Page 1 of 2 12 LastLast
Results 1 to 10 of 17
  1. #1
    Member
    Join Date
    Sep 2011
    Posts
    15
    Points
    0

    Default Clean me up Scotty

    Hi,

    Can somebody please help me clean my desktop up. I'm running Windows 7

    The issues I've been having are that my computer won't read a disc in the DVD RW (Don't know if that's a hardware or Driver problem) and also the mouse has sometimes the mouse cursor freezes.

    I ran MBAM and it found a great big string of things. I removed all threats and re-ran it (on full scan this time) and the 2nd log is below.

    Shall I run HJT too?

    Thanks


    Malwarebytes Anti-Malware 1.75.0.1300
    Malwarebytes : Free Anti-Malware

    Database version: v2014.03.23.08

    Windows 7 Service Pack 1 x64 NTFS
    Internet Explorer 11.0.9600.16521
    luke :: LUKE-PC [administrator]

    23/03/2014 5:38:33 PM
    mbam-log-2014-03-23 (17-38-33).txt

    Scan type: Full scan (C:\|D:\|)
    Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM
    Scan options disabled: P2P
    Objects scanned: 467930
    Time elapsed: 1 hour(s), 5 minute(s), 21 second(s)

    Memory Processes Detected: 0
    (No malicious items detected)

    Memory Modules Detected: 0
    (No malicious items detected)

    Registry Keys Detected: 0
    (No malicious items detected)

    Registry Values Detected: 0
    (No malicious items detected)

    Registry Data Items Detected: 0
    (No malicious items detected)

    Folders Detected: 0
    (No malicious items detected)

    Files Detected: 2
    C:\Users\luke\AppData\Local\Google\Chrome\User Data\Default\Cache\f_00010f (PUP.Optional.Bandoo) -> Quarantined and deleted successfully.
    C:\Users\luke\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\N1WXOHSB\Setup[1].exe (PUP.Optional.BundleInstaller.A) -> Quarantined and deleted successfully.

    (end)

  2. #2
    Member Spyware Fighter zep516's Avatar
    Join Date
    Dec 2005
    Location
    Pittsburgh, Pa
    Posts
    7,173
    Points
    1307

    Default

    Hi! My name is zep516 and Welcome to Help2go!
    I'll do the best I can to resolve your computer issue
    Please make sure to carefully read any instruction that I give you. If you're not sure, or if something unexpected happens, don't continue Stop and ask! Never be afraid to ask questions!

    First

    Please download OTL to your Desktop
    • Double click on the to run the program. On Vista/Win7 or 8 right click select Run As Administrator to start the program. If prompted by UAC, please allow it.
    • Make sure all other windows are closed and to let it run uninterrupted.
    • Click the Scan All Users checkbox
      and
    • Check the option for All under the Extra Registry section
    • Click the Run Scan button. Do not change any settings unless otherwise told to do so. The scan won't take long.
      • When the scan completes, it will open two notepad windows. OTL.Txt and Extras.Txt. These are saved in the same location as OTL.
      • Please copy (Edit->Select All, Edit->Copy) the contents of these files and post them in your topic

    • OTL.txt <-- Will be opened, maximized
    • Extras.txt <-- Will be minimized on task bar.

    Please post the contents of both OTL.txt and Extras.txt files in your next reply.[/QUOTE]


    Next

    Please download Junkware Removal Tool to your Desktop.

    Please close your security software to avoid potential conflicts.
    Run the tool by double-clicking it. If you are using Windows Vista or 7, right-mouse click it and select Run as administrator.
    The tool will open and start scanning your system.
    Please be patient as this can take a while to complete, depending on your system's specifications.
    On completion, a log (JRT.txt) is saved to your Desktop and will automatically open.
    Please post the contents of JRT.txt into your reply.

    Next

    Please download AdwCleaner by Xplode and save to your Desktop.
    • Double-click AdwCleaner.exe to run the tool.
      Note: Windows Vista, Windows 7/8 users right-click and select Run As Administrator.
    • Click the Scan button.
    • AdwCleaner will begin. Be patient as the scan may take some time to complete.
    • After the scan has finished, click the Report button. A logfile (AdwCleaner[R0].txt) will open in Notepad for review.
    • The contents of the log file may be confusing. Unless you see a program name that you know should not be removed, don't worry about it. If you see an entry you want to keep, please let me know about it.
    • Copy and paste the contents of that logfile in your next reply.
    • A copy of all logfiles are saved in the C:\AdwCleaner folder which was created when running the tool.



    Last

    Download Security Check by screen317 from Here or Here
    Save it to your Desktop.
    Double click SecurityCheck.exe and follow the onscreen instructions inside of the black box.
    A Notepad document should open automatically called checkup.txt; please post the contents of that document.

    Please post the following logs in your next reply:

    • OTL.txt
    • Extra's .txt
    • JRT.txt Log
    • AdwCleaner[R0].txt
    • checkup.txt Log


    Thanks
    Joe

  3. #3
    Member
    Join Date
    Sep 2011
    Posts
    15
    Points
    0

    Default

    OTL logfile created on: 25/03/2014 7:31:25 PM - Run 2
    OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\luke\Desktop
    64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
    Internet Explorer (Version = 9.11.9600.16521)
    Locale: 00000809 | Country: United Kingdom | Language: ENG | Date Format: dd/MM/yyyy

    7.96 Gb Total Physical Memory | 5.81 Gb Available Physical Memory | 72.97% Memory free
    15.91 Gb Paging File | 13.38 Gb Available in Paging File | 84.09% Paging File free
    Paging file location(s): ?:\pagefile.sys [binary data]

    %SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
    Drive C: | 1862.67 Gb Total Space | 1684.90 Gb Free Space | 90.46% Space Free | Partition Type: NTFS

    Computer Name: LUKE-PC | User Name: luke | Logged in as Administrator.
    Boot Mode: Normal | Scan Mode: Current user | Include 64bit Scans
    Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

    ========== Processes (SafeList) ==========

    PRC - [2014/03/23 19:20:02 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\luke\Desktop\OTL.exe
    PRC - [2014/03/03 09:53:02 | 001,363,584 | ---- | M] (Microsoft Corporation) -- C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe
    PRC - [2014/03/03 09:52:32 | 001,748,608 | ---- | M] (Microsoft Corporation) -- C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe
    PRC - [2014/02/25 21:57:46 | 000,568,512 | ---- | M] (Valve Corporation) -- C:\Program Files (x86)\Common Files\Steam\SteamService.exe
    PRC - [2014/02/25 21:57:44 | 001,821,888 | ---- | M] (Valve Corporation) -- C:\Program Files (x86)\Steam\Steam.exe
    PRC - [2014/01/14 19:01:17 | 006,118,400 | ---- | M] (Spotify Ltd) -- C:\Users\luke\AppData\Roaming\Spotify\spotify.exe
    PRC - [2014/01/14 19:01:16 | 001,171,968 | ---- | M] (Spotify Ltd) -- C:\Users\luke\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe
    PRC - [2014/01/14 19:01:16 | 000,603,648 | ---- | M] () -- C:\Users\luke\AppData\Roaming\Spotify\Data\SpotifyHelper.exe
    PRC - [2013/12/16 19:34:22 | 000,193,696 | ---- | M] (Microsoft Corporation.) -- C:\Program Files (x86)\Microsoft\BingBar\7.3.124.0\BBSvc.EXE
    PRC - [2013/03/11 19:27:48 | 000,202,592 | ---- | M] (BullGuard Ltd.) -- C:\Program Files\BullGuard Ltd\BullGuard\Files32\Spamfilter\LittleHook.exe
    PRC - [2013/02/12 11:40:07 | 000,076,888 | ---- | M] () -- C:\Windows\SysWOW64\PnkBstrA.exe
    PRC - [2012/02/07 16:53:34 | 000,363,800 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
    PRC - [2012/02/07 16:53:32 | 000,277,784 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
    PRC - [2012/02/07 16:52:04 | 000,161,560 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\Jhi_service.exe
    PRC - [2011/11/29 19:04:56 | 000,013,592 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
    PRC - [2011/11/29 19:04:54 | 000,284,440 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe


    ========== Modules (All) ==========

    MOD - [2014/03/23 19:20:02 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\luke\Desktop\OTL.exe
    MOD - [2014/03/01 22:02:17 | 000,808,152 | ---- | M] (Microsoft Corporation) -- C:\Program Files (x86)\Internet Explorer\iexplore.exe
    MOD - [2014/03/01 04:30:58 | 017,074,688 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\mshtml.dll
    MOD - [2014/03/01 03:47:28 | 002,168,320 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\iertutil.dll
    MOD - [2014/03/01 03:40:17 | 000,440,832 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\ieui.dll
    MOD - [2014/03/01 03:14:15 | 004,244,480 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\jscript9.dll
    MOD - [2014/03/01 02:57:18 | 011,266,048 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\ieframe.dll
    MOD - [2014/03/01 02:32:16 | 001,820,160 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\wininet.dll
    MOD - [2014/03/01 02:28:51 | 000,251,392 | ---- | M] (Microsoft Corporation) -- C:\Program Files (x86)\Internet Explorer\IEShims.dll
    MOD - [2014/03/01 02:27:15 | 001,156,096 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\urlmon.dll
    MOD - [2014/03/01 02:25:42 | 000,703,488 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\ieapfltr.dll
    MOD - [2014/03/01 02:21:22 | 000,271,360 | ---- | M] (Microsoft Corporation) -- C:\Program Files (x86)\Internet Explorer\ieproxy.dll
    MOD - [2014/02/25 21:58:08 | 000,234,176 | ---- | M] (Valve Corporation) -- C:\Program Files (x86)\Steam\vstdlib_s.dll
    MOD - [2014/02/25 21:57:56 | 000,257,728 | ---- | M] (Valve Corporation) -- C:\Program Files (x86)\Steam\tier0_s.dll
    MOD - [2014/02/25 21:57:54 | 008,853,696 | ---- | M] (Valve Corporation) -- C:\Program Files (x86)\Steam\steamclient.dll
    MOD - [2014/02/25 21:57:46 | 001,135,296 | ---- | M] () -- C:\Program Files (x86)\Steam\bin\chromehtml.dll
    MOD - [2014/02/25 21:57:46 | 000,692,416 | ---- | M] (Valve Corporation) -- C:\Program Files (x86)\Steam\bin\vgui2_s.dll
    MOD - [2014/02/25 21:57:46 | 000,286,912 | ---- | M] (Valve Corporation) -- C:\Program Files (x86)\Steam\crashhandler.dll
    MOD - [2014/02/25 21:57:46 | 000,151,232 | ---- | M] (Valve Corporation) -- C:\Program Files (x86)\Steam\bin\filesystem_stdio.dll
    MOD - [2014/02/25 21:57:44 | 011,711,680 | ---- | M] (Valve Corporation) -- C:\Program Files (x86)\Steam\SteamUI.dll
    MOD - [2014/02/25 21:57:44 | 001,821,888 | ---- | M] (Valve Corporation) -- C:\Program Files (x86)\Steam\Steam.exe
    MOD - [2014/02/14 03:42:37 | 000,487,424 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\IAStorUtil\55da6ea9407e647930ccfa94f1d02567\IAStorUtil.ni.dll
    MOD - [2014/02/14 03:42:37 | 000,014,336 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\IAStorCommon\33f1f62a80540af6dba6af268692c041\IAStorCommon.ni.dll
    MOD - [2014/02/14 03:25:40 | 011,922,944 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Web\4b1795df6372b251625f958595e08d3d\System.Web.ni.dll
    MOD - [2014/02/14 03:25:37 | 000,771,584 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Runtime.Remo#\59312674865dc2a19c27f9f460b1673b\System.Runtime.Remoting.ni.dll
    MOD - [2014/02/14 03:25:22 | 012,436,480 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\8bc548587e91ecf0552a40e47bbf99cc\System.Windows.Forms.ni.dll
    MOD - [2014/02/14 03:25:18 | 001,593,344 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Drawing\5c24d3b0041ebf4f48a93615b9fa3de9\System.Drawing.ni.dll
    MOD - [2014/02/14 03:25:15 | 005,464,064 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Xml\217ece46920546d718414291d463bb1c\System.Xml.ni.dll
    MOD - [2014/02/14 03:25:13 | 000,978,432 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Configuration\5b6ddf934128d538cd5cd77bf4209b93\System.Configuration.ni.dll
    MOD - [2014/02/14 03:25:06 | 003,348,480 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\WindowsBase\1d696b2d3de530f7ee971070263667ff\WindowsBase.ni.dll
    MOD - [2014/02/14 03:25:05 | 007,989,760 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System\b3a78269847005365001c33870cd121f\System.ni.dll
    MOD - [2014/02/14 03:25:01 | 011,499,520 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\mscorlib\ede2c6c842840e009f01bcc74fa4c457\mscorlib.ni.dll
    MOD - [2014/02/11 02:34:30 | 000,751,616 | ---- | M] () -- C:\Program Files (x86)\Steam\SDL2.dll
    MOD - [2014/02/04 02:04:22 | 001,230,336 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\WindowsCodecs.dll
    MOD - [2014/01/14 19:01:17 | 006,118,400 | ---- | M] (Spotify Ltd) -- C:\Users\luke\AppData\Roaming\Spotify\spotify.exe
    MOD - [2014/01/14 19:01:16 | 036,967,424 | ---- | M] () -- C:\Users\luke\AppData\Roaming\Spotify\Data\libcef.dll
    MOD - [2014/01/14 19:01:16 | 009,964,032 | ---- | M] (The ICU Project) -- C:\Users\luke\AppData\Roaming\Spotify\Data\icudt.dll
    MOD - [2014/01/14 19:01:16 | 001,171,968 | ---- | M] (Spotify Ltd) -- C:\Users\luke\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe
    MOD - [2014/01/14 19:01:16 | 000,603,648 | ---- | M] () -- C:\Users\luke\AppData\Roaming\Spotify\Data\SpotifyHelper.exe
    MOD - [2014/01/10 23:33:44 | 020,625,832 | ---- | M] () -- C:\Program Files (x86)\Steam\bin\libcef.dll
    MOD - [2013/12/14 03:01:50 | 000,036,352 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\imgutil.dll
    MOD - [2013/12/12 22:19:40 | 000,142,848 | ---- | M] () -- C:\Program Files (x86)\Steam\libavresample-1.dll
    MOD - [2013/12/06 22:03:46 | 000,126,336 | ---- | M] (Advanced Micro Devices, Inc. ) -- C:\Windows\SysWOW64\atiuxpag.dll
    MOD - [2013/12/06 22:01:04 | 001,100,216 | ---- | M] (Advanced Micro Devices, Inc. ) -- C:\Windows\SysWOW64\aticfx32.dll
    MOD - [2013/12/06 21:59:50 | 008,406,024 | ---- | M] (Advanced Micro Devices, Inc. ) -- C:\Windows\SysWOW64\atidxx32.dll
    MOD - [2013/11/26 08:16:50 | 003,419,136 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\d2d1.dll
    MOD - [2013/11/05 01:12:06 | 000,890,592 | ---- | M] () -- C:\Program Files (x86)\Steam\libavutil-52.dll
    MOD - [2013/10/27 22:46:26 | 005,934,744 | ---- | M] (Microsoft Corporation) -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorwks.dll
    MOD - [2013/10/19 01:36:59 | 000,159,232 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\imagehlp.dll
    MOD - [2013/10/12 02:01:25 | 000,216,576 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\FWPUCLNT.DLL
    MOD - [2013/10/05 19:57:25 | 001,168,384 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\crypt32.dll
    MOD - [2013/10/03 02:00:44 | 000,311,808 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\gdi32.dll
    MOD - [2013/09/25 01:58:17 | 000,096,768 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\sspicli.dll
    MOD - [2013/09/25 01:57:26 | 000,022,016 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\secur32.dll
    MOD - [2013/09/25 01:57:24 | 000,247,808 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\schannel.dll
    MOD - [2013/09/25 01:56:42 | 000,220,160 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\ncrypt.dll
    MOD - [2013/09/17 22:45:12 | 000,152,392 | ---- | M] (Apple Inc.) -- C:\Program Files (x86)\iTunes\iTunesHelper.exe
    MOD - [2013/09/17 22:45:12 | 000,148,808 | ---- | M] (Apple Inc.) -- C:\Program Files (x86)\iTunes\iTunesHelper.dll
    MOD - [2013/09/17 22:45:12 | 000,041,800 | ---- | M] (Apple Inc.) -- C:\Program Files (x86)\iTunes\iTunesHelper.Resources\en.lproj\iTunesHelperLocalized.dll
    MOD - [2013/09/17 22:45:12 | 000,040,264 | ---- | M] (Apple Inc.) -- C:\Program Files (x86)\iTunes\iTunesHelper.Resources\iTunesHelper.dll
    MOD - [2013/09/13 18:51:06 | 002,464,072 | ---- | M] (Apple, Inc.) -- C:\Program Files (x86)\Common Files\Apple\Apple Application Support\CFNetwork.dll
    MOD - [2013/09/11 21:21:54 | 000,505,424 | ---- | M] (Microsoft Corporation) -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscoreei.dll
    MOD - [2013/09/08 02:03:58 | 000,231,424 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\mswsock.dll
    MOD - [2013/09/07 08:14:22 | 001,673,544 | ---- | M] (Apple Inc.) -- C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\iTunesMobileDevice.dll
    MOD - [2013/08/29 01:50:30 | 001,292,192 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\ntdll.dll
    MOD - [2013/08/29 01:48:17 | 000,640,512 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\advapi32.dll
    MOD - [2013/08/02 01:50:42 | 000,274,944 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\KernelBase.dll
    MOD - [2013/08/02 01:50:41 | 001,114,112 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\kernel32.dll
    MOD - [2013/07/26 01:55:59 | 012,872,704 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\shell32.dll
    MOD - [2013/07/26 01:55:59 | 000,180,224 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\shdocvw.dll
    MOD - [2013/07/09 04:52:33 | 000,663,552 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\rpcrt4.dll
    MOD - [2013/07/09 04:52:10 | 000,175,104 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\wintrust.dll
    MOD - [2013/07/09 04:46:31 | 000,103,936 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\cryptnet.dll
    MOD - [2013/07/04 11:50:56 | 000,530,432 | ---- | M] (Microsoft Corporation) -- C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_5.82.7601.18201_none_ec80f00e8593ece5\comctl32.dll
    MOD - [2013/06/14 23:49:14 | 009,955,112 | ---- | M] (The ICU Project) -- C:\Program Files (x86)\Steam\bin\icudt.dll
    MOD - [2013/06/14 23:49:12 | 001,100,800 | ---- | M] () -- C:\Program Files (x86)\Steam\bin\avcodec-53.dll
    MOD - [2013/06/14 23:49:12 | 000,192,000 | ---- | M] () -- C:\Program Files (x86)\Steam\bin\avformat-53.dll
    MOD - [2013/06/14 23:49:12 | 000,124,416 | ---- | M] () -- C:\Program Files (x86)\Steam\bin\avutil-51.dll
    MOD - [2013/06/06 04:57:01 | 000,025,600 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\lpk.dll
    MOD - [2013/06/06 04:50:56 | 000,010,240 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\dciman32.dll
    MOD - [2013/05/23 02:01:45 | 000,004,096 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\api-ms-win-downlevel-user32-l1-1-0.dll
    MOD - [2013/05/23 02:01:44 | 000,293,376 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\dxgi.dll
    MOD - [2013/05/23 02:01:44 | 000,187,392 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\UIAnimation.dll
    MOD - [2013/05/23 02:01:44 | 000,010,752 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\api-ms-win-downlevel-advapi32-l1-1-0.dll
    MOD - [2013/05/23 02:01:44 | 000,009,728 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\api-ms-win-downlevel-shlwapi-l1-1-0.dll
    MOD - [2013/05/23 02:01:44 | 000,005,632 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\api-ms-win-downlevel-shlwapi-l2-1-0.dll
    MOD - [2013/05/23 02:01:44 | 000,005,632 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\api-ms-win-downlevel-ole32-l1-1-0.dll
    MOD - [2013/05/23 02:01:44 | 000,003,584 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\api-ms-win-downlevel-advapi32-l2-1-0.dll
    MOD - [2013/05/23 02:01:44 | 000,003,072 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\api-ms-win-downlevel-version-l1-1-0.dll
    MOD - [2013/05/23 02:01:44 | 000,003,072 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\api-ms-win-downlevel-shell32-l1-1-0.dll
    MOD - [2013/05/23 02:01:44 | 000,002,560 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\api-ms-win-downlevel-normaliz-l1-1-0.dll
    MOD - [2013/05/10 04:56:15 | 012,625,408 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\wmploc.DLL
    MOD - [2013/05/10 04:56:08 | 011,410,432 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\wmp.dll
    MOD - [2013/04/25 23:30:32 | 001,505,280 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\d3d11.dll
    MOD - [2013/04/09 23:34:01 | 001,247,744 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\DWrite.dll
    MOD - [2013/04/03 04:50:20 | 001,625,088 | ---- | M] (Microsoft Corporation) -- C:\Windows\winsxs\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.18120_none_72d2e82386681b36\GdiPlus.dll
    MOD - [2013/03/11 19:27:48 | 000,202,592 | ---- | M] (BullGuard Ltd.) -- C:\Program Files\BullGuard Ltd\BullGuard\Files32\Spamfilter\LittleHook.exe
    MOD - [2013/03/11 19:27:43 | 000,086,320 | ---- | M] (BullGuard Ltd.) -- c:\Program Files\BullGuard Ltd\BullGuard\Files32\BgAgent.dll
    MOD - [2013/03/11 19:27:13 | 002,219,360 | ---- | M] (BullGuard Ltd.) -- C:\Program Files\BullGuard Ltd\BullGuard\Files32\Spamfilter\WindowsLiveHook.dll
    MOD - [2013/02/12 11:10:31 | 000,097,120 | ---- | M] (BullGuard Ltd.) -- C:\Program Files\BullGuard Ltd\BullGuard\Files32\Spamfilter\LittleHook.dll
    MOD - [2012/12/24 12:44:02 | 000,632,656 | ---- | M] (Microsoft Corporation) -- C:\Windows\winsxs\x86_microsoft.vc80.crt_1fc8b3b9a1e18e3b_8.0.50727.6195_none_d09154e044272b9a\msvcr80.dll
    MOD - [2012/12/24 12:44:02 | 000,554,832 | ---- | M] (Microsoft Corporation) -- C:\Windows\winsxs\x86_microsoft.vc80.crt_1fc8b3b9a1e18e3b_8.0.50727.6195_none_d09154e044272b9a\msvcp80.dll
    MOD - [2012/11/28 14:13:52 | 000,087,952 | ---- | M] () -- C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll
    MOD - [2012/11/28 14:13:32 | 000,456,592 | ---- | M] (Apple Inc.) -- C:\Program Files (x86)\Common Files\Apple\Apple Application Support\SQLite3.dll
    MOD - [2012/11/28 14:13:30 | 001,242,512 | ---- | M] () -- C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll
    MOD - [2012/11/28 14:13:30 | 000,124,816 | ---- | M] (Apple Inc.) -- C:\Program Files (x86)\Common Files\Apple\Apple Application Support\objc.dll
    MOD - [2012/11/28 14:13:30 | 000,053,648 | ---- | M] (Open Source Software community project) -- C:\Program Files (x86)\Common Files\Apple\Apple Application Support\pthreadVC2.dll
    MOD - [2012/11/28 14:13:28 | 001,292,136 | ---- | M] (The ICU Project) -- C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libicuin.dll
    MOD - [2012/11/28 14:13:28 | 000,923,496 | ---- | M] (The ICU Project) -- C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libicuuc.dll
    MOD - [2012/11/28 14:13:28 | 000,043,408 | ---- | M] (Apple Inc.) -- C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libdispatch.dll
    MOD - [2012/11/28 14:13:26 | 016,303,976 | ---- | M] (The ICU Project) -- C:\Program Files (x86)\Common Files\Apple\Apple Application Support\icudt46.dll
    MOD - [2012/11/28 14:13:20 | 001,079,184 | ---- | M] (Apple Inc.) -- C:\Program Files (x86)\Common Files\Apple\Apple Application Support\CoreFoundation.dll
    MOD - [2012/11/28 14:13:16 | 000,075,664 | ---- | M] (Apple Inc.) -- C:\Program Files (x86)\Common Files\Apple\Apple Application Support\ASL.dll
    MOD - [2012/11/22 04:45:03 | 000,626,688 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\usp10.dll
    MOD - [2012/11/01 04:47:54 | 001,389,568 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\msxml6.dll
    MOD - [2012/10/09 18:50:25 | 000,690,688 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\msvcrt.dll
    MOD - [2012/10/09 18:50:12 | 000,314,880 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\webio.dll
    MOD - [2012/10/09 18:48:26 | 000,571,904 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\oleaut32.dll
    MOD - [2012/10/09 18:48:26 | 000,233,472 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\oleacc.dll
    MOD - [2012/10/09 18:47:28 | 000,145,920 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\cfgmgr32.dll
    MOD - [2012/10/09 18:47:28 | 000,064,512 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\devobj.dll
    MOD - [2012/10/09 18:47:17 | 000,270,336 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\dnsapi.dll
    MOD - [2012/10/09 17:40:31 | 000,044,032 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\dhcpcsvc6.dll
    MOD - [2012/10/05 10:53:23 | 000,364,656 | ---- | M] (Microsoft Corporation) -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorjit.dll
    MOD - [2012/06/26 10:00:34 | 000,053,376 | ---- | M] (BullGuard Ltd.) -- C:\Program Files\BullGuard Ltd\BullGuard\Files32\res\en\PluginHookRes.dll
    MOD - [2012/06/26 09:32:38 | 000,482,656 | ---- | M] () -- C:\Program Files\BullGuard Ltd\BullGuard\Files32\SQLite.dll
    MOD - [2012/05/05 07:46:52 | 000,043,008 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\srclient.dll
    MOD - [2012/01/13 07:12:03 | 000,052,224 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\nlaapi.dll
    MOD - [2012/01/04 08:58:41 | 000,442,880 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\ntshrui.dll
    MOD - [2011/11/29 19:04:54 | 000,284,440 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
    MOD - [2011/11/29 19:00:38 | 000,175,616 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorUIHelper.dll
    MOD - [2011/11/29 19:00:36 | 001,319,424 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IntelVisualDesign.dll
    MOD - [2011/10/28 11:18:46 | 000,049,208 | ---- | M] (Hewlett-Packard) -- C:\Program Files (x86)\HP\HP Software Update\hpwuschd2.exe
    MOD - [2011/08/30 23:05:04 | 000,073,064 | ---- | M] (Apple Inc.) -- C:\Windows\SysWOW64\dnssd.dll
    MOD - [2011/08/30 23:05:02 | 000,121,704 | ---- | M] (Apple Inc.) -- C:\Program Files (x86)\Bonjour\mdnsNSP.dll
    MOD - [2011/06/16 04:33:18 | 000,180,224 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\xmllite.dll
    MOD - [2011/06/11 00:58:52 | 004,422,992 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\mfc100u.dll
    MOD - [2011/06/11 00:58:52 | 000,773,968 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\msvcr100.dll
    MOD - [2011/06/11 00:58:52 | 000,421,200 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\msvcp100.dll
    MOD - [2011/06/11 00:58:52 | 000,055,120 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\mfc100enu.dll
    MOD - [2011/03/11 05:33:09 | 001,699,328 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\esent.dll
    MOD - [2010/11/21 03:25:15 | 000,172,544 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\spp.dll
    MOD - [2010/11/21 03:25:10 | 000,144,384 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\wmpps.dll
    MOD - [2010/11/21 03:24:43 | 000,481,792 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\mscms.dll
    MOD - [2010/11/21 03:24:33 | 000,017,408 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\credssp.dll
    MOD - [2010/11/21 03:24:32 | 000,103,936 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\IPHLPAPI.DLL
    MOD - [2010/11/21 03:24:26 | 001,128,448 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\vssapi.dll
    MOD - [2010/11/21 03:24:26 | 000,572,760 | ---- | M] (Microsoft Corporation) -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\diasymreader.dll
    MOD - [2010/11/21 03:24:25 | 000,606,208 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\wbem\fastprox.dll
    MOD - [2010/11/21 03:24:25 | 000,119,808 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\imm32.dll
    MOD - [2010/11/21 03:24:23 | 001,493,504 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\ExplorerFrame.dll
    MOD - [2010/11/21 03:24:20 | 000,833,024 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\user32.dll
    MOD - [2010/11/21 03:24:16 | 000,380,416 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\sxs.dll
    MOD - [2010/11/21 03:24:16 | 000,269,824 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\Wldap32.dll
    MOD - [2010/11/21 03:24:16 | 000,194,048 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\winmm.dll
    MOD - [2010/11/21 03:24:16 | 000,090,112 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\srvcli.dll
    MOD - [2010/11/21 03:24:16 | 000,081,920 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\userenv.dll
    MOD - [2010/11/21 03:24:16 | 000,022,528 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\netutils.dll
    MOD - [2010/11/21 03:24:14 | 000,295,936 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\apphelp.dll
    MOD - [2010/11/21 03:24:14 | 000,046,080 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\RpcRtRemote.dll
    MOD - [2010/11/21 03:24:09 | 000,854,016 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\dbghelp.dll
    MOD - [2010/11/21 03:24:08 | 000,988,160 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\propsys.dll
    MOD - [2010/11/21 03:24:08 | 000,363,008 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\wbemcomn.dll
    MOD - [2010/11/21 03:24:08 | 000,351,232 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\winhttp.dll
    MOD - [2010/11/21 03:24:08 | 000,320,000 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\winspool.drv
    MOD - [2010/11/21 03:24:03 | 000,090,112 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\olepro32.dll
    MOD - [2010/11/21 03:24:02 | 000,034,816 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\cscapi.dll
    MOD - [2010/11/21 03:24:01 | 001,414,144 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\ole32.dll
    MOD - [2010/11/21 03:24:01 | 000,297,808 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\mscoree.dll
    MOD - [2010/11/21 03:24:00 | 000,172,032 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\wdmaud.drv
    MOD - [2010/11/21 03:23:55 | 001,680,896 | ---- | M] (Microsoft Corporation) -- C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2\comctl32.dll
    MOD - [2010/11/21 03:23:55 | 000,206,848 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\ws2_32.dll
    MOD - [2010/11/21 03:23:55 | 000,195,584 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\AudioSes.dll
    MOD - [2010/11/21 03:23:55 | 000,156,672 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\winsta.dll
    MOD - [2010/11/21 03:23:54 | 000,051,200 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\samcli.dll
    MOD - [2010/11/21 03:23:54 | 000,040,448 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\wtsapi32.dll
    MOD - [2010/11/21 03:23:51 | 001,667,584 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\setupapi.dll
    MOD - [2010/11/21 03:23:51 | 000,213,504 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\MMDevAPI.dll
    MOD - [2010/11/21 03:23:48 | 000,485,888 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\comdlg32.dll
    MOD - [2010/11/21 03:23:48 | 000,350,208 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\shlwapi.dll
    MOD - [2010/11/21 03:23:48 | 000,034,304 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\msasn1.dll
    MOD - [2010/09/21 13:03:14 | 000,145,280 | ---- | M] (Microsoft Corp.) -- C:\Program Files (x86)\Common Files\microsoft shared\Windows Live\WLIDNSP.DLL
    MOD - [2009/07/14 01:17:54 | 000,249,680 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\bcryptprimitives.dll
    MOD - [2009/07/14 01:17:54 | 000,242,936 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\rsaenh.dll
    MOD - [2009/07/14 01:16:20 | 000,015,360 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\wsock32.dll
    MOD - [2009/07/14 01:16:20 | 000,010,752 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\wship6.dll
    MOD - [2009/07/14 01:16:20 | 000,009,216 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\WSHTCPIP.DLL
    MOD - [2009/07/14 01:16:19 | 000,020,992 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\winrnr.dll
    MOD - [2009/07/14 01:16:19 | 000,016,896 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\winnsi.dll
    MOD - [2009/07/14 01:16:17 | 000,561,664 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\UIAutomationCore.dll
    MOD - [2009/07/14 01:16:17 | 000,056,320 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\vsstrace.dll
    MOD - [2009/07/14 01:16:17 | 000,047,616 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\wbem\wbemsvc.dll
    MOD - [2009/07/14 01:16:17 | 000,029,184 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\wbem\wbemprox.dll
    MOD - [2009/07/14 01:16:17 | 000,021,504 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\version.dll
    MOD - [2009/07/14 01:16:15 | 000,027,136 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\slc.dll
    MOD - [2009/07/14 01:16:14 | 000,007,168 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\shfolder.dll
    MOD - [2009/07/14 01:16:13 | 000,092,160 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\sechost.dll
    MOD - [2009/07/14 01:16:13 | 000,060,928 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\samlib.dll
    MOD - [2009/07/14 01:16:13 | 000,010,752 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\SensApi.dll
    MOD - [2009/07/14 01:16:12 | 000,791,552 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\opengl32.dll
    MOD - [2009/07/14 01:16:12 | 000,145,408 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\powrprof.dll
    MOD - [2009/07/14 01:16:12 | 000,065,024 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\pnrpnsp.dll
    MOD - [2009/07/14 01:16:12 | 000,033,280 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\pcwum.dll
    MOD - [2009/07/14 01:16:12 | 000,031,744 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\profapi.dll
    MOD - [2009/07/14 01:16:12 | 000,011,776 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\rasadhlp.dll
    MOD - [2009/07/14 01:16:12 | 000,006,144 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\psapi.dll
    MOD - [2009/07/14 01:16:11 | 000,121,856 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\ntmarta.dll
    MOD - [2009/07/14 01:16:11 | 000,090,112 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\ntdsapi.dll
    MOD - [2009/07/14 01:16:11 | 000,008,704 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\nsi.dll
    MOD - [2009/07/14 01:16:02 | 000,052,224 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\NapiNSP.dll
    MOD - [2009/07/14 01:15:44 | 000,031,232 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\msimtf.dll
    MOD - [2009/07/14 01:15:44 | 000,004,608 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\msimg32.dll
    MOD - [2009/07/14 01:15:43 | 000,828,928 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\msctf.dll
    MOD - [2009/07/14 01:15:42 | 000,072,192 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\msacm32.dll
    MOD - [2009/07/14 01:15:40 | 000,177,664 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\mlang.dll
    MOD - [2009/07/14 01:15:40 | 000,016,896 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\midimap.dll
    MOD - [2009/07/14 01:15:39 | 000,352,768 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\mfplat.dll
    MOD - [2009/07/14 01:15:36 | 000,022,016 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\linkinfo.dll
    MOD - [2009/07/14 01:15:35 | 000,004,608 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\ksuser.dll
    MOD - [2009/07/14 01:15:24 | 000,022,016 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\hid.dll
    MOD - [2009/07/14 01:15:22 | 000,130,048 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\glu32.dll
    MOD - [2009/07/14 01:15:22 | 000,079,872 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\gpapi.dll
    MOD - [2009/07/14 01:15:21 | 000,462,848 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\FirewallAPI.dll
    MOD - [2009/07/14 01:15:13 | 000,717,824 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\dui70.dll
    MOD - [2009/07/14 01:15:13 | 000,453,632 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\dsound.dll
    MOD - [2009/07/14 01:15:13 | 000,181,248 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\duser.dll
    MOD - [2009/07/14 01:15:13 | 000,067,072 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\dwmapi.dll
    MOD - [2009/07/14 01:15:11 | 000,061,952 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\dhcpcsvc.dll
    MOD - [2009/07/14 01:15:10 | 000,531,968 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\ddraw.dll
    MOD - [2009/07/14 01:15:07 | 000,078,848 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\cryptsp.dll
    MOD - [2009/07/14 01:15:07 | 000,036,864 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\cryptbase.dll
    MOD - [2009/07/14 01:15:03 | 000,522,240 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\clbcatq.dll
    MOD - [2009/07/14 01:14:58 | 000,014,336 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\avrt.dll
    MOD - [2009/07/14 01:14:57 | 000,070,144 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\atl.dll
    MOD - [2009/07/14 01:14:10 | 000,095,232 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\msscript.ocx
    MOD - [2009/07/14 01:14:08 | 000,020,992 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\msacm32.drv
    MOD - [2009/07/14 01:11:24 | 000,245,760 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\uxtheme.dll
    MOD - [2009/07/14 01:11:20 | 000,080,896 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\bcrypt.dll
    MOD - [2009/07/14 01:09:00 | 000,002,048 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\normaliz.dll


    ========== Services (SafeList) ==========

    SRV:64bit: - [2014/03/01 04:33:34 | 000,111,616 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\IEEtwCollector.exe -- (IEEtwCollectorService)
    SRV:64bit: - [2014/01/16 00:42:12 | 000,289,256 | ---- | M] (McAfee, Inc.) [On_Demand | Stopped] -- C:\Program Files\McAfee Security Scan\3.8.141\McCHSvc.exe -- (McComponentHostService)
    SRV:64bit: - [2013/12/06 20:52:10 | 000,239,616 | ---- | M] (AMD) [Auto | Running] -- C:\Windows\SysNative\atiesrxx.exe -- (AMD External Events Utility)
    SRV:64bit: - [2013/10/23 17:14:22 | 000,348,376 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- c:\Program Files\Microsoft Security Client\NisSrv.exe -- (NisSrv)
    SRV:64bit: - [2013/10/23 17:14:22 | 000,023,808 | ---- | M] (Microsoft Corporation) [Auto | Running] -- c:\Program Files\Microsoft Security Client\MsMpEng.exe -- (MsMpSvc)
    SRV:64bit: - [2013/10/18 18:26:36 | 000,356,688 | ---- | M] (BullGuard Ltd.) [Auto | Running] -- C:\Program Files\BullGuard Ltd\BullGuard\BullGuardUpdate.exe -- (BsUpdate)
    SRV:64bit: - [2013/05/27 05:50:47 | 001,011,712 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
    SRV:64bit: - [2013/05/23 20:12:02 | 000,143,120 | ---- | M] (SUPERAntiSpyware.com) [Auto | Running] -- C:\Program Files\SUPERAntiSpyware\SASCore64.exe -- (!SASCORE)
    SRV:64bit: - [2013/03/11 19:27:35 | 000,374,624 | ---- | M] (BullGuard Ltd.) [Auto | Running] -- c:\Program Files\BullGuard Ltd\BullGuard\BsFileScan.dll -- (BsFileScan)
    SRV:64bit: - [2013/03/11 19:27:31 | 000,243,040 | ---- | M] (BullGuard Ltd.) [Auto | Running] -- C:\Program Files\BullGuard Ltd\BullGuard\BullGuardScanner.exe -- (BsScanner)
    SRV:64bit: - [2013/03/11 19:27:30 | 000,345,440 | ---- | M] (BullGuard Ltd.) [Auto | Running] -- C:\Program Files\BullGuard Ltd\BullGuard\BsMain.dll -- (BsMain)
    SRV:64bit: - [2013/03/11 19:27:29 | 000,612,704 | ---- | M] (BullGuard Ltd.) [Auto | Running] -- c:\Program Files\BullGuard Ltd\BullGuard\BsMailProxy\BsMailProxy.dll -- (BsMailProxy)
    SRV:64bit: - [2013/03/11 19:27:25 | 000,383,840 | ---- | M] (BullGuard Ltd.) [Auto | Running] -- C:\Program Files\BullGuard Ltd\BullGuard\BullGuardBhvScanner.exe -- (BsBhvScan)
    SRV:64bit: - [2013/03/11 19:27:23 | 000,670,560 | ---- | M] (BullGuard Ltd.) [Auto | Running] -- C:\Program Files\BullGuard Ltd\BullGuard\BsBackup.dll -- (BsBackup)
    SRV:64bit: - [2013/03/11 19:27:23 | 000,596,832 | ---- | M] (BullGuard Ltd.) [Auto | Running] -- c:\Program Files\BullGuard Ltd\BullGuard\BsFire.dll -- (BsFire)
    SRV:64bit: - [2012/02/02 21:29:52 | 000,628,448 | ---- | M] (Intel(R) Corporation) [Auto | Running] -- C:\Program Files\Intel\iCLS Client\HeciServer.exe -- (Intel(R)
    SRV:64bit: - [2010/09/22 17:10:10 | 000,057,184 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Program Files\Windows Live\Mesh\wlcrasvc.exe -- (wlcrasvc)
    SRV - [2014/03/11 21:21:57 | 000,257,928 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)
    SRV - [2014/03/03 09:53:02 | 001,363,584 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe -- (c2cautoupdatesvc)
    SRV - [2014/03/03 09:52:32 | 001,748,608 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe -- (c2cpnrsvc)
    SRV - [2014/02/25 21:57:46 | 000,568,512 | ---- | M] (Valve Corporation) [On_Demand | Running] -- C:\Program Files (x86)\Common Files\Steam\SteamService.exe -- (Steam Client Service)
    SRV - [2013/12/16 19:34:22 | 000,247,968 | ---- | M] (Microsoft Corporation.) [On_Demand | Stopped] -- C:\Program Files (x86)\Microsoft\BingBar\7.3.124.0\SeaPort.EXE -- (BBUpdate)
    SRV - [2013/12/16 19:34:22 | 000,193,696 | ---- | M] (Microsoft Corporation.) [Auto | Running] -- C:\Program Files (x86)\Microsoft\BingBar\7.3.124.0\BBSvc.EXE -- (BBSvc)
    SRV - [2013/09/11 21:21:54 | 000,105,144 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32)
    SRV - [2013/09/05 10:34:30 | 000,171,680 | R--- | M] (Skype Technologies) [Auto | Stopped] -- C:\Program Files (x86)\Skype\Updater\Updater.exe -- (SkypeUpdate)
    SRV - [2013/02/12 11:40:07 | 000,076,888 | ---- | M] () [Auto | Running] -- C:\Windows\SysWOW64\PnkBstrA.exe -- (PnkBstrA)
    SRV - [2012/02/07 16:53:34 | 000,363,800 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe -- (UNS)
    SRV - [2012/02/07 16:53:32 | 000,277,784 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe -- (LMS)
    SRV - [2012/02/07 16:52:04 | 000,161,560 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\Jhi_service.exe -- (jhi_service)
    SRV - [2011/11/29 19:04:56 | 000,013,592 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe -- (IAStorDataMgrSvc)
    SRV - [2009/06/10 21:23:09 | 000,066,384 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32)


    ========== Driver Services (SafeList) ==========

    DRV:64bit: - [2013/12/06 21:52:14 | 013,207,552 | ---- | M] (Advanced Micro Devices, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\atikmdag.sys -- (amdkmdag)
    DRV:64bit: - [2013/12/06 20:21:44 | 000,626,176 | ---- | M] (Advanced Micro Devices, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\atikmpag.sys -- (amdkmdap)
    DRV:64bit: - [2013/11/10 20:49:05 | 000,046,368 | ---- | M] (AVG Technologies) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\avgtpx64.sys -- (avgtp)
    DRV:64bit: - [2013/09/27 09:53:06 | 000,134,944 | ---- | M] (Microsoft Corporation) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\NisDrvWFP.sys -- (NisDrv)
    DRV:64bit: - [2013/09/24 14:53:50 | 000,094,208 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\AtihdW76.sys -- (AtiHDAudioService)
    DRV:64bit: - [2013/07/25 15:53:46 | 000,023,040 | ---- | M] (Apple Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\netaapl64.sys -- (Netaapl)
    DRV:64bit: - [2013/02/12 11:10:20 | 000,350,160 | ---- | M] (BitDefender S.R.L.) [File_System | On_Demand | Running] -- C:\Windows\SysNative\drivers\Trufos.sys -- (Trufos)
    DRV:64bit: - [2012/12/22 21:21:55 | 000,040,544 | R--- | M] (Agnitum Ltd.) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\afw.sys -- (AFW)
    DRV:64bit: - [2012/12/22 21:21:18 | 000,464,480 | R--- | M] (Agnitum Ltd.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\afwcore.sys -- (afwcore)
    DRV:64bit: - [2012/12/13 13:50:36 | 000,054,784 | ---- | M] (Apple, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\usbaapl64.sys -- (USBAAPL64)
    DRV:64bit: - [2012/12/12 20:28:03 | 000,034,928 | ---- | M] (BullGuard Ltd.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\BdNet.sys -- (BdNet)
    DRV:64bit: - [2012/10/09 18:50:43 | 000,023,408 | ---- | M] (Microsoft Corporation) [Recognizer | Boot | Unknown] -- C:\Windows\SysNative\drivers\fs_rec.sys -- (Fs_Rec)
    DRV:64bit: - [2012/08/21 13:01:20 | 000,033,240 | ---- | M] (GEAR Software Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\GEARAspiWDM.sys -- (GEARAspiWDM)
    DRV:64bit: - [2012/06/26 09:48:40 | 000,068,208 | ---- | M] (BullGuard Ltd.) [File_System | System | Running] -- C:\Windows\SysNative\drivers\BdSpy.sys -- (BdSpy)
    DRV:64bit: - [2012/06/26 09:48:34 | 000,256,072 | ---- | M] (NovaShield, Inc.) [File_System | System | Running] -- C:\Windows\SysNative\drivers\NSKernel.sys -- (NovaShieldFilterDriver)
    DRV:64bit: - [2012/06/26 09:48:34 | 000,025,160 | ---- | M] (NovaShield, Inc.) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\NSNetmon.sys -- (NovaShieldTDIDriver)
    DRV:64bit: - [2012/06/12 22:00:48 | 000,726,160 | ---- | M] (Realtek ) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Rt64win7.sys -- (RTL8167)
    DRV:64bit: - [2012/02/22 14:27:02 | 000,157,288 | ---- | M] (Bigfoot Networks, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\XenoVa64.sys -- (BFNVis64)
    DRV:64bit: - [2012/02/22 14:27:02 | 000,157,288 | ---- | M] (Bigfoot Networks, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\Xeno7x64.sys -- (BFN7x64)
    DRV:64bit: - [2012/01/05 11:36:54 | 014,652,768 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\igdkmd64.sys -- (igfx)
    DRV:64bit: - [2012/01/04 19:58:50 | 000,786,200 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\iusb3xhc.sys -- (iusb3xhc)
    DRV:64bit: - [2012/01/04 19:58:50 | 000,355,096 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\iusb3hub.sys -- (iusb3hub)
    DRV:64bit: - [2012/01/04 19:58:50 | 000,016,152 | ---- | M] (Intel Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\iusb3hcs.sys -- (iusb3hcs)
    DRV:64bit: - [2011/12/05 19:23:08 | 000,331,264 | ---- | M] (Intel(R) Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\IntcDAud.sys -- (IntcDAud)
    DRV:64bit: - [2011/11/29 18:40:32 | 000,568,600 | ---- | M] (Intel Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\iaStor.sys -- (iaStor)
    DRV:64bit: - [2011/11/10 00:04:14 | 000,060,184 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\HECIx64.sys -- (MEIx64)
    DRV:64bit: - [2011/07/22 16:26:56 | 000,014,928 | ---- | M] (SUPERAdBlocker.com and SUPERAntiSpyware.com) [Kernel | System | Running] -- C:\Program Files\SUPERAntiSpyware\sasdifsv64.sys -- (SASDIFSV)
    DRV:64bit: - [2011/07/12 21:55:18 | 000,012,368 | ---- | M] (SUPERAdBlocker.com and SUPERAntiSpyware.com) [Kernel | System | Running] -- C:\Program Files\SUPERAntiSpyware\saskutil64.sys -- (SASKUTIL)
    DRV:64bit: - [2011/03/11 06:41:12 | 000,107,904 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata)
    DRV:64bit: - [2011/03/11 06:41:12 | 000,027,008 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata)
    DRV:64bit: - [2010/11/23 00:12:00 | 001,579,520 | ---- | M] (Atheros Communications, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\athrx.sys -- (athr)
    DRV:64bit: - [2010/11/21 03:24:33 | 000,059,392 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbFlt.sys -- (TsUsbFlt)
    DRV:64bit: - [2010/11/21 03:23:47 | 000,078,720 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD)
    DRV:64bit: - [2010/11/21 03:23:47 | 000,031,232 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbGD.sys -- (TsUsbGD)
    DRV:64bit: - [2010/09/22 23:36:48 | 000,048,488 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\fssfltr.sys -- (fssfltr)
    DRV:64bit: - [2010/08/17 17:28:32 | 000,026,136 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\ICCWDT.sys -- (ICCWDT)
    DRV:64bit: - [2010/04/27 23:57:20 | 000,016,200 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\WmVirHid.sys -- (WmVirHid)
    DRV:64bit: - [2010/04/27 23:57:14 | 000,036,936 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\WmHidLo.sys -- (WmHidLo)
    DRV:64bit: - [2010/04/27 23:57:12 | 000,026,440 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\WmBEnum.sys -- (WmBEnum)
    DRV:64bit: - [2010/04/27 21:03:12 | 000,077,512 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\WmXlCore.sys -- (WmXlCore)
    DRV:64bit: - [2010/04/27 21:02:42 | 000,043,976 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\WmFilter.sys -- (WmFilter)
    DRV:64bit: - [2009/08/13 22:10:18 | 000,073,984 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\xusb21.sys -- (xusb21)
    DRV:64bit: - [2009/07/14 01:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs)
    DRV:64bit: - [2009/07/14 01:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2)
    DRV:64bit: - [2009/07/14 01:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor)
    DRV:64bit: - [2009/07/14 00:35:32 | 000,012,288 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\serscan.sys -- (StillCam)
    DRV:64bit: - [2009/06/10 20:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv)
    DRV:64bit: - [2009/06/10 20:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv)
    DRV:64bit: - [2009/06/10 20:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a)
    DRV:64bit: - [2009/06/10 20:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir)
    DRV - [2009/07/14 01:19:10 | 000,019,008 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\wimmount.sys -- (WIMMount)


    ========== Standard Registry (SafeList) ==========


    ========== Internet Explorer ==========

    IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = about:blank
    IE:64bit: - HKLM\..\SearchScopes,DefaultScope = {6A1806CD-94D4-4689-BA73-E35EA1EA9990}
    IE:64bit: - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
    IE:64bit: - HKLM\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = http://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7
    IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = Google
    IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
    IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = about:blank
    IE - HKLM\..\SearchScopes,DefaultScope =
    IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
    IE - HKLM\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = http://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7

    IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = PCSPECIALIST - Custom PCs, Custom Computers, Custom PC, Desktop PC, Custom Built Computers, Gaming PC
    IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar = Google
    IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = Google
    IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Secondary Start Pages = Google [binary data]
    IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = Google
    IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Search,Default_Search_URL = Google
    IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = Google
    IE - HKCU\..\SearchScopes,DefaultScope = {B1AB8D95-30C9-4235-A2BD-F74AAE385EB9}
    IE - HKCU\..\SearchScopes\{B1AB8D95-30C9-4235-A2BD-F74AAE385EB9}: "URL" = https://www.google.com/search?q={searchTerms}
    IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0


    ========== FireFox ==========

    FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
    FF:64bit: - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files\Microsoft Silverlight\5.1.30214.0\npctrl.dll ( Microsoft Corporation)
    FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=: File not found
    FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
    FF - HKLM\Software\MozillaPlugins\@intel-webapi.intel.com/Intel WebAPI ipt;version=2.0.59: C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll (Intel Corporation)
    FF - HKLM\Software\MozillaPlugins\@intel-webapi.intel.com/Intel WebAPI updater: C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll (Intel Corporation)
    FF - HKLM\Software\MozillaPlugins\@mcafee.com/McAfeeMssPlugin: C:\Program Files\McAfee Security Scan\3.8.141\npMcAfeeMss.dll (McAfee, Inc.)
    FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
    FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files (x86)\Microsoft Silverlight\5.1.30214.0\npctrl.dll ( Microsoft Corporation)
    FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3502.0922: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
    FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files (x86)\Google\Update\1.3.22.5\npGoogleUpdate3.dll (Google Inc.)
    FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files (x86)\Google\Update\1.3.22.5\npGoogleUpdate3.dll (Google Inc.)
    FF - HKLM\Software\MozillaPlugins\@videolan.org/vlc,version=2.1.0: C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
    FF - HKCU\Software\MozillaPlugins\@Skype Limited.com/Facebook Video Calling Plugin: C:\Users\luke\AppData\Local\Facebook\Video\Skype\npFacebookVideoCalling.dll (Skype Limited)
    FF - HKCU\Software\MozillaPlugins\ubisoft.com/uplaypc: C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\npuplaypc.dll ()

    FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\antiphishing@bullguard: C:\Program Files\BullGuard Ltd\BullGuard\Files32\Antiphishing\FF\antiphishing@bullguard\ [2012/12/06 16:01:48 | 000,000,000 | ---D | M]
    FF - HKEY_CURRENT_USER\software\mozilla\Thunderbird\Extensions\\{0E810812-F4BB-4309-942A-755587587A5E}: C:\Program Files\BullGuard Ltd\BullGuard\Files32\Spamfilter\TbSpamfilter [2012/12/13 18:48:12 | 000,000,000 | ---D | M]

    [2013/06/13 19:25:17 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\Mozilla Firefox\extensions

    ========== Chrome ==========

    CHR - homepage: Google
    CHR - Extension: No name found = C:\Users\luke\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\6.3_0\
    CHR - Extension: No name found = C:\Users\luke\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.6_0\
    CHR - Extension: No name found = C:\Users\luke\AppData\Local\Google\Chrome\User Data\Default\Extensions\bopakagnckmlgajfccecajhnimjiiedh\3.8.141.12_0\
    CHR - Extension: No name found = C:\Users\luke\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.20_0\
    CHR - Extension: No name found = C:\Users\luke\AppData\Local\Google\Chrome\User Data\Default\Extensions\dbpicbbcpanckagpdjflgojlknomoiah\16235.2790.8544_0\crossrider
    CHR - Extension: No name found = C:\Users\luke\AppData\Local\Google\Chrome\User Data\Default\Extensions\dbpicbbcpanckagpdjflgojlknomoiah\16235.2790.8544_0\
    CHR - Extension: No name found = C:\Users\luke\AppData\Local\Google\Chrome\User Data\Default\Extensions\epleaiangakhhmbijdhmkfelgbapbpab\1.0\
    CHR - Extension: No name found = C:\Users\luke\AppData\Local\Google\Chrome\User Data\Default\Extensions\jlljbaigjbmebmdhnanmbliipleicgfm\2.2\
    CHR - Extension: No name found = C:\Users\luke\AppData\Local\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl\6.11.0.13348_0\
    CHR - Extension: No name found = C:\Users\luke\AppData\Local\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl\6.12.0.13601\
    CHR - Extension: No name found = C:\Users\luke\AppData\Local\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl\6.12.0.13601_0\
    CHR - Extension: No name found = C:\Users\luke\AppData\Local\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl\6.13.0.13771\
    CHR - Extension: No name found = C:\Users\luke\AppData\Local\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl\6.13.0.13771_0\
    CHR - Extension: No name found = C:\Users\luke\AppData\Local\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl\7.1.15383.6004_0\
    CHR - Extension: No name found = C:\Users\luke\AppData\Local\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl\7.1.15383.6004_1\
    CHR - Extension: No name found = C:\Users\luke\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.4.11_0\
    CHR - Extension: No name found = C:\Users\luke\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.5.0_0\
    CHR - Extension: No name found = C:\Users\luke\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.6.1_0\
    CHR - Extension: No name found = C:\Users\luke\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0\

    O1 HOSTS File: ([2009/06/10 21:00:26 | 000,000,824 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts
    O2:64bit: - BHO: (Google Toolbar Helper) - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
    O2:64bit: - BHO: (Bing Bar Helper) - {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - C:\Program Files (x86)\Microsoft\BingBar\7.3.124.0\amd64\BingExt.dll (Microsoft Corporation.)
    O2:64bit: - BHO: (ssurf And keep) - {DA59A734-9B9A-3649-6D4A-9A7F67C58682} - C:\Program Files (x86)\ssurf And keep\xg0_CZaF.x64.dll File not found
    O2:64bit: - BHO: (YoutubeAdblocker) - {DC8DF8C9-AA87-EB8C-89C4-09925CC03942} - C:\Program Files (x86)\YoutubeAdblocker\9xHNK6.x64.dll File not found
    O2 - BHO: (MSS+ Identifier) - {0E8A89AD-95D7-40EB-8D9D-083EF7066A01} - C:\Program Files\McAfee Security Scan\3.8.141\McAfeeMSS_IE.dll (McAfee, Inc.)
    O2 - BHO: (Bing Bar Helper) - {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - C:\Program Files (x86)\Microsoft\BingBar\7.3.124.0\BingExt.dll (Microsoft Corporation.)
    O3:64bit: - HKLM\..\Toolbar: (Google Toolbar) - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
    O3:64bit: - HKLM\..\Toolbar: (Bing Bar) - {8dcb7100-df86-4384-8842-8fa844297b3f} - C:\Program Files (x86)\Microsoft\BingBar\7.3.124.0\amd64\BingExt.dll (Microsoft Corporation.)
    O3:64bit: - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
    O3 - HKLM\..\Toolbar: (Bing Bar) - {8dcb7100-df86-4384-8842-8fa844297b3f} - C:\Program Files (x86)\Microsoft\BingBar\7.3.124.0\BingExt.dll (Microsoft Corporation.)
    O3 - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
    O3:64bit: - HKCU\..\Toolbar\WebBrowser: (Google Toolbar) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
    O4:64bit: - HKLM..\Run: [BullGuard] C:\Program Files\BullGuard Ltd\BullGuard\bullguard.exe (BullGuard Ltd.)
    O4:64bit: - HKLM..\Run: [BullGuardUpdate2] c:\Program Files\BullGuard Ltd\BullGuard\BullGuardUpdate2.exe (BullGuard Ltd.)
    O4:64bit: - HKLM..\Run: [MSC] c:\Program Files\Microsoft Security Client\msseces.exe (Microsoft Corporation)
    O4:64bit: - HKLM..\Run: [RTHDVCPL] C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe (Realtek Semiconductor)
    O4:64bit: - HKLM..\Run: [Start WingMan Profiler] C:\Program Files\Logitech\Gaming Software\LWEMon.exe (Logitech Inc.)
    O4 - HKLM..\Run: [] File not found
    O4 - HKLM..\Run: [APSDaemon] C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe (Apple Inc.)
    O4 - HKLM..\Run: [IAStorIcon] C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe (Intel Corporation)
    O4 - HKLM..\Run: [StartCCC] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\amd64\CLIStart.exe (Advanced Micro Devices, Inc.)
    O4 - HKCU..\Run: [Facebook Update] C:\Users\luke\AppData\Local\Facebook\Update\FacebookUpdate.exe (Facebook Inc.)
    O4 - HKCU..\Run: [HP Officejet 6700 (NET)] C:\Program Files\HP\HP Officejet 6700\Bin\ScanToPCActivationApp.exe (Hewlett-Packard Co.)
    O4 - HKCU..\Run: [Spotify] C:\Users\luke\AppData\Roaming\Spotify\Spotify.exe (Spotify Ltd)
    O4 - HKCU..\Run: [Spotify Web Helper] C:\Users\luke\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe (Spotify Ltd)
    O4 - HKCU..\Run: [Steam] C:\Program Files (x86)\Steam\Steam.exe (Valve Corporation)
    O4 - HKCU..\Run: [SUPERAntiSpyware] C:\Program Files\SUPERAntiSpyware\SUPERANTISPYWARE.EXE (SUPERAntiSpyware)
    O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
    O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
    O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
    O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
    O9:64bit: - Extra Button: Report to BullGuard - {27FD17FB-CF63-486b-B2BE-8D8781CBEA01} - C:\Program Files\BullGuard Ltd\BullGuard\Antiphishing\IE\BgAntiphishingIE.dll (BullGuard Ltd.)
    O9:64bit: - Extra Button: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\SkypeIEPlugin.dll (Microsoft Corporation)
    O9 - Extra Button: Report to BullGuard - {27FD17FB-CF63-486b-B2BE-8D8781CBEA01} - C:\Program Files\BullGuard Ltd\BullGuard\Files32\Antiphishing\IE\BgAntiphishingIE.dll (BullGuard Ltd.)
    O9 - Extra Button: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll (Microsoft Corporation)
    O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000009 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
    O10 - NameSpace_Catalog5\Catalog_Entries\000000000009 [] - C:\Program Files (x86)\Bonjour\mdnsNSP.dll (Apple Inc.)
    O1364bit: - gopher Prefix: missing
    O13 - gopher Prefix: missing
    O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1 0.0.0.0
    O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{0095C3EB-DAAC-451E-9B55-888EA99E166B}: DhcpNameServer = 172.16.0.110 172.16.0.1
    O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{84FD4E6C-1568-4650-9E00-1A201A27965A}: DhcpNameServer = 172.20.10.1
    O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{AED2B395-347E-4DC8-9558-2F5133983F06}: DhcpNameServer = 192.168.1.1 0.0.0.0
    O18:64bit: - Protocol\Handler\livecall - No CLSID value found
    O18:64bit: - Protocol\Handler\msnim - No CLSID value found
    O18:64bit: - Protocol\Handler\skype4com - No CLSID value found
    O18:64bit: - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\SkypeIEPlugin.dll (Microsoft Corporation)
    O18:64bit: - Protocol\Handler\wlmailhtml - No CLSID value found
    O18:64bit: - Protocol\Handler\wlpg - No CLSID value found
    O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
    O18 - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll (Microsoft Corporation)
    O20:64bit: - AppInit_DLLs: (c:\PROGRA~1\BULLGU~1\BULLGU~1\BgAgent.dll) - c:\Program Files\BullGuard Ltd\BullGuard\BgAgent.dll (BullGuard Ltd.)
    O20:64bit: - AppInit_DLLs: (BgGamingMonitor.dll) - C:\Windows\SysNative\BgGamingMonitor.dll (BullGuard Ltd.)
    O20 - AppInit_DLLs: (c:\progra~1\bullgu~1\bullgu~1\files32\bgagent.dll) - c:\Program Files\BullGuard Ltd\BullGuard\Files32\BgAgent.dll (BullGuard Ltd.)
    O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
    O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
    O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
    O20 - HKLM Winlogon: UserInit - (userinit.exe) - C:\Windows\SysWow64\userinit.exe (Microsoft Corporation)
    O20:64bit: - Winlogon\Notify\igfxcui: DllName - (igfxdev.dll) - C:\Windows\SysNative\igfxdev.dll (Intel Corporation)
    O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
    O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
    O32 - HKLM CDRom: AutoRun - 1
    O34 - HKLM BootExecute: (autocheck autochk *)
    O35:64bit: - HKLM\..comfile [open] -- "%1" %*
    O35:64bit: - HKLM\..exefile [open] -- "%1" %*
    O35 - HKLM\..comfile [open] -- "%1" %*
    O35 - HKLM\..exefile [open] -- "%1" %*
    O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
    O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
    O37 - HKLM\...com [@ = comfile] -- "%1" %*
    O37 - HKLM\...exe [@ = exefile] -- "%1" %*
    O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
    O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
    O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)

    ========== Files/Folders - Created Within 30 Days ==========

    [2014/03/25 19:19:12 | 000,000,000 | ---D | C] -- C:\AdwCleaner
    [2014/03/23 20:05:05 | 000,000,000 | ---D | C] -- C:\Windows\ERUNT
    [2014/03/23 19:37:27 | 001,037,734 | ---- | C] (Thisisu) -- C:\Users\luke\Desktop\JRT.exe
    [2014/03/23 19:20:02 | 000,602,112 | ---- | C] (OldTimer Tools) -- C:\Users\luke\Desktop\OTL.exe
    [2014/03/23 17:08:44 | 000,000,000 | ---D | C] -- C:\Users\luke\AppData\Roaming\Malwarebytes
    [2014/03/23 17:08:35 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes' Anti-Malware
    [2014/03/23 17:08:34 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes
    [2014/03/23 17:08:33 | 000,025,928 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\mbam.sys
    [2014/03/23 17:08:33 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Malwarebytes' Anti-Malware
    [2014/03/23 17:07:33 | 010,285,040 | ---- | C] (Malwarebytes Corporation ) -- C:\Users\luke\Desktop\mbam-setup-1.75.0.1300.exe
    [2014/03/22 15:36:01 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SUPERAntiSpyware
    [2014/03/22 15:35:59 | 000,000,000 | ---D | C] -- C:\Program Files\SUPERAntiSpyware
    [2014/03/20 08:13:44 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Farming Simulator 2011
    [2014/03/20 08:13:03 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Farming Simulator 2011
    [2014/03/18 20:05:26 | 000,000,000 | ---D | C] -- C:\Users\luke\Documents\Banished
    [2014/03/17 20:21:44 | 000,000,000 | ---D | C] -- C:\Users\luke\Desktop\mods
    [2014/03/14 18:59:48 | 000,051,200 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieetwproxystub.dll
    [2014/03/14 18:59:48 | 000,032,768 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\iernonce.dll
    [2014/03/14 18:59:48 | 000,004,096 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieetwcollectorres.dll
    [2014/03/14 18:59:47 | 001,964,032 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\inetcpl.cpl
    [2014/03/14 18:59:47 | 000,627,200 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msfeeds.dll
    [2014/03/14 18:59:47 | 000,553,472 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\jscript9diag.dll
    [2014/03/14 18:59:47 | 000,440,832 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieui.dll
    [2014/03/14 18:59:47 | 000,061,952 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\iesetup.dll
    [2014/03/14 18:59:47 | 000,048,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieetwproxystub.dll
    [2014/03/14 18:59:47 | 000,033,792 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\iernonce.dll
    [2014/03/14 18:59:46 | 002,041,856 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\inetcpl.cpl
    [2014/03/14 18:59:46 | 000,703,488 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieapfltr.dll
    [2014/03/14 18:59:46 | 000,218,624 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ie4uinit.exe
    [2014/03/14 18:59:46 | 000,164,864 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msrating.dll
    [2014/03/14 18:59:46 | 000,112,128 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieUnatt.exe
    [2014/03/14 18:59:46 | 000,111,616 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieetwcollector.exe
    [2014/03/14 18:59:46 | 000,066,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\iesetup.dll
    [2014/03/14 18:59:45 | 005,768,704 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\jscript9.dll
    [2014/03/14 18:59:45 | 000,817,664 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieapfltr.dll
    [2014/03/14 18:59:45 | 000,708,608 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\jscript9diag.dll
    [2014/03/14 18:59:45 | 000,574,976 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieui.dll
    [2014/03/14 18:59:45 | 000,139,264 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieUnatt.exe
    [2014/03/14 18:59:44 | 000,940,032 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\MsSpellCheckingFacility.exe
    [2014/03/14 18:59:44 | 000,195,584 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msrating.dll
    [2014/03/14 18:28:38 | 000,484,864 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wer.dll
    [2014/03/14 18:28:38 | 000,381,440 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wer.dll
    [2014/03/14 18:23:12 | 000,624,128 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\qedit.dll
    [2014/03/14 18:23:12 | 000,509,440 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\qedit.dll
    [2014/03/14 18:22:56 | 001,424,384 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\WindowsCodecs.dll
    [2014/03/07 19:11:01 | 000,000,000 | ---D | C] -- C:\Users\luke\Documents\Der Planer - Landwirtschaft
    [2014/03/07 19:08:59 | 000,000,000 | ---D | C] -- C:\Users\luke\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Rondomedia
    [2014/03/07 19:08:41 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Rondomedia
    [2014/02/23 22:17:43 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\McAfee Security Scan Plus
    [2014/02/23 22:17:42 | 000,000,000 | ---D | C] -- C:\Program Files\McAfee Security Scan
    [1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]

    ========== Files - Modified Within 30 Days ==========

    [2014/03/25 19:31:05 | 000,021,872 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
    [2014/03/25 19:31:05 | 000,021,872 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
    [2014/03/25 19:24:38 | 000,000,512 | ---- | M] () -- C:\Windows\SysNative\F39D4DE6-98B8-4E05-91BD-549E8A8248BD
    [2014/03/25 19:22:39 | 000,000,890 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
    [2014/03/25 19:22:26 | 000,000,446 | -H-- | M] () -- C:\Windows\tasks\SK.Enhancer-S-161304646.job
    [2014/03/25 19:22:26 | 000,000,350 | ---- | M] () -- C:\Windows\tasks\AVG-Secure-Search-Update_JUNE2013_TB_rmv.job
    [2014/03/25 19:22:04 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
    [2014/03/25 19:21:35 | 2112,057,343 | -HS- | M] () -- C:\hiberfil.sys
    [2014/03/25 19:21:00 | 000,000,830 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
    [2014/03/25 19:15:02 | 000,000,894 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
    [2014/03/25 18:46:00 | 000,000,924 | ---- | M] () -- C:\Windows\tasks\FacebookUpdateTaskUserS-1-5-21-2986761378-1864547943-1963784790-1001UA.job
    [2014/03/23 19:37:30 | 001,037,734 | ---- | M] (Thisisu) -- C:\Users\luke\Desktop\JRT.exe
    [2014/03/23 19:20:02 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\luke\Desktop\OTL.exe
    [2014/03/23 17:08:35 | 000,001,113 | ---- | M] () -- C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
    [2014/03/23 17:08:07 | 010,285,040 | ---- | M] (Malwarebytes Corporation ) -- C:\Users\luke\Desktop\mbam-setup-1.75.0.1300.exe
    [2014/03/23 09:46:00 | 000,000,902 | ---- | M] () -- C:\Windows\tasks\FacebookUpdateTaskUserS-1-5-21-2986761378-1864547943-1963784790-1001Core.job
    [2014/03/22 15:36:01 | 000,001,808 | ---- | M] () -- C:\Users\Public\Desktop\SUPERAntiSpyware Free Edition.lnk
    [2014/03/22 14:23:47 | 056,010,773 | ---- | M] () -- C:\Users\luke\Desktop\JohnDeere7810FriendGift.zip
    [2014/03/22 11:56:06 | 000,001,912 | ---- | M] () -- C:\Users\luke\Desktop\RelicCoH2 - Shortcut.lnk
    [2014/03/22 10:34:35 | 001,372,957 | ---- | M] () -- C:\Users\luke\Desktop\CheatCommands_LE_v1.26.zip
    [2014/03/22 09:51:48 | 000,001,186 | ---- | M] () -- C:\Users\luke\Desktop\Farming Manager.lnk
    [2014/03/20 08:13:44 | 000,001,215 | ---- | M] () -- C:\Users\luke\Desktop\Farming Simulator 2011 .lnk
    [2014/03/18 18:27:15 | 000,000,222 | ---- | M] () -- C:\Users\luke\Desktop\Banished.url
    [2014/03/16 18:17:17 | 000,294,568 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT
    [2014/03/11 21:21:57 | 000,692,616 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerApp.exe
    [2014/03/11 21:21:57 | 000,071,048 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl
    [2014/03/07 22:07:57 | 146,747,631 | ---- | M] () -- C:\Users\luke\Desktop\farming_manager.exe
    [2014/03/01 05:16:26 | 000,004,096 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\ieetwcollectorres.dll
    [2014/03/01 04:52:55 | 000,066,048 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\iesetup.dll
    [2014/03/01 04:51:59 | 000,048,640 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\ieetwproxystub.dll
    [2014/03/01 04:40:43 | 000,033,792 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\iernonce.dll
    [2014/03/01 04:37:12 | 000,574,976 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\ieui.dll
    [2014/03/01 04:33:52 | 000,139,264 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\ieUnatt.exe
    [2014/03/01 04:33:34 | 000,111,616 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\ieetwcollector.exe
    [2014/03/01 04:32:59 | 000,708,608 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\jscript9diag.dll
    [2014/03/01 04:23:49 | 000,940,032 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\MsSpellCheckingFacility.exe
    [2014/03/01 04:17:43 | 000,218,624 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\ie4uinit.exe
    [2014/03/01 04:02:07 | 000,195,584 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\msrating.dll
    [2014/03/01 03:54:33 | 005,768,704 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\jscript9.dll
    [2014/03/01 03:52:43 | 000,061,952 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\iesetup.dll
    [2014/03/01 03:51:53 | 000,051,200 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\ieetwproxystub.dll
    [2014/03/01 03:43:28 | 000,032,768 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\iernonce.dll
    [2014/03/01 03:42:12 | 000,627,200 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\msfeeds.dll
    [2014/03/01 03:40:17 | 000,440,832 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\ieui.dll
    [2014/03/01 03:38:26 | 000,112,128 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\ieUnatt.exe
    [2014/03/01 03:37:35 | 000,553,472 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\jscript9diag.dll
    [2014/03/01 03:35:11 | 002,041,856 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\inetcpl.cpl
    [2014/03/01 03:16:09 | 000,164,864 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\msrating.dll
    [2014/03/01 03:00:08 | 001,964,032 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\inetcpl.cpl
    [2014/03/01 02:25:42 | 000,703,488 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\ieapfltr.dll
    [2014/03/01 02:25:22 | 000,817,664 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\ieapfltr.dll
    [2014/02/28 18:53:18 | 000,782,470 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
    [2014/02/28 18:53:18 | 000,666,636 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
    [2014/02/28 18:53:18 | 000,126,312 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
    [2014/02/23 22:17:43 | 000,001,931 | ---- | M] () -- C:\Users\Public\Desktop\McAfee Security Scan Plus.lnk
    [2014/02/23 22:17:43 | 000,001,931 | ---- | M] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\McAfee Security Scan Plus.lnk
    [1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]

    ========== Files Created - No Company Name ==========

    [2014/03/25 19:24:38 | 000,000,512 | ---- | C] () -- C:\Windows\SysNative\F39D4DE6-98B8-4E05-91BD-549E8A8248BD
    [2014/03/23 17:08:35 | 000,001,113 | ---- | C] () -- C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
    [2014/03/22 14:19:57 | 056,010,773 | ---- | C] () -- C:\Users\luke\Desktop\JohnDeere7810FriendGift.zip
    [2014/03/22 11:53:05 | 000,001,912 | ---- | C] () -- C:\Users\luke\Desktop\RelicCoH2 - Shortcut.lnk
    [2014/03/22 10:34:35 | 001,372,957 | ---- | C] () -- C:\Users\luke\Desktop\CheatCommands_LE_v1.26.zip
    [2014/03/22 09:51:48 | 000,001,186 | ---- | C] () -- C:\Users\luke\Desktop\Farming Manager.lnk
    [2014/03/20 08:13:44 | 000,001,215 | ---- | C] () -- C:\Users\luke\Desktop\Farming Simulator 2011 .lnk
    [2014/03/18 18:27:15 | 000,000,222 | ---- | C] () -- C:\Users\luke\Desktop\Banished.url
    [2014/03/07 21:23:58 | 146,747,631 | ---- | C] () -- C:\Users\luke\Desktop\farming_manager.exe
    [2013/12/06 16:44:26 | 000,038,912 | ---- | C] () -- C:\Windows\SysWow64\kdbsdk32.dll
    [2013/10/17 20:29:04 | 000,000,057 | ---- | C] () -- C:\ProgramData\Ament.ini
    [2013/08/03 18:11:27 | 000,000,727 | ---- | C] () -- C:\Windows\eReg.dat
    [2013/03/29 02:13:14 | 000,798,734 | ---- | C] () -- C:\Windows\SysWow64\amdocl_ld32.exe
    [2013/03/29 02:13:12 | 000,995,342 | ---- | C] () -- C:\Windows\SysWow64\amdocl_as32.exe
    [2013/02/12 11:40:08 | 000,281,688 | ---- | C] () -- C:\Windows\SysWow64\PnkBstrB.exe
    [2013/02/12 11:40:07 | 000,076,888 | ---- | C] () -- C:\Windows\SysWow64\PnkBstrA.exe
    [2012/12/16 16:02:58 | 000,011,867 | ---- | C] () -- C:\Users\luke\AppData\Roaming\TheHunterSettings_live.bin
    [2012/12/06 08:10:04 | 000,000,000 | ---- | C] () -- C:\Windows\ativpsrm.bin
    [2012/10/19 07:12:59 | 000,204,952 | ---- | C] () -- C:\Windows\SysWow64\ativvsvl.dat
    [2012/10/19 07:12:59 | 000,157,144 | ---- | C] () -- C:\Windows\SysWow64\ativvsva.dat
    [2012/10/19 07:12:57 | 000,003,917 | ---- | C] () -- C:\Windows\SysWow64\atipblag.dat
    [2012/10/09 18:45:49 | 000,766,336 | ---- | C] () -- C:\Windows\SysWow64\PerfStringBackup.INI
    [2012/10/09 17:40:42 | 000,058,880 | ---- | C] () -- C:\Windows\SysWow64\igdde32.dll
    [2012/10/09 17:40:41 | 012,978,688 | ---- | C] () -- C:\Windows\SysWow64\ig7icd32.dll
    [2012/10/09 17:40:41 | 000,734,772 | ---- | C] () -- C:\Windows\SysWow64\igkrng700.bin
    [2012/10/09 17:40:41 | 000,557,476 | ---- | C] () -- C:\Windows\SysWow64\igfcg700m.bin
    [2012/10/09 17:34:56 | 000,057,747 | ---- | C] () -- C:\Windows\Ascd_log.ini
    [2012/10/09 17:34:05 | 000,001,769 | ---- | C] () -- C:\Windows\Language_trs.ini
    [2012/10/09 17:34:01 | 000,040,196 | ---- | C] () -- C:\Windows\Ascd_tmp.ini

    ========== ZeroAccess Check ==========

    [2009/07/14 04:55:00 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini

    [HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64

    [HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]

    [HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] /64

    [HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]

    [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
    "" = C:\Windows\SysNative\shell32.dll -- [2013/07/26 02:24:57 | 014,172,672 | ---- | M] (Microsoft Corporation)
    "ThreadingModel" = Apartment

    [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
    "" = %SystemRoot%\system32\shell32.dll -- [2013/07/26 01:55:59 | 012,872,704 | ---- | M] (Microsoft Corporation)
    "ThreadingModel" = Apartment

    [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] /64
    "" = C:\Windows\SysNative\wbem\fastprox.dll -- [2009/07/14 01:40:51 | 000,909,312 | ---- | M] (Microsoft Corporation)
    "ThreadingModel" = Free

    [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
    "" = %systemroot%\system32\wbem\fastprox.dll -- [2010/11/21 03:24:25 | 000,606,208 | ---- | M] (Microsoft Corporation)
    "ThreadingModel" = Free

    [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] /64
    "" = C:\Windows\SysNative\wbem\wbemess.dll -- [2009/07/14 01:41:56 | 000,505,856 | ---- | M] (Microsoft Corporation)
    "ThreadingModel" = Both

    [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]

    ========== Alternate Data Streams ==========

    @Alternate Data Stream - 118 bytes -> C:\ProgramData\TEMP:373E1720

    < End of report >

  4. #4
    Member
    Join Date
    Sep 2011
    Posts
    15
    Points
    0

    Default

    unkware Removal Tool (JRT) by Thisisu
    Version: 6.1.2 (02.20.2014:1)
    OS: Windows 7 Home Premium x64
    Ran by luke on 23/03/2014 at 20:05:08.05
    ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~




    ~~~ Services



    ~~~ Registry Values

    Successfully deleted: [Registry Value] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\SMessaging [Strongvault]
    Successfully repaired: [Registry Value] HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Internet Explorer\Main\\Default_Page_URL
    Successfully repaired: [Registry Value] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchURL\\Default



    ~~~ Registry Keys

    Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\escort.escortiepane
    Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\escort.escortiepane.1
    Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\protector_dll.protectorbho
    Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\protector_dll.protectorbho.1
    Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\AppID\{09C554C3-109B-483C-A06B-F14172F1A947}
    Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\AppID\{1FDFF5A2-7BB1-48E1-8081-7236812B12B2}
    Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\AppID\{39CB8175-E224-4446-8746-00566302DF8D}
    Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\AppID\{4E1E9D45-8BF9-4139-915C-9F83CC3D5921}
    Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\AppID\{BB711CB0-C70B-482E-9852-EC05EBD71DBB}
    Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\AppID\{D7EE8177-D51E-4F89-92B6-83EA2EC40800}
    Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\AppID\escort.dll
    Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\AppID\escortapp.dll
    Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\AppID\escortlbr.dll
    Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\AppID\esrv.exe
    Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\AppID\scripthelper.exe
    Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\AppID\viprotocol.dll
    Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\CLSID\{3C471948-F874-49F5-B338-4F214A2EE0B1}
    Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\CLSID\{4E92DB5F-AAD9-49D3-8EAB-B40CBE5B1FF7}
    Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\CLSID\{4FCB4630-2A1C-4AA1-B422-345E8DC8A6DE}
    Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\CLSID\{933B95E2-E7B7-4AD9-B952-7AC336682AE3}
    Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\CLSID\{94496571-6AC5-4836-82D5-D46260C44B17}
    Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\CLSID\{95B7759C-8C7F-4BF1-B163-73684A933233}
    Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\CLSID\{B658800C-F66E-4EF3-AB85-6C0C227862A9}
    Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\CLSID\{BC9FD17D-30F6-4464-9E53-596A90AFF023}
    Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\CLSID\{DE9028D0-5FFA-4E69-94E3-89EE8741F468}
    Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\CLSID\{E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39}
    Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\CLSID\{E97A663B-81A6-49C5-A6D3-BCB05BA1DE26}
    Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\CLSID\{F25AF245-4A81-40DC-92F9-E9021F207706}
    Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\Interface\{03E2A1F3-4402-4121-8B35-733216D61217}
    Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\Interface\{31E3BC75-2A09-4CFF-9C92-8D0ED8D1DC0F}
    Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\Interface\{4E92DB5F-AAD9-49D3-8EAB-B40CBE5B1FF7}
    Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\Interface\{9E3B11F6-4179-4603-A71B-A55F4BCB0BEC}
    Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\Interface\{C401D2CE-DC27-45C7-BC0C-8E6EA7F085D6}
    Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\TypeLib\{13ABD093-D46F-40DF-A608-47E162EC799D}
    Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\TypeLib\{74FB6AFD-DD77-4CEB-83BD-AB2B63E63C93}
    Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\TypeLib\{9C049BA6-EA47-4AC3-AED6-A66D8DC9E1D8}
    Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\TypeLib\{C2AC8A0E-E48E-484B-A71C-C7A937FAAB94}
    Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\TypeLib\{D7EE8177-D51E-4F89-92B6-83EA2EC40800}
    Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\TypeLib\{E2343056-CC08-46AC-B898-BFC7ACF4E755}
    Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\filescout
    Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\installedbrowserextensions
    Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\livesupport
    Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\smartbar
    Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\stronghold online backup
    Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{95B7759C-8C7F-4BF1-B163-73684A933233}
    Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{95B7759C-8C7F-4BF1-B163-73684A933233}
    Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{F25AF245-4A81-40DC-92F9-E9021F207706}
    Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\InternetRegistry\REGISTRY\USER\S-1-5-21-2986761378-1864547943-1963784790-1001\Software\sweetim
    Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\babylon
    Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\strongvault
    Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\delta.deltaappcore
    Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\delta.deltaappcore.1
    Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\prod.cap
    Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\protocols\handler\viprotocol
    Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\s
    Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\scripthelper.scripthelperapi.1
    Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\viprotocol.viprotocolole
    Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\viprotocol.viprotocolole.1
    Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39}
    Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\conduitinstaller_rasapi32
    Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\conduitinstaller_rasmancs
    Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\snapdo_rasapi32
    Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\snapdo_rasmancs
    Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\strongvaultapp_rasapi32
    Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\strongvaultapp_rasmancs
    Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{C6FDD0C3-266A-4DC3-B459-28C697C44CDC}
    Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{F25AF245-4A81-40DC-92F9-E9021F207706}
    Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{c3f3165c-74d3-6fdb-3274-14fda8698cfa}
    Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Wow6432Node\sp global
    Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Wow6432Node\sprotector
    Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\Toolbar.CT3244149
    Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\wsconduit__166_RASAPI32
    Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\wsconduit__166_RASMANCS
    Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Tracing\wsconduit__166_RASAPI32
    Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Tracing\wsconduit__166_RASMANCS
    Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchScopes\{006ee092-9658-4fd6-bd8e-a21a348e59f5}
    Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{C013BC4C-BCBB-85E8-E928-1BAF4ED82184}
    Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\CLSID\{C013BC4C-BCBB-85E8-E928-1BAF4ED82184}
    Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DA59A734-9B9A-3649-6D4A-9A7F67C58682}
    Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\CLSID\{DA59A734-9B9A-3649-6D4A-9A7F67C58682}
    Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{DA59A734-9B9A-3649-6D4A-9A7F67C58682}
    Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DC8DF8C9-AA87-EB8C-89C4-09925CC03942}
    Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\CLSID\{DC8DF8C9-AA87-EB8C-89C4-09925CC03942}
    Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{DC8DF8C9-AA87-EB8C-89C4-09925CC03942}



    ~~~ Files

    Successfully deleted: [File] "C:\end"



    ~~~ Folders

    Successfully deleted: [Folder] "C:\ProgramData\babylon"
    Successfully deleted: [Folder] "C:\ProgramData\boost_interprocess"
    Successfully deleted: [Folder] "C:\ProgramData\premium"
    Successfully deleted: [Folder] "C:\ProgramData\strongvault online backup"
    Successfully deleted: [Folder] "C:\Users\luke\AppData\Roaming\babsolution"
    Successfully deleted: [Folder] "C:\Users\luke\AppData\Roaming\babylon"
    Successfully deleted: [Folder] "C:\Users\luke\AppData\Roaming\pccustubinstaller"
    Successfully deleted: [Folder] "C:\Users\luke\AppData\Roaming\strongvault"
    Successfully deleted: [Folder] "C:\Users\luke\appdata\local\stronghold_llc"
    Successfully deleted: [Folder] "C:\Users\luke\appdata\local\strongvault online backup"
    Successfully deleted: [Folder] "C:\Users\luke\appdata\locallow\conduit"
    Successfully deleted: [Folder] "C:\ProgramData\Microsoft\Windows\Start Menu\Programs\livesupport"
    Successfully deleted: [Folder] "C:\ProgramData\Microsoft\Windows\Start Menu\Programs\strongvault online backup"
    Successfully deleted: [Folder] "C:\Windows\syswow64\ai_recyclebin"
    Successfully deleted: [Folder] "C:\Users\luke\documents\optimizer pro"



    ~~~ Event Viewer Logs were cleared





    ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
    Scan was completed on 23/03/2014 at 20:09:22.24
    End of JRT log
    ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

  5. #5
    Member
    Join Date
    Sep 2011
    Posts
    15
    Points
    0

    Default

    OTL Extras logfile created on: 23/03/2014 7:46:03 PM - Run 1
    OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\luke\Desktop
    64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
    Internet Explorer (Version = 9.11.9600.16521)
    Locale: 00000809 | Country: United Kingdom | Language: ENG | Date Format: dd/MM/yyyy

    7.96 Gb Total Physical Memory | 5.18 Gb Available Physical Memory | 65.10% Memory free
    15.91 Gb Paging File | 12.61 Gb Available in Paging File | 79.23% Paging File free
    Paging file location(s): ?:\pagefile.sys [binary data]

    %SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
    Drive C: | 1862.67 Gb Total Space | 1687.90 Gb Free Space | 90.62% Space Free | Partition Type: NTFS

    Computer Name: LUKE-PC | User Name: luke | Logged in as Administrator.
    Boot Mode: Normal | Scan Mode: Current user | Include 64bit Scans
    Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

    ========== Extra Registry (All) ==========


    ========== File Associations ==========

    64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
    .chm[@ = chm.file] -- C:\Windows\hh.exe (Microsoft Corporation)
    .cpl[@ = cplfile] -- C:\Windows\SysNative\control.exe (Microsoft Corporation)
    .hlp[@ = hlpfile] -- C:\Windows\winhlp32.exe (Microsoft Corporation)
    .hta[@ = htafile] -- C:\Windows\SysWOW64\mshta.exe (Microsoft Corporation)
    .html[@ = htmlfile] -- C:\Program Files\Internet Explorer\IEXPLORE.EXE (Microsoft Corporation)
    .inf[@ = inffile] -- C:\Windows\SysNative\NOTEPAD.EXE (Microsoft Corporation)
    .ini[@ = inifile] -- C:\Windows\SysNative\NOTEPAD.EXE (Microsoft Corporation)
    .url[@ = InternetShortcut] -- C:\Windows\SysNative\rundll32.exe (Microsoft Corporation)
    .js[@ = JSFile] -- C:\Windows\SysNative\WScript.exe (Microsoft Corporation)
    .jse[@ = JSEFile] -- C:\Windows\SysNative\WScript.exe (Microsoft Corporation)
    .reg[@ = regfile] -- C:\Windows\regedit.exe (Microsoft Corporation)
    .txt[@ = txtfile] -- C:\Windows\SysNative\NOTEPAD.EXE (Microsoft Corporation)
    .vbe[@ = VBEFile] -- C:\Windows\SysNative\WScript.exe (Microsoft Corporation)
    .vbs[@ = VBSFile] -- C:\Windows\SysNative\WScript.exe (Microsoft Corporation)
    .wsf[@ = WSFFile] -- C:\Windows\SysNative\WScript.exe (Microsoft Corporation)
    .wsh[@ = WSHFile] -- C:\Windows\SysNative\WScript.exe (Microsoft Corporation)

    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
    .bat [@ = batfile] -- "%1" %*
    .chm [@ = chm.file] -- C:\Windows\hh.exe (Microsoft Corporation)
    .cmd [@ = cmdfile] -- "%1" %*
    .com [@ = comfile] -- "%1" %*
    .cpl [@ = cplfile] -- C:\Windows\SysWow64\control.exe (Microsoft Corporation)
    .exe [@ = exefile] -- "%1" %*
    .hlp [@ = hlpfile] -- C:\Windows\winhlp32.exe (Microsoft Corporation)
    .hta [@ = htafile] -- C:\Windows\SysWOW64\mshta.exe (Microsoft Corporation)
    .html [@ = htmlfile] -- C:\Program Files\Internet Explorer\IEXPLORE.EXE (Microsoft Corporation)
    .inf [@ = inffile] -- C:\Windows\SysWow64\NOTEPAD.EXE (Microsoft Corporation)
    .ini [@ = inifile] -- C:\Windows\SysWow64\NOTEPAD.EXE (Microsoft Corporation)
    .url [@ = InternetShortcut] -- C:\Windows\SysWow64\rundll32.exe (Microsoft Corporation)
    .js [@ = JSFile] -- C:\Windows\SysWow64\WScript.exe (Microsoft Corporation)
    .jse [@ = JSEFile] -- C:\Windows\SysWow64\WScript.exe (Microsoft Corporation)
    .pif [@ = piffile] -- "%1" %*
    .reg [@ = regfile] -- C:\Windows\SysWow64\regedit.exe (Microsoft Corporation)
    .scr [@ = scrfile] -- "%1" /S
    .txt [@ = txtfile] -- C:\Windows\SysWow64\NOTEPAD.EXE (Microsoft Corporation)
    .vbe [@ = VBEFile] -- C:\Windows\SysWow64\WScript.exe (Microsoft Corporation)
    .vbs [@ = VBSFile] -- C:\Windows\SysWow64\WScript.exe (Microsoft Corporation)
    .wsf [@ = WSFFile] -- C:\Windows\SysWow64\WScript.exe (Microsoft Corporation)
    .wsh [@ = WSHFile] -- C:\Windows\SysWow64\WScript.exe (Microsoft Corporation)

    [HKEY_CURRENT_USER\SOFTWARE\Classes\<extension>]
    .html [@ = ChromeHTML] -- Reg Error: Key error. File not found

    ========== Shell Spawning ==========

    64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
    batfile [edit] -- %SystemRoot%\System32\NOTEPAD.EXE %1 (Microsoft Corporation)
    batfile [open] -- "%1" %*
    batfile [print] -- %SystemRoot%\System32\NOTEPAD.EXE /p %1 (Microsoft Corporation)
    chm.file [open] -- "%SystemRoot%\hh.exe" %1 (Microsoft Corporation)
    cmdfile [edit] -- %SystemRoot%\System32\NOTEPAD.EXE %1 (Microsoft Corporation)
    cmdfile [open] -- "%1" %*
    cmdfile [print] -- %SystemRoot%\System32\NOTEPAD.EXE /p %1 (Microsoft Corporation)
    comfile [open] -- "%1" %*
    cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
    exefile [open] -- "%1" %*
    helpfile [open] -- Reg Error: Key error.
    hlpfile [open] -- %SystemRoot%\winhlp32.exe %1 (Microsoft Corporation)
    htafile [open] -- C:\Windows\SysWOW64\mshta.exe "%1" %* (Microsoft Corporation)
    htmlfile [edit] -- Reg Error: Key error.
    htmlfile [open] -- "C:\Program Files\Internet Explorer\IEXPLORE.EXE" -nohome (Microsoft Corporation)
    htmlfile [opennew] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
    htmlfile [print] -- "%systemroot%\system32\rundll32.exe" "%systemroot%\system32\mshtml.dll",PrintHTML "%1"
    http [open] -- "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" -- "%1" (Google Inc.)
    https [open] -- "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" -- "%1" (Google Inc.)
    inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
    inffile [open] -- %SystemRoot%\system32\NOTEPAD.EXE %1 (Microsoft Corporation)
    inffile [print] -- %SystemRoot%\system32\NOTEPAD.EXE /p %1 (Microsoft Corporation)
    inifile [open] -- %SystemRoot%\system32\NOTEPAD.EXE %1 (Microsoft Corporation)
    inifile [print] -- %SystemRoot%\system32\NOTEPAD.EXE /p %1 (Microsoft Corporation)
    InternetShortcut [open] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll",OpenURL %l (Microsoft Corporation)
    InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
    jsfile [edit] -- C:\Windows\System32\Notepad.exe %1 (Microsoft Corporation)
    jsfile [open] -- %SystemRoot%\System32\WScript.exe "%1" %* (Microsoft Corporation)
    jsfile [print] -- C:\Windows\System32\Notepad.exe /p %1 (Microsoft Corporation)
    jsefile [edit] -- C:\Windows\System32\Notepad.exe %1 (Microsoft Corporation)
    jsefile [open] -- C:\Windows\System32\WScript.exe "%1" %* (Microsoft Corporation)
    jsefile [print] -- C:\Windows\System32\Notepad.exe /p %1 (Microsoft Corporation)
    piffile [open] -- "%1" %*
    regfile [edit] -- %SystemRoot%\system32\notepad.exe "%1" (Microsoft Corporation)
    regfile [open] -- regedit.exe "%1" (Microsoft Corporation)
    regfile [merge] -- Reg Error: Key error.
    regfile [print] -- %SystemRoot%\system32\notepad.exe /p "%1" (Microsoft Corporation)
    scrfile [config] -- "%1"
    scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
    scrfile [open] -- "%1" /S
    txtfile [edit] -- Reg Error: Key error.
    txtfile [open] -- %SystemRoot%\system32\NOTEPAD.EXE %1 (Microsoft Corporation)
    txtfile [print] -- %SystemRoot%\system32\NOTEPAD.EXE /p %1 (Microsoft Corporation)
    txtfile [printto] -- %SystemRoot%\system32\notepad.exe /pt "%1" "%2" "%3" "%4" (Microsoft Corporation)
    vbefile [edit] -- "%SystemRoot%\System32\Notepad.exe" %1 (Microsoft Corporation)
    vbefile [open] -- %SystemRoot%\System32\WScript.exe "%1" %* (Microsoft Corporation)
    vbefile [print] -- "%SystemRoot%\System32\Notepad.exe" /p %1 (Microsoft Corporation)
    vbsfile [edit] -- "%SystemRoot%\System32\Notepad.exe" %1 (Microsoft Corporation)
    vbsfile [open] -- %SystemRoot%\System32\WScript.exe "%1" %* (Microsoft Corporation)
    vbsfile [print] -- "%SystemRoot%\System32\Notepad.exe" /p %1 (Microsoft Corporation)
    wsffile [edit] -- "%SystemRoot%\System32\Notepad.exe" %1 (Microsoft Corporation)
    wsffile [open] -- "%SystemRoot%\System32\WScript.exe" "%1" %* (Microsoft Corporation)
    wsffile [print] -- "%SystemRoot%\System32\Notepad.exe" /p %1 (Microsoft Corporation)
    wshfile [open] -- "%SystemRoot%\System32\WScript.exe" "%1" %* (Microsoft Corporation)
    Unknown [openas] -- "C:\Users\luke\AppData\Roaming\File Scout\filescout.exe" /open "%1"
    Directory [AddToPlaylistVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" (VideoLAN)
    Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
    Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
    Directory [PlayWithVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" (VideoLAN)
    Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
    Folder [explore] -- Reg Error: Value error.
    Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
    Applications\iexplore.exe [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
    CLSID\{871C5380-42A0-1069-A2EA-08002B30309D} [OpenHomePage] -- "C:\Program Files\Internet Explorer\iexplore.exe" (Microsoft Corporation)

    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
    batfile [edit] -- %SystemRoot%\System32\NOTEPAD.EXE %1 (Microsoft Corporation)
    batfile [open] -- "%1" %*
    batfile [print] -- %SystemRoot%\System32\NOTEPAD.EXE /p %1 (Microsoft Corporation)
    chm.file [open] -- "%SystemRoot%\hh.exe" %1 (Microsoft Corporation)
    cmdfile [edit] -- %SystemRoot%\System32\NOTEPAD.EXE %1 (Microsoft Corporation)
    cmdfile [open] -- "%1" %*
    cmdfile [print] -- %SystemRoot%\System32\NOTEPAD.EXE /p %1 (Microsoft Corporation)
    comfile [open] -- "%1" %*
    cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
    exefile [open] -- "%1" %*
    helpfile [open] -- Reg Error: Key error.
    hlpfile [open] -- %SystemRoot%\winhlp32.exe %1 (Microsoft Corporation)
    htafile [open] -- C:\Windows\SysWOW64\mshta.exe "%1" %* (Microsoft Corporation)
    htmlfile [edit] -- Reg Error: Key error.
    htmlfile [open] -- "C:\Program Files\Internet Explorer\IEXPLORE.EXE" -nohome (Microsoft Corporation)
    htmlfile [opennew] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
    htmlfile [print] -- "%systemroot%\system32\rundll32.exe" "%systemroot%\system32\mshtml.dll",PrintHTML "%1"
    http [open] -- "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" -- "%1" (Google Inc.)
    https [open] -- "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" -- "%1" (Google Inc.)
    inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
    inffile [open] -- %SystemRoot%\system32\NOTEPAD.EXE %1 (Microsoft Corporation)
    inffile [print] -- %SystemRoot%\system32\NOTEPAD.EXE /p %1 (Microsoft Corporation)
    inifile [open] -- %SystemRoot%\system32\NOTEPAD.EXE %1 (Microsoft Corporation)
    inifile [print] -- %SystemRoot%\system32\NOTEPAD.EXE /p %1 (Microsoft Corporation)
    InternetShortcut [open] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll",OpenURL %l (Microsoft Corporation)
    InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
    jsfile [edit] -- C:\Windows\System32\Notepad.exe %1 (Microsoft Corporation)
    jsfile [open] -- %SystemRoot%\System32\WScript.exe "%1" %* (Microsoft Corporation)
    jsfile [print] -- C:\Windows\System32\Notepad.exe /p %1 (Microsoft Corporation)
    jsefile [edit] -- C:\Windows\System32\Notepad.exe %1 (Microsoft Corporation)
    jsefile [open] -- C:\Windows\System32\WScript.exe "%1" %* (Microsoft Corporation)
    jsefile [print] -- C:\Windows\System32\Notepad.exe /p %1 (Microsoft Corporation)
    piffile [open] -- "%1" %*
    regfile [edit] -- %SystemRoot%\system32\notepad.exe "%1" (Microsoft Corporation)
    regfile [open] -- regedit.exe "%1" (Microsoft Corporation)
    regfile [merge] -- Reg Error: Key error.
    regfile [print] -- %SystemRoot%\system32\notepad.exe /p "%1" (Microsoft Corporation)
    scrfile [config] -- "%1"
    scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
    scrfile [open] -- "%1" /S
    txtfile [edit] -- Reg Error: Key error.
    txtfile [open] -- %SystemRoot%\system32\NOTEPAD.EXE %1 (Microsoft Corporation)
    txtfile [print] -- %SystemRoot%\system32\NOTEPAD.EXE /p %1 (Microsoft Corporation)
    txtfile [printto] -- %SystemRoot%\system32\notepad.exe /pt "%1" "%2" "%3" "%4" (Microsoft Corporation)
    vbefile [edit] -- "%SystemRoot%\System32\Notepad.exe" %1 (Microsoft Corporation)
    vbefile [open] -- %SystemRoot%\System32\WScript.exe "%1" %* (Microsoft Corporation)
    vbefile [print] -- "%SystemRoot%\System32\Notepad.exe" /p %1 (Microsoft Corporation)
    vbsfile [edit] -- "%SystemRoot%\System32\Notepad.exe" %1 (Microsoft Corporation)
    vbsfile [open] -- %SystemRoot%\System32\WScript.exe "%1" %* (Microsoft Corporation)
    vbsfile [print] -- "%SystemRoot%\System32\Notepad.exe" /p %1 (Microsoft Corporation)
    wsffile [edit] -- "%SystemRoot%\System32\Notepad.exe" %1 (Microsoft Corporation)
    wsffile [open] -- "%SystemRoot%\System32\WScript.exe" "%1" %* (Microsoft Corporation)
    wsffile [print] -- "%SystemRoot%\System32\Notepad.exe" /p %1 (Microsoft Corporation)
    wshfile [open] -- "%SystemRoot%\System32\WScript.exe" "%1" %* (Microsoft Corporation)
    Unknown [openas] -- "C:\Users\luke\AppData\Roaming\File Scout\filescout.exe" /open "%1"
    Directory [AddToPlaylistVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" (VideoLAN)
    Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
    Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
    Directory [PlayWithVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" (VideoLAN)
    Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
    Folder [explore] -- Reg Error: Value error.
    Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
    Applications\iexplore.exe [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
    CLSID\{871C5380-42A0-1069-A2EA-08002B30309D} [OpenHomePage] -- Reg Error: Value error.

    ========== Security Center Settings ==========

    64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
    "cval" = 1

    64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

    64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
    "VistaSp1" = 28 4D B2 76 41 04 CA 01 [binary data]
    "AntiVirusOverride" = 0
    "AntiSpywareOverride" = 0
    "FirewallOverride" = 0

    64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]

    ========== Firewall Settings ==========

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
    "EnableFirewall" = 1
    "DisableNotifications" = 0

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
    "EnableFirewall" = 1
    "DisableNotifications" = 0

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
    "EnableFirewall" = 1
    "DisableNotifications" = 0

    ========== Authorized Applications List ==========


    ========== Vista Active Open Ports Exception List ==========

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
    "{020B7FC1-5313-4216-BD19-5E240CF8D425}" = rport=138 | protocol=17 | dir=out | app=system |
    "{1041DC61-4CAA-404F-B7AC-89AA81617704}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
    "{10DCFEA3-1D80-4814-B6D8-BDC6EAD13E65}" = lport=137 | protocol=17 | dir=in | app=system |
    "{13DFB464-22A8-4574-A265-24C13EA6C0AE}" = lport=10243 | protocol=6 | dir=in | app=system |
    "{2BDFE36B-742B-49FD-BBA3-84A76E00253E}" = lport=2869 | protocol=6 | dir=in | name=windows live communications platform (upnp) |
    "{2FE9CF86-3A31-49A5-AEF2-47168558969B}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe |
    "{372D20EA-AEC2-444B-9425-B0352BE6AAB6}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | name=@firewallapi.dll,-28539 |
    "{3D726159-CF37-4B40-842A-303C5CB24A0F}" = lport=2177 | protocol=6 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
    "{3E563F12-7D68-44B2-B799-21675AA0F9EA}" = lport=3702 | protocol=17 | dir=in | svc=fdphost | app=%systemroot%\system32\svchost.exe |
    "{43890C02-B8E4-4BE5-92B9-3A4222560AA9}" = lport=139 | protocol=6 | dir=in | app=system |
    "{44711970-F51E-4CB1-8F86-9FA2BAEA4258}" = rport=445 | protocol=6 | dir=out | app=system |
    "{4638AEC7-7D1C-4B8B-BBB8-A341AB774AC7}" = lport=138 | protocol=17 | dir=in | app=system |
    "{6394F220-CE5A-4BDC-8F12-D64BE5D975BE}" = lport=3702 | protocol=17 | dir=in | svc=fdrespub | app=%systemroot%\system32\svchost.exe |
    "{64A2BBE0-71BE-4DA3-AFBD-53286F0D5F6E}" = rport=3702 | protocol=17 | dir=out | svc=fdphost | app=%systemroot%\system32\svchost.exe |
    "{6A9DE8E9-6F35-46D1-A29C-30E14DF4DBC6}" = lport=1900 | protocol=17 | dir=in | name=windows live communications platform (ssdp) |
    "{7568069C-77CB-434E-9A96-1017B264F81B}" = rport=2177 | protocol=6 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
    "{7E409AB0-F0A4-43E8-B8C0-8042D9F600E2}" = lport=445 | protocol=6 | dir=in | app=system |
    "{848F019D-6FAF-4915-A43B-E163372C581D}" = lport=2177 | protocol=17 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
    "{88DEBA1C-EA4A-4EAC-9DAF-9E93FC488BC7}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe |
    "{8CE7EDCB-9D7C-4B65-9255-984B9C03D49C}" = lport=2869 | protocol=6 | dir=in | app=system |
    "{996780AA-7E6B-4E12-A360-4BC5CE0A3677}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe |
    "{A52EE99C-C711-4E6D-9686-9983202DB588}" = lport=rpc | protocol=6 | dir=in | svc=spooler | app=%systemroot%\system32\spoolsv.exe |
    "{AECC3871-D23E-4B9F-93DF-7BFCC079BB9F}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
    "{AF6680CD-AA44-4967-AC81-4BF5479A2A25}" = lport=808 | protocol=6 | dir=in | svc=nettcpactivator | app=c:\windows\microsoft.net\framework64\v4.0.30319\smsvchost.exe |
    "{C3D3E373-1347-45E9-B1D5-411CB658EA7B}" = rport=10243 | protocol=6 | dir=out | app=system |
    "{C9726E12-B78F-458F-A911-891A84877317}" = rport=139 | protocol=6 | dir=out | app=system |
    "{CC18823B-1620-457E-91AF-B50AA9A9969B}" = rport=3702 | protocol=17 | dir=out | svc=fdrespub | app=%systemroot%\system32\svchost.exe |
    "{CE57A3AF-0678-4683-9323-0667D22D6184}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe |
    "{D50F8A05-890D-4D20-A26C-0AC46D5B9538}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe |
    "{D75F0B98-0CEE-4554-A046-0C003B3134E6}" = rport=2177 | protocol=17 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
    "{DABC2AAC-4FC9-451C-BDCC-4068E2849CD4}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
    "{F9138212-87FD-46EE-80AB-8C0183FC5801}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
    "{FD54F1B7-D0FE-4A00-A186-95B73EF48127}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe |
    "{FE7BCA65-2EAD-4245-AF0C-A394AFE099B1}" = rport=137 | protocol=17 | dir=out | app=system |

    ========== Vista Active Application Exception List ==========

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
    "{0807825F-D6EA-458E-B6B9-B51589199240}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\order of war\oow_final.exe |
    "{0813F741-CC55-4391-8661-7EEBF7C8944E}" = protocol=6 | dir=in | app=c:\program files (x86)\farming simulator 2011\farmingsimulator2011.exe |
    "{08EA1741-EB5A-424D-9C4E-C698529B5A9B}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
    "{0C885BA4-7B5A-41FC-9230-B75D8CC0FA35}" = dir=in | app=c:\program files\hp\hp officejet 6700\bin\hpnetworkcommunicator.exe |
    "{0E74E141-D288-4E4C-9108-80BE536CDA1A}" = protocol=1 | dir=in | name=@firewallapi.dll,-28543 |
    "{14C97251-6D9D-4E25-B5D4-723C5D51356E}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\loadout\loadout.exe |
    "{19B27C8E-3150-4FEC-B9F0-95932836F883}" = protocol=6 | dir=in | app=c:\program files (x86)\ski region simulator 2012\skiregionsimulator2012.exe |
    "{1D5FA8D2-12FC-43F3-BF9D-4B57F61ABFA5}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
    "{1D8C5513-0812-4AFD-9078-9D1EBA2846FE}" = protocol=6 | dir=in | app=c:\program files (x86)\ubisoft\farcry 3\bin\farcry3_d3d11.exe |
    "{24415559-D741-4A9B-8771-E907896DE1B7}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steam.exe |
    "{2524380E-2C81-488A-8398-0D1F4AC4B1F0}" = dir=in | app=c:\program files\hp\hp officejet 6700\bin\digitalwizards.exe |
    "{2531D2E5-8162-4586-A5A7-0BB9D7004968}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\order of war\oow_final_dx9.exe |
    "{2581762E-30C9-4C0D-9209-3259DB3D29C2}" = protocol=6 | dir=in | app=c:\program files (x86)\ski region simulator 2012\skiregionsimulator2012game.exe |
    "{2825CCFC-B04E-4FD4-A0DC-1459FDEBFA21}" = protocol=6 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe |
    "{28BD8DC6-3708-4F78-B30A-727A05C742F4}" = protocol=6 | dir=out | app=system |
    "{2AC4CEF7-490D-4C34-9CA5-B3FD4701EA89}" = protocol=58 | dir=in | name=@firewallapi.dll,-28545 |
    "{2E727196-E716-4A08-887B-83029F30EB68}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\order of war\oow_final_dx10.exe |
    "{30547493-0F7C-4F36-AE6A-FDE88AB73838}" = protocol=17 | dir=in | app=c:\program files (x86)\ubisoft\farcry 3\bin\farcry3.exe |
    "{328A3C50-DF52-46DB-B8B2-099F9B093E9C}" = protocol=17 | dir=in | app=c:\program files (x86)\ski region simulator 2012\skiregionsimulator2012.exe |
    "{32B0D680-ED7F-4995-809A-302142FC69BF}" = protocol=17 | dir=in | app=c:\program files (x86)\ubisoft\farcry 3\bin\fc3editor.exe |
    "{33BA2B27-7A9F-4F55-9BA2-D6794EDC28E7}" = dir=in | app=c:\program files (x86)\itunes\itunes.exe |
    "{33BF4145-9E1F-4315-BC75-4C874958A37D}" = dir=in | app=c:\program files\hp\hp officejet 6700\bin\sendafax.exe |
    "{3D70CC31-2D56-4E62-89AE-906883E5E2DD}" = protocol=17 | dir=in | app=c:\windows\syswow64\pnkbstra.exe |
    "{3FE88520-DD4D-4F79-BB0F-0DCCCC85AF93}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
    "{43359CD0-95AD-44A0-A576-FB1AB3519200}" = protocol=6 | dir=in | app=c:\windows\syswow64\pnkbstrb.exe |
    "{448A74F8-F980-4CB5-A38F-3FC282BFC217}" = dir=in | app=c:\program files\hp\hp officejet 6700\bin\devicesetup.exe |
    "{461C19BF-B566-46DC-807E-3042021CEC04}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\order of war\oow_final.exe |
    "{491B87FD-0F0E-4D31-8A63-0896C3B8CFBC}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe |
    "{4F31C04E-6CB8-47A7-9D8D-1140A20A589E}" = protocol=17 | dir=in | app=c:\program files (x86)\electronic arts\battlefield 2142 deluxe edition\bf2142.exe |
    "{54C82049-4FBA-4005-9D63-E0BB3A4EE6AC}" = protocol=17 | dir=in | app=c:\program files (x86)\ubisoft\farcry 3\bin\fc3updater.exe |
    "{56434304-13EC-4EC2-B922-9AFFACFB77B8}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\banished\application-steam-x64.exe |
    "{57EB389B-1BFE-4ADA-944D-9948B54E4768}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
    "{5A6CF93A-F3A8-4EA3-A475-03DBBB28330E}" = protocol=6 | dir=in | app=c:\windows\syswow64\pnkbstra.exe |
    "{5AAC0381-50C5-4C52-81CC-A5ECB1A3E7E2}" = protocol=6 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe |
    "{657AB71C-551A-4222-ACFA-A582B510CCD3}" = protocol=17 | dir=in | app=c:\program files (x86)\farming simulator 2011\game.exe |
    "{660C8BBC-2E93-4D26-96DD-568D71204BD0}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\company of heroes 2\reliccoh2.exe |
    "{66BB7E5E-8357-40AA-A870-D647516A8A7F}" = dir=in | app=c:\program files (x86)\windows live\contacts\wlcomm.exe |
    "{67587679-C072-40C5-ACFB-62CD72BDBAD8}" = protocol=17 | dir=in | app=%programfiles(x86)%\windows media player\wmplayer.exe |
    "{6C8C0F27-4D28-4086-B752-D7F17BE58E7B}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\company of heroes 2\reliccoh2.exe |
    "{7193036B-BA98-4840-BF8C-D4A3D31181CA}" = protocol=17 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe |
    "{71BCFDB4-C1CE-43D6-B442-E735CA931235}" = protocol=17 | dir=in | app=c:\program files (x86)\ubisoft\farcry 3\bin\farcry3_d3d11.exe |
    "{7377C9E5-F6A9-4C7E-9D63-403E48D36017}" = protocol=17 | dir=in | app=c:\program files (x86)\farming simulator 2013\farmingsimulator2013game.exe |
    "{74D9346F-0263-47EE-AC7C-B881031621A6}" = dir=in | app=c:\program files\hp\hp officejet 6700\bin\faxapplications.exe |
    "{7BB88B4A-CD68-4001-996F-8ACA199ABADE}" = dir=in | app=c:\users\luke\appdata\local\facebook\video\skype\facebookvideocalling.exe |
    "{7C6A218D-BC94-4950-84FB-81DDEE11B02A}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\order of war\oow_report.exe |
    "{7C94C624-827F-47EF-BA11-D024440385D4}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
    "{7C9C36DE-1AF4-4A3A-A3A6-6735FDC36F5F}" = protocol=17 | dir=in | app=c:\program files (x86)\bonjour\mdnsresponder.exe |
    "{81D49F80-B34E-4C1A-BBDA-01BDA574679A}" = protocol=17 | dir=in | app=c:\windows\syswow64\pnkbstrb.exe |
    "{82114FDD-0DAB-4B91-B877-8913494E2317}" = protocol=6 | dir=in | app=c:\program files (x86)\ubisoft\farcry 3\bin\fc3updater.exe |
    "{86754022-3DD9-4FDC-803B-B277BDC6CD00}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\dirt 3\dirt3.exe |
    "{8941AF6A-AAF7-4C2F-9EDD-4A2477889FED}" = protocol=6 | dir=in | app=c:\program files (x86)\ubisoft\farcry 3\bin\fc3editor.exe |
    "{897612B0-382A-495B-999E-D037A0AAF95F}" = protocol=58 | dir=out | name=@firewallapi.dll,-28546 |
    "{8C5CAF38-0C4B-437F-A993-23C7A0BE4E1D}" = protocol=6 | dir=in | app=c:\program files (x86)\bonjour\mdnsresponder.exe |
    "{8D47A41D-1539-47A0-8301-47332448AA82}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\dirt 3\dirt3.exe |
    "{90663AEE-CCDB-4F08-9F44-B7B5F2F69137}" = dir=in | app=c:\program files (x86)\common files\apple\apple application support\webkit2webprocess.exe |
    "{97D46471-359A-47DB-B355-89E9744DA794}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\loadout\loadout.exe |
    "{9E00C5BA-0F1F-4E2A-AADB-4EA1A47CEC7E}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\kerbal space program demo\ksp.exe |
    "{A108D889-239D-403F-BAE2-C67FFC337A77}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\order of war\oow_report.exe |
    "{A341FF7E-D470-4D67-A5AF-B7F548FF25B7}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
    "{A3CB21BA-EA72-4EAC-92C8-DF7D80A15494}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\order of war\oow_final_dx9.exe |
    "{A4CBD78D-174E-4722-98DB-F7C7DBCC4C92}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\order of war\oow_final_dx10.exe |
    "{A80A208D-54A0-4A18-B032-01654AE27AFB}" = protocol=6 | dir=in | app=c:\program files (x86)\electronic arts\battlefield 2142 deluxe edition\bf2142.exe |
    "{A902EB02-5428-4DF2-81F5-20C377234678}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\company of heroes 2\reliccoh2.exe |
    "{AA2924AA-F1C5-4CBD-90C8-9AE09347547F}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steam.exe |
    "{AC5E7083-575F-4AC0-A5B9-3B79362227FA}" = protocol=17 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe |
    "{B061D7D5-11B0-4C9B-897A-04C3E1D2A062}" = protocol=1 | dir=out | name=@firewallapi.dll,-28544 |
    "{B20E6E16-7458-4D8A-AFB9-D72BB19BEE80}" = protocol=17 | dir=in | app=c:\program files (x86)\farming simulator 2013\x86\farmingsimulator2013game.exe |
    "{BF6C1F6D-B37D-4081-9D66-39839E63A9EF}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
    "{C2B308FE-F54D-42C1-B85E-37D192783ECC}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe |
    "{C85C47FD-9DE0-4C43-9516-77F1C528544E}" = protocol=6 | dir=in | app=c:\program files (x86)\farming simulator 2011\game.exe |
    "{C9EEF279-AD1D-4292-A11D-6EBA15E05BCA}" = protocol=17 | dir=in | app=c:\program files (x86)\farming simulator 2011\farmingsimulator2011.exe |
    "{CC9E8F4C-92BF-46B0-8509-A329562AF4CE}" = protocol=6 | dir=in | app=c:\program files (x86)\farming simulator 2013\farmingsimulator2013game.exe |
    "{CF50E191-0AC3-48F9-AA4A-4CA9F979A952}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\kerbal space program demo\ksp.exe |
    "{D23D5CA2-31B0-4A31-B87B-8FBEED40F803}" = protocol=6 | dir=in | app=c:\program files (x86)\farming simulator 2013\farmingsimulator2013.exe |
    "{D406D178-9F13-4487-9A82-7329539E18DD}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
    "{D4AF1A2F-D4EE-4983-9AE6-031EC06B413A}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\company of heroes 2\reliccoh2.exe |
    "{DBE81D44-D5FE-4758-9261-2ACB542D2CCF}" = protocol=6 | dir=in | app=c:\program files (x86)\farming simulator 2013\x86\farmingsimulator2013game.exe |
    "{DE69167B-AB81-4D72-8E7B-51A9744DC30F}" = protocol=17 | dir=in | app=c:\program files (x86)\ski region simulator 2012\skiregionsimulator2012game.exe |
    "{DFE1CB22-BFC6-464D-A6E6-E80C5BBA7BD2}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
    "{E1DE433C-BCF4-49BF-B569-20DFB1C9B8D4}" = dir=in | app=c:\program files (x86)\windows live\messenger\msnmsgr.exe |
    "{E430DCBE-99D5-49C9-8F61-3D0568A2468E}" = protocol=6 | dir=in | app=c:\program files (x86)\ubisoft\farcry 3\bin\farcry3.exe |
    "{E5BB13CE-597A-4C35-B1EF-824A6CEC7C9A}" = dir=in | app=c:\program files (x86)\windows live\mesh\moe.exe |
    "{E61F18F1-3057-48CE-B481-E936EC2E5065}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\ship simulator extremes\steam.exe |
    "{E99C5E72-A3A7-48EE-8401-0C6D96C82710}" = protocol=17 | dir=in | app=c:\program files (x86)\farming simulator 2013\farmingsimulator2013.exe |
    "{EAF54201-B161-4C91-914F-AF0545BF3C50}" = dir=in | app=c:\program files\hp\hp officejet 6700\bin\hpnetworkcommunicatorcom.exe |
    "{EB27ED8F-185D-47B8-B4B1-16609B2E362F}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\banished\application-steam-x64.exe |
    "{F1A102D8-8B87-4122-AC66-B9C1EE042890}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\ship simulator extremes\steam.exe |
    "{F999DDEB-D6ED-4F0D-9E23-D2F4BE619C36}" = protocol=6 | dir=in | app=c:\program files (x86)\farming simulator 2013\x64\farmingsimulator2013game.exe |
    "{FB16629D-00CD-4979-B8ED-878AF27327DC}" = protocol=17 | dir=in | app=c:\program files (x86)\farming simulator 2013\x64\farmingsimulator2013game.exe |
    "{FBAD1175-A0F4-47BE-B344-B8E059B3936A}" = protocol=6 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
    "{FC4B5E35-CCB7-48FE-BCAC-FA6DAD098797}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
    "TCP Query User{1A59709F-D86B-48AA-AEFB-801C835C7A0D}C:\program files (x86)\steam\steamapps\common\dirt 3\dirt3_game.exe" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\dirt 3\dirt3_game.exe |
    "TCP Query User{4C170BFD-12DB-42E1-8321-0AEF0AA90888}C:\program files (x86)\thehunter\launcher\launcher.exe" = protocol=6 | dir=in | app=c:\program files (x86)\thehunter\launcher\launcher.exe |
    "TCP Query User{5555AA86-B7D2-4AE1-BFE8-02A2B012F351}C:\users\luke\appdata\local\temp\d52db49c769c4d5caca7a4026338bd4e\relicdownloader.exe" = protocol=6 | dir=in | app=c:\users\luke\appdata\local\temp\d52db49c769c4d5caca7a4026338bd4e\relicdownloader.exe |
    "TCP Query User{96493880-7B4A-458D-940B-287478BD5CC1}C:\users\luke\appdata\roaming\spotify\spotify.exe" = protocol=6 | dir=in | app=c:\users\luke\appdata\roaming\spotify\spotify.exe |
    "TCP Query User{AB97115E-FB57-44F5-852A-F795E45A2060}C:\users\luke\appdata\roaming\spotify\spotify.exe" = protocol=6 | dir=in | app=c:\users\luke\appdata\roaming\spotify\spotify.exe |
    "TCP Query User{B3613DCE-A2D5-4F42-96AA-3684C1BEE4BE}C:\users\luke\appdata\local\temp\rar$exa0.639\teamspeak3-server_win64\ts3server_win64.exe" = protocol=6 | dir=in | app=c:\users\luke\appdata\local\temp\rar$exa0.639\teamspeak3-server_win64\ts3server_win64.exe |
    "TCP Query User{BE3EA5D6-EA60-4EBE-9D04-15C79ECD9C4A}C:\program files (x86)\ea games\battlefield 1942\bf1942.exe" = protocol=6 | dir=in | app=c:\program files (x86)\ea games\battlefield 1942\bf1942.exe |
    "TCP Query User{EF8F0931-AF6F-4970-9CCB-E554587BA40B}C:\program files (x86)\steam\steam.exe" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steam.exe |
    "UDP Query User{0EA2AC6A-70D5-48B4-96DA-47B7CEF2EB7F}C:\users\luke\appdata\local\temp\d52db49c769c4d5caca7a4026338bd4e\relicdownloader.exe" = protocol=17 | dir=in | app=c:\users\luke\appdata\local\temp\d52db49c769c4d5caca7a4026338bd4e\relicdownloader.exe |
    "UDP Query User{1A178231-8AF3-407B-B608-97664FD28EA2}C:\users\luke\appdata\local\temp\rar$exa0.639\teamspeak3-server_win64\ts3server_win64.exe" = protocol=17 | dir=in | app=c:\users\luke\appdata\local\temp\rar$exa0.639\teamspeak3-server_win64\ts3server_win64.exe |
    "UDP Query User{2426E1A4-6938-41DC-9FE2-5CBFFCB88B9E}C:\program files (x86)\thehunter\launcher\launcher.exe" = protocol=17 | dir=in | app=c:\program files (x86)\thehunter\launcher\launcher.exe |
    "UDP Query User{2A121267-2182-43F0-9B6A-B3C530569A73}C:\program files (x86)\steam\steamapps\common\dirt 3\dirt3_game.exe" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\dirt 3\dirt3_game.exe |
    "UDP Query User{624EC768-CB0D-48E0-843F-573D6CCD2F0C}C:\users\luke\appdata\roaming\spotify\spotify.exe" = protocol=17 | dir=in | app=c:\users\luke\appdata\roaming\spotify\spotify.exe |
    "UDP Query User{B21F88CC-3313-418F-86B0-3A53C1A5BFEF}C:\users\luke\appdata\roaming\spotify\spotify.exe" = protocol=17 | dir=in | app=c:\users\luke\appdata\roaming\spotify\spotify.exe |
    "UDP Query User{CB5DE439-8AE2-44DA-9FCC-7FB2ED2CEEA5}C:\program files (x86)\steam\steam.exe" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steam.exe |
    "UDP Query User{EC3C8D96-81C3-49A0-8407-95138303F520}C:\program files (x86)\ea games\battlefield 1942\bf1942.exe" = protocol=17 | dir=in | app=c:\program files (x86)\ea games\battlefield 1942\bf1942.exe |

    ========== HKEY_LOCAL_MACHINE Uninstall List ==========

    64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
    "{0249EDBC-2C22-7C9D-A3B0-20906826064C}" = AMD Media Foundation Decoders
    "{09536BA1-E498-4CC3-B834-D884A67D7E34}" = Intel® Trusted Connect Service Client
    "{1444D2EE-C7AD-44A8-844F-2634B49353D1}" = Logitech Gaming Software 5.10
    "{1AAF3A3B-7B32-4DDF-8ABB-438DAEB46EEC}" = Windows Live Family Safety
    "{1B8ABA62-74F0-47ED-B18C-A43128E591B8}" = Windows Live ID Sign-in Assistant
    "{1D8E6291-B0D5-35EC-8441-6616F567A0F7}" = Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219
    "{2EF5D87E-B7BD-458F-8428-E4D0B8B4E65C}" = Apple Mobile Device Support
    "{3C378793-5288-0165-FCA4-D319D5E4A490}" = AMD Catalyst Install Manager
    "{46A5FBE9-ADB3-4493-A1CC-B4CFFD24D26A}" = Windows Live Family Safety
    "{503F672D-6C84-448A-8F8F-4BC35AC83441}" = AMD APP SDK Runtime
    "{5BF680AC-BCFC-71DE-9335-F4DE8015A25A}" = OptimizerPro
    "{5EB6F3CB-46F4-451F-A028-7F6D8D35D7D0}" = Windows Live Language Selector
    "{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161
    "{656DEEDE-F6AC-47CA-A568-A1B4E34B5760}" = Windows Live Remote Service Resources
    "{6C2E334F-37F5-C312-53BA-1482F9A6FD4D}" = ccc-utility64
    "{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}" = Microsoft Visual C++ 2005 Redistributable (x64)
    "{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}" = Bonjour
    "{7DB45397-4DC5-359E-077C-4D798AFCF35E}" = ccc-utility64
    "{7DEBE4EB-6B40-3766-BB35-5CBBC385DA37}" = Microsoft .NET Framework 4.5.1
    "{8220EEFE-38CD-377E-8595-13398D740ACE}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17
    "{847B0532-55E3-4AAF-8D7B-E3A1A7CD17E5}" = Windows Live Remote Client Resources
    "{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
    "{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033" = Microsoft .NET Framework 4.5.1
    "{95120000-00B9-0409-1000-0000000FF1CE}" = Microsoft Application Error Reporting
    "{988D55BB-08DE-43C9-8D16-3751361E2A79}" = HP Officejet 6700 Product Improvement Study
    "{A1CFA587-90D4-4DE6-B200-68CC0F92252F}" = HP Officejet 6700 Basic Device Software
    "{A2CB1ACB-94A2-32BA-A15E-7D80319F7589}" = Microsoft Visual C++ 2012 x64 Minimum Runtime - 11.0.50727
    "{A44D35BC-F2DF-00E9-79BF-34967DF0E4E8}" = AMD Drag and Drop Transcoding
    "{A47E1D0E-FBAC-369C-DCC2-DC21E3D48E2F}" = AMD Accelerated Video Transcoding
    "{AC53FC8B-EE18-3F9C-9B59-60937D0B182C}" = Microsoft Visual C++ 2012 x64 Additional Runtime - 11.0.50727
    "{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}" = Microsoft Visual C++ 2005 Redistributable (x64)
    "{CD95F661-A5C4-44F5-A6AA-ECDD91C240D7}" = WinZip 17.0
    "{CDDCBBF1-2703-46BC-938B-BCC81A1EEAAA}" = SUPERAntiSpyware
    "{D386FE62-CD8D-C8E0-DCA7-ED5FCAB476A5}" = AMD Wireless Display v3.0
    "{D7C275A6-3266-0FBC-2D84-17A6AC226F01}" = AMD Wireless Display v3.0
    "{DA54F80E-261C-41A2-A855-549A144F2F59}" = Windows Live MIME IFilter
    "{DF6D988A-EEA0-4277-AAB8-158E086E439B}" = Windows Live Remote Client
    "{E02A6548-6FDE-40E2-8ED9-119D7D7E641F}" = Windows Live Remote Service
    "{E102B843-786A-4F58-AF75-6504570E207B}" = Microsoft Security Client
    "{F73A118B-8271-47E2-8790-0C636B2539C5}" = iTunes
    "BullGuard" = BullGuard
    "McAfee Security Scan" = McAfee Security Scan Plus
    "Microsoft Security Client" = Microsoft Security Essentials
    "OptimizerPro" =
    "TeamSpeak 3 Client" = TeamSpeak 3 Client
    "WinRAR archiver" = WinRAR 4.20 (64-bit)

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
    "{03D9F167-7E5D-59B8-5BCB-D2BC593C78CE}" = CCC Help Portuguese
    "{048298C9-A4D3-490B-9FF9-AB023A9238F3}" = Steam
    "{0B0F231F-CE6A-483D-AA23-77B364F75917}" = Windows Live Installer
    "{0C1F1546-8EEE-0B38-5370-92A4FD428D89}" = Catalyst Control Center InstallProxy
    "{127B684B-A002-44C8-99A7-6CF8F1E26873}" = PunkBuster for Battlefield 1942
    "{15134cb0-b767-4960-a911-f2d16ae54797}" = Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.50727
    "{1674FCA1-50F7-4EAE-89F4-3C481ABA4467}" = Toilet Tycoon Trial
    "{18455581-E099-4BA8-BC6B-F34B2F06600C}" = Google Toolbar for Internet Explorer
    "{19BA08F7-C728-469C-8A35-BFBD3633BE08}" = Windows Live Movie Maker
    "{1AD74AE8-6BF3-4B28-A0DD-A9503C39B5BE}_is1" = Construction-Simulator 2012 - Demo version 1.0
    "{1B705E8F-9893-4486-B5D7-4F7FEB9C871E}_is1" = Euro Truck Simulator 2
    "{1F6AB0E7-8CDD-4B93-8A23-AA9EB2FEFCE4}" = Junk Mail filter update
    "{200FEC62-3C34-4D60-9CE8-EC372E01C08F}" = Windows Live SOXE Definitions
    "{22154f09-719a-4619-bb71-5b3356999fbf}" = Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.50727
    "{2318C2B1-4965-11d4-9B18-009027A5CD4F}" = Google Toolbar for Internet Explorer
    "{24B89186-2A56-4D28-B930-6F4FCF224E2F}" = OpenOffice 4.0.1
    "{25A37E15-30B4-D265-AE83-35C70B6E9958}" = CCC Help Japanese
    "{2902F983-B4C1-44BA-B85D-5C6D52E2C441}" = Windows Live Mesh ActiveX Control for Remote Connections
    "{2D0DC4B9-2782-7B15-1501-A03AE797E03A}" = CCC Help Finnish
    "{2F73A7B2-E50E-39A6-9ABC-EF89E4C62E36}" = Microsoft Visual C++ 2012 x86 Minimum Runtime - 11.0.50727
    "{3002C8EB-2A7E-419B-B77F-5AD7E9F54A5A}" = Strongvault Online Backup
    "{31B837F0-E95E-BD8C-1A79-7B4EE062CDA5}" = AMD Catalyst Control Center
    "{3336F667-9049-4D46-98B6-4C743EEBC5B1}" = Windows Live Photo Gallery
    "{34F4D9A4-42C2-4348-BEF4-E553C84549E7}" = Windows Live Photo Gallery
    "{3B81B9F1-F3F9-06CE-4059-C67B551A9518}" = Catalyst Control Center Graphics Previews Common
    "{3BD559B1-F59F-142E-ED0E-DCD0FF8635AA}" = CCC Help Russian
    "{3C0DB13A-2D73-410A-6169-4FD83D8F1E3D}" = CCC Help Greek
    "{3E29EE6C-963A-4aae-86C1-DC237C4A49FC}" = Intel(R) Rapid Storage Technology
    "{3FD0C489-0F02-481a-A3E1-9754CD396761}" = Intel® Watchdog Timer Driver (Intel® WDT)
    "{46F044A5-CE8B-4196-984E-5BD6525E361D}" = Apple Application Support
    "{4CB0307C-565E-4441-86BE-0DF2E4FB828C}" = Microsoft Games for Windows Marketplace
    "{4CBABDFD-49F8-47FD-BE7D-ECDE7270525A}" = Windows Live PIMT Platform
    "{4E76FF7E-AEBA-4C87-B788-CD47E5425B9D}" = Skype™ 6.11
    "{50816F92-1652-4A7C-B9BC-48F682742C4B}" = Messenger Companion
    "{5CD78A44-402A-58FD-CFD6-95C1ECDD7ABB}" = CCC Help Chinese Traditional
    "{5E33D30D-D896-4D92-B033-5F45819B2937}" = Strongvault Online Backup
    "{65153EA5-8B6E-43B6-857B-C6E4FC25798A}" = Intel(R) Management Engine Components
    "{682B3E4F-696A-42DE-A41C-4C07EA1678B4}" = Windows Live SOXE
    "{698D7E61-E4BF-4CA6-8A09-CF6BDBFDEF65}" = Battlefield 1942
    "{6A05FEDF-662E-46BF-8A25-010E3F1C9C69}" = Windows Live UX Platform Language Pack
    "{6F1C00D2-25C2-4CBA-8126-AE9A6E2E9CD5}" = HP Update
    "{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable
    "{7268F803-2887-2E4F-C193-3223979A76CC}" = CCC Help English
    "{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}" = Apple Software Update
    "{78A96B4C-A643-4D0F-98C2-A8E16A6669F9}" = Windows Live Messenger Companion Core
    "{7A5B8727-C3F8-FEE9-28F4-4EAF45D6BCF6}" = CCC Help Chinese Standard
    "{80956555-A512-4190-9CAD-B000C36D6B6B}" = Windows Live Messenger
    "{832D9DE0-8AFC-4689-9819-4DBBDEBD3E4F}" = Microsoft Games for Windows - LIVE Redistributable
    "{8603DA4D-0A19-0B06-9916-2F71B7898CE5}" = CCC Help Thai
    "{8833FFB6-5B0C-4764-81AA-06DFEED9A476}" = Realtek Ethernet Controller Driver
    "{8B08F4B0-D2B3-49DF-BE0A-3766B16BBE9F}" = Klomanager Deluxe Demo
    "{8C6D6116-B724-4810-8F2D-D047E6B7D68E}" = Mesh Runtime
    "{8DD46C6A-0056-4FEC-B70A-28BB16A1F11F}" = MSVCRT
    "{8DF41A9F-FE13-43E8-A003-5F9B55A011EE}" = Facebook Video Calling 2.0.0.447
    "{8F109003-4405-4B09-A17C-7979B358E3DC}" = SimTractor 4.1
    "{91ABE0D2-12E5-6EA8-48FC-4635BAC9CC45}" = CCC Help Danish
    "{92EA4134-10D1-418A-91E1-5A0453131A38}" = Windows Live Movie Maker
    "{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
    "{9AF7D6F5-50A5-432C-9F7B-83BCE03B11A0}" = SpinTires Tech Demo (June 060613)
    "{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
    "{9D56775A-93F3-44A3-8092-840E3826DE30}" = Windows Live Mail
    "{A0C91188-C88F-4E86-93E6-CD7C9A266649}" = Windows Live Mesh
    "{A231A6F2-2C80-6203-ED35-2CFB96B25A38}" = Application Profiles
    "{A3DAD349-E48E-AE45-3F26-7B80A4FFCD26}" = Catalyst Control Center InstallProxy
    "{A724605D-B399-4304-B8C7-33B3EF7D4677}" = Bully Scholarship Edition
    "{A726AE06-AAA3-43D1-87E3-70F510314F04}" = Windows Live Writer
    "{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
    "{A9BDCA6B-3653-467B-AC83-94367DA3BFE3}" = Windows Live Photo Common
    "{AAAFC670-569B-4A2F-82B4-42945E0DE3EF}" = Windows Live Writer
    "{AAF454FC-82CA-4F29-AB31-6A109485E76E}" = Windows Live Writer
    "{AB6D8A9C-2781-32B9-7B6F-07262A44767C}" = CCC Help Polish
    "{AEF59382-3FF1-4EBF-A93E-CCC474DCEA3F}_is1" = Construction-Simulator 2012 version 1.0
    "{B5122443-9531-7075-30F0-BF4AD1FDCF69}" = CCC Help Czech
    "{B73B4A99-4173-4747-BBEC-0F05E966F9D2}" = Battlefield 1942: Secret Weapons of WWII
    "{BB285C9F-C821-4770-8970-56C4AB52C87E}" = Skype Click to Call
    "{C0FEA130-C4F5-D8A0-B281-5B5E4A03184A}" = Catalyst Control Center Localization All
    "{C1468D71-AB76-1A6E-9C58-078A01902E99}" = CCC Help Hungarian
    "{C3F3165C-74D3-6FDB-3274-14FDA8698CFA}" = Browse2save
    "{C66824E4-CBB3-4851-BB3F-E8CFD6350923}" = Windows Live Mail
    "{CA6BCA2F-EDEB-408F-850B-31404BE16A61}" = I.R.I.S. OCR
    "{CB79256B-C0E0-40C6-8EB7-BDD796203581}" = Catalyst Control Center - Branding
    "{CE95A79E-E4FC-4FFF-8A75-29F04B942FF2}" = Windows Live UX Platform
    "{D057AA08-8CBF-42E3-9EAB-23B8FED1C279}" = Battlefield 1942: The Road To Rome
    "{D0B44725-3666-492D-BEF6-587A14BD9BD9}" = MSVCRT_amd64
    "{D2E690A0-C368-0EB2-8247-62A2319CF6FD}" = CCC Help French
    "{D2FCA41E-AC01-4DCD-B3A7-DC9E32363065}}_is1" = Rapture3D 2.4.8 Game
    "{D436F577-1695-4D2F-8B44-AC76C99E0002}" = Windows Live Photo Common
    "{D45240D3-B6B3-4FF9-B243-54ECE3E10066}" = Windows Live Communications Platform
    "{DC5825EF-21F2-86B4-1B64-FFF6AC1A6C05}" = CCC Help Swedish
    "{DC890E2E-FD12-96D2-1B2C-0EA08DE15553}" = CCC Help Spanish
    "{DD62AF52-2F5F-3F2E-39A1-323C2B08D59F}" = CCC Help Italian
    "{DDC8BDEE-DCAC-404D-8257-3E8D4B782467}" = Windows Live Writer Resources
    "{DE29025A-091F-4998-AD2D-24C84421190F}" = Railroad Tycoon 3
    "{DEA314C4-0929-4250-BC92-98E4C105F28D}" = NVIDIA PhysX
    "{DECDCB7C-58CC-4865-91AF-627F9798FE48}" = Windows Live Mesh
    "{E09C4DB7-630C-4F06-A631-8EA7239923AF}" = D3DX10
    "{E1AE0CB7-1333-4728-8520-CB3F88A252B4}" = HP Officejet 6700 Help
    "{E3B9C5A9-BD7A-4B56-B754-FAEA7DD6FA88}" = Far Cry 3
    "{EB4DF488-AAEF-406F-A341-CB2AAA315B90}" = Windows Live Messenger
    "{ED50ECE9-EC54-4C05-B5ED-EE4741A9F2EC}" = Battlefield 2142 Deluxe Edition
    "{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}" = Microsoft SQL Server 2005 Compact Edition [ENU]
    "{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}" = Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219
    "{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
    "{F4F6F37C-8D19-4DAD-BF7B-0953133FD43F}" = Snap.Do
    "{F66299DC-055A-DA2D-4D1C-91F71EDD0129}" = CCC Help Norwegian
    "{F71E1F48-095B-85F9-D831-DE33259D64A0}" = CCC Help Turkish
    "{F84BA468-4D2C-ED62-FF42-596C4FDB3BEF}" = CCC Help Dutch
    "{F8A9085D-4C7A-41a9-8A77-C8998A96C421}" = Intel(R) Control Center
    "{F8EB2219-B2B7-AF1B-5C1F-9E4E9AB00038}" = CCC Help Korean
    "{FCB3772C-B7D0-4933-B1A9-3707EBACC573}" = Intel(R) OpenCL CPU Runtime
    "{FDB30193-FDA0-3DAA-ACCA-A75EEFE53607}" = Microsoft Visual C++ 2012 x86 Additional Runtime - 11.0.50727
    "{FE044230-9CA5-43F7-9B58-5AC5A28A1F33}" = Windows Live Essentials
    "{FE4321B8-414A-B20D-C8F1-8E31262EA329}" = CCC Help German
    "{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022
    "{FF6DD716-7B10-4269-9F19-FFB07AC4CD95}" = Bing Bar
    "Adobe Flash Player ActiveX" = Adobe Flash Player 12 ActiveX
    "AVG Secure Search" = AVG Security Toolbar
    "Battlecraft 19422.1" = Battlecraft 1942
    "Cheat Engine 6.2_is1" = Cheat Engine 6.2
    "Driving Test Success 2005/6_is1" = Driving Test Success 2005/6
    "FarmingSimulator2011EN_is1" = Farming Simulator 2011
    "FarmingSimulator2013INT_is1" = Farming Simulator 2013
    "FarmingSimulator2013ModdingTutorialsEN_is1" = Farming Simulator 2013 Modding Tutorials
    "giants_editor_5.0.1_is1" = GIANTS Editor 5.0.1
    "Google Chrome" = Google Chrome
    "InstallShield_{A724605D-B399-4304-B8C7-33B3EF7D4677}" = Bully Scholarship Edition
    "Malwarebytes' Anti-Malware_is1" = Malwarebytes Anti-Malware version 1.75.0.1300
    "MDT" = Battlefield Mod Development Toolkit 2.0 Beta
    "Notepad++" = Notepad++
    "OpenAL" = OpenAL
    "PunkBusterSvc" = PunkBuster Services
    "Rigs of Rods 0.38.67" = Rigs of Rods 0.38.67
    "SkiRegionSimulator2012EN_is1" = Ski Region Simulator 2012
    "SP_58f14601" = SK.Helper 1.74
    "Steam App 208090" = Loadout
    "Steam App 231410" = Kerbal Space Program Demo
    "Steam App 231430" = Company of Heroes 2
    "Steam App 242920" = Banished
    "Steam App 34600" = Order of War
    "Steam App 44320" = DiRT 3
    "Steam App 48800" = Ship Simulator Extremes
    "theHunter" = theHunter (remove only)
    "Uplay" = Uplay
    "VLC media player" = VLC media player 2.1.0
    "WinLiveSuite" = Windows Live Essentials

    ========== HKEY_CURRENT_USER Uninstall List ==========

    [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
    "{7985f480-c922-49eb-9a44-a0688e50800a}" = Snap.Do Engine
    "Farming Manager" = Farming Manager
    "NHCmod v2.6" = NHCmod v2.6
    "Spotify" = Spotify

    ========== Last 20 Event Log Errors ==========

    [ Application Events ]
    Error - 10/10/2013 5:38:18 AM | Computer Name = luke-PC | Source = Application Error | ID = 1000
    Description = Faulting application name: FarmingSimulator2013Game.exe, version:
    1.0.0.1, time stamp: 0x522e06ab Faulting module name: FarmingSimulator2013Game.exe,
    version: 1.0.0.1, time stamp: 0x522e06ab Exception code: 0xc0000005 Fault offset:
    0x000d0f73 Faulting process id: 0x2bd4 Faulting application start time: 0x01cec59b320c4648
    Faulting
    application path: C:\Program Files (x86)\Farming Simulator 2013\x86\FarmingSimulator2013Game.exe
    Faulting
    module path: C:\Program Files (x86)\Farming Simulator 2013\x86\FarmingSimulator2013Game.exe
    Report
    Id: b180f54f-318f-11e3-b278-3085a98ef19e

    Error - 10/10/2013 5:39:39 AM | Computer Name = luke-PC | Source = Application Error | ID = 1000
    Description = Faulting application name: FarmingSimulator2013Game.exe, version:
    1.0.0.1, time stamp: 0x522e06ab Faulting module name: FarmingSimulator2013Game.exe,
    version: 1.0.0.1, time stamp: 0x522e06ab Exception code: 0xc0000005 Fault offset:
    0x000d0f73 Faulting process id: 0x350c Faulting application start time: 0x01cec59c7a474c23
    Faulting
    application path: C:\Program Files (x86)\Farming Simulator 2013\x86\FarmingSimulator2013Game.exe
    Faulting
    module path: C:\Program Files (x86)\Farming Simulator 2013\x86\FarmingSimulator2013Game.exe
    Report
    Id: e14aa111-318f-11e3-b278-3085a98ef19e

    Error - 10/10/2013 5:41:03 AM | Computer Name = luke-PC | Source = Application Error | ID = 1000
    Description = Faulting application name: FarmingSimulator2013Game.exe, version:
    1.0.0.1, time stamp: 0x522e06ab Faulting module name: FarmingSimulator2013Game.exe,
    version: 1.0.0.1, time stamp: 0x522e06ab Exception code: 0xc0000005 Fault offset:
    0x000d0f73 Faulting process id: 0x1608 Faulting application start time: 0x01cec59ca6cc47f4
    Faulting
    application path: C:\Program Files (x86)\Farming Simulator 2013\x86\FarmingSimulator2013Game.exe
    Faulting
    module path: C:\Program Files (x86)\Farming Simulator 2013\x86\FarmingSimulator2013Game.exe
    Report
    Id: 1364d52f-3190-11e3-b278-3085a98ef19e

    Error - 10/10/2013 7:46:29 AM | Computer Name = luke-PC | Source = Google Update | ID = 20
    Description =

    Error - 10/10/2013 10:46:29 AM | Computer Name = luke-PC | Source = Google Update | ID = 20
    Description =

    Error - 10/10/2013 11:00:12 AM | Computer Name = luke-PC | Source = Application Error | ID = 1000
    Description = Faulting application name: schtasks.exe, version: 6.1.7601.17514,
    time stamp: 0x4ce792c3 Faulting module name: bitguard.dll, version: 2.6.1694.246,
    time stamp: 0x524a99fc Exception code: 0xc0000005 Fault offset: 0x0017966f Faulting
    process id: 0x798 Faulting application start time: 0x01cec5c96a6c52c9 Faulting application
    path: C:\Windows\SysWOW64\schtasks.exe Faulting module path: c:\progra~3\bitguard\261694~1.246\{c16c1~1\bitguard.dll
    Report
    Id: a94d677b-31bc-11e3-b278-3085a98ef19e

    Error - 10/10/2013 11:00:12 AM | Computer Name = luke-PC | Source = Application Error | ID = 1000
    Description = Faulting application name: schtasks.exe, version: 6.1.7601.17514,
    time stamp: 0x4ce792c3 Faulting module name: bitguard.dll, version: 2.6.1694.246,
    time stamp: 0x524a99fc Exception code: 0xc0000005 Fault offset: 0x0017966f Faulting
    process id: 0x225c Faulting application start time: 0x01cec5c96afe820a Faulting application
    path: C:\Windows\SysWOW64\schtasks.exe Faulting module path: c:\progra~3\bitguard\261694~1.246\{c16c1~1\bitguard.dll
    Report
    Id: a94d8e8b-31bc-11e3-b278-3085a98ef19e

    Error - 10/10/2013 11:00:12 AM | Computer Name = luke-PC | Source = Application Error | ID = 1000
    Description = Faulting application name: schtasks.exe, version: 6.1.7601.17514,
    time stamp: 0x4ce792c3 Faulting module name: bitguard.dll, version: 2.6.1694.246,
    time stamp: 0x524a99fc Exception code: 0xc0000005 Fault offset: 0x0017966f Faulting
    process id: 0x1058 Faulting application start time: 0x01cec5c96b97571a Faulting application
    path: C:\Windows\SysWOW64\schtasks.exe Faulting module path: c:\progra~3\bitguard\261694~1.246\{c16c1~1\bitguard.dll
    Report
    Id: a960727e-31bc-11e3-b278-3085a98ef19e

    Error - 10/10/2013 11:05:26 AM | Computer Name = luke-PC | Source = WinMgmt | ID = 10
    Description =

    Error - 10/10/2013 11:05:27 AM | Computer Name = luke-PC | Source = Application Error | ID = 1000
    Description = Faulting application name: schtasks.exe, version: 6.1.7601.17514,
    time stamp: 0x4ce792c3 Faulting module name: bitguard.dll, version: 2.6.1694.246,
    time stamp: 0x524a99fc Exception code: 0xc0000005 Fault offset: 0x0017966f Faulting
    process id: 0x1268 Faulting application start time: 0x01cec5ca237bb8b8 Faulting application
    path: C:\Windows\SysWOW64\schtasks.exe Faulting module path: c:\progra~3\bitguard\261694~1.246\{c16c1~1\bitguard.dll
    Report
    Id: 651cb790-31bd-11e3-a10b-3085a98ef19e

    [ System Events ]
    Error - 23/03/2014 3:48:59 PM | Computer Name = luke-PC | Source = Schannel | ID = 36874
    Description = An SSL 3.0 connection request was received from a remote client application,
    but none of the cipher suites supported by the client application are supported
    by the server. The SSL connection request has failed.

    Error - 23/03/2014 3:48:59 PM | Computer Name = luke-PC | Source = Schannel | ID = 36888
    Description = The following fatal alert was generated: 40. The internal error state
    is 107.

    Error - 23/03/2014 3:49:59 PM | Computer Name = luke-PC | Source = Schannel | ID = 36874
    Description = An SSL 3.0 connection request was received from a remote client application,
    but none of the cipher suites supported by the client application are supported
    by the server. The SSL connection request has failed.

    Error - 23/03/2014 3:49:59 PM | Computer Name = luke-PC | Source = Schannel | ID = 36888
    Description = The following fatal alert was generated: 40. The internal error state
    is 107.

    Error - 23/03/2014 3:49:59 PM | Computer Name = luke-PC | Source = Schannel | ID = 36874
    Description = An SSL 3.0 connection request was received from a remote client application,
    but none of the cipher suites supported by the client application are supported
    by the server. The SSL connection request has failed.

    Error - 23/03/2014 3:49:59 PM | Computer Name = luke-PC | Source = Schannel | ID = 36888
    Description = The following fatal alert was generated: 40. The internal error state
    is 107.

    Error - 23/03/2014 3:49:59 PM | Computer Name = luke-PC | Source = Schannel | ID = 36874
    Description = An SSL 3.0 connection request was received from a remote client application,
    but none of the cipher suites supported by the client application are supported
    by the server. The SSL connection request has failed.

    Error - 23/03/2014 3:49:59 PM | Computer Name = luke-PC | Source = Schannel | ID = 36888
    Description = The following fatal alert was generated: 40. The internal error state
    is 107.

    Error - 23/03/2014 3:49:59 PM | Computer Name = luke-PC | Source = Schannel | ID = 36874
    Description = An SSL 3.0 connection request was received from a remote client application,
    but none of the cipher suites supported by the client application are supported
    by the server. The SSL connection request has failed.

    Error - 23/03/2014 3:49:59 PM | Computer Name = luke-PC | Source = Schannel | ID = 36888
    Description = The following fatal alert was generated: 40. The internal error state
    is 107.


    < End of report >

  6. #6
    Member
    Join Date
    Sep 2011
    Posts
    15
    Points
    0

    Default

    Results of screen317's Security Check version 0.99.81
    Windows 7 Service Pack 1 x64 (UAC is enabled)
    Internet Explorer 11
    ``````````````Antivirus/Firewall Check:``````````````
    Windows Firewall Enabled!
    Microsoft Security Essentials
    BullGuard Antivirus
    Antivirus out of date! (On Access scanning disabled!)
    `````````Anti-malware/Other Utilities Check:`````````
    Malwarebytes Anti-Malware version 1.75.0.1300
    Google Chrome 33.0.1750.146
    Google Chrome 33.0.1750.154
    ````````Process Check: objlist.exe by Laurent````````
    Microsoft Security Essentials msseces.exe
    Windows Defender MSMpEng.exe
    `````````````````System Health check`````````````````
    Total Fragmentation on Drive C:
    ````````````````````End of Log``````````````````````

  7. #7
    Member Spyware Fighter zep516's Avatar
    Join Date
    Dec 2005
    Location
    Pittsburgh, Pa
    Posts
    7,173
    Points
    1307

    Default

    Hello FarmerLuke,

    First

    You have 2 Anti Virus programs running:
    • BullGuard Ltd.
    • Microsoft Security Essentials.

    The real-time protection of two antivirus programs may conflict with each other and cause the following

    * False Alarms: When the anti virus software tells you that your PC has a virus when it actually doesn't.
    * Conflicts: Your system may lock up due to both products attempting to access the same file at the same time.
    * Performance: More that one antivirus will cause your PC to become slow and it may even crash or blue screen.
    * Less protection: Two antivirus trying to scan the same file may interfere with the process and allow a malicious file onto the computer without notice to you.

    I would uninstall Microsoft security Essentials.
    ==> Click > Start > Control Panel > Programs & Features, and remove "Microsoft security Essentials".

    Also remove these: "if" found. Some of these may not be found, but please check for them.
    • OptimizerPro
    • McAfee Security Scan Plus
    • AVG Security Toolbar
    • Snap.Do Engine


    Next

    I'm missing this log report, please run the tool below and post the log report it produces. I think you just forgot to post the log, I see you have already downloaded it. So just run it, an post the log.

    Please download AdwCleaner by Xplode and save to your Desktop.
    • Double-click AdwCleaner.exe to run the tool.
      Note: Windows Vista, Windows 7/8 users right-click and select Run As Administrator.
    • Click the Scan button.
    • AdwCleaner will begin. Be patient as the scan may take some time to complete.
    • After the scan has finished, click the Report button. A logfile (AdwCleaner[R0].txt) will open in Notepad for review.
    • The contents of the log file may be confusing. Unless you see a program name that you know should not be removed, don't worry about it. If you see an entry you want to keep, please let me know about it.
    • Copy and paste the contents of that logfile in your next reply.
    • A copy of all logfiles are saved in the C:\AdwCleaner folder which was created when running the tool.


    Next
    We need to do a fix to delete some files using OTL

    • Double click on the to open the program. On Vista/Win7/Win8 right click select Run As Administrator to start the program. If prompted by UAC, please allow it.
    • Under the Custom Scans/Fixes box at the bottom, paste in the following

      Code:
      :COMMANDS
      [CREATERESTOREPOINT]
      
      :OTL
      DRV:64bit: - [2013/11/10 20:49:05 | 000,046,368 | ---- | M] (AVG Technologies) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\avgtpx64.sys -- (avgtp)
      O2:64bit: - BHO: (ssurf And keep) - {DA59A734-9B9A-3649-6D4A-9A7F67C58682} - C:\Program Files (x86)\ssurf And keep\xg0_CZaF.x64.dll File not found
      O2:64bit: - BHO: (YoutubeAdblocker) - {DC8DF8C9-AA87-EB8C-89C4-09925CC03942} - C:\Program Files (x86)\YoutubeAdblocker\9xHNK6.x64.dll File not found
      O2 - BHO: (MSS+ Identifier) - {0E8A89AD-95D7-40EB-8D9D-083EF7066A01} - C:\Program Files\McAfee Security Scan\3.8.141\McAfeeMSS_IE.dll (McAfee, Inc.)
      O3:64bit: - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
      O4 - HKLM..\Run: [] File not found
      [1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]
      [2014/03/25 19:22:26 | 000,000,446 | -H-- | M] () -- C:\Windows\tasks\SK.Enhancer-S-161304646.job
      [2014/03/25 19:22:26 | 000,000,350 | ---- | M] () -- C:\Windows\tasks\AVG-Secure-Search-Update_JUNE2013_TB_rmv.job
      
      :Files
      
      ipconfig /flushdns /c
      
      :Commands
      
      [emptytemp]
      [resethosts]
    • Make sure all other windows are closed.
    • Click the Run Fix button at the top
    • Let the program run uninterrupted. The computer should reboot when the scan is done. If not, please reboot the computer.
    • Post the log that is found in C:\_OTL\Moved Files in your next reply.
    • Open OTL again and click the Quick Scan button.


    In your next relpy post

    • The OTL Fix log.
    • AdwCleaner log.


    Thanks
    Joe
    Last edited by zep516; 03-25-2014 at 07:00 PM.

  8. #8
    Member
    Join Date
    Sep 2011
    Posts
    15
    Points
    0

    Default

    # AdwCleaner v3.022 - Report created 26/03/2014 at 19:39:09
    # Updated 13/03/2014 by Xplode
    # Operating System : Windows 7 Home Premium Service Pack 1 (64 bits)
    # Username : luke - LUKE-PC
    # Running from : C:\Users\luke\Desktop\AdwCleaner.exe
    # Option : Clean

    ***** [ Services ] *****


    ***** [ Files / Folders ] *****


    ***** [ Shortcuts ] *****


    ***** [ Registry ] *****


    ***** [ Browsers ] *****

    -\\ Internet Explorer v11.0.9600.16521


    -\\ Google Chrome v33.0.1750.154

    [ File : C:\Users\luke\AppData\Local\Google\Chrome\User Data\Default\preferences ]


    *************************

    AdwCleaner[R0].txt - [4736 octets] - [25/03/2014 19:19:15]
    AdwCleaner[R1].txt - [877 octets] - [26/03/2014 19:28:35]
    AdwCleaner[S0].txt - [4911 octets] - [25/03/2014 19:20:42]
    AdwCleaner[S1].txt - [799 octets] - [26/03/2014 19:39:09]

    ########## EOF - C:\AdwCleaner\AdwCleaner[S1].txt - [858 octets] ##########

  9. #9
    Member
    Join Date
    Sep 2011
    Posts
    15
    Points
    0

    Default

    All processes killed
    ========== COMMANDS ==========
    Restore point Set: OTL Restore Point
    ========== OTL ==========
    Service avgtp stopped successfully!
    Service avgtp deleted successfully!
    C:\Windows\SysNative\drivers\avgtpx64.sys moved successfully.
    64bit-Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DA59A734-9B9A-3649-6D4A-9A7F67C58682}\ deleted successfully.
    64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{DA59A734-9B9A-3649-6D4A-9A7F67C58682}\ deleted successfully.
    64bit-Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DC8DF8C9-AA87-EB8C-89C4-09925CC03942}\ deleted successfully.
    64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{DC8DF8C9-AA87-EB8C-89C4-09925CC03942}\ deleted successfully.
    Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{0E8A89AD-95D7-40EB-8D9D-083EF7066A01}\ not found.
    Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{0E8A89AD-95D7-40EB-8D9D-083EF7066A01}\ not found.
    File C:\Program Files\McAfee Security Scan\3.8.141\McAfeeMSS_IE.dll not found.
    64bit-Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Toolbar\\Locked deleted successfully.
    Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\ deleted successfully.
    C:\Windows\msdownld.tmp folder deleted successfully.
    C:\Windows\Tasks\SK.Enhancer-S-161304646.job moved successfully.
    C:\Windows\Tasks\AVG-Secure-Search-Update_JUNE2013_TB_rmv.job moved successfully.
    ========== FILES ==========
    < ipconfig /flushdns /c >
    Windows IP Configuration
    Successfully flushed the DNS Resolver Cache.
    C:\Users\luke\Desktop\cmd.bat deleted successfully.
    C:\Users\luke\Desktop\cmd.txt deleted successfully.
    ========== COMMANDS ==========

    [EMPTYTEMP]

    User: All Users

    User: Default
    ->Temp folder emptied: 0 bytes
    ->Temporary Internet Files folder emptied: 0 bytes

    User: Default User
    ->Temp folder emptied: 0 bytes
    ->Temporary Internet Files folder emptied: 0 bytes

    User: luke
    ->Temp folder emptied: 737729554 bytes
    ->Temporary Internet Files folder emptied: 2200714014 bytes
    ->Google Chrome cache emptied: 68948637 bytes
    ->Flash cache emptied: 122230 bytes

    User: Public

    %systemdrive% .tmp files removed: 0 bytes
    %systemroot% .tmp files removed: 0 bytes
    %systemroot%\System32 .tmp files removed: 0 bytes
    %systemroot%\System32 (64bit) .tmp files removed: 0 bytes
    %systemroot%\System32\drivers .tmp files removed: 0 bytes
    Windows Temp folder emptied: 975913558 bytes
    %systemroot%\sysnative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files folder emptied: 42338540 bytes
    RecycleBin emptied: 157654350 bytes

    Total Files Cleaned = 3,990.00 mb

    C:\Windows\System32\drivers\etc\Hosts moved successfully.
    HOSTS file reset successfully

    OTL by OldTimer - Version 3.2.69.0 log created on 03262014_203455

    Files\Folders moved on Reboot...
    C:\Users\luke\AppData\Local\Temp\FXSAPIDebugLogFile.txt moved successfully.
    C:\Users\luke\AppData\Local\Microsoft\Windows\Temporary Internet Files\counters.dat moved successfully.
    File move failed. C:\Windows\temp\Low\SkypeClickToCall\Logs\AutoUpdateSvc.log scheduled to be moved on reboot.

    PendingFileRenameOperations files...

    Registry entries deleted on Reboot...

  10. #10
    Member Spyware Fighter zep516's Avatar
    Join Date
    Dec 2005
    Location
    Pittsburgh, Pa
    Posts
    7,173
    Points
    1307

    Default

    Next
    Lets run an online scan and see what it shows.

    ESET Online Scanner

    Note: You can use either Internet Explorer or Mozilla FireFox for this scan. You will however need to disable your current installed Anti-Virus, how to do so can be read here.

    • Please go >>HERE<< then click on:

      Note: If using Mozilla Firefox you will need to download esetsmartinstaller_enu.exe when prompted then double click on the icon to install.

      All of the below instructions are compatible with either Internet Explorer or Mozilla FireFox.
    • Select the option YES, I accept the Terms of Use then click on:
    • When prompted allow the Add-On/Active X to install.
    • Make sure that the option Remove found threats is NOT checked, and the option Scan archives is checked.
    • Now click on Advanced Settings and select the following:
      1. Scan for potentially unwanted applications
      2. Scan for potentially unsafe applications
      3. Enable Anti-Stealth Technology
    • Now click on:
    • The virus signature database... will begin to download. Be patient this make take some time depending on the speed of your Internet Connection.
    • When completed the Online Scan will begin automatically.
    • Do not touch either the Mouse or keyboard during the scan otherwise it may stall.
    • When completed make sure you first copy the logfile located at C:\Program Files (x86)\ESET\Esetonlinescanner\log.txt).
    • Copy and paste that log as a reply to this topic.
    • Now click on:
      (Selecting Uninstall application on close if you so wish)



    In your next reply post:

    ESET Scan report log

    Thanks
    Joe

    How is the computer running now ?

    Do you still have these issues below in quote ?

    The issues I've been having are that my computer won't read a disc in the DVD RW (Don't know if that's a hardware or Driver problem) and also the mouse has sometimes the mouse cursor freezes.
    Last edited by zep516; 03-26-2014 at 08:47 PM.

Page 1 of 2 12 LastLast