Jump to content

Build Theme!
  •  
  • Infected?

WE'RE SURE THAT YOU'LL LOVE US!

Hey there! :wub: Looks like you're enjoying the discussion, but you're not signed up for an account. When you create an account, we remember exactly what you've read, so you always come right back where you left off. You also get notifications, here and via email, whenever new posts are made. You can like posts to share the love. :D Join 92790 other members! Anybody can ask, anybody can answer. Consistently helpful members may be invited to become staff. Here's how it works. Virus cleanup? Start here -> Malware Removal Forum.

Try What the Tech -- It's free!


Photo

Proxy hijack [Closed]


  • This topic is locked This topic is locked
3 replies to this topic

#1 DrNo

DrNo

    New Member

  • New Member
  • Pip
  • 2 posts

Posted 30 August 2014 - 10:39 AM

While cleaning up my system i activated a program that installed a virus that is hijacking my proxy settings to 127.0.0.1 with a <loop> setting as a fail-over, I have edited the information in the registry and it keeps changing back. The only explorer I can use at the moment is Dragon, from comodo.   Here is the OTL scan results:

 

OTL logfile created on: 8/30/2014 11:21:42 AM - Run 1
OTL by OldTimer - Version 3.2.69.0     Folder = C:\Users\Dennis\Desktop
64bit- Ultimate Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.11.9600.17239)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy
 
20.00 Gb Total Physical Memory | 12.81 Gb Available Physical Memory | 64.03% Memory free
40.00 Gb Paging File | 30.37 Gb Available in Paging File | 75.93% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 232.88 Gb Total Space | 142.48 Gb Free Space | 61.18% Space Free | Partition Type: NTFS
Drive D: | 279.48 Gb Total Space | 62.94 Gb Free Space | 22.52% Space Free | Partition Type: NTFS
Drive E: | 100.00 Mb Total Space | 45.77 Mb Free Space | 45.77% Space Free | Partition Type: NTFS
Drive F: | 465.76 Gb Total Space | 160.90 Gb Free Space | 34.55% Space Free | Partition Type: NTFS
Drive G: | 931.41 Gb Total Space | 357.15 Gb Free Space | 38.34% Space Free | Partition Type: NTFS
Drive H: | 3.00 Gb Total Space | 0.00 Gb Free Space | 0.00% Space Free | Partition Type: UDF
Drive I: | 6.65 Mb Total Space | 0.00 Mb Free Space | 0.00% Space Free | Partition Type: CDFS
 
Computer Name: VIPER | User Name: Dennis | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
 
========== Processes (SafeList) ==========
 
PRC - C:\Users\Dennis\Desktop\OTL.exe (OldTimer Tools)
PRC - C:\Users\Dennis\Desktop\JRT.exe (Thisisu)
PRC - C:\Program Files (x86)\HP\Common\HPSupportSolutionsFrameworkService.exe (Hewlett-Packard Company)
PRC - C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe (NVIDIA Corporation)
PRC - C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe (NVIDIA Corporation)
PRC - C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.)
PRC - C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe (Microsoft Corporation)
PRC - C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe (Microsoft Corporation)
PRC - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe (NVIDIA Corporation)
PRC - C:\Program Files (x86)\Comodo\Dragon\dragon_updater.exe ()
PRC - C:\Program Files (x86)\Comodo\Dragon\dragon.exe (Comodo)
PRC - C:\Program Files (x86)\Comodo\Dragon\virtual_mode_helper.exe ()
PRC - d:\Anti-Malware\mbamservice.exe (Malwarebytes Corporation)
PRC - d:\Anti-Malware\mbamscheduler.exe (Malwarebytes Corporation)
PRC - d:\Anti-Malware\mbam.exe (Malwarebytes Corporation)
PRC - C:\Program Files\Logitech Gaming Software\Applets\LCDMedia.exe (Logitech Inc.)
PRC - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe (Adobe Systems Incorporated)
PRC - C:\Program Files (x86)\Common Files\Intuit\Update Service v4\IntuitUpdateService.exe (Intuit Inc.)
PRC - C:\Program Files (x86)\Logitech\LWS\Webcam Software\LWS.exe (Logitech Inc.)
PRC - C:\Program Files (x86)\Logitech\LWS\Webcam Software\CameraHelperShell.exe ()
PRC - C:\Program Files (x86)\Yahoo!\Messenger\YahooMessenger.exe (Yahoo! Inc.)
PRC - C:\Windows\SysWOW64\ASGT.exe ()
PRC - C:\Program Files\Plantronics\GameCom780\GameCom780.exe ()
PRC - C:\Windows\SysWOW64\cmd.exe (Microsoft Corporation)
PRC - C:\Program Files (x86)\Yahoo!\SoftwareUpdate\YahooAUService.exe (Yahoo! Inc.)
PRC - C:\Users\Dennis\AppData\Local\Temp\jrt\CHOICE.DAT ()
 
 
========== Modules (No Company Name) ==========
 
MOD - C:\Program Files\Microsoft Office 15\root\office15\1033\GrooveIntlResource.dll ()
MOD - C:\Program Files (x86)\Google\Chrome\Application\36.0.1985.143\ppgooglenaclpluginchrome.dll ()
MOD - C:\Program Files (x86)\Google\Chrome\Application\36.0.1985.143\PepperFlash\pepflashplayer.dll ()
MOD - C:\Program Files (x86)\Google\Chrome\Application\36.0.1985.143\pdf.dll ()
MOD - C:\Program Files (x86)\Google\Chrome\Application\36.0.1985.143\libglesv2.dll ()
MOD - C:\Program Files (x86)\Google\Chrome\Application\36.0.1985.143\libegl.dll ()
MOD - C:\Program Files (x86)\Google\Chrome\Application\36.0.1985.143\ffmpegsumo.dll ()
MOD - C:\Program Files (x86)\Comodo\Dragon\ffmpegsumo.dll ()
MOD - C:\Program Files (x86)\Comodo\Dragon\virtual_mode_helper.exe ()
MOD - C:\Program Files (x86)\Comodo\Dragon\libGLESv2.dll ()
MOD - C:\Program Files (x86)\Comodo\Dragon\libEGL.dll ()
MOD - C:\Program Files (x86)\Comodo\Dragon\chrome_elf.dll ()
MOD - C:\Program Files (x86)\Common Files\logishrd\LWSPlugins\LWS\Applets\CameraHelper\DevManagerCore.dll ()
MOD - C:\Program Files (x86)\Logitech\LWS\Webcam Software\QTGui4.dll ()
MOD - C:\Program Files (x86)\Logitech\LWS\Webcam Software\QTXml4.dll ()
MOD - C:\Program Files (x86)\Logitech\LWS\Webcam Software\ImageFormats\QJpeg4.dll ()
MOD - C:\Program Files (x86)\Logitech\LWS\Webcam Software\ImageFormats\QGif4.dll ()
MOD - C:\Program Files (x86)\Logitech\LWS\Webcam Software\QTCore4.dll ()
MOD - C:\Program Files (x86)\Logitech\LWS\Webcam Software\CameraHelperShell.exe ()
MOD - C:\Program Files (x86)\Yahoo!\Messenger\yui.dll ()
MOD - C:\Program Files (x86)\Yahoo!\Messenger\pcre.dll ()
MOD - C:\Program Files\Plantronics\GameCom780\VMixPLGC.dll ()
MOD - C:\Program Files\Plantronics\GameCom780\GameCom780.exe ()
MOD - C:\Users\Dennis\AppData\Local\Temp\jrt\CHOICE.DAT ()
 
 
========== Services (SafeList) ==========
 
SRV:64bit: - (NvStreamSvc) -- C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe (NVIDIA Corporation)
SRV:64bit: - (ClickToRunSvc) -- C:\Program Files\Microsoft Office 15\ClientX64\OfficeClickToRun.exe (Microsoft Corporation)
SRV:64bit: - (IEEtwCollectorService) -- C:\Windows\SysNative\IEEtwCollector.exe (Microsoft Corporation)
SRV:64bit: - (cmdAgent) -- C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe (COMODO)
SRV:64bit: - (cmdvirth) -- C:\Program Files\COMODO\COMODO Internet Security\cmdvirth.exe (COMODO)
SRV:64bit: - (KinectManagement) -- C:\Program Files\Microsoft Kinect Drivers\Service\KinectManagementService.exe (Microsoft Corporation)
SRV:64bit: - (WinDefend) -- C:\Program Files\Windows Defender\MpSvc.dll (Microsoft Corporation)
SRV:64bit: - (AppMgmt) -- C:\Windows\SysNative\appmgmts.dll (Microsoft Corporation)
SRV - (AdobeFlashPlayerUpdateSvc) -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe (Adobe Systems Incorporated)
SRV - (LavasoftAdAwareService11) -- D:\Anti-Malware\ADAWARE\Ad-Aware Antivirus\11.3.6321.0\AdAwareService.exe ()
SRV - (HPSupportSolutionsFrameworkService) -- C:\Program Files (x86)\HP\Common\HPSupportSolutionsFrameworkService.exe (Hewlett-Packard Company)
SRV - (Steam Client Service) -- C:\Program Files (x86)\Common Files\Steam\SteamService.exe (Valve Corporation)
SRV - (NvNetworkService) -- C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe (NVIDIA Corporation)
SRV - (c2cautoupdatesvc) -- C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe (Microsoft Corporation)
SRV - (c2cpnrsvc) -- C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe (Microsoft Corporation)
SRV - (Stereo Service) -- C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe (NVIDIA Corporation)
SRV - (DragonUpdater) -- C:\Program Files (x86)\Comodo\Dragon\dragon_updater.exe ()
SRV - (MBAMService) -- d:\Anti-Malware\mbamservice.exe (Malwarebytes Corporation)
SRV - (MBAMScheduler) -- d:\Anti-Malware\mbamscheduler.exe (Malwarebytes Corporation)
SRV - (MozillaMaintenance) -- C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe (Mozilla Foundation)
SRV - (SkypeUpdate) -- C:\Program Files (x86)\Skype\Updater\Updater.exe (Skype Technologies)
SRV - (clr_optimization_v2.0.50727_32) -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe (Microsoft Corporation)
SRV - (AdobeARMservice) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe (Adobe Systems Incorporated)
SRV - (MakerBot Conveyor Service) -- G:\MakerBot\MakerWare\conveyor-svc.exe ( MakerBot)
SRV - (clr_optimization_v4.0.30319_32) -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe (Microsoft Corporation)
SRV - (HPSLPSVC) -- C:\Users\Dennis\AppData\Local\Temp\7zS57F4\HPSLPSVC64.DLL (Hewlett-Packard Co.)
SRV - (IntuitUpdateServiceV4) -- C:\Program Files (x86)\Common Files\Intuit\Update Service v4\IntuitUpdateService.exe (Intuit Inc.)
SRV - (ASGT) -- C:\Windows\SysWOW64\ASGT.exe ()
SRV - (YahooAUService) -- C:\Program Files (x86)\Yahoo!\SoftwareUpdate\YahooAUService.exe (Yahoo! Inc.)
 
 
========== Driver Services (SafeList) ==========
 
DRV:64bit: - (MBAMSwissArmy) -- C:\Windows\SysNative\drivers\MBAMSwissArmy.sys (Malwarebytes Corporation)
DRV:64bit: - (avc3) -- C:\Windows\SysNative\drivers\avc3.sys (BitDefender)
DRV:64bit: - (avckf) -- C:\Windows\SysNative\drivers\avckf.sys (BitDefender)
DRV:64bit: - (avchv) -- C:\Windows\SysNative\drivers\avchv.sys (BitDefender)
DRV:64bit: - (NvStreamKms) -- C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys (NVIDIA Corporation)
DRV:64bit: - (Trufos) -- C:\Windows\SysNative\drivers\Trufos.sys (BitDefender S.R.L.)
DRV:64bit: - (MBAMWebAccessControl) -- C:\Windows\SysNative\drivers\mwac.sys (Malwarebytes Corporation)
DRV:64bit: - (MBAMProtector) -- C:\Windows\SysNative\drivers\mbam.sys (Malwarebytes Corporation)
DRV:64bit: - (cmderd) -- C:\Windows\SysNative\drivers\cmderd.sys (COMODO)
DRV:64bit: - (nvvad_WaveExtensible) -- C:\Windows\SysNative\drivers\nvvad64v.sys (NVIDIA Corporation)
DRV:64bit: - (NVHDA) -- C:\Windows\SysNative\drivers\nvhda64v.sys (NVIDIA Corporation)
DRV:64bit: - (TsUsbFlt) -- C:\Windows\SysNative\drivers\TsUsbFlt.sys (Microsoft Corporation)
DRV:64bit: - (KinectCamera) -- C:\Windows\SysNative\drivers\kinectcamera.sys (Microsoft Corporation)
DRV:64bit: - (RTL8167) -- C:\Windows\SysNative\drivers\Rt64win7.sys (Realtek                                            )
DRV:64bit: - (RtlWlanu) -- C:\Windows\SysNative\drivers\RTWlanU.sys (Realtek Semiconductor Corporation                           )
DRV:64bit: - (CompFilter64) -- C:\Windows\SysNative\drivers\lvbflt64.sys (Logitech Inc.)
DRV:64bit: - (LVUVC64) -- C:\Windows\SysNative\drivers\LVUVC64.sys (Logitech Inc.)
DRV:64bit: - (LVRS64) -- C:\Windows\SysNative\drivers\lvrs64.sys (Logitech Inc.)
DRV:64bit: - (RdpVideoMiniport) -- C:\Windows\SysNative\drivers\rdpvideominiport.sys (Microsoft Corporation)
DRV:64bit: - (Fs_Rec) -- C:\Windows\SysNative\drivers\fs_rec.sys (Microsoft Corporation)
DRV:64bit: - (PlantronicsGC) -- C:\Windows\SysNative\drivers\PLTGC.sys (C-Media Electronics Inc)
DRV:64bit: - (amdsata) -- C:\Windows\SysNative\drivers\amdsata.sys (Advanced Micro Devices)
DRV:64bit: - (amdxata) -- C:\Windows\SysNative\drivers\amdxata.sys (Advanced Micro Devices)
DRV:64bit: - (usbfilter) -- C:\Windows\SysNative\drivers\usbfilter.sys (Advanced Micro Devices)
DRV:64bit: - (HpSAMD) -- C:\Windows\SysNative\drivers\HpSAMD.sys (Hewlett-Packard Company)
DRV:64bit: - (PcaSp60) -- C:\Windows\SysNative\drivers\PcaSp60.sys (Printing Communications Assoc., Inc. (PCAUSA))
DRV:64bit: - (JRAID) -- C:\Windows\SysNative\drivers\jraid.sys (JMicron Technology Corp.)
DRV:64bit: - (LGVirHid) -- C:\Windows\SysNative\drivers\LGVirHid.sys (Logitech Inc.)
DRV:64bit: - (LGBusEnum) -- C:\Windows\SysNative\drivers\LGBusEnum.sys (Logitech Inc.)
DRV:64bit: - (amdsbs) -- C:\Windows\SysNative\drivers\amdsbs.sys (AMD Technologies Inc.)
DRV:64bit: - (LSI_SAS2) -- C:\Windows\SysNative\drivers\lsi_sas2.sys (LSI Corporation)
DRV:64bit: - (stexstor) -- C:\Windows\SysNative\drivers\stexstor.sys (Promise Technology)
DRV:64bit: - (WSDPrintDevice) -- C:\Windows\SysNative\drivers\WSDPrint.sys (Microsoft Corporation)
DRV:64bit: - (StillCam) -- C:\Windows\SysNative\drivers\serscan.sys (Microsoft Corporation)
DRV:64bit: - (ebdrv) -- C:\Windows\SysNative\drivers\evbda.sys (Broadcom Corporation)
DRV:64bit: - (b06bdrv) -- C:\Windows\SysNative\drivers\bxvbda.sys (Broadcom Corporation)
DRV:64bit: - (b57nd60a) -- C:\Windows\SysNative\drivers\b57nd60a.sys (Broadcom Corporation)
DRV:64bit: - (hcw85cir) -- C:\Windows\SysNative\drivers\hcw85cir.sys (Hauppauge Computer Works, Inc.)
DRV - (gzflt) -- D:\Anti-Malware\ADAWARE\Antimalware Engine\3.0.0.56\gzflt.sys (BitDefender LLC)
DRV - (bdfwfpf) -- D:\Anti-Malware\ADAWARE\Firewall Engine\1.6.0.0\Drivers\bdfwfpf.sys (BitDefender LLC)
DRV - (BdfNdisf) -- d:\Anti-Malware\ADAWARE\Firewall Engine\1.6.0.0\Drivers\bdfndisf6.sys (BitDefender LLC)
DRV - (NTIOLib_1_0_4) -- C:\Program Files (x86)\MSI\Live Update 5\NTIOLib_X64.sys (MSI)
DRV - (PcaSp60) -- C:\Windows\SysWOW64\drivers\PcaSp60.sys (Printing Communications Assoc., Inc. (PCAUSA))
DRV - (WIMMount) -- C:\Windows\SysWOW64\drivers\wimmount.sys (Microsoft Corporation)
 
 
========== Standard Registry (All) ==========
 
 
========== Internet Explorer ==========
 
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = about:blank
IE:64bit: - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE:64bit: - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/...ms}&FORM=IE8SRC
IE:64bit: - HKLM\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 1
IE:64bit: - HKLM\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = <-loopback>
IE:64bit: - HKLM\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyServer" = http=127.0.0.1:8800;https=127.0.0.1:8800
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = about:blank
IE - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/...ms}&FORM=IE8SRC
IE - HKLM\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 1
IE - HKLM\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = <-loopback>
IE - HKLM\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyServer" = http=127.0.0.1:8800;https=127.0.0.1:8800
 
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\system32\blank.htm
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft....k/?LinkId=54896
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = about:blank
IE - HKCU\..\URLSearchHook: {CFBFAE00-17A6-11D0-99CB-00C04FD64497} - C:\Windows\SysWOW64\ieframe.dll (Microsoft Corporation)
IE - HKCU\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 
========== FireFox ==========
 
FF - prefs.js..extensions.enabledAddons: %7B972ce4c6-7e08-4474-a285-3208198ce6fd%7D:29.0.1
FF - user.js - File not found
 
FF:64bit: - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF64_14_0_0_179.dll File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_14_0_0_179.dll ()
FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.67.2: C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.67.2: C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@messenger.yahoo.com/YahooMessengerStatePlugin;version=1.0.0.6: C:\Program Files (x86)\Yahoo!\Shared\npYState.dll (Yahoo! Inc.)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF - HKLM\Software\MozillaPlugins\@microsoft.com/Lync,version=15.0: C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX86\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files (x86)\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/SharePoint,version=14.0: C:\Program Files\Microsoft Office 15\root\Office15\NPSPWRAP.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@nvidia.com/3DVision: C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)
FF - HKLM\Software\MozillaPlugins\@nvidia.com/3DVisionStreaming: C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files (x86)\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files (x86)\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@videolan.org/vlc,version=2.1.3: C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF - HKCU\Software\MozillaPlugins\@unity3d.com/UnityPlayer,version=1.0: C:\Users\Dennis\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll (Unity Technologies ApS)
 
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\smartwebprinting@hp.com: C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3 [2014/08/14 19:08:01 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 29.0.1\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 29.0.1\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins
FF - HKEY_CURRENT_USER\software\mozilla\Firefox\Extensions\\smartwebprinting@hp.com: C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3 [2014/08/14 19:08:01 | 000,000,000 | ---D | M]
 
[2014/06/01 09:45:47 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Dennis\AppData\Roaming\Mozilla\Extensions
[2014/06/05 21:13:31 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Dennis\AppData\Roaming\Mozilla\Firefox\Profiles\um3b5d9j.default\extensions
[2014/06/05 21:13:31 | 000,613,778 | ---- | M] () (No name found) -- C:\Users\Dennis\AppData\Roaming\Mozilla\Firefox\Profiles\um3b5d9j.default\extensions\PrivDog@AdTrustMedia.com.xpi
[2014/07/31 19:17:56 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\Mozilla Firefox\browser\extensions
[2014/06/01 09:45:31 | 000,000,000 | ---D | M] (Default) -- C:\Program Files (x86)\Mozilla Firefox\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
 
========== Chrome  ==========
 
CHR - default_search_provider:  (Enabled)
CHR - default_search_provider: search_url = 
CHR - default_search_provider: suggest_url = 
CHR - homepage: http://mysearch.avg.com?cid={A8B515C1-491B-4BE2-A52A-CFC8C435D75B}&mid=83a6e400c7d547d1b822d1543418d242-a28c7f72b4a45306ae067ae25539a809c4569ced&lang=en&ds=AVG&coid=avgtbavg&cmpid=&pr=fr&d=2014-02-05 06:25:11&v=17.3.1.204&pid=safeguard&sg=0&sap=hp
CHR - plugin: Error reading preferences file
CHR - Extension: Google Voice Search Hotword (Beta) = C:\Users\Dennis\AppData\Local\Google\Chrome\User Data\Default\Extensions\bepbmhgboaologfdajaanbcjmnhjmhfn\0.1.1.5023_0\
CHR - Extension: Skype Click to Call = C:\Users\Dennis\AppData\Local\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl\7.3.16540.9015_0\
CHR - Extension: Google Wallet = C:\Users\Dennis\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.6.1_1\
 
O1 HOSTS File: ([2009/06/10 16:00:26 | 000,000,824 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts
O2:64bit: - BHO: (Lync Browser Helper) - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesX64\Microsoft Office\Office15\OCHelper.dll (Microsoft Corporation)
O2:64bit: - BHO: (Skype Click to Call for Internet Explorer) - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\SkypeIEPlugin.dll (Microsoft Corporation)
O2:64bit: - BHO: (Office Document Cache Handler) - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesX64\Microsoft Office\Office15\URLREDIR.DLL (Microsoft Corporation)
O2:64bit: - BHO: (Microsoft SkyDrive Pro Browser Helper) - {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} - C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesX64\Microsoft Office\Office15\GROOVEEX.DLL (Microsoft Corporation)
O2:64bit: - BHO: (PrivDog Extension) - {FB16E5C3-A9E2-47A2-8EFC-319E775E62CC} - C:\Program Files\AdTrustMedia\PrivDog\2.1.0.23\trustedads.dll (AdTrustMedia)
O2 - BHO: (&Yahoo! Toolbar Helper) - {02478D38-C3F9-4efb-9B51-7695ECA05670} - C:\Program Files (x86)\Yahoo!\Companion\Installs\cpn0\yt.dll (Yahoo! Inc.)
O2 - BHO: (HP Print Enhancer) - {0347C33E-8762-4905-BF09-768834316C61} - C:\Program Files (x86)\HP\Digital Imaging\smart web printing\hpswp_printenhancer.dll (Hewlett-Packard Co.)
O2 - BHO: (Lync Browser Helper) - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files\Microsoft Office 15\root\office15\OCHelper.dll (Microsoft Corporation)
O2 - BHO: (Java™ Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
O2 - BHO: (Skype Click to Call for Internet Explorer) - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll (Microsoft Corporation)
O2 - BHO: (Office Document Cache Handler) - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office 15\root\office15\URLREDIR.DLL (Microsoft Corporation)
O2 - BHO: (Microsoft SkyDrive Pro Browser Helper) - {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} - C:\Program Files\Microsoft Office 15\root\office15\GROOVEEX.DLL (Microsoft Corporation)
O2 - BHO: (Java™ Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
O2 - BHO: (PrivDog Extension) - {FB16E5C3-A9E2-47A2-8EFC-319E775E62CC} - C:\Program Files (x86)\AdTrustMedia\PrivDog\2.1.0.23\trustedads.dll (AdTrustMedia)
O2 - BHO: (HP Smart BHO Class) - {FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856} - C:\Program Files (x86)\HP\Digital Imaging\smart web printing\hpswp_BHO.dll (Hewlett-Packard Co.)
O3 - HKLM\..\Toolbar: (Yahoo! Toolbar) - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files (x86)\Yahoo!\Companion\Installs\cpn0\yt.dll (Yahoo! Inc.)
O4:64bit: - HKLM..\Run: []  File not found
O4:64bit: - HKLM..\Run: [AdAwareTray] D:\Anti-Malware\ADAWARE\Ad-Aware Antivirus\11.3.6321.0\AdAwareTray.exe ()
O4:64bit: - HKLM..\Run: [COMODO Internet Security] C:\Program Files\COMODO\COMODO Internet Security\cistray.exe (COMODO)
O4:64bit: - HKLM..\Run: [GamecomSound] C:\Program Files\Plantronics\GameCom780\GameCom780.exe ()
O4:64bit: - HKLM..\Run: [Launch LCore] C:\Program Files\Logitech Gaming Software\LCore.exe (Logitech Inc.)
O4:64bit: - HKLM..\Run: [NvBackend] C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe (NVIDIA Corporation)
O4:64bit: - HKLM..\Run: [RTHDVCPL] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe (Realtek Semiconductor)
O4:64bit: - HKLM..\Run: [ShadowPlay] C:\Windows\SysNative\nvspcap64.dll (NVIDIA Corporation)
O4 - HKLM..\Run: []  File not found
O4 - HKLM..\Run: [Adobe ARM] C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [HP Software Update] C:\Program Files (x86)\HP\HP Software Update\hpwuschd2.exe (Hewlett-Packard)
O4 - HKLM..\Run: [hpqSRMon] C:\Program Files (x86)\HP\Digital Imaging\bin\HpqSRmon.exe (Hewlett-Packard)
O4 - HKLM..\Run: [JMB36X IDE Setup] C:\Windows\RaidTool\xInsIDE.exe ()
O4 - HKLM..\Run: [LiveUpdate 5] C:\Program Files (x86)\MSI\Live Update 5\BootStartLiveupdate.exe ()
O4 - HKLM..\Run: [LWS] C:\Program Files (x86)\Logitech\LWS\Webcam Software\LWS.exe (Logitech Inc.)
O4 - HKLM..\Run: [SunJavaUpdateSched] C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe (Oracle Corporation)
O4 - HKCU..\Run: [Messenger (Yahoo!)] C:\Program Files (x86)\Yahoo!\Messenger\YahooMessenger.exe (Yahoo! Inc.)
O4 - HKCU..\Run: [Skype] C:\Program Files (x86)\Skype\Phone\Skype.exe (Skype Technologies S.A.)
O4 - HKCU..\RunOnce: [Application Restart #1] C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: ForceActiveDesktopOn = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableInstallerDetection = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLUA = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableSecureUIAPaths = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableUIADesktopToggle = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableVirtualization = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: PromptOnSecureDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ValidateAdminCodeSignatures = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: dontdisplaylastusername = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: legalnoticecaption = 
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: legalnoticetext = 
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: scforceoption = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: shutdownwithoutlogon = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: undockwithoutlogon = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: FilterAdministratorToken = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_TEXT = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_BITMAP = 2
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_OEMTEXT = 7
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_DIB = 8
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_PALETTE = 9
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_UNICODETEXT = 13
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_DIBV5 = 17
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DisableRegistryTools = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DisableTaskMgr = 0
O8:64bit: - Extra context menu item: E&xport to Microsoft Excel - C:\Program Files\Microsoft Office 15\Root\Office15\EXCEL.EXE (Microsoft Corporation)
O8:64bit: - Extra context menu item: Se&nd to OneNote - C:\Program Files\Microsoft Office 15\Root\Office15\ONBttnIE.dll (Microsoft Corporation)
O8 - Extra context menu item: E&xport to Microsoft Excel - C:\Program Files\Microsoft Office 15\Root\Office15\EXCEL.EXE (Microsoft Corporation)
O8 - Extra context menu item: Se&nd to OneNote - C:\Program Files\Microsoft Office 15\Root\Office15\ONBttnIE.dll (Microsoft Corporation)
O9:64bit: - Extra Button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesX64\Microsoft Office\Office15\ONBttnIE.dll (Microsoft Corporation)
O9:64bit: - Extra 'Tools' menuitem : Se&nd to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesX64\Microsoft Office\Office15\ONBttnIE.dll (Microsoft Corporation)
O9:64bit: - Extra Button: PrivDog - {2F5C139F-79BD-4C84-A95A-E7140525BC55} - C:\Program Files\AdTrustMedia\PrivDog\2.1.0.23\trustedads.dll (AdTrustMedia)
O9:64bit: - Extra Button: Lync Click to Call - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesX64\Microsoft Office\Office15\OCHelper.dll (Microsoft Corporation)
O9:64bit: - Extra 'Tools' menuitem : Lync Click to Call - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesX64\Microsoft Office\Office15\OCHelper.dll (Microsoft Corporation)
O9:64bit: - Extra Button: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesX64\Microsoft Office\Office15\ONBttnIELinkedNotes.dll (Microsoft Corporation)
O9:64bit: - Extra 'Tools' menuitem : OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesX64\Microsoft Office\Office15\ONBttnIELinkedNotes.dll (Microsoft Corporation)
O9:64bit: - Extra Button: Skype Click to Call settings - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\SkypeIEPlugin.dll (Microsoft Corporation)
O9 - Extra Button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office 15\root\office15\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : Se&nd to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office 15\root\office15\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra Button: PrivDog - {2F5C139F-79BD-4C84-A95A-E7140525BC55} - C:\Program Files (x86)\AdTrustMedia\PrivDog\2.1.0.23\trustedads.dll (AdTrustMedia)
O9 - Extra Button: Lync Click to Call - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files\Microsoft Office 15\root\office15\OCHelper.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : Lync Click to Call - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files\Microsoft Office 15\root\office15\OCHelper.dll (Microsoft Corporation)
O9 - Extra Button: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office 15\root\office15\ONBttnIELinkedNotes.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office 15\root\office15\ONBttnIELinkedNotes.dll (Microsoft Corporation)
O9 - Extra Button: Skype Click to Call settings - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll (Microsoft Corporation)
O9 - Extra Button: Show or hide HP Smart Web Printing - {DDE87865-83C5-48c4-8357-2F5B1AA84522} - C:\Program Files (x86)\HP\Digital Imaging\smart web printing\hpswp_BHO.dll (Hewlett-Packard Co.)
O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000001 [] - C:\Windows\SysNative\nlaapi.dll (Microsoft Corporation)
O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000002 [] - C:\Windows\SysNative\NapiNSP.dll (Microsoft Corporation)
O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000003 [] - C:\Windows\SysNative\pnrpnsp.dll (Microsoft Corporation)
O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000004 [] - C:\Windows\SysNative\pnrpnsp.dll (Microsoft Corporation)
O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000005 [] - C:\Windows\SysNative\mswsock.dll (Microsoft Corporation)
O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000006 [] - C:\Windows\SysNative\winrnr.dll (Microsoft Corporation)
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000001 - C:\Windows\SysNative\mswsock.dll (Microsoft Corporation)
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000002 - C:\Windows\SysNative\mswsock.dll (Microsoft Corporation)
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000003 - C:\Windows\SysNative\mswsock.dll (Microsoft Corporation)
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000004 - C:\Windows\SysNative\mswsock.dll (Microsoft Corporation)
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000005 - C:\Windows\SysNative\mswsock.dll (Microsoft Corporation)
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000006 - C:\Windows\SysNative\mswsock.dll (Microsoft Corporation)
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000007 - C:\Windows\SysNative\mswsock.dll (Microsoft Corporation)
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000008 - C:\Windows\SysNative\mswsock.dll (Microsoft Corporation)
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000009 - C:\Windows\SysNative\mswsock.dll (Microsoft Corporation)
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000010 - C:\Windows\SysNative\mswsock.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000001 [] - C:\Windows\SysWOW64\nlaapi.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000002 [] - C:\Windows\SysWOW64\NapiNSP.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000003 [] - C:\Windows\SysWOW64\pnrpnsp.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000004 [] - C:\Windows\SysWOW64\pnrpnsp.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000005 [] - C:\Windows\SysWOW64\mswsock.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000006 [] - C:\Windows\SysWOW64\winrnr.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000001 - C:\Windows\SysWOW64\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000002 - C:\Windows\SysWOW64\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000003 - C:\Windows\SysWOW64\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000004 - C:\Windows\SysWOW64\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000005 - C:\Windows\SysWOW64\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000006 - C:\Windows\SysWOW64\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000007 - C:\Windows\SysWOW64\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000008 - C:\Windows\SysWOW64\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000009 - C:\Windows\SysWOW64\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000010 - C:\Windows\SysWOW64\mswsock.dll (Microsoft Corporation)
O1364bit: - gopher Prefix: missing
O13 - gopher Prefix: missing
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.0.25
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{E40A980F-75E6-4B4A-BCEC-DD29AEBAE5D4}: DhcpNameServer = 192.168.0.25
O18:64bit: - Protocol\Handler\about {3050F406-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\SysNative\mshtml.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\cdl {3dd53d40-7b8b-11D0-b013-00aa0059ce02} - C:\Windows\SysNative\urlmon.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\dvd {12D51199-0DB5-46FE-A120-47A3D7D937CC} - C:\Windows\SysNative\MSVidCtl.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\file {79eac9e7-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\SysNative\urlmon.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\ftp {79eac9e3-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\SysNative\urlmon.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\http {79eac9e2-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\SysNative\urlmon.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\https {79eac9e5-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\SysNative\urlmon.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\its {9D148291-B9C8-11D0-A4CC-0000F80149F6} - C:\Windows\SysNative\itss.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\javascript {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\SysNative\mshtml.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\local {79eac9e7-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\SysNative\urlmon.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\mailto {3050f3DA-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\SysNative\mshtml.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\mhtml {05300401-BCBC-11d0-85E3-00C04FD85AB4} - C:\Windows\SysNative\inetcomm.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\mk {79eac9e6-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\SysNative\urlmon.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\ms-its {9D148291-B9C8-11D0-A4CC-0000F80149F6} - C:\Windows\SysNative\itss.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\osf - No CLSID value found
O18:64bit: - Protocol\Handler\res {3050F3BC-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\SysNative\mshtml.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\skypec2c {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\SkypeIEPlugin.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\tv {CBD30858-AF45-11D2-B6D6-00C04FBBDE6E} - C:\Windows\SysNative\MSVidCtl.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\vbscript {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\SysNative\mshtml.dll (Microsoft Corporation)
O18 - Protocol\Handler\about {3050F406-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\SysWOW64\mshtml.dll (Microsoft Corporation)
O18 - Protocol\Handler\cdl {3dd53d40-7b8b-11D0-b013-00aa0059ce02} - C:\Windows\SysWOW64\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\dvd {12D51199-0DB5-46FE-A120-47A3D7D937CC} - C:\Windows\SysWOW64\MSVidCtl.dll (Microsoft Corporation)
O18 - Protocol\Handler\file {79eac9e7-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\SysWOW64\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\ftp {79eac9e3-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\SysWOW64\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\http {79eac9e2-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\SysWOW64\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\https {79eac9e5-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\SysWOW64\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\its {9D148291-B9C8-11D0-A4CC-0000F80149F6} - C:\Windows\SysWOW64\itss.dll (Microsoft Corporation)
O18 - Protocol\Handler\javascript {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\SysWOW64\mshtml.dll (Microsoft Corporation)
O18 - Protocol\Handler\local {79eac9e7-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\SysWOW64\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\mailto {3050f3DA-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\SysWOW64\mshtml.dll (Microsoft Corporation)
O18 - Protocol\Handler\mhtml {05300401-BCBC-11d0-85E3-00C04FD85AB4} - C:\Windows\SysWOW64\inetcomm.dll (Microsoft Corporation)
O18 - Protocol\Handler\mk {79eac9e6-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\SysWOW64\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\ms-its {9D148291-B9C8-11D0-A4CC-0000F80149F6} - C:\Windows\SysWOW64\itss.dll (Microsoft Corporation)
O18 - Protocol\Handler\osf {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office 15\root\office15\MSOSB.DLL (Microsoft Corporation)
O18 - Protocol\Handler\res {3050F3BC-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\SysWOW64\mshtml.dll (Microsoft Corporation)
O18 - Protocol\Handler\skypec2c {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll (Microsoft Corporation)
O18 - Protocol\Handler\tv {CBD30858-AF45-11D2-B6D6-00C04FBBDE6E} - C:\Windows\SysWOW64\MSVidCtl.dll (Microsoft Corporation)
O18 - Protocol\Handler\vbscript {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\SysWOW64\mshtml.dll (Microsoft Corporation)
O18:64bit: - Protocol\Filter\application/octet-stream {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - C:\Windows\SysNative\mscoree.dll (Microsoft Corporation)
O18:64bit: - Protocol\Filter\application/x-complus {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - C:\Windows\SysNative\mscoree.dll (Microsoft Corporation)
O18:64bit: - Protocol\Filter\application/x-msdownload {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - C:\Windows\SysNative\mscoree.dll (Microsoft Corporation)
O18 - Protocol\Filter\application/octet-stream {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - C:\Windows\SysWow64\mscoree.dll (Microsoft Corporation)
O18 - Protocol\Filter\application/x-complus {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - C:\Windows\SysWow64\mscoree.dll (Microsoft Corporation)
O18 - Protocol\Filter\application/x-msdownload {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - C:\Windows\SysWow64\mscoree.dll (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\SysNative\SystemPropertiesPerformance.exe (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (userinit.exe) - C:\Windows\SysWow64\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\SysWow64\SystemPropertiesPerformance.exe (Microsoft Corporation)
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O29:64bit: - HKLM SecurityProviders - (credssp.dll) - C:\Windows\SysWow64\credssp.dll (Microsoft Corporation)
O29 - HKLM SecurityProviders - (credssp.dll) - C:\Windows\SysWow64\credssp.dll (Microsoft Corporation)
O30:64bit: - LSA: Authentication Packages - (msv1_0) - C:\Windows\SysNative\msv1_0.dll (Microsoft Corporation)
O30 - LSA: Authentication Packages - (msv1_0) - C:\Windows\SysWow64\msv1_0.dll (Microsoft Corporation)
O30:64bit: - LSA: Security Packages - (kerberos) - C:\Windows\SysNative\kerberos.dll (Microsoft Corporation)
O30:64bit: - LSA: Security Packages - (msv1_0) - C:\Windows\SysNative\msv1_0.dll (Microsoft Corporation)
O30:64bit: - LSA: Security Packages - (schannel) - C:\Windows\SysNative\schannel.dll (Microsoft Corporation)
O30:64bit: - LSA: Security Packages - (wdigest) - C:\Windows\SysNative\wdigest.dll (Microsoft Corporation)
O30:64bit: - LSA: Security Packages - (tspkg) - C:\Windows\SysNative\tspkg.dll (Microsoft Corporation)
O30:64bit: - LSA: Security Packages - (pku2u) - C:\Windows\SysNative\pku2u.dll (Microsoft Corporation)
O30 - LSA: Security Packages - (kerberos) - C:\Windows\SysWow64\kerberos.dll (Microsoft Corporation)
O30 - LSA: Security Packages - (msv1_0) - C:\Windows\SysWow64\msv1_0.dll (Microsoft Corporation)
O30 - LSA: Security Packages - (schannel) - C:\Windows\SysWow64\schannel.dll (Microsoft Corporation)
O30 - LSA: Security Packages - (wdigest) - C:\Windows\SysWow64\wdigest.dll (Microsoft Corporation)
O30 - LSA: Security Packages - (tspkg) - C:\Windows\SysWow64\tspkg.dll (Microsoft Corporation)
O30 - LSA: Security Packages - (pku2u) - C:\Windows\SysWow64\pku2u.dll (Microsoft Corporation)
O31 - SafeBoot: AlternateShell - cmd.exe
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2009/07/14 04:29:38 | 000,000,122 | ---- | M] () - C:\autorun.inf -- [ NTFS ]
O32 - AutoRun File - [2006/02/07 05:30:24 | 000,000,000 | ---- | M] () - D:\AUTOEXEC.BAT -- [ NTFS ]
O32 - AutoRun File - [2009/07/14 04:29:38 | 000,000,122 | R--- | M] () - H:\autorun.inf -- [ UDF ]
O33 - MountPoints2\{6658116d-a834-11e3-9d2e-806e6f6e6963}\Shell - "" = AutoRun
O33 - MountPoints2\{6658116d-a834-11e3-9d2e-806e6f6e6963}\Shell\AutoRun\command - "" = setup.exe
O34 - HKLM BootExecute: (autocheck autochk *)
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)
 
NetSvcs:64bit: AppMgmt - C:\Windows\SysNative\appmgmts.dll (Microsoft Corporation)
 
Drivers32:64bit: msacm.l3acm - C:\Windows\System32\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32:64bit: vidc.i420 - lvcod64.dll (Logitech Inc.)
Drivers32: msacm.l3acm - C:\Windows\SysWOW64\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32: vidc.cvid - C:\Windows\SysWow64\iccvid.dll (Radius Inc.)
Drivers32: vidc.i420 - C:\Windows\SysWow64\LVCodec2.dll (Logitech Inc.)
 
CREATERESTOREPOINT
Restore point Set: OTL Restore Point
 
========== Files/Folders - Created Within 30 Days ==========
 
[2014/08/30 11:07:11 | 000,388,608 | ---- | C] (Trend Micro Inc.) -- C:\Users\Dennis\Desktop\HiJackThis.exe
[2014/08/30 11:07:01 | 000,602,112 | ---- | C] (OldTimer Tools) -- C:\Users\Dennis\Desktop\OTL.exe
[2014/08/30 10:31:10 | 001,016,261 | ---- | C] (Thisisu) -- C:\Users\Dennis\Desktop\JRT.exe
[2014/08/30 10:18:00 | 000,000,000 | ---D | C] -- C:\Windows\ERUNT
[2014/08/30 10:04:42 | 000,000,000 | ---D | C] -- C:\Users\Dennis\AppData\Roaming\Lavasoft
[2014/08/30 09:53:11 | 000,000,000 | ---D | C] -- C:\ProgramData\BitDefender
[2014/08/30 09:49:33 | 000,000,000 | ---D | C] -- C:\Users\Dennis\AppData\Roaming\LavasoftStatistics
[2014/08/30 09:49:31 | 002,084,072 | ---- | C] (Bitdefender) -- C:\Windows\SysNative\bdnc.dll
[2014/08/30 09:49:26 | 001,061,776 | ---- | C] (BitDefender S.R.L.) -- C:\Windows\SysNative\bdsmtpp.dll
[2014/08/30 09:49:26 | 000,209,984 | ---- | C] (BitDefender) -- C:\Windows\SysNative\BdFirewallSDK.dll
[2014/08/30 09:49:26 | 000,195,016 | ---- | C] (BitDefender) -- C:\Windows\SysNative\httproxy.dll
[2014/08/30 09:49:26 | 000,155,912 | ---- | C] (BitDefender S.R.L.) -- C:\Windows\SysNative\bdpop3p.dll
[2014/08/30 09:49:26 | 000,122,928 | ---- | C] (BitDefender) -- C:\Windows\SysNative\OEMbdpredir.dll
[2014/08/30 09:49:26 | 000,096,160 | ---- | C] (BitDefender) -- C:\Windows\SysNative\bdpredir.dll
[2014/08/30 09:49:15 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Lavasoft
[2014/08/30 09:43:56 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Lavasoft
[2014/08/30 09:43:27 | 000,000,000 | ---D | C] -- C:\ProgramData\Lavasoft
[2014/08/30 08:18:48 | 000,122,584 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\MBAMSwissArmy.sys
[2014/08/30 08:18:16 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Anti-Malware
[2014/08/30 08:18:11 | 000,091,352 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\mbamchameleon.sys
[2014/08/30 08:18:11 | 000,063,704 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\mwac.sys
[2014/08/30 08:18:11 | 000,025,816 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\mbam.sys
[2014/08/30 08:18:11 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes
[2014/08/30 06:12:17 | 000,000,000 | ---D | C] -- C:\ProgramData\pastaleads
[2014/08/30 06:12:17 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\pastaleads
[2014/08/30 05:56:16 | 000,000,000 | ---D | C] -- C:\ProgramData\Hewlett-Packard
[2014/08/30 05:55:03 | 000,000,000 | ---D | C] -- C:\Windows\HP_Photosmart_Pro_Plug-in_Help
[2014/08/30 05:54:27 | 000,131,072 | ---- | C] (Hewlett-Packard Company) -- C:\Windows\SysNative\hpz3l4v6.dll
[2014/08/30 05:54:27 | 000,056,320 | ---- | C] (Hewlett-Packard) -- C:\Windows\SysNative\HPBMINI.DLL
[2014/08/30 05:53:41 | 000,000,000 | ---D | C] -- C:\Program Files\HP
[2014/08/30 05:52:59 | 000,338,944 | ---- | C] (Hewlett-Packard) -- C:\Windows\SysNative\hpzids40.dll
[2014/08/30 05:51:33 | 000,000,000 | ---D | C] -- C:\Users\Dennis\AppData\Local\Hewlett-Packard
[2014/08/30 05:51:25 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Hewlett-Packard
[2014/08/29 01:38:10 | 000,000,000 | ---D | C] -- C:\Windows\Hewlett-Packard
[2014/08/28 08:08:51 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Skype
[2014/08/27 13:24:59 | 000,404,480 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\gdi32.dll
[2014/08/22 10:45:16 | 000,000,000 | ---D | C] -- C:\Users\Dennis\AppData\Roaming\RetouchPilot
[2014/08/22 10:42:00 | 002,933,528 | ---- | C] (Two Pilots                                                  ) -- C:\Users\Dennis\Desktop\retouch_3.1.exe
[2014/08/22 10:33:33 | 000,000,000 | ---D | C] -- C:\Users\Dennis\.thumbnails
[2014/08/22 10:30:24 | 000,000,000 | ---D | C] -- C:\Users\Dennis\AppData\Local\fontconfig
[2014/08/22 10:30:23 | 000,000,000 | ---D | C] -- C:\Users\Dennis\AppData\Local\gegl-0.2
[2014/08/22 10:30:23 | 000,000,000 | ---D | C] -- C:\Users\Dennis\.gimp-2.8
[2014/08/22 10:28:33 | 000,000,000 | ---D | C] -- C:\Program Files\GIMP 2
[2014/08/21 22:33:09 | 002,620,928 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wucltux.dll
[2014/08/21 22:33:09 | 000,058,336 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wuauclt.exe
[2014/08/21 22:33:09 | 000,044,512 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wups2.dll
[2014/08/21 22:33:06 | 000,700,384 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wuapi.dll
[2014/08/21 22:33:06 | 000,581,600 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wuapi.dll
[2014/08/21 22:33:06 | 000,097,792 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wudriver.dll
[2014/08/21 22:33:06 | 000,092,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wudriver.dll
[2014/08/21 22:33:06 | 000,038,880 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wups.dll
[2014/08/21 22:33:06 | 000,036,320 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wups.dll
[2014/08/21 22:33:04 | 000,198,600 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wuwebv.dll
[2014/08/21 22:33:04 | 000,179,656 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wuwebv.dll
[2014/08/21 22:33:04 | 000,036,864 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wuapp.exe
[2014/08/21 22:33:04 | 000,033,792 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wuapp.exe
[2014/08/21 12:30:50 | 000,727,592 | ---- | C] (BitDefender) -- C:\Windows\SysNative\drivers\avc3.sys
[2014/08/21 12:30:50 | 000,601,360 | ---- | C] (BitDefender) -- C:\Windows\SysNative\drivers\avckf.sys
[2014/08/21 12:30:50 | 000,261,056 | ---- | C] (BitDefender) -- C:\Windows\SysNative\drivers\avchv.sys
[2014/08/20 05:55:06 | 000,000,000 | ---D | C] -- C:\Users\Dennis\AppData\Local\HP
[2014/08/16 03:02:24 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\MSXML 4.0
[2014/08/16 03:00:32 | 001,389,208 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\icardagt.exe
[2014/08/16 03:00:32 | 000,619,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\icardagt.exe
[2014/08/16 03:00:32 | 000,171,160 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\infocardapi.dll
[2014/08/16 03:00:32 | 000,099,480 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\infocardapi.dll
[2014/08/16 03:00:31 | 000,008,856 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\icardres.dll
[2014/08/16 03:00:31 | 000,008,856 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\icardres.dll
[2014/08/16 03:00:28 | 000,035,480 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\TsWpfWrp.exe
[2014/08/16 03:00:28 | 000,035,480 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\TsWpfWrp.exe
[2014/08/15 22:48:54 | 003,241,984 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msi.dll
[2014/08/15 22:48:54 | 001,941,504 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\authui.dll
[2014/08/15 22:48:54 | 001,805,824 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\authui.dll
[2014/08/15 22:48:54 | 000,504,320 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msihnd.dll
[2014/08/15 22:48:54 | 000,337,408 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msihnd.dll
[2014/08/15 22:48:54 | 000,112,064 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\consent.exe
[2014/08/15 22:48:50 | 000,597,504 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\jscript9diag.dll
[2014/08/15 22:48:50 | 000,072,704 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\JavaScriptCollectionAgent.dll
[2014/08/15 22:48:50 | 000,069,632 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mshtmled.dll
[2014/08/15 22:48:50 | 000,060,416 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\JavaScriptCollectionAgent.dll
[2014/08/15 22:48:50 | 000,051,200 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieetwproxystub.dll
[2014/08/15 22:48:50 | 000,048,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieetwproxystub.dll
[2014/08/15 22:48:50 | 000,032,768 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\iernonce.dll
[2014/08/15 22:48:49 | 002,001,920 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\inetcpl.cpl
[2014/08/15 22:48:49 | 000,692,736 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ie4uinit.exe
[2014/08/15 22:48:49 | 000,631,808 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msfeeds.dll
[2014/08/15 22:48:49 | 000,452,096 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\dxtmsft.dll
[2014/08/15 22:48:49 | 000,438,784 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieui.dll
[2014/08/15 22:48:49 | 000,111,616 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieetwcollector.exe
[2014/08/15 22:48:49 | 000,061,952 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\iesetup.dll
[2014/08/15 22:48:49 | 000,033,792 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\iernonce.dll
[2014/08/15 22:48:49 | 000,004,096 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieetwcollectorres.dll
[2014/08/15 22:48:48 | 000,066,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\iesetup.dll
[2014/08/15 22:48:47 | 002,087,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\inetcpl.cpl
[2014/08/15 22:48:47 | 001,068,032 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mshtmlmedia.dll
[2014/08/15 22:48:47 | 000,704,512 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieapfltr.dll
[2014/08/15 22:48:47 | 000,164,864 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msrating.dll
[2014/08/15 22:48:47 | 000,112,128 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieUnatt.exe
[2014/08/15 22:48:47 | 000,061,952 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\MshtmlDac.dll
[2014/08/15 22:48:46 | 001,249,280 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mshtmlmedia.dll
[2014/08/15 22:48:46 | 000,758,272 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\jscript9diag.dll
[2014/08/15 22:48:46 | 000,598,016 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieui.dll
[2014/08/15 22:48:46 | 000,292,864 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\dxtrans.dll
[2014/08/15 22:48:46 | 000,139,264 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieUnatt.exe
[2014/08/15 22:48:46 | 000,085,504 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mshtmled.dll
[2014/08/15 22:48:45 | 005,824,512 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\jscript9.dll
[2014/08/15 22:48:45 | 000,846,336 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieapfltr.dll
[2014/08/15 22:48:45 | 000,548,352 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\vbscript.dll
[2014/08/15 22:48:45 | 000,195,584 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msrating.dll
[2014/08/15 22:48:45 | 000,083,968 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\MshtmlDac.dll
[2014/08/15 22:48:44 | 000,940,032 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\MsSpellCheckingFacility.exe
[2014/08/15 22:48:12 | 001,216,000 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\rpcrt4.dll
[2014/08/14 20:32:46 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ISIS Scanner Drivers
[2014/08/14 20:32:46 | 000,000,000 | ---D | C] -- C:\ProgramData\ISIS DRIVERS
[2014/08/14 20:32:45 | 000,491,792 | ---- | C] (Captiva Software Corp.) -- C:\Windows\SysWow64\qd1.dll
[2014/08/14 20:32:45 | 000,401,484 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msvcrtd.dll
[2014/08/14 20:32:45 | 000,231,552 | ---- | C] (Pixel Translations Incorporated) -- C:\Windows\System\pixdflt.dll
[2014/08/14 20:32:45 | 000,213,264 | ---- | C] (Pixel Translations Incorporated) -- C:\Windows\SysWow64\PIXDFLTN.DLL
[2014/08/14 20:32:45 | 000,074,000 | ---- | C] (Pixel Translations Incorporated) -- C:\Windows\SysWow64\PIXLOCN.DLL
[2014/08/14 20:32:45 | 000,053,520 | ---- | C] (Pixel Translations Incorporated) -- C:\Windows\SysWow64\PIXPERMN.DLL
[2014/08/14 20:32:45 | 000,032,768 | ---- | C] (EMC Corporation) -- C:\Windows\SysWow64\pixsecur.dll
[2014/08/14 20:32:45 | 000,023,152 | ---- | C] (Pixel Translations Incorporated) -- C:\Windows\System\pixperm.dll
[2014/08/14 20:32:45 | 000,021,008 | ---- | C] (Microsoft Corporation) -- C:\Windows\System\ctl3d.dll
[2014/08/14 20:32:45 | 000,016,064 | ---- | C] (Pixel Translations Incorporated) -- C:\Windows\System\pixloc.dll
[2014/08/14 20:32:44 | 000,163,840 | ---- | C] (Pegasus Imaging Corp.) -- C:\Windows\SysWow64\pixn1520.dll
[2014/08/14 20:32:44 | 000,155,648 | ---- | C] (Pegasus Imaging Corp.) -- C:\Windows\SysWow64\pixn1120.dll
[2014/08/14 20:32:44 | 000,143,360 | ---- | C] (Pegasus Imaging Corp.) -- C:\Windows\SysWow64\pixn1020.dll
[2014/08/14 20:32:44 | 000,098,304 | ---- | C] (Pegasus Imaging Corp.) -- C:\Windows\SysWow64\pixn1320.dll
[2014/08/14 20:32:44 | 000,044,032 | ---- | C] (Pegasus Imaging Corp.) -- C:\Windows\SysWow64\pixn20.dll
[2014/08/14 20:32:44 | 000,032,768 | ---- | C] (Pixel Translations Incorporated) -- C:\Windows\SysWow64\pixth32.dll
[2014/08/14 20:32:44 | 000,004,032 | ---- | C] (Pixel Translations Incorporated) -- C:\Windows\System\pixth16.dll
[2014/08/14 20:32:43 | 000,200,704 | ---- | C] (EMC Corporation) -- C:\Windows\SysWow64\twpix32.dll
[2014/08/14 20:32:43 | 000,000,000 | ---D | C] -- C:\Windows\PIXTRAN
[2014/08/14 20:32:35 | 000,306,688 | ---- | C] (InstallShield Software Corporation) -- C:\Windows\IsUninst.exe
[2014/08/14 20:31:55 | 000,000,000 | ---D | C] -- C:\ProgramData\WEBREG
[2014/08/14 19:16:49 | 000,000,000 | ---D | C] -- C:\Users\Dennis\AppData\Roaming\HP
[2014/08/14 19:08:47 | 000,000,000 | ---D | C] -- C:\Users\Dennis\AppData\Roaming\HpUpdate
[2014/08/14 19:08:43 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Coupons
[2014/08/14 19:08:42 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Coupons
[2014/08/14 19:07:49 | 000,000,000 | ---D | C] -- C:\ProgramData\HP Product Assistant
[2014/08/14 19:07:31 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\spool
[2014/08/14 19:07:00 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\HP
[2014/08/14 19:06:50 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Hewlett-Packard
[2014/08/14 19:06:41 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HP
[2014/08/14 19:06:11 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\HP
[2014/08/14 19:06:10 | 000,000,000 | -H-D | C] -- C:\Config.Msi
[2014/08/14 19:04:29 | 001,405,952 | ---- | C] (Hewlett-Packard Co.) -- C:\Windows\SysNative\hpost_p02a.dll
[2014/08/14 19:04:29 | 000,966,656 | ---- | C] (Hewlett-Packard) -- C:\Windows\SysNative\hposwia_p02a.dll
[2014/08/14 19:04:29 | 000,510,464 | ---- | C] (Hewlett-Packard Co.) -- C:\Windows\SysNative\hposc_p02a.dll
[2014/08/14 18:58:55 | 000,000,000 | R--D | C] -- C:\Users\Dennis\Documents\Scanned Documents
[2014/08/14 18:58:54 | 000,000,000 | ---D | C] -- C:\Users\Dennis\Documents\Fax
[2014/08/14 18:37:57 | 000,000,000 | ---D | C] -- C:\Users\Dennis\AppData\Roaming\Comodo
[2014/08/13 20:15:56 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight
[2014/08/13 20:15:51 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft Silverlight
[2014/08/13 20:15:51 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft Silverlight
[2014/08/10 13:30:40 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Java
[2014/08/10 13:30:37 | 000,272,808 | ---- | C] (Oracle Corporation) -- C:\Windows\SysWow64\javaws.exe
[2014/08/10 13:30:32 | 000,175,528 | ---- | C] (Oracle Corporation) -- C:\Windows\SysWow64\javaw.exe
[2014/08/10 13:30:32 | 000,175,528 | ---- | C] (Oracle Corporation) -- C:\Windows\SysWow64\java.exe
[2014/08/10 13:30:32 | 000,098,216 | ---- | C] (Oracle Corporation) -- C:\Windows\SysWow64\WindowsAccessBridge-32.dll
[2014/08/10 13:30:32 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
[2014/08/03 17:58:09 | 000,000,000 | ---D | C] -- C:\Users\Dennis\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\MeshLab
 
========== Files - Modified Within 30 Days ==========
 
[2014/08/30 11:26:55 | 001,474,832 | ---- | M] () -- C:\Windows\SysNative\drivers\sfi.dat
[2014/08/30 11:16:00 | 000,191,456 | ---- | M] () -- C:\Windows\SysNative\drivers\fvstore.dat
[2014/08/30 11:11:53 | 000,122,584 | ---- | M] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\MBAMSwissArmy.sys
[2014/08/30 11:10:00 | 000,000,898 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2014/08/30 11:03:07 | 000,782,470 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2014/08/30 11:03:07 | 000,662,384 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2014/08/30 11:03:07 | 000,122,252 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2014/08/30 11:00:42 | 000,388,608 | ---- | M] (Trend Micro Inc.) -- C:\Users\Dennis\Desktop\HiJackThis.exe
[2014/08/30 10:58:18 | 000,000,894 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2014/08/30 10:57:45 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Dennis\Desktop\OTL.exe
[2014/08/30 10:57:03 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2014/08/30 10:56:58 | 3220,578,301 | -HS- | M] () -- C:\hiberfil.sys
[2014/08/30 10:31:00 | 000,000,830 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
[2014/08/30 10:14:37 | 001,016,261 | ---- | M] (Thisisu) -- C:\Users\Dennis\Desktop\JRT.exe
[2014/08/30 09:48:56 | 000,000,000 | -H-- | M] () -- C:\Windows\SysNative\drivers\Msft_Kernel_avchv_01009.Wdf
[2014/08/30 07:08:55 | 000,220,641 | ---- | M] () -- C:\Windows\hpoins35.dat
[2014/08/30 06:33:53 | 000,446,944 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT
[2014/08/30 06:15:01 | 000,014,848 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\slwga.dll
[2014/08/30 06:15:00 | 000,013,824 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\slwga.dll
[2014/08/30 06:14:59 | 000,419,840 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\systemcpl.dll
[2014/08/30 06:14:49 | 000,014,128 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2014/08/30 06:14:49 | 000,014,128 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2014/08/30 06:14:45 | 001,008,640 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\user32.dll
[2014/08/30 05:56:46 | 000,194,563 | ---- | M] () -- C:\Windows\hphins19.dat
[2014/08/28 08:10:54 | 000,699,568 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerApp.exe
[2014/08/28 08:10:54 | 000,071,344 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl
[2014/08/26 09:25:03 | 000,114,299 | ---- | M] () -- C:\Users\Dennis\Documents\mr coffee.png
[2014/08/26 09:24:40 | 000,042,327 | ---- | M] () -- C:\Users\Dennis\Documents\coffee.jpg
[2014/08/22 21:07:00 | 000,404,480 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\gdi32.dll
[2014/08/22 11:12:47 | 000,040,146 | ---- | M] () -- C:\Users\Dennis\Documents\angie2.jpg
[2014/08/22 11:04:34 | 000,035,838 | ---- | M] () -- C:\Users\Dennis\Documents\angie.jpg
[2014/08/22 10:42:01 | 002,933,528 | ---- | M] (Two Pilots                                                  ) -- C:\Users\Dennis\Desktop\retouch_3.1.exe
[2014/08/22 10:33:34 | 000,000,844 | ---- | M] () -- C:\Users\Dennis\AppData\Local\recently-used.xbel
[2014/08/21 12:30:50 | 000,727,592 | ---- | M] (BitDefender) -- C:\Windows\SysNative\drivers\avc3.sys
[2014/08/21 12:30:50 | 000,601,360 | ---- | M] (BitDefender) -- C:\Windows\SysNative\drivers\avckf.sys
[2014/08/21 12:30:50 | 000,261,056 | ---- | M] (BitDefender) -- C:\Windows\SysNative\drivers\avchv.sys
[2014/08/20 09:04:27 | 008,512,978 | ---- | M] () -- C:\Users\Dennis\Documents\JanetsBS0001.pdf
[2014/08/20 07:43:59 | 000,049,541 | ---- | M] () -- C:\Users\Dennis\Documents\andie.jpg
[2014/08/20 05:57:51 | 000,082,872 | ---- | M] () -- C:\Users\Dennis\Documents\angiebday.jpg
[2014/08/15 14:13:13 | 000,002,183 | ---- | M] () -- C:\Users\Public\Desktop\Google Chrome.lnk
[2014/08/14 20:33:09 | 000,000,031 | ---- | M] () -- C:\Windows\setscan.ini
[2014/08/14 20:30:30 | 000,002,211 | ---- | M] () -- C:\Users\Public\Desktop\HP Copy (5590).lnk
[2014/08/14 20:30:30 | 000,002,175 | ---- | M] () -- C:\Users\Public\Desktop\HP Scanning (5590).lnk
[2014/08/14 19:13:36 | 000,002,323 | ---- | M] () -- C:\Users\Public\Desktop\Add a Device - Photosmart C309a series.lnk
[2014/08/14 19:08:26 | 000,002,167 | ---- | M] () -- C:\Users\Public\Desktop\HP Photosmart Essential 3.5.lnk
[2014/08/14 19:07:46 | 000,001,315 | ---- | M] () -- C:\Users\Public\Desktop\HP Solution Center.lnk
[2014/08/14 19:07:40 | 000,001,161 | ---- | M] () -- C:\Users\Public\Desktop\Shop for HP Supplies.lnk
[2014/08/14 19:07:34 | 000,002,099 | ---- | M] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\HP Digital Imaging Monitor.lnk
[2014/08/14 18:26:12 | 000,053,827 | ---- | M] () -- C:\Users\Dennis\Documents\SAMSCLUB.pdf
[2014/08/08 19:22:16 | 001,291,280 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvspbridge.dll
[2014/08/08 19:22:16 | 001,126,480 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvspcap.dll
[2014/08/08 19:22:05 | 001,715,224 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysNative\nvspbridge64.dll
[2014/08/08 19:22:05 | 001,283,136 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysNative\nvspcap64.dll
 
========== Files Created - No Company Name ==========
 
[2014/08/30 09:49:26 | 000,156,936 | ---- | C] () -- C:\Windows\SysNative\bdfwcore.dll
[2014/08/30 09:48:56 | 000,000,000 | -H-- | C] () -- C:\Windows\SysNative\drivers\Msft_Kernel_avchv_01009.Wdf
[2014/08/30 05:54:27 | 000,109,568 | ---- | C] () -- C:\Windows\SysNative\hpzpnp.dll
[2014/08/30 05:54:27 | 000,018,224 | ---- | C] () -- C:\Windows\SysNative\hpceac06.hpi
[2014/08/30 05:53:18 | 000,194,563 | ---- | C] () -- C:\Windows\hphins19.dat
[2014/08/30 05:53:18 | 000,000,405 | ---- | C] () -- C:\Windows\hphmdl19.dat
[2014/08/26 09:25:02 | 000,114,299 | ---- | C] () -- C:\Users\Dennis\Documents\mr coffee.png
[2014/08/26 09:24:40 | 000,042,327 | ---- | C] () -- C:\Users\Dennis\Documents\coffee.jpg
[2014/08/22 11:12:47 | 000,040,146 | ---- | C] () -- C:\Users\Dennis\Documents\angie2.jpg
[2014/08/22 11:04:34 | 000,035,838 | ---- | C] () -- C:\Users\Dennis\Documents\angie.jpg
[2014/08/22 10:33:34 | 000,000,844 | ---- | C] () -- C:\Users\Dennis\AppData\Local\recently-used.xbel
[2014/08/22 10:28:53 | 000,000,894 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\GIMP 2.lnk
[2014/08/20 09:03:58 | 008,512,978 | ---- | C] () -- C:\Users\Dennis\Documents\JanetsBS0001.pdf
[2014/08/20 07:43:59 | 000,049,541 | ---- | C] () -- C:\Users\Dennis\Documents\andie.jpg
[2014/08/20 05:57:50 | 000,082,872 | ---- | C] () -- C:\Users\Dennis\Documents\angiebday.jpg
[2014/08/14 20:33:09 | 000,000,031 | ---- | C] () -- C:\Windows\setscan.ini
[2014/08/14 20:30:30 | 000,002,211 | ---- | C] () -- C:\Users\Public\Desktop\HP Copy (5590).lnk
[2014/08/14 20:30:30 | 000,002,175 | ---- | C] () -- C:\Users\Public\Desktop\HP Scanning (5590).lnk
[2014/08/14 19:17:48 | 000,000,778 | ---- | C] () -- C:\Windows\hpomdl35.dat.temp
[2014/08/14 19:13:36 | 000,002,323 | ---- | C] () -- C:\Users\Public\Desktop\Add a Device - Photosmart C309a series.lnk
[2014/08/14 19:08:35 | 000,001,054 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\I.R.I.S. OCR Registration.lnk
[2014/08/14 19:08:26 | 000,002,167 | ---- | C] () -- C:\Users\Public\Desktop\HP Photosmart Essential 3.5.lnk
[2014/08/14 19:07:46 | 000,001,315 | ---- | C] () -- C:\Users\Public\Desktop\HP Solution Center.lnk
[2014/08/14 19:07:40 | 000,001,161 | ---- | C] () -- C:\Users\Public\Desktop\Shop for HP Supplies.lnk
[2014/08/14 19:07:34 | 000,002,099 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\HP Digital Imaging Monitor.lnk
[2014/08/14 19:04:39 | 000,220,641 | ---- | C] () -- C:\Windows\hpoins35.dat
[2014/08/14 19:04:39 | 000,000,778 | ---- | C] () -- C:\Windows\hpomdl35.dat
[2014/08/14 18:26:12 | 000,053,827 | ---- | C] () -- C:\Users\Dennis\Documents\SAMSCLUB.pdf
[2014/04/27 09:50:20 | 000,000,402 | ---- | C] () -- C:\Windows\PLTGC.ini.cfl
[2014/04/27 09:50:18 | 000,000,534 | ---- | C] () -- C:\Windows\PLTGC.ini.imi
[2014/04/27 09:50:17 | 000,003,489 | ---- | C] () -- C:\Windows\PLTGC.ini.cfg
[2014/04/14 13:55:09 | 000,000,148 | ---- | C] () -- C:\ProgramData\Microsoft.SqlServer.Compact.400.32.bc
[2014/04/07 20:29:39 | 000,000,447 | ---- | C] () -- C:\Windows\PLTGC.ini
[2014/03/10 04:50:46 | 000,774,592 | ---- | C] () -- C:\Windows\SysWow64\PerfStringBackup.INI
[2014/03/10 04:24:00 | 000,217,088 | ---- | C] () -- C:\Windows\NVGfxOgl.dll
[2014/03/10 04:15:22 | 000,036,864 | ---- | C] () -- C:\Windows\runSW.exe
[2014/03/10 03:32:25 | 000,000,000 | -H-- | C] () -- C:\ProgramData\DP45977C.lfl
[2012/09/21 14:08:36 | 010,919,784 | ---- | C] () -- C:\Windows\SysWow64\LogiDPP.dll
[2012/09/21 14:08:36 | 000,338,136 | ---- | C] () -- C:\Windows\SysWow64\DevManagerCore.dll
[2012/09/21 14:08:36 | 000,103,272 | ---- | C] () -- C:\Windows\SysWow64\LogiDPPApp.exe
 
========== ZeroAccess Check ==========
 
[2009/07/13 23:55:00 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini
 
[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
 
[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
 
[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] /64
 
[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
"" = C:\Windows\SysNative\shell32.dll -- [2014/03/24 21:43:12 | 014,175,744 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
 
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2014/03/24 21:09:54 | 012,874,240 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\fastprox.dll -- [2009/07/13 20:40:51 | 000,909,312 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
 
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2010/11/20 07:19:02 | 000,606,208 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\wbemess.dll -- [2009/07/13 20:41:56 | 000,505,856 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both
 
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]
 
========== LOP Check ==========
 
[2014/03/10 18:00:37 | 000,000,000 | ---D | M] -- C:\Users\Dennis\AppData\Roaming\.minecraft
[2014/05/24 03:24:44 | 000,000,000 | ---D | M] -- C:\Users\Dennis\AppData\Roaming\Electronic Arts
[2014/05/17 01:01:02 | 000,000,000 | ---D | M] -- C:\Users\Dennis\AppData\Roaming\Firestorm_x64
[2014/07/16 11:21:19 | 000,000,000 | ---D | M] -- C:\Users\Dennis\AppData\Roaming\HK_CLIENT_NEWSYSM
[2014/04/05 18:39:53 | 000,000,000 | ---D | M] -- C:\Users\Dennis\AppData\Roaming\Leadertech
[2014/05/28 07:37:57 | 000,000,000 | ---D | M] -- C:\Users\Dennis\AppData\Roaming\MakerBot
[2014/04/20 09:03:39 | 000,000,000 | ---D | M] -- C:\Users\Dennis\AppData\Roaming\ManCTL
[2014/04/17 09:48:17 | 000,000,000 | ---D | M] -- C:\Users\Dennis\AppData\Roaming\Oracle
[2014/08/22 10:45:16 | 000,000,000 | ---D | M] -- C:\Users\Dennis\AppData\Roaming\RetouchPilot
[2014/07/16 11:19:25 | 000,000,000 | ---D | M] -- C:\Users\Dennis\AppData\Roaming\SYSM-Monitor
[2014/07/25 11:32:54 | 000,000,000 | ---D | M] -- C:\Users\Dennis\AppData\Roaming\Unity
 
========== Purity Check ==========
 
 
 
========== Custom Scans ==========
 
< %USERPROFILE%\..|smtmp;true;true;true /FP >
 
< %temp%\smtmp\*.* /s > >
 
< MD5 for: EXPLORER.ADML  >
[2009/07/13 21:30:02 | 000,003,695 | ---- | M] () MD5=7A4C7F3CB156543113596988479CAFCE -- C:\Windows\PolicyDefinitions\en-US\Explorer.adml
[2009/07/13 21:30:02 | 000,003,695 | ---- | M] () MD5=7A4C7F3CB156543113596988479CAFCE -- C:\Windows\winsxs\amd64_microsoft-windows-s..ouppolicy.resources_31bf3856ad364e35_6.1.7600.16385_en-us_7ef5713984067904\Explorer.adml
 
< MD5 for: EXPLORER.ADMX  >
[2009/06/10 15:53:55 | 000,003,836 | ---- | M] () MD5=AD131A834808E6AFF4A3918DE05BFCF6 -- C:\Windows\PolicyDefinitions\Explorer.admx
[2009/06/10 15:53:55 | 000,003,836 | ---- | M] () MD5=AD131A834808E6AFF4A3918DE05BFCF6 -- C:\Windows\winsxs\amd64_microsoft-windows-shell-grouppolicy_31bf3856ad364e35_6.1.7600.16385_none_71af9b5b0a86e6b7\Explorer.admx
 
< MD5 for: EXPLORER.EXE  >
[2011/02/26 01:23:14 | 002,870,272 | ---- | M] (Microsoft Corporation) MD5=0862495E0C825893DB75EF44FAEA8E93 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16768_none_adc24107935a7e25\explorer.exe
[2011/02/26 00:19:21 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=0FB9C74046656D1579A64660AD67B746 -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.21669_none_ba87e574ddfe652d\explorer.exe
[2009/07/13 20:14:20 | 002,613,248 | ---- | M] (Microsoft Corporation) MD5=15BC38A7492BEFE831966ADB477CF76F -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16385_none_b7fe430bc7ce3761\explorer.exe
[2011/02/26 00:51:13 | 002,614,784 | ---- | M] (Microsoft Corporation) MD5=255CF508D7CFB10E0794D6AC93280BD8 -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20910_none_b8ce9756e0b786a4\explorer.exe
[2009/10/31 00:45:39 | 002,614,272 | ---- | M] (Microsoft Corporation) MD5=2626FC9755BE22F805D3CFA0CE3EE727 -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16450_none_b819b343c7ba6202\explorer.exe
[2011/02/26 00:33:07 | 002,614,784 | ---- | M] (Microsoft Corporation) MD5=2AF58D15EDC06EC6FDACCE1F19482BBF -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16768_none_b816eb59c7bb4020\explorer.exe
[2011/02/25 01:19:30 | 002,871,808 | ---- | M] (Microsoft Corporation) MD5=332FEAB1435662FC6C672E25BEB37BE3 -- C:\Windows\explorer.exe
[2011/02/25 01:19:30 | 002,871,808 | ---- | M] (Microsoft Corporation) MD5=332FEAB1435662FC6C672E25BEB37BE3 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17567_none_afa79dc39081d0ba\explorer.exe
[2011/02/26 01:14:34 | 002,871,808 | ---- | M] (Microsoft Corporation) MD5=3B69712041F3D63605529BD66DC00C48 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.21669_none_b0333b22a99da332\explorer.exe
[2010/11/20 07:17:09 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=40D777B7A95E00593EB1568C68514493 -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17514_none_ba2f56d3c4bcbafb\explorer.exe
[2009/08/03 01:19:07 | 002,868,224 | ---- | M] (Microsoft Corporation) MD5=700073016DAC1C3D2E7E2CE4223334B6 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20500_none_ae84b558ac4eb41c\explorer.exe
[2011/02/25 00:30:54 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=8B88EBBB05A0E56B7DCC708498C02B3E -- C:\Windows\SysWOW64\explorer.exe
[2011/02/25 00:30:54 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=8B88EBBB05A0E56B7DCC708498C02B3E -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17567_none_b9fc4815c4e292b5\explorer.exe
[2009/10/31 01:34:59 | 002,870,272 | ---- | M] (Microsoft Corporation) MD5=9AAAEC8DAC27AA17B053E6352AD233AE -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16450_none_adc508f19359a007\explorer.exe
[2009/08/03 00:49:47 | 002,613,248 | ---- | M] (Microsoft Corporation) MD5=9FF6C4C91A3711C0A3B18F87B08B518D -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20500_none_b8d95faae0af7617\explorer.exe
[2010/11/20 08:24:45 | 002,872,320 | ---- | M] (Microsoft Corporation) MD5=AC4C51EB24AA95B77F705AB159189E24 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17514_none_afdaac81905bf900\explorer.exe
[2009/10/31 01:38:38 | 002,870,272 | ---- | M] (Microsoft Corporation) MD5=B8EC4BD49CE8F6FC457721BFC210B67F -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20563_none_ae46d6aeac7ca7c7\explorer.exe
[2009/08/03 00:35:50 | 002,613,248 | ---- | M] (Microsoft Corporation) MD5=B95EEB0F4E5EFBF1038A35B3351CF047 -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16404_none_b853c407c78e3ba9\explorer.exe
[2009/07/13 20:39:10 | 002,868,224 | ---- | M] (Microsoft Corporation) MD5=C235A51CB740E45FFA0EBFB9BAFCDA64 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16385_none_ada998b9936d7566\explorer.exe
[2009/10/31 01:00:51 | 002,614,272 | ---- | M] (Microsoft Corporation) MD5=C76153C7ECA00FA852BB0C193378F917 -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20563_none_b89b8100e0dd69c2\explorer.exe
[2011/02/26 01:26:45 | 002,870,784 | ---- | M] (Microsoft Corporation) MD5=E38899074D4951D31B4040E994DD7C8D -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20910_none_ae79ed04ac56c4a9\explorer.exe
[2009/08/03 01:17:37 | 002,868,224 | ---- | M] (Microsoft Corporation) MD5=F170B4A061C9E026437B193B4D571799 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16404_none_adff19b5932d79ae\explorer.exe
 
< MD5 for: EXPLORER.EXE.MUI  >
[2009/07/13 21:26:48 | 000,022,016 | ---- | M] (Microsoft Corporation) MD5=4B87EEFDC8E253F846A7DFB49A8E6C70 -- C:\Windows\en-US\explorer.exe.mui
[2009/07/13 21:26:48 | 000,022,016 | ---- | M] (Microsoft Corporation) MD5=4B87EEFDC8E253F846A7DFB49A8E6C70 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer.resources_31bf3856ad364e35_6.1.7600.16385_en-us_61e778c48d52d19b\explorer.exe.mui
[2009/07/13 21:06:56 | 000,022,016 | ---- | M] (Microsoft Corporation) MD5=B9F4B1CA23D60775736059D72BA48526 -- C:\Windows\SysWOW64\en-US\explorer.exe.mui
[2009/07/13 21:06:56 | 000,022,016 | ---- | M] (Microsoft Corporation) MD5=B9F4B1CA23D60775736059D72BA48526 -- C:\Windows\winsxs\wow64_microsoft-windows-explorer.resources_31bf3856ad364e35_6.1.7600.16385_en-us_6c3c2316c1b39396\explorer.exe.mui
 
< MD5 for: IEXPLORE.BAT  >
[2014/04/06 00:13:18 | 000,031,401 | ---- | M] () MD5=335DFF8F23E5EC02B5426362F0F8509B -- C:\Users\Dennis\AppData\Local\Temp\jrt\iexplore.bat
 
< MD5 for: IEXPLORE.EXE  >
[2013/03/03 23:49:09 | 000,672,928 | ---- | M] (Microsoft Corporation) MD5=050A612C1CE0C7095CAD64EA32C570DB -- C:\Windows\winsxs\wow64_microsoft-windows-i..etexplorer-optional_31bf3856ad364e35_8.0.7600.21484_none_1a42c5438bf82907\iexplore.exe
[2014/03/07 20:59:00 | 000,811,728 | ---- | M] (Microsoft Corporation) MD5=0667ED9F8E905E1F73DB60ACCEDCBCA7 -- C:\Windows\winsxs\wow64_microsoft-windows-i..etexplorer-optional_31bf3856ad364e35_11.2.9600.17041_none_858ffb5bf711c81f\iexplore.exe
[2014/03/29 14:15:59 | 000,804,560 | ---- | M] (Microsoft Corporation) MD5=0685765C0CBE095BA0C6C8790BAE21EF -- C:\Windows\winsxs\amd64_microsoft-windows-i..etexplorer-optional_31bf3856ad364e35_11.2.9600.16428_none_7b0d6f67c2d3f97a\iexplore.exe
[2014/03/11 03:28:55 | 000,757,488 | ---- | M] (Microsoft Corporation) MD5=10EB5C0E376727E21198B14E2F1637F7 -- C:\Windows\winsxs\wow64_microsoft-windows-i..etexplorer-optional_31bf3856ad364e35_9.4.8112.16540_none_1792a6b1b4db682c\iexplore.exe
[2014/06/20 15:14:31 | 000,810,160 | ---- | M] (Microsoft Corporation) MD5=24868C9D422EDB5B249C0C81B01A0C19 -- C:\Windows\winsxs\amd64_microsoft-windows-i..etexplorer-optional_31bf3856ad364e35_11.2.9600.17207_none_7b212759c2c57270\iexplore.exe
[2009/07/13 20:17:29 | 000,673,048 | ---- | M] (Microsoft Corporation) MD5=2C32E3E596CFE660353753EABEFB0540 -- C:\Windows\winsxs\wow64_microsoft-windows-i..etexplorer-optional_31bf3856ad364e35_8.0.7600.16385_none_19ba3f8a72d988f3\iexplore.exe
[2014/07/31 18:41:41 | 000,810,176 | ---- | M] (Microsoft Corporation) MD5=31A7689F580F37B52F65B9653F8916D4 -- C:\Windows\winsxs\amd64_microsoft-windows-i..etexplorer-optional_31bf3856ad364e35_11.2.9600.17239_none_7b23faa7c2c2f1b7\iexplore.exe
[2014/03/11 03:28:45 | 000,763,632 | ---- | M] (Microsoft Corporation) MD5=390914F89AFA344319B9CF59306FF9A9 -- C:\Windows\winsxs\amd64_microsoft-windows-i..etexplorer-optional_31bf3856ad364e35_9.4.8112.16540_none_0d3dfc5f807aa631\iexplore.exe
[2014/03/01 17:02:17 | 000,808,152 | ---- | M] (Microsoft Corporation) MD5=3A3BEA53F039CE2E997A918E26E30B1D -- C:\Windows\winsxs\wow64_microsoft-windows-i..etexplorer-optional_31bf3856ad364e35_11.2.9600.16521_none_8557e945f73c23ff\iexplore.exe
[2014/06/02 01:03:18 | 000,810,200 | ---- | M] (Microsoft Corporation) MD5=4F2AA3E7BD7257E4937E071E3700819E -- C:\Windows\winsxs\amd64_microsoft-windows-i..etexplorer-optional_31bf3856ad364e35_11.2.9600.17126_none_7b2e0ea1c2bb6f8c\iexplore.exe
[2013/03/02 00:06:58 | 000,672,912 | ---- | M] (Microsoft Corporation) MD5=58D926F3B2113BF849162C9C26FE21DC -- C:\Windows\winsxs\wow64_microsoft-windows-i..etexplorer-optional_31bf3856ad364e35_8.0.7600.17267_none_19d1c74872c7a039\iexplore.exe
[2014/06/01 23:43:13 | 000,812,248 | ---- | M] (Microsoft Corporation) MD5=60F88F6CA6303E8273AF7AAA9AAFECAC -- C:\Windows\winsxs\wow64_microsoft-windows-i..etexplorer-optional_31bf3856ad364e35_11.2.9600.17126_none_8582b8f3f71c3187\iexplore.exe
[2014/03/01 17:33:45 | 000,806,104 | ---- | M] (Microsoft Corporation) MD5=84BCBFB752B96543307E6602E669A95A -- C:\Windows\winsxs\amd64_microsoft-windows-i..etexplorer-optional_31bf3856ad364e35_11.2.9600.16521_none_7b033ef3c2db6204\iexplore.exe
[2010/11/20 08:28:25 | 000,695,056 | ---- | M] (Microsoft Corporation) MD5=86257731DDB311FBC283534CC0091634 -- C:\Windows\winsxs\amd64_microsoft-windows-i..etexplorer-optional_31bf3856ad364e35_8.0.7601.17514_none_1196a9003b674a92\iexplore.exe
[2014/03/20 03:18:05 | 000,775,344 | ---- | M] (Microsoft Corporation) MD5=A4916CEE3278F39F606CCA2CAC35CF31 -- C:\Windows\winsxs\amd64_microsoft-windows-i..etexplorer-optional_31bf3856ad364e35_10.2.9200.16844_none_167142661e5038fb\iexplore.exe
[2013/03/02 00:50:08 | 000,696,480 | ---- | M] (Microsoft Corporation) MD5=AFB0FE34A9B7F1B7A70276B9C1A78114 -- C:\Windows\winsxs\amd64_microsoft-windows-i..etexplorer-optional_31bf3856ad364e35_8.0.7600.17267_none_0f7d1cf63e66de3e\iexplore.exe
[2013/03/04 00:42:51 | 000,696,464 | ---- | M] (Microsoft Corporation) MD5=B1B17B56E0F9AE84A1F75E757217154E -- C:\Windows\winsxs\amd64_microsoft-windows-i..etexplorer-optional_31bf3856ad364e35_8.0.7600.21484_none_0fee1af15797670c\iexplore.exe
[2010/11/20 07:22:51 | 000,673,040 | ---- | M] (Microsoft Corporation) MD5=C613E69C3B191BB02C7A191741A1D024 -- C:\Windows\winsxs\wow64_microsoft-windows-i..etexplorer-optional_31bf3856ad364e35_8.0.7601.17514_none_1beb53526fc80c8d\iexplore.exe
[2014/03/29 14:16:16 | 000,806,096 | ---- | M] (Microsoft Corporation) MD5=C8A8321292A459B0A17FB39A782A5C74 -- C:\Windows\winsxs\wow64_microsoft-windows-i..etexplorer-optional_31bf3856ad364e35_11.2.9600.16428_none_856219b9f734bb75\iexplore.exe
[2014/06/20 14:39:54 | 000,812,216 | ---- | M] (Microsoft Corporation) MD5=CD900EFB4F8946A2BB1950D9F45915C2 -- C:\Windows\winsxs\wow64_microsoft-windows-i..etexplorer-optional_31bf3856ad364e35_11.2.9600.17207_none_8575d1abf726346b\iexplore.exe
[2014/07/31 18:16:35 | 000,812,224 | ---- | M] (Microsoft Corporation) MD5=CDF01A5C7927786A708EAEE91F14797B -- C:\Windows\winsxs\wow64_microsoft-windows-i..etexplorer-optional_31bf3856ad364e35_11.2.9600.17239_none_8578a4f9f723b3b2\iexplore.exe
[2014/03/07 21:34:14 | 000,809,680 | ---- | M] (Microsoft Corporation) MD5=EA8386CA87165460D39A1D29FF11080B -- C:\Windows\winsxs\amd64_microsoft-windows-i..etexplorer-optional_31bf3856ad364e35_11.2.9600.17041_none_7b3b5109c2b10624\iexplore.exe
[2009/07/13 20:43:43 | 000,696,600 | ---- | M] (Microsoft Corporation) MD5=F2B0D41E1D08D0B2006DF5AA2E74C81E -- C:\Windows\winsxs\amd64_microsoft-windows-i..etexplorer-optional_31bf3856ad364e35_8.0.7600.16385_none_0f6595383e78c6f8\iexplore.exe
[2014/03/20 03:18:19 | 000,770,736 | ---- | M] (Microsoft Corporation) MD5=F71D97B6B631D565AF7C6E0BDF9D49F4 -- C:\Windows\winsxs\wow64_microsoft-windows-i..etexplorer-optional_31bf3856ad364e35_10.2.9200.16844_none_20c5ecb852b0faf6\iexplore.exe
 
< MD5 for: IEXPLORE.EXE.MUI  >
[2014/03/29 14:16:20 | 000,005,120 | ---- | M] (Microsoft Corporation) MD5=0B33787AB6EE3BB5FDB0C7C52E4E06A6 -- C:\Program Files (x86)\Internet Explorer\en-US\iexplore.exe.mui
[2014/03/29 14:16:03 | 000,005,120 | ---- | M] (Microsoft Corporation) MD5=0B33787AB6EE3BB5FDB0C7C52E4E06A6 -- C:\Program Files\Internet Explorer\en-US\iexplore.exe.mui
[2014/03/29 14:16:03 | 000,005,120 | ---- | M] (Microsoft Corporation) MD5=0B33787AB6EE3BB5FDB0C7C52E4E06A6 -- C:\Windows\winsxs\amd64_microsoft-windows-i..-optional.resources_31bf3856ad364e35_11.2.9600.16428_en-us_74ba04defa813a61\iexplore.exe.mui
[2014/03/29 14:16:20 | 000,005,120 | ---- | M] (Microsoft Corporation) MD5=0B33787AB6EE3BB5FDB0C7C52E4E06A6 -- C:\Windows\winsxs\wow64_microsoft-windows-i..-optional.resources_31bf3856ad364e35_11.2.9600.16428_en-us_7f0eaf312ee1fc5c\iexplore.exe.mui
[2014/03/11 03:28:45 | 000,005,632 | ---- | M] (Microsoft Corporation) MD5=17FAE936C452188D05852DE8D1082013 -- C:\Windows\winsxs\amd64_microsoft-windows-i..-optional.resources_31bf3856ad364e35_9.4.8112.16421_en-us_07013012b816cb66\iexplore.exe.mui
[2014/03/11 03:28:59 | 000,005,632 | ---- | M] (Microsoft Corporation) MD5=4C71CCB3C8817185E67210856778831F -- C:\Windows\winsxs\wow64_microsoft-windows-i..-optional.resources_31bf3856ad364e35_9.4.8112.16421_en-us_1155da64ec778d61\iexplore.exe.mui
[2014/03/20 03:18:08 | 000,005,632 | ---- | M] (Microsoft Corporation) MD5=8EDDC50FD07326E7DF9C4EEA422F0918 -- C:\Windows\winsxs\amd64_microsoft-windows-i..-optional.resources_31bf3856ad364e35_10.2.9200.16521_en-us_103c8b6555e6a67e\iexplore.exe.mui
[2014/03/20 03:18:22 | 000,005,632 | ---- | M] (Microsoft Corporation) MD5=8EDDC50FD07326E7DF9C4EEA422F0918 -- C:\Windows\winsxs\wow64_microsoft-windows-i..-optional.resources_31bf3856ad364e35_10.2.9200.16521_en-us_1a9135b78a476879\iexplore.exe.mui
[2009/07/13 21:29:20 | 000,005,120 | ---- | M] (Microsoft Corporation) MD5=C29BCFB504E33FEADDFA2D0183CEF62F -- C:\Windows\winsxs\amd64_microsoft-windows-i..-optional.resources_31bf3856ad364e35_8.0.7600.16385_en-us_09122aaf762607df\iexplore.exe.mui
[2009/07/13 21:29:20 | 000,005,120 | ---- | M] (Microsoft Corporation) MD5=C29BCFB504E33FEADDFA2D0183CEF62F -- C:\Windows\winsxs\amd64_microsoft-windows-i..-optional.resources_31bf3856ad364e35_8.0.7601.17514_en-us_0b433e7773148b79\iexplore.exe.mui
[2009/07/13 21:05:06 | 000,005,120 | ---- | M] (Microsoft Corporation) MD5=FBA4CD95930248053A2C3F43CA70B986 -- C:\Windows\winsxs\wow64_microsoft-windows-i..-optional.resources_31bf3856ad364e35_8.0.7600.16385_en-us_1366d501aa86c9da\iexplore.exe.mui
[2009/07/13 21:05:06 | 000,005,120 | ---- | M] (Microsoft Corporation) MD5=FBA4CD95930248053A2C3F43CA70B986 -- C:\Windows\winsxs\wow64_microsoft-windows-i..-optional.resources_31bf3856ad364e35_8.0.7601.17514_en-us_1597e8c9a7754d74\iexplore.exe.mui
 
< MD5 for: SERVICES  >
[2009/06/10 16:00:26 | 000,017,463 | ---- | M] () MD5=D9E1A01B480D961B7CF0509D597A92D6 -- C:\Windows\winsxs\amd64_microsoft-windows-w..nfrastructure-other_31bf3856ad364e35_6.1.7600.16385_none_6079f415110c0210\services
 
< MD5 for: SERVICES.CFG  >
[2014/05/08 08:48:48 | 000,560,495 | ---- | M] () MD5=12A7DDA9C7CA1AAA2C6F36BB1E24528B -- C:\Program Files (x86)\Adobe\Reader 11.0\Reader\Services\Services.cfg
[2012/09/23 20:43:36 | 000,603,848 | R--- | M] () MD5=81B120EAEE296F0E54F66C16C5A21367 -- C:\Windows\Installer\$PatchCache$\Managed\68AB67CA7DA73301B744BA0000000010\11.0.0\services.cfg
 
< MD5 for: SERVICES.DAT  >
[2014/04/05 23:32:27 | 000,004,173 | ---- | M] () MD5=ED018DB6916ACAB46011A330B4B116AA -- C:\Users\Dennis\AppData\Local\Temp\jrt\services.dat
 
< MD5 for: SERVICES.EXE  >
[2009/07/13 20:39:37 | 000,328,704 | ---- | M] (Microsoft Corporation) MD5=24ACB7E5BE595468E3B9AA488B9B4FCB -- C:\Windows\SysNative\services.exe
[2009/07/13 20:39:37 | 000,328,704 | ---- | M] (Microsoft Corporation) MD5=24ACB7E5BE595468E3B9AA488B9B4FCB -- C:\Windows\winsxs\amd64_microsoft-windows-s..s-servicecontroller_31bf3856ad364e35_6.1.7600.16385_none_2b54b20ee6fa07b1\services.exe
 
< MD5 for: SERVICES.EXE.MUI  >
[2009/07/13 21:25:40 | 000,017,408 | ---- | M] (Microsoft Corporation) MD5=6507BF0DC2D1F5F32493C288EAA59277 -- C:\Windows\SysNative\en-US\services.exe.mui
[2009/07/13 21:25:40 | 000,017,408 | ---- | M] (Microsoft Corporation) MD5=6507BF0DC2D1F5F32493C288EAA59277 -- C:\Windows\winsxs\amd64_microsoft-windows-s..ontroller.resources_31bf3856ad364e35_6.1.7600.16385_en-us_c5f238be3fa63468\services.exe.mui
 
< MD5 for: SERVICES.LNK  >
[2009/07/13 23:54:05 | 000,001,288 | ---- | M] () MD5=CA0D9F4743DFF86EBAF09D763139E958 -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\services.lnk
[2009/07/13 23:54:05 | 000,001,288 | ---- | M] () MD5=CA0D9F4743DFF86EBAF09D763139E958 -- C:\Users\All Users\Microsoft\Windows\Start Menu\Programs\Administrative Tools\services.lnk
 
< MD5 for: SERVICES.MOF  >
[2009/06/10 15:44:06 | 000,002,866 | ---- | M] () MD5=26A11C895A7F0B6D32105EBE127D8500 -- C:\Windows\SysNative\wbem\services.mof
[2009/06/10 15:44:06 | 000,002,866 | ---- | M] () MD5=26A11C895A7F0B6D32105EBE127D8500 -- C:\Windows\winsxs\amd64_microsoft-windows-s..s-servicecontroller_31bf3856ad364e35_6.1.7600.16385_none_2b54b20ee6fa07b1\services.mof
 
< MD5 for: SERVICES.MSC  >
[2009/07/13 21:23:30 | 000,092,745 | ---- | M] () MD5=7A1D35F59468B8118AF5B8E21DF78AE2 -- C:\Windows\SysNative\en-US\services.msc
[2009/06/10 15:38:36 | 000,092,745 | ---- | M] () MD5=7A1D35F59468B8118AF5B8E21DF78AE2 -- C:\Windows\SysNative\services.msc
[2009/07/13 21:08:50 | 000,092,745 | ---- | M] () MD5=7A1D35F59468B8118AF5B8E21DF78AE2 -- C:\Windows\SysWOW64\en-US\services.msc
[2009/06/10 16:21:09 | 000,092,745 | ---- | M] () MD5=7A1D35F59468B8118AF5B8E21DF78AE2 -- C:\Windows\SysWOW64\services.msc
[2009/07/13 21:23:30 | 000,092,745 | ---- | M] () MD5=7A1D35F59468B8118AF5B8E21DF78AE2 -- C:\Windows\winsxs\amd64_microsoft-windows-s..cessnapin.resources_31bf3856ad364e35_6.1.7600.16385_en-us_003408aa160fce5b\services.msc
[2009/06/10 15:38:36 | 000,092,745 | ---- | M] () MD5=7A1D35F59468B8118AF5B8E21DF78AE2 -- C:\Windows\winsxs\amd64_microsoft-windows-servicessnapin_31bf3856ad364e35_6.1.7600.16385_none_2b58d44b5f6beb8a\services.msc
[2009/07/13 21:08:50 | 000,092,745 | ---- | M] () MD5=7A1D35F59468B8118AF5B8E21DF78AE2 -- C:\Windows\winsxs\x86_microsoft-windows-s..cessnapin.resources_31bf3856ad364e35_6.1.7600.16385_en-us_a4156d265db25d25\services.msc
[2009/06/10 16:21:09 | 000,092,745 | ---- | M] () MD5=7A1D35F59468B8118AF5B8E21DF78AE2 -- C:\Windows\winsxs\x86_microsoft-windows-servicessnapin_31bf3856ad364e35_6.1.7600.16385_none_cf3a38c7a70e7a54\services.msc
 
< MD5 for: SERVICES.PTXML  >
[2009/07/13 15:16:17 | 000,001,061 | ---- | M] () MD5=640D7DD61B1CFA6C96F80F68F78CDFA7 -- C:\Windows\SysNative\wdi\perftrack\Services.ptxml
[2009/07/13 15:16:17 | 000,001,061 | ---- | M] () MD5=640D7DD61B1CFA6C96F80F68F78CDFA7 -- C:\Windows\winsxs\amd64_microsoft-windows-s..s-servicecontroller_31bf3856ad364e35_6.1.7600.16385_none_2b54b20ee6fa07b1\Services.ptxml
 
< MD5 for: WINLOGON.ADML  >
[2009/07/13 21:25:22 | 000,008,013 | ---- | M] () MD5=CED0EAD8D152B3D0F114698DE2316C5E -- C:\Windows\PolicyDefinitions\en-US\WinLogon.adml
[2009/07/13 21:25:22 | 000,008,013 | ---- | M] () MD5=CED0EAD8D152B3D0F114698DE2316C5E -- C:\Windows\winsxs\amd64_microsoft-windows-winlogon-adm.resources_31bf3856ad364e35_6.1.7600.16385_en-us_f0f9032ef6930070\WinLogon.adml
 
< MD5 for: WINLOGON.ADMX  >
[2009/06/10 16:04:41 | 000,005,237 | ---- | M] () MD5=89D8F50E186A16C2CED3CF36DBBC0B2C -- C:\Windows\PolicyDefinitions\WinLogon.admx
[2009/06/10 16:04:41 | 000,005,237 | ---- | M] () MD5=89D8F50E186A16C2CED3CF36DBBC0B2C -- C:\Windows\winsxs\amd64_microsoft-windows-winlogon-adm_31bf3856ad364e35_6.1.7600.16385_none_d7024e6992f3424d\WinLogon.admx
 
< MD5 for: WINLOGON.EXE  >
[2010/11/20 08:25:30 | 000,390,656 | ---- | M] (Microsoft Corporation) MD5=1151B1BAA6F350B1DB6598E0FEA7C457 -- C:\Windows\winsxs\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7601.17514_none_cde90685eb910636\winlogon.exe
[2009/07/13 20:39:52 | 000,389,120 | ---- | M] (Microsoft Corporation) MD5=132328DF455B0028F13BF0ABEE51A63A -- C:\Windows\winsxs\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7600.16385_none_cbb7f2bdeea2829c\winlogon.exe
[2014/03/04 06:08:14 | 000,455,680 | ---- | M] (Microsoft Corporation) MD5=6CE2AE073BD21C542FC2C707CAE944CC -- C:\Windows\winsxs\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7601.22616_none_ce748d1d04acf24f\winlogon.exe
[2014/03/04 04:43:50 | 000,455,168 | ---- | M] (Microsoft Corporation) MD5=88AB9B72B4BF3963A0DE0820B4B0B06C -- C:\Windows\SysNative\winlogon.exe
[2014/03/04 04:43:50 | 000,455,168 | ---- | M] (Microsoft Corporation) MD5=88AB9B72B4BF3963A0DE0820B4B0B06C -- C:\Windows\winsxs\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7601.18409_none_cdf8bf35eb848572\winlogon.exe
[2009/10/28 02:01:57 | 000,389,632 | ---- | M] (Microsoft Corporation) MD5=A93D41A4D4B0D91C072D11DD8AF266DE -- C:\Windows\winsxs\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7600.20560_none_cc522fd507b468f8\winlogon.exe
[2009/10/28 01:24:40 | 000,389,632 | ---- | M] (Microsoft Corporation) MD5=DA3E2A6FA9660CC75B471530CE88453A -- C:\Windows\winsxs\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7600.16447_none_cbe534e7ee8042ad\winlogon.exe
 
< MD5 for: WINLOGON.EXE.MUI  >
[2010/11/20 08:00:25 | 000,023,040 | ---- | M] (Microsoft Corporation) MD5=34C7D2E30868EDAFB191341D963ABA5F -- C:\Windows\SysNative\en-US\winlogon.exe.mui
[2010/11/20 08:00:25 | 000,023,040 | ---- | M] (Microsoft Corporation) MD5=34C7D2E30868EDAFB191341D963ABA5F -- C:\Windows\winsxs\amd64_microsoft-windows-winlogon.resources_31bf3856ad364e35_6.1.7601.17514_en-us_291e96fa1ab5fc7b\winlogon.exe.mui
[2009/07/13 21:29:52 | 000,022,528 | ---- | M] (Microsoft Corporation) MD5=56D03B64B8C483C1D12A8E4577B3B332 -- C:\Windows\winsxs\amd64_microsoft-windows-winlogon.resources_31bf3856ad364e35_6.1.7600.16385_en-us_26ed83321dc778e1\winlogon.exe.mui
 
< MD5 for: WINLOGON.MFL  >
[2009/07/13 21:27:22 | 000,001,080 | ---- | M] () MD5=2783ED50691284F7EAE6BE9729337E1A -- C:\Windows\SysNative\wbem\en-US\winlogon.mfl
[2009/07/13 21:27:22 | 000,001,080 | ---- | M] () MD5=2783ED50691284F7EAE6BE9729337E1A -- C:\Windows\winsxs\amd64_microsoft-windows-winlogon-mof.resources_31bf3856ad364e35_6.1.7600.16385_en-us_84afd4fd38ffd276\winlogon.mfl
 
< MD5 for: WINLOGON.MOF  >
[2009/07/13 15:30:01 | 000,003,192 | ---- | M] () MD5=DF722B96F32A61783BC310FACF10240B -- C:\Windows\SysNative\wbem\winlogon.mof
[2009/07/13 15:30:01 | 000,003,192 | ---- | M] () MD5=DF722B96F32A61783BC310FACF10240B -- C:\Windows\winsxs\amd64_microsoft-windows-winlogon-mof_31bf3856ad364e35_6.1.7600.16385_none_dc2dbb778f98e40f\winlogon.mof
 
< %SYSTEMDRIVE%\*.* >
[2009/07/14 04:29:38 | 000,000,122 | ---- | M] () -- C:\autorun.inf
[2014/03/11 17:36:15 | 000,000,426 | ---- | M] () -- C:\AVScanner.ini
[2010/11/20 07:40:07 | 000,383,786 | RHS- | M] () -- C:\bootmgr
[2009/07/14 04:29:38 | 000,667,712 | ---- | M] (Microsoft Corporation) -- C:\bootmgr.efi
[2014/03/10 05:13:19 | 000,008,192 | RHS- | M] () -- C:\BOOTSECT.BAK
[2014/08/30 10:56:58 | 3220,578,301 | -HS- | M] () -- C:\hiberfil.sys
[2014/08/30 10:57:01 | 4294,107,132 | -HS- | M] () -- C:\pagefile.sys
[2014/01/15 19:42:40 | 000,608,032 | ---- | M] (McAfee, Inc.) -- C:\SecurityScanner.dll
[2009/07/14 04:29:38 | 000,106,760 | ---- | M] (Microsoft Corporation) -- C:\setup.exe
[2014/03/10 04:53:12 | 000,000,032 | ---- | M] () -- C:\setup.log
 
< %systemroot%\Fonts\*.com >
[2009/07/14 00:32:31 | 000,026,040 | ---- | M] () -- C:\Windows\Fonts\GlobalMonospace.CompositeFont
[2009/07/14 00:32:31 | 000,026,489 | ---- | M] () -- C:\Windows\Fonts\GlobalSansSerif.CompositeFont
[2009/07/14 00:32:31 | 000,029,779 | ---- | M] () -- C:\Windows\Fonts\GlobalSerif.CompositeFont
[2009/07/14 00:32:31 | 000,043,318 | ---- | M] () -- C:\Windows\Fonts\GlobalUserInterface.CompositeFont
 
< %systemroot%\Fonts\*.dll >
 
< %systemroot%\Fonts\*.ini >
[2009/06/10 15:49:50 | 000,000,065 | ---- | M] () -- C:\Windows\Fonts\desktop.ini
 
< %systemroot%\Fonts\*.ini2 >
 
< %systemroot%\Fonts\*.exe >
 
< %systemroot%\system32\spool\prtprocs\w32x86\*.* >
 
< %systemroot%\REPAIR\*.bak1 >
 
< %systemroot%\REPAIR\*.ini >
 
< %systemroot%\system32\*.jpg >
 
< %systemroot%\*.jpg >
 
< %systemroot%\*.png >
 
< %systemroot%\*.scr >
 
< %systemroot%\*._sy >
 
< %APPDATA%\Adobe\Update\*.* >
 
< %ALLUSERSPROFILE%\Favorites\*.* >
 
< %APPDATA%\Microsoft\*.* >
 
< %PROGRAMFILES%\*.* >
[2009/07/13 23:54:24 | 000,000,174 | -HS- | M] () -- C:\Program Files (x86)\desktop.ini
 
< %APPDATA%\Update\*.* >
 
< %systemroot%\*. /mp /s >
 
< dir "%systemdrive%\*" /S /A:L /C >
 Volume in drive C has no label.
 Volume Serial Number is 8690-7539
 Directory of C:\
07/14/2009  12:08 AM    <JUNCTION>     Documents and Settings [C:\Users]
               0 File(s)              0 bytes
 Directory of C:\ProgramData
07/14/2009  12:08 AM    <JUNCTION>     Application Data [C:\ProgramData]
07/14/2009  12:08 AM    <JUNCTION>     Desktop [C:\Users\Public\Desktop]
07/14/2009  12:08 AM    <JUNCTION>     Documents [C:\Users\Public\Documents]
07/14/2009  12:08 AM    <JUNCTION>     Favorites [C:\Users\Public\Favorites]
07/14/2009  12:08 AM    <JUNCTION>     Start Menu [C:\ProgramData\Microsoft\Windows\Start Menu]
07/14/2009  12:08 AM    <JUNCTION>     Templates [C:\ProgramData\Microsoft\Windows\Templates]
               0 File(s)              0 bytes
 Directory of C:\Users
07/14/2009  12:08 AM    <SYMLINKD>     All Users [C:\ProgramData]
07/14/2009  12:08 AM    <JUNCTION>     Default User [C:\Users\Default]
               0 File(s)              0 bytes
 Directory of C:\Users\All Users
07/14/2009  12:08 AM    <JUNCTION>     Application Data [C:\ProgramData]
07/14/2009  12:08 AM    <JUNCTION>     Desktop [C:\Users\Public\Desktop]
07/14/2009  12:08 AM    <JUNCTION>     Documents [C:\Users\Public\Documents]
07/14/2009  12:08 AM    <JUNCTION>     Favorites [C:\Users\Public\Favorites]
07/14/2009  12:08 AM    <JUNCTION>     Start Menu [C:\ProgramData\Microsoft\Windows\Start Menu]
07/14/2009  12:08 AM    <JUNCTION>     Templates [C:\ProgramData\Microsoft\Windows\Templates]
               0 File(s)              0 bytes
 Directory of C:\Users\Default
07/14/2009  12:08 AM    <JUNCTION>     Application Data [C:\Users\Default\AppData\Roaming]
07/14/2009  12:08 AM    <JUNCTION>     Cookies [C:\Users\Default\AppData\Roaming\Microsoft\Windows\Cookies]
07/14/2009  12:08 AM    <JUNCTION>     Local Settings [C:\Users\Default\AppData\Local]
07/14/2009  12:08 AM    <JUNCTION>     My Documents [C:\Users\Default\Documents]
07/14/2009  12:08 AM    <JUNCTION>     NetHood [C:\Users\Default\AppData\Roaming\Microsoft\Windows\Network Shortcuts]
07/14/2009  12:08 AM    <JUNCTION>     PrintHood [C:\Users\Default\AppData\Roaming\Microsoft\Windows\Printer Shortcuts]
07/14/2009  12:08 AM    <JUNCTION>     Recent [C:\Users\Default\AppData\Roaming\Microsoft\Windows\Recent]
07/14/2009  12:08 AM    <JUNCTION>     SendTo [C:\Users\Default\AppData\Roaming\Microsoft\Windows\SendTo]
07/14/2009  12:08 AM    <JUNCTION>     Start Menu [C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu]
07/14/2009  12:08 AM    <JUNCTION>     Templates [C:\Users\Default\AppData\Roaming\Microsoft\Windows\Templates]
               0 File(s)              0 bytes
 Directory of C:\Users\Default\AppData\Local
07/14/2009  12:08 AM    <JUNCTION>     Application Data [C:\Users\Default\AppData\Local]
07/14/2009  12:08 AM    <JUNCTION>     History [C:\Users\Default\AppData\Local\Microsoft\Windows\History]
07/14/2009  12:08 AM    <JUNCTION>     Temporary Internet Files [C:\Users\Default\AppData\Local\Microsoft\Windows\Temporary Internet Files]
               0 File(s)              0 bytes
 Directory of C:\Users\Default\Documents
07/14/2009  12:08 AM    <JUNCTION>     My Music [C:\Users\Default\Music]
07/14/2009  12:08 AM    <JUNCTION>     My Pictures [C:\Users\Default\Pictures]
07/14/2009  12:08 AM    <JUNCTION>     My Videos [C:\Users\Default\Videos]
               0 File(s)              0 bytes
 Directory of C:\Users\Dennis
03/10/2014  02:47 AM    <JUNCTION>     Application Data [C:\Users\Dennis\AppData\Roaming]
03/10/2014  02:47 AM    <JUNCTION>     Cookies [C:\Users\Dennis\AppData\Roaming\Microsoft\Windows\Cookies]
03/10/2014  02:47 AM    <JUNCTION>     Local Settings [C:\Users\Dennis\AppData\Local]
03/10/2014  02:47 AM    <JUNCTION>     My Documents [C:\Users\Dennis\Documents]
03/10/2014  02:47 AM    <JUNCTION>     NetHood [C:\Users\Dennis\AppData\Roaming\Microsoft\Windows\Network Shortcuts]
03/10/2014  02:47 AM    <JUNCTION>     PrintHood [C:\Users\Dennis\AppData\Roaming\Microsoft\Windows\Printer Shortcuts]
03/10/2014  02:47 AM    <JUNCTION>     Recent [C:\Users\Dennis\AppData\Roaming\Microsoft\Windows\Recent]
03/10/2014  02:47 AM    <JUNCTION>     SendTo [C:\Users\Dennis\AppData\Roaming\Microsoft\Windows\SendTo]
03/10/2014  02:47 AM    <JUNCTION>     Start Menu [C:\Users\Dennis\AppData\Roaming\Microsoft\Windows\Start Menu]
03/10/2014  02:47 AM    <JUNCTION>     Templates [C:\Users\Dennis\AppData\Roaming\Microsoft\Windows\Templates]
               0 File(s)              0 bytes
 Directory of C:\Users\Dennis\AppData\Local
03/10/2014  02:47 AM    <JUNCTION>     Application Data [C:\Users\Dennis\AppData\Local]
03/10/2014  02:47 AM    <JUNCTION>     History [C:\Users\Dennis\AppData\Local\Microsoft\Windows\History]
03/10/2014  02:47 AM    <JUNCTION>     Temporary Internet Files [C:\Users\Dennis\AppData\Local\Microsoft\Windows\Temporary Internet Files]
               0 File(s)              0 bytes
 Directory of C:\Users\Dennis\Documents
03/10/2014  02:47 AM    <JUNCTION>     My Music [C:\Users\Dennis\Music]
03/10/2014  02:47 AM    <JUNCTION>     My Pictures [C:\Users\Dennis\Pictures]
03/10/2014  02:47 AM    <JUNCTION>     My Videos [C:\Users\Dennis\Videos]
               0 File(s)              0 bytes
 Directory of C:\Users\Public\Documents
07/14/2009  12:08 AM    <JUNCTION>     My Music [C:\Users\Public\Music]
07/14/2009  12:08 AM    <JUNCTION>     My Pictures [C:\Users\Public\Pictures]
07/14/2009  12:08 AM    <JUNCTION>     My Videos [C:\Users\Public\Videos]
               0 File(s)              0 bytes
     Total Files Listed:
               0 File(s)              0 bytes
              50 Dir(s)  152,875,524,096 bytes free
 
< %systemroot%\System32\config\*.sav >
 
< %PROGRAMFILES%\bak. /s >
 
< %systemroot%\system32\bak. /s >
 
< %ALLUSERSPROFILE%\Start Menu\*.lnk /x >
 
< %systemroot%\system32\config\systemprofile\*.dat /x >
 
< %systemroot%\*.config >
 
< %systemroot%\system32\*.db >
 
< %PROGRAMFILES%\Internet Explorer\*.dat >
 
< %APPDATA%\Microsoft\Internet Explorer\Quick Launch\*.lnk /x >
[2014/03/11 08:39:24 | 000,000,221 | -HS- | M] () -- C:\Users\Dennis\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\desktop.ini
 
< %USERPROFILE%\Desktop\*.exe >
[2014/08/30 11:00:42 | 000,388,608 | ---- | M] (Trend Micro Inc.) -- C:\Users\Dennis\Desktop\HiJackThis.exe
[2014/08/30 10:14:37 | 001,016,261 | ---- | M] (Thisisu) -- C:\Users\Dennis\Desktop\JRT.exe
[2014/08/30 10:57:45 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Dennis\Desktop\OTL.exe
[2014/08/22 10:42:01 | 002,933,528 | ---- | M] (Two Pilots                                                  ) -- C:\Users\Dennis\Desktop\retouch_3.1.exe
 
< %PROGRAMFILES%\Common Files\*.* >
 
< %systemroot%\*.src >
 
< %systemroot%\install\*.* >
 
< %systemroot%\system32\DLL\*.* >
 
< %systemroot%\system32\HelpFiles\*.* >
 
< %systemroot%\system32\rundll\*.* >
 
< %systemroot%\winn32\*.* >
 
< %systemroot%\Java\*.* >
 
< %systemroot%\system32\test\*.* >
 
< %systemroot%\system32\Rundll32\*.* >
 
< %systemroot%\AppPatch\Custom\*.* >
 
< HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows\WindowsUpdate\AU >
 
< HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\WindowsUpdate\Auto Update\Results\Install|LastSuccessTime /rs >
 
< End of report >
 

 

 

 

Attached Thumbnails

  • proxy.PNG

    Advertisements

Register to Remove


#2 DrNo

DrNo

    New Member

  • New Member
  • Pip
  • 2 posts

Posted 30 August 2014 - 10:48 AM

OTL Extras logfile created on: 8/30/2014 11:21:42 AM - Run 1
OTL by OldTimer - Version 3.2.69.0     Folder = C:\Users\Dennis\Desktop
64bit- Ultimate Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.11.9600.17239)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy
 
20.00 Gb Total Physical Memory | 12.81 Gb Available Physical Memory | 64.03% Memory free
40.00 Gb Paging File | 30.37 Gb Available in Paging File | 75.93% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 232.88 Gb Total Space | 142.48 Gb Free Space | 61.18% Space Free | Partition Type: NTFS
Drive D: | 279.48 Gb Total Space | 62.94 Gb Free Space | 22.52% Space Free | Partition Type: NTFS
Drive E: | 100.00 Mb Total Space | 45.77 Mb Free Space | 45.77% Space Free | Partition Type: NTFS
Drive F: | 465.76 Gb Total Space | 160.90 Gb Free Space | 34.55% Space Free | Partition Type: NTFS
Drive G: | 931.41 Gb Total Space | 357.15 Gb Free Space | 38.34% Space Free | Partition Type: NTFS
Drive H: | 3.00 Gb Total Space | 0.00 Gb Free Space | 0.00% Space Free | Partition Type: UDF
Drive I: | 6.65 Mb Total Space | 0.00 Mb Free Space | 0.00% Space Free | Partition Type: CDFS
 
Computer Name: VIPER | User Name: Dennis | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
 
========== Extra Registry (SafeList) ==========
 
 
========== File Associations ==========
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.html[@ = htmlfile] -- Reg Error: Key error. File not found
.url[@ = InternetShortcut] -- C:\Windows\SysNative\rundll32.exe (Microsoft Corporation)
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\SysWow64\control.exe (Microsoft Corporation)
.html [@ = htmlfile] -- Reg Error: Key error. File not found
 
[HKEY_CURRENT_USER\SOFTWARE\Classes\<extension>]
.html [@ = ChromeHTML] -- Reg Error: Key error. File not found
 
========== Shell Spawning ==========
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [edit] -- Reg Error: Key error.
htmlfile [open] -- Reg Error: Key error.
htmlfile [opennew] -- Reg Error: Key error.
htmlfile [print] -- "%systemroot%\system32\rundll32.exe" "%systemroot%\system32\mshtml.dll",PrintHTML "%1"
http [open] -- Reg Error: Key error.
https [open] -- Reg Error: Key error.
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
InternetShortcut [open] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll",OpenURL %l (Microsoft Corporation)
InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" (VideoLAN)
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" (VideoLAN)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Applications\iexplore.exe [open] -- Reg Error: Key error.
CLSID\{871C5380-42A0-1069-A2EA-08002B30309D} [OpenHomePage] -- Reg Error: Key error.
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [edit] -- Reg Error: Key error.
htmlfile [open] -- Reg Error: Key error.
htmlfile [opennew] -- Reg Error: Key error.
htmlfile [print] -- "%systemroot%\system32\rundll32.exe" "%systemroot%\system32\mshtml.dll",PrintHTML "%1"
http [open] -- Reg Error: Key error.
https [open] -- Reg Error: Key error.
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" (VideoLAN)
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" (VideoLAN)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Applications\iexplore.exe [open] -- Reg Error: Key error.
CLSID\{871C5380-42A0-1069-A2EA-08002B30309D} [OpenHomePage] -- Reg Error: Key error.
 
========== Security Center Settings ==========
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = 28 4D B2 76 41 04 CA 01  [binary data]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
 
========== Firewall Settings ==========
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
 
========== Authorized Applications List ==========
 
 
========== Vista Active Open Ports Exception List ==========
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{04BC0394-B6D8-41FC-8550-5295040CBD80}" = lport=5353 | protocol=17 | dir=in | app=c:\program files\nvidia corporation\nvstreamsrv\nvstreamsvc.exe | 
"{052CF278-C9E1-46AC-B2F3-E2880FD7F3DD}" = lport=138 | protocol=17 | dir=in | app=system | 
"{085AEE68-8209-485A-90C5-7483EFC82040}" = lport=47991 | protocol=6 | dir=in | app=c:\program files\nvidia corporation\nvstreamsrv\nvstreamer.exe | 
"{11FBB87E-FF8D-47CD-8A76-685FB53CAE5C}" = lport=48000 | protocol=17 | dir=in | app=c:\program files\nvidia corporation\nvstreamsrv\nvstreamer.exe | 
"{1913C883-11FA-4E48-9184-83C3E7F15595}" = lport=2869 | protocol=6 | dir=in | app=system | 
"{1D48BA59-F5D3-43F5-8797-D4E06791783D}" = rport=139 | protocol=6 | dir=out | app=system | 
"{1FBC0F05-1E24-4320-9AC2-8380F26F22DE}" = rport=2177 | protocol=17 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe | 
"{2C61ED39-4A3C-4DE1-B61E-24386BFB180F}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe | 
"{2F8421BB-F997-4E9F-B611-0C3BB53ECA71}" = rport=10243 | protocol=6 | dir=out | app=system | 
"{3261E3A6-3F8C-4C34-BDA1-C30777D78E78}" = lport=139 | protocol=6 | dir=in | app=system | 
"{332C4472-4029-42F6-927C-32816B1ADC7A}" = rport=2177 | protocol=6 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe | 
"{3C1D12F7-CCF0-471B-8DD0-F99F801A4476}" = lport=2177 | protocol=17 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe | 
"{4221C5D1-822B-4DAE-9347-0CA5A798FF27}" = lport=48000 | protocol=17 | dir=in | app=c:\program files\nvidia corporation\nvstreamsrv\nvstreamer.exe | 
"{43D4F6B2-453C-455B-85E4-8519EDF7004C}" = lport=6004 | protocol=17 | dir=in | app=c:\program files\microsoft office 15\root\office15\outlook.exe | 
"{44AD7A7F-DADC-4A69-97B7-6ED0A004D3A9}" = lport=445 | protocol=6 | dir=in | app=system | 
"{4A32409A-1C22-493A-8242-77E8BDCB53C4}" = lport=443 | protocol=6 | dir=in | app=c:\program files (x86)\nvidia corporation\netservice\nvnetworkservice.exe | 
"{63E0B134-2306-4AA2-A6E0-64AAC5AEE478}" = lport=5353 | protocol=17 | dir=in | app=c:\program files (x86)\google\chrome\application\chrome.exe | 
"{6B4C61CE-B2F6-4D35-B612-593475056EB2}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | name=@firewallapi.dll,-28539 | 
"{72962EB1-8DA8-4269-A1E5-5B963BCAEF51}" = lport=47991 | protocol=6 | dir=in | app=c:\program files\nvidia corporation\nvstreamsrv\nvstreamer.exe | 
"{80CCFF9A-F0CA-4767-B09D-6AD84DDBF8AE}" = rport=427 | protocol=17 | dir=in | svc=hpslpsvc | app=c:\windows\system32\svchost.exe | 
"{860F5274-51B1-4415-90AB-D4F1C02C5D85}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe | 
"{945D2D80-E39A-4ED6-B634-9A3BB90B375C}" = lport=47987 | protocol=6 | dir=in | app=c:\program files\nvidia corporation\nvstreamsrv\nvstreamsvc.exe | 
"{AFF8DE79-9B33-451C-BB4E-1E83CC3D2262}" = rport=445 | protocol=6 | dir=out | app=system | 
"{B02E6804-3755-4ACA-B7DE-43793C44E09C}" = lport=2177 | protocol=6 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe | 
"{BABC3E31-A7E2-4E01-9695-6689FDEA5402}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe | 
"{C7BC2B92-3A63-4EEF-BC35-648A7344443E}" = lport=10243 | protocol=6 | dir=in | app=system | 
"{CC49D5D8-F97F-4F70-9CBB-91FAA1560921}" = lport=80 | protocol=6 | dir=in | app=c:\program files (x86)\nvidia corporation\netservice\nvnetworkservice.exe | 
"{D259EEF2-41FC-4E51-B91A-7AC2589E9EEE}" = rport=137 | protocol=17 | dir=out | app=system | 
"{D9ABA968-6195-44D4-BDF9-E423CD479142}" = rport=138 | protocol=17 | dir=out | app=system | 
"{E53E4126-CD9A-4DB3-B59F-6E4C06AAEED4}" = lport=rpc | protocol=6 | dir=in | svc=spooler | app=%systemroot%\system32\spoolsv.exe | 
"{E6BC7C93-D238-455B-ADC8-BDA98B33288C}" = rport=80 | protocol=6 | dir=out | app=c:\program files (x86)\common files\intuit\update service v4\intuitupdater.exe | 
"{E8D975A9-D100-44DD-8575-CB0860A79FC9}" = lport=47984 | protocol=6 | dir=in | app=c:\program files\nvidia corporation\nvstreamsrv\nvstreamsvc.exe | 
"{ED8BD083-5023-4DA5-A51C-0B2803C7D216}" = lport=137 | protocol=17 | dir=in | app=system | 
"{F1134128-1BE7-408F-85FE-D3443E89D3E4}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe | 
"{F4FC67FA-D519-4304-8D5E-F73C5ADC18E1}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe | 
"{FEF1DB75-9888-4D42-81B0-31FEEAE5718E}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe | 
"{FFABB1C1-4962-4B12-A4F1-81AAF9980687}" = lport=5353 | protocol=17 | dir=in | app=c:\program files\nvidia corporation\nvstreamsrv\nvstreamsvc.exe | 
"{FFDF041B-7F34-4499-95EB-95917B873346}" = rport=80 | protocol=6 | dir=out | app=c:\program files (x86)\common files\intuit\update service v4\intuitupdateservice.exe | 
 
========== Vista Active Application Exception List ==========
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{001F46D8-7526-464C-90B4-9A5AE45884F3}" = protocol=17 | dir=in | app=c:\program files\microsoft office 15\root\office15\lync.exe | 
"{02049908-F9EB-46A1-8263-9F6D45583C59}" = protocol=17 | dir=in | app=g:\steam\steamapps\common\half-life\hl.exe | 
"{020E289B-9F69-46D6-8F40-1A1ED5200E58}" = protocol=6 | dir=in | app=g:\steam\steamapps\common\serious sam 3\bin\sam3_unrestricted.exe | 
"{02A6C25F-6883-4948-B920-DA90C1AEF9B2}" = protocol=17 | dir=in | app=g:\steam\steamapps\common\day of defeat source\hl2.exe | 
"{07836D87-F354-42B2-A74B-BC9470AD46EB}" = protocol=17 | dir=in | app=c:\program files\microsoft office 15\root\office15\ucmapi.exe | 
"{0959A127-B01E-4561-B81F-5F54A54F737B}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe | 
"{0A1D1352-92E1-4FC7-8B83-F7D1604D972B}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hpqfxt08.exe | 
"{0B5EECD9-EFBF-4BEF-B386-EDF926695D8A}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe | 
"{0F410756-0E2A-4AA9-9780-465BD46219CF}" = protocol=6 | dir=in | app=c:\program files\microsoft office 15\root\office15\lync.exe | 
"{0F45AE32-DAEE-4F02-A8BD-F29D7327D46E}" = protocol=6 | dir=in | app=g:\steam\steamapps\common\the witcher enhanced edition\system\witcher.exe | 
"{11958CCC-8075-410C-9798-69076CB2F194}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe | 
"{1308BECC-CC7C-4CB3-A0CB-3A435BE036E2}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hpqpsapp.exe | 
"{2343D72C-4025-4ECB-A2FE-743AA1FED2CB}" = protocol=1 | dir=out | name=@firewallapi.dll,-28544 | 
"{2BA707A3-6374-49DC-BE94-125D98E708BB}" = protocol=17 | dir=in | app=g:\steam\steamapps\common\solforge\solforge.exe | 
"{311D1249-35E4-4A73-A0A6-214B483968BE}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe | 
"{3149F394-C490-4416-A8EC-67EE5A9C2A37}" = protocol=6 | dir=in | app=g:\steam\steamapps\common\solforge\solforge.exe | 
"{3291275F-276E-45CD-B124-585E0165671F}" = protocol=17 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe | 
"{39FF2A5D-2FCD-4359-8700-931292AB62BF}" = protocol=17 | dir=in | app=%programfiles(x86)%\windows media player\wmplayer.exe | 
"{3A7D6F18-B501-42EC-99D2-34FF98D13448}" = protocol=6 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe | 
"{3C1D4A14-4E4A-430E-9D33-FD14070A947B}" = protocol=6 | dir=in | app=g:\steam\bin\steamwebhelper.exe | 
"{3EED2AAA-3B37-4DB8-81B3-8063B5D15D9B}" = protocol=17 | dir=in | app=g:\steam\steamapps\common\garrysmod\hl2.exe | 
"{3F0FCE23-0D76-47B3-9E38-C41FC50B810A}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hposid01.exe | 
"{42374179-2CE8-431E-A811-EE20EF9D4CFC}" = protocol=6 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe | 
"{458C6692-84C4-4555-AC8D-18E5CA7923A9}" = protocol=6 | dir=in | app=g:\steam\steamapps\common\loadout\loadout.exe | 
"{45AF66F3-BB46-4AA9-8C44-9F3E63663F0C}" = protocol=6 | dir=in | app=g:\steam\steamapps\common\garrysmod\hl2.exe | 
"{480CF86B-AAB7-4306-BBC8-FB9F8B8E2262}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hpofxm08.exe | 
"{4963FE0D-7B40-42CD-9CF3-1D7A9566F368}" = protocol=6 | dir=in | app=g:\steam\steam.exe | 
"{4B2BDE9A-8CF1-4806-BD09-EFCD8E643539}" = protocol=17 | dir=in | app=g:\steam\steamapps\common\team fortress 2\hl2.exe | 
"{4F615196-4D71-4F00-9CEA-C44BC036732C}" = protocol=17 | dir=in | app=g:\steam\steamapps\common\kerbal space program\ksp.exe | 
"{503C0D39-C214-4104-BAE5-424109710C5E}" = protocol=6 | dir=in | app=g:\steam\steamapps\common\the witcher enhanced edition\system\djinni!.exe | 
"{5054923E-4847-4B86-8575-D532DEB69B20}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe | 
"{52248C36-D4D4-4194-9601-24B139780B90}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hpqkygrp.exe | 
"{52284B01-7114-4192-8C10-E28D083A3D58}" = protocol=17 | dir=in | app=g:\steam\steamapps\common\serious sam 3\bin\sam3_unrestricted.exe | 
"{55C44FE5-CF09-410A-AF94-8BCE414DFBAF}" = protocol=17 | dir=in | app=g:\steam\steamapps\common\sniper ghost warrior\sniper_x86.exe | 
"{56677FC8-9E34-497A-834A-668A856A1917}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hpqgplgtupl.exe | 
"{5855C865-1DB5-4B36-86EE-FD332D618B50}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hpfccopy.exe | 
"{5D231A94-F19C-4DBF-A92F-18FD0FFF8279}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hpqpse.exe | 
"{5F32097E-848F-409C-848A-3C46F74DA97C}" = protocol=17 | dir=in | app=g:\steam\steam.exe | 
"{66251747-4DA3-4B22-80F6-35FBCA7CB32B}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe | 
"{6A2C7A1D-C916-4B77-85E1-AE073CBC8225}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe | 
"{6E20FBFC-0DCB-4F2A-BF25-DAC4F5840E28}" = protocol=6 | dir=in | app=c:\program files (x86)\yahoo!\messenger\yahoomessenger.exe | 
"{7243E687-84C1-44AF-8403-D44544189A75}" = protocol=6 | dir=in | app=g:\steam\steamapps\common\team fortress 2\hl2.exe | 
"{731C0507-BAA0-472F-B0CE-994835331B53}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe | 
"{766DA71F-F5E1-4AA3-84D8-1F6B3DAE98C4}" = dir=in | app=c:\users\dennis\appdata\local\temp\7zs478e\setup\hpznui40.exe | 
"{7921405A-EA5C-4FFB-A375-26DCCEA5FEAC}" = protocol=1 | dir=in | name=@firewallapi.dll,-28543 | 
"{7D54A7D0-8898-4C7D-AEE6-3CFCD996BF09}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hpqusgm.exe | 
"{7FF251CE-96BA-4F4F-BE3D-BD2943F983F4}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe | 
"{83A2742B-EAA3-41E9-8632-934182632099}" = protocol=17 | dir=in | app=g:\steam\steamapps\common\serious sam 3\bin\sam3.exe | 
"{8779C8A6-0CF9-4E0B-9185-C8EBED04C170}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hpqusgh.exe | 
"{88E00F25-9DE1-490C-BC13-42DDEFB80D9D}" = dir=in | app=c:\program files (x86)\hp\hp software update\hpwucli.exe | 
"{8BA3573D-FF47-46EF-8E71-86CB361E044D}" = protocol=17 | dir=in | app=g:\steam\steamapps\common\defiance\patcher.exe | 
"{8E8E7ADA-71F3-455C-B1AF-2B5077183651}" = protocol=17 | dir=in | app=g:\steam\steamapps\common\the witcher enhanced edition\system\djinni!.exe | 
"{962DA132-C5B1-49FD-9E0A-6B9C3CC5B8A8}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hpqsudi.exe | 
"{9A05470A-3E97-4E62-8555-0E36EC4270CB}" = protocol=6 | dir=in | app=g:\steam\steamapps\common\defiance\patcher.exe | 
"{A20639A8-47AD-438B-9045-4457B35E2CE8}" = protocol=6 | dir=out | app=system | 
"{AA7D6E1C-D794-4787-9936-4CBEED7A3EAF}" = protocol=6 | dir=in | app=g:\steam\steamapps\common\half-life\hl.exe | 
"{B1B32340-D87C-46C3-A60C-A6B95C606FF8}" = protocol=17 | dir=in | app=g:\steam\steamapps\common\loadout\loadout.exe | 
"{B9307786-337F-4A92-A1D7-5E2E243241C2}" = dir=in | app=c:\program files (x86)\common files\hp\digital imaging\bin\hpqphotocrm.exe | 
"{BC767B7B-D41D-4162-B20F-47A1763930AC}" = protocol=17 | dir=in | app=g:\steam\bin\steamwebhelper.exe | 
"{BCC10EDB-03F2-4EEC-AA3B-FAB5C7435A33}" = protocol=6 | dir=in | app=c:\program files\microsoft office 15\root\office15\ucmapi.exe | 
"{C19370E9-ECDB-45B8-B3AC-8C3817209D26}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hpqste08.exe | 
"{C20BA280-B7F3-4305-83E7-2B478517EE63}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hpofxs08.exe | 
"{C8D1E421-FBAD-462C-BBE6-B42B2CDBF824}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hpqtra08.exe | 
"{CA8D33F5-0213-4B55-B500-80748AD598C5}" = protocol=17 | dir=in | app=c:\program files (x86)\yahoo!\messenger\yahoomessenger.exe | 
"{CC6B23D6-9787-4929-BA95-A9317811BCA2}" = protocol=6 | dir=in | app=g:\steam\steamapps\common\half-life 2 deathmatch\hl2.exe | 
"{CD98EB3B-7E4E-49EA-A6A0-30FFE574D612}" = protocol=6 | dir=in | app=g:\steam\steamapps\common\sniper ghost warrior\sniper_x86.exe | 
"{D00057DC-C8FB-421E-8BE6-3D2B7B985A91}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hposfx08.exe | 
"{D4CD104A-4948-4C17-A39E-8E7BDE535D13}" = protocol=58 | dir=out | name=@firewallapi.dll,-28546 | 
"{D57622C2-9E50-4291-BB9C-5341A288D165}" = dir=in | app=c:\program files (x86)\hp\digital imaging\smart web printing\smartwebprintexe.exe | 
"{D960E03F-EAB8-40B4-96F2-B718D1EE953E}" = protocol=6 | dir=in | app=g:\steam\steamapps\common\half-life 2\hl2.exe | 
"{DA33326F-B2B6-45A4-A09C-D353F4FF46E8}" = protocol=6 | dir=in | app=g:\steam\steamapps\common\kerbal space program\ksp.exe | 
"{DBF77E33-8F9D-4AA8-AE32-63F34268002C}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hpqgpc01.exe | 
"{E0BE959B-08FF-45F8-A049-600F46DC83BD}" = protocol=6 | dir=in | app=c:\users\dennis\appdata\local\temp\7zs57f4\hppiw.exe | 
"{E4A00631-A88B-4657-AA30-DD54FD9E274E}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hpiscnapp.exe | 
"{E634B952-8E08-434F-A398-67552CEC50BB}" = protocol=17 | dir=in | app=c:\users\dennis\appdata\local\temp\7zs57f4\hppiw.exe | 
"{E64CAAAB-7667-4098-B75A-1DE044FB41EF}" = protocol=6 | dir=in | app=g:\steam\steamapps\common\day of defeat source\hl2.exe | 
"{E7AD10F5-CC91-4C10-A7DE-752A51FAE9B3}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hpzwiz01.exe | 
"{EC151A2B-2488-4F60-8D5D-D8D310FC2405}" = protocol=17 | dir=in | app=g:\steam\steamapps\common\half-life 2 deathmatch\hl2.exe | 
"{EE089343-0293-471F-B073-859ABEDC908C}" = protocol=17 | dir=in | app=g:\steam\steamapps\common\the witcher enhanced edition\system\witcher.exe | 
"{EF34F271-0F0F-4FD4-8C45-A57B49D313EE}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hpoews01.exe | 
"{F0D0D9D0-6BE3-4758-B760-00F093015AC2}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe | 
"{F36D633E-5A8A-4FEC-BA8E-7857220B1180}" = protocol=6 | dir=in | app=g:\steam\steamapps\common\serious sam 3\bin\sam3.exe | 
"{F3B61987-707E-49BB-9F64-0E32BAF7CD25}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe | 
"{FCACC25A-7924-49F0-B853-D781F6B7CDB5}" = protocol=58 | dir=in | name=@firewallapi.dll,-28545 | 
"{FF5EFE54-5ECA-47D3-9B3C-CAD7049E6CC3}" = protocol=17 | dir=in | app=g:\steam\steamapps\common\half-life 2\hl2.exe | 
"TCP Query User{A37EDB89-8AD6-4CFE-8CD7-E322AE32F330}C:\program files (x86)\google\chrome\application\chrome.exe" = protocol=6 | dir=in | app=c:\program files (x86)\google\chrome\application\chrome.exe | 
"TCP Query User{A71DA193-C402-47BB-9C60-1477383DE3D7}C:\program files (x86)\sysm monitor\sysm-monitor.exe" = protocol=6 | dir=in | app=c:\program files (x86)\sysm monitor\sysm-monitor.exe | 
"TCP Query User{A971FFD7-5180-49C1-A2B6-8C804D4F0FBA}G:\steam\steamapps\common\war thunder\launcher.exe" = protocol=6 | dir=in | app=g:\steam\steamapps\common\war thunder\launcher.exe | 
"TCP Query User{B11DCC8C-24A4-4D2A-B971-F6D4745A7B41}D:\games\secondlife\slvoice.exe" = protocol=6 | dir=in | app=d:\games\secondlife\slvoice.exe | 
"TCP Query User{C2FCCB8A-7F4B-4044-811B-673CB600D856}C:\program files (x86)\\device\harddiskvolume5\program files (x86)\comodo\dragon\dragon.exe\\device\harddiskvolume5\program files (x86)\comodo\dragon\dragon.exe\\device\harddiskvolume5\program files (x86)\comodo\dragon\dragon.exe" = protocol=6 | dir=in | app=c:\program files (x86)\\device\harddiskvolume5\program files (x86)\comodo\dragon\dragon.exe\\device\harddiskvolume5\program files (x86)\comodo\dragon\dragon.exe\\device\harddiskvolume5\program files (x86)\comodo\dragon\dragon.exe | 
"TCP Query User{D3FBCFEC-5432-4941-8AE7-3113E5B1ED27}G:\skanect 1.6\bin\skanect.exe" = protocol=6 | dir=in | app=g:\skanect 1.6\bin\skanect.exe | 
"TCP Query User{E73D7FFB-585E-441C-A9BD-E80B4A09CB27}G:\dlink\smartconsole utility.exe" = protocol=6 | dir=in | app=g:\dlink\smartconsole utility.exe | 
"TCP Query User{F66B3974-D4B4-4D77-BA67-DF3075E57A84}G:\steam\steamapps\common\war thunder\aces.exe" = protocol=6 | dir=in | app=g:\steam\steamapps\common\war thunder\aces.exe | 
"UDP Query User{30170FFC-D762-4CDB-B6C9-90766BDCB0A7}G:\dlink\smartconsole utility.exe" = protocol=17 | dir=in | app=g:\dlink\smartconsole utility.exe | 
"UDP Query User{C645FE4B-EE48-4A1C-A1D8-2E3383BC39EC}C:\program files (x86)\sysm monitor\sysm-monitor.exe" = protocol=17 | dir=in | app=c:\program files (x86)\sysm monitor\sysm-monitor.exe | 
"UDP Query User{C6C3F1F7-A047-46CF-B8F5-9C4E5551EC32}C:\program files (x86)\google\chrome\application\chrome.exe" = protocol=17 | dir=in | app=c:\program files (x86)\google\chrome\application\chrome.exe | 
"UDP Query User{D98359D9-A6FA-4B2C-9898-13EE947B275A}D:\games\secondlife\slvoice.exe" = protocol=17 | dir=in | app=d:\games\secondlife\slvoice.exe | 
"UDP Query User{DE04F38B-6136-4B03-8C4B-9EFCAB7DE167}G:\skanect 1.6\bin\skanect.exe" = protocol=17 | dir=in | app=g:\skanect 1.6\bin\skanect.exe | 
"UDP Query User{DE961B43-78EB-4490-8AC3-DF1C0974C1C6}G:\steam\steamapps\common\war thunder\launcher.exe" = protocol=17 | dir=in | app=g:\steam\steamapps\common\war thunder\launcher.exe | 
"UDP Query User{DFAAC412-B5B1-4DBD-82FB-6AB35B436F61}G:\steam\steamapps\common\war thunder\aces.exe" = protocol=17 | dir=in | app=g:\steam\steamapps\common\war thunder\aces.exe | 
"UDP Query User{EA099E4D-94E8-4968-ACCD-64FEE0169782}C:\program files (x86)\\device\harddiskvolume5\program files (x86)\comodo\dragon\dragon.exe\\device\harddiskvolume5\program files (x86)\comodo\dragon\dragon.exe\\device\harddiskvolume5\program files (x86)\comodo\dragon\dragon.exe" = protocol=17 | dir=in | app=c:\program files (x86)\\device\harddiskvolume5\program files (x86)\comodo\dragon\dragon.exe\\device\harddiskvolume5\program files (x86)\comodo\dragon\dragon.exe\\device\harddiskvolume5\program files (x86)\comodo\dragon\dragon.exe | 
 
========== HKEY_LOCAL_MACHINE Uninstall List ==========
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{0851BE65-294B-4BBA-8A0D-C1320DCBBCA3}" = AdAwareInstaller
"{0FD16054-EF76-45CD-BA6B-E2F753CE0878}" = Firestorm SecondLife and OpenSim viewer
"{235E711E-20A7-4BF4-8913-B295343A4996}" = AvcEngine
"{2700FAD3-F82C-4ED1-862C-5F425B2A88E6}" = Kinect for Windows Runtime v1.8
"{2EDC2FA3-1F34-34E5-9085-588C9EFD1CC6}" = Microsoft Visual C++ 2012 x64 Minimum Runtime - 11.0.60610
"{3B433087-E62E-4BF5-97F9-4AF6E1C2409C}" = Microsoft Server Speech Platform Runtime (x64)
"{48C0866E-57EB-444C-8371-8E4321066BC3}" = Network64
"{503F672D-6C84-448A-8F8F-4BC35AC83441}" = AMD APP SDK Runtime
"{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161
"{6702DAC4-51E7-440C-8012-9C0AE9D524DB}" = Kinect for Windows SDK v1.8
"{690285C2-2481-44FB-8402-162EA970A6DD}" = Logitech Gaming Software
"{6BFAB6C1-6D46-46DB-A538-A269907C9F2F}" = Network64
"{71C4F928-136A-4222-A191-310E081FB96B}" = HP Photosmart C309a All-In-One Driver Software 14.0 Rel. 5
"{721A858C-9C26-4832-8958-CDAFFC596E3D}" = AntispamEngine
"{764384C5-BCA9-307C-9AAC-FD443662686A}" = Microsoft Visual C++ 2012 x64 Additional Runtime - 11.0.60610
"{7DEBE4EB-6B40-3766-BB35-5CBBC385DA37}" = Microsoft .NET Framework 4.5.1
"{8220EEFE-38CD-377E-8595-13398D740ACE}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17
"{877C7A27-7529-4B0C-BA7B-4D697E90DDC1}" = FirewallEngine
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{90150000-008F-0000-1000-0000000FF1CE}" = Office 15 Click-to-Run Licensing Component
"{901D1D88-408D-48E5-80DD-CC3145BD8456}" = COMODO Antivirus
"{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033" = Microsoft .NET Framework 4.5.1
"{A64EBD98-D9FB-4014-8658-F61C0EFFB87C}" = Scanjet 5590
"{A8F67345-FA75-4E99-AEBA-DE9BFE708A49}" = OnlineThreatsEngine
"{AA62B868-5D5C-46CF-BA88-386BE71D4F87}" = Kinect for Windows Drivers v1.8
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision" = NVIDIA 3D Vision Driver 340.52
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.ControlPanel" = NVIDIA Control Panel 340.52
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver" = NVIDIA Graphics Driver 340.52
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience" = NVIDIA GeForce Experience 2.1.1.1
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB" = NVIDIA 3D Vision Controller Driver 340.50
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX" = NVIDIA PhysX System Software 9.13.1220
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update" = NVIDIA Update 15.3.36
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_GFExperience.LEDVisualizer" = NVIDIA LED Visualizer 1.0
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_GFExperience.NvStreamSrv" = SHIELD Streaming
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver" = NVIDIA HD Audio Driver 1.3.30.1
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_installer" = NVIDIA Install Application
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Network.Service" = NVIDIA Network Service
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_ShadowPlay" = NVIDIA ShadowPlay 15.3.36
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Update.Core" = NVIDIA Update Core
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_VirtualAudio.Driver" = NVIDIA Virtual Audio 1.2.23
"{CC347FC6-C8D7-493A-B70E-1D89E22691A7}" = AntimalwareEngine
"{DA5E371C-6333-3D8A-93A4-6FD5B20BCC6E}" = Microsoft Visual C++ 2010  x64 Redistributable - 10.0.30319
"{DD562794-C098-A1E5-66ED-10E8BD1C84C5}" = AMD Catalyst Install Manager
"{E39A80AE-0CC0-43EE-AB6B-BE11DC4F969F}" = AdAwareUpdater
"{E39A80AE-0CC0-43EE-AB6B-BE11DC4F969F}_AdAwareUpdater" = Ad-Aware Antivirus
"{F40C3DA3-595C-4ED3-99AE-06CDF75F6F92}" = HP Photosmart B9100 Printer Driver Software 13.0 Rel. A
"{FF21C3E6-97FD-474F-9518-8DCBE94C2854}" = 64 Bit HP CIO Components Installer
"1648BE7E9583B8F416C0D65E7DFD9927F1F1348E" = Windows Driver Package - MakerBot Industries, LLC (usbser) Ports  (10/24/2013 16.31.44.418)
"3C8B9891A89A64A0D43646719EC82184B33C4048" = Windows Driver Package - MakerBot Industries, LLC (usbser) Ports  (10/24/2013 16.31.44.402)
"883C04C33C70062A4AD0ED48685D05F25A854C1D" = Windows Driver Package - FTDI CDM Driver Package (03/30/2010 2.06.02)
"ABE36B9BBD00CD433A4454EBCAD52F303406A488" = Windows Driver Package - FTDI CDM Driver Package (03/30/2010 2.06.02)
"D6083E36A9821DF3D9DCA6F80AECCD3CD8411A75" = Windows Driver Package - MakerBot Industries, LLC (usbser) Ports  (10/24/2013 16.31.44.418)
"E332B90FD0740040DF2D2CC1865C773283836BB6" = Windows Driver Package - MakerBot Industries, LLC (usbser) Ports  (10/24/2013 16.31.44.418)
"GIMP-2_is1" = GIMP 2.8.10
"HP Imaging Device Functions" = HP Imaging Device Functions 14.5
"HP Photosmart Essential" = HP Photosmart Essential 3.5
"HP Smart Web Printing" = HP Smart Web Printing 4.60
"HP Solution Center & Imaging Support Tools" = HP Solution Center 14.0
"HPExtendedCapabilities" = HP Customer Participation Program 14.0
"HPOCR" = OCR Software by I.R.I.S. 14.0
"Logitech Gaming Software" = Logitech Gaming Software 8.52
"ProPlusRetail - en-us" = Microsoft Office Professional Plus 2013 - en-us
"Shop for HP Supplies" = Shop for HP Supplies
"sp6" = Logitech SetPoint 6.61
"WinRAR archiver" = WinRAR 4.00 beta 5 (64-bit)
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{009E5DF2-3F97-480B-89DA-F2D5E672E14A}_is1" = ControlCenter
"{06A1D88C-E102-4527-AF70-29FFD7AF215A}" = Scan
"{08610298-29AE-445B-B37D-EFBE05802967}" = LWS Pictures And Video
"{0A7DD94B-B746-4FB0-8688-8598C22793A0}" = TurboTax 2013 WinPerFedFormset
"{10B58EAF-76E3-4382-95B2-4B6C6CB5B49E}" = hpg5590
"{1458BB78-1DC5-4BC0-B9A3-2B644F5A8105}" = DeviceDiscovery
"{150B6201-E9E6-4DFB-960E-CCBD53FBDDED}" = HPProductAssistant
"{15634701-BACE-4449-8B25-1567DA8C9FD3}" = CameraHelperMsi
"{1651216E-E7AD-4250-92A1-FB8ED61391C9}" = LWS Help_main
"{16551913-D97B-4E8A-B751-44CBDC99CF5C}" = HPScanjet5590Corporate11
"{174A3B31-4C43-43DD-866F-73C9DB887B48}" = LWS Twitter
"{196BB40D-1578-3D01-B289-BEFC77A11A1E}" = Microsoft Visual C++ 2010  x86 Redistributable - 10.0.30319
"{20EFC9AA-BBC1-4DFD-81FF-99654F71CBF8}" = HPPhotoSmartDiscLabel_PrintOnDisc
"{21DF0294-6B9D-4741-AB6F-B2ABFBD2387E}" = LWS YouTube Plugin
"{22CB8ED7-DF57-4864-BD04-F63B9CE4B494}" = Microsoft Server Speech Platform Runtime (x86)
"{26A24AE4-039D-4CA4-87B4-2F83217051FF}" = Java 7 Update 67
"{292F0F52-B62D-4E71-921B-89A682402201}" = Toolbox
"{2A4EEB5C-3BA6-4299-A87F-783861B567D9}" = TurboTax 2013 WinPerReleaseEngine
"{2EEA7AA4-C203-4b90-A34F-19FB7EF1C81C}" = BufferChm
"{2FB9EA69-51D4-4913-9AD5-762C034DE811}" = Status
"{3047700D-7334-4E7E-AC93-C7F40CD1C8A0}" = B9100
"{348A1F5B-07B3-4436-9A47-FFE44EFE856E}" = HP Support Solutions Framework
"{358C44FD-6943-4CDD-B947-7F7C4ADC8A8F}" = TurboTax 2013 WinPerTaxSupport
"{3A1B5D40-41E9-43FA-8C7B-A8667F5586EF}" = JMicron JMB36X Driver
"{3EE9BCAE-E9A9-45E5-9B1C-83A4D357E05C}" = erLT
"{43CDF946-F5D9-4292-B006-BA0D92013021}" = WebReg
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{4E7C28C7-D5DA-4E9F-A1CA-60490B54AE35}" = UnloadSupport
"{4F46CF54-47D2-41F4-B230-B0954C544420}}_is1" = MSI Live Update
"{532F6E8A-AF97-41C3-915F-39F718EC07D1}" = ASUS GPU Tweak
"{57208618-E86D-439B-9819-DEC63E9827C8}" = BSIZE_CDA_B9100_Software_Min
"{59E44523-0F0F-4454-9F37-E951BBA55B84}" = C309a
"{5DCF0E4B-F8EA-4229-A0BD-5CA6D4AFB749}" = SolutionCenter
"{606EB5EB-AADF-4E21-B715-1CAD291181D6}" = TurboTax 2013 wrapper
"{681B698F-C997-42C3-B184-B489C6CA24C9}" = HPPhotoSmartDiscLabelContent1
"{68909632-6D1F-4B45-98C2-2D8E55018A81}" = ASUS USB-AC56 WLAN Card Utilities/Driver
"{6D1221A9-17BF-4EC0-81F2-27D30EC30701}" = Skype Click to Call
"{6F76EC3C-34B1-436E-97FB-48C58D7BEDCD}" = LWS Gallery
"{706A860B-4334-44A4-84B2-64A04DC7154E}" = ReconstructMe 2.0.199
"{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable
"{71E66D3F-A009-44AB-8784-75E2819BA4BA}" = LWS Motion Detection
"{7A3C7E05-EE37-47D6-99E1-2EB05A3DA3F7}" = Skype™ 6.18
"{80407BA7-7763-4395-AB98-5233F1B34E65}" = NVIDIA PhysX
"{83C8FA3C-F4EA-46C4-8392-D3CE353738D6}" = LWS Launcher
"{8833FFB6-5B0C-4764-81AA-06DFEED9A476}" = Realtek Ethernet Controller Driver
"{8937D274-C281-42E4-8CDB-A0B2DF979189}" = LWS Webcam Software
"{8AAA44BB-487E-4D01-AF76-484ACB90DBFE}" = Kinect for Windows Speech Recognition Language Pack (en-US)
"{8D8024F1-2945-49A5-9B78-5AB7B11D7942}_is1" = Auslogics Registry Cleaner
"{8EE94FD8-5F52-4463-A340-185D16328158}" = WebReg
"{8FF6F5CA-4E30-4E3B-B951-204CAAA2716A}" = SmartWebPrinting
"{90150000-008C-0000-0000-0000000FF1CE}" = Office 15 Click-to-Run Extensibility Component
"{90150000-008C-0409-0000-0000000FF1CE}" = Office 15 Click-to-Run Localization Component
"{912D30CF-F39E-4B31-AD9A-123C6B794EE2}" = HP Update
"{9243354A-3075-C91E-6E12-403D932B38E5}" = Catalyst Control Center InstallProxy
"{9294F169-72EE-4D74-AE92-CA25F64B4FF8}" = Fax
"{9B362566-EC1B-4700-BB9C-EC661BDE2175}" = DocProc
"{9DAEA76B-E50F-4272-A595-0124E826553D}" = LWS WLM Plugin
"{a1909659-0a08-4554-8af1-2175904903a1}" = Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.60610
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{AC35A885-0F8F-4857-B7DA-6E8DFB43E6B3}" = HPSSupply
"{AC76BA86-7AD7-1033-7B44-AB0000000001}" = Adobe Reader XI (11.0.08)
"{B28635AB-1DF3-4F07-BFEA-975D911B549B}" = hpphotosmartdisclabelplugin
"{B7B3E9B3-FB14-4927-894B-E9124509AF5A}" = Adobe Flash Player 10 ActiveX
"{BB3447F6-9553-4AA9-960E-0DB5310C5779}" = GPBaseService2
"{BD7204BA-DD64-499E-9B55-6A282CDF4FA4}" = Destinations
"{C87D79F6-F813-4812-B7A9-CCCAAB8B1188}" = ASUS Product Register Program
"{CAE4213F-F797-439D-BD9E-79B71D115BE3}" = HPPhotoGadget
"{CD31E63D-47FD-491C-8117-CF201D0AFAB5}" = TrayApp
"{D2A41AA7-4313-43D5-AA39-7E3FBBE0556D}" = GPUTweakStreaming
"{D360FA88-17C8-4F14-B67F-13AAF9607B12}" = MarketResearch
"{D40EB009-0499-459c-A8AF-C9C110766215}" = Logitech Webcam Software
"{D79113E7-274C-470B-BD46-01B10219DF6A}" = HPPhotosmartEssential
"{D9D8F2CF-FE2D-4644-9762-01F916FE90A9}" = HPPhotoSmartDiscLabel_PaperLabel
"{E517094C-06B6-419F-8FFD-EF4F57972130}" = QuickTransfer
"{E9D84FC1-A0B3-4527-B606-AC255470B72F}" = HP Photosmart Pro print plug-in for Adobe Photoshop ®
"{ea9dcc13-fd5f-4878-aca0-9905f32bd724}" = Firestorm x64
"{EB3C9064-9140-4279-9E51-965119402151}" = Plantronics® GameCom 780 Software for Dolby® Headphone
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{F59DB9BE-5C5B-47DA-A890-0A131AA13E81}" = AddCustomPaper
"{FA0E7183-6B11-4899-B25F-2C490543967E}" = PS_AIO_05_C309_Software_Min
"{FA0FF682-CC70-4C57-93CD-E276F3E7537E}" = BufferChm
"{FF167195-9EE4-46C0-8CD7-FBA3457E88AB}" = LWS Facebook
"Adobe Flash Player Plugin" = Adobe Flash Player 14 Plugin
"Comodo Dragon" = Comodo Dragon
"Coupon Printer for Windows5.0.0.0" = Coupon Printer for Windows
"Dark Age of Camelot" = Dark Age of Camelot
"EasyBCD" = EasyBCD 2.2
"Google Chrome" = Google Chrome
"HP Commercial Scanjet 5590 TWAIN Driver" = HP Commercial Scanjet 5590 TWAIN Driver
"InstallShield_{532F6E8A-AF97-41C3-915F-39F718EC07D1}" = ASUS GPU Tweak
"InstallShield_{D2A41AA7-4313-43D5-AA39-7E3FBBE0556D}" = GPUTweakStreaming
"MakerBot" = MakerWare_Bundle_of_Awesome_2.4.1.24_x64_BETA
"Malwarebytes Anti-Malware_is1" = Malwarebytes Anti-Malware version 2.0.2.1012
"MeshLab_64b" = MeshLab_64b 1.3.4BETA
"Mozilla Firefox 29.0.1 (x86 en-US)" = Mozilla Firefox 29.0.1 (x86 en-US)
"MozillaMaintenanceService" = Mozilla Maintenance Service
"NVIDIAStereo" = NVIDIA Stereoscopic 3D Driver
"PrivDog" = PrivDog
"Skanect 1.6 (Win64)" = Skanect 1.6
"SmartConsole Utility" = SmartConsole Utility
"Steam" = Steam
"Steam App 208090" = Loadout
"Steam App 20900" = The Witcher: Enhanced Edition
"Steam App 220200" = Kerbal Space Program
"Steam App 224600" = Defiance
"Steam App 34830" = Sniper: Ghost Warrior
"Steam App 440" = Team Fortress 2
"SYSM Monitor_is1" = SYSM Monitor
"TurboTax 2013" = TurboTax 2013
"VLC media player" = VLC media player 2.1.3
"Yahoo! Companion" = Yahoo! Toolbar
"Yahoo! Messenger" = Yahoo! Messenger
"Yahoo! Software Update" = Yahoo! Software Update
 
========== HKEY_CURRENT_USER Uninstall List ==========
 
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"UnityWebPlayer" = Unity Web Player
 
========== Last 20 Event Log Errors ==========
 
[ Application Events ]
Error - 8/30/2014 7:55:33 AM | Computer Name = Viper | Source = Winlogon | ID = 4103
Description = Windows license activation failed. Error 0x80070005.
 
Error - 8/30/2014 8:23:22 AM | Computer Name = Viper | Source = Winlogon | ID = 4103
Description = Windows license activation failed. Error 0x80070005.
 
Error - 8/30/2014 8:23:46 AM | Computer Name = Viper | Source = Application Error | ID = 1000
Description = Faulting application name: LU5.exe, version: 5.0.114.0, time stamp:
 0x531eddc0  Faulting module name: LU5.exe, version: 5.0.114.0, time stamp: 0x531eddc0
Exception
 code: 0xc0000005  Fault offset: 0x000217b3  Faulting process id: 0x1608  Faulting application
 start time: 0x01cfc44d3dc8570f  Faulting application path: C:\Program Files (x86)\MSI\Live
 Update 5\LU5.exe  Faulting module path: C:\Program Files (x86)\MSI\Live Update 5\LU5.exe
Report
 Id: 7c6ebe91-3040-11e4-baff-6c626d4af24b
 
Error - 8/30/2014 10:10:59 AM | Computer Name = Viper | Source = Application Error | ID = 1000
Description = Faulting application name: cavwp.exe, version: 7.0.53315.4132, time
 stamp: 0x5331ce4e  Faulting module name: script.cav, version: 6.1.13008.2801, time
 stamp: 0x516c36b6  Exception code: 0xc0000005  Fault offset: 0x000000000002b4fc  Faulting
 process id: 0x1898  Faulting application start time: 0x01cfc44d5d390c79  Faulting application
 path: C:\Program Files\COMODO\COMODO Internet Security\cavwp.exe  Faulting module
 path: C:\Program Files\COMODO\COMODO Internet Security\scanners\script.cav  Report
 Id: 76d6dc50-304f-11e4-baff-6c626d4af24b
 
Error - 8/30/2014 10:46:35 AM | Computer Name = Viper | Source = Application Error | ID = 1000
Description = Faulting application name: cavwp.exe, version: 7.0.53315.4132, time
 stamp: 0x5331ce4e  Faulting module name: script.cav, version: 6.1.13008.2801, time
 stamp: 0x516c36b6  Exception code: 0xc0000005  Fault offset: 0x000000000002b4fc  Faulting
 process id: 0x1300  Faulting application start time: 0x01cfc46075c0b00c  Faulting application
 path: C:\Program Files\COMODO\COMODO Internet Security\cavwp.exe  Faulting module
 path: C:\Program Files\COMODO\COMODO Internet Security\scanners\script.cav  Report
 Id: 6fea054d-3054-11e4-baff-6c626d4af24b
 
Error - 8/30/2014 11:03:08 AM | Computer Name = Viper | Source = Winlogon | ID = 4103
Description = Windows license activation failed. Error 0x80070005.
 
Error - 8/30/2014 11:03:54 AM | Computer Name = Viper | Source = Application Error | ID = 1000
Description = Faulting application name: LU5.exe, version: 5.0.114.0, time stamp:
 0x531eddc0  Faulting module name: LU5.exe, version: 5.0.114.0, time stamp: 0x531eddc0
Exception
 code: 0xc0000005  Fault offset: 0x000217b3  Faulting process id: 0x1ce4  Faulting application
 start time: 0x01cfc4639b7e5cd1  Faulting application path: C:\Program Files (x86)\MSI\Live
 Update 5\LU5.exe  Faulting module path: C:\Program Files (x86)\MSI\Live Update 5\LU5.exe
Report
 Id: db6f2379-3056-11e4-8c72-6c626d4af24b
 
Error - 8/30/2014 11:26:17 AM | Computer Name = Viper | Source = Winlogon | ID = 4103
Description = Windows license activation failed. Error 0x80070005.
 
Error - 8/30/2014 11:27:02 AM | Computer Name = Viper | Source = Application Error | ID = 1000
Description = Faulting application name: LU5.exe, version: 5.0.114.0, time stamp:
 0x531eddc0  Faulting module name: LU5.exe, version: 5.0.114.0, time stamp: 0x531eddc0
Exception
 code: 0xc0000005  Fault offset: 0x000217b3  Faulting process id: 0x1f2c  Faulting application
 start time: 0x01cfc466d87da20e  Faulting application path: C:\Program Files (x86)\MSI\Live
 Update 5\LU5.exe  Faulting module path: C:\Program Files (x86)\MSI\Live Update 5\LU5.exe
Report
 Id: 16c5bb8e-305a-11e4-b246-6c626d4af24b
 
Error - 8/30/2014 11:58:37 AM | Computer Name = Viper | Source = Application Error | ID = 1000
Description = Faulting application name: LU5.exe, version: 5.0.114.0, time stamp:
 0x531eddc0  Faulting module name: LU5.exe, version: 5.0.114.0, time stamp: 0x531eddc0
Exception
 code: 0xc0000005  Fault offset: 0x000217b3  Faulting process id: 0x1aa8  Faulting application
 start time: 0x01cfc46b411f5079  Faulting application path: C:\Program Files (x86)\MSI\Live
 Update 5\LU5.exe  Faulting module path: C:\Program Files (x86)\MSI\Live Update 5\LU5.exe
Report
 Id: 802c1c6b-305e-11e4-b248-6c626d4af24b
 
[ pastaleadsServiceLog Events ]
Error - 8/30/2014 8:19:45 AM | Computer Name = Viper | Source = pastaleadsServiceSource | ID = 0
Description = Uncaught Exception in Session #331 - Kanar has encountered an unexpected
 problem. If you believe this is a bug in Kanar, please copy this message by hitting
 CTRL+C, and submit a bug report using the Help | Send Feedback menu.  Could not load
 file or assembly 'HtmlAgilityPack, Version=1.4.6.0, Culture=neutral, PublicKeyToken=bd319b19eaf3b43a'
 or one of its dependencies. The system cannot find the file specified.  Type: System.IO.FileNotFoundException
Source:
 PastaLeadsService    at NpService.Worker.KanarApplication_BeforeResponse(Session
 objSession)     at Kanar.KanarApplication.DoBeforeResponse(Session oSession)     at
 Kanar.Session.InnerExecute()     at Kanar.Session.Execute(Object objThreadState)   Kanar
 v1.2.1.0 (x86 x86) [.NET 4.0.30319.18444 on Microsoft Windows NT 6.1.7601 Service
 Pack 1] 
 
Error - 8/30/2014 8:19:46 AM | Computer Name = Viper | Source = pastaleadsServiceSource | ID = 0
Description = Uncaught Exception in Session #316 - Kanar has encountered an unexpected
 problem. If you believe this is a bug in Kanar, please copy this message by hitting
 CTRL+C, and submit a bug report using the Help | Send Feedback menu.  Could not load
 file or assembly 'HtmlAgilityPack, Version=1.4.6.0, Culture=neutral, PublicKeyToken=bd319b19eaf3b43a'
 or one of its dependencies. The system cannot find the file specified.  Type: System.IO.FileNotFoundException
Source:
 PastaLeadsService    at NpService.Worker.KanarApplication_BeforeResponse(Session
 objSession)     at Kanar.KanarApplication.DoBeforeResponse(Session oSession)     at
 Kanar.Session.InnerExecute()     at Kanar.Session.Execute(Object objThreadState)   Kanar
 v1.2.1.0 (x86 x86) [.NET 4.0.30319.18444 on Microsoft Windows NT 6.1.7601 Service
 Pack 1] 
 
Error - 8/30/2014 8:19:46 AM | Computer Name = Viper | Source = pastaleadsServiceSource | ID = 0
Description = Uncaught Exception in Session #333 - Kanar has encountered an unexpected
 problem. If you believe this is a bug in Kanar, please copy this message by hitting
 CTRL+C, and submit a bug report using the Help | Send Feedback menu.  Could not load
 file or assembly 'HtmlAgilityPack, Version=1.4.6.0, Culture=neutral, PublicKeyToken=bd319b19eaf3b43a'
 or one of its dependencies. The system cannot find the file specified.  Type: System.IO.FileNotFoundException
Source:
 PastaLeadsService    at NpService.Worker.KanarApplication_BeforeResponse(Session
 objSession)     at Kanar.KanarApplication.DoBeforeResponse(Session oSession)     at
 Kanar.Session.InnerExecute()     at Kanar.Session.Execute(Object objThreadState)   Kanar
 v1.2.1.0 (x86 x86) [.NET 4.0.30319.18444 on Microsoft Windows NT 6.1.7601 Service
 Pack 1] 
 
Error - 8/30/2014 8:19:46 AM | Computer Name = Viper | Source = pastaleadsServiceSource | ID = 0
Description = Uncaught Exception in Session #317 - Kanar has encountered an unexpected
 problem. If you believe this is a bug in Kanar, please copy this message by hitting
 CTRL+C, and submit a bug report using the Help | Send Feedback menu.  Could not load
 file or assembly 'HtmlAgilityPack, Version=1.4.6.0, Culture=neutral, PublicKeyToken=bd319b19eaf3b43a'
 or one of its dependencies. The system cannot find the file specified.  Type: System.IO.FileNotFoundException
Source:
 PastaLeadsService    at NpService.Worker.KanarApplication_BeforeResponse(Session
 objSession)     at Kanar.KanarApplication.DoBeforeResponse(Session oSession)     at
 Kanar.Session.InnerExecute()     at Kanar.Session.Execute(Object objThreadState)   Kanar
 v1.2.1.0 (x86 x86) [.NET 4.0.30319.18444 on Microsoft Windows NT 6.1.7601 Service
 Pack 1] 
 
Error - 8/30/2014 8:19:46 AM | Computer Name = Viper | Source = pastaleadsServiceSource | ID = 0
Description = Uncaught Exception in Session #334 - Kanar has encountered an unexpected
 problem. If you believe this is a bug in Kanar, please copy this message by hitting
 CTRL+C, and submit a bug report using the Help | Send Feedback menu.  Could not load
 file or assembly 'HtmlAgilityPack, Version=1.4.6.0, Culture=neutral, PublicKeyToken=bd319b19eaf3b43a'
 or one of its dependencies. The system cannot find the file specified.  Type: System.IO.FileNotFoundException
Source:
 PastaLeadsService    at NpService.Worker.KanarApplication_BeforeResponse(Session
 objSession)     at Kanar.KanarApplication.DoBeforeResponse(Session oSession)     at
 Kanar.Session.InnerExecute()     at Kanar.Session.Execute(Object objThreadState)   Kanar
 v1.2.1.0 (x86 x86) [.NET 4.0.30319.18444 on Microsoft Windows NT 6.1.7601 Service
 Pack 1] 
 
Error - 8/30/2014 8:19:46 AM | Computer Name = Viper | Source = pastaleadsServiceSource | ID = 0
Description = Uncaught Exception in Session #330 - Kanar has encountered an unexpected
 problem. If you believe this is a bug in Kanar, please copy this message by hitting
 CTRL+C, and submit a bug report using the Help | Send Feedback menu.  Could not load
 file or assembly 'HtmlAgilityPack, Version=1.4.6.0, Culture=neutral, PublicKeyToken=bd319b19eaf3b43a'
 or one of its dependencies. The system cannot find the file specified.  Type: System.IO.FileNotFoundException
Source:
 PastaLeadsService    at NpService.Worker.KanarApplication_BeforeResponse(Session
 objSession)     at Kanar.KanarApplication.DoBeforeResponse(Session oSession)     at
 Kanar.Session.InnerExecute()     at Kanar.Session.Execute(Object objThreadState)   Kanar
 v1.2.1.0 (x86 x86) [.NET 4.0.30319.18444 on Microsoft Windows NT 6.1.7601 Service
 Pack 1] 
 
Error - 8/30/2014 8:19:46 AM | Computer Name = Viper | Source = pastaleadsServiceSource | ID = 0
Description = Uncaught Exception in Session #323 - Kanar has encountered an unexpected
 problem. If you believe this is a bug in Kanar, please copy this message by hitting
 CTRL+C, and submit a bug report using the Help | Send Feedback menu.  Could not load
 file or assembly 'HtmlAgilityPack, Version=1.4.6.0, Culture=neutral, PublicKeyToken=bd319b19eaf3b43a'
 or one of its dependencies. The system cannot find the file specified.  Type: System.IO.FileNotFoundException
Source:
 PastaLeadsService    at NpService.Worker.KanarApplication_BeforeResponse(Session
 objSession)     at Kanar.KanarApplication.DoBeforeResponse(Session oSession)     at
 Kanar.Session.InnerExecute()     at Kanar.Session.Execute(Object objThreadState)   Kanar
 v1.2.1.0 (x86 x86) [.NET 4.0.30319.18444 on Microsoft Windows NT 6.1.7601 Service
 Pack 1] 
 
Error - 8/30/2014 8:19:46 AM | Computer Name = Viper | Source = pastaleadsServiceSource | ID = 0
Description = Uncaught Exception in Session #322 - Kanar has encountered an unexpected
 problem. If you believe this is a bug in Kanar, please copy this message by hitting
 CTRL+C, and submit a bug report using the Help | Send Feedback menu.  Could not load
 file or assembly 'HtmlAgilityPack, Version=1.4.6.0, Culture=neutral, PublicKeyToken=bd319b19eaf3b43a'
 or one of its dependencies. The system cannot find the file specified.  Type: System.IO.FileNotFoundException
Source:
 PastaLeadsService    at NpService.Worker.KanarApplication_BeforeResponse(Session
 objSession)     at Kanar.KanarApplication.DoBeforeResponse(Session oSession)     at
 Kanar.Session.InnerExecute()     at Kanar.Session.Execute(Object objThreadState)   Kanar
 v1.2.1.0 (x86 x86) [.NET 4.0.30319.18444 on Microsoft Windows NT 6.1.7601 Service
 Pack 1] 
 
Error - 8/30/2014 8:19:46 AM | Computer Name = Viper | Source = pastaleadsServiceSource | ID = 0
Description = Uncaught Exception in Session #332 - Kanar has encountered an unexpected
 problem. If you believe this is a bug in Kanar, please copy this message by hitting
 CTRL+C, and submit a bug report using the Help | Send Feedback menu.  Could not load
 file or assembly 'HtmlAgilityPack, Version=1.4.6.0, Culture=neutral, PublicKeyToken=bd319b19eaf3b43a'
 or one of its dependencies. The system cannot find the file specified.  Type: System.IO.FileNotFoundException
Source:
 PastaLeadsService    at NpService.Worker.KanarApplication_BeforeResponse(Session
 objSession)     at Kanar.KanarApplication.DoBeforeResponse(Session oSession)     at
 Kanar.Session.InnerExecute()     at Kanar.Session.Execute(Object objThreadState)   Kanar
 v1.2.1.0 (x86 x86) [.NET 4.0.30319.18444 on Microsoft Windows NT 6.1.7601 Service
 Pack 1] 
 
Error - 8/30/2014 8:19:47 AM | Computer Name = Viper | Source = pastaleadsServiceSource | ID = 0
Description = Uncaught Exception in Session #337 - Kanar has encountered an unexpected
 problem. If you believe this is a bug in Kanar, please copy this message by hitting
 CTRL+C, and submit a bug report using the Help | Send Feedback menu.  Could not load
 file or assembly 'HtmlAgilityPack, Version=1.4.6.0, Culture=neutral, PublicKeyToken=bd319b19eaf3b43a'
 or one of its dependencies. The system cannot find the file specified.  Type: System.IO.FileNotFoundException
Source:
 PastaLeadsService    at NpService.Worker.KanarApplication_BeforeResponse(Session
 objSession)     at Kanar.KanarApplication.DoBeforeResponse(Session oSession)     at
 Kanar.Session.InnerExecute()     at Kanar.Session.Execute(Object objThreadState)   Kanar
 v1.2.1.0 (x86 x86) [.NET 4.0.30319.18444 on Microsoft Windows NT 6.1.7601 Service
 Pack 1] 
 
[ System Events ]
Error - 8/30/2014 12:07:05 PM | Computer Name = Viper | Source = NetBT | ID = 4319
Description = A duplicate name has been detected on the TCP network.  The IP address
 of  the computer that sent the message is in the data. Use nbtstat -n in a  command
 window to see which name is in the Conflict state.
 
Error - 8/30/2014 12:07:08 PM | Computer Name = Viper | Source = NetBT | ID = 4319
Description = A duplicate name has been detected on the TCP network.  The IP address
 of  the computer that sent the message is in the data. Use nbtstat -n in a  command
 window to see which name is in the Conflict state.
 
Error - 8/30/2014 12:24:55 PM | Computer Name = Viper | Source = cdrom | ID = 262151
Description = The device, \Device\CdRom0, has a bad block.
 
Error - 8/30/2014 12:25:01 PM | Computer Name = Viper | Source = NetBT | ID = 4319
Description = A duplicate name has been detected on the TCP network.  The IP address
 of  the computer that sent the message is in the data. Use nbtstat -n in a  command
 window to see which name is in the Conflict state.
 
Error - 8/30/2014 12:25:04 PM | Computer Name = Viper | Source = NetBT | ID = 4319
Description = A duplicate name has been detected on the TCP network.  The IP address
 of  the computer that sent the message is in the data. Use nbtstat -n in a  command
 window to see which name is in the Conflict state.
 
Error - 8/30/2014 12:25:07 PM | Computer Name = Viper | Source = NetBT | ID = 4319
Description = A duplicate name has been detected on the TCP network.  The IP address
 of  the computer that sent the message is in the data. Use nbtstat -n in a  command
 window to see which name is in the Conflict state.
 
Error - 8/30/2014 12:26:06 PM | Computer Name = Viper | Source = NetBT | ID = 4319
Description = A duplicate name has been detected on the TCP network.  The IP address
 of  the computer that sent the message is in the data. Use nbtstat -n in a  command
 window to see which name is in the Conflict state.
 
Error - 8/30/2014 12:26:10 PM | Computer Name = Viper | Source = NetBT | ID = 4319
Description = A duplicate name has been detected on the TCP network.  The IP address
 of  the computer that sent the message is in the data. Use nbtstat -n in a  command
 window to see which name is in the Conflict state.
 
Error - 8/30/2014 12:26:13 PM | Computer Name = Viper | Source = NetBT | ID = 4319
Description = A duplicate name has been detected on the TCP network.  The IP address
 of  the computer that sent the message is in the data. Use nbtstat -n in a  command
 window to see which name is in the Conflict state.
 
Error - 8/30/2014 12:28:09 PM | Computer Name = Viper | Source = Service Control Manager | ID = 7023
Description = The SPP Notification Service service terminated with the following
 error:   %%5
 
 
< End of report >
 


#3 LiquidTension

LiquidTension

    SuperMember

  • Retired Classroom Teacher
  • 2,566 posts

Posted 18 September 2014 - 10:34 AM

Hello, 

 

Sorry for the delay. Do you still require assistance? 


50QfLth.png

 

Would you like to help others with malware removal? Join our Classroom and learn how!


#4 LiquidTension

LiquidTension

    SuperMember

  • Retired Classroom Teacher
  • 2,566 posts

Posted 20 September 2014 - 09:55 PM

Due to inactivity this topic will be closed.
If you need help please start a new thread.

New members follow the instructions here http://forums.whatth...ed_t106388.html and start a new topic

50QfLth.png

 

Would you like to help others with malware removal? Join our Classroom and learn how!

Related Topics



0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users