Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Ran Combofix due to misguidance, please help!


  • This topic is locked This topic is locked
31 replies to this topic

#1 dele21

dele21

  • Members
  • 20 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:'Merica
  • Local time:05:36 AM

Posted 22 February 2013 - 08:35 PM

My computer has been lagging for about two weeks now. Figured I had a problem so I scanned it with a bunch of AV software (all in safe mode) to include: MSE, Malwarebytes, ClamAV, Hitman Pro, Bitdefender, and Spybot. ClamAV found two trojans and removed them, and I thought all was well with the world. I was wrong. Windows has been crashing and basic programs such as Outlook and Chrome have been sucking up major memory and freezing my system. 

 

Out of desperation, I did some research and read about some awesomely powerful program called Combofix that would magically solve all my problems. So I downloaded it and ran the whole process. Like I said I was desperate. It wasn't until after it was finished, when I read the logfile and the quarantined-items file, that I realized that I was in over my head. I did some more research and found that I in no way should have been messing around with such a program, especially with my lack of IT background.

 

I'm an idiot? You are preaching to the choir.

 

So here I am, a lowly beggar, asking if someone can please let me know if I really messed up, and if I haven't, than how I can get this virus out of my system. Thanks in advance!

 

P.S. I still have both log files, just let me know if I need to attach them.



BC AdBot (Login to Remove)

 


#2 jeffce

jeffce

    Bleepin' Super Saiyan


  • Malware Response Team
  • 3,442 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:USA
  • Local time:05:36 AM

Posted 22 February 2013 - 11:17 PM

Hi and welcome to Bleeping Computer!  welcome.gif  My name is Jeff and I would be more than happy to help you with your malware related problems.

 

Please post the ComboFix log that was created.  It should be located at C:\ComboFix.txt

--------

 

 

Please download DDS from either of these links
 
 
and save it to your desktop.
  •  
  • Disable any script blocking protection
  • Right-click and Run as Administrator dds to run the tool.
  • When done, two DDS.txt's will open.
  • Save both reports to your desktop.
---------------------------------------------------
Please include the contents of the following in your next reply:
 
DDS.txt
 
Attach.txt
----------
 

aswmbr-1-1.jpg Please download aswMBR to your desktop.
 
  • Double click the aswMBR icon to run it.
  • Click the Scan button to start scan.
  • If you are asked to update the Avast Virus database please allow it to do so.
  • When it finishes, press the save log button, save the logfile to your desktop and attach its contents in your next reply.
 
aswmbrscan.jpg
Click the image to enlarge it

Edited by jeffce, 22 February 2013 - 11:17 PM.

WFxJwA4.png
 
mvp_horizontal_fullcolor-(copy2).jpeg
 


#3 dele21

dele21
  • Topic Starter

  • Members
  • 20 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:'Merica
  • Local time:05:36 AM

Posted 23 February 2013 - 09:35 AM

Hi Jeff,

 

Thank you for your quick response.

 

Here are the log files you requested.

Attached Files



#4 jeffce

jeffce

    Bleepin' Super Saiyan


  • Malware Response Team
  • 3,442 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:USA
  • Local time:05:36 AM

Posted 23 February 2013 - 11:22 AM

Hi,

 

Before we continue...are you aware your system is set to run off of a proxy server or do you use this computer to connect to work/school?


WFxJwA4.png
 
mvp_horizontal_fullcolor-(copy2).jpeg
 


#5 dele21

dele21
  • Topic Starter

  • Members
  • 20 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:'Merica
  • Local time:05:36 AM

Posted 23 February 2013 - 11:23 AM

I am aware of this. I am connected through a University's network.



#6 jeffce

jeffce

    Bleepin' Super Saiyan


  • Malware Response Team
  • 3,442 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:USA
  • Local time:05:36 AM

Posted 23 February 2013 - 11:40 AM

ComboFix
  • Please open Notepad (Start -> Run -> type notepad in the Open field -> OK) and copy and paste the text present inside the box below:


    ClearJavaCache::

    DDS::
    BHO: vShare Plugin: {043C5167-00BB-4324-AF7E-62013FAEDACF} - C:\Program Files (x86)\vShare\vshare_toolbar.dll
    BHO: YTD Toolbar: {F3FEE66E-E034-436a-86E4-9690573BEE8A} - LocalServer32 - <no file>
    BHO: {F8A6CAA2-533D-4AED-9E05-8EB19A4021AB} - <orphaned>
    TB: vShare Plugin: {043C5167-00BB-4324-AF7E-62013FAEDACF} - C:\Program Files (x86)\vShare\vshare_toolbar.dll
    TB: YTD Toolbar: {F3FEE66E-E034-436a-86E4-9690573BEE8A} - LocalServer32 - <no file>
    Handler: vsharechrome - {3F3A4B8A-86FC-43A4-BB00-6D7EBE9D4484} - C:\Program Files (x86)\vShare\vshare_toolbar.dll

    Firefox::
    FF - ProfilePath - C:\Users\DelektoJA\AppData\Roaming\Mozilla\Firefox\Profiles\s90ssnxf.default\
    FF - ExtSQL: 2013-02-01 21:58; jid1-xUfzOsOFlzSOXg@jetpack; C:\Users\DelektoJA\AppData\Roaming\Mozilla\Firefox\Profiles\s90ssnxf.default\extensions\jid1-xUfzOsOFlzSOXg@jetpack.xpi

    DirLook::
    C:\Windows\SysWow64\????????????????

  • Save this as CFScript.txt and change the "Save as type" to "All Files" and place it on your desktop.

    CFScriptB-4.gif
  • Very Important! Temporarily disable your anti-virus, script blocking and any anti-malware real-time protection before following the steps below. They can interfere with ComboFix or remove some of its embedded files which may cause "unpredictable results".
  • Referring to the screenshot above, drag CFScript.txt into ComboFix.exe.
  • ComboFix may request an update; please allow it.
  • ComboFix will now run a scan on your system. It may reboot your system when it finishes. This is normal.
  • When finished, it shall produce a log for you. Post the contents of the log in your next reply.
  • CAUTION: Do not mouse-click ComboFix's window while it is running. That may cause it to stall.

WFxJwA4.png
 
mvp_horizontal_fullcolor-(copy2).jpeg
 


#7 dele21

dele21
  • Topic Starter

  • Members
  • 20 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:'Merica
  • Local time:05:36 AM

Posted 23 February 2013 - 12:14 PM

It produced a log which I saved manually as "log.txt". I also found the "ComboFIx.txt" log. Not sure if there is a difference so I attached both. The "log.txt" was the one that actually popped up after it was done.

Attached Files



#8 jeffce

jeffce

    Bleepin' Super Saiyan


  • Malware Response Team
  • 3,442 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:USA
  • Local time:05:36 AM

Posted 23 February 2013 - 12:22 PM

ComboFix
  • Please open Notepad (Start -> Run -> type notepad in the Open field -> OK) and copy and paste the text present inside the box below:


    ClearJavaCache::

    DDS::
    BHO: vShare Plugin: {043C5167-00BB-4324-AF7E-62013FAEDACF} - C:\Program Files (x86)\vShare\vshare_toolbar.dll
    BHO: YTD Toolbar: {F3FEE66E-E034-436a-86E4-9690573BEE8A} - LocalServer32 - <no file>
    BHO: {F8A6CAA2-533D-4AED-9E05-8EB19A4021AB} - <orphaned>
    TB: vShare Plugin: {043C5167-00BB-4324-AF7E-62013FAEDACF} - C:\Program Files (x86)\vShare\vshare_toolbar.dll
    TB: YTD Toolbar: {F3FEE66E-E034-436a-86E4-9690573BEE8A} - LocalServer32 - <no file>
    Handler: vsharechrome - {3F3A4B8A-86FC-43A4-BB00-6D7EBE9D4484} - C:\Program Files (x86)\vShare\vshare_toolbar.dll

    Firefox::
    FF - ProfilePath - C:\Users\DelektoJA\AppData\Roaming\Mozilla\Firefox\Profiles\s90ssnxf.default\
    FF - ExtSQL: 2013-02-01 21:58; jid1-xUfzOsOFlzSOXg@jetpack; C:\Users\DelektoJA\AppData\Roaming\Mozilla\Firefox\Profiles\s90ssnxf.default\extensions\jid1-xUfzOsOFlzSOXg@jetpack.xpi

    Folder::
    C:\Windows\SysWow64\????????????????

  • Save this as CFScript.txt and change the "Save as type" to "All Files" and place it on your desktop.

    CFScriptB-4.gif
  • Very Important! Temporarily disable your anti-virus, script blocking and any anti-malware real-time protection before following the steps below. They can interfere with ComboFix or remove some of its embedded files which may cause "unpredictable results".
  • Referring to the screenshot above, drag CFScript.txt into ComboFix.exe.
  • ComboFix may request an update; please allow it.
  • ComboFix will now run a scan on your system. It may reboot your system when it finishes. This is normal.
  • When finished, it shall produce a log for you. Post the contents of the log in your next reply.
  • CAUTION: Do not mouse-click ComboFix's window while it is running. That may cause it to stall.

    Post the new ComboFix log and let me know how your system is running now.

WFxJwA4.png
 
mvp_horizontal_fullcolor-(copy2).jpeg
 


#9 dele21

dele21
  • Topic Starter

  • Members
  • 20 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:'Merica
  • Local time:05:36 AM

Posted 23 February 2013 - 01:24 PM

Here is the ComboFix.txt file.

Attached Files



#10 dele21

dele21
  • Topic Starter

  • Members
  • 20 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:'Merica
  • Local time:05:36 AM

Posted 23 February 2013 - 01:27 PM

My system seems to be more stable than before. However it still seems to be lagging up (notepad.exe crashed trying to display the logfile after ComboFix had completed its cycle.) What actually took place in the last two steps?


Edited by dele21, 23 February 2013 - 01:36 PM.


#11 jeffce

jeffce

    Bleepin' Super Saiyan


  • Malware Response Team
  • 3,442 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:USA
  • Local time:05:36 AM

Posted 23 February 2013 - 08:45 PM

Hi,

 

Let's do a bit more digging then with a different tool.  smile.png

 

 


 OTL
  • Download OTL to your desktop.
  • Right-click and Run as Administrator on the icon to run it. Make sure all other windows are closed and to let it run uninterrupted.
  • Select All Users
  • When the window appears, underneath Output at the top change it to Minimal Output.
  • Check the boxes beside LOP Check and Purity Check.
  • Click the Quick Scan button. Do not change any settings unless otherwise told to do so. The scan wont take long.
  • When the scan completes, it will open two notepad windows. OTL.Txt and Extras.Txt.
  • Note:These logs can be located in the OTL. folder on you C:\ drive if they fail to open automatically.
  • Please copy (Edit->Select All, Edit->Copy) the contents of these files, one at a time, and post it with your next reply. You may need two posts to fit them both in.
  • ----------

    Edited by jeffce, 23 February 2013 - 08:45 PM.

    WFxJwA4.png
     
    mvp_horizontal_fullcolor-(copy2).jpeg
     


    #12 dele21

    dele21
    • Topic Starter

    • Members
    • 20 posts
    • OFFLINE
    •  
    • Gender:Male
    • Location:'Merica
    • Local time:05:36 AM

    Posted 23 February 2013 - 09:29 PM

    OTL logfile created on: 2/23/2013 9:08:52 PM - Run 1
    OTL by OldTimer - Version 3.2.69.0     Folder = C:\Users\DelektoJA\Desktop
    64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
    Internet Explorer (Version = 9.0.8112.16421)
    Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy
     
    3.80 Gb Total Physical Memory | 1.61 Gb Available Physical Memory | 42.35% Memory free
    7.61 Gb Paging File | 4.63 Gb Available in Paging File | 60.85% Paging File free
    Paging file location(s): ?:\pagefile.sys [binary data]
     
    %SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
    Drive C: | 452.34 Gb Total Space | 159.90 Gb Free Space | 35.35% Space Free | Partition Type: NTFS
    Drive D: | 13.13 Gb Total Space | 2.15 Gb Free Space | 16.40% Space Free | Partition Type: NTFS
    Drive E: | 99.02 Mb Total Space | 95.15 Mb Free Space | 96.09% Space Free | Partition Type: FAT32
    Drive I: | 199.00 Mb Total Space | 160.82 Mb Free Space | 80.81% Space Free | Partition Type: NTFS
    Drive M: | 110.00 Mb Total Space | 102.41 Mb Free Space | 93.10% Space Free | Partition Type: NTFS
    Drive T: | 984.74 Gb Total Space | 205.29 Gb Free Space | 20.85% Space Free | Partition Type: NTFS
     
    Computer Name: LINUXWANNABE-PC | User Name: DelektoJA | Logged in as Administrator.
    Boot Mode: Normal | Scan Mode: All users | Quick Scan | Include 64bit Scans
    Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days
     
    ========== Processes (SafeList) ==========
     
    PRC - C:\Users\DelektoJA\Desktop\OTL.exe (OldTimer Tools)
    PRC - C:\Users\DelektoJA\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe (Spotify Ltd)
    PRC - C:\Program Files (x86)\Secunia\PSI\psia.exe (Secunia)
    PRC - C:\Program Files (x86)\Secunia\PSI\sua.exe (Secunia)
    PRC - C:\Users\DelektoJA\AppData\Roaming\Dashlane\bin\Firefox_Extension\{442718d9-475e-452a-b3e1-fb1ee16b8e9f}\components\Dashlane.exe ()
    PRC - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe (Adobe Systems Incorporated)
    PRC - C:\Program Files (x86)\Motorola Media Link\Lite\NServiceEntry.exe (Nero AG)
    PRC - C:\Program Files (x86)\Hewlett-Packard\Shared\HPDrvMntSvc.exe (Hewlett-Packard Company)
    PRC - c:\Program Files (x86)\Hewlett-Packard\Media\Live TV\TVAgent.exe (CyberLink Corp.)
    PRC - c:\Program Files (x86)\Hewlett-Packard\TouchSmart\Media\Kernel\CLML\CLMLSvc.exe (CyberLink)
    PRC - C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe (Intel Corporation)
    PRC - C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe (Intel Corporation)
    PRC - C:\Program Files (x86)\Spybot - Search & Destroy\SDWinSec.exe (Safer Networking Ltd.)
     
     
    ========== Modules (No Company Name) ==========
     
    MOD - C:\Users\DelektoJA\AppData\Roaming\Dashlane\bin\Firefox_Extension\{442718d9-475e-452a-b3e1-fb1ee16b8e9f}\components\KWMainLib_win.dll ()
    MOD - C:\Users\DelektoJA\AppData\Roaming\Dashlane\bin\Firefox_Extension\{442718d9-475e-452a-b3e1-fb1ee16b8e9f}\components\Dashlane.exe ()
    MOD - C:\Users\DelektoJA\AppData\Roaming\Dashlane\bin\Firefox_Extension\{442718d9-475e-452a-b3e1-fb1ee16b8e9f}\components\KWApplication.dll ()
    MOD - C:\Users\DelektoJA\AppData\Roaming\Dashlane\bin\Firefox_Extension\{442718d9-475e-452a-b3e1-fb1ee16b8e9f}\components\KWData.dll ()
    MOD - C:\Users\DelektoJA\AppData\Roaming\Dashlane\bin\Firefox_Extension\{442718d9-475e-452a-b3e1-fb1ee16b8e9f}\components\KWExternLib.dll ()
    MOD - C:\Users\DelektoJA\AppData\Roaming\Dashlane\bin\Firefox_Extension\{442718d9-475e-452a-b3e1-fb1ee16b8e9f}\components\KWUtils.dll ()
    MOD - C:\Users\DelektoJA\AppData\Roaming\Dashlane\bin\Firefox_Extension\{442718d9-475e-452a-b3e1-fb1ee16b8e9f}\components\KWDebug.dll ()
    MOD - C:\Users\DelektoJA\AppData\Roaming\Dashlane\bin\Firefox_Extension\{442718d9-475e-452a-b3e1-fb1ee16b8e9f}\components\KWDebugDll_win32.dll ()
    MOD - C:\Program Files (x86)\Common Files\microsoft shared\OFFICE14\Cultures\OFFICE.ODF ()
    MOD - C:\Program Files (x86)\Microsoft Office\Office14\1033\GrooveIntlResource.dll ()
    MOD - c:\Program Files (x86)\Hewlett-Packard\Media\Live TV\Kernel\TV\CLCapEngine.dll ()
    MOD - c:\Program Files (x86)\Hewlett-Packard\Media\Live TV\Kernel\TV\CLSchMgr.dll ()
    MOD - c:\Program Files (x86)\Hewlett-Packard\Media\Live TV\Kernel\TV\CLTinyDB.dll ()
    MOD - c:\Program Files (x86)\Hewlett-Packard\TouchSmart\Media\Kernel\CLML\CLMediaLibrary.dll ()
     
     
    ========== Services (SafeList) ==========
     
    SRV:64bit: - (FLEXnet Licensing Service 64) -- C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService64.exe (Flexera Software, Inc.)
    SRV:64bit: - (HitmanProScheduler) -- C:\Program Files\HitmanPro\hmpsched.exe (SurfRight B.V.)
    SRV:64bit: - (SolutoLauncherService) -- C:\Program Files\Soluto\SolutoLauncherService.exe (Soluto)
    SRV:64bit: - (SolutoService) -- C:\Program Files\Soluto\SolutoService.exe (Soluto)
    SRV:64bit: - (SolutoRemoteService) -- C:\Program Files\Soluto\SolutoRemoteService.exe (Soluto)
    SRV:64bit: - (BdDesktopParental) -- C:\Program Files\Bitdefender\Bitdefender 2013\bdparentalservice.exe (Bitdefender)
    SRV:64bit: - (NisSrv) -- c:\Program Files\Microsoft Security Client\NisSrv.exe (Microsoft Corporation)
    SRV:64bit: - (MsMpSvc) -- c:\Program Files\Microsoft Security Client\MsMpEng.exe (Microsoft Corporation)
    SRV:64bit: - (VSSERV) -- C:\Program Files\Bitdefender\Bitdefender 2013\vsserv.exe (Bitdefender)
    SRV:64bit: - (UPDATESRV) -- C:\Program Files\Bitdefender\Bitdefender 2013\updatesrv.exe (Bitdefender)
    SRV:64bit: - (CGVPNCliSrvc) -- C:\Program Files\CyberGhost VPN\CGVPNCliService.exe (mobile concepts GmbH)
    SRV:64bit: - (CoordinatorServiceHost) -- C:\Program Files\SolidWorks Corp\SolidWorks\swScheduler\DTSCoordinatorService.exe (Dassault Systèmes SolidWorks Corp.)
    SRV:64bit: - (LBTServ) -- C:\Program Files\Common Files\LogiShrd\Bluetooth\LBTServ.exe (Logitech, Inc.)
    SRV:64bit: - (hpsrv) -- C:\Windows\SysNative\hpservice.exe (Hewlett-Packard Company)
    SRV:64bit: - (HPSIService) -- C:\Windows\SysNative\HPSIsvc.exe (HP)
    SRV:64bit: - (MSCamSvc) -- C:\Program Files\Microsoft LifeCam\MSCamS64.exe (Microsoft Corporation)
    SRV:64bit: - (STacSV) -- C:\Windows\SysNative\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_70dacb64382a61a7\stacsv64.exe (IDT, Inc.)
    SRV:64bit: - (WinDefend) -- C:\Program Files\Windows Defender\MpSvc.dll (Microsoft Corporation)
    SRV:64bit: - (vcsFPService) -- C:\Windows\SysNative\vcsFPService.exe (Validity Sensors, Inc.)
    SRV:64bit: - (AESTFilters) -- C:\Windows\SysNative\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_70dacb64382a61a7\AESTSr64.exe (Andrea Electronics Corporation)
    SRV - (AdobeFlashPlayerUpdateSvc) -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe (Adobe Systems Incorporated)
    SRV - (SolidWorks Licensing Service) -- C:\Program Files (x86)\Common Files\SolidWorks Shared\Service\SolidWorksLicensing.exe (SolidWorks)
    SRV - (FLEXnet Licensing Service) -- C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe (Flexera Software, Inc.)
    SRV - (Secunia PSI Agent) -- C:\Program Files (x86)\Secunia\PSI\psia.exe (Secunia)
    SRV - (Secunia Update Agent) -- C:\Program Files (x86)\Secunia\PSI\sua.exe (Secunia)
    SRV - (MozillaMaintenance) -- C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe (Mozilla Foundation)
    SRV - (AdobeARMservice) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe (Adobe Systems Incorporated)
    SRV - (MBAMService) -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe (Malwarebytes Corporation)
    SRV - (MBAMScheduler) -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe (Malwarebytes Corporation)
    SRV - (SkypeUpdate) -- C:\Program Files (x86)\Skype\Updater\Updater.exe (Skype Technologies)
    SRV - (PnkBstrA) -- C:\Windows\SysWOW64\PnkBstrA.exe ()
    SRV - (Steam Client Service) -- C:\Program Files (x86)\Common Files\Steam\SteamService.exe (Valve Corporation)
    SRV - (Skype C2C Service) -- C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe (Skype Technologies S.A.)
    SRV - (DeviceMonitorService) -- C:\Program Files (x86)\Motorola Media Link\Lite\NServiceEntry.exe (Nero AG)
    SRV - (HPDrvMntSvc.exe) -- C:\Program Files (x86)\Hewlett-Packard\Shared\HPDrvMntSvc.exe (Hewlett-Packard Company)
    SRV - (STacSV) -- C:\Windows\System32\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_70dacb64382a61a7\STacSV64.exe (IDT, Inc.)
    SRV - (clr_optimization_v4.0.30319_32) -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe (Microsoft Corporation)
    SRV - (UNS) -- C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe (Intel Corporation)
    SRV - (LMS) -- C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe (Intel Corporation)
    SRV - (vcsFPService) -- C:\Windows\SysWOW64\vcsFPService.exe (Validity Sensors, Inc.)
    SRV - (clr_optimization_v2.0.50727_32) -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe (Microsoft Corporation)
    SRV - (AESTFilters) -- C:\Windows\System32\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_70dacb64382a61a7\AESTSr64.exe (Andrea Electronics Corporation)
    SRV - (Adobe Version Cue CS2) -- c:\Program Files (x86)\Adobe\Adobe Version Cue CS2\bin\VersionCueCS2.exe (Adobe Systems Incorporated)
     
     
    ========== Driver Services (SafeList) ==========
     
    DRV:64bit: - (PSI) -- C:\Windows\SysNative\drivers\psi_mf_amd64.sys (Secunia)
    DRV:64bit: - (Soluto) -- C:\Windows\SysNative\drivers\Soluto.sys (Soluto LTD.)
    DRV:64bit: - (hola_net) -- C:\Windows\SysNative\drivers\hola_net.sys (Hola Networks Ltd.)
    DRV:64bit: - (NisDrv) -- C:\Windows\SysNative\drivers\NisDrvWFP.sys (Microsoft Corporation)
    DRV:64bit: - (truecrypt) -- C:\Windows\SysNative\drivers\truecrypt.sys (TrueCrypt Foundation)
    DRV:64bit: - (avc3) -- C:\Windows\SysNative\drivers\avc3.sys (BitDefender)
    DRV:64bit: - (avckf) -- C:\Windows\SysNative\drivers\avckf.sys (BitDefender)
    DRV:64bit: - (MBAMProtector) -- C:\Windows\SysNative\drivers\mbam.sys (Malwarebytes Corporation)
    DRV:64bit: - (BDSandBox) -- C:\Windows\SysNative\drivers\bdsandbox.sys (BitDefender SRL)
    DRV:64bit: - (avchv) -- C:\Windows\SysNative\drivers\avchv.sys (BitDefender)
    DRV:64bit: - (trufos) -- C:\Windows\SysNative\drivers\trufos.sys (BitDefender S.R.L.)
    DRV:64bit: - (VBoxNetAdp) -- C:\Windows\SysNative\drivers\VBoxNetAdp.sys (Oracle Corporation)
    DRV:64bit: - (Point64) -- C:\Windows\SysNative\drivers\point64.sys (Microsoft Corporation)
    DRV:64bit: - (dc3d) -- C:\Windows\SysNative\drivers\dc3d.sys (Microsoft Corporation)
    DRV:64bit: - (USBAAPL64) -- C:\Windows\SysNative\drivers\usbaapl64.sys (Apple, Inc.)
    DRV:64bit: - (mvusbews) -- C:\Windows\SysNative\drivers\mvusbews.sys (Marvell Semiconductor, Inc.)
    DRV:64bit: - (gzflt) -- C:\Windows\SysNative\drivers\gzflt.sys (BitDefender LLC)
    DRV:64bit: - (RdpVideoMiniport) -- C:\Windows\SysNative\drivers\rdpvideominiport.sys (Microsoft Corporation)
    DRV:64bit: - (TsUsbFlt) -- C:\Windows\SysNative\drivers\TsUsbFlt.sys (Microsoft Corporation)
    DRV:64bit: - (GEARAspiWDM) -- C:\Windows\SysNative\drivers\GEARAspiWDM.sys (GEAR Software Inc.)
    DRV:64bit: - (BdfNdisf) -- c:\Program Files\Common Files\Bitdefender\Bitdefender Firewall\bdfndisf6.sys (BitDefender LLC)
    DRV:64bit: - (Fs_Rec) -- C:\Windows\SysNative\drivers\fs_rec.sys (Microsoft Corporation)
    DRV:64bit: - (tap0901) -- C:\Windows\SysNative\drivers\tap0901.sys (The OpenVPN Project)
    DRV:64bit: - (bdfwfpf) -- C:\Program Files\Common Files\Bitdefender\Bitdefender Firewall\bdfwfpf.sys (BitDefender LLC)
    DRV:64bit: - (SynTP) -- C:\Windows\SysNative\drivers\SynTP.sys (Synaptics Incorporated)
    DRV:64bit: - (LMouFilt) -- C:\Windows\SysNative\drivers\LMouFilt.Sys (Logitech, Inc.)
    DRV:64bit: - (LHidFilt) -- C:\Windows\SysNative\drivers\LHidFilt.Sys (Logitech, Inc.)
    DRV:64bit: - (iPodDrv) -- C:\Windows\SysNative\drivers\iPodDrv.sys (Windows ® Codename Longhorn DDK provider)
    DRV:64bit: - (hpdskflt) -- C:\Windows\SysNative\drivers\hpdskflt.sys (Hewlett-Packard Company)
    DRV:64bit: - (Accelerometer) -- C:\Windows\SysNative\drivers\Accelerometer.sys (Hewlett-Packard Company)
    DRV:64bit: - (NuidFltr) -- C:\Windows\SysNative\drivers\nuidfltr.sys (Microsoft Corporation)
    DRV:64bit: - (amdsata) -- C:\Windows\SysNative\drivers\amdsata.sys (Advanced Micro Devices)
    DRV:64bit: - (amdxata) -- C:\Windows\SysNative\drivers\amdxata.sys (Advanced Micro Devices)
    DRV:64bit: - (MSHUSBVideo) -- C:\Windows\SysNative\drivers\nx6000.sys (Microsoft Corporation)
    DRV:64bit: - (HpSAMD) -- C:\Windows\SysNative\drivers\HpSAMD.sys (Hewlett-Packard Company)
    DRV:64bit: - (sdbus) -- C:\Windows\SysNative\drivers\sdbus.sys (Microsoft Corporation)
    DRV:64bit: - (pneteth) -- C:\Windows\SysNative\drivers\pneteth.sys (June Fabrics Technology Inc.)
    DRV:64bit: - (ivusb) -- C:\Windows\SysNative\drivers\ivusb.sys (Initio Corporation)
    DRV:64bit: - (NETw5s64) -- C:\Windows\SysNative\drivers\NETw5s64.sys (Intel Corporation)
    DRV:64bit: - (sptd) -- C:\Windows\SysNative\drivers\sptd.sys ()
    DRV:64bit: - (STHDA) -- C:\Windows\SysNative\drivers\stwrt64.sys (IDT, Inc.)
    DRV:64bit: - (igfx) -- C:\Windows\SysNative\drivers\igdkmd64.sys (Intel Corporation)
    DRV:64bit: - (IntcDAud) -- C:\Windows\SysNative\drivers\IntcDAud.sys (Intel® Corporation)
    DRV:64bit: - (HECIx64) -- C:\Windows\SysNative\drivers\HECIx64.sys (Intel Corporation)
    DRV:64bit: - (RSUSBSTOR) -- C:\Windows\SysNative\drivers\RtsUStor.sys (Realtek Semiconductor Corp.)
    DRV:64bit: - (iaStor) -- C:\Windows\SysNative\drivers\iaStor.sys (Intel Corporation)
    DRV:64bit: - (RTL8167) -- C:\Windows\SysNative\drivers\Rt64win7.sys (Realtek                                            )
    DRV:64bit: - (amdsbs) -- C:\Windows\SysNative\drivers\amdsbs.sys (AMD Technologies Inc.)
    DRV:64bit: - (LSI_SAS2) -- C:\Windows\SysNative\drivers\lsi_sas2.sys (LSI Corporation)
    DRV:64bit: - (stexstor) -- C:\Windows\SysNative\drivers\stexstor.sys (Promise Technology)
    DRV:64bit: - (WSDPrintDevice) -- C:\Windows\SysNative\drivers\WSDPrint.sys (Microsoft Corporation)
    DRV:64bit: - (StillCam) -- C:\Windows\SysNative\drivers\serscan.sys (Microsoft Corporation)
    DRV:64bit: - (ROOTMODEM) -- C:\Windows\SysNative\drivers\rootmdm.sys (Microsoft Corporation)
    DRV:64bit: - (usb_rndisx) -- C:\Windows\SysNative\drivers\usb8023x.sys (Microsoft Corporation)
    DRV:64bit: - (enecir) -- C:\Windows\SysNative\drivers\enecir.sys (ENE TECHNOLOGY INC.)
    DRV:64bit: - (SrvHsfV92) -- C:\Windows\SysNative\drivers\VSTDPV6.SYS (Conexant Systems, Inc.)
    DRV:64bit: - (SrvHsfWinac) -- C:\Windows\SysNative\drivers\VSTCNXT6.SYS (Conexant Systems, Inc.)
    DRV:64bit: - (SrvHsfHDA) -- C:\Windows\SysNative\drivers\VSTAZL6.SYS (Conexant Systems, Inc.)
    DRV:64bit: - (yukonw7) -- C:\Windows\SysNative\drivers\yk62x64.sys (Marvell)
    DRV:64bit: - (netw5v64) -- C:\Windows\SysNative\drivers\netw5v64.sys (Intel Corporation)
    DRV:64bit: - (BCM43XX) -- C:\Windows\SysNative\drivers\BCMWL664.SYS (Broadcom Corporation)
    DRV:64bit: - (ebdrv) -- C:\Windows\SysNative\drivers\evbda.sys (Broadcom Corporation)
    DRV:64bit: - (b06bdrv) -- C:\Windows\SysNative\drivers\bxvbda.sys (Broadcom Corporation)
    DRV:64bit: - (b57nd60a) -- C:\Windows\SysNative\drivers\b57nd60a.sys (Broadcom Corporation)
    DRV:64bit: - (hcw85cir) -- C:\Windows\SysNative\drivers\hcw85cir.sys (Hauppauge Computer Works, Inc.)
    DRV:64bit: - (HpqKbFiltr) -- C:\Windows\SysNative\drivers\HpqKbFiltr.sys (Hewlett-Packard Development Company, L.P.)
    DRV:64bit: - (hamachi) -- C:\Windows\SysNative\drivers\hamachi.sys (LogMeIn, Inc.)
    DRV:64bit: - (mcdbus) -- C:\Windows\SysNative\drivers\mcdbus.sys (MagicISO, Inc.)
    DRV:64bit: - (WDC_SAM) -- C:\Windows\SysNative\drivers\wdcsam64.sys (Western Digital Technologies)
    DRV:64bit: - (OV550I) -- C:\Windows\SysNative\drivers\ov550ivx.sys (Omnivision Technologies, Inc.)
    DRV:64bit: - (PAC207) -- C:\Windows\SysNative\drivers\PFC027.SYS (PixArt Imaging Inc.)
    DRV:64bit: - (pnetmdm) -- C:\Windows\SysNative\drivers\pnetmdm64.sys (June Fabrics Technology)
    DRV - (RSUSBSTOR) -- C:\Windows\SysWOW64\drivers\RtsUStor.sys (Realtek Semiconductor Corp.)
    DRV - (WIMMount) -- C:\Windows\SysWOW64\drivers\wimmount.sys (Microsoft Corporation)
    DRV - (mcdbus) -- C:\Windows\SysWOW64\drivers\mcdbus.sys (MagicISO, Inc.)
     
     
    ========== Standard Registry (SafeList) ==========
     
     
    ========== Internet Explorer ==========
     
    IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = about:blank
    IE:64bit: - HKLM\..\SearchScopes,DefaultScope = {6A1806CD-94D4-4689-BA73-E35EA1EA9990}
    IE:64bit: - HKLM\..\SearchScopes\{A252CCA8-8819-4C5C-8652-76624B3EBBEB}: "URL" = http://www.bing.com/search?q={searchTerms}&form=HPNTDF&pc=HPNTDF&src=IE-SearchBox
    IE:64bit: - HKLM\..\SearchScopes\{B2BA3582-00F5-467C-BD0D-662553BF004E}: "URL" = http://www.ask.com/web?q={searchterms}&l=dis&o=ushpl
    IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
    IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = about:blank
    IE - HKLM\..\SearchScopes,DefaultScope = {6A1806CD-94D4-4689-BA73-E35EA1EA9990}
    IE - HKLM\..\SearchScopes\{A252CCA8-8819-4C5C-8652-76624B3EBBEB}: "URL" = http://www.bing.com/search?q={searchTerms}&form=HPNTDF&pc=HPNTDF&src=IE-SearchBox
    IE - HKLM\..\SearchScopes\{B2BA3582-00F5-467C-BD0D-662553BF004E}: "URL" = http://www.ask.com/web?q={searchterms}&l=dis&o=ushpl
     
     
    IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
     
    IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
     
     
     
    IE - HKU\S-1-5-21-2480015556-130784185-1519286648-1001\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://postview.vmi.edu/
    IE - HKU\S-1-5-21-2480015556-130784185-1519286648-1001\SOFTWARE\Microsoft\Internet Explorer\Search,Default_Search_URL = http://www.google.com/ie
    IE - HKU\S-1-5-21-2480015556-130784185-1519286648-1001\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.google.com/ie
    IE - HKU\S-1-5-21-2480015556-130784185-1519286648-1001\..\SearchScopes,DefaultScope = {8DD60203-0609-41A9-9DF7-36F517FC6E52}
    IE - HKU\S-1-5-21-2480015556-130784185-1519286648-1001\..\SearchScopes\{043C5167-00BB-4324-AF7E-62013FAEDACF}: "URL" = http://vshare.toolbarhome.com/search.aspx?q={searchTerms}&srch=dsp
    IE - HKU\S-1-5-21-2480015556-130784185-1519286648-1001\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = http://www.google.com/search?q={searchTerms}&rlz=1I7MOOI_en&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7
    IE - HKU\S-1-5-21-2480015556-130784185-1519286648-1001\..\SearchScopes\{8DD60203-0609-41A9-9DF7-36F517FC6E52}: "URL" = http://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}&ie={inputEncoding}&oe={outputEncoding}&startIndex={startIndex?}&startPage={startPage}&rlz=1I7MOOI_en
    IE - HKU\S-1-5-21-2480015556-130784185-1519286648-1001\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
    IE - HKU\S-1-5-21-2480015556-130784185-1519286648-1001\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = 192.168.*.*;localhost;*.local
     
    ========== FireFox ==========
     
    FF - prefs.js..browser.startup.homepage: "http://www.google.com/"
    FF - prefs.js..extensions.enabledAddons: %7Bd40f5e7b-d2cf-4856-b441-cc613eeffbe3%7D:1.68
    FF - prefs.js..extensions.enabledAddons: %7Bb9db16a4-6edc-47ec-a1f4-b86292ed211d%7D:4.9.13
    FF - prefs.js..extensions.enabledAddons: %7BDDC359D1-844A-42a7-9AA1-88A850A938A8%7D:2.0.15
    FF - prefs.js..extensions.enabledAddons: firefox%40ghostery.com:2.8.4
    FF - prefs.js..extensions.enabledAddons: adblockpopups%40jessehakanen.net:0.6
    FF - prefs.js..extensions.enabledAddons: %7B442718d9-475e-452a-b3e1-fb1ee16b8e9f%7D:1.7.5.28568
    FF - prefs.js..extensions.enabledAddons: %7B1018e4d6-728f-4b20-ad56-37578a4de76b%7D:4.2.6
    FF - prefs.js..extensions.enabledAddons: %7B972ce4c6-7e08-4474-a285-3208198ce6fd%7D:18.0.2
    FF - user.js - File not found
     
    FF:64bit: - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF64_11_5_502_149.dll File not found
    FF:64bit: - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files\Java\jre6\bin\plugin2\npjp2.dll (Sun Microsystems, Inc.)
    FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
    FF:64bit: - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files\Microsoft Silverlight\5.1.10411.0\npctrl.dll ( Microsoft Corporation)
    FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0: C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL (Microsoft Corporation)
    FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_5_502_149.dll ()
    FF - HKLM\Software\MozillaPlugins\@adobe.com/ShockwavePlayer: C:\Windows\SysWOW64\Adobe\Director\np32dsw_1200112.dll (Adobe Systems, Inc.)
    FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=:  File not found
    FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
    FF - HKLM\Software\MozillaPlugins\@canon.com/MycameraPlugin: C:\Program Files (x86)\Canon\MyCamera Download Plugin\NPCIG.dll (CANON INC.)
    FF - HKLM\Software\MozillaPlugins\@checkpoint.com/FFApi: C:\Program Files\CheckPoint\ZAForceField\WOW64\TrustChecker\bin\npFFApi.dll File not found
    FF - HKLM\Software\MozillaPlugins\@doubletwist.com/NPPodcast: C:\Program Files (x86)\Common Files\doubleTwist\NPPodcast.dll (doubleTwist Corporation)
    FF - HKLM\Software\MozillaPlugins\@Google.com/GoogleEarthPlugin: C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google)
    FF - HKLM\Software\MozillaPlugins\@google.com/npPicasa3,version=3.0.0: C:\Program Files (x86)\Google\Picasa3\npPicasa3.dll (Google, Inc.)
    FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.13.2: C:\Windows\SysWOW64\npDeployJava1.dll (Oracle Corporation)
    FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.13.2: C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
    FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
    FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files (x86)\Microsoft Silverlight\5.1.10411.0\npctrl.dll ( Microsoft Corporation)
    FF - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0: C:\PROGRA~2\MICROS~4\Office14\NPAUTHZ.DLL (Microsoft Corporation)
    FF - HKLM\Software\MozillaPlugins\@microsoft.com/SharePoint,version=14.0: C:\PROGRA~2\MICROS~4\Office14\NPSPWRAP.DLL (Microsoft Corporation)
    FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3502.0922: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
    FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3508.1109: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
    FF - HKLM\Software\MozillaPlugins\@mozilla.zeniko.ch/SumatraPDF_Browser_Plugin: C:\Program Files (x86)\SumatraPDF\npPdfViewer.dll (Simon Bünzli)
    FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files (x86)\Google\Update\1.3.21.135\npGoogleUpdate3.dll (Google Inc.)
    FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files (x86)\Google\Update\1.3.21.135\npGoogleUpdate3.dll (Google Inc.)
    FF - HKLM\Software\MozillaPlugins\@videolan.org/vlc,version=2.0.4: C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
    FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
    FF - HKCU\Software\MozillaPlugins\@mozilla.zeniko.ch/SumatraPDF_Browser_Plugin: C:\Program Files (x86)\SumatraPDF\npPdfViewer.dll (Simon Bünzli)
    FF - HKCU\Software\MozillaPlugins\@talk.google.com/GoogleTalkPlugin: C:\Users\DelektoJA\AppData\Roaming\Mozilla\plugins\npgoogletalk.dll (Google)
    FF - HKCU\Software\MozillaPlugins\@talk.google.com/O1DPlugin: C:\Users\DelektoJA\AppData\Roaming\Mozilla\plugins\npo1d.dll (Google)
    FF - HKCU\Software\MozillaPlugins\@talk.google.com/O3DPlugin: C:\Users\DelektoJA\AppData\Roaming\Mozilla\plugins\npgtpo3dautoplugin.dll ()
    FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Users\DelektoJA\AppData\Local\Google\Update\1.3.21.135\npGoogleUpdate3.dll (Google Inc.)
    FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Users\DelektoJA\AppData\Local\Google\Update\1.3.21.135\npGoogleUpdate3.dll (Google Inc.)
    FF - HKCU\Software\MozillaPlugins\amazon.com/AmazonMP3DownloaderPlugin: C:\Program Files (x86)\Amazon\MP3 Downloader\npAmazonMP3DownloaderPlugin101710.dll (Amazon.com, Inc.)
     
    64bit-FF - HKEY_LOCAL_MACHINE\software\mozilla\Thunderbird\Extensions\\bdThunderbird@bitdefender.com: C:\PROGRAM FILES\BITDEFENDER\BITDEFENDER 2013\BDTBEXT [2013/02/02 20:06:18 | 000,000,000 | ---D | M]
    FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{FFB96CC1-7EB3-449D-B827-DB661701C6BB}: C:\Program Files\CheckPoint\ZAForceField\WOW64\TrustChecker
    FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 18.0.2\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2013/02/06 20:07:09 | 000,000,000 | ---D | M]
    FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 18.0.2\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins
    FF - HKEY_LOCAL_MACHINE\software\mozilla\Thunderbird\Extensions\\eplgTb@eset.com: C:\Program Files\ESET\ESET Smart Security\Mozilla Thunderbird
    FF - HKEY_LOCAL_MACHINE\software\mozilla\Thunderbird\Extensions\\bdThunderbird@bitdefender.com: C:\Program Files\Bitdefender\Bitdefender 2013\bdtbext [2013/02/02 20:06:18 | 000,000,000 | ---D | M]
    FF - HKEY_CURRENT_USER\software\mozilla\Firefox\Extensions\\{442718d9-475e-452a-b3e1-fb1ee16b8e9f}: C:\Users\DelektoJA\AppData\Roaming\Dashlane\bin\Firefox_Extension\{442718d9-475e-452a-b3e1-fb1ee16b8e9f} [2013/02/06 17:01:51 | 000,000,000 | ---D | M]
     
    [2012/01/04 09:49:50 | 000,000,000 | ---D | M] (No name found) -- C:\Users\DelektoJA\AppData\Roaming\Mozilla\Extensions
    [2012/01/04 09:49:50 | 000,000,000 | ---D | M] (No name found) -- C:\Users\DelektoJA\AppData\Roaming\Mozilla\Extensions\home2@tomtom.com
    [2013/01/29 18:04:36 | 000,000,000 | ---D | M] (No name found) -- C:\Users\DelektoJA\AppData\Roaming\Mozilla\Firefox\Profiles\0\extensions
    [2013/02/18 23:02:52 | 000,000,000 | ---D | M] (No name found) -- C:\Users\DelektoJA\AppData\Roaming\Mozilla\Firefox\Profiles\s90ssnxf.default\extensions
    [2013/02/18 23:02:52 | 000,000,000 | ---D | M] (Flagfox) -- C:\Users\DelektoJA\AppData\Roaming\Mozilla\Firefox\Profiles\s90ssnxf.default\extensions\{1018e4d6-728f-4b20-ad56-37578a4de76b}
    [2013/02/01 21:55:49 | 000,000,000 | ---D | M] (DownloadHelper) -- C:\Users\DelektoJA\AppData\Roaming\Mozilla\Firefox\Profiles\s90ssnxf.default\extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d}
    [2013/02/01 21:55:51 | 000,000,000 | ---D | M] (Ghostery) -- C:\Users\DelektoJA\AppData\Roaming\Mozilla\Firefox\Profiles\s90ssnxf.default\extensions\firefox@ghostery.com
    [2012/05/09 10:20:31 | 000,086,818 | ---- | M] () (No name found) -- C:\Users\DelektoJA\AppData\Roaming\Mozilla\Firefox\Profiles\0\extensions\OneClickDownloader@OneClickDownloader.com.xpi
    [2012/10/13 12:27:00 | 000,037,914 | ---- | M] () (No name found) -- C:\Users\DelektoJA\AppData\Roaming\Mozilla\Firefox\Profiles\0\extensions\{5a95a9e0-59dd-4314-bd84-4d18ca83a0e2}.xpi
    [2013/02/01 21:55:51 | 000,130,828 | ---- | M] () (No name found) -- C:\Users\DelektoJA\AppData\Roaming\Mozilla\Firefox\Profiles\s90ssnxf.default\extensions\adblockpopups@jessehakanen.net.xpi
    [2013/02/01 21:50:05 | 000,123,385 | ---- | M] () (No name found) -- C:\Users\DelektoJA\AppData\Roaming\Mozilla\Firefox\Profiles\s90ssnxf.default\extensions\elemhidehelper@adblockplus.org.xpi
    [2013/02/01 21:58:41 | 000,423,679 | ---- | M] () (No name found) -- C:\Users\DelektoJA\AppData\Roaming\Mozilla\Firefox\Profiles\s90ssnxf.default\extensions\jid1-xUfzOsOFlzSOXg@jetpack.xpi
    [2013/02/15 21:58:19 | 000,817,280 | ---- | M] () (No name found) -- C:\Users\DelektoJA\AppData\Roaming\Mozilla\Firefox\Profiles\s90ssnxf.default\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi
    [2013/02/01 21:55:48 | 000,138,614 | ---- | M] () (No name found) -- C:\Users\DelektoJA\AppData\Roaming\Mozilla\Firefox\Profiles\s90ssnxf.default\extensions\{d40f5e7b-d2cf-4856-b441-cc613eeffbe3}.xpi
    [2013/02/01 21:55:49 | 000,698,867 | ---- | M] () (No name found) -- C:\Users\DelektoJA\AppData\Roaming\Mozilla\Firefox\Profiles\s90ssnxf.default\extensions\{DDC359D1-844A-42a7-9AA1-88A850A938A8}.xpi
    [2013/02/06 20:06:22 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\Mozilla Firefox\extensions
    [2013/02/06 17:01:51 | 000,000,000 | ---D | M] (Dashlane) -- C:\USERS\DELEKTOJA\APPDATA\ROAMING\DASHLANE\BIN\FIREFOX_EXTENSION\{442718D9-475E-452A-B3E1-FB1EE16B8E9F}
    [2013/02/06 20:07:09 | 000,262,552 | ---- | M] (Mozilla Foundation) -- C:\Program Files (x86)\mozilla firefox\components\browsercomps.dll
    [2013/01/16 15:10:30 | 000,002,465 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\bing.xml
    [2013/01/16 15:10:30 | 000,002,058 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\twitter.xml
     
    ========== Chrome  ==========
     
    CHR - homepage: http://www.vmi.edu/
    CHR - default_search_provider: Google (Enabled)
    CHR - default_search_provider: search_url = {google:baseURL}search?q={searchTerms}&{google:RLZ}{google:acceptedSuggestion}{google:originalQueryForSuggestion}{google:assistedQueryStats}{google:searchFieldtrialParameter}sourceid=chrome&ie={inputEncoding}
    CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client=chrome&hl={language}&q={searchTerms}&sugkey={google:suggestAPIKeyParameter},
    CHR - homepage: http://www.vmi.edu/
    CHR - plugin: Shockwave Flash (Enabled) = C:\Users\DelektoJA\AppData\Local\Google\Chrome\Application\24.0.1312.57\PepperFlash\pepflashplayer.dll
    CHR - plugin: Chrome Remote Desktop Viewer (Disabled) = internal-remoting-viewer
    CHR - plugin: Native Client (Enabled) = C:\Users\DelektoJA\AppData\Local\Google\Chrome\Application\24.0.1312.57\ppGoogleNaClPluginChrome.dll
    CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Users\DelektoJA\AppData\Local\Google\Chrome\Application\24.0.1312.57\pdf.dll
    CHR - plugin: Dashlane (Enabled) = C:\Users\DelektoJA\AppData\Local\Google\Chrome\User Data\Default\Extensions\mkjojgglmmcghgaiknnpgjgldgaocjfd\1.6.5.26469_0\npDashlane.dll
    CHR - plugin: Adobe Acrobat (Enabled) = C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Browser\nppdf32.dll
    CHR - plugin: QuickTime Plug-in 7.7.3 (Disabled) = C:\Program Files (x86)\QuickTime\plugins\npqtplugin.dll
    CHR - plugin: QuickTime Plug-in 7.7.3 (Disabled) = C:\Program Files (x86)\QuickTime\plugins\npqtplugin2.dll
    CHR - plugin: QuickTime Plug-in 7.7.3 (Disabled) = C:\Program Files (x86)\QuickTime\plugins\npqtplugin3.dll
    CHR - plugin: QuickTime Plug-in 7.7.3 (Disabled) = C:\Program Files (x86)\QuickTime\plugins\npqtplugin4.dll
    CHR - plugin: QuickTime Plug-in 7.7.3 (Disabled) = C:\Program Files (x86)\QuickTime\plugins\npqtplugin5.dll
    CHR - plugin: QuickTime Plug-in 7.7.3 (Disabled) = C:\Program Files (x86)\QuickTime\plugins\npqtplugin6.dll
    CHR - plugin: QuickTime Plug-in 7.7.3 (Disabled) = C:\Program Files (x86)\QuickTime\plugins\npqtplugin7.dll
    CHR - plugin: Google Talk Plugin (Disabled) = C:\Users\DelektoJA\AppData\Roaming\Mozilla\plugins\npgoogletalk.dll
    CHR - plugin: Google Talk Plugin Video Accelerator (Disabled) = C:\Users\DelektoJA\AppData\Roaming\Mozilla\plugins\npgtpo3dautoplugin.dll
    CHR - plugin: Microsoft Office 2010 (Disabled) = C:\PROGRA~2\MICROS~4\Office14\NPAUTHZ.DLL
    CHR - plugin: Microsoft Office 2010 (Disabled) = C:\PROGRA~2\MICROS~4\Office14\NPSPWRAP.DLL
    CHR - plugin: AmazonMP3DownloaderPlugin (Disabled) = C:\Program Files (x86)\Amazon\MP3 Downloader\npAmazonMP3DownloaderPlugin101710.dll
    CHR - plugin: NPCIG.dll (Disabled) = C:\Program Files (x86)\Canon\MyCamera Download Plugin\NPCIG.dll
    CHR - plugin: doubletwist Plugin 1, 3, 0, 0 (Disabled) = C:\Program Files (x86)\Common Files\doubleTwist\NPPodcast.dll
    CHR - plugin: Google Earth Plugin (Disabled) = C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll
    CHR - plugin: Picasa (Disabled) = C:\Program Files (x86)\Google\Picasa3\npPicasa3.dll
    CHR - plugin: Java™ Platform SE 7 U5 (Enabled) = C:\Program Files (x86)\Oracle\JavaFX 2.1 Runtime\bin\plugin2\npjp2.dll
    CHR - plugin: VLC Web Plugin (Enabled) = C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll
    CHR - plugin: Windows Live Photo Gallery (Disabled) = C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll
    CHR - plugin: iTunes Application Detector (Disabled) = C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll
    CHR - plugin: Google Update (Disabled) = C:\Users\DelektoJA\AppData\Local\Google\Update\1.3.21.124\npGoogleUpdate3.dll
    CHR - plugin: Shockwave for Director (Enabled) = C:\Windows\system32\Adobe\Director\np32dsw.dll
    CHR - plugin: Silverlight Plug-In (Enabled) = c:\Program Files (x86)\Microsoft Silverlight\5.1.10411.0\npctrl.dll
    CHR - Extension: FVD Video Downloader Launcher = C:\Users\DelektoJA\AppData\Local\Google\Chrome\User Data\Default\Extensions\ahlokhnddogldlplgkdgmfidibpgenoi\3.0.1_0\
    CHR - Extension: Xmarks Bookmark Sync = C:\Users\DelektoJA\AppData\Local\Google\Chrome\User Data\Default\Extensions\ajpgkpeckebdhofmmjfgcjjiiejpodla\1.0.24_0\
    CHR - Extension: Xmarks Bookmark Sync = C:\Users\DelektoJA\AppData\Local\Google\Chrome\User Data\Default\Extensions\ajpgkpeckebdhofmmjfgcjjiiejpodla\1.0.24_0\.bak
    CHR - Extension: Google Drive = C:\Users\DelektoJA\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\6.3_0\
    CHR - Extension: YouTube = C:\Users\DelektoJA\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_0\
    CHR - Extension: Adblock Plus = C:\Users\DelektoJA\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb\1.3.4_0\
    CHR - Extension: Netflix = C:\Users\DelektoJA\AppData\Local\Google\Chrome\User Data\Default\Extensions\deceagebecbceejblnlcjooeohmmeldh\1.0.0.2_0\
    CHR - Extension: Facebook Disconnect = C:\Users\DelektoJA\AppData\Local\Google\Chrome\User Data\Default\Extensions\ejpepffjfmamnambagiibghpglaidiec\1.3.0_0\
    CHR - Extension: DoNotTrackMe = C:\Users\DelektoJA\AppData\Local\Google\Chrome\User Data\Default\Extensions\epanfjkfahimkgomnigadpkobaefekcd\2.2.8.109_0\
    CHR - Extension: HTTPS Everywhere = C:\Users\DelektoJA\AppData\Local\Google\Chrome\User Data\Default\Extensions\gcbommkclmclpchllfjekcdonpmejbdp\2013.1.18_0\
    CHR - Extension: Porsche = C:\Users\DelektoJA\AppData\Local\Google\Chrome\User Data\Default\Extensions\gkclphmapdcppbmekmbkcjfanpmoidpg\3_0\
    CHR - Extension: Flixster = C:\Users\DelektoJA\AppData\Local\Google\Chrome\User Data\Default\Extensions\hgbpjlnkjhllfgfdmieompodgaefjcfh\1.0.6_0\
    CHR - Extension: Disconnect = C:\Users\DelektoJA\AppData\Local\Google\Chrome\User Data\Default\Extensions\jeoacafpbcihiomhlakheieifhpjdfeo\4.2.0_0\
    CHR - Extension: HTML5ify = C:\Users\DelektoJA\AppData\Local\Google\Chrome\User Data\Default\Extensions\jikbjpjgjmmdhcmlagappehlpiljoaop\0.5_0\
    CHR - Extension: Reddit Enhancement Suite = C:\Users\DelektoJA\AppData\Local\Google\Chrome\User Data\Default\Extensions\kbmfpngjjgdllneeigpgjifpgocmfgmb\4.1.5_0\
    CHR - Extension: Google Maps = C:\Users\DelektoJA\AppData\Local\Google\Chrome\User Data\Default\Extensions\lneaknkopdijkpnocmklfnjbeapigfbh\5.2.7_0\
    CHR - Extension: FlashControl = C:\Users\DelektoJA\AppData\Local\Google\Chrome\User Data\Default\Extensions\mfidmkgnfgnkihnjeklbekckimkipmoe\3.0.16_0\
    CHR - Extension: Dashlane = C:\Users\DelektoJA\AppData\Local\Google\Chrome\User Data\Default\Extensions\mkjojgglmmcghgaiknnpgjgldgaocjfd\1.7.5.28568_0\
    CHR - Extension: Ghostery = C:\Users\DelektoJA\AppData\Local\Google\Chrome\User Data\Default\Extensions\mlomiejdfkolichcflejclcbmpeaniij\4.1.0_0\
    CHR - Extension: SkyDrive = C:\Users\DelektoJA\AppData\Local\Google\Chrome\User Data\Default\Extensions\nffchahhjecejoiigmnhhicpoabngedk\1.0.3_0\
    CHR - Extension: Hover Zoom = C:\Users\DelektoJA\AppData\Local\Google\Chrome\User Data\Default\Extensions\nonjdcjchghhkdoolnlbekcfllmednbl\4.11_0\
    CHR - Extension: YouTube Options for Google Chrome™ (Full Version) = C:\Users\DelektoJA\AppData\Local\Google\Chrome\User Data\Default\Extensions\ojmgeoecaejeajjegjmijbcifhkbmgjd\1.8.108_0\
    CHR - Extension: Gmail = C:\Users\DelektoJA\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0\
     
    O1 HOSTS File: ([2013/02/22 19:11:54 | 000,000,027 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts
    O1 - Hosts: 127.0.0.1       localhost
    O2:64bit: - BHO: (Java™ Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dll (Sun Microsystems, Inc.)
    O2 - BHO: (vShare Plugin) - {043C5167-00BB-4324-AF7E-62013FAEDACF} - C:\Program Files (x86)\vShare\vshare_toolbar.dll ()
    O2 - BHO: (no name) - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - No CLSID value found.
    O2 - BHO: (Dashlane BHO) - {42D79B50-CC4A-4A8E-860F-BE674AF053A2} - C:\Users\DelektoJA\AppData\Roaming\Dashlane\bin\Dashlanei.dll (Dashlane)
    O2 - BHO: (Spybot-S&D IE Protection) - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files (x86)\Spybot - Search & Destroy\SDHelper.dll (Safer Networking Limited)
    O2 - BHO: (PodcastBHO Class) - {65134FDF-F8A5-4B3D-91D9-CDF273CFD578} - C:\Program Files (x86)\Common Files\doubleTwist\IEPodcastPlugin.dll (doubleTwist Corporation)
    O2 - BHO: (Java™ Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
    O2 - BHO: (Skype Browser Helper) - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
    O2 - BHO: (Microsoft Live Search Toolbar Helper) - {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - c:\Program Files (x86)\MSN\Toolbar\3.0.0566.0\msneshellx.dll (Microsoft Corp.)
    O2 - BHO: (Java™ Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
    O2 - BHO: (YTD Toolbar) - {F3FEE66E-E034-436a-86E4-9690573BEE8A} - Reg Error: Value error. File not found
    O2 - BHO: (no name) - {F8A6CAA2-533D-4AED-9E05-8EB19A4021AB} - No CLSID value found.
    O3 - HKLM\..\Toolbar: (vShare Plugin) - {043C5167-00BB-4324-AF7E-62013FAEDACF} - C:\Program Files (x86)\vShare\vshare_toolbar.dll ()
    O3 - HKLM\..\Toolbar: (no name) - {10EDB994-47F8-43F7-AE96-F2EA63E9F90F} - No CLSID value found.
    O3 - HKLM\..\Toolbar: (Dashlane Toolbar) - {669695BC-A811-4A9D-8CDF-BA8C795F261C} - C:\Users\DelektoJA\AppData\Roaming\Dashlane\bin\KWIEBar.dll (Dashlane)
    O3 - HKLM\..\Toolbar: (YTD Toolbar) - {F3FEE66E-E034-436a-86E4-9690573BEE8A} - Reg Error: Value error. File not found
    O3 - HKU\S-1-5-21-2480015556-130784185-1519286648-1001\..\Toolbar\WebBrowser: (no name) - {EE2AC4E5-B0B0-4EC6-88A9-BCA1A32AB107} - No CLSID value found.
    O4:64bit: - HKLM..\Run: [Bdagent] C:\Program Files\Bitdefender\Bitdefender 2013\bdagent.exe (Bitdefender)
    O4:64bit: - HKLM..\Run: [EvtMgr6] C:\Program Files\Logitech\SetPointP\SetPoint.exe (Logitech, Inc.)
    O4:64bit: - HKLM..\Run: [IntelliPoint] c:\Program Files\Microsoft Mouse and Keyboard Center\ipoint.exe (Microsoft Corporation)
    O4:64bit: - HKLM..\Run: [IntelliType Pro] c:\Program Files\Microsoft Mouse and Keyboard Center\itype.exe (Microsoft Corporation)
    O4:64bit: - HKLM..\Run: [MSC] c:\Program Files\Microsoft Security Client\msseces.exe (Microsoft Corporation)
    O4:64bit: - HKLM..\Run: [Soluto] c:\program files\soluto\soluto.exe (Soluto)
    O4:64bit: - HKLM..\Run: [SysTrayApp] C:\Program Files\IDT\WDM\sttray64.exe (IDT, Inc.)
    O4 - HKLM..\Run: []  File not found
    O4 - HKLM..\Run: [LifeCam] C:\Program Files (x86)\Microsoft LifeCam\LifeExp.exe (Microsoft Corporation)
    O4 - HKU\S-1-5-21-2480015556-130784185-1519286648-1001..\Run: [Dashlane] C:\Users\DelektoJA\AppData\Roaming\Dashlane\bin\Firefox_Extension\{442718d9-475e-452a-b3e1-fb1ee16b8e9f}\components\Dashlane.exe ()
    O4 - HKU\S-1-5-21-2480015556-130784185-1519286648-1001..\Run: [F.lux] C:\Users\DelektoJA\Local Settings\Apps\F.lux\flux.exe ()
    O4 - HKU\S-1-5-21-2480015556-130784185-1519286648-1001..\Run: [SkyDrive] C:\Users\DelektoJA\AppData\Local\Microsoft\SkyDrive\SkyDrive.exe (Microsoft Corporation)
    O4 - HKU\S-1-5-21-2480015556-130784185-1519286648-1001..\Run: [Spotify Web Helper] C:\Users\DelektoJA\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe (Spotify Ltd)
    O4 - HKU\S-1-5-21-2480015556-130784185-1519286648-1001..\Run: [SpybotSD TeaTimer] C:\Program Files (x86)\Spybot - Search & Destroy\TeaTimer.exe (Safer-Networking Ltd.)
    O4 - HKU\S-1-5-21-2480015556-130784185-1519286648-1001..\Run: [StartMenuX] C:\Program Files\Start Menu X\StartMenuX.exe (OrdinarySoft)
    O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Low Rights present
    O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present
    O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
    O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 0
    O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
    O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLUA = 0
    O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: PromptOnSecureDesktop = 0
    O7 - HKU\.DEFAULT\Software\Policies\Microsoft\Internet Explorer\Control Panel present
    O7 - HKU\S-1-5-18\Software\Policies\Microsoft\Internet Explorer\Control Panel present
    O7 - HKU\S-1-5-19\Software\Policies\Microsoft\Internet Explorer\Control Panel present
    O7 - HKU\S-1-5-20\Software\Policies\Microsoft\Internet Explorer\Control Panel present
    O7 - HKU\S-1-5-21-2480015556-130784185-1519286648-1001\Software\Policies\Microsoft\Internet Explorer\Control Panel present
    O7 - HKU\S-1-5-21-2480015556-130784185-1519286648-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
    O7 - HKU\S-1-5-21-2480015556-130784185-1519286648-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
    O8:64bit: - Extra context menu item: Add to Evernote 4.0 - C:\Program Files (x86)\Evernote\Evernote\EvernoteIE.dll (Evernote Corp., 333 W Evelyn Ave. Mountain View, CA 94041)
    O8:64bit: - Extra context menu item: Add to Google Photos Screensa&ver - res://C:\Windows\system32\GPhotos.scr/200 File not found
    O8:64bit: - Extra context menu item: Google Sidewiki... - res://C:\Program Files (x86)\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_89D8574934B26AC4.dll/cmsidewiki.html File not found
    O8 - Extra context menu item: Add to Evernote 4.0 - C:\Program Files (x86)\Evernote\Evernote\EvernoteIE.dll (Evernote Corp., 333 W Evelyn Ave. Mountain View, CA 94041)
    O8 - Extra context menu item: Add to Google Photos Screensa&ver - C:\Windows\SysWow64\GPhotos.scr (Google Inc.)
    O8 - Extra context menu item: Google Sidewiki... - res://C:\Program Files (x86)\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_89D8574934B26AC4.dll/cmsidewiki.html File not found
    O9 - Extra Button: HP Smart Print - {22CC3EBD-C286-43aa-B8E6-06B115F74162} - C:\Program Files (x86)\Hewlett-Packard\Smart Print 2.0\smartprintsetup.exe (Hewlett-Packard)
    O9 - Extra 'Tools' menuitem : HP Smart Print - {22CC3EBD-C286-43aa-B8E6-06B115F74162} - C:\Program Files (x86)\Hewlett-Packard\Smart Print 2.0\smartprintsetup.exe (Hewlett-Packard)
    O9 - Extra Button: Dashlane Button - {40354A83-504E-4611-ACAE-3D137F6F595E} - C:\Users\DelektoJA\AppData\Roaming\Dashlane\bin\Dashlanei.dll (Dashlane)
    O9 - Extra Button: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
    O9 - Extra Button: @C:\Program Files (x86)\Evernote\Evernote\Resource.dll,-101 - {A95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\Program Files (x86)\Evernote\Evernote\EvernoteIE.dll (Evernote Corp., 333 W Evelyn Ave. Mountain View, CA 94041)
    O9 - Extra 'Tools' menuitem : @C:\Program Files (x86)\Evernote\Evernote\Resource.dll,-101 - {A95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\Program Files (x86)\Evernote\Evernote\EvernoteIE.dll (Evernote Corp., 333 W Evelyn Ave. Mountain View, CA 94041)
    O9 - Extra 'Tools' menuitem : Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Program Files (x86)\Spybot - Search & Destroy\SDHelper.dll (Safer Networking Limited)
    O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000009 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
    O10 - NameSpace_Catalog5\Catalog_Entries\000000000009 [] - C:\Program Files (x86)\Bonjour\mdnsNSP.dll (Apple Inc.)
    O13 - gopher Prefix: missing
    O16:64bit: - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab (Java Plug-in 1.6.0_31)
    O16:64bit: - DPF: {CAFEEFAC-0016-0000-0031-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab (Java Plug-in 1.6.0_31)
    O16:64bit: - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab (Reg Error: Key error.)
    O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab (Reg Error: Value error.)
    O16 - DPF: {C345E174-3E87-4F41-A01C-B066A90A49B4} http://trial.trymicrosoftoffice.com/trialoaa/buymsoffice_assets/framework/microsoft/wrc32.ocx (WRC Class)
    O16 - DPF: {CAFEEFAC-0016-0000-0015-ABCDEFFEDCBA} Reg Error: Value error. (Java Plug-in 1.6.0_15)
    O16 - DPF: {CAFEEFAC-0016-0000-0031-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab (Java Plug-in 1.6.0_31)
    O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab (Java Plug-in 10.13.2)
    O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab (Shockwave Flash Object)
    O16 - DPF: {E6F480FC-BD44-4CBA-B74A-89AF7842937D} http://content.systemrequirementslab.com.s3.amazonaws.com/global/bin/srldetect_cyri_4.4.26.0.cab (SysInfo Class)
    O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 144.75.4.215 144.75.4.216 144.75.4.221
    O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{13B10A51-0F91-4667-9FB5-8185A39058BC}: DhcpNameServer = 192.168.1.1
    O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{6D33B7DB-8CE0-4CF4-A58A-D964E255ED8D}: DhcpNameServer = 144.75.4.215 144.75.4.216 144.75.4.221
    O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{FF4A7A8C-55E7-4033-8837-0A2B0BB39F1A}: DhcpNameServer = 192.168.42.129
    O18:64bit: - Protocol\Handler\livecall - No CLSID value found
    O18:64bit: - Protocol\Handler\ms-help - No CLSID value found
    O18:64bit: - Protocol\Handler\ms-itss - No CLSID value found
    O18:64bit: - Protocol\Handler\msnim - No CLSID value found
    O18:64bit: - Protocol\Handler\mso-offdap11 - No CLSID value found
    O18:64bit: - Protocol\Handler\skype4com - No CLSID value found
    O18:64bit: - Protocol\Handler\skype-ie-addon-data - No CLSID value found
    O18:64bit: - Protocol\Handler\wlmailhtml - No CLSID value found
    O18:64bit: - Protocol\Handler\wlpg - No CLSID value found
    O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
    O18 - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
    O20:64bit: - HKLM Winlogon: Shell - (Explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
    O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
    O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
    O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysWOW64\userinit.exe (Microsoft Corporation)
    O20 - Winlogon\Notify\igfxcui: DllName - (Reg Error: Value error.) - Reg Error: Value error. File not found
    O20 - Winlogon\Notify\LBTWlgn: DllName - (Reg Error: Value error.) - Reg Error: Value error. File not found
    O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
    O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
    O32 - HKLM CDRom: AutoRun - 1
    O34 - HKLM BootExecute: (autocheck autochk *)
    O35:64bit: - HKLM\..comfile [open] -- "%1" %*
    O35:64bit: - HKLM\..exefile [open] -- "%1" %*
    O35 - HKLM\..comfile [open] -- "%1" %*
    O35 - HKLM\..exefile [open] -- "%1" %*
    O37:64bit: - HKLM\...com [@ = ComFile] -- "%1" %*
    O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
    O37 - HKLM\...com [@ = ComFile] -- "%1" %*
    O37 - HKLM\...exe [@ = exefile] -- "%1" %*
    O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
    O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
    O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)
     
    ========== Files/Folders - Created Within 30 Days ==========
     
    [2013/02/23 21:05:57 | 000,602,112 | ---- | C] (OldTimer Tools) -- C:\Users\DelektoJA\Desktop\OTL.exe
    [2013/02/23 10:04:31 | 000,000,000 | ---D | C] -- C:\Users\DelektoJA\AppData\Local\TempSWBackupDirectory
    [2013/02/23 09:52:16 | 000,000,000 | ---D | C] -- C:\Users\DelektoJA\Desktop\virus_crap
    [2013/02/22 22:58:58 | 000,000,000 | ---D | C] -- C:\Users\DelektoJA\AppData\Roaming\help_images_otherUI
    [2013/02/22 22:56:22 | 000,000,000 | ---D | C] -- C:\SolidWorks Data (2)
    [2013/02/22 22:52:36 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SolidWorks 2012
    [2013/02/22 22:39:08 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\SolidWorks Shared
    [2013/02/22 22:38:17 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Macrovision Shared
    [2013/02/22 22:13:32 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Macrovision Shared
    [2013/02/22 21:36:16 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Secunia
    [2013/02/22 19:18:37 | 000,000,000 | ---D | C] -- C:\Windows\temp
    [2013/02/22 18:49:02 | 000,518,144 | ---- | C] (SteelWerX) -- C:\Windows\SWREG.exe
    [2013/02/22 18:49:02 | 000,406,528 | ---- | C] (SteelWerX) -- C:\Windows\SWSC.exe
    [2013/02/22 18:49:02 | 000,060,416 | ---- | C] (NirSoft) -- C:\Windows\NIRCMD.exe
    [2013/02/22 18:46:56 | 000,000,000 | ---D | C] -- C:\Qoobox
    [2013/02/22 18:46:21 | 000,000,000 | R--D | C] -- C:\Users\DelektoJA\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
    [2013/02/22 18:46:21 | 000,000,000 | R--D | C] -- C:\Users\DelektoJA\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools
    [2013/02/22 18:45:59 | 000,000,000 | ---D | C] -- C:\Windows\erdnt
    [2013/02/22 18:44:43 | 005,034,320 | R--- | C] (Swearware) -- C:\Users\DelektoJA\Desktop\ComboFix.exe
    [2013/02/22 15:03:54 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HitmanPro
    [2013/02/21 15:46:53 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Start Menu X
    [2013/02/21 15:46:28 | 000,000,000 | ---D | C] -- C:\ProgramData\StartMenuX
    [2013/02/21 15:46:27 | 000,000,000 | ---D | C] -- C:\Users\DelektoJA\AppData\Roaming\StartMenuX
    [2013/02/21 15:46:27 | 000,000,000 | ---D | C] -- C:\Program Files\Start Menu X
    [2013/02/19 22:32:40 | 000,000,000 | ---D | C] -- C:\Users\DelektoJA\AppData\Local\Immunet
    [2013/02/19 22:21:22 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\FileASSASSIN
    [2013/02/19 22:21:22 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\FileASSASSIN
    [2013/02/18 15:00:58 | 000,000,000 | ---D | C] -- C:\Users\DelektoJA\4GB STORAGE
    [2013/02/16 12:47:13 | 000,000,000 | ---D | C] -- C:\Users\DelektoJA\AppData\Local\CrashRpt
    [2013/02/15 22:24:17 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SIW
    [2013/02/15 22:23:50 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\SIW 2011 Home Edition
    [2013/02/15 21:53:20 | 000,054,728 | ---- | C] (Soluto LTD.) -- C:\Windows\SysNative\drivers\Soluto.sys
    [2013/02/15 21:52:48 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Soluto
    [2013/02/15 21:52:48 | 000,000,000 | ---D | C] -- C:\Program Files\Soluto
    [2013/02/15 21:46:35 | 000,000,000 | ---D | C] -- C:\ProgramData\Soluto
    [2013/02/15 08:49:33 | 000,000,000 | ---D | C] -- C:\Program Files\HitmanPro
    [2013/02/15 08:48:47 | 000,000,000 | ---D | C] -- C:\ProgramData\HitmanPro
    [2013/02/12 16:22:29 | 000,000,000 | ---D | C] -- C:\Users\DelektoJA\.zenmap
    [2013/02/12 16:14:12 | 000,000,000 | ---D | C] -- C:\Users\DelektoJA\AppData\Local\bdch
    [2013/02/12 16:14:00 | 000,000,000 | ---D | C] -- C:\ProgramData\bdch
    [2013/02/07 14:38:07 | 000,000,000 | ---D | C] -- C:\ProgramData\PDF reDirect
    [2013/02/07 14:37:46 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PDF reDirect v2
    [2013/02/07 14:36:31 | 000,000,000 | ---D | C] -- C:\Users\DelektoJA\AppData\Roaming\PrimoPDF
    [2013/02/07 14:35:59 | 000,000,000 | ---D | C] -- C:\Users\DelektoJA\AppData\Roaming\PDF reDirect
    [2013/02/07 14:35:48 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\PDF reDirect
    [2013/02/07 14:34:41 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Nitro PDF
    [2013/02/07 14:31:24 | 000,000,000 | R--D | C] -- C:\Users\DelektoJA\Favorites
    [2013/02/07 07:15:22 | 000,018,456 | ---- | C] (Secunia) -- C:\Windows\SysNative\drivers\psi_mf_amd64.sys
    [2013/02/06 20:06:18 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Mozilla Firefox
    [2013/02/02 22:01:46 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft Security Client
    [2013/02/02 22:01:27 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft Security Client
    [2013/02/02 20:40:39 | 000,076,944 | ---- | C] (BitDefender) -- C:\Windows\SysNative\drivers\bdvedisk.sys
    [2013/02/02 20:06:38 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Bitdefender 2013
    [2013/02/02 20:06:25 | 000,000,000 | ---D | C] -- C:\ProgramData\BDLogging
    [2013/02/02 20:06:13 | 000,093,160 | ---- | C] (BitDefender LLC) -- C:\Windows\SysNative\drivers\BdfNdisf6.sys
    [2013/02/02 20:06:13 | 000,082,384 | ---- | C] (BitDefender SRL) -- C:\Windows\SysNative\drivers\bdsandbox.sys
    [2013/02/02 20:06:03 | 000,589,000 | ---- | C] (BitDefender) -- C:\Windows\SysNative\drivers\avckf.sys
    [2013/02/02 20:06:03 | 000,261,056 | ---- | C] (BitDefender) -- C:\Windows\SysNative\drivers\avchv.sys
    [2013/02/02 20:06:02 | 000,707,528 | ---- | C] (BitDefender) -- C:\Windows\SysNative\drivers\avc3.sys
    [2013/02/02 20:00:00 | 000,000,000 | ---D | C] -- C:\Users\DelektoJA\AppData\Roaming\Bitdefender
    [2013/02/02 19:59:53 | 000,000,000 | ---D | C] -- C:\ProgramData\Bitdefender
    [2013/02/02 19:56:20 | 000,000,000 | ---D | C] -- C:\Users\DelektoJA\AppData\Roaming\QuickScan
    [2013/02/02 19:53:58 | 000,350,160 | ---- | C] (BitDefender S.R.L.) -- C:\Windows\SysNative\drivers\trufos.sys
    [2013/02/02 19:53:58 | 000,145,696 | ---- | C] (BitDefender LLC) -- C:\Windows\SysNative\drivers\gzflt.sys
    [2013/02/02 19:53:58 | 000,000,000 | ---D | C] -- C:\Program Files\Bitdefender
    [2013/02/02 19:47:23 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Bitdefender
    [2013/02/01 22:55:40 | 000,000,000 | ---D | C] -- C:\Users\DelektoJA\AppData\Local\{FD5796EC-E42B-4B19-8BA3-A6A2EA084405}
    [2013/02/01 22:55:23 | 000,000,000 | ---D | C] -- C:\Users\DelektoJA\Tracing
    [2013/02/01 22:01:24 | 000,000,000 | ---D | C] -- C:\Users\DelektoJA\dwhelper
    [2013/02/01 21:56:40 | 000,000,000 | ---D | C] -- C:\Users\DelektoJA\AppData\Local\Macromedia
    [2013/02/01 21:46:38 | 000,000,000 | ---D | C] -- C:\Users\DelektoJA\AppData\Local\Mozilla
    [2013/02/01 21:07:04 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Mozilla Maintenance Service
    [2013/02/01 21:07:04 | 000,000,000 | ---D | C] -- C:\ProgramData\Mozilla
    [2013/01/31 12:16:55 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CyberLink PhotoDirector 3
    [2013/01/29 23:07:15 | 000,000,000 | ---D | C] -- C:\Users\DelektoJA\AppData\Local\Mathsoft
    [2013/01/29 23:05:58 | 000,000,000 | ---D | C] -- C:\Users\DelektoJA\AppData\Roaming\PTC
    [2013/01/29 23:05:34 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\PTC
    [2013/01/29 23:02:17 | 000,000,000 | ---D | C] -- C:\Users\DelektoJA\AppData\Roaming\Mathsoft
    [2013/01/29 23:01:27 | 000,000,000 | ---D | C] -- C:\Users\DelektoJA\AppData\Local\PTC
    [2013/01/29 18:02:47 | 000,000,000 | ---D | C] -- C:\Users\DelektoJA\Documents\Pavtube
    [2013/01/29 18:02:47 | 000,000,000 | ---D | C] -- C:\Users\DelektoJA\AppData\Roaming\Pavtube
    [2013/01/29 17:59:57 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Pavtube
    [2013/01/29 17:59:09 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Pavtube
    [2013/01/26 07:51:23 | 000,565,232 | ---- | C] (Hola Networks Ltd.) -- C:\Windows\SysNative\drivers\hola_drv.sys
    [2013/01/26 07:51:23 | 000,086,128 | ---- | C] (Hola Networks Ltd.) -- C:\Windows\SysNative\drivers\hola_mon_drv.sys
    [2013/01/26 07:51:21 | 000,086,384 | ---- | C] (Hola Networks Ltd.) -- C:\Windows\SysNative\drivers\hola_net.sys
    [2013/01/26 07:45:21 | 000,000,000 | ---D | C] -- C:\Program Files\Hola
    [2013/01/25 08:36:44 | 000,000,000 | ---D | C] -- C:\Users\DelektoJA\AppData\Local\arw
    [2013/01/25 08:36:39 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Audio Record Wizard
    [2013/01/25 08:36:33 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Audio Record Wizard
    [1 C:\Windows\SysNative\drivers\*.tmp files -> C:\Windows\SysNative\drivers\*.tmp -> ]
    [1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]
     
    ========== Files - Modified Within 30 Days ==========
     
    [2013/02/23 21:10:00 | 000,000,924 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-2480015556-130784185-1519286648-1001UA.job
    [2013/02/23 21:06:16 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\DelektoJA\Desktop\OTL.exe
    [2013/02/23 21:05:03 | 000,000,924 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-2480015556-130784185-1519286648-1001UA1ce084f66cf16b4.job
    [2013/02/23 21:04:07 | 000,000,904 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
    [2013/02/23 20:58:02 | 000,000,830 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
    [2013/02/23 18:21:30 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
    [2013/02/23 16:10:00 | 000,000,872 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-2480015556-130784185-1519286648-1001Core.job
    [2013/02/23 11:45:13 | 005,034,320 | R--- | M] (Swearware) -- C:\Users\DelektoJA\Desktop\ComboFix.exe
    [2013/02/23 09:24:44 | 000,026,192 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
    [2013/02/23 09:24:44 | 000,026,192 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
    [2013/02/23 09:14:45 | 3063,046,144 | -HS- | M] () -- C:\hiberfil.sys
    [2013/02/23 09:13:50 | 000,003,288 | ---- | M] () -- C:\bootsqm.dat
    [2013/02/23 07:05:05 | 000,000,872 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-2480015556-130784185-1519286648-1001Core1ce084f5ff7207d.job
    [2013/02/22 23:47:19 | 005,035,560 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT
    [2013/02/22 22:52:37 | 000,002,751 | ---- | M] () -- C:\Users\DelektoJA\Application Data\Microsoft\Internet Explorer\Quick Launch\SolidWorks 2012 x64 Edition.lnk
    [2013/02/22 21:52:02 | 000,001,029 | ---- | M] () -- C:\Users\DelektoJA\Desktop\Secunia PSI.lnk
    [2013/02/22 21:41:19 | 000,001,435 | ---- | M] () -- C:\Users\DelektoJA\Desktop\delektoja (sorrel1) (M).lnk
    [2013/02/22 21:36:23 | 000,001,066 | ---- | M] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Secunia PSI Tray.lnk
    [2013/02/22 19:11:54 | 000,000,027 | ---- | M] () -- C:\Windows\SysNative\drivers\etc\hosts
    [2013/02/22 15:11:10 | 000,000,646 | ---- | M] () -- C:\Windows\SysNative\.crusader
    [2013/02/22 15:03:55 | 000,001,893 | ---- | M] () -- C:\Users\Public\Desktop\HitmanPro.lnk
    [2013/02/21 23:32:31 | 000,390,844 | ---- | M] () -- C:\Users\DelektoJA\Desktop\Commandants-Professional-Reading-List-All-Hands.pdf
    [2013/02/21 17:12:57 | 000,676,676 | ---- | M] () -- C:\Users\DelektoJA\moto.jpg
    [2013/02/21 17:12:57 | 000,003,399 | ---- | M] () -- C:\Users\DelektoJA\.recently-used.xbel
    [2013/02/21 16:53:37 | 000,222,658 | ---- | M] () -- C:\Users\DelektoJA\okinawa.jpg
    [2013/02/21 00:11:38 | 000,783,334 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
    [2013/02/21 00:11:38 | 000,663,434 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
    [2013/02/21 00:11:38 | 000,122,270 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
    [2013/02/19 22:32:04 | 000,000,000 | -H-- | M] () -- C:\Windows\SysNative\drivers\Msft_Kernel_ImmunetNetworkMonitor_01009.Wdf
    [2013/02/19 21:55:29 | 000,007,642 | ---- | M] () -- C:\Users\DelektoJA\AppData\Local\Resmon.ResmonCfg
    [2013/02/18 15:17:00 | 000,000,900 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
    [2013/02/18 15:17:00 | 000,000,554 | ---- | M] () -- C:\Windows\tasks\MATLAB R2012b Startup Accelerator.job
    [2013/02/15 23:48:26 | 000,000,682 | ---- | M] () -- C:\bdr-cf01
    [2013/02/15 22:00:52 | 000,001,945 | ---- | M] () -- C:\Windows\epplauncher.mif
    [2013/02/15 21:55:59 | 000,000,098 | ---- | M] () -- C:\ProgramData\Microsoft.SqlServer.Compact.351.64.bc
    [2013/02/11 23:13:03 | 000,000,348 | ---- | M] () -- C:\Windows\tasks\HPCeeScheduleForDelektoJA.job
    [2013/02/07 07:15:22 | 000,018,456 | ---- | M] (Secunia) -- C:\Windows\SysNative\drivers\psi_mf_amd64.sys
    [2013/02/04 00:13:24 | 000,000,385 | ---- | M] () -- C:\Windows\SysNative\user_gensett.xml
    [2013/02/03 19:32:42 | 000,054,728 | ---- | M] (Soluto LTD.) -- C:\Windows\SysNative\drivers\Soluto.sys
    [2013/02/02 20:40:39 | 000,076,944 | ---- | M] (BitDefender) -- C:\Windows\SysNative\drivers\bdvedisk.sys
    [2013/02/02 20:07:02 | 000,253,404 | ---- | M] () -- C:\bdr-ld01
    [2013/02/02 20:07:02 | 000,009,216 | ---- | M] () -- C:\bdr-ld01.mbr
    [2013/02/02 20:06:38 | 000,000,000 | -H-- | M] () -- C:\Windows\SysNative\drivers\Msft_Kernel_avchv_01009.Wdf
    [2013/01/29 22:45:36 | 000,001,986 | ---- | M] () -- C:\Users\Public\Desktop\Mathcad 15.lnk
    [2013/01/26 15:22:31 | 000,565,232 | ---- | M] (Hola Networks Ltd.) -- C:\Windows\SysNative\drivers\hola_drv.sys
    [2013/01/26 15:22:31 | 000,086,384 | ---- | M] (Hola Networks Ltd.) -- C:\Windows\SysNative\drivers\hola_net.sys
    [2013/01/26 15:22:31 | 000,086,128 | ---- | M] (Hola Networks Ltd.) -- C:\Windows\SysNative\drivers\hola_mon_drv.sys
    [1 C:\Windows\SysNative\drivers\*.tmp files -> C:\Windows\SysNative\drivers\*.tmp -> ]
    [1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]
     
    ========== Files Created - No Company Name ==========
     
    [2013/02/23 09:13:50 | 000,003,288 | ---- | C] () -- C:\bootsqm.dat
    [2013/02/22 22:52:36 | 000,002,751 | ---- | C] () -- C:\Users\DelektoJA\Application Data\Microsoft\Internet Explorer\Quick Launch\SolidWorks 2012 x64 Edition.lnk
    [2013/02/22 21:52:09 | 000,001,029 | ---- | C] () -- C:\Users\DelektoJA\Desktop\Secunia PSI.lnk
    [2013/02/22 21:36:23 | 000,001,066 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Secunia PSI Tray.lnk
    [2013/02/22 21:36:23 | 000,001,029 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Secunia PSI.lnk
    [2013/02/22 18:49:02 | 000,256,000 | ---- | C] () -- C:\Windows\PEV.exe
    [2013/02/22 18:49:02 | 000,208,896 | ---- | C] () -- C:\Windows\MBR.exe
    [2013/02/22 18:49:02 | 000,098,816 | ---- | C] () -- C:\Windows\sed.exe
    [2013/02/22 18:49:02 | 000,080,412 | ---- | C] () -- C:\Windows\grep.exe
    [2013/02/22 18:49:02 | 000,068,096 | ---- | C] () -- C:\Windows\zip.exe
    [2013/02/22 15:11:10 | 000,000,646 | ---- | C] () -- C:\Windows\SysNative\.crusader
    [2013/02/22 15:03:55 | 000,001,893 | ---- | C] () -- C:\Users\Public\Desktop\HitmanPro.lnk
    [2013/02/21 23:32:20 | 000,390,844 | ---- | C] () -- C:\Users\DelektoJA\Desktop\Commandants-Professional-Reading-List-All-Hands.pdf
    [2013/02/21 17:12:57 | 000,676,676 | ---- | C] () -- C:\Users\DelektoJA\moto.jpg
    [2013/02/21 17:12:57 | 000,003,399 | ---- | C] () -- C:\Users\DelektoJA\.recently-used.xbel
    [2013/02/21 16:53:21 | 000,222,658 | ---- | C] () -- C:\Users\DelektoJA\okinawa.jpg
    [2013/02/19 22:32:04 | 000,000,000 | -H-- | C] () -- C:\Windows\SysNative\drivers\Msft_Kernel_ImmunetNetworkMonitor_01009.Wdf
    [2013/02/15 21:55:59 | 000,000,098 | ---- | C] () -- C:\ProgramData\Microsoft.SqlServer.Compact.351.64.bc
    [2013/02/11 07:00:36 | 000,000,924 | ---- | C] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-2480015556-130784185-1519286648-1001UA1ce084f66cf16b4.job
    [2013/02/11 07:00:24 | 000,000,872 | ---- | C] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-2480015556-130784185-1519286648-1001Core1ce084f5ff7207d.job
    [2013/02/07 14:34:46 | 000,095,008 | ---- | C] () -- C:\Windows\SysNative\Primomonnt.dll
    [2013/02/04 00:13:24 | 000,000,385 | ---- | C] () -- C:\Windows\SysNative\user_gensett.xml
    [2013/02/02 22:02:05 | 000,001,915 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Security Essentials.lnk
    [2013/02/02 20:07:02 | 000,000,682 | ---- | C] () -- C:\bdr-cf01
    [2013/02/02 20:06:38 | 000,000,000 | -H-- | C] () -- C:\Windows\SysNative\drivers\Msft_Kernel_avchv_01009.Wdf
    [2013/02/02 19:59:52 | 002,510,608 | ---- | C] () -- C:\bdr-bz01
    [2013/02/02 19:59:52 | 000,009,216 | ---- | C] () -- C:\bdr-ld01.mbr
    [2013/02/02 19:59:51 | 037,133,532 | -H-- | C] () -- C:\bdr-im01.gz
    [2013/02/02 19:59:51 | 000,253,404 | ---- | C] () -- C:\bdr-ld01
    [2013/02/01 21:07:07 | 000,001,119 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
    [2013/01/30 08:12:13 | 000,002,441 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader XI.lnk
    [2013/01/29 22:45:36 | 000,001,986 | ---- | C] () -- C:\Users\Public\Desktop\Mathcad 15.lnk
    [2013/01/15 19:18:27 | 000,016,384 | ---- | C] () -- C:\Windows\SysWow64\FileOps.exe
    [2013/01/09 11:04:06 | 000,000,057 | ---- | C] () -- C:\ProgramData\Ament.ini
    [2012/12/15 23:27:14 | 000,191,336 | ---- | C] () -- C:\Users\DelektoJA\UiWXR.jpg
    [2012/12/12 12:43:54 | 000,216,432 | ---- | C] () -- C:\Users\DelektoJA\VDOT_calc.jpg
    [2012/11/29 18:24:14 | 000,057,344 | ---- | C] () -- C:\Windows\SysWow64\ff_vfw.dll
    [2012/10/14 10:52:24 | 000,076,800 | ---- | C] () -- C:\Windows\SysWow64\Faac.exe
    [2012/10/14 10:52:23 | 000,157,696 | ---- | C] () -- C:\Windows\SysWow64\OggEnc.exe
    [2012/10/14 10:52:23 | 000,145,408 | ---- | C] () -- C:\Windows\SysWow64\Lame.exe
    [2012/10/14 10:52:14 | 000,131,072 | ---- | C] () -- C:\Windows\SysWow64\azcontextmenu.dll
    [2012/10/01 13:32:15 | 000,237,082 | ---- | C] () -- C:\Users\DelektoJA\AppData\Local\census.cache
    [2012/10/01 13:31:51 | 000,152,256 | ---- | C] () -- C:\Users\DelektoJA\AppData\Local\ars.cache
    [2012/10/01 12:41:25 | 000,000,036 | ---- | C] () -- C:\Users\DelektoJA\AppData\Local\housecall.guid.cache
    [2012/09/02 18:25:23 | 000,002,560 | ---- | C] () -- C:\Windows\_MSRSTRT.EXE
    [2011/10/17 21:45:08 | 1073,741,823 | ---- | C] () -- C:\Users\DelektoJA\TheVault
    [2011/09/28 16:44:14 | 000,179,271 | ---- | C] () -- C:\Windows\SysWow64\xlive.dll.cat
    [2011/04/30 15:36:30 | 002,434,856 | ---- | C] () -- C:\Windows\SysWow64\pbsvc_bc2.exe
    [2011/03/08 15:34:42 | 000,000,036 | ---- | C] () -- C:\Windows\webica.ini
    [2010/06/24 21:01:02 | 000,007,642 | ---- | C] () -- C:\Users\DelektoJA\AppData\Local\Resmon.ResmonCfg
    [2010/06/20 14:48:49 | 000,000,000 | ---- | C] () -- C:\Users\DelektoJA\AppData\Roaming\wklnhst.dat
     
    ========== ZeroAccess Check ==========
     
    [2009/07/13 23:55:00 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini
     
    [HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
     
    [HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
     
    [HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] /64
     
    [HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]
     
    [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
    "" = C:\Windows\SysNative\shell32.dll -- [2012/06/09 00:43:10 | 014,172,672 | ---- | M] (Microsoft Corporation)
    "ThreadingModel" = Apartment
     
    [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
    "" = %SystemRoot%\system32\shell32.dll -- [2012/06/08 23:41:00 | 012,873,728 | ---- | M] (Microsoft Corporation)
    "ThreadingModel" = Apartment
     
    [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] /64
    "" = C:\Windows\SysNative\wbem\fastprox.dll -- [2009/07/13 20:40:51 | 000,909,312 | ---- | M] (Microsoft Corporation)
    "ThreadingModel" = Free
     
    [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
    "" = %systemroot%\system32\wbem\fastprox.dll -- [2010/11/20 07:19:02 | 000,606,208 | ---- | M] (Microsoft Corporation)
    "ThreadingModel" = Free
     
    [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] /64
    "" = C:\Windows\SysNative\wbem\wbemess.dll -- [2009/07/13 20:41:56 | 000,505,856 | ---- | M] (Microsoft Corporation)
    "ThreadingModel" = Both
     
    [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]
     
    ========== LOP Check ==========
     
    [2010/12/15 14:13:03 | 000,000,000 | ---D | M] -- C:\Users\DelektoJA\AppData\Roaming\.minecraft
    [2012/10/13 00:01:05 | 000,000,000 | ---D | M] -- C:\Users\DelektoJA\AppData\Roaming\1-abc
    [2012/08/22 10:27:20 | 000,000,000 | ---D | M] -- C:\Users\DelektoJA\AppData\Roaming\Amazon
    [2012/09/26 17:29:35 | 000,000,000 | ---D | M] -- C:\Users\DelektoJA\AppData\Roaming\AVG2012
    [2011/06/10 10:07:48 | 000,000,000 | ---D | M] -- C:\Users\DelektoJA\AppData\Roaming\Azureus
    [2013/02/02 20:00:00 | 000,000,000 | ---D | M] -- C:\Users\DelektoJA\AppData\Roaming\Bitdefender
    [2012/11/15 16:26:17 | 000,000,000 | ---D | M] -- C:\Users\DelektoJA\AppData\Roaming\calibre
    [2012/05/29 15:53:35 | 000,000,000 | ---D | M] -- C:\Users\DelektoJA\AppData\Roaming\Canon
    [2012/07/31 17:47:01 | 000,000,000 | ---D | M] -- C:\Users\DelektoJA\AppData\Roaming\chc.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1
    [2010/12/18 21:05:17 | 000,000,000 | ---D | M] -- C:\Users\DelektoJA\AppData\Roaming\CheckPoint
    [2012/02/01 14:59:17 | 000,000,000 | ---D | M] -- C:\Users\DelektoJA\AppData\Roaming\com.adobe.mauby.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1
    [2012/10/03 20:44:01 | 000,000,000 | -HSD | M] -- C:\Users\DelektoJA\AppData\Roaming\Common
    [2011/06/27 15:06:05 | 000,000,000 | ---D | M] -- C:\Users\DelektoJA\AppData\Roaming\DAEMON Tools Lite
    [2013/02/06 17:01:30 | 000,000,000 | ---D | M] -- C:\Users\DelektoJA\AppData\Roaming\Dashlane
    [2010/10/20 21:28:42 | 000,000,000 | ---D | M] -- C:\Users\DelektoJA\AppData\Roaming\DassaultSystemes
    [2012/10/05 14:09:34 | 000,000,000 | ---D | M] -- C:\Users\DelektoJA\AppData\Roaming\Digiarty
    [2011/06/19 10:58:11 | 000,000,000 | ---D | M] -- C:\Users\DelektoJA\AppData\Roaming\DiskSpaceFan
    [2012/09/28 20:41:54 | 000,000,000 | ---D | M] -- C:\Users\DelektoJA\AppData\Roaming\Dropbox
    [2013/01/29 18:05:04 | 000,000,000 | ---D | M] -- C:\Users\DelektoJA\AppData\Roaming\DVDVideoSoft
    [2010/10/06 13:45:58 | 000,000,000 | ---D | M] -- C:\Users\DelektoJA\AppData\Roaming\EDrawings
    [2012/09/10 14:39:25 | 000,000,000 | ---D | M] -- C:\Users\DelektoJA\AppData\Roaming\ESET
    [2012/11/08 08:57:41 | 000,000,000 | ---D | M] -- C:\Users\DelektoJA\AppData\Roaming\GameFly
    [2012/12/10 14:52:31 | 000,000,000 | ---D | M] -- C:\Users\DelektoJA\AppData\Roaming\GitHub
    [2011/01/21 20:38:47 | 000,000,000 | ---D | M] -- C:\Users\DelektoJA\AppData\Roaming\GlarySoft
    [2012/05/08 21:28:41 | 000,000,000 | ---D | M] -- C:\Users\DelektoJA\AppData\Roaming\Gmote
    [2013/02/21 17:12:57 | 000,000,000 | ---D | M] -- C:\Users\DelektoJA\AppData\Roaming\gtk-2.0
    [2013/01/02 20:55:33 | 000,000,000 | ---D | M] -- C:\Users\DelektoJA\AppData\Roaming\HandBrake
    [2011/03/08 15:52:29 | 000,000,000 | ---D | M] -- C:\Users\DelektoJA\AppData\Roaming\ICAClient
    [2012/05/07 17:07:12 | 000,000,000 | ---D | M] -- C:\Users\DelektoJA\AppData\Roaming\ImgBurn
    [2011/06/14 16:23:29 | 000,000,000 | ---D | M] -- C:\Users\DelektoJA\AppData\Roaming\IObit
    [2012/04/10 14:10:49 | 000,000,000 | ---D | M] -- C:\Users\DelektoJA\AppData\Roaming\IrfanView
    [2010/06/26 23:26:07 | 000,000,000 | ---D | M] -- C:\Users\DelektoJA\AppData\Roaming\Leadertech
    [2013/01/29 23:02:17 | 000,000,000 | ---D | M] -- C:\Users\DelektoJA\AppData\Roaming\Mathsoft
    [2012/08/17 13:09:47 | 000,000,000 | ---D | M] -- C:\Users\DelektoJA\AppData\Roaming\MediaMonkey
    [2011/11/26 16:51:08 | 000,000,000 | ---D | M] -- C:\Users\DelektoJA\AppData\Roaming\Mobipocket
    [2012/01/09 10:16:23 | 000,000,000 | ---D | M] -- C:\Users\DelektoJA\AppData\Roaming\Motorola
    [2010/08/18 23:48:30 | 000,000,000 | ---D | M] -- C:\Users\DelektoJA\AppData\Roaming\NCH Swift Sound
    [2013/02/15 21:18:33 | 000,000,000 | ---D | M] -- C:\Users\DelektoJA\AppData\Roaming\Notepad++
    [2011/04/06 21:10:32 | 000,000,000 | ---D | M] -- C:\Users\DelektoJA\AppData\Roaming\ooVoo Details
    [2012/12/05 18:32:02 | 000,000,000 | ---D | M] -- C:\Users\DelektoJA\AppData\Roaming\Origin
    [2013/01/29 18:02:47 | 000,000,000 | ---D | M] -- C:\Users\DelektoJA\AppData\Roaming\Pavtube
    [2013/02/07 14:38:07 | 000,000,000 | ---D | M] -- C:\Users\DelektoJA\AppData\Roaming\PDF reDirect
    [2011/09/29 17:48:42 | 000,000,000 | ---D | M] -- C:\Users\DelektoJA\AppData\Roaming\PhotoScape
    [2013/02/07 14:36:31 | 000,000,000 | ---D | M] -- C:\Users\DelektoJA\AppData\Roaming\PrimoPDF
    [2013/01/29 23:07:19 | 000,000,000 | ---D | M] -- C:\Users\DelektoJA\AppData\Roaming\PTC
    [2013/02/02 19:56:20 | 000,000,000 | ---D | M] -- C:\Users\DelektoJA\AppData\Roaming\QuickScan
    [2012/04/19 07:15:57 | 000,000,000 | ---D | M] -- C:\Users\DelektoJA\AppData\Roaming\Rainmeter
    [2013/02/23 21:05:27 | 000,000,000 | ---D | M] -- C:\Users\DelektoJA\AppData\Roaming\Spotify
    [2011/12/31 13:47:58 | 000,000,000 | ---D | M] -- C:\Users\DelektoJA\AppData\Roaming\StageManager.BD092818F67280F4B42B04877600987F0111B594.1
    [2013/02/21 15:47:04 | 000,000,000 | ---D | M] -- C:\Users\DelektoJA\AppData\Roaming\StartMenuX
    [2012/11/22 08:19:50 | 000,000,000 | ---D | M] -- C:\Users\DelektoJA\AppData\Roaming\Subversion
    [2012/07/15 22:04:09 | 000,000,000 | ---D | M] -- C:\Users\DelektoJA\AppData\Roaming\SumatraPDF
    [2012/12/01 00:12:18 | 000,000,000 | ---D | M] -- C:\Users\DelektoJA\AppData\Roaming\SystemRequirementsLab
    [2012/01/17 07:49:10 | 000,000,000 | ---D | M] -- C:\Users\DelektoJA\AppData\Roaming\Template
    [2012/02/18 07:55:46 | 000,000,000 | ---D | M] -- C:\Users\DelektoJA\AppData\Roaming\TeraCopy
    [2012/01/04 09:49:48 | 000,000,000 | ---D | M] -- C:\Users\DelektoJA\AppData\Roaming\TomTom
    [2013/01/17 16:31:16 | 000,000,000 | ---D | M] -- C:\Users\DelektoJA\AppData\Roaming\TrueCrypt
    [2011/04/09 16:51:42 | 000,000,000 | ---D | M] -- C:\Users\DelektoJA\AppData\Roaming\Trusteer
    [2013/01/03 11:46:20 | 000,000,000 | ---D | M] -- C:\Users\DelektoJA\AppData\Roaming\uTorrent
    [2013/01/07 21:43:30 | 000,000,000 | ---D | M] -- C:\Users\DelektoJA\AppData\Roaming\Wondershare
    [2012/11/19 14:37:34 | 000,000,000 | ---D | M] -- C:\Users\DelektoJA\AppData\Roaming\XBMC
    [2013/02/06 17:27:32 | 000,000,000 | ---D | M] -- C:\Users\DelektoJA\AppData\Roaming\XYplorer
     
    ========== Purity Check ==========
     
     
     
    ========== Files - Unicode (All) ==========
    [2013/02/22 22:12:44 | 000,000,000 | ---D | M](C:\Windows\SysWow64\??????????i?????) -- C:\Windows\SysWow64\㷘ʶ睩㷠ʶ㷠ʶĩ㷘ʶᓝ癷
    [2013/02/22 22:12:44 | 000,000,000 | ---D | C](C:\Windows\SysWow64\??????????i?????) -- C:\Windows\SysWow64\㷘ʶ睩㷠ʶ㷠ʶĩ㷘ʶᓝ癷
     
    ========== Alternate Data Streams ==========
     
    @Alternate Data Stream - 154 bytes -> C:\ProgramData\Temp:9341E0C6
     
    < End of report >

    OTL Extras logfile created on: 2/23/2013 9:08:52 PM - Run 1
    OTL by OldTimer - Version 3.2.69.0     Folder = C:\Users\DelektoJA\Desktop
    64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
    Internet Explorer (Version = 9.0.8112.16421)
    Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy
     
    3.80 Gb Total Physical Memory | 1.61 Gb Available Physical Memory | 42.35% Memory free
    7.61 Gb Paging File | 4.63 Gb Available in Paging File | 60.85% Paging File free
    Paging file location(s): ?:\pagefile.sys [binary data]
     
    %SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
    Drive C: | 452.34 Gb Total Space | 159.90 Gb Free Space | 35.35% Space Free | Partition Type: NTFS
    Drive D: | 13.13 Gb Total Space | 2.15 Gb Free Space | 16.40% Space Free | Partition Type: NTFS
    Drive E: | 99.02 Mb Total Space | 95.15 Mb Free Space | 96.09% Space Free | Partition Type: FAT32
    Drive I: | 199.00 Mb Total Space | 160.82 Mb Free Space | 80.81% Space Free | Partition Type: NTFS
    Drive M: | 110.00 Mb Total Space | 102.41 Mb Free Space | 93.10% Space Free | Partition Type: NTFS
    Drive T: | 984.74 Gb Total Space | 205.29 Gb Free Space | 20.85% Space Free | Partition Type: NTFS
     
    Computer Name: LINUXWANNABE-PC | User Name: DelektoJA | Logged in as Administrator.
    Boot Mode: Normal | Scan Mode: All users | Quick Scan | Include 64bit Scans
    Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days
     
    ========== Extra Registry (SafeList) ==========
     
     
    ========== File Associations ==========
     
    64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
    .html[@ = htmlfile] -- C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation)
    .url[@ = InternetShortcut] -- C:\Windows\SysNative\rundll32.exe (Microsoft Corporation)
     
    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
    .cpl [@ = cplfile] -- C:\Windows\SysWow64\control.exe (Microsoft Corporation)
    .html [@ = htmlfile] -- C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation)
     
    ========== Shell Spawning ==========
     
    64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
    batfile [open] -- "%1" %*
    cmdfile [open] -- "%1" %*
    comfile [open] -- "%1" %*
    exefile [open] -- "%1" %*
    helpfile [open] -- Reg Error: Key error.
    htmlfile [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
    htmlfile [opennew] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
    htmlfile [print] -- rundll32.exe %SystemRoot%\system32\mshtml.dll,PrintHTML "%1" (Microsoft Corporation)
    http [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
    inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
    InternetShortcut [open] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll",OpenURL %l (Microsoft Corporation)
    InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
    piffile [open] -- "%1" %*
    regfile [merge] -- Reg Error: Key error.
    scrfile [config] -- "%1"
    scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
    scrfile [open] -- "%1" /S
    txtfile [edit] -- Reg Error: Key error.
    Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
    Directory [AddToPlaylistVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" (VideoLAN)
    Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
    Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
    Directory [PlayWithVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" (VideoLAN)
    Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
    Folder [explore] -- Reg Error: Value error.
    Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
     
    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
    batfile [open] -- "%1" %*
    cmdfile [open] -- "%1" %*
    comfile [open] -- "%1" %*
    cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
    exefile [open] -- "%1" %*
    helpfile [open] -- Reg Error: Key error.
    htmlfile [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
    htmlfile [opennew] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
    http [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
    inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
    piffile [open] -- "%1" %*
    regfile [merge] -- Reg Error: Key error.
    scrfile [config] -- "%1"
    scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
    scrfile [open] -- "%1" /S
    txtfile [edit] -- Reg Error: Key error.
    Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
    Directory [AddToPlaylistVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" (VideoLAN)
    Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
    Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
    Directory [PlayWithVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" (VideoLAN)
    Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
    Folder [explore] -- Reg Error: Value error.
    Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
     
    ========== Security Center Settings ==========
     
    64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
    "cval" = 1
    "FirewallDisableNotify" = 0
    "AntiVirusDisableNotify" = 0
    "UpdatesDisableNotify" = 0
     
    64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
     
    64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
    "VistaSp1" = 28 4D B2 76 41 04 CA 01  [binary data]
    "AntiVirusOverride" = 0
    "AntiSpywareOverride" = 0
    "FirewallOverride" = 0
     
    64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]
     
    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
     
    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
     
    ========== System Restore Settings ==========
     
    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
    "DisableSR" = 0
     
    ========== Firewall Settings ==========
     
    64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall]
     
    64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\DomainProfile]
     
    64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\StandardProfile]
     
    [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall]
     
    [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\DomainProfile]
     
    [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\StandardProfile]
     
    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
    "DisableNotifications" = 0
    "EnableFirewall" = 1
     
    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
    "DisableNotifications" = 0
    "EnableFirewall" = 1
     
    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]
     
    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
    "DisableNotifications" = 0
    "EnableFirewall" = 1
     
    ========== Authorized Applications List ==========
     
    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]
     
    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
     
     
    ========== Vista Active Open Ports Exception List ==========
     
    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
    "{09F87BB7-55DC-4D4B-90ED-B10D4201F510}" = lport=2869 | protocol=6 | dir=in | app=system | 
    "{1DD2340E-5D0A-4C07-83AA-0A7EFCBEA184}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe | 
    "{241A200D-C27C-4948-8030-40646B772C6F}" = rport=2177 | protocol=17 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe | 
    "{24E60073-F285-42E5-8AD1-11523A242285}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe | 
    "{31F7C4B1-4BFA-4E2C-BD44-1D8641F535CF}" = lport=139 | protocol=6 | dir=in | app=system | 
    "{31FDDE9B-840C-4C3C-A866-F561A6AD7DFC}" = lport=445 | protocol=6 | dir=in | app=system | 
    "{34CB577F-9BBC-4E74-8BAA-214F52042D94}" = lport=137 | protocol=17 | dir=in | app=system | 
    "{42ACA2BE-6FF0-49F9-A090-49E0CD10A1AC}" = lport=6004 | protocol=17 | dir=in | app=c:\program files (x86)\microsoft office\office14\outlook.exe | 
    "{477C8859-E318-44F3-9444-C1EA7E5D57F0}" = rport=138 | protocol=17 | dir=out | app=system | 
    "{624F2940-B234-42BE-B69D-A5CEA25CE372}" = lport=1900 | protocol=17 | dir=in | name=windows live communications platform (ssdp) | 
    "{6B841559-C466-4EEF-AB55-68295D53D8F3}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe | 
    "{6E7C8D80-A02D-4DBB-8FB7-DC594F767648}" = lport=2869 | protocol=6 | dir=in | app=system | 
    "{735BB37C-6E3B-43D3-86C7-AF7F9E3E59E6}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=svchost.exe | 
    "{8D91004A-7F53-42C0-9136-0F9AEDA5C933}" = rport=10243 | protocol=6 | dir=out | app=system | 
    "{8F38943E-2852-4A52-B3A0-27128EC56CEC}" = lport=2177 | protocol=17 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe | 
    "{8FECE11F-EEF7-414C-9317-390DAFA13322}" = lport=10243 | protocol=6 | dir=in | app=system | 
    "{9926C93C-CEF3-4147-A263-8818830E4607}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe | 
    "{9C1390F5-7074-4DBD-9FA9-2A330532AA4B}" = rport=445 | protocol=6 | dir=out | app=system | 
    "{A6ECEF03-A689-4CCD-A8F5-965EAD90E272}" = lport=rpc | protocol=6 | dir=in | svc=spooler | app=%systemroot%\system32\spoolsv.exe | 
    "{A9903ACC-0EDE-4B7E-B53A-B7AFCFF9E722}" = lport=2869 | protocol=6 | dir=in | name=windows live communications platform (upnp) | 
    "{BCF58419-FD84-4EF6-9446-D696529F661C}" = lport=138 | protocol=17 | dir=in | app=system | 
    "{C7A2E630-476B-404B-872B-AE3583E2CADD}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe | 
    "{C82BA8B4-91B1-4FF9-B6CC-2A6BCFFA062E}" = rport=137 | protocol=17 | dir=out | app=system | 
    "{D73A0134-24E5-4E86-8F00-2A80D67BDFFA}" = rport=139 | protocol=6 | dir=out | app=system | 
    "{DC6F1984-3907-4909-A830-DFCA2ADD96CD}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe | 
    "{E932ECD5-C96C-4F11-849E-C717E7F19BBF}" = lport=2177 | protocol=6 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe | 
    "{EF26F73E-1B42-4C16-9474-4DB5E5FCD7CF}" = rport=2177 | protocol=6 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe | 
    "{FAA7B0BB-3593-47EE-A40E-81BADC661EB8}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | name=@firewallapi.dll,-28539 | 
     
    ========== Vista Active Application Exception List ==========
     
    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
    "{0081215E-B33C-443C-B327-C93C7853E771}" = protocol=6 | dir=in | app=c:\windows\syswow64\pnkbstrb.exe | 
    "{029271D3-8893-4180-8A0E-1D07E828A858}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\left 4 dead\bin\sdklauncher.exe | 
    "{02B03382-2C44-4FBB-ACBD-071ED6C53075}" = protocol=58 | dir=in | app=system | 
    "{09BF32D7-080C-462D-8354-E0988E58667F}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\fallout new vegas\falloutnvlauncher.exe | 
    "{0D2693F8-8087-4692-8BA1-ED0322C9B9E2}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe | 
    "{0EB70C95-123B-462B-B0F9-2E3934FFB640}" = protocol=6 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe | 
    "{10893043-0B22-4BFD-AA54-91E6FB1D865C}" = protocol=17 | dir=in | app=c:\program files\soluto\solutoservice.exe | 
    "{1184A971-F0F9-4BEE-B54C-DF4CBA5702F7}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\left 4 dead\left4dead.exe | 
    "{19D6E109-C27C-4C5F-AC8C-BD943DFCC59C}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe | 
    "{1CF30C5A-569B-4F81-94B2-7CA6E2F264A0}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\farcry\bin32\farcryconfigurator.exe | 
    "{1EAF0D1C-1F33-4BED-BBE9-73EFC442CAD1}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe | 
    "{20B59F4B-6C49-4171-AC12-7A33159CD7D4}" = protocol=17 | dir=in | app=c:\users\delektoja\appdata\roaming\spotify\spotify.exe | 
    "{2489E87B-2CA8-4850-8057-E2AB1C8A5956}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\farcry\bin32\farcry.exe | 
    "{25D51B6D-07CE-4926-A035-E8E03EF8DE65}" = protocol=58 | dir=out | name=@iphlpsvc.dll,-503 | 
    "{2650ABA5-BF9B-48D1-8B78-79339DCDBDA2}" = protocol=17 | dir=in | app=c:\program files (x86)\microsoft lifecam\lifeenc2.exe | 
    "{2744A446-B686-408B-A308-BB34623840B0}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\farcry\bin32\farcry.exe | 
    "{27EBD0CB-35F8-4607-B150-55B16E0F3BAC}" = protocol=1 | dir=in | name=@firewallapi.dll,-28543 | 
    "{296B096F-052B-43DA-95E4-7BC43A943DBF}" = protocol=17 | dir=in | app=c:\program files (x86)\microsoft office\office14\groove.exe | 
    "{2977F992-A0E9-4148-8208-BD6AAC184BF4}" = protocol=17 | dir=in | app=c:\windows\syswow64\pnkbstrb.exe | 
    "{2CED7F78-F6D1-4191-89AD-16836782511C}" = protocol=17 | dir=in | app=c:\program files (x86)\adobe\adobe version cue cs2\bin\versioncuecs2.exe | 
    "{3122199E-ED00-4E24-A434-0B6D6281064F}" = protocol=6 | dir=in | app=c:\users\delektoja\appdata\roaming\spotify\spotify.exe | 
    "{31FA6A94-E72A-47AB-9DB9-7E043389D915}" = protocol=17 | dir=in | app=c:\program files\soluto\solutoconsole.exe | 
    "{35479006-E722-4E93-8681-8FB2E0AE420B}" = dir=in | app=c:\program files\hp\hp officejet 6500 e710n-z\bin\sendafax.exe | 
    "{35C13AF9-2398-43C2-85D3-804C679A01DD}" = protocol=6 | dir=in | app=c:\program files (x86)\microsoft lifecam\lifetray.exe | 
    "{387A7E74-2DE9-400E-A9F4-51B5FB6EB5D1}" = protocol=6 | dir=in | app=c:\windows\syswow64\pnkbstra.exe | 
    "{39F2DDA9-A1D0-4DF0-8384-0A51DF01B0A3}" = dir=in | app=c:\program files (x86)\hewlett-packard\touchsmart\media\tsmagent.exe | 
    "{3A59B546-25F0-4616-BB4C-5931A0A22849}" = protocol=58 | dir=in | name=@firewallapi.dll,-28545 | 
    "{3B658845-9DC6-4E51-BA8F-529F22A95271}" = dir=in | app=c:\program files (x86)\common files\apple\apple application support\webkit2webprocess.exe | 
    "{3B676272-8B5F-4BC3-A466-30D444052372}" = protocol=6 | dir=in | app=c:\program files (x86)\microsoft lifecam\lifeexp.exe | 
    "{3F3AB6AB-538F-4726-BE1C-AFBB744330D7}" = protocol=17 | dir=in | app=c:\users\delektoja\appdata\local\google\google talk plugin\googletalkplugin.exe | 
    "{41CA554C-B2A2-4626-BBC2-067278F612CB}" = protocol=17 | dir=in | app=c:\program files\soluto\solutoupdateservice.exe | 
    "{43ADFA2B-95CB-4D24-A5A0-4C59A09643EC}" = protocol=17 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe | 
    "{457FD06E-0EBC-42FA-A8C7-CA63670AEAB4}" = protocol=17 | dir=in | app=c:\users\delektoja\appdata\local\google\google talk plugin\googletalkplugin.exe | 
    "{4724A704-9577-459F-9616-6BBD521D9322}" = protocol=6 | dir=in | app=c:\users\delektoja\appdata\local\google\google talk plugin\googletalkplugin.exe | 
    "{475DF0BF-E82A-45BC-BB57-CAC3A28994B3}" = dir=in | app=c:\program files (x86)\hewlett-packard\touchsmart\media\kernel\clml\clmlsvc.exe | 
    "{479C0DFD-55AC-4298-9373-CD70BA70F02B}" = protocol=17 | dir=in | app=c:\program files\soluto\soluto.exe | 
    "{494E42A6-D961-4A86-8E80-A3F2D592E0F3}" = dir=in | app=c:\program files\hp\hp officejet 6500 e710n-z\bin\hpnetworkcommunicator.exe | 
    "{498470BA-2698-45B4-924A-5EB3184A3A48}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\stalker shadow of chernobyl\bin\xr_3da.exe | 
    "{4B1D1BCF-E476-4088-B427-AE3BFA20B33F}" = protocol=6 | dir=in | app=c:\program files\solidworks corp\solidworks\swscheduler\dtscoordinatorservice.exe | 
    "{4BC00332-7EBF-4B23-B9F3-1BB15A1E14AB}" = dir=in | app=c:\program files (x86)\cyberlink\powerdirector\pdr.exe | 
    "{4EB99723-A8F4-464D-B908-041DBEB4E01A}" = protocol=17 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe | 
    "{55C40D7F-B8D0-4E65-9093-CA2CE1A5F821}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe | 
    "{56B5E26B-DB0F-4DBC-8AD5-64E953F2098B}" = protocol=17 | dir=in | app=c:\program files\solidworks corp\solidworks\swscheduler\dtscoordinatorservice.exe | 
    "{5BB7034F-4E23-471F-B99C-0DCCA406E850}" = protocol=17 | dir=in | app=c:\program files (x86)\microsoft lifecam\lifetray.exe | 
    "{5CCFB561-7C76-4057-B9F9-EE870BC97389}" = protocol=6 | dir=in | app=c:\program files (x86)\microsoft lifecam\lifecam.exe | 
    "{5DCA5CB4-9D91-41B1-A83D-0BE68FA54106}" = protocol=17 | dir=in | app=c:\users\delektoja\appdata\roaming\spotify\spotify.exe | 
    "{5F787938-8A29-45A4-882F-182BFD8127EF}" = dir=in | app=c:\program files (x86)\hewlett-packard\media\dvd\hpdvdsmart.exe | 
    "{6001562E-D3A0-48DB-8456-7B15A124CD54}" = dir=in | app=c:\program files (x86)\windows live\contacts\wlcomm.exe | 
    "{60CE6241-E59B-4061-A597-03C35EA1E749}" = protocol=17 | dir=in | app=c:\program files (x86)\origin games\battlefield 1942\bf1942.exe | 
    "{61E457B4-2B35-4076-B937-27881FD3A4CF}" = dir=in | app=c:\program files (x86)\windows live\messenger\msnmsgr.exe | 
    "{69BDA99A-6571-4553-A9D0-5724A5B08EB9}" = protocol=58 | dir=out | name=@firewallapi.dll,-28546 | 
    "{6C47856B-DBBF-4CED-96B9-3850A8161CDB}" = protocol=17 | dir=in | app=c:\windows\syswow64\pnkbstrb.exe | 
    "{723D48F1-FC1A-4C39-9DDF-9528BC428DD2}" = protocol=6 | dir=in | app=c:\program files (x86)\bonjour\mdnsresponder.exe | 
    "{72A05614-44AD-4913-8021-EE0F1FDE2AC7}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steam.exe | 
    "{7826C2E6-5F9C-460C-9A2C-67E68A2B49C0}" = dir=in | app=c:\program files\hp\hp officejet 6500 e710n-z\bin\digitalwizards.exe | 
    "{7A480445-3455-42F3-97E5-C729914A5A76}" = dir=in | app=c:\program files (x86)\itunes\itunes.exe | 
    "{7BDDF0AA-CAC2-46C4-BF18-5DCC02958B2C}" = protocol=17 | dir=in | app=c:\program files (x86)\microsoft office\office14\onenote.exe | 
    "{7EEE0922-7A3E-404E-8CFD-4BE2AF393B1D}" = protocol=17 | dir=in | app=%programfiles(x86)%\windows media player\wmplayer.exe | 
    "{7EFBA021-D1A3-4D6B-B89D-4D84C8D6A573}" = protocol=17 | dir=in | app=c:\program files (x86)\microsoft lifecam\lifeexp.exe | 
    "{7FD8A23E-265A-4F22-B94B-898AD6C2FE10}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\red faction guerrilla\rfg_launcher.exe | 
    "{801DB229-5A12-4229-95F9-FA474168A27F}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe | 
    "{83031620-5620-431F-973C-C303F85A5253}" = protocol=6 | dir=in | app=c:\users\delektoja\appdata\local\microsoft\skydrive\skydrive.exe | 
    "{83AD6D7E-C1EB-4182-A486-1A078D980721}" = dir=in | app=c:\program files\hp\hp officejet 6500 e710n-z\bin\devicesetup.exe | 
    "{85DF027A-E65B-4629-8BA8-8DEBCF505EB1}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe | 
    "{8AEF2693-2017-4368-8DD0-ED4517AA6942}" = protocol=6 | dir=in | app=c:\program files\soluto\solutoupdateservice.exe | 
    "{8E5C6138-C1A6-401F-80FD-47E49EF42FB0}" = protocol=6 | dir=in | app=c:\program files (x86)\adobe\adobe version cue cs2\bin\versioncuecs2.exe | 
    "{9022FF4F-511D-444B-9DD0-D36D4142484E}" = protocol=6 | dir=in | app=c:\program files (x86)\origin games\battlefield 1942\bf1942.exe | 
    "{9252017C-1A7D-4876-A304-B7F555D8B79D}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\left 4 dead\bin\sdklauncher.exe | 
    "{9381D47F-8E40-4721-9314-B22E2068D58C}" = dir=in | app=c:\program files (x86)\motorola media link\lite\mml.exe | 
    "{93E72F58-A3D1-4F5A-9458-63B2C5F24AFB}" = protocol=17 | dir=in | app=c:\program files (x86)\origin games\battlefield 1942\bf1942.exe | 
    "{9910AF78-A4FB-46CA-A523-939D11DCF649}" = protocol=6 | dir=in | app=c:\users\delektoja\appdata\local\google\google talk plugin\googletalkplugin.exe | 
    "{99B517F1-072F-47A7-806A-AAFA0758F21C}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\left 4 dead\left4dead.exe | 
    "{9A080BBB-0320-4FDD-95AB-90C76DEF7881}" = protocol=6 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe | 
    "{9AAD7F74-DA0C-48FB-9475-1F73283857B8}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\fallout new vegas\falloutnvlauncher.exe | 
    "{A368151E-9E00-46FE-A716-4DAD19DEF9C7}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\red faction guerrilla\rfg_launcher.exe | 
    "{A6D097E9-D956-41D1-A989-AAA07E2C73B5}" = protocol=6 | dir=in | app=c:\program files (x86)\microsoft office\office14\groove.exe | 
    "{A7257776-64B8-4F18-9386-EC528F0C604A}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\farcry\bin32\farcryconfigurator.exe | 
    "{ACBF1C66-9C80-41A0-B173-9469DCED29FA}" = protocol=6 | dir=in | app=c:\program files (x86)\origin games\battlefield 1942\bf1942.exe | 
    "{AEF505FE-ADB6-4ACA-B8A5-FEF231D4777C}" = protocol=6 | dir=in | app=c:\program files\soluto\solutocleanup.exe | 
    "{AF979A9E-6587-41A7-A1C0-1452FCF72992}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\farcry\bin32\farcryconfigurator.exe | 
    "{B191619B-1890-41FA-A815-80016D31FE63}" = protocol=17 | dir=in | app=c:\btguard\utorrent.exe | 
    "{B24B640F-0AEF-4150-8DFB-0EBD5F17A81B}" = protocol=6 | dir=in | app=c:\windows\syswow64\pnkbstrb.exe | 
    "{B31F4DF6-67AA-4F25-ACD6-242CE5329062}" = protocol=6 | dir=in | app=c:\windows\syswow64\pnkbstra.exe | 
    "{BB3D776C-5975-4123-B8C4-CC7A6872DC1C}" = protocol=17 | dir=in | app=c:\program files (x86)\bonjour\mdnsresponder.exe | 
    "{BE1F96B5-C0CE-4EF8-9CC0-2076D01C2C6F}" = protocol=6 | dir=in | app=c:\btguard\utorrent.exe | 
    "{BFFDB056-E772-4E17-8D2E-3AA9766B87FC}" = protocol=6 | dir=in | app=c:\program files\soluto\solutoconsole.exe | 
    "{C087DFF7-96B1-41F8-854C-FCB9EC5E2B39}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe | 
    "{C466D5D4-E182-488D-911B-12A5880A76D0}" = protocol=1 | dir=out | name=@firewallapi.dll,-28544 | 
    "{C559A975-F100-48F7-8DDA-D374C213927D}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe | 
    "{C99A82EC-4219-4B71-8381-2BD0D5F8B7A6}" = protocol=17 | dir=in | app=c:\program files\soluto\solutocleanup.exe | 
    "{CA8A4C64-8D10-46FA-B8B1-90B964DA6214}" = dir=in | app=c:\program files\hp\hp officejet 6500 e710n-z\bin\faxapplications.exe | 
    "{CC06BA0E-FC03-49DD-9C0E-4A9FA903986A}" = protocol=6 | dir=in | app=c:\users\delektoja\appdata\roaming\spotify\spotify.exe | 
    "{CC6073CC-0C72-44A6-BFB8-ECE968DD28F9}" = protocol=6 | dir=in | app=c:\program files (x86)\microsoft office\office14\onenote.exe | 
    "{D19F873B-9460-45A4-8913-66092645D146}" = protocol=17 | dir=in | app=c:\windows\syswow64\pnkbstra.exe | 
    "{D1DB9DB2-3757-436F-8A80-62915E2679A2}" = protocol=6 | dir=in | app=c:\program files (x86)\microsoft lifecam\lifeenc2.exe | 
    "{D38D78EF-85F6-4CFC-BDA6-CB13CD906F66}" = dir=in | app=c:\program files (x86)\hewlett-packard\touchsmart\media\hptouchsmartvideo.exe | 
    "{D6E2275D-FF5B-4396-ACD2-EBD16B21805C}" = protocol=17 | dir=in | app=c:\users\delektoja\appdata\local\microsoft\skydrive\skydrive.exe | 
    "{D71C4067-9A38-4B59-99A1-598EB697AD6B}" = protocol=6 | dir=out | app=system | 
    "{D77EB2B5-5401-4954-AB4D-4EB0CF446FCD}" = dir=in | app=c:\program files (x86)\windows live\sync\windowslivesync.exe | 
    "{D80C87DD-881D-4AFA-8FD9-E8CA0815E516}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\farcry\bin32\farcryconfigurator.exe | 
    "{D94908F1-5458-405C-9852-0B25EF39EBD6}" = protocol=6 | dir=in | app=c:\program files\soluto\solutoservice.exe | 
    "{DB74E006-EF09-414F-BF55-20BBDB2B7911}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\farcry\bin32\farcry.exe | 
    "{DC1F3B4B-F623-46C4-B590-FDF1AC25371E}" = protocol=6 | dir=in | app=c:\program files (x86)\bonjour\mdnsresponder.exe | 
    "{DDE5C8CB-2DC9-4634-B9E2-0223E12EA3C5}" = protocol=17 | dir=in | app=c:\windows\syswow64\pnkbstra.exe | 
    "{DF6DA71F-526F-49B6-85B1-0D0B26A35D41}" = protocol=6 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe | 
    "{E3171713-D7FF-4195-885E-01B8CACCF2E7}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\farcry\bin32\farcry.exe | 
    "{E3A49A2A-8D64-4A84-81FA-DF0CBADCCC6D}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe | 
    "{E5514B05-E460-481A-9E22-AB75ADE0B1D5}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\stalker shadow of chernobyl\bin\xr_3da.exe | 
    "{E6CF1449-0B21-4B20-828D-F81F5717BCE8}" = dir=in | app=c:\program files\hp\hp officejet 6500 e710n-z\bin\hpnetworkcommunicatorcom.exe | 
    "{E7A9C4F9-5FF9-450D-90C5-349375FD6922}" = protocol=17 | dir=in | app=c:\program files (x86)\microsoft lifecam\lifecam.exe | 
    "{ED591B6D-D68B-4232-935E-C014FA3F16D6}" = dir=in | app=c:\program files (x86)\hewlett-packard\touchsmart\media\hptouchsmartphoto.exe | 
    "{F09BD628-1A0C-4B71-982E-E18012BC3311}" = dir=in | app=c:\program files (x86)\hewlett-packard\touchsmart\media\hptouchsmartmusic.exe | 
    "{F1A13348-7BB0-4AEB-859F-8E39E950EAC9}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe | 
    "{F1F3ABB4-E09D-4998-9C1B-B0F5001B59B0}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe | 
    "{F8493DB0-CDE5-4F8C-83A6-2A77977509DD}" = protocol=6 | dir=in | app=c:\program files\soluto\soluto.exe | 
    "{F8C8A2D0-D11F-4621-A766-5B7F4BE93372}" = protocol=17 | dir=in | app=c:\program files (x86)\bonjour\mdnsresponder.exe | 
    "{FB6F2F09-4890-49D7-BBFD-8A0B04354D32}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steam.exe | 
    "TCP Query User{874A98B3-C049-4E80-B1A7-D9986D25097D}C:\program files (x86)\steam\steamapps\donjohn212\counter-strike source\hl2.exe" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\donjohn212\counter-strike source\hl2.exe | 
    "TCP Query User{D3BD7D40-C666-48DB-A155-6497AA30B5C6}C:\program files (x86)\microsoft office\office14\outlook.exe" = protocol=6 | dir=in | app=c:\program files (x86)\microsoft office\office14\outlook.exe | 
    "UDP Query User{C1899C66-2D2B-42FB-AD2B-2A45E58024C7}C:\program files (x86)\microsoft office\office14\outlook.exe" = protocol=17 | dir=in | app=c:\program files (x86)\microsoft office\office14\outlook.exe | 
    "UDP Query User{DCF32974-FBC4-47C5-A687-7E2EA51BB433}C:\program files (x86)\steam\steamapps\donjohn212\counter-strike source\hl2.exe" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\donjohn212\counter-strike source\hl2.exe | 
     
    ========== HKEY_LOCAL_MACHINE Uninstall List ==========
     
    64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
    "{015C5B35-B678-451C-9AEE-821E8D69621C}_is1" = PeerBlock 1.1 (r518)
    "{071c9b48-7c32-4621-a0ac-3f809523288f}" = Microsoft Visual C++ 2005 Redistributable (x64)
    "{0E5D76AD-A3FB-48D5-8400-8903B10317D3}" = iTunes
    "{1B8ABA62-74F0-47ED-B18C-A43128E591B8}" = Windows Live ID Sign-in Assistant
    "{1CCF1727-A817-4FEE-A028-5466FB542934}" = Motorola Mobile Drivers Installation 5.2.0
    "{1D8E6291-B0D5-35EC-8441-6616F567A0F7}" = Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219
    "{1E9FC118-651D-4934-97BE-E53CAE5C7D45}" = Microsoft_VC80_MFCLOC_x86_x64
    "{215D88B7-661F-4C71-A7F9-75E53E9A5061}" = SolidWorks eDrawings 2012 x64 Edition SP02
    "{23170F69-40C1-2702-0920-000001000000}" = 7-Zip 9.20 (x64 edition)
    "{26A24AE4-039D-4CA4-87B4-2F86416031FF}" = Java™ 6 Update 31 (64-bit)
    "{3E494002-985C-4908-B72C-5B4DD15BE090}_is1" = Start Menu X version 4.66
    "{4207BD5E-6F51-4C57-BC86-A0EBE9088A30}" = HP Officejet 6500 E710n-z Product Improvement Study
    "{4569AD91-47F4-4D9E-8FC9-717EC32D7AE1}" = Microsoft_VC80_CRT_x86_x64
    "{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148
    "{4C66F076-D3AB-49C8-85D4-BAA6D82FCAE2}" = SolidWorks 2012 x64 Edition SP02
    "{542DDF04-9F91-4F36-B2F4-2638B788A4C8}" = Microsoft Visual Studio 2005 Remote Debugger Light (x64) - ENU
    "{5CE7E3F5-9803-4F32-AA89-2D8848A80109}" = Microsoft LifeCam
    "{5EB6F3CB-46F4-451F-A028-7F6D8D35D7D0}" = Windows Live Language Selector
    "{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161
    "{62A20ECA-920E-4052-BF77-88C78DD20FAA}" = Validity Sensors DDK
    "{64A3A4F4-B792-11D6-A78A-00B0D0160150}" = Java™ SE Development Kit 6 Update 15 (64-bit)
    "{64A3A4F4-B792-11D6-A78A-00B0D0160230}" = Java™ SE Development Kit 6 Update 23 (64-bit)
    "{64A3A4F4-B792-11D6-A78A-00B0D0160260}" = Java™ SE Development Kit 6 Update 26 (64-bit)
    "{64A3A4F4-B792-11D6-A78A-00B0D0160290}" = Java™ SE Development Kit 6 Update 29 (64-bit)
    "{64A3A4F4-B792-11D6-A78A-00B0D0160310}" = Java™ SE Development Kit 6 Update 31 (64-bit)
    "{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}" = Microsoft Visual C++ 2005 Redistributable (x64)
    "{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}" = Bonjour
    "{70675CAC-C262-4765-BBCA-FB0D66252AF4}" = Soluto
    "{7AB6F8D7-7804-4662-BE8C-1AFCCD602D9F}" = Microsoft Mouse and Keyboard Center
    "{8220EEFE-38CD-377E-8595-13398D740ACE}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17
    "{82CD33B2-1DE6-4663-B6F0-1592B2376F78}" = VS10Runtimex64
    "{8338783A-0968-3B85-AFC7-BAAE0A63DC50}" = Microsoft Visual C++ 2008 Redistributable - KB2467174 - x64 9.0.30729.5570
    "{8557397C-A42D-486F-97B3-A2CBC2372593}" = Microsoft_VC90_ATL_x86_x64
    "{85A42FF0-F0D0-44A3-B226-C124D6E8B1D5}" = HP 3D DriveGuard
    "{867DE0DC-A93F-41EA-9654-A212514FA946}" = Oracle VM VirtualBox 4.2.4
    "{88E60521-1E4E-4785-B9F1-1798A4BD0C30}" = HP MediaSmart SmartMenu
    "{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
    "{8E34682C-8118-31F1-BC4C-98CD9675E1C2}" = Microsoft .NET Framework 4 Extended
    "{90140000-002A-0000-1000-0000000FF1CE}" = Microsoft Office Office 64-bit Components 2010
    "{90140000-002A-0409-1000-0000000FF1CE}" = Microsoft Office Shared 64-bit MUI (English) 2010
    "{90140000-0116-0409-1000-0000000FF1CE}" = Microsoft Office Shared 64-bit Setup Metadata MUI (English) 2010
    "{9068B2BE-D93A-4C0A-861C-5E35E2C0E09E}" = Intel® Matrix Storage Manager
    "{90BF0360-A1DB-4599-A643-95AB90A52C1E}" = Microsoft_VC90_MFCLOC_x86_x64
    "{925D058B-564A-443A-B4B2-7E90C6432E55}" = Microsoft_VC80_ATL_x86_x64
    "{92A3CA0D-55CD-4C5D-BA95-5C2600C20F26}" = Microsoft_VC90_CRT_x86_x64
    "{95120000-00B9-0409-1000-0000000FF1CE}" = Microsoft Application Error Reporting
    "{9C5A08BF-BB99-4998-81BD-F6CC32483B34}" = Microsoft Corporation
    "{A472B9E4-0AFF-4F7B-B25D-F64F8E928AAB}" = Microsoft_VC90_MFC_x86_x64
    "{aac9fcc4-dd9e-4add-901c-b5496a07ab2e}" = Microsoft Visual C++ 2005 Redistributable (x64) - KB2467175
    "{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}" = Microsoft Visual C++ 2005 Redistributable (x64)
    "{B6E3757B-5E77-3915-866A-CCFC4B8D194C}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x64 8.0.50727.4053
    "{C8C1BAD5-54E6-4146-AD07-3A8AD36569C3}" = Microsoft_VC80_MFC_x86_x64
    "{D70884EA-E2CE-4539-91DB-4766CC1E5F5F}" = Apple Mobile Device Support
    "{D79A5962-7305-41B9-A39E-A98AB598F372}" = HP Officejet 6500 E710n-z Basic Device Software
    "{D954C6C2-544B-4091-A47F-11E77162883E}" = Microsoft Security Client
    "{DA54F80E-261C-41A2-A855-549A144F2F59}" = Windows Live MIME IFilter
    "{F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}" = Microsoft .NET Framework 4 Client Profile
    "Bitdefender" = Bitdefender Internet Security 2013
    "CCleaner" = CCleaner
    "CyberGhost VPN_is1" = CyberGhost VPN
    "FFE7D41DF3C645075BB149E21988B63996C34187" = ENE CIR Receiver Driver
    "HitmanPro37" = HitmanPro 3.7
    "HP LaserJet Professional P1100-P1560-P1600 Series" = HP LaserJet Professional P1100-P1560-P1600 Series
    "Matlab R2012b" = MATLAB R2012b
    "Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
    "Microsoft .NET Framework 4 Extended" = Microsoft .NET Framework 4 Extended
    "Microsoft Mouse and Keyboard Center" = Microsoft Mouse and Keyboard Center
    "Microsoft Security Client" = Microsoft Security Essentials
    "Microsoft Visual Studio 2005 Remote Debugger Light (x64) - ENU" = Microsoft Visual Studio 2005 Remote Debugger Light (x64) - ENU
    "sp6" = Logitech SetPoint 6.32
    "SynTPDeinstKey" = Synaptics Pointing Device Driver
    "TeraCopy_is1" = TeraCopy 2.27
     
    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
    "{0134A1A1-C283-4A47-91A1-92F19F960372}" = Adobe Creative Suite 2
    "{01FB4998-33C4-4431-85ED-079E3EEFE75D}" = HP MediaSmart Webcam
    "{033E378E-6AD3-4AD5-BDEB-CBD69B31046C}" = Microsoft_VC90_ATL_x86
    "{048298C9-A4D3-490B-9FF9-AB023A9238F3}" = Steam
    "{07FA4960-B038-49EB-891B-9F95930AA544}" = HP Customer Experience Enhancements
    "{08D2E121-7F6A-43EB-97FD-629B44903403}" = Microsoft_VC90_CRT_x86
    "{0B0F231F-CE6A-483D-AA23-77B364F75917}" = Windows Live Installer
    "{0CA72D12-F6C6-4D43-A2A0-41F5AA17E2B6}" = Netflix in Windows Media Center
    "{0F3647F8-E51D-4FCC-8862-9A8D0C5ACF25}" = Microsoft_VC80_ATL_x86
    "{1111706F-666A-4037-7777-211328764D10}" = JavaFX 2.1.1
    "{130E5108-547F-4482-91EE-F45C784E08C7}" = HP Officejet 6500 E710n-z Help
    "{15BC8CD0-A65B-47D0-A2DD-90A824590FA8}" = Microsoft Works
    "{1747DF05-6890-440B-B094-2146F5DC50E0}" = HP MediaSmart SlingPlayer
    "{17B4760F-334B-475D-829F-1A3E94A6A4E6}" = HP Setup
    "{196467F1-C11F-4F76-858B-5812ADC83B94}" = MSXML 4.0 SP3 Parser
    "{19BA08F7-C728-469C-8A35-BFBD3633BE08}" = Windows Live Movie Maker
    "{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
    "{1F6AB0E7-8CDD-4B93-8A23-AA9EB2FEFCE4}" = Junk Mail filter update
    "{1FBF6C24-C1FD-4101-A42B-0C564F9E8E79}" = CyberLink DVD Suite
    "{200FEC62-3C34-4D60-9CE8-EC372E01C08F}" = Windows Live SOXE Definitions
    "{236BB7C4-4419-42FD-0409-1E257A25E34D}" = Adobe Photoshop CS2
    "{254C37AA-6B72-4300-84F6-98A82419187E}" = ActiveCheck component for HP Active Support Library
    "{26A24AE4-039D-4CA4-87B4-2F83216031FF}" = Java™ 6 Update 31
    "{26A24AE4-039D-4CA4-87B4-2F83217013FF}" = Java 7 Update 13
    "{28E82311-8616-11E1-BEB0-B8AC6F97B88E}" = Google Earth
    "{2BFC7AA0-544C-4E3A-8796-67F3BE655BE9}" = Microsoft XNA Framework Redistributable 4.0
    "{32343DB6-9A52-40C9-87E4-5E7C79791C87}" = MSXML 4.0 SP2 and SOAP Toolkit 3.0
    "{3336F667-9049-4D46-98B6-4C743EEBC5B1}" = Windows Live Photo Gallery
    "{34D2AB40-150D-475D-AE32-BD23FB5EE355}" = HP Quick Launch Buttons
    "{34F4D9A4-42C2-4348-BEF4-E553C84549E7}" = Windows Live Photo Gallery
    "{35021DFB-F9CA-402A-89A2-47F91E506465}" = HP MediaSmart/TouchSmart Netflix
    "{3521BDBD-D453-5D9F-AA55-44B75D214629}" = Adobe Community Help
    "{371E8B48-2AF1-491B-8F35-BD60D18CB927}" = Windchill ProductPoint Client Manager-2.0_2011.01.10.001
    "{378397D6-FD32-4092-A854-6A75CB7EDA46}" = MOTOROLA MEDIA LINK
    "{3877C901-7B90-4727-A639-B6ED2DD59D43}" = ESU for Microsoft Windows 7
    "{39337565-330E-4ab6-A9AE-AC81E0720B10}" = CyberLink PhotoDirector 3
    "{3EE9BCAE-E9A9-45E5-9B1C-83A4D357E05C}" = eReg
    "{40BF1E83-20EB-11D8-97C5-0009C5020658}" = Power2Go
    "{40FB8D7C-6FF8-4AF2-BC8B-0B1DB32AF04B}" = HP Advisor
    "{44B2A0AB-412E-4F8C-B058-D1E8AECCDFF5}" = Recovery Manager
    "{47D7C9B8-BD44-4D2E-9040-E946477B2F9A}" = Microsoft Live Search Toolbar
    "{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
    "{4CB0307C-565E-4441-86BE-0DF2E4FB828C}" = Microsoft Games for Windows Marketplace
    "{4CBABDFD-49F8-47FD-BE7D-ECDE7270525A}" = Windows Live PIMT Platform
    "{4E432692-A736-4F77-AF77-F9078CF88D31}" = HP Wireless Assistant
    "{54194F60-988C-4D03-B922-C2B00EFDA39A}" = NVIDIA PhysX
    "{543B90B9-C566-4309-8255-505080080654}" = TouchCopy 09
    "{5AF4B3C4-C393-48D7-AC7E-8E7615579548}" = Adobe AIR
    "{5BE7BD06-512B-43bf-AD78-3BD2A5F5F7B3}" = Battlefield 1942™
    "{612C34C7-5E90-47D8-9B5C-0F717DD82726}" = swMSM
    "{628C2C7D-8AD1-E614-E8E2-6EEAD8D5F2D0}" = Acrobat.com
    "{635FED5B-2C6D-49BE-87E6-7A6FCD22BC5A}" = Microsoft_VC90_MFC_x86
    "{65153EA5-8B6E-43B6-857B-C6E4FC25798A}" = Intel® Management Engine Components
    "{669D4A35-146B-4314-89F1-1AC3D7B88367}" = HPAsset component for HP Active Support Library
    "{67626E09-5366-4480-8F1E-93FADF50CA15}" = HP MediaSmart Live TV
    "{682B3E4F-696A-42DE-A41C-4C07EA1678B4}" = Windows Live SOXE
    "{69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4}" = Windows Media Player Firefox Plugin
    "{6A05FEDF-662E-46BF-8A25-010E3F1C9C69}" = Windows Live UX Platform Language Pack
    "{6B4AD1A9-E73A-4184-9D6B-072F8A3C5EBA}" = VoiceOver Kit
    "{6F1C00D2-25C2-4CBA-8126-AE9A6E2E9CD5}" = HP Update
    "{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable
    "{716E0306-8318-4364-8B8F-0CC4E9376BAC}" = MSXML 4.0 SP2 Parser and SDK
    "{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable
    "{74852D78-260B-0612-89EE-D414414CFF60}" = GameFly
    "{770657D0-A123-3C07-8E44-1C83EC895118}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
    "{786C5747-1033-0000-B58E-000000000001}" = Adobe Stock Photos 1.0
    "{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}" = Apple Software Update
    "{7A21C722-F259-4976-B7AA-6658E5FDEDAF}" = Google Drive
    "{7AB416C2-4AEC-4967-A873-E2A3B404E6EC}" = SP45629 - Intel Chipset Installation Utility
    "{7F4C8163-F259-49A0-A018-2857A90578BC}" = Adobe InDesign CS2
    "{80956555-A512-4190-9CAD-B000C36D6B6B}" = Windows Live Messenger
    "{820B6609-4C97-3A2B-B644-573B06A0F0CC}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729
    "{82A213BD-B6AA-4281-A2D3-59D51893CC56}" = HP MediaSmart Software Notebook Demo
    "{832D9DE0-8AFC-4689-9819-4DBBDEBD3E4F}" = Microsoft Games for Windows - LIVE Redistributable
    "{837b34e3-7c30-493c-8f6a-2b0f04e2912c}" = Microsoft Visual C++ 2005 Redistributable
    "{84EBDF39-4B33-49D7-A0BD-EB6E2C4E81C1}" = Windows Live Sync
    "{86CE85E6-DBAC-3FFD-B977-E4B79F83C909}" = Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570
    "{8833FFB6-5B0C-4764-81AA-06DFEED9A476}" = Realtek Ethernet Controller  Driver
    "{8DD46C6A-0056-4FEC-B70A-28BB16A1F11F}" = MSVCRT
    "{8EDBA74D-0686-4C99-BFDD-F894678E5B39}" = Adobe Common File Installer
    "{8F3C31C5-9C3A-4AA8-8EFA-71290A7AD533}" = TomTom HOME Visual Studio Merge Modules
    "{8FD0167F-A752-467A-86BE-3728D71F68B8}" = Mathcad 15 M010
    "{90120000-0020-0409-0000-0000000FF1CE}" = Compatibility Pack for the 2007 Office system
    "{90120000-00A4-0409-0000-0000000FF1CE}" = Microsoft Office 2003 Web Components
    "{90140000-0011-0000-0000-0000000FF1CE}" = Microsoft Office Professional Plus 2010
    "{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{047B0968-E622-4FAA-9B4B-121FA109EDDE}" = Microsoft Office 2010 Service Pack 1 (SP1)
    "{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{F744FCFC-FBA8-4F61-ABA5-C485487DEE2C}" = 
    "{90140000-0015-0409-0000-0000000FF1CE}" = Microsoft Office Access MUI (English) 2010
    "{90140000-0015-0409-0000-0000000FF1CE}_Office14.PROPLUS_{6BD185A0-E67F-4F77-8BCD-E34EA6AE76DF}" = Microsoft Office 2010 Service Pack 1 (SP1)
    "{90140000-0016-0409-0000-0000000FF1CE}" = Microsoft Office Excel MUI (English) 2010
    "{90140000-0016-0409-0000-0000000FF1CE}_Office14.PROPLUS_{6BD185A0-E67F-4F77-8BCD-E34EA6AE76DF}" = Microsoft Office 2010 Service Pack 1 (SP1)
    "{90140000-0018-0409-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (English) 2010
    "{90140000-0018-0409-0000-0000000FF1CE}_Office14.PROPLUS_{6BD185A0-E67F-4F77-8BCD-E34EA6AE76DF}" = Microsoft Office 2010 Service Pack 1 (SP1)
    "{90140000-0019-0409-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (English) 2010
    "{90140000-0019-0409-0000-0000000FF1CE}_Office14.PROPLUS_{6BD185A0-E67F-4F77-8BCD-E34EA6AE76DF}" = Microsoft Office 2010 Service Pack 1 (SP1)
    "{90140000-001A-0409-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (English) 2010
    "{90140000-001A-0409-0000-0000000FF1CE}_Office14.PROPLUS_{6BD185A0-E67F-4F77-8BCD-E34EA6AE76DF}" = Microsoft Office 2010 Service Pack 1 (SP1)
    "{90140000-001B-0409-0000-0000000FF1CE}" = Microsoft Office Word MUI (English) 2010
    "{90140000-001B-0409-0000-0000000FF1CE}_Office14.PROPLUS_{6BD185A0-E67F-4F77-8BCD-E34EA6AE76DF}" = Microsoft Office 2010 Service Pack 1 (SP1)
    "{90140000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2010
    "{90140000-001F-0409-0000-0000000FF1CE}_Office14.PROPLUS_{99ACCA38-6DD3-48A8-96AE-A283C9759279}" = Microsoft Office 2010 Service Pack 1 (SP1)
    "{90140000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2010
    "{90140000-001F-040C-0000-0000000FF1CE}_Office14.PROPLUS_{46298F6A-1E7E-4D4A-B5F5-106A4F0E48C6}" = Microsoft Office 2010 Service Pack 1 (SP1)
    "{90140000-001F-0C0A-0000-0000000FF1CE}" = Microsoft Office Proof (Spanish) 2010
    "{90140000-001F-0C0A-0000-0000000FF1CE}_Office14.PROPLUS_{DEA87BE2-FFCC-4F33-9946-FCBE55A1E998}" = Microsoft Office 2010 Service Pack 1 (SP1)
    "{90140000-002A-0000-1000-0000000FF1CE}_Office14.PROPLUS_{967EF02C-5C7E-4718-8FCB-BDC050190CCF}" = Microsoft Office 2010 Service Pack 1 (SP1)
    "{90140000-002A-0409-1000-0000000FF1CE}_Office14.PROPLUS_{D6C6B46A-6CE1-4561-84A0-EFD58B8AB979}" = Microsoft Office 2010 Service Pack 1 (SP1)
    "{90140000-002C-0409-0000-0000000FF1CE}" = Microsoft Office Proofing (English) 2010
    "{90140000-002C-0409-0000-0000000FF1CE}_Office14.PROPLUS_{7CA93DF4-8902-449E-A42E-4C5923CFBDE3}" = Microsoft Office 2010 Service Pack 1 (SP1)
    "{90140000-0044-0409-0000-0000000FF1CE}" = Microsoft Office InfoPath MUI (English) 2010
    "{90140000-0044-0409-0000-0000000FF1CE}_Office14.PROPLUS_{6BD185A0-E67F-4F77-8BCD-E34EA6AE76DF}" = Microsoft Office 2010 Service Pack 1 (SP1)
    "{90140000-006E-0409-0000-0000000FF1CE}" = Microsoft Office Shared MUI (English) 2010
    "{90140000-006E-0409-0000-0000000FF1CE}_Office14.PROPLUS_{4560037C-E356-444A-A015-D21F487D809E}" = Microsoft Office 2010 Service Pack 1 (SP1)
    "{90140000-00A1-0409-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (English) 2010
    "{90140000-00A1-0409-0000-0000000FF1CE}_Office14.PROPLUS_{6BD185A0-E67F-4F77-8BCD-E34EA6AE76DF}" = Microsoft Office 2010 Service Pack 1 (SP1)
    "{90140000-00BA-0409-0000-0000000FF1CE}" = Microsoft Office Groove MUI (English) 2010
    "{90140000-00BA-0409-0000-0000000FF1CE}_Office14.PROPLUS_{6BD185A0-E67F-4F77-8BCD-E34EA6AE76DF}" = Microsoft Office 2010 Service Pack 1 (SP1)
    "{90140000-0115-0409-0000-0000000FF1CE}" = Microsoft Office Shared Setup Metadata MUI (English) 2010
    "{90140000-0115-0409-0000-0000000FF1CE}_Office14.PROPLUS_{4560037C-E356-444A-A015-D21F487D809E}" = Microsoft Office 2010 Service Pack 1 (SP1)
    "{90140000-0116-0409-1000-0000000FF1CE}_Office14.PROPLUS_{D6C6B46A-6CE1-4561-84A0-EFD58B8AB979}" = Microsoft Office 2010 Service Pack 1 (SP1)
    "{90140000-0117-0409-0000-0000000FF1CE}" = Microsoft Office Access Setup Metadata MUI (English) 2010
    "{90140000-0117-0409-0000-0000000FF1CE}_Office14.PROPLUS_{6BD185A0-E67F-4F77-8BCD-E34EA6AE76DF}" = Microsoft Office 2010 Service Pack 1 (SP1)
    "{92D58719-BBC1-4CC3-A08B-56C9E884CC2C}" = Microsoft_VC80_CRT_x86
    "{92EA4134-10D1-418A-91E1-5A0453131A38}" = Windows Live Movie Maker
    "{94CAC2F1-C856-47F4-AF24-65A1E75AEDB9}" = MotoHelper MergeModules
    "{95120000-00AF-0409-0000-0000000FF1CE}" = Microsoft Office PowerPoint Viewer 2007 (English)
    "{96AE7E41-E34E-47D0-AC07-1091A8127911}" = Realtek USB 2.0 Card Reader
    "{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
    "{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
    "{9D318C86-AF4C-409F-A6AC-7183FF4CF424}" = Internet TV for Windows Media Center
    "{9D56775A-93F3-44A3-8092-840E3826DE30}" = Windows Live Mail
    "{A407FC22-36BF-4C82-A516-59D94BC505A9}" = System Requirements Lab Detection
    "{A726AE06-AAA3-43D1-87E3-70F510314F04}" = Windows Live Writer
    "{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
    "{A9BDCA6B-3653-467B-AC83-94367DA3BFE3}" = Windows Live Photo Common
    "{A9FAD2D5-1C42-4C5C-B5DD-291DA9863BEA}" = 'PTC Places' Namespace Shell Extension
    "{AAAFC670-569B-4A2F-82B4-42945E0DE3EF}" = Windows Live Writer
    "{AAF454FC-82CA-4F29-AB31-6A109485E76E}" = Windows Live Writer
    "{AB67580-257C-45FF-B8F4-C8C30682091A}_is1" = SIW 2011 Home Edition
    "{AC76BA86-7AD7-1033-7B44-AB0000000001}" = Adobe Reader XI (11.0.01)
    "{AC76D478-1033-0000-3478-000000000004}" = Mathcad PDSi viewable support
    "{ADBE46EE-54E0-4610-B436-D7E93D829100}" = Adobe Version Cue CS2
    "{AE09704D-9051-4C25-B940-77F889F0C93F}" = OVTScanner_Vista64
    "{AF0CE7C0-A3E4-4D73-988B-B29187EC6E9A}" = QuickTime
    "{B2EE25B9-5B00-4ACF-94F0-92433C28C39E}" = HP MediaSmart Music/Photo/Video
    "{B2F5D08C-7E79-4FCD-AAF4-57AD35FF0601}" = Adobe Illustrator CS2
    "{B3BC9DB1-0B0A-48B0-B86B-EA77CAA7F800}" = Microsoft Corporation
    "{B4092C6D-E886-4CB2-BA68-FE5A88D31DE6}_is1" = Spybot - Search & Destroy
    "{B51605BF-6326-4553-AE96-6D7F1813D5F5}" = HP User Guides 0154
    "{B6CF2967-C81E-40C0-9815-C05774FEF120}" = Skype Click to Call
    "{B6D38690-755E-4F40-A35A-23F8BC2B86AC}" = Microsoft_VC90_MFCLOC_x86
    "{B74D4E10-1033-0000-0000-000000000001}" = Adobe Bridge 1.0
    "{B9242864-2841-4ADE-86E0-8F90F91B04DD}" = Logitech Gaming Software
    "{BCC315E7-2E8F-4EFD-8A0B-F8F276FE73F2}" = YTD Toolbar v6.2
    "{C0C31BCC-56FB-42a7-8766-D29E1BD74C7C}" = Python 2.7.3
    "{C49DAA9C-5BA8-459A-8244-E57B69DF0F04}" = Suite Specific
    "{C59C179C-668D-49A9-B6EA-0121CCFC1243}" = LabelPrint
    "{C66824E4-CBB3-4851-BB3F-E8CFD6350923}" = Windows Live Mail
    "{CA6BCA2F-EDEB-408F-850B-31404BE16A61}" = I.R.I.S. OCR
    "{CAE7D1D9-3794-4169-B4DD-964ADBC534EE}" = HP Product Detection
    "{CB099890-1D5F-11D5-9EA9-0050BAE317E1}" = PowerDirector
    "{CBF895BD-1DC4-3067-9A01-E00508478D38}" = Google Talk Plugin
    "{CCE825DB-347A-4004-A186-5F4A6FDD8547}" = Apple Application Support
    "{CE95A79E-E4FC-4FFF-8A75-29F04B942FF2}" = Windows Live UX Platform
    "{D0B44725-3666-492D-BEF6-587A14BD9BD9}" = MSVCRT_amd64
    "{D1A19B02-817E-4296-A45B-07853FD74D57}" = Microsoft_VC80_MFC_x86
    "{D436F577-1695-4D2F-8B44-AC76C99E0002}" = Windows Live Photo Common
    "{D45240D3-B6B3-4FF9-B243-54ECE3E10066}" = Windows Live Communications Platform
    "{D481EA96-2313-4A7C-98EE-710D1AF884AC}" = Microsoft Visual Studio 2005 Tools for Applications - ENU
    "{D8DFA46A-39F7-4368-810D-18AFCFDDAEAF}" = Adobe Shockwave Player
    "{D92BBB52-82FF-42ED-8A3C-4E062F944AB7}" = Microsoft_VC80_MFCLOC_x86
    "{DCCAD079-F92C-44DA-B258-624FC6517A5A}" = HP MediaSmart DVD
    "{DDC8BDEE-DCAC-404D-8257-3E8D4B782467}" = Windows Live Writer Resources
    "{DED01768-E634-11E1-AEB0-984BE15F174E}" = Evernote v. 4.5.8
    "{DF2035BE-5820-4965-BD97-7FAF8D4A7879}" = Microsoft_VC90_CRT_x86
    "{DF802C05-4660-418c-970C-B988ADB1D316}" = Microsoft Live Search Toolbar
    "{E09C4DB7-630C-4F06-A631-8EA7239923AF}" = D3DX10
    "{E16C056F-CA75-4D7C-AE79-5813DE0F03F1}_is1" = Wondershare PDF Converter (Build 4.0.1)
    "{E3A5A8AB-58F6-45FF-AFCB-C9AE18C05001}" = IDT Audio
    "{E50AE784-FABE-46DA-A1F8-7B6B56DCB22E}" = Microsoft Office Suite Activation Assistant
    "{E553760D-D7F7-48BF-BD8B-C7E23BA04CB5}" = HP MediaSmart Internet TV
    "{E5F05232-96B6-4552-A480-785A60A94B21}" = System Requirements Lab CYRI
    "{E7C3AD03-0B51-455E-9844-D6C93E3CD9B4}_is1" = Pavtube Media Magician Ver 1.0.0.751
    "{E9787678-1033-0000-8E67-000000000001}" = Adobe Help Center 1.0
    "{EA17F4FC-FDBF-4CF8-A529-2D983132D053}" = Skype™ 6.0
    "{EA5D1265-C23C-4410-B722-19314A654B13}" = calibre
    "{EB4DF488-AAEF-406F-A341-CB2AAA315B90}" = Windows Live Messenger
    "{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}" = Microsoft SQL Server 2005 Compact Edition [ENU]
    "{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}" = Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219
    "{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}" = Intel® Graphics Media Accelerator Driver
    "{F1D7AC58-554A-4A58-B784-B61558B1449A}" = QLBCASL
    "{F333A33D-125C-32A2-8DCE-5C5D14231E27}" = Visual C++ 2008 x86 Runtime - (v9.0.30729)
    "{F333A33D-125C-32A2-8DCE-5C5D14231E27}.vc_x86runtime_30729_01" = Visual C++ 2008 x86 Runtime - v9.0.30729.01
    "{FB4BB287-37F9-4E27-9C4D-2D3882E08EFF}" = DVD Menu Pack for HP MediaSmart Video
    "{FCDBEA60-79F0-4FAE-BBA8-55A26C609A49}" = Visual Studio 2008 x64 Redistributables
    "{FE044230-9CA5-43F7-9B58-5AC5A28A1F33}" = Windows Live Essentials
    "{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022
    "Adobe AIR" = Adobe AIR
    "Adobe Flash Player ActiveX" = Adobe Flash Player 11 ActiveX
    "Adobe Flash Player Plugin" = Adobe Flash Player 11 Plugin
    "Adobe Shockwave Player" = Adobe Shockwave Player 12.0
    "Adobe SVG Viewer" = Adobe SVG Viewer 3.0
    "Amazon MP3 Downloader" = Amazon MP3 Downloader 1.0.17
    "Audacity_is1" = Audacity 1.2.6
    "Audio Record Wizard" = Audio Record Wizard
    "AUDIOzilla_is1" = AUDIOzilla v1.1
    "BioShock" = BioShock
    "CameraUserGuide-PSELPH300HS_IXUS220HS" = Canon PowerShot ELPH 300 HS_IXUS 220 HS Camera User Guide
    "CANON iMAGE GATEWAY Task" = CANON iMAGE GATEWAY Task for ZoomBrowser EX
    "Canon MOV Decoder" = Canon MOV Decoder
    "Canon MOV Encoder" = Canon MOV Encoder
    "chc.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1" = Adobe Community Help
    "Clover" = Clover 2.0
    "com.adobe.mauby.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1" = Acrobat.com
    "D-Fend Reloaded" = D-Fend Reloaded 1.3.2 (deinstall)
    "doubleTwist" = doubleTwist
    "DVD Flick_is1" = DVD Flick 1.3.0.7
    "EES - Engineering Equation Solver" = EES - Engineering Equation Solver
    "ffdshow_is1" = ffdshow [rev 2527] [2008-12-19]
    "FileASSASSIN" = FileASSASSIN
    "GameFly" = GameFly
    "Generic Mod Manager_is1" = Fallout Mod Manager 0.13.21
    "HandBrake" = HandBrake 0.9.6
    "InstallShield_{01FB4998-33C4-4431-85ED-079E3EEFE75D}" = HP MediaSmart Webcam
    "InstallShield_{1FBF6C24-C1FD-4101-A42B-0C564F9E8E79}" = CyberLink DVD Suite
    "InstallShield_{39337565-330E-4ab6-A9AE-AC81E0720B10}" = CyberLink PhotoDirector 3
    "InstallShield_{40BF1E83-20EB-11D8-97C5-0009C5020658}" = Power2Go
    "InstallShield_{67626E09-5366-4480-8F1E-93FADF50CA15}" = HP MediaSmart Live TV
    "InstallShield_{B2EE25B9-5B00-4ACF-94F0-92433C28C39E}" = HP MediaSmart Music/Photo/Video
    "InstallShield_{C59C179C-668D-49A9-B6EA-0121CCFC1243}" = LabelPrint
    "InstallShield_{CB099890-1D5F-11D5-9EA9-0050BAE317E1}" = PowerDirector
    "InstallShield_{DCCAD079-F92C-44DA-B258-624FC6517A5A}" = HP MediaSmart DVD
    "InstallShield_{E553760D-D7F7-48BF-BD8B-C7E23BA04CB5}" = HP MediaSmart Internet TV
    "InstallShield_{FB4BB287-37F9-4E27-9C4D-2D3882E08EFF}" = DVD Menu Pack for HP MediaSmart Video
    "MagicDisc 2.7.106" = MagicDisc 2.7.106
    "Malwarebytes' Anti-Malware_is1" = Malwarebytes Anti-Malware version 1.70.0.1100
    "Mathcad PDSi viewable support" = Mathcad PDSi viewable support
    "Microsoft Visual Studio 2005 Tools for Applications - ENU" = Microsoft Visual Studio 2005 Tools for Applications - ENU
    "MovieEditTask" = Canon MovieEdit Task for ZoomBrowser EX
    "Mozilla Firefox 18.0.2 (x86 en-US)" = Mozilla Firefox 18.0.2 (x86 en-US)
    "MozillaMaintenanceService" = Mozilla Maintenance Service
    "MyCamera Download Plugin" = CANON iMAGE GATEWAY MyCamera Download Plugin
    "Notepad++" = Notepad++
    "Office14.PROPLUS" = Microsoft Office Professional Plus 2010
    "Origin" = Origin
    "PdaNet_is1" = PdaNet for Android 2.45
    "PDF reDirect" = PDF reDirect (remove only)
    "PhotoStitch" = Canon Utilities PhotoStitch
    "Picasa 3" = Picasa 3
    "Punkbuster for Battlefield 1942" = Punkbuster for Battlefield 1942
    "Secunia PSI" = Secunia PSI (3.0.0.6005)
    "Software Guide" = Canon DIGITAL CAMERA Solution Disk Software Guide
    "SolidWorks Installation Manager 20120-40200-1100-100" = SolidWorks 2012 x64 Edition SP02
    "SpeedFan" = SpeedFan (remove only)
    "Steam App 13520" = Far Cry
    "Steam App 20500" = Red Faction: Guerrilla 
    "Steam App 220" = Half-Life 2
    "Steam App 22380" = Fallout: New Vegas
    "Steam App 240" = Counter-Strike: Source
    "Steam App 380" = Half-Life 2: Episode One
    "Steam App 4500" = S.T.A.L.K.E.R.: Shadow of Chernobyl
    "Steam App 500" = Left 4 Dead
    "Steam App 513" = Left 4 Dead Authoring Tools
    "Steam App 564" = Left 4 Dead 2 Add-on Support
    "SumatraPDF" = SumatraPDF
    "TrueCrypt" = TrueCrypt
    "VideoWatermarkPro" = Video Watermark Pro
    "Vid-Saver Extension" = Vid-Saver Extension
    "VLC media player" = VLC media player 2.0.4
    "vShare" = vShare Plugin
    "WinGimp-2.0_is1" = GIMP 2.6.11
    "WinLiveSuite" = Windows Live Essentials
    "WinPcapInst" = WinPcap 4.1.2
    "WinX DVD Ripper Platinum_is1" = WinX DVD Ripper Platinum 6.9.2
    "Wubi" = Ubuntu
    "XYplorer" = XYplorer 11.90
    "ZMBV" = Zip Motion Block Video codec (Remove Only)
    "ZoomBrowser EX Memory Card Utility" = Canon ZoomBrowser EX Memory Card Utility
     
    ========== HKEY_USERS Uninstall List ==========
     
    [HKEY_USERS\S-1-5-21-2480015556-130784185-1519286648-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
    "370ae06654853f88" = RedScreen
    "BTGuard 2.5" = BTGuard 2.5
    "BTGuard Encryption 2.0" = BTGuard Encryption 2.0
    "Dashlane" = Dashlane
    "Flux" = F.lux
    "Google Chrome" = Google Chrome
    "SkyDriveSetup.exe" = Microsoft SkyDrive
    "Spotify" = Spotify
    "WinDirStat" = WinDirStat 1.1.2
     
    ========== Last 20 Event Log Errors ==========
     
    [ Application Events ]
    Error - 2/23/2013 7:11:00 PM | Computer Name = LinuxWannabe-PC | Source = Bonjour Service | ID = 100
    Description = Task Scheduling Error: m->NextScheduledSPRetry 6396
     
    Error - 2/23/2013 7:11:01 PM | Computer Name = LinuxWannabe-PC | Source = Bonjour Service | ID = 100
    Description = Task Scheduling Error: Continuously busy for more than a second
     
    Error - 2/23/2013 7:11:01 PM | Computer Name = LinuxWannabe-PC | Source = Bonjour Service | ID = 100
    Description = Task Scheduling Error: m->NextScheduledEvent 7426
     
    Error - 2/23/2013 7:11:01 PM | Computer Name = LinuxWannabe-PC | Source = Bonjour Service | ID = 100
    Description = Task Scheduling Error: m->NextScheduledSPRetry 7426
     
    Error - 2/23/2013 7:11:03 PM | Computer Name = LinuxWannabe-PC | Source = Bonjour Service | ID = 100
    Description = Task Scheduling Error: Continuously busy for more than a second
     
    Error - 2/23/2013 7:11:03 PM | Computer Name = LinuxWannabe-PC | Source = Bonjour Service | ID = 100
    Description = Task Scheduling Error: m->NextScheduledEvent 8533
     
    Error - 2/23/2013 7:11:03 PM | Computer Name = LinuxWannabe-PC | Source = Bonjour Service | ID = 100
    Description = Task Scheduling Error: m->NextScheduledSPRetry 8533
     
    Error - 2/23/2013 7:11:04 PM | Computer Name = LinuxWannabe-PC | Source = Bonjour Service | ID = 100
    Description = Task Scheduling Error: Continuously busy for more than a second
     
    Error - 2/23/2013 7:11:04 PM | Computer Name = LinuxWannabe-PC | Source = Bonjour Service | ID = 100
    Description = Task Scheduling Error: m->NextScheduledEvent 9532
     
    Error - 2/23/2013 7:11:04 PM | Computer Name = LinuxWannabe-PC | Source = Bonjour Service | ID = 100
    Description = Task Scheduling Error: m->NextScheduledSPRetry 9532
     
    [ Hewlett-Packard Events ]
    Error - 6/26/2010 11:02:48 AM | Computer Name = DelektoJA-PC | Source = Hewlett-Packard | ID = 0
    Description = en-US Could not find file 'C:\Program Files (x86)\Hewlett-Packard\HP
     Support Framework\Logs\SystemInfoAA.xml'. mscorlib    at System.IO.__Error.WinIOError(Int32
     errorCode, String maybeFullPath)     at System.IO.FileStream.Init(String path, FileMode
     mode, FileAccess access, Int32 rights, Boolean useRights, FileShare share, Int32
     bufferSize, FileOptions options, SECURITY_ATTRIBUTES secAttrs, String msgPath, 
    Boolean bFromProxy)     at System.IO.FileStream..ctor(String path, FileMode mode, 
    FileAccess access, FileShare share, Int32 bufferSize, FileOptions options, String
     msgPath, Boolean bFromProxy)     at System.IO.FileStream..ctor(String path, FileMode
     mode, FileAccess access, FileShare share, Int32 bufferSize, FileOptions options)
     
       at System.IO.StreamReader..ctor(String path, Encoding encoding, Boolean detectEncodingFromByteOrderMarks,
     Int32 bufferSize)     at System.IO.StreamReader..ctor(String path, Encoding encoding)
     
       at System.IO.File.ReadAllText(String path, Encoding encoding)     at n.a(Object
     A_0, EventArgs A_1) 
     
    Error - 6/26/2010 11:02:49 AM | Computer Name = DelektoJA-PC | Source = Hewlett-Packard | ID = 0
    Description = en-US Could not find file 'C:\Program Files (x86)\Hewlett-Packard\HP
     Support Framework\Logs\SystemInfoAA.xml'. mscorlib    at System.IO.__Error.WinIOError(Int32
     errorCode, String maybeFullPath)     at System.IO.FileStream.Init(String path, FileMode
     mode, FileAccess access, Int32 rights, Boolean useRights, FileShare share, Int32
     bufferSize, FileOptions options, SECURITY_ATTRIBUTES secAttrs, String msgPath, 
    Boolean bFromProxy)     at System.IO.FileStream..ctor(String path, FileMode mode, 
    FileAccess access, FileShare share, Int32 bufferSize, FileOptions options, String
     msgPath, Boolean bFromProxy)     at System.IO.FileStream..ctor(String path, FileMode
     mode, FileAccess access, FileShare share, Int32 bufferSize, FileOptions options)
     
       at System.IO.StreamReader..ctor(String path, Encoding encoding, Boolean detectEncodingFromByteOrderMarks,
     Int32 bufferSize)     at System.IO.StreamReader..ctor(String path, Encoding encoding)
     
       at System.IO.File.ReadAllText(String path, Encoding encoding)     at n.a(Object
     A_0, EventArgs A_1) 
     
    [ Media Center Events ]
    Error - 9/13/2012 2:17:43 PM | Computer Name = DelektoJA-PC | Source = MCUpdate | ID = 0
    Description = 2:17:42 PM - Failed to retrieve SportsSchedule (Error: The underlying
     connection was closed: Could not establish trust relationship for the SSL/TLS secure
     channel.)  
     
    Error - 9/13/2012 2:17:49 PM | Computer Name = DelektoJA-PC | Source = MCUpdate | ID = 0
    Description = 2:17:43 PM - Failed to retrieve SportsV2 (Error: The underlying connection
     was closed: Could not establish trust relationship for the SSL/TLS secure channel.)
     
     
    Error - 9/13/2012 2:17:56 PM | Computer Name = DelektoJA-PC | Source = MCUpdate | ID = 0
    Description = 2:17:51 PM - Failed to retrieve Broadband (Error: The underlying connection
     was closed: Could not establish trust relationship for the SSL/TLS secure channel.)
     
     
    Error - 9/14/2012 6:51:04 AM | Computer Name = DelektoJA-PC | Source = MCUpdate | ID = 0
    Description = 6:51:04 AM - Failed to retrieve Directory (Error: The underlying connection
     was closed: Could not establish trust relationship for the SSL/TLS secure channel.)
     
     
    Error - 9/14/2012 6:51:06 AM | Computer Name = DelektoJA-PC | Source = MCUpdate | ID = 0
    Description = 6:51:05 AM - Failed to retrieve NetTV (Error: The underlying connection
     was closed: Could not establish trust relationship for the SSL/TLS secure channel.)
     
     
    Error - 9/14/2012 6:51:07 AM | Computer Name = DelektoJA-PC | Source = MCUpdate | ID = 0
    Description = 6:51:06 AM - Failed to retrieve MCESpotlight (Error: The underlying
     connection was closed: Could not establish trust relationship for the SSL/TLS secure
     channel.)  
     
    Error - 9/14/2012 6:51:07 AM | Computer Name = DelektoJA-PC | Source = MCUpdate | ID = 0
    Description = 6:51:07 AM - Failed to retrieve MCEClientUX (Error: The underlying
     connection was closed: Could not establish trust relationship for the SSL/TLS secure
     channel.)  
     
    Error - 9/14/2012 6:51:08 AM | Computer Name = DelektoJA-PC | Source = MCUpdate | ID = 0
    Description = 6:51:08 AM - Failed to retrieve SportsSchedule (Error: The underlying
     connection was closed: Could not establish trust relationship for the SSL/TLS secure
     channel.)  
     
    Error - 9/14/2012 6:51:09 AM | Computer Name = DelektoJA-PC | Source = MCUpdate | ID = 0
    Description = 6:51:09 AM - Failed to retrieve SportsV2 (Error: The underlying connection
     was closed: Could not establish trust relationship for the SSL/TLS secure channel.)
     
     
    Error - 9/14/2012 6:51:10 AM | Computer Name = DelektoJA-PC | Source = MCUpdate | ID = 0
    Description = 6:51:10 AM - Failed to retrieve Broadband (Error: The underlying connection
     was closed: Could not establish trust relationship for the SSL/TLS secure channel.)
     
     
    [ System Events ]
    Error - 2/23/2013 3:30:24 AM | Computer Name = LinuxWannabe-PC | Source = Ntfs | ID = 262199
    Description = The file system structure on the disk is corrupt and unusable.  Please
     run the chkdsk utility on the volume \Device\HarddiskVolume2.
     
    Error - 2/23/2013 9:53:20 AM | Computer Name = LinuxWannabe-PC | Source = Service Control Manager | ID = 7034
    Description = The MBAMService service terminated unexpectedly.  It has done this
     1 time(s).
     
    Error - 2/23/2013 10:16:27 AM | Computer Name = LinuxWannabe-PC | Source = EventLog | ID = 6008
    Description = The previous system shutdown at 8:56:11 AM on ?2/?23/?2013 was unexpected.
     
    Error - 2/23/2013 10:17:20 AM | Computer Name = LinuxWannabe-PC | Source = Service Control Manager | ID = 7026
    Description = The following boot-start or system-start driver(s) failed to load:
       hola_net
     
    Error - 2/23/2013 12:46:51 PM | Computer Name = LinuxWannabe-PC | Source = Service Control Manager | ID = 7034
    Description = The Skype C2C Service service terminated unexpectedly.  It has done
     this 1 time(s).
     
    Error - 2/23/2013 1:00:22 PM | Computer Name = LinuxWannabe-PC | Source = Service Control Manager | ID = 7030
    Description = The PEVSystemStart service is marked as an interactive service.  However,
     the system is configured to not allow interactive services.  This service may not
     function properly.
     
    Error - 2/23/2013 1:06:01 PM | Computer Name = LinuxWannabe-PC | Source = Service Control Manager | ID = 7030
    Description = The PEVSystemStart service is marked as an interactive service.  However,
     the system is configured to not allow interactive services.  This service may not
     function properly.
     
    Error - 2/23/2013 2:13:42 PM | Computer Name = LinuxWannabe-PC | Source = Service Control Manager | ID = 7030
    Description = The PEVSystemStart service is marked as an interactive service.  However,
     the system is configured to not allow interactive services.  This service may not
     function properly.
     
    Error - 2/23/2013 2:18:34 PM | Computer Name = LinuxWannabe-PC | Source = Service Control Manager | ID = 7030
    Description = The PEVSystemStart service is marked as an interactive service.  However,
     the system is configured to not allow interactive services.  This service may not
     function properly.
     
    Error - 2/23/2013 7:21:21 PM | Computer Name = LinuxWannabe-PC | Source = Service Control Manager | ID = 7011
    Description = A timeout (30000 milliseconds) was reached while waiting for a transaction
     response from the ShellHWDetection service.
     
     
    < End of report >


    #13 jeffce

    jeffce

      Bleepin' Super Saiyan


    • Malware Response Team
    • 3,442 posts
    • OFFLINE
    •  
    • Gender:Male
    • Location:USA
    • Local time:05:36 AM

    Posted 23 February 2013 - 09:41 PM

    Please download and run ERUNT (Emergency Recovery Utility NT). This program allows you to keep a complete backup of your registry and restore it when needed. The standard registry backup options that come with Windows back up most of the registry but not all of it. ERUNT however creates a complete backup set, including the Security hive and user related sections. ERUNT is easy to use and since it creates a full backup, there are no options or choices other than to select the location of the backup files. The backup set includes a small executable that will launch the registry restore if needed. **Remember if you are using Windows Vista as your operating system right-click the executable and Run as Administrator.
    ----------

    OTL.jpg Run OTL.exe
    • Copy/paste the following text written inside of the quote box into the Custom Scans/Fixes box located at the bottom of OTL

    :Services

    :OTL
    IE:64bit: - HKLM\..\SearchScopes\{B2BA3582-00F5-467C-BD0D-662553BF004E}: "URL" = http://www.ask.com/web?q={searchterms}&l=dis&o=ushpl
    IE - HKLM\..\SearchScopes\{B2BA3582-00F5-467C-BD0D-662553BF004E}: "URL" = http://www.ask.com/web?q={searchterms}&l=dis&o=ushpl
    IE - HKU\S-1-5-21-2480015556-130784185-1519286648-1001\..\SearchScopes\{043C5167-00BB-4324-AF7E-62013FAEDACF}: "URL" = http://vshare.toolbarhome.com/search.aspx?q={searchTerms}&srch=dsp
    [2012/10/13 12:27:00 | 000,037,914 | ---- | M] () (No name found) -- C:\Users\DelektoJA\AppData\Roaming\Mozilla\Firefox\Profiles\0\extensions\{5a95a9e0-59dd-4314-bd84-4d18ca83a0e2}.xpi
    [2013/02/01 21:58:41 | 000,423,679 | ---- | M] () (No name found) -- C:\Users\DelektoJA\AppData\Roaming\Mozilla\Firefox\Profiles\s90ssnxf.default\extensions\jid1-xUfzOsOFlzSOXg@jetpack.xpi
    O2 - BHO: (vShare Plugin) - {043C5167-00BB-4324-AF7E-62013FAEDACF} - C:\Program Files (x86)\vShare\vshare_toolbar.dll ()
    O2 - BHO: (no name) - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - No CLSID value found.
    O2 - BHO: (YTD Toolbar) - {F3FEE66E-E034-436a-86E4-9690573BEE8A} - Reg Error: Value error. File not found
    O2 - BHO: (no name) - {F8A6CAA2-533D-4AED-9E05-8EB19A4021AB} - No CLSID value found.
    O3 - HKLM\..\Toolbar: (vShare Plugin) - {043C5167-00BB-4324-AF7E-62013FAEDACF} - C:\Program Files (x86)\vShare\vshare_toolbar.dll ()
    O3 - HKLM\..\Toolbar: (no name) - {10EDB994-47F8-43F7-AE96-F2EA63E9F90F} - No CLSID value found.
    [1 C:\Windows\SysNative\drivers\*.tmp files -> C:\Windows\SysNative\drivers\*.tmp -> ]
    [1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]

    :Files
    ipconfig /flushdns /c

    :Commands
    [emptytemp]
    [start explorer]
    [Reboot]

    • Then click the Run Fix button at the top
    • Let the program run unhindered, reboot when it is done
    • Then run a new scan and post a new OTL log ( don't check the boxes beside LOP Check or Purity this time )
    ----------

    Post the logs made by OTL and let me know how your system is running now.

    WFxJwA4.png
     
    mvp_horizontal_fullcolor-(copy2).jpeg
     


    #14 dele21

    dele21
    • Topic Starter

    • Members
    • 20 posts
    • OFFLINE
    •  
    • Gender:Male
    • Location:'Merica
    • Local time:05:36 AM

    Posted 23 February 2013 - 11:21 PM

    OTL logfile created on: 2/23/2013 10:40:26 PM - Run 2
    OTL by OldTimer - Version 3.2.69.0     Folder = C:\Users\DelektoJA\Desktop
    64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
    Internet Explorer (Version = 9.0.8112.16421)
    Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy
     
    3.80 Gb Total Physical Memory | 1.28 Gb Available Physical Memory | 33.53% Memory free
    7.61 Gb Paging File | 4.39 Gb Available in Paging File | 57.70% Paging File free
    Paging file location(s): ?:\pagefile.sys [binary data]
     
    %SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
    Drive C: | 452.34 Gb Total Space | 159.65 Gb Free Space | 35.29% Space Free | Partition Type: NTFS
    Drive D: | 13.13 Gb Total Space | 2.15 Gb Free Space | 16.40% Space Free | Partition Type: NTFS
    Drive E: | 99.02 Mb Total Space | 95.15 Mb Free Space | 96.09% Space Free | Partition Type: FAT32
    Drive I: | 199.00 Mb Total Space | 160.82 Mb Free Space | 80.81% Space Free | Partition Type: NTFS
    Drive M: | 110.00 Mb Total Space | 102.41 Mb Free Space | 93.10% Space Free | Partition Type: NTFS
    Drive T: | 984.74 Gb Total Space | 205.29 Gb Free Space | 20.85% Space Free | Partition Type: NTFS
     
    Computer Name: LINUXWANNABE-PC | User Name: DelektoJA | Logged in as Administrator.
    Boot Mode: Normal | Scan Mode: Current user | Quick Scan | Include 64bit Scans
    Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days
     
    ========== Processes (SafeList) ==========
     
    PRC - C:\Users\DelektoJA\Desktop\OTL.exe (OldTimer Tools)
    PRC - C:\Users\DelektoJA\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe (Spotify Ltd)
    PRC - C:\Program Files (x86)\Secunia\PSI\psia.exe (Secunia)
    PRC - C:\Program Files (x86)\Secunia\PSI\sua.exe (Secunia)
    PRC - C:\Program Files (x86)\Secunia\PSI\psi_tray.exe (Secunia)
    PRC - C:\Users\DelektoJA\AppData\Roaming\Dashlane\bin\Firefox_Extension\{442718d9-475e-452a-b3e1-fb1ee16b8e9f}\components\Dashlane.exe ()
    PRC - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe (Adobe Systems Incorporated)
    PRC - C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe (Malwarebytes Corporation)
    PRC - C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe (Malwarebytes Corporation)
    PRC - C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe (Malwarebytes Corporation)
    PRC - C:\Users\DelektoJA\AppData\Local\Microsoft\SkyDrive\SkyDrive.exe (Microsoft Corporation)
    PRC - C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe (Skype Technologies S.A.)
    PRC - C:\Program Files (x86)\Motorola Media Link\Lite\NServiceEntry.exe (Nero AG)
    PRC - C:\Program Files (x86)\Hewlett-Packard\Shared\HPDrvMntSvc.exe (Hewlett-Packard Company)
    PRC - c:\Program Files (x86)\Hewlett-Packard\Media\Live TV\TVAgent.exe (CyberLink Corp.)
    PRC - c:\Program Files (x86)\Hewlett-Packard\TouchSmart\Media\Kernel\CLML\CLMLSvc.exe (CyberLink)
    PRC - C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe (Intel Corporation)
    PRC - C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe (Intel Corporation)
    PRC - C:\Users\DelektoJA\Local Settings\Apps\F.lux\flux.exe ()
    PRC - C:\Program Files (x86)\Spybot - Search & Destroy\SDWinSec.exe (Safer Networking Ltd.)
     
     
    ========== Modules (No Company Name) ==========
     
    MOD - C:\Users\DelektoJA\AppData\Local\Google\Chrome\User Data\PepperFlash\11.6.602.167\pepflashplayer.dll ()
    MOD - C:\Users\DelektoJA\AppData\Roaming\Dashlane\bin\Firefox_Extension\{442718d9-475e-452a-b3e1-fb1ee16b8e9f}\components\Kwift_NPAPI_exports.dll ()
    MOD - C:\Users\DelektoJA\AppData\Roaming\Dashlane\bin\Firefox_Extension\{442718d9-475e-452a-b3e1-fb1ee16b8e9f}\components\KWMainLib.dll ()
    MOD - C:\Users\DelektoJA\AppData\Roaming\Dashlane\bin\Firefox_Extension\{442718d9-475e-452a-b3e1-fb1ee16b8e9f}\components\KWMainLibData.dll ()
    MOD - C:\Users\DelektoJA\AppData\Roaming\Dashlane\bin\Firefox_Extension\{442718d9-475e-452a-b3e1-fb1ee16b8e9f}\components\KWMainLib_win.dll ()
    MOD - C:\Users\DelektoJA\AppData\Roaming\Dashlane\bin\Firefox_Extension\{442718d9-475e-452a-b3e1-fb1ee16b8e9f}\components\Dashlane.exe ()
    MOD - C:\Users\DelektoJA\AppData\Roaming\Dashlane\bin\Firefox_Extension\{442718d9-475e-452a-b3e1-fb1ee16b8e9f}\components\KWApplication.dll ()
    MOD - C:\Users\DelektoJA\AppData\Roaming\Dashlane\bin\Firefox_Extension\{442718d9-475e-452a-b3e1-fb1ee16b8e9f}\components\KWData.dll ()
    MOD - C:\Users\DelektoJA\AppData\Roaming\Dashlane\bin\Firefox_Extension\{442718d9-475e-452a-b3e1-fb1ee16b8e9f}\components\KWExternLib.dll ()
    MOD - C:\Users\DelektoJA\AppData\Roaming\Dashlane\bin\Firefox_Extension\{442718d9-475e-452a-b3e1-fb1ee16b8e9f}\components\KWUtils.dll ()
    MOD - C:\Users\DelektoJA\AppData\Roaming\Dashlane\bin\Firefox_Extension\{442718d9-475e-452a-b3e1-fb1ee16b8e9f}\components\KWDebug.dll ()
    MOD - C:\Users\DelektoJA\AppData\Roaming\Dashlane\bin\Firefox_Extension\{442718d9-475e-452a-b3e1-fb1ee16b8e9f}\components\KWDebugDll_win32.dll ()
    MOD - C:\Users\DelektoJA\AppData\Local\Google\Chrome\Application\24.0.1312.57\ppgooglenaclpluginchrome.dll ()
    MOD - C:\Users\DelektoJA\AppData\Local\Google\Chrome\Application\24.0.1312.57\pdf.dll ()
    MOD - C:\Users\DelektoJA\AppData\Local\Google\Chrome\Application\24.0.1312.57\libglesv2.dll ()
    MOD - C:\Users\DelektoJA\AppData\Local\Google\Chrome\Application\24.0.1312.57\libegl.dll ()
    MOD - C:\Users\DelektoJA\AppData\Local\Google\Chrome\Application\24.0.1312.57\ffmpegsumo.dll ()
    MOD - C:\Program Files (x86)\Common Files\microsoft shared\OFFICE14\Cultures\OFFICE.ODF ()
    MOD - C:\Program Files (x86)\Microsoft Office\Office14\1033\GrooveIntlResource.dll ()
    MOD - c:\Program Files (x86)\Hewlett-Packard\Media\Live TV\Kernel\TV\CLCapEngine.dll ()
    MOD - c:\Program Files (x86)\Hewlett-Packard\Media\Live TV\Kernel\TV\CLSchMgr.dll ()
    MOD - c:\Program Files (x86)\Hewlett-Packard\Media\Live TV\Kernel\TV\CLTinyDB.dll ()
    MOD - c:\Program Files (x86)\Hewlett-Packard\TouchSmart\Media\Kernel\CLML\CLMediaLibrary.dll ()
    MOD - C:\Users\DelektoJA\Local Settings\Apps\F.lux\flux.exe ()
     
     
    ========== Services (SafeList) ==========
     
    SRV:64bit: - (FLEXnet Licensing Service 64) -- C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService64.exe (Flexera Software, Inc.)
    SRV:64bit: - (HitmanProScheduler) -- C:\Program Files\HitmanPro\hmpsched.exe (SurfRight B.V.)
    SRV:64bit: - (SolutoLauncherService) -- C:\Program Files\Soluto\SolutoLauncherService.exe (Soluto)
    SRV:64bit: - (SolutoService) -- C:\Program Files\Soluto\SolutoService.exe (Soluto)
    SRV:64bit: - (SolutoRemoteService) -- C:\Program Files\Soluto\SolutoRemoteService.exe (Soluto)
    SRV:64bit: - (BdDesktopParental) -- C:\Program Files\Bitdefender\Bitdefender 2013\bdparentalservice.exe (Bitdefender)
    SRV:64bit: - (NisSrv) -- c:\Program Files\Microsoft Security Client\NisSrv.exe (Microsoft Corporation)
    SRV:64bit: - (MsMpSvc) -- c:\Program Files\Microsoft Security Client\MsMpEng.exe (Microsoft Corporation)
    SRV:64bit: - (VSSERV) -- C:\Program Files\Bitdefender\Bitdefender 2013\vsserv.exe (Bitdefender)
    SRV:64bit: - (UPDATESRV) -- C:\Program Files\Bitdefender\Bitdefender 2013\updatesrv.exe (Bitdefender)
    SRV:64bit: - (CGVPNCliSrvc) -- C:\Program Files\CyberGhost VPN\CGVPNCliService.exe (mobile concepts GmbH)
    SRV:64bit: - (CoordinatorServiceHost) -- C:\Program Files\SolidWorks Corp\SolidWorks\swScheduler\DTSCoordinatorService.exe (Dassault Systèmes SolidWorks Corp.)
    SRV:64bit: - (LBTServ) -- C:\Program Files\Common Files\LogiShrd\Bluetooth\LBTServ.exe (Logitech, Inc.)
    SRV:64bit: - (hpsrv) -- C:\Windows\SysNative\hpservice.exe (Hewlett-Packard Company)
    SRV:64bit: - (HPSIService) -- C:\Windows\SysNative\HPSIsvc.exe (HP)
    SRV:64bit: - (MSCamSvc) -- C:\Program Files\Microsoft LifeCam\MSCamS64.exe (Microsoft Corporation)
    SRV:64bit: - (STacSV) -- C:\Windows\SysNative\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_70dacb64382a61a7\stacsv64.exe (IDT, Inc.)
    SRV:64bit: - (WinDefend) -- C:\Program Files\Windows Defender\MpSvc.dll (Microsoft Corporation)
    SRV:64bit: - (vcsFPService) -- C:\Windows\SysNative\vcsFPService.exe (Validity Sensors, Inc.)
    SRV:64bit: - (AESTFilters) -- C:\Windows\SysNative\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_70dacb64382a61a7\AESTSr64.exe (Andrea Electronics Corporation)
    SRV - (AdobeFlashPlayerUpdateSvc) -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe (Adobe Systems Incorporated)
    SRV - (SolidWorks Licensing Service) -- C:\Program Files (x86)\Common Files\SolidWorks Shared\Service\SolidWorksLicensing.exe (SolidWorks)
    SRV - (FLEXnet Licensing Service) -- C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe (Flexera Software, Inc.)
    SRV - (Secunia PSI Agent) -- C:\Program Files (x86)\Secunia\PSI\psia.exe (Secunia)
    SRV - (Secunia Update Agent) -- C:\Program Files (x86)\Secunia\PSI\sua.exe (Secunia)
    SRV - (MozillaMaintenance) -- C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe (Mozilla Foundation)
    SRV - (AdobeARMservice) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe (Adobe Systems Incorporated)
    SRV - (MBAMService) -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe (Malwarebytes Corporation)
    SRV - (MBAMScheduler) -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe (Malwarebytes Corporation)
    SRV - (SkypeUpdate) -- C:\Program Files (x86)\Skype\Updater\Updater.exe (Skype Technologies)
    SRV - (PnkBstrA) -- C:\Windows\SysWOW64\PnkBstrA.exe ()
    SRV - (Steam Client Service) -- C:\Program Files (x86)\Common Files\Steam\SteamService.exe (Valve Corporation)
    SRV - (Skype C2C Service) -- C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe (Skype Technologies S.A.)
    SRV - (DeviceMonitorService) -- C:\Program Files (x86)\Motorola Media Link\Lite\NServiceEntry.exe (Nero AG)
    SRV - (HPDrvMntSvc.exe) -- C:\Program Files (x86)\Hewlett-Packard\Shared\HPDrvMntSvc.exe (Hewlett-Packard Company)
    SRV - (STacSV) -- C:\Windows\System32\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_70dacb64382a61a7\STacSV64.exe (IDT, Inc.)
    SRV - (clr_optimization_v4.0.30319_32) -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe (Microsoft Corporation)
    SRV - (UNS) -- C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe (Intel Corporation)
    SRV - (LMS) -- C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe (Intel Corporation)
    SRV - (vcsFPService) -- C:\Windows\SysWOW64\vcsFPService.exe (Validity Sensors, Inc.)
    SRV - (clr_optimization_v2.0.50727_32) -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe (Microsoft Corporation)
    SRV - (AESTFilters) -- C:\Windows\System32\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_70dacb64382a61a7\AESTSr64.exe (Andrea Electronics Corporation)
    SRV - (Adobe Version Cue CS2) -- c:\Program Files (x86)\Adobe\Adobe Version Cue CS2\bin\VersionCueCS2.exe (Adobe Systems Incorporated)
     
     
    ========== Driver Services (SafeList) ==========
     
    DRV:64bit: - (PSI) -- C:\Windows\SysNative\drivers\psi_mf_amd64.sys (Secunia)
    DRV:64bit: - (Soluto) -- C:\Windows\SysNative\drivers\Soluto.sys (Soluto LTD.)
    DRV:64bit: - (hola_net) -- C:\Windows\SysNative\drivers\hola_net.sys (Hola Networks Ltd.)
    DRV:64bit: - (NisDrv) -- C:\Windows\SysNative\drivers\NisDrvWFP.sys (Microsoft Corporation)
    DRV:64bit: - (truecrypt) -- C:\Windows\SysNative\drivers\truecrypt.sys (TrueCrypt Foundation)
    DRV:64bit: - (avc3) -- C:\Windows\SysNative\drivers\avc3.sys (BitDefender)
    DRV:64bit: - (avckf) -- C:\Windows\SysNative\drivers\avckf.sys (BitDefender)
    DRV:64bit: - (MBAMProtector) -- C:\Windows\SysNative\drivers\mbam.sys (Malwarebytes Corporation)
    DRV:64bit: - (BDSandBox) -- C:\Windows\SysNative\drivers\bdsandbox.sys (BitDefender SRL)
    DRV:64bit: - (avchv) -- C:\Windows\SysNative\drivers\avchv.sys (BitDefender)
    DRV:64bit: - (trufos) -- C:\Windows\SysNative\drivers\trufos.sys (BitDefender S.R.L.)
    DRV:64bit: - (VBoxNetAdp) -- C:\Windows\SysNative\drivers\VBoxNetAdp.sys (Oracle Corporation)
    DRV:64bit: - (Point64) -- C:\Windows\SysNative\drivers\point64.sys (Microsoft Corporation)
    DRV:64bit: - (dc3d) -- C:\Windows\SysNative\drivers\dc3d.sys (Microsoft Corporation)
    DRV:64bit: - (USBAAPL64) -- C:\Windows\SysNative\drivers\usbaapl64.sys (Apple, Inc.)
    DRV:64bit: - (mvusbews) -- C:\Windows\SysNative\drivers\mvusbews.sys (Marvell Semiconductor, Inc.)
    DRV:64bit: - (gzflt) -- C:\Windows\SysNative\drivers\gzflt.sys (BitDefender LLC)
    DRV:64bit: - (RdpVideoMiniport) -- C:\Windows\SysNative\drivers\rdpvideominiport.sys (Microsoft Corporation)
    DRV:64bit: - (TsUsbFlt) -- C:\Windows\SysNative\drivers\TsUsbFlt.sys (Microsoft Corporation)
    DRV:64bit: - (GEARAspiWDM) -- C:\Windows\SysNative\drivers\GEARAspiWDM.sys (GEAR Software Inc.)
    DRV:64bit: - (BdfNdisf) -- c:\Program Files\Common Files\Bitdefender\Bitdefender Firewall\bdfndisf6.sys (BitDefender LLC)
    DRV:64bit: - (Fs_Rec) -- C:\Windows\SysNative\drivers\fs_rec.sys (Microsoft Corporation)
    DRV:64bit: - (tap0901) -- C:\Windows\SysNative\drivers\tap0901.sys (The OpenVPN Project)
    DRV:64bit: - (bdfwfpf) -- C:\Program Files\Common Files\Bitdefender\Bitdefender Firewall\bdfwfpf.sys (BitDefender LLC)
    DRV:64bit: - (SynTP) -- C:\Windows\SysNative\drivers\SynTP.sys (Synaptics Incorporated)
    DRV:64bit: - (LMouFilt) -- C:\Windows\SysNative\drivers\LMouFilt.Sys (Logitech, Inc.)
    DRV:64bit: - (LHidFilt) -- C:\Windows\SysNative\drivers\LHidFilt.Sys (Logitech, Inc.)
    DRV:64bit: - (iPodDrv) -- C:\Windows\SysNative\drivers\iPodDrv.sys (Windows ® Codename Longhorn DDK provider)
    DRV:64bit: - (hpdskflt) -- C:\Windows\SysNative\drivers\hpdskflt.sys (Hewlett-Packard Company)
    DRV:64bit: - (Accelerometer) -- C:\Windows\SysNative\drivers\Accelerometer.sys (Hewlett-Packard Company)
    DRV:64bit: - (NuidFltr) -- C:\Windows\SysNative\drivers\nuidfltr.sys (Microsoft Corporation)
    DRV:64bit: - (amdsata) -- C:\Windows\SysNative\drivers\amdsata.sys (Advanced Micro Devices)
    DRV:64bit: - (amdxata) -- C:\Windows\SysNative\drivers\amdxata.sys (Advanced Micro Devices)
    DRV:64bit: - (MSHUSBVideo) -- C:\Windows\SysNative\drivers\nx6000.sys (Microsoft Corporation)
    DRV:64bit: - (HpSAMD) -- C:\Windows\SysNative\drivers\HpSAMD.sys (Hewlett-Packard Company)
    DRV:64bit: - (sdbus) -- C:\Windows\SysNative\drivers\sdbus.sys (Microsoft Corporation)
    DRV:64bit: - (pneteth) -- C:\Windows\SysNative\drivers\pneteth.sys (June Fabrics Technology Inc.)
    DRV:64bit: - (ivusb) -- C:\Windows\SysNative\drivers\ivusb.sys (Initio Corporation)
    DRV:64bit: - (NETw5s64) -- C:\Windows\SysNative\drivers\NETw5s64.sys (Intel Corporation)
    DRV:64bit: - (sptd) -- C:\Windows\SysNative\drivers\sptd.sys ()
    DRV:64bit: - (STHDA) -- C:\Windows\SysNative\drivers\stwrt64.sys (IDT, Inc.)
    DRV:64bit: - (igfx) -- C:\Windows\SysNative\drivers\igdkmd64.sys (Intel Corporation)
    DRV:64bit: - (IntcDAud) -- C:\Windows\SysNative\drivers\IntcDAud.sys (Intel® Corporation)
    DRV:64bit: - (HECIx64) -- C:\Windows\SysNative\drivers\HECIx64.sys (Intel Corporation)
    DRV:64bit: - (RSUSBSTOR) -- C:\Windows\SysNative\drivers\RtsUStor.sys (Realtek Semiconductor Corp.)
    DRV:64bit: - (iaStor) -- C:\Windows\SysNative\drivers\iaStor.sys (Intel Corporation)
    DRV:64bit: - (RTL8167) -- C:\Windows\SysNative\drivers\Rt64win7.sys (Realtek                                            )
    DRV:64bit: - (amdsbs) -- C:\Windows\SysNative\drivers\amdsbs.sys (AMD Technologies Inc.)
    DRV:64bit: - (LSI_SAS2) -- C:\Windows\SysNative\drivers\lsi_sas2.sys (LSI Corporation)
    DRV:64bit: - (stexstor) -- C:\Windows\SysNative\drivers\stexstor.sys (Promise Technology)
    DRV:64bit: - (WSDPrintDevice) -- C:\Windows\SysNative\drivers\WSDPrint.sys (Microsoft Corporation)
    DRV:64bit: - (StillCam) -- C:\Windows\SysNative\drivers\serscan.sys (Microsoft Corporation)
    DRV:64bit: - (ROOTMODEM) -- C:\Windows\SysNative\drivers\rootmdm.sys (Microsoft Corporation)
    DRV:64bit: - (usb_rndisx) -- C:\Windows\SysNative\drivers\usb8023x.sys (Microsoft Corporation)
    DRV:64bit: - (enecir) -- C:\Windows\SysNative\drivers\enecir.sys (ENE TECHNOLOGY INC.)
    DRV:64bit: - (SrvHsfV92) -- C:\Windows\SysNative\drivers\VSTDPV6.SYS (Conexant Systems, Inc.)
    DRV:64bit: - (SrvHsfWinac) -- C:\Windows\SysNative\drivers\VSTCNXT6.SYS (Conexant Systems, Inc.)
    DRV:64bit: - (SrvHsfHDA) -- C:\Windows\SysNative\drivers\VSTAZL6.SYS (Conexant Systems, Inc.)
    DRV:64bit: - (yukonw7) -- C:\Windows\SysNative\drivers\yk62x64.sys (Marvell)
    DRV:64bit: - (netw5v64) -- C:\Windows\SysNative\drivers\netw5v64.sys (Intel Corporation)
    DRV:64bit: - (BCM43XX) -- C:\Windows\SysNative\drivers\BCMWL664.SYS (Broadcom Corporation)
    DRV:64bit: - (ebdrv) -- C:\Windows\SysNative\drivers\evbda.sys (Broadcom Corporation)
    DRV:64bit: - (b06bdrv) -- C:\Windows\SysNative\drivers\bxvbda.sys (Broadcom Corporation)
    DRV:64bit: - (b57nd60a) -- C:\Windows\SysNative\drivers\b57nd60a.sys (Broadcom Corporation)
    DRV:64bit: - (hcw85cir) -- C:\Windows\SysNative\drivers\hcw85cir.sys (Hauppauge Computer Works, Inc.)
    DRV:64bit: - (HpqKbFiltr) -- C:\Windows\SysNative\drivers\HpqKbFiltr.sys (Hewlett-Packard Development Company, L.P.)
    DRV:64bit: - (hamachi) -- C:\Windows\SysNative\drivers\hamachi.sys (LogMeIn, Inc.)
    DRV:64bit: - (mcdbus) -- C:\Windows\SysNative\drivers\mcdbus.sys (MagicISO, Inc.)
    DRV:64bit: - (WDC_SAM) -- C:\Windows\SysNative\drivers\wdcsam64.sys (Western Digital Technologies)
    DRV:64bit: - (OV550I) -- C:\Windows\SysNative\drivers\ov550ivx.sys (Omnivision Technologies, Inc.)
    DRV:64bit: - (PAC207) -- C:\Windows\SysNative\drivers\PFC027.SYS (PixArt Imaging Inc.)
    DRV:64bit: - (pnetmdm) -- C:\Windows\SysNative\drivers\pnetmdm64.sys (June Fabrics Technology)
    DRV - (RSUSBSTOR) -- C:\Windows\SysWOW64\drivers\RtsUStor.sys (Realtek Semiconductor Corp.)
    DRV - (WIMMount) -- C:\Windows\SysWOW64\drivers\wimmount.sys (Microsoft Corporation)
    DRV - (mcdbus) -- C:\Windows\SysWOW64\drivers\mcdbus.sys (MagicISO, Inc.)
     
     
    ========== Standard Registry (SafeList) ==========
     
     
    ========== Internet Explorer ==========
     
    IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = about:blank
    IE:64bit: - HKLM\..\SearchScopes,DefaultScope = {6A1806CD-94D4-4689-BA73-E35EA1EA9990}
    IE:64bit: - HKLM\..\SearchScopes\{A252CCA8-8819-4C5C-8652-76624B3EBBEB}: "URL" = http://www.bing.com/search?q={searchTerms}&form=HPNTDF&pc=HPNTDF&src=IE-SearchBox
    IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
    IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = about:blank
    IE - HKLM\..\SearchScopes,DefaultScope = {6A1806CD-94D4-4689-BA73-E35EA1EA9990}
    IE - HKLM\..\SearchScopes\{A252CCA8-8819-4C5C-8652-76624B3EBBEB}: "URL" = http://www.bing.com/search?q={searchTerms}&form=HPNTDF&pc=HPNTDF&src=IE-SearchBox
     
    IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://postview.vmi.edu/
    IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Search,Default_Search_URL = http://www.google.com/ie
    IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.google.com/ie
    IE - HKCU\..\SearchScopes,DefaultScope = {8DD60203-0609-41A9-9DF7-36F517FC6E52}
    IE - HKCU\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = http://www.google.com/search?q={searchTerms}&rlz=1I7MOOI_en&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7
    IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
    IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = 192.168.*.*;localhost;*.local
     
    ========== FireFox ==========
     
    FF - prefs.js..browser.startup.homepage: "http://www.google.com/"
    FF - prefs.js..extensions.enabledAddons: %7Bd40f5e7b-d2cf-4856-b441-cc613eeffbe3%7D:1.68
    FF - prefs.js..extensions.enabledAddons: %7Bb9db16a4-6edc-47ec-a1f4-b86292ed211d%7D:4.9.13
    FF - prefs.js..extensions.enabledAddons: %7BDDC359D1-844A-42a7-9AA1-88A850A938A8%7D:2.0.15
    FF - prefs.js..extensions.enabledAddons: firefox%40ghostery.com:2.8.4
    FF - prefs.js..extensions.enabledAddons: adblockpopups%40jessehakanen.net:0.6
    FF - prefs.js..extensions.enabledAddons: %7B442718d9-475e-452a-b3e1-fb1ee16b8e9f%7D:1.7.5.28568
    FF - prefs.js..extensions.enabledAddons: %7B1018e4d6-728f-4b20-ad56-37578a4de76b%7D:4.2.6
    FF - prefs.js..extensions.enabledAddons: %7B972ce4c6-7e08-4474-a285-3208198ce6fd%7D:18.0.2
    FF - user.js - File not found
     
    FF:64bit: - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF64_11_5_502_149.dll File not found
    FF:64bit: - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files\Java\jre6\bin\plugin2\npjp2.dll (Sun Microsystems, Inc.)
    FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
    FF:64bit: - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files\Microsoft Silverlight\5.1.10411.0\npctrl.dll ( Microsoft Corporation)
    FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0: C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL (Microsoft Corporation)
    FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_5_502_149.dll ()
    FF - HKLM\Software\MozillaPlugins\@adobe.com/ShockwavePlayer: C:\Windows\SysWOW64\Adobe\Director\np32dsw_1200112.dll (Adobe Systems, Inc.)
    FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=:  File not found
    FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
    FF - HKLM\Software\MozillaPlugins\@canon.com/MycameraPlugin: C:\Program Files (x86)\Canon\MyCamera Download Plugin\NPCIG.dll (CANON INC.)
    FF - HKLM\Software\MozillaPlugins\@checkpoint.com/FFApi: C:\Program Files\CheckPoint\ZAForceField\WOW64\TrustChecker\bin\npFFApi.dll File not found
    FF - HKLM\Software\MozillaPlugins\@doubletwist.com/NPPodcast: C:\Program Files (x86)\Common Files\doubleTwist\NPPodcast.dll (doubleTwist Corporation)
    FF - HKLM\Software\MozillaPlugins\@Google.com/GoogleEarthPlugin: C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google)
    FF - HKLM\Software\MozillaPlugins\@google.com/npPicasa3,version=3.0.0: C:\Program Files (x86)\Google\Picasa3\npPicasa3.dll (Google, Inc.)
    FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.13.2: C:\Windows\SysWOW64\npDeployJava1.dll (Oracle Corporation)
    FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.13.2: C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
    FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
    FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files (x86)\Microsoft Silverlight\5.1.10411.0\npctrl.dll ( Microsoft Corporation)
    FF - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0: C:\PROGRA~2\MICROS~4\Office14\NPAUTHZ.DLL (Microsoft Corporation)
    FF - HKLM\Software\MozillaPlugins\@microsoft.com/SharePoint,version=14.0: C:\PROGRA~2\MICROS~4\Office14\NPSPWRAP.DLL (Microsoft Corporation)
    FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3502.0922: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
    FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3508.1109: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
    FF - HKLM\Software\MozillaPlugins\@mozilla.zeniko.ch/SumatraPDF_Browser_Plugin: C:\Program Files (x86)\SumatraPDF\npPdfViewer.dll (Simon Bünzli)
    FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files (x86)\Google\Update\1.3.21.135\npGoogleUpdate3.dll (Google Inc.)
    FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files (x86)\Google\Update\1.3.21.135\npGoogleUpdate3.dll (Google Inc.)
    FF - HKLM\Software\MozillaPlugins\@videolan.org/vlc,version=2.0.4: C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
    FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
    FF - HKCU\Software\MozillaPlugins\@mozilla.zeniko.ch/SumatraPDF_Browser_Plugin: C:\Program Files (x86)\SumatraPDF\npPdfViewer.dll (Simon Bünzli)
    FF - HKCU\Software\MozillaPlugins\@talk.google.com/GoogleTalkPlugin: C:\Users\DelektoJA\AppData\Roaming\Mozilla\plugins\npgoogletalk.dll (Google)
    FF - HKCU\Software\MozillaPlugins\@talk.google.com/O1DPlugin: C:\Users\DelektoJA\AppData\Roaming\Mozilla\plugins\npo1d.dll (Google)
    FF - HKCU\Software\MozillaPlugins\@talk.google.com/O3DPlugin: C:\Users\DelektoJA\AppData\Roaming\Mozilla\plugins\npgtpo3dautoplugin.dll ()
    FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Users\DelektoJA\AppData\Local\Google\Update\1.3.21.135\npGoogleUpdate3.dll (Google Inc.)
    FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Users\DelektoJA\AppData\Local\Google\Update\1.3.21.135\npGoogleUpdate3.dll (Google Inc.)
    FF - HKCU\Software\MozillaPlugins\amazon.com/AmazonMP3DownloaderPlugin: C:\Program Files (x86)\Amazon\MP3 Downloader\npAmazonMP3DownloaderPlugin101710.dll (Amazon.com, Inc.)
     
    64bit-FF - HKEY_LOCAL_MACHINE\software\mozilla\Thunderbird\Extensions\\bdThunderbird@bitdefender.com: C:\PROGRAM FILES\BITDEFENDER\BITDEFENDER 2013\BDTBEXT [2013/02/02 20:06:18 | 000,000,000 | ---D | M]
    FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{FFB96CC1-7EB3-449D-B827-DB661701C6BB}: C:\Program Files\CheckPoint\ZAForceField\WOW64\TrustChecker
    FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 18.0.2\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2013/02/06 20:07:09 | 000,000,000 | ---D | M]
    FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 18.0.2\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins
    FF - HKEY_LOCAL_MACHINE\software\mozilla\Thunderbird\Extensions\\eplgTb@eset.com: C:\Program Files\ESET\ESET Smart Security\Mozilla Thunderbird
    FF - HKEY_LOCAL_MACHINE\software\mozilla\Thunderbird\Extensions\\bdThunderbird@bitdefender.com: C:\Program Files\Bitdefender\Bitdefender 2013\bdtbext [2013/02/02 20:06:18 | 000,000,000 | ---D | M]
    FF - HKEY_CURRENT_USER\software\mozilla\Firefox\Extensions\\{442718d9-475e-452a-b3e1-fb1ee16b8e9f}: C:\Users\DelektoJA\AppData\Roaming\Dashlane\bin\Firefox_Extension\{442718d9-475e-452a-b3e1-fb1ee16b8e9f} [2013/02/06 17:01:51 | 000,000,000 | ---D | M]
     
    [2012/01/04 09:49:50 | 000,000,000 | ---D | M] (No name found) -- C:\Users\DelektoJA\AppData\Roaming\Mozilla\Extensions
    [2012/01/04 09:49:50 | 000,000,000 | ---D | M] (No name found) -- C:\Users\DelektoJA\AppData\Roaming\Mozilla\Extensions\home2@tomtom.com
    [2013/02/23 22:14:58 | 000,000,000 | ---D | M] (No name found) -- C:\Users\DelektoJA\AppData\Roaming\Mozilla\Firefox\Profiles\0\extensions
    [2013/02/23 22:14:58 | 000,000,000 | ---D | M] (No name found) -- C:\Users\DelektoJA\AppData\Roaming\Mozilla\Firefox\Profiles\s90ssnxf.default\extensions
    [2013/02/18 23:02:52 | 000,000,000 | ---D | M] (Flagfox) -- C:\Users\DelektoJA\AppData\Roaming\Mozilla\Firefox\Profiles\s90ssnxf.default\extensions\{1018e4d6-728f-4b20-ad56-37578a4de76b}
    [2013/02/01 21:55:49 | 000,000,000 | ---D | M] (DownloadHelper) -- C:\Users\DelektoJA\AppData\Roaming\Mozilla\Firefox\Profiles\s90ssnxf.default\extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d}
    [2013/02/01 21:55:51 | 000,000,000 | ---D | M] (Ghostery) -- C:\Users\DelektoJA\AppData\Roaming\Mozilla\Firefox\Profiles\s90ssnxf.default\extensions\firefox@ghostery.com
    [2012/05/09 10:20:31 | 000,086,818 | ---- | M] () (No name found) -- C:\Users\DelektoJA\AppData\Roaming\Mozilla\Firefox\Profiles\0\extensions\OneClickDownloader@OneClickDownloader.com.xpi
    [2013/02/01 21:55:51 | 000,130,828 | ---- | M] () (No name found) -- C:\Users\DelektoJA\AppData\Roaming\Mozilla\Firefox\Profiles\s90ssnxf.default\extensions\adblockpopups@jessehakanen.net.xpi
    [2013/02/01 21:50:05 | 000,123,385 | ---- | M] () (No name found) -- C:\Users\DelektoJA\AppData\Roaming\Mozilla\Firefox\Profiles\s90ssnxf.default\extensions\elemhidehelper@adblockplus.org.xpi
    [2013/02/15 21:58:19 | 000,817,280 | ---- | M] () (No name found) -- C:\Users\DelektoJA\AppData\Roaming\Mozilla\Firefox\Profiles\s90ssnxf.default\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi
    [2013/02/01 21:55:48 | 000,138,614 | ---- | M] () (No name found) -- C:\Users\DelektoJA\AppData\Roaming\Mozilla\Firefox\Profiles\s90ssnxf.default\extensions\{d40f5e7b-d2cf-4856-b441-cc613eeffbe3}.xpi
    [2013/02/01 21:55:49 | 000,698,867 | ---- | M] () (No name found) -- C:\Users\DelektoJA\AppData\Roaming\Mozilla\Firefox\Profiles\s90ssnxf.default\extensions\{DDC359D1-844A-42a7-9AA1-88A850A938A8}.xpi
    [2013/02/06 20:06:22 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\Mozilla Firefox\extensions
    [2013/02/06 17:01:51 | 000,000,000 | ---D | M] (Dashlane) -- C:\USERS\DELEKTOJA\APPDATA\ROAMING\DASHLANE\BIN\FIREFOX_EXTENSION\{442718D9-475E-452A-B3E1-FB1EE16B8E9F}
    [2013/02/06 20:07:09 | 000,262,552 | ---- | M] (Mozilla Foundation) -- C:\Program Files (x86)\mozilla firefox\components\browsercomps.dll
    [2013/01/16 15:10:30 | 000,002,465 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\bing.xml
    [2013/01/16 15:10:30 | 000,002,058 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\twitter.xml
     
    ========== Chrome  ==========
     
    CHR - homepage: http://www.vmi.edu/
    CHR - default_search_provider: Google (Enabled)
    CHR - default_search_provider: search_url = {google:baseURL}search?q={searchTerms}&{google:RLZ}{google:acceptedSuggestion}{google:originalQueryForSuggestion}{google:assistedQueryStats}{google:searchFieldtrialParameter}sourceid=chrome&ie={inputEncoding}
    CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client=chrome&hl={language}&q={searchTerms}&sugkey={google:suggestAPIKeyParameter},
    CHR - homepage: http://www.vmi.edu/
    CHR - plugin: Shockwave Flash (Enabled) = C:\Users\DelektoJA\AppData\Local\Google\Chrome\Application\24.0.1312.57\PepperFlash\pepflashplayer.dll
    CHR - plugin: Chrome Remote Desktop Viewer (Disabled) = internal-remoting-viewer
    CHR - plugin: Native Client (Enabled) = C:\Users\DelektoJA\AppData\Local\Google\Chrome\Application\24.0.1312.57\ppGoogleNaClPluginChrome.dll
    CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Users\DelektoJA\AppData\Local\Google\Chrome\Application\24.0.1312.57\pdf.dll
    CHR - plugin: Dashlane (Enabled) = C:\Users\DelektoJA\AppData\Local\Google\Chrome\User Data\Default\Extensions\mkjojgglmmcghgaiknnpgjgldgaocjfd\1.6.5.26469_0\npDashlane.dll
    CHR - plugin: Adobe Acrobat (Enabled) = C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Browser\nppdf32.dll
    CHR - plugin: QuickTime Plug-in 7.7.3 (Disabled) = C:\Program Files (x86)\QuickTime\plugins\npqtplugin.dll
    CHR - plugin: QuickTime Plug-in 7.7.3 (Disabled) = C:\Program Files (x86)\QuickTime\plugins\npqtplugin2.dll
    CHR - plugin: QuickTime Plug-in 7.7.3 (Disabled) = C:\Program Files (x86)\QuickTime\plugins\npqtplugin3.dll
    CHR - plugin: QuickTime Plug-in 7.7.3 (Disabled) = C:\Program Files (x86)\QuickTime\plugins\npqtplugin4.dll
    CHR - plugin: QuickTime Plug-in 7.7.3 (Disabled) = C:\Program Files (x86)\QuickTime\plugins\npqtplugin5.dll
    CHR - plugin: QuickTime Plug-in 7.7.3 (Disabled) = C:\Program Files (x86)\QuickTime\plugins\npqtplugin6.dll
    CHR - plugin: QuickTime Plug-in 7.7.3 (Disabled) = C:\Program Files (x86)\QuickTime\plugins\npqtplugin7.dll
    CHR - plugin: Google Talk Plugin (Disabled) = C:\Users\DelektoJA\AppData\Roaming\Mozilla\plugins\npgoogletalk.dll
    CHR - plugin: Google Talk Plugin Video Accelerator (Disabled) = C:\Users\DelektoJA\AppData\Roaming\Mozilla\plugins\npgtpo3dautoplugin.dll
    CHR - plugin: Microsoft Office 2010 (Disabled) = C:\PROGRA~2\MICROS~4\Office14\NPAUTHZ.DLL
    CHR - plugin: Microsoft Office 2010 (Disabled) = C:\PROGRA~2\MICROS~4\Office14\NPSPWRAP.DLL
    CHR - plugin: AmazonMP3DownloaderPlugin (Disabled) = C:\Program Files (x86)\Amazon\MP3 Downloader\npAmazonMP3DownloaderPlugin101710.dll
    CHR - plugin: NPCIG.dll (Disabled) = C:\Program Files (x86)\Canon\MyCamera Download Plugin\NPCIG.dll
    CHR - plugin: doubletwist Plugin 1, 3, 0, 0 (Disabled) = C:\Program Files (x86)\Common Files\doubleTwist\NPPodcast.dll
    CHR - plugin: Google Earth Plugin (Disabled) = C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll
    CHR - plugin: Picasa (Disabled) = C:\Program Files (x86)\Google\Picasa3\npPicasa3.dll
    CHR - plugin: Java™ Platform SE 7 U5 (Enabled) = C:\Program Files (x86)\Oracle\JavaFX 2.1 Runtime\bin\plugin2\npjp2.dll
    CHR - plugin: VLC Web Plugin (Enabled) = C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll
    CHR - plugin: Windows Live Photo Gallery (Disabled) = C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll
    CHR - plugin: iTunes Application Detector (Disabled) = C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll
    CHR - plugin: Google Update (Disabled) = C:\Users\DelektoJA\AppData\Local\Google\Update\1.3.21.124\npGoogleUpdate3.dll
    CHR - plugin: Shockwave for Director (Enabled) = C:\Windows\system32\Adobe\Director\np32dsw.dll
    CHR - plugin: Silverlight Plug-In (Enabled) = c:\Program Files (x86)\Microsoft Silverlight\5.1.10411.0\npctrl.dll
    CHR - Extension: FVD Video Downloader Launcher = C:\Users\DelektoJA\AppData\Local\Google\Chrome\User Data\Default\Extensions\ahlokhnddogldlplgkdgmfidibpgenoi\3.0.1_0\
    CHR - Extension: Xmarks Bookmark Sync = C:\Users\DelektoJA\AppData\Local\Google\Chrome\User Data\Default\Extensions\ajpgkpeckebdhofmmjfgcjjiiejpodla\1.0.24_0\
    CHR - Extension: Xmarks Bookmark Sync = C:\Users\DelektoJA\AppData\Local\Google\Chrome\User Data\Default\Extensions\ajpgkpeckebdhofmmjfgcjjiiejpodla\1.0.24_0\.bak
    CHR - Extension: Google Drive = C:\Users\DelektoJA\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\6.3_0\
    CHR - Extension: YouTube = C:\Users\DelektoJA\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_0\
    CHR - Extension: Adblock Plus = C:\Users\DelektoJA\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb\1.3.4_0\
    CHR - Extension: Netflix = C:\Users\DelektoJA\AppData\Local\Google\Chrome\User Data\Default\Extensions\deceagebecbceejblnlcjooeohmmeldh\1.0.0.2_0\
    CHR - Extension: Facebook Disconnect = C:\Users\DelektoJA\AppData\Local\Google\Chrome\User Data\Default\Extensions\ejpepffjfmamnambagiibghpglaidiec\1.3.0_0\
    CHR - Extension: DoNotTrackMe = C:\Users\DelektoJA\AppData\Local\Google\Chrome\User Data\Default\Extensions\epanfjkfahimkgomnigadpkobaefekcd\2.2.8.109_0\
    CHR - Extension: HTTPS Everywhere = C:\Users\DelektoJA\AppData\Local\Google\Chrome\User Data\Default\Extensions\gcbommkclmclpchllfjekcdonpmejbdp\2013.1.18_0\
    CHR - Extension: Porsche = C:\Users\DelektoJA\AppData\Local\Google\Chrome\User Data\Default\Extensions\gkclphmapdcppbmekmbkcjfanpmoidpg\3_0\
    CHR - Extension: Flixster = C:\Users\DelektoJA\AppData\Local\Google\Chrome\User Data\Default\Extensions\hgbpjlnkjhllfgfdmieompodgaefjcfh\1.0.6_0\
    CHR - Extension: Disconnect = C:\Users\DelektoJA\AppData\Local\Google\Chrome\User Data\Default\Extensions\jeoacafpbcihiomhlakheieifhpjdfeo\4.2.0_0\
    CHR - Extension: HTML5ify = C:\Users\DelektoJA\AppData\Local\Google\Chrome\User Data\Default\Extensions\jikbjpjgjmmdhcmlagappehlpiljoaop\0.5_0\
    CHR - Extension: Reddit Enhancement Suite = C:\Users\DelektoJA\AppData\Local\Google\Chrome\User Data\Default\Extensions\kbmfpngjjgdllneeigpgjifpgocmfgmb\4.1.5_0\
    CHR - Extension: Google Maps = C:\Users\DelektoJA\AppData\Local\Google\Chrome\User Data\Default\Extensions\lneaknkopdijkpnocmklfnjbeapigfbh\5.2.7_0\
    CHR - Extension: FlashControl = C:\Users\DelektoJA\AppData\Local\Google\Chrome\User Data\Default\Extensions\mfidmkgnfgnkihnjeklbekckimkipmoe\3.0.16_0\
    CHR - Extension: Dashlane = C:\Users\DelektoJA\AppData\Local\Google\Chrome\User Data\Default\Extensions\mkjojgglmmcghgaiknnpgjgldgaocjfd\1.7.5.28568_0\
    CHR - Extension: Ghostery = C:\Users\DelektoJA\AppData\Local\Google\Chrome\User Data\Default\Extensions\mlomiejdfkolichcflejclcbmpeaniij\4.1.0_0\
    CHR - Extension: SkyDrive = C:\Users\DelektoJA\AppData\Local\Google\Chrome\User Data\Default\Extensions\nffchahhjecejoiigmnhhicpoabngedk\1.0.3_0\
    CHR - Extension: Hover Zoom = C:\Users\DelektoJA\AppData\Local\Google\Chrome\User Data\Default\Extensions\nonjdcjchghhkdoolnlbekcfllmednbl\4.11_0\
    CHR - Extension: YouTube Options for Google Chrome™ (Full Version) = C:\Users\DelektoJA\AppData\Local\Google\Chrome\User Data\Default\Extensions\ojmgeoecaejeajjegjmijbcifhkbmgjd\1.8.108_0\
    CHR - Extension: Gmail = C:\Users\DelektoJA\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0\
     
    O1 HOSTS File: ([2013/02/22 19:11:54 | 000,000,027 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts
    O1 - Hosts: 127.0.0.1       localhost
    O2:64bit: - BHO: (Java™ Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dll (Sun Microsystems, Inc.)
    O2 - BHO: (Dashlane BHO) - {42D79B50-CC4A-4A8E-860F-BE674AF053A2} - C:\Users\DelektoJA\AppData\Roaming\Dashlane\bin\Dashlanei.dll (Dashlane)
    O2 - BHO: (Spybot-S&D IE Protection) - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files (x86)\Spybot - Search & Destroy\SDHelper.dll (Safer Networking Limited)
    O2 - BHO: (PodcastBHO Class) - {65134FDF-F8A5-4B3D-91D9-CDF273CFD578} - C:\Program Files (x86)\Common Files\doubleTwist\IEPodcastPlugin.dll (doubleTwist Corporation)
    O2 - BHO: (Java™ Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
    O2 - BHO: (Skype Browser Helper) - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
    O2 - BHO: (Microsoft Live Search Toolbar Helper) - {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - c:\Program Files (x86)\MSN\Toolbar\3.0.0566.0\msneshellx.dll (Microsoft Corp.)
    O2 - BHO: (Java™ Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
    O2 - BHO: (no name) - {F8A6CAA2-533D-4AED-9E05-8EB19A4021AB} - No CLSID value found.
    O3 - HKLM\..\Toolbar: (Dashlane Toolbar) - {669695BC-A811-4A9D-8CDF-BA8C795F261C} - C:\Users\DelektoJA\AppData\Roaming\Dashlane\bin\KWIEBar.dll (Dashlane)
    O3 - HKLM\..\Toolbar: (no name) - {F3FEE66E-E034-436a-86E4-9690573BEE8A} - No CLSID value found.
    O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {EE2AC4E5-B0B0-4EC6-88A9-BCA1A32AB107} - No CLSID value found.
    O4:64bit: - HKLM..\Run: [Bdagent] C:\Program Files\Bitdefender\Bitdefender 2013\bdagent.exe (Bitdefender)
    O4:64bit: - HKLM..\Run: [EvtMgr6] C:\Program Files\Logitech\SetPointP\SetPoint.exe (Logitech, Inc.)
    O4:64bit: - HKLM..\Run: [IntelliPoint] c:\Program Files\Microsoft Mouse and Keyboard Center\ipoint.exe (Microsoft Corporation)
    O4:64bit: - HKLM..\Run: [IntelliType Pro] c:\Program Files\Microsoft Mouse and Keyboard Center\itype.exe (Microsoft Corporation)
    O4:64bit: - HKLM..\Run: [MSC] c:\Program Files\Microsoft Security Client\msseces.exe (Microsoft Corporation)
    O4:64bit: - HKLM..\Run: [Soluto] c:\program files\soluto\soluto.exe (Soluto)
    O4:64bit: - HKLM..\Run: [SysTrayApp] C:\Program Files\IDT\WDM\sttray64.exe (IDT, Inc.)
    O4 - HKLM..\Run: []  File not found
    O4 - HKLM..\Run: [LifeCam] C:\Program Files (x86)\Microsoft LifeCam\LifeExp.exe (Microsoft Corporation)
    O4 - HKCU..\Run: [Dashlane] C:\Users\DelektoJA\AppData\Roaming\Dashlane\bin\Firefox_Extension\{442718d9-475e-452a-b3e1-fb1ee16b8e9f}\components\Dashlane.exe ()
    O4 - HKCU..\Run: [F.lux] C:\Users\DelektoJA\Local Settings\Apps\F.lux\flux.exe ()
    O4 - HKCU..\Run: [SkyDrive] C:\Users\DelektoJA\AppData\Local\Microsoft\SkyDrive\SkyDrive.exe (Microsoft Corporation)
    O4 - HKCU..\Run: [Spotify Web Helper] C:\Users\DelektoJA\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe (Spotify Ltd)
    O4 - HKCU..\Run: [SpybotSD TeaTimer] C:\Program Files (x86)\Spybot - Search & Destroy\TeaTimer.exe (Safer-Networking Ltd.)
    O4 - HKCU..\Run: [StartMenuX] C:\Program Files\Start Menu X\StartMenuX.exe (OrdinarySoft)
    O4 - Startup: C:\Users\DelektoJA\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ERUNT AutoBackup.lnk = C:\Program Files (x86)\ERUNT\AUTOBACK.EXE ()
    O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Low Rights present
    O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present
    O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
    O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 0
    O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
    O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLUA = 0
    O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: PromptOnSecureDesktop = 0
    O7 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present
    O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
    O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
    O8:64bit: - Extra context menu item: Add to Evernote 4.0 - C:\Program Files (x86)\Evernote\Evernote\EvernoteIE.dll (Evernote Corp., 333 W Evelyn Ave. Mountain View, CA 94041)
    O8:64bit: - Extra context menu item: Add to Google Photos Screensa&ver - res://C:\Windows\system32\GPhotos.scr/200 File not found
    O8:64bit: - Extra context menu item: Google Sidewiki... - res://C:\Program Files (x86)\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_89D8574934B26AC4.dll/cmsidewiki.html File not found
    O8 - Extra context menu item: Add to Evernote 4.0 - C:\Program Files (x86)\Evernote\Evernote\EvernoteIE.dll (Evernote Corp., 333 W Evelyn Ave. Mountain View, CA 94041)
    O8 - Extra context menu item: Add to Google Photos Screensa&ver - C:\Windows\SysWow64\GPhotos.scr (Google Inc.)
    O8 - Extra context menu item: Google Sidewiki... - res://C:\Program Files (x86)\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_89D8574934B26AC4.dll/cmsidewiki.html File not found
    O9 - Extra Button: HP Smart Print - {22CC3EBD-C286-43aa-B8E6-06B115F74162} - C:\Program Files (x86)\Hewlett-Packard\Smart Print 2.0\smartprintsetup.exe (Hewlett-Packard)
    O9 - Extra 'Tools' menuitem : HP Smart Print - {22CC3EBD-C286-43aa-B8E6-06B115F74162} - C:\Program Files (x86)\Hewlett-Packard\Smart Print 2.0\smartprintsetup.exe (Hewlett-Packard)
    O9 - Extra Button: Dashlane Button - {40354A83-504E-4611-ACAE-3D137F6F595E} - C:\Users\DelektoJA\AppData\Roaming\Dashlane\bin\Dashlanei.dll (Dashlane)
    O9 - Extra Button: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
    O9 - Extra Button: @C:\Program Files (x86)\Evernote\Evernote\Resource.dll,-101 - {A95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\Program Files (x86)\Evernote\Evernote\EvernoteIE.dll (Evernote Corp., 333 W Evelyn Ave. Mountain View, CA 94041)
    O9 - Extra 'Tools' menuitem : @C:\Program Files (x86)\Evernote\Evernote\Resource.dll,-101 - {A95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\Program Files (x86)\Evernote\Evernote\EvernoteIE.dll (Evernote Corp., 333 W Evelyn Ave. Mountain View, CA 94041)
    O9 - Extra 'Tools' menuitem : Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Program Files (x86)\Spybot - Search & Destroy\SDHelper.dll (Safer Networking Limited)
    O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000009 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
    O10 - NameSpace_Catalog5\Catalog_Entries\000000000009 [] - C:\Program Files (x86)\Bonjour\mdnsNSP.dll (Apple Inc.)
    O13 - gopher Prefix: missing
    O16:64bit: - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab (Java Plug-in 1.6.0_31)
    O16:64bit: - DPF: {CAFEEFAC-0016-0000-0031-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab (Java Plug-in 1.6.0_31)
    O16:64bit: - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab (Reg Error: Key error.)
    O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab (Reg Error: Value error.)
    O16 - DPF: {C345E174-3E87-4F41-A01C-B066A90A49B4} http://trial.trymicrosoftoffice.com/trialoaa/buymsoffice_assets/framework/microsoft/wrc32.ocx (WRC Class)
    O16 - DPF: {CAFEEFAC-0016-0000-0015-ABCDEFFEDCBA} Reg Error: Value error. (Java Plug-in 1.6.0_15)
    O16 - DPF: {CAFEEFAC-0016-0000-0031-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab (Java Plug-in 1.6.0_31)
    O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab (Java Plug-in 10.13.2)
    O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab (Shockwave Flash Object)
    O16 - DPF: {E6F480FC-BD44-4CBA-B74A-89AF7842937D} http://content.systemrequirementslab.com.s3.amazonaws.com/global/bin/srldetect_cyri_4.4.26.0.cab (SysInfo Class)
    O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 144.75.4.215 144.75.4.216 144.75.4.221
    O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{13B10A51-0F91-4667-9FB5-8185A39058BC}: DhcpNameServer = 192.168.1.1
    O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{6D33B7DB-8CE0-4CF4-A58A-D964E255ED8D}: DhcpNameServer = 144.75.4.215 144.75.4.216 144.75.4.221
    O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{FF4A7A8C-55E7-4033-8837-0A2B0BB39F1A}: DhcpNameServer = 192.168.42.129
    O18:64bit: - Protocol\Handler\livecall - No CLSID value found
    O18:64bit: - Protocol\Handler\ms-help - No CLSID value found
    O18:64bit: - Protocol\Handler\ms-itss - No CLSID value found
    O18:64bit: - Protocol\Handler\msnim - No CLSID value found
    O18:64bit: - Protocol\Handler\mso-offdap11 - No CLSID value found
    O18:64bit: - Protocol\Handler\skype4com - No CLSID value found
    O18:64bit: - Protocol\Handler\skype-ie-addon-data - No CLSID value found
    O18:64bit: - Protocol\Handler\wlmailhtml - No CLSID value found
    O18:64bit: - Protocol\Handler\wlpg - No CLSID value found
    O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
    O18 - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
    O20:64bit: - HKLM Winlogon: Shell - (Explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
    O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
    O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
    O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysWOW64\userinit.exe (Microsoft Corporation)
    O20 - Winlogon\Notify\igfxcui: DllName - (Reg Error: Value error.) - Reg Error: Value error. File not found
    O20 - Winlogon\Notify\LBTWlgn: DllName - (Reg Error: Value error.) - Reg Error: Value error. File not found
    O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
    O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
    O32 - HKLM CDRom: AutoRun - 1
    O34 - HKLM BootExecute: (autocheck autochk *)
    O35:64bit: - HKLM\..comfile [open] -- "%1" %*
    O35:64bit: - HKLM\..exefile [open] -- "%1" %*
    O35 - HKLM\..comfile [open] -- "%1" %*
    O35 - HKLM\..exefile [open] -- "%1" %*
    O37:64bit: - HKLM\...com [@ = ComFile] -- "%1" %*
    O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
    O37 - HKLM\...com [@ = ComFile] -- "%1" %*
    O37 - HKLM\...exe [@ = exefile] -- "%1" %*
    O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
    O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
    O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)
     
    ========== Files/Folders - Created Within 30 Days ==========
     
    [2013/02/23 22:15:38 | 000,000,000 | -HSD | C] -- C:\$RECYCLE.BIN
    [2013/02/23 22:14:54 | 000,000,000 | ---D | C] -- C:\_OTL
    [2013/02/23 22:13:15 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ERUNT
    [2013/02/23 22:13:13 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\ERUNT
    [2013/02/23 21:05:57 | 000,602,112 | ---- | C] (OldTimer Tools) -- C:\Users\DelektoJA\Desktop\OTL.exe
    [2013/02/23 10:04:31 | 000,000,000 | ---D | C] -- C:\Users\DelektoJA\AppData\Local\TempSWBackupDirectory
    [2013/02/23 09:52:16 | 000,000,000 | ---D | C] -- C:\Users\DelektoJA\Desktop\virus_crap
    [2013/02/22 22:58:58 | 000,000,000 | ---D | C] -- C:\Users\DelektoJA\AppData\Roaming\help_images_otherUI
    [2013/02/22 22:56:22 | 000,000,000 | ---D | C] -- C:\SolidWorks Data (2)
    [2013/02/22 22:52:36 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SolidWorks 2012
    [2013/02/22 22:39:08 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\SolidWorks Shared
    [2013/02/22 22:38:17 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Macrovision Shared
    [2013/02/22 22:13:32 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Macrovision Shared
    [2013/02/22 21:36:16 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Secunia
    [2013/02/22 19:18:37 | 000,000,000 | ---D | C] -- C:\Windows\temp
    [2013/02/22 18:49:02 | 000,518,144 | ---- | C] (SteelWerX) -- C:\Windows\SWREG.exe
    [2013/02/22 18:49:02 | 000,406,528 | ---- | C] (SteelWerX) -- C:\Windows\SWSC.exe
    [2013/02/22 18:49:02 | 000,060,416 | ---- | C] (NirSoft) -- C:\Windows\NIRCMD.exe
    [2013/02/22 18:46:56 | 000,000,000 | ---D | C] -- C:\Qoobox
    [2013/02/22 18:46:21 | 000,000,000 | R--D | C] -- C:\Users\DelektoJA\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
    [2013/02/22 18:46:21 | 000,000,000 | R--D | C] -- C:\Users\DelektoJA\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools
    [2013/02/22 18:45:59 | 000,000,000 | ---D | C] -- C:\Windows\erdnt
    [2013/02/22 18:44:43 | 005,034,320 | R--- | C] (Swearware) -- C:\Users\DelektoJA\Desktop\ComboFix.exe
    [2013/02/22 15:03:54 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HitmanPro
    [2013/02/21 15:46:53 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Start Menu X
    [2013/02/21 15:46:28 | 000,000,000 | ---D | C] -- C:\ProgramData\StartMenuX
    [2013/02/21 15:46:27 | 000,000,000 | ---D | C] -- C:\Users\DelektoJA\AppData\Roaming\StartMenuX
    [2013/02/21 15:46:27 | 000,000,000 | ---D | C] -- C:\Program Files\Start Menu X
    [2013/02/19 22:32:40 | 000,000,000 | ---D | C] -- C:\Users\DelektoJA\AppData\Local\Immunet
    [2013/02/19 22:21:22 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\FileASSASSIN
    [2013/02/19 22:21:22 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\FileASSASSIN
    [2013/02/18 15:00:58 | 000,000,000 | ---D | C] -- C:\Users\DelektoJA\4GB STORAGE
    [2013/02/16 12:47:13 | 000,000,000 | ---D | C] -- C:\Users\DelektoJA\AppData\Local\CrashRpt
    [2013/02/15 22:24:17 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SIW
    [2013/02/15 22:23:50 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\SIW 2011 Home Edition
    [2013/02/15 21:53:20 | 000,054,728 | ---- | C] (Soluto LTD.) -- C:\Windows\SysNative\drivers\Soluto.sys
    [2013/02/15 21:52:48 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Soluto
    [2013/02/15 21:52:48 | 000,000,000 | ---D | C] -- C:\Program Files\Soluto
    [2013/02/15 21:46:35 | 000,000,000 | ---D | C] -- C:\ProgramData\Soluto
    [2013/02/15 08:49:33 | 000,000,000 | ---D | C] -- C:\Program Files\HitmanPro
    [2013/02/15 08:48:47 | 000,000,000 | ---D | C] -- C:\ProgramData\HitmanPro
    [2013/02/12 16:22:29 | 000,000,000 | ---D | C] -- C:\Users\DelektoJA\.zenmap
    [2013/02/12 16:14:12 | 000,000,000 | ---D | C] -- C:\Users\DelektoJA\AppData\Local\bdch
    [2013/02/12 16:14:00 | 000,000,000 | ---D | C] -- C:\ProgramData\bdch
    [2013/02/07 14:38:07 | 000,000,000 | ---D | C] -- C:\ProgramData\PDF reDirect
    [2013/02/07 14:37:46 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PDF reDirect v2
    [2013/02/07 14:36:31 | 000,000,000 | ---D | C] -- C:\Users\DelektoJA\AppData\Roaming\PrimoPDF
    [2013/02/07 14:35:59 | 000,000,000 | ---D | C] -- C:\Users\DelektoJA\AppData\Roaming\PDF reDirect
    [2013/02/07 14:35:48 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\PDF reDirect
    [2013/02/07 14:34:41 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Nitro PDF
    [2013/02/07 14:31:24 | 000,000,000 | R--D | C] -- C:\Users\DelektoJA\Favorites
    [2013/02/07 07:15:22 | 000,018,456 | ---- | C] (Secunia) -- C:\Windows\SysNative\drivers\psi_mf_amd64.sys
    [2013/02/06 20:06:18 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Mozilla Firefox
    [2013/02/02 22:01:46 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft Security Client
    [2013/02/02 22:01:27 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft Security Client
    [2013/02/02 20:40:39 | 000,076,944 | ---- | C] (BitDefender) -- C:\Windows\SysNative\drivers\bdvedisk.sys
    [2013/02/02 20:06:38 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Bitdefender 2013
    [2013/02/02 20:06:25 | 000,000,000 | ---D | C] -- C:\ProgramData\BDLogging
    [2013/02/02 20:06:13 | 000,093,160 | ---- | C] (BitDefender LLC) -- C:\Windows\SysNative\drivers\BdfNdisf6.sys
    [2013/02/02 20:06:13 | 000,082,384 | ---- | C] (BitDefender SRL) -- C:\Windows\SysNative\drivers\bdsandbox.sys
    [2013/02/02 20:06:03 | 000,589,000 | ---- | C] (BitDefender) -- C:\Windows\SysNative\drivers\avckf.sys
    [2013/02/02 20:06:03 | 000,261,056 | ---- | C] (BitDefender) -- C:\Windows\SysNative\drivers\avchv.sys
    [2013/02/02 20:06:02 | 000,707,528 | ---- | C] (BitDefender) -- C:\Windows\SysNative\drivers\avc3.sys
    [2013/02/02 20:00:00 | 000,000,000 | ---D | C] -- C:\Users\DelektoJA\AppData\Roaming\Bitdefender
    [2013/02/02 19:59:53 | 000,000,000 | ---D | C] -- C:\ProgramData\Bitdefender
    [2013/02/02 19:56:20 | 000,000,000 | ---D | C] -- C:\Users\DelektoJA\AppData\Roaming\QuickScan
    [2013/02/02 19:53:58 | 000,350,160 | ---- | C] (BitDefender S.R.L.) -- C:\Windows\SysNative\drivers\trufos.sys
    [2013/02/02 19:53:58 | 000,145,696 | ---- | C] (BitDefender LLC) -- C:\Windows\SysNative\drivers\gzflt.sys
    [2013/02/02 19:53:58 | 000,000,000 | ---D | C] -- C:\Program Files\Bitdefender
    [2013/02/02 19:47:23 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Bitdefender
    [2013/02/01 22:55:40 | 000,000,000 | ---D | C] -- C:\Users\DelektoJA\AppData\Local\{FD5796EC-E42B-4B19-8BA3-A6A2EA084405}
    [2013/02/01 22:55:23 | 000,000,000 | ---D | C] -- C:\Users\DelektoJA\Tracing
    [2013/02/01 22:01:24 | 000,000,000 | ---D | C] -- C:\Users\DelektoJA\dwhelper
    [2013/02/01 21:56:40 | 000,000,000 | ---D | C] -- C:\Users\DelektoJA\AppData\Local\Macromedia
    [2013/02/01 21:46:38 | 000,000,000 | ---D | C] -- C:\Users\DelektoJA\AppData\Local\Mozilla
    [2013/02/01 21:07:04 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Mozilla Maintenance Service
    [2013/02/01 21:07:04 | 000,000,000 | ---D | C] -- C:\ProgramData\Mozilla
    [2013/01/31 12:16:55 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CyberLink PhotoDirector 3
    [2013/01/29 23:07:15 | 000,000,000 | ---D | C] -- C:\Users\DelektoJA\AppData\Local\Mathsoft
    [2013/01/29 23:05:58 | 000,000,000 | ---D | C] -- C:\Users\DelektoJA\AppData\Roaming\PTC
    [2013/01/29 23:05:34 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\PTC
    [2013/01/29 23:02:17 | 000,000,000 | ---D | C] -- C:\Users\DelektoJA\AppData\Roaming\Mathsoft
    [2013/01/29 23:01:27 | 000,000,000 | ---D | C] -- C:\Users\DelektoJA\AppData\Local\PTC
    [2013/01/29 18:02:47 | 000,000,000 | ---D | C] -- C:\Users\DelektoJA\Documents\Pavtube
    [2013/01/29 18:02:47 | 000,000,000 | ---D | C] -- C:\Users\DelektoJA\AppData\Roaming\Pavtube
    [2013/01/29 17:59:57 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Pavtube
    [2013/01/29 17:59:09 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Pavtube
    [2013/01/26 07:51:23 | 000,565,232 | ---- | C] (Hola Networks Ltd.) -- C:\Windows\SysNative\drivers\hola_drv.sys
    [2013/01/26 07:51:23 | 000,086,128 | ---- | C] (Hola Networks Ltd.) -- C:\Windows\SysNative\drivers\hola_mon_drv.sys
    [2013/01/26 07:51:21 | 000,086,384 | ---- | C] (Hola Networks Ltd.) -- C:\Windows\SysNative\drivers\hola_net.sys
    [2013/01/26 07:45:21 | 000,000,000 | ---D | C] -- C:\Program Files\Hola
    [2013/01/25 08:36:44 | 000,000,000 | ---D | C] -- C:\Users\DelektoJA\AppData\Local\arw
    [2013/01/25 08:36:39 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Audio Record Wizard
    [2013/01/25 08:36:33 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Audio Record Wizard
     
    ========== Files - Modified Within 30 Days ==========
     
    [2013/02/23 22:26:40 | 000,026,192 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
    [2013/02/23 22:26:40 | 000,026,192 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
    [2013/02/23 22:18:30 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
    [2013/02/23 22:18:23 | 3063,046,144 | -HS- | M] () -- C:\hiberfil.sys
    [2013/02/23 22:13:32 | 000,001,064 | ---- | M] () -- C:\Users\DelektoJA\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ERUNT AutoBackup.lnk
    [2013/02/23 22:13:16 | 000,000,865 | ---- | M] () -- C:\Users\DelektoJA\Desktop\ERUNT.lnk
    [2013/02/23 22:10:01 | 000,000,924 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-2480015556-130784185-1519286648-1001UA.job
    [2013/02/23 22:05:01 | 000,000,924 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-2480015556-130784185-1519286648-1001UA1ce084f66cf16b4.job
    [2013/02/23 22:04:05 | 000,000,904 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
    [2013/02/23 21:58:05 | 000,000,830 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
    [2013/02/23 21:06:16 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\DelektoJA\Desktop\OTL.exe
    [2013/02/23 16:10:00 | 000,000,872 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-2480015556-130784185-1519286648-1001Core.job
    [2013/02/23 11:45:13 | 005,034,320 | R--- | M] (Swearware) -- C:\Users\DelektoJA\Desktop\ComboFix.exe
    [2013/02/23 09:13:50 | 000,003,288 | ---- | M] () -- C:\bootsqm.dat
    [2013/02/23 07:05:05 | 000,000,872 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-2480015556-130784185-1519286648-1001Core1ce084f5ff7207d.job
    [2013/02/22 23:47:19 | 005,035,560 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT
    [2013/02/22 22:52:37 | 000,002,751 | ---- | M] () -- C:\Users\DelektoJA\Application Data\Microsoft\Internet Explorer\Quick Launch\SolidWorks 2012 x64 Edition.lnk
    [2013/02/22 21:52:02 | 000,001,029 | ---- | M] () -- C:\Users\DelektoJA\Desktop\Secunia PSI.lnk
    [2013/02/22 21:41:19 | 000,001,435 | ---- | M] () -- C:\Users\DelektoJA\Desktop\delektoja (sorrel1) (M).lnk
    [2013/02/22 21:36:23 | 000,001,066 | ---- | M] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Secunia PSI Tray.lnk
    [2013/02/22 19:11:54 | 000,000,027 | ---- | M] () -- C:\Windows\SysNative\drivers\etc\hosts
    [2013/02/22 15:11:10 | 000,000,646 | ---- | M] () -- C:\Windows\SysNative\.crusader
    [2013/02/22 15:03:55 | 000,001,893 | ---- | M] () -- C:\Users\Public\Desktop\HitmanPro.lnk
    [2013/02/21 23:32:31 | 000,390,844 | ---- | M] () -- C:\Users\DelektoJA\Desktop\Commandants-Professional-Reading-List-All-Hands.pdf
    [2013/02/21 17:12:57 | 000,676,676 | ---- | M] () -- C:\Users\DelektoJA\moto.jpg
    [2013/02/21 17:12:57 | 000,003,399 | ---- | M] () -- C:\Users\DelektoJA\.recently-used.xbel
    [2013/02/21 16:53:37 | 000,222,658 | ---- | M] () -- C:\Users\DelektoJA\okinawa.jpg
    [2013/02/21 00:11:38 | 000,783,334 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
    [2013/02/21 00:11:38 | 000,663,434 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
    [2013/02/21 00:11:38 | 000,122,270 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
    [2013/02/19 22:32:04 | 000,000,000 | -H-- | M] () -- C:\Windows\SysNative\drivers\Msft_Kernel_ImmunetNetworkMonitor_01009.Wdf
    [2013/02/19 21:55:29 | 000,007,642 | ---- | M] () -- C:\Users\DelektoJA\AppData\Local\Resmon.ResmonCfg
    [2013/02/18 15:17:00 | 000,000,900 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
    [2013/02/18 15:17:00 | 000,000,554 | ---- | M] () -- C:\Windows\tasks\MATLAB R2012b Startup Accelerator.job
    [2013/02/15 23:48:26 | 000,000,682 | ---- | M] () -- C:\bdr-cf01
    [2013/02/15 22:00:52 | 000,001,945 | ---- | M] () -- C:\Windows\epplauncher.mif
    [2013/02/15 21:55:59 | 000,000,098 | ---- | M] () -- C:\ProgramData\Microsoft.SqlServer.Compact.351.64.bc
    [2013/02/11 23:13:03 | 000,000,348 | ---- | M] () -- C:\Windows\tasks\HPCeeScheduleForDelektoJA.job
    [2013/02/07 07:15:22 | 000,018,456 | ---- | M] (Secunia) -- C:\Windows\SysNative\drivers\psi_mf_amd64.sys
    [2013/02/04 00:13:24 | 000,000,385 | ---- | M] () -- C:\Windows\SysNative\user_gensett.xml
    [2013/02/03 19:32:42 | 000,054,728 | ---- | M] (Soluto LTD.) -- C:\Windows\SysNative\drivers\Soluto.sys
    [2013/02/02 20:40:39 | 000,076,944 | ---- | M] (BitDefender) -- C:\Windows\SysNative\drivers\bdvedisk.sys
    [2013/02/02 20:07:02 | 000,253,404 | ---- | M] () -- C:\bdr-ld01
    [2013/02/02 20:07:02 | 000,009,216 | ---- | M] () -- C:\bdr-ld01.mbr
    [2013/02/02 20:06:38 | 000,000,000 | -H-- | M] () -- C:\Windows\SysNative\drivers\Msft_Kernel_avchv_01009.Wdf
    [2013/01/29 22:45:36 | 000,001,986 | ---- | M] () -- C:\Users\Public\Desktop\Mathcad 15.lnk
    [2013/01/26 15:22:31 | 000,565,232 | ---- | M] (Hola Networks Ltd.) -- C:\Windows\SysNative\drivers\hola_drv.sys
    [2013/01/26 15:22:31 | 000,086,384 | ---- | M] (Hola Networks Ltd.) -- C:\Windows\SysNative\drivers\hola_net.sys
    [2013/01/26 15:22:31 | 000,086,128 | ---- | M] (Hola Networks Ltd.) -- C:\Windows\SysNative\drivers\hola_mon_drv.sys
     
    ========== Files Created - No Company Name ==========
     
    [2013/02/23 22:13:32 | 000,001,064 | ---- | C] () -- C:\Users\DelektoJA\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ERUNT AutoBackup.lnk
    [2013/02/23 22:13:16 | 000,000,865 | ---- | C] () -- C:\Users\DelektoJA\Desktop\ERUNT.lnk
    [2013/02/23 09:13:50 | 000,003,288 | ---- | C] () -- C:\bootsqm.dat
    [2013/02/22 22:52:36 | 000,002,751 | ---- | C] () -- C:\Users\DelektoJA\Application Data\Microsoft\Internet Explorer\Quick Launch\SolidWorks 2012 x64 Edition.lnk
    [2013/02/22 21:52:09 | 000,001,029 | ---- | C] () -- C:\Users\DelektoJA\Desktop\Secunia PSI.lnk
    [2013/02/22 21:36:23 | 000,001,066 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Secunia PSI Tray.lnk
    [2013/02/22 21:36:23 | 000,001,029 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Secunia PSI.lnk
    [2013/02/22 18:49:02 | 000,256,000 | ---- | C] () -- C:\Windows\PEV.exe
    [2013/02/22 18:49:02 | 000,208,896 | ---- | C] () -- C:\Windows\MBR.exe
    [2013/02/22 18:49:02 | 000,098,816 | ---- | C] () -- C:\Windows\sed.exe
    [2013/02/22 18:49:02 | 000,080,412 | ---- | C] () -- C:\Windows\grep.exe
    [2013/02/22 18:49:02 | 000,068,096 | ---- | C] () -- C:\Windows\zip.exe
    [2013/02/22 15:11:10 | 000,000,646 | ---- | C] () -- C:\Windows\SysNative\.crusader
    [2013/02/22 15:03:55 | 000,001,893 | ---- | C] () -- C:\Users\Public\Desktop\HitmanPro.lnk
    [2013/02/21 23:32:20 | 000,390,844 | ---- | C] () -- C:\Users\DelektoJA\Desktop\Commandants-Professional-Reading-List-All-Hands.pdf
    [2013/02/21 17:12:57 | 000,676,676 | ---- | C] () -- C:\Users\DelektoJA\moto.jpg
    [2013/02/21 17:12:57 | 000,003,399 | ---- | C] () -- C:\Users\DelektoJA\.recently-used.xbel
    [2013/02/21 16:53:21 | 000,222,658 | ---- | C] () -- C:\Users\DelektoJA\okinawa.jpg
    [2013/02/19 22:32:04 | 000,000,000 | -H-- | C] () -- C:\Windows\SysNative\drivers\Msft_Kernel_ImmunetNetworkMonitor_01009.Wdf
    [2013/02/15 21:55:59 | 000,000,098 | ---- | C] () -- C:\ProgramData\Microsoft.SqlServer.Compact.351.64.bc
    [2013/02/11 07:00:36 | 000,000,924 | ---- | C] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-2480015556-130784185-1519286648-1001UA1ce084f66cf16b4.job
    [2013/02/11 07:00:24 | 000,000,872 | ---- | C] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-2480015556-130784185-1519286648-1001Core1ce084f5ff7207d.job
    [2013/02/07 14:34:46 | 000,095,008 | ---- | C] () -- C:\Windows\SysNative\Primomonnt.dll
    [2013/02/04 00:13:24 | 000,000,385 | ---- | C] () -- C:\Windows\SysNative\user_gensett.xml
    [2013/02/02 22:02:05 | 000,001,915 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Security Essentials.lnk
    [2013/02/02 20:07:02 | 000,000,682 | ---- | C] () -- C:\bdr-cf01
    [2013/02/02 20:06:38 | 000,000,000 | -H-- | C] () -- C:\Windows\SysNative\drivers\Msft_Kernel_avchv_01009.Wdf
    [2013/02/02 19:59:52 | 002,510,608 | ---- | C] () -- C:\bdr-bz01
    [2013/02/02 19:59:52 | 000,009,216 | ---- | C] () -- C:\bdr-ld01.mbr
    [2013/02/02 19:59:51 | 037,133,532 | -H-- | C] () -- C:\bdr-im01.gz
    [2013/02/02 19:59:51 | 000,253,404 | ---- | C] () -- C:\bdr-ld01
    [2013/02/01 21:07:07 | 000,001,119 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
    [2013/01/30 08:12:13 | 000,002,441 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader XI.lnk
    [2013/01/29 22:45:36 | 000,001,986 | ---- | C] () -- C:\Users\Public\Desktop\Mathcad 15.lnk
    [2013/01/15 19:18:27 | 000,016,384 | ---- | C] () -- C:\Windows\SysWow64\FileOps.exe
    [2013/01/09 11:04:06 | 000,000,057 | ---- | C] () -- C:\ProgramData\Ament.ini
    [2012/12/15 23:27:14 | 000,191,336 | ---- | C] () -- C:\Users\DelektoJA\UiWXR.jpg
    [2012/12/12 12:43:54 | 000,216,432 | ---- | C] () -- C:\Users\DelektoJA\VDOT_calc.jpg
    [2012/11/29 18:24:14 | 000,057,344 | ---- | C] () -- C:\Windows\SysWow64\ff_vfw.dll
    [2012/10/14 10:52:24 | 000,076,800 | ---- | C] () -- C:\Windows\SysWow64\Faac.exe
    [2012/10/14 10:52:23 | 000,157,696 | ---- | C] () -- C:\Windows\SysWow64\OggEnc.exe
    [2012/10/14 10:52:23 | 000,145,408 | ---- | C] () -- C:\Windows\SysWow64\Lame.exe
    [2012/10/14 10:52:14 | 000,131,072 | ---- | C] () -- C:\Windows\SysWow64\azcontextmenu.dll
    [2012/10/01 13:32:15 | 000,237,082 | ---- | C] () -- C:\Users\DelektoJA\AppData\Local\census.cache
    [2012/10/01 13:31:51 | 000,152,256 | ---- | C] () -- C:\Users\DelektoJA\AppData\Local\ars.cache
    [2012/10/01 12:41:25 | 000,000,036 | ---- | C] () -- C:\Users\DelektoJA\AppData\Local\housecall.guid.cache
    [2012/09/02 18:25:23 | 000,002,560 | ---- | C] () -- C:\Windows\_MSRSTRT.EXE
    [2011/10/17 21:45:08 | 1073,741,823 | ---- | C] () -- C:\Users\DelektoJA\TheVault
    [2011/09/28 16:44:14 | 000,179,271 | ---- | C] () -- C:\Windows\SysWow64\xlive.dll.cat
    [2011/04/30 15:36:30 | 002,434,856 | ---- | C] () -- C:\Windows\SysWow64\pbsvc_bc2.exe
    [2011/03/08 15:34:42 | 000,000,036 | ---- | C] () -- C:\Windows\webica.ini
    [2010/06/24 21:01:02 | 000,007,642 | ---- | C] () -- C:\Users\DelektoJA\AppData\Local\Resmon.ResmonCfg
    [2010/06/20 14:48:49 | 000,000,000 | ---- | C] () -- C:\Users\DelektoJA\AppData\Roaming\wklnhst.dat
     
    ========== ZeroAccess Check ==========
     
    [2009/07/13 23:55:00 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini
     
    [HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
     
    [HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
     
    [HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] /64
     
    [HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]
     
    [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
    "" = C:\Windows\SysNative\shell32.dll -- [2012/06/09 00:43:10 | 014,172,672 | ---- | M] (Microsoft Corporation)
    "ThreadingModel" = Apartment
     
    [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
    "" = %SystemRoot%\system32\shell32.dll -- [2012/06/08 23:41:00 | 012,873,728 | ---- | M] (Microsoft Corporation)
    "ThreadingModel" = Apartment
     
    [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] /64
    "" = C:\Windows\SysNative\wbem\fastprox.dll -- [2009/07/13 20:40:51 | 000,909,312 | ---- | M] (Microsoft Corporation)
    "ThreadingModel" = Free
     
    [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
    "" = %systemroot%\system32\wbem\fastprox.dll -- [2010/11/20 07:19:02 | 000,606,208 | ---- | M] (Microsoft Corporation)
    "ThreadingModel" = Free
     
    [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] /64
    "" = C:\Windows\SysNative\wbem\wbemess.dll -- [2009/07/13 20:41:56 | 000,505,856 | ---- | M] (Microsoft Corporation)
    "ThreadingModel" = Both
     
    [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]
     
    ========== LOP Check ==========
     
    [2010/12/15 14:13:03 | 000,000,000 | ---D | M] -- C:\Users\DelektoJA\AppData\Roaming\.minecraft
    [2012/10/13 00:01:05 | 000,000,000 | ---D | M] -- C:\Users\DelektoJA\AppData\Roaming\1-abc
    [2012/08/22 10:27:20 | 000,000,000 | ---D | M] -- C:\Users\DelektoJA\AppData\Roaming\Amazon
    [2012/09/26 17:29:35 | 000,000,000 | ---D | M] -- C:\Users\DelektoJA\AppData\Roaming\AVG2012
    [2011/06/10 10:07:48 | 000,000,000 | ---D | M] -- C:\Users\DelektoJA\AppData\Roaming\Azureus
    [2013/02/02 20:00:00 | 000,000,000 | ---D | M] -- C:\Users\DelektoJA\AppData\Roaming\Bitdefender
    [2012/11/15 16:26:17 | 000,000,000 | ---D | M] -- C:\Users\DelektoJA\AppData\Roaming\calibre
    [2012/05/29 15:53:35 | 000,000,000 | ---D | M] -- C:\Users\DelektoJA\AppData\Roaming\Canon
    [2012/07/31 17:47:01 | 000,000,000 | ---D | M] -- C:\Users\DelektoJA\AppData\Roaming\chc.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1
    [2010/12/18 21:05:17 | 000,000,000 | ---D | M] -- C:\Users\DelektoJA\AppData\Roaming\CheckPoint
    [2012/02/01 14:59:17 | 000,000,000 | ---D | M] -- C:\Users\DelektoJA\AppData\Roaming\com.adobe.mauby.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1
    [2012/10/03 20:44:01 | 000,000,000 | -HSD | M] -- C:\Users\DelektoJA\AppData\Roaming\Common
    [2011/06/27 15:06:05 | 000,000,000 | ---D | M] -- C:\Users\DelektoJA\AppData\Roaming\DAEMON Tools Lite
    [2013/02/06 17:01:30 | 000,000,000 | ---D | M] -- C:\Users\DelektoJA\AppData\Roaming\Dashlane
    [2010/10/20 21:28:42 | 000,000,000 | ---D | M] -- C:\Users\DelektoJA\AppData\Roaming\DassaultSystemes
    [2012/10/05 14:09:34 | 000,000,000 | ---D | M] -- C:\Users\DelektoJA\AppData\Roaming\Digiarty
    [2011/06/19 10:58:11 | 000,000,000 | ---D | M] -- C:\Users\DelektoJA\AppData\Roaming\DiskSpaceFan
    [2012/09/28 20:41:54 | 000,000,000 | ---D | M] -- C:\Users\DelektoJA\AppData\Roaming\Dropbox
    [2013/01/29 18:05:04 | 000,000,000 | ---D | M] -- C:\Users\DelektoJA\AppData\Roaming\DVDVideoSoft
    [2010/10/06 13:45:58 | 000,000,000 | ---D | M] -- C:\Users\DelektoJA\AppData\Roaming\EDrawings
    [2012/09/10 14:39:25 | 000,000,000 | ---D | M] -- C:\Users\DelektoJA\AppData\Roaming\ESET
    [2012/11/08 08:57:41 | 000,000,000 | ---D | M] -- C:\Users\DelektoJA\AppData\Roaming\GameFly
    [2012/12/10 14:52:31 | 000,000,000 | ---D | M] -- C:\Users\DelektoJA\AppData\Roaming\GitHub
    [2011/01/21 20:38:47 | 000,000,000 | ---D | M] -- C:\Users\DelektoJA\AppData\Roaming\GlarySoft
    [2012/05/08 21:28:41 | 000,000,000 | ---D | M] -- C:\Users\DelektoJA\AppData\Roaming\Gmote
    [2013/02/21 17:12:57 | 000,000,000 | ---D | M] -- C:\Users\DelektoJA\AppData\Roaming\gtk-2.0
    [2013/01/02 20:55:33 | 000,000,000 | ---D | M] -- C:\Users\DelektoJA\AppData\Roaming\HandBrake
    [2011/03/08 15:52:29 | 000,000,000 | ---D | M] -- C:\Users\DelektoJA\AppData\Roaming\ICAClient
    [2012/05/07 17:07:12 | 000,000,000 | ---D | M] -- C:\Users\DelektoJA\AppData\Roaming\ImgBurn
    [2011/06/14 16:23:29 | 000,000,000 | ---D | M] -- C:\Users\DelektoJA\AppData\Roaming\IObit
    [2012/04/10 14:10:49 | 000,000,000 | ---D | M] -- C:\Users\DelektoJA\AppData\Roaming\IrfanView
    [2010/06/26 23:26:07 | 000,000,000 | ---D | M] -- C:\Users\DelektoJA\AppData\Roaming\Leadertech
    [2013/01/29 23:02:17 | 000,000,000 | ---D | M] -- C:\Users\DelektoJA\AppData\Roaming\Mathsoft
    [2012/08/17 13:09:47 | 000,000,000 | ---D | M] -- C:\Users\DelektoJA\AppData\Roaming\MediaMonkey
    [2011/11/26 16:51:08 | 000,000,000 | ---D | M] -- C:\Users\DelektoJA\AppData\Roaming\Mobipocket
    [2012/01/09 10:16:23 | 000,000,000 | ---D | M] -- C:\Users\DelektoJA\AppData\Roaming\Motorola
    [2010/08/18 23:48:30 | 000,000,000 | ---D | M] -- C:\Users\DelektoJA\AppData\Roaming\NCH Swift Sound
    [2013/02/15 21:18:33 | 000,000,000 | ---D | M] -- C:\Users\DelektoJA\AppData\Roaming\Notepad++
    [2011/04/06 21:10:32 | 000,000,000 | ---D | M] -- C:\Users\DelektoJA\AppData\Roaming\ooVoo Details
    [2012/12/05 18:32:02 | 000,000,000 | ---D | M] -- C:\Users\DelektoJA\AppData\Roaming\Origin
    [2013/01/29 18:02:47 | 000,000,000 | ---D | M] -- C:\Users\DelektoJA\AppData\Roaming\Pavtube
    [2013/02/07 14:38:07 | 000,000,000 | ---D | M] -- C:\Users\DelektoJA\AppData\Roaming\PDF reDirect
    [2011/09/29 17:48:42 | 000,000,000 | ---D | M] -- C:\Users\DelektoJA\AppData\Roaming\PhotoScape
    [2013/02/07 14:36:31 | 000,000,000 | ---D | M] -- C:\Users\DelektoJA\AppData\Roaming\PrimoPDF
    [2013/01/29 23:07:19 | 000,000,000 | ---D | M] -- C:\Users\DelektoJA\AppData\Roaming\PTC
    [2013/02/02 19:56:20 | 000,000,000 | ---D | M] -- C:\Users\DelektoJA\AppData\Roaming\QuickScan
    [2012/04/19 07:15:57 | 000,000,000 | ---D | M] -- C:\Users\DelektoJA\AppData\Roaming\Rainmeter
    [2013/02/23 21:05:27 | 000,000,000 | ---D | M] -- C:\Users\DelektoJA\AppData\Roaming\Spotify
    [2011/12/31 13:47:58 | 000,000,000 | ---D | M] -- C:\Users\DelektoJA\AppData\Roaming\StageManager.BD092818F67280F4B42B04877600987F0111B594.1
    [2013/02/21 15:47:04 | 000,000,000 | ---D | M] -- C:\Users\DelektoJA\AppData\Roaming\StartMenuX
    [2012/11/22 08:19:50 | 000,000,000 | ---D | M] -- C:\Users\DelektoJA\AppData\Roaming\Subversion
    [2012/07/15 22:04:09 | 000,000,000 | ---D | M] -- C:\Users\DelektoJA\AppData\Roaming\SumatraPDF
    [2012/12/01 00:12:18 | 000,000,000 | ---D | M] -- C:\Users\DelektoJA\AppData\Roaming\SystemRequirementsLab
    [2012/01/17 07:49:10 | 000,000,000 | ---D | M] -- C:\Users\DelektoJA\AppData\Roaming\Template
    [2012/02/18 07:55:46 | 000,000,000 | ---D | M] -- C:\Users\DelektoJA\AppData\Roaming\TeraCopy
    [2012/01/04 09:49:48 | 000,000,000 | ---D | M] -- C:\Users\DelektoJA\AppData\Roaming\TomTom
    [2013/01/17 16:31:16 | 000,000,000 | ---D | M] -- C:\Users\DelektoJA\AppData\Roaming\TrueCrypt
    [2011/04/09 16:51:42 | 000,000,000 | ---D | M] -- C:\Users\DelektoJA\AppData\Roaming\Trusteer
    [2013/01/03 11:46:20 | 000,000,000 | ---D | M] -- C:\Users\DelektoJA\AppData\Roaming\uTorrent
    [2013/01/07 21:43:30 | 000,000,000 | ---D | M] -- C:\Users\DelektoJA\AppData\Roaming\Wondershare
    [2012/11/19 14:37:34 | 000,000,000 | ---D | M] -- C:\Users\DelektoJA\AppData\Roaming\XBMC
    [2013/02/06 17:27:32 | 000,000,000 | ---D | M] -- C:\Users\DelektoJA\AppData\Roaming\XYplorer
     
    ========== Purity Check ==========
     
     
     
    ========== Files - Unicode (All) ==========
    [2013/02/22 22:12:44 | 000,000,000 | ---D | M](C:\Windows\SysWow64\??????????i?????) -- C:\Windows\SysWow64\㷘ʶ睩㷠ʶ㷠ʶĩ㷘ʶᓝ癷
    [2013/02/22 22:12:44 | 000,000,000 | ---D | C](C:\Windows\SysWow64\??????????i?????) -- C:\Windows\SysWow64\㷘ʶ睩㷠ʶ㷠ʶĩ㷘ʶᓝ癷
     
    ========== Alternate Data Streams ==========
     
    @Alternate Data Stream - 154 bytes -> C:\ProgramData\Temp:9341E0C6
     
    < End of report >


    #15 dele21

    dele21
    • Topic Starter

    • Members
    • 20 posts
    • OFFLINE
    •  
    • Gender:Male
    • Location:'Merica
    • Local time:05:36 AM

    Posted 23 February 2013 - 11:24 PM

    System seems to be consistently stable, however still takes longer than average to boot up (a main problem when it was "infected"). But that's honestly all that I can tell.






    0 user(s) are reading this topic

    0 members, 0 guests, 0 anonymous users