Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Virus with a lot of pops & System keeps Crashing


  • This topic is locked This topic is locked
34 replies to this topic

#1 heytee65

heytee65

  • Members
  • 41 posts
  • OFFLINE
  •  
  • Local time:07:53 PM

Posted 12 March 2014 - 03:28 PM

Do not know how to remove or fix the problem 

Attached Files



BC AdBot (Login to Remove)

 


#2 Jo*

Jo*

  • Malware Response Team
  • 3,445 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Germany
  • Local time:12:53 AM

Posted 12 March 2014 - 06:06 PM

:welcome:

Hello heytee65,

my name is Jo and I will help you with your computer problems.



Please follow these guidelines:
  • Logs can take a while to research, so please be patient.
  • Read and follow the instructions in the sequence they are posted.
  • print or copy & save instructions.
  • back up all your private data / important files on another (external) drive before using our tools.
  • Do not install / uninstall any applications, unless otherwise instructed.
  • Use only that tools you have been instructed to use.
  • Copy and Paste the log files inside your post, unless otherwise instructed.
  • Ask for clarification, if you have any questions.
  • Stay with this topic til you get the all clean post.
  • My first language is not english. So please do not use slang or idioms. It could be hard for me to read. Thanks for your understanding.

***


1. Download Security Check by screen317 from here or here.
  • Save it to your Desktop.
  • Double click SecurityCheck.exe and follow the onscreen instructions inside of the black box.
    Vista / Windows 7/8 users right-click and select Run As Administrator.
  • A Notepad document should open automatically called checkup.txt; please post the contents of that document.

***


2. Download OTL to your desktop.
  • Double click on the icon to run it.
    Vista / Windows 7/8 users right-click and select Run As Administrator.
  • Make sure all other windows are closed and to let it run uninterrupted.
  • When the window appears, underneath Output at the top change it to Minimal Output.
  • Check the boxes beside LOP Check and Purity Check.
  • Click the Run Scan button. Do not change any settings unless otherwise told to do so. The scan wont take long.
  • When the scan completes, it will open two notepad windows. OTL.Txt and Extras.Txt.
    Note: These logs can be located in the OTL folder on your C:\ drive if they fail to open automatically.
  • Please copy (Edit->Select All, Edit->Copy) the contents of these files, one at a time, and post it with your next reply. You may need two posts to fit them both in.

Graduate of the WTT Classroom
Cheers,
Jo
If I have been helping you, and I have not replied to your latest post in 36 hours please send me a PM.


#3 heytee65

heytee65
  • Topic Starter

  • Members
  • 41 posts
  • OFFLINE
  •  
  • Local time:07:53 PM

Posted 12 March 2014 - 06:35 PM

Thank you for your help.

Attached Files



#4 heytee65

heytee65
  • Topic Starter

  • Members
  • 41 posts
  • OFFLINE
  •  
  • Local time:07:53 PM

Posted 12 March 2014 - 06:54 PM

OTL logfile created on: 3/12/2014 7:41:55 PM - Run 1
OTL by OldTimer - Version 3.2.69.0     Folder = C:\Users\Re\Desktop
64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.11.9600.16518)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy
 
3.75 Gb Total Physical Memory | 2.21 Gb Available Physical Memory | 58.92% Memory free
7.49 Gb Paging File | 5.41 Gb Available in Paging File | 72.31% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 450.41 Gb Total Space | 361.78 Gb Free Space | 80.32% Space Free | Partition Type: NTFS
Drive D: | 15.05 Gb Total Space | 1.88 Gb Free Space | 12.46% Space Free | Partition Type: NTFS
Drive F: | 99.02 Mb Total Space | 30.44 Mb Free Space | 30.74% Space Free | Partition Type: FAT32
 
Computer Name: RE-HP | User Name: Re | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
 
========== Processes (SafeList) ==========
 
PRC - C:\Users\Re\Desktop\OTL.exe (OldTimer Tools)
PRC - c:\ProgramData\Right Soft\WS-Booster\WS-Booster.exe ()
PRC - C:\Program Files (x86)\Mobogenie\MgAssist.exe ()
PRC - C:\Program Files (x86)\Common Files\Spigot\Search Settings\SearchSettings.exe (Spigot, Inc.)
PRC - C:\Program Files (x86)\Application Updater\ApplicationUpdater.exe (Spigot, Inc.)
PRC - C:\Program Files (x86)\Mobogenie\DaemonProcess.exe ()
PRC - C:\Program Files (x86)\YourFileDownloader\YourFileUpdater.exe (http://yourfiledownloader.com)
PRC - C:\Users\Re\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
PRC - C:\Program Files (x86)\Microsoft\BingBar\7.3.124.0\SeaPort.EXE (Microsoft Corporation.)
PRC - C:\Program Files (x86)\Plex\Plex Media Server\PlexDlnaServer.exe (Plex, Inc.)
PRC - C:\Program Files (x86)\Plex\Plex Media Server\PlexScriptHost.exe (Python Software Foundation)
PRC - C:\Program Files (x86)\Plex\Plex Media Server\Plex Media Server.exe (Plex, Inc.)
PRC - C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe (Microsoft Corporation)
PRC - C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe (Microsoft Corporation)
PRC - C:\Program Files (x86)\RealNetworks\RealDownloader\rndlresolversvc.exe ()
PRC - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 2013\avp.exe (Kaspersky Lab ZAO)
PRC - C:\Windows\SysWOW64\nlssrv32.exe (Nalpeiron Ltd.)
PRC - C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPMSGSVC.exe (Hewlett-Packard Development Company, L.P.)
PRC - C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPWMISVC.exe (Hewlett-Packard Development Company, L.P.)
PRC - C:\Program Files (x86)\Windows iLivid Toolbar\Datamngr\datamngrUI.exe (Bandoo Media, inc)
PRC - C:\Program Files (x86)\Hewlett-Packard\HP On Screen Display\HPOSD.exe (Hewlett-Packard Development Company, L.P.)
PRC - C:\Program Files (x86)\ManyCam\Bin\ManyCam.exe (ManyCam LLC)
PRC - C:\Program Files (x86)\Roxio\RoxioNow Player\RNowSvc.exe (Roxio)
PRC - C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvc.exe (CyberLink)
PRC - C:\Program Files (x86)\Common Files\Protexis\License Service\PsiService_2.exe (Protexis Inc.)
 
 
========== Modules (No Company Name) ==========
 
MOD - C:\Program Files (x86)\Mobogenie\DaemonProcess.exe ()
MOD - C:\Program Files (x86)\Mobogenie\DCR.dll ()
MOD - C:\Program Files (x86)\Mobogenie\Device.dll ()
MOD - C:\Users\Re\AppData\Roaming\Dropbox\bin\wxmsw28uh_vc.dll ()
MOD - C:\Program Files (x86)\Plex\Plex Media Server\Exts\OpenSSL\SSL.pyd ()
MOD - C:\Program Files (x86)\Plex\Plex Media Server\Exts\simplejson\_speedups.pyd ()
MOD - C:\Program Files (x86)\Plex\Plex Media Server\Exts\OpenSSL\rand.pyd ()
MOD - C:\Program Files (x86)\Plex\Plex Media Server\Exts\lxml\etree.pyd ()
MOD - C:\Program Files (x86)\Plex\Plex Media Server\Exts\lxml\objectify.pyd ()
MOD - C:\Program Files (x86)\Plex\Plex Media Server\Exts\OpenSSL\crypto.pyd ()
MOD - C:\Program Files (x86)\Plex\Plex Media Server\DLLs\_socket.pyd ()
MOD - C:\Program Files (x86)\Plex\Plex Media Server\DLLs\_ssl.pyd ()
MOD - C:\Program Files (x86)\Plex\Plex Media Server\DLLs\_hashlib.pyd ()
MOD - C:\Program Files (x86)\Plex\Plex Media Server\DLLs\unicodedata.pyd ()
MOD - C:\Program Files (x86)\Plex\Plex Media Server\DLLs\_ctypes.pyd ()
MOD - C:\Program Files (x86)\Plex\Plex Media Server\DLLs\pyexpat.pyd ()
MOD - C:\Program Files (x86)\Plex\Plex Media Server\zlib1.dll ()
MOD - C:\Program Files (x86)\Plex\Plex Media Server\DLLs\select.pyd ()
MOD - C:\Program Files (x86)\Plex\Plex Media Server\WebKit.dll ()
MOD - C:\Program Files (x86)\Plex\Plex Media Server\tag.dll ()
MOD - C:\Program Files (x86)\Plex\Plex Media Server\zlib.dll ()
MOD - C:\Program Files (x86)\Plex\Plex Media Server\swscale-0.dll ()
MOD - C:\Program Files (x86)\Plex\Plex Media Server\soci_core-vc80-3_0.dll ()
MOD - C:\Program Files (x86)\Plex\Plex Media Server\soci_sqlite3-vc80-3_0.dll ()
MOD - C:\Program Files (x86)\Plex\Plex Media Server\libxml2.dll ()
MOD - C:\Program Files (x86)\Plex\Plex Media Server\libxslt.dll ()
MOD - C:\Program Files (x86)\Plex\Plex Media Server\libidn.dll ()
MOD - C:\Program Files (x86)\Plex\Plex Media Server\libexslt.dll ()
MOD - C:\Program Files (x86)\Plex\Plex Media Server\JavaScriptCore.dll ()
MOD - C:\Program Files (x86)\Plex\Plex Media Server\cairo.dll ()
MOD - C:\Program Files (x86)\Plex\Plex Media Server\CFLite.dll ()
MOD - C:\Program Files (x86)\Plex\Plex Media Server\avutil-50.dll ()
MOD - C:\Program Files (x86)\Plex\Plex Media Server\avcodec-52.dll ()
MOD - C:\Program Files (x86)\Plex\Plex Media Server\avformat-52.dll ()
MOD - C:\Users\Re\AppData\Roaming\Dropbox\bin\libcef.dll ()
MOD - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 2013\QtWebKit\qmlwebkitplugin4.dll ()
MOD - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 2013\dblite.dll ()
MOD - C:\Program Files (x86)\ManyCam\Bin\cximagecrt.dll ()
MOD - C:\Program Files (x86)\ManyCam\Bin\CrashRpt.dll ()
MOD - C:\Program Files (x86)\Common Files\LightScribe\QtGui4.dll ()
MOD - C:\Program Files (x86)\Common Files\LightScribe\QtCore4.dll ()
MOD - C:\Program Files (x86)\Common Files\LightScribe\plugins\imageformats\qjpeg4.dll ()
MOD - C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvcPS.dll ()
MOD - C:\Program Files (x86)\CyberLink\Power2Go\CLMediaLibrary.dll ()
 
 
========== Services (SafeList) ==========
 
SRV:64bit: - (IEEtwCollectorService) -- C:\Windows\SysNative\IEEtwCollector.exe (Microsoft Corporation)
SRV:64bit: - (WinDefend) -- C:\Program Files\Windows Defender\MpSvc.dll (Microsoft Corporation)
SRV:64bit: - (STacSV) -- C:\Program Files\IDT\WDM\stacsv64.exe (IDT, Inc.)
SRV:64bit: - (AMD External Events Utility) -- C:\Windows\SysNative\atiesrxx.exe (AMD)
SRV:64bit: - (AMD FUEL Service) -- C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe (Advanced Micro Devices, Inc.)
SRV:64bit: - (wlcrasvc) -- C:\Program Files\Windows Live\Mesh\wlcrasvc.exe (Microsoft Corporation)
SRV:64bit: - (HPClientSvc) -- C:\Program Files\Hewlett-Packard\HP Client Services\HPClientServices.exe (Hewlett-Packard Company)
SRV:64bit: - (HP Wireless Assistant Service) -- C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWA_Service.exe (Hewlett-Packard Company)
SRV:64bit: - (AMD Reservation Manager) -- C:\Program Files\ATI Technologies\ATI.ACE\Reservation Manager\AMD Reservation Manager.exe (Advanced Micro Devices)
SRV:64bit: - (26dc2c7a) -- C:\Windows\SysNative\rundll32.exe (Microsoft Corporation)
SRV - (AdobeFlashPlayerUpdateSvc) -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe (Adobe Systems Incorporated)
SRV - (MgAssistService) -- C:\Program Files (x86)\Mobogenie\MgAssist.exe ()
SRV - (Application Updater) -- C:\Program Files (x86)\Application Updater\ApplicationUpdater.exe (Spigot, Inc.)
SRV - (TuneUp.UtilitiesSvc) -- C:\Program Files (x86)\TuneUp Utilities 2014\TuneUpUtilitiesService64.exe (TuneUp Software)
SRV - (BBUpdate) -- C:\Program Files (x86)\Microsoft\BingBar\7.3.124.0\SeaPort.EXE (Microsoft Corporation.)
SRV - (BBSvc) -- C:\Program Files (x86)\Microsoft\BingBar\7.3.124.0\BBSvc.EXE (Microsoft Corporation.)
SRV - (HP Support Assistant Service) -- C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSA_Service.exe (Hewlett-Packard Company)
SRV - (IHA_MessageCenter) -- C:\Program Files (x86)\Verizon\IHA_MessageCenter\Bin\Verizon_IHAMessageCenter.exe (Verizon)
SRV - (sftvsa) -- C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe (Microsoft Corporation)
SRV - (sftlist) -- C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe (Microsoft Corporation)
SRV - (MozillaMaintenance) -- C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe (Mozilla Foundation)
SRV - (RealNetworks Downloader Resolver Service) -- C:\Program Files (x86)\RealNetworks\RealDownloader\rndlresolversvc.exe ()
SRV - (AVP) -- C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 2013\avp.exe (Kaspersky Lab ZAO)
SRV - (SkypeUpdate) -- C:\Program Files (x86)\Skype\Updater\Updater.exe (Skype Technologies)
SRV - (nlsX86cc) -- C:\Windows\SysWOW64\nlssrv32.exe (Nalpeiron Ltd.)
SRV - (HPWMISVC) -- C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPWMISVC.exe (Hewlett-Packard Development Company, L.P.)
SRV - (IconMan_R) -- C:\Program Files (x86)\Realtek\Realtek PCIE Card Reader\RIconMan.exe (Realsil Microelectronics Inc.)
SRV - (GamesAppService) -- C:\Program Files (x86)\WildTangent Games\App\GamesAppService.exe (WildTangent, Inc.)
SRV - (RoxioNow Service) -- C:\Program Files (x86)\Roxio\RoxioNow Player\RNowSvc.exe (Roxio)
SRV - (clr_optimization_v4.0.30319_32) -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe (Microsoft Corporation)
SRV - (SwitchBoard) -- C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe (Adobe Systems Incorporated)
SRV - (clr_optimization_v2.0.50727_32) -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe (Microsoft Corporation)
SRV - (PSI_SVC_2) -- C:\Program Files (x86)\Common Files\Protexis\License Service\PsiService_2.exe (Protexis Inc.)
 
 
========== Driver Services (SafeList) ==========
 
DRV:64bit: - (Sftvol) -- C:\Windows\SysNative\drivers\Sftvollh.sys (Microsoft Corporation)
DRV:64bit: - (Sftredir) -- C:\Windows\SysNative\drivers\Sftredirlh.sys (Microsoft Corporation)
DRV:64bit: - (Sftplay) -- C:\Windows\SysNative\drivers\Sftplaylh.sys (Microsoft Corporation)
DRV:64bit: - (Sftfs) -- C:\Windows\SysNative\drivers\Sftfslh.sys (Microsoft Corporation)
DRV:64bit: - (kltdi) -- C:\Windows\SysNative\drivers\kltdi.sys (Kaspersky Lab ZAO)
DRV:64bit: - (Apowersoft_AudioDevice) -- C:\Windows\SysNative\drivers\Apowersoft_AudioDevice.sys (Wondershare)
DRV:64bit: - (kneps) -- C:\Windows\SysNative\drivers\kneps.sys (Kaspersky Lab ZAO)
DRV:64bit: - (KLIF) -- C:\Windows\SysNative\drivers\klif.sys (Kaspersky Lab ZAO)
DRV:64bit: - (klmouflt) -- C:\Windows\SysNative\drivers\klmouflt.sys (Kaspersky Lab)
DRV:64bit: - (klkbdflt) -- C:\Windows\SysNative\drivers\klkbdflt.sys (Kaspersky Lab)
DRV:64bit: - (KLIM6) -- C:\Windows\SysNative\drivers\klim6.sys (Kaspersky Lab ZAO)
DRV:64bit: - (KL1) -- C:\Windows\SysNative\drivers\kl1.sys (Kaspersky Lab ZAO)
DRV:64bit: - (Pcouffin64) -- C:\Windows\SysNative\drivers\pcouffin64a.sys (VSO Software)
DRV:64bit: - (Fs_Rec) -- C:\Windows\SysNative\drivers\fs_rec.sys (Microsoft Corporation)
DRV:64bit: - (STHDA) -- C:\Windows\SysNative\drivers\stwrt64.sys (IDT, Inc.)
DRV:64bit: - (RSPCIESTOR) -- C:\Windows\SysNative\drivers\RtsPStor.sys (Realtek Semiconductor Corp.)
DRV:64bit: - (RTL8167) -- C:\Windows\SysNative\drivers\Rt64win7.sys (Realtek                                            )
DRV:64bit: - (BCM43XX) -- C:\Windows\SysNative\drivers\BCMWL664.SYS (Broadcom Corporation)
DRV:64bit: - (SynTP) -- C:\Windows\SysNative\drivers\SynTP.sys (Synaptics Incorporated)
DRV:64bit: - (USBAAPL64) -- C:\Windows\SysNative\drivers\usbaapl64.sys (Apple, Inc.)
DRV:64bit: - (usbfilter) -- C:\Windows\SysNative\drivers\usbfilter.sys (Advanced Micro Devices)
DRV:64bit: - (amd_sata) -- C:\Windows\SysNative\drivers\amd_sata.sys (Advanced Micro Devices)
DRV:64bit: - (amd_xata) -- C:\Windows\SysNative\drivers\amd_xata.sys (Advanced Micro Devices)
DRV:64bit: - (amdkmdag) -- C:\Windows\SysNative\drivers\atikmdag.sys (ATI Technologies Inc.)
DRV:64bit: - (amdkmdap) -- C:\Windows\SysNative\drivers\atikmpag.sys (Advanced Micro Devices, Inc.)
DRV:64bit: - (amdsata) -- C:\Windows\SysNative\drivers\amdsata.sys (Advanced Micro Devices)
DRV:64bit: - (amdxata) -- C:\Windows\SysNative\drivers\amdxata.sys (Advanced Micro Devices)
DRV:64bit: - (usbbus) -- C:\Windows\SysNative\drivers\lgx64bus.sys (LG Electronics Inc.)
DRV:64bit: - (ElbyCDIO) -- C:\Windows\SysNative\drivers\ElbyCDIO.sys (Elaborate Bytes AG)
DRV:64bit: - (HpSAMD) -- C:\Windows\SysNative\drivers\HpSAMD.sys (Hewlett-Packard Company)
DRV:64bit: - (TsUsbFlt) -- C:\Windows\SysNative\drivers\TsUsbFlt.sys (Microsoft Corporation)
DRV:64bit: - (sdbus) -- C:\Windows\SysNative\drivers\sdbus.sys (Microsoft Corporation)
DRV:64bit: - (sscdserd) -- C:\Windows\SysNative\drivers\sscdserd.sys (MCCI Corporation)
DRV:64bit: - (sscdmdm) -- C:\Windows\SysNative\drivers\sscdmdm.sys (MCCI Corporation)
DRV:64bit: - (sscdbus) -- C:\Windows\SysNative\drivers\sscdbus.sys (MCCI Corporation)
DRV:64bit: - (sscdmdfl) -- C:\Windows\SysNative\drivers\sscdmdfl.sys (MCCI Corporation)
DRV:64bit: - (ivusb) -- C:\Windows\SysNative\drivers\ivusb.sys (Initio Corporation)
DRV:64bit: - (AtiPcie) -- C:\Windows\SysNative\drivers\AtiPcie64.sys (Advanced Micro Devices Inc.)
DRV:64bit: - (AtiHdmiService) -- C:\Windows\SysNative\drivers\AtiHdmi.sys (ATI Technologies, Inc.)
DRV:64bit: - (amdiox64) -- C:\Windows\SysNative\drivers\amdiox64.sys (Advanced Micro Devices)
DRV:64bit: - (amdsbs) -- C:\Windows\SysNative\drivers\amdsbs.sys (AMD Technologies Inc.)
DRV:64bit: - (LSI_SAS2) -- C:\Windows\SysNative\drivers\lsi_sas2.sys (LSI Corporation)
DRV:64bit: - (stexstor) -- C:\Windows\SysNative\drivers\stexstor.sys (Promise Technology)
DRV:64bit: - (WSDPrintDevice) -- C:\Windows\SysNative\drivers\WSDPrint.sys (Microsoft Corporation)
DRV:64bit: - (WSDScan) -- C:\Windows\SysNative\drivers\WSDScan.sys (Microsoft Corporation)
DRV:64bit: - (SrvHsfV92) -- C:\Windows\SysNative\drivers\VSTDPV6.SYS (Conexant Systems, Inc.)
DRV:64bit: - (SrvHsfWinac) -- C:\Windows\SysNative\drivers\VSTCNXT6.SYS (Conexant Systems, Inc.)
DRV:64bit: - (SrvHsfHDA) -- C:\Windows\SysNative\drivers\VSTAZL6.SYS (Conexant Systems, Inc.)
DRV:64bit: - (igfx) -- C:\Windows\SysNative\drivers\igdkmd64.sys (Intel Corporation)
DRV:64bit: - (yukonw7) -- C:\Windows\SysNative\drivers\yk62x64.sys (Marvell)
DRV:64bit: - (netw5v64) -- C:\Windows\SysNative\drivers\netw5v64.sys (Intel Corporation)
DRV:64bit: - (ebdrv) -- C:\Windows\SysNative\drivers\evbda.sys (Broadcom Corporation)
DRV:64bit: - (b06bdrv) -- C:\Windows\SysNative\drivers\bxvbda.sys (Broadcom Corporation)
DRV:64bit: - (b57nd60a) -- C:\Windows\SysNative\drivers\b57nd60a.sys (Broadcom Corporation)
DRV:64bit: - (hcw85cir) -- C:\Windows\SysNative\drivers\hcw85cir.sys (Hauppauge Computer Works, Inc.)
DRV:64bit: - (GEARAspiWDM) -- C:\Windows\SysNative\drivers\GEARAspiWDM.sys (GEAR Software Inc.)
DRV:64bit: - (ManyCam) -- C:\Windows\SysNative\drivers\ManyCam_x64.sys (ManyCam LLC.)
DRV - (TuneUpUtilitiesDrv) -- C:\Program Files (x86)\TuneUp Utilities 2014\TuneUpUtilitiesDriver64.sys (TuneUp Software)
DRV - (WIMMount) -- C:\Windows\SysWOW64\drivers\wimmount.sys (Microsoft Corporation)
 
 
========== Standard Registry (SafeList) ==========
 
 
========== Internet Explorer ==========
 
IE:64bit: - HKLM\..\SearchScopes,DefaultScope = {9BB47C17-9C68-4BB3-B188-DD9AF0FD2406}
IE:64bit: - HKLM\..\SearchScopes\{2fa28606-de77-4029-af96-b231e3b8f827}: "URL" = http://search.ask.com/web?q={searchterms}&l=dis&o=HPNTDF
IE:64bit: - HKLM\..\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2406}: "URL" = http://dts.search-results.com/sr?src=ieb&appid=169&systemid=406&sr=0&q={searchTerms}
IE:64bit: - HKLM\..\SearchScopes\{b7fca997-d0fb-4fe0-8afd-255e89cf9671}: "URL" = http://search.yahoo.com/search?p={searchTerms}&ei={inputEncoding}&fr=chr-hp-psg&type=HPNTDF
IE:64bit: - HKLM\..\SearchScopes\{d43b3890-80c7-4010-a95d-1e77b5924dc3}: "URL" = http://en.wikipedia.org/wiki/Special:Search?search={searchTerms}
IE:64bit: - HKLM\..\SearchScopes\{D944BB61-2E34-4DBF-A683-47E505C587DC}: "URL" = http://rover.ebay.com/rover/1/711-30572-11896-2/4?mpre=http://shop.ebay.com/?_nkw={searchTerms}
IE:64bit: - HKLM\..\SearchScopes\{ec29edf6-ad3c-4e1c-a087-d6cb81400c43}: "URL" = http://www.bing.com/search?q={searchTerms}&form=HPNTDF&pc=HPNTDF&src=IE-SearchBox
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKLM\..\SearchScopes,DefaultScope = {BB74DE59-BC4C-4172-9AC4-73315F71CFFE}
IE - HKLM\..\SearchScopes\{2fa28606-de77-4029-af96-b231e3b8f827}: "URL" = http://search.ask.com/web?q={searchterms}&l=dis&o=HPNTDF
IE - HKLM\..\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2406}: "URL" = http://dts.search-results.com/sr?src=ieb&appid=169&systemid=406&sr=0&q={searchTerms}
IE - HKLM\..\SearchScopes\{b7fca997-d0fb-4fe0-8afd-255e89cf9671}: "URL" = http://search.yahoo.com/search?p={searchTerms}&ei={inputEncoding}&fr=chr-hp-psg&type=HPNTDF
IE - HKLM\..\SearchScopes\{d43b3890-80c7-4010-a95d-1e77b5924dc3}: "URL" = http://en.wikipedia.org/wiki/Special:Search?search={searchTerms}
IE - HKLM\..\SearchScopes\{D944BB61-2E34-4DBF-A683-47E505C587DC}: "URL" = http://rover.ebay.com/rover/1/711-30572-11896-2/4?mpre=http://shop.ebay.com/?_nkw={searchTerms}
IE - HKLM\..\SearchScopes\{ec29edf6-ad3c-4e1c-a087-d6cb81400c43}: "URL" = http://www.bing.com/search?q={searchTerms}&form=HPNTDF&pc=HPNTDF&src=IE-SearchBox
 
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://g.msn.com/HPNOT/1
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Secondary Start Pages = http://start.alawar.ru/?pid=1683 [binary data]
IE - HKCU\..\URLSearchHook: {CA3EB689-8F09-4026-AA10-B9534C691CE0} - C:\Program Files (x86)\AllGamesHome Toolbar\tbunsqD23C.tmp\tbhelper.dll ()
IE - HKCU\..\URLSearchHook: {E634228A-03CF-4BC8-B0AB-668257F1FD8C} - C:\Program Files (x86)\FreeRIP Toolbar\IE\8.8\freeripToolbarIE.dll (Spigot, Inc.)
IE - HKCU\..\SearchScopes,DefaultScope = {BB74DE59-BC4C-4172-9AC4-73315F71CFFE}
IE - HKCU\..\SearchScopes\{2fa28606-de77-4029-af96-b231e3b8f827}: "URL" = http://search.ask.com/web?q={searchterms}&l=dis&o=HPNTDF
IE - HKCU\..\SearchScopes\{96bd48dd-741b-41ae-ac4a-aff96ba00f7e}: "URL" = http://start.allgameshome.com/results.php?category=web&s={searchTerms}
IE - HKCU\..\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2406}: "URL" = http://dts.search-results.com/sr?src=ieb&appid=169&systemid=406&sr=0&q={searchTerms}
IE - HKCU\..\SearchScopes\{b7fca997-d0fb-4fe0-8afd-255e89cf9671}: "URL" = http://search.yahoo.com/search?fr=chr-greentree_ie&ei=utf-8&ilc=12&type=386496&p={searchTerms}
IE - HKCU\..\SearchScopes\{d43b3890-80c7-4010-a95d-1e77b5924dc3}: "URL" = http://en.wikipedia.org/wiki/Special:Search?search={searchTerms}
IE - HKCU\..\SearchScopes\{D944BB61-2E34-4DBF-A683-47E505C587DC}: "URL" = http://rover.ebay.com/rover/1/711-30572-11896-2/4?mpre=http://shop.ebay.com/?_nkw={searchTerms}
IE - HKCU\..\SearchScopes\{ec29edf6-ad3c-4e1c-a087-d6cb81400c43}: "URL" = http://www.bing.com/search?q={searchTerms}&form=HPNTDF&pc=HPNTDF&src=IE-SearchBox
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 
========== FireFox ==========
 
FF - user.js - File not found
 
FF:64bit: - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF64_12_0_0_77.dll File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@divx.com/DivX VOD Helper,version=1.0.0: C:\Program Files\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)
FF:64bit: - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.)
FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files\Microsoft Silverlight\5.1.20913.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_12_0_0_77.dll ()
FF - HKLM\Software\MozillaPlugins\@adobe.com/ShockwavePlayer: C:\Windows\SysWOW64\Adobe\Director\np32dsw_1165635.dll (Adobe Systems, Inc.)
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=:  File not found
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF - HKLM\Software\MozillaPlugins\@divx.com/DivX Browser Plugin,version=1.0.0: C:\Program Files (x86)\DivX\DivX Plus Web Player\npdivx32.dll (DivX, LLC)
FF - HKLM\Software\MozillaPlugins\@divx.com/DivX VOD Helper,version=1.0.0: C:\Program Files (x86)\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)
FF - HKLM\Software\MozillaPlugins\@foxitsoftware.com/Foxit PhantomPDF Plugin,version=1.0,application/pdf: I:\SOFTWARES\Foxit.PhantomPDF.Business.6.0.10.1213\Foxit PhantomPDF\plugins\npFoxitPhantomPDFPlugin.dll File not found
FF - HKLM\Software\MozillaPlugins\@foxitsoftware.com/Foxit PhantomPDF Plugin,version=1.0,application/vnd.fdf: I:\SOFTWARES\Foxit.PhantomPDF.Business.6.0.10.1213\Foxit PhantomPDF\plugins\npFoxitPhantomPDFPlugin.dll File not found
FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.25.2: C:\Windows\SysWOW64\npDeployJava1.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.25.2: C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files (x86)\Microsoft Silverlight\5.1.20913.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/SharePoint,version=14.0: C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3502.0922: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3508.1109: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@real.com/nppl3260;version=16.0.1.18: c:\program files (x86)\real\realplayer\Netscape6\nppl3260.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprndlchromebrowserrecordext;version=1.3.1: C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlchromebrowserrecordext.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprndlhtml5videoshim;version=1.3.1: C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlhtml5videoshim.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprndlpepperflashvideoshim;version=1.3.1: C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlpepperflashvideoshim.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprpplugin;version=16.0.1.18: c:\program files (x86)\real\realplayer\Netscape6\nprpplugin.dll (RealPlayer)
FF - HKLM\Software\MozillaPlugins\@realnetworks.com/npdlplugin;version=1: C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\npdlplugin.dll (RealDownloader)
FF - HKLM\Software\MozillaPlugins\@WildTangent.com/GamesAppPresenceDetector,Version=1.0: C:\Program Files (x86)\WildTangent Games\App\BrowserIntegration\Registered\3\NP_wtapp.dll ()
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF - HKCU\Software\MozillaPlugins\@talk.google.com/GoogleTalkPlugin: C:\Users\Re\AppData\Roaming\Mozilla\plugins\npgoogletalk.dll (Google)
FF - HKCU\Software\MozillaPlugins\@talk.google.com/O1DPlugin: C:\Users\Re\AppData\Roaming\Mozilla\plugins\npo1d.dll (Google)
FF - HKCU\Software\MozillaPlugins\@talk.google.com/O3DPlugin: C:\Users\Re\AppData\Roaming\Mozilla\plugins\npgtpo3dautoplugin.dll ()
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Users\Re\AppData\Local\Google\Update\1.3.22.5\npGoogleUpdate3.dll (Google Inc.)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Users\Re\AppData\Local\Google\Update\1.3.22.5\npGoogleUpdate3.dll (Google Inc.)
 
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\virtualKeyboard@kaspersky.ru: C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 2012\FFExt\virtualKeyboard@kaspersky.ru
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{ABDE892B-13A8-4d1b-88E6-365A6E755758}: C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\Firefox\Ext
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{98e34367-8df7-42b4-837b-20b892ff0847}: G:\JewelQuestCollection-Skidrow\iWin Games\firefox\
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{97E22097-9A2F-45b1-8DAF-36AD648C7EF4}: C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\Firefox\Ext
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{23fcfd51-4958-4f00-80a3-ae97e717ed8b}: C:\Program Files (x86)\DivX\DivX Plus Web Player\firefox\DivXHTML5 [2012/08/02 19:58:25 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\url_advisor@kaspersky.com: C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 2013\FFExt\url_advisor@kaspersky.com [2013/04/23 12:01:31 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\virtual_keyboard@kaspersky.com: C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 2013\FFExt\virtual_keyboard@kaspersky.com [2013/04/23 12:01:31 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\content_blocker@kaspersky.com: C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 2013\FFExt\content_blocker@kaspersky.com [2013/04/23 12:01:31 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{DAC3F861-B30D-40dd-9166-F4E75327FAC7}: C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\Firefox\Ext\ [2013/04/03 13:30:28 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 16.0.2\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2013/09/24 17:43:32 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 16.0.2\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2014/02/12 11:02:17 | 000,000,000 | ---D | M]
 
[2012/02/25 02:01:29 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Re\AppData\Roaming\Mozilla\Extensions
[2014/03/03 15:04:43 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Re\AppData\Roaming\Mozilla\Firefox\Profiles\aumcxv1e.default\extensions
[2012/09/06 20:34:22 | 000,000,000 | ---D | M] (AllGamesHome Toolbar) -- C:\Users\Re\AppData\Roaming\Mozilla\Firefox\Profiles\aumcxv1e.default\extensions\{317EB79C-82C1-4D5A-9D04-342BAA96B7C0}
[2014/01/20 19:58:56 | 000,000,000 | ---D | M] (Start Page) -- C:\Users\Re\AppData\Roaming\Mozilla\Firefox\Profiles\aumcxv1e.default\extensions\{58d2a791-6199-482f-a9aa-9b725ec61362}
[2013/12/06 15:39:11 | 000,000,000 | ---D | M] ("AOL Toolbar") -- C:\Users\Re\AppData\Roaming\Mozilla\Firefox\Profiles\aumcxv1e.default\extensions\{7affbfae-c4e2-4915-8c0f-00fa3ec610a1}
[2013/09/24 17:43:21 | 000,000,000 | ---D | M] (Verizon Toolbar) -- C:\Users\Re\AppData\Roaming\Mozilla\Firefox\Profiles\aumcxv1e.default\extensions\{96ce3418-8ef3-45b5-8808-de5dbe03fb13}
[2012/02/25 02:01:27 | 000,000,000 | ---D | M] (Searchqu Toolbar) -- C:\Users\Re\AppData\Roaming\Mozilla\Firefox\Profiles\aumcxv1e.default\extensions\{99079a25-328f-4bd4-be04-00955acaa0a7}
[2012/05/08 16:27:41 | 000,000,000 | ---D | M] (DownloadnSave) -- C:\Users\Re\AppData\Roaming\Mozilla\Firefox\Profiles\aumcxv1e.default\extensions\4fa25d0a0cf2c@4fa25d0a0cf2e.info
[2013/12/06 20:12:57 | 000,000,000 | ---D | M] ("Downandsave") -- C:\Users\Re\AppData\Roaming\Mozilla\Firefox\Profiles\aumcxv1e.default\extensions\crossriderapp12331@crossrider.com
[2014/01/20 19:58:48 | 000,000,000 | ---D | M] (Slick Savings) -- C:\Users\Re\AppData\Roaming\Mozilla\Firefox\Profiles\aumcxv1e.default\extensions\savingsslider@mybrowserbar.com
[2014/03/03 15:06:13 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Re\AppData\Roaming\Mozilla\Firefox\Profiles\aumcxv1e.default\extensions\staged
[2013/04/10 11:46:42 | 000,000,000 | ---D | M] (EbookBoroowsea) -- C:\Users\Re\AppData\Roaming\Mozilla\Firefox\Profiles\aumcxv1e.default\extensions\tr0whnl@iao-rx.net
[2013/12/27 15:05:04 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Re\AppData\Roaming\Mozilla\Firefox\Profiles\aumcxv1e.default\extensions\crossriderapp12331@crossrider.com\extensionData
[2013/12/27 15:05:15 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Re\AppData\Roaming\Mozilla\Firefox\Profiles\aumcxv1e.default\extensions\crossriderapp12331@crossrider.com\extensionData\plugins
[2013/12/27 15:05:16 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Re\AppData\Roaming\Mozilla\Firefox\Profiles\aumcxv1e.default\extensions\crossriderapp12331@crossrider.com\extensionData\userCode
[2013/06/25 20:43:39 | 000,204,344 | ---- | M] () (No name found) -- C:\Users\Re\AppData\Roaming\Mozilla\Firefox\Profiles\aumcxv1e.default\extensions\OneClickDownloader@OneClickDownloader.com.xpi
[2011/08/15 16:01:42 | 000,004,551 | ---- | M] () (No name found) -- C:\Users\Re\AppData\Roaming\Mozilla\Firefox\Profiles\aumcxv1e.default\extensions\support@platinumhideip.com.xpi
[2012/09/17 12:06:42 | 000,128,244 | ---- | M] () (No name found) -- C:\Users\Re\AppData\Roaming\Mozilla\Firefox\Profiles\aumcxv1e.default\extensions\{1DEC6447-C74F-4886-9002-202C27C703F1}.xpi
[2013/07/29 11:10:45 | 000,275,262 | ---- | M] () (No name found) -- C:\Users\Re\AppData\Roaming\Mozilla\Firefox\Profiles\aumcxv1e.default\extensions\{e4a8a97b-f2ed-450b-b12d-ee082ba24781}.xpi
[2012/09/20 10:39:00 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\Mozilla Firefox\extensions
[2012/09/20 10:39:01 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0035-ABCDEFFEDCBA}
[2011/05/14 18:28:27 | 000,000,000 | ---D | M] (Kaspersky URL Advisor) -- C:\Program Files (x86)\Mozilla Firefox\extensions\linkfilter@kaspersky.ru_bak
[2013/05/30 11:00:34 | 000,261,600 | ---- | M] (Mozilla Foundation) -- C:\Program Files (x86)\mozilla firefox\components\browsercomps.dll
[2012/04/19 07:04:05 | 002,179,072 | ---- | M] (DNAML Pty Ltd) -- C:\Program Files (x86)\mozilla firefox\plugins\npdbplug.dll
[2013/04/03 13:29:55 | 000,124,504 | ---- | M] (RealPlayer) -- C:\Program Files (x86)\mozilla firefox\plugins\nprpplugin.dll
[2013/05/30 11:00:31 | 000,002,465 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\bing.xml
[2012/07/08 11:09:01 | 000,002,134 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\search.xml
[2012/02/25 02:01:23 | 000,002,519 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\Search_Results.xml
[2013/05/30 11:00:31 | 000,002,058 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\twitter.xml
[2011/06/01 16:35:28 | 000,002,566 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\verizontb.xml
 
========== Chrome  ==========
 
CHR - default_search_provider: Google (Enabled)
CHR - default_search_provider: search_url = {google:baseURL}search?q={searchTerms}&{google:RLZ}{google:originalQueryForSuggestion}{google:assistedQueryStats}{google:searchFieldtrialParameter}{google:bookmarkBarPinned}{google:searchClient}{google:sourceId}{google:instantExtendedEnabledParameter}{google:omniboxStartMarginParameter}ie={inputEncoding}
CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client={google:suggestClient}&gs_ri={google:suggestRid}&xssi=t&q={searchTerms}&{google:cursorPosition}{google:currentPageUrl}{google:pageClassification}sugkey={google:suggestAPIKeyParameter},
CHR - plugin: Error reading preferences file
CHR - Extension: DownloadnSave = C:\Users\Re\AppData\Local\Google\Chrome\User Data\Default\Extensions\adllkfgdnokmolcgeknconkocfgekmpk\1.0_1\
CHR - Extension: Kaspersky URL Advisor = C:\Users\Re\AppData\Local\Google\Chrome\User Data\Default\Extensions\dchlnpcodkpfdpacogkljefecpegganj\13.0.1.4190_1\
CHR - Extension: EasyDrop = C:\Users\Re\AppData\Local\Google\Chrome\User Data\Default\Extensions\flogpfmjdekjoilcnmmchanikomlidie\202\
CHR - Extension: Ebay Shopping Assistant by Spigot = C:\Users\Re\AppData\Local\Google\Chrome\User Data\Default\Extensions\hbcennhacfaagdopikcegfcobcadeocj\1.1_1\
CHR - Extension: Content Blocker = C:\Users\Re\AppData\Local\Google\Chrome\User Data\Default\Extensions\hghkgaeecgjhjkannahfamoehjmkjail\13.0.1.4190_1\
CHR - Extension: Domain Error Assistant = C:\Users\Re\AppData\Local\Google\Chrome\User Data\Default\Extensions\icdlfehblmklkikfigmjhbmmpmkmpooj\1.3_1\
CHR - Extension: YoutubeAdblocker = C:\Users\Re\AppData\Local\Google\Chrome\User Data\Default\Extensions\idcpmelcbmpjkeohkbngnlfpapnfnnmn\1.0\
CHR - Extension: RealDownloader = C:\Users\Re\AppData\Local\Google\Chrome\User Data\Default\Extensions\idhngdhcfkoamngbedgpaokgjbnpdiji\1.3.1_1\
CHR - Extension: Virtual Keyboard = C:\Users\Re\AppData\Local\Google\Chrome\User Data\Default\Extensions\jagncdcchgajhfhijbbhecadmaiegcmh\13.0.1.4292_1\
CHR - Extension: Slick Savings = C:\Users\Re\AppData\Local\Google\Chrome\User Data\Default\Extensions\mhkaekfpcppmmioggniknbnbdbcigpkk\2.4_1\
CHR - Extension: Google Wallet = C:\Users\Re\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.6.1_1\
CHR - Extension: DivX Plus Web Player HTML5 \u003Cvideo> = C:\Users\Re\AppData\Local\Google\Chrome\User Data\Default\Extensions\nneajnkjbffgblleaoojgaacokifdkhm\2.1.2.145_1\
CHR - Extension: wwebsaeve = C:\Users\Re\AppData\Local\Google\Chrome\User Data\Default\Extensions\omilgcjaonhaenfbikdfcbabkbpllihc\3.7\
CHR - Extension: Amazon Shopping Assistant by Spigot = C:\Users\Re\AppData\Local\Google\Chrome\User Data\Default\Extensions\pfndaklgolladniicklehhancnlgocpp\1.0_1\
CHR - Extension: Downandsave = C:\Users\Re\AppData\Local\Google\Chrome\User Data\Default\Extensions\ppgjgejknhoafbgicpmmaiiikobkpfjm\1.19.8_0\crossrider
CHR - Extension: Downandsave = C:\Users\Re\AppData\Local\Google\Chrome\User Data\Default\Extensions\ppgjgejknhoafbgicpmmaiiikobkpfjm\1.19.8_0\
 
O1 HOSTS File: ([2012/09/15 16:35:37 | 000,000,862 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts
O1 - Hosts: C:\Windows\system32\drivers\etc\hosts:
O2:64bit: - BHO: (Slick Savings) - {34A0D84B-CDDC-4EC4-AFDD-4F1DDE1D14E5} - C:\Users\Re\AppData\Roaming\Slick Savings\Coupons64.dll (Spigot, Inc.)
O2:64bit: - BHO: (Content Blocker Plugin) - {5564CC73-EFA7-4CBF-918A-5CF7FBBFFF4F} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 2013\x64\IEExt\ContentBlocker\ie_content_blocker_plugin.dll (Kaspersky Lab ZAO)
O2:64bit: - BHO: (Virtual Keyboard Plugin) - {73455575-E40C-433C-9784-C78DC7761455} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 2013\x64\IEExt\VirtualKeyboard\ie_virtual_keyboard_plugin.dll (Kaspersky Lab ZAO)
O2:64bit: - BHO: (websave) - {7C528E70-9943-C05A-9065-98C48D4D5A3D} - C:\Program Files (x86)\websave\J0q.x64.dll ()
O2:64bit: - BHO: (DataMngr) - {9D717F81-9148-4f12-8568-69135F087DB0} - C:\Program Files (x86)\Windows iLivid Toolbar\Datamngr\x64\BrowserConnection.dll (Bandoo Media, inc)
O2:64bit: - BHO: (SNT) - {CB7DA989-D0F8-5994-0F5C-4B266E761070} - C:\Program Files (x86)\SNT\d6udcYb5.x64.dll ()
O2:64bit: - BHO: (Bing Bar Helper) - {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - C:\Program Files (x86)\Microsoft\BingBar\7.3.124.0\amd64\BingExt.dll (Microsoft Corporation.)
O2:64bit: - BHO: (URL Advisor Plugin) - {E33CF602-D945-461A-83F0-819F76A199F8} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 2013\x64\IEExt\UrlAdvisor\klwtbbho.dll (Kaspersky Lab ZAO)
O2:64bit: - BHO: (HP Network Check Helper) - {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPluginx64.dll (Hewlett-Packard)
O2:64bit: - BHO: (YoutubeAdblocker) - {F13C2243-56BF-CACB-ED59-995B8BE86511} - C:\Program Files (x86)\YoutubeAdblocker\EDCNUcV.x64.dll ()
O2 - BHO: (Downandsave) - {11111111-1111-1111-1111-110111231131} - C:\Program Files (x86)\Downandsave\Downandsave.dll (Savings group)
O2 - BHO: (RealNetworks Download and Record Plugin for Internet Explorer) - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\IE\rndlbrowserrecordplugin.dll (RealDownloader)
O2 - BHO: (Slick Savings) - {34A0D84B-CDDC-4EC4-AFDD-4F1DDE1D14E5} - C:\Users\Re\AppData\Roaming\Slick Savings\Coupons.dll (Spigot, Inc.)
O2 - BHO: (AOL Toolbar Loader) - {3ef64538-8b54-4573-b48f-4d34b0238ab2} - C:\Program Files (x86)\AOL Toolbar\aoltb.dll (AOL Inc.)
O2 - BHO: (DownloadnSave Class) - {47FBEE54-6DAE-4879-878D-8E709AA3F990} - C:\ProgramData\DownloadnSave\bhoclass.dll ()
O2 - BHO: (Content Blocker Plugin) - {5564CC73-EFA7-4CBF-918A-5CF7FBBFFF4F} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 2013\IEExt\ContentBlocker\ie_content_blocker_plugin.dll (Kaspersky Lab ZAO)
O2 - BHO: (Virtual Keyboard Plugin) - {73455575-E40C-433C-9784-C78DC7761455} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 2013\IEExt\VirtualKeyboard\ie_virtual_keyboard_plugin.dll (Kaspersky Lab ZAO)
O2 - BHO: (Java™ Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
O2 - BHO: (websave) - {7C528E70-9943-C05A-9065-98C48D4D5A3D} - C:\Program Files (x86)\websave\J0q.dll ()
O2 - BHO: (IEHlprObj Class) - {8CA5ED52-F3FB-4414-A105-2E3491156990} - G:\JEWELQ~1\IWINGA~1\IWINGA~1.DLL File not found
O2 - BHO: (Updater For Verizon Toolbar) - {96673559-e653-4cdc-8923-f89347a952c0} - C:\Program Files (x86)\verizontb\auxi\verizonAu.dll (Visicom Media)
O2 - BHO: (Searchqu Toolbar) - {99079a25-328f-4bd4-be04-00955acaa0a7} - C:\Program Files (x86)\Windows iLivid Toolbar\Datamngr\ToolBar\searchqudtx.dll ()
O2 - BHO: (DataMngr) - {9D717F81-9148-4f12-8568-69135F087DB0} - C:\Program Files (x86)\Windows iLivid Toolbar\Datamngr\BrowserConnection.dll (Bandoo Media, inc)
O2 - BHO: (SNT) - {CB7DA989-D0F8-5994-0F5C-4B266E761070} - C:\Program Files (x86)\SNT\d6udcYb5.dll ()
O2 - BHO: (EbookBoroowsea) - {CD9ACA07-9956-DB86-82D7-49D54A94F31A} - C:\ProgramData\EbookBoroowsea\5160756393110.dll ()
O2 - BHO: (Price Check by AOL) - {D25B97E9-62B2-40CE-BECF-E43A7B879072} - C:\Program Files (x86)\Price Check by AOL\aolpricecheck.dll (AOL Inc.)
O2 - BHO: (Bing Bar Helper) - {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - C:\Program Files (x86)\Microsoft\BingBar\7.3.124.0\BingExt.dll (Microsoft Corporation.)
O2 - BHO: (Java™ Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
O2 - BHO: (URL Advisor Plugin) - {E33CF602-D945-461A-83F0-819F76A199F8} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 2013\IEExt\UrlAdvisor\klwtbbho.dll (Kaspersky Lab ZAO)
O2 - BHO: (FreeRIP Toolbar) - {E634228A-03CF-4BC8-B0AB-668257F1FD8C} - C:\Program Files (x86)\FreeRIP Toolbar\IE\8.8\freeripToolbarIE.dll (Spigot, Inc.)
O2 - BHO: (HP Network Check Helper) - {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll (Hewlett-Packard)
O2 - BHO: (YoutubeAdblocker) - {F13C2243-56BF-CACB-ED59-995B8BE86511} - C:\Program Files (x86)\YoutubeAdblocker\EDCNUcV.dll ()
O2 - BHO: (Verizon Toolbar) - {f8d96645-337c-419b-8792-b6c126145811} - C:\Program Files (x86)\verizontb\verizonDx.dll ()
O2 - BHO: (TBSB00808 Class) - {FCBCCB87-9224-4B8D-B117-F56D924BEB18} - C:\Program Files (x86)\AllGamesHome Toolbar\tbunsqD23C.tmp\tbcore3.dll ()
O3:64bit: - HKLM\..\Toolbar: (Bing Bar) - {8dcb7100-df86-4384-8842-8fa844297b3f} - C:\Program Files (x86)\Microsoft\BingBar\7.3.124.0\amd64\BingExt.dll (Microsoft Corporation.)
O3:64bit: - HKLM\..\Toolbar: (FreeRIP Toolbar) - {E634228A-03CF-4BC8-B0AB-668257F1FD8C} - C:\Program Files (x86)\FreeRIP Toolbar\IE\8.8\freeripToolbarIE64.dll (Spigot, Inc.)
O3:64bit: - HKLM\..\Toolbar: (no name) - 10 - No CLSID value found.
O3 - HKLM\..\Toolbar: (AllGamesHome Toolbar) - {5FC86FB3-A8B1-400B-8BE7-0EAF0D857F5D} - C:\Program Files (x86)\AllGamesHome Toolbar\tbunsqD23C.tmp\tbcore3.dll ()
O3 - HKLM\..\Toolbar: (Bing Bar) - {8dcb7100-df86-4384-8842-8fa844297b3f} - C:\Program Files (x86)\Microsoft\BingBar\7.3.124.0\BingExt.dll (Microsoft Corporation.)
O3 - HKLM\..\Toolbar: (Searchqu Toolbar) - {99079a25-328f-4bd4-be04-00955acaa0a7} - C:\Program Files (x86)\Windows iLivid Toolbar\Datamngr\ToolBar\searchqudtx.dll ()
O3 - HKLM\..\Toolbar: (AOL Toolbar) - {ba00b7b1-0351-477a-b948-23e3ee5a73d4} - C:\Program Files (x86)\AOL Toolbar\aoltb.dll (AOL Inc.)
O3 - HKLM\..\Toolbar: (FreeRIP Toolbar) - {E634228A-03CF-4BC8-B0AB-668257F1FD8C} - C:\Program Files (x86)\FreeRIP Toolbar\IE\8.8\freeripToolbarIE.dll (Spigot, Inc.)
O3 - HKLM\..\Toolbar: (Verizon Toolbar) - {f8d96645-337c-419b-8792-b6c126145811} - C:\Program Files (x86)\verizontb\verizonDx.dll ()
O3 - HKLM\..\Toolbar: (no name) - 10 - No CLSID value found.
O3 - HKCU\..\Toolbar\WebBrowser: (AllGamesHome Toolbar) - {5FC86FB3-A8B1-400B-8BE7-0EAF0D857F5D} - C:\Program Files (x86)\AllGamesHome Toolbar\tbunsqD23C.tmp\tbcore3.dll ()
O3 - HKCU\..\Toolbar\WebBrowser: (AOL Toolbar) - {BA00B7B1-0351-477A-B948-23E3EE5A73D4} - C:\Program Files (x86)\AOL Toolbar\aoltb.dll (AOL Inc.)
O4:64bit: - HKLM..\Run: [AdobeAAMUpdater-1.0] C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe (Adobe Systems Incorporated)
O4:64bit: - HKLM..\Run: [HPWirelessAssistant] C:\Program Files\Hewlett-Packard\HP Wireless Assistant\DelayedAppStarter.exe ()
O4:64bit: - HKLM..\Run: [SysTrayApp] C:\Program Files\IDT\WDM\sttray64.exe (IDT, Inc.)
O4 - HKLM..\Run: []  File not found
O4 - HKLM..\Run: [AdobeCS6ServiceManager] C:\Program Files (x86)\Common Files\Adobe\CS6ServiceManager\CS6ServiceManager.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [APSDaemon] C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe (Apple Inc.)
O4 - HKLM..\Run: [AVP] C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 2013\avp.exe (Kaspersky Lab ZAO)
O4 - HKLM..\Run: [CLMLServer] C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvc.exe (CyberLink)
O4 - HKLM..\Run: [DATAMNGR] C:\Program Files (x86)\Windows iLivid Toolbar\Datamngr\datamngrUI.exe (Bandoo Media, inc)
O4 - HKLM..\Run: [DivXMediaServer] C:\Program Files (x86)\DivX\DivX Media Server\DivXMediaServer.exe ()
O4 - HKLM..\Run: [HP Quick Launch] C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPMSGSVC.exe (Hewlett-Packard Development Company, L.P.)
O4 - HKLM..\Run: [HPOSD] C:\Program Files (x86)\Hewlett-Packard\HP On Screen Display\HPOSD.exe (Hewlett-Packard Development Company, L.P.)
O4 - HKLM..\Run: [mobilegeni daemon] C:\Program Files (x86)\Mobogenie\DaemonProcess.exe ()
O4 - HKLM..\Run: [SearchSettings] C:\Program Files (x86)\Common Files\Spigot\Search Settings\SearchSettings.exe (Spigot, Inc.)
O4 - HKLM..\Run: [StartCCC] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe (Advanced Micro Devices, Inc.)
O4 - HKLM..\Run: [SwitchBoard] C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [UpdateLBPShortCut] C:\Program Files (x86)\CyberLink\LabelPrint\MUITransfer\MUIStartMenu.exe (CyberLink Corp.)
O4 - HKLM..\Run: [UpdateP2GoShortCut] C:\Program Files (x86)\CyberLink\Power2Go\MUITransfer\MUIStartMenu.exe (CyberLink Corp.)
O4 - HKLM..\Run: [UpdatePSTShortCut] C:\Program Files (x86)\CyberLink\DVD Suite\MUITransfer\MUIStartMenu.exe (CyberLink Corp.)
O4 - HKCU..\Run: [ManyCam] C:\Program Files (x86)\ManyCam\Bin\ManyCam.exe (ManyCam LLC)
O4 - HKCU..\Run: [Plex Media Server] C:\Program Files (x86)\Plex\Plex Media Server\Plex Media Server.exe (Plex, Inc.)
O4 - HKCU..\Run: [RESTART_STICKY_NOTES] C:\Windows\System32\StikyNot.exe File not found
O4 - HKCU..\Run: [Slick Savings] C:\Users\Re\AppData\Roaming\Slick Savings\CouponsHelper.exe (Spigot, Inc.)
O4 - HKCU..\Run: [Xvid] C:\Program Files (x86)\Xvid\CheckUpdate.exe ()
O4:64bit: - HKLM..\RunOnce: [NCPluginUpdater] C:\Program Files (x86)\Hewlett-Packard\HP Health Check\ActiveCheck\product_line\NCPluginUpdater.exe (Hewlett-Packard)
O4 - Startup: C:\Users\Re\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk = C:\Users\Re\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Main present
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 28
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O9:64bit: - Extra Button: Virtual Keyboard - {0C4CC089-D306-440D-9772-464E226F6539} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 2013\x64\IEExt\VirtualKeyboard\ie_virtual_keyboard_plugin.dll (Kaspersky Lab ZAO)
O9:64bit: - Extra Button: @C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPluginx64.dll,-103 - {25510184-5A38-4A99-B273-DCA8EEF6CD08} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\NCLauncherFromIE.exe (Hewlett-Packard)
O9:64bit: - Extra 'Tools' menuitem : @C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPluginx64.dll,-102 - {25510184-5A38-4A99-B273-DCA8EEF6CD08} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\NCLauncherFromIE.exe (Hewlett-Packard)
O9:64bit: - Extra Button: URLs check - {CCF151D8-D089-449F-A5A4-D9909053F20F} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 2013\x64\IEExt\UrlAdvisor\klwtbbho.dll (Kaspersky Lab ZAO)
O9 - Extra Button: Virtual Keyboard - {0C4CC089-D306-440D-9772-464E226F6539} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 2013\IEExt\VirtualKeyboard\ie_virtual_keyboard_plugin.dll (Kaspersky Lab ZAO)
O9 - Extra Button: @C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll,-103 - {25510184-5A38-4A99-B273-DCA8EEF6CD08} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\NCLauncherFromIE.exe (Hewlett-Packard)
O9 - Extra 'Tools' menuitem : @C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll,-102 - {25510184-5A38-4A99-B273-DCA8EEF6CD08} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\NCLauncherFromIE.exe (Hewlett-Packard)
O9 - Extra Button: AllGamesHome Toolbar - {5FC86FB3-A8B1-400B-8BE7-0EAF0D857F5D} - C:\Program Files (x86)\AllGamesHome Toolbar\tbunsqD23C.tmp\tbcore3.dll ()
O9 - Extra 'Tools' menuitem : AllGamesHome Toolbar - {5FC86FB3-A8B1-400B-8BE7-0EAF0D857F5D} - C:\Program Files (x86)\AllGamesHome Toolbar\tbunsqD23C.tmp\tbcore3.dll ()
O9 - Extra Button: URLs check - {CCF151D8-D089-449F-A5A4-D9909053F20F} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 2013\IEExt\UrlAdvisor\klwtbbho.dll (Kaspersky Lab ZAO)
O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000009 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000009 [] - C:\Program Files (x86)\Bonjour\mdnsNSP.dll (Apple Inc.)
O1364bit: - gopher Prefix: missing
O13 - gopher Prefix: missing
O15 - HKCU\..Trusted Domains: verizon.net ([activate] https in Trusted sites)
O15 - HKCU\..Trusted Domains: verizon.net ([activatemydsl] https in Trusted sites)
O15 - HKCU\..Trusted Domains: verizon.net ([activatemyfios] https in Trusted sites)
O15 - HKCU\..Trusted Domains: verizon.net ([activatemyhsi] https in Trusted sites)
O15 - HKCU\..Trusted Domains: verizon.net ([activatemywifi] https in Trusted sites)
O15 - HKCU\..Trusted Domains: verizon.net ([wbadownload] https in Trusted sites)
O16:64bit: - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_22-windows-i586.cab (Java Plug-in 1.6.0_22)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_35-windows-i586.cab (Java Plug-in 10.25.2)
O16 - DPF: {CAFEEFAC-0016-0000-0035-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_35-windows-i586.cab (Java Plug-in 1.6.0_35)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_35-windows-i586.cab (Java Plug-in 10.25.2)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{484976D6-2809-4230-AEDB-18D7EE0A6604}: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{DABEF533-2E3A-447A-B37B-19C2C572A8A6}: DhcpNameServer = 192.168.1.1
O18:64bit: - Protocol\Handler\livecall - No CLSID value found
O18:64bit: - Protocol\Handler\msnim - No CLSID value found
O18:64bit: - Protocol\Handler\skype4com - No CLSID value found
O18:64bit: - Protocol\Handler\wlmailhtml - No CLSID value found
O18:64bit: - Protocol\Handler\wlpg - No CLSID value found
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O20:64bit: - AppInit_DLLs: (C:\PROGRA~2\WI3C8A~1\Datamngr\x64\datamngr.dll) - C:\Program Files (x86)\Windows iLivid Toolbar\Datamngr\x64\datamngr.dll (Bandoo Media, inc)
O20:64bit: - AppInit_DLLs: (C:\PROGRA~2\WI3C8A~1\Datamngr\x64\IEBHO.dll) - C:\Program Files (x86)\Windows iLivid Toolbar\Datamngr\x64\IEBHO.dll (Bandoo Media, inc)
O20:64bit: - AppInit_DLLs: (C:\PROGRA~3\WEBGEN~1\WEBGEN~2.DLL) - C:\ProgramData\WebGeniuos\WebGeniuos_x64.dll ()
O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (userinit.exe) - C:\Windows\SysWow64\userinit.exe (Microsoft Corporation)
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O32 - HKLM CDRom: AutoRun - 1
O33 - MountPoints2\{44526b81-2f2a-11e2-8456-2c27d7c3f314}\Shell - "" = AutoRun
O33 - MountPoints2\{44526b81-2f2a-11e2-8456-2c27d7c3f314}\Shell\AutoRun\command - "" = I:\LaunchU3.exe -a
O33 - MountPoints2\{5fd8acd3-9eda-11e1-8532-2c27d7c3f314}\Shell - "" = AutoRun
O33 - MountPoints2\{5fd8acd3-9eda-11e1-8532-2c27d7c3f314}\Shell\AutoRun\command - "" = G:\TL_Bootstrap.exe
O33 - MountPoints2\{e580fbb7-3d32-11e1-976b-2c27d7c3f314}\Shell - "" = AutoRun
O33 - MountPoints2\{e580fbb7-3d32-11e1-976b-2c27d7c3f314}\Shell\AutoRun\command - "" = G:\TL_Bootstrap.exe
O34 - HKLM BootExecute: (autocheck autochk *)
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)
 
========== Files/Folders - Created Within 30 Days ==========
 
[2014/03/12 19:35:26 | 000,602,112 | ---- | C] (OldTimer Tools) -- C:\Users\Re\Desktop\OTL.exe
[2014/03/09 23:45:57 | 000,040,760 | ---- | C] (TuneUp Software) -- C:\Windows\SysNative\TURegOpt.exe
[2014/03/09 23:45:48 | 000,029,496 | ---- | C] (TuneUp Software) -- C:\Windows\SysNative\authuitu.dll
[2014/03/09 23:45:48 | 000,025,400 | ---- | C] (TuneUp Software) -- C:\Windows\SysWow64\authuitu.dll
[2014/03/09 23:45:34 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TuneUp Utilities 2014
[2014/03/09 23:45:04 | 000,000,000 | ---D | C] -- C:\Users\Re\AppData\Roaming\TuneUp Software
[2014/03/09 23:44:30 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\TuneUp Utilities 2014
[2014/03/09 23:42:19 | 000,000,000 | ---D | C] -- C:\ProgramData\TuneUp Software
[2014/03/09 23:41:58 | 000,000,000 | -HSD | C] -- C:\ProgramData\{FE8D473A-6F06-4F99-B5F4-BED72B2A038C}
[2014/03/09 23:41:58 | 000,000,000 | -H-D | C] -- C:\ProgramData\Common Files
[2014/03/06 11:58:50 | 000,000,000 | ---D | C] -- C:\temp_dvd
[2014/03/06 11:58:50 | 000,000,000 | ---D | C] -- C:\ProgramData\DVD-Cloner
[2014/03/06 11:58:39 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DVD-Cloner
[2014/03/06 11:58:26 | 000,000,000 | ---D | C] -- C:\Users\Re\AppData\Roaming\DVD-Cloner
[2014/03/06 10:56:59 | 000,000,000 | ---D | C] -- C:\Users\Re\AppData\Roaming\Pavtube
[2014/03/06 10:55:31 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Pavtube
[2014/03/06 10:47:08 | 000,000,000 | ---D | C] -- C:\Users\Re\Documents\CuteDJ
[2014/03/06 10:46:42 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CuteDJ
[2014/03/03 15:06:20 | 000,000,000 | ---D | C] -- C:\ProgramData\SNT
[2014/03/03 15:06:13 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\SNT
[2014/03/03 15:06:01 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Image Cartoonizer
[2014/03/03 15:05:38 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\X86
[2014/03/03 15:05:38 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\EZDownloader
[2014/03/03 15:05:38 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\EZDownloader
[2014/03/03 15:05:38 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\AMD64
[2014/03/03 15:05:31 | 000,000,000 | ---D | C] -- C:\ProgramData\Right Soft
[2014/03/03 15:05:07 | 000,000,000 | ---D | C] -- C:\ProgramData\YoutubeAdblocker
[2014/03/03 15:05:06 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\YoutubeAdblocker
[2014/03/03 15:04:55 | 000,000,000 | ---D | C] -- C:\ProgramData\websave
[2014/03/03 15:04:55 | 000,000,000 | ---D | C] -- C:\Users\Re\AppData\Local\Packages
[2014/03/03 15:04:54 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\websave
[2014/03/03 15:04:43 | 000,000,000 | ---D | C] -- C:\Users\Re\AppData\Local\Torch
[2014/03/03 15:04:43 | 000,000,000 | ---D | C] -- C:\Users\Re\AppData\Local\Comodo
[2014/03/03 15:04:43 | 000,000,000 | ---D | C] -- C:\ProgramData\bb599e7c081cff2a
[2014/02/27 20:48:00 | 000,000,000 | ---D | C] -- C:\Users\Re\AppData\Local\{686C416B-845D-4BA2-BF45-0EC44C55D091}
[2014/02/27 09:38:33 | 000,000,000 | ---D | C] -- C:\Users\Re\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinKnit Ver5.1
[2014/02/25 10:22:10 | 000,548,864 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\vbscript.dll
[2014/02/24 22:01:28 | 000,195,584 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msrating.dll
[2014/02/24 22:01:28 | 000,164,864 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msrating.dll
[2014/02/24 22:01:26 | 000,440,832 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieui.dll
[2014/02/24 22:01:25 | 000,574,976 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieui.dll
[2014/02/24 22:01:23 | 000,218,624 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ie4uinit.exe
[2014/02/24 22:01:23 | 000,033,792 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\iernonce.dll
[2014/02/24 22:01:23 | 000,004,096 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieetwcollectorres.dll
[2014/02/24 22:01:22 | 000,627,200 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msfeeds.dll
[2014/02/24 22:01:22 | 000,139,264 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieUnatt.exe
[2014/02/24 22:01:22 | 000,112,128 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieUnatt.exe
[2014/02/24 22:01:22 | 000,061,952 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\iesetup.dll
[2014/02/24 22:01:21 | 000,111,616 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieetwcollector.exe
[2014/02/24 22:01:21 | 000,066,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\iesetup.dll
[2014/02/24 22:01:21 | 000,051,200 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieetwproxystub.dll
[2014/02/24 22:01:21 | 000,048,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieetwproxystub.dll
[2014/02/24 22:01:21 | 000,032,768 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\iernonce.dll
[2014/02/24 22:01:20 | 000,817,664 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieapfltr.dll
[2014/02/24 22:01:20 | 000,708,608 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\jscript9diag.dll
[2014/02/24 22:01:20 | 000,703,488 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieapfltr.dll
[2014/02/24 22:01:20 | 000,553,472 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\jscript9diag.dll
[2014/02/24 22:01:18 | 002,041,856 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\inetcpl.cpl
[2014/02/24 22:01:18 | 001,964,032 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\inetcpl.cpl
[2014/02/24 22:01:15 | 005,768,704 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\jscript9.dll
[2014/02/21 16:47:10 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Application Updater
[2014/02/21 16:47:09 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\FreeRIP Toolbar
[2014/02/20 15:39:02 | 000,000,000 | -H-D | C] -- C:\Windows\SysNative\CanonIJ Uninstaller Information
[2014/02/20 15:38:25 | 000,385,024 | ---- | C] (CANON INC.) -- C:\Windows\SysNative\CNMLMAG.DLL
[2014/02/13 07:09:29 | 000,000,000 | ---D | C] -- C:\ProgramData\STOIK
[2014/02/13 07:09:29 | 000,000,000 | ---D | C] -- C:\Users\Re\AppData\Roaming\PaintBN
[2014/02/13 07:09:16 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\STOIK Imaging
[2014/02/13 06:56:51 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msxml3r.dll
[2014/02/13 06:56:51 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msxml3r.dll
[2014/02/13 06:56:28 | 000,658,432 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\RMActivate_isv.exe
[2014/02/13 06:56:28 | 000,626,176 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\RMActivate.exe
[2014/02/13 06:56:28 | 000,594,944 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\RMActivate_isv.exe
[2014/02/13 06:56:28 | 000,572,416 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\RMActivate.exe
[2014/02/13 06:56:28 | 000,553,984 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\RMActivate_ssp.exe
[2014/02/13 06:56:28 | 000,552,960 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\RMActivate_ssp_isv.exe
[2014/02/13 06:56:28 | 000,510,976 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\RMActivate_ssp.exe
[2014/02/13 06:56:28 | 000,508,928 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\RMActivate_ssp_isv.exe
[2014/02/13 06:56:28 | 000,488,448 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\secproc.dll
[2014/02/13 06:56:28 | 000,485,888 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\secproc_isv.dll
[2014/02/13 06:56:28 | 000,423,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\secproc_isv.dll
[2014/02/13 06:56:27 | 000,528,384 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msdrm.dll
[2014/02/13 06:56:27 | 000,428,032 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\secproc.dll
[2014/02/13 06:56:27 | 000,123,392 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\secproc_ssp_isv.dll
[2014/02/13 06:56:27 | 000,123,392 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\secproc_ssp.dll
[2014/02/13 06:56:27 | 000,087,040 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\secproc_ssp_isv.dll
[2014/02/13 06:56:27 | 000,087,040 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\secproc_ssp.dll
[2014/02/13 06:56:06 | 003,928,064 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d2d1.dll
[2014/02/13 06:56:06 | 002,565,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3d10warp.dll
[2013/08/21 14:29:01 | 063,210,976 | ---- | C] (Microsoft Corporation) -- C:\Users\Re\PowerPointViewer.exe
[2013/07/29 16:21:31 | 001,067,456 | ---- | C] (Solid State Networks) -- C:\Users\Re\install_flashplayer11x32au_mssd_aaa_aih.exe
[2012/12/19 11:08:27 | 000,933,768 | ---- | C] (DivX, LLC) -- C:\Users\Re\DivXInstaller.exe
[2012/11/19 18:45:47 | 080,521,624 | ---- | C] (Apple Inc.) -- C:\Users\Re\iTunes64Setup.exe
[2012/08/05 19:01:24 | 000,893,936 | ---- | C] (Oracle Corporation) -- C:\Program Files\chromeinstall-7u5 (1).exe
[2012/08/05 19:00:06 | 000,893,936 | ---- | C] (Oracle Corporation) -- C:\Program Files\chromeinstall-7u5.exe
[2012/08/05 18:08:23 | 006,723,616 | ---- | C] (Adobe Systems Inc.) -- C:\Program Files\Shockwave_Installer_Slim.exe
[2011/05/30 15:00:50 | 035,624,744 | ---- | C] (Apple Inc.) -- C:\Users\Re\SafariSetup.exe
[53 C:\Windows\SysWow64\*.tmp files -> C:\Windows\SysWow64\*.tmp -> ]
[2 C:\Users\Re\Documents\*.tmp files -> C:\Users\Re\Documents\*.tmp -> ]
[1 C:\Program Files (x86)\*.tmp files -> C:\Program Files (x86)\*.tmp -> ]
 
========== Files - Modified Within 30 Days ==========
 
[2014/03/12 19:35:28 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Re\Desktop\OTL.exe
[2014/03/12 19:26:33 | 000,987,442 | ---- | M] () -- C:\Users\Re\Desktop\SecurityCheck.exe
[2014/03/12 19:22:46 | 000,023,248 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2014/03/12 19:22:46 | 000,023,248 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2014/03/12 19:19:02 | 000,727,334 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2014/03/12 19:19:02 | 000,624,864 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2014/03/12 19:19:02 | 000,106,950 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2014/03/12 19:13:26 | 000,000,442 | -H-- | M] () -- C:\Windows\tasks\WS-Booster-S-975730335.job
[2014/03/12 19:12:33 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2014/03/12 19:12:23 | 460,462,832 | ---- | M] () -- C:\Windows\MEMORY.DMP
[2014/03/12 19:11:56 | 3015,888,896 | -HS- | M] () -- C:\hiberfil.sys
[2014/03/12 19:01:00 | 000,000,830 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
[2014/03/12 04:01:26 | 000,692,616 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerApp.exe
[2014/03/12 04:01:26 | 000,071,048 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl
[2014/03/10 10:02:02 | 000,000,408 | ---- | M] () -- C:\Users\Public\Desktop\Rachels Retreat.lnk
[2014/03/10 10:02:02 | 000,000,374 | ---- | M] () -- C:\Users\Public\Desktop\brigiton.exe.lnk
[2014/03/09 23:45:42 | 000,002,173 | ---- | M] () -- C:\Users\Public\Desktop\TuneUp 1-Click Maintenance.lnk
[2014/03/09 23:45:42 | 000,002,147 | ---- | M] () -- C:\Users\Public\Desktop\TuneUp Utilities 2014.lnk
[2014/03/09 09:53:11 | 000,000,336 | ---- | M] () -- C:\Windows\tasks\HPCeeScheduleForRE-HP$.job
[2014/03/06 11:58:39 | 000,000,873 | ---- | M] () -- C:\Users\Re\Desktop\DVD-Cloner 2014.lnk
[2014/03/03 15:05:38 | 000,001,913 | ---- | M] () -- C:\Users\Public\Desktop\EZDownloader.lnk
[2014/02/18 16:34:04 | 000,000,844 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-4289172721-1116576219-2403535013-1001Core1cf2ce8c3984813.job
[2014/02/13 07:10:50 | 000,000,114 | ---- | M] () -- C:\ProgramData\cbn4.key
[2014/02/13 07:09:29 | 000,000,012 | ---- | M] () -- C:\Users\Re\AppData\Local\8372
[2014/02/13 07:09:29 | 000,000,012 | ---- | M] () -- C:\Users\Public\Documents\6681
[2014/02/13 07:09:29 | 000,000,012 | ---- | M] () -- C:\ProgramData\3969
[2014/02/13 07:09:29 | 000,000,012 | ---- | M] () -- C:\ProgramData\3495
[2014/02/13 07:09:29 | 000,000,012 | ---- | M] () -- C:\ProgramData\2198
[2014/02/13 07:09:29 | 000,000,012 | ---- | M] () -- C:\Users\Re\Documents\0250
[2014/02/13 07:09:29 | 000,000,012 | ---- | M] () -- C:\Users\Re\AppData\Roaming\0078
[2014/02/13 07:09:16 | 000,000,705 | ---- | M] () -- C:\Users\Public\Desktop\Color by Number 4.lnk
[53 C:\Windows\SysWow64\*.tmp files -> C:\Windows\SysWow64\*.tmp -> ]
[2 C:\Users\Re\Documents\*.tmp files -> C:\Users\Re\Documents\*.tmp -> ]
[1 C:\Program Files (x86)\*.tmp files -> C:\Program Files (x86)\*.tmp -> ]
 
========== Files Created - No Company Name ==========
 
[2014/03/12 19:26:21 | 000,987,442 | ---- | C] () -- C:\Users\Re\Desktop\SecurityCheck.exe
[2014/03/09 23:45:42 | 000,002,173 | ---- | C] () -- C:\Users\Public\Desktop\TuneUp 1-Click Maintenance.lnk
[2014/03/09 23:45:42 | 000,002,147 | ---- | C] () -- C:\Users\Public\Desktop\TuneUp Utilities 2014.lnk
[2014/03/09 23:45:34 | 000,002,159 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TuneUp Utilities 2014.lnk
[2014/03/06 11:58:39 | 000,000,873 | ---- | C] () -- C:\Users\Re\Desktop\DVD-Cloner 2014.lnk
[2014/03/03 15:05:38 | 000,001,913 | ---- | C] () -- C:\Users\Public\Desktop\EZDownloader.lnk
[2014/03/03 15:05:32 | 000,000,442 | -H-- | C] () -- C:\Windows\tasks\WS-Booster-S-975730335.job
[2014/02/18 16:34:04 | 000,000,844 | ---- | C] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-4289172721-1116576219-2403535013-1001Core1cf2ce8c3984813.job
[2014/02/13 07:10:50 | 000,000,114 | ---- | C] () -- C:\ProgramData\cbn4.key
[2014/02/13 07:09:29 | 000,000,012 | ---- | C] () -- C:\Users\Re\AppData\Local\8372
[2014/02/13 07:09:29 | 000,000,012 | ---- | C] () -- C:\Users\Public\Documents\6681
[2014/02/13 07:09:29 | 000,000,012 | ---- | C] () -- C:\ProgramData\3969
[2014/02/13 07:09:29 | 000,000,012 | ---- | C] () -- C:\ProgramData\3495
[2014/02/13 07:09:29 | 000,000,012 | ---- | C] () -- C:\ProgramData\2198
[2014/02/13 07:09:29 | 000,000,012 | ---- | C] () -- C:\Users\Re\Documents\0250
[2014/02/13 07:09:29 | 000,000,012 | ---- | C] () -- C:\Users\Re\AppData\Roaming\0078
[2014/02/13 07:09:16 | 000,000,705 | ---- | C] () -- C:\Users\Public\Desktop\Color by Number 4.lnk
[2014/01/20 20:00:03 | 000,000,073 | ---- | C] () -- C:\Windows\cdplayer.ini
[2014/01/20 19:58:25 | 000,001,534 | ---- | C] () -- C:\ProgramData\ss.ini
[2013/10/27 20:40:57 | 000,000,000 | ---- | C] () -- C:\Windows\lgfwup.ini
[2013/10/03 19:45:05 | 000,000,132 | ---- | C] () -- C:\Users\Re\AppData\Roaming\Adobe PNG Format CS5 Prefs
[2013/01/21 15:35:02 | 000,000,017 | ---- | C] () -- C:\Windows\SysWow64\shortcut_ex.dat
[2012/05/01 16:05:12 | 000,000,550 | ---- | C] () -- C:\Windows\wwwconfig.dat
[2012/04/19 07:04:06 | 000,245,840 | ---- | C] () -- C:\Windows\SysWow64\DNLEng.dll
[2012/04/19 07:04:05 | 000,894,616 | ---- | C] () -- C:\Windows\dbplugin.exe
[2012/04/03 05:41:47 | 000,017,408 | ---- | C] () -- C:\Users\Re\AppData\Local\WebpageIcons.db
[2012/03/27 19:38:11 | 000,000,085 | -HS- | C] () -- C:\ProgramData\.zreglib
[2012/03/27 18:10:07 | 000,000,303 | ---- | C] () -- C:\Windows\CloneDVD.INI
[2012/02/24 10:07:18 | 000,003,140 | -HS- | C] () -- C:\ProgramData\KGyGaAvL.sys
[2012/02/24 10:07:18 | 000,000,088 | RHS- | C] () -- C:\ProgramData\437B811E62.sys
[2011/08/03 20:48:41 | 000,102,248 | ---- | C] () -- C:\Users\Re\GoToAssistDownloadHelper.exe
 
========== ZeroAccess Check ==========
 
[2009/07/14 00:55:00 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini
 
[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
 
[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
 
[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] /64
 
[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
"" = C:\Windows\SysNative\shell32.dll -- [2013/07/25 22:24:57 | 014,172,672 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
 
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2013/07/25 21:55:59 | 012,872,704 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\fastprox.dll -- [2009/07/13 21:40:51 | 000,909,312 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
 
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2010/11/20 08:19:02 | 000,606,208 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\wbemess.dll -- [2009/07/13 21:41:56 | 000,505,856 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both
 
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]
 
========== LOP Check ==========
 
[2011/12/09 19:52:10 | 000,000,000 | -HSD | M] -- C:\Users\Re\AppData\Roaming\.#
[2012/01/11 22:34:58 | 000,000,000 | ---D | M] -- C:\Users\Re\AppData\Roaming\2monkeys
[2011/07/13 21:14:23 | 000,000,000 | ---D | M] -- C:\Users\Re\AppData\Roaming\7thsense
[2012/06/29 15:03:46 | 000,000,000 | ---D | M] -- C:\Users\Re\AppData\Roaming\8floor
[2012/04/20 00:15:35 | 000,000,000 | ---D | M] -- C:\Users\Re\AppData\Roaming\Alawar
[2012/03/28 01:13:22 | 000,000,000 | ---D | M] -- C:\Users\Re\AppData\Roaming\Alawar Entertainment
[2012/09/06 20:35:26 | 000,000,000 | ---D | M] -- C:\Users\Re\AppData\Roaming\Alawar Stargaze
[2013/06/02 17:41:24 | 000,000,000 | ---D | M] -- C:\Users\Re\AppData\Roaming\AlawarEntertainment
[2012/05/30 20:14:33 | 000,000,000 | ---D | M] -- C:\Users\Re\AppData\Roaming\aliasworlds
[2012/02/12 18:32:56 | 000,000,000 | ---D | M] -- C:\Users\Re\AppData\Roaming\Amaranth Games
[2011/08/07 22:00:05 | 000,000,000 | ---D | M] -- C:\Users\Re\AppData\Roaming\Anarchy
[2011/11/13 03:55:59 | 000,000,000 | ---D | M] -- C:\Users\Re\AppData\Roaming\Anino Games
[2012/10/23 08:24:51 | 000,000,000 | ---D | M] -- C:\Users\Re\AppData\Roaming\Anuman
[2013/12/23 18:41:34 | 000,000,000 | ---D | M] -- C:\Users\Re\AppData\Roaming\Apowersoft
[2012/08/15 00:07:51 | 000,000,000 | ---D | M] -- C:\Users\Re\AppData\Roaming\Application Support
[2011/09/29 19:38:35 | 000,000,000 | ---D | M] -- C:\Users\Re\AppData\Roaming\Arkadium
[2011/12/12 07:47:59 | 000,000,000 | ---D | M] -- C:\Users\Re\AppData\Roaming\Awem
[2013/11/21 23:32:19 | 000,000,000 | ---D | M] -- C:\Users\Re\AppData\Roaming\Be a King 2
[2012/10/19 19:53:39 | 000,000,000 | ---D | M] -- C:\Users\Re\AppData\Roaming\BeadTool
[2011/12/31 19:11:28 | 000,000,000 | ---D | M] -- C:\Users\Re\AppData\Roaming\Big Fish Games
[2012/07/21 01:09:31 | 000,000,000 | ---D | M] -- C:\Users\Re\AppData\Roaming\BlamGames
[2011/05/08 22:39:10 | 000,000,000 | ---D | M] -- C:\Users\Re\AppData\Roaming\Blio
[2012/09/12 10:10:44 | 000,000,000 | ---D | M] -- C:\Users\Re\AppData\Roaming\BlooBuzz
[2012/08/26 14:24:27 | 000,000,000 | ---D | M] -- C:\Users\Re\AppData\Roaming\Boolat Games
[2013/10/19 18:37:25 | 000,000,000 | ---D | M] -- C:\Users\Re\AppData\Roaming\Boomzap
[2012/11/30 12:37:54 | 000,000,000 | ---D | M] -- C:\Users\Re\AppData\Roaming\Building the Great Wall of China
[2011/10/06 10:05:01 | 000,000,000 | ---D | M] -- C:\Users\Re\AppData\Roaming\Cache
[2012/02/28 12:01:29 | 000,000,000 | ---D | M] -- C:\Users\Re\AppData\Roaming\calibre
[2011/06/09 16:34:40 | 000,000,000 | ---D | M] -- C:\Users\Re\AppData\Roaming\Camel101
[2011/06/08 22:53:54 | 000,000,000 | ---D | M] -- C:\Users\Re\AppData\Roaming\Cat's Eye Games
[2013/06/03 15:26:06 | 000,000,000 | ---D | M] -- C:\Users\Re\AppData\Roaming\cerasus.media
[2011/12/07 09:28:31 | 000,000,000 | ---D | M] -- C:\Users\Re\AppData\Roaming\Data Solutions
[2012/08/04 03:23:56 | 000,000,000 | ---D | M] -- C:\Users\Re\AppData\Roaming\DAVA
[2013/04/17 19:30:03 | 000,000,000 | ---D | M] -- C:\Users\Re\AppData\Roaming\dekovir
[2012/05/16 23:15:26 | 000,000,000 | ---D | M] -- C:\Users\Re\AppData\Roaming\Dereza
[2011/08/29 23:02:14 | 000,000,000 | ---D | M] -- C:\Users\Re\AppData\Roaming\Dikobraz
[2013/06/02 13:53:55 | 000,000,000 | ---D | M] -- C:\Users\Re\AppData\Roaming\DikobrazGames
[2012/05/31 19:44:30 | 000,000,000 | ---D | M] -- C:\Users\Re\AppData\Roaming\DivoGames
[2014/03/12 19:16:49 | 000,000,000 | ---D | M] -- C:\Users\Re\AppData\Roaming\Dropbox
[2014/03/06 12:01:23 | 000,000,000 | ---D | M] -- C:\Users\Re\AppData\Roaming\DVD-Cloner
[2012/03/20 00:25:24 | 000,000,000 | ---D | M] -- C:\Users\Re\AppData\Roaming\DVDVideoSoft
[2011/10/26 22:56:47 | 000,000,000 | ---D | M] -- C:\Users\Re\AppData\Roaming\eGames
[2011/12/12 07:42:21 | 000,000,000 | ---D | M] -- C:\Users\Re\AppData\Roaming\Eltima Software
[2011/11/05 01:07:02 | 000,000,000 | ---D | M] -- C:\Users\Re\AppData\Roaming\EnchantedCavern
[2012/07/07 23:58:26 | 000,000,000 | ---D | M] -- C:\Users\Re\AppData\Roaming\EnchantedCavern2
[2012/03/28 10:13:09 | 000,000,000 | ---D | M] -- C:\Users\Re\AppData\Roaming\ERS G-Studio
[2012/03/04 00:55:36 | 000,000,000 | ---D | M] -- C:\Users\Re\AppData\Roaming\Eyeblaster
[2014/02/02 13:33:28 | 000,000,000 | ---D | M] -- C:\Users\Re\AppData\Roaming\FaceOffMax
[2011/11/13 00:21:11 | 000,000,000 | ---D | M] -- C:\Users\Re\AppData\Roaming\FamilyVacationCalifornia
[2012/05/10 22:27:10 | 000,000,000 | ---D | M] -- C:\Users\Re\AppData\Roaming\Fever Frenzy
[2013/05/30 16:16:18 | 000,000,000 | ---D | M] -- C:\Users\Re\AppData\Roaming\Flood Light Games
[2011/09/08 22:11:49 | 000,000,000 | ---D | M] -- C:\Users\Re\AppData\Roaming\FlyWheelGames
[2014/02/02 12:15:59 | 000,000,000 | ---D | M] -- C:\Users\Re\AppData\Roaming\Foxit Software
[2011/10/24 14:59:50 | 000,000,000 | ---D | M] -- C:\Users\Re\AppData\Roaming\Friday's games
[2012/06/08 15:48:23 | 000,000,000 | ---D | M] -- C:\Users\Re\AppData\Roaming\funkitron
[2012/08/14 12:14:42 | 000,000,000 | ---D | M] -- C:\Users\Re\AppData\Roaming\Funlinker
[2011/10/25 16:53:09 | 000,000,000 | ---D | M] -- C:\Users\Re\AppData\Roaming\Gaijin Ent
[2012/01/11 21:52:02 | 000,000,000 | ---D | M] -- C:\Users\Re\AppData\Roaming\GameCards
[2011/09/11 10:34:33 | 000,000,000 | ---D | M] -- C:\Users\Re\AppData\Roaming\GameMill Entertainment
[2011/06/09 16:34:09 | 000,000,000 | ---D | M] -- C:\Users\Re\AppData\Roaming\GarageGames
[2012/09/10 10:56:58 | 000,000,000 | ---D | M] -- C:\Users\Re\AppData\Roaming\GirlsWithSecrets
[2013/04/17 17:55:42 | 000,000,000 | ---D | M] -- C:\Users\Re\AppData\Roaming\Grand Ages Rome
[2012/03/03 23:27:34 | 000,000,000 | ---D | M] -- C:\Users\Re\AppData\Roaming\Green Clover Games
[2012/08/14 12:06:03 | 000,000,000 | ---D | M] -- C:\Users\Re\AppData\Roaming\Hidden Objects Expert
[2012/05/25 23:14:22 | 000,000,000 | ---D | M] -- C:\Users\Re\AppData\Roaming\HipSoft
[2013/10/19 18:47:54 | 000,000,000 | ---D | M] -- C:\Users\Re\AppData\Roaming\Hoyle FaceCreator
[2013/10/19 18:48:24 | 000,000,000 | ---D | M] -- C:\Users\Re\AppData\Roaming\Hoyle Puzzle and Board Games
[2013/12/10 18:21:48 | 000,000,000 | ---D | M] -- C:\Users\Re\AppData\Roaming\Individual Software
[2011/10/12 06:58:02 | 000,000,000 | ---D | M] -- C:\Users\Re\AppData\Roaming\Islands
[2011/12/27 00:16:17 | 000,000,000 | ---D | M] -- C:\Users\Re\AppData\Roaming\Islands2
[2011/12/21 23:09:30 | 000,000,000 | ---D | M] -- C:\Users\Re\AppData\Roaming\Islands3
[2013/12/13 14:24:30 | 000,000,000 | ---D | M] -- C:\Users\Re\AppData\Roaming\Islands5
[2012/11/24 14:12:01 | 000,000,000 | ---D | M] -- C:\Users\Re\AppData\Roaming\island_tribe_4_realore_en
[2012/04/20 22:54:18 | 000,000,000 | ---D | M] -- C:\Users\Re\AppData\Roaming\iWin
[2011/07/20 21:21:01 | 000,000,000 | ---D | M] -- C:\Users\Re\AppData\Roaming\Jamdat
[2011/11/08 22:32:45 | 000,000,000 | ---D | M] -- C:\Users\Re\AppData\Roaming\Jane s Hotel 3
[2012/07/12 15:07:55 | 000,000,000 | ---D | M] -- C:\Users\Re\AppData\Roaming\Jewel Match 3
[2011/07/13 00:36:33 | 000,000,000 | ---D | M] -- C:\Users\Re\AppData\Roaming\JQ
[2012/05/23 17:24:46 | 000,000,000 | ---D | M] -- C:\Users\Re\AppData\Roaming\Jumb-O-Fun Games
[2011/09/01 22:15:50 | 000,000,000 | ---D | M] -- C:\Users\Re\AppData\Roaming\Kutawaves Game
[2011/11/29 23:35:07 | 000,000,000 | ---D | M] -- C:\Users\Re\AppData\Roaming\Ladia Group
[2013/05/30 15:59:45 | 000,000,000 | ---D | M] -- C:\Users\Re\AppData\Roaming\LeeGT-Games
[2012/05/26 08:10:11 | 000,000,000 | ---D | M] -- C:\Users\Re\AppData\Roaming\LegacyGames
[2013/01/12 18:09:08 | 000,000,000 | ---D | M] -- C:\Users\Re\AppData\Roaming\Lonely Troops
[2013/11/22 00:01:50 | 000,000,000 | ---D | M] -- C:\Users\Re\AppData\Roaming\Ludia
[2011/06/03 00:10:06 | 000,000,000 | ---D | M] -- C:\Users\Re\AppData\Roaming\MagicIndie
[2013/08/13 11:34:09 | 000,000,000 | ---D | M] -- C:\Users\Re\AppData\Roaming\ManyCam
[2012/04/20 07:31:25 | 000,000,000 | ---D | M] -- C:\Users\Re\AppData\Roaming\margrave1
[2011/08/07 21:41:30 | 000,000,000 | ---D | M] -- C:\Users\Re\AppData\Roaming\Mayan Puzzle
[2011/08/27 00:15:14 | 000,000,000 | ---D | M] -- C:\Users\Re\AppData\Roaming\md studio
[2011/06/05 18:40:36 | 000,000,000 | ---D | M] -- C:\Users\Re\AppData\Roaming\MediaArt
[2011/07/10 13:29:15 | 000,000,000 | ---D | M] -- C:\Users\Re\AppData\Roaming\Meridian93
[2012/07/31 13:39:45 | 000,000,000 | ---D | M] -- C:\Users\Re\AppData\Roaming\Merscom
[2011/10/04 21:02:11 | 000,000,000 | ---D | M] -- C:\Users\Re\AppData\Roaming\Morpheus Software
[2011/06/09 09:28:38 | 000,000,000 | ---D | M] -- C:\Users\Re\AppData\Roaming\Mousechief
[2013/06/03 22:57:21 | 000,000,000 | ---D | M] -- C:\Users\Re\AppData\Roaming\MysteryStudio
[2011/11/02 07:07:58 | 000,000,000 | ---D | M] -- C:\Users\Re\AppData\Roaming\NevoSoft
[2012/03/04 00:39:54 | 000,000,000 | ---D | M] -- C:\Users\Re\AppData\Roaming\Nevosoft-Breeze
[2014/01/25 09:32:53 | 000,000,000 | ---D | M] -- C:\Users\Re\AppData\Roaming\newnext.me
[2013/12/19 12:44:52 | 000,000,000 | ---D | M] -- C:\Users\Re\AppData\Roaming\northerntale2
[2013/11/22 00:54:32 | 000,000,000 | ---D | M] -- C:\Users\Re\AppData\Roaming\northern_tale_2
[2012/11/10 00:11:10 | 000,000,000 | ---D | M] -- C:\Users\Re\AppData\Roaming\northern_tale_realore_en
[2014/01/18 02:10:35 | 000,000,000 | ---D | M] -- C:\Users\Re\AppData\Roaming\onOne Software
[2012/04/06 14:53:20 | 000,000,000 | ---D | M] -- C:\Users\Re\AppData\Roaming\OpenCandy
[2014/02/13 07:09:29 | 000,000,000 | ---D | M] -- C:\Users\Re\AppData\Roaming\PaintBN
[2014/03/06 10:56:59 | 000,000,000 | ---D | M] -- C:\Users\Re\AppData\Roaming\Pavtube
[2014/01/16 13:51:05 | 000,000,000 | ---D | M] -- C:\Users\Re\AppData\Roaming\PDAppFlex
[2012/04/06 14:53:16 | 000,000,000 | ---D | M] -- C:\Users\Re\AppData\Roaming\pdfforge
[2012/02/17 17:04:32 | 000,000,000 | ---D | M] -- C:\Users\Re\AppData\Roaming\Peace Craft
[2011/12/09 22:40:01 | 000,000,000 | ---D | M] -- C:\Users\Re\AppData\Roaming\PeaceCraft2
[2012/04/14 18:51:04 | 000,000,000 | ---D | M] -- C:\Users\Re\AppData\Roaming\PeaceCraft3
[2014/01/18 00:39:01 | 000,000,000 | ---D | M] -- C:\Users\Re\AppData\Roaming\PearlMountain
[2012/11/17 09:41:06 | 000,000,000 | ---D | M] -- C:\Users\Re\AppData\Roaming\Photo DVD Slideshow
[2011/06/05 18:35:24 | 000,000,000 | ---D | M] -- C:\Users\Re\AppData\Roaming\Pi Eye Games
[2011/05/08 17:10:01 | 000,000,000 | ---D | M] -- C:\Users\Re\AppData\Roaming\PictureMover
[2011/08/15 16:00:54 | 000,000,000 | ---D | M] -- C:\Users\Re\AppData\Roaming\PlatinumHideIP
[2012/01/27 00:18:14 | 000,000,000 | ---D | M] -- C:\Users\Re\AppData\Roaming\PlayFirst
[2012/07/30 23:21:00 | 000,000,000 | ---D | M] -- C:\Users\Re\AppData\Roaming\PlayWay
[2012/06/28 22:15:17 | 000,000,000 | ---D | M] -- C:\Users\Re\AppData\Roaming\PoBros
[2013/06/02 13:53:21 | 000,000,000 | ---D | M] -- C:\Users\Re\AppData\Roaming\Romantic Photo
[2013/01/17 22:40:40 | 000,000,000 | ---D | M] -- C:\Users\Re\AppData\Roaming\Rovio
[2011/09/29 20:30:18 | 000,000,000 | ---D | M] -- C:\Users\Re\AppData\Roaming\Sahmon Games
[2012/03/28 00:53:06 | 000,000,000 | ---D | M] -- C:\Users\Re\AppData\Roaming\SevenSails
[2014/02/21 16:47:21 | 000,000,000 | ---D | M] -- C:\Users\Re\AppData\Roaming\Slick Savings
[2014/02/14 13:33:54 | 000,000,000 | ---D | M] -- C:\Users\Re\AppData\Roaming\SoftGrid Client
[2011/06/25 23:57:17 | 000,000,000 | ---D | M] -- C:\Users\Re\AppData\Roaming\Sound Doctrine
[2011/06/17 12:43:20 | 000,000,000 | ---D | M] -- C:\Users\Re\AppData\Roaming\SpinTop Games
[2011/07/27 18:12:07 | 000,000,000 | ---D | M] -- C:\Users\Re\AppData\Roaming\Stand O'Food 3
[2011/09/29 08:29:03 | 000,000,000 | ---D | M] -- C:\Users\Re\AppData\Roaming\SulusGames
[2011/05/08 17:08:59 | 000,000,000 | ---D | M] -- C:\Users\Re\AppData\Roaming\Synaptics
[2012/09/10 10:38:27 | 000,000,000 | ---D | M] -- C:\Users\Re\AppData\Roaming\Tape_Worm
[2013/09/24 17:38:35 | 000,000,000 | ---D | M] -- C:\Users\Re\AppData\Roaming\TechWizard
[2011/08/20 14:34:26 | 000,000,000 | ---D | M] -- C:\Users\Re\AppData\Roaming\TheFlyingDutchman
[2013/02/04 23:23:05 | 000,000,000 | ---D | M] -- C:\Users\Re\AppData\Roaming\Thinstall
[2012/11/10 00:11:10 | 000,000,000 | ---D | M] -- C:\Users\Re\AppData\Roaming\ThreeDays2
[2011/05/14 09:19:39 | 000,000,000 | ---D | M] -- C:\Users\Re\AppData\Roaming\TP
[2014/03/09 23:45:04 | 000,000,000 | ---D | M] -- C:\Users\Re\AppData\Roaming\TuneUp Software
[2011/09/16 10:59:11 | 000,000,000 | ---D | M] -- C:\Users\Re\AppData\Roaming\Twilight Games
[2011/12/12 16:41:09 | 000,000,000 | ---D | M] -- C:\Users\Re\AppData\Roaming\ValuSoft
[2014/01/19 22:39:36 | 000,000,000 | ---D | M] -- C:\Users\Re\AppData\Roaming\VideoBooth
[2011/12/03 11:54:58 | 000,000,000 | ---D | M] -- C:\Users\Re\AppData\Roaming\ViquaSoft
[2012/07/09 00:35:22 | 000,000,000 | ---D | M] -- C:\Users\Re\AppData\Roaming\WeatherLord
[2013/05/30 16:08:52 | 000,000,000 | ---D | M] -- C:\Users\Re\AppData\Roaming\WildTangent
[2011/05/12 20:44:46 | 000,000,000 | ---D | M] -- C:\Users\Re\AppData\Roaming\Windows Live Writer
[2012/05/24 17:34:48 | 000,000,000 | ---D | M] -- C:\Users\Re\AppData\Roaming\World-LooM
[2012/03/03 00:03:04 | 000,000,000 | ---D | M] -- C:\Users\Re\AppData\Roaming\Xilisoft
[2012/12/07 07:42:36 | 000,000,000 | ---D | M] -- C:\Users\Re\AppData\Roaming\YourFileDownloader
 
========== Purity Check ==========
 
 
 
========== Files - Unicode (All) ==========
[2013/04/06 18:19:44 | 000,001,432 | ---- | M] ()(C:\Users\Public\Desktop\??????. ?????? ????????.lnk) -- C:\Users\Public\Desktop\Святой. Бездна отчаяния.lnk
[2013/04/06 18:19:44 | 000,001,432 | ---- | C] ()(C:\Users\Public\Desktop\??????. ?????? ????????.lnk) -- C:\Users\Public\Desktop\Святой. Бездна отчаяния.lnk
[2011/10/23 18:10:30 | 000,001,290 | ---- | M] ()(C:\Users\Re\Desktop\????????? ?????.lnk) -- C:\Users\Re\Desktop\Свадебный салон.lnk
[2011/10/23 18:10:30 | 000,001,290 | ---- | C] ()(C:\Users\Re\Desktop\????????? ?????.lnk) -- C:\Users\Re\Desktop\Свадебный салон.lnk
(C:\Users\Re\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\???? ?? Alawar) -- C:\Users\Re\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Игры от Alawar
 
========== Alternate Data Streams ==========
 
@Alternate Data Stream - 169 bytes -> C:\ProgramData\Temp:A31FAD21
@Alternate Data Stream - 144 bytes -> C:\ProgramData\Temp:FD000392
@Alternate Data Stream - 142 bytes -> C:\ProgramData\Temp:9EF92A1A
@Alternate Data Stream - 141 bytes -> C:\ProgramData\Temp:F6A0889A
@Alternate Data Stream - 141 bytes -> C:\ProgramData\Temp:700B9342
@Alternate Data Stream - 140 bytes -> C:\ProgramData\Temp:71380EB5
@Alternate Data Stream - 137 bytes -> C:\ProgramData\Temp:E153075C
@Alternate Data Stream - 137 bytes -> C:\ProgramData\Temp:517EFA90
@Alternate Data Stream - 137 bytes -> C:\ProgramData\Temp:054B9966
@Alternate Data Stream - 136 bytes -> C:\ProgramData\Temp:B779C113
@Alternate Data Stream - 136 bytes -> C:\ProgramData\Temp:371A321E
@Alternate Data Stream - 134 bytes -> C:\ProgramData\Temp:E3D8C69A
@Alternate Data Stream - 134 bytes -> C:\ProgramData\Temp:ACE7A9BB
@Alternate Data Stream - 133 bytes -> C:\ProgramData\Temp:5D25D96A
@Alternate Data Stream - 132 bytes -> C:\ProgramData\Temp:9D605054
@Alternate Data Stream - 130 bytes -> C:\ProgramData\Temp:6423D635
@Alternate Data Stream - 128 bytes -> C:\ProgramData\Temp:3D922890
@Alternate Data Stream - 127 bytes -> C:\ProgramData\Temp:F5B51004
@Alternate Data Stream - 127 bytes -> C:\ProgramData\Temp:1F8C9007
@Alternate Data Stream - 126 bytes -> C:\ProgramData\Temp:A548B4F0
@Alternate Data Stream - 125 bytes -> C:\ProgramData\Temp:FBFE8C4E
@Alternate Data Stream - 125 bytes -> C:\ProgramData\Temp:417B6FAC
@Alternate Data Stream - 125 bytes -> C:\ProgramData\Temp:2D2461E7
@Alternate Data Stream - 124 bytes -> C:\ProgramData\Temp:26499772
@Alternate Data Stream - 123 bytes -> C:\ProgramData\Temp:B430FD52
@Alternate Data Stream - 120 bytes -> C:\ProgramData\Temp:F42BB562
@Alternate Data Stream - 120 bytes -> C:\ProgramData\Temp:E80802C7
@Alternate Data Stream - 120 bytes -> C:\ProgramData\Temp:16F4BC64
@Alternate Data Stream - 116 bytes -> C:\ProgramData\Temp:161AA30B
@Alternate Data Stream - 115 bytes -> C:\ProgramData\Temp:84744B34
@Alternate Data Stream - 113 bytes -> C:\ProgramData\Temp:FFD38FD9
@Alternate Data Stream - 113 bytes -> C:\ProgramData\Temp:EB5BDBB0
@Alternate Data Stream - 112 bytes -> C:\ProgramData\Temp:F1F85068
@Alternate Data Stream - 108 bytes -> C:\ProgramData\Temp:EDD903C5
@Alternate Data Stream - 108 bytes -> C:\ProgramData\Temp:122B409D
@Alternate Data Stream - 106 bytes -> C:\ProgramData\Temp:47FE7AB7
 
< End of report >


#5 heytee65

heytee65
  • Topic Starter

  • Members
  • 41 posts
  • OFFLINE
  •  
  • Local time:07:53 PM

Posted 12 March 2014 - 06:57 PM

OTL Extras logfile created on: 3/12/2014 7:41:55 PM - Run 1
OTL by OldTimer - Version 3.2.69.0     Folder = C:\Users\Re\Desktop
64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.11.9600.16518)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy
 
3.75 Gb Total Physical Memory | 2.21 Gb Available Physical Memory | 58.92% Memory free
7.49 Gb Paging File | 5.41 Gb Available in Paging File | 72.31% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 450.41 Gb Total Space | 361.78 Gb Free Space | 80.32% Space Free | Partition Type: NTFS
Drive D: | 15.05 Gb Total Space | 1.88 Gb Free Space | 12.46% Space Free | Partition Type: NTFS
Drive F: | 99.02 Mb Total Space | 30.44 Mb Free Space | 30.74% Space Free | Partition Type: FAT32
 
Computer Name: RE-HP | User Name: Re | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
 
========== Extra Registry (SafeList) ==========
 
 
========== File Associations ==========
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.html[@ = htmlfile] -- C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation)
.url[@ = InternetShortcut] -- C:\Windows\SysNative\rundll32.exe (Microsoft Corporation)
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\SysWow64\control.exe (Microsoft Corporation)
.html [@ = htmlfile] -- C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation)
 
========== Shell Spawning ==========
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [edit] -- Reg Error: Key error.
htmlfile [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
htmlfile [opennew] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
htmlfile [print] -- "%systemroot%\system32\rundll32.exe" "%systemroot%\system32\mshtml.dll",PrintHTML "%1"
http [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
https [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
InternetShortcut [open] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll",OpenURL %l (Microsoft Corporation)
InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [Bridge] -- C:\Program Files\Adobe\Adobe Bridge CS6 (64 Bit)\Bridge.exe "%L" (Adobe Systems, Inc.)
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Applications\iexplore.exe [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
CLSID\{871C5380-42A0-1069-A2EA-08002B30309D} [OpenHomePage] -- "C:\Program Files\Internet Explorer\iexplore.exe" (Microsoft Corporation)
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [edit] -- Reg Error: Key error.
htmlfile [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
htmlfile [opennew] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
htmlfile [print] -- "%systemroot%\system32\rundll32.exe" "%systemroot%\system32\mshtml.dll",PrintHTML "%1"
http [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
https [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [Bridge] -- C:\Program Files\Adobe\Adobe Bridge CS6 (64 Bit)\Bridge.exe "%L" (Adobe Systems, Inc.)
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Applications\iexplore.exe [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
CLSID\{871C5380-42A0-1069-A2EA-08002B30309D} [OpenHomePage] -- Reg Error: Value error.
 
========== Security Center Settings ==========
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = 28 4D B2 76 41 04 CA 01  [binary data]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
 
========== Firewall Settings ==========
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
 
========== Authorized Applications List ==========
 
 
========== Vista Active Open Ports Exception List ==========
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{03D2A40A-E174-44A5-81FC-1F7E75D19D1E}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe | 
"{04E630A9-321E-4716-BE21-386DFE53E840}" = rport=138 | protocol=17 | dir=out | app=system | 
"{18F8FCD6-7349-40B8-8213-ADCBCF4C8ED6}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | name=@firewallapi.dll,-28539 | 
"{19765680-D6A4-41FE-866B-5D549DC14B17}" = rport=3702 | protocol=17 | dir=out | svc=fdphost | app=%systemroot%\system32\svchost.exe | 
"{21582799-8C72-4E1D-8BC4-0BB32AB6FA51}" = lport=50000 | protocol=17 | dir=in | name=iha_messagecenter | 
"{289F71B9-FDA7-4D95-BF72-7DA180A66067}" = lport=139 | protocol=6 | dir=in | app=system | 
"{28B2D7E0-3DFB-4BEC-92D6-14A1065D064E}" = lport=3702 | protocol=17 | dir=in | svc=fdphost | app=%systemroot%\system32\svchost.exe | 
"{29776755-9207-4110-9F8A-ABE47DC853F3}" = lport=137 | protocol=17 | dir=in | app=system | 
"{2A97734B-A9B0-49BA-A21B-063E1D5FB1D8}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe | 
"{384C9B59-4C15-4DD4-9ACA-4C498EB6DC33}" = lport=1900 | protocol=17 | dir=in | name=windows live communications platform (ssdp) | 
"{5242677E-8941-4BC2-BA20-FF807B3C013E}" = lport=3702 | protocol=17 | dir=in | svc=fdrespub | app=%systemroot%\system32\svchost.exe | 
"{57C1BB7F-DB0F-41E6-8FAB-7CBA8AF0D0D6}" = rport=137 | protocol=17 | dir=out | app=system | 
"{65150652-9F15-4B2D-BB8E-9DE1245465E0}" = lport=rpc | protocol=6 | dir=in | svc=spooler | app=%systemroot%\system32\spoolsv.exe | 
"{652D8349-D7BE-4B15-9614-69B7AB1899EA}" = lport=138 | protocol=17 | dir=in | app=system | 
"{68403E68-EACB-44A4-BAE2-F75D5BD5F2FA}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe | 
"{74B1BA0F-2BE0-41B4-A9A6-767BDA07C86F}" = rport=3702 | protocol=17 | dir=out | svc=fdrespub | app=%systemroot%\system32\svchost.exe | 
"{887FBDCF-BD36-4475-A259-2FC0B6E4DA9E}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe | 
"{8FCE226E-B1DD-4CB1-A9E6-B3333DF659E7}" = lport=2869 | protocol=6 | dir=in | name=windows live communications platform (upnp) | 
"{A15A8DEC-5243-4F73-8420-E137BF71A930}" = rport=445 | protocol=6 | dir=out | app=system | 
"{ADD305B0-EC9B-455B-A466-8631BAD3CE3C}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe | 
"{CB83A747-B604-47FD-B250-A471545E6403}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe | 
"{CD497C14-9926-42D8-B955-E765BB8C3EF4}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe | 
"{D4C64A5D-77FC-4EAD-8F23-80EAD34F74DB}" = lport=50000 | protocol=17 | dir=in | name=iha_messagecenter | 
"{D996178D-9DC2-4D63-ADA4-FD2A1D990E25}" = lport=445 | protocol=6 | dir=in | app=system | 
"{E1D2455C-C653-49C7-94B1-7304CAA2C37F}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe | 
"{F8B75919-732B-4D8B-A479-1999E71AD6B0}" = rport=139 | protocol=6 | dir=out | app=system | 
 
========== Vista Active Application Exception List ==========
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{085F065D-5EB7-47CA-8493-1A7B060BE46A}" = protocol=17 | dir=in | app=g:\jewelquestcollection-skidrow\iwin games\iwingames.exe | 
"{0F14551A-DBBA-436A-A88D-6B18693C3028}" = dir=in | app=c:\program files (x86)\itunes\itunes.exe | 
"{19B5A2F2-EC57-4C80-B5E0-E7F899A8EA33}" = dir=in | app=h:\softwares\apowersoft.streaming.videorecorder.2.3.9\streaming video recorder\apowersoftdownloaderhelp.dll | 
"{1EC72943-0DB7-4B10-AC0B-C86FEA02E517}" = protocol=6 | dir=in | app=c:\program files (x86)\windows ilivid toolbar\datamngr\toolbar\dtuser.exe | 
"{1F7FAE45-42DD-43E6-B59E-BC46658C1500}" = dir=in | app=h:\softwares\apowersoft.streaming.videorecorder.2.3.9\streaming video recorder\streaming video recorder.exe | 
"{2090A3DD-291C-4AC1-8C34-86C82D7DB63C}" = dir=in | app=c:\program files (x86)\plex\plex media server\plexdlnaserver.exe | 
"{2564B468-91D8-4C70-87A1-FEC7E06776C9}" = dir=in | app=c:\program files (x86)\plex\plex media server\plex media server.exe | 
"{26A1A521-9F31-48BA-A2ED-FED069946015}" = dir=in | app=h:\softwares\apowersoft.streaming.videorecorder.2.3.9\streaming video recorder\apowersoftplayer.dll | 
"{295256D6-1B43-4F71-A623-004CCBDA843C}" = dir=out | app=h:\softwares\apowersoft.streaming.videorecorder.2.3.9\streaming video recorder\streaming video recorder.exe | 
"{2C445F73-F353-4C63-AA5E-A282E5EA30A4}" = protocol=17 | dir=in | app=c:\program files (x86)\yourfiledownloader\downloader.exe | 
"{316ACA1B-DAD1-482B-97A9-DCB316302216}" = protocol=17 | dir=in | app=c:\program files (x86)\yourfiledownloader\yourfile.exe | 
"{31A5CF8E-AB5F-4377-9AEB-0F07BDE4B2C2}" = protocol=17 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe | 
"{32C662CE-D8A3-4732-B4AE-5A0DF9854B60}" = dir=in | app=c:\program files (x86)\plex\plex media server\plexscripthost.exe | 
"{337B6553-27E2-4229-A2D0-1ED953BF807B}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe | 
"{39999840-E0E6-47F7-92DA-7B316917EE35}" = dir=out | app=h:\softwares\apowersoft.streaming.videorecorder.2.3.9\streaming video recorder\apowersoftdownloaderhelp.dll | 
"{3FC02491-3056-4D09-AF4A-CF42DB7A9563}" = protocol=6 | dir=in | app=c:\program files (x86)\yourfiledownloader\yourfile.exe | 
"{46C9B9D3-D61A-4BB0-87CA-37AC3A71E729}" = protocol=6 | dir=in | app=c:\program files (x86)\yourfiledownloader\yourfile.exe | 
"{4AABB63F-0224-4778-8655-496570547C93}" = protocol=6 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe | 
"{4E9830F0-B7DA-4BFF-ABC0-03BA47BA1259}" = dir=in | app=c:\program files (x86)\common files\apple\apple application support\webkit2webprocess.exe | 
"{519EC307-6A48-4653-AA6D-52DF7C3FAD34}" = dir=in | app=h:\softwares\apowersoft.streaming.videorecorder.2.3.9\streaming video recorder\apowersoftac.dll | 
"{560C71DA-CF7B-497B-8A41-46EEBF47DC2B}" = protocol=1 | dir=in | name=@firewallapi.dll,-28543 | 
"{5B0A48DF-F853-4278-9577-EEAD34312941}" = protocol=17 | dir=in | app=c:\program files (x86)\yourfiledownloader\downloader.exe | 
"{5E5F3EEB-D506-401E-AB1A-68568FDABEC8}" = dir=in | app=c:\program files (x86)\hewlett-packard\hp support framework\resources\hpwarrantycheck\hpdevicedetection3.exe | 
"{5E691D85-3EFA-4B1C-AED5-BEB558E8B6E4}" = dir=in | app=h:\softwares\apowersoft.streaming.videorecorder.2.3.9\streaming video recorder\apowersoftsrv.dll | 
"{6266D6E0-8675-4394-9597-D18CA8707434}" = dir=out | app=h:\softwares\apowersoft.streaming.videorecorder.2.3.9\streaming video recorder\apowersoftsrv.dll | 
"{630BCB79-74ED-4892-9EE2-3DA324EF7BC3}" = protocol=6 | dir=in | app=c:\users\re\appdata\local\google\google talk plugin\googletalkplugin.exe | 
"{6377A043-39B3-454D-9DB0-603419B0E550}" = protocol=17 | dir=in | app=c:\program files (x86)\bonjour\mdnsresponder.exe | 
"{6AF1E9DA-71A0-440E-821F-03F9A92B8340}" = dir=out | app=c:\program files (x86)\hewlett-packard\hp clouddrive\zumodrive.exe | 
"{6ED4A591-B154-43E7-A23C-EB027C851DC0}" = protocol=6 | dir=in | app=c:\program files (x86)\roxio\roxionow player\rnowshell.exe | 
"{72219567-B86B-436A-AE16-3D1BE65D49B6}" = protocol=58 | dir=in | name=@firewallapi.dll,-28545 | 
"{732725C4-E37E-483C-B159-63926E78B9FC}" = protocol=6 | dir=in | app=g:\jewelquestcollection-skidrow\iwin games\iwingames.exe | 
"{83183CB0-0F14-4C60-B02C-47264D91BA79}" = protocol=6 | dir=in | app=h:\softwares\bittorrent plus\bittorrent plus\bittorrent.exe | 
"{850D9625-D0DE-4B42-9B46-477C0F3EC5F2}" = protocol=6 | dir=in | app=i:\softwares\tubedigger_4.6.3\tubedigger\tubedigger.exe | 
"{8B4C7B61-A6A2-4B44-94FF-F200F4EFA62D}" = dir=in | app=h:\softwares\apowersoft.streaming.videorecorder.2.3.9\streaming video recorder\apowersoftdump.dll | 
"{9130F6CA-E928-4916-8287-7ABE60BD85B6}" = dir=in | app=c:\program files (x86)\windows live\contacts\wlcomm.exe | 
"{99705046-62E1-48C0-9E11-575EFB438124}" = protocol=17 | dir=in | app=c:\program files (x86)\windows ilivid toolbar\datamngr\toolbar\dtuser.exe | 
"{9B22B720-0B63-44EC-8EB8-985092F091E3}" = protocol=6 | dir=in | app=c:\program files (x86)\yourfiledownloader\downloader.exe | 
"{9D210157-0FCC-438F-A7DE-AD9240489EA8}" = protocol=17 | dir=in | app=c:\users\re\appdata\roaming\dropbox\bin\dropbox.exe | 
"{A12739C8-66EE-42B4-B61B-C5DB660B3A3A}" = dir=in | app=c:\program files (x86)\hewlett-packard\hp support framework\resources\hpwarrantycheck\hpwarrantychecker.exe | 
"{A48D4682-0A69-4435-B012-3D8DBB8DA2E3}" = dir=in | app=c:\program files (x86)\windows live\mesh\moe.exe | 
"{A5C004DE-3A50-4BEB-A9B7-012A054E3A6D}" = dir=in | app=c:\program files (x86)\hewlett-packard\hp clouddrive\zumodrive.exe | 
"{A865058B-4C4E-467C-BFC6-03C1A14B8991}" = protocol=17 | dir=in | app=i:\softwares\tubedigger_4.6.3\tubedigger\tubedigger.exe | 
"{B0CB4640-37FC-4125-9414-C82F23C73AF0}" = protocol=17 | dir=in | app=c:\program files (x86)\yourfiledownloader\yourfile.exe | 
"{C2AC2D91-22F1-49BA-9B62-FEB7625645A9}" = protocol=6 | dir=in | app=c:\program files (x86)\hewlett-packard\mediasmart\roxionow\rnow.exe | 
"{C9D86E81-97C5-41C1-A761-5A83E0F0B55B}" = protocol=6 | dir=in | app=g:\jewelquestcollection-skidrow\iwin games\webupdater.exe | 
"{D43E644F-3467-4929-88F0-CAF75A134D9C}" = dir=out | app=h:\softwares\apowersoft.streaming.videorecorder.2.3.9\streaming video recorder\apowersoftplayer.dll | 
"{D4E4E106-5A4F-496A-8C03-B068C1918526}" = protocol=6 | dir=in | app=c:\users\re\appdata\roaming\dropbox\bin\dropbox.exe | 
"{D6EC3701-6736-4607-BA06-78988B6274E9}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe | 
"{D728A787-4DCE-4F17-A2E2-DBF70D18814B}" = dir=out | app=h:\softwares\apowersoft.streaming.videorecorder.2.3.9\streaming video recorder\apowersoftdump.dll | 
"{DAE8B96D-039B-4A84-B5B9-BFBAE56E965D}" = protocol=6 | dir=in | app=c:\program files (x86)\bonjour\mdnsresponder.exe | 
"{DD094397-E229-4A78-8692-DE86CDA47981}" = dir=out | app=h:\softwares\apowersoft.streaming.videorecorder.2.3.9\streaming video recorder\apowersoftac.dll | 
"{E58E4014-A0C2-4873-8F9F-701FAC6954A6}" = dir=in | app=c:\program files (x86)\windows live\messenger\msnmsgr.exe | 
"{E8BCFFAE-B42F-4E06-941B-F25E144AB685}" = protocol=58 | dir=out | name=@firewallapi.dll,-28546 | 
"{ECAC8F2E-8145-416D-B37F-3A17134F76C9}" = protocol=17 | dir=in | app=c:\program files (x86)\roxio\roxionow player\rnowshell.exe | 
"{EDDA6857-E2EA-48AA-979A-8E58ECE3E937}" = protocol=17 | dir=in | app=h:\softwares\bittorrent plus\bittorrent plus\bittorrent.exe | 
"{EE8AFE92-65F3-4019-ACB8-9A0EA2B32F3F}" = protocol=6 | dir=in | app=c:\program files (x86)\yourfiledownloader\downloader.exe | 
"{F6B5D8D3-D0C5-4807-A3B6-428AE2694C86}" = protocol=17 | dir=in | app=c:\program files (x86)\hewlett-packard\mediasmart\roxionow\rnow.exe | 
"{FA28AE2E-2E75-46BA-A934-10950F0BB1D3}" = protocol=17 | dir=in | app=g:\jewelquestcollection-skidrow\iwin games\webupdater.exe | 
"{FF0112BA-125A-4C04-BD76-E7C9B911C455}" = protocol=17 | dir=in | app=c:\users\re\appdata\local\google\google talk plugin\googletalkplugin.exe | 
"{FF38B5D2-9D6C-434C-8999-3C39D2016AAB}" = protocol=1 | dir=out | name=@firewallapi.dll,-28544 | 
"TCP Query User{2600EFAF-C383-48D3-A4E3-F418DE01ED37}C:\program files\java\jre6\bin\java.exe" = protocol=6 | dir=in | app=c:\program files\java\jre6\bin\java.exe | 
"TCP Query User{28EC567A-D4B5-4586-BD48-05D99AA7F24B}C:\users\re\appdata\roaming\dropbox\bin\dropbox.exe" = protocol=6 | dir=in | app=c:\users\re\appdata\roaming\dropbox\bin\dropbox.exe | 
"TCP Query User{460272EE-7E4A-4F17-94A4-65CD2C303578}C:\users\re\appdata\roaming\macromedia\flash player\www.macromedia.com\bin\octoshape\octoshape.exe" = protocol=6 | dir=in | app=c:\users\re\appdata\roaming\macromedia\flash player\www.macromedia.com\bin\octoshape\octoshape.exe | 
"TCP Query User{78B221DC-C3CA-41B3-B5E9-284E90B8754A}I:\softwares\onone perfect effects 3.0.2 + crack + reg\get your software here\crack\perfect effects\perfecteffects.exe" = protocol=6 | dir=in | app=i:\softwares\onone perfect effects 3.0.2 + crack + reg\get your software here\crack\perfect effects\perfecteffects.exe | 
"TCP Query User{8A4DEA25-DAFC-4F96-A630-D2AE7B746318}H:\softwares\apowersoft.streaming.videorecorder.2.3.9\streaming video recorder\streamingvideorecorder.exe" = protocol=6 | dir=in | app=h:\softwares\apowersoft.streaming.videorecorder.2.3.9\streaming video recorder\streamingvideorecorder.exe | 
"TCP Query User{99AC2F98-FBDA-4D03-95A9-6498615BED10}C:\program files\java\jre6\bin\java.exe" = protocol=6 | dir=in | app=c:\program files\java\jre6\bin\java.exe | 
"TCP Query User{D3301666-21AD-47DF-80A3-B71239B16C9A}C:\program files (x86)\electronic arts\eadm\core.exe" = protocol=6 | dir=in | app=c:\program files (x86)\electronic arts\eadm\core.exe | 
"TCP Query User{F9826693-9671-419F-B1DD-7CBF491AB561}C:\program files (x86)\1clickdownload\1clickdownloader.exe" = protocol=6 | dir=in | app=c:\program files (x86)\1clickdownload\1clickdownloader.exe | 
"UDP Query User{0F5EF317-0C25-414D-9C33-EEDA415248EB}C:\program files\java\jre6\bin\java.exe" = protocol=17 | dir=in | app=c:\program files\java\jre6\bin\java.exe | 
"UDP Query User{4F63235D-EA53-4D04-8985-CD88FC95AAB7}I:\softwares\onone perfect effects 3.0.2 + crack + reg\get your software here\crack\perfect effects\perfecteffects.exe" = protocol=17 | dir=in | app=i:\softwares\onone perfect effects 3.0.2 + crack + reg\get your software here\crack\perfect effects\perfecteffects.exe | 
"UDP Query User{A83C99B4-97F6-454D-A69A-724DC24071A4}C:\program files\java\jre6\bin\java.exe" = protocol=17 | dir=in | app=c:\program files\java\jre6\bin\java.exe | 
"UDP Query User{BF55AD6D-B7D6-4851-89E8-815390FFE031}H:\softwares\apowersoft.streaming.videorecorder.2.3.9\streaming video recorder\streamingvideorecorder.exe" = protocol=17 | dir=in | app=h:\softwares\apowersoft.streaming.videorecorder.2.3.9\streaming video recorder\streamingvideorecorder.exe | 
"UDP Query User{C0A576D6-C9F3-4F44-B851-5523EF619C7F}C:\program files (x86)\1clickdownload\1clickdownloader.exe" = protocol=17 | dir=in | app=c:\program files (x86)\1clickdownload\1clickdownloader.exe | 
"UDP Query User{E9EF0C87-39ED-4074-A53F-A767F54E17EF}C:\users\re\appdata\roaming\macromedia\flash player\www.macromedia.com\bin\octoshape\octoshape.exe" = protocol=17 | dir=in | app=c:\users\re\appdata\roaming\macromedia\flash player\www.macromedia.com\bin\octoshape\octoshape.exe | 
"UDP Query User{F4C11C76-165C-4558-93CA-C79A3F75FCE7}C:\users\re\appdata\roaming\dropbox\bin\dropbox.exe" = protocol=17 | dir=in | app=c:\users\re\appdata\roaming\dropbox\bin\dropbox.exe | 
"UDP Query User{F7E3AA77-8FC9-4B02-AA47-155FBFD31706}C:\program files (x86)\electronic arts\eadm\core.exe" = protocol=17 | dir=in | app=c:\program files (x86)\electronic arts\eadm\core.exe | 
 
========== HKEY_LOCAL_MACHINE Uninstall List ==========
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_MG6100_series" = Canon MG6100 series MP Drivers
"{13DCC2C7-454D-42F0-A892-E0E9A5DE4E67}" = HP Wireless Assistant
"{1B8ABA62-74F0-47ED-B18C-A43128E591B8}" = Windows Live ID Sign-in Assistant
"{1D8E6291-B0D5-35EC-8441-6616F567A0F7}" = Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219
"{224EC8DF-BC76-4CE4-32B8-4D174318F7ED}" = WMV9/VC-1 Video Playback
"{26A24AE4-039D-4CA4-87B4-2F86416022FF}" = Java™ 6 Update 22 (64-bit)
"{2856A1C2-70C5-4EC3-AFF7-E5B51E5530A2}" = HP Client Services
"{2CD65167-671F-49A3-B6C7-3B919DF028E2}_is1" = Streaming Video Recorder V2.3.9
"{40DB28C5-3C37-72E8-BE8F-82104E97EFCC}" = AMD Fuel
"{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148
"{4FFA2088-8317-3B14-93CD-4C699DB37843}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729
"{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161
"{656DEEDE-F6AC-47CA-A568-A1B4E34B5760}" = Windows Live Remote Service Resources
"{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}" = Microsoft Visual C++ 2005 Redistributable (x64)
"{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}" = Bonjour
"{6E53B80F-4137-5F27-B4C4-88641B1E7F10}" = ccc-utility64
"{7FBA6627-88F8-0AE0-9326-FB8488DD26E0}" = ATI Catalyst Install Manager
"{8220EEFE-38CD-377E-8595-13398D740ACE}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17
"{8338783A-0968-3B85-AFC7-BAAE0A63DC50}" = Microsoft Visual C++ 2008 Redistributable - KB2467174 - x64 9.0.30729.5570
"{847B0532-55E3-4AAF-8D7B-E3A1A7CD17E5}" = Windows Live Remote Client Resources
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{90140000-006D-0409-1000-0000000FF1CE}" = Microsoft Office Click-to-Run 2010
"{95120000-00B9-0409-1000-0000000FF1CE}" = Microsoft Application Error Reporting
"{9C98CA38-4C1A-4AC8-B55C-169497C8826B}" = Apple Mobile Device Support
"{9CD0F7D3-B67F-4BF8-8784-D73AD229FF1E}" = iTunes
"{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}" = Microsoft Visual C++ 2005 Redistributable (x64)
"{B31259CC-9A89-49BA-BB4F-3C4136A071E3}" = IconHandler 64 bit
"{CC4D56B7-6F18-470B-8734-ABCD75BCF4F1}" = HP Auto
"{D07A61E5-A59C-433C-BCBD-22025FA2287B}" = Windows Live Language Selector
"{DA54F80E-261C-41A2-A855-549A144F2F59}" = Windows Live MIME IFilter
"{DF6D988A-EEA0-4277-AAB8-158E086E439B}" = Windows Live Remote Client
"{E02A6548-6FDE-40E2-8ED9-119D7D7E641F}" = Windows Live Remote Service
"{F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}" = Microsoft .NET Framework 4 Client Profile
"{FF80C9D4-3F60-4344-83B7-BAE9DF8BC0E5}}_is1" = Romantic Photo version 2.00
"Broadcom 802.11 Wireless LAN Adapter" = Broadcom 802.11 Wireless LAN Adapter
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"SynTPDeinstKey" = Synaptics Pointing Device Driver
"WinRAR archiver" = WinRAR 4.10 (64-bit)
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"_{EAB6F4ED-B18D-4BF5-B18E-3C7921560EC4}" = Corel Painter Sketch Pad
"{0001B4FD-9EA3-4D90-A79E-FD14BA3AB01D}" = PDFCreator
"{00D6C191-50A2-4D9C-9285-1817D8420FB6}" = IPM
"{01FB4998-33C4-4431-85ED-079E3EEFE75D}" = LG CyberLink YouCam
"{06B7DE4D-9098-41AF-B0C0-D3129C72E483}" = Roads of Rome 2
"{075C2487-13ED-4F4A-9814-4C04061B8010}" = Road to Riches 2
"{07FA4960-B038-49EB-891B-9F95930AA544}" = HP Customer Experience Enhancements
"{08D2E121-7F6A-43EB-97FD-629B44903403}" = Microsoft_VC90_CRT_x86
"{0B0F231F-CE6A-483D-AA23-77B364F75917}" = Windows Live Installer
"{0C107330-16DF-4D39-AA74-0E5448AED9E8}" = HP Documentation
"{0EDEB615-1A60-425E-8306-0E10519C7B55}" = RoxioNow Player
"{0F44DC3A-6E62-4961-A14B-95323C512F9B}_is1" = EZDownloader
"{103F2C53-627F-4580-8496-550C93C0CA28}" = Rachels Retreat
"{120262A6-7A4B-4889-AE85-F5E5688D3683}" = HP MovieStore
"{143774AF-ED46-EF8E-A9C5-516D67A484C2}" = CCC Help Korean
"{14C8CE46-C68C-461B-BCA9-E276A85851C6}" = TuneUp Utilities 2014 (en-US)
"{15F5D2F1-7260-411A-A14C-DFA7130E03FD}_is1" = Slingo Supreme 2 version 2.0.0
"{16E963F9-7EC4-44D5-AEE0-2C920E4BCAB5}" = Legends of Atlantis - Exodus
"{17B8AC4D-9CAA-4823-9B4E-1818F6EE556D}" = AKVIS Sketch
"{19BA08F7-C728-469C-8A35-BFBD3633BE08}" = Windows Live Movie Maker
"{1E3745C1-674D-4B2E-B8F7-3F4088950ED7}_is1" = TubeDigger 4.6.3
"{1E68BBA0-F40D-4F7B-8E52-FEB6E1658825}" = Dangerous High School Girls
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{1F6AB0E7-8CDD-4B93-8A23-AA9EB2FEFCE4}" = Junk Mail filter update
"{1FBF6C24-C1FD-4101-A42B-0C564F9E8E79}" = LG Power Tools
"{200FEC62-3C34-4D60-9CE8-EC372E01C08F}" = Windows Live SOXE Definitions
"{204D6BB4-23D9-4FE8-A843-92D5354E1731}" = Safari Quest
"{264FE20A-757B-492a-B0C3-4009E2997D8A}" = PictureMover
"{26A24AE4-039D-4CA4-87B4-2F83216035FF}" = Java™ 6 Update 35
"{26A24AE4-039D-4CA4-87B4-2F83217025FF}" = Java 7 Update 25
"{28B8E509-8E2A-A274-B59F-1D892778CBB6}" = CCC Help Chinese Traditional
"{28C2DED6-325B-4CC7-983A-1777C8F7FBAB}" = RealUpgrade 1.1
"{2902F983-B4C1-44BA-B85D-5C6D52E2C441}" = Windows Live Mesh ActiveX Control for Remote Connections
"{2A1A80FB-8ACA-4215-B8EE-A1D1DE15B7DA}" = Burger Bustle
"{2C93DDCA-E6BB-977B-8C55-724C1DA25C21}" = CCC Help Norwegian
"{2CD65167-671F-49A3-B6C7-3B919DF028E2}_is1" = Streaming Video Recorder V4.6.3
"{2F7D5734-056F-4A0A-A1C7-CA1AAE5BB1EB}" = Angry Birds
"{2FA94A64-C84E-49d1-97DD-7BF06C7BBFB2}.WildTangent Games App" = Update Installer for WildTangent Games App
"{30762A4B-6363-4867-93EA-096E93502776}" = Photo Mania
"{30DDA988-6BCC-8B14-E0BB-026DA821EC23}" = CCC Help Czech
"{311295C1-80F9-D8B6-06E4-5CBD2492460E}" = CCC Help Dutch
"{31F5FE0F-7B42-4A35-8F27-73516AACA08F}" = FreeRIP Toolbar v8.8
"{3336F667-9049-4D46-98B6-4C743EEBC5B1}" = Windows Live Photo Gallery
"{3362E24F-24E8-4292-A5B5-828514A18C19}" = Autumn's Treasures - The Jade Coin
"{339E7318-41B9-467B-B80E-29C46548CE2F}" = Mahjongg Dimensions Deluxe 2 - Tiles in Time
"{34A59718-E873-CE8E-718C-D56B341DD14D}" = CCC Help German
"{34D22F30-8921-44DA-8E58-0C2B6FB73492}" = Plex Media Server
"{34F4D9A4-42C2-4348-BEF4-E553C84549E7}" = Windows Live Photo Gallery
"{371794E8-423C-52DD-ED06-9385469EA274}" = CCC Help Swedish
"{38234F89-D76F-4E40-889B-2983C72479CC}" = Mahjong World Contest
"{3877C901-7B90-4727-A639-B6ED2DD59D43}" = ESU for Microsoft Windows 7
"{39EAEE16-AF24-CF47-3BD1-7B048A5DABD3}" = CCC Help English
"{3A787631-66A2-4634-B928-A37E73B58FB6}" = Slick Savings
"{3B834B54-EC4B-48E2-BFC6-03FF5DA06F62}" = Adobe Shockwave Player 11.5
"{3B8DC054-F4FD-4CBE-A308-5E196E36229F}" = Stand O Food 2
"{3C3D696B-0DB7-3C6D-A356-3DB8CE541918}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729
"{3C7F25C6-6BCB-7F39-BC81-48A8B5F38EDD}" = CCC Help French
"{3F2A323E-60C4-41E8-8CCB-9715D1D750C3}" = Angry Birds Space
"{3FE1B94B-FB1C-1AF3-4DC2-EB5F4DB56A30}" = CCC Help Chinese Standard
"{40BF1E83-20EB-11D8-97C5-0009C5020658}" = LG CyberLink Power2Go
"{40D793D4-FF24-4832-9E46-76CC3E607532}" = Old Clockmakers Riddle
"{41101F0C-DBD9-321C-A6B1-E0689B495A4E}" = Google Talk Plugin
"{45160C56-61F6-468D-A5B0-9FAE2C3E68D6}" = Catalyst Control Center - Branding
"{456D64EB-7E2A-FF45-EFA9-439EB529A105}" = CCC Help Greek
"{476D78C4-1DB0-2D88-7FCC-AA6559F59A8D}" = websave
"{4798F9E7-BE3A-3EBF-BDF2-6751C8C38503}" = CCC Help Italian
"{4820778D-AB0D-6D18-C316-52A6A0E1D507}" = YoutubeAdblocker
"{497DAA8A-F5D2-49BD-9030-25FFE5766BA6}" = Color by Number 4
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{4C7E4BBA-B96F-47EA-8721-B20114A294E5}" = Island Defense
"{4D634FB6-42BB-42AB-A37A-DCFF95CD654D}" = Angry Birds Rio
"{501451DE-5808-4599-B544-8BD0915B6B24}_is1" = FreeRIP MP3 Converter 4.4
"{504CC891-B140-4E1B-860B-5E4C1DFBA9E3}" = Blio
"{505A1FCE-41F6-428A-A7D9-CCB541628B70}" = Trade Mania 2
"{5184A194-BA95-0411-A13C-468097CD4A06}" = Catalyst Control Center InstallProxy
"{53B17A98-5BF0-40BC-AAFF-850A357975AC}" = HP Quick Launch
"{53C49C8D-DFB2-42B9-A7EF-0F9CA386CC13}" = IHA_MessageCenter
"{553C904F-57A2-4113-888E-BA0C3D1C69C0}" = Microsoft VC9 runtime libraries
"{560985FB-4B76-4121-9189-7A2CDC7886D6}" = Kaspersky Anti-Virus 2013
"{579684A4-DDD5-4CA3-9EA8-7BE7D9593DB4}" = Windows Live UX Platform Language Pack
"{58327844-EEAB-8C79-CA64-6C3623DEF11B}" = CCC Help Polish
"{5B7A8010-41AE-4811-ADA4-D49E648884C2}_is1" = Image Cartoonizer version 3.5.0
"{5BD093B2-58E6-467D-99E4-E88A5FFC412C}" = Painter Sketch Pad
"{601E6B37-4FF1-FC93-F48F-F73D29040AD4}" = CCC Help Japanese
"{612C34C7-5E90-47D8-9B5C-0F717DD82726}" = swMSM
"{61EDBE71-5D3E-4AB7-AD95-E53FEAF68C17}" = Bing Rewards Client Installer
"{675D093B-815D-47FD-AB2C-192EC751E8E2}" = HP Software Framework
"{682B3199-76C3-4745-B7AE-FC13F6676421}_is1" = Pavtube Video Converter Ultimate Ver 4.5.0.5225
"{682B3E4F-696A-42DE-A41C-4C07EA1678B4}" = Windows Live SOXE
"{6C1E7AA1-44E9-446D-AAB2-0DE6D9EFEAB1}" = Safari
"{6D308A90-6C14-4A02-9B04-CB0EF17894A9}_is1" = Picture Collage Maker Pro 4.0.5
"{6D7322B8-EDCF-41C3-A3D7-A11E7BE97657}" = Kingdom Chronicles Collectors Edition
"{6F340107-F9AA-47C6-B54C-C3A19F11553F}" = Hewlett-Packard ACLM.NET v1.2.2.3
"{70B446D1-E03B-4ab0-9B3C-0832142C9AA8}.WildTangent Games App-hp" = WildTangent Games App (HP Games)
"{70B446D1-E03B-4ab0-9B3C-0832142C9AA8}.WildTangent Games App-wildgames" = WildTangent Games App
"{710870E4-16ED-AC81-71CF-8941963E0776}" = Catalyst Control Center Localization All
"{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable
"{72737A9E-FAC6-01F9-C0F3-88F6DB538607}" = CCC Help Russian
"{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable
"{72F6D9F1-98C4-473F-A540-ECDCEB6D3D76}" = Registration
"{74BC7215-538D-453E-910B-03B22FDD5048}" = The Secret of Margrave Manor Remastered
"{74EB3499-8B95-4B5C-96EB-7B342F3FD0C6}" = Adobe Photoshop CS6
"{770657D0-A123-3C07-8E44-1C83EC895118}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
"{7770E71B-2D43-4800-9CB3-5B6CAAEBEBEA}" = RealNetworks - Microsoft Visual C++ 2008 Runtime
"{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}" = Apple Software Update
"{78E5E045-D6EB-57CD-02F8-F55E79882790}" = CCC Help Danish
"{7C27218C-912B-4B0E-9B6E-E87A6DFD84F7}" = Perfect Effects 3
"{802C068E-0576-4F25-8137-D54B7DB0FC5E}" = HP Setup
"{80956555-A512-4190-9CAD-B000C36D6B6B}" = Windows Live Messenger
"{81BF6D78-485A-4B75-AFA6-F58C254DEAFB}" = My Kingdom For The Princess 3
"{837b34e3-7c30-493c-8f6a-2b0f04e2912c}" = Microsoft Visual C++ 2005 Redistributable
"{83C292B7-38A5-440B-A731-07070E81A64F}" = Windows Live PIMT Platform
"{86CE85E6-DBAC-3FFD-B977-E4B79F83C909}" = Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570
"{8833FFB6-5B0C-4764-81AA-06DFEED9A476}" = Realtek Ethernet Controller Driver
"{8BE8CC83-C423-BF43-C1A0-9C072E3785B7}" = ccc-core-static
"{8C6D6116-B724-4810-8F2D-D047E6B7D68E}" = Mesh Runtime
"{8DD46C6A-0056-4FEC-B70A-28BB16A1F11F}" = MSVCRT
"{9008D736-35CA-40DB-A2BE-5F32D954E5AA}" = HP MovieStore
"{90140011-0066-0409-0000-0000000FF1CE}" = Microsoft Office Starter 2010 - English
"{92D58719-BBC1-4CC3-A08B-56C9E884CC2C}" = Microsoft_VC80_CRT_x86
"{92EA4134-10D1-418A-91E1-5A0453131A38}" = Windows Live Movie Maker
"{933B4015-4618-4716-A828-5289FC03165F}" = VC80CRTRedist - 8.0.50727.6195
"{95140000-0070-0000-0000-0000000FF1CE}" = Microsoft Office 2010
"{95140000-00AF-0409-0000-0000000FF1CE}" = Microsoft PowerPoint Viewer
"{98104679-F049-42F9-8EF4-79837E34AA16}" = The Apprentice - Los Angeles
"{99C91FC5-DB5B-4AA0-BB70-5D89C5A4DF96}" = Software Version Updater
"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
"{9D56775A-93F3-44A3-8092-840E3826DE30}" = Windows Live Mail
"{9F576D1C-99D7-4FBD-8859-56E9DE4AB68B}_is1" = Karaoki
"{A0C91188-C88F-4E86-93E6-CD7C9A266649}" = Windows Live Mesh
"{A49F249F-0C91-497F-86DF-B2585E8E76B7}" = Microsoft Visual C++ 2005 Redistributable
"{A4E1823E-7295-4AEA-9838-D8B47BB7AC77}" = Hero of the Kingdom
"{A4ECF10E-8914-4E29-9E48-8BE2F57558DC}" = ResumeMaker
"{A726AE06-AAA3-43D1-87E3-70F510314F04}" = Windows Live Writer
"{A7F20F74-5989-4E1B-98BB-09EAC5C9D3E9}" = Foxit PhantomPDF
"{A83279FD-CA4B-4206-9535-90974DE76654}" = Apple Application Support
"{A8B0DBDE-8119-48B0-8088-D12DA01C36BA}" = DownloadnSave
"{A9BDCA6B-3653-467B-AC83-94367DA3BFE3}" = Windows Live Photo Common
"{AAAFC670-569B-4A2F-82B4-42945E0DE3EF}" = Windows Live Writer
"{AAECF7BA-E83B-4A10-87EA-DE0B333F8734}" = RealNetworks - Microsoft Visual C++ 2010 Runtime
"{AAF454FC-82CA-4F29-AB31-6A109485E76E}" = Windows Live Writer
"{AC76BA86-7AD7-FFFF-7B44-A91000000001}" = Adobe Reader 9.5.5 MUI
"{ADD5DB49-72CF-11D8-9D75-000129760D75}" = LG CyberLink PowerBackup
"{AE856388-AFAD-4753-81DF-D96B19D0A17C}" = HP Setup Manager
"{AEAB754A-426C-4738-89C1-52FCB389FCDF}" = calibre
"{AF237089-6533-41D3-9AC2-6A09ED9BAD95}_is1" = A Gnomes Home The Great Crystal Crusade version 1.5
"{B03954CC-E130-4E57-BC83-869978685902}" = LG United Mobile Drivers
"{B0F8AE7B-4954-4C22-941E-DA3AE6F687C6}" = Paris Mahjong
"{B35FC82A-6C05-45B0-DDE5-8DF62422E703}" = CCC Help Turkish
"{BD1A34C9-4764-4F79-AE1F-112F8C89D3D4}" = Energy Star Digital Logo
"{BD3F5161-C40B-CA50-F82A-1F4417EE722D}" = CCC Help Spanish
"{BFEAAE77-BD7F-4534-B286-9C5CB4697EB1}" = PDF Settings CS6
"{C05D8CDB-417D-4335-A38C-A0659EDFD6B8}" = The Sims™ 3
"{C0BD6A24-3110-E1DE-45B2-C7FC14F4DC76}" = CCC Help Thai
"{C1594429-8296-4652-BF54-9DBE4932A44C}" = Realtek PCIE Card Reader
"{C59C179C-668D-49A9-B6EA-0121CCFC1243}" = LG CyberLink LabelPrint
"{C66824E4-CBB3-4851-BB3F-E8CFD6350923}" = Windows Live Mail
"{C670DCAE-E392-AA32-6F42-143C7FC4BDFD}" = SNT
"{C7231F7C-6530-4E65-ADA6-5B392CF5BEB1}" = Recovery Manager
"{CAF1F2C2-906A-43BF-9BFF-5CB78296E8A6}" = Treasures Of The Ancient Cavern
"{CCA5EAAD-92F4-4B7A-B5EE-14294C66AB61}" = PlayReady PC Runtime x86
"{CCD75214-9D84-47D8-9F70-C4540F7D1D97}" = Deal Or No Deal
"{CE95A79E-E4FC-4FFF-8A75-29F04B942FF2}" = Windows Live UX Platform
"{D0B44725-3666-492D-BEF6-587A14BD9BD9}" = MSVCRT_amd64
"{D436F577-1695-4D2F-8B44-AC76C99E0002}" = Windows Live Photo Common
"{D4414765-E8CD-518B-91E8-FA7C76CD2AE2}" = CCC Help Hungarian
"{D45240D3-B6B3-4FF9-B243-54ECE3E10066}" = Windows Live Communications Platform
"{D8BCE5B9-67CF-4F3F-93AE-3ACC754C72EB}" = HP Power Manager
"{DC6B510F-7EA2-8171-55E0-6A76B46CA17D}" = CCC Help Portuguese
"{DDC8BDEE-DCAC-404D-8257-3E8D4B782467}" = Windows Live Writer Resources
"{DDDA784F-1F6F-4ECA-B432-EBE0374C322D}" = Angry Birds Star Wars
"{DECDCB7C-58CC-4865-91AF-627F9798FE48}" = Windows Live Mesh
"{E09C4DB7-630C-4F06-A631-8EA7239923AF}" = D3DX10
"{e0ddf2be-025d-48b0-b17f-c5bb4d6d13de}" = Plex Media Server
"{E35A3B13-78CD-4967-8AC8-AA9FDA693EDE}" = HP Support Assistant
"{E3A5A8AB-58F6-45FF-AFCB-C9AE18C05001}" = IDT Audio
"{E3E71D07-CD27-46CB-8448-16D4FB29AA13}" = Microsoft WSE 3.0 Runtime
"{E5B7E1B4-21FC-6765-A3D7-BA0416DC6AF7}" = EbookBoroowsea
"{E7562F88-BDCC-44D3-9C6B-313FC43052B7}" = IconHandler 32 bit
"{EA17F4FC-FDBF-4CF8-A529-2D983132D053}" = Skype™ 6.0
"{EA1FAE0F-2354-4E32-B423-ABAE8E358F91}" = RealDownloader
"{EAB6F4ED-B18D-4BF5-B18E-3C7921560EC4}" = Corel SketchPad - ICA
"{EB120C5A-42D2-C901-FF0C-D0DBDD07E9BD}" = Catalyst Control Center Graphics Previews Common
"{EB4DF488-AAEF-406F-A341-CB2AAA315B90}" = Windows Live Messenger
"{EC93CB74-360F-4616-8686-F3E3FFF29BFD}_is1" = Wondershare PDF to EPUB (Build 3.0.0)
"{ED1BD69A-07E3-418C-91F1-D856582581BF}" = HP On Screen Display
"{EDA2E9CA-8B7E-4BC0-9B0F-34B299555BF3}" = Retail Virtual EVE
"{EEF4EAB8-D049-FD0A-02BD-F9F42C49551F}" = CCC Help Finnish
"{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}" = Microsoft SQL Server 2005 Compact Edition [ENU]
"{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}" = Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219
"{F8024EB8-5B34-46FE-B15D-20ACF26FC20E}" = Hoyle Puzzle and Board Games
"{FA8BFB25-BF48-4F8B-8859-B30810745190}" = LightScribe System Software
"{FE044230-9CA5-43F7-9B58-5AC5A28A1F33}" = Windows Live Essentials
"{FE8D473A-6F06-4F99-B5F4-BED72B2A038C}" = TuneUp Utilities 2014
"{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022
"{FF6DD716-7B10-4269-9F19-FFB07AC4CD95}" = Bing Bar
"007 DVD Copy_is1" = 007 DVD Copy
"1 Penguin 100 Cases 1.00" = 1 Penguin 100 Cases 1.00
"1ClickDownloader" = 1ClickDownloader
"ActionBible™" = ActionBible™ 1.7.5
"Adobe Flash Player ActiveX" = Adobe Flash Player 12 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 12 Plugin
"Adobe Shockwave Player" = Adobe Shockwave Player 11.6
"Aerie Spirit of the Forest 1.00" = Aerie Spirit of the Forest 1.00
"Aimersoft iPod Copy Manager_is1" = Aimersoft iPod Copy Manager(Build 2.0.16)
"Aimersoft iTransfer_is1" = Aimersoft iTransfer(Build 2.0.0.1)
"AllGamesHome Toolbar" = AllGamesHome Toolbar
"Amelies Cafe Halloween" = Amelies Cafe Halloween
"Ancient Rome_is1" = Ancient Rome
"AOL Toolbar" = AOL Toolbar
"Autumn's Treasures - The Jade Coin" = Autumn's Treasures - The Jade Coin
"AV Voice Changer" = AV Voice Changer 6
"Aztec Tribe" = Aztec Tribe
"Be a King 2 1.2.0" = Be a King 2 1.2.0
"BeadTool 4_is1" = BeadTool 4.4.28
"BFGC" = Big Fish Games: Game Manager
"BFG-City Style" = City Style
"Big City Adventure Paris 1.00" = Big City Adventure Paris 1.00
"Bigfish Games Miss Management1.0" = Bigfish Games Miss Management
"Bomber Mario_is1" = Bomber Mario
"C70657DC-2D7E-482C-9214-3EBC75485346" = Amazing Adventures
"Cake Mania To the Max 1.00" = Cake Mania To the Max 1.00
"Cathys Caribbean Club_is1" = Cathys Caribbean Club
"Charm Tale QuestFinal" = Charm Tale Quest
"Chronicles of Albian 2 - The Magic Conventionv1.130403" = Chronicles of Albian 2 - The Magic Convention
"Civitas3" = Grand Ages Rome 1.02
"CloneDVD2" = CloneDVD2
"Cocktail Mania Final" = Cocktail Mania Final
"Coffee Rush 2 1.00" = Coffee Rush 2 1.00
"Costume Chaos 1.00" = Costume Chaos 1.00
"Crime and Punishment - Who Framed Raskolnikov Final" = Crime and Punishment - Who Framed Raskolnikov Final
"Crime Solitairev1.04.1" = Crime Solitaire
"CuteDJ_is1" = CuteDJ 4.2.8.0
"DBBEAD" = DB-BEAD
"DivX Setup" = DivX Setup
"Dora Saves the Crystal Kingdom! 1.00" = Dora Saves the Crystal Kingdom! 1.00
"Downandsave" = Downandsave
"DVD-Cloner 2014_is1" = DVD-Cloner V11.10 Build 1302
"DVDFab 8 Qt_is1" = DVDFab 8.1.6.8 (17/03/2012) Qt
"EADM" = EA Download Manager
"Effective-English_is1" = Effective-English v1.1.0.34
"Enchanted Cavern 2 1.00" = Enchanted Cavern 2 1.00
"FaceOffMax" = Face Off Max
"Farm Tribe 2Final" = Farm Tribe 2
"Foreign Dreamsv1.0" = Foreign Dreams
"Free Video to Mp3 Converter_is1" = Free Video to Mp3 Converter version 2.8
"Fruit Farm" = Fruit Farm
"Green City 2v1.0" = Green City 2
"Heroes Of Hellas 1.00" = Heroes Of Hellas 1.00
"Hidden World" = Hidden World
"HuygensSuite410p6" = Huygens Suite (remove only)
"InstallShield_{01FB4998-33C4-4431-85ED-079E3EEFE75D}" = LG CyberLink YouCam
"InstallShield_{1FBF6C24-C1FD-4101-A42B-0C564F9E8E79}" = LG Power Tools
"InstallShield_{40BF1E83-20EB-11D8-97C5-0009C5020658}" = LG CyberLink Power2Go
"InstallShield_{C59C179C-668D-49A9-B6EA-0121CCFC1243}" = LG CyberLink LabelPrint
"InstallWIX_{560985FB-4B76-4121-9189-7A2CDC7886D6}" = Kaspersky Anti-Virus 2013
"Island Tribe 4Final" = Island Tribe 4
"iWinArcade" = iWin Games (remove only)
"Jewel Legends Atlantis 1.00" = Jewel Legends Atlantis 1.00
"Jewel Quest" = Jewel Quest (remove only)
"Jewel Quest 2" = Jewel Quest 2 (remove only)
"Jewel Quest Solitaire" = Jewel Quest Solitaire (remove only)
"Jewel Quest Solitaire II" = Jewel Quest Solitaire II (remove only)
"Jigsaw Puzzle - Gold Collection_is1" = Jigsaw Puzzle - Gold Collection
"JiPS - Jigsaw Ship PuzzlesFinal" = JiPS - Jigsaw Ship Puzzles
"JOCDL" = Jewels of Cleopatra (remove only)
"Julias Quest - United Kingdom" = Julias Quest - United Kingdom
"KaraFun_is1" = KaraFun 1.16a
"Kvisoft FlipBook Maker_is1" = Kvisoft FlipBook Maker 2.8.1
"Lara Gates - The Lost Talismanv1.5.0.0" = Lara Gates - The Lost Talisman
"Life Quest" = Life Quest
"Lotto Pro" = Lotto Pro
"Mall Tycoon 3" = Mall Tycoon 3
"Malwarebytes' Anti-Malware_is1" = Malwarebytes Anti-Malware version 1.60.1.1000
"ManyCam" = ManyCam 2.6.55 (remove only)
"Megaplex Madness - Summer Blockbuster1.0" = Megaplex Madness - Summer Blockbuster
"Mobogenie" = Mobogenie
"Mozilla Firefox 16.0.2 (x86 en-US)" = Mozilla Firefox 16.0.2 (x86 en-US)
"MozillaMaintenanceService" = Mozilla Maintenance Service
"My Farm Life 2" = My Farm Life 2
"My Kingdom for the Princess 1.0.0.0" = My Kingdom for the Princess 1.0.0.0
"My Kingdom for the Princess 2 1.1" = My Kingdom for the Princess 2 1.1
"New Yankee in King Arthur's Court" = New Yankee in King Arthur's Court
"Northern Tale 2 [UPDATED]Final" = Northern Tale 2 [UPDATED]
"Office14.Click2Run" = Microsoft Office Click-to-Run 2010
"OpenAL" = OpenAL
"Photo DVD Slideshow Professional" = Photo DVD Slideshow Pro 8.07
"PlatinumHideIP" = Platinum Hide IP
"Price Check by AOL" = Price Check by AOL
"RealPlayer 16.0" = RealPlayer
"Rescue Team" = Rescue Team
"Rescue Team 2" = Rescue Team 2
"Road to Riches1.0" = Road to Riches
"S-975730335" = WS-Booster
"Slingo Supreme 1.0.0.103" = Slingo Supreme 1.0.0.103
"SoftwareUpdUtility" = Download Updater (AOL Inc.)
"Stand O'Food 1.00" = Stand O'Food 1.00
"SWF & FLV Player_is1" = SWF & FLV Player 3.0 (build 3.0.33.5106)
"Textaizer Pro_is1" = Textaizer Pro v4.3
"The Treasures of Montezuma 1.0" = The Treasures of Montezuma 1.0
"The Treasures of Montezuma 2_is1" = The Treasures of Montezuma 2
"Tipard PDF ePub Converter_is1" = Tipard PDF ePub Converter
"Travel Agency_is1" = Travel Agency
"Tunes Jungle Adventure_is1" = Tunes Jungle Adventure
"TuneUp Utilities" = TuneUp Utilities 2014
"verizontb" = Verizon Toolbar
"Virtual Villagers" = Virtual Villagers (remove only)
"VzInHomeAgent" = Vz In-Home Agent
"Weather Lord - Hidden Realmv1.0" = Weather Lord - Hidden Realm
"Wedding Salon 1.00" = Wedding Salon 1.00
"WildTangent hp Master Uninstall" = HP Games
"WinDjView" = WinDjView 1.0.3
"Windows Searchqu Toolbar" = Windows iLivid Toolbar
"WinLiveSuite" = Windows Live Essentials
"WT087328" = Blackhawk Striker 2
"WT087330" = Bounce Symphony
"WT087335" = Build-a-lot 2
"WT087343" = Dora's World Adventure
"WT087360" = Escape Rosecliff Island
"WT087361" = FATE
"WT087362" = Final Drive Nitro
"WT087372" = Heroes of Hellas 2 - Olympia
"WT087379" = Jewel Quest Solitaire 2
"WT087394" = Penguins!
"WT087395" = Poker Superstars III
"WT087396" = Polar Bowler
"WT087397" = Polar Golfer
"WT087414" = Virtual Families
"WT087415" = Wheel of Fortune 2
"WT087428" = Bejeweled 2 Deluxe
"WT087453" = Chuzzle Deluxe
"WT087501" = Plants vs. Zombies
"WT087533" = Zuma Deluxe
"WT087536" = Diner Dash 2 Restaurant Rescue
"WT089299" = Mystery P.I. - The London Caper
"WT089307" = Virtual Villagers 4 - The Tree of Life
"WT089308" = Blasterball 3
"WT089328" = Farm Frenzy
"WT089359" = Cake Mania
"WT089362" = Agatha Christie - Peril at End House
"Xilisoft PDF to EPUB Converter" = Xilisoft PDF to EPUB Converter
"Xvid Video Codec 1.3.1" = Xvid Video Codec
"Yucatanv1.0.0.106" = Yucatan
"ZumoDrive" = HP CloudDrive
"Свадебный салон" = Свадебный салон
"Святой. Бездна отчаяния" = Святой. Бездна отчаяния
 
========== HKEY_CURRENT_USER Uninstall List ==========
 
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"AOL Toolbar" = AOL Toolbar
"Dropbox" = Dropbox
"Google Chrome" = Google Chrome
"Octoshape add-in for Adobe Flash Player" = Octoshape add-in for Adobe Flash Player
"oDVT" = oDesk Team
"YourFileDownloader" = YourFileDownloader
"Zipeg" = Zipeg
 
========== Last 20 Event Log Errors ==========
 
[ Application Events ]
Error - 3/12/2014 10:37:20 AM | Computer Name = Re-HP | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: m->NextScheduledSPRetry 19968674
 
Error - 3/12/2014 10:37:21 AM | Computer Name = Re-HP | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: Continuously busy for more than a second
 
Error - 3/12/2014 10:37:21 AM | Computer Name = Re-HP | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: m->NextScheduledEvent 19970015
 
Error - 3/12/2014 10:37:21 AM | Computer Name = Re-HP | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: m->NextScheduledSPRetry 19970015
 
Error - 3/12/2014 10:37:22 AM | Computer Name = Re-HP | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: Continuously busy for more than a second
 
Error - 3/12/2014 10:37:22 AM | Computer Name = Re-HP | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: m->NextScheduledEvent 19971248
 
Error - 3/12/2014 10:37:22 AM | Computer Name = Re-HP | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: m->NextScheduledSPRetry 19971248
 
Error - 3/12/2014 10:37:24 AM | Computer Name = Re-HP | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: Continuously busy for more than a second
 
Error - 3/12/2014 10:37:24 AM | Computer Name = Re-HP | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: m->NextScheduledEvent 19972558
 
Error - 3/12/2014 10:37:24 AM | Computer Name = Re-HP | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: m->NextScheduledSPRetry 19972558
 
[ Hewlett-Packard Events ]
Error - 10/15/2012 5:03:56 PM | Computer Name = Re-HP | Source = hpsa_service.exe | ID = 2000
Description = HP Error ID: -2146233088   at HP.ActiveCheckLocalMode.SessionManager.ActiveCheckManager.UpdateAndDetect()
 
   at HP.SupportAssistant.Service.ACLM.ActiveCheck.LaunchActiveCheck(Boolean singleScan,
 Boolean localScan)  Message: One HP Active Check Local Mode job already running.  StackTrace:
   at HP.ActiveCheckLocalMode.SessionManager.ActiveCheckManager.UpdateAndDetect()
 
   at HP.SupportAssistant.Service.ACLM.ActiveCheck.LaunchActiveCheck(Boolean singleScan,
 Boolean localScan)  Source: HP.ActiveCheckLocalMode.SessionManager    Name: hpsa_service.exe
Version:
 06.00.01.01  Path: C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe
Format:
 en-US  RAM: 3834  Ram Utilization: 60  TargetSite: Void UpdateAndDetect()  
 
Error - 10/22/2012 4:12:48 PM | Computer Name = Re-HP | Source = hpsa_service.exe | ID = 2000
Description = HP Error ID: -2146233088   at HP.ActiveCheckLocalMode.SessionManager.ActiveCheckManager.UpdateAndDetect()
 
   at HP.SupportAssistant.Service.ACLM.ActiveCheck.LaunchActiveCheck(Boolean singleScan,
 Boolean localScan)  Message: One HP Active Check Local Mode job already running.  StackTrace:
   at HP.ActiveCheckLocalMode.SessionManager.ActiveCheckManager.UpdateAndDetect()
 
   at HP.SupportAssistant.Service.ACLM.ActiveCheck.LaunchActiveCheck(Boolean singleScan,
 Boolean localScan)  Source: HP.ActiveCheckLocalMode.SessionManager    Name: hpsa_service.exe
Version:
 06.00.01.01  Path: C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe
Format:
 en-US  RAM: 3834  Ram Utilization: 80  TargetSite: Void UpdateAndDetect()  
 
Error - 10/28/2012 6:14:41 AM | Computer Name = Re-HP | Source = HPSF.exe | ID = 4000
Description = 
 
Error - 10/29/2012 3:03:46 PM | Computer Name = Re-HP | Source = hpsa_service.exe | ID = 2000
Description = HP Error ID: -2146233088   at HP.ActiveCheckLocalMode.SessionManager.ActiveCheckManager.UpdateAndDetect()
 
   at HP.SupportAssistant.Service.ACLM.ActiveCheck.LaunchActiveCheck(Boolean singleScan,
 Boolean localScan)  Message: One HP Active Check Local Mode job already running.  StackTrace:
   at HP.ActiveCheckLocalMode.SessionManager.ActiveCheckManager.UpdateAndDetect()
 
   at HP.SupportAssistant.Service.ACLM.ActiveCheck.LaunchActiveCheck(Boolean singleScan,
 Boolean localScan)  Source: HP.ActiveCheckLocalMode.SessionManager    Name: hpsa_service.exe
Version:
 06.00.01.01  Path: C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe
Format:
 en-US  RAM: 3834  Ram Utilization: 70  TargetSite: Void UpdateAndDetect()  
 
Error - 11/5/2012 9:18:06 PM | Computer Name = Re-HP | Source = hpsa_service.exe | ID = 2000
Description = HP Error ID: -2146233088   at HP.ActiveCheckLocalMode.SessionManager.ActiveCheckManager.UpdateAndDetect()
 
   at HP.SupportAssistant.Service.ACLM.ActiveCheck.LaunchActiveCheck(Boolean singleScan,
 Boolean localScan)  Message: One HP Active Check Local Mode job already running.  StackTrace:
   at HP.ActiveCheckLocalMode.SessionManager.ActiveCheckManager.UpdateAndDetect()
 
   at HP.SupportAssistant.Service.ACLM.ActiveCheck.LaunchActiveCheck(Boolean singleScan,
 Boolean localScan)  Source: HP.ActiveCheckLocalMode.SessionManager    Name: hpsa_service.exe
Version:
 06.00.01.01  Path: C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe
Format:
 en-US  RAM: 3834  Ram Utilization: 60  TargetSite: Void UpdateAndDetect()  
 
Error - 11/19/2012 6:21:21 PM | Computer Name = Re-HP | Source = hpsa_service.exe | ID = 2000
Description = HP Error ID: -2146233088   at HP.ActiveCheckLocalMode.SessionManager.ActiveCheckManager.UpdateAndDetect()
 
   at HP.SupportAssistant.Service.ACLM.ActiveCheck.LaunchActiveCheck(Boolean singleScan,
 Boolean localScan)  Message: One HP Active Check Local Mode job already running.  StackTrace:
   at HP.ActiveCheckLocalMode.SessionManager.ActiveCheckManager.UpdateAndDetect()
 
   at HP.SupportAssistant.Service.ACLM.ActiveCheck.LaunchActiveCheck(Boolean singleScan,
 Boolean localScan)  Source: HP.ActiveCheckLocalMode.SessionManager    Name: hpsa_service.exe
Version:
 06.00.01.01  Path: C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe
Format:
 en-US  RAM: 3834  Ram Utilization: 60  TargetSite: Void UpdateAndDetect()  
 
Error - 11/26/2012 4:49:00 PM | Computer Name = Re-HP | Source = HPSF.exe | ID = 2000
Description = HP Error ID: -2147467261   at HP.SupportFramework.Utilities.HPSAIssues.ActionItemCollection.loadActiveCheckResult(Boolean
 includeIgnored)  Message: Object reference not set to an instance of an object.  StackTrace:
   at HP.SupportFramework.Utilities.HPSAIssues.ActionItemCollection.loadActiveCheckResult(Boolean
 includeIgnored)  Source: HP.SupportFramework.Utilities    Name: HPSF.exe  Version: 07.00.01.01
Path:
 C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe  Format: en-US
RAM:
 3834  Ram Utilization: 70  TargetSite: Void loadActiveCheckResult(Boolean)  
 
Error - 11/26/2012 4:49:01 PM | Computer Name = Re-HP | Source = HPSF.exe | ID = 2000
Description = HP Error ID: -2147467261HPSF.exe   at HP.SupportFramework.Utilities.HPSAIssues.ActionItemCollection.loadActiveCheckResult(Boolean
 includeIgnored)  Message: Object reference not set to an instance of an object.  StackTrace:
   at HP.SupportFramework.Utilities.HPSAIssues.ActionItemCollection.loadActiveCheckResult(Boolean
 includeIgnored)  Source: HP.SupportFramework.Utilities    Name: HPSF.exe  Version: 07.00.01.01
Path:
 C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe  Format: en-US
RAM:
 3834  Ram Utilization: 70  TargetSite: Void loadActiveCheckResult(Boolean)  
 
Error - 11/26/2012 5:49:14 PM | Computer Name = Re-HP | Source = HPSF.exe | ID = 2000
Description = HP Error ID: -2147467261   at HP.SupportFramework.Utilities.HPSAIssues.ActionItemCollection.loadActiveCheckResult(Boolean
 includeIgnored)  Message: Object reference not set to an instance of an object.  StackTrace:
   at HP.SupportFramework.Utilities.HPSAIssues.ActionItemCollection.loadActiveCheckResult(Boolean
 includeIgnored)  Source: HP.SupportFramework.Utilities    Name: HPSF.exe  Version: 07.00.01.01
Path:
 C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe  Format: en-US
RAM:
 3834  Ram Utilization: 50  TargetSite: Void loadActiveCheckResult(Boolean)  
 
Error - 12/3/2012 5:26:56 PM | Computer Name = Re-HP | Source = HPSF.exe | ID = 2000
Description = HP Error ID: -2147467261   at HP.SupportFramework.Utilities.HPSAIssues.ActionItemCollection.loadActiveCheckResult(Boolean
 includeIgnored)  Message: Object reference not set to an instance of an object.  StackTrace:
   at HP.SupportFramework.Utilities.HPSAIssues.ActionItemCollection.loadActiveCheckResult(Boolean
 includeIgnored)  Source: HP.SupportFramework.Utilities    Name: HPSF.exe  Version: 07.00.01.01
Path:
 C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe  Format: en-US
RAM:
 3834  Ram Utilization: 70  TargetSite: Void loadActiveCheckResult(Boolean)  
 
[ HP Software Framework Events ]
Error - 10/15/2012 5:04:08 PM | Computer Name = Re-HP | Source = CaslWmi | ID = 5
Description = 2012/10/15 17:04:08.404|00001620|Error      |[CaslWmi]CommandFolio::A{hpCasl.enReturnCode(int&)}|Error
 0xe_BIOS_INVALID_COMMAND_TYPE from BIOS WMI call Read/2Eh while getting Folio state
 
Error - 10/22/2012 4:13:06 PM | Computer Name = Re-HP | Source = CaslWmi | ID = 5
Description = 2012/10/22 16:13:06.899|00000584|Error      |[CaslWmi]CommandFolio::A{hpCasl.enReturnCode(int&)}|Error
 0xe_BIOS_INVALID_COMMAND_TYPE from BIOS WMI call Read/2Eh while getting Folio state
 
Error - 10/29/2012 3:04:02 PM | Computer Name = Re-HP | Source = CaslWmi | ID = 5
Description = 2012/10/29 15:04:02.293|0000194C|Error      |[CaslWmi]CommandFolio::A{hpCasl.enReturnCode(int&)}|Error
 0xe_BIOS_INVALID_COMMAND_TYPE from BIOS WMI call Read/2Eh while getting Folio state
 
Error - 11/5/2012 9:17:58 PM | Computer Name = Re-HP | Source = CaslWmi | ID = 5
Description = 2012/11/05 20:17:58.258|00000F60|Error      |[CaslWmi]CommandFolio::A{hpCasl.enReturnCode(int&)}|Error
 0xe_BIOS_INVALID_COMMAND_TYPE from BIOS WMI call Read/2Eh while getting Folio state
 
Error - 11/5/2012 9:18:13 PM | Computer Name = Re-HP | Source = CaslWmi | ID = 5
Description = 2012/11/05 20:18:13.587|00000BF0|Error      |[CaslWmi]CommandFolio::A{hpCasl.enReturnCode(int&)}|Error
 0xe_BIOS_INVALID_COMMAND_TYPE from BIOS WMI call Read/2Eh while getting Folio state
 
Error - 11/5/2012 9:18:17 PM | Computer Name = Re-HP | Source = CaslWmi | ID = 5
Description = 2012/11/05 20:18:17.432|00001D38|Error      |[CaslWmi]CommandFolio::A{hpCasl.enReturnCode(int&)}|Error
 0xe_BIOS_INVALID_COMMAND_TYPE from BIOS WMI call Read/2Eh while getting Folio state
 
Error - 11/5/2012 9:18:20 PM | Computer Name = Re-HP | Source = CaslWmi | ID = 5
Description = 2012/11/05 20:18:20.829|0000089C|Error      |[CaslWmi]CommandFolio::A{hpCasl.enReturnCode(int&)}|Error
 0xe_BIOS_INVALID_COMMAND_TYPE from BIOS WMI call Read/2Eh while getting Folio state
 
Error - 11/11/2012 12:31:30 PM | Computer Name = Re-HP | Source = CaslWmi | ID = 5
Description = 2012/11/11 11:31:30.850|0000075C|Error      |[CaslWmi]CommandFolio::A{hpCasl.enReturnCode(int&)}|Error
 0xe_BIOS_INVALID_COMMAND_TYPE from BIOS WMI call Read/2Eh while getting Folio state
 
Error - 11/11/2012 12:31:35 PM | Computer Name = Re-HP | Source = CaslWmi | ID = 5
Description = 2012/11/11 11:31:35.896|000011F0|Error      |[CaslWmi]CommandFolio::A{hpCasl.enReturnCode(int&)}|Error
 0xe_BIOS_INVALID_COMMAND_TYPE from BIOS WMI call Read/2Eh while getting Folio state
 
Error - 11/19/2012 6:21:30 PM | Computer Name = Re-HP | Source = CaslWmi | ID = 5
Description = 2012/11/19 17:21:30.623|00001824|Error      |[CaslWmi]CommandFolio::A{hpCasl.enReturnCode(int&)}|Error
 0xe_BIOS_INVALID_COMMAND_TYPE from BIOS WMI call Read/2Eh while getting Folio state
 
[ HP Wireless Assistant Events ]
Error - 5/8/2011 10:57:17 PM | Computer Name = Re-HP | Source = HP WA Service | ID = 0
Description = System.Runtime.InteropServices.COMException The RPC server is unavailable.
 (Exception from HRESULT: 0x800706BA)    at System.Runtime.InteropServices.Marshal.ThrowExceptionForHRInternal(Int32
 errorCode, IntPtr errorInfo)     at System.Management.ManagementScope.InitializeGuts(Object
 o)     at System.Management.ManagementScope.Initialize()     at System.Management.ManagementObject.Initialize(Boolean
 getObject)     at System.Management.ManagementBaseObject.get_Properties()     at System.Management.ManagementBaseObject.GetPropertyValue(String
 propertyName)     at HPPA_Service.CurrentConfiguration.<ReloadRadioList>b__c()
 
Error - 5/8/2011 10:57:38 PM | Computer Name = Re-HP | Source = HP WA Service | ID = 0
Description = System.Runtime.InteropServices.COMException The RPC server is unavailable.
 (Exception from HRESULT: 0x800706BA)    at System.Runtime.InteropServices.Marshal.ThrowExceptionForHRInternal(Int32
 errorCode, IntPtr errorInfo)     at System.Management.ManagementScope.InitializeGuts(Object
 o)     at System.Management.ManagementScope.Initialize()     at System.Management.ManagementObject.Initialize(Boolean
 getObject)     at System.Management.ManagementBaseObject.get_Properties()     at System.Management.ManagementBaseObject.GetPropertyValue(String
 propertyName)     at HPPA_Service.CurrentConfiguration.<ReloadRadioList>b__c()
 
Error - 5/8/2011 10:58:00 PM | Computer Name = Re-HP | Source = HP WA Service | ID = 0
Description = System.Runtime.InteropServices.COMException The RPC server is unavailable.
 (Exception from HRESULT: 0x800706BA)    at System.Runtime.InteropServices.Marshal.ThrowExceptionForHRInternal(Int32
 errorCode, IntPtr errorInfo)     at System.Management.ManagementScope.InitializeGuts(Object
 o)     at System.Management.ManagementScope.Initialize()     at System.Management.ManagementObject.Initialize(Boolean
 getObject)     at System.Management.ManagementBaseObject.get_Properties()     at System.Management.ManagementBaseObject.GetPropertyValue(String
 propertyName)     at HPPA_Service.CurrentConfiguration.<ReloadRadioList>b__c()
 
Error - 5/8/2011 10:58:20 PM | Computer Name = Re-HP | Source = HP WA Service | ID = 0
Description = System.Runtime.InteropServices.COMException The RPC server is unavailable.
 (Exception from HRESULT: 0x800706BA)    at System.Runtime.InteropServices.Marshal.ThrowExceptionForHRInternal(Int32
 errorCode, IntPtr errorInfo)     at System.Management.ManagementScope.InitializeGuts(Object
 o)     at System.Management.ManagementScope.Initialize()     at System.Management.ManagementObject.Initialize(Boolean
 getObject)     at System.Management.ManagementBaseObject.get_Properties()     at System.Management.ManagementBaseObject.GetPropertyValue(String
 propertyName)     at HPPA_Service.CurrentConfiguration.<ReloadRadioList>b__c()
 
Error - 5/8/2011 10:58:40 PM | Computer Name = Re-HP | Source = HP WA Service | ID = 0
Description = System.Runtime.InteropServices.COMException The RPC server is unavailable.
 (Exception from HRESULT: 0x800706BA)    at System.Runtime.InteropServices.Marshal.ThrowExceptionForHRInternal(Int32
 errorCode, IntPtr errorInfo)     at System.Management.ManagementScope.InitializeGuts(Object
 o)     at System.Management.ManagementScope.Initialize()     at System.Management.ManagementObject.Initialize(Boolean
 getObject)     at System.Management.ManagementBaseObject.get_Properties()     at System.Management.ManagementBaseObject.GetPropertyValue(String
 propertyName)     at HPPA_Service.CurrentConfiguration.<ReloadRadioList>b__c()
 
Error - 5/8/2011 10:59:02 PM | Computer Name = Re-HP | Source = HP WA Service | ID = 0
Description = System.Runtime.InteropServices.COMException The RPC server is unavailable.
 (Exception from HRESULT: 0x800706BA)    at System.Runtime.InteropServices.Marshal.ThrowExceptionForHRInternal(Int32
 errorCode, IntPtr errorInfo)     at System.Management.ManagementScope.InitializeGuts(Object
 o)     at System.Management.ManagementScope.Initialize()     at System.Management.ManagementObject.Initialize(Boolean
 getObject)     at System.Management.ManagementBaseObject.get_Properties()     at System.Management.ManagementBaseObject.GetPropertyValue(String
 propertyName)     at HPPA_Service.CurrentConfiguration.<ReloadRadioList>b__c()
 
Error - 5/8/2011 10:59:22 PM | Computer Name = Re-HP | Source = HP WA Service | ID = 0
Description = System.Runtime.InteropServices.COMException The RPC server is unavailable.
 (Exception from HRESULT: 0x800706BA)    at System.Runtime.InteropServices.Marshal.ThrowExceptionForHRInternal(Int32
 errorCode, IntPtr errorInfo)     at System.Management.ManagementScope.InitializeGuts(Object
 o)     at System.Management.ManagementScope.Initialize()     at System.Management.ManagementObject.Initialize(Boolean
 getObject)     at System.Management.ManagementBaseObject.get_Properties()     at System.Management.ManagementBaseObject.GetPropertyValue(String
 propertyName)     at HPPA_Service.CurrentConfiguration.<ReloadRadioList>b__c()
 
Error - 5/8/2011 10:59:43 PM | Computer Name = Re-HP | Source = HP WA Service | ID = 0
Description = System.Runtime.InteropServices.COMException The RPC server is unavailable.
 (Exception from HRESULT: 0x800706BA)    at System.Runtime.InteropServices.Marshal.ThrowExceptionForHRInternal(Int32
 errorCode, IntPtr errorInfo)     at System.Management.ManagementScope.InitializeGuts(Object
 o)     at System.Management.ManagementScope.Initialize()     at System.Management.ManagementObject.Initialize(Boolean
 getObject)     at System.Management.ManagementBaseObject.get_Properties()     at System.Management.ManagementBaseObject.GetPropertyValue(String
 propertyName)     at HPPA_Service.CurrentConfiguration.<ReloadRadioList>b__c()
 
Error - 5/8/2011 11:00:05 PM | Computer Name = Re-HP | Source = HP WA Service | ID = 0
Description = System.Runtime.InteropServices.COMException The RPC server is unavailable.
 (Exception from HRESULT: 0x800706BA)    at System.Runtime.InteropServices.Marshal.ThrowExceptionForHRInternal(Int32
 errorCode, IntPtr errorInfo)     at System.Management.ManagementScope.InitializeGuts(Object
 o)     at System.Management.ManagementScope.Initialize()     at System.Management.ManagementObject.Initialize(Boolean
 getObject)     at System.Management.ManagementBaseObject.get_Properties()     at System.Management.ManagementBaseObject.GetPropertyValue(String
 propertyName)     at HPPA_Service.CurrentConfiguration.<ReloadRadioList>b__c()
 
Error - 5/8/2011 11:00:26 PM | Computer Name = Re-HP | Source = HP WA Service | ID = 0
Description = System.Runtime.InteropServices.COMException The RPC server is unavailable.
 (Exception from HRESULT: 0x800706BA)    at System.Runtime.InteropServices.Marshal.ThrowExceptionForHRInternal(Int32
 errorCode, IntPtr errorInfo)     at System.Management.ManagementScope.InitializeGuts(Object
 o)     at System.Management.ManagementScope.Initialize()     at System.Management.ManagementObject.Initialize(Boolean
 getObject)     at System.Management.ManagementBaseObject.get_Properties()     at System.Management.ManagementBaseObject.GetPropertyValue(String
 propertyName)     at HPPA_Service.CurrentConfiguration.<ReloadRadioList>b__c()
 
[ Media Center Events ]
Error - 6/13/2011 1:01:25 AM | Computer Name = Re-HP | Source = MCUpdate | ID = 0
Description = 1:01:19 AM - Failed to retrieve SportsSchedule (Error: The underlying
 connection was closed: Could not establish trust relationship for the SSL/TLS secure
 channel.)  
 
[ System Events ]
Error - 3/12/2014 12:58:10 PM | Computer Name = Re-HP | Source = DCOM | ID = 10016
Description = 
 
Error - 3/12/2014 2:45:46 PM | Computer Name = Re-HP | Source = EventLog | ID = 6008
Description = The previous system shutdown at 2:43:40 PM on ?3/?12/?2014 was unexpected.
 
Error - 3/12/2014 2:45:55 PM | Computer Name = RE-HP | Source = BugCheck | ID = 1001
Description = 
 
Error - 3/12/2014 2:48:22 PM | Computer Name = Re-HP | Source = DCOM | ID = 10016
Description = 
 
Error - 3/12/2014 3:49:03 PM | Computer Name = Re-HP | Source = EventLog | ID = 6008
Description = The previous system shutdown at 3:47:32 PM on ?3/?12/?2014 was unexpected.
 
Error - 3/12/2014 3:49:04 PM | Computer Name = RE-HP | Source = BugCheck | ID = 1001
Description = 
 
Error - 3/12/2014 3:51:40 PM | Computer Name = Re-HP | Source = DCOM | ID = 10016
Description = 
 
Error - 3/12/2014 7:12:37 PM | Computer Name = Re-HP | Source = EventLog | ID = 6008
Description = The previous system shutdown at 7:09:49 PM on ?3/?12/?2014 was unexpected.
 
Error - 3/12/2014 7:12:46 PM | Computer Name = RE-HP | Source = BugCheck | ID = 1001
Description = 
 
Error - 3/12/2014 7:15:13 PM | Computer Name = Re-HP | Source = DCOM | ID = 10016
Description = 
 
 
< End of report >


#6 Jo*

Jo*

  • Malware Response Team
  • 3,445 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Germany
  • Local time:12:53 AM

Posted 13 March 2014 - 03:19 AM

Hello heytee65,

did you install that:

"Свадебный салон" = Свадебный салон
"Святой. Бездна отчаяния" = Святой. Бездна отчаяния

translated:
"Wedding Salon" = Wedding Salon
"Holy. Abyss of despair" = Holy. abyss of despair

And you have strange links on your desktop:

[2013/04/06 18:19:44 | 000,001,432 | ---- | M] ()(C:\Users\Public\Desktop\??????. ?????? ????????.lnk) -- C:\Users\Public\Desktop\Святой. Бездна отчаяния.lnk
[2013/04/06 18:19:44 | 000,001,432 | ---- | C] ()(C:\Users\Public\Desktop\??????. ?????? ????????.lnk) -- C:\Users\Public\Desktop\Святой. Бездна отчаяния.lnk
[2011/10/23 18:10:30 | 000,001,290 | ---- | M] ()(C:\Users\Re\Desktop\????????? ?????.lnk) -- C:\Users\Re\Desktop\Свадебный салон.lnk
[2011/10/23 18:10:30 | 000,001,290 | ---- | C] ()(C:\Users\Re\Desktop\????????? ?????.lnk) -- C:\Users\Re\Desktop\Свадебный салон.lnk

 

***


Please download Malwarebytes Anti-Rootkit and save it to your desktop.
  • Be sure to print out and follow the instructions provided on that same page.
  • Caution: This is a beta version so please be sure to read the disclaimer and back up all your data before using.
  • Scan your system for malware
With some infections, you may see two messages boxes.
  • 'Could not load protection driver'. Click 'OK'.
  • 'Could not load DDA driver'. Click 'Yes' to this message, to allow the driver to load after a restart. Allow the computer to restart. Continue with the rest of these instructions.
  • If malware is found - do not press the Clean up button, please go to the MBAR folder and then copy/paste the contents of the MBAR-log-***.txt file to your next reply.
  • If there is no malware found, please let me know as well.

***


Please download AdwCleaner by Xplode and save to your Desktop.
Double-click AdwCleaner.exe
Vista / Windows 7/8 users right-click and select Run As Administrator.
  • Click on the Scan button.
  • AdwCleaner will begin...be patient as the scan may take some time to complete.
    The actual line should say "Pending. Please uncheck elements you do not want to remove" => scan is complete.
  • After the scan has finished, click on the Report button...a logfile (AdwCleaner[R0].txt) will open in Notepad for review.
  • The contents of the log file may be confusing. Unless you see a program name that you know should not be removed, don't worry about it.
    If you see an entry you want to keep, let me know about it.
  • Copy and paste the contents of that logfile in your next reply.
  • A copy of all logfiles are saved in the C:\AdwCleaner folder which was created when running the tool.

Graduate of the WTT Classroom
Cheers,
Jo
If I have been helping you, and I have not replied to your latest post in 36 hours please send me a PM.


#7 heytee65

heytee65
  • Topic Starter

  • Members
  • 41 posts
  • OFFLINE
  •  
  • Local time:07:53 PM

Posted 13 March 2014 - 10:56 AM

---------------------------------------
Malwarebytes Anti-Rootkit BETA 1.07.0.1009
 
© Malwarebytes Corporation 2011-2012
 
OS version: 6.1.7601 Windows 7 Service Pack 1 x64
 
Account is Administrative
 
Internet Explorer version: 11.0.9600.16518
 
Java version: 1.6.0_35
 
File system is: NTFS
Disk drives: C:\ DRIVE_FIXED, D:\ DRIVE_FIXED, F:\ DRIVE_FIXED, Q:\ DRIVE_FIXED
CPU speed: 2.593000 GHz
Memory total: 4021186560, free: 1825775616
 
---------------------------------------
Malwarebytes Anti-Rootkit BETA 1.07.0.1009
 
© Malwarebytes Corporation 2011-2012
 
OS version: 6.1.7601 Windows 7 Service Pack 1 x64
 
Account is Administrative
 
Internet Explorer version: 11.0.9600.16518
 
Java version: 1.6.0_35
 
File system is: NTFS
Disk drives: C:\ DRIVE_FIXED, D:\ DRIVE_FIXED, F:\ DRIVE_FIXED, Q:\ DRIVE_FIXED
CPU speed: 2.593000 GHz
Memory total: 4021186560, free: 1834213376
 
Downloaded database version: v2014.03.13.06
Downloaded database version: v2014.02.20.01
=======================================
Initializing...
------------ Kernel report ------------
     03/13/2014 11:27:20
------------ Loaded modules -----------
\SystemRoot\system32\ntoskrnl.exe
\SystemRoot\system32\hal.dll
\SystemRoot\system32\kdcom.dll
\SystemRoot\system32\mcupdate_AuthenticAMD.dll
\SystemRoot\system32\PSHED.dll
\SystemRoot\system32\CLFS.SYS
\SystemRoot\system32\CI.dll
\SystemRoot\system32\drivers\Wdf01000.sys
\SystemRoot\system32\drivers\WDFLDR.SYS
\SystemRoot\system32\drivers\ACPI.sys
\SystemRoot\system32\drivers\WMILIB.SYS
\SystemRoot\system32\drivers\msisadrv.sys
\SystemRoot\system32\drivers\pci.sys
\SystemRoot\system32\drivers\vdrvroot.sys
\SystemRoot\system32\DRIVERS\kl1.sys
\SystemRoot\System32\drivers\partmgr.sys
\SystemRoot\system32\DRIVERS\compbatt.sys
\SystemRoot\system32\DRIVERS\BATTC.SYS
\SystemRoot\system32\drivers\volmgr.sys
\SystemRoot\System32\drivers\volmgrx.sys
\SystemRoot\System32\drivers\mountmgr.sys
\SystemRoot\system32\drivers\atapi.sys
\SystemRoot\system32\drivers\ataport.SYS
\SystemRoot\system32\drivers\msahci.sys
\SystemRoot\system32\drivers\PCIIDEX.SYS
\SystemRoot\system32\DRIVERS\amd_sata.sys
\SystemRoot\system32\DRIVERS\storport.sys
\SystemRoot\system32\DRIVERS\amd_xata.sys
\SystemRoot\system32\drivers\amdxata.sys
\SystemRoot\system32\drivers\fltmgr.sys
\SystemRoot\system32\drivers\fileinfo.sys
\SystemRoot\System32\Drivers\Ntfs.sys
\SystemRoot\System32\Drivers\msrpc.sys
\SystemRoot\System32\Drivers\ksecdd.sys
\SystemRoot\System32\Drivers\cng.sys
\SystemRoot\System32\drivers\pcw.sys
\SystemRoot\System32\Drivers\Fs_Rec.sys
\SystemRoot\system32\drivers\ndis.sys
\SystemRoot\system32\drivers\NETIO.SYS
\SystemRoot\System32\Drivers\ksecpkg.sys
\SystemRoot\System32\drivers\tcpip.sys
\SystemRoot\System32\drivers\fwpkclnt.sys
\SystemRoot\system32\drivers\volsnap.sys
\SystemRoot\System32\Drivers\spldr.sys
\SystemRoot\System32\drivers\rdyboost.sys
\SystemRoot\System32\Drivers\mup.sys
\SystemRoot\System32\drivers\hwpolicy.sys
\SystemRoot\System32\DRIVERS\fvevol.sys
\SystemRoot\system32\DRIVERS\disk.sys
\SystemRoot\system32\DRIVERS\CLASSPNP.SYS
\SystemRoot\system32\DRIVERS\AtiPcie64.sys
\SystemRoot\system32\DRIVERS\cdrom.sys
\SystemRoot\system32\DRIVERS\klif.sys
\SystemRoot\system32\DRIVERS\klflt.sys
\SystemRoot\System32\Drivers\Null.SYS
\SystemRoot\System32\Drivers\Beep.SYS
\SystemRoot\System32\drivers\vga.sys
\SystemRoot\System32\drivers\VIDEOPRT.SYS
\SystemRoot\System32\drivers\watchdog.sys
\SystemRoot\System32\DRIVERS\RDPCDD.sys
\SystemRoot\system32\drivers\rdpencdd.sys
\SystemRoot\system32\drivers\rdprefmp.sys
\SystemRoot\System32\Drivers\Msfs.SYS
\SystemRoot\System32\Drivers\Npfs.SYS
\SystemRoot\system32\DRIVERS\tdx.sys
\SystemRoot\system32\DRIVERS\TDI.SYS
\SystemRoot\system32\DRIVERS\kltdi.sys
\SystemRoot\system32\drivers\afd.sys
\SystemRoot\System32\DRIVERS\netbt.sys
\SystemRoot\system32\DRIVERS\wfplwf.sys
\SystemRoot\system32\DRIVERS\pacer.sys
\SystemRoot\system32\DRIVERS\vwififlt.sys
\SystemRoot\system32\DRIVERS\klim6.sys
\SystemRoot\system32\DRIVERS\netbios.sys
\SystemRoot\system32\DRIVERS\wanarp.sys
\SystemRoot\system32\drivers\termdd.sys
\SystemRoot\system32\DRIVERS\rdbss.sys
\SystemRoot\system32\drivers\nsiproxy.sys
\SystemRoot\system32\drivers\mssmbios.sys
\SystemRoot\system32\DRIVERS\kneps.sys
\SystemRoot\System32\Drivers\ElbyCDIO.sys
\SystemRoot\System32\drivers\discache.sys
\SystemRoot\System32\Drivers\dfsc.sys
\SystemRoot\system32\DRIVERS\blbdrive.sys
\SystemRoot\system32\DRIVERS\tunnel.sys
\SystemRoot\system32\DRIVERS\amdppm.sys
\SystemRoot\system32\DRIVERS\atikmpag.sys
\SystemRoot\system32\DRIVERS\atikmdag.sys
\SystemRoot\System32\drivers\dxgkrnl.sys
\SystemRoot\System32\Drivers\fastfat.SYS
\SystemRoot\System32\drivers\dxgmms1.sys
\SystemRoot\system32\drivers\HDAudBus.sys
\SystemRoot\system32\DRIVERS\bcmwl664.sys
\SystemRoot\system32\DRIVERS\vwifibus.sys
\SystemRoot\system32\DRIVERS\Rt64win7.sys
\SystemRoot\system32\DRIVERS\RtsPStor.sys
\SystemRoot\system32\DRIVERS\GEARAspiWDM.sys
\SystemRoot\system32\DRIVERS\usbohci.sys
\SystemRoot\system32\DRIVERS\USBPORT.SYS
\SystemRoot\system32\DRIVERS\usbfilter.sys
\SystemRoot\system32\DRIVERS\usbehci.sys
\SystemRoot\system32\DRIVERS\i8042prt.sys
\SystemRoot\system32\DRIVERS\klkbdflt.sys
\SystemRoot\system32\drivers\kbdclass.sys
\SystemRoot\system32\DRIVERS\SynTP.sys
\SystemRoot\system32\DRIVERS\USBD.SYS
\SystemRoot\system32\DRIVERS\klmouflt.sys
\SystemRoot\system32\DRIVERS\mouclass.sys
\SystemRoot\system32\DRIVERS\CmBatt.sys
\SystemRoot\system32\drivers\wmiacpi.sys
\SystemRoot\system32\drivers\CompositeBus.sys
\SystemRoot\system32\drivers\Apowersoft_AudioDevice.sys
\SystemRoot\system32\drivers\portcls.sys
\SystemRoot\system32\drivers\drmk.sys
\SystemRoot\system32\drivers\ks.sys
\SystemRoot\system32\drivers\ksthunk.sys
\SystemRoot\system32\DRIVERS\ManyCam_x64.sys
\SystemRoot\system32\DRIVERS\STREAM.SYS
\SystemRoot\system32\DRIVERS\AgileVpn.sys
\SystemRoot\system32\DRIVERS\rasl2tp.sys
\SystemRoot\system32\DRIVERS\ndistapi.sys
\SystemRoot\system32\DRIVERS\ndiswan.sys
\SystemRoot\system32\DRIVERS\raspppoe.sys
\SystemRoot\system32\DRIVERS\raspptp.sys
\SystemRoot\system32\DRIVERS\rassstp.sys
\SystemRoot\system32\drivers\swenum.sys
\SystemRoot\system32\DRIVERS\amdiox64.sys
\SystemRoot\system32\DRIVERS\umbus.sys
\SystemRoot\system32\DRIVERS\usbhub.sys
\SystemRoot\System32\Drivers\NDProxy.SYS
\SystemRoot\system32\drivers\AtiHdmi.sys
\SystemRoot\system32\DRIVERS\stwrt64.sys
\SystemRoot\System32\win32k.sys
\SystemRoot\System32\drivers\Dxapi.sys
\SystemRoot\System32\Drivers\crashdmp.sys
\SystemRoot\System32\Drivers\dump_diskdump.sys
\SystemRoot\System32\Drivers\dump_amd_sata.sys
\SystemRoot\System32\Drivers\dump_dumpfve.sys
\SystemRoot\system32\DRIVERS\hidusb.sys
\SystemRoot\system32\DRIVERS\HIDCLASS.SYS
\SystemRoot\system32\DRIVERS\HIDPARSE.SYS
\SystemRoot\system32\DRIVERS\mouhid.sys
\SystemRoot\system32\DRIVERS\usbccgp.sys
\SystemRoot\System32\Drivers\usbvideo.sys
\SystemRoot\system32\DRIVERS\monitor.sys
\SystemRoot\System32\TSDDD.dll
\SystemRoot\System32\cdd.dll
\SystemRoot\System32\ATMFD.DLL
\SystemRoot\system32\drivers\luafv.sys
\SystemRoot\system32\DRIVERS\Sftvollh.sys
\SystemRoot\system32\DRIVERS\lltdio.sys
\SystemRoot\system32\DRIVERS\nwifi.sys
\SystemRoot\system32\DRIVERS\ndisuio.sys
\SystemRoot\system32\DRIVERS\rspndr.sys
\SystemRoot\system32\DRIVERS\vwifimp.sys
\SystemRoot\system32\drivers\HTTP.sys
\SystemRoot\system32\DRIVERS\bowser.sys
\SystemRoot\System32\drivers\mpsdrv.sys
\SystemRoot\system32\DRIVERS\mrxsmb.sys
\SystemRoot\system32\DRIVERS\mrxsmb10.sys
\SystemRoot\system32\DRIVERS\mrxsmb20.sys
\SystemRoot\system32\drivers\peauth.sys
\SystemRoot\System32\Drivers\secdrv.SYS
\SystemRoot\system32\DRIVERS\Sftfslh.sys
\SystemRoot\system32\DRIVERS\Sftplaylh.sys
\SystemRoot\System32\DRIVERS\srvnet.sys
\SystemRoot\System32\drivers\tcpipreg.sys
\SystemRoot\System32\DRIVERS\srv2.sys
\SystemRoot\System32\DRIVERS\srv.sys
\SystemRoot\system32\DRIVERS\Sftredirlh.sys
\??\C:\Program Files (x86)\TuneUp Utilities 2014\TuneUpUtilitiesDriver64.sys
\??\C:\Windows\system32\drivers\mbamchameleon.sys
\??\C:\Windows\system32\drivers\MBAMSwissArmy.sys
\Windows\System32\ntdll.dll
\Windows\System32\smss.exe
\Windows\System32\apisetschema.dll
\Windows\System32\autochk.exe
\Windows\System32\iertutil.dll
\Windows\System32\comdlg32.dll
\Windows\System32\kernel32.dll
\Windows\System32\usp10.dll
\Windows\System32\sechost.dll
\Windows\System32\shell32.dll
\Windows\System32\Wldap32.dll
\Windows\System32\msctf.dll
\Windows\System32\imm32.dll
\Windows\System32\clbcatq.dll
\Windows\System32\nsi.dll
\Windows\System32\urlmon.dll
\Windows\System32\psapi.dll
\Windows\System32\advapi32.dll
\Windows\System32\rpcrt4.dll
\Windows\System32\msvcrt.dll
\Windows\System32\ole32.dll
\Windows\System32\difxapi.dll
\Windows\System32\gdi32.dll
\Windows\System32\ws2_32.dll
\Windows\System32\normaliz.dll
\Windows\System32\imagehlp.dll
\Windows\System32\setupapi.dll
\Windows\System32\user32.dll
\Windows\System32\shlwapi.dll
\Windows\System32\oleaut32.dll
\Windows\System32\wininet.dll
\Windows\System32\lpk.dll
\Windows\System32\api-ms-win-downlevel-user32-l1-1-0.dll
\Windows\System32\wintrust.dll
\Windows\System32\cfgmgr32.dll
\Windows\System32\comctl32.dll
\Windows\System32\crypt32.dll
\Windows\System32\api-ms-win-downlevel-shlwapi-l1-1-0.dll
\Windows\System32\api-ms-win-downlevel-advapi32-l1-1-0.dll
\Windows\System32\api-ms-win-downlevel-normaliz-l1-1-0.dll
\Windows\System32\devobj.dll
\Windows\System32\api-ms-win-downlevel-ole32-l1-1-0.dll
\Windows\System32\api-ms-win-downlevel-version-l1-1-0.dll
\Windows\System32\KernelBase.dll
\Windows\System32\msasn1.dll
\Windows\SysWOW64\normaliz.dll
----------- End -----------
Done!
<<<1>>>
Upper Device Name: \Device\Harddisk0\DR0
Upper Device Object: 0xfffffa800434b060
Upper Device Driver Name: \Driver\Disk\
Lower Device Name: \Device\00000065\
Lower Device Object: 0xfffffa80042d4410
Lower Device Driver Name: \Driver\amd_sata\
<<<2>>>
Physical Sector Size: 512
Drive: 0, DevicePointer: 0xfffffa800434b060, DeviceName: \Device\Harddisk0\DR0\, DriverName: \Driver\Disk\
--------- Disk Stack ------
DevicePointer: 0xfffffa800434bab0, DeviceName: Unknown, DriverName: \Driver\partmgr\
DevicePointer: 0xfffffa800434b060, DeviceName: \Device\Harddisk0\DR0\, DriverName: \Driver\Disk\
DevicePointer: 0xfffffa80042d8ac0, DeviceName: Unknown, DriverName: \Driver\amd_xata\
DevicePointer: 0xfffffa80042d4410, DeviceName: \Device\00000065\, DriverName: \Driver\amd_sata\
------------ End ----------
Alternate DeviceName: \Device\Harddisk0\DR0\, DriverName: \Driver\Disk\
Upper DeviceData: 0x0, 0x0, 0x0
Lower DeviceData: 0x0, 0x0, 0x0
<<<3>>>
Volume: C:
File system type: NTFS
SectorSize = 512, ClusterSize = 4096, MFTRecordSize = 1024, MFTIndexSize = 4096 bytes
<<<2>>>
<<<3>>>
Volume: C:
File system type: NTFS
SectorSize = 512, ClusterSize = 4096, MFTRecordSize = 1024, MFTIndexSize = 4096 bytes
Scanning drivers directory: C:\WINDOWS\SYSTEM32\drivers...
<<<2>>>
<<<3>>>
Volume: C:
File system type: NTFS
SectorSize = 512, ClusterSize = 4096, MFTRecordSize = 1024, MFTIndexSize = 4096 bytes
Done!
Drive 0
Scanning MBR on drive 0...
Inspecting partition table:
MBR Signature: 55AA
Disk Signature: 83DB7D88
 
Partition information:
 
    Partition 0 type is Primary (0x7)
    Partition is ACTIVE.
    Partition starts at LBA: 2048  Numsec = 407552
    Partition file system is NTFS
    Partition is bootable
 
    Partition 1 type is Primary (0x7)
    Partition is NOT ACTIVE.
    Partition starts at LBA: 409600  Numsec = 944584704
 
    Partition 2 type is Primary (0x7)
    Partition is NOT ACTIVE.
    Partition starts at LBA: 944994304  Numsec = 31565824
 
    Partition 3 type is Other (0xc)
    Partition is NOT ACTIVE.
    Partition starts at LBA: 976560128  Numsec = 210992
 
Disk Size: 500107862016 bytes
Sector size: 512 bytes
 
Scanning physical sectors of unpartitioned space on drive 0 (1-2047-976753168-976773168)...
Done!
Infected: C:\ProgramData\WebGeniuos\WebGeniuosSvc.dll --> [Trojan.SProtector]
Infected: C:\ProgramData\InstallMate\{87D4BD36-7AE4-4399-A172-32C65C379FC0}\Custom.dll --> [Trojan.MSIL.Injector]
Infected: C:\ProgramData\InstallMate\{BF03322A-7273-4CBF-AE54-3A5164E010DC}\Custom.dll --> [Trojan.MSIL.Injector]
Infected: HKCU\SOFTWARE\Trymedia Systems --> [Adware.TryMedia]
Scan finished
User declined to cleanup malware.


#8 heytee65

heytee65
  • Topic Starter

  • Members
  • 41 posts
  • OFFLINE
  •  
  • Local time:07:53 PM

Posted 13 March 2014 - 11:08 AM

# AdwCleaner v3.021 - Report created 13/03/2014 at 11:58:39
# Updated 10/03/2014 by Xplode
# Operating System : Windows 7 Home Premium Service Pack 1 (64 bits)
# Username : Re - RE-HP
# Running from : C:\Users\Re\Desktop\AdwCleaner.exe
# Option : Scan
 
***** [ Services ] *****
 
Service Found : Application Updater
Service Found : MgAssistService
 
***** [ Files / Folders ] *****
 
File Found : C:\END
File Found : C:\Program Files (x86)\Mozilla Firefox\Extensions\{1FD91A9C-410C-4090-BBCC-55D3450EF433}
File Found : C:\Program Files (x86)\Mozilla Firefox\searchplugins\search.xml
File Found : C:\Program Files (x86)\Mozilla Firefox\searchplugins\Search_Results.xml
File Found : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\eBay.lnk
File Found : C:\Users\Public\Desktop\EZDownloader.lnk
File Found : C:\Users\Public\Desktop\YourFile Downloader.lnk
File Found : C:\Users\Re\AppData\Roaming\Mozilla\FiRefox\Profiles\aumcxv1e.default\Extensions\{1FD91A9C-410C-4090-BBCC-55D3450EF433}
File Found : C:\Users\Re\AppData\Roaming\Mozilla\FiRefox\Profiles\aumcxv1e.default\Extensions\freerip@mybrowserbar.com
File Found : C:\Users\Re\AppData\Roaming\Mozilla\FiRefox\Profiles\aumcxv1e.default\searchplugins\Search_Results.xml
File Found : C:\Users\Re\AppData\Roaming\Mozilla\FiRefox\Profiles\aumcxv1e.default\searchplugins\WebSearch.xml
File Found : C:\Users\Re\AppData\Roaming\Mozilla\FiRefox\Profiles\aumcxv1e.default\user.js
File Found : C:\Users\Re\Desktop\Mobogenie.lnk
File Found : C:\Windows\Tasks\AmiUpdXp.job
Folder Found : C:\Users\Re\AppData\Local\Google\Chrome\User Data\Default\Extensions\adllkfgdnokmolcgeknconkocfgekmpk
Folder Found : C:\Users\Re\AppData\Local\Google\Chrome\User Data\Default\Extensions\hbcennhacfaagdopikcegfcobcadeocj
Folder Found : C:\Users\Re\AppData\Local\Google\Chrome\User Data\Default\Extensions\icdlfehblmklkikfigmjhbmmpmkmpooj
Folder Found : C:\Users\Re\AppData\Local\Google\Chrome\User Data\Default\Extensions\mhkaekfpcppmmioggniknbnbdbcigpkk
Folder Found : C:\Users\Re\AppData\Local\Google\Chrome\User Data\Default\Extensions\pfndaklgolladniicklehhancnlgocpp
Folder Found : C:\Users\Re\AppData\Roaming\Mozilla\FiRefox\Profiles\aumcxv1e.default\Extensions\{317EB79C-82C1-4D5A-9D04-342BAA96B7C0}
Folder Found : C:\Users\Re\AppData\Roaming\Mozilla\FiRefox\Profiles\aumcxv1e.default\Extensions\{317EB79C-82C1-4D5A-9D04-342BAA96B7C0}
Folder Found : C:\Users\Re\AppData\Roaming\Mozilla\FiRefox\Profiles\aumcxv1e.default\Extensions\{317EB79C-82C1-4D5A-9D04-342BAA96B7C0}
Folder Found : C:\Users\Re\AppData\Roaming\Mozilla\FiRefox\Profiles\aumcxv1e.default\Extensions\{317EB79C-82C1-4D5A-9D04-342BAA96B7C0}
Folder Found : C:\Users\Re\AppData\Roaming\Mozilla\FiRefox\Profiles\aumcxv1e.default\Extensions\{317EB79C-82C1-4D5A-9D04-342BAA96B7C0}
Folder Found : C:\Users\Re\AppData\Roaming\Mozilla\FiRefox\Profiles\aumcxv1e.default\Extensions\{317EB79C-82C1-4D5A-9D04-342BAA96B7C0}
Folder Found : C:\Users\Re\AppData\Roaming\Mozilla\FiRefox\Profiles\aumcxv1e.default\Extensions\{58d2a791-6199-482f-a9aa-9b725ec61362}
Folder Found : C:\Users\Re\AppData\Roaming\Mozilla\FiRefox\Profiles\aumcxv1e.default\Extensions\{58d2a791-6199-482f-a9aa-9b725ec61362}
Folder Found : C:\Users\Re\AppData\Roaming\Mozilla\FiRefox\Profiles\aumcxv1e.default\Extensions\{58d2a791-6199-482f-a9aa-9b725ec61362}
Folder Found : C:\Users\Re\AppData\Roaming\Mozilla\FiRefox\Profiles\aumcxv1e.default\Extensions\{58d2a791-6199-482f-a9aa-9b725ec61362}
Folder Found : C:\Users\Re\AppData\Roaming\Mozilla\FiRefox\Profiles\aumcxv1e.default\Extensions\{58d2a791-6199-482f-a9aa-9b725ec61362}
Folder Found : C:\Users\Re\AppData\Roaming\Mozilla\FiRefox\Profiles\aumcxv1e.default\Extensions\{58d2a791-6199-482f-a9aa-9b725ec61362}
Folder Found : C:\Users\Re\AppData\Roaming\Mozilla\FiRefox\Profiles\aumcxv1e.default\Extensions\{7affbfae-c4e2-4915-8c0f-00fa3ec610a1}
Folder Found : C:\Users\Re\AppData\Roaming\Mozilla\FiRefox\Profiles\aumcxv1e.default\Extensions\{7affbfae-c4e2-4915-8c0f-00fa3ec610a1}
Folder Found : C:\Users\Re\AppData\Roaming\Mozilla\FiRefox\Profiles\aumcxv1e.default\Extensions\{7affbfae-c4e2-4915-8c0f-00fa3ec610a1}
Folder Found : C:\Users\Re\AppData\Roaming\Mozilla\FiRefox\Profiles\aumcxv1e.default\Extensions\{7affbfae-c4e2-4915-8c0f-00fa3ec610a1}
Folder Found : C:\Users\Re\AppData\Roaming\Mozilla\FiRefox\Profiles\aumcxv1e.default\Extensions\{7affbfae-c4e2-4915-8c0f-00fa3ec610a1}
Folder Found : C:\Users\Re\AppData\Roaming\Mozilla\FiRefox\Profiles\aumcxv1e.default\Extensions\{7affbfae-c4e2-4915-8c0f-00fa3ec610a1}
Folder Found : C:\Users\Re\AppData\Roaming\Mozilla\FiRefox\Profiles\aumcxv1e.default\Extensions\{96ce3418-8ef3-45b5-8808-de5dbe03fb13}
Folder Found : C:\Users\Re\AppData\Roaming\Mozilla\FiRefox\Profiles\aumcxv1e.default\Extensions\{96ce3418-8ef3-45b5-8808-de5dbe03fb13}
Folder Found : C:\Users\Re\AppData\Roaming\Mozilla\FiRefox\Profiles\aumcxv1e.default\Extensions\{96ce3418-8ef3-45b5-8808-de5dbe03fb13}
Folder Found : C:\Users\Re\AppData\Roaming\Mozilla\FiRefox\Profiles\aumcxv1e.default\Extensions\{96ce3418-8ef3-45b5-8808-de5dbe03fb13}
Folder Found : C:\Users\Re\AppData\Roaming\Mozilla\FiRefox\Profiles\aumcxv1e.default\Extensions\{96ce3418-8ef3-45b5-8808-de5dbe03fb13}
Folder Found : C:\Users\Re\AppData\Roaming\Mozilla\FiRefox\Profiles\aumcxv1e.default\Extensions\{96ce3418-8ef3-45b5-8808-de5dbe03fb13}
Folder Found : C:\Users\Re\AppData\Roaming\Mozilla\FiRefox\Profiles\aumcxv1e.default\Extensions\{99079a25-328f-4bd4-be04-00955acaa0a7}
Folder Found : C:\Users\Re\AppData\Roaming\Mozilla\FiRefox\Profiles\aumcxv1e.default\Extensions\{99079a25-328f-4bd4-be04-00955acaa0a7}
Folder Found : C:\Users\Re\AppData\Roaming\Mozilla\FiRefox\Profiles\aumcxv1e.default\Extensions\{99079a25-328f-4bd4-be04-00955acaa0a7}
Folder Found : C:\Users\Re\AppData\Roaming\Mozilla\FiRefox\Profiles\aumcxv1e.default\Extensions\{99079a25-328f-4bd4-be04-00955acaa0a7}
Folder Found : C:\Users\Re\AppData\Roaming\Mozilla\FiRefox\Profiles\aumcxv1e.default\Extensions\{99079a25-328f-4bd4-be04-00955acaa0a7}
Folder Found : C:\Users\Re\AppData\Roaming\Mozilla\FiRefox\Profiles\aumcxv1e.default\Extensions\{99079A25-328F-4BD4-BE04-00955ACAA0A7}
Folder Found : C:\Users\Re\AppData\Roaming\Mozilla\FiRefox\Profiles\aumcxv1e.default\Extensions\{99079a25-328f-4bd4-be04-00955acaa0a7}
Folder Found : C:\Users\Re\AppData\Roaming\Mozilla\FiRefox\Profiles\aumcxv1e.default\Extensions\4fa25d0a0cf2c@4fa25d0a0cf2e.info
Folder Found : C:\Users\Re\AppData\Roaming\Mozilla\FiRefox\Profiles\aumcxv1e.default\Extensions\4fa25d0a0cf2c@4fa25d0a0cf2e.info
Folder Found : C:\Users\Re\AppData\Roaming\Mozilla\FiRefox\Profiles\aumcxv1e.default\Extensions\4fa25d0a0cf2c@4fa25d0a0cf2e.info
Folder Found : C:\Users\Re\AppData\Roaming\Mozilla\FiRefox\Profiles\aumcxv1e.default\Extensions\4fa25d0a0cf2c@4fa25d0a0cf2e.info
Folder Found : C:\Users\Re\AppData\Roaming\Mozilla\FiRefox\Profiles\aumcxv1e.default\Extensions\4fa25d0a0cf2c@4fa25d0a0cf2e.info
Folder Found : C:\Users\Re\AppData\Roaming\Mozilla\FiRefox\Profiles\aumcxv1e.default\Extensions\4fa25d0a0cf2c@4fa25d0a0cf2e.info
Folder Found : C:\Users\Re\AppData\Roaming\Mozilla\FiRefox\Profiles\aumcxv1e.default\Extensions\4fa25d0a0cf2c@4fa25d0a0cf2e.info
Folder Found : C:\Users\Re\AppData\Roaming\Mozilla\FiRefox\Profiles\aumcxv1e.default\Extensions\crossriderapp12331@crossrider.com
Folder Found : C:\Users\Re\AppData\Roaming\Mozilla\FiRefox\Profiles\aumcxv1e.default\Extensions\crossriderapp12331@crossrider.com
Folder Found : C:\Users\Re\AppData\Roaming\Mozilla\FiRefox\Profiles\aumcxv1e.default\Extensions\crossriderapp12331@crossrider.com
Folder Found : C:\Users\Re\AppData\Roaming\Mozilla\FiRefox\Profiles\aumcxv1e.default\Extensions\crossriderapp12331@crossrider.com
Folder Found : C:\Users\Re\AppData\Roaming\Mozilla\FiRefox\Profiles\aumcxv1e.default\Extensions\crossriderapp12331@crossrider.com
Folder Found : C:\Users\Re\AppData\Roaming\Mozilla\FiRefox\Profiles\aumcxv1e.default\Extensions\crossriderapp12331@crossrider.com
Folder Found : C:\Users\Re\AppData\Roaming\Mozilla\FiRefox\Profiles\aumcxv1e.default\Extensions\savingsslider@mybrowserbar.com
Folder Found : C:\Users\Re\AppData\Roaming\Mozilla\FiRefox\Profiles\aumcxv1e.default\Extensions\savingsslider@mybrowserbar.com
Folder Found : C:\Users\Re\AppData\Roaming\Mozilla\FiRefox\Profiles\aumcxv1e.default\Extensions\savingsslider@mybrowserbar.com
Folder Found : C:\Users\Re\AppData\Roaming\Mozilla\FiRefox\Profiles\aumcxv1e.default\Extensions\savingsslider@mybrowserbar.com
Folder Found : C:\Users\Re\AppData\Roaming\Mozilla\FiRefox\Profiles\aumcxv1e.default\Extensions\savingsslider@mybrowserbar.com
Folder Found : C:\Users\Re\AppData\Roaming\Mozilla\FiRefox\Profiles\aumcxv1e.default\Extensions\savingsslider@mybrowserbar.com
Folder Found : C:\Users\Re\AppData\Roaming\Mozilla\FiRefox\Profiles\aumcxv1e.default\Extensions\staged
Folder Found : C:\Users\Re\AppData\Roaming\Mozilla\FiRefox\Profiles\aumcxv1e.default\Extensions\staged
Folder Found : C:\Users\Re\AppData\Roaming\Mozilla\FiRefox\Profiles\aumcxv1e.default\Extensions\staged
Folder Found : C:\Users\Re\AppData\Roaming\Mozilla\FiRefox\Profiles\aumcxv1e.default\Extensions\staged
Folder Found : C:\Users\Re\AppData\Roaming\Mozilla\FiRefox\Profiles\aumcxv1e.default\Extensions\staged
Folder Found : C:\Users\Re\AppData\Roaming\Mozilla\FiRefox\Profiles\aumcxv1e.default\Extensions\staged
Folder Found : C:\Users\Re\AppData\Roaming\Mozilla\FiRefox\Profiles\aumcxv1e.default\Extensions\tr0whnl@iao-rx.net
Folder Found : C:\Users\Re\AppData\Roaming\Mozilla\FiRefox\Profiles\aumcxv1e.default\Extensions\tr0whnl@iao-rx.net
Folder Found : C:\Users\Re\AppData\Roaming\Mozilla\FiRefox\Profiles\aumcxv1e.default\Extensions\tr0whnl@iao-rx.net
Folder Found : C:\Users\Re\AppData\Roaming\Mozilla\FiRefox\Profiles\aumcxv1e.default\Extensions\tr0whnl@iao-rx.net
Folder Found : C:\Users\Re\AppData\Roaming\Mozilla\FiRefox\Profiles\aumcxv1e.default\Extensions\tr0whnl@iao-rx.net
Folder Found : C:\Users\Re\AppData\Roaming\Mozilla\FiRefox\Profiles\aumcxv1e.default\Extensions\tr0whnl@iao-rx.net
Folder Found : C:\Users\Re\AppData\Roaming\Mozilla\FiRefox\Profiles\aumcxv1e.default\Extensions\tr0whnl@iao-rx.net
Folder Found C:\Program Files (x86)\1ClickDownload
Folder Found C:\Program Files (x86)\Alawar
Folder Found C:\Program Files (x86)\AOL Toolbar
Folder Found C:\Program Files (x86)\Application Updater
Folder Found C:\Program Files (x86)\BrowseToSave
Folder Found C:\Program Files (x86)\Common Files\Software Update Utility
Folder Found C:\Program Files (x86)\Common Files\Spigot
Folder Found C:\Program Files (x86)\continuetosave
Folder Found C:\Program Files (x86)\EZDownloader
Folder Found C:\Program Files (x86)\FreeRIP
Folder Found C:\Program Files (x86)\FreeRIP Toolbar
Folder Found C:\Program Files (x86)\Mobogenie
Folder Found C:\Program Files (x86)\SNT
Folder Found C:\Program Files (x86)\verizontb
Folder Found C:\Program Files (x86)\webSaVE
Folder Found C:\Program Files (x86)\Windows iLivid Toolbar
Folder Found C:\Program Files (x86)\yourfiledownloader
Folder Found C:\Program Files (x86)\YoutubeAdblocker
Folder Found C:\Program Files (x86)\YoutubeAdblocker
Folder Found C:\ProgramData\Alawar
Folder Found C:\ProgramData\Alawar Entertainment
Folder Found C:\ProgramData\AlawarWrapper
Folder Found C:\ProgramData\AOL Toolbar
Folder Found C:\ProgramData\blekko toolbars
Folder Found C:\ProgramData\boost_interprocess
Folder Found C:\ProgramData\DownloadnSave
Folder Found C:\ProgramData\DownloadnSave
Folder Found C:\ProgramData\EbookBoroowsea
Folder Found C:\ProgramData\iWin
Folder Found C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DownloadnSave
Folder Found C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DownloadnSave
Folder Found C:\ProgramData\Microsoft\Windows\Start Menu\Programs\EbookBoroowsea
Folder Found C:\ProgramData\Microsoft\Windows\Start Menu\Programs\EZDownloader
Folder Found C:\ProgramData\Premium
Folder Found C:\ProgramData\SNT
Folder Found C:\ProgramData\SoftSafe
Folder Found C:\ProgramData\StarApp
Folder Found C:\ProgramData\Trymedia
Folder Found C:\ProgramData\webSaVE
Folder Found C:\ProgramData\WinterSoft
Folder Found C:\ProgramData\YoutubeAdblocker
Folder Found C:\ProgramData\YoutubeAdblocker
Folder Found C:\Users\Re\AppData\Local\AlawarWrapper
Folder Found C:\Users\Re\AppData\Local\AOL Toolbar
Folder Found C:\Users\Re\AppData\Local\blekkotb_031
Folder Found C:\Users\Re\AppData\Local\genienext
Folder Found C:\Users\Re\AppData\Local\Ilivid Player
Folder Found C:\Users\Re\AppData\Local\iWin
Folder Found C:\Users\Re\AppData\Local\Mobogenie
Folder Found C:\Users\Re\AppData\Local\PackageAware
Folder Found C:\Users\Re\AppData\Local\Slick Savings
Folder Found C:\Users\Re\AppData\Local\SwvUpdater
Folder Found C:\Users\Re\AppData\Local\thinstall
Folder Found C:\Users\Re\AppData\Local\torch
Folder Found C:\Users\Re\AppData\LocalLow\boost_interprocess
Folder Found C:\Users\Re\AppData\LocalLow\DownloadnSave
Folder Found C:\Users\Re\AppData\LocalLow\DownloadnSave
Folder Found C:\Users\Re\AppData\LocalLow\EbookBoroowsea
Folder Found C:\Users\Re\AppData\LocalLow\Search Settings
Folder Found C:\Users\Re\AppData\LocalLow\searchquband
Folder Found C:\Users\Re\AppData\LocalLow\Searchqutoolbar
Folder Found C:\Users\Re\AppData\LocalLow\Toolbar4
Folder Found C:\Users\Re\AppData\LocalLow\verizontb
Folder Found C:\Users\Re\AppData\Roaming\Alawar
Folder Found C:\Users\Re\AppData\Roaming\Alawar Entertainment
Folder Found C:\Users\Re\AppData\Roaming\iWin
Folder Found C:\Users\Re\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Mobogenie
Folder Found C:\Users\Re\AppData\Roaming\Mozilla\FiRefox\Profiles\aumcxv1e.default\Searchqutoolbar
Folder Found C:\Users\Re\AppData\Roaming\Mozilla\FiRefox\Profiles\aumcxv1e.default\verizontb
Folder Found C:\Users\Re\AppData\Roaming\newnext.me
Folder Found C:\Users\Re\AppData\Roaming\OpenCandy
Folder Found C:\Users\Re\AppData\Roaming\pdfforge
Folder Found C:\Users\Re\AppData\Roaming\Slick Savings
Folder Found C:\Users\Re\AppData\Roaming\thinstall
Folder Found C:\Users\Re\AppData\Roaming\yourfiledownloader
Folder Found C:\Users\Re\Documents\Mobogenie
 
***** [ Shortcuts ] *****
 
 
***** [ Registry ] *****
 
Key Found : HKCU\Software\1ClickDownload
Key Found : HKCU\Software\AppDataLow\{5F189DF5-2D05-472B-9091-84D9848AE48B}
Key Found : HKCU\Software\AppDataLow\Software\Crossrider
Key Found : HKCU\Software\AppDataLow\Software\Search Settings
Key Found : HKCU\Software\AppDataLow\Software\searchqutoolbar
Key Found : HKCU\Software\AppDataLow\SProtector
Key Found : HKCU\Software\caphyon
Key Found : HKCU\Software\Conduit
Key Found : HKCU\Software\Cr_Installer
Key Found : HKCU\Software\DataMngr
Key Found : HKCU\Software\DataMngr_Toolbar
Key Found : HKCU\Software\ilivid
Key Found : HKCU\Software\InstallCore
Key Found : HKCU\Software\installedbrowserextensions
Key Found : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{2FA28606-DE77-4029-AF96-B231E3B8F827}
Key Found : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{3BD44F0E-0596-4008-AEE0-45D47E3A8F0E}
Key Found : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{96BD48DD-741B-41AE-AC4A-AFF96BA00F7E}
Key Found : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2406}
Key Found : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{B7FCA997-D0FB-4FE0-8AFD-255E89CF9671}
Key Found : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{BB74DE59-BC4C-4172-9AC4-73315F71CFFE}
Key Found : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{D43B3890-80C7-4010-A95D-1E77B5924DC3}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{11111111-1111-1111-1111-110111231131}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{47FBEE54-6DAE-4879-878D-8E709AA3F990}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{8769ADCE-DBA5-48E9-AFB5-67B12CDF2E61}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{96673559-E653-4CDC-8923-F89347A952C0}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{99079A25-328F-4BD4-BE04-00955ACAA0A7}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{9D717F81-9148-4F12-8568-69135F087DB0}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{CD9ACA07-9956-DB86-82D7-49D54A94F31A}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{E634228A-03CF-4BC8-B0AB-668257F1FD8C}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{F8D96645-337C-419B-8792-B6C126145811}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{FCBCCB87-9224-4B8D-B117-F56D924BEB18}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{11111111-1111-1111-1111-110111231131}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{47FBEE54-6DAE-4879-878D-8E709AA3F990}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{7B089B94-D1DC-4C6B-87E1-8156E22C1D96}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{8769ADCE-DBA5-48E9-AFB5-67B12CDF2E61}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{96673559-E653-4CDC-8923-F89347A952C0}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{99079A25-328F-4BD4-BE04-00955ACAA0A7}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{9D717F81-9148-4F12-8568-69135F087DB0}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{CD9ACA07-9956-DB86-82D7-49D54A94F31A}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{F8D96645-337C-419B-8792-B6C126145811}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{FCBCCB87-9224-4B8D-B117-F56D924BEB18}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\YourFileDownloader
Key Found : HKCU\Software\Search Settings
Key Found : HKCU\Software\Trymedia Systems
Key Found : HKCU\Software\YahooPartnerToolbar
Key Found : [x64] HKCU\Software\1ClickDownload
Key Found : [x64] HKCU\Software\caphyon
Key Found : [x64] HKCU\Software\Conduit
Key Found : [x64] HKCU\Software\Cr_Installer
Key Found : [x64] HKCU\Software\DataMngr
Key Found : [x64] HKCU\Software\DataMngr_Toolbar
Key Found : [x64] HKCU\Software\ilivid
Key Found : [x64] HKCU\Software\InstallCore
Key Found : [x64] HKCU\Software\installedbrowserextensions
Key Found : [x64] HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{2FA28606-DE77-4029-AF96-B231E3B8F827}
Key Found : [x64] HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{3BD44F0E-0596-4008-AEE0-45D47E3A8F0E}
Key Found : [x64] HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{96BD48DD-741B-41AE-AC4A-AFF96BA00F7E}
Key Found : [x64] HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2406}
Key Found : [x64] HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{B7FCA997-D0FB-4FE0-8AFD-255E89CF9671}
Key Found : [x64] HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{BB74DE59-BC4C-4172-9AC4-73315F71CFFE}
Key Found : [x64] HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{D43B3890-80C7-4010-A95D-1E77B5924DC3}
Key Found : [x64] HKCU\Software\Search Settings
Key Found : [x64] HKCU\Software\Trymedia Systems
Key Found : [x64] HKCU\Software\YahooPartnerToolbar
Key Found : HKLM\Software\{3A7D3E19-1B79-4E4E-BD96-5467DA2C4EF0}
Key Found : HKLM\Software\{5F189DF5-2D05-472B-9091-84D9848AE48B}
Key Found : HKLM\Software\Application Updater
Key Found : HKLM\Software\caphyon
Key Found : HKLM\SOFTWARE\Classes\AppID\{0A18A436-2A7A-49F3-A488-30538A2F6323}
Key Found : HKLM\SOFTWARE\Classes\AppID\{4CE516A7-F7AC-4628-B411-8F886DC5733E}
Key Found : HKLM\SOFTWARE\Classes\AppID\{5B1881D1-D9C7-46DF-B041-1E593282C7D0}
Key Found : HKLM\SOFTWARE\Classes\AppID\{628F3201-34D0-49C0-BB9A-82A26AEFB291}
Key Found : HKLM\SOFTWARE\Classes\AppID\{6C259840-5BA8-46E6-8ED1-EF3BA47D8BA1}
Key Found : HKLM\SOFTWARE\Classes\AppID\{AC662AF2-4601-4A68-84DF-A3FE83F1A5F9}
Key Found : HKLM\SOFTWARE\Classes\AppID\{B27D9527-3762-4D71-963D-FB7A94FDD678}
Key Found : HKLM\SOFTWARE\Classes\AppID\{BDB69379-802F-4EAF-B541-F8DE92DD98DB}
Key Found : HKLM\SOFTWARE\Classes\AppID\{D97A8234-F2A2-4AD4-91D5-FECDB2C553AF}
Key Found : HKLM\SOFTWARE\Classes\AppID\{EA28B360-05E0-4F93-8150-02891F1D8D3C}
Key Found : HKLM\SOFTWARE\Classes\AppID\BrowserConnection.dll
Key Found : HKLM\SOFTWARE\Classes\AppID\DNSBHO.dll
Key Found : HKLM\SOFTWARE\Classes\AppID\dnu.EXE
Key Found : HKLM\SOFTWARE\Classes\AppID\TbCommonUtils.DLL
Key Found : HKLM\SOFTWARE\Classes\AppID\TbHelper.EXE
Key Found : HKLM\SOFTWARE\Classes\Applications\ilividsetupv1.exe
Key Found : HKLM\SOFTWARE\Classes\bhoclass.bho.bhoclass.bho
Key Found : HKLM\SOFTWARE\Classes\bhoclass.bho.bhoclass.bho.1.0
Key Found : HKLM\SOFTWARE\Classes\BrowserConnection.Loader
Key Found : HKLM\SOFTWARE\Classes\BrowserConnection.Loader.1
Key Found : HKLM\SOFTWARE\Classes\CLSID\{00000001-4FEF-40D3-B3FA-E0531B897F98}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{007EFBDF-8A5D-4930-97CC-A4B437CBA777}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{11111111-1111-1111-1111-110111231131}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{1C950DE5-D31E-42FB-AFB9-91B0161633D8}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{22222222-2222-2222-2222-220122232231}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{33333333-3333-3333-3333-330133233331}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{34A0D84B-CDDC-4EC4-AFDD-4F1DDE1D14E5}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{3BDF4CE9-E81D-432B-A55E-9F0570CE811F}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{47FBEE54-6DAE-4879-878D-8E709AA3F990}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{57CADC46-58FF-4105-B733-5A9F3FC9783C}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{64697678-0000-0010-8000-00AA00389B71}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{67BD9EEB-AA06-4329-A940-D250019300C9}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{7B089B94-D1DC-4C6B-87E1-8156E22C1D96}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{96673559-E653-4CDC-8923-F89347A952C0}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{99079A25-328F-4BD4-BE04-00955ACAA0A7}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{9D717F81-9148-4F12-8568-69135F087DB0}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{9F34B17E-FF0D-4FAB-97C4-9713FEE79052}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{A40DC6C5-79D0-4CA8-A185-8FF989AF1115}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{A9A56B8E-2DEB-4ED3-BC92-1FA450BCE1A5}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{AE338F6D-5A7C-4D1D-86E3-C618532079B5}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{C339D489-FABC-41DD-B39D-276101667C70}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{CA3EB689-8F09-4026-AA10-B9534C691CE0}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{CC1AC828-BB47-4361-AFB5-96EEE259DD87}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{CD9ACA07-9956-DB86-82D7-49D54A94F31A}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{D433A9D0-8267-40CB-8AD5-24F22FA5373F}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{D565B35E-B787-40FA-95E3-E3562F8FC1A0}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{D89031C2-10DA-4C90-9A62-FCED012BC46B}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{E15A9BFD-D16D-496D-8222-44CADF316E70}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{E634228A-03CF-4BC8-B0AB-668257F1FD8C}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{F8D96645-337C-419B-8792-B6C126145811}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{FCBCCB87-9224-4B8D-B117-F56D924BEB18}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{FEFD3AF5-A346-4451-AA23-A3AD54915515}
Key Found : HKLM\SOFTWARE\Classes\ComObject.DeskbarEnabler
Key Found : HKLM\SOFTWARE\Classes\ComObject.DeskbarEnabler.1
Key Found : HKLM\SOFTWARE\Classes\CrossriderApp0012331.BHO
Key Found : HKLM\SOFTWARE\Classes\CrossriderApp0012331.BHO.1
Key Found : HKLM\SOFTWARE\Classes\CrossriderApp0012331.FBApi
Key Found : HKLM\SOFTWARE\Classes\CrossriderApp0012331.FBApi.1
Key Found : HKLM\SOFTWARE\Classes\CrossriderApp0012331.Sandbox
Key Found : HKLM\SOFTWARE\Classes\CrossriderApp0012331.Sandbox.1
Key Found : HKLM\SOFTWARE\Classes\DnsBHO.BHO
Key Found : HKLM\SOFTWARE\Classes\DnsBHO.BHO.1
Key Found : HKLM\SOFTWARE\Classes\dnUpdate
Key Found : HKLM\SOFTWARE\Classes\dnUpdater.DownloadUIBrowser
Key Found : HKLM\SOFTWARE\Classes\dnUpdater.DownloadUIBrowser.1
Key Found : HKLM\SOFTWARE\Classes\dnUpdater.DownloadUpdController
Key Found : HKLM\SOFTWARE\Classes\dnUpdater.DownloadUpdController.1
Key Found : HKLM\SOFTWARE\Classes\Interface\{01221FCC-4BFB-461C-B08C-F6D2DF309921}
Key Found : HKLM\SOFTWARE\Classes\Interface\{0FA32667-9A8A-4E9C-902F-CA3323180003}
Key Found : HKLM\SOFTWARE\Classes\Interface\{1B730ACF-26A3-447B-9994-14AEE0EB72CC}
Key Found : HKLM\SOFTWARE\Classes\Interface\{2A42D13C-D427-4787-821B-CF6973855778}
Key Found : HKLM\SOFTWARE\Classes\Interface\{3D8478AA-7B88-48A9-8BCB-B85D594411EC}
Key Found : HKLM\SOFTWARE\Classes\Interface\{44B619BC-3D2B-4990-AA4F-9AA366921792}
Key Found : HKLM\SOFTWARE\Classes\Interface\{452AE416-9A97-44CA-93DA-D0F15C36254F}
Key Found : HKLM\SOFTWARE\Classes\Interface\{45CDA4F7-594C-49A0-AAD1-8224517FE979}
Key Found : HKLM\SOFTWARE\Classes\Interface\{4897BBA6-48D9-468C-8EFA-846275D7701B}
Key Found : HKLM\SOFTWARE\Classes\Interface\{4D8ED2B3-DC62-43EC-ABA3-5B74F046B1BE}
Key Found : HKLM\SOFTWARE\Classes\Interface\{55555555-5555-5555-5555-550155235531}
Key Found : HKLM\SOFTWARE\Classes\Interface\{660E6F4F-840D-436D-B668-433D9591BAC5}
Key Found : HKLM\SOFTWARE\Classes\Interface\{66666666-6666-6666-6666-660166236631}
Key Found : HKLM\SOFTWARE\Classes\Interface\{6B458F62-592F-4B25-8967-E6A350A59328}
Key Found : HKLM\SOFTWARE\Classes\Interface\{77777777-7777-7777-7777-770177237731}
Key Found : HKLM\SOFTWARE\Classes\Interface\{81E852CC-1FD5-4004-8761-79A48B975E29}
Key Found : HKLM\SOFTWARE\Classes\Interface\{95B6A271-FEB4-4160-B0FF-44394C21C8DC}
Key Found : HKLM\SOFTWARE\Classes\Interface\{9EDC0C90-2B5B-4512-953E-35767BAD5C67}
Key Found : HKLM\SOFTWARE\Classes\Interface\{B2CA345D-ADB8-4F5D-AC64-4AB34322F659}
Key Found : HKLM\SOFTWARE\Classes\Interface\{B9F43021-60D4-42A6-A065-9BA37F38AC47}
Key Found : HKLM\SOFTWARE\Classes\Interface\{BBA74401-6D6F-4BBD-9F65-E8623814F3BB}
Key Found : HKLM\SOFTWARE\Classes\Interface\{BF921DD3-732A-4A11-933B-A5EA49F2FD2C}
Key Found : HKLM\SOFTWARE\Classes\Interface\{D2F39980-399F-492E-8D88-5FF7CCB3B47F}
Key Found : HKLM\SOFTWARE\Classes\Interface\{D83B296A-2FA6-425B-8AE8-A1F33D99FBD6}
Key Found : HKLM\SOFTWARE\Classes\Interface\{E3ED53C5-7AD5-4DF5-9734-AFB6E7E5D9DB}
Key Found : HKLM\SOFTWARE\Classes\Interface\{E67D5BC7-7129-493E-9281-F47BDAFACE4F}
Key Found : HKLM\SOFTWARE\Classes\Interface\{E7435878-65B9-44D1-A443-81754E5DFC90}
Key Found : HKLM\SOFTWARE\Classes\Interface\{FCC9CDD3-EFFF-11D1-A9F0-00A0244AC403}
Key Found : HKLM\SOFTWARE\Classes\SearchQUIEHelper.DNSGuard
Key Found : HKLM\SOFTWARE\Classes\SearchQUIEHelper.DNSGuard.1
Key Found : HKLM\SOFTWARE\Classes\TbCommonUtils.CommonUtils
Key Found : HKLM\SOFTWARE\Classes\TbCommonUtils.CommonUtils.1
Key Found : HKLM\SOFTWARE\Classes\TbHelper.TbDownloadManager
Key Found : HKLM\SOFTWARE\Classes\TbHelper.TbDownloadManager.1
Key Found : HKLM\SOFTWARE\Classes\TbHelper.TbPropertyManager
Key Found : HKLM\SOFTWARE\Classes\TbHelper.TbPropertyManager.1
Key Found : HKLM\SOFTWARE\Classes\TbHelper.TbRequest
Key Found : HKLM\SOFTWARE\Classes\TbHelper.TbRequest.1
Key Found : HKLM\SOFTWARE\Classes\TbHelper.TbTask
Key Found : HKLM\SOFTWARE\Classes\TbHelper.TbTask.1
Key Found : HKLM\SOFTWARE\Classes\TbHelper.ToolbarHelper
Key Found : HKLM\SOFTWARE\Classes\TbHelper.ToolbarHelper.1
Key Found : HKLM\SOFTWARE\Classes\TBSB00808.IEToolbar
Key Found : HKLM\SOFTWARE\Classes\TBSB00808.IEToolbar.1
Key Found : HKLM\SOFTWARE\Classes\TBSB00808.TBSB00808
Key Found : HKLM\SOFTWARE\Classes\TBSB00808.TBSB00808.3
Key Found : HKLM\SOFTWARE\Classes\Toolbar3.ContextMenuNotifier
Key Found : HKLM\SOFTWARE\Classes\Toolbar3.ContextMenuNotifier.1
Key Found : HKLM\SOFTWARE\Classes\Toolbar3.CustomInternetSecurityImpl
Key Found : HKLM\SOFTWARE\Classes\Toolbar3.CustomInternetSecurityImpl.1
Key Found : HKLM\SOFTWARE\Classes\Toolbar3.SearchProviderManager
Key Found : HKLM\SOFTWARE\Classes\Toolbar3.SearchProviderManager.1
Key Found : HKLM\SOFTWARE\Classes\Toolbar3.TBSB00808
Key Found : HKLM\SOFTWARE\Classes\Toolbar3.TBSB00808
Key Found : HKLM\SOFTWARE\Classes\Toolbar3.TBSB00808.1
Key Found : HKLM\SOFTWARE\Classes\Toolbar3.TBSB00808.1
Key Found : HKLM\SOFTWARE\Classes\TypeLib\{44444444-4444-4444-4444-440144234431}
Key Found : HKLM\SOFTWARE\Classes\TypeLib\{4509D3CC-B642-4745-B030-645B79522C6D}
Key Found : HKLM\SOFTWARE\Classes\TypeLib\{5B4144E1-B61D-495A-9A50-CD1A95D86D15}
Key Found : HKLM\SOFTWARE\Classes\TypeLib\{6A4BCABA-C437-4C76-A54E-AF31B8A76CB9}
Key Found : HKLM\SOFTWARE\Classes\TypeLib\{841D5A49-E48D-413C-9C28-EB3D9081D705}
Key Found : HKLM\SOFTWARE\Classes\TypeLib\{92380354-381A-471F-BE2E-DD9ACD9777EA}
Key Found : HKLM\SOFTWARE\Classes\TypeLib\{A0EE0278-2986-4E5A-884E-A3BF0357E476}
Key Found : HKLM\SOFTWARE\Classes\TypeLib\{A8E5842E-102B-4289-9D57-3B3F5B5E15D3}
Key Found : HKLM\SOFTWARE\Classes\TypeLib\{B87F8B63-7274-43FD-87FA-09D3B7496148}
Key Found : HKLM\SOFTWARE\Classes\TypeLib\{C2CF0D01-7657-48AA-98C9-AE5E64757FCC}
Key Found : HKLM\SOFTWARE\Classes\TypeLib\{C4BAE205-5E02-4E32-876E-F34B4E2D000C}
Key Found : HKLM\SOFTWARE\Classes\TypeLib\{EC4085F2-8DB3-45A6-AD0B-CA289F3C5D7E}
Key Found : HKLM\SOFTWARE\Classes\Updater.AmiUpd
Key Found : HKLM\SOFTWARE\Classes\Updater.AmiUpd.1
Key Found : HKLM\SOFTWARE\Classes\URLSearchHook.ToolbarURLSearchHook
Key Found : HKLM\SOFTWARE\Classes\URLSearchHook.ToolbarURLSearchHook.1
Key Found : HKLM\Software\DataMngr
Key Found : HKLM\SOFTWARE\Google\Chrome\Extensions\adllkfgdnokmolcgeknconkocfgekmpk
Key Found : HKLM\SOFTWARE\Google\Chrome\Extensions\hbcennhacfaagdopikcegfcobcadeocj
Key Found : HKLM\SOFTWARE\Google\Chrome\Extensions\icdlfehblmklkikfigmjhbmmpmkmpooj
Key Found : HKLM\SOFTWARE\Google\Chrome\Extensions\jplinpmadfkdgipabgcdchbdikologlh
Key Found : HKLM\SOFTWARE\Google\Chrome\Extensions\mhkaekfpcppmmioggniknbnbdbcigpkk
Key Found : HKLM\SOFTWARE\Google\Chrome\Extensions\pfndaklgolladniicklehhancnlgocpp
Key Found : HKLM\Software\Iminent
Key Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{11111111-1111-1111-1111-110111231131}
Key Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{628F3201-34D0-49C0-BB9A-82A26AEFB291}
Key Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{99079A25-328F-4BD4-BE04-00955ACAA0A7}
Key Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{2FA28606-DE77-4029-AF96-B231E3B8F827}
Key Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2406}
Key Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{B7FCA997-D0FB-4FE0-8AFD-255E89CF9671}
Key Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{BB74DE59-BC4C-4172-9AC4-73315F71CFFE}
Key Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{D43B3890-80C7-4010-A95D-1E77B5924DC3}
Key Found : HKLM\SOFTWARE\Microsoft\Tracing\apnstub_RASAPI32
Key Found : HKLM\SOFTWARE\Microsoft\Tracing\apnstub_RASMANCS
Key Found : HKLM\SOFTWARE\Microsoft\Tracing\AskInstallChecker_RASAPI32
Key Found : HKLM\SOFTWARE\Microsoft\Tracing\AskInstallChecker_RASMANCS
Key Found : HKLM\SOFTWARE\Microsoft\Tracing\BingBar_RASMANCS
Key Found : HKLM\SOFTWARE\Microsoft\Tracing\datamngrUI_RASAPI32
Key Found : HKLM\SOFTWARE\Microsoft\Tracing\datamngrUI_RASMANCS
Key Found : HKLM\SOFTWARE\Microsoft\Tracing\iLividSetupV1_RASAPI32
Key Found : HKLM\SOFTWARE\Microsoft\Tracing\iLividSetupV1_RASMANCS
Key Found : HKLM\SOFTWARE\Microsoft\Tracing\SearchquMediaBar_RASAPI32
Key Found : HKLM\SOFTWARE\Microsoft\Tracing\SearchquMediaBar_RASMANCS
Key Found : HKLM\SOFTWARE\Microsoft\Tracing\SetupDataMngr_Searchqu_RASAPI32
Key Found : HKLM\SOFTWARE\Microsoft\Tracing\SetupDataMngr_Searchqu_RASMANCS
Key Found : HKLM\SOFTWARE\Microsoft\Tracing\YourFile_RASAPI32
Key Found : HKLM\SOFTWARE\Microsoft\Tracing\YourFile_RASMANCS
Key Found : HKLM\SOFTWARE\Microsoft\Tracing\YourFileUpdater_RASAPI32
Key Found : HKLM\SOFTWARE\Microsoft\Tracing\YourFileUpdater_RASMANCS
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Paths\Mobogenie.exe
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Paths\MobogenieAdd
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{11111111-1111-1111-1111-110111231131}
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{34A0D84B-CDDC-4EC4-AFDD-4F1DDE1D14E5}
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{47FBEE54-6DAE-4879-878D-8E709AA3F990}
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{96673559-E653-4CDC-8923-F89347A952C0}
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{99079A25-328F-4BD4-BE04-00955ACAA0A7}
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9D717F81-9148-4F12-8568-69135F087DB0}
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{CD9ACA07-9956-DB86-82D7-49D54A94F31A}
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E634228A-03CF-4BC8-B0AB-668257F1FD8C}
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{F8D96645-337C-419B-8792-B6C126145811}
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{FCBCCB87-9224-4B8D-B117-F56D924BEB18}
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{11111111-1111-1111-1111-110111231131}
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{7B089B94-D1DC-4C6B-87E1-8156E22C1D96}
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{0F44DC3A-6E62-4961-A14B-95323C512F9B}_is1
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{3A787631-66A2-4634-B928-A37E73B58FB6}
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{4820778D-AB0D-6D18-C316-52A6A0E1D507}
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{501451DE-5808-4599-B544-8BD0915B6B24}_is1
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{99C91FC5-DB5B-4AA0-BB70-5D89C5A4DF96}
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{A8B0DBDE-8119-48B0-8088-D12DA01C36BA}
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{A8B0DBDE-8119-48B0-8088-D12DA01C36BA}
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{C670DCAE-E392-AA32-6F42-143C7FC4BDFD}
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{E5B7E1B4-21FC-6765-A3D7-BA0416DC6AF7}
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\1ClickDownloader
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Mobogenie
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\SoftwareUpdUtility
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Windows Searchqu Toolbar
Key Found : HKLM\Software\Search Settings
Key Found : HKLM\Software\SearchquMediabarTb
Key Found : HKLM\Software\SP Global
Key Found : HKLM\Software\SProtector
Key Found : HKLM\Software\Trymedia Systems
Key Found : HKLM\Software\YourFileDownloader
Key Found : [x64] HKLM\SOFTWARE\Classes\CLSID\{00000001-4FEF-40D3-B3FA-E0531B897F98}
Key Found : [x64] HKLM\SOFTWARE\Classes\CLSID\{34A0D84B-CDDC-4EC4-AFDD-4F1DDE1D14E5}
Key Found : [x64] HKLM\SOFTWARE\Classes\CLSID\{64697678-0000-0010-8000-00AA00389B71}
Key Found : [x64] HKLM\SOFTWARE\Classes\CLSID\{9D717F81-9148-4F12-8568-69135F087DB0}
Key Found : [x64] HKLM\SOFTWARE\Classes\CLSID\{A40DC6C5-79D0-4CA8-A185-8FF989AF1115}
Key Found : [x64] HKLM\SOFTWARE\Classes\CLSID\{CC1AC828-BB47-4361-AFB5-96EEE259DD87}
Key Found : [x64] HKLM\SOFTWARE\Classes\CLSID\{E634228A-03CF-4BC8-B0AB-668257F1FD8C}
Key Found : [x64] HKLM\SOFTWARE\Classes\CLSID\{FEFD3AF5-A346-4451-AA23-A3AD54915515}
Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{01221FCC-4BFB-461C-B08C-F6D2DF309921}
Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{0FA32667-9A8A-4E9C-902F-CA3323180003}
Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{1B730ACF-26A3-447B-9994-14AEE0EB72CC}
Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{2A42D13C-D427-4787-821B-CF6973855778}
Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{3D8478AA-7B88-48A9-8BCB-B85D594411EC}
Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{44B619BC-3D2B-4990-AA4F-9AA366921792}
Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{452AE416-9A97-44CA-93DA-D0F15C36254F}
Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{45CDA4F7-594C-49A0-AAD1-8224517FE979}
Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{4897BBA6-48D9-468C-8EFA-846275D7701B}
Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{4D8ED2B3-DC62-43EC-ABA3-5B74F046B1BE}
Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{55555555-5555-5555-5555-550155235531}
Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{660E6F4F-840D-436D-B668-433D9591BAC5}
Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{66666666-6666-6666-6666-660166236631}
Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{6B458F62-592F-4B25-8967-E6A350A59328}
Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{77777777-7777-7777-7777-770177237731}
Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{81E852CC-1FD5-4004-8761-79A48B975E29}
Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{95B6A271-FEB4-4160-B0FF-44394C21C8DC}
Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{9EDC0C90-2B5B-4512-953E-35767BAD5C67}
Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{B2CA345D-ADB8-4F5D-AC64-4AB34322F659}
Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{B9F43021-60D4-42A6-A065-9BA37F38AC47}
Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{BBA74401-6D6F-4BBD-9F65-E8623814F3BB}
Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{BF921DD3-732A-4A11-933B-A5EA49F2FD2C}
Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{D2F39980-399F-492E-8D88-5FF7CCB3B47F}
Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{D83B296A-2FA6-425B-8AE8-A1F33D99FBD6}
Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{E3ED53C5-7AD5-4DF5-9734-AFB6E7E5D9DB}
Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{E67D5BC7-7129-493E-9281-F47BDAFACE4F}
Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{E7435878-65B9-44D1-A443-81754E5DFC90}
Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{FCC9CDD3-EFFF-11D1-A9F0-00A0244AC403}
Key Found : [x64] HKLM\SOFTWARE\DataMngr
Key Found : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{2FA28606-DE77-4029-AF96-B231E3B8F827}
Key Found : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2406}
Key Found : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{B7FCA997-D0FB-4FE0-8AFD-255E89CF9671}
Key Found : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{D43B3890-80C7-4010-A95D-1E77B5924DC3}
Key Found : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{34A0D84B-CDDC-4EC4-AFDD-4F1DDE1D14E5}
Key Found : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9D717F81-9148-4F12-8568-69135F087DB0}
Value Found : HKCU\Software\Microsoft\Internet Explorer\URLSearchHooks [{CA3EB689-8F09-4026-AA10-B9534C691CE0}]
Value Found : HKCU\Software\Microsoft\Internet Explorer\URLSearchHooks [{E634228A-03CF-4BC8-B0AB-668257F1FD8C}]
Value Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Run [Slick Savings]
Value Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{99079A25-328F-4BD4-BE04-00955ACAA0A7}]
Value Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{E634228A-03CF-4BC8-B0AB-668257F1FD8C}]
Value Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{F8D96645-337C-419B-8792-B6C126145811}]
Value Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run [DataMngr]
Value Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run [mobilegeni daemon]
Value Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run [SearchSettings]
Value Found : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{E634228A-03CF-4BC8-B0AB-668257F1FD8C}]
 
***** [ Browsers ] *****
 
-\\ Internet Explorer v11.0.9600.16518
 
Setting Found : HKCU\Software\Microsoft\Internet Explorer\Main [Start Page] - hxxp://websearch.exitingsearch.info/?pid=1091&r=2014/03/03&hid=10151082111245442008&lg=EN&cc=US&unqvl=50
Setting Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Start Page] - hxxp://websearch.exitingsearch.info/?pid=1091&r=2014/03/03&hid=10151082111245442008&lg=EN&cc=US&unqvl=50
 
-\\ Mozilla Firefox v16.0.2 (en-US)
 
-\\ Google Chrome v
 
[ File : C:\Users\Re\AppData\Local\Google\Chrome\User Data\Default\preferences ]
 
Found : homepage
 
*************************
 
AdwCleaner[R0].txt - [41160 octets] - [13/03/2014 11:58:39]
 
########## EOF - C:\AdwCleaner\AdwCleaner[R0].txt - [41221 octets] ##########


#9 Jo*

Jo*

  • Malware Response Team
  • 3,445 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Germany
  • Local time:12:53 AM

Posted 13 March 2014 - 11:16 AM


Hello heytee65,


did you install that:

"Свадебный салон" = Свадебный салон
"Святой. Бездна отчаяния" = Святой. Бездна отчаяния

translated:
"Wedding Salon" = Wedding Salon
"Holy. Abyss of despair" = Holy. abyss of despair

***


Run Malwarebytes Anti-Rootkit again: Right-click mbar.exe and select Run As Administrator
  • Scan your system for malware
  • If malware is found, click on the Cleanup button to remove any threats and reboot if prompted to do so.
  • Wait while the system shuts down and the cleanup process is performed.
  • then please go to the MBAR folder and then copy/paste the contents of the MBAR-log-***.txt file to your next reply.
If there is no malware found, please let me know as well.

Graduate of the WTT Classroom
Cheers,
Jo
If I have been helping you, and I have not replied to your latest post in 36 hours please send me a PM.


#10 heytee65

heytee65
  • Topic Starter

  • Members
  • 41 posts
  • OFFLINE
  •  
  • Local time:07:53 PM

Posted 13 March 2014 - 02:31 PM

yes, i install it, but it can be deleted



#11 heytee65

heytee65
  • Topic Starter

  • Members
  • 41 posts
  • OFFLINE
  •  
  • Local time:07:53 PM

Posted 13 March 2014 - 03:19 PM

---------------------------------------
Malwarebytes Anti-Rootkit BETA 1.07.0.1009
 
© Malwarebytes Corporation 2011-2012
 
OS version: 6.1.7601 Windows 7 Service Pack 1 x64
 
Account is Administrative
 
Internet Explorer version: 11.0.9600.16518
 
Java version: 1.6.0_35
 
File system is: NTFS
Disk drives: C:\ DRIVE_FIXED, D:\ DRIVE_FIXED, F:\ DRIVE_FIXED, Q:\ DRIVE_FIXED
CPU speed: 2.593000 GHz
Memory total: 4021186560, free: 1825775616
 
---------------------------------------
Malwarebytes Anti-Rootkit BETA 1.07.0.1009
 
© Malwarebytes Corporation 2011-2012
 
OS version: 6.1.7601 Windows 7 Service Pack 1 x64
 
Account is Administrative
 
Internet Explorer version: 11.0.9600.16518
 
Java version: 1.6.0_35
 
File system is: NTFS
Disk drives: C:\ DRIVE_FIXED, D:\ DRIVE_FIXED, F:\ DRIVE_FIXED, Q:\ DRIVE_FIXED
CPU speed: 2.593000 GHz
Memory total: 4021186560, free: 1834213376
 
Downloaded database version: v2014.03.13.06
Downloaded database version: v2014.02.20.01
=======================================
Initializing...
------------ Kernel report ------------
     03/13/2014 11:27:20
------------ Loaded modules -----------
\SystemRoot\system32\ntoskrnl.exe
\SystemRoot\system32\hal.dll
\SystemRoot\system32\kdcom.dll
\SystemRoot\system32\mcupdate_AuthenticAMD.dll
\SystemRoot\system32\PSHED.dll
\SystemRoot\system32\CLFS.SYS
\SystemRoot\system32\CI.dll
\SystemRoot\system32\drivers\Wdf01000.sys
\SystemRoot\system32\drivers\WDFLDR.SYS
\SystemRoot\system32\drivers\ACPI.sys
\SystemRoot\system32\drivers\WMILIB.SYS
\SystemRoot\system32\drivers\msisadrv.sys
\SystemRoot\system32\drivers\pci.sys
\SystemRoot\system32\drivers\vdrvroot.sys
\SystemRoot\system32\DRIVERS\kl1.sys
\SystemRoot\System32\drivers\partmgr.sys
\SystemRoot\system32\DRIVERS\compbatt.sys
\SystemRoot\system32\DRIVERS\BATTC.SYS
\SystemRoot\system32\drivers\volmgr.sys
\SystemRoot\System32\drivers\volmgrx.sys
\SystemRoot\System32\drivers\mountmgr.sys
\SystemRoot\system32\drivers\atapi.sys
\SystemRoot\system32\drivers\ataport.SYS
\SystemRoot\system32\drivers\msahci.sys
\SystemRoot\system32\drivers\PCIIDEX.SYS
\SystemRoot\system32\DRIVERS\amd_sata.sys
\SystemRoot\system32\DRIVERS\storport.sys
\SystemRoot\system32\DRIVERS\amd_xata.sys
\SystemRoot\system32\drivers\amdxata.sys
\SystemRoot\system32\drivers\fltmgr.sys
\SystemRoot\system32\drivers\fileinfo.sys
\SystemRoot\System32\Drivers\Ntfs.sys
\SystemRoot\System32\Drivers\msrpc.sys
\SystemRoot\System32\Drivers\ksecdd.sys
\SystemRoot\System32\Drivers\cng.sys
\SystemRoot\System32\drivers\pcw.sys
\SystemRoot\System32\Drivers\Fs_Rec.sys
\SystemRoot\system32\drivers\ndis.sys
\SystemRoot\system32\drivers\NETIO.SYS
\SystemRoot\System32\Drivers\ksecpkg.sys
\SystemRoot\System32\drivers\tcpip.sys
\SystemRoot\System32\drivers\fwpkclnt.sys
\SystemRoot\system32\drivers\volsnap.sys
\SystemRoot\System32\Drivers\spldr.sys
\SystemRoot\System32\drivers\rdyboost.sys
\SystemRoot\System32\Drivers\mup.sys
\SystemRoot\System32\drivers\hwpolicy.sys
\SystemRoot\System32\DRIVERS\fvevol.sys
\SystemRoot\system32\DRIVERS\disk.sys
\SystemRoot\system32\DRIVERS\CLASSPNP.SYS
\SystemRoot\system32\DRIVERS\AtiPcie64.sys
\SystemRoot\system32\DRIVERS\cdrom.sys
\SystemRoot\system32\DRIVERS\klif.sys
\SystemRoot\system32\DRIVERS\klflt.sys
\SystemRoot\System32\Drivers\Null.SYS
\SystemRoot\System32\Drivers\Beep.SYS
\SystemRoot\System32\drivers\vga.sys
\SystemRoot\System32\drivers\VIDEOPRT.SYS
\SystemRoot\System32\drivers\watchdog.sys
\SystemRoot\System32\DRIVERS\RDPCDD.sys
\SystemRoot\system32\drivers\rdpencdd.sys
\SystemRoot\system32\drivers\rdprefmp.sys
\SystemRoot\System32\Drivers\Msfs.SYS
\SystemRoot\System32\Drivers\Npfs.SYS
\SystemRoot\system32\DRIVERS\tdx.sys
\SystemRoot\system32\DRIVERS\TDI.SYS
\SystemRoot\system32\DRIVERS\kltdi.sys
\SystemRoot\system32\drivers\afd.sys
\SystemRoot\System32\DRIVERS\netbt.sys
\SystemRoot\system32\DRIVERS\wfplwf.sys
\SystemRoot\system32\DRIVERS\pacer.sys
\SystemRoot\system32\DRIVERS\vwififlt.sys
\SystemRoot\system32\DRIVERS\klim6.sys
\SystemRoot\system32\DRIVERS\netbios.sys
\SystemRoot\system32\DRIVERS\wanarp.sys
\SystemRoot\system32\drivers\termdd.sys
\SystemRoot\system32\DRIVERS\rdbss.sys
\SystemRoot\system32\drivers\nsiproxy.sys
\SystemRoot\system32\drivers\mssmbios.sys
\SystemRoot\system32\DRIVERS\kneps.sys
\SystemRoot\System32\Drivers\ElbyCDIO.sys
\SystemRoot\System32\drivers\discache.sys
\SystemRoot\System32\Drivers\dfsc.sys
\SystemRoot\system32\DRIVERS\blbdrive.sys
\SystemRoot\system32\DRIVERS\tunnel.sys
\SystemRoot\system32\DRIVERS\amdppm.sys
\SystemRoot\system32\DRIVERS\atikmpag.sys
\SystemRoot\system32\DRIVERS\atikmdag.sys
\SystemRoot\System32\drivers\dxgkrnl.sys
\SystemRoot\System32\Drivers\fastfat.SYS
\SystemRoot\System32\drivers\dxgmms1.sys
\SystemRoot\system32\drivers\HDAudBus.sys
\SystemRoot\system32\DRIVERS\bcmwl664.sys
\SystemRoot\system32\DRIVERS\vwifibus.sys
\SystemRoot\system32\DRIVERS\Rt64win7.sys
\SystemRoot\system32\DRIVERS\RtsPStor.sys
\SystemRoot\system32\DRIVERS\GEARAspiWDM.sys
\SystemRoot\system32\DRIVERS\usbohci.sys
\SystemRoot\system32\DRIVERS\USBPORT.SYS
\SystemRoot\system32\DRIVERS\usbfilter.sys
\SystemRoot\system32\DRIVERS\usbehci.sys
\SystemRoot\system32\DRIVERS\i8042prt.sys
\SystemRoot\system32\DRIVERS\klkbdflt.sys
\SystemRoot\system32\drivers\kbdclass.sys
\SystemRoot\system32\DRIVERS\SynTP.sys
\SystemRoot\system32\DRIVERS\USBD.SYS
\SystemRoot\system32\DRIVERS\klmouflt.sys
\SystemRoot\system32\DRIVERS\mouclass.sys
\SystemRoot\system32\DRIVERS\CmBatt.sys
\SystemRoot\system32\drivers\wmiacpi.sys
\SystemRoot\system32\drivers\CompositeBus.sys
\SystemRoot\system32\drivers\Apowersoft_AudioDevice.sys
\SystemRoot\system32\drivers\portcls.sys
\SystemRoot\system32\drivers\drmk.sys
\SystemRoot\system32\drivers\ks.sys
\SystemRoot\system32\drivers\ksthunk.sys
\SystemRoot\system32\DRIVERS\ManyCam_x64.sys
\SystemRoot\system32\DRIVERS\STREAM.SYS
\SystemRoot\system32\DRIVERS\AgileVpn.sys
\SystemRoot\system32\DRIVERS\rasl2tp.sys
\SystemRoot\system32\DRIVERS\ndistapi.sys
\SystemRoot\system32\DRIVERS\ndiswan.sys
\SystemRoot\system32\DRIVERS\raspppoe.sys
\SystemRoot\system32\DRIVERS\raspptp.sys
\SystemRoot\system32\DRIVERS\rassstp.sys
\SystemRoot\system32\drivers\swenum.sys
\SystemRoot\system32\DRIVERS\amdiox64.sys
\SystemRoot\system32\DRIVERS\umbus.sys
\SystemRoot\system32\DRIVERS\usbhub.sys
\SystemRoot\System32\Drivers\NDProxy.SYS
\SystemRoot\system32\drivers\AtiHdmi.sys
\SystemRoot\system32\DRIVERS\stwrt64.sys
\SystemRoot\System32\win32k.sys
\SystemRoot\System32\drivers\Dxapi.sys
\SystemRoot\System32\Drivers\crashdmp.sys
\SystemRoot\System32\Drivers\dump_diskdump.sys
\SystemRoot\System32\Drivers\dump_amd_sata.sys
\SystemRoot\System32\Drivers\dump_dumpfve.sys
\SystemRoot\system32\DRIVERS\hidusb.sys
\SystemRoot\system32\DRIVERS\HIDCLASS.SYS
\SystemRoot\system32\DRIVERS\HIDPARSE.SYS
\SystemRoot\system32\DRIVERS\mouhid.sys
\SystemRoot\system32\DRIVERS\usbccgp.sys
\SystemRoot\System32\Drivers\usbvideo.sys
\SystemRoot\system32\DRIVERS\monitor.sys
\SystemRoot\System32\TSDDD.dll
\SystemRoot\System32\cdd.dll
\SystemRoot\System32\ATMFD.DLL
\SystemRoot\system32\drivers\luafv.sys
\SystemRoot\system32\DRIVERS\Sftvollh.sys
\SystemRoot\system32\DRIVERS\lltdio.sys
\SystemRoot\system32\DRIVERS\nwifi.sys
\SystemRoot\system32\DRIVERS\ndisuio.sys
\SystemRoot\system32\DRIVERS\rspndr.sys
\SystemRoot\system32\DRIVERS\vwifimp.sys
\SystemRoot\system32\drivers\HTTP.sys
\SystemRoot\system32\DRIVERS\bowser.sys
\SystemRoot\System32\drivers\mpsdrv.sys
\SystemRoot\system32\DRIVERS\mrxsmb.sys
\SystemRoot\system32\DRIVERS\mrxsmb10.sys
\SystemRoot\system32\DRIVERS\mrxsmb20.sys
\SystemRoot\system32\drivers\peauth.sys
\SystemRoot\System32\Drivers\secdrv.SYS
\SystemRoot\system32\DRIVERS\Sftfslh.sys
\SystemRoot\system32\DRIVERS\Sftplaylh.sys
\SystemRoot\System32\DRIVERS\srvnet.sys
\SystemRoot\System32\drivers\tcpipreg.sys
\SystemRoot\System32\DRIVERS\srv2.sys
\SystemRoot\System32\DRIVERS\srv.sys
\SystemRoot\system32\DRIVERS\Sftredirlh.sys
\??\C:\Program Files (x86)\TuneUp Utilities 2014\TuneUpUtilitiesDriver64.sys
\??\C:\Windows\system32\drivers\mbamchameleon.sys
\??\C:\Windows\system32\drivers\MBAMSwissArmy.sys
\Windows\System32\ntdll.dll
\Windows\System32\smss.exe
\Windows\System32\apisetschema.dll
\Windows\System32\autochk.exe
\Windows\System32\iertutil.dll
\Windows\System32\comdlg32.dll
\Windows\System32\kernel32.dll
\Windows\System32\usp10.dll
\Windows\System32\sechost.dll
\Windows\System32\shell32.dll
\Windows\System32\Wldap32.dll
\Windows\System32\msctf.dll
\Windows\System32\imm32.dll
\Windows\System32\clbcatq.dll
\Windows\System32\nsi.dll
\Windows\System32\urlmon.dll
\Windows\System32\psapi.dll
\Windows\System32\advapi32.dll
\Windows\System32\rpcrt4.dll
\Windows\System32\msvcrt.dll
\Windows\System32\ole32.dll
\Windows\System32\difxapi.dll
\Windows\System32\gdi32.dll
\Windows\System32\ws2_32.dll
\Windows\System32\normaliz.dll
\Windows\System32\imagehlp.dll
\Windows\System32\setupapi.dll
\Windows\System32\user32.dll
\Windows\System32\shlwapi.dll
\Windows\System32\oleaut32.dll
\Windows\System32\wininet.dll
\Windows\System32\lpk.dll
\Windows\System32\api-ms-win-downlevel-user32-l1-1-0.dll
\Windows\System32\wintrust.dll
\Windows\System32\cfgmgr32.dll
\Windows\System32\comctl32.dll
\Windows\System32\crypt32.dll
\Windows\System32\api-ms-win-downlevel-shlwapi-l1-1-0.dll
\Windows\System32\api-ms-win-downlevel-advapi32-l1-1-0.dll
\Windows\System32\api-ms-win-downlevel-normaliz-l1-1-0.dll
\Windows\System32\devobj.dll
\Windows\System32\api-ms-win-downlevel-ole32-l1-1-0.dll
\Windows\System32\api-ms-win-downlevel-version-l1-1-0.dll
\Windows\System32\KernelBase.dll
\Windows\System32\msasn1.dll
\Windows\SysWOW64\normaliz.dll
----------- End -----------
Done!
<<<1>>>
Upper Device Name: \Device\Harddisk0\DR0
Upper Device Object: 0xfffffa800434b060
Upper Device Driver Name: \Driver\Disk\
Lower Device Name: \Device\00000065\
Lower Device Object: 0xfffffa80042d4410
Lower Device Driver Name: \Driver\amd_sata\
<<<2>>>
Physical Sector Size: 512
Drive: 0, DevicePointer: 0xfffffa800434b060, DeviceName: \Device\Harddisk0\DR0\, DriverName: \Driver\Disk\
--------- Disk Stack ------
DevicePointer: 0xfffffa800434bab0, DeviceName: Unknown, DriverName: \Driver\partmgr\
DevicePointer: 0xfffffa800434b060, DeviceName: \Device\Harddisk0\DR0\, DriverName: \Driver\Disk\
DevicePointer: 0xfffffa80042d8ac0, DeviceName: Unknown, DriverName: \Driver\amd_xata\
DevicePointer: 0xfffffa80042d4410, DeviceName: \Device\00000065\, DriverName: \Driver\amd_sata\
------------ End ----------
Alternate DeviceName: \Device\Harddisk0\DR0\, DriverName: \Driver\Disk\
Upper DeviceData: 0x0, 0x0, 0x0
Lower DeviceData: 0x0, 0x0, 0x0
<<<3>>>
Volume: C:
File system type: NTFS
SectorSize = 512, ClusterSize = 4096, MFTRecordSize = 1024, MFTIndexSize = 4096 bytes
<<<2>>>
<<<3>>>
Volume: C:
File system type: NTFS
SectorSize = 512, ClusterSize = 4096, MFTRecordSize = 1024, MFTIndexSize = 4096 bytes
Scanning drivers directory: C:\WINDOWS\SYSTEM32\drivers...
<<<2>>>
<<<3>>>
Volume: C:
File system type: NTFS
SectorSize = 512, ClusterSize = 4096, MFTRecordSize = 1024, MFTIndexSize = 4096 bytes
Done!
Drive 0
Scanning MBR on drive 0...
Inspecting partition table:
MBR Signature: 55AA
Disk Signature: 83DB7D88
 
Partition information:
 
    Partition 0 type is Primary (0x7)
    Partition is ACTIVE.
    Partition starts at LBA: 2048  Numsec = 407552
    Partition file system is NTFS
    Partition is bootable
 
    Partition 1 type is Primary (0x7)
    Partition is NOT ACTIVE.
    Partition starts at LBA: 409600  Numsec = 944584704
 
    Partition 2 type is Primary (0x7)
    Partition is NOT ACTIVE.
    Partition starts at LBA: 944994304  Numsec = 31565824
 
    Partition 3 type is Other (0xc)
    Partition is NOT ACTIVE.
    Partition starts at LBA: 976560128  Numsec = 210992
 
Disk Size: 500107862016 bytes
Sector size: 512 bytes
 
Scanning physical sectors of unpartitioned space on drive 0 (1-2047-976753168-976773168)...
Done!
Infected: C:\ProgramData\WebGeniuos\WebGeniuosSvc.dll --> [Trojan.SProtector]
Infected: C:\ProgramData\InstallMate\{87D4BD36-7AE4-4399-A172-32C65C379FC0}\Custom.dll --> [Trojan.MSIL.Injector]
Infected: C:\ProgramData\InstallMate\{BF03322A-7273-4CBF-AE54-3A5164E010DC}\Custom.dll --> [Trojan.MSIL.Injector]
Infected: HKCU\SOFTWARE\Trymedia Systems --> [Adware.TryMedia]
Scan finished
User declined to cleanup malware.
=======================================
 
 
Removal queue found; removal started
Removing C:\ProgramData\Malwarebytes' Anti-Malware (portable)\MBR-0-i.mbam...
Removing C:\ProgramData\Malwarebytes' Anti-Malware (portable)\VBR-0-0-2048-i.mbam...
Removing C:\ProgramData\Malwarebytes' Anti-Malware (portable)\MBR-0-r.mbam...
Removal finished
---------------------------------------
Malwarebytes Anti-Rootkit BETA 1.07.0.1009
 
© Malwarebytes Corporation 2011-2012
 
OS version: 6.1.7601 Windows 7 Service Pack 1 x64
 
Account is Administrative
 
Internet Explorer version: 11.0.9600.16518
 
Java version: 1.6.0_35
 
File system is: NTFS
Disk drives: C:\ DRIVE_FIXED, D:\ DRIVE_FIXED, F:\ DRIVE_FIXED, Q:\ DRIVE_FIXED
CPU speed: 2.593000 GHz
Memory total: 4021186560, free: 1121333248
 
Downloaded database version: v2014.03.13.07
Downloaded database version: v2014.02.20.01
=======================================
Initializing...
------------ Kernel report ------------
     03/13/2014 15:44:29
------------ Loaded modules -----------
\SystemRoot\system32\ntoskrnl.exe
\SystemRoot\system32\hal.dll
\SystemRoot\system32\kdcom.dll
\SystemRoot\system32\mcupdate_AuthenticAMD.dll
\SystemRoot\system32\PSHED.dll
\SystemRoot\system32\CLFS.SYS
\SystemRoot\system32\CI.dll
\SystemRoot\system32\drivers\Wdf01000.sys
\SystemRoot\system32\drivers\WDFLDR.SYS
\SystemRoot\system32\drivers\ACPI.sys
\SystemRoot\system32\drivers\WMILIB.SYS
\SystemRoot\system32\drivers\msisadrv.sys
\SystemRoot\system32\drivers\pci.sys
\SystemRoot\system32\drivers\vdrvroot.sys
\SystemRoot\system32\DRIVERS\kl1.sys
\SystemRoot\System32\drivers\partmgr.sys
\SystemRoot\system32\DRIVERS\compbatt.sys
\SystemRoot\system32\DRIVERS\BATTC.SYS
\SystemRoot\system32\drivers\volmgr.sys
\SystemRoot\System32\drivers\volmgrx.sys
\SystemRoot\System32\drivers\mountmgr.sys
\SystemRoot\system32\drivers\atapi.sys
\SystemRoot\system32\drivers\ataport.SYS
\SystemRoot\system32\drivers\msahci.sys
\SystemRoot\system32\drivers\PCIIDEX.SYS
\SystemRoot\system32\DRIVERS\amd_sata.sys
\SystemRoot\system32\DRIVERS\storport.sys
\SystemRoot\system32\DRIVERS\amd_xata.sys
\SystemRoot\system32\drivers\amdxata.sys
\SystemRoot\system32\drivers\fltmgr.sys
\SystemRoot\system32\drivers\fileinfo.sys
\SystemRoot\System32\Drivers\Ntfs.sys
\SystemRoot\System32\Drivers\msrpc.sys
\SystemRoot\System32\Drivers\ksecdd.sys
\SystemRoot\System32\Drivers\cng.sys
\SystemRoot\System32\drivers\pcw.sys
\SystemRoot\System32\Drivers\Fs_Rec.sys
\SystemRoot\system32\drivers\ndis.sys
\SystemRoot\system32\drivers\NETIO.SYS
\SystemRoot\System32\Drivers\ksecpkg.sys
\SystemRoot\System32\drivers\tcpip.sys
\SystemRoot\System32\drivers\fwpkclnt.sys
\SystemRoot\system32\drivers\volsnap.sys
\SystemRoot\System32\Drivers\spldr.sys
\SystemRoot\System32\drivers\rdyboost.sys
\SystemRoot\System32\Drivers\mup.sys
\SystemRoot\System32\drivers\hwpolicy.sys
\SystemRoot\System32\DRIVERS\fvevol.sys
\SystemRoot\system32\DRIVERS\disk.sys
\SystemRoot\system32\DRIVERS\CLASSPNP.SYS
\SystemRoot\system32\DRIVERS\AtiPcie64.sys
\SystemRoot\system32\DRIVERS\cdrom.sys
\SystemRoot\system32\DRIVERS\klif.sys
\SystemRoot\system32\DRIVERS\klflt.sys
\SystemRoot\System32\Drivers\Null.SYS
\SystemRoot\System32\Drivers\Beep.SYS
\SystemRoot\System32\drivers\vga.sys
\SystemRoot\System32\drivers\VIDEOPRT.SYS
\SystemRoot\System32\drivers\watchdog.sys
\SystemRoot\System32\DRIVERS\RDPCDD.sys
\SystemRoot\system32\drivers\rdpencdd.sys
\SystemRoot\system32\drivers\rdprefmp.sys
\SystemRoot\System32\Drivers\Msfs.SYS
\SystemRoot\System32\Drivers\Npfs.SYS
\SystemRoot\system32\DRIVERS\tdx.sys
\SystemRoot\system32\DRIVERS\TDI.SYS
\SystemRoot\system32\DRIVERS\kltdi.sys
\SystemRoot\system32\drivers\afd.sys
\SystemRoot\System32\DRIVERS\netbt.sys
\SystemRoot\system32\DRIVERS\wfplwf.sys
\SystemRoot\system32\DRIVERS\pacer.sys
\SystemRoot\system32\DRIVERS\vwififlt.sys
\SystemRoot\system32\DRIVERS\klim6.sys
\SystemRoot\system32\DRIVERS\netbios.sys
\SystemRoot\system32\DRIVERS\wanarp.sys
\SystemRoot\system32\drivers\termdd.sys
\SystemRoot\system32\DRIVERS\rdbss.sys
\SystemRoot\system32\drivers\nsiproxy.sys
\SystemRoot\system32\drivers\mssmbios.sys
\SystemRoot\system32\DRIVERS\kneps.sys
\SystemRoot\System32\Drivers\ElbyCDIO.sys
\SystemRoot\System32\drivers\discache.sys
\SystemRoot\System32\Drivers\dfsc.sys
\SystemRoot\system32\DRIVERS\blbdrive.sys
\SystemRoot\system32\DRIVERS\tunnel.sys
\SystemRoot\system32\DRIVERS\amdppm.sys
\SystemRoot\system32\DRIVERS\atikmpag.sys
\SystemRoot\system32\DRIVERS\atikmdag.sys
\SystemRoot\System32\drivers\dxgkrnl.sys
\SystemRoot\System32\Drivers\fastfat.SYS
\SystemRoot\System32\drivers\dxgmms1.sys
\SystemRoot\system32\drivers\HDAudBus.sys
\SystemRoot\system32\DRIVERS\bcmwl664.sys
\SystemRoot\system32\DRIVERS\vwifibus.sys
\SystemRoot\system32\DRIVERS\Rt64win7.sys
\SystemRoot\system32\DRIVERS\RtsPStor.sys
\SystemRoot\system32\DRIVERS\GEARAspiWDM.sys
\SystemRoot\system32\DRIVERS\usbohci.sys
\SystemRoot\system32\DRIVERS\USBPORT.SYS
\SystemRoot\system32\DRIVERS\usbfilter.sys
\SystemRoot\system32\DRIVERS\usbehci.sys
\SystemRoot\system32\DRIVERS\i8042prt.sys
\SystemRoot\system32\DRIVERS\klkbdflt.sys
\SystemRoot\system32\drivers\kbdclass.sys
\SystemRoot\system32\DRIVERS\SynTP.sys
\SystemRoot\system32\DRIVERS\USBD.SYS
\SystemRoot\system32\DRIVERS\klmouflt.sys
\SystemRoot\system32\DRIVERS\mouclass.sys
\SystemRoot\system32\DRIVERS\CmBatt.sys
\SystemRoot\system32\drivers\wmiacpi.sys
\SystemRoot\system32\drivers\CompositeBus.sys
\SystemRoot\system32\drivers\Apowersoft_AudioDevice.sys
\SystemRoot\system32\drivers\portcls.sys
\SystemRoot\system32\drivers\drmk.sys
\SystemRoot\system32\drivers\ks.sys
\SystemRoot\system32\drivers\ksthunk.sys
\SystemRoot\system32\DRIVERS\ManyCam_x64.sys
\SystemRoot\system32\DRIVERS\STREAM.SYS
\SystemRoot\system32\DRIVERS\AgileVpn.sys
\SystemRoot\system32\DRIVERS\rasl2tp.sys
\SystemRoot\system32\DRIVERS\ndistapi.sys
\SystemRoot\system32\DRIVERS\ndiswan.sys
\SystemRoot\system32\DRIVERS\raspppoe.sys
\SystemRoot\system32\DRIVERS\raspptp.sys
\SystemRoot\system32\DRIVERS\rassstp.sys
\SystemRoot\system32\drivers\swenum.sys
\SystemRoot\system32\DRIVERS\amdiox64.sys
\SystemRoot\system32\DRIVERS\umbus.sys
\SystemRoot\system32\DRIVERS\usbhub.sys
\SystemRoot\System32\Drivers\NDProxy.SYS
\SystemRoot\system32\drivers\AtiHdmi.sys
\SystemRoot\system32\DRIVERS\stwrt64.sys
\SystemRoot\System32\win32k.sys
\SystemRoot\System32\drivers\Dxapi.sys
\SystemRoot\System32\Drivers\crashdmp.sys
\SystemRoot\System32\Drivers\dump_diskdump.sys
\SystemRoot\System32\Drivers\dump_amd_sata.sys
\SystemRoot\System32\Drivers\dump_dumpfve.sys
\SystemRoot\system32\DRIVERS\hidusb.sys
\SystemRoot\system32\DRIVERS\HIDCLASS.SYS
\SystemRoot\system32\DRIVERS\HIDPARSE.SYS
\SystemRoot\system32\DRIVERS\mouhid.sys
\SystemRoot\system32\DRIVERS\usbccgp.sys
\SystemRoot\System32\Drivers\usbvideo.sys
\SystemRoot\system32\DRIVERS\monitor.sys
\SystemRoot\System32\TSDDD.dll
\SystemRoot\System32\cdd.dll
\SystemRoot\System32\ATMFD.DLL
\SystemRoot\system32\drivers\luafv.sys
\SystemRoot\system32\DRIVERS\Sftvollh.sys
\SystemRoot\system32\DRIVERS\lltdio.sys
\SystemRoot\system32\DRIVERS\nwifi.sys
\SystemRoot\system32\DRIVERS\ndisuio.sys
\SystemRoot\system32\DRIVERS\rspndr.sys
\SystemRoot\system32\DRIVERS\vwifimp.sys
\SystemRoot\system32\drivers\HTTP.sys
\SystemRoot\system32\DRIVERS\bowser.sys
\SystemRoot\System32\drivers\mpsdrv.sys
\SystemRoot\system32\DRIVERS\mrxsmb.sys
\SystemRoot\system32\DRIVERS\mrxsmb10.sys
\SystemRoot\system32\DRIVERS\mrxsmb20.sys
\SystemRoot\system32\drivers\peauth.sys
\SystemRoot\System32\Drivers\secdrv.SYS
\SystemRoot\system32\DRIVERS\Sftfslh.sys
\SystemRoot\system32\DRIVERS\Sftplaylh.sys
\SystemRoot\System32\DRIVERS\srvnet.sys
\SystemRoot\System32\drivers\tcpipreg.sys
\SystemRoot\System32\DRIVERS\srv2.sys
\SystemRoot\System32\DRIVERS\srv.sys
\SystemRoot\system32\DRIVERS\Sftredirlh.sys
\??\C:\Program Files (x86)\TuneUp Utilities 2014\TuneUpUtilitiesDriver64.sys
\??\C:\Windows\system32\drivers\mbamchameleon.sys
\??\C:\Windows\system32\drivers\MBAMSwissArmy.sys
\Windows\System32\ntdll.dll
\Windows\System32\smss.exe
\Windows\System32\apisetschema.dll
\Windows\System32\autochk.exe
\Windows\System32\iertutil.dll
\Windows\System32\comdlg32.dll
\Windows\System32\kernel32.dll
\Windows\System32\usp10.dll
\Windows\System32\sechost.dll
\Windows\System32\shell32.dll
\Windows\System32\Wldap32.dll
\Windows\System32\msctf.dll
\Windows\System32\imm32.dll
\Windows\System32\clbcatq.dll
\Windows\System32\nsi.dll
\Windows\System32\urlmon.dll
\Windows\System32\psapi.dll
\Windows\System32\advapi32.dll
\Windows\System32\rpcrt4.dll
\Windows\System32\msvcrt.dll
\Windows\System32\ole32.dll
\Windows\System32\difxapi.dll
\Windows\System32\gdi32.dll
\Windows\System32\ws2_32.dll
\Windows\System32\normaliz.dll
\Windows\System32\imagehlp.dll
\Windows\System32\setupapi.dll
\Windows\System32\user32.dll
\Windows\System32\shlwapi.dll
\Windows\System32\oleaut32.dll
\Windows\System32\wininet.dll
\Windows\System32\lpk.dll
\Windows\System32\api-ms-win-downlevel-user32-l1-1-0.dll
\Windows\System32\wintrust.dll
\Windows\System32\cfgmgr32.dll
\Windows\System32\comctl32.dll
\Windows\System32\crypt32.dll
\Windows\System32\api-ms-win-downlevel-shlwapi-l1-1-0.dll
\Windows\System32\api-ms-win-downlevel-advapi32-l1-1-0.dll
\Windows\System32\api-ms-win-downlevel-normaliz-l1-1-0.dll
\Windows\System32\devobj.dll
\Windows\System32\api-ms-win-downlevel-ole32-l1-1-0.dll
\Windows\System32\api-ms-win-downlevel-version-l1-1-0.dll
\Windows\System32\KernelBase.dll
\Windows\System32\msasn1.dll
\Windows\SysWOW64\normaliz.dll
----------- End -----------
Done!
<<<1>>>
Upper Device Name: \Device\Harddisk0\DR0
Upper Device Object: 0xfffffa800434b060
Upper Device Driver Name: \Driver\Disk\
Lower Device Name: \Device\00000065\
Lower Device Object: 0xfffffa80042d4410
Lower Device Driver Name: \Driver\amd_sata\
<<<2>>>
Physical Sector Size: 512
Drive: 0, DevicePointer: 0xfffffa800434b060, DeviceName: \Device\Harddisk0\DR0\, DriverName: \Driver\Disk\
--------- Disk Stack ------
DevicePointer: 0xfffffa800434bab0, DeviceName: Unknown, DriverName: \Driver\partmgr\
DevicePointer: 0xfffffa800434b060, DeviceName: \Device\Harddisk0\DR0\, DriverName: \Driver\Disk\
DevicePointer: 0xfffffa80042d8ac0, DeviceName: Unknown, DriverName: \Driver\amd_xata\
DevicePointer: 0xfffffa80042d4410, DeviceName: \Device\00000065\, DriverName: \Driver\amd_sata\
------------ End ----------
Alternate DeviceName: \Device\Harddisk0\DR0\, DriverName: \Driver\Disk\
Upper DeviceData: 0x0, 0x0, 0x0
Lower DeviceData: 0x0, 0x0, 0x0
<<<3>>>
Volume: C:
File system type: NTFS
SectorSize = 512, ClusterSize = 4096, MFTRecordSize = 1024, MFTIndexSize = 4096 bytes
<<<2>>>
<<<3>>>
Volume: C:
File system type: NTFS
SectorSize = 512, ClusterSize = 4096, MFTRecordSize = 1024, MFTIndexSize = 4096 bytes
Scanning drivers directory: C:\WINDOWS\SYSTEM32\drivers...
<<<2>>>
<<<3>>>
Volume: C:
File system type: NTFS
SectorSize = 512, ClusterSize = 4096, MFTRecordSize = 1024, MFTIndexSize = 4096 bytes
Done!
Drive 0
Scanning MBR on drive 0...
Inspecting partition table:
MBR Signature: 55AA
Disk Signature: 83DB7D88
 
Partition information:
 
    Partition 0 type is Primary (0x7)
    Partition is ACTIVE.
    Partition starts at LBA: 2048  Numsec = 407552
    Partition file system is NTFS
    Partition is bootable
 
    Partition 1 type is Primary (0x7)
    Partition is NOT ACTIVE.
    Partition starts at LBA: 409600  Numsec = 944584704
 
    Partition 2 type is Primary (0x7)
    Partition is NOT ACTIVE.
    Partition starts at LBA: 944994304  Numsec = 31565824
 
    Partition 3 type is Other (0xc)
    Partition is NOT ACTIVE.
    Partition starts at LBA: 976560128  Numsec = 210992
 
Disk Size: 500107862016 bytes
Sector size: 512 bytes
 
Scanning physical sectors of unpartitioned space on drive 0 (1-2047-976753168-976773168)...
Done!
Infected: C:\ProgramData\WebGeniuos\WebGeniuosSvc.dll --> [Trojan.SProtector]
Infected: C:\ProgramData\InstallMate\{87D4BD36-7AE4-4399-A172-32C65C379FC0}\Custom.dll --> [Trojan.MSIL.Injector]
Infected: C:\ProgramData\InstallMate\{BF03322A-7273-4CBF-AE54-3A5164E010DC}\Custom.dll --> [Trojan.MSIL.Injector]
Infected: HKCU\SOFTWARE\Trymedia Systems --> [Adware.TryMedia]
Scan finished
Creating System Restore point...
Cleaning up...
Removal scheduling successful. System shutdown needed.
System shutdown occurred
=======================================


#12 Jo*

Jo*

  • Malware Response Team
  • 3,445 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Germany
  • Local time:12:53 AM

Posted 13 March 2014 - 03:37 PM

Hello heytee65,

Double click on AdwCleaner.exe to run the tool again.
Vista / Windows 7/8 users right-click and select Run As Administrator.
  • Click on the Scan button.
  • AdwCleaner will begin to scan your computer like it did before.
  • When the scan has finished, the actual line should say "Pending. Please uncheck elements you do not want to remove". Look through the scan results and uncheck any entries that you do not wish to remove.
  • This time, click on the Clean button.
  • Press OK when asked to close all programs and follow the onscreen prompts.
  • Press OK again to allow AdwCleaner to restart the computer and complete the removal process.
  • After rebooting, a logfile report (AdwCleaner[S0].txt) will open automatically.
  • Copy and paste the contents of that logfile in your next reply.
  • A copy of that logfile will also be saved in the C:\AdwCleaner folder.

***


Please download Junkware Removal Tool from HERE and save it to your desktop.
Shutdown your antivirus to avoid any potential conflicts.
Double click JRT.exe to run the tool.
Vista / Windows 7/8 users right-click and select Run As Administrator.
  • JRT will begin to backup your registry and start scanning your system.
  • Please be patient as this can take a while to complete depending on your system's specifications.
  • On completion, the log JRT.txt is saved on your desktop and will automatically open.
Enable your antivirus!
Post the contents of JRT.txt into your next reply.


***


Run OTL again.
  • Make sure all other windows are closed and to let it run uninterrupted.
  • When the window appears, underneath Output at the top change it to Minimal Output.
  • don't check the boxes beside LOP Check and Purity Check this time.
  • Click the Run Scan button. Do not change any settings unless otherwise told to do so. The scan wont take long.
  • When the scan completes, it will open a notepad window OTL.Txt.
  • Please copy (Edit->Select All, Edit->Copy) the content of the file and post it with your next reply.

***


How the computer is running now?


***


Graduate of the WTT Classroom
Cheers,
Jo
If I have been helping you, and I have not replied to your latest post in 36 hours please send me a PM.


#13 heytee65

heytee65
  • Topic Starter

  • Members
  • 41 posts
  • OFFLINE
  •  
  • Local time:07:53 PM

Posted 13 March 2014 - 05:16 PM

# AdwCleaner v3.021 - Report created 13/03/2014 at 18:06:39
# Updated 10/03/2014 by Xplode
# Operating System : Windows 7 Home Premium Service Pack 1 (64 bits)
# Username : Re - RE-HP
# Running from : C:\Users\Re\Desktop\AdwCleaner.exe
# Option : Clean
 
***** [ Services ] *****
 
Service Deleted : Application Updater
Service Deleted : MgAssistService
 
***** [ Files / Folders ] *****
 
Folder Deleted : C:\ProgramData\AOL Toolbar
Folder Deleted : C:\ProgramData\blekko toolbars
Folder Deleted : C:\ProgramData\boost_interprocess
Folder Deleted : C:\ProgramData\DownloadnSave
Folder Deleted : C:\ProgramData\iWin
Folder Deleted : C:\ProgramData\Premium
Folder Deleted : C:\ProgramData\SNT
Folder Deleted : C:\ProgramData\SoftSafe
Folder Deleted : C:\ProgramData\StarApp
Folder Deleted : C:\ProgramData\Trymedia
Folder Deleted : C:\ProgramData\webSaVE
Folder Deleted : C:\ProgramData\WinterSoft
Folder Deleted : C:\ProgramData\YoutubeAdblocker
Folder Deleted : C:\ProgramData\Alawar
Folder Deleted : C:\ProgramData\Alawar Entertainment
Folder Deleted : C:\ProgramData\AlawarWrapper
[/!\] Not Deleted ( Junction ) : C:\ProgramData\DownloadnSave
Folder Deleted : C:\ProgramData\EbookBoroowsea
Folder Deleted : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DownloadnSave
Folder Deleted : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\EZDownloader
Folder Deleted : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\EbookBoroowsea
Folder Deleted : C:\Program Files (x86)\1ClickDownload
Folder Deleted : C:\Program Files (x86)\AOL Toolbar
Folder Deleted : C:\Program Files (x86)\Application Updater
Folder Deleted : C:\Program Files (x86)\BrowseToSave
Folder Deleted : C:\Program Files (x86)\continuetosave
Folder Deleted : C:\Program Files (x86)\EZDownloader
Folder Deleted : C:\Program Files (x86)\FreeRIP Toolbar
Folder Deleted : C:\Program Files (x86)\FreeRIP
Folder Deleted : C:\Program Files (x86)\Mobogenie
Folder Deleted : C:\Program Files (x86)\SNT
Folder Deleted : C:\Program Files (x86)\verizontb
Folder Deleted : C:\Program Files (x86)\webSaVE
Folder Deleted : C:\Program Files (x86)\Windows iLivid Toolbar
Folder Deleted : C:\Program Files (x86)\yourfiledownloader
Folder Deleted : C:\Program Files (x86)\YoutubeAdblocker
Folder Deleted : C:\Program Files (x86)\Alawar
Folder Deleted : C:\Program Files (x86)\Common Files\Software Update Utility
Folder Deleted : C:\Program Files (x86)\Common Files\Spigot
Folder Deleted : C:\Users\Re\AppData\Local\AOL Toolbar
Folder Deleted : C:\Users\Re\AppData\Local\blekkotb_031
Folder Deleted : C:\Users\Re\AppData\Local\genienext
Folder Deleted : C:\Users\Re\AppData\Local\Ilivid Player
Folder Deleted : C:\Users\Re\AppData\Local\iWin
Folder Deleted : C:\Users\Re\AppData\Local\Mobogenie
Folder Deleted : C:\Users\Re\AppData\Local\PackageAware
Folder Deleted : C:\Users\Re\AppData\Local\Slick Savings
Folder Deleted : C:\Users\Re\AppData\Local\SwvUpdater
Folder Deleted : C:\Users\Re\AppData\Local\thinstall
Folder Deleted : C:\Users\Re\AppData\Local\torch
Folder Deleted : C:\Users\Re\AppData\Local\AlawarWrapper
Folder Deleted : C:\Users\Re\AppData\LocalLow\boost_interprocess
Folder Deleted : C:\Users\Re\AppData\LocalLow\DownloadnSave
Folder Deleted : C:\Users\Re\AppData\LocalLow\Search Settings
Folder Deleted : C:\Users\Re\AppData\LocalLow\searchquband
Folder Deleted : C:\Users\Re\AppData\LocalLow\Searchqutoolbar
Folder Deleted : C:\Users\Re\AppData\LocalLow\Toolbar4
Folder Deleted : C:\Users\Re\AppData\LocalLow\verizontb
Folder Deleted : C:\Users\Re\AppData\LocalLow\EbookBoroowsea
Folder Deleted : C:\Users\Re\AppData\Roaming\iWin
Folder Deleted : C:\Users\Re\AppData\Roaming\newnext.me
Folder Deleted : C:\Users\Re\AppData\Roaming\OpenCandy
Folder Deleted : C:\Users\Re\AppData\Roaming\pdfforge
Folder Deleted : C:\Users\Re\AppData\Roaming\Slick Savings
Folder Deleted : C:\Users\Re\AppData\Roaming\thinstall
Folder Deleted : C:\Users\Re\AppData\Roaming\yourfiledownloader
Folder Deleted : C:\Users\Re\AppData\Roaming\Alawar
Folder Deleted : C:\Users\Re\AppData\Roaming\Alawar Entertainment
Folder Deleted : C:\Users\Re\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Mobogenie
Folder Deleted : C:\Users\Re\Documents\Mobogenie
Folder Deleted : C:\Users\Re\AppData\Roaming\Mozilla\FiRefox\Profiles\aumcxv1e.default\Searchqutoolbar
Folder Deleted : C:\Users\Re\AppData\Roaming\Mozilla\FiRefox\Profiles\aumcxv1e.default\verizontb
Folder Deleted : C:\Users\Re\AppData\Roaming\Mozilla\FiRefox\Profiles\aumcxv1e.default\Extensions\{99079A25-328F-4BD4-BE04-00955ACAA0A7}
Folder Deleted : C:\Users\Re\AppData\Roaming\Mozilla\FiRefox\Profiles\aumcxv1e.default\Extensions\4fa25d0a0cf2c@4fa25d0a0cf2e.info
Folder Deleted : C:\Users\Re\AppData\Roaming\Mozilla\FiRefox\Profiles\aumcxv1e.default\Extensions\crossriderapp12331@crossrider.com
Folder Deleted : C:\Users\Re\AppData\Roaming\Mozilla\FiRefox\Profiles\aumcxv1e.default\Extensions\savingsslider@mybrowserbar.com
Folder Deleted : C:\Users\Re\AppData\Roaming\Mozilla\FiRefox\Profiles\aumcxv1e.default\Extensions\staged
Folder Deleted : C:\Users\Re\AppData\Roaming\Mozilla\FiRefox\Profiles\aumcxv1e.default\Extensions\tr0whnl@iao-rx.net
Folder Deleted : C:\Users\Re\AppData\Roaming\Mozilla\FiRefox\Profiles\aumcxv1e.default\Extensions\{317EB79C-82C1-4D5A-9D04-342BAA96B7C0}
Folder Deleted : C:\Users\Re\AppData\Roaming\Mozilla\FiRefox\Profiles\aumcxv1e.default\Extensions\{58d2a791-6199-482f-a9aa-9b725ec61362}
Folder Deleted : C:\Users\Re\AppData\Roaming\Mozilla\FiRefox\Profiles\aumcxv1e.default\Extensions\{7affbfae-c4e2-4915-8c0f-00fa3ec610a1}
Folder Deleted : C:\Users\Re\AppData\Roaming\Mozilla\FiRefox\Profiles\aumcxv1e.default\Extensions\{96ce3418-8ef3-45b5-8808-de5dbe03fb13}
Folder Deleted : C:\Users\Re\AppData\Local\Google\Chrome\User Data\Default\Extensions\hbcennhacfaagdopikcegfcobcadeocj
Folder Deleted : C:\Users\Re\AppData\Local\Google\Chrome\User Data\Default\Extensions\icdlfehblmklkikfigmjhbmmpmkmpooj
Folder Deleted : C:\Users\Re\AppData\Local\Google\Chrome\User Data\Default\Extensions\mhkaekfpcppmmioggniknbnbdbcigpkk
Folder Deleted : C:\Users\Re\AppData\Local\Google\Chrome\User Data\Default\Extensions\pfndaklgolladniicklehhancnlgocpp
Folder Deleted : C:\Users\Re\AppData\Local\Google\Chrome\User Data\Default\Extensions\adllkfgdnokmolcgeknconkocfgekmpk
File Deleted : C:\Users\Re\AppData\Roaming\Mozilla\FiRefox\Profiles\aumcxv1e.default\Extensions\{1FD91A9C-410C-4090-BBCC-55D3450EF433}
File Deleted : C:\Program Files (x86)\Mozilla Firefox\Extensions\{1FD91A9C-410C-4090-BBCC-55D3450EF433}
File Deleted : C:\Users\Re\AppData\Roaming\Mozilla\FiRefox\Profiles\aumcxv1e.default\Extensions\freerip@mybrowserbar.com
File Deleted : C:\END
File Deleted : C:\Users\Public\Desktop\EZDownloader.lnk
File Deleted : C:\Users\Public\Desktop\YourFile Downloader.lnk
File Deleted : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\eBay.lnk
File Deleted : C:\Users\Re\Desktop\Mobogenie.lnk
File Deleted : C:\Program Files (x86)\Mozilla Firefox\searchplugins\search.xml
File Deleted : C:\Users\Re\AppData\Roaming\Mozilla\FiRefox\Profiles\aumcxv1e.default\searchplugins\Search_Results.xml
File Deleted : C:\Program Files (x86)\Mozilla Firefox\searchplugins\Search_Results.xml
File Deleted : C:\Users\Re\AppData\Roaming\Mozilla\FiRefox\Profiles\aumcxv1e.default\searchplugins\WebSearch.xml
File Deleted : C:\Users\Re\AppData\Roaming\Mozilla\FiRefox\Profiles\aumcxv1e.default\user.js
File Deleted : C:\Windows\Tasks\AmiUpdXp.job
 
***** [ Shortcuts ] *****
 
 
***** [ Registry ] *****
 
Key Deleted : HKLM\SOFTWARE\Google\Chrome\Extensions\hbcennhacfaagdopikcegfcobcadeocj
Key Deleted : HKLM\SOFTWARE\Google\Chrome\Extensions\icdlfehblmklkikfigmjhbmmpmkmpooj
Key Deleted : HKLM\SOFTWARE\Google\Chrome\Extensions\jplinpmadfkdgipabgcdchbdikologlh
Key Deleted : HKLM\SOFTWARE\Google\Chrome\Extensions\mhkaekfpcppmmioggniknbnbdbcigpkk
Key Deleted : HKLM\SOFTWARE\Google\Chrome\Extensions\pfndaklgolladniicklehhancnlgocpp
Key Deleted : HKLM\SOFTWARE\Google\Chrome\Extensions\adllkfgdnokmolcgeknconkocfgekmpk
Value Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Run [Slick Savings]
Key Deleted : HKLM\SOFTWARE\Classes\AppID\BrowserConnection.dll
Key Deleted : HKLM\SOFTWARE\Classes\AppID\DNSBHO.dll
Key Deleted : HKLM\SOFTWARE\Classes\AppID\dnu.EXE
Key Deleted : HKLM\SOFTWARE\Classes\AppID\TbCommonUtils.DLL
Key Deleted : HKLM\SOFTWARE\Classes\AppID\TbHelper.EXE
Key Deleted : HKLM\SOFTWARE\Classes\Applications\ilividsetupv1.exe
Key Deleted : HKLM\SOFTWARE\Classes\bhoclass.bho.bhoclass.bho
Key Deleted : HKLM\SOFTWARE\Classes\bhoclass.bho.bhoclass.bho.1.0
Key Deleted : HKLM\SOFTWARE\Classes\BrowserConnection.Loader
Key Deleted : HKLM\SOFTWARE\Classes\BrowserConnection.Loader.1
Key Deleted : HKLM\SOFTWARE\Classes\ComObject.DeskbarEnabler
Key Deleted : HKLM\SOFTWARE\Classes\ComObject.DeskbarEnabler.1
Key Deleted : HKLM\SOFTWARE\Classes\DnsBHO.BHO
Key Deleted : HKLM\SOFTWARE\Classes\DnsBHO.BHO.1
Key Deleted : HKLM\SOFTWARE\Classes\dnUpdate
Key Deleted : HKLM\SOFTWARE\Classes\dnUpdater.DownloadUIBrowser
Key Deleted : HKLM\SOFTWARE\Classes\dnUpdater.DownloadUIBrowser.1
Key Deleted : HKLM\SOFTWARE\Classes\dnUpdater.DownloadUpdController
Key Deleted : HKLM\SOFTWARE\Classes\dnUpdater.DownloadUpdController.1
Key Deleted : HKLM\SOFTWARE\Classes\SearchQUIEHelper.DNSGuard
Key Deleted : HKLM\SOFTWARE\Classes\SearchQUIEHelper.DNSGuard.1
Key Deleted : HKLM\SOFTWARE\Classes\TbCommonUtils.CommonUtils
Key Deleted : HKLM\SOFTWARE\Classes\TbCommonUtils.CommonUtils.1
Key Deleted : HKLM\SOFTWARE\Classes\TbHelper.TbDownloadManager
Key Deleted : HKLM\SOFTWARE\Classes\TbHelper.TbDownloadManager.1
Key Deleted : HKLM\SOFTWARE\Classes\TbHelper.TbPropertyManager
Key Deleted : HKLM\SOFTWARE\Classes\TbHelper.TbPropertyManager.1
Key Deleted : HKLM\SOFTWARE\Classes\TbHelper.TbRequest
Key Deleted : HKLM\SOFTWARE\Classes\TbHelper.TbRequest.1
Key Deleted : HKLM\SOFTWARE\Classes\TbHelper.TbTask
Key Deleted : HKLM\SOFTWARE\Classes\TbHelper.TbTask.1
Key Deleted : HKLM\SOFTWARE\Classes\TbHelper.ToolbarHelper
Key Deleted : HKLM\SOFTWARE\Classes\TbHelper.ToolbarHelper.1
Key Deleted : HKLM\SOFTWARE\Classes\Toolbar3.ContextMenuNotifier
Key Deleted : HKLM\SOFTWARE\Classes\Toolbar3.ContextMenuNotifier.1
Key Deleted : HKLM\SOFTWARE\Classes\Toolbar3.CustomInternetSecurityImpl
Key Deleted : HKLM\SOFTWARE\Classes\Toolbar3.CustomInternetSecurityImpl.1
Key Deleted : HKLM\SOFTWARE\Classes\Toolbar3.SearchProviderManager
Key Deleted : HKLM\SOFTWARE\Classes\Toolbar3.SearchProviderManager.1
Key Deleted : HKLM\SOFTWARE\Classes\Updater.AmiUpd
Key Deleted : HKLM\SOFTWARE\Classes\Updater.AmiUpd.1
Key Deleted : HKLM\SOFTWARE\Classes\URLSearchHook.ToolbarURLSearchHook
Key Deleted : HKLM\SOFTWARE\Classes\URLSearchHook.ToolbarURLSearchHook.1
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\apnstub_RASAPI32
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\apnstub_RASMANCS
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\AskInstallChecker_RASAPI32
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\AskInstallChecker_RASMANCS
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\BingBar_RASMANCS
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\datamngrUI_RASAPI32
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\datamngrUI_RASMANCS
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\iLividSetupV1_RASAPI32
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\iLividSetupV1_RASMANCS
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\SearchquMediaBar_RASAPI32
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\SearchquMediaBar_RASMANCS
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\SetupDataMngr_Searchqu_RASAPI32
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\SetupDataMngr_Searchqu_RASMANCS
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\YourFile_RASAPI32
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\YourFile_RASMANCS
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\YourFileUpdater_RASAPI32
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\YourFileUpdater_RASMANCS
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Paths\Mobogenie.exe
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Paths\MobogenieAdd
Value Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run [DataMngr]
Value Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run [mobilegeni daemon]
Value Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run [SearchSettings]
Key Deleted : HKLM\SOFTWARE\Classes\CrossriderApp0012331.BHO
Key Deleted : HKLM\SOFTWARE\Classes\CrossriderApp0012331.BHO.1
Key Deleted : HKLM\SOFTWARE\Classes\CrossriderApp0012331.FBApi
Key Deleted : HKLM\SOFTWARE\Classes\CrossriderApp0012331.FBApi.1
Key Deleted : HKLM\SOFTWARE\Classes\CrossriderApp0012331.Sandbox
Key Deleted : HKLM\SOFTWARE\Classes\CrossriderApp0012331.Sandbox.1
Key Deleted : HKLM\SOFTWARE\Classes\TBSB00808.IEToolbar
Key Deleted : HKLM\SOFTWARE\Classes\TBSB00808.IEToolbar.1
Key Deleted : HKLM\SOFTWARE\Classes\TBSB00808.TBSB00808
Key Deleted : HKLM\SOFTWARE\Classes\TBSB00808.TBSB00808.3
Key Deleted : HKLM\SOFTWARE\Classes\Toolbar3.TBSB00808
Key Deleted : HKLM\SOFTWARE\Classes\Toolbar3.TBSB00808.1
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{0A18A436-2A7A-49F3-A488-30538A2F6323}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{4CE516A7-F7AC-4628-B411-8F886DC5733E}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{5B1881D1-D9C7-46DF-B041-1E593282C7D0}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{628F3201-34D0-49C0-BB9A-82A26AEFB291}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{6C259840-5BA8-46E6-8ED1-EF3BA47D8BA1}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{AC662AF2-4601-4A68-84DF-A3FE83F1A5F9}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{B27D9527-3762-4D71-963D-FB7A94FDD678}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{BDB69379-802F-4EAF-B541-F8DE92DD98DB}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{D97A8234-F2A2-4AD4-91D5-FECDB2C553AF}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{EA28B360-05E0-4F93-8150-02891F1D8D3C}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{00000001-4FEF-40D3-B3FA-E0531B897F98}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{007EFBDF-8A5D-4930-97CC-A4B437CBA777}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{1C950DE5-D31E-42FB-AFB9-91B0161633D8}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{34A0D84B-CDDC-4EC4-AFDD-4F1DDE1D14E5}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{3BDF4CE9-E81D-432B-A55E-9F0570CE811F}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{57CADC46-58FF-4105-B733-5A9F3FC9783C}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{64697678-0000-0010-8000-00AA00389B71}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{67BD9EEB-AA06-4329-A940-D250019300C9}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{7B089B94-D1DC-4C6B-87E1-8156E22C1D96}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{96673559-E653-4CDC-8923-F89347A952C0}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{99079A25-328F-4BD4-BE04-00955ACAA0A7}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{9D717F81-9148-4F12-8568-69135F087DB0}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{9F34B17E-FF0D-4FAB-97C4-9713FEE79052}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{A40DC6C5-79D0-4CA8-A185-8FF989AF1115}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{A9A56B8E-2DEB-4ED3-BC92-1FA450BCE1A5}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{AE338F6D-5A7C-4D1D-86E3-C618532079B5}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{C339D489-FABC-41DD-B39D-276101667C70}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{CA3EB689-8F09-4026-AA10-B9534C691CE0}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{CC1AC828-BB47-4361-AFB5-96EEE259DD87}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{D433A9D0-8267-40CB-8AD5-24F22FA5373F}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{D565B35E-B787-40FA-95E3-E3562F8FC1A0}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{D89031C2-10DA-4C90-9A62-FCED012BC46B}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{E15A9BFD-D16D-496D-8222-44CADF316E70}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{E634228A-03CF-4BC8-B0AB-668257F1FD8C}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{F8D96645-337C-419B-8792-B6C126145811}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{FCBCCB87-9224-4B8D-B117-F56D924BEB18}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{FEFD3AF5-A346-4451-AA23-A3AD54915515}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{47FBEE54-6DAE-4879-878D-8E709AA3F990}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{CD9ACA07-9956-DB86-82D7-49D54A94F31A}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{11111111-1111-1111-1111-110111231131}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{22222222-2222-2222-2222-220122232231}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{33333333-3333-3333-3333-330133233331}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{01221FCC-4BFB-461C-B08C-F6D2DF309921}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{0FA32667-9A8A-4E9C-902F-CA3323180003}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{1B730ACF-26A3-447B-9994-14AEE0EB72CC}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{2A42D13C-D427-4787-821B-CF6973855778}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{3D8478AA-7B88-48A9-8BCB-B85D594411EC}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{44B619BC-3D2B-4990-AA4F-9AA366921792}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{452AE416-9A97-44CA-93DA-D0F15C36254F}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{45CDA4F7-594C-49A0-AAD1-8224517FE979}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{4897BBA6-48D9-468C-8EFA-846275D7701B}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{4D8ED2B3-DC62-43EC-ABA3-5B74F046B1BE}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{660E6F4F-840D-436D-B668-433D9591BAC5}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{6B458F62-592F-4B25-8967-E6A350A59328}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{81E852CC-1FD5-4004-8761-79A48B975E29}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{95B6A271-FEB4-4160-B0FF-44394C21C8DC}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{9EDC0C90-2B5B-4512-953E-35767BAD5C67}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{B2CA345D-ADB8-4F5D-AC64-4AB34322F659}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{B9F43021-60D4-42A6-A065-9BA37F38AC47}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{BBA74401-6D6F-4BBD-9F65-E8623814F3BB}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{BF921DD3-732A-4A11-933B-A5EA49F2FD2C}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{D2F39980-399F-492E-8D88-5FF7CCB3B47F}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{D83B296A-2FA6-425B-8AE8-A1F33D99FBD6}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{E3ED53C5-7AD5-4DF5-9734-AFB6E7E5D9DB}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{E67D5BC7-7129-493E-9281-F47BDAFACE4F}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{E7435878-65B9-44D1-A443-81754E5DFC90}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{FCC9CDD3-EFFF-11D1-A9F0-00A0244AC403}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{55555555-5555-5555-5555-550155235531}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{66666666-6666-6666-6666-660166236631}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{77777777-7777-7777-7777-770177237731}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{4509D3CC-B642-4745-B030-645B79522C6D}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{5B4144E1-B61D-495A-9A50-CD1A95D86D15}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{6A4BCABA-C437-4C76-A54E-AF31B8A76CB9}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{841D5A49-E48D-413C-9C28-EB3D9081D705}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{92380354-381A-471F-BE2E-DD9ACD9777EA}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{A0EE0278-2986-4E5A-884E-A3BF0357E476}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{A8E5842E-102B-4289-9D57-3B3F5B5E15D3}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{B87F8B63-7274-43FD-87FA-09D3B7496148}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{C2CF0D01-7657-48AA-98C9-AE5E64757FCC}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{C4BAE205-5E02-4E32-876E-F34B4E2D000C}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{EC4085F2-8DB3-45A6-AD0B-CA289F3C5D7E}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{44444444-4444-4444-4444-440144234431}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{34A0D84B-CDDC-4EC4-AFDD-4F1DDE1D14E5}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{96673559-E653-4CDC-8923-F89347A952C0}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{99079A25-328F-4BD4-BE04-00955ACAA0A7}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9D717F81-9148-4F12-8568-69135F087DB0}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E634228A-03CF-4BC8-B0AB-668257F1FD8C}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{F8D96645-337C-419B-8792-B6C126145811}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{FCBCCB87-9224-4B8D-B117-F56D924BEB18}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{47FBEE54-6DAE-4879-878D-8E709AA3F990}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{CD9ACA07-9956-DB86-82D7-49D54A94F31A}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{11111111-1111-1111-1111-110111231131}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{7B089B94-D1DC-4C6B-87E1-8156E22C1D96}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{8769ADCE-DBA5-48E9-AFB5-67B12CDF2E61}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{96673559-E653-4CDC-8923-F89347A952C0}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{99079A25-328F-4BD4-BE04-00955ACAA0A7}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{9D717F81-9148-4F12-8568-69135F087DB0}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{F8D96645-337C-419B-8792-B6C126145811}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{FCBCCB87-9224-4B8D-B117-F56D924BEB18}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{47FBEE54-6DAE-4879-878D-8E709AA3F990}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{CD9ACA07-9956-DB86-82D7-49D54A94F31A}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{11111111-1111-1111-1111-110111231131}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{8769ADCE-DBA5-48E9-AFB5-67B12CDF2E61}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{96673559-E653-4CDC-8923-F89347A952C0}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{99079A25-328F-4BD4-BE04-00955ACAA0A7}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{9D717F81-9148-4F12-8568-69135F087DB0}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{E634228A-03CF-4BC8-B0AB-668257F1FD8C}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{F8D96645-337C-419B-8792-B6C126145811}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{FCBCCB87-9224-4B8D-B117-F56D924BEB18}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{47FBEE54-6DAE-4879-878D-8E709AA3F990}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{CD9ACA07-9956-DB86-82D7-49D54A94F31A}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{11111111-1111-1111-1111-110111231131}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{7B089B94-D1DC-4C6B-87E1-8156E22C1D96}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{11111111-1111-1111-1111-110111231131}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{628F3201-34D0-49C0-BB9A-82A26AEFB291}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{99079A25-328F-4BD4-BE04-00955ACAA0A7}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{11111111-1111-1111-1111-110111231131}
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{2FA28606-DE77-4029-AF96-B231E3B8F827}
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{3BD44F0E-0596-4008-AEE0-45D47E3A8F0E}
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{96BD48DD-741B-41AE-AC4A-AFF96BA00F7E}
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2406}
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{B7FCA997-D0FB-4FE0-8AFD-255E89CF9671}
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{BB74DE59-BC4C-4172-9AC4-73315F71CFFE}
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{D43B3890-80C7-4010-A95D-1E77B5924DC3}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{2FA28606-DE77-4029-AF96-B231E3B8F827}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2406}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{B7FCA997-D0FB-4FE0-8AFD-255E89CF9671}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{BB74DE59-BC4C-4172-9AC4-73315F71CFFE}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{D43B3890-80C7-4010-A95D-1E77B5924DC3}
Value Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{99079A25-328F-4BD4-BE04-00955ACAA0A7}]
Value Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{E634228A-03CF-4BC8-B0AB-668257F1FD8C}]
Value Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{F8D96645-337C-419B-8792-B6C126145811}]
Value Deleted : HKCU\Software\Microsoft\Internet Explorer\URLSearchHooks [{CA3EB689-8F09-4026-AA10-B9534C691CE0}]
Value Deleted : HKCU\Software\Microsoft\Internet Explorer\URLSearchHooks [{E634228A-03CF-4BC8-B0AB-668257F1FD8C}]
Key Deleted : [x64] HKLM\SOFTWARE\Classes\CLSID\{00000001-4FEF-40D3-B3FA-E0531B897F98}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\CLSID\{34A0D84B-CDDC-4EC4-AFDD-4F1DDE1D14E5}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\CLSID\{64697678-0000-0010-8000-00AA00389B71}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\CLSID\{9D717F81-9148-4F12-8568-69135F087DB0}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\CLSID\{A40DC6C5-79D0-4CA8-A185-8FF989AF1115}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\CLSID\{CC1AC828-BB47-4361-AFB5-96EEE259DD87}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\CLSID\{E634228A-03CF-4BC8-B0AB-668257F1FD8C}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\CLSID\{FEFD3AF5-A346-4451-AA23-A3AD54915515}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{01221FCC-4BFB-461C-B08C-F6D2DF309921}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{0FA32667-9A8A-4E9C-902F-CA3323180003}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{1B730ACF-26A3-447B-9994-14AEE0EB72CC}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{2A42D13C-D427-4787-821B-CF6973855778}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{3D8478AA-7B88-48A9-8BCB-B85D594411EC}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{44B619BC-3D2B-4990-AA4F-9AA366921792}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{452AE416-9A97-44CA-93DA-D0F15C36254F}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{45CDA4F7-594C-49A0-AAD1-8224517FE979}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{4897BBA6-48D9-468C-8EFA-846275D7701B}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{4D8ED2B3-DC62-43EC-ABA3-5B74F046B1BE}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{660E6F4F-840D-436D-B668-433D9591BAC5}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{6B458F62-592F-4B25-8967-E6A350A59328}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{81E852CC-1FD5-4004-8761-79A48B975E29}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{95B6A271-FEB4-4160-B0FF-44394C21C8DC}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{9EDC0C90-2B5B-4512-953E-35767BAD5C67}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{B2CA345D-ADB8-4F5D-AC64-4AB34322F659}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{B9F43021-60D4-42A6-A065-9BA37F38AC47}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{BBA74401-6D6F-4BBD-9F65-E8623814F3BB}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{BF921DD3-732A-4A11-933B-A5EA49F2FD2C}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{D2F39980-399F-492E-8D88-5FF7CCB3B47F}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{D83B296A-2FA6-425B-8AE8-A1F33D99FBD6}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{E3ED53C5-7AD5-4DF5-9734-AFB6E7E5D9DB}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{E67D5BC7-7129-493E-9281-F47BDAFACE4F}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{E7435878-65B9-44D1-A443-81754E5DFC90}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{FCC9CDD3-EFFF-11D1-A9F0-00A0244AC403}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{55555555-5555-5555-5555-550155235531}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{66666666-6666-6666-6666-660166236631}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{77777777-7777-7777-7777-770177237731}
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{34A0D84B-CDDC-4EC4-AFDD-4F1DDE1D14E5}
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9D717F81-9148-4F12-8568-69135F087DB0}
Value Deleted : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{E634228A-03CF-4BC8-B0AB-668257F1FD8C}]
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{2FA28606-DE77-4029-AF96-B231E3B8F827}
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2406}
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{B7FCA997-D0FB-4FE0-8AFD-255E89CF9671}
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{D43B3890-80C7-4010-A95D-1E77B5924DC3}
Key Deleted : HKCU\Software\1ClickDownload
Key Deleted : HKCU\Software\caphyon
Key Deleted : HKCU\Software\Conduit
Key Deleted : HKCU\Software\Cr_Installer
Key Deleted : HKCU\Software\DataMngr
Key Deleted : HKCU\Software\DataMngr_Toolbar
Key Deleted : HKCU\Software\ilivid
Key Deleted : HKCU\Software\InstallCore
Key Deleted : HKCU\Software\installedbrowserextensions
Key Deleted : HKCU\Software\Search Settings
Key Deleted : HKCU\Software\YahooPartnerToolbar
Key Deleted : HKCU\Software\AppDataLow\{5F189DF5-2D05-472B-9091-84D9848AE48B}
Key Deleted : HKCU\Software\AppDataLow\SProtector
Key Deleted : HKCU\Software\AppDataLow\Software\Crossrider
Key Deleted : HKCU\Software\AppDataLow\Software\Search Settings
Key Deleted : HKCU\Software\AppDataLow\Software\searchqutoolbar
Key Deleted : HKLM\Software\{3A7D3E19-1B79-4E4E-BD96-5467DA2C4EF0}
Key Deleted : HKLM\Software\{5F189DF5-2D05-472B-9091-84D9848AE48B}
Key Deleted : HKLM\Software\Application Updater
Key Deleted : HKLM\Software\caphyon
Key Deleted : HKLM\Software\DataMngr
Key Deleted : HKLM\Software\Iminent
Key Deleted : HKLM\Software\Search Settings
Key Deleted : HKLM\Software\SearchquMediabarTb
Key Deleted : HKLM\Software\SP Global
Key Deleted : HKLM\Software\SProtector
Key Deleted : HKLM\Software\Trymedia Systems
Key Deleted : HKLM\Software\YourFileDownloader
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\YourFileDownloader
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{0F44DC3A-6E62-4961-A14B-95323C512F9B}_is1
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{3A787631-66A2-4634-B928-A37E73B58FB6}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{4820778D-AB0D-6D18-C316-52A6A0E1D507}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{501451DE-5808-4599-B544-8BD0915B6B24}_is1
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{99C91FC5-DB5B-4AA0-BB70-5D89C5A4DF96}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{A8B0DBDE-8119-48B0-8088-D12DA01C36BA}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{C670DCAE-E392-AA32-6F42-143C7FC4BDFD}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\1ClickDownloader
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Mobogenie
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\SoftwareUpdUtility
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Windows Searchqu Toolbar
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{E5B7E1B4-21FC-6765-A3D7-BA0416DC6AF7}
Key Deleted : [x64] HKLM\SOFTWARE\DataMngr
 
***** [ Browsers ] *****
 
-\\ Internet Explorer v11.0.9600.16518
 
Setting Restored : HKCU\Software\Microsoft\Internet Explorer\Main [Start Page]
Setting Restored : HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Start Page]
 
-\\ Mozilla Firefox v16.0.2 (en-US)
 
-\\ Google Chrome v
 
[ File : C:\Users\Re\AppData\Local\Google\Chrome\User Data\Default\preferences ]
 
Deleted : homepage
 
*************************
 
AdwCleaner[R0].txt - [41554 octets] - [13/03/2014 11:58:39]
AdwCleaner[R1].txt - [41521 octets] - [13/03/2014 18:04:03]
AdwCleaner[S0].txt - [33441 octets] - [13/03/2014 18:06:39]
 
########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [33502 octets] ##########


#14 heytee65

heytee65
  • Topic Starter

  • Members
  • 41 posts
  • OFFLINE
  •  
  • Local time:07:53 PM

Posted 13 March 2014 - 05:49 PM

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 6.1.2 (02.20.2014:1)
OS: Windows 7 Home Premium x64
Ran by Re on Thu 03/13/2014 at 18:19:11.27
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
 
 
 
 
~~~ Services
 
 
 
~~~ Registry Values
 
 
 
~~~ Registry Keys
 
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\aol toolbar
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\aol toolbar
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\sweetim
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\aol_pricecheck_fx_RASAPI32
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\aol_pricecheck_fx_RASMANCS
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\aol_pricecheck_ie_RASAPI32
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\aol_pricecheck_ie_RASMANCS
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Tracing\aol_pricecheck_fx_RASAPI32
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Tracing\aol_pricecheck_fx_RASMANCS
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Tracing\aol_pricecheck_ie_RASAPI32
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Tracing\aol_pricecheck_ie_RASMANCS
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{3EF64538-8B54-4573-B48F-4D34B0238AB2}
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{7C528E70-9943-C05A-9065-98C48D4D5A3D}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\CLSID\{7C528E70-9943-C05A-9065-98C48D4D5A3D}
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{7C528E70-9943-C05A-9065-98C48D4D5A3D}
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{D25B97E9-62B2-40CE-BECF-E43A7B879072}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\CLSID\{D25B97E9-62B2-40CE-BECF-E43A7B879072}
 
 
 
~~~ Files
 
Successfully deleted: [File] C:\Windows\syswow64\sho1217.tmp
Successfully deleted: [File] C:\Windows\syswow64\sho13C9.tmp
Successfully deleted: [File] C:\Windows\syswow64\sho155D.tmp
Successfully deleted: [File] C:\Windows\syswow64\sho15A1.tmp
Successfully deleted: [File] C:\Windows\syswow64\sho16B0.tmp
Successfully deleted: [File] C:\Windows\syswow64\sho1A58.tmp
Successfully deleted: [File] C:\Windows\syswow64\sho1B4F.tmp
Successfully deleted: [File] C:\Windows\syswow64\sho225C.tmp
Successfully deleted: [File] C:\Windows\syswow64\sho2760.tmp
Successfully deleted: [File] C:\Windows\syswow64\sho3557.tmp
Successfully deleted: [File] C:\Windows\syswow64\sho369D.tmp
Successfully deleted: [File] C:\Windows\syswow64\sho388D.tmp
Successfully deleted: [File] C:\Windows\syswow64\sho3B3D.tmp
Successfully deleted: [File] C:\Windows\syswow64\sho3DC4.tmp
Successfully deleted: [File] C:\Windows\syswow64\sho4090.tmp
Successfully deleted: [File] C:\Windows\syswow64\sho43E1.tmp
Successfully deleted: [File] C:\Windows\syswow64\sho46DE.tmp
Successfully deleted: [File] C:\Windows\syswow64\sho4B61.tmp
Successfully deleted: [File] C:\Windows\syswow64\sho5491.tmp
Successfully deleted: [File] C:\Windows\syswow64\sho770E.tmp
Successfully deleted: [File] C:\Windows\syswow64\sho7745.tmp
Successfully deleted: [File] C:\Windows\syswow64\sho77A1.tmp
Successfully deleted: [File] C:\Windows\syswow64\sho7BAF.tmp
Successfully deleted: [File] C:\Windows\syswow64\sho7D5A.tmp
Successfully deleted: [File] C:\Windows\syswow64\sho7F1B.tmp
Successfully deleted: [File] C:\Windows\syswow64\sho8078.tmp
Successfully deleted: [File] C:\Windows\syswow64\sho80B1.tmp
Successfully deleted: [File] C:\Windows\syswow64\sho843B.tmp
Successfully deleted: [File] C:\Windows\syswow64\sho88EF.tmp
Successfully deleted: [File] C:\Windows\syswow64\sho8B70.tmp
Successfully deleted: [File] C:\Windows\syswow64\sho96A8.tmp
Successfully deleted: [File] C:\Windows\syswow64\shoA0B1.tmp
Successfully deleted: [File] C:\Windows\syswow64\shoA2C.tmp
Successfully deleted: [File] C:\Windows\syswow64\shoA5E.tmp
Successfully deleted: [File] C:\Windows\syswow64\shoABEA.tmp
Successfully deleted: [File] C:\Windows\syswow64\shoAD4F.tmp
Successfully deleted: [File] C:\Windows\syswow64\shoAF05.tmp
Successfully deleted: [File] C:\Windows\syswow64\shoB284.tmp
Successfully deleted: [File] C:\Windows\syswow64\shoB7B6.tmp
Successfully deleted: [File] C:\Windows\syswow64\shoC15B.tmp
Successfully deleted: [File] C:\Windows\syswow64\shoC8C3.tmp
Successfully deleted: [File] C:\Windows\syswow64\shoCBCF.tmp
Successfully deleted: [File] C:\Windows\syswow64\shoCC19.tmp
Successfully deleted: [File] C:\Windows\syswow64\shoD17B.tmp
Successfully deleted: [File] C:\Windows\syswow64\shoDAE3.tmp
Successfully deleted: [File] C:\Windows\syswow64\shoDE3C.tmp
Successfully deleted: [File] C:\Windows\syswow64\shoE468.tmp
Successfully deleted: [File] C:\Windows\syswow64\shoE6FE.tmp
Successfully deleted: [File] C:\Windows\syswow64\shoEB56.tmp
Successfully deleted: [File] C:\Windows\syswow64\shoF031.tmp
Successfully deleted: [File] C:\Windows\syswow64\shoF0E3.tmp
Successfully deleted: [File] C:\Windows\syswow64\shoF1CF.tmp
Successfully deleted: [File] C:\Windows\syswow64\shoF664.tmp
 
 
 
~~~ Folders
 
Failed to delete: [Folder] "C:\ProgramData\big fish games"
Failed to delete: [Folder] "C:\ProgramData\boost_interprocess"
Successfully deleted: [Folder] "C:\Users\Re\AppData\Roaming\big fish games"
Successfully deleted: [Folder] "C:\Users\Re\appdata\locallow\datamngr"
Successfully deleted: [Empty Folder] C:\Users\Re\appdata\local\{005CB5EC-67A9-4354-8499-F2971CB83F07}
Successfully deleted: [Empty Folder] C:\Users\Re\appdata\local\{04A01FC8-D347-40B0-950E-DA9DBC31DADC}
Successfully deleted: [Empty Folder] C:\Users\Re\appdata\local\{0A86F835-2699-4AFF-9EAB-B551DED9AEC3}
Successfully deleted: [Empty Folder] C:\Users\Re\appdata\local\{0C9E8EAC-FCF1-44D3-ABEE-CD1928543886}
Successfully deleted: [Empty Folder] C:\Users\Re\appdata\local\{119A3CA0-F13B-4C39-9CBC-1901E9A01AD1}
Successfully deleted: [Empty Folder] C:\Users\Re\appdata\local\{2A342FD9-A656-4D6F-818E-9226474A7812}
Successfully deleted: [Empty Folder] C:\Users\Re\appdata\local\{2FF87708-2BC5-4051-B350-0AD0F1F8D6D3}
Successfully deleted: [Empty Folder] C:\Users\Re\appdata\local\{3418A699-BE45-474E-8E68-D782542E69AF}
Successfully deleted: [Empty Folder] C:\Users\Re\appdata\local\{379799C4-E705-4FB0-B597-DE9EF925478A}
Successfully deleted: [Empty Folder] C:\Users\Re\appdata\local\{3C5D9475-996A-4AD6-8D65-4506805CB9DA}
Successfully deleted: [Empty Folder] C:\Users\Re\appdata\local\{40670C1D-88AB-4473-8339-3DE95F8FDD34}
Successfully deleted: [Empty Folder] C:\Users\Re\appdata\local\{46B1655D-EDDB-48DC-8DC6-8213D626E209}
Successfully deleted: [Empty Folder] C:\Users\Re\appdata\local\{487E45EA-45FF-4D76-B84B-B0753FC1F0C8}
Successfully deleted: [Empty Folder] C:\Users\Re\appdata\local\{4BCF5B4E-7FF8-4AAA-91B6-BA00C4BA054C}
Successfully deleted: [Empty Folder] C:\Users\Re\appdata\local\{53EB279C-F756-4F8D-A534-958C3DCA71FF}
Successfully deleted: [Empty Folder] C:\Users\Re\appdata\local\{567AEFE0-78E1-46E5-BEA4-9F00265F9577}
Successfully deleted: [Empty Folder] C:\Users\Re\appdata\local\{5C607D51-E299-4591-AC1F-A07C61DA1F58}
Successfully deleted: [Empty Folder] C:\Users\Re\appdata\local\{5F43988E-C772-44B5-A2D1-7EF3841EA726}
Successfully deleted: [Empty Folder] C:\Users\Re\appdata\local\{611CB8E6-D49B-4E0C-9845-0C7A5239AFCE}
Successfully deleted: [Empty Folder] C:\Users\Re\appdata\local\{614B36C6-A1A6-467B-A6F7-DE40946CFEE0}
Successfully deleted: [Empty Folder] C:\Users\Re\appdata\local\{686C416B-845D-4BA2-BF45-0EC44C55D091}
Successfully deleted: [Empty Folder] C:\Users\Re\appdata\local\{69BACD6E-FEEB-44C1-90CF-3CCDD0F4BC20}
Successfully deleted: [Empty Folder] C:\Users\Re\appdata\local\{6DFC673F-E397-47F9-91F4-C116F1715776}
Successfully deleted: [Empty Folder] C:\Users\Re\appdata\local\{77A38B8F-4A2F-4C74-A8D9-A6E61D0078FF}
Successfully deleted: [Empty Folder] C:\Users\Re\appdata\local\{780FA73A-2201-41C9-A042-C6A0C7E1478B}
Successfully deleted: [Empty Folder] C:\Users\Re\appdata\local\{784B1A8C-7B1E-4FD2-9F1D-075155DF83D2}
Successfully deleted: [Empty Folder] C:\Users\Re\appdata\local\{83FE6799-C65A-40BB-97D8-A37785B8C047}
Successfully deleted: [Empty Folder] C:\Users\Re\appdata\local\{860AD5A2-85F8-4351-A86A-D0AE76D6B55D}
Successfully deleted: [Empty Folder] C:\Users\Re\appdata\local\{9F18C9F6-67B2-46D7-B1D1-20A2717FAA82}
Successfully deleted: [Empty Folder] C:\Users\Re\appdata\local\{9FB0675E-3782-49B7-B839-DEBB2CEEC32A}
Successfully deleted: [Empty Folder] C:\Users\Re\appdata\local\{A42824FD-3D88-4E48-91EF-0DCF608BFBEF}
Successfully deleted: [Empty Folder] C:\Users\Re\appdata\local\{A4E8BAF2-347B-4CA5-991A-FBFDFFC9E668}
Successfully deleted: [Empty Folder] C:\Users\Re\appdata\local\{AE1AC479-8835-4154-9B64-1A7755C0057A}
Successfully deleted: [Empty Folder] C:\Users\Re\appdata\local\{AE5B5BE0-7804-4CD8-B65B-7410571EB4D1}
Successfully deleted: [Empty Folder] C:\Users\Re\appdata\local\{BAFB87B1-68F1-4597-A20B-A3FB4685C2F8}
Successfully deleted: [Empty Folder] C:\Users\Re\appdata\local\{BC19DBC7-8864-4C6F-8FBC-90796630A4BB}
Successfully deleted: [Empty Folder] C:\Users\Re\appdata\local\{C5439A65-D519-411A-B9BF-BA13E965260B}
Successfully deleted: [Empty Folder] C:\Users\Re\appdata\local\{C68E8573-B264-4F74-80A3-37E9446A806E}
Successfully deleted: [Empty Folder] C:\Users\Re\appdata\local\{CA0C9ECE-19F9-43C4-82D8-E978015B0FB2}
Successfully deleted: [Empty Folder] C:\Users\Re\appdata\local\{DCF3B996-7D8E-49C8-9E7D-D1C5D45D85E4}
Successfully deleted: [Empty Folder] C:\Users\Re\appdata\local\{E0FB7A5F-76B0-407E-A775-D0F23B61BCA2}
Successfully deleted: [Empty Folder] C:\Users\Re\appdata\local\{E17D423E-AD96-4B7F-A4A3-FACB53735182}
Successfully deleted: [Empty Folder] C:\Users\Re\appdata\local\{E261D49F-3A8C-4416-B98B-0A3EDD912AF3}
Successfully deleted: [Empty Folder] C:\Users\Re\appdata\local\{E5AF357C-3C87-4CAF-A229-010423CFE0A3}
Successfully deleted: [Empty Folder] C:\Users\Re\appdata\local\{EC5D4725-F204-498C-918D-AD3F35D1405D}
Successfully deleted: [Empty Folder] C:\Users\Re\appdata\local\{F9229EAC-016A-474E-BFE7-CE9E6722FB24}
Successfully deleted: [Empty Folder] C:\Users\Re\appdata\local\{FFCD66E7-8435-4B75-BB53-7D65F1E03E0A}
 
 
 
~~~ FireFox
 
Successfully deleted: [File] C:\Users\Re\AppData\Roaming\mozilla\firefox\profiles\aumcxv1e.default\extensions\oneclickdownloader@oneclickdownloader.com.xpi
Emptied folder: C:\Users\Re\AppData\Roaming\mozilla\firefox\profiles\aumcxv1e.default\minidumps [15 files]
 
 
 
~~~ Event Viewer Logs were cleared
 
 
 
 
 
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on Thu 03/13/2014 at 18:47:50.55
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~


#15 heytee65

heytee65
  • Topic Starter

  • Members
  • 41 posts
  • OFFLINE
  •  
  • Local time:07:53 PM

Posted 13 March 2014 - 06:19 PM

OTL logfile created on: 3/13/2014 6:53:43 PM - Run 2
OTL by OldTimer - Version 3.2.69.0     Folder = C:\Users\Re\Desktop
64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.11.9600.16518)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy
 
3.75 Gb Total Physical Memory | 2.27 Gb Available Physical Memory | 60.62% Memory free
7.49 Gb Paging File | 5.40 Gb Available in Paging File | 72.05% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 450.41 Gb Total Space | 360.93 Gb Free Space | 80.13% Space Free | Partition Type: NTFS
Drive D: | 15.05 Gb Total Space | 1.88 Gb Free Space | 12.46% Space Free | Partition Type: NTFS
Drive F: | 99.02 Mb Total Space | 30.44 Mb Free Space | 30.74% Space Free | Partition Type: FAT32
 
Computer Name: RE-HP | User Name: Re | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
 
========== Processes (SafeList) ==========
 
PRC - C:\Users\Re\Desktop\OTL.exe (OldTimer Tools)
PRC - c:\ProgramData\Right Soft\WS-Booster\WS-Booster.exe ()
PRC - C:\Users\Re\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
PRC - C:\Program Files (x86)\Microsoft\BingBar\7.3.124.0\SeaPort.EXE (Microsoft Corporation.)
PRC - C:\Program Files (x86)\Plex\Plex Media Server\PlexDlnaServer.exe (Plex, Inc.)
PRC - C:\Program Files (x86)\Plex\Plex Media Server\PlexScriptHost.exe (Python Software Foundation)
PRC - C:\Program Files (x86)\Plex\Plex Media Server\Plex Media Server.exe (Plex, Inc.)
PRC - C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe (Microsoft Corporation)
PRC - C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe (Microsoft Corporation)
PRC - C:\Program Files (x86)\RealNetworks\RealDownloader\rndlresolversvc.exe ()
PRC - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 2013\avp.exe (Kaspersky Lab ZAO)
PRC - C:\Windows\SysWOW64\nlssrv32.exe (Nalpeiron Ltd.)
PRC - C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPMSGSVC.exe (Hewlett-Packard Development Company, L.P.)
PRC - C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPWMISVC.exe (Hewlett-Packard Development Company, L.P.)
PRC - C:\Program Files (x86)\Hewlett-Packard\HP On Screen Display\HPOSD.exe (Hewlett-Packard Development Company, L.P.)
PRC - C:\Program Files (x86)\ManyCam\Bin\ManyCam.exe (ManyCam LLC)
PRC - C:\Program Files (x86)\Roxio\RoxioNow Player\RNowSvc.exe (Roxio)
PRC - C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvc.exe (CyberLink)
PRC - C:\Program Files (x86)\Common Files\Protexis\License Service\PsiService_2.exe (Protexis Inc.)
 
 
========== Modules (No Company Name) ==========
 
MOD - C:\Users\Re\AppData\Roaming\Dropbox\bin\wxmsw28uh_vc.dll ()
MOD - C:\Program Files (x86)\Plex\Plex Media Server\Exts\OpenSSL\SSL.pyd ()
MOD - C:\Program Files (x86)\Plex\Plex Media Server\Exts\simplejson\_speedups.pyd ()
MOD - C:\Program Files (x86)\Plex\Plex Media Server\Exts\OpenSSL\rand.pyd ()
MOD - C:\Program Files (x86)\Plex\Plex Media Server\Exts\lxml\etree.pyd ()
MOD - C:\Program Files (x86)\Plex\Plex Media Server\Exts\lxml\objectify.pyd ()
MOD - C:\Program Files (x86)\Plex\Plex Media Server\Exts\OpenSSL\crypto.pyd ()
MOD - C:\Program Files (x86)\Plex\Plex Media Server\DLLs\_socket.pyd ()
MOD - C:\Program Files (x86)\Plex\Plex Media Server\DLLs\_ssl.pyd ()
MOD - C:\Program Files (x86)\Plex\Plex Media Server\DLLs\_hashlib.pyd ()
MOD - C:\Program Files (x86)\Plex\Plex Media Server\DLLs\unicodedata.pyd ()
MOD - C:\Program Files (x86)\Plex\Plex Media Server\DLLs\_ctypes.pyd ()
MOD - C:\Program Files (x86)\Plex\Plex Media Server\DLLs\pyexpat.pyd ()
MOD - C:\Program Files (x86)\Plex\Plex Media Server\zlib1.dll ()
MOD - C:\Program Files (x86)\Plex\Plex Media Server\DLLs\select.pyd ()
MOD - C:\Program Files (x86)\Plex\Plex Media Server\WebKit.dll ()
MOD - C:\Program Files (x86)\Plex\Plex Media Server\tag.dll ()
MOD - C:\Program Files (x86)\Plex\Plex Media Server\zlib.dll ()
MOD - C:\Program Files (x86)\Plex\Plex Media Server\swscale-0.dll ()
MOD - C:\Program Files (x86)\Plex\Plex Media Server\soci_core-vc80-3_0.dll ()
MOD - C:\Program Files (x86)\Plex\Plex Media Server\soci_sqlite3-vc80-3_0.dll ()
MOD - C:\Program Files (x86)\Plex\Plex Media Server\libxml2.dll ()
MOD - C:\Program Files (x86)\Plex\Plex Media Server\libxslt.dll ()
MOD - C:\Program Files (x86)\Plex\Plex Media Server\libidn.dll ()
MOD - C:\Program Files (x86)\Plex\Plex Media Server\libexslt.dll ()
MOD - C:\Program Files (x86)\Plex\Plex Media Server\JavaScriptCore.dll ()
MOD - C:\Program Files (x86)\Plex\Plex Media Server\cairo.dll ()
MOD - C:\Program Files (x86)\Plex\Plex Media Server\CFLite.dll ()
MOD - C:\Program Files (x86)\Plex\Plex Media Server\avutil-50.dll ()
MOD - C:\Program Files (x86)\Plex\Plex Media Server\avcodec-52.dll ()
MOD - C:\Program Files (x86)\Plex\Plex Media Server\avformat-52.dll ()
MOD - C:\Users\Re\AppData\Roaming\Dropbox\bin\libcef.dll ()
MOD - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 2013\dblite.dll ()
MOD - C:\Program Files (x86)\ManyCam\Bin\cximagecrt.dll ()
MOD - C:\Program Files (x86)\ManyCam\Bin\CrashRpt.dll ()
MOD - C:\Program Files (x86)\Common Files\LightScribe\QtGui4.dll ()
MOD - C:\Program Files (x86)\Common Files\LightScribe\QtCore4.dll ()
MOD - C:\Program Files (x86)\Common Files\LightScribe\plugins\imageformats\qjpeg4.dll ()
MOD - C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvcPS.dll ()
MOD - C:\Program Files (x86)\CyberLink\Power2Go\CLMediaLibrary.dll ()
 
 
========== Services (SafeList) ==========
 
SRV:64bit: - (IEEtwCollectorService) -- C:\Windows\SysNative\IEEtwCollector.exe (Microsoft Corporation)
SRV:64bit: - (WinDefend) -- C:\Program Files\Windows Defender\MpSvc.dll (Microsoft Corporation)
SRV:64bit: - (STacSV) -- C:\Program Files\IDT\WDM\stacsv64.exe (IDT, Inc.)
SRV:64bit: - (AMD External Events Utility) -- C:\Windows\SysNative\atiesrxx.exe (AMD)
SRV:64bit: - (AMD FUEL Service) -- C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe (Advanced Micro Devices, Inc.)
SRV:64bit: - (wlcrasvc) -- C:\Program Files\Windows Live\Mesh\wlcrasvc.exe (Microsoft Corporation)
SRV:64bit: - (HPClientSvc) -- C:\Program Files\Hewlett-Packard\HP Client Services\HPClientServices.exe (Hewlett-Packard Company)
SRV:64bit: - (HP Wireless Assistant Service) -- C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWA_Service.exe (Hewlett-Packard Company)
SRV:64bit: - (AMD Reservation Manager) -- C:\Program Files\ATI Technologies\ATI.ACE\Reservation Manager\AMD Reservation Manager.exe (Advanced Micro Devices)
SRV:64bit: - (26dc2c7a) -- C:\Windows\SysNative\rundll32.exe (Microsoft Corporation)
SRV - (AdobeFlashPlayerUpdateSvc) -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe (Adobe Systems Incorporated)
SRV - (TuneUp.UtilitiesSvc) -- C:\Program Files (x86)\TuneUp Utilities 2014\TuneUpUtilitiesService64.exe (TuneUp Software)
SRV - (BBUpdate) -- C:\Program Files (x86)\Microsoft\BingBar\7.3.124.0\SeaPort.EXE (Microsoft Corporation.)
SRV - (BBSvc) -- C:\Program Files (x86)\Microsoft\BingBar\7.3.124.0\BBSvc.EXE (Microsoft Corporation.)
SRV - (HP Support Assistant Service) -- C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSA_Service.exe (Hewlett-Packard Company)
SRV - (IHA_MessageCenter) -- C:\Program Files (x86)\Verizon\IHA_MessageCenter\Bin\Verizon_IHAMessageCenter.exe (Verizon)
SRV - (sftvsa) -- C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe (Microsoft Corporation)
SRV - (sftlist) -- C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe (Microsoft Corporation)
SRV - (MozillaMaintenance) -- C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe (Mozilla Foundation)
SRV - (RealNetworks Downloader Resolver Service) -- C:\Program Files (x86)\RealNetworks\RealDownloader\rndlresolversvc.exe ()
SRV - (AVP) -- C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 2013\avp.exe (Kaspersky Lab ZAO)
SRV - (SkypeUpdate) -- C:\Program Files (x86)\Skype\Updater\Updater.exe (Skype Technologies)
SRV - (nlsX86cc) -- C:\Windows\SysWOW64\nlssrv32.exe (Nalpeiron Ltd.)
SRV - (HPWMISVC) -- C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPWMISVC.exe (Hewlett-Packard Development Company, L.P.)
SRV - (IconMan_R) -- C:\Program Files (x86)\Realtek\Realtek PCIE Card Reader\RIconMan.exe (Realsil Microelectronics Inc.)
SRV - (GamesAppService) -- C:\Program Files (x86)\WildTangent Games\App\GamesAppService.exe (WildTangent, Inc.)
SRV - (RoxioNow Service) -- C:\Program Files (x86)\Roxio\RoxioNow Player\RNowSvc.exe (Roxio)
SRV - (clr_optimization_v4.0.30319_32) -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe (Microsoft Corporation)
SRV - (SwitchBoard) -- C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe (Adobe Systems Incorporated)
SRV - (clr_optimization_v2.0.50727_32) -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe (Microsoft Corporation)
SRV - (PSI_SVC_2) -- C:\Program Files (x86)\Common Files\Protexis\License Service\PsiService_2.exe (Protexis Inc.)
 
 
========== Driver Services (SafeList) ==========
 
DRV:64bit: - (Sftvol) -- C:\Windows\SysNative\drivers\Sftvollh.sys (Microsoft Corporation)
DRV:64bit: - (Sftredir) -- C:\Windows\SysNative\drivers\Sftredirlh.sys (Microsoft Corporation)
DRV:64bit: - (Sftplay) -- C:\Windows\SysNative\drivers\Sftplaylh.sys (Microsoft Corporation)
DRV:64bit: - (Sftfs) -- C:\Windows\SysNative\drivers\Sftfslh.sys (Microsoft Corporation)
DRV:64bit: - (kltdi) -- C:\Windows\SysNative\drivers\kltdi.sys (Kaspersky Lab ZAO)
DRV:64bit: - (Apowersoft_AudioDevice) -- C:\Windows\SysNative\drivers\Apowersoft_AudioDevice.sys (Wondershare)
DRV:64bit: - (kneps) -- C:\Windows\SysNative\drivers\kneps.sys (Kaspersky Lab ZAO)
DRV:64bit: - (KLIF) -- C:\Windows\SysNative\drivers\klif.sys (Kaspersky Lab ZAO)
DRV:64bit: - (klmouflt) -- C:\Windows\SysNative\drivers\klmouflt.sys (Kaspersky Lab)
DRV:64bit: - (klkbdflt) -- C:\Windows\SysNative\drivers\klkbdflt.sys (Kaspersky Lab)
DRV:64bit: - (KLIM6) -- C:\Windows\SysNative\drivers\klim6.sys (Kaspersky Lab ZAO)
DRV:64bit: - (KL1) -- C:\Windows\SysNative\drivers\kl1.sys (Kaspersky Lab ZAO)
DRV:64bit: - (Pcouffin64) -- C:\Windows\SysNative\drivers\pcouffin64a.sys (VSO Software)
DRV:64bit: - (Fs_Rec) -- C:\Windows\SysNative\drivers\fs_rec.sys (Microsoft Corporation)
DRV:64bit: - (STHDA) -- C:\Windows\SysNative\drivers\stwrt64.sys (IDT, Inc.)
DRV:64bit: - (RSPCIESTOR) -- C:\Windows\SysNative\drivers\RtsPStor.sys (Realtek Semiconductor Corp.)
DRV:64bit: - (RTL8167) -- C:\Windows\SysNative\drivers\Rt64win7.sys (Realtek                                            )
DRV:64bit: - (BCM43XX) -- C:\Windows\SysNative\drivers\BCMWL664.SYS (Broadcom Corporation)
DRV:64bit: - (SynTP) -- C:\Windows\SysNative\drivers\SynTP.sys (Synaptics Incorporated)
DRV:64bit: - (USBAAPL64) -- C:\Windows\SysNative\drivers\usbaapl64.sys (Apple, Inc.)
DRV:64bit: - (usbfilter) -- C:\Windows\SysNative\drivers\usbfilter.sys (Advanced Micro Devices)
DRV:64bit: - (amd_sata) -- C:\Windows\SysNative\drivers\amd_sata.sys (Advanced Micro Devices)
DRV:64bit: - (amd_xata) -- C:\Windows\SysNative\drivers\amd_xata.sys (Advanced Micro Devices)
DRV:64bit: - (amdkmdag) -- C:\Windows\SysNative\drivers\atikmdag.sys (ATI Technologies Inc.)
DRV:64bit: - (amdkmdap) -- C:\Windows\SysNative\drivers\atikmpag.sys (Advanced Micro Devices, Inc.)
DRV:64bit: - (amdsata) -- C:\Windows\SysNative\drivers\amdsata.sys (Advanced Micro Devices)
DRV:64bit: - (amdxata) -- C:\Windows\SysNative\drivers\amdxata.sys (Advanced Micro Devices)
DRV:64bit: - (usbbus) -- C:\Windows\SysNative\drivers\lgx64bus.sys (LG Electronics Inc.)
DRV:64bit: - (ElbyCDIO) -- C:\Windows\SysNative\drivers\ElbyCDIO.sys (Elaborate Bytes AG)
DRV:64bit: - (HpSAMD) -- C:\Windows\SysNative\drivers\HpSAMD.sys (Hewlett-Packard Company)
DRV:64bit: - (TsUsbFlt) -- C:\Windows\SysNative\drivers\TsUsbFlt.sys (Microsoft Corporation)
DRV:64bit: - (sdbus) -- C:\Windows\SysNative\drivers\sdbus.sys (Microsoft Corporation)
DRV:64bit: - (sscdserd) -- C:\Windows\SysNative\drivers\sscdserd.sys (MCCI Corporation)
DRV:64bit: - (sscdmdm) -- C:\Windows\SysNative\drivers\sscdmdm.sys (MCCI Corporation)
DRV:64bit: - (sscdbus) -- C:\Windows\SysNative\drivers\sscdbus.sys (MCCI Corporation)
DRV:64bit: - (sscdmdfl) -- C:\Windows\SysNative\drivers\sscdmdfl.sys (MCCI Corporation)
DRV:64bit: - (ivusb) -- C:\Windows\SysNative\drivers\ivusb.sys (Initio Corporation)
DRV:64bit: - (AtiPcie) -- C:\Windows\SysNative\drivers\AtiPcie64.sys (Advanced Micro Devices Inc.)
DRV:64bit: - (AtiHdmiService) -- C:\Windows\SysNative\drivers\AtiHdmi.sys (ATI Technologies, Inc.)
DRV:64bit: - (amdiox64) -- C:\Windows\SysNative\drivers\amdiox64.sys (Advanced Micro Devices)
DRV:64bit: - (amdsbs) -- C:\Windows\SysNative\drivers\amdsbs.sys (AMD Technologies Inc.)
DRV:64bit: - (LSI_SAS2) -- C:\Windows\SysNative\drivers\lsi_sas2.sys (LSI Corporation)
DRV:64bit: - (stexstor) -- C:\Windows\SysNative\drivers\stexstor.sys (Promise Technology)
DRV:64bit: - (WSDPrintDevice) -- C:\Windows\SysNative\drivers\WSDPrint.sys (Microsoft Corporation)
DRV:64bit: - (WSDScan) -- C:\Windows\SysNative\drivers\WSDScan.sys (Microsoft Corporation)
DRV:64bit: - (SrvHsfV92) -- C:\Windows\SysNative\drivers\VSTDPV6.SYS (Conexant Systems, Inc.)
DRV:64bit: - (SrvHsfWinac) -- C:\Windows\SysNative\drivers\VSTCNXT6.SYS (Conexant Systems, Inc.)
DRV:64bit: - (SrvHsfHDA) -- C:\Windows\SysNative\drivers\VSTAZL6.SYS (Conexant Systems, Inc.)
DRV:64bit: - (igfx) -- C:\Windows\SysNative\drivers\igdkmd64.sys (Intel Corporation)
DRV:64bit: - (yukonw7) -- C:\Windows\SysNative\drivers\yk62x64.sys (Marvell)
DRV:64bit: - (netw5v64) -- C:\Windows\SysNative\drivers\netw5v64.sys (Intel Corporation)
DRV:64bit: - (ebdrv) -- C:\Windows\SysNative\drivers\evbda.sys (Broadcom Corporation)
DRV:64bit: - (b06bdrv) -- C:\Windows\SysNative\drivers\bxvbda.sys (Broadcom Corporation)
DRV:64bit: - (b57nd60a) -- C:\Windows\SysNative\drivers\b57nd60a.sys (Broadcom Corporation)
DRV:64bit: - (hcw85cir) -- C:\Windows\SysNative\drivers\hcw85cir.sys (Hauppauge Computer Works, Inc.)
DRV:64bit: - (GEARAspiWDM) -- C:\Windows\SysNative\drivers\GEARAspiWDM.sys (GEAR Software Inc.)
DRV:64bit: - (ManyCam) -- C:\Windows\SysNative\drivers\ManyCam_x64.sys (ManyCam LLC.)
DRV - (TuneUpUtilitiesDrv) -- C:\Program Files (x86)\TuneUp Utilities 2014\TuneUpUtilitiesDriver64.sys (TuneUp Software)
DRV - (WIMMount) -- C:\Windows\SysWOW64\drivers\wimmount.sys (Microsoft Corporation)
 
 
========== Standard Registry (SafeList) ==========
 
 
========== Internet Explorer ==========
 
IE:64bit: - HKLM\..\SearchScopes,DefaultScope = {9BB47C17-9C68-4BB3-B188-DD9AF0FD2406}
IE:64bit: - HKLM\..\SearchScopes\{D944BB61-2E34-4DBF-A683-47E505C587DC}: "URL" = http://rover.ebay.com/rover/1/711-30572-11896-2/4?mpre=http://shop.ebay.com/?_nkw={searchTerms}
IE:64bit: - HKLM\..\SearchScopes\{ec29edf6-ad3c-4e1c-a087-d6cb81400c43}: "URL" = http://www.bing.com/search?q={searchTerms}&form=HPNTDF&pc=HPNTDF&src=IE-SearchBox
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com
IE - HKLM\..\SearchScopes,DefaultScope = 
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE - HKLM\..\SearchScopes\{D944BB61-2E34-4DBF-A683-47E505C587DC}: "URL" = http://rover.ebay.com/rover/1/711-30572-11896-2/4?mpre=http://shop.ebay.com/?_nkw={searchTerms}
IE - HKLM\..\SearchScopes\{ec29edf6-ad3c-4e1c-a087-d6cb81400c43}: "URL" = http://www.bing.com/search?q={searchTerms}&form=HPNTDF&pc=HPNTDF&src=IE-SearchBox
 
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://g.msn.com/HPNOT/1
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Secondary Start Pages = http://start.alawar.ru/?pid=1683 [binary data]
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com
IE - HKCU\..\SearchScopes,DefaultScope = 
IE - HKCU\..\SearchScopes\{D944BB61-2E34-4DBF-A683-47E505C587DC}: "URL" = http://rover.ebay.com/rover/1/711-30572-11896-2/4?mpre=http://shop.ebay.com/?_nkw={searchTerms}
IE - HKCU\..\SearchScopes\{ec29edf6-ad3c-4e1c-a087-d6cb81400c43}: "URL" = http://www.bing.com/search?q={searchTerms}&form=HPNTDF&pc=HPNTDF&src=IE-SearchBox
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 
 
========== FireFox ==========
 
FF:64bit: - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF64_12_0_0_77.dll File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@divx.com/DivX VOD Helper,version=1.0.0: C:\Program Files\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)
FF:64bit: - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.)
FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files\Microsoft Silverlight\5.1.20913.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_12_0_0_77.dll ()
FF - HKLM\Software\MozillaPlugins\@adobe.com/ShockwavePlayer: C:\Windows\SysWOW64\Adobe\Director\np32dsw_1165635.dll (Adobe Systems, Inc.)
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=:  File not found
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF - HKLM\Software\MozillaPlugins\@divx.com/DivX Browser Plugin,version=1.0.0: C:\Program Files (x86)\DivX\DivX Plus Web Player\npdivx32.dll (DivX, LLC)
FF - HKLM\Software\MozillaPlugins\@divx.com/DivX VOD Helper,version=1.0.0: C:\Program Files (x86)\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)
FF - HKLM\Software\MozillaPlugins\@foxitsoftware.com/Foxit PhantomPDF Plugin,version=1.0,application/pdf: I:\SOFTWARES\Foxit.PhantomPDF.Business.6.0.10.1213\Foxit PhantomPDF\plugins\npFoxitPhantomPDFPlugin.dll File not found
FF - HKLM\Software\MozillaPlugins\@foxitsoftware.com/Foxit PhantomPDF Plugin,version=1.0,application/vnd.fdf: I:\SOFTWARES\Foxit.PhantomPDF.Business.6.0.10.1213\Foxit PhantomPDF\plugins\npFoxitPhantomPDFPlugin.dll File not found
FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.25.2: C:\Windows\SysWOW64\npDeployJava1.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.25.2: C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files (x86)\Microsoft Silverlight\5.1.20913.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/SharePoint,version=14.0: C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3502.0922: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3508.1109: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@real.com/nppl3260;version=16.0.1.18: c:\program files (x86)\real\realplayer\Netscape6\nppl3260.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprndlchromebrowserrecordext;version=1.3.1: C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlchromebrowserrecordext.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprndlhtml5videoshim;version=1.3.1: C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlhtml5videoshim.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprndlpepperflashvideoshim;version=1.3.1: C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlpepperflashvideoshim.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprpplugin;version=16.0.1.18: c:\program files (x86)\real\realplayer\Netscape6\nprpplugin.dll (RealPlayer)
FF - HKLM\Software\MozillaPlugins\@realnetworks.com/npdlplugin;version=1: C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\npdlplugin.dll (RealDownloader)
FF - HKLM\Software\MozillaPlugins\@WildTangent.com/GamesAppPresenceDetector,Version=1.0: C:\Program Files (x86)\WildTangent Games\App\BrowserIntegration\Registered\3\NP_wtapp.dll ()
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF - HKCU\Software\MozillaPlugins\@talk.google.com/GoogleTalkPlugin: C:\Users\Re\AppData\Roaming\Mozilla\plugins\npgoogletalk.dll (Google)
FF - HKCU\Software\MozillaPlugins\@talk.google.com/O1DPlugin: C:\Users\Re\AppData\Roaming\Mozilla\plugins\npo1d.dll (Google)
FF - HKCU\Software\MozillaPlugins\@talk.google.com/O3DPlugin: C:\Users\Re\AppData\Roaming\Mozilla\plugins\npgtpo3dautoplugin.dll ()
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Users\Re\AppData\Local\Google\Update\1.3.22.5\npGoogleUpdate3.dll (Google Inc.)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Users\Re\AppData\Local\Google\Update\1.3.22.5\npGoogleUpdate3.dll (Google Inc.)
 
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\virtualKeyboard@kaspersky.ru: C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 2012\FFExt\virtualKeyboard@kaspersky.ru
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{ABDE892B-13A8-4d1b-88E6-365A6E755758}: C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\Firefox\Ext
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{98e34367-8df7-42b4-837b-20b892ff0847}: G:\JewelQuestCollection-Skidrow\iWin Games\firefox\
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{97E22097-9A2F-45b1-8DAF-36AD648C7EF4}: C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\Firefox\Ext
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{23fcfd51-4958-4f00-80a3-ae97e717ed8b}: C:\Program Files (x86)\DivX\DivX Plus Web Player\firefox\DivXHTML5 [2012/08/02 19:58:25 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\url_advisor@kaspersky.com: C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 2013\FFExt\url_advisor@kaspersky.com [2013/04/23 12:01:31 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\virtual_keyboard@kaspersky.com: C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 2013\FFExt\virtual_keyboard@kaspersky.com [2013/04/23 12:01:31 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\content_blocker@kaspersky.com: C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 2013\FFExt\content_blocker@kaspersky.com [2013/04/23 12:01:31 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{DAC3F861-B30D-40dd-9166-F4E75327FAC7}: C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\Firefox\Ext\ [2013/04/03 13:30:28 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 16.0.2\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2013/09/24 17:43:32 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 16.0.2\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2014/02/12 11:02:17 | 000,000,000 | ---D | M]
 
[2012/02/25 02:01:29 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Re\AppData\Roaming\Mozilla\Extensions
[2014/03/13 18:41:52 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Re\AppData\Roaming\Mozilla\Firefox\Profiles\aumcxv1e.default\extensions
[2011/08/15 16:01:42 | 000,004,551 | ---- | M] () (No name found) -- C:\Users\Re\AppData\Roaming\Mozilla\Firefox\Profiles\aumcxv1e.default\extensions\support@platinumhideip.com.xpi
[2012/09/17 12:06:42 | 000,128,244 | ---- | M] () (No name found) -- C:\Users\Re\AppData\Roaming\Mozilla\Firefox\Profiles\aumcxv1e.default\extensions\{1DEC6447-C74F-4886-9002-202C27C703F1}.xpi
[2013/07/29 11:10:45 | 000,275,262 | ---- | M] () (No name found) -- C:\Users\Re\AppData\Roaming\Mozilla\Firefox\Profiles\aumcxv1e.default\extensions\{e4a8a97b-f2ed-450b-b12d-ee082ba24781}.xpi
[2014/03/13 18:08:35 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\Mozilla Firefox\extensions
[2012/09/20 10:39:01 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0035-ABCDEFFEDCBA}
[2011/05/14 18:28:27 | 000,000,000 | ---D | M] (Kaspersky URL Advisor) -- C:\Program Files (x86)\Mozilla Firefox\extensions\linkfilter@kaspersky.ru_bak
[2013/05/30 11:00:34 | 000,261,600 | ---- | M] (Mozilla Foundation) -- C:\Program Files (x86)\mozilla firefox\components\browsercomps.dll
[2012/04/19 07:04:05 | 002,179,072 | ---- | M] (DNAML Pty Ltd) -- C:\Program Files (x86)\mozilla firefox\plugins\npdbplug.dll
[2013/04/03 13:29:55 | 000,124,504 | ---- | M] (RealPlayer) -- C:\Program Files (x86)\mozilla firefox\plugins\nprpplugin.dll
[2013/05/30 11:00:31 | 000,002,465 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\bing.xml
[2013/05/30 11:00:31 | 000,002,058 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\twitter.xml
[2011/06/01 16:35:28 | 000,002,566 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\verizontb.xml
 
========== Chrome  ==========
 
CHR - default_search_provider: Google (Enabled)
CHR - default_search_provider: search_url = {google:baseURL}search?q={searchTerms}&{google:RLZ}{google:originalQueryForSuggestion}{google:assistedQueryStats}{google:searchFieldtrialParameter}{google:bookmarkBarPinned}{google:searchClient}{google:sourceId}{google:instantExtendedEnabledParameter}{google:omniboxStartMarginParameter}ie={inputEncoding}
CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client={google:suggestClient}&gs_ri={google:suggestRid}&xssi=t&q={searchTerms}&{google:cursorPosition}{google:currentPageUrl}{google:pageClassification}sugkey={google:suggestAPIKeyParameter},
CHR - homepage: http://www.google.com
CHR - plugin: Error reading preferences file
CHR - Extension: Kaspersky URL Advisor = C:\Users\Re\AppData\Local\Google\Chrome\User Data\Default\Extensions\dchlnpcodkpfdpacogkljefecpegganj\13.0.1.4190_1\
CHR - Extension: EasyDrop = C:\Users\Re\AppData\Local\Google\Chrome\User Data\Default\Extensions\flogpfmjdekjoilcnmmchanikomlidie\202\
CHR - Extension: Content Blocker = C:\Users\Re\AppData\Local\Google\Chrome\User Data\Default\Extensions\hghkgaeecgjhjkannahfamoehjmkjail\13.0.1.4190_1\
CHR - Extension: YoutubeAdblocker = C:\Users\Re\AppData\Local\Google\Chrome\User Data\Default\Extensions\idcpmelcbmpjkeohkbngnlfpapnfnnmn\1.0\
CHR - Extension: RealDownloader = C:\Users\Re\AppData\Local\Google\Chrome\User Data\Default\Extensions\idhngdhcfkoamngbedgpaokgjbnpdiji\1.3.1_1\
CHR - Extension: Virtual Keyboard = C:\Users\Re\AppData\Local\Google\Chrome\User Data\Default\Extensions\jagncdcchgajhfhijbbhecadmaiegcmh\13.0.1.4292_1\
CHR - Extension: Google Wallet = C:\Users\Re\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.6.1_1\
CHR - Extension: DivX Plus Web Player HTML5 \u003Cvideo> = C:\Users\Re\AppData\Local\Google\Chrome\User Data\Default\Extensions\nneajnkjbffgblleaoojgaacokifdkhm\2.1.2.145_1\
CHR - Extension: wwebsaeve = C:\Users\Re\AppData\Local\Google\Chrome\User Data\Default\Extensions\omilgcjaonhaenfbikdfcbabkbpllihc\3.7\
CHR - Extension: Downandsave = C:\Users\Re\AppData\Local\Google\Chrome\User Data\Default\Extensions\ppgjgejknhoafbgicpmmaiiikobkpfjm\1.19.8_0\crossrider
CHR - Extension: Downandsave = C:\Users\Re\AppData\Local\Google\Chrome\User Data\Default\Extensions\ppgjgejknhoafbgicpmmaiiikobkpfjm\1.19.8_0\
 
O1 HOSTS File: ([2012/09/15 16:35:37 | 000,000,862 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts
O1 - Hosts: C:\Windows\system32\drivers\etc\hosts:
O2:64bit: - BHO: (Content Blocker Plugin) - {5564CC73-EFA7-4CBF-918A-5CF7FBBFFF4F} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 2013\x64\IEExt\ContentBlocker\ie_content_blocker_plugin.dll (Kaspersky Lab ZAO)
O2:64bit: - BHO: (Virtual Keyboard Plugin) - {73455575-E40C-433C-9784-C78DC7761455} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 2013\x64\IEExt\VirtualKeyboard\ie_virtual_keyboard_plugin.dll (Kaspersky Lab ZAO)
O2:64bit: - BHO: (websave) - {7C528E70-9943-C05A-9065-98C48D4D5A3D} - C:\Program Files (x86)\websave\J0q.x64.dll File not found
O2:64bit: - BHO: (SNT) - {CB7DA989-D0F8-5994-0F5C-4B266E761070} - C:\Program Files (x86)\SNT\d6udcYb5.x64.dll File not found
O2:64bit: - BHO: (Bing Bar Helper) - {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - C:\Program Files (x86)\Microsoft\BingBar\7.3.124.0\amd64\BingExt.dll (Microsoft Corporation.)
O2:64bit: - BHO: (URL Advisor Plugin) - {E33CF602-D945-461A-83F0-819F76A199F8} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 2013\x64\IEExt\UrlAdvisor\klwtbbho.dll (Kaspersky Lab ZAO)
O2:64bit: - BHO: (HP Network Check Helper) - {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPluginx64.dll (Hewlett-Packard)
O2 - BHO: (RealNetworks Download and Record Plugin for Internet Explorer) - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\IE\rndlbrowserrecordplugin.dll (RealDownloader)
O2 - BHO: (Content Blocker Plugin) - {5564CC73-EFA7-4CBF-918A-5CF7FBBFFF4F} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 2013\IEExt\ContentBlocker\ie_content_blocker_plugin.dll (Kaspersky Lab ZAO)
O2 - BHO: (Virtual Keyboard Plugin) - {73455575-E40C-433C-9784-C78DC7761455} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 2013\IEExt\VirtualKeyboard\ie_virtual_keyboard_plugin.dll (Kaspersky Lab ZAO)
O2 - BHO: (Java™ Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
O2 - BHO: (IEHlprObj Class) - {8CA5ED52-F3FB-4414-A105-2E3491156990} - G:\JEWELQ~1\IWINGA~1\IWINGA~1.DLL File not found
O2 - BHO: (SNT) - {CB7DA989-D0F8-5994-0F5C-4B266E761070} - C:\Program Files (x86)\SNT\d6udcYb5.dll File not found
O2 - BHO: (Bing Bar Helper) - {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - C:\Program Files (x86)\Microsoft\BingBar\7.3.124.0\BingExt.dll (Microsoft Corporation.)
O2 - BHO: (Java™ Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
O2 - BHO: (URL Advisor Plugin) - {E33CF602-D945-461A-83F0-819F76A199F8} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 2013\IEExt\UrlAdvisor\klwtbbho.dll (Kaspersky Lab ZAO)
O2 - BHO: (HP Network Check Helper) - {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll (Hewlett-Packard)
O3:64bit: - HKLM\..\Toolbar: (Bing Bar) - {8dcb7100-df86-4384-8842-8fa844297b3f} - C:\Program Files (x86)\Microsoft\BingBar\7.3.124.0\amd64\BingExt.dll (Microsoft Corporation.)
O3:64bit: - HKLM\..\Toolbar: (no name) - 10 - No CLSID value found.
O3 - HKLM\..\Toolbar: (AllGamesHome Toolbar) - {5FC86FB3-A8B1-400B-8BE7-0EAF0D857F5D} - C:\Program Files (x86)\AllGamesHome Toolbar\tbunsqD23C.tmp\tbcore3.dll ()
O3 - HKLM\..\Toolbar: (Bing Bar) - {8dcb7100-df86-4384-8842-8fa844297b3f} - C:\Program Files (x86)\Microsoft\BingBar\7.3.124.0\BingExt.dll (Microsoft Corporation.)
O3 - HKLM\..\Toolbar: (AOL Toolbar) - {ba00b7b1-0351-477a-b948-23e3ee5a73d4} - C:\Program Files (x86)\AOL Toolbar\aoltb.dll File not found
O3 - HKLM\..\Toolbar: (no name) - 10 - No CLSID value found.
O3 - HKCU\..\Toolbar\WebBrowser: (AllGamesHome Toolbar) - {5FC86FB3-A8B1-400B-8BE7-0EAF0D857F5D} - C:\Program Files (x86)\AllGamesHome Toolbar\tbunsqD23C.tmp\tbcore3.dll ()
O3 - HKCU\..\Toolbar\WebBrowser: (AOL Toolbar) - {BA00B7B1-0351-477A-B948-23E3EE5A73D4} - C:\Program Files (x86)\AOL Toolbar\aoltb.dll File not found
O4:64bit: - HKLM..\Run: [AdobeAAMUpdater-1.0] C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe (Adobe Systems Incorporated)
O4:64bit: - HKLM..\Run: [HPWirelessAssistant] C:\Program Files\Hewlett-Packard\HP Wireless Assistant\DelayedAppStarter.exe ()
O4:64bit: - HKLM..\Run: [SysTrayApp] C:\Program Files\IDT\WDM\sttray64.exe (IDT, Inc.)
O4 - HKLM..\Run: []  File not found
O4 - HKLM..\Run: [AdobeCS6ServiceManager] C:\Program Files (x86)\Common Files\Adobe\CS6ServiceManager\CS6ServiceManager.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [APSDaemon] C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe (Apple Inc.)
O4 - HKLM..\Run: [AVP] C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 2013\avp.exe (Kaspersky Lab ZAO)
O4 - HKLM..\Run: [CLMLServer] C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvc.exe (CyberLink)
O4 - HKLM..\Run: [DivXMediaServer] C:\Program Files (x86)\DivX\DivX Media Server\DivXMediaServer.exe ()
O4 - HKLM..\Run: [HP Quick Launch] C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPMSGSVC.exe (Hewlett-Packard Development Company, L.P.)
O4 - HKLM..\Run: [HPOSD] C:\Program Files (x86)\Hewlett-Packard\HP On Screen Display\HPOSD.exe (Hewlett-Packard Development Company, L.P.)
O4 - HKLM..\Run: [StartCCC] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe (Advanced Micro Devices, Inc.)
O4 - HKLM..\Run: [SwitchBoard] C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [UpdateLBPShortCut] C:\Program Files (x86)\CyberLink\LabelPrint\MUITransfer\MUIStartMenu.exe (CyberLink Corp.)
O4 - HKLM..\Run: [UpdateP2GoShortCut] C:\Program Files (x86)\CyberLink\Power2Go\MUITransfer\MUIStartMenu.exe (CyberLink Corp.)
O4 - HKLM..\Run: [UpdatePSTShortCut] C:\Program Files (x86)\CyberLink\DVD Suite\MUITransfer\MUIStartMenu.exe (CyberLink Corp.)
O4 - HKCU..\Run: [ManyCam] C:\Program Files (x86)\ManyCam\Bin\ManyCam.exe (ManyCam LLC)
O4 - HKCU..\Run: [Plex Media Server] C:\Program Files (x86)\Plex\Plex Media Server\Plex Media Server.exe (Plex, Inc.)
O4 - HKCU..\Run: [RESTART_STICKY_NOTES] C:\Windows\System32\StikyNot.exe File not found
O4 - HKCU..\Run: [Xvid] C:\Program Files (x86)\Xvid\CheckUpdate.exe ()
O4:64bit: - HKLM..\RunOnce: [NCPluginUpdater] C:\Program Files (x86)\Hewlett-Packard\HP Health Check\ActiveCheck\product_line\NCPluginUpdater.exe (Hewlett-Packard)
O4 - Startup: C:\Users\Re\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk = C:\Users\Re\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Main present
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 28
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O9:64bit: - Extra Button: Virtual Keyboard - {0C4CC089-D306-440D-9772-464E226F6539} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 2013\x64\IEExt\VirtualKeyboard\ie_virtual_keyboard_plugin.dll (Kaspersky Lab ZAO)
O9:64bit: - Extra Button: @C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPluginx64.dll,-103 - {25510184-5A38-4A99-B273-DCA8EEF6CD08} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\NCLauncherFromIE.exe (Hewlett-Packard)
O9:64bit: - Extra 'Tools' menuitem : @C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPluginx64.dll,-102 - {25510184-5A38-4A99-B273-DCA8EEF6CD08} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\NCLauncherFromIE.exe (Hewlett-Packard)
O9:64bit: - Extra Button: URLs check - {CCF151D8-D089-449F-A5A4-D9909053F20F} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 2013\x64\IEExt\UrlAdvisor\klwtbbho.dll (Kaspersky Lab ZAO)
O9 - Extra Button: Virtual Keyboard - {0C4CC089-D306-440D-9772-464E226F6539} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 2013\IEExt\VirtualKeyboard\ie_virtual_keyboard_plugin.dll (Kaspersky Lab ZAO)
O9 - Extra Button: @C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll,-103 - {25510184-5A38-4A99-B273-DCA8EEF6CD08} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\NCLauncherFromIE.exe (Hewlett-Packard)
O9 - Extra 'Tools' menuitem : @C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll,-102 - {25510184-5A38-4A99-B273-DCA8EEF6CD08} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\NCLauncherFromIE.exe (Hewlett-Packard)
O9 - Extra Button: AllGamesHome Toolbar - {5FC86FB3-A8B1-400B-8BE7-0EAF0D857F5D} - C:\Program Files (x86)\AllGamesHome Toolbar\tbunsqD23C.tmp\tbcore3.dll ()
O9 - Extra 'Tools' menuitem : AllGamesHome Toolbar - {5FC86FB3-A8B1-400B-8BE7-0EAF0D857F5D} - C:\Program Files (x86)\AllGamesHome Toolbar\tbunsqD23C.tmp\tbcore3.dll ()
O9 - Extra Button: URLs check - {CCF151D8-D089-449F-A5A4-D9909053F20F} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 2013\IEExt\UrlAdvisor\klwtbbho.dll (Kaspersky Lab ZAO)
O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000009 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000009 [] - C:\Program Files (x86)\Bonjour\mdnsNSP.dll (Apple Inc.)
O1364bit: - gopher Prefix: missing
O13 - gopher Prefix: missing
O15 - HKCU\..Trusted Domains: verizon.net ([activate] https in Trusted sites)
O15 - HKCU\..Trusted Domains: verizon.net ([activatemydsl] https in Trusted sites)
O15 - HKCU\..Trusted Domains: verizon.net ([activatemyfios] https in Trusted sites)
O15 - HKCU\..Trusted Domains: verizon.net ([activatemyhsi] https in Trusted sites)
O15 - HKCU\..Trusted Domains: verizon.net ([activatemywifi] https in Trusted sites)
O15 - HKCU\..Trusted Domains: verizon.net ([wbadownload] https in Trusted sites)
O16:64bit: - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_22-windows-i586.cab (Java Plug-in 1.6.0_22)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_35-windows-i586.cab (Java Plug-in 10.25.2)
O16 - DPF: {CAFEEFAC-0016-0000-0035-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_35-windows-i586.cab (Java Plug-in 1.6.0_35)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_35-windows-i586.cab (Java Plug-in 10.25.2)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{484976D6-2809-4230-AEDB-18D7EE0A6604}: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{DABEF533-2E3A-447A-B37B-19C2C572A8A6}: DhcpNameServer = 192.168.1.1
O18:64bit: - Protocol\Handler\livecall - No CLSID value found
O18:64bit: - Protocol\Handler\msnim - No CLSID value found
O18:64bit: - Protocol\Handler\skype4com - No CLSID value found
O18:64bit: - Protocol\Handler\wlmailhtml - No CLSID value found
O18:64bit: - Protocol\Handler\wlpg - No CLSID value found
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (userinit.exe) - C:\Windows\SysWow64\userinit.exe (Microsoft Corporation)
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O32 - HKLM CDRom: AutoRun - 1
O33 - MountPoints2\{44526b81-2f2a-11e2-8456-2c27d7c3f314}\Shell - "" = AutoRun
O33 - MountPoints2\{44526b81-2f2a-11e2-8456-2c27d7c3f314}\Shell\AutoRun\command - "" = I:\LaunchU3.exe -a
O33 - MountPoints2\{5fd8acd3-9eda-11e1-8532-2c27d7c3f314}\Shell - "" = AutoRun
O33 - MountPoints2\{5fd8acd3-9eda-11e1-8532-2c27d7c3f314}\Shell\AutoRun\command - "" = G:\TL_Bootstrap.exe
O33 - MountPoints2\{e580fbb7-3d32-11e1-976b-2c27d7c3f314}\Shell - "" = AutoRun
O33 - MountPoints2\{e580fbb7-3d32-11e1-976b-2c27d7c3f314}\Shell\AutoRun\command - "" = G:\TL_Bootstrap.exe
O34 - HKLM BootExecute: (autocheck autochk *)
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)
 
========== Files/Folders - Created Within 30 Days ==========
 
[2014/03/13 18:19:08 | 000,000,000 | ---D | C] -- C:\Windows\ERUNT
[2014/03/13 18:17:52 | 001,037,734 | ---- | C] (Thisisu) -- C:\Users\Re\Desktop\JRT.exe
[2014/03/13 18:12:52 | 000,000,000 | ---D | C] -- C:\ProgramData\boost_interprocess
[2014/03/13 11:58:30 | 000,000,000 | ---D | C] -- C:\AdwCleaner
[2014/03/13 11:27:20 | 000,119,000 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\MBAMSwissArmy.sys
[2014/03/13 11:24:31 | 000,091,352 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\mbamchameleon.sys
[2014/03/13 11:24:15 | 000,000,000 | ---D | C] -- C:\Users\Re\Desktop\mbar
[2014/03/13 11:20:42 | 012,589,848 | ---- | C] (Malwarebytes Corp.) -- C:\Users\Re\Desktop\mbar-1.07.0.1009.exe
[2014/03/12 19:35:26 | 000,602,112 | ---- | C] (OldTimer Tools) -- C:\Users\Re\Desktop\OTL.exe
[2014/03/09 23:45:57 | 000,040,760 | ---- | C] (TuneUp Software) -- C:\Windows\SysNative\TURegOpt.exe
[2014/03/09 23:45:48 | 000,029,496 | ---- | C] (TuneUp Software) -- C:\Windows\SysNative\authuitu.dll
[2014/03/09 23:45:48 | 000,025,400 | ---- | C] (TuneUp Software) -- C:\Windows\SysWow64\authuitu.dll
[2014/03/09 23:45:34 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TuneUp Utilities 2014
[2014/03/09 23:45:04 | 000,000,000 | ---D | C] -- C:\Users\Re\AppData\Roaming\TuneUp Software
[2014/03/09 23:44:30 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\TuneUp Utilities 2014
[2014/03/09 23:42:19 | 000,000,000 | ---D | C] -- C:\ProgramData\TuneUp Software
[2014/03/09 23:41:58 | 000,000,000 | -HSD | C] -- C:\ProgramData\{FE8D473A-6F06-4F99-B5F4-BED72B2A038C}
[2014/03/09 23:41:58 | 000,000,000 | -H-D | C] -- C:\ProgramData\Common Files
[2014/03/06 11:58:50 | 000,000,000 | ---D | C] -- C:\temp_dvd
[2014/03/06 11:58:50 | 000,000,000 | ---D | C] -- C:\ProgramData\DVD-Cloner
[2014/03/06 11:58:39 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DVD-Cloner
[2014/03/06 11:58:26 | 000,000,000 | ---D | C] -- C:\Users\Re\AppData\Roaming\DVD-Cloner
[2014/03/06 10:56:59 | 000,000,000 | ---D | C] -- C:\Users\Re\AppData\Roaming\Pavtube
[2014/03/06 10:55:31 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Pavtube
[2014/03/06 10:47:08 | 000,000,000 | ---D | C] -- C:\Users\Re\Documents\CuteDJ
[2014/03/06 10:46:42 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CuteDJ
[2014/03/03 15:06:01 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Image Cartoonizer
[2014/03/03 15:05:38 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\X86
[2014/03/03 15:05:38 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\AMD64
[2014/03/03 15:05:31 | 000,000,000 | ---D | C] -- C:\ProgramData\Right Soft
[2014/03/03 15:04:55 | 000,000,000 | ---D | C] -- C:\Users\Re\AppData\Local\Packages
[2014/03/03 15:04:43 | 000,000,000 | ---D | C] -- C:\Users\Re\AppData\Local\Comodo
[2014/03/03 15:04:43 | 000,000,000 | ---D | C] -- C:\ProgramData\bb599e7c081cff2a
[2014/02/27 09:38:33 | 000,000,000 | ---D | C] -- C:\Users\Re\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinKnit Ver5.1
[2014/02/25 10:22:10 | 000,548,864 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\vbscript.dll
[2014/02/24 22:01:28 | 000,195,584 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msrating.dll
[2014/02/24 22:01:28 | 000,164,864 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msrating.dll
[2014/02/24 22:01:26 | 000,440,832 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieui.dll
[2014/02/24 22:01:25 | 000,574,976 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieui.dll
[2014/02/24 22:01:23 | 000,218,624 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ie4uinit.exe
[2014/02/24 22:01:23 | 000,033,792 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\iernonce.dll
[2014/02/24 22:01:23 | 000,004,096 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieetwcollectorres.dll
[2014/02/24 22:01:22 | 000,627,200 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msfeeds.dll
[2014/02/24 22:01:22 | 000,139,264 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieUnatt.exe
[2014/02/24 22:01:22 | 000,112,128 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieUnatt.exe
[2014/02/24 22:01:22 | 000,061,952 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\iesetup.dll
[2014/02/24 22:01:21 | 000,111,616 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieetwcollector.exe
[2014/02/24 22:01:21 | 000,066,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\iesetup.dll
[2014/02/24 22:01:21 | 000,051,200 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieetwproxystub.dll
[2014/02/24 22:01:21 | 000,048,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieetwproxystub.dll
[2014/02/24 22:01:21 | 000,032,768 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\iernonce.dll
[2014/02/24 22:01:20 | 000,817,664 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieapfltr.dll
[2014/02/24 22:01:20 | 000,708,608 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\jscript9diag.dll
[2014/02/24 22:01:20 | 000,703,488 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieapfltr.dll
[2014/02/24 22:01:20 | 000,553,472 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\jscript9diag.dll
[2014/02/24 22:01:18 | 002,041,856 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\inetcpl.cpl
[2014/02/24 22:01:18 | 001,964,032 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\inetcpl.cpl
[2014/02/24 22:01:15 | 005,768,704 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\jscript9.dll
[2014/02/20 15:39:02 | 000,000,000 | -H-D | C] -- C:\Windows\SysNative\CanonIJ Uninstaller Information
[2014/02/20 15:38:25 | 000,385,024 | ---- | C] (CANON INC.) -- C:\Windows\SysNative\CNMLMAG.DLL
[2014/02/13 07:09:29 | 000,000,000 | ---D | C] -- C:\ProgramData\STOIK
[2014/02/13 07:09:29 | 000,000,000 | ---D | C] -- C:\Users\Re\AppData\Roaming\PaintBN
[2014/02/13 07:09:16 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\STOIK Imaging
[2014/02/13 06:56:51 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msxml3r.dll
[2014/02/13 06:56:51 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msxml3r.dll
[2014/02/13 06:56:28 | 000,658,432 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\RMActivate_isv.exe
[2014/02/13 06:56:28 | 000,626,176 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\RMActivate.exe
[2014/02/13 06:56:28 | 000,594,944 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\RMActivate_isv.exe
[2014/02/13 06:56:28 | 000,572,416 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\RMActivate.exe
[2014/02/13 06:56:28 | 000,553,984 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\RMActivate_ssp.exe
[2014/02/13 06:56:28 | 000,552,960 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\RMActivate_ssp_isv.exe
[2014/02/13 06:56:28 | 000,510,976 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\RMActivate_ssp.exe
[2014/02/13 06:56:28 | 000,508,928 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\RMActivate_ssp_isv.exe
[2014/02/13 06:56:28 | 000,488,448 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\secproc.dll
[2014/02/13 06:56:28 | 000,485,888 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\secproc_isv.dll
[2014/02/13 06:56:28 | 000,423,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\secproc_isv.dll
[2014/02/13 06:56:27 | 000,528,384 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msdrm.dll
[2014/02/13 06:56:27 | 000,428,032 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\secproc.dll
[2014/02/13 06:56:27 | 000,123,392 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\secproc_ssp_isv.dll
[2014/02/13 06:56:27 | 000,123,392 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\secproc_ssp.dll
[2014/02/13 06:56:27 | 000,087,040 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\secproc_ssp_isv.dll
[2014/02/13 06:56:27 | 000,087,040 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\secproc_ssp.dll
[2014/02/13 06:56:06 | 003,928,064 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d2d1.dll
[2014/02/13 06:56:06 | 002,565,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3d10warp.dll
[2013/08/21 14:29:01 | 063,210,976 | ---- | C] (Microsoft Corporation) -- C:\Users\Re\PowerPointViewer.exe
[2013/07/29 16:21:31 | 001,067,456 | ---- | C] (Solid State Networks) -- C:\Users\Re\install_flashplayer11x32au_mssd_aaa_aih.exe
[2012/12/19 11:08:27 | 000,933,768 | ---- | C] (DivX, LLC) -- C:\Users\Re\DivXInstaller.exe
[2012/11/19 18:45:47 | 080,521,624 | ---- | C] (Apple Inc.) -- C:\Users\Re\iTunes64Setup.exe
[2012/08/05 19:01:24 | 000,893,936 | ---- | C] (Oracle Corporation) -- C:\Program Files\chromeinstall-7u5 (1).exe
[2012/08/05 19:00:06 | 000,893,936 | ---- | C] (Oracle Corporation) -- C:\Program Files\chromeinstall-7u5.exe
[2012/08/05 18:08:23 | 006,723,616 | ---- | C] (Adobe Systems Inc.) -- C:\Program Files\Shockwave_Installer_Slim.exe
[2011/05/30 15:00:50 | 035,624,744 | ---- | C] (Apple Inc.) -- C:\Users\Re\SafariSetup.exe
[2 C:\Users\Re\Documents\*.tmp files -> C:\Users\Re\Documents\*.tmp -> ]
[1 C:\Program Files (x86)\*.tmp files -> C:\Program Files (x86)\*.tmp -> ]
 
========== Files - Modified Within 30 Days ==========
 
[2014/03/13 18:20:38 | 000,023,248 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2014/03/13 18:20:38 | 000,023,248 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2014/03/13 18:18:07 | 001,037,734 | ---- | M] (Thisisu) -- C:\Users\Re\Desktop\JRT.exe
[2014/03/13 18:17:26 | 000,727,334 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2014/03/13 18:17:26 | 000,624,864 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2014/03/13 18:17:26 | 000,106,950 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2014/03/13 18:11:38 | 000,000,442 | -H-- | M] () -- C:\Windows\tasks\WS-Booster-S-975730335.job
[2014/03/13 18:11:27 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2014/03/13 18:11:13 | 3015,888,896 | -HS- | M] () -- C:\hiberfil.sys
[2014/03/13 18:01:25 | 000,000,830 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
[2014/03/13 15:44:29 | 000,119,000 | ---- | M] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\MBAMSwissArmy.sys
[2014/03/13 15:34:21 | 000,091,352 | ---- | M] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\mbamchameleon.sys
[2014/03/13 11:57:16 | 001,949,184 | ---- | M] () -- C:\Users\Re\Desktop\AdwCleaner.exe
[2014/03/13 11:21:24 | 012,589,848 | ---- | M] (Malwarebytes Corp.) -- C:\Users\Re\Desktop\mbar-1.07.0.1009.exe
[2014/03/12 20:59:24 | 623,217,456 | ---- | M] () -- C:\Windows\MEMORY.DMP
[2014/03/12 19:35:28 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Re\Desktop\OTL.exe
[2014/03/12 19:26:33 | 000,987,442 | ---- | M] () -- C:\Users\Re\Desktop\SecurityCheck.exe
[2014/03/12 04:01:26 | 000,692,616 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerApp.exe
[2014/03/12 04:01:26 | 000,071,048 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl
[2014/03/10 10:02:02 | 000,000,408 | ---- | M] () -- C:\Users\Public\Desktop\Rachels Retreat.lnk
[2014/03/10 10:02:02 | 000,000,374 | ---- | M] () -- C:\Users\Public\Desktop\brigiton.exe.lnk
[2014/03/09 23:45:42 | 000,002,173 | ---- | M] () -- C:\Users\Public\Desktop\TuneUp 1-Click Maintenance.lnk
[2014/03/09 23:45:42 | 000,002,147 | ---- | M] () -- C:\Users\Public\Desktop\TuneUp Utilities 2014.lnk
[2014/03/09 09:53:11 | 000,000,336 | ---- | M] () -- C:\Windows\tasks\HPCeeScheduleForRE-HP$.job
[2014/03/06 11:58:39 | 000,000,873 | ---- | M] () -- C:\Users\Re\Desktop\DVD-Cloner 2014.lnk
[2014/02/18 16:34:04 | 000,000,844 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-4289172721-1116576219-2403535013-1001Core1cf2ce8c3984813.job
[2014/02/13 07:10:50 | 000,000,114 | ---- | M] () -- C:\ProgramData\cbn4.key
[2014/02/13 07:09:29 | 000,000,012 | ---- | M] () -- C:\Users\Re\AppData\Local\8372
[2014/02/13 07:09:29 | 000,000,012 | ---- | M] () -- C:\Users\Public\Documents\6681
[2014/02/13 07:09:29 | 000,000,012 | ---- | M] () -- C:\ProgramData\3969
[2014/02/13 07:09:29 | 000,000,012 | ---- | M] () -- C:\ProgramData\3495
[2014/02/13 07:09:29 | 000,000,012 | ---- | M] () -- C:\ProgramData\2198
[2014/02/13 07:09:29 | 000,000,012 | ---- | M] () -- C:\Users\Re\Documents\0250
[2014/02/13 07:09:29 | 000,000,012 | ---- | M] () -- C:\Users\Re\AppData\Roaming\0078
[2014/02/13 07:09:16 | 000,000,705 | ---- | M] () -- C:\Users\Public\Desktop\Color by Number 4.lnk
[2 C:\Users\Re\Documents\*.tmp files -> C:\Users\Re\Documents\*.tmp -> ]
[1 C:\Program Files (x86)\*.tmp files -> C:\Program Files (x86)\*.tmp -> ]
 
========== Files Created - No Company Name ==========
 
[2014/03/13 11:57:08 | 001,949,184 | ---- | C] () -- C:\Users\Re\Desktop\AdwCleaner.exe
[2014/03/12 19:26:21 | 000,987,442 | ---- | C] () -- C:\Users\Re\Desktop\SecurityCheck.exe
[2014/03/09 23:45:42 | 000,002,173 | ---- | C] () -- C:\Users\Public\Desktop\TuneUp 1-Click Maintenance.lnk
[2014/03/09 23:45:42 | 000,002,147 | ---- | C] () -- C:\Users\Public\Desktop\TuneUp Utilities 2014.lnk
[2014/03/09 23:45:34 | 000,002,159 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TuneUp Utilities 2014.lnk
[2014/03/06 11:58:39 | 000,000,873 | ---- | C] () -- C:\Users\Re\Desktop\DVD-Cloner 2014.lnk
[2014/03/03 15:05:32 | 000,000,442 | -H-- | C] () -- C:\Windows\tasks\WS-Booster-S-975730335.job
[2014/02/18 16:34:04 | 000,000,844 | ---- | C] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-4289172721-1116576219-2403535013-1001Core1cf2ce8c3984813.job
[2014/02/13 07:10:50 | 000,000,114 | ---- | C] () -- C:\ProgramData\cbn4.key
[2014/02/13 07:09:29 | 000,000,012 | ---- | C] () -- C:\Users\Re\AppData\Local\8372
[2014/02/13 07:09:29 | 000,000,012 | ---- | C] () -- C:\Users\Public\Documents\6681
[2014/02/13 07:09:29 | 000,000,012 | ---- | C] () -- C:\ProgramData\3969
[2014/02/13 07:09:29 | 000,000,012 | ---- | C] () -- C:\ProgramData\3495
[2014/02/13 07:09:29 | 000,000,012 | ---- | C] () -- C:\ProgramData\2198
[2014/02/13 07:09:29 | 000,000,012 | ---- | C] () -- C:\Users\Re\Documents\0250
[2014/02/13 07:09:29 | 000,000,012 | ---- | C] () -- C:\Users\Re\AppData\Roaming\0078
[2014/02/13 07:09:16 | 000,000,705 | ---- | C] () -- C:\Users\Public\Desktop\Color by Number 4.lnk
[2014/01/20 20:00:03 | 000,000,073 | ---- | C] () -- C:\Windows\cdplayer.ini
[2014/01/20 19:58:25 | 000,001,534 | ---- | C] () -- C:\ProgramData\ss.ini
[2013/10/27 20:40:57 | 000,000,000 | ---- | C] () -- C:\Windows\lgfwup.ini
[2013/10/03 19:45:05 | 000,000,132 | ---- | C] () -- C:\Users\Re\AppData\Roaming\Adobe PNG Format CS5 Prefs
[2013/01/21 15:35:02 | 000,000,017 | ---- | C] () -- C:\Windows\SysWow64\shortcut_ex.dat
[2012/05/01 16:05:12 | 000,000,550 | ---- | C] () -- C:\Windows\wwwconfig.dat
[2012/04/19 07:04:06 | 000,245,840 | ---- | C] () -- C:\Windows\SysWow64\DNLEng.dll
[2012/04/19 07:04:05 | 000,894,616 | ---- | C] () -- C:\Windows\dbplugin.exe
[2012/04/03 05:41:47 | 000,017,408 | ---- | C] () -- C:\Users\Re\AppData\Local\WebpageIcons.db
[2012/03/27 19:38:11 | 000,000,085 | -HS- | C] () -- C:\ProgramData\.zreglib
[2012/03/27 18:10:07 | 000,000,303 | ---- | C] () -- C:\Windows\CloneDVD.INI
[2012/02/24 10:07:18 | 000,003,140 | -HS- | C] () -- C:\ProgramData\KGyGaAvL.sys
[2012/02/24 10:07:18 | 000,000,088 | RHS- | C] () -- C:\ProgramData\437B811E62.sys
[2011/08/03 20:48:41 | 000,102,248 | ---- | C] () -- C:\Users\Re\GoToAssistDownloadHelper.exe
 
========== ZeroAccess Check ==========
 
[2009/07/14 00:55:00 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini
 
[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
 
[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
 
[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] /64
 
[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
"" = C:\Windows\SysNative\shell32.dll -- [2013/07/25 22:24:57 | 014,172,672 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
 
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2013/07/25 21:55:59 | 012,872,704 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\fastprox.dll -- [2009/07/13 21:40:51 | 000,909,312 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
 
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2010/11/20 08:19:02 | 000,606,208 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\wbemess.dll -- [2009/07/13 21:41:56 | 000,505,856 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both
 
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]
 
========== Files - Unicode (All) ==========
[2013/04/06 18:19:44 | 000,001,432 | ---- | M] ()(C:\Users\Public\Desktop\??????. ?????? ????????.lnk) -- C:\Users\Public\Desktop\Святой. Бездна отчаяния.lnk
[2013/04/06 18:19:44 | 000,001,432 | ---- | C] ()(C:\Users\Public\Desktop\??????. ?????? ????????.lnk) -- C:\Users\Public\Desktop\Святой. Бездна отчаяния.lnk
[2011/10/23 18:10:30 | 000,001,290 | ---- | M] ()(C:\Users\Re\Desktop\????????? ?????.lnk) -- C:\Users\Re\Desktop\Свадебный салон.lnk
[2011/10/23 18:10:30 | 000,001,290 | ---- | C] ()(C:\Users\Re\Desktop\????????? ?????.lnk) -- C:\Users\Re\Desktop\Свадебный салон.lnk
(C:\Users\Re\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\???? ?? Alawar) -- C:\Users\Re\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Игры от Alawar
 
========== Alternate Data Streams ==========
 
@Alternate Data Stream - 169 bytes -> C:\ProgramData\Temp:A31FAD21
@Alternate Data Stream - 144 bytes -> C:\ProgramData\Temp:FD000392
@Alternate Data Stream - 142 bytes -> C:\ProgramData\Temp:9EF92A1A
@Alternate Data Stream - 141 bytes -> C:\ProgramData\Temp:F6A0889A
@Alternate Data Stream - 141 bytes -> C:\ProgramData\Temp:700B9342
@Alternate Data Stream - 140 bytes -> C:\ProgramData\Temp:71380EB5
@Alternate Data Stream - 137 bytes -> C:\ProgramData\Temp:E153075C
@Alternate Data Stream - 137 bytes -> C:\ProgramData\Temp:517EFA90
@Alternate Data Stream - 137 bytes -> C:\ProgramData\Temp:054B9966
@Alternate Data Stream - 136 bytes -> C:\ProgramData\Temp:B779C113
@Alternate Data Stream - 136 bytes -> C:\ProgramData\Temp:371A321E
@Alternate Data Stream - 134 bytes -> C:\ProgramData\Temp:E3D8C69A
@Alternate Data Stream - 134 bytes -> C:\ProgramData\Temp:ACE7A9BB
@Alternate Data Stream - 133 bytes -> C:\ProgramData\Temp:5D25D96A
@Alternate Data Stream - 132 bytes -> C:\ProgramData\Temp:9D605054
@Alternate Data Stream - 130 bytes -> C:\ProgramData\Temp:6423D635
@Alternate Data Stream - 128 bytes -> C:\ProgramData\Temp:3D922890
@Alternate Data Stream - 127 bytes -> C:\ProgramData\Temp:F5B51004
@Alternate Data Stream - 127 bytes -> C:\ProgramData\Temp:1F8C9007
@Alternate Data Stream - 126 bytes -> C:\ProgramData\Temp:A548B4F0
@Alternate Data Stream - 125 bytes -> C:\ProgramData\Temp:FBFE8C4E
@Alternate Data Stream - 125 bytes -> C:\ProgramData\Temp:417B6FAC
@Alternate Data Stream - 125 bytes -> C:\ProgramData\Temp:2D2461E7
@Alternate Data Stream - 124 bytes -> C:\ProgramData\Temp:26499772
@Alternate Data Stream - 123 bytes -> C:\ProgramData\Temp:B430FD52
@Alternate Data Stream - 120 bytes -> C:\ProgramData\Temp:F42BB562
@Alternate Data Stream - 120 bytes -> C:\ProgramData\Temp:E80802C7
@Alternate Data Stream - 120 bytes -> C:\ProgramData\Temp:16F4BC64
@Alternate Data Stream - 116 bytes -> C:\ProgramData\Temp:161AA30B
@Alternate Data Stream - 115 bytes -> C:\ProgramData\Temp:84744B34
@Alternate Data Stream - 113 bytes -> C:\ProgramData\Temp:FFD38FD9
@Alternate Data Stream - 113 bytes -> C:\ProgramData\Temp:EB5BDBB0
@Alternate Data Stream - 112 bytes -> C:\ProgramData\Temp:F1F85068
@Alternate Data Stream - 108 bytes -> C:\ProgramData\Temp:EDD903C5
@Alternate Data Stream - 108 bytes -> C:\ProgramData\Temp:122B409D
@Alternate Data Stream - 106 bytes -> C:\ProgramData\Temp:47FE7AB7
 
< End of report >





0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users