Jump to content

All browser homepages changed to "http://search.yahoo.com/?type=407453&fr=spigot-yhp-ff" on startup

Recommended Posts



I recentlly dowloaded the YouTube converter and immediately after all of my browsers were changed to the following address: "http://search.yahoo.com/?type=407453&fr=spigot-yhp-ff". Not only that but my settings have been changed on my browsers (Undo closed tabs is grey and the option to bring back my windows if browser crash is set to off and resets if Firefox is closed). I believe I have a virus but nothing have been able to solve this issue. Could really use some help and would like to thank you all in advanced for the work that you do here. It is entirely appreciated. Thank you. Here are my logs that I got upon following the instructions on the "I'm infected..." forum.



Link to post
Share on other sites

Hello xagersfeld and :welcome:! My name is Borislav and I will be glad to help you solve your malware problem.

Please note:

  • If you are a paying customer, you have the privilege to contact the help desk at Consumer Support. If you choose this option to get help, please let me know.
  • I recommend you to keep the instructions I will be giving you so that they are available to you at any time. You can save them in a text file or print them.
  • Make sure you read all of the instructions and fixes thoroughly before continuing with them.
  • Follow my instructions strictly and don’t hesitate to stop and ask me if you have any questions.
  • Post your log files, don't attach them. Every log file should be copy/pasted in your next reply.
  • Do not perform any kind of scanning and fixing without my instructions. If you want to proceed on your own, please let me know.
Step 1

Please uninstall the following applications:


Ant.com IE add-on

Step 2

Please download Junkware Removal Tool to your desktop.

  • Shut down your protection software now to avoid potential conflicts.
  • Run the tool by double-clicking it. If you are using Windows Vista or Seven, right-mouse click it and select Run as Administrator.
  • The tool will open and start scanning your system.
  • Please be patient as this can take a while to complete depending on your system's specifications.
  • On completion, a log (JRT.txt) is saved to your desktop and will automatically open.
  • Post the contents of JRT.txt into your next message.
  • Step 3

    Please download AdwCleaner by Xplode onto your desktop.

    • Close all open programs and internet browsers.
    • Double click on AdwCleaner.exe to run the tool.
    • Click on Clean.
    • Confirm each time with Ok.
    • Your computer will be rebooted automatically. A text file will open after the restart.
    • Please post the content of that logfile with your next answer.
    • You can find the logfile at C:\AdwCleaner[s1].txt as well.
    Step 4

    Download OTL to your Desktop

    • Double click on the icon to run it. Make sure all other windows are closed and to let it run uninterrupted.
    • Please tick the Scan All users. Next, click the Quick Scan button. The scan wont take long.
      • When the scan completes, it will open two notepad windows. OTL.Txt and Extras.Txt. These are saved in the same location as OTL.
      • Please copy (Edit->Select All, Edit->Copy) the contents of these files, one at a time and post them in your topic.
    In your next reply, post the following log files:
    • Junkware Removal Tool log
    • AdwCleaner log
    • OTL log with Extras.txt
Link to post
Share on other sites

Allow me to say thanks again for the assistance. Thank you.


Here are the logs from the following scans:


Junkware Removal Tool log


Junkware Removal Tool (JRT) by Thisisu
Version: 6.0.8 (11.05.2013:1)
OS: Windows 7 Professional x64
Ran by xagersfeld on Sun 11/17/2013 at  8:27:42.14

~~~ Services

~~~ Registry Values

~~~ Registry Keys

Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\CLSID\{DE9028D0-5FFA-4E69-94E3-89EE8741F468}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\CLSID\{E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\Interface\{79FB5FC8-44B9-4AF5-BADD-CCE547F953E5}
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\conduit
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\AppDataLow\software\search settings

~~~ Files

Successfully deleted: [File] "C:\Windows\Tasks\dll-files.com fixer_monthly.job"
Successfully deleted: [File] "C:\Windows\Tasks\dll-files.com fixer_updates.job"

~~~ Folders

Successfully deleted: [Folder] "C:\Users\xagersfeld\AppData\Roaming\dll-files.com"
Successfully deleted: [Folder] "C:\Program Files (x86)\dll-files.com fixer"

~~~ Event Viewer Logs were cleared

Scan was completed on Sun 11/17/2013 at  9:11:07.27
End of JRT log

AdwCleaner log


# AdwCleaner v3.012 - Report created 17/11/2013 at 10:04:25
# Updated 11/11/2013 by Xplode
# Operating System : Windows 7 Professional Service Pack 1 (64 bits)
# Username : xagersfeld - XAGERSFELD-PC
# Running from : C:\Users\xagersfeld\Desktop\AdwCleaner.exe
# Option : Clean

***** [ Services ] *****

***** [ Files / Folders ] *****

Folder Deleted : C:\Users\xagersfeld\AppData\Roaming\Mozilla\Firefox\Profiles\381huduz.default-1383810679593\Extensions\anttoolbar@ant.com
Folder Deleted : C:\Users\xagersfeld\AppData\Roaming\Mozilla\Firefox\Profiles\rxa2wgli.default-1384243994751\Extensions\anttoolbar@ant.com
File Deleted : C:\Windows\System32\roboot64.exe

***** [ Shortcuts ] *****

***** [ Registry ] *****

Key Deleted : [x64] HKLM\SOFTWARE\DivX\Install\Setup\WizardLayout\ConduitToolbar

***** [ Browsers ] *****

-\\ Internet Explorer v10.0.9200.16736

-\\ Mozilla Firefox v25.0.1 (en-US)

[ File : C:\Users\xagersfeld\AppData\Roaming\Mozilla\Firefox\Profiles\rxa2wgli.default-1384243994751\prefs.js ]

-\\ Google Chrome v31.0.1650.57

[ File : C:\Users\xagersfeld\AppData\Local\Google\Chrome\User Data\Default\preferences ]


AdwCleaner[R0].txt - [1672 octets] - [11/11/2013 23:38:51]
AdwCleaner[R1].txt - [1401 octets] - [17/11/2013 09:15:08]
AdwCleaner[s0].txt - [1326 octets] - [17/11/2013 10:04:25]

########## EOF - C:\AdwCleaner\AdwCleaner[s0].txt - [1386 octets] ##########

Link to post
Share on other sites

OTL log


OTL logfile created on: 11/17/2013 11:12:05 AM - Run 2
OTL by OldTimer - Version     Folder = C:\Users\xagersfeld\Desktop
64bit- Professional Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.10.9200.16736)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy
3.97 Gb Total Physical Memory | 1.82 Gb Available Physical Memory | 45.98% Memory free
7.93 Gb Paging File | 5.61 Gb Available in Paging File | 70.77% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 465.66 Gb Total Space | 133.56 Gb Free Space | 28.68% Space Free | Partition Type: NTFS
Drive D: | 7.26 Gb Total Space | 0.00 Gb Free Space | 0.00% Space Free | Partition Type: UDF
Computer Name: XAGERSFELD-PC | User Name: xagersfeld | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Quick Scan | Include 64bit Scans
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days
========== Processes (SafeList) ==========
PRC - [2013/11/17 10:12:02 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\xagersfeld\Desktop\OTL.exe
PRC - [2013/11/15 12:05:24 | 000,275,568 | ---- | M] (Mozilla Corporation) -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe
PRC - [2013/11/03 13:50:31 | 004,287,536 | ---- | M] () -- C:\Program Files (x86)\Pando Networks\Media Booster\PMB.exe
PRC - [2013/11/02 22:34:12 | 001,418,336 | ---- | M] (RealNetworks, Inc.) -- C:\Program Files (x86)\Real\RealPlayer\RPDS\Bin\rpdsvc.exe
PRC - [2013/11/02 22:19:14 | 000,237,960 | ---- | M] (Google Inc.) -- C:\Program Files (x86)\Google\Update\\GoogleCrashHandler.exe
PRC - [2013/10/30 07:56:50 | 017,153,952 | ---- | M] (PACE Anti-Piracy, Inc.) -- C:\Program Files (x86)\Common Files\PACE\Services\LicenseServices\LDSvc.exe
PRC - [2013/10/28 11:39:32 | 002,283,296 | ---- | M] (IObit) -- C:\Program Files (x86)\IObit\Advanced SystemCare 7\ASCTray.exe
PRC - [2013/10/25 18:19:44 | 000,763,680 | ---- | M] (IObit) -- C:\Program Files (x86)\IObit\Advanced SystemCare 7\Monitor.exe
PRC - [2013/10/25 13:39:32 | 000,029,320 | ---- | M] () -- C:\Program Files (x86)\Real\UpdateService\RealPlayerUpdateSvc.exe
PRC - [2013/10/25 12:07:24 | 002,151,200 | ---- | M] (IObit) -- C:\Program Files (x86)\IObit\LiveUpdate\LiveUpdate.exe
PRC - [2013/10/25 12:07:00 | 000,878,368 | ---- | M] (IObit) -- C:\Program Files (x86)\IObit\Advanced SystemCare 7\ASCService.exe
PRC - [2013/10/17 17:08:06 | 000,039,056 | ---- | M] () -- C:\Program Files (x86)\RealNetworks\RealDownloader\rndlresolversvc.exe
PRC - [2013/10/15 11:27:38 | 003,921,880 | ---- | M] (Safer-Networking Ltd.) -- C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe
PRC - [2013/09/20 09:57:26 | 001,042,272 | ---- | M] (Safer-Networking Ltd.) -- C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe
PRC - [2013/09/13 09:38:30 | 000,171,416 | ---- | M] (Safer-Networking Ltd.) -- C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe
PRC - [2013/09/05 06:04:00 | 000,065,640 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
PRC - [2013/08/16 18:09:02 | 001,549,120 | ---- | M] (IObit) -- C:\Program Files (x86)\IObit\IObit Malware Fighter\IMF.exe
PRC - [2013/07/25 10:19:26 | 005,624,784 | ---- | M] (Safer-Networking Ltd.) -- C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe
PRC - [2013/07/04 21:22:36 | 000,327,432 | ---- | M] (CyberLink) -- C:\Program Files (x86)\CyberLink\PowerDVD13\Kernel\DMS\CLMSServerPDVD13.exe
PRC - [2013/07/04 21:22:34 | 000,077,576 | ---- | M] (CyberLink) -- C:\Program Files (x86)\CyberLink\PowerDVD13\Kernel\DMS\CLMSMonitorServicePDVD13.exe
PRC - [2013/04/25 16:54:10 | 000,335,168 | ---- | M] (IObit) -- C:\Program Files (x86)\IObit\IObit Malware Fighter\IMFsrv.exe
PRC - [2013/04/04 13:50:32 | 000,701,512 | ---- | M] (Malwarebytes Corporation) -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe
PRC - [2013/04/04 13:50:32 | 000,532,040 | ---- | M] (Malwarebytes Corporation) -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe
PRC - [2013/04/04 13:50:32 | 000,418,376 | ---- | M] (Malwarebytes Corporation) -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe
PRC - [2013/03/15 15:07:56 | 000,395,640 | ---- | M] (Eastman Kodak Company) -- C:\Program Files (x86)\Kodak\AiO\Center\EKAiOHostService.exe
PRC - [2013/01/15 13:07:42 | 002,750,840 | ---- | M] (Eastman Kodak Company) -- C:\Program Files (x86)\Kodak\AiO\StatusMonitor\EKStatusMonitor.exe
PRC - [2013/01/15 13:07:42 | 000,780,152 | ---- | M] (Eastman Kodak Company) -- C:\Program Files (x86)\Kodak\AiO\StatusMonitor\EKPrinterSDK.exe
PRC - [2012/02/23 11:09:08 | 000,838,656 | ---- | M] () -- C:\Program Files (x86)\TP-LINK\TP-LINK Wireless Configuration Utility\TWCU.exe
PRC - [2011/03/31 18:19:44 | 001,646,056 | ---- | M] (Rosetta Stone Ltd.) -- C:\Program Files (x86)\RosettaStoneLtdServices\RosettaStoneDaemon.exe
PRC - [2010/05/07 18:07:56 | 000,167,936 | ---- | M] (AVerMedia TECHNOLOGIES, Inc.) -- C:\Program Files (x86)\AVerMedia\AVerUpdate\AVerUpdateServer.exe
PRC - [2010/05/06 20:39:10 | 000,528,384 | ---- | M] (AVerMedia Technologies, Inc.) -- C:\Program Files (x86)\SnugTV\SnugTV Station\AMAServer.exe
PRC - [2009/12/07 15:13:14 | 000,397,312 | ---- | M] () -- C:\Program Files (x86)\Common Files\AVerMedia\Service\AVerScheduleService.exe
PRC - [2009/10/31 08:48:42 | 000,348,160 | ---- | M] (AVerMedia) -- C:\Program Files (x86)\Common Files\AVerMedia\Service\AVerRemote.exe
PRC - [2009/10/12 15:17:24 | 000,344,137 | ---- | M] () -- C:\Program Files (x86)\Dell\Dell Mobile Broadband\systray.exe
PRC - [2009/08/16 22:53:32 | 001,807,608 | ---- | M] (AuthenTec, Inc.) -- C:\Program Files (x86)\Fingerprint Sensor\AtService.exe
========== Modules (No Company Name) ==========
MOD - [2013/11/15 12:05:24 | 003,363,952 | ---- | M] () -- C:\Program Files (x86)\Mozilla Firefox\mozjs.dll
MOD - [2013/11/03 13:50:31 | 004,287,536 | ---- | M] () -- C:\Program Files (x86)\Pando Networks\Media Booster\PMB.exe
MOD - [2013/05/16 09:55:26 | 000,113,496 | ---- | M] () -- C:\Program Files (x86)\Spybot - Search & Destroy 2\snlThirdParty150.bpl
MOD - [2013/05/16 09:55:24 | 000,416,600 | ---- | M] () -- C:\Program Files (x86)\Spybot - Search & Destroy 2\DEC150.bpl
MOD - [2013/01/15 18:48:26 | 000,348,992 | ---- | M] () -- C:\Program Files (x86)\IObit\Advanced SystemCare 7\madexcept_.bpl
MOD - [2013/01/15 18:48:26 | 000,051,008 | ---- | M] () -- C:\Program Files (x86)\IObit\Advanced SystemCare 7\maddisAsm_.bpl
MOD - [2013/01/15 18:48:24 | 000,183,616 | ---- | M] () -- C:\Program Files (x86)\IObit\Advanced SystemCare 7\madbasic_.bpl
MOD - [2013/01/15 18:47:56 | 000,893,248 | ---- | M] () -- C:\Program Files (x86)\IObit\Advanced SystemCare 7\webres.dll
MOD - [2012/02/23 11:09:08 | 000,838,656 | ---- | M] () -- C:\Program Files (x86)\TP-LINK\TP-LINK Wireless Configuration Utility\TWCU.exe
MOD - [2012/02/07 10:16:32 | 001,415,680 | ---- | M] () -- C:\Program Files (x86)\TP-LINK\TP-LINK Wireless Configuration Utility\nicLan.dll
MOD - [2011/12/23 17:20:42 | 000,192,512 | ---- | M] () -- C:\Program Files (x86)\TP-LINK\TP-LINK Wireless Configuration Utility\DC_WFF.dll
MOD - [2009/10/12 15:17:24 | 000,344,137 | ---- | M] () -- C:\Program Files (x86)\Dell\Dell Mobile Broadband\systray.exe
========== Services (SafeList) ==========
SRV:64bit: - [2013/10/28 18:02:18 | 002,255,064 | ---- | M] (Broadcom Corporation.) [Auto | Running] -- C:\Windows\SysNative\BtwRSupportService.exe -- (BcmBtRSupport)
SRV:64bit: - [2013/05/26 21:50:47 | 001,011,712 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV:64bit: - [2012/11/16 12:44:58 | 000,238,080 | ---- | M] (AMD) [Auto | Running] -- C:\Windows\SysNative\atiesrxx.exe -- (AMD External Events Utility)
SRV:64bit: - [2010/03/07 00:09:34 | 000,911,360 | ---- | M] (Intel® Corporation) [Auto | Running] -- C:\Program Files\Intel\WiMAX\Bin\AppSrv.exe -- (WiMAXAppSrv)
SRV:64bit: - [2010/03/07 00:04:26 | 000,408,576 | ---- | M] (Red Bend Ltd.) [Auto | Running] -- C:\Program Files\Intel\WiMAX\Bin\DMAgent.exe -- (DMAgent)
SRV:64bit: - [2009/08/11 16:59:38 | 000,864,032 | ---- | M] (Broadcom Corporation.) [Auto | Running] -- C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe -- (btwdins)
SRV:64bit: - [2009/07/13 17:40:01 | 000,193,536 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\appmgmts.dll -- (AppMgmt)
SRV:64bit: - [2009/06/29 12:44:38 | 000,240,128 | ---- | M] (IDT, Inc.) [Auto | Running] -- C:\Windows\SysNative\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_afc3018f8cfedd20\stacsv64.exe -- (STacSV)
SRV:64bit: - [2009/03/02 13:42:58 | 000,089,600 | ---- | M] (Andrea Electronics Corporation) [Auto | Running] -- C:\Windows\SysNative\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_afc3018f8cfedd20\AESTSr64.exe -- (AESTFilters)
SRV - [2013/11/15 12:05:24 | 000,119,408 | ---- | M] (Mozilla Foundation) [On_Demand | Stopped] -- C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance)
SRV - [2013/11/14 23:56:33 | 000,257,416 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)
SRV - [2013/11/05 20:14:55 | 001,045,256 | ---- | M] (Acresso Software Inc.) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe -- (FLEXnet Licensing Service)
SRV - [2013/11/02 22:34:12 | 001,418,336 | ---- | M] (RealNetworks, Inc.) [Auto | Running] -- C:\Program Files (x86)\Real\RealPlayer\RPDS\Bin\rpdsvc.exe -- (RealPlayer Desktop Service)
SRV - [2013/10/30 11:25:56 | 000,566,696 | ---- | M] (Valve Corporation) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Steam\SteamService.exe -- (Steam Client Service)
SRV - [2013/10/30 07:56:50 | 017,153,952 | ---- | M] (PACE Anti-Piracy, Inc.) [Auto | Running] -- C:\Program Files (x86)\Common Files\PACE\Services\LicenseServices\LDSvc.exe -- (PaceLicenseDServices)
SRV - [2013/10/25 13:39:32 | 000,029,320 | ---- | M] () [Auto | Running] -- C:\Program Files (x86)\Real\UpdateService\RealPlayerUpdateSvc.exe -- (RealPlayerUpdateSvc)
SRV - [2013/10/25 12:07:24 | 002,151,200 | ---- | M] (IObit) [Auto | Running] -- C:\Program Files (x86)\IObit\LiveUpdate\LiveUpdate.exe -- (LiveUpdateSvc)
SRV - [2013/10/25 12:07:00 | 000,878,368 | ---- | M] (IObit) [Auto | Running] -- C:\Program Files (x86)\IObit\Advanced SystemCare 7\ASCService.exe -- (AdvancedSystemCareService7)
SRV - [2013/10/17 17:08:06 | 000,039,056 | ---- | M] () [Auto | Running] -- C:\Program Files (x86)\RealNetworks\RealDownloader\rndlresolversvc.exe -- (RealNetworks Downloader Resolver Service)
SRV - [2013/09/05 06:04:00 | 000,065,640 | ---- | M] (Adobe Systems Incorporated) [Auto | Running] -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe -- (AdobeARMservice)
SRV - [2013/07/04 21:22:36 | 000,327,432 | ---- | M] (CyberLink) [Auto | Running] -- C:\Program Files (x86)\CyberLink\PowerDVD13\Kernel\DMS\CLMSServerPDVD13.exe -- (CyberLink PowerDVD 13 Media Server Service)
SRV - [2013/07/04 21:22:34 | 000,077,576 | ---- | M] (CyberLink) [Auto | Running] -- C:\Program Files (x86)\CyberLink\PowerDVD13\Kernel\DMS\CLMSMonitorServicePDVD13.exe -- (CyberLink PowerDVD 13 Media Server Monitor Service)
SRV - [2013/04/25 16:54:10 | 000,335,168 | ---- | M] (IObit) [Auto | Running] -- C:\Program Files (x86)\IObit\IObit Malware Fighter\IMFsrv.exe -- (IMFservice)
SRV - [2013/04/04 13:50:32 | 000,701,512 | ---- | M] (Malwarebytes Corporation) [Auto | Running] -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe -- (MBAMService)
SRV - [2013/04/04 13:50:32 | 000,418,376 | ---- | M] (Malwarebytes Corporation) [Auto | Running] -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe -- (MBAMScheduler)
SRV - [2013/03/15 15:07:56 | 000,395,640 | ---- | M] (Eastman Kodak Company) [Auto | Running] -- C:\Program Files (x86)\Kodak\AiO\Center\EKAiOHostService.exe -- (Kodak AiO Network Discovery Service)
SRV - [2013/01/15 13:07:42 | 000,780,152 | ---- | M] (Eastman Kodak Company) [Auto | Running] -- C:\Program Files (x86)\Kodak\AiO\StatusMonitor\EKPrinterSDK.exe -- (Kodak AiO Status Monitor Service)
SRV - [2011/03/31 18:19:44 | 001,646,056 | ---- | M] (Rosetta Stone Ltd.) [Auto | Running] -- C:\Program Files (x86)\RosettaStoneLtdServices\RosettaStoneDaemon.exe -- (RosettaStoneDaemon)
SRV - [2010/05/07 18:07:56 | 000,167,936 | ---- | M] (AVerMedia TECHNOLOGIES, Inc.) [Auto | Running] -- C:\Program Files (x86)\AVerMedia\AVerUpdate\AVerUpdateServer.exe -- (AVerUpdateServer)
SRV - [2010/05/06 20:39:10 | 000,528,384 | ---- | M] (AVerMedia Technologies, Inc.) [Auto | Running] -- C:\Program Files (x86)\SnugTV\SnugTV Station\AMAServer.exe -- (SnugTV Service)
SRV - [2010/03/18 13:16:28 | 000,130,384 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32)
SRV - [2010/02/19 13:37:14 | 000,517,096 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe -- (SwitchBoard)
SRV - [2009/12/07 15:13:14 | 000,397,312 | ---- | M] () [Auto | Running] -- C:\Program Files (x86)\Common Files\AVerMedia\Service\AVerScheduleService.exe -- (AVerScheduleService)
SRV - [2009/10/31 08:48:42 | 000,348,160 | ---- | M] (AVerMedia) [Auto | Running] -- C:\Program Files (x86)\Common Files\AVerMedia\Service\AVerRemote.exe -- (AVerRemote)
SRV - [2009/08/16 22:53:32 | 001,807,608 | ---- | M] (AuthenTec, Inc.) [Auto | Running] -- C:\Program Files (x86)\Fingerprint Sensor\AtService.exe -- (ATService)
SRV - [2009/06/29 12:44:38 | 000,240,128 | ---- | M] (IDT, Inc.) [Auto | Running] -- C:\Windows\System32\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_afc3018f8cfedd20\STacSV64.exe -- (STacSV)
SRV - [2009/06/10 13:23:09 | 000,066,384 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32)
SRV - [2009/03/02 13:42:58 | 000,089,600 | ---- | M] (Andrea Electronics Corporation) [Auto | Running] -- C:\Windows\System32\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_afc3018f8cfedd20\AESTSr64.exe -- (AESTFilters)
========== Driver Services (SafeList) ==========
DRV:64bit: - [2013/11/13 01:00:12 | 000,091,352 | ---- | M] (Malwarebytes Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\mbamchameleon.sys -- (mbamchameleon)
DRV:64bit: - [2013/11/04 23:21:04 | 000,435,512 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\k57nd60a.sys -- (k57nd60a)
DRV:64bit: - [2013/11/04 17:07:46 | 000,057,856 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbFlt.sys -- (TsUsbFlt)
DRV:64bit: - [2013/11/04 17:07:46 | 000,030,208 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbGD.sys -- (TsUsbGD)
DRV:64bit: - [2013/11/04 17:07:46 | 000,019,456 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\rdpvideominiport.sys -- (RdpVideoMiniport)
DRV:64bit: - [2013/11/04 10:16:58 | 000,310,728 | ---- | M] () [Kernel | Auto | Stopped] -- C:\Windows\SysNative\drivers\atksgt.sys -- (atksgt)
DRV:64bit: - [2013/11/04 10:16:57 | 000,042,696 | ---- | M] () [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\lirsgt.sys -- (lirsgt)
DRV:64bit: - [2013/11/03 11:41:49 | 000,132,648 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\btwavdt.sys -- (btwavdt)
DRV:64bit: - [2013/11/03 11:41:49 | 000,098,344 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\btwaudio.sys -- (btwaudio)
DRV:64bit: - [2013/11/03 11:41:49 | 000,035,104 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\btwl2cap.sys -- (btwl2cap)
DRV:64bit: - [2013/11/03 11:41:49 | 000,021,160 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\btwrchid.sys -- (btwrchid)
DRV:64bit: - [2013/10/28 18:02:18 | 000,166,104 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\btwampfl.sys -- (btwampfl)
DRV:64bit: - [2013/10/28 18:02:16 | 000,170,712 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bcbtums.sys -- (bcbtums)
DRV:64bit: - [2013/05/22 18:49:32 | 000,017,720 | ---- | M] () [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\SmartDefragDriver.sys -- (SmartDefragDriver)
DRV:64bit: - [2013/04/15 01:50:30 | 000,127,384 | ---- | M] (Power Software Ltd) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\scdemu.sys -- (SCDEmu)
DRV:64bit: - [2013/04/11 14:08:40 | 000,106,704 | ---- | M] (PACE Anti-Piracy, Inc.) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\Tpkd.sys -- (Tpkd)
DRV:64bit: - [2013/04/04 13:50:32 | 000,025,928 | ---- | M] (Malwarebytes Corporation) [File_System | On_Demand | Running] -- C:\Windows\SysNative\drivers\mbam.sys -- (MBAMProtector)
DRV:64bit: - [2012/11/16 13:08:32 | 011,922,944 | ---- | M] (Advanced Micro Devices, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\atikmdag.sys -- (atikmdag)
DRV:64bit: - [2012/11/16 13:08:32 | 011,922,944 | ---- | M] (Advanced Micro Devices, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\atikmdag.sys -- (amdkmdag)
DRV:64bit: - [2012/11/16 11:39:12 | 000,359,936 | ---- | M] (Advanced Micro Devices, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\atikmpag.sys -- (amdkmdap)
DRV:64bit: - [2012/08/21 13:01:20 | 000,033,240 | ---- | M] (GEAR Software Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\GEARAspiWDM.sys -- (GEARAspiWDM)
DRV:64bit: - [2012/02/29 22:46:16 | 000,023,408 | ---- | M] (Microsoft Corporation) [Recognizer | Boot | Unknown] -- C:\Windows\SysNative\drivers\fs_rec.sys -- (Fs_Rec)
DRV:64bit: - [2012/02/23 04:32:04 | 000,095,760 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\AtihdW76.sys -- (AtiHDAudioService)
DRV:64bit: - [2011/12/16 21:17:40 | 001,675,840 | ---- | M] (Ralink Technology Corp.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\netr28ux.sys -- (netr28ux)
DRV:64bit: - [2011/11/03 03:01:00 | 000,056,208 | ---- | M] (Rovi Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\PxHlpa64.sys -- (PxHlpa64)
DRV:64bit: - [2011/03/10 22:41:12 | 000,107,904 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata)
DRV:64bit: - [2011/03/10 22:41:12 | 000,027,008 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata)
DRV:64bit: - [2010/11/20 19:23:48 | 000,071,168 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\dmvsc.sys -- (dmvsc)
DRV:64bit: - [2010/11/20 19:23:47 | 000,109,056 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\sdbus.sys -- (sdbus)
DRV:64bit: - [2010/11/20 19:23:47 | 000,078,720 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD)
DRV:64bit: - [2010/07/13 08:57:08 | 000,069,736 | ---- | M] (ITE Tech. Inc. ) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\itecir.sys -- (itecir)
DRV:64bit: - [2009/12/22 21:37:22 | 000,174,592 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\bpmp.sys -- (bpmp)
DRV:64bit: - [2009/12/22 21:37:16 | 000,081,920 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\bpusb.sys -- (bpusb)
DRV:64bit: - [2009/12/22 21:37:14 | 000,071,168 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\bpenum.sys -- (bpenum)
DRV:64bit: - [2009/12/03 16:48:32 | 000,716,872 | ---- | M] (AuthenTec, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\ATSwpWDF.sys -- (ATSwpWDF)
DRV:64bit: - [2009/07/24 07:55:10 | 000,011,264 | ---- | M] (Primax Ltd) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\NMgamingms.sys -- (NMgamingmsFltr)
DRV:64bit: - [2009/07/15 15:41:44 | 000,027,648 | ---- | M] (Printing Novatel Wireless Inc.) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\NvtSp50.sys -- (NvtSp50)
DRV:64bit: - [2009/07/13 17:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs)
DRV:64bit: - [2009/07/13 17:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2)
DRV:64bit: - [2009/07/13 17:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor)
DRV:64bit: - [2009/07/13 16:35:32 | 000,012,288 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\serscan.sys -- (StillCam)
DRV:64bit: - [2009/06/29 12:44:38 | 000,487,424 | ---- | M] (IDT, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\stwrt64.sys -- (STHDA)
DRV:64bit: - [2009/06/25 16:04:20 | 000,067,584 | ---- | M] (REDC) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\rimmpx64.sys -- (rimmptsk)
DRV:64bit: - [2009/06/25 15:38:52 | 000,057,856 | ---- | M] (REDC) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\rixdpx64.sys -- (rismxdp)
DRV:64bit: - [2009/06/25 15:13:44 | 000,055,296 | ---- | M] (REDC) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\rimspx64.sys -- (rimsptsk)
DRV:64bit: - [2009/06/10 12:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv)
DRV:64bit: - [2009/06/10 12:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv)
DRV:64bit: - [2009/06/10 12:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a)
DRV:64bit: - [2009/06/10 12:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir)
DRV:64bit: - [2009/06/05 09:58:40 | 001,354,880 | ---- | M] (AVerMedia TECHNOLOGIES, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\AVerBDA716x_x64.sys -- (AVerBDA6x_x64)
DRV - [2013/07/06 00:48:36 | 000,130,320 | ---- | M] (CyberLink Corp.) [2013/11/05 17:11:38] [Kernel | Auto | Running] -- C:\Program Files (x86)\CyberLink\PowerDVD13\Common\NavFilter\000.fcl -- ({09F57980-3432-4AFC-957D-27AC45FAE1F5})
DRV - [2013/03/26 19:34:08 | 000,023,016 | ---- | M] (IObit.com) [Kernel | On_Demand | Running] -- C:\Program Files (x86)\IObit\IObit Malware Fighter\Drivers\win7_amd64\UrlFilter.sys -- (UrlFilter)
DRV - [2013/03/26 19:33:52 | 000,034,336 | ---- | M] (IObit.com) [Kernel | On_Demand | Running] -- C:\Program Files (x86)\IObit\IObit Malware Fighter\Drivers\win7_amd64\RegFilter.sys -- (RegFilter)
DRV - [2013/03/23 15:48:46 | 000,023,048 | ---- | M] (IObit) [File_System | On_Demand | Running] -- C:\Program Files (x86)\IObit\IObit Malware Fighter\Drivers\win7_amd64\FileMonitor.sys -- (FileMonitor)
DRV - [2009/07/13 17:19:10 | 000,019,008 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\wimmount.sys -- (WIMMount)
========== Standard Registry (SafeList) ==========
========== Internet Explorer ==========
IE:64bit: - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE:64bit: - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKLM\..\SearchScopes,DefaultScope =
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE - HKU\.DEFAULT\..\SearchScopes,DefaultScope =
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-18\..\SearchScopes,DefaultScope =
IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-19\..\SearchScopes,DefaultScope =
IE - HKU\S-1-5-20\..\SearchScopes,DefaultScope =
IE - HKU\S-1-5-21-1389256882-4216407415-1763555839-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://search.yahoo.com/?type=407453&fr=spigot-yhp-ie
IE - HKU\S-1-5-21-1389256882-4216407415-1763555839-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = en-us
IE - HKU\S-1-5-21-1389256882-4216407415-1763555839-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 09 AB 96 D3 59 D8 CE 01  [binary data]
IE - HKU\S-1-5-21-1389256882-4216407415-1763555839-1000\..\SearchScopes,DefaultScope = {9E61B8A4-31C1-4E4B-8D1F-FE98EB69D81C}
IE - HKU\S-1-5-21-1389256882-4216407415-1763555839-1000\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE10SR
IE - HKU\S-1-5-21-1389256882-4216407415-1763555839-1000\..\SearchScopes\{9E61B8A4-31C1-4E4B-8D1F-FE98EB69D81C}: "URL" = http://search.yahoo.com/search?fr=chr-greentree_ie&ei=utf-8&ilc=12&type=407453&p={searchTerms}
IE - HKU\S-1-5-21-1389256882-4216407415-1763555839-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-21-1389256882-4216407415-1763555839-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local
========== FireFox ==========
FF - prefs.js..browser.search.selectedEngine: "Google"
FF - prefs.js..browser.search.useDBForOrder: true
FF - prefs.js..browser.startup.homepage: "http://search.yahoo.com/?type=407453&fr=spigot-yhp-ff"
FF - prefs.js..extensions.enabledAddons: %7B972ce4c6-7e08-4474-a285-3208198ce6fd%7D:25.0.1
FF - prefs.js..keyword.url: "http://search.yahoo.com/search?fr=greentree_ff1&ei=utf-8&ilc=12&type=407453&p="
FF - user.js - File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF64_11_9_900_152.dll File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@divx.com/DivX VOD Helper,version=1.0.0: C:\Program Files\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)
FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files\Microsoft Silverlight\5.1.20913.0\npctrl.dll ( Microsoft Corporation)
FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0: C:\PROGRA~1\MICROS~1\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_9_900_152.dll ()
FF - HKLM\Software\MozillaPlugins\@adobe.com/ShockwavePlayer: C:\Windows\SysWOW64\Adobe\Director\np32dsw_1205146.dll (Adobe Systems, Inc.)
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=:  File not found
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF - HKLM\Software\MozillaPlugins\@divx.com/DivX VOD Helper,version=1.0.0: C:\Program Files (x86)\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)
FF - HKLM\Software\MozillaPlugins\@divx.com/DivX Web Player Plug-In,version=1.0.0: C:\Program Files (x86)\DivX\DivX Web Player\npdivx32.dll (DivX, LLC)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files (x86)\Microsoft Silverlight\5.1.20913.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0: C:\PROGRA~2\MICROS~2\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/SharePoint,version=14.0: c:\PROGRA~2\MICROS~2\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@pandonetworks.com/PandoWebPlugin: C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks)
FF - HKLM\Software\MozillaPlugins\@real.com/nppl3260;version= C:\Program Files (x86)\Real\RealPlayer\Netscape6\nppl3260.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprndlchromebrowserrecordext;version=1.5.2: C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlchromebrowserrecordext.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprndlhtml5videoshim;version=1.5.2: C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlhtml5videoshim.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprndlpepperflashvideoshim;version=1.5.2: C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlpepperflashvideoshim.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprpplugin;version= C:\Program Files (x86)\Real\RealPlayer\Netscape6\nprpplugin.dll (RealPlayer)
FF - HKLM\Software\MozillaPlugins\@realnetworks.com/npdlplugin;version=1: C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\npdlplugin.dll (RealDownloader)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files (x86)\Google\Update\\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files (x86)\Google\Update\\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@videolan.org/vlc,version=2.1.0: C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF - HKLM\Software\MozillaPlugins\Adobe Acrobat: C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Air\nppdf32.dll (Adobe Systems Inc.)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF - HKCU\Software\MozillaPlugins\@Skype Limited.com/Facebook Video Calling Plugin: C:\Users\xagersfeld\AppData\Local\Facebook\Video\Skype\npFacebookVideoCalling.dll File not found
FF - HKCU\Software\MozillaPlugins\pandonetworks.com/PandoWebPlugin: C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks)
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{56D10AE9-6227-455E-95C3-73CD63A091EC}: C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\Firefox\Ext\ [2013/11/02 22:34:35 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{ABDE892B-13A8-4d1b-88E6-365A6E755758}: C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\Firefox\Ext [2013/11/02 22:34:35 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\web2pdfextension@web2pdf.adobedotcom: C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Browser\WCFirefoxExtn [2013/11/05 17:57:10 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 25.0.1\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 25.0.1\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2013/11/15 12:05:20 | 000,000,000 | ---D | M]
FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Firefox 25.0.1\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components
FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Firefox 25.0.1\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2013/11/15 12:05:20 | 000,000,000 | ---D | M]
[2013/11/02 22:17:09 | 000,000,000 | ---D | M] (No name found) -- C:\Users\xagersfeld\AppData\Roaming\Mozilla\Extensions
[2013/11/17 10:04:29 | 000,000,000 | ---D | M] (No name found) -- C:\Users\xagersfeld\AppData\Roaming\Mozilla\Firefox\Profiles\381huduz.default-1383810679593\extensions
[2013/11/17 10:04:29 | 000,000,000 | ---D | M] (No name found) -- C:\Users\xagersfeld\AppData\Roaming\Mozilla\Firefox\Profiles\rxa2wgli.default-1384243994751\extensions
[2013/11/12 00:25:27 | 000,320,988 | ---- | M] () (No name found) -- C:\Users\xagersfeld\AppData\Roaming\Mozilla\Firefox\Profiles\rxa2wgli.default-1384243994751\extensions\jid1-ZAdIEUB7XOzOJw@jetpack.xpi
[2013/11/12 00:25:12 | 000,915,554 | ---- | M] () (No name found) -- C:\Users\xagersfeld\AppData\Roaming\Mozilla\Firefox\Profiles\rxa2wgli.default-1384243994751\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi
[2013/11/12 00:25:29 | 000,010,530 | ---- | M] () -- C:\Users\xagersfeld\AppData\Roaming\Mozilla\Firefox\Profiles\rxa2wgli.default-1384243994751\searchplugins\duckduckgo.xml
[2013/11/15 12:05:18 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\Mozilla Firefox\browser\extensions
[2013/11/15 12:05:24 | 000,000,000 | ---D | M] (Default) -- C:\Program Files (x86)\Mozilla Firefox\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
========== Chrome  ==========
CHR - default_search_provider: Google (Enabled)
CHR - default_search_provider: search_url = {google:baseURL}search?q={searchTerms}&{google:RLZ}{google:originalQueryForSuggestion}{google:assistedQueryStats}{google:searchFieldtrialParameter}{google:bookmarkBarPinned}{google:searchClient}{google:sourceId}{google:instantExtendedEnabledParameter}{google:omniboxStartMarginParameter}ie={inputEncoding}
CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client={google:suggestClient}&q={searchTerms}&{google:cursorPosition}{google:zeroPrefixUrl}{google:pageClassification}sugkey={google:suggestAPIKeyParameter},
CHR - homepage: http://search.yahoo.com/?type=407453&fr=spigot-yhp-ch
CHR - Extension: Google Docs = C:\Users\xagersfeld\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake\0.5_0\
CHR - Extension: Google Drive = C:\Users\xagersfeld\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\6.3_0\
CHR - Extension: YouTube = C:\Users\xagersfeld\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.6_0\
CHR - Extension: Google Search = C:\Users\xagersfeld\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\\
CHR - Extension: RealPlayer Downloader = C:\Users\xagersfeld\AppData\Local\Google\Chrome\User Data\Default\Extensions\idhngdhcfkoamngbedgpaokgjbnpdiji\1.5.2_0\
CHR - Extension: Store = C:\Users\xagersfeld\AppData\Local\Google\Chrome\User Data\Default\Extensions\nfengeggddojhakldhlpjdlddgkkjkdd\1.0.0_0\
CHR - Extension: Google Wallet = C:\Users\xagersfeld\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\\
CHR - Extension: Gmail = C:\Users\xagersfeld\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_1\
O1 HOSTS File: ([2013/11/12 00:04:48 | 000,000,027 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts
O1 - Hosts:       localhost
O2:64bit: - BHO: (ExplorerWnd Helper) - {10921475-03CE-4E04-90CE-E2E7EF20C814} - C:\Program Files (x86)\IObit\IObit Uninstaller\UninstallExplorer64.dll (IObit)
O2:64bit: - BHO: (no name) - {34A0D84B-CDDC-4EC4-AFDD-4F1DDE1D14E5} - No CLSID value found.
O2 - BHO: (RealNetworks Download and Record Plugin for Internet Explorer) - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\IE\rndlbrowserrecordplugin.dll (RealDownloader)
O2 - BHO: (Adobe PDF Conversion Toolbar Helper) - {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O2 - BHO: (Advanced SystemCare Browser Protection) - {BA0C978D-D909-49B6-AFE2-8BDE245DC7E6} - C:\Program Files (x86)\IObit\Surfing Protection\BrowerProtect\ASCPlugin_Protection.dll (IObit)
O2 - BHO: (SmartSelect Class) - {F4971EE7-DAA0-4053-9964-665D8EE6A077} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O3 - HKLM\..\Toolbar: (Adobe PDF) - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O3 - HKU\S-1-5-21-1389256882-4216407415-1763555839-1000\..\Toolbar\WebBrowser: (no name) - {2E924F4F-67F0-4BD8-9560-49F468E843D2} - No CLSID value found.
O3 - HKU\S-1-5-21-1389256882-4216407415-1763555839-1000\..\Toolbar\WebBrowser: (Adobe PDF) - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O4:64bit: - HKLM..\Run: [intelWirelessWiMAX] C:\Program Files\Intel\WiMAX\Bin\WiMAXCU.exe (Intel® Corporation)
O4:64bit: - HKLM..\Run: [sysTrayApp] C:\Program Files\IDT\WDM\sttray64.exe (IDT, Inc.)
O4 - HKLM..\Run: [AMD AVT] C:\Windows\SysWow64\cmd.exe (Microsoft Corporation)
O4 - HKLM..\Run: [EKStatusMonitor] C:\Program Files (x86)\Kodak\AiO\StatusMonitor\EKStatusMonitor.exe (Eastman Kodak Company)
O4 - HKLM..\Run: [iObit Malware Fighter] C:\Program Files (x86)\IObit\IObit Malware Fighter\IMF.exe (IObit)
O4 - HKLM..\Run: [sDTray] C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe (Safer-Networking Ltd.)
O4 - HKLM..\Run: [systray] C:\Program Files (x86)\Dell\Dell Mobile Broadband\systray.exe ()
O4 - HKU\S-1-5-21-1389256882-4216407415-1763555839-1000..\Run: [Advanced SystemCare 7] C:\Program Files (x86)\IObit\Advanced SystemCare 7\ASCTray.exe (IObit)
O4 - HKU\S-1-5-21-1389256882-4216407415-1763555839-1000..\Run: [Pando Media Booster] C:\Program Files (x86)\Pando Networks\Media Booster\PMB.exe ()
O4 - HKU\S-1-5-21-1389256882-4216407415-1763555839-1000..\Run: [spybot-S&D Cleaning] C:\Program Files (x86)\Spybot - Search & Destroy 2\SDCleaner.exe (Safer-Networking Ltd.)
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O7 - HKU\.DEFAULT\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-18\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-19\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-20\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-21-1389256882-4216407415-1763555839-1000\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-21-1389256882-4216407415-1763555839-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O8:64bit: - Extra context menu item: Send image to &Bluetooth Device... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm ()
O8:64bit: - Extra context menu item: Send page to &Bluetooth Device... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
O8 - Extra context menu item: Send image to &Bluetooth Device... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm ()
O8 - Extra context menu item: Send page to &Bluetooth Device... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
O9:64bit: - Extra Button: @C:\Program Files\WIDCOMM\Bluetooth Software\btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
O9:64bit: - Extra 'Tools' menuitem : @C:\Program Files\WIDCOMM\Bluetooth Software\btrez.dll,-12650 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
O9 - Extra Button: Send To Bluetooth - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
O9 - Extra 'Tools' menuitem : Send to &Bluetooth Device... - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000008 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000008 [] - C:\Program Files (x86)\Bonjour\mdnsNSP.dll (Apple Inc.)
O13 - gopher Prefix: missing
O15 - HKU\S-1-5-21-1389256882-4216407415-1763555839-1000\..Trusted Domains: dell.com ([]* in Trusted sites)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload2.macromedia.com/pub/shockwave/cabs/flash/swflash.cab (Shockwave Flash Object)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer =
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{104F0946-7ACC-4301-B519-E59993474816}: DhcpNameServer =
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{104F0946-7ACC-4301-B519-E59993474816}: NameServer =
O18:64bit: - Protocol\Handler\ms-help - No CLSID value found
O20:64bit: - HKLM Winlogon: Shell - (Explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysWOW64\userinit.exe (Microsoft Corporation)
O20 - Winlogon\Notify\SDWinLogon: DllName - (SDWinLogon.dll) -  File not found
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O32 - HKLM CDRom: AutoRun - 1
O34 - HKLM BootExecute: (autocheck autochk *)
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = ComFile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = ComFile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)
========== Files/Folders - Created Within 30 Days ==========
[2013/11/17 10:11:54 | 000,602,112 | ---- | C] (OldTimer Tools) -- C:\Users\xagersfeld\Desktop\OTL.exe
[2013/11/17 08:27:32 | 000,000,000 | ---D | C] -- C:\Windows\ERUNT
[2013/11/17 08:24:45 | 001,034,531 | ---- | C] (Thisisu) -- C:\Users\xagersfeld\Desktop\JRT.exe
[2013/11/16 13:24:11 | 000,688,992 | R--- | C] (Swearware) -- C:\Users\xagersfeld\Desktop\dds.com
[2013/11/15 12:05:18 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Mozilla Firefox
[2013/11/15 00:31:12 | 000,208,216 | ---- | C] (Kaspersky Lab, GERT) -- C:\Windows\SysNative\drivers\67224765.sys
[2013/11/13 01:25:29 | 000,000,000 | ---D | C] -- C:\Users\xagersfeld\Documents\backups
[2013/11/13 01:04:21 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes' Anti-Malware (portable)
[2013/11/13 01:04:20 | 000,116,440 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\MBAMSwissArmy.sys
[2013/11/13 01:00:12 | 000,091,352 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\mbamchameleon.sys
[2013/11/13 00:59:54 | 000,000,000 | ---D | C] -- C:\Users\xagersfeld\Documents\mbar
[2013/11/12 22:22:36 | 000,000,000 | ---D | C] -- C:\Users\xagersfeld\AppData\Local\Chromium
[2013/11/12 15:39:11 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight
[2013/11/12 15:39:05 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft Silverlight
[2013/11/12 15:39:04 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft Silverlight
[2013/11/12 00:13:18 | 000,000,000 | ---D | C] -- C:\Users\xagersfeld\Documents\Old Firefox Data
[2013/11/12 00:04:54 | 000,000,000 | ---D | C] -- C:\$RECYCLE.BIN
[2013/11/11 23:42:45 | 000,518,144 | ---- | C] (SteelWerX) -- C:\Windows\SWREG.exe
[2013/11/11 23:42:45 | 000,406,528 | ---- | C] (SteelWerX) -- C:\Windows\SWSC.exe
[2013/11/11 23:42:45 | 000,060,416 | ---- | C] (NirSoft) -- C:\Windows\NIRCMD.exe
[2013/11/11 23:40:41 | 000,000,000 | ---D | C] -- C:\Users\xagersfeld\Documents\rkill
[2013/11/11 23:40:33 | 000,000,000 | ---D | C] -- C:\Qoobox
[2013/11/11 23:40:10 | 000,000,000 | ---D | C] -- C:\Windows\erdnt
[2013/11/11 23:38:47 | 000,000,000 | ---D | C] -- C:\AdwCleaner
[2013/11/08 22:23:11 | 000,000,000 | ---D | C] -- C:\Users\xagersfeld\My Games
[2013/11/06 15:01:29 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DVDVideoSoft
[2013/11/06 15:01:16 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\DVDVideoSoft
[2013/11/06 15:01:16 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\DVDVideoSoft
[2013/11/06 14:58:30 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\K-Lite Codec Pack
[2013/11/06 14:58:25 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\K-Lite Codec Pack
[2013/11/06 14:51:25 | 000,000,000 | ---D | C] -- C:\Users\xagersfeld\AppData\Roaming\DVDVideoSoft
[2013/11/06 13:32:39 | 000,000,000 | ---D | C] -- C:\Windows\pss
[2013/11/06 13:07:31 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\GreenTree Applications
[2013/11/06 10:04:24 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes
[2013/11/06 10:03:38 | 000,000,000 | ---D | C] -- C:\Program Files\iPod
[2013/11/06 10:03:37 | 000,000,000 | ---D | C] -- C:\Program Files\iTunes
[2013/11/06 10:03:37 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\iTunes
[2013/11/06 10:03:37 | 000,000,000 | ---D | C] -- C:\ProgramData\34BE82C4-E596-4e99-A191-52C6199EBF69
[2013/11/06 03:30:05 | 000,000,000 | ---D | C] -- C:\Windows\Minidump
[2013/11/06 01:46:23 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Black Isle
[2013/11/06 01:13:04 | 000,000,000 | ---D | C] -- C:\Users\xagersfeld\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Baldur's Gate - Enhanced Edition
[2013/11/06 01:09:28 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Baldur's Gate - Enhanced Edition
[2013/11/05 23:24:20 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Atari
[2013/11/05 23:21:01 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Atari
[2013/11/05 20:32:28 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Rosetta Stone
[2013/11/05 20:14:55 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Macrovision Shared
[2013/11/05 20:12:41 | 000,000,000 | ---D | C] -- C:\ProgramData\Rosetta Stone Backups
[2013/11/05 20:12:41 | 000,000,000 | ---D | C] -- C:\ProgramData\Rosetta Stone
[2013/11/05 20:10:59 | 000,000,000 | ---D | C] -- C:\ProgramData\RosettaStoneLtdServices
[2013/11/05 20:10:59 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\RosettaStoneLtdServices
[2013/11/05 20:10:11 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Rosetta Stone
[2013/11/05 20:09:56 | 000,000,000 | ---D | C] -- C:\ProgramData\FLEXnet
[2013/11/05 19:31:46 | 000,000,000 | ---D | C] -- C:\ProgramData\RELOADED
[2013/11/05 19:28:12 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Torchlight II
[2013/11/05 19:23:10 | 000,000,000 | ---D | C] -- C:\Users\xagersfeld\AppData\Local\IsolatedStorage
[2013/11/05 19:21:00 | 000,000,000 | ---D | C] -- C:\ProgramData\IsolatedStorage
[2013/11/05 19:20:23 | 000,000,000 | ---D | C] -- C:\Users\xagersfeld\AppData\Local\Palo_Alto_Software
[2013/11/05 19:20:23 | 000,000,000 | ---D | C] -- C:\Users\xagersfeld\AppData\Roaming\bppenu11
[2013/11/05 19:19:30 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Business Plan Pro
[2013/11/05 19:18:44 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Business Plan Pro
[2013/11/05 18:21:04 | 000,000,000 | ---D | C] -- C:\Users\xagersfeld\Documents\SavedGames
[2013/11/05 18:20:38 | 000,000,000 | ---D | C] -- C:\Users\xagersfeld\AppData\Roaming\Rogue Legacy
[2013/11/05 18:19:12 | 000,000,000 | ---D | C] -- C:\Users\xagersfeld\Documents\Adobe
[2013/11/05 18:13:34 | 000,000,000 | ---D | C] -- C:\ProgramData\regid.1986-12.com.adobe
[2013/11/05 18:05:13 | 000,000,000 | ---D | C] -- C:\ProgramData\ALM
[2013/11/05 18:01:43 | 000,000,000 | ---D | C] -- C:\Users\xagersfeld\Adobe Flash Builder 4.6
[2013/11/05 17:57:23 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe LiveCycle ES2
[2013/11/05 17:51:45 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\My Company Name
[2013/11/05 17:46:50 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Adobe AIR
[2013/11/05 17:43:43 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Master Collection CS6
[2013/11/05 17:43:39 | 000,000,000 | ---D | C] -- C:\Program Files\Adobe
[2013/11/05 17:43:06 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Adobe
[2013/11/05 17:13:58 | 000,000,000 | ---D | C] -- C:\Users\xagersfeld\AppData\Local\Cyberlink SoftDMA
[2013/11/05 17:13:41 | 000,000,000 | ---D | C] -- C:\Users\xagersfeld\Documents\CyberLink
[2013/11/05 17:13:40 | 000,000,000 | ---D | C] -- C:\Users\xagersfeld\AppData\Roaming\CyberLink
[2013/11/05 17:11:55 | 000,000,000 | ---D | C] -- C:\MediaServer
[2013/11/05 17:11:31 | 000,000,000 | ---D | C] -- C:\Users\Public\Documents\CyberLink
[2013/11/05 17:11:27 | 000,000,000 | ---D | C] -- C:\Users\xagersfeld\AppData\Local\MediaServer
[2013/11/05 17:10:54 | 000,000,000 | ---D | C] -- C:\Users\xagersfeld\AppData\Local\CyberLink
[2013/11/05 17:10:47 | 000,000,000 | ---D | C] -- C:\ProgramData\PDVD
[2013/11/05 17:10:47 | 000,000,000 | ---D | C] -- C:\ProgramData\CyberLink
[2013/11/05 17:10:44 | 000,000,000 | R--D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CyberLink PowerDVD 13
[2013/11/05 17:04:39 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\CyberLink
[2013/11/05 17:00:25 | 000,000,000 | ---D | C] -- C:\ProgramData\install_clap
[2013/11/05 16:54:33 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Sierra
[2013/11/05 16:53:13 | 000,558,592 | ---- | C] (Sierra On-Line) -- C:\Windows\SysWow64\SierraNW.dll
[2013/11/05 16:53:13 | 000,227,840 | ---- | C] (Sierra On-Line) -- C:\Windows\SysWow64\SNWValid.dll
[2013/11/05 16:53:05 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Sierra On-Line
[2013/11/05 16:53:05 | 000,000,000 | ---D | C] -- C:\SIERRA
[2013/11/05 16:43:24 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Shiny Entertainment
[2013/11/05 16:43:20 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Shiny
[2013/11/05 16:30:28 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Westwood
[2013/11/05 16:24:43 | 000,000,000 | ---D | C] -- C:\Westwood
[2013/11/05 15:48:49 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Bullfrog
[2013/11/05 15:48:46 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Bullfrog
[2013/11/05 15:44:58 | 000,000,000 | ---D | C] -- C:\ProgramData\Age of Empires 3
[2013/11/05 15:28:38 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Microsoft Games
[2013/11/05 15:07:46 | 000,000,000 | ---D | C] -- C:\Users\xagersfeld\Documents\Almost Human
[2013/11/05 15:07:23 | 002,477,056 | ---- | C] (FreeImage) -- C:\Windows\SysWow64\freeimage.dll
[2013/11/05 15:06:54 | 000,000,000 | ---D | C] -- C:\ProgramData\Logs
[2013/11/05 15:06:52 | 000,000,000 | ---D | C] -- C:\ProgramData\TEMP
[2013/11/05 15:06:47 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Dll-Files Fixer
[2013/11/05 15:02:45 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\(Default)
[2013/11/05 15:02:25 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Legend of Grimrock
[2013/11/05 15:01:43 | 000,000,000 | ---D | C] -- C:\Users\xagersfeld\Documents\Klei
[2013/11/05 14:59:05 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Dont Starve
[2013/11/05 01:17:44 | 000,000,000 | ---D | C] -- C:\Users\xagersfeld\AppData\Roaming\Enterbrain
[2013/11/05 01:16:10 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\RPG Maker VX Ace
[2013/11/05 01:15:46 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\RPG Maker VX Ace
[2013/11/05 01:15:00 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Enterbrain
[2013/11/05 01:11:33 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft XNA
[2013/11/05 01:10:41 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WB Games
[2013/11/05 01:10:13 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\WB Games
[2013/11/05 01:06:52 | 000,000,000 | ---D | C] -- C:\Users\xagersfeld\AppData\Roaming\Microsoft Games
[2013/11/05 01:06:34 | 000,000,000 | ---D | C] -- C:\Users\xagersfeld\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\GameSpy Arcade
[2013/11/05 01:06:34 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\GameSpy Arcade
[2013/11/05 01:06:33 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\GameSpy Arcade
[2013/11/05 00:39:57 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Games
[2013/11/05 00:39:44 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft Games
[2013/11/05 00:34:10 | 000,000,000 | ---D | C] -- C:\Users\xagersfeld\AppData\Local\Skyrim
[2013/11/05 00:34:00 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\The Elder Scrolls V Skyrim
[2013/11/05 00:23:46 | 000,000,000 | ---D | C] -- C:\GOG Games
[2013/11/05 00:20:18 | 000,000,000 | ---D | C] -- C:\Users\xagersfeld\AppData\Roaming\Hive Cluster
[2013/11/05 00:18:48 | 000,000,000 | ---D | C] -- C:\Users\xagersfeld\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Antichamber
[2013/11/05 00:18:13 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Antichamber
[2013/11/05 00:14:20 | 000,000,000 | ---D | C] -- C:\Users\xagersfeld\Documents\Shiner
[2013/11/05 00:11:13 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Orcs Must Die 2
[2013/11/05 00:05:55 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Orcs Must Die 2
[2013/11/05 00:02:07 | 000,000,000 | ---D | C] -- C:\Users\xagersfeld\AppData\Local\SKIDROW
[2013/11/05 00:02:07 | 000,000,000 | ---D | C] -- C:\Users\xagersfeld\Documents\Orcs Must Die
[2013/11/04 23:52:05 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Robot Entertainment
[2013/11/04 23:49:06 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Robot Entertainment
[2013/11/04 23:45:20 | 000,000,000 | ---D | C] -- C:\Users\xagersfeld\AppData\Local\FLT
[2013/11/04 23:41:47 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\XCOM Enemy Unknown
[2013/11/04 23:27:38 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\XCOM Enemy Unknown
[2013/11/04 23:16:53 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Smart Defrag 2
[2013/11/04 23:16:45 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\IObit Malware Fighter
[2013/11/04 23:16:34 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Driver Booster
[2013/11/04 23:10:13 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\StarCraft II
[2013/11/04 20:10:45 | 000,000,000 | ---D | C] -- C:\Users\xagersfeld\AppData\Roaming\YOUDONTKNOWJACK
[2013/11/04 20:04:49 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\14 Degrees East
[2013/11/04 19:48:58 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\14 Degrees East
[2013/11/04 19:46:33 | 000,000,000 | ---D | C] -- C:\Users\xagersfeld\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Black Isle
[2013/11/04 19:46:33 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Black Isle
[2013/11/04 19:42:46 | 000,000,000 | ---D | C] -- C:\Program Files\BlackIsle
[2013/11/04 19:40:06 | 000,052,736 | ---- | C] (Interplay Productions) -- C:\Windows\ipuninst.exe
[2013/11/04 19:40:06 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Interplay
[2013/11/04 19:36:33 | 000,000,000 | ---D | C] -- C:\Program Files\Interplay
[2013/11/04 18:17:12 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NVIDIA Corporation
[2013/11/04 18:17:10 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\AGEIA Technologies
[2013/11/04 18:17:10 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\AGEIA
[2013/11/04 18:16:42 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Wise Installation Wizard
[2013/11/04 17:59:19 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Codemasters
[2013/11/04 17:49:14 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Codemasters
[2013/11/04 16:52:20 | 000,139,264 | ---- | C] (Blizzard Entertainment) -- C:\Windows\War3Unin.exe
[2013/11/04 16:52:20 | 000,000,000 | ---D | C] -- C:\Users\xagersfeld\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Warcraft III
[2013/11/04 16:52:20 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Warcraft III
[2013/11/04 16:46:57 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Warcraft III
[2013/11/04 16:44:12 | 000,098,304 | ---- | C] (Blizzard Entertainment) -- C:\Windows\W2BNEUnin.exe
[2013/11/04 16:44:12 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Warcraft II Battle.net Edition
[2013/11/04 16:42:59 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Warcraft II BNE
[2013/11/04 16:41:32 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\MRT
[2013/11/04 16:32:13 | 000,094,208 | ---- | C] (Blizzard Entertainment) -- C:\Windows\ScUnin.exe
[2013/11/04 16:32:04 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Starcraft
[2013/11/04 16:30:05 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Starcraft
[2013/11/04 16:11:15 | 000,000,000 | ---D | C] -- C:\Config.Msi
[2013/11/04 16:08:45 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\MSXML 4.0
[2013/11/04 16:08:15 | 000,027,456 | ---- | C] (IObit) -- C:\Windows\SysNative\RegistryDefragBootTime.exe
[2013/11/04 15:55:16 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\IObit Uninstaller
[2013/11/04 15:55:13 | 000,000,000 | ---D | C] -- C:\ProgramData\ProductData
[2013/11/04 15:55:10 | 000,000,000 | ---D | C] -- C:\ProgramData\{3C5CBD7B-3D1D-411E-96C2-513FFCA84D2D}
[2013/11/04 15:55:05 | 000,000,000 | ---D | C] -- C:\Users\xagersfeld\AppData\Roaming\IObit
[2013/11/04 15:55:05 | 000,000,000 | ---D | C] -- C:\ProgramData\IObit
[2013/11/04 15:55:04 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Advanced SystemCare 7
[2013/11/04 15:55:00 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\IObit
[2013/11/04 15:53:20 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\YourWare Solutions
[2013/11/04 15:53:20 | 000,000,000 | ---D | C] -- C:\Users\xagersfeld\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\FreeRAM XP Pro
[2013/11/04 15:53:20 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\FreeRAM XP Pro
[2013/11/04 15:51:31 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Wise Registry Cleaner
[2013/11/04 15:51:30 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Wise
[2013/11/04 15:48:33 | 000,000,000 | ---D | C] -- C:\Users\xagersfeld\Documents\Atari
[2013/11/04 15:48:33 | 000,000,000 | ---D | C] -- C:\Users\xagersfeld\AppData\Roaming\Atari
[2013/11/04 15:48:33 | 000,000,000 | ---D | C] -- C:\Users\xagersfeld\AppData\Local\Atari
[2013/11/04 15:43:05 | 000,000,000 | ---D | C] -- C:\ProgramData\Tages
[2013/11/04 15:43:05 | 000,000,000 | ---D | C] -- C:\Users\xagersfeld\Documents\Documents
[2013/11/04 15:28:49 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\You Don't Know Jack®
[2013/11/04 14:50:32 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\You Don't Know Jack®
[2013/11/04 14:23:28 | 000,000,000 | R--D | C] -- C:\Users\xagersfeld\Desktop\Apps
[2013/11/04 14:22:30 | 000,000,000 | ---D | C] -- C:\Users\xagersfeld\Desktop\Games
[2013/11/04 13:57:29 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Infogrames Interactive
[2013/11/04 13:57:28 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Infogrames Interactive
[2013/11/04 13:54:47 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\QuickTime
[2013/11/04 13:54:35 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\QuickTime
[2013/11/04 13:49:09 | 000,000,000 | ---D | C] -- C:\Users\xagersfeld\AppData\Local\Apple Computer
[2013/11/04 13:49:08 | 000,000,000 | ---D | C] -- C:\Users\xagersfeld\AppData\Roaming\Apple Computer
[2013/11/04 13:47:55 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\DRVSTORE
[2013/11/04 13:47:19 | 000,000,000 | ---D | C] -- C:\ProgramData\Apple Computer
[2013/11/04 13:45:55 | 000,000,000 | ---D | C] -- C:\Users\xagersfeld\AppData\Local\Apple
[2013/11/04 13:45:50 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Apple Software Update
[2013/11/04 13:45:24 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Apple
[2013/11/04 13:45:06 | 000,000,000 | ---D | C] -- C:\Program Files\Bonjour
[2013/11/04 13:45:06 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Bonjour
[2013/11/04 13:44:52 | 000,000,000 | ---D | C] -- C:\ProgramData\Apple
[2013/11/04 13:44:52 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Apple
[2013/11/04 12:59:08 | 000,000,000 | ---D | C] -- C:\Users\xagersfeld\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\StarCraft II
[2013/11/04 12:41:38 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\World of Warcraft
[2013/11/04 12:41:38 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\World of Warcraft
[2013/11/04 12:41:38 | 000,000,000 | ---D | C] -- C:\ProgramData\Blizzard Entertainment.Trash
[2013/11/04 12:41:38 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Blizzard Entertainment.Trash
[2013/11/04 12:40:46 | 000,000,000 | ---D | C] -- C:\ProgramData\Battle.net
[2013/11/04 12:37:47 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\StarCraft II
[2013/11/04 12:37:47 | 000,000,000 | ---D | C] -- C:\ProgramData\Blizzard Entertainment
[2013/11/04 12:37:47 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Blizzard Entertainment
[2013/11/04 12:07:26 | 000,000,000 | ---D | C] -- C:\Users\xagersfeld\Documents\Bully Scholarship Edition
[2013/11/04 11:58:57 | 000,000,000 | ---D | C] -- C:\Users\xagersfeld\Documents\The Witcher
[2013/11/04 11:58:57 | 000,000,000 | ---D | C] -- C:\Users\xagersfeld\AppData\Local\The Witcher
[2013/11/04 11:56:14 | 000,000,000 | ---D | C] -- C:\Users\Public\Documents\The Witcher
[2013/11/04 11:07:22 | 000,000,000 | ---D | C] -- C:\Users\xagersfeld\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Games
[2013/11/04 10:23:14 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Bethesda Softworks
[2013/11/04 10:23:13 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Bethesda Softworks
[2013/11/04 10:21:50 | 000,178,800 | ---- | C] (Sony DADC Austria AG.) -- C:\Windows\SysWow64\CmdLineExt_x64.dll
[2013/11/04 10:21:39 | 000,000,000 | ---D | C] -- C:\Users\xagersfeld\AppData\Local\Oblivion
[2013/11/04 10:03:42 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\The Witcher
[2013/11/04 09:49:42 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Rockstar Games
[2013/11/04 09:41:02 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Rockstar Games
[2013/11/04 09:20:47 | 000,000,000 | ---D | C] -- C:\Users\xagersfeld\AppData\Local\Downloaded Installations
[2013/11/04 09:14:45 | 000,000,000 | ---D | C] -- C:\Users\xagersfeld\AppData\Roaming\PACE Anti-Piracy
[2013/11/04 09:14:45 | 000,000,000 | ---D | C] -- C:\Users\xagersfeld\AppData\Local\PACE Anti-Piracy
[2013/11/04 09:14:45 | 000,000,000 | ---D | C] -- C:\ProgramData\PACE Anti-Piracy
[2013/11/04 09:14:45 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\PACE Anti-Piracy
[2013/11/04 09:14:16 | 000,000,000 | ---D | C] -- C:\Users\xagersfeld\AppData\Local\PaceAP
[2013/11/04 09:09:05 | 000,000,000 | ---D | C] -- C:\ProgramData\PACE
[2013/11/04 09:00:20 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\PACE
[2013/11/04 09:00:13 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\iLok License Manager
[2013/11/04 08:41:26 | 000,000,000 | ---D | C] -- C:\Users\xagersfeld\AppData\Local\Movie Magic Screenwriter
[2013/11/04 08:41:25 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Write Brothers, Inc
[2013/11/04 08:41:02 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Write Brothers, Inc
[2013/11/03 23:50:35 | 000,000,000 | ---D | C] -- C:\Users\xagersfeld\AppData\Roaming\runic games
[2013/11/03 23:26:28 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Torchlight
[2013/11/03 23:24:58 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Runic Games
[2013/11/03 23:23:26 | 000,000,000 | ---D | C] -- C:\Users\xagersfeld\AppData\Roaming\PowerISO
[2013/11/03 23:19:25 | 000,000,000 | ---D | C] -- C:\Users\xagersfeld\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\DOSBox-0.63
[2013/11/03 23:19:25 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DOSBox-0.63
[2013/11/03 23:19:25 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\DOSBox-0.63
[2013/11/03 23:12:55 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\VDMSound
[2013/11/03 23:12:43 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\appmgmt
[2013/11/03 22:55:36 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\GOG.com
[2013/11/03 22:48:54 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\GOG.com
[2013/11/03 22:39:41 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Dramatica Pro
[2013/11/03 22:39:40 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Screenplay Systems
[2013/11/03 22:36:10 | 000,000,000 | ---D | C] -- C:\Users\xagersfeld\AppData\Roaming\fltk.org
[2013/11/03 22:36:10 | 000,000,000 | ---D | C] -- C:\ProgramData\fltk.org
[2013/11/03 22:36:08 | 000,000,000 | ---D | C] -- C:\Users\xagersfeld\Documents\Amnesia
[2013/11/03 22:34:26 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Amnesia - The Dark Descent
[2013/11/03 22:28:13 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Amnesia - The Dark Descent
[2013/11/03 22:15:06 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NTI Backup NOW! 4.7
[2013/11/03 22:15:05 | 001,056,768 | ---- | C] (eHelp Corporation.) -- C:\Windows\SysWow64\ROBOEX32.DLL
[2013/11/03 22:14:28 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\LightScribe
[2013/11/03 22:12:13 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\muvee Technologies
[2013/11/03 22:12:09 | 000,226,816 | ---- | C] (honest technology) -- C:\Windows\SysWow64\htvcdsvcd.ax
[2013/11/03 22:12:06 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\NewTech Infosystems
[2013/11/03 22:12:06 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\NewTech Infosystems
[2013/11/03 22:12:01 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NTI CD & DVD-Maker 7
[2013/11/03 21:56:16 | 000,000,000 | ---D | C] -- C:\Users\xagersfeld\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\ASIO4ALL v2

Link to post
Share on other sites



[2013/11/03 21:56:16 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\ASIO4ALL v2
[2013/11/03 21:56:07 | 000,225,280 | ---- | C] (Propellerhead Software AB) -- C:\Windows\SysWow64\rewire.dll
[2013/11/03 21:56:06 | 000,000,000 | ---D | C] -- C:\Users\xagersfeld\Documents\Image-Line
[2013/11/03 21:56:05 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Image-Line
[2013/11/03 21:55:52 | 000,000,000 | ---D | C] -- C:\Users\xagersfeld\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Image-Line
[2013/11/03 21:55:51 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\VstPlugins
[2013/11/03 21:55:51 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Outsim
[2013/11/03 21:54:50 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Image-Line
[2013/11/03 21:00:09 | 000,000,000 | ---D | C] -- C:\Users\xagersfeld\AppData\Roaming\Publish Providers
[2013/11/03 20:47:08 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Sony
[2013/11/03 20:46:33 | 000,000,000 | ---D | C] -- C:\Users\xagersfeld\AppData\Local\Sony
[2013/11/03 20:46:33 | 000,000,000 | ---D | C] -- C:\ProgramData\Sony
[2013/11/03 20:46:33 | 000,000,000 | ---D | C] -- C:\Program Files\Sony
[2013/11/03 20:46:33 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Sony
[2013/11/03 20:45:49 | 000,000,000 | ---D | C] -- C:\Users\xagersfeld\AppData\Roaming\Sony
[2013/11/03 20:16:24 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\Adobe
[2013/11/03 20:02:23 | 000,000,000 | ---D | C] -- C:\ProgramData\McAfee
[2013/11/03 20:00:59 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Adobe
[2013/11/03 20:00:59 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Adobe
[2013/11/03 20:00:41 | 000,000,000 | ---D | C] -- C:\ProgramData\Adobe
[2013/11/03 19:39:15 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SharePoint
[2013/11/03 19:39:15 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office
[2013/11/03 19:38:23 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft Synchronization Services
[2013/11/03 19:38:23 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\DESIGNER
[2013/11/03 19:38:06 | 000,000,000 | ---D | C] -- C:\Windows\PCHEALTH
[2013/11/03 19:38:06 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft Sync Framework
[2013/11/03 19:38:05 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft.NET
[2013/11/03 19:35:42 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft Visual Studio 8
[2013/11/03 19:35:04 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft Office
[2013/11/03 19:34:45 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft Analysis Services
[2013/11/03 19:33:45 | 000,000,000 | ---D | C] -- C:\Users\xagersfeld\AppData\Local\Microsoft Help
[2013/11/03 19:33:37 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft Office
[2013/11/03 19:33:36 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft Help
[2013/11/03 19:33:22 | 000,000,000 | R--D | C] -- C:\MSOCache
[2013/11/03 16:50:06 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\wocaffe
[2013/11/03 16:50:06 | 000,000,000 | ---D | C] -- C:\ProgramData\TrueSuite
[2013/11/03 16:50:06 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TrueSuite
[2013/11/03 16:50:06 | 000,000,000 | ---D | C] -- C:\Program Files\TrueSuite
[2013/11/03 16:50:01 | 000,000,000 | ---D | C] -- C:\ProgramData\Downloaded Installations
[2013/11/03 16:47:30 | 000,716,872 | ---- | C] (AuthenTec, Inc.) -- C:\Windows\SysNative\drivers\ATSwpWDF.sys
[2013/11/03 15:16:27 | 000,000,000 | ---D | C] -- C:\Users\xagersfeld\AppData\Roaming\Turbine
[2013/11/03 15:15:19 | 000,000,000 | ---D | C] -- C:\Users\xagersfeld\AppData\Local\Turbine
[2013/11/03 15:12:29 | 000,000,000 | ---D | C] -- C:\Users\xagersfeld\AppData\Local\ApplicationHistory
[2013/11/03 15:11:00 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\URTTEMP
[2013/11/03 14:55:05 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Turbine
[2013/11/03 14:23:15 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PowerISO
[2013/11/03 14:21:41 | 000,000,000 | -H-D | C] -- C:\ProgramData\Common Files
[2013/11/03 14:21:30 | 000,127,384 | ---- | C] (Power Software Ltd) -- C:\Windows\SysNative\drivers\scdemu.sys
[2013/11/03 14:21:30 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\PowerISO
[2013/11/03 14:18:02 | 000,000,000 | ---D | C] -- C:\Program Files\Paint.NET
[2013/11/03 14:17:17 | 000,000,000 | ---D | C] -- C:\Users\xagersfeld\AppData\Local\Paint.NET
[2013/11/03 14:01:29 | 000,000,000 | ---D | C] -- C:\Users\xagersfeld\AppData\Roaming\DivX
[2013/11/03 13:50:36 | 000,000,000 | ---D | C] -- C:\Users\xagersfeld\AppData\Local\PMB Files
[2013/11/03 13:50:35 | 000,000,000 | ---D | C] -- C:\ProgramData\PMB Files
[2013/11/03 13:50:27 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Pando Networks
[2013/11/03 13:37:01 | 000,000,000 | -H-D | C] -- C:\Windows\AxInstSV
[2013/11/03 13:34:48 | 000,397,312 | ---- | C] (Koyote-Lab Inc) -- C:\Windows\SysWow64\TubeFinder.exe
[2013/11/03 13:34:48 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Free FLV Converter
[2013/11/03 13:34:46 | 000,000,000 | ---D | C] -- C:\Users\xagersfeld\AppData\Roaming\FreeFLVConverter
[2013/11/03 13:34:46 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Free FLV Converter
[2013/11/03 13:31:38 | 000,000,000 | ---D | C] -- C:\Users\xagersfeld\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Steam
[2013/11/03 13:25:01 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Steam
[2013/11/03 13:24:57 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Steam
[2013/11/03 13:24:57 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Steam
[2013/11/03 13:22:47 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\uTorrent
[2013/11/03 13:22:36 | 000,000,000 | ---D | C] -- C:\Users\xagersfeld\AppData\Roaming\uTorrent
[2013/11/03 13:19:37 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Audacity
[2013/11/03 13:18:58 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Amazon
[2013/11/03 13:18:58 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Amazon
[2013/11/03 13:18:12 | 000,000,000 | R--D | C] -- C:\Users\xagersfeld\Dropbox
[2013/11/03 13:16:58 | 000,000,000 | ---D | C] -- C:\Users\xagersfeld\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dropbox
[2013/11/03 13:16:13 | 000,000,000 | ---D | C] -- C:\Users\xagersfeld\AppData\Roaming\Dropbox
[2013/11/03 13:14:05 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DivX
[2013/11/03 13:14:01 | 000,000,000 | ---D | C] -- C:\Program Files\DivX
[2013/11/03 13:13:50 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\DivX Shared
[2013/11/03 13:11:36 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\DivX
[2013/11/03 13:10:48 | 000,000,000 | ---D | C] -- C:\ProgramData\DivX
[2013/11/03 13:03:54 | 000,000,000 | ---D | C] -- C:\ProgramData\Ralink
[2013/11/03 13:03:53 | 000,000,000 | ---D | C] -- C:\Users\xagersfeld\AppData\Roaming\TP-LINK
[2013/11/03 13:03:40 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TP-LINK
[2013/11/03 13:03:37 | 001,608,768 | ---- | C] (Ralink Technology, Corp.) -- C:\Windows\SysWow64\RaCertMgr.dll
[2013/11/03 13:03:37 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\TP-LINK
[2013/11/03 13:01:25 | 001,675,840 | ---- | C] (Ralink Technology Corp.) -- C:\Windows\SysNative\netr28ux.sys
[2013/11/03 13:01:25 | 001,675,840 | ---- | C] (Ralink Technology Corp.) -- C:\Windows\SysNative\drivers\netr28ux.sys
[2013/11/03 13:01:25 | 000,327,008 | ---- | C] (Ralink Technology, Inc.) -- C:\Windows\SysNative\RaCoInstx.dll
[2013/11/03 13:00:09 | 000,000,000 | ---D | C] -- C:\ProgramData\TP-LINK
[2013/11/03 12:43:47 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\kodak
[2013/11/03 12:42:05 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PrintProjects
[2013/11/03 12:42:04 | 000,000,000 | ---D | C] -- C:\ProgramData\Visan
[2013/11/03 12:42:04 | 000,000,000 | ---D | C] -- C:\ProgramData\PrintProjects
[2013/11/03 12:42:04 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\PrintProjects
[2013/11/03 12:41:44 | 000,000,000 | ---D | C] -- C:\Users\xagersfeld\AppData\Local\Eastman_Kodak_Company
[2013/11/03 12:40:58 | 000,000,000 | ---D | C] -- C:\Users\xagersfeld\AppData\Local\Eastman Kodak Company
[2013/11/03 12:40:50 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Kodak
[2013/11/03 12:40:45 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\kodak
[2013/11/03 12:39:28 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Kodak
[2013/11/03 12:37:50 | 000,000,000 | ---D | C] -- C:\Users\xagersfeld\AppData\Roaming\Temp
[2013/11/03 12:37:49 | 000,000,000 | ---D | C] -- C:\ProgramData\Kodak
[2013/11/03 12:34:26 | 000,000,000 | ---D | C] -- C:\Users\xagersfeld\AppData\Local\AVer MediaCenter
[2013/11/03 12:31:21 | 000,000,000 | ---D | C] -- C:\Users\xagersfeld\AppData\Roaming\Roxio
[2013/11/03 12:20:49 | 000,000,000 | ---D | C] -- C:\Users\xagersfeld\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dell
[2013/11/03 12:20:33 | 000,000,000 | ---D | C] -- C:\Users\xagersfeld\AppData\Local\Apps
[2013/11/03 12:20:32 | 000,000,000 | ---D | C] -- C:\Users\xagersfeld\AppData\Local\Deployment
[2013/11/03 11:57:53 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Dell Wireless
[2013/11/03 11:57:52 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Zeepe Framework 7
[2013/11/03 11:57:52 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Telespree
[2013/11/03 11:57:51 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Telespree
[2013/11/03 11:57:51 | 000,000,000 | ---D | C] -- C:\ProgramData\Novatel Wireless
[2013/11/03 11:57:51 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Dell
[2013/11/03 11:55:49 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NetWaiting
[2013/11/03 11:55:47 | 000,000,000 | ---D | C] -- C:\Users\xagersfeld\AppData\Local\BVRP Software
[2013/11/03 11:54:23 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\NetWaiting
[2013/11/03 11:54:19 | 000,000,000 | ---D | C] -- C:\Users\xagersfeld\AppData\Roaming\InstallShield
[2013/11/03 11:53:36 | 000,000,000 | ---D | C] -- C:\Users\xagersfeld\AppData\Local\Novatel Wireless
[2013/11/03 11:50:28 | 012,151,808 | ---- | C] (IDT, Inc.) -- C:\Windows\SysNative\idtcpl64.cpl
[2013/11/03 11:50:28 | 003,593,216 | ---- | C] (IDT, Inc.) -- C:\Windows\SysNative\stlang64.dll
[2013/11/03 11:50:28 | 000,564,224 | ---- | C] (IDT, Inc.) -- C:\Windows\SysNative\idt64mp1.exe
[2013/11/03 11:50:28 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\SRSLabs
[2013/11/03 11:50:04 | 001,431,040 | ---- | C] (IDT, Inc.) -- C:\Windows\SysNative\stapo64.dll
[2013/11/03 11:50:04 | 000,598,016 | ---- | C] (IDT, Inc.) -- C:\Windows\SysNative\stapi64.dll
[2013/11/03 11:50:04 | 000,487,424 | ---- | C] (IDT, Inc.) -- C:\Windows\SysNative\drivers\stwrt64.sys
[2013/11/03 11:50:04 | 000,431,616 | ---- | C] (IDT, Inc.) -- C:\Windows\SysNative\stcplx64.dll
[2013/11/03 11:50:04 | 000,209,920 | ---- | C] (IDT, Inc.) -- C:\Windows\SysNative\st646217.dll
[2013/11/03 11:50:03 | 000,000,000 | ---D | C] -- C:\Program Files\IDT
[2013/11/03 11:46:41 | 000,000,000 | ---D | C] -- C:\Users\xagersfeld\AppData\Local\Broadcom
[2013/11/03 11:46:41 | 000,000,000 | ---D | C] -- C:\Users\xagersfeld\Documents\Bluetooth Exchange Folder
[2013/11/03 11:44:11 | 000,000,000 | ---D | C] -- C:\Program Files\WIDCOMM
[2013/11/03 11:39:16 | 000,000,000 | ---D | C] -- C:\ProgramData\Dell
[2013/11/03 11:39:14 | 000,000,000 | ---D | C] -- C:\Program Files\Dell
[2013/11/03 11:38:18 | 000,000,000 | ---D | C] -- C:\ProgramData\Uninstall
[2013/11/03 11:38:06 | 000,000,000 | ---D | C] -- C:\ProgramData\Sonic
[2013/11/03 11:38:02 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Roxio
[2013/11/03 11:38:01 | 000,056,208 | ---- | C] (Rovi Corporation) -- C:\Windows\SysNative\drivers\PxHlpa64.sys
[2013/11/03 11:38:00 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Sonic Shared
[2013/11/03 11:38:00 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Roxio Shared
[2013/11/03 11:38:00 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\PX Storage Engine
[2013/11/03 11:37:59 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Roxio
[2013/11/03 11:37:59 | 000,000,000 | ---D | C] -- C:\ProgramData\Macrovision
[2013/11/03 11:37:51 | 000,000,000 | ---D | C] -- C:\Users\xagersfeld\AppData\Roaming\Roxio Log Files
[2013/11/03 11:34:26 | 000,000,000 | ---D | C] -- C:\Program Files\DIFX
[2013/11/03 11:34:14 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Fingerprint Sensor
[2013/11/03 11:33:58 | 000,000,000 | ---D | C] -- C:\Windows\Downloaded Installations
[2013/11/03 11:30:19 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\InstallShield
[2013/11/03 11:21:37 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Unknown Device Identifier 8.01
[2013/11/03 11:21:37 | 000,000,000 | ---D | C] -- C:\Program Files\Unknown Device Identifier
[2013/11/03 11:07:08 | 000,000,000 | R--D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Intel PROSet Wireless
[2013/11/03 11:07:05 | 000,000,000 | ---D | C] -- C:\Program Files\Intel
[2013/11/03 11:01:30 | 000,000,000 | ---D | C] -- C:\ProgramData\SnugTV
[2013/11/03 11:01:21 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SnugTV
[2013/11/03 11:01:20 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\SnugTV
[2013/11/03 11:01:20 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\SnugTV
[2013/11/03 11:01:11 | 000,000,000 | ---D | C] -- C:\ProgramData\AVer MediaCenter
[2013/11/03 11:01:04 | 000,000,000 | ---D | C] -- C:\Users\xagersfeld\AppData\Local\AVerMedia
[2013/11/03 11:00:58 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVerMedia
[2013/11/03 11:00:49 | 000,102,400 | ---- | C] (AVerMedia Technologies, Inc.) -- C:\Windows\SysWow64\CardID.dll
[2013/11/03 11:00:40 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\AVerMedia
[2013/11/03 11:00:24 | 000,677,376 | ---- | C] (AVerMedia TECHNOLOGIES, Inc.) -- C:\Windows\SysNative\AVerGraphAPI.dll
[2013/11/03 11:00:24 | 000,250,368 | ---- | C] (AVerMedia TECHNOLOGIES, Inc.) -- C:\Windows\SysNative\AVerColorAPI.dll
[2013/11/03 11:00:22 | 000,000,000 | ---D | C] -- C:\ProgramData\AVerMedia
[2013/11/03 11:00:15 | 000,000,000 | ---D | C] -- C:\Windows\Driver Cache
[2013/11/03 11:00:13 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\AVerMedia
[2013/11/03 10:58:52 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft SQL Server Compact Edition
[2013/11/03 10:46:57 | 000,000,000 | ---D | C] -- C:\Users\xagersfeld\AppData\Roaming\WinRAR
[2013/11/03 10:43:48 | 000,000,000 | ---D | C] -- C:\Users\xagersfeld\AppData\Roaming\ATI
[2013/11/03 10:43:48 | 000,000,000 | ---D | C] -- C:\Users\xagersfeld\AppData\Local\ATI
[2013/11/03 10:43:48 | 000,000,000 | ---D | C] -- C:\ProgramData\ATI
[2013/11/03 10:43:42 | 000,000,000 | ---D | C] -- C:\ProgramData\AMD
[2013/11/03 10:43:40 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\AMD AVT
[2013/11/03 10:43:37 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\AMD APP
[2013/11/03 10:43:32 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\ATI Technologies
[2013/11/03 10:43:32 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\ATI Technologies
[2013/11/03 10:43:24 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Catalyst Pro Control Center
[2013/11/03 10:40:39 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\ATI Technologies
[2013/11/03 10:40:25 | 000,000,000 | ---D | C] -- C:\Program Files\ATI Technologies
[2013/11/03 10:40:21 | 000,000,000 | ---D | C] -- C:\Program Files\ATI
[2013/11/03 10:39:39 | 000,000,000 | ---D | C] -- C:\AMD
[2013/11/03 03:17:14 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\Wat
[2013/11/03 03:17:14 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\Wat
[2013/11/03 00:44:29 | 000,000,000 | R-SD | C] -- C:\Windows\Fonts\Fonts
[2013/11/03 00:30:06 | 000,000,000 | ---D | C] -- C:\Users\xagersfeld\Documents\Wondershare PDF to Word
[2013/11/03 00:30:06 | 000,000,000 | ---D | C] -- C:\Users\xagersfeld\Documents\WinMPQ Folder
[2013/11/03 00:30:01 | 000,000,000 | ---D | C] -- C:\Users\xagersfeld\Documents\Visual Studio 2010
[2013/11/03 00:30:01 | 000,000,000 | ---D | C] -- C:\Users\xagersfeld\Documents\Visual Studio 2008
[2013/11/03 00:29:21 | 000,000,000 | ---D | C] -- C:\Users\xagersfeld\Documents\Video Converter
[2013/11/03 00:29:21 | 000,000,000 | ---D | C] -- C:\Users\xagersfeld\Documents\Vegas Movie Studio PE 9.0 Projects
[2013/11/03 00:27:20 | 000,000,000 | ---D | C] -- C:\Users\xagersfeld\Documents\Support Destruction Episodes 6-9_data
[2013/11/03 00:27:20 | 000,000,000 | ---D | C] -- C:\Users\xagersfeld\Documents\StarCraft II.temp
[2013/11/03 00:27:06 | 000,000,000 | ---D | C] -- C:\Users\xagersfeld\Documents\StarCraft II
[2013/11/03 00:27:05 | 000,000,000 | ---D | C] -- C:\Users\xagersfeld\Documents\Screenwriter Documents
[2013/11/03 00:25:46 | 000,000,000 | ---D | C] -- C:\Users\xagersfeld\Documents\Attachments_201355(1)
[2013/11/03 00:25:46 | 000,000,000 | ---D | C] -- C:\Users\xagersfeld\Documents\Attachments_201355
[2013/11/03 00:25:46 | 000,000,000 | ---D | C] -- C:\Users\xagersfeld\Documents\Attachments_2013530
[2013/11/03 00:25:46 | 000,000,000 | ---D | C] -- C:\Users\xagersfeld\Documents\Attachments_201341
[2013/11/03 00:25:46 | 000,000,000 | ---D | C] -- C:\Users\xagersfeld\Documents\Attachments_2012_10_29(1)
[2013/11/03 00:25:46 | 000,000,000 | ---D | C] -- C:\Users\xagersfeld\Documents\Attachments_2012_10_29
[2013/11/03 00:25:45 | 000,000,000 | ---D | C] -- C:\Users\xagersfeld\Documents\Attachments_2012_05_26(1)
[2013/11/03 00:25:45 | 000,000,000 | ---D | C] -- C:\Users\xagersfeld\Documents\Attachments_2012_05_26
[2013/11/03 00:25:45 | 000,000,000 | ---D | C] -- C:\Users\xagersfeld\Documents\attachments_2012_01_13
[2013/11/03 00:25:45 | 000,000,000 | ---D | C] -- C:\Users\xagersfeld\Documents\attachments_2011_10_20
[2013/11/03 00:25:45 | 000,000,000 | ---D | C] -- C:\Users\xagersfeld\Documents\attachments_2011_10_01(1)
[2013/11/03 00:25:45 | 000,000,000 | ---D | C] -- C:\Users\xagersfeld\Documents\attachments_2011_09_07
[2013/11/03 00:25:45 | 000,000,000 | ---D | C] -- C:\Users\xagersfeld\Documents\attachments_2011_06_24
[2013/11/03 00:25:45 | 000,000,000 | ---D | C] -- C:\Users\xagersfeld\Documents\attachments_2011_05_23
[2013/11/03 00:25:45 | 000,000,000 | ---D | C] -- C:\Users\xagersfeld\Documents\attachments_2011_05_10
[2013/11/03 00:25:44 | 000,000,000 | ---D | C] -- C:\Users\xagersfeld\Documents\attachments_2011_05_06
[2013/11/03 00:25:44 | 000,000,000 | ---D | C] -- C:\Users\xagersfeld\Documents\attachments_2011_01_09(2)
[2013/11/03 00:25:44 | 000,000,000 | ---D | C] -- C:\Users\xagersfeld\Documents\attachments_2011_01_07
[2013/11/03 00:25:44 | 000,000,000 | ---D | C] -- C:\Users\xagersfeld\Documents\attachments_2010_11_21
[2013/11/03 00:25:44 | 000,000,000 | ---D | C] -- C:\Users\xagersfeld\Documents\attachments_2010_08_31
[2013/11/03 00:25:43 | 000,000,000 | ---D | C] -- C:\Users\xagersfeld\Documents\attachments_2010_03_24
[2013/11/03 00:25:43 | 000,000,000 | ---D | C] -- C:\Users\xagersfeld\Documents\attachments_2010_03_23
[2013/11/03 00:24:55 | 000,000,000 | ---D | C] -- C:\Users\xagersfeld\Documents\School
[2013/11/03 00:24:55 | 000,000,000 | ---D | C] -- C:\Users\xagersfeld\Documents\Sax's File
[2013/11/03 00:24:50 | 000,000,000 | ---D | C] -- C:\Users\xagersfeld\Documents\Pathfinder PDF's
[2013/11/03 00:24:47 | 000,000,000 | ---D | C] -- C:\Users\xagersfeld\Documents\Pathfinder
[2013/11/03 00:24:45 | 000,000,000 | ---D | C] -- C:\Users\xagersfeld\Documents\Notes_data
[2013/11/03 00:24:40 | 000,000,000 | --SD | C] -- C:\Users\xagersfeld\Documents\My Web Sites
[2013/11/03 00:24:40 | 000,000,000 | ---D | C] -- C:\Users\xagersfeld\Documents\My Streaming Media
[2013/11/03 00:24:39 | 000,000,000 | ---D | C] -- C:\Users\xagersfeld\Documents\My Games
[2013/11/03 00:24:39 | 000,000,000 | ---D | C] -- C:\Users\xagersfeld\Documents\mpqeditor
[2013/11/03 00:24:38 | 000,000,000 | ---D | C] -- C:\Users\xagersfeld\Documents\Epic Tie
[2013/11/03 00:24:38 | 000,000,000 | ---D | C] -- C:\Users\xagersfeld\Documents\Dungeons and Dragons Online
[2013/11/03 00:24:31 | 000,000,000 | ---D | C] -- C:\Users\xagersfeld\Documents\Dark Sun Campagn Creation
[2013/11/03 00:24:31 | 000,000,000 | ---D | C] -- C:\Users\xagersfeld\Documents\Dark Sun
[2013/11/03 00:24:31 | 000,000,000 | ---D | C] -- C:\Users\xagersfeld\Documents\12-29-2012
[2013/11/03 00:24:30 | 000,000,000 | ---D | C] -- C:\Users\xagersfeld\Documents\
[2013/11/03 00:24:30 | 000,000,000 | ---D | C] -- C:\Users\xagersfeld\Documents\09-28-2012
[2013/11/03 00:24:30 | 000,000,000 | ---D | C] -- C:\Users\xagersfeld\Documents\07-08-2012
[2013/11/03 00:24:30 | 000,000,000 | ---D | C] -- C:\Users\xagersfeld\Documents\05-07-2012
[2013/11/03 00:24:30 | 000,000,000 | ---D | C] -- C:\Users\xagersfeld\Documents\03-30-2013
[2013/11/03 00:24:30 | 000,000,000 | ---D | C] -- C:\Users\xagersfeld\Documents\01-09-2013
[2013/11/02 22:53:17 | 000,000,000 | ---D | C] -- C:\Users\xagersfeld\Documents\Geek Factory Labs
[2013/11/02 22:49:10 | 000,000,000 | ---D | C] -- C:\Windows\Panther
[2013/11/02 22:38:39 | 000,000,000 | ---D | C] -- C:\Users\xagersfeld\Desktop\Writer's Block Stuff
[2013/11/02 22:34:54 | 000,000,000 | ---D | C] -- C:\Users\xagersfeld\AppData\Roaming\RealNetworks
[2013/11/02 22:34:34 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\RealNetworks
[2013/11/02 22:34:32 | 000,000,000 | ---D | C] -- C:\ProgramData\RealNetworks
[2013/11/02 22:34:22 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\xing shared
[2013/11/02 22:34:15 | 000,272,896 | ---- | C] (Progressive Networks) -- C:\Windows\SysWow64\pncrt.dll
[2013/11/02 22:34:15 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\RealNetworks
[2013/11/02 22:33:58 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Real
[2013/11/02 22:33:49 | 000,000,000 | ---D | C] -- C:\Users\xagersfeld\AppData\Roaming\Real
[2013/11/02 22:33:14 | 000,000,000 | ---D | C] -- C:\ProgramData\Real
[2013/11/02 22:33:03 | 000,000,000 | ---D | C] -- C:\Users\xagersfeld\AppData\Roaming\vlc
[2013/11/02 22:32:13 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VideoLAN
[2013/11/02 22:32:08 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\VideoLAN
[2013/11/02 22:30:08 | 000,000,000 | ---D | C] -- C:\Users\xagersfeld\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR
[2013/11/02 22:30:08 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinRAR
[2013/11/02 22:30:07 | 000,000,000 | ---D | C] -- C:\Program Files\WinRAR
[2013/11/02 22:25:40 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Spybot - Search & Destroy 2
[2013/11/02 22:25:37 | 000,021,040 | ---- | C] (Safer Networking Limited) -- C:\Windows\SysNative\sdnclean64.exe
[2013/11/02 22:25:36 | 000,000,000 | ---D | C] -- C:\ProgramData\Spybot - Search & Destroy
[2013/11/02 22:25:32 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Spybot - Search & Destroy 2
[2013/11/02 22:24:02 | 000,000,000 | -HSD | C] -- C:\Windows\Installer
[2013/11/02 22:23:13 | 000,000,000 | ---D | C] -- C:\Users\xagersfeld\AppData\Roaming\Malwarebytes
[2013/11/02 22:23:10 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes' Anti-Malware
[2013/11/02 22:23:10 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes
[2013/11/02 22:23:09 | 000,025,928 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\mbam.sys
[2013/11/02 22:23:09 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Malwarebytes' Anti-Malware
[2013/11/02 22:22:49 | 000,000,000 | ---D | C] -- C:\Users\xagersfeld\AppData\Local\Programs
[2013/11/02 22:21:18 | 000,000,000 | ---D | C] -- C:\Users\xagersfeld\AppData\Roaming\Macromedia
[2013/11/02 22:21:18 | 000,000,000 | ---D | C] -- C:\Users\xagersfeld\AppData\Local\Macromedia
[2013/11/02 22:19:42 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome
[2013/11/02 22:19:14 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Google
[2013/11/02 22:19:09 | 000,000,000 | ---D | C] -- C:\Users\xagersfeld\AppData\Local\Google
[2013/11/02 22:19:05 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\Macromed
[2013/11/02 22:18:57 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\Macromed
[2013/11/02 22:18:29 | 000,000,000 | ---D | C] -- C:\Users\xagersfeld\AppData\Local\Adobe
[2013/11/02 22:17:03 | 000,000,000 | ---D | C] -- C:\Users\xagersfeld\AppData\Roaming\Mozilla
[2013/11/02 22:17:03 | 000,000,000 | ---D | C] -- C:\Users\xagersfeld\AppData\Local\Mozilla
[2013/11/02 22:16:53 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Mozilla Maintenance Service
[2013/11/02 22:16:53 | 000,000,000 | ---D | C] -- C:\ProgramData\Mozilla
[2013/11/02 22:10:55 | 000,000,000 | ---D | C] -- C:\Users\xagersfeld\AppData\Roaming\Adobe
[2013/11/02 21:58:17 | 000,000,000 | R--D | C] -- C:\Users\xagersfeld\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
[2013/11/02 21:58:17 | 000,000,000 | R--D | C] -- C:\Users\xagersfeld\Searches
[2013/11/02 21:58:17 | 000,000,000 | R--D | C] -- C:\Users\xagersfeld\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools
[2013/11/02 21:58:16 | 000,000,000 | -H-D | C] -- C:\Users\xagersfeld\Application Data\Microsoft\Internet Explorer\Quick Launch\User Pinned
[2013/11/02 21:58:00 | 000,000,000 | ---D | C] -- C:\Users\xagersfeld\AppData\Roaming\Identities
[2013/11/02 21:57:47 | 000,000,000 | R--D | C] -- C:\Users\xagersfeld\Contacts
[2013/11/02 21:57:45 | 000,000,000 | ---D | C] -- C:\Users\xagersfeld\AppData\Local\VirtualStore
[2013/11/02 21:57:33 | 000,000,000 | --SD | C] -- C:\Users\xagersfeld\AppData\Roaming\Microsoft
[2013/11/02 21:57:33 | 000,000,000 | R--D | C] -- C:\Users\xagersfeld\Videos
[2013/11/02 21:57:33 | 000,000,000 | R--D | C] -- C:\Users\xagersfeld\Saved Games
[2013/11/02 21:57:33 | 000,000,000 | R--D | C] -- C:\Users\xagersfeld\Pictures
[2013/11/02 21:57:33 | 000,000,000 | R--D | C] -- C:\Users\xagersfeld\Music
[2013/11/02 21:57:33 | 000,000,000 | R--D | C] -- C:\Users\xagersfeld\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance
[2013/11/02 21:57:33 | 000,000,000 | R--D | C] -- C:\Users\xagersfeld\Links
[2013/11/02 21:57:33 | 000,000,000 | R--D | C] -- C:\Users\xagersfeld\Favorites
[2013/11/02 21:57:33 | 000,000,000 | R--D | C] -- C:\Users\xagersfeld\Downloads
[2013/11/02 21:57:33 | 000,000,000 | R--D | C] -- C:\Users\xagersfeld\Documents
[2013/11/02 21:57:33 | 000,000,000 | R--D | C] -- C:\Users\xagersfeld\Desktop
[2013/11/02 21:57:33 | 000,000,000 | R--D | C] -- C:\Users\xagersfeld\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
[2013/11/02 21:57:33 | 000,000,000 | -HSD | C] -- C:\Users\xagersfeld\AppData\Local\Temporary Internet Files
[2013/11/02 21:57:33 | 000,000,000 | -HSD | C] -- C:\Users\xagersfeld\Templates
[2013/11/02 21:57:33 | 000,000,000 | -HSD | C] -- C:\Users\xagersfeld\Start Menu
[2013/11/02 21:57:33 | 000,000,000 | -HSD | C] -- C:\Users\xagersfeld\SendTo
[2013/11/02 21:57:33 | 000,000,000 | -HSD | C] -- C:\Users\xagersfeld\Recent
[2013/11/02 21:57:33 | 000,000,000 | -HSD | C] -- C:\Users\xagersfeld\PrintHood
[2013/11/02 21:57:33 | 000,000,000 | -HSD | C] -- C:\Users\xagersfeld\NetHood
[2013/11/02 21:57:33 | 000,000,000 | -HSD | C] -- C:\Users\xagersfeld\Documents\My Videos
[2013/11/02 21:57:33 | 000,000,000 | -HSD | C] -- C:\Users\xagersfeld\Documents\My Pictures
[2013/11/02 21:57:33 | 000,000,000 | -HSD | C] -- C:\Users\xagersfeld\Documents\My Music
[2013/11/02 21:57:33 | 000,000,000 | -HSD | C] -- C:\Users\xagersfeld\My Documents
[2013/11/02 21:57:33 | 000,000,000 | -HSD | C] -- C:\Users\xagersfeld\Local Settings
[2013/11/02 21:57:33 | 000,000,000 | -HSD | C] -- C:\Users\xagersfeld\AppData\Local\History
[2013/11/02 21:57:33 | 000,000,000 | -HSD | C] -- C:\Users\xagersfeld\Cookies
[2013/11/02 21:57:33 | 000,000,000 | -HSD | C] -- C:\Users\xagersfeld\Application Data
[2013/11/02 21:57:33 | 000,000,000 | -HSD | C] -- C:\Users\xagersfeld\AppData\Local\Application Data
[2013/11/02 21:57:33 | 000,000,000 | -H-D | C] -- C:\Users\xagersfeld\AppData
[2013/11/02 21:57:33 | 000,000,000 | ---D | C] -- C:\Users\xagersfeld\AppData\Local\Temp
[2013/11/02 21:57:33 | 000,000,000 | ---D | C] -- C:\Users\xagersfeld\AppData\Local\Microsoft
[2013/11/02 21:57:33 | 000,000,000 | ---D | C] -- C:\Users\xagersfeld\AppData\Roaming\Media Center Programs
[2013/11/02 21:57:21 | 000,000,000 | ---D | C] -- C:\Recovery
[2013/11/02 21:52:31 | 000,000,000 | ---D | C] -- C:\Windows\SoftwareDistribution
[2013/11/02 21:50:22 | 000,000,000 | ---D | C] -- C:\Windows\Prefetch
[2013/11/02 21:49:37 | 000,000,000 | -HSD | C] -- C:\System Volume Information
[2013/11/02 21:29:12 | 000,172,032 | ---- | C] (Ricoh Company,Ltd) -- C:\Windows\SysNative\rixdicon.dll
[2013/11/02 21:29:12 | 000,067,584 | ---- | C] (REDC) -- C:\Windows\SysNative\drivers\rimmpx64.sys
[2013/11/02 21:29:12 | 000,057,856 | ---- | C] (REDC) -- C:\Windows\SysNative\drivers\rixdpx64.sys
[2013/11/02 21:29:12 | 000,055,296 | ---- | C] (REDC) -- C:\Windows\SysNative\drivers\rimspx64.sys
[2013/11/02 21:29:10 | 000,000,000 | -H-D | C] -- C:\Program Files (x86)\InstallShield Installation Information
[2013/11/02 21:28:53 | 000,000,000 | ---D | C] -- C:\dell
[2013/11/02 21:26:52 | 000,000,000 | ---D | C] -- C:\Users\xagersfeld\AppData\Local\ElevatedDiagnostics
========== Files - Modified Within 30 Days ==========
[2013/11/17 10:24:02 | 000,000,906 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2013/11/17 10:22:03 | 000,000,830 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
[2013/11/17 10:17:51 | 000,022,096 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2013/11/17 10:17:51 | 000,022,096 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2013/11/17 10:12:02 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\xagersfeld\Desktop\OTL.exe
[2013/11/17 10:09:15 | 000,000,294 | ---- | M] () -- C:\Windows\tasks\Driver Booster Update.job
[2013/11/17 10:09:07 | 000,000,902 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2013/11/17 10:07:52 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2013/11/17 10:07:30 | 3193,614,336 | -HS- | M] () -- C:\hiberfil.sys
[2013/11/17 10:06:32 | 000,000,000 | ---- | M] () -- C:\asc_rdflag
[2013/11/17 09:14:40 | 001,085,542 | ---- | M] () -- C:\Users\xagersfeld\Desktop\AdwCleaner.exe
[2013/11/17 08:24:55 | 001,034,531 | ---- | M] (Thisisu) -- C:\Users\xagersfeld\Desktop\JRT.exe
[2013/11/16 13:24:41 | 000,688,992 | R--- | M] (Swearware) -- C:\Users\xagersfeld\Desktop\dds.com
[2013/11/16 00:17:26 | 000,739,790 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2013/11/16 00:17:26 | 000,632,946 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2013/11/16 00:17:26 | 000,110,548 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2013/11/15 00:31:12 | 000,208,216 | ---- | M] (Kaspersky Lab, GERT) -- C:\Windows\SysNative\drivers\67224765.sys
[2013/11/14 18:27:07 | 000,116,440 | ---- | M] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\MBAMSwissArmy.sys
[2013/11/13 01:00:12 | 000,091,352 | ---- | M] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\mbamchameleon.sys
[2013/11/12 00:04:48 | 000,000,027 | ---- | M] () -- C:\Windows\SysNative\drivers\etc\hosts
[2013/11/08 19:18:14 | 031,605,900 | ---- | M] () -- C:\Users\xagersfeld\Documents\Attitude-199.pdf
[2013/11/08 15:44:42 | 000,000,000 | -H-- | M] () -- C:\Windows\SysNative\drivers\Msft_User_WpdFs_01_09_00.Wdf
[2013/11/07 03:21:46 | 007,834,792 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT
[2013/11/06 01:19:39 | 000,001,116 | ---- | M] () -- C:\Users\xagersfeld\Application Data\Microsoft\Internet Explorer\Quick Launch\Dll-Files Fixer.lnk
[2013/11/05 16:54:38 | 000,000,408 | ---- | M] () -- C:\Windows\SIERRA.INI
[2013/11/05 15:51:20 | 000,000,287 | ---- | M] () -- C:\Windows\EReg072.dat
[2013/11/05 15:07:34 | 002,477,056 | ---- | M] (FreeImage) -- C:\Windows\SysWow64\freeimage.dll
[2013/11/05 01:06:34 | 000,001,024 | ---- | M] () -- C:\Users\xagersfeld\Application Data\Microsoft\Internet Explorer\Quick Launch\GameSpy Arcade.lnk
[2013/11/04 19:46:33 | 000,052,736 | ---- | M] (Interplay Productions) -- C:\Windows\ipuninst.exe
[2013/11/04 17:45:24 | 000,060,154 | ---- | M] () -- C:\Windows\War3Unin.dat
[2013/11/04 17:45:18 | 000,139,264 | ---- | M] (Blizzard Entertainment) -- C:\Windows\War3Unin.exe
[2013/11/04 17:45:18 | 000,002,829 | ---- | M] () -- C:\Windows\War3Unin.pif
[2013/11/04 16:45:57 | 000,000,003 | ---- | M] () -- C:\Windows\SysNative\drivers\MsftWdf_Kernel_01011_Inbox_Critical.Wdf
[2013/11/04 16:44:12 | 000,098,304 | ---- | M] (Blizzard Entertainment) -- C:\Windows\W2BNEUnin.exe
[2013/11/04 16:44:12 | 000,021,762 | ---- | M] () -- C:\Windows\W2BNEUnin.dat
[2013/11/04 16:44:12 | 000,002,829 | ---- | M] () -- C:\Windows\W2BNEUnin.pif
[2013/11/04 16:40:29 | 000,038,215 | ---- | M] () -- C:\Windows\scunin.dat
[2013/11/04 16:40:28 | 000,094,208 | ---- | M] (Blizzard Entertainment) -- C:\Windows\ScUnin.exe
[2013/11/04 16:40:28 | 000,000,967 | ---- | M] () -- C:\Windows\ScUnin.pif
[2013/11/04 10:21:50 | 000,178,800 | ---- | M] (Sony DADC Austria AG.) -- C:\Windows\SysWow64\CmdLineExt_x64.dll
[2013/11/04 10:16:58 | 000,310,728 | ---- | M] () -- C:\Windows\SysNative\drivers\atksgt.sys
[2013/11/04 10:16:57 | 000,042,696 | ---- | M] () -- C:\Windows\SysNative\drivers\lirsgt.sys
[2013/11/03 22:43:08 | 000,001,129 | ---- | M] () -- C:\Windows\PowerReg.dat
[2013/11/03 22:14:34 | 000,001,024 | RH-- | M] () -- C:\Windows\SysWow64\NTIBUN4.dll
[2013/11/03 22:13:31 | 000,001,024 | RH-- | M] () -- C:\Users\Public\Documents\NTICDMK7.dll
[2013/11/03 22:11:57 | 000,001,024 | RH-- | M] () -- C:\Windows\SysWow64\NTICDMK7.dll
[2013/11/03 22:11:02 | 000,001,024 | RH-- | M] () -- C:\Windows\SysWow64\NTIMPEG2.dll
[2013/11/03 22:11:02 | 000,001,024 | RH-- | M] () -- C:\Windows\SysWow64\NTIMP3.dll
[2013/11/03 22:11:02 | 000,001,024 | RH-- | M] () -- C:\Windows\SysWow64\NTIFCD3.dll
[2013/11/03 20:59:32 | 000,002,604 | ---- | M] () -- C:\Users\xagersfeld\Documents\Register Vegas Pro.htm
[2013/11/03 16:49:51 | 000,000,000 | -H-- | M] () -- C:\Windows\SysNative\drivers\Msft_Kernel_ATSwpWDF_01009.Wdf
[2013/11/03 15:15:22 | 000,000,098 | ---- | M] () -- C:\Users\xagersfeld\AppData\Local\fusioncache.dat
[2013/11/03 15:12:22 | 000,743,594 | ---- | M] () -- C:\Windows\SysWow64\PerfStringBackup.INI
[2013/11/03 13:03:40 | 000,002,303 | ---- | M] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\TP-LINK Wireless Configuration Utility.lnk
[2013/11/03 11:34:26 | 000,000,000 | -H-- | M] () -- C:\Windows\SysNative\drivers\Msft_Kernel_ATSwpWDF_01007.Wdf
[2013/11/03 11:07:59 | 000,000,000 | -H-- | M] () -- C:\Windows\SysNative\drivers\Msft_Kernel_bpusb_01007.Wdf
[2013/11/03 11:07:35 | 000,000,000 | -H-- | M] () -- C:\Windows\SysNative\drivers\Msft_Kernel_bpenum_01007.Wdf
[2013/11/02 22:34:15 | 000,272,896 | ---- | M] (Progressive Networks) -- C:\Windows\SysWow64\pncrt.dll
[2013/11/02 22:23:10 | 000,001,137 | ---- | M] () -- C:\Users\xagersfeld\Application Data\Microsoft\Internet Explorer\Quick Launch\Malwarebytes Anti-Malware.lnk
[2013/11/02 22:05:39 | 000,025,185 | ---- | M] () -- C:\Windows\SysWow64\ieuinit.inf
[2013/11/02 22:05:39 | 000,025,185 | ---- | M] () -- C:\Windows\SysNative\ieuinit.inf
[2013/11/02 21:59:08 | 000,001,441 | ---- | M] () -- C:\Users\xagersfeld\Application Data\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk
[2013/11/02 21:53:12 | 000,122,093 | ---- | M] () -- C:\Windows\SysWow64\license.rtf
[2013/11/02 21:53:12 | 000,122,093 | ---- | M] () -- C:\Windows\SysNative\license.rtf
[2013/11/02 21:51:46 | 000,000,000 | ---- | M] () -- C:\Windows\ativpsrm.bin
[2013/11/02 21:46:37 | 000,002,283 | ---- | M] () -- C:\Users\xagersfeld\Application Data\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk
[2013/10/31 02:26:26 | 000,397,312 | ---- | M] (Koyote-Lab Inc) -- C:\Windows\SysWow64\TubeFinder.exe
========== Files Created - No Company Name ==========
[2013/11/17 10:06:32 | 000,000,000 | ---- | C] () -- C:\asc_rdflag
[2013/11/17 09:14:33 | 001,085,542 | ---- | C] () -- C:\Users\xagersfeld\Desktop\AdwCleaner.exe
[2013/11/11 23:42:45 | 000,256,000 | ---- | C] () -- C:\Windows\PEV.exe
[2013/11/11 23:42:45 | 000,208,896 | ---- | C] () -- C:\Windows\MBR.exe
[2013/11/11 23:42:45 | 000,098,816 | ---- | C] () -- C:\Windows\sed.exe
[2013/11/11 23:42:45 | 000,080,412 | ---- | C] () -- C:\Windows\grep.exe
[2013/11/11 23:42:45 | 000,068,096 | ---- | C] () -- C:\Windows\zip.exe
[2013/11/08 19:17:31 | 031,605,900 | ---- | C] () -- C:\Users\xagersfeld\Documents\Attitude-199.pdf
[2013/11/08 15:44:42 | 000,000,000 | -H-- | C] () -- C:\Windows\SysNative\drivers\Msft_User_WpdFs_01_09_00.Wdf
[2013/11/06 14:58:27 | 000,256,088 | ---- | C] () -- C:\Windows\SysNative\unrar64.dll
[2013/11/06 14:58:27 | 000,217,176 | ---- | C] () -- C:\Windows\SysWow64\unrar.dll
[2013/11/05 19:29:34 | 000,000,854 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Torchlight II.lnk
[2013/11/05 17:57:23 | 000,002,465 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Acrobat Distiller X.lnk
[2013/11/05 17:57:23 | 000,002,453 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Acrobat X Pro.lnk
[2013/11/05 17:52:33 | 000,001,097 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Widget Browser.lnk
[2013/11/05 17:47:00 | 000,000,997 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Help.lnk
[2013/11/05 16:52:52 | 000,000,408 | ---- | C] () -- C:\Windows\SIERRA.INI
[2013/11/05 15:51:20 | 000,000,287 | ---- | C] () -- C:\Windows\EReg072.dat
[2013/11/05 15:06:48 | 000,001,116 | ---- | C] () -- C:\Users\xagersfeld\Application Data\Microsoft\Internet Explorer\Quick Launch\Dll-Files Fixer.lnk
[2013/11/05 01:06:34 | 000,001,024 | ---- | C] () -- C:\Users\xagersfeld\Application Data\Microsoft\Internet Explorer\Quick Launch\GameSpy Arcade.lnk
[2013/11/04 23:16:57 | 000,017,720 | ---- | C] () -- C:\Windows\SysNative\drivers\SmartDefragDriver.sys
[2013/11/04 23:16:40 | 000,000,294 | ---- | C] () -- C:\Windows\tasks\Driver Booster Update.job
[2013/11/04 16:52:21 | 000,060,154 | ---- | C] () -- C:\Windows\War3Unin.dat
[2013/11/04 16:52:20 | 000,002,829 | ---- | C] () -- C:\Windows\War3Unin.pif
[2013/11/04 16:45:57 | 000,000,003 | ---- | C] () -- C:\Windows\SysNative\drivers\MsftWdf_Kernel_01011_Inbox_Critical.Wdf
[2013/11/04 16:44:12 | 000,021,762 | ---- | C] () -- C:\Windows\W2BNEUnin.dat
[2013/11/04 16:44:12 | 000,002,829 | ---- | C] () -- C:\Windows\W2BNEUnin.pif
[2013/11/04 16:32:14 | 000,038,215 | ---- | C] () -- C:\Windows\scunin.dat
[2013/11/04 16:32:14 | 000,000,967 | ---- | C] () -- C:\Windows\ScUnin.pif
[2013/11/04 13:45:51 | 000,002,519 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Apple Software Update.lnk
[2013/11/04 10:16:58 | 000,310,728 | ---- | C] () -- C:\Windows\SysNative\drivers\atksgt.sys
[2013/11/04 10:16:57 | 000,042,696 | ---- | C] () -- C:\Windows\SysNative\drivers\lirsgt.sys
[2013/11/04 09:30:08 | 000,002,159 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Movie Magic Screenwriter 6.lnk
[2013/11/04 09:06:52 | 000,002,093 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iLok License Manager.lnk
[2013/11/03 22:39:41 | 000,001,129 | ---- | C] () -- C:\Windows\PowerReg.dat
[2013/11/03 22:14:34 | 000,001,024 | RH-- | C] () -- C:\Windows\SysWow64\NTIBUN4.dll
[2013/11/03 22:14:20 | 002,819,584 | ---- | C] () -- C:\Windows\SysWow64\LS_HSI.msi
[2013/11/03 22:13:31 | 000,001,024 | RH-- | C] () -- C:\Users\Public\Documents\NTICDMK7.dll
[2013/11/03 22:11:57 | 000,001,024 | RH-- | C] () -- C:\Windows\SysWow64\NTICDMK7.dll
[2013/11/03 22:11:02 | 000,001,024 | RH-- | C] () -- C:\Windows\SysWow64\NTIMPEG2.dll
[2013/11/03 22:11:02 | 000,001,024 | RH-- | C] () -- C:\Windows\SysWow64\NTIMP3.dll
[2013/11/03 22:11:02 | 000,001,024 | RH-- | C] () -- C:\Windows\SysWow64\NTIFCD3.dll
[2013/11/03 20:01:23 | 000,002,441 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader XI.lnk
[2013/11/03 16:49:51 | 000,000,000 | -H-- | C] () -- C:\Windows\SysNative\drivers\Msft_Kernel_ATSwpWDF_01009.Wdf
[2013/11/03 16:47:30 | 020,462,912 | ---- | C] () -- C:\Windows\SysNative\TrueSuiteCoInst02020000.dll
[2013/11/03 15:15:22 | 000,000,098 | ---- | C] () -- C:\Users\xagersfeld\AppData\Local\fusioncache.dat
[2013/11/03 15:11:29 | 000,743,594 | ---- | C] () -- C:\Windows\SysWow64\PerfStringBackup.INI
[2013/11/03 14:20:07 | 000,001,188 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Paint.NET.lnk
[2013/11/03 13:36:20 | 000,001,179 | ---- | C] () -- C:\Users\xagersfeld\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Free FLV Converter.lnk
[2013/11/03 13:34:47 | 000,364,544 | ---- | C] () -- C:\Windows\SysWow64\PropertyGrid.ocx
[2013/11/03 13:34:47 | 000,208,500 | ---- | C] () -- C:\Windows\SysWow64\ReyXpBasics.tlb
[2013/11/03 13:34:46 | 000,024,576 | ---- | C] () -- C:\Windows\SysWow64\ControlSubX.ocx
[2013/11/03 13:19:37 | 000,000,959 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Audacity.lnk
[2013/11/03 13:03:40 | 000,002,303 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\TP-LINK Wireless Configuration Utility.lnk
[2013/11/03 13:01:25 | 000,185,440 | ---- | C] () -- C:\Windows\SysNative\netr28ux.inf
[2013/11/03 13:01:25 | 000,014,181 | ---- | C] () -- C:\Windows\SysNative\RaCoInst.dat
[2013/11/03 13:01:25 | 000,008,314 | ---- | C] () -- C:\Windows\SysNative\netr28ux.cat
[2013/11/03 11:34:26 | 000,000,000 | -H-- | C] () -- C:\Windows\SysNative\drivers\Msft_Kernel_ATSwpWDF_01007.Wdf
[2013/11/03 11:07:59 | 000,000,000 | -H-- | C] () -- C:\Windows\SysNative\drivers\Msft_Kernel_bpusb_01007.Wdf
[2013/11/03 11:07:35 | 000,000,000 | -H-- | C] () -- C:\Windows\SysNative\drivers\Msft_Kernel_bpenum_01007.Wdf
[2013/11/03 11:00:49 | 000,606,208 | ---- | C] () -- C:\Windows\SysWow64\sptlib21.dll
[2013/11/03 11:00:49 | 000,311,296 | ---- | C] () -- C:\Windows\SysWow64\sptlib01.dll
[2013/11/03 11:00:49 | 000,294,912 | ---- | C] () -- C:\Windows\SysWow64\sptlib11.dll
[2013/11/03 11:00:49 | 000,290,816 | ---- | C] () -- C:\Windows\SysWow64\sptlib22.dll
[2013/11/03 11:00:49 | 000,249,856 | ---- | C] () -- C:\Windows\SysWow64\sptlib03.dll
[2013/11/03 11:00:49 | 000,225,280 | ---- | C] () -- C:\Windows\SysWow64\sptlib02.dll
[2013/11/03 11:00:49 | 000,135,168 | ---- | C] () -- C:\Windows\SysWow64\sptlib12.dll
[2013/11/03 11:00:49 | 000,049,152 | ---- | C] () -- C:\Windows\SysWow64\AVerIO.dll
[2013/11/03 11:00:49 | 000,003,456 | ---- | C] () -- C:\Windows\SysWow64\AVerIO.sys
[2013/11/03 03:01:26 | 000,000,003 | ---- | C] () -- C:\Windows\SysNative\drivers\MsftWdf_User_01_11_00_Inbox_Critical.Wdf
[2013/11/03 00:30:13 | 000,329,451 | ---- | C] () -- C:\Users\xagersfeld\Documents\T Mobile Marketing Plan.pdf
[2013/11/03 00:30:12 | 000,626,033 | ---- | C] () -- C:\Users\xagersfeld\Documents\photo.php
[2013/11/03 00:30:12 | 000,048,608 | ---- | C] () -- C:\Users\xagersfeld\Documents\RLM April May Bank Statement.pdf
[2013/11/03 00:30:12 | 000,002,604 | ---- | C] () -- C:\Users\xagersfeld\Documents\Register Vegas Pro.htm
[2013/11/03 00:30:11 | 001,066,556 | ---- | C] () -- C:\Users\xagersfeld\Documents\NorGrum eStatement June.pdf
[2013/11/03 00:30:11 | 001,066,027 | ---- | C] () -- C:\Users\xagersfeld\Documents\NorGrum eStatement Jul.pdf
[2013/11/03 00:30:11 | 000,008,259 | ---- | C] () -- C:\Users\xagersfeld\Documents\Notes.aup
[2013/11/03 00:30:10 | 001,066,208 | ---- | C] () -- C:\Users\xagersfeld\Documents\NorGrum eStatement Aug.pdf
[2013/11/03 00:30:10 | 000,000,000 | ---- | C] () -- C:\Users\xagersfeld\Documents\NEWSOFT
[2013/11/03 00:30:09 | 000,098,972 | ---- | C] () -- C:\Users\xagersfeld\Documents\Magus.pdf
[2013/11/03 00:30:08 | 000,433,452 | ---- | C] () -- C:\Users\xagersfeld\Documents\Harry's Bakery.rtf
[2013/11/03 00:30:08 | 000,385,024 | ---- | C] () -- C:\Users\xagersfeld\Documents\Database1.accdb
[2013/11/03 00:30:08 | 000,002,264 | ---- | C] () -- C:\Users\xagersfeld\Documents\Default.sfvidcap
[2013/11/03 00:30:08 | 000,000,192 | ---- | C] () -- C:\Users\xagersfeld\Documents\Data_051911_194015.roxio
[2013/11/03 00:30:07 | 000,097,296 | ---- | C] () -- C:\Users\xagersfeld\Documents\Bard.pdf
[2013/11/02 22:42:16 | 000,814,799 | ---- | C] () -- C:\Users\xagersfeld\Documents\Zane Gaddis.pdf
[2013/11/02 22:42:12 | 000,121,691 | ---- | C] () -- C:\Users\xagersfeld\Documents\Wizard Archetypes [Kenku] -- Arcane Scholar.pdf
[2013/11/02 22:42:06 | 000,244,667 | ---- | C] () -- C:\Users\xagersfeld\Documents\TheRT2.pdf
[2013/11/02 22:42:05 | 000,055,541 | ---- | C] () -- C:\Users\xagersfeld\Documents\The Burial Ground.rtf
[2013/11/02 22:42:04 | 007,424,532 | ---- | C] () -- C:\Users\xagersfeld\Documents\Teach Yourself Electricity and Electronics 4e 2006.pdf
[2013/11/02 22:42:01 | 000,148,673 | ---- | C] () -- C:\Users\xagersfeld\Documents\STAGE DORM SHOOT DAY 9 SCHEDULE.pdf
[2013/11/02 22:41:59 | 005,428,346 | ---- | C] () -- C:\Users\xagersfeld\Documents\Skull and Shackles Players Guide.pdf
[2013/11/02 22:41:48 | 003,673,946 | ---- | C] () -- C:\Users\xagersfeld\Documents\Save_the_Cat_Blake_Snyder.pdf
[2013/11/02 22:41:48 | 000,344,064 | ---- | C] () -- C:\Users\xagersfeld\Documents\Sarah.accdb
[2013/11/02 22:41:48 | 000,244,890 | ---- | C] () -- C:\Users\xagersfeld\Documents\Rocky VS Rambo FINAL.pdf
[2013/11/02 22:41:47 | 000,679,936 | ---- | C] () -- C:\Users\xagersfeld\Documents\Repair Shop.accdb
[2013/11/02 22:41:47 | 000,177,350 | ---- | C] () -- C:\Users\xagersfeld\Documents\Recording Schedule 11th March 2012.pdf
[2013/11/02 22:41:47 | 000,145,876 | ---- | C] () -- C:\Users\xagersfeld\Documents\REINSTEM.pdf
[2013/11/02 22:41:42 | 000,330,721 | ---- | C] () -- C:\Users\xagersfeld\Documents\Property tax bill.pdf
[2013/11/02 22:41:42 | 000,263,704 | ---- | C] () -- C:\Users\xagersfeld\Documents\Play N' Wash.pdf
[2013/11/02 22:41:40 | 001,138,161 | ---- | C] () -- C:\Users\xagersfeld\Documents\PlanTemp.potx
[2013/11/02 22:41:30 | 000,307,200 | ---- | C] () -- C:\Users\xagersfeld\Documents\Oren.accdb
[2013/11/02 22:41:23 | 003,073,454 | ---- | C] () -- C:\Users\xagersfeld\Documents\Mayfield_def X-COMP_07142011.pdf
[2013/11/02 22:41:23 | 000,209,185 | ---- | C] () -- C:\Users\xagersfeld\Documents\Mayfield_opc SL_112211.pdf
[2013/11/02 22:41:23 | 000,117,164 | ---- | C] () -- C:\Users\xagersfeld\Documents\Mayfield, Ruth_032911.pdf
[2013/11/02 22:41:03 | 000,107,598 | ---- | C] () -- C:\Users\xagersfeld\Documents\Introductions_and_Conclusions.pdf
[2013/11/02 22:40:58 | 000,058,008 | ---- | C] () -- C:\Users\xagersfeld\Documents\HMRegApp2.pdf
[2013/11/02 22:40:58 | 000,052,149 | ---- | C] () -- C:\Users\xagersfeld\Documents\HJB prelim proposal (1).rtf
[2013/11/02 22:40:58 | 000,030,575 | ---- | C] () -- C:\Users\xagersfeld\Documents\HJB prelim proposal.rtf
[2013/11/02 22:40:55 | 000,826,865 | ---- | C] () -- C:\Users\xagersfeld\Documents\GUNDAR NIGHTSTORM Lv 1.pdf
[2013/11/02 22:40:55 | 000,024,363 | ---- | C] () -- C:\Users\xagersfeld\Documents\Guide_to_Documenting_Sources_from_the_World_Wide_Web_-_MLA.RTF
[2013/11/02 22:40:54 | 003,714,822 | ---- | C] () -- C:\Users\xagersfeld\Documents\Greenwood Michael App & U-240.pdf
[2013/11/02 22:40:48 | 002,400,094 | ---- | C] () -- C:\Users\xagersfeld\Documents\FOR EMEL.pdf
[2013/11/02 22:40:21 | 001,566,956 | ---- | C] () -- C:\Users\xagersfeld\Documents\emel-bonty-coc-card.pdf
[2013/11/02 22:40:21 | 001,037,632 | ---- | C] () -- C:\Users\xagersfeld\Documents\episode 2.rtf
[2013/11/02 22:40:21 | 001,037,632 | ---- | C] () -- C:\Users\xagersfeld\Documents\episode 2(1).rtf
[2013/11/02 22:40:21 | 000,280,301 | ---- | C] () -- C:\Users\xagersfeld\Documents\Emel (1).pdf
[2013/11/02 22:40:21 | 000,028,341 | ---- | C] () -- C:\Users\xagersfeld\Documents\Emel's level 0 spells.pdf
[2013/11/02 22:40:21 | 000,025,526 | ---- | C] () -- C:\Users\xagersfeld\Documents\Emel's level 2 spells.pdf
[2013/11/02 22:40:21 | 000,018,951 | ---- | C] () -- C:\Users\xagersfeld\Documents\Emel's level 1 spells.pdf
[2013/11/02 22:40:14 | 000,094,008 | ---- | C] () -- C:\Users\xagersfeld\Documents\Developing_a_Thesis.pdf
[2013/11/02 22:40:14 | 000,009,694 | ---- | C] () -- C:\Users\xagersfeld\Documents\Death Party Revised 1st Draft (copy).pdf
[2013/11/02 22:40:13 | 008,212,355 | ---- | C] () -- C:\Users\xagersfeld\Documents\DARK SUN Pathfinder Main Character Sheet - Ravner Rand.rtf
[2013/11/02 22:40:12 | 007,945,095 | ---- | C] () -- C:\Users\xagersfeld\Documents\DARK SUN Pathfinder Main Character Sheet - Ducati “Third Eye” Black.rtf
[2013/11/02 22:40:12 | 005,925,672 | ---- | C] () -- C:\Users\xagersfeld\Documents\DARK SUN Pathfinder Core Class; Templar.pdf
[2013/11/02 22:40:12 | 001,023,880 | ---- | C] () -- C:\Users\xagersfeld\Documents\DARK SUN Pathfinder -- Athasian Poisons.pdf
[2013/11/02 22:39:51 | 000,799,881 | ---- | C] () -- C:\Users\xagersfeld\Documents\Blank Pathfinder CS.pdf
[2013/11/02 22:39:48 | 002,838,162 | ---- | C] () -- C:\Users\xagersfeld\Documents\Battlestar Galactica Series Bible.pdf
[2013/11/02 22:39:45 | 000,137,548 | ---- | C] () -- C:\Users\xagersfeld\Documents\aiplapaper.rtf
[2013/11/02 22:39:38 | 000,064,429 | ---- | C] () -- C:\Users\xagersfeld\Documents\9_18_11.pdf
[2013/11/02 22:39:36 | 000,035,535 | ---- | C] () -- C:\Users\xagersfeld\Documents\1211StatementPdf.pdf
[2013/11/02 22:39:35 | 000,036,888 | ---- | C] () -- C:\Users\xagersfeld\Documents\1111StatementPdf.pdf
[2013/11/02 22:25:40 | 000,001,395 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Spybot-S&D Start Center.lnk
[2013/11/02 22:23:10 | 000,001,137 | ---- | C] () -- C:\Users\xagersfeld\Application Data\Microsoft\Internet Explorer\Quick Launch\Malwarebytes Anti-Malware.lnk
[2013/11/02 22:19:42 | 000,002,283 | ---- | C] () -- C:\Users\xagersfeld\Application Data\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk
[2013/11/02 22:19:18 | 000,000,906 | ---- | C] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2013/11/02 22:19:17 | 000,000,902 | ---- | C] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2013/11/02 22:19:07 | 000,000,830 | ---- | C] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
[2013/11/02 22:16:57 | 000,001,163 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
[2013/11/02 22:05:39 | 000,025,185 | ---- | C] () -- C:\Windows\SysWow64\ieuinit.inf
[2013/11/02 22:05:39 | 000,025,185 | ---- | C] () -- C:\Windows\SysNative\ieuinit.inf
[2013/11/02 21:59:08 | 000,001,441 | ---- | C] () -- C:\Users\xagersfeld\Application Data\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk
[2013/11/02 21:58:32 | 000,001,417 | ---- | C] () -- C:\Users\xagersfeld\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
[2013/11/02 21:57:33 | 000,000,290 | ---- | C] () -- C:\Users\xagersfeld\Application Data\Microsoft\Internet Explorer\Quick Launch\Shows Desktop.lnk
[2013/11/02 21:57:33 | 000,000,272 | ---- | C] () -- C:\Users\xagersfeld\Application Data\Microsoft\Internet Explorer\Quick Launch\Window Switcher.lnk
[2013/11/02 21:53:06 | 000,001,345 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Media Center.lnk
[2013/11/02 21:53:06 | 000,001,326 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows DVD Maker.lnk
[2013/11/02 21:51:46 | 000,000,000 | ---- | C] () -- C:\Windows\ativpsrm.bin
[2013/11/02 21:49:37 | 3193,614,336 | -HS- | C] () -- C:\hiberfil.sys
[2012/11/16 12:01:08 | 000,204,952 | ---- | C] () -- C:\Windows\SysWow64\ativvsvl.dat
[2012/11/16 12:01:08 | 000,157,144 | ---- | C] () -- C:\Windows\SysWow64\ativvsva.dat
[2012/04/18 18:39:10 | 000,028,672 | ---- | C] () -- C:\Windows\SysWow64\kdbsdk32.dll
========== ZeroAccess Check ==========
[2009/07/13 20:55:00 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini
[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] /64
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
"" = C:\Windows\SysNative\shell32.dll -- [2013/07/25 18:24:57 | 014,172,672 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
"" = %SystemRoot%\system32\shell32.dll -- [2013/07/25 17:55:59 | 012,872,704 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\fastprox.dll -- [2009/07/13 17:40:51 | 000,909,312 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
"" = %systemroot%\system32\wbem\fastprox.dll -- [2010/11/20 19:24:25 | 000,606,208 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\wbemess.dll -- [2009/07/13 17:41:56 | 000,505,856 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both
========== LOP Check ==========
[2013/11/04 15:48:33 | 000,000,000 | ---D | M] -- C:\Users\xagersfeld\AppData\Roaming\Atari
[2013/11/05 19:20:23 | 000,000,000 | ---D | M] -- C:\Users\xagersfeld\AppData\Roaming\bppenu11
[2013/11/06 13:16:41 | 000,000,000 | ---D | M] -- C:\Users\xagersfeld\AppData\Roaming\Dropbox
[2013/11/06 15:01:16 | 000,000,000 | ---D | M] -- C:\Users\xagersfeld\AppData\Roaming\DVDVideoSoft
[2013/11/05 01:17:44 | 000,000,000 | ---D | M] -- C:\Users\xagersfeld\AppData\Roaming\Enterbrain
[2013/11/03 22:36:10 | 000,000,000 | ---D | M] -- C:\Users\xagersfeld\AppData\Roaming\fltk.org
[2013/11/03 13:36:22 | 000,000,000 | ---D | M] -- C:\Users\xagersfeld\AppData\Roaming\FreeFLVConverter
[2013/11/05 00:20:18 | 000,000,000 | ---D | M] -- C:\Users\xagersfeld\AppData\Roaming\Hive Cluster
[2013/11/04 23:16:57 | 000,000,000 | ---D | M] -- C:\Users\xagersfeld\AppData\Roaming\IObit
[2013/11/05 18:19:38 | 000,000,000 | ---D | M] -- C:\Users\xagersfeld\AppData\Roaming\PACE Anti-Piracy
[2013/11/03 23:23:26 | 000,000,000 | ---D | M] -- C:\Users\xagersfeld\AppData\Roaming\PowerISO
[2013/11/03 21:00:09 | 000,000,000 | ---D | M] -- C:\Users\xagersfeld\AppData\Roaming\Publish Providers
[2013/11/05 18:20:38 | 000,000,000 | ---D | M] -- C:\Users\xagersfeld\AppData\Roaming\Rogue Legacy
[2013/11/03 23:50:35 | 000,000,000 | ---D | M] -- C:\Users\xagersfeld\AppData\Roaming\runic games
[2013/11/04 16:07:59 | 000,000,000 | ---D | M] -- C:\Users\xagersfeld\AppData\Roaming\Sony
[2013/11/03 12:37:50 | 000,000,000 | ---D | M] -- C:\Users\xagersfeld\AppData\Roaming\Temp
[2013/11/03 13:03:53 | 000,000,000 | ---D | M] -- C:\Users\xagersfeld\AppData\Roaming\TP-LINK
[2013/11/03 15:16:27 | 000,000,000 | ---D | M] -- C:\Users\xagersfeld\AppData\Roaming\Turbine
[2013/11/17 08:22:14 | 000,000,000 | ---D | M] -- C:\Users\xagersfeld\AppData\Roaming\uTorrent
[2013/11/04 20:11:04 | 000,000,000 | ---D | M] -- C:\Users\xagersfeld\AppData\Roaming\YOUDONTKNOWJACK
========== Purity Check ==========
========== Alternate Data Streams ==========
@Alternate Data Stream - 217 bytes -> C:\ProgramData:2C8DFE3CE3028F37
@Alternate Data Stream - 1180 bytes -> C:\ProgramData\Microsoft:k81Ln9kigcuxcFCeio6sYPFHB
@Alternate Data Stream - 1167 bytes -> C:\ProgramData\Microsoft:5lttmsYDpUcFBaiGq3VARoZN7OTN
@Alternate Data Stream - 1000 bytes -> C:\Users\xagersfeld\AppData\Local\Temp:rZz7kJkMi6wGBzE8PAB7i

< End of report >

Link to post
Share on other sites

OTL Extras logfile created on: 11/17/2013 10:51:03 AM - Run 1
OTL by OldTimer - Version     Folder = C:\Users\xagersfeld\Desktop
64bit- Professional Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.10.9200.16736)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy
3.97 Gb Total Physical Memory | 2.19 Gb Available Physical Memory | 55.33% Memory free
7.93 Gb Paging File | 5.99 Gb Available in Paging File | 75.48% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 465.66 Gb Total Space | 133.56 Gb Free Space | 28.68% Space Free | Partition Type: NTFS
Drive D: | 7.26 Gb Total Space | 0.00 Gb Free Space | 0.00% Space Free | Partition Type: UDF
Computer Name: XAGERSFELD-PC | User Name: xagersfeld | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
========== Extra Registry (SafeList) ==========
========== File Associations ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.html[@ = htmlfile] -- C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation)
.url[@ = InternetShortcut] -- C:\Windows\SysNative\rundll32.exe (Microsoft Corporation)
.cpl [@ = cplfile] -- C:\Windows\SysWow64\control.exe (Microsoft Corporation)
.html [@ = htmlfile] -- C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation)
.html [@ = FirefoxHTML] -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation)
========== Shell Spawning ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
htmlfile [opennew] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
http [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
https [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
InternetShortcut [open] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll",OpenURL %l (Microsoft Corporation)
InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" (VideoLAN)
Directory [bridge] -- C:\Program Files (x86)\Adobe\Adobe Bridge CS6\Bridge.exe "%L" (Adobe Systems, Inc.)
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" (VideoLAN)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Applications\iexplore.exe [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
CLSID\{871C5380-42A0-1069-A2EA-08002B30309D} [OpenHomePage] -- "C:\Program Files\Internet Explorer\iexplore.exe" (Microsoft Corporation)
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
htmlfile [opennew] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
http [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
https [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" (VideoLAN)
Directory [bridge] -- C:\Program Files (x86)\Adobe\Adobe Bridge CS6\Bridge.exe "%L" (Adobe Systems, Inc.)
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" (VideoLAN)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Applications\iexplore.exe [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
CLSID\{871C5380-42A0-1069-A2EA-08002B30309D} [OpenHomePage] -- Reg Error: Value error.
========== Security Center Settings ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1
"FirewallDisableNotify" = 0
"AntiVirusDisableNotify" = 0
"UpdatesDisableNotify" = 0
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = 28 4D B2 76 41 04 CA 01  [binary data]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
========== System Restore Settings ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"DisableSR" = 0
========== Firewall Settings ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall]
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\DomainProfile]
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\StandardProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0
"EnableFirewall" = 1
"DisableNotifications" = 0
"EnableFirewall" = 1
"DisableNotifications" = 0
========== Authorized Applications List ==========
"C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe" = C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe:*:Enabled:Spybot-S&D 2 Tray Icon -- (Safer-Networking Ltd.)
"C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe" = C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe:*:Enabled:Spybot-S&D 2 Scanner Service -- (Safer-Networking Ltd.)
"C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdate.exe" = C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdate.exe:*:Enabled:Spybot-S&D 2 Updater -- (Safer-Networking Ltd.)
"C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe" = C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe:*:Enabled:Spybot-S&D 2 Background update service -- (Safer-Networking Ltd.)
"C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe" = C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe:*:Enabled:Spybot-S&D 2 Tray Icon -- (Safer-Networking Ltd.)
"C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe" = C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe:*:Enabled:Spybot-S&D 2 Scanner Service -- (Safer-Networking Ltd.)
"C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdate.exe" = C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdate.exe:*:Enabled:Spybot-S&D 2 Updater -- (Safer-Networking Ltd.)
"C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe" = C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe:*:Enabled:Spybot-S&D 2 Background update service -- (Safer-Networking Ltd.)
========== Vista Active Open Ports Exception List ==========
"{04305D79-3213-41B4-9C47-6F0C1302EBB8}" = lport=5353 | protocol=17 | dir=in | name=bonjour port 5353 |
"{0847B7A1-5F08-4DD6-969F-3196CA509422}" = lport=56974 | protocol=6 | dir=in | name=pando media booster |
"{0D982DA1-1DB2-48A3-95B8-554F2D4D57B2}" = lport=4000 | protocol=6 | dir=out | app=c:\program files (x86)\dll-files.com fixer\dllfixer.exe |
"{15A920E7-FB9E-4920-BC18-072F51F06C4D}" = lport=4000 | protocol=6 | dir=out | app=c:\program files (x86)\dll-files.com fixer\dllfixer.exe |
"{2FFA9B9D-C3A9-4836-9805-7C0209A17553}" = lport=4000 | protocol=6 | dir=out | app=c:\program files (x86)\dll-files.com fixer\dllfixer.exe |
"{38C8034F-9321-44CE-AB5B-498513534AD7}" = lport=9322 | protocol=6 | dir=in | name=ekdiscovery |
"{3BAD2B6A-6F52-4AE9-B43E-D38E6EFB8180}" = lport=9322 | protocol=6 | dir=in | name=ekdiscovery |
"{51BDCAF6-1973-4D27-A13B-D84461B67E2E}" = lport=4000 | protocol=6 | dir=out | app=c:\program files (x86)\dll-files.com fixer\dllfixer.exe |
"{55286203-884C-43F1-9B79-7D80BAE09107}" = lport=4000 | protocol=6 | dir=out | app=c:\program files (x86)\dll-files.com fixer\dllfixer.exe |
"{598D489A-A281-4B82-B54A-1317A6DF20CF}" = lport=4000 | protocol=6 | dir=out | app=c:\program files (x86)\dll-files.com fixer\dllfixer.exe |
"{67F60991-E75D-41BF-B45A-116876A8CEF5}" = lport=4000 | protocol=6 | dir=out | app=c:\program files (x86)\dll-files.com fixer\dllfixer.exe |
"{6BE83B3E-4DE9-45D9-9B5B-583AA2578EF6}" = lport=6004 | protocol=17 | dir=in | app=c:\program files (x86)\microsoft office\office14\outlook.exe |
"{74DC01CE-63F6-44A9-A45A-FA5A5EE775C0}" = lport=4000 | protocol=6 | dir=out | app=c:\program files (x86)\dll-files.com fixer\dllfixer.exe |
"{76369AA7-2440-44BA-878B-60B66C960C5D}" = lport=4000 | protocol=6 | dir=out | app=c:\program files (x86)\dll-files.com fixer\dllfixer.exe |
"{86AEB00F-8C96-4370-92D9-4D92FF85BE7E}" = lport=56974 | protocol=6 | dir=in | name=pando media booster |
"{8CBA8052-7D67-4B1F-8631-921A596DD6C9}" = lport=4000 | protocol=6 | dir=out | app=c:\program files (x86)\dll-files.com fixer\dllfixer.exe |
"{A752140D-322F-4A9F-97EE-AD2A7361956D}" = lport=56974 | protocol=17 | dir=in | name=pando media booster |
"{A8200960-6119-4697-8161-04BB18F769C3}" = lport=4000 | protocol=6 | dir=out | app=c:\program files (x86)\dll-files.com fixer\dllfixer.exe |
"{CA7D9370-8344-4DFA-8F93-53A278615F94}" = lport=56974 | protocol=17 | dir=in | name=pando media booster |
"{D3C713BD-9689-4ED2-A229-4A7C53839B30}" = lport=4000 | protocol=6 | dir=out | app=c:\program files (x86)\dll-files.com fixer\dllfixer.exe |
"{D40ED38D-FB82-4A46-B7F1-29EB4C46E58D}" = lport=4000 | protocol=6 | dir=out | app=c:\program files (x86)\dll-files.com fixer\dllfixer.exe |
"{DBF32539-E25D-4387-8389-C886EC85A9B8}" = lport=7935 | protocol=6 | dir=in | name=adobe flash builder 4.6 |
"{DED16251-6B63-412F-84C5-DA322F4815A3}" = lport=5353 | protocol=17 | dir=in | name=bonjour port 5353 |
"{E27CD811-07FD-4D86-85BD-D0F70EF641B0}" = lport=4000 | protocol=6 | dir=out | app=c:\program files (x86)\dll-files.com fixer\dllfixer.exe |
"{EE2EA9D3-ED0C-48A5-BCB4-AA1DBC642AEE}" = lport=4000 | protocol=6 | dir=out | app=c:\program files (x86)\dll-files.com fixer\dllfixer.exe |
"{F17868BE-3D5B-4A13-89A2-54F54418F275}" = lport=4000 | protocol=6 | dir=out | app=c:\program files (x86)\dll-files.com fixer\dllfixer.exe |
"{F17DA726-4E20-440D-805E-461B4D638A5A}" = lport=4000 | protocol=6 | dir=out | app=c:\program files (x86)\dll-files.com fixer\dllfixer.exe |
"{F2CFC635-04C8-45B1-B651-E504C21AFCC9}" = lport=4000 | protocol=6 | dir=out | app=c:\program files (x86)\dll-files.com fixer\dllfixer.exe |
"{F57192CB-6265-4801-A209-27EB3219E63A}" = lport=4000 | protocol=6 | dir=out | app=c:\program files (x86)\dll-files.com fixer\dllfixer.exe |
========== Vista Active Application Exception List ==========
"{008001D7-D1E1-46F9-8E86-EF167D6A09B1}" = protocol=6 | dir=in | app=c:\program files (x86)\kodak\aio\center\kodak.statistics.exe |
"{050645D6-C4DE-4CF0-A466-0717987A6459}" = dir=in | app=c:\program files (x86)\cyberlink\powerdvd13\kernel\dmr\powerdvd13dmrengine.exe |
"{0791A015-0BC0-4FDC-AA2E-3EF5C0710EE8}" = protocol=17 | dir=in | app=c:\program files\intel\wimax\bin\appsrv.exe |
"{079222BB-60B3-4D35-A75C-2111CC8AA079}" = protocol=17 | dir=in | app=c:\program files\intel\wimax\bin\dmagent.exe |
"{1554403F-3ACD-473E-9A0C-0A75DB29C25D}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\xcom interceptor\interceptor.exe |
"{17F4EF7B-81A4-4F0E-A215-8E75D0B5092B}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\x-com terror from the deep\runme.exe |
"{1834DB76-889C-49F0-B24E-78F4ADDD48AD}" = protocol=6 | dir=out | app=c:\program files (x86)\rosettastoneltdservices\rosettastoneltdservices.exe |
"{186E46D1-271B-4842-9CEC-849D500C1B9A}" = dir=in | app=c:\program files (x86)\cyberlink\powerdvd13\kernel\dms\clmsserverpdvd13.exe |
"{1DD40BA9-39EE-4B1E-A534-9FF2AE842329}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\x-com terror from the deep\runme.exe |
"{21E8A45B-2A36-4310-936F-443425765369}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\x-com terror from the deep\tfd\terror from the deep_patched.exe |
"{22D27A85-0372-43F1-BE87-0F78279F2C5A}" = protocol=17 | dir=in | app=c:\program files (x86)\snugtv\snugtv station\configwizard.exe |
"{28404896-FC21-452C-9074-DC92D5C97715}" = protocol=17 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe |
"{287091FF-A691-4AD6-83F7-B4F533D1C2DE}" = protocol=6 | dir=out | app=c:\program files (x86)\rosetta stone\rosetta stone version 3\support\bin\win\rosettastoneltdservices.exe |
"{2BB4F096-D930-4280-AF8C-81F1C1E7264A}" = protocol=17 | dir=in | app=c:\program files (x86)\pando networks\media booster\pmb.exe |
"{2E606685-249E-4719-8F20-7D04134F9FC6}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\xcom enforcer\system\xcom.exe |
"{2E9489B3-CE9C-4D44-9A54-554E32AB7F2C}" = protocol=6 | dir=in | app=c:\program files (x86)\microsoft games\rise of nations\thrones.exe |
"{331756AF-2FDE-4776-A4CF-3C610C2D567A}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\pinballarcade\pinballarcade.exe |
"{352FD001-310C-466A-93E7-03323869F8EC}" = protocol=6 | dir=in | app=c:\program files (x86)\microsoft office\office14\groove.exe |
"{38B723D2-5FED-4F7A-96F7-43DF00708FE9}" = protocol=6 | dir=in | app=c:\programdata\kodak\installer\setup.exe |
"{3A381C05-CA83-4F36-A0B1-BE1FE4C94C7D}" = protocol=17 | dir=in | app=c:\program files (x86)\microsoft games\rise of nations\thrones.exe |
"{3A3CF981-332D-428B-992C-10295A9FB96D}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\xcom apocalypse\dosbox.exe |
"{3AFD0BD5-A7D9-4402-A34D-C3CB46ABBA3B}" = protocol=17 | dir=in | app=c:\program files (x86)\adobe\adobe flash builder 4.6\flashbuilder.exe |
"{3EE4CE1D-99ED-4B4D-ACEB-0D84BBD57AAF}" = protocol=6 | dir=in | app=c:\programdata\battle.net\agent\agent.1544\agent.exe |
"{421B7140-B5A4-4745-A29F-5F6BF29E75CD}" = protocol=17 | dir=in | app=c:\program files (x86)\starcraft ii\starcraft ii public test.exe |
"{4428EB7F-DAA5-4692-9233-17104338755B}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\x-com terror from the deep\tfd\terror from the deep_patched.exe |
"{45B2ADC1-78AB-4BC7-ACE7-1A313F4ACD69}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\xcom enforcer\system\xcom.exe |
"{49160EB4-97E5-44B6-91DA-AAAFB11E722D}" = protocol=17 | dir=in | app=c:\programdata\battle.net\agent\agent.1544\agent.exe |
"{50D1EC2F-2DE6-4815-A82F-1A9C603A174B}" = protocol=6 | dir=in | app=c:\program files (x86)\kodak\aio\firmware\kodakaioupdater.exe |
"{51DE4D51-1F2D-4903-8F5F-55F89C583F00}" = protocol=6 | dir=in | app=c:\program files (x86)\pando networks\media booster\pmb.exe |
"{537EF2DB-F258-46F9-92A0-CEAA96C35540}" = protocol=17 | dir=in | app=c:\program files (x86)\codemasters\overlord ii\overlord2.exe |
"{54871E02-704F-4C82-97AA-D3E273C2976C}" = protocol=6 | dir=in | app=c:\program files (x86)\microsoft office\office14\onenote.exe |
"{54990C63-34DD-4395-8211-B4AB62DBE288}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steam.exe |
"{566DEB48-934F-4827-A6B8-13645D8C37D2}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\xcom ufo defense\xcom\ufo defense_patched.exe |
"{57773F57-6962-4532-AC4F-1416C229D8FB}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\xcom ufo defense\xcom\ufo defense_patched.exe |
"{5BAB74E1-4445-42AF-AA78-90DC66DCA97E}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\xcom ufo defense\dosbox.exe |
"{63AD95CB-29A0-4F4F-8BC5-A3AC094DF127}" = protocol=6 | dir=in | app=c:\program files (x86)\kodak\aio\center\networkprinterdiscovery.exe |
"{6586FE8B-94FC-4638-97EB-8B3B3E29B35A}" = protocol=6 | dir=in | app=c:\program files (x86)\kodak\aio\center\aiohomecenter.exe |
"{67A516F5-99CF-4780-BF7E-7331E792ADCA}" = protocol=58 | dir=out | name=@iphlpsvc.dll,-503 |
"{6876FEFE-1D58-41B5-A662-062591185233}" = protocol=17 | dir=in | app=c:\program files (x86)\snugtv\snugtv station\amaserver.exe |
"{743A906E-FC4E-4B4C-B484-22593FCC87E4}" = dir=in | app=c:\program files (x86)\cyberlink\powerdvd13\powerdvd13agent.exe |
"{746238E1-3D40-49D8-A884-A4853C4F9711}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\xcom ufo defense\dosbox.exe |
"{747AC2D0-2BF8-4BA8-9592-16F38112DFE5}" = dir=in | app=c:\program files (x86)\rosettastoneltdservices\rosettastonedaemon.exe |
"{76295459-4109-4349-8232-F084755B35F6}" = protocol=6 | dir=in | app=c:\program files (x86)\codemasters\overlord ii\overlord2.exe |
"{7AA4E73D-E00B-4FFB-AADB-407BA3318E4F}" = protocol=6 | dir=in | app=c:\program files\intel\wimax\bin\dmagent.exe |
"{7FA8D53A-2A42-4AA9-BB31-3B6FB235F520}" = protocol=6 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe |
"{81BE82E4-5D5A-40BD-A5CE-CB1F06540D46}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\xcom apocalypse\dosbox.exe |
"{82EE3360-FCDB-4CDF-B2CC-B214E4400292}" = protocol=6 | dir=in | app=c:\program files (x86)\real\realplayer\rpds\bin\rpdsvc.exe |
"{885FD54E-052A-4C2B-A545-0CB71979F9E2}" = protocol=6 | dir=in | app=c:\users\xagersfeld\appdata\roaming\dropbox\bin\dropbox.exe |
"{89FB2F48-0E6E-4022-A71F-1C43B356B0AB}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\audiosurf\engine\questviewer.exe |
"{911A213F-A636-4099-A17C-5B515CC83977}" = dir=in | app=c:\users\xagersfeld\appdata\local\facebook\video\skype\facebookvideocalling.exe |
"{92E10364-056C-43B7-B3FD-03008E7F971C}" = protocol=6 | dir=in | app=c:\program files (x86)\starcraft ii\starcraft ii.exe |
"{94720567-11AC-4EF0-8232-A21B981D0EBD}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\pinballarcade\pinballarcade.exe |
"{94827469-145C-4446-9B5D-090919BA06BF}" = protocol=6 | dir=in | app=c:\program files (x86)\adobe\adobe flash builder 4.6\flashbuilder.exe |
"{952EACC4-7E03-4340-BBC6-D5BCA3CF6924}" = dir=in | app=c:\program files (x86)\itunes\itunes.exe |
"{95A7B74D-F722-4795-B5A0-27C65589FAA7}" = protocol=6 | dir=in | app=c:\program files (x86)\snugtv\snugtv station\amaserver.exe |
"{95F59A04-5B0F-4111-928D-F4366E04364F}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\pinballarcade\pbaconfig.exe |
"{988517E8-ABB0-40EC-9462-A2B3B87FB3F7}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\xcom interceptor\interceptor.exe |
"{9EF11351-9FF6-498D-BD2B-12777E117000}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\audiosurf\engine\questviewer.exe |
"{9F04C49A-A2CD-4F98-AB86-468457D2A93D}" = protocol=6 | dir=in | app=c:\program files (x86)\microsoft games\age of empires iii\age3y.exe |
"{A15B7DB1-BC36-4B8C-BA32-E7459F6B9B9A}" = protocol=6 | dir=in | app=c:\program files\intel\wimax\bin\appsrv.exe |
"{A48B46CC-1A0D-4187-8132-7D0E90A61E5C}" = protocol=6 | dir=in | app=c:\program files (x86)\bonjour\mdnsresponder.exe |
"{A58CE522-D2F9-46C4-8D87-33C753B3B53E}" = dir=in | app=c:\program files (x86)\rosettastoneltdservices\rosettastoneltdservices.exe |
"{A7EDCC1B-52E1-4A7E-911E-B6A288EACDBD}" = protocol=17 | dir=in | app=c:\program files (x86)\microsoft office\office14\onenote.exe |
"{AAA4450A-794B-4E43-A342-488F4FD4BF53}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\pinballarcade\pbaconfig.exe |
"{AB0BD79B-89D9-42ED-9B87-7E8D02614FA0}" = protocol=6 | dir=out | app=c:\program files (x86)\rosettastoneltdservices\rosettastonedaemon.exe |
"{B44800F5-449F-4C05-8295-CB220F0E5BEB}" = protocol=6 | dir=in | app=c:\program files (x86)\pando networks\media booster\pmb.exe |
"{B5CFF3E8-2DAE-4833-9276-C205EC4C3441}" = dir=in | app=c:\program files (x86)\rosetta stone\rosetta stone version 3\support\bin\win\rosettastoneltdservices.exe |
"{B7B42C13-CAE6-4698-B3BA-26D641596EE5}" = protocol=17 | dir=in | app=c:\programdata\battle.net\agent\agent.2328\agent.exe |
"{B86DE5EA-6374-4901-AEB8-9A86E26A1E6D}" = protocol=17 | dir=in | app=c:\program files (x86)\kodak\aio\firmware\kodakaioupdater.exe |
"{BA6AC252-B331-438D-8605-9E18DBFB34DB}" = dir=in | app=c:\program files (x86)\common files\apple\apple application support\webkit2webprocess.exe |
"{BD37D5D5-AFC9-42B7-A5A8-5B23BCE07E3D}" = protocol=17 | dir=in | app=c:\program files (x86)\microsoft games\age of empires iii\age3y.exe |
"{C136C8C2-22D6-4F1A-AF28-865FD65EA2D7}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\defensegridtheawakening\defensegrid.exe |
"{C665891B-AF9C-4003-83BA-444EF6564332}" = dir=in | app=c:\program files (x86)\pando networks\media booster\pmb.exe |
"{C87C59CE-E5AD-46BD-975F-89E0156D184B}" = protocol=17 | dir=in | app=c:\program files (x86)\kodak\aio\center\aiohomecenter.exe |
"{C88E3D0B-115C-4B52-ACDE-005DF8440466}" = protocol=17 | dir=in | app=c:\program files (x86)\kodak\aio\center\networkprinterdiscovery.exe |
"{C8EBFC55-62C3-45FB-A70F-7CEE27AF225C}" = dir=in | app=c:\program files (x86)\cyberlink\powerdvd13\movie\powerdvd cinema\powerdvdcinema13.exe |
"{C9055EBE-186B-4565-8FFE-BEA2BF120156}" = protocol=6 | dir=in | app=c:\program files (x86)\snugtv\snugtv station\configwizard.exe |
"{CB091407-BF14-492D-9075-30AE6729EDBA}" = protocol=6 | dir=in | app=c:\program files (x86)\starcraft ii\starcraft ii public test.exe |
"{D274E5FC-53C7-4061-A7EA-C95289F120E8}" = dir=in | app=c:\program files (x86)\rosetta stone\rosetta stone version 3\rosettastoneversion3.exe |
"{D5243CDF-E716-4A17-8535-3D4FF8696B5D}" = protocol=17 | dir=in | app=c:\program files (x86)\pando networks\media booster\pmb.exe |
"{D8B6A38C-337C-46B7-8EA9-AED758262534}" = protocol=17 | dir=in | app=c:\programdata\kodak\installer\setup.exe |
"{D9E9A205-D45C-4633-BA8F-6141B4EBE305}" = protocol=17 | dir=in | app=c:\program files (x86)\microsoft office\office14\groove.exe |
"{DC51BD89-B7DA-463E-90F8-864F2BC591AD}" = protocol=17 | dir=in | app=c:\program files (x86)\snugtv\snugtv station\amaserver.exe |
"{DD146934-8F60-4876-A07B-21FCE5C5AC00}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\defensegridtheawakening\defensegrid.exe |
"{DFFDBA9F-3A6B-4A3D-AC0C-9BB13498A079}" = dir=in | app=c:\program files (x86)\cyberlink\powerdvd13\movie\powerdvd.exe |
"{E11ACED8-351B-4D07-A1C8-DE29076C33F2}" = dir=in | app=c:\program files (x86)\cyberlink\powerdvd13\powerdvd13.exe |
"{E523AA12-8BB7-4DD7-9C9F-526FE4AE8C47}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steam.exe |
"{E69FFF4D-618D-446D-9F13-510CA0070AE6}" = protocol=17 | dir=in | app=c:\program files (x86)\kodak\aio\center\kodak.statistics.exe |
"{E6BDD103-BCD2-4529-9F56-B7777318DC0E}" = protocol=17 | dir=in | app=c:\users\xagersfeld\appdata\roaming\utorrent\utorrent.exe |
"{E783D517-97A7-49D3-B22B-42D391FF028A}" = protocol=6 | dir=in | app=c:\program files (x86)\snugtv\snugtv station\amaserver.exe |
"{EB2CC43D-CF34-47D3-B62C-9A1FAC6C1DF6}" = protocol=58 | dir=in | app=system |
"{EDCB1F7B-2263-45DB-A071-5DD4DD5C5278}" = dir=in | app=c:\program files (x86)\cyberlink\powerdvd13\powerdvd13ml.exe |
"{EF2DA4A2-F21B-4F03-813D-1902B9F1A4B0}" = protocol=17 | dir=in | app=c:\program files (x86)\starcraft ii\starcraft ii.exe |
"{EFDE5875-0413-4F64-9822-55FF59820877}" = protocol=6 | dir=out | app=c:\program files (x86)\rosetta stone\rosetta stone version 3\rosettastoneversion3.exe |
"{F3D5DF12-7325-4BEA-9D85-88CC966C9B54}" = protocol=17 | dir=in | app=c:\program files (x86)\bonjour\mdnsresponder.exe |
"{F52AF246-AE0B-4605-B004-082370A287BE}" = protocol=6 | dir=in | app=c:\users\xagersfeld\appdata\roaming\utorrent\utorrent.exe |
"{FBBB3F89-D97F-4B4B-B3C2-D1F5D35984BB}" = protocol=17 | dir=in | app=c:\users\xagersfeld\appdata\roaming\dropbox\bin\dropbox.exe |
"{FF892F5E-F713-4BC3-A33C-B3F1BAB4387E}" = protocol=6 | dir=in | app=c:\programdata\battle.net\agent\agent.2328\agent.exe |
"TCP Query User{0D06930E-3C83-46CA-B052-D964F6BCA19A}C:\program files (x86)\orcs must die 2\build\release\orcsmustdie2.exe" = protocol=6 | dir=in | app=c:\program files (x86)\orcs must die 2\build\release\orcsmustdie2.exe |
"TCP Query User{177E6FD9-47F6-4451-BAB1-AE93BD5DE1FF}C:\program files (x86)\turbine\ddo unlimited\dndclient.exe" = protocol=6 | dir=in | app=c:\program files (x86)\turbine\ddo unlimited\dndclient.exe |
"TCP Query User{2071F3A3-E936-49EB-BA04-30CFF4274884}C:\program files (x86)\starcraft ii\versions\base26490\sc2.exe" = protocol=6 | dir=in | app=c:\program files (x86)\starcraft ii\versions\base26490\sc2.exe |
"TCP Query User{5BD26600-9DB6-4341-94E5-8C0B44D77AAB}C:\program files (x86)\robot entertainment\orcs must die!\build\release\orcsmustdie.exe" = protocol=6 | dir=in | app=c:\program files (x86)\robot entertainment\orcs must die!\build\release\orcsmustdie.exe |
"TCP Query User{A2B59707-E058-4FF9-BC8F-DBD77A13CB3C}C:\program files (x86)\xcom enemy unknown\binaries\win32\xcomgame.exe" = protocol=6 | dir=in | app=c:\program files (x86)\xcom enemy unknown\binaries\win32\xcomgame.exe |
"TCP Query User{AF8CDFDA-7BEE-49A5-BA4F-B4EE108072E6}C:\program files (x86)\antichamber\binaries\win32\udk.exe" = protocol=6 | dir=in | app=c:\program files (x86)\antichamber\binaries\win32\udk.exe |
"TCP Query User{C4811557-726F-4483-B4BF-5F432B4498DC}C:\program files (x86)\starcraft ii\sc2-x.x.x.x-" = protocol=6 | dir=in | app=c:\program files (x86)\starcraft ii\sc2-x.x.x.x- |
"TCP Query User{E4F49627-CAD6-495F-8F75-4992BD3857D7}C:\users\xagersfeld\appdata\roaming\dropbox\bin\dropbox.exe" = protocol=6 | dir=in | app=c:\users\xagersfeld\appdata\roaming\dropbox\bin\dropbox.exe |
"UDP Query User{0154689C-EE3F-41E4-B92D-08607476855A}C:\program files (x86)\orcs must die 2\build\release\orcsmustdie2.exe" = protocol=17 | dir=in | app=c:\program files (x86)\orcs must die 2\build\release\orcsmustdie2.exe |
"UDP Query User{0415FE87-0C07-41BA-AF41-329FF08FABAE}C:\program files (x86)\robot entertainment\orcs must die!\build\release\orcsmustdie.exe" = protocol=17 | dir=in | app=c:\program files (x86)\robot entertainment\orcs must die!\build\release\orcsmustdie.exe |
"UDP Query User{0B520E5B-945C-4793-A0ED-2C94B7B2E075}C:\program files (x86)\starcraft ii\versions\base26490\sc2.exe" = protocol=17 | dir=in | app=c:\program files (x86)\starcraft ii\versions\base26490\sc2.exe |
"UDP Query User{4770BA7C-F804-4647-8C7B-F0056CDA4CAD}C:\program files (x86)\antichamber\binaries\win32\udk.exe" = protocol=17 | dir=in | app=c:\program files (x86)\antichamber\binaries\win32\udk.exe |
"UDP Query User{93573D50-4EEA-4D84-855E-BBFFE596CBB5}C:\program files (x86)\turbine\ddo unlimited\dndclient.exe" = protocol=17 | dir=in | app=c:\program files (x86)\turbine\ddo unlimited\dndclient.exe |
"UDP Query User{9C7F7657-913D-4738-9C9A-59394FF0247F}C:\program files (x86)\xcom enemy unknown\binaries\win32\xcomgame.exe" = protocol=17 | dir=in | app=c:\program files (x86)\xcom enemy unknown\binaries\win32\xcomgame.exe |
"UDP Query User{C1A6BFD6-DEFD-4110-96E4-8A0FE0284593}C:\program files (x86)\starcraft ii\sc2-x.x.x.x-" = protocol=17 | dir=in | app=c:\program files (x86)\starcraft ii\sc2-x.x.x.x- |
"UDP Query User{C585BDC8-DECA-4E14-A0F5-ABEA78111248}C:\users\xagersfeld\appdata\roaming\dropbox\bin\dropbox.exe" = protocol=17 | dir=in | app=c:\users\xagersfeld\appdata\roaming\dropbox\bin\dropbox.exe |
========== HKEY_LOCAL_MACHINE Uninstall List ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{1D8E6291-B0D5-35EC-8441-6616F567A0F7}" = Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219
"{1F85668C-CEB7-7A2E-356C-C42F950A982C}" = AMD Accelerated Video Transcoding
"{27EF8E7F-88D1-4ec5-ADE2-7E447FDF114E}" = Kodak AIO Printer
"{2EF5D87E-B7BD-458F-8428-E4D0B8B4E65C}" = Apple Mobile Device Support
"{4161341F-AE84-E404-4291-4E0322CCE809}" = AMD Media Foundation Decoders
"{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148
"{503F672D-6C84-448A-8F8F-4BC35AC83441}" = AMD APP SDK Runtime
"{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161
"{64A98EF1-2680-11E3-A909-F04DA23A5C58}" = Vegas Pro 12.0 (64-bit)
"{6B00F0E1-2680-11E3-95F5-F04DA23A5C58}" = MSVCRT Redists
"{6B58A964-29A5-467A-9CC4-EE1C4986214D}" = Intel® PROSet/Wireless WiMAX Software
"{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}" = Bonjour
"{72ad9d51-0903-4fe7-af5d-33b3185fa6e9}" = PACE License Support Win64
"{7FD0FD0D-AC40-A3BF-F2D4-54EFEDB0008F}" = AMD Drag and Drop Transcoding
"{87CF757E-C1F1-4D22-865C-00C6950B5258}" = Quickset64
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{90140000-002A-0000-1000-0000000FF1CE}" = Microsoft Office Office 64-bit Components 2010
"{90140000-002A-0409-1000-0000000FF1CE}" = Microsoft Office Shared 64-bit MUI (English) 2010
"{90140000-0116-0409-1000-0000000FF1CE}" = Microsoft Office Shared 64-bit Setup Metadata MUI (English) 2010
"{9E9D49A4-1DF4-4138-B7DB-5D87A893088E}" = WIDCOMM Bluetooth Software
"{AB58402A-43DE-551C-2B40-DD1CF0E21240}" = ccc-utility64
"{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}" = Microsoft Visual C++ 2005 Redistributable (x64)
"{C80F0529-D1D1-4AA2-88F8-BF28118BB9F6}" = Dell 5530 Wireless Broadband Package
"{D601CEAD-2E4F-4BBB-85CC-C29A4CE6A3C0}" = iTunes
"{E6C44758-FF49-47D1-8182-65E3818ACE23}" = AuthenTec TrueSuite
"{F0E2B312-D7FD-4349-A9B6-E90B36DB1BD1}" = Paint.NET v3.5.5
"{F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}" = Microsoft .NET Framework 4 Client Profile
"{FAF03106-1653-15E1-3C0C-E7AE4FAE6EBF}" = AMD Catalyst Install Manager
"6B6B5E96843E55CF5CF8C7E45FB457F1FE642FF1" = Windows Driver Package - Broadcom Bluetooth  (07/30/2009
"6B8550A319DDC8B17F35F4A89988705E4592349B" = Windows Driver Package - Broadcom Bluetooth  (06/15/2009
"815EB4ED418166EC2BBE3A39EAC38C74AE911A8C" = Windows Driver Package - AuthenTec Inc. (ATSwpWDF) Biometric  (07/02/2009
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"ProInst" = Intel PROSet Wireless
"UDK-058dd224-b8be-4d0a-9458-66dd7c4bce9d" = My Game Long Name
"Unknown Device Identifier_is1" = Unknown Device Identifier 8.01
"WinRAR archiver" = WinRAR 5.00 (64-bit)
"{01501EBA-EC35-4F9F-8889-3BE346E5DA13}" = MSXML4 Parser
"{048298C9-A4D3-490B-9FF9-AB023A9238F3}" = Steam
"{08D2E121-7F6A-43EB-97FD-629B44903403}" = Microsoft_VC90_CRT_x86
"{0B03071A-C96E-34CA-E5A3-4D8DA8ACCB3D}" = CCC Help Polish
"{1472627A-6E9F-DCB1-8894-E2BD249FD5E4}" = CCC Help Thai
"{148E08FF-D7C4-46ED-8D4D-601C67FE0AFD}" = Rosetta Stone Version 3
"{185F9795-9663-4F13-9EF9-307A282ADB5A}" = ph
"{19BFDA5D-1FE2-4F25-97F9-1A79DD04EE20}" = Microsoft XNA Framework Redistributable 3.1
"{1A2C316B-F842-6FB3-3C87-6FE02861F396}" = Catalyst Pro Control Center
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{212125C1-E5A3-4810-A057-C20FB2A79327}" = Majesty - Gold Edition
"{218BE476-B206-2879-B912-971E6E89E44D}" = CCC Help Finnish
"{259A8A5E-2886-4BED-9EF1-D5485282CCC3}" = Overlord
"{28C2DED6-325B-4CC7-983A-1777C8F7FBAB}" = RealUpgrade 1.1
"{2959A20E-C214-4E47-BAC5-C002926F0531}_is1" = The Elder Scrolls V Skyrim
"{2A075BB4-E976-4278-BF3F-E5C6945D84C0}" = bl
"{2B818257-E6C7-4841-8C29-C5C9A982BCE5}" = RICOH Media Driver ver.
"{2BFC7AA0-544C-4E3A-8796-67F3BE655BE9}" = Microsoft XNA Framework Redistributable 4.0
"{2DFFE333-1B60-4CAA-F836-3CF0C99777CA}" = CCC Help Norwegian
"{319D91C6-3D44-436C-9F79-36C0D22372DC}" = TP-LINK Wireless Configuration Utility
"{35CB6715-41F8-4F99-8881-6FC75BF054B0}" = Oblivion
"{364374D2-FE10-2170-2397-5B01F9D00093}" = CCC Help Spanish
"{3CFDF154-7E60-4E98-A8DF-C693A4F8E6B6}" = CyberLink PowerDVD 13
"{3E9E68FB-49FA-410A-8787-424F2A506E0F}" = Business Plan Pro 15th Anniversary Edition
"{3F92ABBB-6BBF-11D5-B229-002078017FBF}" = NetWaiting
"{40786C7F-7078-5147-444E-D45DE808B684}" = CCC Help Portuguese
"{43D3EA3E-2B72-57F3-40E0-318A614D0FDD}" = CCC Help Czech
"{46F044A5-CE8B-4196-984E-5BD6525E361D}" = Apple Application Support
"{48B41C3A-9A92-4B81-B653-C97FEB85C910}" = C4USelfUpdater
"{4F7823C4-BB28-A63E-CE08-1B463D4682DE}" = CCC Help Dutch
"{54B7A3C7-0940-4C16-A509-FC3C3758D22A}_is1" = Amnesia - The Dark Descent
"{56BA241F-580C-43D2-8403-947241AAE633}" = center
"{56C049BE-79E9-4502-BEA7-9754A3E60F9B}" = neroxml
"{612C34C7-5E90-47D8-9B5C-0F717DD82726}" = swMSM
"{6231FDA0-7E6F-11D4-A671-006008D09831}" = Sacrifice
"{635FED5B-2C6D-49BE-87E6-7A6FCD22BC5A}" = Microsoft_VC90_MFC_x86
"{67ADE9AF-5CD9-4089-8825-55DE4B366799}" = NTI Backup NOW! 4.7
"{6B99AF03-2668-4572-BD3D-8C7A5D103065}" = AuthenTec Fingerprint Software
"{6D7B8E2C-4356-619D-134F-FB36B0809958}" = CCC Help German
"{6F173E00-2766-E174-C2E0-AD88F24685BD}" = CCC Help Swedish
"{6F4535BC-A9F9-4E59-A83A-4DDA5A3C0580}" = AVerRadio
"{6FAEC41D-0654-12C1-0068-770D19FC2446}" = CCC Help Italian
"{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable
"{73D239CC-D6B1-ADEC-A7BE-E100C7112004}" = CCC Help Korean
"{7770E71B-2D43-4800-9CB3-5B6CAAEBEBEA}" = RealNetworks - Microsoft Visual C++ 2008 Runtime
"{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}" = Apple Software Update
"{7B9CC60A-9B81-46A3-A953-76B6BF9EEC97}" = Age of Empires III
"{7BB2EF8A-5376-4BAE-96D0-38BE49501F40}" = Rosetta Stone Ltd Services
"{7FF39807-D5D7-4758-9677-E3EE5A41779B}" = Dell Mobile Broadband Card Utility
"{837b34e3-7c30-493c-8f6a-2b0f04e2912c}" = Microsoft Visual C++ 2005 Redistributable
"{8D3D92F0-852F-D832-FD8B-029C8C231C13}" = CCC Help Russian
"{8EF8D64B-0CE9-4079-B191-8902235D4ED1}" = RealDownloader
"{90140000-0011-0000-0000-0000000FF1CE}" = Microsoft Office Professional Plus 2010
"{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{047B0968-E622-4FAA-9B4B-121FA109EDDE}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-0015-0409-0000-0000000FF1CE}" = Microsoft Office Access MUI (English) 2010
"{90140000-0015-0409-0000-0000000FF1CE}_Office14.PROPLUS_{6BD185A0-E67F-4F77-8BCD-E34EA6AE76DF}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-0016-0409-0000-0000000FF1CE}" = Microsoft Office Excel MUI (English) 2010
"{90140000-0016-0409-0000-0000000FF1CE}_Office14.PROPLUS_{6BD185A0-E67F-4F77-8BCD-E34EA6AE76DF}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-0018-0409-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (English) 2010
"{90140000-0018-0409-0000-0000000FF1CE}_Office14.PROPLUS_{6BD185A0-E67F-4F77-8BCD-E34EA6AE76DF}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-0019-0409-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (English) 2010
"{90140000-0019-0409-0000-0000000FF1CE}_Office14.PROPLUS_{6BD185A0-E67F-4F77-8BCD-E34EA6AE76DF}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-001A-0409-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (English) 2010
"{90140000-001A-0409-0000-0000000FF1CE}_Office14.PROPLUS_{6BD185A0-E67F-4F77-8BCD-E34EA6AE76DF}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-001B-0409-0000-0000000FF1CE}" = Microsoft Office Word MUI (English) 2010
"{90140000-001B-0409-0000-0000000FF1CE}_Office14.PROPLUS_{6BD185A0-E67F-4F77-8BCD-E34EA6AE76DF}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2010
"{90140000-001F-0409-0000-0000000FF1CE}_Office14.PROPLUS_{99ACCA38-6DD3-48A8-96AE-A283C9759279}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2010
"{90140000-001F-040C-0000-0000000FF1CE}_Office14.PROPLUS_{46298F6A-1E7E-4D4A-B5F5-106A4F0E48C6}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-001F-0C0A-0000-0000000FF1CE}" = Microsoft Office Proof (Spanish) 2010
"{90140000-001F-0C0A-0000-0000000FF1CE}_Office14.PROPLUS_{DEA87BE2-FFCC-4F33-9946-FCBE55A1E998}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-002A-0000-1000-0000000FF1CE}_Office14.PROPLUS_{967EF02C-5C7E-4718-8FCB-BDC050190CCF}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-002A-0409-1000-0000000FF1CE}_Office14.PROPLUS_{D6C6B46A-6CE1-4561-84A0-EFD58B8AB979}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-002C-0409-0000-0000000FF1CE}" = Microsoft Office Proofing (English) 2010
"{90140000-002C-0409-0000-0000000FF1CE}_Office14.PROPLUS_{7CA93DF4-8902-449E-A42E-4C5923CFBDE3}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-0044-0409-0000-0000000FF1CE}" = Microsoft Office InfoPath MUI (English) 2010
"{90140000-0044-0409-0000-0000000FF1CE}_Office14.PROPLUS_{6BD185A0-E67F-4F77-8BCD-E34EA6AE76DF}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-006E-0409-0000-0000000FF1CE}" = Microsoft Office Shared MUI (English) 2010
"{90140000-006E-0409-0000-0000000FF1CE}_Office14.PROPLUS_{4560037C-E356-444A-A015-D21F487D809E}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-00A1-0409-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (English) 2010
"{90140000-00A1-0409-0000-0000000FF1CE}_Office14.PROPLUS_{6BD185A0-E67F-4F77-8BCD-E34EA6AE76DF}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-00BA-0409-0000-0000000FF1CE}" = Microsoft Office Groove MUI (English) 2010
"{90140000-00BA-0409-0000-0000000FF1CE}_Office14.PROPLUS_{6BD185A0-E67F-4F77-8BCD-E34EA6AE76DF}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-0115-0409-0000-0000000FF1CE}" = Microsoft Office Shared Setup Metadata MUI (English) 2010
"{90140000-0115-0409-0000-0000000FF1CE}_Office14.PROPLUS_{4560037C-E356-444A-A015-D21F487D809E}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-0116-0409-1000-0000000FF1CE}_Office14.PROPLUS_{D6C6B46A-6CE1-4561-84A0-EFD58B8AB979}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-0117-0409-0000-0000000FF1CE}" = Microsoft Office Access Setup Metadata MUI (English) 2010
"{90140000-0117-0409-0000-0000000FF1CE}_Office14.PROPLUS_{6BD185A0-E67F-4F77-8BCD-E34EA6AE76DF}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{92C41B26-EBC5-41C5-8B6F-E3EF7E57FF16}" = AVerMedia Applications
"{92D58719-BBC1-4CC3-A08B-56C9E884CC2C}" = Microsoft_VC80_CRT_x86
"{933B4015-4618-4716-A828-5289FC03165F}" = VC80CRTRedist - 8.0.50727.6195
"{963FFEAB-16E5-EB69-4E64-338B3D319FB4}" = CCC Help Chinese Standard
"{980A182F-E0A2-4A40-94C1-AE0C1235902E}" = Pando Media Booster
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9BA4679A-4795-4B47-A547-2BE01BCB9CD7}" = Movie Magic Screenwriter 6
"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
"{9DBAF799-E58E-4F60-94FD-E1B9B5D56E38}" = Movie Magic Screenwriter 6
"{9F7E9D7B-3291-96CE-A27F-DD4F6EB230EA}" = CCC Help Chinese Traditional
"{A33E7B0C-B99C-4EC9-B702-8A328B161AF9}" = Roxio Burn
"{A6FDE264-C48D-36CE-CFA7-ABBEB861AC10}" = Catalyst Control Center Localization All
"{A724605D-B399-4304-B8C7-33B3EF7D4677}" = Bully Scholarship Edition
"{A87B11AC-4344-4E5D-8B12-8F471A87DAD9}" = LightScribe
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{AAECF7BA-E83B-4A10-87EA-DE0B333F8734}" = RealNetworks - Microsoft Visual C++ 2010 Runtime
"{AB3ED2E9-3F65-4689-B483-3B0F5F2C6A62}" = SnugTV Station
"{AC76BA86-1033-F400-7760-000000000005}" = Adobe Acrobat X Pro - English, Français, Deutsch
"{AC76BA86-7AD7-1033-7B44-AB0000000001}" = Adobe Reader XI (11.0.04)
"{ADCC857B-9A9E-411F-A441-8FDCD120043A}" = NTI CD & DVD-Maker
"{AF37176A-78CA-545B-34EF-8B6A21514DD1}" = Adobe Help Manager
"{B2E47DE7-800B-40BB-BD1F-9F221C3AEE87}" = Roxio Burn
"{B31A9284-632D-683E-3BD0-F6926D445A7B}" = CCC Help Danish
"{B4092C6D-E886-4CB2-BA68-FE5A99D31DE7}_is1" = Spybot - Search & Destroy
"{B67BAFBA-4C9F-48FA-9496-933E3B255044}" = QuickTime
"{B6D38690-755E-4F40-A35A-23F8BC2B86AC}" = Microsoft_VC90_MFCLOC_x86
"{B7A75523-3D7F-CF23-12F7-999EAF6C7167}" = CCC Help Japanese
"{B8C3B479-1716-11D5-968A-0050BA84F5F7}" = Baldur's Gate II - Throne of Bhaal
"{B92C5909-1D37-4C51-8397-A28BB28E5DC3}" = Facebook Video Calling
"{BE94C681-68E2-4561-8ABC-8D2E799168B4}" = essentials
"{BFBCF96F-7361-486A-965C-54B17AC35421}" = ocr
"{BFEAAE77-BD7F-4534-B286-9C5CB4697EB1}" = PDF Settings CS6
"{C0C6BCBC-0884-4C66-B5EF-0B7668FE2B10}" = TP-LINK TL-WDN3200 Driver
"{C43C1415-3DFC-4089-9A32-0BECF28A6046}" = Age of Empires III - The Asian Dynasties
"{C821D689-95BE-0D60-255E-D9B89CB3019F}" = Catalyst Control Center Graphics Previews Common
"{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}" = Microsoft .NET Framework 1.1
"{CE1458AA-23A7-332D-68D9-86B799898DA6}" = CCC Help Greek
"{CE75C837-4BA9-4CF8-B912-C3ED5BD0EAAC}" = You Don't Know Jack®
"{D2912CB2-F95A-406C-AA88-2BB5DCB6D275}" = AVer Media Center
"{D69C8EDE-BBC5-436B-8E0E-C5A6D311CF4F}" = Microsoft XNA Framework Redistributable 4.0 Refresh
"{DA54D3F7-4915-1A37-7EA8-2741F05B77AC}" = HydraVision
"{DA5BDB2A-12F0-4343-8351-21AAEB293990}" = PreReq
"{DD1865F0-AD73-40FB-B23E-1822E02396FF}" = NVIDIA PhysX
"{E0655E94-1D4D-8484-64C6-E6F847B7BE92}" = CCC Help Turkish
"{E0F274B7-592B-4669-8FB8-8D9825A09858}" = KODAK AiO Software
"{E2F0AF23-FE2F-4222-9A43-55E63CC41EF1}" = Catalyst Control Center - Branding
"{E3A5A8AB-58F6-45FF-AFCB-C9AE18C05001}" = IDT Audio
"{E3AE96D6-E196-45B4-AF62-2B41998B9E37}" = UpdateService
"{E426CEC1-35C5-42BF-913E-6EF8F1211D01}" = Overlord II
"{E555950B-1496-C37C-CA2C-2DF8745A5BE9}" = CCC Help English
"{E8AD3069-9EB7-4BA8-8BFE-83F4E69355C0}" = Adobe Creative Suite 6 Master Collection
"{EE229D0E-3D9E-636C-6E75-9436A87C7E49}" = CCC Help French
"{EF53BFAB-4C10-40DB-A82D-9B07111715C6}" = aioscnnr
"{EFBE6DD5-B224-96E5-72B9-68D328CB12A6}" = Adobe Widget Browser
"{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}" = Microsoft SQL Server 2005 Compact Edition [ENU]
"{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}" = Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219
"{F138762F-5A1F-4CF0-A5E1-1588EF6088A4}" = The Witcher
"{F536CCF1-C4C1-5FB9-6B17-F883DFFAE569}" = CCC Help Hungarian
"{FE23D063-934D-4829-A0D8-00634CE79B4A}" = Adobe AIR
"{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022
"15b35190-c6f9-11d9-9669-0800200c9a66_is1" = Dungeons & Dragons Online ®:  Eberron Unlimited ™ v01.13.00.802
"Adobe AIR" = Adobe AIR
"Adobe Flash Player ActiveX" = Adobe Flash Player 11 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 11 Plugin
"Adobe Shockwave Player" = Adobe Shockwave Player 12.0
"Advanced SystemCare 7_is1" = Advanced SystemCare 7
"Age of Empires" = Microsoft Age of Empires
"Age of Empires 2.0" = Microsoft Age of Empires II
"Age of Empires Expansion 1.0" = Microsoft Age of Empires Expansion
"Age of Empires II: The Conquerors Expansion 1.0" = Microsoft Age of Empires II: The Conquerors Expansion
"Amazon MP3 Downloader" = Amazon MP3 Downloader 1.0.10
"Audacity_is1" = Audacity 1.2.6
"AVerMedia H968 Hybrid TV Tuner" = AVerMedia H968 Hybrid TV Tuner
"AVerMedia Media Center Plug-ins" = AVerMedia Media Center Plug-ins
"Bastion_is1" = Bastion
"chc.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1" = Adobe Help Manager
"com.adobe.WidgetBrowser" = Adobe Widget Browser
"DivX Setup" = DivX Setup
"Dll-Files Fixer_is1" = Dll-Files Fixer
"Dont Starvev1.78078" = Dont Starve
"Dramatica Pro 4.0" = Dramatica Pro 4.0
"Driver Booster_is1" = Driver Booster
"Dungeon Keeper II" = Dungeon Keeper 2
"Dungeons and Dragons Daggerdale_is1" = Dungeons and Dragons Daggerdale
"Fallout" = Fallout
"Fallout Tactics" = Fallout Tactics
"Fallout2" = Fallout2
"FL Studio 9" = FL Studio 9
"Free FLV Converter_is1" = Free FLV Converter V 7.6.1
"Free WebM Video Converter_is1" = Free WebM Video Converter version
"GameSpy Arcade" = GameSpy Arcade
"GOGPACKUNEPIC_is1" = Unepic
"Google Chrome" = Google Chrome
"Hardcore" = Hardcore
"IL Download Manager" = IL Download Manager
"InstallShield_{3CFDF154-7E60-4E98-A8DF-C693A4F8E6B6}" = CyberLink PowerDVD 13
"InstallShield_{72ad9d51-0903-4fe7-af5d-33b3185fa6e9}" = PACE License Support Win64
"InstallShield_{7B9CC60A-9B81-46A3-A953-76B6BF9EEC97}" = Age of Empires III
"InstallShield_{92C41B26-EBC5-41C5-8B6F-E3EF7E57FF16}" = AVerMedia Applications
"InstallShield_{A724605D-B399-4304-B8C7-33B3EF7D4677}" = Bully Scholarship Edition
"InstallShield_{ADCC857B-9A9E-411F-A441-8FDCD120043A}" = NTI CD & DVD-Maker 7 Platinum
"InstallShield_{C43C1415-3DFC-4089-9A32-0BECF28A6046}" = Age of Empires III - The Asian Dynasties
"InstallShield_{D2912CB2-F95A-406C-AA88-2BB5DCB6D275}" = AVer Media Center
"IObit Malware Fighter_is1" = IObit Malware Fighter
"IObit Surfing Protection_is1" = Surfing Protection
"IObitUninstall" = IObit Uninstaller
"KLiteCodecPack_is1" = K-Lite Codec Pack 10.1.0 Full
"Legend of Grimrock_is1" = Legend of Grimrock version
"Malwarebytes' Anti-Malware_is1" = Malwarebytes Anti-Malware version
"Microsoft .NET Framework 1.1  (1033)" = Microsoft .NET Framework 1.1
"Mozilla Firefox 25.0.1 (x86 en-US)" = Mozilla Firefox 25.0.1 (x86 en-US)
"MozillaMaintenanceService" = Mozilla Maintenance Service
"MSTTS" = Microsoft Text-to-Speech Engine 4.0 (English)
"Neverwinter Nights Diamond Edition_is1" = Neverwinter Nights Diamond Edition
"Nox" = Nox
"Office14.PROPLUS" = Microsoft Office Professional Plus 2010
"Orcs Must Die 2_is1" = Orcs Must Die 2
"Orcs Must Die!_is1" = Orcs Must Die!
"PoiZone" = PoiZone
"PowerISO" = PowerISO
"PrintProjects" = PrintProjects
"RealPlayer 17.0" = RealPlayer Cloud
"RiseOfNationsExpansion 1.0" = Rise of Nations
"Roberta Williams Phantasmagoria_is1" = Roberta Williams Phantasmagoria
"Runic Games Torchlight" = Torchlight
"Sakura" = Sakura
"Sawer" = Sawer
"Sierra Utilities" = Sierra Utilities
"Smart Defrag 2_is1" = Smart Defrag 2
"Starcraft" = Starcraft
"StarCraft II" = StarCraft II
"Steam App 12900" = Audiosurf
"Steam App 18500" = Defense Grid: The Awakening
"Steam App 238260" = Pinball Arcade
"Steam App 7650" = X-COM: Terror from the Deep
"Steam App 7660" = X-COM: Apocalypse
"Steam App 7730" = X-COM: Interceptor
"Steam App 7760" = X-COM: UFO Defense
"Steam App 7770" = X-COM: Enforcer
"The Chronicles of Riddick - Assault on Dark Athena_is1" = The Chronicles of Riddick - Assault on Dark Athena
"Torchlight II © Runic Games_is1" = Torchlight II © Runic Games version 1
"Toxic Biohazard" = Toxic Biohazard
"VDMSound" = VDMSound
"VLC media player" = VLC media player 2.1.0
"Warcraft II BNE" = Warcraft II BNE
"Warcraft III" = Warcraft III
"Wise Registry Cleaner_is1" = Wise Registry Cleaner 7.88
"WOLAPI" = Westwood Shared Internet Components
"World of Warcraft" = World of Warcraft
"XCOM: Enemy Unknown_is1" = XCOM: Enemy Unknown
"You Don't Know Jack The Ride" = You Don't Know Jack The Ride
========== HKEY_USERS Uninstall List ==========
"9204f5692a8faf3b" = Dell System Detect
"Dropbox" = Dropbox
"Warcraft III" = Warcraft III: All Products
========== Last 20 Event Log Errors ==========
[ Application Events ]
Error - 11/17/2013 2:05:25 PM | Computer Name = xagersfeld-PC | Source = IMFservice | ID = 0
Description =
Error - 11/17/2013 2:05:26 PM | Computer Name = xagersfeld-PC | Source = IMFservice | ID = 0
Description =
Error - 11/17/2013 2:08:01 PM | Computer Name = xagersfeld-PC | Source = Bonjour Service | ID = 100
Description = mDNSCoreReceiveResponse: Received from   23
 PTR xagersfeld-PC-2.local.
Error - 11/17/2013 2:08:01 PM | Computer Name = xagersfeld-PC | Source = Bonjour Service | ID = 100
Description = mDNSCoreReceiveResponse: Unexpected conflict discarding   21
 PTR xagersfeld-PC.local.
Error - 11/17/2013 2:08:39 PM | Computer Name = xagersfeld-PC | Source = WinMgmt | ID = 10
Description =
[ AVer AutoUpdate Events ]
Error - 11/7/2013 4:01:43 PM | Computer Name = xagersfeld-PC | Source = AVerUpdate Server | ID = 0
Description =
Error - 11/7/2013 4:02:05 PM | Computer Name = xagersfeld-PC | Source = AVerUpdate Server | ID = 0
Description =
Error - 11/10/2013 4:01:24 PM | Computer Name = xagersfeld-PC | Source = AVerUpdate Server | ID = 0
Description =
Error - 11/10/2013 4:01:46 PM | Computer Name = xagersfeld-PC | Source = AVerUpdate Server | ID = 0
Description =
Error - 11/10/2013 4:02:08 PM | Computer Name = xagersfeld-PC | Source = AVerUpdate Server | ID = 0
Description =
Error - 11/13/2013 4:01:21 PM | Computer Name = xagersfeld-PC | Source = AVerUpdate Server | ID = 0
Description =
Error - 11/13/2013 4:01:43 PM | Computer Name = xagersfeld-PC | Source = AVerUpdate Server | ID = 0
Description =
Error - 11/13/2013 4:02:05 PM | Computer Name = xagersfeld-PC | Source = AVerUpdate Server | ID = 0
Description =
Error - 11/13/2013 4:02:27 PM | Computer Name = xagersfeld-PC | Source = AVerUpdate Server | ID = 0
Description =
Error - 11/13/2013 4:02:49 PM | Computer Name = xagersfeld-PC | Source = AVerUpdate Server | ID = 0
Description =
[ System Events ]
Error - 11/17/2013 2:07:25 PM | Computer Name = xagersfeld-PC | Source = volmgr | ID = 262190
Description = Crash dump initialization failed!
Error - 11/17/2013 2:07:47 PM | Computer Name = xagersfeld-PC | Source = ACPI | ID = 327693
Description = : The embedded controller (EC) did not respond within the specified
 timeout period. This may indicate that there is an error in the EC hardware or
firmware or that the BIOS is accessing the EC incorrectly. You should check with
 your computer manufacturer for an upgraded BIOS. In some situations, this error
 may cause the computer to function incorrectly.
Error - 11/17/2013 2:07:59 PM | Computer Name = xagersfeld-PC | Source = Application Popup | ID = 875
Description = Driver atksgt.sys has been blocked from loading.
Error - 11/17/2013 2:07:59 PM | Computer Name = xagersfeld-PC | Source = Service Control Manager | ID = 7000
Description = The atksgt service failed to start due to the following error:   %%1275
< End of report >

Link to post
Share on other sites

Also, recommend you to uninstall:

Obit Malware Fighter

Surfing Protection

IObit Uninstaller

That's why:




Note: A copy of an OTL fix log is saved in a text file at C:\_OTL\MovedFiles
Link to post
Share on other sites

Here is the log:


All processes killed
========== OTL ==========
HKU\S-1-5-21-1389256882-4216407415-1763555839-1000\SOFTWARE\Microsoft\Internet Explorer\Main\\Start Page| /E : value set successfully!
HKEY_USERS\S-1-5-21-1389256882-4216407415-1763555839-1000\Software\Microsoft\Internet Explorer\SearchScopes\\DefaultScope| /E : value set successfully!
Registry key HKEY_USERS\S-1-5-21-1389256882-4216407415-1763555839-1000\Software\Microsoft\Internet Explorer\SearchScopes\{9E61B8A4-31C1-4E4B-8D1F-FE98EB69D81C}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{9E61B8A4-31C1-4E4B-8D1F-FE98EB69D81C}\ not found.
Prefs.js: "http://search.yahoo....r=spigot-yhp-ff" removed from browser.startup.homepage
Prefs.js: "http://search.yahoo....&type=407453&p=" removed from keyword.url
Use Chrome's Settings page to change the HomePage.
64bit-Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{34A0D84B-CDDC-4EC4-AFDD-4F1DDE1D14E5}\ deleted successfully.
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{34A0D84B-CDDC-4EC4-AFDD-4F1DDE1D14E5}\ not found.
C:\Program Files (x86)\uTorrent folder moved successfully.
C:\Users\xagersfeld\AppData\Roaming\uTorrent\updates folder moved successfully.
C:\Users\xagersfeld\AppData\Roaming\uTorrent\share folder moved successfully.
C:\Users\xagersfeld\AppData\Roaming\uTorrent\ie folder moved successfully.
C:\Users\xagersfeld\AppData\Roaming\uTorrent\dlimagecache folder moved successfully.
C:\Users\xagersfeld\AppData\Roaming\uTorrent\apps folder moved successfully.
C:\Users\xagersfeld\AppData\Roaming\uTorrent folder moved successfully.
========== FILES ==========
< ipconfig /flushdns /c >
Windows IP Configuration
Successfully flushed the DNS Resolver Cache.
C:\Users\xagersfeld\Desktop\cmd.bat deleted successfully.
C:\Users\xagersfeld\Desktop\cmd.txt deleted successfully.
========== COMMANDS ==========
User: All Users
User: Default
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
->Flash cache emptied: 56475 bytes
User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
->Flash cache emptied: 0 bytes
User: Public
->Temp folder emptied: 0 bytes
User: user
->Temp folder emptied: 0 bytes
User: xagersfeld
->Temp folder emptied: 12547942 bytes
->Temporary Internet Files folder emptied: 66077030 bytes
->FireFox cache emptied: 377962190 bytes
->Google Chrome cache emptied: 0 bytes
->Flash cache emptied: 222658 bytes
%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 0 bytes
%systemroot%\System32 .tmp files removed: 0 bytes
%systemroot%\System32 (64bit) .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 547495 bytes
%systemroot%\sysnative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files folder emptied: 33298 bytes
RecycleBin emptied: 2524980451 bytes
Total Files Cleaned = 2,844.00 mb
OTL by OldTimer - Version log created on 11172013_181353

Files\Folders moved on Reboot...
C:\Users\xagersfeld\AppData\Local\Temp\FXSAPIDebugLogFile.txt moved successfully.
C:\Users\xagersfeld\AppData\Local\Microsoft\Windows\Temporary Internet Files\counters.dat moved successfully.
File move failed. C:\Windows\temp\CLDigitalHome\CLMS_AGENT_LOG1.txt scheduled to be moved on reboot.
File move failed. C:\Windows\SysNative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\counters.dat scheduled to be moved on reboot.

PendingFileRenameOperations files...

Registry entries deleted on Reboot...

Link to post
Share on other sites

Note: Please do not run this tool without special supervision and instructions of someone authorized to do so. Otherwise, you could end up with serious problems. For more details, read this article: ComboFix usage, Questions, Help? - Look here

Please visit this webpage and read the ComboFix User's Guide:

  • Once you've read the article and are ready to use the program you can download it directly from the link below.
  • Important! - Please make sure you save combofix to your desktop and do not run it from your browser
  • Direct download link for: ComboFix.exe
  • Please make sure you disable your security applications before running ComboFix.
  • Once Combofix has completed it will produce and open a log file. Please be patient as it can take some time to load.
  • Please copy/paste the contents or attach that log file to your next reply.
  • If needed the file can be located here: C:\combofix.txt
  • NOTE: If you receive the message "illegal operation has been attempted on a registry key that has been marked for deletion", just reboot the computer.
Link to post
Share on other sites

Here is the ComboFix log:


ComboFix 13-11-19.01 - xagersfeld 11/19/2013   8:30.2.2 - x64
Microsoft Windows 7 Professional   6.1.7601.1.1252.1.1033.18.4061.1919 [GMT -8:00]
Running from: c:\users\xagersfeld\Desktop\ComboFix.exe
SP: Spybot - Search and Destroy *Disabled/Updated* {9BC38DF1-3CCA-732D-A930-C1CA5F20A4B0}
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
(((((((((((((((((((((((((((((((((((((((   Other Deletions   )))))))))))))))))))))))))))))))))))))))))))))))))
(((((((((((((((((((((((((   Files Created from 2013-10-19 to 2013-11-19  )))))))))))))))))))))))))))))))
2013-11-19 17:57 . 2013-11-19 17:57    --------    d-----w-    c:\users\Default\AppData\Local\temp
2013-11-19 13:15 . 2013-11-19 20:49    75888    ----a-w-    c:\programdata\Microsoft\Windows Defender\Definition Updates\{8FB83080-0606-4E4A-AD26-5A90C7DF38C2}\offreg.dll
2013-11-19 13:13 . 2013-11-08 03:12    10285968    ----a-w-    c:\programdata\Microsoft\Windows Defender\Definition Updates\{8FB83080-0606-4E4A-AD26-5A90C7DF38C2}\mpengine.dll
2013-11-18 02:13 . 2013-11-18 02:13    --------    d-----w-    C:\_OTL
2013-11-17 16:27 . 2013-11-17 16:27    --------    d-----w-    c:\windows\ERUNT
2013-11-15 08:31 . 2013-11-15 08:31    208216    ----a-w-    c:\windows\system32\drivers\67224765.sys
2013-11-13 11:38 . 2013-10-12 08:43    15404544    ----a-w-    c:\windows\system32\ieframe.dll
2013-11-13 11:38 . 2013-10-12 08:43    19269632    ----a-w-    c:\windows\system32\mshtml.dll
2013-11-13 09:04 . 2013-11-15 03:16    --------    d-----w-    c:\programdata\Malwarebytes' Anti-Malware (portable)
2013-11-13 09:04 . 2013-11-15 02:27    116440    ----a-w-    c:\windows\system32\drivers\MBAMSwissArmy.sys
2013-11-13 09:00 . 2013-11-13 09:00    91352    ----a-w-    c:\windows\system32\drivers\mbamchameleon.sys
2013-11-12 23:39 . 2013-11-12 23:39    --------    d-----w-    c:\program files\Microsoft Silverlight
2013-11-12 23:39 . 2013-11-12 23:39    --------    d-----w-    c:\program files (x86)\Microsoft Silverlight
2013-11-12 07:38 . 2013-11-17 18:04    --------    d-----w-    C:\AdwCleaner
2013-11-07 07:49 . 2013-09-04 12:12    343040    ----a-w-    c:\windows\system32\drivers\usbhub.sys
2013-11-07 07:49 . 2013-09-04 12:11    325120    ----a-w-    c:\windows\system32\drivers\usbport.sys
2013-11-07 07:49 . 2013-09-04 12:11    99840    ----a-w-    c:\windows\system32\drivers\usbccgp.sys
2013-11-07 07:49 . 2013-09-04 12:11    52736    ----a-w-    c:\windows\system32\drivers\usbehci.sys
2013-11-07 07:49 . 2013-09-04 12:11    30720    ----a-w-    c:\windows\system32\drivers\usbuhci.sys
2013-11-07 07:49 . 2013-09-04 12:11    25600    ----a-w-    c:\windows\system32\drivers\usbohci.sys
2013-11-07 07:49 . 2013-09-04 12:11    7808    ----a-w-    c:\windows\system32\drivers\usbd.sys
2013-11-06 23:01 . 2013-11-06 23:01    --------    d-----w-    c:\program files (x86)\DVDVideoSoft
2013-11-06 23:01 . 2013-11-06 23:01    --------    d-----w-    c:\program files (x86)\Common Files\DVDVideoSoft
2013-11-06 22:58 . 2013-08-22 17:09    256088    ----a-w-    c:\windows\system32\unrar64.dll
2013-11-06 22:58 . 2013-08-22 17:09    217176    ----a-w-    c:\windows\SysWow64\unrar.dll
2013-11-06 22:58 . 2013-11-06 22:58    --------    d-----w-    c:\program files (x86)\K-Lite Codec Pack
2013-11-06 21:07 . 2013-11-06 21:07    --------    d-----w-    c:\program files (x86)\GreenTree Applications
2013-11-06 18:03 . 2013-11-06 18:03    --------    d-----w-    c:\program files\iPod
2013-11-06 18:03 . 2013-11-06 18:04    --------    d-----w-    c:\programdata\34BE82C4-E596-4e99-A191-52C6199EBF69
2013-11-06 18:03 . 2013-11-06 18:04    --------    d-----w-    c:\program files\iTunes
2013-11-06 18:03 . 2013-11-06 18:04    --------    d-----w-    c:\program files (x86)\iTunes
2013-11-06 09:46 . 2013-11-06 09:46    --------    d-----w-    c:\program files (x86)\Black Isle
2013-11-06 09:20 . 2013-11-06 09:20    109080    ----a-w-    c:\windows\SysWow64\openal32.dll
2013-11-06 09:09 . 2013-11-06 09:13    --------    d-----w-    c:\program files (x86)\Baldur's Gate - Enhanced Edition
2013-11-06 07:21 . 2013-11-06 07:21    --------    d-----w-    c:\program files (x86)\Atari
2013-11-06 04:14 . 2013-11-06 04:14    --------    d-----w-    c:\program files (x86)\Common Files\Macrovision Shared
2013-11-06 04:12 . 2013-11-06 07:14    --------    d-----w-    c:\programdata\Rosetta Stone
2013-11-06 04:12 . 2013-11-06 04:12    --------    d-----w-    c:\programdata\Rosetta Stone Backups
2013-11-06 04:10 . 2013-11-06 04:11    --------    d-----w-    c:\program files (x86)\RosettaStoneLtdServices
2013-11-06 04:10 . 2013-11-06 04:10    --------    d-----w-    c:\programdata\RosettaStoneLtdServices
2013-11-06 04:10 . 2013-11-06 04:31    --------    d-----w-    c:\program files (x86)\Rosetta Stone
2013-11-06 04:09 . 2013-11-06 04:14    --------    d-----w-    c:\programdata\FLEXnet
2013-11-06 03:31 . 2013-11-06 03:31    --------    d-----w-    c:\programdata\RELOADED
2013-11-06 03:28 . 2013-11-06 03:31    --------    d-----w-    c:\program files (x86)\Torchlight II
2013-11-06 03:21 . 2013-11-06 03:21    --------    d-----w-    c:\programdata\IsolatedStorage
2013-11-06 03:18 . 2013-11-06 03:18    --------    d-----w-    c:\program files (x86)\Business Plan Pro
2013-11-06 02:13 . 2013-11-17 07:13    --------    d-----w-    c:\programdata\regid.1986-12.com.adobe
2013-11-06 02:05 . 2013-11-06 02:05    --------    d-----w-    c:\programdata\ALM
2013-11-06 01:51 . 2013-11-06 01:51    --------    d-----w-    c:\program files (x86)\My Company Name
2013-11-06 01:46 . 2013-11-06 01:46    --------    d-----w-    c:\program files (x86)\Common Files\Adobe AIR
2013-11-06 01:43 . 2013-11-06 02:10    --------    d-----w-    c:\program files\Adobe
2013-11-06 01:43 . 2013-11-06 02:10    --------    d-----w-    c:\program files\Common Files\Adobe
2013-11-06 01:11 . 2013-11-06 01:11    --------    d-----w-    C:\MediaServer
2013-11-06 01:10 . 2013-11-06 17:59    --------    d-----w-    c:\users\Public\CyberLink
2013-11-06 01:10 . 2013-11-06 17:59    --------    d-----w-    c:\programdata\CyberLink
2013-11-06 01:10 . 2013-11-06 01:11    --------    d-----w-    c:\programdata\PDVD
2013-11-06 01:04 . 2013-11-06 01:04    --------    d-----w-    c:\program files (x86)\CyberLink
2013-11-06 01:00 . 2013-11-06 01:11    --------    d-----w-    c:\programdata\install_clap
2013-11-06 00:53 . 1998-04-24 18:16    558592    ------w-    c:\windows\SysWow64\SierraNW.dll
2013-11-06 00:53 . 1998-04-24 18:16    227840    ------w-    c:\windows\SysWow64\SNWValid.dll
2013-11-06 00:53 . 2013-11-06 00:53    --------    d-----w-    c:\program files (x86)\Sierra On-Line
2013-11-06 00:53 . 2013-11-06 00:53    --------    d-----w-    C:\SIERRA
2013-11-06 00:43 . 2013-11-06 00:43    --------    d-----w-    c:\program files (x86)\Shiny
2013-11-06 00:24 . 2013-11-06 00:24    --------    d-----w-    C:\Westwood
2013-11-05 23:48 . 2013-11-05 23:48    --------    d-----w-    c:\program files (x86)\Bullfrog
2013-11-05 23:44 . 2013-11-05 23:44    --------    d-----w-    c:\programdata\Age of Empires 3
2013-11-05 23:28 . 2013-11-05 23:28    --------    d-----w-    c:\program files (x86)\Common Files\Microsoft Games
2013-11-05 23:07 . 2013-11-05 23:07    2477056    ----a-w-    c:\windows\SysWow64\freeimage.dll
2013-11-05 23:06 . 2013-11-05 23:06    --------    d-----w-    c:\programdata\Logs
2013-11-05 23:02 . 2013-11-05 23:02    --------    d-----w-    c:\program files (x86)\Legend of Grimrock
2013-11-05 22:59 . 2013-11-05 23:00    --------    d-----w-    c:\program files (x86)\Dont Starve
2013-11-05 18:48 . 2011-03-11 06:41    189824    ----a-w-    c:\windows\system32\drivers\storport.sys
2013-11-05 18:48 . 2011-03-11 06:41    166272    ----a-w-    c:\windows\system32\drivers\nvstor.sys
2013-11-05 18:48 . 2011-03-11 06:41    148352    ----a-w-    c:\windows\system32\drivers\nvraid.sys
2013-11-05 18:48 . 2011-03-11 06:41    410496    ----a-w-    c:\windows\system32\drivers\iaStorV.sys
2013-11-05 18:48 . 2011-03-11 06:41    27008    ----a-w-    c:\windows\system32\drivers\amdxata.sys
2013-11-05 18:48 . 2011-03-11 06:41    107904    ----a-w-    c:\windows\system32\drivers\amdsata.sys
2013-11-05 18:48 . 2011-03-11 06:33    2565632    ----a-w-    c:\windows\system32\esent.dll
2013-11-05 18:48 . 2011-03-11 06:30    96768    ----a-w-    c:\windows\system32\fsutil.exe
2013-11-05 18:48 . 2011-03-11 05:33    1699328    ----a-w-    c:\windows\SysWow64\esent.dll
2013-11-05 18:48 . 2011-03-11 05:31    74240    ----a-w-    c:\windows\SysWow64\fsutil.exe
2013-11-05 18:48 . 2011-03-11 04:37    91648    ----a-w-    c:\windows\system32\drivers\USBSTOR.SYS
2013-11-05 09:15 . 2013-11-05 09:16    --------    d-----w-    c:\program files (x86)\RPG Maker VX Ace
2013-11-05 09:15 . 2013-11-05 09:15    --------    d-----w-    c:\program files (x86)\Common Files\Enterbrain
2013-11-05 09:11 . 2013-11-05 09:11    --------    d-----w-    c:\program files (x86)\Microsoft XNA
2013-11-05 09:10 . 2013-11-05 09:10    --------    d-----w-    c:\program files (x86)\WB Games
2013-11-05 09:06 . 2013-11-05 09:06    --------    d-----w-    c:\program files (x86)\GameSpy Arcade
2013-11-05 08:39 . 1997-07-06 21:22    756736    ------w-    c:\windows\SysWow64\ir41_32.dll
2013-11-05 08:39 . 2013-11-05 22:27    --------    d-----w-    c:\program files (x86)\Microsoft Games
2013-11-05 08:23 . 2013-11-06 01:14    --------    d-----w-    C:\GOG Games
2013-11-05 08:18 . 2013-11-05 08:18    --------    d-----w-    c:\program files (x86)\Antichamber
2013-11-05 08:05 . 2013-11-05 08:10    --------    d-----w-    c:\program files (x86)\Orcs Must Die 2
2013-11-05 07:49 . 2013-11-05 07:49    --------    d-----w-    c:\program files (x86)\Robot Entertainment
2013-11-05 07:27 . 2013-11-05 07:27    --------    d-----w-    c:\program files (x86)\XCOM Enemy Unknown
2013-11-05 07:21 . 2013-11-05 07:21    435512    ----a-w-    c:\windows\system32\drivers\k57nd60a.sys
2013-11-05 07:16 . 2013-05-23 02:49    17720    ----a-w-    c:\windows\system32\drivers\SmartDefragDriver.sys
2013-11-05 03:48 . 2013-11-05 03:48    --------    d-----w-    c:\program files (x86)\14 Degrees East
2013-11-05 03:42 . 2013-11-05 03:42    --------    d-----w-    c:\program files\BlackIsle
2013-11-05 03:40 . 2013-11-05 03:46    52736    ----a-w-    c:\windows\ipuninst.exe
2013-11-05 03:36 . 2013-11-05 03:36    --------    d-----w-    c:\program files\Interplay
2013-11-05 02:26 . 2013-11-05 02:26    --------    d-----w-    c:\users\Default\AppData\Local\Microsoft Help
2013-11-05 02:17 . 2013-11-05 02:17    --------    d-----w-    c:\program files (x86)\AGEIA Technologies
2013-11-05 02:17 . 2013-11-05 02:17    --------    d-----w-    c:\windows\SysWow64\AGEIA
2013-11-05 02:16 . 2013-11-05 02:17    --------    d-----w-    c:\program files (x86)\Common Files\Wise Installation Wizard
2013-11-05 01:49 . 2013-11-05 02:01    --------    d-----w-    c:\program files (x86)\Codemasters
2013-11-05 00:52 . 2013-11-05 01:45    2829    ----a-w-    c:\windows\War3Unin.pif
2013-11-05 00:52 . 2013-11-05 01:45    139264    ----a-w-    c:\windows\War3Unin.exe
2013-11-05 00:46 . 2013-11-05 01:45    --------    d-----w-    c:\program files (x86)\Warcraft III
2013-11-05 00:45 . 2013-11-05 00:45    9728    ----a-w-    c:\windows\system32\Wdfres.dll
2013-11-05 00:45 . 2013-11-05 00:45    54376    ----a-w-    c:\windows\system32\drivers\WdfLdr.sys
2013-11-05 00:45 . 2013-11-05 00:45    2560    ----a-w-    c:\windows\system32\drivers\en-US\wdf01000.sys.mui
2013-11-05 00:44 . 2013-11-05 00:44    98304    ----a-w-    c:\windows\W2BNEUnin.exe
2013-11-05 00:44 . 2013-11-05 00:44    2829    ----a-w-    c:\windows\W2BNEUnin.pif
2013-11-05 00:42 . 2013-11-05 00:44    --------    d-----w-    c:\program files (x86)\Warcraft II BNE
2013-11-05 00:41 . 2013-11-13 11:28    --------    d-----w-    c:\windows\system32\MRT
2013-11-05 00:34 . 2013-11-05 00:34    514560    ----a-w-    c:\windows\SysWow64\qdvd.dll
2013-11-05 00:34 . 2013-11-05 00:34    366592    ----a-w-    c:\windows\system32\qdvd.dll
2013-11-05 00:32 . 2013-11-05 00:40    967    ----a-w-    c:\windows\ScUnin.pif
2013-11-05 00:32 . 2013-11-05 00:40    94208    ----a-w-    c:\windows\ScUnin.exe
2013-11-05 00:30 . 2013-11-05 00:40    --------    d-----w-    c:\program files (x86)\Starcraft
2013-11-05 00:25 . 2012-07-06 20:07    552960    ----a-w-    c:\windows\system32\drivers\bthport.sys
2013-11-05 00:25 . 2011-04-28 03:54    80384    ----a-w-    c:\windows\system32\drivers\BTHUSB.SYS
2013-11-05 00:09 . 2013-11-05 00:09    64512    ----a-w-    c:\windows\SysWow64\devobj.dll
2013-11-05 00:09 . 2013-11-05 00:09    44544    ----a-w-    c:\windows\SysWow64\devrtl.dll
2013-11-05 00:09 . 2013-11-05 00:09    404480    ----a-w-    c:\windows\system32\umpnpmgr.dll
((((((((((((((((((((((((((((((((((((((((   Find3M Report   ))))))))))))))))))))))))))))))))))))))))))))))))))))
2013-09-18 20:08 . 2013-09-18 20:08    94208    ----a-w-    c:\windows\SysWow64\dpl100.dll
2013-09-03 21:35 . 2010-11-21 03:27    278800    ------w-    c:\windows\system32\MpSigStub.exe
2013-08-29 01:48 . 2013-11-03 14:36    44032    ----a-w-    c:\windows\apppatch\acwow64.dll
2013-08-26 09:13 . 2013-08-26 09:13    354656    ----a-w-    c:\windows\SysWow64\DivXControlPanelApplet.cpl
(((((((((((((((((((((((((((((((((((((   Reg Loading Points   ))))))))))))))))))))))))))))))))))))))))))))))))))
*Note* empty entries & legit default entries are not shown
2013-05-25 00:36    130736    ----a-w-    c:\users\xagersfeld\AppData\Roaming\Dropbox\bin\DropboxExt.19.dll
2013-05-25 00:36    130736    ----a-w-    c:\users\xagersfeld\AppData\Roaming\Dropbox\bin\DropboxExt.19.dll
2013-05-25 00:36    130736    ----a-w-    c:\users\xagersfeld\AppData\Roaming\Dropbox\bin\DropboxExt.19.dll
"Pando Media Booster"="c:\program files (x86)\Pando Networks\Media Booster\PMB.exe" [2013-11-03 4287536]
"Advanced SystemCare 7"="c:\program files (x86)\IObit\Advanced SystemCare 7\ASCTray.exe" [2013-10-28 2283296]
"Spybot-S&D Cleaning"="c:\program files (x86)\Spybot - Search & Destroy 2\SDCleaner.exe" [2013-09-20 3666224]
"Akamai NetSession Interface"="c:\users\xagersfeld\AppData\Local\Akamai\netsession_win.exe" [2013-06-05 4489472]
"AMD AVT"="start AMD Accelerated Video Transcoding device initialization" [X]
"SDTray"="c:\program files (x86)\Spybot - Search & Destroy 2\SDTray.exe" [2013-07-25 5624784]
"systray"="c:\program files (x86)\Dell\Dell Mobile Broadband\systray.exe" [2009-10-12 344137]
"EKStatusMonitor"="c:\program files (x86)\Kodak\AiO\StatusMonitor\EKStatusMonitor.exe" [2013-01-15 2750840]
c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
TP-LINK Wireless Configuration Utility.lnk - c:\program files (x86)\TP-LINK\TP-LINK Wireless Configuration Utility\TWCU.exe -nogui [2013-11-3 838656]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\drivers32]
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [x]
R3 bcbtums;Bluetooth USB LD Filter;c:\windows\system32\drivers\bcbtums.sys;c:\windows\SYSNATIVE\drivers\bcbtums.sys [x]
R3 btwampfl;btwampfl;c:\windows\system32\DRIVERS\btwampfl.sys;c:\windows\SYSNATIVE\DRIVERS\btwampfl.sys [x]
R3 btwl2cap;Bluetooth L2CAP Service;c:\windows\system32\DRIVERS\btwl2cap.sys;c:\windows\SYSNATIVE\DRIVERS\btwl2cap.sys [x]
R3 dmvsc;dmvsc;c:\windows\system32\drivers\dmvsc.sys;c:\windows\SYSNATIVE\drivers\dmvsc.sys [x]
R3 mbamchameleon;mbamchameleon;c:\windows\system32\drivers\mbamchameleon.sys;c:\windows\SYSNATIVE\drivers\mbamchameleon.sys [x]
R3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;c:\windows\system32\drivers\rdpvideominiport.sys;c:\windows\SYSNATIVE\drivers\rdpvideominiport.sys [x]
R3 SwitchBoard;Adobe SwitchBoard;c:\program files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe;c:\program files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [x]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys;c:\windows\SYSNATIVE\drivers\tsusbflt.sys [x]
R3 TsUsbGD;Remote Desktop Generic USB Device;c:\windows\system32\drivers\TsUsbGD.sys;c:\windows\SYSNATIVE\drivers\TsUsbGD.sys [x]
R3 WatAdminSvc;Windows Activation Technologies Service;c:\windows\system32\Wat\WatAdminSvc.exe;c:\windows\SYSNATIVE\Wat\WatAdminSvc.exe [x]
S0 PxHlpa64;PxHlpa64;c:\windows\System32\Drivers\PxHlpa64.sys;c:\windows\SYSNATIVE\Drivers\PxHlpa64.sys [x]
S0 SmartDefragDriver;SmartDefragDriver;c:\windows\System32\Drivers\SmartDefragDriver.sys;c:\windows\SYSNATIVE\Drivers\SmartDefragDriver.sys [x]
S1 NvtSp50;Novatel Wireless NDIS 5 Single-Packet Read Protocol Driver;c:\windows\system32\DRIVERS\NvtSp50.sys;c:\windows\SYSNATIVE\DRIVERS\NvtSp50.sys [x]
S2 {09F57980-3432-4AFC-957D-27AC45FAE1F5};Power Control [2013/11/05 17:11];c:\program files (x86)\CyberLink\PowerDVD13\Common\NavFilter\000.fcl;c:\program files (x86)\CyberLink\PowerDVD13\Common\NavFilter\000.fcl [x]
S2 AdvancedSystemCareService7;Advanced SystemCare Service 7;c:\program files (x86)\IObit\Advanced SystemCare 7\ASCService.exe;c:\program files (x86)\IObit\Advanced SystemCare 7\ASCService.exe [x]
S2 AESTFilters;Andrea ST Filters Service;c:\windows\System32\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_afc3018f8cfedd20\AESTSr64.exe;c:\windows\SYSNATIVE\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_afc3018f8cfedd20\AESTSr64.exe [x]
S2 AMD External Events Utility;AMD External Events Utility;c:\windows\system32\atiesrxx.exe;c:\windows\SYSNATIVE\atiesrxx.exe [x]
S2 ATService;AuthenTec Fingerprint Service;c:\program files (x86)\Fingerprint Sensor\AtService.exe;c:\program files (x86)\Fingerprint Sensor\AtService.exe [x]
S2 AVerRemote;AVerRemote;c:\program files (x86)\Common Files\AVerMedia\Service\AVerRemote.exe;c:\program files (x86)\Common Files\AVerMedia\Service\AVerRemote.exe [x]
S2 AVerScheduleService;AVerScheduleService;c:\program files (x86)\Common Files\AVerMedia\Service\AVerScheduleService.exe;c:\program files (x86)\Common Files\AVerMedia\Service\AVerScheduleService.exe [x]
S2 AVerUpdateServer;AVerUpdateServer;c:\program files (x86)\AVerMedia\AVerUpdate\AVerUpdateServer.exe;c:\program files (x86)\AVerMedia\AVerUpdate\AVerUpdateServer.exe [x]
S2 BcmBtRSupport;Bluetooth Driver Management Service;c:\windows\system32\BtwRSupportService.exe;c:\windows\SYSNATIVE\BtwRSupportService.exe [x]
S2 CyberLink PowerDVD 13 Media Server Monitor Service;CyberLink PowerDVD 13 Media Server Monitor Service;c:\program files (x86)\CyberLink\PowerDVD13\Kernel\DMS\CLMSMonitorServicePDVD13.exe;c:\program files (x86)\CyberLink\PowerDVD13\Kernel\DMS\CLMSMonitorServicePDVD13.exe [x]
S2 CyberLink PowerDVD 13 Media Server Service;CyberLink PowerDVD 13 Media Server Service;c:\program files (x86)\CyberLink\PowerDVD13\Kernel\DMS\CLMSServerPDVD13.exe;c:\program files (x86)\CyberLink\PowerDVD13\Kernel\DMS\CLMSServerPDVD13.exe [x]
S2 DMAgent;Intel® PROSet/Wireless WiMAX Red Bend Device Management Service;c:\program files\Intel\WiMAX\Bin\DMAgent.exe;c:\program files\Intel\WiMAX\Bin\DMAgent.exe [x]
S2 Kodak AiO Network Discovery Service;Kodak AiO Network Discovery Service;c:\program files (x86)\Kodak\AiO\Center\EKAiOHostService.exe;c:\program files (x86)\Kodak\AiO\Center\EKAiOHostService.exe [x]
S2 Kodak AiO Status Monitor Service;Kodak AiO Status Monitor Service;c:\program files (x86)\Kodak\AiO\StatusMonitor\EKPrinterSDK.exe;c:\program files (x86)\Kodak\AiO\StatusMonitor\EKPrinterSDK.exe [x]
S2 LiveUpdateSvc;LiveUpdate;c:\program files (x86)\IObit\LiveUpdate\LiveUpdate.exe;c:\program files (x86)\IObit\LiveUpdate\LiveUpdate.exe [x]
S2 MBAMScheduler;MBAMScheduler;c:\program files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe;c:\program files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe [x]
S2 MBAMService;MBAMService;c:\program files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe;c:\program files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [x]
S2 PaceLicenseDServices;PACE License Services;c:\program files (x86)\Common Files\PACE\Services\LicenseServices\LDSvc.exe;c:\program files (x86)\Common Files\PACE\Services\LicenseServices\LDSvc.exe [x]
S2 RealNetworks Downloader Resolver Service;RealNetworks Downloader Resolver Service;c:\program files (x86)\RealNetworks\RealDownloader\rndlresolversvc.exe;c:\program files (x86)\RealNetworks\RealDownloader\rndlresolversvc.exe [x]
S2 RealPlayer Desktop Service;RealPlayer Desktop Service;c:\program files (x86)\Real\RealPlayer\RPDS\Bin\rpdsvc.exe;c:\program files (x86)\Real\RealPlayer\RPDS\Bin\rpdsvc.exe [x]
S2 RealPlayerUpdateSvc;RealPlayer Update Service;c:\program files (x86)\Real\UpdateService\RealPlayerUpdateSvc.exe;c:\program files (x86)\Real\UpdateService\RealPlayerUpdateSvc.exe [x]
S2 RosettaStoneDaemon;RosettaStoneDaemon;c:\program files (x86)\RosettaStoneLtdServices\RosettaStoneDaemon.exe;c:\program files (x86)\RosettaStoneLtdServices\RosettaStoneDaemon.exe [x]
S2 SDScannerService;Spybot-S&D 2 Scanner Service;c:\program files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe;c:\program files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe [x]
S2 SDUpdateService;Spybot-S&D 2 Updating Service;c:\program files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe;c:\program files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe [x]
S2 SDWSCService;Spybot-S&D 2 Security Center Service;c:\program files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe;c:\program files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe [x]
S2 SnugTV Service;SnugTV Service;c:\program files (x86)\SnugTV\SnugTV Station\AMAServer.exe;c:\program files (x86)\SnugTV\SnugTV Station\AMAServer.exe [x]
S2 WiMAXAppSrv;Intel® PROSet/Wireless WiMAX Service;c:\program files\Intel\WiMAX\Bin\AppSrv.exe;c:\program files\Intel\WiMAX\Bin\AppSrv.exe [x]
S3 AtiHDAudioService;AMD Function Driver for HD Audio Service;c:\windows\system32\drivers\AtihdW76.sys;c:\windows\SYSNATIVE\drivers\AtihdW76.sys [x]
S3 ATSwpWDF;AuthenTec TruePrint USB WBF WDF Driver;c:\windows\system32\Drivers\ATSwpWDF.sys;c:\windows\SYSNATIVE\Drivers\ATSwpWDF.sys [x]
S3 AVerBDA6x_x64;AVerMedia SAA716x BDA Service;c:\windows\system32\DRIVERS\AVerBDA716x_x64.sys;c:\windows\SYSNATIVE\DRIVERS\AVerBDA716x_x64.sys [x]
S3 bpenum;bpenum;c:\windows\system32\DRIVERS\bpenum.sys;c:\windows\SYSNATIVE\DRIVERS\bpenum.sys [x]
S3 bpmp;bpmp;c:\windows\system32\DRIVERS\bpmp.sys;c:\windows\SYSNATIVE\DRIVERS\bpmp.sys [x]
S3 bpusb;bpusb;c:\windows\system32\Drivers\bpusb.sys;c:\windows\SYSNATIVE\Drivers\bpusb.sys [x]
S3 k57nd60a;Broadcom NetLink Gigabit Ethernet - NDIS 6.0;c:\windows\system32\DRIVERS\k57nd60a.sys;c:\windows\SYSNATIVE\DRIVERS\k57nd60a.sys [x]
S3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys;c:\windows\SYSNATIVE\drivers\mbam.sys [x]
S3 NMgamingmsFltr;USB Optical Mouse;c:\windows\system32\drivers\NMgamingms.sys;c:\windows\SYSNATIVE\drivers\NMgamingms.sys [x]
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\active setup\installed components\{8A69D345-D564-463c-AFF1-A69D9E530F96}]
2013-11-14 21:25    1210320    ----a-w-    c:\program files (x86)\Google\Chrome\Application\31.0.1650.57\Installer\chrmstp.exe
Contents of the 'Scheduled Tasks' folder
2013-11-19 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2013-11-03 07:56]
2013-11-19 c:\windows\Tasks\Driver Booster Update.job
- c:\program files (x86)\IObit\Driver Booster\AutoUpdate.exe [2013-11-05 19:12]
2013-11-19 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2013-11-03 06:19]
2013-11-19 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2013-11-03 06:19]
--------- X64 Entries -----------
[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{10921475-03CE-4E04-90CE-E2E7EF20C814}]
2013-11-04 23:55    2486592    ----a-w-    c:\program files (x86)\IObit\IObit Uninstaller\UninstallExplorer64.dll
2013-05-25 00:36    164016    ----a-w-    c:\users\xagersfeld\AppData\Roaming\Dropbox\bin\DropboxExt64.19.dll
2013-05-25 00:36    164016    ----a-w-    c:\users\xagersfeld\AppData\Roaming\Dropbox\bin\DropboxExt64.19.dll
2013-05-25 00:36    164016    ----a-w-    c:\users\xagersfeld\AppData\Roaming\Dropbox\bin\DropboxExt64.19.dll
2013-05-25 00:36    164016    ----a-w-    c:\users\xagersfeld\AppData\Roaming\Dropbox\bin\DropboxExt64.19.dll
"IntelWirelessWiMAX"="c:\program files\Intel\WiMAX\Bin\WiMAXCU.exe" [2010-03-07 1445888]
"SysTrayApp"="c:\program files\IDT\WDM\sttray64.exe" [2009-06-29 444416]
------- Supplementary Scan -------
uLocal Page = c:\windows\system32\blank.htm

mLocal Page = c:\windows\SysWOW64\blank.htm
uInternet Settings,ProxyOverride = *.local;<local>
uInternet Settings,ProxyServer = localhost:21320
IE: E&xport to Microsoft Excel - c:\progra~2\MICROS~2\Office14\EXCEL.EXE/3000
IE: Se&nd to OneNote - c:\progra~2\MICROS~2\Office14\ONBttnIE.dll/105
IE: Send image to &Bluetooth Device... - c:\program files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm
IE: Send page to &Bluetooth Device... - c:\program files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
Trusted Zone: dell.com
TCP: DhcpNameServer =
TCP: Interfaces\{104F0946-7ACC-4301-B519-E59993474816}: NameServer =
FF - ProfilePath - c:\users\xagersfeld\AppData\Roaming\Mozilla\Firefox\Profiles\rxa2wgli.default-1384243994751\
FF - prefs.js: browser.search.selectedEngine - Google

FF - ExtSQL: 2013-11-05 17:58; web2pdfextension@web2pdf.adobedotcom; c:\program files (x86)\Adobe\Acrobat 10.0\Acrobat\Browser\WCFirefoxExtn
FF - ExtSQL: 2013-11-12 00:25; {d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}; c:\users\xagersfeld\AppData\Roaming\Mozilla\Firefox\Profiles\rxa2wgli.default-1384243994751\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi
FF - ExtSQL: 2013-11-12 00:25; jid1-ZAdIEUB7XOzOJw@jetpack; c:\users\xagersfeld\AppData\Roaming\Mozilla\Firefox\Profiles\rxa2wgli.default-1384243994751\extensions\jid1-ZAdIEUB7XOzOJw@jetpack.xpi
- - - - ORPHANS REMOVED - - - -
Wow6432Node-HKLM-Run-Conime - c:\windows\system32\conime.exe
Notify-SDWinLogon - SDWinLogon.dll
AddRemove-Dll-Files Fixer_is1 - c:\program files (x86)\Dll-Files.com Fixer\unins000.exe
"ImagePath"="\"c:\program files (x86)\Common Files\PACE\Services\LicenseServices\LDSvc.exe\" -u https://activation.paceap.com/InitiateActivation"
"ImagePath"="\??\c:\program files (x86)\CyberLink\PowerDVD13\Common\NavFilter\000.fcl"
--------------------- LOCKED REGISTRY KEYS ---------------------
@Denied: (A 2) (Everyone)
@Denied: (A 2) (Everyone)
@Denied: (A 2) (Everyone)
@Denied: (A 2) (Everyone)
@="Shockwave Flash Object"
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_9_900_117.ocx, 1"
@Denied: (A 2) (Everyone)
@="Macromedia Flash Factory Object"
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_9_900_117.ocx, 1"
@Denied: (A 2) (Everyone)
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Office\Common\Smart Tag\Actions\{B7EFF951-E52F-45CC-9EF7-57124F2177CC}]
@Denied: (A) (Everyone)
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Schema Library\ActionsPane3]
@Denied: (A) (Everyone)
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Schema Library\ActionsPane3\0]
"Location"="c:\\Program Files (x86)\\Common Files\\Microsoft Shared\\VSTO\\ActionsPane3.xsd"
@Denied: (Full) (Everyone)
------------------------ Other Running Processes ------------------------
c:\program files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
c:\program files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
c:\program files (x86)\Common Files\LightScribe\LSSrvc.exe
c:\program files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe
c:\program files (x86)\Google\Update\\GoogleCrashHandler.exe
c:\program files (x86)\IObit\Advanced SystemCare 7\Monitor.exe
Completion time: 2013-11-19  12:56:16 - machine was rebooted
ComboFix-quarantined-files.txt  2013-11-19 20:56
ComboFix2.txt  2013-11-12 08:10
Pre-Run: 140,648,402,944 bytes free
Post-Run: 140,633,325,568 bytes free
- - End Of File - - 04CBC54F1319C5C49FF4C63BF977CC73

Link to post
Share on other sites

Please scan your machine with ESET OnlineScan

  • Hold down Control and click on the following link to open ESET OnlineScan in a new window.

    ESET OnlineScan

  • Click the esetonlinebtn.png button.
  • For alternate browsers only: (Microsoft Internet Explorer users can skip these steps)
    • Click on esetsmartinstaller_enu.exe to download the ESET Smart Installer.

      Save it to your Desktop.

    • Double click on the esetsmartinstaller_enu.png to download the ESET Smart Installer. icon on your Desktop.
  • Check "YES, I accept the Terms of Use."
  • Click the Start button.
  • Accept any security warnings from your browser.
  • Under Scan Settings, check "Scan Archives" and "Remove found threats"
  • Click Advanced settings and select the following:
    • Scan potentially unwanted applications
    • Scan for potentially unsafe applications
    • Enable Anti-Stealth technology
  • ESET will then download updates for itself, install itself, and begin scanning your computer. Please be patient as this can take some time.
  • When the scan completes, click List Threats
  • Click Export, and save the file to your desktop using a unique name, such as ESETScan. Include the contents of this report in your next reply.
  • Click the Back button.
  • Click the Finish button.
Link to post
Share on other sites

  • 3 weeks later...
  • Root Admin

Due to the lack of feedback this topic is closed to prevent others from posting here. If you need this topic reopened, please send a Private Message to any one of the moderating team members. Please include a link to this thread with your request. This applies only to the originator of this thread.

Other members who need assistance please start your own topic in a new thread. Thanks!

Link to post
Share on other sites

This topic is now closed to further replies.
  • Recently Browsing   0 members

    • No registered users viewing this page.
Back to top
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.