399-000DBCA5AE83}" = lport=137 | protocol=17 | dir=in | app=system |
    "{F4087284-5369-42B2-99B5-05CAF6B377B7}" = rport=10243 | protocol=6 | dir=out | app=system |

    ========== Vista Active Application Exception List ==========

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
    "{0AC99839-86C5-4C49-9242-F90579348138}" = protocol=17 | dir=in | app=c:\program files (x86)\java\jre6\bin\java.exe |
    "{0DDEB07F-9467-4B74-BD73-DB32353D9808}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
    "{10D8D85B-FD5B-4B13-9AEF-91EF13DF05C0}" = protocol=17 | dir=in | app=c:\program files (x86)\microsoft office\office14\groove.exe |
    "{1300E10E-F79B-4ACF-8744-267EB01F5E90}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
    "{2DADB1AE-F996-45B0-8D9C-AE6745FBB6B2}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe |
    "{2DBADC49-55C2-45CE-8857-C1A8A9DCD363}" = protocol=6 | dir=in | app=c:\program files (x86)\microsoft office\office14\groove.exe |
    "{2E75FDA5-A0B3-48F0-8C48-E55A2FE53930}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
    "{307878A7-7C44-43B8-9C86-D0B126F92632}" = dir=in | app=c:\program files (x86)\itunes\itunes.exe |
    "{36B8E076-5E43-46AC-9A06-5D5A87FDC9A0}" = protocol=17 | dir=in | app=c:\program files (x86)\bonjour\mdnsresponder.exe |
    "{37EF0C40-DF82-4C89-8B17-2EA42FE9F4EB}" = protocol=6 | dir=in | app=c:\program files (x86)\bonjour\mdnsresponder.exe |
    "{3D27273F-3214-4138-8751-14FAA0DD8CA7}" = protocol=17 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe |
    "{3F0A3746-B1E8-4D67-8773-86F094E2D24E}" = protocol=17 | dir=in | app=c:\program files (x86)\bittorrent\bittorrent.exe |
    "{40A52F21-8D5C-4511-892E-9A9655934D6E}" = protocol=17 | dir=in | app=%programfiles(x86)%\windows media player\wmplayer.exe |
    "{43AD91D4-D452-4FCB-8F93-E9903EA76500}" = dir=in | app=c:\program files (x86)\cyberlink\powerdvd9\powerdvd9.exe |
    "{43DD8759-6DD6-4BCF-9B31-A2C5956EBD86}" = dir=in | app=c:\program files (x86)\windows live\messenger\msnmsgr.exe |
    "{4D290D99-589C-43E5-A1FD-81C08036E151}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
    "{58B4B06D-E567-41E8-8931-82AC69DA75F2}" = dir=in | app=c:\program files (x86)\vmware\vmware workstation\vmware-hostd.exe |
    "{58C8C6E1-05C8-450D-9424-24AB77279D46}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
    "{6340F7BA-EC74-461E-9EFB-1B032D73B00B}" = protocol=17 | dir=in | app=c:\program files (x86)\acspmonitor\asmonitor.exe |
    "{63789575-31C8-4ABD-A96D-34AC500FCF20}" = protocol=17 | dir=in | app=c:\users\renee\downloads\phoenix-2.0.0\phoenix.exe |
    "{648F5C9C-7200-4E38-AD9F-F546C4957D55}" = protocol=17 | dir=in | app=c:\program files (x86)\avg\avg2013\avgmfapx.exe |
    "{67E8204F-7099-4130-9BFD-5C5E20286099}" = protocol=6 | dir=in | app=c:\program files\hp\hp officejet 6500 e710n-z\bin\devicesetup.exe |
    "{6BA98A96-F167-4339-BC2C-8C8840DD2993}" = protocol=58 | dir=out | name=@firewallapi.dll,-28546 |
    "{70FA481E-B3B1-4D4A-8076-D87E9A2096B6}" = protocol=6 | dir=in | app=c:\program files (x86)\bonjour\mdnsresponder.exe |
    "{742FC5D3-C62E-4A87-801E-EA8878B47FC6}" = protocol=17 | dir=in | app=c:\program files (x86)\smartcontrolcenter\sccd.exe |
    "{7C19B99B-53DD-4393-A966-1C50E6A827D0}" = protocol=17 | dir=in | app=c:\program files\hp\hp officejet 6500 e710n-z\bin\hpnetworkcommunicator.exe |
    "{81B1F799-13E7-4A96-90F8-FAC5C2E3FC85}" = protocol=6 | dir=out | app=system |
    "{823AF40C-187F-416A-AEA7-8F5F7D4F4073}" = protocol=6 | dir=in | app=c:\program files (x86)\bittorrent\bittorrent.exe |
    "{84DD0176-ECD2-40C9-97C9-D448F32DEDE4}" = protocol=17 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe |
    "{851BDC94-D40C-4B55-B41D-0377D4E63FC6}" = protocol=6 | dir=in | app=c:\program files\hp\hp officejet 6500 e710n-z\bin\hpnetworkcommunicator.exe |
    "{86133987-39D5-4C6E-8865-E1855CAEDE8B}" = protocol=17 | dir=in | app=c:\program files (x86)\newtech infosystems\nti backup now 5\backupsvc.exe |
    "{8970884B-DBD5-434D-AC90-717EA7635AC8}" = dir=in | app=c:\program files (x86)\windows live\sync\windowslivesync.exe |
    "{8BAAD82F-509E-4EA9-B7F2-D7D86545CFC0}" = protocol=17 | dir=in | app=c:\program files (x86)\bonjour\mdnsresponder.exe |
    "{937E1FC4-1196-4BD6-A962-6B2DB3CD5399}" = protocol=6 | dir=in | app=c:\program files (x86)\java\jre6\bin\java.exe |
    "{98A9251D-1316-4430-B09A-45B51A10ED0C}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
    "{9919B762-9172-4F2D-8F27-7F910F27970F}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
    "{9AE1629A-8B73-47CA-B6F9-04524E69E0A6}" = protocol=6 | dir=in | app=c:\program files (x86)\smartcontrolcenter\sccd.exe |
    "{9CC415DC-779A-46CA-85C6-E745BD84EE9D}" = protocol=6 | dir=in | app=c:\program files (x86)\newtech infosystems\nti backup now 5\backupsvc.exe |
    "{9FEC278A-25D5-4C87-BA9B-6C55F8D6B9C0}" = dir=in | app=c:\program files (x86)\vmware\vmware workstation\vmware-hostd.exe |
    "{AAE3E9E6-7D47-4EA3-9222-93AC4149FEEE}" = protocol=6 | dir=in | app=c:\users\renee\downloads\phoenix-2.0.0\phoenix.exe |
    "{AB2A1E47-509B-45E6-88A1-28779B792A07}" = protocol=6 | dir=in | app=c:\program files\common files\mcafee\mcsvchost\mcsvhost.exe |
    "{AF6D0D6C-4A89-4B35-8BB1-6E1948A5BB72}" = protocol=6 | dir=in | app=c:\program files (x86)\acspmonitor\asmonitor.exe |
    "{AFCE52D4-1A6C-49C8-8E65-E7D285E4B6BA}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
    "{B15812F5-E1C8-48DC-BC09-93A2ABB83CA5}" = protocol=17 | dir=in | app=c:\program files (x86)\newtech infosystems\nti backup now 5\schedulersvc.exe |
    "{B58497ED-2FC9-4681-B568-708880FDAEDB}" = protocol=17 | dir=in | app=c:\program files (x86)\soulseekns\slsk.exe |
    "{B5C0AF20-32EA-4FE3-AACB-0BD795C7538A}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
    "{B6453444-EF21-4A76-8D14-1ACE54E47008}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
    "{B8604801-CC99-4CDC-BF1A-530869F4EDE1}" = protocol=1 | dir=out | name=@firewallapi.dll,-28544 |
    "{BC7B370F-1F16-4517-8C56-CE542773080B}" = protocol=6 | dir=in | app=c:\program files (x86)\avg\avg2013\avgmfapx.exe |
    "{BF829C4D-6DD2-41EB-A7CD-8FA2B16324C3}" = dir=in | app=c:\program files (x86)\leapfrog\leapfrog connect\leapfrogconnect.exe |
    "{C04AFB38-79F5-4124-9CBB-752088527718}" = protocol=6 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
    "{C858D76A-B3D1-40B2-B610-3B98ABFBCD5D}" = protocol=6 | dir=in | app=c:\program files (x86)\soulseekns\slsk.exe |
    "{CF4B0940-24CD-4FCE-89A8-59042C7EDA35}" = protocol=6 | dir=in | app=c:\program files (x86)\newtech infosystems\nti backup now 5\schedulersvc.exe |
    "{D3B3DDBE-FFAF-435D-9967-715C250519C9}" = protocol=17 | dir=in | app=c:\program files\hp\hp officejet 6500 e710n-z\bin\devicesetup.exe |
    "{D9F6B383-7C55-4243-A9AF-E728DC31DCDE}" = protocol=17 | dir=in | app=c:\program files (x86)\microsoft office\office14\onenote.exe |
    "{DC49FA38-0AB7-42DA-91EB-2AEBF0F7F962}" = protocol=6 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe |
    "{E21DE7A7-50EC-4E31-A90F-B6490B63EC36}" = protocol=6 | dir=in | app=c:\program files (x86)\microsoft office\office14\onenote.exe |
    "{EA4A335D-3CE2-4CB9-96B2-3B5E2AC93E45}" = dir=in | app=c:\program files (x86)\common files\apple\apple application support\webkit2webprocess.exe |
    "{EF1B84F0-D634-4727-B34F-979E2B6C316C}" = protocol=58 | dir=in | name=@firewallapi.dll,-28545 |
    "{F30C38DC-7596-4013-B4B8-0F6805A66D4F}" = dir=in | app=c:\program files (x86)\vmware\vmware workstation\vmware-authd.exe |
    "{F795F042-3722-4335-9F87-A907E4E48B48}" = protocol=1 | dir=in | name=@firewallapi.dll,-28543 |
    "{F81F0B79-6A2D-4BA7-A80B-4C60054FB50B}" = dir=in | app=c:\program files (x86)\windows live\contacts\wlcomm.exe |
    "{F9729076-2C43-4407-9AC0-8AEEDFD9FEC4}" = dir=in | app=c:\program files (x86)\vmware\vmware workstation\vmware-authd.exe |
    "{FC019FAC-1E13-4492-BC43-365303CA63E3}" = protocol=6 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe |
    "{FCDD5A3F-ECBE-4529-85A7-C0B0DEB65D46}" = protocol=17 | dir=in | app=c:\program files\common files\mcafee\mcsvchost\mcsvhost.exe |
    "TCP Query User{1063E3B5-9077-4719-938D-B8AD5A1D04B4}C:\users\renee\downloads\phoenix-2.0.0\phoenix.exe" = protocol=6 | dir=in | app=c:\users\renee\downloads\phoenix-2.0.0\phoenix.exe |
    "TCP Query User{8775EB92-E28D-4CCE-8226-F0EE60C16780}C:\program files (x86)\bitcoin\bitcoin-qt.exe" = protocol=6 | dir=in | app=c:\program files (x86)\bitcoin\bitcoin-qt.exe |
    "TCP Query User{9166B413-3D00-4A61-A88C-9615A90AC031}C:\program files (x86)\smartcontrolcenter\sccd.exe" = protocol=6 | dir=in | app=c:\program files (x86)\smartcontrolcenter\sccd.exe |
    "TCP Query User{9B38C231-8034-4295-8582-A7346DC313B3}C:\program files (x86)\mozilla firefox\plugin-container.exe" = protocol=6 | dir=in | app=c:\program files (x86)\mozilla firefox\plugin-container.exe |
    "TCP Query User{B78EDDC2-DF4C-41DA-B38C-2FE543ED1EA2}C:\program files (x86)\bitcoin\bitcoin-qt.exe" = protocol=6 | dir=in | app=c:\program files (x86)\bitcoin\bitcoin-qt.exe |
    "TCP Query User{C4231C99-7D7E-46B3-9842-BE2CB86DD652}C:\program files (x86)\soulseekns\slsk.exe" = protocol=6 | dir=in | app=c:\program files (x86)\soulseekns\slsk.exe |
    "TCP Query User{C6E81A1E-BCA0-493E-8C75-B88A7F7FF299}C:\program files (x86)\mozilla firefox\plugin-container.exe" = protocol=6 | dir=in | app=c:\program files (x86)\mozilla firefox\plugin-container.exe |
    "TCP Query User{E56CC89F-8DC4-49C4-B69E-55318BD4CCD6}C:\program files (x86)\java\jre6\bin\java.exe" = protocol=6 | dir=in | app=c:\program files (x86)\java\jre6\bin\java.exe |
    "UDP Query User{3877E7AB-88BB-4884-B7B7-1C0E25C1AD35}C:\program files (x86)\java\jre6\bin\java.exe" = protocol=17 | dir=in | app=c:\program files (x86)\java\jre6\bin\java.exe |
    "UDP Query User{4038B8BB-A2E1-41F0-A9B9-DC21E39258DF}C:\users\renee\downloads\phoenix-2.0.0\phoenix.exe" = protocol=17 | dir=in | app=c:\users\renee\downloads\phoenix-2.0.0\phoenix.exe |
    "UDP Query User{572C8026-FCAB-46FA-A903-44D73FE76950}C:\program files (x86)\mozilla firefox\plugin-container.exe" = protocol=17 | dir=in | app=c:\program files (x86)\mozilla firefox\plugin-container.exe |
    "UDP Query User{60AC2E1E-E817-4AEF-9ACD-4014DF51024C}C:\program files (x86)\mozilla firefox\plugin-container.exe" = protocol=17 | dir=in | app=c:\program files (x86)\mozilla firefox\plugin-container.exe |
    "UDP Query User{BE14DB21-01E9-46E9-A493-ED06E5ABAEAF}C:\program files (x86)\bitcoin\bitcoin-qt.exe" = protocol=17 | dir=in | app=c:\program files (x86)\bitcoin\bitcoin-qt.exe |
    "UDP Query User{EEE46C83-2ECD-4B14-B6E8-CD14D8B4CD3D}C:\program files (x86)\bitcoin\bitcoin-qt.exe" = protocol=17 | dir=in | app=c:\program files (x86)\bitcoin\bitcoin-qt.exe |
    "UDP Query User{F281CA29-A04B-4E28-9ACC-E1AB6FAC47B5}C:\program files (x86)\soulseekns\slsk.exe" = protocol=17 | dir=in | app=c:\program files (x86)\soulseekns\slsk.exe |
    "UDP Query User{FB817775-F962-4365-BE40-271F78934489}C:\program files (x86)\smartcontrolcenter\sccd.exe" = protocol=17 | dir=in | app=c:\program files (x86)\smartcontrolcenter\sccd.exe |

    ========== HKEY_LOCAL_MACHINE Uninstall List ==========

    64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
    "{027E5FAB-1476-4C59-AAB4-32EF28520399}" = Windows Live Language Selector
    "{1ACC8FFB-9D84-4C05-A4DE-D28A9BC91698}" = Windows Live ID Sign-in Assistant
    "{1F557316-CFC0-41BD-AFF7-8BC49CE444D7}" = Shredder
    "{21B133D6-5979-47F0-BE1C-F6A6B304693F}" = Visual Studio 2010 x64 Redistributables
    "{27726449-83B8-428D-92DE-101346C1E15C}" = Microsoft Security Client
    "{2F72F540-1F60-4266-9506-952B21D6640D}" = Apple Mobile Device Support
    "{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148
    "{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161
    "{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}" = Bonjour
    "{704C0303-D20C-45AF-BD2B-556EAF31BE09}" = iCloud
    "{7FCDABCC-1A1E-4D61-909D-BA9495172774}" = iTunes
    "{8338783A-0968-3B85-AFC7-BAAE0A63DC50}" = Microsoft Visual C++ 2008 Redistributable - KB2467174 - x64 9.0.30729.5570
    "{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
    "{8AD3FA3E-C13D-4C73-87C5-ADD900F77B5C}" = AMD APP SDK Developer
    "{8DF73A13-F54C-4CB3-B4AD-4375A2E8F4F8}" = VmciSockets
    "{90140000-002A-0000-1000-0000000FF1CE}" = Microsoft Office Office 64-bit Components 2010
    "{90140000-002A-0409-1000-0000000FF1CE}" = Microsoft Office Shared 64-bit MUI (English) 2010
    "{90140000-0116-0409-1000-0000000FF1CE}" = Microsoft Office Shared 64-bit Setup Metadata MUI (English) 2010
    "{95120000-00B9-0409-1000-0000000FF1CE}" = Microsoft Application Error Reporting
    "{A0158415-15CA-B2A0-928D-E755DD506C0D}" = ATI Catalyst Install Manager
    "{A84DB02B-9C2B-4272-9D2D-A80E00A56513}" = Broadcom Gigabit NetLink Controller
    "{AD136254-E6F2-EAE8-7E36-9D65E13B0A7E}" = ccc-utility64
    "{ADDF4B84-5D28-4EAE-8511-EF808C8BC81C}" = HP Officejet 6500 E710n-z Basic Device Software
    "{AEB3EABF-143B-45AC-83E3-2DE9B51D60E2}" = AMD APP CPU SDK Runtime
    "{D0795B21-0CDA-4a92-AB9E-6E92D8111E44}" = SAMSUNG USB Driver for Mobile Phones
    "{DA54F80E-261C-41A2-A855-549A144F2F59}" = Windows Live MIME IFilter
    "{F37386D6-4025-4E45-ACAE-08072890A420}" = MagniPic
    "{F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}" = Microsoft .NET Framework 4 Client Profile
    "8F14F2ECEDE68D26EA515B48DC25B39103C4FE8D" = Windows Driver Package - Leapfrog (Leapfrog-USBLAN) Net (09/10/2009 02.03.05.012)
    "MagniPic" =
    "Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
    "Microsoft Security Client" = Microsoft Security Essentials
    "SynTPDeinstKey" = Synaptics Pointing Device Driver
    "WinRAR archiver" = WinRAR 4.01 (64-bit)

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
    "{002D9D5E-29BA-3E6D-9BC4-3D7D6DBC735C}" = Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148
    "{003BFBBD-6C67-419E-A24D-0DCAFC3A5249}" = tools-freebsd
    "{01A1F857-F5C6-0842-333A-FA7806FAF70A}" = CCC Help Danish
    "{038EBE9A-2AD4-9B6D-C7FB-377FF5112C16}" = CCC Help Swedish
    "{08840099-3121-798D-88BB-76C5087890AF}" = CCC Help Czech
    "{0B0F231F-CE6A-483D-AA23-77B364F75917}" = Windows Live Installer
    "{0D7CD0D9-4A88-4A63-8F91-3F4E8F371768}" = MyWinLocker
    "{0D94F75A-0EA6-4951-B3AF-B145FA9E05C6}" = VMware Workstation
    "{1111706F-666A-4037-7777-210328764D10}" = JavaFX 2.1.0
    "{1270EE0A-2E34-4BB1-B0E7-CF8DB6F1FE75}" = IObit Apps Toolbar v7.4
    "{12EFA1A4-AC3B-443C-8143-237EDE760403}" = NTI Backup Now Standard
    "{130E5108-547F-4482-91EE-F45C784E08C7}" = HP Officejet 6500 E710n-z Help
    "{15D967B5-A4BE-42AE-9E84-64CD062B25AA}" = eSobi v2
    "{197597A7-AD33-4898-9D8E-73066818B464}" = tools-netware
    "{19BA08F7-C728-469C-8A35-BFBD3633BE08}" = Windows Live Movie Maker
    "{1A15507A-8551-4626-915D-3D5FA095CC1B}" = Corel Paint Shop Pro X
    "{1D7E84F5-7AA3-CD1F-3EA1-975313E9293A}" = CCC Help Portuguese
    "{1ED4CA4A-2ABA-9302-D7F3-A0597294828B}" = Catalyst Control Center Graphics Light
    "{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
    "{1F6AB0E7-8CDD-4B93-8A23-AA9EB2FEFCE4}" = Junk Mail filter update
    "{200FEC62-3C34-4D60-9CE8-EC372E01C08F}" = Windows Live SOXE Definitions
    "{22037905-EB4C-3427-DD8C-6ABBBE306B0D}" = CCC Help Polish
    "{2413930C-8309-47A6-BC61-5EF27A4222BC}" = NTI Media Maker 8
    "{242D41CA-02F7-4BA4-AE73-28FA08447850}" = SmartControlCenterManager
    "{26A24AE4-039D-4CA4-87B4-2F83216030FF}" = Java(TM) 6 Update 30
    "{26A24AE4-039D-4CA4-87B4-2F83217004FF}" = Java(TM) 7 Update 4
    "{284B8BD0-0046-288F-79E3-160F17D18904}" = CCC Help Spanish
    "{287ECFA4-719A-2143-A09B-D6A12DE54E40}" = Acrobat.com
    "{2A3FC24C-6EC0-4519-A52B-FDA4EA9B2D24}" = Windows Live Messenger
    "{2B33E393-D2DE-E00C-95A2-96AB49FC2DBB}" = CCC Help Norwegian
    "{3336F667-9049-4D46-98B6-4C743EEBC5B1}" = Windows Live Photo Gallery
    "{34F4D9A4-42C2-4348-BEF4-E553C84549E7}" = Windows Live Photo Gallery
    "{37E6B486-08A4-3383-29BB-BD0591BD0E9D}" = Catalyst Control Center Core Implementation
    "{3CB34878-94B2-4308-8BDA-4FB0ECCF0D85}" = AMD APP KernelAnalyzer
    "{3DB0448D-AD82-4923-B305-D001E521A964}" = Acer ePower Management
    "{401F4EB7-FDF4-1B7A-54F6-5EE7CF0C0F8F}" = CCC Help Chinese Standard
    "{40A66DF6-22D3-44B5-A7D3-83B118A2C0DC}" = Norton Online Backup
    "{427DB714-23EF-6CBC-4DD1-015674AF8AB7}" = CCC Help Finnish
    "{4493F494-3E4D-E35C-BF37-1EF22539DCE3}" = CCC Help Korean
    "{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
    "{4E76FF7E-AEBA-4C87-B788-CD47E5425B9D}" = Skype™ 6.6
    "{4FFBB818-B13C-11E0-931D-B2664824019B}_is1" = Complitly
    "{573EC8CA-E2FD-B1F7-4DAB-671AD39888A7}" = CCC Help Japanese
    "{579684A4-DDD5-4CA3-9EA8-7BE7D9593DB4}" = Windows Live UX Platform Language Pack
    "{5869CFDE-54D8-D3F1-A8F5-4FCA8A910BFB}" = Catalyst Control Center Graphics Previews Common
    "{5B5CF192-F4BB-A213-CE03-7C8FB7A5E3E2}" = Catalyst Control Center Graphics Full New
    "{5D09C772-ECB3-442B-9CC6-B4341C78FDC2}" = Apple Application Support
    "{63CE935C-03E3-4EB4-B194-792CB2F91C87}" = SmartControlCenter
    "{679A43C5-1A03-CF8F-B73E-C4A095C2687D}" = CCC Help French
    "{682B3E4F-696A-42DE-A41C-4C07EA1678B4}" = Windows Live SOXE
    "{698BBAD8-B116-495D-B879-0F07A533E57F}" = Samsung Story Album Viewer
    "{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable
    "{72B776E5-4530-4C4B-9453-751DF87D9D93}" = Backup Manager Basic
    "{738BF5C3-AF7B-4BB0-B7EF-E505EFC756BE}" = MyWinLocker Suite
    "{758C8301-2696-4855-AF45-534B1200980A}" = Samsung Kies
    "{7760D94E-B1B5-40A0-9AA0-ABF942108755}" = Acer Crystal Eye Webcam
    "{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}" = Apple Software Update
    "{7ABAC17B-6E41-413F-93BE-B445234EFF19}" = AMD APP Profiler
    "{7B037B61-22B4-C382-DCD9-05DB38D1149D}" = CCC Help Italian
    "{7F811A54-5A09-4579-90E1-C93498E230D9}" = Acer eRecovery Management
    "{81E6A85A-EF55-F1F4-3CBB-BE01F03CE3F3}" = CCC Help Hungarian
    "{83C292B7-38A5-440B-A731-07070E81A64F}" = Windows Live PIMT Platform
    "{86CE85E6-DBAC-3FFD-B977-E4B79F83C909}" = Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570
    "{8D705770-8266-3A59-3AD8-6E666EC4CF77}" = CCC Help Thai
    "{8DD46C6A-0056-4FEC-B70A-28BB16A1F11F}" = MSVCRT
    "{90140000-0011-0000-0000-0000000FF1CE}" = Microsoft Office Professional Plus 2010
    "{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{047B0968-E622-4FAA-9B4B-121FA109EDDE}" = Microsoft Office 2010 Service Pack 1 (SP1)
    "{90140000-0015-0409-0000-0000000FF1CE}" = Microsoft Office Access MUI (English) 2010
    "{90140000-0015-0409-0000-0000000FF1CE}_Office14.PROPLUS_{6BD185A0-E67F-4F77-8BCD-E34EA6AE76DF}" = Microsoft Office 2010 Service Pack 1 (SP1)
    "{90140000-0016-0409-0000-0000000FF1CE}" = Microsoft Office Excel MUI (English) 2010
    "{90140000-0016-0409-0000-0000000FF1CE}_Office14.PROPLUS_{6BD185A0-E67F-4F77-8BCD-E34EA6AE76DF}" = Microsoft Office 2010 Service Pack 1 (SP1)
    "{90140000-0018-0409-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (English) 2010
    "{90140000-0018-0409-0000-0000000FF1CE}_Office14.PROPLUS_{6BD185A0-E67F-4F77-8BCD-E34EA6AE76DF}" = Microsoft Office 2010 Service Pack 1 (SP1)
    "{90140000-0019-0409-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (English) 2010
    "{90140000-0019-0409-0000-0000000FF1CE}_Office14.PROPLUS_{6BD185A0-E67F-4F77-8BCD-E34EA6AE76DF}" = Microsoft Office 2010 Service Pack 1 (SP1)
    "{90140000-001A-0409-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (English) 2010
    "{90140000-001A-0409-0000-0000000FF1CE}_Office14.PROPLUS_{6BD185A0-E67F-4F77-8BCD-E34EA6AE76DF}" = Microsoft Office 2010 Service Pack 1 (SP1)
    "{90140000-001B-0409-0000-0000000FF1CE}" = Microsoft Office Word MUI (English) 2010
    "{90140000-001B-0409-0000-0000000FF1CE}_Office14.PROPLUS_{6BD185A0-E67F-4F77-8BCD-E34EA6AE76DF}" = Microsoft Office 2010 Service Pack 1 (SP1)
    "{90140000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2010
    "{90140000-001F-0409-0000-0000000FF1CE}_Office14.PROPLUS_{99ACCA38-6DD3-48A8-96AE-A283C9759279}" = Microsoft Office 2010 Service Pack 1 (SP1)
    "{90140000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2010
    "{90140000-001F-040C-0000-0000000FF1CE}_Office14.PROPLUS_{46298F6A-1E7E-4D4A-B5F5-106A4F0E48C6}" = Microsoft Office 2010 Service Pack 1 (SP1)
    "{90140000-001F-0C0A-0000-0000000FF1CE}" = Microsoft Office Proof (Spanish) 2010
    "{90140000-001F-0C0A-0000-0000000FF1CE}_Office14.PROPLUS_{DEA87BE2-FFCC-4F33-9946-FCBE55A1E998}" = Microsoft Office 2010 Service Pack 1 (SP1)
    "{90140000-002A-0000-1000-0000000FF1CE}_Office14.PROPLUS_{967EF02C-5C7E-4718-8FCB-BDC050190CCF}" = Microsoft Office 2010 Service Pack 1 (SP1)
    "{90140000-002A-0409-1000-0000000FF1CE}_Office14.PROPLUS_{D6C6B46A-6CE1-4561-84A0-EFD58B8AB979}" = Microsoft Office 2010 Service Pack 1 (SP1)
    "{90140000-002C-0409-0000-0000000FF1CE}" = Microsoft Office Proofing (English) 2010
    "{90140000-002C-0409-0000-0000000FF1CE}_Office14.PROPLUS_{7CA93DF4-8902-449E-A42E-4C5923CFBDE3}" = Microsoft Office 2010 Service Pack 1 (SP1)
    "{90140000-0044-0409-0000-0000000FF1CE}" = Microsoft Office InfoPath MUI (English) 2010
    "{90140000-0044-0409-0000-0000000FF1CE}_Office14.PROPLUS_{6BD185A0-E67F-4F77-8BCD-E34EA6AE76DF}" = Microsoft Office 2010 Service Pack 1 (SP1)
    "{90140000-006E-0409-0000-0000000FF1CE}" = Microsoft Office Shared MUI (English) 2010
    "{90140000-006E-0409-0000-0000000FF1CE}_Office14.PROPLUS_{4560037C-E356-444A-A015-D21F487D809E}" = Microsoft Office 2010 Service Pack 1 (SP1)
    "{90140000-00A1-0409-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (English) 2010
    "{90140000-00A1-0409-0000-0000000FF1CE}_Office14.PROPLUS_{6BD185A0-E67F-4F77-8BCD-E34EA6AE76DF}" = Microsoft Office 2010 Service Pack 1 (SP1)
    "{90140000-00BA-0409-0000-0000000FF1CE}" = Microsoft Office Groove MUI (English) 2010
    "{90140000-00BA-0409-0000-0000000FF1CE}_Office14.PROPLUS_{6BD185A0-E67F-4F77-8BCD-E34EA6AE76DF}" = Microsoft Office 2010 Service Pack 1 (SP1)
    "{90140000-0115-0409-0000-0000000FF1CE}" = Microsoft Office Shared Setup Metadata MUI (English) 2010
    "{90140000-0115-0409-0000-0000000FF1CE}_Office14.PROPLUS_{4560037C-E356-444A-A015-D21F487D809E}" = Microsoft Office 2010 Service Pack 1 (SP1)
    "{90140000-0116-0409-1000-0000000FF1CE}_Office14.PROPLUS_{D6C6B46A-6CE1-4561-84A0-EFD58B8AB979}" = Microsoft Office 2010 Service Pack 1 (SP1)
    "{90140000-0117-0409-0000-0000000FF1CE}" = Microsoft Office Access Setup Metadata MUI (English) 2010
    "{90140000-0117-0409-0000-0000000FF1CE}_Office14.PROPLUS_{6BD185A0-E67F-4F77-8BCD-E34EA6AE76DF}" = Microsoft Office 2010 Service Pack 1 (SP1)
    "{92EA4134-10D1-418A-91E1-5A0453131A38}" = Windows Live Movie Maker
    "{95140000-0070-0000-0000-0000000FF1CE}" = Microsoft Office 2010
    "{987B04C4-B5AC-4AD6-A7E9-8D681085B850}" = AMD USB Filter Driver
    "{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
    "{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
    "{9D56775A-93F3-44A3-8092-840E3826DE30}" = Windows Live Mail
    "{9E0FC21F-1DC1-0B4C-E8E0-74420102C75B}" = CCC Help Chinese Traditional
    "{A479E320-40DB-BDA6-6CEB-A08C9DEDE80C}" = ccc-core-static
    "{A726AE06-AAA3-43D1-87E3-70F510314F04}" = Windows Live Writer
    "{A8516AC9-AAF1-47F9-9766-03E2D4CDBCF8}" = CyberLink PowerDVD 9
    "{A9BDCA6B-3653-467B-AC83-94367DA3BFE3}" = Windows Live Photo Common
    "{AAAFC670-569B-4A2F-82B4-42945E0DE3EF}" = Windows Live Writer
    "{AAF454FC-82CA-4F29-AB31-6A109485E76E}" = Windows Live Writer
    "{AB1C87CB-1807-4CF0-B4C2-CEE14C18CDB4}" = tools-solaris
    "{AC76BA86-7AD7-FFFF-7B44-A91000000001}" = Adobe Reader 9.5.5 MUI
    "{AE0F62A7-A1A2-407F-9F4C-48939BD9AD8D}" = tools-winPre2k
    "{B10914FD-8812-47A4-85A1-50FCDE7F1F33}" = Windows Live Sync
    "{B1B7FDAA-9DC3-2408-18B2-9B4CB8CF0F80}" = CCC Help German
    "{B67BAFBA-4C9F-48FA-9496-933E3B255044}" = QuickTime
    "{BB77DC4C-B818-4FD4-8D1D-5D3B617B78B4}" = LeapFrog My Pals Plugin
    "{BCFDADA0-04B1-6335-6362-BB854A216C23}" = CCC Help Russian
    "{C214A856-F569-0065-714F-8D2A4A092C6C}" = CCC Help Turkish
    "{C2695E83-CF1D-43D1-84FE-B3BEC561012A}" = Shredder
    "{C6359569-E03E-4CDC-98E8-CDD080C6EEB5}" = LeapFrog Connect
    "{C66824E4-CBB3-4851-BB3F-E8CFD6350923}" = Windows Live Mail
    "{C9413C02-2978-BC8B-D67C-6FF88ADBD1A3}" = CCC Help English
    "{CE95A79E-E4FC-4FFF-8A75-29F04B942FF2}" = Windows Live UX Platform
    "{CFF46F99-0F89-4D7B-9625-226E6779C8B3}" = AMD APP SDK Samples
    "{D0485C2A-6BED-4E6A-8517-A1ED3F990AB2}" = Catalyst Control Center Graphics Full Existing
    "{D0B44725-3666-492D-BEF6-587A14BD9BD9}" = MSVCRT_amd64
    "{D102611A-6466-4101-A51D-51069303AC65}" = tools-linux
    "{D436F577-1695-4D2F-8B44-AC76C99E0002}" = Windows Live Photo Common
    "{D45240D3-B6B3-4FF9-B243-54ECE3E10066}" = Windows Live Communications Platform
    "{D78667E4-E8EB-2B30-5029-29B9C3367B85}" = CCC Help Dutch
    "{DB17E288-610C-45DC-E160-E7EB09A1FA88}" = Catalyst Control Center Localization All
    "{DD89CE29-BC88-40C6-A845-E2548682C5D6}" = Alcor Micro USB Card Reader
    "{DDC8BDEE-DCAC-404D-8257-3E8D4B782467}" = Windows Live Writer Resources
    "{DED53B0B-B67C-4244-AE6A-D6FD3C28D1EF}" = Ad-Aware
    "{E09C4DB7-630C-4F06-A631-8EA7239923AF}" = D3DX10
    "{E45E3860-CDA5-93DF-8DAA-9AC4E556BF11}" = CCC Help Greek
    "{E5B21F11-6933-4E0B-A25C-7963E3C07D11}" = Windows Live Messenger
    "{EB03EF39-C655-D560-FA95-79182B837D64}" =
    "{EE171732-BEB4-4576-887D-CB62727F01CA}" = Acer Updater
    "{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}" = Microsoft SQL Server 2005 Compact Edition [ENU]
    "{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}" = Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219
    "{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
    "{F623B2D2-9070-FF31-F47A-287802544F71}" = Catalyst Control Center InstallProxy
    "{FC635D8E-FFBA-4B2C-BE68-A37D56BDFB74}" = Catalyst Control Center - Branding
    "{FE044230-9CA5-43F7-9B58-5AC5A28A1F33}" = Windows Live Essentials
    "{FE23D063-934D-4829-A0D8-00634CE79B4A}" = Adobe AIR
    "{FFD9383C-01D5-4897-A954-43AF599AED30}" = tools-windows
    "Acer Registration" = Acer Registration
    "Acer Screensaver" = Acer ScreenSaver
    "Acer Welcome Center" = Welcome Center
    "Ad-Aware" = Ad-Aware
    "Adobe AIR" = Adobe AIR
    "Adobe Flash Player ActiveX" = Adobe Flash Player 11 ActiveX
    "Adobe Flash Player Plugin" = Adobe Flash Player 11 Plugin
    "Advanced SystemCare 6_is1" = Advanced SystemCare 6
    "BitTorrent" = BitTorrent
    "HASP Device Drivers" = HASP Device Drivers
    "Identity Card" = Identity Card
    "ImgBurn" = ImgBurn
    "InstallShield_{12EFA1A4-AC3B-443C-8143-237EDE760403}" = NTI Backup Now 5
    "InstallShield_{15D967B5-A4BE-42AE-9E84-64CD062B25AA}" = eSobi v2
    "InstallShield_{2413930C-8309-47A6-BC61-5EF27A4222BC}" = NTI Media Maker 8
    "InstallShield_{698BBAD8-B116-495D-B879-0F07A533E57F}" = Samsung Story Album Viewer
    "InstallShield_{72B776E5-4530-4C4B-9453-751DF87D9D93}" = Acer Backup Manager
    "InstallShield_{738BF5C3-AF7B-4BB0-B7EF-E505EFC756BE}" = MyWinLocker Suite
    "InstallShield_{758C8301-2696-4855-AF45-534B1200980A}" = Samsung Kies
    "InstallShield_{A8516AC9-AAF1-47F9-9766-03E2D4CDBCF8}" = CyberLink PowerDVD 9
    "InstallShield_{DD89CE29-BC88-40C6-A845-E2548682C5D6}" = Alcor Micro USB Card Reader
    "IObit Malware Fighter_is1" = IObit Malware Fighter
    "KCDw Cabinetmakers Software" = KCDw Cabinetmakers Software
    "LManager" = Launch Manager
    "Magic ISO Maker v5.5 (build 0281)" = Magic ISO Maker v5.5 (build 0281)
    "MagicDisc 2.7.106" = MagicDisc 2.7.106
    "Mozilla Firefox 22.0 (x86 en-US)" = Mozilla Firefox 22.0 (x86 en-US)
    "MozillaMaintenanceService" = Mozilla Maintenance Service
    "MyPalsPlugin" = Use the entry named LeapFrog Connect to uninstall (LeapFrog My Pals Plugin)
    "Office14.PROPLUS" = Microsoft Office Professional Plus 2010
    "Secure Speed Dial_is1" = Secure Speed Dial
    "Some PDF Images Extract_is1" = Some PDF Images Extract 2.0
    "SP_008a99b9" =
    "UPCShell" = LeapFrog Connect
    "Veetle TV" = Veetle TV 0.9.18
    "VLC media player" = VLC media player 2.0.5
    "VMware_Workstation" = VMware Workstation
    "vShare.tv plugin" = vShare.tv plugin 1.3
    "WinLiveSuite" = Windows Live Essentials

    ========== HKEY_CURRENT_USER Uninstall List ==========

    [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
    "Bitcoin" = Bitcoin
    "Google Chrome" = Google Chrome

    ========== Last 20 Event Log Errors ==========

    [ Application Events ]
    Error - 8/6/2013 2:21:05 AM | Computer Name = renee-PC | Source = Bonjour Service | ID = 100
    Description = Task Scheduling Error: Continuously busy for more than a second

    Error - 8/6/2013 2:21:05 AM | Computer Name = renee-PC | Source = Bonjour Service | ID = 100
    Description = Task Scheduling Error: m->NextScheduledEvent 2793

    Error - 8/6/2013 2:21:05 AM | Computer Name = renee-PC | Source = Bonjour Service | ID = 100
    Description = Task Scheduling Error: m->NextScheduledSPRetry 2793

    Error - 8/6/2013 2:21:07 AM | Computer Name = renee-PC | Source = Bonjour Service | ID = 100
    Description = Task Scheduling Error: Continuously busy for more than a second

    Error - 8/6/2013 2:21:07 AM | Computer Name = renee-PC | Source = Bonjour Service | ID = 100
    Description = Task Scheduling Error: m->NextScheduledEvent 3885

    Error - 8/6/2013 2:21:07 AM | Computer Name = renee-PC | Source = Bonjour Service | ID = 100
    Description = Task Scheduling Error: m->NextScheduledSPRetry 3885

    Error - 8/6/2013 5:14:23 AM | Computer Name = renee-PC | Source = Application Error | ID = 1000
    Description = Faulting application name: Explorer.EXE, version: 6.1.7601.17567,
    time stamp: 0x4d672ee4 Faulting module name: werconcpl.dll, version: 6.1.7601.17514,
    time stamp: 0x4ce7c9fb Exception code: 0xc0000006 Fault offset: 0x000000000000d529
    Faulting
    process id: 0xe28 Faulting application start time: 0x01ce9284686324e0 Faulting application
    path: C:\Windows\Explorer.EXE Faulting module path: C:\Windows\System32\werconcpl.dll
    Report
    Id: 9526dd82-fe78-11e2-a16c-005056c00008

    Error - 8/6/2013 5:15:13 AM | Computer Name = renee-PC | Source = Application Error | ID = 1005
    Description = Windows cannot access the file C:\Windows\System32\werconcpl.dll for
    one of the following reasons: there is a problem with the network connection, the
    disk that the file is stored on, or the storage drivers installed on this computer;
    or the disk is missing. Windows closed the program Windows Explorer because of this
    error. Program: Windows Explorer File: C:\Windows\System32\werconcpl.dll The error
    value is listed in the Additional Data section. User Action 1. Open the file again.
    This
    situation might be a temporary problem that corrects itself when the program runs
    again. 2. If the file still cannot be accessed and - It is on the network, your network
    administrator should verify that there is not a problem with the network and that
    the server can be contacted. - It is on a removable disk, for example, a floppy
    disk or CD-ROM, verify that the disk is fully inserted into the computer. 3. Check
    and repair the file system by running CHKDSK. To run CHKDSK, click Start, click
    Run, type CMD, and then click OK. At the command prompt, type CHKDSK /F, and then
    press ENTER. 4. If the problem persists, restore the file from a backup copy. 5.
    Determine whether other files on the same disk can be opened. If not, the disk might
    be damaged. If it is a hard disk, contact your administrator or computer hardware
    vendor for further assistance. Additional Data Error value: C0000185 Disk type: 3

    Error - 8/7/2013 1:41:07 AM | Computer Name = renee-PC | Source = Microsoft-Windows-CAPI2 | ID = 512
    Description = The Cryptographic Services service failed to initialize the VSS backup
    "System Writer" object. Details: Could not query the status of the EventSystem service.

    System
    Error: A system shutdown is in progress. .

    Error - 8/7/2013 2:20:34 AM | Computer Name = renee-PC | Source = Windows Backup | ID = 4104
    Description =

    [ System Events ]
    Error - 8/9/2013 5:25:02 AM | Computer Name = renee-PC | Source = WMPNetworkSvc | ID = 866306
    Description =

    Error - 8/9/2013 5:42:21 AM | Computer Name = renee-PC | Source = Service Control Manager | ID = 7034
    Description = The SecureUpdate service terminated unexpectedly. It has done this
    1 time(s).

    Error - 8/9/2013 7:01:46 PM | Computer Name = renee-PC | Source = EventLog | ID = 6008
    Description = The previous system shutdown at 4:53:52 PM on ?09/?08/?2013 was unexpected.

    Error - 8/9/2013 7:01:21 PM | Computer Name = renee-PC | Source = volmgr | ID = 262190
    Description = Crash dump initialization failed!

    Error - 8/9/2013 7:01:21 PM | Computer Name = renee-PC | Source = volmgr | ID = 262190
    Description = Crash dump initialization failed!

    Error - 8/9/2013 7:01:29 PM | Computer Name = renee-PC | Source = volmgr | ID = 262190
    Description = Crash dump initialization failed!

    Error - 8/9/2013 7:03:32 PM | Computer Name = renee-PC | Source = DCOM | ID = 10016
    Description =

    Error - 8/9/2013 7:04:21 PM | Computer Name = renee-PC | Source = WMPNetworkSvc | ID = 866306
    Description =

    Error - 8/9/2013 7:04:21 PM | Computer Name = renee-PC | Source = WMPNetworkSvc | ID = 866306
    Description =

    Error - 8/9/2013 7:08:08 PM | Computer Name = renee-PC | Source = Service Control Manager | ID = 7034
    Description = The SecureUpdate service terminated unexpectedly. It has done this
    1 time(s).


    < End of report >

  7. #7
    Member Spyware Fighter DonnaB's Avatar
    Join Date
    Apr 2009
    Location
    Illiana, Ill. USA
    Posts
    3,521
    Points
    563

    Default

    Hi Misery,

    I do apologize for the delay. Please allow me some time to view the logs.

    Thank you for your patience and understanding,

    Donna
    If you think you might be infected with malware or have recently cleansed your computer of malware without the help of an expert, please read and follow the instructions in How to Start Removing Viruses and Spyware from your Computer. This can alleviate time consumed in trouble shooting your current computer problems.

    If your problem is solved, here's how to say thanks!

    Very proud parent of a U.S. Navy "CB"



    "People may forget what you say,
    People may forget what you did,
    but People will never forget how you made them feel!"

  8. #8
    Member Spyware Fighter DonnaB's Avatar
    Join Date
    Apr 2009
    Location
    Illiana, Ill. USA
    Posts
    3,521
    Points
    563

    Default

    Hi Misery,

    Please accept my apologies for the delayed response.

    Let's see if we can fix the validation issue:

    Please download WindowsActivationUpdate.exe and post the results. We'll continue from there.

    Thank you,
    Donna
    If you think you might be infected with malware or have recently cleansed your computer of malware without the help of an expert, please read and follow the instructions in How to Start Removing Viruses and Spyware from your Computer. This can alleviate time consumed in trouble shooting your current computer problems.

    If your problem is solved, here's how to say thanks!

    Very proud parent of a U.S. Navy "CB"



    "People may forget what you say,
    People may forget what you did,
    but People will never forget how you made them feel!"

  9. #9
    Member Spyware Fighter DonnaB's Avatar
    Join Date
    Apr 2009
    Location
    Illiana, Ill. USA
    Posts
    3,521
    Points
    563

    Default

    Hi Misery,

    Do you still need help?

    Donna
    If you think you might be infected with malware or have recently cleansed your computer of malware without the help of an expert, please read and follow the instructions in How to Start Removing Viruses and Spyware from your Computer. This can alleviate time consumed in trouble shooting your current computer problems.

    If your problem is solved, here's how to say thanks!

    Very proud parent of a U.S. Navy "CB"



    "People may forget what you say,
    People may forget what you did,
    but People will never forget how you made them feel!"

  10. #10
    Member Spyware Fighter
    Join Date
    Jun 2010
    Location
    Bement,Ill USA
    Posts
    1,340
    Points
    146

    Default

    Hello.

    There had been no reply from the topic starter in 5 days. Due to inactivity, this topic is now closed.
    If you are the topic starter and need this topic reopened, send Myself or DonnaB a message.

    Everyone else, please begin a new topic.

    With Regards,
    fireman4it
    " Extinguishing Malware from the world"

    The Spware Help forum is very busy. If I'm helping you and I've not posted back within 24 hrs., send a PM with your topic link. Thank you.
    HELP REQUESTS VIA THE PM SYSTEM WILL BE IGNORED. The Forums are there for a reason!
    Thanks-