Jump to content

Build Theme!
  •  
  • Infected?

big grin WE'RE SURE THAT YOU'LL LOVE US!

We invite you to ask questions, share experiences, and learn. It's 100% free. Did we mention that it's free. It is. It's free. Join 91603 other members! Anybody can ask, anybody can answer. Consistently helpful members with best answers are invited to staff. Here's how it works. Virus cleanup? Start here -> Malware Removal Forum.

Try What the Tech -- It's free!


Photo

Many problems, caused potentially by a virus/malware? [Solved]


  • This topic is locked This topic is locked
10 replies to this topic

#1 ClementZ

ClementZ

    Authentic Member

  • Authentic Member
  • PipPip
  • 98 posts

Posted 29 March 2014 - 03:42 PM

My laptop, an Asus G750J purchased during the last week of August 2013, has been experiencing a few problems lately.

1. My anti-virus scanner (Total Defense Security Center) isn't scanning. Whenever I try to perform a scan, I get an error, and the scan stops. I've run Malwarebytes to see if it would help, and it didn't.

 

2. Several programs are not updating properly; NVidia Experience (not even sure I need this), and the "Critical Asus Updater." Both updaters, when run, download the update, and then close without installing.

 

3. The laptop is markedly slower to start-up on battery power alone than when it is plugged in, even when the "high performance" power setting is selected. On batter power alone, a restart, or two is often necessary to use the laptop without annoying lag and unresponsiveness on the taskbar or start menu.

OTL.txt:
OTL logfile created on: 18/03/14 01:00:31 - Run 1
OTL by OldTimer - Version 3.2.69.0     Folder = C:\Users\Shanne\Downloads
64bit- An unknown product  (Version = 6.2.9200) - Type = NTWorkstation
Internet Explorer (Version = 9.11.9600.16521)
Locale: 00001009 | Country: Canada | Language: ENC | Date Format: dd/MM/yy
 
11.92 Gb Total Physical Memory | 9.70 Gb Available Physical Memory | 81.37% Memory free
23.92 Gb Paging File | 21.36 Gb Available in Paging File | 89.31% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 279.11 Gb Total Space | 181.57 Gb Free Space | 65.05% Space Free | Partition Type: NTFS
Drive D: | 349.32 Gb Total Space | 346.39 Gb Free Space | 99.16% Space Free | Partition Type: NTFS
Drive E: | 349.32 Gb Total Space | 349.18 Gb Free Space | 99.96% Space Free | Partition Type: NTFS
Drive F: | 397.87 Gb Total Space | 397.73 Gb Free Space | 99.96% Space Free | Partition Type: NTFS
 
Computer Name: ARCHITECTURE | User Name: Shanne | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
 
========== Processes (SafeList) ==========
 
PRC - C:\Users\Shanne\Downloads\OTL.exe (OldTimer Tools)
PRC - C:\Program Files (x86)\McNeelUpdate\5.0\McNeelUpdateService.exe (Robert McNeel & Associates)
PRC - C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation)
PRC - C:\Program Files (x86)\Google\Update\1.3.22.5\GoogleCrashHandler.exe (Google Inc.)
PRC - C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe (NVIDIA Corporation)
PRC - C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe (NVIDIA Corporation)
PRC - C:\Users\Shanne\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
PRC - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe (Adobe Systems Incorporated)
PRC - C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\acrotray.exe (Adobe Systems Inc.)
PRC - C:\Windows\SysWOW64\cfgmig32.exe ()
PRC - C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe (Intel Corporation)
PRC - C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\Jhi_service.exe (Intel Corporation)
PRC - C:\Program Files (x86)\Intel\Intel® Management Engine Components\FWService\IntelMeFWService.exe (Intel Corporation)
PRC - C:\Windows\SysWOW64\UMonit64.exe ()
PRC - C:\Program Files (x86)\ASUS\Splendid\ColorUService.exe (ASUSTeK Computer Inc.)
PRC - C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControl.exe (ASUSTek Computer Inc.)
PRC - C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\AsLdrSrv.exe (ASUSTek Computer Inc.)
PRC - C:\Program Files (x86)\CyberLink\Shared files\brs.exe (cyberlink)
PRC - C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe (ASUSTek Computer Inc.)
PRC - C:\Program Files (x86)\Autodesk\Content Service\Connect.Service.ContentService.exe (Autodesk, Inc.)
PRC - C:\ProgramData\ASGVIS\Dongle Utilities\startvrlservice.exe ()
PRC - C:\Program Files (x86)\ASUS\Splendid\ACMON.exe (ASUS)
PRC - C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe (ASUSTek Computer Inc.)
PRC - C:\Program Files (x86)\ASUS\USBChargerPlus\USBChargerPlus.exe (ASUSTek Computer Inc.)
PRC - C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\KBFiltr.exe (ASUSTek Computer Inc.)
PRC - C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvc.exe (CyberLink)
PRC - C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe (ASUS)
PRC - C:\Program Files (x86)\Nuance\PaperPort\PDFProFiltSrvPP.exe (Nuance Communications, Inc.)
PRC - C:\ProgramData\FLEXnet\Connect\11\ISUSPM.exe (Acresso Corporation)
 
 
========== Modules (No Company Name) ==========
 
MOD - c:\users\shanne\appdata\local\temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmpumy4hg.dll ()
MOD - C:\Program Files (x86)\Mozilla Firefox\mozjs.dll ()
MOD - C:\Users\Shanne\AppData\Roaming\Dropbox\bin\wxmsw28uh_vc.dll ()
MOD - C:\Users\Shanne\AppData\Roaming\Dropbox\bin\libcef.dll ()
MOD - C:\Windows\SysWOW64\UMonit64.exe ()
MOD - C:\Program Files (x86)\CyberLink\Power2Go\CLMediaLibrary.dll ()
MOD - C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvcPS.dll ()
 
 
========== Services (SafeList) ==========
 
SRV:64bit: - (IEEtwCollectorService) -- C:\WINDOWS\SysNative\IEEtwCollector.exe (Microsoft Corporation)
SRV:64bit: - (NvStreamSvc) -- C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe (NVIDIA Corporation)
SRV:64bit: - (workfolderssvc) -- C:\Windows\SysNative\workfolderssvc.dll (Microsoft Corporation)
SRV:64bit: - (AppReadiness) -- C:\Windows\SysNative\AppReadiness.dll (Microsoft Corporation)
SRV:64bit: - (WSService) -- C:\Windows\SysNative\WSService.dll (Microsoft Corporation)
SRV:64bit: - (BrokerInfrastructure) -- C:\Windows\SysNative\bisrv.dll (Microsoft Corporation)
SRV:64bit: - (SystemEventsBroker) -- C:\Windows\SysNative\SystemEventsBrokerServer.dll (Microsoft Corporation)
SRV:64bit: - (AppXSvc) -- C:\Windows\SysNative\AppXDeploymentServer.dll (Microsoft Corporation)
SRV:64bit: - (OfficeSvc) -- C:\Program Files\Microsoft Office 15\ClientX64\integratedoffice.exe (Microsoft Corporation)
SRV:64bit: - (WdNisSvc) -- C:\Program Files\Windows Defender\NisSrv.exe (Microsoft Corporation)
SRV:64bit: - (WinDefend) -- C:\Program Files\Windows Defender\MsMpEng.exe (Microsoft Corporation)
SRV:64bit: - (CAAMSvc) -- C:\Program Files\Total Defense\Internet Security Suite\Anti-Virus\CAAMSvc.exe (Total Defense, Inc.)
SRV:64bit: - (CaCCProvSP) -- C:\Program Files\Total Defense\Internet Security Suite\ccprovsp.exe (Total Defense, Inc.)
SRV:64bit: - (ccSchedulerSVC) -- C:\Program Files\Total Defense\Internet Security Suite\ccschedulersvc.exe (Total Defense, Inc.)
SRV:64bit: - (wlidsvc) -- C:\Windows\SysNative\wlidsvc.dll (Microsoft Corporation)
SRV:64bit: - (Wcmsvc) -- C:\Windows\SysNative\wcmsvc.dll (Microsoft Corporation)
SRV:64bit: - (lfsvc) -- C:\Windows\SysNative\GeofenceMonitorService.dll (Microsoft Corporation)
SRV:64bit: - (FlexNet Licensing Service 64) -- C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService64.exe (Flexera Software LLC)
SRV:64bit: - (BcmBtRSupport) -- C:\Windows\SysNative\BtwRSupportService.exe (Broadcom Corporation.)
SRV:64bit: - (PrintNotify) -- C:\Windows\SysNative\spool\drivers\x64\3\PrintConfig.dll (Microsoft Corporation)
SRV:64bit: - (WEPHOSTSVC) -- C:\Windows\SysNative\wephostsvc.dll (Microsoft Corporation)
SRV:64bit: - (EFS) -- C:\Windows\SysNative\efssvc.dll (Microsoft Corporation)
SRV:64bit: - (WiaRpc) -- C:\Windows\SysNative\wiarpc.dll (Microsoft Corporation)
SRV:64bit: - (svsvc) -- C:\Windows\SysNative\svsvc.dll (Microsoft Corporation)
SRV:64bit: - (fhsvc) -- C:\Windows\SysNative\fhsvc.dll (Microsoft Corporation)
SRV:64bit: - (NcaSvc) -- C:\Windows\SysNative\NcaSvc.dll (Microsoft Corporation)
SRV:64bit: - (vmicvss) -- C:\Windows\SysNative\icsvc.dll (Microsoft Corporation)
SRV:64bit: - (vmictimesync) -- C:\Windows\SysNative\icsvc.dll (Microsoft Corporation)
SRV:64bit: - (vmicshutdown) -- C:\Windows\SysNative\icsvc.dll (Microsoft Corporation)
SRV:64bit: - (vmicrdv) -- C:\Windows\SysNative\icsvc.dll (Microsoft Corporation)
SRV:64bit: - (vmickvpexchange) -- C:\Windows\SysNative\icsvc.dll (Microsoft Corporation)
SRV:64bit: - (vmicheartbeat) -- C:\Windows\SysNative\icsvc.dll (Microsoft Corporation)
SRV:64bit: - (vmicguestinterface) -- C:\Windows\SysNative\icsvc.dll (Microsoft Corporation)
SRV:64bit: - (LSM) -- C:\Windows\SysNative\lsm.dll (Microsoft Corporation)
SRV:64bit: - (smphost) -- C:\Windows\SysNative\smphost.dll (Microsoft Corporation)
SRV:64bit: - (Netlogon) -- C:\Windows\SysNative\netlogon.dll (Microsoft Corporation)
SRV:64bit: - (ScDeviceEnum) -- C:\Windows\SysNative\ScDeviceEnum.dll (Microsoft Corporation)
SRV:64bit: - (KeyIso) -- C:\Windows\SysNative\keyiso.dll (Microsoft Corporation)
SRV:64bit: - (TimeBroker) -- C:\Windows\SysNative\TimeBrokerServer.dll (Microsoft Corporation)
SRV:64bit: - (netprofm) -- C:\Windows\SysNative\netprofmsvc.dll (Microsoft Corporation)
SRV:64bit: - (NcbService) -- C:\Windows\SysNative\ncbservice.dll (Microsoft Corporation)
SRV:64bit: - (VaultSvc) -- C:\Windows\SysNative\vaultsvc.dll (Microsoft Corporation)
SRV:64bit: - (DeviceAssociationService) -- C:\Windows\SysNative\das.dll (Microsoft Corporation)
SRV:64bit: - (AudioEndpointBuilder) -- C:\Windows\SysNative\AudioEndpointBuilder.dll (Microsoft Corporation)
SRV:64bit: - (DsmSvc) -- C:\Windows\SysNative\DeviceSetupManager.dll (Microsoft Corporation)
SRV:64bit: - (NcdAutoSetup) -- C:\Windows\SysNative\NcdAutoSetup.dll (Microsoft Corporation)
SRV:64bit: - (btwdins) -- C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe (Broadcom Corporation.)
SRV:64bit: - (Intel® -- C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe (Intel® Corporation)
SRV:64bit: - (Intel® -- C:\Program Files\Intel\iCLS Client\HeciServer.exe (Intel® Corporation)
SRV:64bit: - (CAISafe) -- C:\Program Files\Total Defense\Internet Security Suite\Anti-Virus\isafe.exe (Computer Associates International, Inc.)
SRV:64bit: - (UmxEngine) -- C:\Program Files\CA\SharedComponents\TMEngine\UmxEngine.exe (CA)
SRV - (AdobeFlashPlayerUpdateSvc) -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe (Adobe Systems Incorporated)
SRV - (McNeelUpdate) -- C:\Program Files (x86)\McNeelUpdate\5.0\McNeelUpdateService.exe (Robert McNeel & Associates)
SRV - (MozillaMaintenance) -- C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe (Mozilla Foundation)
SRV - (NvNetworkService) -- C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe (NVIDIA Corporation)
SRV - (AdobeARMservice) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe (Adobe Systems Incorporated)
SRV - (WinSvchostManagerSrv) -- C:\Windows\SysWOW64\cfgmig32.exe ()
SRV - (lfsvc) -- C:\Windows\SysWOW64\GeofenceMonitorService.dll (Microsoft Corporation)
SRV - (UnsignedThemes) -- C:\Windows\unsignedthemes.exe (The Within Network, LLC)
SRV - (PrintNotify) -- C:\Windows\system32\spool\drivers\x64\3\PrintConfig.dll (Microsoft Corporation)
SRV - (StorSvc) -- C:\Windows\SysWOW64\StorSvc.dll (Microsoft Corporation)
SRV - (smphost) -- C:\Windows\SysWOW64\smphost.dll (Microsoft Corporation)
SRV - (LMS) -- C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe (Intel Corporation)
SRV - (jhi_service) -- C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\Jhi_service.exe (Intel Corporation)
SRV - (Intel® -- C:\Program Files (x86)\Intel\Intel® Management Engine Components\FWService\IntelMeFWService.exe (Intel Corporation)
SRV - (ASLDRService) -- C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\AsLdrSrv.exe (ASUSTek Computer Inc.)
SRV - (CLKMSVC10_38F51D56) -- C:\Program Files (x86)\CyberLink\PowerDVD10\NavFilter\kmsvc.exe (CyberLink)
SRV - (Autodesk Content Service) -- C:\Program Files (x86)\Autodesk\Content Service\Connect.Service.ContentService.exe (Autodesk, Inc.)
SRV - (VRLService) -- C:\ProgramData\ASGVIS\Dongle Utilities\startvrlservice.exe ()
SRV - (BrYNSvc) -- C:\Program Files (x86)\Browny02\BrYNSvc.exe (Brother Industries, Ltd.)
SRV - (ATKGFNEXSrv) -- C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe (ASUS)
SRV - (PDFProFiltSrvPP) -- C:\Program Files (x86)\Nuance\PaperPort\PDFProFiltSrvPP.exe (Nuance Communications, Inc.)
SRV - (SwitchBoard) -- C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe (Adobe Systems Incorporated)
 
 
========== Driver Services (SafeList) ==========
 
DRV:64bit: - (nvvad_WaveExtensible) -- C:\Windows\SysNative\drivers\nvvad64v.sys (NVIDIA Corporation)
DRV:64bit: - (stornvme) -- C:\Windows\SysNative\drivers\stornvme.sys (Microsoft Corporation)
DRV:64bit: - (WFPLWFS) -- C:\Windows\SysNative\drivers\wfplwfs.sys (Microsoft Corporation)
DRV:64bit: - (intelpep) -- C:\Windows\SysNative\drivers\intelpep.sys (Microsoft Corporation)
DRV:64bit: - (USBXHCI) -- C:\Windows\SysNative\drivers\USBXHCI.SYS (Microsoft Corporation)
DRV:64bit: - (pdc) -- C:\Windows\SysNative\drivers\pdc.sys (Microsoft Corporation)
DRV:64bit: - (spaceport) -- C:\Windows\SysNative\drivers\spaceport.sys (Microsoft Corporation)
DRV:64bit: - (WdFilter) -- C:\Windows\SysNative\drivers\WdFilter.sys (Microsoft Corporation)
DRV:64bit: - (WdNisDrv) -- C:\Windows\SysNative\drivers\WdNisDrv.sys (Microsoft Corporation)
DRV:64bit: - (WdBoot) -- C:\Windows\SysNative\drivers\WdBoot.sys (Microsoft Corporation)
DRV:64bit: - (SerCx2) -- C:\Windows\SysNative\drivers\SerCx2.sys (Microsoft Corporation)
DRV:64bit: - (USBHUB3) -- C:\Windows\SysNative\drivers\USBHUB3.SYS (Microsoft Corporation)
DRV:64bit: - (sdbus) -- C:\Windows\SysNative\drivers\sdbus.sys (Microsoft Corporation)
DRV:64bit: - (VerifierExt) -- C:\Windows\SysNative\drivers\VerifierExt.sys (Microsoft Corporation)
DRV:64bit: - (RdpVideoMiniport) -- C:\Windows\SysNative\drivers\rdpvideominiport.sys (Microsoft Corporation)
DRV:64bit: - (terminpt) -- C:\Windows\SysNative\drivers\terminpt.sys (Microsoft Corporation)
DRV:64bit: - (uxstyle) -- C:\Windows\SysNative\drivers\uxstyle.sys (The Within Network, LLC)
DRV:64bit: - (btwampfl) -- C:\Windows\SysNative\drivers\btwampfl.sys (Broadcom Corporation.)
DRV:64bit: - (bcbtums) -- C:\Windows\SysNative\drivers\bcbtums.sys (Broadcom Corporation.)
DRV:64bit: - (condrv) -- C:\Windows\SysNative\drivers\condrv.sys (Microsoft Corporation)
DRV:64bit: - (Fs_Rec) -- C:\WINDOWS\SysNative\drivers\fs_rec.sys (Microsoft Corporation)
DRV:64bit: - (dam) -- C:\Windows\SysNative\drivers\dam.sys (Microsoft Corporation)
DRV:64bit: - (acpiex) -- C:\Windows\SysNative\drivers\acpiex.sys (Microsoft Corporation)
DRV:64bit: - (TPM) -- C:\Windows\SysNative\drivers\tpm.sys (Microsoft Corporation)
DRV:64bit: - (mvumis) -- C:\Windows\SysNative\drivers\mvumis.sys (Marvell Semiconductor, Inc.)
DRV:64bit: - (GPIOClx0101) -- C:\Windows\SysNative\drivers\msgpioclx.sys (Microsoft Corporation)
DRV:64bit: - (msgpiowin32) -- C:\Windows\SysNative\drivers\msgpiowin32.sys (Microsoft Corporation)
DRV:64bit: - (ebdrv) -- C:\Windows\SysNative\drivers\evbda.sys (Broadcom Corporation)
DRV:64bit: - (LSI_SAS2) -- C:\Windows\SysNative\drivers\lsi_sas2.sys (LSI Corporation)
DRV:64bit: - (LSI_SSS) -- C:\Windows\SysNative\drivers\lsi_sss.sys (LSI Corporation)
DRV:64bit: - (HpSAMD) -- C:\Windows\SysNative\drivers\HpSAMD.sys (Hewlett-Packard Company)
DRV:64bit: - (LSI_SAS3) -- C:\Windows\SysNative\drivers\lsi_sas3.sys (LSI Corporation)
DRV:64bit: - (ADP80XX) -- C:\Windows\SysNative\drivers\adp80xx.sys (PMC-Sierra)
DRV:64bit: - (b06bdrv) -- C:\Windows\SysNative\drivers\bxvbda.sys (Broadcom Corporation)
DRV:64bit: - (amdsbs) -- C:\Windows\SysNative\drivers\amdsbs.sys (AMD Technologies Inc.)
DRV:64bit: - (3ware) -- C:\Windows\SysNative\drivers\3ware.sys (LSI)
DRV:64bit: - (amdsata) -- C:\Windows\SysNative\drivers\amdsata.sys (Advanced Micro Devices)
DRV:64bit: - (EhStorTcgDrv) -- C:\Windows\SysNative\drivers\EhStorTcgDrv.sys (Microsoft Corporation)
DRV:64bit: - (EhStorClass) -- C:\Windows\SysNative\drivers\EhStorClass.sys (Microsoft Corporation)
DRV:64bit: - (amdxata) -- C:\Windows\SysNative\drivers\amdxata.sys (Advanced Micro Devices)
DRV:64bit: - (VSTXRAID) -- C:\Windows\SysNative\drivers\VSTXRAID.SYS (VIA Corporation)
DRV:64bit: - (UCX01000) -- C:\Windows\SysNative\drivers\UCX01000.SYS (Microsoft Corporation)
DRV:64bit: - (UASPStor) -- C:\Windows\SysNative\drivers\uaspstor.sys (Microsoft Corporation)
DRV:64bit: - (sdstor) -- C:\Windows\SysNative\drivers\sdstor.sys (Microsoft Corporation)
DRV:64bit: - (stexstor) -- C:\Windows\SysNative\drivers\stexstor.sys (Promise Technology, Inc.)
DRV:64bit: - (storahci) -- C:\Windows\SysNative\drivers\storahci.sys (Microsoft Corporation)
DRV:64bit: - (SpbCx) -- C:\Windows\SysNative\drivers\SpbCx.sys (Microsoft Corporation)
DRV:64bit: - (SerCx) -- C:\Windows\SysNative\drivers\SerCx.sys (Microsoft Corporation)
DRV:64bit: - (wpcfltr) -- C:\Windows\SysNative\drivers\wpcfltr.sys (Microsoft Corporation)
DRV:64bit: - (CLFS) -- C:\Windows\SysNative\drivers\clfs.sys (Microsoft Corporation)
DRV:64bit: - (ReFS) -- C:\WINDOWS\SysNative\drivers\refs.sys (Microsoft Corporation)
DRV:64bit: - (UEFI) -- C:\Windows\SysNative\drivers\uefi.sys (Microsoft Corporation)
DRV:64bit: - (vpci) -- C:\Windows\SysNative\drivers\vpci.sys (Microsoft Corporation)
DRV:64bit: - (WpdUpFltr) -- C:\Windows\SysNative\drivers\WpdUpFltr.sys (Microsoft Corporation)
DRV:64bit: - (WSDPrintDevice) -- C:\Windows\SysNative\drivers\WSDPrint.sys (Microsoft Corporation)
DRV:64bit: - (ahcache) -- C:\Windows\SysNative\drivers\ahcache.sys (Microsoft Corporation)
DRV:64bit: - (WSDScan) -- C:\Windows\SysNative\drivers\WSDScan.sys (Microsoft Corporation)
DRV:64bit: - (BasicDisplay) -- C:\Windows\SysNative\drivers\BasicDisplay.sys (Microsoft Corporation)
DRV:64bit: - (BasicRender) -- C:\Windows\SysNative\drivers\BasicRender.sys (Microsoft Corporation)
DRV:64bit: - (HyperVideo) -- C:\Windows\SysNative\drivers\HyperVideo.sys (Microsoft Corporation)
DRV:64bit: - (mshidumdf) -- C:\Windows\SysNative\drivers\mshidumdf.sys (Microsoft Corporation)
DRV:64bit: - (acpitime) -- C:\Windows\SysNative\drivers\acpitime.sys (Microsoft Corporation)
DRV:64bit: - (acpipagr) -- C:\Windows\SysNative\drivers\acpipagr.sys (Microsoft Corporation)
DRV:64bit: - (BthAvrcpTg) -- C:\Windows\SysNative\drivers\BthAvrcpTg.sys (Microsoft Corporation)
DRV:64bit: - (kdnic) -- C:\Windows\SysNative\drivers\kdnic.sys (Microsoft Corporation)
DRV:64bit: - (gencounter) -- C:\Windows\SysNative\drivers\vmgencounter.sys (Microsoft Corporation)
DRV:64bit: - (npsvctrig) -- C:\Windows\SysNative\drivers\npsvctrig.sys (Microsoft Corporation)
DRV:64bit: - (bthhfhid) -- C:\Windows\SysNative\drivers\BthhfHid.sys (Microsoft Corporation)
DRV:64bit: - (hyperkbd) -- C:\Windows\SysNative\drivers\hyperkbd.sys (Microsoft Corporation)
DRV:64bit: - (TsUsbGD) -- C:\Windows\SysNative\drivers\TsUsbGD.sys (Microsoft Corporation)
DRV:64bit: - (BthHFEnum) -- C:\Windows\SysNative\drivers\bthhfenum.sys (Microsoft Corporation)
DRV:64bit: - (TsUsbFlt) -- C:\Windows\SysNative\drivers\TsUsbFlt.sys (Microsoft Corporation)
DRV:64bit: - (hidi2c) -- C:\Windows\SysNative\drivers\hidi2c.sys (Microsoft Corporation)
DRV:64bit: - (dmvsc) -- C:\Windows\SysNative\drivers\dmvsc.sys (Microsoft Corporation)
DRV:64bit: - (netvsc) -- C:\Windows\SysNative\drivers\netvsc63.sys (Microsoft Corporation)
DRV:64bit: - (BthLEEnum) -- C:\Windows\SysNative\drivers\BthLEEnum.sys (Microsoft Corporation)
DRV:64bit: - (NdisVirtualBus) -- C:\Windows\SysNative\drivers\NdisVirtualBus.sys (Microsoft Corporation)
DRV:64bit: - (NdisImPlatform) -- C:\Windows\SysNative\drivers\NdisImPlatform.sys (Microsoft Corporation)
DRV:64bit: - (MsLldp) -- C:\Windows\SysNative\drivers\mslldp.sys (Microsoft Corporation)
DRV:64bit: - (Ndu) -- C:\Windows\SysNative\drivers\Ndu.sys (Microsoft Corporation)
DRV:64bit: - (StillCam) -- C:\Windows\SysNative\drivers\serscan.sys (Microsoft Corporation)
DRV:64bit: - (FxPPM) -- C:\Windows\SysNative\drivers\fxppm.sys (Microsoft Corporation)
DRV:64bit: - (bcmfn2) -- C:\Windows\SysNative\drivers\bcmfn2.sys (Windows ® Win 7 DDK provider)
DRV:64bit: - (iaStorAV) -- C:\Windows\SysNative\drivers\iaStorAV.sys (Intel Corporation)
DRV:64bit: - (iaLPSSi_GPIO) -- C:\Windows\SysNative\drivers\iaLPSSi_GPIO.sys (Intel Corporation)
DRV:64bit: - (iaLPSSi_I2C) -- C:\Windows\SysNative\drivers\iaLPSSi_I2C.sys (Intel Corporation)
DRV:64bit: - (BCM43XX) -- C:\Windows\SysNative\drivers\BCMWL63a.SYS (Broadcom Corporation)
DRV:64bit: - (L1C) -- C:\Windows\SysNative\drivers\L1C63x64.sys (Qualcomm Atheros Co., Ltd.)
DRV:64bit: - (NVHDA) -- C:\Windows\SysNative\drivers\nvhda64v.sys (NVIDIA Corporation)
DRV:64bit: - (iaStorA) -- C:\Windows\SysNative\drivers\iaStorA.sys (Intel Corporation)
DRV:64bit: - (MEIx64) -- C:\Windows\SysNative\drivers\HECIx64.sys (Intel Corporation)
DRV:64bit: - (ETD) -- C:\Windows\SysNative\drivers\ETD.sys (ELAN Microelectronics Corp.)
DRV:64bit: - (btwavdt) -- C:\Windows\SysNative\drivers\btwavdt.sys (Broadcom Corporation.)
DRV:64bit: - (btwaudio) -- C:\Windows\SysNative\drivers\btwaudio.sys (Broadcom Corporation.)
DRV:64bit: - (btwrchid) -- C:\Windows\SysNative\drivers\btwrchid.sys (Broadcom Corporation.)
DRV:64bit: - (btwpanfl) -- C:\Windows\SysNative\drivers\btwpanfl.sys (Broadcom Corporation.)
DRV:64bit: - (USBAAPL64) -- C:\Windows\SysNative\drivers\usbaapl64.sys (Apple, Inc.)
DRV:64bit: - (AiCharger) -- C:\Windows\SysNative\drivers\AiCharger.sys (ASUSTek Computer Inc.)
DRV:64bit: - (GEARAspiWDM) -- C:\Windows\SysNative\drivers\GEARAspiWDM.sys (GEAR Software Inc.)
DRV:64bit: - (kbfiltr) -- C:\Windows\SysNative\drivers\kbfiltr.sys ( )
DRV:64bit: - (btwl2cap) -- C:\Windows\SysNative\drivers\btwl2cap.sys (Broadcom Corporation.)
DRV:64bit: - (HIDSwitch) -- C:\Windows\SysNative\drivers\AsHIDSwitch64.sys (ASUS)
DRV:64bit: - (KmxAMRT) -- C:\Windows\SysNative\drivers\KmxAMRT.sys (Total Defense)
DRV:64bit: - (KmxAgent) -- C:\Windows\SysNative\drivers\KmxAgent.sys (CA)
DRV:64bit: - (WIBUKEY) -- C:\Windows\SysNative\drivers\WibuKey64.sys (WIBU-SYSTEMS AG)
DRV:64bit: - (KmxCF) -- C:\Windows\SysNative\drivers\KmxCF.sys (CA)
DRV:64bit: - (KmxFw) -- C:\Windows\SysNative\drivers\KmxFw.sys (CA)
DRV:64bit: - (KmxFilter) -- C:\Windows\SysNative\drivers\KmxFilter.sys (CA)
DRV:64bit: - (KmxCfg) -- C:\Windows\SysNative\drivers\KmxCfg.sys (CA)
DRV:64bit: - (KmxFile) -- C:\Windows\SysNative\drivers\KmxFile.sys (CA)
DRV:64bit: - (KmxSbx) -- C:\Windows\SysNative\drivers\KmxSbx.sys (CA)
DRV:64bit: - (Wibukey2_64) -- C:\Windows\SysNative\drivers\wibukey2_64.sys (WIBU-SYSTEMS AG)
DRV:64bit: - (WDC_SAM) -- C:\Windows\SysNative\drivers\wdcsam64.sys (Western Digital Technologies)
DRV - (ATKWMIACPIIO) -- C:\Program Files (x86)\ASUS\ATK Package\ATK WMIACPI\atkwmiacpi64.sys (ASUS)
DRV - (ASMMAP64) -- C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\ASMMAP64.sys (ASUS)
 
 
========== Standard Registry (SafeList) ==========
 
 
========== Internet Explorer ==========
 
IE:64bit: - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE:64bit: - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/...R&pc=ASU2JS
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKLM\..\SearchScopes,DefaultScope =
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/...ms}&FORM=IE8SRC
 
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://asus13.msn.com
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page =
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page =
IE - HKCU\..\SearchScopes,DefaultScope =
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local;<local>
 
========== FireFox ==========
 
FF - prefs.js..extensions.enabledAddons: %7Ba0d7ccb3-214d-498b-b4aa-0e8fda9a7bf7%7D:20131118
FF - prefs.js..extensions.enabledAddons: web2pdfextension%40web2pdf.adobedotcom:1.2
FF - prefs.js..extensions.enabledAddons: %7B972ce4c6-7e08-4474-a285-3208198ce6fd%7D:27.0.1
FF - user.js - File not found
 
FF:64bit: - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\WINDOWS\system32\Macromed\Flash\NPSWF64_12_0_0_77.dll File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.25.2: C:\Windows\system32\npDeployJava1.dll File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.25.2: C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF:64bit: - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files\Microsoft Silverlight\5.1.30214.0\npctrl.dll ( Microsoft Corporation)
FF:64bit: - HKLM\Software\MozillaPlugins\adobe.com/AdobeAAMDetect: C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect64.dll (Adobe Systems)
FF:64bit: - HKLM\Software\MozillaPlugins\adobe.com/AdobeExManDetect: C:\Program Files (x86)\Adobe\Adobe Extension Manager CS6\Win64Plugin\npAdobeExManDetectX64.dll (Adobe Systems)
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_12_0_0_77.dll ()
FF - HKLM\Software\MozillaPlugins\@adobe.com/ShockwavePlayer: C:\Windows\SysWOW64\Adobe\Director\np32dsw_1203133.dll (Adobe Systems, Inc.)
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=:  File not found
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF - HKLM\Software\MozillaPlugins\@Google.com/GoogleEarthPlugin: C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF - HKLM\Software\MozillaPlugins\@intel-webapi.intel.com/Intel WebAPI ipt;version=3.0.72: C:\Program Files (x86)\Intel\Intel® Management Engine Components\IPT\npIntelWebAPIIPT.dll (Intel Corporation)
FF - HKLM\Software\MozillaPlugins\@intel-webapi.intel.com/Intel WebAPI updater: C:\Program Files (x86)\Intel\Intel® Management Engine Components\IPT\npIntelWebAPIUpdater.dll (Intel Corporation)
FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.51.2: C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.51.2: C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files (x86)\Microsoft Silverlight\5.1.30214.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/SharePoint,version=14.0: C:\Program Files\Microsoft Office 15\root\Office15\NPSPWRAP.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=16.4.3505.0912: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files (x86)\Google\Update\1.3.22.5\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files (x86)\Google\Update\1.3.22.5\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@videolan.org/vlc,version=2.0.8: C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF - HKLM\Software\MozillaPlugins\@videolan.org/vlc,version=2.1.3: C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF - HKLM\Software\MozillaPlugins\Adobe Acrobat: C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Air\nppdf32.dll (Adobe Systems Inc.)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF - HKLM\Software\MozillaPlugins\adobe.com/AdobeAAMDetect: C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect32.dll (Adobe Systems)
FF - HKLM\Software\MozillaPlugins\adobe.com/AdobeExManDetect: C:\Program Files (x86)\Adobe\Adobe Extension Manager CS6\npAdobeExManDetectX86.dll (Adobe Systems)
 
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\caaphishtoolbar@ca.com: C:\Program Files\Total Defense\Internet Security Suite\Anti-Phishing\x86\Toolbar\Firefox [2013/10/12 11:02:56 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\web2pdfextension@web2pdf.adobedotcom: C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Browser\WCFirefoxExtn [2014/01/16 21:42:30 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 27.0.1\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 27.0.1\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins
FF - HKEY_LOCAL_MACHINE\software\mozilla\Thunderbird\Extensions\\msktbird@mcafee.com: C:\Program Files\McAfee\MSK
FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Firefox 27.0.1\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components
FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Firefox 27.0.1\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins
 
[2013/08/19 20:12:32 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Shanne\AppData\Roaming\mozilla\Extensions
[2014/02/25 21:26:16 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Shanne\AppData\Roaming\mozilla\Firefox\Profiles\udgv82ly.default-1378347462758\extensions
[2013/11/27 11:34:51 | 000,000,000 | ---D | M] (WOT) -- C:\Users\Shanne\AppData\Roaming\mozilla\Firefox\Profiles\udgv82ly.default-1378347462758\extensions\{a0d7ccb3-214d-498b-b4aa-0e8fda9a7bf7}
[2014/02/25 21:26:16 | 000,957,290 | ---- | M] () (No name found) -- C:\Users\Shanne\AppData\Roaming\mozilla\firefox\profiles\udgv82ly.default-1378347462758\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi
[2014/02/21 01:59:54 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\Mozilla Firefox\browser\extensions
[2014/02/21 01:59:58 | 000,000,000 | ---D | M] (Default) -- C:\Program Files (x86)\Mozilla Firefox\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
[2014/01/16 21:42:30 | 000,000,000 | ---D | M] (Adobe Acrobat - Create PDF) -- C:\PROGRAM FILES (X86)\ADOBE\ACROBAT 10.0\ACROBAT\BROWSER\WCFIREFOXEXTN
 
========== Chrome  ==========
 
CHR - default_search_provider: Google (Enabled)
CHR - default_search_provider: search_url = {google:baseURL}search?q={searchTerms}&{google:RLZ}{google:originalQueryForSuggestion}{google:assistedQueryStats}{google:searchFieldtrialParameter}{google:bookmarkBarPinned}{google:searchClient}{google:sourceId}{google:instantExtendedEnabledParameter}{google:omniboxStartMarginParameter}ie={inputEncoding}
CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client={google:suggestClient}&gs_ri={google:suggestRid}&xssi=t&q={searchTerms}&{google:cursorPosition}{google:currentPageUrl}{google:pageClassification}sugkey={google:suggestAPIKeyParameter},
CHR - plugin: Shockwave Flash (Enabled) = C:\Program Files (x86)\Google\Chrome\Application\33.0.1750.146\PepperFlash\pepflashplayer.dll
CHR - plugin: Chrome Remote Desktop Viewer (Enabled) = internal-remoting-viewer
CHR - plugin: Native Client (Enabled) = C:\Program Files (x86)\Google\Chrome\Application\33.0.1750.146\ppGoogleNaClPluginChrome.dll
CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Program Files (x86)\Google\Chrome\Application\33.0.1750.146\pdf.dll
CHR - plugin: Adobe Acrobat (Enabled) = C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll
CHR - plugin: Google Update (Enabled) = C:\Program Files (x86)\Google\Update\1.3.21.153\npGoogleUpdate3.dll
CHR - plugin:  (Enabled) = C:\Program Files (x86)\Intel\Intel® Management Engine Components\IPT\npIntelWebAPIIPT.dll
CHR - plugin:  (Enabled) = C:\Program Files (x86)\Intel\Intel® Management Engine Components\IPT\npIntelWebAPIUpdater.dll
CHR - plugin: Java™ Platform SE 7 U25 (Enabled) = C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll
CHR - plugin: Silverlight Plug-In (Enabled) = C:\Program Files (x86)\Microsoft Silverlight\5.1.20513.0\npctrl.dll
CHR - plugin: NVIDIA 3D Vision (Enabled) = C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll
CHR - plugin: NVIDIA 3D VISION (Enabled) = C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll
CHR - plugin: VLC Web Plugin (Enabled) = C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll
CHR - plugin: Photo Gallery (Enabled) = C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll
CHR - plugin: iTunes Application Detector (Enabled) = C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll
CHR - plugin: Microsoft Office 2013 (Enabled) = C:\Program Files\Microsoft Office 15\root\Office15\NPSPWRAP.DLL
CHR - plugin: Shockwave for Director (Enabled) = C:\Windows\SysWOW64\Adobe\Director\np32dsw_1203133.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_8_800_94.dll
CHR - plugin: Java Deployment Toolkit 7.0.250.17 (Enabled) = C:\Windows\SysWOW64\npDeployJava1.dll
CHR - Extension: Google Docs = C:\Users\Shanne\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake\0.5_0\
CHR - Extension: Google Drive = C:\Users\Shanne\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\6.3_0\
CHR - Extension: YouTube = C:\Users\Shanne\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.6_0\
CHR - Extension: Google Search = C:\Users\Shanne\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.20_0\
CHR - Extension: AdBlock = C:\Users\Shanne\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom\2.6.18_0\
CHR - Extension: Total Defense Anti-Phishing Toolbar = C:\Users\Shanne\AppData\Local\Google\Chrome\User Data\Default\Extensions\hpdpkkpdlooddakbebmkeeegehfjdnih\2.2.0.33_0\
CHR - Extension: Google Wallet = C:\Users\Shanne\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.6.1_0\
CHR - Extension: Gmail = C:\Users\Shanne\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0\
 
O1 HOSTS File: ([2013/08/22 09:25:41 | 000,000,824 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts
O2:64bit: - BHO: (Lync Browser Helper) - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesX64\Microsoft Office\Office15\OCHelper.dll (Microsoft Corporation)
O2:64bit: - BHO: (ExplorerBHO Class) - {449D0D6E-2412-4E61-B68F-1CB625CD9E52} - C:\Program Files\Classic Shell\ClassicExplorer64.dll (IvoSoft)
O2:64bit: - BHO: (Total Defense Anti-Phishing Toolbar Helper) - {45011CF5-E4A9-4F13-9093-F30A784EB9B2} - C:\Program Files\Total Defense\Internet Security Suite\Anti-Phishing\Toolbar\caIEToolbar.dll (Total Defense, Inc.)
O2:64bit: - BHO: (Java™ Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
O2:64bit: - BHO: (Office Document Cache Handler) - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesX64\Microsoft Office\Office15\URLREDIR.DLL (Microsoft Corporation)
O2:64bit: - BHO: (Microsoft SkyDrive Pro Browser Helper) - {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} - C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesX64\Microsoft Office\Office15\GROOVEEX.DLL (Microsoft Corporation)
O2:64bit: - BHO: (Java™ Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
O2:64bit: - BHO: (ClassicIEBHO Class) - {EA801577-E6AD-4BD5-8F71-4BE0154331A4} - C:\Program Files\Classic Shell\ClassicIEDLL_64.dll (IvoSoft)
O2 - BHO: (ExplorerBHO Class) - {449D0D6E-2412-4E61-B68F-1CB625CD9E52} - C:\Program Files\Classic Shell\ClassicExplorer32.dll (IvoSoft)
O2 - BHO: (Total Defense Anti-Phishing Toolbar Helper) - {45011CF5-E4A9-4F13-9093-F30A784EB9B2} - C:\Program Files\Total Defense\Internet Security Suite\Anti-Phishing\x86\Toolbar\caIEToolbar.dll (Total Defense, Inc.)
O2 - BHO: (PlusIEEventHelper Class) - {551A852F-39A6-44A7-9C13-AFBEC9185A9D} - C:\Program Files (x86)\Nuance\PDF Viewer Plus\bin\PlusIEContextMenu.dll (Zeon Corporation)
O2 - BHO: (Java™ Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
O2 - BHO: (Adobe PDF Conversion Toolbar Helper) - {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O2 - BHO: (Office Document Cache Handler) - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office 15\root\office15\URLREDIR.DLL (Microsoft Corporation)
O2 - BHO: (Java™ Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
O2 - BHO: (ClassicIEBHO Class) - {EA801577-E6AD-4BD5-8F71-4BE0154331A4} - C:\Program Files\Classic Shell\ClassicIEDLL_32.dll (IvoSoft)
O2 - BHO: (SmartSelect Class) - {F4971EE7-DAA0-4053-9964-665D8EE6A077} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O3:64bit: - HKLM\..\Toolbar: (Total Defense Anti-Phishing Toolbar) - {0123B506-0AD9-43AA-B0CF-916C122AD4C5} - C:\Program Files\Total Defense\Internet Security Suite\Anti-Phishing\Toolbar\caIEToolbar.dll (Total Defense, Inc.)
O3:64bit: - HKLM\..\Toolbar: (Classic Explorer Bar) - {553891B7-A0D5-4526-BE18-D3CE461D6310} - C:\Program Files\Classic Shell\ClassicExplorer64.dll (IvoSoft)
O3 - HKLM\..\Toolbar: (Total Defense Anti-Phishing Toolbar) - {0123B506-0AD9-43AA-B0CF-916C122AD4C5} - C:\Program Files\Total Defense\Internet Security Suite\Anti-Phishing\x86\Toolbar\caIEToolbar.dll (Total Defense, Inc.)
O3 - HKLM\..\Toolbar: (Adobe PDF) - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O3 - HKLM\..\Toolbar: (Classic Explorer Bar) - {553891B7-A0D5-4526-BE18-D3CE461D6310} - C:\Program Files\Classic Shell\ClassicExplorer32.dll (IvoSoft)
O3:64bit: - HKCU\..\Toolbar\WebBrowser: (Total Defense Anti-Phishing Toolbar) - {0123B506-0AD9-43AA-B0CF-916C122AD4C5} - C:\Program Files\Total Defense\Internet Security Suite\Anti-Phishing\Toolbar\caIEToolbar.dll (Total Defense, Inc.)
O3 - HKCU\..\Toolbar\WebBrowser: (Total Defense Anti-Phishing Toolbar) - {0123B506-0AD9-43AA-B0CF-916C122AD4C5} - C:\Program Files\Total Defense\Internet Security Suite\Anti-Phishing\x86\Toolbar\caIEToolbar.dll (Total Defense, Inc.)
O4:64bit: - HKLM..\Run: [AdobeAAMUpdater-1.0] C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe (Adobe Systems Incorporated)
O4:64bit: - HKLM..\Run: [cctray] C:\Program Files\Total Defense\Internet Security Suite\casc.exe (Total Defense, Inc.)
O4:64bit: - HKLM..\Run: [Classic Start Menu] C:\Program Files\Classic Shell\ClassicStartMenu.exe (IvoSoft)
O4:64bit: - HKLM..\Run: [ETDCtrl] C:\Program Files\Elantech\ETDCtrl.exe (ELAN Microelectronics Corp.)
O4:64bit: - HKLM..\Run: [Logitech Download Assistant] C:\WINDOWS\SysNative\LogiLDA.dll (Logitech, Inc.)
O4:64bit: - HKLM..\Run: [NvBackend] C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe (NVIDIA Corporation)
O4:64bit: - HKLM..\Run: [Nvtmru] "C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\nvtmru.exe" File not found
O4:64bit: - HKLM..\Run: [RtHDVBg] C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe (Realtek Semiconductor)
O4:64bit: - HKLM..\Run: [RTHDVCPL] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe (Realtek Semiconductor)
O4:64bit: - HKLM..\Run: [ShadowPlay] C:\WINDOWS\SysNative\nvspcap64.dll (NVIDIA Corporation)
O4:64bit: - HKLM..\Run: [UMonit64] C:\Windows\SysWOW64\UMonit64.exe ()
O4 - HKLM..\Run: []  File not found
O4 - HKLM..\Run: [Acrobat Assistant 8.0] C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Acrotray.exe (Adobe Systems Inc.)
O4 - HKLM..\Run: [Adobe Acrobat Speed Launcher] C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Acrobat_sl.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [AdobeCS6ServiceManager] C:\Program Files (x86)\Common Files\Adobe\CS6ServiceManager\CS6ServiceManager.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [APSDaemon] C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe (Apple Inc.)
O4 - HKLM..\Run: [ASUSPRP] C:\Program Files (x86)\ASUS\APRP\APRP.EXE (ASUSTek Computer Inc.)
O4 - HKLM..\Run: [ASUSWebStorage] C:\Program Files (x86)\ASUS\WebStorage Sync Agent\1.1.10.123\AsusWSPanel.exe (ASUS Cloud Corporation)
O4 - HKLM..\Run: [BDRegion] C:\Program Files (x86)\CyberLink\Shared files\brs.exe (cyberlink)
O4 - HKLM..\Run: [BrStsMon00] C:\Program Files (x86)\Browny02\Brother\BrStMonW.exe (Brother Industries, Ltd.)
O4 - HKLM..\Run: [CLMLServer] C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvc.exe (CyberLink)
O4 - HKLM..\Run: [ControlCenter4] C:\Program Files (x86)\ControlCenter4\BrCcBoot.exe (Brother Industries, Ltd.)
O4 - HKLM..\Run: [IndexSearch] C:\Program Files (x86)\Nuance\PaperPort\IndexSearch.exe (Nuance Communications, Inc.)
O4 - HKLM..\Run: [PaperPort PTD] C:\Program Files (x86)\Nuance\PaperPort\pptd40nt.exe (Nuance Communications, Inc.)
O4 - HKLM..\Run: [PDF5 Registry Controller] C:\Program Files (x86)\Nuance\PDF Viewer Plus\RegistryController.exe (Nuance Communications, Inc.)
O4 - HKLM..\Run: [PDFHook] C:\Program Files (x86)\Nuance\PDF Viewer Plus\pdfPro5Hook.exe (Nuance Communications, Inc.)
O4 - HKLM..\Run: [PPort12reminder] C:\Program Files (x86)\Nuance\PaperPort\Ereg\Ereg.exe (Nuance Communications, Inc.)
O4 - HKLM..\Run: [RemoteControl10] C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe (CyberLink Corp.)
O4 - HKLM..\Run: [ROGNB] C:\Program Files (x86)\ASUS Gaming Mouse\hid.exe ()
O4 - HKLM..\Run: [SwitchBoard] C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe (Adobe Systems Incorporated)
O4 - HKCU..\Run: [Akamai NetSession Interface] C:\Users\Shanne\AppData\Local\Akamai\netsession_win.exe (Akamai Technologies, Inc.)
O4 - HKCU..\Run: [Autodesk Sync] C:\Program Files\Autodesk\Autodesk Sync\AdSync.exe (Autodesk, Inc.)
O4 - HKCU..\Run: [ISUSPM] C:\ProgramData\FLEXnet\Connect\11\ISUSPM.exe (Acresso Corporation)
O4 - HKCU..\Run: [Power2GoExpress] C:\Program Files (x86)\CyberLink\Power2Go\Power2GoExpress.exe (CyberLink Corp.)
O4 - Startup: C:\Users\Shanne\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk = C:\Users\Shanne\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
O4 - Startup: C:\Users\Shanne\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Rainmeter.lnk = C:\Program Files\Rainmeter\Rainmeter.exe ()
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableCursorSuppression = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer:  =
O8:64bit: - Extra context menu item: E&xport to Microsoft Excel - C:\Program Files\Microsoft Office 15\Root\Office15\EXCEL.EXE (Microsoft Corporation)
O8:64bit: - Extra context menu item: Se&nd to OneNote - C:\Program Files\Microsoft Office 15\Root\Office15\ONBttnIE.dll (Microsoft Corporation)
O8 - Extra context menu item: E&xport to Microsoft Excel - C:\Program Files\Microsoft Office 15\Root\Office15\EXCEL.EXE (Microsoft Corporation)
O8 - Extra context menu item: Se&nd to OneNote - C:\Program Files\Microsoft Office 15\Root\Office15\ONBttnIE.dll (Microsoft Corporation)
O9:64bit: - Extra Button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesX64\Microsoft Office\Office15\ONBttnIE.dll (Microsoft Corporation)
O9:64bit: - Extra 'Tools' menuitem : Se&nd to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesX64\Microsoft Office\Office15\ONBttnIE.dll (Microsoft Corporation)
O9:64bit: - Extra Button: Lync Click to Call - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesX64\Microsoft Office\Office15\OCHelper.dll (Microsoft Corporation)
O9:64bit: - Extra 'Tools' menuitem : Lync Click to Call - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesX64\Microsoft Office\Office15\OCHelper.dll (Microsoft Corporation)
O9:64bit: - Extra 'Tools' menuitem : Classic IE Settings - {56753E59-AF1D-4FBA-9E15-31557124ADA2} - C:\Program Files\Classic Shell\ClassicIE_32.exe (IvoSoft)
O9:64bit: - Extra Button: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesX64\Microsoft Office\Office15\ONBttnIELinkedNotes.dll (Microsoft Corporation)
O9:64bit: - Extra 'Tools' menuitem : OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesX64\Microsoft Office\Office15\ONBttnIELinkedNotes.dll (Microsoft Corporation)
O9 - Extra Button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office 15\root\office15\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : Se&nd to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office 15\root\office15\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : Classic IE Settings - {56753E59-AF1D-4FBA-9E15-31557124ADA2} - C:\Program Files\Classic Shell\ClassicIE_32.exe (IvoSoft)
O9 - Extra Button: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office 15\root\office15\ONBttnIELinkedNotes.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office 15\root\office15\ONBttnIELinkedNotes.dll (Microsoft Corporation)
O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000008 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000001 - C:\WINDOWS\SysNative\VetRedir64.dll (Computer Associates International, Inc.)
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000002 - C:\WINDOWS\SysNative\VetRedir64.dll (Computer Associates International, Inc.)
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000003 - C:\WINDOWS\SysNative\VetRedir64.dll (Computer Associates International, Inc.)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000008 [] - C:\Program Files (x86)\Bonjour\mdnsNSP.dll (Apple Inc.)
O1364bit: - gopher Prefix: missing
O13 - gopher Prefix: missing
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.2.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{3B7C03B4-6E91-4406-BB5D-B7AA964AEF23}: DhcpNameServer = 192.168.2.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{900A7FEC-591F-4F28-9710-9ECB26A4BBF6}: DhcpNameServer = 8.8.8.8 4.2.2.1 192.168.1.1
O18:64bit: - Protocol\Handler\osf - No CLSID value found
O18:64bit: - Protocol\Handler\wlpg - No CLSID value found
O18 - Protocol\Handler\osf {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office 15\root\office15\MSOSB.DLL (Microsoft Corporation)
O20:64bit: - AppInit_DLLs: (UmxSbxExA64.dll) - C:\WINDOWS\SysNative\UmxSbxExA64.dll (CA)
O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\WINDOWS\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (userinit.exe) - C:\WINDOWS\SysWow64\userinit.exe (Microsoft Corporation)
O20 - Winlogon\Notify\PFW: DllName - (UmxWnp.Dll) - C:\WINDOWS\SysWow64\UmxWNP.dll (CA)
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O30 - LSA: Security Packages - (livessp) -  File not found
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2013/10/10 00:59:27 | 000,000,000 | ---D | M] - C:\Autodesk -- [ NTFS ]
O34 - HKLM BootExecute: (autocheck autochk *)
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)
 
NetSvcs:64bit: lfsvc - C:\Windows\SysNative\GeofenceMonitorService.dll (Microsoft Corporation)
NetSvcs:64bit: wlidsvc - C:\Windows\SysNative\wlidsvc.dll (Microsoft Corporation)
NetSvcs:64bit: DsmSvc - C:\Windows\SysNative\DeviceSetupManager.dll (Microsoft Corporation)
NetSvcs:64bit: NcaSvc - C:\Windows\SysNative\NcaSvc.dll (Microsoft Corporation)
 
Drivers32:64bit: msacm.l3acm - C:\Windows\System32\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32: msacm.l3acm - C:\Windows\SysWOW64\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32: vidc.cvid - C:\WINDOWS\SysWow64\iccvid.dll (Radius Inc.)
 
CREATERESTOREPOINT
Restore point Set: OTL Restore Point
 
========== Files/Folders - Created Within 30 Days ==========
 
[2014/03/14 13:08:49 | 000,000,000 | ---D | C] -- C:\Users\Shanne\AppData\Roaming\netfabb
[2014/03/14 01:37:06 | 000,000,000 | ---D | C] -- C:\Users\Shanne\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\netfabb Basic
[2014/03/14 01:37:06 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\netfabb Basic
[2014/03/14 01:37:05 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\netfabb
[2014/03/14 01:36:36 | 000,000,000 | -HSD | C] -- C:\WINDOWS\SysWow64\AI_RecycleBin
[2014/03/14 01:36:22 | 000,000,000 | ---D | C] -- C:\Users\Shanne\AppData\Roaming\MecSoft
[2014/03/14 01:36:21 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VisualCADCAM 2014
[2014/03/14 01:36:21 | 000,000,000 | ---D | C] -- C:\ProgramData\MecSoft Corporation
[2014/03/14 01:36:21 | 000,000,000 | ---D | C] -- C:\Program Files\MecSoft Corporation
[2014/03/12 14:11:11 | 000,236,888 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\WdFilter.sys
[2014/03/12 14:11:09 | 000,035,856 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\WdBoot.sys
[2014/03/12 14:11:08 | 000,124,760 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\WdNisDrv.sys
[2014/03/12 13:23:41 | 000,139,776 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\poqexec.exe
[2014/03/12 13:23:41 | 000,124,416 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\poqexec.exe
[2014/03/12 12:27:52 | 001,643,584 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\winload.efi
[2014/03/12 12:27:51 | 001,507,704 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\winload.exe
[2014/03/12 12:27:28 | 000,218,624 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\ie4uinit.exe
[2014/03/12 12:27:24 | 005,768,704 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\jscript9.dll
[2014/03/12 12:27:21 | 000,627,200 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\msfeeds.dll
[2014/03/12 12:27:12 | 000,817,664 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\ieapfltr.dll
[2014/03/12 12:27:10 | 000,703,488 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\ieapfltr.dll
[2014/03/12 12:26:54 | 006,640,640 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\mstscax.dll
[2014/03/12 12:26:53 | 005,770,752 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\mstscax.dll
[2014/03/12 12:26:53 | 002,133,208 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\mfcore.dll
[2014/03/12 12:26:52 | 002,143,960 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\mfcore.dll
[2014/03/12 12:26:52 | 001,928,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\combase.dll
[2014/03/12 12:26:51 | 004,175,360 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\dbgeng.dll
[2014/03/12 12:26:51 | 001,371,824 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\combase.dll
[2014/03/12 12:26:51 | 001,287,064 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\kernel32.dll
[2014/03/12 12:26:51 | 000,764,864 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\mfmpeg2srcsnk.dll
[2014/03/12 12:26:51 | 000,669,352 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\mfmpeg2srcsnk.dll
[2014/03/12 12:26:50 | 002,873,344 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\dbgeng.dll
[2014/03/12 12:26:50 | 001,486,848 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\dbghelp.dll
[2014/03/12 12:26:50 | 001,238,016 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\dbghelp.dll
[2014/03/12 12:26:50 | 001,057,280 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\rdvidcrl.dll
[2014/03/12 12:26:50 | 000,458,616 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\WerFault.exe
[2014/03/12 12:26:50 | 000,408,480 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\WerFault.exe
[2014/03/12 12:26:50 | 000,407,024 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\Faultrep.dll
[2014/03/12 12:26:50 | 000,369,280 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\Faultrep.dll
[2014/03/12 12:26:50 | 000,249,856 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\rdpencom.dll
[2014/03/12 12:26:50 | 000,233,920 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\mfps.dll
[2014/03/12 12:26:50 | 000,208,896 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\rdpencom.dll
[2014/03/12 12:26:50 | 000,160,256 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\DWWIN.EXE
[2014/03/12 12:26:49 | 000,855,552 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\rdvidcrl.dll
[2014/03/12 12:26:49 | 000,447,488 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\sppcomapi.dll
[2014/03/12 12:26:49 | 000,138,752 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\DWWIN.EXE
[2014/03/12 12:26:49 | 000,064,512 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\tsgqec.dll
[2014/03/12 12:26:49 | 000,053,248 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\tsgqec.dll
[2014/03/12 12:26:39 | 000,586,240 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\qedit.dll
[2014/03/12 12:26:39 | 000,488,448 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\qedit.dll
[2014/03/07 18:01:25 | 000,000,000 | ---D | C] -- C:\Users\Shanne\Documents\World Machine Documents
[2014/03/07 18:01:25 | 000,000,000 | ---D | C] -- C:\Users\Shanne\AppData\Roaming\World Machine 2.2 Basic
[2014/03/07 15:41:39 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\World Machine 2 Basic Edition
[2014/03/07 15:41:38 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\World Machine 2 Basic
[2014/02/27 21:12:11 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes
[2014/02/27 21:11:29 | 000,000,000 | ---D | C] -- C:\Program Files\iTunes
[2014/02/27 21:11:29 | 000,000,000 | ---D | C] -- C:\Program Files\iPod
[2014/02/27 21:11:29 | 000,000,000 | ---D | C] -- C:\ProgramData\34BE82C4-E596-4e99-A191-52C6199EBF69
[2014/02/27 20:59:42 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\QuickTime
[2014/02/27 20:59:37 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\QuickTime
[2014/02/26 15:02:26 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Climate Consultant 5.5
[2014/02/26 15:02:20 | 000,000,000 | ---D | C] -- C:\Climate5.5
[2014/02/26 14:54:12 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Blender Foundation
[2014/02/26 14:53:49 | 000,000,000 | ---D | C] -- C:\Program Files\Blender Foundation
[2014/02/24 01:44:49 | 000,000,000 | ---D | C] -- C:\WINDOWS\Minidump
[2014/02/21 01:59:54 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Mozilla Firefox
[2014/02/19 23:50:56 | 000,637,952 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\SettingSyncHost.exe
[2014/02/19 23:50:56 | 000,584,192 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\SettingSyncCore.dll
[2014/02/19 23:50:56 | 000,479,744 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\SettingSyncHost.exe
[2014/02/19 23:50:55 | 000,744,448 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\SettingSyncCore.dll
[2014/02/19 23:50:49 | 003,210,528 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\msmpeg2vdec.dll
[2014/02/19 23:50:48 | 018,577,920 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\Windows.UI.Xaml.dll
[2014/02/19 23:50:48 | 002,804,528 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\msmpeg2vdec.dll
[2014/02/19 23:50:43 | 013,925,888 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\Windows.UI.Xaml.dll
[2014/02/19 23:50:43 | 002,617,344 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\authui.dll
[2014/02/19 23:50:42 | 001,399,176 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\winmde.dll
[2014/02/19 23:50:40 | 002,295,808 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\authui.dll
[2014/02/19 23:50:40 | 001,374,384 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\wmpmde.dll
[2014/02/19 23:50:39 | 001,204,968 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\winmde.dll
[2014/02/19 23:50:39 | 000,282,112 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\SystemEventsBrokerServer.dll
[2014/02/19 23:50:39 | 000,263,168 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\bisrv.dll
[2014/02/19 23:50:38 | 000,809,872 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\mfmp4srcsnk.dll
[2014/02/19 23:50:38 | 000,202,240 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\ubpm.dll
[2014/02/19 23:50:38 | 000,032,088 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\ploptin.dll
[2014/02/19 23:50:37 | 001,415,680 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\lsasrv.dll
[2014/02/19 23:50:37 | 000,745,336 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\oleaut32.dll
[2014/02/19 23:50:37 | 000,663,680 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\mfmp4srcsnk.dll
[2014/02/19 23:50:37 | 000,470,016 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\mfds.dll
[2014/02/19 23:50:37 | 000,461,824 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\XpsGdiConverter.dll
[2014/02/19 23:50:37 | 000,273,408 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\Windows.Graphics.dll
[2014/02/19 23:50:37 | 000,136,704 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\psmsrv.dll
[2014/02/19 23:50:36 | 000,589,824 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\rastls.dll
[2014/02/19 23:50:36 | 000,433,664 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\mfds.dll
[2014/02/19 23:50:36 | 000,306,688 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\msieftp.dll
[2014/02/19 23:50:36 | 000,218,112 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\Windows.Graphics.dll
[2014/02/19 23:50:35 | 001,227,264 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\mispace.dll
[2014/02/19 23:50:35 | 000,980,480 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\mispace.dll
[2014/02/19 23:50:35 | 000,513,536 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\rastls.dll
[2014/02/19 23:50:35 | 000,336,384 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\XpsGdiConverter.dll
[2014/02/19 23:50:35 | 000,273,920 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\msieftp.dll
[2014/02/19 23:50:35 | 000,024,064 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\bi.dll
[2014/02/19 23:50:35 | 000,019,456 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\BtaMPM.sys
[2014/02/19 23:50:34 | 000,207,872 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\deviceregistration.dll
 
========== Files - Modified Within 30 Days ==========
 
[2014/03/18 00:55:53 | 000,863,592 | ---- | M] () -- C:\WINDOWS\SysNative\PerfStringBackup.INI
[2014/03/18 00:55:53 | 000,735,932 | ---- | M] () -- C:\WINDOWS\SysNative\perfh009.dat
[2014/03/18 00:55:53 | 000,139,816 | ---- | M] () -- C:\WINDOWS\SysNative\perfc009.dat
[2014/03/18 00:55:05 | 000,000,928 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job
[2014/03/18 00:54:24 | 000,000,074 | ---- | M] () -- C:\Users\Shanne\AppData\Roaming\sp_data.sys
[2014/03/18 00:53:22 | 000,067,584 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2014/03/18 00:51:19 | 268,435,456 | -HS- | M] () -- C:\swapfile.sys
[2014/03/18 00:51:17 | 1648,771,070 | -HS- | M] () -- C:\hiberfil.sys
[2014/03/17 03:30:00 | 000,000,830 | ---- | M] () -- C:\WINDOWS\tasks\Adobe Flash Player Updater.job
[2014/03/17 03:21:00 | 000,000,932 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job
[2014/03/17 00:02:41 | 000,000,500 | ---- | M] () -- C:\WINDOWS\SysWow64\drivers\iczgzv_594.set
[2014/03/17 00:02:41 | 000,000,500 | ---- | M] () -- C:\WINDOWS\SysWow64\drivers\deqordi266.dat
[2014/03/17 00:02:41 | 000,000,500 | ---- | M] () -- C:\WINDOWS\d_kenkpm233.ini
[2014/03/14 22:13:30 | 024,416,926 | ---- | M] () -- C:\Users\Shanne\Desktop\RhinoCrashDump.3dm
[2014/03/14 13:11:38 | 000,054,184 | ---- | M] () -- C:\Users\Shanne\Desktop\BASED.stl
[2014/03/14 13:08:23 | 000,345,384 | ---- | M] () -- C:\Users\Shanne\Desktop\BRAAAH.stl
[2014/03/14 01:36:31 | 000,002,150 | ---- | M] () -- C:\Users\Public\Desktop\VisualCADCAM 2014.lnk
[2014/03/13 03:37:54 | 006,470,409 | ---- | M] () -- C:\WINDOWS\SysNative\drivers\kmxcfg.u2k0
[2014/03/13 03:37:54 | 000,794,540 | ---- | M] () -- C:\WINDOWS\SysNative\drivers\KmxAgent.asc
[2014/03/13 03:37:54 | 000,000,585 | ---- | M] () -- C:\WINDOWS\SysNative\drivers\kmxzone.u2k0
[2014/03/13 03:37:54 | 000,000,085 | ---- | M] () -- C:\WINDOWS\SysNative\drivers\kmxcfg.u2k7
[2014/03/13 03:37:54 | 000,000,085 | ---- | M] () -- C:\WINDOWS\SysNative\drivers\kmxcfg.u2k6
[2014/03/13 03:37:54 | 000,000,085 | ---- | M] () -- C:\WINDOWS\SysNative\drivers\kmxcfg.u2k5
[2014/03/13 03:37:54 | 000,000,085 | ---- | M] () -- C:\WINDOWS\SysNative\drivers\kmxcfg.u2k4
[2014/03/13 03:37:54 | 000,000,085 | ---- | M] () -- C:\WINDOWS\SysNative\drivers\kmxcfg.u2k3
[2014/03/13 03:37:54 | 000,000,085 | ---- | M] () -- C:\WINDOWS\SysNative\drivers\kmxcfg.u2k2
[2014/03/13 03:37:54 | 000,000,085 | ---- | M] () -- C:\WINDOWS\SysNative\drivers\kmxcfg.u2k1
[2014/03/13 03:37:54 | 000,000,049 | ---- | M] () -- C:\WINDOWS\SysNative\drivers\kmxzone.u2k7
[2014/03/13 03:37:54 | 000,000,049 | ---- | M] () -- C:\WINDOWS\SysNative\drivers\kmxzone.u2k6
[2014/03/13 03:37:54 | 000,000,049 | ---- | M] () -- C:\WINDOWS\SysNative\drivers\kmxzone.u2k5
[2014/03/13 03:37:54 | 000,000,049 | ---- | M] () -- C:\WINDOWS\SysNative\drivers\kmxzone.u2k4
[2014/03/13 03:37:54 | 000,000,049 | ---- | M] () -- C:\WINDOWS\SysNative\drivers\kmxzone.u2k3
[2014/03/13 03:37:54 | 000,000,049 | ---- | M] () -- C:\WINDOWS\SysNative\drivers\kmxzone.u2k2
[2014/03/13 03:37:54 | 000,000,049 | ---- | M] () -- C:\WINDOWS\SysNative\drivers\kmxzone.u2k1
[2014/03/12 14:07:29 | 005,070,624 | ---- | M] () -- C:\WINDOWS\SysNative\FNTCACHE.DAT
[2014/03/10 19:09:31 | 000,001,100 | ---- | M] () -- C:\Users\Public\Desktop\Rhinoceros 5 (64-bit).lnk
[2014/03/05 14:23:20 | 000,000,000 | -H-- | M] () -- C:\WINDOWS\SysNative\drivers\Msft_User_LocationProvider_01_11_00.Wdf
[2014/03/04 18:53:05 | 000,105,464 | ---- | M] (Adobe Systems Incorporated) -- C:\WINDOWS\SysWow64\FlashPlayerCPLApp.cpl
[2014/03/04 18:53:04 | 000,693,240 | ---- | M] (Adobe Systems Incorporated) -- C:\WINDOWS\SysWow64\FlashPlayerApp.exe
[2014/03/01 00:17:43 | 000,218,624 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\ie4uinit.exe
[2014/02/28 23:54:33 | 005,768,704 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\jscript9.dll
[2014/02/28 23:42:12 | 000,627,200 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\msfeeds.dll
[2014/02/28 22:25:42 | 000,703,488 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\ieapfltr.dll
[2014/02/28 22:25:22 | 000,817,664 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\ieapfltr.dll
[2014/02/22 08:16:06 | 000,139,776 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\poqexec.exe
[2014/02/22 07:24:08 | 000,124,416 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\poqexec.exe
 
========== Files Created - No Company Name ==========
 
[2014/03/14 22:13:30 | 024,416,926 | ---- | C] () -- C:\Users\Shanne\Desktop\RhinoCrashDump.3dm
[2014/03/14 13:11:38 | 000,054,184 | ---- | C] () -- C:\Users\Shanne\Desktop\BASED.stl
[2014/03/14 13:08:23 | 000,345,384 | ---- | C] () -- C:\Users\Shanne\Desktop\BRAAAH.stl
[2014/03/14 01:36:31 | 000,002,150 | ---- | C] () -- C:\Users\Public\Desktop\VisualCADCAM 2014.lnk
[2014/03/12 12:26:49 | 000,386,722 | ---- | C] () -- C:\WINDOWS\SysNative\ApnDatabase.xml
[2014/03/10 19:09:31 | 000,001,100 | ---- | C] () -- C:\Users\Public\Desktop\Rhinoceros 5 (64-bit).lnk
[2014/03/05 14:23:20 | 000,000,000 | -H-- | C] () -- C:\WINDOWS\SysNative\drivers\Msft_User_LocationProvider_01_11_00.Wdf
[2014/01/16 21:43:31 | 000,103,936 | ---- | C] () -- C:\WINDOWS\SysWow64\OEMLicense.dll
[2014/01/12 02:17:13 | 000,000,500 | ---- | C] () -- C:\WINDOWS\SysWow64\drivers\deqordi266.dat
[2014/01/12 02:17:13 | 000,000,500 | ---- | C] () -- C:\WINDOWS\d_kenkpm233.ini
[2014/01/12 02:17:13 | 000,000,400 | ---- | C] () -- C:\WINDOWS\i_kenkpm590.ini
[2014/01/12 02:17:13 | 000,000,400 | ---- | C] () -- C:\WINDOWS\SysWow64\drivers\feqordi387.dat
[2013/11/18 16:48:30 | 000,000,132 | ---- | C] () -- C:\Users\Shanne\AppData\Roaming\Adobe AIFF Format CS6 Prefs
[2013/10/10 00:45:14 | 001,424,904 | ---- | C] () -- C:\WINDOWS\SysWow64\cfgmig32.dll
[2013/10/10 00:45:14 | 000,265,736 | ---- | C] () -- C:\WINDOWS\SysWow64\cfgmig32.exe
[2013/10/10 00:45:07 | 003,213,712 | ---- | C] () -- C:\WINDOWS\SysWow64\mdmcls32.exe
[2013/10/10 00:45:07 | 001,755,536 | ---- | C] () -- C:\WINDOWS\SysWow64\winsflt.dll
[2013/10/10 00:45:06 | 000,291,728 | ---- | C] () -- C:\WINDOWS\SysWow64\winsfinst_x64.exe
[2013/09/27 23:31:21 | 000,000,153 | ---- | C] () -- C:\ProgramData\Microsoft.SqlServer.Compact.351.32.bc
[2013/09/07 00:35:59 | 000,000,000 | ---- | C] () -- C:\WINDOWS\BRPARAM.INI
[2013/09/02 11:07:05 | 000,000,776 | ---- | C] () -- C:\WINDOWS\Brpfx04a.ini
[2013/09/02 11:07:05 | 000,000,064 | ---- | C] () -- C:\WINDOWS\brpcfx.ini
[2013/09/02 11:06:25 | 000,000,066 | ---- | C] () -- C:\WINDOWS\Brfaxrx.ini
[2013/09/02 11:06:25 | 000,000,000 | ---- | C] () -- C:\WINDOWS\brdfxspd.dat
[2013/09/02 11:06:10 | 000,045,056 | ---- | C] () -- C:\WINDOWS\SysWow64\BRTCPCON.DLL
[2013/09/02 11:06:06 | 000,000,114 | ---- | C] () -- C:\WINDOWS\SysWow64\BRLMW03A.INI
[2013/08/22 11:36:43 | 000,215,943 | ---- | C] () -- C:\WINDOWS\SysWow64\dssec.dat
[2013/08/22 11:36:42 | 000,000,741 | ---- | C] () -- C:\WINDOWS\SysWow64\NOISE.DAT
[2013/08/22 10:46:23 | 000,067,584 | --S- | C] () -- C:\WINDOWS\bootstat.dat
[2013/08/22 03:01:23 | 000,043,131 | ---- | C] () -- C:\WINDOWS\mib.bin
[2013/08/21 23:32:36 | 000,046,080 | ---- | C] () -- C:\WINDOWS\SysWow64\BWContextHandler.dll
[2013/08/21 19:55:20 | 000,364,544 | ---- | C] () -- C:\WINDOWS\SysWow64\msjetoledb40.dll
[2013/08/21 19:52:39 | 000,673,088 | ---- | C] () -- C:\WINDOWS\SysWow64\mlang.dat
[2013/08/20 14:25:57 | 004,110,736 | ---- | C] () -- C:\WINDOWS\SysWow64\win32cpr.dll
[2013/08/20 14:25:57 | 002,763,152 | ---- | C] () -- C:\WINDOWS\SysWow64\svcprs32.exe
[2013/08/20 14:25:57 | 000,100,752 | ---- | C] () -- C:\WINDOWS\SysWow64\winsfinst.exe
[2013/08/19 20:22:31 | 000,007,597 | ---- | C] () -- C:\Users\Shanne\AppData\Local\resmon.resmoncfg
[2013/08/19 20:06:45 | 000,000,074 | ---- | C] () -- C:\Users\Shanne\AppData\Roaming\sp_data.sys
[2013/05/25 01:00:38 | 000,172,097 | ---- | C] () -- C:\WINDOWS\SysWow64\NoMSGuninstall.exe
[2013/05/25 01:00:38 | 000,040,960 | ---- | C] () -- C:\WINDOWS\SysWow64\UMonit64.exe
[2013/05/25 01:00:38 | 000,001,519 | ---- | C] () -- C:\WINDOWS\SysWow64\_IconCfg0.ini
[2013/05/25 01:00:38 | 000,000,911 | ---- | C] () -- C:\WINDOWS\SysWow64\ProductName.ini
[2013/05/25 01:00:38 | 000,000,213 | ---- | C] () -- C:\WINDOWS\SysWow64\IconCfg0.ini
[2013/02/13 15:27:54 | 000,001,536 | ---- | C] () -- C:\WINDOWS\SysWow64\IusEventLog.dll
[2012/11/27 14:26:00 | 000,024,576 | ---- | C] () -- C:\ProgramData\SetStretch.exe
[2012/11/27 14:26:00 | 000,000,256 | ---- | C] () -- C:\ProgramData\SetStretch.cmd
[2012/11/27 14:26:00 | 000,000,103 | ---- | C] () -- C:\ProgramData\SetStretch.VBS
[2012/07/25 16:22:56 | 000,267,284 | ---- | C] () -- C:\WINDOWS\SysWow64\igvpkrng600.bin
[2012/07/25 16:22:54 | 000,963,376 | ---- | C] () -- C:\WINDOWS\SysWow64\igcodeckrng600.bin
 
========== ZeroAccess Check ==========
 
 
[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
 
[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
 
[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] /64
 
[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
"" = C:\Windows\SysNative\shell32.dll -- [2013/11/23 07:49:06 | 021,196,664 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
 
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2013/11/23 04:19:35 | 018,642,504 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\fastprox.dll -- [2013/08/22 05:49:49 | 000,921,088 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
 
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2013/08/21 22:45:10 | 000,691,712 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\wbemess.dll -- [2013/08/22 05:45:17 | 000,483,840 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both
 
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]
 
========== LOP Check ==========
 
[2014/01/27 21:20:21 | 000,000,000 | ---D | M] -- C:\Users\Shanne\AppData\Roaming\Arduino
[2013/08/19 20:08:37 | 000,000,000 | ---D | M] -- C:\Users\Shanne\AppData\Roaming\ASUS
[2013/08/19 20:08:40 | 000,000,000 | ---D | M] -- C:\Users\Shanne\AppData\Roaming\ASUS WebStorage
[2013/10/22 23:03:07 | 000,000,000 | ---D | M] -- C:\Users\Shanne\AppData\Roaming\Autodesk
[2014/03/18 00:54:34 | 000,000,000 | ---D | M] -- C:\Users\Shanne\AppData\Roaming\ClassicShell
[2013/09/18 04:33:39 | 000,000,000 | ---D | M] -- C:\Users\Shanne\AppData\Roaming\ControlCenter4
[2014/03/18 00:53:43 | 000,000,000 | ---D | M] -- C:\Users\Shanne\AppData\Roaming\Dropbox
[2014/01/10 13:40:45 | 000,000,000 | ---D | M] -- C:\Users\Shanne\AppData\Roaming\DropboxMaster
[2014/03/14 22:13:33 | 000,000,000 | ---D | M] -- C:\Users\Shanne\AppData\Roaming\McNeel
[2014/03/14 01:36:22 | 000,000,000 | ---D | M] -- C:\Users\Shanne\AppData\Roaming\MecSoft
[2014/03/14 13:08:49 | 000,000,000 | ---D | M] -- C:\Users\Shanne\AppData\Roaming\netfabb
[2013/09/06 23:58:17 | 000,000,000 | ---D | M] -- C:\Users\Shanne\AppData\Roaming\Nuance
[2013/09/06 23:52:29 | 000,000,000 | ---D | M] -- C:\Users\Shanne\AppData\Roaming\PC-FAX TX
[2014/01/02 00:00:59 | 000,000,000 | ---D | M] -- C:\Users\Shanne\AppData\Roaming\Rainmeter
[2013/11/01 13:53:41 | 000,000,000 | ---D | M] -- C:\Users\Shanne\AppData\Roaming\StageManager.BD092818F67280F4B42B04877600987F0111B594.1
[2014/01/01 05:44:27 | 000,000,000 | ---D | M] -- C:\Users\Shanne\AppData\Roaming\uTorrent
[2014/03/07 18:01:25 | 000,000,000 | ---D | M] -- C:\Users\Shanne\AppData\Roaming\World Machine 2.2 Basic
 
========== Purity Check ==========
 
 
 
========== Custom Scans ==========
 
< %USERPROFILE%\..|smtmp;true;true;true /FP >
 
< %temp%\smtmp\*.* /s > >
 
< MD5 for: EXPLORER.ADML  >
[2013/09/29 23:48:10 | 000,003,671 | ---- | M] () MD5=007B16AEF3E958080573CDB80648167D -- C:\Windows\WinSxS\amd64_microsoft-windows-s..ouppolicy.resources_31bf3856ad364e35_6.3.9600.16384_en-us_13bedf9d3e4c78d1\Explorer.adml
 
< MD5 for: EXPLORER.ADMX  >
[2013/06/18 10:57:40 | 000,003,836 | ---- | M] () MD5=AD131A834808E6AFF4A3918DE05BFCF6 -- C:\Windows\WinSxS\amd64_microsoft-windows-shell-grouppolicy_31bf3856ad364e35_6.3.9600.16384_none_067909bec4cce684\Explorer.admx
 
< MD5 for: EXPLORER.EXE  >
[2013/11/28 02:29:08 | 002,065,448 | ---- | M] (Microsoft Corporation) MD5=1A0BC9598E4A58FC84570FFF5A108E58 -- C:\Windows\SysWOW64\explorer.exe
[2013/11/28 02:29:08 | 002,065,448 | ---- | M] (Microsoft Corporation) MD5=1A0BC9598E4A58FC84570FFF5A108E58 -- C:\Windows\WinSxS\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.3.9600.16441_none_4ceff22781f6788c\explorer.exe
[2013/12/05 00:24:09 | 000,133,444 | ---- | M] () MD5=3DDF61E1B538A1205612192A61CC2376 -- C:\Windows\WinSxS\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.3.9600.16408_none_42cd898b4d6ef82e\explorer.exe
[2013/11/28 02:29:08 | 002,328,872 | ---- | M] (Microsoft Corporation) MD5=63DC38C3E4564B2405D562855643ABA2 -- C:\Windows\explorer.exe
[2013/11/28 02:29:08 | 002,328,872 | ---- | M] (Microsoft Corporation) MD5=63DC38C3E4564B2405D562855643ABA2 -- C:\Windows\WinSxS\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.3.9600.16441_none_429b47d54d95b691\explorer.exe
[2013/12/06 01:57:48 | 000,127,825 | ---- | M] () MD5=983D8A3EB94B05A199D3744C0F0C475F -- C:\Windows\WinSxS\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.3.9600.16408_none_4d2233dd81cfba29\explorer.exe
 
< MD5 for: EXPLORER.EXE.CONFIG  >
[2009/02/26 02:50:32 | 000,000,176 | ---- | M] () MD5=E1FD9DE48AF5D7652AA31BBE914F54B8 -- C:\Windows\explorer.exe.config
 
< MD5 for: EXPLORER.EXE.LOG  >
[2014/03/08 00:27:30 | 000,001,284 | ---- | M] () MD5=579452E0A50DA99176677D31C572F637 -- C:\Users\Shanne\AppData\Local\Microsoft\CLR_v4.0\UsageLogs\explorer.exe.log
 
< MD5 for: EXPLORER.EXE.MUI  >
[2013/09/29 23:47:55 | 000,016,896 | ---- | M] (Microsoft Corporation) MD5=6B943F9892499269B3C4886C1F0BD843 -- C:\Windows\en-US\explorer.exe.mui
[2013/09/29 23:47:55 | 000,016,896 | ---- | M] (Microsoft Corporation) MD5=6B943F9892499269B3C4886C1F0BD843 -- C:\Windows\SysWOW64\en-US\explorer.exe.mui
[2013/09/29 23:47:55 | 000,016,896 | ---- | M] (Microsoft Corporation) MD5=6B943F9892499269B3C4886C1F0BD843 -- C:\Windows\WinSxS\amd64_microsoft-windows-explorer.resources_31bf3856ad364e35_6.3.9600.16384_en-us_f6b0e7284798d168\explorer.exe.mui
[2013/09/29 23:47:55 | 000,016,896 | ---- | M] (Microsoft Corporation) MD5=6B943F9892499269B3C4886C1F0BD843 -- C:\Windows\WinSxS\wow64_microsoft-windows-explorer.resources_31bf3856ad364e35_6.3.9600.16384_en-us_0105917a7bf99363\explorer.exe.mui
 
< MD5 for: EXPLORER.EXE-5F7AEA8B.PF  >
[2014/03/17 15:30:47 | 000,283,144 | ---- | M] () MD5=5C4BFF32E7CCE57B2C63B0FFBB154373 -- C:\Windows\Prefetch\EXPLORER.EXE-5F7AEA8B.pf
 
< MD5 for: IEXPLORE.EXE  >
[2014/02/06 09:08:02 | 000,806,064 | ---- | M] (Microsoft Corporation) MD5=2E032281A818BCD191E3DD92000A8EAE -- C:\Program Files\Internet Explorer\iexplore.exe
[2014/02/06 09:08:02 | 000,806,064 | ---- | M] (Microsoft Corporation) MD5=2E032281A818BCD191E3DD92000A8EAE -- C:\Windows\WinSxS\amd64_microsoft-windows-i..etexplorer-optional_31bf3856ad364e35_11.0.9600.16521_none_9c60612a90cfaeb6\iexplore.exe
[2014/02/12 15:04:01 | 000,009,369 | ---- | M] () MD5=7B0FB14120A13191E63C458C64720489 -- C:\Windows\WinSxS\wow64_microsoft-windows-i..etexplorer-optional_31bf3856ad364e35_11.0.9600.16384_none_a6d068b8c51b1dbc\iexplore.exe
[2014/03/13 12:08:57 | 000,000,012 | ---- | M] () MD5=8F5B97C692CD84C0E5DF02F9142ECEB3 -- C:\Windows\WinSxS\amd64_microsoft-windows-i..etexplorer-optional_31bf3856ad364e35_11.0.9600.16518_none_9c5ec16890d148c6\iexplore.exe
[2014/03/13 12:12:08 | 000,000,012 | ---- | M] () MD5=8F5B97C692CD84C0E5DF02F9142ECEB3 -- C:\Windows\WinSxS\wow64_microsoft-windows-i..etexplorer-optional_31bf3856ad364e35_11.0.9600.16518_none_a6b36bbac5320ac1\iexplore.exe
[2014/02/06 07:18:16 | 000,808,112 | ---- | M] (Microsoft Corporation) MD5=9FBB2F038A2DDCE696BDEE7080241C0C -- C:\Program Files (x86)\Internet Explorer\iexplore.exe
[2014/02/06 07:18:16 | 000,808,112 | ---- | M] (Microsoft Corporation) MD5=9FBB2F038A2DDCE696BDEE7080241C0C -- C:\Windows\WinSxS\wow64_microsoft-windows-i..etexplorer-optional_31bf3856ad364e35_11.0.9600.16521_none_a6b50b7cc53070b1\iexplore.exe
[2013/04/04 14:50:32 | 000,218,184 | ---- | M] () MD5=B4C6E3889BB310CA7E974A04EC6E46AC -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\Chameleon\iexplore.exe
[2014/02/12 14:35:02 | 000,010,956 | ---- | M] () MD5=CB6B6941B52B10900DB2808854F70233 -- C:\Windows\WinSxS\amd64_microsoft-windows-i..etexplorer-optional_31bf3856ad364e35_11.0.9600.16384_none_9c7bbe6690ba5bc1\iexplore.exe
 
< MD5 for: IEXPLORE.EXE.MUI  >
[2013/09/29 23:48:12 | 000,005,120 | ---- | M] (Microsoft Corporation) MD5=25B70D28D1CE87B67EEC2BA899126244 -- C:\Program Files (x86)\Internet Explorer\en-US\iexplore.exe.mui
[2013/09/29 23:48:12 | 000,005,120 | ---- | M] (Microsoft Corporation) MD5=25B70D28D1CE87B67EEC2BA899126244 -- C:\Program Files\Internet Explorer\en-US\iexplore.exe.mui
[2013/09/29 23:48:12 | 000,005,120 | ---- | M] (Microsoft Corporation) MD5=25B70D28D1CE87B67EEC2BA899126244 -- C:\Windows\WinSxS\amd64_microsoft-windows-i..-optional.resources_31bf3856ad364e35_11.0.9600.16384_en-us_962853ddc8679ca8\iexplore.exe.mui
[2013/09/29 23:48:12 | 000,005,120 | ---- | M] (Microsoft Corporation) MD5=25B70D28D1CE87B67EEC2BA899126244 -- C:\Windows\WinSxS\wow64_microsoft-windows-i..-optional.resources_31bf3856ad364e35_11.0.9600.16384_en-us_a07cfe2ffcc85ea3\iexplore.exe.mui
 
< MD5 for: IEXPLORE.VISUALELEMENTSMANIFEST.XML  >
[2013/06/18 10:48:46 | 000,000,340 | ---- | M] () MD5=2C776DCD91132FCC6A8C066DD529B307 -- C:\Program Files\Internet Explorer\iexplore.VisualElementsManifest.xml
[2013/06/18 10:48:46 | 000,000,340 | ---- | M] () MD5=2C776DCD91132FCC6A8C066DD529B307 -- C:\Windows\WinSxS\amd64_microsoft-windows-immersivebrowser_31bf3856ad364e35_11.0.9600.16384_none_c673d0d2f4ca87f4\iexplore.VisualElementsManifest.xml
 
< MD5 for: SERVICES  >
[2013/08/22 11:04:54 | 000,003,777 | ---- | M] () MD5=5EE2D65841D1985E8C1BC68B2EB4357B -- C:\Windows\WinSxS\amd64_microsoft-windows-w..ucture-other-minwin_31bf3856ad364e35_6.3.9600.16384_none_25fdfd813908f8a6\services
 
< MD5 for: SERVICES.AIP  >
[2012/11/21 01:09:36 | 000,476,824 | ---- | M] (Adobe Systems Incorporated) MD5=456C45B1A2ECE8814987C4A4EA786413 -- C:\Program Files\Adobe\Adobe Illustrator CS6 (64 Bit)\Plug-ins\Extensions\Services.aip
[2012/11/21 00:37:22 | 000,382,616 | ---- | M] (Adobe Systems Incorporated) MD5=87ACA12B41F894A8CAFD264A1FC9D1F0 -- C:\Program Files (x86)\Adobe\Adobe Illustrator CS6\Plug-ins\Extensions\Services.aip
 
< MD5 for: SERVICES.ASFX  >
[2013/12/18 14:43:04 | 000,002,626 | ---- | M] () MD5=8073B18DC740B965256CE0957E363AC5 -- C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Locale\fr_FR\Services\Services.asfx
[2013/12/18 14:43:06 | 000,002,655 | ---- | M] () MD5=ABFBB9D0398492D849690C344C1316BB -- C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Locale\de_DE\Services\Services.asfx
 
< MD5 for: SERVICES.CFG  >
[2012/09/23 20:43:36 | 000,603,848 | R--- | M] () MD5=81B120EAEE296F0E54F66C16C5A21367 -- C:\Windows\Installer\$PatchCache$\Managed\68AB67CA7DA73301B744BA0000000010\11.0.0\services.cfg
[2013/12/18 14:43:04 | 000,558,851 | ---- | M] () MD5=A044715A48D8FADB9366D554F20D3331 -- C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Services\Services.cfg
[2010/10/25 15:13:46 | 000,032,633 | R--- | M] () MD5=EA1C35DD541D60819D55482130BD585D -- C:\Windows\Installer\$PatchCache$\Managed\68AB67CA3301004F7706000000000050\10.0.0\services.cfg
[2013/12/21 02:04:16 | 000,559,392 | ---- | M] () MD5=F9FBA73F44366AB3514BD1985707F178 -- C:\Program Files (x86)\Adobe\Reader 11.0\Reader\Services\Services.cfg
 
< MD5 for: SERVICES.EXE  >
[2013/08/22 09:25:40 | 000,405,488 | ---- | M] (Microsoft Corporation) MD5=B4B610BBCB002EC478C6FD80CF915697 -- C:\WINDOWS\SysNative\services.exe
[2013/08/22 09:25:40 | 000,405,488 | ---- | M] (Microsoft Corporation) MD5=B4B610BBCB002EC478C6FD80CF915697 -- C:\Windows\WinSxS\amd64_microsoft-windows-s..cecontroller-minwin_31bf3856ad364e35_6.3.9600.16384_none_2fd72579d09a45e9\services.exe
 
< MD5 for: SERVICES.EXE.MUI  >
[2013/09/29 23:47:46 | 000,018,944 | ---- | M] (Microsoft Corporation) MD5=0626E9CF9F010A5E5D5A8E200A59DDDC -- C:\WINDOWS\SysNative\en-US\services.exe.mui
[2013/09/29 23:47:46 | 000,018,944 | ---- | M] (Microsoft Corporation) MD5=0626E9CF9F010A5E5D5A8E200A59DDDC -- C:\Windows\WinSxS\amd64_microsoft-windows-s..ontroller.resources_31bf3856ad364e35_6.3.9600.16384_en-us_5abba721f9ec3435\services.exe.mui
 
< MD5 for: SERVICES.JS  >
[2014/02/25 17:24:41 | 000,078,905 | ---- | M] () MD5=DE4B5FF45A106DA53CA566314EFE2E1F -- C:\Program Files\WindowsApps\Microsoft.BingFinance_3.0.2.234_x64__8wekyb3d8bbwe\Common\js\services.js
[2014/02/25 17:24:41 | 000,078,905 | ---- | M] () MD5=DE4B5FF45A106DA53CA566314EFE2E1F -- C:\Program Files\WindowsApps\Microsoft.BingFoodAndDrink_3.0.2.236_x64__8wekyb3d8bbwe\Common\js\services.js
[2014/02/25 17:24:41 | 000,078,905 | ---- | M] () MD5=DE4B5FF45A106DA53CA566314EFE2E1F -- C:\Program Files\WindowsApps\Microsoft.BingHealthAndFitness_3.0.2.233_x64__8wekyb3d8bbwe\Common\js\services.js
[2014/02/25 17:24:41 | 000,078,905 | ---- | M] () MD5=DE4B5FF45A106DA53CA566314EFE2E1F -- C:\Program Files\WindowsApps\Microsoft.BingNews_3.0.2.233_x64__8wekyb3d8bbwe\Common\js\services.js
[2014/02/25 17:24:41 | 000,078,905 | ---- | M] () MD5=DE4B5FF45A106DA53CA566314EFE2E1F -- C:\Program Files\WindowsApps\Microsoft.BingSports_3.0.2.233_x64__8wekyb3d8bbwe\Common\js\services.js
[2014/02/25 17:24:41 | 000,078,905 | ---- | M] () MD5=DE4B5FF45A106DA53CA566314EFE2E1F -- C:\Program Files\WindowsApps\Microsoft.BingTravel_3.0.2.233_x64__8wekyb3d8bbwe\Common\js\services.js
[2014/02/25 17:24:41 | 000,078,905 | ---- | M] () MD5=DE4B5FF45A106DA53CA566314EFE2E1F -- C:\Program Files\WindowsApps\Microsoft.BingWeather_3.0.2.233_x64__8wekyb3d8bbwe\Common\js\services.js
 
< MD5 for: SERVICES.LNK  >
[2013/08/22 02:54:57 | 000,001,158 | ---- | M] () MD5=5C11B0E362D426FD6E99B07705BA4A48 -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\services.lnk
[2013/08/22 02:54:57 | 000,001,158 | ---- | M] () MD5=5C11B0E362D426FD6E99B07705BA4A48 -- C:\Users\All Users\Microsoft\Windows\Start Menu\Programs\Administrative Tools\services.lnk
[2013/08/22 02:54:57 | 000,001,158 | ---- | M] () MD5=5C11B0E362D426FD6E99B07705BA4A48 -- C:\Windows\WinSxS\amd64_microsoft-windows-servicessnapin_31bf3856ad364e35_6.3.9600.16384_none_c02242af19b1eb57\services.lnk
 
< MD5 for: SERVICES.MOF  >
[2013/06/18 10:51:33 | 000,002,866 | ---- | M] () MD5=26A11C895A7F0B6D32105EBE127D8500 -- C:\WINDOWS\SysNative\wbem\services.mof
[2013/06/18 10:51:33 | 000,002,866 | ---- | M] () MD5=26A11C895A7F0B6D32105EBE127D8500 -- C:\Windows\WinSxS\amd64_microsoft-windows-s..s-servicecontroller_31bf3856ad364e35_6.3.9600.16384_none_c01e2072a140077e\services.mof
 
< MD5 for: SERVICES.MSC  >
[2013/09/29 23:47:49 | 000,092,746 | ---- | M] () MD5=2D8D95469EC26AAA986AAD1CE424E631 -- C:\WINDOWS\SysNative\en-US\services.msc
[2013/06/18 10:47:53 | 000,092,746 | ---- | M] () MD5=2D8D95469EC26AAA986AAD1CE424E631 -- C:\WINDOWS\SysNative\services.msc
[2013/09/29 23:47:49 | 000,092,746 | ---- | M] () MD5=2D8D95469EC26AAA986AAD1CE424E631 -- C:\Windows\SysWOW64\en-US\services.msc
[2013/06/18 08:23:54 | 000,092,746 | ---- | M] () MD5=2D8D95469EC26AAA986AAD1CE424E631 -- C:\Windows\SysWOW64\services.msc
[2013/09/29 23:47:49 | 000,092,746 | ---- | M] () MD5=2D8D95469EC26AAA986AAD1CE424E631 -- C:\Windows\WinSxS\amd64_microsoft-windows-s..cessnapin.resources_31bf3856ad364e35_6.3.9600.16384_en-us_94fd770dd055ce28\services.msc
[2013/06/18 10:47:53 | 000,092,746 | ---- | M] () MD5=2D8D95469EC26AAA986AAD1CE424E631 -- C:\Windows\WinSxS\amd64_microsoft-windows-servicessnapin_31bf3856ad364e35_6.3.9600.16384_none_c02242af19b1eb57\services.msc
[2013/06/18 08:23:54 | 000,092,746 | ---- | M] () MD5=2D8D95469EC26AAA986AAD1CE424E631 -- C:\Windows\WinSxS\wow64_microsoft-windows-servicessnapin_31bf3856ad364e35_6.3.9600.16384_none_ca76ed014e12ad52\services.msc
[2013/09/29 23:47:49 | 000,092,746 | ---- | M] () MD5=2D8D95469EC26AAA986AAD1CE424E631 -- C:\Windows\WinSxS\x86_microsoft-windows-s..cessnapin.resources_31bf3856ad364e35_6.3.9600.16384_en-us_38dedb8a17f85cf2\services.msc
 
< MD5 for: SERVICES.PTXML  >
[2013/08/22 02:45:36 | 000,001,061 | ---- | M] () MD5=640D7DD61B1CFA6C96F80F68F78CDFA7 -- C:\WINDOWS\SysNative\wdi\perftrack\Services.ptxml
[2013/08/22 02:45:36 | 000,001,061 | ---- | M] () MD5=640D7DD61B1CFA6C96F80F68F78CDFA7 -- C:\Windows\WinSxS\amd64_microsoft-windows-s..s-servicecontroller_31bf3856ad364e35_6.3.9600.16384_none_c01e2072a140077e\Services.ptxml
 
< MD5 for: WINLOGON.ADML  >
[2013/09/30 00:18:27 | 000,002,631 | ---- | M] () MD5=3FC16D999444A213C04297050F42DA07 -- C:\Windows\WinSxS\amd64_microsoft-windows-winlogon-adm.resources_31bf3856ad364e35_6.3.9600.16384_en-us_85c27192b0d9003d\WinLogon.adml
 
< MD5 for: WINLOGON.ADMX  >
[2013/08/22 10:57:15 | 000,001,101 | ---- | M] () MD5=513B8C31BC439F0A37EA44D540F98916 -- C:\Windows\WinSxS\amd64_microsoft-windows-winlogon-adm_31bf3856ad364e35_6.3.9600.16384_none_6bcbbccd4d39421a\WinLogon.admx
 
< MD5 for: WINLOGON.EXE  >
[2013/08/22 05:55:08 | 000,564,736 | ---- | M] (Microsoft Corporation) MD5=7C94FDA3809015B8F2208D2E1C221F17 -- C:\WINDOWS\SysNative\winlogon.exe
[2013/08/22 05:55:08 | 000,564,736 | ---- | M] (Microsoft Corporation) MD5=7C94FDA3809015B8F2208D2E1C221F17 -- C:\Windows\WinSxS\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.3.9600.16384_none_60816121a8e88269\winlogon.exe
[2013/04/04 14:50:32 | 000,218,184 | ---- | M] () MD5=B4C6E3889BB310CA7E974A04EC6E46AC -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\Chameleon\winlogon.exe
 
< MD5 for: WINLOGON.EXE.MUI  >
[2013/09/29 23:48:02 | 000,024,064 | ---- | M] (Microsoft Corporation) MD5=E1EA8FA8EDA1C8E5BFF41FCECE119841 -- C:\WINDOWS\SysNative\en-US\winlogon.exe.mui
[2013/09/29 23:48:02 | 000,024,064 | ---- | M] (Microsoft Corporation) MD5=E1EA8FA8EDA1C8E5BFF41FCECE119841 -- C:\Windows\WinSxS\amd64_microsoft-windows-winlogon.resources_31bf3856ad364e35_6.3.9600.16384_en-us_bbb6f195d80d78ae\winlogon.exe.mui
 
< MD5 for: WINLOGON.MFL  >
[2013/09/29 23:48:02 | 000,001,080 | ---- | M] () MD5=2783ED50691284F7EAE6BE9729337E1A -- C:\WINDOWS\SysNative\wbem\en-US\winlogon.mfl
[2013/09/29 23:48:02 | 000,001,080 | ---- | M] () MD5=2783ED50691284F7EAE6BE9729337E1A -- C:\Windows\WinSxS\amd64_microsoft-windows-winlogon-mof.resources_31bf3856ad364e35_6.3.9600.16384_en-us_19794360f345d243\winlogon.mfl
 
< MD5 for: WINLOGON.MOF  >
[2013/08/22 02:45:12 | 000,003,192 | ---- | M] () MD5=DF722B96F32A61783BC310FACF10240B -- C:\WINDOWS\SysNative\wbem\winlogon.mof
[2013/08/22 02:45:12 | 000,003,192 | ---- | M] () MD5=DF722B96F32A61783BC310FACF10240B -- C:\Windows\WinSxS\amd64_microsoft-windows-winlogon-mof_31bf3856ad364e35_6.3.9600.16384_none_70f729db49dee3dc\winlogon.mof
 
< %SYSTEMDRIVE%\*.* >
[2012/07/25 23:44:30 | 000,398,156 | RHS- | M] () -- C:\bootmgr
[2013/06/18 08:18:29 | 000,000,001 | -HS- | M] () -- C:\BOOTNXT
[2014/03/18 00:51:17 | 1648,771,070 | -HS- | M] () -- C:\hiberfil.sys
[2014/03/18 00:51:19 | 4294,967,293 | -HS- | M] () -- C:\pagefile.sys
[2014/03/18 00:51:19 | 268,435,456 | -HS- | M] () -- C:\swapfile.sys
 
< %systemroot%\Fonts\*.com >
[2013/11/28 02:25:52 | 000,026,040 | ---- | M] () -- C:\WINDOWS\Fonts\GlobalMonospace.CompositeFont
[2013/11/28 02:25:52 | 000,026,489 | ---- | M] () -- C:\WINDOWS\Fonts\GlobalSansSerif.CompositeFont
[2013/11/28 02:25:52 | 000,029,779 | ---- | M] () -- C:\WINDOWS\Fonts\GlobalSerif.CompositeFont
[2013/11/28 02:25:52 | 000,043,318 | ---- | M] () -- C:\WINDOWS\Fonts\GlobalUserInterface.CompositeFont
 
< %systemroot%\Fonts\*.dll >
 
< %systemroot%\Fonts\*.ini >
[2013/08/22 11:35:03 | 000,000,065 | ---- | M] () -- C:\WINDOWS\Fonts\desktop.ini
 
< %systemroot%\Fonts\*.ini2 >
 
< %systemroot%\Fonts\*.exe >
 
< %systemroot%\system32\spool\prtprocs\w32x86\*.* >
 
< %systemroot%\REPAIR\*.bak1 >
 
< %systemroot%\REPAIR\*.ini >
 
< %systemroot%\system32\*.jpg >
 
< %systemroot%\*.jpg >
 
< %systemroot%\*.png >
 
< %systemroot%\*.scr >
[2012/09/12 19:57:44 | 000,322,048 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\WLXPGSS.SCR
 
< %systemroot%\*._sy >
 
< %APPDATA%\Adobe\Update\*.* >
 
< %ALLUSERSPROFILE%\Favorites\*.* >
 
< %APPDATA%\Microsoft\*.* >
 
< %PROGRAMFILES%\*.* >
[2013/08/22 11:34:52 | 000,000,174 | -HS- | M] () -- C:\Program Files (x86)\desktop.ini
 
< %APPDATA%\Update\*.* >
 
< %systemroot%\*. /mp /s >
 
< dir "%systemdrive%\*" /S /A:L /C >
 Volume in drive C is OS
 Volume Serial Number is EC87-0D61
 Directory of C:\
22/08/13  10:45    <JUNCTION>     Documents and Settings [C:\Users]
               0 File(s)              0 bytes
 
< %systemroot%\System32\config\*.sav >
 
< %PROGRAMFILES%\bak. /s >
 
< %systemroot%\system32\bak. /s >
 
< %ALLUSERSPROFILE%\Start Menu\*.lnk /x >
 
< %systemroot%\system32\config\systemprofile\*.dat /x >
 
< %systemroot%\*.config >
[2009/02/26 02:50:32 | 000,000,176 | ---- | M] () -- C:\WINDOWS\explorer.exe.config
 
< %systemroot%\system32\*.db >
 
< %PROGRAMFILES%\Internet Explorer\*.dat >
 
< %APPDATA%\Microsoft\Internet Explorer\Quick Launch\*.lnk /x >
[2013/08/19 20:11:00 | 000,000,223 | -HS- | M] () -- C:\Users\Shanne\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\desktop (1).ini
[2013/08/22 11:35:52 | 000,000,148 | -HS- | M] () -- C:\Users\Shanne\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\desktop.ini
 
< %USERPROFILE%\Desktop\*.exe >
 
< %PROGRAMFILES%\Common Files\*.* >
 
< %systemroot%\*.src >
 
< %systemroot%\install\*.* >
 
< %systemroot%\system32\DLL\*.* >
 
< %systemroot%\system32\HelpFiles\*.* >
 
< %systemroot%\system32\rundll\*.* >
 
< %systemroot%\winn32\*.* >
 
< %systemroot%\Java\*.* >
 
< %systemroot%\system32\test\*.* >
 
< %systemroot%\system32\Rundll32\*.* >
 
< %systemroot%\AppPatch\Custom\*.* >
 
< HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows\WindowsUpdate\AU >
 
< HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\WindowsUpdate\Auto Update\Results\Install|LastSuccessTime /rs >
 
========== Alternate Data Streams ==========
 
@Alternate Data Stream - 200 bytes -> C:\Users\Shanne\SkyDrive:ms-properties

< End of report >

 

Extras.txt

OTL Extras logfile created on: 18/03/14 01:00:31 - Run 1
OTL by OldTimer - Version 3.2.69.0     Folder = C:\Users\Shanne\Downloads
64bit- An unknown product  (Version = 6.2.9200) - Type = NTWorkstation
Internet Explorer (Version = 9.11.9600.16521)
Locale: 00001009 | Country: Canada | Language: ENC | Date Format: dd/MM/yy
 
11.92 Gb Total Physical Memory | 9.70 Gb Available Physical Memory | 81.37% Memory free
23.92 Gb Paging File | 21.36 Gb Available in Paging File | 89.31% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 279.11 Gb Total Space | 181.57 Gb Free Space | 65.05% Space Free | Partition Type: NTFS
Drive D: | 349.32 Gb Total Space | 346.39 Gb Free Space | 99.16% Space Free | Partition Type: NTFS
Drive E: | 349.32 Gb Total Space | 349.18 Gb Free Space | 99.96% Space Free | Partition Type: NTFS
Drive F: | 397.87 Gb Total Space | 397.73 Gb Free Space | 99.96% Space Free | Partition Type: NTFS
 
Computer Name: ARCHITECTURE | User Name: Shanne | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
 
========== Extra Registry (SafeList) ==========
 
 
========== File Associations ==========
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.html[@ = htmlfile] -- C:\Program Files\Internet Explorer\IEXPLORE.EXE (Microsoft Corporation)
.url[@ = InternetShortcut] -- C:\WINDOWS\SysNative\rundll32.exe (Microsoft Corporation)
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\WINDOWS\SysWow64\control.exe (Microsoft Corporation)
.html [@ = htmlfile] -- C:\Program Files\Internet Explorer\IEXPLORE.EXE (Microsoft Corporation)
 
[HKEY_CURRENT_USER\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation)
.scr [@ = AutoCADScriptFile] -- Reg Error: Key error. File not found
 
========== Shell Spawning ==========
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [edit] -- Reg Error: Key error.
htmlfile [open] -- "C:\Program Files\Internet Explorer\IEXPLORE.EXE" %1 (Microsoft Corporation)
htmlfile [opennew] -- "C:\Program Files\Internet Explorer\IEXPLORE.EXE" %1 (Microsoft Corporation)
htmlfile [print] -- "C:\WINDOWS\system32\rundll32.exe" "C:\WINDOWS\system32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
http [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
https [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
InternetShortcut [open] -- "C:\WINDOWS\system32\rundll32.exe" "C:\WINDOWS\system32\ieframe.dll",OpenURL %l (Microsoft Corporation)
InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\OpenWith.exe "%1" (Microsoft Corporation)
Directory [AddToPlaylistVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" (VideoLAN)
Directory [Bridge] -- C:\Program Files\Adobe\Adobe Bridge CS6 (64 Bit)\Bridge.exe "%L" (Adobe Systems, Inc.)
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" (VideoLAN)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Applications\iexplore.exe [open] -- "C:\Program Files\Internet Explorer\IEXPLORE.EXE" %1 (Microsoft Corporation)
CLSID\{871C5380-42A0-1069-A2EA-08002B30309D} [OpenHomePage] -- "C:\Program Files\Internet Explorer\iexplore.exe" (Microsoft Corporation)
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [edit] -- Reg Error: Key error.
htmlfile [open] -- "C:\Program Files\Internet Explorer\IEXPLORE.EXE" %1 (Microsoft Corporation)
htmlfile [opennew] -- "C:\Program Files\Internet Explorer\IEXPLORE.EXE" %1 (Microsoft Corporation)
http [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
https [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\OpenWith.exe "%1" (Microsoft Corporation)
Directory [AddToPlaylistVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" (VideoLAN)
Directory [Bridge] -- C:\Program Files\Adobe\Adobe Bridge CS6 (64 Bit)\Bridge.exe "%L" (Adobe Systems, Inc.)
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" (VideoLAN)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Applications\iexplore.exe [open] -- "C:\Program Files\Internet Explorer\IEXPLORE.EXE" %1 (Microsoft Corporation)
CLSID\{871C5380-42A0-1069-A2EA-08002B30309D} [OpenHomePage] -- Reg Error: Value error.
 
========== Security Center Settings ==========
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = AC 1C AE C5 46 9F CE 01  [binary data]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Upgrade]
"UpgradeTime" =  [binary data]
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Upgrade]
"UpgradeTime" = Reg Error: Unknown registry data type -- File not found
 
========== Firewall Settings ==========
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"DisableNotifications" = 0
"EnableFirewall" = 0
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"DisableNotifications" = 0
"EnableFirewall" = 0
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"DisableNotifications" = 0
"EnableFirewall" = 0
 
========== Authorized Applications List ==========
 
 
========== Vista Active Open Ports Exception List ==========
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{0363779D-524E-4F8D-AB7D-9DEE5870940D}" = lport=443 | protocol=6 | dir=in | app=c:\program files (x86)\nvidia corporation\netservice\nvnetworkservice.exe |
"{09179F0C-17F9-41FA-8834-12503260E0CA}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{131A5BE5-979F-4754-8E0E-D614BE867703}" = lport=48000 | protocol=17 | dir=in | app=c:\program files\nvidia corporation\nvstreamsrv\nvstreamer.exe |
"{339A9294-0E98-4DF1-BA2B-39B9F9A961FF}" = lport=5353 | protocol=17 | dir=in | app=c:\program files\nvidia corporation\nvstreamsrv\nvstreamsvc.exe |
"{39B8DF9A-0E7E-496C-A8A8-9745DDA21E8F}" = lport=47987 | protocol=6 | dir=in | app=c:\program files\nvidia corporation\nvstreamsrv\nvstreamsvc.exe |
"{46011848-5F88-4275-AEF1-1A43A0EE2EB2}" = lport=50248 | protocol=6 | dir=in | name=autodesk content service |
"{4C144FFF-7390-4FAB-9273-5735E2186119}" = lport=5353 | protocol=17 | dir=in | app=c:\program files\nvidia corporation\nvstreamsrv\nvstreamsvc.exe |
"{4E0D3DAB-7954-4908-9A3B-70D3A9469E9E}" = lport=47991 | protocol=6 | dir=in | app=c:\program files\nvidia corporation\nvstreamsrv\nvstreamer.exe |
"{63BE8CB9-A9BD-4232-AD6A-D5D436DB6B61}" = lport=47991 | protocol=6 | dir=in | app=c:\program files\nvidia corporation\nvstreamsrv\nvstreamer.exe |
"{64ACC2F6-087C-438F-AEB5-74E6573E8D2A}" = lport=80 | protocol=6 | dir=in | app=c:\program files (x86)\nvidia corporation\netservice\nvnetworkservice.exe |
"{77CB9B03-D28F-4E3C-975E-6E715274C8B8}" = lport=5353 | protocol=17 | dir=in | app=c:\program files\nvidia corporation\nvstreamsrv\nvstreamsvc.exe |
"{7F256595-BA39-407F-8499-90704B4151DB}" = lport=6004 | protocol=17 | dir=in | app=c:\program files\microsoft office 15\root\office15\outlook.exe |
"{837288BC-D439-492B-B11B-1B9636A42469}" = lport=5353 | protocol=17 | dir=in | app=c:\program files\nvidia corporation\nvstreamsrv\nvstreamsvc.exe |
"{85B07DBB-EBBA-4595-8A76-573101255908}" = lport=47987 | protocol=6 | dir=in | app=c:\program files\nvidia corporation\nvstreamsrv\nvstreamsvc.exe |
"{89A8808F-8A4A-4CD6-8FFD-B8643FC13ABF}" = lport=1900 | protocol=17 | dir=in | name=windows live communications platform (ssdp) |
"{89B6ECD0-C2FE-4695-9FFA-CD05513A9DF5}" = lport=47987 | protocol=6 | dir=in | app=c:\program files\nvidia corporation\nvstreamsrv\nvstreamsvc.exe |
"{90B8E692-CB2F-489B-846E-9484EE101D3E}" = lport=48000 | protocol=17 | dir=in | app=c:\program files\nvidia corporation\nvstreamsrv\nvstreamer.exe |
"{963C85A6-046F-40AB-92E5-424F10D98037}" = lport=2869 | protocol=6 | dir=in | name=windows live communications platform (upnp) |
"{A81AC0FD-2972-499D-906F-52EF89CA5EE3}" = lport=443 | protocol=6 | dir=in | app=c:\program files (x86)\nvidia corporation\netservice\nvnetworkservice.exe |
"{AC6BE4BA-4172-4F5E-A9F6-32C370394AD6}" = lport=48000 | protocol=17 | dir=in | app=c:\program files\nvidia corporation\nvstreamsrv\nvstreamer.exe |
"{BBD3A75F-C713-44B0-9B05-31CF82574532}" = lport=47991 | protocol=6 | dir=in | app=c:\program files\nvidia corporation\nvstreamsrv\nvstreamer.exe |
"{C2D93D44-E652-4F18-8A49-FCFBB15A7445}" = lport=47991 | protocol=6 | dir=in | app=c:\program files\nvidia corporation\nvstreamsrv\nvstreamer.exe |
"{C574429F-7D72-435D-892B-BA44F1A3646A}" = lport=54925 | protocol=17 | dir=in | name=brothernetwork scanner |
"{D3495AA6-A0CE-4E6A-99A7-1C1D235C166E}" = lport=48000 | protocol=17 | dir=in | app=c:\program files\nvidia corporation\nvstreamsrv\nvstreamer.exe |
"{D4614146-C0BA-4582-91DA-283C36042F64}" = lport=47987 | protocol=6 | dir=in | app=c:\program files\nvidia corporation\nvstreamsrv\nvstreamsvc.exe |
"{E2055DC6-B310-4CA5-B371-88FE696BAFE5}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{E23430B2-F9A3-4BB0-862A-515734D421FC}" = lport=80 | protocol=6 | dir=in | app=c:\program files (x86)\nvidia corporation\netservice\nvnetworkservice.exe |
"{E90E0CA2-CCD2-4719-8BC3-58C3CA8A6301}" = lport=443 | protocol=6 | dir=in | app=c:\program files (x86)\nvidia corporation\netservice\nvnetworkservice.exe |
"{FBFDDBE8-FB7D-4273-8EED-17B65C22E038}" = lport=80 | protocol=6 | dir=in | app=c:\program files (x86)\nvidia corporation\netservice\nvnetworkservice.exe |
 
========== Vista Active Application Exception List ==========
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{04EB5006-C31B-4D94-A7DA-66D98E47E4ED}" = dir=in | name=microsoft solitaire collection |
"{07451603-4498-4EC0-8486-18F915A8ED52}" = dir=out | name=@{microsoft.bingmaps_1.2.0.136_x64__8wekyb3d8bbwe?ms-resource://microsoft.bingmaps/resources/appdisplayname} |
"{0C79B340-58E5-4BCD-A90D-2547B4F0264B}" = dir=out | name=@{microsoft.windowscommunicationsapps_16.4.4206.722_x64__8wekyb3d8bbwe?ms-resource://microsoft.windowscommunicationsapps/resources/communicationspackagename} |
"{1E2B0167-C004-409D-8E55-72C2409D12B1}" = protocol=17 | dir=in | app=c:\program files\common files\mcafee\mcsvchost\mcsvhost.exe |
"{233782FA-ADA4-406E-A306-EFF0732D4492}" = protocol=6 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe |
"{236BB160-38B4-4C66-BFC8-E23C02B450D4}" = protocol=17 | dir=in | app=c:\users\shanne\appdata\roaming\utorrent\utorrent.exe |
"{2B090D2A-0636-4A6C-A168-0C6A6D974FDA}" = dir=in | name=@{microsoft.skypeapp_1.0.0.266_x86__kzf8qxf38zg5c?ms-resource://microsoft.skypeapp/resources/manifest_display_name} |
"{2CD126FE-471A-463F-ADF3-69FC626CFE64}" = dir=out | name=taptiles |
"{2F8D58F4-AD64-407D-B33B-E54484B10A99}" = dir=in | name=check point vpn |
"{33445139-36C7-41D9-948C-A4188E74A849}" = dir=out | name=@{microsoft.bingnews_3.0.2.233_x64__8wekyb3d8bbwe?ms-resource://microsoft.bingnews/resources/brandedapptitle} |
"{35514EA6-8AF8-4C49-9D7E-CAC554BEE0AE}" = dir=out | name=windows_ie_ac_001 |
"{368CB127-B439-45EF-B75A-E73121DADC5F}" = dir=out | name=@{microsoft.xboxlivegames_1.0.927.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.xboxlivegames/resources/34150} |
"{381E8562-61F2-430C-9154-FB9EA4AC6E37}" = protocol=6 | dir=in | app=c:\program files\common files\mcafee\mcsvchost\mcsvhost.exe |
"{3ADD6532-E643-4976-AE43-85DBF26C4F42}" = dir=in | name=@{microsoft.windowsreadinglist_6.3.9654.20349_x64__8wekyb3d8bbwe?ms-resource://microsoft.windowsreadinglist/resources/apppackagename} |
"{3E3822A8-D5A1-47F7-8562-6078BA3516DF}" = dir=out | name=f5 vpn |
"{4203AAD1-004C-4F7D-AB57-6370C73DD2E3}" = dir=out | name=@{microsoft.zunemusic_1.0.927.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.zunemusic/resources/33273} |
"{4282FE99-8560-4BC7-9576-5F3ED84E263F}" = dir=in | name=checkpoint.vpn |
"{45A66AE2-F9D6-4DAE-823C-2DDC2FFC3078}" = protocol=17 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe |
"{45D8CF2D-F5B3-440D-8C81-639B13C0119B}" = dir=in | app=c:\program files (x86)\itunes\itunes.exe |
"{483AD318-E991-470F-A4CF-71D2E1529E2E}" = dir=out | name=sonicwall mobile connect |
"{48B1AC71-A2E7-4339-B4C7-D7C6DCD94AC6}" = dir=in | name=sonicwall mobile connect |
"{4F7F6E0B-C770-4E81-82D4-4EF1ACD0A9A2}" = dir=out | name=@{microsoft.bingweather_1.2.0.135_x64__8wekyb3d8bbwe?ms-resource://microsoft.bingweather/resources/apptitle} |
"{53CDB8FF-23C2-4A36-8037-58602CAF3450}" = dir=out | name=@{microsoft.bingtravel_1.2.0.145_x64__8wekyb3d8bbwe?ms-resource://microsoft.bingtravel/resources/apptitle} |
"{53DEDEDD-FEB6-474A-937E-309C3D5A684F}" = dir=in | name=juniper networks junos pulse |
"{548DCF8C-BFF2-4BA4-AA88-FBAF9AC8BCC6}" = dir=in | name=@{c:\windows\winstore\resources.pri?ms-resource://winstore/resources/displayname} |
"{560448D6-095C-4907-B046-AC7F710701A7}" = dir=in | name=sonicwall.mobileconnect |
"{5765F32D-4EB7-4B60-9D9E-7100216B9904}" = dir=out | name=pinball fx2 |
"{5BB67024-4D45-4711-94FA-F003825EB32E}" = dir=out | name=@{microsoft.windowsreadinglist_6.3.9654.20349_x64__8wekyb3d8bbwe?ms-resource://microsoft.windowsreadinglist/resources/apppackagename} |
"{5F4632C0-D5B1-40C3-B0D9-E3A759C81B9E}" = dir=out | name=sonicwall.mobileconnect |
"{6154CDE4-6A5B-4D3B-9610-F4184EB468D0}" = dir=out | name=juniper networks junos pulse |
"{63FDB226-324C-4E41-82DB-DDAEBF03D727}" = protocol=6 | dir=in | app=c:\program files (x86)\bonjour\mdnsresponder.exe |
"{668DEFBD-8A49-4855-A238-C2E23768EF8D}" = protocol=17 | dir=in | app=c:\users\shanne\appdata\roaming\dropbox\bin\dropbox.exe |
"{678DEF6C-45C6-4FBA-8562-E9071CE47B5F}" = dir=out | name=@{microsoft.bingfoodanddrink_3.0.2.236_x64__8wekyb3d8bbwe?ms-resource://microsoft.bingfoodanddrink/resources/apptitlewithbranding} |
"{7D7F5267-CAB7-43A4-A01B-992E2EB46981}" = protocol=6 | dir=in | app=c:\users\shanne\appdata\roaming\utorrent\utorrent.exe |
"{808F1451-4108-46FD-ADBB-F17324B5F0BD}" = dir=out | name=@{c:\windows\winstore\resources.pri?ms-resource://winstore/resources/displayname} |
"{880FC844-005D-475F-9311-873646AF9350}" = dir=in | app=c:\program files (x86)\cyberlink\powerdvd10\powerdvd cinema\powerdvdcinema10.exe |
"{882DB798-5AFA-43E5-ACAF-82C4FF624EC3}" = dir=out | name=@{microsoft.zunevideo_1.0.927.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.zunevideo/resources/33270} |
"{899FB19C-D845-4311-A1A0-635F71F92363}" = dir=out | name=adera |
"{8E111FFA-7403-41C1-8090-B3DCD1869FE8}" = dir=out | name=windows_ie_ac_001 |
"{9376DAD8-CFB1-418E-B2A3-0A0B7509D7F7}" = dir=out | name=@{microsoft.bingnews_1.2.0.135_x64__8wekyb3d8bbwe?ms-resource://microsoft.bingnews/resources/news} |
"{96080335-451C-4902-974E-18026FE61C90}" = dir=in | name=@{microsoft.reader_6.2.8516.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.reader/resources/shortdisplayname} |
"{9C52C214-8B0C-4AF8-91D8-7AF67CC79B41}" = dir=in | name=f5 vpn |
"{9E3D57FC-7C37-4424-9352-4831E97D029D}" = dir=out | name=@{c:\windows\winstore\resources.pri?ms-resource://winstore/resources/displayname} |
"{A8E8B74D-7D7C-4B72-9396-D902A9D0C3F5}" = dir=out | name=fresh paint |
"{A94130E9-49D2-414B-A06D-F2BF3BC88BF5}" = dir=out | name=@{microsoft.bingmaps_2.0.2530.2317_x64__8wekyb3d8bbwe?ms-resource://microsoft.bingmaps/resources/appdisplayname} |
"{A99FFA5C-05F5-4B27-BF19-27B831A66DFD}" = dir=in | name=taptiles |
"{AECC62AF-3F69-458F-8228-91775032EEB4}" = dir=out | name=skype |
"{B817702A-CB1E-4ABB-8461-53568BAEC851}" = dir=in | app=c:\program files (x86)\windows live\contacts\wlcomm.exe |
"{BD2C56AB-682E-4907-A6D7-06FEE16E95B4}" = dir=out | name=@{microsoft.bingfinance_3.0.2.234_x64__8wekyb3d8bbwe?ms-resource://microsoft.bingfinance/resources/brandedapptitle} |
"{C06D8DE8-ED87-4444-8604-1AE84C6FD708}" = protocol=17 | dir=in | app=c:\program files (x86)\bonjour\mdnsresponder.exe |
"{C22FB991-ED6A-4457-9276-60E5113F6F19}" = protocol=17 | dir=in | app=c:\program files (x86)\brother\brmfl10g\faxrx.exe |
"{C4C4C82C-CEA3-4703-AD8D-BAC30BA20416}" = dir=in | name=@{microsoft.windowscommunicationsapps_16.4.4206.722_x64__8wekyb3d8bbwe?ms-resource://microsoft.windowscommunicationsapps/resources/communicationspackagename} |
"{C5C94F1B-FA02-44D4-BBC3-BDD3FA0F4FE8}" = dir=in | name=pinball fx2 |
"{C6AD4229-9CF1-4C52-90AB-A85E46E812E1}" = dir=out | name=windows_ie_ac_001 |
"{C7AA77B6-3726-46E5-AC9C-A8741B97B98D}" = dir=out | name=microsoft solitaire collection |
"{CB6EA5D5-E5CE-4FB8-84B0-54632B77ABA3}" = protocol=6 | dir=in | app=c:\users\shanne\appdata\roaming\dropbox\bin\dropbox.exe |
"{CCA63A4A-C74C-4E8A-A726-69C819D4B272}" = dir=out | name=@{microsoft.bingweather_3.0.2.233_x64__8wekyb3d8bbwe?ms-resource://microsoft.bingweather/resources/apptitle} |
"{CCE72229-CE0B-46DD-8473-FD55EFF7FE48}" = dir=out | name=@{microsoft.bingsports_3.0.2.233_x64__8wekyb3d8bbwe?ms-resource://microsoft.bingsports/resources/brandedapptitle} |
"{D5526CAF-F6AB-4B3C-AD14-0C22E45B804D}" = protocol=6 | dir=in | app=c:\program files (x86)\brother\brmfl10g\faxrx.exe |
"{D6980480-941A-4DF6-AB81-3734ECD3D779}" = dir=out | name=junipernetworks.junospulsevpn |
"{D84E8E35-55F4-436E-9238-3DCBFA7F8E69}" = dir=out | name=@{microsoft.bingfinance_1.2.0.135_x64__8wekyb3d8bbwe?ms-resource://microsoft.bingfinance/resources/apptitle} |
"{DB37876C-F108-4CCA-B81C-25D851813823}" = dir=out | name=check point vpn |
"{DB59588E-ED90-4C47-A7B5-7929DD0C0BD2}" = dir=out | name=checkpoint.vpn |
"{DD42F73E-A065-4483-A732-3D515D99DF10}" = dir=out | name=@{microsoft.zunevideo_2.2.767.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.zunevideo/resources/ids_manifest_video_app_name} |
"{E37E6C0C-63FB-426E-B392-B11EB11C36A2}" = dir=out | name=@{microsoft.bingsports_1.2.0.135_x64__8wekyb3d8bbwe?ms-resource://microsoft.bingsports/resources/bingsports} |
"{E4F6607D-FF77-499C-9CDD-7EF575EAA035}" = dir=out | name=@{microsoft.skypeapp_1.0.0.266_x86__kzf8qxf38zg5c?ms-resource://microsoft.skypeapp/resources/manifest_display_name} |
"{E56E38F7-851A-4A18-9EFC-51F0D758286F}" = dir=in | name=skype |
"{E7985E1D-C36F-4787-80A8-6350D07E9266}" = dir=in | name=@{c:\windows\winstore\resources.pri?ms-resource://winstore/resources/displayname} |
"{E8F6CC40-57A5-46B0-8243-914630DB1152}" = dir=in | app=c:\program files (x86)\cyberlink\powerdvd10\powerdvd10.exe |
"{EC799E33-72BA-42D7-9127-DEFE68F9799D}" = dir=in | name=junipernetworks.junospulsevpn |
"{EE6350A1-F5D6-4AB9-A608-E46A7970936E}" = dir=out | name=@{microsoft.reader_6.2.8516.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.reader/resources/shortdisplayname} |
"{F64300AD-D559-4000-BD45-0997BCC8E70A}" = dir=out | name=f5.vpn.client |
"{F77E5446-4378-4E99-8B7A-7061AAAEA193}" = dir=in | name=f5.vpn.client |
"{F89A9F6D-72BF-42D0-A6C5-DF47A8F50740}" = dir=out | name=@{microsoft.zunemusic_2.2.767.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.zunemusic/resources/ids_manifest_music_app_name} |
 
========== HKEY_LOCAL_MACHINE Uninstall List ==========
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{00060000-0000-1004-8002-0000C06B5161}" = WibuKey Setup (WibuKey Remove)
"{071c9b48-7c32-4621-a0ac-3f809523288f}" = Microsoft Visual C++ 2005 Redistributable (x64)
"{0FBEEDF8-30FA-4FA3-B31F-C9C7E7E8DFA2}" = ASUS Screen Saver
"{11672AB2-3D48-4D38-9123-719E5FF93333}" = Autodesk Workflows 2014
"{1D8E6291-B0D5-35EC-8441-6616F567A0F7}" = Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219
"{23170F69-40C1-2702-0920-000001000000}" = 7-Zip 9.20 (x64 edition)
"{2368907C-E8F6-4750-A023-254C3E2B5E8D}" = Classic Shell
"{24757FE9-C7F6-4F87-9024-062BD4CFF0CA}" = Rhinoceros 5 (64-bit)
"{26A24AE4-039D-4CA4-87B4-2F86417025FF}" = Java 7 Update 25 (64-bit)
"{31ABA3F2-0000-1033-0102-111D43815377}" = Autodesk ReCap
"{31ABA3F2-0010-1033-0102-111D43815377}" = Autodesk ReCap Language Pack-English
"{38151262-FAF8-4778-9AAB-33E90B60D8E9}" = Anti-Virus
"{44B72151-611E-429D-9765-9BA093D7E48A}" = Intel® Trusted Connect Service Client
"{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148
"{4BE91685-1632-47FC-B563-A8A542C6664C}" = Autodesk Network License Manager
"{52B28CAD-F49D-47BA-9FFE-29C2E85F0D0B}" = Autodesk 360
"{5783F2D7-0111-0409-0110-0060B0CE6BBA}" = Autodesk CAD Manager Tools
"{5783F2D7-D001-0000-0102-0060B0CE6BBA}" = AutoCAD 2014 - English
"{5783F2D7-D001-0409-1102-0060B0CE6BBA}" = AutoCAD 2014 Language Pack - English
"{5783F2D7-D001-0409-2102-0060B0CE6BBA}" = AutoCAD 2014 - English
"{5783F2D7-D004-0000-0102-0060B0CE6BBA}" = AutoCAD Architecture 2014 - English
"{5783F2D7-D004-0409-1102-0060B0CE6BBA}" = AutoCAD Architecture 2014 Language Pack - English
"{5783F2D7-D004-0409-2102-0060B0CE6BBA}" = AutoCAD Architecture 2014 - English
"{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161
"{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}" = Microsoft Visual C++ 2005 Redistributable (x64)
"{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}" = Bonjour
"{715CAACC-579B-4831-A5F4-A83A8DE3EFE2}" = PaperPort Image Printer 64-bit
"{7346B4A0-1400-0510-0000-705C0D862004}" = Revit 2014
"{7346B4A0-1400-0511-0409-705C0D862004}" = Revit 2014 Language Pack - English
"{787136D2-F0F8-4625-AA3F-72D7795AC842}" = Apple Mobile Device Support
"{858A8CF2-9BD0-4EEB-9C81-E4CC6E34ABE6}" = VisualCAD/CAM 2014 (64 Bit)
"{86D24646-DAF6-4F5E-BCAD-CF7EF8E362E1}" = UxStyle
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{90150000-008F-0000-1000-0000000FF1CE}" = Office 15 Click-to-Run Licensing Component
"{95120000-00B9-0409-1000-0000000FF1CE}" = Microsoft Application Error Reporting
"{9B6239BF-4E85-4590-8D72-51E30DB1A9AA}" = ASUS Power4Gear Hybrid
"{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}" = Microsoft Visual C++ 2005 Redistributable (x64)
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.ControlPanel" = NVIDIA Control Panel 331.65
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience" = NVIDIA GeForce Experience 1.8.2
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Optimus" = NVIDIA Optimus Update 11.10.11
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX" = NVIDIA PhysX System Software 9.13.0725
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update" = NVIDIA Update 11.10.11
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_GFExperience.LEDVisualizer" = NVIDIA LED Visualizer 1.0
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_GFExperience.NvStreamC" = GeForce Experience NvStream Client Components
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_GFExperience.NvStreamSrv" = SHIELD Streaming
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver" = NVIDIA HD Audio Driver 1.3.26.4
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_installer" = NVIDIA Install Application
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Network.Service" = NVIDIA Network Service
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_ShadowPlay" = NVIDIA ShadowPlay 11.10.11
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Update.Core" = NVIDIA Update Core
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_VirtualAudio.Driver" = NVIDIA Virtual Audio 1.2.20
"{B8BA155B-1E75-405F-9CB4-8A99615D09DC}" = iTunes
"{C6D9ED03-6FCF-4410-9CB7-45CA285F9E11}" = WIDCOMM Bluetooth Software
"{E9FA781F-3E80-4399-825A-AD3E11C28C77}" = MSVCRT110_amd64
"{EF79C448-6946-4D71-8134-03407888C054}" = Shared C Run-time for x64
"{F3A591D1-C991-4722-B40D-C4A80C2A6D05}" = HIPS
"AutoCAD 2014 - English" = Autodesk AutoCAD 2014 - English
"AutoCAD Architecture 2014 - English" = Autodesk AutoCAD Architecture 2014 - English
"Autodesk ReCap" = Autodesk ReCap
"Autodesk Revit 2014" = Autodesk Revit 2014
"Blender" = Blender
"Broadcom 802.11 Network Adapter" = Broadcom 802.11 Network Adapter
"CAAPH2" = APH placeholder
"Elantech" = ETDWare PS/2-X64 11.5.8.3_WHQL
"eTrust Suite Personal" = Total Defense Internet Security Suite
"HomeBusinessRetail - en-us" = Microsoft Office Home and Business 2013 - en-us
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{017E337D-D709-437C-83DB-71F82AA78BF6}" = 照片库
"{022C7C52-B294-4346-88BC-C7C2FF7FF1B7}" = Movie Maker
"{0327A4BF-62BF-48BB-8928-B971B749E9E1}" = Adobe Creative Suite 6 Design Standard
"{0454BB9A-2A7A-4214-BDFF-937F7A711A44}" = Windows Live Communications Platform
"{04B34E21-5BEE-3D2B-8D3D-E3E80D253F64}" = Microsoft Visual C++ 2008 x86 ATL Runtime 9.0.30729
"{05560347-3a9b-4644-a8ed-8b64cc947189}" = UxStyle
"{061FF8F3-5226-4278-8AAB-282C1B024F58}" = Photo Common
"{068724F8-D8BE-4B43-8DDD-B9FE9E49FD76}" = Scansoft PDF Professional
"{08D2E121-7F6A-43EB-97FD-629B44903403}" = Microsoft_VC90_CRT_x86
"{0969AF05-4FF6-4C00-9406-43599238DE0D}" = ASUS Splendid Video Enhancement Technology
"{111EE7DF-FC45-40C7-98A7-753AC46B12FB}" = QuickTime 7
"{1367D815-EC9F-4e2f-9FB9-E40A075AD19B}" = DNAMigrator
"{13F3CEA5-9E2C-4C4E-9F0F-D0DB389CF4A9}" = Movie Maker
"{14866AAD-1F23-39AC-A62B-7091ED1ADE64}" = Microsoft Visual C++ 2008 x86 CRT Runtime 9.0.30729
"{17795164-3BC1-4D4F-8ADA-65C895EBFC9A}" = Brother MFL-Pro Suite MFC-J6910DW
"{18272881-CFC0-434D-A975-E5BE44206AA0}" = Windows Live UX Platform Language Pack
"{196467F1-C11F-4F76-858B-5812ADC83B94}" = MSXML 4.0 SP3 Parser
"{1C08E7B1-D5A8-4BED-ACEB-0219C36C4CAF}" = Rhinoceros 5 Language Pack Installer (en-US)
"{1DBD1F12-ED93-49C0-A7CC-56CBDE488158}" = ASUS LifeFrame3
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{1FEE19BC-6F0C-42E4-82FF-FB597F6141DF}" = Windows Live Essentials
"{26A24AE4-039D-4CA4-87B4-2F83217025FF}" = Java 7 Update 51
"{28656860-4728-433C-8AD4-D1A930437BC8}" = Nuance PDF Viewer Plus
"{30F99474-EBE3-4134-A02B-F6CD38CFE243}" = Photo Gallery
"{3108C217-BE83-42E4-AE9E-A56A2A92E549}" = Qualcomm Atheros Communications Inc.® AR81Family Gigabit/Fast Ethernet Driver
"{3B9E171F-A955-4834-B877-447C0A437260}" = ASUS ROG Gaming Mouse
"{3C63F944-803E-49A7-B3A2-B8AB3313E883}" = Windows Live UX Platform Language Pack
"{40BF1E83-20EB-11D8-97C5-0009C5020658}" = CyberLink Power2Go
"{446CC8CE-0E90-44F7-ADD0-774B243EF090}" = Galerie de photos
"{44A3A561-AE74-472D-A51C-43F4C9E7B5E5}" = Windows Live 软件包
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{4B90093A-5D9C-3956-8ABB-95848BE6EFAD}" = Microsoft Visual C++ 2008 x86 OpenMP Runtime 9.0.30729
"{4CCBD1F4-CEEC-452A-9CB8-46564B501315}" = Windows Live UX Platform
"{4D2A6330-2F8B-11E3-9C40-B8AC6F97B88E}" = Google Earth
"{51BF3210-B825-4092-8E0D-66D689916E02}" = Autodesk Material Library Base Resolution Image Library 2014
"{52E225FC-FCB4-41F7-837B-6E37FB05BD7B}" = Adobe AIR
"{58172D66-2F69-4215-9AEC-ED8196023736}" = ASUS Tutor
"{5A05B328-35EB-4CED-B16F-62FA5A2642E6}" =
"{5BABDA39-61CF-41EE-992D-4054B6649A9B}" = Movie Maker
"{5C29CC1F-218F-4C30-948A-11066CAC59FB}" = Autodesk Material Library Low Resolution Image Library 2014
"{60CEB140-F864-4994-8506-904A517A3310}" = Rhinoceros 5 Help Media
"{612C34C7-5E90-47D8-9B5C-0F717DD82726}" = swMSM
"{62F029AB-85F2-0000-866A-9FC0DD99DDBC}" = Autodesk Content Service
"{62F029AB-85F2-0001-866A-9FC0DD99DDBC}" = Autodesk Content Service Language Pack
"{631C4E4F-6FDC-4CC0-A067-E9876A9BA7FD}" = 影像中心
"{644E9589-F73A-49A4-AC61-A953B9DE5669}" = SketchUp Import for AutoCAD 2014
"{644F9B19-A462-499C-BF4D-300ABC2A28B1}" = Autodesk Material Library 2014
"{65153EA5-8B6E-43B6-857B-C6E4FC25798A}" = Intel® Management Engine Components
"{6A8DB215-7BCD-4377-B015-2E4541A3E7C6}" = Windows Live PIMT Platform
"{6C0A559F-8583-4B5A-8B50-20BEE15D8E64}" = Nuance PaperPort 12
"{6DA2B636-698A-3294-BF4A-B5E11B238CDD}" = Microsoft Visual C++ 2008 x64 MFC Runtime 9.0.30729
"{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable
"{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable
"{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}" = Apple Software Update
"{7B5AA67E-FEA0-40BB-BAB5-CA56645A589C}" = NVIDIA PhysX
"{802E137D-DA8F-47CC-AC21-6DD075CD948C}" = Windows Live UX Platform Language Pack
"{837b34e3-7c30-493c-8f6a-2b0f04e2912c}" = Microsoft Visual C++ 2005 Redistributable
"{89ECB85A-D933-4CEA-9116-5CBC9C2ED95B}" = ASUS Instant Connect
"{8A470330-70B2-49AD-86AF-79885EF9898A}" = FARO LS 1.1.501.0 (64bit)
"{8A642ACD-CE3A-4A23-A8B1-A0F7EB12B214}" = Windows Live SOXE Definitions
"{8CCEA24C-51AE-3B71-9092-7D0C44DDA2DF}" = Microsoft Visual C++ 2008 x64 OpenMP Runtime 9.0.30729
"{8D813AFF-D91D-4EE0-821F-B901FC2E89FA}" = Windows Live
"{8DD46C6A-0056-4FEC-B70A-28BB16A1F11F}" = MSVCRT
"{8E14DDC8-EA60-4E18-B3E3-1937104D5BDA}" = MSVCRT110
"{8F21291E-0444-4B1D-B9F9-4370A73E346D}" = WinFlash
"{8F7FECEC-088F-431D-A5FB-2B59E1E69943}" = Galería de fotos
"{90150000-008C-0000-0000-0000000FF1CE}" = Office 15 Click-to-Run Extensibility Component
"{90150000-008C-0409-0000-0000000FF1CE}" = Office 15 Click-to-Run Localization Component
"{90993BD9-C7D9-4C2F-B56C-2F7AFEBD4CD0}" = Windows Live UX Platform Language Pack
"{92D58719-BBC1-4CC3-A08B-56C9E884CC2C}" = Microsoft_VC80_CRT_x86
"{959B7F35-2819-40C5-A0CD-3C53B5FCC935}" = Genesys USB Mass Storage Device
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
"{A0633D4E-5AF2-4E3E-A70A-FE9C2BD8A958}" = Autodesk Material Library Medium Resolution Image Library 2014
"{A17946CA-18E5-4CF0-8D55-A56D804718F8}" = Movie Maker
"{A859E3E5-C62F-4BFA-AF1D-2B95E03166AF}" = ASUS USB Charger Plus
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{A9957C6B-8932-4ED7-8232-02B9B5641AE6}" = Rhinoceros 5 Language Pack Installer (fr-FR)
"{AAC5D43E-816D-4C2D-8E51-55FFF35BE301}" = Apple Application Support
"{AB5C933E-5C7D-4D30-B314-9C83A49B94BE}" = ATK Package
"{AC76BA86-1033-F400-7760-000000000005}" = Adobe Acrobat X Pro - English, Français, Deutsch
"{AC76BA86-7AD7-1033-7B44-AB0000000001}" = Adobe Reader XI (11.0.06)
"{B42E259C-E4D4-37F1-A1B2-EB9C4FC5A04D}" = Microsoft Visual C++ 2008 x86 MFC Runtime 9.0.30729
"{BA731FF4-DA48-D1D7-2BF6-E155339D9A27}" = Adobe® Content Viewer
"{BFEAAE77-BD7F-4534-B286-9C5CB4697EB1}" = PDF Settings CS6
"{C034A6F9-6569-491B-B3BF-F5D15221A708}" = Windows Live Essentials
"{C070121A-C8C5-4D52-9A7D-D240631BD433}" = Autodesk App Manager
"{C3A57BB3-9AA6-3F6F-9395-6C062BDD5FC4}" = Microsoft Visual C++ 2008 x64 ATL Runtime 9.0.30729
"{C40D110E-0718-4E11-A69B-D4EC7BF2EB04}" = Windows Live UX Platform Language Pack
"{C424CD5E-EA05-4D3E-B5DA-F9F149E1D3AC}" = Windows Live Installer
"{C59C179C-668D-49A9-B6EA-0121CCFC1243}" = CyberLink LabelPrint 2.5
"{C9B6EFD0-4F01-4BBA-8374-39AD99A3ED72}" = Windows Live Photo Common
"{CBD486B9-01C2-3412-8BAA-1C20A5A58EAC}" = Google Chrome
"{D5082B89-2E86-447E-A02C-922534592FA8}" = Photo Common
"{D888F114-7537-4D48-AF03-5DA9C82D7540}" = Photo Common
"{D8C51D93-9F5A-442D-A557-F5832ACF3314}" = Rhinoceros 5
"{DEC235ED-58A4-4517-A278-C41E8DAEAB3B}" = ASUSDVD
"{E09C4DB7-630C-4F06-A631-8EA7239923AF}" = D3DX10
"{E0B5FDF0-6940-44B2-8204-CFA746A6B4AF}" = Movie Maker
"{EA2BE047-FF29-4336-BB70-6AF201085BAF}" = Windows Live 程式集
"{EC8BD21F-0CA0-4BBF-97D9-4A52B30041A1}" = ASUS Virtual Camera
"{ED6C77F9-4D7E-447C-9EC0-9A212D075535}" = Movie Maker
"{EE2E1BED-0821-4244-ABDC-149E9F9750C3}" = Photo Common
"{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}" = Microsoft SQL Server 2005 Compact Edition [ENU]
"{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}" = Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{F54030F3-14B6-432D-9361-78DCB1473920}" = Photo Common
"{F6F09DD8-F39B-3A16-ADB9-C9E6B56903F9}" = Microsoft Visual C++ 2008 x64 CRT Runtime 9.0.30729
"{F732FEDA-7713-4428-934B-EF83B8DD65D0}" = Autodesk Featured Apps
"{FA540E67-095C-4A1B-97BA-4D547DEC9AF4}" = ASUS Live Update
"{FC6C7107-7D72-41A1-A031-3CE751159BAB}" = Photo Gallery
"{FE7C0B3D-50B9-4951-BE78-A321CBF86552}" = Windows Live SOXE
"Adobe AIR" = Adobe AIR
"Adobe Flash Player Plugin" = Adobe Flash Player 12 Plugin
"Adobe Shockwave Player" = Adobe Shockwave Player 12.0
"Arduino" = Arduino
"Asus Vibe2.0" = AsusVibe2.0
"ASUS WebStorage" = ASUS WebStorage Sync Agent
"Autodesk Content Service" = Autodesk Content Service
"Climate Consultant 5.5_is1" = Climate Consultant 5.5 version build 2
"com.adobe.dmp.contentviewer" = Adobe® Content Viewer
"InstallShield_{40BF1E83-20EB-11D8-97C5-0009C5020658}" = CyberLink Power2Go
"InstallShield_{C59C179C-668D-49A9-B6EA-0121CCFC1243}" = CyberLink LabelPrint 2.5
"InstallShield_{DEC235ED-58A4-4517-A278-C41E8DAEAB3B}" = ASUSDVD
"LastFM_is1" = Last.fm Scrobbler 2.1.36
"Malwarebytes' Anti-Malware_is1" = Malwarebytes Anti-Malware version 1.75.0.1300
"Mozilla Firefox 27.0.1 (x86 en-US)" = Mozilla Firefox 27.0.1 (x86 en-US)
"MozillaMaintenanceService" = Mozilla Maintenance Service
"MyBitCast" = MyBitCast 2.0
"netfabb_51" = netfabb Basic
"pepakura_designer3en" = Pepakura Designer 3
"Rainmeter" = Rainmeter
"UltraUXThemePatcher" = UltraUXThemePatcher
"VLC media player" = VLC media player 2.1.3
"V-Ray for Rhinoceros 5 x64 edu 1.50.22564" = V-Ray for Rhinoceros 5 x64 edu
"WinLiveSuite" = Windows Live Essentials
"World Machine2Basic" = World Machine 2.3 Basic Edition
 
========== HKEY_CURRENT_USER Uninstall List ==========
 
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"Akamai" = Akamai NetSession Interface
"Dropbox" = Dropbox
"SkyDriveSetup.exe" = Microsoft SkyDrive
"uTorrent" = µTorrent
 
========== Last 20 Event Log Errors ==========
 
[ Application Events ]
Error - 12/01/14 02:27:42 | Computer Name = Architecture | Source = Application Error | ID = 1000
Description = Faulting application name: Explorer.EXE, version: 6.3.9600.16441,
time stamp: 0x5265dec8  Faulting module name: QtCore_Ad_SyncNs_4.dll_unloaded, version:
 4.8.2.0, time stamp: 0x50d3fca7  Exception code: 0xc0000005  Fault offset: 0x00000000000265fe
Faulting
 process id: 0x24a34  Faulting application start time: 0x01cf0f5cd2002536  Faulting
application path: C:\WINDOWS\Explorer.EXE  Faulting module path: QtCore_Ad_SyncNs_4.dll
Report
 Id: a39903cc-7b52-11e3-beae-6c71d953d0aa  Faulting package full name:   Faulting package-relative
 application ID:
 
Error - 12/01/14 04:00:39 | Computer Name = Architecture | Source = SideBySide | ID = 16842785
Description = Activation context generation failed for "c:\program files\Autodesk\revit
 2014\FaroImporter.exe".  Dependent Assembly FARO.LS,processorArchitecture="x86",publicKeyToken="1d23f5635ba800ab",type="win32",version="1.1.408.2"
 could not be found.  Please use sxstrace.exe for detailed diagnosis.
 
Error - 12/01/14 15:56:46 | Computer Name = Architecture | Source = SideBySide | ID = 16842785
Description = Activation context generation failed for "c:\program files\Autodesk\revit
 2014\FaroImporter.exe".  Dependent Assembly FARO.LS,processorArchitecture="x86",publicKeyToken="1d23f5635ba800ab",type="win32",version="1.1.408.2"
 could not be found.  Please use sxstrace.exe for detailed diagnosis.
 
Error - 12/01/14 16:02:14 | Computer Name = Architecture | Source = SideBySide | ID = 16842785
Description = Activation context generation failed for "c:\program files\Autodesk\revit
 2014\FaroImporter.exe".  Dependent Assembly FARO.LS,processorArchitecture="x86",publicKeyToken="1d23f5635ba800ab",type="win32",version="1.1.408.2"
 could not be found.  Please use sxstrace.exe for detailed diagnosis.
 
Error - 12/01/14 17:17:26 | Computer Name = Architecture | Source = SideBySide | ID = 16842785
Description = Activation context generation failed for "c:\program files\Autodesk\revit
 2014\FaroImporter.exe".  Dependent Assembly FARO.LS,processorArchitecture="x86",publicKeyToken="1d23f5635ba800ab",type="win32",version="1.1.408.2"
 could not be found.  Please use sxstrace.exe for detailed diagnosis.
 
Error - 12/01/14 17:27:51 | Computer Name = Architecture | Source = SideBySide | ID = 16842785
Description = Activation context generation failed for "c:\program files\Autodesk\revit
 2014\FaroImporter.exe".  Dependent Assembly FARO.LS,processorArchitecture="x86",publicKeyToken="1d23f5635ba800ab",type="win32",version="1.1.408.2"
 could not be found.  Please use sxstrace.exe for detailed diagnosis.
 
Error - 12/01/14 20:11:40 | Computer Name = Architecture | Source = SideBySide | ID = 16842785
Description = Activation context generation failed for "c:\program files\Autodesk\revit
 2014\FaroImporter.exe".  Dependent Assembly FARO.LS,processorArchitecture="x86",publicKeyToken="1d23f5635ba800ab",type="win32",version="1.1.408.2"
 could not be found.  Please use sxstrace.exe for detailed diagnosis.
 
Error - 12/01/14 20:14:24 | Computer Name = Architecture | Source = SideBySide | ID = 16842785
Description = Activation context generation failed for "c:\program files\Autodesk\revit
 2014\FaroImporter.exe".  Dependent Assembly FARO.LS,processorArchitecture="x86",publicKeyToken="1d23f5635ba800ab",type="win32",version="1.1.408.2"
 could not be found.  Please use sxstrace.exe for detailed diagnosis.
 
Error - 12/01/14 20:58:14 | Computer Name = Architecture | Source = SideBySide | ID = 16842785
Description = Activation context generation failed for "c:\program files\Autodesk\revit
 2014\FaroImporter.exe".  Dependent Assembly FARO.LS,processorArchitecture="x86",publicKeyToken="1d23f5635ba800ab",type="win32",version="1.1.408.2"
 could not be found.  Please use sxstrace.exe for detailed diagnosis.
 
Error - 12/01/14 22:23:07 | Computer Name = Architecture | Source = SideBySide | ID = 16842785
Description = Activation context generation failed for "c:\program files\Autodesk\revit
 2014\FaroImporter.exe".  Dependent Assembly FARO.LS,processorArchitecture="x86",publicKeyToken="1d23f5635ba800ab",type="win32",version="1.1.408.2"
 could not be found.  Please use sxstrace.exe for detailed diagnosis.
 
[ McNeel Events ]
Error - 08/02/14 14:08:07 | Computer Name = Architecture | Source = McNeel Update Service (version 5.7) | ID = 65535
Description = Exception,"Exception: System.InvalidOperationException  There is an
error in XML document (0, 0).  System.Xml  There is an error in XML document (0, 0).

   at System.Xml.Serialization.XmlSerializer.Deserialize(XmlReader xmlReader, String
 encodingStyle, XmlDeserializationEvents events)     at System.Xml.Serialization.XmlSerializer.Deserialize(TextReader
 textReader)     at McNeelUpdateService.BitsDownloadManager.BitsDownloadState.Load(String
 remoteUrl, String localPath) in d:\integration\rhino5\src4\tools\McNeelUpdate5\McNeelUpdateService\BitsDownloadManager.cs:line
 436    Inner Exception: System.Xml.XmlException  Root element is missing.  System.Xml  Root
 element is missing.     at System.Xml.XmlTextReaderImpl.Throw(Exception e)     at System.Xml.XmlTextReaderImpl.ParseDocumentContent()

   at System.Xml.XmlTextReaderImpl.Read()     at System.Xml.XmlTextReader.Read()    
 at System.Xml.XmlReader.MoveToContent()     at Microsoft.Xml.Serialization.GeneratedAssembly.XmlSerializationReaderBitsDownloadState.Read7_BitsDownloadState()",5.7.31213.18395
 
Error - 08/02/14 14:08:08 | Computer Name = Architecture | Source = McNeel Update Service (version 5.7) | ID = 65535
Description = Exception,"Exception: System.InvalidOperationException  There is an
error in XML document (0, 0).  System.Xml  There is an error in XML document (0, 0).

   at System.Xml.Serialization.XmlSerializer.Deserialize(XmlReader xmlReader, String
 encodingStyle, XmlDeserializationEvents events)     at System.Xml.Serialization.XmlSerializer.Deserialize(TextReader
 textReader)     at McNeelUpdateService.BitsDownloadManager.BitsDownloadState.Load(String
 remoteUrl, String localPath) in d:\integration\rhino5\src4\tools\McNeelUpdate5\McNeelUpdateService\BitsDownloadManager.cs:line
 436    Inner Exception: System.Xml.XmlException  Root element is missing.  System.Xml  Root
 element is missing.     at System.Xml.XmlTextReaderImpl.Throw(Exception e)     at System.Xml.XmlTextReaderImpl.ParseDocumentContent()

   at System.Xml.XmlTextReaderImpl.Read()     at System.Xml.XmlTextReader.Read()    
 at System.Xml.XmlReader.MoveToContent()     at Microsoft.Xml.Serialization.GeneratedAssembly.XmlSerializationReaderBitsDownloadState.Read7_BitsDownloadState()",5.7.31213.18395
 
[ OAlerts Events ]
Error - 26/09/13 09:58:52 | Computer Name = Architecture | Source = Microsoft Office 15 Alerts | ID = 300
Description = New App for Office This app comes from the Office Store. It will have
 access to the contents of this document if you choose Start. P1: Apps for Office
P2:
 15.0.4535.1000 P3: 0x80042FAC P4:  
 
[ System Events ]
Error - 14/03/14 14:12:58 | Computer Name = Architecture | Source = Microsoft-Windows-WindowsUpdateClient | ID = 20
Description = Installation Failure: Windows failed to install the following update
 with error 0x80070002: Microsoft.SkypeApp.
 
Error - 15/03/14 00:56:13 | Computer Name = Architecture | Source = Microsoft-Windows-WindowsUpdateClient | ID = 20
Description = Installation Failure: Windows failed to install the following update
 with error 0x80070002: Microsoft.SkypeApp.
 
Error - 15/03/14 14:11:19 | Computer Name = Architecture | Source = DCOM | ID = 10016
Description =
 
Error - 15/03/14 14:18:51 | Computer Name = Architecture | Source = Microsoft-Windows-WindowsUpdateClient | ID = 20
Description = Installation Failure: Windows failed to install the following update
 with error 0x80070002: Microsoft.SkypeApp.
 
Error - 16/03/14 13:38:16 | Computer Name = Architecture | Source = DCOM | ID = 10016
Description =
 
Error - 16/03/14 13:45:41 | Computer Name = Architecture | Source = Microsoft-Windows-WindowsUpdateClient | ID = 20
Description = Installation Failure: Windows failed to install the following update
 with error 0x80070002: Microsoft.SkypeApp.
 
Error - 16/03/14 14:06:55 | Computer Name = Architecture | Source = Microsoft-Windows-WindowsUpdateClient | ID = 20
Description = Installation Failure: Windows failed to install the following update
 with error 0x80070002: Microsoft.SkypeApp.
 
Error - 17/03/14 10:47:38 | Computer Name = Architecture | Source = DCOM | ID = 10016
Description =
 
Error - 17/03/14 10:55:21 | Computer Name = Architecture | Source = Microsoft-Windows-WindowsUpdateClient | ID = 20
Description = Installation Failure: Windows failed to install the following update
 with error 0x80070002: Microsoft.SkypeApp.
 
Error - 18/03/14 00:51:31 | Computer Name = Architecture | Source = EventLog | ID = 6008
Description = The previous system shutdown at 3:30:50 PM on ?3/?17/?2014 was unexpected.
 
 
< End of report >
 


    Advertisements

Register to Remove


#2 Tomk

Tomk

    Beguilement Monitor

  • Classroom Admin
  • 20,134 posts

Posted 01 April 2014 - 01:17 PM

Hi ClementZ,

  :welcome:

My name is Tomk. I would be glad to take a look at your log and help you with solving any malware problems. Logs can take a while to research, so please be patient and I'd be grateful if you would note the following:
  • I will be working on your Malware issues, this may or may not, solve other issues you have with your machine.
  • The fixes are specific to your problem and should only be used for the issues on this machine.
  • Please continue to review my answers until I tell you your machine appears to be clear. Absence of symptoms does not mean that everything is clear.
  • It's often worth reading through these instructions and printing them for ease of reference.
  • If you don't know or understand something, please don't hesitate to say or ask!! It's better to be sure and safe than sorry.
  • Please reply to this thread. Do not start a new topic.
utorrent
You have utorrent, a P2P/file sharing programs installed on your computer. P2P applications like it are the largest source of malware we see. You'll be doing yourself a favor by removing it.

References for the risk of these programs can be found in these links:
http://www.microsoft...protection.mspx
http://www.techweb.com/wire/160500554
http://www.internetw...cles/art053.htm


I would recommend that you uninstall utorrent, however that choice is up to you. If you choose to remove these programs, you can do so via Control Panel >> Add or Remove Programs.

If you wish to keep it, please do not use it until your computer is cleaned.

Seeing as how this is a Windows 8 machine, let's get a different scan.

Please download [url=http://www.bleepingc...very-scan-tool/]Farbar Recovery Scan Tool and save it to your Desktop.

Note: You need to run the version compatible with your system. If you are not sure which version applies to your system download both of them and try to run them. Only one of them will run on your system, that will be the right version.
  • Right click to run as administrator (XP users click run after receipt of Windows Security Warning - Open File). When the tool opens click Yes to disclaimer.
  • Press Scan button.
  • It will produce a log called FRST.txt in the same directory the tool is run from.
  • Please copy and paste log back here.
  • The first time the tool is run it generates another log (Addition.txt - also located in the same directory as FRST.exe/FRST64.exe). Please also paste that along with the FRST.txt into your reply.

Tomk
------------------------------------------------------------

mvplogo1_zpsea7gtc7e.gif


WTT-Grad1.jpg

Topics are closed after 5 days without response
unite_blue_zpsbfd3cd98.png


#3 ClementZ

ClementZ

    Authentic Member

  • Authentic Member
  • PipPip
  • 98 posts

Posted 03 April 2014 - 11:17 PM

FRST.txt

 

Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 13-03-2014
Ran by Shanne (administrator) on ARCHITECTURE on 04-04-2014 01:15:38
Running from C:\Users\Shanne\Downloads
Windows 8.1 (X64) OS Language: English(US)
Internet Explorer Version 11
Boot Mode: Normal

The only official download link for FRST:
Download link for 32-Bit version: http://www.bleepingc...can-tool/dl/81/
Download link for 64-Bit Version: http://www.bleepingc...can-tool/dl/82/
Download link from any site other than Bleeping Computer is unpermitted or outdated.
See tutorial for FRST: http://www.geekstogo...very-scan-tool/

==================== Processes (Whitelisted) =================

(NVIDIA Corporation) C:\WINDOWS\system32\nvvsvc.exe
(The Within Network, LLC) C:\WINDOWS\unsignedthemes.exe
(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\ASLDRSrv.exe
(ASUS) C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Autodesk, Inc.) C:\Program Files (x86)\Autodesk\Content Service\Connect.Service.ContentService.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Broadcom Corporation.) C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe
(Total Defense, Inc.) C:\Program Files\Total Defense\Internet Security Suite\Anti-Virus\caamsvc.exe
(Computer Associates International, Inc.) C:\Program Files\Total Defense\Internet Security Suite\Anti-Virus\isafe.exe
(Total Defense, Inc.) C:\Program Files\Total Defense\Internet Security Suite\ccschedulersvc.exe
(Microsoft Corporation) C:\Program Files\Microsoft Office 15\ClientX64\OfficeClickToRun.exe
(Intel® Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
(Microsoft Corporation) C:\WINDOWS\system32\dashost.exe
(Robert McNeel & Associates) C:\Program Files (x86)\McNeelUpdate\5.0\McNeelUpdateService.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(Nuance Communications, Inc.) C:\Program Files (x86)\Nuance\PaperPort\PDFProFiltSrvPP.exe
(CA) C:\Program Files\CA\SharedComponents\TMEngine\UmxEngine.exe
() C:\ProgramData\ASGVIS\Dongle Utilities\startvrlservice.exe
() C:\Windows\SysWOW64\cfgmig32.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.23.9\GoogleCrashHandler.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.23.9\GoogleCrashHandler64.exe
(Total Defense, Inc.) C:\Program Files\Total Defense\Internet Security Suite\ccprovsp.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\FWService\IntelMeFWService.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\jhi_service.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe
(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
() C:\ProgramData\ASGVIS\Dongle Utilities\vrlservice.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\WINDOWS\system32\nvvsvc.exe
(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControl.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(ASUS) C:\Program Files\ASUS\P4G\BatteryLife.exe
(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\USBChargerPlus\USBChargerPlus.exe
(ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\Splendid\ColorUService.exe
(ASUS) C:\Program Files (x86)\ASUS\Splendid\ACMON.exe
(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\KBFiltr.exe
(IvoSoft) C:\Program Files\Classic Shell\ClassicStartMenu.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
(Total Defense, Inc.) C:\Program Files\Total Defense\Internet Security Suite\ccEvtMgr.exe
(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe
(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDCtrl.exe
() C:\Windows\SysWOW64\UMonit64.exe
(ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDCtrlHelper.exe
(Total Defense, Inc.) C:\Program Files\Total Defense\Internet Security Suite\casc.exe
(ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDGesture.exe
(Acresso Corporation) C:\ProgramData\FLEXnet\Connect\11\ISUSPM.exe
(Dropbox, Inc.) C:\Users\Shanne\AppData\Roaming\Dropbox\bin\Dropbox.exe
(cyberlink) C:\Program Files (x86)\CyberLink\Shared files\brs.exe
() C:\Program Files\Rainmeter\Rainmeter.exe
(Brother Industries, Ltd.) C:\Program Files (x86)\ControlCenter4\BrCtrlCntr.exe
(CyberLink) C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvc.exe
(Brother Industries, Ltd.) C:\Program Files (x86)\ControlCenter4\BrCcUxSys.exe
(Adobe Systems Inc.) C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\acrotray.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Microsoft Corporation) C:\Windows\System32\SettingSyncHost.exe
(Adobe Systems, Inc.) C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerPlugin_12_0_0_77.exe
(Adobe Systems, Inc.) C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerPlugin_12_0_0_77.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe


==================== Registry (Whitelisted) ==================

HKLM\...\Run: [RTHDVCPL] - C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [13449288 2013-03-26] (Realtek Semiconductor)
HKLM\...\Run: [RtHDVBg] - C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1278024 2013-03-08] (Realtek Semiconductor)
HKLM\...\Run: [ETDCtrl] - C:\Program Files\Elantech\ETDCtrl.exe [2890640 2013-04-02] (ELAN Microelectronics Corp.)
HKLM\...\Run: [UMonit64] - C:\Windows\SysWOW64\UMonit64.exe [40960 2013-03-14] ()
HKLM\...\Run: [cctray] - C:\Program Files\Total Defense\Internet Security Suite\casc.exe [2733576 2013-10-10] (Total Defense, Inc.)
HKLM\...\Run: [AdobeAAMUpdater-1.0] - C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [444904 2012-09-20] (Adobe Systems Incorporated)
HKLM\...\Run: [Nvtmru] - "C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\nvtmru.exe"
HKLM\...\Run: [NvBackend] - C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2234144 2014-01-20] (NVIDIA Corporation)
HKLM\...\Run: [ShadowPlay] - C:\WINDOWS\system32\nvspcap64.dll [1179576 2014-01-20] (NVIDIA Corporation)
HKLM\...\Run: [Classic Start Menu] - C:\Program Files\Classic Shell\ClassicStartMenu.exe [161984 2014-01-18] (IvoSoft)
HKLM-x32\...\Run: [ASUSPRP] - C:\Program Files (x86)\ASUS\APRP\APRP.EXE [3187360 2012-11-27] (ASUSTek Computer Inc.)
HKLM-x32\...\Run: [ASUSWebStorage] - C:\Program Files (x86)\ASUS\WebStorage Sync Agent\1.1.10.123\AsusWSPanel.exe [3423104 2012-08-31] (ASUS Cloud Corporation)
HKLM-x32\...\Run: [RemoteControl10] - C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe [93296 2012-07-13] (CyberLink Corp.)
HKLM-x32\...\Run: [BDRegion] - C:\Program Files (x86)\Cyberlink\Shared files\brs.exe [181208 2013-01-15] (cyberlink)
HKLM-x32\...\Run: [ROGNB] - C:\Program Files (x86)\ASUS Gaming Mouse\hid.exe [466944 2011-09-19] ()
HKLM-x32\...\Run: [Adobe ARM] - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959904 2013-11-21] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [APSDaemon] - C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [43848 2014-02-12] (Apple Inc.)
HKLM-x32\...\Run: [ControlCenter4] - C:\Program Files (x86)\ControlCenter4\BrCcBoot.exe [143360 2012-09-06] (Brother Industries, Ltd.)
HKLM-x32\...\Run: [BrStsMon00] - C:\Program Files (x86)\Browny02\Brother\BrStMonW.exe [3076096 2012-06-06] (Brother Industries, Ltd.)
HKLM-x32\...\Run: [IndexSearch] - C:\Program Files (x86)\Nuance\PaperPort\IndexSearch.exe [46368 2010-03-09] (Nuance Communications, Inc.)
HKLM-x32\...\Run: [PaperPort PTD] - C:\Program Files (x86)\Nuance\PaperPort\pptd40nt.exe [29984 2010-03-09] (Nuance Communications, Inc.)
HKLM-x32\...\Run: [PPort12reminder] - C:\Program Files (x86)\Nuance\PaperPort\Ereg\Ereg.exe [328992 2010-02-09] (Nuance Communications, Inc.)
HKLM-x32\...\Run: [PDFHook] - C:\Program Files (x86)\Nuance\PDF Viewer Plus\pdfpro5hook.exe [636192 2010-03-05] (Nuance Communications, Inc.)
HKLM-x32\...\Run: [PDF5 Registry Controller] - C:\Program Files (x86)\Nuance\PDF Viewer Plus\RegistryController.exe [62752 2010-03-05] (Nuance Communications, Inc.)
HKLM-x32\...\Run: [CLMLServer] - C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvc.exe [111120 2012-05-24] (CyberLink)
HKLM-x32\...\Run: [SwitchBoard] - C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [AdobeCS6ServiceManager] - C:\Program Files (x86)\Common Files\Adobe\CS6ServiceManager\CS6ServiceManager.exe [1075296 2013-04-25] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [] - [X]
HKLM-x32\...\Run: [Adobe Acrobat Speed Launcher] - C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Acrobat_sl.exe [41336 2013-12-18] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [Acrobat Assistant 8.0] - C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Acrotray.exe [840568 2013-12-18] (Adobe Systems Inc.)
HKLM-x32\...\Run: [SunJavaUpdateSched] - C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [254336 2013-07-02] (Oracle Corporation)
HKLM-x32\...\Run: [QuickTime Task] - C:\Program Files (x86)\QuickTime\QTTask.exe [421888 2014-01-17] (Apple Inc.)
HKLM-x32\...\Run: [iTunesHelper] - C:\Program Files (x86)\iTunes\iTunesHelper.exe [152392 2014-02-21] (Apple Inc.)
Winlogon\Notify\PFW-x32: UmxWnp.Dll [X]
HKU\S-1-5-21-902799289-96371314-3691115440-1002\...\Run: [Power2GoExpress] - C:\Program Files (x86)\CyberLink\Power2Go\Power2GoExpress.exe [2649816 2012-12-25] (CyberLink Corp.)
HKU\S-1-5-21-902799289-96371314-3691115440-1002\...\Run: [ISUSPM] - C:\ProgramData\FLEXnet\Connect\11\ISUSPM.exe [222496 2009-05-05] (Acresso Corporation)
HKU\S-1-5-21-902799289-96371314-3691115440-1002\...\Run: [Akamai NetSession Interface] - C:\Users\Shanne\AppData\Local\Akamai\netsession_win.exe [4489472 2013-06-05] (Akamai Technologies, Inc.)
HKU\S-1-5-21-902799289-96371314-3691115440-1002\...\Run: [Autodesk Sync] - C:\Program Files\Autodesk\Autodesk Sync\AdSync.exe [1081224 2013-02-05] (Autodesk, Inc.)
HKU\S-1-5-21-902799289-96371314-3691115440-1002\...\Policies\Explorer: []
AppInit_DLLs: UmxSbxExA64.dll => C:\WINDOWS\system32\UmxSbxExA64.dll [171600 2011-02-28] (CA)
Startup: C:\Users\Shanne\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk
ShortcutTarget: Dropbox.lnk -> C:\Users\Shanne\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
Startup: C:\Users\Shanne\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Rainmeter.lnk
ShortcutTarget: Rainmeter.lnk -> C:\Program Files\Rainmeter\Rainmeter.exe ()

==================== Internet (Whitelisted) ====================

HKCU\Software\Microsoft\Internet Explorer\Main,Start Page =
HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://asus13.msn.com
SearchScopes: HKLM - DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = http://www.bing.com/...R&#38;pc=ASU2JS
SearchScopes: HKLM - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = http://www.bing.com/...R&#38;pc=ASU2JS
SearchScopes: HKCU - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
BHO: Lync Browser Helper - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\OCHelper.dll (Microsoft Corporation)
BHO: ExplorerBHO Class - {449D0D6E-2412-4E61-B68F-1CB625CD9E52} - C:\Program Files\Classic Shell\ClassicExplorer64.dll (IvoSoft)
BHO: Total Defense Anti-Phishing Toolbar Helper - {45011CF5-E4A9-4F13-9093-F30A784EB9B2} - C:\Program Files\Total Defense\Internet Security Suite\Anti-Phishing\toolbar\caIEToolbar.dll (Total Defense, Inc.)
BHO: Java™ Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO: Office Document Cache Handler - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\URLREDIR.DLL (Microsoft Corporation)
BHO: Microsoft SkyDrive Pro Browser Helper - {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} - C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\GROOVEEX.DLL (Microsoft Corporation)
BHO: Java™ Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
BHO: ClassicIEBHO Class - {EA801577-E6AD-4BD5-8F71-4BE0154331A4} - C:\Program Files\Classic Shell\ClassicIEDLL_64.dll (IvoSoft)
BHO-x32: ExplorerBHO Class - {449D0D6E-2412-4E61-B68F-1CB625CD9E52} - C:\Program Files\Classic Shell\ClassicExplorer32.dll (IvoSoft)
BHO-x32: Total Defense Anti-Phishing Toolbar Helper - {45011CF5-E4A9-4F13-9093-F30A784EB9B2} - C:\Program Files\Total Defense\Internet Security Suite\Anti-Phishing\x86\toolbar\caIEToolbar.dll (Total Defense, Inc.)
BHO-x32: PlusIEEventHelper Class - {551A852F-39A6-44A7-9C13-AFBEC9185A9D} - C:\Program Files (x86)\Nuance\PDF Viewer Plus\Bin\PlusIEContextMenu.dll (Zeon Corporation)
BHO-x32: Java™ Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO-x32: Adobe PDF Conversion Toolbar Helper - {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
BHO-x32: Office Document Cache Handler - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office 15\root\Office15\URLREDIR.DLL (Microsoft Corporation)
BHO-x32: Java™ Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
BHO-x32: ClassicIEBHO Class - {EA801577-E6AD-4BD5-8F71-4BE0154331A4} - C:\Program Files\Classic Shell\ClassicIEDLL_32.dll (IvoSoft)
BHO-x32: SmartSelect Class - {F4971EE7-DAA0-4053-9964-665D8EE6A077} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
Toolbar: HKLM - Total Defense Anti-Phishing Toolbar - {0123B506-0AD9-43AA-B0CF-916C122AD4C5} - C:\Program Files\Total Defense\Internet Security Suite\Anti-Phishing\toolbar\caIEToolbar.dll (Total Defense, Inc.)
Toolbar: HKLM - Classic Explorer Bar - {553891B7-A0D5-4526-BE18-D3CE461D6310} - C:\Program Files\Classic Shell\ClassicExplorer64.dll (IvoSoft)
Toolbar: HKLM-x32 - Total Defense Anti-Phishing Toolbar - {0123B506-0AD9-43AA-B0CF-916C122AD4C5} - C:\Program Files\Total Defense\Internet Security Suite\Anti-Phishing\x86\toolbar\caIEToolbar.dll (Total Defense, Inc.)
Toolbar: HKLM-x32 - Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
Toolbar: HKLM-x32 - Classic Explorer Bar - {553891B7-A0D5-4526-BE18-D3CE461D6310} - C:\Program Files\Classic Shell\ClassicExplorer32.dll (IvoSoft)
Toolbar: HKCU - Total Defense Anti-Phishing Toolbar - {0123B506-0AD9-43AA-B0CF-916C122AD4C5} - C:\Program Files\Total Defense\Internet Security Suite\Anti-Phishing\toolbar\caIEToolbar.dll (Total Defense, Inc.)
Handler-x32: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office 15\root\Office15\MSOSB.DLL (Microsoft Corporation)
Winsock: Catalog9-x64 01 C:\Windows\system32\VetRedir64.dll [105552] (Computer Associates International, Inc.)
Winsock: Catalog9-x64 02 C:\Windows\system32\VetRedir64.dll [105552] (Computer Associates International, Inc.)
Winsock: Catalog9-x64 03 C:\Windows\system32\VetRedir64.dll [105552] (Computer Associates International, Inc.)
Tcpip\Parameters: [DhcpNameServer] 192.168.2.1

FireFox:
========
FF ProfilePath: C:\Users\Shanne\AppData\Roaming\Mozilla\Firefox\Profiles\udgv82ly.default-1378347462758
FF Plugin: @adobe.com/FlashPlayer - C:\WINDOWS\system32\Macromed\Flash\NPSWF64_12_0_0_77.dll ()
FF Plugin: @java.com/DTPlugin,version=10.25.2 - C:\Windows\system32\npDeployJava1.dll (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=10.25.2 - C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - C:\Program Files\Microsoft Silverlight\5.1.30214.0\npctrl.dll ( Microsoft Corporation)
FF Plugin: adobe.com/AdobeAAMDetect - C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect64.dll (Adobe Systems)
FF Plugin: adobe.com/AdobeExManDetect - C:\Program Files (x86)\Adobe\Adobe Extension Manager CS6\Win64Plugin\npAdobeExManDetectX64.dll (Adobe Systems)
FF Plugin-x32: @adobe.com/FlashPlayer - C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_12_0_0_77.dll ()
FF Plugin-x32: @adobe.com/ShockwavePlayer - C:\Windows\SysWOW64\Adobe\Director\np32dsw_1203133.dll (Adobe Systems, Inc.)
FF Plugin-x32: @Apple.com/iTunes,version=1.0 - C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF Plugin-x32: @Google.com/GoogleEarthPlugin - C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=3.0.72 - C:\Program Files (x86)\Intel\Intel® Management Engine Components\IPT\npIntelWebAPIIPT.dll (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater - C:\Program Files (x86)\Intel\Intel® Management Engine Components\IPT\npIntelWebAPIUpdater.dll (Intel Corporation)
FF Plugin-x32: @java.com/DTPlugin,version=10.51.2 - C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.51.2 - C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 - C:\Program Files (x86)\Microsoft Silverlight\5.1.30214.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 - C:\Program Files\Microsoft Office 15\root\Office15\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3505.0912 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 - C:\Program Files (x86)\Google\Update\1.3.23.9\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 - C:\Program Files (x86)\Google\Update\1.3.23.9\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @videolan.org/vlc,version=2.0.8 - C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.1.3 - C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin-x32: Adobe Acrobat - C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Air\nppdf32.dll (Adobe Systems Inc.)
FF Plugin-x32: Adobe Reader - C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin-x32: adobe.com/AdobeAAMDetect - C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect32.dll (Adobe Systems)
FF Plugin-x32: adobe.com/AdobeExManDetect - C:\Program Files (x86)\Adobe\Adobe Extension Manager CS6\npAdobeExManDetectX86.dll (Adobe Systems)
FF Extension: WOT - C:\Users\Shanne\AppData\Roaming\Mozilla\Firefox\Profiles\udgv82ly.default-1378347462758\Extensions\{a0d7ccb3-214d-498b-b4aa-0e8fda9a7bf7} [2013-11-27]
FF Extension: Adblock Plus - C:\Users\Shanne\AppData\Roaming\Mozilla\Firefox\Profiles\udgv82ly.default-1378347462758\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2013-09-04]
FF HKLM-x32\...\Firefox\Extensions: [caaphishtoolbar@ca.com] - C:\Program Files\Total Defense\Internet Security Suite\Anti-Phishing\x86\Toolbar\Firefox
FF Extension: Total Defense Anti-Phishing Toolbar - C:\Program Files\Total Defense\Internet Security Suite\Anti-Phishing\x86\Toolbar\Firefox [2013-08-20]
FF HKLM-x32\...\Firefox\Extensions: [web2pdfextension@web2pdf.adobedotcom] - C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Browser\WCFirefoxExtn
FF Extension: Adobe Acrobat - Create PDF - C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Browser\WCFirefoxExtn [2013-10-05]
FF HKLM-x32\...\Thunderbird\Extensions: [msktbird@mcafee.com] - C:\Program Files\McAfee\MSK

Chrome:
=======
CHR Plugin: (Shockwave Flash) - C:\Program Files (x86)\Google\Chrome\Application\33.0.1750.154\PepperFlash\pepflashplayer.dll ()
CHR Plugin: (Chrome Remote Desktop Viewer) - internal-remoting-viewer
CHR Plugin: (Native Client) - C:\Program Files (x86)\Google\Chrome\Application\33.0.1750.154\ppGoogleNaClPluginChrome.dll ()
CHR Plugin: (Chrome PDF Viewer) - C:\Program Files (x86)\Google\Chrome\Application\33.0.1750.154\pdf.dll ()
CHR Plugin: (Adobe Acrobat) - C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
CHR Plugin: (Google Update) - C:\Program Files (x86)\Google\Update\1.3.21.153\npGoogleUpdate3.dll No File
CHR Plugin: (         "name": "",) - C:\Program Files (x86)\Intel\Intel® Management Engine Components\IPT\npIntelWebAPIIPT.dll (Intel Corporation)
CHR Plugin: (         "name": "",) - C:\Program Files (x86)\Intel\Intel® Management Engine Components\IPT\npIntelWebAPIUpdater.dll (Intel Corporation)
CHR Plugin: (Java™ Platform SE 7 U25) - C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
CHR Plugin: (Silverlight Plug-In) - C:\Program Files (x86)\Microsoft Silverlight\5.1.20513.0\npctrl.dll No File
CHR Plugin: (NVIDIA 3D Vision) - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll No File
CHR Plugin: (NVIDIA 3D VISION) - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll No File
CHR Plugin: (VLC Web Plugin) - C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
CHR Plugin: (Photo Gallery) - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
CHR Plugin: (iTunes Application Detector) - C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
CHR Plugin: (Microsoft Office 2013) - C:\Program Files\Microsoft Office 15\root\Office15\NPSPWRAP.DLL (Microsoft Corporation)
CHR Plugin: (Shockwave for Director) - C:\Windows\SysWOW64\Adobe\Director\np32dsw_1203133.dll (Adobe Systems, Inc.)
CHR Plugin: (Shockwave Flash) - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_8_800_94.dll No File
CHR Plugin: (Java Deployment Toolkit 7.0.250.17) - C:\Windows\SysWOW64\npDeployJava1.dll No File
CHR Extension: (Google Docs) - C:\Users\Shanne\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2013-09-02]
CHR Extension: (Google Drive) - C:\Users\Shanne\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2013-09-02]
CHR Extension: (YouTube) - C:\Users\Shanne\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2013-09-02]
CHR Extension: (Google Search) - C:\Users\Shanne\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2013-09-02]
CHR Extension: (AdBlock) - C:\Users\Shanne\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2013-09-07]
CHR Extension: (Total Defense Anti-Phishing Toolbar) - C:\Users\Shanne\AppData\Local\Google\Chrome\User Data\Default\Extensions\hpdpkkpdlooddakbebmkeeegehfjdnih [2013-09-02]
CHR Extension: (Google Wallet) - C:\Users\Shanne\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2013-09-02]
CHR Extension: (Gmail) - C:\Users\Shanne\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2013-09-02]
CHR HKLM-x32\...\Chrome\Extension: [hpdpkkpdlooddakbebmkeeegehfjdnih] - C:\Program Files\Total Defense\Internet Security Suite\Anti-Phishing\x86\Toolbar\GoogleChrome\td_aphish_toolbar.crx [2013-10-10]

==================== Services (Whitelisted) =================

R2 Autodesk Content Service; C:\Program Files (x86)\Autodesk\Content Service\Connect.Service.ContentService.exe [12288 2012-12-13] (Autodesk, Inc.)
S2 BcmBtRSupport; C:\Windows\system32\BtwRSupportService.exe [2252504 2013-09-04] (Broadcom Corporation.)
R2 CAAMSvc; C:\Program Files\Total Defense\Internet Security Suite\Anti-Virus\caamsvc.exe [313040 2013-10-29] (Total Defense, Inc.)
R3 CaCCProvSP; C:\Program Files\Total Defense\Internet Security Suite\ccprovsp.exe [367112 2013-10-10] (Total Defense, Inc.)
R2 CAISafe; C:\Program Files\Total Defense\Internet Security Suite\Anti-Virus\isafe.exe [314448 2012-08-18] (Computer Associates International, Inc.)
R2 ccSchedulerSVC; C:\Program Files\Total Defense\Internet Security Suite\ccschedulersvc.exe [288776 2013-10-10] (Total Defense, Inc.)
R2 ClickToRunSvc; C:\Program Files\Microsoft Office 15\ClientX64\OfficeClickToRun.exe [2169016 2014-03-01] (Microsoft Corporation)
S4 CLKMSVC10_38F51D56; C:\Program Files (x86)\CyberLink\PowerDVD10\NavFilter\kmsvc.exe [247768 2013-01-15] (CyberLink)
S3 Intel® Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [820184 2013-02-13] (Intel® Corporation)
R2 Intel® ME Service; C:\Program Files (x86)\Intel\Intel® Management Engine Components\FWService\IntelMeFWService.exe [131544 2013-04-11] (Intel Corporation)
R2 jhi_service; C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\jhi_service.exe [169432 2013-04-11] (Intel Corporation)
R2 McNeelUpdate; C:\Program Files (x86)\McNeelUpdate\5.0\McNeelUpdateService.exe [67224 2014-03-05] (Robert McNeel & Associates)
R2 NvNetworkService; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1593632 2014-01-20] (NVIDIA Corporation)
R2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [16939296 2014-01-20] (NVIDIA Corporation)
R2 PDFProFiltSrvPP; C:\Program Files (x86)\Nuance\PaperPort\PDFProFiltSrvPP.exe [144672 2010-03-09] (Nuance Communications, Inc.)
R2 UmxEngine; C:\Program Files\CA\SharedComponents\TMEngine\UmxEngine.exe [920656 2011-04-04] (CA)
R2 UnsignedThemes; C:\WINDOWS\unsignedthemes.exe [13824 2013-09-23] (The Within Network, LLC)
R2 VRLService; C:\ProgramData\ASGVIS\Dongle Utilities\startvrlservice.exe [212992 2012-12-06] ()
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [348392 2013-10-30] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [23824 2013-10-30] (Microsoft Corporation)
R2 WinSvchostManagerSrv; C:\Windows\SysWOW64\cfgmig32.exe [265736 2013-10-10] ()

==================== Drivers (Whitelisted) ====================

S0 ADP80XX; C:\Windows\System32\drivers\ADP80XX.SYS [782176 2013-08-22] (PMC-Sierra)
R3 bcbtums; C:\Windows\system32\drivers\bcbtums.sys [170712 2013-09-04] (Broadcom Corporation.)
R3 BCM43XX; C:\Windows\system32\DRIVERS\bcmwl63a.sys [8536752 2013-07-01] (Broadcom Corporation)
S3 bcmfn2; C:\Windows\System32\drivers\bcmfn2.sys [17624 2013-08-12] (Windows ® Win 7 DDK provider)
R3 BthLEEnum; C:\Windows\system32\DRIVERS\BthLEEnum.sys [224768 2013-08-22] (Microsoft Corporation)
R3 btwpanfl; C:\WINDOWS\system32\drivers\btwpanfl.sys [44912 2013-01-19] (Broadcom Corporation.)
S3 iaLPSSi_GPIO; C:\Windows\System32\drivers\iaLPSSi_GPIO.sys [24568 2013-07-30] (Intel Corporation)
S3 iaLPSSi_I2C; C:\Windows\System32\drivers\iaLPSSi_I2C.sys [99320 2013-07-25] (Intel Corporation)
S0 iaStorAV; C:\Windows\System32\drivers\iaStorAV.sys [651248 2013-08-09] (Intel Corporation)
R0 intelpep; C:\Windows\System32\drivers\intelpep.sys [39768 2013-11-10] (Microsoft Corporation)
R3 kbfiltr; C:\Windows\System32\drivers\kbfiltr.sys [14992 2012-08-01] ( )
R1 KmxAgent; C:\Windows\System32\DRIVERS\kmxagent.sys [113744 2011-10-26] (CA)
R0 KmxAMRT; C:\Windows\System32\DRIVERS\KmxAMRT.sys [182352 2011-10-27] (Total Defense)
R2 KmxCF; C:\Windows\System32\DRIVERS\KmxCF.sys [201936 2011-09-06] (CA)
R1 KmxCfg; C:\Windows\System32\DRIVERS\kmxcfg.sys [365136 2011-09-06] (CA)
R1 KmxFile; C:\Windows\System32\DRIVERS\KmxFile.sys [87120 2011-09-06] (CA)
R1 KmxFilter; C:\Windows\system32\DRIVERS\KmxFilter.sys [99024 2011-09-06] (CA)
R0 KmxFw; C:\Windows\System32\DRIVERS\kmxfw.sys [143824 2011-09-06] (CA)
R2 KmxSbx; C:\Windows\System32\DRIVERS\KmxSbx.sys [81488 2011-09-06] (CA)
S0 LSI_SAS3; C:\Windows\System32\drivers\lsi_sas3.sys [81760 2013-08-22] (LSI Corporation)
R3 NdisVirtualBus; C:\Windows\System32\drivers\NdisVirtualBus.sys [16384 2013-08-22] (Microsoft Corporation)
S3 netvsc; C:\Windows\system32\DRIVERS\netvsc63.sys [87040 2013-08-22] (Microsoft Corporation)
R3 nvvad_WaveExtensible; C:\Windows\system32\drivers\nvvad64v.sys [39200 2013-12-27] (NVIDIA Corporation)
S3 ReFS; C:\Windows\System32\Drivers\ReFS.sys [924512 2013-08-22] (Microsoft Corporation)
S3 SerCx2; C:\Windows\System32\drivers\SerCx2.sys [146776 2013-10-25] (Microsoft Corporation)
S0 stornvme; C:\Windows\System32\drivers\stornvme.sys [57176 2013-11-28] (Microsoft Corporation)
S3 UEFI; C:\Windows\System32\drivers\UEFI.sys [26976 2013-08-22] (Microsoft Corporation)
R2 uxstyle; C:\WINDOWS\system32\Drivers\uxstyle.sys [31440 2013-09-23] (The Within Network, LLC)
S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [124760 2013-10-30] (Microsoft Corporation)
R2 WIBUKEY; C:\Windows\System32\DRIVERS\WibuKey64.sys [97792 2011-09-22] (WIBU-SYSTEMS AG)
R3 Wibukey2_64; C:\Windows\system32\drivers\wibukey2_64.sys [16896 2009-08-07] (WIBU-SYSTEMS AG)

==================== NetSvcs (Whitelisted) ===================


==================== One Month Created Files and Folders ========

2014-04-04 01:15 - 2014-04-04 01:16 - 00030367 _____ () C:\Users\Shanne\Downloads\FRST.txt
2014-04-04 01:15 - 2014-04-04 01:15 - 02157056 _____ (Farbar) C:\Users\Shanne\Downloads\FRST64.exe
2014-04-04 01:15 - 2014-04-04 01:15 - 00000000 ____D () C:\FRST
2014-04-02 21:34 - 2014-04-02 21:34 - 00583726 _____ () C:\Users\Shanne\Downloads\Sea_pasenger_statistics_2013.zip
2014-04-02 21:34 - 2014-04-02 21:34 - 00000000 ____D () C:\Users\Shanne\Downloads\Sea_pasenger_statistics_2013
2014-03-29 14:57 - 2014-03-29 14:57 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2014-03-23 16:11 - 2014-03-23 16:11 - 00000132 _____ () C:\Users\Shanne\AppData\Roaming\Adobe PNG Format CS6 Prefs
2014-03-21 14:07 - 2014-03-21 14:07 - 00000000 _____ () C:\Users\Shanne\Desktop\New Text Document.txt
2014-03-20 14:03 - 2014-04-03 13:02 - 00004994 _____ () C:\WINDOWS\System32\Tasks\Microsoft Office 15 Sync Maintenance for ARCHITECTURE-Shanne Architecture
2014-03-18 23:37 - 2014-01-02 19:54 - 00461312 _____ (Microsoft Corporation) C:\WINDOWS\system32\XpsGdiConverter.dll
2014-03-18 23:37 - 2013-12-27 04:57 - 00628736 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingSyncHost.exe
2014-03-18 23:37 - 2013-12-27 04:23 - 00749056 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingSyncCore.dll
2014-03-18 23:37 - 2013-12-27 03:03 - 00478208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SettingSyncHost.exe
2014-03-18 23:37 - 2013-12-27 02:37 - 00588800 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SettingSyncCore.dll
2014-03-18 23:37 - 2013-12-14 02:31 - 13949440 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Xaml.dll
2014-03-18 23:37 - 2013-12-09 04:05 - 21199256 _____ (Microsoft Corporation) C:\WINDOWS\system32\shell32.dll
2014-03-18 23:37 - 2013-12-09 00:51 - 18643560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\shell32.dll
2014-03-18 23:36 - 2014-01-07 21:46 - 00325464 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\USBXHCI.SYS
2014-03-18 23:36 - 2014-01-07 21:41 - 01530712 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgkrnl.sys
2014-03-18 23:36 - 2014-01-07 21:41 - 00382808 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms1.sys
2014-03-18 23:36 - 2014-01-04 11:54 - 00138240 _____ () C:\WINDOWS\system32\OEMLicense.dll
2014-03-18 23:36 - 2014-01-04 11:08 - 00103936 _____ () C:\WINDOWS\SysWOW64\OEMLicense.dll
2014-03-18 23:36 - 2014-01-04 10:08 - 00206336 _____ (Microsoft Corporation) C:\WINDOWS\system32\WSClient.dll
2014-03-18 23:36 - 2014-01-04 09:53 - 00174592 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WSClient.dll
2014-03-18 23:36 - 2014-01-02 19:48 - 00336896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\XpsGdiConverter.dll
2014-03-18 23:36 - 2013-12-31 21:55 - 01720560 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntdll.dll
2014-03-18 23:36 - 2013-12-31 21:52 - 00481944 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfsvr.dll
2014-03-18 23:36 - 2013-12-31 20:56 - 01472048 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ntdll.dll
2014-03-18 23:36 - 2013-12-31 20:55 - 00381168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfsvr.dll
2014-03-18 23:36 - 2013-12-31 19:59 - 00802816 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MFMediaEngine.dll
2014-03-18 23:36 - 2013-12-31 19:57 - 01214976 _____ (Microsoft Corporation) C:\WINDOWS\system32\schedsvc.dll
2014-03-18 23:36 - 2013-12-31 19:56 - 00960512 _____ (Microsoft Corporation) C:\WINDOWS\system32\MFMediaEngine.dll
2014-03-18 23:36 - 2013-12-30 19:34 - 00218112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\sti.dll
2014-03-18 23:36 - 2013-12-30 19:33 - 00770560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ReAgent.dll
2014-03-18 23:36 - 2013-12-30 19:32 - 00303616 _____ (Microsoft Corporation) C:\WINDOWS\system32\sti.dll
2014-03-18 23:36 - 2013-12-30 19:31 - 00947712 _____ (Microsoft Corporation) C:\WINDOWS\system32\reseteng.dll
2014-03-18 23:36 - 2013-12-30 19:31 - 00914944 _____ (Microsoft Corporation) C:\WINDOWS\system32\ReAgent.dll
2014-03-18 23:36 - 2013-12-27 11:09 - 00419160 _____ (Microsoft Corporation) C:\WINDOWS\system32\hal.dll
2014-03-18 23:36 - 2013-12-27 04:57 - 00842752 _____ (Microsoft Corporation) C:\WINDOWS\system32\MsSpellCheckingFacility.dll
2014-03-18 23:36 - 2013-12-27 03:03 - 00630272 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MsSpellCheckingFacility.dll
2014-03-18 23:36 - 2013-12-21 03:21 - 00376320 _____ (Microsoft Corporation) C:\WINDOWS\system32\pnrpsvc.dll
2014-03-18 23:36 - 2013-12-17 03:21 - 00408576 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\rdbss.sys
2014-03-18 23:36 - 2013-12-14 02:19 - 18576384 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.dll
2014-03-18 23:36 - 2013-12-13 06:54 - 00131160 _____ (Microsoft Corporation) C:\WINDOWS\system32\easinvoker.exe
2014-03-18 23:36 - 2013-12-13 02:36 - 00178176 _____ (Microsoft Corporation) C:\WINDOWS\system32\easwrt.dll
2014-03-18 23:36 - 2013-12-13 01:32 - 00140800 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\easwrt.dll
2014-03-18 01:37 - 2014-03-18 01:37 - 00092498 _____ () C:\Users\Shanne\Downloads\Extras.Txt
2014-03-18 01:34 - 2014-03-18 01:34 - 00192064 _____ () C:\Users\Shanne\Downloads\OTL.Txt
2014-03-18 00:59 - 2014-03-18 00:59 - 00602112 _____ (OldTimer Tools) C:\Users\Shanne\Downloads\OTL.exe
2014-03-16 02:31 - 2014-03-21 21:57 - 00363342 _____ () C:\Users\Shanne\Downloads\1_800Site4.ai
2014-03-14 22:13 - 2014-03-14 22:13 - 24416926 _____ () C:\Users\Shanne\Desktop\RhinoCrashDump.3dm
2014-03-14 13:11 - 2014-03-14 13:11 - 00054184 _____ () C:\Users\Shanne\Desktop\BASED.stl
2014-03-14 13:08 - 2014-03-14 13:08 - 00345384 _____ () C:\Users\Shanne\Desktop\BRAAAH.stl
2014-03-14 13:08 - 2014-03-14 13:08 - 00000000 ____D () C:\Users\Shanne\AppData\Roaming\netfabb
2014-03-14 01:37 - 2014-03-14 01:37 - 00000000 ____D () C:\Users\Shanne\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\netfabb Basic
2014-03-14 01:37 - 2014-03-14 01:37 - 00000000 ____D () C:\Program Files (x86)\netfabb
2014-03-14 01:36 - 2014-03-14 01:36 - 00002150 _____ () C:\Users\Public\Desktop\VisualCADCAM 2014.lnk
2014-03-14 01:36 - 2014-03-14 01:36 - 00000000 __SHD () C:\WINDOWS\SysWOW64\AI_RecycleBin
2014-03-14 01:36 - 2014-03-14 01:36 - 00000000 ____D () C:\Users\Shanne\AppData\Roaming\MecSoft
2014-03-14 01:36 - 2014-03-14 01:36 - 00000000 ____D () C:\ProgramData\MecSoft Corporation
2014-03-14 01:36 - 2014-03-14 01:36 - 00000000 ____D () C:\Program Files\MecSoft Corporation
2014-03-14 00:56 - 2014-03-14 00:58 - 09838080 _____ () C:\Users\Shanne\Downloads\netfabb-basic_5.1.0_win32.exe
2014-03-14 00:46 - 2014-03-14 00:59 - 157082136 _____ (MecSoft Corporation) C:\Users\Shanne\Downloads\VisualCADCAM 1.0.44 Installer x64.exe
2014-03-12 14:11 - 2013-10-30 20:29 - 00236888 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\WdFilter.sys
2014-03-12 14:11 - 2013-10-30 20:29 - 00124760 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\WdNisDrv.sys
2014-03-12 14:11 - 2013-10-30 20:28 - 00035856 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\WdBoot.sys
2014-03-12 13:23 - 2014-02-22 08:16 - 00139776 _____ (Microsoft Corporation) C:\WINDOWS\system32\poqexec.exe
2014-03-12 13:23 - 2014-02-22 07:24 - 00124416 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\poqexec.exe
2014-03-12 12:27 - 2014-03-01 02:05 - 23133696 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2014-03-12 12:27 - 2014-03-01 00:58 - 02765824 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll
2014-03-12 12:27 - 2014-03-01 00:30 - 17074688 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2014-03-12 12:27 - 2014-03-01 00:17 - 00218624 _____ (Microsoft Corporation) C:\WINDOWS\system32\ie4uinit.exe
2014-03-12 12:27 - 2014-02-28 23:54 - 05768704 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll
2014-03-12 12:27 - 2014-02-28 23:47 - 02168320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll
2014-03-12 12:27 - 2014-02-28 23:42 - 00627200 _____ (Microsoft Corporation) C:\WINDOWS\system32\msfeeds.dll
2014-03-12 12:27 - 2014-02-28 23:18 - 13051904 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2014-03-12 12:27 - 2014-02-28 23:14 - 04244480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll
2014-03-12 12:27 - 2014-02-28 23:10 - 02334208 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll
2014-03-12 12:27 - 2014-02-28 23:03 - 00524288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msfeeds.dll
2014-03-12 12:27 - 2014-02-28 22:57 - 11266048 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll
2014-03-12 12:27 - 2014-02-28 22:38 - 01393664 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll
2014-03-12 12:27 - 2014-02-28 22:32 - 01820160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll
2014-03-12 12:27 - 2014-02-28 22:27 - 01156096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll
2014-03-12 12:27 - 2014-02-28 22:25 - 00817664 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieapfltr.dll
2014-03-12 12:27 - 2014-02-28 22:25 - 00703488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieapfltr.dll
2014-03-12 12:27 - 2013-12-20 06:18 - 01643584 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.efi
2014-03-12 12:27 - 2013-12-20 06:18 - 01507704 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.exe
2014-03-12 12:26 - 2014-02-10 23:04 - 04189184 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32k.sys
2014-03-12 12:26 - 2014-02-10 22:43 - 00488448 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\qedit.dll
2014-03-12 12:26 - 2014-02-10 22:04 - 00586240 _____ (Microsoft Corporation) C:\WINDOWS\system32\qedit.dll
2014-03-12 12:26 - 2014-01-31 12:15 - 00311640 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\volsnap.sys
2014-03-12 12:26 - 2014-01-31 12:07 - 00233920 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfps.dll
2014-03-12 12:26 - 2014-01-31 12:06 - 02133208 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfcore.dll
2014-03-12 12:26 - 2014-01-31 09:47 - 02143960 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfcore.dll
2014-03-12 12:26 - 2014-01-31 05:06 - 00716288 _____ (Microsoft Corporation) C:\WINDOWS\system32\swprv.dll
2014-03-12 12:26 - 2014-01-29 05:55 - 01287064 _____ (Microsoft Corporation) C:\WINDOWS\system32\kernel32.dll
2014-03-12 12:26 - 2014-01-29 04:53 - 00458616 _____ (Microsoft Corporation) C:\WINDOWS\system32\WerFault.exe
2014-03-12 12:26 - 2014-01-29 04:53 - 00407024 _____ (Microsoft Corporation) C:\WINDOWS\system32\Faultrep.dll
2014-03-12 12:26 - 2014-01-29 04:49 - 01928144 _____ (Microsoft Corporation) C:\WINDOWS\system32\combase.dll
2014-03-12 12:26 - 2014-01-29 04:47 - 02543960 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tcpip.sys
2014-03-12 12:26 - 2014-01-29 03:44 - 01371824 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\combase.dll
2014-03-12 12:26 - 2014-01-29 03:44 - 00408480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WerFault.exe
2014-03-12 12:26 - 2014-01-29 03:44 - 00369280 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Faultrep.dll
2014-03-12 12:26 - 2014-01-29 02:41 - 00208896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rdpencom.dll
2014-03-12 12:26 - 2014-01-28 20:36 - 00249856 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpencom.dll
2014-03-12 12:26 - 2014-01-27 15:07 - 04175360 _____ (Microsoft Corporation) C:\WINDOWS\system32\dbgeng.dll
2014-03-12 12:26 - 2014-01-27 15:06 - 00064512 _____ (Microsoft Corporation) C:\WINDOWS\system32\tsgqec.dll
2014-03-12 12:26 - 2014-01-27 15:04 - 00160256 _____ (Microsoft Corporation) C:\WINDOWS\system32\DWWIN.EXE
2014-03-12 12:26 - 2014-01-27 14:52 - 01036288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\kernel32.dll
2014-03-12 12:26 - 2014-01-27 14:23 - 02873344 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dbgeng.dll
2014-03-12 12:26 - 2014-01-27 14:21 - 00053248 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tsgqec.dll
2014-03-12 12:26 - 2014-01-27 14:20 - 00138752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DWWIN.EXE
2014-03-12 12:26 - 2014-01-27 14:15 - 01057280 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdvidcrl.dll
2014-03-12 12:26 - 2014-01-27 13:43 - 00855552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rdvidcrl.dll
2014-03-12 12:26 - 2014-01-27 13:18 - 01486848 _____ (Microsoft Corporation) C:\WINDOWS\system32\dbghelp.dll
2014-03-12 12:26 - 2014-01-27 13:00 - 01238016 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dbghelp.dll
2014-03-12 12:26 - 2014-01-27 11:58 - 05770752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mstscax.dll
2014-03-12 12:26 - 2014-01-27 11:50 - 06640640 _____ (Microsoft Corporation) C:\WINDOWS\system32\mstscax.dll
2014-03-12 12:26 - 2014-01-27 07:45 - 00386722 _____ () C:\WINDOWS\system32\ApnDatabase.xml
2014-03-12 12:26 - 2014-01-17 19:04 - 00764864 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfmpeg2srcsnk.dll
2014-03-12 12:26 - 2014-01-17 17:54 - 00669352 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfmpeg2srcsnk.dll
2014-03-12 12:26 - 2013-12-21 10:51 - 06353960 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppsvc.exe
2014-03-12 12:26 - 2013-12-21 04:54 - 00447488 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppcomapi.dll
2014-03-10 19:09 - 2014-03-10 19:09 - 00001100 _____ () C:\Users\Public\Desktop\Rhinoceros 5 (64-bit).lnk
2014-03-07 18:01 - 2014-03-07 18:01 - 00000000 ____D () C:\Users\Shanne\AppData\Roaming\World Machine 2.2 Basic
2014-03-07 15:41 - 2014-03-07 15:41 - 00000000 ____D () C:\Program Files (x86)\World Machine 2 Basic
2014-03-07 15:36 - 2014-03-07 15:36 - 08167693 _____ () C:\Users\Shanne\Downloads\WM236_Basic.exe
2014-03-05 23:58 - 2014-03-05 23:58 - 00963911 _____ () C:\Users\Shanne\Downloads\Metal_16.zip
2014-03-05 22:42 - 2014-03-05 22:42 - 00254589 _____ () C:\Users\Shanne\Downloads\Tile_05.zip
2014-03-05 22:22 - 2014-03-05 22:22 - 00514707 _____ () C:\Users\Shanne\Downloads\Tile_03.zip
2014-03-05 22:12 - 2014-03-05 22:14 - 06187504 _____ () C:\Users\Shanne\Downloads\Ceramic Brake_by_Advan_mx3359.zip
2014-03-05 22:12 - 2014-03-05 22:12 - 00002488 _____ () C:\Users\Shanne\Downloads\Volcanic stone slate _ Piedra Recinto_by_memosv11227.zip
2014-03-05 14:23 - 2014-03-05 14:23 - 00000000 ____H () C:\WINDOWS\system32\Drivers\Msft_User_LocationProvider_01_11_00.Wdf

==================== One Month Modified Files and Folders =======

2014-04-04 01:16 - 2014-04-04 01:15 - 00030367 _____ () C:\Users\Shanne\Downloads\FRST.txt
2014-04-04 01:15 - 2014-04-04 01:15 - 02157056 _____ (Farbar) C:\Users\Shanne\Downloads\FRST64.exe
2014-04-04 01:15 - 2014-04-04 01:15 - 00000000 ____D () C:\FRST
2014-04-04 01:02 - 2013-08-22 11:36 - 00000000 ____D () C:\WINDOWS\system32\sru
2014-04-04 00:52 - 2013-11-27 23:33 - 01632121 _____ () C:\WINDOWS\WindowsUpdate.log
2014-04-04 00:48 - 2014-01-10 13:19 - 00000000 ____D () C:\Users\Shanne\AppData\Roaming\Dropbox
2014-04-04 00:41 - 2013-08-22 11:36 - 00000000 ____D () C:\WINDOWS\AppReadiness
2014-04-04 00:36 - 2013-08-19 20:15 - 00003592 _____ () C:\WINDOWS\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-902799289-96371314-3691115440-1002
2014-04-04 00:34 - 2013-09-30 00:04 - 00863592 _____ () C:\WINDOWS\system32\PerfStringBackup.INI
2014-04-04 00:33 - 2013-11-28 00:07 - 00000000 ____D () C:\Users\Shanne\AppData\Roaming\ClassicShell
2014-04-04 00:32 - 2014-01-10 13:40 - 00000000 ___RD () C:\Users\Shanne\Dropbox
2014-04-04 00:31 - 2013-08-20 14:55 - 00000928 _____ () C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job
2014-04-04 00:31 - 2013-08-19 20:06 - 00000074 _____ () C:\Users\Shanne\AppData\Roaming\sp_data.sys
2014-04-03 22:30 - 2013-09-01 16:36 - 00000830 _____ () C:\WINDOWS\Tasks\Adobe Flash Player Updater.job
2014-04-03 22:26 - 2013-08-20 14:55 - 00000932 _____ () C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job
2014-04-03 22:18 - 2013-09-02 11:56 - 00000000 ____D () C:\Users\Shanne\AppData\Local\Last.fm
2014-04-03 15:32 - 2014-01-12 02:17 - 00000500 _____ () C:\WINDOWS\SysWOW64\Drivers\iczgzv_594.set
2014-04-03 15:32 - 2014-01-12 02:17 - 00000500 _____ () C:\WINDOWS\SysWOW64\Drivers\deqordi266.dat
2014-04-03 15:32 - 2014-01-12 02:17 - 00000500 _____ () C:\WINDOWS\d_kenkpm233.ini
2014-04-03 13:02 - 2014-03-20 14:03 - 00004994 _____ () C:\WINDOWS\System32\Tasks\Microsoft Office 15 Sync Maintenance for ARCHITECTURE-Shanne Architecture
2014-04-03 12:00 - 2013-05-25 01:03 - 00003474 _____ () C:\WINDOWS\System32\Tasks\ASUS Live Update1
2014-04-03 12:00 - 2013-05-25 01:03 - 00003464 _____ () C:\WINDOWS\System32\Tasks\ASUS Live Update2
2014-04-03 11:24 - 2013-11-27 23:58 - 00000000 __RDO () C:\Users\Shanne\SkyDrive
2014-04-03 11:23 - 2014-03-03 02:23 - 00002267 _____ () C:\WINDOWS\setupact.log
2014-04-03 02:00 - 2013-08-20 14:58 - 00000000 ____D () C:\Users\Shanne\AppData\Local\Adobe
2014-04-02 21:34 - 2014-04-02 21:34 - 00583726 _____ () C:\Users\Shanne\Downloads\Sea_pasenger_statistics_2013.zip
2014-04-02 21:34 - 2014-04-02 21:34 - 00000000 ____D () C:\Users\Shanne\Downloads\Sea_pasenger_statistics_2013
2014-04-02 13:27 - 2013-08-22 10:45 - 00000006 ____H () C:\WINDOWS\Tasks\SA.DAT
2014-04-02 13:26 - 2013-08-22 09:25 - 00262144 ___SH () C:\WINDOWS\system32\config\BBI
2014-04-02 13:25 - 2013-08-20 17:00 - 12425957 _____ () C:\WINDOWS\system32\Drivers\kmxcfg.u2k0
2014-04-02 13:25 - 2013-08-20 17:00 - 00822596 _____ () C:\WINDOWS\system32\Drivers\KmxAgent.asc
2014-04-02 13:25 - 2013-08-20 17:00 - 00000585 _____ () C:\WINDOWS\system32\Drivers\kmxzone.u2k0
2014-04-02 13:25 - 2013-08-20 17:00 - 00000085 _____ () C:\WINDOWS\system32\Drivers\kmxcfg.u2k7
2014-04-02 13:25 - 2013-08-20 17:00 - 00000085 _____ () C:\WINDOWS\system32\Drivers\kmxcfg.u2k6
2014-04-02 13:25 - 2013-08-20 17:00 - 00000085 _____ () C:\WINDOWS\system32\Drivers\kmxcfg.u2k5
2014-04-02 13:25 - 2013-08-20 17:00 - 00000085 _____ () C:\WINDOWS\system32\Drivers\kmxcfg.u2k4
2014-04-02 13:25 - 2013-08-20 17:00 - 00000085 _____ () C:\WINDOWS\system32\Drivers\kmxcfg.u2k3
2014-04-02 13:25 - 2013-08-20 17:00 - 00000085 _____ () C:\WINDOWS\system32\Drivers\kmxcfg.u2k2
2014-04-02 13:25 - 2013-08-20 17:00 - 00000085 _____ () C:\WINDOWS\system32\Drivers\kmxcfg.u2k1
2014-04-02 13:25 - 2013-08-20 17:00 - 00000049 _____ () C:\WINDOWS\system32\Drivers\kmxzone.u2k7
2014-04-02 13:25 - 2013-08-20 17:00 - 00000049 _____ () C:\WINDOWS\system32\Drivers\kmxzone.u2k6
2014-04-02 13:25 - 2013-08-20 17:00 - 00000049 _____ () C:\WINDOWS\system32\Drivers\kmxzone.u2k5
2014-04-02 13:25 - 2013-08-20 17:00 - 00000049 _____ () C:\WINDOWS\system32\Drivers\kmxzone.u2k4
2014-04-02 13:25 - 2013-08-20 17:00 - 00000049 _____ () C:\WINDOWS\system32\Drivers\kmxzone.u2k3
2014-04-02 13:25 - 2013-08-20 17:00 - 00000049 _____ () C:\WINDOWS\system32\Drivers\kmxzone.u2k2
2014-04-02 13:25 - 2013-08-20 17:00 - 00000049 _____ () C:\WINDOWS\system32\Drivers\kmxzone.u2k1
2014-03-31 03:49 - 2013-08-19 20:11 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service
2014-03-29 14:57 - 2014-03-29 14:57 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2014-03-27 12:21 - 2013-08-20 14:55 - 00003904 _____ () C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineUA
2014-03-27 12:21 - 2013-08-20 14:55 - 00003668 _____ () C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineCore
2014-03-26 02:41 - 2013-08-19 20:06 - 00000000 ____D () C:\Users\Shanne\AppData\Roaming\Adobe
2014-03-25 16:39 - 2012-11-27 14:26 - 06673050 _____ () C:\WINDOWS\AsDebug.log
2014-03-23 16:11 - 2014-03-23 16:11 - 00000132 _____ () C:\Users\Shanne\AppData\Roaming\Adobe PNG Format CS6 Prefs
2014-03-21 21:57 - 2014-03-16 02:31 - 00363342 _____ () C:\Users\Shanne\Downloads\1_800Site4.ai
2014-03-21 14:08 - 2013-08-22 11:36 - 00000000 ____D () C:\WINDOWS\rescache
2014-03-21 14:07 - 2014-03-21 14:07 - 00000000 _____ () C:\Users\Shanne\Desktop\New Text Document.txt
2014-03-21 13:57 - 2012-11-27 14:26 - 00000000 ____D () C:\Program Files (x86)\Adobe
2014-03-21 11:16 - 2013-08-19 20:08 - 00000000 ___RD () C:\Users\Shanne\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
2014-03-21 11:16 - 2013-08-19 20:08 - 00000000 ___RD () C:\Users\Shanne\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools
2014-03-21 11:15 - 2013-09-29 23:55 - 00008478 _____ () C:\WINDOWS\PFRO.log
2014-03-21 00:50 - 2013-08-22 11:36 - 00000000 ___RD () C:\WINDOWS\ToastData
2014-03-20 23:34 - 2013-08-20 15:16 - 00000000 ____D () C:\WINDOWS\system32\MRT
2014-03-20 23:33 - 2013-08-22 09:25 - 00262144 ___SH () C:\WINDOWS\system32\config\ELAM
2014-03-20 23:33 - 2013-08-20 15:16 - 90015360 _____ (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2014-03-19 12:17 - 2013-08-19 20:33 - 00000000 ____D () C:\Program Files\Microsoft Office 15
2014-03-18 01:59 - 2013-11-27 23:37 - 00000000 ____D () C:\Users\Shanne
2014-03-18 01:37 - 2014-03-18 01:37 - 00092498 _____ () C:\Users\Shanne\Downloads\Extras.Txt
2014-03-18 01:34 - 2014-03-18 01:34 - 00192064 _____ () C:\Users\Shanne\Downloads\OTL.Txt
2014-03-18 00:59 - 2014-03-18 00:59 - 00602112 _____ (OldTimer Tools) C:\Users\Shanne\Downloads\OTL.exe
2014-03-14 22:13 - 2014-03-14 22:13 - 24416926 _____ () C:\Users\Shanne\Desktop\RhinoCrashDump.3dm
2014-03-14 22:13 - 2013-10-18 00:41 - 00000000 ____D () C:\Users\Shanne\AppData\Roaming\McNeel
2014-03-14 22:13 - 2013-09-27 22:22 - 00000000 ____D () C:\ProgramData\McNeel
2014-03-14 13:11 - 2014-03-14 13:11 - 00054184 _____ () C:\Users\Shanne\Desktop\BASED.stl
2014-03-14 13:08 - 2014-03-14 13:08 - 00345384 _____ () C:\Users\Shanne\Desktop\BRAAAH.stl
2014-03-14 13:08 - 2014-03-14 13:08 - 00000000 ____D () C:\Users\Shanne\AppData\Roaming\netfabb
2014-03-14 01:37 - 2014-03-14 01:37 - 00000000 ____D () C:\Users\Shanne\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\netfabb Basic
2014-03-14 01:37 - 2014-03-14 01:37 - 00000000 ____D () C:\Program Files (x86)\netfabb
2014-03-14 01:36 - 2014-03-14 01:36 - 00002150 _____ () C:\Users\Public\Desktop\VisualCADCAM 2014.lnk
2014-03-14 01:36 - 2014-03-14 01:36 - 00000000 __SHD () C:\WINDOWS\SysWOW64\AI_RecycleBin
2014-03-14 01:36 - 2014-03-14 01:36 - 00000000 ____D () C:\Users\Shanne\AppData\Roaming\MecSoft
2014-03-14 01:36 - 2014-03-14 01:36 - 00000000 ____D () C:\ProgramData\MecSoft Corporation
2014-03-14 01:36 - 2014-03-14 01:36 - 00000000 ____D () C:\Program Files\MecSoft Corporation
2014-03-14 00:59 - 2014-03-14 00:46 - 157082136 _____ (MecSoft Corporation) C:\Users\Shanne\Downloads\VisualCADCAM 1.0.44 Installer x64.exe
2014-03-14 00:58 - 2014-03-14 00:56 - 09838080 _____ () C:\Users\Shanne\Downloads\netfabb-basic_5.1.0_win32.exe
2014-03-13 03:37 - 2013-08-22 11:36 - 00000000 ___RD () C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools
2014-03-13 03:37 - 2013-08-22 11:36 - 00000000 ___RD () C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools
2014-03-13 03:37 - 2013-08-22 11:36 - 00000000 ____D () C:\Program Files\Windows Defender
2014-03-13 03:37 - 2013-08-22 11:36 - 00000000 ____D () C:\Program Files (x86)\Windows Defender
2014-03-12 14:07 - 2013-08-22 10:44 - 05070624 _____ () C:\WINDOWS\system32\FNTCACHE.DAT
2014-03-12 14:06 - 2013-08-20 14:57 - 00000000 ____D () C:\Program Files\Microsoft Silverlight
2014-03-12 14:06 - 2013-08-20 14:57 - 00000000 ____D () C:\Program Files (x86)\Microsoft Silverlight
2014-03-11 13:30 - 2013-09-01 16:36 - 00003718 _____ () C:\WINDOWS\System32\Tasks\Adobe Flash Player Updater
2014-03-10 19:09 - 2014-03-10 19:09 - 00001100 _____ () C:\Users\Public\Desktop\Rhinoceros 5 (64-bit).lnk
2014-03-08 15:13 - 2013-10-22 23:01 - 00000000 ____D () C:\Users\Shanne\AppData\Local\cache
2014-03-07 18:01 - 2014-03-07 18:01 - 00000000 ____D () C:\Users\Shanne\AppData\Roaming\World Machine 2.2 Basic
2014-03-07 15:41 - 2014-03-07 15:41 - 00000000 ____D () C:\Program Files (x86)\World Machine 2 Basic
2014-03-07 15:36 - 2014-03-07 15:36 - 08167693 _____ () C:\Users\Shanne\Downloads\WM236_Basic.exe
2014-03-05 23:58 - 2014-03-05 23:58 - 00963911 _____ () C:\Users\Shanne\Downloads\Metal_16.zip
2014-03-05 22:42 - 2014-03-05 22:42 - 00254589 _____ () C:\Users\Shanne\Downloads\Tile_05.zip
2014-03-05 22:22 - 2014-03-05 22:22 - 00514707 _____ () C:\Users\Shanne\Downloads\Tile_03.zip
2014-03-05 22:14 - 2014-03-05 22:12 - 06187504 _____ () C:\Users\Shanne\Downloads\Ceramic Brake_by_Advan_mx3359.zip
2014-03-05 22:12 - 2014-03-05 22:12 - 00002488 _____ () C:\Users\Shanne\Downloads\Volcanic stone slate _ Piedra Recinto_by_memosv11227.zip
2014-03-05 14:23 - 2014-03-05 14:23 - 00000000 ____H () C:\WINDOWS\system32\Drivers\Msft_User_LocationProvider_01_11_00.Wdf
2014-03-05 02:34 - 2013-10-02 11:47 - 00000000 ____D () C:\ProgramData\ASGVIS

Files to move or delete:
====================
C:\ProgramData\SetStretch.exe


Some content of TEMP:
====================
C:\Users\Shanne\AppData\Local\Temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmpgmpko7.dll


==================== Bamital & volsnap Check =================

C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\rpcss.dll => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys
[2014-03-12 12:26] - [2014-01-31 12:15] - 0311640 ___AC (Microsoft Corporation) C85C075DE5B6D0FE116043054DE8EE02



LastRegBack: 2014-04-02 13:38

==================== End Of Log ============================

 

Addition.txt

 

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 13-03-2014
Ran by Shanne at 2014-04-04 01:16:35
Running from C:\Users\Shanne\Downloads
Boot Mode: Normal
==========================================================


==================== Security Center ========================

AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: Total Defense Anti-Virus (Enabled - Up to date) {57B5C44D-AAB5-DBC9-741B-542BE5A132EA}
AS: Total Defense Anti-Virus (Enabled - Up to date) {ECD425A9-8C8F-D447-4EAB-6F599E267857}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
FW: Total Defense Personal Firewall (Enabled) {6F8E4568-E0DA-DA91-5F44-FD1E1B727591}

==================== Installed Programs ======================

µTorrent (HKCU\...\uTorrent) (Version: 3.3.2.30416 - BitTorrent Inc.)
7-Zip 9.20 (x64 edition) (HKLM\...\{23170F69-40C1-2702-0920-000001000000}) (Version: 9.20.00.0 - Igor Pavlov)
Adobe Acrobat X Pro - English, Français, Deutsch (HKLM-x32\...\{AC76BA86-1033-F400-7760-000000000005}) (Version: 10.1.9 - Adobe Systems)
Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 4.0.0.1390 - Adobe Systems Incorporated)
Adobe AIR (x32 Version: 4.0.0.1390 - Adobe Systems Incorporated) Hidden
Adobe Creative Suite 6 Design Standard (HKLM-x32\...\{0327A4BF-62BF-48BB-8928-B971B749E9E1}) (Version: 6 - Adobe Systems Incorporated)
Adobe Flash Player 12 Plugin (HKLM-x32\...\Adobe Flash Player Plugin) (Version: 12.0.0.77 - Adobe Systems Incorporated)
Adobe Reader XI (11.0.06) (HKLM-x32\...\{AC76BA86-7AD7-1033-7B44-AB0000000001}) (Version: 11.0.06 - Adobe Systems Incorporated)
Adobe Shockwave Player 12.0 (HKLM-x32\...\Adobe Shockwave Player) (Version: 12.0.3.133 - Adobe Systems, Inc.)
Adobe® Content Viewer (HKLM-x32\...\com.adobe.dmp.contentviewer) (Version: 3.4.2 - Adobe Systems, Incorporated)
Adobe® Content Viewer (x32 Version: 3.4.2 - Adobe Systems, Incorporated) Hidden
Akamai NetSession Interface (HKCU\...\Akamai) (Version:  - Akamai Technologies, Inc)
Anti-Virus (Version: 3.2.0.48 - Total Defense, Inc.) Hidden
APH placeholder (Version:  - ) Hidden
Apple Application Support (HKLM-x32\...\{AAC5D43E-816D-4C2D-8E51-55FFF35BE301}) (Version: 3.0.1 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{787136D2-F0F8-4625-AA3F-72D7795AC842}) (Version: 7.1.1.3 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)
Arduino (HKLM-x32\...\Arduino) (Version: 1.0.5-r2 - Arduino LLC)
ASUS Instant Connect (HKLM-x32\...\{89ECB85A-D933-4CEA-9116-5CBC9C2ED95B}) (Version: 1.2.8 - ASUS)
ASUS LifeFrame3 (HKLM-x32\...\{1DBD1F12-ED93-49C0-A7CC-56CBDE488158}) (Version: 3.1.13 - ASUS)
ASUS Live Update (HKLM-x32\...\{FA540E67-095C-4A1B-97BA-4D547DEC9AF4}) (Version: 3.2.2 - ASUS)
ASUS Power4Gear Hybrid (HKLM\...\{9B6239BF-4E85-4590-8D72-51E30DB1A9AA}) (Version: 2.1.7 - ASUS)
ASUS ROG Gaming Mouse (HKLM-x32\...\{3B9E171F-A955-4834-B877-447C0A437260}) (Version: 2.00.020 - ASUS)
ASUS Screen Saver (HKLM\...\{0FBEEDF8-30FA-4FA3-B31F-C9C7E7E8DFA2}) (Version: 1.0.1 - ASUS)
ASUS Splendid Video Enhancement Technology (HKLM-x32\...\{0969AF05-4FF6-4C00-9406-43599238DE0D}) (Version: 2.01.0005 - ASUS)
ASUS Tutor (HKLM-x32\...\{58172D66-2F69-4215-9AEC-ED8196023736}) (Version: 1.0.8 - ASUS)
ASUS USB Charger Plus (HKLM-x32\...\{A859E3E5-C62F-4BFA-AF1D-2B95E03166AF}) (Version: 2.1.5 - ASUS)
ASUS Virtual Camera (HKLM-x32\...\{EC8BD21F-0CA0-4BBF-97D9-4A52B30041A1}) (Version: 1.0.28 - ASUS)
ASUS WebStorage Sync Agent (HKLM-x32\...\ASUS WebStorage) (Version: 1.1.10.123 - ASUS Cloud Corporation)
ASUSDVD (HKLM-x32\...\InstallShield_{DEC235ED-58A4-4517-A278-C41E8DAEAB3B}) (Version: 10.0.4924.52 - CyberLink Corp.)
ASUSDVD (x32 Version: 10.0.4924.52 - CyberLink Corp.) Hidden
AsusVibe2.0 (HKLM-x32\...\Asus Vibe2.0) (Version: 2.0.12.309 - ASUSTEK)
ATK Package (HKLM-x32\...\{AB5C933E-5C7D-4D30-B314-9C83A49B94BE}) (Version: 1.0.0027 - ASUS)
AutoCAD 2014 - English (Version: 19.1.42.0 - Autodesk) Hidden
AutoCAD 2014 Language Pack - English (Version: 19.1.42.0 - Autodesk) Hidden
AutoCAD Architecture 2014 - English (Version: 7.5.17.0 - Autodesk) Hidden
AutoCAD Architecture 2014 Language Pack - English (Version: 7.5.17.0 - Autodesk) Hidden
Autodesk 360 (HKLM\...\{52B28CAD-F49D-47BA-9FFE-29C2E85F0D0B}) (Version: 4.0.27.1 - Autodesk)
Autodesk App Manager (HKLM-x32\...\{C070121A-C8C5-4D52-9A7D-D240631BD433}) (Version: 1.1.0 - Autodesk)
Autodesk AutoCAD 2014 - English (HKLM\...\AutoCAD 2014 - English) (Version: 19.1.42.0 - Autodesk)
Autodesk AutoCAD Architecture 2014 - English (HKLM\...\AutoCAD Architecture 2014 - English) (Version: 7.5.17.0 - Autodesk)
Autodesk CAD Manager Tools (HKLM\...\{5783F2D7-0111-0409-0110-0060B0CE6BBA}) (Version: 16.0.0.65 - Autodesk)
Autodesk Content Service (HKLM-x32\...\Autodesk Content Service) (Version: 3.1.3.0 - Autodesk)
Autodesk Content Service (x32 Version: 3.1.3.0 - Autodesk) Hidden
Autodesk Content Service Language Pack (x32 Version: 3.1.3.0 - Autodesk) Hidden
Autodesk Featured Apps (HKLM-x32\...\{F732FEDA-7713-4428-934B-EF83B8DD65D0}) (Version: 1.1.0 - Autodesk)
Autodesk Material Library 2014 (HKLM-x32\...\{644F9B19-A462-499C-BF4D-300ABC2A28B1}) (Version: 4.0.19.0 - Autodesk)
Autodesk Material Library Base Resolution Image Library 2014 (HKLM-x32\...\{51BF3210-B825-4092-8E0D-66D689916E02}) (Version: 4.0.19.0 - Autodesk)
Autodesk Material Library Low Resolution Image Library 2014 (HKLM-x32\...\{5C29CC1F-218F-4C30-948A-11066CAC59FB}) (Version: 4.0.19.0 - Autodesk)
Autodesk Material Library Medium Resolution Image Library 2014 (HKLM-x32\...\{A0633D4E-5AF2-4E3E-A70A-FE9C2BD8A958}) (Version: 4.0.19.0 - Autodesk)
Autodesk Network License Manager (HKLM\...\{4BE91685-1632-47FC-B563-A8A542C6664C}) (Version: 11.11.0 - Autodesk)
Autodesk ReCap (HKLM\...\Autodesk ReCap) (Version: 1.0.43.13 - Autodesk)
Autodesk ReCap (Version: 1.0.43.13 - Autodesk) Hidden
Autodesk ReCap Language Pack-English (Version: 1.0.43.13 - Autodesk) Hidden
Autodesk Revit 2014 (HKLM\...\Autodesk Revit 2014) (Version: 13.07.22211 - Autodesk)
Autodesk Workflows 2014 (HKLM\...\{11672AB2-3D48-4D38-9123-719E5FF93333}) (Version: 4.0.19.0 - Autodesk, Inc.)
Blender (HKLM\...\Blender) (Version: 2.69 - Blender Foundation)
Bonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 - Apple Inc.)
Broadcom 802.11 Network Adapter (HKLM\...\Broadcom 802.11 Network Adapter) (Version: 6.30.95.48 - Broadcom Corporation)
Brother MFL-Pro Suite MFC-J6910DW (HKLM-x32\...\{17795164-3BC1-4D4F-8ADA-65C895EBFC9A}) (Version: 2.0.0.0 - Brother Industries, Ltd.)
Classic Shell (HKLM\...\{2368907C-E8F6-4750-A023-254C3E2B5E8D}) (Version: 4.0.4 - IvoSoft)
Climate Consultant 5.5 version build 2 (HKLM-x32\...\Climate Consultant 5.5_is1) (Version: build 2 - )
CyberLink LabelPrint 2.5 (HKLM-x32\...\InstallShield_{C59C179C-668D-49A9-B6EA-0121CCFC1243}) (Version: 2.5.5415 - CyberLink Corp.)
CyberLink LabelPrint 2.5 (x32 Version: 2.5.5415 - CyberLink Corp.) Hidden
CyberLink Power2Go (HKLM-x32\...\InstallShield_{40BF1E83-20EB-11D8-97C5-0009C5020658}) (Version: 7.0.0.3625 - CyberLink Corp.)
CyberLink Power2Go (x32 Version: 7.0.0.3625 - CyberLink Corp.) Hidden
D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
DNAMigrator (x32 Version: 14.0.0.238 - Total Defense, Inc.) Hidden
Dropbox (HKCU\...\Dropbox) (Version: 2.6.2 - Dropbox, Inc.)
ETDWare PS/2-X64 11.5.8.3_WHQL (HKLM\...\Elantech) (Version: 11.5.8.3 - ELAN Microelectronic Corp.)
FARO LS 1.1.501.0 (64bit) (HKLM-x32\...\{8A470330-70B2-49AD-86AF-79885EF9898A}) (Version: 5.1.0.30630 - FARO Scanner Production)
Galería de fotos (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Galerie de photos (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
GeForce Experience NvStream Client Components (Version: 1.6.28 - NVIDIA Corporation) Hidden
Genesys USB Mass Storage Device (HKLM-x32\...\{959B7F35-2819-40C5-A0CD-3C53B5FCC935}) (Version: 4.3.0.3 - Genesys Logic)
Google Chrome (HKLM-x32\...\{CBD486B9-01C2-3412-8BAA-1C20A5A58EAC}) (Version: 65.130.49209 - Google, Inc.)
Google Earth (HKLM-x32\...\{4D2A6330-2F8B-11E3-9C40-B8AC6F97B88E}) (Version: 7.1.2.2041 - Google)
Google Update Helper (x32 Version: 1.3.23.9 - Google Inc.) Hidden
HIPS (Version: 13.0.0.383 - Total Defense, Inc.) Hidden
Intel® Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 9.0.0.1323 - Intel Corporation)
Intel® Trusted Connect Service Client (Version: 1.27.798.1 - Intel Corporation) Hidden
iTunes (HKLM\...\{B8BA155B-1E75-405F-9CB4-8A99615D09DC}) (Version: 11.1.5.5 - Apple Inc.)
Java 7 Update 25 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F86417025FF}) (Version: 7.0.250 - Oracle)
Java 7 Update 51 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83217025FF}) (Version: 7.0.510 - Oracle)
Java Auto Updater (x32 Version: 2.1.9.8 - Sun Microsystems, Inc.) Hidden
Last.fm Scrobbler 2.1.36 (HKLM-x32\...\LastFM_is1) (Version:  - Last.fm)
Malwarebytes Anti-Malware version 1.75.0.1300 (HKLM-x32\...\Malwarebytes' Anti-Malware_is1) (Version: 1.75.0.1300 - Malwarebytes Corporation)
Microsoft Application Error Reporting (Version: 12.0.6015.5000 - Microsoft Corporation) Hidden
Microsoft Office Home and Business 2013 - en-us (HKLM\...\HomeBusinessRetail - en-us) (Version: 15.0.4569.1508 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.30214.0 - Microsoft Corporation)
Microsoft SkyDrive (HKCU\...\SkyDriveSetup.exe) (Version: 16.4.6012.0828 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{071c9b48-7c32-4621-a0ac-3f809523288f}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}) (Version: 8.0.59192 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 x64 ATL Runtime 9.0.30729 (x32 Version: 9.0.30729 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2008 x64 CRT Runtime 9.0.30729 (x32 Version: 9.0.30729 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2008 x64 MFC Runtime 9.0.30729 (x32 Version: 9.0.30729 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2008 x64 OpenMP Runtime 9.0.30729 (x32 Version: 9.0.30729 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2008 x86 ATL Runtime 9.0.30729 (x32 Version: 9.0.30729 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2008 x86 CRT Runtime 9.0.30729 (x32 Version: 9.0.30729 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2008 x86 MFC Runtime 9.0.30729 (x32 Version: 9.0.30729 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2008 x86 OpenMP Runtime 9.0.30729 (x32 Version: 9.0.30729 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft_VC80_CRT_x86 (x32 Version: 8.0.50727.4053 - Adobe) Hidden
Microsoft_VC90_CRT_x86 (x32 Version: 1.00.0000 - Adobe) Hidden
Movie Maker (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Mozilla Firefox 28.0 (x86 en-US) (HKLM-x32\...\Mozilla Firefox 28.0 (x86 en-US)) (Version: 28.0 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 28.0 - Mozilla)
MSVCRT (x32 Version: 15.4.2862.0708 - Microsoft) Hidden
MSVCRT110 (x32 Version: 16.4.1108.0727 - Microsoft) Hidden
MSVCRT110_amd64 (Version: 16.4.1109.0912 - Microsoft) Hidden
MSXML 4.0 SP3 Parser (HKLM-x32\...\{196467F1-C11F-4F76-858B-5812ADC83B94}) (Version: 4.30.2100.0 - Microsoft Corporation)
MSXML 4.0 SP3 Parser (KB2758694) (HKLM-x32\...\{1D95BA90-F4F8-47EC-A882-441C99D30C1E}) (Version: 4.30.2117.0 - Microsoft Corporation)
MyBitCast 2.0 (HKLM-x32\...\MyBitCast) (Version: 2.0 - ASUS)
netfabb Basic (HKLM-x32\...\netfabb_51) (Version:  - netfabb GmbH)
Nuance PaperPort 12 (HKLM-x32\...\{6C0A559F-8583-4B5A-8B50-20BEE15D8E64}) (Version: 12.1.0000 - Nuance Communications, Inc.)
Nuance PDF Viewer Plus (HKLM-x32\...\{28656860-4728-433C-8AD4-D1A930437BC8}) (Version: 5.30.3290 - Nuance Communications, Inc)
NVIDIA Control Panel 331.65 (Version: 331.65 - NVIDIA Corporation) Hidden
NVIDIA GeForce Experience 1.8.2 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 1.8.2 - NVIDIA Corporation)
NVIDIA HD Audio Driver 1.3.26.4 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.26.4 - NVIDIA Corporation)
NVIDIA Install Application (Version: 2.1002.142.992 - NVIDIA Corporation) Hidden
NVIDIA LED Visualizer 1.0 (Version: 1.0 - NVIDIA Corporation) Hidden
NVIDIA Network Service (Version: 1.0 - NVIDIA Corporation) Hidden
NVIDIA Optimus Update 11.10.11 (Version: 11.10.11 - NVIDIA Corporation) Hidden
NVIDIA PhysX (x32 Version: 9.13.0725 - NVIDIA Corporation) Hidden
NVIDIA PhysX System Software 9.13.0725 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.13.0725 - NVIDIA Corporation)
NVIDIA ShadowPlay 11.10.11 (Version: 11.10.11 - NVIDIA Corporation) Hidden
NVIDIA Update 11.10.11 (Version: 11.10.11 - NVIDIA Corporation) Hidden
NVIDIA Update Core (Version: 11.10.11 - NVIDIA Corporation) Hidden
NVIDIA Virtual Audio 1.2.20 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_VirtualAudio.Driver) (Version: 1.2.20 - NVIDIA Corporation)
Office 15 Click-to-Run Extensibility Component (x32 Version: 15.0.4569.1508 - Microsoft Corporation) Hidden
Office 15 Click-to-Run Licensing Component (Version: 15.0.4569.1508 - Microsoft Corporation) Hidden
Office 15 Click-to-Run Localization Component (x32 Version: 15.0.4569.1508 - Microsoft Corporation) Hidden
PaperPort Image Printer 64-bit (HKLM\...\{715CAACC-579B-4831-A5F4-A83A8DE3EFE2}) (Version: 1.00.0001 - Nuance Communications, Inc.)
PDF Settings CS6 (x32 Version: 11.0 - Adobe Systems Incorporated) Hidden
Pepakura Designer 3 (HKLM-x32\...\pepakura_designer3en) (Version:  - TamaSoftware)
Photo Common (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Photo Gallery (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Qualcomm Atheros Communications Inc.® AR81Family Gigabit/Fast Ethernet Driver (HKLM-x32\...\{3108C217-BE83-42E4-AE9E-A56A2A92E549}) (Version: 2.1.0.13 - Qualcomm Atheros Communications Inc.)
QuickTime 7 (HKLM-x32\...\{111EE7DF-FC45-40C7-98A7-753AC46B12FB}) (Version: 7.75.80.95 - Apple Inc.)
Rainmeter (HKLM-x32\...\Rainmeter) (Version: 3.0.2 r2161 - )
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6870 - Realtek Semiconductor Corp.)
Revit 2014 (Version: 13.07.22211 - Autodesk) Hidden
Revit 2014 Language Pack - English (Version: 13.07.22211 - Autodesk) Hidden
Rhinoceros 5 (64-bit) (HKLM\...\{24757FE9-C7F6-4F87-9024-062BD4CFF0CA}) (Version: 5.8.40305.11495 - Robert McNeel & Associates)
Rhinoceros 5 (HKLM-x32\...\{D8C51D93-9F5A-442D-A557-F5832ACF3314}) (Version: 5.7.31213.18395 - Robert McNeel & Associates)
Rhinoceros 5 Help Media (HKLM-x32\...\{60CEB140-F864-4994-8506-904A517A3310}) (Version: 5.2.30222.18095 - Robert McNeel & Associates)
Rhinoceros 5 Language Pack Installer (en-US) (HKLM-x32\...\{1C08E7B1-D5A8-4BED-ACEB-0219C36C4CAF}) (Version: 5.5.30717.16015 - Robert McNeel & Associates)
Rhinoceros 5 Language Pack Installer (fr-FR) (HKLM-x32\...\{A9957C6B-8932-4ED7-8232-02B9B5641AE6}) (Version: 5.2.30227.18515 - Robert McNeel & Associates)
Scansoft PDF Professional (x32 Version:  - ) Hidden
Shared C Run-time for x64 (HKLM\...\{EF79C448-6946-4D71-8134-03407888C054}) (Version: 10.0.0 - McAfee)
SHIELD Streaming (Version: 1.7.306 - NVIDIA Corporation) Hidden
SketchUp Import for AutoCAD 2014 (HKLM-x32\...\{644E9589-F73A-49A4-AC61-A953B9DE5669}) (Version: 1.1.0 - Autodesk)
swMSM (x32 Version: 12.0.0.1 - Adobe Systems, Inc) Hidden
Total Defense Internet Security Suite (HKLM\...\eTrust Suite Personal) (Version: 9.0.0.26 - Total Defense, Inc.)
UltraUXThemePatcher (HKLM-x32\...\UltraUXThemePatcher) (Version: 2.2.0.0 - Manuel Hoefs (Zottel))
UxStyle (HKLM-x32\...\{05560347-3a9b-4644-a8ed-8b64cc947189}) (Version: 0.2.3.0 - The Within Network, LLC)
UxStyle (Version: 0.2.3.0 - The Within Network, LLC) Hidden
Visual C++ 2008 - x64 (KB958357) - v9.0.30729.177 (HKLM-x32\...\{6DA2B636-698A-3294-BF4A-B5E11B238CDD}.KB958357) (Version: 9.0.30729.177 - Microsoft Corporation)
Visual C++ 2008 - x64 (KB958357) - v9.0.30729.177 (HKLM-x32\...\{8CCEA24C-51AE-3B71-9092-7D0C44DDA2DF}.KB958357) (Version: 9.0.30729.177 - Microsoft Corporation)
Visual C++ 2008 - x64 (KB958357) - v9.0.30729.177 (HKLM-x32\...\{C3A57BB3-9AA6-3F6F-9395-6C062BDD5FC4}.KB958357) (Version: 9.0.30729.177 - Microsoft Corporation)
Visual C++ 2008 - x64 (KB958357) - v9.0.30729.177 (HKLM-x32\...\{F6F09DD8-F39B-3A16-ADB9-C9E6B56903F9}.KB958357) (Version: 9.0.30729.177 - Microsoft Corporation)
Visual C++ 2008 - x86 (KB958357) - v9.0.30729.177 (HKLM-x32\...\{04B34E21-5BEE-3D2B-8D3D-E3E80D253F64}.KB958357) (Version: 9.0.30729.177 - Microsoft Corporation)
Visual C++ 2008 - x86 (KB958357) - v9.0.30729.177 (HKLM-x32\...\{14866AAD-1F23-39AC-A62B-7091ED1ADE64}.KB958357) (Version: 9.0.30729.177 - Microsoft Corporation)
Visual C++ 2008 - x86 (KB958357) - v9.0.30729.177 (HKLM-x32\...\{4B90093A-5D9C-3956-8ABB-95848BE6EFAD}.KB958357) (Version: 9.0.30729.177 - Microsoft Corporation)
Visual C++ 2008 - x86 (KB958357) - v9.0.30729.177 (HKLM-x32\...\{B42E259C-E4D4-37F1-A1B2-EB9C4FC5A04D}.KB958357) (Version: 9.0.30729.177 - Microsoft Corporation)
VisualCAD/CAM 2014 (64 Bit) (HKLM\...\{858A8CF2-9BD0-4EEB-9C81-E4CC6E34ABE6}) (Version: 1.0.44 - MecSoft Corporation)
VLC media player 2.1.3 (HKLM-x32\...\VLC media player) (Version: 2.1.3 - VideoLAN)
V-Ray for Rhinoceros 5 x64 edu (HKLM-x32\...\V-Ray for Rhinoceros 5 x64 edu 1.50.22564) (Version: 1.50.22564 - Chaos Software, Ltd)
WibuKey Setup (WibuKey Remove) (HKLM\...\{00060000-0000-1004-8002-0000C06B5161}) (Version: Version 6.00d of 2011-Sep-22 (Build 138) (Setup) - WIBU-SYSTEMS AG)
WIDCOMM Bluetooth Software (HKLM\...\{C6D9ED03-6FCF-4410-9CB7-45CA285F9E11}) (Version: 12.0.0.6200 - Broadcom Corporation)
Windows Live (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Windows Live Communications Platform (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 16.4.3505.0912 - Microsoft Corporation)
Windows Live Essentials (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Windows Live Installer (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Windows Live Photo Common (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Windows Live PIMT Platform (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Windows Live SOXE (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Windows Live SOXE Definitions (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Windows Live UX Platform (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Windows Live UX Platform Language Pack (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Windows Live 程式集 (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Windows Live 软件包 (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
WinFlash (HKLM-x32\...\{8F21291E-0444-4B1D-B9F9-4370A73E346D}) (Version: 2.42.0 - ASUS)
World Machine 2.3 Basic Edition (HKLM-x32\...\World Machine2Basic) (Version:  - )
影像中心 (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
照片库 (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden

==================== Restore Points  =========================

18-03-2014 05:04:36 OTL Restore Point - 18/03/14 01:04:28
26-03-2014 00:02:04 Scheduled Checkpoint
02-04-2014 22:15:03 Scheduled Checkpoint

==================== Hosts content: ==========================

2013-08-22 09:25 - 2013-08-22 09:25 - 00000824 ____A C:\WINDOWS\system32\Drivers\etc\hosts

==================== Scheduled Tasks (whitelisted) =============

Task: {05293577-D647-4185-B859-C94839A0B2E3} - System32\Tasks\Microsoft\Windows\SettingSync\NetworkStateChangeTask
Task: {06689DE2-6CA0-4D9E-B942-DA4D6EE692A1} - System32\Tasks\Microsoft Office 15 Sync Maintenance for ARCHITECTURE-Shanne Architecture => C:\Program Files\Microsoft Office 15\Root\Office15\MsoSync.exe [2014-03-19] (Microsoft Corporation)
Task: {0B545118-B563-42FC-8D07-B78F602FCF34} - System32\Tasks\Microsoft\Windows\WS\WSRefreshBannedAppsListTask => Rundll32.exe WSClient.dll,RefreshBannedAppsList
Task: {0DDC6E51-F067-40B2-90F0-A1277F69B8C1} - System32\Tasks\ASUS P4G => C:\Program Files\ASUS\P4G\BatteryLife.exe [2012-08-24] (ASUS)
Task: {19066B9A-3BD8-4B04-AC75-BE283E043D3C} - System32\Tasks\ASUS Splendid ColorU => C:\Program Files (x86)\ASUS\Splendid\ColorUService.exe [2013-02-26] (ASUSTeK Computer Inc.)
Task: {1A343ED9-E586-4EF1-B09D-2E23E3B6646A} - System32\Tasks\AdobeAAMUpdater-1.0-MicrosoftAccount-Shanne.stines@LIVE.CA => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [2012-09-20] (Adobe Systems Incorporated)
Task: {1B5F1395-952B-4E6B-B369-3266CB0FEBC3} - System32\Tasks\AsusVibeSchedule => C:\Program Files (x86)\Asus\AsusVibe\AsusVibeLauncher.exe [2013-01-04] ()
Task: {2085BF56-520D-4951-B7C0-DF34AF90CC6A} - System32\Tasks\Microsoft\Windows\Sysmain\WsSwapAssessmentTask => Rundll32.exe sysmain.dll,PfSvWsSwapAssessmentTask
Task: {2C9C0C6C-2A74-46F2-858A-4389D253EAD0} - System32\Tasks\Microsoft\Windows\Sysmain\HybridDriveCachePrepopulate
Task: {352E6CA0-7314-4DF4-89C4-682368D80D57} - System32\Tasks\Microsoft\Windows\Workplace Join\Automatic-Workplace-Join => C:\Windows\System32\AutoWorkplace.exe [2013-08-22] (Microsoft Corporation)
Task: {3B6D8A73-F20B-4C93-B8FB-56A154F172D2} - System32\Tasks\Microsoft\Windows\Time Zone\SynchronizeTimeZone => C:\Windows\system32\tzsync.exe [2013-08-22] (Microsoft Corporation)
Task: {42A5D0C7-2616-4F0A-A7FF-F2216D3E4AC3} - System32\Tasks\Microsoft\Windows\RemovalTools\MRT_HB => C:\WINDOWS\system32\MRT.exe [2014-03-20] (Microsoft Corporation)
Task: {49754026-21E1-41FC-94FD-727AFE414FE7} - System32\Tasks\Microsoft\Windows\Sysmain\HybridDriveCacheRebalance
Task: {54AFDAB9-23DC-42A6-AA08-292526925B90} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2014-03-11] (Adobe Systems Incorporated)
Task: {5A5C55DF-D966-45AD-9C40-99005085C2D7} - System32\Tasks\ASUS Live Update2 => C:\Program Files (x86)\ASUS\ASUS Live Update\LiveUpdate.exe [2013-03-20] (ASUSTeK Computer Inc.)
Task: {6222F750-9829-443B-AAC2-D45079B1192E} - System32\Tasks\ASUS Live Update1 => C:\Program Files (x86)\ASUS\ASUS Live Update\LiveUpdate.exe [2013-03-20] (ASUSTeK Computer Inc.)
Task: {67077058-A660-4783-8019-095C26D7F1DE} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2011-06-01] (Apple Inc.)
Task: {6AA91E8C-DDBD-4979-8464-4062F7681A19} - System32\Tasks\Microsoft\Windows\Plug and Play\Plug and Play Cleanup
Task: {6DFCB649-0769-4F83-BB10-F60F235F6D3D} - System32\Tasks\Microsoft\Windows\SkyDrive\Idle Sync Maintenance Task
Task: {73B1B253-CE67-4501-AE1A-377DD1D68B65} - System32\Tasks\Microsoft\Windows\Application Experience\StartupAppTask => Rundll32.exe Startupscan.dll,SusRunTask
Task: {77F1D869-6E65-4079-A2A0-E2023408EF97} - System32\Tasks\Microsoft\Windows\ApplicationData\CleanupTemporaryState => Rundll32.exe Windows.Storage.ApplicationData.dll,CleanupTemporaryState
Task: {872D0E53-FD2E-41E3-B431-698AF82882CE} - System32\Tasks\Microsoft\Windows\SkyDrive\Routine Maintenance Task
Task: {8CC813C9-712A-41EF-9512-B233444FC669} - System32\Tasks\Microsoft\Windows\AppxDeploymentClient\Pre-staged app cleanup => Rundll32.exe %windir%\system32\AppxDeploymentClient.dll,AppxPreStageCleanupRunTask
Task: {944788F3-1521-4997-B661-B2E1AD81B279} - System32\Tasks\Microsoft\Office\Office Automatic Updates => C:\Program Files\Microsoft Office 15\ClientX64\OfficeC2RClient.exe [2013-12-17] (Microsoft Corporation)
Task: {9FF4C139-5234-410C-B7FA-23EE2FD2AB53} - System32\Tasks\Microsoft\Windows\Work Folders\Work Folders Maintenance Work
Task: {A26263E4-A98A-404B-BD82-BE42F65B8938} - System32\Tasks\ASUS USB Charger Plus => C:\Program Files (x86)\ASUS\USBChargerPlus\USBChargerPlus.exe [2012-09-18] (ASUSTek Computer Inc.)
Task: {A7D009B2-6444-488E-9F21-AED2D3FED291} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2013-08-20] (Google Inc.)
Task: {AEDC2B3A-6D32-4948-875B-318FCE08E61A} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2013-08-20] (Google Inc.)
Task: {B8E3100B-4F3B-495F-ACF4-5675712AAD34} - System32\Tasks\ASUS Splendid ACMON => C:\Program Files (x86)\ASUS\Splendid\ACMON.exe [2012-11-28] (ASUS)
Task: {CFD7C21A-808B-487B-A6EC-8A10E44E8360} - System32\Tasks\Microsoft\Windows\SettingSync\BackupTask
Task: {D88FEC9E-A82A-46F9-87E2-B6B97B301C1A} - System32\Tasks\Microsoft\Windows\WS\License Validation => Rundll32.exe WSClient.dll,WSpTLR licensing
Task: {DA46820F-FF8A-4B5E-A6B2-B12185DCFFFB} - System32\Tasks\Microsoft\Windows\Work Folders\Work Folders Logon Synchronization
Task: {E6D378FA-E068-4BCB-80DE-56D43A249507} - System32\Tasks\Microsoft\Windows\RecoveryEnvironment\VerifyWinRE
Task: C:\WINDOWS\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

==================== Loaded Modules (whitelisted) =============

2013-03-10 13:17 - 2013-03-10 13:17 - 00049368 _____ () C:\Program Files\WIDCOMM\Bluetooth Software\btwleapi.dll
2013-10-10 00:44 - 2013-10-10 00:44 - 01128448 _____ () C:\Program Files\Total Defense\Internet Security Suite\log4cplusU.dll
2014-03-19 00:13 - 2013-10-31 17:13 - 00102568 _____ () C:\Program Files\Microsoft Office 15\ClientX64\ApiClient.dll
2013-08-19 20:33 - 2014-01-02 18:41 - 00621736 _____ () C:\Program Files\Microsoft Office 15\ClientX64\StreamServer.dll
2013-09-02 11:06 - 2010-03-15 19:04 - 00143360 ____N () C:\WINDOWS\system32\BrSNMP64.dll
2011-02-24 14:36 - 2011-02-24 14:36 - 01041488 _____ () C:\Program Files\CA\SharedComponents\TMEngine\KnownApps.dll
2011-03-14 15:41 - 2011-03-14 15:41 - 00845392 _____ () C:\Program Files\CA\SharedComponents\TMEngine\WindowsUserIdentity.dll
2013-10-15 16:54 - 2012-12-06 13:55 - 00212992 _____ () C:\ProgramData\ASGVIS\Dongle Utilities\startvrlservice.exe
2013-10-10 00:45 - 2013-10-10 00:44 - 00265736 _____ () C:\Windows\SysWOW64\cfgmig32.exe
2013-10-15 16:54 - 2012-06-12 13:53 - 01659904 _____ () C:\ProgramData\ASGVIS\Dongle Utilities\vrlservice.exe
2013-11-27 23:34 - 2013-10-23 04:20 - 00102176 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax64.dll
2012-08-24 20:26 - 2012-08-24 20:26 - 00031360 _____ () C:\Program Files\ASUS\P4G\DevMng.dll
2013-10-10 00:44 - 2013-10-10 00:44 - 01139208 _____ () C:\Program Files\Total Defense\Internet Security Suite\SQLite3.dll
2013-05-25 01:00 - 2013-03-14 05:46 - 00040960 _____ () C:\Windows\SysWOW64\UMonit64.exe
2013-10-29 16:45 - 2013-10-29 16:45 - 00036536 _____ () C:\Program Files\Rainmeter\Rainmeter.exe
2013-10-29 16:45 - 2013-10-29 16:45 - 00798392 _____ () C:\Program Files\Rainmeter\Rainmeter.dll
2013-10-29 16:41 - 2013-10-29 16:41 - 00058880 _____ () C:\Program Files\Rainmeter\Plugins\WebParser.dll
2013-10-29 16:41 - 2013-10-29 16:41 - 00011776 _____ () C:\Program Files\Rainmeter\Plugins\RecycleManager.dll
2013-10-29 16:44 - 2013-10-29 16:44 - 00368640 _____ () C:\Program Files\Rainmeter\Plugins\NowPlaying.DLL
2014-01-20 14:17 - 2014-01-20 14:17 - 00073544 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll
2014-01-20 14:16 - 2014-01-20 14:16 - 01044808 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll
2013-05-25 00:56 - 2013-04-11 18:30 - 01199576 _____ () C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\ACE.dll
2014-04-04 00:31 - 2014-04-04 00:31 - 00041984 _____ () c:\users\shanne\appdata\local\temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmpgmpko7.dll
2013-10-18 19:55 - 2013-10-18 19:55 - 25100288 _____ () C:\Users\Shanne\AppData\Roaming\Dropbox\bin\libcef.dll
2013-09-02 11:06 - 2009-02-27 16:38 - 00139264 ____R () C:\Program Files (x86)\Brother\BrUtilities\BrLogAPI.dll
2012-05-24 21:19 - 2012-05-24 21:19 - 00627216 _____ () C:\Program Files (x86)\CyberLink\Power2Go\CLMediaLibrary.dll
2011-03-09 17:21 - 2011-03-09 17:21 - 00013096 _____ () C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvcPS.dll
2014-03-29 14:57 - 2014-03-29 14:57 - 03642480 _____ () C:\Program Files (x86)\Mozilla Firefox\mozjs.dll

==================== Alternate Data Streams (whitelisted) =========

AlternateDataStreams: C:\Users\Shanne\SkyDrive:ms-properties

==================== Safe Mode (whitelisted) ===================


==================== Disabled items from MSCONFIG ==============

MSCONFIG\Services: CLKMSVC10_38F51D56 => 2
MSCONFIG\Services: McAWFwk => 3
MSCONFIG\Services: mcmscsvc => 2
MSCONFIG\Services: McNaiAnn => 2
MSCONFIG\Services: McNASvc => 2
MSCONFIG\Services: McODS => 3
MSCONFIG\Services: McOobeSv => 2
MSCONFIG\Services: McProxy => 2
MSCONFIG\Services: MSK80Service => 2

==================== Faulty Device Manager Devices =============


==================== Event log errors: =========================

Application errors:
==================
Error: (04/03/2014 02:14:25 AM) (Source: Application Error) (User: )
Description: Faulting application name: explorer.exe, version: 6.3.9600.16441, time stamp: 0x5265dec8
Faulting module name: QtCore_Ad_SyncNs_4.dll_unloaded, version: 4.8.2.0, time stamp: 0x50d3fca7
Exception code: 0xc0000005
Fault offset: 0x00000000000265fe
Faulting process id: 0x1cb34
Faulting application start time: 0xexplorer.exe0
Faulting application path: explorer.exe1
Faulting module path: explorer.exe2
Report Id: explorer.exe3
Faulting package full name: explorer.exe4
Faulting package-relative application ID: explorer.exe5

Error: (04/03/2014 00:04:43 AM) (Source: Application Error) (User: )
Description: Faulting application name: Illustrator.exe, version: 16.0.3.691, time stamp: 0x50bb2f51
Faulting module name: Art Style.aip, version: 15.0.128.0, time stamp: 0x509ad270
Exception code: 0xc0000005
Fault offset: 0x00040787
Faulting process id: 0x1ee30
Faulting application start time: 0xIllustrator.exe0
Faulting application path: Illustrator.exe1
Faulting module path: Illustrator.exe2
Report Id: Illustrator.exe3
Faulting package full name: Illustrator.exe4
Faulting package-relative application ID: Illustrator.exe5

Error: (04/03/2014 00:03:57 AM) (Source: Application Error) (User: )
Description: Faulting application name: Explorer.EXE, version: 6.3.9600.16441, time stamp: 0x5265dec8
Faulting module name: QtCore_Ad_SyncNs_4.dll_unloaded, version: 4.8.2.0, time stamp: 0x50d3fca7
Exception code: 0xc0000005
Fault offset: 0x00000000000265fe
Faulting process id: 0x1398
Faulting application start time: 0xExplorer.EXE0
Faulting application path: Explorer.EXE1
Faulting module path: Explorer.EXE2
Report Id: Explorer.EXE3
Faulting package full name: Explorer.EXE4
Faulting package-relative application ID: Explorer.EXE5

Error: (04/02/2014 06:25:01 PM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "FARO.LS,processorArchitecture="x86",publicKeyToken="1d23f5635ba800ab",type="win32",version="1.1.408.2"1".
Dependent Assembly FARO.LS,processorArchitecture="x86",publicKeyToken="1d23f5635ba800ab",type="win32",version="1.1.408.2" could not be found.
Please use sxstrace.exe for detailed diagnosis.

Error: (04/02/2014 06:19:25 PM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "FARO.LS,processorArchitecture="x86",publicKeyToken="1d23f5635ba800ab",type="win32",version="1.1.408.2"1".
Dependent Assembly FARO.LS,processorArchitecture="x86",publicKeyToken="1d23f5635ba800ab",type="win32",version="1.1.408.2" could not be found.
Please use sxstrace.exe for detailed diagnosis.

Error: (04/02/2014 04:21:26 PM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 1157

Error: (04/02/2014 04:21:26 PM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 1157

Error: (04/02/2014 04:21:26 PM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second

Error: (04/02/2014 01:29:37 PM) (Source: Application Error) (User: )
Description: Faulting application name: SearchIndexer.exe, version: 7.0.9600.16384, time stamp: 0x5215d4c4
Faulting module name: MSSRCH.DLL, version: 7.0.9600.16384, time stamp: 0x5215d425
Exception code: 0xc0000005
Fault offset: 0x0000000000006dbe
Faulting process id: 0x1444
Faulting application start time: 0xSearchIndexer.exe0
Faulting application path: SearchIndexer.exe1
Faulting module path: SearchIndexer.exe2
Report Id: SearchIndexer.exe3
Faulting package full name: SearchIndexer.exe4
Faulting package-relative application ID: SearchIndexer.exe5

Error: (04/02/2014 00:37:15 AM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "FARO.LS,processorArchitecture="x86",publicKeyToken="1d23f5635ba800ab",type="win32",version="1.1.408.2"1".
Dependent Assembly FARO.LS,processorArchitecture="x86",publicKeyToken="1d23f5635ba800ab",type="win32",version="1.1.408.2" could not be found.
Please use sxstrace.exe for detailed diagnosis.


System errors:
=============
Error: (04/04/2014 00:41:58 AM) (Source: Microsoft-Windows-WindowsUpdateClient) (User: NT AUTHORITY)
Description: Installation Failure: Windows failed to install the following update with error 0x80070490: Microsoft.WinJS.2.0.

Error: (04/03/2014 08:49:43 PM) (Source: Microsoft-Windows-WindowsUpdateClient) (User: NT AUTHORITY)
Description: Installation Failure: Windows failed to install the following update with error 0x80070490: Microsoft.WinJS.2.0.

Error: (04/03/2014 08:05:33 PM) (Source: Microsoft-Windows-WindowsUpdateClient) (User: NT AUTHORITY)
Description: Installation Failure: Windows failed to install the following update with error 0x80070490: Microsoft.WinJS.2.0.

Error: (04/03/2014 07:22:59 PM) (Source: Microsoft-Windows-WindowsUpdateClient) (User: NT AUTHORITY)
Description: Installation Failure: Windows failed to install the following update with error 0x80070490: Microsoft.WinJS.2.0.

Error: (04/03/2014 06:59:55 PM) (Source: Microsoft-Windows-WindowsUpdateClient) (User: NT AUTHORITY)
Description: Installation Failure: Windows failed to install the following update with error 0x80070490: Microsoft.WinJS.2.0.

Error: (04/03/2014 06:30:16 PM) (Source: Microsoft-Windows-WindowsUpdateClient) (User: NT AUTHORITY)
Description: Installation Failure: Windows failed to install the following update with error 0x80070490: Microsoft.WinJS.2.0.

Error: (04/03/2014 04:57:56 PM) (Source: Microsoft-Windows-WindowsUpdateClient) (User: NT AUTHORITY)
Description: Installation Failure: Windows failed to install the following update with error 0x80070002: Microsoft.BingTravel.

Error: (04/03/2014 04:57:49 PM) (Source: Microsoft-Windows-WindowsUpdateClient) (User: NT AUTHORITY)
Description: Installation Failure: Windows failed to install the following update with error 0x80070002: Microsoft.BingHealthAndFitness.

Error: (04/03/2014 04:57:49 PM) (Source: Microsoft-Windows-WindowsUpdateClient) (User: NT AUTHORITY)
Description: Installation Failure: Windows failed to install the following update with error 0x80070490: Microsoft.WinJS.2.0.

Error: (04/03/2014 04:15:26 PM) (Source: Microsoft-Windows-WindowsUpdateClient) (User: NT AUTHORITY)
Description: Installation Failure: Windows failed to install the following update with error 0x80070002: Microsoft.BingTravel.


Microsoft Office Sessions:
=========================
Error: (04/03/2014 02:14:25 AM) (Source: Application Error)(User: )
Description: explorer.exe6.3.9600.164415265dec8QtCore_Ad_SyncNs_4.dll_unloaded4.8.2.050d3fca7c000000500000000000265fe1cb3401cf4ef1bd7f0a27C:\WINDOWS\explorer.exeQtCore_Ad_SyncNs_4.dll3445492a-baf7-11e3-becb-6c71d953d0aa

Error: (04/03/2014 00:04:43 AM) (Source: Application Error)(User: )
Description: Illustrator.exe16.0.3.69150bb2f51Art Style.aip15.0.128.0509ad270c0000005000407871ee3001cf4eeb2a60726bC:\Program Files (x86)\Adobe\Adobe Illustrator CS6\Support Files\Contents\Windows\Illustrator.exeC:\Program Files (x86)\Adobe\Adobe Illustrator CS6\Plug-ins\Extensions\Art Style.aip1573a874-bae5-11e3-becb-6c71d953d0aa

Error: (04/03/2014 00:03:57 AM) (Source: Application Error)(User: )
Description: Explorer.EXE6.3.9600.164415265dec8QtCore_Ad_SyncNs_4.dll_unloaded4.8.2.050d3fca7c000000500000000000265fe139801cf4e9912fc2ef2C:\WINDOWS\Explorer.EXEQtCore_Ad_SyncNs_4.dllfa077cf4-bae4-11e3-becb-6c71d953d0aa

Error: (04/02/2014 06:25:01 PM) (Source: SideBySide)(User: )
Description: FARO.LS,processorArchitecture="x86",publicKeyToken="1d23f5635ba800ab",type="win32",version="1.1.408.2"c:\program files\Autodesk\revit 2014\FaroImporter.exe

Error: (04/02/2014 06:19:25 PM) (Source: SideBySide)(User: )
Description: FARO.LS,processorArchitecture="x86",publicKeyToken="1d23f5635ba800ab",type="win32",version="1.1.408.2"c:\program files\Autodesk\revit 2014\FaroImporter.exe

Error: (04/02/2014 04:21:26 PM) (Source: Bonjour Service)(User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 1157

Error: (04/02/2014 04:21:26 PM) (Source: Bonjour Service)(User: )
Description: Task Scheduling Error: m->NextScheduledEvent 1157

Error: (04/02/2014 04:21:26 PM) (Source: Bonjour Service)(User: )
Description: Task Scheduling Error: Continuously busy for more than a second

Error: (04/02/2014 01:29:37 PM) (Source: Application Error)(User: )
Description: SearchIndexer.exe7.0.9600.163845215d4c4MSSRCH.DLL7.0.9600.163845215d425c00000050000000000006dbe144401cf4e991a7d2b3dC:\WINDOWS\system32\SearchIndexer.exeC:\WINDOWS\system32\MSSRCH.DLL5cb30206-ba8c-11e3-becb-6c71d953d0aa

Error: (04/02/2014 00:37:15 AM) (Source: SideBySide)(User: )
Description: FARO.LS,processorArchitecture="x86",publicKeyToken="1d23f5635ba800ab",type="win32",version="1.1.408.2"c:\program files\Autodesk\revit 2014\FaroImporter.exe


==================== Memory info ===========================

Percentage of memory in use: 26%
Total physical RAM: 12205.49 MB
Available physical RAM: 8953.98 MB
Total Pagefile: 14061.49 MB
Available Pagefile: 10285.88 MB
Total Virtual: 131072 MB
Available Virtual: 131071.78 MB

==================== Drives ================================

Drive c: (OS) (Fixed) (Total:279.11 GB) (Free:195.22 GB) NTFS ==>[System with boot components (obtained from reading drive)]
Drive d: (Data1) (Fixed) (Total:349.32 GB) (Free:346.37 GB) NTFS
Drive e: (Data2) (Fixed) (Total:349.32 GB) (Free:349.18 GB) NTFS
Drive f: (DATA) (Fixed) (Total:397.87 GB) (Free:397.73 GB) NTFS
Drive h: (My Passport) (Fixed) (Total:931.48 GB) (Free:425.18 GB) NTFS
Drive i: (SHANNE) (Removable) (Total:15.22 GB) (Free:12.81 GB) FAT32

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (Size: 699 GB) (Disk ID: 278DD091)

Partition: GPT Partition Type.

========================================================
Disk: 1 (Size: 699 GB) (Disk ID: 115DA0F7)

Partition: GPT Partition Type.

========================================================
Disk: 2 (MBR Code: Windows XP) (Size: 931 GB) (Disk ID: 00023F15)
Partition 1: (Not Active) - (Size=931 GB) - (Type=07 NTFS)

========================================================
Disk: 3 (MBR Code: Windows XP) (Size: 15 GB) (Disk ID: C3072E18)

Partition: GPT Partition Type.

==================== End Of Log ============================



#4 Tomk

Tomk

    Beguilement Monitor

  • Classroom Admin
  • 20,134 posts

Posted 04 April 2014 - 07:19 PM

Just a little straightening up.
 
Open notepad. Please copy the contents of the quote box below. To do this highlight the contents of the box and right click on it and select copy. Paste this into the open notepad. Save it  as fixlist.txt
 

start
SearchScopes: HKLM - DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = http://www.bing.com/...R&#38;pc=ASU2JS
SearchScopes: HKLM - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = http://www.bing.com/...R&#38;pc=ASU2JS
SearchScopes: HKCU - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
C:\ProgramData\SetStretch.exe
end

.

NOTE. It's important that both files, FRST/FRST64 and fixlist.txt are in the same location or the fix will not work.

NOTICE: This script was written specifically for this user, for use on that particular machine. Running this on another machine may cause damage to your operating system

Run FRST/FRST64 and press the Fix button just once and wait.
If for some reason the tool needs a restart, please make sure you let the system restart normally. After that let the tool complete its run.
When finished FRST will generate a log on the Desktop (Fixlog.txt). Please post it to your reply.

Tomk
------------------------------------------------------------

mvplogo1_zpsea7gtc7e.gif


WTT-Grad1.jpg

Topics are closed after 5 days without response
unite_blue_zpsbfd3cd98.png


#5 ClementZ

ClementZ

    Authentic Member

  • Authentic Member
  • PipPip
  • 98 posts

Posted 05 April 2014 - 11:53 AM

Fix result of Farbar Recovery Tool (FRST written by Farbar) (x64) Version: 13-03-2014
Ran by Shanne at 2014-04-05 13:54:24 Run:1
Running from C:\Users\Shanne\Desktop
Boot Mode: Normal
==============================================

Content of fixlist:
*****************
start
SearchScopes: HKLM - DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = http://www.bing.com/...R&#38;pc=ASU2JS
SearchScopes: HKLM - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = http://www.bing.com/...R&#38;pc=ASU2JS
SearchScopes: HKCU - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
C:\ProgramData\SetStretch.exe
end
*****************

HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => Error setting value.
HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} => Unable to delete key
HKCR\CLSID\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} => Key not found.
HKCU\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} => Key deleted successfully.
HKCR\CLSID\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} => Key not found.
C:\ProgramData\SetStretch.exe => Moved successfully.

==== End of Fixlog ====



#6 Tomk

Tomk

    Beguilement Monitor

  • Classroom Admin
  • 20,134 posts

Posted 05 April 2014 - 01:52 PM

Let's get an online scan.

 

ESET Online Scanner:

Note: You can use either Internet Explorer or Mozilla FireFox for this scan. You will however need to disable your current installed Anti-Virus, how to do so can be read here.

Vista users: You will need to to right-click on the either the IE or FF icon in the Start Menu or Quick Launch Bar on the Taskbar and select Run as Administrator from the context menu.
 

  • Please go here then click on: EOLS1.gif

    Note: If using Mozilla Firefox you will need to download esetsmartinstaller_enu.exe when prompted then double click on it to install.
    All of the below instructions are compatible with either Internet Explorer or Mozilla FireFox.

  • Select the option   YES, I accept the Terms of Use then click on: EOLS2.gif
  • When prompted allow the Add-On/Active X to install.
  • Make sure that the option Remove found threats is NOT checked, and the option Scan archives is  checked.
  • Now click on Advanced Settings and select the following:
    • Scan for potentially unwanted applications
    • Scan for potentially unsafe applications
    • Enable Anti-Stealth Technology
  • Now click on: EOLS3.gif
  • The virus signature database... will begin to download. Be patient this make take some time depending on the speed of your Internet Connection.
  • When completed the Online Scan will begin automatically.
  • Do not touch either the Mouse or keyboard during the scan otherwise it may stall.
  • When completed select Uninstall application on close if you so wish, make sure you copy the logfile first!
  • Now click on: EOLS4.gif
  • Use notepad to open the logfile located at C:\Program Files\ESET\EsetOnlineScanner\log.txt.
  • Copy and paste that log as a reply to this topic.

Note: Do not forget to re-enable your Anti-Virus application after running the above scan!
 

 


Tomk
------------------------------------------------------------

mvplogo1_zpsea7gtc7e.gif


WTT-Grad1.jpg

Topics are closed after 5 days without response
unite_blue_zpsbfd3cd98.png


#7 ClementZ

ClementZ

    Authentic Member

  • Authentic Member
  • PipPip
  • 98 posts

Posted 05 April 2014 - 09:08 PM

ESETSmartInstaller@High as downloader log:
all ok
# version=8
# OnlineScannerApp.exe=1.0.0.1
# OnlineScanner.ocx=1.0.0.6920
# api_version=3.0.2
# EOSSerial=38fcafa01e570740a2fdf5d2472d0c69
# engine=17769
# end=finished
# remove_checked=false
# archives_checked=true
# unwanted_checked=true
# unsafe_checked=true
# antistealth_checked=true
# utc_time=2014-04-06 02:30:58
# local_time=2014-04-05 10:30:58 (-0500, Eastern Daylight Time)
# country="Canada"
# lang=1033
# osver=6.2.9200 NT
# compatibility_mode=5893 16776574 100 94 1133621 20711151 0 0
# scanned=421106
# found=2
# cleaned=0
# scan_time=15921
sh=B5B41E946960F17050C00A4891CFF46B08486A4D ft=1 fh=79895fd74f1827db vn="Win32/Bundled.Toolbar.Google.D potentially unsafe application" ac=I fn="C:\Windows\System32\Adobe\Shockwave 12\gt.exe"
sh=B5B41E946960F17050C00A4891CFF46B08486A4D ft=1 fh=79895fd74f1827db vn="Win32/Bundled.Toolbar.Google.D potentially unsafe application" ac=I fn="C:\Windows\SysWOW64\Adobe\Shockwave 12\gt.exe"
 



#8 Tomk

Tomk

    Beguilement Monitor

  • Classroom Admin
  • 20,134 posts

Posted 06 April 2014 - 12:02 AM

That's just telling you that shockwave came bundled with google toolbar... in both the 32 bit and 64 bit versions.  Not the root of your issues.

 

I do not believe that malware is responsible for your issues.  Quite frankly, I don't know much about Win 8, and even less about 8.1.  Therefore, I believe you will be better served by the Tech Team in the Windows Forum.  I suggest that you open a new topic there.  When you post, please give them as much information as possible.  Make and model of computer, Operating system, and as much information about your symptoms as you can.  Also, it would be good to post a link back to this thread so they can see the scan you have done here... in case there is any useful information there for them.

 

Does this make sense to you?


Tomk
------------------------------------------------------------

mvplogo1_zpsea7gtc7e.gif


WTT-Grad1.jpg

Topics are closed after 5 days without response
unite_blue_zpsbfd3cd98.png


#9 ClementZ

ClementZ

    Authentic Member

  • Authentic Member
  • PipPip
  • 98 posts

Posted 06 April 2014 - 12:27 PM

Alright, will do.
Thanks for the help anyway.



#10 Tomk

Tomk

    Beguilement Monitor

  • Classroom Admin
  • 20,134 posts

Posted 06 April 2014 - 06:50 PM

Hopefully, they'll see some "easy" tweak that will straighten you right out.  If they see something malware related that I missed, they'll send you back and I'll reopen this thread.

 

Good luck and be well.


Tomk
------------------------------------------------------------

mvplogo1_zpsea7gtc7e.gif


WTT-Grad1.jpg

Topics are closed after 5 days without response
unite_blue_zpsbfd3cd98.png


#11 Tomk

Tomk

    Beguilement Monitor

  • Classroom Admin
  • 20,134 posts

Posted 06 April 2014 - 06:50 PM

Since this issue appears to be resolved ... this Topic has been closed. Glad we could be of assistance.

If you're the topic starter, and need this topic reopened, please contact a staff member with the address of the thread.

Everyone else please follow the instructions here http://forums.whatth...ed_t106388.html
and start a New Topic.

Tomk
------------------------------------------------------------

mvplogo1_zpsea7gtc7e.gif


WTT-Grad1.jpg

Topics are closed after 5 days without response
unite_blue_zpsbfd3cd98.png

Related Topics



0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users