Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

DDS logs to make sure that ScorpionSaver is permanantly removed from my PC


  • Please log in to reply
14 replies to this topic

#1 ICOYAR

ICOYAR

  • Members
  • 25 posts
  • OFFLINE
  •  
  • Local time:03:48 PM

Posted 13 January 2014 - 02:46 PM

Original topic is here:
 
http://www.bleepingcomputer.com/forums/t/517961/cannot-remove-scorpionsaver-virus-from-my-pc/
 
Logs are here:

Attached Files



BC AdBot (Login to Remove)

 


#2 Aaflac

Aaflac

    Doin' Dis 'n Dat...


  • Malware Response Team
  • 2,307 posts
  • OFFLINE
  •  
  • Gender:Not Telling
  • Location:USA
  • Local time:03:48 PM

Posted 13 January 2014 - 05:36 PM

ICOYAR,

Let's use the following program to find out if anything is hiding...


Please use the tool Zoek:

Download > http://hijackthis.nl/smeenk/

Click: Download Zoek.exe version 5.0.0.0 (Do not click .zip or .rar)

When the download shows, and you get the option to save, please do so to the Desktop.

Right-click zoek.exe and select: Run as Administrator (Give it a few seconds to appear.)

If your AntiVirus warns you about the program, either allow Zoek to run, or temporarily disable your AV program.
Info on how to disable your security applications > http://www.bleepingcomputer.com/forums/topic114351.html

Next, copy and then paste the entire script in the code box below to the input field of Zoek (do not copy the word 'code'):

createsrpoint; 
process; 
filesrcm; 
startupall; 
installedprogs;
installer-list; 
uninstall-list;
hijackthis; 
firefoxlook; 
chromelook;  
srinfo; 
DIR /S /A:L "%systemdrive%\*">>"%temp%\log.txt";b
Now...

Close any open windows.
Click the Run script button and wait. It takes a few minutes to run all the script.

When finished, the zoek-results.log is opened in Notepad.
If a reboot is needed the log is opened after the reboot.
The log is also found on the systemdrive, normally C:\

Please post the zoek-results.log in your reply.

Edited by Aaflac, 13 January 2014 - 05:41 PM.

Old duck...


#3 ICOYAR

ICOYAR
  • Topic Starter

  • Members
  • 25 posts
  • OFFLINE
  •  
  • Local time:03:48 PM

Posted 13 January 2014 - 06:06 PM

Here are the results

 

==== Windows Installer Info ======================

64 Bit HP CIO Components Installer [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\80055D556F5E6D741BF62B4AD0D441F5]C:\Windows\Installer\a4ca66b.msi
Adobe Reader XI (11.0.05) [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\68AB67CA7DA73301B744BA0000000010]C:\Windows\Installer\d8f4c.msi
Ask Shopping Toolbar [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\333495D435D24514007A7A857BC06000]C:\Windows\Installer\1a77896f.msi
Ask Toolbar [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\333495D46700A67A677A7A857BC07000]C:\Windows\Installer\228ad32f.msi
BufferChm  [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\4AA7AEE2302C09b43AF491BFE71F8CC1]C:\Windows\Installer\a4ca693.msi
C4700  [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\F9F4F55A8ACC2374AAF130094A5A9074]C:\Windows\Installer\a4ca680.msi
Content Manager Assistant for PlayStation® [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\04564C2339671E948AE121B1908C03B3]C:\Windows\Installer\a43b3ad.msi
Crysis WARHEAD® [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\6EAB353794E54C649A5BA862A9137398]C:\Windows\Installer\2cde0.msi
Crysis WARHEAD® Patch [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\5A24AE79BAF384947BD43F4CB4315FEC]C:\Windows\Installer\1ee365.msi
Crysis®  [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\7B97E000527E10F478A01C92247B8F4E]C:\Windows\Installer\58b3d7.msi
Crysisr 2 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\D376330603527854A80DBE50F92C369F]C:\Windows\Installer\43a6179.msi
D3DX10  [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\7BD4C90EC03660F46A13E87A329932FA]C:\Windows\Installer\1cad71ba.msi
Destinations  [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\AB4027DB46DDE994B955A682C2FDF44A]C:\Windows\Installer\a4ca6ce.msi
DeviceDiscovery  [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\EE5F2A125CD1A884EBE75E628F6C4188]C:\Windows\Installer\a4ca6c9.msi
ESET Smart Security [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\28D4727F758C02C4BAA17D106DB4DF09]C:\Windows\Installer\4969cd15.msi
GameSpy Comrade [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\F677C4F5DBC8F4C498F25B86BADD078C]C:\Windows\Installer\6b43ab.msi
GPBaseService2  [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\9C12FF36018AF4646BA0131147B7A1D6]C:\Windows\Installer\a4ca6b3.msi
HP Update [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\7ADB9507BD1EC2447B1A16449576024A]C:\Windows\Installer\234889ac.msi
HPPhotoGadget  [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\F3124EAC797FD934DBE9977BD111B53E]C:\Windows\Installer\a4ca670.msi
hpPrintProjects  [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\2ABDC57C68C3e184DB01DBAD57F8D9FF]C:\Windows\Installer\a4ca6da.msi
HPProductAssistant  [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\5F62334C531F15542807F7A7AB40261E]C:\Windows\Installer\a4ca6ae.msi
HPSSupply  [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\12BFF2B688CA3C54A9D7B43B7E44CE19]C:\Windows\Installer\234889a6.msi
hpWLPGInstaller  [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\8D71BF706BD760F4084CB81E17C96B1A]C:\Windows\Installer\a4ca685.msi
Java 7 Update 17 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\4EA42A62D9304AC4784BF238120771FF]C:\Windows\Installer\40f945.msi
Java 7 Update 25 (64-bit) [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\4EA42A62D9304AC4784BF268140752FF]C:\Windows\Installer\53e49341.msi
Java Auto Updater [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\F60730A4A66673047777F5728467D401]C:\Windows\Installer\54963f63.msi
Java™ 6 Update 32 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\4EA42A62D9304AC4784BF238120623FF]C:\Windows\Installer\53ea30b0.msi
JavaFX 2.1.1 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\F6071111A6667304777712318267D401]C:\Windows\Installer\9640c3c.msi
Junk Mail filter update [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\7E0BA6F1DDC839B4A832AAE92BEFCF4E]C:\Windows\Installer\1cad71c4.msi
MarketResearch  [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\1110F57186925394F8073301C8A6D43E]C:\Windows\Installer\a4ca6d3.msi
Mesh Runtime [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\6116D6C8427B0184F8D20D746E7B6DE8]C:\Windows\Installer\1cad71fb.msi
MGTEK dopisp 6.1 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\4753D52C631333B4D923F8F0E5183F94]C:\Windows\Installer\41b35231.msi
Microsoft .NET Framework 1.1 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\DDE7F2BCF1D91C3409CFF425AE1E271A]C:\Windows\Installer\6a636d.msi
Microsoft .NET Framework 4.5 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\0D741DA1E0EBC6D3CA11466FCD14361F]C:\Windows\Installer\80a9df4.msi
Microsoft Application Error Reporting [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\000021599B0090400100000000F01FEC]C:\Windows\Installer\1cad717d.msi
Microsoft File Transfer Manager [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\BA9618C41C6BB314186B377B17728DF2]C:\Windows\Installer\4806554d.msi
Microsoft Games for Windows - LIVE Redistributable [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\0ED9D238CFA898648991D4BBEDDBE3F4]C:\Windows\Installer\4843f99e.msi
Microsoft Games for Windows Marketplace [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\C7030BC4E565144468EBD02F4EBF28C8]C:\Windows\Installer\4843f999.msi
Microsoft Silverlight [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\D7314F9862C648A4DB8BE2A5B47BE100]c:\Windows\Installer\182cc4a.msi
Microsoft Visual C++ 2005 Redistributable (x64) [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\1af2a8da7e60d0b429d7e6453b3d0182]C:\Windows\Installer\24f7fec.msi
Microsoft Visual C++ 2005 Redistributable (x64) [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\84b9c17023c712640acaf308593282f8]C:\Windows\Installer\58b3d3.msi
Microsoft Visual C++ 2005 Redistributable [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\3e43b73803c7c394f8a6b2f0402e19c2]C:\Windows\Installer\1529ed6d.msi
Microsoft Visual C++ 2005 Redistributable [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\b25099274a207264182f8181add555d0]C:\Windows\Installer\3b751f7d.msi
Microsoft Visual C++ 2005 Redistributable [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\c1c4f01781cc94c4c8fb1542c0981a2a]C:\Windows\Installer\24f800b.msi
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\EFEE0228DC83E77358593193D847A0EC]c:\Windows\Installer\96b2a.msi
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\67D6ECF5CD5FBA732B8B22BAC8DE1B4D]c:\Windows\Installer\e4020e8.msi
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\6F9E66FF7E38E3A3FA41D89E8A906A4A]c:\Windows\Installer\39655c.msi
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\D20352A90C039D93DBF6126ECE614057]C:\Windows\Installer\2b7a435e.msi
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\CFD2C1F142D260E3CB8B271543DA9F98]C:\Windows\Installer\180eb369.msi
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\6E815EB96CCE9A53884E7857C57002F0]c:\Windows\Installer\24f8019.msi
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\1926E8D15D0BCE53481466615F760A7F]c:\Windows\Installer\44b8c03.msi
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\1D5E3C0FEDA1E123187686FED06E995A]c:\Windows\Installer\43a617e.msi
MSVCRT  [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\A6C64DD86500CEF47BA082BB611A1FF1]C:\Windows\Installer\1cad71ab.msi
MSVCRT_amd64  [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\52744B0D6663D294EB6F85A741DBB99D]C:\Windows\Installer\1cad71c9.msi
MSXML 4.0 SP2 (KB954430) [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\DDA39468D428E8B4DB27C8D5DC5CA217]c:\Windows\Installer\3dd58.msi
MSXML 4.0 SP2 (KB973688) [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\6E8A266FCD4F2A1409E1C8110F44DBCE]c:\Windows\Installer\52a1f71.msi
Network64  [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\73FBFE5025E0975478C5E7FED0BFF4BC]C:\Windows\Installer\a4ca666.msi
NVIDIA PhysX [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\26E909AD54B31AB4B885CFEAABB4EC9C]C:\Windows\Installer\395befdd.msi
PS_AIO_06_C4700_SW_Min  [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\9913F63E282CAC74AB7CB2772D747E06]C:\Windows\Installer\a4ca68a.msi
Razer Naga [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\9A8014DEDF0681F4FA24212291797737]C:\Windows\Installer\11f4b981.msi
Scan  [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\3AC763F0F2B39F344AA4528AEE964ED5]C:\Windows\Installer\a4ca69c.msi
Skype Click to Call [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\7692FC6BE18C0C0489510C7547EF1F02]C:\Windows\Installer\158aa.msi
SkypeT 6.11 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\E7FF67E4ABEA78C47B88DC745E24B5D9]C:\Windows\Installer\8677d82.msi
SmartWebPrinting  [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\21D01A86F0D02124DB6E8DF7DA238AAF]C:\Windows\Installer\a4ca6df.msi
SolutionCenter  [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\70FE07A488F74344BB161DEDA89ED34D]C:\Windows\Installer\a4ca6a9.msi
Status  [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\BF5078EAC31E9A04A8D2866D37F3FB2C]C:\Windows\Installer\a4ca6c4.msi
Steam  [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\9C8928403D4AB094F99FBA20A329833F]C:\Windows\Installer\2f1fd.msi
swMSM  [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\7C43C21609E58D74B9C5F017D78D7262]C:\Windows\Installer\834ac54.msi
System Requirements Lab CYRI [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\814C77F109C2C954DB335BA614289BAF]C:\Windows\Installer\1d0b7bdf.msi
Toolbox  [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\9E62ABB630BA7EF438A1535385C40A20]C:\Windows\Installer\a4ca67a.msi
TrayApp  [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\99F5A0CD66DFF334D9A350CDAB46EB24]C:\Windows\Installer\a4ca6bf.msi
WebReg  [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\649FDC349D5F29240B60ABD029100312]C:\Windows\Installer\a4ca675.msi
Windows Live Communications Platform [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\3D04254D3B6B9FF42B3445CE3E1E0066]C:\Windows\Installer\1cad71a6.msi
Windows Live Essentials [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\032440EF5AC97F34B985A55C2AA8F133]C:\Windows\Installer\1cad720d.msi
Windows Live ID Sign-in Assistant [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\BFF8CCA148D950C44AED2DA8B99C6189]C:\Windows\Installer\1cad7172.msi
Windows Live Installer [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\F132F0B0A6ECD384AA32773B467F9571]C:\Windows\Installer\1cad71b5.msi
Windows Live Language Selector [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\BAF5E720674195C4AA4B23FE82253099]C:\Windows\Installer\1cad7182.msi
Windows Live Mail [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\4E42866C3BBC1584BBF38EFC6D539032]C:\Windows\Installer\1cad721c.msi
Windows Live Mail [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\A57765D93F393A44082948E08362ED03]C:\Windows\Installer\1cad71cf.msi
Windows Live Mesh [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\88119C0AF88C68E4396EDCC7A9626694]C:\Windows\Installer\1cad7226.msi
Windows Live Mesh [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\C7BCDCEDCC85568419FA26F77989EF84]C:\Windows\Installer\1cad7203.msi
Windows Live Mesh ActiveX Control for Remote Connections [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\389F20921C4BAB448BD5C5D6252E4C14]C:\Windows\Installer\1f3a78.msi
Windows Live MIME IFilter [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\E08F45ADC1622A148A5545A941F4F295]C:\Windows\Installer\1cad7187.msi
Windows Live Photo Common [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\775F634D5961F2D4B844CA679CE90020]C:\Windows\Installer\1cad7217.msi
Windows Live Photo Common [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\B6ACDB9A3563B764CA384963D73AFB3E]C:\Windows\Installer\1cad71dc.msi
Windows Live PIMT Platform [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\7B292C385A83B0447A137070E0186AF4]C:\Windows\Installer\1cad71bf.msi
Windows Live Remote Client [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\A889D6FD0AEE7724AA8B51E880E634B9]C:\Windows\Installer\1cad718d.msi
Windows Live Remote Client Resources [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\2350B7483E55FAA4D8B73E1A7ADC715E]C:\Windows\Installer\1cad7192.msi
Windows Live Remote Service [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\8456A20EEDF62E04E89D11D9D7E746F1]C:\Windows\Installer\1cad7178.msi
Windows Live Remote Service Resources [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\EDEED656CA6FAC745A861A4B3EB47506]C:\Windows\Installer\1cad7197.msi
Windows Live SOXE [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\F4E3B286A696ED244AC1C470AE61874B]C:\Windows\Installer\1cad71a1.msi
Windows Live SOXE Definitions [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\26CEF00243C306D4C98ECE73E2100CF8]C:\Windows\Installer\1cad719c.msi
Windows Live UX Platform [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\E97A59ECCF4EFFF4A857920FB449F22F]C:\Windows\Installer\1cad71b0.msi
Windows Live UX Platform Language Pack [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\4A4869755DDD3AC4E98AB77E9D95D34B]C:\Windows\Installer\1cad7208.msi
Windows Live Writer [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\076CFAAAB965F2A4284B2449E5D03EFE]C:\Windows\Installer\1cad71d4.msi
Windows Live Writer Resources [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\EEDB8CDDCACDD4042875E3D8B4874276]C:\Windows\Installer\1cad7212.msi

==== Installed Programs ======================

æTorrent  
64 Bit HP CIO Components Installer  
Adobe Flash Player 11 ActiveX  
Adobe Flash Player 11 Plugin  
Adobe Reader XI (11.0.05)  
Adobe Shockwave Player 12.0  
applicationupdater  
ARPCache Viewer  
Ask Shopping Toolbar  
Ask Toolbar  
ASUSUpdate  
Battlefield 3T  
Battlefield 3T Open Beta  
Battlelog Web Plugins  
BioShock Infinite  
BufferChm  
C4700  
Console Classix version 4.22  
Content Manager Assistant for PlayStation®  
CPUID CPU-Z 1.60.1  
Crysis WARHEAD®  
Crysis WARHEAD® Patch  
Crysis®  
Crysisr 2  
D3DX10  
Destinations  
DeviceDiscovery  
Driver San Francisco  
Dual-Core Optimizer  
Duke Nukem Forever  
EPU-4 Engine  
ESET Smart Security  
ESN Sonar  
Far Cryr 3  
File-Extensions.org Search  
FXAA Post-Process Injector  
FXAA Post Process Injector  
gamelauncher-code4344-beta  
gamelauncher-ps2-live  
GameSpy Comrade  
GameTap Player  
Gametap Player  
GPBaseService2  
Grand Theft Auto III  
HiJackThis  
Homefront  
HP Customer Participation Program 13.0  
HP Imaging Device Functions 13.0  
HP Photosmart C4700 All-In-One Driver Software 13.0 Rel .6  
HP Print Projects 1.0  
HP Smart Web Printing 4.5  
HP Solution Center 13.0  
HP Update  
HPPhotoGadget  
hpPrintProjects  
HPProductAssistant  
HPSSupply  
hpWLPGInstaller  
IZArc 4.1.6  
Java 7 Update 21  
Java 7 Update 25 (64-bit)  
Java Auto Updater  
Java™ 6 Update 32  
JavaFX 2.1.1  
Junk Mail filter update  
Malwarebytes Anti-Malware version 1.75.0.1300  
ManyCam 3.1.58  
MarketResearch  
Max Payne  
Max Payne 2: The Fall of Max Payne  
Max Payne 3  
Mesh Runtime  
MGTEK dopisp 6.1  
Microsoft  File Transfer Manager  
Microsoft .NET Framework 1.1  
Microsoft .NET Framework 4.5  
Microsoft Application Error Reporting  
Microsoft Games for Windows - LIVE Redistributable  
Microsoft Games for Windows Marketplace  
Microsoft Silverlight  
Microsoft SkyDrive  
Microsoft Visual C++ 2005 Redistributable  
Microsoft Visual C++ 2005 Redistributable (x64)  
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17  
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161  
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022  
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17  
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148  
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161  
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219  
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219  
Mirror's Edge  
Mozilla Firefox 27.0 (x86 en-US)  
Mozilla Maintenance Service  
MSVCRT  
MSVCRT_amd64  
MSXML 4.0 SP2 (KB954430)  
MSXML 4.0 SP2 (KB973688)  
Network64  
Nexus Mod Manager  
NVIDIA 3D Vision Controller Driver  
NVIDIA 3D Vision Controller Driver 296.10  
NVIDIA 3D Vision Driver 311.06  
NVIDIA Control Panel 311.06  
NVIDIA Graphics Driver 311.06  
NVIDIA HD Audio Driver 1.3.12.0  
NVIDIA Install Application  
NVIDIA PhysX  
NVIDIA PhysX System Software 9.12.0213  
NVIDIA Stereoscopic 3D Driver  
NVIDIA Update 1.11.3  
NVIDIA Update Components  
Octodad  
Origin  
Pidgin  
PlanetSide 2  
Plants vs. Zombies  
Prince of Persia The Forgotten SandsT  
PS_AIO_06_C4700_SW_Min  
RAGE  
Razer Game Booster  
Razer Naga  
Recuva  
Rockstar Games Social Club  
Sauerbraten  
Scan  
ScorpionSaver  
Scribblenauts Unlimited  
Security Update for Microsoft .NET Framework 4.5 (KB2737083)  
Security Update for Microsoft .NET Framework 4.5 (KB2742613)  
Security Update for Microsoft .NET Framework 4.5 (KB2789648)  
Security Update for Microsoft .NET Framework 4.5 (KB2804582)  
Security Update for Microsoft .NET Framework 4.5 (KB2833957)  
Security Update for Microsoft .NET Framework 4.5 (KB2840642v2)  
Security Update for Microsoft .NET Framework 4.5 (KB2861208)  
Shop for HP Supplies  
Sid Meier's Civilization V  
Skype Click to Call  
SkypeT 6.11  
Sleeping DogsT  
SmartWebPrinting  
SolutionCenter  
Sonic Generations  
Status  
Steam  
swMSM  
System Explorer 4.0.0  
System Requirements Lab CYRI  
Team Fortress 2  
Test Drive Unlimited 2  
The Elder Scrolls Online Beta  
The Elder Scrolls V: Skyrim  
The Sims™ 3  
The Witcher 2: Assassins of Kings Enhanced Edition  
Toolbox  
TrayApp  
Ubisoft Game Launcher  
Unity Web Player  
Universe Sandbox  
Update for Microsoft .NET Framework 4.5 (KB2750147)  
Update for Microsoft .NET Framework 4.5 (KB2805221)  
Update for Microsoft .NET Framework 4.5 (KB2805226)  
Uplay  
Virtual Audio Cable 4.10  
WebReg  
Windows Glulxe  
Windows Live Communications Platform  
Windows Live Essentials  
Windows Live ID Sign-in Assistant  
Windows Live Installer  
Windows Live Language Selector  
Windows Live Mail  
Windows Live Mesh  
Windows Live Mesh ActiveX Control for Remote Connections  
Windows Live MIME IFilter  
Windows Live Photo Common  
Windows Live PIMT Platform  
Windows Live Remote Client  
Windows Live Remote Client Resources  
Windows Live Remote Service  
Windows Live Remote Service Resources  
Windows Live SOXE  
Windows Live SOXE Definitions  
Windows Live UX Platform  
Windows Live UX Platform Language Pack  
Windows Live Writer  
Windows Live Writer Resources  
WinPcap 4.1.2  
WinRAR archiver  
Wireshark 1.8.3 (64-bit)  
Worms Reloaded  
Yahoo BrowserPlus 2.9.8  
Yahoo Messenger  
Yahoo Software Update  
Yahoo Toolbar  

==== Running Processes ======================

C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
C:\Program Files\ESET\ESET Smart Security\x86\ekrn.exe
C:\Windows\SysWOW64\svchost.exe
C:\Windows\SysWOW64\PnkBstrA.exe
C:\Program Files (x86)\Razer\Razer Game Booster\RzKLService.exe
C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe
C:\Program Files (x86)\Yahoo\SoftwareUpdate\YahooAUService.exe
C:\Program Files (x86)\HP\HP Software Update\hpwuSchd2.exe
C:\Program Files (x86)\HP\Digital Imaging\bin\hpqSTE08.exe
C:\Program Files (x86)\HP\Digital Imaging\bin\hpqbam08.exe
C:\Program Files (x86)\HP\Digital Imaging\bin\hpqgpc01.exe
C:\Users\Owner\Downloads\zoek.exe
C:\Windows\SysWOW64\cmd.exe
C:\Windows\SysWOW64\cmd.exe
C:\Windows\SysWOW64\cmd.exe

==== Batch Command(s) Run By Tool======================

 Volume in drive C has no label.
 Volume Serial Number is 5AC0-7556

 Directory of C:\

07/14/2009  12:08 AM    <JUNCTION>     Documents and Settings [C:\Users]
               0 File(s)              0 bytes

 Directory of C:\ProgramData

07/14/2009  12:08 AM    <JUNCTION>     Application Data [C:\ProgramData]
07/14/2009  12:08 AM    <JUNCTION>     Desktop [C:\Users\Public\Desktop]
07/14/2009  12:08 AM    <JUNCTION>     Documents [C:\Users\Public\Documents]
07/14/2009  12:08 AM    <JUNCTION>     Favorites [C:\Users\Public\Favorites]
07/14/2009  12:08 AM    <JUNCTION>     Start Menu [C:\ProgramData\Microsoft\Windows\Start Menu]
07/14/2009  12:08 AM    <JUNCTION>     Templates [C:\ProgramData\Microsoft\Windows\Templates]
               0 File(s)              0 bytes

 Directory of C:\Users

07/14/2009  12:08 AM    <SYMLINKD>     All Users [C:\ProgramData]
07/14/2009  12:08 AM    <JUNCTION>     Default User [C:\Users\Default]
               0 File(s)              0 bytes

 Directory of C:\Users\All Users

07/14/2009  12:08 AM    <JUNCTION>     Application Data [C:\ProgramData]
07/14/2009  12:08 AM    <JUNCTION>     Desktop [C:\Users\Public\Desktop]
07/14/2009  12:08 AM    <JUNCTION>     Documents [C:\Users\Public\Documents]
07/14/2009  12:08 AM    <JUNCTION>     Favorites [C:\Users\Public\Favorites]
07/14/2009  12:08 AM    <JUNCTION>     Start Menu [C:\ProgramData\Microsoft\Windows\Start Menu]
07/14/2009  12:08 AM    <JUNCTION>     Templates [C:\ProgramData\Microsoft\Windows\Templates]
               0 File(s)              0 bytes

 Directory of C:\Users\Default

07/14/2009  12:08 AM    <JUNCTION>     Application Data [C:\Users\Default\AppData\Roaming]
07/14/2009  12:08 AM    <JUNCTION>     Local Settings [C:\Users\Default\AppData\Local]
07/14/2009  12:08 AM    <JUNCTION>     My Documents [C:\Users\Default\Documents]
07/14/2009  12:08 AM    <JUNCTION>     NetHood [C:\Users\Default\AppData\Roaming\Microsoft\Windows\Network Shortcuts]
07/14/2009  12:08 AM    <JUNCTION>     PrintHood [C:\Users\Default\AppData\Roaming\Microsoft\Windows\Printer Shortcuts]
07/14/2009  12:08 AM    <JUNCTION>     Recent [C:\Users\Default\AppData\Roaming\Microsoft\Windows\Recent]
07/14/2009  12:08 AM    <JUNCTION>     SendTo [C:\Users\Default\AppData\Roaming\Microsoft\Windows\SendTo]
07/14/2009  12:08 AM    <JUNCTION>     Start Menu [C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu]
07/14/2009  12:08 AM    <JUNCTION>     Templates [C:\Users\Default\AppData\Roaming\Microsoft\Windows\Templates]
               0 File(s)              0 bytes

 Directory of C:\Users\Default\AppData\Local

07/14/2009  12:08 AM    <JUNCTION>     Application Data [C:\Users\Default\AppData\Local]
07/14/2009  12:08 AM    <JUNCTION>     History [C:\Users\Default\AppData\Local\Microsoft\Windows\History]
07/14/2009  12:08 AM    <JUNCTION>     Temporary Internet Files [C:\Users\Default\AppData\Local\Microsoft\Windows\Temporary Internet Files]
               0 File(s)              0 bytes

 Directory of C:\Users\Default\Documents

07/14/2009  12:08 AM    <JUNCTION>     My Music [C:\Users\Default\Music]
07/14/2009  12:08 AM    <JUNCTION>     My Pictures [C:\Users\Default\Pictures]
07/14/2009  12:08 AM    <JUNCTION>     My Videos [C:\Users\Default\Videos]
               0 File(s)              0 bytes

 Directory of C:\Users\DefaultAppPool

06/26/2012  04:27 PM    <JUNCTION>     Application Data [C:\Users\DefaultAppPool\AppData\Roaming]
06/26/2012  04:27 PM    <JUNCTION>     Cookies [C:\Users\DefaultAppPool\AppData\Roaming\Microsoft\Windows\Cookies]
06/26/2012  04:27 PM    <JUNCTION>     Local Settings [C:\Users\DefaultAppPool\AppData\Local]
06/26/2012  04:27 PM    <JUNCTION>     My Documents [C:\Users\DefaultAppPool\Documents]
06/26/2012  04:27 PM    <JUNCTION>     NetHood [C:\Users\DefaultAppPool\AppData\Roaming\Microsoft\Windows\Network Shortcuts]
06/26/2012  04:27 PM    <JUNCTION>     PrintHood [C:\Users\DefaultAppPool\AppData\Roaming\Microsoft\Windows\Printer Shortcuts]
06/26/2012  04:27 PM    <JUNCTION>     Recent [C:\Users\DefaultAppPool\AppData\Roaming\Microsoft\Windows\Recent]
06/26/2012  04:27 PM    <JUNCTION>     SendTo [C:\Users\DefaultAppPool\AppData\Roaming\Microsoft\Windows\SendTo]
06/26/2012  04:27 PM    <JUNCTION>     Start Menu [C:\Users\DefaultAppPool\AppData\Roaming\Microsoft\Windows\Start Menu]
06/26/2012  04:27 PM    <JUNCTION>     Templates [C:\Users\DefaultAppPool\AppData\Roaming\Microsoft\Windows\Templates]
               0 File(s)              0 bytes

 Directory of C:\Users\DefaultAppPool\AppData\Local

06/26/2012  04:27 PM    <JUNCTION>     Application Data [C:\Users\DefaultAppPool\AppData\Local]
06/26/2012  04:27 PM    <JUNCTION>     History [C:\Users\DefaultAppPool\AppData\Local\Microsoft\Windows\History]
06/26/2012  04:27 PM    <JUNCTION>     Temporary Internet Files [C:\Users\DefaultAppPool\AppData\Local\Microsoft\Windows\Temporary Internet Files]
               0 File(s)              0 bytes

 Directory of C:\Users\DefaultAppPool\Documents

06/26/2012  04:27 PM    <JUNCTION>     My Music [C:\Users\DefaultAppPool\Music]
06/26/2012  04:27 PM    <JUNCTION>     My Pictures [C:\Users\DefaultAppPool\Pictures]
06/26/2012  04:27 PM    <JUNCTION>     My Videos [C:\Users\DefaultAppPool\Videos]
               0 File(s)              0 bytes

 Directory of C:\Users\Guest

06/10/2013  02:49 PM    <JUNCTION>     Application Data [C:\Users\Guest\AppData\Roaming]
06/10/2013  02:49 PM    <JUNCTION>     Cookies [C:\Users\Guest\AppData\Roaming\Microsoft\Windows\Cookies]
06/10/2013  02:49 PM    <JUNCTION>     Local Settings [C:\Users\Guest\AppData\Local]
06/10/2013  02:49 PM    <JUNCTION>     My Documents [C:\Users\Guest\Documents]
06/10/2013  02:49 PM    <JUNCTION>     NetHood [C:\Users\Guest\AppData\Roaming\Microsoft\Windows\Network Shortcuts]
06/10/2013  02:49 PM    <JUNCTION>     PrintHood [C:\Users\Guest\AppData\Roaming\Microsoft\Windows\Printer Shortcuts]
06/10/2013  02:49 PM    <JUNCTION>     Recent [C:\Users\Guest\AppData\Roaming\Microsoft\Windows\Recent]
06/10/2013  02:49 PM    <JUNCTION>     SendTo [C:\Users\Guest\AppData\Roaming\Microsoft\Windows\SendTo]
06/10/2013  02:49 PM    <JUNCTION>     Start Menu [C:\Users\Guest\AppData\Roaming\Microsoft\Windows\Start Menu]
06/10/2013  02:49 PM    <JUNCTION>     Templates [C:\Users\Guest\AppData\Roaming\Microsoft\Windows\Templates]
               0 File(s)              0 bytes

 Directory of C:\Users\Guest\AppData\Local

06/10/2013  02:49 PM    <JUNCTION>     Application Data [C:\Users\Guest\AppData\Local]
06/10/2013  02:49 PM    <JUNCTION>     History [C:\Users\Guest\AppData\Local\Microsoft\Windows\History]
06/10/2013  02:49 PM    <JUNCTION>     Temporary Internet Files [C:\Users\Guest\AppData\Local\Microsoft\Windows\Temporary Internet Files]
               0 File(s)              0 bytes

 Directory of C:\Users\Guest\Documents

06/10/2013  02:49 PM    <JUNCTION>     My Music [C:\Users\Guest\Music]
06/10/2013  02:49 PM    <JUNCTION>     My Pictures [C:\Users\Guest\Pictures]
06/10/2013  02:49 PM    <JUNCTION>     My Videos [C:\Users\Guest\Videos]
               0 File(s)              0 bytes

 Directory of C:\Users\Owner

07/03/2011  01:11 AM    <JUNCTION>     Application Data [C:\Users\Owner\AppData\Roaming]
07/03/2011  01:11 AM    <JUNCTION>     Cookies [C:\Users\Owner\AppData\Roaming\Microsoft\Windows\Cookies]
07/03/2011  01:11 AM    <JUNCTION>     Local Settings [C:\Users\Owner\AppData\Local]
07/03/2011  01:11 AM    <JUNCTION>     My Documents [C:\Users\Owner\Documents]
07/03/2011  01:11 AM    <JUNCTION>     NetHood [C:\Users\Owner\AppData\Roaming\Microsoft\Windows\Network Shortcuts]
07/03/2011  01:11 AM    <JUNCTION>     PrintHood [C:\Users\Owner\AppData\Roaming\Microsoft\Windows\Printer Shortcuts]
07/03/2011  01:11 AM    <JUNCTION>     Recent [C:\Users\Owner\AppData\Roaming\Microsoft\Windows\Recent]
07/03/2011  01:11 AM    <JUNCTION>     SendTo [C:\Users\Owner\AppData\Roaming\Microsoft\Windows\SendTo]
07/03/2011  01:11 AM    <JUNCTION>     Start Menu [C:\Users\Owner\AppData\Roaming\Microsoft\Windows\Start Menu]
07/03/2011  01:11 AM    <JUNCTION>     Templates [C:\Users\Owner\AppData\Roaming\Microsoft\Windows\Templates]
               0 File(s)              0 bytes

 Directory of C:\Users\Owner\AppData\Local

07/03/2011  01:11 AM    <JUNCTION>     Application Data [C:\Users\Owner\AppData\Local]
07/03/2011  01:11 AM    <JUNCTION>     History [C:\Users\Owner\AppData\Local\Microsoft\Windows\History]
07/03/2011  01:11 AM    <JUNCTION>     Temporary Internet Files [C:\Users\Owner\AppData\Local\Microsoft\Windows\Temporary Internet Files]
               0 File(s)              0 bytes

 Directory of C:\Users\Owner\Documents

07/03/2011  01:11 AM    <JUNCTION>     My Music [C:\Users\Owner\Music]
07/03/2011  01:11 AM    <JUNCTION>     My Pictures [C:\Users\Owner\Pictures]
07/03/2011  01:11 AM    <JUNCTION>     My Videos [C:\Users\Owner\Videos]
               0 File(s)              0 bytes

 Directory of C:\Users\Public\Documents

07/14/2009  12:08 AM    <JUNCTION>     My Music [C:\Users\Public\Music]
07/14/2009  12:08 AM    <JUNCTION>     My Pictures [C:\Users\Public\Pictures]
07/14/2009  12:08 AM    <JUNCTION>     My Videos [C:\Users\Public\Videos]
               0 File(s)              0 bytes

 Directory of C:\Users\UpdatusUser

03/13/2012  06:46 PM    <JUNCTION>     Application Data [C:\Users\UpdatusUser\AppData\Roaming]
03/13/2012  06:46 PM    <JUNCTION>     Cookies [C:\Users\UpdatusUser\AppData\Roaming\Microsoft\Windows\Cookies]
03/13/2012  06:46 PM    <JUNCTION>     Local Settings [C:\Users\UpdatusUser\AppData\Local]
03/13/2012  06:46 PM    <JUNCTION>     My Documents [C:\Users\UpdatusUser\Documents]
03/13/2012  06:46 PM    <JUNCTION>     NetHood [C:\Users\UpdatusUser\AppData\Roaming\Microsoft\Windows\Network Shortcuts]
03/13/2012  06:46 PM    <JUNCTION>     PrintHood [C:\Users\UpdatusUser\AppData\Roaming\Microsoft\Windows\Printer Shortcuts]
03/13/2012  06:46 PM    <JUNCTION>     Recent [C:\Users\UpdatusUser\AppData\Roaming\Microsoft\Windows\Recent]
03/13/2012  06:46 PM    <JUNCTION>     SendTo [C:\Users\UpdatusUser\AppData\Roaming\Microsoft\Windows\SendTo]
03/13/2012  06:46 PM    <JUNCTION>     Start Menu [C:\Users\UpdatusUser\AppData\Roaming\Microsoft\Windows\Start Menu]
03/13/2012  06:46 PM    <JUNCTION>     Templates [C:\Users\UpdatusUser\AppData\Roaming\Microsoft\Windows\Templates]
               0 File(s)              0 bytes

 Directory of C:\Users\UpdatusUser\AppData\Local

03/13/2012  06:46 PM    <JUNCTION>     Application Data [C:\Users\UpdatusUser\AppData\Local]
03/13/2012  06:46 PM    <JUNCTION>     History [C:\Users\UpdatusUser\AppData\Local\Microsoft\Windows\History]
03/13/2012  06:46 PM    <JUNCTION>     Temporary Internet Files [C:\Users\UpdatusUser\AppData\Local\Microsoft\Windows\Temporary Internet Files]
               0 File(s)              0 bytes

 Directory of C:\Users\UpdatusUser\Documents

03/13/2012  06:46 PM    <JUNCTION>     My Music [C:\Users\UpdatusUser\Music]
03/13/2012  06:46 PM    <JUNCTION>     My Pictures [C:\Users\UpdatusUser\Pictures]
03/13/2012  06:46 PM    <JUNCTION>     My Videos [C:\Users\UpdatusUser\Videos]
               0 File(s)              0 bytes

 Directory of C:\Windows\SysWOW64\config\systemprofile

07/24/2011  03:21 PM    <JUNCTION>     Application Data [C:\Windows\system32\config\systemprofile\AppData\Roaming]
07/24/2011  03:21 PM    <JUNCTION>     Local Settings [C:\Windows\system32\config\systemprofile\AppData\Local]
07/24/2011  03:21 PM    <JUNCTION>     My Documents [C:\Windows\system32\config\systemprofile\Documents]
07/24/2011  03:21 PM    <JUNCTION>     NetHood [C:\Windows\system32\config\systemprofile\AppData\Roaming\Microsoft\Windows\Network Shortcuts]
07/24/2011  03:21 PM    <JUNCTION>     PrintHood [C:\Windows\system32\config\systemprofile\AppData\Roaming\Microsoft\Windows\Printer Shortcuts]
07/24/2011  03:21 PM    <JUNCTION>     Recent [C:\Windows\system32\config\systemprofile\AppData\Roaming\Microsoft\Windows\Recent]
07/24/2011  03:21 PM    <JUNCTION>     SendTo [C:\Windows\system32\config\systemprofile\AppData\Roaming\Microsoft\Windows\SendTo]
07/24/2011  03:21 PM    <JUNCTION>     Start Menu [C:\Windows\system32\config\systemprofile\AppData\Roaming\Microsoft\Windows\Start Menu]
07/24/2011  03:21 PM    <JUNCTION>     Templates [C:\Windows\system32\config\systemprofile\AppData\Roaming\Microsoft\Windows\Templates]
               0 File(s)              0 bytes

 Directory of C:\Windows\SysWOW64\config\systemprofile\AppData\Local

07/24/2011  03:21 PM    <JUNCTION>     Application Data [C:\Windows\system32\config\systemprofile\AppData\Local]
07/24/2011  03:21 PM    <JUNCTION>     History [C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\History]
07/24/2011  03:21 PM    <JUNCTION>     Temporary Internet Files [C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files]
               0 File(s)              0 bytes

 Directory of C:\Windows\SysWOW64\config\systemprofile\Documents

07/24/2011  03:21 PM    <JUNCTION>     My Music [C:\Windows\system32\config\systemprofile\Music]
07/24/2011  03:21 PM    <JUNCTION>     My Pictures [C:\Windows\system32\config\systemprofile\Pictures]
07/24/2011  03:21 PM    <JUNCTION>     My Videos [C:\Windows\system32\config\systemprofile\Videos]
               0 File(s)              0 bytes

     Total Files Listed:
               0 File(s)              0 bytes
             112 Dir(s)  1,590,001,733,632 bytes free

==== Files Recently Created / Modified ======================

====== C:\Windows ====
====== C:\Users\Owner\AppData\Local\Temp ====
2014-01-01 00:44:07    8123BD4D3B32B352C4651D89D6597D88    127776    ----a-w-    C:\Users\Guest\AppData\Local\Temp\nse320A.tmp\xml.dll
2014-01-01 00:44:05    13164F6D92DDF1E8AFDC3A266EF73053    229152    ----a-w-    C:\Users\Guest\AppData\Local\Temp\nse320A.tmp\DownloadACC.dll
2014-01-01 00:44:04    21E8074D98A5961FFD8A37C77063E9E4    971040    ----a-w-    C:\Users\Guest\AppData\Local\Temp\nse320A.tmp\webapphost.dll
====== Java Cache =====
2013-12-15 02:48:29    BE2541A54D14AFEF3BC0CDB1DE1C017A    15901    ----a-w-    C:\Users\Owner\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\35\47b007a3-6b18951d
====== C:\Windows\SysWOW64 =====
====== C:\Windows\SysWOW64\drivers =====
====== C:\Windows\Sysnative =====
====== C:\Windows\Sysnative\drivers =====
2013-12-22 20:49:14    0BB97D43299910CBFBA59C461B99B910    25928    ----a-w-    C:\Windows\Sysnative\drivers\mbam.sys
====== C:\Windows\Tasks ======
====== C:\Windows\Temp ======
======= C:\Program Files =====
======= C:\PROGRA~2 =====
2014-01-08 03:37:38    --------    d-----w-    C:\PROGRA~2\Zenimax Online
2013-12-22 20:49:14    --------    d-----w-    C:\PROGRA~2\ABC123
2013-12-19 17:56:23    --------    d-----w-    C:\PROGRA~2\ESET
======= C: =====
====== C:\Users\Owner\AppData\Roaming ======
2014-01-11 01:40:26    --------    d-----w-    C:\Users\Owner\AppData\Roaming\Awesomium
2014-01-01 00:44:56    --------    d-----w-    C:\Users\Guest\AppData\Local\Conduit
====== C:\Users\Owner ======
2014-01-13 19:36:03    8B968045D75783A09592C3105F2865DA    688992    ------r-    C:\Users\Owner\Downloads\dds.com
2014-01-13 00:37:07    A0844C730F1091B491A8737404F4C914    347816    ----a-w-    C:\Users\Owner\Downloads\MicrosoftFixit.ProgramInstallUninstall.RNP.27313000624146730.1.1.Run.exe
2014-01-12 22:03:10    C038AC0153BFFE7F8778D404C0872317    1933048    ----a-w-    C:\Users\Owner\Downloads\rkill(1).com
2014-01-08 19:03:49    --------    d-----w-    C:\ProgramData\Elder Scrolls Online
2014-01-08 03:37:44    --------    d-----w-    C:\ProgramData\Microsoft\Windows\Start Menu\Programs\The Elder Scrolls Online Beta
2014-01-08 03:29:53    ED9732313C13A9E3601FB410A35AE98B    55903624    ----a-w-    C:\Users\Owner\Downloads\Install_ESO_Beta.exe
2014-01-01 00:43:52    307A2B03FE037E3B34071E32A076F9E8    222488    ----a-w-    C:\Users\Guest\Downloads\ManualSearch_TSV1E5GE.exe

====== C: exe-files ==
2014-01-13 02:21:52    D4CDC4F16011785CAD7492A71401DB7C    276592    ----a-w-    C:\Users\Owner\AppData\Local\Mozilla\updates\E7CF176E110C211B\updates\0\updater.exe
2014-01-13 00:37:07    A0844C730F1091B491A8737404F4C914    347816    ----a-w-    C:\Users\Owner\Downloads\MicrosoftFixit.ProgramInstallUninstall.RNP.27313000624146730.1.1.Run.exe
2014-01-08 03:41:00    F88444719321B0B2FA2FD8981B3212D6    167968    ----a-w-    C:\Program Files (x86)\Zenimax Online\Launcher\launcher_helper.exe
2014-01-08 03:37:38    4DD95F7CC4B9B07948B3BA65F0170D63    14993456    ----a-w-    C:\Program Files (x86)\Zenimax Online\Launcher\Bethesda.net_Launcher.exe
2014-01-08 03:37:38    2911FEE6C466B53364FADE94FC1D6FD2    717981    ----a-w-    C:\Program Files (x86)\Zenimax Online\Launcher\unins000.exe
2014-01-08 03:29:53    ED9732313C13A9E3601FB410A35AE98B    55903624    ----a-w-    C:\Users\Owner\Downloads\Install_ESO_Beta.exe
=== C: other files ==
2014-01-13 22:46:41    6CAC10487EB2C4ECEC44C8972450BDB6    1725    ----a-w-    C:\Users\Owner\AppData\Roaming\.purple\certificates\x509\tls_peers\bos.oscar.aol.com
2014-01-13 22:46:40    3C7E1618D9D6D0281D21469D2E91DB8B    1893    ----a-w-    C:\Users\Owner\AppData\Roaming\.purple\certificates\x509\tls_peers\api.oscar.aol.com
2014-01-13 22:46:39    70F3E87D75E20F36153AD1DDD269C3E9    1989    ----a-w-    C:\Users\Owner\AppData\Roaming\.purple\certificates\x509\tls_peers\api.screenname.aol.com
2014-01-13 19:36:03    8B968045D75783A09592C3105F2865DA    688992    ------r-    C:\Users\Owner\Downloads\dds.com
2014-01-12 22:03:10    C038AC0153BFFE7F8778D404C0872317    1933048    ----a-w-    C:\Users\Owner\Downloads\rkill(1).com

======== System Restore Points ========

RP395: 12/25/2013 5:00:16 PM - Windows Update
RP397: 1/1/2014 5:00:15 PM - Windows Update
RP398: 1/7/2014 10:37:57 PM - Installed DirectX
RP400: 1/8/2014 5:00:17 PM - Windows Update
RP402: 1/12/2014 7:38:10 PM - Restore Point before ScorpionSaver was removed using Program Install and Uninstall troubleshooter
RP404: 1/12/2014 7:38:37 PM -  ScorpionSaver
RP405: 1/13/2014 5:58:16 PM - zoek.exe restore point

==== Startup Registry Enabled ======================

[HKEY_USERS\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\Run]
"Sidebar"="%ProgramFiles%\Windows\Sidebar.exe /autoRun"

[HKEY_USERS\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\Run]
"Sidebar"="%ProgramFiles%\Windows\Sidebar.exe /autoRun"

[HKEY_USERS\S-1-5-21-1929715978-1136492960-3399458760-1000\Software\Microsoft\Windows\CurrentVersion\Run]
"Steam"="C:\Program Files (x86)\Steam\Steam.exe -silent"
"Skype"="C:\Program Files (x86)\Skype\Phone\Skype.exe /minimized /regrun"
"Messenger (Yahoo\PROGRA~2\Yahoo\MESSEN~1\YAHOOM~1.EXE -quiet"
"ManyCam"="C:\Program Files (x86)\ManyCam\Bin\ManyCam.exe /silent"
"SkyDrive"="C:\Users\Owner\AppData\Local\Microsoft\SkyDrive\SkyDrive.exe /background"

[HKEY_USERS\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\RunOnce]
"mctadmin"="C:\Windows\System32\mctadmin.exe"

[HKEY_USERS\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\RunOnce]
"mctadmin"="C:\Windows\System32\mctadmin.exe"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"amd_dc_opt"="C:\Program Files (x86)\AMD\Dual-Core Optimizer\amd_dc_opt.exe"
"Razer Naga Driver"="C:\Program Files (x86)\Razer\Naga\RazerNagaSysTray.exe"
"ROC_roc_ssl_v12"="C:\Program Files (x86)\AVG Secure Search\ROC_roc_ssl_v12.exe / /PROMPT /CMPID=roc_ssl_v12"
"Adobe ARM"="C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
"HP Software Update"="C:\Program Files (x86)\HP\HP Software Update\HPWuSchd2.exe"

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"Steam"="C:\Program Files (x86)\Steam\Steam.exe -silent"
"Skype"="C:\Program Files (x86)\Skype\Phone\Skype.exe /minimized /regrun"
"Messenger (Yahoo\PROGRA~2\Yahoo\MESSEN~1\YAHOOM~1.EXE -quiet"
"ManyCam"="C:\Program Files (x86)\ManyCam\Bin\ManyCam.exe /silent"
"SkyDrive"="C:\Users\Owner\AppData\Local\Microsoft\SkyDrive\SkyDrive.exe /background"

==== Startup Registry Enabled x64 ======================

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"egui"="C:\Program Files\ESET\ESET Smart Security\egui.exe /hide /waitservice"

==== Startup Registry Disabled x64 ======================

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\Aim]
"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"="Aim"
"hkey"="HKCU"
"command"="\"C:\\Program Files (x86)\\AIM\\aim.exe\" /d locale=en-US"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\Comrade.exe]
"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"="Comrade.exe"
"hkey"="HKCU"
"command"="C:\\Program Files (x86)\\GameSpy\\Comrade\\Comrade.exe"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\DriverMax]
"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"="DriverMax"
"hkey"="HKCU"
"command"="\"C:\\Program Files (x86)\\Innovative Solutions\\DriverMax\\devices.exe\" -agent"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\Messenger (Yahoo!)]
"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"="Messenger (Yahoo!)"
"hkey"="HKCU"
"command"="\"C:\\PROGRA~2\\Yahoo!\\Messenger\\YahooMessenger.exe\" -quiet"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\msnmsgr]
"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"="msnmsgr"
"hkey"="HKCU"
"command"="\"C:\\Program Files (x86)\\Windows Live\\Messenger\\msnmsgr.exe\" /background"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\SunJavaUpdateSched]
"key"="SOFTWARE\\Wow6432Node\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"="SunJavaUpdateSched"
"hkey"="HKLM"
"command"="\"C:\\Program Files (x86)\\Common Files\\Java\\Java Update\\jusched.exe\""


[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\Services]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\Services\YahooAUService]


==== Startup Folders ======================

2012-03-01 19:36:23    2150    ----a-w-    C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Content Manager Assistant for PlayStation®.lnk
2011-11-17 07:46:04    2172    ----a-w-    C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\File-Extensions.org Search.lnk
2011-07-26 23:44:15    2099    ----a-w-    C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\HP Digital Imaging Monitor.lnk

==== Task Scheduler Jobs ======================

C:\Windows\tasks\Adobe Flash Player Updater.job --a------ C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [12/11/2013 02:06 AM]

==== Other Scheduled Tasks ======================

"C:\Windows\SysNative\tasks\Adobe Flash Player Updater" [C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe]
"C:\Windows\SysNative\tasks\Razer_Game_Booster_AutoUpdate" [C:\Program Files (x86)\Razer\Razer Game Booster\AutoUpdate.exe]
"C:\Windows\SysNative\tasks\RealPlayerRealUpgradeLogonTaskS-1-5-21-1929715978-1136492960-3399458760-1000" [C:\Program Files (x86)\Real\RealUpgrade\RealUpgrade.exe]
"C:\Windows\SysNative\tasks\RealPlayerRealUpgradeScheduledTaskS-1-5-21-1929715978-1136492960-3399458760-1000" [C:\Program Files (x86)\Real\RealUpgrade\RealUpgrade.exe]
"C:\Windows\SysNative\tasks\{1040E76D-CB60-41A0-A7C1-68C40AF9E2A0}" [C:\Program Files (x86)\Mozilla Firefox\firefox.exe]
"C:\Windows\SysNative\tasks\{15F259A2-3326-4E7B-8E10-6CFDB507D549}" [C:\Program Files (x86)\Steam\Steam.exe]
"C:\Windows\SysNative\tasks\{4C09FBAE-DD71-4E03-BA97-556DBF3A6368}" [C:\Program Files (x86)\Free Sound Recorder\FreeSoundRecorder.exe]
"C:\Windows\SysNative\tasks\{9AD73E56-BA63-4B3C-88BF-9DB0639B0207}" [C:\Program Files (x86)\Steam\Steam.exe]
"C:\Windows\SysNative\tasks\{D18FF36A-1C12-4FF1-A946-BBFDE32EBE61}" [C:\Program Files (x86)\AIM\aim.exe]
"C:\Windows\SysNative\tasks\ASUS\ASUS SIX Engine" [C:\Program Files (x86)\ASUS\EPU-4 Engine\FourEngine.exe]
"C:\Windows\SysNative\tasks\ASUS\ASUS Update Checker" [C:\Program Files (x86)\ASUS\ASUSUpdate\UpdateChecker\UpdateChecker.exe]

==== Firefox Extensions Registry ======================

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Mozilla\Firefox\Extensions]
"smartwebprinting@hp.com"="C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3" [07/26/2011 06:45 PM]
[HKEY_CURRENT_USER\Software\Mozilla\Firefox\Extensions]
"smartwebprinting@hp.com"="C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3" [07/26/2011 06:45 PM]

==== Firefox Extensions ======================

ProfilePath: C:\Users\Guest\AppData\Roaming\Mozilla\Firefox\Profiles\2wm8vvd6.default
- Value Apps - %ProfilePath%\extensions\{94cd2cc3-083f-49ba-a218-4cda4b4829fd}

ProfilePath: C:\Users\Owner\AppData\Roaming\Mozilla\Firefox\Profiles\pgujms6z.default
- SpeedFox - %ProfilePath%\extensions\jid1-uabu5A9hduqzCw@jetpack
- ScorpionSaver - %ProfilePath%\extensions\ScorpionSaver@jetpack
- Yummy Games Player - %ProfilePath%\extensions\YPlayer@yummy.net
- GameFOX - %ProfilePath%\extensions\{6dd0bdba-0a02-429e-b595-87a7dfdca7a1}
- WOT - %ProfilePath%\extensions\{a0d7ccb3-214d-498b-b4aa-0e8fda9a7bf7}
- Greasemonkey - %ProfilePath%\extensions\{e4a8a97b-f2ed-450b-b12d-ee082ba24781}
- FoxLingo - %ProfilePath%\extensions\{ef62e1ce-d2a4-4cdd-b7ec-92b120366b66}
- YesScript - %ProfilePath%\extensions\yesscript@userstyles.org.xpi
- StumbleUpon - %ProfilePath%\extensions\{AE93811A-5C9A-4d34-8462-F7B864FC4696}.xpi
- Adblock Plus - %ProfilePath%\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi
- Text-to-Image - %ProfilePath%\extensions\{f701c26a-479a-4724-b4f1-870db12f063c}.xpi

ProfilePath: C:\Users\Owner\AppData\Roaming\Mozilla\Firefox\Profiles\pou5ek3d.default-1385440199553
- GameFOX - %ProfilePath%\extensions\{6dd0bdba-0a02-429e-b595-87a7dfdca7a1}
- WOT - %ProfilePath%\extensions\{a0d7ccb3-214d-498b-b4aa-0e8fda9a7bf7}
- Adblock Plus - %ProfilePath%\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi
- Greasemonkey - %ProfilePath%\extensions\{e4a8a97b-f2ed-450b-b12d-ee082ba24781}.xpi
- Text-to-Image - %ProfilePath%\extensions\{f701c26a-479a-4724-b4f1-870db12f063c}.xpi

AppDir: C:\Program Files (x86)\Mozilla Firefox
- Skype Click to Call - %AppDir%\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}
- Skype Click to Call - %AppDir%\browser\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}
- Default - %AppDir%\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}

==== Firefox Plugins ======================

Profilepath: C:\Users\Owner\AppData\Roaming\Mozilla\Firefox\Profiles\pgujms6z.default
62059985AF996F4FFE5451CB0D5924BF    - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_2_202_233.dll -    Shockwave Flash

Profilepath: C:\Users\Owner\AppData\Roaming\Mozilla\Firefox\Profiles\pou5ek3d.default-1385440199553
F891089A6AB9E12FEDEBCC5EC0F40D66    - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_9_900_170.dll -    Shockwave Flash
ADC539F67D3198679F480974EE203678    - C:\Windows\SysWOW64\npdeployJava1.dll -    Java Deployment Toolkit 7.0.210.11
66640A55AEFF3819C94E0A8D40D7E0AD    - C:\Windows\SysWOW64\Adobe\Director\np32dsw_1202122.dll -    Shockwave for Director / Shockwave for Director
71B61A08992B0F895288CAAB2B43E3F7    - C:\Users\Owner\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll -    Unity Player
62059985AF996F4FFE5451CB0D5924BF    - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_2_202_233.dll -    Shockwave Flash
15E298B5EC5B89C5994A59863969D9FF    - C:\Windows\SysWOW64\npmproxy.dll -    Microsoft® Windows® Operating System


==== Chrome Look ======================

HKEY_LOCAL_MACHINE\SOFTWARE\Google\Chrome\Extensions
bejbohlohkkgompgecdcbbglkpjfjgdj - No path found[]
lifbcibllhkdhoafpjfnlhfpfgnpldfl - C:\Program Files (x86)\Skype\Toolbars\Skype for Chromium\skype_chrome_extension.crx[10/09/2013 09:59 AM]

==== Uninstall List x64 ======================

æTorrent  [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\uTorrent]
64 Bit HP CIO Components Installer [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{55D55008-E5F6-47D6-B16F-B2A40D4D145F}]
Adobe Flash Player 11 ActiveX [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\Adobe Flash Player ActiveX]
Adobe Flash Player 11 Plugin [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\Adobe Flash Player Plugin]
Adobe Reader XI (11.0.05) [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{AC76BA86-7AD7-1033-7B44-AB0000000001}]
Adobe Shockwave Player 12.0 [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\Adobe Shockwave Player]
applicationupdater  [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Uninstall\SOE-C:/Users/Owner/AppData/Local/Sony Online Entertainment/ApplicationUpdater]
ARPCache Viewer [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\ARPCache Viewer]
Ask Shopping Toolbar [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{4D594333-2D53-4154-00A7-A758B70C0600}]
Ask Toolbar [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{4D594333-0076-A76A-76A7-A758B70C0700}]
ASUSUpdate  [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{587178E7-B1DF-494E-9838-FA4DD36E873C}]
Battlefield 3T [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{76285C16-411A-488A-BCE3-C83CB933D8CF}]
Battlefield 3T Open Beta [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{45C8D17D-B5E0-4e93-8370-4329AB16D2A0}]
Battlelog Web Plugins [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\Battlelog Web Plugins]
BioShock Infinite [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\Steam App 8870]
BufferChm  [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{2EEA7AA4-C203-4b90-A34F-19FB7EF1C81C}]
C4700  [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{A55F4F9F-CCA8-4732-AA1F-0390A4A50947}]
Console Classix version 4.22 [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{BC91CDA9-D8D5-4F67-A507-B8BB81F310DB}_is1]
Content Manager Assistant for PlayStation® [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{32C46540-7693-49E1-A81E-121B09C8303B}]
CPUID CPU-Z 1.60.1 [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\CPUID CPU-Z_is1]
Crysis WARHEAD® [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{7353BAE6-5E49-46C4-A9B5-8A269A313789}]
Crysis WARHEAD® [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\Crysis WARHEAD®]
Crysis WARHEAD® Patch [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{97EA42A5-3FAB-4948-B74D-F3C44B13F5CE}]
Crysis WARHEAD® Patch [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\Crysis WARHEAD® Patch]
Crysis®  [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{000E79B7-E725-4F01-870A-C12942B7F8E4}]
Crysisr 2 [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{6033673D-2530-4587-8AD0-EB059FC263F9}]
D3DX10  [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{E09C4DB7-630C-4F06-A631-8EA7239923AF}]
Destinations  [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{BD7204BA-DD64-499E-9B55-6A282CDF4FA4}]
DeviceDiscovery  [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{21A2F5EE-1DC5-488A-BE7E-E526F8C61488}]
Driver San Francisco [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\Steam App 33440]
Dual-Core Optimizer [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{9FD6F1A8-5550-46AF-8509-271DF0E768B5}]
Duke Nukem Forever [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\Steam App 57900]
EPU-4 Engine [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{8F66047B-1AF3-40D9-80D7-106E2EDC2C2A}]
ESET Smart Security [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{F7274D82-C857-4C20-AB1A-D701D64BFD90}]
ESN Sonar [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\ESN Sonar-0.70.0]
ESN Sonar [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\ESN Sonar-0.70.4]
Far Cryr 3 [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\Steam App 220240]
File-Extensions.org Search [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\File-Extensions.org Search]
FXAA Post-Process Injector [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\FXAA Post-Process Injector]
FXAA Post Process Injector [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\FXAA Post Process Injector]
gamelauncher-code4344-beta  [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Uninstall\SOE-C:/Users/Public/Sony Online Entertainment/Installed Games/PlanetSide 2 Beta]
gamelauncher-ps2-live  [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Uninstall\SOE-]
GameSpy Comrade [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{5F4C776F-8CBD-4C4F-892F-B568ABDD70C8}]
GameTap Player [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{D3A3F5C5-E95B-456D-952B-DDEC3AF68319}_is1]
Gametap Player [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\Gametap Player]
GPBaseService2  [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{63FF21C9-A810-464F-B60A-3111747B1A6D}]
Grand Theft Auto III [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\Steam App 12100]
HiJackThis  [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{45A66726-69BC-466B-A7A4-12FCBA4883D7}]
Homefront  [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\Steam App 55100]
HP Customer Participation Program 13.0 [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\HPExtendedCapabilities]
HP Imaging Device Functions 13.0 [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\HP Imaging Device Functions]
HP Photosmart C4700 All-In-One Driver Software 13.0 Rel .6 [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{2012D762-5DCA-455A-B5FE-EDF79BC93E18}]
HP Print Projects 1.0 [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\HP Print Projects]
HP Smart Web Printing 4.5 [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\HP Smart Web Printing]
HP Solution Center 13.0 [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\HP Solution Center & Imaging Support Tools]
HP Update [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{7059BDA7-E1DB-442C-B7A1-6144596720A4}]
HPPhotoGadget  [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{CAE4213F-F797-439D-BD9E-79B71D115BE3}]
hpPrintProjects  [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{C75CDBA2-3C86-481e-BD10-BDDA758F9DFF}]
HPProductAssistant  [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{C43326F5-F135-4551-8270-7F7ABA0462E1}]
HPSSupply  [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{6B2FFB21-AC88-45C3-9A7D-4BB3E744EC91}]
hpWLPGInstaller  [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{07FB17D8-7DB6-4F06-80C4-8BE1719CB6A1}]
IZArc 4.1.6 [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{97C82B44-D408-4F14-9252-47FC1636D23E}_is1]
Java 7 Update 21 [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{26A24AE4-039D-4CA4-87B4-2F83217017FF}]
Java 7 Update 25 (64-bit) [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{26A24AE4-039D-4CA4-87B4-2F86417025FF}]
Java Auto Updater [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{4A03706F-666A-4037-7777-5F2748764D10}]
Java™ 6 Update 32 [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{26A24AE4-039D-4CA4-87B4-2F83216032FF}]
JavaFX 2.1.1 [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{1111706F-666A-4037-7777-211328764D10}]
Junk Mail filter update [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{1F6AB0E7-8CDD-4B93-8A23-AA9EB2FEFCE4}]
Malwarebytes Anti-Malware version 1.75.0.1300 [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\Malwarebytes' Anti-Malware_is1]
ManyCam 3.1.58 [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\ManyCam]
MarketResearch  [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{175F0111-2968-4935-8F70-33108C6A4DE3}]
Max Payne [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\Steam App 12140]
Max Payne 2: The Fall of Max Payne [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\Steam App 12150]
Max Payne 3 [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\Steam App 204100]
Mesh Runtime [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{8C6D6116-B724-4810-8F2D-D047E6B7D68E}]
MGTEK dopisp 6.1 [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{C25D3574-3136-4B33-9D32-8F0F5E81F349}]
Microsoft .NET Framework 1.1 [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}]
Microsoft .NET Framework 4.5 [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{1AD147D0-BE0E-3D6C-AC11-64F6DC4163F1}]
Microsoft .NET Framework 4.5 [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033]
Microsoft File Transfer Manager [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{4C8169AB-B6C1-413B-81B6-73B77127D82F}]
Microsoft Games for Windows - LIVE Redistributable [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{832D9DE0-8AFC-4689-9819-4DBBDEBD3E4F}]
Microsoft Games for Windows Marketplace [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{4CB0307C-565E-4441-86BE-0DF2E4FB828C}]
Microsoft Silverlight [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}]
Microsoft SkyDrive [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Uninstall\SkyDriveSetup.exe]
Microsoft Visual C++ 2005 Redistributable (x64) [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{071c9b48-7c32-4621-a0ac-3f809523288f}]
Microsoft Visual C++ 2005 Redistributable (x64) [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}]
Microsoft Visual C++ 2005 Redistributable [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}]
Microsoft Visual C++ 2005 Redistributable [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{7299052b-02a4-4627-81f2-1818da5d550d}]
Microsoft Visual C++ 2005 Redistributable [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}]
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{8220EEFE-38CD-377E-8595-13398D740ACE}]
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}]
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}]
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{9A25302D-30C0-39D9-BD6F-21E6EC160475}]
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}]
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{9BE518E6-ECC6-35A9-88E4-87755C07200F}]
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}]
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}]
Mirror's Edge [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\Steam App 17410]
Mozilla Firefox 27.0 (x86 en-US) [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\Mozilla Firefox 27.0 (x86 en-US)]
Mozilla Maintenance Service [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\MozillaMaintenanceService]
MSVCRT  [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{8DD46C6A-0056-4FEC-B70A-28BB16A1F11F}]
MSVCRT_amd64  [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{D0B44725-3666-492D-BEF6-587A14BD9BD9}]
MSXML 4.0 SP2 (KB954430) [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}]
MSXML 4.0 SP2 (KB973688) [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}]
Network64  [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{05EFBF37-0E52-4579-875C-7EEF0DFB4FCB}]
Nexus Mod Manager [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\6af12c54-643b-4752-87d0-8335503010de_is1]
NVIDIA 3D Vision Controller Driver [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\NVIDIA StereoUSB Driver]
NVIDIA 3D Vision Controller Driver 296.10 [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB]
NVIDIA 3D Vision Driver 311.06 [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision]
NVIDIA Control Panel 311.06 [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.ControlPanel]
NVIDIA Graphics Driver 311.06 [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver]
NVIDIA HD Audio Driver 1.3.12.0 [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver]
NVIDIA Install Application [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_installer]
NVIDIA PhysX [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{DA909E62-3B45-4BA1-8B58-FCAEBA4BCEC9}]
NVIDIA PhysX System Software 9.12.0213 [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX]
NVIDIA Stereoscopic 3D Driver [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\NVIDIAStereo]
NVIDIA Update 1.11.3 [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update]
NVIDIA Update Components [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NVIDIA.Update]
Octodad  [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\Octodad]
Origin  [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\Origin]
Pidgin  [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\Pidgin]
PlanetSide 2 [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\Steam App 218230]
Plants vs. Zombies [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\Plants vs. Zombies]
Prince of Persia The Forgotten SandsT [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{EAEAAF8C-8E86-4CAC-AC08-1A33EDCA34AC}]
PS_AIO_06_C4700_SW_Min  [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{E36F3199-C282-47CA-BAC7-2B77D247E760}]
RAGE  [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\Steam App 9200]
Razer Game Booster [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\Razer Game Booster_is1]
Razer Naga [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{ED4108A9-60FD-4F18-AF42-122219977773}]
Recuva  [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\Recuva]
Rockstar Games Social Club [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\Rockstar Games Social Club]
Sauerbraten  [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\Sauerbraten]
Scan  [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{0F367CA3-3B2F-43F9-A44A-25A8EE69E45D}]
ScorpionSaver  [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{9B65F9A3-9D24-452A-B6EF-1457D65E4259}]
Scribblenauts Unlimited [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\Steam App 218680]
Shop for HP Supplies [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\Shop for HP Supplies]
Sid Meier's Civilization V [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\Steam App 8930]
Skype Click to Call [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{B6CF2967-C81E-40C0-9815-C05774FEF120}]
SkypeT 6.11 [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{4E76FF7E-AEBA-4C87-B788-CD47E5425B9D}]
Sleeping DogsT [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\Steam App 202170]
SmartWebPrinting  [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{68A10D12-0D0F-4212-BDE6-D87FAD32A8FA}]
SolutionCenter  [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{4A70EF07-7F88-4434-BB61-D1DE8AE93DD4}]
Sonic Generations [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\Steam App 71340]
Status  [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{AE8705FB-E13C-40A9-8A2D-68D6733FBFC2}]
Steam  [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{048298C9-A4D3-490B-9FF9-AB023A9238F3}]
swMSM  [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{612C34C7-5E90-47D8-9B5C-0F717DD82726}]
System Explorer 4.0.0 [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{40F485F7-6478-4896-B0D5-F94BE677EB78}_is1]
System Requirements Lab CYRI [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{1F77C418-2C90-459C-BD33-B56A4182B9FA}]
Team Fortress 2 [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\Steam App 440]
Test Drive Unlimited 2 [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\Steam App 9930]
The Elder Scrolls Online Beta [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\The Elder Scrolls Online Beta_is1]
The Elder Scrolls V: Skyrim [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\Steam App 72850]
The Sims™ 3 [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\Steam App 47890]
The Witcher 2: Assassins of Kings Enhanced Edition [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\Steam App 20920]
Toolbox  [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{6BBA26E9-AB03-4FE7-831A-3535584CA002}]
TrayApp  [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{DC0A5F99-FD66-433F-9D3A-05DCBA64BE42}]
Ubisoft Game Launcher [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{888F1505-C2B3-4FDE-835D-36353EBD4754}]
Unity Web Player [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Uninstall\UnityWebPlayer]
Universe Sandbox [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\Steam App 72200]
Uplay  [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\Uplay]
Virtual Audio Cable 4.10 [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\Virtual Audio Cable 4.10]
WebReg  [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{43CDF946-F5D9-4292-B006-BA0D92013021}]
Windows Glulxe [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\WinGlulxe]
Windows Live Communications Platform [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{D45240D3-B6B3-4FF9-B243-54ECE3E10066}]
Windows Live Essentials [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{FE044230-9CA5-43F7-9B58-5AC5A28A1F33}]
Windows Live Essentials [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\WinLiveSuite]
Windows Live ID Sign-in Assistant [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{1ACC8FFB-9D84-4C05-A4DE-D28A9BC91698}]
Windows Live Installer [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{0B0F231F-CE6A-483D-AA23-77B364F75917}]
Windows Live Language Selector [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{027E5FAB-1476-4C59-AAB4-32EF28520399}]
Windows Live Mail [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{9D56775A-93F3-44A3-8092-840E3826DE30}]
Windows Live Mail [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{C66824E4-CBB3-4851-BB3F-E8CFD6350923}]
Windows Live Mesh [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{A0C91188-C88F-4E86-93E6-CD7C9A266649}]
Windows Live Mesh [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{DECDCB7C-58CC-4865-91AF-627F9798FE48}]
Windows Live Mesh ActiveX Control for Remote Connections [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{2902F983-B4C1-44BA-B85D-5C6D52E2C441}]
Windows Live MIME IFilter [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{DA54F80E-261C-41A2-A855-549A144F2F59}]
Windows Live Photo Common [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{A9BDCA6B-3653-467B-AC83-94367DA3BFE3}]
Windows Live Photo Common [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{D436F577-1695-4D2F-8B44-AC76C99E0002}]
Windows Live PIMT Platform [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{83C292B7-38A5-440B-A731-07070E81A64F}]
Windows Live Remote Client [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{DF6D988A-EEA0-4277-AAB8-158E086E439B}]
Windows Live Remote Client Resources [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{847B0532-55E3-4AAF-8D7B-E3A1A7CD17E5}]
Windows Live Remote Service [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{E02A6548-6FDE-40E2-8ED9-119D7D7E641F}]
Windows Live Remote Service Resources [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{656DEEDE-F6AC-47CA-A568-A1B4E34B5760}]
Windows Live SOXE [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{682B3E4F-696A-42DE-A41C-4C07EA1678B4}]
Windows Live SOXE Definitions [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{200FEC62-3C34-4D60-9CE8-EC372E01C08F}]
Windows Live UX Platform [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{CE95A79E-E4FC-4FFF-8A75-29F04B942FF2}]
Windows Live UX Platform Language Pack [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{579684A4-DDD5-4CA3-9EA8-7BE7D9593DB4}]
Windows Live Writer [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{AAAFC670-569B-4A2F-82B4-42945E0DE3EF}]
Windows Live Writer Resources [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{DDC8BDEE-DCAC-404D-8257-3E8D4B782467}]
WinPcap 4.1.2 [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\WinPcapInst]
WinRAR archiver [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\WinRAR archiver]
Wireshark 1.8.3 (64-bit) [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\Wireshark]
Worms Reloaded [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\Steam App 22600]

==== HijackThis Entries ======================

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.yahoo.com
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
R3 - URLSearchHook: (no name) - {32b29df0-2237-4370-9a29-37cebb730e9b} - (no file)
F2 - REG:system.ini: UserInit=userinit.exe,
O3 - Toolbar: Ask Toolbar - {4D594333-0076-A76A-76A7-7A786E7484D7} - "C:\Program Files (x86)\AskPartnerNetwork\Toolbar\MYC3\Passport.dll" (file missing)
O4 - HKLM\..\Run: [amd_dc_opt] C:\Program Files (x86)\AMD\Dual-Core Optimizer\amd_dc_opt.exe
O4 - HKLM\..\Run: [Razer Naga Driver] C:\Program Files (x86)\Razer\Naga\RazerNagaSysTray.exe
O4 - HKLM\..\Run: [ROC_roc_ssl_v12] "C:\Program Files (x86)\AVG Secure Search\ROC_roc_ssl_v12.exe" / /PROMPT /CMPID=roc_ssl_v12
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [HP Software Update] C:\Program Files (x86)\HP\HP Software Update\HPWuSchd2.exe
O4 - HKCU\..\Run: [Steam] "C:\Program Files (x86)\Steam\Steam.exe" -silent
O4 - HKCU\..\Run: [Skype] "C:\Program Files (x86)\Skype\Phone\Skype.exe" /minimized /regrun
O4 - HKCU\..\Run: [Messenger (Yahoo!)] "C:\PROGRA~2\Yahoo!\MESSEN~1\YAHOOM~1.EXE" -quiet
O4 - HKCU\..\Run: [ManyCam] "C:\Program Files (x86)\ManyCam\Bin\ManyCam.exe" /silent
O4 - HKCU\..\Run: [SkyDrive] "C:\Users\Owner\AppData\Local\Microsoft\SkyDrive\SkyDrive.exe" /background
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')
O4 - Global Startup: Content Manager Assistant for PlayStation®.lnk = C:\Program Files (x86)\Sony\Content Manager Assistant\CMA.exe
O4 - Global Startup: File-Extensions.org Search.lnk = C:\Program Files (x86)\File Extensions\File-Extensions.org-Search.exe
O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - (no file)
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - (no file)
O9 - Extra button: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O9 - Extra button: Show or hide HP Smart Web Printing - {DDE87865-83C5-48c4-8357-2F5B1AA84522} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O15 - Trusted Zone: *.clonewarsadventures.com
O15 - Trusted Zone: *.freerealms.com
O15 - Trusted Zone: *.soe.com
O15 - Trusted Zone: *.sony.com
O16 - DPF: {5D6F45B3-9043-443D-A792-115447494D24} (UnoCtrl Class) - http://messenger.zone.msn.com/MessengerGamesContent/GameContent/Default/uno1/GAME_UNO1.cab
O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab56907.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{3064467D-648C-4941-8AF2-0BC00F255549}: NameServer = 208.67.222.222,208.67.220.220
O17 - HKLM\System\CS1\Services\Tcpip\..\{3064467D-648C-4941-8AF2-0BC00F255549}: NameServer = 208.67.222.222,208.67.220.220
O17 - HKLM\System\CS2\Services\Tcpip\..\{3064467D-648C-4941-8AF2-0BC00F255549}: NameServer = 208.67.222.222,208.67.220.220
O18 - Protocol: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: ESET Service (ekrn) - ESET - C:\Program Files\ESET\ESET Smart Security\x86\ekrn.exe
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: MBAMScheduler - Malwarebytes Corporation - C:\Program Files (x86)\ABC123\mbamscheduler.exe
O23 - Service: MBAMService - Malwarebytes Corporation - C:\Program Files (x86)\ABC123\mbamservice.exe
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: NVIDIA Display Driver Service (nvsvc) - Unknown owner - C:\Windows\system32\nvvsvc.exe (file missing)
O23 - Service: NVIDIA Update Service Daemon (nvUpdatusService) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
O23 - Service: PnkBstrA - Unknown owner - C:\Windows\system32\PnkBstrA.exe
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Remote Packet Capture Protocol v.0 (experimental) (rpcapd) - CACE Technologies, Inc. - C:\Program Files (x86)\WinPcap\rpcapd.exe
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: RzKLService - Razer Inc. - C:\Program Files (x86)\Razer\Razer Game Booster\RzKLService.exe
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Skype C2C Service - Skype Technologies S.A. - C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files (x86)\Skype\Updater\Updater.exe
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files (x86)\Common Files\Steam\SteamService.exe
O23 - Service: NVIDIA Stereoscopic 3D Driver Service (Stereo Service) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
O23 - Service: System Explorer Service (SystemExplorerHelpService) - Mister Group - C:\Program Files (x86)\System Explorer\service\SystemExplorerService64.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: VIA Karaoke digital mixer Service (VIAKaraokeService) - Unknown owner - C:\Windows\system32\viakaraokesrv.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)
O23 - Service: Yahoo! Updater (YahooAUService) - Yahoo! Inc. - C:\Program Files (x86)\Yahoo!\SoftwareUpdate\YahooAUService.exe

==== C:\zoek_backup content ======================

C:\zoek_backup (files=0 folders=0 0 bytes)

==== EOF on Mon 01/13/2014 at 18:03:33.45 ======================



#4 Aaflac

Aaflac

    Doin' Dis 'n Dat...


  • Malware Response Team
  • 2,307 posts
  • OFFLINE
  •  
  • Gender:Not Telling
  • Location:USA
  • Local time:03:48 PM

Posted 13 January 2014 - 09:16 PM

Although it might seem insignificant, need for you to post the heading and the System Restore Info, as shown below.
If you wish to block out your name, that is fine, just xxxx it.

Zoek.exe v5.0.0.0 Updated 12-Januari-2014
Tool run by Aaflac on Mon 01/13/2014 at 19:54:13.88.
Microsoft Windows 7 Home Premium 6.1.7601 Service Pack 1 x86
Running in: Normal Mode Internet Access Detected
Launched: C:\Users\Aaflac\Desktop\zoek.exe [Scan all users] [Script inserted]

==== System Restore Info ======================

1/13/2014 7:55:48 PM Zoek.exe System Restore Point Created Successfully.

==== Windows Installer Info ===================

etc.

Will be back with further instructions as soon as I analyze the report.

Edited by Aaflac, 13 January 2014 - 09:17 PM.

Old duck...


#5 Aaflac

Aaflac

    Doin' Dis 'n Dat...


  • Malware Response Team
  • 2,307 posts
  • OFFLINE
  •  
  • Gender:Not Telling
  • Location:USA
  • Local time:03:48 PM

Posted 13 January 2014 - 10:13 PM

After doing the above (Post #4), here is the next step...

 
Please right-click zoek.exe and select: Run as Administrator (Give the program a few seconds to appear.)

 

Next, copy/paste the entire script in the code box below to the input field of Zoek:

ScorpionSaver;u
C:\Windows\System32\AdpeakProxy64.dll;f
C:\Users\Owner\AppData\Roaming\Mozilla\Firefox\Profiles\pgujms6z.default\extensions\ScorpionSaver@jetpack;f
[-HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{9B65F9A3-9D24-452A-B6EF-1457D65E4259}];r
emptyFFcache;
emptyalltemp;
emptyclsid;

Note: This script is written only for use on this computer. Please do not use it on another computer even if the problems are similar!

 

Now...

 

Close any open windows.

 

Click the Run script button and wait. It takes a few minutes to run the script.

 
When finished, the zoek-results.log is opened in Notepad.
If a reboot is needed the log is opened after the reboot.

 
Please post the entire zoek-results.log in your reply.


Old duck...


#6 ICOYAR

ICOYAR
  • Topic Starter

  • Members
  • 25 posts
  • OFFLINE
  •  
  • Local time:03:48 PM

Posted 13 January 2014 - 11:46 PM

How exactly do I access the heading and system restore info?



#7 Aaflac

Aaflac

    Doin' Dis 'n Dat...


  • Malware Response Team
  • 2,307 posts
  • OFFLINE
  •  
  • Gender:Not Telling
  • Location:USA
  • Local time:03:48 PM

Posted 14 January 2014 - 12:09 AM

Is the first zoek log you posted on the Desktop?

If not, run Zoek, and press the C:\zoek-results.log button.
It should give you the last log you ran.

If not, go to Start, right-click it, and select: Open Windows Explorer
Go to drive C:\, and look for: zoek-results.log

It will show you the entire log with the info that is missing on your post.

Old duck...


#8 ICOYAR

ICOYAR
  • Topic Starter

  • Members
  • 25 posts
  • OFFLINE
  •  
  • Local time:03:48 PM

Posted 14 January 2014 - 12:50 AM

Zoek.exe v5.0.0.0 Updated 12-Januari-2014
Tool run by Owner on Tue 01/14/2014 at  0:35:10.77.
Microsoft Windows 7 Home Premium  6.1.7601 Service Pack 1 x64
Running in: Normal Mode Internet Access Detected
Launched: C:\Users\Owner\Downloads\zoek.exe [Scan all users] [Script inserted]

==== Older Logs ======================

C:\zoek-results2014-01-13-230333.log    90261 bytes
C:\zoek-results2014-01-14-053227.log    92140 bytes

==== Deleting CLSID Registry Keys ======================

HKEY_USERS\S-1-5-21-1929715978-1136492960-3399458760-1000\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{4D594333-0076-A76A-76A7-7A786E7484D7} deleted successfully
HKEY_USERS\S-1-5-21-1929715978-1136492960-3399458760-1000\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{4D594333-0076-A76A-76A7-7A786E7484D7} deleted successfully
HKEY_CLASSES_ROOT\CLSID\{4D594333-0076-A76A-76A7-7A786E7484D7} deleted successfully
HKEY_CLASSES_ROOT\Wow6432Node\CLSID\{4D594333-0076-A76A-76A7-7A786E7484D7} deleted successfully
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{4D594333-0076-A76A-76A7-7A786E7484D7} deleted successfully

==== Deleting CLSID Registry Values ======================

HKEY_USERS\S-1-5-21-1929715978-1136492960-3399458760-1000\Software\Microsoft\Internet Explorer\URLSearchHooks\{32b29df0-2237-4370-9a29-37cebb730e9b} deleted successfully
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar\{4D594333-0076-A76A-76A7-7A786E7484D7} deleted successfully
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Toolbar\{4D594333-0076-A76A-76A7-7A786E7484D7} deleted successfully

==== Registry Fix Code ======================

Windows Registry Editor Version 5.00

[-HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{9B65F9A3-9D24-452A-B6EF-1457D65E4259}]

==== Deleting Files \ Folders ======================

"C:\windows\SysNative\AdpeakProxy64.dll" deleted
"C:\Users\Owner\AppData\Roaming\Mozilla\Firefox\Profiles\pgujms6z.default\extensions\ScorpionSaver@jetpack\bootstrap.js" deleted
"C:\Users\Owner\AppData\Roaming\Mozilla\Firefox\Profiles\pgujms6z.default\extensions\ScorpionSaver@jetpack\harness-options.json" deleted
"C:\Users\Owner\AppData\Roaming\Mozilla\Firefox\Profiles\pgujms6z.default\extensions\ScorpionSaver@jetpack\icon.png" deleted
"C:\Users\Owner\AppData\Roaming\Mozilla\Firefox\Profiles\pgujms6z.default\extensions\ScorpionSaver@jetpack\install.rdf" deleted
"C:\Users\Owner\AppData\Roaming\Mozilla\Firefox\Profiles\pgujms6z.default\extensions\ScorpionSaver@jetpack\locales.json" deleted
"C:\Users\Owner\AppData\Roaming\Mozilla\Firefox\Profiles\pgujms6z.default\extensions\ScorpionSaver@jetpack\defaults\preferences\prefs.js" deleted
"C:\Users\Owner\AppData\Roaming\Mozilla\Firefox\Profiles\pgujms6z.default\extensions\ScorpionSaver@jetpack\resources\addon-kit\lib\page-mod.js" deleted
"C:\Users\Owner\AppData\Roaming\Mozilla\Firefox\Profiles\pgujms6z.default\extensions\ScorpionSaver@jetpack\resources\addon-kit\lib\private-browsing.js" deleted
"C:\Users\Owner\AppData\Roaming\Mozilla\Firefox\Profiles\pgujms6z.default\extensions\ScorpionSaver@jetpack\resources\addon-kit\lib\request.js" deleted
"C:\Users\Owner\AppData\Roaming\Mozilla\Firefox\Profiles\pgujms6z.default\extensions\ScorpionSaver@jetpack\resources\addon-kit\lib\windows.js" deleted
"C:\Users\Owner\AppData\Roaming\Mozilla\Firefox\Profiles\pgujms6z.default\extensions\ScorpionSaver@jetpack\resources\api-utils\lib\api-utils.js" deleted
"C:\Users\Owner\AppData\Roaming\Mozilla\Firefox\Profiles\pgujms6z.default\extensions\ScorpionSaver@jetpack\resources\api-utils\lib\base64.js" deleted
"C:\Users\Owner\AppData\Roaming\Mozilla\Firefox\Profiles\pgujms6z.default\extensions\ScorpionSaver@jetpack\resources\api-utils\lib\byte-streams.js" deleted
"C:\Users\Owner\AppData\Roaming\Mozilla\Firefox\Profiles\pgujms6z.default\extensions\ScorpionSaver@jetpack\resources\api-utils\lib\collection.js" deleted
"C:\Users\Owner\AppData\Roaming\Mozilla\Firefox\Profiles\pgujms6z.default\extensions\ScorpionSaver@jetpack\resources\api-utils\lib\content.js" deleted
"C:\Users\Owner\AppData\Roaming\Mozilla\Firefox\Profiles\pgujms6z.default\extensions\ScorpionSaver@jetpack\resources\api-utils\lib\cortex.js" deleted
"C:\Users\Owner\AppData\Roaming\Mozilla\Firefox\Profiles\pgujms6z.default\extensions\ScorpionSaver@jetpack\resources\api-utils\lib\cuddlefish.js" deleted
"C:\Users\Owner\AppData\Roaming\Mozilla\Firefox\Profiles\pgujms6z.default\extensions\ScorpionSaver@jetpack\resources\api-utils\lib\deprecate.js" deleted
"C:\Users\Owner\AppData\Roaming\Mozilla\Firefox\Profiles\pgujms6z.default\extensions\ScorpionSaver@jetpack\resources\api-utils\lib\environment.js" deleted
"C:\Users\Owner\AppData\Roaming\Mozilla\Firefox\Profiles\pgujms6z.default\extensions\ScorpionSaver@jetpack\resources\api-utils\lib\errors.js" deleted
"C:\Users\Owner\AppData\Roaming\Mozilla\Firefox\Profiles\pgujms6z.default\extensions\ScorpionSaver@jetpack\resources\api-utils\lib\events.js" deleted
"C:\Users\Owner\AppData\Roaming\Mozilla\Firefox\Profiles\pgujms6z.default\extensions\ScorpionSaver@jetpack\resources\api-utils\lib\file.js" deleted
"C:\Users\Owner\AppData\Roaming\Mozilla\Firefox\Profiles\pgujms6z.default\extensions\ScorpionSaver@jetpack\resources\api-utils\lib\functional.js" deleted
"C:\Users\Owner\AppData\Roaming\Mozilla\Firefox\Profiles\pgujms6z.default\extensions\ScorpionSaver@jetpack\resources\api-utils\lib\globals.js" deleted
"C:\Users\Owner\AppData\Roaming\Mozilla\Firefox\Profiles\pgujms6z.default\extensions\ScorpionSaver@jetpack\resources\api-utils\lib\heritage.js" deleted
"C:\Users\Owner\AppData\Roaming\Mozilla\Firefox\Profiles\pgujms6z.default\extensions\ScorpionSaver@jetpack\resources\api-utils\lib\hidden-frame.js" deleted
"C:\Users\Owner\AppData\Roaming\Mozilla\Firefox\Profiles\pgujms6z.default\extensions\ScorpionSaver@jetpack\resources\api-utils\lib\light-traits.js" deleted
"C:\Users\Owner\AppData\Roaming\Mozilla\Firefox\Profiles\pgujms6z.default\extensions\ScorpionSaver@jetpack\resources\api-utils\lib\list.js" deleted
"C:\Users\Owner\AppData\Roaming\Mozilla\Firefox\Profiles\pgujms6z.default\extensions\ScorpionSaver@jetpack\resources\api-utils\lib\loader.js" deleted
"C:\Users\Owner\AppData\Roaming\Mozilla\Firefox\Profiles\pgujms6z.default\extensions\ScorpionSaver@jetpack\resources\api-utils\lib\match-pattern.js" deleted
"C:\Users\Owner\AppData\Roaming\Mozilla\Firefox\Profiles\pgujms6z.default\extensions\ScorpionSaver@jetpack\resources\api-utils\lib\memory.js" deleted
"C:\Users\Owner\AppData\Roaming\Mozilla\Firefox\Profiles\pgujms6z.default\extensions\ScorpionSaver@jetpack\resources\api-utils\lib\namespace.js" deleted
"C:\Users\Owner\AppData\Roaming\Mozilla\Firefox\Profiles\pgujms6z.default\extensions\ScorpionSaver@jetpack\resources\api-utils\lib\observer-service.js" deleted
"C:\Users\Owner\AppData\Roaming\Mozilla\Firefox\Profiles\pgujms6z.default\extensions\ScorpionSaver@jetpack\resources\api-utils\lib\plain-text-console.js" deleted
"C:\Users\Owner\AppData\Roaming\Mozilla\Firefox\Profiles\pgujms6z.default\extensions\ScorpionSaver@jetpack\resources\api-utils\lib\preferences-service.js" deleted
"C:\Users\Owner\AppData\Roaming\Mozilla\Firefox\Profiles\pgujms6z.default\extensions\ScorpionSaver@jetpack\resources\api-utils\lib\promise.js" deleted
"C:\Users\Owner\AppData\Roaming\Mozilla\Firefox\Profiles\pgujms6z.default\extensions\ScorpionSaver@jetpack\resources\api-utils\lib\querystring.js" deleted
"C:\Users\Owner\AppData\Roaming\Mozilla\Firefox\Profiles\pgujms6z.default\extensions\ScorpionSaver@jetpack\resources\api-utils\lib\runtime.js" deleted
"C:\Users\Owner\AppData\Roaming\Mozilla\Firefox\Profiles\pgujms6z.default\extensions\ScorpionSaver@jetpack\resources\api-utils\lib\sandbox.js" deleted
"C:\Users\Owner\AppData\Roaming\Mozilla\Firefox\Profiles\pgujms6z.default\extensions\ScorpionSaver@jetpack\resources\api-utils\lib\self.js" deleted
"C:\Users\Owner\AppData\Roaming\Mozilla\Firefox\Profiles\pgujms6z.default\extensions\ScorpionSaver@jetpack\resources\api-utils\lib\system.js" deleted
"C:\Users\Owner\AppData\Roaming\Mozilla\Firefox\Profiles\pgujms6z.default\extensions\ScorpionSaver@jetpack\resources\api-utils\lib\text-streams.js" deleted
"C:\Users\Owner\AppData\Roaming\Mozilla\Firefox\Profiles\pgujms6z.default\extensions\ScorpionSaver@jetpack\resources\api-utils\lib\timer.js" deleted
"C:\Users\Owner\AppData\Roaming\Mozilla\Firefox\Profiles\pgujms6z.default\extensions\ScorpionSaver@jetpack\resources\api-utils\lib\traceback.js" deleted
"C:\Users\Owner\AppData\Roaming\Mozilla\Firefox\Profiles\pgujms6z.default\extensions\ScorpionSaver@jetpack\resources\api-utils\lib\traits.js" deleted
"C:\Users\Owner\AppData\Roaming\Mozilla\Firefox\Profiles\pgujms6z.default\extensions\ScorpionSaver@jetpack\resources\api-utils\lib\unload.js" deleted
"C:\Users\Owner\AppData\Roaming\Mozilla\Firefox\Profiles\pgujms6z.default\extensions\ScorpionSaver@jetpack\resources\api-utils\lib\url.js" deleted
"C:\Users\Owner\AppData\Roaming\Mozilla\Firefox\Profiles\pgujms6z.default\extensions\ScorpionSaver@jetpack\resources\api-utils\lib\uuid.js" deleted
"C:\Users\Owner\AppData\Roaming\Mozilla\Firefox\Profiles\pgujms6z.default\extensions\ScorpionSaver@jetpack\resources\api-utils\lib\window-utils.js" deleted
"C:\Users\Owner\AppData\Roaming\Mozilla\Firefox\Profiles\pgujms6z.default\extensions\ScorpionSaver@jetpack\resources\api-utils\lib\xhr.js" deleted
"C:\Users\Owner\AppData\Roaming\Mozilla\Firefox\Profiles\pgujms6z.default\extensions\ScorpionSaver@jetpack\resources\api-utils\lib\xpcom.js" deleted
"C:\Users\Owner\AppData\Roaming\Mozilla\Firefox\Profiles\pgujms6z.default\extensions\ScorpionSaver@jetpack\resources\api-utils\lib\xul-app.js" deleted
"C:\Users\Owner\AppData\Roaming\Mozilla\Firefox\Profiles\pgujms6z.default\extensions\ScorpionSaver@jetpack\resources\api-utils\lib\addon\runner.js" deleted
"C:\Users\Owner\AppData\Roaming\Mozilla\Firefox\Profiles\pgujms6z.default\extensions\ScorpionSaver@jetpack\resources\api-utils\lib\content\content-proxy.js" deleted
"C:\Users\Owner\AppData\Roaming\Mozilla\Firefox\Profiles\pgujms6z.default\extensions\ScorpionSaver@jetpack\resources\api-utils\lib\content\content-worker.js" deleted
"C:\Users\Owner\AppData\Roaming\Mozilla\Firefox\Profiles\pgujms6z.default\extensions\ScorpionSaver@jetpack\resources\api-utils\lib\content\loader.js" deleted
"C:\Users\Owner\AppData\Roaming\Mozilla\Firefox\Profiles\pgujms6z.default\extensions\ScorpionSaver@jetpack\resources\api-utils\lib\content\symbiont.js" deleted
"C:\Users\Owner\AppData\Roaming\Mozilla\Firefox\Profiles\pgujms6z.default\extensions\ScorpionSaver@jetpack\resources\api-utils\lib\content\worker.js" deleted
"C:\Users\Owner\AppData\Roaming\Mozilla\Firefox\Profiles\pgujms6z.default\extensions\ScorpionSaver@jetpack\resources\api-utils\lib\dom\events.js" deleted
"C:\Users\Owner\AppData\Roaming\Mozilla\Firefox\Profiles\pgujms6z.default\extensions\ScorpionSaver@jetpack\resources\api-utils\lib\event\core.js" deleted
"C:\Users\Owner\AppData\Roaming\Mozilla\Firefox\Profiles\pgujms6z.default\extensions\ScorpionSaver@jetpack\resources\api-utils\lib\event\target.js" deleted
"C:\Users\Owner\AppData\Roaming\Mozilla\Firefox\Profiles\pgujms6z.default\extensions\ScorpionSaver@jetpack\resources\api-utils\lib\events\assembler.js" deleted
"C:\Users\Owner\AppData\Roaming\Mozilla\Firefox\Profiles\pgujms6z.default\extensions\ScorpionSaver@jetpack\resources\api-utils\lib\l10n\core.js" deleted
"C:\Users\Owner\AppData\Roaming\Mozilla\Firefox\Profiles\pgujms6z.default\extensions\ScorpionSaver@jetpack\resources\api-utils\lib\l10n\html.js" deleted
"C:\Users\Owner\AppData\Roaming\Mozilla\Firefox\Profiles\pgujms6z.default\extensions\ScorpionSaver@jetpack\resources\api-utils\lib\l10n\loader.js" deleted
"C:\Users\Owner\AppData\Roaming\Mozilla\Firefox\Profiles\pgujms6z.default\extensions\ScorpionSaver@jetpack\resources\api-utils\lib\l10n\locale.js" deleted
"C:\Users\Owner\AppData\Roaming\Mozilla\Firefox\Profiles\pgujms6z.default\extensions\ScorpionSaver@jetpack\resources\api-utils\lib\l10n\prefs.js" deleted
"C:\Users\Owner\AppData\Roaming\Mozilla\Firefox\Profiles\pgujms6z.default\extensions\ScorpionSaver@jetpack\resources\api-utils\lib\private-browsing\utils.js" deleted
"C:\Users\Owner\AppData\Roaming\Mozilla\Firefox\Profiles\pgujms6z.default\extensions\ScorpionSaver@jetpack\resources\api-utils\lib\system\events.js" deleted
"C:\Users\Owner\AppData\Roaming\Mozilla\Firefox\Profiles\pgujms6z.default\extensions\ScorpionSaver@jetpack\resources\api-utils\lib\tabs\events.js" deleted
"C:\Users\Owner\AppData\Roaming\Mozilla\Firefox\Profiles\pgujms6z.default\extensions\ScorpionSaver@jetpack\resources\api-utils\lib\tabs\observer.js" deleted
"C:\Users\Owner\AppData\Roaming\Mozilla\Firefox\Profiles\pgujms6z.default\extensions\ScorpionSaver@jetpack\resources\api-utils\lib\tabs\tab.js" deleted
"C:\Users\Owner\AppData\Roaming\Mozilla\Firefox\Profiles\pgujms6z.default\extensions\ScorpionSaver@jetpack\resources\api-utils\lib\tabs\utils.js" deleted
"C:\Users\Owner\AppData\Roaming\Mozilla\Firefox\Profiles\pgujms6z.default\extensions\ScorpionSaver@jetpack\resources\api-utils\lib\traits\core.js" deleted
"C:\Users\Owner\AppData\Roaming\Mozilla\Firefox\Profiles\pgujms6z.default\extensions\ScorpionSaver@jetpack\resources\api-utils\lib\utils\data.js" deleted
"C:\Users\Owner\AppData\Roaming\Mozilla\Firefox\Profiles\pgujms6z.default\extensions\ScorpionSaver@jetpack\resources\api-utils\lib\utils\object.js" deleted
"C:\Users\Owner\AppData\Roaming\Mozilla\Firefox\Profiles\pgujms6z.default\extensions\ScorpionSaver@jetpack\resources\api-utils\lib\utils\registry.js" deleted
"C:\Users\Owner\AppData\Roaming\Mozilla\Firefox\Profiles\pgujms6z.default\extensions\ScorpionSaver@jetpack\resources\api-utils\lib\utils\thumbnail.js" deleted
"C:\Users\Owner\AppData\Roaming\Mozilla\Firefox\Profiles\pgujms6z.default\extensions\ScorpionSaver@jetpack\resources\api-utils\lib\window\utils.js" deleted
"C:\Users\Owner\AppData\Roaming\Mozilla\Firefox\Profiles\pgujms6z.default\extensions\ScorpionSaver@jetpack\resources\api-utils\lib\windows\dom.js" deleted
"C:\Users\Owner\AppData\Roaming\Mozilla\Firefox\Profiles\pgujms6z.default\extensions\ScorpionSaver@jetpack\resources\api-utils\lib\windows\loader.js" deleted
"C:\Users\Owner\AppData\Roaming\Mozilla\Firefox\Profiles\pgujms6z.default\extensions\ScorpionSaver@jetpack\resources\api-utils\lib\windows\observer.js" deleted
"C:\Users\Owner\AppData\Roaming\Mozilla\Firefox\Profiles\pgujms6z.default\extensions\ScorpionSaver@jetpack\resources\api-utils\lib\windows\tabs.js" deleted
"C:\Users\Owner\AppData\Roaming\Mozilla\Firefox\Profiles\pgujms6z.default\extensions\ScorpionSaver@jetpack\resources\ScorpionSaver\data\icon64.png" deleted
"C:\Users\Owner\AppData\Roaming\Mozilla\Firefox\Profiles\pgujms6z.default\extensions\ScorpionSaver@jetpack\resources\ScorpionSaver\lib\main.js" deleted
"C:\Users\Owner\AppData\Roaming\Mozilla\Firefox\Profiles\pgujms6z.default\extensions\ScorpionSaver@jetpack\resources\ScorpionSaver\lib\main.js.old" deleted
"C:\Users\Owner\AppData\Roaming\Mozilla\Firefox\Profiles\pgujms6z.default\extensions\ScorpionSaver@jetpack" deleted
"C:\Users\Owner\AppData\Roaming\Mozilla\Firefox\Profiles\pgujms6z.default\extensions\ScorpionSaver@jetpack\defaults" deleted
"C:\Users\Owner\AppData\Roaming\Mozilla\Firefox\Profiles\pgujms6z.default\extensions\ScorpionSaver@jetpack\locale" deleted
"C:\Users\Owner\AppData\Roaming\Mozilla\Firefox\Profiles\pgujms6z.default\extensions\ScorpionSaver@jetpack\resources" deleted
"C:\Users\Owner\AppData\Roaming\Mozilla\Firefox\Profiles\pgujms6z.default\extensions\ScorpionSaver@jetpack\defaults\preferences" deleted
"C:\Users\Owner\AppData\Roaming\Mozilla\Firefox\Profiles\pgujms6z.default\extensions\ScorpionSaver@jetpack\resources\addon-kit" deleted
"C:\Users\Owner\AppData\Roaming\Mozilla\Firefox\Profiles\pgujms6z.default\extensions\ScorpionSaver@jetpack\resources\api-utils" deleted
"C:\Users\Owner\AppData\Roaming\Mozilla\Firefox\Profiles\pgujms6z.default\extensions\ScorpionSaver@jetpack\resources\ScorpionSaver" deleted
"C:\Users\Owner\AppData\Roaming\Mozilla\Firefox\Profiles\pgujms6z.default\extensions\ScorpionSaver@jetpack\resources\addon-kit\data" deleted
"C:\Users\Owner\AppData\Roaming\Mozilla\Firefox\Profiles\pgujms6z.default\extensions\ScorpionSaver@jetpack\resources\addon-kit\lib" deleted
"C:\Users\Owner\AppData\Roaming\Mozilla\Firefox\Profiles\pgujms6z.default\extensions\ScorpionSaver@jetpack\resources\api-utils\data" deleted
"C:\Users\Owner\AppData\Roaming\Mozilla\Firefox\Profiles\pgujms6z.default\extensions\ScorpionSaver@jetpack\resources\api-utils\lib" deleted
"C:\Users\Owner\AppData\Roaming\Mozilla\Firefox\Profiles\pgujms6z.default\extensions\ScorpionSaver@jetpack\resources\api-utils\lib\addon" deleted
"C:\Users\Owner\AppData\Roaming\Mozilla\Firefox\Profiles\pgujms6z.default\extensions\ScorpionSaver@jetpack\resources\api-utils\lib\content" deleted
"C:\Users\Owner\AppData\Roaming\Mozilla\Firefox\Profiles\pgujms6z.default\extensions\ScorpionSaver@jetpack\resources\api-utils\lib\dom" deleted
"C:\Users\Owner\AppData\Roaming\Mozilla\Firefox\Profiles\pgujms6z.default\extensions\ScorpionSaver@jetpack\resources\api-utils\lib\event" deleted
"C:\Users\Owner\AppData\Roaming\Mozilla\Firefox\Profiles\pgujms6z.default\extensions\ScorpionSaver@jetpack\resources\api-utils\lib\events" deleted
"C:\Users\Owner\AppData\Roaming\Mozilla\Firefox\Profiles\pgujms6z.default\extensions\ScorpionSaver@jetpack\resources\api-utils\lib\l10n" deleted
"C:\Users\Owner\AppData\Roaming\Mozilla\Firefox\Profiles\pgujms6z.default\extensions\ScorpionSaver@jetpack\resources\api-utils\lib\private-browsing" deleted
"C:\Users\Owner\AppData\Roaming\Mozilla\Firefox\Profiles\pgujms6z.default\extensions\ScorpionSaver@jetpack\resources\api-utils\lib\system" deleted
"C:\Users\Owner\AppData\Roaming\Mozilla\Firefox\Profiles\pgujms6z.default\extensions\ScorpionSaver@jetpack\resources\api-utils\lib\tabs" deleted
"C:\Users\Owner\AppData\Roaming\Mozilla\Firefox\Profiles\pgujms6z.default\extensions\ScorpionSaver@jetpack\resources\api-utils\lib\traits" deleted
"C:\Users\Owner\AppData\Roaming\Mozilla\Firefox\Profiles\pgujms6z.default\extensions\ScorpionSaver@jetpack\resources\api-utils\lib\utils" deleted
"C:\Users\Owner\AppData\Roaming\Mozilla\Firefox\Profiles\pgujms6z.default\extensions\ScorpionSaver@jetpack\resources\api-utils\lib\window" deleted
"C:\Users\Owner\AppData\Roaming\Mozilla\Firefox\Profiles\pgujms6z.default\extensions\ScorpionSaver@jetpack\resources\api-utils\lib\windows" deleted
"C:\Users\Owner\AppData\Roaming\Mozilla\Firefox\Profiles\pgujms6z.default\extensions\ScorpionSaver@jetpack\resources\ScorpionSaver\data" deleted
"C:\Users\Owner\AppData\Roaming\Mozilla\Firefox\Profiles\pgujms6z.default\extensions\ScorpionSaver@jetpack\resources\ScorpionSaver\lib" deleted
"C:\Users\Owner\AppData\Roaming\Mozilla\Firefox\Profiles\pgujms6z.default\extensions\ScorpionSaver@jetpack\resources\ScorpionSaver\tests" deleted

==== Empty IE Cache ======================

C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Users\Guest\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Users\Guest\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5 emptied successfully
C:\Users\Guest\AppData\Local\temp\acro_rd_dir\Temporary Internet Files\Content.IE5 emptied successfully
C:\Users\Owner\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5 emptied successfully
C:\Users\Owner\AppData\Local\Temp\acro_rd_dir\Temporary Internet Files\Content.IE5 emptied successfully
C:\Users\Owner\AppData\Local\Temp\Temporary Internet Files\Content.IE5 emptied successfully
C:\Windows\SysNative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Windows\sysWoW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Windows\sysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Users\Owner\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat will be deleted at reboot

==== Empty FireFox Cache ======================

C:\Users\Guest\AppData\Local\Mozilla\Firefox\Profiles\2wm8vvd6.default\Cache emptied successfully
C:\Users\Owner\AppData\Local\Mozilla\Firefox\Profiles\pgujms6z.default\Cache emptied successfully
C:\Users\Owner\AppData\Local\Mozilla\Firefox\Profiles\pou5ek3d.default-1385440199553\Cache emptied successfully

==== Empty Chrome Cache ======================

No Chrome User Data found

==== Empty All Flash Cache ======================

Flash Cache Emptied Successfully

==== Empty All Java Cache ======================

Java Cache cleared successfully

==== C:\zoek_backup content ======================

C:\zoek_backup (files=88 folders=28 913208 bytes)

==== Empty Temp Folders ======================

C:\Users\Default\AppData\Local\Temp emptied successfully
C:\Users\Default User\AppData\Local\Temp emptied successfully
C:\Users\DefaultAppPool\AppData\Local\Temp emptied successfully
C:\Users\Guest\AppData\Local\Temp emptied successfully
C:\Users\Public\AppData\Local\Temp emptied successfully
C:\Users\UpdatusUser\AppData\Local\Temp emptied successfully
C:\Windows\serviceprofiles\networkservice\AppData\Local\Temp emptied successfully
C:\Windows\serviceprofiles\Localservice\AppData\Local\Temp emptied successfully
C:\Users\Owner\AppData\Local\Temp  will be emptied at reboot
C:\Windows\Temp will be emptied at reboot

==== After Reboot ======================

==== Empty Temp Folders ======================

C:\Windows\Temp successfully emptied
C:\Users\Owner\AppData\Local\Temp successfully emptied

==== Empty Recycle Bin ======================

C:\$RECYCLE.BIN successfully emptied

==== Deleting Files / Folders ======================

"C:\Users\Owner\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat" not found

==== EOF on Tue 01/14/2014 at  0:46:12.18 ======================
 



#9 Aaflac

Aaflac

    Doin' Dis 'n Dat...


  • Malware Response Team
  • 2,307 posts
  • OFFLINE
  •  
  • Gender:Not Telling
  • Location:USA
  • Local time:03:48 PM

Posted 14 January 2014 - 12:58 AM

:thumbup2:

 

Please run Zoek once again, the same as in Post #2 (use that code).

 

When done, please post its entire results. (You can also attach the results, if you like.)

 

Thanks.


Edited by Aaflac, 14 January 2014 - 01:00 AM.

Old duck...


#10 ICOYAR

ICOYAR
  • Topic Starter

  • Members
  • 25 posts
  • OFFLINE
  •  
  • Local time:03:48 PM

Posted 14 January 2014 - 02:06 AM

Zoek.exe v5.0.0.0 Updated 12-Januari-2014
Tool run by Owner on Tue 01/14/2014 at  1:39:57.11.
Microsoft Windows 7 Home Premium  6.1.7601 Service Pack 1 x64
Running in: Normal Mode Internet Access Detected
Launched: C:\Users\Owner\Downloads\zoek.exe [Scan all users] [Script inserted]

==== Older Logs ======================

C:\zoek-results2014-01-13-230333.log    90261 bytes
C:\zoek-results2014-01-14-053227.log    92140 bytes
C:\zoek-results2014-01-14-054612.log    22435 bytes

==== System Restore Info ======================

1/14/2014 1:42:21 AM Zoek.exe System Restore Point Created Succesfully.

==== Windows Installer Info ======================

64 Bit HP CIO Components Installer [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\80055D556F5E6D741BF62B4AD0D441F5]C:\Windows\Installer\a4ca66b.msi
Adobe Reader XI (11.0.05) [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\68AB67CA7DA73301B744BA0000000010]C:\Windows\Installer\d8f4c.msi
Ask Shopping Toolbar [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\333495D435D24514007A7A857BC06000]C:\Windows\Installer\1a77896f.msi
Ask Toolbar [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\333495D46700A67A677A7A857BC07000]C:\Windows\Installer\228ad32f.msi
BufferChm  [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\4AA7AEE2302C09b43AF491BFE71F8CC1]C:\Windows\Installer\a4ca693.msi
C4700  [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\F9F4F55A8ACC2374AAF130094A5A9074]C:\Windows\Installer\a4ca680.msi
Content Manager Assistant for PlayStation® [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\04564C2339671E948AE121B1908C03B3]C:\Windows\Installer\76bc2.msi
Crysis WARHEAD® [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\6EAB353794E54C649A5BA862A9137398]C:\Windows\Installer\2cde0.msi
Crysis WARHEAD® Patch [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\5A24AE79BAF384947BD43F4CB4315FEC]C:\Windows\Installer\1ee365.msi
Crysis®  [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\7B97E000527E10F478A01C92247B8F4E]C:\Windows\Installer\58b3d7.msi
Crysisr 2 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\D376330603527854A80DBE50F92C369F]C:\Windows\Installer\43a6179.msi
D3DX10  [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\7BD4C90EC03660F46A13E87A329932FA]C:\Windows\Installer\1cad71ba.msi
Destinations  [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\AB4027DB46DDE994B955A682C2FDF44A]C:\Windows\Installer\a4ca6ce.msi
DeviceDiscovery  [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\EE5F2A125CD1A884EBE75E628F6C4188]C:\Windows\Installer\a4ca6c9.msi
ESET Smart Security [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\28D4727F758C02C4BAA17D106DB4DF09]C:\Windows\Installer\4969cd15.msi
GameSpy Comrade [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\F677C4F5DBC8F4C498F25B86BADD078C]C:\Windows\Installer\6b43ab.msi
GPBaseService2  [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\9C12FF36018AF4646BA0131147B7A1D6]C:\Windows\Installer\a4ca6b3.msi
HP Update [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\7ADB9507BD1EC2447B1A16449576024A]C:\Windows\Installer\234889ac.msi
HPPhotoGadget  [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\F3124EAC797FD934DBE9977BD111B53E]C:\Windows\Installer\a4ca670.msi
hpPrintProjects  [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\2ABDC57C68C3e184DB01DBAD57F8D9FF]C:\Windows\Installer\a4ca6da.msi
HPProductAssistant  [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\5F62334C531F15542807F7A7AB40261E]C:\Windows\Installer\a4ca6ae.msi
HPSSupply  [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\12BFF2B688CA3C54A9D7B43B7E44CE19]C:\Windows\Installer\234889a6.msi
hpWLPGInstaller  [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\8D71BF706BD760F4084CB81E17C96B1A]C:\Windows\Installer\a4ca685.msi
Java 7 Update 17 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\4EA42A62D9304AC4784BF238120771FF]C:\Windows\Installer\40f945.msi
Java 7 Update 25 (64-bit) [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\4EA42A62D9304AC4784BF268140752FF]C:\Windows\Installer\53e49341.msi
Java Auto Updater [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\F60730A4A66673047777F5728467D401]C:\Windows\Installer\54963f63.msi
Java™ 6 Update 32 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\4EA42A62D9304AC4784BF238120623FF]C:\Windows\Installer\53ea30b0.msi
JavaFX 2.1.1 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\F6071111A6667304777712318267D401]C:\Windows\Installer\9640c3c.msi
Junk Mail filter update [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\7E0BA6F1DDC839B4A832AAE92BEFCF4E]C:\Windows\Installer\1cad71c4.msi
MarketResearch  [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\1110F57186925394F8073301C8A6D43E]C:\Windows\Installer\a4ca6d3.msi
Mesh Runtime [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\6116D6C8427B0184F8D20D746E7B6DE8]C:\Windows\Installer\1cad71fb.msi
MGTEK dopisp 6.1 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\4753D52C631333B4D923F8F0E5183F94]C:\Windows\Installer\41b35231.msi
Microsoft .NET Framework 1.1 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\DDE7F2BCF1D91C3409CFF425AE1E271A]C:\Windows\Installer\6a636d.msi
Microsoft .NET Framework 4.5 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\0D741DA1E0EBC6D3CA11466FCD14361F]C:\Windows\Installer\80a9df4.msi
Microsoft Application Error Reporting [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\000021599B0090400100000000F01FEC]C:\Windows\Installer\1cad717d.msi
Microsoft File Transfer Manager [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\BA9618C41C6BB314186B377B17728DF2]C:\Windows\Installer\4806554d.msi
Microsoft Games for Windows - LIVE Redistributable [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\0ED9D238CFA898648991D4BBEDDBE3F4]C:\Windows\Installer\4843f99e.msi
Microsoft Games for Windows Marketplace [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\C7030BC4E565144468EBD02F4EBF28C8]C:\Windows\Installer\4843f999.msi
Microsoft Silverlight [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\D7314F9862C648A4DB8BE2A5B47BE100]c:\Windows\Installer\182cc4a.msi
Microsoft Visual C++ 2005 Redistributable (x64) [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\1af2a8da7e60d0b429d7e6453b3d0182]C:\Windows\Installer\24f7fec.msi
Microsoft Visual C++ 2005 Redistributable (x64) [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\84b9c17023c712640acaf308593282f8]C:\Windows\Installer\58b3d3.msi
Microsoft Visual C++ 2005 Redistributable [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\3e43b73803c7c394f8a6b2f0402e19c2]C:\Windows\Installer\1529ed6d.msi
Microsoft Visual C++ 2005 Redistributable [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\b25099274a207264182f8181add555d0]C:\Windows\Installer\3b751f7d.msi
Microsoft Visual C++ 2005 Redistributable [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\c1c4f01781cc94c4c8fb1542c0981a2a]C:\Windows\Installer\24f800b.msi
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\EFEE0228DC83E77358593193D847A0EC]c:\Windows\Installer\96b2a.msi
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\67D6ECF5CD5FBA732B8B22BAC8DE1B4D]c:\Windows\Installer\e4020e8.msi
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\6F9E66FF7E38E3A3FA41D89E8A906A4A]c:\Windows\Installer\39655c.msi
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\D20352A90C039D93DBF6126ECE614057]C:\Windows\Installer\2b7a435e.msi
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\CFD2C1F142D260E3CB8B271543DA9F98]C:\Windows\Installer\180eb369.msi
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\6E815EB96CCE9A53884E7857C57002F0]c:\Windows\Installer\24f8019.msi
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\1926E8D15D0BCE53481466615F760A7F]c:\Windows\Installer\44b8c03.msi
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\1D5E3C0FEDA1E123187686FED06E995A]c:\Windows\Installer\43a617e.msi
MSVCRT  [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\A6C64DD86500CEF47BA082BB611A1FF1]C:\Windows\Installer\1cad71ab.msi
MSVCRT_amd64  [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\52744B0D6663D294EB6F85A741DBB99D]C:\Windows\Installer\1cad71c9.msi
MSXML 4.0 SP2 (KB954430) [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\DDA39468D428E8B4DB27C8D5DC5CA217]c:\Windows\Installer\3dd58.msi
MSXML 4.0 SP2 (KB973688) [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\6E8A266FCD4F2A1409E1C8110F44DBCE]c:\Windows\Installer\52a1f71.msi
Network64  [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\73FBFE5025E0975478C5E7FED0BFF4BC]C:\Windows\Installer\a4ca666.msi
NVIDIA PhysX [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\26E909AD54B31AB4B885CFEAABB4EC9C]C:\Windows\Installer\395befdd.msi
PS_AIO_06_C4700_SW_Min  [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\9913F63E282CAC74AB7CB2772D747E06]C:\Windows\Installer\a4ca68a.msi
Razer Naga [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\9A8014DEDF0681F4FA24212291797737]C:\Windows\Installer\11f4b981.msi
Scan  [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\3AC763F0F2B39F344AA4528AEE964ED5]C:\Windows\Installer\a4ca69c.msi
Skype Click to Call [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\7692FC6BE18C0C0489510C7547EF1F02]C:\Windows\Installer\158aa.msi
SkypeT 6.11 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\E7FF67E4ABEA78C47B88DC745E24B5D9]C:\Windows\Installer\8677d82.msi
SmartWebPrinting  [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\21D01A86F0D02124DB6E8DF7DA238AAF]C:\Windows\Installer\a4ca6df.msi
SolutionCenter  [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\70FE07A488F74344BB161DEDA89ED34D]C:\Windows\Installer\a4ca6a9.msi
Status  [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\BF5078EAC31E9A04A8D2866D37F3FB2C]C:\Windows\Installer\a4ca6c4.msi
Steam  [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\9C8928403D4AB094F99FBA20A329833F]C:\Windows\Installer\2f1fd.msi
swMSM  [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\7C43C21609E58D74B9C5F017D78D7262]C:\Windows\Installer\834ac54.msi
System Requirements Lab CYRI [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\814C77F109C2C954DB335BA614289BAF]C:\Windows\Installer\1d0b7bdf.msi
Toolbox  [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\9E62ABB630BA7EF438A1535385C40A20]C:\Windows\Installer\a4ca67a.msi
TrayApp  [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\99F5A0CD66DFF334D9A350CDAB46EB24]C:\Windows\Installer\a4ca6bf.msi
WebReg  [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\649FDC349D5F29240B60ABD029100312]C:\Windows\Installer\a4ca675.msi
Windows Live Communications Platform [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\3D04254D3B6B9FF42B3445CE3E1E0066]C:\Windows\Installer\1cad71a6.msi
Windows Live Essentials [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\032440EF5AC97F34B985A55C2AA8F133]C:\Windows\Installer\1cad720d.msi
Windows Live ID Sign-in Assistant [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\BFF8CCA148D950C44AED2DA8B99C6189]C:\Windows\Installer\1cad7172.msi
Windows Live Installer [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\F132F0B0A6ECD384AA32773B467F9571]C:\Windows\Installer\1cad71b5.msi
Windows Live Language Selector [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\BAF5E720674195C4AA4B23FE82253099]C:\Windows\Installer\1cad7182.msi
Windows Live Mail [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\4E42866C3BBC1584BBF38EFC6D539032]C:\Windows\Installer\1cad721c.msi
Windows Live Mail [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\A57765D93F393A44082948E08362ED03]C:\Windows\Installer\1cad71cf.msi
Windows Live Mesh [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\88119C0AF88C68E4396EDCC7A9626694]C:\Windows\Installer\1cad7226.msi
Windows Live Mesh [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\C7BCDCEDCC85568419FA26F77989EF84]C:\Windows\Installer\1cad7203.msi
Windows Live Mesh ActiveX Control for Remote Connections [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\389F20921C4BAB448BD5C5D6252E4C14]C:\Windows\Installer\1f3a78.msi
Windows Live MIME IFilter [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\E08F45ADC1622A148A5545A941F4F295]C:\Windows\Installer\1cad7187.msi
Windows Live Photo Common [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\775F634D5961F2D4B844CA679CE90020]C:\Windows\Installer\1cad7217.msi
Windows Live Photo Common [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\B6ACDB9A3563B764CA384963D73AFB3E]C:\Windows\Installer\1cad71dc.msi
Windows Live PIMT Platform [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\7B292C385A83B0447A137070E0186AF4]C:\Windows\Installer\1cad71bf.msi
Windows Live Remote Client [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\A889D6FD0AEE7724AA8B51E880E634B9]C:\Windows\Installer\1cad718d.msi
Windows Live Remote Client Resources [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\2350B7483E55FAA4D8B73E1A7ADC715E]C:\Windows\Installer\1cad7192.msi
Windows Live Remote Service [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\8456A20EEDF62E04E89D11D9D7E746F1]C:\Windows\Installer\1cad7178.msi
Windows Live Remote Service Resources [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\EDEED656CA6FAC745A861A4B3EB47506]C:\Windows\Installer\1cad7197.msi
Windows Live SOXE [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\F4E3B286A696ED244AC1C470AE61874B]C:\Windows\Installer\1cad71a1.msi
Windows Live SOXE Definitions [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\26CEF00243C306D4C98ECE73E2100CF8]C:\Windows\Installer\1cad719c.msi
Windows Live UX Platform [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\E97A59ECCF4EFFF4A857920FB449F22F]C:\Windows\Installer\1cad71b0.msi
Windows Live UX Platform Language Pack [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\4A4869755DDD3AC4E98AB77E9D95D34B]C:\Windows\Installer\1cad7208.msi
Windows Live Writer [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\076CFAAAB965F2A4284B2449E5D03EFE]C:\Windows\Installer\1cad71d4.msi
Windows Live Writer Resources [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\EEDB8CDDCACDD4042875E3D8B4874276]C:\Windows\Installer\1cad7212.msi

==== Installed Programs ======================

æTorrent  
64 Bit HP CIO Components Installer  
Adobe Flash Player 11 ActiveX  
Adobe Flash Player 11 Plugin  
Adobe Reader XI (11.0.05)  
Adobe Shockwave Player 12.0  
applicationupdater  
ARPCache Viewer  
Ask Shopping Toolbar  
Ask Toolbar  
ASUSUpdate  
Battlefield 3T  
Battlefield 3T Open Beta  
Battlelog Web Plugins  
BioShock Infinite  
BufferChm  
C4700  
Console Classix version 4.22  
Content Manager Assistant for PlayStation®  
CPUID CPU-Z 1.60.1  
Crysis WARHEAD®  
Crysis WARHEAD® Patch  
Crysis®  
Crysisr 2  
D3DX10  
Destinations  
DeviceDiscovery  
Driver San Francisco  
Dual-Core Optimizer  
Duke Nukem Forever  
EPU-4 Engine  
ESET Smart Security  
ESN Sonar  
Far Cryr 3  
File-Extensions.org Search  
FXAA Post-Process Injector  
FXAA Post Process Injector  
gamelauncher-code4344-beta  
gamelauncher-ps2-live  
GameSpy Comrade  
GameTap Player  
Gametap Player  
GPBaseService2  
Grand Theft Auto III  
HiJackThis  
Homefront  
HP Customer Participation Program 13.0  
HP Imaging Device Functions 13.0  
HP Photosmart C4700 All-In-One Driver Software 13.0 Rel .6  
HP Print Projects 1.0  
HP Smart Web Printing 4.5  
HP Solution Center 13.0  
HP Update  
HPPhotoGadget  
hpPrintProjects  
HPProductAssistant  
HPSSupply  
hpWLPGInstaller  
IZArc 4.1.6  
Java 7 Update 21  
Java 7 Update 25 (64-bit)  
Java Auto Updater  
Java™ 6 Update 32  
JavaFX 2.1.1  
Junk Mail filter update  
Malwarebytes Anti-Malware version 1.75.0.1300  
ManyCam 3.1.58  
MarketResearch  
Max Payne  
Max Payne 2: The Fall of Max Payne  
Max Payne 3  
Mesh Runtime  
MGTEK dopisp 6.1  
Microsoft  File Transfer Manager  
Microsoft .NET Framework 1.1  
Microsoft .NET Framework 4.5  
Microsoft Application Error Reporting  
Microsoft Games for Windows - LIVE Redistributable  
Microsoft Games for Windows Marketplace  
Microsoft Silverlight  
Microsoft SkyDrive  
Microsoft Visual C++ 2005 Redistributable  
Microsoft Visual C++ 2005 Redistributable (x64)  
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17  
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161  
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022  
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17  
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148  
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161  
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219  
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219  
Mirror's Edge  
Mozilla Firefox 27.0 (x86 en-US)  
Mozilla Maintenance Service  
MSVCRT  
MSVCRT_amd64  
MSXML 4.0 SP2 (KB954430)  
MSXML 4.0 SP2 (KB973688)  
Network64  
Nexus Mod Manager  
NVIDIA 3D Vision Controller Driver  
NVIDIA 3D Vision Controller Driver 296.10  
NVIDIA 3D Vision Driver 311.06  
NVIDIA Control Panel 311.06  
NVIDIA Graphics Driver 311.06  
NVIDIA HD Audio Driver 1.3.12.0  
NVIDIA Install Application  
NVIDIA PhysX  
NVIDIA PhysX System Software 9.12.0213  
NVIDIA Stereoscopic 3D Driver  
NVIDIA Update 1.11.3  
NVIDIA Update Components  
Octodad  
Origin  
Pidgin  
PlanetSide 2  
Plants vs. Zombies  
Prince of Persia The Forgotten SandsT  
PS_AIO_06_C4700_SW_Min  
RAGE  
Razer Game Booster  
Razer Naga  
Recuva  
Rockstar Games Social Club  
Sauerbraten  
Scan  
Scribblenauts Unlimited  
Security Update for Microsoft .NET Framework 4.5 (KB2737083)  
Security Update for Microsoft .NET Framework 4.5 (KB2742613)  
Security Update for Microsoft .NET Framework 4.5 (KB2789648)  
Security Update for Microsoft .NET Framework 4.5 (KB2804582)  
Security Update for Microsoft .NET Framework 4.5 (KB2833957)  
Security Update for Microsoft .NET Framework 4.5 (KB2840642v2)  
Security Update for Microsoft .NET Framework 4.5 (KB2861208)  
Shop for HP Supplies  
Sid Meier's Civilization V  
Skype Click to Call  
SkypeT 6.11  
Sleeping DogsT  
SmartWebPrinting  
SolutionCenter  
Sonic Generations  
Status  
Steam  
swMSM  
System Explorer 4.0.0  
System Requirements Lab CYRI  
Team Fortress 2  
Test Drive Unlimited 2  
The Elder Scrolls Online Beta  
The Elder Scrolls V: Skyrim  
The Sims™ 3  
The Witcher 2: Assassins of Kings Enhanced Edition  
Toolbox  
TrayApp  
Ubisoft Game Launcher  
Unity Web Player  
Universe Sandbox  
Update for Microsoft .NET Framework 4.5 (KB2750147)  
Update for Microsoft .NET Framework 4.5 (KB2805221)  
Update for Microsoft .NET Framework 4.5 (KB2805226)  
Uplay  
Virtual Audio Cable 4.10  
WebReg  
Windows Glulxe  
Windows Live Communications Platform  
Windows Live Essentials  
Windows Live ID Sign-in Assistant  
Windows Live Installer  
Windows Live Language Selector  
Windows Live Mail  
Windows Live Mesh  
Windows Live Mesh ActiveX Control for Remote Connections  
Windows Live MIME IFilter  
Windows Live Photo Common  
Windows Live PIMT Platform  
Windows Live Remote Client  
Windows Live Remote Client Resources  
Windows Live Remote Service  
Windows Live Remote Service Resources  
Windows Live SOXE  
Windows Live SOXE Definitions  
Windows Live UX Platform  
Windows Live UX Platform Language Pack  
Windows Live Writer  
Windows Live Writer Resources  
WinPcap 4.1.2  
WinRAR archiver  
Wireshark 1.8.3 (64-bit)  
Worms Reloaded  
Yahoo BrowserPlus 2.9.8  
Yahoo Messenger  
Yahoo Software Update  
Yahoo Toolbar  

==== Running Processes ======================

C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
C:\Program Files\ESET\ESET Smart Security\x86\ekrn.exe
C:\Windows\SysWOW64\svchost.exe
C:\Windows\SysWOW64\PnkBstrA.exe
C:\Program Files (x86)\Razer\Razer Game Booster\RzKLService.exe
C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe
C:\Program Files (x86)\Yahoo\SoftwareUpdate\YahooAUService.exe
C:\Program Files (x86)\HP\HP Software Update\hpwuSchd2.exe
C:\Program Files (x86)\HP\Digital Imaging\bin\hpqSTE08.exe
C:\Program Files (x86)\HP\Digital Imaging\bin\hpqbam08.exe
C:\Program Files (x86)\HP\Digital Imaging\bin\hpqgpc01.exe
C:\Users\Owner\Downloads\zoek.exe
C:\Windows\SysWOW64\cmd.exe
C:\Windows\SysWOW64\cmd.exe
C:\Windows\SysWOW64\cmd.exe

==== Batch Command(s) Run By Tool======================

 Volume in drive C has no label.
 Volume Serial Number is 5AC0-7556

 Directory of C:\

07/14/2009  12:08 AM    <JUNCTION>     Documents and Settings [C:\Users]
               0 File(s)              0 bytes

 Directory of C:\ProgramData

07/14/2009  12:08 AM    <JUNCTION>     Application Data [C:\ProgramData]
07/14/2009  12:08 AM    <JUNCTION>     Desktop [C:\Users\Public\Desktop]
07/14/2009  12:08 AM    <JUNCTION>     Documents [C:\Users\Public\Documents]
07/14/2009  12:08 AM    <JUNCTION>     Favorites [C:\Users\Public\Favorites]
07/14/2009  12:08 AM    <JUNCTION>     Start Menu [C:\ProgramData\Microsoft\Windows\Start Menu]
07/14/2009  12:08 AM    <JUNCTION>     Templates [C:\ProgramData\Microsoft\Windows\Templates]
               0 File(s)              0 bytes

 Directory of C:\Users

07/14/2009  12:08 AM    <SYMLINKD>     All Users [C:\ProgramData]
07/14/2009  12:08 AM    <JUNCTION>     Default User [C:\Users\Default]
               0 File(s)              0 bytes

 Directory of C:\Users\All Users

07/14/2009  12:08 AM    <JUNCTION>     Application Data [C:\ProgramData]
07/14/2009  12:08 AM    <JUNCTION>     Desktop [C:\Users\Public\Desktop]
07/14/2009  12:08 AM    <JUNCTION>     Documents [C:\Users\Public\Documents]
07/14/2009  12:08 AM    <JUNCTION>     Favorites [C:\Users\Public\Favorites]
07/14/2009  12:08 AM    <JUNCTION>     Start Menu [C:\ProgramData\Microsoft\Windows\Start Menu]
07/14/2009  12:08 AM    <JUNCTION>     Templates [C:\ProgramData\Microsoft\Windows\Templates]
               0 File(s)              0 bytes

 Directory of C:\Users\Default

07/14/2009  12:08 AM    <JUNCTION>     Application Data [C:\Users\Default\AppData\Roaming]
07/14/2009  12:08 AM    <JUNCTION>     Local Settings [C:\Users\Default\AppData\Local]
07/14/2009  12:08 AM    <JUNCTION>     My Documents [C:\Users\Default\Documents]
07/14/2009  12:08 AM    <JUNCTION>     NetHood [C:\Users\Default\AppData\Roaming\Microsoft\Windows\Network Shortcuts]
07/14/2009  12:08 AM    <JUNCTION>     PrintHood [C:\Users\Default\AppData\Roaming\Microsoft\Windows\Printer Shortcuts]
07/14/2009  12:08 AM    <JUNCTION>     Recent [C:\Users\Default\AppData\Roaming\Microsoft\Windows\Recent]
07/14/2009  12:08 AM    <JUNCTION>     SendTo [C:\Users\Default\AppData\Roaming\Microsoft\Windows\SendTo]
07/14/2009  12:08 AM    <JUNCTION>     Start Menu [C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu]
07/14/2009  12:08 AM    <JUNCTION>     Templates [C:\Users\Default\AppData\Roaming\Microsoft\Windows\Templates]
               0 File(s)              0 bytes

 Directory of C:\Users\Default\AppData\Local

07/14/2009  12:08 AM    <JUNCTION>     Application Data [C:\Users\Default\AppData\Local]
07/14/2009  12:08 AM    <JUNCTION>     History [C:\Users\Default\AppData\Local\Microsoft\Windows\History]
07/14/2009  12:08 AM    <JUNCTION>     Temporary Internet Files [C:\Users\Default\AppData\Local\Microsoft\Windows\Temporary Internet Files]
               0 File(s)              0 bytes

 Directory of C:\Users\Default\Documents

07/14/2009  12:08 AM    <JUNCTION>     My Music [C:\Users\Default\Music]
07/14/2009  12:08 AM    <JUNCTION>     My Pictures [C:\Users\Default\Pictures]
07/14/2009  12:08 AM    <JUNCTION>     My Videos [C:\Users\Default\Videos]
               0 File(s)              0 bytes

 Directory of C:\Users\DefaultAppPool

06/26/2012  04:27 PM    <JUNCTION>     Application Data [C:\Users\DefaultAppPool\AppData\Roaming]
06/26/2012  04:27 PM    <JUNCTION>     Cookies [C:\Users\DefaultAppPool\AppData\Roaming\Microsoft\Windows\Cookies]
06/26/2012  04:27 PM    <JUNCTION>     Local Settings [C:\Users\DefaultAppPool\AppData\Local]
06/26/2012  04:27 PM    <JUNCTION>     My Documents [C:\Users\DefaultAppPool\Documents]
06/26/2012  04:27 PM    <JUNCTION>     NetHood [C:\Users\DefaultAppPool\AppData\Roaming\Microsoft\Windows\Network Shortcuts]
06/26/2012  04:27 PM    <JUNCTION>     PrintHood [C:\Users\DefaultAppPool\AppData\Roaming\Microsoft\Windows\Printer Shortcuts]
06/26/2012  04:27 PM    <JUNCTION>     Recent [C:\Users\DefaultAppPool\AppData\Roaming\Microsoft\Windows\Recent]
06/26/2012  04:27 PM    <JUNCTION>     SendTo [C:\Users\DefaultAppPool\AppData\Roaming\Microsoft\Windows\SendTo]
06/26/2012  04:27 PM    <JUNCTION>     Start Menu [C:\Users\DefaultAppPool\AppData\Roaming\Microsoft\Windows\Start Menu]
06/26/2012  04:27 PM    <JUNCTION>     Templates [C:\Users\DefaultAppPool\AppData\Roaming\Microsoft\Windows\Templates]
               0 File(s)              0 bytes

 Directory of C:\Users\DefaultAppPool\AppData\Local

06/26/2012  04:27 PM    <JUNCTION>     Application Data [C:\Users\DefaultAppPool\AppData\Local]
06/26/2012  04:27 PM    <JUNCTION>     History [C:\Users\DefaultAppPool\AppData\Local\Microsoft\Windows\History]
06/26/2012  04:27 PM    <JUNCTION>     Temporary Internet Files [C:\Users\DefaultAppPool\AppData\Local\Microsoft\Windows\Temporary Internet Files]
               0 File(s)              0 bytes

 Directory of C:\Users\DefaultAppPool\Documents

06/26/2012  04:27 PM    <JUNCTION>     My Music [C:\Users\DefaultAppPool\Music]
06/26/2012  04:27 PM    <JUNCTION>     My Pictures [C:\Users\DefaultAppPool\Pictures]
06/26/2012  04:27 PM    <JUNCTION>     My Videos [C:\Users\DefaultAppPool\Videos]
               0 File(s)              0 bytes

 Directory of C:\Users\Guest

06/10/2013  02:49 PM    <JUNCTION>     Application Data [C:\Users\Guest\AppData\Roaming]
06/10/2013  02:49 PM    <JUNCTION>     Cookies [C:\Users\Guest\AppData\Roaming\Microsoft\Windows\Cookies]
06/10/2013  02:49 PM    <JUNCTION>     Local Settings [C:\Users\Guest\AppData\Local]
06/10/2013  02:49 PM    <JUNCTION>     My Documents [C:\Users\Guest\Documents]
06/10/2013  02:49 PM    <JUNCTION>     NetHood [C:\Users\Guest\AppData\Roaming\Microsoft\Windows\Network Shortcuts]
06/10/2013  02:49 PM    <JUNCTION>     PrintHood [C:\Users\Guest\AppData\Roaming\Microsoft\Windows\Printer Shortcuts]
06/10/2013  02:49 PM    <JUNCTION>     Recent [C:\Users\Guest\AppData\Roaming\Microsoft\Windows\Recent]
06/10/2013  02:49 PM    <JUNCTION>     SendTo [C:\Users\Guest\AppData\Roaming\Microsoft\Windows\SendTo]
06/10/2013  02:49 PM    <JUNCTION>     Start Menu [C:\Users\Guest\AppData\Roaming\Microsoft\Windows\Start Menu]
06/10/2013  02:49 PM    <JUNCTION>     Templates [C:\Users\Guest\AppData\Roaming\Microsoft\Windows\Templates]
               0 File(s)              0 bytes

 Directory of C:\Users\Guest\AppData\Local

06/10/2013  02:49 PM    <JUNCTION>     Application Data [C:\Users\Guest\AppData\Local]
06/10/2013  02:49 PM    <JUNCTION>     History [C:\Users\Guest\AppData\Local\Microsoft\Windows\History]
06/10/2013  02:49 PM    <JUNCTION>     Temporary Internet Files [C:\Users\Guest\AppData\Local\Microsoft\Windows\Temporary Internet Files]
               0 File(s)              0 bytes

 Directory of C:\Users\Guest\Documents

06/10/2013  02:49 PM    <JUNCTION>     My Music [C:\Users\Guest\Music]
06/10/2013  02:49 PM    <JUNCTION>     My Pictures [C:\Users\Guest\Pictures]
06/10/2013  02:49 PM    <JUNCTION>     My Videos [C:\Users\Guest\Videos]
               0 File(s)              0 bytes

 Directory of C:\Users\Owner

07/03/2011  01:11 AM    <JUNCTION>     Application Data [C:\Users\Owner\AppData\Roaming]
07/03/2011  01:11 AM    <JUNCTION>     Cookies [C:\Users\Owner\AppData\Roaming\Microsoft\Windows\Cookies]
07/03/2011  01:11 AM    <JUNCTION>     Local Settings [C:\Users\Owner\AppData\Local]
07/03/2011  01:11 AM    <JUNCTION>     My Documents [C:\Users\Owner\Documents]
07/03/2011  01:11 AM    <JUNCTION>     NetHood [C:\Users\Owner\AppData\Roaming\Microsoft\Windows\Network Shortcuts]
07/03/2011  01:11 AM    <JUNCTION>     PrintHood [C:\Users\Owner\AppData\Roaming\Microsoft\Windows\Printer Shortcuts]
07/03/2011  01:11 AM    <JUNCTION>     Recent [C:\Users\Owner\AppData\Roaming\Microsoft\Windows\Recent]
07/03/2011  01:11 AM    <JUNCTION>     SendTo [C:\Users\Owner\AppData\Roaming\Microsoft\Windows\SendTo]
07/03/2011  01:11 AM    <JUNCTION>     Start Menu [C:\Users\Owner\AppData\Roaming\Microsoft\Windows\Start Menu]
07/03/2011  01:11 AM    <JUNCTION>     Templates [C:\Users\Owner\AppData\Roaming\Microsoft\Windows\Templates]
               0 File(s)              0 bytes

 Directory of C:\Users\Owner\AppData\Local

07/03/2011  01:11 AM    <JUNCTION>     Application Data [C:\Users\Owner\AppData\Local]
07/03/2011  01:11 AM    <JUNCTION>     History [C:\Users\Owner\AppData\Local\Microsoft\Windows\History]
07/03/2011  01:11 AM    <JUNCTION>     Temporary Internet Files [C:\Users\Owner\AppData\Local\Microsoft\Windows\Temporary Internet Files]
               0 File(s)              0 bytes

 Directory of C:\Users\Owner\Documents

07/03/2011  01:11 AM    <JUNCTION>     My Music [C:\Users\Owner\Music]
07/03/2011  01:11 AM    <JUNCTION>     My Pictures [C:\Users\Owner\Pictures]
07/03/2011  01:11 AM    <JUNCTION>     My Videos [C:\Users\Owner\Videos]
               0 File(s)              0 bytes

 Directory of C:\Users\Public\Documents

07/14/2009  12:08 AM    <JUNCTION>     My Music [C:\Users\Public\Music]
07/14/2009  12:08 AM    <JUNCTION>     My Pictures [C:\Users\Public\Pictures]
07/14/2009  12:08 AM    <JUNCTION>     My Videos [C:\Users\Public\Videos]
               0 File(s)              0 bytes

 Directory of C:\Users\UpdatusUser

03/13/2012  06:46 PM    <JUNCTION>     Application Data [C:\Users\UpdatusUser\AppData\Roaming]
03/13/2012  06:46 PM    <JUNCTION>     Cookies [C:\Users\UpdatusUser\AppData\Roaming\Microsoft\Windows\Cookies]
03/13/2012  06:46 PM    <JUNCTION>     Local Settings [C:\Users\UpdatusUser\AppData\Local]
03/13/2012  06:46 PM    <JUNCTION>     My Documents [C:\Users\UpdatusUser\Documents]
03/13/2012  06:46 PM    <JUNCTION>     NetHood [C:\Users\UpdatusUser\AppData\Roaming\Microsoft\Windows\Network Shortcuts]
03/13/2012  06:46 PM    <JUNCTION>     PrintHood [C:\Users\UpdatusUser\AppData\Roaming\Microsoft\Windows\Printer Shortcuts]
03/13/2012  06:46 PM    <JUNCTION>     Recent [C:\Users\UpdatusUser\AppData\Roaming\Microsoft\Windows\Recent]
03/13/2012  06:46 PM    <JUNCTION>     SendTo [C:\Users\UpdatusUser\AppData\Roaming\Microsoft\Windows\SendTo]
03/13/2012  06:46 PM    <JUNCTION>     Start Menu [C:\Users\UpdatusUser\AppData\Roaming\Microsoft\Windows\Start Menu]
03/13/2012  06:46 PM    <JUNCTION>     Templates [C:\Users\UpdatusUser\AppData\Roaming\Microsoft\Windows\Templates]
               0 File(s)              0 bytes

 Directory of C:\Users\UpdatusUser\AppData\Local

03/13/2012  06:46 PM    <JUNCTION>     Application Data [C:\Users\UpdatusUser\AppData\Local]
03/13/2012  06:46 PM    <JUNCTION>     History [C:\Users\UpdatusUser\AppData\Local\Microsoft\Windows\History]
03/13/2012  06:46 PM    <JUNCTION>     Temporary Internet Files [C:\Users\UpdatusUser\AppData\Local\Microsoft\Windows\Temporary Internet Files]
               0 File(s)              0 bytes

 Directory of C:\Users\UpdatusUser\Documents

03/13/2012  06:46 PM    <JUNCTION>     My Music [C:\Users\UpdatusUser\Music]
03/13/2012  06:46 PM    <JUNCTION>     My Pictures [C:\Users\UpdatusUser\Pictures]
03/13/2012  06:46 PM    <JUNCTION>     My Videos [C:\Users\UpdatusUser\Videos]
               0 File(s)              0 bytes

 Directory of C:\Windows\SysWOW64\config\systemprofile

07/24/2011  03:21 PM    <JUNCTION>     Application Data [C:\Windows\system32\config\systemprofile\AppData\Roaming]
07/24/2011  03:21 PM    <JUNCTION>     Local Settings [C:\Windows\system32\config\systemprofile\AppData\Local]
07/24/2011  03:21 PM    <JUNCTION>     My Documents [C:\Windows\system32\config\systemprofile\Documents]
07/24/2011  03:21 PM    <JUNCTION>     NetHood [C:\Windows\system32\config\systemprofile\AppData\Roaming\Microsoft\Windows\Network Shortcuts]
07/24/2011  03:21 PM    <JUNCTION>     PrintHood [C:\Windows\system32\config\systemprofile\AppData\Roaming\Microsoft\Windows\Printer Shortcuts]
07/24/2011  03:21 PM    <JUNCTION>     Recent [C:\Windows\system32\config\systemprofile\AppData\Roaming\Microsoft\Windows\Recent]
07/24/2011  03:21 PM    <JUNCTION>     SendTo [C:\Windows\system32\config\systemprofile\AppData\Roaming\Microsoft\Windows\SendTo]
07/24/2011  03:21 PM    <JUNCTION>     Start Menu [C:\Windows\system32\config\systemprofile\AppData\Roaming\Microsoft\Windows\Start Menu]
07/24/2011  03:21 PM    <JUNCTION>     Templates [C:\Windows\system32\config\systemprofile\AppData\Roaming\Microsoft\Windows\Templates]
               0 File(s)              0 bytes

 Directory of C:\Windows\SysWOW64\config\systemprofile\AppData\Local

07/24/2011  03:21 PM    <JUNCTION>     Application Data [C:\Windows\system32\config\systemprofile\AppData\Local]
07/24/2011  03:21 PM    <JUNCTION>     History [C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\History]
07/24/2011  03:21 PM    <JUNCTION>     Temporary Internet Files [C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files]
               0 File(s)              0 bytes

 Directory of C:\Windows\SysWOW64\config\systemprofile\Documents

07/24/2011  03:21 PM    <JUNCTION>     My Music [C:\Windows\system32\config\systemprofile\Music]
07/24/2011  03:21 PM    <JUNCTION>     My Pictures [C:\Windows\system32\config\systemprofile\Pictures]
07/24/2011  03:21 PM    <JUNCTION>     My Videos [C:\Windows\system32\config\systemprofile\Videos]
               0 File(s)              0 bytes

     Total Files Listed:
               0 File(s)              0 bytes
             112 Dir(s)  1,595,484,307,456 bytes free

==== Files Recently Created / Modified ======================

====== C:\Windows ====
====== C:\Users\Owner\AppData\Local\Temp ====
====== Java Cache =====
====== C:\Windows\SysWOW64 =====
====== C:\Windows\SysWOW64\drivers =====
====== C:\Windows\Sysnative =====
====== C:\Windows\Sysnative\drivers =====
2013-12-22 20:49:14    0BB97D43299910CBFBA59C461B99B910    25928    ----a-w-    C:\Windows\Sysnative\drivers\mbam.sys
====== C:\Windows\Tasks ======
====== C:\Windows\Temp ======
======= C:\Program Files =====
======= C:\PROGRA~2 =====
2014-01-13 23:53:45    --------    d-----w-    C:\PROGRA~2\Sony
2014-01-08 03:37:38    --------    d-----w-    C:\PROGRA~2\Zenimax Online
2013-12-22 20:49:14    --------    d-----w-    C:\PROGRA~2\ABC123
2013-12-19 17:56:23    --------    d-----w-    C:\PROGRA~2\ESET
======= C: =====
====== C:\Users\Owner\AppData\Roaming ======
2014-01-14 05:39:01    --------    d-----w-    C:\Windows\serviceprofiles\networkservice\AppData\Local\Temp
2014-01-14 05:39:01    --------    d-----w-    C:\Windows\serviceprofiles\Localservice\AppData\Local\Temp
2014-01-14 05:39:01    --------    d-----w-    C:\Users\UpdatusUser\AppData\Local\Temp
2014-01-14 05:39:01    --------    d-----w-    C:\Users\Public\AppData\Local\Temp
2014-01-14 05:39:01    --------    d-----w-    C:\Users\Owner\AppData\Local\Temp
2014-01-14 05:39:01    --------    d-----w-    C:\Users\Guest\AppData\Local\Temp
2014-01-14 05:39:01    --------    d-----w-    C:\Users\DefaultAppPool\AppData\Local\Temp
2014-01-14 05:39:01    --------    d-----w-    C:\Users\Default\AppData\Local\Temp
2014-01-14 05:39:01    --------    d-----w-    C:\Users\Default User\AppData\Local\Temp
2014-01-11 01:40:26    --------    d-----w-    C:\Users\Owner\AppData\Roaming\Awesomium
2014-01-01 00:44:56    --------    d-----w-    C:\Users\Guest\AppData\Local\Conduit
====== C:\Users\Owner ======
2014-01-13 23:22:32    CA4FC0D511D16CF4AEF1F5FE4B5B7278    10406976    ----a-w-    C:\Users\Owner\Downloads\CMASetup(1).exe
2014-01-13 23:21:07    CA4FC0D511D16CF4AEF1F5FE4B5B7278    10406976    ----a-w-    C:\Users\Guest\Downloads\CMASetup.exe
2014-01-13 19:36:03    8B968045D75783A09592C3105F2865DA    688992    ------r-    C:\Users\Owner\Downloads\dds.com
2014-01-13 00:37:07    A0844C730F1091B491A8737404F4C914    347816    ----a-w-    C:\Users\Owner\Downloads\MicrosoftFixit.ProgramInstallUninstall.RNP.27313000624146730.1.1.Run.exe
2014-01-12 22:03:10    C038AC0153BFFE7F8778D404C0872317    1933048    ----a-w-    C:\Users\Owner\Downloads\rkill(1).com
2014-01-08 19:03:49    --------    d-----w-    C:\ProgramData\Elder Scrolls Online
2014-01-08 03:37:44    --------    d-----w-    C:\ProgramData\Microsoft\Windows\Start Menu\Programs\The Elder Scrolls Online Beta
2014-01-08 03:29:53    ED9732313C13A9E3601FB410A35AE98B    55903624    ----a-w-    C:\Users\Owner\Downloads\Install_ESO_Beta.exe
2014-01-01 00:43:52    307A2B03FE037E3B34071E32A076F9E8    222488    ----a-w-    C:\Users\Guest\Downloads\ManualSearch_TSV1E5GE.exe

====== C: exe-files ==
2014-01-13 23:26:44    860B0D10002E046E209DDDC13C4FC632    276592    ----a-w-    C:\Users\Guest\AppData\Local\Mozilla\updates\E7CF176E110C211B\updates\0\updater.exe
2014-01-13 23:22:32    CA4FC0D511D16CF4AEF1F5FE4B5B7278    10406976    ----a-w-    C:\Users\Owner\Downloads\CMASetup(1).exe
2014-01-13 23:21:07    CA4FC0D511D16CF4AEF1F5FE4B5B7278    10406976    ----a-w-    C:\Users\Guest\Downloads\CMASetup.exe
2014-01-13 00:37:07    A0844C730F1091B491A8737404F4C914    347816    ----a-w-    C:\Users\Owner\Downloads\MicrosoftFixit.ProgramInstallUninstall.RNP.27313000624146730.1.1.Run.exe
2014-01-08 03:41:00    F88444719321B0B2FA2FD8981B3212D6    167968    ----a-w-    C:\Program Files (x86)\Zenimax Online\Launcher\launcher_helper.exe
2014-01-08 03:37:38    4DD95F7CC4B9B07948B3BA65F0170D63    14993456    ----a-w-    C:\Program Files (x86)\Zenimax Online\Launcher\Bethesda.net_Launcher.exe
2014-01-08 03:37:38    2911FEE6C466B53364FADE94FC1D6FD2    717981    ----a-w-    C:\Program Files (x86)\Zenimax Online\Launcher\unins000.exe
2014-01-08 03:29:53    ED9732313C13A9E3601FB410A35AE98B    55903624    ----a-w-    C:\Users\Owner\Downloads\Install_ESO_Beta.exe
=== C: other files ==
2014-01-14 05:53:21    6CAC10487EB2C4ECEC44C8972450BDB6    1725    ----a-w-    C:\Users\Owner\AppData\Roaming\.purple\certificates\x509\tls_peers\bos.oscar.aol.com
2014-01-14 05:53:21    3C7E1618D9D6D0281D21469D2E91DB8B    1893    ----a-w-    C:\Users\Owner\AppData\Roaming\.purple\certificates\x509\tls_peers\api.oscar.aol.com
2014-01-14 05:53:20    70F3E87D75E20F36153AD1DDD269C3E9    1989    ----a-w-    C:\Users\Owner\AppData\Roaming\.purple\certificates\x509\tls_peers\api.screenname.aol.com
2014-01-13 19:36:03    8B968045D75783A09592C3105F2865DA    688992    ------r-    C:\Users\Owner\Downloads\dds.com
2014-01-12 22:03:10    C038AC0153BFFE7F8778D404C0872317    1933048    ----a-w-    C:\Users\Owner\Downloads\rkill(1).com

======== System Restore Points ========

RP395: 12/25/2013 5:00:16 PM - Windows Update
RP397: 1/1/2014 5:00:15 PM - Windows Update
RP398: 1/7/2014 10:37:57 PM - Installed DirectX
RP400: 1/8/2014 5:00:17 PM - Windows Update
RP402: 1/12/2014 7:38:10 PM - Restore Point before ScorpionSaver was removed using Program Install and Uninstall troubleshooter
RP404: 1/12/2014 7:38:37 PM -  ScorpionSaver
RP405: 1/13/2014 5:58:16 PM - zoek.exe restore point
RP406: 1/14/2014 12:27:12 AM - zoek.exe restore point
RP407: 1/14/2014 1:42:16 AM - zoek.exe restore point

==== Startup Registry Enabled ======================

[HKEY_USERS\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\Run]
"Sidebar"="%ProgramFiles%\Windows\Sidebar.exe /autoRun"

[HKEY_USERS\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\Run]
"Sidebar"="%ProgramFiles%\Windows\Sidebar.exe /autoRun"

[HKEY_USERS\S-1-5-21-1929715978-1136492960-3399458760-1000\Software\Microsoft\Windows\CurrentVersion\Run]
"Steam"="C:\Program Files (x86)\Steam\Steam.exe -silent"
"Skype"="C:\Program Files (x86)\Skype\Phone\Skype.exe /minimized /regrun"
"Messenger (Yahoo\PROGRA~2\Yahoo\MESSEN~1\YAHOOM~1.EXE -quiet"
"ManyCam"="C:\Program Files (x86)\ManyCam\Bin\ManyCam.exe /silent"
"SkyDrive"="C:\Users\Owner\AppData\Local\Microsoft\SkyDrive\SkyDrive.exe /background"

[HKEY_USERS\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\RunOnce]
"mctadmin"="C:\Windows\System32\mctadmin.exe"

[HKEY_USERS\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\RunOnce]
"mctadmin"="C:\Windows\System32\mctadmin.exe"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"amd_dc_opt"="C:\Program Files (x86)\AMD\Dual-Core Optimizer\amd_dc_opt.exe"
"Razer Naga Driver"="C:\Program Files (x86)\Razer\Naga\RazerNagaSysTray.exe"
"ROC_roc_ssl_v12"="C:\Program Files (x86)\AVG Secure Search\ROC_roc_ssl_v12.exe / /PROMPT /CMPID=roc_ssl_v12"
"Adobe ARM"="C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
"HP Software Update"="C:\Program Files (x86)\HP\HP Software Update\HPWuSchd2.exe"

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"Steam"="C:\Program Files (x86)\Steam\Steam.exe -silent"
"Skype"="C:\Program Files (x86)\Skype\Phone\Skype.exe /minimized /regrun"
"Messenger (Yahoo\PROGRA~2\Yahoo\MESSEN~1\YAHOOM~1.EXE -quiet"
"ManyCam"="C:\Program Files (x86)\ManyCam\Bin\ManyCam.exe /silent"
"SkyDrive"="C:\Users\Owner\AppData\Local\Microsoft\SkyDrive\SkyDrive.exe /background"

==== Startup Registry Enabled x64 ======================

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"egui"="C:\Program Files\ESET\ESET Smart Security\egui.exe /hide /waitservice"

==== Startup Registry Disabled x64 ======================

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\Aim]
"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"="Aim"
"hkey"="HKCU"
"command"="\"C:\\Program Files (x86)\\AIM\\aim.exe\" /d locale=en-US"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\Comrade.exe]
"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"="Comrade.exe"
"hkey"="HKCU"
"command"="C:\\Program Files (x86)\\GameSpy\\Comrade\\Comrade.exe"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\DriverMax]
"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"="DriverMax"
"hkey"="HKCU"
"command"="\"C:\\Program Files (x86)\\Innovative Solutions\\DriverMax\\devices.exe\" -agent"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\Messenger (Yahoo!)]
"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"="Messenger (Yahoo!)"
"hkey"="HKCU"
"command"="\"C:\\PROGRA~2\\Yahoo!\\Messenger\\YahooMessenger.exe\" -quiet"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\msnmsgr]
"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"="msnmsgr"
"hkey"="HKCU"
"command"="\"C:\\Program Files (x86)\\Windows Live\\Messenger\\msnmsgr.exe\" /background"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\SunJavaUpdateSched]
"key"="SOFTWARE\\Wow6432Node\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"="SunJavaUpdateSched"
"hkey"="HKLM"
"command"="\"C:\\Program Files (x86)\\Common Files\\Java\\Java Update\\jusched.exe\""


[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\Services]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\Services\YahooAUService]


==== Startup Folders ======================

2014-01-13 23:53:46    2150    ----a-w-    C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Content Manager Assistant for PlayStation®.lnk
2011-11-17 07:46:04    2172    ----a-w-    C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\File-Extensions.org Search.lnk
2011-07-26 23:44:15    2099    ----a-w-    C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\HP Digital Imaging Monitor.lnk

==== Task Scheduler Jobs ======================

C:\Windows\tasks\Adobe Flash Player Updater.job --a------ C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [12/11/2013 02:06 AM]

==== Other Scheduled Tasks ======================

"C:\Windows\SysNative\tasks\Adobe Flash Player Updater" [C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe]
"C:\Windows\SysNative\tasks\Razer_Game_Booster_AutoUpdate" [C:\Program Files (x86)\Razer\Razer Game Booster\AutoUpdate.exe]
"C:\Windows\SysNative\tasks\RealPlayerRealUpgradeLogonTaskS-1-5-21-1929715978-1136492960-3399458760-1000" [C:\Program Files (x86)\Real\RealUpgrade\RealUpgrade.exe]
"C:\Windows\SysNative\tasks\RealPlayerRealUpgradeScheduledTaskS-1-5-21-1929715978-1136492960-3399458760-1000" [C:\Program Files (x86)\Real\RealUpgrade\RealUpgrade.exe]
"C:\Windows\SysNative\tasks\{1040E76D-CB60-41A0-A7C1-68C40AF9E2A0}" [C:\Program Files (x86)\Mozilla Firefox\firefox.exe]
"C:\Windows\SysNative\tasks\{15F259A2-3326-4E7B-8E10-6CFDB507D549}" [C:\Program Files (x86)\Steam\Steam.exe]
"C:\Windows\SysNative\tasks\{4C09FBAE-DD71-4E03-BA97-556DBF3A6368}" [C:\Program Files (x86)\Free Sound Recorder\FreeSoundRecorder.exe]
"C:\Windows\SysNative\tasks\{9AD73E56-BA63-4B3C-88BF-9DB0639B0207}" [C:\Program Files (x86)\Steam\Steam.exe]
"C:\Windows\SysNative\tasks\{D18FF36A-1C12-4FF1-A946-BBFDE32EBE61}" [C:\Program Files (x86)\AIM\aim.exe]
"C:\Windows\SysNative\tasks\ASUS\ASUS SIX Engine" [C:\Program Files (x86)\ASUS\EPU-4 Engine\FourEngine.exe]
"C:\Windows\SysNative\tasks\ASUS\ASUS Update Checker" [C:\Program Files (x86)\ASUS\ASUSUpdate\UpdateChecker\UpdateChecker.exe]

==== Firefox Extensions Registry ======================

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Mozilla\Firefox\Extensions]
"smartwebprinting@hp.com"="C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3" [07/26/2011 06:45 PM]
[HKEY_CURRENT_USER\Software\Mozilla\Firefox\Extensions]
"smartwebprinting@hp.com"="C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3" [07/26/2011 06:45 PM]

==== Firefox Extensions ======================

ProfilePath: C:\Users\Guest\AppData\Roaming\Mozilla\Firefox\Profiles\2wm8vvd6.default
- Value Apps - %ProfilePath%\extensions\{94cd2cc3-083f-49ba-a218-4cda4b4829fd}

ProfilePath: C:\Users\Owner\AppData\Roaming\Mozilla\Firefox\Profiles\pgujms6z.default
- SpeedFox - %ProfilePath%\extensions\jid1-uabu5A9hduqzCw@jetpack
- Yummy Games Player - %ProfilePath%\extensions\YPlayer@yummy.net
- GameFOX - %ProfilePath%\extensions\{6dd0bdba-0a02-429e-b595-87a7dfdca7a1}
- WOT - %ProfilePath%\extensions\{a0d7ccb3-214d-498b-b4aa-0e8fda9a7bf7}
- Greasemonkey - %ProfilePath%\extensions\{e4a8a97b-f2ed-450b-b12d-ee082ba24781}
- FoxLingo - %ProfilePath%\extensions\{ef62e1ce-d2a4-4cdd-b7ec-92b120366b66}
- YesScript - %ProfilePath%\extensions\yesscript@userstyles.org.xpi
- StumbleUpon - %ProfilePath%\extensions\{AE93811A-5C9A-4d34-8462-F7B864FC4696}.xpi
- Adblock Plus - %ProfilePath%\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi
- Text-to-Image - %ProfilePath%\extensions\{f701c26a-479a-4724-b4f1-870db12f063c}.xpi

ProfilePath: C:\Users\Owner\AppData\Roaming\Mozilla\Firefox\Profiles\pou5ek3d.default-1385440199553
- GameFOX - %ProfilePath%\extensions\{6dd0bdba-0a02-429e-b595-87a7dfdca7a1}
- WOT - %ProfilePath%\extensions\{a0d7ccb3-214d-498b-b4aa-0e8fda9a7bf7}
- Adblock Plus - %ProfilePath%\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi
- Greasemonkey - %ProfilePath%\extensions\{e4a8a97b-f2ed-450b-b12d-ee082ba24781}.xpi
- Text-to-Image - %ProfilePath%\extensions\{f701c26a-479a-4724-b4f1-870db12f063c}.xpi

AppDir: C:\Program Files (x86)\Mozilla Firefox
- Skype Click to Call - %AppDir%\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}
- Skype Click to Call - %AppDir%\browser\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}
- Default - %AppDir%\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}

==== Firefox Plugins ======================

Profilepath: C:\Users\Owner\AppData\Roaming\Mozilla\Firefox\Profiles\pgujms6z.default
62059985AF996F4FFE5451CB0D5924BF    - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_2_202_233.dll -    Shockwave Flash

Profilepath: C:\Users\Owner\AppData\Roaming\Mozilla\Firefox\Profiles\pou5ek3d.default-1385440199553
F891089A6AB9E12FEDEBCC5EC0F40D66    - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_9_900_170.dll -    Shockwave Flash
ADC539F67D3198679F480974EE203678    - C:\Windows\SysWOW64\npdeployJava1.dll -    Java Deployment Toolkit 7.0.210.11
66640A55AEFF3819C94E0A8D40D7E0AD    - C:\Windows\SysWOW64\Adobe\Director\np32dsw_1202122.dll -    Shockwave for Director / Shockwave for Director
71B61A08992B0F895288CAAB2B43E3F7    - C:\Users\Owner\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll -    Unity Player
62059985AF996F4FFE5451CB0D5924BF    - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_2_202_233.dll -    Shockwave Flash
15E298B5EC5B89C5994A59863969D9FF    - C:\Windows\SysWOW64\npmproxy.dll -    Microsoft® Windows® Operating System


==== Chrome Look ======================

HKEY_LOCAL_MACHINE\SOFTWARE\Google\Chrome\Extensions
bejbohlohkkgompgecdcbbglkpjfjgdj - No path found[]
lifbcibllhkdhoafpjfnlhfpfgnpldfl - C:\Program Files (x86)\Skype\Toolbars\Skype for Chromium\skype_chrome_extension.crx[10/09/2013 09:59 AM]

==== Uninstall List x64 ======================

æTorrent  [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\uTorrent]
64 Bit HP CIO Components Installer [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{55D55008-E5F6-47D6-B16F-B2A40D4D145F}]
Adobe Flash Player 11 ActiveX [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\Adobe Flash Player ActiveX]
Adobe Flash Player 11 Plugin [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\Adobe Flash Player Plugin]
Adobe Reader XI (11.0.05) [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{AC76BA86-7AD7-1033-7B44-AB0000000001}]
Adobe Shockwave Player 12.0 [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\Adobe Shockwave Player]
applicationupdater  [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Uninstall\SOE-C:/Users/Owner/AppData/Local/Sony Online Entertainment/ApplicationUpdater]
ARPCache Viewer [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\ARPCache Viewer]
Ask Shopping Toolbar [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{4D594333-2D53-4154-00A7-A758B70C0600}]
Ask Toolbar [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{4D594333-0076-A76A-76A7-A758B70C0700}]
ASUSUpdate  [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{587178E7-B1DF-494E-9838-FA4DD36E873C}]
Battlefield 3T [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{76285C16-411A-488A-BCE3-C83CB933D8CF}]
Battlefield 3T Open Beta [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{45C8D17D-B5E0-4e93-8370-4329AB16D2A0}]
Battlelog Web Plugins [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\Battlelog Web Plugins]
BioShock Infinite [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\Steam App 8870]
BufferChm  [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{2EEA7AA4-C203-4b90-A34F-19FB7EF1C81C}]
C4700  [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{A55F4F9F-CCA8-4732-AA1F-0390A4A50947}]
Console Classix version 4.22 [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{BC91CDA9-D8D5-4F67-A507-B8BB81F310DB}_is1]
Content Manager Assistant for PlayStation® [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{32C46540-7693-49E1-A81E-121B09C8303B}]
CPUID CPU-Z 1.60.1 [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\CPUID CPU-Z_is1]
Crysis WARHEAD® [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{7353BAE6-5E49-46C4-A9B5-8A269A313789}]
Crysis WARHEAD® [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\Crysis WARHEAD®]
Crysis WARHEAD® Patch [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{97EA42A5-3FAB-4948-B74D-F3C44B13F5CE}]
Crysis WARHEAD® Patch [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\Crysis WARHEAD® Patch]
Crysis®  [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{000E79B7-E725-4F01-870A-C12942B7F8E4}]
Crysisr 2 [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{6033673D-2530-4587-8AD0-EB059FC263F9}]
D3DX10  [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{E09C4DB7-630C-4F06-A631-8EA7239923AF}]
Destinations  [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{BD7204BA-DD64-499E-9B55-6A282CDF4FA4}]
DeviceDiscovery  [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{21A2F5EE-1DC5-488A-BE7E-E526F8C61488}]
Driver San Francisco [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\Steam App 33440]
Dual-Core Optimizer [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{9FD6F1A8-5550-46AF-8509-271DF0E768B5}]
Duke Nukem Forever [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\Steam App 57900]
EPU-4 Engine [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{8F66047B-1AF3-40D9-80D7-106E2EDC2C2A}]
ESET Smart Security [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{F7274D82-C857-4C20-AB1A-D701D64BFD90}]
ESN Sonar [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\ESN Sonar-0.70.0]
ESN Sonar [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\ESN Sonar-0.70.4]
Far Cryr 3 [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\Steam App 220240]
File-Extensions.org Search [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\File-Extensions.org Search]
FXAA Post-Process Injector [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\FXAA Post-Process Injector]
FXAA Post Process Injector [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\FXAA Post Process Injector]
gamelauncher-code4344-beta  [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Uninstall\SOE-C:/Users/Public/Sony Online Entertainment/Installed Games/PlanetSide 2 Beta]
gamelauncher-ps2-live  [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Uninstall\SOE-]
GameSpy Comrade [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{5F4C776F-8CBD-4C4F-892F-B568ABDD70C8}]
GameTap Player [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{D3A3F5C5-E95B-456D-952B-DDEC3AF68319}_is1]
Gametap Player [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\Gametap Player]
GPBaseService2  [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{63FF21C9-A810-464F-B60A-3111747B1A6D}]
Grand Theft Auto III [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\Steam App 12100]
HiJackThis  [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{45A66726-69BC-466B-A7A4-12FCBA4883D7}]
Homefront  [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\Steam App 55100]
HP Customer Participation Program 13.0 [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\HPExtendedCapabilities]
HP Imaging Device Functions 13.0 [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\HP Imaging Device Functions]
HP Photosmart C4700 All-In-One Driver Software 13.0 Rel .6 [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{2012D762-5DCA-455A-B5FE-EDF79BC93E18}]
HP Print Projects 1.0 [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\HP Print Projects]
HP Smart Web Printing 4.5 [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\HP Smart Web Printing]
HP Solution Center 13.0 [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\HP Solution Center & Imaging Support Tools]
HP Update [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{7059BDA7-E1DB-442C-B7A1-6144596720A4}]
HPPhotoGadget  [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{CAE4213F-F797-439D-BD9E-79B71D115BE3}]
hpPrintProjects  [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{C75CDBA2-3C86-481e-BD10-BDDA758F9DFF}]
HPProductAssistant  [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{C43326F5-F135-4551-8270-7F7ABA0462E1}]
HPSSupply  [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{6B2FFB21-AC88-45C3-9A7D-4BB3E744EC91}]
hpWLPGInstaller  [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{07FB17D8-7DB6-4F06-80C4-8BE1719CB6A1}]
IZArc 4.1.6 [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{97C82B44-D408-4F14-9252-47FC1636D23E}_is1]
Java 7 Update 21 [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{26A24AE4-039D-4CA4-87B4-2F83217017FF}]
Java 7 Update 25 (64-bit) [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{26A24AE4-039D-4CA4-87B4-2F86417025FF}]
Java Auto Updater [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{4A03706F-666A-4037-7777-5F2748764D10}]
Java™ 6 Update 32 [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{26A24AE4-039D-4CA4-87B4-2F83216032FF}]
JavaFX 2.1.1 [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{1111706F-666A-4037-7777-211328764D10}]
Junk Mail filter update [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{1F6AB0E7-8CDD-4B93-8A23-AA9EB2FEFCE4}]
Malwarebytes Anti-Malware version 1.75.0.1300 [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\Malwarebytes' Anti-Malware_is1]
ManyCam 3.1.58 [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\ManyCam]
MarketResearch  [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{175F0111-2968-4935-8F70-33108C6A4DE3}]
Max Payne [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\Steam App 12140]
Max Payne 2: The Fall of Max Payne [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\Steam App 12150]
Max Payne 3 [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\Steam App 204100]
Mesh Runtime [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{8C6D6116-B724-4810-8F2D-D047E6B7D68E}]
MGTEK dopisp 6.1 [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{C25D3574-3136-4B33-9D32-8F0F5E81F349}]
Microsoft .NET Framework 1.1 [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}]
Microsoft .NET Framework 4.5 [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{1AD147D0-BE0E-3D6C-AC11-64F6DC4163F1}]
Microsoft .NET Framework 4.5 [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033]
Microsoft File Transfer Manager [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{4C8169AB-B6C1-413B-81B6-73B77127D82F}]
Microsoft Games for Windows - LIVE Redistributable [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{832D9DE0-8AFC-4689-9819-4DBBDEBD3E4F}]
Microsoft Games for Windows Marketplace [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{4CB0307C-565E-4441-86BE-0DF2E4FB828C}]
Microsoft Silverlight [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}]
Microsoft SkyDrive [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Uninstall\SkyDriveSetup.exe]
Microsoft Visual C++ 2005 Redistributable (x64) [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{071c9b48-7c32-4621-a0ac-3f809523288f}]
Microsoft Visual C++ 2005 Redistributable (x64) [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}]
Microsoft Visual C++ 2005 Redistributable [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}]
Microsoft Visual C++ 2005 Redistributable [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{7299052b-02a4-4627-81f2-1818da5d550d}]
Microsoft Visual C++ 2005 Redistributable [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}]
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{8220EEFE-38CD-377E-8595-13398D740ACE}]
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}]
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}]
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{9A25302D-30C0-39D9-BD6F-21E6EC160475}]
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}]
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{9BE518E6-ECC6-35A9-88E4-87755C07200F}]
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}]
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}]
Mirror's Edge [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\Steam App 17410]
Mozilla Firefox 27.0 (x86 en-US) [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\Mozilla Firefox 27.0 (x86 en-US)]
Mozilla Maintenance Service [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\MozillaMaintenanceService]
MSVCRT  [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{8DD46C6A-0056-4FEC-B70A-28BB16A1F11F}]
MSVCRT_amd64  [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{D0B44725-3666-492D-BEF6-587A14BD9BD9}]
MSXML 4.0 SP2 (KB954430) [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}]
MSXML 4.0 SP2 (KB973688) [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}]
Network64  [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{05EFBF37-0E52-4579-875C-7EEF0DFB4FCB}]
Nexus Mod Manager [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\6af12c54-643b-4752-87d0-8335503010de_is1]
NVIDIA 3D Vision Controller Driver [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\NVIDIA StereoUSB Driver]
NVIDIA 3D Vision Controller Driver 296.10 [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB]
NVIDIA 3D Vision Driver 311.06 [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision]
NVIDIA Control Panel 311.06 [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.ControlPanel]
NVIDIA Graphics Driver 311.06 [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver]
NVIDIA HD Audio Driver 1.3.12.0 [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver]
NVIDIA Install Application [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_installer]
NVIDIA PhysX [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{DA909E62-3B45-4BA1-8B58-FCAEBA4BCEC9}]
NVIDIA PhysX System Software 9.12.0213 [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX]
NVIDIA Stereoscopic 3D Driver [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\NVIDIAStereo]
NVIDIA Update 1.11.3 [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update]
NVIDIA Update Components [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NVIDIA.Update]
Octodad  [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\Octodad]
Origin  [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\Origin]
Pidgin  [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\Pidgin]
PlanetSide 2 [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\Steam App 218230]
Plants vs. Zombies [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\Plants vs. Zombies]
Prince of Persia The Forgotten SandsT [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{EAEAAF8C-8E86-4CAC-AC08-1A33EDCA34AC}]
PS_AIO_06_C4700_SW_Min  [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{E36F3199-C282-47CA-BAC7-2B77D247E760}]
RAGE  [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\Steam App 9200]
Razer Game Booster [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\Razer Game Booster_is1]
Razer Naga [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{ED4108A9-60FD-4F18-AF42-122219977773}]
Recuva  [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\Recuva]
Rockstar Games Social Club [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\Rockstar Games Social Club]
Sauerbraten  [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\Sauerbraten]
Scan  [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{0F367CA3-3B2F-43F9-A44A-25A8EE69E45D}]
Scribblenauts Unlimited [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\Steam App 218680]
Shop for HP Supplies [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\Shop for HP Supplies]
Sid Meier's Civilization V [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\Steam App 8930]
Skype Click to Call [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{B6CF2967-C81E-40C0-9815-C05774FEF120}]
SkypeT 6.11 [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{4E76FF7E-AEBA-4C87-B788-CD47E5425B9D}]
Sleeping DogsT [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\Steam App 202170]
SmartWebPrinting  [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{68A10D12-0D0F-4212-BDE6-D87FAD32A8FA}]
SolutionCenter  [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{4A70EF07-7F88-4434-BB61-D1DE8AE93DD4}]
Sonic Generations [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\Steam App 71340]
Status  [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{AE8705FB-E13C-40A9-8A2D-68D6733FBFC2}]
Steam  [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{048298C9-A4D3-490B-9FF9-AB023A9238F3}]
swMSM  [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{612C34C7-5E90-47D8-9B5C-0F717DD82726}]
System Explorer 4.0.0 [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{40F485F7-6478-4896-B0D5-F94BE677EB78}_is1]
System Requirements Lab CYRI [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{1F77C418-2C90-459C-BD33-B56A4182B9FA}]
Team Fortress 2 [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\Steam App 440]
Test Drive Unlimited 2 [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\Steam App 9930]
The Elder Scrolls Online Beta [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\The Elder Scrolls Online Beta_is1]
The Elder Scrolls V: Skyrim [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\Steam App 72850]
The Sims™ 3 [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\Steam App 47890]
The Witcher 2: Assassins of Kings Enhanced Edition [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\Steam App 20920]
Toolbox  [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{6BBA26E9-AB03-4FE7-831A-3535584CA002}]
TrayApp  [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{DC0A5F99-FD66-433F-9D3A-05DCBA64BE42}]
Ubisoft Game Launcher [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{888F1505-C2B3-4FDE-835D-36353EBD4754}]
Unity Web Player [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Uninstall\UnityWebPlayer]
Universe Sandbox [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\Steam App 72200]
Uplay  [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\Uplay]
Virtual Audio Cable 4.10 [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\Virtual Audio Cable 4.10]
WebReg  [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{43CDF946-F5D9-4292-B006-BA0D92013021}]
Windows Glulxe [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\WinGlulxe]
Windows Live Communications Platform [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{D45240D3-B6B3-4FF9-B243-54ECE3E10066}]
Windows Live Essentials [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{FE044230-9CA5-43F7-9B58-5AC5A28A1F33}]
Windows Live Essentials [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\WinLiveSuite]
Windows Live ID Sign-in Assistant [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{1ACC8FFB-9D84-4C05-A4DE-D28A9BC91698}]
Windows Live Installer [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{0B0F231F-CE6A-483D-AA23-77B364F75917}]
Windows Live Language Selector [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{027E5FAB-1476-4C59-AAB4-32EF28520399}]
Windows Live Mail [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{9D56775A-93F3-44A3-8092-840E3826DE30}]
Windows Live Mail [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{C66824E4-CBB3-4851-BB3F-E8CFD6350923}]
Windows Live Mesh [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{A0C91188-C88F-4E86-93E6-CD7C9A266649}]
Windows Live Mesh [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{DECDCB7C-58CC-4865-91AF-627F9798FE48}]
Windows Live Mesh ActiveX Control for Remote Connections [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{2902F983-B4C1-44BA-B85D-5C6D52E2C441}]
Windows Live MIME IFilter [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{DA54F80E-261C-41A2-A855-549A144F2F59}]
Windows Live Photo Common [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{A9BDCA6B-3653-467B-AC83-94367DA3BFE3}]
Windows Live Photo Common [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{D436F577-1695-4D2F-8B44-AC76C99E0002}]
Windows Live PIMT Platform [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{83C292B7-38A5-440B-A731-07070E81A64F}]
Windows Live Remote Client [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{DF6D988A-EEA0-4277-AAB8-158E086E439B}]
Windows Live Remote Client Resources [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{847B0532-55E3-4AAF-8D7B-E3A1A7CD17E5}]
Windows Live Remote Service [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{E02A6548-6FDE-40E2-8ED9-119D7D7E641F}]
Windows Live Remote Service Resources [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{656DEEDE-F6AC-47CA-A568-A1B4E34B5760}]
Windows Live SOXE [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{682B3E4F-696A-42DE-A41C-4C07EA1678B4}]
Windows Live SOXE Definitions [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{200FEC62-3C34-4D60-9CE8-EC372E01C08F}]
Windows Live UX Platform [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{CE95A79E-E4FC-4FFF-8A75-29F04B942FF2}]
Windows Live UX Platform Language Pack [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{579684A4-DDD5-4CA3-9EA8-7BE7D9593DB4}]
Windows Live Writer [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{AAAFC670-569B-4A2F-82B4-42945E0DE3EF}]
Windows Live Writer Resources [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{DDC8BDEE-DCAC-404D-8257-3E8D4B782467}]
WinPcap 4.1.2 [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\WinPcapInst]
WinRAR archiver [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\WinRAR archiver]
Wireshark 1.8.3 (64-bit) [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\Wireshark]
Worms Reloaded [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\Steam App 22600]

==== HijackThis Entries ======================

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.yahoo.com
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
F2 - REG:system.ini: UserInit=userinit.exe,
O4 - HKLM\..\Run: [amd_dc_opt] C:\Program Files (x86)\AMD\Dual-Core Optimizer\amd_dc_opt.exe
O4 - HKLM\..\Run: [Razer Naga Driver] C:\Program Files (x86)\Razer\Naga\RazerNagaSysTray.exe
O4 - HKLM\..\Run: [ROC_roc_ssl_v12] "C:\Program Files (x86)\AVG Secure Search\ROC_roc_ssl_v12.exe" / /PROMPT /CMPID=roc_ssl_v12
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [HP Software Update] C:\Program Files (x86)\HP\HP Software Update\HPWuSchd2.exe
O4 - HKCU\..\Run: [Steam] "C:\Program Files (x86)\Steam\Steam.exe" -silent
O4 - HKCU\..\Run: [Skype] "C:\Program Files (x86)\Skype\Phone\Skype.exe" /minimized /regrun
O4 - HKCU\..\Run: [Messenger (Yahoo!)] "C:\PROGRA~2\Yahoo!\MESSEN~1\YAHOOM~1.EXE" -quiet
O4 - HKCU\..\Run: [ManyCam] "C:\Program Files (x86)\ManyCam\Bin\ManyCam.exe" /silent
O4 - HKCU\..\Run: [SkyDrive] "C:\Users\Owner\AppData\Local\Microsoft\SkyDrive\SkyDrive.exe" /background
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')
O4 - Global Startup: Content Manager Assistant for PlayStation®.lnk = C:\Program Files (x86)\Sony\Content Manager Assistant\CMA.exe
O4 - Global Startup: File-Extensions.org Search.lnk = C:\Program Files (x86)\File Extensions\File-Extensions.org-Search.exe
O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - (no file)
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - (no file)
O9 - Extra button: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O9 - Extra button: Show or hide HP Smart Web Printing - {DDE87865-83C5-48c4-8357-2F5B1AA84522} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O15 - Trusted Zone: *.clonewarsadventures.com
O15 - Trusted Zone: *.freerealms.com
O15 - Trusted Zone: *.soe.com
O15 - Trusted Zone: *.sony.com
O16 - DPF: {5D6F45B3-9043-443D-A792-115447494D24} (UnoCtrl Class) - http://messenger.zone.msn.com/MessengerGamesContent/GameContent/Default/uno1/GAME_UNO1.cab
O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab56907.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{3064467D-648C-4941-8AF2-0BC00F255549}: NameServer = 208.67.222.222,208.67.220.220
O17 - HKLM\System\CS1\Services\Tcpip\..\{3064467D-648C-4941-8AF2-0BC00F255549}: NameServer = 208.67.222.222,208.67.220.220
O17 - HKLM\System\CS2\Services\Tcpip\..\{3064467D-648C-4941-8AF2-0BC00F255549}: NameServer = 208.67.222.222,208.67.220.220
O18 - Protocol: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: ESET Service (ekrn) - ESET - C:\Program Files\ESET\ESET Smart Security\x86\ekrn.exe
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: MBAMScheduler - Malwarebytes Corporation - C:\Program Files (x86)\ABC123\mbamscheduler.exe
O23 - Service: MBAMService - Malwarebytes Corporation - C:\Program Files (x86)\ABC123\mbamservice.exe
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: NVIDIA Display Driver Service (nvsvc) - Unknown owner - C:\Windows\system32\nvvsvc.exe (file missing)
O23 - Service: NVIDIA Update Service Daemon (nvUpdatusService) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
O23 - Service: PnkBstrA - Unknown owner - C:\Windows\system32\PnkBstrA.exe
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Remote Packet Capture Protocol v.0 (experimental) (rpcapd) - CACE Technologies, Inc. - C:\Program Files (x86)\WinPcap\rpcapd.exe
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: RzKLService - Razer Inc. - C:\Program Files (x86)\Razer\Razer Game Booster\RzKLService.exe
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Skype C2C Service - Skype Technologies S.A. - C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files (x86)\Skype\Updater\Updater.exe
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files (x86)\Common Files\Steam\SteamService.exe
O23 - Service: NVIDIA Stereoscopic 3D Driver Service (Stereo Service) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
O23 - Service: System Explorer Service (SystemExplorerHelpService) - Mister Group - C:\Program Files (x86)\System Explorer\service\SystemExplorerService64.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: VIA Karaoke digital mixer Service (VIAKaraokeService) - Unknown owner - C:\Windows\system32\viakaraokesrv.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)
O23 - Service: Yahoo! Updater (YahooAUService) - Yahoo! Inc. - C:\Program Files (x86)\Yahoo!\SoftwareUpdate\YahooAUService.exe

==== C:\zoek_backup content ======================

C:\zoek_backup (files=88 folders=28 913208 bytes)

==== EOF on Tue 01/14/2014 at  1:46:59.38 ======================
 



#11 Aaflac

Aaflac

    Doin' Dis 'n Dat...


  • Malware Response Team
  • 2,307 posts
  • OFFLINE
  •  
  • Gender:Not Telling
  • Location:USA
  • Local time:03:48 PM

Posted 14 January 2014 - 06:18 PM

Looks like ScorpionSaver is gone.

How is it going? Are you having any more problems with the SS intrusion?

While we are still checking things, please download Security Check:
http://screen317.spywareinfoforum.org/
Save to your Desktop.
Double-click: [I[SecurityCheck.exe[/i]
Follow the on-screen instructions inside the black box.

When done, a Notepad report opens automatically, called: checkup.txt

>> Please post the checkup.txt in your reply.
(Please do not take any corrective actions!)

Old duck...


#12 ICOYAR

ICOYAR
  • Topic Starter

  • Members
  • 25 posts
  • OFFLINE
  •  
  • Local time:03:48 PM

Posted 14 January 2014 - 10:43 PM

 Results of screen317's Security Check version 0.99.78  
 Windows 7 Service Pack 1 x64 (UAC is disabled!)  
 Internet Explorer 11  
``````````````Antivirus/Firewall Check:``````````````
 Windows Firewall Disabled!  
ESET Smart Security 5.2   
 Antivirus up to date!   
`````````Anti-malware/Other Utilities Check:`````````
 Malwarebytes Anti-Malware version 1.75.0.1300  
 JavaFX 2.1.1    
 Java™ 6 Update 32  
 Java 7 Update 21  
 Java version out of Date!
 Adobe Flash Player 11.9.900.170  
 Adobe Reader XI  
 Mozilla Firefox (27.0)
````````Process Check: objlist.exe by Laurent````````  
 ESET NOD32 Antivirus egui.exe  
 ESET NOD32 Antivirus ekrn.exe  
`````````````````System Health check`````````````````
 Total Fragmentation on Drive C: 0%
````````````````````End of Log``````````````````````



#13 Aaflac

Aaflac

    Doin' Dis 'n Dat...


  • Malware Response Team
  • 2,307 posts
  • OFFLINE
  •  
  • Gender:Not Telling
  • Location:USA
  • Local time:03:48 PM

Posted 15 January 2014 - 07:16 PM

>> UAC is disabled!
Windows 7 has the built-in ability to automatically reduce the potential of security breaches and malware from compromising the operating system.
It does so by automatically enabling the User Account Control (UAC).
Recommend you select the Default setting:
http://www.sevenforums.com/tutorials/299-user-account-control-uac-change-notification-settings.html

This is a vulnerability you cannot afford to have:
>> Java version out of date!
Please verify the version of Java you have installed.
If your version of Java is outdated, it needs to be updated.
When done, uninstall older versions.

Any more problems with ScorpionSaver?

Old duck...


#14 ICOYAR

ICOYAR
  • Topic Starter

  • Members
  • 25 posts
  • OFFLINE
  •  
  • Local time:03:48 PM

Posted 15 January 2014 - 07:58 PM

None so far



#15 Aaflac

Aaflac

    Doin' Dis 'n Dat...


  • Malware Response Team
  • 2,307 posts
  • OFFLINE
  •  
  • Gender:Not Telling
  • Location:USA
  • Local time:03:48 PM

Posted 18 January 2014 - 11:15 PM

:thumbup2:


Old duck...





0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users