xagersfeld

Ok.

The software keeps crashing at the 84% mark. Tried to restart, but it keeps crashing. What should I do?

Here is the ComboFix log: ComboFix 13-11-19.01 - xagersfeld 11/19/2013 8:30.2.2 - x64 Microsoft Windows 7 Professional 6.1.7601.1.1252.1.1033.18.4061.1919 [GMT -8:00] Running from: c:\users\xagersfeld\Desktop\ComboFix.exe SP: Spybot - Search and Destroy *Disabled/Updated* {9BC38DF1-3CCA-732D-A930-C1CA5F20A4B0} SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} . . ((((((((((((((((((((((((((((((((((((((( Other Deletions ))))))))))))))))))))))))))))))))))))))))))))))))) . . c:\windows\SysWow64\FlashPlayerApp.exe . . ((((((((((((((((((((((((( Files Created from 2013-10-19 to 2013-11-19 ))))))))))))))))))))))))))))))) . . 2013-11-19 17:57 . 2013-11-19 17:57 -------- d-----w- c:\users\Default\AppData\Local\temp 2013-11-19 13:15 . 2013-11-19 20:49 75888 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{8FB83080-0606-4E4A-AD26-5A90C7DF38C2}\offreg.dll 2013-11-19 13:13 . 2013-11-08 03:12 10285968 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{8FB83080-0606-4E4A-AD26-5A90C7DF38C2}\mpengine.dll 2013-11-18 02:13 . 2013-11-18 02:13 -------- d-----w- C:\_OTL 2013-11-17 16:27 . 2013-11-17 16:27 -------- d-----w- c:\windows\ERUNT 2013-11-15 08:31 . 2013-11-15 08:31 208216 ----a-w- c:\windows\system32\drivers\67224765.sys 2013-11-13 11:38 . 2013-10-12 08:43 15404544 ----a-w- c:\windows\system32\ieframe.dll 2013-11-13 11:38 . 2013-10-12 08:43 19269632 ----a-w- c:\windows\system32\mshtml.dll 2013-11-13 09:04 . 2013-11-15 03:16 -------- d-----w- c:\programdata\Malwarebytes' Anti-Malware (portable) 2013-11-13 09:04 . 2013-11-15 02:27 116440 ----a-w- c:\windows\system32\drivers\MBAMSwissArmy.sys 2013-11-13 09:00 . 2013-11-13 09:00 91352 ----a-w- c:\windows\system32\drivers\mbamchameleon.sys 2013-11-12 23:39 . 2013-11-12 23:39 -------- d-----w- c:\program files\Microsoft Silverlight 2013-11-12 23:39 . 2013-11-12 23:39 -------- d-----w- c:\program files (x86)\Microsoft Silverlight 2013-11-12 07:38 . 2013-11-17 18:04 -------- d-----w- C:\AdwCleaner 2013-11-07 07:49 . 2013-09-04 12:12 343040 ----a-w- c:\windows\system32\drivers\usbhub.sys 2013-11-07 07:49 . 2013-09-04 12:11 325120 ----a-w- c:\windows\system32\drivers\usbport.sys 2013-11-07 07:49 . 2013-09-04 12:11 99840 ----a-w- c:\windows\system32\drivers\usbccgp.sys 2013-11-07 07:49 . 2013-09-04 12:11 52736 ----a-w- c:\windows\system32\drivers\usbehci.sys 2013-11-07 07:49 . 2013-09-04 12:11 30720 ----a-w- c:\windows\system32\drivers\usbuhci.sys 2013-11-07 07:49 . 2013-09-04 12:11 25600 ----a-w- c:\windows\system32\drivers\usbohci.sys 2013-11-07 07:49 . 2013-09-04 12:11 7808 ----a-w- c:\windows\system32\drivers\usbd.sys 2013-11-06 23:01 . 2013-11-06 23:01 -------- d-----w- c:\program files (x86)\DVDVideoSoft 2013-11-06 23:01 . 2013-11-06 23:01 -------- d-----w- c:\program files (x86)\Common Files\DVDVideoSoft 2013-11-06 22:58 . 2013-08-22 17:09 256088 ----a-w- c:\windows\system32\unrar64.dll 2013-11-06 22:58 . 2013-08-22 17:09 217176 ----a-w- c:\windows\SysWow64\unrar.dll 2013-11-06 22:58 . 2013-11-06 22:58 -------- d-----w- c:\program files (x86)\K-Lite Codec Pack 2013-11-06 21:07 . 2013-11-06 21:07 -------- d-----w- c:\program files (x86)\GreenTree Applications 2013-11-06 18:03 . 2013-11-06 18:03 -------- d-----w- c:\program files\iPod 2013-11-06 18:03 . 2013-11-06 18:04 -------- d-----w- c:\programdata\34BE82C4-E596-4e99-A191-52C6199EBF69 2013-11-06 18:03 . 2013-11-06 18:04 -------- d-----w- c:\program files\iTunes 2013-11-06 18:03 . 2013-11-06 18:04 -------- d-----w- c:\program files (x86)\iTunes 2013-11-06 09:46 . 2013-11-06 09:46 -------- d-----w- c:\program files (x86)\Black Isle 2013-11-06 09:20 . 2013-11-06 09:20 109080 ----a-w- c:\windows\SysWow64\openal32.dll 2013-11-06 09:09 . 2013-11-06 09:13 -------- d-----w- c:\program files (x86)\Baldur's Gate - Enhanced Edition 2013-11-06 07:21 . 2013-11-06 07:21 -------- d-----w- c:\program files (x86)\Atari 2013-11-06 04:14 . 2013-11-06 04:14 -------- d-----w- c:\program files (x86)\Common Files\Macrovision Shared 2013-11-06 04:12 . 2013-11-06 07:14 -------- d-----w- c:\programdata\Rosetta Stone 2013-11-06 04:12 . 2013-11-06 04:12 -------- d-----w- c:\programdata\Rosetta Stone Backups 2013-11-06 04:10 . 2013-11-06 04:11 -------- d-----w- c:\program files (x86)\RosettaStoneLtdServices 2013-11-06 04:10 . 2013-11-06 04:10 -------- d-----w- c:\programdata\RosettaStoneLtdServices 2013-11-06 04:10 . 2013-11-06 04:31 -------- d-----w- c:\program files (x86)\Rosetta Stone 2013-11-06 04:09 . 2013-11-06 04:14 -------- d-----w- c:\programdata\FLEXnet 2013-11-06 03:31 . 2013-11-06 03:31 -------- d-----w- c:\programdata\RELOADED 2013-11-06 03:28 . 2013-11-06 03:31 -------- d-----w- c:\program files (x86)\Torchlight II 2013-11-06 03:21 . 2013-11-06 03:21 -------- d-----w- c:\programdata\IsolatedStorage 2013-11-06 03:18 . 2013-11-06 03:18 -------- d-----w- c:\program files (x86)\Business Plan Pro 2013-11-06 02:13 . 2013-11-17 07:13 -------- d-----w- c:\programdata\regid.1986-12.com.adobe 2013-11-06 02:05 . 2013-11-06 02:05 -------- d-----w- c:\programdata\ALM 2013-11-06 01:51 . 2013-11-06 01:51 -------- d-----w- c:\program files (x86)\My Company Name 2013-11-06 01:46 . 2013-11-06 01:46 -------- d-----w- c:\program files (x86)\Common Files\Adobe AIR 2013-11-06 01:43 . 2013-11-06 02:10 -------- d-----w- c:\program files\Adobe 2013-11-06 01:43 . 2013-11-06 02:10 -------- d-----w- c:\program files\Common Files\Adobe 2013-11-06 01:11 . 2013-11-06 01:11 -------- d-----w- C:\MediaServer 2013-11-06 01:10 . 2013-11-06 17:59 -------- d-----w- c:\users\Public\CyberLink 2013-11-06 01:10 . 2013-11-06 17:59 -------- d-----w- c:\programdata\CyberLink 2013-11-06 01:10 . 2013-11-06 01:11 -------- d-----w- c:\programdata\PDVD 2013-11-06 01:04 . 2013-11-06 01:04 -------- d-----w- c:\program files (x86)\CyberLink 2013-11-06 01:00 . 2013-11-06 01:11 -------- d-----w- c:\programdata\install_clap 2013-11-06 00:53 . 1998-04-24 18:16 558592 ------w- c:\windows\SysWow64\SierraNW.dll 2013-11-06 00:53 . 1998-04-24 18:16 227840 ------w- c:\windows\SysWow64\SNWValid.dll 2013-11-06 00:53 . 2013-11-06 00:53 -------- d-----w- c:\program files (x86)\Sierra On-Line 2013-11-06 00:53 . 2013-11-06 00:53 -------- d-----w- C:\SIERRA 2013-11-06 00:43 . 2013-11-06 00:43 -------- d-----w- c:\program files (x86)\Shiny 2013-11-06 00:24 . 2013-11-06 00:24 -------- d-----w- C:\Westwood 2013-11-05 23:48 . 2013-11-05 23:48 -------- d-----w- c:\program files (x86)\Bullfrog 2013-11-05 23:44 . 2013-11-05 23:44 -------- d-----w- c:\programdata\Age of Empires 3 2013-11-05 23:28 . 2013-11-05 23:28 -------- d-----w- c:\program files (x86)\Common Files\Microsoft Games 2013-11-05 23:07 . 2013-11-05 23:07 2477056 ----a-w- c:\windows\SysWow64\freeimage.dll 2013-11-05 23:06 . 2013-11-05 23:06 -------- d-----w- c:\programdata\Logs 2013-11-05 23:02 . 2013-11-05 23:02 -------- d-----w- c:\program files (x86)\Legend of Grimrock 2013-11-05 22:59 . 2013-11-05 23:00 -------- d-----w- c:\program files (x86)\Dont Starve 2013-11-05 18:48 . 2011-03-11 06:41 189824 ----a-w- c:\windows\system32\drivers\storport.sys 2013-11-05 18:48 . 2011-03-11 06:41 166272 ----a-w- c:\windows\system32\drivers\nvstor.sys 2013-11-05 18:48 . 2011-03-11 06:41 148352 ----a-w- c:\windows\system32\drivers\nvraid.sys 2013-11-05 18:48 . 2011-03-11 06:41 410496 ----a-w- c:\windows\system32\drivers\iaStorV.sys 2013-11-05 18:48 . 2011-03-11 06:41 27008 ----a-w- c:\windows\system32\drivers\amdxata.sys 2013-11-05 18:48 . 2011-03-11 06:41 107904 ----a-w- c:\windows\system32\drivers\amdsata.sys 2013-11-05 18:48 . 2011-03-11 06:33 2565632 ----a-w- c:\windows\system32\esent.dll 2013-11-05 18:48 . 2011-03-11 06:30 96768 ----a-w- c:\windows\system32\fsutil.exe 2013-11-05 18:48 . 2011-03-11 05:33 1699328 ----a-w- c:\windows\SysWow64\esent.dll 2013-11-05 18:48 . 2011-03-11 05:31 74240 ----a-w- c:\windows\SysWow64\fsutil.exe 2013-11-05 18:48 . 2011-03-11 04:37 91648 ----a-w- c:\windows\system32\drivers\USBSTOR.SYS 2013-11-05 09:15 . 2013-11-05 09:16 -------- d-----w- c:\program files (x86)\RPG Maker VX Ace 2013-11-05 09:15 . 2013-11-05 09:15 -------- d-----w- c:\program files (x86)\Common Files\Enterbrain 2013-11-05 09:11 . 2013-11-05 09:11 -------- d-----w- c:\program files (x86)\Microsoft XNA 2013-11-05 09:10 . 2013-11-05 09:10 -------- d-----w- c:\program files (x86)\WB Games 2013-11-05 09:06 . 2013-11-05 09:06 -------- d-----w- c:\program files (x86)\GameSpy Arcade 2013-11-05 08:39 . 1997-07-06 21:22 756736 ------w- c:\windows\SysWow64\ir41_32.dll 2013-11-05 08:39 . 2013-11-05 22:27 -------- d-----w- c:\program files (x86)\Microsoft Games 2013-11-05 08:23 . 2013-11-06 01:14 -------- d-----w- C:\GOG Games 2013-11-05 08:18 . 2013-11-05 08:18 -------- d-----w- c:\program files (x86)\Antichamber 2013-11-05 08:05 . 2013-11-05 08:10 -------- d-----w- c:\program files (x86)\Orcs Must Die 2 2013-11-05 07:49 . 2013-11-05 07:49 -------- d-----w- c:\program files (x86)\Robot Entertainment 2013-11-05 07:27 . 2013-11-05 07:27 -------- d-----w- c:\program files (x86)\XCOM Enemy Unknown 2013-11-05 07:21 . 2013-11-05 07:21 435512 ----a-w- c:\windows\system32\drivers\k57nd60a.sys 2013-11-05 07:16 . 2013-05-23 02:49 17720 ----a-w- c:\windows\system32\drivers\SmartDefragDriver.sys 2013-11-05 03:48 . 2013-11-05 03:48 -------- d-----w- c:\program files (x86)\14 Degrees East 2013-11-05 03:42 . 2013-11-05 03:42 -------- d-----w- c:\program files\BlackIsle 2013-11-05 03:40 . 2013-11-05 03:46 52736 ----a-w- c:\windows\ipuninst.exe 2013-11-05 03:36 . 2013-11-05 03:36 -------- d-----w- c:\program files\Interplay 2013-11-05 02:26 . 2013-11-05 02:26 -------- d-----w- c:\users\Default\AppData\Local\Microsoft Help 2013-11-05 02:17 . 2013-11-05 02:17 -------- d-----w- c:\program files (x86)\AGEIA Technologies 2013-11-05 02:17 . 2013-11-05 02:17 -------- d-----w- c:\windows\SysWow64\AGEIA 2013-11-05 02:16 . 2013-11-05 02:17 -------- d-----w- c:\program files (x86)\Common Files\Wise Installation Wizard 2013-11-05 01:49 . 2013-11-05 02:01 -------- d-----w- c:\program files (x86)\Codemasters 2013-11-05 00:52 . 2013-11-05 01:45 2829 ----a-w- c:\windows\War3Unin.pif 2013-11-05 00:52 . 2013-11-05 01:45 139264 ----a-w- c:\windows\War3Unin.exe 2013-11-05 00:46 . 2013-11-05 01:45 -------- d-----w- c:\program files (x86)\Warcraft III 2013-11-05 00:45 . 2013-11-05 00:45 9728 ----a-w- c:\windows\system32\Wdfres.dll 2013-11-05 00:45 . 2013-11-05 00:45 54376 ----a-w- c:\windows\system32\drivers\WdfLdr.sys 2013-11-05 00:45 . 2013-11-05 00:45 2560 ----a-w- c:\windows\system32\drivers\en-US\wdf01000.sys.mui 2013-11-05 00:44 . 2013-11-05 00:44 98304 ----a-w- c:\windows\W2BNEUnin.exe 2013-11-05 00:44 . 2013-11-05 00:44 2829 ----a-w- c:\windows\W2BNEUnin.pif 2013-11-05 00:42 . 2013-11-05 00:44 -------- d-----w- c:\program files (x86)\Warcraft II BNE 2013-11-05 00:41 . 2013-11-13 11:28 -------- d-----w- c:\windows\system32\MRT 2013-11-05 00:34 . 2013-11-05 00:34 514560 ----a-w- c:\windows\SysWow64\qdvd.dll 2013-11-05 00:34 . 2013-11-05 00:34 366592 ----a-w- c:\windows\system32\qdvd.dll 2013-11-05 00:32 . 2013-11-05 00:40 967 ----a-w- c:\windows\ScUnin.pif 2013-11-05 00:32 . 2013-11-05 00:40 94208 ----a-w- c:\windows\ScUnin.exe 2013-11-05 00:30 . 2013-11-05 00:40 -------- d-----w- c:\program files (x86)\Starcraft 2013-11-05 00:25 . 2012-07-06 20:07 552960 ----a-w- c:\windows\system32\drivers\bthport.sys 2013-11-05 00:25 . 2011-04-28 03:54 80384 ----a-w- c:\windows\system32\drivers\BTHUSB.SYS 2013-11-05 00:09 . 2013-11-05 00:09 64512 ----a-w- c:\windows\SysWow64\devobj.dll 2013-11-05 00:09 . 2013-11-05 00:09 44544 ----a-w- c:\windows\SysWow64\devrtl.dll 2013-11-05 00:09 . 2013-11-05 00:09 404480 ----a-w- c:\windows\system32\umpnpmgr.dll . . (((((((((((((((((((((((((((((((((((((((( Find3M Report )))))))))))))))))))))))))))))))))))))))))))))))))))) . 2013-09-18 20:08 . 2013-09-18 20:08 94208 ----a-w- c:\windows\SysWow64\dpl100.dll 2013-09-03 21:35 . 2010-11-21 03:27 278800 ------w- c:\windows\system32\MpSigStub.exe 2013-08-29 01:48 . 2013-11-03 14:36 44032 ----a-w- c:\windows\apppatch\acwow64.dll 2013-08-26 09:13 . 2013-08-26 09:13 354656 ----a-w- c:\windows\SysWow64\DivXControlPanelApplet.cpl . . ((((((((((((((((((((((((((((((((((((( Reg Loading Points )))))))))))))))))))))))))))))))))))))))))))))))))) . . *Note* empty entries & legit default entries are not shown REGEDIT4 . [HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt1] @="{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}" [HKEY_CLASSES_ROOT\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}] 2013-05-25 00:36 130736 ----a-w- c:\users\xagersfeld\AppData\Roaming\Dropbox\bin\DropboxExt.19.dll . [HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt2] @="{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}" [HKEY_CLASSES_ROOT\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}] 2013-05-25 00:36 130736 ----a-w- c:\users\xagersfeld\AppData\Roaming\Dropbox\bin\DropboxExt.19.dll . [HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt3] @="{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}" [HKEY_CLASSES_ROOT\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}] 2013-05-25 00:36 130736 ----a-w- c:\users\xagersfeld\AppData\Roaming\Dropbox\bin\DropboxExt.19.dll . [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "Pando Media Booster"="c:\program files (x86)\Pando Networks\Media Booster\PMB.exe" [2013-11-03 4287536] "Advanced SystemCare 7"="c:\program files (x86)\IObit\Advanced SystemCare 7\ASCTray.exe" [2013-10-28 2283296] "Spybot-S&D Cleaning"="c:\program files (x86)\Spybot - Search & Destroy 2\SDCleaner.exe" [2013-09-20 3666224] "Akamai NetSession Interface"="c:\users\xagersfeld\AppData\Local\Akamai\netsession_win.exe" [2013-06-05 4489472] . [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run] "AMD AVT"="start AMD Accelerated Video Transcoding device initialization" [X] "SDTray"="c:\program files (x86)\Spybot - Search & Destroy 2\SDTray.exe" [2013-07-25 5624784] "systray"="c:\program files (x86)\Dell\Dell Mobile Broadband\systray.exe" [2009-10-12 344137] "EKStatusMonitor"="c:\program files (x86)\Kodak\AiO\StatusMonitor\EKStatusMonitor.exe" [2013-01-15 2750840] . c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\ TP-LINK Wireless Configuration Utility.lnk - c:\program files (x86)\TP-LINK\TP-LINK Wireless Configuration Utility\TWCU.exe -nogui [2013-11-3 838656] . [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system] "ConsentPromptBehaviorAdmin"= 5 (0x5) "ConsentPromptBehaviorUser"= 3 (0x3) "EnableUIADesktopToggle"= 0 (0x0) . [HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\drivers32] "mixer6"=wdmaud.drv . R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [x] R3 bcbtums;Bluetooth USB LD Filter;c:\windows\system32\drivers\bcbtums.sys;c:\windows\SYSNATIVE\drivers\bcbtums.sys [x] R3 btwampfl;btwampfl;c:\windows\system32\DRIVERS\btwampfl.sys;c:\windows\SYSNATIVE\DRIVERS\btwampfl.sys [x] R3 btwl2cap;Bluetooth L2CAP Service;c:\windows\system32\DRIVERS\btwl2cap.sys;c:\windows\SYSNATIVE\DRIVERS\btwl2cap.sys [x] R3 dmvsc;dmvsc;c:\windows\system32\drivers\dmvsc.sys;c:\windows\SYSNATIVE\drivers\dmvsc.sys [x] R3 mbamchameleon;mbamchameleon;c:\windows\system32\drivers\mbamchameleon.sys;c:\windows\SYSNATIVE\drivers\mbamchameleon.sys [x] R3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;c:\windows\system32\drivers\rdpvideominiport.sys;c:\windows\SYSNATIVE\drivers\rdpvideominiport.sys [x] R3 SwitchBoard;Adobe SwitchBoard;c:\program files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe;c:\program files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [x] R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys;c:\windows\SYSNATIVE\drivers\tsusbflt.sys [x] R3 TsUsbGD;Remote Desktop Generic USB Device;c:\windows\system32\drivers\TsUsbGD.sys;c:\windows\SYSNATIVE\drivers\TsUsbGD.sys [x] R3 WatAdminSvc;Windows Activation Technologies Service;c:\windows\system32\Wat\WatAdminSvc.exe;c:\windows\SYSNATIVE\Wat\WatAdminSvc.exe [x] S0 PxHlpa64;PxHlpa64;c:\windows\System32\Drivers\PxHlpa64.sys;c:\windows\SYSNATIVE\Drivers\PxHlpa64.sys [x] S0 SmartDefragDriver;SmartDefragDriver;c:\windows\System32\Drivers\SmartDefragDriver.sys;c:\windows\SYSNATIVE\Drivers\SmartDefragDriver.sys [x] S1 NvtSp50;Novatel Wireless NDIS 5 Single-Packet Read Protocol Driver;c:\windows\system32\DRIVERS\NvtSp50.sys;c:\windows\SYSNATIVE\DRIVERS\NvtSp50.sys [x] S2 {09F57980-3432-4AFC-957D-27AC45FAE1F5};Power Control [2013/11/05 17:11];c:\program files (x86)\CyberLink\PowerDVD13\Common\NavFilter\000.fcl;c:\program files (x86)\CyberLink\PowerDVD13\Common\NavFilter\000.fcl [x] S2 AdvancedSystemCareService7;Advanced SystemCare Service 7;c:\program files (x86)\IObit\Advanced SystemCare 7\ASCService.exe;c:\program files (x86)\IObit\Advanced SystemCare 7\ASCService.exe [x] S2 AESTFilters;Andrea ST Filters Service;c:\windows\System32\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_afc3018f8cfedd20\AESTSr64.exe;c:\windows\SYSNATIVE\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_afc3018f8cfedd20\AESTSr64.exe [x] S2 AMD External Events Utility;AMD External Events Utility;c:\windows\system32\atiesrxx.exe;c:\windows\SYSNATIVE\atiesrxx.exe [x] S2 ATService;AuthenTec Fingerprint Service;c:\program files (x86)\Fingerprint Sensor\AtService.exe;c:\program files (x86)\Fingerprint Sensor\AtService.exe [x] S2 AVerRemote;AVerRemote;c:\program files (x86)\Common Files\AVerMedia\Service\AVerRemote.exe;c:\program files (x86)\Common Files\AVerMedia\Service\AVerRemote.exe [x] S2 AVerScheduleService;AVerScheduleService;c:\program files (x86)\Common Files\AVerMedia\Service\AVerScheduleService.exe;c:\program files (x86)\Common Files\AVerMedia\Service\AVerScheduleService.exe [x] S2 AVerUpdateServer;AVerUpdateServer;c:\program files (x86)\AVerMedia\AVerUpdate\AVerUpdateServer.exe;c:\program files (x86)\AVerMedia\AVerUpdate\AVerUpdateServer.exe [x] S2 BcmBtRSupport;Bluetooth Driver Management Service;c:\windows\system32\BtwRSupportService.exe;c:\windows\SYSNATIVE\BtwRSupportService.exe [x] S2 CyberLink PowerDVD 13 Media Server Monitor Service;CyberLink PowerDVD 13 Media Server Monitor Service;c:\program files (x86)\CyberLink\PowerDVD13\Kernel\DMS\CLMSMonitorServicePDVD13.exe;c:\program files (x86)\CyberLink\PowerDVD13\Kernel\DMS\CLMSMonitorServicePDVD13.exe [x] S2 CyberLink PowerDVD 13 Media Server Service;CyberLink PowerDVD 13 Media Server Service;c:\program files (x86)\CyberLink\PowerDVD13\Kernel\DMS\CLMSServerPDVD13.exe;c:\program files (x86)\CyberLink\PowerDVD13\Kernel\DMS\CLMSServerPDVD13.exe [x] S2 DMAgent;Intel® PROSet/Wireless WiMAX Red Bend Device Management Service;c:\program files\Intel\WiMAX\Bin\DMAgent.exe;c:\program files\Intel\WiMAX\Bin\DMAgent.exe [x] S2 Kodak AiO Network Discovery Service;Kodak AiO Network Discovery Service;c:\program files (x86)\Kodak\AiO\Center\EKAiOHostService.exe;c:\program files (x86)\Kodak\AiO\Center\EKAiOHostService.exe [x] S2 Kodak AiO Status Monitor Service;Kodak AiO Status Monitor Service;c:\program files (x86)\Kodak\AiO\StatusMonitor\EKPrinterSDK.exe;c:\program files (x86)\Kodak\AiO\StatusMonitor\EKPrinterSDK.exe [x] S2 LiveUpdateSvc;LiveUpdate;c:\program files (x86)\IObit\LiveUpdate\LiveUpdate.exe;c:\program files (x86)\IObit\LiveUpdate\LiveUpdate.exe [x] S2 MBAMScheduler;MBAMScheduler;c:\program files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe;c:\program files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe [x] S2 MBAMService;MBAMService;c:\program files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe;c:\program files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [x] S2 PaceLicenseDServices;PACE License Services;c:\program files (x86)\Common Files\PACE\Services\LicenseServices\LDSvc.exe;c:\program files (x86)\Common Files\PACE\Services\LicenseServices\LDSvc.exe [x] S2 RealNetworks Downloader Resolver Service;RealNetworks Downloader Resolver Service;c:\program files (x86)\RealNetworks\RealDownloader\rndlresolversvc.exe;c:\program files (x86)\RealNetworks\RealDownloader\rndlresolversvc.exe [x] S2 RealPlayer Desktop Service;RealPlayer Desktop Service;c:\program files (x86)\Real\RealPlayer\RPDS\Bin\rpdsvc.exe;c:\program files (x86)\Real\RealPlayer\RPDS\Bin\rpdsvc.exe [x] S2 RealPlayerUpdateSvc;RealPlayer Update Service;c:\program files (x86)\Real\UpdateService\RealPlayerUpdateSvc.exe;c:\program files (x86)\Real\UpdateService\RealPlayerUpdateSvc.exe [x] S2 RosettaStoneDaemon;RosettaStoneDaemon;c:\program files (x86)\RosettaStoneLtdServices\RosettaStoneDaemon.exe;c:\program files (x86)\RosettaStoneLtdServices\RosettaStoneDaemon.exe [x] S2 SDScannerService;Spybot-S&D 2 Scanner Service;c:\program files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe;c:\program files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe [x] S2 SDUpdateService;Spybot-S&D 2 Updating Service;c:\program files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe;c:\program files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe [x] S2 SDWSCService;Spybot-S&D 2 Security Center Service;c:\program files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe;c:\program files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe [x] S2 SnugTV Service;SnugTV Service;c:\program files (x86)\SnugTV\SnugTV Station\AMAServer.exe;c:\program files (x86)\SnugTV\SnugTV Station\AMAServer.exe [x] S2 WiMAXAppSrv;Intel® PROSet/Wireless WiMAX Service;c:\program files\Intel\WiMAX\Bin\AppSrv.exe;c:\program files\Intel\WiMAX\Bin\AppSrv.exe [x] S3 AtiHDAudioService;AMD Function Driver for HD Audio Service;c:\windows\system32\drivers\AtihdW76.sys;c:\windows\SYSNATIVE\drivers\AtihdW76.sys [x] S3 ATSwpWDF;AuthenTec TruePrint USB WBF WDF Driver;c:\windows\system32\Drivers\ATSwpWDF.sys;c:\windows\SYSNATIVE\Drivers\ATSwpWDF.sys [x] S3 AVerBDA6x_x64;AVerMedia SAA716x BDA Service;c:\windows\system32\DRIVERS\AVerBDA716x_x64.sys;c:\windows\SYSNATIVE\DRIVERS\AVerBDA716x_x64.sys [x] S3 bpenum;bpenum;c:\windows\system32\DRIVERS\bpenum.sys;c:\windows\SYSNATIVE\DRIVERS\bpenum.sys [x] S3 bpmp;bpmp;c:\windows\system32\DRIVERS\bpmp.sys;c:\windows\SYSNATIVE\DRIVERS\bpmp.sys [x] S3 bpusb;bpusb;c:\windows\system32\Drivers\bpusb.sys;c:\windows\SYSNATIVE\Drivers\bpusb.sys [x] S3 k57nd60a;Broadcom NetLink Gigabit Ethernet - NDIS 6.0;c:\windows\system32\DRIVERS\k57nd60a.sys;c:\windows\SYSNATIVE\DRIVERS\k57nd60a.sys [x] S3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys;c:\windows\SYSNATIVE\drivers\mbam.sys [x] S3 NMgamingmsFltr;USB Optical Mouse;c:\windows\system32\drivers\NMgamingms.sys;c:\windows\SYSNATIVE\drivers\NMgamingms.sys [x] . . [HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\active setup\installed components\{8A69D345-D564-463c-AFF1-A69D9E530F96}] 2013-11-14 21:25 1210320 ----a-w- c:\program files (x86)\Google\Chrome\Application\31.0.1650.57\Installer\chrmstp.exe . Contents of the 'Scheduled Tasks' folder . 2013-11-19 c:\windows\Tasks\Adobe Flash Player Updater.job - c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2013-11-03 07:56] . 2013-11-19 c:\windows\Tasks\Driver Booster Update.job - c:\program files (x86)\IObit\Driver Booster\AutoUpdate.exe [2013-11-05 19:12] . 2013-11-19 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job - c:\program files (x86)\Google\Update\GoogleUpdate.exe [2013-11-03 06:19] . 2013-11-19 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job - c:\program files (x86)\Google\Update\GoogleUpdate.exe [2013-11-03 06:19] . . --------- X64 Entries ----------- . . [HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{10921475-03CE-4E04-90CE-E2E7EF20C814}] 2013-11-04 23:55 2486592 ----a-w- c:\program files (x86)\IObit\IObit Uninstaller\UninstallExplorer64.dll . [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt1] @="{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}" [HKEY_CLASSES_ROOT\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}] 2013-05-25 00:36 164016 ----a-w- c:\users\xagersfeld\AppData\Roaming\Dropbox\bin\DropboxExt64.19.dll . [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt2] @="{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}" [HKEY_CLASSES_ROOT\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}] 2013-05-25 00:36 164016 ----a-w- c:\users\xagersfeld\AppData\Roaming\Dropbox\bin\DropboxExt64.19.dll . [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt3] @="{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}" [HKEY_CLASSES_ROOT\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}] 2013-05-25 00:36 164016 ----a-w- c:\users\xagersfeld\AppData\Roaming\Dropbox\bin\DropboxExt64.19.dll . [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt4] @="{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}" [HKEY_CLASSES_ROOT\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}] 2013-05-25 00:36 164016 ----a-w- c:\users\xagersfeld\AppData\Roaming\Dropbox\bin\DropboxExt64.19.dll . [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "IntelWirelessWiMAX"="c:\program files\Intel\WiMAX\Bin\WiMAXCU.exe" [2010-03-07 1445888] "SysTrayApp"="c:\program files\IDT\WDM\sttray64.exe" [2009-06-29 444416] . ------- Supplementary Scan ------- . uLocal Page = c:\windows\system32\blank.htm mLocal Page = c:\windows\SysWOW64\blank.htm uInternet Settings,ProxyOverride = *.local;<local> uInternet Settings,ProxyServer = localhost:21320 IE: E&xport to Microsoft Excel - c:\progra~2\MICROS~2\Office14\EXCEL.EXE/3000 IE: Se&nd to OneNote - c:\progra~2\MICROS~2\Office14\ONBttnIE.dll/105 IE: Send image to &Bluetooth Device... - c:\program files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm IE: Send page to &Bluetooth Device... - c:\program files\WIDCOMM\Bluetooth Software\btsendto_ie.htm Trusted Zone: dell.com TCP: DhcpNameServer = 209.18.47.61 209.18.47.62 TCP: Interfaces\{104F0946-7ACC-4301-B519-E59993474816}: NameServer = 8.8.8.8 FF - ProfilePath - c:\users\xagersfeld\AppData\Roaming\Mozilla\Firefox\Profiles\rxa2wgli.default-1384243994751\ FF - prefs.js: browser.search.selectedEngine - Google FF - ExtSQL: 2013-11-05 17:58; web2pdfextension@web2pdf.adobedotcom; c:\program files (x86)\Adobe\Acrobat 10.0\Acrobat\Browser\WCFirefoxExtn FF - ExtSQL: 2013-11-12 00:25; {d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}; c:\users\xagersfeld\AppData\Roaming\Mozilla\Firefox\Profiles\rxa2wgli.default-1384243994751\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi FF - ExtSQL: 2013-11-12 00:25; jid1-ZAdIEUB7XOzOJw@jetpack; c:\users\xagersfeld\AppData\Roaming\Mozilla\Firefox\Profiles\rxa2wgli.default-1384243994751\extensions\jid1-ZAdIEUB7XOzOJw@jetpack.xpi . - - - - ORPHANS REMOVED - - - - . Wow6432Node-HKLM-Run-Conime - c:\windows\system32\conime.exe Notify-SDWinLogon - SDWinLogon.dll AddRemove-Dll-Files Fixer_is1 - c:\program files (x86)\Dll-Files.com Fixer\unins000.exe . . . [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\PaceLicenseDServices] "ImagePath"="\"c:\program files (x86)\Common Files\PACE\Services\LicenseServices\LDSvc.exe\" -u https://activation.paceap.com/InitiateActivation" . [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\{09F57980-3432-4AFC-957D-27AC45FAE1F5}] "ImagePath"="\??\c:\program files (x86)\CyberLink\PowerDVD13\Common\NavFilter\000.fcl" . --------------------- LOCKED REGISTRY KEYS --------------------- . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}] @Denied: (A 2) (Everyone) @="FlashBroker" "LocalizedString"="@c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_11_9_900_117_ActiveX.exe,-101" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation] "Enabled"=dword:00000001 . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32] @="c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_11_9_900_117_ActiveX.exe" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib] @="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}] @Denied: (A 2) (Everyone) @="IFlashBroker5" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32] @="{00020424-0000-0000-C000-000000000046}" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib] @="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}" "Version"="1.0" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}] @Denied: (A 2) (Everyone) @="FlashBroker" "LocalizedString"="@c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_9_900_117_ActiveX.exe,-101" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation] "Enabled"=dword:00000001 . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32] @="c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_9_900_117_ActiveX.exe" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib] @="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}] @Denied: (A 2) (Everyone) @="Shockwave Flash Object" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32] @="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_9_900_117.ocx" "ThreadingModel"="Apartment" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus] @="0" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID] @="ShockwaveFlash.ShockwaveFlash.11" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32] @="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_9_900_117.ocx, 1" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib] @="{D27CDB6B-AE6D-11cf-96B8-444553540000}" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version] @="1.0" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID] @="ShockwaveFlash.ShockwaveFlash" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}] @Denied: (A 2) (Everyone) @="Macromedia Flash Factory Object" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32] @="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_9_900_117.ocx" "ThreadingModel"="Apartment" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID] @="FlashFactory.FlashFactory.1" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32] @="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_9_900_117.ocx, 1" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib] @="{D27CDB6B-AE6D-11cf-96B8-444553540000}" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version] @="1.0" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID] @="FlashFactory.FlashFactory" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}] @Denied: (A 2) (Everyone) @="IFlashBroker5" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32] @="{00020424-0000-0000-C000-000000000046}" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib] @="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}" "Version"="1.0" . [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Office\Common\Smart Tag\Actions\{B7EFF951-E52F-45CC-9EF7-57124F2177CC}] @Denied: (A) (Everyone) "Solution"="{15727DE6-F92D-4E46-ACB4-0E2C58B31A18}" . [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Schema Library\ActionsPane3] @Denied: (A) (Everyone) . [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Schema Library\ActionsPane3\0] "Key"="ActionsPane3" "Location"="c:\\Program Files (x86)\\Common Files\\Microsoft Shared\\VSTO\\ActionsPane3.xsd" . [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security] @Denied: (Full) (Everyone) . ------------------------ Other Running Processes ------------------------ . c:\program files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe c:\program files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe c:\program files (x86)\Common Files\LightScribe\LSSrvc.exe c:\program files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe c:\program files (x86)\Google\Update\1.3.21.165\GoogleCrashHandler.exe c:\program files (x86)\IObit\Advanced SystemCare 7\Monitor.exe . ************************************************************************** . Completion time: 2013-11-19 12:56:16 - machine was rebooted ComboFix-quarantined-files.txt 2013-11-19 20:56 ComboFix2.txt 2013-11-12 08:10 . Pre-Run: 140,648,402,944 bytes free Post-Run: 140,633,325,568 bytes free . - - End Of File - - 04CBC54F1319C5C49FF4C63BF977CC73 A36C5E4F47E84449FF07ED3517B43A31

...also it seems more of my tab options are now unavailable.

All of them.

The problem is still there unfortunately.

Here is the log: All processes killed ========== OTL ========== HKU\S-1-5-21-1389256882-4216407415-1763555839-1000\SOFTWARE\Microsoft\Internet Explorer\Main\\Start Page| /E : value set successfully! HKEY_USERS\S-1-5-21-1389256882-4216407415-1763555839-1000\Software\Microsoft\Internet Explorer\SearchScopes\\DefaultScope| /E : value set successfully! Registry key HKEY_USERS\S-1-5-21-1389256882-4216407415-1763555839-1000\Software\Microsoft\Internet Explorer\SearchScopes\{9E61B8A4-31C1-4E4B-8D1F-FE98EB69D81C}\ deleted successfully. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{9E61B8A4-31C1-4E4B-8D1F-FE98EB69D81C}\ not found. Prefs.js: "http://search.yahoo....r=spigot-yhp-ff" removed from browser.startup.homepage Prefs.js: "http://search.yahoo....&type=407453&p=" removed from keyword.url Use Chrome's Settings page to change the HomePage. 64bit-Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{34A0D84B-CDDC-4EC4-AFDD-4F1DDE1D14E5}\ deleted successfully. 64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{34A0D84B-CDDC-4EC4-AFDD-4F1DDE1D14E5}\ not found. C:\Program Files (x86)\uTorrent folder moved successfully. C:\Users\xagersfeld\AppData\Roaming\uTorrent\updates folder moved successfully. C:\Users\xagersfeld\AppData\Roaming\uTorrent\share folder moved successfully. C:\Users\xagersfeld\AppData\Roaming\uTorrent\ie folder moved successfully. C:\Users\xagersfeld\AppData\Roaming\uTorrent\dlimagecache folder moved successfully. C:\Users\xagersfeld\AppData\Roaming\uTorrent\apps folder moved successfully. C:\Users\xagersfeld\AppData\Roaming\uTorrent folder moved successfully. ========== FILES ========== < ipconfig /flushdns /c > Windows IP Configuration Successfully flushed the DNS Resolver Cache. C:\Users\xagersfeld\Desktop\cmd.bat deleted successfully. C:\Users\xagersfeld\Desktop\cmd.txt deleted successfully. ========== COMMANDS ========== [EMPTYTEMP] User: All Users User: Default ->Temp folder emptied: 0 bytes ->Temporary Internet Files folder emptied: 0 bytes ->Flash cache emptied: 56475 bytes User: Default User ->Temp folder emptied: 0 bytes ->Temporary Internet Files folder emptied: 0 bytes ->Flash cache emptied: 0 bytes User: Public ->Temp folder emptied: 0 bytes User: user ->Temp folder emptied: 0 bytes User: xagersfeld ->Temp folder emptied: 12547942 bytes ->Temporary Internet Files folder emptied: 66077030 bytes ->FireFox cache emptied: 377962190 bytes ->Google Chrome cache emptied: 0 bytes ->Flash cache emptied: 222658 bytes %systemdrive% .tmp files removed: 0 bytes %systemroot% .tmp files removed: 0 bytes %systemroot%\System32 .tmp files removed: 0 bytes %systemroot%\System32 (64bit) .tmp files removed: 0 bytes %systemroot%\System32\drivers .tmp files removed: 0 bytes Windows Temp folder emptied: 547495 bytes %systemroot%\sysnative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files folder emptied: 33298 bytes RecycleBin emptied: 2524980451 bytes Total Files Cleaned = 2,844.00 mb OTL by OldTimer - Version 3.2.69.0 log created on 11172013_181353 Files\Folders moved on Reboot... C:\Users\xagersfeld\AppData\Local\Temp\FXSAPIDebugLogFile.txt moved successfully. C:\Users\xagersfeld\AppData\Local\Microsoft\Windows\Temporary Internet Files\counters.dat moved successfully. File move failed. C:\Windows\temp\CLDigitalHome\CLMS_AGENT_LOG1.txt scheduled to be moved on reboot. File move failed. C:\Windows\SysNative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\counters.dat scheduled to be moved on reboot. PendingFileRenameOperations files... Registry entries deleted on Reboot...

OTL Extras logfile created on: 11/17/2013 10:51:03 AM - Run 1 OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\xagersfeld\Desktop 64bit- Professional Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation Internet Explorer (Version = 9.10.9200.16736) Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy 3.97 Gb Total Physical Memory | 2.19 Gb Available Physical Memory | 55.33% Memory free 7.93 Gb Paging File | 5.99 Gb Available in Paging File | 75.48% Paging File free Paging file location(s): ?:\pagefile.sys [binary data] %SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86) Drive C: | 465.66 Gb Total Space | 133.56 Gb Free Space | 28.68% Space Free | Partition Type: NTFS Drive D: | 7.26 Gb Total Space | 0.00 Gb Free Space | 0.00% Space Free | Partition Type: UDF Computer Name: XAGERSFELD-PC | User Name: xagersfeld | Logged in as Administrator. Boot Mode: Normal | Scan Mode: All users | Include 64bit Scans Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days ========== Extra Registry (SafeList) ========== ========== File Associations ========== 64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>] .html[@ = htmlfile] -- C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation) .url[@ = InternetShortcut] -- C:\Windows\SysNative\rundll32.exe (Microsoft Corporation) [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>] .cpl [@ = cplfile] -- C:\Windows\SysWow64\control.exe (Microsoft Corporation) .html [@ = htmlfile] -- C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation) [HKEY_USERS\S-1-5-21-1389256882-4216407415-1763555839-1000\SOFTWARE\Classes\<extension>] .html [@ = FirefoxHTML] -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation) ========== Shell Spawning ========== 64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command] batfile [open] -- "%1" %* cmdfile [open] -- "%1" %* comfile [open] -- "%1" %* exefile [open] -- "%1" %* helpfile [open] -- Reg Error: Key error. htmlfile [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation) htmlfile [opennew] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation) http [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation) https [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation) inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation) InternetShortcut [open] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll",OpenURL %l (Microsoft Corporation) InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation) piffile [open] -- "%1" %* regfile [merge] -- Reg Error: Key error. scrfile [config] -- "%1" scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l scrfile [open] -- "%1" /S txtfile [edit] -- Reg Error: Key error. Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1 Directory [AddToPlaylistVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" (VideoLAN) Directory [bridge] -- C:\Program Files (x86)\Adobe\Adobe Bridge CS6\Bridge.exe "%L" (Adobe Systems, Inc.) Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation) Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) Directory [PlayWithVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" (VideoLAN) Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) Folder [explore] -- Reg Error: Value error. Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) Applications\iexplore.exe [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation) CLSID\{871C5380-42A0-1069-A2EA-08002B30309D} [OpenHomePage] -- "C:\Program Files\Internet Explorer\iexplore.exe" (Microsoft Corporation) [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command] batfile [open] -- "%1" %* cmdfile [open] -- "%1" %* comfile [open] -- "%1" %* cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation) exefile [open] -- "%1" %* helpfile [open] -- Reg Error: Key error. htmlfile [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation) htmlfile [opennew] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation) http [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation) https [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation) inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation) piffile [open] -- "%1" %* regfile [merge] -- Reg Error: Key error. scrfile [config] -- "%1" scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l scrfile [open] -- "%1" /S txtfile [edit] -- Reg Error: Key error. Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1 Directory [AddToPlaylistVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" (VideoLAN) Directory [bridge] -- C:\Program Files (x86)\Adobe\Adobe Bridge CS6\Bridge.exe "%L" (Adobe Systems, Inc.) Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation) Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) Directory [PlayWithVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" (VideoLAN) Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) Folder [explore] -- Reg Error: Value error. Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) Applications\iexplore.exe [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation) CLSID\{871C5380-42A0-1069-A2EA-08002B30309D} [OpenHomePage] -- Reg Error: Value error. ========== Security Center Settings ========== 64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center] "cval" = 1 "FirewallDisableNotify" = 0 "AntiVirusDisableNotify" = 0 "UpdatesDisableNotify" = 0 64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring] 64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc] "VistaSp1" = 28 4D B2 76 41 04 CA 01 [binary data] "AntiVirusOverride" = 0 "AntiSpywareOverride" = 0 "FirewallOverride" = 0 64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc] ========== System Restore Settings ========== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore] "DisableSR" = 0 ========== Firewall Settings ========== 64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall] 64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\DomainProfile] 64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\StandardProfile] [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall] [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\DomainProfile] [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\StandardProfile] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile] "EnableFirewall" = 1 "DisableNotifications" = 0 [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile] "EnableFirewall" = 1 "DisableNotifications" = 0 [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile] "EnableFirewall" = 1 "DisableNotifications" = 0 ========== Authorized Applications List ========== [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List] "C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe" = C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe:*:Enabled:Spybot-S&D 2 Tray Icon -- (Safer-Networking Ltd.) "C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe" = C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe:*:Enabled:Spybot-S&D 2 Scanner Service -- (Safer-Networking Ltd.) "C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdate.exe" = C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdate.exe:*:Enabled:Spybot-S&D 2 Updater -- (Safer-Networking Ltd.) "C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe" = C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe:*:Enabled:Spybot-S&D 2 Background update service -- (Safer-Networking Ltd.) "C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe" = C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe:*:Enabled:Spybot-S&D 2 Tray Icon -- (Safer-Networking Ltd.) "C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe" = C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe:*:Enabled:Spybot-S&D 2 Scanner Service -- (Safer-Networking Ltd.) "C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdate.exe" = C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdate.exe:*:Enabled:Spybot-S&D 2 Updater -- (Safer-Networking Ltd.) "C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe" = C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe:*:Enabled:Spybot-S&D 2 Background update service -- (Safer-Networking Ltd.) ========== Vista Active Open Ports Exception List ========== [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules] "{04305D79-3213-41B4-9C47-6F0C1302EBB8}" = lport=5353 | protocol=17 | dir=in | name=bonjour port 5353 | "{0847B7A1-5F08-4DD6-969F-3196CA509422}" = lport=56974 | protocol=6 | dir=in | name=pando media booster | "{0D982DA1-1DB2-48A3-95B8-554F2D4D57B2}" = lport=4000 | protocol=6 | dir=out | app=c:\program files (x86)\dll-files.com fixer\dllfixer.exe | "{15A920E7-FB9E-4920-BC18-072F51F06C4D}" = lport=4000 | protocol=6 | dir=out | app=c:\program files (x86)\dll-files.com fixer\dllfixer.exe | "{2FFA9B9D-C3A9-4836-9805-7C0209A17553}" = lport=4000 | protocol=6 | dir=out | app=c:\program files (x86)\dll-files.com fixer\dllfixer.exe | "{38C8034F-9321-44CE-AB5B-498513534AD7}" = lport=9322 | protocol=6 | dir=in | name=ekdiscovery | "{3BAD2B6A-6F52-4AE9-B43E-D38E6EFB8180}" = lport=9322 | protocol=6 | dir=in | name=ekdiscovery | "{51BDCAF6-1973-4D27-A13B-D84461B67E2E}" = lport=4000 | protocol=6 | dir=out | app=c:\program files (x86)\dll-files.com fixer\dllfixer.exe | "{55286203-884C-43F1-9B79-7D80BAE09107}" = lport=4000 | protocol=6 | dir=out | app=c:\program files (x86)\dll-files.com fixer\dllfixer.exe | "{598D489A-A281-4B82-B54A-1317A6DF20CF}" = lport=4000 | protocol=6 | dir=out | app=c:\program files (x86)\dll-files.com fixer\dllfixer.exe | "{67F60991-E75D-41BF-B45A-116876A8CEF5}" = lport=4000 | protocol=6 | dir=out | app=c:\program files (x86)\dll-files.com fixer\dllfixer.exe | "{6BE83B3E-4DE9-45D9-9B5B-583AA2578EF6}" = lport=6004 | protocol=17 | dir=in | app=c:\program files (x86)\microsoft office\office14\outlook.exe | "{74DC01CE-63F6-44A9-A45A-FA5A5EE775C0}" = lport=4000 | protocol=6 | dir=out | app=c:\program files (x86)\dll-files.com fixer\dllfixer.exe | "{76369AA7-2440-44BA-878B-60B66C960C5D}" = lport=4000 | protocol=6 | dir=out | app=c:\program files (x86)\dll-files.com fixer\dllfixer.exe | "{86AEB00F-8C96-4370-92D9-4D92FF85BE7E}" = lport=56974 | protocol=6 | dir=in | name=pando media booster | "{8CBA8052-7D67-4B1F-8631-921A596DD6C9}" = lport=4000 | protocol=6 | dir=out | app=c:\program files (x86)\dll-files.com fixer\dllfixer.exe | "{A752140D-322F-4A9F-97EE-AD2A7361956D}" = lport=56974 | protocol=17 | dir=in | name=pando media booster | "{A8200960-6119-4697-8161-04BB18F769C3}" = lport=4000 | protocol=6 | dir=out | app=c:\program files (x86)\dll-files.com fixer\dllfixer.exe | "{CA7D9370-8344-4DFA-8F93-53A278615F94}" = lport=56974 | protocol=17 | dir=in | name=pando media booster | "{D3C713BD-9689-4ED2-A229-4A7C53839B30}" = lport=4000 | protocol=6 | dir=out | app=c:\program files (x86)\dll-files.com fixer\dllfixer.exe | "{D40ED38D-FB82-4A46-B7F1-29EB4C46E58D}" = lport=4000 | protocol=6 | dir=out | app=c:\program files (x86)\dll-files.com fixer\dllfixer.exe | "{DBF32539-E25D-4387-8389-C886EC85A9B8}" = lport=7935 | protocol=6 | dir=in | name=adobe flash builder 4.6 | "{DED16251-6B63-412F-84C5-DA322F4815A3}" = lport=5353 | protocol=17 | dir=in | name=bonjour port 5353 | "{E27CD811-07FD-4D86-85BD-D0F70EF641B0}" = lport=4000 | protocol=6 | dir=out | app=c:\program files (x86)\dll-files.com fixer\dllfixer.exe | "{EE2EA9D3-ED0C-48A5-BCB4-AA1DBC642AEE}" = lport=4000 | protocol=6 | dir=out | app=c:\program files (x86)\dll-files.com fixer\dllfixer.exe | "{F17868BE-3D5B-4A13-89A2-54F54418F275}" = lport=4000 | protocol=6 | dir=out | app=c:\program files (x86)\dll-files.com fixer\dllfixer.exe | "{F17DA726-4E20-440D-805E-461B4D638A5A}" = lport=4000 | protocol=6 | dir=out | app=c:\program files (x86)\dll-files.com fixer\dllfixer.exe | "{F2CFC635-04C8-45B1-B651-E504C21AFCC9}" = lport=4000 | protocol=6 | dir=out | app=c:\program files (x86)\dll-files.com fixer\dllfixer.exe | "{F57192CB-6265-4801-A209-27EB3219E63A}" = lport=4000 | protocol=6 | dir=out | app=c:\program files (x86)\dll-files.com fixer\dllfixer.exe | ========== Vista Active Application Exception List ========== [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules] "{008001D7-D1E1-46F9-8E86-EF167D6A09B1}" = protocol=6 | dir=in | app=c:\program files (x86)\kodak\aio\center\kodak.statistics.exe | "{050645D6-C4DE-4CF0-A466-0717987A6459}" = dir=in | app=c:\program files (x86)\cyberlink\powerdvd13\kernel\dmr\powerdvd13dmrengine.exe | "{0791A015-0BC0-4FDC-AA2E-3EF5C0710EE8}" = protocol=17 | dir=in | app=c:\program files\intel\wimax\bin\appsrv.exe | "{079222BB-60B3-4D35-A75C-2111CC8AA079}" = protocol=17 | dir=in | app=c:\program files\intel\wimax\bin\dmagent.exe | "{1554403F-3ACD-473E-9A0C-0A75DB29C25D}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\xcom interceptor\interceptor.exe | "{17F4EF7B-81A4-4F0E-A215-8E75D0B5092B}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\x-com terror from the deep\runme.exe | "{1834DB76-889C-49F0-B24E-78F4ADDD48AD}" = protocol=6 | dir=out | app=c:\program files (x86)\rosettastoneltdservices\rosettastoneltdservices.exe | "{186E46D1-271B-4842-9CEC-849D500C1B9A}" = dir=in | app=c:\program files (x86)\cyberlink\powerdvd13\kernel\dms\clmsserverpdvd13.exe | "{1DD40BA9-39EE-4B1E-A534-9FF2AE842329}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\x-com terror from the deep\runme.exe | "{21E8A45B-2A36-4310-936F-443425765369}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\x-com terror from the deep\tfd\terror from the deep_patched.exe | "{22D27A85-0372-43F1-BE87-0F78279F2C5A}" = protocol=17 | dir=in | app=c:\program files (x86)\snugtv\snugtv station\configwizard.exe | "{28404896-FC21-452C-9074-DC92D5C97715}" = protocol=17 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe | "{287091FF-A691-4AD6-83F7-B4F533D1C2DE}" = protocol=6 | dir=out | app=c:\program files (x86)\rosetta stone\rosetta stone version 3\support\bin\win\rosettastoneltdservices.exe | "{2BB4F096-D930-4280-AF8C-81F1C1E7264A}" = protocol=17 | dir=in | app=c:\program files (x86)\pando networks\media booster\pmb.exe | "{2E606685-249E-4719-8F20-7D04134F9FC6}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\xcom enforcer\system\xcom.exe | "{2E9489B3-CE9C-4D44-9A54-554E32AB7F2C}" = protocol=6 | dir=in | app=c:\program files (x86)\microsoft games\rise of nations\thrones.exe | "{331756AF-2FDE-4776-A4CF-3C610C2D567A}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\pinballarcade\pinballarcade.exe | "{352FD001-310C-466A-93E7-03323869F8EC}" = protocol=6 | dir=in | app=c:\program files (x86)\microsoft office\office14\groove.exe | "{38B723D2-5FED-4F7A-96F7-43DF00708FE9}" = protocol=6 | dir=in | app=c:\programdata\kodak\installer\setup.exe | "{3A381C05-CA83-4F36-A0B1-BE1FE4C94C7D}" = protocol=17 | dir=in | app=c:\program files (x86)\microsoft games\rise of nations\thrones.exe | "{3A3CF981-332D-428B-992C-10295A9FB96D}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\xcom apocalypse\dosbox.exe | "{3AFD0BD5-A7D9-4402-A34D-C3CB46ABBA3B}" = protocol=17 | dir=in | app=c:\program files (x86)\adobe\adobe flash builder 4.6\flashbuilder.exe | "{3EE4CE1D-99ED-4B4D-ACEB-0D84BBD57AAF}" = protocol=6 | dir=in | app=c:\programdata\battle.net\agent\agent.1544\agent.exe | "{421B7140-B5A4-4745-A29F-5F6BF29E75CD}" = protocol=17 | dir=in | app=c:\program files (x86)\starcraft ii\starcraft ii public test.exe | "{4428EB7F-DAA5-4692-9233-17104338755B}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\x-com terror from the deep\tfd\terror from the deep_patched.exe | "{45B2ADC1-78AB-4BC7-ACE7-1A313F4ACD69}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\xcom enforcer\system\xcom.exe | "{49160EB4-97E5-44B6-91DA-AAAFB11E722D}" = protocol=17 | dir=in | app=c:\programdata\battle.net\agent\agent.1544\agent.exe | "{50D1EC2F-2DE6-4815-A82F-1A9C603A174B}" = protocol=6 | dir=in | app=c:\program files (x86)\kodak\aio\firmware\kodakaioupdater.exe | "{51DE4D51-1F2D-4903-8F5F-55F89C583F00}" = protocol=6 | dir=in | app=c:\program files (x86)\pando networks\media booster\pmb.exe | "{537EF2DB-F258-46F9-92A0-CEAA96C35540}" = protocol=17 | dir=in | app=c:\program files (x86)\codemasters\overlord ii\overlord2.exe | "{54871E02-704F-4C82-97AA-D3E273C2976C}" = protocol=6 | dir=in | app=c:\program files (x86)\microsoft office\office14\onenote.exe | "{54990C63-34DD-4395-8211-B4AB62DBE288}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steam.exe | "{566DEB48-934F-4827-A6B8-13645D8C37D2}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\xcom ufo defense\xcom\ufo defense_patched.exe | "{57773F57-6962-4532-AC4F-1416C229D8FB}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\xcom ufo defense\xcom\ufo defense_patched.exe | "{5BAB74E1-4445-42AF-AA78-90DC66DCA97E}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\xcom ufo defense\dosbox.exe | "{63AD95CB-29A0-4F4F-8BC5-A3AC094DF127}" = protocol=6 | dir=in | app=c:\program files (x86)\kodak\aio\center\networkprinterdiscovery.exe | "{6586FE8B-94FC-4638-97EB-8B3B3E29B35A}" = protocol=6 | dir=in | app=c:\program files (x86)\kodak\aio\center\aiohomecenter.exe | "{67A516F5-99CF-4780-BF7E-7331E792ADCA}" = protocol=58 | dir=out | name=@iphlpsvc.dll,-503 | "{6876FEFE-1D58-41B5-A662-062591185233}" = protocol=17 | dir=in | app=c:\program files (x86)\snugtv\snugtv station\amaserver.exe | "{743A906E-FC4E-4B4C-B484-22593FCC87E4}" = dir=in | app=c:\program files (x86)\cyberlink\powerdvd13\powerdvd13agent.exe | "{746238E1-3D40-49D8-A884-A4853C4F9711}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\xcom ufo defense\dosbox.exe | "{747AC2D0-2BF8-4BA8-9592-16F38112DFE5}" = dir=in | app=c:\program files (x86)\rosettastoneltdservices\rosettastonedaemon.exe | "{76295459-4109-4349-8232-F084755B35F6}" = protocol=6 | dir=in | app=c:\program files (x86)\codemasters\overlord ii\overlord2.exe | "{7AA4E73D-E00B-4FFB-AADB-407BA3318E4F}" = protocol=6 | dir=in | app=c:\program files\intel\wimax\bin\dmagent.exe | "{7FA8D53A-2A42-4AA9-BB31-3B6FB235F520}" = protocol=6 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe | "{81BE82E4-5D5A-40BD-A5CE-CB1F06540D46}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\xcom apocalypse\dosbox.exe | "{82EE3360-FCDB-4CDF-B2CC-B214E4400292}" = protocol=6 | dir=in | app=c:\program files (x86)\real\realplayer\rpds\bin\rpdsvc.exe | "{885FD54E-052A-4C2B-A545-0CB71979F9E2}" = protocol=6 | dir=in | app=c:\users\xagersfeld\appdata\roaming\dropbox\bin\dropbox.exe | "{89FB2F48-0E6E-4022-A71F-1C43B356B0AB}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\audiosurf\engine\questviewer.exe | "{911A213F-A636-4099-A17C-5B515CC83977}" = dir=in | app=c:\users\xagersfeld\appdata\local\facebook\video\skype\facebookvideocalling.exe | "{92E10364-056C-43B7-B3FD-03008E7F971C}" = protocol=6 | dir=in | app=c:\program files (x86)\starcraft ii\starcraft ii.exe | "{94720567-11AC-4EF0-8232-A21B981D0EBD}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\pinballarcade\pinballarcade.exe | "{94827469-145C-4446-9B5D-090919BA06BF}" = protocol=6 | dir=in | app=c:\program files (x86)\adobe\adobe flash builder 4.6\flashbuilder.exe | "{952EACC4-7E03-4340-BBC6-D5BCA3CF6924}" = dir=in | app=c:\program files (x86)\itunes\itunes.exe | "{95A7B74D-F722-4795-B5A0-27C65589FAA7}" = protocol=6 | dir=in | app=c:\program files (x86)\snugtv\snugtv station\amaserver.exe | "{95F59A04-5B0F-4111-928D-F4366E04364F}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\pinballarcade\pbaconfig.exe | "{988517E8-ABB0-40EC-9462-A2B3B87FB3F7}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\xcom interceptor\interceptor.exe | "{9EF11351-9FF6-498D-BD2B-12777E117000}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\audiosurf\engine\questviewer.exe | "{9F04C49A-A2CD-4F98-AB86-468457D2A93D}" = protocol=6 | dir=in | app=c:\program files (x86)\microsoft games\age of empires iii\age3y.exe | "{A15B7DB1-BC36-4B8C-BA32-E7459F6B9B9A}" = protocol=6 | dir=in | app=c:\program files\intel\wimax\bin\appsrv.exe | "{A48B46CC-1A0D-4187-8132-7D0E90A61E5C}" = protocol=6 | dir=in | app=c:\program files (x86)\bonjour\mdnsresponder.exe | "{A58CE522-D2F9-46C4-8D87-33C753B3B53E}" = dir=in | app=c:\program files (x86)\rosettastoneltdservices\rosettastoneltdservices.exe | "{A7EDCC1B-52E1-4A7E-911E-B6A288EACDBD}" = protocol=17 | dir=in | app=c:\program files (x86)\microsoft office\office14\onenote.exe | "{AAA4450A-794B-4E43-A342-488F4FD4BF53}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\pinballarcade\pbaconfig.exe | "{AB0BD79B-89D9-42ED-9B87-7E8D02614FA0}" = protocol=6 | dir=out | app=c:\program files (x86)\rosettastoneltdservices\rosettastonedaemon.exe | "{B44800F5-449F-4C05-8295-CB220F0E5BEB}" = protocol=6 | dir=in | app=c:\program files (x86)\pando networks\media booster\pmb.exe | "{B5CFF3E8-2DAE-4833-9276-C205EC4C3441}" = dir=in | app=c:\program files (x86)\rosetta stone\rosetta stone version 3\support\bin\win\rosettastoneltdservices.exe | "{B7B42C13-CAE6-4698-B3BA-26D641596EE5}" = protocol=17 | dir=in | app=c:\programdata\battle.net\agent\agent.2328\agent.exe | "{B86DE5EA-6374-4901-AEB8-9A86E26A1E6D}" = protocol=17 | dir=in | app=c:\program files (x86)\kodak\aio\firmware\kodakaioupdater.exe | "{BA6AC252-B331-438D-8605-9E18DBFB34DB}" = dir=in | app=c:\program files (x86)\common files\apple\apple application support\webkit2webprocess.exe | "{BD37D5D5-AFC9-42B7-A5A8-5B23BCE07E3D}" = protocol=17 | dir=in | app=c:\program files (x86)\microsoft games\age of empires iii\age3y.exe | "{C136C8C2-22D6-4F1A-AF28-865FD65EA2D7}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\defensegridtheawakening\defensegrid.exe | "{C665891B-AF9C-4003-83BA-444EF6564332}" = dir=in | app=c:\program files (x86)\pando networks\media booster\pmb.exe | "{C87C59CE-E5AD-46BD-975F-89E0156D184B}" = protocol=17 | dir=in | app=c:\program files (x86)\kodak\aio\center\aiohomecenter.exe | "{C88E3D0B-115C-4B52-ACDE-005DF8440466}" = protocol=17 | dir=in | app=c:\program files (x86)\kodak\aio\center\networkprinterdiscovery.exe | "{C8EBFC55-62C3-45FB-A70F-7CEE27AF225C}" = dir=in | app=c:\program files (x86)\cyberlink\powerdvd13\movie\powerdvd cinema\powerdvdcinema13.exe | "{C9055EBE-186B-4565-8FFE-BEA2BF120156}" = protocol=6 | dir=in | app=c:\program files (x86)\snugtv\snugtv station\configwizard.exe | "{CB091407-BF14-492D-9075-30AE6729EDBA}" = protocol=6 | dir=in | app=c:\program files (x86)\starcraft ii\starcraft ii public test.exe | "{D274E5FC-53C7-4061-A7EA-C95289F120E8}" = dir=in | app=c:\program files (x86)\rosetta stone\rosetta stone version 3\rosettastoneversion3.exe | "{D5243CDF-E716-4A17-8535-3D4FF8696B5D}" = protocol=17 | dir=in | app=c:\program files (x86)\pando networks\media booster\pmb.exe | "{D8B6A38C-337C-46B7-8EA9-AED758262534}" = protocol=17 | dir=in | app=c:\programdata\kodak\installer\setup.exe | "{D9E9A205-D45C-4633-BA8F-6141B4EBE305}" = protocol=17 | dir=in | app=c:\program files (x86)\microsoft office\office14\groove.exe | "{DC51BD89-B7DA-463E-90F8-864F2BC591AD}" = protocol=17 | dir=in | app=c:\program files (x86)\snugtv\snugtv station\amaserver.exe | "{DD146934-8F60-4876-A07B-21FCE5C5AC00}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\defensegridtheawakening\defensegrid.exe | "{DFFDBA9F-3A6B-4A3D-AC0C-9BB13498A079}" = dir=in | app=c:\program files (x86)\cyberlink\powerdvd13\movie\powerdvd.exe | "{E11ACED8-351B-4D07-A1C8-DE29076C33F2}" = dir=in | app=c:\program files (x86)\cyberlink\powerdvd13\powerdvd13.exe | "{E523AA12-8BB7-4DD7-9C9F-526FE4AE8C47}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steam.exe | "{E69FFF4D-618D-446D-9F13-510CA0070AE6}" = protocol=17 | dir=in | app=c:\program files (x86)\kodak\aio\center\kodak.statistics.exe | "{E6BDD103-BCD2-4529-9F56-B7777318DC0E}" = protocol=17 | dir=in | app=c:\users\xagersfeld\appdata\roaming\utorrent\utorrent.exe | "{E783D517-97A7-49D3-B22B-42D391FF028A}" = protocol=6 | dir=in | app=c:\program files (x86)\snugtv\snugtv station\amaserver.exe | "{EB2CC43D-CF34-47D3-B62C-9A1FAC6C1DF6}" = protocol=58 | dir=in | app=system | "{EDCB1F7B-2263-45DB-A071-5DD4DD5C5278}" = dir=in | app=c:\program files (x86)\cyberlink\powerdvd13\powerdvd13ml.exe | "{EF2DA4A2-F21B-4F03-813D-1902B9F1A4B0}" = protocol=17 | dir=in | app=c:\program files (x86)\starcraft ii\starcraft ii.exe | "{EFDE5875-0413-4F64-9822-55FF59820877}" = protocol=6 | dir=out | app=c:\program files (x86)\rosetta stone\rosetta stone version 3\rosettastoneversion3.exe | "{F3D5DF12-7325-4BEA-9D85-88CC966C9B54}" = protocol=17 | dir=in | app=c:\program files (x86)\bonjour\mdnsresponder.exe | "{F52AF246-AE0B-4605-B004-082370A287BE}" = protocol=6 | dir=in | app=c:\users\xagersfeld\appdata\roaming\utorrent\utorrent.exe | "{FBBB3F89-D97F-4B4B-B3C2-D1F5D35984BB}" = protocol=17 | dir=in | app=c:\users\xagersfeld\appdata\roaming\dropbox\bin\dropbox.exe | "{FF892F5E-F713-4BC3-A33C-B3F1BAB4387E}" = protocol=6 | dir=in | app=c:\programdata\battle.net\agent\agent.2328\agent.exe | "TCP Query User{0D06930E-3C83-46CA-B052-D964F6BCA19A}C:\program files (x86)\orcs must die 2\build\release\orcsmustdie2.exe" = protocol=6 | dir=in | app=c:\program files (x86)\orcs must die 2\build\release\orcsmustdie2.exe | "TCP Query User{177E6FD9-47F6-4451-BAB1-AE93BD5DE1FF}C:\program files (x86)\turbine\ddo unlimited\dndclient.exe" = protocol=6 | dir=in | app=c:\program files (x86)\turbine\ddo unlimited\dndclient.exe | "TCP Query User{2071F3A3-E936-49EB-BA04-30CFF4274884}C:\program files (x86)\starcraft ii\versions\base26490\sc2.exe" = protocol=6 | dir=in | app=c:\program files (x86)\starcraft ii\versions\base26490\sc2.exe | "TCP Query User{5BD26600-9DB6-4341-94E5-8C0B44D77AAB}C:\program files (x86)\robot entertainment\orcs must die!\build\release\orcsmustdie.exe" = protocol=6 | dir=in | app=c:\program files (x86)\robot entertainment\orcs must die!\build\release\orcsmustdie.exe | "TCP Query User{A2B59707-E058-4FF9-BC8F-DBD77A13CB3C}C:\program files (x86)\xcom enemy unknown\binaries\win32\xcomgame.exe" = protocol=6 | dir=in | app=c:\program files (x86)\xcom enemy unknown\binaries\win32\xcomgame.exe | "TCP Query User{AF8CDFDA-7BEE-49A5-BA4F-B4EE108072E6}C:\program files (x86)\antichamber\binaries\win32\udk.exe" = protocol=6 | dir=in | app=c:\program files (x86)\antichamber\binaries\win32\udk.exe | "TCP Query User{C4811557-726F-4483-B4BF-5F432B4498DC}C:\program files (x86)\starcraft ii\sc2-x.x.x.x-1.5.0.22342-enus-downloader.exe" = protocol=6 | dir=in | app=c:\program files (x86)\starcraft ii\sc2-x.x.x.x-1.5.0.22342-enus-downloader.exe | "TCP Query User{E4F49627-CAD6-495F-8F75-4992BD3857D7}C:\users\xagersfeld\appdata\roaming\dropbox\bin\dropbox.exe" = protocol=6 | dir=in | app=c:\users\xagersfeld\appdata\roaming\dropbox\bin\dropbox.exe | "UDP Query User{0154689C-EE3F-41E4-B92D-08607476855A}C:\program files (x86)\orcs must die 2\build\release\orcsmustdie2.exe" = protocol=17 | dir=in | app=c:\program files (x86)\orcs must die 2\build\release\orcsmustdie2.exe | "UDP Query User{0415FE87-0C07-41BA-AF41-329FF08FABAE}C:\program files (x86)\robot entertainment\orcs must die!\build\release\orcsmustdie.exe" = protocol=17 | dir=in | app=c:\program files (x86)\robot entertainment\orcs must die!\build\release\orcsmustdie.exe | "UDP Query User{0B520E5B-945C-4793-A0ED-2C94B7B2E075}C:\program files (x86)\starcraft ii\versions\base26490\sc2.exe" = protocol=17 | dir=in | app=c:\program files (x86)\starcraft ii\versions\base26490\sc2.exe | "UDP Query User{4770BA7C-F804-4647-8C7B-F0056CDA4CAD}C:\program files (x86)\antichamber\binaries\win32\udk.exe" = protocol=17 | dir=in | app=c:\program files (x86)\antichamber\binaries\win32\udk.exe | "UDP Query User{93573D50-4EEA-4D84-855E-BBFFE596CBB5}C:\program files (x86)\turbine\ddo unlimited\dndclient.exe" = protocol=17 | dir=in | app=c:\program files (x86)\turbine\ddo unlimited\dndclient.exe | "UDP Query User{9C7F7657-913D-4738-9C9A-59394FF0247F}C:\program files (x86)\xcom enemy unknown\binaries\win32\xcomgame.exe" = protocol=17 | dir=in | app=c:\program files (x86)\xcom enemy unknown\binaries\win32\xcomgame.exe | "UDP Query User{C1A6BFD6-DEFD-4110-96E4-8A0FE0284593}C:\program files (x86)\starcraft ii\sc2-x.x.x.x-1.5.0.22342-enus-downloader.exe" = protocol=17 | dir=in | app=c:\program files (x86)\starcraft ii\sc2-x.x.x.x-1.5.0.22342-enus-downloader.exe | "UDP Query User{C585BDC8-DECA-4E14-A0F5-ABEA78111248}C:\users\xagersfeld\appdata\roaming\dropbox\bin\dropbox.exe" = protocol=17 | dir=in | app=c:\users\xagersfeld\appdata\roaming\dropbox\bin\dropbox.exe | ========== HKEY_LOCAL_MACHINE Uninstall List ========== 64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall] "{1D8E6291-B0D5-35EC-8441-6616F567A0F7}" = Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 "{1F85668C-CEB7-7A2E-356C-C42F950A982C}" = AMD Accelerated Video Transcoding "{27EF8E7F-88D1-4ec5-ADE2-7E447FDF114E}" = Kodak AIO Printer "{2EF5D87E-B7BD-458F-8428-E4D0B8B4E65C}" = Apple Mobile Device Support "{4161341F-AE84-E404-4291-4E0322CCE809}" = AMD Media Foundation Decoders "{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 "{503F672D-6C84-448A-8F8F-4BC35AC83441}" = AMD APP SDK Runtime "{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 "{64A98EF1-2680-11E3-A909-F04DA23A5C58}" = Vegas Pro 12.0 (64-bit) "{6B00F0E1-2680-11E3-95F5-F04DA23A5C58}" = MSVCRT Redists "{6B58A964-29A5-467A-9CC4-EE1C4986214D}" = Intel® PROSet/Wireless WiMAX Software "{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}" = Bonjour "{72ad9d51-0903-4fe7-af5d-33b3185fa6e9}" = PACE License Support Win64 "{7FD0FD0D-AC40-A3BF-F2D4-54EFEDB0008F}" = AMD Drag and Drop Transcoding "{87CF757E-C1F1-4D22-865C-00C6950B5258}" = Quickset64 "{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight "{90140000-002A-0000-1000-0000000FF1CE}" = Microsoft Office Office 64-bit Components 2010 "{90140000-002A-0409-1000-0000000FF1CE}" = Microsoft Office Shared 64-bit MUI (English) 2010 "{90140000-0116-0409-1000-0000000FF1CE}" = Microsoft Office Shared 64-bit Setup Metadata MUI (English) 2010 "{9E9D49A4-1DF4-4138-B7DB-5D87A893088E}" = WIDCOMM Bluetooth Software "{AB58402A-43DE-551C-2B40-DD1CF0E21240}" = ccc-utility64 "{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}" = Microsoft Visual C++ 2005 Redistributable (x64) "{C80F0529-D1D1-4AA2-88F8-BF28118BB9F6}" = Dell 5530 Wireless Broadband Package "{D601CEAD-2E4F-4BBB-85CC-C29A4CE6A3C0}" = iTunes "{E6C44758-FF49-47D1-8182-65E3818ACE23}" = AuthenTec TrueSuite "{F0E2B312-D7FD-4349-A9B6-E90B36DB1BD1}" = Paint.NET v3.5.5 "{F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}" = Microsoft .NET Framework 4 Client Profile "{FAF03106-1653-15E1-3C0C-E7AE4FAE6EBF}" = AMD Catalyst Install Manager "6B6B5E96843E55CF5CF8C7E45FB457F1FE642FF1" = Windows Driver Package - Broadcom Bluetooth (07/30/2009 6.2.0.9405) "6B8550A319DDC8B17F35F4A89988705E4592349B" = Windows Driver Package - Broadcom Bluetooth (06/15/2009 6.2.0.9000) "815EB4ED418166EC2BBE3A39EAC38C74AE911A8C" = Windows Driver Package - AuthenTec Inc. (ATSwpWDF) Biometric (07/02/2009 8.5.0.251) "Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile "ProInst" = Intel PROSet Wireless "UDK-058dd224-b8be-4d0a-9458-66dd7c4bce9d" = My Game Long Name "Unknown Device Identifier_is1" = Unknown Device Identifier 8.01 "WinRAR archiver" = WinRAR 5.00 (64-bit) [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall] "{01501EBA-EC35-4F9F-8889-3BE346E5DA13}" = MSXML4 Parser "{048298C9-A4D3-490B-9FF9-AB023A9238F3}" = Steam "{08D2E121-7F6A-43EB-97FD-629B44903403}" = Microsoft_VC90_CRT_x86 "{0B03071A-C96E-34CA-E5A3-4D8DA8ACCB3D}" = CCC Help Polish "{1472627A-6E9F-DCB1-8894-E2BD249FD5E4}" = CCC Help Thai "{148E08FF-D7C4-46ED-8D4D-601C67FE0AFD}" = Rosetta Stone Version 3 "{185F9795-9663-4F13-9EF9-307A282ADB5A}" = ph "{19BFDA5D-1FE2-4F25-97F9-1A79DD04EE20}" = Microsoft XNA Framework Redistributable 3.1 "{1A2C316B-F842-6FB3-3C87-6FE02861F396}" = Catalyst Pro Control Center "{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 "{212125C1-E5A3-4810-A057-C20FB2A79327}" = Majesty - Gold Edition "{218BE476-B206-2879-B912-971E6E89E44D}" = CCC Help Finnish "{259A8A5E-2886-4BED-9EF1-D5485282CCC3}" = Overlord "{28C2DED6-325B-4CC7-983A-1777C8F7FBAB}" = RealUpgrade 1.1 "{2959A20E-C214-4E47-BAC5-C002926F0531}_is1" = The Elder Scrolls V Skyrim "{2A075BB4-E976-4278-BF3F-E5C6945D84C0}" = bl "{2B818257-E6C7-4841-8C29-C5C9A982BCE5}" = RICOH Media Driver ver.2.07.01.00 "{2BFC7AA0-544C-4E3A-8796-67F3BE655BE9}" = Microsoft XNA Framework Redistributable 4.0 "{2DFFE333-1B60-4CAA-F836-3CF0C99777CA}" = CCC Help Norwegian "{319D91C6-3D44-436C-9F79-36C0D22372DC}" = TP-LINK Wireless Configuration Utility "{35CB6715-41F8-4F99-8881-6FC75BF054B0}" = Oblivion "{364374D2-FE10-2170-2397-5B01F9D00093}" = CCC Help Spanish "{3CFDF154-7E60-4E98-A8DF-C693A4F8E6B6}" = CyberLink PowerDVD 13 "{3E9E68FB-49FA-410A-8787-424F2A506E0F}" = Business Plan Pro 15th Anniversary Edition "{3F92ABBB-6BBF-11D5-B229-002078017FBF}" = NetWaiting "{40786C7F-7078-5147-444E-D45DE808B684}" = CCC Help Portuguese "{43D3EA3E-2B72-57F3-40E0-318A614D0FDD}" = CCC Help Czech "{46F044A5-CE8B-4196-984E-5BD6525E361D}" = Apple Application Support "{48B41C3A-9A92-4B81-B653-C97FEB85C910}" = C4USelfUpdater "{4F7823C4-BB28-A63E-CE08-1B463D4682DE}" = CCC Help Dutch "{54B7A3C7-0940-4C16-A509-FC3C3758D22A}_is1" = Amnesia - The Dark Descent "{56BA241F-580C-43D2-8403-947241AAE633}" = center "{56C049BE-79E9-4502-BEA7-9754A3E60F9B}" = neroxml "{612C34C7-5E90-47D8-9B5C-0F717DD82726}" = swMSM "{6231FDA0-7E6F-11D4-A671-006008D09831}" = Sacrifice "{635FED5B-2C6D-49BE-87E6-7A6FCD22BC5A}" = Microsoft_VC90_MFC_x86 "{67ADE9AF-5CD9-4089-8825-55DE4B366799}" = NTI Backup NOW! 4.7 "{6B99AF03-2668-4572-BD3D-8C7A5D103065}" = AuthenTec Fingerprint Software "{6D7B8E2C-4356-619D-134F-FB36B0809958}" = CCC Help German "{6F173E00-2766-E174-C2E0-AD88F24685BD}" = CCC Help Swedish "{6F4535BC-A9F9-4E59-A83A-4DDA5A3C0580}" = AVerRadio "{6FAEC41D-0654-12C1-0068-770D19FC2446}" = CCC Help Italian "{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable "{73D239CC-D6B1-ADEC-A7BE-E100C7112004}" = CCC Help Korean "{7770E71B-2D43-4800-9CB3-5B6CAAEBEBEA}" = RealNetworks - Microsoft Visual C++ 2008 Runtime "{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}" = Apple Software Update "{7B9CC60A-9B81-46A3-A953-76B6BF9EEC97}" = Age of Empires III "{7BB2EF8A-5376-4BAE-96D0-38BE49501F40}" = Rosetta Stone Ltd Services "{7FF39807-D5D7-4758-9677-E3EE5A41779B}" = Dell Mobile Broadband Card Utility "{837b34e3-7c30-493c-8f6a-2b0f04e2912c}" = Microsoft Visual C++ 2005 Redistributable "{8D3D92F0-852F-D832-FD8B-029C8C231C13}" = CCC Help Russian "{8EF8D64B-0CE9-4079-B191-8902235D4ED1}" = RealDownloader "{90140000-0011-0000-0000-0000000FF1CE}" = Microsoft Office Professional Plus 2010 "{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{047B0968-E622-4FAA-9B4B-121FA109EDDE}" = Microsoft Office 2010 Service Pack 1 (SP1) "{90140000-0015-0409-0000-0000000FF1CE}" = Microsoft Office Access MUI (English) 2010 "{90140000-0015-0409-0000-0000000FF1CE}_Office14.PROPLUS_{6BD185A0-E67F-4F77-8BCD-E34EA6AE76DF}" = Microsoft Office 2010 Service Pack 1 (SP1) "{90140000-0016-0409-0000-0000000FF1CE}" = Microsoft Office Excel MUI (English) 2010 "{90140000-0016-0409-0000-0000000FF1CE}_Office14.PROPLUS_{6BD185A0-E67F-4F77-8BCD-E34EA6AE76DF}" = Microsoft Office 2010 Service Pack 1 (SP1) "{90140000-0018-0409-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (English) 2010 "{90140000-0018-0409-0000-0000000FF1CE}_Office14.PROPLUS_{6BD185A0-E67F-4F77-8BCD-E34EA6AE76DF}" = Microsoft Office 2010 Service Pack 1 (SP1) "{90140000-0019-0409-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (English) 2010 "{90140000-0019-0409-0000-0000000FF1CE}_Office14.PROPLUS_{6BD185A0-E67F-4F77-8BCD-E34EA6AE76DF}" = Microsoft Office 2010 Service Pack 1 (SP1) "{90140000-001A-0409-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (English) 2010 "{90140000-001A-0409-0000-0000000FF1CE}_Office14.PROPLUS_{6BD185A0-E67F-4F77-8BCD-E34EA6AE76DF}" = Microsoft Office 2010 Service Pack 1 (SP1) "{90140000-001B-0409-0000-0000000FF1CE}" = Microsoft Office Word MUI (English) 2010 "{90140000-001B-0409-0000-0000000FF1CE}_Office14.PROPLUS_{6BD185A0-E67F-4F77-8BCD-E34EA6AE76DF}" = Microsoft Office 2010 Service Pack 1 (SP1) "{90140000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2010 "{90140000-001F-0409-0000-0000000FF1CE}_Office14.PROPLUS_{99ACCA38-6DD3-48A8-96AE-A283C9759279}" = Microsoft Office 2010 Service Pack 1 (SP1) "{90140000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2010 "{90140000-001F-040C-0000-0000000FF1CE}_Office14.PROPLUS_{46298F6A-1E7E-4D4A-B5F5-106A4F0E48C6}" = Microsoft Office 2010 Service Pack 1 (SP1) "{90140000-001F-0C0A-0000-0000000FF1CE}" = Microsoft Office Proof (Spanish) 2010 "{90140000-001F-0C0A-0000-0000000FF1CE}_Office14.PROPLUS_{DEA87BE2-FFCC-4F33-9946-FCBE55A1E998}" = Microsoft Office 2010 Service Pack 1 (SP1) "{90140000-002A-0000-1000-0000000FF1CE}_Office14.PROPLUS_{967EF02C-5C7E-4718-8FCB-BDC050190CCF}" = Microsoft Office 2010 Service Pack 1 (SP1) "{90140000-002A-0409-1000-0000000FF1CE}_Office14.PROPLUS_{D6C6B46A-6CE1-4561-84A0-EFD58B8AB979}" = Microsoft Office 2010 Service Pack 1 (SP1) "{90140000-002C-0409-0000-0000000FF1CE}" = Microsoft Office Proofing (English) 2010 "{90140000-002C-0409-0000-0000000FF1CE}_Office14.PROPLUS_{7CA93DF4-8902-449E-A42E-4C5923CFBDE3}" = Microsoft Office 2010 Service Pack 1 (SP1) "{90140000-0044-0409-0000-0000000FF1CE}" = Microsoft Office InfoPath MUI (English) 2010 "{90140000-0044-0409-0000-0000000FF1CE}_Office14.PROPLUS_{6BD185A0-E67F-4F77-8BCD-E34EA6AE76DF}" = Microsoft Office 2010 Service Pack 1 (SP1) "{90140000-006E-0409-0000-0000000FF1CE}" = Microsoft Office Shared MUI (English) 2010 "{90140000-006E-0409-0000-0000000FF1CE}_Office14.PROPLUS_{4560037C-E356-444A-A015-D21F487D809E}" = Microsoft Office 2010 Service Pack 1 (SP1) "{90140000-00A1-0409-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (English) 2010 "{90140000-00A1-0409-0000-0000000FF1CE}_Office14.PROPLUS_{6BD185A0-E67F-4F77-8BCD-E34EA6AE76DF}" = Microsoft Office 2010 Service Pack 1 (SP1) "{90140000-00BA-0409-0000-0000000FF1CE}" = Microsoft Office Groove MUI (English) 2010 "{90140000-00BA-0409-0000-0000000FF1CE}_Office14.PROPLUS_{6BD185A0-E67F-4F77-8BCD-E34EA6AE76DF}" = Microsoft Office 2010 Service Pack 1 (SP1) "{90140000-0115-0409-0000-0000000FF1CE}" = Microsoft Office Shared Setup Metadata MUI (English) 2010 "{90140000-0115-0409-0000-0000000FF1CE}_Office14.PROPLUS_{4560037C-E356-444A-A015-D21F487D809E}" = Microsoft Office 2010 Service Pack 1 (SP1) "{90140000-0116-0409-1000-0000000FF1CE}_Office14.PROPLUS_{D6C6B46A-6CE1-4561-84A0-EFD58B8AB979}" = Microsoft Office 2010 Service Pack 1 (SP1) "{90140000-0117-0409-0000-0000000FF1CE}" = Microsoft Office Access Setup Metadata MUI (English) 2010 "{90140000-0117-0409-0000-0000000FF1CE}_Office14.PROPLUS_{6BD185A0-E67F-4F77-8BCD-E34EA6AE76DF}" = Microsoft Office 2010 Service Pack 1 (SP1) "{92C41B26-EBC5-41C5-8B6F-E3EF7E57FF16}" = AVerMedia Applications "{92D58719-BBC1-4CC3-A08B-56C9E884CC2C}" = Microsoft_VC80_CRT_x86 "{933B4015-4618-4716-A828-5289FC03165F}" = VC80CRTRedist - 8.0.50727.6195 "{963FFEAB-16E5-EB69-4E64-338B3D319FB4}" = CCC Help Chinese Standard "{980A182F-E0A2-4A40-94C1-AE0C1235902E}" = Pando Media Booster "{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 "{9BA4679A-4795-4B47-A547-2BE01BCB9CD7}" = Movie Magic Screenwriter 6 "{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 "{9DBAF799-E58E-4F60-94FD-E1B9B5D56E38}" = Movie Magic Screenwriter 6 "{9F7E9D7B-3291-96CE-A27F-DD4F6EB230EA}" = CCC Help Chinese Traditional "{A33E7B0C-B99C-4EC9-B702-8A328B161AF9}" = Roxio Burn "{A6FDE264-C48D-36CE-CFA7-ABBEB861AC10}" = Catalyst Control Center Localization All "{A724605D-B399-4304-B8C7-33B3EF7D4677}" = Bully Scholarship Edition "{A87B11AC-4344-4E5D-8B12-8F471A87DAD9}" = LightScribe 1.4.136.1 "{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper "{AAECF7BA-E83B-4A10-87EA-DE0B333F8734}" = RealNetworks - Microsoft Visual C++ 2010 Runtime "{AB3ED2E9-3F65-4689-B483-3B0F5F2C6A62}" = SnugTV Station "{AC76BA86-1033-F400-7760-000000000005}" = Adobe Acrobat X Pro - English, Français, Deutsch "{AC76BA86-7AD7-1033-7B44-AB0000000001}" = Adobe Reader XI (11.0.04) "{ADCC857B-9A9E-411F-A441-8FDCD120043A}" = NTI CD & DVD-Maker "{AF37176A-78CA-545B-34EF-8B6A21514DD1}" = Adobe Help Manager "{B2E47DE7-800B-40BB-BD1F-9F221C3AEE87}" = Roxio Burn "{B31A9284-632D-683E-3BD0-F6926D445A7B}" = CCC Help Danish "{B4092C6D-E886-4CB2-BA68-FE5A99D31DE7}_is1" = Spybot - Search & Destroy "{B67BAFBA-4C9F-48FA-9496-933E3B255044}" = QuickTime "{B6D38690-755E-4F40-A35A-23F8BC2B86AC}" = Microsoft_VC90_MFCLOC_x86 "{B7A75523-3D7F-CF23-12F7-999EAF6C7167}" = CCC Help Japanese "{B8C3B479-1716-11D5-968A-0050BA84F5F7}" = Baldur's Gate II - Throne of Bhaal "{B92C5909-1D37-4C51-8397-A28BB28E5DC3}" = Facebook Video Calling 1.2.0.287 "{BE94C681-68E2-4561-8ABC-8D2E799168B4}" = essentials "{BFBCF96F-7361-486A-965C-54B17AC35421}" = ocr "{BFEAAE77-BD7F-4534-B286-9C5CB4697EB1}" = PDF Settings CS6 "{C0C6BCBC-0884-4C66-B5EF-0B7668FE2B10}" = TP-LINK TL-WDN3200 Driver "{C43C1415-3DFC-4089-9A32-0BECF28A6046}" = Age of Empires III - The Asian Dynasties "{C821D689-95BE-0D60-255E-D9B89CB3019F}" = Catalyst Control Center Graphics Previews Common "{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}" = Microsoft .NET Framework 1.1 "{CE1458AA-23A7-332D-68D9-86B799898DA6}" = CCC Help Greek "{CE75C837-4BA9-4CF8-B912-C3ED5BD0EAAC}" = You Don't Know Jack® "{D2912CB2-F95A-406C-AA88-2BB5DCB6D275}" = AVer Media Center "{D69C8EDE-BBC5-436B-8E0E-C5A6D311CF4F}" = Microsoft XNA Framework Redistributable 4.0 Refresh "{DA54D3F7-4915-1A37-7EA8-2741F05B77AC}" = HydraVision "{DA5BDB2A-12F0-4343-8351-21AAEB293990}" = PreReq "{DD1865F0-AD73-40FB-B23E-1822E02396FF}" = NVIDIA PhysX "{E0655E94-1D4D-8484-64C6-E6F847B7BE92}" = CCC Help Turkish "{E0F274B7-592B-4669-8FB8-8D9825A09858}" = KODAK AiO Software "{E2F0AF23-FE2F-4222-9A43-55E63CC41EF1}" = Catalyst Control Center - Branding "{E3A5A8AB-58F6-45FF-AFCB-C9AE18C05001}" = IDT Audio "{E3AE96D6-E196-45B4-AF62-2B41998B9E37}" = UpdateService "{E426CEC1-35C5-42BF-913E-6EF8F1211D01}" = Overlord II "{E555950B-1496-C37C-CA2C-2DF8745A5BE9}" = CCC Help English "{E8AD3069-9EB7-4BA8-8BFE-83F4E69355C0}" = Adobe Creative Suite 6 Master Collection "{EE229D0E-3D9E-636C-6E75-9436A87C7E49}" = CCC Help French "{EF53BFAB-4C10-40DB-A82D-9B07111715C6}" = aioscnnr "{EFBE6DD5-B224-96E5-72B9-68D328CB12A6}" = Adobe Widget Browser "{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}" = Microsoft SQL Server 2005 Compact Edition [ENU] "{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}" = Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 "{F138762F-5A1F-4CF0-A5E1-1588EF6088A4}" = The Witcher "{F536CCF1-C4C1-5FB9-6B17-F883DFFAE569}" = CCC Help Hungarian "{FE23D063-934D-4829-A0D8-00634CE79B4A}" = Adobe AIR "{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 "15b35190-c6f9-11d9-9669-0800200c9a66_is1" = Dungeons & Dragons Online ®: Eberron Unlimited ™ v01.13.00.802 "Adobe AIR" = Adobe AIR "Adobe Flash Player ActiveX" = Adobe Flash Player 11 ActiveX "Adobe Flash Player Plugin" = Adobe Flash Player 11 Plugin "Adobe Shockwave Player" = Adobe Shockwave Player 12.0 "Advanced SystemCare 7_is1" = Advanced SystemCare 7 "Age of Empires" = Microsoft Age of Empires "Age of Empires 2.0" = Microsoft Age of Empires II "Age of Empires Expansion 1.0" = Microsoft Age of Empires Expansion "Age of Empires II: The Conquerors Expansion 1.0" = Microsoft Age of Empires II: The Conquerors Expansion "Amazon MP3 Downloader" = Amazon MP3 Downloader 1.0.10 "ASIO4ALL" = ASIO4ALL "Audacity_is1" = Audacity 1.2.6 "AVerMedia H968 Hybrid TV Tuner" = AVerMedia H968 Hybrid TV Tuner 2.1.64.35 "AVerMedia Media Center Plug-ins" = AVerMedia Media Center Plug-ins 2.0.8.0 "Bastion_is1" = Bastion "chc.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1" = Adobe Help Manager "com.adobe.WidgetBrowser" = Adobe Widget Browser "DivX Setup" = DivX Setup "Dll-Files Fixer_is1" = Dll-Files Fixer "Dont Starvev1.78078" = Dont Starve "Dramatica Pro 4.0" = Dramatica Pro 4.0 "Driver Booster_is1" = Driver Booster "Dungeon Keeper II" = Dungeon Keeper 2 "Dungeons and Dragons Daggerdale_is1" = Dungeons and Dragons Daggerdale "Fallout" = Fallout "Fallout Tactics" = Fallout Tactics "Fallout2" = Fallout2 "FL Studio 9" = FL Studio 9 "Free FLV Converter_is1" = Free FLV Converter V 7.6.1 "Free WebM Video Converter_is1" = Free WebM Video Converter version 5.0.30.1029 "GameSpy Arcade" = GameSpy Arcade "GOGPACKROGUELEGACY_is1" = Rogue Legacy "GOGPACKUNEPIC_is1" = Unepic "Google Chrome" = Google Chrome "Hardcore" = Hardcore "IL Download Manager" = IL Download Manager "InstallShield_{3CFDF154-7E60-4E98-A8DF-C693A4F8E6B6}" = CyberLink PowerDVD 13 "InstallShield_{72ad9d51-0903-4fe7-af5d-33b3185fa6e9}" = PACE License Support Win64 "InstallShield_{7B9CC60A-9B81-46A3-A953-76B6BF9EEC97}" = Age of Empires III "InstallShield_{92C41B26-EBC5-41C5-8B6F-E3EF7E57FF16}" = AVerMedia Applications "InstallShield_{A724605D-B399-4304-B8C7-33B3EF7D4677}" = Bully Scholarship Edition "InstallShield_{ADCC857B-9A9E-411F-A441-8FDCD120043A}" = NTI CD & DVD-Maker 7 Platinum "InstallShield_{C43C1415-3DFC-4089-9A32-0BECF28A6046}" = Age of Empires III - The Asian Dynasties "InstallShield_{D2912CB2-F95A-406C-AA88-2BB5DCB6D275}" = AVer Media Center "IObit Malware Fighter_is1" = IObit Malware Fighter "IObit Surfing Protection_is1" = Surfing Protection "IObitUninstall" = IObit Uninstaller "KLiteCodecPack_is1" = K-Lite Codec Pack 10.1.0 Full "Legend of Grimrock_is1" = Legend of Grimrock version 2.0.1.19 "Malwarebytes' Anti-Malware_is1" = Malwarebytes Anti-Malware version 1.75.0.1300 "Microsoft .NET Framework 1.1 (1033)" = Microsoft .NET Framework 1.1 "Mozilla Firefox 25.0.1 (x86 en-US)" = Mozilla Firefox 25.0.1 (x86 en-US) "MozillaMaintenanceService" = Mozilla Maintenance Service "MSTTS" = Microsoft Text-to-Speech Engine 4.0 (English) "Neverwinter Nights Diamond Edition_is1" = Neverwinter Nights Diamond Edition "Nox" = Nox "Office14.PROPLUS" = Microsoft Office Professional Plus 2010 "Orcs Must Die 2_is1" = Orcs Must Die 2 "Orcs Must Die!_is1" = Orcs Must Die! "PoiZone" = PoiZone "PowerISO" = PowerISO "PrintProjects" = PrintProjects "RealPlayer 17.0" = RealPlayer Cloud "RiseOfNationsExpansion 1.0" = Rise of Nations "Roberta Williams Phantasmagoria_is1" = Roberta Williams Phantasmagoria "RPGVXAce_RTP_is1" = RPG MAKER VX Ace RTP "Runic Games Torchlight" = Torchlight "Sakura" = Sakura "Sawer" = Sawer "Sierra Utilities" = Sierra Utilities "Smart Defrag 2_is1" = Smart Defrag 2 "Starcraft" = Starcraft "StarCraft II" = StarCraft II "Steam App 12900" = Audiosurf "Steam App 18500" = Defense Grid: The Awakening "Steam App 238260" = Pinball Arcade "Steam App 7650" = X-COM: Terror from the Deep "Steam App 7660" = X-COM: Apocalypse "Steam App 7730" = X-COM: Interceptor "Steam App 7760" = X-COM: UFO Defense "Steam App 7770" = X-COM: Enforcer "The Chronicles of Riddick - Assault on Dark Athena_is1" = The Chronicles of Riddick - Assault on Dark Athena "Torchlight II © Runic Games_is1" = Torchlight II © Runic Games version 1 "Toxic Biohazard" = Toxic Biohazard "VDMSound" = VDMSound "VLC media player" = VLC media player 2.1.0 "Warcraft II BNE" = Warcraft II BNE "Warcraft III" = Warcraft III "Wise Registry Cleaner_is1" = Wise Registry Cleaner 7.88 "WOLAPI" = Westwood Shared Internet Components "World of Warcraft" = World of Warcraft "XCOM: Enemy Unknown_is1" = XCOM: Enemy Unknown "You Don't Know Jack The Ride" = You Don't Know Jack The Ride ========== HKEY_USERS Uninstall List ========== [HKEY_USERS\S-1-5-21-1389256882-4216407415-1763555839-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall] "9204f5692a8faf3b" = Dell System Detect "Dropbox" = Dropbox "Warcraft III" = Warcraft III: All Products ========== Last 20 Event Log Errors ========== [ Application Events ] Error - 11/17/2013 2:05:25 PM | Computer Name = xagersfeld-PC | Source = IMFservice | ID = 0 Description = Error - 11/17/2013 2:05:26 PM | Computer Name = xagersfeld-PC | Source = IMFservice | ID = 0 Description = Error - 11/17/2013 2:08:01 PM | Computer Name = xagersfeld-PC | Source = Bonjour Service | ID = 100 Description = mDNSCoreReceiveResponse: Received from 192.168.0.5:5353 23 5.0.168.192.in-addr.arpa. PTR xagersfeld-PC-2.local. Error - 11/17/2013 2:08:01 PM | Computer Name = xagersfeld-PC | Source = Bonjour Service | ID = 100 Description = mDNSCoreReceiveResponse: Unexpected conflict discarding 21 5.0.168.192.in-addr.arpa. PTR xagersfeld-PC.local. Error - 11/17/2013 2:08:39 PM | Computer Name = xagersfeld-PC | Source = WinMgmt | ID = 10 Description = [ AVer AutoUpdate Events ] Error - 11/7/2013 4:01:43 PM | Computer Name = xagersfeld-PC | Source = AVerUpdate Server | ID = 0 Description = Error - 11/7/2013 4:02:05 PM | Computer Name = xagersfeld-PC | Source = AVerUpdate Server | ID = 0 Description = Error - 11/10/2013 4:01:24 PM | Computer Name = xagersfeld-PC | Source = AVerUpdate Server | ID = 0 Description = Error - 11/10/2013 4:01:46 PM | Computer Name = xagersfeld-PC | Source = AVerUpdate Server | ID = 0 Description = Error - 11/10/2013 4:02:08 PM | Computer Name = xagersfeld-PC | Source = AVerUpdate Server | ID = 0 Description = Error - 11/13/2013 4:01:21 PM | Computer Name = xagersfeld-PC | Source = AVerUpdate Server | ID = 0 Description = Error - 11/13/2013 4:01:43 PM | Computer Name = xagersfeld-PC | Source = AVerUpdate Server | ID = 0 Description = Error - 11/13/2013 4:02:05 PM | Computer Name = xagersfeld-PC | Source = AVerUpdate Server | ID = 0 Description = Error - 11/13/2013 4:02:27 PM | Computer Name = xagersfeld-PC | Source = AVerUpdate Server | ID = 0 Description = Error - 11/13/2013 4:02:49 PM | Computer Name = xagersfeld-PC | Source = AVerUpdate Server | ID = 0 Description = [ System Events ] Error - 11/17/2013 2:07:25 PM | Computer Name = xagersfeld-PC | Source = volmgr | ID = 262190 Description = Crash dump initialization failed! Error - 11/17/2013 2:07:47 PM | Computer Name = xagersfeld-PC | Source = ACPI | ID = 327693 Description = : The embedded controller (EC) did not respond within the specified timeout period. This may indicate that there is an error in the EC hardware or firmware or that the BIOS is accessing the EC incorrectly. You should check with your computer manufacturer for an upgraded BIOS. In some situations, this error may cause the computer to function incorrectly. Error - 11/17/2013 2:07:59 PM | Computer Name = xagersfeld-PC | Source = Application Popup | ID = 875 Description = Driver atksgt.sys has been blocked from loading. Error - 11/17/2013 2:07:59 PM | Computer Name = xagersfeld-PC | Source = Service Control Manager | ID = 7000 Description = The atksgt service failed to start due to the following error: %%1275 < End of report >

(Continued) [2013/11/03 21:56:16 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\ASIO4ALL v2 [2013/11/03 21:56:07 | 000,225,280 | ---- | C] (Propellerhead Software AB) -- C:\Windows\SysWow64\rewire.dll [2013/11/03 21:56:06 | 000,000,000 | ---D | C] -- C:\Users\xagersfeld\Documents\Image-Line [2013/11/03 21:56:05 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Image-Line [2013/11/03 21:55:52 | 000,000,000 | ---D | C] -- C:\Users\xagersfeld\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Image-Line [2013/11/03 21:55:51 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\VstPlugins [2013/11/03 21:55:51 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Outsim [2013/11/03 21:54:50 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Image-Line [2013/11/03 21:00:09 | 000,000,000 | ---D | C] -- C:\Users\xagersfeld\AppData\Roaming\Publish Providers [2013/11/03 20:47:08 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Sony [2013/11/03 20:46:33 | 000,000,000 | ---D | C] -- C:\Users\xagersfeld\AppData\Local\Sony [2013/11/03 20:46:33 | 000,000,000 | ---D | C] -- C:\ProgramData\Sony [2013/11/03 20:46:33 | 000,000,000 | ---D | C] -- C:\Program Files\Sony [2013/11/03 20:46:33 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Sony [2013/11/03 20:45:49 | 000,000,000 | ---D | C] -- C:\Users\xagersfeld\AppData\Roaming\Sony [2013/11/03 20:16:24 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\Adobe [2013/11/03 20:02:23 | 000,000,000 | ---D | C] -- C:\ProgramData\McAfee [2013/11/03 20:00:59 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Adobe [2013/11/03 20:00:59 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Adobe [2013/11/03 20:00:41 | 000,000,000 | ---D | C] -- C:\ProgramData\Adobe [2013/11/03 19:39:15 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SharePoint [2013/11/03 19:39:15 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office [2013/11/03 19:38:23 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft Synchronization Services [2013/11/03 19:38:23 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\DESIGNER [2013/11/03 19:38:06 | 000,000,000 | ---D | C] -- C:\Windows\PCHEALTH [2013/11/03 19:38:06 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft Sync Framework [2013/11/03 19:38:05 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft.NET [2013/11/03 19:35:42 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft Visual Studio 8 [2013/11/03 19:35:04 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft Office [2013/11/03 19:34:45 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft Analysis Services [2013/11/03 19:33:45 | 000,000,000 | ---D | C] -- C:\Users\xagersfeld\AppData\Local\Microsoft Help [2013/11/03 19:33:37 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft Office [2013/11/03 19:33:36 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft Help [2013/11/03 19:33:22 | 000,000,000 | R--D | C] -- C:\MSOCache [2013/11/03 16:50:06 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\wocaffe [2013/11/03 16:50:06 | 000,000,000 | ---D | C] -- C:\ProgramData\TrueSuite [2013/11/03 16:50:06 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TrueSuite [2013/11/03 16:50:06 | 000,000,000 | ---D | C] -- C:\Program Files\TrueSuite [2013/11/03 16:50:01 | 000,000,000 | ---D | C] -- C:\ProgramData\Downloaded Installations [2013/11/03 16:47:30 | 000,716,872 | ---- | C] (AuthenTec, Inc.) -- C:\Windows\SysNative\drivers\ATSwpWDF.sys [2013/11/03 15:16:27 | 000,000,000 | ---D | C] -- C:\Users\xagersfeld\AppData\Roaming\Turbine [2013/11/03 15:15:19 | 000,000,000 | ---D | C] -- C:\Users\xagersfeld\AppData\Local\Turbine [2013/11/03 15:12:29 | 000,000,000 | ---D | C] -- C:\Users\xagersfeld\AppData\Local\ApplicationHistory [2013/11/03 15:11:00 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\URTTEMP [2013/11/03 14:55:05 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Turbine [2013/11/03 14:23:15 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PowerISO [2013/11/03 14:21:41 | 000,000,000 | -H-D | C] -- C:\ProgramData\Common Files [2013/11/03 14:21:30 | 000,127,384 | ---- | C] (Power Software Ltd) -- C:\Windows\SysNative\drivers\scdemu.sys [2013/11/03 14:21:30 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\PowerISO [2013/11/03 14:18:02 | 000,000,000 | ---D | C] -- C:\Program Files\Paint.NET [2013/11/03 14:17:17 | 000,000,000 | ---D | C] -- C:\Users\xagersfeld\AppData\Local\Paint.NET [2013/11/03 14:01:29 | 000,000,000 | ---D | C] -- C:\Users\xagersfeld\AppData\Roaming\DivX [2013/11/03 13:50:36 | 000,000,000 | ---D | C] -- C:\Users\xagersfeld\AppData\Local\PMB Files [2013/11/03 13:50:35 | 000,000,000 | ---D | C] -- C:\ProgramData\PMB Files [2013/11/03 13:50:27 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Pando Networks [2013/11/03 13:37:01 | 000,000,000 | -H-D | C] -- C:\Windows\AxInstSV [2013/11/03 13:34:48 | 000,397,312 | ---- | C] (Koyote-Lab Inc) -- C:\Windows\SysWow64\TubeFinder.exe [2013/11/03 13:34:48 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Free FLV Converter [2013/11/03 13:34:46 | 000,000,000 | ---D | C] -- C:\Users\xagersfeld\AppData\Roaming\FreeFLVConverter [2013/11/03 13:34:46 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Free FLV Converter [2013/11/03 13:31:38 | 000,000,000 | ---D | C] -- C:\Users\xagersfeld\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Steam [2013/11/03 13:25:01 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Steam [2013/11/03 13:24:57 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Steam [2013/11/03 13:24:57 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Steam [2013/11/03 13:22:47 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\uTorrent [2013/11/03 13:22:36 | 000,000,000 | ---D | C] -- C:\Users\xagersfeld\AppData\Roaming\uTorrent [2013/11/03 13:19:37 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Audacity [2013/11/03 13:18:58 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Amazon [2013/11/03 13:18:58 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Amazon [2013/11/03 13:18:12 | 000,000,000 | R--D | C] -- C:\Users\xagersfeld\Dropbox [2013/11/03 13:16:58 | 000,000,000 | ---D | C] -- C:\Users\xagersfeld\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dropbox [2013/11/03 13:16:13 | 000,000,000 | ---D | C] -- C:\Users\xagersfeld\AppData\Roaming\Dropbox [2013/11/03 13:14:05 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DivX [2013/11/03 13:14:01 | 000,000,000 | ---D | C] -- C:\Program Files\DivX [2013/11/03 13:13:50 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\DivX Shared [2013/11/03 13:11:36 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\DivX [2013/11/03 13:10:48 | 000,000,000 | ---D | C] -- C:\ProgramData\DivX [2013/11/03 13:03:54 | 000,000,000 | ---D | C] -- C:\ProgramData\Ralink [2013/11/03 13:03:53 | 000,000,000 | ---D | C] -- C:\Users\xagersfeld\AppData\Roaming\TP-LINK [2013/11/03 13:03:40 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TP-LINK [2013/11/03 13:03:37 | 001,608,768 | ---- | C] (Ralink Technology, Corp.) -- C:\Windows\SysWow64\RaCertMgr.dll [2013/11/03 13:03:37 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\TP-LINK [2013/11/03 13:01:25 | 001,675,840 | ---- | C] (Ralink Technology Corp.) -- C:\Windows\SysNative\netr28ux.sys [2013/11/03 13:01:25 | 001,675,840 | ---- | C] (Ralink Technology Corp.) -- C:\Windows\SysNative\drivers\netr28ux.sys [2013/11/03 13:01:25 | 000,327,008 | ---- | C] (Ralink Technology, Inc.) -- C:\Windows\SysNative\RaCoInstx.dll [2013/11/03 13:00:09 | 000,000,000 | ---D | C] -- C:\ProgramData\TP-LINK [2013/11/03 12:43:47 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\kodak [2013/11/03 12:42:05 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PrintProjects [2013/11/03 12:42:04 | 000,000,000 | ---D | C] -- C:\ProgramData\Visan [2013/11/03 12:42:04 | 000,000,000 | ---D | C] -- C:\ProgramData\PrintProjects [2013/11/03 12:42:04 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\PrintProjects [2013/11/03 12:41:44 | 000,000,000 | ---D | C] -- C:\Users\xagersfeld\AppData\Local\Eastman_Kodak_Company [2013/11/03 12:40:58 | 000,000,000 | ---D | C] -- C:\Users\xagersfeld\AppData\Local\Eastman Kodak Company [2013/11/03 12:40:50 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Kodak [2013/11/03 12:40:45 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\kodak [2013/11/03 12:39:28 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Kodak [2013/11/03 12:37:50 | 000,000,000 | ---D | C] -- C:\Users\xagersfeld\AppData\Roaming\Temp [2013/11/03 12:37:49 | 000,000,000 | ---D | C] -- C:\ProgramData\Kodak [2013/11/03 12:34:26 | 000,000,000 | ---D | C] -- C:\Users\xagersfeld\AppData\Local\AVer MediaCenter [2013/11/03 12:31:21 | 000,000,000 | ---D | C] -- C:\Users\xagersfeld\AppData\Roaming\Roxio [2013/11/03 12:20:49 | 000,000,000 | ---D | C] -- C:\Users\xagersfeld\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dell [2013/11/03 12:20:33 | 000,000,000 | ---D | C] -- C:\Users\xagersfeld\AppData\Local\Apps [2013/11/03 12:20:32 | 000,000,000 | ---D | C] -- C:\Users\xagersfeld\AppData\Local\Deployment [2013/11/03 11:57:53 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Dell Wireless [2013/11/03 11:57:52 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Zeepe Framework 7 [2013/11/03 11:57:52 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Telespree [2013/11/03 11:57:51 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Telespree [2013/11/03 11:57:51 | 000,000,000 | ---D | C] -- C:\ProgramData\Novatel Wireless [2013/11/03 11:57:51 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Dell [2013/11/03 11:55:49 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NetWaiting [2013/11/03 11:55:47 | 000,000,000 | ---D | C] -- C:\Users\xagersfeld\AppData\Local\BVRP Software [2013/11/03 11:54:23 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\NetWaiting [2013/11/03 11:54:19 | 000,000,000 | ---D | C] -- C:\Users\xagersfeld\AppData\Roaming\InstallShield [2013/11/03 11:53:36 | 000,000,000 | ---D | C] -- C:\Users\xagersfeld\AppData\Local\Novatel Wireless [2013/11/03 11:50:28 | 012,151,808 | ---- | C] (IDT, Inc.) -- C:\Windows\SysNative\idtcpl64.cpl [2013/11/03 11:50:28 | 003,593,216 | ---- | C] (IDT, Inc.) -- C:\Windows\SysNative\stlang64.dll [2013/11/03 11:50:28 | 000,564,224 | ---- | C] (IDT, Inc.) -- C:\Windows\SysNative\idt64mp1.exe [2013/11/03 11:50:28 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\SRSLabs [2013/11/03 11:50:04 | 001,431,040 | ---- | C] (IDT, Inc.) -- C:\Windows\SysNative\stapo64.dll [2013/11/03 11:50:04 | 000,598,016 | ---- | C] (IDT, Inc.) -- C:\Windows\SysNative\stapi64.dll [2013/11/03 11:50:04 | 000,487,424 | ---- | C] (IDT, Inc.) -- C:\Windows\SysNative\drivers\stwrt64.sys [2013/11/03 11:50:04 | 000,431,616 | ---- | C] (IDT, Inc.) -- C:\Windows\SysNative\stcplx64.dll [2013/11/03 11:50:04 | 000,209,920 | ---- | C] (IDT, Inc.) -- C:\Windows\SysNative\st646217.dll [2013/11/03 11:50:03 | 000,000,000 | ---D | C] -- C:\Program Files\IDT [2013/11/03 11:46:41 | 000,000,000 | ---D | C] -- C:\Users\xagersfeld\AppData\Local\Broadcom [2013/11/03 11:46:41 | 000,000,000 | ---D | C] -- C:\Users\xagersfeld\Documents\Bluetooth Exchange Folder [2013/11/03 11:44:11 | 000,000,000 | ---D | C] -- C:\Program Files\WIDCOMM [2013/11/03 11:39:16 | 000,000,000 | ---D | C] -- C:\ProgramData\Dell [2013/11/03 11:39:14 | 000,000,000 | ---D | C] -- C:\Program Files\Dell [2013/11/03 11:38:18 | 000,000,000 | ---D | C] -- C:\ProgramData\Uninstall [2013/11/03 11:38:06 | 000,000,000 | ---D | C] -- C:\ProgramData\Sonic [2013/11/03 11:38:02 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Roxio [2013/11/03 11:38:01 | 000,056,208 | ---- | C] (Rovi Corporation) -- C:\Windows\SysNative\drivers\PxHlpa64.sys [2013/11/03 11:38:00 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Sonic Shared [2013/11/03 11:38:00 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Roxio Shared [2013/11/03 11:38:00 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\PX Storage Engine [2013/11/03 11:37:59 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Roxio [2013/11/03 11:37:59 | 000,000,000 | ---D | C] -- C:\ProgramData\Macrovision [2013/11/03 11:37:51 | 000,000,000 | ---D | C] -- C:\Users\xagersfeld\AppData\Roaming\Roxio Log Files [2013/11/03 11:34:26 | 000,000,000 | ---D | C] -- C:\Program Files\DIFX [2013/11/03 11:34:14 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Fingerprint Sensor [2013/11/03 11:33:58 | 000,000,000 | ---D | C] -- C:\Windows\Downloaded Installations [2013/11/03 11:30:19 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\InstallShield [2013/11/03 11:21:37 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Unknown Device Identifier 8.01 [2013/11/03 11:21:37 | 000,000,000 | ---D | C] -- C:\Program Files\Unknown Device Identifier [2013/11/03 11:07:08 | 000,000,000 | R--D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Intel PROSet Wireless [2013/11/03 11:07:05 | 000,000,000 | ---D | C] -- C:\Program Files\Intel [2013/11/03 11:01:30 | 000,000,000 | ---D | C] -- C:\ProgramData\SnugTV [2013/11/03 11:01:21 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SnugTV [2013/11/03 11:01:20 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\SnugTV [2013/11/03 11:01:20 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\SnugTV [2013/11/03 11:01:11 | 000,000,000 | ---D | C] -- C:\ProgramData\AVer MediaCenter [2013/11/03 11:01:04 | 000,000,000 | ---D | C] -- C:\Users\xagersfeld\AppData\Local\AVerMedia [2013/11/03 11:00:58 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVerMedia [2013/11/03 11:00:49 | 000,102,400 | ---- | C] (AVerMedia Technologies, Inc.) -- C:\Windows\SysWow64\CardID.dll [2013/11/03 11:00:40 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\AVerMedia [2013/11/03 11:00:24 | 000,677,376 | ---- | C] (AVerMedia TECHNOLOGIES, Inc.) -- C:\Windows\SysNative\AVerGraphAPI.dll [2013/11/03 11:00:24 | 000,250,368 | ---- | C] (AVerMedia TECHNOLOGIES, Inc.) -- C:\Windows\SysNative\AVerColorAPI.dll [2013/11/03 11:00:22 | 000,000,000 | ---D | C] -- C:\ProgramData\AVerMedia [2013/11/03 11:00:15 | 000,000,000 | ---D | C] -- C:\Windows\Driver Cache [2013/11/03 11:00:13 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\AVerMedia [2013/11/03 10:58:52 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft SQL Server Compact Edition [2013/11/03 10:46:57 | 000,000,000 | ---D | C] -- C:\Users\xagersfeld\AppData\Roaming\WinRAR [2013/11/03 10:43:48 | 000,000,000 | ---D | C] -- C:\Users\xagersfeld\AppData\Roaming\ATI [2013/11/03 10:43:48 | 000,000,000 | ---D | C] -- C:\Users\xagersfeld\AppData\Local\ATI [2013/11/03 10:43:48 | 000,000,000 | ---D | C] -- C:\ProgramData\ATI [2013/11/03 10:43:42 | 000,000,000 | ---D | C] -- C:\ProgramData\AMD [2013/11/03 10:43:40 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\AMD AVT [2013/11/03 10:43:37 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\AMD APP [2013/11/03 10:43:32 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\ATI Technologies [2013/11/03 10:43:32 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\ATI Technologies [2013/11/03 10:43:24 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Catalyst Pro Control Center [2013/11/03 10:40:39 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\ATI Technologies [2013/11/03 10:40:25 | 000,000,000 | ---D | C] -- C:\Program Files\ATI Technologies [2013/11/03 10:40:21 | 000,000,000 | ---D | C] -- C:\Program Files\ATI [2013/11/03 10:39:39 | 000,000,000 | ---D | C] -- C:\AMD [2013/11/03 03:17:14 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\Wat [2013/11/03 03:17:14 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\Wat [2013/11/03 00:44:29 | 000,000,000 | R-SD | C] -- C:\Windows\Fonts\Fonts [2013/11/03 00:30:06 | 000,000,000 | ---D | C] -- C:\Users\xagersfeld\Documents\Wondershare PDF to Word [2013/11/03 00:30:06 | 000,000,000 | ---D | C] -- C:\Users\xagersfeld\Documents\WinMPQ Folder [2013/11/03 00:30:01 | 000,000,000 | ---D | C] -- C:\Users\xagersfeld\Documents\Visual Studio 2010 [2013/11/03 00:30:01 | 000,000,000 | ---D | C] -- C:\Users\xagersfeld\Documents\Visual Studio 2008 [2013/11/03 00:29:21 | 000,000,000 | ---D | C] -- C:\Users\xagersfeld\Documents\Video Converter [2013/11/03 00:29:21 | 000,000,000 | ---D | C] -- C:\Users\xagersfeld\Documents\Vegas Movie Studio PE 9.0 Projects [2013/11/03 00:27:20 | 000,000,000 | ---D | C] -- C:\Users\xagersfeld\Documents\Support Destruction Episodes 6-9_data [2013/11/03 00:27:20 | 000,000,000 | ---D | C] -- C:\Users\xagersfeld\Documents\StarCraft II.temp [2013/11/03 00:27:06 | 000,000,000 | ---D | C] -- C:\Users\xagersfeld\Documents\StarCraft II [2013/11/03 00:27:05 | 000,000,000 | ---D | C] -- C:\Users\xagersfeld\Documents\Screenwriter Documents [2013/11/03 00:25:46 | 000,000,000 | ---D | C] -- C:\Users\xagersfeld\Documents\Attachments_201355(1) [2013/11/03 00:25:46 | 000,000,000 | ---D | C] -- C:\Users\xagersfeld\Documents\Attachments_201355 [2013/11/03 00:25:46 | 000,000,000 | ---D | C] -- C:\Users\xagersfeld\Documents\Attachments_2013530 [2013/11/03 00:25:46 | 000,000,000 | ---D | C] -- C:\Users\xagersfeld\Documents\Attachments_201341 [2013/11/03 00:25:46 | 000,000,000 | ---D | C] -- C:\Users\xagersfeld\Documents\Attachments_2012_10_29(1) [2013/11/03 00:25:46 | 000,000,000 | ---D | C] -- C:\Users\xagersfeld\Documents\Attachments_2012_10_29 [2013/11/03 00:25:45 | 000,000,000 | ---D | C] -- C:\Users\xagersfeld\Documents\Attachments_2012_05_26(1) [2013/11/03 00:25:45 | 000,000,000 | ---D | C] -- C:\Users\xagersfeld\Documents\Attachments_2012_05_26 [2013/11/03 00:25:45 | 000,000,000 | ---D | C] -- C:\Users\xagersfeld\Documents\attachments_2012_01_13 [2013/11/03 00:25:45 | 000,000,000 | ---D | C] -- C:\Users\xagersfeld\Documents\attachments_2011_10_20 [2013/11/03 00:25:45 | 000,000,000 | ---D | C] -- C:\Users\xagersfeld\Documents\attachments_2011_10_01(1) [2013/11/03 00:25:45 | 000,000,000 | ---D | C] -- C:\Users\xagersfeld\Documents\attachments_2011_09_07 [2013/11/03 00:25:45 | 000,000,000 | ---D | C] -- C:\Users\xagersfeld\Documents\attachments_2011_06_24 [2013/11/03 00:25:45 | 000,000,000 | ---D | C] -- C:\Users\xagersfeld\Documents\attachments_2011_05_23 [2013/11/03 00:25:45 | 000,000,000 | ---D | C] -- C:\Users\xagersfeld\Documents\attachments_2011_05_10 [2013/11/03 00:25:44 | 000,000,000 | ---D | C] -- C:\Users\xagersfeld\Documents\attachments_2011_05_06 [2013/11/03 00:25:44 | 000,000,000 | ---D | C] -- C:\Users\xagersfeld\Documents\attachments_2011_01_09(2) [2013/11/03 00:25:44 | 000,000,000 | ---D | C] -- C:\Users\xagersfeld\Documents\attachments_2011_01_07 [2013/11/03 00:25:44 | 000,000,000 | ---D | C] -- C:\Users\xagersfeld\Documents\attachments_2010_11_21 [2013/11/03 00:25:44 | 000,000,000 | ---D | C] -- C:\Users\xagersfeld\Documents\attachments_2010_08_31 [2013/11/03 00:25:43 | 000,000,000 | ---D | C] -- C:\Users\xagersfeld\Documents\attachments_2010_03_24 [2013/11/03 00:25:43 | 000,000,000 | ---D | C] -- C:\Users\xagersfeld\Documents\attachments_2010_03_23 [2013/11/03 00:24:55 | 000,000,000 | ---D | C] -- C:\Users\xagersfeld\Documents\School [2013/11/03 00:24:55 | 000,000,000 | ---D | C] -- C:\Users\xagersfeld\Documents\Sax's File [2013/11/03 00:24:50 | 000,000,000 | ---D | C] -- C:\Users\xagersfeld\Documents\Pathfinder PDF's [2013/11/03 00:24:47 | 000,000,000 | ---D | C] -- C:\Users\xagersfeld\Documents\Pathfinder [2013/11/03 00:24:45 | 000,000,000 | ---D | C] -- C:\Users\xagersfeld\Documents\Notes_data [2013/11/03 00:24:40 | 000,000,000 | --SD | C] -- C:\Users\xagersfeld\Documents\My Web Sites [2013/11/03 00:24:40 | 000,000,000 | ---D | C] -- C:\Users\xagersfeld\Documents\My Streaming Media [2013/11/03 00:24:39 | 000,000,000 | ---D | C] -- C:\Users\xagersfeld\Documents\My Games [2013/11/03 00:24:39 | 000,000,000 | ---D | C] -- C:\Users\xagersfeld\Documents\mpqeditor [2013/11/03 00:24:38 | 000,000,000 | ---D | C] -- C:\Users\xagersfeld\Documents\Epic Tie [2013/11/03 00:24:38 | 000,000,000 | ---D | C] -- C:\Users\xagersfeld\Documents\Dungeons and Dragons Online [2013/11/03 00:24:31 | 000,000,000 | ---D | C] -- C:\Users\xagersfeld\Documents\Dark Sun Campagn Creation [2013/11/03 00:24:31 | 000,000,000 | ---D | C] -- C:\Users\xagersfeld\Documents\Dark Sun [2013/11/03 00:24:31 | 000,000,000 | ---D | C] -- C:\Users\xagersfeld\Documents\12-29-2012 [2013/11/03 00:24:30 | 000,000,000 | ---D | C] -- C:\Users\xagersfeld\Documents\1.0.6.0 [2013/11/03 00:24:30 | 000,000,000 | ---D | C] -- C:\Users\xagersfeld\Documents\09-28-2012 [2013/11/03 00:24:30 | 000,000,000 | ---D | C] -- C:\Users\xagersfeld\Documents\07-08-2012 [2013/11/03 00:24:30 | 000,000,000 | ---D | C] -- C:\Users\xagersfeld\Documents\05-07-2012 [2013/11/03 00:24:30 | 000,000,000 | ---D | C] -- C:\Users\xagersfeld\Documents\03-30-2013 [2013/11/03 00:24:30 | 000,000,000 | ---D | C] -- C:\Users\xagersfeld\Documents\01-09-2013 [2013/11/02 22:53:17 | 000,000,000 | ---D | C] -- C:\Users\xagersfeld\Documents\Geek Factory Labs [2013/11/02 22:49:10 | 000,000,000 | ---D | C] -- C:\Windows\Panther [2013/11/02 22:38:39 | 000,000,000 | ---D | C] -- C:\Users\xagersfeld\Desktop\Writer's Block Stuff [2013/11/02 22:34:54 | 000,000,000 | ---D | C] -- C:\Users\xagersfeld\AppData\Roaming\RealNetworks [2013/11/02 22:34:34 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\RealNetworks [2013/11/02 22:34:32 | 000,000,000 | ---D | C] -- C:\ProgramData\RealNetworks [2013/11/02 22:34:22 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\xing shared [2013/11/02 22:34:15 | 000,272,896 | ---- | C] (Progressive Networks) -- C:\Windows\SysWow64\pncrt.dll [2013/11/02 22:34:15 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\RealNetworks [2013/11/02 22:33:58 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Real [2013/11/02 22:33:49 | 000,000,000 | ---D | C] -- C:\Users\xagersfeld\AppData\Roaming\Real [2013/11/02 22:33:14 | 000,000,000 | ---D | C] -- C:\ProgramData\Real [2013/11/02 22:33:03 | 000,000,000 | ---D | C] -- C:\Users\xagersfeld\AppData\Roaming\vlc [2013/11/02 22:32:13 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VideoLAN [2013/11/02 22:32:08 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\VideoLAN [2013/11/02 22:30:08 | 000,000,000 | ---D | C] -- C:\Users\xagersfeld\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR [2013/11/02 22:30:08 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinRAR [2013/11/02 22:30:07 | 000,000,000 | ---D | C] -- C:\Program Files\WinRAR [2013/11/02 22:25:40 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Spybot - Search & Destroy 2 [2013/11/02 22:25:37 | 000,021,040 | ---- | C] (Safer Networking Limited) -- C:\Windows\SysNative\sdnclean64.exe [2013/11/02 22:25:36 | 000,000,000 | ---D | C] -- C:\ProgramData\Spybot - Search & Destroy [2013/11/02 22:25:32 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Spybot - Search & Destroy 2 [2013/11/02 22:24:02 | 000,000,000 | -HSD | C] -- C:\Windows\Installer [2013/11/02 22:23:13 | 000,000,000 | ---D | C] -- C:\Users\xagersfeld\AppData\Roaming\Malwarebytes [2013/11/02 22:23:10 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes' Anti-Malware [2013/11/02 22:23:10 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes [2013/11/02 22:23:09 | 000,025,928 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\mbam.sys [2013/11/02 22:23:09 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Malwarebytes' Anti-Malware [2013/11/02 22:22:49 | 000,000,000 | ---D | C] -- C:\Users\xagersfeld\AppData\Local\Programs [2013/11/02 22:21:18 | 000,000,000 | ---D | C] -- C:\Users\xagersfeld\AppData\Roaming\Macromedia [2013/11/02 22:21:18 | 000,000,000 | ---D | C] -- C:\Users\xagersfeld\AppData\Local\Macromedia [2013/11/02 22:19:42 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome [2013/11/02 22:19:14 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Google [2013/11/02 22:19:09 | 000,000,000 | ---D | C] -- C:\Users\xagersfeld\AppData\Local\Google [2013/11/02 22:19:05 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\Macromed [2013/11/02 22:18:57 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\Macromed [2013/11/02 22:18:29 | 000,000,000 | ---D | C] -- C:\Users\xagersfeld\AppData\Local\Adobe [2013/11/02 22:17:03 | 000,000,000 | ---D | C] -- C:\Users\xagersfeld\AppData\Roaming\Mozilla [2013/11/02 22:17:03 | 000,000,000 | ---D | C] -- C:\Users\xagersfeld\AppData\Local\Mozilla [2013/11/02 22:16:53 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Mozilla Maintenance Service [2013/11/02 22:16:53 | 000,000,000 | ---D | C] -- C:\ProgramData\Mozilla [2013/11/02 22:10:55 | 000,000,000 | ---D | C] -- C:\Users\xagersfeld\AppData\Roaming\Adobe [2013/11/02 21:58:17 | 000,000,000 | R--D | C] -- C:\Users\xagersfeld\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup [2013/11/02 21:58:17 | 000,000,000 | R--D | C] -- C:\Users\xagersfeld\Searches [2013/11/02 21:58:17 | 000,000,000 | R--D | C] -- C:\Users\xagersfeld\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools [2013/11/02 21:58:16 | 000,000,000 | -H-D | C] -- C:\Users\xagersfeld\Application Data\Microsoft\Internet Explorer\Quick Launch\User Pinned [2013/11/02 21:58:00 | 000,000,000 | ---D | C] -- C:\Users\xagersfeld\AppData\Roaming\Identities [2013/11/02 21:57:47 | 000,000,000 | R--D | C] -- C:\Users\xagersfeld\Contacts [2013/11/02 21:57:45 | 000,000,000 | ---D | C] -- C:\Users\xagersfeld\AppData\Local\VirtualStore [2013/11/02 21:57:33 | 000,000,000 | --SD | C] -- C:\Users\xagersfeld\AppData\Roaming\Microsoft [2013/11/02 21:57:33 | 000,000,000 | R--D | C] -- C:\Users\xagersfeld\Videos [2013/11/02 21:57:33 | 000,000,000 | R--D | C] -- C:\Users\xagersfeld\Saved Games [2013/11/02 21:57:33 | 000,000,000 | R--D | C] -- C:\Users\xagersfeld\Pictures [2013/11/02 21:57:33 | 000,000,000 | R--D | C] -- C:\Users\xagersfeld\Music [2013/11/02 21:57:33 | 000,000,000 | R--D | C] -- C:\Users\xagersfeld\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance [2013/11/02 21:57:33 | 000,000,000 | R--D | C] -- C:\Users\xagersfeld\Links [2013/11/02 21:57:33 | 000,000,000 | R--D | C] -- C:\Users\xagersfeld\Favorites [2013/11/02 21:57:33 | 000,000,000 | R--D | C] -- C:\Users\xagersfeld\Downloads [2013/11/02 21:57:33 | 000,000,000 | R--D | C] -- C:\Users\xagersfeld\Documents [2013/11/02 21:57:33 | 000,000,000 | R--D | C] -- C:\Users\xagersfeld\Desktop [2013/11/02 21:57:33 | 000,000,000 | R--D | C] -- C:\Users\xagersfeld\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories [2013/11/02 21:57:33 | 000,000,000 | -HSD | C] -- C:\Users\xagersfeld\AppData\Local\Temporary Internet Files [2013/11/02 21:57:33 | 000,000,000 | -HSD | C] -- C:\Users\xagersfeld\Templates [2013/11/02 21:57:33 | 000,000,000 | -HSD | C] -- C:\Users\xagersfeld\Start Menu [2013/11/02 21:57:33 | 000,000,000 | -HSD | C] -- C:\Users\xagersfeld\SendTo [2013/11/02 21:57:33 | 000,000,000 | -HSD | C] -- C:\Users\xagersfeld\Recent [2013/11/02 21:57:33 | 000,000,000 | -HSD | C] -- C:\Users\xagersfeld\PrintHood [2013/11/02 21:57:33 | 000,000,000 | -HSD | C] -- C:\Users\xagersfeld\NetHood [2013/11/02 21:57:33 | 000,000,000 | -HSD | C] -- C:\Users\xagersfeld\Documents\My Videos [2013/11/02 21:57:33 | 000,000,000 | -HSD | C] -- C:\Users\xagersfeld\Documents\My Pictures [2013/11/02 21:57:33 | 000,000,000 | -HSD | C] -- C:\Users\xagersfeld\Documents\My Music [2013/11/02 21:57:33 | 000,000,000 | -HSD | C] -- C:\Users\xagersfeld\My Documents [2013/11/02 21:57:33 | 000,000,000 | -HSD | C] -- C:\Users\xagersfeld\Local Settings [2013/11/02 21:57:33 | 000,000,000 | -HSD | C] -- C:\Users\xagersfeld\AppData\Local\History [2013/11/02 21:57:33 | 000,000,000 | -HSD | C] -- C:\Users\xagersfeld\Cookies [2013/11/02 21:57:33 | 000,000,000 | -HSD | C] -- C:\Users\xagersfeld\Application Data [2013/11/02 21:57:33 | 000,000,000 | -HSD | C] -- C:\Users\xagersfeld\AppData\Local\Application Data [2013/11/02 21:57:33 | 000,000,000 | -H-D | C] -- C:\Users\xagersfeld\AppData [2013/11/02 21:57:33 | 000,000,000 | ---D | C] -- C:\Users\xagersfeld\AppData\Local\Temp [2013/11/02 21:57:33 | 000,000,000 | ---D | C] -- C:\Users\xagersfeld\AppData\Local\Microsoft [2013/11/02 21:57:33 | 000,000,000 | ---D | C] -- C:\Users\xagersfeld\AppData\Roaming\Media Center Programs [2013/11/02 21:57:21 | 000,000,000 | ---D | C] -- C:\Recovery [2013/11/02 21:52:31 | 000,000,000 | ---D | C] -- C:\Windows\SoftwareDistribution [2013/11/02 21:50:22 | 000,000,000 | ---D | C] -- C:\Windows\Prefetch [2013/11/02 21:49:37 | 000,000,000 | -HSD | C] -- C:\System Volume Information [2013/11/02 21:29:12 | 000,172,032 | ---- | C] (Ricoh Company,Ltd) -- C:\Windows\SysNative\rixdicon.dll [2013/11/02 21:29:12 | 000,067,584 | ---- | C] (REDC) -- C:\Windows\SysNative\drivers\rimmpx64.sys [2013/11/02 21:29:12 | 000,057,856 | ---- | C] (REDC) -- C:\Windows\SysNative\drivers\rixdpx64.sys [2013/11/02 21:29:12 | 000,055,296 | ---- | C] (REDC) -- C:\Windows\SysNative\drivers\rimspx64.sys [2013/11/02 21:29:10 | 000,000,000 | -H-D | C] -- C:\Program Files (x86)\InstallShield Installation Information [2013/11/02 21:28:53 | 000,000,000 | ---D | C] -- C:\dell [2013/11/02 21:26:52 | 000,000,000 | ---D | C] -- C:\Users\xagersfeld\AppData\Local\ElevatedDiagnostics ========== Files - Modified Within 30 Days ========== [2013/11/17 10:24:02 | 000,000,906 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job [2013/11/17 10:22:03 | 000,000,830 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job [2013/11/17 10:17:51 | 000,022,096 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0 [2013/11/17 10:17:51 | 000,022,096 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0 [2013/11/17 10:12:02 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\xagersfeld\Desktop\OTL.exe [2013/11/17 10:09:15 | 000,000,294 | ---- | M] () -- C:\Windows\tasks\Driver Booster Update.job [2013/11/17 10:09:07 | 000,000,902 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job [2013/11/17 10:07:52 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat [2013/11/17 10:07:30 | 3193,614,336 | -HS- | M] () -- C:\hiberfil.sys [2013/11/17 10:06:32 | 000,000,000 | ---- | M] () -- C:\asc_rdflag [2013/11/17 09:14:40 | 001,085,542 | ---- | M] () -- C:\Users\xagersfeld\Desktop\AdwCleaner.exe [2013/11/17 08:24:55 | 001,034,531 | ---- | M] (Thisisu) -- C:\Users\xagersfeld\Desktop\JRT.exe [2013/11/16 13:24:41 | 000,688,992 | R--- | M] (Swearware) -- C:\Users\xagersfeld\Desktop\dds.com [2013/11/16 00:17:26 | 000,739,790 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI [2013/11/16 00:17:26 | 000,632,946 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat [2013/11/16 00:17:26 | 000,110,548 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat [2013/11/15 00:31:12 | 000,208,216 | ---- | M] (Kaspersky Lab, GERT) -- C:\Windows\SysNative\drivers\67224765.sys [2013/11/14 18:27:07 | 000,116,440 | ---- | M] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\MBAMSwissArmy.sys [2013/11/13 01:00:12 | 000,091,352 | ---- | M] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\mbamchameleon.sys [2013/11/12 00:04:48 | 000,000,027 | ---- | M] () -- C:\Windows\SysNative\drivers\etc\hosts [2013/11/08 19:18:14 | 031,605,900 | ---- | M] () -- C:\Users\xagersfeld\Documents\Attitude-199.pdf [2013/11/08 15:44:42 | 000,000,000 | -H-- | M] () -- C:\Windows\SysNative\drivers\Msft_User_WpdFs_01_09_00.Wdf [2013/11/07 03:21:46 | 007,834,792 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT [2013/11/06 01:19:39 | 000,001,116 | ---- | M] () -- C:\Users\xagersfeld\Application Data\Microsoft\Internet Explorer\Quick Launch\Dll-Files Fixer.lnk [2013/11/05 16:54:38 | 000,000,408 | ---- | M] () -- C:\Windows\SIERRA.INI [2013/11/05 15:51:20 | 000,000,287 | ---- | M] () -- C:\Windows\EReg072.dat [2013/11/05 15:07:34 | 002,477,056 | ---- | M] (FreeImage) -- C:\Windows\SysWow64\freeimage.dll [2013/11/05 01:06:34 | 000,001,024 | ---- | M] () -- C:\Users\xagersfeld\Application Data\Microsoft\Internet Explorer\Quick Launch\GameSpy Arcade.lnk [2013/11/04 19:46:33 | 000,052,736 | ---- | M] (Interplay Productions) -- C:\Windows\ipuninst.exe [2013/11/04 17:45:24 | 000,060,154 | ---- | M] () -- C:\Windows\War3Unin.dat [2013/11/04 17:45:18 | 000,139,264 | ---- | M] (Blizzard Entertainment) -- C:\Windows\War3Unin.exe [2013/11/04 17:45:18 | 000,002,829 | ---- | M] () -- C:\Windows\War3Unin.pif [2013/11/04 16:45:57 | 000,000,003 | ---- | M] () -- C:\Windows\SysNative\drivers\MsftWdf_Kernel_01011_Inbox_Critical.Wdf [2013/11/04 16:44:12 | 000,098,304 | ---- | M] (Blizzard Entertainment) -- C:\Windows\W2BNEUnin.exe [2013/11/04 16:44:12 | 000,021,762 | ---- | M] () -- C:\Windows\W2BNEUnin.dat [2013/11/04 16:44:12 | 000,002,829 | ---- | M] () -- C:\Windows\W2BNEUnin.pif [2013/11/04 16:40:29 | 000,038,215 | ---- | M] () -- C:\Windows\scunin.dat [2013/11/04 16:40:28 | 000,094,208 | ---- | M] (Blizzard Entertainment) -- C:\Windows\ScUnin.exe [2013/11/04 16:40:28 | 000,000,967 | ---- | M] () -- C:\Windows\ScUnin.pif [2013/11/04 10:21:50 | 000,178,800 | ---- | M] (Sony DADC Austria AG.) -- C:\Windows\SysWow64\CmdLineExt_x64.dll [2013/11/04 10:16:58 | 000,310,728 | ---- | M] () -- C:\Windows\SysNative\drivers\atksgt.sys [2013/11/04 10:16:57 | 000,042,696 | ---- | M] () -- C:\Windows\SysNative\drivers\lirsgt.sys [2013/11/03 22:43:08 | 000,001,129 | ---- | M] () -- C:\Windows\PowerReg.dat [2013/11/03 22:14:34 | 000,001,024 | RH-- | M] () -- C:\Windows\SysWow64\NTIBUN4.dll [2013/11/03 22:13:31 | 000,001,024 | RH-- | M] () -- C:\Users\Public\Documents\NTICDMK7.dll [2013/11/03 22:11:57 | 000,001,024 | RH-- | M] () -- C:\Windows\SysWow64\NTICDMK7.dll [2013/11/03 22:11:02 | 000,001,024 | RH-- | M] () -- C:\Windows\SysWow64\NTIMPEG2.dll [2013/11/03 22:11:02 | 000,001,024 | RH-- | M] () -- C:\Windows\SysWow64\NTIMP3.dll [2013/11/03 22:11:02 | 000,001,024 | RH-- | M] () -- C:\Windows\SysWow64\NTIFCD3.dll [2013/11/03 20:59:32 | 000,002,604 | ---- | M] () -- C:\Users\xagersfeld\Documents\Register Vegas Pro.htm [2013/11/03 16:49:51 | 000,000,000 | -H-- | M] () -- C:\Windows\SysNative\drivers\Msft_Kernel_ATSwpWDF_01009.Wdf [2013/11/03 15:15:22 | 000,000,098 | ---- | M] () -- C:\Users\xagersfeld\AppData\Local\fusioncache.dat [2013/11/03 15:12:22 | 000,743,594 | ---- | M] () -- C:\Windows\SysWow64\PerfStringBackup.INI [2013/11/03 13:03:40 | 000,002,303 | ---- | M] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\TP-LINK Wireless Configuration Utility.lnk [2013/11/03 11:34:26 | 000,000,000 | -H-- | M] () -- C:\Windows\SysNative\drivers\Msft_Kernel_ATSwpWDF_01007.Wdf [2013/11/03 11:07:59 | 000,000,000 | -H-- | M] () -- C:\Windows\SysNative\drivers\Msft_Kernel_bpusb_01007.Wdf [2013/11/03 11:07:35 | 000,000,000 | -H-- | M] () -- C:\Windows\SysNative\drivers\Msft_Kernel_bpenum_01007.Wdf [2013/11/02 22:34:15 | 000,272,896 | ---- | M] (Progressive Networks) -- C:\Windows\SysWow64\pncrt.dll [2013/11/02 22:23:10 | 000,001,137 | ---- | M] () -- C:\Users\xagersfeld\Application Data\Microsoft\Internet Explorer\Quick Launch\Malwarebytes Anti-Malware.lnk [2013/11/02 22:05:39 | 000,025,185 | ---- | M] () -- C:\Windows\SysWow64\ieuinit.inf [2013/11/02 22:05:39 | 000,025,185 | ---- | M] () -- C:\Windows\SysNative\ieuinit.inf [2013/11/02 21:59:08 | 000,001,441 | ---- | M] () -- C:\Users\xagersfeld\Application Data\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk [2013/11/02 21:53:12 | 000,122,093 | ---- | M] () -- C:\Windows\SysWow64\license.rtf [2013/11/02 21:53:12 | 000,122,093 | ---- | M] () -- C:\Windows\SysNative\license.rtf [2013/11/02 21:51:46 | 000,000,000 | ---- | M] () -- C:\Windows\ativpsrm.bin [2013/11/02 21:46:37 | 000,002,283 | ---- | M] () -- C:\Users\xagersfeld\Application Data\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk [2013/10/31 02:26:26 | 000,397,312 | ---- | M] (Koyote-Lab Inc) -- C:\Windows\SysWow64\TubeFinder.exe ========== Files Created - No Company Name ========== [2013/11/17 10:06:32 | 000,000,000 | ---- | C] () -- C:\asc_rdflag [2013/11/17 09:14:33 | 001,085,542 | ---- | C] () -- C:\Users\xagersfeld\Desktop\AdwCleaner.exe [2013/11/11 23:42:45 | 000,256,000 | ---- | C] () -- C:\Windows\PEV.exe [2013/11/11 23:42:45 | 000,208,896 | ---- | C] () -- C:\Windows\MBR.exe [2013/11/11 23:42:45 | 000,098,816 | ---- | C] () -- C:\Windows\sed.exe [2013/11/11 23:42:45 | 000,080,412 | ---- | C] () -- C:\Windows\grep.exe [2013/11/11 23:42:45 | 000,068,096 | ---- | C] () -- C:\Windows\zip.exe [2013/11/08 19:17:31 | 031,605,900 | ---- | C] () -- C:\Users\xagersfeld\Documents\Attitude-199.pdf [2013/11/08 15:44:42 | 000,000,000 | -H-- | C] () -- C:\Windows\SysNative\drivers\Msft_User_WpdFs_01_09_00.Wdf [2013/11/06 14:58:27 | 000,256,088 | ---- | C] () -- C:\Windows\SysNative\unrar64.dll [2013/11/06 14:58:27 | 000,217,176 | ---- | C] () -- C:\Windows\SysWow64\unrar.dll [2013/11/05 19:29:34 | 000,000,854 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Torchlight II.lnk [2013/11/05 17:57:23 | 000,002,465 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Acrobat Distiller X.lnk [2013/11/05 17:57:23 | 000,002,453 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Acrobat X Pro.lnk [2013/11/05 17:52:33 | 000,001,097 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Widget Browser.lnk [2013/11/05 17:47:00 | 000,000,997 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Help.lnk [2013/11/05 16:52:52 | 000,000,408 | ---- | C] () -- C:\Windows\SIERRA.INI [2013/11/05 15:51:20 | 000,000,287 | ---- | C] () -- C:\Windows\EReg072.dat [2013/11/05 15:06:48 | 000,001,116 | ---- | C] () -- C:\Users\xagersfeld\Application Data\Microsoft\Internet Explorer\Quick Launch\Dll-Files Fixer.lnk [2013/11/05 01:06:34 | 000,001,024 | ---- | C] () -- C:\Users\xagersfeld\Application Data\Microsoft\Internet Explorer\Quick Launch\GameSpy Arcade.lnk [2013/11/04 23:16:57 | 000,017,720 | ---- | C] () -- C:\Windows\SysNative\drivers\SmartDefragDriver.sys [2013/11/04 23:16:40 | 000,000,294 | ---- | C] () -- C:\Windows\tasks\Driver Booster Update.job [2013/11/04 16:52:21 | 000,060,154 | ---- | C] () -- C:\Windows\War3Unin.dat [2013/11/04 16:52:20 | 000,002,829 | ---- | C] () -- C:\Windows\War3Unin.pif [2013/11/04 16:45:57 | 000,000,003 | ---- | C] () -- C:\Windows\SysNative\drivers\MsftWdf_Kernel_01011_Inbox_Critical.Wdf [2013/11/04 16:44:12 | 000,021,762 | ---- | C] () -- C:\Windows\W2BNEUnin.dat [2013/11/04 16:44:12 | 000,002,829 | ---- | C] () -- C:\Windows\W2BNEUnin.pif [2013/11/04 16:32:14 | 000,038,215 | ---- | C] () -- C:\Windows\scunin.dat [2013/11/04 16:32:14 | 000,000,967 | ---- | C] () -- C:\Windows\ScUnin.pif [2013/11/04 13:45:51 | 000,002,519 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Apple Software Update.lnk [2013/11/04 10:16:58 | 000,310,728 | ---- | C] () -- C:\Windows\SysNative\drivers\atksgt.sys [2013/11/04 10:16:57 | 000,042,696 | ---- | C] () -- C:\Windows\SysNative\drivers\lirsgt.sys [2013/11/04 09:30:08 | 000,002,159 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Movie Magic Screenwriter 6.lnk [2013/11/04 09:06:52 | 000,002,093 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iLok License Manager.lnk [2013/11/03 22:39:41 | 000,001,129 | ---- | C] () -- C:\Windows\PowerReg.dat [2013/11/03 22:14:34 | 000,001,024 | RH-- | C] () -- C:\Windows\SysWow64\NTIBUN4.dll [2013/11/03 22:14:20 | 002,819,584 | ---- | C] () -- C:\Windows\SysWow64\LS_HSI.msi [2013/11/03 22:13:31 | 000,001,024 | RH-- | C] () -- C:\Users\Public\Documents\NTICDMK7.dll [2013/11/03 22:11:57 | 000,001,024 | RH-- | C] () -- C:\Windows\SysWow64\NTICDMK7.dll [2013/11/03 22:11:02 | 000,001,024 | RH-- | C] () -- C:\Windows\SysWow64\NTIMPEG2.dll [2013/11/03 22:11:02 | 000,001,024 | RH-- | C] () -- C:\Windows\SysWow64\NTIMP3.dll [2013/11/03 22:11:02 | 000,001,024 | RH-- | C] () -- C:\Windows\SysWow64\NTIFCD3.dll [2013/11/03 20:01:23 | 000,002,441 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader XI.lnk [2013/11/03 16:49:51 | 000,000,000 | -H-- | C] () -- C:\Windows\SysNative\drivers\Msft_Kernel_ATSwpWDF_01009.Wdf [2013/11/03 16:47:30 | 020,462,912 | ---- | C] () -- C:\Windows\SysNative\TrueSuiteCoInst02020000.dll [2013/11/03 15:15:22 | 000,000,098 | ---- | C] () -- C:\Users\xagersfeld\AppData\Local\fusioncache.dat [2013/11/03 15:11:29 | 000,743,594 | ---- | C] () -- C:\Windows\SysWow64\PerfStringBackup.INI [2013/11/03 14:20:07 | 000,001,188 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Paint.NET.lnk [2013/11/03 13:36:20 | 000,001,179 | ---- | C] () -- C:\Users\xagersfeld\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Free FLV Converter.lnk [2013/11/03 13:34:47 | 000,364,544 | ---- | C] () -- C:\Windows\SysWow64\PropertyGrid.ocx [2013/11/03 13:34:47 | 000,208,500 | ---- | C] () -- C:\Windows\SysWow64\ReyXpBasics.tlb [2013/11/03 13:34:46 | 000,024,576 | ---- | C] () -- C:\Windows\SysWow64\ControlSubX.ocx [2013/11/03 13:19:37 | 000,000,959 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Audacity.lnk [2013/11/03 13:03:40 | 000,002,303 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\TP-LINK Wireless Configuration Utility.lnk [2013/11/03 13:01:25 | 000,185,440 | ---- | C] () -- C:\Windows\SysNative\netr28ux.inf [2013/11/03 13:01:25 | 000,014,181 | ---- | C] () -- C:\Windows\SysNative\RaCoInst.dat [2013/11/03 13:01:25 | 000,008,314 | ---- | C] () -- C:\Windows\SysNative\netr28ux.cat [2013/11/03 11:34:26 | 000,000,000 | -H-- | C] () -- C:\Windows\SysNative\drivers\Msft_Kernel_ATSwpWDF_01007.Wdf [2013/11/03 11:07:59 | 000,000,000 | -H-- | C] () -- C:\Windows\SysNative\drivers\Msft_Kernel_bpusb_01007.Wdf [2013/11/03 11:07:35 | 000,000,000 | -H-- | C] () -- C:\Windows\SysNative\drivers\Msft_Kernel_bpenum_01007.Wdf [2013/11/03 11:00:49 | 000,606,208 | ---- | C] () -- C:\Windows\SysWow64\sptlib21.dll [2013/11/03 11:00:49 | 000,311,296 | ---- | C] () -- C:\Windows\SysWow64\sptlib01.dll [2013/11/03 11:00:49 | 000,294,912 | ---- | C] () -- C:\Windows\SysWow64\sptlib11.dll [2013/11/03 11:00:49 | 000,290,816 | ---- | C] () -- C:\Windows\SysWow64\sptlib22.dll [2013/11/03 11:00:49 | 000,249,856 | ---- | C] () -- C:\Windows\SysWow64\sptlib03.dll [2013/11/03 11:00:49 | 000,225,280 | ---- | C] () -- C:\Windows\SysWow64\sptlib02.dll [2013/11/03 11:00:49 | 000,135,168 | ---- | C] () -- C:\Windows\SysWow64\sptlib12.dll [2013/11/03 11:00:49 | 000,049,152 | ---- | C] () -- C:\Windows\SysWow64\AVerIO.dll [2013/11/03 11:00:49 | 000,003,456 | ---- | C] () -- C:\Windows\SysWow64\AVerIO.sys [2013/11/03 03:01:26 | 000,000,003 | ---- | C] () -- C:\Windows\SysNative\drivers\MsftWdf_User_01_11_00_Inbox_Critical.Wdf [2013/11/03 00:30:13 | 000,329,451 | ---- | C] () -- C:\Users\xagersfeld\Documents\T Mobile Marketing Plan.pdf [2013/11/03 00:30:12 | 000,626,033 | ---- | C] () -- C:\Users\xagersfeld\Documents\photo.php [2013/11/03 00:30:12 | 000,048,608 | ---- | C] () -- C:\Users\xagersfeld\Documents\RLM April May Bank Statement.pdf [2013/11/03 00:30:12 | 000,002,604 | ---- | C] () -- C:\Users\xagersfeld\Documents\Register Vegas Pro.htm [2013/11/03 00:30:11 | 001,066,556 | ---- | C] () -- C:\Users\xagersfeld\Documents\NorGrum eStatement June.pdf [2013/11/03 00:30:11 | 001,066,027 | ---- | C] () -- C:\Users\xagersfeld\Documents\NorGrum eStatement Jul.pdf [2013/11/03 00:30:11 | 000,008,259 | ---- | C] () -- C:\Users\xagersfeld\Documents\Notes.aup [2013/11/03 00:30:10 | 001,066,208 | ---- | C] () -- C:\Users\xagersfeld\Documents\NorGrum eStatement Aug.pdf [2013/11/03 00:30:10 | 000,000,000 | ---- | C] () -- C:\Users\xagersfeld\Documents\NEWSOFT [2013/11/03 00:30:09 | 000,098,972 | ---- | C] () -- C:\Users\xagersfeld\Documents\Magus.pdf [2013/11/03 00:30:08 | 000,433,452 | ---- | C] () -- C:\Users\xagersfeld\Documents\Harry's Bakery.rtf [2013/11/03 00:30:08 | 000,385,024 | ---- | C] () -- C:\Users\xagersfeld\Documents\Database1.accdb [2013/11/03 00:30:08 | 000,002,264 | ---- | C] () -- C:\Users\xagersfeld\Documents\Default.sfvidcap [2013/11/03 00:30:08 | 000,000,192 | ---- | C] () -- C:\Users\xagersfeld\Documents\Data_051911_194015.roxio [2013/11/03 00:30:07 | 000,097,296 | ---- | C] () -- C:\Users\xagersfeld\Documents\Bard.pdf [2013/11/02 22:42:16 | 000,814,799 | ---- | C] () -- C:\Users\xagersfeld\Documents\Zane Gaddis.pdf [2013/11/02 22:42:12 | 000,121,691 | ---- | C] () -- C:\Users\xagersfeld\Documents\Wizard Archetypes [Kenku] -- Arcane Scholar.pdf [2013/11/02 22:42:06 | 000,244,667 | ---- | C] () -- C:\Users\xagersfeld\Documents\TheRT2.pdf [2013/11/02 22:42:05 | 000,055,541 | ---- | C] () -- C:\Users\xagersfeld\Documents\The Burial Ground.rtf [2013/11/02 22:42:04 | 007,424,532 | ---- | C] () -- C:\Users\xagersfeld\Documents\Teach Yourself Electricity and Electronics 4e 2006.pdf [2013/11/02 22:42:01 | 000,148,673 | ---- | C] () -- C:\Users\xagersfeld\Documents\STAGE DORM SHOOT DAY 9 SCHEDULE.pdf [2013/11/02 22:41:59 | 005,428,346 | ---- | C] () -- C:\Users\xagersfeld\Documents\Skull and Shackles Players Guide.pdf [2013/11/02 22:41:48 | 003,673,946 | ---- | C] () -- C:\Users\xagersfeld\Documents\Save_the_Cat_Blake_Snyder.pdf [2013/11/02 22:41:48 | 000,344,064 | ---- | C] () -- C:\Users\xagersfeld\Documents\Sarah.accdb [2013/11/02 22:41:48 | 000,244,890 | ---- | C] () -- C:\Users\xagersfeld\Documents\Rocky VS Rambo FINAL.pdf [2013/11/02 22:41:47 | 000,679,936 | ---- | C] () -- C:\Users\xagersfeld\Documents\Repair Shop.accdb [2013/11/02 22:41:47 | 000,177,350 | ---- | C] () -- C:\Users\xagersfeld\Documents\Recording Schedule 11th March 2012.pdf [2013/11/02 22:41:47 | 000,145,876 | ---- | C] () -- C:\Users\xagersfeld\Documents\REINSTEM.pdf [2013/11/02 22:41:42 | 000,330,721 | ---- | C] () -- C:\Users\xagersfeld\Documents\Property tax bill.pdf [2013/11/02 22:41:42 | 000,263,704 | ---- | C] () -- C:\Users\xagersfeld\Documents\Play N' Wash.pdf [2013/11/02 22:41:40 | 001,138,161 | ---- | C] () -- C:\Users\xagersfeld\Documents\PlanTemp.potx [2013/11/02 22:41:30 | 000,307,200 | ---- | C] () -- C:\Users\xagersfeld\Documents\Oren.accdb [2013/11/02 22:41:23 | 003,073,454 | ---- | C] () -- C:\Users\xagersfeld\Documents\Mayfield_def X-COMP_07142011.pdf [2013/11/02 22:41:23 | 000,209,185 | ---- | C] () -- C:\Users\xagersfeld\Documents\Mayfield_opc SL_112211.pdf [2013/11/02 22:41:23 | 000,117,164 | ---- | C] () -- C:\Users\xagersfeld\Documents\Mayfield, Ruth_032911.pdf [2013/11/02 22:41:03 | 000,107,598 | ---- | C] () -- C:\Users\xagersfeld\Documents\Introductions_and_Conclusions.pdf [2013/11/02 22:40:58 | 000,058,008 | ---- | C] () -- C:\Users\xagersfeld\Documents\HMRegApp2.pdf [2013/11/02 22:40:58 | 000,052,149 | ---- | C] () -- C:\Users\xagersfeld\Documents\HJB prelim proposal (1).rtf [2013/11/02 22:40:58 | 000,030,575 | ---- | C] () -- C:\Users\xagersfeld\Documents\HJB prelim proposal.rtf [2013/11/02 22:40:55 | 000,826,865 | ---- | C] () -- C:\Users\xagersfeld\Documents\GUNDAR NIGHTSTORM Lv 1.pdf [2013/11/02 22:40:55 | 000,024,363 | ---- | C] () -- C:\Users\xagersfeld\Documents\Guide_to_Documenting_Sources_from_the_World_Wide_Web_-_MLA.RTF [2013/11/02 22:40:54 | 003,714,822 | ---- | C] () -- C:\Users\xagersfeld\Documents\Greenwood Michael App & U-240.pdf [2013/11/02 22:40:48 | 002,400,094 | ---- | C] () -- C:\Users\xagersfeld\Documents\FOR EMEL.pdf [2013/11/02 22:40:21 | 001,566,956 | ---- | C] () -- C:\Users\xagersfeld\Documents\emel-bonty-coc-card.pdf [2013/11/02 22:40:21 | 001,037,632 | ---- | C] () -- C:\Users\xagersfeld\Documents\episode 2.rtf [2013/11/02 22:40:21 | 001,037,632 | ---- | C] () -- C:\Users\xagersfeld\Documents\episode 2(1).rtf [2013/11/02 22:40:21 | 000,280,301 | ---- | C] () -- C:\Users\xagersfeld\Documents\Emel (1).pdf [2013/11/02 22:40:21 | 000,028,341 | ---- | C] () -- C:\Users\xagersfeld\Documents\Emel's level 0 spells.pdf [2013/11/02 22:40:21 | 000,025,526 | ---- | C] () -- C:\Users\xagersfeld\Documents\Emel's level 2 spells.pdf [2013/11/02 22:40:21 | 000,018,951 | ---- | C] () -- C:\Users\xagersfeld\Documents\Emel's level 1 spells.pdf [2013/11/02 22:40:14 | 000,094,008 | ---- | C] () -- C:\Users\xagersfeld\Documents\Developing_a_Thesis.pdf [2013/11/02 22:40:14 | 000,009,694 | ---- | C] () -- C:\Users\xagersfeld\Documents\Death Party Revised 1st Draft (copy).pdf [2013/11/02 22:40:13 | 008,212,355 | ---- | C] () -- C:\Users\xagersfeld\Documents\DARK SUN Pathfinder Main Character Sheet - Ravner Rand.rtf [2013/11/02 22:40:12 | 007,945,095 | ---- | C] () -- C:\Users\xagersfeld\Documents\DARK SUN Pathfinder Main Character Sheet - Ducati “Third Eye” Black.rtf [2013/11/02 22:40:12 | 005,925,672 | ---- | C] () -- C:\Users\xagersfeld\Documents\DARK SUN Pathfinder Core Class; Templar.pdf [2013/11/02 22:40:12 | 001,023,880 | ---- | C] () -- C:\Users\xagersfeld\Documents\DARK SUN Pathfinder -- Athasian Poisons.pdf [2013/11/02 22:39:51 | 000,799,881 | ---- | C] () -- C:\Users\xagersfeld\Documents\Blank Pathfinder CS.pdf [2013/11/02 22:39:48 | 002,838,162 | ---- | C] () -- C:\Users\xagersfeld\Documents\Battlestar Galactica Series Bible.pdf [2013/11/02 22:39:45 | 000,137,548 | ---- | C] () -- C:\Users\xagersfeld\Documents\aiplapaper.rtf [2013/11/02 22:39:38 | 000,064,429 | ---- | C] () -- C:\Users\xagersfeld\Documents\9_18_11.pdf [2013/11/02 22:39:36 | 000,035,535 | ---- | C] () -- C:\Users\xagersfeld\Documents\1211StatementPdf.pdf [2013/11/02 22:39:35 | 000,036,888 | ---- | C] () -- C:\Users\xagersfeld\Documents\1111StatementPdf.pdf [2013/11/02 22:25:40 | 000,001,395 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Spybot-S&D Start Center.lnk [2013/11/02 22:23:10 | 000,001,137 | ---- | C] () -- C:\Users\xagersfeld\Application Data\Microsoft\Internet Explorer\Quick Launch\Malwarebytes Anti-Malware.lnk [2013/11/02 22:19:42 | 000,002,283 | ---- | C] () -- C:\Users\xagersfeld\Application Data\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk [2013/11/02 22:19:18 | 000,000,906 | ---- | C] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job [2013/11/02 22:19:17 | 000,000,902 | ---- | C] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job [2013/11/02 22:19:07 | 000,000,830 | ---- | C] () -- C:\Windows\tasks\Adobe Flash Player Updater.job [2013/11/02 22:16:57 | 000,001,163 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk [2013/11/02 22:05:39 | 000,025,185 | ---- | C] () -- C:\Windows\SysWow64\ieuinit.inf [2013/11/02 22:05:39 | 000,025,185 | ---- | C] () -- C:\Windows\SysNative\ieuinit.inf [2013/11/02 21:59:08 | 000,001,441 | ---- | C] () -- C:\Users\xagersfeld\Application Data\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk [2013/11/02 21:58:32 | 000,001,417 | ---- | C] () -- C:\Users\xagersfeld\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk [2013/11/02 21:57:33 | 000,000,290 | ---- | C] () -- C:\Users\xagersfeld\Application Data\Microsoft\Internet Explorer\Quick Launch\Shows Desktop.lnk [2013/11/02 21:57:33 | 000,000,272 | ---- | C] () -- C:\Users\xagersfeld\Application Data\Microsoft\Internet Explorer\Quick Launch\Window Switcher.lnk [2013/11/02 21:53:06 | 000,001,345 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Media Center.lnk [2013/11/02 21:53:06 | 000,001,326 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows DVD Maker.lnk [2013/11/02 21:51:46 | 000,000,000 | ---- | C] () -- C:\Windows\ativpsrm.bin [2013/11/02 21:49:37 | 3193,614,336 | -HS- | C] () -- C:\hiberfil.sys [2012/11/16 12:01:08 | 000,204,952 | ---- | C] () -- C:\Windows\SysWow64\ativvsvl.dat [2012/11/16 12:01:08 | 000,157,144 | ---- | C] () -- C:\Windows\SysWow64\ativvsva.dat [2012/04/18 18:39:10 | 000,028,672 | ---- | C] () -- C:\Windows\SysWow64\kdbsdk32.dll ========== ZeroAccess Check ========== [2009/07/13 20:55:00 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini [HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64 [HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] [HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] /64 [HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64 "" = C:\Windows\SysNative\shell32.dll -- [2013/07/25 18:24:57 | 014,172,672 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Apartment [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] "" = %SystemRoot%\system32\shell32.dll -- [2013/07/25 17:55:59 | 012,872,704 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Apartment [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] /64 "" = C:\Windows\SysNative\wbem\fastprox.dll -- [2009/07/13 17:40:51 | 000,909,312 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Free [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] "" = %systemroot%\system32\wbem\fastprox.dll -- [2010/11/20 19:24:25 | 000,606,208 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Free [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] /64 "" = C:\Windows\SysNative\wbem\wbemess.dll -- [2009/07/13 17:41:56 | 000,505,856 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Both [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] ========== LOP Check ========== [2013/11/04 15:48:33 | 000,000,000 | ---D | M] -- C:\Users\xagersfeld\AppData\Roaming\Atari [2013/11/05 19:20:23 | 000,000,000 | ---D | M] -- C:\Users\xagersfeld\AppData\Roaming\bppenu11 [2013/11/06 13:16:41 | 000,000,000 | ---D | M] -- C:\Users\xagersfeld\AppData\Roaming\Dropbox [2013/11/06 15:01:16 | 000,000,000 | ---D | M] -- C:\Users\xagersfeld\AppData\Roaming\DVDVideoSoft [2013/11/05 01:17:44 | 000,000,000 | ---D | M] -- C:\Users\xagersfeld\AppData\Roaming\Enterbrain [2013/11/03 22:36:10 | 000,000,000 | ---D | M] -- C:\Users\xagersfeld\AppData\Roaming\fltk.org [2013/11/03 13:36:22 | 000,000,000 | ---D | M] -- C:\Users\xagersfeld\AppData\Roaming\FreeFLVConverter [2013/11/05 00:20:18 | 000,000,000 | ---D | M] -- C:\Users\xagersfeld\AppData\Roaming\Hive Cluster [2013/11/04 23:16:57 | 000,000,000 | ---D | M] -- C:\Users\xagersfeld\AppData\Roaming\IObit [2013/11/05 18:19:38 | 000,000,000 | ---D | M] -- C:\Users\xagersfeld\AppData\Roaming\PACE Anti-Piracy [2013/11/03 23:23:26 | 000,000,000 | ---D | M] -- C:\Users\xagersfeld\AppData\Roaming\PowerISO [2013/11/03 21:00:09 | 000,000,000 | ---D | M] -- C:\Users\xagersfeld\AppData\Roaming\Publish Providers [2013/11/05 18:20:38 | 000,000,000 | ---D | M] -- C:\Users\xagersfeld\AppData\Roaming\Rogue Legacy [2013/11/03 23:50:35 | 000,000,000 | ---D | M] -- C:\Users\xagersfeld\AppData\Roaming\runic games [2013/11/04 16:07:59 | 000,000,000 | ---D | M] -- C:\Users\xagersfeld\AppData\Roaming\Sony [2013/11/03 12:37:50 | 000,000,000 | ---D | M] -- C:\Users\xagersfeld\AppData\Roaming\Temp [2013/11/03 13:03:53 | 000,000,000 | ---D | M] -- C:\Users\xagersfeld\AppData\Roaming\TP-LINK [2013/11/03 15:16:27 | 000,000,000 | ---D | M] -- C:\Users\xagersfeld\AppData\Roaming\Turbine [2013/11/17 08:22:14 | 000,000,000 | ---D | M] -- C:\Users\xagersfeld\AppData\Roaming\uTorrent [2013/11/04 20:11:04 | 000,000,000 | ---D | M] -- C:\Users\xagersfeld\AppData\Roaming\YOUDONTKNOWJACK ========== Purity Check ========== ========== Alternate Data Streams ========== @Alternate Data Stream - 217 bytes -> C:\ProgramData:2C8DFE3CE3028F37 @Alternate Data Stream - 1180 bytes -> C:\ProgramData\Microsoft:k81Ln9kigcuxcFCeio6sYPFHB @Alternate Data Stream - 1167 bytes -> C:\ProgramData\Microsoft:5lttmsYDpUcFBaiGq3VARoZN7OTN @Alternate Data Stream - 1000 bytes -> C:\Users\xagersfeld\AppData\Local\Temp:rZz7kJkMi6wGBzE8PAB7i < End of report >

OTL log OTL logfile created on: 11/17/2013 11:12:05 AM - Run 2 OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\xagersfeld\Desktop 64bit- Professional Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation Internet Explorer (Version = 9.10.9200.16736) Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy 3.97 Gb Total Physical Memory | 1.82 Gb Available Physical Memory | 45.98% Memory free 7.93 Gb Paging File | 5.61 Gb Available in Paging File | 70.77% Paging File free Paging file location(s): ?:\pagefile.sys [binary data] %SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86) Drive C: | 465.66 Gb Total Space | 133.56 Gb Free Space | 28.68% Space Free | Partition Type: NTFS Drive D: | 7.26 Gb Total Space | 0.00 Gb Free Space | 0.00% Space Free | Partition Type: UDF Computer Name: XAGERSFELD-PC | User Name: xagersfeld | Logged in as Administrator. Boot Mode: Normal | Scan Mode: All users | Quick Scan | Include 64bit Scans Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days ========== Processes (SafeList) ========== PRC - [2013/11/17 10:12:02 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\xagersfeld\Desktop\OTL.exe PRC - [2013/11/15 12:05:24 | 000,275,568 | ---- | M] (Mozilla Corporation) -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe PRC - [2013/11/03 13:50:31 | 004,287,536 | ---- | M] () -- C:\Program Files (x86)\Pando Networks\Media Booster\PMB.exe PRC - [2013/11/02 22:34:12 | 001,418,336 | ---- | M] (RealNetworks, Inc.) -- C:\Program Files (x86)\Real\RealPlayer\RPDS\Bin\rpdsvc.exe PRC - [2013/11/02 22:19:14 | 000,237,960 | ---- | M] (Google Inc.) -- C:\Program Files (x86)\Google\Update\1.3.21.165\GoogleCrashHandler.exe PRC - [2013/10/30 07:56:50 | 017,153,952 | ---- | M] (PACE Anti-Piracy, Inc.) -- C:\Program Files (x86)\Common Files\PACE\Services\LicenseServices\LDSvc.exe PRC - [2013/10/28 11:39:32 | 002,283,296 | ---- | M] (IObit) -- C:\Program Files (x86)\IObit\Advanced SystemCare 7\ASCTray.exe PRC - [2013/10/25 18:19:44 | 000,763,680 | ---- | M] (IObit) -- C:\Program Files (x86)\IObit\Advanced SystemCare 7\Monitor.exe PRC - [2013/10/25 13:39:32 | 000,029,320 | ---- | M] () -- C:\Program Files (x86)\Real\UpdateService\RealPlayerUpdateSvc.exe PRC - [2013/10/25 12:07:24 | 002,151,200 | ---- | M] (IObit) -- C:\Program Files (x86)\IObit\LiveUpdate\LiveUpdate.exe PRC - [2013/10/25 12:07:00 | 000,878,368 | ---- | M] (IObit) -- C:\Program Files (x86)\IObit\Advanced SystemCare 7\ASCService.exe PRC - [2013/10/17 17:08:06 | 000,039,056 | ---- | M] () -- C:\Program Files (x86)\RealNetworks\RealDownloader\rndlresolversvc.exe PRC - [2013/10/15 11:27:38 | 003,921,880 | ---- | M] (Safer-Networking Ltd.) -- C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe PRC - [2013/09/20 09:57:26 | 001,042,272 | ---- | M] (Safer-Networking Ltd.) -- C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe PRC - [2013/09/13 09:38:30 | 000,171,416 | ---- | M] (Safer-Networking Ltd.) -- C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe PRC - [2013/09/05 06:04:00 | 000,065,640 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe PRC - [2013/08/16 18:09:02 | 001,549,120 | ---- | M] (IObit) -- C:\Program Files (x86)\IObit\IObit Malware Fighter\IMF.exe PRC - [2013/07/25 10:19:26 | 005,624,784 | ---- | M] (Safer-Networking Ltd.) -- C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe PRC - [2013/07/04 21:22:36 | 000,327,432 | ---- | M] (CyberLink) -- C:\Program Files (x86)\CyberLink\PowerDVD13\Kernel\DMS\CLMSServerPDVD13.exe PRC - [2013/07/04 21:22:34 | 000,077,576 | ---- | M] (CyberLink) -- C:\Program Files (x86)\CyberLink\PowerDVD13\Kernel\DMS\CLMSMonitorServicePDVD13.exe PRC - [2013/04/25 16:54:10 | 000,335,168 | ---- | M] (IObit) -- C:\Program Files (x86)\IObit\IObit Malware Fighter\IMFsrv.exe PRC - [2013/04/04 13:50:32 | 000,701,512 | ---- | M] (Malwarebytes Corporation) -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe PRC - [2013/04/04 13:50:32 | 000,532,040 | ---- | M] (Malwarebytes Corporation) -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe PRC - [2013/04/04 13:50:32 | 000,418,376 | ---- | M] (Malwarebytes Corporation) -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe PRC - [2013/03/15 15:07:56 | 000,395,640 | ---- | M] (Eastman Kodak Company) -- C:\Program Files (x86)\Kodak\AiO\Center\EKAiOHostService.exe PRC - [2013/01/15 13:07:42 | 002,750,840 | ---- | M] (Eastman Kodak Company) -- C:\Program Files (x86)\Kodak\AiO\StatusMonitor\EKStatusMonitor.exe PRC - [2013/01/15 13:07:42 | 000,780,152 | ---- | M] (Eastman Kodak Company) -- C:\Program Files (x86)\Kodak\AiO\StatusMonitor\EKPrinterSDK.exe PRC - [2012/02/23 11:09:08 | 000,838,656 | ---- | M] () -- C:\Program Files (x86)\TP-LINK\TP-LINK Wireless Configuration Utility\TWCU.exe PRC - [2011/03/31 18:19:44 | 001,646,056 | ---- | M] (Rosetta Stone Ltd.) -- C:\Program Files (x86)\RosettaStoneLtdServices\RosettaStoneDaemon.exe PRC - [2010/05/07 18:07:56 | 000,167,936 | ---- | M] (AVerMedia TECHNOLOGIES, Inc.) -- C:\Program Files (x86)\AVerMedia\AVerUpdate\AVerUpdateServer.exe PRC - [2010/05/06 20:39:10 | 000,528,384 | ---- | M] (AVerMedia Technologies, Inc.) -- C:\Program Files (x86)\SnugTV\SnugTV Station\AMAServer.exe PRC - [2009/12/07 15:13:14 | 000,397,312 | ---- | M] () -- C:\Program Files (x86)\Common Files\AVerMedia\Service\AVerScheduleService.exe PRC - [2009/10/31 08:48:42 | 000,348,160 | ---- | M] (AVerMedia) -- C:\Program Files (x86)\Common Files\AVerMedia\Service\AVerRemote.exe PRC - [2009/10/12 15:17:24 | 000,344,137 | ---- | M] () -- C:\Program Files (x86)\Dell\Dell Mobile Broadband\systray.exe PRC - [2009/08/16 22:53:32 | 001,807,608 | ---- | M] (AuthenTec, Inc.) -- C:\Program Files (x86)\Fingerprint Sensor\AtService.exe ========== Modules (No Company Name) ========== MOD - [2013/11/15 12:05:24 | 003,363,952 | ---- | M] () -- C:\Program Files (x86)\Mozilla Firefox\mozjs.dll MOD - [2013/11/03 13:50:31 | 004,287,536 | ---- | M] () -- C:\Program Files (x86)\Pando Networks\Media Booster\PMB.exe MOD - [2013/05/16 09:55:26 | 000,113,496 | ---- | M] () -- C:\Program Files (x86)\Spybot - Search & Destroy 2\snlThirdParty150.bpl MOD - [2013/05/16 09:55:24 | 000,416,600 | ---- | M] () -- C:\Program Files (x86)\Spybot - Search & Destroy 2\DEC150.bpl MOD - [2013/01/15 18:48:26 | 000,348,992 | ---- | M] () -- C:\Program Files (x86)\IObit\Advanced SystemCare 7\madexcept_.bpl MOD - [2013/01/15 18:48:26 | 000,051,008 | ---- | M] () -- C:\Program Files (x86)\IObit\Advanced SystemCare 7\maddisAsm_.bpl MOD - [2013/01/15 18:48:24 | 000,183,616 | ---- | M] () -- C:\Program Files (x86)\IObit\Advanced SystemCare 7\madbasic_.bpl MOD - [2013/01/15 18:47:56 | 000,893,248 | ---- | M] () -- C:\Program Files (x86)\IObit\Advanced SystemCare 7\webres.dll MOD - [2012/02/23 11:09:08 | 000,838,656 | ---- | M] () -- C:\Program Files (x86)\TP-LINK\TP-LINK Wireless Configuration Utility\TWCU.exe MOD - [2012/02/07 10:16:32 | 001,415,680 | ---- | M] () -- C:\Program Files (x86)\TP-LINK\TP-LINK Wireless Configuration Utility\nicLan.dll MOD - [2011/12/23 17:20:42 | 000,192,512 | ---- | M] () -- C:\Program Files (x86)\TP-LINK\TP-LINK Wireless Configuration Utility\DC_WFF.dll MOD - [2009/10/12 15:17:24 | 000,344,137 | ---- | M] () -- C:\Program Files (x86)\Dell\Dell Mobile Broadband\systray.exe ========== Services (SafeList) ========== SRV:64bit: - [2013/10/28 18:02:18 | 002,255,064 | ---- | M] (Broadcom Corporation.) [Auto | Running] -- C:\Windows\SysNative\BtwRSupportService.exe -- (BcmBtRSupport) SRV:64bit: - [2013/05/26 21:50:47 | 001,011,712 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend) SRV:64bit: - [2012/11/16 12:44:58 | 000,238,080 | ---- | M] (AMD) [Auto | Running] -- C:\Windows\SysNative\atiesrxx.exe -- (AMD External Events Utility) SRV:64bit: - [2010/03/07 00:09:34 | 000,911,360 | ---- | M] (Intel® Corporation) [Auto | Running] -- C:\Program Files\Intel\WiMAX\Bin\AppSrv.exe -- (WiMAXAppSrv) SRV:64bit: - [2010/03/07 00:04:26 | 000,408,576 | ---- | M] (Red Bend Ltd.) [Auto | Running] -- C:\Program Files\Intel\WiMAX\Bin\DMAgent.exe -- (DMAgent) SRV:64bit: - [2009/08/11 16:59:38 | 000,864,032 | ---- | M] (Broadcom Corporation.) [Auto | Running] -- C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe -- (btwdins) SRV:64bit: - [2009/07/13 17:40:01 | 000,193,536 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\appmgmts.dll -- (AppMgmt) SRV:64bit: - [2009/06/29 12:44:38 | 000,240,128 | ---- | M] (IDT, Inc.) [Auto | Running] -- C:\Windows\SysNative\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_afc3018f8cfedd20\stacsv64.exe -- (STacSV) SRV:64bit: - [2009/03/02 13:42:58 | 000,089,600 | ---- | M] (Andrea Electronics Corporation) [Auto | Running] -- C:\Windows\SysNative\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_afc3018f8cfedd20\AESTSr64.exe -- (AESTFilters) SRV - [2013/11/15 12:05:24 | 000,119,408 | ---- | M] (Mozilla Foundation) [On_Demand | Stopped] -- C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance) SRV - [2013/11/14 23:56:33 | 000,257,416 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc) SRV - [2013/11/05 20:14:55 | 001,045,256 | ---- | M] (Acresso Software Inc.) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe -- (FLEXnet Licensing Service) SRV - [2013/11/02 22:34:12 | 001,418,336 | ---- | M] (RealNetworks, Inc.) [Auto | Running] -- C:\Program Files (x86)\Real\RealPlayer\RPDS\Bin\rpdsvc.exe -- (RealPlayer Desktop Service) SRV - [2013/10/30 11:25:56 | 000,566,696 | ---- | M] (Valve Corporation) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Steam\SteamService.exe -- (Steam Client Service) SRV - [2013/10/30 07:56:50 | 017,153,952 | ---- | M] (PACE Anti-Piracy, Inc.) [Auto | Running] -- C:\Program Files (x86)\Common Files\PACE\Services\LicenseServices\LDSvc.exe -- (PaceLicenseDServices) SRV - [2013/10/25 13:39:32 | 000,029,320 | ---- | M] () [Auto | Running] -- C:\Program Files (x86)\Real\UpdateService\RealPlayerUpdateSvc.exe -- (RealPlayerUpdateSvc) SRV - [2013/10/25 12:07:24 | 002,151,200 | ---- | M] (IObit) [Auto | Running] -- C:\Program Files (x86)\IObit\LiveUpdate\LiveUpdate.exe -- (LiveUpdateSvc) SRV - [2013/10/25 12:07:00 | 000,878,368 | ---- | M] (IObit) [Auto | Running] -- C:\Program Files (x86)\IObit\Advanced SystemCare 7\ASCService.exe -- (AdvancedSystemCareService7) SRV - [2013/10/17 17:08:06 | 000,039,056 | ---- | M] () [Auto | Running] -- C:\Program Files (x86)\RealNetworks\RealDownloader\rndlresolversvc.exe -- (RealNetworks Downloader Resolver Service) SRV - [2013/09/05 06:04:00 | 000,065,640 | ---- | M] (Adobe Systems Incorporated) [Auto | Running] -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe -- (AdobeARMservice) SRV - [2013/07/04 21:22:36 | 000,327,432 | ---- | M] (CyberLink) [Auto | Running] -- C:\Program Files (x86)\CyberLink\PowerDVD13\Kernel\DMS\CLMSServerPDVD13.exe -- (CyberLink PowerDVD 13 Media Server Service) SRV - [2013/07/04 21:22:34 | 000,077,576 | ---- | M] (CyberLink) [Auto | Running] -- C:\Program Files (x86)\CyberLink\PowerDVD13\Kernel\DMS\CLMSMonitorServicePDVD13.exe -- (CyberLink PowerDVD 13 Media Server Monitor Service) SRV - [2013/04/25 16:54:10 | 000,335,168 | ---- | M] (IObit) [Auto | Running] -- C:\Program Files (x86)\IObit\IObit Malware Fighter\IMFsrv.exe -- (IMFservice) SRV - [2013/04/04 13:50:32 | 000,701,512 | ---- | M] (Malwarebytes Corporation) [Auto | Running] -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe -- (MBAMService) SRV - [2013/04/04 13:50:32 | 000,418,376 | ---- | M] (Malwarebytes Corporation) [Auto | Running] -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe -- (MBAMScheduler) SRV - [2013/03/15 15:07:56 | 000,395,640 | ---- | M] (Eastman Kodak Company) [Auto | Running] -- C:\Program Files (x86)\Kodak\AiO\Center\EKAiOHostService.exe -- (Kodak AiO Network Discovery Service) SRV - [2013/01/15 13:07:42 | 000,780,152 | ---- | M] (Eastman Kodak Company) [Auto | Running] -- C:\Program Files (x86)\Kodak\AiO\StatusMonitor\EKPrinterSDK.exe -- (Kodak AiO Status Monitor Service) SRV - [2011/03/31 18:19:44 | 001,646,056 | ---- | M] (Rosetta Stone Ltd.) [Auto | Running] -- C:\Program Files (x86)\RosettaStoneLtdServices\RosettaStoneDaemon.exe -- (RosettaStoneDaemon) SRV - [2010/05/07 18:07:56 | 000,167,936 | ---- | M] (AVerMedia TECHNOLOGIES, Inc.) [Auto | Running] -- C:\Program Files (x86)\AVerMedia\AVerUpdate\AVerUpdateServer.exe -- (AVerUpdateServer) SRV - [2010/05/06 20:39:10 | 000,528,384 | ---- | M] (AVerMedia Technologies, Inc.) [Auto | Running] -- C:\Program Files (x86)\SnugTV\SnugTV Station\AMAServer.exe -- (SnugTV Service) SRV - [2010/03/18 13:16:28 | 000,130,384 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32) SRV - [2010/02/19 13:37:14 | 000,517,096 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe -- (SwitchBoard) SRV - [2009/12/07 15:13:14 | 000,397,312 | ---- | M] () [Auto | Running] -- C:\Program Files (x86)\Common Files\AVerMedia\Service\AVerScheduleService.exe -- (AVerScheduleService) SRV - [2009/10/31 08:48:42 | 000,348,160 | ---- | M] (AVerMedia) [Auto | Running] -- C:\Program Files (x86)\Common Files\AVerMedia\Service\AVerRemote.exe -- (AVerRemote) SRV - [2009/08/16 22:53:32 | 001,807,608 | ---- | M] (AuthenTec, Inc.) [Auto | Running] -- C:\Program Files (x86)\Fingerprint Sensor\AtService.exe -- (ATService) SRV - [2009/06/29 12:44:38 | 000,240,128 | ---- | M] (IDT, Inc.) [Auto | Running] -- C:\Windows\System32\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_afc3018f8cfedd20\STacSV64.exe -- (STacSV) SRV - [2009/06/10 13:23:09 | 000,066,384 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32) SRV - [2009/03/02 13:42:58 | 000,089,600 | ---- | M] (Andrea Electronics Corporation) [Auto | Running] -- C:\Windows\System32\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_afc3018f8cfedd20\AESTSr64.exe -- (AESTFilters) ========== Driver Services (SafeList) ========== DRV:64bit: - [2013/11/13 01:00:12 | 000,091,352 | ---- | M] (Malwarebytes Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\mbamchameleon.sys -- (mbamchameleon) DRV:64bit: - [2013/11/04 23:21:04 | 000,435,512 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\k57nd60a.sys -- (k57nd60a) DRV:64bit: - [2013/11/04 17:07:46 | 000,057,856 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbFlt.sys -- (TsUsbFlt) DRV:64bit: - [2013/11/04 17:07:46 | 000,030,208 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbGD.sys -- (TsUsbGD) DRV:64bit: - [2013/11/04 17:07:46 | 000,019,456 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\rdpvideominiport.sys -- (RdpVideoMiniport) DRV:64bit: - [2013/11/04 10:16:58 | 000,310,728 | ---- | M] () [Kernel | Auto | Stopped] -- C:\Windows\SysNative\drivers\atksgt.sys -- (atksgt) DRV:64bit: - [2013/11/04 10:16:57 | 000,042,696 | ---- | M] () [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\lirsgt.sys -- (lirsgt) DRV:64bit: - [2013/11/03 11:41:49 | 000,132,648 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\btwavdt.sys -- (btwavdt) DRV:64bit: - [2013/11/03 11:41:49 | 000,098,344 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\btwaudio.sys -- (btwaudio) DRV:64bit: - [2013/11/03 11:41:49 | 000,035,104 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\btwl2cap.sys -- (btwl2cap) DRV:64bit: - [2013/11/03 11:41:49 | 000,021,160 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\btwrchid.sys -- (btwrchid) DRV:64bit: - [2013/10/28 18:02:18 | 000,166,104 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\btwampfl.sys -- (btwampfl) DRV:64bit: - [2013/10/28 18:02:16 | 000,170,712 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bcbtums.sys -- (bcbtums) DRV:64bit: - [2013/05/22 18:49:32 | 000,017,720 | ---- | M] () [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\SmartDefragDriver.sys -- (SmartDefragDriver) DRV:64bit: - [2013/04/15 01:50:30 | 000,127,384 | ---- | M] (Power Software Ltd) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\scdemu.sys -- (SCDEmu) DRV:64bit: - [2013/04/11 14:08:40 | 000,106,704 | ---- | M] (PACE Anti-Piracy, Inc.) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\Tpkd.sys -- (Tpkd) DRV:64bit: - [2013/04/04 13:50:32 | 000,025,928 | ---- | M] (Malwarebytes Corporation) [File_System | On_Demand | Running] -- C:\Windows\SysNative\drivers\mbam.sys -- (MBAMProtector) DRV:64bit: - [2012/11/16 13:08:32 | 011,922,944 | ---- | M] (Advanced Micro Devices, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\atikmdag.sys -- (atikmdag) DRV:64bit: - [2012/11/16 13:08:32 | 011,922,944 | ---- | M] (Advanced Micro Devices, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\atikmdag.sys -- (amdkmdag) DRV:64bit: - [2012/11/16 11:39:12 | 000,359,936 | ---- | M] (Advanced Micro Devices, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\atikmpag.sys -- (amdkmdap) DRV:64bit: - [2012/08/21 13:01:20 | 000,033,240 | ---- | M] (GEAR Software Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\GEARAspiWDM.sys -- (GEARAspiWDM) DRV:64bit: - [2012/02/29 22:46:16 | 000,023,408 | ---- | M] (Microsoft Corporation) [Recognizer | Boot | Unknown] -- C:\Windows\SysNative\drivers\fs_rec.sys -- (Fs_Rec) DRV:64bit: - [2012/02/23 04:32:04 | 000,095,760 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\AtihdW76.sys -- (AtiHDAudioService) DRV:64bit: - [2011/12/16 21:17:40 | 001,675,840 | ---- | M] (Ralink Technology Corp.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\netr28ux.sys -- (netr28ux) DRV:64bit: - [2011/11/03 03:01:00 | 000,056,208 | ---- | M] (Rovi Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\PxHlpa64.sys -- (PxHlpa64) DRV:64bit: - [2011/03/10 22:41:12 | 000,107,904 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata) DRV:64bit: - [2011/03/10 22:41:12 | 000,027,008 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata) DRV:64bit: - [2010/11/20 19:23:48 | 000,071,168 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\dmvsc.sys -- (dmvsc) DRV:64bit: - [2010/11/20 19:23:47 | 000,109,056 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\sdbus.sys -- (sdbus) DRV:64bit: - [2010/11/20 19:23:47 | 000,078,720 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD) DRV:64bit: - [2010/07/13 08:57:08 | 000,069,736 | ---- | M] (ITE Tech. Inc. ) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\itecir.sys -- (itecir) DRV:64bit: - [2009/12/22 21:37:22 | 000,174,592 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\bpmp.sys -- (bpmp) DRV:64bit: - [2009/12/22 21:37:16 | 000,081,920 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\bpusb.sys -- (bpusb) DRV:64bit: - [2009/12/22 21:37:14 | 000,071,168 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\bpenum.sys -- (bpenum) DRV:64bit: - [2009/12/03 16:48:32 | 000,716,872 | ---- | M] (AuthenTec, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\ATSwpWDF.sys -- (ATSwpWDF) DRV:64bit: - [2009/07/24 07:55:10 | 000,011,264 | ---- | M] (Primax Ltd) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\NMgamingms.sys -- (NMgamingmsFltr) DRV:64bit: - [2009/07/15 15:41:44 | 000,027,648 | ---- | M] (Printing Novatel Wireless Inc.) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\NvtSp50.sys -- (NvtSp50) DRV:64bit: - [2009/07/13 17:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs) DRV:64bit: - [2009/07/13 17:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2) DRV:64bit: - [2009/07/13 17:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor) DRV:64bit: - [2009/07/13 16:35:32 | 000,012,288 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\serscan.sys -- (StillCam) DRV:64bit: - [2009/06/29 12:44:38 | 000,487,424 | ---- | M] (IDT, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\stwrt64.sys -- (STHDA) DRV:64bit: - [2009/06/25 16:04:20 | 000,067,584 | ---- | M] (REDC) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\rimmpx64.sys -- (rimmptsk) DRV:64bit: - [2009/06/25 15:38:52 | 000,057,856 | ---- | M] (REDC) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\rixdpx64.sys -- (rismxdp) DRV:64bit: - [2009/06/25 15:13:44 | 000,055,296 | ---- | M] (REDC) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\rimspx64.sys -- (rimsptsk) DRV:64bit: - [2009/06/10 12:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv) DRV:64bit: - [2009/06/10 12:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv) DRV:64bit: - [2009/06/10 12:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a) DRV:64bit: - [2009/06/10 12:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir) DRV:64bit: - [2009/06/05 09:58:40 | 001,354,880 | ---- | M] (AVerMedia TECHNOLOGIES, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\AVerBDA716x_x64.sys -- (AVerBDA6x_x64) DRV - [2013/07/06 00:48:36 | 000,130,320 | ---- | M] (CyberLink Corp.) [2013/11/05 17:11:38] [Kernel | Auto | Running] -- C:\Program Files (x86)\CyberLink\PowerDVD13\Common\NavFilter\000.fcl -- ({09F57980-3432-4AFC-957D-27AC45FAE1F5}) DRV - [2013/03/26 19:34:08 | 000,023,016 | ---- | M] (IObit.com) [Kernel | On_Demand | Running] -- C:\Program Files (x86)\IObit\IObit Malware Fighter\Drivers\win7_amd64\UrlFilter.sys -- (UrlFilter) DRV - [2013/03/26 19:33:52 | 000,034,336 | ---- | M] (IObit.com) [Kernel | On_Demand | Running] -- C:\Program Files (x86)\IObit\IObit Malware Fighter\Drivers\win7_amd64\RegFilter.sys -- (RegFilter) DRV - [2013/03/23 15:48:46 | 000,023,048 | ---- | M] (IObit) [File_System | On_Demand | Running] -- C:\Program Files (x86)\IObit\IObit Malware Fighter\Drivers\win7_amd64\FileMonitor.sys -- (FileMonitor) DRV - [2009/07/13 17:19:10 | 000,019,008 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\wimmount.sys -- (WIMMount) ========== Standard Registry (SafeList) ========== ========== Internet Explorer ========== IE:64bit: - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A} IE:64bit: - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm IE - HKLM\..\SearchScopes,DefaultScope = IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC IE - HKU\.DEFAULT\..\SearchScopes,DefaultScope = IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKU\S-1-5-18\..\SearchScopes,DefaultScope = IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKU\S-1-5-19\..\SearchScopes,DefaultScope = IE - HKU\S-1-5-20\..\SearchScopes,DefaultScope = IE - HKU\S-1-5-21-1389256882-4216407415-1763555839-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://search.yahoo.com/?type=407453&fr=spigot-yhp-ie IE - HKU\S-1-5-21-1389256882-4216407415-1763555839-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = en-us IE - HKU\S-1-5-21-1389256882-4216407415-1763555839-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 09 AB 96 D3 59 D8 CE 01 [binary data] IE - HKU\S-1-5-21-1389256882-4216407415-1763555839-1000\..\SearchScopes,DefaultScope = {9E61B8A4-31C1-4E4B-8D1F-FE98EB69D81C} IE - HKU\S-1-5-21-1389256882-4216407415-1763555839-1000\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE10SR IE - HKU\S-1-5-21-1389256882-4216407415-1763555839-1000\..\SearchScopes\{9E61B8A4-31C1-4E4B-8D1F-FE98EB69D81C}: "URL" = http://search.yahoo.com/search?fr=chr-greentree_ie&ei=utf-8&ilc=12&type=407453&p={searchTerms} IE - HKU\S-1-5-21-1389256882-4216407415-1763555839-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKU\S-1-5-21-1389256882-4216407415-1763555839-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local ========== FireFox ========== FF - prefs.js..browser.search.selectedEngine: "Google" FF - prefs.js..browser.search.useDBForOrder: true FF - prefs.js..browser.startup.homepage: "http://search.yahoo.com/?type=407453&fr=spigot-yhp-ff" FF - prefs.js..extensions.enabledAddons: %7B972ce4c6-7e08-4474-a285-3208198ce6fd%7D:25.0.1 FF - prefs.js..keyword.url: "http://search.yahoo.com/search?fr=greentree_ff1&ei=utf-8&ilc=12&type=407453&p=" FF - user.js - File not found FF:64bit: - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF64_11_9_900_152.dll File not found FF:64bit: - HKLM\Software\MozillaPlugins\@divx.com/DivX VOD Helper,version=1.0.0: C:\Program Files\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.) FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found FF:64bit: - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files\Microsoft Silverlight\5.1.20913.0\npctrl.dll ( Microsoft Corporation) FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0: C:\PROGRA~1\MICROS~1\Office14\NPAUTHZ.DLL (Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_9_900_152.dll () FF - HKLM\Software\MozillaPlugins\@adobe.com/ShockwavePlayer: C:\Windows\SysWOW64\Adobe\Director\np32dsw_1205146.dll (Adobe Systems, Inc.) FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=: File not found FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll () FF - HKLM\Software\MozillaPlugins\@divx.com/DivX VOD Helper,version=1.0.0: C:\Program Files (x86)\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.) FF - HKLM\Software\MozillaPlugins\@divx.com/DivX Web Player Plug-In,version=1.0.0: C:\Program Files (x86)\DivX\DivX Web Player\npdivx32.dll (DivX, LLC) FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files (x86)\Microsoft Silverlight\5.1.20913.0\npctrl.dll ( Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0: C:\PROGRA~2\MICROS~2\Office14\NPAUTHZ.DLL (Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@microsoft.com/SharePoint,version=14.0: c:\PROGRA~2\MICROS~2\Office14\NPSPWRAP.DLL (Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@pandonetworks.com/PandoWebPlugin: C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks) FF - HKLM\Software\MozillaPlugins\@real.com/nppl3260;version=17.0.2.206: C:\Program Files (x86)\Real\RealPlayer\Netscape6\nppl3260.dll (RealNetworks, Inc.) FF - HKLM\Software\MozillaPlugins\@real.com/nprndlchromebrowserrecordext;version=1.5.2: C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlchromebrowserrecordext.dll (RealNetworks, Inc.) FF - HKLM\Software\MozillaPlugins\@real.com/nprndlhtml5videoshim;version=1.5.2: C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlhtml5videoshim.dll (RealNetworks, Inc.) FF - HKLM\Software\MozillaPlugins\@real.com/nprndlpepperflashvideoshim;version=1.5.2: C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlpepperflashvideoshim.dll (RealNetworks, Inc.) FF - HKLM\Software\MozillaPlugins\@real.com/nprpplugin;version=17.0.2.206: C:\Program Files (x86)\Real\RealPlayer\Netscape6\nprpplugin.dll (RealPlayer) FF - HKLM\Software\MozillaPlugins\@realnetworks.com/npdlplugin;version=1: C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\npdlplugin.dll (RealDownloader) FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files (x86)\Google\Update\1.3.21.165\npGoogleUpdate3.dll (Google Inc.) FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files (x86)\Google\Update\1.3.21.165\npGoogleUpdate3.dll (Google Inc.) FF - HKLM\Software\MozillaPlugins\@videolan.org/vlc,version=2.1.0: C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN) FF - HKLM\Software\MozillaPlugins\Adobe Acrobat: C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Air\nppdf32.dll (Adobe Systems Inc.) FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.) FF - HKCU\Software\MozillaPlugins\@Skype Limited.com/Facebook Video Calling Plugin: C:\Users\xagersfeld\AppData\Local\Facebook\Video\Skype\npFacebookVideoCalling.dll File not found FF - HKCU\Software\MozillaPlugins\pandonetworks.com/PandoWebPlugin: C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks) FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{56D10AE9-6227-455E-95C3-73CD63A091EC}: C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\Firefox\Ext\ [2013/11/02 22:34:35 | 000,000,000 | ---D | M] FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{ABDE892B-13A8-4d1b-88E6-365A6E755758}: C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\Firefox\Ext [2013/11/02 22:34:35 | 000,000,000 | ---D | M] FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\web2pdfextension@web2pdf.adobedotcom: C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Browser\WCFirefoxExtn [2013/11/05 17:57:10 | 000,000,000 | ---D | M] FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 25.0.1\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 25.0.1\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2013/11/15 12:05:20 | 000,000,000 | ---D | M] FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Firefox 25.0.1\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Firefox 25.0.1\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2013/11/15 12:05:20 | 000,000,000 | ---D | M] [2013/11/02 22:17:09 | 000,000,000 | ---D | M] (No name found) -- C:\Users\xagersfeld\AppData\Roaming\Mozilla\Extensions [2013/11/17 10:04:29 | 000,000,000 | ---D | M] (No name found) -- C:\Users\xagersfeld\AppData\Roaming\Mozilla\Firefox\Profiles\381huduz.default-1383810679593\extensions [2013/11/17 10:04:29 | 000,000,000 | ---D | M] (No name found) -- C:\Users\xagersfeld\AppData\Roaming\Mozilla\Firefox\Profiles\rxa2wgli.default-1384243994751\extensions [2013/11/12 00:25:27 | 000,320,988 | ---- | M] () (No name found) -- C:\Users\xagersfeld\AppData\Roaming\Mozilla\Firefox\Profiles\rxa2wgli.default-1384243994751\extensions\jid1-ZAdIEUB7XOzOJw@jetpack.xpi [2013/11/12 00:25:12 | 000,915,554 | ---- | M] () (No name found) -- C:\Users\xagersfeld\AppData\Roaming\Mozilla\Firefox\Profiles\rxa2wgli.default-1384243994751\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2013/11/12 00:25:29 | 000,010,530 | ---- | M] () -- C:\Users\xagersfeld\AppData\Roaming\Mozilla\Firefox\Profiles\rxa2wgli.default-1384243994751\searchplugins\duckduckgo.xml [2013/11/15 12:05:18 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\Mozilla Firefox\browser\extensions [2013/11/15 12:05:24 | 000,000,000 | ---D | M] (Default) -- C:\Program Files (x86)\Mozilla Firefox\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd} ========== Chrome ========== CHR - default_search_provider: Google (Enabled) CHR - default_search_provider: search_url = {google:baseURL}search?q={searchTerms}&{google:RLZ}{google:originalQueryForSuggestion}{google:assistedQueryStats}{google:searchFieldtrialParameter}{google:bookmarkBarPinned}{google:searchClient}{google:sourceId}{google:instantExtendedEnabledParameter}{google:omniboxStartMarginParameter}ie={inputEncoding} CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client={google:suggestClient}&q={searchTerms}&{google:cursorPosition}{google:zeroPrefixUrl}{google:pageClassification}sugkey={google:suggestAPIKeyParameter}, CHR - homepage: http://search.yahoo.com/?type=407453&fr=spigot-yhp-ch CHR - Extension: Google Docs = C:\Users\xagersfeld\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake\0.5_0\ CHR - Extension: Google Drive = C:\Users\xagersfeld\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\6.3_0\ CHR - Extension: YouTube = C:\Users\xagersfeld\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.6_0\ CHR - Extension: Google Search = C:\Users\xagersfeld\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.20_0\ CHR - Extension: RealPlayer Downloader = C:\Users\xagersfeld\AppData\Local\Google\Chrome\User Data\Default\Extensions\idhngdhcfkoamngbedgpaokgjbnpdiji\1.5.2_0\ CHR - Extension: Store = C:\Users\xagersfeld\AppData\Local\Google\Chrome\User Data\Default\Extensions\nfengeggddojhakldhlpjdlddgkkjkdd\1.0.0_0\ CHR - Extension: Google Wallet = C:\Users\xagersfeld\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.5.0_0\ CHR - Extension: Gmail = C:\Users\xagersfeld\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_1\ O1 HOSTS File: ([2013/11/12 00:04:48 | 000,000,027 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts O1 - Hosts: 127.0.0.1 localhost O2:64bit: - BHO: (ExplorerWnd Helper) - {10921475-03CE-4E04-90CE-E2E7EF20C814} - C:\Program Files (x86)\IObit\IObit Uninstaller\UninstallExplorer64.dll (IObit) O2:64bit: - BHO: (no name) - {34A0D84B-CDDC-4EC4-AFDD-4F1DDE1D14E5} - No CLSID value found. O2 - BHO: (RealNetworks Download and Record Plugin for Internet Explorer) - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\IE\rndlbrowserrecordplugin.dll (RealDownloader) O2 - BHO: (Adobe PDF Conversion Toolbar Helper) - {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated) O2 - BHO: (Advanced SystemCare Browser Protection) - {BA0C978D-D909-49B6-AFE2-8BDE245DC7E6} - C:\Program Files (x86)\IObit\Surfing Protection\BrowerProtect\ASCPlugin_Protection.dll (IObit) O2 - BHO: (SmartSelect Class) - {F4971EE7-DAA0-4053-9964-665D8EE6A077} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated) O3 - HKLM\..\Toolbar: (Adobe PDF) - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated) O3 - HKU\S-1-5-21-1389256882-4216407415-1763555839-1000\..\Toolbar\WebBrowser: (no name) - {2E924F4F-67F0-4BD8-9560-49F468E843D2} - No CLSID value found. O3 - HKU\S-1-5-21-1389256882-4216407415-1763555839-1000\..\Toolbar\WebBrowser: (Adobe PDF) - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated) O4:64bit: - HKLM..\Run: [intelWirelessWiMAX] C:\Program Files\Intel\WiMAX\Bin\WiMAXCU.exe (Intel® Corporation) O4:64bit: - HKLM..\Run: [sysTrayApp] C:\Program Files\IDT\WDM\sttray64.exe (IDT, Inc.) O4 - HKLM..\Run: [AMD AVT] C:\Windows\SysWow64\cmd.exe (Microsoft Corporation) O4 - HKLM..\Run: [EKStatusMonitor] C:\Program Files (x86)\Kodak\AiO\StatusMonitor\EKStatusMonitor.exe (Eastman Kodak Company) O4 - HKLM..\Run: [iObit Malware Fighter] C:\Program Files (x86)\IObit\IObit Malware Fighter\IMF.exe (IObit) O4 - HKLM..\Run: [sDTray] C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe (Safer-Networking Ltd.) O4 - HKLM..\Run: [systray] C:\Program Files (x86)\Dell\Dell Mobile Broadband\systray.exe () O4 - HKU\S-1-5-21-1389256882-4216407415-1763555839-1000..\Run: [Advanced SystemCare 7] C:\Program Files (x86)\IObit\Advanced SystemCare 7\ASCTray.exe (IObit) O4 - HKU\S-1-5-21-1389256882-4216407415-1763555839-1000..\Run: [Pando Media Booster] C:\Program Files (x86)\Pando Networks\Media Booster\PMB.exe () O4 - HKU\S-1-5-21-1389256882-4216407415-1763555839-1000..\Run: [spybot-S&D Cleaning] C:\Program Files (x86)\Spybot - Search & Destroy 2\SDCleaner.exe (Safer-Networking Ltd.) O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3 O7 - HKU\.DEFAULT\Software\Policies\Microsoft\Internet Explorer\Control Panel present O7 - HKU\S-1-5-18\Software\Policies\Microsoft\Internet Explorer\Control Panel present O7 - HKU\S-1-5-19\Software\Policies\Microsoft\Internet Explorer\Control Panel present O7 - HKU\S-1-5-20\Software\Policies\Microsoft\Internet Explorer\Control Panel present O7 - HKU\S-1-5-21-1389256882-4216407415-1763555839-1000\Software\Policies\Microsoft\Internet Explorer\Control Panel present O7 - HKU\S-1-5-21-1389256882-4216407415-1763555839-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0 O8:64bit: - Extra context menu item: Send image to &Bluetooth Device... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm () O8:64bit: - Extra context menu item: Send page to &Bluetooth Device... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm () O8 - Extra context menu item: Send image to &Bluetooth Device... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm () O8 - Extra context menu item: Send page to &Bluetooth Device... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm () O9:64bit: - Extra Button: @C:\Program Files\WIDCOMM\Bluetooth Software\btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm () O9:64bit: - Extra 'Tools' menuitem : @C:\Program Files\WIDCOMM\Bluetooth Software\btrez.dll,-12650 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm () O9 - Extra Button: Send To Bluetooth - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm () O9 - Extra 'Tools' menuitem : Send to &Bluetooth Device... - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm () O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000008 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.) O10 - NameSpace_Catalog5\Catalog_Entries\000000000008 [] - C:\Program Files (x86)\Bonjour\mdnsNSP.dll (Apple Inc.) O13 - gopher Prefix: missing O15 - HKU\S-1-5-21-1389256882-4216407415-1763555839-1000\..Trusted Domains: dell.com ([]* in Trusted sites) O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload2.macromedia.com/pub/shockwave/cabs/flash/swflash.cab (Shockwave Flash Object) O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 209.18.47.61 209.18.47.62 O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{104F0946-7ACC-4301-B519-E59993474816}: DhcpNameServer = 209.18.47.61 209.18.47.62 O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{104F0946-7ACC-4301-B519-E59993474816}: NameServer = 8.8.8.8 O18:64bit: - Protocol\Handler\ms-help - No CLSID value found O20:64bit: - HKLM Winlogon: Shell - (Explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation) O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation) O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation) O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysWOW64\userinit.exe (Microsoft Corporation) O20 - Winlogon\Notify\SDWinLogon: DllName - (SDWinLogon.dll) - File not found O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found. O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found. O32 - HKLM CDRom: AutoRun - 1 O34 - HKLM BootExecute: (autocheck autochk *) O35:64bit: - HKLM\..comfile [open] -- "%1" %* O35:64bit: - HKLM\..exefile [open] -- "%1" %* O35 - HKLM\..comfile [open] -- "%1" %* O35 - HKLM\..exefile [open] -- "%1" %* O37:64bit: - HKLM\...com [@ = ComFile] -- "%1" %* O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %* O37 - HKLM\...com [@ = ComFile] -- "%1" %* O37 - HKLM\...exe [@ = exefile] -- "%1" %* O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3) O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2) O38 - SubSystems\\Windows: (ServerDll=sxssrv,4) ========== Files/Folders - Created Within 30 Days ========== [2013/11/17 10:11:54 | 000,602,112 | ---- | C] (OldTimer Tools) -- C:\Users\xagersfeld\Desktop\OTL.exe [2013/11/17 08:27:32 | 000,000,000 | ---D | C] -- C:\Windows\ERUNT [2013/11/17 08:24:45 | 001,034,531 | ---- | C] (Thisisu) -- C:\Users\xagersfeld\Desktop\JRT.exe [2013/11/16 13:24:11 | 000,688,992 | R--- | C] (Swearware) -- C:\Users\xagersfeld\Desktop\dds.com [2013/11/15 12:05:18 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Mozilla Firefox [2013/11/15 00:31:12 | 000,208,216 | ---- | C] (Kaspersky Lab, GERT) -- C:\Windows\SysNative\drivers\67224765.sys [2013/11/13 01:25:29 | 000,000,000 | ---D | C] -- C:\Users\xagersfeld\Documents\backups [2013/11/13 01:04:21 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes' Anti-Malware (portable) [2013/11/13 01:04:20 | 000,116,440 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\MBAMSwissArmy.sys [2013/11/13 01:00:12 | 000,091,352 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\mbamchameleon.sys [2013/11/13 00:59:54 | 000,000,000 | ---D | C] -- C:\Users\xagersfeld\Documents\mbar [2013/11/12 22:22:36 | 000,000,000 | ---D | C] -- C:\Users\xagersfeld\AppData\Local\Chromium [2013/11/12 15:39:11 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight [2013/11/12 15:39:05 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft Silverlight [2013/11/12 15:39:04 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft Silverlight [2013/11/12 00:13:18 | 000,000,000 | ---D | C] -- C:\Users\xagersfeld\Documents\Old Firefox Data [2013/11/12 00:04:54 | 000,000,000 | ---D | C] -- C:\$RECYCLE.BIN [2013/11/11 23:42:45 | 000,518,144 | ---- | C] (SteelWerX) -- C:\Windows\SWREG.exe [2013/11/11 23:42:45 | 000,406,528 | ---- | C] (SteelWerX) -- C:\Windows\SWSC.exe [2013/11/11 23:42:45 | 000,060,416 | ---- | C] (NirSoft) -- C:\Windows\NIRCMD.exe [2013/11/11 23:40:41 | 000,000,000 | ---D | C] -- C:\Users\xagersfeld\Documents\rkill [2013/11/11 23:40:33 | 000,000,000 | ---D | C] -- C:\Qoobox [2013/11/11 23:40:10 | 000,000,000 | ---D | C] -- C:\Windows\erdnt [2013/11/11 23:38:47 | 000,000,000 | ---D | C] -- C:\AdwCleaner [2013/11/08 22:23:11 | 000,000,000 | ---D | C] -- C:\Users\xagersfeld\My Games [2013/11/06 15:01:29 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DVDVideoSoft [2013/11/06 15:01:16 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\DVDVideoSoft [2013/11/06 15:01:16 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\DVDVideoSoft [2013/11/06 14:58:30 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\K-Lite Codec Pack [2013/11/06 14:58:25 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\K-Lite Codec Pack [2013/11/06 14:51:25 | 000,000,000 | ---D | C] -- C:\Users\xagersfeld\AppData\Roaming\DVDVideoSoft [2013/11/06 13:32:39 | 000,000,000 | ---D | C] -- C:\Windows\pss [2013/11/06 13:07:31 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\GreenTree Applications [2013/11/06 10:04:24 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes [2013/11/06 10:03:38 | 000,000,000 | ---D | C] -- C:\Program Files\iPod [2013/11/06 10:03:37 | 000,000,000 | ---D | C] -- C:\Program Files\iTunes [2013/11/06 10:03:37 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\iTunes [2013/11/06 10:03:37 | 000,000,000 | ---D | C] -- C:\ProgramData\34BE82C4-E596-4e99-A191-52C6199EBF69 [2013/11/06 03:30:05 | 000,000,000 | ---D | C] -- C:\Windows\Minidump [2013/11/06 01:46:23 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Black Isle [2013/11/06 01:13:04 | 000,000,000 | ---D | C] -- C:\Users\xagersfeld\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Baldur's Gate - Enhanced Edition [2013/11/06 01:09:28 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Baldur's Gate - Enhanced Edition [2013/11/05 23:24:20 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Atari [2013/11/05 23:21:01 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Atari [2013/11/05 20:32:28 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Rosetta Stone [2013/11/05 20:14:55 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Macrovision Shared [2013/11/05 20:12:41 | 000,000,000 | ---D | C] -- C:\ProgramData\Rosetta Stone Backups [2013/11/05 20:12:41 | 000,000,000 | ---D | C] -- C:\ProgramData\Rosetta Stone [2013/11/05 20:10:59 | 000,000,000 | ---D | C] -- C:\ProgramData\RosettaStoneLtdServices [2013/11/05 20:10:59 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\RosettaStoneLtdServices [2013/11/05 20:10:11 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Rosetta Stone [2013/11/05 20:09:56 | 000,000,000 | ---D | C] -- C:\ProgramData\FLEXnet [2013/11/05 19:31:46 | 000,000,000 | ---D | C] -- C:\ProgramData\RELOADED [2013/11/05 19:28:12 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Torchlight II [2013/11/05 19:23:10 | 000,000,000 | ---D | C] -- C:\Users\xagersfeld\AppData\Local\IsolatedStorage [2013/11/05 19:21:00 | 000,000,000 | ---D | C] -- C:\ProgramData\IsolatedStorage [2013/11/05 19:20:23 | 000,000,000 | ---D | C] -- C:\Users\xagersfeld\AppData\Local\Palo_Alto_Software [2013/11/05 19:20:23 | 000,000,000 | ---D | C] -- C:\Users\xagersfeld\AppData\Roaming\bppenu11 [2013/11/05 19:19:30 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Business Plan Pro [2013/11/05 19:18:44 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Business Plan Pro [2013/11/05 18:21:04 | 000,000,000 | ---D | C] -- C:\Users\xagersfeld\Documents\SavedGames [2013/11/05 18:20:38 | 000,000,000 | ---D | C] -- C:\Users\xagersfeld\AppData\Roaming\Rogue Legacy [2013/11/05 18:19:12 | 000,000,000 | ---D | C] -- C:\Users\xagersfeld\Documents\Adobe [2013/11/05 18:13:34 | 000,000,000 | ---D | C] -- C:\ProgramData\regid.1986-12.com.adobe [2013/11/05 18:05:13 | 000,000,000 | ---D | C] -- C:\ProgramData\ALM [2013/11/05 18:01:43 | 000,000,000 | ---D | C] -- C:\Users\xagersfeld\Adobe Flash Builder 4.6 [2013/11/05 17:57:23 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe LiveCycle ES2 [2013/11/05 17:51:45 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\My Company Name [2013/11/05 17:46:50 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Adobe AIR [2013/11/05 17:43:43 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Master Collection CS6 [2013/11/05 17:43:39 | 000,000,000 | ---D | C] -- C:\Program Files\Adobe [2013/11/05 17:43:06 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Adobe [2013/11/05 17:13:58 | 000,000,000 | ---D | C] -- C:\Users\xagersfeld\AppData\Local\Cyberlink SoftDMA [2013/11/05 17:13:41 | 000,000,000 | ---D | C] -- C:\Users\xagersfeld\Documents\CyberLink [2013/11/05 17:13:40 | 000,000,000 | ---D | C] -- C:\Users\xagersfeld\AppData\Roaming\CyberLink [2013/11/05 17:11:55 | 000,000,000 | ---D | C] -- C:\MediaServer [2013/11/05 17:11:31 | 000,000,000 | ---D | C] -- C:\Users\Public\Documents\CyberLink [2013/11/05 17:11:27 | 000,000,000 | ---D | C] -- C:\Users\xagersfeld\AppData\Local\MediaServer [2013/11/05 17:10:54 | 000,000,000 | ---D | C] -- C:\Users\xagersfeld\AppData\Local\CyberLink [2013/11/05 17:10:47 | 000,000,000 | ---D | C] -- C:\ProgramData\PDVD [2013/11/05 17:10:47 | 000,000,000 | ---D | C] -- C:\ProgramData\CyberLink [2013/11/05 17:10:44 | 000,000,000 | R--D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CyberLink PowerDVD 13 [2013/11/05 17:04:39 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\CyberLink [2013/11/05 17:00:25 | 000,000,000 | ---D | C] -- C:\ProgramData\install_clap [2013/11/05 16:54:33 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Sierra [2013/11/05 16:53:13 | 000,558,592 | ---- | C] (Sierra On-Line) -- C:\Windows\SysWow64\SierraNW.dll [2013/11/05 16:53:13 | 000,227,840 | ---- | C] (Sierra On-Line) -- C:\Windows\SysWow64\SNWValid.dll [2013/11/05 16:53:05 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Sierra On-Line [2013/11/05 16:53:05 | 000,000,000 | ---D | C] -- C:\SIERRA [2013/11/05 16:43:24 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Shiny Entertainment [2013/11/05 16:43:20 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Shiny [2013/11/05 16:30:28 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Westwood [2013/11/05 16:24:43 | 000,000,000 | ---D | C] -- C:\Westwood [2013/11/05 15:48:49 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Bullfrog [2013/11/05 15:48:46 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Bullfrog [2013/11/05 15:44:58 | 000,000,000 | ---D | C] -- C:\ProgramData\Age of Empires 3 [2013/11/05 15:28:38 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Microsoft Games [2013/11/05 15:07:46 | 000,000,000 | ---D | C] -- C:\Users\xagersfeld\Documents\Almost Human [2013/11/05 15:07:23 | 002,477,056 | ---- | C] (FreeImage) -- C:\Windows\SysWow64\freeimage.dll [2013/11/05 15:06:54 | 000,000,000 | ---D | C] -- C:\ProgramData\Logs [2013/11/05 15:06:52 | 000,000,000 | ---D | C] -- C:\ProgramData\TEMP [2013/11/05 15:06:47 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Dll-Files Fixer [2013/11/05 15:02:45 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\(Default) [2013/11/05 15:02:25 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Legend of Grimrock [2013/11/05 15:01:43 | 000,000,000 | ---D | C] -- C:\Users\xagersfeld\Documents\Klei [2013/11/05 14:59:05 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Dont Starve [2013/11/05 01:17:44 | 000,000,000 | ---D | C] -- C:\Users\xagersfeld\AppData\Roaming\Enterbrain [2013/11/05 01:16:10 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\RPG Maker VX Ace [2013/11/05 01:15:46 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\RPG Maker VX Ace [2013/11/05 01:15:00 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Enterbrain [2013/11/05 01:11:33 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft XNA [2013/11/05 01:10:41 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WB Games [2013/11/05 01:10:13 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\WB Games [2013/11/05 01:06:52 | 000,000,000 | ---D | C] -- C:\Users\xagersfeld\AppData\Roaming\Microsoft Games [2013/11/05 01:06:34 | 000,000,000 | ---D | C] -- C:\Users\xagersfeld\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\GameSpy Arcade [2013/11/05 01:06:34 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\GameSpy Arcade [2013/11/05 01:06:33 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\GameSpy Arcade [2013/11/05 00:39:57 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Games [2013/11/05 00:39:44 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft Games [2013/11/05 00:34:10 | 000,000,000 | ---D | C] -- C:\Users\xagersfeld\AppData\Local\Skyrim [2013/11/05 00:34:00 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\The Elder Scrolls V Skyrim [2013/11/05 00:23:46 | 000,000,000 | ---D | C] -- C:\GOG Games [2013/11/05 00:20:18 | 000,000,000 | ---D | C] -- C:\Users\xagersfeld\AppData\Roaming\Hive Cluster [2013/11/05 00:18:48 | 000,000,000 | ---D | C] -- C:\Users\xagersfeld\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Antichamber [2013/11/05 00:18:13 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Antichamber [2013/11/05 00:14:20 | 000,000,000 | ---D | C] -- C:\Users\xagersfeld\Documents\Shiner [2013/11/05 00:11:13 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Orcs Must Die 2 [2013/11/05 00:05:55 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Orcs Must Die 2 [2013/11/05 00:02:07 | 000,000,000 | ---D | C] -- C:\Users\xagersfeld\AppData\Local\SKIDROW [2013/11/05 00:02:07 | 000,000,000 | ---D | C] -- C:\Users\xagersfeld\Documents\Orcs Must Die [2013/11/04 23:52:05 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Robot Entertainment [2013/11/04 23:49:06 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Robot Entertainment [2013/11/04 23:45:20 | 000,000,000 | ---D | C] -- C:\Users\xagersfeld\AppData\Local\FLT [2013/11/04 23:41:47 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\XCOM Enemy Unknown [2013/11/04 23:27:38 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\XCOM Enemy Unknown [2013/11/04 23:16:53 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Smart Defrag 2 [2013/11/04 23:16:45 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\IObit Malware Fighter [2013/11/04 23:16:34 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Driver Booster [2013/11/04 23:10:13 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\StarCraft II [2013/11/04 20:10:45 | 000,000,000 | ---D | C] -- C:\Users\xagersfeld\AppData\Roaming\YOUDONTKNOWJACK [2013/11/04 20:04:49 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\14 Degrees East [2013/11/04 19:48:58 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\14 Degrees East [2013/11/04 19:46:33 | 000,000,000 | ---D | C] -- C:\Users\xagersfeld\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Black Isle [2013/11/04 19:46:33 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Black Isle [2013/11/04 19:42:46 | 000,000,000 | ---D | C] -- C:\Program Files\BlackIsle [2013/11/04 19:40:06 | 000,052,736 | ---- | C] (Interplay Productions) -- C:\Windows\ipuninst.exe [2013/11/04 19:40:06 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Interplay [2013/11/04 19:36:33 | 000,000,000 | ---D | C] -- C:\Program Files\Interplay [2013/11/04 18:17:12 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NVIDIA Corporation [2013/11/04 18:17:10 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\AGEIA Technologies [2013/11/04 18:17:10 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\AGEIA [2013/11/04 18:16:42 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Wise Installation Wizard [2013/11/04 17:59:19 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Codemasters [2013/11/04 17:49:14 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Codemasters [2013/11/04 16:52:20 | 000,139,264 | ---- | C] (Blizzard Entertainment) -- C:\Windows\War3Unin.exe [2013/11/04 16:52:20 | 000,000,000 | ---D | C] -- C:\Users\xagersfeld\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Warcraft III [2013/11/04 16:52:20 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Warcraft III [2013/11/04 16:46:57 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Warcraft III [2013/11/04 16:44:12 | 000,098,304 | ---- | C] (Blizzard Entertainment) -- C:\Windows\W2BNEUnin.exe [2013/11/04 16:44:12 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Warcraft II Battle.net Edition [2013/11/04 16:42:59 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Warcraft II BNE [2013/11/04 16:41:32 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\MRT [2013/11/04 16:32:13 | 000,094,208 | ---- | C] (Blizzard Entertainment) -- C:\Windows\ScUnin.exe [2013/11/04 16:32:04 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Starcraft [2013/11/04 16:30:05 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Starcraft [2013/11/04 16:11:15 | 000,000,000 | ---D | C] -- C:\Config.Msi [2013/11/04 16:08:45 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\MSXML 4.0 [2013/11/04 16:08:15 | 000,027,456 | ---- | C] (IObit) -- C:\Windows\SysNative\RegistryDefragBootTime.exe [2013/11/04 15:55:16 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\IObit Uninstaller [2013/11/04 15:55:13 | 000,000,000 | ---D | C] -- C:\ProgramData\ProductData [2013/11/04 15:55:10 | 000,000,000 | ---D | C] -- C:\ProgramData\{3C5CBD7B-3D1D-411E-96C2-513FFCA84D2D} [2013/11/04 15:55:05 | 000,000,000 | ---D | C] -- C:\Users\xagersfeld\AppData\Roaming\IObit [2013/11/04 15:55:05 | 000,000,000 | ---D | C] -- C:\ProgramData\IObit [2013/11/04 15:55:04 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Advanced SystemCare 7 [2013/11/04 15:55:00 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\IObit [2013/11/04 15:53:20 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\YourWare Solutions [2013/11/04 15:53:20 | 000,000,000 | ---D | C] -- C:\Users\xagersfeld\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\FreeRAM XP Pro [2013/11/04 15:53:20 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\FreeRAM XP Pro [2013/11/04 15:51:31 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Wise Registry Cleaner [2013/11/04 15:51:30 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Wise [2013/11/04 15:48:33 | 000,000,000 | ---D | C] -- C:\Users\xagersfeld\Documents\Atari [2013/11/04 15:48:33 | 000,000,000 | ---D | C] -- C:\Users\xagersfeld\AppData\Roaming\Atari [2013/11/04 15:48:33 | 000,000,000 | ---D | C] -- C:\Users\xagersfeld\AppData\Local\Atari [2013/11/04 15:43:05 | 000,000,000 | ---D | C] -- C:\ProgramData\Tages [2013/11/04 15:43:05 | 000,000,000 | ---D | C] -- C:\Users\xagersfeld\Documents\Documents [2013/11/04 15:28:49 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\You Don't Know Jack® [2013/11/04 14:50:32 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\You Don't Know Jack® [2013/11/04 14:23:28 | 000,000,000 | R--D | C] -- C:\Users\xagersfeld\Desktop\Apps [2013/11/04 14:22:30 | 000,000,000 | ---D | C] -- C:\Users\xagersfeld\Desktop\Games [2013/11/04 13:57:29 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Infogrames Interactive [2013/11/04 13:57:28 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Infogrames Interactive [2013/11/04 13:54:47 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\QuickTime [2013/11/04 13:54:35 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\QuickTime [2013/11/04 13:49:09 | 000,000,000 | ---D | C] -- C:\Users\xagersfeld\AppData\Local\Apple Computer [2013/11/04 13:49:08 | 000,000,000 | ---D | C] -- C:\Users\xagersfeld\AppData\Roaming\Apple Computer [2013/11/04 13:47:55 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\DRVSTORE [2013/11/04 13:47:19 | 000,000,000 | ---D | C] -- C:\ProgramData\Apple Computer [2013/11/04 13:45:55 | 000,000,000 | ---D | C] -- C:\Users\xagersfeld\AppData\Local\Apple [2013/11/04 13:45:50 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Apple Software Update [2013/11/04 13:45:24 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Apple [2013/11/04 13:45:06 | 000,000,000 | ---D | C] -- C:\Program Files\Bonjour [2013/11/04 13:45:06 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Bonjour [2013/11/04 13:44:52 | 000,000,000 | ---D | C] -- C:\ProgramData\Apple [2013/11/04 13:44:52 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Apple [2013/11/04 12:59:08 | 000,000,000 | ---D | C] -- C:\Users\xagersfeld\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\StarCraft II [2013/11/04 12:41:38 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\World of Warcraft [2013/11/04 12:41:38 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\World of Warcraft [2013/11/04 12:41:38 | 000,000,000 | ---D | C] -- C:\ProgramData\Blizzard Entertainment.Trash [2013/11/04 12:41:38 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Blizzard Entertainment.Trash [2013/11/04 12:40:46 | 000,000,000 | ---D | C] -- C:\ProgramData\Battle.net [2013/11/04 12:37:47 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\StarCraft II [2013/11/04 12:37:47 | 000,000,000 | ---D | C] -- C:\ProgramData\Blizzard Entertainment [2013/11/04 12:37:47 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Blizzard Entertainment [2013/11/04 12:07:26 | 000,000,000 | ---D | C] -- C:\Users\xagersfeld\Documents\Bully Scholarship Edition [2013/11/04 11:58:57 | 000,000,000 | ---D | C] -- C:\Users\xagersfeld\Documents\The Witcher [2013/11/04 11:58:57 | 000,000,000 | ---D | C] -- C:\Users\xagersfeld\AppData\Local\The Witcher [2013/11/04 11:56:14 | 000,000,000 | ---D | C] -- C:\Users\Public\Documents\The Witcher [2013/11/04 11:07:22 | 000,000,000 | ---D | C] -- C:\Users\xagersfeld\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Games [2013/11/04 10:23:14 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Bethesda Softworks [2013/11/04 10:23:13 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Bethesda Softworks [2013/11/04 10:21:50 | 000,178,800 | ---- | C] (Sony DADC Austria AG.) -- C:\Windows\SysWow64\CmdLineExt_x64.dll [2013/11/04 10:21:39 | 000,000,000 | ---D | C] -- C:\Users\xagersfeld\AppData\Local\Oblivion [2013/11/04 10:03:42 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\The Witcher [2013/11/04 09:49:42 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Rockstar Games [2013/11/04 09:41:02 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Rockstar Games [2013/11/04 09:20:47 | 000,000,000 | ---D | C] -- C:\Users\xagersfeld\AppData\Local\Downloaded Installations [2013/11/04 09:14:45 | 000,000,000 | ---D | C] -- C:\Users\xagersfeld\AppData\Roaming\PACE Anti-Piracy [2013/11/04 09:14:45 | 000,000,000 | ---D | C] -- C:\Users\xagersfeld\AppData\Local\PACE Anti-Piracy [2013/11/04 09:14:45 | 000,000,000 | ---D | C] -- C:\ProgramData\PACE Anti-Piracy [2013/11/04 09:14:45 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\PACE Anti-Piracy [2013/11/04 09:14:16 | 000,000,000 | ---D | C] -- C:\Users\xagersfeld\AppData\Local\PaceAP [2013/11/04 09:09:05 | 000,000,000 | ---D | C] -- C:\ProgramData\PACE [2013/11/04 09:00:20 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\PACE [2013/11/04 09:00:13 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\iLok License Manager [2013/11/04 08:41:26 | 000,000,000 | ---D | C] -- C:\Users\xagersfeld\AppData\Local\Movie Magic Screenwriter [2013/11/04 08:41:25 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Write Brothers, Inc [2013/11/04 08:41:02 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Write Brothers, Inc [2013/11/03 23:50:35 | 000,000,000 | ---D | C] -- C:\Users\xagersfeld\AppData\Roaming\runic games [2013/11/03 23:26:28 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Torchlight [2013/11/03 23:24:58 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Runic Games [2013/11/03 23:23:26 | 000,000,000 | ---D | C] -- C:\Users\xagersfeld\AppData\Roaming\PowerISO [2013/11/03 23:19:25 | 000,000,000 | ---D | C] -- C:\Users\xagersfeld\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\DOSBox-0.63 [2013/11/03 23:19:25 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DOSBox-0.63 [2013/11/03 23:19:25 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\DOSBox-0.63 [2013/11/03 23:12:55 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\VDMSound [2013/11/03 23:12:43 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\appmgmt [2013/11/03 22:55:36 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\GOG.com [2013/11/03 22:48:54 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\GOG.com [2013/11/03 22:39:41 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Dramatica Pro [2013/11/03 22:39:40 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Screenplay Systems [2013/11/03 22:36:10 | 000,000,000 | ---D | C] -- C:\Users\xagersfeld\AppData\Roaming\fltk.org [2013/11/03 22:36:10 | 000,000,000 | ---D | C] -- C:\ProgramData\fltk.org [2013/11/03 22:36:08 | 000,000,000 | ---D | C] -- C:\Users\xagersfeld\Documents\Amnesia [2013/11/03 22:34:26 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Amnesia - The Dark Descent [2013/11/03 22:28:13 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Amnesia - The Dark Descent [2013/11/03 22:15:06 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NTI Backup NOW! 4.7 [2013/11/03 22:15:05 | 001,056,768 | ---- | C] (eHelp Corporation.) -- C:\Windows\SysWow64\ROBOEX32.DLL [2013/11/03 22:14:28 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\LightScribe [2013/11/03 22:12:13 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\muvee Technologies [2013/11/03 22:12:09 | 000,226,816 | ---- | C] (honest technology) -- C:\Windows\SysWow64\htvcdsvcd.ax [2013/11/03 22:12:06 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\NewTech Infosystems [2013/11/03 22:12:06 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\NewTech Infosystems [2013/11/03 22:12:01 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NTI CD & DVD-Maker 7 [2013/11/03 21:56:16 | 000,000,000 | ---D | C] -- C:\Users\xagersfeld\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\ASIO4ALL v2

Allow me to say thanks again for the assistance. Thank you. Here are the logs from the following scans: Junkware Removal Tool log ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Junkware Removal Tool (JRT) by Thisisu Version: 6.0.8 (11.05.2013:1) OS: Windows 7 Professional x64 Ran by xagersfeld on Sun 11/17/2013 at 8:27:42.14 ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ ~~~ Services ~~~ Registry Values ~~~ Registry Keys Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\CLSID\{DE9028D0-5FFA-4E69-94E3-89EE8741F468} Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\CLSID\{E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39} Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\Interface\{79FB5FC8-44B9-4AF5-BADD-CCE547F953E5} Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\conduit Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\AppDataLow\software\search settings ~~~ Files Successfully deleted: [File] "C:\Windows\Tasks\dll-files.com fixer_monthly.job" Successfully deleted: [File] "C:\Windows\Tasks\dll-files.com fixer_updates.job" ~~~ Folders Successfully deleted: [Folder] "C:\Users\xagersfeld\AppData\Roaming\dll-files.com" Successfully deleted: [Folder] "C:\Program Files (x86)\dll-files.com fixer" ~~~ Event Viewer Logs were cleared ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Scan was completed on Sun 11/17/2013 at 9:11:07.27 End of JRT log ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ AdwCleaner log # AdwCleaner v3.012 - Report created 17/11/2013 at 10:04:25 # Updated 11/11/2013 by Xplode # Operating System : Windows 7 Professional Service Pack 1 (64 bits) # Username : xagersfeld - XAGERSFELD-PC # Running from : C:\Users\xagersfeld\Desktop\AdwCleaner.exe # Option : Clean ***** [ Services ] ***** ***** [ Files / Folders ] ***** Folder Deleted : C:\Users\xagersfeld\AppData\Roaming\Mozilla\Firefox\Profiles\381huduz.default-1383810679593\Extensions\anttoolbar@ant.com Folder Deleted : C:\Users\xagersfeld\AppData\Roaming\Mozilla\Firefox\Profiles\rxa2wgli.default-1384243994751\Extensions\anttoolbar@ant.com File Deleted : C:\Windows\System32\roboot64.exe ***** [ Shortcuts ] ***** ***** [ Registry ] ***** Key Deleted : [x64] HKLM\SOFTWARE\DivX\Install\Setup\WizardLayout\ConduitToolbar ***** [ Browsers ] ***** -\\ Internet Explorer v10.0.9200.16736 -\\ Mozilla Firefox v25.0.1 (en-US) [ File : C:\Users\xagersfeld\AppData\Roaming\Mozilla\Firefox\Profiles\rxa2wgli.default-1384243994751\prefs.js ] -\\ Google Chrome v31.0.1650.57 [ File : C:\Users\xagersfeld\AppData\Local\Google\Chrome\User Data\Default\preferences ] ************************* AdwCleaner[R0].txt - [1672 octets] - [11/11/2013 23:38:51] AdwCleaner[R1].txt - [1401 octets] - [17/11/2013 09:15:08] AdwCleaner[s0].txt - [1326 octets] - [17/11/2013 10:04:25] ########## EOF - C:\AdwCleaner\AdwCleaner[s0].txt - [1386 octets] ##########

Hello, I recentlly dowloaded the YouTube converter and immediately after all of my browsers were changed to the following address: "http://search.yahoo.com/?type=407453&fr=spigot-yhp-ff". Not only that but my settings have been changed on my browsers (Undo closed tabs is grey and the option to bring back my windows if browser crash is set to off and resets if Firefox is closed). I believe I have a virus but nothing have been able to solve this issue. Could really use some help and would like to thank you all in advanced for the work that you do here. It is entirely appreciated. Thank you. Here are my logs that I got upon following the instructions on the "I'm infected..." forum. attach.txtdds.txt