Jump to content

Scorpian Saver


Recommended Posts

  • Replies 113
  • Created
  • Last Reply

Top Posters In This Topic

Leave your PC in Normal start up.

 

Download and install CCleaner from here:

 

http://www.piriform.com/ccleaner/builds

 

Ensure to select Slim version. (No Toolbar)

 

Run CCleaner, from the GUI select > Tools > Start up > Windows Tab. at bottom right hand corner of the screen you will see "Save to text file" option, do that, save the file and copy/paste to next reply.

 

Also out of curiosity disconnect the USB plug in for external hard drives and see if the PC boots any better, or responds better in general...

post-3601-0-76063400-1387732687_thumb.jp

Link to post
Share on other sites

Will do you rlasty posty suff.

 

But another issue arose:

The new external hard drive is not showing all folders that I copied and pasted into it.

Before this happen, I did a quick format.

When I click on a folder in one of the other external hard drives and click on send, I see all the other hard drives as an option to send a folder two, but, I do not see the option to send it to the new external hard drive which is denoted when I click on computer as "F", so it is seen on the computer, but not seen as a send option by the external hard drives, or, when I do the same with a folder when I click on documents from my C drive.

As I write this I'm doing a full reformat, not a quick format, to see if that hopefully does something, because I did play with some of the options on the hard drive, and I'm hoping that everything is put back to where was, though I'm not sure that the reformatting is going to do that. I clicked on a lot of things and I don't know how to backtrack and undo what I did.

It is brand-new and the second one so era defect or virus and such is one in 1 million in my humble opinion.

Do you have any idea why some of the folders are not showing?


 

Link to post
Share on other sites

CCleaner:

 

No    HKCU:Run    Adobe Reader Synchronizer    Adobe Systems Incorporated    "C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AdobeCollabSync.exe"
Yes    HKCU:Run    Akamai NetSession Interface        "C:\Users\newlife\AppData\Local\Akamai\netsession_win.exe"
No    HKCU:Run    AppleIEDAV    Apple Inc.    C:\Program Files (x86)\Common Files\Apple\Internet Services\AppleIEDAV.exe
No    HKCU:Run    ApplePhotoStreams    Apple Inc.    C:\Program Files (x86)\Common Files\Apple\Internet Services\ApplePhotoStreams.exe
Yes    HKCU:Run    Browser Infrastructure Helper        C:\Users\newlife\AppData\Local\Smartbar\Application\QuickShare.exe startup
Yes    HKCU:Run    com.apple.dav.bookmarks.daemon        C:\Program Files (x86)\Common Files\Apple\Internet Services\BookmarkDAV_client.exe
No    HKCU:Run    iCloudServices    Apple Inc.    C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe
Yes    HKCU:Run    ISUSPM    Flexera Software LLC.    C:\ProgramData\FLEXnet\Connect\11\ISUSPM.exe -scheduler
Yes    HKCU:Run    SearchProtect        C:\Users\newlife\AppData\Roaming\SearchProtect\bin\cltmng.exe
No    HKCU:Run    Skype    Skype Technologies S.A.    "C:\Program Files (x86)\Skype\Phone\Skype.exe" /minimized /regrun
Yes    HKCU:Run    TrueCrypt    TrueCrypt Foundation    "C:\Program Files\TrueCrypt\TrueCrypt.exe" /q preferences /a logon
No    HKCU:Run    Wallpaper Changer        C:\Program Files (x86)\Wallpaper Changer\Wallpaper Changer.exe /minimized
No    HKLM:Run    Adobe ARM    Adobe Systems Incorporated    "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
Yes    HKLM:Run    APSDaemon    Apple Inc.    "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"
Yes    HKLM:Run    AVG_UI    AVG Technologies CZ, s.r.o.    "C:\Program Files (x86)\AVG\AVG2014\avgui.exe" /TRAYONLY
Yes    HKLM:Run    BDRegion    cyberlink    C:\Program Files (x86)\Cyberlink\Shared Files\brs.exe
Yes    HKLM:Run    BrowserPlugInHelper        C:\Program Files (x86)\Wondershare\Video Converter Ultimate\BrowserPlugInHelper.exe
Yes    HKLM:Run    Dell Webcam Central    Creative Technology Ltd    "C:\Program Files (x86)\Dell Webcam\Dell Webcam Central\WebcamDell2.exe" /mode2
Yes    HKLM:Run    Desktop Disc Tool    Sonic Solutions    "C:\Program Files (x86)\Roxio\OEM\Roxio Burn\RoxioBurnLauncher.exe"
Yes    HKLM:Run    DNS7reminder    Nuance Communications, Inc.    "C:\Program Files (x86)\Nuance\NaturallySpeaking12\Ereg\Ereg.exe" -r "C:\ProgramData\Nuance\NaturallySpeaking12\Ereg.ini"
Yes    HKLM:Run    GrooveMonitor    Microsoft Corporation    "C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe"
Yes    HKLM:Run    HotKeysCmds    Intel Corporation    C:\Windows\system32\hkcmd.exe
Yes    HKLM:Run    IgfxTray    Intel Corporation    C:\Windows\system32\igfxtray.exe
Yes    HKLM:Run    IntelPAN    Intel® Corporation    "C:\Program Files\Common Files\Intel\WirelessCommon\iFrmewrk.exe" /tf Intel PAN Tray
No    HKLM:Run    iTunesHelper    Apple Inc.    "C:\Program Files (x86)\iTunes\iTunesHelper.exe"
Yes    HKLM:Run    mcui_exe        "C:\Program Files\McAfee.com\Agent\mcagent.exe" /runkey
Yes    HKLM:Run    mobilegeni daemon        C:\Program Files (x86)\Mobogenie\DaemonProcess.exe
Yes    HKLM:Run    PDVD9LanguageShortcut    CyberLink Corp.    "C:\Program Files (x86)\CyberLink\PowerDVD9\Language\Language.exe"
Yes    HKLM:Run    Persistence    Intel Corporation    C:\Windows\system32\igfxpers.exe
No    HKLM:Run    QuickTime Task        "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime
Yes    HKLM:Run    RemoteControl9    CyberLink Corp.    "C:\Program Files (x86)\CyberLink\PowerDVD9\PDVD9Serv.exe"
Yes    HKLM:Run    RoxWatchTray    Sonic Solutions    "C:\Program Files (x86)\Common Files\Roxio Shared\OEM\12.0\SharedCOM\RoxWatchTray12OEM.exe"
Yes    HKLM:Run    RtHDVBg    Realtek Semiconductor    C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe /MAXX3
Yes    HKLM:Run    RTHDVCPL    Realtek Semiconductor    C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe -s
Yes    HKLM:Run    SearchProtectAll        C:\Program Files (x86)\SearchProtect\bin\cltmng.exe
No    HKLM:Run    SunJavaUpdateSched    Oracle Corporation    "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
Yes    HKLM:Run    SynTPEnh    Synaptics Incorporated    %ProgramFiles%\Synaptics\SynTP\SynTPEnh.exe
No    HKLM:Run    TkBellExe    RealNetworks, Inc.    "C:\Program Files (x86)\Real\RealPlayer\update\realsched.exe"  -osboot
No    HKLM:Run    Wondershare Helper Compact.exe        C:\Program Files (x86)\Common Files\Wondershare\Wondershare Helper Compact\WSHelper.exe
No    Startup User    Dropbox.lnk    Dropbox, Inc.    C:\Users\newlife\AppData\Roaming\Dropbox\bin\Dropbox.exe /systemstartup
 

Link to post
Share on other sites

Reboot with all USBs disconnected. Results: Much faster reboot; not faster running after reboot.

 

PS on sound problem post above: After leaving in Normal Startup somehow sound is going thorugh TV again via the HDMI cable. So some sound thing was unchecked during our process somehow and now is checked to work agian. I assume you know what?

Link to post
Share on other sites

Start up list from CCleaner does show adware entries, run this please and post log...

 

Download Zoek.zip from here http://www.hijackthis.nl/smeenk/220813/zoek.zip and save that zip file to your Desktop.

 

Double click zip file and extract to your  Desktop:

 

 

Zoekd.jpg

 

 

you will now have 3 versions of the tool on the Desktop:

 

 

Zoeke.jpg

 

Before running Zoek make sure all Browsers are closed and Security is turned OFF. Check at the following link: http://www.techsupportforum.com/forums/f50/how-to-disable-your-security-applications-490111.html[/url

 

Double click on each in turn until one version of Zoek will run (accept UAC) The following window will open:

 

 

Zoekb.jpg

 

 

Copy and paste the following script from the code box and paste into the field.

 

 

standardsearch;autoruns;autoclean;emptyclsid;emptyalltemp;installedprogs;  

 

 

Select the "Run Script" tab. The following window will open:

 

 

 

Zoekc.jpg

 

 

 

Please be patient and do not use the PC when the scan is in progress.

 

When complete you maybe asked to re-boot your PC, if so please do

 

Zoekf.jpg

 

Post the produced log in your next reply…..

Link to post
Share on other sites

Regarding outlook, go here http://www.emailaddr...er-outlook.html follow the advice given and see if that helps...

 

As stated above, I went to this webpage regarding Outlook, and I posted the error message I received when I tried to archive the files. Waiting for a response from you about the error message. Meanwhile, I was able to set Outlook to archive once a day, and changed the emails in Outlook to be archived from one year from date backward, to three months, and it is now after being auto-archived, running much faster.

 

Mozilla is also running faster now, after something that was done above. Not sure what.

Link to post
Share on other sites

Z-Analyse V1.0.0.1 Updated 23-December-2013
Tool run by newlife on Tue 12/24/2013 at  2:52:54.72.
Microsoft Windows 7 Professional  6.1.7601 Service Pack 1 x64
Running in: Normal Mode Internet Access Detected
Launched: C:\Users\newlife\Desktop\Z-Analyse.exe [Deep Scan]

==== System Restore Info ======================

12/24/2013 2:54:02 AM Zoek.exe System Restore Point Created Succesfully.

==== Running Processes ======================

C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
C:\Program Files (x86)\AVG\AVG2014\avgidsagent.exe
C:\Program Files (x86)\AVG\AVG2014\avgwdsvc.exe
C:\Program Files (x86)\RealNetworks\RealDownloader\rndlresolversvc.exe
C:\Program Files (x86)\Dell DataSafe Local Backup\sftservice.EXE
C:\Program Files (x86)\Dell DataSafe Local Backup\TOASTER.EXE
C:\Program Files (x86)\Dell DataSafe Local Backup\COMPONENTS\SCHEDULER\STSERVICE.EXE
C:\Program Files (x86)\Dell DataSafe Local Backup\Components\DSUpdate\DSUpd.exe
C:\Program Files\TrueCrypt\TrueCrypt.exe
C:\ProgramData\FLEXnet\Connect\11\agent.exe
C:\ProgramData\FLEXnet\Connect\11\ISUSPM.exe
C:\Program Files (x86)\CyberLink\PowerDVD9\PDVD9Serv.exe
C:\Program Files (x86)\CyberLink\Shared files\brs.exe
C:\Program Files (x86)\AVG\AVG2014\avgui.exe
C:\Program Files (x86)\Roxio\OEM\Roxio Burn\RoxioBurnLauncher.exe
C:\Program Files (x86)\Dell Webcam\Dell Webcam Central\WebcamDell2.exe
C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe
C:\Users\newlife\AppData\Roaming\Dropbox\bin\Dropbox.exe
C:\Program Files (x86)\Common Files\Apple\Internet Services\ApplePhotoStreams.exe
C:\Program Files (x86)\Common Files\Apple\Internet Services\APSDaemon.exe
C:\Program Files (x86)\Mozilla Firefox\firefox.exe
C:\Program Files (x86)\RealNetworks\RealDownloader\recordingmanager.exe
C:\Program Files (x86)\Nuance\NaturallySpeaking12\Program\natspeak.exe
C:\Program Files (x86)\Nuance\NaturallySpeaking12\Program\dnsspserver.exe
C:\Users\newlife\Desktop\Z-Analyse.exe
C:\Windows\SysWOW64\cmd.exe
C:\Windows\SysWOW64\cmd.exe
C:\Windows\SysWOW64\cmd.exe
C:\Users\newlife\AppData\Local\Temp\NirCmd.exe

==== System Specs ======================

Windows: Windows 7 Professional Edition (64-bit) Service Pack 1 (Build 7601)
Memory (RAM): 16279 MB
CPU Info: Intel® Core i7-2670QM CPU @ 2.20GHz
CPU Speed: 2207.9 MHz
Sound Card: NS-39L240A13-1 (NVIDIA High Def |
Speakers (Realtek High Definiti |
Display Adapters: Intel® HD Graphics Family | Intel® HD Graphics Family | NVIDIA GeForce GT 550M  | RDPDD Chained DD | RDP Encoder Mirror Driver | RDP Reflector Display Driver
Monitors: 2x; Generic PnP Monitor | Generic PnP Monitor |
Screen Resolution: 1920 X 1080 - 32 bit
Network: Network Present
Network Adapters: Microsoft Virtual WiFi Miniport Adapter #2 | Microsoft Virtual WiFi Miniport Adapter | Intel® WiFi Link 1000 BGN | Realtek PCIe GBE Family Controller
CD / DVD Drives: 1x (D: | ) D: PLDS    DVDRWBD DS-6E2SH
Ports: COM Ports NOT Present. LPT Port NOT Present.
Mouse: 16 Button Wheel Mouse Present
Hard Disks: C:  452.1GB | F:  3726.0GB | G:  3726.0GB | I:  1863.0GB | Y:  13.7GB
Hard Disks - Free: C:  300.8GB | F:  2995.6GB | G:  2802.1GB | I:  568.5GB | Y:  6.3GB
Manufacturer *: Dell Inc.         
BIOS Info: AT/AT COMPATIBLE | 09/07/12 | DELL   - 2
Time Zone: Eastern Standard Time
Motherboard *: Dell Inc.          0K4H3G
Country: United States
Language: ENU

==== System Specs (Software) ======================

Anti-Virus: AVG AntiVirus Free Edition 2014 On-access scanning disabled (Outdated)
Anti-Spyware: Windows Defender disabled (Outdated)
Anti-Spyware: AVG AntiVirus Free Edition 2014 disabled (Outdated)
Default Browser: Firefox    26.0
Internet Explorer Version: 11.0.9600.16476
Mozilla Firefox version: 23.0.1 (x86 en-US)
Mozilla Firefox version: 24.0 (x86 en-US)
Mozilla Firefox version: 26.0 (x86 en-US)
Adobe Reader version: 11.0.04.63
Sun Java version: 1.7.0_45 (32-bit)
Sun Java version: 1.7.0_45 (64-bit)
Flash Player version: 11.9.900.170
Shockwave Player version: 12.0.5r146

==== Files Recently Created / Modified ======================

====== C:\Windows ====
2013-12-13 18:55:50    F042EE4C8D66248D9B86DCF52ABAE416    256000    ----a-w-    C:\Windows\PEV.exe
2013-12-13 18:55:50    9E05A9C264C8A908A8E79450FCBFF047    80412    ----a-w-    C:\Windows\grep.exe
2013-12-13 18:55:50    5E832F4FAF5F481F2EAF3B3A48F603B8    68096    ----a-w-    C:\Windows\zip.exe
2013-12-13 18:55:50    0297C72529807322B152F517FDB0A9FC    406528    ----a-w-    C:\Windows\SWSC.exe
2013-12-13 18:55:50    0277C027A26428DB64EF4F64F52BB4FD    208896    ----a-w-    C:\Windows\MBR.exe
====== C:\Users\newlife\AppData\Local\Temp ====
2013-12-18 14:50:52    51011C8C5A10579539CF69854A018038    1275904    ----a-w-    C:\Users\newlife\AppData\Local\Temp\Temp1_Z-Analyse.zip\Z-Analyse.exe
====== Java Cache =====
2013-12-19 13:37:08    F24CFCF9AFD1484CBB01746FAA011058    5539    ----a-w-    C:\Users\newlife\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\28\2e91971c-667e4554
2013-12-19 13:37:04    701245EB8C8A1F74A59E996C977AE315    79    ----a-w-    C:\Users\newlife\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\52\205c4eb4-6.0.lap
====== C:\Windows\SysWOW64 =====
2013-12-12 08:05:27    6C4B2E1A25841077084EB9F76FF6FFA7    11410432    ----a-w-    C:\Windows\SysWOW64\wmp.dll
2013-12-12 08:05:27    02DF0628BE8B64B84D50FBE53549AA3B    12625408    ----a-w-    C:\Windows\SysWOW64\wmploc.DLL
2013-12-12 08:02:22    C74500A1BCB4113A7310295DD3FA4440    2724864    ----a-w-    C:\Windows\SysWOW64\mshtml.tlb
2013-12-12 08:02:21    3D43EAC957F2F797BE82CF6B04A933F8    43008    ----a-w-    C:\Windows\SysWOW64\jsproxy.dll
2013-12-12 08:02:21    355BF103E2CF862B00EEB3731E25E802    440832    ----a-w-    C:\Windows\SysWOW64\ieui.dll
2013-12-12 08:02:20    35DE59C975A0C97E8DBBE095BCC3644E    553472    ----a-w-    C:\Windows\SysWOW64\jscript9diag.dll
2013-12-12 08:02:20    08881C59F795C356DE12067E44FFD260    703488    ----a-w-    C:\Windows\SysWOW64\ieapfltr.dll
2013-12-12 08:02:19    B2E1F7B212502BB49AAD4EFAD37C5CF5    2166784    ----a-w-    C:\Windows\SysWOW64\iertutil.dll
2013-12-12 08:02:19    927FA6456AD6D7630F6854828D2FD16B    1820160    ----a-w-    C:\Windows\SysWOW64\wininet.dll
2013-12-12 08:02:19    84EAF0A08C7742697816E148C066D757    1928192    ----a-w-    C:\Windows\SysWOW64\inetcpl.cpl
2013-12-12 08:02:19    0763C5D8660436D4D961F72609E33BBE    1157632    ----a-w-    C:\Windows\SysWOW64\urlmon.dll
2013-12-12 08:02:18    4B638CE3DAA3A082E576C0DDF9D635D4    11221504    ----a-w-    C:\Windows\SysWOW64\ieframe.dll
2013-12-12 08:02:17    BFAFE990C4A191E83843362B5AC64A9B    17112576    ----a-w-    C:\Windows\SysWOW64\mshtml.dll
2013-12-12 08:02:17    A60A222D3126DD9E380F9D8B651BC13D    4243968    ----a-w-    C:\Windows\SysWOW64\jscript9.dll
2013-12-11 18:22:36    AFA53BD631FB0509A91A99391209BB70    301568    ----a-w-    C:\Windows\SysWOW64\msieftp.dll
2013-12-11 18:22:34    E9504E484076585F6DA3C59F0E20E122    417792    ----a-w-    C:\Windows\SysWOW64\WMPhoto.dll
2013-12-11 18:22:32    E7B9D5FF20FFDD4AAE2EF1D1B8C27A37    159232    ----a-w-    C:\Windows\SysWOW64\imagehlp.dll
2013-12-11 18:22:29    4EC2C3B15B9EC41AD0D6CD918D20376E    2048    ----a-w-    C:\Windows\SysWOW64\tzres.dll
2013-12-11 18:22:26    A3B1D1312602280839A4A2AFBDFD066E    163840    ----a-w-    C:\Windows\SysWOW64\scrrun.dll
2013-12-11 18:22:26    A3A35EE79C64A640152B3113E6E254E2    126976    ----a-w-    C:\Windows\SysWOW64\cscript.exe
2013-12-11 18:22:26    979D74799EA6C8B8167869A68DF5204A    141824    ----a-w-    C:\Windows\SysWOW64\wscript.exe
2013-12-11 18:22:26    09F65975C1C9793B923BB52A7FA83453    121856    ----a-w-    C:\Windows\SysWOW64\wshom.ocx
====== C:\Windows\SysWOW64\drivers =====
====== C:\Windows\Sysnative =====
2013-12-12 08:05:28    AB272BBFB05A8585C3405EFA9F605774    12625920    ----a-w-    C:\Windows\Sysnative\wmploc.DLL
2013-12-12 08:05:26    8CBBB27369F9F07BC5E874E750EAF9D0    14631424    ----a-w-    C:\Windows\Sysnative\wmp.dll
2013-12-12 08:02:22    A3427586C75749B51BF5DEBEDEB4AD5C    2724864    ----a-w-    C:\Windows\Sysnative\mshtml.tlb
2013-12-12 08:02:21    FB13F4873F6747AB4E3C37CAFEA8ACAE    4096    ----a-w-    C:\Windows\Sysnative\ieetwcollectorres.dll
2013-12-12 08:02:21    EF098867663B07247587587C29E631DB    33792    ----a-w-    C:\Windows\Sysnative\iernonce.dll
2013-12-12 08:02:21    4E249022336591E9C6DE374A68C18EF6    574976    ----a-w-    C:\Windows\Sysnative\ieui.dll
2013-12-12 08:02:21    3A722B49408BE7FE8A375C3B8FD57BB1    218624    ----a-w-    C:\Windows\Sysnative\ie4uinit.exe
2013-12-12 08:02:21    2E2875FFC6C2DC1ACF4F46AFC7819BD5    66048    ----a-w-    C:\Windows\Sysnative\iesetup.dll
2013-12-12 08:02:21    2A0B7281854ACBECA25D8FDD06A4D714    53760    ----a-w-    C:\Windows\Sysnative\jsproxy.dll
2013-12-12 08:02:21    0F753FDA08F495E515629210FF0DA59E    139264    ----a-w-    C:\Windows\Sysnative\ieUnatt.exe
2013-12-12 08:02:20    DACB9A752CEB29C1D931514EF73803E1    111616    ----a-w-    C:\Windows\Sysnative\ieetwcollector.exe
2013-12-12 08:02:20    95EED00D70485F6F82983EB7C03CC42A    817664    ----a-w-    C:\Windows\Sysnative\ieapfltr.dll
2013-12-12 08:02:20    40B33A42F90DED26DE4F5AAFA00F24CA    48640    ----a-w-    C:\Windows\Sysnative\ieetwproxystub.dll
2013-12-12 08:02:20    16B0A65F52531B769B891DC251ECC6C0    23183360    ----a-w-    C:\Windows\Sysnative\mshtml.dll
2013-12-12 08:02:20    14074CF6190B937EB70BE2F93113B5FE    708608    ----a-w-    C:\Windows\Sysnative\jscript9diag.dll
2013-12-12 08:02:19    FA30E3DC75EA42FE19B819F30FBDED8D    1995264    ----a-w-    C:\Windows\Sysnative\inetcpl.cpl
2013-12-12 08:02:19    C8CF11D73017CC588411FCB936891CF4    1395200    ----a-w-    C:\Windows\Sysnative\urlmon.dll
2013-12-12 08:02:19    9B6678DB9C6A232C5A84D2FDFFF8B0E1    2334208    ----a-w-    C:\Windows\Sysnative\wininet.dll
2013-12-12 08:02:19    7016991D493B9F9FA492E75BD13D031D    2764288    ----a-w-    C:\Windows\Sysnative\iertutil.dll
2013-12-12 08:02:18    EDF5C6A9F33FBD3D717D1B77A9864C64    12996608    ----a-w-    C:\Windows\Sysnative\ieframe.dll
2013-12-12 08:02:17    6491B719695D713335B431FCF0EAE28B    5769216    ----a-w-    C:\Windows\Sysnative\jscript9.dll
2013-12-11 18:22:36    AC38EC8D0C1B4C783CA6A24D239A71B7    335360    ----a-w-    C:\Windows\Sysnative\msieftp.dll
2013-12-11 18:22:35    97D50B0CABF18A6D40F8883D02DDB519    3155968    ----a-w-    C:\Windows\Sysnative\win32k.sys
2013-12-11 18:22:34    4EDF8812713291DBBFDA67CE6215F236    465920    ----a-w-    C:\Windows\Sysnative\WMPhoto.dll
2013-12-11 18:22:32    B4F29F65AD3114051F01E9403346047F    81408    ----a-w-    C:\Windows\Sysnative\imagehlp.dll
2013-12-11 18:22:29    5FD67F205773EC80674DBBD609DB5315    2048    ----a-w-    C:\Windows\Sysnative\tzres.dll
2013-12-11 18:22:26    ECB021CA3370582F0C7244B0CF06732C    156160    ----a-w-    C:\Windows\Sysnative\cscript.exe
2013-12-11 18:22:26    731131A477F69476F2D739B0DB6A9281    202752    ----a-w-    C:\Windows\Sysnative\scrrun.dll
2013-12-11 18:22:26    05D80FF3483BD8F268B01703C859198A    150016    ----a-w-    C:\Windows\Sysnative\wshom.ocx
2013-12-11 18:22:26    045451FA238A75305CC26AC982472367    168960    ----a-w-    C:\Windows\Sysnative\wscript.exe
====== C:\Windows\Sysnative\drivers =====
2013-12-11 18:22:27    E0D3CD5841E5C7BE7B94BA946AF1E498    116736    ----a-w-    C:\Windows\Sysnative\drivers\drmk.sys
2013-12-11 18:22:27    1E0B4CBBA91C6B041A14ECC2186F7E24    230400    ----a-w-    C:\Windows\Sysnative\drivers\portcls.sys
2013-12-06 15:16:54    0BB97D43299910CBFBA59C461B99B910    25928    ----a-w-    C:\Windows\Sysnative\drivers\mbam.sys
====== C:\Windows\Tasks ======
2013-12-23 03:37:28    FB70530DD53AB7648552173178E7A019    3342    ----a-w-    C:\Windows\Sysnative\Tasks\RealPlayerRealUpgradeScheduledTaskS-1-5-21-1959217845-2470667070-2591337386-1003
2013-12-22 19:45:29    1F9F9A44C1A3EDA35A0F834F55794F66    3364    ----a-w-    C:\Windows\Sysnative\Tasks\RealDownloaderRealUpgradeScheduledTaskS-1-5-21-1959217845-2470667070-2591337386-1003
====== C:\Windows\Temp ======
======= C:\Program Files =====
======= C:\PROGRA~2 =====
2013-12-10 15:35:16    --------    d-----w-    C:\PROGRA~2\AVG
2013-12-08 11:04:00    --------    d-----w-    C:\PROGRA~2\Hosts_Anti_Adwares_PUPs
2013-12-02 08:30:13    --------    d-----w-    C:\PROGRA~2\Google
======= C: =====
2013-12-24 07:52:53    85BBF81BCEFDF53B96D32F670D064A9C    535    ----a-w-    C:\runcheck.txt
====== C:\Users\newlife\AppData\Roaming ======
2013-12-22 12:55:54    --------    d-----w-    C:\Users\newlife\AppData\Roaming\DS Development
2013-12-15 15:33:36    --------    d-----w-    C:\Users\UpdatusUser\AppData\Local\temp
2013-12-15 15:33:36    --------    d-----w-    C:\Users\TEMP\AppData\Local\temp
2013-12-15 15:33:36    --------    d-----w-    C:\Users\Public\AppData\Local\temp
2013-12-15 15:33:36    --------    d-----w-    C:\Users\Default\AppData\Local\temp
2013-12-15 15:33:36    --------    d-----w-    C:\Users\Default User\AppData\Local\temp
2013-12-08 19:08:53    --------    d-----w-    C:\Users\newlife\AppData\Roaming\vlc
2013-12-02 08:36:19    --------    d-----w-    C:\Windows\sysWoW64\config\systemprofile\AppData\Local\Google
2013-11-26 16:41:54    --------    d-----w-    C:\Users\newlife\AppData\Roaming\uTorrent
====== C:\Users\newlife ======
2013-12-23 10:28:28    --------    d-----r-    C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CyberLink PowerDVD 9.6
2013-12-22 12:54:28    --------    d-----w-    C:\ProgramData\DS Development
2013-12-18 14:50:52    51011C8C5A10579539CF69854A018038    1275904    ----a-w-    C:\Users\newlife\Desktop\Z-Analyse.exe
2013-12-13 19:16:52    --------    d-----w-    C:\Users\TEMP\AppData
2013-12-13 19:16:52    --------    d-----w-    C:\Users\Public\AppData
2013-12-10 15:36:49    --------    d-----w-    C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVG

====== C: exe-files ==
2013-12-18 14:50:52    51011C8C5A10579539CF69854A018038    1275904    ----a-w-    C:\Users\newlife\Desktop\Z-Analyse.exe
2013-12-18 14:50:52    51011C8C5A10579539CF69854A018038    1275904    ----a-w-    C:\Users\newlife\AppData\Local\Temp\Temp1_Z-Analyse.zip\Z-Analyse.exe
=== C: other files ==
2013-12-24 07:51:13    FD778931C075D078D5DBD64983591ED1    2535532    ----a-w-    C:\Users\newlife\Desktop\Z-Analyse.zip

==== Startup Registry Enabled ======================

[HKEY_USERS\S-1-5-21-1959217845-2470667070-2591337386-1003\Software\Microsoft\Windows\CurrentVersion\Run]
"TrueCrypt"="C:\Program Files\TrueCrypt\TrueCrypt.exe /q preferences /a logon"
"ISUSPM"="C:\ProgramData\FLEXnet\Connect\11\ISUSPM.exe -scheduler"

[HKEY_USERS\S-1-5-21-1959217845-2470667070-2591337386-1005\Software\Microsoft\Windows\CurrentVersion\Run]
"Sidebar"="%ProgramFiles%\Windows\Sidebar.exe /autoRun"

[HKEY_USERS\S-1-5-21-1959217845-2470667070-2591337386-1005\Software\Microsoft\Windows\CurrentVersion\RunOnce]
"mctadmin"="C:\Windows\System32\mctadmin.exe"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"GrooveMonitor"="C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe"
"RoxWatchTray"="C:\Program Files (x86)\Common Files\Roxio Shared\OEM\12.0\SharedCOM\RoxWatchTray12OEM.exe"
"RemoteControl9"="C:\Program Files (x86)\CyberLink\PowerDVD9\PDVD9Serv.exe"
"PDVD9LanguageShortcut"="C:\Program Files (x86)\CyberLink\PowerDVD9\Language\Language.exe"
"DNS7reminder"="C:\Program Files (x86)\Nuance\NaturallySpeaking12\Ereg\Ereg.exe -r C:\ProgramData\Nuance\NaturallySpeaking12\Ereg.ini"
"BDRegion"="C:\Program Files (x86)\Cyberlink\Shared Files\brs.exe"
"AVG_UI"="C:\Program Files (x86)\AVG\AVG2014\avgui.exe /TRAYONLY"
"APSDaemon"="C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"
"Desktop Disc Tool"="C:\Program Files (x86)\Roxio\OEM\Roxio Burn\RoxioBurnLauncher.exe"
"Dell Webcam Central"="C:\Program Files (x86)\Dell Webcam\Dell Webcam Central\WebcamDell2.exe /mode2"

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"TrueCrypt"="C:\Program Files\TrueCrypt\TrueCrypt.exe /q preferences /a logon"
"ISUSPM"="C:\ProgramData\FLEXnet\Connect\11\ISUSPM.exe -scheduler"

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Windows]
"AppInit_DLLs"="C:\\Windows\\SysWOW64\\nvinit.dll"

==== Startup Registry Enabled x64 ======================

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"RTHDVCPL"="C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe -s"
"RtHDVBg"="C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe /MAXX3 "
"SynTPEnh"="%ProgramFiles%\Synaptics\SynTP\SynTPEnh.exe"
"Persistence"="C:\Windows\system32\igfxpers.exe"
"IntelPAN"="C:\Program Files\Common Files\Intel\WirelessCommon\iFrmewrk.exe /tf Intel PAN Tray"
"IgfxTray"="C:\Windows\system32\igfxtray.exe"
"HotKeysCmds"="C:\Windows\system32\hkcmd.exe"

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Windows]
"AppInit_DLLs"="C:\\Windows\\System32\\nvinitx.dll"

==== Startup Registry Disabled ======================

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run-]
"SunJavaUpdateSched"="\"C:\\Program Files (x86)\\Common Files\\Java\\Java Update\\jusched.exe\""
"TkBellExe"="\"C:\\Program Files (x86)\\Real\\RealPlayer\\update\\realsched.exe\"  -osboot"


==== Startup Registry Disabled x64 ======================

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\Adobe ARM]
"key"="SOFTWARE\\Wow6432Node\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"="Adobe ARM"
"hkey"="HKLM"
"command"="\"C:\\Program Files (x86)\\Common Files\\Adobe\\ARM\\1.0\\AdobeARM.exe\""

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\Adobe Reader Synchronizer]
"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"="Adobe Reader Synchronizer"
"hkey"="HKCU"
"command"="\"C:\\Program Files (x86)\\Adobe\\Reader 11.0\\Reader\\AdobeCollabSync.exe\""

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\AppleIEDAV]
"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"="AppleIEDAV"
"hkey"="HKCU"
"command"="C:\\Program Files (x86)\\Common Files\\Apple\\Internet Services\\AppleIEDAV.exe"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\ApplePhotoStreams]
"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"="ApplePhotoStreams"
"hkey"="HKCU"
"command"="C:\\Program Files (x86)\\Common Files\\Apple\\Internet Services\\ApplePhotoStreams.exe"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\iCloudServices]
"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"="iCloudServices"
"hkey"="HKCU"
"command"="C:\\Program Files (x86)\\Common Files\\Apple\\Internet Services\\iCloudServices.exe"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\iTunesHelper]
"key"="SOFTWARE\\Wow6432Node\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"="iTunesHelper"
"hkey"="HKLM"
"command"="\"C:\\Program Files (x86)\\iTunes\\iTunesHelper.exe\""

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\QuickTime Task]
"key"="SOFTWARE\\Wow6432Node\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"="QuickTime Task"
"hkey"="HKLM"
"command"="\"C:\\Program Files (x86)\\QuickTime\\QTTask.exe\" -atboottime"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\Skype]
"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"="Skype"
"hkey"="HKCU"
"command"="\"C:\\Program Files (x86)\\Skype\\Phone\\Skype.exe\" /minimized /regrun"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\SunJavaUpdateSched]
"key"="SOFTWARE\\Wow6432Node\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"="SunJavaUpdateSched"
"hkey"="HKLM"
"command"="\"C:\\Program Files (x86)\\Common Files\\Java\\Java Update\\jusched.exe\""

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\TkBellExe]
"key"="SOFTWARE\\Wow6432Node\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"="TkBellExe"
"hkey"="HKLM"
"command"="\"C:\\Program Files (x86)\\Real\\RealPlayer\\update\\realsched.exe\"  -osboot"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\Wallpaper Changer]
"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"="Wallpaper Changer"
"hkey"="HKCU"
"command"="C:\\Program Files (x86)\\Wallpaper Changer\\Wallpaper Changer.exe /minimized"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\Wondershare Helper Compact.exe]
"key"="SOFTWARE\\Wow6432Node\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"="Wondershare Helper Compact.exe"
"hkey"="HKLM"
"command"="C:\\Program Files (x86)\\Common Files\\Wondershare\\Wondershare Helper Compact\\WSHelper.exe"


[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupfolder]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupfolder\C:^Users^newlife^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^Dropbox.lnk]
"path"="C:\\Users\\newlife\\AppData\\Roaming\\Microsoft\\Windows\\Start Menu\\Programs\\Startup\\Dropbox.lnk"
"backup"="C:\\Windows\\pss\\Dropbox.lnk.Startup"
"backupExtension"=".Startup"
"command"="C:\\Users\\newlife\\AppData\\Roaming\\Dropbox\\bin\\Dropbox.exe /systemstartup"
"item"="Dropbox"


[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\Services]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\Services\AdobeARMservice]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\Services\AdobeFlashPlayerUpdateSvc]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\Services\Bonjour Service]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\Services\defragsvc]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\Services\DragonSvc]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\Services\Fax]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\Services\GlidePoint]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\Services\iPod Service]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\Services\Level Quality Watcher]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\Services\McAWFwk]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\Services\McMPFSvc]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\Services\mcmscsvc]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\Services\McNaiAnn]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\Services\McNASvc]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\Services\McODS]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\Services\McProxy]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\Services\mfefire]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\Services\MozillaMaintenance]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\Services\MSK80Service]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\Services\odserv]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\Services\Skype C2C Service]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\Services\SkypeUpdate]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\Services\wercplsupport]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\Services\WerSvc]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\Services\WPCSvc]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\Services\YouTubeDownloaderConverter]


==== Startup Folders ======================

2013-12-23 15:08:15    1058    ----a-w-    C:\Users\newlife\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk

==== Task Scheduler Jobs ======================

C:\Windows\tasks\1-Click Maintenance.job --a------ C:\Program Files (x86)\TuneUp Utilities 2007\SystemOptimizer.exe [04/27/2007 06:51 AM]
C:\Windows\tasks\Adobe Flash Player Updater.job --a------ C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [12/22/2013 10:45 AM]

==== Other Scheduled Tasks ======================

"C:\Windows\SysNative\tasks\1-Click Maintenance" [C:\Program Files (x86)\TuneUp Utilities 2007\SystemOptimizer.exe]
"C:\Windows\SysNative\tasks\Adobe Flash Player Updater" [C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe]
"C:\Windows\SysNative\tasks\CCleanerSkipUAC" ["C:\Program Files\CCleaner\CCleaner.exe"]
"C:\Windows\SysNative\tasks\RealDownloaderDownloaderScheduledTaskS-1-5-21-1959217845-2470667070-2591337386-1003" [C:\Program Files (x86)\RealNetworks\RealDownloader\recordingmanager.exe]
"C:\Windows\SysNative\tasks\RealDownloaderRealUpgradeLogonTaskS-1-5-21-1959217845-2470667070-2591337386-1003" [C:\Program Files (x86)\RealNetworks\RealDownloader\realupgrade.exe]
"C:\Windows\SysNative\tasks\RealDownloaderRealUpgradeScheduledTaskS-1-5-21-1959217845-2470667070-2591337386-1003" [C:\Program Files (x86)\RealNetworks\RealDownloader\realupgrade.exe]
"C:\Windows\SysNative\tasks\RealPlayerRealUpgradeLogonTaskS-1-5-21-1959217845-2470667070-2591337386-1003" [C:\Program Files (x86)\Real\RealUpgrade\RealUpgrade.exe]
"C:\Windows\SysNative\tasks\RealPlayerRealUpgradeScheduledTaskS-1-5-21-1959217845-2470667070-2591337386-1003" [C:\Program Files (x86)\Real\RealUpgrade\RealUpgrade.exe]
"C:\Windows\SysNative\tasks\SidebarExecute" [C:\Program Files\Windows Sidebar\sidebar.exe]
"C:\Windows\SysNative\tasks\{369559FA-22EA-425E-B0CC-ACE4EF3D0511}" [C:\Program Files (x86)\Microsoft Office\Office12\OUTLOOK.EXE]
"C:\Windows\SysNative\tasks\{C4A580DA-501D-4334-90DC-CF195721301B}" [C:\Program Files (x86)\Microsoft Office\Office12\OUTLOOK.EXE]
"C:\Windows\SysNative\tasks\{C97055F9-4AC0-478F-A342-6BE6B67F48C3}" [C:\Program Files (x86)\Microsoft Office\Office12\OUTLOOK.EXE]
"C:\Windows\SysNative\tasks\{E3079A36-8C1B-4432-AF1C-015B97F4481A}" [C:\Program Files (x86)\TuneUp Utilities 2007\Integrator.exe]
"C:\Windows\SysNative\tasks\OfficeSoftwareProtectionPlatform\SvcRestartTask" [%systemroot%\system32\sc.exe start osppsvc]

==== Firefox Extensions Registry ======================

[HKEY_LOCAL_MACHINE\Software\Mozilla\Firefox\Extensions]
"{C4CFC0DE-134F-4466-B2A2-FF7C59A8BFAD}"="C:\Program Files\Updater By SweetPacks\Firefox" []
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Mozilla\Firefox\Extensions]
"{DF153AFF-6948-45d7-AC98-4FC4AF8A08E2}"="C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\Firefox\Ext" [11/16/2013 04:14 AM]
[HKEY_CURRENT_USER\Software\Mozilla\Firefox\Extensions]
"{8D150B8F-EFE8-45a3-A4A3-053020F48FAC}"="C:\Program Files (x86)\Wondershare\Video Converter Ultimate\SVRFirefoxExt" []

==== Firefox Extensions ======================

ProfilePath: C:\Users\newlife\AppData\Roaming\Mozilla\Firefox\Profiles\uzjkrskb.default
- RealDownloader - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\Firefox\Ext
- DoNotTrackMe: Online Privacy Protection - %ProfilePath%\extensions\donottrackplus@abine.com
- Lightbeam - %ProfilePath%\extensions\jid1-F9UJ2thwoAm5gQ@jetpack.xpi
- QuickPasswords - %ProfilePath%\extensions\QuickPasswords@axelg.com.xpi
- Text to Voice - %ProfilePath%\extensions\text2voice@vik.josh.xpi
- TinEye Reverse Image Search - %ProfilePath%\extensions\tineye@ideeinc.com.xpi
- Twitter Disconnect - %ProfilePath%\extensions\twitter@disconnect.me.xpi
- Malware Search - %ProfilePath%\extensions\{27c60876-b5c9-4335-b4f3-52b26782220c}.xpi
- Adblock Plus - %ProfilePath%\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi

AppDir: C:\Program Files (x86)\Mozilla Firefox
- Default - %AppDir%\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}

==== Firefox Plugins ======================

Profilepath: C:\Users\newlife\AppData\Roaming\Mozilla\Firefox\Profiles\uzjkrskb.default
F891089A6AB9E12FEDEBCC5EC0F40D66    - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_9_900_170.dll -    Shockwave Flash
C2321043FA2CA4C32FF449DE6116B5D9    - C:\Windows\SysWOW64\Adobe\Director\np32dsw_1205146.dll -    Shockwave for Director / Shockwave for Director
BE126CB7049E89ED6F3038016668B502    - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlchromebrowserrecordext.dll -    RealNetworks RealDownloader Chrome Background Extension Plug-In (32-bit)
EAC427FEF96A13058C1ACD17C38966CF    - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlpepperflashvideoshim.dll -    RealNetworks RealDownloader PepperFlashVideoShim Plug-In (32-bit)
96B3689320E9B16EDF38B7A5001C35F0    - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlhtml5videoshim.dll -    RealNetworks RealDownloader HTML5VideoShim Plug-In (32-bit)
F8CB60A5ACA5D73807ECBD9942A8BCB7    - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\npdlplugin.dll -    RealDownloader Plugin
2371BA18F579EF66F814E4C4B89F24D1    - C:\Users\newlife\AppData\Roaming\GVU Technologies\YouTubeDownloaderConverter\npCertifiedBrowser.dll -    Certified Browser


==== Chrome Look ======================

HKEY_LOCAL_MACHINE\SOFTWARE\Google\Chrome\Extensions
chgdeabpmphfhkoemjjglmilajldekbp - C:\Program Files (x86)\Wondershare\Video Converter Ultimate\SVRChromePlugin.crx[]
idhngdhcfkoamngbedgpaokgjbnpdiji - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\Chrome\Ext\realdownloader.crx[08/14/2013 03:24 PM]
mikhcaiakabeeokmenglcdebplfdjicn - C:\Program Files (x86)\Nuance\NaturallySpeaking12\Program\chromeShim.crx[02/11/2013 06:44 PM]

==== IE Start and Search Settings ======================

[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Start Page"="https://www.google.com/"
[HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main]
"Start Page"="http://www.google.com"
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Internet Explorer\Main]
"Start Page"="http://www.google.com"
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes]
"DefaultScope"="{4119B8F3-FC8B-4B12-9FFE-3F5B5F6A4016}"

==== All HKCU SearchScopes ======================

HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes
{0633EE93-D776-472f-A0FF-E1416B8B2E3A} Bing  Url="http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE11SR"
{4119B8F3-FC8B-4B12-9FFE-3F5B5F6A4016} Google  Url="http://www.google.com/search?q={searchTerms}&sourceid=ie7&rls=com.microsoft:{language}:{referrer:source}&ie={inputEncoding?}&oe={outputEncoding?}"

==== HijackThis Entries ======================

O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~2\MICROS~1\Office12\GR469A~1.DLL
O4 - HKLM\..\Run: [GrooveMonitor] "C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe"
O4 - HKLM\..\Run: [RoxWatchTray] "C:\Program Files (x86)\Common Files\Roxio Shared\OEM\12.0\SharedCOM\RoxWatchTray12OEM.exe"
O4 - HKLM\..\Run: [RemoteControl9] "C:\Program Files (x86)\CyberLink\PowerDVD9\PDVD9Serv.exe"
O4 - HKLM\..\Run: [PDVD9LanguageShortcut] "C:\Program Files (x86)\CyberLink\PowerDVD9\Language\Language.exe"
O4 - HKLM\..\Run: [DNS7reminder] "C:\Program Files (x86)\Nuance\NaturallySpeaking12\Ereg\Ereg.exe" -r "C:\ProgramData\Nuance\NaturallySpeaking12\Ereg.ini"
O4 - HKLM\..\Run: [bDRegion] C:\Program Files (x86)\Cyberlink\Shared Files\brs.exe
O4 - HKLM\..\Run: [AVG_UI] "C:\Program Files (x86)\AVG\AVG2014\avgui.exe" /TRAYONLY
O4 - HKLM\..\Run: [APSDaemon] "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"
O4 - HKLM\..\Run: [Desktop Disc Tool] "C:\Program Files (x86)\Roxio\OEM\Roxio Burn\RoxioBurnLauncher.exe"
O4 - HKLM\..\Run: [Dell Webcam Central] "C:\Program Files (x86)\Dell Webcam\Dell Webcam Central\WebcamDell2.exe" /mode2
O4 - HKCU\..\Run: [TrueCrypt] "C:\Program Files\TrueCrypt\TrueCrypt.exe" /q preferences /a logon
O4 - HKCU\..\Run: [iSUSPM] C:\ProgramData\FLEXnet\Connect\11\ISUSPM.exe -scheduler
O4 - HKUS\S-1-5-21-1959217845-2470667070-2591337386-1005\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'UpdatusUser')
O4 - HKUS\S-1-5-21-1959217845-2470667070-2591337386-1005\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'UpdatusUser')
O4 - Startup: Dropbox.lnk = newlife\AppData\Roaming\Dropbox\bin\Dropbox.exe

O8 - Extra context menu item: Free YouTube Download - C:\Program Files (x86)\Common Files\DVDVideoSoft\plugins\freeytvdownloader.htm
O8 - Extra context menu item: Free YouTube to MP3 Converter - C:\Program Files (x86)\Common Files\DVDVideoSoft\plugins\freeytmp3downloader.htm
O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~1\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: S&end to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~1\Office12\ONBttnIE.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~2\MICROS~1\Office12\REFIEBAR.DLL
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O15 - Trusted Zone: *.dell.com
O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\PROGRA~2\MICROS~1\Office12\GRA32A~1.DLL
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL
O20 - AppInit_DLLs: C:\Windows\SysWOW64\nvinit.dll
O23 - Service: Andrea RT Filters Service (AERTFilters) - Andrea Electronics Corporation - C:\Program Files\Realtek\Audio\HDA\AERTSr64.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: Intel® Centrino® Wireless Bluetooth® 3.0 + High Speed Service (AMPPALR3) - Intel Corporation - C:\Program Files\Intel\BluetoothHS\BTHSAmpPalService.exe
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
O23 - Service: AVGIDSAgent - AVG Technologies CZ, s.r.o. - C:\Program Files (x86)\AVG\AVG2014\avgidsagent.exe
O23 - Service: AVG WatchDog (avgwd) - AVG Technologies CZ, s.r.o. - C:\Program Files (x86)\AVG\AVG2014\avgwdsvc.exe
O23 - Service: Intel® Centrino® Wireless Bluetooth® 3.0 + High Speed Security Service (BTHSSecurityMgr) - Intel® Corporation - C:\Program Files\Intel\BluetoothHS\BTHSSecurityMgr.exe
O23 - Service: CyberLink Product - 2012/10/29 07:30:33 (CLKMSVC10_9EC60124) - CyberLink - C:\Program Files (x86)\CyberLink\PowerDVD9\NavFilter\kmsvc.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: Intel® PROSet/Wireless Event Log (EvtEng) - Intel® Corporation - C:\Program Files\Intel\WiFi\bin\EvtEng.exe
O23 - Service: HP SI Service (HPSIService) - Unknown owner - C:\Windows\system32\HPSIsvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\Windows\system32\IEEtwCollector.exe (file missing)
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: Wireless PAN DHCP Server (MyWiFiDHCPDNS) - Unknown owner - C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: NitroPDFReaderDriverCreatorReadSpool3 (NitroReaderDriverReadSpool3) - Nitro PDF Software - C:\Program Files\Common Files\Nitro\Reader\3.0\NitroPDFReaderDriverService3x64.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - Unknown owner - C:\Windows\system32\nvvsvc.exe (file missing)
O23 - Service: NVIDIA Update Service Daemon (nvUpdatusService) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: RealNetworks Downloader Resolver Service - Unknown owner - C:\Program Files (x86)\RealNetworks\RealDownloader\rndlresolversvc.exe
O23 - Service: Intel® PROSet/Wireless Registry Service (RegSrvc) - Intel® Corporation - C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
O23 - Service: RoxMediaDB12OEM - Sonic Solutions - C:\Program Files (x86)\Common Files\Roxio Shared\OEM\12.0\SharedCOM\RoxMediaDB12OEM.exe
O23 - Service: Roxio Hard Drive Watcher 12 (RoxWatch12) - Sonic Solutions - C:\Program Files (x86)\Common Files\Roxio Shared\OEM\12.0\SharedCOM\RoxWatch12OEM.exe
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: SoftThinks Agent Service (SftService) - SoftThinks SAS - C:\Program Files (x86)\Dell DataSafe Local Backup\sftservice.EXE
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: NVIDIA Stereoscopic 3D Driver Service (Stereo Service) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
O23 - Service: stllssvr - MicroVision Development, Inc. - C:\Program Files (x86)\Common Files\SureThing Shared\stllssvr.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)

==== EOF on Tue 12/24/2013 at  2:58:07.03 ======================
 

Link to post
Share on other sites

Zoek has not been run correctly, it would seem the "run script" command was selected before any script was pasted into the text field. If that action is run without the script another window would open with auto commands, the log you post appears to be from option 3 of that list.... I post an image of that window....

 

Can you go back to reply #62 and run Zoek exactly as written with the script I give pasted into the text field....

 

Thanks,

 

Kevin..

 

 

post-3601-0-98838200-1387880998_thumb.jp

Link to post
Share on other sites

Kevin: WIll put resukts in several posts:

 

Zoek.exe v5.0.0.0 Updated 23-December-2013
Tool run by newlife on Tue 12/24/2013 at  6:44:54.33.
Microsoft Windows 7 Professional  6.1.7601 Service Pack 1 x64
Running in: Normal Mode Internet Access Detected
Launched: C:\Users\newlife\Desktop\zoek\zoek.com [scan all users] [script inserted]

==== Older Logs ======================

C:\zoek-results2013-12-24-075807.log    38575 bytes

==== Deleting CLSID Registry Keys ======================


==== Deleting CLSID Registry Values ======================

HKEY_USERS\S-1-5-21-1959217845-2470667070-2591337386-1003\Software\Mozilla\Firefox\Extensions\{8D150B8F-EFE8-45a3-A4A3-053020F48FAC} deleted successfully
HKEY_LOCAL_MACHINE\software\mozilla\Firefox\extensions\{C4CFC0DE-134F-4466-B2A2-FF7C59A8BFAD} deleted successfully
HKEY_LOCAL_MACHINE\software\Wow6432Node\mozilla\Firefox\extensions\{8D150B8F-EFE8-45a3-A4A3-053020F48FAC} deleted successfully

==== Installed Programs ======================

Adobe AIR  
Adobe Flash Player 11 ActiveX  
Adobe Flash Player 11 Plugin  
Adobe Reader XI (11.0.05)  
Adobe Shockwave Player 12.0  
Amazon Kindle  
Apple Application Support  
Apple Mobile Device Support  
Apple Software Update  
Audacity 2.0.3  
AVG 2014  
CCleaner  
CyberLink PowerDVD 9.6  
Dell DataSafe Local Backup  
Dell Support Center  
Dell System Detect  
Dell Webcam Central  
DirectX 9 Runtime  
Dragon NaturallySpeaking 12  
Dropbox  
Free YouTube to MP3 Converter version 3.12.2.430  
GlidePointr Touchpad Driver 3 (64-bit)  
HP LaserJet Professional P1100-P1560-P1600 Series  
iCloud  
Intel PROSet Wireless  
Intel® Processor Graphics  
Intel® PROSet/Wireless WiFi Software  
Intel® WiDi  
IrfanView (remove only)  
iTunes  
Java 7 Update 45  
Java 7 Update 45 (64-bit)  
Java Auto Updater  
Malwarebytes Anti-Malware version 1.75.0.1300  
Microsoft .NET Framework 4.5.1  
Microsoft Office Access MUI (English) 2007  
Microsoft Office Access Setup Metadata MUI (English) 2007  
Microsoft Office Enterprise 2007  
Microsoft Office Excel MUI (English) 2007  
Microsoft Office Groove MUI (English) 2007  
Microsoft Office Groove Setup Metadata MUI (English) 2007  
Microsoft Office InfoPath MUI (English) 2007  
Microsoft Office Office 64-bit Components 2007  
Microsoft Office OneNote MUI (English) 2007  
Microsoft Office Outlook MUI (English) 2007  
Microsoft Office PowerPoint MUI (English) 2007  
Microsoft Office Proof (English) 2007  
Microsoft Office Proof (French) 2007  
Microsoft Office Proof (Spanish) 2007  
Microsoft Office Proofing (English) 2007  
Microsoft Office Publisher MUI (English) 2007  
Microsoft Office Shared 64-bit MUI (English) 2007  
Microsoft Office Shared 64-bit Setup Metadata MUI (English) 2007  
Microsoft Office Shared MUI (English) 2007  
Microsoft Office Shared Setup Metadata MUI (English) 2007  
Microsoft Office Word MUI (English) 2007  
Microsoft Visual C++ 2005 Redistributable  
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17  
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022  
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729  
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161  
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.30319  
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219  
Mozilla Firefox 26.0 (x86 en-US)  
Mozilla Maintenance Service  
Mozilla Thunderbird 17.0.5 (x86 en-US)  
MSXML 4.0 SP2 (KB954430)  
MSXML 4.0 SP2 (KB973688)  
Nitro Reader 3  
NVIDIA 3D Vision Driver 306.97  
NVIDIA Control Panel 306.97  
NVIDIA Graphics Driver 306.97  
NVIDIA HD Audio Driver 1.3.18.0  
NVIDIA Install Application  
NVIDIA Optimus 1.10.8  
NVIDIA Stereoscopic 3D Driver  
NVIDIA Update 1.10.8  
NVIDIA Update Components  
PhotoShowExpress  
PrimoPDF -- brought to you by Nitro PDF Software  
Quickset64  
RBVirtualFolder64Inst  
RealDownloader  
RealNetworks - Microsoft Visual C++ 2008 Runtime  
RealNetworks - Microsoft Visual C++ 2010 Runtime  
RealPlayer  
Realtek High Definition Audio Driver  
RealUpgrade 1.1  
Roxio Activation Module  
Roxio BackOnTrack  
Roxio Burn  
Roxio Creator Starter  
Roxio Express Labeler 3  
Roxio File Backup  
ScorpionSaver Services  
SkypeT 6.3  
Sonic CinePlayer Decoder Pack  
swMSM  
Synaptics Pointing Device Driver  
TrueCrypt  
TuneUp Utilities 2007  
Visual Studio 2010 x64 Redistributables  
Visual Studio 2012 x64 Redistributables  
Visual Studio 2012 x86 Redistributables  
VLC media player 2.1.1  
YouRecorder  
YouTubeDownloaderConverter  

==== Running Processes ======================

C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
C:\Program Files (x86)\AVG\AVG2014\avgwdsvc.exe
C:\Program Files (x86)\RealNetworks\RealDownloader\rndlresolversvc.exe
C:\Program Files (x86)\Dell DataSafe Local Backup\sftservice.EXE
C:\Program Files (x86)\Dell DataSafe Local Backup\TOASTER.EXE
C:\Program Files (x86)\Dell DataSafe Local Backup\COMPONENTS\SCHEDULER\STSERVICE.EXE
C:\Program Files (x86)\Dell DataSafe Local Backup\Components\DSUpdate\DSUpd.exe
C:\Program Files\TrueCrypt\TrueCrypt.exe
C:\ProgramData\FLEXnet\Connect\11\agent.exe
C:\ProgramData\FLEXnet\Connect\11\ISUSPM.exe
C:\Program Files (x86)\CyberLink\PowerDVD9\PDVD9Serv.exe
C:\Program Files (x86)\CyberLink\Shared files\brs.exe
C:\Program Files (x86)\AVG\AVG2014\avgui.exe
C:\Program Files (x86)\Roxio\OEM\Roxio Burn\RoxioBurnLauncher.exe
C:\Program Files (x86)\Dell Webcam\Dell Webcam Central\WebcamDell2.exe
C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe
C:\Users\newlife\AppData\Roaming\Dropbox\bin\Dropbox.exe
C:\Program Files (x86)\Common Files\Apple\Internet Services\ApplePhotoStreams.exe
C:\Program Files (x86)\Common Files\Apple\Internet Services\APSDaemon.exe
C:\Program Files (x86)\Real\RealPlayer\update\realsched.exe
C:\Windows\SysWOW64\cmd.exe
C:\Windows\SysWOW64\cmd.exe
C:\Windows\SysWOW64\cmd.exe

==== Deleting Services ======================

Link to post
Share on other sites

==== FireFox Fix ======================

ProfilePath: C:\Users\newlife\AppData\Roaming\Mozilla\Firefox\Profiles\uzjkrskb.default

user.js not found
---- Lines {C4CFC0DE-134F-4466-B2A2-FF7C59A8BFAD} removed from prefs.js ----
user_pref("{C4CFC0DE-134F-4466-B2A2-FF7C59A8BFAD}.extensionFirstRun", false);
user_pref("{C4CFC0DE-134F-4466-B2A2-FF7C59A8BFAD}.lastExtensionVersion", "2.0.0.566");
user_pref("{C4CFC0DE-134F-4466-B2A2-FF7C59A8BFAD}.ScriptData_installer_name", "hsbing_717_active_2013-03-26-11-20-09");
user_pref("{C4CFC0DE-134F-4466-B2A2-FF7C59A8BFAD}.ScriptData_product_version", "2.0.0.566");
user_pref("{C4CFC0DE-134F-4466-B2A2-FF7C59A8BFAD}.ScriptData_temp_installer_name", "hsbing_717_active_2013-03-26-11-20-09");
user_pref("{C4CFC0DE-134F-4466-B2A2-FF7C59A8BFAD}.ScriptData_toolbarID", "a36ecfb544fe43d48c81f27668c1af21");
user_pref("{C4CFC0DE-134F-4466-B2A2-FF7C59A8BFAD}.ScriptData_WSG_dailyPing", "true|||1364397735659");
user_pref("{C4CFC0DE-134F-4466-B2A2-FF7C59A8BFAD}.ScriptData_WSG_debugMode", "not set");
user_pref("{C4CFC0DE-134F-4466-B2A2-FF7C59A8BFAD}.ScriptData_WSG_dialogVersion", "not set");
user_pref("{C4CFC0DE-134F-4466-B2A2-FF7C59A8BFAD}.ScriptData_WSG_geoRequest", "US|||8641364311335903");
user_pref("{C4CFC0DE-134F-4466-B2A2-FF7C59A8BFAD}.ScriptData_WSG_gtQueryParam", "UA-37457264-2");
user_pref("{C4CFC0DE-134F-4466-B2A2-FF7C59A8BFAD}.ScriptData_WSG_inactive_by_user", "not set");
user_pref("{C4CFC0DE-134F-4466-B2A2-FF7C59A8BFAD}.ScriptData_WSG_installedPing", "true|||8641364311335660");
user_pref("{C4CFC0DE-134F-4466-B2A2-FF7C59A8BFAD}.ScriptData_WSG_kswitch", "");
user_pref("{C4CFC0DE-134F-4466-B2A2-FF7C59A8BFAD}.ScriptData_WSG_lastUpdate", "1364311335457|||8641364311335458");
user_pref("{C4CFC0DE-134F-4466-B2A2-FF7C59A8BFAD}.ScriptData_WSG_redirectQueryParam1", "{89E1BFBE-9628-11E2-9E59-848F69CC5FC8}");
user_pref("{C4CFC0DE-134F-4466-B2A2-FF7C59A8BFAD}.ScriptData_WSG_redirectQueryParam2", "3.5000006.10042&st=21");
user_pref("{C4CFC0DE-134F-4466-B2A2-FF7C59A8BFAD}.ScriptData_WSG_showDialog", "not set");
user_pref("{C4CFC0DE-134F-4466-B2A2-FF7C59A8BFAD}.ScriptData_WSG_showtoaster", "not set");
user_pref("{C4CFC0DE-134F-4466-B2A2-FF7C59A8BFAD}.ScriptData_WSG_status", "active|||8641364311685327");
user_pref("{C4CFC0DE-134F-4466-B2A2-FF7C59A8BFAD}.ScriptData_WSG_temp_referer", "not set");
user_pref("{C4CFC0DE-134F-4466-B2A2-FF7C59A8BFAD}.ScriptData_WSG_toasterID", "not set");
user_pref("{C4CFC0DE-134F-4466-B2A2-FF7C59A8BFAD}.ScriptData_WSG_toolbar_query", "not set");
user_pref("{C4CFC0DE-134F-4466-B2A2-FF7C59A8BFAD}.ScriptData_WSG_upn2", "717");
user_pref("{C4CFC0DE-134F-4466-B2A2-FF7C59A8BFAD}.setdefaultsearch_2.0.0.566", false);
user_pref("{C4CFC0DE-134F-4466-B2A2-FF7C59A8BFAD}.setdnscatch_2.0.0.413", false);
user_pref("{C4CFC0DE-134F-4466-B2A2-FF7C59A8BFAD}.setdnscatch_2.0.0.566", false);
user_pref("{C4CFC0DE-134F-4466-B2A2-FF7C59A8BFAD}.sethomepage_2.0.0.566", false);
---- FireFox user.js and prefs.js backups ----

prefs_20131224_0653_.backup

==== Batch Command(s) Run By Tool======================


Sucessfully reset the Winsock Catalog.
You must restart the computer in order to complete the reset.


==== Deleting Files \ Folders ======================

"c:\Windows\Installer\5383f25.msi" not found
C:\Users\newlife\daemonprocess.txt deleted
C:\PROGRA~2\COMMON~1\DVDVideoSoft\bin deleted
C:\PROGRA~2\Hosts_Anti_Adwares_PUPs deleted
C:\PROGRA~2\Amazon deleted
C:\Users\newlife\AppData\Roaming\GVU Technologies deleted
C:\Users\newlife\AppData\Local\Wondershare deleted
C:\Users\newlife\AppData\Local\Mobogenie deleted
C:\Users\newlife\AppData\Local\cache deleted
C:\Windows\Installer\{6E810AB6-F34E-49A3-A93F-9E503660F718} deleted
C:\Windows\SysNative\AdpeakProxy64.dll deleted
C:\Users\newlife\AppData\Roaming\Mozilla\Firefox\Profiles\uzjkrskb.default\jetpack deleted
C:\Users\newlife\AppData\Roaming\Mozilla\Firefox\Profiles\uzjkrskb.default\CT3289847 deleted
C:\Users\Public\Desktop\Free YouTube Downloader Converter.lnk deleted
"C:\Users\newlife\AppData\Roaming\Verizon" deleted

==== System Specs ======================

Windows: Windows 7 Professional Edition (64-bit) Service Pack 1 (Build 7601)
Memory (RAM): 16279 MB
CPU Info: Intel® Core i7-2670QM CPU @ 2.20GHz
CPU Speed: 2243.3 MHz
Sound Card: NS-39L240A13-1 (NVIDIA High Def |
Speakers (Realtek High Definiti |
Display Adapters: Intel® HD Graphics Family | Intel® HD Graphics Family | NVIDIA GeForce GT 550M  | RDPDD Chained DD | RDP Encoder Mirror Driver | RDP Reflector Display Driver
Monitors: 2x; Generic PnP Monitor | Generic PnP Monitor |
Screen Resolution: 1920 X 1080 - 32 bit
Network: Network Present
Network Adapters: Microsoft Virtual WiFi Miniport Adapter #2 | Microsoft Virtual WiFi Miniport Adapter | Intel® WiFi Link 1000 BGN | Realtek PCIe GBE Family Controller
CD / DVD Drives: 1x (D: | ) D: PLDS    DVDRWBD DS-6E2SH
Ports: COM Ports NOT Present. LPT Port NOT Present.
Mouse: 16 Button Wheel Mouse Present
Hard Disks: C:  452.1GB | F:  3726.0GB | G:  3726.0GB | I:  1863.0GB | Y:  13.7GB
Hard Disks - Free: C:  301.2GB | F:  2989.5GB | G:  2802.1GB | I:  568.5GB | Y:  6.3GB
Manufacturer *: Dell Inc.         
BIOS Info: AT/AT COMPATIBLE | 09/07/12 | DELL   - 2
Time Zone: Eastern Standard Time
Motherboard *: Dell Inc.          0K4H3G
Country: United States
Language: ENU

==== System Specs (Software) ======================

Anti-Virus: AVG AntiVirus Free Edition 2014 On-access scanning disabled (Outdated)
Anti-Spyware: Windows Defender disabled (Outdated)
Anti-Spyware: AVG AntiVirus Free Edition 2014 disabled (Outdated)
Default Browser: Firefox    26.0
Internet Explorer Version: 11.0.9600.16476
Mozilla Firefox version: 23.0.1 (x86 en-US)
Mozilla Firefox version: 24.0 (x86 en-US)
Mozilla Firefox version: 26.0 (x86 en-US)
Adobe Reader version: 11.0.04.63
Sun Java version: 1.7.0_45 (32-bit)
Sun Java version: 1.7.0_45 (64-bit)
Flash Player version: 11.9.900.170
Shockwave Player version: 12.0.5r146
 

Link to post
Share on other sites

==== Files Recently Created / Modified ======================

====== C:\Windows ====
2013-12-13 18:55:50    F042EE4C8D66248D9B86DCF52ABAE416    256000    ----a-w-    C:\Windows\PEV.exe
2013-12-13 18:55:50    9E05A9C264C8A908A8E79450FCBFF047    80412    ----a-w-    C:\Windows\grep.exe
2013-12-13 18:55:50    5E832F4FAF5F481F2EAF3B3A48F603B8    68096    ----a-w-    C:\Windows\zip.exe
2013-12-13 18:55:50    0297C72529807322B152F517FDB0A9FC    406528    ----a-w-    C:\Windows\SWSC.exe
2013-12-13 18:55:50    0277C027A26428DB64EF4F64F52BB4FD    208896    ----a-w-    C:\Windows\MBR.exe
====== C:\Users\newlife\AppData\Local\Temp ====
2013-12-18 14:50:52    51011C8C5A10579539CF69854A018038    1275904    ----a-w-    C:\Users\newlife\AppData\Local\Temp\Temp1_Z-Analyse.zip\Z-Analyse.exe
====== Java Cache =====
2013-12-19 13:37:08    F24CFCF9AFD1484CBB01746FAA011058    5539    ----a-w-    C:\Users\newlife\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\28\2e91971c-667e4554
2013-12-19 13:37:04    1103F204C69F43B87528FFB42C60F40D    79    ----a-w-    C:\Users\newlife\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\52\205c4eb4-6.0.lap
====== C:\Windows\SysWOW64 =====
2013-12-12 08:05:27    6C4B2E1A25841077084EB9F76FF6FFA7    11410432    ----a-w-    C:\Windows\SysWOW64\wmp.dll
2013-12-12 08:05:27    02DF0628BE8B64B84D50FBE53549AA3B    12625408    ----a-w-    C:\Windows\SysWOW64\wmploc.DLL
2013-12-12 08:02:22    C74500A1BCB4113A7310295DD3FA4440    2724864    ----a-w-    C:\Windows\SysWOW64\mshtml.tlb
2013-12-12 08:02:21    3D43EAC957F2F797BE82CF6B04A933F8    43008    ----a-w-    C:\Windows\SysWOW64\jsproxy.dll
2013-12-12 08:02:21    355BF103E2CF862B00EEB3731E25E802    440832    ----a-w-    C:\Windows\SysWOW64\ieui.dll
2013-12-12 08:02:20    35DE59C975A0C97E8DBBE095BCC3644E    553472    ----a-w-    C:\Windows\SysWOW64\jscript9diag.dll
2013-12-12 08:02:20    08881C59F795C356DE12067E44FFD260    703488    ----a-w-    C:\Windows\SysWOW64\ieapfltr.dll
2013-12-12 08:02:19    B2E1F7B212502BB49AAD4EFAD37C5CF5    2166784    ----a-w-    C:\Windows\SysWOW64\iertutil.dll
2013-12-12 08:02:19    927FA6456AD6D7630F6854828D2FD16B    1820160    ----a-w-    C:\Windows\SysWOW64\wininet.dll
2013-12-12 08:02:19    84EAF0A08C7742697816E148C066D757    1928192    ----a-w-    C:\Windows\SysWOW64\inetcpl.cpl
2013-12-12 08:02:19    0763C5D8660436D4D961F72609E33BBE    1157632    ----a-w-    C:\Windows\SysWOW64\urlmon.dll
2013-12-12 08:02:18    4B638CE3DAA3A082E576C0DDF9D635D4    11221504    ----a-w-    C:\Windows\SysWOW64\ieframe.dll
2013-12-12 08:02:17    BFAFE990C4A191E83843362B5AC64A9B    17112576    ----a-w-    C:\Windows\SysWOW64\mshtml.dll
2013-12-12 08:02:17    A60A222D3126DD9E380F9D8B651BC13D    4243968    ----a-w-    C:\Windows\SysWOW64\jscript9.dll
2013-12-11 18:22:36    AFA53BD631FB0509A91A99391209BB70    301568    ----a-w-    C:\Windows\SysWOW64\msieftp.dll
2013-12-11 18:22:34    E9504E484076585F6DA3C59F0E20E122    417792    ----a-w-    C:\Windows\SysWOW64\WMPhoto.dll
2013-12-11 18:22:32    E7B9D5FF20FFDD4AAE2EF1D1B8C27A37    159232    ----a-w-    C:\Windows\SysWOW64\imagehlp.dll
2013-12-11 18:22:29    4EC2C3B15B9EC41AD0D6CD918D20376E    2048    ----a-w-    C:\Windows\SysWOW64\tzres.dll
2013-12-11 18:22:26    A3B1D1312602280839A4A2AFBDFD066E    163840    ----a-w-    C:\Windows\SysWOW64\scrrun.dll
2013-12-11 18:22:26    A3A35EE79C64A640152B3113E6E254E2    126976    ----a-w-    C:\Windows\SysWOW64\cscript.exe
2013-12-11 18:22:26    979D74799EA6C8B8167869A68DF5204A    141824    ----a-w-    C:\Windows\SysWOW64\wscript.exe
2013-12-11 18:22:26    09F65975C1C9793B923BB52A7FA83453    121856    ----a-w-    C:\Windows\SysWOW64\wshom.ocx
====== C:\Windows\SysWOW64\drivers =====
====== C:\Windows\Sysnative =====
2013-12-12 08:05:28    AB272BBFB05A8585C3405EFA9F605774    12625920    ----a-w-    C:\Windows\Sysnative\wmploc.DLL
2013-12-12 08:05:26    8CBBB27369F9F07BC5E874E750EAF9D0    14631424    ----a-w-    C:\Windows\Sysnative\wmp.dll
2013-12-12 08:02:22    A3427586C75749B51BF5DEBEDEB4AD5C    2724864    ----a-w-    C:\Windows\Sysnative\mshtml.tlb
2013-12-12 08:02:21    FB13F4873F6747AB4E3C37CAFEA8ACAE    4096    ----a-w-    C:\Windows\Sysnative\ieetwcollectorres.dll
2013-12-12 08:02:21    EF098867663B07247587587C29E631DB    33792    ----a-w-    C:\Windows\Sysnative\iernonce.dll
2013-12-12 08:02:21    4E249022336591E9C6DE374A68C18EF6    574976    ----a-w-    C:\Windows\Sysnative\ieui.dll
2013-12-12 08:02:21    3A722B49408BE7FE8A375C3B8FD57BB1    218624    ----a-w-    C:\Windows\Sysnative\ie4uinit.exe
2013-12-12 08:02:21    2E2875FFC6C2DC1ACF4F46AFC7819BD5    66048    ----a-w-    C:\Windows\Sysnative\iesetup.dll
2013-12-12 08:02:21    2A0B7281854ACBECA25D8FDD06A4D714    53760    ----a-w-    C:\Windows\Sysnative\jsproxy.dll
2013-12-12 08:02:21    0F753FDA08F495E515629210FF0DA59E    139264    ----a-w-    C:\Windows\Sysnative\ieUnatt.exe
2013-12-12 08:02:20    DACB9A752CEB29C1D931514EF73803E1    111616    ----a-w-    C:\Windows\Sysnative\ieetwcollector.exe
2013-12-12 08:02:20    95EED00D70485F6F82983EB7C03CC42A    817664    ----a-w-    C:\Windows\Sysnative\ieapfltr.dll
2013-12-12 08:02:20    40B33A42F90DED26DE4F5AAFA00F24CA    48640    ----a-w-    C:\Windows\Sysnative\ieetwproxystub.dll
2013-12-12 08:02:20    16B0A65F52531B769B891DC251ECC6C0    23183360    ----a-w-    C:\Windows\Sysnative\mshtml.dll
2013-12-12 08:02:20    14074CF6190B937EB70BE2F93113B5FE    708608    ----a-w-    C:\Windows\Sysnative\jscript9diag.dll
2013-12-12 08:02:19    FA30E3DC75EA42FE19B819F30FBDED8D    1995264    ----a-w-    C:\Windows\Sysnative\inetcpl.cpl
2013-12-12 08:02:19    C8CF11D73017CC588411FCB936891CF4    1395200    ----a-w-    C:\Windows\Sysnative\urlmon.dll
2013-12-12 08:02:19    9B6678DB9C6A232C5A84D2FDFFF8B0E1    2334208    ----a-w-    C:\Windows\Sysnative\wininet.dll
2013-12-12 08:02:19    7016991D493B9F9FA492E75BD13D031D    2764288    ----a-w-    C:\Windows\Sysnative\iertutil.dll
2013-12-12 08:02:18    EDF5C6A9F33FBD3D717D1B77A9864C64    12996608    ----a-w-    C:\Windows\Sysnative\ieframe.dll
2013-12-12 08:02:17    6491B719695D713335B431FCF0EAE28B    5769216    ----a-w-    C:\Windows\Sysnative\jscript9.dll
2013-12-11 18:22:36    AC38EC8D0C1B4C783CA6A24D239A71B7    335360    ----a-w-    C:\Windows\Sysnative\msieftp.dll
2013-12-11 18:22:35    97D50B0CABF18A6D40F8883D02DDB519    3155968    ----a-w-    C:\Windows\Sysnative\win32k.sys
2013-12-11 18:22:34    4EDF8812713291DBBFDA67CE6215F236    465920    ----a-w-    C:\Windows\Sysnative\WMPhoto.dll
2013-12-11 18:22:32    B4F29F65AD3114051F01E9403346047F    81408    ----a-w-    C:\Windows\Sysnative\imagehlp.dll
2013-12-11 18:22:29    5FD67F205773EC80674DBBD609DB5315    2048    ----a-w-    C:\Windows\Sysnative\tzres.dll
2013-12-11 18:22:26    ECB021CA3370582F0C7244B0CF06732C    156160    ----a-w-    C:\Windows\Sysnative\cscript.exe
2013-12-11 18:22:26    731131A477F69476F2D739B0DB6A9281    202752    ----a-w-    C:\Windows\Sysnative\scrrun.dll
2013-12-11 18:22:26    05D80FF3483BD8F268B01703C859198A    150016    ----a-w-    C:\Windows\Sysnative\wshom.ocx
2013-12-11 18:22:26    045451FA238A75305CC26AC982472367    168960    ----a-w-    C:\Windows\Sysnative\wscript.exe
====== C:\Windows\Sysnative\drivers =====
2013-12-11 18:22:27    E0D3CD5841E5C7BE7B94BA946AF1E498    116736    ----a-w-    C:\Windows\Sysnative\drivers\drmk.sys
2013-12-11 18:22:27    1E0B4CBBA91C6B041A14ECC2186F7E24    230400    ----a-w-    C:\Windows\Sysnative\drivers\portcls.sys
2013-12-06 15:16:54    0BB97D43299910CBFBA59C461B99B910    25928    ----a-w-    C:\Windows\Sysnative\drivers\mbam.sys
====== C:\Windows\Tasks ======
2013-12-23 03:37:28    1AC2872A9933B245B6CA2CAA97D3BBC7    3342    ----a-w-    C:\Windows\Sysnative\Tasks\RealPlayerRealUpgradeScheduledTaskS-1-5-21-1959217845-2470667070-2591337386-1003
2013-12-22 19:45:29    1B0A1F0510F48B5B4CF6B3C1A75E80E1    3364    ----a-w-    C:\Windows\Sysnative\Tasks\RealDownloaderRealUpgradeScheduledTaskS-1-5-21-1959217845-2470667070-2591337386-1003
====== C:\Windows\Temp ======
======= C:\Program Files =====
======= C:\PROGRA~2 =====
2013-12-10 15:35:16    --------    d-----w-    C:\PROGRA~2\AVG
2013-12-02 08:30:13    --------    d-----w-    C:\PROGRA~2\Google
======= C: =====
2013-12-24 11:44:52    C19809220705CB3FB707346C019106E9    3359    ----a-w-    C:\runcheck.txt
====== C:\Users\newlife\AppData\Roaming ======
2013-12-22 12:55:54    --------    d-----w-    C:\Users\newlife\AppData\Roaming\DS Development
2013-12-15 15:33:36    --------    d-----w-    C:\Users\UpdatusUser\AppData\Local\temp
2013-12-15 15:33:36    --------    d-----w-    C:\Users\TEMP\AppData\Local\temp
2013-12-15 15:33:36    --------    d-----w-    C:\Users\Public\AppData\Local\temp
2013-12-15 15:33:36    --------    d-----w-    C:\Users\Default\AppData\Local\temp
2013-12-15 15:33:36    --------    d-----w-    C:\Users\Default User\AppData\Local\temp
2013-12-08 19:08:53    --------    d-----w-    C:\Users\newlife\AppData\Roaming\vlc
2013-12-02 08:36:19    --------    d-----w-    C:\Windows\sysWoW64\config\systemprofile\AppData\Local\Google
2013-11-26 16:41:54    --------    d-----w-    C:\Users\newlife\AppData\Roaming\uTorrent
====== C:\Users\newlife ======
2013-12-23 10:28:28    --------    d-----r-    C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CyberLink PowerDVD 9.6
2013-12-22 12:54:28    --------    d-----w-    C:\ProgramData\DS Development
2013-12-13 19:16:52    --------    d-----w-    C:\Users\TEMP\AppData
2013-12-13 19:16:52    --------    d-----w-    C:\Users\Public\AppData
2013-12-10 15:36:49    --------    d-----w-    C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVG

====== C: exe-files ==
2013-12-18 14:50:52    51011C8C5A10579539CF69854A018038    1275904    ----a-w-    C:\Users\newlife\Desktop\malware\Z-Analyse.exe
2013-12-18 14:50:52    51011C8C5A10579539CF69854A018038    1275904    ----a-w-    C:\Users\newlife\AppData\Local\Temp\Temp1_Z-Analyse.zip\Z-Analyse.exe
=== C: other files ==
2013-12-24 10:57:16    E1B144D2C48A16624037D35D19FE3151    81967    ----a-w-    C:\Users\newlife\AppData\Roaming\Mozilla\Firefox\Profiles\uzjkrskb.default\extensions\jid0-9XfBwUWnvPx4wWsfBWMCm4Jj69E@jetpack.xpi
2013-12-24 07:51:13    FD778931C075D078D5DBD64983591ED1    2535532    ----a-w-    C:\Users\newlife\Desktop\malware\Z-Analyse.zip

==== Startup Registry Enabled ======================

[HKEY_USERS\S-1-5-21-1959217845-2470667070-2591337386-1003\Software\Microsoft\Windows\CurrentVersion\Run]
"TrueCrypt"="C:\Program Files\TrueCrypt\TrueCrypt.exe /q preferences /a logon"
"ISUSPM"="C:\ProgramData\FLEXnet\Connect\11\ISUSPM.exe -scheduler"

[HKEY_USERS\S-1-5-21-1959217845-2470667070-2591337386-1005\Software\Microsoft\Windows\CurrentVersion\Run]
"Sidebar"="%ProgramFiles%\Windows\Sidebar.exe /autoRun"

[HKEY_USERS\S-1-5-21-1959217845-2470667070-2591337386-1005\Software\Microsoft\Windows\CurrentVersion\RunOnce]
"mctadmin"="C:\Windows\System32\mctadmin.exe"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"GrooveMonitor"="C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe"
"RoxWatchTray"="C:\Program Files (x86)\Common Files\Roxio Shared\OEM\12.0\SharedCOM\RoxWatchTray12OEM.exe"
"RemoteControl9"="C:\Program Files (x86)\CyberLink\PowerDVD9\PDVD9Serv.exe"
"PDVD9LanguageShortcut"="C:\Program Files (x86)\CyberLink\PowerDVD9\Language\Language.exe"
"DNS7reminder"="C:\Program Files (x86)\Nuance\NaturallySpeaking12\Ereg\Ereg.exe -r C:\ProgramData\Nuance\NaturallySpeaking12\Ereg.ini"
"BDRegion"="C:\Program Files (x86)\Cyberlink\Shared Files\brs.exe"
"AVG_UI"="C:\Program Files (x86)\AVG\AVG2014\avgui.exe /TRAYONLY"
"APSDaemon"="C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"
"Desktop Disc Tool"="C:\Program Files (x86)\Roxio\OEM\Roxio Burn\RoxioBurnLauncher.exe"
"Dell Webcam Central"="C:\Program Files (x86)\Dell Webcam\Dell Webcam Central\WebcamDell2.exe /mode2"
"TkBellExe"="C:\Program Files (x86)\Real\RealPlayer\update\realsched.exe  -osboot"

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"TrueCrypt"="C:\Program Files\TrueCrypt\TrueCrypt.exe /q preferences /a logon"
"ISUSPM"="C:\ProgramData\FLEXnet\Connect\11\ISUSPM.exe -scheduler"

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Windows]
"AppInit_DLLs"="C:\\Windows\\SysWOW64\\nvinit.dll"

==== Startup Registry Enabled x64 ======================

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"RTHDVCPL"="C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe -s"
"RtHDVBg"="C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe /MAXX3 "
"SynTPEnh"="%ProgramFiles%\Synaptics\SynTP\SynTPEnh.exe"
"Persistence"="C:\Windows\system32\igfxpers.exe"
"IntelPAN"="C:\Program Files\Common Files\Intel\WirelessCommon\iFrmewrk.exe /tf Intel PAN Tray"
"IgfxTray"="C:\Windows\system32\igfxtray.exe"
"HotKeysCmds"="C:\Windows\system32\hkcmd.exe"

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Windows]
"AppInit_DLLs"="C:\\Windows\\System32\\nvinitx.dll"

==== Startup Registry Disabled ======================

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run-]
"SunJavaUpdateSched"="\"C:\\Program Files (x86)\\Common Files\\Java\\Java Update\\jusched.exe\""
"TkBellExe"="\"C:\\Program Files (x86)\\Real\\RealPlayer\\update\\realsched.exe\"  -osboot"


==== Startup Registry Disabled x64 ======================

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\Adobe ARM]
"key"="SOFTWARE\\Wow6432Node\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"="Adobe ARM"
"hkey"="HKLM"
"command"="\"C:\\Program Files (x86)\\Common Files\\Adobe\\ARM\\1.0\\AdobeARM.exe\""

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\Adobe Reader Synchronizer]
"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"="Adobe Reader Synchronizer"
"hkey"="HKCU"
"command"="\"C:\\Program Files (x86)\\Adobe\\Reader 11.0\\Reader\\AdobeCollabSync.exe\""

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\AppleIEDAV]
"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"="AppleIEDAV"
"hkey"="HKCU"
"command"="C:\\Program Files (x86)\\Common Files\\Apple\\Internet Services\\AppleIEDAV.exe"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\ApplePhotoStreams]
"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"="ApplePhotoStreams"
"hkey"="HKCU"
"command"="C:\\Program Files (x86)\\Common Files\\Apple\\Internet Services\\ApplePhotoStreams.exe"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\iCloudServices]
"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"="iCloudServices"
"hkey"="HKCU"
"command"="C:\\Program Files (x86)\\Common Files\\Apple\\Internet Services\\iCloudServices.exe"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\iTunesHelper]
"key"="SOFTWARE\\Wow6432Node\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"="iTunesHelper"
"hkey"="HKLM"
"command"="\"C:\\Program Files (x86)\\iTunes\\iTunesHelper.exe\""

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\QuickTime Task]
"key"="SOFTWARE\\Wow6432Node\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"="QuickTime Task"
"hkey"="HKLM"
"command"="\"C:\\Program Files (x86)\\QuickTime\\QTTask.exe\" -atboottime"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\Skype]
"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"="Skype"
"hkey"="HKCU"
"command"="\"C:\\Program Files (x86)\\Skype\\Phone\\Skype.exe\" /minimized /regrun"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\SunJavaUpdateSched]
"key"="SOFTWARE\\Wow6432Node\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"="SunJavaUpdateSched"
"hkey"="HKLM"
"command"="\"C:\\Program Files (x86)\\Common Files\\Java\\Java Update\\jusched.exe\""

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\TkBellExe]
"key"="SOFTWARE\\Wow6432Node\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"="TkBellExe"
"hkey"="HKLM"
"command"="\"C:\\Program Files (x86)\\Real\\RealPlayer\\update\\realsched.exe\"  -osboot"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\Wallpaper Changer]
"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"="Wallpaper Changer"
"hkey"="HKCU"
"command"="C:\\Program Files (x86)\\Wallpaper Changer\\Wallpaper Changer.exe /minimized"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\Wondershare Helper Compact.exe]
"key"="SOFTWARE\\Wow6432Node\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"="Wondershare Helper Compact.exe"
"hkey"="HKLM"
"command"="C:\\Program Files (x86)\\Common Files\\Wondershare\\Wondershare Helper Compact\\WSHelper.exe"


[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupfolder]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupfolder\C:^Users^newlife^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^Dropbox.lnk]
"path"="C:\\Users\\newlife\\AppData\\Roaming\\Microsoft\\Windows\\Start Menu\\Programs\\Startup\\Dropbox.lnk"
"backup"="C:\\Windows\\pss\\Dropbox.lnk.Startup"
"backupExtension"=".Startup"
"command"="C:\\Users\\newlife\\AppData\\Roaming\\Dropbox\\bin\\Dropbox.exe /systemstartup"
"item"="Dropbox"


[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\Services]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\Services\AdobeARMservice]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\Services\AdobeFlashPlayerUpdateSvc]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\Services\Bonjour Service]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\Services\defragsvc]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\Services\DragonSvc]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\Services\Fax]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\Services\GlidePoint]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\Services\iPod Service]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\Services\Level Quality Watcher]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\Services\McAWFwk]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\Services\McMPFSvc]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\Services\mcmscsvc]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\Services\McNaiAnn]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\Services\McNASvc]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\Services\McODS]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\Services\McProxy]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\Services\mfefire]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\Services\MozillaMaintenance]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\Services\MSK80Service]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\Services\odserv]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\Services\Skype C2C Service]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\Services\SkypeUpdate]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\Services\wercplsupport]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\Services\WerSvc]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\Services\WPCSvc]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\Services\YouTubeDownloaderConverter]
 

Link to post
Share on other sites

==== Startup Folders ======================

2013-12-23 15:08:15    1058    ----a-w-    C:\Users\newlife\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk

==== Task Scheduler Jobs ======================

C:\Windows\tasks\1-Click Maintenance.job --a------ C:\Program Files (x86)\TuneUp Utilities 2007\SystemOptimizer.exe [04/27/2007 06:51 AM]
C:\Windows\tasks\Adobe Flash Player Updater.job --a------ C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [12/22/2013 10:45 AM]

==== Other Scheduled Tasks ======================

"C:\Windows\SysNative\tasks\1-Click Maintenance" [C:\Program Files (x86)\TuneUp Utilities 2007\SystemOptimizer.exe]
"C:\Windows\SysNative\tasks\Adobe Flash Player Updater" [C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe]
"C:\Windows\SysNative\tasks\CCleanerSkipUAC" ["C:\Program Files\CCleaner\CCleaner.exe"]
"C:\Windows\SysNative\tasks\RealDownloaderDownloaderScheduledTaskS-1-5-21-1959217845-2470667070-2591337386-1003" [C:\Program Files (x86)\RealNetworks\RealDownloader\recordingmanager.exe]
"C:\Windows\SysNative\tasks\RealDownloaderRealUpgradeLogonTaskS-1-5-21-1959217845-2470667070-2591337386-1003" [C:\Program Files (x86)\RealNetworks\RealDownloader\realupgrade.exe]
"C:\Windows\SysNative\tasks\RealDownloaderRealUpgradeScheduledTaskS-1-5-21-1959217845-2470667070-2591337386-1003" [C:\Program Files (x86)\RealNetworks\RealDownloader\realupgrade.exe]
"C:\Windows\SysNative\tasks\RealPlayerRealUpgradeLogonTaskS-1-5-21-1959217845-2470667070-2591337386-1003" [C:\Program Files (x86)\Real\RealUpgrade\RealUpgrade.exe]
"C:\Windows\SysNative\tasks\RealPlayerRealUpgradeScheduledTaskS-1-5-21-1959217845-2470667070-2591337386-1003" [C:\Program Files (x86)\Real\RealUpgrade\RealUpgrade.exe]
"C:\Windows\SysNative\tasks\SidebarExecute" [C:\Program Files\Windows Sidebar\sidebar.exe]
"C:\Windows\SysNative\tasks\{369559FA-22EA-425E-B0CC-ACE4EF3D0511}" [C:\Program Files (x86)\Microsoft Office\Office12\OUTLOOK.EXE]
"C:\Windows\SysNative\tasks\{C4A580DA-501D-4334-90DC-CF195721301B}" [C:\Program Files (x86)\Microsoft Office\Office12\OUTLOOK.EXE]
"C:\Windows\SysNative\tasks\{C97055F9-4AC0-478F-A342-6BE6B67F48C3}" [C:\Program Files (x86)\Microsoft Office\Office12\OUTLOOK.EXE]
"C:\Windows\SysNative\tasks\{E3079A36-8C1B-4432-AF1C-015B97F4481A}" [C:\Program Files (x86)\TuneUp Utilities 2007\Integrator.exe]
"C:\Windows\SysNative\tasks\OfficeSoftwareProtectionPlatform\SvcRestartTask" [%systemroot%\system32\sc.exe start osppsvc]

==== Firefox Extensions Registry ======================

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Mozilla\Firefox\Extensions]
"{DF153AFF-6948-45d7-AC98-4FC4AF8A08E2}"="C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\Firefox\Ext" [11/16/2013 04:14 AM]

==== Firefox Extensions ======================

ProfilePath: C:\Users\newlife\AppData\Roaming\Mozilla\Firefox\Profiles\uzjkrskb.default
- RealDownloader - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\Firefox\Ext
- DoNotTrackMe: Online Privacy Protection - %ProfilePath%\extensions\donottrackplus@abine.com
- Flash and Video Download - %ProfilePath%\extensions\{bee6eb20-01e0-ebd1-da83-080329fb9a3a}
- Self-Destructing Cookies - %ProfilePath%\extensions\jid0-9XfBwUWnvPx4wWsfBWMCm4Jj69E@jetpack.xpi
- Lightbeam - %ProfilePath%\extensions\jid1-F9UJ2thwoAm5gQ@jetpack.xpi
- QuickPasswords - %ProfilePath%\extensions\QuickPasswords@axelg.com.xpi
- Text to Voice - %ProfilePath%\extensions\text2voice@vik.josh.xpi
- TinEye Reverse Image Search - %ProfilePath%\extensions\tineye@ideeinc.com.xpi
- Twitter Disconnect - %ProfilePath%\extensions\twitter@disconnect.me.xpi
- Malware Search - %ProfilePath%\extensions\{27c60876-b5c9-4335-b4f3-52b26782220c}.xpi
- Adblock Plus - %ProfilePath%\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi

AppDir: C:\Program Files (x86)\Mozilla Firefox
- Default - %AppDir%\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}

==== Firefox Plugins ======================

Profilepath: C:\Users\newlife\AppData\Roaming\Mozilla\Firefox\Profiles\uzjkrskb.default
F891089A6AB9E12FEDEBCC5EC0F40D66    - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_9_900_170.dll -    Shockwave Flash
C2321043FA2CA4C32FF449DE6116B5D9    - C:\Windows\SysWOW64\Adobe\Director\np32dsw_1205146.dll -    Shockwave for Director / Shockwave for Director
BE126CB7049E89ED6F3038016668B502    - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlchromebrowserrecordext.dll -    RealNetworks RealDownloader Chrome Background Extension Plug-In (32-bit)
EAC427FEF96A13058C1ACD17C38966CF    - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlpepperflashvideoshim.dll -    RealNetworks RealDownloader PepperFlashVideoShim Plug-In (32-bit)
96B3689320E9B16EDF38B7A5001C35F0    - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlhtml5videoshim.dll -    RealNetworks RealDownloader HTML5VideoShim Plug-In (32-bit)
F8CB60A5ACA5D73807ECBD9942A8BCB7    - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\npdlplugin.dll -    RealDownloader Plugin


==== Chrome Look ======================

HKEY_LOCAL_MACHINE\SOFTWARE\Google\Chrome\Extensions
chgdeabpmphfhkoemjjglmilajldekbp - C:\Program Files (x86)\Wondershare\Video Converter Ultimate\SVRChromePlugin.crx[]
idhngdhcfkoamngbedgpaokgjbnpdiji - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\Chrome\Ext\realdownloader.crx[08/14/2013 03:24 PM]
mikhcaiakabeeokmenglcdebplfdjicn - C:\Program Files (x86)\Nuance\NaturallySpeaking12\Program\chromeShim.crx[02/11/2013 06:44 PM]

==== Set IE to Default ======================

Old Values:
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Start Page"="https://www.google.com/"
[HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main]
"Start Page"="http://www.google.com"
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Internet Explorer\Main]
"Start Page"="http://www.google.com"

New Values:
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Start Page"="https://www.google.com/"
[HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main]
"Start Page"="http://go.microsoft.com/fwlink/?LinkId=69157"
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Internet Explorer\Main]
"Start Page"="http://go.microsoft.com/fwlink/?LinkId=69157"

==== All HKCU SearchScopes ======================

HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes
"DefaultScope"="{4119B8F3-FC8B-4B12-9FFE-3F5B5F6A4016}"
{0633EE93-D776-472f-A0FF-E1416B8B2E3A} Bing  Url="http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE11SR"
{4119B8F3-FC8B-4B12-9FFE-3F5B5F6A4016} Google  Url="http://www.google.com/search?q={searchTerms}&sourceid=ie7&rls=com.microsoft:{language}:{referrer:source}&ie={inputEncoding?}&oe={outputEncoding?}"
{6A1806CD-94D4-4689-BA73-E35EA1EA9990} Google  Url="http://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}&ie={inputEncoding}&oe={outputEncoding}&startIndex={startIndex?}&startPage={startPage}"

==== Deleting Registry Keys ======================

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\6BA018E6E43F3A949AF3E90563067F81 deleted successfully
HKEY_LOCAL_MACHINE\Software\wow6432node\Policies\Google\Chrome\ExtensionInstallForcelist deleted successfully
HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Google\Chrome\Extensions\chgdeabpmphfhkoemjjglmilajldekbp deleted successfully
HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{6E810AB6-F34E-49A3-A93F-9E503660F718} deleted successfully
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task deleted successfully
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Wallpaper Changer deleted successfully
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Wondershare Helper Compact.exe deleted successfully

==== HijackThis Entries ======================

O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~2\MICROS~1\Office12\GR469A~1.DLL
O4 - HKLM\..\Run: [GrooveMonitor] "C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe"
O4 - HKLM\..\Run: [RoxWatchTray] "C:\Program Files (x86)\Common Files\Roxio Shared\OEM\12.0\SharedCOM\RoxWatchTray12OEM.exe"
O4 - HKLM\..\Run: [RemoteControl9] "C:\Program Files (x86)\CyberLink\PowerDVD9\PDVD9Serv.exe"
O4 - HKLM\..\Run: [PDVD9LanguageShortcut] "C:\Program Files (x86)\CyberLink\PowerDVD9\Language\Language.exe"
O4 - HKLM\..\Run: [DNS7reminder] "C:\Program Files (x86)\Nuance\NaturallySpeaking12\Ereg\Ereg.exe" -r "C:\ProgramData\Nuance\NaturallySpeaking12\Ereg.ini"
O4 - HKLM\..\Run: [bDRegion] C:\Program Files (x86)\Cyberlink\Shared Files\brs.exe
O4 - HKLM\..\Run: [AVG_UI] "C:\Program Files (x86)\AVG\AVG2014\avgui.exe" /TRAYONLY
O4 - HKLM\..\Run: [APSDaemon] "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"
O4 - HKLM\..\Run: [Desktop Disc Tool] "C:\Program Files (x86)\Roxio\OEM\Roxio Burn\RoxioBurnLauncher.exe"
O4 - HKLM\..\Run: [Dell Webcam Central] "C:\Program Files (x86)\Dell Webcam\Dell Webcam Central\WebcamDell2.exe" /mode2
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files (x86)\Real\RealPlayer\update\realsched.exe"  -osboot
O4 - HKCU\..\Run: [TrueCrypt] "C:\Program Files\TrueCrypt\TrueCrypt.exe" /q preferences /a logon
O4 - HKCU\..\Run: [iSUSPM] C:\ProgramData\FLEXnet\Connect\11\ISUSPM.exe -scheduler
O4 - HKUS\S-1-5-21-1959217845-2470667070-2591337386-1005\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'UpdatusUser')
O4 - HKUS\S-1-5-21-1959217845-2470667070-2591337386-1005\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'UpdatusUser')
O4 - Startup: Dropbox.lnk = newlife\AppData\Roaming\Dropbox\bin\Dropbox.exe

O8 - Extra context menu item: Free YouTube Download - C:\Program Files (x86)\Common Files\DVDVideoSoft\plugins\freeytvdownloader.htm
O8 - Extra context menu item: Free YouTube to MP3 Converter - C:\Program Files (x86)\Common Files\DVDVideoSoft\plugins\freeytmp3downloader.htm
O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~1\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: S&end to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~1\Office12\ONBttnIE.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~2\MICROS~1\Office12\REFIEBAR.DLL
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O15 - Trusted Zone: *.dell.com
O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\PROGRA~2\MICROS~1\Office12\GRA32A~1.DLL
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL
O20 - AppInit_DLLs: C:\Windows\SysWOW64\nvinit.dll
O23 - Service: Andrea RT Filters Service (AERTFilters) - Andrea Electronics Corporation - C:\Program Files\Realtek\Audio\HDA\AERTSr64.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: Intel® Centrino® Wireless Bluetooth® 3.0 + High Speed Service (AMPPALR3) - Intel Corporation - C:\Program Files\Intel\BluetoothHS\BTHSAmpPalService.exe
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
O23 - Service: AVGIDSAgent - AVG Technologies CZ, s.r.o. - C:\Program Files (x86)\AVG\AVG2014\avgidsagent.exe
O23 - Service: AVG WatchDog (avgwd) - AVG Technologies CZ, s.r.o. - C:\Program Files (x86)\AVG\AVG2014\avgwdsvc.exe
O23 - Service: Intel® Centrino® Wireless Bluetooth® 3.0 + High Speed Security Service (BTHSSecurityMgr) - Intel® Corporation - C:\Program Files\Intel\BluetoothHS\BTHSSecurityMgr.exe
O23 - Service: CyberLink Product - 2012/10/29 07:30:33 (CLKMSVC10_9EC60124) - CyberLink - C:\Program Files (x86)\CyberLink\PowerDVD9\NavFilter\kmsvc.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: Intel® PROSet/Wireless Event Log (EvtEng) - Intel® Corporation - C:\Program Files\Intel\WiFi\bin\EvtEng.exe
O23 - Service: HP SI Service (HPSIService) - Unknown owner - C:\Windows\system32\HPSIsvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\Windows\system32\IEEtwCollector.exe (file missing)
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: Wireless PAN DHCP Server (MyWiFiDHCPDNS) - Unknown owner - C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: NitroPDFReaderDriverCreatorReadSpool3 (NitroReaderDriverReadSpool3) - Nitro PDF Software - C:\Program Files\Common Files\Nitro\Reader\3.0\NitroPDFReaderDriverService3x64.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - Unknown owner - C:\Windows\system32\nvvsvc.exe (file missing)
O23 - Service: NVIDIA Update Service Daemon (nvUpdatusService) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: RealNetworks Downloader Resolver Service - Unknown owner - C:\Program Files (x86)\RealNetworks\RealDownloader\rndlresolversvc.exe
O23 - Service: Intel® PROSet/Wireless Registry Service (RegSrvc) - Intel® Corporation - C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
O23 - Service: RoxMediaDB12OEM - Sonic Solutions - C:\Program Files (x86)\Common Files\Roxio Shared\OEM\12.0\SharedCOM\RoxMediaDB12OEM.exe
O23 - Service: Roxio Hard Drive Watcher 12 (RoxWatch12) - Sonic Solutions - C:\Program Files (x86)\Common Files\Roxio Shared\OEM\12.0\SharedCOM\RoxWatch12OEM.exe
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: SoftThinks Agent Service (SftService) - SoftThinks SAS - C:\Program Files (x86)\Dell DataSafe Local Backup\sftservice.EXE
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: NVIDIA Stereoscopic 3D Driver Service (Stereo Service) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
O23 - Service: stllssvr - MicroVision Development, Inc. - C:\Program Files (x86)\Common Files\SureThing Shared\stllssvr.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)

==== Sysinternals Autoruns Log ======================

HKLM\System\CurrentControlSet\Services
   AERTFilters
     C:\Program Files\Realtek\Audio\HDA\AERTSr64.exe
     Andrea filters APO access service (64-bit)
     Andrea Electronics Corporation
     1.0.64.10
     c:\program files\realtek\audio\hda\aertsr64.exe
     11/17/2009 11:17 AM
   AMPPALR3
     C:\Program Files\Intel\BluetoothHS\BTHSAmpPalService.exe
     Intelr Centrinor Wireless Bluetoothr 3.0 + High Speed Virtual Adapter
     Intel Corporation
     14.2.0.5
     c:\program files\intel\bluetoothhs\bthsamppalservice.exe
     8/8/2011 9:37 AM
   Apple Mobile Device
     "C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe"
     Provides the interface to Apple mobile devices.
     Apple Inc.
     17.323.0.9
     c:\program files (x86)\common files\apple\mobile device support\applemobiledeviceservice.exe
     5/17/2012 10:06 PM
   AVGIDSAgent
     "C:\Program Files (x86)\AVG\AVG2014\avgidsagent.exe"
     Provides Identity Protection Against Cyber Crime.
     AVG Technologies CZ, s.r.o.
     14.0.0.4255
     c:\program files (x86)\avg\avg2014\avgidsagent.exe
     11/11/2013 4:02 PM
   avgwd
     "C:\Program Files (x86)\AVG\AVG2014\avgwdsvc.exe"
     AVG Watchdog Service
     AVG Technologies CZ, s.r.o.
     14.0.0.4204
     c:\program files (x86)\avg\avg2014\avgwdsvc.exe
     9/23/2013 6:33 PM
   BTHSSecurityMgr
     "C:\Program Files\Intel\BluetoothHS\BTHSSecurityMgr.exe"
     Manages the 802.1x security between two Bluetooth® High Speed connections.
     Intel® Corporation
     14.2.0.5
     c:\program files\intel\bluetoothhs\bthssecuritymgr.exe
     6/3/2011 2:51 PM
   CLKMSVC10_9EC60124
     "C:\Program Files (x86)\CyberLink\PowerDVD9\NavFilter\kmsvc.exe" /svc
     CyberLink KM Service
     CyberLink
     1.101.3916.2907
     c:\program files (x86)\cyberlink\powerdvd9\navfilter\kmsvc.exe
     3/16/2011 3:29 AM
   EvtEng
     C:\Program Files\Intel\WiFi\bin\EvtEng.exe
     Manages the event trace messages for all the Intelr PROSet/Wireless Software components.
     Intel® Corporation
     14.2.0.8
     c:\program files\intel\wifi\bin\evteng.exe
     7/27/2011 11:04 PM
   HPSIService
     C:\Windows\system32\HPSIsvc.exe
     HP Smart-Install Service
     HP
     2010.406.1.18488
     c:\windows\system32\hpsisvc.exe
     4/6/2010 2:24 PM
   MyWiFiDHCPDNS
     C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe
     Wireless PAN DHCP and DNS Server
     14.2.0.0
     c:\program files\intel\wifi\bin\pandhcpdns.exe
     7/27/2011 10:48 PM
   NitroReaderDriverReadSpool3
     "C:\Program Files\Common Files\Nitro\Reader\3.0\NitroPDFReaderDriverService3x64.exe"
     Nitro Reader Driver Read Spool 3
     Nitro PDF Software
     7.0.0.1
     c:\program files\common files\nitro\reader\3.0\nitropdfreaderdriverservice3x64.exe
     10/30/2012 10:33 AM
   NVSvc
     %SystemRoot%\system32\nvvsvc.exe
     Provides system and desktop level support to the NVIDIA display driver
     NVIDIA Corporation
     8.17.13.697
     c:\windows\system32\nvvsvc.exe
     10/2/2012 2:32 PM
   nvUpdatusService
     C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
     NVIDIA Settings Update Manager service, used to check new updates from NVIDIA server.
     NVIDIA Corporation
     1.10.8.0
     c:\program files (x86)\nvidia corporation\nvidia update core\daemonu.exe
     10/2/2012 1:00 PM
   RealNetworks Downloader Resolver Service
     "C:\Program Files (x86)\RealNetworks\RealDownloader\rndlresolversvc.exe"
     Manage different Downloader versions in RealNetworks' products.
     c:\program files (x86)\realnetworks\realdownloader\rndlresolversvc.exe
     8/14/2013 5:19 PM
   RegSrvc
     C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
     Provides registry access to all Intelr PROSet/Wireless Software components
     Intel® Corporation
     14.2.0.0
     c:\program files\common files\intel\wirelesscommon\regsrvc.exe
     7/27/2011 10:44 PM
   RoxMediaDB12OEM
     "C:\Program Files (x86)\Common Files\Roxio Shared\OEM\12.0\SharedCOM\RoxMediaDB12OEM.exe"
     Roxio RoxMediaDB12OEM Service
     Sonic Solutions
     12.2.1.47
     c:\program files (x86)\common files\roxio shared\oem\12.0\sharedcom\roxmediadb12oem.exe
     11/25/2010 7:57 AM
   RoxWatch12
     "C:\Program Files (x86)\Common Files\Roxio Shared\OEM\12.0\SharedCOM\RoxWatch12OEM.exe"
     RoxWatch12 Module
     Sonic Solutions
     12.2.1.47
     c:\program files (x86)\common files\roxio shared\oem\12.0\sharedcom\roxwatch12oem.exe
     11/25/2010 7:55 AM
   SftService
     "C:\Program Files (x86)\Dell DataSafe Local Backup\sftservice.EXE"
     SoftThinks Agent Service
     SoftThinks SAS
     1.0.82.78
     c:\program files (x86)\dell datasafe local backup\sftservice.exe
     2/15/2012 9:51 AM
   Stereo Service
     C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
     Provides system support for NVIDIA Stereoscopic 3D driver
     NVIDIA Corporation
     7.17.13.697
     c:\program files (x86)\nvidia corporation\3d vision\nvscpapisvr.exe
     10/2/2012 1:10 PM
   stllssvr
     "C:\Program Files (x86)\Common Files\SureThing Shared\stllssvr.exe"
     SureThing Labelflash Disc Printer Service Module
     MicroVision Development, Inc.
     1.2.615.0
     c:\program files (x86)\common files\surething shared\stllssvr.exe
     3/14/2009 12:19 AM
   UxTuneUp
     %SystemRoot%\System32\uxtuneup.dll
     Allows to use visual styles without Microsoft signature.
     TuneUp Software GmbH
     2.0.0.7
     c:\windows\system32\uxtuneup.dll
     12/31/1969 7:00 PM

HKLM\System\CurrentControlSet\Services
   Acceler
     system32\DRIVERS\Accelern.sys
     Accelerometer Port I/O
     ST Microelectronics
     1.0.0.6
     c:\windows\system32\drivers\accelern.sys
     12/13/2010 12:33 PM
   adp94xx
     \SystemRoot\system32\drivers\adp94xx.sys
     Adaptec Windows SAS/SATA Storport Driver
     Adaptec, Inc.
     1.6.6.4
     c:\windows\system32\drivers\adp94xx.sys
     12/5/2008 6:54 PM
   adpahci
     \SystemRoot\system32\drivers\adpahci.sys
     Adaptec Windows SATA Storport Driver
     Adaptec, Inc.
     1.6.6.1
     c:\windows\system32\drivers\adpahci.sys
     5/1/2007 12:30 PM
   adpu320
     \SystemRoot\system32\drivers\adpu320.sys
     Adaptec StorPort Ultra320 SCSI Driver (X64)
     Adaptec, Inc.
     7.2.0.0
     c:\windows\system32\drivers\adpu320.sys
     2/27/2007 7:04 PM
   aliide
     \SystemRoot\system32\drivers\aliide.sys
     ALi mini IDE Driver
     Acer Laboratories Inc.
     1.2.0.0
     c:\windows\system32\drivers\aliide.sys
     7/13/2009 6:19 PM
   amdsata
     \SystemRoot\system32\drivers\amdsata.sys
     AHCI 1.2 Device Driver
     Advanced Micro Devices
     1.1.2.5
     c:\windows\system32\drivers\amdsata.sys
     3/18/2010 7:45 PM
   amdsbs
     \SystemRoot\system32\drivers\amdsbs.sys
     AMD Technology AHCI Compatible Controller Driver for Windows - AMD64 platform
     AMD Technologies Inc.
     3.6.1540.127
     c:\windows\system32\drivers\amdsbs.sys
     3/20/2009 1:36 PM
   amdxata
     system32\drivers\amdxata.sys
     Storage Filter Driver
     Advanced Micro Devices
     1.1.2.5
     c:\windows\system32\drivers\amdxata.sys
     3/19/2010 11:18 AM
   AMPPAL
     system32\DRIVERS\AMPPAL.sys
     Intelr Centrinor Wireless Bluetoothr 3.0 + High Speed Virtual Adapter
     Windows ® Win 7 DDK provider
     14.2.0.5
     c:\windows\system32\drivers\amppal.sys
     8/8/2011 9:32 AM
   AMPPALP
     system32\DRIVERS\amppal.sys
     Intelr Centrinor Wireless Bluetoothr 3.0 + High Speed Protocol
     Windows ® Win 7 DDK provider
     14.2.0.5
     c:\windows\system32\drivers\amppal.sys
     8/8/2011 9:32 AM
   arc
     \SystemRoot\system32\drivers\arc.sys
     Adaptec RAID Storport Driver
     Adaptec, Inc.
     5.2.0.10384
     c:\windows\system32\drivers\arc.sys
     5/24/2007 4:27 PM
   arcsas
     \SystemRoot\system32\drivers\arcsas.sys
     Adaptec SAS RAID WS03 Driver
     Adaptec, Inc.
     5.2.0.16119
     c:\windows\system32\drivers\arcsas.sys
     1/14/2009 2:27 PM
   Avgdiska
     system32\DRIVERS\avgdiska.sys
     AVG File Vault Driver
     AVG Technologies CZ, s.r.o.
     14.0.0.4251
     c:\windows\system32\drivers\avgdiska.sys
     11/5/2013 3:55 PM
   AVGIDSDriver
     system32\DRIVERS\avgidsdrivera.sys
     AVG Technologies IDS Application Activity Monitor Driver
     AVG Technologies CZ, s.r.o.
     14.0.0.4250
     c:\windows\system32\drivers\avgidsdrivera.sys
     11/4/2013 3:52 PM
   AVGIDSHA
     system32\DRIVERS\avgidsha.sys
     AVG Technologies IDS Application Activity Monitor Helper Driver
     AVG Technologies CZ, s.r.o.
     14.0.0.4215
     c:\windows\system32\drivers\avgidsha.sys
     10/24/2013 3:25 PM
   Avgldx64
     system32\DRIVERS\avgldx64.sys
     AVG AVI Loader Driver
     AVG Technologies CZ, s.r.o.
     14.0.0.4219
     c:\windows\system32\drivers\avgldx64.sys
     10/31/2013 5:00 PM
   Avgloga
     system32\DRIVERS\avgloga.sys
     AVG Logging Driver
     AVG Technologies CZ, s.r.o.
     14.0.0.4219
     c:\windows\system32\drivers\avgloga.sys
     10/31/2013 4:49 PM
   Avgmfx64
     system32\DRIVERS\avgmfx64.sys
     AVG Resident Shield Minifilter Driver
     AVG Technologies CZ, s.r.o.
     14.0.0.4206
     c:\windows\system32\drivers\avgmfx64.sys
     9/30/2013 5:49 PM
   Avgrkx64
     system32\DRIVERS\avgrkx64.sys
     AVG Anti-Rootkit Driver
     AVG Technologies CZ, s.r.o.
     14.0.0.4202
     c:\windows\system32\drivers\avgrkx64.sys
     9/9/2013 5:42 PM
   Avgtdia
     system32\DRIVERS\avgtdia.sys
     AVG Network connection watcher
     AVG Technologies CZ, s.r.o.
     14.0.0.4089
     c:\windows\system32\drivers\avgtdia.sys
     8/1/2013 9:06 AM
   b06bdrv
     \SystemRoot\system32\drivers\bxvbda.sys
     Broadcom NetXtreme II GigE VBD
     Broadcom Corporation
     4.8.2.0
     c:\windows\system32\drivers\bxvbda.sys
     2/13/2009 5:18 PM
   b57nd60a
     system32\DRIVERS\b57nd60a.sys
     Broadcom NetXtreme Gigabit Ethernet NDIS6.x Unified Driver.
     Broadcom Corporation
     10.100.4.0
     c:\windows\system32\drivers\b57nd60a.sys
     4/26/2009 6:14 AM
   BrFiltLo
     \SystemRoot\system32\drivers\BrFiltLo.sys
     Windows ME USB Mass-Storage Bulk-Only Lower Filter Driver
     Brother Industries, Ltd.
     1.10.0.2
     c:\windows\system32\drivers\brfiltlo.sys
     8/6/2006 8:51 PM
   BrFiltUp
     \SystemRoot\system32\drivers\BrFiltUp.sys
     Windows ME USB Mass-Storage Bulk-Only Upper Filter Driver
     Brother Industries, Ltd.
     1.4.0.1
     c:\windows\system32\drivers\brfiltup.sys
     8/6/2006 8:51 PM
   Brserid
     \SystemRoot\System32\Drivers\Brserid.sys
     Brotehr Serial I/F Driver (WDM)
     Brother Industries Ltd.
     1.0.1.6
     c:\windows\system32\drivers\brserid.sys
     8/6/2006 8:51 PM
   BrSerWdm
     \SystemRoot\System32\Drivers\BrSerWdm.sys
     Brother Serial driver (WDM version)
     Brother Industries Ltd.
     1.0.0.20
     c:\windows\system32\drivers\brserwdm.sys
     8/6/2006 8:51 PM
   BrUsbMdm
     \SystemRoot\System32\Drivers\BrUsbMdm.sys
     Brother USB MDM Driver
     Brother Industries Ltd.
     1.0.0.12
     c:\windows\system32\drivers\brusbmdm.sys
     8/6/2006 8:51 PM
   BrUsbSer
     \SystemRoot\System32\Drivers\BrUsbSer.sys
     Brother USB Serial Driver
     Brother Industries Ltd.
     1.0.1.3
     c:\windows\system32\drivers\brusbser.sys
     8/9/2006 7:11 AM
   catchme
     \??\C:\ComboFix\catchme.sys
     File not found: C:\ComboFix\catchme.sys
     
   cmdide
     \SystemRoot\system32\drivers\cmdide.sys
     CMD PCI IDE Bus Driver
     CMD Technology, Inc.
     2.0.7.0
     c:\windows\system32\drivers\cmdide.sys
     7/13/2009 6:19 PM
   CtClsFlt
     system32\DRIVERS\CtClsFlt.sys
     Video Class Upper Filter Driver (64-bit)
     Creative Technology Ltd.
     2.0.8.0
     c:\windows\system32\drivers\ctclsflt.sys
     6/15/2009 12:06 AM
   ebdrv
     \SystemRoot\system32\drivers\evbda.sys
     Broadcom NetXtreme II 10 GigE VBD
     Broadcom Corporation
     4.8.13.0
     c:\windows\system32\drivers\evbda.sys
     12/31/2008 11:29 AM
   elxstor
     \SystemRoot\system32\drivers\elxstor.sys
     Storport Miniport Driver for LightPulse HBAs
     Emulex
     7.2.10.211
     c:\windows\system32\drivers\elxstor.sys
     2/3/2009 5:52 PM
   GEARAspiWDM
     system32\DRIVERS\GEARAspiWDM.sys
     CD DVD Filter
     GEAR Software Inc.
     2.2.3.0
     c:\windows\system32\drivers\gearaspiwdm.sys
     5/3/2012 2:56 PM
   glideusb
     system32\DRIVERS\glideusb.sys
     GlidePointr USB Filter Driver
     Cirque Corporation
     3.5.3.8
     c:\windows\system32\drivers\glideusb.sys
     3/22/2012 4:38 PM
   hcw85cir
     \SystemRoot\system32\drivers\hcw85cir.sys
     Hauppauge WinTV 885 Consumer IR Driver for eHome
     Hauppauge Computer Works, Inc.
     1.31.27127.0
     c:\windows\system32\drivers\hcw85cir.sys
     5/11/2009 3:26 AM
   HpSAMD
     \SystemRoot\system32\drivers\HpSAMD.sys
     Smart Array SAS/SATA Controller Media Driver
     Hewlett-Packard Company
     6.12.6.64
     c:\windows\system32\drivers\hpsamd.sys
     4/20/2010 1:32 PM
   iaStor
     system32\drivers\iaStor.sys
     Intel Rapid Storage Technology driver - x64
     Intel Corporation
     10.1.2.1004
     c:\windows\system32\drivers\iastor.sys
     1/12/2011 8:50 PM
   iaStorV
     \SystemRoot\system32\drivers\iaStorV.sys
     Intel Matrix Storage Manager driver - x64
     Intel Corporation
     8.6.2.1014
     c:\windows\system32\drivers\iastorv.sys
     6/10/2010 7:46 PM
   igfx
     system32\DRIVERS\igdkmd64.sys
     Intel Graphics Kernel Mode Driver
     Intel Corporation
     8.15.10.2455
     c:\windows\system32\drivers\igdkmd64.sys
     7/19/2011 4:39 PM
   iirsp
     \SystemRoot\system32\drivers\iirsp.sys
     Intel/ICP Raid Storport Driver
     Intel Corp./ICP vortex GmbH
     5.4.22.0
     c:\windows\system32\drivers\iirsp.sys
     12/13/2005 4:47 PM
   Impcd
     \SystemRoot\system32\drivers\Impcd.sys
     Intel® Turbo Boost Technology Driver
     Intel Corporation
     1.2.0.1002
     c:\windows\system32\drivers\impcd.sys
     2/26/2010 6:32 PM
   intaud_WaveExtensible
     system32\drivers\intelaud.sys
     Intelr WiDi Solution
     Intel Corporation
     3.1.27.0
     c:\windows\system32\drivers\intelaud.sys
     4/14/2012 4:16 PM
   IntcAzAudAddService
     system32\drivers\RTKVHD64.sys
     Realtek® High Definition Audio Function Driver
     Realtek Semiconductor Corp.
     6.0.1.6449
     c:\windows\system32\drivers\rtkvhd64.sys
     8/30/2011 4:24 AM
   IntcDAud
     system32\DRIVERS\IntcDAud.sys
     Intel® Display Audio Driver
     Intel® Corporation
     6.14.0.3074
     c:\windows\system32\drivers\intcdaud.sys
     10/15/2010 3:28 AM
   iwdbus
     system32\DRIVERS\iwdbus.sys
     Intelr WiDi Solution
     Intel Corporation
     3.1.27.0
     c:\windows\system32\drivers\iwdbus.sys
     4/14/2012 4:16 PM
   LSI_FC
     \SystemRoot\system32\drivers\lsi_fc.sys
     LSI Fusion-MPT FC Driver (StorPort)
     LSI Corporation
     1.28.3.52
     c:\windows\system32\drivers\lsi_fc.sys
     12/9/2008 5:46 PM
   LSI_SAS
     \SystemRoot\system32\drivers\lsi_sas.sys
     LSI Fusion-MPT SAS Driver (StorPort)
     LSI Corporation
     1.28.3.52
     c:\windows\system32\drivers\lsi_sas.sys
     5/18/2009 7:20 PM
   LSI_SAS2
     \SystemRoot\system32\drivers\lsi_sas2.sys
     LSI SAS Gen2 Driver (StorPort)
     LSI Corporation
     2.0.2.71
     c:\windows\system32\drivers\lsi_sas2.sys
     5/18/2009 7:31 PM
   LSI_SCSI
     \SystemRoot\system32\drivers\lsi_scsi.sys
     LSI Fusion-MPT SCSI Driver (StorPort)
     LSI Corporation
     1.28.3.67
     c:\windows\system32\drivers\lsi_scsi.sys
     4/16/2009 5:13 PM
   megasas
     \SystemRoot\system32\drivers\megasas.sys
     MEGASAS RAID Controller Driver for Windows 7\Server 2008 R2 for x64
     LSI Corporation
     4.5.1.64
     c:\windows\system32\drivers\megasas.sys
     5/18/2009 8:09 PM
   MegaSR
     \SystemRoot\system32\drivers\MegaSR.sys
     LSI MegaRAID Software RAID Driver
     LSI Corporation, Inc.
     13.5.409.2009
     c:\windows\system32\drivers\megasr.sys
     5/18/2009 8:25 PM
   MEIx64
     system32\DRIVERS\HECIx64.sys
     Intel® Management Engine Interface
     Intel Corporation
     7.0.0.1144
     c:\windows\system32\drivers\hecix64.sys
     10/19/2010 6:33 PM
   mvusbews
     System32\Drivers\mvusbews.sys
     USB EWS Device Driver
     Marvell Semiconductor, Inc.
     2012.1125.1.61428
     c:\windows\system32\drivers\mvusbews.sys
     11/26/2012 1:55 AM
   NETwNs64
     system32\DRIVERS\NETwNs64.sys
     Intelr Wireless WiFi Link Driver
     Intel Corporation
     14.2.0.10
     c:\windows\system32\drivers\netwns64.sys
     8/3/2011 7:28 PM
   nfrd960
     \SystemRoot\system32\drivers\nfrd960.sys
     IBM ServeRAID Controller Driver
     IBM Corporation
     7.10.0.0
     c:\windows\system32\drivers\nfrd960.sys
     6/6/2006 4:11 PM
   nusb3hub
     system32\DRIVERS\nusb3hub.sys
     USB 3.0 Hub Driver
     Renesas Electronics Corporation
     2.0.34.0
     c:\windows\system32\drivers\nusb3hub.sys
     2/10/2011 12:52 AM
   nusb3xhc
     system32\DRIVERS\nusb3xhc.sys
     USB 3.0 Host Controller Driver
     Renesas Electronics Corporation
     2.0.34.0
     c:\windows\system32\drivers\nusb3xhc.sys
     2/10/2011 12:52 AM
   NVHDA
     system32\drivers\nvhda64v.sys
     NVIDIA HDMI Audio Driver
     NVIDIA Corporation
     1.3.18.0
     c:\windows\system32\drivers\nvhda64v.sys
     7/3/2012 10:25 AM
   nvkflt
     system32\DRIVERS\nvkflt.sys
     NVIDIA Windows Kernel Mode Driver, Version 306.97
     NVIDIA Corporation
     9.18.13.697
     c:\windows\system32\drivers\nvkflt.sys
     10/2/2012 1:21 PM
   nvlddmkm
     system32\DRIVERS\nvlddmkm.sys
     NVIDIA Windows Kernel Mode Driver, Version 306.97
     NVIDIA Corporation
     9.18.13.697
     c:\windows\system32\drivers\nvlddmkm.sys
     10/2/2012 1:21 PM
   nvpciflt
     system32\DRIVERS\nvpciflt.sys
     NVIDIA Windows Kernel Mode Driver, Version 306.97
     NVIDIA Corporation
     9.18.13.697
     c:\windows\system32\drivers\nvpciflt.sys
     10/2/2012 1:21 PM
   nvraid
     \SystemRoot\system32\drivers\nvraid.sys
     NVIDIAr nForce RAID Driver
     NVIDIA Corporation
     10.6.0.18
     c:\windows\system32\drivers\nvraid.sys
     3/19/2010 3:59 PM
   nvstor
     \SystemRoot\system32\drivers\nvstor.sys
     NVIDIAr nForce Sata Performance Driver
     NVIDIA Corporation
     10.6.0.18
     c:\windows\system32\drivers\nvstor.sys
     3/19/2010 3:45 PM
   PxHlpa64
     System32\Drivers\PxHlpa64.sys
     Px Engine Device Driver for 64-bit Windows
     Sonic Solutions
     3.0.93.0
     c:\windows\system32\drivers\pxhlpa64.sys
     10/20/2009 1:08 PM
   qicflt
     system32\DRIVERS\qicflt.sys
     Win7 QicFilterDriver-64Bits
     Quanta Computer
     1.0.1404.1011
     c:\windows\system32\drivers\qicflt.sys
     7/1/2010 8:46 PM
   ql2300
     \SystemRoot\system32\drivers\ql2300.sys
     QLogic Fibre Channel Stor Miniport Driver
     QLogic Corporation
     9.1.8.6
     c:\windows\system32\drivers\ql2300.sys
     1/22/2009 6:05 PM
   ql40xx
     \SystemRoot\system32\drivers\ql40xx.sys
     QLogic iSCSI Storport Miniport Driver
     QLogic Corporation
     2.1.3.20
     c:\windows\system32\drivers\ql40xx.sys
     5/18/2009 8:18 PM
   RTL8167
     system32\DRIVERS\Rt64win7.sys
     Realtek 8136/8168/8169 NDIS 6.20 64-bit Driver                
     Realtek                                            
     7.46.610.2011
     c:\windows\system32\drivers\rt64win7.sys
     6/10/2011 1:33 AM
   secdrv
     secdrv
     Macrovision SECURITY Driver
     Macrovision Corporation, Macrovision Europe Limited, and Macrovision Japan and Asia K.K.
     4.3.86.0
     c:\windows\system32\drivers\secdrv.sys
     9/13/2006 8:18 AM
   Serial
     \SystemRoot\system32\drivers\serial.sys
     Brotehr Serial I/F Driver (WDM)
     Brother Industries Ltd.
     6.1.7600.16385
     c:\windows\system32\drivers\serial.sys
     7/13/2009 7:00 PM
   SiSRaid2
     \SystemRoot\system32\drivers\SiSRaid2.sys
     SiS RAID Stor Miniport Driver
     Silicon Integrated Systems Corp.
     5.1.1039.2600
     c:\windows\system32\drivers\sisraid2.sys
     9/24/2008 1:28 PM
   SiSRaid4
     \SystemRoot\system32\drivers\sisraid4.sys
     SiS AHCI Stor-Miniport Driver
     Silicon Integrated Systems
     5.1.1039.3600
     c:\windows\system32\drivers\sisraid4.sys
     10/1/2008 4:56 PM
   stexstor
     \SystemRoot\system32\drivers\stexstor.sys
     Promise  SuperTrak EX Series Driver for Windows
     Promise Technology
     5.0.1.1
     c:\windows\system32\drivers\stexstor.sys
     2/17/2009 6:03 PM
   SynTP
     system32\DRIVERS\SynTP.sys
     Synaptics Touchpad Driver
     Synaptics Incorporated
     15.1.15.0
     c:\windows\system32\drivers\syntp.sys
     9/23/2010 6:49 PM
   truecrypt
     System32\drivers\truecrypt.sys
     TrueCrypt Driver
     TrueCrypt Foundation
     7.1.1.0
     c:\windows\system32\drivers\truecrypt.sys
     2/7/2012 4:09 AM
   USBAAPL64
     System32\Drivers\usbaapl64.sys
     Apple Mobile Device USB Driver
     Apple, Inc.
     1.64.0.0
     c:\windows\system32\drivers\usbaapl64.sys
     11/27/2012 6:38 PM
   viaide
     \SystemRoot\system32\drivers\viaide.sys
     VIA Generic PCI IDE Bus Driver
     VIA Technologies, Inc.
     6.0.6000.170
     c:\windows\system32\drivers\viaide.sys
     7/13/2009 6:19 PM
   vsmraid
     \SystemRoot\system32\drivers\vsmraid.sys
     VIA RAID DRIVER FOR AMD-X86-64
     VIA Technologies Inc.,Ltd
     6.0.6000.6210
     c:\windows\system32\drivers\vsmraid.sys
     1/30/2009 8:18 PM
   XHCIPort
     system32\DRIVERS\XHCIPort.sys
     xHCIport.sys
     Windows ® Win 7 DDK provider
     1.0.20.12466
     c:\windows\system32\drivers\xhciport.sys
     7/26/2012 3:54 AM

HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify
   igfxcui
     igfxdev.dll
     igfxdev Module
     Intel Corporation
     8.15.10.2455
     c:\windows\system32\igfxdev.dll
     7/19/2011 4:11 PM
 

Link to post
Share on other sites

HKLM\SYSTEM\CurrentControlSet\Control\Print\Monitors
   HP1100LM
     HP1100LM.DLL
     Marvell Printer Language Monitor
     2012.831.1.57034
     c:\windows\system32\hp1100lm.dll
     8/31/2012 2:03 AM
   Nitro PDF Port Monitor
     nitrolocalmon2.dll
     Windows NT Nitro Print PDF Interface Driver
     Nitro PDF Software
     7.0.0.1
     c:\windows\system32\nitrolocalmon2.dll
     10/30/2012 10:41 AM
   PrimoMon
     Primomonnt.dll
     c:\windows\system32\primomonnt.dll
     8/9/2006 4:38 PM

HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows\Appinit_Dlls
   C:\Windows\System32\nvinitx.dll
     NVIDIA shim initialization dll, Version 306.97
     NVIDIA Corporation
     9.18.13.697
     c:\windows\system32\nvinitx.dll
     10/2/2012 1:27 PM

HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows NT\CurrentVersion\Windows\Appinit_Dlls
   C:\Windows\SysWOW64\nvinit.dll
     NVIDIA shim initialization dll, Version 306.97
     NVIDIA Corporation
     9.18.13.697
     c:\windows\syswow64\nvinit.dll
     10/2/2012 1:26 PM

HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run
   RTHDVCPL
     C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe -s
     Realtek HD Audio Manager
     Realtek Semiconductor
     1.0.0.134
     c:\program files\realtek\audio\hda\rtkngui64.exe
     8/30/2011 1:24 AM
   RtHDVBg
     C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe /MAXX3
     HD Audio Background Process
     Realtek Semiconductor
     1.0.0.75
     c:\program files\realtek\audio\hda\ravbg64.exe
     8/16/2011 1:54 AM
   SynTPEnh
     %ProgramFiles%\Synaptics\SynTP\SynTPEnh.exe
     Synaptics TouchPad Enhancements
     Synaptics Incorporated
     15.1.15.0
     c:\program files\synaptics\syntp\syntpenh.exe
     9/23/2010 7:20 PM
   Persistence
     C:\Windows\system32\igfxpers.exe
     persistence Module
     Intel Corporation
     8.15.10.2455
     c:\windows\system32\igfxpers.exe
     7/19/2011 4:11 PM
   IntelPAN
     "C:\Program Files\Common Files\Intel\WirelessCommon\iFrmewrk.exe" /tf Intel PAN Tray
     Intel® PROSet/Wireless Framework
     Intel® Corporation
     14.2.0.0
     c:\program files\common files\intel\wirelesscommon\ifrmewrk.exe
     7/27/2011 10:51 PM
   IgfxTray
     C:\Windows\system32\igfxtray.exe
     igfxTray Module
     Intel Corporation
     8.15.10.2455
     c:\windows\system32\igfxtray.exe
     7/19/2011 4:12 PM
   HotKeysCmds
     C:\Windows\system32\hkcmd.exe
     hkcmd Module
     Intel Corporation
     8.15.10.2455
     c:\windows\system32\hkcmd.exe
     7/19/2011 4:11 PM

HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run
   RoxWatchTray
     "C:\Program Files (x86)\Common Files\Roxio Shared\OEM\12.0\SharedCOM\RoxWatchTray12OEM.exe"
     RoxMMTrayApp Module
     Sonic Solutions
     12.2.1.47
     c:\program files (x86)\common files\roxio shared\oem\12.0\sharedcom\roxwatchtray12oem.exe
     11/25/2010 8:07 AM
   RemoteControl9
     "C:\Program Files (x86)\CyberLink\PowerDVD9\PDVD9Serv.exe"
     PowerDVD RC Service
     CyberLink Corp.
     9.0.3401.0
     c:\program files (x86)\cyberlink\powerdvd9\pdvd9serv.exe
     10/1/2010 3:55 AM
   PDVD9LanguageShortcut
     "C:\Program Files (x86)\CyberLink\PowerDVD9\Language\Language.exe"
     PowerDVD Language Application
     CyberLink Corp.
     1.0.5717.0
     c:\program files (x86)\cyberlink\powerdvd9\language\language.exe
     9/17/2010 5:59 AM
   DNS7reminder
     "C:\Program Files (x86)\Nuance\NaturallySpeaking12\Ereg\Ereg.exe" -r "C:\ProgramData\Nuance\NaturallySpeaking12\Ereg.ini"
     Ereg
     Nuance Communications, Inc.
     5.2.0.5
     c:\program files (x86)\nuance\naturallyspeaking12\ereg\ereg.exe
     10/27/2010 4:44 AM
   BDRegion
     C:\Program Files (x86)\Cyberlink\Shared Files\brs.exe
     brs
     cyberlink
     3.2010.200.5609
     c:\program files (x86)\cyberlink\shared files\brs.exe
     8/9/2011 8:46 AM
   AVG_UI
     "C:\Program Files (x86)\AVG\AVG2014\avgui.exe" /TRAYONLY
     AVG User Interface
     AVG Technologies CZ, s.r.o.
     14.0.0.4253
     c:\program files (x86)\avg\avg2014\avgui.exe
     11/7/2013 4:03 PM
   APSDaemon
     "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"
     Apple Push
     Apple Inc.
     2.2.9.2
     c:\program files (x86)\common files\apple\apple application support\apsdaemon.exe
     4/16/2013 10:13 PM
   Desktop Disc Tool
     "C:\Program Files (x86)\Roxio\OEM\Roxio Burn\RoxioBurnLauncher.exe"
     Roxio Burn Launcher
     1.80.7.0
     c:\program files (x86)\roxio\oem\roxio burn\roxioburnlauncher.exe
     11/17/2010 1:31 PM
   Dell Webcam Central
     "C:\Program Files (x86)\Dell Webcam\Dell Webcam Central\WebcamDell2.exe" /mode2
     WebcamDell2.exe
     Creative Technology Ltd
     1.0.24.0
     c:\program files (x86)\dell webcam\dell webcam central\webcamdell2.exe
     6/24/2009 3:21 AM
   TkBellExe
     "C:\Program Files (x86)\Real\RealPlayer\update\realsched.exe"  -osboot
     RealNetworks Scheduler
     RealNetworks, Inc.
     16.0.3.51
     c:\program files (x86)\real\realplayer\update\realsched.exe
     8/14/2013 7:12 PM

C:\Users\newlife\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
   Dropbox.lnk
     C:\Users\newlife\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk
     Dropbox
     Dropbox, Inc.
     2.0.22.0
     c:\users\newlife\appdata\roaming\dropbox\bin\dropbox.exe
     4/5/2013 3:44 PM

HKCU\Software\Microsoft\Windows\CurrentVersion\Run
   TrueCrypt
     "C:\Program Files\TrueCrypt\TrueCrypt.exe" /q preferences /a logon
     TrueCrypt
     TrueCrypt Foundation
     7.1.1.0
     c:\program files\truecrypt\truecrypt.exe
     2/7/2012 4:09 AM
   ISUSPM
     C:\ProgramData\FLEXnet\Connect\11\ISUSPM.exe -scheduler
     Common Software Manager
     Flexera Software LLC.
     13.0.0.43575
     c:\programdata\flexnet\connect\11\isuspm.exe
     10/12/2011 11:10 PM

Task Scheduler
   \1-Click Maintenance
     "C:\Program Files (x86)\TuneUp Utilities 2007\SystemOptimizer.exe" /schedulestart
     TuneUp System Optimizer
     TuneUp Software GmbH
     6.0.2200.230
     c:\program files (x86)\tuneup utilities 2007\systemoptimizer.exe
     6/19/1992 5:22 PM
   \Adobe Flash Player Updater
     "C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe"
     Adober Flashr Player Update Service 11.9 r900
     Adobe Systems Incorporated
     11.9.900.170
     c:\windows\syswow64\macromed\flash\flashplayerupdateservice.exe
     12/1/2013 1:09 PM
   \CCleanerSkipUAC
     "C:\Program Files\CCleaner\CCleaner.exe" $(Arg0)
     CCleaner
     Piriform Ltd
     4.9.0.4471
     c:\program files\ccleaner\ccleaner.exe
     12/13/2013 10:35 AM
   \RealDownloaderDownloaderScheduledTaskS-1-5-21-1959217845-2470667070-2591337386-1003
     "C:\Program Files (x86)\RealNetworks\RealDownloader\recordingmanager.exe" /bgrecordaliveevent
     RealDownloader
     RealNetworks, Inc.
     1.3.3.66
     c:\program files (x86)\realnetworks\realdownloader\recordingmanager.exe
     8/14/2013 5:19 PM
   \RealDownloaderRealUpgradeLogonTaskS-1-5-21-1959217845-2470667070-2591337386-1003
     "C:\Program Files (x86)\RealNetworks\RealDownloader\realupgrade.exe" /logoncheck
     RealUpgrade Launcher
     RealNetworks, Inc.
     1.3.3.66
     c:\program files (x86)\realnetworks\realdownloader\realupgrade.exe
     8/14/2013 5:19 PM
   \RealDownloaderRealUpgradeScheduledTaskS-1-5-21-1959217845-2470667070-2591337386-1003
     "C:\Program Files (x86)\RealNetworks\RealDownloader\realupgrade.exe" /scheduledcheck
     RealUpgrade Launcher
     RealNetworks, Inc.
     1.3.3.66
     c:\program files (x86)\realnetworks\realdownloader\realupgrade.exe
     8/14/2013 5:19 PM
   \RealPlayerRealUpgradeLogonTaskS-1-5-21-1959217845-2470667070-2591337386-1003
     "C:\Program Files (x86)\Real\RealUpgrade\RealUpgrade.exe" /logoncheck
     RealUpgrade Launcher
     RealNetworks, Inc.
     16.0.3.51
     c:\program files (x86)\real\realupgrade\realupgrade.exe
     8/14/2013 7:13 PM
   \RealPlayerRealUpgradeScheduledTaskS-1-5-21-1959217845-2470667070-2591337386-1003
     "C:\Program Files (x86)\Real\RealUpgrade\RealUpgrade.exe" /scheduledcheck
     RealUpgrade Launcher
     RealNetworks, Inc.
     16.0.3.51
     c:\program files (x86)\real\realupgrade\realupgrade.exe
     8/14/2013 7:13 PM
   \{E3079A36-8C1B-4432-AF1C-015B97F4481A}
     "C:\Program Files (x86)\TuneUp Utilities 2007\Integrator.exe"
     TuneUp Utilities Start Center
     TuneUp Software GmbH
     6.0.2200.230
     c:\program files (x86)\tuneup utilities 2007\integrator.exe
     6/19/1992 5:22 PM
   \Microsoft\Windows\NetTrace\GatherNetworkInfo
     "%windir%\system32\gatherNetworkInfo.vbs"
     c:\windows\system32\gathernetworkinfo.vbs
     6/10/2009 3:36 PM

HKCU\Software\Classes\*\ShellEx\ContextMenuHandlers
   DropboxExt
     HKCR\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}
     Dropbox Shell Extension
     Dropbox, Inc.
     1.0.0.19
     c:\users\newlife\appdata\roaming\dropbox\bin\dropboxext64.19.dll
     3/28/2013 2:43 PM

HKLM\Software\Classes\*\ShellEx\ContextMenuHandlers
   AVG Shell Extension
     HKCR\CLSID\{9F97547E-4609-42C5-AE0C-81C61FFAEBC3}
     AVG Shell Extension
     AVG Technologies CZ, s.r.o.
     14.0.0.4208
     c:\program files (x86)\avg\avg2014\avgsea.dll
     10/7/2013 5:54 PM
   PhotoStreamsExt
     HKCR\CLSID\{89D984B3-813B-406A-8298-118AFA3A22AE}
     Apple Photostreams UI Shell Extension
     Apple Inc.
     7.12.44.1
     c:\program files\common files\apple\internet services\shellstreams64.dll
     9/15/2013 4:28 PM
   TuneUp Shredder Shell Extension
     HKCR\CLSID\{4858E7D9-8E12-45a3-B6A3-1CD128C9D403}
     TuneUp Shredder Shell Extension
     TuneUp Software GmbH
     2.0.0.4
     c:\program files (x86)\tuneup utilities 2007\sdshelex-x64.dll
     12/31/1969 7:00 PM

HKLM\Software\Wow6432Node\Classes\*\ShellEx\ContextMenuHandlers
   AVG Shell Extension
     HKCR\CLSID\{9F97547E-4609-42C5-AE0C-81C61FFAEBC3}
     AVG Shell Extension
     AVG Technologies CZ, s.r.o.
     14.0.0.4208
     c:\program files (x86)\avg\avg2014\avgse.dll
     10/7/2013 6:38 PM
   PhotoStreamsExt
     HKCR\CLSID\{89D984B3-813B-406A-8298-118AFA3A22AE}
     Apple Photostreams UI Shell Extension
     Apple Inc.
     7.12.44.1
     c:\program files (x86)\common files\apple\internet services\shellstreams.dll
     9/15/2013 4:30 PM
   TuneUp Shredder Shell Extension
     HKCR\CLSID\{4858E7D9-8E12-45a3-B6A3-1CD128C9D403}
     TuneUp Shredder Shell Extension
     TuneUp Software GmbH
     2.0.0.4
     c:\program files (x86)\tuneup utilities 2007\sdshelex-win32.dll
     12/31/1969 7:00 PM

HKLM\Software\Classes\AllFileSystemObjects\ShellEx\ContextMenuHandlers
   MBAMShlExt
     HKCR\CLSID\{57CE581A-0CB6-4266-9CA0-19364C90A0B3}
     Malwarebytes Anti-Malware
     Malwarebytes Corporation
     1.70.0.0
     c:\program files (x86)\malwarebytes' anti-malware\mbamext.dll
     2/28/2013 3:39 PM

HKCU\Software\Classes\Directory\ShellEx\ContextMenuHandlers
   DropboxExt
     HKCR\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}
     Dropbox Shell Extension
     Dropbox, Inc.
     1.0.0.19
     c:\users\newlife\appdata\roaming\dropbox\bin\dropboxext64.19.dll
     3/28/2013 2:43 PM

HKLM\Software\Classes\Directory\ShellEx\ContextMenuHandlers
   TuneUp Shredder Shell Extension
     HKCR\CLSID\{4858E7D9-8E12-45a3-B6A3-1CD128C9D403}
     TuneUp Shredder Shell Extension
     TuneUp Software GmbH
     2.0.0.4
     c:\program files (x86)\tuneup utilities 2007\sdshelex-x64.dll
     12/31/1969 7:00 PM

HKLM\Software\Wow6432Node\Classes\Directory\ShellEx\ContextMenuHandlers
   TuneUp Shredder Shell Extension
     HKCR\CLSID\{4858E7D9-8E12-45a3-B6A3-1CD128C9D403}
     TuneUp Shredder Shell Extension
     TuneUp Software GmbH
     2.0.0.4
     c:\program files (x86)\tuneup utilities 2007\sdshelex-win32.dll
     12/31/1969 7:00 PM

HKCU\Software\Classes\Directory\Background\ShellEx\ContextMenuHandlers
   DropboxExt
     HKCR\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}
     Dropbox Shell Extension
     Dropbox, Inc.
     1.0.0.19
     c:\users\newlife\appdata\roaming\dropbox\bin\dropboxext64.19.dll
     3/28/2013 2:43 PM

HKLM\Software\Classes\Directory\Background\ShellEx\ContextMenuHandlers
   igfxcui
     HKCR\CLSID\{3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4}
     igfxpph Module
     Intel Corporation
     8.15.10.2455
     c:\windows\system32\igfxpph.dll
     7/19/2011 4:11 PM
   NvCplDesktopContext
     HKCR\CLSID\{3D1975AF-48C6-4f8e-A182-BE0E08FA86A9}
     NVIDIA Corporation
     1.2.0.1
     c:\windows\system32\nvshext.dll
     10/2/2012 2:33 PM

HKLM\Software\Wow6432Node\Classes\Folder\Shellex\ColumnHandlers
   PDF Shell Extension
     HKCR\CLSID\{F9DB5320-233E-11D1-9F84-707F02C10627}
     PDF Shell Extension
     Adobe Systems, Inc.
     11.0.3.37
     c:\program files (x86)\common files\adobe\acrobat\activex\pdfshell.dll
     5/11/2013 4:34 AM

HKLM\Software\Classes\Folder\ShellEx\ContextMenuHandlers
   AVG Shell Extension
     HKCR\CLSID\{9F97547E-4609-42C5-AE0C-81C61FFAEBC3}
     AVG Shell Extension
     AVG Technologies CZ, s.r.o.
     14.0.0.4208
     c:\program files (x86)\avg\avg2014\avgsea.dll
     10/7/2013 5:54 PM
   MBAMShlExt
     HKCR\CLSID\{57CE581A-0CB6-4266-9CA0-19364C90A0B3}
     Malwarebytes Anti-Malware
     Malwarebytes Corporation
     1.70.0.0
     c:\program files (x86)\malwarebytes' anti-malware\mbamext.dll
     2/28/2013 3:39 PM

HKLM\Software\Wow6432Node\Classes\Folder\ShellEx\ContextMenuHandlers
   AVG Shell Extension
     HKCR\CLSID\{9F97547E-4609-42C5-AE0C-81C61FFAEBC3}
     AVG Shell Extension
     AVG Technologies CZ, s.r.o.
     14.0.0.4208
     c:\program files (x86)\avg\avg2014\avgse.dll
     10/7/2013 6:38 PM

HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers
   DropboxExt1
     HKCR\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}
     Dropbox Shell Extension
     Dropbox, Inc.
     1.0.0.19
     c:\users\newlife\appdata\roaming\dropbox\bin\dropboxext64.19.dll
     3/28/2013 2:43 PM
   DropboxExt2
     HKCR\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}
     Dropbox Shell Extension
     Dropbox, Inc.
     1.0.0.19
     c:\users\newlife\appdata\roaming\dropbox\bin\dropboxext64.19.dll
     3/28/2013 2:43 PM
   DropboxExt3
     HKCR\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}
     Dropbox Shell Extension
     Dropbox, Inc.
     1.0.0.19
     c:\users\newlife\appdata\roaming\dropbox\bin\dropboxext64.19.dll
     3/28/2013 2:43 PM
   DropboxExt4
     HKCR\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}
     Dropbox Shell Extension
     Dropbox, Inc.
     1.0.0.19
     c:\users\newlife\appdata\roaming\dropbox\bin\dropboxext64.19.dll
     3/28/2013 2:43 PM

HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers
   DropboxExt1
     HKCR\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}
     Dropbox Shell Extension
     Dropbox, Inc.
     1.0.0.19
     c:\users\newlife\appdata\roaming\dropbox\bin\dropboxext.19.dll
     3/28/2013 2:43 PM
   DropboxExt2
     HKCR\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}
     Dropbox Shell Extension
     Dropbox, Inc.
     1.0.0.19
     c:\users\newlife\appdata\roaming\dropbox\bin\dropboxext.19.dll
     3/28/2013 2:43 PM
   DropboxExt3
     HKCR\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}
     Dropbox Shell Extension
     Dropbox, Inc.
     1.0.0.19
     c:\users\newlife\appdata\roaming\dropbox\bin\dropboxext.19.dll
     3/28/2013 2:43 PM
   DropboxExt4
     HKCR\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}
     Dropbox Shell Extension
     Dropbox, Inc.
     1.0.0.19
     c:\users\newlife\appdata\roaming\dropbox\bin\dropboxext.19.dll
     3/28/2013 2:43 PM

HKLM\Software\Microsoft\Windows NT\CurrentVersion\Drivers32
   msacm.l3acm
     C:\Windows\System32\l3codeca.acm
     MPEG Layer-3 Audio Codec for MSACM
     Fraunhofer Institut Integrierte Schaltungen IIS
     1.9.0.401
     c:\windows\system32\l3codeca.acm
     7/13/2009 8:28 PM
   vidc.tscc
     C:\Windows\SysWOW64\tsccvid64.dll
     TechSmith Screen Capture Codec
     TechSmith Corporation
     3.1.12331.1
     c:\windows\syswow64\tsccvid64.dll
     11/26/2012 11:57 PM
   vidc.tsc2
     C:\Windows\SysWOW64\tsc2_codec64.dll
     TechSmith Screen Codec 2
     TechSmith Corporation
     1.0.6.0
     c:\windows\syswow64\tsc2_codec64.dll
     11/26/2012 6:20 PM

HKLM\Software\Wow6432Node\Microsoft\Windows NT\CurrentVersion\Drivers32
   msacm.l3acm
     l3codeca.acm
     MPEG Layer-3 Audio Codec for MSACM
     Fraunhofer Institut Integrierte Schaltungen IIS
     1.9.0.401
     c:\windows\syswow64\l3codeca.acm
     7/13/2009 8:06 PM
   vidc.cvid
     iccvid.dll
     Cinepakr Codec
     Radius Inc.
     1.10.0.13
     c:\windows\syswow64\iccvid.dll
     11/20/2010 6:59 AM
   msacm.pspgru
     pspgru.acm
     PSPGRU
     Philips Austria GmbH - Speech Processing
     14.0.230.20
     c:\windows\syswow64\pspgru.acm
     3/22/2010 4:31 AM
   vidc.tscc
     C:\Windows\SysWOW64\tsccvid.dll
     TechSmith Screen Capture Codec
     TechSmith Corporation
     3.1.12331.1
     c:\windows\syswow64\tsccvid.dll
     11/26/2012 11:57 PM
   vidc.tsc2
     C:\Windows\SysWOW64\tsc2_codec32.dll
     TechSmith Screen Codec 2
     TechSmith Corporation
     1.0.6.0
     c:\windows\syswow64\tsc2_codec32.dll
     11/26/2012 6:19 PM

HKLM\Software\Classes\CLSID\{083863F1-70DE-11d0-BD40-00A0C911CE86}\Instance
   WD Secure Source Filter
     HKCR\CLSID\{017D800B-03E0-437C-8DBB-D323B7742201}
     Intelr WiDi Secure Video Source Filter.
     Intel Corporation
     3.5.34.0
     c:\program files\intel corporation\intel widi\wdsecuresourcefilter.dll
     8/9/2012 9:26 PM
   DS Video Buffer Filter
     HKCR\CLSID\{235AC8DB-C868-4DB4-ADF8-AF7DFA7A7917}
     WiDiAgent.dll COM object.
     Intel Corporation
     3.5.34.0
     c:\program files\intel corporation\intel widi\dsbuffer_video.ax
     8/9/2012 9:26 PM
   Intelr AAC encoder
     HKCR\CLSID\{7B6B74F8-7F23-4EFD-8E6B-3355047ECA6E}
     c:\program files\intel corporation\intel widi\intelaac.dll
     8/9/2012 9:25 PM
   Intelr Mux Renderer
     HKCR\CLSID\{90AFC55A-B693-4425-8B8E-758518C9922B}
     Intel® TS Mux / Network Renderer
     Intel Corporation
     3.5.34.0
     c:\program files\intel corporation\intel widi\intelmux.dll
     8/9/2012 9:26 PM
   WD Audio Filter
     HKCR\CLSID\{D1802B27-3F23-4E2E-8D82-D7B503D478F7}
     WiDi Audio Source Filter.
     Intel Corporation
     3.5.34.0
     c:\program files\intel corporation\intel widi\wdaudiofilter.dll
     8/9/2012 9:26 PM
   WDSource Filter
     HKCR\CLSID\{E61493B8-581A-4F7F-A8B2-8ECE783DE44B}
     WiDi Video Source Filter.
     Intel Corporation
     3.5.34.0
     c:\program files\intel corporation\intel widi\wdsourcefilter.dll
     8/9/2012 9:26 PM
   WD Silence Filter
     HKCR\CLSID\{EA44F73E-1D2F-42ED-BA88-D0F95078725E}
     c:\program files\intel corporation\intel widi\wdsilencefilter.dll
     8/9/2012 9:24 PM
   IntelrWiDi H264 encoder
     HKCR\CLSID\{FB852B8D-3BAC-4413-AE8B-E7FF8F3FCA41}
     c:\program files\intel corporation\intel widi\h264hwenc.dll
     8/9/2012 9:24 PM

HKLM\Software\Wow6432Node\Classes\CLSID\{083863F1-70DE-11d0-BD40-00A0C911CE86}\Instance
   CyberLink AVCHD Navigator
     HKCR\CLSID\{0205D263-772D-4317-8FD8-B564D907E5F0}
     CLBDROMNav
     cyberlink
     2.0.0.3405
     c:\program files (x86)\cyberlink\powerdvd9\navfilter\clavchdnav.ax
     10/5/2009 5:13 AM
   CyberLink Audio Effect (PDVD9)
     HKCR\CLSID\{040563EE-5702-4F21-BC8D-83FC75CD3EC1}
     CyberLink Audio Effect Filter
     CyberLink Corporation
     6.0.0.8417
     c:\program files (x86)\cyberlink\powerdvd9\audiofilter\claudfx.ax
     12/16/2010 10:27 PM
   Vorbis Decode Filter
     HKCR\CLSID\{05A1D945-A794-44EF-B41A-2F851A117155}
     ogg DShow filters
     0.80.15035.0
     c:\program files (x86)\common files\roxio shared\ogg_flac codecs\dsfvorbisdecoder.dll
     7/21/2008 9:16 AM
   ROXIO VCFDvrSupport 3.0
     HKCR\CLSID\{067D5BA6-D520-4F27-8EF7-A05F626C2402}
     DVR support filter
     Sonic Solutions
     12.2.1.71
     c:\program files (x86)\roxio\oem\videocore 12\dvrsupportfilt.ax
     11/25/2010 10:14 AM
   ROXIO Image/Colour Source 3.0
     HKCR\CLSID\{0771AAF1-195E-4504-9BD2-1488C367EC24}
     CrossGraphEx.ax
     Sonic Solutions
     12.2.1.71
     c:\program files (x86)\roxio\oem\videocore 12\roxvideo.ax
     11/25/2010 10:13 AM
   Roxio MPEG2 Encoder
     HKCR\CLSID\{0855712D-0853-4185-B1E1-6233B8BDB3BB}
     ROXIO MPEG2 Codec
     Sonic Solutions
     12.2.0.28
     c:\program files (x86)\common files\roxio shared\oem\12.0\mpeg\mpeg2vidcodec.dll
     11/24/2010 5:40 PM
   VCG Null Renderer 3.0
     HKCR\CLSID\{086C10CB-8FF9-4172-89D0-2DFDADFDB2BF}
     VideoCompositing Module
     Sonic Solutions
     12.2.1.71
     c:\program files (x86)\roxio\oem\videocore 12\videocompositing.ax
     11/25/2010 10:39 AM
   ROXIO WAV Dest 3.0
     HKCR\CLSID\{09D3CC61-28F6-4ef6-A1E2-8577301E4DCC}
     Roxio Audio Filters
     Sonic Solutions
     10.0.0.0
     c:\program files (x86)\roxio\oem\videocore 12\roxaudio.ax
     11/25/2010 10:03 AM
   ROXIO Raw Writer
     HKCR\CLSID\{0A1850C4-A6D2-47B6-8CEF-44EB63CB3498}
     ROXIO Raw Writer
     Sonic Solutions
     12.2.0.28
     c:\program files (x86)\common files\roxio shared\oem\12.0\mpeg\mgirawwriter.dll
     11/24/2010 5:34 PM
   ROXIO Scene Detector 3.0
     HKCR\CLSID\{0B768EF8-131B-4DA5-9F5C-79B73AA5670E}
     CrossGraphEx.ax
     Sonic Solutions
     12.2.1.71
     c:\program files (x86)\roxio\oem\videocore 12\roxvideo.ax
     11/25/2010 10:13 AM
   Roxio Plasma CrossGraph Renderer
     HKCR\CLSID\{0BB43C33-1278-408A-8B4F-2831CFEADA6F}
     MGICGFilter.ax
     Sonic Solutions
     12.2.1.71
     c:\program files (x86)\roxio\oem\videocore 12\plasmacgfilter.ax
     11/25/2010 10:35 AM
   RealPlayer Video Filter
     HKCR\CLSID\{0C392235-EB18-41CC-8EAD-59B9A6D58DBF}
     Audio Filter Plugin
     RealNetworks, Inc.
     16.0.3.51
     c:\program files (x86)\real\realplayer\rdsf3260.dll
     8/14/2013 7:14 PM
   ROXIO Video Resampler 3.0
     HKCR\CLSID\{0EED5CCF-7A6F-4BC2-8B6A-19BB731D2F6D}
     CrossGraphEx.ax
     Sonic Solutions
     12.2.1.71
     c:\program files (x86)\roxio\oem\videocore 12\roxvideo.ax
     11/25/2010 10:13 AM
   CyberLink Digest Filter (PDVD9)
     HKCR\CLSID\{16548718-84CB-41FE-9B5E-B793BBF8E6E5}
     DigestFilter Dynamic Link Library
     1.0.0.3314
     c:\program files (x86)\cyberlink\powerdvd9\digestfilter.dll
     9/13/2009 9:21 PM
   CyberLink TimeStretch Filter (PDVD9)
     HKCR\CLSID\{1720988D-B66C-4A94-9E63-7A377E44F7C9}
     CLAuTS.ax
     CyberLink Corp.
     2.0.0.3404
     c:\program files (x86)\cyberlink\powerdvd9\audiofilter\clauts.ax
     10/3/2010 10:39 PM
   ROXIO Audio Source 3.0
     HKCR\CLSID\{1B519CC3-CD9E-437F-A4C2-889DC8D3185F}
     Roxio Audio Filters
     Sonic Solutions
     10.0.0.0
     c:\program files (x86)\roxio\oem\videocore 12\roxaudio.ax
     11/25/2010 10:03 AM
   roxio DCFilters Subpicture Mixer 10
     HKCR\CLSID\{22C77326-56D9-4208-ACEF-E231B7A5006B}
     roxio DiscCopier DirectShow Filter Collection
     Sonic Solutions
     12.2.0.59
     c:\program files (x86)\common files\roxio shared\oem\12.0\dllshared\dcfilters12oem.dll
     11/25/2010 9:51 AM
   VCGImageSource
     HKCR\CLSID\{29CFC97E-8AB4-499A-9619-5A043DFF90C5}
     VideoCompositing Module
     Sonic Solutions
     12.2.1.71
     c:\program files (x86)\roxio\oem\videocore 12\videocompositing.ax
     11/25/2010 10:39 AM
   Roxio MPEG1 Audio Encoder
     HKCR\CLSID\{2A651B91-A75A-416E-A4A5-6FAD7A4A2E11}
     ROXIO MPEG Audio Encoder
     Sonic Solutions
     12.2.0.28
     c:\program files (x86)\common files\roxio shared\oem\12.0\mpeg\roxioaudioenc.dll
     11/24/2010 5:38 PM
   CyberLink Tzan Filter (PDVD9)
     HKCR\CLSID\{2ADA6289-B516-410D-A748-A498B850C5BA}
     Cyberlink Tzan Filter
     CyberLink Corp.
     3.5.0.3606
     c:\program files (x86)\cyberlink\powerdvd9\videofilter\cltzan.ax
     12/5/2010 9:54 PM
   ROXIO VideoCombine 3.0
     HKCR\CLSID\{31647051-52A5-4660-9332-B364EB40B149}
     CrossGraphEx.ax
     Sonic Solutions
     12.2.1.71
     c:\program files (x86)\roxio\oem\videocore 12\roxvideo.ax
     11/25/2010 10:13 AM
   RealPlayer MPEG4 Transform Filter
     HKCR\CLSID\{31DB6C4C-B5BF-41BB-B06F-BC4D47C6B5E5}
     Audio Filter Plugin
     RealNetworks, Inc.
     16.0.3.51
     c:\program files (x86)\real\realplayer\rdsf3260.dll
     8/14/2013 7:14 PM
   ROXIO DVDCrossGraphEx Source 3.0
     HKCR\CLSID\{334B8CE6-30F6-4DC5-94EC-13631F7907B9}
     CrossGraphEx.ax
     Sonic Solutions
     12.2.1.71
     c:\program files (x86)\roxio\oem\videocore 12\roxvideo.ax
     11/25/2010 10:13 AM
   Roxio RealD to Stereo
     HKCR\CLSID\{34CF3F18-804C-437B-AE41-4FE55339264A}
     CrossGraphEx.ax
     Sonic Solutions
     12.2.1.71
     c:\program files (x86)\roxio\oem\videocore 12\roxvideo.ax
     11/25/2010 10:13 AM
   VW Video Transition
     HKCR\CLSID\{35417FA6-CB8D-42AA-ABFA-30F73B5015CA}
     CrossGraphEx.ax
     Sonic Solutions
     12.2.1.71
     c:\program files (x86)\roxio\oem\videocore 12\roxvideo.ax
     11/25/2010 10:13 AM
   CyberLink HD/BD Mixer (PDVD9)
     HKCR\CLSID\{35498F93-35E7-4B8D-AEB0-548CDC2E43EF}
     CLHBMixer
      
     2.0.0.2422
     c:\program files (x86)\cyberlink\powerdvd9\audiofilter\clhbmixer.ax
     12/22/2009 1:51 AM
   ATI MPEG File Writer
     HKCR\CLSID\{37A4D802-E76C-11D2-935C-00A024E52661}
     ATI MPEG Encoder
     Advanced Micro Devices Inc.
     11.6.0.50527
     c:\program files (x86)\common files\atimpenc.dll
     5/27/2010 11:54 AM
   ATI MPEG Video Decoder
     HKCR\CLSID\{37A4D808-E76C-11D2-935C-00A024E52661}
     ATI MPEG Encoder
     Advanced Micro Devices Inc.
     11.6.0.50527
     c:\program files (x86)\common files\atimpenc.dll
     5/27/2010 11:54 AM
   roxio DCFilters Audio Sync Filter 2 10
     HKCR\CLSID\{37F97061-8C23-4D44-9182-09BB5ADF329D}
     roxio DiscCopier DirectShow Filter Collection
     Sonic Solutions
     12.2.0.59
     c:\program files (x86)\common files\roxio shared\oem\12.0\dllshared\dcfilters12oem.dll
     11/25/2010 9:51 AM
   CyberLink Video/SP Decoder (PDVD9)
     HKCR\CLSID\{3AC8EA8C-990A-424A-BD7B-D5B57A9DEB83}
     CyberLink Video/SP Filter
     CyberLink Corp.
     8.4.0.2308
     c:\program files (x86)\cyberlink\powerdvd9\videofilter\clvsd.ax
     11/8/2010 7:55 AM
   ROXIO CPU Regulator
     HKCR\CLSID\{3C692283-D5B6-4A3A-BAEA-8895F28A37DB}
     CPURegulator.ax
     Sonic Solutions
     10.0.0.0
     c:\program files (x86)\roxio\oem\videocore 12\cpuregulator.ax
     11/25/2010 10:16 AM
   CyberLink AudioCD Filter (PDVD9)
     HKCR\CLSID\{3D017FE4-12E1-4CFE-8E68-AF90B70E9ED0}
     CyberLink AudioCD Filter
     CyberLink Corp.
     5.0.0.7823
     c:\program files (x86)\cyberlink\powerdvd9\audiofilter\claudiocd.ax
     6/23/2009 9:00 AM
   Roxio Vob Loader
     HKCR\CLSID\{3D247C6F-E07E-4082-8C21-090D48D96C44}
     VOBLoader
     Sonic Solutions
     12.2.1.71
     c:\program files (x86)\roxio\oem\videocore 12\vobloader.ax
     11/25/2010 10:19 AM
   ROXIO LPCMSyncFilter
     HKCR\CLSID\{3E88CAC8-C8BC-4C87-BDA3-660A860F2A45}
     LPCMSync Filter
     Sonic Solutions
     12.2.0.28
     c:\program files (x86)\common files\roxio shared\oem\12.0\mpeg\lpcmsyncfilter.dll
     11/24/2010 5:34 PM
   ROXIO VCFStationLogo 1.0
     HKCR\CLSID\{4321D008-FCC3-4204-9447-2FA7A31F72AC}
     CrossGraphEx.ax
     Sonic Solutions
     12.2.1.71
     c:\program files (x86)\roxio\oem\videocore 12\roxvideo.ax
     11/25/2010 10:13 AM
   VW Video Transition
     HKCR\CLSID\{43E1C9D0-52D9-4784-87B0-63340702F0B6}
     CrossGraphEx.ax
     Sonic Solutions
     12.2.1.71
     c:\program files (x86)\roxio\oem\videocore 12\roxvideo.ax
     11/25/2010 10:13 AM
   Cyberlink Demuxer 2.0
     HKCR\CLSID\{45DB68D9-EFA8-45E3-BAC2-83133741933B}
     CLDemuxer2
     Cyberlink
     2.0.6.2317
     c:\program files (x86)\cyberlink\powerdvd9\navfilter\cldemuxer2.ax
     11/16/2010 11:19 PM
   roxio DCFilters MPEG Transcoder
     HKCR\CLSID\{4691C4D6-8FFF-45A2-970E-C152E3D9871C}
     roxio DiscCopier DirectShow Filter Collection
     Sonic Solutions
     12.2.0.59
     c:\program files (x86)\common files\roxio shared\oem\12.0\dllshared\dcfilters12oem.dll
     11/25/2010 9:51 AM
   ROXIO DV Scene Detector Tee 3.0
     HKCR\CLSID\{4730A2D3-0A8E-4D62-87ED-46608872E276}
     CrossGraphEx.ax
     Sonic Solutions
     12.2.1.71
     c:\program files (x86)\roxio\oem\videocore 12\roxvideo.ax
     11/25/2010 10:13 AM
   CyberLink Audio Decoder (PDVD9)
     HKCR\CLSID\{475005D6-C8DB-43A8-83B7-8F2F2CFF1192}
     CyberLink Audio Decoder Filter
     CyberLink Corp.
     8.4.0.3630
     c:\program files (x86)\cyberlink\powerdvd9\audiofilter\claud.ax
     12/30/2010 4:32 AM
   Cyberlink SubTitle Importor (PDVD9)
     HKCR\CLSID\{48669B4F-B6AA-449F-B253-BF17103453DB}
     CLSubTitle.ax
     CyberLink Corp.
     2.0.0.416
     c:\program files (x86)\cyberlink\powerdvd9\videofilter\clsubtitle.ax
     4/16/2010 4:23 AM
   ROXIO Field Splitter 3.0
     HKCR\CLSID\{4A9EDC2D-65F9-426F-8371-D36A14B36D3D}
     CrossGraphEx.ax
     Sonic Solutions
     12.2.1.71
     c:\program files (x86)\roxio\oem\videocore 12\roxvideo.ax
     11/25/2010 10:13 AM
   ROXIO ThumbnailGrabber 3.0
     HKCR\CLSID\{4BE89269-F64C-45ED-948C-35D5BD93F20A}
     CrossGraphEx.ax
     Sonic Solutions
     12.2.1.71
     c:\program files (x86)\roxio\oem\videocore 12\roxvideo.ax
     11/25/2010 10:13 AM
   roxio DCFilters DVDStream Reader 10
     HKCR\CLSID\{5022CBF6-160E-44C0-8E04-2CB9461C78DF}
     roxio DiscCopier DirectShow Filter Collection
     Sonic Solutions
     12.2.0.59
     c:\program files (x86)\common files\roxio shared\oem\12.0\dllshared\dcfilters12oem.dll
     11/25/2010 9:51 AM
   Roxio Audio Stream Writer Filter
     HKCR\CLSID\{526F8A59-6910-4774-AA26-73BD6EA3914E}
     Roxio Audio Stream Writer Filter
     Sonic Solutions
     12.2.0.54
     c:\program files (x86)\roxio\oem\audiocodec\rxdsaudiostreamwriter.ax
     11/25/2010 6:20 AM
   CyberLink Line21 Decoder (PDVD9)
     HKCR\CLSID\{53720BB2-623D-457B-81EC-29F211DF30CA}
     CyberLink Line21 Decoder Filter
     CyberLink Corp.
     4.0.0.10324
     c:\program files (x86)\cyberlink\powerdvd9\videofilter\clline21.ax
     7/23/2009 9:21 PM
   Roxio Repack Filter
     HKCR\CLSID\{546EB2A9-B400-4B71-A960-D60151C72902}
     Repack Filter
     Sonic Solutions
     12.2.0.28
     c:\program files (x86)\common files\roxio shared\oem\12.0\mpeg\repackfilter.dll
     11/24/2010 5:35 PM
   PSI Parser
     HKCR\CLSID\{5576FFE1-BA58-46F9-9C1C-1D2CF8AB12AB}
     CrossGraphEx.ax
     Sonic Solutions
     12.2.1.71
     c:\program files (x86)\roxio\oem\videocore 12\roxvideo.ax
     11/25/2010 10:13 AM
   Roxio Audio Stream Reader Filter
     HKCR\CLSID\{568327E3-CD98-489F-9296-8C7831D55204}
     Roxio Audio Stream Reader Filter
     Sonic Solutions
     12.2.0.54
     c:\program files (x86)\roxio\oem\audiocodec\rxdsaudiostreamreader.ax
     11/25/2010 6:19 AM
   ROXIO Field Combiner 3.0
     HKCR\CLSID\{5B1BEE28-0A6F-4822-B39F-0FEB64C3F7CD}
     CrossGraphEx.ax
     Sonic Solutions
     12.2.1.71
     c:\program files (x86)\roxio\oem\videocore 12\roxvideo.ax
     11/25/2010 10:13 AM
   ROXIO QuickGrabber 3.0
     HKCR\CLSID\{5B3522A3-5646-42D9-ABF2-50F5D24B5FF8}
     CrossGraphEx.ax
     Sonic Solutions
     12.2.1.71
     c:\program files (x86)\roxio\oem\videocore 12\roxvideo.ax
     11/25/2010 10:13 AM
   ROXIO Video Effect 3.0
     HKCR\CLSID\{5D0E2C42-C4CC-4C10-B0FB-119FB9D256E4}
     CrossGraphEx.ax
     Sonic Solutions
     12.2.1.71
     c:\program files (x86)\roxio\oem\videocore 12\roxvideo.ax
     11/25/2010 10:13 AM
   Roxio Anaglyph to Stereo
     HKCR\CLSID\{5E46AA55-1890-47AB-8462-2C9FDEB32F18}
     CrossGraphEx.ax
     Sonic Solutions
     12.2.1.71
     c:\program files (x86)\roxio\oem\videocore 12\roxvideo.ax
     11/25/2010 10:13 AM
   ROXIO VCFLatency 3.0
     HKCR\CLSID\{5E6BB69A-74D7-44BE-B9FA-F4F0F6DAA81F}
     Roxio Audio Filters
     Sonic Solutions
     10.0.0.0
     c:\program files (x86)\roxio\oem\videocore 12\roxaudio.ax
     11/25/2010 10:03 AM
   Roxio Video Rotater,
     HKCR\CLSID\{62204F7D-EFE7-423C-972A-01265FA7D3B5}
     CrossGraphEx.ax
     Sonic Solutions
     12.2.1.71
     c:\program files (x86)\roxio\oem\videocore 12\roxvideo.ax
     11/25/2010 10:13 AM
   CyberLink MPEG Splitter
     HKCR\CLSID\{62BB13AE-94FA-4835-A233-2EA53F37AA49}
     CyberLink MPEG Splitter
     CyberLink Corp.
     3.4.0.4013
     c:\program files (x86)\cyberlink\powerdvd9\navfilter\clsplter.ax
     4/12/2011 10:52 PM
   ATI MPEG Audio Encoder
     HKCR\CLSID\{6467DD70-FBD5-11D2-B5B6-444553540000}
     ATI MPEG Encoder
     Advanced Micro Devices Inc.
     11.6.0.50527
     c:\program files (x86)\common files\atimpenc.dll
     5/27/2010 11:54 AM
   roxio DCFilters Mpeg I/II Decoder 10
     HKCR\CLSID\{6C2FF90F-6CE8-4A8A-893F-A85CBC3856A4}
     roxio DiscCopier DirectShow Filter Collection
     Sonic Solutions
     12.2.0.59
     c:\program files (x86)\common files\roxio shared\oem\12.0\dllshared\dcfilters12oem.dll
     11/25/2010 9:51 AM
   Roxio Mp3 Encoder (SC)
     HKCR\CLSID\{6E4CE636-3B76-4331-A969-C52112A02850}
     Roxio Audio Codec DLL
     Sonic Solutions
     12.2.0.54
     c:\program files (x86)\roxio\oem\audiocodec\rxdsmp3encoder.ax
     11/25/2010 6:23 AM
   ROXIO CrossGraphEx Renderer 3.0
     HKCR\CLSID\{6E91309B-10D8-45E2-A32E-69EC191D8837}
     CrossGraphEx.ax
     Sonic Solutions
     12.2.1.71
     c:\program files (x86)\roxio\oem\videocore 12\roxvideo.ax
     11/25/2010 10:13 AM
   VCG Video Mixer 3.0
     HKCR\CLSID\{6EF92A57-5986-460D-AC08-8CF8B7A1141F}
     VideoCompositing Module
     Sonic Solutions
     12.2.1.71
     c:\program files (x86)\roxio\oem\videocore 12\videocompositing.ax
     11/25/2010 10:39 AM
   Cyberlink SubTitle Importor 2.0 (PDVD9)
     HKCR\CLSID\{72D4D567-D73E-4851-87A2-5D89EF007CB9}
     CLSubTitle.ax
     CyberLink Corp.
     2.0.0.416
     c:\program files (x86)\cyberlink\powerdvd9\videofilter\clsubtitle.ax
     4/16/2010 4:23 AM
   CyberLink FLV Splitter (PDVD9)
     HKCR\CLSID\{72DA66EA-B351-4909-B608-1B2348677F84}
     CyberLink FLV Splitter
     CyberLink Corp.
     1.0.0.1030
     c:\program files (x86)\cyberlink\powerdvd9\navfilter\clflvsplitter.ax
     10/30/2009 3:20 AM
   ROXIO AudioConvert 3.0
     HKCR\CLSID\{730F06E3-2D17-4065-AE34-E34C37B8A1AB}
     Roxio Audio Filters
     Sonic Solutions
     10.0.0.0
     c:\program files (x86)\roxio\oem\videocore 12\roxaudio.ax
     11/25/2010 10:03 AM
   Roxio Plasma CrossGraph Source
     HKCR\CLSID\{74BB6F59-DA30-493C-9FF9-B869D97E9AA9}
     MGICGFilter.ax
     Sonic Solutions
     12.2.1.71
     c:\program files (x86)\roxio\oem\videocore 12\plasmacgfilter.ax
     11/25/2010 10:35 AM
   ATI MPEG Video Encoder
     HKCR\CLSID\{758C0F02-DF95-11D2-8E75-00104B93CF06}
     ATI MPEG Encoder
     Advanced Micro Devices Inc.
     11.6.0.50527
     c:\program files (x86)\common files\atimpenc.dll
     5/27/2010 11:54 AM
   VW Input Selector
     HKCR\CLSID\{75EF27FA-303F-435D-BCD1-79916CAF9FBE}
     CrossGraphEx.ax
     Sonic Solutions
     12.2.1.71
     c:\program files (x86)\roxio\oem\videocore 12\roxvideo.ax
     11/25/2010 10:13 AM
   Roxio LVM File Source (Async.)
     HKCR\CLSID\{76D24377-7A07-4C56-A5B9-7E71D885346F}
     LVMAsync
     Sonic Solutions
     12.2.1.71
     c:\program files (x86)\roxio\oem\videocore 12\lvmasync.ax
     11/25/2010 10:31 AM
   ATI MPEG Multiplexer
     HKCR\CLSID\{7A10E1E1-F430-11D2-8E75-00104B93CF06}
     ATI MPEG Encoder
     Advanced Micro Devices Inc.
     11.6.0.50527
     c:\program files (x86)\common files\atimpenc.dll
     5/27/2010 11:54 AM
   ROXIO Audio VCFLooper 3.0
     HKCR\CLSID\{7D325DB5-ACCA-4E59-869D-07B0A6E51AE6}
     Roxio Audio Filters
     Sonic Solutions
     10.0.0.0
     c:\program files (x86)\roxio\oem\videocore 12\roxaudio.ax
     11/25/2010 10:03 AM
   CyberLink Audio Wizard
     HKCR\CLSID\{839C9033-5C49-47C2-B3A5-17913AEB1DB6}
     CyberLink Audio Wizard Filter
     CyberLink Corp.
     1.0.0.4414
     c:\program files (x86)\cyberlink\powerdvd9\audiofilter\claudwizard.ax
     8/14/2009 8:26 AM
   CyberLink Audio Spectrum Analyzer (PDVD9)
     HKCR\CLSID\{8A025928-7AFB-4BD8-9279-0764607D18F1}
     CLAudSpa.ax
     CyberLink Corp.
     1.0.0.7113
     c:\program files (x86)\cyberlink\powerdvd9\audiofilter\claudspa.ax
     11/9/2009 5:02 AM
   Roxio Audio Source Filter
     HKCR\CLSID\{8A5E8F92-5239-49BF-8E0D-3494F9B34238}
     Roxio Audio Source Filter
     Sonic Solutions
     12.2.0.54
     c:\program files (x86)\roxio\oem\audiocodec\rxdsaudiosource.ax
     11/25/2010 6:20 AM
   Sonic MPEG-2 Video Decoder
     HKCR\CLSID\{8AA4392B-C36F-4931-8EF7-C9391CA404D2}
     MPEG-2 Video Decoder
     Sonic Solutions Inc.
     8.5.0.19970
     c:\program files (x86)\common files\sonic shared\sonicmc02\c12oem_dec_mp2v_ds.ax
     5/10/2010 7:38 AM
   Roxio MPEG1 Encoder
     HKCR\CLSID\{8C77B2D3-B706-4FA3-ABCE-8039EB0D2904}
     ROXIO MPEG1 Codec
     Sonic Solutions
     12.2.0.28
     c:\program files (x86)\common files\roxio shared\oem\12.0\mpeg\mpeg1vidcodec.dll
     11/24/2010 5:33 PM
   ATI Video Scaler Filter
     HKCR\CLSID\{8DA0A2A8-30CB-46F4-A28E-13B6B5AB926C}
     ATI MPEG Encoder
     Advanced Micro Devices Inc.
     11.6.0.50527
     c:\program files (x86)\common files\atimpenc.dll
     5/27/2010 11:54 AM
   ROXIO Pan Zoom 3.0
     HKCR\CLSID\{8E3D55AB-8421-4978-9FAD-9F9CFB9AECF0}
     CrossGraphEx.ax
     Sonic Solutions
     12.2.1.71
     c:\program files (x86)\roxio\oem\videocore 12\roxvideo.ax
     11/25/2010 10:13 AM
   Roxio Anaglyph to Stereo
     HKCR\CLSID\{8E53AB60-4403-46E9-A155-3ADD1A3F49EB}
     CrossGraphEx.ax
     Sonic Solutions
     12.2.1.71
     c:\program files (x86)\roxio\oem\videocore 12\roxvideo.ax
     11/25/2010 10:13 AM
   ROXIO Pin Tee
     HKCR\CLSID\{8E5933F1-764B-46E2-878A-D975C4C59628}
     CrossGraphEx.ax
     Sonic Solutions
     12.2.1.71
     c:\program files (x86)\roxio\oem\videocore 12\roxvideo.ax
     11/25/2010 10:13 AM
   RealPlayer Mp3 Transform Filter
     HKCR\CLSID\{8F3C60A5-6459-4935-84BD-BAE0E962AAA9}
     Audio Filter Plugin
     RealNetworks, Inc.
     16.0.3.51
     c:\program files (x86)\real\realplayer\rdsf3260.dll
     8/14/2013 7:14 PM
   ROXIO Audio VCFChunker 3.0
     HKCR\CLSID\{91606AA2-A689-4A8C-BC2F-F8AF2C9773AE}
     Roxio Audio Filters
     Sonic Solutions
     10.0.0.0
     c:\program files (x86)\roxio\oem\videocore 12\roxaudio.ax
     11/25/2010 10:03 AM
   Roxio MPEG2 Video Decoder
     HKCR\CLSID\{931B93E2-1A03-4DB2-875E-A7763A3E73B9}
     ROXIO MPEG2 Codec
     Sonic Solutions
     12.2.0.28
     c:\program files (x86)\common files\roxio shared\oem\12.0\mpeg\mpeg2vidcodec.dll
     11/24/2010 5:40 PM
   CyberLink DVD Navigator (PDVD9)
     HKCR\CLSID\{94311571-1915-4DFA-AC78-9BC40B5F061F}
     CyberLink DVD Navigation Filter
     CyberLink Corp.
     8.1.0.2931
     c:\program files (x86)\cyberlink\powerdvd9\navfilter\clnavx.ax
     5/31/2011 5:01 AM
   ROXIO Video VCFLooper 3.0
     HKCR\CLSID\{96972A36-0AC9-49AA-841C-49BFC69C6248}
     CrossGraphEx.ax
     Sonic Solutions
     12.2.1.71
     c:\program files (x86)\roxio\oem\videocore 12\roxvideo.ax
     11/25/2010 10:13 AM
   CyberLink MPEG-4 Splitter (PDVD9)
     HKCR\CLSID\{97D48B32-AFD8-4923-BA97-F4F3B99BF293}
     CyberLink MPEG-4 Splitter
     CyberLink Corp.
     1.1.0.2906
     c:\program files (x86)\cyberlink\powerdvd9\navfilter\clm4splt.ax
     5/6/2010 5:39 AM
   CyberLink RealMedia Splitter (PDVD9)
     HKCR\CLSID\{987D25F8-2B82-4BC3-873F-CB330FAF07C4}
     CyberLink RealMedia Splitter
     CyberLink Corp.
     1.0.0.1103
     c:\program files (x86)\cyberlink\powerdvd9\navfilter\clrmsplitter.ax
     11/3/2009 2:24 AM
   Sewer
     HKCR\CLSID\{9FB6A1F5-70C7-42C5-8481-0C293119196B}
     MVWcDSutil
     Sonic Solutions
     12.2.1.71
     c:\program files (x86)\roxio\oem\videocore 12\mvwcdsutil.dll
     11/25/2010 10:01 AM
   ROXIO Video Integrate
     HKCR\CLSID\{A0EDA755-EFF5-4211-AEAC-D961B0468083}
     CrossGraphEx.ax
     Sonic Solutions
     12.2.1.71
     c:\program files (x86)\roxio\oem\videocore 12\roxvideo.ax
     11/25/2010 10:13 AM
   Roxio Smart Decoder
     HKCR\CLSID\{A43D1D7D-BACF-42FB-AADD-191E2E2A2522}
     ROXIO MPEG2 Codec
     Sonic Solutions
     12.2.0.28
     c:\program files (x86)\common files\roxio shared\oem\12.0\mpeg\mpeg2vidcodec.dll
     11/24/2010 5:40 PM
   Media Analyser
     HKCR\CLSID\{A482CEA1-C264-4DC9-B4E5-1ED1F6F6B7D4}
     analyse Filter (Sample)
     Sonic Solutions
     12.2.1.71
     c:\program files (x86)\roxio\oem\videocore 12\mediaanalyser.ax
     11/25/2010 10:04 AM
   ROXIO VCFAudioMixer 3.0
     HKCR\CLSID\{A4DF9E53-5258-4F6A-861B-A2720E46CF99}
     Roxio Audio Filters
     Sonic Solutions
     10.0.0.0
     c:\program files (x86)\roxio\oem\videocore 12\roxaudio.ax
     11/25/2010 10:03 AM
   Roxio Smart Encoder
     HKCR\CLSID\{A73D0C5E-BB32-4E54-9AA4-3C7462A550BC}
     ROXIO MPEG2 Codec
     Sonic Solutions
     12.2.0.28
     c:\program files (x86)\common files\roxio shared\oem\12.0\mpeg\mpeg2vidcodec.dll
     11/24/2010 5:40 PM
   Sonic Cinemasterr Audio Decoder 4.3 (No Dolby)
     HKCR\CLSID\{A81BEB35-39D0-42d5-91EC-A0475B036D38}
     SonicHDAudio
     Sonic Solutions
     4.3.0.240
     c:\program files (x86)\roxio\oem\common\cinemasteraudiond.dll
     7/22/2010 3:21 AM
   CyberLink HAM Decoder
     HKCR\CLSID\{A93F76CF-4B73-4B67-89ED-7E0AF90BBFED}
     CyberLink 264 Decoder Filter
     CyberLink Corp.
     1.0.7190.3125
     c:\program files (x86)\cyberlink\powerdvd9\videofilter\clcvd.ax
     7/25/2011 12:12 AM
   ROXIO CrossGraphEx Source 3.0
     HKCR\CLSID\{AAFC0E44-AEEF-4B90-9230-F9A4436E818A}
     CrossGraphEx.ax
     Sonic Solutions
     12.2.1.71
     c:\program files (x86)\roxio\oem\videocore 12\roxvideo.ax
     11/25/2010 10:13 AM
   ROXIO ListImage Source 3.0
     HKCR\CLSID\{AD1F9326-F2FC-44BB-8A2F-A720B67E9302}
     CrossGraphEx.ax
     Sonic Solutions
     12.2.1.71
     c:\program files (x86)\roxio\oem\videocore 12\roxvideo.ax
     11/25/2010 10:13 AM
   ROXIO SceneRecorder 1.0
     HKCR\CLSID\{AD2ED55A-CB22-4D4A-BEC0-7370F725765A}
     CrossGraphEx.ax
     Sonic Solutions
     12.2.1.71
     c:\program files (x86)\roxio\oem\videocore 12\roxvideo.ax
     11/25/2010 10:13 AM
   ROXIO VCFWaveform 1.0
     HKCR\CLSID\{AE0BEE33-DAB4-404A-854E-19C115C8184E}
     Roxio Audio Filters
     Sonic Solutions
     10.0.0.0
     c:\program files (x86)\roxio\oem\videocore 12\roxaudio.ax
     11/25/2010 10:03 AM
   LVMWriter
     HKCR\CLSID\{AE1DBF9A-2D08-4747-9015-CB639BB7F8C6}
     LVMWriter
     Sonic Solutions
     12.2.1.71
     c:\program files (x86)\roxio\oem\videocore 12\lvmwriter.ax
     11/25/2010 10:28 AM
   Roxio MPEG Analyzer Filter
     HKCR\CLSID\{AF4990D7-5740-406F-A05E-6185B0F7BD7D}
     MPEG File Analyzer Dynamic Link Library
     Sonic Solutions
     12.2.0.28
     c:\program files (x86)\common files\roxio shared\oem\12.0\mpeg\roxiompegprop.dll
     11/24/2010 5:29 PM
   CyberLink RealAudio Decoder (PDVD9)
     HKCR\CLSID\{B03FBCEC-6E47-45B8-BA2D-9AA24F2E42AD}
     CyberLink RealMedia Audio Decoder
     CyberLink Corp.
     1.0.0.1225
     c:\program files (x86)\cyberlink\powerdvd9\audiofilter\clrmaud.ax
     12/24/2009 10:44 PM
   ROXIO ColorSpace Converter 3.0
     HKCR\CLSID\{B215EBE4-7BFF-43EE-A9E8-E1F280619D91}
     CrossGraphEx.ax
     Sonic Solutions
     12.2.1.71
     c:\program files (x86)\roxio\oem\videocore 12\roxvideo.ax
     11/25/2010 10:13 AM
   RealPlayer Transcode Filter
     HKCR\CLSID\{B3457AC0-D40C-4370-9276-231ADB1E6192}
     Audio Filter Plugin
     RealNetworks, Inc.
     16.0.3.51
     c:\program files (x86)\real\realplayer\rdsf3260.dll
     8/14/2013 7:14 PM
   Roxio File Writer Wrapper
     HKCR\CLSID\{B6C69F8E-7109-4E1B-BDC7-095E38507138}
     Roxio File Writer Wrapper
     Sonic
     1.0.0.1
     c:\program files (x86)\roxio\oem\videocore 12\roxfilewriterwrapper.ax
     11/25/2010 10:16 AM
   ROXIO VCFAlphaSplitter 3.0
     HKCR\CLSID\{B9581811-B40E-4DE9-A12D-E0E1E6E83141}
     CrossGraphEx.ax
     Sonic Solutions
     12.2.1.71
     c:\program files (x86)\roxio\oem\videocore 12\roxvideo.ax
     11/25/2010 10:13 AM
   roxio DCFilters Smart Resizer 10
     HKCR\CLSID\{BA709E2E-AE2E-4E04-8195-65498B03AD60}
     roxio DiscCopier DirectShow Filter Collection
     Sonic Solutions
     12.2.0.59
     c:\program files (x86)\common files\roxio shared\oem\12.0\dllshared\dcfilters12oem.dll
     11/25/2010 9:51 AM
   ROXIO AudioGrabber 3.0
     HKCR\CLSID\{BDE905C0-395E-4403-B541-7F2D5B37CFF3}
     CrossGraphEx.ax
     Sonic Solutions
     12.2.1.71
     c:\program files (x86)\roxio\oem\videocore 12\roxvideo.ax
     11/25/2010 10:13 AM
   CyberLink Video Decoder (PDVD9)
     HKCR\CLSID\{BEF49ADB-9EC1-4AF2-8E50-90F226CC4843}
     CyberLink 264 Decoder Filter
     CyberLink Corp.
     1.0.7190.3125
     c:\program files (x86)\cyberlink\powerdvd9\videofilter\clcvd.ax
     7/25/2011 12:12 AM
   VMR9 Wrapper 3.0
     HKCR\CLSID\{BF844A20-6CF6-4538-8C35-D5480DB6179F}
     VideoCompositing Module
     Sonic Solutions
     12.2.1.71
     c:\program files (x86)\roxio\oem\videocore 12\videocompositing.ax
     11/25/2010 10:39 AM
   Sonic Audio Resampler
     HKCR\CLSID\{C0801259-9861-43A7-B912-05C09E72A1B7}
     Audio Resampler Direct Show Filter
     Sonic Solutions Inc.
     8.5.0.19970
     c:\program files (x86)\roxio\oem\audiocodec\filters\c12oem_trans_audio_samplerate_ds.ax
     5/10/2010 7:53 AM
   ROXIO BDAV Smart Render 1.0
     HKCR\CLSID\{C08E4CA2-4838-4A12-85AF-1C4206440ACD}
     CrossGraphEx.ax
     Sonic Solutions
     12.2.1.71
     c:\program files (x86)\roxio\oem\videocore 12\roxvideo.ax
     11/25/2010 10:13 AM
   Roxio StereoSource Cropper
     HKCR\CLSID\{C11A8742-7362-4FCD-93B1-2CE7A9B3A976}
     CrossGraphEx.ax
     Sonic Solutions
     12.2.1.71
     c:\program files (x86)\roxio\oem\videocore 12\roxvideo.ax
     11/25/2010 10:13 AM
   Half Size to Stereo
     HKCR\CLSID\{C47C01D1-3893-4EB3-8FCA-03253A145EC0}
     CrossGraphEx.ax
     Sonic Solutions
     12.2.1.71
     c:\program files (x86)\roxio\oem\videocore 12\roxvideo.ax
     11/25/2010 10:13 AM
   roxio DCFilters DVDStream Splitter 10
     HKCR\CLSID\{C8B4B3B3-B35B-4DDD-989E-EF2BF3A0E299}
     roxio DiscCopier DirectShow Filter Collection
     Sonic Solutions
     12.2.0.59
     c:\program files (x86)\common files\roxio shared\oem\12.0\dllshared\dcfilters12oem.dll
     11/25/2010 9:51 AM
   ROXIO DVDCrossGraphEx Renderer 3.0
     HKCR\CLSID\{CA85F9D5-4FE2-4ACF-8F76-8D30F2EFD983}
     CrossGraphEx.ax
     Sonic Solutions
     12.2.1.71
     c:\program files (x86)\roxio\oem\videocore 12\roxvideo.ax
     11/25/2010 10:13 AM
   Sonic Cinemasterr VideoDecoder 4.3 (EMC12)
     HKCR\CLSID\{CBD94404-CA7C-4656-B9D8-47D9CB9958B3}
     CinemasterVideo
     Sonic Solutions
     4.3.1.279
     c:\program files (x86)\roxio\oem\common\cinemastervideo.dll
     7/22/2010 3:33 AM
   roxio DCFilters DVD Muxer 10
     HKCR\CLSID\{CD06C783-9CCA-4EA8-B34B-2A36844075AB}
     roxio DiscCopier DirectShow Filter Collection
     Sonic Solutions
     12.2.0.59
     c:\program files (x86)\common files\roxio shared\oem\12.0\dllshared\dcfilters12oem.dll
     11/25/2010 9:51 AM
   CyberLink RealVideo Decoder (PDVD9)
     HKCR\CLSID\{CD2D4F73-EF66-412F-B876-B3B1F012A857}
     CyberLink RealMedia Video Decoder
     CyberLink Corp.
     1.0.0.1225
     c:\program files (x86)\cyberlink\powerdvd9\videofilter\clrmvd.ax
     12/24/2009 10:42 PM
   RealPlayer Audio Filter
     HKCR\CLSID\{CEF4D40F-ACA5-40BA-8F3B-161A594A1A39}
     Audio Filter Plugin
     RealNetworks, Inc.
     16.0.3.51
     c:\program files (x86)\real\realplayer\rdsf3260.dll
     8/14/2013 7:14 PM
   Sonic HD Demuxer
     HKCR\CLSID\{CF81352B-5553-4b8e-A169-FA91BCA64601}
     Sonic HD Demuxer
     4.3.0.134
     c:\program files (x86)\roxio\oem\common\sonichddemuxer.dll
     7/22/2010 4:01 AM
   ROXIO SpyPos 3.0
     HKCR\CLSID\{D1B308CD-B150-4832-8CA4-76CFCFFC5B52}
     Null-In-Place (Sample)
     Sonic Solutions
     12.2.1.71
     c:\program files (x86)\roxio\oem\videocore 12\mginullip.ax
     11/25/2010 10:14 AM
   VW Input Selector 2
     HKCR\CLSID\{D44518AE-3C07-46FD-89FD-8A5839781755}
     CrossGraphEx.ax
     Sonic Solutions
     12.2.1.71
     c:\program files (x86)\roxio\oem\videocore 12\roxvideo.ax
     11/25/2010 10:13 AM
   roxio DCFilters Dragons Lair 10
     HKCR\CLSID\{D4D98B9C-AF62-469B-B0CE-E0752D382EA1}
     roxio DiscCopier DirectShow Filter Collection
     Sonic Solutions
     12.2.0.59
     c:\program files (x86)\common files\roxio shared\oem\12.0\dllshared\dcfilters12oem.dll
     11/25/2010 9:51 AM
   Sonic MPEG Multiplexer
     HKCR\CLSID\{D7C720CB-BCBD-4648-96F0-50FE38056F8D}
     MPEG Multiplexer-Plus DS Filter
     Sonic Solutions Inc.
     8.5.0.19970
     c:\program files (x86)\roxio\oem\audiocodec\filters\c12oem_mux_mp2_ds.ax
     5/10/2010 7:40 AM
   ROXIO VCFVideoCutList 3.0
     HKCR\CLSID\{DBC82B74-9362-466D-81CC-985135851505}
     CrossGraphEx.ax
     Sonic Solutions
     12.2.1.71
     c:\program files (x86)\roxio\oem\videocore 12\roxvideo.ax
     11/25/2010 10:13 AM
   ATI Video Rotation Filter
     HKCR\CLSID\{DF90FA9A-83F4-477D-861A-B7A1285ACEEE}
     ATI MPEG Encoder
     Advanced Micro Devices Inc.
     11.6.0.50527
     c:\program files (x86)\common files\atimpenc.dll
     5/27/2010 11:54 AM
   SubPicture Encoder
     HKCR\CLSID\{DFCBC8FC-CD64-4D04-85FF-4F7C2E8EDD84}
     ROXIO SubPicture Encoder
     Sonic Solutions
     12.2.0.28
     c:\program files (x86)\common files\roxio shared\oem\12.0\mpeg\subpictenc.dll
     11/24/2010 5:34 PM
   Roxio MPEG2 Muxer
     HKCR\CLSID\{E0117E25-66A5-4E65-AFEB-EC23899E38A3}
     ROXIO MPEG MUXER
     Sonic Solutions
     12.2.0.28
     c:\program files (x86)\common files\roxio shared\oem\12.0\mpeg\mpeg2muxer.dll
     11/24/2010 5:32 PM
   ROXIO Deinterlace 3.0
     HKCR\CLSID\{E0969DCE-D52D-492C-B901-25A71146C8A4}
     CrossGraphEx.ax
     Sonic Solutions
     12.2.1.71
     c:\program files (x86)\roxio\oem\videocore 12\roxvideo.ax
     11/25/2010 10:13 AM
   Roxio MPEG Stream Analyzer
     HKCR\CLSID\{E155B161-FE08-470E-8330-965E4A1251B7}
     Roxio MPEG Stream Splitter
     Sonic Solutions
     12.2.0.28
     c:\program files (x86)\common files\roxio shared\oem\12.0\mpeg\mpegstreamanalyzer.dll
     11/24/2010 5:37 PM
   Roxio Transport Stream Source
     HKCR\CLSID\{E18F8E3B-DEAF-4325-9D5C-802B85E0A6F4}
     ListFrameSource
     Sonic Solutions
     12.2.0.28
     c:\program files (x86)\common files\roxio shared\oem\12.0\mpeg\tsmpegsource.dll
     11/24/2010 5:35 PM
   ROXIO VCFpeakmeter 3.0
     HKCR\CLSID\{E3B36759-AAD1-480C-9D6D-2DCE7FA644E0}
     Roxio Audio Filters
     Sonic Solutions
     10.0.0.0
     c:\program files (x86)\roxio\oem\videocore 12\roxaudio.ax
     11/25/2010 10:03 AM
   Roxio MPEG1 Muxer
     HKCR\CLSID\{E3D8C849-41A0-4BE4-ADE6-40A2440D0C77}
     ROXIO MPEG MUXER
     Sonic Solutions
     12.2.0.28
     c:\program files (x86)\common files\roxio shared\oem\12.0\mpeg\mpeg1muxer.dll
     11/24/2010 5:32 PM
   Roxio VOB Formatter
     HKCR\CLSID\{E750BAA3-8AD8-4FF6-8C35-48514CD87552}
     VOBFormatter
     Sonic Solutions
     12.2.1.71
     c:\program files (x86)\roxio\oem\videocore 12\vobformatter.ax
     11/25/2010 10:18 AM
   ROXIO VCFHDVSceneDetect 1.0
     HKCR\CLSID\{ECF91CAE-E9D5-49F8-9FA3-8F0B7A49FB0F}
     CrossGraphEx.ax
     Sonic Solutions
     12.2.1.71
     c:\program files (x86)\roxio\oem\videocore 12\roxvideo.ax
     11/25/2010 10:13 AM
   Roxio MPEG2 Demuxer
     HKCR\CLSID\{F52ED7AF-AE4B-4794-9E49-F92C886DCBC4}
     ROXIO MPEG Demuxer
     Sonic Solutions
     12.2.0.28
     c:\program files (x86)\common files\roxio shared\oem\12.0\mpeg\roxiompegdemuxer.dll
     11/24/2010 5:36 PM
   ROXIO QT Source
     HKCR\CLSID\{F81AA0E2-BCE4-4AE4-9927-0FEDDDBB6F13}
     CrossGraphEx.ax
     Sonic Solutions
     12.2.1.71
     c:\program files (x86)\roxio\oem\videocore 12\roxvideo.ax
     11/25/2010 10:13 AM
   ROXIO VCFDVSceneDetect 1.0
     HKCR\CLSID\{FA1951B7-E6DC-4105-A0AF-63A6E7A5C417}
     CrossGraphEx.ax
     Sonic Solutions
     12.2.1.71
     c:\program files (x86)\roxio\oem\videocore 12\roxvideo.ax
     11/25/2010 10:13 AM
   CyberLink Matroska Splitter (PDVD9)
     HKCR\CLSID\{FBD3694F-4F7A-4707-8CA4-2C9F7D6CFAE6}
     CyberLink Matroska Splitter
     CyberLink Corp.
     1.0.0.2811
     c:\program files (x86)\cyberlink\powerdvd9\navfilter\clmkvsplter.ax
     4/11/2011 4:49 AM

==== Empty IE Cache ======================

C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Users\newlife\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Users\newlife\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5 emptied successfully
C:\Windows\SysNative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Windows\sysWoW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Windows\sysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully

==== Empty FireFox Cache ======================

C:\Users\newlife\AppData\Local\Mozilla\Firefox\Profiles\uzjkrskb.default\Cache emptied successfully

==== Empty Chrome Cache ======================

No Chrome User Data found

==== Empty All Flash Cache ======================

Flash Cache Emptied Successfully

==== Empty All Java Cache ======================

Java Cache cleared successfully

==== Empty Temp Folders ======================

C:\Users\Default\AppData\Local\Temp emptied successfully
C:\Users\Default User\AppData\Local\Temp emptied successfully
C:\Users\Public\AppData\Local\Temp emptied successfully
C:\Users\TEMP\AppData\Local\Temp emptied successfully
C:\Users\UpdatusUser\AppData\Local\Temp emptied successfully
C:\Windows\serviceprofiles\networkservice\AppData\Local\Temp emptied successfully
C:\Windows\serviceprofiles\Localservice\AppData\Local\Temp emptied successfully
C:\Users\newlife\AppData\Local\Temp  will be emptied at reboot
C:\Windows\Temp will be emptied at reboot

==== After Reboot ======================

==== Empty Temp Folders ======================

C:\Windows\Temp successfully emptied
C:\Users\newlife\AppData\Local\Temp successfully emptied

==== Empty Recycle Bin ======================

C:\$RECYCLE.BIN successfully emptied

==== EOF on Tue 12/24/2013 at  7:14:45.97 ======================
 

Link to post
Share on other sites

-Still have boot problem when new external hard drive plugged on; replaced again so now it is a third new one tried!

-Still have error message when trying to manually archive outlook.

-Outlook still slow though somewhat better.

-Browsers still slow, though somewhat better.

-Microsoft Media Player now not working correctly since we starterd this process. Slow, breaks video down, then stops after awhile.

--Boot still slow though somewhat better.

-We left almost everything in startup and services and it definately is affecting system speed. I removed obvious cuplrits such as skype, but do not know what rest are and which to remove.

-Everything, (programs and such), you said to put in system is still in system, (I assume no longer needed and now taking up space and resources).

-Overall system not as well as before malware/virus hit.

Link to post
Share on other sites

Thanks for the update, the recent logs we see would indicate all malware is gone, your system is clean. The issues that remain with OutLook and the Boot problem when the external HD are connected do not seem to be related to any infection...

 

Make sure to leave external device with HD`s unplugged for now.....

 

Lets clean up and see how system responds....

 

Remove Combofix:


Please press the Windows Key and R on your keyboard. This will bring up the Run... command.
Now type in Combofix /Uninstall in the runbox and click OK. (Notice the space between the "x" and "/")
CF_Uninstall-1.jpg
 
Please follow the prompts to uninstall Combofix.
You will then receive a message saying Combofix was uninstalled successfully once it's done uninstalling itself.

 

Next,

 

Download "Delfix by Xplode" and save it to your desktop.

 

Double Click to start the program. If you are using Vista or higher, please right-click and choose run as administrator

 

Make Sure the following items are checked:

 


  •    
  • Activate UAC
       
  • Remove disinfection tools
       
  • Create registry backup
       
  • Purge System Restore
       
  • Reset system settings

 

Now click on "Run" and wait patiently until the tool has completed.

 

The tool will create a log when it has completed. We don't need you to post this.

 

Part of the routine will be to create a registry back up with ERUNT,  the back up will be created here:

 

C:\Windows\ERUNT

 

Next,

 

Have a look at reply #54, run CCleaner and post the "Start up" list again...

Link to post
Share on other sites

Guest
This topic is now closed to further replies.
  • Recently Browsing   0 members

    • No registered users viewing this page.

Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.