Jump to content

bostonianm

Members
  • Posts

    17
  • Joined

  • Last visited

Reputation

0 Neutral
  1. Im running the eset scanner now and will update Reader and remove java and the other programs. And yes I still believe it is resolved, I have not been redirected at all. Thank you so much for you help.
  2. I only did the malware bytes scan and was interrupted in it irl so I didnt get the log, but I have not been having the problem for a while. I have been clicking the links that would usually redirect me and it no longer does. Thank you very much!
  3. oh mb i was confused, I am running it now for the first time
  4. Ok I hid the files. I did run Malwareytes anti-malware, but I will do it again, as well as the eset scanner
  5. Ok I deleted superb app They were empty folders they were like old copies of folders i use, so lets say I have my programs files folder there would be another one that contained nothing at all inside, thats all I deleted.
  6. mbar log Malwarebytes Anti-Rootkit BETA 1.07.0.1009www.malwarebytes.org Database version: v2014.04.19.11 Windows 7 Service Pack 1 x64 NTFSInternet Explorer 11.0.9600.16521Austin :: AUSTIN-PC [administrator] 4/19/2014 3:34:24 PMmbar-log-2014-04-19 (15-34-24).txt Scan type: Quick scanScan options enabled: Anti-Rootkit | Drivers | MBR | Physical Sectors | Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/ShurikenScan options disabled: Objects scanned: 313090Time elapsed: 51 minute(s), 8 second(s) Memory Processes Detected: 0(No malicious items detected) Memory Modules Detected: 0(No malicious items detected) Registry Keys Detected: 0(No malicious items detected) Registry Values Detected: 0(No malicious items detected) Registry Data Items Detected: 0(No malicious items detected) Folders Detected: 0(No malicious items detected) Files Detected: 1C:\Program Files (x86)\SN.Booster (Trojan.SProtector) -> Delete on reboot. Physical Sectors Detected: 0(No malicious items detected) (end)
  7. system-log.txt ---------------------------------------Malwarebytes Anti-Rootkit BETA 1.07.0.1009 © Malwarebytes Corporation 2011-2012 OS version: 6.1.7601 Windows 7 Service Pack 1 x64 Account is Administrative Internet Explorer version: 11.0.9600.16521 File system is: NTFSDisk drives: C:\ DRIVE_FIXED, D:\ DRIVE_FIXEDCPU speed: 2.494000 GHzMemory total: 6207631360, free: 3988893696 ---------------------------------------Malwarebytes Anti-Rootkit BETA 1.07.0.1009 © Malwarebytes Corporation 2011-2012 OS version: 6.1.7601 Windows 7 Service Pack 1 x64 Account is Administrative Internet Explorer version: 11.0.9600.16521 File system is: NTFSDisk drives: C:\ DRIVE_FIXED, D:\ DRIVE_FIXEDCPU speed: 2.494000 GHzMemory total: 6207631360, free: 4005502976 Downloaded database version: v2014.04.19.11Downloaded database version: v2014.03.27.01=======================================Initializing...------------ Kernel report ------------ 04/19/2014 15:34:20------------ Loaded modules -----------\SystemRoot\system32\ntoskrnl.exe\SystemRoot\system32\hal.dll\SystemRoot\system32\kdcom.dll\SystemRoot\system32\mcupdate_GenuineIntel.dll\SystemRoot\system32\PSHED.dll\SystemRoot\system32\CLFS.SYS\SystemRoot\system32\CI.dll\SystemRoot\system32\drivers\Wdf01000.sys\SystemRoot\system32\drivers\WDFLDR.SYS\SystemRoot\system32\drivers\ACPI.sys\SystemRoot\system32\drivers\WMILIB.SYS\SystemRoot\system32\drivers\msisadrv.sys\SystemRoot\system32\drivers\pci.sys\SystemRoot\system32\drivers\vdrvroot.sys\SystemRoot\System32\drivers\partmgr.sys\SystemRoot\system32\drivers\compbatt.sys\SystemRoot\system32\drivers\BATTC.SYS\SystemRoot\system32\drivers\volmgr.sys\SystemRoot\System32\drivers\volmgrx.sys\SystemRoot\system32\drivers\pciide.sys\SystemRoot\system32\drivers\PCIIDEX.SYS\SystemRoot\System32\drivers\mountmgr.sys\SystemRoot\system32\DRIVERS\iaStor.sys\SystemRoot\system32\drivers\atapi.sys\SystemRoot\system32\drivers\ataport.SYS\SystemRoot\system32\drivers\msahci.sys\SystemRoot\system32\drivers\amdxata.sys\SystemRoot\system32\drivers\fltmgr.sys\SystemRoot\system32\drivers\fileinfo.sys\SystemRoot\System32\Drivers\Ntfs.sys\SystemRoot\System32\Drivers\msrpc.sys\SystemRoot\System32\Drivers\ksecdd.sys\SystemRoot\System32\Drivers\cng.sys\SystemRoot\System32\drivers\pcw.sys\SystemRoot\System32\Drivers\Fs_Rec.sys\SystemRoot\system32\drivers\ndis.sys\SystemRoot\system32\drivers\NETIO.SYS\SystemRoot\System32\Drivers\ksecpkg.sys\SystemRoot\System32\drivers\tcpip.sys\SystemRoot\System32\drivers\fwpkclnt.sys\SystemRoot\system32\drivers\volsnap.sys\SystemRoot\System32\Drivers\spldr.sys\SystemRoot\System32\drivers\rdyboost.sys\SystemRoot\system32\DRIVERS\nvpciflt.sys\SystemRoot\System32\Drivers\mup.sys\SystemRoot\System32\drivers\hwpolicy.sys\SystemRoot\System32\DRIVERS\fvevol.sys\SystemRoot\system32\drivers\disk.sys\SystemRoot\system32\drivers\CLASSPNP.SYS\SystemRoot\system32\DRIVERS\cdrom.sys\SystemRoot\System32\Drivers\Null.SYS\SystemRoot\System32\Drivers\Beep.SYS\SystemRoot\System32\drivers\vga.sys\SystemRoot\System32\drivers\VIDEOPRT.SYS\SystemRoot\System32\drivers\watchdog.sys\SystemRoot\System32\DRIVERS\RDPCDD.sys\SystemRoot\system32\drivers\rdpencdd.sys\SystemRoot\system32\drivers\rdprefmp.sys\SystemRoot\System32\Drivers\Msfs.SYS\SystemRoot\System32\Drivers\Npfs.SYS\SystemRoot\system32\DRIVERS\tdx.sys\SystemRoot\system32\DRIVERS\TDI.SYS\SystemRoot\System32\DRIVERS\netbt.sys\SystemRoot\system32\drivers\afd.sys\SystemRoot\system32\DRIVERS\wfplwf.sys\SystemRoot\system32\DRIVERS\pacer.sys\SystemRoot\system32\DRIVERS\vwififlt.sys\SystemRoot\system32\DRIVERS\netbios.sys\SystemRoot\system32\DRIVERS\wanarp.sys\SystemRoot\system32\DRIVERS\termdd.sys\SystemRoot\system32\DRIVERS\rdbss.sys\SystemRoot\system32\drivers\nsiproxy.sys\SystemRoot\system32\DRIVERS\mssmbios.sys\SystemRoot\System32\drivers\discache.sys\SystemRoot\System32\Drivers\dfsc.sys\SystemRoot\system32\DRIVERS\blbdrive.sys\??\C:\Program Files (x86)\ASUS\ATK Package\ATK WMIACPI\atkwmiacpi64.sys\SystemRoot\system32\DRIVERS\tunnel.sys\SystemRoot\system32\DRIVERS\nvlddmkm.sys\SystemRoot\System32\drivers\dxgkrnl.sys\SystemRoot\System32\drivers\dxgmms1.sys\SystemRoot\system32\DRIVERS\igdkmd64.sys\SystemRoot\system32\DRIVERS\HECIx64.sys\SystemRoot\system32\drivers\usbehci.sys\SystemRoot\system32\drivers\USBPORT.SYS\SystemRoot\system32\DRIVERS\HDAudBus.sys\SystemRoot\system32\DRIVERS\NETwsw00.sys\SystemRoot\system32\DRIVERS\vwifibus.sys\SystemRoot\system32\DRIVERS\asmtxhci.sys\SystemRoot\system32\DRIVERS\L1C62x64.sys\SystemRoot\system32\DRIVERS\i8042prt.sys\SystemRoot\system32\DRIVERS\SynTP.sys\SystemRoot\system32\DRIVERS\USBD.SYS\SystemRoot\system32\DRIVERS\mouclass.sys\SystemRoot\system32\DRIVERS\kbfiltr.sys\SystemRoot\system32\DRIVERS\kbdclass.sys\SystemRoot\system32\DRIVERS\GEARAspiWDM.sys\SystemRoot\system32\DRIVERS\CmBatt.sys\SystemRoot\system32\DRIVERS\wmiacpi.sys\SystemRoot\system32\DRIVERS\intelppm.sys\SystemRoot\system32\DRIVERS\CompositeBus.sys\SystemRoot\system32\DRIVERS\vbaudio_cable64_win7.sys\SystemRoot\system32\DRIVERS\portcls.sys\SystemRoot\system32\DRIVERS\drmk.sys\SystemRoot\system32\DRIVERS\ks.sys\SystemRoot\system32\drivers\ksthunk.sys\SystemRoot\system32\DRIVERS\AgileVpn.sys\SystemRoot\system32\DRIVERS\rasl2tp.sys\SystemRoot\system32\DRIVERS\ndistapi.sys\SystemRoot\system32\DRIVERS\ndiswan.sys\SystemRoot\system32\DRIVERS\raspppoe.sys\SystemRoot\system32\DRIVERS\raspptp.sys\SystemRoot\system32\DRIVERS\rassstp.sys\SystemRoot\system32\DRIVERS\swenum.sys\SystemRoot\system32\DRIVERS\umbus.sys\SystemRoot\system32\DRIVERS\usbhub.sys\SystemRoot\System32\Drivers\NDProxy.SYS\SystemRoot\system32\drivers\RTKVHD64.sys\SystemRoot\system32\DRIVERS\IntcDAud.sys\SystemRoot\system32\DRIVERS\asmthub3.sys\SystemRoot\System32\Drivers\crashdmp.sys\SystemRoot\System32\Drivers\dump_iaStor.sys\SystemRoot\System32\Drivers\dump_dumpfve.sys\SystemRoot\System32\win32k.sys\SystemRoot\System32\drivers\Dxapi.sys\SystemRoot\system32\DRIVERS\usbccgp.sys\SystemRoot\system32\DRIVERS\HIDPARSE.SYS\SystemRoot\system32\DRIVERS\monitor.sys\SystemRoot\System32\Drivers\usbvideo.sys\SystemRoot\System32\TSDDD.dll\SystemRoot\System32\cdd.dll\SystemRoot\System32\ATMFD.DLL\SystemRoot\system32\drivers\luafv.sys\SystemRoot\system32\DRIVERS\lltdio.sys\SystemRoot\system32\DRIVERS\nwifi.sys\SystemRoot\system32\DRIVERS\ndisuio.sys\SystemRoot\system32\DRIVERS\rspndr.sys\SystemRoot\system32\DRIVERS\TurboB.sys\??\C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\ASMMAP64.sys\SystemRoot\system32\drivers\HTTP.sys\SystemRoot\system32\DRIVERS\bowser.sys\SystemRoot\System32\drivers\mpsdrv.sys\SystemRoot\system32\DRIVERS\mrxsmb.sys\SystemRoot\system32\DRIVERS\mrxsmb10.sys\SystemRoot\system32\DRIVERS\mrxsmb20.sys\SystemRoot\system32\DRIVERS\vwifimp.sys\SystemRoot\system32\drivers\peauth.sys\SystemRoot\System32\Drivers\secdrv.SYS\SystemRoot\System32\DRIVERS\srvnet.sys\SystemRoot\System32\drivers\tcpipreg.sys\SystemRoot\System32\DRIVERS\srv2.sys\SystemRoot\System32\DRIVERS\srv.sys\SystemRoot\System32\Drivers\fastfat.SYS\SystemRoot\system32\DRIVERS\asyncmac.sys\SystemRoot\system32\DRIVERS\WSDPrint.sys\SystemRoot\system32\DRIVERS\hidusb.sys\SystemRoot\system32\DRIVERS\HIDCLASS.SYS\SystemRoot\system32\DRIVERS\mouhid.sys\SystemRoot\system32\DRIVERS\RzSynapse.sys\SystemRoot\system32\DRIVERS\kbdhid.sys\??\C:\Windows\system32\drivers\mbamchameleon.sys\??\C:\Windows\system32\drivers\MBAMSwissArmy.sys\Windows\System32\ntdll.dll\Windows\System32\smss.exe\Windows\System32\apisetschema.dll\Windows\System32\autochk.exe\Windows\System32\advapi32.dll\Windows\System32\msvcrt.dll\Windows\System32\lpk.dll\Windows\System32\psapi.dll\Windows\System32\gdi32.dll\Windows\System32\shell32.dll\Windows\System32\imm32.dll\Windows\System32\oleaut32.dll\Windows\System32\ws2_32.dll\Windows\System32\sechost.dll\Windows\System32\usp10.dll\Windows\System32\setupapi.dll\Windows\System32\msctf.dll\Windows\System32\comdlg32.dll\Windows\System32\difxapi.dll\Windows\System32\shlwapi.dll\Windows\System32\rpcrt4.dll\Windows\System32\kernel32.dll\Windows\System32\nsi.dll\Windows\System32\Wldap32.dll\Windows\System32\user32.dll\Windows\System32\ole32.dll\Windows\System32\urlmon.dll\Windows\System32\imagehlp.dll\Windows\System32\iertutil.dll\Windows\System32\normaliz.dll\Windows\System32\clbcatq.dll\Windows\System32\wininet.dll\Windows\System32\api-ms-win-downlevel-user32-l1-1-0.dll\Windows\System32\devobj.dll\Windows\System32\comctl32.dll\Windows\System32\api-ms-win-downlevel-normaliz-l1-1-0.dll\Windows\System32\api-ms-win-downlevel-version-l1-1-0.dll\Windows\System32\api-ms-win-downlevel-ole32-l1-1-0.dll\Windows\System32\api-ms-win-downlevel-advapi32-l1-1-0.dll\Windows\System32\crypt32.dll\Windows\System32\KernelBase.dll\Windows\System32\cfgmgr32.dll\Windows\System32\wintrust.dll\Windows\System32\api-ms-win-downlevel-shlwapi-l1-1-0.dll\Windows\System32\msasn1.dll\Windows\SysWOW64\normaliz.dll----------- End -----------Done!<<<1>>>Upper Device Name: \Device\Harddisk0\DR0Upper Device Object: 0xfffffa8008b4e060Upper Device Driver Name: \Driver\Disk\Lower Device Name: \Device\Ide\IAAStorageDevice-1\Lower Device Object: 0xfffffa800630f050Lower Device Driver Name: \Driver\iaStor\<<<2>>>Physical Sector Size: 512Drive: 0, DevicePointer: 0xfffffa8008b4e060, DeviceName: \Device\Harddisk0\DR0\, DriverName: \Driver\Disk\--------- Disk Stack ------DevicePointer: 0xfffffa8008b4eb90, DeviceName: Unknown, DriverName: \Driver\partmgr\DevicePointer: 0xfffffa8008b4e060, DeviceName: \Device\Harddisk0\DR0\, DriverName: \Driver\Disk\DevicePointer: 0xfffffa80062cab20, DeviceName: Unknown, DriverName: \Driver\ACPI\DevicePointer: 0xfffffa800630f050, DeviceName: \Device\Ide\IAAStorageDevice-1\, DriverName: \Driver\iaStor\------------ End ----------Alternate DeviceName: \Device\Harddisk0\DR0\, DriverName: \Driver\Disk\Upper DeviceData: 0x0, 0x0, 0x0Lower DeviceData: 0x0, 0x0, 0x0<<<3>>>Volume: C:File system type: NTFSSectorSize = 512, ClusterSize = 4096, MFTRecordSize = 1024, MFTIndexSize = 4096 bytes<<<2>>><<<3>>>Volume: C:File system type: NTFSSectorSize = 512, ClusterSize = 4096, MFTRecordSize = 1024, MFTIndexSize = 4096 bytesScanning drivers directory: C:\WINDOWS\SYSTEM32\drivers...<<<2>>><<<3>>>Volume: C:File system type: NTFSSectorSize = 512, ClusterSize = 4096, MFTRecordSize = 1024, MFTIndexSize = 4096 bytesDone!Drive 0Scanning MBR on drive 0...Inspecting partition table:MBR Signature: 55AADisk Signature: E3102A4B Partition information: Partition 0 type is Other (0x1c) Partition is NOT ACTIVE. Partition starts at LBA: 2048 Numsec = 52428800 Partition 1 type is Primary (0x7) Partition is ACTIVE. Partition starts at LBA: 52430848 Numsec = 586057728 Partition is not bootable Partition 2 type is Primary (0x7) Partition is NOT ACTIVE. Partition starts at LBA: 638488576 Numsec = 826656768 Partition 3 type is Empty (0x0) Partition is NOT ACTIVE. Partition starts at LBA: 0 Numsec = 0 Disk Size: 750156374016 bytesSector size: 512 bytes Scanning physical sectors of unpartitioned space on drive 0 (1-2047-1465129168-1465149168)...Done!Infected: C:\Program Files (x86)\SN.Booster --> [Trojan.SProtector]Scan finishedCreating System Restore point...Cleaning up...Removal scheduling successful. System shutdown needed.System shutdown occurred======================================= Removal queue found; removal startedRemoving C:\ProgramData\Malwarebytes' Anti-Malware (portable)\MBR-0-i.mbam...Removing C:\ProgramData\Malwarebytes' Anti-Malware (portable)\VBR-0-1-52430848-i.mbam...Removing C:\ProgramData\Malwarebytes' Anti-Malware (portable)\MBR-0-r.mbam...Removal finished
  8. No it contains a folder called SN.Booster and text document called 1532781606.ini and then an empty folder called 1532781606 it appears to be one of the many folders that was added after I ran the jrg scan. Others being $RECYCLE.BIN (which keeps coming back after i delete it), Boot, ProgramData, System Volume Information, and some other ones i have deleted (I can tell which ones they are because the folder icon is faded and sometimes has a lock)http://i.imgur.com/zbPllPA.png that is a pic of what im talking about, to give you a visual. I will now do the other stuff.
  9. Ok the Jrg one was weird, it did everything fine but made a bunch of text documents called desktop.ini with creation dates of like 2009 and put them on my desktop, so i started looking and one appeared in my program files(x86) folder too. JRT.txt rogue killer
  10. extras.txt OTL Extras logfile created on: 4/19/2014 9:56:35 AM - Run 2OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Austin\Desktop\OTL64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstationInternet Explorer (Version = 9.11.9600.16521)Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy 5.78 Gb Total Physical Memory | 3.47 Gb Available Physical Memory | 59.99% Memory free11.56 Gb Paging File | 9.30 Gb Available in Paging File | 80.45% Paging File freePaging file location(s): ?:\pagefile.sys [binary data] %SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)Drive C: | 279.45 Gb Total Space | 55.16 Gb Free Space | 19.74% Space Free | Partition Type: NTFSDrive D: | 394.18 Gb Total Space | 394.06 Gb Free Space | 99.97% Space Free | Partition Type: NTFS Computer Name: AUSTIN-PC | User Name: Austin | Logged in as Administrator.Boot Mode: Normal | Scan Mode: Current user | Include 64bit ScansCompany Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days ========== Extra Registry (All) ========== ========== File Associations ========== 64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>].chm[@ = chm.file] -- C:\Windows\hh.exe (Microsoft Corporation).cpl[@ = cplfile] -- C:\Windows\SysNative\control.exe (Microsoft Corporation).hlp[@ = hlpfile] -- C:\Windows\winhlp32.exe (Microsoft Corporation).hta[@ = htafile] -- C:\Windows\SysWOW64\mshta.exe (Microsoft Corporation).html[@ = ChromeHTML] -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.).inf[@ = inffile] -- C:\Windows\SysNative\NOTEPAD.EXE (Microsoft Corporation).ini[@ = inifile] -- C:\Windows\SysNative\NOTEPAD.EXE (Microsoft Corporation).url[@ = InternetShortcut] -- C:\Windows\SysNative\rundll32.exe (Microsoft Corporation).js[@ = JSFile] -- Reg Error: Value error. File not found.jse[@ = JSEFile] -- Reg Error: Value error. File not found.reg[@ = regfile] -- C:\Windows\regedit.exe (Microsoft Corporation).txt[@ = txtfile] -- C:\Windows\SysNative\NOTEPAD.EXE (Microsoft Corporation).vbe[@ = VBEFile] -- C:\Windows\SysNative\WScript.exe (Microsoft Corporation).vbs[@ = VBSFile] -- C:\Windows\SysNative\WScript.exe (Microsoft Corporation).wsf[@ = WSFFile] -- C:\Windows\SysNative\WScript.exe (Microsoft Corporation).wsh[@ = WSHFile] -- C:\Windows\SysNative\WScript.exe (Microsoft Corporation) [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>].bat [@ = batfile] -- "%1" %*.chm [@ = chm.file] -- C:\Windows\hh.exe (Microsoft Corporation).cmd [@ = cmdfile] -- "%1" %*.com [@ = comfile] -- "%1" %*.cpl [@ = cplfile] -- C:\Windows\SysWow64\control.exe (Microsoft Corporation).exe [@ = exefile] -- "%1" %*.hlp [@ = hlpfile] -- C:\Windows\winhlp32.exe (Microsoft Corporation).hta [@ = htafile] -- C:\Windows\SysWOW64\mshta.exe (Microsoft Corporation).html [@ = ChromeHTML] -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.).inf [@ = inffile] -- C:\Windows\SysWow64\NOTEPAD.EXE (Microsoft Corporation).ini [@ = inifile] -- C:\Windows\SysWow64\NOTEPAD.EXE (Microsoft Corporation).url [@ = InternetShortcut] -- C:\Windows\SysWow64\rundll32.exe (Microsoft Corporation).js [@ = JSFile] -- Reg Error: Value error. File not found.jse [@ = JSEFile] -- Reg Error: Value error. File not found.pif [@ = piffile] -- "%1" %*.reg [@ = regfile] -- C:\Windows\SysWow64\regedit.exe (Microsoft Corporation).scr [@ = scrfile] -- "%1" /S.txt [@ = txtfile] -- C:\Windows\SysWow64\NOTEPAD.EXE (Microsoft Corporation).vbe [@ = VBEFile] -- C:\Windows\SysWow64\WScript.exe (Microsoft Corporation).vbs [@ = VBSFile] -- C:\Windows\SysWow64\WScript.exe (Microsoft Corporation).wsf [@ = WSFFile] -- C:\Windows\SysWow64\WScript.exe (Microsoft Corporation).wsh [@ = WSHFile] -- C:\Windows\SysWow64\WScript.exe (Microsoft Corporation) [HKEY_CURRENT_USER\SOFTWARE\Classes\<extension>].html [@ = ChromeHTML] -- Reg Error: Key error. File not found ========== Shell Spawning ========== 64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]batfile [edit] -- %SystemRoot%\System32\NOTEPAD.EXE %1 (Microsoft Corporation)batfile [open] -- "%1" %*batfile [print] -- %SystemRoot%\System32\NOTEPAD.EXE /p %1 (Microsoft Corporation)chm.file [open] -- "%SystemRoot%\hh.exe" %1 (Microsoft Corporation)cmdfile [edit] -- %SystemRoot%\System32\NOTEPAD.EXE %1 (Microsoft Corporation)cmdfile [open] -- "%1" %*cmdfile [print] -- %SystemRoot%\System32\NOTEPAD.EXE /p %1 (Microsoft Corporation)comfile [open] -- "%1" %*cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)exefile [open] -- "%1" %*helpfile [open] -- Reg Error: Key error.hlpfile [open] -- %SystemRoot%\winhlp32.exe %1 (Microsoft Corporation)htafile [open] -- C:\Windows\SysWOW64\mshta.exe "%1" %* (Microsoft Corporation)htmlfile [edit] -- Reg Error: Key error.htmlfile [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)htmlfile [opennew] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)htmlfile [print] -- "%systemroot%\system32\rundll32.exe" "%systemroot%\system32\mshtml.dll",PrintHTML "%1"http [open] -- "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" -- "%1" (Google Inc.)https [open] -- "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" -- "%1" (Google Inc.)inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)inffile [open] -- %SystemRoot%\system32\NOTEPAD.EXE %1 (Microsoft Corporation)inffile [print] -- %SystemRoot%\system32\NOTEPAD.EXE /p %1 (Microsoft Corporation)inifile [open] -- %SystemRoot%\system32\NOTEPAD.EXE %1 (Microsoft Corporation)inifile [print] -- %SystemRoot%\system32\NOTEPAD.EXE /p %1 (Microsoft Corporation)InternetShortcut [open] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll",OpenURL %l (Microsoft Corporation)InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)jsfile [edit] -- Reg Error: Value error.jsfile [open] -- Reg Error: Value error.jsfile [print] -- Reg Error: Value error.jsefile [edit] -- Reg Error: Value error.jsefile [open] -- Reg Error: Value error.jsefile [print] -- Reg Error: Value error.piffile [open] -- "%1" %*regfile [edit] -- %SystemRoot%\system32\notepad.exe "%1" (Microsoft Corporation)regfile [open] -- regedit.exe "%1" (Microsoft Corporation)regfile [merge] -- Reg Error: Key error.regfile [print] -- %SystemRoot%\system32\notepad.exe /p "%1" (Microsoft Corporation)scrfile [config] -- "%1"scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %lscrfile [open] -- "%1" /Stxtfile [edit] -- Reg Error: Key error.txtfile [open] -- %SystemRoot%\system32\NOTEPAD.EXE %1 (Microsoft Corporation)txtfile [print] -- %SystemRoot%\system32\NOTEPAD.EXE /p %1 (Microsoft Corporation)txtfile [printto] -- %SystemRoot%\system32\notepad.exe /pt "%1" "%2" "%3" "%4" (Microsoft Corporation)vbefile [edit] -- "%SystemRoot%\System32\Notepad.exe" %1 (Microsoft Corporation)vbefile [open] -- "%SystemRoot%\System32\WScript.exe" "%1" %* (Microsoft Corporation)vbefile [print] -- "%SystemRoot%\System32\Notepad.exe" /p %1 (Microsoft Corporation)vbsfile [edit] -- "%SystemRoot%\System32\Notepad.exe" %1 (Microsoft Corporation)vbsfile [open] -- "%SystemRoot%\System32\WScript.exe" "%1" %* (Microsoft Corporation)vbsfile [print] -- "%SystemRoot%\System32\Notepad.exe" /p %1 (Microsoft Corporation)wsffile [edit] -- "%SystemRoot%\System32\Notepad.exe" %1 (Microsoft Corporation)wsffile [open] -- "%SystemRoot%\System32\WScript.exe" "%1" %* (Microsoft Corporation)wsffile [print] -- "%SystemRoot%\System32\Notepad.exe" /p %1 (Microsoft Corporation)wshfile [open] -- "%SystemRoot%\System32\WScript.exe" "%1" %* (Microsoft Corporation)Unknown [openas] -- %SystemRoot%\SysWow64\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1Directory [bridge] -- C:\Program Files\Adobe\Adobe Bridge CS6 (64 Bit)\Bridge.exe "%L" (Adobe Systems, Inc.)Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)Folder [explore] -- Reg Error: Value error.Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)Applications\iexplore.exe [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)CLSID\{871C5380-42A0-1069-A2EA-08002B30309D} [OpenHomePage] -- "C:\Program Files\Internet Explorer\iexplore.exe" (Microsoft Corporation) [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]batfile [edit] -- %SystemRoot%\System32\NOTEPAD.EXE %1 (Microsoft Corporation)batfile [open] -- "%1" %*batfile [print] -- %SystemRoot%\System32\NOTEPAD.EXE /p %1 (Microsoft Corporation)chm.file [open] -- "%SystemRoot%\hh.exe" %1 (Microsoft Corporation)cmdfile [edit] -- %SystemRoot%\System32\NOTEPAD.EXE %1 (Microsoft Corporation)cmdfile [open] -- "%1" %*cmdfile [print] -- %SystemRoot%\System32\NOTEPAD.EXE /p %1 (Microsoft Corporation)comfile [open] -- "%1" %*cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)exefile [open] -- "%1" %*helpfile [open] -- Reg Error: Key error.hlpfile [open] -- %SystemRoot%\winhlp32.exe %1 (Microsoft Corporation)htafile [open] -- C:\Windows\SysWOW64\mshta.exe "%1" %* (Microsoft Corporation)htmlfile [edit] -- Reg Error: Key error.htmlfile [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)htmlfile [opennew] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)htmlfile [print] -- "%systemroot%\system32\rundll32.exe" "%systemroot%\system32\mshtml.dll",PrintHTML "%1"http [open] -- "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" -- "%1" (Google Inc.)https [open] -- "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" -- "%1" (Google Inc.)inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)inffile [open] -- %SystemRoot%\system32\NOTEPAD.EXE %1 (Microsoft Corporation)inffile [print] -- %SystemRoot%\system32\NOTEPAD.EXE /p %1 (Microsoft Corporation)inifile [open] -- %SystemRoot%\system32\NOTEPAD.EXE %1 (Microsoft Corporation)inifile [print] -- %SystemRoot%\system32\NOTEPAD.EXE /p %1 (Microsoft Corporation)InternetShortcut [open] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll",OpenURL %l (Microsoft Corporation)InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)jsfile [edit] -- Reg Error: Value error.jsfile [open] -- Reg Error: Value error.jsfile [print] -- Reg Error: Value error.jsefile [edit] -- Reg Error: Value error.jsefile [open] -- Reg Error: Value error.jsefile [print] -- Reg Error: Value error.piffile [open] -- "%1" %*regfile [edit] -- %SystemRoot%\system32\notepad.exe "%1" (Microsoft Corporation)regfile [open] -- regedit.exe "%1" (Microsoft Corporation)regfile [merge] -- Reg Error: Key error.regfile [print] -- %SystemRoot%\system32\notepad.exe /p "%1" (Microsoft Corporation)scrfile [config] -- "%1"scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %lscrfile [open] -- "%1" /Stxtfile [edit] -- Reg Error: Key error.txtfile [open] -- %SystemRoot%\system32\NOTEPAD.EXE %1 (Microsoft Corporation)txtfile [print] -- %SystemRoot%\system32\NOTEPAD.EXE /p %1 (Microsoft Corporation)txtfile [printto] -- %SystemRoot%\system32\notepad.exe /pt "%1" "%2" "%3" "%4" (Microsoft Corporation)vbefile [edit] -- "%SystemRoot%\System32\Notepad.exe" %1 (Microsoft Corporation)vbefile [open] -- "%SystemRoot%\System32\WScript.exe" "%1" %* (Microsoft Corporation)vbefile [print] -- "%SystemRoot%\System32\Notepad.exe" /p %1 (Microsoft Corporation)vbsfile [edit] -- "%SystemRoot%\System32\Notepad.exe" %1 (Microsoft Corporation)vbsfile [open] -- "%SystemRoot%\System32\WScript.exe" "%1" %* (Microsoft Corporation)vbsfile [print] -- "%SystemRoot%\System32\Notepad.exe" /p %1 (Microsoft Corporation)wsffile [edit] -- "%SystemRoot%\System32\Notepad.exe" %1 (Microsoft Corporation)wsffile [open] -- "%SystemRoot%\System32\WScript.exe" "%1" %* (Microsoft Corporation)wsffile [print] -- "%SystemRoot%\System32\Notepad.exe" /p %1 (Microsoft Corporation)wshfile [open] -- "%SystemRoot%\System32\WScript.exe" "%1" %* (Microsoft Corporation)Unknown [openas] -- %SystemRoot%\SysWow64\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1Directory [bridge] -- C:\Program Files\Adobe\Adobe Bridge CS6 (64 Bit)\Bridge.exe "%L" (Adobe Systems, Inc.)Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)Folder [explore] -- Reg Error: Value error.Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)Applications\iexplore.exe [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)CLSID\{871C5380-42A0-1069-A2EA-08002B30309D} [OpenHomePage] -- Reg Error: Value error. ========== Security Center Settings ========== 64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]"cval" = 1 64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring] 64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]"VistaSp1" = 28 4D B2 76 41 04 CA 01 [binary data]"AntiVirusOverride" = 0"AntiSpywareOverride" = 0"FirewallOverride" = 0 64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc] ========== Firewall Settings ========== [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]"DisableNotifications" = 0"EnableFirewall" = 1 [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]"DisableNotifications" = 0"EnableFirewall" = 1 [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]"DisableNotifications" = 0"EnableFirewall" = 1 ========== Authorized Applications List ========== ========== Vista Active Open Ports Exception List ========== [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]"{007FFC3D-EB3E-4339-A7C3-5A8D2EBE6D54}" = lport=3702 | protocol=17 | dir=in | app=c:\program files (x86)\microsoft visual studio 11.0\common7\ide\wdexpress.exe | "{0D3714EC-B9F9-4797-84B0-85B52229AED1}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe | "{107FEFF0-331F-4842-8D5C-768DE9402873}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe | "{1EC7EC21-A513-44DC-B144-710701A8C32D}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe | "{2B561BF0-7C6C-4C50-9393-844FDFA98EC2}" = lport=10243 | protocol=6 | dir=in | app=system | "{2D9AA4D6-C3EA-4942-8A92-8B53D8322FB0}" = rport=138 | protocol=17 | dir=out | app=system | "{3702CCD1-6B24-47C3-B746-E9B7B12D39F8}" = lport=1900 | protocol=17 | dir=in | name=windows live communications platform (ssdp) | "{397F1630-F321-4A77-8BE1-71165C41CB77}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | name=@firewallapi.dll,-28539 | "{3CE61DD7-EA40-4163-BFB7-497B57A3F71C}" = lport=2177 | protocol=6 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe | "{46EBE0E4-26D7-4B96-84B3-8C5FB990EF83}" = lport=137 | protocol=17 | dir=in | app=system | "{4CA425A7-F53E-4809-ADC8-67891E76045F}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe | "{5A91AC63-3975-4121-8662-306E9525B30E}" = lport=2869 | protocol=6 | dir=in | name=windows live communications platform (upnp) | "{6490D848-D085-4E74-A390-4949451F24B8}" = rport=80 | protocol=6 | dir=out | app=c:\program files (x86)\steam\steamapps\common\warframe\tools\launcher.exe | "{73B5E7BB-F340-4B76-8487-6F67E0841433}" = rport=445 | protocol=6 | dir=out | app=system | "{742170FB-BA7B-4052-B211-4AF38EAD3CA1}" = rport=137 | protocol=17 | dir=out | app=system | "{7A14C531-5ECA-4636-840E-47B792462699}" = rport=2177 | protocol=6 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe | "{7C071C2D-781A-4BA0-83A5-90E44F586021}" = rport=80 | protocol=6 | dir=out | app=c:\program files (x86)\steam\steamapps\common\warframe\warframe.exe | "{95513163-C297-4DBB-A47A-996449C7BC4D}" = rport=2177 | protocol=17 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe | "{9AC1AFDC-7B1C-48A7-9568-3797CC035A71}" = lport=2869 | protocol=6 | dir=in | app=system | "{9B2ECD01-1857-46B0-AC55-D4F3F3C43356}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe | "{A0F401A4-1FF6-45AE-9B8A-0933C034A746}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe | "{B94B4C69-9B78-4700-80EE-1B3085309FE5}" = lport=2177 | protocol=17 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe | "{B94F6145-9559-493A-B138-3539E74506E4}" = lport=139 | protocol=6 | dir=in | app=system | "{BF8B6D18-2531-4518-B791-C0A54E41EC02}" = rport=10243 | protocol=6 | dir=out | app=system | "{CDF4848B-6772-43F3-825B-ECD2E1D8CAC4}" = lport=rpc | protocol=6 | dir=in | svc=spooler | app=%systemroot%\system32\spoolsv.exe | "{CEA82485-F3F9-4248-8A28-526F805F8745}" = rport=139 | protocol=6 | dir=out | app=system | "{D3728F49-CFEA-4198-966A-F1B558FB4510}" = rport=80 | protocol=6 | dir=out | app=c:\program files (x86)\steam\steamapps\common\warframe\warframe.x64.exe | "{D3B12EEA-F177-4709-8362-5287C3E1B7F4}" = lport=445 | protocol=6 | dir=in | app=system | "{EDF6B0DD-7019-436B-A699-067F2AAF9EF6}" = lport=138 | protocol=17 | dir=in | app=system | "{FEA28D34-1ABA-4E99-9C52-18A94C4F22D2}" = rport=80 | protocol=6 | dir=out | app=c:\program files (x86)\steam\steamapps\common\warframe\tools\remotecrashsender.exe | ========== Vista Active Application Exception List ========== [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]"{0004EC21-4782-4220-B6A5-E53E15B8AA1E}" = protocol=6 | dir=in | app=c:\program files (x86)\pinnacle\studio 11\programs\rm.exe | "{004841DA-F1C8-415D-8E80-6305EA226785}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe | "{016BA08C-FB1A-46B2-9497-B0BDD8D8444A}" = protocol=6 | dir=in | app=c:\program files (x86)\pinnacle\studio 11\programs\studio.exe | "{0419A767-E307-4BB6-AF8E-A64A7DAD2C52}" = protocol=6 | dir=in | app=c:\programdata\battle.net\agent\agent.1637\agent.exe | "{04F675F3-42BD-4118-A785-00E524D28D4A}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\age of empires 3\bin\age3x.exe | "{0605EEC8-D0B0-4B68-B40F-CCF58F7000B1}" = protocol=6 | dir=in | app=c:\users\austin\appdata\roaming\bittorrent\bittorrent.exe | "{0C922F30-F295-4F64-B0B9-E91BB46D1B4E}" = protocol=17 | dir=in | app=%programfiles(x86)%\windows media player\wmplayer.exe | "{12B16596-73B6-4E60-B731-1DD065A9719C}" = dir=in | app=c:\program files (x86)\windows live\mesh\moe.exe | "{19147DB8-AA3D-4382-A5AA-B94A685F1AB3}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\chivalrymedievalwarfare\chivlauncher.exe | "{19F034D6-E1D1-401F-A485-F4689EA649C6}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\garrysmod\hl2.exe | "{1A174DCD-B1D6-44E0-A22F-D991072F9767}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\counter-strike global offensive\csgo.exe | "{1ACC78C4-141E-45EF-954A-429FD2000556}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\tom clancy's ghost recon online\launcher.exe | "{1C9D8959-A926-4B00-8077-A15A184FB23C}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\team fortress 2\hl2.exe | "{233BF32F-8091-4905-99F1-9287D230C36E}" = protocol=17 | dir=in | app=c:\program files (x86)\pando networks\media booster\pmb.exe | "{25918EE4-48CE-40B1-99B4-5EBA162B12B5}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\chivalrymedievalwarfare\chivlauncher.exe | "{2997774A-0FAB-4B09-92EF-EBBB0A9F2647}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\counter-strike global offensive\bin\sdklauncher.exe | "{29CC22A0-4907-4D1F-B23B-216950447992}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\garrysmod\hl2.exe | "{2AF90532-60E0-473E-896F-434653F41EBC}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\portal 2\portal2.exe | "{2C2E00FE-5178-463A-A662-D6E766F4B195}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe | "{32A8201F-CC34-40EE-B38C-1336DD2F896F}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\garrysmod\hl2.exe | "{32F24F7D-473C-4AE7-BEEB-B5B99FF424C1}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\chivalrymedievalwarfare\chivlauncher.exe | "{388E0B5D-2F0C-4331-B0BD-EA12A59FE6A4}" = protocol=6 | dir=in | app=c:\program files (x86)\bonjour\mdnsresponder.exe | "{3AC69CF0-ED80-4514-AC94-58B6A3EB9633}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\team fortress 2\hl2.exe | "{3D417867-6D88-4B07-A408-51A7E3F423D7}" = dir=in | app=c:\program files (x86)\pando networks\media booster\pmb.exe | "{4435116F-6E0A-45F9-AD1C-C870BA35531F}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe | "{45054D43-F4E6-4179-887A-E91882CC96FC}" = protocol=17 | dir=in | app=c:\windows\syswow64\pnkbstrb.exe | "{4586061F-0FEA-49E3-BE65-FCE7667D8A99}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\project zomboid demo\projectzomboid64.exe | "{4A7D0698-614E-444A-9609-9338D382BB49}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe | "{4C29AFE2-C3AB-465E-A092-42CBFFDD3D78}" = protocol=17 | dir=out | app=c:\program files (x86)\steam\steamapps\common\warframe\warframe.x64.exe | "{4D83DE3F-21A8-4AC5-BBA5-C1ABF5FEF8F1}" = protocol=6 | dir=in | app=c:\program files (x86)\pinnacle\studio 11\programs\umi.exe | "{515F625E-53D1-4E37-9CC5-54F65258CF93}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\terraria\terraria.exe | "{51F4F8D6-0E0A-47E8-8EF0-693F81E72CFC}" = protocol=6 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe | "{542ABA1B-D094-4D91-BBAE-4230F7FF88B2}" = protocol=17 | dir=in | app=c:\programdata\battle.net\agent\agent.954\agent.exe | "{564C1F4E-9BE7-4BEA-8AEB-48D882EB2FC1}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\counter-strike global offensive\csgo.exe | "{57A5771F-98F6-46B8-BEAD-2D699F3E93D0}" = protocol=58 | dir=in | name=@firewallapi.dll,-28545 | "{5B2F3C14-E698-4D92-A777-212DA1680732}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\team fortress 2\hl2.exe | "{5B4C20CD-D02F-4064-8798-C14F6FD58C2E}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\loadout\loadout.exe | "{5BA00E5F-8224-414C-B05B-3B79552C52AD}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\age of empires 3\bin\age3y.exe | "{5E4D06DA-766C-48D0-9574-B0610941C758}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\terraria\terraria.exe | "{60339210-E004-4DEA-AB47-28284244E337}" = protocol=1 | dir=out | name=@firewallapi.dll,-28544 | "{60523898-2A1E-4F9A-B050-D1C0A1C67438}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\age of empires 3\bin\age3y.exe | "{6065B406-CF48-4B1F-90AC-9ECB2993723E}" = protocol=17 | dir=in | app=c:\program files (x86)\pinnacle\studio 11\programs\rm.exe | "{60B02BC4-1876-4D7F-9990-7D5B411F8739}" = protocol=17 | dir=in | app=c:\users\austin\downloads\bittorrent.exe | "{63FF78B8-4DD9-40A1-9920-DF494D7A6BA6}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steam.exe | "{64C0DD34-534B-4191-AF3A-797CFE56E392}" = protocol=17 | dir=out | app=c:\program files (x86)\steam\steamapps\common\warframe\warframe.exe | "{64FBEAE9-3097-4BE3-B616-E99E99EA9F05}" = dir=in | app=c:\program files (x86)\itunes\itunes.exe | "{65E12CA4-5EFE-4341-8459-F6CD66B94E81}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steam.exe | "{6C0DE37F-ADA0-4CB9-8F04-BBD8A5AB6E71}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\warframe\warframe.exe | "{6F9416D3-8C93-4288-A6E3-80CB2C18CD3D}" = protocol=6 | dir=in | app=c:\program files (x86)\avg\avg2013\avgmfapx.exe | "{707479AA-C9AC-418D-ABED-F8C5CABB15F0}" = protocol=17 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe | "{716F2249-7CE6-4181-B155-4AFA1803D840}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\garrysmod\hl2.exe | "{74F0FFA2-A08D-4F3C-BBBC-CCB88867E4B7}" = protocol=17 | dir=in | app=c:\program files (x86)\pinnacle\studio 11\programs\pmsregisterfile.exe | "{756EF5B2-E783-4829-BE6E-E61AD95E4677}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe | "{796F77B8-F1CF-4ADD-BE1C-B970C282BD74}" = protocol=6 | dir=in | app=c:\program files (x86)\pando networks\media booster\pmb.exe | "{7B769A61-17CC-48F5-9A72-11585B9D6346}" = protocol=6 | dir=out | app=system | "{7BBB2886-DFD0-416C-B80D-A5AF68490762}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\war thunder\launcher.exe | "{84755C30-5A33-42E8-9FFC-5A28817F763B}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\kerbal space program\ksp.exe | "{86EF2C6D-DCF6-4F3A-B773-D4B8243903D4}" = protocol=6 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe | "{87B730FA-3B76-42F7-9EBD-91FDC7B0A476}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\counter-strike source\hl2.exe | "{897E0257-7C8E-40AB-B017-55A7B49E6A9A}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\warframe\tools\launcher.exe | "{8AD71A4D-BCCE-4CEF-8E6D-6792C441094E}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\warframe\tools\launcher.exe | "{8B32D3D9-DFA1-44C2-A0C9-3A704AA29FA6}" = dir=in | app=c:\program files\intel\wifi\bin\pandhcpdns.exe | "{8D253283-9426-400F-B630-098094BAC58F}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\tom clancy's ghost recon online\launcher.exe | "{8E796EC9-AF0F-4798-BDCD-5337172D3DC3}" = protocol=6 | dir=in | app=c:\program files (x86)\pinnacle\studio 11\programs\pmsregisterfile.exe | "{944BD69D-4B3C-4A4B-80C5-C3D6FBACBEBA}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\team fortress 2\hl2.exe | "{9458F39F-818A-4649-A40D-B89291D0F214}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\age of empires 3\bin\age3.exe | "{966B3B06-323A-4FEE-BBE0-F2B7F0F8C04C}" = protocol=6 | dir=in | app=c:\users\austin\downloads\bittorrent.exe | "{977BC6D1-C99C-4E01-BD49-187A3E6FFF5F}" = dir=in | app=c:\program files (x86)\common files\apple\apple application support\webkit2webprocess.exe | "{9CE8E0DE-774F-418B-B6D6-233F5DEE3ACC}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\team fortress 2\hl2.exe | "{9EB66BD2-C526-4502-A6B7-041E578D290E}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe | "{A15A25D6-BDCA-4CF9-907A-5D2CCAEB4B79}" = protocol=17 | dir=in | app=c:\program files (x86)\bonjour\mdnsresponder.exe | "{A1962E9D-4224-45A4-AD17-3FC7DB6D091B}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe | "{A29A6D70-AADF-41C0-9938-CEB4B3DDCAD3}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\team fortress 2\hl2.exe | "{A31C7C2C-6918-4BB5-AA66-1915982F11FD}" = protocol=17 | dir=in | app=c:\users\austin\appdata\roaming\bittorrent\bittorrent.exe | "{A39C2F39-0C98-406E-A470-E1DF8C7CD3AC}" = protocol=6 | dir=in | app=c:\windows\syswow64\pnkbstra.exe | "{A516F74C-1FD3-4869-A9A0-FE3C5CD28D2D}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\age of empires 3\bin\age3.exe | "{A5F9E207-B1F7-4432-A51B-57CB31E824F4}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steam.exe | "{A9B2D32B-924F-4448-B3F4-EA23B9BECA07}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\counter-strike global offensive\bin\sdklauncher.exe | "{AB13DFA6-BB36-4EC5-A766-7D50FC448D17}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\chivalrymedievalwarfare\chivlauncher.exe | "{ABB4D30E-6083-4126-9FE4-7AC8198BB668}" = protocol=17 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe | "{AC74FABE-F403-4278-B7B2-1E5D2088E738}" = protocol=58 | dir=out | name=@firewallapi.dll,-28546 | "{B0D4FB2B-FB0F-4A94-B90B-B42FA9E2FBA7}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe | "{B9D75A4C-8F8A-49BD-B113-16C944F2D0D6}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\war thunder\launcher.exe | "{BE543A51-B4B8-4B78-93A0-70F41640DB97}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe | "{C0590ADF-92EC-43D3-9E17-09DBE85F6C57}" = dir=in | app=c:\program files (x86)\windows live\contacts\wlcomm.exe | "{C96FB6B6-4DF1-46F2-8957-9C2E177BE268}" = protocol=17 | dir=in | app=c:\program files (x86)\pando networks\media booster\pmb.exe | "{CC5CED94-B63E-43D6-BBA5-71E30A60668F}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\garrysmod\hl2.exe | "{CFBDEE83-1C87-4C79-9C95-0575E675C42C}" = protocol=17 | dir=in | app=c:\program files (x86)\avg\avg2013\avgmfapx.exe | "{D018F327-C8B7-44CB-8B58-26E148F7C9F5}" = protocol=17 | dir=in | app=c:\windows\syswow64\pnkbstra.exe | "{D0CF7FFE-27E3-41E1-9492-6E8EE8C0FB4B}" = protocol=6 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe | "{D119A672-8AED-4D1E-B6DD-15F586434D8B}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steam.exe | "{D38DEBB7-7690-4950-8AB7-130D407D50FB}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\chivalrymedievalwarfare\chivlauncher.exe | "{D44C124E-B10F-46E1-A070-63CAE227B694}" = protocol=17 | dir=in | app=c:\program files (x86)\warthunder\launcher.exe | "{D518A33E-F55B-4D81-B31F-F2AFD8E210CD}" = protocol=17 | dir=in | app=c:\programdata\battle.net\agent\agent.1637\agent.exe | "{D6FE0EBA-88A3-4C70-9983-045FA617FF33}" = dir=in | app=c:\program files (x86)\windows live\messenger\msnmsgr.exe | "{DB92EE97-DE2C-4C2F-A05D-F94306B60E1A}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe | "{DBD87A34-CFD3-4931-B802-7C3147A4F9F0}" = protocol=6 | dir=in | app=c:\windows\syswow64\pnkbstrb.exe | "{DC68FF21-3827-4BD3-AE81-A7F0E582266E}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\counter-strike source\hl2.exe | "{DCEE7765-D40C-41EB-AD61-D28844CABBE8}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\kerbal space program\ksp.exe | "{E33B1762-79F2-407F-98AE-A7EFA0DA7605}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\portal 2\portal2.exe | "{E365A866-20A4-486B-AF92-29881F8C528A}" = protocol=6 | dir=in | app=c:\program files (x86)\warthunder\launcher.exe | "{E4BA4760-CEA4-4CEF-A7A5-8B574CDE0483}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe | "{E4E28B9C-5E76-4E73-A8A3-3A17C851A1C1}" = protocol=17 | dir=in | app=c:\program files (x86)\pinnacle\studio 11\programs\umi.exe | "{E51706DD-EEA0-4F32-B510-3BE5E89451B8}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\loadout\loadout.exe | "{E78BD473-A539-4F3F-A883-CE8659529895}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\chivalrymedievalwarfare\chivlauncher.exe | "{ED6FCDCF-C756-4BBE-8414-EA32D48141F5}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\team fortress 2\hl2.exe | "{EFCB6378-C661-474B-A272-E83693F7AC14}" = protocol=6 | dir=in | app=c:\programdata\battle.net\agent\agent.954\agent.exe | "{F104A6EC-A25D-4DFA-8783-BCAFD7CF41B9}" = protocol=6 | dir=in | app=c:\program files (x86)\pando networks\media booster\pmb.exe | "{F25E7CE8-CB70-4469-B38B-99EC85DBC0EF}" = protocol=6 | dir=in | app=c:\program files (x86)\microsoft office\office14\onenote.exe | "{F391A665-E863-469C-BE11-9BB1EA646662}" = protocol=17 | dir=in | app=c:\program files (x86)\pinnacle\studio 11\programs\studio.exe | "{F49CC500-E9C8-4C24-A3E4-8CACDA1B4A0B}" = protocol=1 | dir=in | name=@firewallapi.dll,-28543 | "{F607DB69-313A-497B-AD9E-164266646372}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\garrysmod\hl2.exe | "{F624E06C-DD63-4673-BB65-35B410158D4E}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\warframe\warframe.x64.exe | "{F84A8E40-78B9-4A15-9632-879B9D49A6FB}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\team fortress 2\hl2.exe | "{F8C866E7-1A7D-4A2F-A885-3FBE4A18FF34}" = protocol=17 | dir=in | app=c:\program files (x86)\microsoft office\office14\onenote.exe | "{F90DCE96-C591-4599-890B-0DC8157D921D}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\project zomboid demo\projectzomboid64.exe | "{FD73A347-8A16-4B1F-B399-7E149A1FC246}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\age of empires 3\bin\age3x.exe | "TCP Query User{10AEC3EF-FE25-405C-BE7E-525D575CC91C}C:\program files (x86)\steam\steamapps\common\war thunder\aces.exe" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\war thunder\aces.exe | "TCP Query User{17DF2765-E536-4FAD-A62A-416323B667CE}C:\program files (x86)\steam\steamapps\common\war thunder\aces.exe" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\war thunder\aces.exe | "TCP Query User{21960CAD-6869-4035-9F5F-65E66F774E74}C:\users\austin\appdata\roaming\utorrent\utorrent.exe" = protocol=6 | dir=in | app=c:\users\austin\appdata\roaming\utorrent\utorrent.exe | "TCP Query User{2D265668-3DE3-4C1B-B012-C81A68288ADA}C:\program files (x86)\warthunder\aces.exe" = protocol=6 | dir=in | app=c:\program files (x86)\warthunder\aces.exe | "TCP Query User{3872E79A-D427-466A-BF3F-2347AE53AF37}C:\program files (x86)\guild wars 2\gw2.exe" = protocol=6 | dir=in | app=c:\program files (x86)\guild wars 2\gw2.exe | "TCP Query User{3A180676-9BC4-45E3-AB10-445B2A7BF70C}C:\program files (x86)\steam\steamapps\common\grand theft auto iv\gtaiv\gtaiv.exe" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\grand theft auto iv\gtaiv\gtaiv.exe | "TCP Query User{4A389220-5102-4115-A05E-60966A591579}C:\program files (x86)\steam\steamapps\common\grand theft auto iv episodes from liberty city\eflc\eflc.exe" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\grand theft auto iv episodes from liberty city\eflc\eflc.exe | "TCP Query User{50904832-A02D-46D4-A5C6-EFCA51783033}C:\program files (x86)\steam\steamapps\common\tom clancy's ghost recon online\game\ncsa-live\ghostreconphantoms.exe" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\tom clancy's ghost recon online\game\ncsa-live\ghostreconphantoms.exe | "TCP Query User{50F0F8E6-6C45-4149-A429-79E19B984F13}C:\program files (x86)\steam\steamapps\common\chivalrymedievalwarfare\binaries\win32\udk.exe" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\chivalrymedievalwarfare\binaries\win32\udk.exe | "TCP Query User{6B9B3CCD-346D-4BBA-B2CC-61CCAC181901}C:\program files (x86)\steam\steamapps\common\terraria\terrariaserver.exe" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\terraria\terrariaserver.exe | "TCP Query User{718DED05-372C-4EA2-89A2-A5A4808161C4}C:\users\austin\desktop\wtf\dogecoin-qt.exe" = protocol=6 | dir=in | app=c:\users\austin\desktop\wtf\dogecoin-qt.exe | "TCP Query User{83D2B0FB-50BE-4E34-9DF9-B7B46DC0CF2B}C:\program files (x86)\steam\steamapps\common\planetside 2\planetside2.exe" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\planetside 2\planetside2.exe | "TCP Query User{93D0E523-BDDA-4BBD-A3D5-C5C9BF6A9CF9}C:\program files\java\jre7\bin\javaw.exe" = protocol=6 | dir=in | app=c:\program files\java\jre7\bin\javaw.exe | "TCP Query User{99D0BE84-C71C-4983-B410-AC7F9BF05873}C:\program files\java\jre7\bin\javaw.exe" = protocol=6 | dir=in | app=c:\program files\java\jre7\bin\javaw.exe | "TCP Query User{A5000294-B2CB-4C77-A079-702ED6F43D90}C:\users\austin\appdata\roaming\spotify\spotify.exe" = protocol=6 | dir=in | app=c:\users\austin\appdata\roaming\spotify\spotify.exe | "TCP Query User{A56326D0-FD25-4A84-9FAA-A751B740C823}C:\users\austin\desktop\skype.exe" = protocol=6 | dir=in | app=c:\users\austin\desktop\skype.exe | "TCP Query User{A9D9DE79-9F66-4B81-A622-5D4F81BC49CE}C:\program files (x86)\guild wars 2\gw2.exe" = protocol=6 | dir=in | app=c:\program files (x86)\guild wars 2\gw2.exe | "TCP Query User{B5BB69C8-B7DB-40A2-8543-46AC4D43272E}C:\users\austin\appdata\roaming\spotify\spotify.exe" = protocol=6 | dir=in | app=c:\users\austin\appdata\roaming\spotify\spotify.exe | "TCP Query User{BA27A902-7F46-437B-95ED-CC1B8483DEB6}C:\windows\system32\java.exe" = protocol=6 | dir=in | app=c:\windows\system32\java.exe | "TCP Query User{CC5863A0-40FF-40CC-8238-3E1208164E1C}C:\users\austin\appdata\local\temp\gw2.exe" = protocol=6 | dir=in | app=c:\users\austin\appdata\local\temp\gw2.exe | "TCP Query User{DC38CD56-AB49-4242-833F-44D0720EC2D2}C:\program files (x86)\steam\steamapps\common\cryptic studios\neverwinter\live\gameclient.exe" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\cryptic studios\neverwinter\live\gameclient.exe | "TCP Query User{DC4F8B54-D94F-4E71-82EE-B8684BE41B1E}C:\games\world_of_tanks\worldoftanks.exe" = protocol=6 | dir=in | app=c:\games\world_of_tanks\worldoftanks.exe | "TCP Query User{EF7C7A57-987C-4424-92D3-1E7211AC8402}C:\program files (x86)\steam\steamapps\common\war thunder\launcher.exe" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\war thunder\launcher.exe | "TCP Query User{F8FD721D-1ED5-493E-AA9C-F9CBC89552CF}C:\program files (x86)\hi-rez studios\hirezgames\smite\binaries\win32\smite.exe" = protocol=6 | dir=in | app=c:\program files (x86)\hi-rez studios\hirezgames\smite\binaries\win32\smite.exe | "UDP Query User{03336B39-8140-48BE-A136-0DA6275499EC}C:\program files\java\jre7\bin\javaw.exe" = protocol=17 | dir=in | app=c:\program files\java\jre7\bin\javaw.exe | "UDP Query User{05016CB9-9427-445E-80C3-63CC2963FE02}C:\users\austin\desktop\skype.exe" = protocol=17 | dir=in | app=c:\users\austin\desktop\skype.exe | "UDP Query User{0FDE40F0-5BEE-454C-A3BB-8736678AB31C}C:\program files (x86)\steam\steamapps\common\war thunder\aces.exe" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\war thunder\aces.exe | "UDP Query User{206FEBC2-36D4-4139-BA63-924710AE7950}C:\program files (x86)\steam\steamapps\common\chivalrymedievalwarfare\binaries\win32\udk.exe" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\chivalrymedievalwarfare\binaries\win32\udk.exe | "UDP Query User{22A027BD-1986-4665-9709-B9E154CE705C}C:\games\world_of_tanks\worldoftanks.exe" = protocol=17 | dir=in | app=c:\games\world_of_tanks\worldoftanks.exe | "UDP Query User{4E0C1407-2693-4C97-921E-41B7D30666BF}C:\program files\java\jre7\bin\javaw.exe" = protocol=17 | dir=in | app=c:\program files\java\jre7\bin\javaw.exe | "UDP Query User{5132EE00-FB76-4289-A262-5EAB4DDC4C9C}C:\program files (x86)\steam\steamapps\common\planetside 2\planetside2.exe" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\planetside 2\planetside2.exe | "UDP Query User{5A855769-D960-48FF-B36D-6F56ED7A20CD}C:\users\austin\appdata\local\temp\gw2.exe" = protocol=17 | dir=in | app=c:\users\austin\appdata\local\temp\gw2.exe | "UDP Query User{65ED412B-63C2-4739-A492-FC0C6241B3CC}C:\program files (x86)\steam\steamapps\common\war thunder\launcher.exe" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\war thunder\launcher.exe | "UDP Query User{6851BE44-B318-43FE-ABEB-9687E62B6527}C:\program files (x86)\warthunder\aces.exe" = protocol=17 | dir=in | app=c:\program files (x86)\warthunder\aces.exe | "UDP Query User{6EBBD226-C05E-4571-8BE5-22908A463692}C:\program files (x86)\steam\steamapps\common\grand theft auto iv episodes from liberty city\eflc\eflc.exe" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\grand theft auto iv episodes from liberty city\eflc\eflc.exe | "UDP Query User{7AED4C57-3B18-4C2F-87EB-EF7D6A93CBE8}C:\users\austin\desktop\wtf\dogecoin-qt.exe" = protocol=17 | dir=in | app=c:\users\austin\desktop\wtf\dogecoin-qt.exe | "UDP Query User{7BB849C6-08FB-4B0F-B0A2-F6871D204A05}C:\program files (x86)\steam\steamapps\common\tom clancy's ghost recon online\game\ncsa-live\ghostreconphantoms.exe" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\tom clancy's ghost recon online\game\ncsa-live\ghostreconphantoms.exe | "UDP Query User{90FDAFEE-A257-440D-B917-73F81F33D71C}C:\program files (x86)\steam\steamapps\common\terraria\terrariaserver.exe" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\terraria\terrariaserver.exe | "UDP Query User{94E79A2F-4FD9-4F11-A634-F653128A4BF7}C:\users\austin\appdata\roaming\spotify\spotify.exe" = protocol=17 | dir=in | app=c:\users\austin\appdata\roaming\spotify\spotify.exe | "UDP Query User{BC089312-194E-4FC6-B464-5055059543D4}C:\program files (x86)\steam\steamapps\common\cryptic studios\neverwinter\live\gameclient.exe" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\cryptic studios\neverwinter\live\gameclient.exe | "UDP Query User{D4E544FF-8DE9-4083-A943-4036F6B77B9A}C:\program files (x86)\steam\steamapps\common\grand theft auto iv\gtaiv\gtaiv.exe" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\grand theft auto iv\gtaiv\gtaiv.exe | "UDP Query User{DD4D9F5B-4A4D-4E7B-B904-F2F2A70A9D75}C:\users\austin\appdata\roaming\utorrent\utorrent.exe" = protocol=17 | dir=in | app=c:\users\austin\appdata\roaming\utorrent\utorrent.exe | "UDP Query User{DE514E50-691A-4571-88EE-4CE871903CB3}C:\users\austin\appdata\roaming\spotify\spotify.exe" = protocol=17 | dir=in | app=c:\users\austin\appdata\roaming\spotify\spotify.exe | "UDP Query User{E039644B-B6B3-4F64-810E-D68048706945}C:\program files (x86)\hi-rez studios\hirezgames\smite\binaries\win32\smite.exe" = protocol=17 | dir=in | app=c:\program files (x86)\hi-rez studios\hirezgames\smite\binaries\win32\smite.exe | "UDP Query User{E6D95A45-C626-4F02-8A7B-C27141A30648}C:\program files (x86)\steam\steamapps\common\war thunder\aces.exe" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\war thunder\aces.exe | "UDP Query User{F76500A2-3440-4898-8EC6-C64BBFF4AC58}C:\windows\system32\java.exe" = protocol=17 | dir=in | app=c:\windows\system32\java.exe | "UDP Query User{F998C9C1-79AF-4D5A-85F7-A5EEC3AB5EC4}C:\program files (x86)\guild wars 2\gw2.exe" = protocol=17 | dir=in | app=c:\program files (x86)\guild wars 2\gw2.exe | "UDP Query User{FABE2925-35F5-45EA-8A73-F719D21318B7}C:\program files (x86)\guild wars 2\gw2.exe" = protocol=17 | dir=in | app=c:\program files (x86)\guild wars 2\gw2.exe | ========== HKEY_LOCAL_MACHINE Uninstall List ========== 64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]"{0E8670B8-3965-4930-ADA6-570348B67153}" = Microsoft SQL Server 2012 Transact-SQL ScriptDom "{13D558FE-A863-402C-B115-160007277033}" = Microsoft SQL Server 2012 Express LocalDB "{13F4A7F3-EABC-4261-AF6B-1317777F0755}" = Fast Boot"{180C8888-50F1-426B-A9DC-AB83A1989C65}" = Windows Live Language Selector"{1ACC8FFB-9D84-4C05-A4DE-D28A9BC91698}" = Windows Live ID Sign-in Assistant"{1D8E6291-B0D5-35EC-8441-6616F567A0F7}" = Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219"{1EB2CFC3-E1C5-4FC4-B1F8-549DD6242C67}" = Windows Live Remote Service Resources"{1FB31F44-D4D0-4D76-944A-A1A5D79FD321}" = Windows Live Family Safety"{206BD2C5-DE08-4577-A0D7-D441A79D5A3A}" = Windows Live Remote Client Resources"{23170F69-40C1-2702-0920-000001000000}" = 7-Zip 9.20 (x64 edition)"{26A24AE4-039D-4CA4-87B4-2F86417051FF}" = Java 7 Update 51 (64-bit)"{27EF252D-800C-ED42-9904-459FE0046225}" = Windows Software Development Kit for Windows Store Apps DirectX x64 Remote"{2B997E80-3BEC-3222-9114-98DBE1182B2E}" = Microsoft Visual C++ 2012 x64 Debug Runtime - 11.0.50727"{2EF5D87E-B7BD-458F-8428-E4D0B8B4E65C}" = Apple Mobile Device Support"{30B7A7A6-D519-3332-BEB3-D105EFC7389A}" = Microsoft Visual Studio 2012 Express Prerequisites x64 - ENU"{36E619BC-A234-4EC3-849B-779A7C865A45}" = Microsoft SQL Server 2012 Data-Tier App Framework "{377672F0-6B8A-467D-8DDC-79338BCCD531}" = 64 Bit HP CIO Components Installer"{3CE222BA-66A6-4D18-BEE9-5D21C5798C3E}" = Windows Live Family Safety"{3D7F836A-AE1F-4FA6-8DB9-4FE06697AB0A}" = Windows Live Family Safety"{49D665A2-4C2A-476E-9AB8-FCC425F526FC}" = Microsoft SQL Server 2012 Native Client "{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148"{4FF9E8AA-D554-4CE7-89F9-B69DAA5A1E98}" = AVG 2013"{529125EF-E3AC-4B74-97E6-F688A7C0F1C0}" = Paint.NET v3.5.10"{5E2CD4FB-4538-4831-8176-05D653C3E6D4}" = Windows Live Remote Service Resources"{5FB4C443-6BD6-1514-2717-3827D65AE6FB}" = Windows Software Development Kit DirectX x64 Remote"{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161"{656DEEDE-F6AC-47CA-A568-A1B4E34B5760}" = Windows Live Remote Service Resources"{68A48EF1-DF03-394F-AF40-1E4FE42BB8DD}" = Microsoft Visual Studio Team Foundation Server 2012 Object Model Language Pack - ENU"{692CCE55-9EAE-4F57-A834-092882E7FE0B}" = Windows Live Remote Client Resources"{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}" = Microsoft Visual C++ 2005 Redistributable (x64)"{6DDCFF78-6F91-438C-9567-C5CAA9D7F56C}" = Windows Live Family Safety"{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}" = Bonjour"{6F07A6C2-9068-3673-A120-DC10012468C6}" = Microsoft Visual Studio Team Foundation Server 2012 Object Model"{73ca1ddf-9d19-45f2-ad4c-04169ec13342}" = Intel® PRO/Wireless Driver"{749BE6FF-815E-4F36-901B-7AC301B50330}" = Windows Live Family Safety"{78909610-D229-459C-A936-25D92283D3FD}" = Microsoft SQL Server Compact 4.0 SP1 x64 ENU"{7DEBE4EB-6B40-3766-BB35-5CBBC385DA37}" = Microsoft .NET Framework 4.5.1"{8220EEFE-38CD-377E-8595-13398D740ACE}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17"{825C7D3F-D0B3-49D5-A42B-CBB0FBE85E99}" = Windows Live Remote Client Resources"{847B0532-55E3-4AAF-8D7B-E3A1A7CD17E5}" = Windows Live Remote Client Resources"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight"{8EB588BD-D398-40D0-ADF7-BE1CEEF7C116}" = Windows Live Remote Client Resources"{90140000-002A-0000-1000-0000000FF1CE}" = Microsoft Office Office 64-bit Components 2010"{90140000-002A-0409-1000-0000000FF1CE}" = Microsoft Office Shared 64-bit MUI (English) 2010"{90140000-0116-0409-1000-0000000FF1CE}" = Microsoft Office Shared 64-bit Setup Metadata MUI (English) 2010"{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033" = Microsoft .NET Framework 4.5.1"{95120000-00B9-0409-1000-0000000FF1CE}" = Microsoft Application Error Reporting"{9B6239BF-4E85-4590-8D72-51E30DB1A9AA}" = ASUS Power4Gear Hybrid"{9C481E27-751F-48B9-801D-C583F032DA50}" = Intel® PROSet/Wireless WiFi Software"{9D573E71-1077-4C7E-B4DB-4E22A5D2B48B}" = Microsoft SQL Server 2012 Command Line Utilities "{A2CB1ACB-94A2-32BA-A15E-7D80319F7589}" = Microsoft Visual C++ 2012 x64 Minimum Runtime - 11.0.50727"{A679FBE4-BA2D-4514-8834-030982C8B31A}" = Windows Live Remote Service Resources"{AC53FC8B-EE18-3F9C-9B59-60937D0B182C}" = Microsoft Visual C++ 2012 x64 Additional Runtime - 11.0.50727"{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}" = Microsoft Visual C++ 2005 Redistributable (x64)"{AE91E0F3-C49A-4EF4-8B98-A07BD409EB90}" = Windows Live Remote Service Resources"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.ControlPanel" = NVIDIA Control Panel 310.90"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver" = NVIDIA Graphics Driver 310.90"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Optimus" = NVIDIA Optimus 1.11.3"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX" = NVIDIA PhysX System Software 9.12.1031"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update" = NVIDIA Update 1.11.3"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_installer" = NVIDIA Install Application"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NVIDIA.Update" = NVIDIA Update Components"{B750FA38-7AB0-42CB-ACBB-E7DBE9FF603F}" = Windows Live Remote Client Resources"{B77EFA0B-9BD3-4122-9F9A-15A963B5EA24}" = Intel® Turbo Boost Technology Monitor 2.0"{BEB0F91E-F2EA-48A1-B938-7857ABF2A93D}" = Microsoft SQL Server 2012 Transact-SQL Compiler Service "{CEA21F20-DBF4-464C-8B81-28B8508AFDDD}" = Windows Live Family Safety"{D601CEAD-2E4F-4BBB-85CC-C29A4CE6A3C0}" = iTunes"{DA54F80E-261C-41A2-A855-549A144F2F59}" = Windows Live MIME IFilter"{DF6D988A-EEA0-4277-AAB8-158E086E439B}" = Windows Live Remote Client"{E01819BD-709F-43A1-9600-6F5E4C584C37}" = Windows Live Family Safety"{E02A6548-6FDE-40E2-8ED9-119D7D7E641F}" = Windows Live Remote Service"{EF79C448-6946-4D71-8134-03407888C054}" = Shared C Run-time for x64"{F1949145-EB64-4DE7-9D81-E6D27937146C}" = Microsoft System CLR Types for SQL Server 2012 (x64)"{FA0A244E-F3C2-4589-B42A-3D522DE79A42}" = Microsoft SQL Server 2012 Management Objects (x64)"{FAA3933C-6F0D-4350-B66B-9D7F7031343E}" = Windows Live Remote Service Resources"4144-4862-0472-7103" = WorldPainter 1.7.1"CCleaner" = CCleaner"GIMP-2_is1" = GIMP 2.8.10"SynTPDeinstKey" = Synaptics Pointing Device Driver"TeamSpeak 3 Client" = TeamSpeak 3 Client"VB:VBCABLE {87459874-1236-4469}" = VBCABLE, The Virtual Audio Cable [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]"{000F2A10-9CDF-47BF-9CF2-9AC87567B433}" = Windows Live Photo Common"{03241D8D-2217-42F7-9FCB-6A68D141C14D}" = Windows Live 软件包"{04668DF2-D32F-4555-9C7E-35523DCD6544}" = Control ActiveX de Windows Live Mesh para conexiones remotas"{048298C9-A4D3-490B-9FF9-AB023A9238F3}" = Steam"{05E379CC-F626-4E7D-8354-463865B303BF}" = Windows Live UX Platform Language Pack"{062E4D94-8306-46D5-81B6-45E6AD09C799}" = Windows Live Messenger"{08D2E121-7F6A-43EB-97FD-629B44903403}" = Microsoft_VC90_CRT_x86"{09412B73-6159-40D6-B0B9-C11B30A7531E}" = Microsoft Visual Studio 2012 Preparation"{0969AF05-4FF6-4C00-9406-43599238DE0D}" = ASUS Splendid Video Enhancement Technology"{0B0F231F-CE6A-483D-AA23-77B364F75917}" = Windows Live Installer"{0D261C88-454B-46FE-B43B-640E621BDA11}" = Windows Live Mail"{0EC0B576-90F9-43C3-8FAD-A4902DF4B8F4}" = Galeria de Fotografias do Windows Live"{0F3C9093-6C13-484D-8385-93AA21BEC025}" = Microsoft Visual C++ 2012 32bit Compilers - ENU Resources"{1948E039-EC79-4591-951D-9867A8C14C90}" = Microsoft .NET Framework 4.5 SDK"{198EA334-8A3F-4CB2-9D61-6C10B8168A6F}" = Windows Live Writer"{19BA08F7-C728-469C-8A35-BFBD3633BE08}" = Windows Live Movie Maker"{1B9BBB23-65CB-3AEE-BFC6-633E7CA299FD}" = Microsoft Visual Studio Team Foundation Server 2012 Team Explorer Language Pack - ENU"{1BE2AFE6-209E-3862-AE45-DA9D3D21BD65}" = Microsoft Visual Studio Express 2012 for Windows Desktop"{1C163D33-33B3-33EB-A617-0D4D852BE8E1}" = Microsoft Visual C++ 2012 x86 Debug Runtime - 11.0.50727"{1DBD1F12-ED93-49C0-A7CC-56CBDE488158}" = ASUS LifeFrame3"{1E03DB52-D5CB-4338-A338-E526DD4D4DB1}" = Bing Bar"{1e9b4847-4e73-4d00-91f5-96e0f6ce3e5a}" = Intel® PROSet/Wireless Software"{1EAC1D02-C6AC-4FA6-9A44-96258C37C812NA}_is1" = World of Tanks"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148"{1F6AB0E7-8CDD-4B93-8A23-AA9EB2FEFCE4}" = Junk Mail filter update"{1FBF6C24-C1FD-4101-A42B-0C564F9E8E79}" = CyberLink Media Suite"{200FEC62-3C34-4D60-9CE8-EC372E01C08F}" = Windows Live SOXE Definitions"{222C5507-AC43-388F-808E-2266EC57E043}" = Microsoft Visual Studio Express 2012 for Windows Desktop - ENU"{23176E97-26CB-C72A-19EB-BFB21AC1D15A}" = Windows Software Development Kit DirectX x86 Remote"{25A381E1-0AB9-4E7A-ACCE-BA49D519CF4E}" = Windows Live Mail"{2902F983-B4C1-44BA-B85D-5C6D52E2C441}" = Windows Live Mesh ActiveX Control for Remote Connections"{29373E24-AC72-424E-8F2A-FB0F9436F21F}" = Windows Live Photo Common"{2A3FC24C-6EC0-4519-A52B-FDA4EA9B2D24}" = Windows Live Messenger"{2BFC7AA0-544C-4E3A-8796-67F3BE655BE9}" = Microsoft XNA Framework Redistributable 4.0"{2C0CC01A-DDBC-3AED-AF18-E741242FD727}" = Microsoft Visual Studio Ultimate 2012 XAML UI Designer enu Resources"{2C865FB0-051E-4D22-AC62-428E035AEAF0}" = Windows Live Mesh"{2D49C296-BCCA-4800-BAF6-A0269EBDCF74}" = Windows Live Messenger"{2F73A7B2-E50E-39A6-9ABC-EF89E4C62E36}" = Microsoft Visual C++ 2012 x86 Minimum Runtime - 11.0.50727"{3108C217-BE83-42E4-AE9E-A56A2A92E549}" = Atheros Communications Inc.® AR81Family Gigabit/Fast Ethernet Driver"{317D56AC-0DB3-48F5-929A-42032DAC9AD7}" = Windows Live Writer"{32136776-FE3F-453D-80DA-CDD993BDB2A3}" = Entity Framework Designer for Visual Studio 2012 - enu"{3336F667-9049-4D46-98B6-4C743EEBC5B1}" = Windows Live Photo Gallery"{34319F1F-7CF2-4CC9-B357-1AE7D2FF3AC5}" = Windows Live"{34F4D9A4-42C2-4348-BEF4-E553C84549E7}" = Windows Live Photo Gallery"{368BEC2C-B7A2-4762-9213-2D8465D533CA}" = Windows Live UX Platform Language Pack"{370F888E-42A7-4911-9E34-7D74632E17EB}" = Windows Live Photo Common"{38FC6E9A-F719-431A-A83D-4C86D5FD6555}" = Microsoft Visual Studio 2012 Shell (Minimum) Resources"{3B9A92DA-6374-4872-B646-253F18624D5F}" = Windows Live Writer"{3C87E0FF-BC0A-4F5E-951B-68DC3F8DF017}" = Smite"{3C87E0FF-BC0A-4F5E-951B-68DC3F8DF1FC}" = Hi-Rez Studios Authenticate and Update Service"{40BF1E83-20EB-11D8-97C5-0009C5020658}" = CyberLink Power2Go"{42F61556-29ED-8122-F39E-6F04EA5FF279}" = Windows Software Development Kit for Windows Store Apps DirectX x86 Remote"{4555BB9E-E715-4260-A178-E8EFD2B653E3}" = Alcor Micro USB Card Reader"{46F044A5-CE8B-4196-984E-5BD6525E361D}" = Apple Application Support"{488F0347-C4A7-4374-91A7-30818BEDA710}" = Galerie de photos Windows Live"{48C0DC5E-820A-44F2-890E-29B68EDD3C78}" = Windows Live Writer"{49402ED1-A795-4435-A745-1B781BE621A6}" = Microsoft NuGet - Visual Studio Express 2012 for Windows Desktop"{4CB0307C-565E-4441-86BE-0DF2E4FB828C}" = Microsoft Games for Windows Marketplace"{4D2A6330-2F8B-11E3-9C40-B8AC6F97B88E}" = Google Earth"{4F2B8233-35EE-4197-8C3B-EACCBF712029}" = Microsoft SQL Server Data Tools - enu (11.1.20828.01)"{506FC723-8E6C-4417-9CFF-351F99130425}" = Windows Live UX Platform Language Pack"{53C63F43-B827-42D9-8886-4698D91EA33B}" = System Requirements Lab for Intel"{55D003F4-9599-44BF-BA9E-95D060730DD3}" = Contrôle ActiveX Windows Live Mesh pour connexions à distance"{579684A4-DDD5-4CA3-9EA8-7BE7D9593DB4}" = Windows Live UX Platform Language Pack"{588CE0C0-860B-49A8-AFCF-3C69465B345F}" = Windows Live Mesh"{5A336D74-E680-4986-96F4-E9CEBC784F56}" = Naga Firmware Updater 1.13"{5BBB8682-1335-410F-A79F-8E5611A54BD0}_is1" = Game Dev Tycoon version 1.3.9"{5CBFF3F3-2D40-34EE-BCA5-A95BC19E400D}" = Microsoft .NET Framework 4.5 Multi-Targeting Pack"{5D273F60-0525-48BA-A5FB-D0CAA4A952AE}" = Windows Live Movie Maker"{5DA8F6CD-C70E-39D8-8430-3D9808D6BD17}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30411"{5F189DF5-2D05-472B-9091-84D9848AE48B}{1a34a8e0}" = SN.Sustainer 1.80"{60D5EF2A-4E0C-2C30-38F6-59C26E134F4A}" = Windows Software Development Kit"{622DE1BE-9EDE-49D3-B349-29D64760342A}" = 適用遠端連線的 Windows Live Mesh ActiveX 控制項"{62687B11-58B5-4A18-9BC3-9DF4CE03F194}" = Windows Live Writer Resources"{64452561-169F-4A36-A2FF-B5E118EC65F5}" = ASUS FaceLogon"{65153EA5-8B6E-43B6-857B-C6E4FC25798A}" = Intel® Management Engine Components"{6807427D-8D68-4D30-AF5B-0B38F8F948C8}" = Windows Live Writer Resources"{682B3E4F-696A-42DE-A41C-4C07EA1678B4}" = Windows Live SOXE"{6CB36609-E3A6-446C-A3C1-C71E311D2B9C}" = Windows Live Movie Maker"{6D6D43E5-218C-4B05-92D3-2240810F4760}" = Microsoft SQL Server 2012 T-SQL Language Service "{6DAB46E3-D017-3E2B-85D8-F57A230384C0}" = Microsoft Visual Studio Team Foundation Server 2012 Team Explorer"{6DB8C365-E719-4BA5-9594-10DFC244D3FD}_is1" = Gyazo 2.0.2"{6DEC8BD5-7574-47FA-B080-492BBBE2FEA3}" = Windows Live Movie Maker"{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable"{7115EEBC-DA7B-434C-B81C-EA5B26EA9A94}" = Windows Live Writer Resources"{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable"{749F674B-2674-47E8-879C-5626A06B2A91}" = InstantOn for NB"{74EB3499-8B95-4B5C-96EB-7B342F3FD0C6}" = Adobe Photoshop CS6"{753F0A72-59C3-41CE-A36A-F2DF2079275C}" = Windows Live Mail"{77477AEA-5757-47D8-8B33-939F43D82218}" = Windows Live UX Platform Language Pack"{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}" = Apple Software Update"{78DAE910-CA72-450E-AD22-772CB1A00678}" = Windows Live Mesh"{79BF4901-1EC4-4726-B3C2-A7859706C6E7}" = League of Legends"{7A3C7E05-EE37-47D6-99E1-2EB05A3DA3F7}" = Skype™ 6.14"{7B982EBD-D017-4527-BF1A-FC489EC6B100}" = Windows Live 照片库"{7D1C7B9F-2744-4388-B128-5C75B8BCCC84}" = Windows Live Essentials"{7DD5E91C-3864-77EC-7635-D14910C2A03E}" = save net"{800F484E-9D69-492D-B656-7BAA32586142}" = Microsoft Visual Studio 2012 Shell (Minimum)"{820C677A-41B2-48C3-8136-FEE35A052E73}" = Microsoft Visual Studio 2012 Shell (Minimum) Interop Assemblies"{832D9DE0-8AFC-4689-9819-4DBBDEBD3E4F}" = Microsoft Games for Windows - LIVE Redistributable"{837b34e3-7c30-493c-8f6a-2b0f04e2912c}" = Microsoft Visual C++ 2005 Redistributable"{83C292B7-38A5-440B-A731-07070E81A64F}" = Windows Live PIMT Platform"{841F1FB4-FDF8-461C-A496-3E1CFD84C0B5}" = Windows Live Mesh"{88603FC0-6B3C-442D-981E-E3D49F083548}_is1" = NovaBench 3.0.4"{8B922CF8-8A6C-41CE-A858-F1755D7F5D29}" = NVIDIA PhysX"{8C6D6116-B724-4810-8F2D-D047E6B7D68E}" = Mesh Runtime"{8DD46C6A-0056-4FEC-B70A-28BB16A1F11F}" = MSVCRT"{8F21291E-0444-4B1D-B9F9-4370A73E346D}" = WinFlash"{8FF3891F-01B5-4A71-BFCD-20761890471C}" = Windows Live Messenger"{90140000-0015-0409-0000-0000000FF1CE}" = Microsoft Office Access MUI (English) 2010"{90140000-0016-0409-0000-0000000FF1CE}" = Microsoft Office Excel MUI (English) 2010"{90140000-0018-0409-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (English) 2010"{90140000-0019-0409-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (English) 2010"{90140000-001A-0409-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (English) 2010"{90140000-001B-0409-0000-0000000FF1CE}" = Microsoft Office Word MUI (English) 2010"{90140000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2010"{90140000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2010"{90140000-001F-0C0A-0000-0000000FF1CE}" = Microsoft Office Proof (Spanish) 2010"{90140000-002C-0409-0000-0000000FF1CE}" = Microsoft Office Proofing (English) 2010"{90140000-003D-0000-0000-0000000FF1CE}" = Microsoft Office Single Image 2010"{90140000-006E-0409-0000-0000000FF1CE}" = Microsoft Office Shared MUI (English) 2010"{90140000-00A1-0409-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (English) 2010"{90140000-0115-0409-0000-0000000FF1CE}" = Microsoft Office Shared Setup Metadata MUI (English) 2010"{90140000-0117-0409-0000-0000000FF1CE}" = Microsoft Office Access Setup Metadata MUI (English) 2010"{903EDF14-4E28-4463-AA5E-4AEE71C0263B}" = Windows Live Movie Maker"{9169C939-ED01-446A-BD0C-29873BAF4E48}" = Prerequisites for SSDT "{92D58719-BBC1-4CC3-A08B-56C9E884CC2C}" = Microsoft_VC80_CRT_x86"{92EA4134-10D1-418A-91E1-5A0453131A38}" = Windows Live Movie Maker"{95140000-0070-0000-0000-0000000FF1CE}" = Microsoft Office 2010"{980A182F-E0A2-4A40-94C1-AE0C1235902E}" = Pando Media Booster"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161"{9D56775A-93F3-44A3-8092-840E3826DE30}" = Windows Live Mail"{9FAE6E8D-E686-49F5-A574-0A58DFD9580C}" = Windows Live Mail"{A0B91308-6666-4249-8FF6-1E11AFD75FE1}" = Windows Live Mail"{A0C91188-C88F-4E86-93E6-CD7C9A266649}" = Windows Live Mesh"{A1785BD4-3486-4E7E-8074-E3FC61B8F315}" = Microsoft Visual C++ 2012 x86-x64 Compilers"{A41A708E-3BE6-4561-855D-44027C1CF0F8}" = Windows Live Photo Common"{A726AE06-AAA3-43D1-87E3-70F510314F04}" = Windows Live Writer"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper"{A9BDCA6B-3653-467B-AC83-94367DA3BFE3}" = Windows Live Photo Common"{AAAFC670-569B-4A2F-82B4-42945E0DE3EF}" = Windows Live Writer"{AAF454FC-82CA-4F29-AB31-6A109485E76E}" = Windows Live Writer"{AB5C933E-5C7D-4D30-B314-9C83A49B94BE}" = ATK Package"{AB61A2E9-37D3-485D-9085-19FBDF8CEF4A}" = Windows Live Messenger"{AC76BA86-7AD7-FFFF-7B44-AA0000000001}" = Adobe Reader X (10.1.9) MUI"{B0002707-4F7E-4745-88A7-852DA8A88635}" = ASUS Sonic Focus"{B362A397-B38A-3A23-A190-611F9C7EB4F9}" = Microsoft Visual C++ 2012 Core Libraries"{B618C3BF-5142-4630-81DD-F96864F97C7E}" = Windows Live Essentials"{BAEE89D5-6E87-4F89-9603-A1C100479181}" = Windows Live Messenger"{BFEAAE77-BD7F-4534-B286-9C5CB4697EB1}" = PDF Settings CS6"{C1BE4600-7D15-3D1E-8AA2-B3241DB1D063}" = Microsoft Visual Studio Ultimate 2012 XAML UI Designer Core"{C4BC5A5F-4A97-47CC-99C3-AB8E10572AFE}" = Wireless Console 3"{C59C179C-668D-49A9-B6EA-0121CCFC1243}" = CyberLink LabelPrint"{C66824E4-CBB3-4851-BB3F-E8CFD6350923}" = Windows Live Mail"{C7BC557D-8C8B-4F5F-83AB-D20C58CF4575}" = Mumble 1.2.5"{C893D8C0-1BA0-4517-B11C-E89B65E72F70}" = Windows Live Photo Common"{CE95A79E-E4FC-4FFF-8A75-29F04B942FF2}" = Windows Live UX Platform"{CFEF48A8-BFB8-3EAC-8BA5-DE4F8AA267CE}" = Microsoft .NET Framework 4 Multi-Targeting Pack"{D0B44725-3666-492D-BEF6-587A14BD9BD9}" = MSVCRT_amd64"{D11F66FF-82B3-DDB8-1146-525370552BE1}" = Windows Software Development Kit for Windows Store Apps"{D299197D-CDEA-41A6-A363-F532DE4114FD}" = Windows Live UX Platform Language Pack"{D39F0676-163E-4595-A917-E28F99BBD4D2}" = ASUS AI Recovery"{D436F577-1695-4D2F-8B44-AC76C99E0002}" = Windows Live Photo Common"{D45240D3-B6B3-4FF9-B243-54ECE3E10066}" = Windows Live Communications Platform"{DA1C1761-5F4F-4332-AB9D-29EDF3F8EA0A}" = Microsoft SQL Server 2012 Management Objects "{DAEF48AD-89C8-4A93-B1DD-45B7E4FB6071}" = Windows Live Movie Maker"{DDC8BDEE-DCAC-404D-8257-3E8D4B782467}" = Windows Live Writer Resources"{DE8F99FD-2FC7-4C98-AA67-2729FDE1F040}" = Windows Live Writer Resources"{DECDCB7C-58CC-4865-91AF-627F9798FE48}" = Windows Live Mesh"{E09C4DB7-630C-4F06-A631-8EA7239923AF}" = D3DX10"{e0efdce9-a486-4676-8aa5-65bb08cbf34c}" = Microsoft Visual Studio Express 2012 for Windows Desktop - ENU"{E2082604-4BA5-44BB-BBFB-AF0F3CB8C6AB}" = Microsoft System CLR Types for SQL Server 2012"{E4FB0B39-C991-4EE7-95DD-1A1A7857D33D}" = Asmedia ASM104x USB 3.0 Host Controller Driver"{E54EEB5D-41ED-40FE-B4A8-8565DB81469B}" = Controlo ActiveX do Windows Live Mesh para Ligações Remotas"{E5B21F11-6933-4E0B-A25C-7963E3C07D11}" = Windows Live Messenger"{E62E0550-C098-43A2-B54B-03FB1E634483}" = Windows Live Writer"{E727A662-AF9F-4DEE-81C5-F4A1686F3DFC}" = Windows Live Writer Resources"{E818AE7C-244B-4A50-9C86-C0E4A8B69159}" = Microsoft Visual Studio 2012 Tools for SQL Server Compact 4.0 SP1 ENU"{E85A4EFC-82F2-4CEE-8A8E-62FDAD353A66}" = Galería fotográfica de Windows Live"{EC8BD21F-0CA0-4BBF-97D9-4A52B30041A1}" = ASUS Virtual Camera"{ED4108A9-60FD-4F18-AF42-122219977773}" = Razer Naga"{ed8deea4-29fa-3932-9612-e2122d8a62d9}}_is1" = War Thunder Launcher 1.0.1.278"{EEF99142-3357-402C-B298-DEC303E12D92}" = Windows Live 影像中心"{EF7EAB13-46FC-49DD-8E3C-AAF8A286C5BB}" = Windows Live 程式集"{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}" = Microsoft SQL Server 2005 Compact Edition [ENU]"{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}" = Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219"{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}" = Intel® Processor Graphics"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver"{F3FCB08B-E752-444D-86A0-0634A4F3B23D}" = System Requirements Lab CYRI"{F992409C-9D10-4AE2-BAEB-B5409AD3785E}" = 用于远程连接的 Windows Live Mesh ActiveX 控件(简体中文)"{FAE0523E-08A4-4717-8E8E-6EC6F32CBE88}" = Microsoft SQL Server Data Tools Build Utilities - enu (11.1.20828.01)"{FBA6F90E-36EC-4FC9-9B25-3834E3BD46A8}" = Microsoft SQL Server 2012 Data-Tier App Framework "{FCB3772C-B7D0-4933-B1A9-3707EBACC573}" = Intel® SDK for OpenCL - CPU Only Runtime Package"{FCDE76CB-989D-4E32-9739-6A272D2B0ED7}" = Windows Live Mesh"{FDB30193-FDA0-3DAA-ACCA-A75EEFE53607}" = Microsoft Visual C++ 2012 x86 Additional Runtime - 11.0.50727"{FE044230-9CA5-43F7-9B58-5AC5A28A1F33}" = Windows Live Essentials"{FEB375AB-6EEC-3929-8FAF-188ED81DD8B5}" = Microsoft Help Viewer 2.0"{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022"Adobe Flash Player ActiveX" = Adobe Flash Player 12 ActiveX"Adobe Flash Player Plugin" = Adobe Flash Player 12 Plugin"AmUStor" = Alcor Micro USB Card Reader"Asus Vibe2.0" = AsusVibe2.0"ASUS WebStorage" = ASUS WebStorage"AsusScr_K3 Series_ENG" = AsusScr_K3 Series_ENG"ESET Online Scanner" = ESET Online Scanner v3"foobar2000" = foobar2000 v1.3.1"Google Chrome" = Google Chrome"Guild Wars 2" = Guild Wars 2"InstallShield_{1FBF6C24-C1FD-4101-A42B-0C564F9E8E79}" = CyberLink Media Suite"InstallShield_{40BF1E83-20EB-11D8-97C5-0009C5020658}" = CyberLink Power2Go"InstallShield_{C59C179C-668D-49A9-B6EA-0121CCFC1243}" = CyberLink LabelPrint"League of Legends 3.0.0" = League of Legends"Microsoft Help Viewer 2.0" = Microsoft Help Viewer 2.0"Mozilla Firefox 17.0.1 (x86 en-US)" = Mozilla Firefox 17.0.1 (x86 en-US)"MozillaMaintenanceService" = Mozilla Maintenance Service"Notepad++" = Notepad++"Office14.SingleImage" = Microsoft Office Home and Student 2010"Open Broadcaster Software" = Open Broadcaster Software"OpenTTD" = OpenTTD 1.2.3"PunkBusterSvc" = PunkBuster Services"Revo Uninstaller" = Revo Uninstaller 1.94"S-1532781606" = SN.Booster"Steam App 105450" = Age of Empires® III: Complete Collection"Steam App 105600" = Terraria"Steam App 208090" = Loadout"Steam App 219640" = Chivalry: Medieval Warfare"Steam App 220200" = Kerbal Space Program"Steam App 236390" = War Thunder"Steam App 240" = Counter-Strike: Source"Steam App 243870" = Tom Clancy's Ghost Recon Phantoms - NA"Steam App 264910" = Project Zomboid Demo"Steam App 4000" = Garry's Mod"Steam App 440" = Team Fortress 2"Steam App 620" = Portal 2"Steam App 644" = Portal 2 Publishing Tool"Steam App 730" = Counter-Strike: Global Offensive"Steam App 745" = Counter-Strike: Global Offensive - SDK"VTFEdit_is1" = VTFEdit 1.2.5"WinLiveSuite" = Windows Live Essentials"WinRAR archiver" = WinRAR 4.20 (32-bit) ========== HKEY_CURRENT_USER Uninstall List ========== [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]"{2922D6F1-2865-4EFA-97A9-94EEAB3AFA14}" = ROBLOX Studio 2013 for Austin"{373B1718-8CC5-4567-8EE2-9033AD08A680}" = ROBLOX Player for Austin"5b0d1c2278d4fd29" = Roblox Currency Hack"Spotify" = Spotify"UnityWebPlayer" = Unity Web Player ========== Last 20 Event Log Errors ========== [ Application Events ]Error - 3/7/2014 5:12:34 AM | Computer Name = Austin-PC | Source = Bonjour Service | ID = 100Description = Task Scheduling Error: Continuously busy for more than a second Error - 3/7/2014 5:12:34 AM | Computer Name = Austin-PC | Source = Bonjour Service | ID = 100Description = Task Scheduling Error: m->NextScheduledEvent 10062 Error - 3/7/2014 5:12:34 AM | Computer Name = Austin-PC | Source = Bonjour Service | ID = 100Description = Task Scheduling Error: m->NextScheduledSPRetry 10062 Error - 3/7/2014 5:12:35 AM | Computer Name = Austin-PC | Source = Bonjour Service | ID = 100Description = Task Scheduling Error: Continuously busy for more than a second Error - 3/7/2014 5:12:35 AM | Computer Name = Austin-PC | Source = Bonjour Service | ID = 100Description = Task Scheduling Error: m->NextScheduledEvent 11076 Error - 3/7/2014 5:12:35 AM | Computer Name = Austin-PC | Source = Bonjour Service | ID = 100Description = Task Scheduling Error: m->NextScheduledSPRetry 11076 Error - 3/7/2014 5:12:37 AM | Computer Name = Austin-PC | Source = Bonjour Service | ID = 100Description = Task Scheduling Error: Continuously busy for more than a second Error - 3/7/2014 5:12:37 AM | Computer Name = Austin-PC | Source = Bonjour Service | ID = 100Description = Task Scheduling Error: m->NextScheduledEvent 12214 Error - 3/7/2014 5:12:37 AM | Computer Name = Austin-PC | Source = Bonjour Service | ID = 100Description = Task Scheduling Error: m->NextScheduledSPRetry 12214 Error - 3/7/2014 8:24:40 PM | Computer Name = Austin-PC | Source = System Restore | ID = 8193Description = [ System Events ]Error - 9/3/2013 10:04:07 PM | Computer Name = Austin-PC | Source = Service Control Manager | ID = 7000Description = The NVIDIA Update Service Daemon service failed to start due to the following error: %%1069 Error - 9/16/2013 7:12:02 PM | Computer Name = Austin-PC | Source = Microsoft-Windows-WindowsUpdateClient | ID = 20Description = Installation Failure: Windows failed to install the following update with error 0x800f0902: Cumulative Security Update for Internet Explorer 9 for Windows 7 for x64-based Systems (KB2870699). Error - 9/22/2013 11:23:06 PM | Computer Name = Austin-PC | Source = Service Control Manager | ID = 7006Description = The ScRegSetValueExW call failed for FailureActions with the following error: %%5 Error - 9/22/2013 11:25:02 PM | Computer Name = Austin-PC | Source = Service Control Manager | ID = 7006Description = The ScRegSetValueExW call failed for FailureActions with the following error: %%5 Error - 9/22/2013 11:26:06 PM | Computer Name = Austin-PC | Source = DCOM | ID = 10016Description = Error - 9/22/2013 11:27:18 PM | Computer Name = Austin-PC | Source = Service Control Manager | ID = 7038Description = The nvUpdatusService service was unable to log on as .\UpdatusUser with the currently configured password due to the following error: %%1330 To ensure that the service is configured properly, use the Services snap-in in Microsoft Management Console (MMC). Error - 9/22/2013 11:27:18 PM | Computer Name = Austin-PC | Source = Service Control Manager | ID = 7000Description = The NVIDIA Update Service Daemon service failed to start due to the following error: %%1069 Error - 9/26/2013 6:34:52 AM | Computer Name = Austin-PC | Source = Service Control Manager | ID = 7034Description = The AVGIDSAgent service terminated unexpectedly. It has done this 1 time(s). Error - 9/26/2013 2:53:11 PM | Computer Name = Austin-PC | Source = Service Control Manager | ID = 7034Description = The AVGIDSAgent service terminated unexpectedly. It has done this 2 time(s). Error - 9/30/2013 2:53:23 AM | Computer Name = Austin-PC | Source = Service Control Manager | ID = 7030Description = The FastFreeConverterUpdt service is marked as an interactive service. However, the system is configured to not allow interactive services. This service may not function properly. < End of report >
  11. OTL.txt OTL logfile created on: 4/19/2014 9:56:35 AM - Run 2OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Austin\Desktop\OTL64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstationInternet Explorer (Version = 9.11.9600.16521)Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy 5.78 Gb Total Physical Memory | 3.47 Gb Available Physical Memory | 59.99% Memory free11.56 Gb Paging File | 9.30 Gb Available in Paging File | 80.45% Paging File freePaging file location(s): ?:\pagefile.sys [binary data] %SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)Drive C: | 279.45 Gb Total Space | 55.16 Gb Free Space | 19.74% Space Free | Partition Type: NTFSDrive D: | 394.18 Gb Total Space | 394.06 Gb Free Space | 99.97% Space Free | Partition Type: NTFS Computer Name: AUSTIN-PC | User Name: Austin | Logged in as Administrator.Boot Mode: Normal | Scan Mode: Current user | Include 64bit ScansCompany Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days ========== Processes (SafeList) ========== PRC - [2014/04/19 00:16:27 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Austin\Desktop\OTL\OTL.exePRC - [2014/04/18 13:58:06 | 000,076,888 | ---- | M] () -- C:\Windows\SysWOW64\PnkBstrA.exePRC - [2014/03/31 18:59:55 | 000,228,744 | ---- | M] (Google Inc.) -- C:\Program Files (x86)\Google\Update\1.3.23.9\GoogleCrashHandler.exePRC - [2014/02/25 14:57:46 | 000,568,512 | ---- | M] (Valve Corporation) -- C:\Program Files (x86)\Common Files\Steam\SteamService.exePRC - [2014/02/25 14:57:44 | 001,821,888 | ---- | M] (Valve Corporation) -- C:\Program Files (x86)\Steam\Steam.exePRC - [2014/01/16 20:45:39 | 001,171,968 | ---- | M] (Spotify Ltd) -- C:\Users\Austin\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exePRC - [2013/12/18 10:42:32 | 000,065,432 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exePRC - [2013/10/30 20:09:08 | 002,990,304 | ---- | M] (Nota Inc.) -- C:\Program Files (x86)\Gyazo\GyStation.exePRC - [2013/02/11 15:46:40 | 003,093,624 | ---- | M] () -- C:\Program Files (x86)\Pando Networks\Media Booster\PMB.exePRC - [2012/04/12 15:03:04 | 003,058,304 | ---- | M] (ASUS) -- C:\Windows\AsScrPro.exePRC - [2011/11/16 22:05:30 | 000,953,232 | ---- | M] (Razer USA Ltd) -- C:\Program Files (x86)\Razer\Naga\RazerNagaSysTray.exePRC - [2011/11/03 17:04:04 | 000,162,456 | ---- | M] (ASUSTeK) -- C:\Windows\SysWOW64\ACEngSvr.exePRC - [2011/11/03 17:04:04 | 000,101,544 | ---- | M] (ASUS) -- C:\Program Files (x86)\ASUS\Splendid\ACMON.exePRC - [2011/10/03 18:09:38 | 000,100,992 | ---- | M] (ASUS) -- C:\Program Files (x86)\Common Files\InstantOn\InsOnWMI.exePRC - [2011/10/03 15:17:40 | 000,166,528 | ---- | M] (ASUS) -- C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControl.exePRC - [2011/10/03 11:46:00 | 000,760,448 | ---- | M] (ASUS) -- C:\Program Files (x86)\ASUS\FaceLogon\smartlogon.exePRC - [2011/10/03 11:45:58 | 000,375,424 | ---- | M] (ASUS) -- C:\Program Files (x86)\ASUS\FaceLogon\sensorsrv.exePRC - [2011/09/29 10:41:06 | 000,092,800 | ---- | M] (ASUS) -- C:\Program Files (x86)\Common Files\InstantOn\InsOnSrv.exePRC - [2011/09/13 13:33:14 | 002,317,312 | ---- | M] (ASUS) -- C:\Program Files (x86)\ASUS\Wireless Console 3\wcourier.exePRC - [2011/07/21 15:49:10 | 005,716,608 | ---- | M] (ASUS) -- C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exePRC - [2011/02/25 11:46:22 | 000,249,648 | ---- | M] (Microsoft Corporation) -- C:\Program Files (x86)\Microsoft\BingBar\SeaPort.EXEPRC - [2010/12/20 18:24:38 | 002,656,280 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exePRC - [2010/12/20 18:24:36 | 000,325,656 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exePRC - [2010/10/07 14:05:14 | 000,170,624 | ---- | M] (ASUS) -- C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exePRC - [2010/08/20 09:57:06 | 000,107,816 | ---- | M] (CyberLink) -- C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvc.exePRC - [2010/07/09 22:45:00 | 000,984,400 | ---- | M] (Virage Logic Corporation / Sonic Focus) -- C:\Program Files (x86)\ASUS\ASUS Sonic Focus\SonicFocusTray.exePRC - [2009/12/15 10:39:38 | 000,096,896 | ---- | M] (ASUS) -- C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exePRC - [2009/06/19 10:29:42 | 000,105,016 | ---- | M] (ASUS) -- C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControlUser.exePRC - [2009/06/19 10:29:26 | 002,488,888 | ---- | M] (ASUS) -- C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\ATKOSD.exePRC - [2009/06/15 17:30:42 | 000,084,536 | ---- | M] (ASUS) -- C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\AsLdrSrv.exePRC - [2008/12/22 17:15:34 | 000,174,648 | ---- | M] (ASUS) -- C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\WDC.exePRC - [2008/08/13 21:00:08 | 000,113,208 | ---- | M] (ASUS) -- C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\KBFiltr.exe ========== Modules (No Company Name) ========== MOD - [2014/02/25 14:57:46 | 001,135,296 | ---- | M] () -- C:\Program Files (x86)\Steam\bin\chromehtml.dllMOD - [2014/02/10 19:34:30 | 000,751,616 | ---- | M] () -- C:\Program Files (x86)\Steam\SDL2.dllMOD - [2014/01/10 16:33:44 | 020,625,832 | ---- | M] () -- C:\Program Files (x86)\Steam\bin\libcef.dllMOD - [2013/12/12 15:19:40 | 000,142,848 | ---- | M] () -- C:\Program Files (x86)\Steam\libavresample-1.dllMOD - [2013/11/04 18:12:06 | 000,890,592 | ---- | M] () -- C:\Program Files (x86)\Steam\libavutil-52.dllMOD - [2013/06/14 16:49:12 | 001,100,800 | ---- | M] () -- C:\Program Files (x86)\Steam\bin\avcodec-53.dllMOD - [2013/06/14 16:49:12 | 000,192,000 | ---- | M] () -- C:\Program Files (x86)\Steam\bin\avformat-53.dllMOD - [2013/06/14 16:49:12 | 000,124,416 | ---- | M] () -- C:\Program Files (x86)\Steam\bin\avutil-51.dllMOD - [2013/02/11 15:46:40 | 003,093,624 | ---- | M] () -- C:\Program Files (x86)\Pando Networks\Media Booster\PMB.exeMOD - [2011/11/03 17:04:02 | 000,009,216 | ---- | M] () -- C:\Program Files (x86)\ASUS\Splendid\GLCDdll.dllMOD - [2011/10/16 19:44:00 | 000,004,096 | ---- | M] () -- C:\Program Files (x86)\NVIDIA Corporation\coprocmanager\detoured.dllMOD - [2011/09/13 13:33:14 | 001,163,264 | ---- | M] () -- C:\Program Files (x86)\ASUS\Wireless Console 3\acAuth.dllMOD - [2010/08/20 09:57:06 | 000,619,816 | ---- | M] () -- C:\Program Files (x86)\CyberLink\Power2Go\CLMediaLibrary.dllMOD - [2010/08/20 09:57:00 | 000,013,096 | ---- | M] () -- C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvcPS.dll ========== Services (SafeList) ========== SRV:64bit: - [2014/02/28 21:33:34 | 000,111,616 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\IEEtwCollector.exe -- (IEEtwCollectorService)SRV:64bit: - [2013/07/17 11:51:24 | 003,377,904 | ---- | M] (Intel® Corporation) [Auto | Running] -- C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe -- (ZeroConfigService)SRV:64bit: - [2013/07/17 11:50:38 | 000,273,136 | ---- | M] () [On_Demand | Stopped] -- C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe -- (MyWiFiDHCPDNS)SRV:64bit: - [2013/07/17 11:50:08 | 000,626,416 | ---- | M] (Intel® Corporation) [Auto | Running] -- C:\Program Files\Intel\WiFi\bin\EvtEng.exe -- (EvtEng)SRV:64bit: - [2013/07/17 11:49:16 | 000,149,744 | ---- | M] (Intel® Corporation) [Auto | Running] -- C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe -- (RegSrvc)SRV:64bit: - [2013/05/26 22:50:47 | 001,011,712 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)SRV:64bit: - [2011/03/03 16:57:58 | 000,379,520 | ---- | M] (ASUSTeK Computer Inc.) [Auto | Running] -- C:\Windows\SysNative\FBAgent.exe -- (AFBAgent)SRV:64bit: - [2010/11/29 15:00:56 | 000,149,504 | ---- | M] (Intel® Corporation) [On_Demand | Stopped] -- C:\Program Files\Intel\TurboBoost\TurboBoost.exe -- (TurboBoost)SRV:64bit: - [2010/09/22 19:10:10 | 000,057,184 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Program Files\Windows Live\Mesh\wlcrasvc.exe -- (wlcrasvc)SRV - [2014/04/18 13:58:06 | 000,076,888 | ---- | M] () [Auto | Running] -- C:\Windows\SysWOW64\PnkBstrA.exe -- (PnkBstrA)SRV - [2014/03/11 17:27:09 | 000,257,928 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)SRV - [2014/02/28 15:23:54 | 000,009,216 | ---- | M] (Hi-Rez Studios) [Auto | Running] -- C:\Program Files (x86)\Hi-Rez Studios\HiPatchService.exe -- (HiPatchService)SRV - [2014/02/25 14:57:46 | 000,568,512 | ---- | M] (Valve Corporation) [On_Demand | Running] -- C:\Program Files (x86)\Common Files\Steam\SteamService.exe -- (Steam Client Service)SRV - [2013/12/18 10:42:32 | 000,065,432 | ---- | M] (Adobe Systems Incorporated) [Auto | Running] -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe -- (AdobeARMservice)SRV - [2013/10/23 09:15:08 | 000,172,192 | R--- | M] (Skype Technologies) [Auto | Stopped] -- C:\Program Files (x86)\Skype\Updater\Updater.exe -- (SkypeUpdate)SRV - [2013/09/11 22:21:54 | 000,105,144 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32)SRV - [2013/08/09 16:26:10 | 000,279,024 | ---- | M] (Intel Corporation) [On_Demand | Stopped] -- C:\Windows\SysWOW64\IntelCpHeciSvc.exe -- (cphs)SRV - [2013/04/14 16:06:04 | 004,276,136 | ---- | M] (INCA Internet Co., Ltd.) [On_Demand | Stopped] -- C:\Windows\SysWOW64\GameMon.des -- (npggsvc)SRV - [2012/12/29 03:34:47 | 001,260,472 | ---- | M] (NVIDIA Corporation) [Auto | Stopped] -- C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe -- (nvUpdatusService)SRV - [2012/11/29 01:27:36 | 000,115,168 | ---- | M] (Mozilla Foundation) [On_Demand | Stopped] -- C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance)SRV - [2012/04/24 14:37:56 | 000,169,752 | ---- | M] (Intel Corporation) [On_Demand | Stopped] -- C:\Program Files (x86)\Intel\Intel® Integrated Clock Controller Service\ICCProxy.exe -- (ICCS)SRV - [2011/09/29 10:41:06 | 000,092,800 | ---- | M] (ASUS) [Auto | Running] -- C:\Program Files (x86)\Common Files\InstantOn\InsOnSrv.exe -- (ASUS InstantOn)SRV - [2011/03/01 22:23:36 | 000,183,560 | ---- | M] (Microsoft Corporation.) [On_Demand | Stopped] -- C:\Program Files (x86)\Microsoft\BingBar\BBSvc.EXE -- (BBSvc)SRV - [2011/02/25 11:46:22 | 000,249,648 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files (x86)\Microsoft\BingBar\SeaPort.EXE -- (SeaPort)SRV - [2010/12/20 18:24:38 | 002,656,280 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe -- (UNS)SRV - [2010/12/20 18:24:36 | 000,325,656 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe -- (LMS)SRV - [2010/02/19 14:37:14 | 000,517,096 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe -- (SwitchBoard)SRV - [2009/12/15 10:39:38 | 000,096,896 | ---- | M] (ASUS) [Auto | Running] -- C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe -- (ATKGFNEXSrv)SRV - [2009/06/15 17:30:42 | 000,084,536 | ---- | M] (ASUS) [Auto | Running] -- C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\AsLdrSrv.exe -- (ASLDRService)SRV - [2009/06/10 14:23:09 | 000,066,384 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32)SRV - [2005/02/09 13:59:00 | 000,014,165 | ---- | M] (Pinnacle Systems GmbH) [Auto | Stopped] -- C:\Windows\SysWOW64\drivers\Pclepci.sys -- (PCLEPCI) ========== Driver Services (SafeList) ========== DRV:64bit: - [2014/03/24 13:12:06 | 000,042,184 | ---- | M] (Anchorfree Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\taphss6.sys -- (taphss6)DRV:64bit: - [2013/11/14 23:37:14 | 000,149,160 | ---- | M] (Razer Inc) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\rzudd.sys -- (rzudd)DRV:64bit: - [2013/07/11 09:57:16 | 000,041,192 | ---- | M] (Windows ® Win 7 DDK provider) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\vbaudio_cable64_win7.sys -- (VBAudioVACMME)DRV:64bit: - [2013/07/01 13:51:36 | 000,342,528 | ---- | M] (Intel® Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\IntcDAud.sys -- (IntcDAud)DRV:64bit: - [2013/06/27 08:07:42 | 005,361,920 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\igdkmd64.sys -- (igfx)DRV:64bit: - [2013/05/29 06:10:52 | 011,524,096 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\NETwsw00.sys -- (NETwNs64)DRV:64bit: - [2013/02/08 06:45:38 | 000,036,736 | ---- | M] (The OpenVPN Project) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\tap0901.sys -- (tap0901)DRV:64bit: - [2012/12/29 03:34:47 | 000,030,648 | ---- | M] (NVIDIA Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\nvpciflt.sys -- (nvpciflt)DRV:64bit: - [2012/12/13 15:50:36 | 000,054,784 | ---- | M] (Apple, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\usbaapl64.sys -- (USBAAPL64)DRV:64bit: - [2012/08/21 14:01:20 | 000,033,240 | ---- | M] (GEAR Software Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\GEARAspiWDM.sys -- (GEARAspiWDM)DRV:64bit: - [2012/02/29 23:46:16 | 000,023,408 | ---- | M] (Microsoft Corporation) [Recognizer | Boot | Unknown] -- C:\Windows\SysNative\drivers\fs_rec.sys -- (Fs_Rec)DRV:64bit: - [2012/02/17 23:50:33 | 000,107,904 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata)DRV:64bit: - [2012/02/17 23:50:33 | 000,027,008 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata)DRV:64bit: - [2011/11/15 10:14:02 | 000,126,464 | ---- | M] (Razer USA Ltd) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\RzSynapse.sys -- (RzSynapse)DRV:64bit: - [2011/10/03 18:48:40 | 000,394,728 | ---- | M] (ASMedia Technology Inc) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\asmtxhci.sys -- (asmtxhci)DRV:64bit: - [2011/10/03 18:48:38 | 000,129,512 | ---- | M] (ASMedia Technology Inc) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\asmthub3.sys -- (asmthub3)DRV:64bit: - [2011/09/19 00:54:46 | 000,108,656 | ---- | M] (Atheros Communications, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\L1C62x64.sys -- (L1C)DRV:64bit: - [2011/08/08 07:32:08 | 000,299,008 | ---- | M] (Windows ® Win 7 DDK provider) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\AmpPal.sys -- (AMPPAL)DRV:64bit: - [2011/07/21 04:01:14 | 001,448,496 | ---- | M] (Synaptics Incorporated) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\SynTP.sys -- (SynTP)DRV:64bit: - [2011/05/13 16:37:54 | 000,048,488 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\fssfltr.sys -- (fssfltr)DRV:64bit: - [2011/04/25 20:07:36 | 000,557,848 | ---- | M] (Intel Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\iaStor.sys -- (iaStor)DRV:64bit: - [2010/11/29 15:00:04 | 000,016,120 | ---- | M] (Intel® Corporation) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\TurboB.sys -- (TurboB)DRV:64bit: - [2010/11/20 06:33:36 | 000,078,720 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD)DRV:64bit: - [2010/11/20 04:07:06 | 000,059,392 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbFlt.sys -- (TsUsbFlt)DRV:64bit: - [2010/11/20 04:07:06 | 000,031,232 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbGD.sys -- (TsUsbGD)DRV:64bit: - [2010/10/19 16:34:26 | 000,056,344 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\HECIx64.sys -- (MEIx64)DRV:64bit: - [2009/07/20 02:29:40 | 000,015,416 | ---- | M] ( ) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\kbfiltr.sys -- (kbfiltr)DRV:64bit: - [2009/07/13 18:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs)DRV:64bit: - [2009/07/13 18:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2)DRV:64bit: - [2009/07/13 18:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor)DRV:64bit: - [2009/07/13 17:39:20 | 000,023,040 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\WSDPrint.sys -- (WSDPrintDevice)DRV:64bit: - [2009/07/13 16:21:48 | 000,038,400 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\tpm.sys -- (TPM)DRV:64bit: - [2009/06/19 19:09:57 | 001,394,688 | ---- | M] (Atheros Communications, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\athrx.sys -- (athr)DRV:64bit: - [2009/06/10 14:01:06 | 001,146,880 | ---- | M] (LSI Corp) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\agrsm64.sys -- (AgereSoftModem)DRV:64bit: - [2009/06/10 13:35:57 | 000,056,832 | ---- | M] (Silicon Integrated Systems Corp.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\SiSG664.sys -- (SiSGbeLH)DRV:64bit: - [2009/06/10 13:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv)DRV:64bit: - [2009/06/10 13:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv)DRV:64bit: - [2009/06/10 13:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a)DRV:64bit: - [2009/06/10 13:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir)DRV:64bit: - [2009/03/18 18:35:42 | 000,033,856 | -H-- | M] (LogMeIn, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hamachi.sys -- (hamachi)DRV:64bit: - [2008/05/23 17:27:28 | 000,154,168 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\WimFltr.sys -- (WimFltr)DRV - [2011/09/07 09:55:04 | 000,017,536 | ---- | M] (ASUS) [Kernel | System | Running] -- C:\Program Files (x86)\ASUS\ATK Package\ATK WMIACPI\atkwmiacpi64.sys -- (ATKWMIACPIIO)DRV - [2009/07/13 18:19:10 | 000,019,008 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\wimmount.sys -- (WIMMount)DRV - [2009/07/02 17:36:14 | 000,015,416 | ---- | M] (ASUS) [Kernel | Auto | Running] -- C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\ASMMAP64.sys -- (ASMMAP64) ========== Standard Registry (SafeList) ========== ========== Internet Explorer ========== IE:64bit: - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htmIE - HKLM\..\SearchScopes,DefaultScope = IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar = PreserveIE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = http://www.msn.com/IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = en-USIE - HKCU\..\SearchScopes,DefaultScope = IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local ========== FireFox ========== FF - prefs.js..extensions.enabledAddons: %7B972ce4c6-7e08-4474-a285-3208198ce6fd%7D:17.0.1FF - user.js - File not found FF:64bit: - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF64_12_0_0_77.dll File not foundFF:64bit: - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.51.2: C:\Program Files\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)FF:64bit: - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.51.2: C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not foundFF:64bit: - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files\Microsoft Silverlight\5.1.30214.0\npctrl.dll ( Microsoft Corporation)FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0: C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL (Microsoft Corporation)FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_12_0_0_77.dll ()FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=: File not foundFF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()FF - HKLM\Software\MozillaPlugins\@Google.com/GoogleEarthPlugin: C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google)FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not foundFF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files (x86)\Microsoft Silverlight\5.1.30214.0\npctrl.dll ( Microsoft Corporation)FF - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0: C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL (Microsoft Corporation)FF - HKLM\Software\MozillaPlugins\@microsoft.com/SharePoint,version=14.0: C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL (Microsoft Corporation)FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3502.0922: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3538.0513: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)FF - HKLM\Software\MozillaPlugins\@pandonetworks.com/PandoWebPlugin: C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks)FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files (x86)\Google\Update\1.3.23.9\npGoogleUpdate3.dll (Google Inc.)FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files (x86)\Google\Update\1.3.23.9\npGoogleUpdate3.dll (Google Inc.)FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)FF - HKCU\Software\MozillaPlugins\@nsroblox.roblox.com/launcher: C:\Users\Austin\AppData\Local\Roblox\Versions\version-77cb13cdf4414374\\NPRobloxProxy.dll ()FF - HKCU\Software\MozillaPlugins\@unity3d.com/UnityPlayer,version=1.0: C:\Users\Austin\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll (Unity Technologies ApS)FF - HKCU\Software\MozillaPlugins\pandonetworks.com/PandoWebPlugin: C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks) FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{D19CA586-DD6C-4a0a-96F8-14644F340D60}: C:\Program Files (x86)\Common Files\McAfee\SystemCoreFF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 17.0.1\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2013/01/05 00:18:24 | 000,000,000 | ---D | M]FF - HKEY_LOCAL_MACHINE\software\mozilla\Thunderbird\Extensions\\msktbird@mcafee.com: C:\Program Files\McAfee\MSK [2013/09/29 23:54:01 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Austin\AppData\Roaming\Mozilla\Extensions[2014/04/19 08:43:36 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Austin\AppData\Roaming\Mozilla\Firefox\Profiles\g19qnztp.default\extensions[2013/08/29 21:24:37 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\Mozilla Firefox\extensions[2012/11/29 01:27:51 | 000,262,112 | ---- | M] (Mozilla Foundation) -- C:\Program Files (x86)\mozilla firefox\components\browsercomps.dll[2012/11/29 01:27:12 | 000,002,465 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\bing.xml[2012/11/29 01:27:12 | 000,002,058 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\twitter.xml ========== Chrome ========== CHR - default_search_provider: Google (Enabled)CHR - default_search_provider: search_url = {google:baseURL}search?q={searchTerms}&{google:RLZ}{google:originalQueryForSuggestion}{google:assistedQueryStats}{google:searchFieldtrialParameter}{google:bookmarkBarPinned}{google:searchClient}{google:sourceId}{google:instantExtendedEnabledParameter}{google:omniboxStartMarginParameter}ie={inputEncoding}CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client={google:suggestClient}&gs_ri={google:suggestRid}&xssi=t&q={searchTerms}&{google:cursorPosition}{google:currentPageUrl}{google:pageClassification}sugkey={google:suggestAPIKeyParameter},CHR - homepage: http://www.google.comCHR - plugin: Shockwave Flash (Enabled) = C:\Program Files (x86)\Google\Chrome\Application\34.0.1847.116\PepperFlash\pepflashplayer.dllCHR - plugin: Chrome Remote Desktop Viewer (Enabled) = internal-remoting-viewerCHR - plugin: Native Client (Enabled) = C:\Program Files (x86)\Google\Chrome\Application\34.0.1847.116\ppGoogleNaClPluginChrome.dllCHR - plugin: Chrome PDF Viewer (Enabled) = C:\Program Files (x86)\Google\Chrome\Application\34.0.1847.116\pdf.dllCHR - plugin: McAfee SiteAdvisor (Enabled) = C:\Users\Austin\AppData\Local\Google\Chrome\User Data\Default\Extensions\fheoggkfdfchfphceeifdbepaooicaho\3.50.146.2_0\McChPlg.dllCHR - plugin: Adobe Acrobat (Enabled) = C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Browser\nppdf32.dllCHR - plugin: Google Update (Enabled) = C:\Program Files (x86)\Google\Update\1.3.21.79\npGoogleUpdate3.dllCHR - plugin: Java Platform SE 7 U9 (Enabled) = C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dllCHR - plugin: McAfee SiteAdvisor (Enabled) = C:\Program Files (x86)\McAfee\SiteAdvisor\npmcffplg32.dllCHR - plugin: Silverlight Plug-In (Enabled) = C:\Program Files (x86)\Microsoft Silverlight\4.0.50401.0\npctrl.dllCHR - plugin: Windows Live™ Photo Gallery (Enabled) = C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dllCHR - plugin: Java Deployment Toolkit 7.0.90.5 (Enabled) = C:\Windows\SysWOW64\npDeployJava1.dllCHR - plugin: Shockwave Flash (Enabled) = C:\Windows\system32\Macromed\Flash\NPSWF32.dllCHR - plugin: McAfee SecurityCenter (Enabled) = c:\progra~2\mcafee\msc\npmcsn~1.dllCHR - Extension: Google Drive = C:\Users\Austin\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\6.3_0\CHR - Extension: YouTube = C:\Users\Austin\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.6_0\CHR - Extension: Honey = C:\Users\Austin\AppData\Local\Google\Chrome\User Data\Default\Extensions\bmnlcjabgnpnenekpadlanbbkooimhnj\3.0.2.1_0\CHR - Extension: Google Search = C:\Users\Austin\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.20_0\CHR - Extension: YoutubeAdblocker = C:\Users\Austin\AppData\Local\Google\Chrome\User Data\Default\Extensions\dnhmgponpoglenkoomcojdgjfgakoaai\1.0\CHR - Extension: AdBlock = C:\Users\Austin\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom\2.6.18_0\CHR - Extension: Reddit Enhancement Suite = C:\Users\Austin\AppData\Local\Google\Chrome\User Data\Default\Extensions\kbmfpngjjgdllneeigpgjifpgocmfgmb\4.3.2.1_0\CHR - Extension: Google Wallet = C:\Users\Austin\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.6.1_0\CHR - Extension: Gmail = C:\Users\Austin\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0\ O1 HOSTS File: ([2009/06/10 14:00:26 | 000,000,824 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hostsO2:64bit: - BHO: (Java Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)O2:64bit: - BHO: (Java Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)O2 - BHO: (Bing Bar Helper) - {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - C:\Program Files (x86)\Microsoft\BingBar\BingExt.dll (Microsoft Corporation.)O3:64bit: - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.O3 - HKLM\..\Toolbar: (Bing Bar) - {8dcb7100-df86-4384-8842-8fa844297b3f} - C:\Program Files (x86)\Microsoft\BingBar\BingExt.dll (Microsoft Corporation.)O3 - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.O4:64bit: - HKLM..\Run: [AdobeAAMUpdater-1.0] C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe (Adobe Systems Incorporated)O4:64bit: - HKLM..\Run: [AmIcoSinglun64] C:\Program Files (x86)\AmIcoSingLun\AmIcoSinglun64.exe (Alcor Micro Corp.)O4:64bit: - HKLM..\Run: [HotKeysCmds] C:\Windows\SysNative\hkcmd.exe (Intel Corporation)O4:64bit: - HKLM..\Run: [igfxTray] C:\Windows\SysNative\igfxtray.exe (Intel Corporation)O4:64bit: - HKLM..\Run: [intelTBRunOnce] wscript.exe //b //nologo "C:\Program Files\Intel\TurboBoost\RunTBGadgetOnce.vbs" File not foundO4:64bit: - HKLM..\Run: [Logitech Download Assistant] C:\Windows\SysNative\LogiLDA.dll (Logitech, Inc.)O4:64bit: - HKLM..\Run: [RtHDVBg] C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe (Realtek Semiconductor)O4:64bit: - HKLM..\Run: [synAsusAcpi] C:\Program Files\Synaptics\SynTP\SynAsusAcpi.exe (Synaptics Incorporated)O4 - HKLM..\Run: [AdobeCS6ServiceManager] C:\Program Files (x86)\Common Files\Adobe\CS6ServiceManager\CS6ServiceManager.exe (Adobe Systems Incorporated)O4 - HKLM..\Run: [APSDaemon] C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe (Apple Inc.)O4 - HKLM..\Run: [ASUSPRP] C:\Program Files (x86)\ASUS\APRP\APRP.EXE (ASUSTek Computer Inc.)O4 - HKLM..\Run: [ASUSWebStorage] C:\Program Files (x86)\ASUS\ASUS WebStorage\3.0.108.222\AsusWSPanel.exe (ecareme)O4 - HKLM..\Run: [ATKMEDIA] C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe (ASUS)O4 - HKLM..\Run: [ATKOSD2] C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe (ASUS)O4 - HKLM..\Run: [HControlUser] C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControlUser.exe (ASUS)O4 - HKLM..\Run: [Razer Naga Driver] C:\Program Files (x86)\Razer\Naga\RazerNagaSysTray.exe (Razer USA Ltd)O4 - HKLM..\Run: [sonicMasterTray] C:\Program Files (x86)\ASUS\ASUS Sonic Focus\SonicFocusTray.exe (Virage Logic Corporation / Sonic Focus)O4 - HKLM..\Run: [switchBoard] C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe (Adobe Systems Incorporated)O4 - HKLM..\Run: [Wireless Console 3] C:\Program Files (x86)\ASUS\Wireless Console 3\wcourier.exe (ASUS)O4 - HKCU..\Run: [AVG-Secure-Search-Update_0913a] C:\Users\Austin\AppData\Roaming\AVG 0913a Campaign\AVG-Secure-Search-Update-0913a.exe /PROMPT --mid c56a5078fa0547d39d40c1f60ee1cdc3-55dc66e4c5f5f98de5d066c4eb32df1680c41498 --CMPID 0913a File not foundO4 - HKCU..\Run: [Gyazo] C:\Program Files (x86)\Gyazo\GyStation.exe (Nota Inc.)O4 - HKCU..\Run: [LaunchList] C:\Program Files (x86)\Pinnacle\Studio 11\LaunchList2.exe File not foundO4 - HKCU..\Run: [Overwolf] C:\Program Files (x86)\Overwolf\Overwolf.exe -silent File not foundO4 - HKCU..\Run: [Pando Media Booster] C:\Program Files (x86)\Pando Networks\Media Booster\PMB.exe ()O4 - HKCU..\Run: [spotify Web Helper] C:\Users\Austin\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe (Spotify Ltd)O4 - HKCU..\Run: [steam] C:\Program Files (x86)\Steam\steam.exe (Valve Corporation)O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 0O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000010 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)O10 - NameSpace_Catalog5\Catalog_Entries\000000000010 [] - C:\Program Files (x86)\Bonjour\mdnsNSP.dll (Apple Inc.)O1364bit: - gopher Prefix: missingO13 - gopher Prefix: missingO15 - HKCU\..Trusted Domains: clonewarsadventures.com ([]* in Trusted sites)O15 - HKCU\..Trusted Domains: freerealms.com ([]* in Trusted sites)O15 - HKCU\..Trusted Domains: soe.com ([]* in Trusted sites)O15 - HKCU\..Trusted Domains: sony.com ([]* in Trusted sites)O16 - DPF: {7530BFB8-7293-4D34-9923-61A11451AFC5} http://download.eset.com/special/eos/OnlineScanner.cab (OnlineScanner Control)O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{40300927-C11F-4A47-9777-409B0D5F25D6}: DhcpNameServer = 192.168.1.1O18:64bit: - Protocol\Handler\livecall - No CLSID value foundO18:64bit: - Protocol\Handler\ms-help - No CLSID value foundO18:64bit: - Protocol\Handler\msnim - No CLSID value foundO18:64bit: - Protocol\Handler\skype4com - No CLSID value foundO18:64bit: - Protocol\Handler\wlmailhtml - No CLSID value foundO18:64bit: - Protocol\Handler\wlpg - No CLSID value foundO18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)O20:64bit: - AppInit_DLLs: (C:\Windows\system32\nvinitx.dll) - C:\Windows\SysNative\nvinitx.dll (NVIDIA Corporation)O20:64bit: - AppInit_DLLs: (C:\PROGRA~2\SN_X64~1.BOO) - C:\Program Files (x86)\SN_x64.Booster ()O20 - AppInit_DLLs: (c:\windows\syswow64\nvinit.dll) - c:\Windows\SysWOW64\nvinit.dll (NVIDIA Corporation)O20 - AppInit_DLLs: (c:\progra~2\sn0310~1.boo) - c:\Program Files (x86)\SN.Booster ()O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)O20 - HKLM Winlogon: UserInit - (userinit.exe) - C:\Windows\SysWow64\userinit.exe (Microsoft Corporation)O20:64bit: - Winlogon\Notify\igfxcui: DllName - (igfxdev.dll) - C:\Windows\SysNative\igfxdev.dll (Intel Corporation)O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.O32 - HKLM CDRom: AutoRun - 1O32 - AutoRun File - [2014/02/21 20:24:05 | 000,000,107 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]O34 - HKLM BootExecute: (autocheck autochk *)O35:64bit: - HKLM\..comfile [open] -- "%1" %*O35:64bit: - HKLM\..exefile [open] -- "%1" %*O35 - HKLM\..comfile [open] -- "%1" %*O35 - HKLM\..exefile [open] -- "%1" %*O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*O37 - HKLM\...com [@ = comfile] -- "%1" %*O37 - HKLM\...exe [@ = exefile] -- "%1" %*O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)O38 - SubSystems\\Windows: (ServerDll=sxssrv,4) Drivers32:64bit: msacm.l3acm - C:\Windows\System32\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)Drivers32:64bit: VIDC.FPS1 - frapsv64.dll (Beepa P/L)Drivers32: msacm.l3acm - C:\Windows\SysWOW64\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)Drivers32: vidc.cvid - C:\Windows\SysWow64\iccvid.dll (Radius Inc.)Drivers32: VIDC.FPS1 - C:\Windows\SysWow64\frapsvid.dll (Beepa P/L) CREATERESTOREPOINTSystem Restore Service not available. ========== Files/Folders - Created Within 30 Days ========== [2014/04/19 08:56:29 | 000,000,000 | ---D | C] -- C:\_OTL[2014/04/19 08:42:09 | 000,000,000 | ---D | C] -- C:\AdwCleaner[2014/04/19 08:38:42 | 000,000,000 | ---D | C] -- C:\Users\Austin\Desktop\OTL[2014/04/19 08:25:27 | 000,000,000 | ---D | C] -- C:\Users\Austin\Desktop\FRS[2014/04/19 02:17:33 | 000,000,000 | ---D | C] -- C:\FRST[2014/04/19 00:33:55 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\ESET[2014/04/19 00:29:54 | 000,312,744 | ---- | C] (Oracle Corporation) -- C:\Windows\SysNative\javaws.exe[2014/04/19 00:29:40 | 000,189,352 | ---- | C] (Oracle Corporation) -- C:\Windows\SysNative\javaw.exe[2014/04/19 00:29:40 | 000,189,352 | ---- | C] (Oracle Corporation) -- C:\Windows\SysNative\java.exe[2014/04/19 00:29:40 | 000,108,968 | ---- | C] (Oracle Corporation) -- C:\Windows\SysNative\WindowsAccessBridge-64.dll[2014/04/19 00:29:35 | 000,000,000 | ---D | C] -- C:\Program Files\Java[2014/04/19 00:19:52 | 000,000,000 | ---D | C] -- C:\Users\Austin\Desktop\Remove old JAVA[2014/04/18 14:13:32 | 000,000,000 | ---D | C] -- C:\Users\Austin\AppData\Local\PunkBuster[2014/04/18 14:09:21 | 000,000,000 | ---D | C] -- C:\ProgramData\SuperbApp[2014/04/18 14:08:59 | 000,000,000 | ---D | C] -- C:\ProgramData\save net[2014/04/18 14:08:59 | 000,000,000 | ---D | C] -- C:\Users\Austin\AppData\Local\Packages[2014/04/18 14:08:57 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\save net[2014/04/18 14:08:55 | 000,000,000 | ---D | C] -- C:\Users\Austin\AppData\Local\Comodo[2014/04/18 14:08:55 | 000,000,000 | ---D | C] -- C:\ProgramData\726a9a91e9097b86[2014/04/18 14:08:11 | 000,000,000 | ---D | C] -- C:\ProgramData\InstallMate[2014/04/18 13:57:44 | 000,000,000 | ---D | C] -- C:\Users\Austin\AppData\Local\Ubisoft[2014/04/16 00:40:37 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Hi-Rez Studios[2014/04/16 00:40:34 | 000,000,000 | ---D | C] -- C:\ProgramData\Hi-Rez Studios[2014/04/16 00:39:55 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Hi-Rez Studios[2014/04/15 10:58:32 | 000,000,000 | ---D | C] -- C:\Users\Austin\Desktop\fishing[2014/04/12 23:03:17 | 000,000,000 | ---D | C] -- C:\Users\Austin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Roblox[2014/03/30 13:48:50 | 000,000,000 | ---D | C] -- C:\Users\Austin\AppData\Roaming\BitTorrent[2014/03/29 17:12:33 | 000,000,000 | ---D | C] -- C:\Users\Austin\Desktop\New folder[2014/03/24 13:12:06 | 000,042,184 | ---- | C] (Anchorfree Inc.) -- C:\Windows\SysNative\drivers\taphss6.sys ========== Files - Modified Within 30 Days ========== [2014/04/19 09:52:20 | 000,000,908 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job[2014/04/19 09:51:09 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat[2014/04/19 09:50:51 | 360,755,199 | -HS- | M] () -- C:\hiberfil.sys[2014/04/19 09:27:00 | 000,000,830 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job[2014/04/19 09:07:48 | 000,009,920 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0[2014/04/19 09:07:48 | 000,009,920 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0[2014/04/19 09:05:39 | 000,782,470 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI[2014/04/19 09:05:39 | 000,662,634 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat[2014/04/19 09:05:39 | 000,122,470 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat[2014/04/19 09:05:00 | 000,000,912 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job[2014/04/19 08:40:50 | 001,258,805 | ---- | M] () -- C:\Users\Austin\Desktop\adwcleaner.exe[2014/04/19 08:33:59 | 000,001,908 | ---- | M] () -- C:\Windows\SysNative\ServiceFilter.ini[2014/04/19 00:29:36 | 000,312,744 | ---- | M] (Oracle Corporation) -- C:\Windows\SysNative\javaws.exe[2014/04/19 00:29:36 | 000,189,352 | ---- | M] (Oracle Corporation) -- C:\Windows\SysNative\javaw.exe[2014/04/19 00:29:36 | 000,189,352 | ---- | M] (Oracle Corporation) -- C:\Windows\SysNative\java.exe[2014/04/19 00:29:36 | 000,108,968 | ---- | M] (Oracle Corporation) -- C:\Windows\SysNative\WindowsAccessBridge-64.dll[2014/04/18 22:02:06 | 000,050,526 | ---- | M] () -- C:\Users\Austin\Desktop\2014-04-18_00004.jpg[2014/04/18 15:01:42 | 000,291,760 | ---- | M] () -- C:\Windows\SysWow64\PnkBstrB.xtr[2014/04/18 15:01:42 | 000,291,760 | ---- | M] () -- C:\Windows\SysWow64\PnkBstrB.exe[2014/04/18 14:43:43 | 000,291,488 | ---- | M] () -- C:\Windows\SysWow64\PnkBstrB.ex0[2014/04/18 14:09:15 | 004,296,192 | ---- | M] () -- C:\Program Files (x86)\SN.Booster[2014/04/18 14:09:15 | 004,210,176 | ---- | M] () -- C:\Program Files (x86)\SN_x64.Booster[2014/04/18 13:58:06 | 000,076,888 | ---- | M] () -- C:\Windows\SysWow64\PnkBstrA.exe[2014/04/16 00:40:37 | 000,002,039 | ---- | M] () -- C:\Users\Public\Desktop\Hi-Rez Diagnostics and Support.lnk[2014/04/16 00:40:37 | 000,002,030 | ---- | M] () -- C:\Users\Public\Desktop\Smite.lnk[2014/04/13 10:56:52 | 000,149,205 | ---- | M] () -- C:\Users\Austin\Desktop\Warrior-face-3c.jpg[2014/04/13 10:55:59 | 000,028,622 | ---- | M] () -- C:\Users\Austin\Desktop\ttar_watermelon_01_v_launch.jpg[2014/03/29 16:47:44 | 000,002,103 | ---- | M] () -- C:\Users\Austin\Desktop\vba.ini[2014/03/24 13:12:06 | 000,042,184 | ---- | M] (Anchorfree Inc.) -- C:\Windows\SysNative\drivers\taphss6.sys ========== Files Created - No Company Name ========== [2014/04/19 08:40:45 | 001,258,805 | ---- | C] () -- C:\Users\Austin\Desktop\adwcleaner.exe[2014/04/18 21:38:01 | 000,050,526 | ---- | C] () -- C:\Users\Austin\Desktop\2014-04-18_00004.jpg[2014/04/18 14:13:47 | 000,291,760 | ---- | C] () -- C:\Windows\SysWow64\PnkBstrB.xtr[2014/04/18 14:09:15 | 004,296,192 | ---- | C] () -- C:\Program Files (x86)\SN.Booster[2014/04/18 14:09:15 | 004,210,176 | ---- | C] () -- C:\Program Files (x86)\SN_x64.Booster[2014/04/18 13:58:08 | 000,291,760 | ---- | C] () -- C:\Windows\SysWow64\PnkBstrB.exe[2014/04/18 13:58:08 | 000,291,488 | ---- | C] () -- C:\Windows\SysWow64\PnkBstrB.ex0[2014/04/18 13:58:06 | 000,076,888 | ---- | C] () -- C:\Windows\SysWow64\PnkBstrA.exe[2014/04/16 00:40:37 | 000,002,039 | ---- | C] () -- C:\Users\Public\Desktop\Hi-Rez Diagnostics and Support.lnk[2014/04/16 00:40:37 | 000,002,030 | ---- | C] () -- C:\Users\Public\Desktop\Smite.lnk[2014/04/13 10:56:50 | 000,149,205 | ---- | C] () -- C:\Users\Austin\Desktop\Warrior-face-3c.jpg[2014/04/13 10:55:53 | 000,028,622 | ---- | C] () -- C:\Users\Austin\Desktop\ttar_watermelon_01_v_launch.jpg[2014/03/08 13:46:19 | 000,000,045 | ---- | C] () -- C:\Users\Austin\AppData\Roaming\WB.CFG[2014/03/07 01:54:59 | 000,000,132 | ---- | C] () -- C:\Users\Austin\AppData\Roaming\Adobe Targa Format CS6 Prefs[2014/03/02 06:09:16 | 000,000,000 | ---- | C] () -- C:\Users\Austin\shutdown[2014/03/02 06:01:39 | 000,000,000 | ---- | C] () -- C:\Users\Austin\net[2014/01/18 19:41:42 | 000,002,076 | ---- | C] () -- C:\Users\Austin\AppData\Local\recently-used.xbel[2013/08/02 11:31:58 | 000,001,087 | ---- | C] () -- C:\Users\Austin\Documents - Shortcut.lnk[2013/06/27 08:07:38 | 000,077,312 | ---- | C] () -- C:\Windows\SysWow64\igdde32.dll[2013/06/27 07:56:12 | 000,963,452 | ---- | C] () -- C:\Windows\SysWow64\igcodeckrng600.bin[2013/06/27 07:56:12 | 000,272,928 | ---- | C] () -- C:\Windows\SysWow64\igvpkrng600.bin[2012/12/01 19:00:13 | 000,192,512 | ---- | C] () -- C:\Windows\SysWow64\ssresources.dll[2012/12/01 19:00:13 | 000,020,481 | ---- | C] () -- C:\Windows\SysWow64\SystemsHook.dll[2012/11/17 11:16:56 | 000,000,045 | ---- | C] () -- C:\Users\Austin\jagex_cl_runescape_LIVE.dat[2012/11/07 19:23:35 | 000,703,117 | ---- | C] () -- C:\Users\Austin\AppData\Roaming\technic-launcher.jar[2012/11/07 19:23:35 | 000,703,104 | ---- | C] () -- C:\Users\Austin\AppData\Roaming\technic-launcher.jar.bak ========== ZeroAccess Check ========== [2009/07/13 21:55:00 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini [HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64 [HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] [HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] /64 [HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64"" = C:\Windows\SysNative\shell32.dll -- [2013/07/25 19:24:57 | 014,172,672 | ---- | M] (Microsoft Corporation)"ThreadingModel" = Apartment [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]"" = %SystemRoot%\system32\shell32.dll -- [2013/07/25 18:55:59 | 012,872,704 | ---- | M] (Microsoft Corporation)"ThreadingModel" = Apartment [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] /64"" = C:\Windows\SysNative\wbem\fastprox.dll -- [2009/07/13 18:40:51 | 000,909,312 | ---- | M] (Microsoft Corporation)"ThreadingModel" = Free [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]"" = %systemroot%\system32\wbem\fastprox.dll -- [2010/11/20 05:19:04 | 000,606,208 | ---- | M] (Microsoft Corporation)"ThreadingModel" = Free [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] /64"" = C:\Windows\SysNative\wbem\wbemess.dll -- [2009/07/13 18:41:56 | 000,505,856 | ---- | M] (Microsoft Corporation)"ThreadingModel" = Both [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] ========== Custom Scans ========== < %SYSTEMDRIVE%\*.* >[2014/02/21 20:24:05 | 000,000,107 | ---- | M] () -- C:\AUTOEXEC.BAT[2009/07/13 18:38:58 | 000,383,562 | RHS- | M] () -- C:\bootmgr[2009/07/28 23:03:37 | 000,008,192 | RHS- | M] () -- C:\BOOTSECT.BAK[2014/04/19 09:50:51 | 360,755,199 | -HS- | M] () -- C:\hiberfil.sys[2011/11/01 04:22:02 | 002,621,440 | -H-- | M] () -- C:\K43SD.BIN[2011/11/01 17:52:34 | 002,621,440 | -H-- | M] () -- C:\K53SD.BIN[2014/04/19 09:51:00 | 1912,664,063 | -HS- | M] () -- C:\pagefile.sys < %systemroot%\*. /mp /s > < HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows\WindowsUpdate\AU > < HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\WindowsUpdate\Auto Update\Results\Install|LastSuccessTime /rs > < :Commands > < [EmptyTemp] > < End of report >
  12. Im sure that wasn't to fix the problem, but just for the sake of being thorough it happened again already when I went to check my messages on reddit.
  13. Ok I removed Bittorent Here is the fixlog one And the adware one And Lastly the OTL one Thank you for helping me with this.
  14. This is the FRST.txt Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 17-04-2014 01Ran by Austin (administrator) on AUSTIN-PC on 19-04-2014 02:18:21Running from C:\Users\Austin\DesktopWindows 7 Home Premium Service Pack 1 (X64) OS Language: English(US)Internet Explorer Version 11Boot Mode: Normal The only official download link for FRST:Download link for 32-Bit version: Download link for 64-Bit Version: Download link from any site other than Bleeping Computer is unpermitted or outdated.See tutorial for FRST: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/ ==================== Processes (Whitelisted) ================= (NVIDIA Corporation) C:\Windows\system32\nvvsvc.exe(ASUSTeK Computer Inc.) C:\Windows\system32\FBAgent.exe(ASUS) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\ASLDRSrv.exe(ASUS) C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe(ASUS) C:\Program Files (x86)\Common Files\InstantOn\InsOnSrv.exe(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe(Intel® Corporation) C:\Program Files\Intel\WiFi\bin\EvtEng.exe(Intel® Corporation) C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe(Microsoft Corporation) C:\Program Files (x86)\Microsoft\BingBar\SeaPort.EXE(Microsoft Corporation) C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE(Intel® Corporation) C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe(NVIDIA Corporation) C:\Windows\system32\nvvsvc.exe(ASUS) C:\Program Files (x86)\Common Files\InstantOn\InsOnWMI.exe(ASUS) C:\Program Files\P4G\BatteryLife.exe(ASUS) C:\Program Files (x86)\ASUS\Splendid\ACMON.exe(ASUS) C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe(ASUS) C:\Program Files (x86)\ASUS\FaceLogon\sensorsrv.exe(ASUS) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControl.exe(ASUS) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\ATKOSD.exe(ASUS) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\KBFiltr.exe(ASUS) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\WDC.exe(Alcor Micro Corp.) C:\Program Files (x86)\AmIcoSingLun\AmIcoSinglun64.exe(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe(Intel Corporation) C:\Windows\System32\igfxtray.exe(Intel Corporation) C:\Windows\System32\hkcmd.exe(Spotify Ltd) C:\Users\Austin\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe(Nota Inc.) C:\Program Files (x86)\Gyazo\GyStation.exe(Microsoft Corporation) C:\Program Files (x86)\Microsoft Office\Office14\ONENOTEM.EXE(Virage Logic Corporation / Sonic Focus) C:\Program Files (x86)\ASUS\ASUS Sonic Focus\SonicFocusTray.exe(ASUS) C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe(ASUS) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControlUser.exe(ASUS) C:\Program Files (x86)\ASUS\Wireless Console 3\wcourier.exe(Razer USA Ltd) C:\Program Files (x86)\Razer\Naga\RazerNagaSysTray.exe(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe(ASUS) C:\Windows\AsScrPro.exe(CyberLink) C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvc.exe(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe(ASUSTeK) C:\Windows\SysWOW64\ACEngSvr.exe(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.23.9\GoogleCrashHandler.exe(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.23.9\GoogleCrashHandler64.exe(Microsoft Corporation) C:\Windows\system32\WLANExt.exe(Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE(Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\AAM Updates Notifier.exe(Hi-Rez Studios) C:\Program Files (x86)\Hi-Rez Studios\HiPatchService.exe(Microsoft Corporation) C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe() C:\Windows\SysWOW64\PnkBstrA.exe() c:\programdata\superbapp\sn.booster\SN.Booster.exe(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\SyncServer.exe(ASUS) C:\Program Files (x86)\ASUS\FaceLogon\smartlogon.exe(Valve Corporation) C:\Program Files (x86)\Steam\Steam.exe(Valve Corporation) C:\Program Files (x86)\Common Files\Steam\SteamService.exe(OldTimer Tools) C:\Users\Austin\Downloads\OTL.exe(Microsoft Corporation) C:\Program Files\Internet Explorer\iexplore.exe() C:\Program Files (x86)\ESET\ESET Online Scanner\OnlineCmdLineScanner.exe() C:\Program Files (x86)\ESET\ESET Online Scanner\OnlineCmdLineScanner.exe(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe ==================== Registry (Whitelisted) ================== HKLM\...\Run: [synTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2816808 2011-07-21] (Synaptics Incorporated)HKLM\...\Run: [AmIcoSinglun64] => C:\Program Files (x86)\AmIcoSingLun\AmIcoSinglun64.exe [361984 2011-03-21] (Alcor Micro Corp.)HKLM\...\Run: [RtHDVBg] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [2277992 2011-11-03] (Realtek Semiconductor)HKLM\...\Run: [synAsusAcpi] => C:\Program Files\Synaptics\SynTP\SynAsusAcpi.exe [98088 2011-07-21] (Synaptics Incorporated)HKLM\...\Run: [intelTBRunOnce] => wscript.exe //b //nologo "C:\Program Files\Intel\TurboBoost\RunTBGadgetOnce.vbs"HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [446392 2012-04-04] (Adobe Systems Incorporated)HKLM\...\Run: [Logitech Download Assistant] => C:\Windows\System32\LogiLDA.dll [1832760 2012-09-20] (Logitech, Inc.)HKLM-x32\...\Run: [ASUSPRP] => C:\Program Files (x86)\ASUS\APRP\APRP.EXE [3331312 2012-02-18] (ASUSTek Computer Inc.)HKLM-x32\...\Run: [ASUSWebStorage] => C:\Program Files (x86)\ASUS\ASUS WebStorage\3.0.108.222\AsusWSPanel.exe [737104 2011-07-29] (ecareme)HKLM-x32\...\Run: [sonicMasterTray] => C:\Program Files (x86)\ASUS\ASUS Sonic Focus\SonicFocusTray.exe [984400 2010-07-09] (Virage Logic Corporation / Sonic Focus)HKLM-x32\...\Run: [ATKOSD2] => C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe [5716608 2011-07-21] (ASUS)HKLM-x32\...\Run: [ATKMEDIA] => C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe [170624 2010-10-07] (ASUS)HKLM-x32\...\Run: [HControlUser] => C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControlUser.exe [105016 2009-06-19] (ASUS)HKLM-x32\...\Run: [Wireless Console 3] => C:\Program Files (x86)\ASUS\Wireless Console 3\wcourier.exe [2317312 2011-09-13] (ASUS)HKLM-x32\...\Run: [APSDaemon] => C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [59720 2013-09-13] (Apple Inc.)HKLM-x32\...\Run: [Razer Naga Driver] => C:\Program Files (x86)\Razer\Naga\RazerNagaSysTray.exe [953232 2011-11-16] (Razer USA Ltd)HKLM-x32\...\Run: [switchBoard] => C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Adobe Systems Incorporated)HKLM-x32\...\Run: [AdobeCS6ServiceManager] => C:\Program Files (x86)\Common Files\Adobe\CS6ServiceManager\CS6ServiceManager.exe [1073312 2012-03-09] (Adobe Systems Incorporated)HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959904 2013-11-21] (Adobe Systems Incorporated)Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)HKU\S-1-5-21-4013604506-3299596140-1703408517-1002\...\Run: [Pando Media Booster] => C:\Program Files (x86)\Pando Networks\Media Booster\PMB.exe [3093624 2013-02-11] ()HKU\S-1-5-21-4013604506-3299596140-1703408517-1002\...\Run: [AVG-Secure-Search-Update_0913a] => C:\Users\Austin\AppData\Roaming\AVG 0913a Campaign\AVG-Secure-Search-Update-0913a.exe /PROMPT --mid c56a5078fa0547d39d40c1f60ee1cdc3-55dc66e4c5f5f98de5d066c4eb32df1680c41498 --CMPID 0913aHKU\S-1-5-21-4013604506-3299596140-1703408517-1002\...\Run: [steam] => C:\Program Files (x86)\Steam\steam.exe [1821888 2014-02-25] (Valve Corporation)HKU\S-1-5-21-4013604506-3299596140-1703408517-1002\...\Run: [Overwolf] => C:\Program Files (x86)\Overwolf\Overwolf.exe -silentHKU\S-1-5-21-4013604506-3299596140-1703408517-1002\...\Run: [spotify Web Helper] => C:\Users\Austin\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe [1171968 2014-01-16] (Spotify Ltd)HKU\S-1-5-21-4013604506-3299596140-1703408517-1002\...\Run: [Gyazo] => C:\Program Files (x86)\Gyazo\GyStation.exe [2990304 2013-10-30] (Nota Inc.)HKU\S-1-5-21-4013604506-3299596140-1703408517-1002\...\Run: [LaunchList] => C:\Program Files (x86)\Pinnacle\Studio 11\LaunchList2.exeHKU\S-1-5-21-4013604506-3299596140-1703408517-1002\...\Run: [AdobeBridge] => [X]HKU\S-1-5-21-4013604506-3299596140-1703408517-1002\...\RunOnce: [FlashPlayerUpdate] - C:\Windows\SysWOW64\Macromed\Flash\FlashUtil32_12_0_0_77_Plugin.exe [841096 2014-03-11] (Adobe Systems Incorporated)AppInit_DLLs: C:\Windows\system32\nvinitx.dll => C:\Windows\system32\nvinitx.dll [246024 2012-12-29] (NVIDIA Corporation)AppInit_DLLs: C:\PROGRA~2\SN_X64~1.BOO => C:\Program Files (x86)\SN_x64.Booster [4210176 2014-04-18] ()AppInit_DLLs-x32: c:\windows\syswow64\nvinit.dll => c:\windows\syswow64\nvinit.dll [201728 2012-12-29] (NVIDIA Corporation)AppInit_DLLs-x32: c:\progra~2\sn0310~1.boo => C:\Program Files (x86)\SN.Booster [4296192 2014-04-18] ()Startup: C:\Users\Austin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OneNote 2010 Screen Clipper and Launcher.lnkShortcutTarget: OneNote 2010 Screen Clipper and Launcher.lnk -> C:\Program Files (x86)\Microsoft Office\Office14\ONENOTEM.EXE (Microsoft Corporation) ==================== Internet (Whitelisted) ==================== HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = http://www.msn.com/HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = en-USHKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://websearch.amaizingsearches.info/?pid=688&r=2014/04/18&hid=14496986421226090371&lg=EN&cc=US&unqvl=51HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://start.mysearchdial.com/?f=1&a=MSD3_14_10_CH&cd=2XzuyEtN2Y1L1QzutCtD0B0FyEzztDyDtByEtAtD0D0B0BtDtN0D0Tzu0SyBzyzztN1L2XzutBtFtCzztFtBtFtDtN1L1CzutCyEtDtAtDyD1V1TtN1L1G1B1V1N2Y1L1Qzu2SyB0F0D0CzyzzzztDtGtC0B0F0BtG0CtB0FyDtGtA0BtCtBtGtAtB0EzytAzzyByByB0E0C0E2QtN1M1F1B2Z1V1N2Y1L1Qzu2StB0A0CtB0FtC0A0EtG0ByB0CtDtGtDyDyDtAtG0EtDzzyDtGtC0A0E0AyB0FyDyEtC0D0B0F2Q&cr=755762624&ir=HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = http://websearch.amaizingsearches.info/?pid=688&r=2014/04/18&hid=14496986421226090371&lg=EN&cc=US&unqvl=51SearchScopes: HKLM - DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = http://start.mysearchdial.com/results.php?f=4&q={searchTerms}&a=MSD3_14_10_CH&cd=2XzuyEtN2Y1L1QzutCtD0B0FyEzztDyDtByEtAtD0D0B0BtDtN0D0Tzu0SyBzyzztN1L2XzutBtFtCzztFtBtFtDtN1L1CzutCyEtDtAtDyD1V1TtN1L1G1B1V1N2Y1L1Qzu2SyB0F0D0CzyzzzztDtGtC0B0F0BtG0CtB0FyDtGtA0BtCtBtGtAtB0EzytAzzyByByB0E0C0E2QtN1M1F1B2Z1V1N2Y1L1Qzu2StB0A0CtB0FtC0A0EtG0ByB0CtDtGtDyDyDtAtG0EtDzzyDtGtC0A0E0AyB0FyDyEtC0D0B0F2Q&cr=755762624&ir=SearchScopes: HKLM - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = http://start.mysearchdial.com/results.php?f=4&q={searchTerms}&a=MSD3_14_10_CH&cd=2XzuyEtN2Y1L1QzutCtD0B0FyEzztDyDtByEtAtD0D0B0BtDtN0D0Tzu0SyBzyzztN1L2XzutBtFtCzztFtBtFtDtN1L1CzutCyEtDtAtDyD1V1TtN1L1G1B1V1N2Y1L1Qzu2SyB0F0D0CzyzzzztDtGtC0B0F0BtG0CtB0FyDtGtA0BtCtBtGtAtB0EzytAzzyByByB0E0C0E2QtN1M1F1B2Z1V1N2Y1L1Qzu2StB0A0CtB0FtC0A0EtG0ByB0CtDtGtDyDyDtAtG0EtDzzyDtGtC0A0E0AyB0FyDyEtC0D0B0F2Q&cr=755762624&ir=SearchScopes: HKLM-x32 - DefaultScope {BB74DE59-BC4C-4172-9AC4-73315F71CFFE} URL = http://websearch.amaizingsearches.info/?l=1&q={searchTerms}&pid=688&r=2014/04/18&hid=14496986421226090371&lg=EN&cc=US&unqvl=51SearchScopes: HKLM-x32 - {BB74DE59-BC4C-4172-9AC4-73315F71CFFE} URL = http://websearch.amaizingsearches.info/?l=1&q={searchTerms}&pid=688&r=2014/04/18&hid=14496986421226090371&lg=EN&cc=US&unqvl=51SearchScopes: HKCU - DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = http://start.mysearchdial.com/results.php?f=4&q={searchTerms}&a=MSD3_14_10_CH&cd=2XzuyEtN2Y1L1QzutCtD0B0FyEzztDyDtByEtAtD0D0B0BtDtN0D0Tzu0SyBzyzztN1L2XzutBtFtCzztFtBtFtDtN1L1CzutCyEtDtAtDyD1V1TtN1L1G1B1V1N2Y1L1Qzu2SyB0F0D0CzyzzzztDtGtC0B0F0BtG0CtB0FyDtGtA0BtCtBtGtAtB0EzytAzzyByByB0E0C0E2QtN1M1F1B2Z1V1N2Y1L1Qzu2StB0A0CtB0FtC0A0EtG0ByB0CtDtGtDyDyDtAtG0EtDzzyDtGtC0A0E0AyB0FyDyEtC0D0B0F2Q&cr=755762624&ir=SearchScopes: HKCU - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = http://start.mysearchdial.com/results.php?f=4&q={searchTerms}&a=MSD3_14_10_CH&cd=2XzuyEtN2Y1L1QzutCtD0B0FyEzztDyDtByEtAtD0D0B0BtDtN0D0Tzu0SyBzyzztN1L2XzutBtFtCzztFtBtFtDtN1L1CzutCyEtDtAtDyD1V1TtN1L1G1B1V1N2Y1L1Qzu2SyB0F0D0CzyzzzztDtGtC0B0F0BtG0CtB0FyDtGtA0BtCtBtGtAtB0EzytAzzyByByB0E0C0E2QtN1M1F1B2Z1V1N2Y1L1Qzu2StB0A0CtB0FtC0A0EtG0ByB0CtDtGtDyDyDtAtG0EtDzzyDtGtC0A0E0AyB0FyDyEtC0D0B0F2Q&cr=755762624&ir=SearchScopes: HKCU - {0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9} URL = http://www.searchgol.com/?q={searchTerms}&babsrc=SP_ss&mntrId=008E78929C9BDB5F&affID=119351&tsp=5021SearchScopes: HKCU - {77AA745B-F4F8-45DA-9B14-61D2D95054C8} URL = SearchScopes: HKCU - {BB74DE59-BC4C-4172-9AC4-73315F71CFFE} URL = http://websearch.amaizingsearches.info/?l=1&q={searchTerms}&pid=688&r=2014/04/18&hid=14496986421226090371&lg=EN&cc=US&unqvl=51BHO: Java Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)BHO-x32: YoutubeAdblocker - {05C8E0B5-B137-CC45-8F7E-7AF0FB1A879B} - C:\Program Files (x86)\YoutubeAdblocker\d.dll ()BHO-x32: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)BHO-x32: SNT - {A55FA377-FE9B-D7A3-1788-2C388B7CDC29} - C:\Program Files (x86)\SNT\lEwpd.dll ()BHO-x32: save net - {AAAC971A-85D8-84AF-1B69-E27DB2294679} - C:\Program Files (x86)\save net\eoHb1R.dll ()BHO-x32: Office Document Cache Handler - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)BHO-x32: Bing Bar Helper - {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - C:\Program Files (x86)\Microsoft\BingBar\BingExt.dll (Microsoft Corporation.)Toolbar: HKLM-x32 - Bing Bar - {8dcb7100-df86-4384-8842-8fa844297b3f} - C:\Program Files (x86)\Microsoft\BingBar\BingExt.dll (Microsoft Corporation.)DPF: HKLM-x32 {7530BFB8-7293-4D34-9923-61A11451AFC5} http://download.eset.com/special/eos/OnlineScanner.cabHandler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)Tcpip\Parameters: [DhcpNameServer] 192.168.1.1 FireFox:========FF ProfilePath: C:\Users\Austin\AppData\Roaming\Mozilla\Firefox\Profiles\g19qnztp.defaultFF user.js: detected! => C:\Users\Austin\AppData\Roaming\Mozilla\Firefox\Profiles\g19qnztp.default\user.jsFF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF64_12_0_0_77.dll ()FF Plugin: @java.com/DTPlugin,version=10.51.2 - C:\Program Files\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)FF Plugin: @java.com/JavaPlugin,version=10.51.2 - C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)FF Plugin: @microsoft.com/GENUINE - disabled No FileFF Plugin: @Microsoft.com/NpCtrl,version=1.0 - C:\Program Files\Microsoft Silverlight\5.1.30214.0\npctrl.dll ( Microsoft Corporation)FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 - C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL (Microsoft Corporation)FF Plugin-x32: @adobe.com/FlashPlayer - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_12_0_0_77.dll ()FF Plugin-x32: @Apple.com/iTunes,version=1.0 - C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()FF Plugin-x32: @Google.com/GoogleEarthPlugin - C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google)FF Plugin-x32: @microsoft.com/GENUINE - disabled No FileFF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 - C:\Program Files (x86)\Microsoft Silverlight\5.1.30214.0\npctrl.dll ( Microsoft Corporation)FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 - C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL (Microsoft Corporation)FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 - C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL (Microsoft Corporation)FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3538.0513 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)FF Plugin-x32: @ogplanet.com/npOGPPlugin - C:\Windows\system32\npOGPPlugin.dll No FileFF Plugin-x32: @pandonetworks.com/PandoWebPlugin - C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks)FF Plugin-x32: @tools.google.com/Google Update;version=3 - C:\Program Files (x86)\Google\Update\1.3.23.9\npGoogleUpdate3.dll (Google Inc.)FF Plugin-x32: @tools.google.com/Google Update;version=9 - C:\Program Files (x86)\Google\Update\1.3.23.9\npGoogleUpdate3.dll (Google Inc.)FF Plugin-x32: Adobe Reader - C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)FF Plugin HKCU: @nsroblox.roblox.com/launcher - C:\Users\Austin\AppData\Local\Roblox\Versions\version-77cb13cdf4414374\\NPRobloxProxy.dll ( ROBLOX Corporation)FF Plugin HKCU: @unity3d.com/UnityPlayer,version=1.0 - C:\Users\Austin\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll (Unity Technologies ApS)FF Plugin HKCU: pandonetworks.com/PandoWebPlugin - C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks)FF SearchPlugin: C:\Users\Austin\AppData\Roaming\Mozilla\Firefox\Profiles\g19qnztp.default\searchplugins\conduit.xmlFF SearchPlugin: C:\Users\Austin\AppData\Roaming\Mozilla\Firefox\Profiles\g19qnztp.default\searchplugins\Mysearchdial.xmlFF SearchPlugin: C:\Users\Austin\AppData\Roaming\Mozilla\Firefox\Profiles\g19qnztp.default\searchplugins\safeguard-secure-search.xmlFF SearchPlugin: C:\Users\Austin\AppData\Roaming\Mozilla\Firefox\Profiles\g19qnztp.default\searchplugins\WebSearch.xmlFF Extension: No Name - C:\Users\Austin\AppData\Roaming\Mozilla\Firefox\Profiles\g19qnztp.default\Extensions\staged [2014-03-08]FF Extension: Safe Search Bar - C:\Users\Austin\AppData\Roaming\Mozilla\Firefox\Profiles\g19qnztp.default\Extensions\{e504e7b9-ae2a-4fd2-a3c3-2f63b09488ed} [2013-08-29]FF HKLM-x32\...\Firefox\Extensions: [{D19CA586-DD6C-4a0a-96F8-14644F340D60}] - C:\Program Files (x86)\Common Files\McAfee\SystemCoreFF HKLM-x32\...\Thunderbird\Extensions: [msktbird@mcafee.com] - C:\Program Files\McAfee\MSK Chrome: =======CHR Plugin: (Shockwave Flash) - C:\Program Files (x86)\Google\Chrome\Application\34.0.1847.116\PepperFlash\pepflashplayer.dll ()CHR Plugin: (Chrome Remote Desktop Viewer) - internal-remoting-viewerCHR Plugin: (Native Client) - C:\Program Files (x86)\Google\Chrome\Application\34.0.1847.116\ppGoogleNaClPluginChrome.dll ()CHR Plugin: (Chrome PDF Viewer) - C:\Program Files (x86)\Google\Chrome\Application\34.0.1847.116\pdf.dll ()CHR Plugin: (McAfee SiteAdvisor) - C:\Users\Austin\AppData\Local\Google\Chrome\User Data\Default\Extensions\fheoggkfdfchfphceeifdbepaooicaho\3.50.146.2_0\McChPlg.dll No FileCHR Plugin: (Adobe Acrobat) - C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Browser\nppdf32.dll (Adobe Systems Inc.)CHR Plugin: (Google Update) - C:\Program Files (x86)\Google\Update\1.3.21.79\npGoogleUpdate3.dll No FileCHR Plugin: (Java Platform SE 7 U9) - C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll No FileCHR Plugin: (McAfee SiteAdvisor) - C:\Program Files (x86)\McAfee\SiteAdvisor\npmcffplg32.dll No FileCHR Plugin: (Silverlight Plug-In) - C:\Program Files (x86)\Microsoft Silverlight\4.0.50401.0\npctrl.dll No FileCHR Plugin: (Windows Live Photo Gallery) - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)CHR Plugin: (Java Deployment Toolkit 7.0.90.5) - C:\Windows\SysWOW64\npDeployJava1.dll No FileCHR Plugin: (Shockwave Flash) - C:\Windows\system32\Macromed\Flash\NPSWF32.dll No FileCHR Plugin: (McAfee SecurityCenter) - c:\progra~2\mcafee\msc\npmcsn~1.dll No FileCHR Extension: (Google Drive) - C:\Users\Austin\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2012-11-08]CHR Extension: (YouTube) - C:\Users\Austin\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2012-11-08]CHR Extension: (Honey) - C:\Users\Austin\AppData\Local\Google\Chrome\User Data\Default\Extensions\bmnlcjabgnpnenekpadlanbbkooimhnj [2014-01-18]CHR Extension: (Google Search) - C:\Users\Austin\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2012-11-08]CHR Extension: (YoutubeAdblocker) - C:\Users\Austin\AppData\Local\Google\Chrome\User Data\Default\Extensions\dnhmgponpoglenkoomcojdgjfgakoaai [2014-04-18]CHR Extension: (AdBlock) - C:\Users\Austin\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2013-09-26]CHR Extension: (Reddit Enhancement Suite) - C:\Users\Austin\AppData\Local\Google\Chrome\User Data\Default\Extensions\kbmfpngjjgdllneeigpgjifpgocmfgmb [2013-09-16]CHR Extension: (Google Wallet) - C:\Users\Austin\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2013-08-20]CHR Extension: (Gmail) - C:\Users\Austin\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2012-11-08]CHR HKCU\...\Chrome\Extension: [bjninacglmmmbabmlkaegnanopeoiong] - C:\Users\Austin\AppData\Local\CRE\bjninacglmmmbabmlkaegnanopeoiong.crx [2013-08-28]CHR HKLM-x32\...\Chrome\Extension: [bjninacglmmmbabmlkaegnanopeoiong] - C:\Users\Austin\AppData\Local\CRE\bjninacglmmmbabmlkaegnanopeoiong.crx [2013-08-28]CHR HKLM-x32\...\Chrome\Extension: [eooncjejnppfjjklapaamhcdmjbilmde] - C:\Users\Austin\AppData\Roaming\BabSolution\CR\Delta.crx [2013-09-29]CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION ==================== Services (Whitelisted) ================= R2 1a34a8e0; C:\Program Files (x86)\SNSvc.dll [174928 2014-04-18] ()S3 MyWiFiDHCPDNS; C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe [273136 2013-07-17] ()S3 npggsvc; C:\Windows\SysWOW64\GameMon.des [4276136 2013-04-14] (INCA Internet Co., Ltd.)S2 PCLEPCI; C:\Windows\SysWOW64\drivers\pclepci.sys [14165 2005-02-09] (Pinnacle Systems GmbH)R2 PnkBstrA; C:\Windows\SysWOW64\PnkBstrA.exe [76888 2014-04-18] ()R2 ZeroConfigService; C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe [3377904 2013-07-17] (Intel® Corporation) ==================== Drivers (Whitelisted) ==================== R3 kbfiltr; C:\Windows\System32\DRIVERS\kbfiltr.sys [15416 2009-07-20] ( )R3 RzSynapse; C:\Windows\System32\DRIVERS\RzSynapse.sys [126464 2011-11-15] (Razer USA Ltd)S3 taphss6; C:\Windows\System32\DRIVERS\taphss6.sys [42184 2014-03-24] (Anchorfree Inc.)R3 VBAudioVACMME; C:\Windows\System32\DRIVERS\vbaudio_cable64_win7.sys [41192 2013-07-11] (Windows ® Win 7 DDK provider)S3 EagleX64; \??\C:\Windows\system32\drivers\EagleX64.sys [X] ==================== NetSvcs (Whitelisted) =================== ==================== One Month Created Files and Folders ======== 2014-04-19 02:18 - 2014-04-19 02:18 - 00025197 _____ () C:\Users\Austin\Desktop\FRST.txt2014-04-19 02:17 - 2014-04-19 02:18 - 00000000 ____D () C:\FRST2014-04-19 02:16 - 2014-04-19 02:16 - 02158592 _____ (Farbar) C:\Users\Austin\Desktop\FRST64.exe2014-04-19 00:38 - 2014-04-19 00:38 - 00239675 _____ () C:\Users\Austin\Downloads\unedditredditAddon_1_5.xpi2014-04-19 00:33 - 2014-04-19 00:33 - 00000000 ____D () C:\Program Files (x86)\ESET2014-04-19 00:30 - 2014-04-19 00:30 - 00134758 _____ () C:\Users\Austin\Downloads\Extras.Txt2014-04-19 00:29 - 2014-04-19 00:29 - 00312744 _____ (Oracle Corporation) C:\Windows\system32\javaws.exe2014-04-19 00:29 - 2014-04-19 00:29 - 00189352 _____ (Oracle Corporation) C:\Windows\system32\javaw.exe2014-04-19 00:29 - 2014-04-19 00:29 - 00189352 _____ (Oracle Corporation) C:\Windows\system32\java.exe2014-04-19 00:29 - 2014-04-19 00:29 - 00114162 _____ () C:\Users\Austin\Downloads\OTL.Txt2014-04-19 00:29 - 2014-04-19 00:29 - 00108968 _____ (Oracle Corporation) C:\Windows\system32\WindowsAccessBridge-64.dll2014-04-19 00:29 - 2014-04-19 00:29 - 00000000 ____D () C:\Program Files\Java2014-04-19 00:19 - 2014-04-19 00:31 - 00000000 ____D () C:\Users\Austin\Desktop\Remove old JAVA2014-04-19 00:19 - 2014-04-19 00:19 - 00156058 _____ () C:\Users\Austin\Downloads\JavaRa-2.5.zip2014-04-19 00:16 - 2014-04-19 00:16 - 00602112 _____ (OldTimer Tools) C:\Users\Austin\Downloads\OTL.exe2014-04-18 14:13 - 2014-04-18 15:01 - 00291760 _____ () C:\Windows\SysWOW64\PnkBstrB.xtr2014-04-18 14:13 - 2014-04-18 14:13 - 00000000 ____D () C:\Users\Austin\AppData\Local\PunkBuster2014-04-18 14:11 - 2014-04-18 14:23 - 109845143 _____ () C:\Users\Austin\Downloads\YG_MKLDE_UMHQ.zip2014-04-18 14:09 - 2014-04-18 14:09 - 04296192 _____ () C:\Program Files (x86)\SN.Booster2014-04-18 14:09 - 2014-04-18 14:09 - 04210176 _____ () C:\Program Files (x86)\SN_x64.Booster2014-04-18 14:09 - 2014-04-18 14:09 - 00174928 _____ () C:\Program Files (x86)\SNSvc.dll2014-04-18 14:09 - 2014-04-18 14:09 - 00002696 _____ () C:\Windows\System32\Tasks\SN.Booster-S-15327816062014-04-18 14:09 - 2014-04-18 14:09 - 00000450 ____H () C:\Windows\Tasks\SN.Booster-S-1532781606.job2014-04-18 14:09 - 2014-04-18 14:09 - 00000000 ____D () C:\ProgramData\YoutubeAdblocker2014-04-18 14:09 - 2014-04-18 14:09 - 00000000 ____D () C:\ProgramData\SuperbApp2014-04-18 14:09 - 2014-04-18 14:09 - 00000000 ____D () C:\ProgramData\SNT2014-04-18 14:09 - 2014-04-18 14:09 - 00000000 ____D () C:\Program Files (x86)\YoutubeAdblocker2014-04-18 14:09 - 2014-04-18 14:09 - 00000000 ____D () C:\Program Files (x86)\SNT2014-04-18 14:08 - 2014-04-18 14:09 - 00000000 ____D () C:\ProgramData\726a9a91e9097b862014-04-18 14:08 - 2014-04-18 14:08 - 00000000 ____D () C:\Users\UpdatusUser\AppData\Local\Torch2014-04-18 14:08 - 2014-04-18 14:08 - 00000000 ____D () C:\Users\UpdatusUser\AppData\Local\Google2014-04-18 14:08 - 2014-04-18 14:08 - 00000000 ____D () C:\Users\UpdatusUser\AppData\Local\Comodo2014-04-18 14:08 - 2014-04-18 14:08 - 00000000 ____D () C:\Users\HomeGroupUser$\AppData\Local\Torch2014-04-18 14:08 - 2014-04-18 14:08 - 00000000 ____D () C:\Users\HomeGroupUser$\AppData\Local\Google2014-04-18 14:08 - 2014-04-18 14:08 - 00000000 ____D () C:\Users\HomeGroupUser$\AppData\Local\Comodo2014-04-18 14:08 - 2014-04-18 14:08 - 00000000 ____D () C:\Users\HomeGroupUser$2014-04-18 14:08 - 2014-04-18 14:08 - 00000000 ____D () C:\Users\Guest\AppData\Local\Torch2014-04-18 14:08 - 2014-04-18 14:08 - 00000000 ____D () C:\Users\Guest\AppData\Local\Google2014-04-18 14:08 - 2014-04-18 14:08 - 00000000 ____D () C:\Users\Guest\AppData\Local\Comodo2014-04-18 14:08 - 2014-04-18 14:08 - 00000000 ____D () C:\Users\Guest2014-04-18 14:08 - 2014-04-18 14:08 - 00000000 ____D () C:\Users\Austin\AppData\Local\Torch2014-04-18 14:08 - 2014-04-18 14:08 - 00000000 ____D () C:\Users\Austin\AppData\Local\Packages2014-04-18 14:08 - 2014-04-18 14:08 - 00000000 ____D () C:\Users\Austin\AppData\Local\Comodo2014-04-18 14:08 - 2014-04-18 14:08 - 00000000 ____D () C:\Users\Administrator\AppData\Local\Torch2014-04-18 14:08 - 2014-04-18 14:08 - 00000000 ____D () C:\Users\Administrator\AppData\Local\Google2014-04-18 14:08 - 2014-04-18 14:08 - 00000000 ____D () C:\Users\Administrator\AppData\Local\Comodo2014-04-18 14:08 - 2014-04-18 14:08 - 00000000 ____D () C:\Users\Administrator2014-04-18 14:08 - 2014-04-18 14:08 - 00000000 ____D () C:\ProgramData\save net2014-04-18 14:08 - 2014-04-18 14:08 - 00000000 ____D () C:\ProgramData\InstallMate2014-04-18 14:08 - 2014-04-18 14:08 - 00000000 ____D () C:\Program Files (x86)\save net2014-04-18 13:58 - 2014-04-18 15:01 - 00291760 _____ () C:\Windows\SysWOW64\PnkBstrB.exe2014-04-18 13:58 - 2014-04-18 14:43 - 00291488 _____ () C:\Windows\SysWOW64\PnkBstrB.ex02014-04-18 13:58 - 2014-04-18 13:58 - 00076888 _____ () C:\Windows\SysWOW64\PnkBstrA.exe2014-04-18 13:57 - 2014-04-18 13:57 - 00000000 ____D () C:\Users\Austin\AppData\Local\Ubisoft2014-04-16 00:40 - 2014-04-16 00:40 - 00002039 _____ () C:\Users\Public\Desktop\Hi-Rez Diagnostics and Support.lnk2014-04-16 00:40 - 2014-04-16 00:40 - 00002030 _____ () C:\Users\Public\Desktop\Smite.lnk2014-04-16 00:40 - 2014-04-16 00:40 - 00000000 ____D () C:\ProgramData\Hi-Rez Studios2014-04-16 00:39 - 2014-04-16 00:40 - 00000000 ____D () C:\Program Files (x86)\Hi-Rez Studios2014-04-16 00:38 - 2014-04-16 00:38 - 39967251 _____ (Hi-Rez Studios) C:\Users\Austin\Downloads\InstallHiRezGamesEnglish.exe2014-04-15 23:10 - 2014-04-15 23:10 - 00438680 _____ () C:\Users\Austin\Downloads\loosing_kayden_scene_3_5871_alexis_texas_720p_3800_mp4.exe2014-04-15 10:58 - 2014-04-15 10:58 - 00000000 ____D () C:\Users\Austin\Desktop\fishing2014-04-12 23:04 - 2014-04-12 23:04 - 00632688 _____ (ROBLOX Corporation) C:\Users\Austin\Downloads\RobloxPlayerLauncher (1).exe2014-04-12 23:03 - 2014-04-18 12:20 - 00000000 ____D () C:\Users\Austin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Roblox2014-04-12 23:03 - 2014-04-12 23:03 - 00632688 _____ (ROBLOX Corporation) C:\Users\Austin\Downloads\RobloxPlayerLauncher.exe2014-04-12 14:31 - 2014-04-12 14:32 - 00000217 _____ () C:\Users\Austin\Desktop\New Text Document.txt2014-04-10 21:53 - 2014-04-10 22:04 - 01369651 _____ () C:\Users\Austin\Downloads\Morphine Powerpoint.pptx2014-04-10 18:04 - 2014-04-10 18:04 - 01378966 _____ () C:\Users\Austin\Documents\Morphine PPPPPPPPPPPOOOOOOWER POINT.... is censoredING STUPID.pptx2014-04-06 23:03 - 2014-04-06 23:03 - 00335184 _____ (GreenApp) C:\Users\Austin\Downloads\Isabella Valentine - Rising Fall Sample.exe2014-03-30 14:05 - 2014-03-30 14:05 - 00000000 ____D () C:\ProgramData\hsswpr2014-03-30 14:01 - 2014-03-30 14:01 - 00000000 ____D () C:\Users\Austin\Desktop\lolz2014-03-30 13:57 - 2014-03-30 13:57 - 00000000 ____D () C:\Users\Austin\AppData\Roaming\Hotspot Shield2014-03-30 13:56 - 2014-03-30 13:57 - 08826952 _____ () C:\Users\Austin\Downloads\HSS-3.37-install-e-550-plain.exe2014-03-30 13:51 - 2014-03-30 14:01 - 00000000 ____D () C:\Users\Austin\Downloads\[X-Art] Just Us Girls - Caprice, Tiffany2014-03-30 13:50 - 2014-03-30 13:50 - 00000877 _____ () C:\Users\Austin\Desktop\BitTorrent.lnk2014-03-30 13:48 - 2014-03-30 14:01 - 00000000 ____D () C:\Users\Austin\AppData\Roaming\BitTorrent2014-03-30 13:48 - 2014-03-30 13:48 - 01615960 _____ (BitTorrent Inc.) C:\Users\Austin\Downloads\bittorrent.exe2014-03-30 13:48 - 2014-03-30 13:48 - 00053362 _____ () C:\Users\Austin\Downloads\9BD09BC3F20B43C48DE689940751F21750911207.torrent2014-03-29 17:12 - 2014-04-12 22:36 - 00000000 ____D () C:\Users\Austin\Desktop\New folder2014-03-24 13:12 - 2014-03-24 13:12 - 00042184 _____ (Anchorfree Inc.) C:\Windows\system32\Drivers\taphss6.sys ==================== One Month Modified Files and Folders ======= 2014-04-19 02:18 - 2014-04-19 02:18 - 00025197 _____ () C:\Users\Austin\Desktop\FRST.txt2014-04-19 02:18 - 2014-04-19 02:17 - 00000000 ____D () C:\FRST2014-04-19 02:16 - 2014-04-19 02:16 - 02158592 _____ (Farbar) C:\Users\Austin\Desktop\FRST64.exe2014-04-19 02:08 - 2012-02-18 00:37 - 00000912 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job2014-04-19 01:46 - 2014-03-08 13:46 - 00000296 _____ () C:\Windows\Tasks\MySearchDial.job2014-04-19 01:27 - 2013-01-05 00:57 - 00000830 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job2014-04-19 01:19 - 2012-04-12 14:51 - 01623256 _____ () C:\Windows\WindowsUpdate.log2014-04-19 00:38 - 2014-04-19 00:38 - 00239675 _____ () C:\Users\Austin\Downloads\unedditredditAddon_1_5.xpi2014-04-19 00:33 - 2014-04-19 00:33 - 00000000 ____D () C:\Program Files (x86)\ESET2014-04-19 00:31 - 2014-04-19 00:19 - 00000000 ____D () C:\Users\Austin\Desktop\Remove old JAVA2014-04-19 00:30 - 2014-04-19 00:30 - 00134758 _____ () C:\Users\Austin\Downloads\Extras.Txt2014-04-19 00:29 - 2014-04-19 00:29 - 00312744 _____ (Oracle Corporation) C:\Windows\system32\javaws.exe2014-04-19 00:29 - 2014-04-19 00:29 - 00189352 _____ (Oracle Corporation) C:\Windows\system32\javaw.exe2014-04-19 00:29 - 2014-04-19 00:29 - 00189352 _____ (Oracle Corporation) C:\Windows\system32\java.exe2014-04-19 00:29 - 2014-04-19 00:29 - 00114162 _____ () C:\Users\Austin\Downloads\OTL.Txt2014-04-19 00:29 - 2014-04-19 00:29 - 00108968 _____ (Oracle Corporation) C:\Windows\system32\WindowsAccessBridge-64.dll2014-04-19 00:29 - 2014-04-19 00:29 - 00000000 ____D () C:\Program Files\Java2014-04-19 00:19 - 2014-04-19 00:19 - 00156058 _____ () C:\Users\Austin\Downloads\JavaRa-2.5.zip2014-04-19 00:16 - 2014-04-19 00:16 - 00602112 _____ (OldTimer Tools) C:\Users\Austin\Downloads\OTL.exe2014-04-18 23:29 - 2013-08-19 18:01 - 00059967 _____ () C:\Windows\setupact.log2014-04-18 22:46 - 2013-05-23 21:54 - 00000000 ____D () C:\Users\Austin\AppData\Roaming\Skype2014-04-18 22:37 - 2013-11-10 18:30 - 00000000 ____D () C:\Users\Austin\AppData\Roaming\TS3Client2014-04-18 21:28 - 2013-10-27 14:16 - 00000000 ____D () C:\Program Files (x86)\Steam2014-04-18 19:24 - 2014-01-25 21:04 - 00000000 ____D () C:\Users\Austin\AppData\Roaming\foobar20002014-04-18 19:05 - 2012-02-18 00:37 - 00000908 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job2014-04-18 17:43 - 2009-07-13 21:45 - 00009920 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A02014-04-18 17:43 - 2009-07-13 21:45 - 00009920 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A02014-04-18 16:10 - 2014-01-25 20:37 - 00000000 ____D () C:\Users\Austin\Desktop\Songs2014-04-18 15:01 - 2014-04-18 14:13 - 00291760 _____ () C:\Windows\SysWOW64\PnkBstrB.xtr2014-04-18 15:01 - 2014-04-18 13:58 - 00291760 _____ () C:\Windows\SysWOW64\PnkBstrB.exe2014-04-18 14:43 - 2014-04-18 13:58 - 00291488 _____ () C:\Windows\SysWOW64\PnkBstrB.ex02014-04-18 14:23 - 2014-04-18 14:11 - 109845143 _____ () C:\Users\Austin\Downloads\YG_MKLDE_UMHQ.zip2014-04-18 14:13 - 2014-04-18 14:13 - 00000000 ____D () C:\Users\Austin\AppData\Local\PunkBuster2014-04-18 14:09 - 2014-04-18 14:09 - 04296192 _____ () C:\Program Files (x86)\SN.Booster2014-04-18 14:09 - 2014-04-18 14:09 - 04210176 _____ () C:\Program Files (x86)\SN_x64.Booster2014-04-18 14:09 - 2014-04-18 14:09 - 00174928 _____ () C:\Program Files (x86)\SNSvc.dll2014-04-18 14:09 - 2014-04-18 14:09 - 00002696 _____ () C:\Windows\System32\Tasks\SN.Booster-S-15327816062014-04-18 14:09 - 2014-04-18 14:09 - 00000450 ____H () C:\Windows\Tasks\SN.Booster-S-1532781606.job2014-04-18 14:09 - 2014-04-18 14:09 - 00000000 ____D () C:\ProgramData\YoutubeAdblocker2014-04-18 14:09 - 2014-04-18 14:09 - 00000000 ____D () C:\ProgramData\SuperbApp2014-04-18 14:09 - 2014-04-18 14:09 - 00000000 ____D () C:\ProgramData\SNT2014-04-18 14:09 - 2014-04-18 14:09 - 00000000 ____D () C:\Program Files (x86)\YoutubeAdblocker2014-04-18 14:09 - 2014-04-18 14:09 - 00000000 ____D () C:\Program Files (x86)\SNT2014-04-18 14:09 - 2014-04-18 14:08 - 00000000 ____D () C:\ProgramData\726a9a91e9097b862014-04-18 14:08 - 2014-04-18 14:08 - 00000000 ____D () C:\Users\UpdatusUser\AppData\Local\Torch2014-04-18 14:08 - 2014-04-18 14:08 - 00000000 ____D () C:\Users\UpdatusUser\AppData\Local\Google2014-04-18 14:08 - 2014-04-18 14:08 - 00000000 ____D () C:\Users\UpdatusUser\AppData\Local\Comodo2014-04-18 14:08 - 2014-04-18 14:08 - 00000000 ____D () C:\Users\HomeGroupUser$\AppData\Local\Torch2014-04-18 14:08 - 2014-04-18 14:08 - 00000000 ____D () C:\Users\HomeGroupUser$\AppData\Local\Google2014-04-18 14:08 - 2014-04-18 14:08 - 00000000 ____D () C:\Users\HomeGroupUser$\AppData\Local\Comodo2014-04-18 14:08 - 2014-04-18 14:08 - 00000000 ____D () C:\Users\HomeGroupUser$2014-04-18 14:08 - 2014-04-18 14:08 - 00000000 ____D () C:\Users\Guest\AppData\Local\Torch2014-04-18 14:08 - 2014-04-18 14:08 - 00000000 ____D () C:\Users\Guest\AppData\Local\Google2014-04-18 14:08 - 2014-04-18 14:08 - 00000000 ____D () C:\Users\Guest\AppData\Local\Comodo2014-04-18 14:08 - 2014-04-18 14:08 - 00000000 ____D () C:\Users\Guest2014-04-18 14:08 - 2014-04-18 14:08 - 00000000 ____D () C:\Users\Austin\AppData\Local\Torch2014-04-18 14:08 - 2014-04-18 14:08 - 00000000 ____D () C:\Users\Austin\AppData\Local\Packages2014-04-18 14:08 - 2014-04-18 14:08 - 00000000 ____D () C:\Users\Austin\AppData\Local\Comodo2014-04-18 14:08 - 2014-04-18 14:08 - 00000000 ____D () C:\Users\Administrator\AppData\Local\Torch2014-04-18 14:08 - 2014-04-18 14:08 - 00000000 ____D () C:\Users\Administrator\AppData\Local\Google2014-04-18 14:08 - 2014-04-18 14:08 - 00000000 ____D () C:\Users\Administrator\AppData\Local\Comodo2014-04-18 14:08 - 2014-04-18 14:08 - 00000000 ____D () C:\Users\Administrator2014-04-18 14:08 - 2014-04-18 14:08 - 00000000 ____D () C:\ProgramData\save net2014-04-18 14:08 - 2014-04-18 14:08 - 00000000 ____D () C:\ProgramData\InstallMate2014-04-18 14:08 - 2014-04-18 14:08 - 00000000 ____D () C:\Program Files (x86)\save net2014-04-18 14:08 - 2012-11-08 01:28 - 00000000 ____D () C:\Users\Austin\AppData\Local\Google2014-04-18 13:58 - 2014-04-18 13:58 - 00076888 _____ () C:\Windows\SysWOW64\PnkBstrA.exe2014-04-18 13:57 - 2014-04-18 13:57 - 00000000 ____D () C:\Users\Austin\AppData\Local\Ubisoft2014-04-18 12:32 - 2013-02-11 15:47 - 00000000 ____D () C:\Users\Austin\AppData\Local\PMB Files2014-04-18 12:20 - 2014-04-12 23:03 - 00000000 ____D () C:\Users\Austin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Roblox2014-04-18 10:33 - 2012-11-08 16:46 - 00000000 ____D () C:\Users\Austin\AppData\Local\Adobe2014-04-17 14:32 - 2013-02-11 15:47 - 00000000 ____D () C:\ProgramData\PMB Files2014-04-17 01:02 - 2012-11-12 11:35 - 00000000 ____D () C:\Users\Austin\AppData\Roaming\.minecraft2014-04-16 08:57 - 2012-11-08 19:35 - 00000000 ____D () C:\Users\Austin\Documents\My Games2014-04-16 08:56 - 2013-11-12 18:40 - 00106438 _____ () C:\Windows\DirectX.log2014-04-16 00:40 - 2014-04-16 00:40 - 00002039 _____ () C:\Users\Public\Desktop\Hi-Rez Diagnostics and Support.lnk2014-04-16 00:40 - 2014-04-16 00:40 - 00002030 _____ () C:\Users\Public\Desktop\Smite.lnk2014-04-16 00:40 - 2014-04-16 00:40 - 00000000 ____D () C:\ProgramData\Hi-Rez Studios2014-04-16 00:40 - 2014-04-16 00:39 - 00000000 ____D () C:\Program Files (x86)\Hi-Rez Studios2014-04-16 00:39 - 2012-04-12 14:55 - 00000000 ___HD () C:\Program Files (x86)\InstallShield Installation Information2014-04-16 00:38 - 2014-04-16 00:38 - 39967251 _____ (Hi-Rez Studios) C:\Users\Austin\Downloads\InstallHiRezGamesEnglish.exe2014-04-15 23:23 - 2012-11-16 22:41 - 00000000 ____D () C:\Users\Austin\AppData\Local\Roblox2014-04-15 23:10 - 2014-04-15 23:10 - 00438680 _____ () C:\Users\Austin\Downloads\loosing_kayden_scene_3_5871_alexis_texas_720p_3800_mp4.exe2014-04-15 10:58 - 2014-04-15 10:58 - 00000000 ____D () C:\Users\Austin\Desktop\fishing2014-04-13 10:01 - 2013-11-23 23:22 - 00000000 ____D () C:\Users\Austin\Desktop\Maybe important2014-04-12 23:04 - 2014-04-12 23:04 - 00632688 _____ (ROBLOX Corporation) C:\Users\Austin\Downloads\RobloxPlayerLauncher (1).exe2014-04-12 23:03 - 2014-04-12 23:03 - 00632688 _____ (ROBLOX Corporation) C:\Users\Austin\Downloads\RobloxPlayerLauncher.exe2014-04-12 22:36 - 2014-03-29 17:12 - 00000000 ____D () C:\Users\Austin\Desktop\New folder2014-04-12 14:32 - 2014-04-12 14:31 - 00000217 _____ () C:\Users\Austin\Desktop\New Text Document.txt2014-04-10 22:04 - 2014-04-10 21:53 - 01369651 _____ () C:\Users\Austin\Downloads\Morphine Powerpoint.pptx2014-04-10 18:14 - 2012-11-19 15:40 - 00000000 ____D () C:\Users\Austin\AppData\Local\Paint.NET2014-04-10 18:04 - 2014-04-10 18:04 - 01378966 _____ () C:\Users\Austin\Documents\Morphine PPPPPPPPPPPOOOOOOWER POINT.... is censoredING STUPID.pptx2014-04-06 23:03 - 2014-04-06 23:03 - 00335184 _____ (GreenApp) C:\Users\Austin\Downloads\Isabella Valentine - Rising Fall Sample.exe2014-04-05 10:45 - 2009-07-13 20:20 - 00000000 ____D () C:\Windows\system32\NDF2014-03-31 19:00 - 2012-02-18 00:37 - 00003908 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA2014-03-31 19:00 - 2012-02-18 00:37 - 00003656 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore2014-03-31 09:35 - 2012-11-17 11:23 - 00270496 ____N (Microsoft Corporation) C:\Windows\system32\MpSigStub.exe2014-03-30 14:05 - 2014-03-30 14:05 - 00000000 ____D () C:\ProgramData\hsswpr2014-03-30 14:01 - 2014-03-30 14:01 - 00000000 ____D () C:\Users\Austin\Desktop\lolz2014-03-30 14:01 - 2014-03-30 13:51 - 00000000 ____D () C:\Users\Austin\Downloads\[X-Art] Just Us Girls - Caprice, Tiffany2014-03-30 14:01 - 2014-03-30 13:48 - 00000000 ____D () C:\Users\Austin\AppData\Roaming\BitTorrent2014-03-30 13:57 - 2014-03-30 13:57 - 00000000 ____D () C:\Users\Austin\AppData\Roaming\Hotspot Shield2014-03-30 13:57 - 2014-03-30 13:56 - 08826952 _____ () C:\Users\Austin\Downloads\HSS-3.37-install-e-550-plain.exe2014-03-30 13:50 - 2014-03-30 13:50 - 00000877 _____ () C:\Users\Austin\Desktop\BitTorrent.lnk2014-03-30 13:48 - 2014-03-30 13:48 - 01615960 _____ (BitTorrent Inc.) C:\Users\Austin\Downloads\bittorrent.exe2014-03-30 13:48 - 2014-03-30 13:48 - 00053362 _____ () C:\Users\Austin\Downloads\9BD09BC3F20B43C48DE689940751F21750911207.torrent2014-03-29 16:47 - 2014-03-08 13:47 - 00002103 _____ () C:\Users\Austin\Desktop\vba.ini2014-03-24 13:12 - 2014-03-24 13:12 - 00042184 _____ (Anchorfree Inc.) C:\Windows\system32\Drivers\taphss6.sys Files to move or delete:====================C:\Users\Austin\jagex_cl_runescape_LIVE.datC:\Users\Austin\random.dat Some content of TEMP:====================C:\Users\Austin\AppData\Local\Temp\i4jdel0.exeC:\Users\Austin\AppData\Local\Temp\ICReinstall_CR_Downloader_for_pokemon-firered.exeC:\Users\Austin\AppData\Local\Temp\java-installer.exeC:\Users\Austin\AppData\Local\Temp\Tsu04BDF13E.dllC:\Users\Austin\AppData\Local\Temp\_is69C6.exeC:\Users\Austin\AppData\Local\Temp\_is9BC.exe ==================== Bamital & volsnap Check ================= C:\Windows\System32\winlogon.exe => MD5 is legitC:\Windows\System32\wininit.exe => MD5 is legitC:\Windows\SysWOW64\wininit.exe => MD5 is legitC:\Windows\explorer.exe => MD5 is legitC:\Windows\SysWOW64\explorer.exe => MD5 is legitC:\Windows\System32\svchost.exe => MD5 is legitC:\Windows\SysWOW64\svchost.exe => MD5 is legitC:\Windows\System32\services.exe => MD5 is legitC:\Windows\System32\User32.dll => MD5 is legitC:\Windows\SysWOW64\User32.dll => MD5 is legitC:\Windows\System32\userinit.exe => MD5 is legitC:\Windows\SysWOW64\userinit.exe => MD5 is legitC:\Windows\System32\rpcss.dll => MD5 is legitC:\Windows\System32\Drivers\volsnap.sys => MD5 is legit LastRegBack: 2014-03-10 00:41 ==================== End Of Log ============================
Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.