Malware/virus

azy · August 25, 2013

i need help with removing malware and virus, i recently got some europol virus thing on my browser i got it to go away but am not sure it its fully gone or if i have any other malware or virus

please help

thanks

Maniac · August 25, 2013

Hello azy and :welcome: ! My name is Borislav and I will be glad to help you solve your malware problem.

Please note:

If you are a paying customer, you have the privilege to contact the help desk at Consumer Support. If you choose this option to get help, please let me know.
I recommend you to keep the instructions I will be giving you so that they are available to you at any time. You can save them in a text file or print them.
Make sure you read all of the instructions and fixes thoroughly before continuing with them.
Follow my instructions strictly and don’t hesitate to stop and ask me if you have any questions.
Post your log files, don't attach them. Every log file should be copy/pasted in your next reply.
Do not perform any kind of scanning and fixing without my instructions. If you want to proceed on your own, please let me know.

Please follow the instructions here and then post the log files in your next reply.

http://forums.malwarebytes.org/index.php?showtopic=9573

azy · August 25, 2013

Hi thanks for offering the help

here are the logs from DDS

DDS (Ver_2012-11-20.01) - NTFS_AMD64
Internet Explorer: 10.0.9200.16660 BrowserJavaVersion: 10.25.2
Run by Aneil at 16:53:49 on 2013-08-25
Microsoft Windows 7 Home Premium   6.1.7601.1.1252.44.1033.18.8183.6303 [GMT 1:00]
.
AV: McAfee Anti-Virus and Anti-Spyware *Enabled/Updated* {ADA629C7-7F48-5689-624A-3B76997E0892}
SP: McAfee Anti-Virus and Anti-Spyware *Enabled/Updated* {16C7C823-5972-5907-58FA-0004E2F9422F}
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
FW: McAfee Firewall *Enabled* {959DA8E2-3527-57D1-4915-924367AD4FE9}
.
============== Running Processes ===============
.
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\nvvsvc.exe
C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k GPSvcGroup
C:\Windows\system32\svchost.exe -k NetworkService
C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
C:\Windows\system32\nvvsvc.exe
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
C:\Windows\system32\Dwm.exe
C:\Windows\system32\taskhost.exe
C:\Windows\Explorer.EXE
C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
C:\Program Files (x86)\ASUS\AsSysCtrlService\1.00.02\AsSysCtrlService.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\Windows\SysWOW64\svchost.exe -k hpdevmgmt
C:\Program Files (x86)\Common Files\Maxtor\Schedule2\schedul2.exe
C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe
C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe
C:\Windows\system32\mfevtps.exe
C:\Windows\System32\svchost.exe -k HPZ12
C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
C:\Windows\system32\rundll32.exe
C:\Windows\system32\rundll32.exe
C:\Windows\SysWOW64\rundll32.exe
C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
C:\Program Files\BT Broadband Desktop Help\btbb\BTHelpNotifier.exe
C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\NvTmru.exe
C:\Program Files (x86)\Common Files\Motive\pcContextHookShim.exe
C:\Program Files (x86)\Steam\Steam.exe
C:\Program Files\Windows Sidebar\sidebar.exe
C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe
C:\Program Files (x86)\McAfee Security Scan\3.0.318\SSScheduler.exe
C:\Program Files (x86)\Common Files\Motive\pcCMService.exe
C:\Program Files\Common Files\Motive\pcCMService.exe
C:\Windows\System32\svchost.exe -k HPZ12
C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
C:\Users\Aneil\AppData\Roaming\Dropbox\bin\Dropbox.exe
C:\Windows\SysWOW64\PnkBstrA.exe
C:\Program Files (x86)\VIA\VIAudioi\VDeck\VDeck.exe
C:\Program Files (x86)\Maxtor\MaxBlast\TimounterMonitor.exe
C:\Program Files (x86)\HP\HP Software Update\hpwuschd2.exe
C:\Program Files (x86)\ASUS\AI Suite\QFan3\QFanHelp.exe
C:\Program Files\McAfee.com\Agent\mcagent.exe
C:\Program Files (x86)\Microsoft\BingBar\SeaPort.EXE
C:\Program Files (x86)\Splashtop\Splashtop Remote\SERVER\SRService.exe
C:\Program Files (x86)\Splashtop\Splashtop Software Updater\SSUService.exe
C:\Windows\system32\svchost.exe -k imgsvc
C:\Program Files (x86)\TomTom HOME 2\TomTomHOMEService.exe
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
C:\Program Files\Common Files\McAfee\SystemCore\mcshield.exe
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
C:\Program Files\Common Files\McAfee\SystemCore\mfefire.exe
C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\ComUpdatus.exe
C:\Program Files (x86)\Common Files\Steam\SteamService.exe
C:\Windows\system32\SearchIndexer.exe
C:\Windows\system32\svchost.exe -k HPService
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
C:\Program Files\Windows Media Player\wmpnetwk.exe
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Windows\system32\SearchProtocolHost.exe
C:\Program Files (x86)\HP\Digital Imaging\bin\hpqSTE08.exe
C:\Program Files (x86)\HP\Digital Imaging\bin\hpqbam08.exe
C:\Windows\System32\svchost.exe -k secsvcs
C:\Windows\system32\AUDIODG.EXE
C:\Windows\notepad.exe
C:\Windows\system32\SearchFilterHost.exe
C:\Windows\system32\taskeng.exe
C:\Windows\System32\cscript.exe
.
============== Pseudo HJT Report ===============
.

uSearch Bar = Preserve

mWinlogon: Userinit = userinit.exe,
TB: Bing Bar: {8dcb7100-df86-4384-8842-8fa844297b3f} -
TB: McAfee SiteAdvisor Toolbar: {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\Program Files (x86)\McAfee\SiteAdvisor\McIEPlg.dll
EB: HP Smart Web Printing: {555D4D79-4BD2-4094-A395-CFC534424A05} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_bho.dll
uRun: [steam] "C:\Program Files (x86)\Steam\steam.exe" -silent
uRun: [sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
mRun: [HDAudDeck] C:\Program Files (x86)\VIA\VIAudioi\VDeck\VDeck.exe -r
mRun: [JMB36X IDE Setup] C:\Windows\RaidTool\xInsIDE.exe
mRun: [GrooveMonitor] "C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe"
mRun: [hpqSRMon] C:\Program Files (x86)\HP\Digital Imaging\bin\hpqSRMon.exe
mRun: [AcronisTimounterMonitor] C:\Program Files (x86)\Maxtor\MaxBlast\TimounterMonitor.exe
mRun: [HP Software Update] C:\Program Files (x86)\HP\HP Software Update\HPWuSchd2.exe
mRun: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
mRun: [QFan Help] "C:\Program Files (x86)\ASUS\AI Suite\QFan3\QFanHelp.exe"
mRun: [mcui_exe] "C:\Program Files\McAfee.com\Agent\mcagent.exe" /runkey
StartupFolder: C:\Users\Aneil\AppData\Roaming\MICROS~1\Windows\STARTM~1\Programs\Startup\Dropbox.lnk - C:\Users\Aneil\AppData\Roaming\Dropbox\bin\Dropbox.exe
StartupFolder: C:\PROGRA~3\MICROS~1\Windows\STARTM~1\Programs\Startup\HPDIGI~1.LNK - C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe
StartupFolder: C:\PROGRA~3\MICROS~1\Windows\STARTM~1\Programs\Startup\MCAFEE~1.LNK - C:\Program Files (x86)\McAfee Security Scan\3.0.318\SSScheduler.exe
uPolicies-Explorer: NoDriveTypeAutoRun = dword:145
mPolicies-Explorer: NoActiveDesktop = dword:1
mPolicies-Explorer: NoActiveDesktopChanges = dword:1
mPolicies-System: ConsentPromptBehaviorAdmin = dword:5
mPolicies-System: ConsentPromptBehaviorUser = dword:3
mPolicies-System: EnableUIADesktopToggle = dword:0
mPolicies-System: SoftwareSASGeneration = dword:1
IE: {0000036B-C524-4050-81A0-243669A86B9F} - {B63DBA5F-523F-4B9C-A43D-65DF1977EAD3} - C:\Program Files (x86)\Windows Live\Companion\companioncore.dll
IE: {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - {5F7B1267-94A9-47F5-98DB-E99415F33AEC} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - C:\Program Files (x86)\Microsoft Office\Office12\ONBttnIE.dll
IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503}
IE: {DDE87865-83C5-48c4-8357-2F5B1AA84522} - {DDE87865-83C5-48c4-8357-2F5B1AA84522} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll
Trusted Zone: clonewarsadventures.com
Trusted Zone: freerealms.com
Trusted Zone: soe.com
Trusted Zone: sony.com

TCP: NameServer = 192.168.1.254
TCP: Interfaces\{3D49916A-5803-4781-8092-59288A6ED818} : DHCPNameServer = 192.168.1.254
Filter: application/x-mfe-ipt - {3EF5086B-5478-4598-A054-786C45D75692} - c:\Program Files (x86)\McAfee\MSC\McSnIePl.dll
Handler: dssrequest - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files (x86)\McAfee\SiteAdvisor\McIEPlg.dll
Handler: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveSystemServices.dll
Handler: sacore - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files (x86)\McAfee\SiteAdvisor\McIEPlg.dll
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll
Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
AppInit_DLLs= C:\PROGRA~2\NVIDIA~1\NVSTRE~1\rxinput.dll
SSODL: WebCheck - <orphaned>
SEH: Groove GFS Stub Execution Hook - {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll
LSA: Authentication Packages = msv1_0 relog_ap

x64-TB: McAfee SiteAdvisor Toolbar: {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\Program Files (x86)\McAfee\SiteAdvisor\x64\McIEPlg.dll
x64-Run: [btbb_McciTrayApp] "C:\Program Files\BT Broadband Desktop Help\btbb\BTHelpNotifier.exe"
x64-Run: [Nvtmru] "C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\nvtmru.exe"
x64-Filter: application/x-mfe-ipt - {3EF5086B-5478-4598-A054-786C45D75692} - c:\Program Files\McAfee\MSC\McSnIePl64.dll
x64-Handler: dssrequest - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files (x86)\McAfee\SiteAdvisor\x64\McIEPlg.dll
x64-Handler: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - <orphaned>
x64-Handler: sacore - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files (x86)\McAfee\SiteAdvisor\x64\McIEPlg.dll
x64-Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - <orphaned>
x64-Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - <orphaned>
x64-Notify: GoToAssist - C:\Program Files (x86)\Citrix\GoToAssist\570\G2AWinLogon_x64.dll
x64-SSODL: WebCheck - <orphaned>
.
================= FIREFOX ===================
.
FF - ProfilePath - C:\Users\Aneil\AppData\Roaming\Mozilla\Firefox\Profiles\ddjvr4g0.default-1377395858495\

FF - plugin: c:\PROGRA~2\mcafee\msc\npMcSnFFPl.dll
FF - plugin: C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll
FF - plugin: C:\Program Files (x86)\Battlelog Web Plugins\2.1.7\npesnlaunch.dll
FF - plugin: C:\Program Files (x86)\Battlelog Web Plugins\Sonar\0.70.4\npesnsonar.dll
FF - plugin: C:\Program Files (x86)\Common Files\Motive\npMotive.dll
FF - plugin: C:\Program Files (x86)\Common Files\Motive\npMotiveRequest.dll
FF - plugin: C:\Program Files (x86)\DivX\DivX OVS Helper\npovshelper.dll
FF - plugin: C:\Program Files (x86)\DivX\DivX Plus Web Player\npdivx32.dll
FF - plugin: C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll
FF - plugin: C:\Program Files (x86)\Google\Update\1.3.21.153\npGoogleUpdate3.dll
FF - plugin: C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll
FF - plugin: C:\Program Files (x86)\McAfee Security Scan\3.0.318\npMcAfeeMSS.dll
FF - plugin: C:\Program Files (x86)\McAfee\SiteAdvisor\NPMcFFPlg32.dll
FF - plugin: C:\Program Files (x86)\Microsoft Silverlight\5.1.20513.0\npctrlui.dll
FF - plugin: C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll
FF - plugin: C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll
FF - plugin: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll
FF - plugin: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_8_800_94.dll
FF - plugin: C:\Windows\SysWOW64\npdeployJava1.dll
FF - plugin: C:\Windows\SysWOW64\npmproxy.dll
FF - ExtSQL: 2013-08-22 18:54; {D19CA586-DD6C-4a0a-96F8-14644F340D60}; C:\Program Files (x86)\Common Files\McAfee\SystemCore
FF - ExtSQL: 2013-08-25 00:07; {4ED1F68A-5463-4931-9384-8FFF5ED91D92}; C:\Program Files (x86)\McAfee\SiteAdvisor
FF - ExtSQL: !HIDDEN! 2012-09-04 21:56; smartwebprinting@hp.com; C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3
.
============= SERVICES / DRIVERS ===============
.
R0 mfehidk;McAfee Inc. mfehidk;C:\Windows\System32\drivers\mfehidk.sys [2013-2-19 771536]
R0 mfewfpk;McAfee Inc. mfewfpk;C:\Windows\System32\drivers\mfewfpk.sys [2013-2-19 340216]
R2 AsSysCtrlService;ASUS System Control Service;C:\Program Files (x86)\ASUS\AsSysCtrlService\1.00.02\AsSysCtrlService.exe [2010-9-25 90112]
R2 MaxSch2Svc;Maxtor Scheduler2 Service;C:\Program Files (x86)\Common Files\Maxtor\Schedule2\schedul2.exe [2008-6-27 605976]
R2 MBAMScheduler;MBAMScheduler;C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe [2013-8-25 418376]
R2 McAfee SiteAdvisor Service;McAfee SiteAdvisor Service;C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe [2013-8-10 201304]
R2 McMPFSvc;McAfee Personal Firewall Service;C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe [2013-8-10 201304]
R2 McNaiAnn;McAfee VirusScan Announcer;C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe [2013-8-10 201304]
R2 McProxy;McAfee Proxy Service;C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe [2013-8-10 201304]
R2 McShield;McAfee McShield;C:\Program Files\Common Files\McAfee\SystemCore\mcshield.exe [2013-8-10 241456]
R2 mfefire;McAfee Firewall Core Service;C:\Program Files\Common Files\McAfee\SystemCore\mfefire.exe [2013-8-10 218760]
R2 mfevtp;McAfee Validation Trust Protection Service;C:\Windows\System32\mfevtps.exe [2013-8-10 182752]
R2 NvStreamSvc;NVIDIA Streamer Service;C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [2013-8-18 14984480]
R2 pcCMService;pcCMService;C:\Program Files (x86)\Common Files\Motive\pcCMService.exe [2012-9-23 376144]
R2 pcCMService64;pcCMService64;C:\Program Files\Common Files\Motive\pcCMService.exe [2012-9-23 467280]
R2 SplashtopRemoteService;Splashtop® Remote Service;C:\Program Files (x86)\Splashtop\Splashtop Remote\Server\SRService.exe [2013-6-28 789856]
R2 SSUService;Splashtop Software Updater Service;C:\Program Files (x86)\Splashtop\Splashtop Software Updater\SSUService.exe [2013-5-8 583968]
R2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service;C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [2013-6-21 413472]
R2 TomTomHOMEService;TomTomHOMEService;C:\Program Files (x86)\TomTom HOME 2\TomTomHOMEService.exe [2013-3-22 93072]
R3 cfwids;McAfee Inc. cfwids;C:\Windows\System32\drivers\cfwids.sys [2013-8-10 70112]
R3 MBAMProtector;MBAMProtector;C:\Windows\System32\drivers\mbam.sys [2013-8-25 25928]
R3 mfeavfk;McAfee Inc. mfeavfk;C:\Windows\System32\drivers\mfeavfk.sys [2013-8-10 309840]
R3 mfefirek;McAfee Inc. mfefirek;C:\Windows\System32\drivers\mfefirek.sys [2013-8-10 515968]
R3 nvvad_WaveExtensible;NVIDIA Virtual Audio Device (Wave Extensible) (WDM);C:\Windows\System32\drivers\nvvad64v.sys [2013-8-18 39712]
R3 RTL8167;Realtek 8167 NT Driver;C:\Windows\System32\drivers\Rt64win7.sys [2011-6-10 539240]
R3 VIAHdAudAddService;VIA High Definition Audio Driver Service;C:\Windows\System32\drivers\viahduaa.sys [2010-9-25 1222144]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-3-18 138576]
S2 MBAMService;MBAMService;C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [2013-8-25 701512]
S2 SkypeUpdate;Skype Updater;C:\Program Files (x86)\Skype\Updater\Updater.exe [2012-7-13 161384]
S3 BBSvc;Bing Bar Update Service;C:\Program Files (x86)\Microsoft\BingBar\BBSvc.EXE [2011-2-28 183560]
S3 fssfltr;fssfltr;C:\Windows\System32\drivers\fssfltr.sys [2010-10-23 48488]
S3 fsssvc;Windows Live Family Safety Service;C:\Program Files (x86)\Windows Live\Family Safety\fsssvc.exe [2010-9-23 1493352]
S3 HipShieldK;McAfee Inc. HipShieldK;C:\Windows\System32\drivers\HipShieldK.sys [2013-8-10 196440]
S3 HTCAND64;HTC Device Driver;C:\Windows\System32\drivers\ANDROIDUSB.sys [2009-11-2 33736]
S3 McComponentHostService;McAfee Security Scan Component Host Service;C:\Program Files (x86)\McAfee Security Scan\3.0.318\McCHSvc.exe [2013-2-5 235216]
S3 mferkdet;McAfee Inc. mferkdet;C:\Windows\System32\drivers\mferkdet.sys [2013-8-10 106552]
S3 MotioninJoyXFilter;MotioninJoy Virtual Xinput device Filter Driver;C:\Windows\System32\drivers\MijXfilt.sys [2013-4-24 121416]
S3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;C:\Windows\System32\drivers\rdpvideominiport.sys [2013-4-13 19456]
S3 RTCore64;RTCore64;C:\Program Files (x86)\EVGA Precision X\RTCore64.sys [2013-7-18 15176]
S3 TsUsbFlt;TsUsbFlt;C:\Windows\System32\drivers\TsUsbFlt.sys [2013-4-13 57856]
S3 WatAdminSvc;Windows Activation Technologies Service;C:\Windows\System32\Wat\WatAdminSvc.exe [2010-9-25 1255736]
S3 WinRing0_1_2_0;WinRing0_1_2_0;C:\Users\Aneil\Softwares\RealTemp_370\WinRing0x64.sys [2013-7-18 14544]
S4 wlcrasvc;Windows Live Mesh remote connections service;C:\Program Files\Windows Live\Mesh\wlcrasvc.exe [2010-9-22 57184]
.
=============== Created Last 30 ================
.
2013-08-25 05:34:33   --------   d-----w-   C:\FRST
2013-08-25 04:53:25   --------   d-----w-   C:\ProgramData\Malwarebytes' Anti-Malware (portable)
2013-08-25 01:25:19   --------   d-----w-   C:\ProgramData\HitmanPro
2013-08-25 00:38:03   25928   ----a-w-   C:\Windows\System32\drivers\mbam.sys
2013-08-25 00:38:03   --------   d-----w-   C:\Program Files (x86)\Malwarebytes' Anti-Malware
2013-08-25 00:25:37   --------   d-----w-   C:\Program Files\Enigma Software Group
2013-08-25 00:24:53   --------   d-----w-   C:\Program Files (x86)\Common Files\Wise Installation Wizard
2013-08-24 16:57:47   --------   d-----w-   C:\Users\Aneil\AppData\Local\4A Games
2013-08-23 15:01:59   9515512   ----a-w-   C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{F5E734E3-54DA-4440-ADFA-DD5FC43AC161}\mpengine.dll
2013-08-21 16:36:54   34384   ----a-w-   C:\Program Files (x86)\Mozilla Firefox\ScriptFF.dll
2013-08-18 00:23:02   --------   d-----w-   C:\NvidiaLogging
2013-08-18 00:21:05   39712   ----a-w-   C:\Windows\System32\drivers\nvvad64v.sys
2013-08-18 00:21:05   29984   ----a-w-   C:\Windows\System32\nvaudcap64v.dll
2013-08-18 00:21:05   28448   ----a-w-   C:\Windows\SysWow64\nvaudcap32v.dll
2013-08-15 21:26:38   447752   ----a-w-   C:\Windows\SysWow64\vp6vfw.dll
2013-08-15 02:36:26   --------   d-----w-   C:\Users\Aneil\AppData\Local\ESN
2013-08-15 02:36:24   --------   d-----w-   C:\Program Files (x86)\Battlelog Web Plugins
2013-08-15 02:20:49   --------   d-----w-   C:\ProgramData\EA Core
2013-08-15 02:20:48   --------   d-----w-   C:\ProgramData\EA Logs
2013-08-15 02:08:07   --------   d--h--w-   C:\Program Files (x86)\Common Files\EAInstaller
2013-08-15 00:01:59   --------   d-----w-   C:\Users\Aneil\AppData\Local\Criterion Games
2013-08-14 22:28:28   --------   d-----w-   C:\Program Files (x86)\Origin Games
2013-08-14 22:23:36   --------   d-----w-   C:\Users\Aneil\AppData\Roaming\Origin
2013-08-14 22:23:35   --------   d-----w-   C:\Users\Aneil\AppData\Local\Origin
2013-08-14 22:22:59   --------   d-----w-   C:\ProgramData\Origin
2013-08-14 22:22:58   --------   d-----w-   C:\ProgramData\Electronic Arts
2013-08-14 22:22:57   --------   d-----w-   C:\Program Files (x86)\Origin
2013-08-14 16:02:20   224256   ----a-w-   C:\Windows\System32\wintrust.dll
2013-08-14 16:02:20   184320   ----a-w-   C:\Windows\System32\cryptsvc.dll
2013-08-14 16:02:20   175104   ----a-w-   C:\Windows\SysWow64\wintrust.dll
2013-08-14 16:02:20   1472512   ----a-w-   C:\Windows\System32\crypt32.dll
2013-08-14 16:02:20   140288   ----a-w-   C:\Windows\SysWow64\cryptsvc.dll
2013-08-14 16:02:20   139776   ----a-w-   C:\Windows\System32\cryptnet.dll
2013-08-14 16:02:20   1166848   ----a-w-   C:\Windows\SysWow64\crypt32.dll
2013-08-14 16:02:20   103936   ----a-w-   C:\Windows\SysWow64\cryptnet.dll
2013-08-14 16:02:06   663552   ----a-w-   C:\Windows\SysWow64\rpcrt4.dll
2013-08-14 16:02:06   1217024   ----a-w-   C:\Windows\System32\rpcrt4.dll
2013-08-14 16:02:00   3913664   ----a-w-   C:\Windows\SysWow64\ntoskrnl.exe
2013-08-10 19:02:24   196440   ----a-w-   C:\Windows\System32\drivers\HipShieldK.sys
2013-08-10 19:02:02   --------   d-----w-   C:\Program Files (x86)\McAfee.com
2013-08-10 19:01:53   10728   ----a-w-   C:\Windows\System32\drivers\mfeclnk.sys
2013-08-10 19:01:52   --------   d-----w-   C:\Program Files (x86)\Common Files\McAfee
2013-08-10 19:01:48   70112   ----a-w-   C:\Windows\System32\drivers\cfwids.sys
2013-08-10 19:01:48   515968   ----a-w-   C:\Windows\System32\drivers\mfefirek.sys
2013-08-10 19:01:48   309840   ----a-w-   C:\Windows\System32\drivers\mfeavfk.sys
2013-08-10 19:01:48   106552   ----a-w-   C:\Windows\System32\drivers\mferkdet.sys
2013-08-10 19:01:36   --------   d-----w-   C:\Program Files\McAfee.com
2013-08-10 19:01:36   --------   d-----w-   C:\Program Files\McAfee
2013-08-10 19:01:34   --------   d-----w-   C:\Program Files (x86)\McAfee
2013-08-10 18:56:42   182752   ----a-w-   C:\Windows\System32\mfevtps.exe
.
==================== Find3M ====================
.
2013-08-22 23:42:25   290184   ----a-w-   C:\Windows\SysWow64\PnkBstrB.xtr
2013-08-22 23:42:25   290184   ----a-w-   C:\Windows\SysWow64\PnkBstrB.exe
2013-08-22 23:42:15   280904   ----a-w-   C:\Windows\SysWow64\PnkBstrB.ex0
2013-08-15 02:41:39   76888   ----a-w-   C:\Windows\SysWow64\PnkBstrA.exe
2013-07-26 05:13:37   2241024   ----a-w-   C:\Windows\System32\wininet.dll
2013-07-26 05:12:08   3958784   ----a-w-   C:\Windows\System32\jscript9.dll
2013-07-26 05:12:04   136704   ----a-w-   C:\Windows\System32\iesysprep.dll
2013-07-26 05:12:03   67072   ----a-w-   C:\Windows\System32\iesetup.dll
2013-07-26 03:35:08   2706432   ----a-w-   C:\Windows\System32\mshtml.tlb
2013-07-26 03:13:24   1767936   ----a-w-   C:\Windows\SysWow64\wininet.dll
2013-07-26 03:12:04   2877440   ----a-w-   C:\Windows\SysWow64\jscript9.dll
2013-07-26 03:12:00   61440   ----a-w-   C:\Windows\SysWow64\iesetup.dll
2013-07-26 03:12:00   109056   ----a-w-   C:\Windows\SysWow64\iesysprep.dll
2013-07-26 02:49:14   2706432   ----a-w-   C:\Windows\SysWow64\mshtml.tlb
2013-07-26 02:39:38   89600   ----a-w-   C:\Windows\System32\RegisterIEPKEYs.exe
2013-07-26 01:59:38   71680   ----a-w-   C:\Windows\SysWow64\RegisterIEPKEYs.exe
2013-07-25 09:25:54   1888768   ----a-w-   C:\Windows\System32\WMVDECOD.DLL
2013-07-25 08:57:27   1620992   ----a-w-   C:\Windows\SysWow64\WMVDECOD.DLL
2013-07-19 01:58:42   2048   ----a-w-   C:\Windows\System32\tzres.dll
2013-07-19 01:41:01   2048   ----a-w-   C:\Windows\SysWow64\tzres.dll
2013-07-17 03:06:00   96168   ----a-w-   C:\Windows\SysWow64\WindowsAccessBridge-32.dll
2013-07-17 03:05:59   867240   ----a-w-   C:\Windows\SysWow64\npdeployJava1.dll
2013-07-17 03:05:59   789416   ----a-w-   C:\Windows\SysWow64\deployJava1.dll
2013-07-12 18:38:05   71048   ----a-w-   C:\Windows\SysWow64\FlashPlayerCPLApp.cpl
2013-07-12 18:38:05   692104   ----a-w-   C:\Windows\SysWow64\FlashPlayerApp.exe
2013-07-09 06:03:30   5550528   ----a-w-   C:\Windows\System32\ntoskrnl.exe
2013-07-09 05:54:22   1732032   ----a-w-   C:\Windows\System32\ntdll.dll
2013-07-09 05:53:12   243712   ----a-w-   C:\Windows\System32\wow64.dll
2013-07-09 05:03:34   3968960   ----a-w-   C:\Windows\SysWow64\ntkrnlpa.exe
2013-07-09 04:53:47   1292192   ----a-w-   C:\Windows\SysWow64\ntdll.dll
2013-07-09 04:52:33   5120   ----a-w-   C:\Windows\SysWow64\wow32.dll
2013-07-09 04:45:07   44032   ----a-w-   C:\Windows\apppatch\acwow64.dll
2013-07-09 02:49:42   25600   ----a-w-   C:\Windows\SysWow64\setup16.exe
2013-07-09 02:49:41   7680   ----a-w-   C:\Windows\SysWow64\instnm.exe
2013-07-09 02:49:39   14336   ----a-w-   C:\Windows\SysWow64\ntvdm64.dll
2013-07-09 02:49:38   2048   ----a-w-   C:\Windows\SysWow64\user.exe
2013-07-06 06:03:53   1910208   ----a-w-   C:\Windows\System32\drivers\tcpip.sys
2013-06-21 10:23:16   6496544   ----a-w-   C:\Windows\System32\nvcpl.dll
2013-06-21 10:23:16   3514656   ----a-w-   C:\Windows\System32\nvsvc64.dll
2013-06-21 10:23:11   884512   ----a-w-   C:\Windows\System32\nvvsvc.exe
2013-06-21 10:23:10   63776   ----a-w-   C:\Windows\System32\nvshext.dll
2013-06-21 10:23:10   237856   ----a-w-   C:\Windows\System32\nvmctray.dll
2013-06-21 04:16:02   566048   ----a-w-   C:\Windows\SysWow64\nvStreaming.exe
2013-06-15 04:32:16   39936   ----a-w-   C:\Windows\System32\drivers\tssecsrv.sys
2013-06-05 03:34:27   3153920   ----a-w-   C:\Windows\System32\win32k.sys
2013-06-04 06:00:13   624128   ----a-w-   C:\Windows\System32\qedit.dll
2013-06-04 04:53:07   509440   ----a-w-   C:\Windows\SysWow64\qedit.dll
.
============= FINISH: 16:54:17.63 ===============

.
UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.
IF REQUESTED, ZIP IT UP & ATTACH IT
.
DDS (Ver_2012-11-20.01)
.
Microsoft Windows 7 Home Premium
Boot Device: \Device\HarddiskVolume2
Install Date: 25/09/2010 01:33:40
System Uptime: 25/08/2013 16:36:33 (0 hours ago)
.
Motherboard: ASUSTeK Computer INC. | | P7P55D
Processor: Intel® Core i5 CPU 760 @ 2.80GHz | LGA1156 | 2772/133mhz
.
==== Disk Partitions =========================
.
C: is FIXED (NTFS) - 466 GiB total, 79.947 GiB free.
D: is FIXED (NTFS) - 932 GiB total, 931.394 GiB free.
E: is CDROM ()
.
==== Disabled Device Manager Items =============
.
==== System Restore Points ===================
.
RP413: 22/08/2013 01:20:41 - Scheduled Checkpoint
RP414: 24/08/2013 17:55:07 - Installed DirectX
RP415: 25/08/2013 01:24:58 - Installed SpyHunter
RP416: 25/08/2013 01:36:35 - Removed SpyHunter
RP417: 25/08/2013 02:59:55 - Restore Operation
RP418: 25/08/2013 04:08:25 - Installed Microsoft Fix it 50195
.
==== Installed Programs ======================
.
Update for Microsoft Office 2007 (KB2508958)
1310
1310_Help
1310Trb
64 Bit HP CIO Components Installer
Adobe AIR
Adobe Flash Player 11 ActiveX
Adobe Flash Player 11 Plugin
Adobe Media Player
Adobe Reader XI (11.0.03)
Age of Empires Online
AI Suite
AIO_CDB_ProductContext
AIO_CDB_Software
AIO_Scan
Apple Application Support
Apple Mobile Device Support
Apple Software Update
Battlefield 3™
Battlelog Web Plugins
Bing Bar
BitTorrent
Bonjour
BT Desktop Help
BT NetProtect Plus
BTHomeHub
BufferChm
Burnout Paradise: The Ultimate Box
Chivalry: Medieval Warfare
Combined Community Codec Pack 2009-09-09
Command and Conquer: Red Alert 3
Copy
Counter-Strike: Global Offensive
CPUID CPU-Z 1.65.0
CrimeCraft GangWars
D3DX10
Dead Island
Destinations
DeviceDiscovery
DivX Setup
DocProc
Dota 2
Driving Test Success 2003-2004
Dropbox
ESN Sonar
EVGA Precision X 4.2.1
Fax
Feedback Tool
Free Audio CD Burner version 1.4
Free YouTube Download version 3.0.16.923
Free YouTube to MP3 Converter version 3.10.14.1206
Futuremark SystemInfo
Geeks3D.com FurMark 1.10.6
Google Earth Plug-in
Google Update Helper
GoToAssist Corporate
GPBaseService2
Half-Life 2
Heroes of Newerth
Hotfix for Microsoft .NET Framework 4 Client Profile (KB2461678)
HP Customer Participation Program 13.0
HP Imaging Device Functions 13.0
HP Photosmart Essential 3.5
HP Photosmart Officejet and Deskjet All-In-One Driver Software 13.0 Rel. B
HP Smart Web Printing 4.51
HP Solution Center 13.0
HP Update
HPDiagnosticAlert
HPPhotoGadget
HPPhotoSmartDiscLabelContent1
HPPhotosmartEssential
HPProductAssistant
HPSSupply
iTunes
Java 7 Update 25
Java Auto Updater
Java 7 Update 5 (64-bit)
JMicron JMB36X Driver
Junk Mail filter update
Left 4 Dead 2
Malwarebytes Anti-Malware version 1.75.0.1300
MarketResearch
Maxtor MaxBlast
McAfee Security Scan Plus
Mesh Runtime
Messenger Companion
Metro 2033
Microsoft .NET Framework 4 Client Profile
Microsoft .NET Framework 4 Extended
Microsoft Application Error Reporting
Microsoft Games for Windows - LIVE Redistributable
Microsoft Games for Windows Marketplace
Microsoft Office 2007 Service Pack 3 (SP3)
Microsoft Office Access MUI (English) 2007
Microsoft Office Access Setup Metadata MUI (English) 2007
Microsoft Office Enterprise 2007
Microsoft Office Excel MUI (English) 2007
Microsoft Office File Validation Add-In
Microsoft Office Groove MUI (English) 2007
Microsoft Office Groove Setup Metadata MUI (English) 2007
Microsoft Office InfoPath MUI (English) 2007
Microsoft Office Office 64-bit Components 2007
Microsoft Office OneNote MUI (English) 2007
Microsoft Office Outlook Connector
Microsoft Office Outlook MUI (English) 2007
Microsoft Office PowerPoint MUI (English) 2007
Microsoft Office Proof (English) 2007
Microsoft Office Proof (French) 2007
Microsoft Office Proof (Spanish) 2007
Microsoft Office Proofing (English) 2007
Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
Microsoft Office Publisher MUI (English) 2007
Microsoft Office Shared 64-bit MUI (English) 2007
Microsoft Office Shared 64-bit Setup Metadata MUI (English) 2007
Microsoft Office Shared MUI (English) 2007
Microsoft Office Shared Setup Metadata MUI (English) 2007
Microsoft Office Word MUI (English) 2007
Microsoft Primary Interoperability Assemblies 2005
Microsoft Silverlight
Microsoft SQL Server 2005 Compact Edition [ENU]
Microsoft Visual C++ 2005 ATL Update kb973923 - x64 8.0.50727.4053
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
Microsoft Visual C++ 2005 Redistributable
Microsoft Visual C++ 2005 Redistributable (x64)
Microsoft Visual C++ 2005 Redistributable (x64) - KB2467175
Microsoft Visual C++ 2008 ATL Update kb973924 - x64 9.0.30729.4148
Microsoft Visual C++ 2008 Redistributable - KB2467174 - x64 9.0.30729.5570
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.51106
Microsoft Visual C++ 2012 x86 Additional Runtime - 11.0.51106
Microsoft Visual C++ 2012 x86 Minimum Runtime - 11.0.51106
Mozilla Firefox 23.0.1 (x86 en-GB)
Mozilla Maintenance Service
MSVCRT
MSVCRT_amd64
MSXML 4.0 SP2 (KB954430)
MSXML 4.0 SP2 (KB973688)
Nero 7 Ultra Edition
neroxml
Network64
NVIDIA 3D Vision Controller Driver 320.49
NVIDIA 3D Vision Driver 320.49
NVIDIA Control Panel 320.49
NVIDIA Display Control Panel
NVIDIA GeForce Experience 1.6
NVIDIA Graphics Driver 320.49
NVIDIA Install Application
NVIDIA PhysX
NVIDIA PhysX System Software 9.13.0604
NVIDIA Stereoscopic 3D Driver
NVIDIA Update 7.2.17
NVIDIA Update Components
NVIDIA Virtual Audio 1.2.1
OCR Software by I.R.I.S. 13.0
Open Broadcaster Software
Orcs Must Die! 2
Origin
PC Probe II
PCMark Vantage
PlanetSide 2
Platform
PunkBuster Services
Quake 4
Realtek 8136 8168 8169 Ethernet Driver
Saints Row: The Third
Samsung Kies
SAMSUNG USB Driver for Mobile Phones
Scan
Security Update for Microsoft .NET Framework 4 Client Profile (KB2160841)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2446708)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2478663)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2518870)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2539636)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2572078)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2604121)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2633870)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2656351)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2656368)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2656368v2)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2656405)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2686827)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2729449)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2736428)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2737019)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2742595)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2789642)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2804576)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2835393)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2840628)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2840628v2)
Security Update for Microsoft .NET Framework 4 Extended (KB2487367)
Security Update for Microsoft .NET Framework 4 Extended (KB2656351)
Security Update for Microsoft .NET Framework 4 Extended (KB2736428)
Security Update for Microsoft .NET Framework 4 Extended (KB2742595)
Security Update for Microsoft Office 2007 suites (KB2596615) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2596744) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2596754) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2596785) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2596792) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2596871) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2597969) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2687309) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2687311) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2687439) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2760416) 32-Bit Edition
Security Update for Microsoft Office Excel 2007 (KB2687307) 32-Bit Edition
Security Update for Microsoft Office InfoPath 2007 (KB2687440) 32-Bit Edition
Security Update for Microsoft Office PowerPoint 2007 (KB2596764) 32-Bit Edition
Security Update for Microsoft Office PowerPoint 2007 (KB2596912) 32-Bit Edition
Security Update for Microsoft Office Publisher 2007 (KB2597971) 32-Bit Edition
Security Update for Microsoft Office Word 2007 (KB2760421) 32-Bit Edition
Shared C Run-time for x64
SHIELD Streaming
Shop for HP Supplies
Skype™ 6.3
SmartWebPrinting
SolutionCenter
Splashtop Software Updater
Splashtop Streamer
Status
Steam
System Requirements Lab
System Requirements Lab for Intel
TeamSpeak 3 Client
TechPowerUp GPU-Z
The War Z
TomTom HOME
TomTom HOME Visual Studio Merge Modules
Toolbox
TrayApp
Uninstall 1.0.0.1
UnloadSupport
Update for 2007 Microsoft Office System (KB967642)
Update for Microsoft .NET Framework 4 Client Profile (KB2468871)
Update for Microsoft .NET Framework 4 Client Profile (KB2533523)
Update for Microsoft .NET Framework 4 Client Profile (KB2600217)
Update for Microsoft .NET Framework 4 Client Profile (KB2836939)
Update for Microsoft .NET Framework 4 Extended (KB2468871)
Update for Microsoft .NET Framework 4 Extended (KB2533523)
Update for Microsoft .NET Framework 4 Extended (KB2600217)
Update for Microsoft .NET Framework 4 Extended (KB2836939)
Update for Microsoft Office 2007 Help for Common Features (KB963673)
Update for Microsoft Office 2007 suites (KB2596620) 32-Bit Edition
Update for Microsoft Office 2007 suites (KB2596660) 32-Bit Edition
Update for Microsoft Office 2007 suites (KB2596848) 32-Bit Edition
Update for Microsoft Office 2007 suites (KB2687493) 32-Bit Edition
Update for Microsoft Office 2007 suites (KB2767849) 32-Bit Edition
Update for Microsoft Office 2007 suites (KB2767916) 32-Bit Edition
Update for Microsoft Office Access 2007 Help (KB963663)
Update for Microsoft Office Excel 2007 Help (KB963678)
Update for Microsoft Office Infopath 2007 Help (KB963662)
Update for Microsoft Office OneNote 2007 Help (KB963670)
Update for Microsoft Office Outlook 2007 (KB2687404) 32-Bit Edition
Update for Microsoft Office Outlook 2007 (KB2768023) 32-Bit Edition
Update for Microsoft Office Outlook 2007 Help (KB963677)
Update for Microsoft Office Outlook 2007 Junk Email Filter (KB2817642) 32-Bit Edition
Update for Microsoft Office Powerpoint 2007 Help (KB963669)
Update for Microsoft Office Publisher 2007 Help (KB963667)
Update for Microsoft Office Script Editor Help (KB963671)
Update for Microsoft Office Word 2007 Help (KB963665)
VC80CRTRedist - 8.0.50727.6195
VIA Platform Device Manager
WebReg
Windows Live Communications Platform
Windows Live Essentials
Windows Live Family Safety
Windows Live ID Sign-in Assistant
Windows Live Installer
Windows Live Language Selector
Windows Live Mail
Windows Live Mesh
Windows Live Mesh ActiveX Control for Remote Connections
Windows Live Messenger
Windows Live Messenger Companion Core
Windows Live MIME IFilter
Windows Live Movie Maker
Windows Live Photo Common
Windows Live Photo Gallery
Windows Live PIMT Platform
Windows Live Remote Client
Windows Live Remote Client Resources
Windows Live Remote Service
Windows Live Remote Service Resources
Windows Live SOXE
Windows Live SOXE Definitions
Windows Live UX Platform
Windows Live UX Platform Language Pack
Windows Live Writer
Windows Live Writer Resources
WinRAR archiver
.
==== Event Viewer Messages From Past Week ========
.
25/08/2013 05:53:20, Error: mbamchameleon [61440] -
25/08/2013 03:28:59, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1084" attempting to start the service McNaiAnn with arguments "" in order to run the server: {DC7EF8E1-824F-4110-AB43-1604DA9B4F40}
25/08/2013 03:27:35, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1084" attempting to start the service wuauserv with arguments "" in order to run the server: {E60687F7-01A1-40AA-86AC-DB1CBF673334}
25/08/2013 03:25:18, Error: Service Control Manager [7001] - The Network List Service service depends on the Network Location Awareness service which failed to start because of the following error: The dependency service or group failed to start.
25/08/2013 03:25:17, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1084" attempting to start the service WSearch with arguments "" in order to run the server: {9E175B6D-F52A-11D8-B9A5-505054503030}
25/08/2013 03:25:17, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1084" attempting to start the service WSearch with arguments "" in order to run the server: {7D096C5F-AC08-4F1F-BEB7-5C22C517CE39}
25/08/2013 03:25:17, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1068" attempting to start the service netprofm with arguments "" in order to run the server: {A47979D2-C419-11D9-A5B4-001185AD2B89}
25/08/2013 03:25:17, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1068" attempting to start the service netman with arguments "" in order to run the server: {BA126AD1-2166-11D1-B1D0-00805FC1270E}
25/08/2013 03:25:16, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1084" attempting to start the service EventSystem with arguments "" in order to run the server: {1BE1F766-5536-11D1-B726-00C04FB926AF}
25/08/2013 03:25:07, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1084" attempting to start the service ShellHWDetection with arguments "" in order to run the server: {DD522ACC-F821-461A-A407-50B198B896DC}
25/08/2013 03:24:58, Error: Service Control Manager [7026] - The following boot-start or system-start driver(s) failed to load: AFD AsIO DfsC discache mfehidk NetBIOS NetBT nsiproxy Psched rdbss spldr tdx Wanarpv6 WfpLwf
25/08/2013 03:24:58, Error: Service Control Manager [7001] - The Workstation service depends on the Network Store Interface Service service which failed to start because of the following error: The dependency service or group failed to start.
25/08/2013 03:24:58, Error: Service Control Manager [7001] - The TCP/IP NetBIOS Helper service depends on the Ancillary Function Driver for Winsock service which failed to start because of the following error: A device attached to the system is not functioning.
25/08/2013 03:24:58, Error: Service Control Manager [7001] - The SMB MiniRedirector Wrapper and Engine service depends on the Redirected Buffering Sub Sysytem service which failed to start because of the following error: A device attached to the system is not functioning.
25/08/2013 03:24:58, Error: Service Control Manager [7001] - The SMB 2.0 MiniRedirector service depends on the SMB MiniRedirector Wrapper and Engine service which failed to start because of the following error: The dependency service or group failed to start.
25/08/2013 03:24:58, Error: Service Control Manager [7001] - The SMB 1.x MiniRedirector service depends on the SMB MiniRedirector Wrapper and Engine service which failed to start because of the following error: The dependency service or group failed to start.
25/08/2013 03:24:58, Error: Service Control Manager [7001] - The Network Store Interface Service service depends on the NSI proxy service driver. service which failed to start because of the following error: A device attached to the system is not functioning.
25/08/2013 03:24:58, Error: Service Control Manager [7001] - The Network Location Awareness service depends on the Network Store Interface Service service which failed to start because of the following error: The dependency service or group failed to start.
25/08/2013 03:24:58, Error: Service Control Manager [7001] - The McAfee Validation Trust Protection Service service depends on the McAfee Inc. mfehidk service which failed to start because of the following error: A device attached to the system is not functioning.
25/08/2013 03:24:58, Error: Service Control Manager [7001] - The McAfee Proxy Service service depends on the McAfee Firewall Core Service service which failed to start because of the following error: The dependency service or group failed to start.
25/08/2013 03:24:58, Error: Service Control Manager [7001] - The McAfee Personal Firewall Service service depends on the Windows Firewall service which failed to start because of the following error: The dependency service or group failed to start.
25/08/2013 03:24:58, Error: Service Control Manager [7001] - The McAfee McShield service depends on the McAfee Validation Trust Protection Service service which failed to start because of the following error: The dependency service or group failed to start.
25/08/2013 03:24:58, Error: Service Control Manager [7001] - The McAfee Firewall Core Service service depends on the McAfee Validation Trust Protection Service service which failed to start because of the following error: The dependency service or group failed to start.
25/08/2013 03:24:58, Error: Service Control Manager [7001] - The IP Helper service depends on the Network Store Interface Service service which failed to start because of the following error: The dependency service or group failed to start.
25/08/2013 03:24:58, Error: Service Control Manager [7001] - The DNS Client service depends on the NetIO Legacy TDI Support Driver service which failed to start because of the following error: A device attached to the system is not functioning.
25/08/2013 03:24:58, Error: Service Control Manager [7001] - The DHCP Client service depends on the Ancillary Function Driver for Winsock service which failed to start because of the following error: A device attached to the system is not functioning.
25/08/2013 01:24:39, Error: Service Control Manager [7034] - The hpqcxs08 service terminated unexpectedly. It has done this 1 time(s).
25/08/2013 01:24:39, Error: Service Control Manager [7034] - The HP CUE DeviceDiscovery Service service terminated unexpectedly. It has done this 1 time(s).
23/08/2013 16:00:03, Error: NetBT [4321] - The name "WORKGROUP :1d" could not be registered on the interface with IP address 192.168.1.70. The computer with the IP address 192.168.1.90 did not allow the name to be claimed by this computer.
21/08/2013 18:59:41, Error: volsnap [36] - The shadow copies of volume C: were aborted because the shadow copy storage could not grow due to a user imposed limit.
.
==== End Of File ===========================

Maniac · August 25, 2013

Step 1

Please uninstall this application: BitTorrent

Step 2

Launch Malwarebytes' Anti-Malware
Go to Update tab and select Check for Updates. If an update is found, it will download and install the latest version.
Go to Scanner tab and select Perform Quick Scan, then click Scan.
The scan may take some time to finish,so please be patient.
When the scan is complete, click OK, then Show Results to view the results.
Make sure that everything is checked, and click Remove Selected.
When disinfection is completed, a log will open in Notepad and you may be prompted to Restart. (See Extra Note)
The log is automatically saved by MBAM and can be viewed by clicking the Logs tab in MBAM.
Copy&Paste the entire report in your next reply.

Extra Note: If MBAM encounters a file that is difficult to remove, you will be presented with 1 of 2 prompts, click OK to either and let MBAM proceed with the disinfection process, if asked to restart the computer,please do so immediately.

Step 3

Download OTL to your Desktop

Double click on the icon to run it. Make sure all other windows are closed and to let it run uninterrupted.
Please tick the Scan All users. Next, click the Quick Scan button. The scan wont take long.
- When the scan completes, it will open two notepad windows. OTL.Txt and Extras.Txt. These are saved in the same location as OTL.
- Please copy (Edit->Select All, Edit->Copy) the contents of these files, one at a time and post them in your topic.

In your next reply, post the following log files:

Malwarebytes' Anti-Malware log
OTL log with Extras.txt

azy · August 25, 2013

Ok sorry about the bittorrent i thought i had it uninstalled

i used Malwarebytes before i asked for your help and it found some infections and i removed them, so i will give you a copy of them logs (THERE ARE 3 LOGS) and il also give you logs of the recent one i do now

PREVious LOGS ( I did before i came to you)

(1)
Malwarebytes Anti-Malware 1.75.0.1300
www.malwarebytes.org

Database version: v2013.08.25.01

Windows 7 Service Pack 1 x64 NTFS
Internet Explorer 10.0.9200.16660
Aneil :: MEGAEXTREMEPC [limited]

25/08/2013 01:40:13
mbam-log-2013-08-25 (01-40-13).txt

Scan type: Full scan (C:\|D:\|)
Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM
Scan options disabled: P2P
Objects scanned: 56091
Time elapsed: 11 minute(s), 59 second(s) [aborted]

Memory Processes Detected: 0
(No malicious items detected)

Memory Modules Detected: 0
(No malicious items detected)

Registry Keys Detected: 8
HKCR\AppID\{CA5CAA63-B27C-4963-9BEC-CB16A36D56F8} (PUP.Optional.MySearchDial.A) -> Quarantined and deleted successfully.
HKCR\CLSID\{D40753C7-8A59-4C1F-BE88-C300F4624D5B} (PUP.Optional.MySearchDial.A) -> Quarantined and deleted successfully.
HKCR\TypeLib\{C292AD0A-C11F-479B-B8DB-743E72D283B0} (PUP.Optional.MySearchDial.A) -> Quarantined and deleted successfully.
HKCR\esrv.mysearchdialESrvc.1 (PUP.Optional.MySearchDial.A) -> Quarantined and deleted successfully.
HKCR\esrv.mysearchdialESrvc (PUP.Optional.MySearchDial.A) -> Quarantined and deleted successfully.
HKCR\CLSID\{DF84E609-C3A4-49CB-A160-61767DAF8899} (PUP.Optional.WebCake.A) -> Quarantined and deleted successfully.
HKCR\Interface\{DF84E609-C3A4-49CB-A160-61767DAF8899} (PUP.Optional.WebCake.A) -> Quarantined and deleted successfully.
HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{219046AE-358F-4CF1-B1FD-2B4DE83642A8} (PUP.Optional.MySearchDial.A) -> Quarantined and deleted successfully.

Registry Values Detected: 0
(No malicious items detected)

Registry Data Items Detected: 0
(No malicious items detected)

Folders Detected: 0
(No malicious items detected)

Files Detected: 0
(No malicious items detected)

(end)

(2)
Malwarebytes Anti-Malware 1.75.0.1300
www.malwarebytes.org

Database version: v2013.08.25.01

Windows 7 Service Pack 1 x64 NTFS
Internet Explorer 10.0.9200.16660
Aneil :: MEGAEXTREMEPC [limited]

25/08/2013 01:53:08
mbam-log-2013-08-25 (01-53-08).txt

Scan type: Quick scan
Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM
Scan options disabled: P2P
Objects scanned: 248930
Time elapsed: 5 minute(s), 37 second(s)

Memory Processes Detected: 0
(No malicious items detected)

Memory Modules Detected: 0
(No malicious items detected)

Registry Keys Detected: 2
HKCU\Software\DataMngr (PUP.Optional.DataMngr) -> Quarantined and deleted successfully.
HKLM\SOFTWARE\InstallCore\mysearchdial (PUP.Optional.MySearchDial.A) -> Quarantined and deleted successfully.

Registry Values Detected: 0
(No malicious items detected)

Registry Data Items Detected: 1
HKLM\SOFTWARE\Microsoft\Internet Explorer\Main|Start Page (PUP.Optional.MySearchDial.A) -> Bad: (http://start.mysearchdial.com/?f=1&a=dnldmsd&cd=2XzuyEtN2Y1L1QzuyEzzyD0BtAzyyEzyyDzy0FyB0E0C0DtDtN0D0Tzu0CyDyCtAtN1L2XzutBtFtBtFyEtFyBtAtCtN1L1Czu1Q1G1I1Q1H1B1Q&cr=2041211840&ir=) Good: (http://www.google.com) -> Quarantined and repaired successfully.

Folders Detected: 7
C:\Users\Aneil\AppData\Roaming\Babylon (PUP.Optional.Babylon.A) -> Quarantined and deleted successfully.
C:\ProgramData\Tarma Installer (PUP.Optional.Tarma.A) -> Quarantined and deleted successfully.
C:\ProgramData\Tarma Installer\{361E80BE-388B-4270-BF54-A10C2B756504} (PUP.Optional.Tarma.A) -> Quarantined and deleted successfully.
C:\ProgramData\Tarma Installer\{361E80BE-388B-4270-BF54-A10C2B756504}\Cache (PUP.Optional.Tarma.A) -> Quarantined and deleted successfully.
C:\Users\Aneil\AppData\Roaming\mysearchdial (PUP.Optional.MySearchDial.A) -> Quarantined and deleted successfully.
C:\Users\Aneil\AppData\Roaming\mysearchdial\icons_2.2.4.731 (PUP.Optional.MySearchDial.A) -> Quarantined and deleted successfully.
C:\Users\Aneil\AppData\Roaming\mysearchdial\UpdateProc (PUP.Optional.MySearchDial.A) -> Quarantined and deleted successfully.

Files Detected: 11
C:\ProgramData\Tarma Installer\{361E80BE-388B-4270-BF54-A10C2B756504}\Setup.exe (PUP.Optional.Tarma.A) -> Quarantined and deleted successfully.
C:\Users\Aneil\AppData\Roaming\Babylon\log_file.txt (PUP.Optional.Babylon.A) -> Quarantined and deleted successfully.
C:\Users\Aneil\AppData\Local\mysearchdial_speedial_v9.0.2.crx (PUP.Optional.MySearchDial.A) -> Quarantined and deleted successfully.
C:\ProgramData\Tarma Installer\{361E80BE-388B-4270-BF54-A10C2B756504}\Setup.dat (PUP.Optional.Tarma.A) -> Quarantined and deleted successfully.
C:\ProgramData\Tarma Installer\{361E80BE-388B-4270-BF54-A10C2B756504}\Setup.ico (PUP.Optional.Tarma.A) -> Quarantined and deleted successfully.
C:\ProgramData\Tarma Installer\{361E80BE-388B-4270-BF54-A10C2B756504}\_Setup.dll (PUP.Optional.Tarma.A) -> Quarantined and deleted successfully.
C:\ProgramData\Tarma Installer\{361E80BE-388B-4270-BF54-A10C2B756504}\_Setupx.dll (PUP.Optional.Tarma.A) -> Quarantined and deleted successfully.
C:\Users\Aneil\AppData\Roaming\mysearchdial\icons_2.2.4.731\magnifying.ico (PUP.Optional.MySearchDial.A) -> Quarantined and deleted successfully.
C:\Users\Aneil\AppData\Roaming\mysearchdial\icons_2.2.4.731\star2.ico (PUP.Optional.MySearchDial.A) -> Quarantined and deleted successfully.
C:\Users\Aneil\AppData\Roaming\mysearchdial\UpdateProc\config.dat (PUP.Optional.MySearchDial.A) -> Quarantined and deleted successfully.
C:\Users\Aneil\AppData\Roaming\mysearchdial\UpdateProc\TTL.DAT (PUP.Optional.MySearchDial.A) -> Quarantined and deleted successfully.

(end)

(3)
Malwarebytes Anti-Malware 1.75.0.1300
www.malwarebytes.org

Database version: v2013.08.25.01

Windows 7 Service Pack 1 x64 NTFS
Internet Explorer 10.0.9200.16660
Aneil :: MEGAEXTREMEPC [administrator]

25/08/2013 02:33:47
mbam-log-2013-08-25 (02-33-47).txt

Scan type: Quick scan
Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM
Scan options disabled: P2P
Objects scanned: 248914
Time elapsed: 4 minute(s), 11 second(s)

Memory Processes Detected: 0
(No malicious items detected)

Memory Modules Detected: 0
(No malicious items detected)

Registry Keys Detected: 11
HKCR\AppID\{CA5CAA63-B27C-4963-9BEC-CB16A36D56F8} (PUP.Optional.MySearchDial.A) -> Quarantined and deleted successfully.
HKCR\CLSID\{D40753C7-8A59-4C1F-BE88-C300F4624D5B} (PUP.Optional.MySearchDial.A) -> Quarantined and deleted successfully.
HKCR\TypeLib\{C292AD0A-C11F-479B-B8DB-743E72D283B0} (PUP.Optional.MySearchDial.A) -> Quarantined and deleted successfully.
HKCR\esrv.mysearchdialESrvc.1 (PUP.Optional.MySearchDial.A) -> Quarantined and deleted successfully.
HKCR\esrv.mysearchdialESrvc (PUP.Optional.MySearchDial.A) -> Quarantined and deleted successfully.
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Settings\{3004627E-F8E9-4E8B-909D-316753CBA923} (PUP.Optional.MySearchDial.A) -> Quarantined and deleted successfully.
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{3004627E-F8E9-4E8B-909D-316753CBA923} (PUP.Optional.MySearchDial.A) -> Quarantined and deleted successfully.
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Settings\{EF5625A3-37AB-4BDB-9875-2A3D91CD0DFD} (PUP.Optional.MySearchDial.A) -> Quarantined and deleted successfully.
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{EF5625A3-37AB-4BDB-9875-2A3D91CD0DFD} (PUP.Optional.MySearchDial.A) -> Quarantined and deleted successfully.
HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{219046AE-358F-4CF1-B1FD-2B4DE83642A8} (PUP.Optional.MySearchDial.A) -> Quarantined and deleted successfully.
HKLM\SOFTWARE\InstallCore\mysearchdial (PUP.Optional.MySearchDial.A) -> Quarantined and deleted successfully.

Registry Values Detected: 0
(No malicious items detected)

Registry Data Items Detected: 1
HKLM\SOFTWARE\Microsoft\Internet Explorer\Main|Start Page (PUP.Optional.MySearchDial.A) -> Bad: (http://start.mysearchdial.com/?f=1&a=dnldmsd&cd=2XzuyEtN2Y1L1QzuyEzzyD0BtAzyyEzyyDzy0FyB0E0C0DtDtN0D0Tzu0CyCtDtBtN1L2XzutBtFtBtFyEtFyBtAtCtN1L1Czu1Q1G1I1Q1H1B1Q&cr=1349192636&ir=) Good: (http://www.google.com) -> Quarantined and repaired successfully.

Folders Detected: 3
C:\Users\Aneil\AppData\Roaming\mysearchdial (PUP.Optional.MySearchDial.A) -> Quarantined and deleted successfully.
C:\Users\Aneil\AppData\Roaming\mysearchdial\icons_2.2.4.731 (PUP.Optional.MySearchDial.A) -> Quarantined and deleted successfully.
C:\Users\Aneil\AppData\Roaming\mysearchdial\UpdateProc (PUP.Optional.MySearchDial.A) -> Quarantined and deleted successfully.

Files Detected: 4
C:\Users\Aneil\AppData\Local\mysearchdial_speedial_v9.0.2.crx (PUP.Optional.MySearchDial.A) -> Quarantined and deleted successfully.
C:\Users\Aneil\AppData\Roaming\mysearchdial\icons_2.2.4.731\magnifying.ico (PUP.Optional.MySearchDial.A) -> Quarantined and deleted successfully.
C:\Users\Aneil\AppData\Roaming\mysearchdial\icons_2.2.4.731\star2.ico (PUP.Optional.MySearchDial.A) -> Quarantined and deleted successfully.
C:\Users\Aneil\AppData\Roaming\mysearchdial\UpdateProc\config.dat (PUP.Optional.MySearchDial.A) -> Quarantined and deleted successfully.

(end)

RECENT LOG

Malwarebytes Anti-Malware 1.75.0.1300
www.malwarebytes.org

Database version: v2013.08.25.05

Windows 7 Service Pack 1 x64 NTFS
Internet Explorer 10.0.9200.16660
Aneil :: MEGAEXTREMEPC [administrator]

25/08/2013 19:22:37
mbam-log-2013-08-25 (19-22-37).txt

Scan type: Quick scan
Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM
Scan options disabled: P2P
Objects scanned: 271384
Time elapsed: 5 minute(s), 8 second(s)

Memory Processes Detected: 0
(No malicious items detected)

Memory Modules Detected: 0
(No malicious items detected)

Registry Keys Detected: 0
(No malicious items detected)

Registry Values Detected: 0
(No malicious items detected)

Registry Data Items Detected: 0
(No malicious items detected)

Folders Detected: 0
(No malicious items detected)

Files Detected: 0
(No malicious items detected)

(end)

Post too long sending OTL NOW

azy · August 25, 2013

OTL LOGS

OTL

OTL logfile created on: 25/08/2013 19:38:24 - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Aneil\Desktop
64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.10.9200.16660)
Locale: 00000809 | Country: United Kingdom | Language: ENG | Date Format: dd/MM/yyyy

7.99 Gb Total Physical Memory | 5.77 Gb Available Physical Memory | 72.18% Memory free
15.98 Gb Paging File | 13.37 Gb Available in Paging File | 83.69% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 465.66 Gb Total Space | 79.92 Gb Free Space | 17.16% Space Free | Partition Type: NTFS
Drive D: | 931.51 Gb Total Space | 931.39 Gb Free Space | 99.99% Space Free | Partition Type: NTFS

Computer Name: MEGAEXTREMEPC | User Name: Aneil | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Quick Scan | Include 64bit Scans
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - [2013/08/25 19:26:20 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Aneil\Desktop\OTL.exe
PRC - [2013/08/15 03:41:39 | 000,076,888 | ---- | M] () -- C:\Windows\SysWOW64\PnkBstrA.exe
PRC - [2013/07/27 09:41:25 | 001,028,896 | ---- | M] (NVIDIA Corporation) -- C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\NvTmru.exe
PRC - [2013/07/27 09:35:36 | 001,889,568 | ---- | M] (NVIDIA Corporation) -- C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
PRC - [2013/07/27 09:35:26 | 001,209,120 | ---- | M] (NVIDIA Corporation) -- C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\ComUpdatus.exe
PRC - [2013/07/26 23:46:24 | 000,563,624 | ---- | M] (Valve Corporation) -- C:\Program Files (x86)\Common Files\Steam\SteamService.exe
PRC - [2013/07/26 23:46:22 | 001,807,272 | ---- | M] (Valve Corporation) -- C:\Program Files (x86)\Steam\Steam.exe
PRC - [2013/06/28 15:29:50 | 000,789,856 | ---- | M] (Splashtop Inc.) -- C:\Program Files (x86)\Splashtop\Splashtop Remote\Server\SRService.exe
PRC - [2013/06/21 05:15:56 | 000,413,472 | ---- | M] (NVIDIA Corporation) -- C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
PRC - [2013/05/25 01:47:30 | 027,776,968 | ---- | M] (Dropbox, Inc.) -- C:\Users\Aneil\AppData\Roaming\Dropbox\bin\Dropbox.exe
PRC - [2013/05/11 11:37:26 | 000,065,640 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
PRC - [2013/05/08 06:21:14 | 000,583,968 | ---- | M] (Splashtop Inc.) -- C:\Program Files (x86)\Splashtop\Splashtop Software Updater\SSUService.exe
PRC - [2013/04/04 14:50:32 | 000,418,376 | ---- | M] (Malwarebytes Corporation) -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe
PRC - [2013/03/25 00:01:26 | 000,232,272 | ---- | M] (Alcatel-Lucent) -- C:\Program Files (x86)\Common Files\Motive\pcContextHookShim.exe
PRC - [2013/03/22 06:07:18 | 000,093,072 | ---- | M] (TomTom) -- C:\Program Files (x86)\TomTom HOME 2\TomTomHOMEService.exe
PRC - [2013/02/14 15:56:02 | 000,376,144 | ---- | M] (Alcatel-Lucent) -- C:\Program Files (x86)\Common Files\Motive\pcCMService.exe
PRC - [2013/02/05 16:48:44 | 000,272,248 | ---- | M] (McAfee, Inc.) -- C:\Program Files (x86)\McAfee Security Scan\3.0.318\SSScheduler.exe
PRC - [2012/01/16 11:26:26 | 000,216,064 | ---- | M] (uWebb Software) -- C:\Users\Aneil\Softwares\RealTemp_370\RealTemp.exe
PRC - [2011/02/25 11:46:22 | 000,249,648 | ---- | M] (Microsoft Corporation) -- C:\Program Files (x86)\Microsoft\BingBar\SeaPort.EXE
PRC - [2010/03/25 11:02:16 | 000,611,968 | ---- | M] (ASUSTeK Computer Inc.) -- C:\Program Files (x86)\ASUS\AI Suite\QFan3\QFanHelp.exe
PRC - [2009/08/19 12:56:38 | 000,090,112 | R--- | M] (ASUSTeK Computer Inc.) -- C:\Program Files (x86)\ASUS\AsSysCtrlService\1.00.02\AsSysCtrlService.exe
PRC - [2008/06/27 18:08:52 | 000,904,776 | ---- | M] (Acronis) -- C:\Program Files (x86)\Maxtor\MaxBlast\TimounterMonitor.exe

========== Modules (No Company Name) ==========

MOD - [2013/07/27 09:50:15 | 000,013,088 | ---- | M] () -- C:\Program Files (x86)\NVIDIA Corporation\NvStreamSrv\detoured.dll
MOD - [2013/07/26 23:46:24 | 001,122,216 | ---- | M] () -- C:\Program Files (x86)\Steam\bin\chromehtml.dll
MOD - [2013/07/15 23:32:40 | 020,625,832 | ---- | M] () -- C:\Program Files (x86)\Steam\bin\libcef.dll
MOD - [2013/07/01 17:20:48 | 000,652,800 | ---- | M] () -- C:\Program Files (x86)\Steam\SDL2.dll
MOD - [2013/06/15 00:49:12 | 001,100,800 | ---- | M] () -- C:\Program Files (x86)\Steam\bin\avcodec-53.dll
MOD - [2013/06/15 00:49:12 | 000,192,000 | ---- | M] () -- C:\Program Files (x86)\Steam\bin\avformat-53.dll
MOD - [2013/06/15 00:49:12 | 000,124,416 | ---- | M] () -- C:\Program Files (x86)\Steam\bin\avutil-51.dll
MOD - [2013/03/13 21:48:52 | 024,978,944 | ---- | M] () -- C:\Users\Aneil\AppData\Roaming\Dropbox\bin\libcef.dll
MOD - [2012/11/14 00:32:50 | 003,558,400 | ---- | M] () -- C:\Users\Aneil\AppData\Roaming\Dropbox\bin\wxmsw28uh_vc.dll
MOD - [2008/06/27 17:13:26 | 001,328,408 | ---- | M] () -- C:\Program Files (x86)\Maxtor\MaxBlast\fox.dll

========== Services (SafeList) ==========

SRV:64bit: - [2013/07/27 09:49:33 | 014,984,480 | ---- | M] (NVIDIA Corporation) [Auto | Running] -- C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe -- (NvStreamSvc)
SRV:64bit: - [2013/05/27 06:50:47 | 001,011,712 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV:64bit: - [2013/02/25 23:05:10 | 000,384,048 | ---- | M] (McAfee, Inc.) [On_Demand | Stopped] -- C:\Program Files\McAfee\VirusScan\mcods.exe -- (McODS)
SRV:64bit: - [2013/02/19 13:56:14 | 000,182,752 | ---- | M] (McAfee, Inc.) [Auto | Running] -- C:\Windows\SysNative\mfevtps.exe -- (mfevtp)
SRV:64bit: - [2013/02/19 13:53:32 | 000,218,760 | ---- | M] () [Auto | Running] -- C:\Program Files\Common Files\McAfee\SystemCore\\mfefire.exe -- (mfefire)
SRV:64bit: - [2013/02/19 13:51:54 | 000,241,456 | ---- | M] () [Auto | Running] -- C:\Program Files\Common Files\McAfee\SystemCore\\mcshield.exe -- (McShield)
SRV:64bit: - [2013/02/14 15:57:04 | 000,467,280 | ---- | M] (Alcatel-Lucent) [Auto | Running] -- C:\Program Files\Common Files\Motive\pcCMService.exe -- (pcCMService64)
SRV:64bit: - [2012/08/31 13:20:06 | 000,201,304 | ---- | M] (McAfee, Inc.) [Auto | Running] -- C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe -- (McProxy)
SRV:64bit: - [2012/08/31 13:20:06 | 000,201,304 | ---- | M] (McAfee, Inc.) [Auto | Running] -- C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe -- (McNASvc)
SRV:64bit: - [2012/08/31 13:20:06 | 000,201,304 | ---- | M] (McAfee, Inc.) [Auto | Running] -- C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe -- (McNaiAnn)
SRV:64bit: - [2012/08/31 13:20:06 | 000,201,304 | ---- | M] (McAfee, Inc.) [Auto | Running] -- C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe -- (mcmscsvc)
SRV:64bit: - [2012/08/31 13:20:06 | 000,201,304 | ---- | M] (McAfee, Inc.) [Auto | Running] -- C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe -- (McMPFSvc)
SRV:64bit: - [2012/08/31 13:20:06 | 000,201,304 | ---- | M] (McAfee, Inc.) [Auto | Running] -- C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe -- (McAfee SiteAdvisor Service)
SRV:64bit: - [2010/09/22 18:10:10 | 000,057,184 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Program Files\Windows Live\Mesh\wlcrasvc.exe -- (wlcrasvc)
SRV - [2013/08/17 18:31:21 | 000,117,656 | ---- | M] (Mozilla Foundation) [On_Demand | Stopped] -- C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance)
SRV - [2013/08/15 03:41:39 | 000,076,888 | ---- | M] () [Auto | Running] -- C:\Windows\SysWOW64\PnkBstrA.exe -- (PnkBstrA)
SRV - [2013/07/27 09:35:36 | 001,889,568 | ---- | M] (NVIDIA Corporation) [Auto | Running] -- C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe -- (nvUpdatusService)
SRV - [2013/07/26 23:46:24 | 000,563,624 | ---- | M] (Valve Corporation) [On_Demand | Running] -- C:\Program Files (x86)\Common Files\Steam\SteamService.exe -- (Steam Client Service)
SRV - [2013/07/12 19:38:06 | 000,257,416 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)
SRV - [2013/06/28 15:29:50 | 000,789,856 | ---- | M] (Splashtop Inc.) [Auto | Running] -- C:\Program Files (x86)\Splashtop\Splashtop Remote\Server\SRService.exe -- (SplashtopRemoteService)
SRV - [2013/06/21 05:15:56 | 000,413,472 | ---- | M] (NVIDIA Corporation) [Auto | Running] -- C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe -- (Stereo Service)
SRV - [2013/05/11 11:37:26 | 000,065,640 | ---- | M] (Adobe Systems Incorporated) [Auto | Running] -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe -- (AdobeARMservice)
SRV - [2013/05/08 06:21:14 | 000,583,968 | ---- | M] (Splashtop Inc.) [Auto | Running] -- C:\Program Files (x86)\Splashtop\Splashtop Software Updater\SSUService.exe -- (SSUService)
SRV - [2013/04/04 14:50:32 | 000,701,512 | ---- | M] (Malwarebytes Corporation) [Auto | Stopped] -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe -- (MBAMService)
SRV - [2013/04/04 14:50:32 | 000,418,376 | ---- | M] (Malwarebytes Corporation) [Auto | Running] -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe -- (MBAMScheduler)
SRV - [2013/03/22 06:07:18 | 000,093,072 | ---- | M] (TomTom) [Auto | Running] -- C:\Program Files (x86)\TomTom HOME 2\TomTomHOMEService.exe -- (TomTomHOMEService)
SRV - [2013/02/14 15:56:02 | 000,376,144 | ---- | M] (Alcatel-Lucent) [Auto | Running] -- C:\Program Files (x86)\Common Files\Motive\pcCMService.exe -- (pcCMService)
SRV - [2013/02/05 16:48:00 | 000,235,216 | ---- | M] (McAfee, Inc.) [On_Demand | Stopped] -- C:\Program Files (x86)\McAfee Security Scan\3.0.318\McCHSvc.exe -- (McComponentHostService)
SRV - [2012/07/13 13:28:36 | 000,161,384 | R--- | M] (Skype Technologies) [Auto | Stopped] -- C:\Program Files (x86)\Skype\Updater\Updater.exe -- (SkypeUpdate)
SRV - [2011/02/28 19:44:14 | 000,183,560 | ---- | M] (Microsoft Corporation.) [On_Demand | Stopped] -- C:\Program Files (x86)\Microsoft\BingBar\BBSvc.EXE -- (BBSvc)
SRV - [2011/02/25 11:46:22 | 000,249,648 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files (x86)\Microsoft\BingBar\SeaPort.EXE -- (SeaPort)
SRV - [2011/02/21 13:36:38 | 000,016,680 | ---- | M] (Citrix Online, a division of Citrix Systems, Inc.) [On_Demand | Stopped] -- C:\Program Files (x86)\Citrix\GoToAssist\570\g2aservice.exe -- (GoToAssist)
SRV - [2010/10/22 13:08:18 | 001,039,360 | ---- | M] (Hewlett-Packard Co.) [Auto | Running] -- C:\Program Files (x86)\HP\Digital Imaging\bin\HPSLPSVC64.DLL -- (HPSLPSVC)
SRV - [2010/03/18 13:16:28 | 000,130,384 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32)
SRV - [2009/08/19 12:56:38 | 000,090,112 | R--- | M] (ASUSTeK Computer Inc.) [Auto | Running] -- C:\Program Files (x86)\ASUS\AsSysCtrlService\1.00.02\AsSysCtrlService.exe -- (AsSysCtrlService)
SRV - [2009/06/10 22:23:09 | 000,066,384 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32)
SRV - [2008/06/27 18:03:48 | 000,605,976 | ---- | M] (Maxtor) [Auto | Running] -- C:\Program Files (x86)\Common Files\Maxtor\Schedule2\schedul2.exe -- (MaxSch2Svc)

========== Driver Services (SafeList) ==========

DRV:64bit: - [2013/06/12 10:21:08 | 000,043,008 | ---- | M] (Printing Communications Assoc., Inc. (PCAUSA)) [Kernel | On_Demand | Stopped] -- C:\Program Files\Common Files\Motive\MREMP50a64.sys -- (MREMP50a64)
DRV:64bit: - [2013/06/12 10:21:08 | 000,040,960 | ---- | M] (Printing Communications Assoc., Inc. (PCAUSA)) [Kernel | On_Demand | Stopped] -- C:\Program Files\Common Files\Motive\MRESP50a64.sys -- (MRESP50a64)
DRV:64bit: - [2013/05/14 20:28:40 | 000,039,712 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\nvvad64v.sys -- (nvvad_WaveExtensible)
DRV:64bit: - [2013/04/04 14:50:32 | 000,025,928 | ---- | M] (Malwarebytes Corporation) [File_System | On_Demand | Running] -- C:\Windows\SysNative\drivers\mbam.sys -- (MBAMProtector)
DRV:64bit: - [2013/02/19 13:59:06 | 000,070,112 | ---- | M] (McAfee, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\cfwids.sys -- (cfwids)
DRV:64bit: - [2013/02/19 13:56:26 | 000,340,216 | ---- | M] (McAfee, Inc.) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\mfewfpk.sys -- (mfewfpk)
DRV:64bit: - [2013/02/19 13:55:14 | 000,106,552 | ---- | M] (McAfee, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\mferkdet.sys -- (mferkdet)
DRV:64bit: - [2013/02/19 13:54:32 | 000,771,536 | ---- | M] (McAfee, Inc.) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\mfehidk.sys -- (mfehidk)
DRV:64bit: - [2013/02/19 13:53:42 | 000,515,968 | ---- | M] (McAfee, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\mfefirek.sys -- (mfefirek)
DRV:64bit: - [2013/02/19 13:53:02 | 000,309,840 | ---- | M] (McAfee, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\mfeavfk.sys -- (mfeavfk)
DRV:64bit: - [2013/02/19 13:52:44 | 000,179,280 | ---- | M] (McAfee, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\mfeapfk.sys -- (mfeapfk)
DRV:64bit: - [2012/11/12 13:40:47 | 000,711,712 | ---- | M] (Acronis) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\timntr.sys -- (timounter)
DRV:64bit: - [2012/11/12 13:40:47 | 000,081,952 | ---- | M] (Acronis) [File_System | Auto | Running] -- C:\Windows\SysNative\drivers\tifsfilt.sys -- (tifsfilter)
DRV:64bit: - [2012/11/12 13:40:33 | 000,235,040 | ---- | M] (Acronis) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\snapman.sys -- (snapman)
DRV:64bit: - [2012/11/12 13:40:14 | 000,593,952 | ---- | M] (Acronis) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\tdrpman.sys -- (tdrpman)
DRV:64bit: - [2012/08/23 15:10:20 | 000,019,456 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\rdpvideominiport.sys -- (RdpVideoMiniport)
DRV:64bit: - [2012/08/23 15:07:35 | 000,057,856 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbFlt.sys -- (TsUsbFlt)
DRV:64bit: - [2012/08/21 13:01:20 | 000,033,240 | ---- | M] (GEAR Software Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\GEARAspiWDM.sys -- (GEARAspiWDM)
DRV:64bit: - [2012/05/12 12:31:00 | 000,121,416 | ---- | M] (MotioninJoy) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\MijXfilt.sys -- (MotioninJoyXFilter)
DRV:64bit: - [2012/04/20 16:40:58 | 000,196,440 | ---- | M] (McAfee, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HipShieldK.sys -- (HipShieldK)
DRV:64bit: - [2012/03/01 07:46:16 | 000,023,408 | ---- | M] (Microsoft Corporation) [Recognizer | Boot | Unknown] -- C:\Windows\SysNative\drivers\fs_rec.sys -- (Fs_Rec)
DRV:64bit: - [2011/12/07 19:42:28 | 000,074,960 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\xusb21.sys -- (xusb21)
DRV:64bit: - [2011/06/10 06:34:52 | 000,539,240 | ---- | M] (Realtek ) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Rt64win7.sys -- (RTL8167)
DRV:64bit: - [2011/03/11 07:41:12 | 000,107,904 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata)
DRV:64bit: - [2011/03/11 07:41:12 | 000,027,008 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata)
DRV:64bit: - [2010/11/20 14:33:35 | 000,078,720 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD)
DRV:64bit: - [2010/09/23 00:36:48 | 000,048,488 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\fssfltr.sys -- (fssfltr)
DRV:64bit: - [2009/11/02 10:16:50 | 000,033,736 | ---- | M] (HTC, Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ANDROIDUSB.sys -- (HTCAND64)
DRV:64bit: - [2009/07/18 06:18:48 | 000,109,480 | ---- | M] (JMicron Technology Corp.) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\jraid.sys -- (JRAID)
DRV:64bit: - [2009/07/16 04:38:40 | 000,015,416 | ---- | M] () [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\ASACPI.sys -- (MTsensor)
DRV:64bit: - [2009/07/14 02:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs)
DRV:64bit: - [2009/07/14 02:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2)
DRV:64bit: - [2009/07/14 02:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor)
DRV:64bit: - [2009/07/10 04:07:02 | 001,222,144 | ---- | M] (VIA Technologies, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\viahduaa.sys -- (VIAHdAudAddService)
DRV:64bit: - [2009/06/10 21:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv)
DRV:64bit: - [2009/06/10 21:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv)
DRV:64bit: - [2009/06/10 21:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a)
DRV:64bit: - [2009/06/10 21:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir)
DRV:64bit: - [2009/03/02 12:41:47 | 000,036,352 | ---- | M] (Elaborate Bytes AG) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\VClone.sys -- (VClone)
DRV:64bit: - [2008/06/27 07:51:10 | 000,088,632 | ---- | M] (Adobe Systems, Inc.) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\adfs.sys -- (adfs)
DRV:64bit: - [2007/05/14 17:06:18 | 000,027,520 | ---- | M] (Research In Motion Limited) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\RimUsb_AMD64.sys -- (RimUsb)
DRV - [2013/07/18 01:28:12 | 000,015,176 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Program Files (x86)\EVGA Precision X\RTCore64.sys -- (RTCore64)
DRV - [2013/06/12 10:21:08 | 000,021,248 | ---- | M] (Printing Communications Assoc., Inc. (PCAUSA)) [Kernel | On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Motive\MREMP50.sys -- (MREMP50)
DRV - [2013/06/12 10:21:08 | 000,020,096 | ---- | M] (Printing Communications Assoc., Inc. (PCAUSA)) [Kernel | On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Motive\MRESP50.sys -- (MRESP50)
DRV - [2009/07/14 02:19:10 | 000,019,008 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\wimmount.sys -- (WIMMount)
DRV - [2008/07/26 22:30:36 | 000,014,544 | ---- | M] (OpenLibSys.org) [Kernel | On_Demand | Running] -- C:\Users\Aneil\Softwares\RealTemp_370\WinRing0x64.sys -- (WinRing0_1_2_0)

========== Standard Registry (SafeList) ==========

========== Internet Explorer ==========

IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://start.mysearchdial.com/?f=1&a=dnldmsd&cd=2XzuyEtN2Y1L1QzuyEzzyD0BtAzyyEzyyDzy0FyB0E0C0DtDtN0D0Tzu0CyCtDtBtN1L2XzutBtFtBtFyEtFyBtAtCtN1L1Czu1Q1G1I1Q1H1B1Q&cr=1349192636&ir=
IE:64bit: - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE:64bit: - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://start.mysearchdial.com/results.php?f=4&q={searchTerms}&a=dnldmsd&cd=2XzuyEtN2Y1L1QzuyEzzyD0BtAzyyEzyyDzy0FyB0E0C0DtDtN0D0Tzu0CyDyDzztN1L2XzutBtFtBtFyEtFyBtAtCtN1L1Czu1Q1G1I1Q1H1B1Q&cr=303801308&ir=
IE:64bit: - HKLM\..\SearchScopes\{3988C273-AF1E-910A-C4F6-19432981F78C}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com
IE - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKLM\..\SearchScopes\{02599FB4-CF82-4C43-DC19-02352532679F}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://start.mysearchdial.com/results.php?f=4&q={searchTerms}&a=dnldmsd&cd=2XzuyEtN2Y1L1QzuyEzzyD0BtAzyyEzyyDzy0FyB0E0C0DtDtN0D0Tzu0CyDyDzztN1L2XzutBtFtBtFyEtFyBtAtCtN1L1Czu1Q1G1I1Q1H1B1Q&cr=303801308&ir=

IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-21-1819400540-2784741948-3935238602-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar = Preserve
IE - HKU\S-1-5-21-1819400540-2784741948-3935238602-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.co.uk/
IE - HKU\S-1-5-21-1819400540-2784741948-3935238602-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = http://uk.msn.com/?ocid=iehp
IE - HKU\S-1-5-21-1819400540-2784741948-3935238602-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = en-gb
IE - HKU\S-1-5-21-1819400540-2784741948-3935238602-1000\..\SearchScopes,DefaultScope = {3988C273-AF1E-910A-C4F6-19432981F78C}
IE - HKU\S-1-5-21-1819400540-2784741948-3935238602-1000\..\SearchScopes\{3988C273-AF1E-910A-C4F6-19432981F78C}: "URL" = http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE10SR
IE - HKU\S-1-5-21-1819400540-2784741948-3935238602-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-21-1819400540-2784741948-3935238602-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local

========== FireFox ==========

FF - prefs.js..browser.startup.homepage: "https://www.google.co.uk/"
FF - prefs.js..extensions.enabledAddons: %7BD19CA586-DD6C-4a0a-96F8-14644F340D60%7D:15.1.0
FF - prefs.js..extensions.enabledAddons: %7B4ED1F68A-5463-4931-9384-8FFF5ED91D92%7D:3.6.2
FF - prefs.js..extensions.enabledAddons: %7B972ce4c6-7e08-4474-a285-3208198ce6fd%7D:23.0.1
FF - user.js - File not found

FF:64bit: - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF64_11_8_800_94.dll File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@divx.com/DivX VOD Helper,version=1.0.0: C:\Program Files\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)
FF:64bit: - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.5.0: C:\Windows\system32\npDeployJava1.dll (Oracle Corporation)
FF:64bit: - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.5.0: C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF:64bit: - HKLM\Software\MozillaPlugins\@mcafee.com/MSC,version=10: c:\PROGRA~1\mcafee\msc\NPMCSN~1.DLL ()
FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files\Microsoft Silverlight\5.1.20513.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_8_800_94.dll ()
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=: File not found
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF - HKLM\Software\MozillaPlugins\@divx.com/DivX Browser Plugin,version=1.0.0: C:\Program Files (x86)\DivX\DivX Plus Web Player\npdivx32.dll (DivX, LLC)
FF - HKLM\Software\MozillaPlugins\@divx.com/DivX VOD Helper,version=1.0.0: C:\Program Files (x86)\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)
FF - HKLM\Software\MozillaPlugins\@esn.me/esnsonar,version=0.70.4: C:\Program Files (x86)\Battlelog Web Plugins\Sonar\0.70.4\npesnsonar.dll (ESN Social Software AB)
FF - HKLM\Software\MozillaPlugins\@esn/esnlaunch,version=2.1.7: C:\Program Files (x86)\Battlelog Web Plugins\2.1.7\npesnlaunch.dll (ESN Social Software AB)
FF - HKLM\Software\MozillaPlugins\@Google.com/GoogleEarthPlugin: C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.25.2: C:\Windows\SysWOW64\npDeployJava1.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.25.2: C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@mcafee.com/McAfeeMssPlugin: C:\Program Files (x86)\McAfee Security Scan\3.0.318\npMcAfeeMss.dll (McAfee, Inc.)
FF - HKLM\Software\MozillaPlugins\@mcafee.com/MSC,version=10: c:\PROGRA~2\mcafee\msc\NPMCSN~1.DLL ()
FF - HKLM\Software\MozillaPlugins\@mcafee.com/SAFFPlugin: C:\Program Files (x86)\McAfee\SiteAdvisor\npmcffplg32.dll (McAfee, Inc.)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files (x86)\Microsoft Silverlight\5.1.20513.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3502.0922: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3508.1109: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@Motive.com/NpMotive,version=1.0: C:\Program Files (x86)\Common Files\Motive\npMotive.dll (Alcatel-Lucent)
FF - HKLM\Software\MozillaPlugins\@Motive.com/npMotiveRequest,version=1.0: C:\Program Files (x86)\Common Files\Motive\npMotiveRequest.dll (Alcatel-Lucent)
FF - HKLM\Software\MozillaPlugins\@nvidia.com/3DVision: C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)
FF - HKLM\Software\MozillaPlugins\@nvidia.com/3DVisionStreaming: C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files (x86)\Google\Update\1.3.21.153\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files (x86)\Google\Update\1.3.21.153\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)

FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{23fcfd51-4958-4f00-80a3-ae97e717ed8b}: C:\Program Files (x86)\DivX\DivX Plus Web Player\firefox\DivXHTML5 [2012/08/26 22:15:02 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\smartwebprinting@hp.com: C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3 [2012/09/04 21:56:40 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{4ED1F68A-5463-4931-9384-8FFF5ED91D92}: C:\Program Files (x86)\McAfee\SiteAdvisor [2013/08/13 17:02:38 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{D19CA586-DD6C-4a0a-96F8-14644F340D60}: C:\Program Files (x86)\Common Files\McAfee\SystemCore [2013/08/22 18:54:36 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 23.0.1\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 23.0.1\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2013/08/17 18:31:17 | 000,000,000 | ---D | M]
FF - HKEY_CURRENT_USER\software\mozilla\Firefox\Extensions\\smartwebprinting@hp.com: C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3 [2012/09/04 21:56:40 | 000,000,000 | ---D | M]
FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Firefox 23.0.1\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components
FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Firefox 23.0.1\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2013/08/17 18:31:17 | 000,000,000 | ---D | M]

[2013/05/04 15:35:45 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Aneil\AppData\Roaming\Mozilla\Extensions
[2013/05/04 15:35:45 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Aneil\AppData\Roaming\Mozilla\Extensions\home2@tomtom.com
[2013/08/17 18:31:16 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\Mozilla Firefox\extensions
[2013/08/17 18:31:16 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\Mozilla Firefox\browser\extensions
[2013/08/17 18:31:21 | 000,000,000 | ---D | M] (Default) -- C:\Program Files (x86)\Mozilla Firefox\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
[2013/08/22 18:54:36 | 000,000,000 | ---D | M] (McAfee ScriptScan for Firefox) -- C:\PROGRAM FILES (X86)\COMMON FILES\MCAFEE\SYSTEMCORE
[2013/08/13 17:02:38 | 000,000,000 | ---D | M] (McAfee SiteAdvisor) -- C:\PROGRAM FILES (X86)\MCAFEE\SITEADVISOR
[2013/04/17 06:00:16 | 000,006,476 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\babylon.xml

O1 HOSTS File: ([2009/06/10 22:00:26 | 000,000,824 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts
O3:64bit: - HKLM\..\Toolbar: (McAfee SiteAdvisor Toolbar) - {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\Program Files (x86)\McAfee\SiteAdvisor\x64\McIEPlg.dll (McAfee, Inc.)
O3:64bit: - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
O3 - HKLM\..\Toolbar: (McAfee SiteAdvisor Toolbar) - {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\Program Files (x86)\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.)
O3 - HKLM\..\Toolbar: (Bing Bar) - {8dcb7100-df86-4384-8842-8fa844297b3f} - C:\Program Files (x86)\Microsoft\BingBar\BingExt.dll (Microsoft Corporation.)
O3 - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
O4:64bit: - HKLM..\Run: [btbb_McciTrayApp] C:\Program Files\BT Broadband Desktop Help\btbb\BTHelpNotifier.exe (Alcatel-Lucent)
O4:64bit: - HKLM..\Run: [Nvtmru] C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\nvtmru.exe (NVIDIA Corporation)
O4 - HKLM..\Run: [AcronisTimounterMonitor] C:\Program Files (x86)\Maxtor\MaxBlast\TimounterMonitor.exe (Acronis)
O4 - HKLM..\Run: [HDAudDeck] C:\Program Files (x86)\VIA\VIAudioi\VDeck\VDeck.exe (VIA)
O4 - HKLM..\Run: [JMB36X IDE Setup] C:\Windows\RaidTool\xInsIDE.exe ()
O4 - HKLM..\Run: [mcui_exe] C:\Program Files\McAfee.com\Agent\mcagent.exe (McAfee, Inc.)
O4 - HKLM..\Run: [QFan Help] C:\Program Files (x86)\ASUS\AI Suite\QFan3\QFanHelp.exe (ASUSTeK Computer Inc.)
O4 - HKU\S-1-5-19..\Run: [sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation)
O4 - HKU\S-1-5-20..\Run: [sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation)
O4 - HKU\S-1-5-21-1819400540-2784741948-3935238602-1000..\Run: [steam] C:\Program Files (x86)\Steam\steam.exe (Valve Corporation)
O4 - HKU\S-1-5-21-1819400540-2784741948-3935238602-1006..\Run: [sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation)
O4 - HKU\S-1-5-19..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found
O4 - HKU\S-1-5-20..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found
O4 - HKU\S-1-5-21-1819400540-2784741948-3935238602-1006..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found
O4 - Startup: C:\Users\Aneil\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk = C:\Users\Aneil\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoControlPanel = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: SoftwareSASGeneration = 1
O7 - HKU\S-1-5-21-1819400540-2784741948-3935238602-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000009 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000009 [] - C:\Program Files (x86)\Bonjour\mdnsNSP.dll (Apple Inc.)
O1364bit: - gopher Prefix: missing
O13 - gopher Prefix: missing
O15 - HKU\S-1-5-21-1819400540-2784741948-3935238602-1000\..Trusted Domains: clonewarsadventures.com ([]* in Trusted sites)
O15 - HKU\S-1-5-21-1819400540-2784741948-3935238602-1000\..Trusted Domains: freerealms.com ([]* in Trusted sites)
O15 - HKU\S-1-5-21-1819400540-2784741948-3935238602-1000\..Trusted Domains: soe.com ([]* in Trusted sites)
O15 - HKU\S-1-5-21-1819400540-2784741948-3935238602-1000\..Trusted Domains: sony.com ([]* in Trusted sites)
O16 - DPF: {5D6F45B3-9043-443D-A792-115447494D24} http://messenger.zone.msn.com/MessengerGamesContent/GameContent/Default/uno1/GAME_UNO1.cab (UnoCtrl Class)
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab (Reg Error: Key error.)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.254
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{3D49916A-5803-4781-8092-59288A6ED818}: DhcpNameServer = 192.168.1.254
O18:64bit: - Protocol\Handler\dssrequest {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files (x86)\McAfee\SiteAdvisor\x64\McIEPlg.dll (McAfee, Inc.)
O18:64bit: - Protocol\Handler\grooveLocalGWS - No CLSID value found
O18:64bit: - Protocol\Handler\livecall - No CLSID value found
O18:64bit: - Protocol\Handler\ms-help - No CLSID value found
O18:64bit: - Protocol\Handler\msnim - No CLSID value found
O18:64bit: - Protocol\Handler\sacore {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files (x86)\McAfee\SiteAdvisor\x64\McIEPlg.dll (McAfee, Inc.)
O18:64bit: - Protocol\Handler\skype4com - No CLSID value found
O18:64bit: - Protocol\Handler\wlmailhtml - No CLSID value found
O18:64bit: - Protocol\Handler\wlpg - No CLSID value found
O18 - Protocol\Handler\dssrequest {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files (x86)\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.)
O18 - Protocol\Handler\sacore {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files (x86)\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.)
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O18:64bit: - Protocol\Filter\application/x-mfe-ipt {3EF5086B-5478-4598-A054-786C45D75692} - c:\Program Files\McAfee\MSC\McSnIePl64.dll (McAfee, Inc.)
O18 - Protocol\Filter\application/x-mfe-ipt {3EF5086B-5478-4598-A054-786C45D75692} - c:\Program Files (x86)\McAfee\MSC\McSnIePl.dll (McAfee, Inc.)
O20:64bit: - AppInit_DLLs: (C:\PROGRA~1\NVIDIA~1\NVSTRE~1\rxinput.dll) - C:\Program Files\NVIDIA Corporation\NvStreamSrv\rxinput.dll (NVIDIA Corporation)
O20 - AppInit_DLLs: (C:\PROGRA~2\NVIDIA~1\NVSTRE~1\rxinput.dll) - C:\Program Files (x86)\NVIDIA Corporation\NvStreamSrv\rxinput.dll (NVIDIA Corporation)
O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (userinit.exe) - C:\Windows\SysWow64\userinit.exe (Microsoft Corporation)
O20:64bit: - Winlogon\Notify\GoToAssist: DllName - (C:\Program Files (x86)\Citrix\GoToAssist\570\G2AWinLogon_x64.dll) - C:\Program Files (x86)\Citrix\GoToAssist\570\g2awinlogon_x64.dll (Citrix Online, a division of Citrix Systems, Inc.)
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O30:64bit: - LSA: Authentication Packages - (relog_ap) - C:\Windows\SysNative\relog_ap.dll (Acronis)
O30 - LSA: Authentication Packages - (relog_ap) - C:\Windows\SysWow64\relog_ap.dll (Acronis)
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2013/08/25 01:26:10 | 000,000,000 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O33 - MountPoints2\{0da1e797-9a33-11e2-b528-485b394959f7}\Shell - "" = AutoRun
O33 - MountPoints2\{0da1e797-9a33-11e2-b528-485b394959f7}\Shell\AutoRun\command - "" = H:\HTC_Sync_Manager_PC.exe
O33 - MountPoints2\{153268ac-a4c0-11e0-89df-806e6f6e6963}\Shell - "" = AutoRun
O33 - MountPoints2\{153268ac-a4c0-11e0-89df-806e6f6e6963}\Shell\AutoRun\command - "" = H:\LaunchU3.exe -a
O33 - MountPoints2\{3b3e4407-5655-11e0-8e6e-485b394959f7}\Shell - "" = AutoRun
O33 - MountPoints2\{3b3e4407-5655-11e0-8e6e-485b394959f7}\Shell\AutoRun\command - "" = H:\LaunchU3.exe -a
O33 - MountPoints2\{443a1a2f-dc9b-11df-929a-485b394959f7}\Shell - "" = AutoRun
O33 - MountPoints2\{443a1a2f-dc9b-11df-929a-485b394959f7}\Shell\AutoRun\command - "" = F:\LaunchU3.exe -a
O33 - MountPoints2\{fd765833-f7fe-11e0-bb54-485b394959f7}\Shell - "" = AutoRun
O33 - MountPoints2\{fd765833-f7fe-11e0-bb54-485b394959f7}\Shell\AutoRun\command - "" = F:\Autorun.exe
O34 - HKLM BootExecute: (autocheck autochk *)
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)

========== Files/Folders - Created Within 30 Days ==========

[2013/08/25 19:26:01 | 000,602,112 | ---- | C] (OldTimer Tools) -- C:\Users\Aneil\Desktop\OTL.exe
[2013/08/25 16:46:51 | 000,688,992 | R--- | C] (Swearware) -- C:\Users\Aneil\Desktop\dds.com
[2013/08/25 16:42:04 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\McAfee
[2013/08/25 06:34:33 | 000,000,000 | ---D | C] -- C:\FRST
[2013/08/25 05:53:25 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes' Anti-Malware (portable)
[2013/08/25 02:25:19 | 000,000,000 | ---D | C] -- C:\ProgramData\HitmanPro
[2013/08/25 01:38:09 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes' Anti-Malware
[2013/08/25 01:38:03 | 000,025,928 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\mbam.sys
[2013/08/25 01:38:03 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Malwarebytes' Anti-Malware
[2013/08/25 01:25:37 | 000,000,000 | ---D | C] -- C:\Program Files\Enigma Software Group
[2013/08/25 01:24:53 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Wise Installation Wizard
[2013/08/24 17:58:35 | 000,000,000 | ---D | C] -- C:\Users\Aneil\Documents\4A Games
[2013/08/24 17:57:47 | 000,000,000 | ---D | C] -- C:\Users\Aneil\AppData\Local\4A Games
[2013/08/18 01:23:02 | 000,000,000 | ---D | C] -- C:\NvidiaLogging
[2013/08/17 18:31:15 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Mozilla Firefox
[2013/08/15 23:43:42 | 000,000,000 | RH-D | C] -- C:\Users\Aneil\AppData\Roaming\SecuROM
[2013/08/15 22:26:38 | 000,447,752 | ---- | C] (On2.com) -- C:\Windows\SysWow64\vp6vfw.dll
[2013/08/15 03:36:52 | 000,000,000 | ---D | C] -- C:\Users\Aneil\Documents\Battlefield 3
[2013/08/15 03:36:26 | 000,000,000 | ---D | C] -- C:\Users\Aneil\AppData\Local\ESN
[2013/08/15 03:36:24 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Battlelog Web Plugins
[2013/08/15 03:20:49 | 000,000,000 | ---D | C] -- C:\ProgramData\EA Core
[2013/08/15 03:20:48 | 000,000,000 | ---D | C] -- C:\ProgramData\EA Logs
[2013/08/15 03:08:11 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Battlefield 3
[2013/08/15 03:08:07 | 000,000,000 | -H-D | C] -- C:\Program Files (x86)\Common Files\EAInstaller
[2013/08/15 01:01:59 | 000,000,000 | ---D | C] -- C:\Users\Aneil\AppData\Local\Criterion Games
[2013/08/14 23:28:28 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Origin Games
[2013/08/14 23:23:36 | 000,000,000 | ---D | C] -- C:\Users\Aneil\AppData\Roaming\Origin
[2013/08/14 23:23:35 | 000,000,000 | ---D | C] -- C:\Users\Aneil\AppData\Local\Origin
[2013/08/14 23:22:59 | 000,000,000 | ---D | C] -- C:\ProgramData\Origin
[2013/08/14 23:22:58 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Origin
[2013/08/14 23:22:58 | 000,000,000 | ---D | C] -- C:\ProgramData\Electronic Arts
[2013/08/14 23:22:57 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Origin
[2013/08/10 20:02:24 | 000,196,440 | ---- | C] (McAfee, Inc.) -- C:\Windows\SysNative\drivers\HipShieldK.sys
[2013/08/10 20:02:02 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\McAfee.com
[2013/08/10 20:01:53 | 000,010,728 | ---- | C] (McAfee, Inc.) -- C:\Windows\SysNative\drivers\mfeclnk.sys
[2013/08/10 20:01:52 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\McAfee
[2013/08/10 20:01:48 | 000,515,968 | ---- | C] (McAfee, Inc.) -- C:\Windows\SysNative\drivers\mfefirek.sys
[2013/08/10 20:01:48 | 000,309,840 | ---- | C] (McAfee, Inc.) -- C:\Windows\SysNative\drivers\mfeavfk.sys
[2013/08/10 20:01:48 | 000,106,552 | ---- | C] (McAfee, Inc.) -- C:\Windows\SysNative\drivers\mferkdet.sys
[2013/08/10 20:01:48 | 000,070,112 | ---- | C] (McAfee, Inc.) -- C:\Windows\SysNative\drivers\cfwids.sys
[2013/08/10 20:01:36 | 000,000,000 | ---D | C] -- C:\Program Files\McAfee.com
[2013/08/10 20:01:36 | 000,000,000 | ---D | C] -- C:\Program Files\McAfee
[2013/08/10 20:01:34 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\McAfee
[2013/08/10 19:56:42 | 000,182,752 | ---- | C] (McAfee, Inc.) -- C:\Windows\SysNative\mfevtps.exe
[2013/07/31 00:44:22 | 000,000,000 | ---D | C] -- C:\Users\Aneil\Documents\DeadIsland
[2013/07/27 20:11:38 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Earth
[5 C:\Windows\SysWow64\*.tmp files -> C:\Windows\SysWow64\*.tmp -> ]

========== Files - Modified Within 30 Days ==========

[2013/08/25 19:26:20 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Aneil\Desktop\OTL.exe
[2013/08/25 19:10:02 | 000,000,896 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2013/08/25 18:47:19 | 000,000,830 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
[2013/08/25 16:47:05 | 000,688,992 | R--- | M] (Swearware) -- C:\Users\Aneil\Desktop\dds.com
[2013/08/25 16:45:38 | 000,019,712 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2013/08/25 16:45:38 | 000,019,712 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2013/08/25 16:37:50 | 000,000,892 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2013/08/25 16:37:39 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2013/08/25 16:37:33 | 2140,446,719 | -HS- | M] () -- C:\hiberfil.sys
[2013/08/25 01:38:09 | 000,001,113 | ---- | M] () -- C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
[2013/08/25 01:26:10 | 000,000,000 | ---- | M] () -- C:\autoexec.bat
[2013/08/23 22:01:49 | 000,000,221 | ---- | M] () -- C:\Users\Aneil\Desktop\Metro 2033.url
[2013/08/23 00:42:25 | 000,290,184 | ---- | M] () -- C:\Windows\SysWow64\PnkBstrB.xtr
[2013/08/23 00:42:25 | 000,290,184 | ---- | M] () -- C:\Windows\SysWow64\PnkBstrB.exe
[2013/08/23 00:42:15 | 000,280,904 | ---- | M] () -- C:\Windows\SysWow64\PnkBstrB.ex0
[2013/08/15 22:23:30 | 000,447,752 | ---- | M] (On2.com) -- C:\Windows\SysWow64\vp6vfw.dll
[2013/08/15 03:41:39 | 000,076,888 | ---- | M] () -- C:\Windows\SysWow64\PnkBstrA.exe
[2013/08/15 03:08:11 | 000,001,174 | ---- | M] () -- C:\Users\Public\Desktop\Battlefield 3.lnk
[2013/08/14 17:23:25 | 000,788,996 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2013/08/14 17:23:25 | 000,655,070 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2013/08/14 17:23:25 | 000,121,942 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2013/08/06 01:59:21 | 000,000,040 | ---- | M] () -- C:\ProgramData\ra3.ini
[2013/08/06 01:00:59 | 000,000,221 | ---- | M] () -- C:\Users\Aneil\Desktop\Command and Conquer Red Alert 3.url
[2013/08/02 16:48:02 | 000,000,220 | ---- | M] () -- C:\Users\Aneil\Desktop\Quake 4.url
[2013/08/01 15:42:10 | 000,000,000 | ---- | M] () -- C:\Windows\DbgOut.INI
[2013/07/30 21:45:03 | 000,000,221 | ---- | M] () -- C:\Users\Aneil\Desktop\Saints Row The Third.url
[2013/07/30 20:38:49 | 000,000,221 | ---- | M] () -- C:\Users\Aneil\Desktop\Dead Island.url
[5 C:\Windows\SysWow64\*.tmp files -> C:\Windows\SysWow64\*.tmp -> ]

========== Files Created - No Company Name ==========

[2013/08/25 01:38:09 | 000,001,113 | ---- | C] () -- C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
[2013/08/25 01:26:10 | 000,000,000 | ---- | C] () -- C:\autoexec.bat
[2013/08/23 22:01:48 | 000,000,221 | ---- | C] () -- C:\Users\Aneil\Desktop\Metro 2033.url
[2013/08/15 03:08:11 | 000,001,174 | ---- | C] () -- C:\Users\Public\Desktop\Battlefield 3.lnk
[2013/08/06 01:59:21 | 000,000,040 | ---- | C] () -- C:\ProgramData\ra3.ini
[2013/08/06 01:00:59 | 000,000,221 | ---- | C] () -- C:\Users\Aneil\Desktop\Command and Conquer Red Alert 3.url
[2013/08/02 16:48:02 | 000,000,220 | ---- | C] () -- C:\Users\Aneil\Desktop\Quake 4.url
[2013/08/01 15:42:10 | 000,000,000 | ---- | C] () -- C:\Windows\DbgOut.INI
[2013/07/30 21:45:02 | 000,000,221 | ---- | C] () -- C:\Users\Aneil\Desktop\Saints Row The Third.url
[2013/07/30 20:38:48 | 000,000,221 | ---- | C] () -- C:\Users\Aneil\Desktop\Dead Island.url
[2013/07/17 04:56:21 | 000,011,832 | ---- | C] () -- C:\Windows\SysWow64\drivers\AsInsHelp64.sys
[2013/07/17 04:56:21 | 000,010,216 | ---- | C] () -- C:\Windows\SysWow64\drivers\AsInsHelp32.sys
[2013/06/05 21:58:09 | 000,290,184 | ---- | C] () -- C:\Windows\SysWow64\PnkBstrB.exe
[2013/06/05 21:58:07 | 000,076,888 | ---- | C] () -- C:\Windows\SysWow64\PnkBstrA.exe
[2013/04/19 01:12:11 | 000,000,576 | ---- | C] () -- C:\Users\Aneil\AppData\Roaming\All CPU MeterV3_Settings.ini
[2012/09/04 21:47:33 | 000,221,276 | ---- | C] () -- C:\Windows\hpoins19.dat
[2012/09/04 21:47:33 | 000,013,898 | ---- | C] () -- C:\Windows\hpomdl19.dat
[2012/06/28 00:41:19 | 000,105,984 | ---- | C] () -- C:\Users\Aneil\Publication2 matt.pub
[2012/05/23 18:49:34 | 000,030,568 | ---- | C] () -- C:\Windows\MusiccityDownload.exe
[2012/05/23 18:49:32 | 000,974,848 | ---- | C] () -- C:\Windows\SysWow64\cis-2.4.dll
[2012/05/23 18:49:32 | 000,081,920 | ---- | C] () -- C:\Windows\SysWow64\issacapi_bs-2.3.dll
[2012/05/23 18:49:32 | 000,065,536 | ---- | C] () -- C:\Windows\SysWow64\issacapi_pe-2.3.dll
[2012/05/23 18:49:32 | 000,057,344 | ---- | C] () -- C:\Windows\SysWow64\issacapi_se-2.3.dll
[2011/11/11 19:50:00 | 000,006,656 | ---- | C] () -- C:\Users\Aneil\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2011/09/28 17:44:14 | 000,179,271 | ---- | C] () -- C:\Windows\SysWow64\xlive.dll.cat
[2011/02/14 00:10:31 | 000,007,597 | ---- | C] () -- C:\Users\Aneil\AppData\Local\Resmon.ResmonCfg

========== ZeroAccess Check ==========

[2009/07/14 05:55:00 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini

[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64

[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]

[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] /64

[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
"" = C:\Windows\SysNative\shell32.dll -- [2013/02/27 06:52:56 | 014,172,672 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2013/02/27 05:55:05 | 012,872,704 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\fastprox.dll -- [2009/07/14 02:40:51 | 000,909,312 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2010/11/20 13:19:02 | 000,606,208 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\wbemess.dll -- [2009/07/14 02:41:56 | 000,505,856 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]

========== LOP Check ==========

[2011/10/16 17:37:43 | 000,000,000 | ---D | M] -- C:\Users\Aneil\AppData\Roaming\DAEMON Tools Lite
[2013/04/28 23:16:53 | 000,000,000 | ---D | M] -- C:\Users\Aneil\AppData\Roaming\DriverCure
[2013/08/25 16:38:27 | 000,000,000 | ---D | M] -- C:\Users\Aneil\AppData\Roaming\Dropbox
[2011/12/09 22:23:54 | 000,000,000 | ---D | M] -- C:\Users\Aneil\AppData\Roaming\DVDVideoSoft
[2011/10/27 17:22:50 | 000,000,000 | ---D | M] -- C:\Users\Aneil\AppData\Roaming\DVDVideoSoftIEHelpers
[2011/03/20 21:19:12 | 000,000,000 | ---D | M] -- C:\Users\Aneil\AppData\Roaming\Gygan
[2013/04/24 18:24:25 | 000,000,000 | ---D | M] -- C:\Users\Aneil\AppData\Roaming\MotioninJoy
[2013/07/12 05:05:55 | 000,000,000 | ---D | M] -- C:\Users\Aneil\AppData\Roaming\OBS
[2013/08/15 00:44:25 | 000,000,000 | ---D | M] -- C:\Users\Aneil\AppData\Roaming\Origin
[2013/04/28 23:16:53 | 000,000,000 | ---D | M] -- C:\Users\Aneil\AppData\Roaming\ParetoLogic
[2013/08/06 02:04:33 | 000,000,000 | ---D | M] -- C:\Users\Aneil\AppData\Roaming\Red Alert 3
[2012/07/02 22:45:29 | 000,000,000 | ---D | M] -- C:\Users\Aneil\AppData\Roaming\Samsung
[2013/07/12 19:35:41 | 000,000,000 | ---D | M] -- C:\Users\Aneil\AppData\Roaming\SplitMediaLabs
[2013/07/21 10:31:02 | 000,000,000 | ---D | M] -- C:\Users\Aneil\AppData\Roaming\SystemRequirementsLab
[2013/08/01 15:42:25 | 000,000,000 | ---D | M] -- C:\Users\Aneil\AppData\Roaming\Teleca
[2012/07/02 23:15:45 | 000,000,000 | ---D | M] -- C:\Users\Aneil\AppData\Roaming\Temp
[2013/04/16 02:03:37 | 000,000,000 | ---D | M] -- C:\Users\Aneil\AppData\Roaming\TightVNC
[2013/05/04 15:35:44 | 000,000,000 | ---D | M] -- C:\Users\Aneil\AppData\Roaming\TomTom
[2013/08/18 19:34:57 | 000,000,000 | ---D | M] -- C:\Users\Aneil\AppData\Roaming\TS3Client
[2011/03/02 00:55:16 | 000,000,000 | ---D | M] -- C:\Users\Aneil\AppData\Roaming\WysePocketCloud

========== Purity Check ==========

< End of report >

azy · August 25, 2013

OTL EXTRA

OTL Extras logfile created on: 25/08/2013 19:38:24 - Run 1
OTL by OldTimer - Version 3.2.69.0     Folder = C:\Users\Aneil\Desktop
64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.10.9200.16660)
Locale: 00000809 | Country: United Kingdom | Language: ENG | Date Format: dd/MM/yyyy

7.99 Gb Total Physical Memory | 5.77 Gb Available Physical Memory | 72.18% Memory free
15.98 Gb Paging File | 13.37 Gb Available in Paging File | 83.69% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 465.66 Gb Total Space | 79.92 Gb Free Space | 17.16% Space Free | Partition Type: NTFS
Drive D: | 931.51 Gb Total Space | 931.39 Gb Free Space | 99.99% Space Free | Partition Type: NTFS

Computer Name: MEGAEXTREMEPC | User Name: Aneil | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Quick Scan | Include 64bit Scans
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days

========== Extra Registry (SafeList) ==========

========== File Associations ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.html[@ = htmlfile] -- C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation)
.url[@ = InternetShortcut] -- C:\Windows\SysNative\rundll32.exe (Microsoft Corporation)

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\SysWow64\control.exe (Microsoft Corporation)
.html [@ = htmlfile] -- C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation)

[HKEY_USERS\S-1-5-21-1819400540-2784741948-3935238602-1000\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation)

========== Shell Spawning ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htafile [open] -- "%1" %*
htmlfile [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
htmlfile [opennew] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
http [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
https [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
InternetShortcut [open] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll",OpenURL %l (Microsoft Corporation)
InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Applications\iexplore.exe [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
CLSID\{871C5380-42A0-1069-A2EA-08002B30309D} [OpenHomePage] -- "C:\Program Files\Internet Explorer\iexplore.exe" (Microsoft Corporation)

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htafile [open] -- "%1" %*
htmlfile [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
htmlfile [opennew] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
http [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
https [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Applications\iexplore.exe [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
CLSID\{871C5380-42A0-1069-A2EA-08002B30309D} [OpenHomePage] -- Reg Error: Value error.

========== Security Center Settings ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = 28 4D B2 76 41 04 CA 01 [binary data]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]

========== Firewall Settings ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1

========== Authorized Applications List ==========

========== Vista Active Open Ports Exception List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{19EAFB68-8040-4D03-8405-2EF9C8A2A627}" = lport=1900 | protocol=17 | dir=in | name=windows live communications platform (ssdp) |
"{21C5811F-8548-4F96-988D-C147329729B6}" = lport=2869 | protocol=6 | dir=in | name=windows live communications platform (upnp) |
"{57729CD6-CB42-444A-BA59-F3EFEF724799}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=svchost.exe |
"{704D229C-47D1-4870-AF4A-301A9A4D8629}" = lport=6004 | protocol=17 | dir=in | app=c:\program files (x86)\microsoft office\office12\outlook.exe |
"{7A643558-1773-4DA2-B4D2-9423B6A47C79}" = lport=2869 | protocol=6 | dir=in | app=system |
"{A708DD51-EC47-48A0-837C-A66B89DDD0E1}" = lport=48000 | protocol=17 | dir=in | app=c:\program files\nvidia corporation\nvstreamsrv\nvstreamer.exe |
"{AE6A7F8B-E239-4823-8ED0-A84407AA09FD}" = lport=47987 | protocol=6 | dir=in | app=c:\program files\nvidia corporation\nvstreamsrv\nvstreamsvc.exe |
"{D5A2A565-E284-4E71-945B-CD544B83A308}" = lport=47991 | protocol=6 | dir=in | app=c:\program files\nvidia corporation\nvstreamsrv\nvstreamer.exe |
"{ECD7FFE2-A5B6-4C7E-88A4-3BBF04B2E9F8}" = lport=5353 | protocol=17 | dir=in | app=c:\program files\nvidia corporation\nvstreamsrv\nvstreamsvc.exe |

========== Vista Active Application Exception List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{0185AD70-4788-4810-899C-2BB576626647}" = protocol=17 | dir=in | app=c:\users\aneil\appdata\local\temp\7zs0e88\hpdiagnosticcoreui.exe |
"{022F941A-3B6F-4784-B954-EAB508C46345}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hpqgpc01.exe |
"{042C8EDF-18CE-4D9B-87A2-F2719E883578}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\dead island\deadislandgame.exe |
"{04589AB4-A4F5-431F-A94E-9869E8BAAB18}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{0883AAE3-419B-4575-8E25-28751A66CA36}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steam.exe |
"{08FB0DDF-A1DE-4F6A-8AF0-74246D7324D3}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\apb reloaded\binaries\vivoxvoiceservice.exe |
"{0B2F56C3-82C6-4B0D-B55C-6607E149D46A}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\orcs must die 2\build\release\orcsmustdie2.exe |
"{0CC72B55-3B39-4857-859B-153AF1DC8505}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\half-life 2\hl2.exe |
"{0E4AAF91-9430-4BCB-8DFF-47CC1F2F228B}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hpqcopy2.exe |
"{0EC952E2-C6FB-44F4-BFA1-9C95F6228755}" = protocol=17 | dir=in | app=c:\program files (x86)\bt broadband desktop help\btbb\bthelpbrowser.exe |
"{104321B3-63CC-4E54-BC1E-7A4327BDE124}" = protocol=6 | dir=in | app=c:\program files (x86)\bt broadband desktop help\btbb\bthelpbrowser.exe |
"{11D51401-74AF-4D74-9B3D-873CAA50DEE5}" = protocol=17 | dir=in | app=c:\program files (x86)\tightvnc\vncviewer.exe |
"{1359F3CC-78CD-4DBB-BF2E-7D1652E9C090}" = protocol=6 | dir=in | app=c:\program files (x86)\bonjour\mdnsresponder.exe |
"{15C2BAFA-2837-4C15-B816-5EB9A2A1FE9B}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\burnout paradise the ultimate box\burnoutparadise.exe |
"{167E8C90-3236-4582-807B-22210DEBD657}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\team fortress 2\hl2.exe |
"{16980521-E173-4752-B6B6-C60366F3BA05}" = protocol=6 | dir=in | app=c:\program files (x86)\tightvnc\tvnserver.exe |
"{18156E42-EA1D-4208-827A-BB191F6B0044}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hpqusgh.exe |
"{1AD772DA-8D0A-48DA-8DE3-461A2EBBC417}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\left 4 dead 2\left4dead2.exe |
"{1BE5B6CD-BA39-4F38-8204-487F1E320F0C}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\saints row the third\saintsrowthethird_dx11.exe |
"{1CACE8CE-671E-40D3-B014-9F9668940EBA}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\age of empires online\aoeonline.exe |
"{1E4C812E-6A25-4950-8459-7D3E741AD372}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\dead island\deadislandgame.exe |
"{1E9982CD-CEFE-442A-AF94-0B9A57F63BAF}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\the war z\warzlauncher.exe |
"{1FB27DCF-09AE-4971-B0A4-07952B7EF2C9}" = protocol=17 | dir=in | app=c:\program files (x86)\bonjour\mdnsresponder.exe |
"{232AB8FB-8466-405D-8E11-D7AB7757D688}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\command and conquer red alert 3\support\ea help\electronic_arts_technical_support.htm |
"{27C590AA-B6DB-45E3-BEAC-8CB85C586677}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hpqnrs08.exe |
"{2A6C8E4D-CBCD-4874-BD8C-BBE8B7272398}" = dir=in | app=c:\program files (x86)\windows live\contacts\wlcomm.exe |
"{2ACBD200-9F76-4241-839B-B323E879E32D}" = protocol=17 | dir=in | app=c:\users\aneil\appdata\local\temp\7zs0cf6\hppiw.exe |
"{2D2040D4-08A0-421F-8F4E-8369FF4AE925}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\counter-strike global offensive\csgo.exe |
"{2E726AB9-0303-4596-A9A5-7AA58D63E8C3}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\dota 2 beta\dota.exe |
"{2F7B7C1B-4E6C-480F-B0ED-94E552323D2A}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hpqsudi.exe |
"{319BF63E-BCB8-41AF-9248-BF9506626077}" = protocol=6 | dir=in | app=c:\program files (x86)\microsoft office\office12\onenote.exe |
"{37C73E1B-AD7F-4BA8-BE42-0D3698877EBB}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\quake 4\quake4.exe |
"{3858F052-0416-4DA6-86A0-45C37E0DC775}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hpqfxt08.exe |
"{3932F2C0-3926-4F6D-9FB8-4FF5B8252FD8}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\burnout paradise the ultimate box\burnoutparadise.exe |
"{39C0C0C1-08A9-462B-AAC9-FD0D08F5A3A5}" = dir=in | app=c:\program files (x86)\windows live\messenger\msnmsgr.exe |
"{3C52F25C-AF4C-46E2-A06B-04A2B96DD790}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\left 4 dead 2\left4dead2.exe |
"{3C5DD889-B3E9-4903-9ECD-EDA14A8C153C}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hposid01.exe |
"{3D3C1817-1BC0-44BD-901C-7C768CDC70CB}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\counter-strike global offensive\csgo.exe |
"{3E058B7D-0D6F-477A-83BC-EB9A62E3B4CA}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\apb reloaded\binaries\vivoxvoiceservice.exe |
"{3E71F3C9-A9EF-4959-B7C9-7B7394521E3A}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\saints row the third\game_launcher.exe |
"{3F0BE0CC-EBF2-4654-A3C3-31F9F035DB66}" = protocol=17 | dir=in | app=c:\program files (x86)\battlelog web plugins\sonar\0.70.4\sonarhost.exe |
"{3FDCC699-033B-4528-9F06-7E89F5515442}" = protocol=17 | dir=in | app=c:\program files (x86)\microsoft office\office12\groove.exe |
"{41D64FB0-6755-4B43-A74E-BE6EE3D60981}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hpqkygrp.exe |
"{42DC9DE7-33F8-494E-A273-AA8038B50BC1}" = protocol=17 | dir=in | app=c:\windows\syswow64\pnkbstra.exe |
"{468AAC4F-CCC0-439C-804D-10041EA0F3CD}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\saints row the third\game_launcher.exe |
"{4933B32D-E9D2-4F39-BB2C-DCA7F981AFB9}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hpqtra08.exe |
"{4B4EE685-2946-4B7E-8265-F088E86511EF}" = protocol=17 | dir=in | app=c:\windows\syswow64\pnkbstrb.exe |
"{4D50AB38-65E0-4968-9D8A-02761C1D649C}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\burnout paradise the ultimate box\burnoutconfigtool.exe |
"{4DB433C6-03C0-45F3-A50C-DAC1F9272B77}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hpqpsapp.exe |
"{51D651F1-EE6C-4A21-A798-C2422672D58F}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\crimecraft\steamlauncher.exe |
"{56DA2D45-FFC6-40C4-9ABC-9F5662581A5B}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\apb reloaded\binaries\apb.exe |
"{5AE3BB8F-C19F-49A6-9493-B98584BA58D9}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hpqste08.exe |
"{5E69A834-8F00-4D1D-BCA7-85BE3D820460}" = dir=in | app=c:\program files (x86)\splashtop\splashtop remote\server\dataproxy.exe |
"{6477045B-D20B-485F-A166-B6123AA7DC94}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\age of empires online\aoeonline.exe |
"{64950008-F88C-4DAD-8D89-16407EF6109D}" = dir=in | app=c:\program files (x86)\splashtop\splashtop remote\server\srserver.exe |
"{64958EA6-F890-454D-B8F9-7CCC4E1B2153}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hpqpse.exe |
"{64CDFE2E-FD04-4EF6-AC53-EAAC7AA04A98}" = protocol=6 | dir=in | app=c:\program files\bt broadband desktop help\btbb\bthelpnotifier.exe |
"{683371F9-41FB-4AEC-A04A-52E37550B83C}" = protocol=6 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe |
"{6A917A5E-A8FA-4136-8F1E-373C0BE7541E}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\crimecraft\steamlauncher.exe |
"{6E043664-98CA-44B5-B332-05CE0F017F4C}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\chivalrymedievalwarfare\binaries\win32\udk.exe |
"{703CE513-6AAC-4499-A6B5-0FF2346F5B26}" = protocol=6 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{739B7B12-BB5B-4AB8-99BD-55313E574C6B}" = protocol=6 | dir=in | app=c:\program files (x86)\microsoft office\office12\groove.exe |
"{73D5B5B8-8F3C-4A1C-9CAC-E853DFA302D3}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\planetside 2\launchpad.exe |
"{799CA597-D0FC-46C0-A956-E76658B75354}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\command and conquer red alert 3\support\ea help\electronic_arts_technical_support.htm |
"{7C63E3EC-18C2-4373-8546-BA3144BD1467}" = protocol=17 | dir=in | app=c:\users\aneil\appdata\roaming\dropbox\bin\dropbox.exe |
"{7F0F692F-C98B-49FF-91E9-AA8C8F119E9E}" = dir=in | app=c:\program files (x86)\splashtop\splashtop remote\server\srfeature.exe |
"{818B7CC6-4673-4FC9-A96A-CF1DEAABFE3C}" = protocol=17 | dir=in | app=c:\program files\bt broadband desktop help\btbb\bthelpnotifier.exe |
"{83CE81A6-D6A0-444F-9A8B-663211592E89}" = protocol=6 | dir=in | app=c:\windows\syswow64\pnkbstra.exe |
"{85B24496-88A0-4AC2-A6AE-4216BF345D63}" = protocol=17 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{8689F417-9B5D-45BC-AA54-BC510A2AFB02}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hpqusgm.exe |
"{8694CD39-61B0-4D3A-91A2-4E0677CF3792}" = protocol=17 | dir=in | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{8A9C4C4F-8DB0-4597-B275-622A410C7B18}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
"{94DD41D3-D083-4D61-8A65-56814047E4CD}" = protocol=6 | dir=in | app=c:\program files\common files\mcafee\mcsvchost\mcsvhost.exe |
"{94ED9EFA-9089-4D39-A191-D40F1D871F17}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\metro 2033\metro2033.exe |
"{9892CBF3-8B14-4BB8-B963-7183EBFC28F4}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\saints row the third\saintsrowthethird.exe |
"{9C5473E1-8E13-4F0D-9BC3-B549E4D44AD6}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hpofxm08.exe |
"{9F3431A8-2E38-48E9-BDA1-8A0B19E45A10}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\quake 4\quake4.exe |
"{A029E595-7514-40C2-9B11-A23BC92CD276}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\chivalrymedievalwarfare\binaries\win32\udk.exe |
"{A1DE3CA9-DB8A-492D-99CB-8F50873542C5}" = protocol=6 | dir=in | app=c:\windows\syswow64\pnkbstrb.exe |
"{A24A006D-563F-4998-8E92-56A2499A88AF}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{A2ACCDA9-57CC-4FBA-BB7F-F508E9FB9661}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\burnout paradise the ultimate box\support\ea help\electronic_arts_technical_support.htm |
"{A2C3C1A7-B98A-4373-8251-5B7F47A2C1FB}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\the war z\warzlauncher.exe |
"{A3C15E57-BC4A-4BB7-85EF-D1EB4AA6FEC3}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\saints row the third\saintsrowthethird_dx11.exe |
"{A8F917E0-A9D5-4752-B1A8-7594625A3E71}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\medal of honor\mp\mohmpgame.exe |
"{AA65A8EB-8A28-4F49-AF52-CF324B159DC7}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{AAF7F962-5EF8-42B3-91A9-C61A2F16726D}" = protocol=6 | dir=in | app=c:\users\aneil\desktop\setup.exe |
"{ABF44B4C-6C90-4B92-B6D0-A723859E4751}" = protocol=6 | dir=in | app=c:\program files (x86)\battlelog web plugins\sonar\0.70.4\sonarhost.exe |
"{AE00A64E-267A-4CE0-800B-90C3E5C95541}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hpofxs08.exe |
"{AE21F98D-F63F-4FB0-9D1A-30DECDE5E252}" = dir=in | app=c:\program files (x86)\itunes\itunes.exe |
"{AF9875DB-A3CD-42EA-BEF1-B5C2A2BC878C}" = protocol=6 | dir=in | app=c:\windows\syswow64\muzapp.exe |
"{B18A788D-D649-4D36-ACF0-4847F85474BD}" = protocol=6 | dir=in | app=c:\program files (x86)\origin games\battlefield 3\bf3.exe |
"{B5630ACD-01E5-4FB6-97B5-BF4EAA4E33A3}" = protocol=6 | dir=in | app=c:\users\aneil\appdata\roaming\dropbox\bin\dropbox.exe |
"{B8B01E54-E5F5-49FF-B4C5-26DA32D6091E}" = protocol=17 | dir=in | app=c:\program files (x86)\origin games\battlefield 3\bf3.exe |
"{B9B79806-07FB-46D8-AC95-386C4E6D6856}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\dota 2 beta\dota.exe |
"{BBCF9CD6-A72F-4D48-9C63-531DFE3AF062}" = dir=in | app=c:\program files (x86)\common files\apple\apple application support\webkit2webprocess.exe |
"{BBF0D7A7-9507-41EE-B3DC-61D091D37B55}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\saints row the third\saintsrowthethird.exe |
"{C259B726-E694-487A-836A-517BB095C192}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\command and conquer red alert 3\runme.exe |
"{CDB94C71-28B8-49FA-8D03-6EC975C2FAF3}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\apb reloaded\binaries\apb.exe |
"{CEAE3BAA-ADF8-46C5-94A1-E538CDC6950D}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\burnout paradise the ultimate box\burnoutconfigtool.exe |
"{D4735047-67A5-4F75-8F96-2B973C151F04}" = protocol=17 | dir=in | app=c:\program files\common files\mcafee\mcsvchost\mcsvhost.exe |
"{D653F49A-09DD-4113-8F20-6EF0EC26FAF7}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hpoews01.exe |
"{D82A1309-3D0F-4393-8606-A0F42F2C8393}" = protocol=17 | dir=in | app=c:\users\aneil\desktop\setup.exe |
"{D953F76D-D36A-483D-A966-1C5FF15E0AE5}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\half-life 2\hl2.exe |
"{DAA11F8F-3AA4-4E9D-8483-5FF44F483890}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\burnout paradise the ultimate box\support\ea help\electronic_arts_technical_support.htm |
"{DE692D27-2D78-4C3C-8D40-FE1060CE482F}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hpfccopy.exe |
"{DF2C69CE-730E-4D1C-AF03-4164A8EB3381}" = protocol=17 | dir=in | app=c:\program files (x86)\microsoft office\office12\onenote.exe |
"{E05B399B-02B6-493F-B590-B590C0963D38}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hpqgplgtupl.exe |
"{E16796CD-9929-490B-A449-3CA8FE841E4D}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hposfx08.exe |
"{E3AF9D65-F79B-426C-BC6F-53F713222D21}" = dir=in | app=c:\program files (x86)\windows live\mesh\moe.exe |
"{E4107BDB-D29A-4F41-859D-B92A397B1BB2}" = protocol=6 | dir=in | app=c:\users\aneil\appdata\local\temp\7zs0cf6\hppiw.exe |
"{E6006725-52A9-4E33-B2EC-F3E9151ED7EB}" = dir=in | app=c:\program files (x86)\hp\digital imaging\smart web printing\smartwebprintexe.exe |
"{E683693A-59B0-4AB1-9464-FE3CBA29A961}" = protocol=6 | dir=in | app=c:\program files (x86)\tightvnc\vncviewer.exe |
"{E885DC21-20A6-49C7-B781-7161CB556DD3}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hpzwiz01.exe |
"{E96D9487-45AC-4236-821F-D73CEAFE371A}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steam.exe |
"{E98F9CFB-8EE4-4AA9-8714-1047609E1D9B}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\team fortress 2\hl2.exe |
"{EDD4380C-F46A-4705-B799-AC3E27C54862}" = protocol=17 | dir=in | app=c:\windows\syswow64\muzapp.exe |
"{EE7BC885-FDB4-4407-89BA-5AAF20C0629D}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hpiscnapp.exe |
"{EF8D4BD7-0F53-4111-A617-F33E26D9FEDC}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\medal of honor\mp\mohmpgame.exe |
"{F1854436-7C65-4910-8DAF-E2829AC24C67}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\metro 2033\metro2033.exe |
"{F2351BBD-BE56-433C-94CF-C2512FA501DF}" = dir=in | app=c:\program files (x86)\common files\hp\digital imaging\bin\hpqphotocrm.exe |
"{F529F601-2FEE-47D2-973A-F55F2B5BC9E2}" = dir=in | app=c:\program files (x86)\hp\hp software update\hpwucli.exe |
"{F5A63C5C-586F-4288-B7A0-2B29AA288BB7}" = protocol=17 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe |
"{F8D5AFCE-3A33-4DC6-B43D-6CBD4BAC343A}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\command and conquer red alert 3\runme.exe |
"{F999EAD7-DF9D-453D-A404-23C948AE1389}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\planetside 2\launchpad.exe |
"{FD6576F0-E28D-42AE-8233-518D7435BB91}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\orcs must die 2\build\release\orcsmustdie2.exe |
"{FE26ED5A-B832-4E73-B61F-7CF6443C85F0}" = protocol=6 | dir=in | app=c:\users\aneil\appdata\local\temp\7zs0e88\hpdiagnosticcoreui.exe |
"{FE98F801-413C-480E-AF07-F647F518F3C8}" = protocol=17 | dir=in | app=c:\program files (x86)\tightvnc\tvnserver.exe |
"TCP Query User{29B3B8E5-55F5-4838-8EE1-F667D68F0CED}C:\program files (x86)\codemasters\worms 4 mayhem\worms 4 mayhem.exe" = protocol=6 | dir=in | app=c:\program files (x86)\codemasters\worms 4 mayhem\worms 4 mayhem.exe |
"TCP Query User{4B605C55-D8FE-4D05-8E38-E5C8362A07E6}C:\program files (x86)\internet explorer\iexplore.exe" = protocol=6 | dir=in | app=c:\program files (x86)\internet explorer\iexplore.exe |
"TCP Query User{5B535108-C7A4-4FC0-A027-D59AAFF962DD}C:\program files (x86)\google\google earth\plugin\geplugin.exe" = protocol=6 | dir=in | app=c:\program files (x86)\google\google earth\plugin\geplugin.exe |
"TCP Query User{A30F287E-44FE-4EAD-A063-0E229D21B479}C:\users\aneil\aneil\not sure & games\worms 4 mayhem\3) crack\w4m crack\worms 4 mayhem.exe" = protocol=6 | dir=in | app=c:\users\aneil\aneil\not sure & games\worms 4 mayhem\3) crack\w4m crack\worms 4 mayhem.exe |
"TCP Query User{A744DCBB-70CE-4E15-BF3F-483477F19D4F}C:\program files (x86)\java\jre6\bin\javaw.exe" = protocol=6 | dir=in | app=c:\program files (x86)\java\jre6\bin\javaw.exe |
"TCP Query User{D50D5B3E-984E-4A0B-A7B4-382D87AA5882}C:\program files (x86)\java\jre7\bin\javaw.exe" = protocol=6 | dir=in | app=c:\program files (x86)\java\jre7\bin\javaw.exe |
"TCP Query User{EABA08E0-C2F5-433B-96F9-C160BDE0B5A3}C:\program files (x86)\nero\nero 7\nero home\nerohome.exe" = protocol=6 | dir=in | app=c:\program files (x86)\nero\nero 7\nero home\nerohome.exe |
"UDP Query User{110722BA-049A-4885-B44D-64FFE90782B4}C:\program files (x86)\java\jre7\bin\javaw.exe" = protocol=17 | dir=in | app=c:\program files (x86)\java\jre7\bin\javaw.exe |
"UDP Query User{17088D03-C306-4003-8050-FD17A2036D1F}C:\program files (x86)\codemasters\worms 4 mayhem\worms 4 mayhem.exe" = protocol=17 | dir=in | app=c:\program files (x86)\codemasters\worms 4 mayhem\worms 4 mayhem.exe |
"UDP Query User{35FC4CB6-86F9-4DF4-9CB4-055E61FD1807}C:\program files (x86)\java\jre6\bin\javaw.exe" = protocol=17 | dir=in | app=c:\program files (x86)\java\jre6\bin\javaw.exe |
"UDP Query User{3EBDD43D-61CA-4EEB-95DA-1E3CE4F372F0}C:\program files (x86)\google\google earth\plugin\geplugin.exe" = protocol=17 | dir=in | app=c:\program files (x86)\google\google earth\plugin\geplugin.exe |
"UDP Query User{55A348AB-3CE5-4978-A939-2C1343A680E9}C:\program files (x86)\nero\nero 7\nero home\nerohome.exe" = protocol=17 | dir=in | app=c:\program files (x86)\nero\nero 7\nero home\nerohome.exe |
"UDP Query User{821C3777-7F15-4E63-A143-1EE146CDA9E7}C:\program files (x86)\internet explorer\iexplore.exe" = protocol=17 | dir=in | app=c:\program files (x86)\internet explorer\iexplore.exe |
"UDP Query User{984AB1FD-26B3-4F5A-926C-5696FA8DDE48}C:\users\aneil\aneil\not sure & games\worms 4 mayhem\3) crack\w4m crack\worms 4 mayhem.exe" = protocol=17 | dir=in | app=c:\users\aneil\aneil\not sure & games\worms 4 mayhem\3) crack\w4m crack\worms 4 mayhem.exe |

========== HKEY_LOCAL_MACHINE Uninstall List ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{0225AD21-F3E2-4916-BFF3-65D3F9052582}" = iTunes
"{05EFBF37-0E52-4579-875C-7EEF0DFB4FCB}" = Network64
"{071c9b48-7c32-4621-a0ac-3f809523288f}" = Microsoft Visual C++ 2005 Redistributable (x64)
"{1AAF3A3B-7B32-4DDF-8ABB-438DAEB46EEC}" = Windows Live Family Safety
"{1B8ABA62-74F0-47ED-B18C-A43128E591B8}" = Windows Live ID Sign-in Assistant
"{1D8E6291-B0D5-35EC-8441-6616F567A0F7}" = Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219
"{26A24AE4-039D-4CA4-87B4-2F86417005FF}" = Java 7 Update 5 (64-bit)
"{2F72F540-1F60-4266-9506-952B21D6640D}" = Apple Mobile Device Support
"{46A5FBE9-ADB3-4493-A1CC-B4CFFD24D26A}" = Windows Live Family Safety
"{5EB6F3CB-46F4-451F-A028-7F6D8D35D7D0}" = Windows Live Language Selector
"{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161
"{656DEEDE-F6AC-47CA-A568-A1B4E34B5760}" = Windows Live Remote Service Resources
"{6BFAB6C1-6D46-46DB-A538-A269907C9F2F}" = Network64
"{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}" = Bonjour
"{8220EEFE-38CD-377E-8595-13398D740ACE}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17
"{8338783A-0968-3B85-AFC7-BAAE0A63DC50}" = Microsoft Visual C++ 2008 Redistributable - KB2467174 - x64 9.0.30729.5570
"{847B0532-55E3-4AAF-8D7B-E3A1A7CD17E5}" = Windows Live Remote Client Resources
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8E34682C-8118-31F1-BC4C-98CD9675E1C2}" = Microsoft .NET Framework 4 Extended
"{90120000-002A-0000-1000-0000000FF1CE}" = Microsoft Office Office 64-bit Components 2007
"{90120000-002A-0409-1000-0000000FF1CE}" = Microsoft Office Shared 64-bit MUI (English) 2007
"{90120000-0116-0409-1000-0000000FF1CE}" = Microsoft Office Shared 64-bit Setup Metadata MUI (English) 2007
"{95120000-00B9-0409-1000-0000000FF1CE}" = Microsoft Application Error Reporting
"{aac9fcc4-dd9e-4add-901c-b5496a07ab2e}" = Microsoft Visual C++ 2005 Redistributable (x64) - KB2467175
"{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}" = Microsoft Visual C++ 2005 Redistributable (x64)
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision" = NVIDIA 3D Vision Driver 320.49
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.ControlPanel" = NVIDIA Control Panel 320.49
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver" = NVIDIA Graphics Driver 320.49
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience" = NVIDIA GeForce Experience 1.6
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB" = NVIDIA 3D Vision Controller Driver 320.49
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX" = NVIDIA PhysX System Software 9.13.0604
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update" = NVIDIA Update 7.2.17
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_GFExperience.NvStreamSrv" = SHIELD Streaming
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_installer" = NVIDIA Install Application
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NVIDIA.Update" = NVIDIA Update Components
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_VirtualAudio.Driver" = NVIDIA Virtual Audio 1.2.1
"{B61ED343-0B14-4241-999C-490CB1A20DA4}" = HP Photosmart Officejet and Deskjet All-In-One Driver Software 13.0 Rel. B
"{B6E3757B-5E77-3915-866A-CCFC4B8D194C}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x64 8.0.50727.4053
"{D0795B21-0CDA-4a92-AB9E-6E92D8111E44}" = SAMSUNG USB Driver for Mobile Phones
"{DA54F80E-261C-41A2-A855-549A144F2F59}" = Windows Live MIME IFilter
"{DF6D988A-EEA0-4277-AAB8-158E086E439B}" = Windows Live Remote Client
"{E02A6548-6FDE-40E2-8ED9-119D7D7E641F}" = Windows Live Remote Service
"{EE936C7A-EA40-31D5-9B65-8E3E089C3828}" = Microsoft Visual C++ 2008 ATL Update kb973924 - x64 9.0.30729.4148
"{EF79C448-6946-4D71-8134-03407888C054}" = Shared C Run-time for x64
"{F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}" = Microsoft .NET Framework 4 Client Profile
"{FF21C3E6-97FD-474F-9518-8DCBE94C2854}" = 64 Bit HP CIO Components Installer
"CPUID CPU-Z_is1" = CPUID CPU-Z 1.65.0
"HP Imaging Device Functions" = HP Imaging Device Functions 13.0
"HP Photosmart Essential" = HP Photosmart Essential 3.5
"HP Smart Web Printing" = HP Smart Web Printing 4.51
"HP Solution Center & Imaging Support Tools" = HP Solution Center 13.0
"HPExtendedCapabilities" = HP Customer Participation Program 13.0
"HPOCR" = OCR Software by I.R.I.S. 13.0
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"Microsoft .NET Framework 4 Extended" = Microsoft .NET Framework 4 Extended
"NVIDIA Display Control Panel" = NVIDIA Display Control Panel
"Shop for HP Supplies" = Shop for HP Supplies
"TeamSpeak 3 Client" = TeamSpeak 3 Client

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{048298C9-A4D3-490B-9FF9-AB023A9238F3}" = Steam
"{09F25F86-F957-4051-8AB2-0E0D948BBB5D}" = 1310
"{0B0F231F-CE6A-483D-AA23-77B364F75917}" = Windows Live Installer
"{0EF5BEA9-B9D3-46d7-8958-FB69A0BAEACC}" = Status
"{0F367CA3-3B2F-43F9-A44A-25A8EE69E45D}" = Scan
"{104066F4-5897-4067-85D3-4C88B67CCF75}" = AIO_Scan
"{13A5E785-5197-4EAD-8EE3-D660271E49BC}" = Feedback Tool
"{175F0111-2968-4935-8F70-33108C6A4DE3}" = MarketResearch
"{197A3012-8C85-4FD3-AB66-9EC7E13DB92E}" = Adobe AIR
"{19BA08F7-C728-469C-8A35-BFBD3633BE08}" = Windows Live Movie Maker
"{1EC71BFB-01A3-4239-B6AF-B1AE656B15C0}" = TrayApp
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{1F6AB0E7-8CDD-4B93-8A23-AA9EB2FEFCE4}" = Junk Mail filter update
"{200FEC62-3C34-4D60-9CE8-EC372E01C08F}" = Windows Live SOXE Definitions
"{20D4A895-748C-4D88-871C-FDB1695B0169}" = Platform
"{2397CAD4-2263-4CD0-96BE-E43A980B9C9A}_is1" = Geeks3D.com FurMark 1.10.6
"{26A24AE4-039D-4CA4-87B4-2F83217025FF}" = Java 7 Update 25
"{2902F983-B4C1-44BA-B85D-5C6D52E2C441}" = Windows Live Mesh ActiveX Control for Remote Connections
"{2EEA7AA4-C203-4b90-A34F-19FB7EF1C81C}" = BufferChm
"{2FF8C687-DB7D-4adc-A5DC-57983EC25046}" = DeviceDiscovery
"{310BC5E2-31AF-49BB-904D-E71EB93645DC}" = AI Suite
"{3282FBE1-35FC-48D8-98CA-115A5EF1F9B4}" = NVIDIA PhysX
"{3336F667-9049-4D46-98B6-4C743EEBC5B1}" = Windows Live Photo Gallery
"{34F4D9A4-42C2-4348-BEF4-E553C84549E7}" = Windows Live Photo Gallery
"{3645F0DB-89E9-47CB-B2E5-ACC33209CED6}" = Driving Test Success 2003-2004
"{39F6E2B4-CFE8-C30A-66E8-489651F0F34C}" = Adobe Media Player
"{3A1B5D40-41E9-43FA-8C7B-A8667F5586EF}" = JMicron JMB36X Driver
"{3C92B2E6-380D-4fef-B4DF-4A3B4B669771}" = Copy
"{43CDF946-F5D9-4292-B006-BA0D92013021}" = WebReg
"{43FFE159-3199-4188-A1CD-629166AD1033}" = Nero 7 Ultra Edition
"{440B915A-0C85-45DB-92AE-75AE14704A64}" = Fax
"{45C56AA7-ED1B-4800-A97F-EDDF3F3520B1}" = Apple Application Support
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{4A70EF07-7F88-4434-BB61-D1DE8AE93DD4}" = SolutionCenter
"{4CB0307C-565E-4441-86BE-0DF2E4FB828C}" = Microsoft Games for Windows Marketplace
"{4CBABDFD-49F8-47FD-BE7D-ECDE7270525A}" = Windows Live PIMT Platform
"{4E76FF7E-AEBA-4C87-B788-CD47E5425B9D}" = Skype™ 6.3
"{4E7C28C7-D5DA-4E9F-A1CA-60490B54AE35}" = UnloadSupport
"{50816F92-1652-4A7C-B9BC-48F682742C4B}" = Messenger Companion
"{53C63F43-B827-42D9-8886-4698D91EA33B}" = System Requirements Lab for Intel
"{56C049BE-79E9-4502-BEA7-9754A3E60F9B}" = neroxml
"{63FF21C9-A810-464F-B60A-3111747B1A6D}" = GPBaseService2
"{681B698F-C997-42C3-B184-B489C6CA24C9}" = HPPhotoSmartDiscLabelContent1
"{682B3E4F-696A-42DE-A41C-4C07EA1678B4}" = Windows Live SOXE
"{6A05FEDF-662E-46BF-8A25-010E3F1C9C69}" = Windows Live UX Platform Language Pack
"{6B2FFB21-AC88-45C3-9A7D-4BB3E744EC91}" = HPSSupply
"{6BBA26E9-AB03-4FE7-831A-3535584CA002}" = Toolbox
"{6C772996-BFF3-3C8C-860B-B3D48FF05D65}" = Microsoft Visual C++ 2012 x86 Additional Runtime - 11.0.51106
"{6D4553DF-2095-4D10-92C0-17934733B51D}" = 1310_Help
"{6D7E031C-4C05-4265-854A-FE9FDEA9984D}" = 1310Trb
"{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable
"{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable
"{758C8301-2696-4855-AF45-534B1200980A}" = Samsung Kies
"{76285C16-411A-488A-BCE3-C83CB933D8CF}" = Battlefield 3™
"{770657D0-A123-3C07-8E44-1C83EC895118}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
"{77F8A71E-3515-4832-B8B2-2F1EDBD2E0F1}" = Bing Bar
"{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}" = Apple Software Update
"{78A96B4C-A643-4D0F-98C2-A8E16A6669F9}" = Windows Live Messenger Companion Core
"{79361740-EAE3-11E2-9911-B8AC6F98CCE3}" = Google Earth Plug-in
"{80956555-A512-4190-9CAD-B000C36D6B6B}" = Windows Live Messenger
"{832D9DE0-8AFC-4689-9819-4DBBDEBD3E4F}" = Microsoft Games for Windows - LIVE Redistributable
"{837b34e3-7c30-493c-8f6a-2b0f04e2912c}" = Microsoft Visual C++ 2005 Redistributable
"{846B5DED-DC8C-4E1A-B5B4-9F5B39A0CACE}" = HPDiagnosticAlert
"{8833FFB6-5B0C-4764-81AA-06DFEED9A476}" = Realtek 8136 8168 8169 Ethernet Driver
"{8C6D6116-B724-4810-8F2D-D047E6B7D68E}" = Mesh Runtime
"{8DD46C6A-0056-4FEC-B70A-28BB16A1F11F}" = MSVCRT
"{8e70e4e1-06d7-470b-9f74-a51bef21088e}" = Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.51106
"{8F3C31C5-9C3A-4AA8-8EFA-71290A7AD533}" = TomTom HOME Visual Studio Merge Modules
"{90024193-9F13-4877-89D5-A1CDF0CBBF28}" = Feedback Tool
"{90120000-0015-0409-0000-0000000FF1CE}" = Microsoft Office Access MUI (English) 2007
"{90120000-0015-0409-0000-0000000FF1CE}_ENTERPRISE_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0016-0409-0000-0000000FF1CE}" = Microsoft Office Excel MUI (English) 2007
"{90120000-0016-0409-0000-0000000FF1CE}_ENTERPRISE_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0018-0409-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (English) 2007
"{90120000-0018-0409-0000-0000000FF1CE}_ENTERPRISE_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0019-0409-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (English) 2007
"{90120000-0019-0409-0000-0000000FF1CE}_ENTERPRISE_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-001A-0409-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (English) 2007
"{90120000-001A-0409-0000-0000000FF1CE}_ENTERPRISE_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-001B-0409-0000-0000000FF1CE}" = Microsoft Office Word MUI (English) 2007
"{90120000-001B-0409-0000-0000000FF1CE}_ENTERPRISE_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007
"{90120000-001F-0409-0000-0000000FF1CE}_ENTERPRISE_{1FF96026-A04A-4C3E-B50A-BB7022654D0F}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2007
"{90120000-001F-040C-0000-0000000FF1CE}_ENTERPRISE_{71F055E8-E2C6-4214-BB3D-BFE03561B89E}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-001F-0C0A-0000-0000000FF1CE}" = Microsoft Office Proof (Spanish) 2007
"{90120000-001F-0C0A-0000-0000000FF1CE}_ENTERPRISE_{2314F9A1-126F-45CC-8A5E-DFAF866F3FBC}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-002A-0000-1000-0000000FF1CE}_ENTERPRISE_{664655D8-B9BB-455D-8A58-7EAF7B0B2862}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-002A-0409-1000-0000000FF1CE}_ENTERPRISE_{98333358-268C-4164-B6D4-C96DF5153727}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-002C-0409-0000-0000000FF1CE}" = Microsoft Office Proofing (English) 2007
"{90120000-0030-0000-0000-0000000FF1CE}" = Microsoft Office Enterprise 2007
"{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0044-0409-0000-0000000FF1CE}" = Microsoft Office InfoPath MUI (English) 2007
"{90120000-0044-0409-0000-0000000FF1CE}_ENTERPRISE_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-006E-0409-0000-0000000FF1CE}" = Microsoft Office Shared MUI (English) 2007
"{90120000-006E-0409-0000-0000000FF1CE}_ENTERPRISE_{98333358-268C-4164-B6D4-C96DF5153727}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-00A1-0409-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (English) 2007
"{90120000-00A1-0409-0000-0000000FF1CE}_ENTERPRISE_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-00BA-0409-0000-0000000FF1CE}" = Microsoft Office Groove MUI (English) 2007
"{90120000-00BA-0409-0000-0000000FF1CE}_ENTERPRISE_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0114-0409-0000-0000000FF1CE}" = Microsoft Office Groove Setup Metadata MUI (English) 2007
"{90120000-0114-0409-0000-0000000FF1CE}_ENTERPRISE_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0115-0409-0000-0000000FF1CE}" = Microsoft Office Shared Setup Metadata MUI (English) 2007
"{90120000-0115-0409-0000-0000000FF1CE}_ENTERPRISE_{98333358-268C-4164-B6D4-C96DF5153727}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0116-0409-1000-0000000FF1CE}_ENTERPRISE_{98333358-268C-4164-B6D4-C96DF5153727}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0117-0409-0000-0000000FF1CE}" = Microsoft Office Access Setup Metadata MUI (English) 2007
"{90120000-0117-0409-0000-0000000FF1CE}_ENTERPRISE_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90140000-2005-0000-0000-0000000FF1CE}" = Microsoft Office File Validation Add-In
"{92EA4134-10D1-418A-91E1-5A0453131A38}" = Windows Live Movie Maker
"{933B4015-4618-4716-A828-5289FC03165F}" = VC80CRTRedist - 8.0.50727.6195
"{95140000-007A-0409-0000-0000000FF1CE}" = Microsoft Office Outlook Connector
"{97486FBE-A3FC-4783-8D55-EA37E9D171CC}" = HP Update
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9B362566-EC1B-4700-BB9C-EC661BDE2175}" = DocProc
"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
"{9D56775A-93F3-44A3-8092-840E3826DE30}" = Windows Live Mail
"{9F6B13E2-B93F-4203-9BD4-5DC18C9F9DEB}" = AIO_CDB_Software
"{A0C91188-C88F-4E86-93E6-CD7C9A266649}" = Windows Live Mesh
"{A726AE06-AAA3-43D1-87E3-70F510314F04}" = Windows Live Writer
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{A9BDCA6B-3653-467B-AC83-94367DA3BFE3}" = Windows Live Photo Common
"{AAAFC670-569B-4A2F-82B4-42945E0DE3EF}" = Windows Live Writer
"{AAF454FC-82CA-4F29-AB31-6A109485E76E}" = Windows Live Writer
"{AC76BA86-7AD7-1033-7B44-AB0000000001}" = Adobe Reader XI (11.0.03)
"{B7C5EA94-B96A-41F5-BE95-25D78B486678}" = Splashtop Streamer
"{BD7204BA-DD64-499E-9B55-6A282CDF4FA4}" = Destinations
"{BEE64C14-BEF1-4610-8A68-A16EAA47B882}" = Futuremark SystemInfo
"{C43326F5-F135-4551-8270-7F7ABA0462E1}" = HPProductAssistant
"{C43E4B9C-14C8-4EB0-998B-85211B6EDD61}" = Maxtor MaxBlast
"{C66824E4-CBB3-4851-BB3F-E8CFD6350923}" = Windows Live Mail
"{CAE4213F-F797-439D-BD9E-79B71D115BE3}" = HPPhotoGadget
"{CE95A79E-E4FC-4FFF-8A75-29F04B942FF2}" = Windows Live UX Platform
"{D0B44725-3666-492D-BEF6-587A14BD9BD9}" = MSVCRT_amd64
"{D24DB8B9-BB6C-4334-9619-BA1C650E13D3}" = Microsoft Primary Interoperability Assemblies 2005
"{D436F577-1695-4D2F-8B44-AC76C99E0002}" = Windows Live Photo Common
"{D45240D3-B6B3-4FF9-B243-54ECE3E10066}" = Windows Live Communications Platform
"{D79113E7-274C-470B-BD46-01B10219DF6A}" = HPPhotosmartEssential
"{DAB5C521-80B2-48C3-B0DA-326A1B331F55}" = GoToAssist Corporate
"{DC635845-46D3-404B-BCB1-FC4A91091AFA}" = SmartWebPrinting
"{DDC8BDEE-DCAC-404D-8257-3E8D4B782467}" = Windows Live Writer Resources
"{DECDCB7C-58CC-4865-91AF-627F9798FE48}" = Windows Live Mesh
"{E09C4DB7-630C-4F06-A631-8EA7239923AF}" = D3DX10
"{E7112940-5F8E-4918-B9FE-251F2F8DC81F}" = AIO_CDB_ProductContext
"{E824E81C-80A4-3DFF-B5F9-4842A9FF5F7F}" = Microsoft Visual C++ 2012 x86 Minimum Runtime - 11.0.51106
"{EB4DF488-AAEF-406F-A341-CB2AAA315B90}" = Windows Live Messenger
"{EC5F4C1B-F838-4CB7-8561-8F809296428B}" = TomTom HOME
"{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}" = Microsoft SQL Server 2005 Compact Edition [ENU]
"{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}" = Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219
"{F241EC95-C81A-466E-8006-6B0B364B07A0}" = PCMark Vantage
"{F7338FA3-DAB5-49B2-900D-0AFB5760C166}" = PC Probe II
"{FE044230-9CA5-43F7-9B58-5AC5A28A1F33}" = Windows Live Essentials
"Adobe AIR" = Adobe AIR
"Adobe Flash Player ActiveX" = Adobe Flash Player 11 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 11 Plugin
"Battlelog Web Plugins" = Battlelog Web Plugins
"BT Desktop Help" = BT Desktop Help
"BTHomeHub" = BTHomeHub
"com.adobe.amp.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1" = Adobe Media Player
"Combined Community Codec Pack_is1" = Combined Community Codec Pack 2009-09-09
"DivX Setup" = DivX Setup
"ENTERPRISE" = Microsoft Office Enterprise 2007
"ESN Sonar-0.70.4" = ESN Sonar
"Free Audio CD Burner_is1" = Free Audio CD Burner version 1.4
"Free YouTube Download_is1" = Free YouTube Download version 3.0.16.923
"Free YouTube to MP3 Converter_is1" = Free YouTube to MP3 Converter version 3.10.14.1206
"GoToAssist" = GoToAssist Corporate
"hon" = Heroes of Newerth
"InstallShield_{20D4A895-748C-4D88-871C-FDB1695B0169}" = VIA Platform Device Manager
"InstallShield_{758C8301-2696-4855-AF45-534B1200980A}" = Samsung Kies
"Malwarebytes' Anti-Malware_is1" = Malwarebytes Anti-Malware version 1.75.0.1300
"McAfee Security Scan" = McAfee Security Scan Plus
"Mozilla Firefox 23.0.1 (x86 en-GB)" = Mozilla Firefox 23.0.1 (x86 en-GB)
"MozillaMaintenanceService" = Mozilla Maintenance Service
"MSC" = BT NetProtect Plus
"NVIDIAStereo" = NVIDIA Stereoscopic 3D Driver
"Open Broadcaster Software" = Open Broadcaster Software
"Origin" = Origin
"PrecisionX" = EVGA Precision X 4.2.1
"PunkBusterSvc" = PunkBuster Services
"Splashtop Software Updater" = Splashtop Software Updater
"Steam App 105430" = Age of Empires Online
"Steam App 17480" = Command and Conquer: Red Alert 3
"Steam App 201790" = Orcs Must Die! 2
"Steam App 218230" = PlanetSide 2
"Steam App 219640" = Chivalry: Medieval Warfare
"Steam App 220" = Half-Life 2
"Steam App 2210" = Quake 4
"Steam App 226700" = The War Z
"Steam App 24740" = Burnout Paradise: The Ultimate Box
"Steam App 38830" = CrimeCraft GangWars
"Steam App 43110" = Metro 2033
"Steam App 550" = Left 4 Dead 2
"Steam App 55230" = Saints Row: The Third
"Steam App 570" = Dota 2
"Steam App 730" = Counter-Strike: Global Offensive
"Steam App 91310" = Dead Island
"SystemRequirementsLab" = System Requirements Lab
"TechPowerUp GPU-Z" = TechPowerUp GPU-Z
"Uninstall_is1" = Uninstall 1.0.0.1
"WinLiveSuite" = Windows Live Essentials
"WinRAR archiver" = WinRAR archiver

========== HKEY_USERS Uninstall List ==========

[HKEY_USERS\S-1-5-21-1819400540-2784741948-3935238602-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"Dropbox" = Dropbox

========== Last 20 Event Log Errors ==========

[ Application Events ]
Error - 02/03/2013 13:20:08 | Computer Name = MEGAEXTREMEPC | Source = SideBySide | ID = 16842815
Description = Activation context generation failed for "c:\Program Files (x86)\Common
Files\Adobe AIR\Versions\1.0\Adobe AIR.dll".Error in manifest or policy file "c:\Program
Files (x86)\Common Files\Adobe AIR\Versions\1.0\Adobe AIR.dll" on line 3. The value
"MAJOR_VERSION.MINOR_VERSION.BUILD_NUMBER_MAJOR.BUILD_NUMBER_MINOR" of attribute
"version" in element "assemblyIdentity" is invalid.

Error - 05/03/2013 19:49:22 | Computer Name = MEGAEXTREMEPC | Source = SideBySide | ID = 16842815
Description = Activation context generation failed for "c:\Program Files (x86)\Common
Files\Adobe AIR\Versions\1.0\Adobe AIR.dll".Error in manifest or policy file "c:\Program
Files (x86)\Common Files\Adobe AIR\Versions\1.0\Adobe AIR.dll" on line 3. The value
"MAJOR_VERSION.MINOR_VERSION.BUILD_NUMBER_MAJOR.BUILD_NUMBER_MINOR" of attribute
"version" in element "assemblyIdentity" is invalid.

Error - 30/03/2013 13:36:05 | Computer Name = MEGAEXTREMEPC | Source = SideBySide | ID = 16842815
Description = Activation context generation failed for "c:\Program Files (x86)\Common
Files\Adobe AIR\Versions\1.0\Adobe AIR.dll".Error in manifest or policy file "c:\Program
Files (x86)\Common Files\Adobe AIR\Versions\1.0\Adobe AIR.dll" on line 3. The value
"MAJOR_VERSION.MINOR_VERSION.BUILD_NUMBER_MAJOR.BUILD_NUMBER_MINOR" of attribute
"version" in element "assemblyIdentity" is invalid.

Error - 30/03/2013 20:50:12 | Computer Name = MEGAEXTREMEPC | Source = SideBySide | ID = 16842815
Description = Activation context generation failed for "c:\Program Files (x86)\Common
Files\Adobe AIR\Versions\1.0\Adobe AIR.dll".Error in manifest or policy file "c:\Program
Files (x86)\Common Files\Adobe AIR\Versions\1.0\Adobe AIR.dll" on line 3. The value
"MAJOR_VERSION.MINOR_VERSION.BUILD_NUMBER_MAJOR.BUILD_NUMBER_MINOR" of attribute
"version" in element "assemblyIdentity" is invalid.

Error - 31/03/2013 15:08:46 | Computer Name = MEGAEXTREMEPC | Source = McLogEvent | ID = 5051
Description = A thread in process C:\Program Files\Common Files\McAfee\SystemCore\mcshield.exe
took longer than 90000 ms to complete a request.    The process will be terminated.
Thread
id : 3380 (0xd34)    Thread address : 0x000000007758164A    Thread message :      Build VSCORE.15.1.0.520
/ 5500.1093   Object being scanned = \Device\HarddiskVolume3\Program Files (x86)\Steam\package\tmp\steam\backup\english\autorun.inf

by C:\Program Files (x86)\Steam\steam.exe   4(0)(0)   4(0)(0)   7200(0)(0)   7595(0)(0)

7005(0)(0)   7004(0)(0)   5006(0)(0)   5004(0)(0)

Error - 02/04/2013 22:50:49 | Computer Name = MEGAEXTREMEPC | Source = SideBySide | ID = 16842815
Description = Activation context generation failed for "c:\Program Files (x86)\Common
Files\Adobe AIR\Versions\1.0\Adobe AIR.dll".Error in manifest or policy file "c:\Program
Files (x86)\Common Files\Adobe AIR\Versions\1.0\Adobe AIR.dll" on line 3. The value
"MAJOR_VERSION.MINOR_VERSION.BUILD_NUMBER_MAJOR.BUILD_NUMBER_MINOR" of attribute
"version" in element "assemblyIdentity" is invalid.

Error - 09/04/2013 09:33:19 | Computer Name = MEGAEXTREMEPC | Source = SideBySide | ID = 16842815
Description = Activation context generation failed for "c:\Program Files (x86)\Common
Files\Adobe AIR\Versions\1.0\Adobe AIR.dll".Error in manifest or policy file "c:\Program
Files (x86)\Common Files\Adobe AIR\Versions\1.0\Adobe AIR.dll" on line 3. The value
"MAJOR_VERSION.MINOR_VERSION.BUILD_NUMBER_MAJOR.BUILD_NUMBER_MINOR" of attribute
"version" in element "assemblyIdentity" is invalid.

Error - 11/04/2013 11:01:11 | Computer Name = MEGAEXTREMEPC | Source = Application Hang | ID = 1002
Description = The program hl2.exe version 0.0.0.0 stopped interacting with Windows
and was closed. To see if more information about the problem is available, check
the problem history in the Action Center control panel.    Process ID: 1184    Start Time:
01ce36bc8ec2074e    Termination Time: 442    Application Path: c:\program files (x86)\steam\steamapps\aneilhasan\team
fortress 2\hl2.exe    Report Id:

Error - 11/04/2013 21:15:06 | Computer Name = MEGAEXTREMEPC | Source = SideBySide | ID = 16842815
Description = Activation context generation failed for "c:\Program Files (x86)\Common
Files\Adobe AIR\Versions\1.0\Adobe AIR.dll".Error in manifest or policy file "c:\Program
Files (x86)\Common Files\Adobe AIR\Versions\1.0\Adobe AIR.dll" on line 3. The value
"MAJOR_VERSION.MINOR_VERSION.BUILD_NUMBER_MAJOR.BUILD_NUMBER_MINOR" of attribute
"version" in element "assemblyIdentity" is invalid.

Error - 12/04/2013 19:47:15 | Computer Name = MEGAEXTREMEPC | Source = SideBySide | ID = 16842815
Description = Activation context generation failed for "c:\Program Files (x86)\Common
Files\Adobe AIR\Versions\1.0\Adobe AIR.dll".Error in manifest or policy file "c:\Program
Files (x86)\Common Files\Adobe AIR\Versions\1.0\Adobe AIR.dll" on line 3. The value
"MAJOR_VERSION.MINOR_VERSION.BUILD_NUMBER_MAJOR.BUILD_NUMBER_MINOR" of attribute
"version" in element "assemblyIdentity" is invalid.

[ Media Center Events ]
Error - 29/04/2013 12:33:09 | Computer Name = MEGAEXTREMEPC | Source = MCUpdate | ID = 0
Description = 17:32:50 - Failed to retrieve MCEClientUX (Error: The underlying connection
was closed: An unexpected error occurred on a receive.)

Error - 29/04/2013 12:33:34 | Computer Name = MEGAEXTREMEPC | Source = MCUpdate | ID = 0
Description = 17:33:30 - Failed to retrieve Broadband (Error: The underlying connection
was closed: An unexpected error occurred on a receive.)

[ System Events ]
Error - 25/08/2013 00:53:03 | Computer Name = MEGAEXTREMEPC | Source = mbamchameleon | ID = 61440
Description =

Error - 25/08/2013 00:53:03 | Computer Name = MEGAEXTREMEPC | Source = mbamchameleon | ID = 61440
Description =

Error - 25/08/2013 00:53:03 | Computer Name = MEGAEXTREMEPC | Source = mbamchameleon | ID = 61440
Description =

Error - 25/08/2013 00:53:03 | Computer Name = MEGAEXTREMEPC | Source = mbamchameleon | ID = 61440
Description =

Error - 25/08/2013 00:53:03 | Computer Name = MEGAEXTREMEPC | Source = mbamchameleon | ID = 61440
Description =

Error - 25/08/2013 00:53:03 | Computer Name = MEGAEXTREMEPC | Source = mbamchameleon | ID = 61440
Description =

Error - 25/08/2013 00:53:03 | Computer Name = MEGAEXTREMEPC | Source = mbamchameleon | ID = 61440
Description =

Error - 25/08/2013 00:53:03 | Computer Name = MEGAEXTREMEPC | Source = mbamchameleon | ID = 61440
Description =

Error - 25/08/2013 00:53:20 | Computer Name = MEGAEXTREMEPC | Source = mbamchameleon | ID = 61440
Description =

Error - 25/08/2013 00:53:20 | Computer Name = MEGAEXTREMEPC | Source = mbamchameleon | ID = 61440
Description =

< End of report >

Maniac · August 25, 2013

Step 1

Please download Junkware Removal Tool to your desktop.

Shut down your protection software now to avoid potential conflicts.
Run the tool by double-clicking it. If you are using Windows Vista or Seven, right-mouse click it and select Run as Administrator.
The tool will open and start scanning your system.
Please be patient as this can take a while to complete depending on your system's specifications.
On completion, a log (JRT.txt) is saved to your desktop and will automatically open.
Post the contents of JRT.txt into your next message.

Step 2

Please download AdwCleaner by Xplode onto your desktop.

Close all open programs and internet browsers.
Double click on AdwCleaner.exe to run the tool.
Click on Delete.
Confirm each time with Ok.
Your computer will be rebooted automatically. A text file will open after the restart.
Please post the content of that logfile with your next answer.
You can find the logfile at C:\AdwCleaner[s1].txt as well.

Step 3

Run OTL

Under the Custom Scans/Fixes box at the bottom, paste in the following

:OTL
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://start.mysearchdial.com/?f=1&a=dnldmsd&cd=2XzuyEtN2Y1L1QzuyEzzyD0BtAzyyEzyyDzy0FyB0E0C0DtDtN0D0Tzu0CyCtDtBtN1L2XzutBtFtBtFyEtFyBtAtCtN1L1Czu1Q1G1I1Q1H1B1Q&cr=1349192636&ir=
IE:64bit: - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE:64bit: - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://start.mysearchdial.com/results.php?f=4&q={searchTerms}&a=dnldmsd&cd=2XzuyEtN2Y1L1QzuyEzzyD0BtAzyyEzyyDzy0FyB0E0C0DtDtN0D0Tzu0CyDyDzztN1L2XzutBtFtBtFyEtFyBtAtCtN1L1Czu1Q1G1I1Q1H1B1Q&cr=303801308&ir=
IE - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://start.mysearchdial.com/results.php?f=4&q={searchTerms}&a=dnldmsd&cd=2XzuyEtN2Y1L1QzuyEzzyD0BtAzyyEzyyDzy0FyB0E0C0DtDtN0D0Tzu0CyDyDzztN1L2XzutBtFtBtFyEtFyBtAtCtN1L1Czu1Q1G1I1Q1H1B1Q&cr=303801308&ir=
[2013/04/17 06:00:16 | 000,006,476 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\babylon.xml
:files
ipconfig /flushdns /c
:Commands
[emptytemp]
Then click the Run Fix button at the top
Let the program run unhindered, reboot the PC when it is done
Please post the OTL fix log in your next reply.

Note: A copy of an OTL fix log is saved in a text file at C:\_OTL\MovedFiles

In your next reply, post the following log files:

Junkware Removal Tool log
AdwCleaner log
OTL Fix log

AdvancedSetup · August 30, 2013

Due to the lack of feedback this topic is closed to prevent others from posting here. If you need this topic reopened, please send a Private Message to any one of the moderating team members. Please include a link to this thread with your request. This applies only to the originator of this thread.

Other members who need assistance please start your own topic in a new thread. Thanks!

Malware/virus

Recommended Posts

Link to post

Share on other sites

Link to post

Share on other sites

Link to post

Share on other sites

Link to post

Share on other sites

Link to post

Share on other sites

Link to post

Share on other sites

Link to post

Share on other sites

Link to post

Share on other sites

Link to post

Share on other sites

Recently Browsing 0 members

Important Information