Page 2 of 4 FirstFirst 1234 LastLast
Results 11 to 20 of 33

Thread: Yes, it's Win32.downloader.gen...

  1. #11
    Junior Member
    Join Date
    Oct 2013
    Posts
    17

    Default

    SystemLook 30.07.11 by jpshortstuff
    Log created at 14:11 on 27/10/2013 by azadeth
    Administrator - Elevation successful
    WARNING: SystemLook running under WOW64. Use SystemLook_x64 for accurate results.

    ========== folderfind ==========

    Searching for "Conduit"
    C:\AdwCleaner\Quarantine\C\Program Files (x86)\Conduit d------ [15:01 27/10/2013]
    C:\AdwCleaner\Quarantine\C\ProgramData\Conduit d------ [15:01 27/10/2013]
    C:\AdwCleaner\Quarantine\C\Users\azadeth\AppData\Local\Conduit d------ [15:01 27/10/2013]
    C:\AdwCleaner\Quarantine\C\Users\azadeth\AppData\LocalLow\Conduit d------ [15:01 27/10/2013]

    ========== filefind ==========

    Searching for "Conduit"
    No files found.

    ========== regfind ==========

    Searching for "Conduit"
    [HKEY_CURRENT_USER\Software\AppDataLow\Software\BackgroundContainer\LogicFileManager]
    "LogicFilePath"="C:\Users\azadeth\AppData\Local\Conduit\BackgroundContainer\TBUpdaterLogic_1.0.0.2.dll"
    [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
    "BackgroundContainer"=""C:\Windows\SysWOW64\Rundll32.exe" "C:\Users\azadeth\AppData\Local\Conduit\BackgroundContainer\BackgroundContainer.dll",DllRun"
    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\IECT3289663]
    "DisplayIcon"="C:\ProgramData\Conduit\IE\CT3289663\SetupIcon.ico"
    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\IECT3289663]
    "UninstallString"="C:\ProgramData\Conduit\IE\CT3289663\UninstallerUI.exe -ctid=CT3289663 -toolbarName=InternetHelper3.1 -toolbarEnv=conduit -type=IE"
    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\IECT3316068]
    "DisplayIcon"="C:\ProgramData\Conduit\IE\CT3316068\SetupIcon.ico"
    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\IECT3316068]
    "UninstallString"="C:\ProgramData\Conduit\IE\CT3316068\UninstallerUI.exe -ctid=CT3316068 -toolbarName=SweetPacks A8 -toolbarEnv=conduit -type=IE"
    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{CBD30456-24F2-49BB-BEE6-E2B4EA6F8B95}]
    @="Conduit Engine API Server"
    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{CBD30456-24F2-49BB-BEE6-E2B4EA6F8B95}\InprocServer32]
    @="C:\Program Files (x86)\ConduitEngine\ConduitEngin1.dll"
    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{CBD30456-24F2-49BB-BEE6-E2B4EA6F8B95}\ProgID]
    @="Conduit.Engine"
    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{CBD30456-24F2-49BB-BEE6-E2B4EA6F8B95}\VersionIndependentProgID]
    @="Conduit.Engine"
    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{CBD30456-24F2-49BB-BEE6-E2B4EA6F8B95}]
    @="Conduit Engine API Server"
    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{CBD30456-24F2-49BB-BEE6-E2B4EA6F8B95}\InprocServer32]
    @="C:\Program Files (x86)\ConduitEngine\ConduitEngin1.dll"
    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{CBD30456-24F2-49BB-BEE6-E2B4EA6F8B95}\ProgID]
    @="Conduit.Engine"
    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{CBD30456-24F2-49BB-BEE6-E2B4EA6F8B95}\VersionIndependentProgID]
    @="Conduit.Engine"
    [HKEY_USERS\S-1-5-21-902427904-586344934-1443075455-1001\Software\AppDataLow\Software\BackgroundContainer\LogicFileManager]
    "LogicFilePath"="C:\Users\azadeth\AppData\Local\Conduit\BackgroundContainer\TBUpdaterLogic_1.0.0.2.dll"
    [HKEY_USERS\S-1-5-21-902427904-586344934-1443075455-1001\Software\Microsoft\Windows\CurrentVersion\Run]
    "BackgroundContainer"=""C:\Windows\SysWOW64\Rundll32.exe" "C:\Users\azadeth\AppData\Local\Conduit\BackgroundContainer\BackgroundContainer.dll",DllRun"
    [HKEY_USERS\S-1-5-21-902427904-586344934-1443075455-1008\Software\AppDataLow\Software\Conduit]
    [HKEY_USERS\S-1-5-21-902427904-586344934-1443075455-1008\Software\AppDataLow\Software\Conduit\Community Alerts\Data\Feeds\1174448]
    "Url"="http://alerts.conduit-services.com/root/1178763/1174448/US"
    [HKEY_USERS\S-1-5-21-902427904-586344934-1443075455-1008\Software\AppDataLow\Software\Conduit\Community Alerts\Data\Feeds\905414]
    "Url"="http://alerts.conduit-services.com/root/909619/905414/US"
    [HKEY_USERS\S-1-5-21-902427904-586344934-1443075455-1008\Software\AppDataLow\Software\Conduit\Community Alerts\Data\Feeds\905414]
    "Title"="Conduit Engine Notifications"
    [HKEY_USERS\S-1-5-21-902427904-586344934-1443075455-1008\Software\AppDataLow\Software\Conduit\Community Alerts\Settings]
    "ALPClientsServerName"="http://alert.client.conduit.com"
    [HKEY_USERS\S-1-5-21-902427904-586344934-1443075455-1008\Software\AppDataLow\Software\Conduit\Community Alerts\Settings]
    "ALPServicesServerName"="http://alert.services.conduit.com"
    [HKEY_USERS\S-1-5-21-902427904-586344934-1443075455-1008\Software\AppDataLow\Software\Conduit\Community Alerts\Settings]
    "AutoUpdateServerName"="http://alert.storage.conduit.com"
    [HKEY_USERS\S-1-5-21-902427904-586344934-1443075455-1008\Software\AppDataLow\Software\Conduit\Toolbar\Facebook\InfoService\http://facebook.conduit-services.com...rsion=6.2.6.0]
    [HKEY_USERS\S-1-5-21-902427904-586344934-1443075455-1008\Software\AppDataLow\Software\Conduit\Toolbar\Facebook\InfoService\http://facebook.conduit-services.com...rsion=6.2.7.3]
    [HKEY_USERS\S-1-5-21-902427904-586344934-1443075455-1008\Software\AppDataLow\Software\conduitEngine]
    [HKEY_USERS\S-1-5-21-902427904-586344934-1443075455-1008\Software\AppDataLow\Software\conduitEngine\toolbar\Repository\conduit_ConduitEngine]
    [HKEY_USERS\S-1-5-21-902427904-586344934-1443075455-1008\Software\AppDataLow\Software\conduitEngine\toolbar\Repository\IndexTable\ConduitEngine]
    [HKEY_USERS\S-1-5-21-902427904-586344934-1443075455-1008\Software\AppDataLow\Software\conduitEngine\toolbar\Repository\MetaData\3816002102]
    "dbname"="conduit_ConduitEngine"
    [HKEY_USERS\S-1-5-21-902427904-586344934-1443075455-1008\Software\AppDataLow\Software\uTorrentBar\toolbar]
    "GroupingServerURL"="http://grouping.services.conduit.com/"
    [HKEY_USERS\S-1-5-21-902427904-586344934-1443075455-1008\Software\AppDataLow\Software\uTorrentBar\toolbar]
    "SearchServerUrl"="http://search.conduit.com"
    [HKEY_USERS\S-1-5-21-902427904-586344934-1443075455-1008\Software\AppDataLow\Software\uTorrentBar\toolbar]
    "Server"="users.conduit.com"
    [HKEY_USERS\S-1-5-21-902427904-586344934-1443075455-1008\Software\AppDataLow\Software\uTorrentBar\toolbar]
    "UsageURL"="http://usage.users.conduit.com/UsersWebService.asmx/UsersRequests"
    [HKEY_USERS\S-1-5-21-902427904-586344934-1443075455-1008\Software\AppDataLow\Software\uTorrentBar\toolbar]
    "PrivacyPageURL"="http://www.conduit.com/privacy/Default.aspx"
    [HKEY_USERS\S-1-5-21-902427904-586344934-1443075455-1008\Software\AppDataLow\Software\uTorrentBar\toolbar]
    "DisplayTrusteSeal"="http://trust.conduit.com/EB_ORIGINAL_CTID"
    [HKEY_USERS\S-1-5-21-902427904-586344934-1443075455-1008\Software\AppDataLow\Software\uTorrentBar\toolbar]
    "ClientLogURL"="http://clientlog.users.conduit.com/ClientDiagnostics.asmx/ReportDiagnosticsEvent"
    [HKEY_USERS\S-1-5-21-902427904-586344934-1443075455-1008\Software\AppDataLow\Software\uTorrentBar\toolbar]
    "UninstallURL"="http://uninstall.users.conduit.com/Uninstall.asmx/RegisterToolbarUninstallation"
    [HKEY_USERS\S-1-5-21-902427904-586344934-1443075455-1008\Software\AppDataLow\Software\uTorrentBar\toolbar\Repository\conduit_CT2786678]
    [HKEY_USERS\S-1-5-21-902427904-586344934-1443075455-1008\Software\AppDataLow\Software\uTorrentBar\toolbar\Repository\conduit_CT2786678\AppsMetaData]
    "ServiceUrl"="http://appsmetadata.toolbar.conduit-services.com/?ctid=EB_TOOLBAR_ID"
    [HKEY_USERS\S-1-5-21-902427904-586344934-1443075455-1008\Software\AppDataLow\Software\uTorrentBar\toolbar\Repository\conduit_CT2786678\AppsSettings]
    "ServiceUrl"="http://mystuff.conduit-services.com/MyStuffService.ashx?ComponentId=EB_COMP_ID"
    [HKEY_USERS\S-1-5-21-902427904-586344934-1443075455-1008\Software\AppDataLow\Software\uTorrentBar\toolbar\Repository\conduit_CT2786678\AppTrackingFirstTime]
    "ServiceUrl"="http://tracking.usage.app.conduit-services.com/FirstTime.ashx?current=EB_APPTRACKING_CURRENT_STATE"
    [HKEY_USERS\S-1-5-21-902427904-586344934-1443075455-1008\Software\AppDataLow\Software\uTorrentBar\toolbar\Repository\conduit_CT2786678\AppTrackingUsage]
    "ServiceUrl"="http://tracking.usage.app.conduit-services.com/Usage.ashx"
    [HKEY_USERS\S-1-5-21-902427904-586344934-1443075455-1008\Software\AppDataLow\Software\uTorrentBar\toolbar\Repository\conduit_CT2786678\BrowserToolbarsInfo]
    "ServiceUrl"="http://counting.usage.toolbar.conduit-services.com/usage.ashx"
    [HKEY_USERS\S-1-5-21-902427904-586344934-1443075455-1008\Software\AppDataLow\Software\uTorrentBar\toolbar\Repository\conduit_CT2786678\ClientErrorLog]
    "ServiceUrl"="http://clientlog.users.conduit.com/ClientDiagnostics.asmx?op=ReportDiagnosticsEvent"
    [HKEY_USERS\S-1-5-21-902427904-586344934-1443075455-1008\Software\AppDataLow\Software\uTorrentBar\toolbar\Repository\conduit_CT2786678\DynamicDialogs]
    "ServiceUrl"="http://dynamicdialogs.toolbar.conduit-services.com/DLG.pkg?ver=EB_TOOLBAR_VERSION"
    [HKEY_USERS\S-1-5-21-902427904-586344934-1443075455-1008\Software\AppDataLow\Software\uTorrentBar\toolbar\Repository\conduit_CT2786678\GottenAppsContextMenu]
    "ServiceUrl"="http://contextmenu.toolbar.conduit-services.com/?name=GottenApps&locale=EB_LOCALE"
    [HKEY_USERS\S-1-5-21-902427904-586344934-1443075455-1008\Software\AppDataLow\Software\uTorrentBar\toolbar\Repository\conduit_CT2786678\OtherAppsContextMenu]
    "ServiceUrl"="http://contextmenu.toolbar.conduit-services.com/?name=OtherApps&locale=EB_LOCALE"
    [HKEY_USERS\S-1-5-21-902427904-586344934-1443075455-1008\Software\AppDataLow\Software\uTorrentBar\toolbar\Repository\conduit_CT2786678\SharedAppsContextMenu]
    "ServiceUrl"="http://contextmenu.toolbar.conduit-services.com/?name=SharedApps&locale=EB_LOCALE"
    [HKEY_USERS\S-1-5-21-902427904-586344934-1443075455-1008\Software\AppDataLow\Software\uTorrentBar\toolbar\Repository\conduit_CT2786678\ToolbarAppComponentUsage]
    "ServiceUrl"="http://component.usage.toolbar.conduit-services.com/ToolbarComponentUsage.ashx"
    [HKEY_USERS\S-1-5-21-902427904-586344934-1443075455-1008\Software\AppDataLow\Software\uTorrentBar\toolbar\Repository\conduit_CT2786678\ToolbarAppUsage]
    "ServiceUrl"="http://usage.toolbar.conduit-services.com/ToolbarUsage.ashx"
    [HKEY_USERS\S-1-5-21-902427904-586344934-1443075455-1008\Software\AppDataLow\Software\uTorrentBar\toolbar\Repository\conduit_CT2786678\ToolbarComponentUsage]
    "ServiceUrl"="http://component.usage.toolbar.conduit-services.com/ToolbarComponentUsage.ashx"
    [HKEY_USERS\S-1-5-21-902427904-586344934-1443075455-1008\Software\AppDataLow\Software\uTorrentBar\toolbar\Repository\conduit_CT2786678\ToolbarContextMenu]
    "ServiceUrl"="http://contextmenu.toolbar.conduit-services.com/?name=Toolbar&locale=EB_LOCALE"
    [HKEY_USERS\S-1-5-21-902427904-586344934-1443075455-1008\Software\AppDataLow\Software\uTorrentBar\toolbar\Repository\conduit_CT2786678\ToolbarLogin]
    "ServiceUrl"="http://login.toolbar.conduit-services.com/Login.ashx"
    [HKEY_USERS\S-1-5-21-902427904-586344934-1443075455-1008\Software\AppDataLow\Software\uTorrentBar\toolbar\Repository\conduit_CT2786678\ToolbarSettings]
    "ServiceUrl"="http://settings.toolbar.search.conduit.com/root/EB_TOOLBAR_ID/EB_ORIGINAL_CTID"
    [HKEY_USERS\S-1-5-21-902427904-586344934-1443075455-1008\Software\AppDataLow\Software\uTorrentBar\toolbar\Repository\conduit_CT2786678\ToolbarSettingsForPublisher]
    "ServiceUrl"="http://settings.publisher.toolbar.conduit-services.com/?ctid=EB_TOOLBAR_ID&octid=EB_ORIGINAL_CTID"
    [HKEY_USERS\S-1-5-21-902427904-586344934-1443075455-1008\Software\AppDataLow\Software\uTorrentBar\toolbar\Repository\conduit_CT2786678\ToolbarTranslation]
    "ServiceUrl"="http://translation.toolbar.conduit-services.com/?locale=EB_LOCALE"
    [HKEY_USERS\S-1-5-21-902427904-586344934-1443075455-1008\Software\AppDataLow\Software\uTorrentBar\toolbar\Repository\conduit_CT2786678\ToolbarUsage]
    "ServiceUrl"="http://usage.toolbar.conduit-services.com/ToolbarUsage.ashx"
    [HKEY_USERS\S-1-5-21-902427904-586344934-1443075455-1008\Software\AppDataLow\Software\uTorrentBar\toolbar\Repository\conduit_CT2786678_CT2786678]
    [HKEY_USERS\S-1-5-21-902427904-586344934-1443075455-1008\Software\AppDataLow\Software\uTorrentBar\toolbar\Repository\conduit_CT2786678_en]
    [HKEY_USERS\S-1-5-21-902427904-586344934-1443075455-1008\Software\AppDataLow\Software\uTorrentBar\toolbar\Repository\MetaData\2603034644]
    "dbname"="conduit_CT2786678_CT2786678"
    [HKEY_USERS\S-1-5-21-902427904-586344934-1443075455-1008\Software\AppDataLow\Software\uTorrentBar\toolbar\Repository\MetaData\2785187465]
    "dbname"="conduit_CT2786678_CT2786678"
    [HKEY_USERS\S-1-5-21-902427904-586344934-1443075455-1008\Software\AppDataLow\Software\uTorrentBar\toolbar\Repository\MetaData\3379646154]
    "dbname"="conduit_CT2786678_CT2786678"
    [HKEY_USERS\S-1-5-21-902427904-586344934-1443075455-1008\Software\AppDataLow\Software\uTorrentBar\toolbar\Repository\MetaData\3546921004]
    "dbname"="conduit_CT2786678_CT2786678"
    [HKEY_USERS\S-1-5-21-902427904-586344934-1443075455-1008\Software\AppDataLow\Software\uTorrentBar\toolbar\Repository\MetaData\590630172]
    "dbname"="conduit_CT2786678_en"
    [HKEY_USERS\S-1-5-21-902427904-586344934-1443075455-1008\Software\AppDataLow\Software\uTorrentBar\toolbar\settings]
    "SearchFromAdressUrl"="http://search.conduit.com/ResultsExt.aspx?ctid=CT2786678&q=MYSEARCHTERM"
    [HKEY_USERS\S-1-5-21-902427904-586344934-1443075455-1008\Software\AppDataLow\Software\uTorrentBar\toolbar\settings\LanguagePack]
    "LanguagePackServerUrl"="http://translation.users.conduit.com/Translation.ashx"
    [HKEY_USERS\S-1-5-21-902427904-586344934-1443075455-1008\Software\AppDataLow\Software\uTorrentBar\toolbar\settings\MyStuff]
    "AddStuffLink"="http://Apps.conduit.com/search?q=SEARCH_TERM&SearchSourceOrigin=29&ctid=EB_TOOLBAR_ID&octid=EB_ORIGINAL_CTID"
    [HKEY_USERS\S-1-5-21-902427904-586344934-1443075455-1008\Software\AppDataLow\Software\uTorrentBar\toolbar\settings\MyStuff]
    "ConduitEnable"="TRUE"
    [HKEY_USERS\S-1-5-21-902427904-586344934-1443075455-1008\Software\AppDataLow\Software\uTorrentBar\toolbar\settings\Search\Settings]
    "ContextMenuSearchUrl"="http://search.conduit.com/ResultsExt.aspx?q=MYSEARCHTERM&ctid=EB_CTID&octid=EB_ORIGINAL_CTID&SearchSource=8"
    [HKEY_USERS\S-1-5-21-902427904-586344934-1443075455-1008\Software\AppDataLow\Software\uTorrentBar\toolbar\settings\SearchInNewTab]
    "AboutTabsDataUrlConduit"="http://newtab.conduit-hosting.com/newtab/?ctid=EB_TOOLBAR_ID"
    [HKEY_USERS\S-1-5-21-902427904-586344934-1443075455-1008\Software\AppDataLow\Software\uTorrentBar\toolbar\settings\SearchInNewTab]
    "AboutTabsEnabledByConduit"="TRUE"
    [HKEY_USERS\S-1-5-21-902427904-586344934-1443075455-1008\Software\AppDataLow\Software\uTorrentBar\toolbar\settings\SearchInNewTab]
    "AboutTabsUsageUrl"="http://Usage.Hosting.conduit-services.com/UsageService.asmx/UsersRequests?ctid=EB_TOOLBAR_ID"
    [HKEY_USERS\S-1-5-21-902427904-586344934-1443075455-1008\Software\AppDataLow\Software\uTorrentBar\toolbar\settings\Update]
    "ModuleURL"="http://ieupdate.conduit.com/ver6.2.7.3/tbedrs.dll"
    [HKEY_USERS\S-1-5-21-902427904-586344934-1443075455-1008\Software\AppDataLow\Software\uTorrentBar\toolbar\settings\Upgrade]
    "ModuleURL"="http://ieupgrade.conduit-download.com/IEUpgrade/ver6.2.7.3/tbedrs.dll"
    [HKEY_USERS\S-1-5-21-902427904-586344934-1443075455-1008\Software\AppDataLow\Software\uTorrentBar\toolbar\settings\Weather]
    "SearchServerUrl"="http://search.conduit.com/"
    [HKEY_USERS\S-1-5-21-902427904-586344934-1443075455-1008\Software\AppDataLow\Software\uTorrentBar\toolbar\settings\Weather\en]
    "Forecast"="<FORECAST><LOCATION_ID>USNY0428</LOCATION_ID><DAYS><DAY1><DATE>20110221</DATE><DAY>Monday</DAY><F_MIN>14</F_MIN><F_MAX>35</F_MAX><C_MIN>-10</C_MIN><C_MAX>1</C_MAX><UV_DESCRIPTION>Moderate</UV_DESCRIPTION><UV_INDEX>3</UV_INDEX><SUNSET>5:35 pm</SUNSET><SUNRISE>6:40 am</SUNRISE><MOONRISE>10:09 pm</MOONRISE><MOONSET>8:05 am</MOONSET><MOON_PHASE>Waning Gibbous</MOON_PHASE><CONDITION_DESCRIPTION>Cloudy</CONDITION_DESCRIPTION><CONDITION_ICON>http://weather.conduit.com/images/weather/Default/cloudy_big.gif</CONDITION_ICON></DAY1><DAY2><DATE>20110222</DATE><DAY>Tuesday</DAY><F_MIN>16</F_MIN><F_MAX>33</F_MAX><C_MIN>-8</C_MIN><C_MAX>0</C_MAX><UV_DESCRIPTION>Moderate</UV_DESCRIPTION><UV_INDEX>3</UV_INDEX><SUNSET>5:36 pm</SUNSET><SUNRISE>6:39 am</SUNRISE><MOONRISE>11:23 pm</MOONRISE><MOONSET>8:41 am</MOONSET><MOON_PHASE>Waning Gibbous</MOON_PHASE><CONDITION_DESCRIPTION>Partly Cloudy</

    -= EOF =-

  2. #12
    Emeritus-Security Expert
    Join Date
    Nov 2005
    Location
    Florida's SpaceCoast
    Posts
    15,208

    Default

    I think I see what we need, run this program and post the logs, there may be more to remove and we can use it also to remove the registry entry that is causing you problems


    OTL by OldTimer
    • Download OTL to your desktop.
    • Double click on the icon to run it. Make sure all other windows are closed and to let it run uninterrupted.
    • When the window appears, underneath Output at the top change it to Minimal Output.
    • Click the "Scan All Users" checkbox.
    • Check the boxes beside LOP Check and Purity Check.
    • Click the Run Scan button. Do not change any settings unless otherwise told to do so. The scan wont take long.
      • When the scan completes, it will open two notepad windows. OTL.Txt and Extras.Txt.
        Note:These logs can be located in the OTL. folder on you C:\ drive if they fail to open automatically.
      • Please copy (Edit->Select All, Edit->Copy) the contents of these files, one at a time, and post it with your next reply. You may need two posts to fit them both in.
    Microsoft MVP Consumer Security 2007-2008-2009-2010-2011-2012-2013-2014

    ERROR MESSAGE 386
    No KeyBoard Detected
    Press F1 To Continue

    Just a reminder that threads will be closed if no reply in 3 days.

  3. #13
    Junior Member
    Join Date
    Oct 2013
    Posts
    17

    Default

    OTL logfile created on: 10/27/2013 3:05:12 PM - Run 1
    OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\azadeth\Desktop
    64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
    Internet Explorer (Version = 9.10.9200.16721)
    Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

    15.96 Gb Total Physical Memory | 12.02 Gb Available Physical Memory | 75.34% Memory free
    31.92 Gb Paging File | 27.71 Gb Available in Paging File | 86.81% Paging File free
    Paging file location(s): ?:\pagefile.sys [binary data]

    %SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
    Drive C: | 916.82 Gb Total Space | 476.93 Gb Free Space | 52.02% Space Free | Partition Type: NTFS
    Drive D: | 4.28 Gb Total Space | 0.00 Gb Free Space | 0.00% Space Free | Partition Type: UDF

    Computer Name: AZADETH-PC | User Name: azadeth | Logged in as Administrator.
    Boot Mode: Normal | Scan Mode: All users | Include 64bit Scans
    Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

    ========== Processes (SafeList) ==========

    PRC - C:\Users\azadeth\Desktop\OTL.exe (OldTimer Tools)
    PRC - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe (NVIDIA Corporation)
    PRC - C:\Program Files (x86)\AVG\AVG2014\avgui.exe (AVG Technologies CZ, s.r.o.)
    PRC - C:\Program Files (x86)\AVG\AVG2014\avgidsagent.exe (AVG Technologies CZ, s.r.o.)
    PRC - C:\Program Files (x86)\AVG\AVG2014\avgwdsvc.exe (AVG Technologies CZ, s.r.o.)
    PRC - C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\NvTmru.exe (NVIDIA Corporation)
    PRC - C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe (NVIDIA Corporation)
    PRC - C:\Users\azadeth\AppData\Local\Akamai\netsession_win.exe (Akamai Technologies, Inc.)
    PRC - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe (Adobe Systems Incorporated)
    PRC - C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe (Malwarebytes Corporation)
    PRC - C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe (Malwarebytes Corporation)
    PRC - C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe (Malwarebytes Corporation)
    PRC - C:\Users\azadeth\AppData\Local\Digsby\App\lib\digsby-app.exe (dotSyntax, LLC)
    PRC - C:\Program Files (x86)\Common Files\LogiShrd\LVMVFM\UMVPFSrv.exe (Logitech Inc.)
    PRC - C:\Program Files (x86)\Logitech\LWS\Webcam Software\LWS.exe (Logitech Inc.)
    PRC - C:\Program Files (x86)\Windows Media Player\wmplayer.exe (Microsoft Corporation)
    PRC - C:\Program Files\Logitech\GamePanel Software\Applets\LCDMedia.exe (Logitech Inc.)
    PRC - C:\Program Files (x86)\Dell DataSafe Online\DataSafeOnline.exe ()
    PRC - C:\Program Files (x86)\Dell V310-V510 Series\ezprint.exe ()
    PRC - C:\Program Files (x86)\Dell V310-V510 Series\dleamon.exe ()
    PRC - C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe (Intel Corporation)
    PRC - C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe (Intel Corporation)
    PRC - C:\Program Files (x86)\Multimedia Card Reader(9106)\ShwiconXP9106.exe (Alcor Micro Corp.)
    PRC - C:\Program Files (x86)\CyberLink\PowerDVD DX\PDVDDXSrv.exe (CyberLink Corp.)
    PRC - C:\Program Files\Dell\DellDock\DockLogin.exe (Stardock Corporation)
    PRC - C:\Program Files (x86)\Spybot - Search & Destroy\TeaTimer.exe (Safer-Networking Ltd.)
    PRC - C:\Program Files (x86)\Spybot - Search & Destroy\SDWinSec.exe (Safer Networking Ltd.)
    PRC - C:\Program Files (x86)\Common Files\Nero\Nero BackItUp 4\NBService.exe (Nero AG)
    PRC - C:\Program Files (x86)\Yahoo!\SoftwareUpdate\YahooAUService.exe (Yahoo! Inc.)


    ========== Modules (No Company Name) ==========

    MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\ef0a534be135cd8f0d99d938d8b1814a\System.Windows.Forms.ni.dll ()
    MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\WindowsBase\4eef5a3a4d0ed6d6fd882947a70df530\WindowsBase.ni.dll ()
    MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Configuration\29f3ae8d313e62b4daed1107ccd29f9f\System.Configuration.ni.dll ()
    MOD - C:\Users\azadeth\AppData\Local\Google\Chrome\Application\30.0.1599.101\ppgooglenaclpluginchrome.dll ()
    MOD - C:\Users\azadeth\AppData\Local\Google\Chrome\Application\30.0.1599.101\pdf.dll ()
    MOD - C:\Users\azadeth\AppData\Local\Google\Chrome\Application\30.0.1599.101\libglesv2.dll ()
    MOD - C:\Users\azadeth\AppData\Local\Google\Chrome\Application\30.0.1599.101\libegl.dll ()
    MOD - C:\Users\azadeth\AppData\Local\Google\Chrome\Application\30.0.1599.101\ffmpegsumo.dll ()
    MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Web.Services\3d075c3b7d099aca217beecac1f66b4b\System.Web.Services.ni.dll ()
    MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Runtime.Remo#\d473c19e69818875b9c739cad8f386a5\System.Runtime.Remoting.ni.dll ()
    MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Management\9a1bc983c28c695729b3e46acdc6933e\System.Management.ni.dll ()
    MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Drawing\5aa44bce7933e4de09d935848f868a4b\System.Drawing.ni.dll ()
    MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Xml\09db78d6068543df01862a023aca785a\System.Xml.ni.dll ()
    MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System\5d22a30e587e2cac106b81fb351e7c08\System.ni.dll ()
    MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\mscorlib\9a6c1b7af18b4d5a91dc7f8d6617522f\mscorlib.ni.dll ()
    MOD - C:\Program Files (x86)\Logitech\LWS\Webcam Software\QTGui4.dll ()
    MOD - C:\Program Files (x86)\Logitech\LWS\Webcam Software\QTXml4.dll ()
    MOD - C:\Program Files (x86)\Logitech\LWS\Webcam Software\ImageFormats\QJpeg4.dll ()
    MOD - C:\Program Files (x86)\Logitech\LWS\Webcam Software\ImageFormats\QGif4.dll ()
    MOD - C:\Program Files (x86)\Logitech\LWS\Webcam Software\QTCore4.dll ()
    MOD - C:\Users\azadeth\AppData\Local\Digsby\App\lib\wxwebkit.dll ()
    MOD - C:\Users\azadeth\AppData\Local\Digsby\App\lib\wxmsw28uh_core_vc.dll ()
    MOD - C:\Users\azadeth\AppData\Local\Digsby\App\lib\wx._webview.pyd ()
    MOD - C:\Users\azadeth\AppData\Local\Digsby\App\lib\python26.dll ()
    MOD - C:\Users\azadeth\AppData\Local\Digsby\App\lib\sip.pyd ()
    MOD - C:\Users\azadeth\AppData\Local\Digsby\App\lib\cgui.pyd ()
    MOD - C:\Users\azadeth\AppData\Local\Digsby\App\lib\blist.pyd ()
    MOD - C:\Users\azadeth\AppData\Local\Digsby\App\lib\buddylist.dll ()
    MOD - C:\Users\azadeth\AppData\Local\Digsby\App\lib\wx._wxcore.pyd ()
    MOD - C:\Users\azadeth\AppData\Local\Digsby\App\lib\wx._wxstc.pyd ()
    MOD - C:\Users\azadeth\AppData\Local\Digsby\App\lib\wxbase28uh_vc.dll ()
    MOD - C:\Users\azadeth\AppData\Local\Digsby\App\lib\wxmsw28uh_adv_vc.dll ()
    MOD - C:\Users\azadeth\AppData\Local\Digsby\App\lib\libxml2.dll ()
    MOD - C:\Users\azadeth\AppData\Local\Digsby\App\lib\libxmlmods.libxml2mod.pyd ()
    MOD - C:\Users\azadeth\AppData\Local\Digsby\App\lib\_xmlextra.pyd ()
    MOD - C:\Users\azadeth\AppData\Local\Digsby\App\lib\_sqlite3.pyd ()
    MOD - C:\Program Files (x86)\Dell DataSafe Online\DataSafeOnline.exe ()
    MOD - C:\Program Files (x86)\Dell DataSafe Online\SdbShared.dll ()
    MOD - C:\Program Files (x86)\Dell DataSafe Online\SdbShared.XmlSerializers.dll ()
    MOD - C:\Program Files (x86)\Dell DataSafe Online\SdbUI.dll ()
    MOD - C:\Program Files (x86)\Dell DataSafe Online\CppUtils.dll ()
    MOD - C:\Program Files (x86)\Dell V310-V510 Series\ezprint.exe ()
    MOD - C:\Program Files (x86)\Dell V310-V510 Series\dleamon.exe ()
    MOD - C:\Program Files (x86)\Dell V310-V510 Series\dleadrs.dll ()
    MOD - C:\Program Files (x86)\Dell V310-V510 Series\dleascw.dll ()
    MOD - C:\Program Files (x86)\Dell V310-V510 Series\DLEAcfg.dll ()
    MOD - C:\Program Files (x86)\Dell DataSafe Online\BalloonWindow.dll ()
    MOD - C:\Users\azadeth\AppData\Local\Digsby\App\lib\zlib1.dll ()
    MOD - C:\Program Files (x86)\Dell V310-V510 Series\epoemdll.dll ()
    MOD - C:\Program Files (x86)\Dell V310-V510 Series\epstring.dll ()
    MOD - C:\Program Files (x86)\Dell V310-V510 Series\epwizres.dll ()
    MOD - C:\Program Files (x86)\Dell V310-V510 Series\epwizard.dll ()
    MOD - C:\Program Files (x86)\Dell V310-V510 Series\customui.dll ()
    MOD - C:\Program Files (x86)\Dell V310-V510 Series\epfunct.dll ()
    MOD - C:\Program Files (x86)\Dell V310-V510 Series\eputil.dll ()
    MOD - C:\Program Files (x86)\Dell V310-V510 Series\imagutil.dll ()
    MOD - C:\Users\azadeth\AppData\Local\Digsby\App\lib\lxml.etree.pyd ()
    MOD - C:\Users\azadeth\AppData\Local\Digsby\App\lib\lxml.objectify.pyd ()
    MOD - C:\Users\azadeth\AppData\Local\Digsby\App\lib\libxslt.dll ()
    MOD - C:\Users\azadeth\AppData\Local\Digsby\App\lib\libexslt.dll ()
    MOD - C:\Program Files (x86)\Dell V310-V510 Series\dleadatr.dll ()
    MOD - C:\Users\azadeth\AppData\Local\Digsby\App\lib\wxmsw28uh_stc_vc.dll ()
    MOD - C:\Users\azadeth\AppData\Local\Digsby\App\lib\unicodedata.pyd ()
    MOD - C:\Users\azadeth\AppData\Local\Digsby\App\lib\pyexpat.pyd ()
    MOD - C:\Users\azadeth\AppData\Local\Digsby\App\lib\_ctypes.pyd ()
    MOD - C:\Users\azadeth\AppData\Local\Digsby\App\lib\bz2.pyd ()
    MOD - C:\Users\azadeth\AppData\Local\Digsby\App\lib\_socket.pyd ()
    MOD - C:\Users\azadeth\AppData\Local\Digsby\App\lib\_multiprocessing.pyd ()
    MOD - C:\Users\azadeth\AppData\Local\Digsby\App\lib\_ssl.pyd ()
    MOD - C:\Users\azadeth\AppData\Local\Digsby\App\lib\_hashlib.pyd ()
    MOD - C:\Users\azadeth\AppData\Local\Digsby\App\lib\select.pyd ()
    MOD - C:\Program Files (x86)\Dell V310-V510 Series\iptk.dll ()
    MOD - C:\Users\azadeth\AppData\Local\Digsby\App\lib\M2Crypto.__m2crypto.pyd ()
    MOD - C:\Users\azadeth\AppData\Local\Digsby\App\lib\_speedups.pyd ()
    MOD - C:\Users\azadeth\AppData\Local\Digsby\App\lib\_jsonspeedups.pyd ()
    MOD - C:\Users\azadeth\AppData\Local\Digsby\App\lib\PIL._imaging.pyd ()
    MOD - C:\Users\azadeth\AppData\Local\Digsby\App\lib\PIL._imagingmath.pyd ()
    MOD - C:\Users\azadeth\AppData\Local\Digsby\App\lib\iconv.dll ()
    MOD - C:\Users\azadeth\AppData\Local\Digsby\App\lib\sqlite3.dll ()
    MOD - C:\Users\azadeth\AppData\Local\Digsby\App\lib\_syck.pyd ()
    MOD - C:\Program Files (x86)\Dell V310-V510 Series\dleacaps.dll ()
    MOD - C:\Program Files (x86)\Dell V310-V510 Series\dleacnv4.dll ()
    MOD - C:\Program Files (x86)\Dell V310-V510 Series\dleaptp.dll ()


    ========== Services (SafeList) ==========

    SRV:64bit: - (NvStreamSvc) -- C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe (NVIDIA Corporation)
    SRV:64bit: - (WinDefend) -- C:\Program Files\Windows Defender\MpSvc.dll (Microsoft Corporation)
    SRV:64bit: - (dleaCATSCustConnectService) -- C:\Windows\SysNative\spool\DRIVERS\x64\3\\dleaserv.exe ()
    SRV:64bit: - (dlea_device) -- C:\Windows\SysNative\dleacoms.exe ( )
    SRV:64bit: - (AMD External Events Utility) -- C:\Windows\SysNative\atiesrxx.exe (AMD)
    SRV:64bit: - (DockLoginService) -- C:\Program Files\Dell\DellDock\DockLogin.exe (Stardock Corporation)
    SRV - (Stereo Service) -- C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe (NVIDIA Corporation)
    SRV - (AdobeFlashPlayerUpdateSvc) -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe (Adobe Systems Incorporated)
    SRV - (AVGIDSAgent) -- C:\Program Files (x86)\AVG\AVG2014\avgidsagent.exe (AVG Technologies CZ, s.r.o.)
    SRV - (avgwd) -- C:\Program Files (x86)\AVG\AVG2014\avgwdsvc.exe (AVG Technologies CZ, s.r.o.)
    SRV - (MozillaMaintenance) -- C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe (Mozilla Foundation)
    SRV - (Steam Client Service) -- C:\Program Files (x86)\Common Files\Steam\SteamService.exe (Valve Corporation)
    SRV - (HiPatchService) -- C:\Program Files (x86)\Hi-Rez Studios\HiPatchService.exe (Hi-Rez Studios)
    SRV - (nvUpdatusService) -- C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe (NVIDIA Corporation)
    SRV - (Akamai) -- c:\program files (x86)\common files\akamai/netsession_win_8fa3539.dll ()
    SRV - (AdobeARMservice) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe (Adobe Systems Incorporated)
    SRV - (MBAMService) -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe (Malwarebytes Corporation)
    SRV - (MBAMScheduler) -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe (Malwarebytes Corporation)
    SRV - (UMVPFSrv) -- C:\Program Files (x86)\Common Files\LogiShrd\LVMVFM\UMVPFSrv.exe (Logitech Inc.)
    SRV - (AVG Security Toolbar Service) -- C:\Program Files (x86)\AVG\AVG10\Toolbar\ToolbarBroker.exe ()
    SRV - (dleaCATSCustConnectService) -- C:\Windows\system32\spool\DRIVERS\x64\3\\dleaserv.exe ()
    SRV - (clr_optimization_v4.0.30319_32) -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe (Microsoft Corporation)
    SRV - (FLEXnet Licensing Service) -- C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe (Acresso Software Inc.)
    SRV - (GoToAssist) -- C:\Program Files (x86)\Citrix\GoToAssist\514\g2aservice.exe (Citrix Online, a division of Citrix Systems, Inc.)
    SRV - (SwitchBoard) -- C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe (Adobe Systems Incorporated)
    SRV - (dlea_device) -- C:\Windows\SysWOW64\dleacoms.exe ( )
    SRV - (IAStorDataMgrSvc) -- C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe (Intel Corporation)
    SRV - (RoxMediaDB10) -- c:\Program Files (x86)\Common Files\Roxio Shared\10.0\SharedCom\RoxMediaDB10.exe (Sonic Solutions)
    SRV - (clr_optimization_v2.0.50727_32) -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe (Microsoft Corporation)
    SRV - (Nero BackItUp Scheduler 4.0) -- C:\Program Files (x86)\Common Files\Nero\Nero BackItUp 4\NBService.exe (Nero AG)
    SRV - (YahooAUService) -- C:\Program Files (x86)\Yahoo!\SoftwareUpdate\YahooAUService.exe (Yahoo! Inc.)


    ========== Driver Services (SafeList) ==========

    DRV:64bit: - (avgtp) -- C:\Windows\SysNative\drivers\avgtpx64.sys (AVG Technologies)
    DRV:64bit: - (Avgdiska) -- C:\Windows\SysNative\drivers\avgdiska.sys (AVG Technologies CZ, s.r.o.)
    DRV:64bit: - (Avgrkx64) -- C:\Windows\SysNative\drivers\avgrkx64.sys (AVG Technologies CZ, s.r.o.)
    DRV:64bit: - (Avgldx64) -- C:\Windows\SysNative\drivers\avgldx64.sys (AVG Technologies CZ, s.r.o.)
    DRV:64bit: - (Avgloga) -- C:\Windows\SysNative\drivers\avgloga.sys (AVG Technologies CZ, s.r.o.)
    DRV:64bit: - (AVGIDSHA) -- C:\Windows\SysNative\drivers\avgidsha.sys (AVG Technologies CZ, s.r.o.)
    DRV:64bit: - (AVGIDSDriver) -- C:\Windows\SysNative\drivers\avgidsdrivera.sys (AVG Technologies CZ, s.r.o.)
    DRV:64bit: - (Avgmfx64) -- C:\Windows\SysNative\drivers\avgmfx64.sys (AVG Technologies CZ, s.r.o.)
    DRV:64bit: - (nvvad_WaveExtensible) -- C:\Windows\SysNative\drivers\nvvad64v.sys (NVIDIA Corporation)
    DRV:64bit: - (Avgtdia) -- C:\Windows\SysNative\drivers\avgtdia.sys (AVG Technologies CZ, s.r.o.)
    DRV:64bit: - (NVHDA) -- C:\Windows\SysNative\drivers\nvhda64v.sys (NVIDIA Corporation)
    DRV:64bit: - (MBAMProtector) -- C:\Windows\SysNative\drivers\mbam.sys (Malwarebytes Corporation)
    DRV:64bit: - (RdpVideoMiniport) -- C:\Windows\SysNative\drivers\rdpvideominiport.sys (Microsoft Corporation)
    DRV:64bit: - (TsUsbFlt) -- C:\Windows\SysNative\drivers\TsUsbFlt.sys (Microsoft Corporation)
    DRV:64bit: - (Fs_Rec) -- C:\Windows\SysNative\drivers\fs_rec.sys (Microsoft Corporation)
    DRV:64bit: - (LGSHidFilt) -- C:\Windows\SysNative\drivers\LGSHidFilt.Sys (Logitech Inc.)
    DRV:64bit: - (LVUVC64) -- C:\Windows\SysNative\drivers\lvuvc64.sys (Logitech Inc.)
    DRV:64bit: - (LVRS64) -- C:\Windows\SysNative\drivers\lvrs64.sys (Logitech Inc.)
    DRV:64bit: - (LMouFilt) -- C:\Windows\SysNative\drivers\LMouFilt.Sys (Logitech, Inc.)
    DRV:64bit: - (LHidFilt) -- C:\Windows\SysNative\drivers\LHidFilt.Sys (Logitech, Inc.)
    DRV:64bit: - (amdsata) -- C:\Windows\SysNative\drivers\amdsata.sys (Advanced Micro Devices)
    DRV:64bit: - (amdxata) -- C:\Windows\SysNative\drivers\amdxata.sys (Advanced Micro Devices)
    DRV:64bit: - (HpSAMD) -- C:\Windows\SysNative\drivers\HpSAMD.sys (Hewlett-Packard Company)
    DRV:64bit: - (Lbd) -- C:\Windows\SysNative\drivers\Lbd.sys (Lavasoft AB)
    DRV:64bit: - (LGVirHid) -- C:\Windows\SysNative\drivers\LGVirHid.sys (Logitech Inc.)
    DRV:64bit: - (LGBusEnum) -- C:\Windows\SysNative\drivers\LGBusEnum.sys (Logitech Inc.)
    DRV:64bit: - (atikmdag) -- C:\Windows\SysNative\drivers\atikmdag.sys (ATI Technologies Inc.)
    DRV:64bit: - (athr) -- C:\Windows\SysNative\drivers\athrx.sys (Atheros Communications, Inc.)
    DRV:64bit: - (iaStor) -- C:\Windows\SysNative\drivers\iaStor.sys (Intel Corporation)
    DRV:64bit: - (AtiHdmiService) -- C:\Windows\SysNative\drivers\AtiHdmi.sys (ATI Technologies, Inc.)
    DRV:64bit: - (IntcDAud) -- C:\Windows\SysNative\drivers\IntcDAud.sys (Intel(R) Corporation)
    DRV:64bit: - (HECIx64) -- C:\Windows\SysNative\drivers\HECIx64.sys (Intel Corporation)
    DRV:64bit: - (xusb21) -- C:\Windows\SysNative\drivers\xusb21.sys (Microsoft Corporation)
    DRV:64bit: - (k57nd60a) -- C:\Windows\SysNative\drivers\k57nd60a.sys (Broadcom Corporation)
    DRV:64bit: - (amdsbs) -- C:\Windows\SysNative\drivers\amdsbs.sys (AMD Technologies Inc.)
    DRV:64bit: - (LSI_SAS2) -- C:\Windows\SysNative\drivers\lsi_sas2.sys (LSI Corporation)
    DRV:64bit: - (stexstor) -- C:\Windows\SysNative\drivers\stexstor.sys (Promise Technology)
    DRV:64bit: - (StillCam) -- C:\Windows\SysNative\drivers\serscan.sys (Microsoft Corporation)
    DRV:64bit: - (PxHlpa64) -- C:\Windows\SysNative\drivers\PxHlpa64.sys (Sonic Solutions)
    DRV:64bit: - (ebdrv) -- C:\Windows\SysNative\drivers\evbda.sys (Broadcom Corporation)
    DRV:64bit: - (b06bdrv) -- C:\Windows\SysNative\drivers\bxvbda.sys (Broadcom Corporation)
    DRV:64bit: - (b57nd60a) -- C:\Windows\SysNative\drivers\b57nd60a.sys (Broadcom Corporation)
    DRV:64bit: - (hcw85cir) -- C:\Windows\SysNative\drivers\hcw85cir.sys (Hauppauge Computer Works, Inc.)
    DRV:64bit: - (UsbFltr) -- C:\Windows\SysNative\drivers\UsbFltr.sys (Waytech Development, Inc.)
    DRV - (WIMMount) -- C:\Windows\SysWOW64\drivers\wimmount.sys (Microsoft Corporation)


    ========== Standard Registry (SafeList) ==========


    ========== Internet Explorer ==========

    IE:64bit: - HKLM\..\SearchScopes,DefaultScope = {5F6E92C6-AA0B-441D-8AB6-D34568A340D8}
    IE:64bit: - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
    IE:64bit: - HKLM\..\SearchScopes\{5F6E92C6-AA0B-441D-8AB6-D34568A340D8}: "URL" = http://www.bing.com/search?q={searchTerms}&form=DLCDF8&pc=MDDC&src=IE-SearchBox
    IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
    IE - HKLM\..\SearchScopes,DefaultScope =
    IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
    IE - HKLM\..\SearchScopes\{BB5D1127-8CDC-4C4C-85D7-A609E2825578}: "URL" = http://www.bing.com/search?q={searchTerms}&form=DLCDF8&pc=MDDC&src=IE-SearchBox


    IE - HKU\.DEFAULT\..\URLSearchHook: {A3BC75A2-1F87-4686-AA43-5347D756017C} - No CLSID value found
    IE - HKU\.DEFAULT\..\SearchScopes,DefaultScope =
    IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
    IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = <local>

    IE - HKU\S-1-5-18\..\URLSearchHook: {A3BC75A2-1F87-4686-AA43-5347D756017C} - No CLSID value found
    IE - HKU\S-1-5-18\..\SearchScopes,DefaultScope =
    IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
    IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = <local>

    IE - HKU\S-1-5-19\..\SearchScopes,DefaultScope =

    IE - HKU\S-1-5-20\..\SearchScopes,DefaultScope =

    IE - HKU\S-1-5-21-902427904-586344934-1443075455-1001\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://g.msn.com/USCON/1
    IE - HKU\S-1-5-21-902427904-586344934-1443075455-1001\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://search.yahoo.com/?type=714647&fr=spigot-yhp-ie
    IE - HKU\S-1-5-21-902427904-586344934-1443075455-1001\..\URLSearchHook: {bf7380fa-e3b4-4db2-af3e-9d8783a45bfc} - No CLSID value found
    IE - HKU\S-1-5-21-902427904-586344934-1443075455-1001\..\SearchScopes,DefaultScope =
    IE - HKU\S-1-5-21-902427904-586344934-1443075455-1001\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE10SR
    IE - HKU\S-1-5-21-902427904-586344934-1443075455-1001\..\SearchScopes\{9BA9B3A2-3F0A-4CDE-B6A8-07EAFCB381E6}: "URL" = http://search.yahoo.com/search?fr=chr-greentree_ie&ei=utf-8&ilc=12&type=714647&p={searchTerms}
    IE - HKU\S-1-5-21-902427904-586344934-1443075455-1001\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
    IE - HKU\S-1-5-21-902427904-586344934-1443075455-1001\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = 127.0.0.1:9421;<local>

    IE - HKU\S-1-5-21-902427904-586344934-1443075455-1008\..\SearchScopes,DefaultScope =

    ========== FireFox ==========

    FF - prefs.js..browser.startup.homepage: "http://search.yahoo.com/?type=714647&fr=spigot-yhp-ff"
    FF - prefs.js..browser.search.defaultenginename: "Yahoo"
    FF - prefs.js..browser.search.selectedEngine: "Yahoo"
    FF - prefs.js..keyword.URL: "http://search.yahoo.com/search?fr=greentree_ff1&ei=utf-8&ilc=12&type=714647&p="
    FF - prefs.js..browser.search.param.yahoo-fr: "chr-greentree_ff&ilc=12&type=714647"
    FF - user.js - File not found

    FF:64bit: - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF64_11_9_900_117.dll File not found
    FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
    FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_9_900_117.dll ()
    FF - HKLM\Software\MozillaPlugins\@adobe.com/ShockwavePlayer: C:\Windows\system32\Adobe\Director\np32dsw.dll (Adobe Systems, Inc.)
    FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.45.2: C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
    FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.45.2: C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
    FF - HKLM\Software\MozillaPlugins\@messenger.yahoo.com/YahooMessengerStatePlugin;version=1.0.0.6: C:\Program Files (x86)\Yahoo!\Shared\npYState.dll (Yahoo! Inc.)
    FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
    FF - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeLive,version=1.5: C:\Program Files (x86)\Microsoft\Office Live\npOLW.dll (Microsoft Corp.)
    FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3502.0922: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
    FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3508.1109: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
    FF - HKLM\Software\MozillaPlugins\@nvidia.com/3DVision: C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)
    FF - HKLM\Software\MozillaPlugins\@nvidia.com/3DVisionStreaming: C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)
    FF - HKLM\Software\MozillaPlugins\@pandonetworks.com/PandoWebPlugin: C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks)
    FF - HKLM\Software\MozillaPlugins\@videolan.org/vlc,version=2.0.3: C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
    FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
    FF - HKCU\Software\MozillaPlugins\@talk.google.com/GoogleTalkPlugin: C:\Users\azadeth\AppData\Roaming\Mozilla\plugins\npgoogletalk.dll (Google)
    FF - HKCU\Software\MozillaPlugins\@talk.google.com/O1DPlugin: C:\Users\azadeth\AppData\Roaming\Mozilla\plugins\npo1d.dll (Google)
    FF - HKCU\Software\MozillaPlugins\@talk.google.com/O3DPlugin: C:\Users\azadeth\AppData\Roaming\Mozilla\plugins\npgtpo3dautoplugin.dll ()
    FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Users\azadeth\AppData\Local\Google\Update\1.3.21.165\npGoogleUpdate3.dll (Google Inc.)
    FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Users\azadeth\AppData\Local\Google\Update\1.3.21.165\npGoogleUpdate3.dll (Google Inc.)
    FF - HKCU\Software\MozillaPlugins\@unity3d.com/UnityPlayer,version=1.0: C:\Users\azadeth\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll (Unity Technologies ApS)
    FF - HKCU\Software\MozillaPlugins\pandonetworks.com/PandoWebPlugin: C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks)

    FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 24.0\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2013/08/30 20:47:50 | 000,000,000 | ---D | M]
    FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 24.0\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2013/09/12 06:38:07 | 000,000,000 | ---D | M]

    [2013/10/13 14:31:44 | 000,000,000 | ---D | M] (No name found) -- C:\Users\azadeth\AppData\Roaming\Mozilla\Extensions
    [2013/10/27 11:02:02 | 000,000,000 | ---D | M] (No name found) -- C:\Users\azadeth\AppData\Roaming\Mozilla\Firefox\Profiles\wkj2s5gh.default\extensions
    [2013/10/13 21:36:24 | 000,000,000 | ---D | M] (DownloadHelper) -- C:\Users\azadeth\AppData\Roaming\Mozilla\Firefox\Profiles\wkj2s5gh.default\extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d}
    [2013/10/25 18:07:51 | 000,000,000 | ---D | M] (Word Layers) -- C:\Users\azadeth\AppData\Roaming\Mozilla\Firefox\Profiles\wkj2s5gh.default\extensions\ugnraew@jqhljqmpngx.net
    [2013/10/26 01:09:51 | 000,000,915 | ---- | M] () -- C:\Users\azadeth\AppData\Roaming\Mozilla\Firefox\Profiles\wkj2s5gh.default\searchplugins\yahoo.xml
    [2013/10/25 18:07:51 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\Mozilla Firefox\extensions
    [2013/08/30 20:47:50 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0033-ABCDEFFEDCBA}
    [2013/08/30 20:47:50 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0035-ABCDEFFEDCBA}
    [2013/10/25 18:07:51 | 000,000,000 | ---D | M] (Word Layers) -- C:\Program Files (x86)\Mozilla Firefox\extensions\ugnraew@jqhljqmpngx.net
    [2013/08/30 20:47:50 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\Mozilla Firefox\browser\extensions
    [2013/10/13 14:30:57 | 000,000,000 | ---D | M] (Default) -- C:\Program Files (x86)\Mozilla Firefox\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
    [2008/08/16 17:42:02 | 000,070,456 | ---- | M] (Citrix Systems, Inc.) -- C:\Program Files (x86)\mozilla firefox\plugins\CgpCore.dll
    [2008/08/16 17:42:12 | 000,091,448 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\plugins\confmgr.dll
    [2008/08/16 17:42:08 | 000,020,800 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\plugins\ctxlogging.dll
    [2008/05/21 08:41:08 | 000,479,232 | ---- | M] (Microsoft Corporation) -- C:\Program Files (x86)\mozilla firefox\plugins\msvcm80.dll
    [2008/05/21 08:41:08 | 000,548,864 | ---- | M] (Microsoft Corporation) -- C:\Program Files (x86)\mozilla firefox\plugins\msvcp80.dll
    [2008/05/21 08:41:08 | 000,626,688 | ---- | M] (Microsoft Corporation) -- C:\Program Files (x86)\mozilla firefox\plugins\msvcr80.dll
    [2008/08/16 17:44:46 | 000,427,312 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\plugins\npicaN.dll
    [2010/01/13 18:46:00 | 000,063,488 | ---- | M] (Nullsoft, Inc.) -- C:\Program Files (x86)\mozilla firefox\plugins\npwachk.dll
    [2008/08/16 17:42:04 | 000,023,864 | ---- | M] (Citrix Systems, Inc.) -- C:\Program Files (x86)\mozilla firefox\plugins\TcpPServ.dll

    ========== Chrome ==========

    CHR - default_search_provider: Google (Enabled)
    CHR - default_search_provider: search_url = {google:baseURL}search?q={searchTerms}&{google:RLZ}{google:originalQueryForSuggestion}{google:assistedQueryStats}{google:searchFieldtrialParameter}{google:searchClient}{google:sourceId}{google:instantExtendedEnabledParameter}{google:omniboxStartMarginParameter}ie={inputEncoding}
    CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client={google:suggestClient}&q={searchTerms}&{google:cursorPosition}{google:zeroPrefixUrl}{google:pageClassification}sugkey={google:suggestAPIKeyParameter},
    CHR - homepage: http://www.google.com/
    CHR - Extension: Google Docs = C:\Users\azadeth\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake\0.5_0\
    CHR - Extension: Google Drive = C:\Users\azadeth\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\6.3_0\
    CHR - Extension: YouTube = C:\Users\azadeth\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.6_0\
    CHR - Extension: Adblock Plus = C:\Users\azadeth\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb\1.6.1_0\
    CHR - Extension: Google Search = C:\Users\azadeth\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.20_0\
    CHR - Extension: AdBlock = C:\Users\azadeth\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom\2.6.10_0\
    CHR - Extension: Circloscope Premium = C:\Users\azadeth\AppData\Local\Google\Chrome\User Data\Default\Extensions\mechgkelogghhgmpmbpofjijifdppppl\2013.7.18_0\
    CHR - Extension: Recent Bookmarks = C:\Users\azadeth\AppData\Local\Google\Chrome\User Data\Default\Extensions\olndffocioplakeilhkgenfgdincjlpn\1.5.2_0\
    CHR - Extension: Gmail = C:\Users\azadeth\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_1\

    O1 HOSTS File: ([2013/10/27 11:36:09 | 000,450,690 | R--- | M]) - C:\Windows\SysNative\drivers\etc\hosts
    O1 - Hosts: 127.0.0.1 activate.adobe.com
    O1 - Hosts: 127.0.0.1 www.007guard.com
    O1 - Hosts: 127.0.0.1 007guard.com
    O1 - Hosts: 127.0.0.1 008i.com
    O1 - Hosts: 127.0.0.1 www.008k.com
    O1 - Hosts: 127.0.0.1 008k.com
    O1 - Hosts: 127.0.0.1 www.00hq.com
    O1 - Hosts: 127.0.0.1 00hq.com
    O1 - Hosts: 127.0.0.1 010402.com
    O1 - Hosts: 127.0.0.1 www.032439.com
    O1 - Hosts: 127.0.0.1 032439.com
    O1 - Hosts: 127.0.0.1 www.0scan.com
    O1 - Hosts: 127.0.0.1 0scan.com
    O1 - Hosts: 127.0.0.1 1000gratisproben.com
    O1 - Hosts: 127.0.0.1 www.1000gratisproben.com
    O1 - Hosts: 127.0.0.1 1001namen.com
    O1 - Hosts: 127.0.0.1 www.1001namen.com
    O1 - Hosts: 127.0.0.1 100888290cs.com
    O1 - Hosts: 127.0.0.1 www.100888290cs.com
    O1 - Hosts: 127.0.0.1 www.100sexlinks.com
    O1 - Hosts: 127.0.0.1 100sexlinks.com
    O1 - Hosts: 127.0.0.1 10sek.com
    O1 - Hosts: 127.0.0.1 www.10sek.com
    O1 - Hosts: 127.0.0.1 www.1-2005-search.com
    O1 - Hosts: 127.0.0.1 1-2005-search.com
    O1 - Hosts: 15468 more lines...
    O2:64bit: - BHO: (SnagIt Toolbar Loader) - {00C6482D-C502-44C8-8409-FCE54AD9C208} - C:\Program Files (x86)\TechSmith\Snagit 9\DLLx64\SnagitBHO64.dll (TechSmith Corporation)
    O2:64bit: - BHO: (no name) - {27B4851A-3207-45A2-B947-BE8AFE6163AB} - No CLSID value found.
    O2 - BHO: (SnagIt Toolbar Loader) - {00C6482D-C502-44C8-8409-FCE54AD9C208} - C:\Program Files (x86)\TechSmith\Snagit 9\SnagitBHO.dll (TechSmith Corporation)
    O2 - BHO: (Dell Toolbar) - {09B71986-2AC5-482d-B6CB-42EA34F4F85B} - C:\Program Files\Dell Printable Web\toolband.dll ()
    O2 - BHO: (no name) - {27B4851A-3207-45A2-B947-BE8AFE6163AB} - No CLSID value found.
    O2 - BHO: (no name) - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - No CLSID value found.
    O2 - BHO: (Spybot-S&D IE Protection) - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files (x86)\Spybot - Search & Destroy\SDHelper.dll (Safer Networking Limited)
    O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
    O2 - BHO: (no name) - {7DB2D5A0-7241-4E79-B68D-6309F01C5231} - No CLSID value found.
    O2 - BHO: (no name) - {8182E209-46EC-47BB-9FD2-8A90A81817B8} - No CLSID value found.
    O2 - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
    O3 - HKLM\..\Toolbar: (Dell Toolbar) - {09B71986-2AC5-482d-B6CB-42EA34F4F85B} - C:\Program Files\Dell Printable Web\toolband.dll ()
    O3 - HKLM\..\Toolbar: (Snagit) - {8FF5E183-ABDE-46EB-B09E-D2AAB95CABE3} - C:\Program Files (x86)\TechSmith\Snagit 9\SnagitIEAddin.dll (TechSmith Corporation)
    O3 - HKU\.DEFAULT\..\Toolbar\WebBrowser: (no name) - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - No CLSID value found.
    O3 - HKU\.DEFAULT\..\Toolbar\WebBrowser: (no name) - {8FF5E180-ABDE-46EB-B09E-D2AAB95CABE3} - No CLSID value found.
    O3 - HKU\S-1-5-18\..\Toolbar\WebBrowser: (no name) - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - No CLSID value found.
    O3 - HKU\S-1-5-18\..\Toolbar\WebBrowser: (no name) - {8FF5E180-ABDE-46EB-B09E-D2AAB95CABE3} - No CLSID value found.
    O3 - HKU\S-1-5-21-902427904-586344934-1443075455-1001\..\Toolbar\WebBrowser: (no name) - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - No CLSID value found.
    O3 - HKU\S-1-5-21-902427904-586344934-1443075455-1001\..\Toolbar\WebBrowser: (no name) - {8FF5E180-ABDE-46EB-B09E-D2AAB95CABE3} - No CLSID value found.
    O3 - HKU\S-1-5-21-902427904-586344934-1443075455-1001\..\Toolbar\WebBrowser: (no name) - {BF7380FA-E3B4-4DB2-AF3E-9D8783A45BFC} - No CLSID value found.
    O4:64bit: - HKLM..\Run: [AdobeAAMUpdater-1.0] C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe (Adobe Systems Incorporated)
    O4:64bit: - HKLM..\Run: [dleamon.exe] C:\Program Files (x86)\Dell V310-V510 Series\dleamon.exe ()
    O4:64bit: - HKLM..\Run: [EzPrint] C:\Program Files (x86)\Dell V310-V510 Series\ezprint.exe ()
    O4:64bit: - HKLM..\Run: [Launch LCDMon] C:\Program Files\Logitech\GamePanel Software\LCD Manager\LCDMon.exe (Logitech Inc.)
    O4:64bit: - HKLM..\Run: [Launch LCore] C:\Program Files\Logitech Gaming Software\LCore.exe (Logitech Inc.)
    O4:64bit: - HKLM..\Run: [Launch LGDCore] C:\Program Files\Logitech\GamePanel Software\G-series Software\LGDCore.exe (Logitech Inc.)
    O4:64bit: - HKLM..\Run: [Launch LgDeviceAgent] C:\Program Files\Logitech\GamePanel Software\LgDevAgt.exe (Logitech Inc.)
    O4:64bit: - HKLM..\Run: [LifeChat] C:\Program Files\Microsoft LifeChat\LifeChat.exe (Microsoft Corporation)
    O4:64bit: - HKLM..\Run: [Nvtmru] C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\nvtmru.exe (NVIDIA Corporation)
    O4:64bit: - HKLM..\Run: [RtHDVCpl] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe (Realtek Semiconductor)
    O4:64bit: - HKLM..\Run: [RunDLLEntry_EptMon] C:\Windows\SysNative\EptMon64.DLL (Creative Technology Ltd.)
    O4:64bit: - HKLM..\Run: [RunDLLEntry_THXCfg] C:\Windows\SysNative\THXCfg64.DLL (Creative Technology Ltd.)
    O4:64bit: - HKLM..\Run: [XboxStat] C:\Program Files\Microsoft Xbox 360 Accessories\XboxStat.exe (Microsoft Corporation)
    O4 - HKLM..\Run: [] File not found
    O4 - HKLM..\Run: [AdobeCS5ServiceManager] C:\Program Files (x86)\Common Files\Adobe\CS5ServiceManager\CS5ServiceManager.exe (Adobe Systems Incorporated)
    O4 - HKLM..\Run: [APSDaemon] C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe (Apple Inc.)
    O4 - HKLM..\Run: [AVG_UI] C:\Program Files (x86)\AVG\AVG2014\avgui.exe (AVG Technologies CZ, s.r.o.)
    O4 - HKLM..\Run: [Dell DataSafe Online] C:\Program Files (x86)\Dell DataSafe Online\DataSafeOnline.exe ()
    O4 - HKLM..\Run: [DellSupportCenter] "C:\Program Files (x86)\Dell Support Center\bin\sprtcmd.exe" /P DellSupportCenter File not found
    O4 - HKLM..\Run: [IAStorIcon] C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe (Intel Corporation)
    O4 - HKLM..\Run: [LWS] C:\Program Files (x86)\Logitech\LWS\Webcam Software\LWS.exe (Logitech Inc.)
    O4 - HKLM..\Run: [PDVDDXSrv] C:\Program Files (x86)\CyberLink\PowerDVD DX\PDVDDXSrv.exe (CyberLink Corp.)
    O4 - HKLM..\Run: [ShwiconXP9106] C:\Program Files (x86)\Multimedia Card Reader(9106)\ShwiconXP9106.exe (Alcor Micro Corp.)
    O4 - HKLM..\Run: [StartCCC] c:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe (Advanced Micro Devices, Inc.)
    O4 - HKLM..\Run: [SwitchBoard] C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe (Adobe Systems Incorporated)
    O4 - HKLM..\Run: [UpdReg] C:\Windows\Updreg.EXE (Creative Technology Ltd.)
    O4 - HKU\S-1-5-19..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation)
    O4 - HKU\S-1-5-20..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation)
    O4 - HKU\S-1-5-21-902427904-586344934-1443075455-1001..\Run: [AdobeBridge] File not found
    O4 - HKU\S-1-5-21-902427904-586344934-1443075455-1001..\Run: [Akamai NetSession Interface] C:\Users\azadeth\AppData\Local\Akamai\netsession_win.exe (Akamai Technologies, Inc.)
    O4 - HKU\S-1-5-21-902427904-586344934-1443075455-1001..\Run: [BackgroundContainer] "C:\Windows\SysWOW64\Rundll32.exe" "C:\Users\azadeth\AppData\Local\Conduit\BackgroundContainer\BackgroundContainer.dll",DllRun File not found
    O4 - HKU\S-1-5-21-902427904-586344934-1443075455-1001..\Run: [HP Photosmart 5520 series (NET)] C:\Program Files\HP\HP Photosmart 5520 series\Bin\ScanToPCActivationApp.exe (Hewlett-Packard Co.)
    O4 - HKU\S-1-5-21-902427904-586344934-1443075455-1001..\Run: [Pando Media Booster] C:\Program Files (x86)\Pando Networks\Media Booster\PMB.exe ()
    O4 - HKU\S-1-5-21-902427904-586344934-1443075455-1001..\Run: [SpybotSD TeaTimer] C:\Program Files (x86)\Spybot - Search & Destroy\TeaTimer.exe (Safer-Networking Ltd.)
    O4 - HKU\S-1-5-21-902427904-586344934-1443075455-1008..\Run: [AVG-Secure-Search-Update_JUNE2013_TB] "C:\Program Files (x86)\AVG Secure Search\AVG-Secure-Search-Update_JUNE2013_TB.exe" /PROMPT /CMPID=JUNE2013_TB File not found
    O4 - HKU\S-1-5-21-902427904-586344934-1443075455-1008..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation)
    O4 - HKU\S-1-5-19..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found
    O4 - HKU\S-1-5-20..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found
    O4 - HKU\S-1-5-21-902427904-586344934-1443075455-1008..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found
    O4 - Startup: C:\Users\azadeth\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dell Dock.lnk = File not found
    O4 - Startup: C:\Users\azadeth\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Digsby.lnk = C:\Users\azadeth\AppData\Local\Digsby\App\digsby.exe ()
    O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
    O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
    O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
    O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 0
    O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLUA = 0
    O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: PromptOnSecureDesktop = 0
    O7 - HKU\S-1-5-21-902427904-586344934-1443075455-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
    O9 - Extra 'Tools' menuitem : Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Program Files (x86)\Spybot - Search & Destroy\SDHelper.dll (Safer Networking Limited)
    O1364bit: - gopher Prefix: missing
    O13 - gopher Prefix: missing
    O15 - HKU\.DEFAULT\..Trusted Domains: clonewarsadventures.com ([]* in Trusted sites)
    O15 - HKU\.DEFAULT\..Trusted Domains: freerealms.com ([]* in Trusted sites)
    O15 - HKU\.DEFAULT\..Trusted Domains: soe.com ([]* in Trusted sites)
    O15 - HKU\.DEFAULT\..Trusted Domains: sony.com ([]* in Trusted sites)
    O15 - HKU\S-1-5-18\..Trusted Domains: clonewarsadventures.com ([]* in Trusted sites)
    O15 - HKU\S-1-5-18\..Trusted Domains: freerealms.com ([]* in Trusted sites)
    O15 - HKU\S-1-5-18\..Trusted Domains: soe.com ([]* in Trusted sites)
    O15 - HKU\S-1-5-18\..Trusted Domains: sony.com ([]* in Trusted sites)
    O15 - HKU\S-1-5-19\..Trusted Domains: clonewarsadventures.com ([]* in )
    O15 - HKU\S-1-5-19\..Trusted Domains: freerealms.com ([]* in )
    O15 - HKU\S-1-5-19\..Trusted Domains: soe.com ([]* in )
    O15 - HKU\S-1-5-19\..Trusted Domains: sony.com ([]* in )
    O15 - HKU\S-1-5-20\..Trusted Domains: clonewarsadventures.com ([]* in )
    O15 - HKU\S-1-5-20\..Trusted Domains: freerealms.com ([]* in )
    O15 - HKU\S-1-5-20\..Trusted Domains: soe.com ([]* in )
    O15 - HKU\S-1-5-20\..Trusted Domains: sony.com ([]* in )
    O15 - HKU\S-1-5-21-902427904-586344934-1443075455-1001\..Trusted Domains: clonewarsadventures.com ([]* in Trusted sites)
    O15 - HKU\S-1-5-21-902427904-586344934-1443075455-1001\..Trusted Domains: freerealms.com ([]* in Trusted sites)
    O15 - HKU\S-1-5-21-902427904-586344934-1443075455-1001\..Trusted Domains: soe.com ([]* in Trusted sites)
    O15 - HKU\S-1-5-21-902427904-586344934-1443075455-1001\..Trusted Domains: sony.com ([]* in Trusted sites)
    O16:64bit: - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jin...ndows-i586.cab (Java Plug-in 1.6.0_17)
    O16:64bit: - DPF: {CAFEEFAC-0016-0000-0017-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jin...ndows-i586.cab (Java Plug-in 1.6.0_17)
    O16:64bit: - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jin...ndows-i586.cab (Java Plug-in 1.6.0_17)
    O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.7.0/jin...ndows-i586.cab (Java Plug-in 10.45.2)
    O16 - DPF: {CAFEEFAC-0016-0000-0017-ABCDEFFEDCBA} Reg Error: Value error. (Java Plug-in 1.6.0_17)
    O16 - DPF: {CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jin...ndows-i586.cab (Java Plug-in 1.6.0_24)
    O16 - DPF: {CAFEEFAC-0017-0000-0017-ABCDEFFEDCBA} http://java.sun.com/update/1.7.0/jin...ndows-i586.cab (Java Plug-in 1.7.0_17)
    O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jin...ndows-i586.cab (Java Plug-in 10.45.2)
    O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 209.18.47.61 209.18.47.62
    O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{2495A0B1-68CF-4A27-9D40-C6628707C984}: DhcpNameServer = 209.18.47.61 209.18.47.62
    O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{27555421-7781-4AD0-A67D-A4D15696D33C}: DhcpNameServer = 209.18.47.61 209.18.47.62
    O18:64bit: - Protocol\Handler\linkscanner {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files (x86)\AVG\AVG2012\avgppa.dll File not found
    O18:64bit: - Protocol\Handler\livecall - No CLSID value found
    O18:64bit: - Protocol\Handler\ms-help - No CLSID value found
    O18:64bit: - Protocol\Handler\msnim - No CLSID value found
    O18:64bit: - Protocol\Handler\wlmailhtml - No CLSID value found
    O18:64bit: - Protocol\Handler\wlpg - No CLSID value found
    O18 - Protocol\Handler\linkscanner {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files (x86)\AVG\AVG2012\avgpp.dll File not found
    O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
    O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
    O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
    O20 - HKLM Winlogon: UserInit - (userinit.exe) - C:\Windows\SysWow64\userinit.exe (Microsoft Corporation)
    O20:64bit: - Winlogon\Notify\GoToAssist: DllName - (C:\Program Files (x86)\Citrix\GoToAssist\514\G2AWinLogon_x64.dll) - File not found
    O20 - Winlogon\Notify\GoToAssist: DllName - (Reg Error: Value error.) - Reg Error: Value error. File not found
    O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
    O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
    O32 - HKLM CDRom: AutoRun - 1
    O32 - AutoRun File - [2010/05/02 15:32:30 | 000,000,000 | ---D | M] - C:\Autorun -- [ NTFS ]
    O32 - AutoRun File - [2007/11/29 00:35:54 | 000,995,328 | R--- | M] () - D:\AutoPlay.exe -- [ UDF ]
    O32 - AutoRun File - [2007/11/29 00:35:54 | 000,002,072 | R--- | M] () - D:\autoplay.ini -- [ UDF ]
    O32 - AutoRun File - [2007/12/19 15:57:08 | 000,000,748 | R--- | M] () - D:\AutoPlay.ucs -- [ UDF ]
    O32 - AutoRun File - [2007/11/29 00:35:54 | 000,576,056 | R--- | M] () - D:\AutoRun.bmp -- [ UDF ]
    O32 - AutoRun File - [2007/11/29 00:36:01 | 000,000,049 | R--- | M] () - D:\autorun.inf -- [ UDF ]
    O33 - MountPoints2\{2f750223-2546-11df-8925-806e6f6e6963}\Shell - "" = AutoRun
    O33 - MountPoints2\{2f750223-2546-11df-8925-806e6f6e6963}\Shell\AutoRun\command - "" = D:\AutoPlay.exe -- [2007/11/29 00:35:54 | 000,995,328 | R--- | M] ()
    O34 - HKLM BootExecute: (autocheck autochk *)
    O35:64bit: - HKLM\..comfile [open] -- "%1" %*
    O35:64bit: - HKLM\..exefile [open] -- "%1" %*
    O35 - HKLM\..comfile [open] -- "%1" %*
    O35 - HKLM\..exefile [open] -- "%1" %*
    O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
    O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
    O37 - HKLM\...com [@ = comfile] -- "%1" %*
    O37 - HKLM\...exe [@ = exefile] -- "%1" %*
    O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
    O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
    O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)

    ========== Files/Folders - Created Within 30 Days ==========

    [2013/10/27 14:31:34 | 000,602,112 | ---- | C] (OldTimer Tools) -- C:\Users\azadeth\Desktop\OTL.exe
    [2013/10/27 13:41:53 | 000,000,000 | ---D | C] -- C:\Users\azadeth\AppData\Roaming\Malwarebytes
    [2013/10/27 13:41:45 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes' Anti-Malware
    [2013/10/27 13:41:44 | 000,025,928 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\mbam.sys
    [2013/10/27 13:41:44 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Malwarebytes' Anti-Malware
    [2013/10/27 13:41:44 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes
    [2013/10/27 11:30:18 | 000,000,000 | ---D | C] -- C:\Users\azadeth\Desktop\Cleaning
    [2013/10/27 11:09:30 | 000,000,000 | ---D | C] -- C:\Windows\ERUNT
    [2013/10/26 23:38:05 | 000,000,000 | ---D | C] -- C:\AdwCleaner
    [2013/10/25 18:07:52 | 000,000,000 | ---D | C] -- C:\Users\azadeth\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Word Layers
    [2013/10/24 22:06:35 | 000,000,000 | -HSD | C] -- C:\Config.Msi
    [2013/10/22 17:56:01 | 025,256,224 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvcompiler.dll
    [2013/10/22 17:56:01 | 022,933,280 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvoglv32.dll
    [2013/10/22 17:56:01 | 018,243,632 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvd3dumx.dll
    [2013/10/22 17:56:01 | 017,560,352 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvcompiler.dll
    [2013/10/22 17:56:01 | 015,858,664 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvwgf2um.dll
    [2013/10/22 17:56:01 | 011,415,232 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvcuda.dll
    [2013/10/22 17:56:01 | 011,362,672 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvopencl.dll
    [2013/10/22 17:56:01 | 009,516,872 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvcuda.dll
    [2013/10/22 17:56:01 | 009,472,600 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvopencl.dll
    [2013/10/22 17:56:01 | 003,131,680 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvcuvid.dll
    [2013/10/22 17:56:01 | 003,124,512 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvcuvenc.dll
    [2013/10/22 17:56:01 | 002,946,848 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvcuvid.dll
    [2013/10/22 17:56:01 | 002,747,168 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvcuvenc.dll
    [2013/10/22 17:56:01 | 001,884,448 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvdispco6433158.dll
    [2013/10/22 17:56:01 | 001,511,712 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvdispgenco6433158.dll
    [2013/10/22 17:56:01 | 001,241,376 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvumdshim.dll
    [2013/10/22 17:56:01 | 000,696,096 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\NvFBC64.dll
    [2013/10/22 17:56:01 | 000,655,136 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\NvIFR64.dll
    [2013/10/22 17:56:01 | 000,599,840 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\NvFBC.dll
    [2013/10/22 17:56:01 | 000,560,416 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\NvIFR.dll
    [2013/10/22 17:56:01 | 000,317,472 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvoglshim64.dll
    [2013/10/22 17:56:01 | 000,266,984 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvoglshim32.dll
    [2013/10/22 17:56:01 | 000,168,616 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvinitx.dll
    [2013/10/22 17:56:01 | 000,141,336 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvinit.dll
    [2013/10/20 12:51:07 | 000,000,000 | ---D | C] -- C:\Users\azadeth\Desktop\Moar
    [2013/10/19 10:41:23 | 000,264,616 | ---- | C] (Oracle Corporation) -- C:\Windows\SysWow64\javaws.exe
    [2013/10/19 10:41:19 | 000,175,016 | ---- | C] (Oracle Corporation) -- C:\Windows\SysWow64\javaw.exe
    [2013/10/19 10:41:19 | 000,174,504 | ---- | C] (Oracle Corporation) -- C:\Windows\SysWow64\java.exe
    [2013/10/19 10:41:19 | 000,096,168 | ---- | C] (Oracle Corporation) -- C:\Windows\SysWow64\WindowsAccessBridge-32.dll
    [2013/10/15 16:54:06 | 000,589,600 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvStreaming.exe
    [2013/10/13 14:31:01 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Mozilla Maintenance Service
    [2013/10/10 09:54:36 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVG
    [2013/10/09 22:56:04 | 000,526,336 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieui.dll
    [2013/10/09 22:56:04 | 000,391,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieui.dll
    [2013/10/09 22:56:03 | 000,136,704 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\iesysprep.dll
    [2013/10/09 22:56:03 | 000,109,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\iesysprep.dll
    [2013/10/09 22:56:03 | 000,089,600 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\RegisterIEPKEYs.exe
    [2013/10/09 22:56:03 | 000,071,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\RegisterIEPKEYs.exe
    [2013/10/09 22:56:03 | 000,067,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\iesetup.dll
    [2013/10/09 22:56:03 | 000,061,440 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\iesetup.dll
    [2013/10/09 22:56:03 | 000,051,712 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ie4uinit.exe
    [2013/10/09 22:56:03 | 000,039,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\iernonce.dll
    [2013/10/09 22:56:03 | 000,033,280 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\iernonce.dll
    [2013/10/09 22:56:02 | 000,855,552 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\jscript.dll
    [2013/10/09 22:56:02 | 000,690,688 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\jscript.dll
    [2013/10/09 22:56:02 | 000,603,136 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msfeeds.dll
    [2013/10/09 22:56:01 | 003,959,296 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\jscript9.dll
    [2013/10/09 21:45:27 | 000,325,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\usbport.sys
    [2013/10/09 21:45:27 | 000,007,808 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\usbd.sys
    [2013/10/09 20:11:33 | 000,368,128 | ---- | C] (Adobe Systems Incorporated) -- C:\Windows\SysNative\atmfd.dll
    [2013/10/09 20:11:33 | 000,295,424 | ---- | C] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\atmfd.dll
    [2013/10/09 20:11:33 | 000,100,864 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\fontsub.dll
    [2013/10/09 20:11:33 | 000,070,656 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\fontsub.dll
    [2013/10/09 20:11:33 | 000,046,080 | ---- | C] (Adobe Systems) -- C:\Windows\SysNative\atmlib.dll
    [2013/10/09 20:11:33 | 000,041,472 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\lpk.dll
    [2013/10/09 20:11:33 | 000,034,304 | ---- | C] (Adobe Systems) -- C:\Windows\SysWow64\atmlib.dll
    [2013/10/09 20:11:33 | 000,014,336 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\dciman32.dll
    [2013/10/09 20:11:30 | 000,633,856 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\comctl32.dll
    [2013/10/09 20:11:24 | 000,076,800 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\hidclass.sys
    [2013/10/09 20:11:24 | 000,032,896 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\hidparse.sys
    [2013/10/09 20:11:23 | 000,102,400 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\davclnt.dll
    [2013/10/09 20:11:21 | 005,549,504 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ntoskrnl.exe
    [2013/10/09 20:11:20 | 003,969,472 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ntkrnlpa.exe
    [2013/10/09 20:11:20 | 003,914,176 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ntoskrnl.exe
    [2013/10/09 20:11:20 | 001,732,032 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ntdll.dll
    [2013/10/09 20:11:20 | 000,878,080 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\advapi32.dll
    [2013/10/09 20:11:20 | 000,859,648 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\tdh.dll
    [2013/10/09 20:11:20 | 000,619,520 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\tdh.dll
    [2013/10/09 20:11:19 | 000,243,712 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wow64.dll
    [2013/10/09 20:11:19 | 000,025,600 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\setup16.exe
    [2013/10/09 20:11:19 | 000,014,336 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ntvdm64.dll
    [2013/10/09 20:11:19 | 000,007,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\instnm.exe
    [2013/10/09 20:11:19 | 000,005,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wow32.dll
    [2013/10/09 20:11:19 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\user.exe
    [2013/10/09 20:11:15 | 000,124,112 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\PresentationCFFRasterizerNative_v0300.dll
    [2013/10/09 20:11:15 | 000,102,608 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\PresentationCFFRasterizerNative_v0300.dll
    [2013/10/09 20:11:13 | 000,461,312 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\scavengeui.dll
    [2013/10/06 10:31:48 | 000,000,000 | ---D | C] -- C:\Users\azadeth\AppData\Roaming\Guild Wars 2
    [2010/04/30 19:09:16 | 008,656,832 | ---- | C] (Dell, Inc. ) -- C:\Users\azadeth\AppData\Roaming\DataSafeDotNet.exe
    [3 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]

    ========== Files - Modified Within 30 Days ==========

    TO BE CONTINUED...

  4. #14
    Junior Member
    Join Date
    Oct 2013
    Posts
    17

    Default

    ========== Files - Modified Within 30 Days ==========

    [2013/10/27 15:04:00 | 000,000,916 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-902427904-586344934-1443075455-1001UA.job
    [2013/10/27 14:32:00 | 000,000,830 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
    [2013/10/27 14:31:35 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\azadeth\Desktop\OTL.exe
    [2013/10/27 14:11:06 | 000,139,264 | ---- | M] () -- C:\Users\azadeth\Desktop\SystemLook.exe
    [2013/10/27 14:03:40 | 000,014,240 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
    [2013/10/27 14:03:40 | 000,014,240 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
    [2013/10/27 13:54:49 | 000,000,350 | ---- | M] () -- C:\Windows\tasks\AVG-Secure-Search-Update_JUNE2013_TB_rmv.job
    [2013/10/27 13:54:26 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
    [2013/10/27 13:54:25 | 4262,785,022 | -HS- | M] () -- C:\hiberfil.sys
    [2013/10/27 13:41:45 | 000,001,111 | ---- | M] () -- C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
    [2013/10/27 11:36:09 | 000,450,690 | R--- | M] () -- C:\Windows\SysNative\drivers\etc\hosts
    [2013/10/26 22:04:00 | 000,000,864 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-902427904-586344934-1443075455-1001Core.job
    [2013/10/26 21:18:36 | 028,340,071 | ---- | M] () -- C:\Users\azadeth\Desktop\halloween2.psd
    [2013/10/26 21:03:45 | 018,075,474 | ---- | M] () -- C:\Users\azadeth\Desktop\halloween1.bmp
    [2013/10/26 01:04:20 | 000,001,019 | ---- | M] () -- C:\Users\Public\Desktop\CCleaner.lnk
    [2013/10/25 23:20:30 | 393,129,218 | ---- | M] () -- C:\Users\azadeth\Documents\REGISTRYBACKUP.reg
    [2013/10/25 18:20:52 | 000,002,912 | ---- | M] () -- C:\Windows\wininit.ini
    [2013/10/24 19:18:48 | 000,109,680 | ---- | M] () -- C:\Users\azadeth\Desktop\tumblr_mrw9nn4T6p1r0be5ro1_1280 (1).jpg
    [2013/10/22 22:41:58 | 000,001,456 | ---- | M] () -- C:\Users\azadeth\AppData\Local\Adobe Save for Web 12.0 Prefs
    [2013/10/22 21:42:13 | 000,000,132 | ---- | M] () -- C:\Users\azadeth\AppData\Roaming\Adobe PNG Format CS5 Prefs
    [2013/10/22 19:50:35 | 000,000,132 | ---- | M] () -- C:\Users\azadeth\AppData\Roaming\Adobe BMP Format CS5 Prefs
    [2013/10/21 21:03:56 | 000,164,626 | ---- | M] () -- C:\Users\azadeth\Desktop\tumblr_muykk7mHRs1qddzzro1_500 (1).jpg
    [2013/10/15 20:48:05 | 030,344,992 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysNative\nvoglv64.dll
    [2013/10/15 20:48:05 | 025,256,224 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysNative\nvcompiler.dll
    [2013/10/15 20:48:05 | 022,933,280 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvoglv32.dll
    [2013/10/15 20:48:05 | 018,290,536 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysNative\nvwgf2umx.dll
    [2013/10/15 20:48:05 | 018,243,632 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysNative\nvd3dumx.dll
    [2013/10/15 20:48:05 | 017,560,352 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvcompiler.dll
    [2013/10/15 20:48:05 | 015,858,664 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvwgf2um.dll
    [2013/10/15 20:48:05 | 015,244,272 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvd3dum.dll
    [2013/10/15 20:48:05 | 011,415,232 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysNative\nvcuda.dll
    [2013/10/15 20:48:05 | 011,362,672 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysNative\nvopencl.dll
    [2013/10/15 20:48:05 | 009,516,872 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvcuda.dll
    [2013/10/15 20:48:05 | 009,472,600 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvopencl.dll
    [2013/10/15 20:48:05 | 003,131,680 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysNative\nvcuvid.dll
    [2013/10/15 20:48:05 | 003,124,512 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysNative\nvcuvenc.dll
    [2013/10/15 20:48:05 | 003,067,560 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysNative\nvapi64.dll
    [2013/10/15 20:48:05 | 002,946,848 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvcuvid.dll
    [2013/10/15 20:48:05 | 002,747,168 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvcuvenc.dll
    [2013/10/15 20:48:05 | 002,694,664 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvapi.dll
    [2013/10/15 20:48:05 | 001,884,448 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysNative\nvdispco6433158.dll
    [2013/10/15 20:48:05 | 001,511,712 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysNative\nvdispgenco6433158.dll
    [2013/10/15 20:48:05 | 001,435,504 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysNative\nvumdshimx.dll
    [2013/10/15 20:48:05 | 001,241,376 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvumdshim.dll
    [2013/10/15 20:48:05 | 000,696,096 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysNative\NvFBC64.dll
    [2013/10/15 20:48:05 | 000,655,136 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysNative\NvIFR64.dll
    [2013/10/15 20:48:05 | 000,599,840 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysWow64\NvFBC.dll
    [2013/10/15 20:48:05 | 000,560,416 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysWow64\NvIFR.dll
    [2013/10/15 20:48:05 | 000,317,472 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysNative\nvoglshim64.dll
    [2013/10/15 20:48:05 | 000,266,984 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvoglshim32.dll
    [2013/10/15 20:48:05 | 000,168,616 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysNative\nvinitx.dll
    [2013/10/15 20:48:05 | 000,141,336 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvinit.dll
    [2013/10/15 20:48:05 | 000,023,287 | ---- | M] () -- C:\Windows\SysNative\nvinfo.pb
    [2013/10/15 17:47:39 | 006,665,504 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysNative\nvcpl.dll
    [2013/10/15 17:47:39 | 003,489,568 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysNative\nvsvc64.dll
    [2013/10/15 17:47:36 | 000,219,424 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysNative\nvmctray.dll
    [2013/10/15 17:47:36 | 000,063,776 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysNative\nvshext.dll
    [2013/10/15 16:54:06 | 000,589,600 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvStreaming.exe
    [2013/10/10 09:54:36 | 000,000,967 | ---- | M] () -- C:\Users\Public\Desktop\AVG 2014.lnk
    [2013/10/10 06:43:54 | 000,778,834 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
    [2013/10/10 06:43:54 | 000,660,068 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
    [2013/10/10 06:43:54 | 000,120,996 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
    [2013/10/10 06:37:24 | 004,922,288 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT
    [2013/10/09 22:55:13 | 000,772,558 | ---- | M] () -- C:\Windows\SysWow64\PerfStringBackup.INI
    [2013/10/08 22:32:33 | 000,692,616 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerApp.exe
    [2013/10/08 22:32:33 | 000,071,048 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl
    [2013/10/08 15:14:15 | 003,398,914 | ---- | M] () -- C:\Windows\SysNative\nvcoproc.bin
    [2013/10/08 07:50:37 | 000,096,168 | ---- | M] (Oracle Corporation) -- C:\Windows\SysWow64\WindowsAccessBridge-32.dll
    [2013/10/08 07:46:52 | 000,264,616 | ---- | M] (Oracle Corporation) -- C:\Windows\SysWow64\javaws.exe
    [2013/10/08 07:46:47 | 000,175,016 | ---- | M] (Oracle Corporation) -- C:\Windows\SysWow64\javaw.exe
    [2013/10/08 07:46:23 | 000,174,504 | ---- | M] (Oracle Corporation) -- C:\Windows\SysWow64\java.exe
    [2013/10/01 19:12:40 | 000,116,239 | ---- | M] () -- C:\Users\azadeth\Desktop\600843_525977957479831_689948066_n.jpg
    [2013/10/01 16:35:48 | 000,046,368 | ---- | M] (AVG Technologies) -- C:\Windows\SysNative\drivers\avgtpx64.sys
    [3 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]

    ========== Files Created - No Company Name ==========

    [2013/10/27 14:11:05 | 000,139,264 | ---- | C] () -- C:\Users\azadeth\Desktop\SystemLook.exe
    [2013/10/27 13:41:45 | 000,001,111 | ---- | C] () -- C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
    [2013/10/26 21:18:34 | 028,340,071 | ---- | C] () -- C:\Users\azadeth\Desktop\halloween2.psd
    [2013/10/26 21:03:45 | 018,075,474 | ---- | C] () -- C:\Users\azadeth\Desktop\halloween1.bmp
    [2013/10/25 23:20:19 | 393,129,218 | ---- | C] () -- C:\Users\azadeth\Documents\REGISTRYBACKUP.reg
    [2013/10/24 19:18:47 | 000,109,680 | ---- | C] () -- C:\Users\azadeth\Desktop\tumblr_mrw9nn4T6p1r0be5ro1_1280 (1).jpg
    [2013/10/21 21:03:56 | 000,164,626 | ---- | C] () -- C:\Users\azadeth\Desktop\tumblr_muykk7mHRs1qddzzro1_500 (1).jpg
    [2013/10/13 14:31:02 | 000,001,161 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
    [2013/10/01 19:12:40 | 000,116,239 | ---- | C] () -- C:\Users\azadeth\Desktop\600843_525977957479831_689948066_n.jpg
    [2013/09/13 23:58:25 | 000,002,912 | ---- | C] () -- C:\Windows\wininit.ini
    [2013/06/26 08:40:22 | 000,003,715 | ---- | C] () -- C:\Program Files (x86)\Mozilla Firefoxavg-secure-search.xml
    [2013/03/30 14:54:31 | 000,000,057 | ---- | C] () -- C:\ProgramData\Ament.ini
    [2012/01/12 23:49:50 | 000,772,558 | ---- | C] () -- C:\Windows\SysWow64\PerfStringBackup.INI
    [2011/12/15 05:23:04 | 010,920,472 | ---- | C] () -- C:\Windows\SysWow64\LogiDPP.dll
    [2011/12/15 05:23:04 | 000,336,408 | ---- | C] () -- C:\Windows\SysWow64\DevManagerCore.dll
    [2011/12/15 05:23:04 | 000,104,472 | ---- | C] () -- C:\Windows\SysWow64\LogiDPPApp.exe
    [2010/10/10 11:13:08 | 000,000,149 | ---- | C] () -- C:\Users\azadeth\AppData\Roaming\default.rss
    [2010/10/07 09:50:14 | 000,000,000 | ---- | C] () -- C:\Users\azadeth\AppData\Local\prvlcl.dat
    [2010/06/20 18:42:46 | 000,001,456 | ---- | C] () -- C:\Users\azadeth\AppData\Local\Adobe Save for Web 12.0 Prefs
    [2010/06/20 18:29:57 | 000,000,132 | ---- | C] () -- C:\Users\azadeth\AppData\Roaming\Adobe BMP Format CS5 Prefs
    [2010/06/12 17:09:08 | 000,000,132 | ---- | C] () -- C:\Users\azadeth\AppData\Roaming\Adobe Targa Format CS5 Prefs
    [2010/06/12 16:49:13 | 000,000,132 | ---- | C] () -- C:\Users\azadeth\AppData\Roaming\Adobe GIF Format CS5 Prefs
    [2010/06/11 17:30:50 | 000,000,132 | ---- | C] () -- C:\Users\azadeth\AppData\Roaming\Adobe PNG Format CS5 Prefs

    ========== ZeroAccess Check ==========

    [2009/07/14 00:55:00 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini

    [HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64

    [HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]

    [HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] /64

    [HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]

    [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
    "" = C:\Windows\SysNative\shell32.dll -- [2013/07/25 22:24:57 | 014,172,672 | ---- | M] (Microsoft Corporation)
    "ThreadingModel" = Apartment

    [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
    "" = %SystemRoot%\system32\shell32.dll -- [2013/07/25 21:55:59 | 012,872,704 | ---- | M] (Microsoft Corporation)
    "ThreadingModel" = Apartment

    [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] /64
    "" = C:\Windows\SysNative\wbem\fastprox.dll -- [2009/07/13 21:40:51 | 000,909,312 | ---- | M] (Microsoft Corporation)
    "ThreadingModel" = Free

    [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
    "" = %systemroot%\system32\wbem\fastprox.dll -- [2010/11/20 08:19:02 | 000,606,208 | ---- | M] (Microsoft Corporation)
    "ThreadingModel" = Free

    [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] /64
    "" = C:\Windows\SysNative\wbem\wbemess.dll -- [2009/07/13 21:41:56 | 000,505,856 | ---- | M] (Microsoft Corporation)
    "ThreadingModel" = Both

    [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]

    ========== LOP Check ==========

    [2013/05/26 22:14:23 | 000,000,000 | ---D | M] -- C:\Users\azadeth\AppData\Roaming\.minecraft
    [2010/05/19 12:09:16 | 000,000,000 | ---D | M] -- C:\Users\azadeth\AppData\Roaming\acccore
    [2013/04/12 20:15:35 | 000,000,000 | ---D | M] -- C:\Users\azadeth\AppData\Roaming\Anodyne
    [2013/09/20 17:57:11 | 000,000,000 | ---D | M] -- C:\Users\azadeth\AppData\Roaming\AVG2014
    [2013/06/08 07:40:08 | 000,000,000 | ---D | M] -- C:\Users\azadeth\AppData\Roaming\Awesomium
    [2013/04/04 12:33:49 | 000,000,000 | ---D | M] -- C:\Users\azadeth\AppData\Roaming\Bioshock
    [2010/06/20 12:39:55 | 000,000,000 | ---D | M] -- C:\Users\azadeth\AppData\Roaming\chc.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1
    [2013/01/18 22:23:23 | 000,000,000 | ---D | M] -- C:\Users\azadeth\AppData\Roaming\fltk.org
    [2011/10/14 01:37:43 | 000,000,000 | ---D | M] -- C:\Users\azadeth\AppData\Roaming\GetRightToGo
    [2013/10/06 10:31:50 | 000,000,000 | ---D | M] -- C:\Users\azadeth\AppData\Roaming\Guild Wars 2
    [2010/10/10 13:45:02 | 000,000,000 | ---D | M] -- C:\Users\azadeth\AppData\Roaming\ICAClient
    [2013/07/19 19:47:03 | 000,000,000 | ---D | M] -- C:\Users\azadeth\AppData\Roaming\Kalypso Media
    [2010/05/19 12:09:17 | 000,000,000 | ---D | M] -- C:\Users\azadeth\AppData\Roaming\Leadertech
    [2012/05/10 21:12:59 | 000,000,000 | ---D | M] -- C:\Users\azadeth\AppData\Roaming\LoneSurvivor
    [2012/10/25 21:16:30 | 000,000,000 | ---D | M] -- C:\Users\azadeth\AppData\Roaming\Mumble
    [2013/09/14 13:24:11 | 000,000,000 | ---D | M] -- C:\Users\azadeth\AppData\Roaming\Natural Selection 2
    [2013/01/05 06:40:16 | 000,000,000 | ---D | M] -- C:\Users\azadeth\AppData\Roaming\Origin
    [2011/05/29 16:13:59 | 000,000,000 | ---D | M] -- C:\Users\azadeth\AppData\Roaming\PCDr
    [2010/05/19 12:09:25 | 000,000,000 | ---D | M] -- C:\Users\azadeth\AppData\Roaming\ProfitUI Reborn Updater
    [2011/07/16 01:02:07 | 000,000,000 | ---D | M] -- C:\Users\azadeth\AppData\Roaming\RIFT
    [2013/04/12 18:32:15 | 000,000,000 | ---D | M] -- C:\Users\azadeth\AppData\Roaming\RotMG.Production
    [2012/09/11 18:41:47 | 000,000,000 | ---D | M] -- C:\Users\azadeth\AppData\Roaming\StageManager.BD092818F67280F4B42B04877600987F0111B594.1
    [2011/02/25 04:00:53 | 000,000,000 | ---D | M] -- C:\Users\azadeth\AppData\Roaming\SystemRequirementsLab
    [2012/10/06 14:21:43 | 000,000,000 | ---D | M] -- C:\Users\azadeth\AppData\Roaming\TuneUp Software
    [2013/10/26 23:40:29 | 000,000,000 | ---D | M] -- C:\Users\azadeth\AppData\Roaming\uTorrent
    [2012/06/24 23:01:48 | 000,000,000 | ---D | M] -- C:\Users\azadeth\AppData\Roaming\Vessel
    [2013/08/15 20:05:32 | 000,000,000 | ---D | M] -- C:\Users\azadeth\AppData\Roaming\Wayforward Technologies
    [2010/10/22 01:48:17 | 000,000,000 | ---D | M] -- C:\Users\azadeth\AppData\Roaming\Windows Live Writer
    [2012/10/12 13:35:54 | 000,000,000 | ---D | M] -- C:\Users\Default\AppData\Roaming\TuneUp Software
    [2012/10/12 13:35:54 | 000,000,000 | ---D | M] -- C:\Users\Default User\AppData\Roaming\TuneUp Software

    ========== Purity Check ==========



    ========== Alternate Data Streams ==========

    @Alternate Data Stream - 143 bytes -> C:\Users\azadeth\AppData\Roaming\default.rss:OECustomProperty

    < End of report >

  5. #15
    Emeritus-Security Expert
    Join Date
    Nov 2005
    Location
    Florida's SpaceCoast
    Posts
    15,208

    Default

    Looking it over now, be back as soon as I can
    Microsoft MVP Consumer Security 2007-2008-2009-2010-2011-2012-2013-2014

    ERROR MESSAGE 386
    No KeyBoard Detected
    Press F1 To Continue

    Just a reminder that threads will be closed if no reply in 3 days.

  6. #16
    Junior Member
    Join Date
    Oct 2013
    Posts
    17

    Default

    Extras:

    OTL Extras logfile created on: 10/27/2013 3:05:12 PM - Run 1
    OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\azadeth\Desktop
    64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
    Internet Explorer (Version = 9.10.9200.16721)
    Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

    15.96 Gb Total Physical Memory | 12.02 Gb Available Physical Memory | 75.34% Memory free
    31.92 Gb Paging File | 27.71 Gb Available in Paging File | 86.81% Paging File free
    Paging file location(s): ?:\pagefile.sys [binary data]

    %SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
    Drive C: | 916.82 Gb Total Space | 476.93 Gb Free Space | 52.02% Space Free | Partition Type: NTFS
    Drive D: | 4.28 Gb Total Space | 0.00 Gb Free Space | 0.00% Space Free | Partition Type: UDF

    Computer Name: AZADETH-PC | User Name: azadeth | Logged in as Administrator.
    Boot Mode: Normal | Scan Mode: All users | Include 64bit Scans
    Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

    ========== Extra Registry (SafeList) ==========


    ========== File Associations ==========

    64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
    .html[@ = htmlfile] -- C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation)
    .url[@ = InternetShortcut] -- C:\Windows\SysNative\rundll32.exe (Microsoft Corporation)

    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
    .cpl [@ = cplfile] -- C:\Windows\SysWow64\control.exe (Microsoft Corporation)
    .html [@ = htmlfile] -- C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation)

    [HKEY_USERS\S-1-5-21-902427904-586344934-1443075455-1001\SOFTWARE\Classes\<extension>]
    .html [@ = ChromeHTML] -- Reg Error: Key error. File not found

    ========== Shell Spawning ==========

    64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
    batfile [open] -- "%1" %*
    cmdfile [open] -- "%1" %*
    comfile [open] -- "%1" %*
    exefile [open] -- "%1" %*
    helpfile [open] -- Reg Error: Key error.
    htmlfile [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
    htmlfile [opennew] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
    http [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
    https [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
    inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
    InternetShortcut [open] -- "C:\Windows\system32\rundll32.exe" "C:\Windows\system32\ieframe.dll",OpenURL %l (Microsoft Corporation)
    InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
    piffile [open] -- "%1" %*
    regfile [merge] -- Reg Error: Key error.
    scrfile [config] -- "%1"
    scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
    scrfile [open] -- "%1" /S
    txtfile [edit] -- Reg Error: Key error.
    Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
    Directory [AddToPlaylistVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" ()
    Directory [Bridge] -- C:\Program Files (x86)\Adobe\Adobe Bridge CS5\Bridge.exe "%L" (Adobe Systems, Inc.)
    Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
    Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
    Directory [PlayWithVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" ()
    Directory [Winamp.Bookmark] -- "C:\Program Files (x86)\Winamp\winamp.exe" /BOOKMARK "%1" (Nullsoft, Inc.)
    Directory [Winamp.Enqueue] -- "C:\Program Files (x86)\Winamp\winamp.exe" /ADD "%1" (Nullsoft, Inc.)
    Directory [Winamp.Play] -- "C:\Program Files (x86)\Winamp\winamp.exe" "%1" (Nullsoft, Inc.)
    Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
    Folder [explore] -- Reg Error: Value error.
    Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
    Applications\iexplore.exe [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
    CLSID\{871C5380-42A0-1069-A2EA-08002B30309D} [OpenHomePage] -- "C:\Program Files\Internet Explorer\iexplore.exe" (Microsoft Corporation)

    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
    batfile [open] -- "%1" %*
    cmdfile [open] -- "%1" %*
    comfile [open] -- "%1" %*
    cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
    exefile [open] -- "%1" %*
    helpfile [open] -- Reg Error: Key error.
    htmlfile [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
    htmlfile [opennew] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
    http [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
    https [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
    inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
    piffile [open] -- "%1" %*
    regfile [merge] -- Reg Error: Key error.
    scrfile [config] -- "%1"
    scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
    scrfile [open] -- "%1" /S
    txtfile [edit] -- Reg Error: Key error.
    Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
    Directory [AddToPlaylistVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" ()
    Directory [Bridge] -- C:\Program Files (x86)\Adobe\Adobe Bridge CS5\Bridge.exe "%L" (Adobe Systems, Inc.)
    Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
    Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
    Directory [PlayWithVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" ()
    Directory [Winamp.Bookmark] -- "C:\Program Files (x86)\Winamp\winamp.exe" /BOOKMARK "%1" (Nullsoft, Inc.)
    Directory [Winamp.Enqueue] -- "C:\Program Files (x86)\Winamp\winamp.exe" /ADD "%1" (Nullsoft, Inc.)
    Directory [Winamp.Play] -- "C:\Program Files (x86)\Winamp\winamp.exe" "%1" (Nullsoft, Inc.)
    Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
    Folder [explore] -- Reg Error: Value error.
    Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
    Applications\iexplore.exe [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
    CLSID\{871C5380-42A0-1069-A2EA-08002B30309D} [OpenHomePage] -- Reg Error: Value error.

    ========== Security Center Settings ==========

    64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
    "cval" = 1

    64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

    64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
    "VistaSp1" = 28 4D B2 76 41 04 CA 01 [binary data]
    "AntiVirusOverride" = 0
    "AntiSpywareOverride" = 0
    "FirewallOverride" = 0

    64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]

    ========== System Restore Settings ==========

    64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows NT\SystemRestore]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows NT\SystemRestore]

    ========== Firewall Settings ==========

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
    "DisableNotifications" = 0
    "EnableFirewall" = 1

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
    "DisableNotifications" = 0
    "EnableFirewall" = 1

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
    "DisableNotifications" = 0
    "EnableFirewall" = 1

    ========== Authorized Applications List ==========

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]


    ========== Vista Active Open Ports Exception List ==========

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
    "{0C880E89-DAD9-47CB-80BA-76AC70E6E1E8}" = lport=49215 | protocol=6 | dir=in | name=akamai netsession interface |
    "{23C7041B-1A0E-4029-9A27-7469F251AEA8}" = lport=2869 | protocol=6 | dir=in | name=windows live communications platform (upnp) |
    "{268DD39C-2880-4404-83E1-C54AEFAD9794}" = lport=48000 | protocol=17 | dir=in | app=c:\program files\nvidia corporation\nvstreamsrv\nvstreamer.exe |
    "{64CD0E91-D093-4BBB-A600-5592301F6167}" = lport=47991 | protocol=6 | dir=in | app=c:\program files\nvidia corporation\nvstreamsrv\nvstreamer.exe |
    "{7D1B9B83-8B64-4DD0-BC91-F4B74E1C70A3}" = lport=5000 | protocol=17 | dir=in | name=akamai netsession interface |
    "{AB1151C6-63AB-4863-A939-25E67596282D}" = lport=47987 | protocol=6 | dir=in | app=c:\program files\nvidia corporation\nvstreamsrv\nvstreamsvc.exe |
    "{AC5C6A92-6505-4698-A803-BD4245763B9A}" = lport=1900 | protocol=17 | dir=in | name=windows live communications platform (ssdp) |
    "{D14CF6B5-F801-476A-A0F4-274BC2A2FECB}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=svchost.exe |
    "{D3125100-1F2F-4B79-B775-DB9B30D54E34}" = lport=2869 | protocol=6 | dir=in | app=system |
    "{E78AA89B-0B1C-4BB2-AE8A-FC642F1C0402}" = lport=5353 | protocol=17 | dir=in | app=c:\program files\nvidia corporation\nvstreamsrv\nvstreamsvc.exe |
    "{FB48AF59-DE1F-4D49-8CB1-C6D40F2C6824}" = lport=49186 | protocol=6 | dir=in | name=akamai netsession interface |
    "{FFA35FA6-251F-449D-B033-BC188CD2AECD}" = lport=5000 | protocol=17 | dir=in | name=akamai netsession interface |

    ========== Vista Active Application Exception List ==========

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
    "{02464619-56A0-4610-85E2-98EB496A1814}" = dir=in | app=c:\program files (x86)\cyberlink\powerdvd dx\powerdvd.exe |
    "{053F191D-DB77-4158-91BF-19CE748ED3BC}" = protocol=6 | dir=in | app=c:\program files (x86)\avg\avg2014\avgdiagex.exe |
    "{07A4E21C-3E32-4144-B890-BE3F031B8262}" = protocol=17 | dir=in | app=c:\program files (x86)\avg\avg2012\avgmfapx.exe |
    "{08A802B9-37CC-4A11-B746-E4DF91B66EFF}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\natural selection 2\ns2.exe |
    "{0DA1CF5D-C86F-4764-B266-62252D0EF492}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\bleed\bleed.exe |
    "{0EB39B9E-E364-4865-9D59-4A41B4D802D6}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\the binding of isaac\isaac.exe |
    "{0F5A8450-8DA6-47E0-9B02-92D6DD895B3B}" = protocol=6 | dir=in | app=c:\programdata\battle.net\agent\agent.1199\agent.exe |
    "{0FD98F31-F1B3-4693-AC04-381EEB36E06F}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\alien swarm\srcds.exe |
    "{128C9DFC-55FE-46D4-98F4-5FB452B38253}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\machine for pigs\aamfp.exe |
    "{1D92FBEE-4F97-47C4-A361-CF33C9DFF254}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\bioshock infinite\binaries\win32\bioshockinfinite.exe |
    "{1F2F99B0-7132-41BB-B844-7DB36991408C}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\antichamber\binaries\win32\udk.exe |
    "{1FE67A50-3DBB-44E0-B27F-0164DBAAB4AB}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\alien swarm\srcds.exe |
    "{20EFDA69-AABF-4BEB-8BF8-3FBF9610C1F5}" = protocol=6 | dir=in | app=c:\program files (x86)\emule\emule.exe |
    "{220E2064-95E9-458B-892F-710D6B3B3990}" = protocol=6 | dir=in | app=c:\program files (x86)\starcraft ii beta\starcraft ii.exe |
    "{231D406E-BECD-4F3F-B0C0-8BE3592F2CE6}" = dir=in | app=c:\windows\system32\dleacoms.exe |
    "{232F71C0-82AF-4F68-8AD6-E6790FE173FC}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\amnesia the dark descent\launcher.exe |
    "{240C37C8-60AF-44AA-A1FB-43548014C18F}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\anna\anna.exe |
    "{285F20BC-3C7E-40E6-9FBF-4D2DB05DC59C}" = protocol=6 | dir=in | app=c:\program files (x86)\pando networks\media booster\pmb.exe |
    "{2A211748-247F-4B06-A38D-2A3C3CF0B3B1}" = protocol=6 | dir=in | app=c:\program files (x86)\yahoo!\messenger\yahoomessenger.exe |
    "{2FDC46F2-E507-429E-9BCF-73A715A74478}" = protocol=6 | dir=in | app=c:\program files (x86)\abbyy finereader 6.0 sprint\scan\scanman6.exe |
    "{36740DDD-273B-4A0E-A9F8-A505EECAD4BB}" = protocol=17 | dir=in | app=c:\programdata\battle.net\agent\agent.1199\agent.exe |
    "{369032BD-C2CE-4CC5-B50B-6C90B003716C}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\waves\binaries\win32\waves.exe |
    "{390D5459-4282-4BBB-B24A-6522704E2446}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\bleed\bleed.exe |
    "{398D93CB-ADA7-4D6C-8641-B3D1C86C9CB9}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steam.exe |
    "{3B475378-5DD9-4D51-90BA-7D1A8ED338BB}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\alan wake\alanwake.exe |
    "{3F5F0FA9-0D24-4334-9D01-CE8BF08D6F7D}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\penumbra black plague\redist\penumbra.exe |
    "{414D4456-A350-4063-BEB4-8B5739B3AD08}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\doom 3 bfg edition\doom3bfg.exe |
    "{42250C59-191F-4ABA-93C9-01DA3B068F52}" = protocol=6 | dir=in | app=c:\program files (x86)\avg\avg2014\avgnsa.exe |
    "{42E9FEEE-13B5-447E-9EE3-D6E63F52765C}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\penumbra black plague\redist\requiem.exe |
    "{459512FA-725A-4A00-8244-5836679588DD}" = protocol=6 | dir=in | app=c:\program files (x86)\avg\avg2012\avgmfapx.exe |
    "{45FA2EBD-BE12-47F4-9238-F815218CA688}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\dlc quest\dlc.exe |
    "{470FB1B4-1DEF-4F5A-84D5-4411ED02AAEB}" = protocol=6 | dir=in | app=c:\users\azadeth\appdata\local\google\google talk plugin\googletalkplugin.exe |
    "{48310440-4F99-4A6C-AFDC-E08ABE664174}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\lone survivor\lonesurvivor\lonesurvivor.exe |
    "{4837E765-351D-4F4C-8D7D-C7E20F00DF5A}" = dir=in | app=c:\program files\hp\hp photosmart 5520 series\bin\devicesetup.exe |
    "{4AAF7E71-6EB6-44F2-9F56-8B4F05E43D6F}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\eversion\eversion.exe |
    "{4B9E9E69-8679-4B52-8219-A8FBD335DF2D}" = protocol=17 | dir=in | app=c:\program files (x86)\avg\avg2014\avgnsa.exe |
    "{4EA28BFB-6AB0-439B-9883-4BD14D5DE767}" = dir=in | app=c:\program files\hp\hp photosmart 5520 series\bin\hpnetworkcommunicatorcom.exe |
    "{4F1DD336-2E32-42CB-B6AC-E72EA698225D}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\ducktales remastered\executable\ducktales.exe |
    "{53175AA6-ABAC-428E-8B1D-669B5FDE121E}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\machine for pigs\aamfp.exe |
    "{5722B220-0ECC-4B4E-B05D-3EE43489678E}" = protocol=6 | dir=in | app=c:\program files (x86)\pando networks\media booster\pmb.exe |
    "{595E5F53-1235-4DE4-99F1-57421E54D59D}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\amnesia the dark descent\launcher.exe |
    "{5A9CDC7D-8276-4B2A-A3A6-1304B1F74F32}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\aquaria\aquaria.exe |
    "{5AC67D3E-6C59-45AC-914A-AFF76B1BEB57}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\aquaria\aquaria.exe |
    "{5B56AB51-1BAD-44CF-86B5-91447BC53D21}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\penumbra black plague\redist\requiem.exe |
    "{5FF5B414-F25B-43FB-87E9-38A76287C876}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\natural selection 2\ns2.exe |
    "{61ACC5B2-1FD6-41D9-A467-965FBFAE849B}" = protocol=6 | dir=in | app=c:\program files (x86)\avg\avg10\avgmfapx.exe |
    "{61D312E8-EC60-431F-A2A2-D636DED6A21E}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\worms clan wars\wormsclanwars.exe |
    "{61F45149-3CEE-4795-A175-AB854C579606}" = protocol=6 | dir=in | app=c:\programdata\battle.net\agent\agent.1040\agent.exe |
    "{64CE3BFB-A84C-4956-8521-5A521C3406A4}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\retro city rampage\retrocityrampage.exe |
    "{65E55025-D812-4816-805B-76564CF507DC}" = protocol=17 | dir=in | app=c:\programdata\battle.net\agent\agent.1675\agent.exe |
    "{68834CED-4E9C-44A8-8A76-088F54B1254A}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\natural selection 2\launchpad.exe |
    "{6B401E39-C9D4-44EE-BBF5-B07812518A52}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\outlast\outlastlauncher.exe |
    "{6C497E98-D25C-48C9-9D59-7B8BA6772F87}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\bioshock infinite\binaries\win32\bioshockinfinite.exe |
    "{6F8FD565-8921-4F3D-8C19-2251360D3035}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\skullgirls beta\skullgirls.exe |
    "{70206B65-6725-43A8-94B2-C63E8C926D1A}" = dir=in | app=c:\gpotato.com\allods online\bin\launcher.exe |
    "{71BD1757-DE8B-43C1-A660-6A5C08C0FE68}" = protocol=6 | dir=in | app=c:\program files (x86)\starcraft ii\starcraft ii.exe |
    "{777E48A2-9C65-499C-9E07-D5BE548B379E}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\they bleed pixels\they bleed pixels pc.exe |
    "{778F3B4B-429F-456E-B25B-D0E5C2B13084}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\natural selection 2\launchpad.exe |
    "{780521CA-1070-4258-86BC-AB7DD8BB9A65}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\penumbra black plague\redist\penumbra.exe |
    "{7952C0A6-BBE6-445C-8C6E-A332A000352D}" = protocol=17 | dir=in | app=c:\program files (x86)\pando networks\media booster\pmb.exe |
    "{796FA258-AB23-485A-8F8A-F528D1B7B5B5}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\anodyne\anodyne.exe |
    "{7A3CF28B-91A2-4668-9DF4-C70362969866}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\insanely twisted shadow planet\fcengine-gfwl.exe |
    "{7A64A4FE-D409-4E11-AEFD-3A9AA411BD66}" = dir=in | app=c:\windows\system32\dleacoms.exe |
    "{7A76B461-6029-4E31-B74F-3A949DC4BA6A}" = protocol=17 | dir=in | app=c:\program files (x86)\starcraft ii beta\starcraft ii.exe |
    "{7EAB0770-A911-43A3-9B92-F315BDB9B2E0}" = protocol=17 | dir=in | app=c:\program files (x86)\emule\emule.exe |
    "{8078B0FD-B194-41A6-A906-F07B8C0C1C36}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\hell yeah\hellyeah.exe |
    "{814C5D4C-AA8D-4534-B707-99D8500F0DDC}" = protocol=17 | dir=in | app=c:\program files (x86)\ventrilo\ventrilo.exe |
    "{8468FB95-29D6-4830-A8DE-D399B22F2188}" = protocol=17 | dir=in | app=c:\program files (x86)\pando networks\media booster\pmb.exe |
    "{8536D651-4F07-4D1C-9E4F-467C6D305835}" = protocol=17 | dir=in | app=c:\program files (x86)\microsoft office\office12\onenote.exe |
    "{871A4957-0998-44CE-8DD0-549E90CE869F}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\waking mars\mars-pc.exe |
    "{8795DD99-AF7B-40BE-A830-432A1278AC45}" = dir=in | app=c:\windows\system32\dleacoms.exe |
    "{87CA065C-76DE-484D-9062-26A007708C8D}" = dir=in | app=c:\program files (x86)\windows live\messenger\msnmsgr.exe |
    "{889C687C-14DB-4173-8564-C6F3B5AF7BB2}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\anna\anna.exe |
    "{8A3B4C06-7362-4B02-8E01-88B6A6DA4DE4}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\the ball\binaries\win32\theball.exe |
    "{8CCCC135-A5B1-4A94-BFB8-A20630A9DF36}" = protocol=17 | dir=in | app=c:\program files (x86)\avg\avg2014\avgmfapx.exe |
    "{8CDC8743-186B-480C-8BD4-EAD9C31A1D5E}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\outlast\outlastlauncher.exe |
    "{8D45657D-E5C6-40BF-AE32-C758FFB7C97C}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\wormsrevolution\wormsrevolution.exe |
    "{8E9FB376-A36A-46EB-9E15-CD1229AB40E7}" = dir=in | app=c:\program files (x86)\cyberlink\powerdvd dx\pdvddxsrv.exe |
    "{8F18C569-EADB-4842-8455-1934C871DC3B}" = protocol=17 | dir=in | app=c:\program files (x86)\avg\avg2014\avgdiagex.exe |
    "{912C777A-7800-4EA5-95B2-72A740101181}" = protocol=17 | dir=in | app=c:\programdata\battle.net\agent\agent.1040\agent.exe |
    "{9741CD5A-3F04-43EB-AF97-4945674A84C8}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\the binding of isaac\binding_of_isaac.exe |
    "{98537179-0A12-4212-BEC9-A8618D552471}" = protocol=6 | dir=in | app=c:\program files (x86)\avg\avg2014\avgmfapx.exe |
    "{9C27419B-7AFA-4E2C-B37D-C13F3327B43D}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\waking mars\mars-pc.exe |
    "{9F965C93-7255-4605-85F5-721D50D86F15}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\lone survivor\lonesurvivor\lonesurvivor.exe |
    "{9FF522B2-0A70-4011-A518-36F0D2BEC7BA}" = protocol=6 | dir=in | app=c:\program files (x86)\microsoft office\office12\onenote.exe |
    "{A16AF4AC-C22F-47BB-A959-8DF777FD2650}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\limbo\limbo.exe |
    "{A27223CC-8433-4C9D-B959-9668628453CE}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\bioshock infinite\binaries\win32\benchmark.bat |
    "{A4C05C30-88C4-498E-A23F-E60114D2B072}" = dir=in | app=c:\program files (x86)\pando networks\media booster\pmb.exe |
    "{A62C9A61-7D00-40FE-85B8-599A0E1730F5}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\they bleed pixels\they bleed pixels pc.exe |
    "{A6BDE6D3-7ECA-4DE6-9989-D356FB54A65B}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\alan wake\alanwake.exe |
    "{AA01A521-D4B2-4C38-81CD-275B7D9C18B7}" = dir=in | app=c:\program files (x86)\common files\apple\apple application support\webkit2webprocess.exe |
    "{AB141505-F6D3-43D9-A869-99631CE2DF88}" = protocol=17 | dir=in | app=c:\program files (x86)\avg\avg2014\avgemca.exe |
    "{AD156655-8CED-44B0-845E-32ABB8CA4C34}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\dlc quest\dlc.exe |
    "{ADE2C6E5-56A5-43C0-AEBE-7B22447F06FC}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\antichamber\binaries\win32\udk.exe |
    "{ADE4E0CF-5346-43F3-AC41-4052178A7245}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\bioshock\builds\release\bioshock.exe |
    "{AE0648DC-9E0F-4CDF-B829-17C97DDFF1FD}" = protocol=6 | dir=in | app=c:\program files (x86)\starcraft ii\starcraft ii public test.exe |
    "{AE597204-AB50-46A3-8C14-9E47DBB9DBA1}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\team fortress 2\hl2.exe |
    "{B2FA7CCE-7800-49D7-AA34-0FCFFBCB61E5}" = protocol=17 | dir=in | app=c:\program files (x86)\abbyy finereader 6.0 sprint\scan\scanman6.exe |
    "{B38FB9A0-309A-49AD-B16B-72A6D696B4F7}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\bioshock infinite\binaries\win32\benchmark.bat |
    "{B59F62DC-977C-4262-AA32-B5B7EDC95189}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\the ball\binaries\win32\theball.exe |
    "{B66FEE28-D56E-476D-BD0D-D8C8939CDB19}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steam.exe |
    "{B71CCCBA-4125-4264-A047-2723E1CAB4FC}" = protocol=17 | dir=in | app=c:\program files (x86)\starcraft ii\starcraft ii.exe |
    "{B9C3D6DD-AAD0-421A-87C2-1628686E7628}" = protocol=6 | dir=in | app=c:\program files (x86)\avg\avg2013\avgmfapx.exe |
    "{BB78176D-B897-49A4-88F5-92A11A06C7F2}" = protocol=6 | dir=in | app=c:\programdata\battle.net\agent\agent.1737\agent.exe |
    "{BD1EB103-0EFE-45D5-BEE4-10B6A3BF06FD}" = protocol=6 | dir=in | app=c:\programdata\battle.net\agent\agent.1675\agent.exe |
    "{BDB34AB7-FB08-4876-B959-B5CD8B5FD702}" = protocol=17 | dir=in | app=c:\program files (x86)\aim\aim.exe |
    "{BE9F8198-D5EB-4174-BD82-467C135DF4F7}" = protocol=17 | dir=in | app=c:\users\azadeth\appdata\local\google\google talk plugin\googletalkplugin.exe |
    "{BEE58677-27FF-4CC7-84D6-965A7284ABDE}" = protocol=6 | dir=in | app=c:\programdata\battle.net\agent\agent.1267\agent.exe |
    "{BEFCB1DE-8708-49CB-BC83-ED092DE90BFE}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\doom 3 bfg edition\doom3bfg.exe |
    "{C1C525B6-CCBC-4F9E-B236-693ABA92190D}" = protocol=17 | dir=in | app=c:\program files (x86)\starcraft ii\starcraft ii public test.exe |
    "{C66A4C74-6498-4998-A7A2-53F9911D5E16}" = protocol=6 | dir=in | app=c:\program files (x86)\ventrilo\ventrilo.exe |
    "{CB11781E-1158-4470-A47E-03CB64E76C83}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\team fortress 2\hl2.exe |
    "{CD6BC1E2-E980-43DE-9A2E-32BEBB35495F}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\bioshock\builds\release\bioshock.exe |
    "{D2DF9B25-6BA8-46FB-940F-457BD6A3D53A}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\retro city rampage\retrocityrampage.exe |
    "{D3430AFA-EAC4-42C1-BAD8-44DD49C0B1C5}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\eversion\eversion.exe |
    "{D60E0C40-D7F5-4932-AA4C-D953413D6561}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\machine for pigs\launcher.exe |
    "{D616C31F-B72A-4076-A486-92D32C520844}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\dark souls prepare to die edition\data\darksouls.exe |
    "{D63686CF-262C-45EA-865C-A7D3E757E935}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\sega classics\segagenesisclassics.exe |
    "{D6F8ADAB-FEBF-4D20-BA9B-83D9797F81D4}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\sega classics\segagenesisclassics.exe |
    "{D857EA13-C428-40F0-908C-9E9708C631E7}" = protocol=17 | dir=in | app=c:\program files (x86)\avg\avg2013\avgmfapx.exe |
    "{D94ED4AB-09F7-4420-9E6A-7B64A2F4275C}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\waves\binaries\win32\waves.exe |
    "{D95923A9-979B-493F-B6CE-96350F7F3FA0}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\hell yeah\hellyeah.exe |
    "{D99080CF-3EFF-44AD-A72A-A9F005F9210F}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\dark souls prepare to die edition\data\darksouls.exe |
    "{D9C2EC60-D5D5-4BAB-B38A-2CAEEEFAC6FC}" = protocol=6 | dir=in | app=c:\program files (x86)\aim\aim.exe |
    "{DB93D0F4-971A-4CB7-A5A4-3686D4878495}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\worms clan wars\wormsclanwars.exe |
    "{DBBA3F6C-E9AC-4F34-ABB5-ECD59AF2D0F4}" = dir=in | app=c:\program files (x86)\windows live\sync\windowslivesync.exe |
    "{DF434590-FACD-4EC2-A229-FBB5E1D737E1}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\the binding of isaac\isaac.exe |
    "{E007C3CC-2180-4EE0-A771-4D03B106D372}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\skullgirls beta\skullgirls.exe |
    "{E0671ED9-8647-4CBE-AC08-CBF8822CBD55}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\anodyne\anodyne.exe |
    "{E3A7AEA6-1F24-45F1-A441-3FA9CB665655}" = protocol=17 | dir=in | app=c:\programdata\battle.net\agent\agent.1267\agent.exe |
    "{E5AE3DE6-7AF2-4F7A-8042-AB3D4996638A}" = dir=in | app=c:\program files (x86)\common files\mcafee\mna\mcnasvc.exe |
    "{E648EF62-7076-4C59-9F24-2ACF4C9F8239}" = protocol=17 | dir=in | app=c:\program files (x86)\avg\avg10\avgmfapx.exe |
    "{E67F20D9-CAED-4541-96B5-435894F0F086}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\wormsrevolution\wormsrevolution.exe |
    "{E9DEA94D-B3DF-4104-ABBE-A3B319AD728E}" = protocol=6 | dir=in | app=c:\program files (x86)\avg\avg2014\avgemca.exe |
    "{EC308653-6B60-41D8-8BE5-61CC3462502E}" = dir=in | app=c:\program files\hp\hp photosmart 5520 series\bin\hpnetworkcommunicator.exe |
    "{ED41C55E-17F8-4B20-BE1F-E684D9A9AA5A}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\insanely twisted shadow planet\fcengine-gfwl.exe |
    "{EF753E7F-711D-4E26-B4D6-023E054C2848}" = dir=in | app=c:\program files (x86)\windows live\contacts\wlcomm.exe |
    "{EFA99128-FD54-4EFB-89C5-D244DAC8AF8D}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\ducktales remastered\executable\ducktales.exe |
    "{EFD79126-59F6-4C7F-A1E6-B0AEBCF21D3D}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\the binding of isaac\binding_of_isaac.exe |
    "{F23B35AB-2EC9-4A96-8612-4A62F053B653}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\machine for pigs\launcher.exe |
    "{F4C77377-CE2A-4599-8E01-633F5103C511}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\limbo\limbo.exe |
    "{F9CE3BBD-58B9-44BD-850F-52764C5225D0}" = protocol=17 | dir=in | app=c:\programdata\battle.net\agent\agent.1737\agent.exe |
    "{FB8CE46D-0D6E-4956-9BFF-D37647EEDDD2}" = protocol=17 | dir=in | app=c:\program files (x86)\yahoo!\messenger\yahoomessenger.exe |
    "TCP Query User{05CCFBAF-E311-492D-B17D-D6385B03996D}C:\users\azadeth\desktop\guild wars 2\gw2.exe" = protocol=6 | dir=in | app=c:\users\azadeth\desktop\guild wars 2\gw2.exe |
    "TCP Query User{0EC0B4FA-9ED0-46A3-8D4F-6C3E0D4C403C}C:\users\azadeth\appdata\local\digsby\app\lib\digsby-app.exe" = protocol=6 | dir=in | app=c:\users\azadeth\appdata\local\digsby\app\lib\digsby-app.exe |
    "TCP Query User{0FAA1132-35C2-4C56-9B31-05E766E99086}C:\users\public\sony online entertainment\installed games\dc universe online beta\unreal3\binaries\win32\dcgame.exe" = protocol=6 | dir=in | app=c:\users\public\sony online entertainment\installed games\dc universe online beta\unreal3\binaries\win32\dcgame.exe |
    "TCP Query User{12963936-A842-49F5-BA2B-74EF6F3B741A}C:\program files (x86)\starcraft ii\sc2-x.x.x.x-1.5.0.22342-enus-downloader.exe" = protocol=6 | dir=in | app=c:\program files (x86)\starcraft ii\sc2-x.x.x.x-1.5.0.22342-enus-downloader.exe |
    "TCP Query User{135A7943-8262-45AE-9FA5-F9BF96F726C0}C:\program files (x86)\funcom\age of conan\conanpatcher.exe" = protocol=6 | dir=in | app=c:\program files (x86)\funcom\age of conan\conanpatcher.exe |
    "TCP Query User{2761554D-2953-43F8-8B53-FFDE54EC935C}C:\program files (x86)\thq\dawn of war - soulstorm\soulstorm.exe" = protocol=6 | dir=in | app=c:\program files (x86)\thq\dawn of war - soulstorm\soulstorm.exe |
    "TCP Query User{41163E1F-DC3F-458E-9407-F35B15EA30D6}C:\program files (x86)\steam\steamapps\common\outlast\binaries\win64\olgame.exe" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\outlast\binaries\win64\olgame.exe |
    "TCP Query User{497B3EC1-B0DC-499E-844A-0CE86AB5CE44}C:\program files (x86)\kraven manor\binaries\win32\udk.exe" = protocol=6 | dir=in | app=c:\program files (x86)\kraven manor\binaries\win32\udk.exe |
    "TCP Query User{4D8488E3-66F3-4352-A222-21B68C0CB6E6}C:\users\azadeth\appdata\local\akamai\netsession_win.exe" = protocol=6 | dir=in | app=c:\users\azadeth\appdata\local\akamai\netsession_win.exe |
    "TCP Query User{5DE75886-B8CA-4C1C-BE21-804CCF66BBA0}C:\program files (x86)\guild wars 2\gw2.exe" = protocol=6 | dir=in | app=c:\program files (x86)\guild wars 2\gw2.exe |
    "TCP Query User{64928242-4C04-40AC-8549-F76B0B7A8433}C:\program files (x86)\funcom\age of conan\ageofconan.exe" = protocol=6 | dir=in | app=c:\program files (x86)\funcom\age of conan\ageofconan.exe |
    "TCP Query User{731644A1-EEEF-4746-8C73-68CBE79900A6}C:\users\azadeth\appdata\local\akamai\netsession_win.exe" = protocol=6 | dir=in | app=c:\users\azadeth\appdata\local\akamai\netsession_win.exe |
    "TCP Query User{7E0D8C35-74E5-4CBF-BEA2-077D3EB25D3F}C:\users\azadeth\desktop\gw2.exe" = protocol=6 | dir=in | app=c:\users\azadeth\desktop\gw2.exe |
    "TCP Query User{80F77E61-D8A8-4AD7-AB25-14B6FC761018}C:\users\azadeth\downloads\gw2.exe" = protocol=6 | dir=in | app=c:\users\azadeth\downloads\gw2.exe |
    "TCP Query User{818DEA79-33CD-47AD-8391-A797566376EC}C:\program files (x86)\electronic arts\bioware\star wars - the old republic\betatest\retailclient\swtor.exe" = protocol=6 | dir=in | app=c:\program files (x86)\electronic arts\bioware\star wars - the old republic\betatest\retailclient\swtor.exe |
    "TCP Query User{AF0A5299-4571-4503-A7CB-74AD151679EE}C:\users\public\games\cryptic studios\champions online\live\gameclient.exe" = protocol=6 | dir=in | app=c:\users\public\games\cryptic studios\champions online\live\gameclient.exe |
    "TCP Query User{B78CC906-0216-4123-B5DB-AEC5B765021E}C:\program files (x86)\steam\steamapps\common\dark souls prepare to die edition\data\data.exe" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\dark souls prepare to die edition\data\data.exe |
    "TCP Query User{BB03A00A-EB76-4CD5-BC94-970158C6A898}C:\users\public\sony online entertainment\installed games\dc universe online live\unreal3\binaries\win32\dcgame.exe" = protocol=6 | dir=in | app=c:\users\public\sony online entertainment\installed games\dc universe online live\unreal3\binaries\win32\dcgame.exe |
    "TCP Query User{DFB875FA-C7C2-45CF-BBDD-86EBDB32474A}C:\users\azadeth\downloads\championsonlinef2p.exe" = protocol=6 | dir=in | app=c:\users\azadeth\downloads\championsonlinef2p.exe |
    "TCP Query User{E003ADE2-0DC0-48DC-9F99-C573F4083BFF}C:\program files (x86)\emule\emule.exe" = protocol=6 | dir=in | app=c:\program files (x86)\emule\emule.exe |
    "TCP Query User{F3CF67C8-A3CF-4063-B2A7-9117E394AF5E}C:\users\azadeth\appdata\local\temp\gw2.exe" = protocol=6 | dir=in | app=c:\users\azadeth\appdata\local\temp\gw2.exe |
    "TCP Query User{F7326143-5AE6-48EB-A691-93D46C413FE1}C:\program files (x86)\steam\steamapps\pwen\team fortress 2\hl2.exe" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\pwen\team fortress 2\hl2.exe |
    "TCP Query User{FA9F5791-5C57-4383-9E2C-9A4710C7E02A}C:\program files (x86)\steam\steamapps\zaerdos\team fortress 2\hl2.exe" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\zaerdos\team fortress 2\hl2.exe |
    "TCP Query User{FD7BF682-9E35-49C3-A51B-82B043DBAC0F}C:\program files (x86)\origin games\alice madness returns(tm)\game\alice2\binaries\win32\alicemadnessreturns.exe" = protocol=6 | dir=in | app=c:\program files (x86)\origin games\alice madness returns(tm)\game\alice2\binaries\win32\alicemadnessreturns.exe |
    "TCP Query User{FE97BE24-3164-42FE-ADC2-92E2EA31BEF8}C:\program files (x86)\gazillion entertainment\marvel heroes game\unrealengine3\binaries\win32\marvelgame.exe" = protocol=6 | dir=in | app=c:\program files (x86)\gazillion entertainment\marvel heroes game\unrealengine3\binaries\win32\marvelgame.exe |
    "UDP Query User{020EDD89-A8B8-42DF-941D-C9CF21513E8B}C:\program files (x86)\guild wars 2\gw2.exe" = protocol=17 | dir=in | app=c:\program files (x86)\guild wars 2\gw2.exe |
    "UDP Query User{11B0EA2D-61D3-4862-B67D-19F4CCF6B5E7}C:\program files (x86)\steam\steamapps\zaerdos\team fortress 2\hl2.exe" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\zaerdos\team fortress 2\hl2.exe |
    "UDP Query User{141AD8D9-CCE0-4489-A0DC-5EFFA49D0053}C:\users\public\sony online entertainment\installed games\dc universe online beta\unreal3\binaries\win32\dcgame.exe" = protocol=17 | dir=in | app=c:\users\public\sony online entertainment\installed games\dc universe online beta\unreal3\binaries\win32\dcgame.exe |
    "UDP Query User{158275B6-2188-4103-AAF1-32380A4367E3}C:\users\azadeth\appdata\local\akamai\netsession_win.exe" = protocol=17 | dir=in | app=c:\users\azadeth\appdata\local\akamai\netsession_win.exe |
    "UDP Query User{22B1856C-1CF3-44EB-8D16-77EDB32DF040}C:\users\azadeth\appdata\local\digsby\app\lib\digsby-app.exe" = protocol=17 | dir=in | app=c:\users\azadeth\appdata\local\digsby\app\lib\digsby-app.exe |
    "UDP Query User{289462E9-60F0-40B6-9D1A-ED2CF4FF50DA}C:\program files (x86)\steam\steamapps\pwen\team fortress 2\hl2.exe" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\pwen\team fortress 2\hl2.exe |
    "UDP Query User{2B44C483-C84F-44CA-A5BB-816567AD0ED2}C:\program files (x86)\starcraft ii\sc2-x.x.x.x-1.5.0.22342-enus-downloader.exe" = protocol=17 | dir=in | app=c:\program files (x86)\starcraft ii\sc2-x.x.x.x-1.5.0.22342-enus-downloader.exe |
    "UDP Query User{300D8AAE-73C2-4F0E-9276-EEC46118CDEC}C:\users\public\sony online entertainment\installed games\dc universe online live\unreal3\binaries\win32\dcgame.exe" = protocol=17 | dir=in | app=c:\users\public\sony online entertainment\installed games\dc universe online live\unreal3\binaries\win32\dcgame.exe |
    "UDP Query User{306A0DCD-B1A3-4365-BBE6-6FF3924979B9}C:\program files (x86)\origin games\alice madness returns(tm)\game\alice2\binaries\win32\alicemadnessreturns.exe" = protocol=17 | dir=in | app=c:\program files (x86)\origin games\alice madness returns(tm)\game\alice2\binaries\win32\alicemadnessreturns.exe |
    "UDP Query User{356309F1-732F-43C8-9A00-47FF3490368C}C:\users\azadeth\desktop\guild wars 2\gw2.exe" = protocol=17 | dir=in | app=c:\users\azadeth\desktop\guild wars 2\gw2.exe |
    "UDP Query User{36FFCB44-6CDF-4C07-9556-EF44D1E8CC9C}C:\program files (x86)\steam\steamapps\common\dark souls prepare to die edition\data\data.exe" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\dark souls prepare to die edition\data\data.exe |
    "UDP Query User{37DAF0ED-273B-4D84-AB12-935EFA6731DB}C:\users\azadeth\appdata\local\temp\gw2.exe" = protocol=17 | dir=in | app=c:\users\azadeth\appdata\local\temp\gw2.exe |
    "UDP Query User{3BE08DB9-FD01-4A3F-B6B2-A27903B046E7}C:\program files (x86)\steam\steamapps\common\outlast\binaries\win64\olgame.exe" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\outlast\binaries\win64\olgame.exe |
    "UDP Query User{3F2F016F-9ADA-4CAF-9305-0747C8D59014}C:\program files (x86)\emule\emule.exe" = protocol=17 | dir=in | app=c:\program files (x86)\emule\emule.exe |
    "UDP Query User{4D2B06E8-193A-4E01-87C4-129D5275F196}C:\program files (x86)\kraven manor\binaries\win32\udk.exe" = protocol=17 | dir=in | app=c:\program files (x86)\kraven manor\binaries\win32\udk.exe |
    "UDP Query User{5523F9DD-83B2-4DCF-967A-FD530E92D530}C:\program files (x86)\electronic arts\bioware\star wars - the old republic\betatest\retailclient\swtor.exe" = protocol=17 | dir=in | app=c:\program files (x86)\electronic arts\bioware\star wars - the old republic\betatest\retailclient\swtor.exe |
    "UDP Query User{7CC73E96-137D-430C-BB02-FB235E4BE089}C:\users\azadeth\downloads\championsonlinef2p.exe" = protocol=17 | dir=in | app=c:\users\azadeth\downloads\championsonlinef2p.exe |
    "UDP Query User{7EFD6BFE-3490-40DC-B0A2-912AB10CF433}C:\users\azadeth\desktop\gw2.exe" = protocol=17 | dir=in | app=c:\users\azadeth\desktop\gw2.exe |
    "UDP Query User{83553571-37C7-4CAD-94DB-ABDF965E7F75}C:\program files (x86)\funcom\age of conan\ageofconan.exe" = protocol=17 | dir=in | app=c:\program files (x86)\funcom\age of conan\ageofconan.exe |
    "UDP Query User{83A61C2B-83CC-4CC9-8684-FA15F880926F}C:\program files (x86)\thq\dawn of war - soulstorm\soulstorm.exe" = protocol=17 | dir=in | app=c:\program files (x86)\thq\dawn of war - soulstorm\soulstorm.exe |
    "UDP Query User{91ECC169-8339-4A9E-ACCA-F7B05D04717B}C:\program files (x86)\funcom\age of conan\conanpatcher.exe" = protocol=17 | dir=in | app=c:\program files (x86)\funcom\age of conan\conanpatcher.exe |
    "UDP Query User{C43D5448-DADF-4165-8086-00D732ED5953}C:\users\azadeth\appdata\local\akamai\netsession_win.exe" = protocol=17 | dir=in | app=c:\users\azadeth\appdata\local\akamai\netsession_win.exe |
    "UDP Query User{E9EEB38E-012F-4DC6-9498-97D76187F996}C:\program files (x86)\gazillion entertainment\marvel heroes game\unrealengine3\binaries\win32\marvelgame.exe" = protocol=17 | dir=in | app=c:\program files (x86)\gazillion entertainment\marvel heroes game\unrealengine3\binaries\win32\marvelgame.exe |
    "UDP Query User{EAA12941-C4AC-494E-A4D7-5BD4EFF758D8}C:\users\azadeth\downloads\gw2.exe" = protocol=17 | dir=in | app=c:\users\azadeth\downloads\gw2.exe |
    "UDP Query User{F640B7F9-164A-4402-8DB4-CB8EE5A59B71}C:\users\public\games\cryptic studios\champions online\live\gameclient.exe" = protocol=17 | dir=in | app=c:\users\public\games\cryptic studios\champions online\live\gameclient.exe |

    ========== HKEY_LOCAL_MACHINE Uninstall List ==========

    64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
    "{02AD9D20-03D2-4DE0-8793-E8253026AD86}" = EMCGadgets64
    "{138A4072-9E64-46BD-B5F9-DB2BB395391F}" = LWS VideoEffects
    "{1B8ABA62-74F0-47ED-B18C-A43128E591B8}" = Windows Live ID Sign-in Assistant
    "{1D8E6291-B0D5-35EC-8441-6616F567A0F7}" = Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219
    "{1E9FC118-651D-4934-97BE-E53CAE5C7D45}" = Microsoft_VC80_MFCLOC_x86_x64
    "{21B133D6-5979-47F0-BE1C-F6A6B304693F}" = Visual Studio 2010 x64 Redistributables
    "{26A24AE4-039D-4CA4-87B4-2F86416017FF}" = Java(TM) 6 Update 17 (64-bit)
    "{3D3E663D-4E7E-4577-A560-7ECDDD45548A}" = PVSonyDll
    "{4569AD91-47F4-4D9E-8FC9-717EC32D7AE1}" = Microsoft_VC80_CRT_x86_x64
    "{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148
    "{5EB6F3CB-46F4-451F-A028-7F6D8D35D7D0}" = Windows Live Language Selector
    "{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161
    "{60B2315F-680F-4EB3-B8DD-CCDC86A7CCAB}" = Roxio File Backup
    "{68C0736C-3E47-43A6-B14D-236BEF198A5F}" = HP Photosmart 5520 series Basic Device Software
    "{7852365E-0AD2-CE95-B463-8C6B87DE614C}" = ccc-utility64
    "{8220EEFE-38CD-377E-8595-13398D740ACE}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17
    "{8338783A-0968-3B85-AFC7-BAAE0A63DC50}" = Microsoft Visual C++ 2008 Redistributable - KB2467174 - x64 9.0.30729.5570
    "{8557397C-A42D-486F-97B3-A2CBC2372593}" = Microsoft_VC90_ATL_x86_x64
    "{8C775E70-A791-4DA8-BCC3-6AB7136F4484}" = Visual Studio 2012 x64 Redistributables
    "{8E34682C-8118-31F1-BC4C-98CD9675E1C2}" = Microsoft .NET Framework 4 Extended
    "{8EBA8727-ADC2-477B-9D9A-1A1836BE4E05}" = Dell Edoc Viewer
    "{90120000-002A-0000-1000-0000000FF1CE}" = Microsoft Office Office 64-bit Components 2007
    "{90120000-002A-0409-1000-0000000FF1CE}" = Microsoft Office Shared 64-bit MUI (English) 2007
    "{90120000-0116-0409-1000-0000000FF1CE}" = Microsoft Office Shared 64-bit Setup Metadata MUI (English) 2007
    "{925D058B-564A-443A-B4B2-7E90C6432E55}" = Microsoft_VC80_ATL_x86_x64
    "{92A3CA0D-55CD-4C5D-BA95-5C2600C20F26}" = Microsoft_VC90_CRT_x86_x64
    "{95120000-00B9-0409-1000-0000000FF1CE}" = Microsoft Application Error Reporting
    "{A472B9E4-0AFF-4F7B-B25D-F64F8E928AAB}" = Microsoft_VC90_MFC_x86_x64
    "{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision" = NVIDIA 3D Vision Driver 331.58
    "{B2FE1952-0186-46c3-BAEC-A80AA35AC5B8}_Display.ControlPanel" = NVIDIA Control Panel 331.58
    "{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver" = NVIDIA Graphics Driver 331.58
    "{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience" = NVIDIA GeForce Experience 1.6.1
    "{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB" = NVIDIA 3D Vision Controller Driver 331.58
    "{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX" = NVIDIA PhysX System Software 9.13.0725
    "{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update" = NVIDIA Update 8.3.14
    "{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_GFExperience.NvStreamC" = GeForce Experience NvStream Client Components
    "{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_GFExperience.NvStreamSrv" = SHIELD Streaming
    "{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver" = NVIDIA HD Audio Driver 1.3.26.4
    "{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_installer" = NVIDIA Install Application
    "{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NVIDIA.Update" = NVIDIA Update Components
    "{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_VirtualAudio.Driver" = NVIDIA Virtual Audio 1.2.5
    "{BD198331-FF8A-4DEB-9F30-A0AC56625A3B}" = Microsoft LifeChat
    "{BF9FD124-1112-4C8D-8F79-779A11C6287D}" = Logitech GamePanel Software 3.05.151
    "{C73A3942-84C8-4597-9F9B-EE227DCBA758}" = Dell Dock
    "{C8C1BAD5-54E6-4146-AD07-3A8AD36569C3}" = Microsoft_VC80_MFC_x86_x64
    "{D9C50188-12D5-4D3E-8F00-682346C2AA5F}" = Microsoft Xbox 360 Accessories 1.2
    "{DA54F80E-261C-41A2-A855-549A144F2F59}" = Windows Live MIME IFilter
    "{DB9C43F7-0B0F-4E43-9E6B-F945C71C469E}" = VD64Inst
    "{DCC176F0-3CE3-4DA9-8FF9-3809C1B48C47}" = HP Photosmart 5520 series Product Improvement Study
    "{DF1A8490-3CD2-4878-92BE-F746D7CCACC1}" = AVG 2014
    "{E0776C6D-B8A2-45AA-962A-9B0FFEFEAD14}" = AVG 2014
    "{E60B7350-EA5F-41E0-9D6F-E508781E36D2}" = Dell Dock
    "{EE936C7A-EA40-31D5-9B65-8E3E089C3828}" = Microsoft Visual C++ 2008 ATL Update kb973924 - x64 9.0.30729.4148
    "{F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}" = Microsoft .NET Framework 4 Client Profile
    "AVG" = AVG 2014
    "CCleaner" = CCleaner
    "Dell V310-V510 Series" = Dell V310-V510 Series
    "KLiteCodecPack64_is1" = K-Lite Codec Pack (64-bit) v3.4.0
    "Logitech Gaming Software" = Logitech Gaming Software 8.30
    "Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
    "Microsoft .NET Framework 4 Extended" = Microsoft .NET Framework 4 Extended
    "PC-Doctor for Windows" = My Dell
    "UDK-435a2cc4-b214-4648-9985-411c1be11a47" = Unreal Development Kit: 2012-10
    "UDK-adef5962-9340-4229-9192-3b5bc31c8873" = My Game Long Name
    "WinRAR archiver" = WinRAR archiver

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
    "{002D9D5E-29BA-3E6D-9BC4-3D7D6DBC735C}" = Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148
    "{010A785B-F920-4350-821B-6309909C20BB}" = THX TruStudio PC
    "{02627ee5-eaca-4742-a9cc-e687631773e4}" = Nero ShowTime
    "{033E378E-6AD3-4AD5-BDEB-CBD69B31046C}" = Microsoft_VC90_ATL_x86
    "{035DB669-4995-8447-0229-D8BEC6B8605F}" = Catalyst Control Center Graphics Full Existing
    "{048298C9-A4D3-490B-9FF9-AB023A9238F3}" = Steam
    "{055EE59D-217B-43A7-ABFF-507B966405D8}" = ATI Catalyst Control Center
    "{08610298-29AE-445B-B37D-EFBE05802967}" = LWS Pictures And Video
    "{086a7d8c-0a38-4c7f-819a-620275550d5c}" = Nero Burning ROM Help
    "{08D2E121-7F6A-43EB-97FD-629B44903403}" = Microsoft_VC90_CRT_x86
    "{08E81ABD-79F7-49C2-881F-FD6CB0975693}" = Roxio Central Data
    "{098122AB-C605-4853-B441-C0A4EB359B75}" = DirectXInstallService
    "{09B71986-2AC5-482d-B6CB-42EA34F4F85B}" = Dell Toolbar
    "{0B0F231F-CE6A-483D-AA23-77B364F75917}" = Windows Live Installer
    "{0B97F19A-BD2B-A127-8474-E2575F92F21A}" = Catalyst Control Center Core Implementation
    "{0d38d59f-411d-45fc-894e-000aa23a5acf}" = Nero 9
    "{0F3647F8-E51D-4FCC-8862-9A8D0C5ACF25}" = Microsoft_VC80_ATL_x86
    "{13766F76-6C8C-4E57-A9F3-3212D1C6E0D1}" = Dell DataSafe Online
    "{15634701-BACE-4449-8B25-1567DA8C9FD3}" = CameraHelperMsi
    "{15FEDA5F-141C-4127-8D7E-B962D1742728}" = Adobe Photoshop CS5
    "{1651216E-E7AD-4250-92A1-FB8ED61391C9}" = LWS Help_main
    "{174A3B31-4C43-43DD-866F-73C9DB887B48}" = LWS Twitter
    "{19BA08F7-C728-469C-8A35-BFBD3633BE08}" = Windows Live Movie Maker
    "{19BFDA5D-1FE2-4F25-97F9-1A79DD04EE20}" = Microsoft XNA Framework Redistributable 3.1
    "{1c00c7c5-e615-4139-b817-7f4003de68c0}" = Nero PhotoSnap Help
    "{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
    "{1F54DAFA-9261-4A62-B59D-6C9F26B48FE4}" = Roxio Central Tools
    "{1F6AB0E7-8CDD-4B93-8A23-AA9EB2FEFCE4}" = Junk Mail filter update
    "{1FA19623-23AA-E663-EF18-1545DB0B7CBC}" = CCC Help Russian
    "{200FEC62-3C34-4D60-9CE8-EC372E01C08F}" = Windows Live SOXE Definitions
    "{20400dbd-e6db-45b8-9b6b-1dd7033818ec}" = Nero InfoTool
    "{20533183-D42D-4261-A125-956736FBEA8C}" = Dawn of War - Soulstorm
    "{21DF0294-6B9D-4741-AB6F-B2ABFBD2387E}" = LWS YouTube Plugin
    "{2348b586-c9ae-46ce-936c-a68e9426e214}" = Nero StartSmart Help
    "{26A24AE4-039D-4CA4-87B4-2F83216024F0}" = Java(TM) 6 Update 24
    "{26A24AE4-039D-4CA4-87B4-2F83217040FF}" = Java 7 Update 45
    "{2BFC7AA0-544C-4E3A-8796-67F3BE655BE9}" = Microsoft XNA Framework Redistributable 4.0
    "{2FDBBCEA-62DB-45F4-B6E5-0E1FB2A1F29D}" = Visual C++ 8.0 Runtime Setup Package (x64)
    "{30465B6C-B53F-49A1-9EBA-A3F187AD502E}" = Roxio Update Manager
    "{3336F667-9049-4D46-98B6-4C743EEBC5B1}" = Windows Live Photo Gallery
    "{33cf58f5-48d8-4575-83d6-96f574e4d83a}" = Nero DriveSpeed
    "{34B9B494-EF4A-4592-87A8-BE40D0442E86}" = Dawn of War - Soulstorm
    "{34F4D9A4-42C2-4348-BEF4-E553C84549E7}" = Windows Live Photo Gallery
    "{359cfc0a-beb1-440d-95ba-cf63a86da34f}" = Nero Recode
    "{368ba326-73ad-4351-84ed-3c0a7a52cc53}" = Nero Rescue Agent
    "{387A0757-FDA9-98A2-4E69-111F1BFA2A09}" = CCC Help Korean
    "{3C87E0FF-BC0A-4F5E-951B-68DC3F8DF017}" = Smite
    "{3C87E0FF-BC0A-4F5E-951B-68DC3F8DF1FC}" = Hi-Rez Studios Authenticate and Update Service
    "{3E29EE6C-963A-4aae-86C1-DC237C4A49FC}" = Intel(R) Rapid Storage Technology
    "{3EE9BCAE-E9A9-45E5-9B1C-83A4D357E05C}" = erLT
    "{415FA9AD-DA10-4ABE-97B6-5051D4795C90}" = HP FWUpdateEDO2
    "{4160D554-3CEA-9FBB-7298-6D729BF56062}" = ccc-core-static
    "{42929F0F-CE14-47AF-9FC7-FF297A603021}" = Dell Resource CD
    "{42D68A86-DB1C-4256-B8C9-5D0D92919AF5}" = Banctec Service Agreement
    "{43AC7CBC-1D6A-3B5B-81B1-A0C166FE48F4}" = Google Talk Plugin
    "{43e39830-1826-415d-8bae-86845787b54b}" = Nero Vision
    "{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
    "{4CB0307C-565E-4441-86BE-0DF2E4FB828C}" = Microsoft Games for Windows Marketplace
    "{4CBABDFD-49F8-47FD-BE7D-ECDE7270525A}" = Windows Live PIMT Platform
    "{4D4B649B-F843-4AD2-7566-3743AC1B68FE}" = Catalyst Control Center Graphics Light
    "{537BF16E-7412-448C-95D8-846E85A1D817}" = Roxio Easy CD and DVD Burning
    "{56C049BE-79E9-4502-BEA7-9754A3E60F9B}" = neroxml
    "{595a3116-40bb-4e0f-a2e8-d7951da56270}" = NeroExpress
    "{5A06423A-210C-49FB-950E-CB0EB8C5CEC7}" = Roxio BackOnTrack
    "{5A08E1F6-88CF-28A1-2D05-812E294FF054}" = CCC Help Chinese Traditional
    "{5AF4B3C4-C393-48D7-AC7E-8E7615579548}" = Adobe AIR
    "{5C47C8B6-77FF-4FC7-A388-66FCF9CFC24C}" = Snagit 9.1.3
    "{5d9be3c1-8ba4-4e7e-82fd-9f74fa6815d1}" = Nero Vision
    "{5e08ecd1-c98e-4711-bf65-8fd736b3f969}" = Nero RescueAgent Help
    "{60c731fb-c951-41ce-ad41-8e54c8594609}" = Nero Disc Copy Gadget Help
    "{612B5D2E-8084-4102-91DE-24281E4EFB2C}" = Roxio Easy CD and DVD Burning
    "{62ac81f6-bdd3-4110-9d36-3e9eaab40999}" = Nero CoverDesigner
    "{635FED5B-2C6D-49BE-87E6-7A6FCD22BC5A}" = Microsoft_VC90_MFC_x86
    "{6675CA7F-E51B-4F6A-99D4-F8F0124C6EAA}" = Roxio Express Labeler 3
    "{6811CAA0-BF12-11D4-9EA1-0050BAE317E1}" = PowerDVD DX
    "{682B3E4F-696A-42DE-A41C-4C07EA1678B4}" = Windows Live SOXE
    "{6A05FEDF-662E-46BF-8A25-010E3F1C9C69}" = Windows Live UX Platform Language Pack
    "{6F76EC3C-34B1-436E-97FB-48C58D7BEDCD}" = LWS Gallery
    "{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable
    "{7137E26A-10F7-4B1C-9980-0893579E92DA}" = HP Photosmart 5520 series Help
    "{71E66D3F-A009-44AB-8784-75E2819BA4BA}" = LWS Motion Detection
    "{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable
    "{73A4F29F-31AC-4EBD-AA1B-0CC5F18C8F83}" = Roxio Central Audio
    "{756BB892-E8AC-7766-07F0-13C14955DCE7}" = CCC Help German
    "{770657D0-A123-3C07-8E44-1C83EC895118}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
    "{7748ac8c-18e3-43bb-959b-088faea16fb2}" = Nero StartSmart
    "{77e33d87-255e-413e-9c8d-eed2a7f9bebf}" = Nero Live Help
    "{7829db6f-a066-4e40-8912-cb07887c20bb}" = Nero BurnRights
    "{789289CA-F73A-4A16-A331-54D498CE069F}" = Ventrilo Client
    "{7B5AA67E-FEA0-40BB-BAB5-CA56645A589C}" = NVIDIA PhysX
    "{7DB9F1E5-9ACB-410D-A7DC-7A3D023CE045}" = Dell Getting Started Guide
    "{7E5CFA33-2164-C305-6CA5-E4B377ABE544}" = Catalyst Control Center Graphics Previews Common
    "{80956555-A512-4190-9CAD-B000C36D6B6B}" = Windows Live Messenger
    "{82DBAB5B-01B5-0EF6-9370-2E3C450CECB9}" = CCC Help Turkish
    "{83202942-84b3-4c50-8622-b8c0aa2d2885}" = Nero Express Help
    "{832D9DE0-8AFC-4689-9819-4DBBDEBD3E4F}" = Microsoft Games for Windows - LIVE Redistributable
    "{83C8FA3C-F4EA-46C4-8392-D3CE353738D6}" = LWS Launcher
    "{846B5DED-DC8C-4E1A-B5B4-9F5B39A0CACE}" = HPDiagnosticAlert
    "{84EBDF39-4B33-49D7-A0BD-EB6E2C4E81C1}" = Windows Live Sync
    "{85243696-5e58-4357-9cf8-3498c609941d}" = NeroLiveGadget Help
    "{869200db-287a-4dc0-b02b-2b6787fbcd4c}" = Nero DiscSpeed
    "{86CE85E6-DBAC-3FFD-B977-E4B79F83C909}" = Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570
    "{8882797D-7EDF-5C64-74E4-EADD85CBF2A9}" = CCC Help Finnish
    "{8937D274-C281-42E4-8CDB-A0B2DF979189}" = LWS Webcam Software
    "{8D337F77-BE7F-41A2-A7CB-D5A63FD7049B}" = Sonic CinePlayer Decoder Pack
    "{8DD46C6A-0056-4FEC-B70A-28BB16A1F11F}" = MSVCRT
    "{8F99E711-CE74-4718-BE04-19D1A53A735C}" = Warhammer 40,000: Dawn Of War - Platinum Edition
    "{90120000-0016-0409-0000-0000000FF1CE}" = Microsoft Office Excel MUI (English) 2007
    "{90120000-0016-0409-0000-0000000FF1CE}_HOMESTUDENTR_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = Microsoft Office 2007 Service Pack 3 (SP3)
    "{90120000-0018-0409-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (English) 2007
    "{90120000-0018-0409-0000-0000000FF1CE}_HOMESTUDENTR_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = Microsoft Office 2007 Service Pack 3 (SP3)
    "{90120000-001B-0409-0000-0000000FF1CE}" = Microsoft Office Word MUI (English) 2007
    "{90120000-001B-0409-0000-0000000FF1CE}_HOMESTUDENTR_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = Microsoft Office 2007 Service Pack 3 (SP3)
    "{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007
    "{90120000-001F-0409-0000-0000000FF1CE}_HOMESTUDENTR_{1FF96026-A04A-4C3E-B50A-BB7022654D0F}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
    "{90120000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2007
    "{90120000-001F-040C-0000-0000000FF1CE}_HOMESTUDENTR_{71F055E8-E2C6-4214-BB3D-BFE03561B89E}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
    "{90120000-001F-0C0A-0000-0000000FF1CE}" = Microsoft Office Proof (Spanish) 2007
    "{90120000-001F-0C0A-0000-0000000FF1CE}_HOMESTUDENTR_{2314F9A1-126F-45CC-8A5E-DFAF866F3FBC}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
    "{90120000-002A-0000-1000-0000000FF1CE}_HOMESTUDENTR_{664655D8-B9BB-455D-8A58-7EAF7B0B2862}" = Microsoft Office 2007 Service Pack 3 (SP3)
    "{90120000-002A-0409-1000-0000000FF1CE}_HOMESTUDENTR_{98333358-268C-4164-B6D4-C96DF5153727}" = Microsoft Office 2007 Service Pack 3 (SP3)
    "{90120000-002C-0409-0000-0000000FF1CE}" = Microsoft Office Proofing (English) 2007
    "{90120000-006E-0409-0000-0000000FF1CE}" = Microsoft Office Shared MUI (English) 2007
    "{90120000-006E-0409-0000-0000000FF1CE}_HOMESTUDENTR_{98333358-268C-4164-B6D4-C96DF5153727}" = Microsoft Office 2007 Service Pack 3 (SP3)
    "{90120000-00A1-0409-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (English) 2007
    "{90120000-00A1-0409-0000-0000000FF1CE}_HOMESTUDENTR_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = Microsoft Office 2007 Service Pack 3 (SP3)
    "{90120000-0115-0409-0000-0000000FF1CE}" = Microsoft Office Shared Setup Metadata MUI (English) 2007
    "{90120000-0115-0409-0000-0000000FF1CE}_HOMESTUDENTR_{98333358-268C-4164-B6D4-C96DF5153727}" = Microsoft Office 2007 Service Pack 3 (SP3)
    "{90120000-0116-0409-1000-0000000FF1CE}_HOMESTUDENTR_{98333358-268C-4164-B6D4-C96DF5153727}" = Microsoft Office 2007 Service Pack 3 (SP3)
    "{90140000-2005-0000-0000-0000000FF1CE}" = Microsoft Office File Validation Add-In
    "{90CFD60A-EE42-EAA1-1F5A-153BD0053DE5}" = Catalyst Control Center Localization All
    "{91120000-002F-0000-0000-0000000FF1CE}" = Microsoft Office Home and Student 2007
    "{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}" = Microsoft Office 2007 Service Pack 3 (SP3)
    "{92716A0F-B4FB-5887-DD37-3EA12247CE5A}" = Skins
    "{92D58719-BBC1-4CC3-A08B-56C9E884CC2C}" = Microsoft_VC80_CRT_x86
    "{92EA4134-10D1-418A-91E1-5A0453131A38}" = Windows Live Movie Maker
    "{93A3AB24-36E8-41BA-80C6-CCEC237836DC}" = Alice Madness Returns
    "{97486FBE-A3FC-4783-8D55-EA37E9D171CC}" = HP Update
    "{980A182F-E0A2-4A40-94C1-AE0C1235902E}" = Pando Media Booster
    "{98a67610-a3b5-4098-a423-3708040026d3}" = "Nero SoundTrax Help
    "{98EFF19A-30AB-4E4B-B943-F06B1C63EBF8}" = Visual Studio 2012 x86 Redistributables
    "{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
    "{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
    "{9CAC1871-5230-D932-94D1-0F8E0A9C097A}" = CCC Help French
    "{9CE5E0C8-727D-FC08-DABB-E6887AE9847E}" = Catalyst Control Center Graphics Previews Vista
    "{9D56775A-93F3-44A3-8092-840E3826DE30}" = Windows Live Mail
    "{9DAEA76B-E50F-4272-A595-0124E826553D}" = LWS WLM Plugin
    "{9DE1A644-9BC4-2789-6A3D-C4D90D7D3B63}" = CCC Help Greek
    "{9e82b934-9a25-445b-b8df-8012808074ac}" = Nero PhotoSnap
    "{9e9fdde6-2c26-492a-85a0-05646b3f2795}" = NeroLiveGadget
    "{9F0A32A5-4EBF-4B9D-A3CD-31579F2E1400}" = Multimedia Card Reader
    "{A127C3C0-055E-38CF-B38F-1E85F8BBBFFE}" = Adobe Community Help
    "{a209525b-3377-43f4-b886-32f6b6e7356f}" = Nero WaveEditor
    "{A20D0B3F-DBA9-A81F-ECF3-E1FEC6AB8867}" = CCC Help Swedish
    "{A5C0322B-32DF-76A5-5634-C936031C3B8B}" = CCC Help Italian
    "{A69D7B32-2BE9-42BF-B576-69B5E0FF7394}" = Catalyst Control Center - Branding
    "{A726AE06-AAA3-43D1-87E3-70F510314F04}" = Windows Live Writer
    "{A78FE97A-C0C8-49CE-89D0-EDD524A17392}" = PDF Settings CS5
    "{A83279FD-CA4B-4206-9535-90974DE76654}" = Apple Application Support
    "{A8F2089B-1F79-4BF6-B385-A2C2B0B9A74D}" = ImagXpress
    "{A9BDCA6B-3653-467B-AC83-94367DA3BFE3}" = Windows Live Photo Common
    "{AAAFC670-569B-4A2F-82B4-42945E0DE3EF}" = Windows Live Writer
    "{AAF454FC-82CA-4F29-AB31-6A109485E76E}" = Windows Live Writer
    "{AC76BA86-7AD7-1033-7B44-AB0000000001}" = Adobe Reader XI (11.0.05)
    "{ACF60000-22B9-4CE9-98D6-2CCF359BAC07}" = ABBYY FineReader 6.0 Sprint
    "{AD457C8A-82AF-89D1-2C13-13E56104E4DE}" = CCC Help Chinese Standard
    "{ad6bc5cc-2ef0-49c4-b33d-cdc8b2c4dc80}" = Nero Recode Help
    "{b1adf008-e898-4fe2-8a1f-690d9a06acaf}" = DolbyFiles
    "{b2ec4a38-b545-4a00-8214-13fe0e915e6d}" = Advertising Center
    "{B4092C6D-E886-4CB2-BA68-FE5A88D31DE6}_is1" = Spybot - Search & Destroy
    "{B473EB20-05FF-B0ED-62DD-9F83F2345E41}" = CCC Help Polish
    "{B4E343DD-BAAB-4D59-AD9C-DEA0AFE09DF1}" = Mumble 1.2.3
    "{B6A26DE5-F2B5-4D58-9570-4FC760E00FCD}" = Roxio Central Copy
    "{b78120a0-cf84-4366-a393-4d0a59bc546c}" = Menu Templates - Starter Kit
    "{BB525063-D120-05E9-5E82-17A489FC3CAC}" = CCC Help Thai
    "{BC5696C6-DC7D-DD12-BE30-CD32F47FD9C2}" = CCC Help Czech
    "{bd5ca0da-71ad-43da-b19e-6eee0c9adc9a}" = Nero ControlCenter
    "{C069974D-EFEE-46BA-8523-1EF8E935F1BB}_is1" = Dear Esther version 1.5
    "{c5a7cb6c-e76d-408f-ba0e-85605420fe9d}" = SoundTrax
    "{C5FC35A9-8614-DDFA-5F41-2164E1A76E15}" = CCC Help Japanese
    "{C66824E4-CBB3-4851-BB3F-E8CFD6350923}" = Windows Live Mail
    "{C7F943DB-2E49-3ED3-DD0B-B1C858C52701}" = CCC Help Portuguese
    "{cc019e3f-59d2-4486-8d4b-878105b62a71}" = Nero DiscSpeed
    "{CD3F55BD-30B8-5426-4F60-528BF088C0C5}" = CCC Help Hungarian
    "{CE95A79E-E4FC-4FFF-8A75-29F04B942FF2}" = Windows Live UX Platform
    "{ce96f5a5-584d-4f8f-aa3e-9baed413db72}" = Nero CoverDesigner Help
    "{CF52DCD4-C3A5-2811-32A6-14869CD166D7}" = Catalyst Control Center Graphics Full New
    "{d025a639-b9c9-417d-8531-208859000af8}" = NeroBurningROM
    "{D0B44725-3666-492D-BEF6-587A14BD9BD9}" = MSVCRT_amd64
    "{D1A19B02-817E-4296-A45B-07853FD74D57}" = Microsoft_VC80_MFC_x86
    "{D34C2E60-185F-FACB-62F3-8747647B8971}" = Catalyst Control Center InstallProxy
    "{D40EB009-0499-459c-A8AF-C9C110766215}" = Logitech Webcam Software
    "{D436F577-1695-4D2F-8B44-AC76C99E0002}" = Windows Live Photo Common
    "{D45240D3-B6B3-4FF9-B243-54ECE3E10066}" = Windows Live Communications Platform
    "{D4B09D36-96AC-B96F-4CF9-47D5C2D5C232}" = CCC Help Dutch
    "{D69C8EDE-BBC5-436B-8E0E-C5A6D311CF4F}" = Microsoft XNA Framework Redistributable 4.0 Refresh
    "{D92BBB52-82FF-42ED-8A3C-4E062F944AB7}" = Microsoft_VC80_MFCLOC_x86
    "{d9dcf92e-72eb-412d-ac71-3b01276e5f8b}" = Nero ShowTime
    "{DB4DBD9A-90D5-1B2F-92AF-1F0A7C292AE7}" = CCC Help Spanish
    "{DDC8BDEE-DCAC-404D-8257-3E8D4B782467}" = Windows Live Writer Resources
    "{DE3A9DC5-9A5D-6485-9662-347162C7E4CA}" = Adobe Media Player
    "{df6a95f5-adc1-406a-bdc6-2aa7cc0182aa}" = Nero Live
    "{E09C4DB7-630C-4F06-A631-8EA7239923AF}" = D3DX10
    "{e498385e-1c51-459a-b45f-1721e37aa1a0}" = Movie Templates - Starter Kit
    "{E51BB4BB-2FB0-957B-1E4A-9D978CF0B801}" = CCC Help English
    "{E55C2590-CB96-E2A8-3B96-9A8E066230C2}" = CCC Help Danish
    "{e5c7d048-f9b4-4219-b323-8bdb01a2563d}" = Nero DriveSpeed
    "{e8631efb-6b9a-426c-b1ce-e7173ca26bf8}" = Nero WaveEditor Help
    "{e8a80433-302b-4ff1-815d-fcc8eac482ff}" = Nero Installer
    "{EB35B969-3B00-F282-7170-148D22FDF0A7}" = CCC Help Norwegian
    "{EB4DF488-AAEF-406F-A341-CB2AAA315B90}" = Windows Live Messenger
    "{EBFEEB3F-3E3B-4725-A4E0-376144CE4F76}" = Citrix XenApp Web Plugin
    "{EC877639-07AB-495C-BFD1-D63AF9140810}" = Roxio Activation Module
    "{ED439A64-F018-4DD4-8BA5-328D85AB09AB}" = Roxio Central Core

    TO BE CONTINUED...

  7. #17
    Junior Member
    Join Date
    Oct 2013
    Posts
    17

    Default

    "{EED027B7-0DB6-404B-8F45-6DFEE34A0441}" = LWS Video Mask Maker
    "{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}" = Microsoft SQL Server 2005 Compact Edition [ENU]
    "{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}" = Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219
    "{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
    "{f1861f30-3419-44db-b2a1-c274825698b3}" = Nero Disc Copy Gadget
    "{F333A33D-125C-32A2-8DCE-5C5D14231E27}" = Visual C++ 2008 x86 Runtime - (v9.0.30729)
    "{F333A33D-125C-32A2-8DCE-5C5D14231E27}.vc_x86runtime_30729_01" = Visual C++ 2008 x86 Runtime - v9.0.30729.01
    "{f4041dce-3fe1-4e18-8a9e-9de65231ee36}" = Nero ControlCenter
    "{F40BBEC7-C2A4-4A00-9B24-7A055A2C5262}" = Microsoft Office Live Add-in 1.5
    "{f6bdd7c5-89ed-4569-9318-469aa9732572}" = Nero BurnRights
    "{F8131A35-47FD-27AD-116D-0E79AF5DE5EE}" = Acrobat.com
    "{F8A9085D-4C7A-41a9-8A77-C8998A96C421}" = Intel(R) Control Center
    "{fbcdfd61-7dcf-4e71-9226-873ba0053139}" = Nero InfoTool
    "{FCDBEA60-79F0-4FAE-BBA8-55A26C609A49}" = Visual Studio 2008 x64 Redistributables
    "{FDB46DE7-9045-47BB-970A-3E4ED5369E03}" = EMC 10 Content
    "{FE044230-9CA5-43F7-9B58-5AC5A28A1F33}" = Windows Live Essentials
    "{FF167195-9EE4-46C0-8CD7-FBA3457E88AB}" = LWS Facebook
    "{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022
    "7-Zip" = 7-Zip 4.65
    "Adobe AIR" = Adobe AIR
    "Adobe Flash Player ActiveX" = Adobe Flash Player 11 ActiveX
    "Adobe Flash Player Plugin" = Adobe Flash Player 11 Plugin
    "Adobe Shockwave Player" = Adobe Shockwave Player 11.5
    "AIM_7" = AIM 7
    "Akamai" = Akamai NetSession Interface
    "chc.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1" = Adobe Community Help
    "com.adobe.amp.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1" = Adobe Media Player
    "com.adobe.mauby.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1" = Acrobat.com
    "Dell Dock" = Dell Dock
    "Digsby" = Digsby
    "FLV Player" = FLV Player 2.0 (build 25)
    "GoToAssist" = GoToAssist 8.0.0.514
    "Guild Wars" = Guild Wars
    "Guild Wars 2" = Guild Wars 2
    "HOMESTUDENTR" = Microsoft Office Home and Student 2007
    "HP Photo Creations" = HP Photo Creations
    "IECT3289663" = InternetHelper3.1 Toolbar for IE
    "IECT3316068" = SweetPacks A8 Toolbar for IE
    "InstallShield_{9F0A32A5-4EBF-4B9D-A3CD-31579F2E1400}" = Multimedia Card Reader
    "KLiteCodecPack_is1" = K-Lite Mega Codec Pack 6.3.0
    "Malwarebytes' Anti-Malware_is1" = Malwarebytes Anti-Malware version 1.75.0.1300
    "Mozilla Firefox 24.0 (x86 en-US)" = Mozilla Firefox 24.0 (x86 en-US)
    "MozillaMaintenanceService" = Mozilla Maintenance Service
    "NVIDIA StereoUSB Driver" = NVIDIA 3D Vision Controller Driver
    "NVIDIAStereo" = NVIDIA Stereoscopic 3D Driver
    "OpenAL" = OpenAL
    "Origin" = Origin
    "StarCraft II" = StarCraft II
    "Steam App 107600" = Waves
    "Steam App 108710" = Alan Wake
    "Steam App 113200" = The Binding Of Isaac
    "Steam App 200170" = Worms Revolution
    "Steam App 204630" = Retro City Rampage
    "Steam App 205230" = Hell Yeah!
    "Steam App 205730" = Insanely Twisted Shadow Planet
    "Steam App 208200" = DOOM 3: BFG Edition
    "Steam App 208610" = Skullgirls Beta
    "Steam App 211260" = They Bleed Pixels
    "Steam App 217690" = Anna - Extended Edition
    "Steam App 219890" = Antichamber
    "Steam App 22120" = Penumbra: Black Plague
    "Steam App 22140" = Penumbra: Requiem
    "Steam App 227200" = Waking Mars
    "Steam App 230050" = DLC Quest
    "Steam App 233840" = Worms Clan Wars
    "Steam App 234900" = Anodyne
    "Steam App 237630" = DuckTales Remastered
    "Steam App 238320" = Outlast
    "Steam App 239200" = Amnesia: A Machine for Pigs
    "Steam App 239800" = Bleed
    "Steam App 24420" = Aquaria
    "Steam App 33680" = Eversion
    "Steam App 34270" = SEGA Genesis & Mega Drive Classics
    "Steam App 35460" = The Ball
    "Steam App 440" = Team Fortress 2
    "Steam App 48000" = LIMBO
    "Steam App 4920" = Natural Selection 2
    "Steam App 57300" = Amnesia: The Dark Descent
    "Steam App 7670" = BioShock
    "Steam App 8870" = BioShock Infinite
    "SystemRequirementsLab" = System Requirements Lab
    "VLC media player" = VLC media player 2.0.3
    "Warcraft III" = Warcraft III
    "Winamp" = Winamp
    "WinLiveSuite" = Windows Live Essentials
    "Yahoo! Messenger" = Yahoo! Messenger
    "Yahoo! Software Update" = Yahoo! Software Update
    "YTdetect" = Yahoo! Detect

    ========== HKEY_USERS Uninstall List ==========

    [HKEY_USERS\S-1-5-21-902427904-586344934-1443075455-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
    "Akamai" = Akamai NetSession Interface
    "Google Chrome" = Google Chrome
    "Search Protection" = Search Protection
    "TidyNetwork" = TidyNetwork
    "UnityWebPlayer" = Unity Web Player
    "Warcraft III" = Warcraft III: All Products
    "Winamp Detect" = Winamp Detector Plug-in
    "Word Layers" = Word Layers
    "Yume Nikki 0.10 English v3" = Yume Nikki 0.10 English v3

    ========== Last 20 Event Log Errors ==========

    [ OSession Events ]
    Error - 3/8/2011 11:50:04 PM | Computer Name = azadeth-PC | Source = Microsoft Office 12 Sessions | ID = 7001
    Description = ID: 0, Application Name: Microsoft Office Word, Application Version:
    12.0.6545.5000, Microsoft Office Version: 12.0.6425.1000. This session lasted 5
    seconds with 0 seconds of active time. This session ended with a crash.

    Error - 3/22/2011 10:10:02 PM | Computer Name = azadeth-PC | Source = Microsoft Office 12 Sessions | ID = 7001
    Description = ID: 0, Application Name: Microsoft Office Word, Application Version:
    12.0.6545.5000, Microsoft Office Version: 12.0.6425.1000. This session lasted 2
    seconds with 0 seconds of active time. This session ended with a crash.

    [ System Events ]
    Error - 10/27/2013 1:54:28 PM | Computer Name = azadeth-PC | Source = Service Control Manager | ID = 7009
    Description = A timeout was reached (30000 milliseconds) while waiting for the dleaCATSCustConnectService
    service to connect.

    Error - 10/27/2013 1:54:28 PM | Computer Name = azadeth-PC | Source = Service Control Manager | ID = 7000
    Description = The dleaCATSCustConnectService service failed to start due to the
    following error: %%1053


    < End of report >

  8. #18
    Emeritus-Security Expert
    Join Date
    Nov 2005
    Location
    Florida's SpaceCoast
    Posts
    15,208

    Default

    Did you install this proxy
    "ProxyOverride" = 127.0.0.1:9421;<local>


    Where going to make changes to your Windows Registry, run this program, there is no log, its just going to back it up and in case of a problem we can restore from the backup

    Backup the Registry:

    Modifying the Registry can create unforeseen problems, so it always wise to create a backup before doing so.

    • Please download the installer for Registry Backup from here or here and save to your desktop.
    • Right-click on tweaking.com_registry_backup_setup.exe and select Run as Administrator >> Follow the prompts for a default installation
    • Ensure the option Open "Tweaking.com - Registry Backup" When Install Completes is selected >> Next > >> Finish
    • Once the GUI(graphical user interface) has appeared/loaded:-



    • Click on Backup Now >> once the process is complete the below will be displayed in the GUI:-



    • Close Tweaking.com - Registry Backup

    Note: There will now be a folder at the root of the Hard-Drive named C:\RegBackup, do not delete this as it is the actual backup just created.

    A tutorial for Registry Backup explaining the various features be viewed here.[/QUOTE]





    Open OTL.exe
    • Copy/paste the following text written inside of the code box into the Custom Scans/Fixes box located at the bottom of OTL

      Code:
      :OTL
      O4 - HKU\S-1-5-21-902427904-586344934-1443075455-1001..\Run: [BackgroundContainer] "C:\Windows\SysWOW64\Rundll32.exe" "C:\Users\azadeth\AppData\Local\Conduit\BackgroundContainer\BackgroundContainer.dll",DllRun File not found
      
      
      
      
      
      :Services
      
      :Reg
      [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
      "BackgroundContainer""=""
      
      :Files
      ipconfig /flushdns /c
      
      
      :Commands
      [purity]
      [resethosts]
      [emptytemp]
      [start explorer]
      [Reboot]
    • Then click the Run Fix button at the top. <--Not run Scan
    • Let the program run unhindered, reboot when it is done
    • Then post the results of the log it produces
    Microsoft MVP Consumer Security 2007-2008-2009-2010-2011-2012-2013-2014

    ERROR MESSAGE 386
    No KeyBoard Detected
    Press F1 To Continue

    Just a reminder that threads will be closed if no reply in 3 days.

  9. #19
    Junior Member
    Join Date
    Oct 2013
    Posts
    17

    Default

    All processes killed
    ========== OTL ==========
    Registry value HKEY_USERS\S-1-5-21-902427904-586344934-1443075455-1001\Software\Microsoft\Windows\CurrentVersion\Run\\BackgroundContainer deleted successfully.
    ========== SERVICES/DRIVERS ==========
    ========== REGISTRY ==========
    HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run\\"BackgroundContainer""|"" /E : value set successfully!
    ========== FILES ==========
    < ipconfig /flushdns /c >
    Windows IP Configuration
    Successfully flushed the DNS Resolver Cache.
    C:\Users\azadeth\Desktop\cmd.bat deleted successfully.
    C:\Users\azadeth\Desktop\cmd.txt deleted successfully.
    ========== COMMANDS ==========
    C:\Windows\System32\drivers\etc\Hosts moved successfully.
    HOSTS file reset successfully

    [EMPTYTEMP]

    User: All Users

    User: azadeth
    ->Temp folder emptied: 116344810 bytes
    ->Temporary Internet Files folder emptied: 103585714 bytes
    ->Java cache emptied: 19813033 bytes
    ->FireFox cache emptied: 194682780 bytes
    ->Google Chrome cache emptied: 389489470 bytes
    ->Flash cache emptied: 63866 bytes

    User: Default
    ->Temp folder emptied: 0 bytes
    ->Temporary Internet Files folder emptied: 33170 bytes
    ->Flash cache emptied: 57616 bytes

    User: Default User
    ->Temp folder emptied: 0 bytes
    ->Temporary Internet Files folder emptied: 0 bytes
    ->Flash cache emptied: 0 bytes

    User: Public

    User: UpdatusUser
    ->Temp folder emptied: 0 bytes
    ->Temporary Internet Files folder emptied: 33170 bytes
    ->Flash cache emptied: 56466 bytes

    %systemdrive% .tmp files removed: 0 bytes
    %systemroot% .tmp files removed: 200704 bytes
    %systemroot%\System32 .tmp files removed: 0 bytes
    %systemroot%\System32 (64bit) .tmp files removed: 0 bytes
    %systemroot%\System32\drivers .tmp files removed: 0 bytes
    Windows Temp folder emptied: 5683044 bytes
    %systemroot%\sysnative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files folder emptied: 67691 bytes
    RecycleBin emptied: 0 bytes

    Total Files Cleaned = 792.00 mb


    OTL by OldTimer - Version 3.2.69.0 log created on 10272013_170145

    Files\Folders moved on Reboot...
    C:\Users\azadeth\AppData\Local\Temp\FXSAPIDebugLogFile.txt moved successfully.
    File move failed. C:\Users\azadeth\AppData\Local\Microsoft\Windows\Temporary Internet Files\counters.dat scheduled to be moved on reboot.

    PendingFileRenameOperations files...

    Registry entries deleted on Reboot...

  10. #20
    Emeritus-Security Expert
    Join Date
    Nov 2005
    Location
    Florida's SpaceCoast
    Posts
    15,208

    Default

    error message go away ???
    Microsoft MVP Consumer Security 2007-2008-2009-2010-2011-2012-2013-2014

    ERROR MESSAGE 386
    No KeyBoard Detected
    Press F1 To Continue

    Just a reminder that threads will be closed if no reply in 3 days.

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •