Welcome to MalwareRemoval.com,
What if we told you that you could get malware removal help from experts, and that it was 100% free? MalwareRemoval.com provides free support for people with infected computers. Our help, and the tools we use are always 100% free. No hidden catch. We simply enjoy helping others. You enjoy a clean, safe computer.

Malware Removal Instructions

My folders in hard disk are appearing as shortcuts

MalwareRemoval.com provides free support for people with infected computers. Using plain language that anyone can understand, our community of volunteer experts will walk you through each step.

My folders in hard disk are appearing as shortcuts

Unread postby ahlchie » January 14th, 2014, 5:08 am

DDS

DDS (Ver_2012-11-20.01) - NTFS_AMD64
Internet Explorer: 11.0.9600.16428 BrowserJavaVersion: 10.45.2
Run by WinDows7 at 12:04:10 on 2014-01-14
Microsoft Windows 7 Home Premium 6.1.7601.1.1252.1.1033.18.6121.3337 [GMT 3:00]
.
AV: Microsoft Security Essentials *Enabled/Updated* {641105E6-77ED-3F35-A304-765193BCB75F}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
SP: Microsoft Security Essentials *Enabled/Updated* {DF70E402-51D7-30BB-99B4-4D23E83BFDE2}
.
============== Running Processes ===============
.
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\nvvsvc.exe
C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
C:\Windows\system32\svchost.exe -k RPCSS
C:\Program Files\Microsoft Security Client\MsMpEng.exe
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k GPSvcGroup
C:\Windows\system32\svchost.exe -k NetworkService
C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
C:\Windows\system32\FBAgent.exe
C:\Windows\system32\nvvsvc.exe
C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\ASLDRSrv.exe
C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\taskeng.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe
C:\Program Files (x86)\Bluetooth Suite\adminservice.exe
C:\Program Files (x86)\DefaultTab\DefaultTabSearch.exe
C:\Users\WinDows7\AppData\Roaming\DefaultTab\DefaultTab\DTUpdate.exe
C:\Windows\system32\rundll32.exe
C:\Windows\SysWOW64\rundll32.exe
C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
C:\Program Files (x86)\RealNetworks\RealDownloader\rndlresolversvc.exe
C:\Windows\system32\svchost.exe -k imgsvc
C:\Program Files\Intel\TurboBoost\TurboBoost.exe
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
C:\Program Files (x86)\Yahoo!\SoftwareUpdate\YahooAUService.exe
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
C:\Windows\System32\alg.exe
C:\Program Files\Microsoft Security Client\NisSrv.exe
C:\Windows\system32\svchost.exe -k bthsvcs
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Windows\system32\taskhost.exe
C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControl.exe
C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
C:\Windows\system32\taskeng.exe
C:\Windows\system32\taskeng.exe
C:\Program Files (x86)\ASUS\Splendid\ACMON.exe
C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
C:\Windows\SysWOW64\rundll32.exe
c:\programdata\quickset\gs-enabler\GS-Enabler.exe
C:\Program Files (x86)\Protected Search\ProtectedSearch.exe
C:\Windows\SysWOW64\ACEngSvr.exe
C:\Windows\system32\Dwm.exe
C:\Program Files\P4G\BatteryLife.exe
C:\Program Files (x86)\ASUS\SmartLogon\sensorsrv.exe
C:\Windows\Explorer.EXE
C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\ATKOSD.exe
C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\KBFiltr.exe
C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\WDC.exe
C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe
C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
C:\Program Files\Elantech\ETDCtrl.exe
C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe
C:\Program Files (x86)\Bluetooth Suite\AthBtTray.exe
C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\NvTmru.exe
C:\Program Files\Microsoft Security Client\msseces.exe
C:\Program Files\Windows Sidebar\sidebar.exe
C:\Program Files (x86)\Common Files\Ahead\Lib\NMBgMonitor.exe
C:\Program Files (x86)\Samsung\Kies\Kies.exe
C:\Program Files (x86)\Common Files\Ahead\Lib\NMIndexStoreSvr.exe
C:\Program Files (x86)\Skype\Phone\Skype.exe
C:\Program Files (x86)\uTorrent\uTorrent.exe
C:\Program Files (x86)\Counter-Strike Global Offensive\Steam\Steam.exe
C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
C:\Windows\system32\SearchIndexer.exe
C:\Program Files\Elantech\ETDCtrlHelper.exe
C:\Program Files (x86)\ASUS\Sonic Focus\SonicFocusTray.exe
C:\Program Files (x86)\Common Files\Steam\SteamService.exe
C:\Program Files (x86)\ASUS\ASUS Live Update\LiveUpdate.exe
C:\Program Files (x86)\ASUS\Wireless Console 3\wcourier.exe
C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe
C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControlUser.exe
C:\Program Files (x86)\Samsung\Kies\KiesTrayAgent.exe
C:\Program Files\Windows Media Player\wmpnetwk.exe
C:\Program Files (x86)\Yahoo!\Messenger\ymsgr_tray.exe
C:\Program Files (x86)\ASUS\ASUS WebStorage\3.0.143.296\AsusWSPanel.exe
C:\Program Files (x86)\Browser Mouse\Browser Mouse\1.1\Mouse32A.exe
C:\Program Files (x86)\HP\HP Software Update\hpwuschd2.exe
C:\Program Files (x86)\Real\RealPlayer\Update\realsched.exe
C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
C:\Windows\AsScrPro.exe
C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvc.exe
C:\Windows\system32\RunDll32.exe
C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
C:\Program Files (x86)\Common Files\Ahead\Lib\NMIndexingService.exe
C:\Windows\System32\svchost.exe -k LocalServicePeerNet
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\sysWOW64\wbem\wmiprvse.exe
C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
C:\Windows\system32\sppsvc.exe
C:\Program Files (x86)\Internet Explorer\IELowutil.exe
C:\Windows\servicing\TrustedInstaller.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\RealNetworks\RealDownloader\recordingmanager.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Windows\system32\taskhost.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files\Microsoft Security Client\MpCmdRun.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\System32\cscript.exe
.
============== Pseudo HJT Report ===============
.
uStart Page = hxxp://www.alnaddy.com?src=default
uSearch Bar = hxxp://search.certified-toolbar.com?si= ... bs=true&q=
uSearch Page = hxxp://search.certified-toolbar.com?si= ... bs=true&q=
uDefault_Page_URL = hxxp://asus.msn.com
uDefault_Search_URL = hxxp://search.certified-toolbar.com?si= ... bs=true&q=
mSearch Bar = hxxp://search.certified-toolbar.com?si= ... bs=true&q=
mSearch Page = hxxp://search.certified-toolbar.com?si= ... bs=true&q=
mDefault_Search_URL = hxxp://search.certified-toolbar.com?si= ... bs=true&q=
uURLSearchHooks: uTorrentControl_v2 Toolbar: {7473b6bd-4691-4744-a82b-7854eb3d70b6} - C:\Program Files (x86)\uTorrentControl_v2\prxtbuTor.dll
uURLSearchHooks: YTNavAssistPlugin Class: {81017EA9-9AA8-4A6A-9734-7AF40E7D593F} - C:\Program Files (x86)\Yahoo!\Companion\Installs\cpn2\yt.dll
mURLSearchHooks: uTorrentControl_v2 Toolbar: {7473b6bd-4691-4744-a82b-7854eb3d70b6} - C:\Program Files (x86)\uTorrentControl_v2\prxtbuTor.dll
mWinlogon: Userinit = userinit.exe
BHO: &Yahoo! Toolbar Helper: {02478D38-C3F9-4efb-9B51-7695ECA05670} - C:\Program Files (x86)\Yahoo!\Companion\Installs\cpn2\yt.dll
BHO: Adobe PDF Reader Link Helper: {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files (x86)\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
BHO: Broowsee22save: {07832DAB-19AC-D5D9-AE11-1931C86E0409} - C:\ProgramData\Broowsee22save\515972bf7bec6.dll
BHO: Complitly: {0FB6A909-6086-458F-BD92-1F8EE10042A0} - C:\Users\WinDows7\AppData\Roaming\Complitly\Complitly.dll
BHO: RealNetworks Download and Record Plugin for Internet Explorer: {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\IE\rndlbrowserrecordplugin.dll
BHO: Fast Search: {5AB7104A-B71F-49AD-9154-F7F8806AE848} - C:\Program Files (x86)\Surf Canyon\surfcanyon.dll
BHO: gurEaTsaVEr: {5E4424EA-800B-6903-5F27-2D4F6A2D179F} - C:\Program Files (x86)\gurEaTsaVEr\It6fl.dll
BHO: Groove GFS Browser Helper: {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll
BHO: uTorrentControl_v2 Toolbar: {7473b6bd-4691-4744-a82b-7854eb3d70b6} - C:\Program Files (x86)\uTorrentControl_v2\prxtbuTor.dll
BHO: Java(tm) Plug-In SSV Helper: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll
BHO: SelectionLinks: {7825CFB6-490A-436B-9F26-4A7B5CFC01A9} - C:\Program Files (x86)\OApps\SelectionLinks.dll
BHO: NetScout Toolbar: {7bb92ae5-1774-4fa5-9d16-1245f2c19011} - C:\Users\WinDows7\AppData\Roaming\NetScoutToolbar\NetScoutToolbar.dll
BHO: DefaultTab Browser Helper: {7F6AFBF1-E065-4627-A2FD-810366367D01} - C:\Users\WinDows7\AppData\Roaming\DefaultTab\DefaultTab\DefaultTabBHO.dll
BHO: CIESpeechBHO Class: {8D10F6C4-0E01-4BD4-8601-11AC1FDF8126} - C:\Program Files (x86)\Bluetooth Suite\IEPlugIn.dll
BHO: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
BHO: Related Searches: {96A25A24-2E87-4374-8A50-CC6F943FCE4D} - C:\Users\WinDows7\AppData\Roaming\DefaultTab\DefaultTab\Apps\RelatedLinksBHO.dll
BHO: Skype Browser Helper: {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
BHO: delta Helper Object: {C1AF5FA5-852C-4C90-812E-A7F75E011D87} - C:\Program Files (x86)\Delta\delta\1.8.21.5\bh\delta.dll
BHO: TheSea.TheSeaPlugin: {C585D593-E7F3-4852-A200-561686EE02E4} -
BHO: YoutubeAdblocker: {CB62BC6E-237A-ED05-81F6-CF3AC9AFCD7E} - C:\Program Files (x86)\YoutubeAdblocker\rz5.dll
BHO: Java(tm) Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll
TB: uTorrentControl_v2 Toolbar: {7473B6BD-4691-4744-A82B-7854EB3D70B6} - C:\Program Files (x86)\uTorrentControl_v2\prxtbuTor.dll
TB: uTorrentControl_v2 Toolbar: {7473b6bd-4691-4744-a82b-7854eb3d70b6} - C:\Program Files (x86)\uTorrentControl_v2\prxtbuTor.dll
TB: Yahoo! Toolbar: {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files (x86)\Yahoo!\Companion\Installs\cpn2\yt.dll
TB: NetScout Toolbar: {7bb92ae5-1774-4fa5-9d16-1245f2c19011} - C:\Users\WinDows7\AppData\Roaming\NetScoutToolbar\NetScoutToolbar.dll
TB: Delta Toolbar: {82E1477C-B154-48D3-9891-33D83C26BCD3} - C:\Program Files (x86)\Delta\delta\1.8.21.5\deltaTlbr.dll
TB: Related Searches: {96A25A24-2E87-4374-8A50-CC6F943FCE4D} - C:\Users\WinDows7\AppData\Roaming\DefaultTab\DefaultTab\Apps\RelatedLinksBHO.dll
EB: TheSeaApp: {c585d593-e7f4-4852-a200-561686ee02e4} -
uRun: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
uRun: [Messenger (Yahoo!)] "C:\PROGRA~2\Yahoo!\MESSEN~1\YahooMessenger.exe" -quiet
uRun: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Program Files (x86)\Common Files\Ahead\Lib\NMBgMonitor.exe"
uRun: [KiesPreload] C:\Program Files (x86)\Samsung\Kies\Kies.exe /preload
uRun: [KiesAirMessage] C:\Program Files (x86)\Samsung\Kies\KiesAirMessage.exe -startup
uRun: [Facebook Update] "C:\Users\WinDows7\AppData\Local\Facebook\Update\FacebookUpdate.exe" /c /nocrashserver
uRun: [Skype] "C:\Program Files (x86)\Skype\Phone\Skype.exe" /minimized /regrun
uRun: [uTorrent] "C:\Program Files (x86)\uTorrent\uTorrent.exe" /MINIMIZED
uRun: [Viber] "C:\Users\WinDows7\AppData\Local\Viber\Viber.exe" StartMinimized
uRun: [Steam] "C:\Program Files (x86)\Counter-Strike Global Offensive\Steam\Steam.exe" -silent
mRun: [Nuance PDF Reader-reminder] "C:\Program Files (x86)\Nuance\PDF Reader\Ereg\Ereg.exe" -r "C:\ProgramData\Nuance\PDF Reader\Ereg\Ereg.ini"
mRun: [ASUSPRP] "C:\Program Files (x86)\ASUS\APRP\APRP.EXE"
mRun: [SonicMasterTray] C:\Program Files (x86)\ASUS\Sonic Focus\SonicFocusTray.exe
mRun: [Wireless Console 3] C:\Program Files (x86)\ASUS\Wireless Console 3\wcourier.exe
mRun: [GrooveMonitor] "C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe"
mRun: [ATKOSD2] C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe
mRun: [ATKMEDIA] C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe
mRun: [HControlUser] C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControlUser.exe
mRun: [KiesTrayAgent] C:\Program Files (x86)\Samsung\Kies\KiesTrayAgent.exe
mRun: [ASUSWebStorage] C:\Program Files (x86)\ASUS\ASUS WebStorage\3.0.143.296\AsusWSPanel.exe /S
mRun: [LWBMOUSE] C:\Program Files (x86)\Browser Mouse\Browser Mouse\1.1\MOUSE32A.EXE
mRun: [HP Software Update] C:\Program Files (x86)\Hp\HP Software Update\HPWuSchd2.exe
mRun: [TkBellExe] "c:\program files (x86)\real\realplayer\Update\realsched.exe" -osboot
mRun: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
StartupFolder: C:\Users\WinDows7\AppData\Roaming\MICROS~1\Windows\STARTM~1\Programs\Startup\MONITO~1.LNK - C:\Windows\System32\RunDll32.exe
StartupFolder: C:\Users\WinDows7\AppData\Roaming\MICROS~1\Windows\STARTM~1\Programs\Startup\ONENOT~1.LNK - C:\Program Files (x86)\Microsoft Office\Office12\ONENOTEM.EXE
StartupFolder: C:\PROGRA~3\MICROS~1\Windows\STARTM~1\Programs\Startup\ADOBER~1.LNK - C:\Program Files (x86)\Adobe\Acrobat 7.0\Reader\reader_sl.exe
StartupFolder: C:\PROGRA~3\MICROS~1\Windows\STARTM~1\Programs\Startup\FANCYS~1.LNK - C:\Windows\Installer\{C944B4C5-1C4D-4D95-8AC0-7CEF13914131}\_77B5857C27147149171BE7.exe
uPolicies-Explorer: NoDriveAutoRun = dword:0
uPolicies-Explorer: NoDriveTypeAutoRun = dword:145
mPolicies-Explorer: NoActiveDesktop = dword:1
mPolicies-Explorer: NoActiveDesktopChanges = dword:1
mPolicies-System: ConsentPromptBehaviorAdmin = dword:5
mPolicies-System: ConsentPromptBehaviorUser = dword:3
mPolicies-System: EnableUIADesktopToggle = dword:0
IE: E&xport to Microsoft Excel - C:\PROGRA~2\MICROS~1\Office12\EXCEL.EXE/3000
IE: {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - {5F7B1267-94A9-47F5-98DB-E99415F33AEC} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
IE: {22CC3EBD-C286-43aa-B8E6-06B115F74162} - C:\Program Files (x86)\Hewlett-Packard\Smart Print 2.0\smartprintsetup.exe
IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - C:\Program Files (x86)\Microsoft Office\Office12\ONBttnIE.dll
IE: {7815BE26-237D-41A8-A98F-F7BD75F71086} - {8D10F6C4-0E01-4BD4-8601-11AC1FDF8126} - C:\Program Files (x86)\Bluetooth Suite\IEPlugIn.dll
IE: {7a79f9bb-17fe-4358-aa31-5c0d9086e9a3} - {7bb92ae5-1774-4fa5-9d16-1245f2c19011}
IE: {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503}
.
INFO: HKCU has more than 50 listed domains.
If you wish to scan all of them, select the 'Force scan all domains' option.
.
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.7.0/jinsta ... s-i586.cab
DPF: {CAFEEFAC-0016-0000-0029-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinsta ... s-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinsta ... s-i586.cab
TCP: NameServer = 192.168.2.1
TCP: Interfaces\{00ED5151-579A-4487-A34A-6BF3D2C2124F} : DHCPNameServer = 192.168.2.1
TCP: Interfaces\{00ED5151-579A-4487-A34A-6BF3D2C2124F}\16C63686F697 : DHCPNameServer = 192.168.43.1
TCP: Interfaces\{00ED5151-579A-4487-A34A-6BF3D2C2124F}\7594E444F4753573D20534F5E4564777F627B6 : DHCPNameServer = 192.168.2.1
TCP: Interfaces\{00ED5151-579A-4487-A34A-6BF3D2C2124F}\A4545464F485 : DHCPNameServer = 192.168.2.1
TCP: Interfaces\{00ED5151-579A-4487-A34A-6BF3D2C2124F}\F60756E6 : DHCPNameServer = 192.168.2.1
TCP: Interfaces\{1F28261D-C2DC-4615-B9B9-B2E69821084A} : DHCPNameServer = 192.168.42.129
TCP: Interfaces\{F5471CC3-E017-4FB8-8A1D-1EB1EBA8A8D3} : DHCPNameServer = 192.168.42.129
Handler: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveSystemServices.dll
Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll
Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
AppInit_DLLs= c:\progra~2\gs-ena~1\assist~1.dll
SSODL: WebCheck - <orphaned>
SEH: Groove GFS Stub Execution Hook - {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll
mASetup: {8A69D345-D564-463c-AFF1-A69D9E530F96} - "C:\Program Files (x86)\Google\Chrome\Application\31.0.1650.63\Installer\chrmstp.exe" --configure-user-settings --verbose-logging --system-level --multi-install --chrome
x64-BHO: Complitly: {0FB6A909-6086-458F-BD92-1F8EE10042A0} - C:\Users\WinDows7\AppData\Roaming\Complitly\64\Complitly64.dll
x64-BHO: gurEaTsaVEr: {5E4424EA-800B-6903-5F27-2D4F6A2D179F} - C:\Program Files (x86)\gurEaTsaVEr\It6fl.x64.dll
x64-BHO: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
x64-BHO: Skype add-on for Internet Explorer: {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll
x64-BHO: YoutubeAdblocker: {CB62BC6E-237A-ED05-81F6-CF3AC9AFCD7E} - C:\Program Files (x86)\YoutubeAdblocker\rz5.x64.dll
x64-BHO: Hotspot Shield Class: {F9E4A054-E9B1-4BC3-83A3-76A1AE736170} -
x64-Run: [RtHDVBg] C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe /SF3
x64-Run: [ETDCtrl] C:\Program Files (x86)\Elantech\ETDCtrl.exe
x64-Run: [AtherosBtStack] "C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe"
x64-Run: [AthBtTray] "C:\Program Files (x86)\Bluetooth Suite\AthBtTray.exe"
x64-Run: [IntelTBRunOnce] wscript.exe //b //nologo "C:\Program Files\Intel\TurboBoost\RunTBGadgetOnce.vbs"
x64-Run: [Nvtmru] "C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\nvtmru.exe"
x64-Run: [ShadowPlay] C:\Windows\System32\rundll32.exe C:\Windows\System32\nvspcap64.dll,ShadowPlayOnSystemStart
x64-Run: [NvBackend] "C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe"
x64-Run: [MSC] "C:\Program Files\Microsoft Security Client\msseces.exe" -hide -runkey
x64-IE: {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll
x64-Handler: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - <orphaned>
x64-Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll
x64-Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - <orphaned>
x64-Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - <orphaned>
x64-SSODL: WebCheck - <orphaned>
.
================= FIREFOX ===================
.
FF - ProfilePath - C:\Users\WinDows7\AppData\Roaming\Mozilla\Firefox\Profiles\c7vtafrv.default\
FF - prefs.js: browser.search.selectedEngine - Delta Search
FF - prefs.js: browser.startup.homepage - hxxp://www.delta-search.com/?babsrc=HP_ ... 0&tsp=4932
FF - plugin: C:\Program Files (x86)\Garena Plus\bbtalk\plugins\npPlugin\npGarenaTalkPlugin.dll
FF - plugin: C:\Program Files (x86)\Google\Update\1.3.22.3\npGoogleUpdate3.dll
FF - plugin: C:\Program Files (x86)\Java\jre7\bin\dtplugin\npdeployJava1.dll
FF - plugin: C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll
FF - plugin: C:\Program Files (x86)\Microsoft Silverlight\5.1.20913.0\npctrlui.dll
FF - plugin: C:\Program Files (x86)\Nuance\PDF Reader\bin\nppdf.dll
FF - plugin: C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll
FF - plugin: C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll
FF - plugin: c:\program files (x86)\real\realplayer\Netscape6\nprpplugin.dll
FF - plugin: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll
FF - plugin: C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlchromebrowserrecordext.dll
FF - plugin: C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlhtml5videoshim.dll
FF - plugin: C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlpepperflashvideoshim.dll
FF - plugin: C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\npdlplugin.dll
FF - plugin: C:\Users\WinDows7\AppData\Local\Facebook\Video\Skype\npFacebookVideoCalling.dll
FF - ExtSQL: 2013-12-12 21:23; singalong@xenophesoft.com; C:\Program Files (x86)\SingAlong\FF
FF - ExtSQL: 2014-01-04 13:58; gc8i_oi@ebcaoeuqe.co.uk; C:\Users\WinDows7\AppData\Roaming\Mozilla\Firefox\Profiles\c7vtafrv.default\extensions\gc8i_oi@ebcaoeuqe.co.uk
FF - ExtSQL: 2014-01-04 13:58; eu3yoy@yiejhmkw.net; C:\Users\WinDows7\AppData\Roaming\Mozilla\Firefox\Profiles\c7vtafrv.default\extensions\eu3yoy@yiejhmkw.net
.
---- FIREFOX POLICIES ----
FF - user.js: extensions.autoDisableScopes - 0
FF - user.js: extensions.shownSelectionUI - true
FF - user.js: extensions.delta.tlbrSrchUrl -
FF - user.js: extensions.delta.id - 30ad1a4e00000000000000ff07dfa2ee
FF - user.js: extensions.delta.appId - {C26644C4-2A12-4CA6-8F2E-0EDE6CF018F3}
FF - user.js: extensions.delta.instlDay - 15889
FF - user.js: extensions.delta.vrsn - 1.8.21.5
FF - user.js: extensions.delta.vrsni - 1.8.21.5
FF - user.js: extensions.delta.vrsnTs - 1.8.21.523:28:07
FF - user.js: extensions.delta.prtnrId - delta
FF - user.js: extensions.delta.prdct - delta
FF - user.js: extensions.delta.aflt - babsst
FF - user.js: extensions.delta.smplGrp - none
FF - user.js: extensions.delta.tlbrId - base
FF - user.js: extensions.delta.instlRef - sst
FF - user.js: extensions.delta.dfltLng - en
FF - user.js: extensions.delta.excTlbr - false
FF - user.js: extensions.delta.ffxUnstlRst - true
FF - user.js: extensions.delta.admin - false
FF - user.js: extensions.delta_i.babTrack - affID=119520&tsp=4932
FF - user.js: extensions.delta_i.babExt -
FF - user.js: extensions.delta_i.srcExt - ss
FF - user.js: extensions.delta.autoRvrt - false
FF - user.js: extensions.delta.rvrt - false
FF - user.js: extensions.delta.newTab - false
.
============= SERVICES / DRIVERS ===============
.
R0 MpFilter;Microsoft Malware Protection Driver;C:\Windows\System32\drivers\MpFilter.sys [2010-10-24 248240]
R0 PxHlpa64;PxHlpa64;C:\Windows\System32\drivers\PxHlpa64.sys [2013-5-5 52760]
R1 ATKWMIACPIIO;ATKWMIACPI Driver;C:\Program Files (x86)\ASUS\ATK Package\ATK WMIACPI\atkwmiacpi64.sys [2011-9-7 17536]
R2 AFBAgent;AFBAgent;C:\Windows\System32\FBAgent.exe [2012-1-10 379520]
R2 ASMMAP64;ASMMAP64;C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\ASMMAP64.sys [2009-7-2 15416]
R2 Atheros Bt&Wlan Coex Agent;Atheros Bt&Wlan Coex Agent;C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe [2011-3-13 138400]
R2 AtherosSvc;AtherosSvc;C:\Program Files (x86)\Bluetooth Suite\AdminService.exe [2011-3-13 74912]
R2 DefaultTabSearch;DefaultTabSearch;C:\Program Files (x86)\DefaultTab\DefaultTabSearch.exe [2013-12-20 574464]
R2 DefaultTabUpdate;DefaultTabUpdate;C:\Users\WinDows7\AppData\Roaming\DefaultTab\DefaultTab\DTUpdate.exe [2013-5-5 107520]
R2 e81a9dc1;GS-Supporter;C:\Windows\System32\rundll32.exe [2009-7-14 45568]
R2 NisDrv;Microsoft Network Inspection System;C:\Windows\System32\drivers\NisDrvWFP.sys [2010-10-24 134944]
R2 NvNetworkService;NVIDIA Network Service;C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [2013-12-9 1370912]
R2 NvStreamSvc;NVIDIA Streamer Service;C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [2013-12-6 15128352]
R2 RealNetworks Downloader Resolver Service;RealNetworks Downloader Resolver Service;C:\Program Files (x86)\RealNetworks\RealDownloader\rndlresolversvc.exe [2013-8-14 39056]
R2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service;C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [2013-11-11 414496]
R2 TurboB;Turbo Boost UI Monitor driver;C:\Windows\System32\drivers\TurboB.sys [2010-4-17 13832]
R2 TurboBoost;Intel(R) Turbo Boost Technology Monitor;C:\Program Files\Intel\TurboBoost\TurboBoost.exe [2010-4-17 134928]
R3 asmthub3;ASMedia USB3 Hub Service;C:\Windows\System32\drivers\asmthub3.sys [2011-6-2 128488]
R3 asmtxhci;ASMEDIA XHCI Service;C:\Windows\System32\drivers\asmtxhci.sys [2011-6-2 401896]
R3 AthBTPort;Atheros Virtual Bluetooth Class;C:\Windows\System32\drivers\btath_flt.sys [2011-3-13 36000]
R3 BTATH_A2DP;Bluetooth A2DP Audio Driver;C:\Windows\System32\drivers\btath_a2dp.sys [2011-3-13 298656]
R3 BTATH_BUS;Atheros Bluetooth Bus;C:\Windows\System32\drivers\btath_bus.sys [2011-3-13 28832]
R3 BTATH_HCRP;Bluetooth HCRP Server driver;C:\Windows\System32\drivers\btath_hcrp.sys [2011-3-13 201376]
R3 BTATH_LWFLT;Bluetooth LWFLT Device;C:\Windows\System32\drivers\btath_lwflt.sys [2011-3-13 55456]
R3 BTATH_RCP;Bluetooth AVRCP Device;C:\Windows\System32\drivers\btath_rcp.sys [2011-3-13 154272]
R3 BtFilter;BtFilter;C:\Windows\System32\drivers\btfilter.sys [2011-3-13 280224]
R3 ETD;ELAN PS/2 Port Input Device;C:\Windows\System32\drivers\ETD.sys [2011-11-24 142632]
R3 NisSrv;Microsoft Network Inspection;C:\Program Files\Microsoft Security Client\NisSrv.exe [2013-10-23 348376]
R3 nvvad_WaveExtensible;NVIDIA Virtual Audio Device (Wave Extensible) (WDM);C:\Windows\System32\drivers\nvvad64v.sys [2013-12-9 39200]
R3 RSUSBVSTOR;RtsUVStor.Sys Realtek USB Card Reader;C:\Windows\System32\drivers\rtsuvstor.sys [2012-1-10 311400]
R3 RTL8167;Realtek 8167 NT Driver;C:\Windows\System32\drivers\Rt64win7.sys [2012-1-10 413800]
S2 BstHdAndroidSvc;BlueStacks Android Service;"C:\Program Files (x86)\BlueStacks\HD-Service.exe" BstHdAndroidSvc Android --> C:\Program Files (x86)\BlueStacks\HD-Service.exe [?]
S2 BstHdLogRotatorSvc;BlueStacks Log Rotator Service;C:\Program Files (x86)\BlueStacks\HD-LogRotatorService.exe --> C:\Program Files (x86)\BlueStacks\HD-LogRotatorService.exe [?]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-3-19 138576]
S2 SkypeUpdate;Skype Updater;C:\Program Files (x86)\Skype\Updater\Updater.exe [2013-9-5 171680]
S3 androidusb;SAMSUNG Android Composite ADB Interface Driver;C:\Windows\System32\drivers\ssadadb.sys [2013-4-5 38080]
S3 dg_ssudbus;SAMSUNG Mobile USB Composite Device Driver (DEVGURU Ver.);C:\Windows\System32\drivers\ssudbus.sys [2013-4-5 102936]
S3 fssfltr;fssfltr;C:\Windows\System32\drivers\fssfltr.sys [2011-10-19 48488]
S3 fsssvc;Windows Live Family Safety Service;C:\Program Files (x86)\Windows Live\Family Safety\fsssvc.exe [2011-5-14 1492840]
S3 FsUsbExDisk;FsUsbExDisk;C:\Windows\SysWOW64\FsUsbExDisk.Sys [2013-3-6 37344]
S3 IEEtwCollectorService;Internet Explorer ETW Collector Service;C:\Windows\System32\ieetwcollector.exe [2013-12-26 111616]
S3 L1C;NDIS Miniport Driver for Atheros AR8131/AR8132 PCI-E Ethernet Controller (NDIS 6.20);C:\Windows\System32\drivers\L1C62x64.sys [2009-6-10 57344]
S3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;C:\Windows\System32\drivers\rdpvideominiport.sys [2013-1-4 19456]
S3 SiSGbeLH;SiS191/SiS190 Ethernet Device NDIS 6.0 Driver;C:\Windows\System32\drivers\SiSG664.sys [2009-6-10 56832]
S3 ssadbus;SAMSUNG Android USB Composite Device driver (WDM);C:\Windows\System32\drivers\ssadbus.sys [2013-4-5 169288]
S3 ssadmdfl;SAMSUNG Android USB Modem (Filter);C:\Windows\System32\drivers\ssadmdfl.sys [2013-4-5 21320]
S3 ssadmdm;SAMSUNG Android USB Modem Drivers;C:\Windows\System32\drivers\ssadmdm.sys [2013-4-5 188232]
S3 ssadserd;SAMSUNG Android USB Diagnostic Serial Port (WDM);C:\Windows\System32\drivers\ssadserd.sys [2013-4-5 158024]
S3 ssudmdm;SAMSUNG Mobile USB Modem Drivers (DEVGURU Ver.);C:\Windows\System32\drivers\ssudmdm.sys [2013-4-5 203544]
S3 ssudserd;SAMSUNG Mobile USB Diagnostic Serial Port(DEVGURU Ver.);C:\Windows\System32\drivers\ssudserd.sys [2013-4-5 203544]
S3 taphss6;Anchorfree HSS VPN Adapter;C:\Windows\System32\drivers\taphss6.sys [2013-4-24 42184]
S3 TsUsbFlt;TsUsbFlt;C:\Windows\System32\drivers\TsUsbFlt.sys [2013-1-4 57856]
S3 TsUsbGD;Remote Desktop Generic USB Device;C:\Windows\System32\drivers\TsUsbGD.sys [2013-1-4 30208]
S3 WatAdminSvc;Windows Activation Technologies Service;C:\Windows\System32\Wat\WatAdminSvc.exe [2012-12-15 1255736]
S4 wlcrasvc;Windows Live Mesh remote connections service;C:\Program Files\Windows Live\Mesh\wlcrasvc.exe [2010-9-23 57184]
.
=============== Created Last 30 ================
.
2014-01-12 20:47:43 10315576 ----a-w- C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{2E927A8F-FF45-4F16-AA33-B43ED02C95A1}\mpengine.dll
2014-01-11 20:20:47 10315576 ------w- C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\Backup\mpengine.dll
2014-01-10 19:42:58 -------- d-----w- C:\_OTL
2014-01-10 18:33:33 -------- d-----w- C:\MGADiagToolOutput
2013-12-31 17:21:02 -------- d-----w- C:\Users\WinDows7\AppData\Roaming\EZDownloader
2013-12-31 17:12:21 -------- d-----w- C:\ProgramData\QuickSet
2013-12-31 17:12:15 -------- d-----w- C:\Program Files (x86)\GS-Enabler
2013-12-31 17:11:36 -------- d-----w- C:\ProgramData\YoutubeAdblocker
2013-12-31 17:11:36 -------- d-----w- C:\Program Files (x86)\YoutubeAdblocker
2013-12-31 17:11:20 -------- d-----w- C:\ProgramData\e758283df9e729ea
2013-12-31 17:11:19 -------- d-----w- C:\Users\WinDows7\AppData\Local\Packages
2013-12-31 17:11:19 -------- d-----w- C:\ProgramData\gurEaTsaVEr
2013-12-31 17:11:18 -------- d-----w- C:\Users\WinDows7\AppData\Local\Torch
2013-12-31 17:11:18 -------- d-----w- C:\Users\WinDows7\AppData\Local\Comodo
2013-12-31 17:11:18 -------- d-----w- C:\Program Files (x86)\gurEaTsaVEr
2013-12-31 16:49:56 972264 ------w- C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\NISBackup\gapaengine.dll
2013-12-31 16:49:54 965000 ------w- C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{E4A8AE84-E928-48C5-B42B-55990030608A}\gapaengine.dll
2013-12-26 14:50:23 -------- d-----w- C:\Program Files (x86)\Microsoft Security Client
.
==================== Find3M ====================
.
2014-01-14 08:57:51 45056 ----a-w- C:\Windows\SysWow64\acovcnt.exe
2013-11-29 16:56:58 1096480 ----a-w- C:\Windows\System32\nvspcap64.dll
2013-11-29 16:56:57 979744 ----a-w- C:\Windows\SysWow64\nvspcap.dll
2013-11-26 10:19:07 2724864 ----a-w- C:\Windows\System32\mshtml.tlb
2013-11-26 10:18:23 4096 ----a-w- C:\Windows\System32\ieetwcollectorres.dll
2013-11-26 09:48:07 66048 ----a-w- C:\Windows\System32\iesetup.dll
2013-11-26 09:46:25 48640 ----a-w- C:\Windows\System32\ieetwproxystub.dll
2013-11-26 09:23:02 2724864 ----a-w- C:\Windows\SysWow64\mshtml.tlb
2013-11-26 09:18:39 139264 ----a-w- C:\Windows\System32\ieUnatt.exe
2013-11-26 09:18:09 111616 ----a-w- C:\Windows\System32\ieetwcollector.exe
2013-11-26 09:16:57 708608 ----a-w- C:\Windows\System32\jscript9diag.dll
2013-11-26 08:35:02 5769216 ----a-w- C:\Windows\System32\jscript9.dll
2013-11-26 08:28:16 553472 ----a-w- C:\Windows\SysWow64\jscript9diag.dll
2013-11-26 08:16:12 4243968 ----a-w- C:\Windows\SysWow64\jscript9.dll
2013-11-26 08:02:16 1995264 ----a-w- C:\Windows\System32\inetcpl.cpl
2013-11-26 07:32:06 1928192 ----a-w- C:\Windows\SysWow64\inetcpl.cpl
2013-11-26 07:07:57 2334208 ----a-w- C:\Windows\System32\wininet.dll
2013-11-26 06:33:33 1820160 ----a-w- C:\Windows\SysWow64\wininet.dll
2013-11-23 18:26:20 417792 ----a-w- C:\Windows\SysWow64\WMPhoto.dll
2013-11-23 17:47:34 465920 ----a-w- C:\Windows\System32\WMPhoto.dll
2013-11-19 10:21:41 267936 ------w- C:\Windows\System32\MpSigStub.exe
2013-11-12 02:23:09 2048 ----a-w- C:\Windows\System32\tzres.dll
2013-11-12 02:07:29 2048 ----a-w- C:\Windows\SysWow64\tzres.dll
2013-11-11 15:02:02 6674208 ----a-w- C:\Windows\System32\nvcpl.dll
2013-11-11 15:02:02 3490080 ----a-w- C:\Windows\System32\nvsvc64.dll
2013-11-11 15:01:59 922912 ----a-w- C:\Windows\System32\nvvsvc.exe
2013-11-11 15:01:59 63776 ----a-w- C:\Windows\System32\nvshext.dll
2013-11-11 15:01:59 2559776 ----a-w- C:\Windows\System32\nvsvcr.dll
2013-11-11 15:01:59 219424 ----a-w- C:\Windows\System32\nvmctray.dll
2013-11-11 05:59:28 590112 ----a-w- C:\Windows\SysWow64\nvStreaming.exe
2013-10-30 17:03:12 39200 ----a-w- C:\Windows\System32\drivers\nvvad64v.sys
2013-10-30 17:02:58 35104 ----a-w- C:\Windows\System32\nvaudcap64v.dll
2013-10-30 17:02:56 32544 ----a-w- C:\Windows\SysWow64\nvaudcap32v.dll
2013-10-30 02:32:01 335360 ----a-w- C:\Windows\System32\msieftp.dll
2013-10-30 02:19:52 301568 ----a-w- C:\Windows\SysWow64\msieftp.dll
2013-10-30 01:24:31 3155968 ----a-w- C:\Windows\System32\win32k.sys
2013-10-19 02:18:57 81408 ----a-w- C:\Windows\System32\imagehlp.dll
2013-10-19 01:36:59 159232 ----a-w- C:\Windows\SysWow64\imagehlp.dll
.
============= FINISH: 12:04:51.65 ===============




attach.txt

.
UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.
IF REQUESTED, ZIP IT UP & ATTACH IT
.
DDS (Ver_2012-11-20.01)
.
Microsoft Windows 7 Home Premium
Boot Device: \Device\HarddiskVolume2
Install Date: 12/7/2012 12:02:45 AM
System Uptime: 1/14/2014 11:56:47 AM (1 hours ago)
.
Motherboard: ASUSTeK Computer Inc. | | K43SM
Processor: Intel(R) Core(TM) i5-2450M CPU @ 2.50GHz | CPU 1 | 2501/100mhz
.
==== Disk Partitions =========================
.
C: is FIXED (NTFS) - 300 GiB total, 142.407 GiB free.
D: is FIXED (NTFS) - 374 GiB total, 188.945 GiB free.
E: is CDROM ()
H: is FIXED (NTFS) - 932 GiB total, 529.828 GiB free.
.
==== Disabled Device Manager Items =============
.
==== System Restore Points ===================
.
RP190: 12/14/2013 1:13:35 PM - Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.51106
RP191: 12/15/2013 12:56:03 AM - Windows Update
RP192: 12/26/2013 5:41:12 PM - Windows Update
RP193: 12/26/2013 5:49:18 PM - Windows Update
RP194: 12/31/2013 7:49:18 PM - Windows Update
RP195: 1/4/2014 1:56:33 PM - Windows Update
RP196: 1/10/2014 8:57:38 PM - Windows Update
RP197: 1/10/2014 10:43:10 PM - OTL Restore Point - 1/10/2014 10:43:10 PM
.
==== Installed Programs ======================
.
???? ??? Windows Live
???? Windows Live
µTorrent
Adobe Flash Player 10 Plugin
Adobe Flash Player 11 ActiveX
Adobe Reader 7.0.8
Asmedia ASM104x USB 3.0 Host Controller Driver
Assassins Creed IV Black Flag version 1.0.0.0
ASUS AI Recovery
ASUS FancyStart
ASUS K3 Series ScreenSaver
ASUS LifeFrame3
ASUS Live Update
ASUS Power4Gear Hybrid
ASUS SmartLogon
ASUS Splendid Video Enhancement Technology
ASUS Virtual Camera
ASUS WebStorage
AsusVibe2.0
Atheros Client Installation Program
ATK Package
Bigasoft Total Video Converter 3.7.42.4878
BlueStacks App Player
Bluetooth Win7 Suite (64)
Browser Mouse
BrowseToSave
Call of Duty Black Ops 2
Call of Duty Ghosts
CCleaner
Complitly
Counter-Strike 1.6
CyberLink LabelPrint
CyberLink Media Suite
CyberLink Power2Go
D3DX10
DefaultTab
Delta Chrome Toolbar
Delta toolbar
DmC Devil May Cry
Dota 2
Dota 2 version 518
ETDWare PS/2-X64 8.0.5.3_WHQL
Facebook Video Calling 1.2.0.287
Far Cry 3
Fast Boot
Fast Search
FTDownloader
Galerie de photos Windows Live
Galería fotográfica de Windows Live
Game Park Console
Garena Plus
GeForce Experience NvStream Client Components
GOM Player
Google Chrome
Google Update Helper
GS-Enabler
GS-Supporter 1.80
gurEaTsaVEr
Hotfix for Microsoft .NET Framework 4 Client Profile (KB2461678)
HP Deskjet 2050 J510 series Basic Device Software
HP Deskjet 2050 J510 series Help
HP Deskjet 2050 J510 series Product Improvement Study
HP Photo Creations
HP Update
HyperCam 3
Intel(R) Turbo Boost Technology Monitor
Java 7 Update 45
Java Auto Updater
Java(TM) 6 Update 29
Junk Mail filter update
Max Payne 3
Media converter
Mesh Runtime
Microsoft .NET Framework 4 Client Profile
Microsoft .NET Framework 4 Extended
Microsoft Application Error Reporting
Microsoft Games for Windows - LIVE Redistributable
Microsoft Games for Windows Marketplace
Microsoft Office 2007 Service Pack 3 (SP3)
Microsoft Office 2010
Microsoft Office Access MUI (English) 2007
Microsoft Office Access Setup Metadata MUI (English) 2007
Microsoft Office Enterprise 2007
Microsoft Office Excel MUI (English) 2007
Microsoft Office File Validation Add-In
Microsoft Office Groove MUI (English) 2007
Microsoft Office Groove Setup Metadata MUI (English) 2007
Microsoft Office InfoPath MUI (English) 2007
Microsoft Office Office 64-bit Components 2007
Microsoft Office OneNote MUI (English) 2007
Microsoft Office Outlook MUI (English) 2007
Microsoft Office PowerPoint MUI (English) 2007
Microsoft Office Proof (English) 2007
Microsoft Office Proof (French) 2007
Microsoft Office Proof (Spanish) 2007
Microsoft Office Proofing (English) 2007
Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
Microsoft Office Publisher MUI (English) 2007
Microsoft Office Shared 64-bit MUI (English) 2007
Microsoft Office Shared 64-bit Setup Metadata MUI (English) 2007
Microsoft Office Shared MUI (English) 2007
Microsoft Office Shared Setup Metadata MUI (English) 2007
Microsoft Office Word MUI (English) 2007
Microsoft Security Client
Microsoft Security Essentials
Microsoft Silverlight
Microsoft SQL Server 2005 Compact Edition [ENU]
Microsoft Visual C++ 2005 Redistributable
Microsoft Visual C++ 2005 Redistributable (x64)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.51106
Microsoft Visual C++ 2012 x86 Additional Runtime - 11.0.51106
Microsoft Visual C++ 2012 x86 Minimum Runtime - 11.0.51106
Mozilla Firefox 22.0 (x86 en-US)
Mozilla Maintenance Service
MSVCRT
MSVCRT_amd64
MyFreeCodec
NBA 2K13
NBA 2K14
Need for Speed™ The Run
Nero 7 Essentials
NetScout Toolbar 2.0
Nuance PDF Reader
NVIDIA 3D Vision Driver 331.82
NVIDIA Control Panel 331.82
NVIDIA GeForce Experience 1.8
NVIDIA Graphics Driver 331.82
NVIDIA HD Audio Driver 1.3.26.4
NVIDIA Install Application
NVIDIA LED Visualizer 1.0
NVIDIA Network Service
NVIDIA PhysX
NVIDIA PhysX System Software 9.13.0725
NVIDIA ShadowPlay 10.10.5
NVIDIA Stereoscopic 3D Driver
NVIDIA Update 10.10.5
NVIDIA Update Core
NVIDIA Virtual Audio 1.2.12
OpenMG Secure Module 5.0.00
Plants vs Zombies
Protected Search 1.1
RealDownloader
RealNetworks - Microsoft Visual C++ 2008 Runtime
RealNetworks - Microsoft Visual C++ 2010 Runtime
RealPlayer
Realtek Ethernet Controller Driver
Realtek High Definition Audio Driver
Realtek USB 2.0 Reader Driver
RealUpgrade 1.1
Rockstar Games Social Club
Samsung Kies
SAMSUNG USB Driver for Mobile Phones
Security Update for Microsoft .NET Framework 4 Client Profile (KB2604121)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2656351)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2656368v2)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2686827)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2729449)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2736428)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2737019)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2742595)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2789642)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2804576)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2835393)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2840628)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2840628v2)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2858302v2)
Security Update for Microsoft .NET Framework 4 Extended (KB2487367)
Security Update for Microsoft .NET Framework 4 Extended (KB2656351)
Security Update for Microsoft .NET Framework 4 Extended (KB2736428)
Security Update for Microsoft .NET Framework 4 Extended (KB2742595)
Security Update for Microsoft .NET Framework 4 Extended (KB2858302v2)
Security Update for Microsoft Office 2007 suites (KB2596744) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2596754) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2596792) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2596825) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2596871) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2597969) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2597973) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2687439) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2760411) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2760415) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2760585) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2760591) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2817641) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2827326) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2827329) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2850022) 32-Bit Edition
Security Update for Microsoft Office Excel 2007 (KB2827324) 32-Bit Edition
Security Update for Microsoft Office InfoPath 2007 (KB2687440) 32-Bit Edition
Security Update for Microsoft Office Outlook 2007 (KB2825644) 32-Bit Edition
Security Update for Microsoft Office PowerPoint 2007 (KB2596764) 32-Bit Edition
Security Update for Microsoft Office PowerPoint 2007 (KB2596912) 32-Bit Edition
Security Update for Microsoft Office Publisher 2007 (KB2597971) 32-Bit Edition
Security Update for Microsoft Office Word 2007 (KB2827330) 32-Bit Edition
SelectionLinks
SHIELD Streaming
Skype Click to Call
Skype™ 6.11
Sonic Focus
SonicStage 4.3
Steam
Street Fighter X Tekken
The Sea App (Internet Explorer)
Update for 2007 Microsoft Office System (KB967642)
Update for Microsoft .NET Framework 4 Client Profile (KB2468871)
Update for Microsoft .NET Framework 4 Client Profile (KB2533523)
Update for Microsoft .NET Framework 4 Client Profile (KB2600217)
Update for Microsoft .NET Framework 4 Client Profile (KB2836939)
Update for Microsoft .NET Framework 4 Client Profile (KB2836939v3)
Update for Microsoft .NET Framework 4 Extended (KB2468871)
Update for Microsoft .NET Framework 4 Extended (KB2533523)
Update for Microsoft .NET Framework 4 Extended (KB2600217)
Update for Microsoft .NET Framework 4 Extended (KB2836939)
Update for Microsoft .NET Framework 4 Extended (KB2836939v3)
Update for Microsoft Office 2007 Help for Common Features (KB963673)
Update for Microsoft Office 2007 suites (KB2596620) 32-Bit Edition
Update for Microsoft Office 2007 suites (KB2687493) 32-Bit Edition
Update for Microsoft Office 2007 suites (KB2767849) 32-Bit Edition
Update for Microsoft Office 2007 suites (KB2767916) 32-Bit Edition
Update for Microsoft Office Access 2007 Help (KB963663)
Update for Microsoft Office Excel 2007 Help (KB963678)
Update for Microsoft Office Infopath 2007 Help (KB963662)
Update for Microsoft Office OneNote 2007 Help (KB963670)
Update for Microsoft Office Outlook 2007 (KB2687404) 32-Bit Edition
Update for Microsoft Office Outlook 2007 Help (KB963677)
Update for Microsoft Office Outlook 2007 Junk Email Filter (KB2850085) 32-Bit Edition
Update for Microsoft Office Powerpoint 2007 Help (KB963669)
Update for Microsoft Office Publisher 2007 Help (KB963667)
Update for Microsoft Office Script Editor Help (KB963671)
Update for Microsoft Office Word 2007 Help (KB963665)
uTorrentControl_v2 Toolbar
VLC media player 2.0.1
Warcraft III
Warcraft III: All Products
Windows Live
Windows Live ???
Windows Live ????
Windows Live Communications Platform
Windows Live Essentials
Windows Live Family Safety
Windows Live Fotograf Galerisi
Windows Live Galeria de Fotos
Windows Live ID Sign-in Assistant
Windows Live Installer
Windows Live Language Selector
Windows Live Mail
Windows Live Mesh
Windows Live Messenger
Windows Live MIME IFilter
Windows Live Movie Maker
Windows Live Photo Common
Windows Live Photo Gallery
Windows Live PIMT Platform
Windows Live Remote Client
Windows Live Remote Client Resources
Windows Live Remote Service
Windows Live Remote Service Resources
Windows Live SOXE
Windows Live SOXE Definitions
Windows Live Temel Parçalar
Windows Live UX Platform
Windows Live UX Platform Language Pack
Windows Live Writer
Windows Live Writer Resources
Windows Movie Maker 6.1
WinFlash
WinRAR archiver
WinZip 15.0
Wireless Console 3
xuggle-xuggler
Yahoo! Messenger
Yahoo! Software Update
Yahoo! Toolbar
YoutubeAdblocker
.
==== Event Viewer Messages From Past Week ========
.
1/14/2014 11:57:17 AM, Error: Service Control Manager [7001] - The BlueStacks Android Service service depends on the BlueStacks Hypervisor service which failed to start because of the following error: The system cannot find the path specified.
1/14/2014 11:57:10 AM, Error: Service Control Manager [7000] - The BlueStacks Log Rotator Service service failed to start due to the following error: The system cannot find the file specified.
1/14/2014 11:57:10 AM, Error: Service Control Manager [7000] - The BlueStacks Hypervisor service failed to start due to the following error: The system cannot find the path specified.
1/12/2014 11:45:26 PM, Error: Microsoft-Windows-SharedAccess_NAT [31004] - The DNS proxy agent was unable to allocate 0 bytes of memory. This may indicate that the system is low on virtual memory, or that the memory manager has encountered an internal error.
1/12/2014 11:36:49 PM, Error: Service Control Manager [7034] - The DefaultTabSearch service terminated unexpectedly. It has done this 1 time(s).
1/10/2014 8:50:47 PM, Error: Service Control Manager [7009] - A timeout was reached (30000 milliseconds) while waiting for the Steam Client Service service to connect.
1/10/2014 8:50:47 PM, Error: Service Control Manager [7000] - The Steam Client Service service failed to start due to the following error: The service did not respond to the start or control request in a timely fashion.
1/10/2014 8:49:44 PM, Error: Disk [11] - The driver detected a controller error on \Device\Harddisk1\DR1.
1/10/2014 10:42:58 PM, Error: Service Control Manager [7034] - The NVIDIA Stereoscopic 3D Driver Service service terminated unexpectedly. It has done this 1 time(s).
.
==== End Of File ===========================
ahlchie
Regular Member
 
Posts: 29
Joined: January 10th, 2014, 4:26 pm
Advertisement
Register to Remove

Re: My folders in hard disk are appearing as shortcuts

Unread postby Gary R » January 14th, 2014, 7:03 am

looking over your logs, back soon.
User avatar
Gary R
Administrator
Administrator
 
Posts: 21864
Joined: June 28th, 2005, 11:36 am
Location: Yorkshire

Re: My folders in hard disk are appearing as shortcuts

Unread postby Gary R » January 14th, 2014, 7:21 am

Please note that all instructions given are customised for this computer only, the tools used may cause damage if used on a computer with different infections.

If you think you have similar problems, please post a log in the "Infected? Virus, malware, adware, ransomware, oh my!" forum and wait for help.


Unless informed of in advance, failure to post replies within 3 days will result in this thread being closed.


Hi ahlchie

I'm Gary R,

Before we start: Please be aware that removing Malware is a potentially hazardous undertaking. I will take care not to knowingly suggest courses of action that might damage your computer. However it is impossible for me to foresee all interactions that may happen between the software on your computer and those we'll use to clear you of infection, and I cannot guarantee the safety of your system. It is possible that we might encounter situations where the only recourse is to re-format and re-install your operating system, or to necessitate you taking your computer to a repair shop.

Because of this, I advise you to backup any personal files and folders before you start.

As an added safety precaution, before we start removing anything, I'd like you to make a backup of your Registry, which we can restore to if necessary.

Please click on THIS link, and follow the instructions for installing TCRB and creating a backup of your Registry.

Please observe these rules while we work:
  • Do not edit your logs in any way whatsoever.
  • Perform all actions in the order given.
  • If you don't know, stop and ask! Don't keep going on.
  • Please reply to this thread. Do not start a new topic.
  • Stick with it till you're given the all clear.
  • Remember, absence of symptoms does not mean the infection is all gone.
  • Don't attempt to install any new software (other than those I ask you to) until we've got your computer clean.
  • Don't attempt to clean your computer with any tools other than the ones I ask you to use during the cleanup process. If your defensive programmes warn you about any of those tools, be assured that they are not infected, and are safe to use.
If you can do these things, everything should go smoothly.
  • As you're using Windows 7, it will be necessary to right click all tools we use and select ----> Run as Administrator

It may be helpful to you to print out or take a copy of any instructions given, as sometimes it is necessary to go offline and you will lose access to them.


OK, there's quite a few things that need attention in your DDS logs, it will take a while to deal with them all, so just stick with us and we should be able to get rid of the infection. Whether that will resolve all your problems is impossible to say at this point.

Please go to Control Panel > Programs > Uninstall a program and Uninstall the following:

µTorrent
Java(TM) 6 Update 29
uTorrentControl_v2 Toolbar


Use of P2P programs is the swiftest and surest way I know of to contract an infection, in return for our help this forum insists on their removal ... viewtopic.php?p=491394#p491394

Out of date versions of Java can be exploited even if you have the latest version installed on your computer as well.

Reboot your computer once all those programs have been uninstalled.

Next

Please download AdwCleaner and save it to your desktop.

  • Double click AdwCleaner.exe to run it.
  • Click Scan.
  • A logfile will automatically open after the scan has finished.
  • Close the adwCleaner window, click ok to the prompt.
  • Please post the contents of that logfile with your next reply.
  • You can also find the logfile at C:\AdwCleaner[R1].txt.

DO NOT TRY TO FIX (CLEAN) ANYTHING WITH ADWCLEANER AT THIS POINT.

Next

Download OTL by OldTimer to your Desktop.

If you already have a copy of OTL delete it and use this version.

  • Double click OTL.exe to launch the programme.
  • Check the following.
    • Scan all users.
    • Standard Output.
    • Lop check.
    • Purity check.
  • Under Extra Registry section, select Use SafeList
  • Click the Run Scan button and wait for the scan to finish (usually about 10-15 mins).
  • When finished it will produce two logs.
    • OTL.txt (open on your desktop).
    • Extras.txt (minimised in your taskbar)
  • Please post me both logs.

Next

Please download SystemLook from the link below and save it to your Desktop.

For 64 bit Systems

  • Double-click SystemLook.exe to run it.
  • Copy and paste the contents of the following codebox into the main textfield:
    Code: Select all
    :filefind
    *Fun4IM*
    *Bandoo*
    *Searchnu*
    *Searchqu*
    *iLivid*
    *whitesmoke*
    *datamngr*
    *trolltech*
    *babylon*
    *conduit*
    
    :folderfind
    *Fun4IM*
    *Bandoo*
    *Searchnu*
    *Searchqu*
    *iLivid*
    *whitesmoke*
    *datamngr*
    *trolltech*
    *babylon*
    *conduit*
    
    :Regfind
    Fun4IM
    Bandoo
    Searchnu
    Searchqu
    iLivid
    whitesmoke
    datamngr
    kelkoopartners
    trolltech
    babylon
    conduit
    
  • Click the Look button to start the scan.
  • When finished, a notepad window will open with the results of the scan.
  • Please post this log in your next reply.
Note: The log can also be found on your Desktop entitled SystemLook.txt

Summary of the logs I need from you in your next post:
  • AdwCleaner[R1].txt
  • OTL.txt
  • Extras.txt
  • Systemlook.txt


Please post each log separately to prevent it being cut off by the forum post size limiter. Check each after you've posted it to make sure it's all present, if any log is cut off you'll have to post it in sections.
User avatar
Gary R
Administrator
Administrator
 
Posts: 21864
Joined: June 28th, 2005, 11:36 am
Location: Yorkshire

Re: My folders in hard disk are appearing as shortcuts

Unread postby ahlchie » January 14th, 2014, 4:26 pm

adwCleaner

# AdwCleaner v3.017 - Report created 14/01/2014 at 23:22:54
# Updated 12/01/2014 by Xplode
# Operating System : Windows 7 Home Premium Service Pack 1 (64 bits)
# Username : WinDows7 - WINDOWS7-PC
# Running from : C:\Users\WinDows7\Downloads\adwcleaner.exe
# Option : Scan

***** [ Services ] *****

Service Found : DefaultTabSearch
Service Found : DefaultTabUpdate

***** [ Files / Folders ] *****

File Found : C:\END
File Found : C:\Users\WinDows7\AppData\Roaming\Mozilla\Firefox\Profiles\c7vtafrv.default\bprotector_extensions.sqlite
File Found : C:\Users\WinDows7\AppData\Roaming\Mozilla\Firefox\Profiles\c7vtafrv.default\bprotector_prefs.js
File Found : C:\Users\WinDows7\AppData\Roaming\Mozilla\Firefox\Profiles\c7vtafrv.default\invalidprefs.js
File Found : C:\Users\WinDows7\AppData\Roaming\Mozilla\Firefox\Profiles\c7vtafrv.default\searchplugins\Babylon.xml
File Found : C:\Users\WinDows7\AppData\Roaming\Mozilla\Firefox\Profiles\c7vtafrv.default\searchplugins\BrowserProtect.xml
File Found : C:\Users\WinDows7\AppData\Roaming\Mozilla\Firefox\Profiles\c7vtafrv.default\searchplugins\delta.xml
File Found : C:\Users\WinDows7\AppData\Roaming\Mozilla\Firefox\Profiles\c7vtafrv.default\user.js
File Found : C:\Users\WinDows7\AppData\Roaming\Mozilla\Firefox\Profiles\extensions\user.js
File Found : C:\Windows\System32\roboot64.exe
File Found : C:\Windows\System32\Tasks\BitGuard
File Found : C:\Windows\System32\Tasks\EPUpdater
File Found : C:\Windows\System32\Tasks\Express FilesUpdate
File Found : C:\Windows\System32\Tasks\ProtectedSearch
Folder Found : C:\Program Files (x86)\Mozilla Firefox\Extensions\afurladvisor@anchorfree.com
Folder Found : C:\Program Files (x86)\Mozilla Firefox\Extensions\ffxtlbr@babylon.com
Folder Found : C:\Users\WinDows7\AppData\Local\Google\Chrome\User Data\Default\Extensions\abepbblpkilpjohncjbccmdjhdhbnhdj
Folder Found : C:\Users\WinDows7\AppData\Local\Google\Chrome\User Data\Default\Extensions\eooncjejnppfjjklapaamhcdmjbilmde
Folder Found : C:\Users\WinDows7\AppData\Roaming\Mozilla\Firefox\Profiles\c7vtafrv.default\Extensions\eu3yoy@yiejhmkw.net
Folder Found : C:\Users\WinDows7\AppData\Roaming\Mozilla\Firefox\Profiles\c7vtafrv.default\Extensions\eu3yoy@yiejhmkw.net
Folder Found : C:\Users\WinDows7\AppData\Roaming\Mozilla\Firefox\Profiles\c7vtafrv.default\Extensions\ffxtlbr@delta.com
Folder Found : C:\Users\WinDows7\AppData\Roaming\Mozilla\Firefox\Profiles\c7vtafrv.default\Extensions\ffxtlbr@delta.com
Folder Found : C:\Users\WinDows7\AppData\Roaming\Mozilla\Firefox\Profiles\c7vtafrv.default\Extensions\ffxtlbr@delta.com
Folder Found : C:\Users\WinDows7\AppData\Roaming\Mozilla\Firefox\Profiles\c7vtafrv.default\Extensions\gc8i_oi@ebcaoeuqe.co.uk
Folder Found : C:\Users\WinDows7\AppData\Roaming\Mozilla\Firefox\Profiles\c7vtafrv.default\Extensions\gc8i_oi@ebcaoeuqe.co.uk
Folder Found : C:\Users\WinDows7\AppData\Roaming\Mozilla\Firefox\Profiles\extensions\Extensions\{33E0DAA6-3AF3-D8B5-6752-10E949C61516}
Folder Found : C:\Users\WinDows7\AppData\Roaming\Mozilla\Firefox\Profiles\extensions\Extensions\{33e0daa6-3af3-d8b5-6752-10e949c61516}
Folder Found : C:\Users\WinDows7\AppData\Roaming\Mozilla\Firefox\Profiles\extensions\Extensions\{33e0daa6-3af3-d8b5-6752-10e949c61516}
Folder Found : C:\Users\WinDows7\AppData\Roaming\Mozilla\Firefox\Profiles\extensions\Extensions\{a85b3e8c-9d4d-47f1-a5b1-7c0e4267039d}
Folder Found : C:\Users\WinDows7\AppData\Roaming\Mozilla\Firefox\Profiles\extensions\Extensions\{a85b3e8c-9d4d-47f1-a5b1-7c0e4267039d}
Folder Found C:\Program Files (x86)\BrowseToSave
Folder Found C:\Program Files (x86)\Complitly
Folder Found C:\Program Files (x86)\Conduit
Folder Found C:\Program Files (x86)\DefaultTab
Folder Found C:\Program Files (x86)\Delta
Folder Found C:\Program Files (x86)\driver-soft
Folder Found C:\Program Files (x86)\gurEaTsaVEr
Folder Found C:\Program Files (x86)\myfree codec
Folder Found C:\Program Files (x86)\OApps
Folder Found C:\Program Files (x86)\Protected Search
Folder Found C:\Program Files (x86)\Surf Canyon
Folder Found C:\Program Files (x86)\YoutubeAdblocker
Folder Found C:\ProgramData\AlawarWrapper
Folder Found C:\ProgramData\apn
Folder Found C:\ProgramData\Babylon
Folder Found C:\ProgramData\baidu
Folder Found C:\ProgramData\gurEaTsaVEr
Folder Found C:\ProgramData\Microsoft\Windows\Start Menu\Programs\myfree codec
Folder Found C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Protected Search
Folder Found C:\ProgramData\Premium
Folder Found C:\ProgramData\QuickSet
Folder Found C:\ProgramData\RightClick
Folder Found C:\ProgramData\SoftSafe
Folder Found C:\ProgramData\Tarma Installer
Folder Found C:\ProgramData\YoutubeAdblocker
Folder Found C:\Users\WinDows7\AppData\Local\Conduit
Folder Found C:\Users\WinDows7\AppData\Local\PutLockerDownloader
Folder Found C:\Users\WinDows7\AppData\Local\torch
Folder Found C:\Users\WinDows7\AppData\Local\visi_coupon
Folder Found C:\Users\WinDows7\AppData\LocalLow\blekko
Folder Found C:\Users\WinDows7\AppData\LocalLow\Conduit
Folder Found C:\Users\WinDows7\AppData\LocalLow\Delta
Folder Found C:\Users\WinDows7\AppData\LocalLow\PriceGong
Folder Found C:\Users\WinDows7\AppData\LocalLow\SimplyTech
Folder Found C:\Users\WinDows7\AppData\Roaming\BabSolution
Folder Found C:\Users\WinDows7\AppData\Roaming\Babylon
Folder Found C:\Users\WinDows7\AppData\Roaming\baidu
Folder Found C:\Users\WinDows7\AppData\Roaming\Complitly
Folder Found C:\Users\WinDows7\AppData\Roaming\DefaultTab
Folder Found C:\Users\WinDows7\AppData\Roaming\ExpressFiles
Folder Found C:\Users\WinDows7\AppData\Roaming\EZDownloader
Folder Found C:\Users\WinDows7\AppData\Roaming\file scout
Folder Found C:\Users\WinDows7\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\BitGuard
Folder Found C:\Users\WinDows7\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\FTDownloader.com
Folder Found C:\Users\WinDows7\AppData\Roaming\OpenCandy
Folder Found C:\Users\WinDows7\AppData\Roaming\Systweak
Folder Found C:\Users\WinDows7\Documents\optimizer pro
Folder Found C:\Windows\SysWOW64\hotspot shield

***** [ Shortcuts ] *****


***** [ Registry ] *****

Key Found : HKCU\Software\1ClickDownload
Key Found : HKCU\Software\5868f8db56de814
Key Found : HKCU\Software\anchorfree
Key Found : HKCU\Software\AppDataLow\Software\Conduit
Key Found : HKCU\Software\AppDataLow\Software\ConduitSearchScopes
Key Found : HKCU\Software\AppDataLow\Software\DefaultTab
Key Found : HKCU\Software\AppDataLow\Software\PriceGong
Key Found : HKCU\Software\AppDataLow\Software\simplytech
Key Found : HKCU\Software\AppDataLow\Software\SmartBar
Key Found : HKCU\Software\AppDataLow\SProtector
Key Found : HKCU\Software\BabSolution
Key Found : HKCU\Software\Complitly
Key Found : HKCU\Software\Conduit
Key Found : HKCU\Software\DataMngr
Key Found : HKCU\Software\DataMngr_Toolbar
Key Found : HKCU\Software\Default Tab
Key Found : HKCU\Software\DefaultTab
Key Found : HKCU\Software\Delta
Key Found : HKCU\Software\ExpressFiles
Key Found : HKCU\Software\filescout
Key Found : HKCU\Software\FLEXnet
Key Found : HKCU\Software\Google\Chrome\Extensions\ejpbbhjlbipncjklfjjaedaieimbmdda
Key Found : HKCU\Software\ilivid
Key Found : HKCU\Software\LiveSupport
Key Found : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{0ECDF796-C2DC-4D79-A620-CCE0C0A66CC9}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\bProtectSettings
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{7825CFB6-490A-436B-9F26-4A7B5CFC01A9}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{02478D38-C3F9-4EFB-9B51-7695ECA05670}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{0FB6A909-6086-458F-BD92-1F8EE10042A0}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{5AB7104A-B71F-49AD-9154-F7F8806AE848}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{7825CFB6-490A-436B-9F26-4A7B5CFC01A9}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{7F6AFBF1-E065-4627-A2FD-810366367D01}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{82E1477C-B154-48D3-9891-33D83C26BCD3}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{BAE35237-8D73-44D0-905C-8A95EA1E7E69}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{C1AF5FA5-852C-4C90-812E-A7F75E011D87}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{EECF410C-006C-4A05-AD13-6741A0814DBF}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{EEE6C35B-6118-11DC-9C72-001320C79847}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{EEE6C35C-6118-11DC-9C72-001320C79847}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{EF99BD32-C1FB-11D2-892F-0090271D4F88}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{F9E4A054-E9B1-4BC3-83A3-76A1AE736170}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{02478D38-C3F9-4EFB-9B51-7695ECA05670}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{0FB6A909-6086-458F-BD92-1F8EE10042A0}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{5AB7104A-B71F-49AD-9154-F7F8806AE848}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{7825CFB6-490A-436B-9F26-4A7B5CFC01A9}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{7F6AFBF1-E065-4627-A2FD-810366367D01}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{82E1477C-B154-48D3-9891-33D83C26BCD3}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{C1AF5FA5-852C-4C90-812E-A7F75E011D87}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{DF7770F7-832F-4BDF-B144-100EDDD0C3AE}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{EF99BD32-C1FB-11D2-892F-0090271D4F88}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{F9E4A054-E9B1-4BC3-83A3-76A1AE736170}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\MyFreeCodec
Key Found : HKCU\Software\Myfree Codec
Key Found : HKCU\Software\ProtectedSearch
Key Found : HKCU\Software\simplytech
Key Found : HKCU\Software\Surf Canyon
Key Found : HKCU\Software\systweak
Key Found : HKCU\Software\torch
Key Found : [x64] HKCU\Software\1ClickDownload
Key Found : [x64] HKCU\Software\anchorfree
Key Found : [x64] HKCU\Software\BabSolution
Key Found : [x64] HKCU\Software\Complitly
Key Found : [x64] HKCU\Software\Conduit
Key Found : [x64] HKCU\Software\DataMngr
Key Found : [x64] HKCU\Software\DataMngr_Toolbar
Key Found : [x64] HKCU\Software\Default Tab
Key Found : [x64] HKCU\Software\DefaultTab
Key Found : [x64] HKCU\Software\Delta
Key Found : [x64] HKCU\Software\ExpressFiles
Key Found : [x64] HKCU\Software\filescout
Key Found : [x64] HKCU\Software\FLEXnet
Key Found : [x64] HKCU\Software\ilivid
Key Found : [x64] HKCU\Software\LiveSupport
Key Found : [x64] HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{0ECDF796-C2DC-4D79-A620-CCE0C0A66CC9}
Key Found : [x64] HKCU\Software\Myfree Codec
Key Found : [x64] HKCU\Software\ProtectedSearch
Key Found : [x64] HKCU\Software\simplytech
Key Found : [x64] HKCU\Software\Surf Canyon
Key Found : [x64] HKCU\Software\systweak
Key Found : [x64] HKCU\Software\torch
Key Found : HKLM\Software\{3A7D3E19-1B79-4E4E-BD96-5467DA2C4EF0}
Key Found : HKLM\SOFTWARE\5868f8db56de814
Key Found : HKLM\Software\Babylon
Key Found : HKLM\SOFTWARE\Classes\*\shell\filescout
Key Found : HKLM\SOFTWARE\Classes\AppID\{09C554C3-109B-483C-A06B-F14172F1A947}
Key Found : HKLM\SOFTWARE\Classes\AppID\{0A18A436-2A7A-49F3-A488-30538A2F6323}
Key Found : HKLM\SOFTWARE\Classes\AppID\{1005247F-A178-490A-8DC3-6BAF09EA427B}
Key Found : HKLM\SOFTWARE\Classes\AppID\{38495740-0035-4471-851E-F5BBB86AB085}
Key Found : HKLM\SOFTWARE\Classes\AppID\{39CB8175-E224-4446-8746-00566302DF8D}
Key Found : HKLM\SOFTWARE\Classes\AppID\{3FC27B34-0C19-49DA-875E-1875DDD4A6B2}
Key Found : HKLM\SOFTWARE\Classes\AppID\{442F13BC-2031-42D5-9520-437F65271153}
Key Found : HKLM\SOFTWARE\Classes\AppID\{4D076AB4-7562-427A-B5D2-BD96E19DEE56}
Key Found : HKLM\SOFTWARE\Classes\AppID\{4E1E9D45-8BF9-4139-915C-9F83CC3D5921}
Key Found : HKLM\SOFTWARE\Classes\AppID\{608D3067-77E8-463D-9084-908966806826}
Key Found : HKLM\SOFTWARE\Classes\AppID\{72D89EBF-0C5D-4190-91FD-398E45F1D007}
Key Found : HKLM\SOFTWARE\Classes\AppID\{A2773ED4-83BD-488A-A186-73590706C916}
Key Found : HKLM\SOFTWARE\Classes\AppID\{A3514F71-E63F-440B-8076-14226E21B2BF}
Key Found : HKLM\SOFTWARE\Classes\AppID\{B12E99ED-69BD-437C-86BE-C862B9E5444D}
Key Found : HKLM\SOFTWARE\Classes\AppID\{C26644C4-2A12-4CA6-8F2E-0EDE6CF018F3}
Key Found : HKLM\SOFTWARE\Classes\AppID\{C26644C4-2A12-4CA6-8F2E-0EDE6CF018F3}
Key Found : HKLM\SOFTWARE\Classes\AppID\{C3110516-8EFC-49D6-8B72-69354F332062}
Key Found : HKLM\SOFTWARE\Classes\AppID\{D7EE8177-D51E-4F89-92B6-83EA2EC40800}
Key Found : HKLM\SOFTWARE\Classes\AppID\{EA28B360-05E0-4F93-8150-02891F1D8D3C}
Key Found : HKLM\SOFTWARE\Classes\AppID\Complitly.DLL
Key Found : HKLM\SOFTWARE\Classes\AppID\DefaultTabBHO.DLL
Key Found : HKLM\SOFTWARE\Classes\AppID\escort.DLL
Key Found : HKLM\SOFTWARE\Classes\AppID\escortApp.DLL
Key Found : HKLM\SOFTWARE\Classes\AppID\escortEng.DLL
Key Found : HKLM\SOFTWARE\Classes\AppID\escorTlbr.DLL
Key Found : HKLM\SOFTWARE\Classes\AppID\esrv.EXE
Key Found : HKLM\SOFTWARE\Classes\AppID\secman.DLL
Key Found : HKLM\SOFTWARE\Classes\AppID\surfcanyon.DLL
Key Found : HKLM\SOFTWARE\Classes\Applications\ilividsetup.exe
Key Found : HKLM\SOFTWARE\Classes\CLSID\{00000001-4FEF-40D3-B3FA-E0531B897F98}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{007EFBDF-8A5D-4930-97CC-A4B437CBA777}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{02478D38-C3F9-4EFB-9B51-7695ECA05670}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{058F0E48-61CA-4964-9FBA-1978A1BB060D}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{0FB6A909-6086-458F-BD92-1F8EE10042A0}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{18F33C35-8EF2-40D7-8BA4-932B0121B472}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{261DD098-8A3E-43D4-87AA-63324FA897D8}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{3C471948-F874-49F5-B338-4F214A2EE0B1}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{4FCB4630-2A1C-4AA1-B422-345E8DC8A6DE}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{5AB7104A-B71F-49AD-9154-F7F8806AE848}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{5C3B5DAA-0AFF-4808-90FB-0F2F2D760E36}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{64697678-0000-0010-8000-00AA00389B71}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{66EEF543-A9AC-4A9D-AA3C-1ED148AC8EEE}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{7825CFB6-490A-436B-9F26-4A7B5CFC01A9}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{7F6AFBF1-E065-4627-A2FD-810366367D01}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{80922EE0-8A76-46AE-95D5-BD3C3FE0708D}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{826D7151-8D99-434B-8540-082B8C2AE556}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{82E1477C-B154-48D3-9891-33D83C26BCD3}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{86838207-681D-469D-9511-D0DCC6F19F9B}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{A1E28287-1A31-4B0F-8D05-AA8C465D3C5A}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{A928E66C-F501-4E66-9953-855C712F93B2}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{C1AF5FA5-852C-4C90-812E-A7F75E011D87}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{E97A663B-81A6-49C5-A6D3-BCB05BA1DE26}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{EF99BD32-C1FB-11D2-892F-0090271D4F88}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{FD501041-8EBE-11CE-8183-00AA00577DA2}
Key Found : HKLM\SOFTWARE\Classes\d
Key Found : HKLM\SOFTWARE\Classes\DefaultTabBHO.DefaultTabBrowser
Key Found : HKLM\SOFTWARE\Classes\DefaultTabBHO.DefaultTabBrowser.1
Key Found : HKLM\SOFTWARE\Classes\DefaultTabBHO.DefaultTabBrowserActiveX
Key Found : HKLM\SOFTWARE\Classes\DefaultTabBHO.DefaultTabBrowserActiveX.1
Key Found : HKLM\SOFTWARE\Classes\delta.deltaappCore
Key Found : HKLM\SOFTWARE\Classes\delta.deltaappCore.1
Key Found : HKLM\SOFTWARE\Classes\delta.deltadskBnd
Key Found : HKLM\SOFTWARE\Classes\delta.deltadskBnd.1
Key Found : HKLM\SOFTWARE\Classes\delta.deltaHlpr
Key Found : HKLM\SOFTWARE\Classes\delta.deltaHlpr.1
Key Found : HKLM\SOFTWARE\Classes\escort.escortIEPane
Key Found : HKLM\SOFTWARE\Classes\escort.escortIEPane.1
Key Found : HKLM\SOFTWARE\Classes\esrv.deltaESrvc
Key Found : HKLM\SOFTWARE\Classes\esrv.deltaESrvc.1
Key Found : HKLM\SOFTWARE\Classes\FTDownloader
Key Found : HKLM\SOFTWARE\Classes\Interface\{10DE7085-6A1E-4D41-A7BF-9AF93E351401}
Key Found : HKLM\SOFTWARE\Classes\Interface\{1231839B-064E-4788-B865-465A1B5266FD}
Key Found : HKLM\SOFTWARE\Classes\Interface\{1AD27395-1659-4DFF-A319-2CFA243861A5}
Key Found : HKLM\SOFTWARE\Classes\Interface\{1F8EDE97-36D5-422A-B8F0-9406E2D87C60}
Key Found : HKLM\SOFTWARE\Classes\Interface\{2DAC2231-CC35-482B-97C5-CED1D4185080}
Key Found : HKLM\SOFTWARE\Classes\Interface\{3F1CD84C-04A3-4EA0-9EA1-7D134FD66C82}
Key Found : HKLM\SOFTWARE\Classes\Interface\{3F83A9CA-B5F0-44EC-9357-35BB3E84B07F}
Key Found : HKLM\SOFTWARE\Classes\Interface\{47E520EA-CAD2-4F51-8F30-613B3A1C33EB}
Key Found : HKLM\SOFTWARE\Classes\Interface\{57C91446-8D81-4156-A70E-624551442DE9}
Key Found : HKLM\SOFTWARE\Classes\Interface\{66EEF543-A9AC-4A9D-AA3C-1ED148AC8EEE}
Key Found : HKLM\SOFTWARE\Classes\Interface\{66EEF543-A9AC-4A9D-AA3C-1ED148AC8FFE}
Key Found : HKLM\SOFTWARE\Classes\Interface\{68AD96A1-2A28-4841-ABD0-F5AA45F008C9}
Key Found : HKLM\SOFTWARE\Classes\Interface\{70AFB7B2-9FB5-4A70-905B-0E9576142E1D}
Key Found : HKLM\SOFTWARE\Classes\Interface\{7AD65FD1-79E0-406D-B03C-DD7C14726D69}
Key Found : HKLM\SOFTWARE\Classes\Interface\{8DA8B89E-0C65-403B-8231-AB22ECFA0687}
Key Found : HKLM\SOFTWARE\Classes\Interface\{97DD820D-2E20-40AD-B01E-6730B2FCE630}
Key Found : HKLM\SOFTWARE\Classes\Interface\{A928E66C-F501-4E66-9953-855C712F93B2}
Key Found : HKLM\SOFTWARE\Classes\Interface\{B0E28FA0-DF07-44B6-95CE-48BE26DB9266}
Key Found : HKLM\SOFTWARE\Classes\Interface\{B177446D-54A4-4869-BABC-8566110B4BE0}
Key Found : HKLM\SOFTWARE\Classes\Interface\{C9AE652B-8C99-4AC2-B556-8B501182874E}
Key Found : HKLM\SOFTWARE\Classes\Interface\{D9D1DFC5-502D-43E4-B1BB-4D0B7841489A}
Key Found : HKLM\SOFTWARE\Classes\Interface\{E0B07188-A528-4F9E-B2F7-C7FDE8680AE4}
Key Found : HKLM\SOFTWARE\Classes\Interface\{E6B4EE8F-C38E-4994-BE28-229A3F92262C}
Key Found : HKLM\SOFTWARE\Classes\Interface\{F05B12E1-ADE8-4485-B45B-898748B53C37}
Key Found : HKLM\SOFTWARE\Classes\Interface\{FCA8936E-403A-4487-A966-70F80F1D5A6A}
Key Found : HKLM\SOFTWARE\Classes\Prod.cap
Key Found : HKLM\SOFTWARE\Classes\secman.OutlookSecurityManager
Key Found : HKLM\SOFTWARE\Classes\secman.OutlookSecurityManager.1
Key Found : HKLM\SOFTWARE\Classes\speedupmypc
Key Found : HKLM\SOFTWARE\Classes\SuggestMeYes.SuggestMeYesBHO
Key Found : HKLM\SOFTWARE\Classes\SuggestMeYes.SuggestMeYesBHO.1
Key Found : HKLM\SOFTWARE\Classes\surfcanyon.BhoSite
Key Found : HKLM\SOFTWARE\Classes\surfcanyon.BhoSite.1
Key Found : HKLM\SOFTWARE\Classes\Toolbar.CT1605787
Key Found : HKLM\SOFTWARE\Classes\Toolbar.CT3220468
Key Found : HKLM\SOFTWARE\Classes\TypeLib\{01BCB858-2F62-4F06-A8F4-48F927C15333}
Key Found : HKLM\SOFTWARE\Classes\TypeLib\{11549FE4-7C5A-4C17-9FC3-56FC5162A994}
Key Found : HKLM\SOFTWARE\Classes\TypeLib\{39CB8175-E224-4446-8746-00566302DF8D}
Key Found : HKLM\SOFTWARE\Classes\TypeLib\{4599D05A-D545-4069-BB42-5895B4EAE05B}
Key Found : HKLM\SOFTWARE\Classes\TypeLib\{4E1E9D45-8BF9-4139-915C-9F83CC3D5921}
Key Found : HKLM\SOFTWARE\Classes\TypeLib\{BA3105E9-5DE6-4A1E-A819-6F5046AB67F5}
Key Found : HKLM\SOFTWARE\Classes\TypeLib\{D7EE8177-D51E-4F89-92B6-83EA2EC40800}
Key Found : HKLM\SOFTWARE\Classes\TypeLib\{E69D4A59-73DE-4E38-9FB3-740EC4D9060D}
Key Found : HKLM\SOFTWARE\Classes\TypeLib\{FEB62B15-CC00-4736-AAEC-BA046C9DFF73}
Key Found : HKLM\SOFTWARE\Classes\wtb.Band
Key Found : HKLM\SOFTWARE\Classes\wtb.Band.1
Key Found : HKLM\SOFTWARE\Classes\wtb.NotificationSource
Key Found : HKLM\SOFTWARE\Classes\wtb.NotificationSource.1
Key Found : HKLM\SOFTWARE\Classes\wtb.SourceSinkImpl
Key Found : HKLM\SOFTWARE\Classes\wtb.SourceSinkImpl.1
Key Found : HKLM\SOFTWARE\Classes\wtb.ToolbarInfo
Key Found : HKLM\SOFTWARE\Classes\wtb.ToolbarInfo.1
Key Found : HKLM\Software\Conduit
Key Found : HKLM\Software\DataMngr
Key Found : HKLM\Software\Default Tab
Key Found : HKLM\Software\DefaultTab
Key Found : HKLM\Software\Delta
Key Found : HKLM\Software\Driver-Soft
Key Found : HKLM\Software\ExpressFiles
Key Found : HKLM\SOFTWARE\Google\Chrome\Extensions\abepbblpkilpjohncjbccmdjhdhbnhdj
Key Found : HKLM\SOFTWARE\Google\Chrome\Extensions\dlfienamagdnkekbbbocojppncdambda
Key Found : HKLM\SOFTWARE\Google\Chrome\Extensions\ejpbbhjlbipncjklfjjaedaieimbmdda
Key Found : HKLM\SOFTWARE\Google\Chrome\Extensions\eooncjejnppfjjklapaamhcdmjbilmde
Key Found : HKLM\SOFTWARE\Google\Chrome\Extensions\gkjoindjjcmbdpbfppabdgflnkgbbcli
Key Found : HKLM\SOFTWARE\Google\Chrome\Extensions\jcdgjdiieiljkfkdcloehkohchhpekkn
Key Found : HKLM\SOFTWARE\Google\Chrome\Extensions\kdidombaedgpfiiedeimiebkmbilgmlc
Key Found : HKLM\SOFTWARE\Google\Chrome\Extensions\kiplfnciaokpcennlkldkdaeaaomamof
Key Found : HKLM\SOFTWARE\Google\Chrome\Extensions\ogccgbmabaphcakpiclgcnmcnimhokcj
Key Found : HKLM\Software\GS-Enabler
Key Found : HKLM\Software\Iminent
Key Found : HKLM\Software\InstallIQ
Key Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{348C2DF3-1191-4C3E-92A6-B3A89A9D9C85}
Key Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{7825CFB6-490A-436B-9F26-4A7B5CFC01A9}
Key Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{CFD485F0-96BD-47CD-BB6D-CD7DDA95F102}
Key Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{AFDBDDAA-5D3F-42EE-B79C-185A7020515B}
Key Found : HKLM\SOFTWARE\Microsoft\Tracing\apnstub_RASAPI32
Key Found : HKLM\SOFTWARE\Microsoft\Tracing\apnstub_RASMANCS
Key Found : HKLM\SOFTWARE\Microsoft\Tracing\au__rasapi32
Key Found : HKLM\SOFTWARE\Microsoft\Tracing\au__rasmancs
Key Found : HKLM\SOFTWARE\Microsoft\Tracing\BingBar_RASMANCS
Key Found : HKLM\SOFTWARE\Microsoft\Tracing\blekko_1311013_RASAPI32
Key Found : HKLM\SOFTWARE\Microsoft\Tracing\blekko_1311013_RASMANCS
Key Found : HKLM\SOFTWARE\Microsoft\Tracing\BundleSweetIMSetup_RASAPI32
Key Found : HKLM\SOFTWARE\Microsoft\Tracing\BundleSweetIMSetup_RASMANCS
Key Found : HKLM\SOFTWARE\Microsoft\Tracing\ConduitInstaller_RASAPI32
Key Found : HKLM\SOFTWARE\Microsoft\Tracing\ConduitInstaller_RASMANCS
Key Found : HKLM\SOFTWARE\Microsoft\Tracing\FTDownloader_RASAPI32
Key Found : HKLM\SOFTWARE\Microsoft\Tracing\FTDownloader_RASMANCS
Key Found : HKLM\SOFTWARE\Microsoft\Tracing\iLividSetup_RASAPI32
Key Found : HKLM\SOFTWARE\Microsoft\Tracing\iLividSetup_RASMANCS
Key Found : HKLM\SOFTWARE\Microsoft\Tracing\MyBabylontb_RASAPI32
Key Found : HKLM\SOFTWARE\Microsoft\Tracing\MyBabylontb_RASMANCS
Key Found : HKLM\SOFTWARE\Microsoft\Tracing\sweetim_rasapi32
Key Found : HKLM\SOFTWARE\Microsoft\Tracing\sweetim_rasmancs
Key Found : HKLM\SOFTWARE\Microsoft\Tracing\sweetpacksupdatemanager_rasapi32
Key Found : HKLM\SOFTWARE\Microsoft\Tracing\SweetPacksUpdateManager_RASMANCS
Key Found : HKLM\SOFTWARE\Microsoft\Tracing\systweakasp_rasapi32
Key Found : HKLM\SOFTWARE\Microsoft\Tracing\systweakasp_rasmancs
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{02478D38-C3F9-4EFB-9B51-7695ECA05670}
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{0FB6A909-6086-458F-BD92-1F8EE10042A0}
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{5AB7104A-B71F-49AD-9154-F7F8806AE848}
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{7825CFB6-490A-436B-9F26-4A7B5CFC01A9}
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{7F6AFBF1-E065-4627-A2FD-810366367D01}
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{C1AF5FA5-852C-4C90-812E-A7F75E011D87}
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{02478D38-C3F9-4EFB-9B51-7695ECA05670}
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{7825CFB6-490A-436B-9F26-4A7B5CFC01A9}
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{7F6AFBF1-E065-4627-A2FD-810366367D01}
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{A1E28287-1A31-4B0F-8D05-AA8C465D3C5A}
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{EF99BD32-C1FB-11D2-892F-0090271D4F88}
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{2F603A45-D956-496B-81B5-50D782424976}
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{4820778D-AB0D-6D18-C316-52A6A0E1D507}
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{4FFBB818-B13C-11E0-931D-B2664824019B}_is1
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{B85C4CB2-B352-4BD8-818C-BCE353599107}
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{C3F3165C-74D3-6FDB-3274-14FDA8698CFA}
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{CA41BB14-E67B-1653-C57B-5CA99418A866}
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\1ClickDownload
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\DefaultTab
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Delta
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Delta Chrome Toolbar
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\IM
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Protected Search_is1
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\SP_f2a323db
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Surf Canyon
Key Found : HKLM\Software\Myfree Codec
Key Found : HKLM\Software\SimplyGen
Key Found : HKLM\Software\SP Global
Key Found : HKLM\Software\SProtector
Key Found : HKLM\Software\systweak
Key Found : HKLM\Software\torch
Key Found : HKLM\Software\Uniblue
Key Found : HKLM\Software\Uniblue\DriverScanner
Key Found : [x64] HKLM\SOFTWARE\Classes\CLSID\{0FB6A909-6086-458F-BD92-1F8EE10042A0}
Key Found : [x64] HKLM\SOFTWARE\Classes\CLSID\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}
Key Found : [x64] HKLM\SOFTWARE\Classes\CLSID\{F9E4A054-E9B1-4BC3-83A3-76A1AE736170}
Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{1231839B-064E-4788-B865-465A1B5266FD}
Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{1F8EDE97-36D5-422A-B8F0-9406E2D87C60}
Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{2DAC2231-CC35-482B-97C5-CED1D4185080}
Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{3F1CD84C-04A3-4EA0-9EA1-7D134FD66C82}
Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{3F83A9CA-B5F0-44EC-9357-35BB3E84B07F}
Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{47E520EA-CAD2-4F51-8F30-613B3A1C33EB}
Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{57C91446-8D81-4156-A70E-624551442DE9}
Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{66EEF543-A9AC-4A9D-AA3C-1ED148AC8EEE}
Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{66EEF543-A9AC-4A9D-AA3C-1ED148AC8FFE}
Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{68AD96A1-2A28-4841-ABD0-F5AA45F008C9}
Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{70AFB7B2-9FB5-4A70-905B-0E9576142E1D}
Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{7AD65FD1-79E0-406D-B03C-DD7C14726D69}
Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{8DA8B89E-0C65-403B-8231-AB22ECFA0687}
Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{97DD820D-2E20-40AD-B01E-6730B2FCE630}
Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{A928E66C-F501-4E66-9953-855C712F93B2}
Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{B0E28FA0-DF07-44B6-95CE-48BE26DB9266}
Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{B177446D-54A4-4869-BABC-8566110B4BE0}
Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{C9AE652B-8C99-4AC2-B556-8B501182874E}
Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{D9D1DFC5-502D-43E4-B1BB-4D0B7841489A}
Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{E0B07188-A528-4F9E-B2F7-C7FDE8680AE4}
Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{E6B4EE8F-C38E-4994-BE28-229A3F92262C}
Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{F05B12E1-ADE8-4485-B45B-898748B53C37}
Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{FCA8936E-403A-4487-A966-70F80F1D5A6A}
Key Found : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{0FB6A909-6086-458F-BD92-1F8EE10042A0}
Key Found : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}
Key Found : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{F9E4A054-E9B1-4BC3-83A3-76A1AE736170}
Key Found : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{2F603A45-D956-496B-81B5-50D782424976}
Key Found : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{B85C4CB2-B352-4BD8-818C-BCE353599107}
Key Found : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Optimizer Pro_is1
Key Found : [x64] HKLM\SOFTWARE\Tarma Installer
Value Found : HKCU\Software\Microsoft\Internet Explorer\Main [bprotector start page]
Value Found : HKCU\Software\Microsoft\Internet Explorer\SearchScopes [bProtectorDefaultScope]
Value Found : HKCU\Software\Mozilla\Firefox\Extensions [singalong@xenophesoft.com]
Value Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{82E1477C-B154-48D3-9891-33D83C26BCD3}]
Value Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{EF99BD32-C1FB-11D2-892F-0090271D4F88}]

***** [ Browsers ] *****

-\\ Internet Explorer v11.0.9600.16428

Setting Found : HKCU\Software\Microsoft\Internet Explorer\Main [Search Page] - hxxp://search.certified-toolbar.com?si= ... bs=true&q=
Setting Found : HKCU\Software\Microsoft\Internet Explorer\Main [Start Default_Page_URL] - hxxp://search.certified-toolbar.com?si= ... ue&tid=619
Setting Found : HKCU\Software\Microsoft\Internet Explorer\Main [Default_Search_URL] - hxxp://search.certified-toolbar.com?si= ... bs=true&q=
Setting Found : HKCU\Software\Microsoft\Internet Explorer\Main [Search Bar] - hxxp://search.certified-toolbar.com?si= ... bs=true&q=
Setting Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Default_Search_URL] - hxxp://search.certified-toolbar.com?si= ... bs=true&q=
Setting Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Search Page] - hxxp://search.certified-toolbar.com?si= ... bs=true&q=
Setting Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Start Default_Page_URL] - hxxp://search.certified-toolbar.com?si= ... ue&tid=619
Setting Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Search Bar] - hxxp://search.certified-toolbar.com?si= ... bs=true&q=
Setting Found : HKCU\Software\Microsoft\Internet Explorer\Search [Start Page] - hxxp://search.certified-toolbar.com?si= ... ue&tid=619
Setting Found : HKCU\Software\Microsoft\Internet Explorer\Search [Start Default_Page_URL] - hxxp://search.certified-toolbar.com?si= ... ue&tid=619
Setting Found : HKCU\Software\Microsoft\Internet Explorer\Search [Default_Search_URL] - hxxp://search.certified-toolbar.com?si= ... bs=true&q=
Setting Found : HKCU\Software\Microsoft\Internet Explorer\Search [Search Bar] - hxxp://search.certified-toolbar.com?si= ... bs=true&q=
Setting Found : HKCU\Software\Microsoft\Internet Explorer\Search [Search Page] - hxxp://search.certified-toolbar.com?si= ... bs=true&q=
Setting Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\Search [Start Page] - hxxp://search.certified-toolbar.com?si= ... ue&tid=619
Setting Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\Search [Start Default_Page_URL] - hxxp://search.certified-toolbar.com?si= ... ue&tid=619
Setting Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\Search [Default_Search_URL] - hxxp://search.certified-toolbar.com?si= ... bs=true&q=
Setting Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\Search [Search Bar] - hxxp://search.certified-toolbar.com?si= ... bs=true&q=
Setting Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\Search [Search Page] - hxxp://search.certified-toolbar.com?si= ... bs=true&q=
Setting Found : HKCU\Software\Microsoft\Internet Explorer\SearchUrl [(Default)] - hxxp://search.certified-toolbar.com?si= ... tid=619&q=%s
Setting Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchUrl [(Default)] - hxxp://search.certified-toolbar.com?si= ... tid=619&q=%s

-\\ Mozilla Firefox v22.0 (en-US)

[ File : C:\Users\WinDows7\AppData\Roaming\Mozilla\Firefox\Profiles\c7vtafrv.default\prefs.js ]

Line Found : user_pref("browser.newtab.url", "hxxp://www.delta-search.com/?babsrc=NT_ss&mntrId=30AD00FF07DFA2EE&affID=119520&tsp=4932");
Line Found : user_pref("browser.search.order.1", "Delta Search");
Line Found : user_pref("browser.search.selectedEngine", "Delta Search");
Line Found : user_pref("browser.startup.homepage", "hxxp://www.delta-search.com/?babsrc=HP_ss&mntrId=30AD00FF07DFA2EE&affID=119520&tsp=4932");
Line Found : user_pref("extensions.AcuGekO.scode", "(function(){if(window.self.location.hostname.indexOf(\"acebook.co\")>-1){return};if(window.self.location.protocol.indexOf('hxxp')>-1 && window.self==window.top &[...]
Line Found : user_pref("extensions.MmTzj.scode", "(function(){if(window.self.location.hostname.indexOf(\"acebook.co\")>-1){return};if(window.self.location.hostname.indexOf('mail.')==-1)\r\n{try{for(i=0;i<5;i++){wi[...]
Line Found : user_pref("extensions.delta.admin", false);
Line Found : user_pref("extensions.delta.aflt", "babsst");
Line Found : user_pref("extensions.delta.appId", "{C26644C4-2A12-4CA6-8F2E-0EDE6CF018F3}");
Line Found : user_pref("extensions.delta.autoRvrt", "false");
Line Found : user_pref("extensions.delta.bbDpng", "4");
Line Found : user_pref("extensions.delta.cntry", "SA");
Line Found : user_pref("extensions.delta.dfltLng", "en");
Line Found : user_pref("extensions.delta.excTlbr", false);
Line Found : user_pref("extensions.delta.ffxUnstlRst", true);
Line Found : user_pref("extensions.delta.hdrMd5", "7704EA69A350B4E102BE0A7DEABA7F17");
Line Found : user_pref("extensions.delta.id", "30ad1a4e00000000000000ff07dfa2ee");
Line Found : user_pref("extensions.delta.instlDay", "15889");
Line Found : user_pref("extensions.delta.instlRef", "sst");
Line Found : user_pref("extensions.delta.lastVrsnTs", "1.8.21.523:28:07");
Line Found : user_pref("extensions.delta.newTab", false);
Line Found : user_pref("extensions.delta.prdct", "delta");
Line Found : user_pref("extensions.delta.prtnrId", "delta");
Line Found : user_pref("extensions.delta.rvrt", "false");
Line Found : user_pref("extensions.delta.sg", "azb");
Line Found : user_pref("extensions.delta.smplGrp", "azb");
Line Found : user_pref("extensions.delta.tlbrId", "base");
Line Found : user_pref("extensions.delta.tlbrSrchUrl", "");
Line Found : user_pref("extensions.delta.vrsn", "1.8.21.5");
Line Found : user_pref("extensions.delta.vrsnTs", "1.8.21.523:28:07");
Line Found : user_pref("extensions.delta.vrsni", "1.8.21.5");
Line Found : user_pref("extensions.delta_i.babExt", "");
Line Found : user_pref("extensions.delta_i.babTrack", "affID=119520&tsp=4932");
Line Found : user_pref("extensions.delta_i.srcExt", "ss");
Line Found : user_pref("extensions.enabledAddons", "ffxtlbr%40delta.com:1.5.0,singalong%40xenophesoft.com:1.111,%7BDF153AFF-6948-45d7-AC98-4FC4AF8A08E2%7D:1.3.3,%7B972ce4c6-7e08-4474-a285-3208198ce6fd%7D:22.0");

-\\ Google Chrome v31.0.1650.63

[ File : C:\Users\WinDows7\AppData\Local\Google\Chrome\User Data\Default\preferences ]


*************************

AdwCleaner[R0].txt - [36640 octets] - [14/01/2014 23:22:54]

########## EOF - C:\AdwCleaner\AdwCleaner[R0].txt - [36701 octets] ##########
ahlchie
Regular Member
 
Posts: 29
Joined: January 10th, 2014, 4:26 pm

Re: My folders in hard disk are appearing as shortcuts

Unread postby ahlchie » January 14th, 2014, 4:38 pm

OTL.txt

OTL logfile created on: 1/14/2014 11:28:12 PM - Run 2
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\WinDows7\Downloads
64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.11.9600.16428)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

5.98 Gb Total Physical Memory | 3.87 Gb Available Physical Memory | 64.78% Memory free
11.95 Gb Paging File | 9.47 Gb Available in Paging File | 79.25% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 300.00 Gb Total Space | 142.12 Gb Free Space | 47.37% Space Free | Partition Type: NTFS
Drive D: | 373.64 Gb Total Space | 188.94 Gb Free Space | 50.57% Space Free | Partition Type: NTFS
Drive H: | 931.51 Gb Total Space | 529.83 Gb Free Space | 56.88% Space Free | Partition Type: NTFS

Computer Name: WINDOWS7-PC | User Name: WinDows7 | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - [2014/01/14 23:26:46 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\WinDows7\Downloads\OTL (1).exe
PRC - [2014/01/08 00:00:22 | 000,569,768 | ---- | M] (Valve Corporation) -- C:\Program Files (x86)\Common Files\Steam\SteamService.exe
PRC - [2014/01/08 00:00:20 | 001,815,464 | ---- | M] (Valve Corporation) -- C:\Program Files (x86)\Counter-Strike Global Offensive\Steam\Steam.exe
PRC - [2013/12/04 05:48:06 | 000,863,184 | ---- | M] (Google Inc.) -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
PRC - [2013/11/29 19:57:02 | 002,273,056 | ---- | M] (NVIDIA Corporation) -- C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
PRC - [2013/11/29 19:56:51 | 001,370,912 | ---- | M] (NVIDIA Corporation) -- C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
PRC - [2013/11/14 14:58:33 | 001,028,384 | ---- | M] (NVIDIA Corporation) -- C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\NvTmru.exe
PRC - [2013/11/11 08:59:20 | 000,414,496 | ---- | M] (NVIDIA Corporation) -- C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
PRC - [2013/10/10 10:01:02 | 000,295,512 | ---- | M] (RealNetworks, Inc.) -- C:\Program Files (x86)\Real\RealPlayer\Update\realsched.exe
PRC - [2013/08/14 15:19:56 | 000,233,048 | ---- | M] (RealNetworks, Inc.) -- C:\Program Files (x86)\RealNetworks\RealDownloader\recordingmanager.exe
PRC - [2013/08/14 15:19:22 | 000,039,056 | ---- | M] () -- C:\Program Files (x86)\RealNetworks\RealDownloader\rndlresolversvc.exe
PRC - [2013/05/05 13:43:25 | 000,107,520 | ---- | M] () -- C:\Users\WinDows7\AppData\Roaming\DefaultTab\DefaultTab\DTUpdate.exe
PRC - [2013/03/28 12:32:34 | 000,310,640 | ---- | M] (Samsung Electronics Co., Ltd.) -- C:\Program Files (x86)\Samsung\Kies\KiesTrayAgent.exe
PRC - [2013/03/28 12:32:32 | 001,511,792 | ---- | M] (Samsung) -- C:\Program Files (x86)\Samsung\Kies\Kies.exe
PRC - [2012/12/31 20:12:21 | 000,729,600 | ---- | M] () -- c:\ProgramData\QuickSet\GS-Enabler\GS-Enabler.exe
PRC - [2012/11/01 17:06:12 | 000,067,656 | ---- | M] (Simplygen) -- C:\Program Files (x86)\Protected Search\ProtectedSearch.exe
PRC - [2012/08/03 12:38:54 | 000,740,736 | ---- | M] (ASUS Cloud Corporation) -- C:\Program Files (x86)\ASUS\ASUS WebStorage\3.0.143.296\AsusWSPanel.exe
PRC - [2012/06/25 17:19:24 | 000,178,848 | ---- | M] (ASUSTek Computer Inc.) -- C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControl.exe
PRC - [2012/06/25 15:54:28 | 000,322,208 | ---- | M] (ASUSTek Computer Inc.) -- C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe
PRC - [2012/06/20 17:21:46 | 001,556,640 | ---- | M] (ASUSTeK Computer Inc.) -- C:\Program Files (x86)\ASUS\ASUS Live Update\LiveUpdate.exe
PRC - [2012/06/19 13:59:04 | 000,174,752 | ---- | M] (ASUSTek Computer Inc.) -- C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe
PRC - [2012/05/28 10:04:48 | 000,113,312 | ---- | M] (ASUSTek Computer Inc.) -- C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\KBFiltr.exe
PRC - [2011/11/21 14:22:08 | 000,080,512 | ---- | M] (ASUS) -- C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\AsLdrSrv.exe
PRC - [2011/11/21 14:19:50 | 000,096,896 | ---- | M] (ASUS) -- C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe
PRC - [2011/05/31 00:48:18 | 000,082,944 | ---- | M] (ASUS) -- C:\Program Files (x86)\ASUS\Splendid\ACMON.exe
PRC - [2011/05/31 00:48:16 | 000,155,648 | ---- | M] (ASUSTeK) -- C:\Windows\SysWOW64\ACEngSvr.exe
PRC - [2011/03/13 21:59:18 | 000,138,400 | ---- | M] (Atheros) -- C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe
PRC - [2010/11/20 15:17:56 | 000,257,536 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\wbem\WmiPrvSE.exe
PRC - [2010/11/15 21:42:12 | 000,305,792 | ---- | M] (ASUS) -- C:\Program Files (x86)\ASUS\SmartLogon\sensorsrv.exe
PRC - [2010/09/24 03:53:16 | 001,601,536 | ---- | M] () -- C:\Program Files (x86)\ASUS\Wireless Console 3\wcourier.exe
PRC - [2010/07/10 09:45:00 | 000,984,400 | ---- | M] (Virage Logic Corporation / Sonic Focus) -- C:\Program Files (x86)\ASUS\Sonic Focus\SonicFocusTray.exe
PRC - [2010/03/18 23:16:28 | 000,130,384 | ---- | M] (Microsoft Corporation) -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
PRC - [2009/06/19 10:29:42 | 000,105,016 | ---- | M] (ASUS) -- C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControlUser.exe
PRC - [2009/06/19 10:29:26 | 002,488,888 | ---- | M] (ASUS) -- C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\ATKOSD.exe
PRC - [2008/12/22 17:15:34 | 000,174,648 | ---- | M] (ASUS) -- C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\WDC.exe
PRC - [2008/11/09 23:48:14 | 000,602,392 | ---- | M] (Yahoo! Inc.) -- C:\Program Files (x86)\Yahoo!\SoftwareUpdate\YahooAUService.exe
PRC - [2006/12/23 18:05:20 | 000,143,360 | ---- | M] (Nero AG) -- C:\Program Files (x86)\Common Files\Ahead\Lib\NMBgMonitor.exe
PRC - [2006/12/23 18:04:42 | 000,905,216 | ---- | M] (Nero AG) -- C:\Program Files (x86)\Common Files\Ahead\Lib\NMIndexStoreSvr.exe
PRC - [2001/11/20 13:51:28 | 000,356,352 | ---- | M] () -- C:\Program Files (x86)\Browser Mouse\Browser Mouse\1.1\Mouse32A.exe


========== Modules (No Company Name) ==========

MOD - [2014/01/08 00:00:22 | 001,138,088 | ---- | M] () -- C:\Program Files (x86)\Counter-Strike Global Offensive\Steam\bin\chromehtml.dll
MOD - [2013/12/31 20:12:15 | 003,041,792 | ---- | M] () -- c:\Program Files (x86)\GS-Enabler\Assistant.dll
MOD - [2013/12/13 01:19:40 | 000,142,848 | ---- | M] () -- C:\Program Files (x86)\Counter-Strike Global Offensive\Steam\libavresample-1.dll
MOD - [2013/12/13 01:04:18 | 020,625,832 | ---- | M] () -- C:\Program Files (x86)\Counter-Strike Global Offensive\Steam\bin\libcef.dll
MOD - [2013/12/13 01:04:14 | 000,716,800 | ---- | M] () -- C:\Program Files (x86)\Counter-Strike Global Offensive\Steam\SDL2.dll
MOD - [2013/12/04 05:48:04 | 000,399,312 | ---- | M] () -- C:\Program Files (x86)\Google\Chrome\Application\31.0.1650.63\ppgooglenaclpluginchrome.dll
MOD - [2013/12/04 05:48:02 | 004,055,504 | ---- | M] () -- C:\Program Files (x86)\Google\Chrome\Application\31.0.1650.63\pdf.dll
MOD - [2013/12/04 05:47:11 | 000,702,416 | ---- | M] () -- C:\Program Files (x86)\Google\Chrome\Application\31.0.1650.63\libglesv2.dll
MOD - [2013/12/04 05:47:11 | 000,099,792 | ---- | M] () -- C:\Program Files (x86)\Google\Chrome\Application\31.0.1650.63\libegl.dll
MOD - [2013/12/04 05:47:08 | 001,619,408 | ---- | M] () -- C:\Program Files (x86)\Google\Chrome\Application\31.0.1650.63\ffmpegsumo.dll
MOD - [2013/11/05 04:12:06 | 000,890,592 | ---- | M] () -- C:\Program Files (x86)\Counter-Strike Global Offensive\Steam\libavutil-52.dll
MOD - [2013/10/11 03:40:05 | 014,340,096 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\PresentationFramewo#\bcf51dc88597d0835c819a2d5a755b74\PresentationFramework.ni.dll
MOD - [2013/10/11 03:39:53 | 012,436,480 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\ef0a534be135cd8f0d99d938d8b1814a\System.Windows.Forms.ni.dll
MOD - [2013/10/11 03:39:47 | 012,238,336 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\PresentationCore\51478a61dbd40488e320a0061e23c4df\PresentationCore.ni.dll
MOD - [2013/10/11 03:39:39 | 003,348,480 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\WindowsBase\4eef5a3a4d0ed6d6fd882947a70df530\WindowsBase.ni.dll
MOD - [2013/10/11 03:39:35 | 000,978,432 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Configuration\29f3ae8d313e62b4daed1107ccd29f9f\System.Configuration.ni.dll
MOD - [2013/10/11 03:13:27 | 018,022,912 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\PresentationFramewo#\e9147e4c70d4e387dc4aea59ce0a219a\PresentationFramework.ni.dll
MOD - [2013/10/11 03:13:14 | 011,527,680 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\PresentationCore\99bbd3424207d205e9e680fa712dba04\PresentationCore.ni.dll
MOD - [2013/10/11 03:13:07 | 007,070,720 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Core\55c245966c0b23a47587c18681457e48\System.Core.ni.dll
MOD - [2013/10/11 03:13:01 | 003,883,008 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\WindowsBase\b1ff5e4a64c0bb0a9b039aaefcde5ea7\WindowsBase.ni.dll
MOD - [2013/10/11 03:12:59 | 001,014,784 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Configuration\85a501f8b0cb271f1bfab6532523ac3c\System.Configuration.ni.dll
MOD - [2013/10/11 03:11:03 | 000,771,584 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Runtime.Remo#\ef63e29e24bf73b2a8659e13aa18fbbb\System.Runtime.Remoting.ni.dll
MOD - [2013/08/19 10:32:40 | 000,221,696 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.ServiceProce#\d8f4106eee38420ac5eda7d630dc53fc\System.ServiceProcess.ni.dll
MOD - [2013/08/19 10:32:03 | 001,812,480 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Xaml\c8648331484537c338fe2b606a9db8b7\System.Xaml.ni.dll
MOD - [2013/08/19 10:25:05 | 001,051,136 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Management\9a1bc983c28c695729b3e46acdc6933e\System.Management.ni.dll
MOD - [2013/08/19 09:42:33 | 001,593,344 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Drawing\5aa44bce7933e4de09d935848f868a4b\System.Drawing.ni.dll
MOD - [2013/08/19 09:42:15 | 005,464,064 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Xml\09db78d6068543df01862a023aca785a\System.Xml.ni.dll
MOD - [2013/08/19 09:42:09 | 007,989,760 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System\5d22a30e587e2cac106b81fb351e7c08\System.ni.dll
MOD - [2013/08/18 01:12:05 | 005,628,416 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Xml\b7285e9f3d19a05d5cc2c049e451685d\System.Xml.ni.dll
MOD - [2013/08/18 01:11:56 | 009,100,288 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System\08c630893416f3379c9455870908ad6c\System.ni.dll
MOD - [2013/07/12 15:11:36 | 000,368,128 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\PresentationFramewo#\a2920ed81e097f8551231a9350697bbd\PresentationFramework.Aero.ni.dll
MOD - [2013/07/12 15:10:50 | 000,025,600 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\Accessibility\8c20095bd7d46cdfa7933eb258a07daa\Accessibility.ni.dll
MOD - [2013/07/12 15:10:27 | 011,499,520 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\mscorlib\9a6c1b7af18b4d5a91dc7f8d6617522f\mscorlib.ni.dll
MOD - [2013/07/12 14:52:43 | 014,418,432 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\mscorlib\a01e07e47ecdd94ae099e8c4bf650516\mscorlib.ni.dll
MOD - [2013/06/15 02:49:12 | 001,100,800 | ---- | M] () -- C:\Program Files (x86)\Counter-Strike Global Offensive\Steam\bin\avcodec-53.dll
MOD - [2013/06/15 02:49:12 | 000,192,000 | ---- | M] () -- C:\Program Files (x86)\Counter-Strike Global Offensive\Steam\bin\avformat-53.dll
MOD - [2013/06/15 02:49:12 | 000,124,416 | ---- | M] () -- C:\Program Files (x86)\Counter-Strike Global Offensive\Steam\bin\avutil-51.dll
MOD - [2013/04/10 12:22:50 | 000,188,208 | ---- | M] () -- C:\Program Files (x86)\Garena Plus\ggspawn.dll
MOD - [2012/05/25 04:25:00 | 000,921,600 | ---- | M] () -- C:\Program Files (x86)\Yahoo!\Messenger\yui.dll
MOD - [2011/09/05 10:19:00 | 000,028,672 | ---- | M] () -- C:\Program Files (x86)\ASUS\ASUS WebStorage\3.0.143.296\AxInterop.ShockwaveFlashObjects.dll
MOD - [2011/05/31 00:48:14 | 000,009,216 | ---- | M] () -- C:\Program Files (x86)\ASUS\Splendid\GLCDdll.dll
MOD - [2010/09/24 03:53:16 | 001,601,536 | ---- | M] () -- C:\Program Files (x86)\ASUS\Wireless Console 3\wcourier.exe
MOD - [2001/12/26 04:28:26 | 000,057,344 | ---- | M] () -- C:\Program Files (x86)\Browser Mouse\Browser Mouse\1.1\MOUDL32A.DLL
MOD - [2001/11/20 13:51:28 | 000,356,352 | ---- | M] () -- C:\Program Files (x86)\Browser Mouse\Browser Mouse\1.1\Mouse32A.exe


========== Services (SafeList) ==========

SRV:64bit: - [2013/11/29 19:56:40 | 015,128,352 | ---- | M] (NVIDIA Corporation) [Auto | Running] -- C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe -- (NvStreamSvc)
SRV:64bit: - [2013/11/26 12:18:09 | 000,111,616 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\IEEtwCollector.exe -- (IEEtwCollectorService)
SRV:64bit: - [2013/10/23 17:14:22 | 000,348,376 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Program Files\Microsoft Security Client\NisSrv.exe -- (NisSrv)
SRV:64bit: - [2013/10/23 17:14:22 | 000,023,808 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Microsoft Security Client\MsMpEng.exe -- (MsMpSvc)
SRV:64bit: - [2013/05/27 08:50:47 | 001,011,712 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV:64bit: - [2011/03/04 03:57:58 | 000,379,520 | ---- | M] (ASUSTeK Computer Inc.) [Auto | Running] -- C:\Windows\SysNative\FBAgent.exe -- (AFBAgent)
SRV:64bit: - [2010/09/23 04:10:10 | 000,057,184 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Program Files\Windows Live\Mesh\wlcrasvc.exe -- (wlcrasvc)
SRV:64bit: - [2010/04/17 03:07:42 | 000,134,928 | ---- | M] (Intel(R) Corporation) [Auto | Running] -- C:\Program Files\Intel\TurboBoost\TurboBoost.exe -- (TurboBoost)
SRV:64bit: - [2009/07/14 04:39:31 | 000,045,568 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\rundll32.exe -- (e81a9dc1)
SRV - [2014/01/08 00:00:22 | 000,569,768 | ---- | M] (Valve Corporation) [On_Demand | Running] -- C:\Program Files (x86)\Common Files\Steam\SteamService.exe -- (Steam Client Service)
SRV - [2013/12/20 06:24:44 | 000,574,464 | ---- | M] () [Auto | Stopped] -- C:\Program Files (x86)\DefaultTab\DefaultTabSearch.exe -- (DefaultTabSearch)
SRV - [2013/11/29 19:56:51 | 001,370,912 | ---- | M] (NVIDIA Corporation) [Auto | Running] -- C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe -- (NvNetworkService)
SRV - [2013/11/11 08:59:20 | 000,414,496 | ---- | M] (NVIDIA Corporation) [Auto | Running] -- C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe -- (Stereo Service)
SRV - [2013/09/05 10:34:30 | 000,171,680 | R--- | M] (Skype Technologies) [Auto | Stopped] -- C:\Program Files (x86)\Skype\Updater\Updater.exe -- (SkypeUpdate)
SRV - [2013/08/14 15:19:22 | 000,039,056 | ---- | M] () [Auto | Running] -- C:\Program Files (x86)\RealNetworks\RealDownloader\rndlresolversvc.exe -- (RealNetworks Downloader Resolver Service)
SRV - [2013/06/18 17:21:21 | 000,117,144 | ---- | M] (Mozilla Foundation) [On_Demand | Stopped] -- C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance)
SRV - [2013/05/05 13:43:25 | 000,107,520 | ---- | M] () [Auto | Running] -- C:\Users\WinDows7\AppData\Roaming\DefaultTab\DefaultTab\DTUpdate.exe -- (DefaultTabUpdate)
SRV - [2011/11/21 14:22:08 | 000,080,512 | ---- | M] (ASUS) [Auto | Running] -- C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\AsLdrSrv.exe -- (ASLDRService)
SRV - [2011/11/21 14:19:50 | 000,096,896 | ---- | M] (ASUS) [Auto | Running] -- C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe -- (ATKGFNEXSrv)
SRV - [2011/03/13 21:59:18 | 000,138,400 | ---- | M] (Atheros) [Auto | Running] -- C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe -- (Atheros Bt&Wlan Coex Agent)
SRV - [2011/03/13 21:58:30 | 000,074,912 | ---- | M] (Atheros Commnucations) [Auto | Running] -- C:\Program Files (x86)\Bluetooth Suite\AdminService.exe -- (AtherosSvc)
SRV - [2010/03/18 23:16:28 | 000,130,384 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32)
SRV - [2009/06/11 00:23:09 | 000,066,384 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32)
SRV - [2008/11/09 23:48:14 | 000,602,392 | ---- | M] (Yahoo! Inc.) [Auto | Running] -- C:\Program Files (x86)\Yahoo!\SoftwareUpdate\YahooAUService.exe -- (YahooAUService)
SRV - [2007/11/28 02:08:02 | 000,077,824 | ---- | M] (Sony Corporation) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Sony Shared\AVLib\SPTISRV.exe -- (SPTISRV)
SRV - [2007/11/28 02:02:20 | 000,053,248 | ---- | M] (Sony Corporation) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Sony Shared\AVLib\MSCSPTISRV.exe -- (MSCSPTISRV)
SRV - [2007/11/28 01:43:44 | 000,053,248 | ---- | M] (Sony Corporation) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Sony Shared\AVLib\PACSPTISVR.exe -- (PACSPTISVR)
SRV - [2007/02/05 10:11:18 | 000,075,320 | ---- | M] (Sony Corporation) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Sony Shared\AVLib\SSScsiSV.exe -- (SSScsiSV)
SRV - [2007/02/05 10:11:16 | 000,112,184 | ---- | M] (Sony Corporation) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Sony Shared\AVLib\SsBeSvc.exe -- (SonicStage Back-End Service)


========== Driver Services (SafeList) ==========

DRV:64bit: - [2013/11/14 14:58:40 | 000,196,384 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\nvhda64v.sys -- (NVHDA)
DRV:64bit: - [2013/10/30 20:03:12 | 000,039,200 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\nvvad64v.sys -- (nvvad_WaveExtensible)
DRV:64bit: - [2013/09/27 09:53:06 | 000,134,944 | ---- | M] (Microsoft Corporation) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\NisDrvWFP.sys -- (NisDrv)
DRV:64bit: - [2013/04/24 22:28:08 | 000,042,184 | ---- | M] (Anchorfree Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\taphss6.sys -- (taphss6)
DRV:64bit: - [2013/02/22 10:17:06 | 000,203,544 | ---- | M] (DEVGURU Co., LTD.(www.devguru.co.kr)) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ssudserd.sys -- (ssudserd)
DRV:64bit: - [2013/02/22 10:17:06 | 000,203,544 | ---- | M] (DEVGURU Co., LTD.(www.devguru.co.kr)) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ssudmdm.sys -- (ssudmdm)
DRV:64bit: - [2013/02/22 10:17:06 | 000,102,936 | ---- | M] (DEVGURU Co., LTD.(www.devguru.co.kr)) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ssudbus.sys -- (dg_ssudbus)
DRV:64bit: - [2013/02/22 10:17:04 | 000,188,232 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\sscdmdm.sys -- (sscdmdm)
DRV:64bit: - [2013/02/22 10:17:04 | 000,169,288 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\sscdbus.sys -- (sscdbus)
DRV:64bit: - [2013/02/22 10:17:04 | 000,021,320 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\sscdmdfl.sys -- (sscdmdfl)
DRV:64bit: - [2013/02/22 10:16:54 | 000,188,232 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ssadmdm.sys -- (ssadmdm)
DRV:64bit: - [2013/02/22 10:16:54 | 000,169,288 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ssadbus.sys -- (ssadbus)
DRV:64bit: - [2013/02/22 10:16:54 | 000,158,024 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ssadserd.sys -- (ssadserd)
DRV:64bit: - [2013/02/22 10:16:54 | 000,038,080 | ---- | M] (Google Inc) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ssadadb.sys -- (androidusb)
DRV:64bit: - [2013/02/22 10:16:54 | 000,021,320 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ssadmdfl.sys -- (ssadmdfl)
DRV:64bit: - [2013/02/12 07:12:06 | 000,019,968 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\usb8023x.sys -- (usb_rndisx)
DRV:64bit: - [2013/01/04 15:32:33 | 000,057,856 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbFlt.sys -- (TsUsbFlt)
DRV:64bit: - [2013/01/04 15:32:33 | 000,030,208 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbGD.sys -- (TsUsbGD)
DRV:64bit: - [2013/01/04 15:32:33 | 000,019,456 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\rdpvideominiport.sys -- (RdpVideoMiniport)
DRV:64bit: - [2012/03/01 09:46:16 | 000,023,408 | ---- | M] (Microsoft Corporation) [Recognizer | Boot | Unknown] -- C:\Windows\SysNative\drivers\fs_rec.sys -- (Fs_Rec)
DRV:64bit: - [2011/10/19 00:32:45 | 000,107,904 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata)
DRV:64bit: - [2011/10/19 00:32:45 | 000,027,008 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata)
DRV:64bit: - [2011/06/02 21:32:50 | 000,401,896 | ---- | M] (ASMedia Technology Inc) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\asmtxhci.sys -- (asmtxhci)
DRV:64bit: - [2011/06/02 21:32:50 | 000,128,488 | ---- | M] (ASMedia Technology Inc) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\asmthub3.sys -- (asmthub3)
DRV:64bit: - [2011/05/14 01:37:54 | 000,048,488 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\fssfltr.sys -- (fssfltr)
DRV:64bit: - [2011/04/13 00:18:08 | 000,142,632 | ---- | M] (ELAN Microelectronics Corp.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\ETD.sys -- (ETD)
DRV:64bit: - [2011/03/15 13:09:16 | 000,311,400 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\rtsuvstor.sys -- (RSUSBVSTOR)
DRV:64bit: - [2011/03/13 21:58:44 | 000,280,224 | ---- | M] (Atheros) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\btfilter.sys -- (BtFilter)
DRV:64bit: - [2011/03/13 21:58:44 | 000,201,376 | ---- | M] (Atheros) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\btath_hcrp.sys -- (BTATH_HCRP)
DRV:64bit: - [2011/03/13 21:58:44 | 000,154,272 | ---- | M] (Atheros) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\btath_rcp.sys -- (BTATH_RCP)
DRV:64bit: - [2011/03/13 21:58:44 | 000,055,456 | ---- | M] (Atheros) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\btath_lwflt.sys -- (BTATH_LWFLT)
DRV:64bit: - [2011/03/13 21:58:42 | 000,298,656 | ---- | M] (Atheros) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\btath_a2dp.sys -- (BTATH_A2DP)
DRV:64bit: - [2011/03/13 21:58:42 | 000,036,000 | ---- | M] (Atheros) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\btath_flt.sys -- (AthBTPort)
DRV:64bit: - [2011/03/13 21:58:42 | 000,028,832 | ---- | M] (Atheros) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\btath_bus.sys -- (BTATH_BUS)
DRV:64bit: - [2011/01/13 14:58:30 | 000,413,800 | ---- | M] (Realtek ) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Rt64win7.sys -- (RTL8167)
DRV:64bit: - [2010/11/20 16:33:36 | 000,078,720 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD)
DRV:64bit: - [2010/09/22 04:59:38 | 000,056,344 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\HECIx64.sys -- (MEIx64)
DRV:64bit: - [2010/09/13 13:24:26 | 000,437,272 | ---- | M] (Intel Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\iaStor.sys -- (iaStor)
DRV:64bit: - [2010/07/08 13:03:48 | 002,228,736 | ---- | M] (Atheros Communications, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\athrx.sys -- (athr)
DRV:64bit: - [2010/04/17 03:07:28 | 000,013,832 | ---- | M] () [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\TurboB.sys -- (TurboB)
DRV:64bit: - [2009/07/20 12:29:40 | 000,015,416 | ---- | M] ( ) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\kbfiltr.sys -- (kbfiltr)
DRV:64bit: - [2009/07/14 04:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs)
DRV:64bit: - [2009/07/14 04:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2)
DRV:64bit: - [2009/07/14 04:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor)
DRV:64bit: - [2009/07/14 02:21:48 | 000,038,400 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\tpm.sys -- (TPM)
DRV:64bit: - [2009/06/10 23:35:57 | 000,056,832 | ---- | M] (Silicon Integrated Systems Corp.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\SiSG664.sys -- (SiSGbeLH)
DRV:64bit: - [2009/06/10 23:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv)
DRV:64bit: - [2009/06/10 23:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv)
DRV:64bit: - [2009/06/10 23:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a)
DRV:64bit: - [2009/06/10 23:34:18 | 000,057,344 | ---- | M] (Atheros Communications, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\L1C62x64.sys -- (L1C)
DRV:64bit: - [2009/06/10 23:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir)
DRV:64bit: - [2008/05/24 04:27:28 | 000,154,168 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\WimFltr.sys -- (WimFltr)
DRV:64bit: - [2006/10/18 02:00:00 | 000,052,760 | ---- | M] (Sonic Solutions) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\PxHlpa64.sys -- (PxHlpa64)
DRV - [2013/02/05 11:54:40 | 000,037,344 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Windows\SysWOW64\FsUsbExDisk.Sys -- (FsUsbExDisk)
DRV - [2011/09/07 09:55:04 | 000,017,536 | ---- | M] (ASUS) [Kernel | System | Running] -- C:\Program Files (x86)\ASUS\ATK Package\ATK WMIACPI\atkwmiacpi64.sys -- (ATKWMIACPIIO)
DRV - [2009/07/14 04:19:10 | 000,019,008 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\wimmount.sys -- (WIMMount)
DRV - [2009/07/02 17:36:14 | 000,015,416 | ---- | M] (ASUS) [Kernel | Auto | Running] -- C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\ASMMAP64.sys -- (ASMMAP64)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE:64bit: - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE:64bit: - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&form=ASUTDF&pc=NP06&src=IE-SearchBox
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://search.certified-toolbar.com?si= ... bs=true&q=
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar = http://search.certified-toolbar.com?si= ... bs=true&q=
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://search.certified-toolbar.com?si= ... bs=true&q=
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Default_Page_URL = http://search.certified-toolbar.com?si= ... ue&tid=619
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,Default_Search_URL = http://search.certified-toolbar.com?si= ... bs=true&q=
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,Search Bar = http://search.certified-toolbar.com?si= ... bs=true&q=
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,Search Page = http://search.certified-toolbar.com?si= ... bs=true&q=
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,Start Default_Page_URL = http://search.certified-toolbar.com?si= ... ue&tid=619
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,Start Page = http://search.certified-toolbar.com?si= ... ue&tid=619
IE - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&form=ASUTDF&pc=NP06&src=IE-SearchBox
IE - HKLM\..\SearchScopes\{afdbddaa-5d3f-42ee-b79c-185a7020515b}: "URL" = http://search.sweetim.com/search.asp?src=6&q={searchTerms}&crg=3.1010000.10011&barid={55D1CD6D-4CCB-11E2-A728-5404A6A7F41F}


IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0



IE - HKU\S-1-5-21-3787286749-1919752083-775963528-1000\SOFTWARE\Microsoft\Internet Explorer\Main,bProtector Start Page = http://www.delta-search.com/?babsrc=HP_ ... 0&tsp=4932
IE - HKU\S-1-5-21-3787286749-1919752083-775963528-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://asus.msn.com
IE - HKU\S-1-5-21-3787286749-1919752083-775963528-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://search.certified-toolbar.com?si= ... bs=true&q=
IE - HKU\S-1-5-21-3787286749-1919752083-775963528-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar = http://search.certified-toolbar.com?si= ... bs=true&q=
IE - HKU\S-1-5-21-3787286749-1919752083-775963528-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://search.certified-toolbar.com?si= ... bs=true&q=
IE - HKU\S-1-5-21-3787286749-1919752083-775963528-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Default_Page_URL = http://search.certified-toolbar.com?si= ... ue&tid=619
IE - HKU\S-1-5-21-3787286749-1919752083-775963528-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.alnaddy.com?src=default
IE - HKU\S-1-5-21-3787286749-1919752083-775963528-1000\SOFTWARE\Microsoft\Internet Explorer\Search,Default_Search_URL = http://search.certified-toolbar.com?si= ... bs=true&q=
IE - HKU\S-1-5-21-3787286749-1919752083-775963528-1000\SOFTWARE\Microsoft\Internet Explorer\Search,Search Bar = http://search.certified-toolbar.com?si= ... bs=true&q=
IE - HKU\S-1-5-21-3787286749-1919752083-775963528-1000\SOFTWARE\Microsoft\Internet Explorer\Search,Search Page = http://search.certified-toolbar.com?si= ... bs=true&q=
IE - HKU\S-1-5-21-3787286749-1919752083-775963528-1000\SOFTWARE\Microsoft\Internet Explorer\Search,Start Default_Page_URL = http://search.certified-toolbar.com?si= ... ue&tid=619
IE - HKU\S-1-5-21-3787286749-1919752083-775963528-1000\SOFTWARE\Microsoft\Internet Explorer\Search,Start Page = http://search.certified-toolbar.com?si= ... ue&tid=619
IE - HKU\S-1-5-21-3787286749-1919752083-775963528-1000\..\URLSearchHook: {81017EA9-9AA8-4A6A-9734-7AF40E7D593F} - C:\Program Files (x86)\Yahoo!\Companion\Installs\cpn2\yt.dll (Yahoo! Inc.)
IE - HKU\S-1-5-21-3787286749-1919752083-775963528-1000\..\SearchScopes,bProtectorDefaultScope = {0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9}
IE - HKU\S-1-5-21-3787286749-1919752083-775963528-1000\..\SearchScopes,DefaultScope = {0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9}
IE - HKU\S-1-5-21-3787286749-1919752083-775963528-1000\..\SearchScopes\{0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9}: "URL" = http://www.delta-search.com/?q={searchTerms}&babsrc=SP_ss&mntrId=30AD00FF07DFA2EE&affID=119520&tsp=4932
IE - HKU\S-1-5-21-3787286749-1919752083-775963528-1000\..\SearchScopes\{84EFC4B2-B4BE-40B9-94AD-C88ACF7945ED}: "URL" = http://www.mysearchresults.com/search?c=2402&t=01&q={searchTerms}
IE - HKU\S-1-5-21-3787286749-1919752083-775963528-1000\..\SearchScopes\{C964E18D-297E-499F-BA9C-16A860C119E6}: "URL" = http://blekko.com/ws/?source=5f97ddbe&t ... a67be93&q={searchTerms}&r=538
IE - HKU\S-1-5-21-3787286749-1919752083-775963528-1000\..\SearchScopes\{F45823D9-B13C-43EF-BB59-57EB9FEEF8B8}: "URL" = http://search.conduit.com/ResultsExt.aspx?q={searchTerms}&SearchSource=4&ctid=CT1605787
IE - HKU\S-1-5-21-3787286749-1919752083-775963528-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

========== FireFox ==========

FF - prefs.js..browser.search.order.1: "Delta Search"
FF - prefs.js..browser.search.selectedEngine: "Delta Search"
FF - prefs.js..browser.startup.homepage: "http://www.delta-search.com/?babsrc=HP_ss&mntrId=30AD00FF07DFA2EE&affID=119520&tsp=4932"
FF - prefs.js..extensions.enabledAddons: ffxtlbr%40delta.com:1.5.0
FF - prefs.js..extensions.enabledAddons: singalong%40xenophesoft.com:1.111
FF - prefs.js..extensions.enabledAddons: %7BDF153AFF-6948-45d7-AC98-4FC4AF8A08E2%7D:1.3.3
FF - prefs.js..extensions.enabledAddons: %7B972ce4c6-7e08-4474-a285-3208198ce6fd%7D:22.0


FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files\Microsoft Silverlight\5.1.20913.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF32.dll ()
FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.45.2: C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files (x86)\Java\jre7\bin\new_plugin\npjp2.dll File not found
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.45.2: C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@messenger.yahoo.com/YahooMessengerStatePlugin;version=1.0.0.6: C:\Program Files (x86)\Yahoo!\Shared\npYState.dll (Yahoo! Inc.)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files (x86)\Microsoft Silverlight\5.1.20913.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3502.0922: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3538.0513: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@nvidia.com/3DVision: C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)
FF - HKLM\Software\MozillaPlugins\@nvidia.com/3DVisionStreaming: C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)
FF - HKLM\Software\MozillaPlugins\@real.com/nppl3260;version=16.0.3.51: c:\program files (x86)\real\realplayer\Netscape6\nppl3260.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprndlchromebrowserrecordext;version=1.3.3: C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlchromebrowserrecordext.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprndlhtml5videoshim;version=1.3.3: C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlhtml5videoshim.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprndlpepperflashvideoshim;version=1.3.3: C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlpepperflashvideoshim.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprpplugin;version=16.0.3.51: c:\program files (x86)\real\realplayer\Netscape6\nprpplugin.dll (RealPlayer)
FF - HKLM\Software\MozillaPlugins\@realnetworks.com/npdlplugin;version=1: C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\npdlplugin.dll (RealDownloader)
FF - HKLM\Software\MozillaPlugins\@t.garena.com/garenatalk: C:\Program Files (x86)\Garena Plus\bbtalk\plugins\npPlugin\npGarenaTalkPlugin.dll ( Garena)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files (x86)\Google\Update\1.3.22.3\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files (x86)\Google\Update\1.3.22.3\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@videolan.org/vlc,version=2.0.1: C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF - HKLM\Software\MozillaPlugins\ZEON/PDF,version=2.0: C:\Program Files (x86)\Nuance\PDF Reader\bin\nppdf.dll (Zeon Corporation)
FF - HKCU\Software\MozillaPlugins\@Skype Limited.com/Facebook Video Calling Plugin: C:\Users\WinDows7\AppData\Local\Facebook\Video\Skype\npFacebookVideoCalling.dll (Skype Limited)

FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{DF153AFF-6948-45d7-AC98-4FC4AF8A08E2}: C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\Firefox\Ext\ [2013/10/10 10:02:01 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 22.0\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 22.0\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins
FF - HKEY_CURRENT_USER\software\mozilla\Firefox\Extensions\\singalong@xenophesoft.com: C:\Program Files (x86)\SingAlong\FF\

[2013/06/27 22:21:10 | 000,000,000 | ---D | M] (No name found) -- C:\Users\WinDows7\AppData\Roaming\mozilla\Extensions
[2012/12/12 11:21:07 | 000,000,000 | ---D | M] (No name found) -- C:\Users\WinDows7\AppData\Roaming\mozilla\Firefox\extensions
[2012/12/12 11:21:08 | 000,000,000 | ---D | M] (uTorrentControl_v2) -- C:\Users\WinDows7\AppData\Roaming\mozilla\Firefox\extensions\{7473b6bd-4691-4744-a82b-7854eb3d70b6}
[2013/07/03 23:26:16 | 000,000,000 | ---D | M] (No name found) -- C:\Users\WinDows7\AppData\Roaming\mozilla\Firefox\Profiles\extensions
[2013/01/07 03:59:11 | 000,000,000 | ---D | M] (No name found) -- C:\Users\WinDows7\AppData\Roaming\mozilla\Firefox\Profiles\extensions\extensions
[2014/01/04 13:58:29 | 000,000,000 | ---D | M] (No name found) -- C:\Users\WinDows7\AppData\Roaming\mozilla\Firefox\Profiles\c7vtafrv.default\Extensions
[2014/01/04 13:58:29 | 000,000,000 | ---D | M] (gurEaTsaVEr) -- C:\Users\WinDows7\AppData\Roaming\mozilla\Firefox\Profiles\c7vtafrv.default\Extensions\eu3yoy@yiejhmkw.net
[2013/07/03 23:28:06 | 000,000,000 | ---D | M] (Delta Toolbar) -- C:\Users\WinDows7\AppData\Roaming\mozilla\Firefox\Profiles\c7vtafrv.default\Extensions\ffxtlbr@delta.com
[2014/01/04 13:58:29 | 000,000,000 | ---D | M] (YoutubeAdblocker) -- C:\Users\WinDows7\AppData\Roaming\mozilla\Firefox\Profiles\c7vtafrv.default\Extensions\gc8i_oi@ebcaoeuqe.co.uk
[2013/01/07 03:59:00 | 000,000,000 | ---D | M] (Complitly - Speed up your search with your personal search suggestions tool) -- C:\Users\WinDows7\AppData\Roaming\mozilla\Firefox\Profiles\extensions\extensions\{33e0daa6-3af3-d8b5-6752-10e949c61516}
[2013/01/07 03:59:11 | 000,000,000 | ---D | M] (NetScout Toolbar) -- C:\Users\WinDows7\AppData\Roaming\mozilla\Firefox\Profiles\extensions\extensions\{a85b3e8c-9d4d-47f1-a5b1-7c0e4267039d}
[2012/11/29 17:47:10 | 000,197,580 | ---- | M] () (No name found) -- C:\Users\WinDows7\AppData\Roaming\mozilla\firefox\profiles\extensions\ftdownloader@ftdownloader.com.xpi
[2013/07/03 23:26:52 | 000,006,505 | ---- | M] () -- C:\Users\WinDows7\AppData\Roaming\mozilla\firefox\profiles\c7vtafrv.default\searchplugins\babylon.xml
[2013/07/03 23:26:52 | 000,006,505 | ---- | M] () -- C:\Users\WinDows7\AppData\Roaming\mozilla\firefox\profiles\c7vtafrv.default\searchplugins\BrowserProtect.xml
[2013/07/03 23:28:07 | 000,001,294 | ---- | M] () -- C:\Users\WinDows7\AppData\Roaming\mozilla\firefox\profiles\c7vtafrv.default\searchplugins\delta.xml
[2013/07/03 23:28:03 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\Mozilla Firefox\extensions
[2013/06/27 22:37:30 | 000,000,000 | ---D | M] (Hotspot Shield Helper (Please allow this installation)) -- C:\Program Files (x86)\Mozilla Firefox\extensions\afurladvisor@anchorfree.com
[2013/07/03 23:28:03 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\Mozilla Firefox\extensions\ffxtlbr@babylon.com
[2013/11/30 09:48:03 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\Mozilla Firefox\browser\extensions
[2013/06/27 22:20:44 | 000,000,000 | ---D | M] (Default) -- C:\Program Files (x86)\Mozilla Firefox\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
File not found (No name found) -- C:\PROGRAM FILES (X86)\SINGALONG\FF
[2013/10/10 10:02:01 | 000,000,000 | ---D | M] (RealDownloader) -- C:\PROGRAMDATA\REALNETWORKS\REALDOWNLOADER\BROWSERPLUGINS\FIREFOX\EXT

========== Chrome ==========

CHR - homepage: http://www.alnaddy.com?src=default
CHR - Extension: No name found = C:\Users\WinDows7\AppData\Local\Google\Chrome\User Data\Default\Extensions\abepbblpkilpjohncjbccmdjhdhbnhdj\1.111\
CHR - Extension: No name found = C:\Users\WinDows7\AppData\Local\Google\Chrome\User Data\Default\Extensions\eooncjejnppfjjklapaamhcdmjbilmde\1.4\
CHR - Extension: No name found = C:\Users\WinDows7\AppData\Local\Google\Chrome\User Data\Default\Extensions\idhngdhcfkoamngbedgpaokgjbnpdiji\1.3.3\

O1 HOSTS File: ([2014/01/10 22:45:51 | 000,000,098 | ---- | M]) - C:\Windows\SysNative\drivers\etc\Hosts
O1 - Hosts: 127.0.0.1 localhost
O1 - Hosts: ::1 localhost
O2:64bit: - BHO: (Complitly) - {0FB6A909-6086-458F-BD92-1F8EE10042A0} - C:\Users\WinDows7\AppData\Roaming\Complitly\64\Complitly64.dll (SimplyGen)
O2:64bit: - BHO: (Skype add-on for Internet Explorer) - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll (Skype Technologies S.A.)
O2:64bit: - BHO: (YoutubeAdblocker) - {CB62BC6E-237A-ED05-81F6-CF3AC9AFCD7E} - C:\Program Files (x86)\YoutubeAdblocker\rz5.x64.dll ()
O2:64bit: - BHO: (Hotspot Shield Class) - {F9E4A054-E9B1-4BC3-83A3-76A1AE736170} - C:\Program Files (x86)\Hotspot Shield\HssIE\HssIE_64.dll File not found
O2 - BHO: (&Yahoo! Toolbar Helper) - {02478D38-C3F9-4efb-9B51-7695ECA05670} - C:\Program Files (x86)\Yahoo!\Companion\Installs\cpn2\yt.dll (Yahoo! Inc.)
O2 - BHO: (Adobe PDF Reader Link Helper) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files (x86)\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll (Adobe Systems Incorporated)
O2 - BHO: (Broowsee22save) - {07832DAB-19AC-D5D9-AE11-1931C86E0409} - C:\ProgramData\Broowsee22save\515972bf7bec6.dll ()
O2 - BHO: (Complitly) - {0FB6A909-6086-458F-BD92-1F8EE10042A0} - C:\Users\WinDows7\AppData\Roaming\Complitly\Complitly.dll (SimplyGen)
O2 - BHO: (RealNetworks Download and Record Plugin for Internet Explorer) - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\IE\rndlbrowserrecordplugin.dll (RealDownloader)
O2 - BHO: (Fast Search) - {5AB7104A-B71F-49AD-9154-F7F8806AE848} - C:\Program Files (x86)\Surf Canyon\surfcanyon.dll (Surf Canyon Incorporated)
O2 - BHO: (SelectionLinks) - {7825CFB6-490A-436B-9F26-4A7B5CFC01A9} - C:\Program Files (x86)\OApps\SelectionLinks.dll (SelectionLinks)
O2 - BHO: (NetScout Toolbar) - {7bb92ae5-1774-4fa5-9d16-1245f2c19011} - C:\Users\WinDows7\AppData\Roaming\NetScoutToolbar\NetScoutToolbar.dll (Simplytech Ltd.)
O2 - BHO: (DefaultTab Browser Helper) - {7F6AFBF1-E065-4627-A2FD-810366367D01} - C:\Users\WinDows7\AppData\Roaming\DefaultTab\DefaultTab\DefaultTabBHO.dll (Search Results LLC.)
O2 - BHO: (CIESpeechBHO Class) - {8D10F6C4-0E01-4BD4-8601-11AC1FDF8126} - C:\Program Files (x86)\Bluetooth Suite\IEPlugIn.dll (Atheros Commnucations)
O2 - BHO: (Related Searches) - {96A25A24-2E87-4374-8A50-CC6F943FCE4D} - C:\Users\WinDows7\AppData\Roaming\DefaultTab\DefaultTab\Apps\RelatedLinksBHO.dll (Search Results)
O2 - BHO: (Skype Browser Helper) - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O2 - BHO: (delta Helper Object) - {C1AF5FA5-852C-4C90-812E-A7F75E011D87} - C:\Program Files (x86)\Delta\delta\1.8.21.5\bh\delta.dll (Delta-search.com)
O2 - BHO: (YoutubeAdblocker) - {CB62BC6E-237A-ED05-81F6-CF3AC9AFCD7E} - C:\Program Files (x86)\YoutubeAdblocker\rz5.dll ()
O2 - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
O3:64bit: - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
O3 - HKLM\..\Toolbar: (NetScout Toolbar) - {7bb92ae5-1774-4fa5-9d16-1245f2c19011} - C:\Users\WinDows7\AppData\Roaming\NetScoutToolbar\NetScoutToolbar.dll (Simplytech Ltd.)
O3 - HKLM\..\Toolbar: (Delta Toolbar) - {82E1477C-B154-48D3-9891-33D83C26BCD3} - C:\Program Files (x86)\Delta\delta\1.8.21.5\deltaTlbr.dll (Delta-search.com)
O3 - HKLM\..\Toolbar: (Related Searches) - {96A25A24-2E87-4374-8A50-CC6F943FCE4D} - C:\Users\WinDows7\AppData\Roaming\DefaultTab\DefaultTab\Apps\RelatedLinksBHO.dll (Search Results)
O3 - HKLM\..\Toolbar: (Yahoo! Toolbar) - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files (x86)\Yahoo!\Companion\Installs\cpn2\yt.dll (Yahoo! Inc.)
O3 - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
O4:64bit: - HKLM..\Run: [AthBtTray] C:\Program Files (x86)\Bluetooth Suite\AthBtTray.exe (Atheros Commnucations)
O4:64bit: - HKLM..\Run: [AtherosBtStack] C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe (Atheros Commnucations)
O4:64bit: - HKLM..\Run: [ETDCtrl] C:\Program Files\Elantech\ETDCtrl.exe (ELAN Microelectronics Corp.)
O4:64bit: - HKLM..\Run: [IntelTBRunOnce] wscript.exe //b //nologo "C:\Program Files\Intel\TurboBoost\RunTBGadgetOnce.vbs" File not found
O4:64bit: - HKLM..\Run: [MSC] C:\Program Files\Microsoft Security Client\msseces.exe (Microsoft Corporation)
O4:64bit: - HKLM..\Run: [NvBackend] C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe (NVIDIA Corporation)
O4:64bit: - HKLM..\Run: [Nvtmru] C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\nvtmru.exe (NVIDIA Corporation)
O4:64bit: - HKLM..\Run: [RtHDVBg] C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe (Realtek Semiconductor)
O4:64bit: - HKLM..\Run: [ShadowPlay] C:\Windows\SysNative\nvspcap64.dll (NVIDIA Corporation)
O4 - HKLM..\Run: [] File not found
O4 - HKLM..\Run: [ASUSPRP] C:\Program Files (x86)\ASUS\APRP\APRP.EXE (ASUSTek Computer Inc.)
O4 - HKLM..\Run: [ASUSWebStorage] C:\Program Files (x86)\ASUS\ASUS WebStorage\3.0.143.296\AsusWSPanel.exe (ASUS Cloud Corporation)
O4 - HKLM..\Run: [ATKMEDIA] C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe (ASUSTek Computer Inc.)
O4 - HKLM..\Run: [ATKOSD2] C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe (ASUSTek Computer Inc.)
O4 - HKLM..\Run: [HControlUser] C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControlUser.exe (ASUS)
O4 - HKLM..\Run: [KiesTrayAgent] C:\Program Files (x86)\Samsung\Kies\KiesTrayAgent.exe (Samsung Electronics Co., Ltd.)
O4 - HKLM..\Run: [LWBMOUSE] C:\Program Files (x86)\Browser Mouse\Browser Mouse\1.1\Mouse32A.exe ()
O4 - HKLM..\Run: [Nuance PDF Reader-reminder] C:\Program Files (x86)\Nuance\PDF Reader\Ereg\Ereg.exe (Nuance Communications, Inc.)
O4 - HKLM..\Run: [SonicMasterTray] C:\Program Files (x86)\ASUS\Sonic Focus\SonicFocusTray.exe (Virage Logic Corporation / Sonic Focus)
O4 - HKLM..\Run: [TkBellExe] c:\program files (x86)\real\realplayer\Update\realsched.exe (RealNetworks, Inc.)
O4 - HKLM..\Run: [Wireless Console 3] C:\Program Files (x86)\ASUS\Wireless Console 3\wcourier.exe ()
O4 - HKU\S-1-5-19..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation)
O4 - HKU\S-1-5-20..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation)
O4 - HKU\S-1-5-21-3787286749-1919752083-775963528-1000..\Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] C:\Program Files (x86)\Common Files\Ahead\Lib\NMBgMonitor.exe (Nero AG)
O4 - HKU\S-1-5-21-3787286749-1919752083-775963528-1000..\Run: [Facebook Update] C:\Users\WinDows7\AppData\Local\Facebook\Update\FacebookUpdate.exe (Facebook Inc.)
O4 - HKU\S-1-5-21-3787286749-1919752083-775963528-1000..\Run: [KiesAirMessage] C:\Program Files (x86)\Samsung\Kies\KiesAirMessage.exe (Samsung Electronics)
O4 - HKU\S-1-5-21-3787286749-1919752083-775963528-1000..\Run: [KiesPreload] C:\Program Files (x86)\Samsung\Kies\Kies.exe (Samsung)
O4 - HKU\S-1-5-21-3787286749-1919752083-775963528-1000..\Run: [Messenger (Yahoo!)] C:\Program Files (x86)\Yahoo!\Messenger\YahooMessenger.exe (Yahoo! Inc.)
O4 - HKU\S-1-5-21-3787286749-1919752083-775963528-1000..\Run: [Steam] C:\Program Files (x86)\Counter-Strike Global Offensive\Steam\Steam.exe (Valve Corporation)
O4 - HKU\S-1-5-21-3787286749-1919752083-775963528-1000..\Run: [Viber] "C:\Users\WinDows7\AppData\Local\Viber\Viber.exe" StartMinimized File not found
O4 - HKU\S-1-5-19..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found
O4 - HKU\S-1-5-20..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O7 - HKU\S-1-5-21-3787286749-1919752083-775963528-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 0
O7 - HKU\S-1-5-21-3787286749-1919752083-775963528-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O9:64bit: - Extra 'Tools' menuitem : Send by Bluetooth to - {7815BE26-237D-41A8-A98F-F7BD75F71086} - Reg Error: Value error. File not found
O9:64bit: - Extra Button: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll (Skype Technologies S.A.)
O9 - Extra Button: HP Smart Print - {22CC3EBD-C286-43aa-B8E6-06B115F74162} - C:\Program Files (x86)\Hewlett-Packard\Smart Print 2.0\smartprintsetup.exe (Hewlett-Packard)
O9 - Extra 'Tools' menuitem : HP Smart Print - {22CC3EBD-C286-43aa-B8E6-06B115F74162} - C:\Program Files (x86)\Hewlett-Packard\Smart Print 2.0\smartprintsetup.exe (Hewlett-Packard)
O9 - Extra 'Tools' menuitem : Send by Bluetooth to - {7815BE26-237D-41A8-A98F-F7BD75F71086} - C:\Program Files (x86)\Bluetooth Suite\IEPlugIn.dll (Atheros Commnucations)
O9 - Extra Button: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O1364bit: - gopher Prefix: missing
O13 - gopher Prefix: missing
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.7.0/jinsta ... s-i586.cab (Java Plug-in 10.45.2)
O16 - DPF: {CAFEEFAC-0017-0000-0045-ABCDEFFEDCBA} http://java.sun.com/update/1.7.0/jinsta ... s-i586.cab (Java Plug-in 1.7.0_45)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.7.0/jinsta ... s-i586.cab (Java Plug-in 1.7.0_45)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.2.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{00ED5151-579A-4487-A34A-6BF3D2C2124F}: DhcpNameServer = 192.168.2.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{1F28261D-C2DC-4615-B9B9-B2E69821084A}: DhcpNameServer = 192.168.42.129
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{F5471CC3-E017-4FB8-8A1D-1EB1EBA8A8D3}: DhcpNameServer = 192.168.42.129
O18:64bit: - Protocol\Handler\grooveLocalGWS - No CLSID value found
O18:64bit: - Protocol\Handler\livecall - No CLSID value found
O18:64bit: - Protocol\Handler\ms-help - No CLSID value found
O18:64bit: - Protocol\Handler\msnim - No CLSID value found
O18:64bit: - Protocol\Handler\skype4com - No CLSID value found
O18:64bit: - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll (Skype Technologies S.A.)
O18:64bit: - Protocol\Handler\wlmailhtml - No CLSID value found
O18:64bit: - Protocol\Handler\wlpg - No CLSID value found
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O18 - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O20:64bit: - AppInit_DLLs: (C:\PROGRA~2\GS-ENA~1\ASSIST~2.DLL) - C:\Program Files (x86)\GS-Enabler\Assistant_x64.dll ()
O20 - AppInit_DLLs: (c:\progra~2\gs-ena~1\assist~1.dll) - c:\Program Files (x86)\GS-Enabler\Assistant.dll ()
O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (userinit.exe) - C:\Windows\SysWow64\userinit.exe (Microsoft Corporation)
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O32 - HKLM CDRom: AutoRun - 1
O34 - HKLM BootExecute: (autocheck autochk *)
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)

========== Files/Folders - Created Within 30 Days ==========

[2014/01/14 23:22:25 | 000,000,000 | ---D | C] -- C:\AdwCleaner
[2014/01/14 23:17:19 | 000,000,000 | R--D | C] -- C:\Users\WinDows7\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\BT Devices
[2014/01/14 22:58:37 | 000,000,000 | ---D | C] -- C:\RegBackup
[2014/01/14 22:58:06 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Tweaking.com
[2014/01/14 22:58:04 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Tweaking.com
[2014/01/10 22:42:58 | 000,000,000 | ---D | C] -- C:\_OTL
[2014/01/10 21:33:33 | 000,000,000 | ---D | C] -- C:\MGADiagToolOutput
[2014/01/10 21:33:10 | 000,000,000 | ---D | C] -- C:\ProgramData\Office Genuine Advantage
[2013/12/31 20:21:02 | 000,000,000 | ---D | C] -- C:\Users\WinDows7\AppData\Roaming\EZDownloader
[2013/12/31 20:17:56 | 000,000,000 | ---D | C] -- C:\Users\WinDows7\Documents\Optimizer Pro
[2013/12/31 20:12:21 | 000,000,000 | ---D | C] -- C:\ProgramData\QuickSet
[2013/12/31 20:12:15 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\GS-Enabler
[2013/12/31 20:11:36 | 000,000,000 | ---D | C] -- C:\ProgramData\YoutubeAdblocker
[2013/12/31 20:11:36 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\YoutubeAdblocker
[2013/12/31 20:11:20 | 000,000,000 | ---D | C] -- C:\ProgramData\e758283df9e729ea
[2013/12/31 20:11:19 | 000,000,000 | ---D | C] -- C:\Users\WinDows7\AppData\Local\Packages
[2013/12/31 20:11:19 | 000,000,000 | ---D | C] -- C:\ProgramData\gurEaTsaVEr
[2013/12/31 20:11:18 | 000,000,000 | ---D | C] -- C:\Users\WinDows7\AppData\Local\Torch
[2013/12/31 20:11:18 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\gurEaTsaVEr
[2013/12/31 20:11:18 | 000,000,000 | ---D | C] -- C:\Users\WinDows7\AppData\Local\Comodo
[2013/12/26 17:53:22 | 000,004,096 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieetwcollectorres.dll
[2013/12/26 17:53:21 | 000,574,976 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieui.dll
[2013/12/26 17:53:21 | 000,440,832 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieui.dll
[2013/12/26 17:53:21 | 000,218,624 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ie4uinit.exe
[2013/12/26 17:53:21 | 000,139,264 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieUnatt.exe
[2013/12/26 17:53:21 | 000,033,792 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\iernonce.dll
[2013/12/26 17:53:20 | 000,817,664 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieapfltr.dll
[2013/12/26 17:53:20 | 000,708,608 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\jscript9diag.dll
[2013/12/26 17:53:20 | 000,553,472 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\jscript9diag.dll
[2013/12/26 17:53:20 | 000,111,616 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieetwcollector.exe
[2013/12/26 17:53:20 | 000,066,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\iesetup.dll
[2013/12/26 17:53:20 | 000,048,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieetwproxystub.dll
[2013/12/26 17:53:19 | 000,703,488 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieapfltr.dll
[2013/12/26 17:53:18 | 001,995,264 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\inetcpl.cpl
[2013/12/26 17:53:18 | 001,928,192 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\inetcpl.cpl
[2013/12/26 17:53:16 | 005,769,216 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\jscript9.dll
[2013/12/26 17:50:23 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft Security Client
[2013/12/26 17:36:01 | 000,000,000 | ---D | C] -- C:\Users\Public\Documents\CrashDump

========== Files - Modified Within 30 Days ==========

[2014/01/14 23:24:02 | 000,018,736 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2014/01/14 23:24:02 | 000,018,736 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2014/01/14 23:18:00 | 000,000,902 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2014/01/14 23:17:14 | 000,001,952 | ---- | M] () -- C:\Users\WinDows7\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Monitor Ink Alerts - HP Deskjet 2050 J510 series.lnk
[2014/01/14 23:17:08 | 000,045,056 | ---- | M] () -- C:\Windows\SysWow64\acovcnt.exe
[2014/01/14 23:17:03 | 000,000,898 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2014/01/14 23:17:03 | 000,000,446 | -H-- | M] () -- C:\Windows\tasks\GS-Enabler-S-960308484.job
[2014/01/14 23:16:57 | 000,000,439 | ---- | M] () -- C:\Windows\SysNative\drivers\etc\hosts.ics
[2014/01/14 23:16:34 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2014/01/14 23:16:29 | 518,606,847 | -HS- | M] () -- C:\hiberfil.sys
[2014/01/14 22:59:14 | 000,000,207 | ---- | M] () -- C:\Windows\tweaking.com-regbackup-WINDOWS7-PC-Microsoft-Windows-7-Home-Premium-(64-bit).dat
[2014/01/14 22:58:06 | 000,002,237 | ---- | M] () -- C:\Users\Public\Desktop\Tweaking.com - Registry Backup.lnk
[2014/01/14 21:18:01 | 000,000,940 | ---- | M] () -- C:\Windows\tasks\FacebookUpdateTaskUserS-1-5-21-3787286749-1919752083-775963528-1000UA.job
[2014/01/14 17:57:04 | 000,000,258 | RHS- | M] () -- C:\Users\WinDows7\ntuser.pol
[2014/01/12 16:32:49 | 000,794,646 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2014/01/12 16:32:49 | 000,671,942 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2014/01/12 16:32:49 | 000,125,178 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2014/01/10 22:45:51 | 000,000,098 | ---- | M] () -- C:\Windows\SysNative\drivers\etc\Hosts
[2013/12/26 17:50:47 | 000,001,945 | ---- | M] () -- C:\Windows\epplauncher.mif

========== Files Created - No Company Name ==========

[2014/01/14 22:59:14 | 000,000,207 | ---- | C] () -- C:\Windows\tweaking.com-regbackup-WINDOWS7-PC-Microsoft-Windows-7-Home-Premium-(64-bit).dat
[2014/01/14 22:58:06 | 000,002,237 | ---- | C] () -- C:\Users\Public\Desktop\Tweaking.com - Registry Backup.lnk
[2013/12/31 20:12:22 | 000,000,446 | -H-- | C] () -- C:\Windows\tasks\GS-Enabler-S-960308484.job
[2013/12/03 16:13:00 | 000,000,000 | -HS- | C] () -- C:\Users\WinDows7\AppData\Local\LumaEmu
[2013/07/03 23:25:07 | 000,723,230 | ---- | C] () -- C:\Windows\unins000.exe
[2013/07/03 23:25:07 | 000,047,877 | ---- | C] () -- C:\Windows\unins000.dat
[2013/05/08 17:07:23 | 000,009,216 | ---- | C] () -- C:\Users\WinDows7\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2013/05/05 14:21:20 | 000,532,480 | ---- | C] () -- C:\Windows\SysWow64\CddbPlaylist2Sony.dll
[2013/05/05 13:43:28 | 000,000,258 | RHS- | C] () -- C:\Users\WinDows7\ntuser.pol
[2013/04/11 10:10:27 | 000,000,057 | ---- | C] () -- C:\ProgramData\Ament.ini
[2013/03/06 10:46:34 | 000,110,592 | ---- | C] () -- C:\Windows\SysWow64\FsUsbExDevice.Dll
[2013/03/06 10:46:34 | 000,037,344 | ---- | C] () -- C:\Windows\SysWow64\FsUsbExDisk.Sys
[2013/01/12 10:45:49 | 000,045,270 | ---- | C] () -- C:\Users\WinDows7\AppData\Roaming\room_v3.dat
[2013/01/07 03:59:09 | 000,015,432 | ---- | C] () -- C:\Windows\Launcher.exe
[2012/12/31 06:04:39 | 000,000,331 | ---- | C] () -- C:\Windows\game.ini
[2012/12/19 18:15:09 | 000,007,602 | ---- | C] () -- C:\Users\WinDows7\AppData\Local\resmon.resmoncfg
[2012/12/18 01:43:53 | 000,059,422 | ---- | C] () -- C:\Windows\War3Unin.dat
[2012/12/07 00:03:14 | 000,045,056 | ---- | C] () -- C:\Windows\SysWow64\acovcnt.exe
[2012/09/26 20:57:16 | 000,030,568 | ---- | C] () -- C:\Windows\MusiccityDownload.exe
[2012/09/26 20:57:14 | 000,974,848 | ---- | C] () -- C:\Windows\SysWow64\cis-2.4.dll
[2012/09/26 20:57:14 | 000,081,920 | ---- | C] () -- C:\Windows\SysWow64\issacapi_bs-2.3.dll
[2012/09/26 20:57:14 | 000,065,536 | ---- | C] () -- C:\Windows\SysWow64\issacapi_pe-2.3.dll
[2012/09/26 20:57:14 | 000,057,344 | ---- | C] () -- C:\Windows\SysWow64\issacapi_se-2.3.dll
[2011/10/19 01:31:09 | 000,131,984 | ---- | C] () -- C:\ProgramData\FullRemove.exe

========== ZeroAccess Check ==========

[2009/07/14 07:55:00 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini

[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64

[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]

[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] /64

[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
"" = C:\Windows\SysNative\shell32.dll -- [2013/07/26 05:24:57 | 014,172,672 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2013/07/26 04:55:59 | 012,872,704 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\fastprox.dll -- [2009/07/14 04:40:51 | 000,909,312 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2010/11/20 15:19:04 | 000,606,208 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\wbemess.dll -- [2009/07/14 04:41:56 | 000,505,856 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]

========== LOP Check ==========

[2013/10/11 00:50:09 | 000,000,000 | ---D | M] -- C:\Users\WinDows7\AppData\Roaming\2K Sports
[2013/01/05 07:12:49 | 000,000,000 | ---D | M] -- C:\Users\WinDows7\AppData\Roaming\AnvSoft
[2012/12/15 00:15:39 | 000,000,000 | ---D | M] -- C:\Users\WinDows7\AppData\Roaming\ASUS WebStorage
[2013/07/03 23:28:08 | 000,000,000 | ---D | M] -- C:\Users\WinDows7\AppData\Roaming\BabSolution
[2013/04/03 19:35:34 | 000,000,000 | ---D | M] -- C:\Users\WinDows7\AppData\Roaming\Babylon
[2013/06/23 00:00:30 | 000,000,000 | ---D | M] -- C:\Users\WinDows7\AppData\Roaming\baidu
[2013/06/23 00:00:21 | 000,000,000 | ---D | M] -- C:\Users\WinDows7\AppData\Roaming\Baidu Security
[2013/01/07 08:43:45 | 000,000,000 | ---D | M] -- C:\Users\WinDows7\AppData\Roaming\Complitly
[2013/06/23 00:02:13 | 000,000,000 | ---D | M] -- C:\Users\WinDows7\AppData\Roaming\DAEMON Tools Pro
[2013/05/05 13:43:24 | 000,000,000 | ---D | M] -- C:\Users\WinDows7\AppData\Roaming\DefaultTab
[2013/11/20 09:05:30 | 000,000,000 | ---D | M] -- C:\Users\WinDows7\AppData\Roaming\DMCache
[2013/01/07 09:57:26 | 000,000,000 | ---D | M] -- C:\Users\WinDows7\AppData\Roaming\ExpressFiles
[2013/12/31 20:21:02 | 000,000,000 | ---D | M] -- C:\Users\WinDows7\AppData\Roaming\EZDownloader
[2013/01/07 17:01:41 | 000,000,000 | ---D | M] -- C:\Users\WinDows7\AppData\Roaming\Far Cry 3
[2013/07/02 08:35:57 | 000,000,000 | ---D | M] -- C:\Users\WinDows7\AppData\Roaming\File Scout
[2013/04/25 02:06:28 | 000,000,000 | ---D | M] -- C:\Users\WinDows7\AppData\Roaming\GarenaPlus
[2013/01/04 15:13:58 | 000,000,000 | ---D | M] -- C:\Users\WinDows7\AppData\Roaming\IObit
[2013/01/07 03:59:10 | 000,000,000 | ---D | M] -- C:\Users\WinDows7\AppData\Roaming\NetScoutToolbar
[2012/12/08 14:56:35 | 000,000,000 | ---D | M] -- C:\Users\WinDows7\AppData\Roaming\Nuance
[2013/04/26 11:37:27 | 000,000,000 | ---D | M] -- C:\Users\WinDows7\AppData\Roaming\ooVoo Details
[2013/06/22 23:58:39 | 000,000,000 | ---D | M] -- C:\Users\WinDows7\AppData\Roaming\OpenCandy
[2012/12/12 12:45:25 | 000,000,000 | ---D | M] -- C:\Users\WinDows7\AppData\Roaming\Samsung
[2013/05/08 17:07:23 | 000,000,000 | ---D | M] -- C:\Users\WinDows7\AppData\Roaming\Solveig Multimedia
[2013/07/19 09:34:21 | 000,000,000 | ---D | M] -- C:\Users\WinDows7\AppData\Roaming\Systweak
[2013/07/14 09:49:17 | 000,000,000 | ---D | M] -- C:\Users\WinDows7\AppData\Roaming\Transcend Elite
[2012/12/08 14:56:32 | 000,000,000 | ---D | M] -- C:\Users\WinDows7\AppData\Roaming\Zeon

========== Purity Check ==========



< End of report >
ahlchie
Regular Member
 
Posts: 29
Joined: January 10th, 2014, 4:26 pm

Re: My folders in hard disk are appearing as shortcuts

Unread postby ahlchie » January 14th, 2014, 4:40 pm

Extras.txt

OTL Extras logfile created on: 1/14/2014 11:28:12 PM - Run 2
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\WinDows7\Downloads
64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.11.9600.16428)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

5.98 Gb Total Physical Memory | 3.87 Gb Available Physical Memory | 64.78% Memory free
11.95 Gb Paging File | 9.47 Gb Available in Paging File | 79.25% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 300.00 Gb Total Space | 142.12 Gb Free Space | 47.37% Space Free | Partition Type: NTFS
Drive D: | 373.64 Gb Total Space | 188.94 Gb Free Space | 50.57% Space Free | Partition Type: NTFS
Drive H: | 931.51 Gb Total Space | 529.83 Gb Free Space | 56.88% Space Free | Partition Type: NTFS

Computer Name: WINDOWS7-PC | User Name: WinDows7 | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Extra Registry (SafeList) ==========


========== File Associations ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.html[@ = FirefoxHTML] -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation)
.url[@ = InternetShortcut] -- C:\Windows\SysNative\rundll32.exe (Microsoft Corporation)

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\SysWow64\control.exe (Microsoft Corporation)
.html [@ = FirefoxHTML] -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation)

[HKEY_USERS\S-1-5-21-3787286749-1919752083-775963528-1000\SOFTWARE\Classes\<extension>]
.html [@ = ChromeHTML] -- Reg Error: Key error. File not found

========== Shell Spawning ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
htmlfile [opennew] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
htmlfile [print] -- "%systemroot%\system32\rundll32.exe" "%systemroot%\system32\mshtml.dll",PrintHTML "%1"
http [open] -- "C:\Program Files (x86)\Mozilla Firefox\firefox.exe" -osint -url "%1" (Mozilla Corporation)
https [open] -- "C:\Program Files (x86)\Mozilla Firefox\firefox.exe" -osint -url "%1" (Mozilla Corporation)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
InternetShortcut [open] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll",OpenURL %l (Microsoft Corporation)
InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- "C:\Users\WinDows7\AppData\Roaming\File Scout\filescout.exe" /open "%1" ()
Directory [AddToPlaylistVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" ()
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" ()
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Applications\iexplore.exe [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
CLSID\{871C5380-42A0-1069-A2EA-08002B30309D} [OpenHomePage] -- "C:\Program Files\Internet Explorer\iexplore.exe" (Microsoft Corporation)

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
htmlfile [opennew] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
htmlfile [print] -- "%systemroot%\system32\rundll32.exe" "%systemroot%\system32\mshtml.dll",PrintHTML "%1"
http [open] -- "C:\Program Files (x86)\Mozilla Firefox\firefox.exe" -osint -url "%1" (Mozilla Corporation)
https [open] -- "C:\Program Files (x86)\Mozilla Firefox\firefox.exe" -osint -url "%1" (Mozilla Corporation)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- "C:\Users\WinDows7\AppData\Roaming\File Scout\filescout.exe" /open "%1" ()
Directory [AddToPlaylistVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" ()
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" ()
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Applications\iexplore.exe [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
CLSID\{871C5380-42A0-1069-A2EA-08002B30309D} [OpenHomePage] -- Reg Error: Value error.

========== Security Center Settings ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = 28 4D B2 76 41 04 CA 01 [binary data]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"AutoUpdateDisableNotify" = 1

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]

========== Firewall Settings ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0

========== Authorized Applications List ==========


========== Vista Active Open Ports Exception List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{025279ED-AC4D-4915-91FB-DD114DCAB605}" = lport=10243 | protocol=6 | dir=in | app=system |
"{17B8F25F-2D4D-468A-9F6D-0669CB19D889}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{1D9DD925-D55A-49F6-B5E5-E8C404081E22}" = lport=48000 | protocol=17 | dir=in | app=c:\program files\nvidia corporation\nvstreamsrv\nvstreamer.exe |
"{1E26D232-6FD4-48F5-9CC5-3C2B36D8BF5B}" = rport=10243 | protocol=6 | dir=out | app=system |
"{2054343C-A2B2-42A1-A2DF-C1624A9B0370}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{212CFB29-4ED8-4C48-B66E-D41F090A9534}" = rport=139 | protocol=6 | dir=out | app=system |
"{29AF64BB-5B68-4FA7-99F8-12029678840C}" = lport=5353 | protocol=17 | dir=in | app=c:\program files\nvidia corporation\nvstreamsrv\nvstreamsvc.exe |
"{2ECBB142-C7C1-4096-AF6F-538C490059B0}" = lport=443 | protocol=6 | dir=in | app=c:\program files (x86)\nvidia corporation\netservice\nvnetworkservice.exe |
"{2F7C2B38-7BD7-41FB-9AE8-DDBA3ABA6022}" = lport=3702 | protocol=17 | dir=in | svc=fdphost | app=%systemroot%\system32\svchost.exe |
"{380408F9-60EF-4F14-9072-A8A639BE1405}" = lport=47987 | protocol=6 | dir=in | app=c:\program files\nvidia corporation\nvstreamsrv\nvstreamsvc.exe |
"{38AFEF5E-A377-4643-8D26-23587F683F12}" = rport=2177 | protocol=6 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{3A277E5F-AC5C-46C2-B07D-729BC2BB9149}" = lport=5353 | protocol=17 | dir=in | app=c:\program files\nvidia corporation\nvstreamsrv\nvstreamsvc.exe |
"{40A814EE-2390-4F0B-9BC1-39A08731DBC8}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | name=@firewallapi.dll,-28539 |
"{53517424-580E-47D5-AC35-BDD61709FCD8}" = rport=3702 | protocol=17 | dir=out | svc=fdphost | app=%systemroot%\system32\svchost.exe |
"{547EBF84-B90E-497B-9C55-D982895CCA95}" = rport=137 | protocol=17 | dir=out | app=system |
"{5C63284E-6BAE-4DA3-ACCC-81BE664B9EA6}" = lport=547 | protocol=17 | dir=in | svc=sharedaccess | app=%systemroot%\system32\svchost.exe |
"{68ED4F9C-DEE0-493A-BBB5-01AB99664C3B}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{721F2C1C-8F99-4EE0-927D-637AC65C6A80}" = lport=68 | protocol=17 | dir=in | svc=sharedaccess | app=%systemroot%\system32\svchost.exe |
"{73F37F0E-69E8-47D6-8427-B64235AB2CCB}" = lport=67 | protocol=17 | dir=in | svc=sharedaccess | app=%systemroot%\system32\svchost.exe |
"{769FCCE6-93F5-487B-9938-660D37620EBA}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{77F1A864-EE5B-4E7E-A3F9-CDD25E50921A}" = lport=48000 | protocol=17 | dir=in | app=c:\program files\nvidia corporation\nvstreamsrv\nvstreamer.exe |
"{79F7901B-F4A6-4243-B5FA-09E1D40456AC}" = lport=80 | protocol=6 | dir=in | app=c:\program files (x86)\nvidia corporation\netservice\nvnetworkservice.exe |
"{83ACCB22-EBA8-42AB-A379-2BA29AA3BD93}" = lport=137 | protocol=17 | dir=in | app=system |
"{872CF861-E169-4D0A-9068-C6994DB27D2E}" = rport=2869 | protocol=6 | dir=out | app=system |
"{88242106-49E7-479D-9628-9C4FF8C34835}" = lport=47987 | protocol=6 | dir=in | app=c:\program files\nvidia corporation\nvstreamsrv\nvstreamsvc.exe |
"{89A4AE0B-EA8D-498C-8E27-7E1CD7B7F52D}" = lport=445 | protocol=6 | dir=in | app=system |
"{8ABF9297-8E85-4180-8D89-1A0CC9780F17}" = lport=rpc | protocol=6 | dir=in | svc=spooler | app=%systemroot%\system32\spoolsv.exe |
"{97712507-C46D-49A5-9807-04E02E6528B7}" = rport=2177 | protocol=17 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{98319204-B3C7-431B-B68F-FC3561F82446}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{9EB7808A-AAF1-47CE-9354-FD196AB28FDC}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{A55D475C-AA27-4EFB-BED4-01EC1C857726}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{B0AD9433-7595-45B1-B1DC-70C21259B1DD}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{B7E3F21E-A9F5-4FCC-B0AB-73AE44DABF37}" = lport=53 | protocol=17 | dir=in | svc=sharedaccess | app=%systemroot%\system32\svchost.exe |
"{BB0390AB-77EF-43C2-8763-593CAC8F46E3}" = lport=47991 | protocol=6 | dir=in | app=c:\program files\nvidia corporation\nvstreamsrv\nvstreamer.exe |
"{C09CDC7D-89D8-46B9-A587-552163572D31}" = lport=2869 | protocol=6 | dir=in | app=system |
"{C6FF0531-893D-417D-BF46-C2C7A81C0E8C}" = lport=139 | protocol=6 | dir=in | app=system |
"{C70D5758-D941-46D9-A910-62E0AAC68ECC}" = lport=2177 | protocol=6 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{C870DF96-3989-4E0D-8355-7750F84CF80F}" = rport=3702 | protocol=17 | dir=out | svc=fdrespub | app=%systemroot%\system32\svchost.exe |
"{CFBACA79-FF4E-4DFC-960C-51F5D90D8F8B}" = lport=2177 | protocol=17 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{D27C3D53-E633-45B2-95C7-8B030F7B8C6A}" = lport=47991 | protocol=6 | dir=in | app=c:\program files\nvidia corporation\nvstreamsrv\nvstreamer.exe |
"{D3A118A5-579B-4204-865D-AE139309672C}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{D3F8459B-510F-4B36-A9B1-D1DB4C7E48FA}" = lport=3702 | protocol=17 | dir=in | svc=fdrespub | app=%systemroot%\system32\svchost.exe |
"{D4B7B378-C67B-4435-85BF-7CBF4377D2D7}" = rport=138 | protocol=17 | dir=out | app=system |
"{D555E2AC-6078-45D2-9B70-B89EBE04E281}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{D5980E02-BFFF-45FD-8A95-3F38594593E1}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{D8787CF6-7AD9-43FF-925E-F436C04BBF04}" = lport=138 | protocol=17 | dir=in | app=system |
"{E7147582-0E29-4BF7-B2A1-3EC582720943}" = lport=2869 | protocol=6 | dir=in | app=system |
"{FCA64999-ABCA-433B-ADFE-A1621C97BEBC}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{FFD644C0-B89F-4E95-9386-2692E1277B31}" = rport=445 | protocol=6 | dir=out | app=system |

========== Vista Active Application Exception List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{0430BD72-D180-40D6-8579-1B768C8FCFE1}" = protocol=6 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{073615F8-82BC-4436-B165-8DCD5F3CF0B1}" = protocol=1 | dir=in | name=@firewallapi.dll,-28543 |
"{082E8B3A-48C0-480D-85E6-1B176E709121}" = protocol=6 | dir=in | app=c:\program files (x86)\expressfiles\expressdl.exe |
"{0955D180-2C77-44C7-8B39-F3F07FA9BA8D}" = protocol=6 | dir=in | app=c:\program files (x86)\capcom\street fighter x tekken\sftk.exe |
"{0CE0880E-595C-45C9-B6E1-D50D20DC65BF}" = protocol=17 | dir=in | app=c:\windows\syswow64\pnkbstrb.exe |
"{0F30871F-C01A-4F5B-8057-30375CF63FF5}" = protocol=17 | dir=in | app=c:\program files (x86)\activision\call of duty 4 - modern warfare\iw3mp.exe |
"{14C3046A-D3E3-43EA-9E22-39D972A6C7A3}" = protocol=58 | dir=in | name=@hnetcfg.dll,-148 |
"{1C0A8BCB-B5D2-4C42-B404-321C61CD9DB7}" = protocol=17 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{20B7E9C2-5135-4496-B670-4FFABCDA2EE3}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{2AF22AA8-0DF9-44D8-BDBD-FFD9FC8B592F}" = protocol=58 | dir=out | name=@firewallapi.dll,-28546 |
"{2B7200A2-ABA5-4843-8A9B-A0DDEBE65CDE}" = dir=out | app=c:\program files (x86)\protected search\protectedsearch.exe |
"{2D1C42B9-1D9D-4451-81CF-BA2BCD6DE13A}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{340FAACE-CD50-43AB-8CBF-B6773CA8D49D}" = protocol=17 | dir=in | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{390D6DEF-3BB7-4DDF-B521-E70C754D26EF}" = protocol=6 | dir=in | app=c:\program files (x86)\counter-strike global offensive\steam\steamapps\common\counter-strike global offensive\csgo.exe |
"{3E250836-0044-4A0A-97F0-97ED25FD82C2}" = protocol=6 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
"{40515041-5039-4FCD-97D2-3FB79CFB2A56}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe |
"{4219CD3A-7250-4800-8147-42C606874487}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
"{434E2BA6-B8D2-4D3A-8417-97DE63A9F633}" = protocol=17 | dir=in | app=d:\nba 2k14\nba2k14.exe |
"{4421EBC3-C682-42F5-9EBC-8328535C45A7}" = protocol=17 | dir=in | app=c:\program files (x86)\expressfiles\expressdl.exe |
"{466C0F37-67FA-4F4A-8526-AEA74AA059D3}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe |
"{4B105738-FC05-47E6-A29A-389DDEC920E9}" = protocol=6 | dir=in | app=c:\program files (x86)\frostwire 5\frostwire.exe |
"{4C6D2048-DA24-4F26-8ED6-31976EB6678D}" = protocol=6 | dir=in | app=c:\program files (x86)\counter-strike global offensive\steam\steam.exe |
"{4CEAB97D-A040-4A2C-9B00-CA4606B81076}" = protocol=58 | dir=in | name=@firewallapi.dll,-28545 |
"{4E3B1C24-C7DD-4821-964B-36FE59F54AC8}" = protocol=17 | dir=in | app=c:\windows\syswow64\pnkbstra.exe |
"{5A31DE05-7432-4EB6-A939-9CD969E6AF6F}" = protocol=17 | dir=in | app=c:\program files (x86)\counter-strike global offensive\steam\steamapps\common\counter-strike global offensive\csgo.exe |
"{5F58D0ED-5A13-43A4-BA02-6649A1A636A8}" = protocol=6 | dir=in | app=c:\program files (x86)\counter-strike global offensive\steam\steamapps\common\dota 2 beta\dota.exe |
"{62E479EF-F370-4DC3-877B-FE9F88948924}" = dir=in | app=c:\program files (x86)\garena plus\room\garena_room.exe |
"{64DA3537-C46E-46A2-9B66-883E53DBB7A8}" = protocol=1 | dir=out | name=@firewallapi.dll,-28544 |
"{6A89B8A5-B308-4928-8C26-7B564608A753}" = protocol=6 | dir=in | app=c:\program files (x86)\activision\call of duty 4 - modern warfare\iw3mp.exe |
"{837C27F8-D4FE-40CE-AF82-87D54888FE5E}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{94D2EB8A-A6C5-40D7-9F0D-B250F1373E60}" = dir=in | app=c:\program files (x86)\protected search\protectedsearch.exe |
"{951250B4-2074-4D0B-82CF-3F451F3A06A9}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
"{A344D376-766A-42F2-BFB9-EB8F3509F0FD}" = protocol=6 | dir=out | app=system |
"{A7E5B8D7-EF68-4E91-936F-7C0D240B9799}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
"{A7FAFD10-759F-45DF-AED1-AEBB3C38D5D7}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{AB596D30-DCDB-42CE-A629-E9F9E845BC5B}" = protocol=17 | dir=in | app=c:\program files (x86)\counter-strike global offensive\steam\steam.exe |
"{AC4285D0-99D5-41E6-99C7-3D70421809F3}" = protocol=17 | dir=in | app=c:\program files (x86)\counter-strike global offensive\steam\steamapps\common\dota 2 beta\dota.exe |
"{AFE2CCF2-6DF3-40BC-85D2-2893620B26F5}" = protocol=17 | dir=in | app=c:\program files (x86)\2k sports\nba 2k13\nba2k13.exe |
"{B0540A3C-1BAD-4884-BE6B-D92829A9C687}" = protocol=17 | dir=in | app=c:\program files (x86)\capcom\street fighter x tekken\sftk.exe |
"{B0E9A3F5-81F8-4C8F-A776-8F1D17600D16}" = protocol=6 | dir=in | app=c:\program files (x86)\veoh networks\veohwebplayer\veohwebplayer.exe |
"{B3599A3C-6FE6-4B54-86A7-0C4FA7767836}" = protocol=6 | dir=in | app=c:\program files (x86)\expressfiles\expressfiles.exe |
"{B52CFD68-6696-43F5-8B54-CFB9840023F5}" = protocol=17 | dir=in | app=c:\program files (x86)\frostwire 5\frostwire.exe |
"{B8B0C5A8-6B55-499B-A71A-745EC25F4ED6}" = protocol=6 | dir=in | app=d:\nba 2k14\nba2k14.exe |
"{BA03BE7A-A20A-4C6B-8F74-5E33A995EEA4}" = protocol=17 | dir=in | app=c:\program files (x86)\veoh networks\veohwebplayer\veohwebplayer.exe |
"{BA1B18CF-B14A-49C0-91F2-C64705EBFCB8}" = protocol=6 | dir=in | app=d:\games\need for speed the run\need for speed the run.exe |
"{BC904F61-DA36-4D1C-B147-6957D05FB0C0}" = protocol=6 | dir=in | app=c:\windows\syswow64\pnkbstra.exe |
"{C2B0EBF6-06EA-4782-806C-36DAEFFB49DC}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
"{D0765FBC-4E15-463C-A148-01D6D3350A92}" = protocol=17 | dir=in | app=d:\games\need for speed the run\need for speed the run.exe |
"{D3D88855-CF38-4E1D-97DA-65BC7F71BB07}" = dir=out | svc=sharedaccess | app=%systemroot%\system32\svchost.exe |
"{D616B68E-F149-4BDD-99A9-EEC8FE7CB1C9}" = dir=in | app=c:\users\windows7\appdata\local\facebook\video\skype\facebookvideocalling.exe |
"{E3A97E82-200D-4FA2-9BB7-791FDDC39250}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe |
"{F0376660-A506-4817-8CB5-E09B0DCA3F56}" = protocol=17 | dir=in | app=c:\program files (x86)\expressfiles\expressfiles.exe |
"{F5C8B62C-4168-4CEB-B8BE-0CAAFB731630}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
"{F66A9907-375D-476A-BE37-9BD9B9EDABB2}" = dir=in | app=c:\program files\hp\hp deskjet 2050 j510 series\bin\usbsetup.exe |
"{F6C0AAAB-93F7-4D21-B865-BA64DAF4093D}" = protocol=6 | dir=in | app=c:\windows\syswow64\pnkbstrb.exe |
"{F76FC232-5E24-47A4-8FDC-2979D91EB64F}" = protocol=6 | dir=in | app=c:\program files (x86)\2k sports\nba 2k13\nba2k13.exe |
"{FF245E8A-0AFC-4A5A-AC49-609027DFFC8C}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"TCP Query User{20688799-9247-471C-A6D1-BA28CA033D24}C:\users\windows7\appdata\local\facebook\video\skype\facebookvideocalling.exe" = protocol=6 | dir=in | app=c:\users\windows7\appdata\local\facebook\video\skype\facebookvideocalling.exe |
"TCP Query User{2A5479B5-8528-437E-9024-6E623F185E04}C:\program files (x86)\utorrent\utorrent.exe" = protocol=6 | dir=in | app=c:\program files (x86)\utorrent\utorrent.exe |
"TCP Query User{379A6BE4-1CEF-4544-9FA1-7548342343CC}D:\game installers\need for speed the run\need for speed the run.exe" = protocol=6 | dir=in | app=d:\game installers\need for speed the run\need for speed the run.exe |
"TCP Query User{41CE62FA-6D7A-4592-9B3C-CB143B166DAA}C:\program files (x86)\garena plus\room\garena_room.exe" = protocol=6 | dir=in | app=c:\program files (x86)\garena plus\room\garena_room.exe |
"TCP Query User{42FEB36D-E894-4182-B387-C88F60940D76}C:\program files (x86)\call of duty black ops 2\t6sp.exe" = protocol=6 | dir=in | app=c:\program files (x86)\call of duty black ops 2\t6sp.exe |
"TCP Query User{455D1384-D0D3-408E-A640-9077B18E44B2}D:\dota 2\dota 2\dota.exe" = protocol=6 | dir=in | app=d:\dota 2\dota 2\dota.exe |
"TCP Query User{4B951682-804A-44F1-9D08-EBDEA190A2FC}C:\program files (x86)\counter-strike global offensive\steam\steamapps\common\dota 2 beta\dota.exe" = protocol=6 | dir=in | app=c:\program files (x86)\counter-strike global offensive\steam\steamapps\common\dota 2 beta\dota.exe |
"TCP Query User{4D9C6654-BE2F-43EF-AC3A-CE034858B1FF}D:\call of duty black ops 2\t6mp.exe" = protocol=6 | dir=in | app=d:\call of duty black ops 2\t6mp.exe |
"TCP Query User{529DDCD3-6880-4E69-8C84-6BD7D26F3411}C:\program files (x86)\yahoo!\messenger\yahoomessenger.exe" = protocol=6 | dir=in | app=c:\program files (x86)\yahoo!\messenger\yahoomessenger.exe |
"TCP Query User{561A80FC-0397-4C9F-B21C-60CE3A64258D}C:\program files (x86)\skype\phone\skype.exe" = protocol=6 | dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"TCP Query User{76150623-8FE3-4272-8A56-4803B8011E9A}C:\program files (x86)\counter-strike 1.6\hl.exe" = protocol=6 | dir=in | app=c:\program files (x86)\counter-strike 1.6\hl.exe |
"TCP Query User{7F05315B-C2D5-483E-AE04-4EEAB7E4D175}D:\game installers\need for speed the run\need for speed the run.exe" = protocol=6 | dir=in | app=d:\game installers\need for speed the run\need for speed the run.exe |
"TCP Query User{821595F2-BEEE-4A4F-8566-C60325E4E30F}C:\program files (x86)\call of duty black ops 2\t6zm.exe" = protocol=6 | dir=in | app=c:\program files (x86)\call of duty black ops 2\t6zm.exe |
"TCP Query User{87DE3535-4B0D-4B1E-A5AF-D2EB6209E5C0}D:\call of duty black ops 2\call of duty black ops 2\t6sp.exe" = protocol=6 | dir=in | app=d:\call of duty black ops 2\call of duty black ops 2\t6sp.exe |
"TCP Query User{8AB79625-984D-43D0-826B-6711725B4E07}C:\program files (x86)\oovoo\oovoo.exe" = protocol=6 | dir=in | app=c:\program files (x86)\oovoo\oovoo.exe |
"TCP Query User{8B4A0714-9B86-4006-B79A-5D16AF878992}D:\call of duty zombies\call of duty - black ops\blackops.exe" = protocol=6 | dir=in | app=d:\call of duty zombies\call of duty - black ops\blackops.exe |
"TCP Query User{B10AAEC6-9481-4C0C-9E72-F008707E0E12}C:\program files (x86)\dmc devil may cry\binaries\win32\dmc-devilmaycry.exe" = protocol=6 | dir=in | app=c:\program files (x86)\dmc devil may cry\binaries\win32\dmc-devilmaycry.exe |
"TCP Query User{B35520F2-0F07-4302-B708-DBCDB3004B99}D:\call of duty black ops 2\t6zm.exe" = protocol=6 | dir=in | app=d:\call of duty black ops 2\t6zm.exe |
"TCP Query User{B84A1851-709D-4A9C-8CF2-8EB2FCE88E10}C:\program files (x86)\atari\tdu2\uplauncher.exe" = protocol=6 | dir=in | app=c:\program files (x86)\atari\tdu2\uplauncher.exe |
"TCP Query User{B8C770F2-399C-4EA5-8831-4DF6F6DD8F4E}C:\program files (x86)\microsoft office\office12\groove.exe" = protocol=6 | dir=in | app=c:\program files (x86)\microsoft office\office12\groove.exe |
"TCP Query User{BCB8E053-0F8A-4C89-BA75-A64D6CC0C758}C:\program files (x86)\warcraft iii\war3.exe" = protocol=6 | dir=in | app=c:\program files (x86)\warcraft iii\war3.exe |
"TCP Query User{C72D934D-8649-49C6-9EB5-BE9FA41773D7}C:\program files (x86)\yahoo!\messenger\yahoomessenger.exe" = protocol=6 | dir=in | app=c:\program files (x86)\yahoo!\messenger\yahoomessenger.exe |
"TCP Query User{D35E4EC7-9404-4DCA-94DD-FC411189E1F5}D:\counter-strike 1.6\hlds.exe" = protocol=6 | dir=in | app=d:\counter-strike 1.6\hlds.exe |
"TCP Query User{D8AA148B-9965-4E64-8D9D-1BC9CCB4F623}C:\program files (x86)\r.g. mechanics\far cry 3\bin\farcry3.exe" = protocol=6 | dir=in | app=c:\program files (x86)\r.g. mechanics\far cry 3\bin\farcry3.exe |
"TCP Query User{DC9EEBEC-A8A7-4514-8513-F773B8830E35}D:\call of duty black ops 2\t6sp.exe" = protocol=6 | dir=in | app=d:\call of duty black ops 2\t6sp.exe |
"TCP Query User{E0149C08-0849-463F-9669-2315DAFEAB17}D:\dota 2\dota 2\dota.exe" = protocol=6 | dir=in | app=d:\dota 2\dota 2\dota.exe |
"TCP Query User{E45A71DA-B8BF-4149-83E5-D907765EEDA2}C:\program files (x86)\counter-strike 1.6\hl.exe" = protocol=6 | dir=in | app=c:\program files (x86)\counter-strike 1.6\hl.exe |
"TCP Query User{E4EA70DB-BC37-40A7-9031-F2789194BE0D}C:\program files (x86)\call of duty black ops 2\t6mp.exe" = protocol=6 | dir=in | app=c:\program files (x86)\call of duty black ops 2\t6mp.exe |
"TCP Query User{F1263416-6EBF-491A-B267-94B3AF0A5BDB}C:\program files (x86)\atari\tdu2\_uplauncher.exe" = protocol=6 | dir=in | app=c:\program files (x86)\atari\tdu2\_uplauncher.exe |
"TCP Query User{F318CC15-A8CE-4DA7-A5DA-DB612549F2DD}C:\program files (x86)\2k sports\nba 2k12\nba2k12.exe" = protocol=6 | dir=in | app=c:\program files (x86)\2k sports\nba 2k12\nba2k12.exe |
"TCP Query User{FB956413-53EE-4196-B696-F250F16A314D}C:\users\windows7\appdata\local\facebook\video\skype\facebookvideocalling.exe" = protocol=6 | dir=in | app=c:\users\windows7\appdata\local\facebook\video\skype\facebookvideocalling.exe |
"UDP Query User{004B66D9-3CE1-447A-B28C-752B9C702F72}C:\program files (x86)\atari\tdu2\_uplauncher.exe" = protocol=17 | dir=in | app=c:\program files (x86)\atari\tdu2\_uplauncher.exe |
"UDP Query User{0DCEAE14-55E6-439E-AA78-0D8049B2DBF3}C:\program files (x86)\counter-strike global offensive\steam\steamapps\common\dota 2 beta\dota.exe" = protocol=17 | dir=in | app=c:\program files (x86)\counter-strike global offensive\steam\steamapps\common\dota 2 beta\dota.exe |
"UDP Query User{0F70DDE2-CBCA-4EDB-89DD-3920E8654B35}D:\game installers\need for speed the run\need for speed the run.exe" = protocol=17 | dir=in | app=d:\game installers\need for speed the run\need for speed the run.exe |
"UDP Query User{147C5006-6054-48E5-8F24-6E2EAE5F0839}C:\program files (x86)\yahoo!\messenger\yahoomessenger.exe" = protocol=17 | dir=in | app=c:\program files (x86)\yahoo!\messenger\yahoomessenger.exe |
"UDP Query User{2FA306A8-464E-41A0-ABA9-DADBD6EEBA9A}C:\program files (x86)\warcraft iii\war3.exe" = protocol=17 | dir=in | app=c:\program files (x86)\warcraft iii\war3.exe |
"UDP Query User{369D518F-B73F-4499-9BD6-0DDB6C740BB4}C:\program files (x86)\counter-strike 1.6\hl.exe" = protocol=17 | dir=in | app=c:\program files (x86)\counter-strike 1.6\hl.exe |
"UDP Query User{377C3416-3C1B-4576-8F3E-A9729CA69CF6}D:\game installers\need for speed the run\need for speed the run.exe" = protocol=17 | dir=in | app=d:\game installers\need for speed the run\need for speed the run.exe |
"UDP Query User{527D1EC1-5970-414C-889A-8B372C405435}D:\call of duty black ops 2\t6mp.exe" = protocol=17 | dir=in | app=d:\call of duty black ops 2\t6mp.exe |
"UDP Query User{57AC594C-FD30-4277-93D4-0E74E871B3FF}D:\call of duty black ops 2\t6sp.exe" = protocol=17 | dir=in | app=d:\call of duty black ops 2\t6sp.exe |
"UDP Query User{58E58E95-A775-43D2-9B52-0E029C29E36D}C:\program files (x86)\counter-strike 1.6\hl.exe" = protocol=17 | dir=in | app=c:\program files (x86)\counter-strike 1.6\hl.exe |
"UDP Query User{69B7E3BD-79C8-4DFA-A41E-B8DB6E88B448}C:\program files (x86)\skype\phone\skype.exe" = protocol=17 | dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"UDP Query User{725A7C3D-A70A-49A4-85EE-1E0D2D54F183}C:\users\windows7\appdata\local\facebook\video\skype\facebookvideocalling.exe" = protocol=17 | dir=in | app=c:\users\windows7\appdata\local\facebook\video\skype\facebookvideocalling.exe |
"UDP Query User{72C30B24-EE1B-491F-A68D-3774D1C7CBE4}C:\program files (x86)\oovoo\oovoo.exe" = protocol=17 | dir=in | app=c:\program files (x86)\oovoo\oovoo.exe |
"UDP Query User{73D9A168-447E-4AB1-82D8-6463B3E11085}C:\program files (x86)\call of duty black ops 2\t6zm.exe" = protocol=17 | dir=in | app=c:\program files (x86)\call of duty black ops 2\t6zm.exe |
"UDP Query User{7F857114-B5AC-4FB7-8638-C5D758A17838}C:\program files (x86)\utorrent\utorrent.exe" = protocol=17 | dir=in | app=c:\program files (x86)\utorrent\utorrent.exe |
"UDP Query User{8C04C1AE-5AD0-4DB5-B8B6-90CBE0DA28D9}C:\program files (x86)\dmc devil may cry\binaries\win32\dmc-devilmaycry.exe" = protocol=17 | dir=in | app=c:\program files (x86)\dmc devil may cry\binaries\win32\dmc-devilmaycry.exe |
"UDP Query User{8F3B1250-E192-4DB0-9878-25A9AE161738}C:\program files (x86)\2k sports\nba 2k12\nba2k12.exe" = protocol=17 | dir=in | app=c:\program files (x86)\2k sports\nba 2k12\nba2k12.exe |
"UDP Query User{925A85D9-8206-45A6-B5FA-81D63CB60D61}D:\call of duty zombies\call of duty - black ops\blackops.exe" = protocol=17 | dir=in | app=d:\call of duty zombies\call of duty - black ops\blackops.exe |
"UDP Query User{9C1D1095-EFB1-43E8-BB27-9916A172231A}D:\counter-strike 1.6\hlds.exe" = protocol=17 | dir=in | app=d:\counter-strike 1.6\hlds.exe |
"UDP Query User{AA9E3F6A-6AFE-420C-AEBD-EFE3FB1B4C49}C:\program files (x86)\yahoo!\messenger\yahoomessenger.exe" = protocol=17 | dir=in | app=c:\program files (x86)\yahoo!\messenger\yahoomessenger.exe |
"UDP Query User{B04A49D9-9C92-4EEF-9F89-36657C933744}C:\program files (x86)\garena plus\room\garena_room.exe" = protocol=17 | dir=in | app=c:\program files (x86)\garena plus\room\garena_room.exe |
"UDP Query User{B695887A-C644-4906-AA02-535C440DEE1E}C:\users\windows7\appdata\local\facebook\video\skype\facebookvideocalling.exe" = protocol=17 | dir=in | app=c:\users\windows7\appdata\local\facebook\video\skype\facebookvideocalling.exe |
"UDP Query User{C05B79C4-9BB8-4C8A-A693-6952799AE54C}D:\dota 2\dota 2\dota.exe" = protocol=17 | dir=in | app=d:\dota 2\dota 2\dota.exe |
"UDP Query User{C1434255-E5FD-45F5-85A5-98B58EA9E9DC}D:\call of duty black ops 2\t6zm.exe" = protocol=17 | dir=in | app=d:\call of duty black ops 2\t6zm.exe |
"UDP Query User{C93D1B06-378D-4E5C-B988-A7936660663D}C:\program files (x86)\microsoft office\office12\groove.exe" = protocol=17 | dir=in | app=c:\program files (x86)\microsoft office\office12\groove.exe |
"UDP Query User{E1B1DF4D-BF77-41CF-B97C-3745747DAE36}D:\call of duty black ops 2\call of duty black ops 2\t6sp.exe" = protocol=17 | dir=in | app=d:\call of duty black ops 2\call of duty black ops 2\t6sp.exe |
"UDP Query User{E46F8524-E8D5-4F63-B3C1-894E7F761739}C:\program files (x86)\call of duty black ops 2\t6sp.exe" = protocol=17 | dir=in | app=c:\program files (x86)\call of duty black ops 2\t6sp.exe |
"UDP Query User{EBB5C0D2-39D3-4C81-A163-7C12DB4B346D}C:\program files (x86)\atari\tdu2\uplauncher.exe" = protocol=17 | dir=in | app=c:\program files (x86)\atari\tdu2\uplauncher.exe |
"UDP Query User{F10D0C2F-6C82-4783-BC0A-C45AFA7DD961}C:\program files (x86)\call of duty black ops 2\t6mp.exe" = protocol=17 | dir=in | app=c:\program files (x86)\call of duty black ops 2\t6mp.exe |
"UDP Query User{F53528BB-11C0-4183-B58F-F658E78A7775}D:\dota 2\dota 2\dota.exe" = protocol=17 | dir=in | app=d:\dota 2\dota 2\dota.exe |
"UDP Query User{FD3004CB-699D-43E3-B9A7-2AD47B420A5F}C:\program files (x86)\r.g. mechanics\far cry 3\bin\farcry3.exe" = protocol=17 | dir=in | app=c:\program files (x86)\r.g. mechanics\far cry 3\bin\farcry3.exe |

========== HKEY_LOCAL_MACHINE Uninstall List ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{0213A0FE-2725-4A04-9A37-79502F64D7A9}" = HP Deskjet 2050 J510 series Product Improvement Study
"{0E38EC8F-49B8-4C70-8DBF-E5837FCFB3C4}" = Windows Live Family Safety
"{11A02AEB-002F-43B2-AFD7-0D1DB406696B}_is1" = Dota 2 version 518
"{13F4A7F3-EABC-4261-AF6B-1317777F0755}" = Fast Boot
"{180C8888-50F1-426B-A9DC-AB83A1989C65}" = Windows Live Language Selector
"{1ACC8FFB-9D84-4C05-A4DE-D28A9BC91698}" = Windows Live ID Sign-in Assistant
"{1FB31F44-D4D0-4D76-944A-A1A5D79FD321}" = Windows Live Family Safety
"{206BD2C5-DE08-4577-A0D7-D441A79D5A3A}" = Windows Live Remote Client Resources
"{230D1595-57DA-4933-8C4E-375797EBB7E1}" = Bluetooth Win7 Suite (64)
"{350FD0E7-175A-4F86-84EF-05B77FCD7161}" = Windows Live Remote Service Resources
"{39F4C6F9-618A-4E5B-8FB2-6BD661174E32}" = Intel(R) Turbo Boost Technology Monitor
"{3CE222BA-66A6-4D18-BEE9-5D21C5798C3E}" = Windows Live Family Safety
"{3E776E7A-F4C3-4A89-8EAD-535E722C8397}" = Windows Live Family Safety
"{5E2CD4FB-4538-4831-8176-05D653C3E6D4}" = Windows Live Remote Service Resources
"{5FCD6EFE-C2E7-4D77-8212-4BA223D8DF8E}" = Windows Live Remote Client Resources
"{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161
"{656DEEDE-F6AC-47CA-A568-A1B4E34B5760}" = Windows Live Remote Service Resources
"{6C9D3F1D-DBBE-46F9-96A0-726CC72935AF}" = Windows Live Remote Service Resources
"{6DDCFF78-6F91-438C-9567-C5CAA9D7F56C}" = Windows Live Family Safety
"{73B1AC18-614F-42CD-A798-4BA214586406}" = HP Deskjet 2050 J510 series Basic Device Software
"{749BE6FF-815E-4F36-901B-7AC301B50330}" = Windows Live Family Safety
"{825C7D3F-D0B3-49D5-A42B-CBB0FBE85E99}" = Windows Live Remote Client Resources
"{847B0532-55E3-4AAF-8D7B-E3A1A7CD17E5}" = Windows Live Remote Client Resources
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8E34682C-8118-31F1-BC4C-98CD9675E1C2}" = Microsoft .NET Framework 4 Extended
"{8EB588BD-D398-40D0-ADF7-BE1CEEF7C116}" = Windows Live Remote Client Resources
"{90120000-002A-0000-1000-0000000FF1CE}" = Microsoft Office Office 64-bit Components 2007
"{90120000-002A-0409-1000-0000000FF1CE}" = Microsoft Office Shared 64-bit MUI (English) 2007
"{90120000-0116-0409-1000-0000000FF1CE}" = Microsoft Office Shared 64-bit Setup Metadata MUI (English) 2007
"{95120000-00B9-0409-1000-0000000FF1CE}" = Microsoft Application Error Reporting
"{9B6239BF-4E85-4590-8D72-51E30DB1A9AA}" = ASUS Power4Gear Hybrid
"{A508D5A2-3AC1-4594-A718-A663D6D3CF11}" = Windows Live Remote Service Resources
"{A679FBE4-BA2D-4514-8834-030982C8B31A}" = Windows Live Remote Service Resources
"{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}" = Microsoft Visual C++ 2005 Redistributable (x64)
"{AE91E0F3-C49A-4EF4-8B98-A07BD409EB90}" = Windows Live Remote Service Resources
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision" = NVIDIA 3D Vision Driver 331.82
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.ControlPanel" = NVIDIA Control Panel 331.82
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver" = NVIDIA Graphics Driver 331.82
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience" = NVIDIA GeForce Experience 1.8
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX" = NVIDIA PhysX System Software 9.13.0725
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update" = NVIDIA Update 10.10.5
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_GFExperience.LEDVisualizer" = NVIDIA LED Visualizer 1.0
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_GFExperience.NvStreamC" = GeForce Experience NvStream Client Components
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_GFExperience.NvStreamSrv" = SHIELD Streaming
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver" = NVIDIA HD Audio Driver 1.3.26.4
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_installer" = NVIDIA Install Application
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Network.Service" = NVIDIA Network Service
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_ShadowPlay" = NVIDIA ShadowPlay 10.10.5
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Update.Core" = NVIDIA Update Core
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_VirtualAudio.Driver" = NVIDIA Virtual Audio 1.2.12
"{B750FA38-7AB0-42CB-ACBB-E7DBE9FF603F}" = Windows Live Remote Client Resources
"{C5DCCFC6-4E8E-4CFA-80D7-C55472EEE92F}" = Windows Live Family Safety
"{CEA21F20-DBF4-464C-8B81-28B8508AFDDD}" = Windows Live Family Safety
"{CFF3C688-2198-4BC3-A399-598226949C39}" = Windows Live Remote Client Resources
"{D0795B21-0CDA-4a92-AB9E-6E92D8111E44}" = SAMSUNG USB Driver for Mobile Phones
"{D1C1556C-7FF3-48A3-A5D6-7126F0FAFB66}" = Windows Live Remote Client Resources
"{DA54F80E-261C-41A2-A855-549A144F2F59}" = Windows Live MIME IFilter
"{DF6D988A-EEA0-4277-AAB8-158E086E439B}" = Windows Live Remote Client
"{E01819BD-709F-43A1-9600-6F5E4C584C37}" = Windows Live Family Safety
"{E02A6548-6FDE-40E2-8ED9-119D7D7E641F}" = Windows Live Remote Service
"{E102B843-786A-4F58-AF75-6504570E207B}" = Microsoft Security Client
"{E14F2446-921F-4509-A7E2-DA3D3AAC06B0}" = BrowseToSave
"{EFB20CF5-1A6D-41F3-8895-223346CE6291}" = Windows Live Remote Service Resources
"{F316C025-DAAF-43BB-8486-1E9953BFD82D}" = Windows Live Family Safety
"{F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}" = Microsoft .NET Framework 4 Client Profile
"{FAA3933C-6F0D-4350-B66B-9D7F7031343E}" = Windows Live Remote Service Resources
"{FAD0EC0B-753B-4A97-AD34-32AC1EC8DB69}" = Windows Live Remote Client Resources
"CCleaner" = CCleaner
"Elantech" = ETDWare PS/2-X64 8.0.5.3_WHQL
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"Microsoft .NET Framework 4 Extended" = Microsoft .NET Framework 4 Extended
"Microsoft Security Client" = Microsoft Security Essentials

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{000F2A10-9CDF-47BF-9CF2-9AC87567B433}" = Windows Live Photo Common
"{03241D8D-2217-42F7-9FCB-6A68D141C14D}" = Windows Live 软件包
"{048298C9-A4D3-490B-9FF9-AB023A9238F3}" = Steam
"{05E379CC-F626-4E7D-8354-463865B303BF}" = Windows Live UX Platform Language Pack
"{0969AF05-4FF6-4C00-9406-43599238DE0D}" = ASUS Splendid Video Enhancement Technology
"{09BCB9CE-964B-4BDA-AE46-B5A0ABEF1D3F}" = Sonic Focus
"{0A4C4B29-5A9D-4910-A13C-B920D5758744}" = بريد Windows Live
"{0B0F231F-CE6A-483D-AA23-77B364F75917}" = Windows Live Installer
"{0ccc18be-fc22-4419-be84-b55ea87e67bf}_is1" = Media converter
"{0D261C88-454B-46FE-B43B-640E621BDA11}" = Windows Live Mail
"{0EDC9BA0-016E-406a-86DA-04FC1BE00C21}" = Need for Speed™ The Run
"{1203DC60-D9BD-44F9-B372-2B8F227E6094}" = Windows Live Temel Parçalar
"{128133D3-037A-4C62-B1B7-55666A10587A}" = Windows Live UX Platform Language Pack
"{19BA08F7-C728-469C-8A35-BFBD3633BE08}" = Windows Live Movie Maker
"{1A82AE99-84D3-486D-BAD6-675982603E14}" = Windows Live Writer
"{1AA94747-3BF6-4237-9E1A-7B3067738FE1}" = Max Payne 3
"{1DBD1F12-ED93-49C0-A7CC-56CBDE488158}" = ASUS LifeFrame3
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{1F6AB0E7-8CDD-4B93-8A23-AA9EB2FEFCE4}" = Junk Mail filter update
"{1FBF6C24-C1FD-4101-A42B-0C564F9E8E79}" = CyberLink Media Suite
"{200FEC62-3C34-4D60-9CE8-EC372E01C08F}" = Windows Live SOXE Definitions
"{20FDF948-C8ED-4543-A539-F7F4AEF5AFA2}" = Wireless Console 3
"{249EE21B-8EDD-4F36-8A23-E580E9DBE80A}" = Windows Live Mail
"{26A24AE4-039D-4CA4-87B4-2F83217025FF}" = Java 7 Update 45
"{28006915-2739-4EBE-B5E8-49B25D32EB33}" = Atheros Client Installation Program
"{28C2DED6-325B-4CC7-983A-1777C8F7FBAB}" = RealUpgrade 1.1
"{29373E24-AC72-424E-8F2A-FB0F9436F21F}" = Windows Live Photo Common
"{2A3FC24C-6EC0-4519-A52B-FDA4EA9B2D24}" = Windows Live Messenger
"{2C865FB0-051E-4D22-AC62-428E035AEAF0}" = Windows Live Mesh
"{2D49C296-BCCA-4800-BAF6-A0269EBDCF74}" = Windows Live Messenger
"{3125D9DE-8D7A-4987-95F3-8A42389833D8}" = Windows Live Writer Resources
"{3147d692-3d9d-4f1a-8f44-d6d68554d532}_is1" = NetScout Toolbar 2.0
"{317D56AC-0DB3-48F5-929A-42032DAC9AD7}" = Windows Live Writer
"{3336F667-9049-4D46-98B6-4C743EEBC5B1}" = Windows Live Photo Gallery
"{34319F1F-7CF2-4CC9-B357-1AE7D2FF3AC5}" = Windows Live
"{34F4D9A4-42C2-4348-BEF4-E553C84549E7}" = Windows Live Photo Gallery
"{368BEC2C-B7A2-4762-9213-2D8465D533CA}" = Windows Live UX Platform Language Pack
"{3B72C1E0-26A1-40F6-8516-D50C651DFB3C}" = Windows Live Essentials
"{3B9A92DA-6374-4872-B646-253F18624D5F}" = Windows Live Writer
"{3CC29C1A-B5FE-457B-8F22-32A2557A92C7}}_is1" = Windows Movie Maker 6.1
"{40BF1E83-20EB-11D8-97C5-0009C5020658}" = CyberLink Power2Go
"{43430FA5-61A7-465F-82FB-BC1000028201}" = Street Fighter X Tekken
"{43430FA5-61A7-465F-82FB-BC1000028202}" = Street Fighter X Tekken
"{43430FA5-AF68-4A2D-A7D4-891000008200}" = Street Fighter X Tekken
"{43B43577-2514-4CE0-B14A-7E85C17C0453}" = Windows Live Essentials
"{443B561F-DE1B-4DEF-ADD9-484B684653C7}" = Windows Live Messenger
"{4664ED39-C80A-48F7-93CD-EBDCAFAB6CC5}" = Windows Live Writer Resources
"{47D6F3E4-D158-4E47-84C4-0D6452DB2488}_is1" = Call of Duty Black Ops 2
"{4820778D-AB0D-6D18-C316-52A6A0E1D507}" = YoutubeAdblocker
"{488F0347-C4A7-4374-91A7-30818BEDA710}" = Galerie de photos Windows Live
"{48C0DC5E-820A-44F2-890E-29B68EDD3C78}" = Windows Live Writer
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{4CB0307C-565E-4441-86BE-0DF2E4FB828C}" = Microsoft Games for Windows Marketplace
"{4D83F339-5A5C-4B21-8FD3-5D407B981E72}" = Windows Live Photo Common
"{4E76FF7E-AEBA-4C87-B788-CD47E5425B9D}" = Skype™ 6.11
"{4FE0545A-1BF3-4B9B-A044-6E1EE719E197}" = NBA 2K14
"{4FFBB818-B13C-11E0-931D-B2664824019B}_is1" = Complitly
"{523DF2BB-3A85-4047-9898-29DC8AEB7E69}" = Windows Live UX Platform Language Pack
"{542DA303-FB91-4731-9F37-6E518368D3B9}" = Windows Live Messenger
"{579684A4-DDD5-4CA3-9EA8-7BE7D9593DB4}" = Windows Live UX Platform Language Pack
"{588CE0C0-860B-49A8-AFCF-3C69465B345F}" = Windows Live Mesh
"{5D273F60-0525-48BA-A5FB-D0CAA4A952AE}" = Windows Live Movie Maker
"{5DA7D148-D2D2-4C67-8444-2F0F9BD88A06}" = Windows Live Writer
"{5F189DF5-2D05-472B-9091-84D9848AE48B}{e81a9dc1}" = GS-Supporter 1.80
"{62687B11-58B5-4A18-9BC3-9DF4CE03F194}" = Windows Live Writer Resources
"{62BBB2F0-E220-4821-A564-730807D2C34D}" = Realtek USB 2.0 Reader Driver
"{63CF7D0C-B6E7-4EE9-8253-816B613CC437}" = Windows Live Mail
"{640798A0-A4FB-4C52-AC72-755134767F1E}" = Windows Live Movie Maker
"{644063FA-ABA3-42AC-A8AC-3EDC0706018B}" = Windows Live Mesh
"{64452561-169F-4A36-A2FF-B5E118EC65F5}" = ASUS SmartLogon
"{6807427D-8D68-4D30-AF5B-0B38F8F948C8}" = Windows Live Writer Resources
"{682B3E4F-696A-42DE-A41C-4C07EA1678B4}" = Windows Live SOXE
"{6C772996-BFF3-3C8C-860B-B3D48FF05D65}" = Microsoft Visual C++ 2012 x86 Additional Runtime - 11.0.51106
"{6CB36609-E3A6-446C-A3C1-C71E311D2B9C}" = Windows Live Movie Maker
"{6DEC8BD5-7574-47FA-B080-492BBBE2FEA3}" = Windows Live Movie Maker
"{6F1C00D2-25C2-4CBA-8126-AE9A6E2E9CD5}" = HP Update
"{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable
"{7115EEBC-DA7B-434C-B81C-EA5B26EA9A94}" = Windows Live Writer Resources
"{71A81378-79D5-40CC-9BDC-380642D1A87F}" = Windows Live Writer
"{71C95134-F6A9-45E7-B7B3-07CA6012BF2A}" = Windows Live Mesh
"{7327080F-6673-421F-BBD9-B618F357EEB3}" = Windows Live UX Platform Language Pack
"{753F0A72-59C3-41CE-A36A-F2DF2079275C}" = Windows Live Mail
"{758C8301-2696-4855-AF45-534B1200980A}" = Samsung Kies
"{77477AEA-5757-47D8-8B33-939F43D82218}" = Windows Live UX Platform Language Pack
"{7770E71B-2D43-4800-9CB3-5B6CAAEBEBEA}" = RealNetworks - Microsoft Visual C++ 2008 Runtime
"{78DAE910-CA72-450E-AD22-772CB1A00678}" = Windows Live Mesh
"{78DBE8CE-61F6-4D6C-806C-A0FFF65F5E1D}" = Windows Live Messenger
"{7A3DF2E2-CF13-44FB-A93E-F71D5381DB3F}" = HP Deskjet 2050 J510 series Help
"{7B5AA67E-FEA0-40BB-BAB5-CA56645A589C}" = NVIDIA PhysX
"{7B982EBD-D017-4527-BF1A-FC489EC6B100}" = Windows Live 照片库
"{7C2A3479-A5A0-412B-B0E6-6D64CBB9B251}" = Windows Live Photo Common
"{7D1C7B9F-2744-4388-B128-5C75B8BCCC84}" = Windows Live Essentials
"{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-117080787}" = Plants vs Zombies
"{83C292B7-38A5-440B-A731-07070E81A64F}" = Windows Live PIMT Platform
"{841F1FB4-FDF8-461C-A496-3E1CFD84C0B5}" = Windows Live Mesh
"{84A411F9-40A5-4CDA-BF46-E09FBB2BC313}" = Windows Live Essentials
"{85373DA7-834E-4850-8AF5-1D99F7526857}" = Windows Live Photo Common
"{861B1145-7762-4794-B40C-3FF0A389DFE6}" = Windows Live Photo Gallery
"{8833FFB6-5B0C-4764-81AA-06DFEED9A476}" = Realtek Ethernet Controller Driver
"{8C6D6116-B724-4810-8F2D-D047E6B7D68E}" = Mesh Runtime
"{8DD46C6A-0056-4FEC-B70A-28BB16A1F11F}" = MSVCRT
"{8DF41A9F-FE13-43E8-A003-5F9B55A011EE}" = Facebook Video Calling 2.0.0.447
"{8e70e4e1-06d7-470b-9f74-a51bef21088e}" = Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.51106
"{8ED3A392-28F1-4375-97AC-BF275B5855F9}" = OpenMG Secure Module 5.0.00
"{8F21291E-0444-4B1D-B9F9-4370A73E346D}" = WinFlash
"{8FF3891F-01B5-4A71-BFCD-20761890471C}" = Windows Live Messenger
"{90120000-0015-0409-0000-0000000FF1CE}" = Microsoft Office Access MUI (English) 2007
"{90120000-0015-0409-0000-0000000FF1CE}_ENTERPRISE_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0016-0409-0000-0000000FF1CE}" = Microsoft Office Excel MUI (English) 2007
"{90120000-0016-0409-0000-0000000FF1CE}_ENTERPRISE_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0018-0409-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (English) 2007
"{90120000-0018-0409-0000-0000000FF1CE}_ENTERPRISE_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0019-0409-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (English) 2007
"{90120000-0019-0409-0000-0000000FF1CE}_ENTERPRISE_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-001A-0409-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (English) 2007
"{90120000-001A-0409-0000-0000000FF1CE}_ENTERPRISE_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-001B-0409-0000-0000000FF1CE}" = Microsoft Office Word MUI (English) 2007
"{90120000-001B-0409-0000-0000000FF1CE}_ENTERPRISE_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007
"{90120000-001F-0409-0000-0000000FF1CE}_ENTERPRISE_{1FF96026-A04A-4C3E-B50A-BB7022654D0F}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2007
"{90120000-001F-040C-0000-0000000FF1CE}_ENTERPRISE_{71F055E8-E2C6-4214-BB3D-BFE03561B89E}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-001F-0C0A-0000-0000000FF1CE}" = Microsoft Office Proof (Spanish) 2007
"{90120000-001F-0C0A-0000-0000000FF1CE}_ENTERPRISE_{2314F9A1-126F-45CC-8A5E-DFAF866F3FBC}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-002A-0000-1000-0000000FF1CE}_ENTERPRISE_{664655D8-B9BB-455D-8A58-7EAF7B0B2862}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-002A-0409-1000-0000000FF1CE}_ENTERPRISE_{98333358-268C-4164-B6D4-C96DF5153727}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-002C-0409-0000-0000000FF1CE}" = Microsoft Office Proofing (English) 2007
"{90120000-0030-0000-0000-0000000FF1CE}" = Microsoft Office Enterprise 2007
"{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0044-0409-0000-0000000FF1CE}" = Microsoft Office InfoPath MUI (English) 2007
"{90120000-0044-0409-0000-0000000FF1CE}_ENTERPRISE_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-006E-0409-0000-0000000FF1CE}" = Microsoft Office Shared MUI (English) 2007
"{90120000-006E-0409-0000-0000000FF1CE}_ENTERPRISE_{98333358-268C-4164-B6D4-C96DF5153727}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-00A1-0409-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (English) 2007
"{90120000-00A1-0409-0000-0000000FF1CE}_ENTERPRISE_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-00BA-0409-0000-0000000FF1CE}" = Microsoft Office Groove MUI (English) 2007
"{90120000-00BA-0409-0000-0000000FF1CE}_ENTERPRISE_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0114-0409-0000-0000000FF1CE}" = Microsoft Office Groove Setup Metadata MUI (English) 2007
"{90120000-0114-0409-0000-0000000FF1CE}_ENTERPRISE_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0115-0409-0000-0000000FF1CE}" = Microsoft Office Shared Setup Metadata MUI (English) 2007
"{90120000-0115-0409-0000-0000000FF1CE}_ENTERPRISE_{98333358-268C-4164-B6D4-C96DF5153727}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0116-0409-1000-0000000FF1CE}_ENTERPRISE_{98333358-268C-4164-B6D4-C96DF5153727}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0117-0409-0000-0000000FF1CE}" = Microsoft Office Access Setup Metadata MUI (English) 2007
"{90120000-0117-0409-0000-0000000FF1CE}_ENTERPRISE_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90140000-2005-0000-0000-0000000FF1CE}" = Microsoft Office File Validation Add-In
"{903EDF14-4E28-4463-AA5E-4AEE71C0263B}" = Windows Live Movie Maker
"{92EA4134-10D1-418A-91E1-5A0453131A38}" = Windows Live Movie Maker
"{95140000-0070-0000-0000-0000000FF1CE}" = Microsoft Office 2010
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
"{9D56775A-93F3-44A3-8092-840E3826DE30}" = Windows Live Mail
"{9DA3F03B-2CEE-4344-838E-117861E61FAF}" = Windows Live Mail
"{9FAE6E8D-E686-49F5-A574-0A58DFD9580C}" = Windows Live Mail
"{A0B91308-6666-4249-8FF6-1E11AFD75FE1}" = Windows Live Mail
"{A0C91188-C88F-4E86-93E6-CD7C9A266649}" = Windows Live Mesh
"{A0EB195B-5876-48E6-879D-33D4B2102610}" = SonicStage 4.3
"{A199DB88-E22D-4CE7-90AC-B8BE396D7BF4}" = Windows Live Movie Maker
"{A41A708E-3BE6-4561-855D-44027C1CF0F8}" = Windows Live Photo Common
"{A726AE06-AAA3-43D1-87E3-70F510314F04}" = Windows Live Writer
"{a72ce741-1f32-4d79-bffb-a714375c678d}_is1" = Bigasoft Total Video Converter 3.7.42.4878
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{A9BDCA6B-3653-467B-AC83-94367DA3BFE3}" = Windows Live Photo Common
"{AAAFC670-569B-4A2F-82B4-42945E0DE3EF}" = Windows Live Writer
"{AAB93551-3FFE-42B2-8315-96252BBC1033}" = Nero 7 Essentials
"{AAECF7BA-E83B-4A10-87EA-DE0B333F8734}" = RealNetworks - Microsoft Visual C++ 2010 Runtime
"{AAF454FC-82CA-4F29-AB31-6A109485E76E}" = Windows Live Writer
"{AB0B2113-5B96-4B95-8AD1-44613384911F}" = Windows Live Mesh
"{AB5C933E-5C7D-4D30-B314-9C83A49B94BE}" = ATK Package
"{AB61A2E9-37D3-485D-9085-19FBDF8CEF4A}" = Windows Live Messenger
"{AC76BA86-7AD7-1033-7B44-A70800000002}" = Adobe Reader 7.0.8
"{AF01B90A-D25C-4F60-AECD-6EEDF509DC11}" = Windows Live Mesh
"{B33B61FE-701F-425F-98AB-2B85725CBF68}" = Windows Live Photo Common
"{B3BE54A4-8DFE-4593-8E66-56AB7133B812}" = Windows Live Writer
"{B480904D-F73F-4673-B034-8A5F492C9184}" = Nuance PDF Reader
"{B6CF2967-C81E-40C0-9815-C05774FEF120}" = Skype Click to Call
"{BAEE89D5-6E87-4F89-9603-A1C100479181}" = Windows Live Messenger
"{BD695C2F-3EA0-4DA4-92D5-154072468721}" = Windows Live Fotoğraf Galerisi
"{C3F3165C-74D3-6FDB-3274-14FDA8698CFA}" =
"{C59C179C-668D-49A9-B6EA-0121CCFC1243}" = CyberLink LabelPrint
"{C66824E4-CBB3-4851-BB3F-E8CFD6350923}" = Windows Live Mail
"{C893D8C0-1BA0-4517-B11C-E89B65E72F70}" = Windows Live Photo Common
"{C8E8D2E3-EF6A-4B1D-A09E-7B27EBE2F3CE}" = RealDownloader
"{C944B4C5-1C4D-4D95-8AC0-7CEF13914131}" = ASUS FancyStart
"{C9E1343D-E21E-4508-A1BE-04A089EC137D}" = Windows Live Messenger
"{CD95F661-A5C4-44F5-A6AA-ECDD91C240BE}" = WinZip 15.0
"{CE95A79E-E4FC-4FFF-8A75-29F04B942FF2}" = Windows Live UX Platform
"{D0B44725-3666-492D-BEF6-587A14BD9BD9}" = MSVCRT_amd64
"{D299197D-CDEA-41A6-A363-F532DE4114FD}" = Windows Live UX Platform Language Pack
"{D39F0676-163E-4595-A917-E28F99BBD4D2}" = ASUS AI Recovery
"{D436F577-1695-4D2F-8B44-AC76C99E0002}" = Windows Live Photo Common
"{D45240D3-B6B3-4FF9-B243-54ECE3E10066}" = Windows Live Communications Platform
"{D6CBB3B2-F510-483D-AE0D-1CF3F43CF1EE}" = Windows Live Writer Resources
"{D96B6543-A0C0-4351-AF96-73DEF1DD6820}" = NBA 2K13
"{DDC1E1BD-7615-4186-89E1-F5F43F9B6491}" = Windows Live Movie Maker
"{DDC8BDEE-DCAC-404D-8257-3E8D4B782467}" = Windows Live Writer Resources
"{DECDCB7C-58CC-4865-91AF-627F9798FE48}" = Windows Live Mesh
"{DF71ABBB-B834-41C0-BB58-80B0545D754C}" = Windows Live UX Platform Language Pack
"{E09C4DB7-630C-4F06-A631-8EA7239923AF}" = D3DX10
"{E4FB0B39-C991-4EE7-95DD-1A1A7857D33D}" = Asmedia ASM104x USB 3.0 Host Controller Driver
"{E5B21F11-6933-4E0B-A25C-7963E3C07D11}" = Windows Live Messenger
"{E62E0550-C098-43A2-B54B-03FB1E634483}" = Windows Live Writer
"{E727A662-AF9F-4DEE-81C5-F4A1686F3DFC}" = Windows Live Writer Resources
"{E824E81C-80A4-3DFF-B5F9-4842A9FF5F7F}" = Microsoft Visual C++ 2012 x86 Minimum Runtime - 11.0.51106
"{E85A4EFC-82F2-4CEE-8A8E-62FDAD353A66}" = Galería fotográfica de Windows Live
"{EC8BD21F-0CA0-4BBF-97D9-4A52B30041A1}" = ASUS Virtual Camera
"{EEF99142-3357-402C-B298-DEC303E12D92}" = Windows Live 影像中心
"{EF7EAB13-46FC-49DD-8E3C-AAF8A286C5BB}" = Windows Live 程式集
"{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}" = Microsoft SQL Server 2005 Compact Edition [ENU]
"{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}" = Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{F2508213-9989-4E85-A078-72BE483917EF}" = Microsoft Games for Windows - LIVE Redistributable
"{F52C5BE7-3F57-464E-8A54-908402E43CE8}" = Windows Live Writer Resources
"{F7A46527-DF1F-4B0F-9637-98547E189442}" = Windows Live Galeria de Fotos
"{FA540E67-095C-4A1B-97BA-4D547DEC9AF4}" = ASUS Live Update
"{FBCA06D2-4642-4F33-B20A-A7AB3F0D2E69}" = معرض صور Windows Live
"{FE044230-9CA5-43F7-9B58-5AC5A28A1F33}" = Windows Live Essentials
"{FF105207-8423-4E13-B0B1-50753170B245}" = Windows Live Movie Maker
"1ClickDownload" = FTDownloader
"Adobe Flash Player ActiveX" = Adobe Flash Player 11 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 10 Plugin
"Assassins Creed IV Black Flag_is1" = Assassins Creed IV Black Flag version 1.0.0.0
"ASUS K3 Series ScreenSaver" = ASUS K3 Series ScreenSaver
"Asus Vibe2.0" = AsusVibe2.0
"ASUS WebStorage" = ASUS WebStorage
"Browser Mouse Browser Mouse" = Browser Mouse
"Counter-Strike 1.6" = Counter-Strike 1.6
"DefaultTab" = DefaultTab
"delta" = Delta toolbar
"Delta Chrome Toolbar" = Delta Chrome Toolbar
"DmC Devil May Cry_is1" = DmC Devil May Cry
"ENTERPRISE" = Microsoft Office Enterprise 2007
"Far Cry 3_R.G. Mechanics_is1" = Far Cry 3
"Game Park Console" = Game Park Console
"GOM Player" = GOM Player
"Google Chrome" = Google Chrome
"HP Photo Creations" = HP Photo Creations
"HyperCam 3" = HyperCam 3
"im" = Garena Plus
"InstallShield_{1FBF6C24-C1FD-4101-A42B-0C564F9E8E79}" = CyberLink Media Suite
"InstallShield_{40BF1E83-20EB-11D8-97C5-0009C5020658}" = CyberLink Power2Go
"InstallShield_{758C8301-2696-4855-AF45-534B1200980A}" = Samsung Kies
"InstallShield_{8ED3A392-28F1-4375-97AC-BF275B5855F9}" = OpenMG Secure Module 5.0.00
"InstallShield_{C59C179C-668D-49A9-B6EA-0121CCFC1243}" = CyberLink LabelPrint
"Mozilla Firefox 22.0 (x86 en-US)" = Mozilla Firefox 22.0 (x86 en-US)
"MozillaMaintenanceService" = Mozilla Maintenance Service
"NVIDIAStereo" = NVIDIA Stereoscopic 3D Driver
"Protected Search_is1" = Protected Search 1.1
"Q2FsbG9mRHV0eUdob3N0cw==_is1" = Call of Duty Ghosts
"RealPlayer 16.0" = RealPlayer
"Rockstar Games Social Club" = Rockstar Games Social Club
"S-960308484" = GS-Enabler
"sl-dlc" = SelectionLinks
"SP_f2a323db" =
"Steam App 570" = Dota 2
"Surf Canyon" = Fast Search
"The Sea App" = The Sea App (Internet Explorer)
"Tweaking.com - Registry Backup" = Tweaking.com - Registry Backup
"VLC media player" = VLC media player 2.0.1
"Warcraft III" = Warcraft III
"WinLiveSuite" = Windows Live 程式集
"WinRAR archiver" = WinRAR archiver
"xuggle-xuggler" = xuggle-xuggler
"Yahoo! Companion" = Yahoo! Toolbar
"Yahoo! Messenger" = Yahoo! Messenger
"Yahoo! Software Update" = Yahoo! Software Update

========== HKEY_USERS Uninstall List ==========

[HKEY_USERS\S-1-5-21-3787286749-1919752083-775963528-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"MyFreeCodec" = MyFreeCodec
"Warcraft III" = Warcraft III: All Products

========== Last 20 Event Log Errors ==========

[ Application Events ]
Error - 12/8/2013 1:09:11 PM | Computer Name = WinDows7-PC | Source = Application Error | ID = 1000
Description = Faulting application name: ComUpdatus.exe, version: 9.3.21.0, time
stamp: 0x527c907c Faulting module name: nvspcap.dll_unloaded, version: 0.0.0.0,
time stamp: 0x527d4cf0 Exception code: 0xc0000005 Fault offset: 0x100bb250 Faulting
process id: 0xfe8 Faulting application start time: 0x01cef4382c14befc Faulting application
path: C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\ComUpdatus.exe
Faulting
module path: nvspcap.dll Report Id: 74415774-602b-11e3-bba6-0008ca67be93

Error - 12/8/2013 5:36:33 PM | Computer Name = WinDows7-PC | Source = C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe | ID = 131073
Description =

Error - 12/8/2013 5:37:25 PM | Computer Name = WinDows7-PC | Source = Application Error | ID = 1000
Description = Faulting application name: DefaultTabSearch.exe, version: 0.0.0.0,
time stamp: 0x5252e730 Faulting module name: DefaultTabSearch.exe, version: 0.0.0.0,
time stamp: 0x5252e730 Exception code: 0xc0000005 Fault offset: 0x00002c60 Faulting
process id: 0x794 Faulting application start time: 0x01cef45dabfc5795 Faulting application
path: C:\Program Files (x86)\DefaultTab\DefaultTabSearch.exe Faulting module path:
C:\Program Files (x86)\DefaultTab\DefaultTabSearch.exe Report Id: ed3fa5f0-6050-11e3-a483-0008ca67be93

Error - 12/8/2013 5:45:37 PM | Computer Name = WinDows7-PC | Source = Application Error | ID = 1000
Description = Faulting application name: nvtray.exe, version: 7.17.13.3182, time
stamp: 0x5280e916 Faulting module name: ntdll.dll, version: 6.1.7601.18247, time
stamp: 0x521eaf24 Exception code: 0xc0000005 Fault offset: 0x000000000004e4e4 Faulting
process id: 0x1498 Faulting application start time: 0x01cef45dc6327cc2 Faulting application
path: C:\Program Files\NVIDIA Corporation\Display\nvtray.exe Faulting module path:
C:\Windows\SYSTEM32\ntdll.dll Report Id: 12a1be85-6052-11e3-a483-0008ca67be93

Error - 12/12/2013 12:36:55 PM | Computer Name = WinDows7-PC | Source = NvStreamSvc | ID = 131073
Description =

Error - 12/12/2013 12:36:55 PM | Computer Name = WinDows7-PC | Source = NvStreamSvc | ID = 131073
Description =

Error - 12/12/2013 12:37:00 PM | Computer Name = WinDows7-PC | Source = Application Error | ID = 1000
Description = Faulting application name: DefaultTabSearch.exe, version: 0.0.0.0,
time stamp: 0x5252e730 Faulting module name: DefaultTabSearch.exe, version: 0.0.0.0,
time stamp: 0x5252e730 Exception code: 0xc0000005 Fault offset: 0x00002c60 Faulting
process id: 0x56c Faulting application start time: 0x01cef7585750bc2d Faulting application
path: C:\Program Files (x86)\DefaultTab\DefaultTabSearch.exe Faulting module path:
C:\Program Files (x86)\DefaultTab\DefaultTabSearch.exe Report Id: 9f32edfa-634b-11e3-903b-0008ca67be93

Error - 12/12/2013 8:18:58 PM | Computer Name = WinDows7-PC | Source = C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe | ID = 131073
Description =

Error - 12/12/2013 8:21:22 PM | Computer Name = WinDows7-PC | Source = Application Error | ID = 1000
Description = Faulting application name: DefaultTabSearch.exe, version: 0.0.0.0,
time stamp: 0x5252e730 Faulting module name: DefaultTabSearch.exe, version: 0.0.0.0,
time stamp: 0x5252e730 Exception code: 0xc0000005 Fault offset: 0x00002c60 Faulting
process id: 0x5b4 Faulting application start time: 0x01cef7993cc01c22 Faulting application
path: C:\Program Files (x86)\DefaultTab\DefaultTabSearch.exe Faulting module path:
C:\Program Files (x86)\DefaultTab\DefaultTabSearch.exe Report Id: 7dfc560c-638c-11e3-a7f6-0008ca67be93

Error - 12/14/2013 5:51:08 AM | Computer Name = WinDows7-PC | Source = Application Error | ID = 1000
Description = Faulting application name: DefaultTabSearch.exe, version: 0.0.0.0,
time stamp: 0x5252e730 Faulting module name: DefaultTabSearch.exe, version: 0.0.0.0,
time stamp: 0x5252e730 Exception code: 0xc0000005 Fault offset: 0x00002c60 Faulting
process id: 0x78c Faulting application start time: 0x01cef8b1fd46b4a7 Faulting application
path: C:\Program Files (x86)\DefaultTab\DefaultTabSearch.exe Faulting module path:
C:\Program Files (x86)\DefaultTab\DefaultTabSearch.exe Report Id: 412c5c25-64a5-11e3-9029-0008ca67be93

[ System Events ]
Error - 1/12/2014 4:36:42 PM | Computer Name = WinDows7-PC | Source = Service Control Manager | ID = 7000
Description = The BlueStacks Log Rotator Service service failed to start due to
the following error: %%2

Error - 1/12/2014 4:36:42 PM | Computer Name = WinDows7-PC | Source = Service Control Manager | ID = 7001
Description = The BlueStacks Android Service service depends on the BlueStacks Hypervisor
service which failed to start because of the following error: %%3

Error - 1/12/2014 4:36:49 PM | Computer Name = WinDows7-PC | Source = Service Control Manager | ID = 7034
Description = The DefaultTabSearch service terminated unexpectedly. It has done
this 1 time(s).

Error - 1/12/2014 4:45:26 PM | Computer Name = WinDows7-PC | Source = ipnathlp | ID = 31004
Description =

Error - 1/12/2014 4:45:26 PM | Computer Name = WinDows7-PC | Source = ipnathlp | ID = 31004
Description =

Error - 1/14/2014 4:57:10 AM | Computer Name = WinDows7-PC | Source = Service Control Manager | ID = 7000
Description = The BlueStacks Hypervisor service failed to start due to the following
error: %%3

Error - 1/14/2014 4:57:10 AM | Computer Name = WinDows7-PC | Source = Service Control Manager | ID = 7000
Description = The BlueStacks Log Rotator Service service failed to start due to
the following error: %%2

Error - 1/14/2014 4:57:17 AM | Computer Name = WinDows7-PC | Source = Service Control Manager | ID = 7001
Description = The BlueStacks Android Service service depends on the BlueStacks Hypervisor
service which failed to start because of the following error: %%3

Error - 1/14/2014 4:14:56 PM | Computer Name = WinDows7-PC | Source = ipnathlp | ID = 31004
Description =

Error - 1/14/2014 4:17:00 PM | Computer Name = WinDows7-PC | Source = Service Control Manager | ID = 7034
Description = The DefaultTabSearch service terminated unexpectedly. It has done
this 1 time(s).


< End of report >
ahlchie
Regular Member
 
Posts: 29
Joined: January 10th, 2014, 4:26 pm

Re: My folders in hard disk are appearing as shortcuts

Unread postby ahlchie » January 14th, 2014, 4:47 pm

Systemlook.txt

SystemLook 04.09.10 by jpshortstuff
Log created at 23:41 on 14/01/2014 by WinDows7
Administrator - Elevation successful

========== filefind ==========

Searching for "*Fun4IM*"
No files found.

Searching for "*Bandoo*"
No files found.

Searching for "*Searchnu*"
No files found.

Searching for "*Searchqu*"
No files found.

Searching for "*iLivid*"
No files found.

Searching for "*whitesmoke*"
No files found.

Searching for "*datamngr*"
No files found.

Searching for "*trolltech*"
No files found.

Searching for "*babylon*"
C:\Users\WinDows7\AppData\Roaming\Mozilla\Firefox\Profiles\c7vtafrv.default\searchplugins\babylon.xml --a---- 6505 bytes [20:26 03/07/2013] [20:26 03/07/2013] ADE4F0F2D715022FF4C63E0582C88DB2

Searching for "*conduit*"
C:\Users\WinDows7\AppData\LocalLow\Conduit\Community Alerts\Feeds\http___alerts_conduit-services_com_root_1647765_1640548_SA.xml --a---- 185 bytes [11:23 12/12/2012] [09:38 21/01/2013] 65ACD3580D7730C94AC5E65701A88560
C:\Users\WinDows7\AppData\LocalLow\Conduit\Community Alerts\Feeds\http___alerts_conduit-services_com_root_19609_19222_SA.xml --a---- 170 bytes [06:21 09/01/2013] [07:10 14/02/2013] 74FF2D6B41908C3C907D75126507DE3E
C:\Users\WinDows7\AppData\Roaming\Mozilla\Firefox\extensions\{7473b6bd-4691-4744-a82b-7854eb3d70b6}\chrome\CT3220468\content\ConduitAbstractionLayer.js --a---- 31789 bytes [08:21 12/12/2012] [19:15 19/11/2012] A4B7E14D9CFBB4B05B5EF1621DF42D76
C:\Users\WinDows7\AppData\Roaming\Mozilla\Firefox\extensions\{7473b6bd-4691-4744-a82b-7854eb3d70b6}\chrome\CT3220468\content\tb\al\aboutBox\images\conduit-logo-OLD.png --a---- 1305 bytes [08:21 12/12/2012] [19:15 19/11/2012] 5F8EF9A0B050532B90B2645E9627E3F9
C:\Users\WinDows7\AppData\Roaming\Mozilla\Firefox\extensions\{7473b6bd-4691-4744-a82b-7854eb3d70b6}\chrome\CT3220468\content\tb\al\aboutBox\images\conduit-logo.png --a---- 3926 bytes [08:21 12/12/2012] [19:15 19/11/2012] 04EC2FEFD3A417F86E983508778A00DD
C:\Users\WinDows7\AppData\Roaming\Mozilla\Firefox\extensions\{7473b6bd-4691-4744-a82b-7854eb3d70b6}\lib\log4conduit.jsm --a---- 760 bytes [08:21 12/12/2012] [19:15 19/11/2012] 93898FE6A232C5FCD838D8168F65D802

========== folderfind ==========

Searching for "*Fun4IM*"
No folders found.

Searching for "*Bandoo*"
No folders found.

Searching for "*Searchnu*"
No folders found.

Searching for "*Searchqu*"
No folders found.

Searching for "*iLivid*"
No folders found.

Searching for "*whitesmoke*"
No folders found.

Searching for "*datamngr*"
No folders found.

Searching for "*trolltech*"
No folders found.

Searching for "*babylon*"
C:\Program Files (x86)\Mozilla Firefox\extensions\ffxtlbr@babylon.com d------ [20:28 03/07/2013]
C:\ProgramData\Babylon d------ [16:35 03/04/2013]
C:\Users\All Users\Babylon d------ [16:35 03/04/2013]
C:\Users\WinDows7\AppData\Roaming\Babylon d------ [16:35 03/04/2013]

Searching for "*conduit*"
C:\Program Files (x86)\Conduit d------ [08:21 12/12/2012]
C:\Users\WinDows7\AppData\Local\Conduit d------ [08:21 12/12/2012]
C:\Users\WinDows7\AppData\LocalLow\Conduit d------ [08:21 12/12/2012]

========== Regfind ==========

Searching for "Fun4IM"
No data found.

Searching for "Bandoo"
No data found.

Searching for "Searchnu"
No data found.

Searching for "Searchqu"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{AB310581-AC80-11D1-8DF3-00C04FB6EF63}]
@="ISearchQueryHelper"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\NeroSearch.NeroSearchQuerySourceSettings]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\NeroSearch.NeroSearchQuerySourceSettings]
@="NeroSearchQuerySourceSettings Class"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\NeroSearch.NeroSearchQuerySourceSettings\CurVer]
@="NeroSearch.NeroSearchQuerySourceSettings.1"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\NeroSearch.NeroSearchQuerySourceSettings.1]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\NeroSearch.NeroSearchQuerySourceSettings.1]
@="NeroSearchQuerySourceSettings Class"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\NMSearch.NMSearchQueryConfigManager]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\NMSearch.NMSearchQueryConfigManager]
@="NMSearchQueryConfigManager Class"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\NMSearch.NMSearchQueryConfigManager\CurVer]
@="NMSearch.NMSearchQueryConfigManager.1"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\NMSearch.NMSearchQueryConfigManager.1]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\NMSearch.NMSearchQueryConfigManager.1]
@="NMSearchQueryConfigManager Class"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\NMSearch.NMSearchQuerySyntaxTree]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\NMSearch.NMSearchQuerySyntaxTree]
@="NMSearchQuerySyntaxTree Class"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\NMSearch.NMSearchQuerySyntaxTree\CurVer]
@="NMSearch.NMSearchQuerySyntaxTree.1"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\NMSearch.NMSearchQuerySyntaxTree.1]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\NMSearch.NMSearchQuerySyntaxTree.1]
@="NMSearchQuerySyntaxTree Class"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{8408BA8D-2245-49A0-8FEA-538669B0CFF7}]
@="NeroSearchQuerySourceSettings Class"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{8408BA8D-2245-49A0-8FEA-538669B0CFF7}\ProgID]
@="NeroSearch.NeroSearchQuerySourceSettings.1"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{8408BA8D-2245-49A0-8FEA-538669B0CFF7}\VersionIndependentProgID]
@="NeroSearch.NeroSearchQuerySourceSettings"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{8C9E6B7A-6B70-4768-9656-444DCA6890B2}]
@="NMSearchQuerySyntaxTree Class"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{8C9E6B7A-6B70-4768-9656-444DCA6890B2}\ProgID]
@="NMSearch.NMSearchQuerySyntaxTree.1"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{8C9E6B7A-6B70-4768-9656-444DCA6890B2}\VersionIndependentProgID]
@="NMSearch.NMSearchQuerySyntaxTree"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{BFF3B8F9-4CF4-4843-9DA6-097193056FB3}]
@="NMSearchQueryConfigManager Class"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{BFF3B8F9-4CF4-4843-9DA6-097193056FB3}\ProgID]
@="NMSearch.NMSearchQueryConfigManager.1"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{BFF3B8F9-4CF4-4843-9DA6-097193056FB3}\VersionIndependentProgID]
@="NMSearch.NMSearchQueryConfigManager"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{09BB29E0-C8C5-4AF3-B553-FD2158D99852}]
@="INMSearchQueryConfigHolder"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{183AA129-9D53-4735-BB1F-92BA2B66B575}]
@="INMSearchQueryCallback"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{21E4A815-2464-4CB1-BDD9-82DD0EF9D922}]
@="INeroSearchQueryTranslator2"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{227DF978-FB93-4247-BD8F-2CDB4C485EFD}]
@="INeroSearchQueryDNF"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{2D9A4D8E-AEC7-4434-BB6C-B2FB6CFEBDB8}]
@="INeroSearchQueryOperandString"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{2F2FD52C-3D82-4B96-81DB-F1D41442BB9B}]
@="INMSearchQueryHandle"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{3C453A7C-D1C6-4D48-B063-CEAFCEF7042A}]
@="INeroSearchQuerySourceSettings"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{422A9ACE-3453-44DF-BC41-71B8D89C22A3}]
@="INeroSearchQueryOperandCriterion"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{43D899E4-4085-4B50-8E5F-F9334FBA7C2A}]
@="INMSearchQueryConstSyntaxTree"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{48DEBF52-F73F-4F0F-9255-ECBC1C922D7C}]
@="INeroSearchQueryTerm"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{4B07C813-AA0B-4E71-BBB0-D343CC42DF1C}]
@="INMSearchQueryResult"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{5D75DC77-4997-4E83-9A6B-B1E4C1C0CB87}]
@="INeroSearchQueryTranslator"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{5D824B76-5027-4936-AC1A-1266E0763522}]
@="INMSearchQueryContext"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{607C2DEF-18DB-4F34-A645-2D3A5349000F}]
@="INMSearchQueryErrorEvent"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{7A1FBB2E-27A9-438B-9CED-57B03D61D9D0}]
@="INMSearchQuerySource"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{8A3637CB-97D5-4956-AF77-1356D61F7AA3}]
@="INeroSearchQueryOperandNumber"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{AB310581-AC80-11D1-8DF3-00C04FB6EF63}]
@="ISearchQueryHelper"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{B931B92F-FBF7-42DA-B690-C64A26160B77}]
@="INMSearchQueryResultEvent"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{BA41016E-B64A-47E2-B4E7-58AAE086819A}]
@="INMSearchQueryResult2"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{C84C7F87-F9FE-4024-A214-17AE8C22257C}]
@="INMSearchQueryResultEnumerator"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{D0A51603-B44E-4B2D-8DA1-D0CFD83AF832}]
@="INeroSearchQueryKeyword"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{DFA5ADF8-8326-49E3-9B04-2751097A6510}]
@="INeroSearchQueryCNF"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E0297562-6321-4938-9B2F-A3D330E44079}]
@="INeroSearchQuerySourceEnumerator"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{F1B98CD5-F00C-49E3-B355-C9571B1348C3}]
@="INMSearchQueryConfigManager"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{F45EA53D-A0AC-40ED-B446-EAE772F635B2}]
@="INMSearchQueryResultDirectoryAccessor"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{F82BA77D-ED8F-4999-A71A-0CDB7223E30B}]
@="INMSearchQueryRefinement"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{FDC8ED21-7F9F-4E80-846B-6A02DDFF4AF2}]
@="INMSearchQuerySyntaxTree"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{FECB3D13-009D-452E-B7C3-B3EFA98D1FB5}]
@="INMSearchQuerySourceDeprecated"
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Classes\CLSID\{8408BA8D-2245-49A0-8FEA-538669B0CFF7}]
@="NeroSearchQuerySourceSettings Class"
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Classes\CLSID\{8408BA8D-2245-49A0-8FEA-538669B0CFF7}\ProgID]
@="NeroSearch.NeroSearchQuerySourceSettings.1"
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Classes\CLSID\{8408BA8D-2245-49A0-8FEA-538669B0CFF7}\VersionIndependentProgID]
@="NeroSearch.NeroSearchQuerySourceSettings"
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Classes\CLSID\{8C9E6B7A-6B70-4768-9656-444DCA6890B2}]
@="NMSearchQuerySyntaxTree Class"
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Classes\CLSID\{8C9E6B7A-6B70-4768-9656-444DCA6890B2}\ProgID]
@="NMSearch.NMSearchQuerySyntaxTree.1"
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Classes\CLSID\{8C9E6B7A-6B70-4768-9656-444DCA6890B2}\VersionIndependentProgID]
@="NMSearch.NMSearchQuerySyntaxTree"
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Classes\CLSID\{BFF3B8F9-4CF4-4843-9DA6-097193056FB3}]
@="NMSearchQueryConfigManager Class"
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Classes\CLSID\{BFF3B8F9-4CF4-4843-9DA6-097193056FB3}\ProgID]
@="NMSearch.NMSearchQueryConfigManager.1"
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Classes\CLSID\{BFF3B8F9-4CF4-4843-9DA6-097193056FB3}\VersionIndependentProgID]
@="NMSearch.NMSearchQueryConfigManager"
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Classes\Interface\{09BB29E0-C8C5-4AF3-B553-FD2158D99852}]
@="INMSearchQueryConfigHolder"
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Classes\Interface\{183AA129-9D53-4735-BB1F-92BA2B66B575}]
@="INMSearchQueryCallback"
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Classes\Interface\{21E4A815-2464-4CB1-BDD9-82DD0EF9D922}]
@="INeroSearchQueryTranslator2"
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Classes\Interface\{227DF978-FB93-4247-BD8F-2CDB4C485EFD}]
@="INeroSearchQueryDNF"
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Classes\Interface\{2D9A4D8E-AEC7-4434-BB6C-B2FB6CFEBDB8}]
@="INeroSearchQueryOperandString"
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Classes\Interface\{2F2FD52C-3D82-4B96-81DB-F1D41442BB9B}]
@="INMSearchQueryHandle"
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Classes\Interface\{3C453A7C-D1C6-4D48-B063-CEAFCEF7042A}]
@="INeroSearchQuerySourceSettings"
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Classes\Interface\{422A9ACE-3453-44DF-BC41-71B8D89C22A3}]
@="INeroSearchQueryOperandCriterion"
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Classes\Interface\{43D899E4-4085-4B50-8E5F-F9334FBA7C2A}]
@="INMSearchQueryConstSyntaxTree"
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Classes\Interface\{48DEBF52-F73F-4F0F-9255-ECBC1C922D7C}]
@="INeroSearchQueryTerm"
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Classes\Interface\{4B07C813-AA0B-4E71-BBB0-D343CC42DF1C}]
@="INMSearchQueryResult"
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Classes\Interface\{5D75DC77-4997-4E83-9A6B-B1E4C1C0CB87}]
@="INeroSearchQueryTranslator"
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Classes\Interface\{5D824B76-5027-4936-AC1A-1266E0763522}]
@="INMSearchQueryContext"
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Classes\Interface\{607C2DEF-18DB-4F34-A645-2D3A5349000F}]
@="INMSearchQueryErrorEvent"
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Classes\Interface\{7A1FBB2E-27A9-438B-9CED-57B03D61D9D0}]
@="INMSearchQuerySource"
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Classes\Interface\{8A3637CB-97D5-4956-AF77-1356D61F7AA3}]
@="INeroSearchQueryOperandNumber"
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Classes\Interface\{AB310581-AC80-11D1-8DF3-00C04FB6EF63}]
@="ISearchQueryHelper"
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Classes\Interface\{B931B92F-FBF7-42DA-B690-C64A26160B77}]
@="INMSearchQueryResultEvent"
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Classes\Interface\{BA41016E-B64A-47E2-B4E7-58AAE086819A}]
@="INMSearchQueryResult2"
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Classes\Interface\{C84C7F87-F9FE-4024-A214-17AE8C22257C}]
@="INMSearchQueryResultEnumerator"
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Classes\Interface\{D0A51603-B44E-4B2D-8DA1-D0CFD83AF832}]
@="INeroSearchQueryKeyword"
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Classes\Interface\{DFA5ADF8-8326-49E3-9B04-2751097A6510}]
@="INeroSearchQueryCNF"
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Classes\Interface\{E0297562-6321-4938-9B2F-A3D330E44079}]
@="INeroSearchQuerySourceEnumerator"
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Classes\Interface\{F1B98CD5-F00C-49E3-B355-C9571B1348C3}]
@="INMSearchQueryConfigManager"
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Classes\Interface\{F45EA53D-A0AC-40ED-B446-EAE772F635B2}]
@="INMSearchQueryResultDirectoryAccessor"
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Classes\Interface\{F82BA77D-ED8F-4999-A71A-0CDB7223E30B}]
@="INMSearchQueryRefinement"
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Classes\Interface\{FDC8ED21-7F9F-4E80-846B-6A02DDFF4AF2}]
@="INMSearchQuerySyntaxTree"
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Classes\Interface\{FECB3D13-009D-452E-B7C3-B3EFA98D1FB5}]
@="INMSearchQuerySourceDeprecated"

Searching for "iLivid"
[HKEY_CURRENT_USER\Software\iLivid]
[HKEY_CURRENT_USER\Software\iLivid\iLivid]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Applications\iLividSetup.exe]
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Tracing\iLividSetup_RASAPI32]
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Tracing\iLividSetup_RASMANCS]
[HKEY_USERS\S-1-5-21-3787286749-1919752083-775963528-1000\Software\iLivid]
[HKEY_USERS\S-1-5-21-3787286749-1919752083-775963528-1000\Software\iLivid\iLivid]

Searching for "whitesmoke"
No data found.

Searching for "datamngr"
[HKEY_CURRENT_USER\Software\DataMngr]
[HKEY_CURRENT_USER\Software\DataMngr_Toolbar]
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\DataMngr]
[HKEY_USERS\S-1-5-21-3787286749-1919752083-775963528-1000\Software\DataMngr]
[HKEY_USERS\S-1-5-21-3787286749-1919752083-775963528-1000\Software\DataMngr_Toolbar]

Searching for "kelkoopartners"
No data found.

Searching for "trolltech"
[HKEY_CURRENT_USER\Software\Trolltech]
[HKEY_CURRENT_USER\Software\Trolltech\OrganizationDefaults\Qt Factory Cache 4.6\com.trolltech.Qt.QImageIOHandlerFactoryInterface:]
[HKEY_CURRENT_USER\Software\Trolltech\OrganizationDefaults\Qt Factory Cache 4.7\com.trolltech.Qt.QImageIOHandlerFactoryInterface:]
[HKEY_CURRENT_USER\Software\Trolltech\OrganizationDefaults\Qt Factory Cache 4.7\com.trolltech.Qt.QTextCodecFactoryInterface:]
[HKEY_CURRENT_USER\Software\Trolltech\OrganizationDefaults\Qt Factory Cache 4.8\com.trolltech.Qt.QImageIOHandlerFactoryInterface:]
[HKEY_CURRENT_USER\Software\Trolltech\OrganizationDefaults\Qt Factory Cache 4.8\com.trolltech.Qt.QSqlDriverFactoryInterface:]
[HKEY_USERS\S-1-5-21-3787286749-1919752083-775963528-1000\Software\Trolltech]
[HKEY_USERS\S-1-5-21-3787286749-1919752083-775963528-1000\Software\Trolltech\OrganizationDefaults\Qt Factory Cache 4.6\com.trolltech.Qt.QImageIOHandlerFactoryInterface:]
[HKEY_USERS\S-1-5-21-3787286749-1919752083-775963528-1000\Software\Trolltech\OrganizationDefaults\Qt Factory Cache 4.7\com.trolltech.Qt.QImageIOHandlerFactoryInterface:]
[HKEY_USERS\S-1-5-21-3787286749-1919752083-775963528-1000\Software\Trolltech\OrganizationDefaults\Qt Factory Cache 4.7\com.trolltech.Qt.QTextCodecFactoryInterface:]
[HKEY_USERS\S-1-5-21-3787286749-1919752083-775963528-1000\Software\Trolltech\OrganizationDefaults\Qt Factory Cache 4.8\com.trolltech.Qt.QImageIOHandlerFactoryInterface:]
[HKEY_USERS\S-1-5-21-3787286749-1919752083-775963528-1000\Software\Trolltech\OrganizationDefaults\Qt Factory Cache 4.8\com.trolltech.Qt.QSqlDriverFactoryInterface:]

Searching for "babylon"
[HKEY_CURRENT_USER\Software\5868f8db56de814\2.6.1339.144]
"SpXmlFN"="babylon.xml"
[HKEY_CURRENT_USER\Software\5868f8db56de814\2.6.1339.144]
"firefox homepages"="http://search.babylon.com/?babsrc=HP_ss_sps&mntrId=30AD00FF07DFA2EE&affID=119520&tsp=4932 http://www.delta-search.com/?babsrc=HP_ ... 0&tsp=4932"
[HKEY_CURRENT_USER\Software\5868f8db56de814\2.6.1519.190]
"SpXmlFN"="babylon.xml"
[HKEY_CURRENT_USER\Software\5868f8db56de814\2.6.1519.190]
"firefox homepages"="http://search.babylon.com/?babsrc=HP_ss_sps&mntrId=30AD00FF07DFA2EE&affID=119520&tsp=4932 http://www.delta-search.com/?babsrc=HP_ ... 0&tsp=4932"
[HKEY_CURRENT_USER\Software\5868f8db56de814\2.6.1694.246]
"SpXmlFN"="babylon.xml"
[HKEY_CURRENT_USER\Software\5868f8db56de814\2.6.1694.246]
"firefox homepages"="http://search.babylon.com/?babsrc=HP_ss_sps&mntrId=30AD00FF07DFA2EE&affID=119520&tsp=4932 http://www.delta-search.com/?babsrc=HP_ ... 0&tsp=4932"
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchScopes\{0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9}]
"DisplayName"="Babylon"
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchScopes\{0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9}]
"FaviconURL"="search.babylon.com/favicon.ico"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Extension Compatibility\{2EECD738-5844-4A99-B4B6-146BF802613B}]
"DllName"="BabylonToolbar.dll"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Extension Compatibility\{97F2FF5B-260C-4CCF-834A-2DDA4E29E39E}]
"DllName"="BabylonToolbar.dll"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Extension Compatibility\{98889811-442D-49DD-99D7-DC866BE87DBC}]
"DllName"="BabylonToolbarTlbr.dll"
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Babylon]
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Babylon\Babylon Client]
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Extension Compatibility\{2EECD738-5844-4A99-B4B6-146BF802613B}]
"DllName"="BabylonToolbar.dll"
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Extension Compatibility\{97F2FF5B-260C-4CCF-834A-2DDA4E29E39E}]
"DllName"="BabylonToolbar.dll"
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Extension Compatibility\{98889811-442D-49DD-99D7-DC866BE87DBC}]
"DllName"="BabylonToolbarTlbr.dll"
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Tracing\MyBabylonTB_RASAPI32]
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Tracing\MyBabylonTB_RASMANCS]
[HKEY_USERS\S-1-5-21-3787286749-1919752083-775963528-1000\Software\5868f8db56de814\2.6.1339.144]
"SpXmlFN"="babylon.xml"
[HKEY_USERS\S-1-5-21-3787286749-1919752083-775963528-1000\Software\5868f8db56de814\2.6.1339.144]
"firefox homepages"="http://search.babylon.com/?babsrc=HP_ss_sps&mntrId=30AD00FF07DFA2EE&affID=119520&tsp=4932 http://www.delta-search.com/?babsrc=HP_ ... 0&tsp=4932"
[HKEY_USERS\S-1-5-21-3787286749-1919752083-775963528-1000\Software\5868f8db56de814\2.6.1519.190]
"SpXmlFN"="babylon.xml"
[HKEY_USERS\S-1-5-21-3787286749-1919752083-775963528-1000\Software\5868f8db56de814\2.6.1519.190]
"firefox homepages"="http://search.babylon.com/?babsrc=HP_ss_sps&mntrId=30AD00FF07DFA2EE&affID=119520&tsp=4932 http://www.delta-search.com/?babsrc=HP_ ... 0&tsp=4932"
[HKEY_USERS\S-1-5-21-3787286749-1919752083-775963528-1000\Software\5868f8db56de814\2.6.1694.246]
"SpXmlFN"="babylon.xml"
[HKEY_USERS\S-1-5-21-3787286749-1919752083-775963528-1000\Software\5868f8db56de814\2.6.1694.246]
"firefox homepages"="http://search.babylon.com/?babsrc=HP_ss_sps&mntrId=30AD00FF07DFA2EE&affID=119520&tsp=4932 http://www.delta-search.com/?babsrc=HP_ ... 0&tsp=4932"
[HKEY_USERS\S-1-5-21-3787286749-1919752083-775963528-1000\Software\Microsoft\Internet Explorer\SearchScopes\{0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9}]
"DisplayName"="Babylon"
[HKEY_USERS\S-1-5-21-3787286749-1919752083-775963528-1000\Software\Microsoft\Internet Explorer\SearchScopes\{0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9}]
"FaviconURL"="search.babylon.com/favicon.ico"

Searching for "conduit"
[HKEY_CURRENT_USER\Software\AppDataLow\Software\Conduit]
[HKEY_CURRENT_USER\Software\AppDataLow\Software\Conduit\ChromeExtData\fhlkamjopkamckcfiolblkngeeocmloo\Repository]
"CT1605787.installId"="conduitinstaller.exe"
[HKEY_CURRENT_USER\Software\AppDataLow\Software\Conduit\ChromeExtData\fhlkamjopkamckcfiolblkngeeocmloo\Repository]
"CT1605787.installType"="ConduitNSISIntegration"
[HKEY_CURRENT_USER\Software\AppDataLow\Software\Conduit\ChromeExtData\fhlkamjopkamckcfiolblkngeeocmloo\Repository]
"gadgetsContextHash_128518754046337555___fhlkamjopkamckcfiolblkngeeocmloo"="%7B%22appId%22%3A%22128518754046337555%22%2C%22context%22%3A%22embedded%22%2C%22apiPermissions%22%3A%7B%22crossDomainAjax%22%3Atrue%2C%22getMainFrameTitle%22%3Atrue%2C%22getMainFrameUrl%22%3Atrue%2C%22getSearchTerm%22%3Atrue%2C%22instantAlert%22%3Atrue%2C%22jsInjection%22%3Atrue%2C%22sslGranted%22%3Atrue%7D%2C%22info%22%3A%7B%22platform%22%3A%7B%22browser%22%3A%22Chrome%22%2C%22browserVersion%22%3A%2223.0.1271.97%22%2C%22locale%22%3A%22en-US%22%2C%22OS%22%3A%22Windows%22%2C%22OSVersion%22%3A%226.1%22%7D%2C%22toolbar%22%3A%7B%22id%22%3A%22CT1605787%22%2C%22name%22%3A%22MobileScoop%22%2C%22downloadUrl%22%3A%22http%3A//MobileScoop.OurToolbar.com/%22%2C%22version%22%3A%2210.13.20.29%22%2C%22cID%22%3A%22fhlkamjopkamckcfiolblkngeeocmloo%22%7D%2C%22appId%22%3A%22128518754046337555%22%2C%22onBeforeLoadData%22%3A%22%7B%5C%22view%
[HKEY_CURRENT_USER\Software\AppDataLow\Software\Conduit\ChromeExtData\fhlkamjopkamckcfiolblkngeeocmloo\Repository]
"CT1605787.embeddedsData"="%5B%7B%22appId%22%3A%22128518754046337555%22%2C%22apiPermissions%22%3A%7B%22crossDomainAjax%22%3Atrue%2C%22getMainFrameTitle%22%3Atrue%2C%22getMainFrameUrl%22%3Atrue%2C%22getSearchTerm%22%3Atrue%2C%22instantAlert%22%3Atrue%2C%22jsInjection%22%3Atrue%2C%22sslGranted%22%3Atrue%7D%2C%22onBeforeLoadData%22%3A%22%7B%5C%22view%5C%22%3A%7B%5C%22html%5C%22%3A%5C%22%3Ctable%20id%3D%5C%5C%5C%22main%5C%5C%5C%22%20class%3D%5C%5C%5C%22mainwrapper%5C%5C%5C%22%20cellpadding%3D%5C%5C%5C%220%5C%5C%5C%22%20cellspacing%3D%5C%5C%5C%220%5C%5C%5C%22%3E%5C%5Cn%20%20%20%20%3Ctbody%3E%3Ctr%3E%5C%5Cn%20%20%20%20%20%20%20%20%3C%21--%20don%27t%20remove%20the%20width%3D%5C%5C%5C%22100%25%5C%5C%5C%22%20bug%20in%20chrome%20the%20width%20become%20in%20px--%3E%5C%5Cn%20%20%20%20%20%20%20%20%3Ctd%20id%3D%5C%5C%5C%22textboxWrapper%5C%5C%5C%22%20width%3D%5C%5C%5C%22100%25%5C%5C%5C%22%20style%3D%5C%5C%5C%
[HKEY_CURRENT_USER\Software\AppDataLow\Software\Conduit\ChromeExtData\fhlkamjopkamckcfiolblkngeeocmloo\Repository]
"ConduitUserID"="UN75934459897689521"
[HKEY_CURRENT_USER\Software\AppDataLow\Software\ConduitSearchScopes]
[HKEY_CURRENT_USER\Software\Conduit]
[HKEY_CURRENT_USER\Software\Conduit\ChromeExtData\fhlkamjopkamckcfiolblkngeeocmloo\Repository]
"CT1605787.installId"="conduitinstaller.exe"
[HKEY_CURRENT_USER\Software\Conduit\ChromeExtData\fhlkamjopkamckcfiolblkngeeocmloo\Repository]
"CT1605787.installType"="ConduitNSISIntegration"
[HKEY_CURRENT_USER\Software\Conduit\DistributionEngine\24\OfferHistory\436741]
"OfferUrl"="http://cms.distributionengine.conduit-services.com/DynamicOffer/358376/436741/"
[HKEY_CURRENT_USER\Software\Conduit\DistributionEngine\24\OfferHistory\565420]
"OfferUrl"="http://cms.distributionengine.conduit-services.com/DynamicOffer/358376/565420/"
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchScopes\{F45823D9-B13C-43EF-BB59-57EB9FEEF8B8}]
"URL"="http://search.conduit.com/ResultsExt.aspx?q={searchTerms}&SearchSource=4&ctid=CT1605787"
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchScopes\{F45823D9-B13C-43EF-BB59-57EB9FEEF8B8}]
"FaviconURL"="http://search.conduit.com/favicon.ico"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{3c471948-f874-49f5-b338-4f214a2ee0b1}]
@="Conduit Community Alerts"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{3c471948-f874-49f5-b338-4f214a2ee0b1}\InprocServer32]
@="C:\Program Files (x86)\Conduit\Community Alerts\Alert.dll"
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Conduit]
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Conduit\Community Alerts]
"Path"="C:\Program Files (x86)\Conduit\Community Alerts\Alert.dll"
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Conduit\HomePage]
"{fcbf663e-8530-46f8-a880-ac5abe9d2b23}"="http://search.conduit.com?SearchSource=10&ctid=CT1605787"
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Tracing\conduitinstaller_RASAPI32]
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Tracing\conduitinstaller_RASMANCS]
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Classes\CLSID\{3c471948-f874-49f5-b338-4f214a2ee0b1}]
@="Conduit Community Alerts"
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Classes\CLSID\{3c471948-f874-49f5-b338-4f214a2ee0b1}\InprocServer32]
@="C:\Program Files (x86)\Conduit\Community Alerts\Alert.dll"
[HKEY_USERS\S-1-5-21-3787286749-1919752083-775963528-1000\Software\AppDataLow\Software\Conduit]
[HKEY_USERS\S-1-5-21-3787286749-1919752083-775963528-1000\Software\AppDataLow\Software\Conduit\ChromeExtData\fhlkamjopkamckcfiolblkngeeocmloo\Repository]
"CT1605787.installId"="conduitinstaller.exe"
[HKEY_USERS\S-1-5-21-3787286749-1919752083-775963528-1000\Software\AppDataLow\Software\Conduit\ChromeExtData\fhlkamjopkamckcfiolblkngeeocmloo\Repository]
"CT1605787.installType"="ConduitNSISIntegration"
[HKEY_USERS\S-1-5-21-3787286749-1919752083-775963528-1000\Software\AppDataLow\Software\Conduit\ChromeExtData\fhlkamjopkamckcfiolblkngeeocmloo\Repository]
"gadgetsContextHash_128518754046337555___fhlkamjopkamckcfiolblkngeeocmloo"="%7B%22appId%22%3A%22128518754046337555%22%2C%22context%22%3A%22embedded%22%2C%22apiPermissions%22%3A%7B%22crossDomainAjax%22%3Atrue%2C%22getMainFrameTitle%22%3Atrue%2C%22getMainFrameUrl%22%3Atrue%2C%22getSearchTerm%22%3Atrue%2C%22instantAlert%22%3Atrue%2C%22jsInjection%22%3Atrue%2C%22sslGranted%22%3Atrue%7D%2C%22info%22%3A%7B%22platform%22%3A%7B%22browser%22%3A%22Chrome%22%2C%22browserVersion%22%3A%2223.0.1271.97%22%2C%22locale%22%3A%22en-US%22%2C%22OS%22%3A%22Windows%22%2C%22OSVersion%22%3A%226.1%22%7D%2C%22toolbar%22%3A%7B%22id%22%3A%22CT1605787%22%2C%22name%22%3A%22MobileScoop%22%2C%22downloadUrl%22%3A%22http%3A//MobileScoop.OurToolbar.com/%22%2C%22version%22%3A%2210.13.20.29%22%2C%22cID%22%3A%22fhlkamjopkamckcfiolblkngeeocmloo%22%7D%2C%22appId%22%3A%22128518754046337555%22%2C%22
[HKEY_USERS\S-1-5-21-3787286749-1919752083-775963528-1000\Software\AppDataLow\Software\Conduit\ChromeExtData\fhlkamjopkamckcfiolblkngeeocmloo\Repository]
"CT1605787.embeddedsData"="%5B%7B%22appId%22%3A%22128518754046337555%22%2C%22apiPermissions%22%3A%7B%22crossDomainAjax%22%3Atrue%2C%22getMainFrameTitle%22%3Atrue%2C%22getMainFrameUrl%22%3Atrue%2C%22getSearchTerm%22%3Atrue%2C%22instantAlert%22%3Atrue%2C%22jsInjection%22%3Atrue%2C%22sslGranted%22%3Atrue%7D%2C%22onBeforeLoadData%22%3A%22%7B%5C%22view%5C%22%3A%7B%5C%22html%5C%22%3A%5C%22%3Ctable%20id%3D%5C%5C%5C%22main%5C%5C%5C%22%20class%3D%5C%5C%5C%22mainwrapper%5C%5C%5C%22%20cellpadding%3D%5C%5C%5C%220%5C%5C%5C%22%20cellspacing%3D%5C%5C%5C%220%5C%5C%5C%22%3E%5C%5Cn%20%20%20%20%3Ctbody%3E%3Ctr%3E%5C%5Cn%20%20%20%20%20%20%20%20%3C%21--%20don%27t%20remove%20the%20width%3D%5C%5C%5C%22100%25%5C%5C%5C%22%20bug%20in%20chrome%20the%20width%20become%20in%20px--%3E%5C%5Cn%20%20%20%20%20%20%20%20%3Ctd%20id%3D%5C%5C%5C%22textboxWrapper%5C%5C%5C%22%20width%3D%5C%5C%5C%22
[HKEY_USERS\S-1-5-21-3787286749-1919752083-775963528-1000\Software\AppDataLow\Software\Conduit\ChromeExtData\fhlkamjopkamckcfiolblkngeeocmloo\Repository]
"ConduitUserID"="UN75934459897689521"
[HKEY_USERS\S-1-5-21-3787286749-1919752083-775963528-1000\Software\AppDataLow\Software\ConduitSearchScopes]
[HKEY_USERS\S-1-5-21-3787286749-1919752083-775963528-1000\Software\Conduit]
[HKEY_USERS\S-1-5-21-3787286749-1919752083-775963528-1000\Software\Conduit\ChromeExtData\fhlkamjopkamckcfiolblkngeeocmloo\Repository]
"CT1605787.installId"="conduitinstaller.exe"
[HKEY_USERS\S-1-5-21-3787286749-1919752083-775963528-1000\Software\Conduit\ChromeExtData\fhlkamjopkamckcfiolblkngeeocmloo\Repository]
"CT1605787.installType"="ConduitNSISIntegration"
[HKEY_USERS\S-1-5-21-3787286749-1919752083-775963528-1000\Software\Conduit\DistributionEngine\24\OfferHistory\436741]
"OfferUrl"="http://cms.distributionengine.conduit-services.com/DynamicOffer/358376/436741/"
[HKEY_USERS\S-1-5-21-3787286749-1919752083-775963528-1000\Software\Conduit\DistributionEngine\24\OfferHistory\565420]
"OfferUrl"="http://cms.distributionengine.conduit-services.com/DynamicOffer/358376/565420/"
[HKEY_USERS\S-1-5-21-3787286749-1919752083-775963528-1000\Software\Microsoft\Internet Explorer\SearchScopes\{F45823D9-B13C-43EF-BB59-57EB9FEEF8B8}]
"URL"="http://search.conduit.com/ResultsExt.aspx?q={searchTerms}&SearchSource=4&ctid=CT1605787"
[HKEY_USERS\S-1-5-21-3787286749-1919752083-775963528-1000\Software\Microsoft\Internet Explorer\SearchScopes\{F45823D9-B13C-43EF-BB59-57EB9FEEF8B8}]
"FaviconURL"="http://search.conduit.com/favicon.ico"

-= EOF =-
ahlchie
Regular Member
 
Posts: 29
Joined: January 10th, 2014, 4:26 pm

Re: My folders in hard disk are appearing as shortcuts

Unread postby ahlchie » January 14th, 2014, 4:52 pm

i have posted everything you want me to post sir, thank you soo much for a quick response, i hope i will be able to open my files back cause i got a lot of important files there that connected to my job..
ahlchie
Regular Member
 
Posts: 29
Joined: January 10th, 2014, 4:26 pm

Re: My folders in hard disk are appearing as shortcuts

Unread postby Gary R » January 14th, 2014, 6:42 pm

OK, seems we've got quite a lot to deal with, so lets get started.

First ...

  • Double click AdwCleaner.exe to run it.
  • Click Scan and allow the scan to finish.
  • Now click Clean to remove the items found.
  • Click OK to the prompt.
  • The tool will run & your computer will be rebooted automatically. A logfile will open after the restart.
  • Post the contents of the logfile with your next reply.
  • You can also find the logfile at C:\AdwCleaner[s1].txt.

Next ...

  • Double click OTL.exe to launch the programme.
  • Copy/Paste the contents of the code box below into the Custom Scans/Fixes box. (Don't include Code: Select all)
Code: Select all
:OTL
PRC - [2012/11/01 17:06:12 | 000,067,656 | ---- | M] (Simplygen) -- C:\Program Files (x86)\Protected Search\ProtectedSearch.exe
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://search.certified-toolbar.com?si= ... bs=true&q=
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar = http://search.certified-toolbar.com?si= ... bs=true&q=
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://search.certified-toolbar.com?si= ... bs=true&q=
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Default_Page_URL = http://search.certified-toolbar.com?si= ... ue&tid=619
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,Default_Search_URL = http://search.certified-toolbar.com?si= ... bs=true&q=
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,Search Bar = http://search.certified-toolbar.com?si= ... bs=true&q=
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,Search Page = http://search.certified-toolbar.com?si= ... bs=true&q=
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,Start Default_Page_URL = http://search.certified-toolbar.com?si= ... ue&tid=619
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,Start Page = http://search.certified-toolbar.com?si= ... ue&tid=619
IE - HKLM\..\SearchScopes\{afdbddaa-5d3f-42ee-b79c-185a7020515b}: "URL" = http://search.sweetim.com/search.asp?src=6&q= {searchTerms}&crg=3.1010000.10011&barid={55D1CD6D-4CCB-11E2-A728-5404A6A7F41F}
IE - HKU\S-1-5-21-3787286749-1919752083-775963528-1000\SOFTWARE\Microsoft\Internet Explorer\Main,bProtector Start Page = http://www.delta-search.com/?babsrc=HP_ ... 0&tsp=4932
IE - HKU\S-1-5-21-3787286749-1919752083-775963528-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://search.certified-toolbar.com?si= ... bs=true&q=
IE - HKU\S-1-5-21-3787286749-1919752083-775963528-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar = http://search.certified-toolbar.com?si= ... bs=true&q=
IE - HKU\S-1-5-21-3787286749-1919752083-775963528-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://search.certified-toolbar.com?si= ... bs=true&q=
IE - HKU\S-1-5-21-3787286749-1919752083-775963528-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Default_Page_URL = http://search.certified-toolbar.com?si= ... ue&tid=619
IE - HKU\S-1-5-21-3787286749-1919752083-775963528-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.alnaddy.com?src=default
IE - HKU\S-1-5-21-3787286749-1919752083-775963528-1000\SOFTWARE\Microsoft\Internet Explorer\Search,Default_Search_URL = http://search.certified-toolbar.com?si= ... bs=true&q=
IE - HKU\S-1-5-21-3787286749-1919752083-775963528-1000\SOFTWARE\Microsoft\Internet Explorer\Search,Search Bar = http://search.certified-toolbar.com?si= ... bs=true&q=
IE - HKU\S-1-5-21-3787286749-1919752083-775963528-1000\SOFTWARE\Microsoft\Internet Explorer\Search,Search Page = http://search.certified-toolbar.com?si= ... bs=true&q=
IE - HKU\S-1-5-21-3787286749-1919752083-775963528-1000\SOFTWARE\Microsoft\Internet Explorer\Search,Start Default_Page_URL = http://search.certified-toolbar.com?si= ... ue&tid=619
IE - HKU\S-1-5-21-3787286749-1919752083-775963528-1000\SOFTWARE\Microsoft\Internet Explorer\Search,Start Page = http://search.certified-toolbar.com?si= ... ue&tid=619
IE - HKU\S-1-5-21-3787286749-1919752083-775963528-1000\..\SearchScopes,bProtectorDefaultScope = {0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9}
IE - HKU\S-1-5-21-3787286749-1919752083-775963528-1000\..\SearchScopes,DefaultScope = {0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9}
IE - HKU\S-1-5-21-3787286749-1919752083-775963528-1000\..\SearchScopes\{0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9}: "URL" = http://www.delta-search.com/?q= {searchTerms}&babsrc=SP_ss&mntrId=30AD00FF07DFA2EE&affID=119520&tsp=4932
IE - HKU\S-1-5-21-3787286749-1919752083-775963528-1000\..\SearchScopes\{84EFC4B2-B4BE-40B9-94AD-C88ACF7945ED}: "URL" = http://www.mysearchresults.com/search?c ... =01&q= {searchTerms}
IE - HKU\S-1-5-21-3787286749-1919752083-775963528-1000\..\SearchScopes\{C964E18D-297E-499F-BA9C-16A860C119E6}: "URL" = http://blekko.com/ws/?source=5f97ddbe&t ... a67be93&q= {searchTerms}&r=538
IE - HKU\S-1-5-21-3787286749-1919752083-775963528-1000\..\SearchScopes\{F45823D9-B13C-43EF-BB59-57EB9FEEF8B8}: "URL" = http://search.conduit.com/ResultsExt.aspx?q= {searchTerms}&SearchSource=4&ctid=CT1605787
FF - prefs.js..browser.search.order.1: "Delta Search"
FF - prefs.js..browser.search.selectedEngine: "Delta Search"
FF - prefs.js..browser.startup.homepage: "http://www.delta-search.com/?babsrc=HP_ss&mntrId=30AD00FF07DFA2EE&affID=119520&tsp=4932"
FF - prefs.js..extensions.enabledAddons: ffxtlbr%40delta.com:1.5.0
[2012/12/12 11:21:08 | 000,000,000 | ---D | M] (uTorrentControl_v2) -- C:\Users\WinDows7\AppData\Roaming\mozilla\Firefox\extensions\{7473b6bd-4691-4744-a82b-7854eb3d70b6}
[2014/01/04 13:58:29 | 000,000,000 | ---D | M] (gurEaTsaVEr) -- C:\Users\WinDows7\AppData\Roaming\mozilla\Firefox\Profiles\c7vtafrv.default\Extensions\eu3yoy@yiejhmkw.net
[2013/07/03 23:28:06 | 000,000,000 | ---D | M] (Delta Toolbar) -- C:\Users\WinDows7\AppData\Roaming\mozilla\Firefox\Profiles\c7vtafrv.default\Extensions\ffxtlbr@delta.com
[2014/01/04 13:58:29 | 000,000,000 | ---D | M] (YoutubeAdblocker) -- C:\Users\WinDows7\AppData\Roaming\mozilla\Firefox\Profiles\c7vtafrv.default\Extensions\gc8i_oi@ebcaoeuqe.co.uk
[2013/01/07 03:59:11 | 000,000,000 | ---D | M] (NetScout Toolbar) -- C:\Users\WinDows7\AppData\Roaming\mozilla\Firefox\Profiles\extensions\extensions\{a85b3e8c-9d4d-47f1-a5b1-7c0e4267039d}
[2013/07/03 23:26:52 | 000,006,505 | ---- | M] () -- C:\Users\WinDows7\AppData\Roaming\mozilla\firefox\profiles\c7vtafrv.default\searchplugins\babylon.xml
[2013/07/03 23:26:52 | 000,006,505 | ---- | M] () -- C:\Users\WinDows7\AppData\Roaming\mozilla\firefox\profiles\c7vtafrv.default\searchplugins\BrowserProtect.xml
[2013/07/03 23:28:07 | 000,001,294 | ---- | M] () -- C:\Users\WinDows7\AppData\Roaming\mozilla\firefox\profiles\c7vtafrv.default\searchplugins\delta.xml
[2013/07/03 23:28:03 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\Mozilla Firefox\extensions\ffxtlbr@babylon.com
O2:64bit: - BHO: (Complitly) - {0FB6A909-6086-458F-BD92-1F8EE10042A0} - C:\Users\WinDows7\AppData\Roaming\Complitly\64\Complitly64.dll (SimplyGen)
O2:64bit: - BHO: (YoutubeAdblocker) - {CB62BC6E-237A-ED05-81F6-CF3AC9AFCD7E} - C:\Program Files (x86)\YoutubeAdblocker\rz5.x64.dll ()
O2:64bit: - BHO: (Hotspot Shield Class) - {F9E4A054-E9B1-4BC3-83A3-76A1AE736170} - C:\Program Files (x86)\Hotspot Shield\HssIE\HssIE_64.dll File not found
O2 - BHO: (Broowsee22save) - {07832DAB-19AC-D5D9-AE11-1931C86E0409} - C:\ProgramData\Broowsee22save\515972bf7bec6.dll ()
O2 - BHO: (Complitly) - {0FB6A909-6086-458F-BD92-1F8EE10042A0} - C:\Users\WinDows7\AppData\Roaming\Complitly\Complitly.dll (SimplyGen)
O2 - BHO: (Fast Search) - {5AB7104A-B71F-49AD-9154-F7F8806AE848} - C:\Program Files (x86)\Surf Canyon\surfcanyon.dll (Surf Canyon Incorporated)
O2 - BHO: (SelectionLinks) - {7825CFB6-490A-436B-9F26-4A7B5CFC01A9} - C:\Program Files (x86)\OApps\SelectionLinks.dll (SelectionLinks)
O2 - BHO: (NetScout Toolbar) - {7bb92ae5-1774-4fa5-9d16-1245f2c19011} - C:\Users\WinDows7\AppData\Roaming\NetScoutToolbar\NetScoutToolbar.dll (Simplytech Ltd.)
O2 - BHO: (DefaultTab Browser Helper) - {7F6AFBF1-E065-4627-A2FD-810366367D01} - C:\Users\WinDows7\AppData\Roaming\DefaultTab\DefaultTab\DefaultTabBHO.dll (Search Results LLC.)
O2 - BHO: (Related Searches) - {96A25A24-2E87-4374-8A50-CC6F943FCE4D} - C:\Users\WinDows7\AppData\Roaming\DefaultTab\DefaultTab\Apps\RelatedLinksBHO.dll (Search Results)
O2 - BHO: (delta Helper Object) - {C1AF5FA5-852C-4C90-812E-A7F75E011D87} - C:\Program Files (x86)\Delta\delta\1.8.21.5\bh\delta.dll (Delta-search.com)
O2 - BHO: (YoutubeAdblocker) - {CB62BC6E-237A-ED05-81F6-CF3AC9AFCD7E} - C:\Program Files (x86)\YoutubeAdblocker\rz5.dll ()
O3:64bit: - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
O3 - HKLM\..\Toolbar: (NetScout Toolbar) - {7bb92ae5-1774-4fa5-9d16-1245f2c19011} - C:\Users\WinDows7\AppData\Roaming\NetScoutToolbar\NetScoutToolbar.dll (Simplytech Ltd.)
O3 - HKLM\..\Toolbar: (Delta Toolbar) - {82E1477C-B154-48D3-9891-33D83C26BCD3} - C:\Program Files (x86)\Delta\delta\1.8.21.5\deltaTlbr.dll (Delta-search.com)
O3 - HKLM\..\Toolbar: (Related Searches) - {96A25A24-2E87-4374-8A50-CC6F943FCE4D} - C:\Users\WinDows7\AppData\Roaming\DefaultTab\DefaultTab\Apps\RelatedLinksBHO.dll (Search Results)
O4 - HKU\S-1-5-21-3787286749-1919752083-775963528-1000..\Run: [Viber] "C:\Users\WinDows7\AppData\Local\Viber\Viber.exe" StartMinimized File not found
[2013/12/31 20:17:56 | 000,000,000 | ---D | C] -- C:\Users\WinDows7\Documents\Optimizer Pro
[2013/12/31 20:11:36 | 000,000,000 | ---D | C] -- C:\ProgramData\YoutubeAdblocker
[2013/12/31 20:11:36 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\YoutubeAdblocker
[2013/12/31 20:11:19 | 000,000,000 | ---D | C] -- C:\ProgramData\gurEaTsaVEr
[2013/12/31 20:11:18 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\gurEaTsaVEr
[2013/07/03 23:28:08 | 000,000,000 | ---D | M] -- C:\Users\WinDows7\AppData\Roaming\BabSolution
[2013/04/03 19:35:34 | 000,000,000 | ---D | M] -- C:\Users\WinDows7\AppData\Roaming\Babylon
[2013/01/04 15:13:58 | 000,000,000 | ---D | M] -- C:\Users\WinDows7\AppData\Roaming\IObit

:Files
C:\Program Files (x86)\Protected Search
ipconfig /flushdns /c

:Commands
[emptytemp]
[resethosts]

  • Click the Run Fix button.
  • OTL will now process the instructions.
  • When finished a box will open asking you to open the fix log, click OK.
  • The fix log will open.
  • Copy/Paste the log in your next reply please.

Note: If necessary, OTL may re-boot your computer, or request that you do so, if it does, re-boot your computer. A log will be produced upon re-boot.

Next ...

Please run a scan with ESET Online Scanner

Note: You can use either Internet Explorer or Mozilla FireFox for this scan. You will however need to disable your current installed Anti-Virus, how to do so can be read here.
  • Please go HERE then click on Run ESET Online Scanner
Note: If using Mozilla Firefox you will need to download esetsmartinstaller_enu.exe when prompted then double click on it to install.
All of the below instructions are compatible with either Internet Explorer or Mozilla FireFox.

  • Select the option YES, I accept the Terms of Use then click on: Image
  • When prompted allow the Add-On/Active X to install.
  • Make sure that the option Remove found threats is NOT checked.
  • Now click on Advanced Settings and select the following:
    • Scan for potentially unwanted applications
    • Scan for potentially unsafe applications
    • Enable Anti-Stealth Technology
  • Now click on: Image
  • The virus signature database... will begin to download. Be patient this make take some time depending on the speed of your Internet Connection.
  • When completed click on Start to start the scan.
  • Do not touch either the Mouse or keyboard during the scan otherwise it may stall.
  • When completed you will be presented with a list of found threats ....
    • Click on the List of found threats link
    • Click on Export to text file
    • Save as ESET.txt to your Desktop
  • Exit out of ESET Online Scanner.
  • Post me the contents of ESET.txt please.

Summary of the logs I need from you in your next post:
  • AdwCleaner[s1].txt
  • OTL fix log
  • ESET.txt


Please post each log separately to prevent it being cut off by the forum post size limiter. Check each after you've posted it to make sure it's all present, if any log is cut off you'll have to post it in sections.
User avatar
Gary R
Administrator
Administrator
 
Posts: 21864
Joined: June 28th, 2005, 11:36 am
Location: Yorkshire

Re: My folders in hard disk are appearing as shortcuts

Unread postby ahlchie » January 16th, 2014, 6:12 am

good day to you Gary im sorry if i was not able to reply on this post quickly because my work is 24hrs shift and 24hrs off duty...

AdwCleaner[s0].txt

# AdwCleaner v3.017 - Report created 16/01/2014 at 13:01:33
# Updated 12/01/2014 by Xplode
# Operating System : Windows 7 Home Premium Service Pack 1 (64 bits)
# Username : WinDows7 - WINDOWS7-PC
# Running from : C:\Users\WinDows7\Downloads\adwcleaner.exe
# Option : Clean

***** [ Services ] *****

[#] Service Deleted : DefaultTabSearch
Service Deleted : DefaultTabUpdate

***** [ Files / Folders ] *****

Folder Deleted : C:\ProgramData\apn
Folder Deleted : C:\ProgramData\Babylon
Folder Deleted : C:\ProgramData\baidu
Folder Deleted : C:\ProgramData\Premium
Folder Deleted : C:\ProgramData\QuickSet
Folder Deleted : C:\ProgramData\RightClick
Folder Deleted : C:\ProgramData\SoftSafe
Folder Deleted : C:\ProgramData\Tarma Installer
Folder Deleted : C:\ProgramData\YoutubeAdblocker
Folder Deleted : C:\ProgramData\AlawarWrapper
Folder Deleted : C:\ProgramData\gurEaTsaVEr
Folder Deleted : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\myfree codec
Folder Deleted : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Protected Search
Folder Deleted : C:\Program Files (x86)\BrowseToSave
Folder Deleted : C:\Program Files (x86)\Complitly
Folder Deleted : C:\Program Files (x86)\Conduit
Folder Deleted : C:\Program Files (x86)\DefaultTab
Folder Deleted : C:\Program Files (x86)\Delta
Folder Deleted : C:\Program Files (x86)\driver-soft
Folder Deleted : C:\Program Files (x86)\myfree codec
Folder Deleted : C:\Program Files (x86)\OApps
Folder Deleted : C:\Program Files (x86)\Protected Search
Folder Deleted : C:\Program Files (x86)\Surf Canyon
Folder Deleted : C:\Program Files (x86)\YoutubeAdblocker
Folder Deleted : C:\Program Files (x86)\gurEaTsaVEr
Folder Deleted : C:\Windows\SysWOW64\hotspot shield
Folder Deleted : C:\Users\WinDows7\AppData\Local\Conduit
Folder Deleted : C:\Users\WinDows7\AppData\Local\PutLockerDownloader
Folder Deleted : C:\Users\WinDows7\AppData\Local\torch
Folder Deleted : C:\Users\WinDows7\AppData\Local\visi_coupon
Folder Deleted : C:\Users\WinDows7\AppData\LocalLow\blekko
Folder Deleted : C:\Users\WinDows7\AppData\LocalLow\Conduit
Folder Deleted : C:\Users\WinDows7\AppData\LocalLow\Delta
Folder Deleted : C:\Users\WinDows7\AppData\LocalLow\PriceGong
Folder Deleted : C:\Users\WinDows7\AppData\LocalLow\SimplyTech
Folder Deleted : C:\Users\WinDows7\AppData\Roaming\BabSolution
Folder Deleted : C:\Users\WinDows7\AppData\Roaming\Babylon
Folder Deleted : C:\Users\WinDows7\AppData\Roaming\baidu
Folder Deleted : C:\Users\WinDows7\AppData\Roaming\Complitly
Folder Deleted : C:\Users\WinDows7\AppData\Roaming\DefaultTab
Folder Deleted : C:\Users\WinDows7\AppData\Roaming\ExpressFiles
Folder Deleted : C:\Users\WinDows7\AppData\Roaming\EZDownloader
Folder Deleted : C:\Users\WinDows7\AppData\Roaming\file scout
Folder Deleted : C:\Users\WinDows7\AppData\Roaming\OpenCandy
Folder Deleted : C:\Users\WinDows7\AppData\Roaming\Systweak
Folder Deleted : C:\Users\WinDows7\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\BitGuard
Folder Deleted : C:\Users\WinDows7\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\FTDownloader.com
Folder Deleted : C:\Users\WinDows7\Documents\optimizer pro
Folder Deleted : C:\Users\WinDows7\AppData\Roaming\Mozilla\Firefox\Profiles\extensions\Extensions\{33E0DAA6-3AF3-D8B5-6752-10E949C61516}
Folder Deleted : C:\Program Files (x86)\Mozilla Firefox\Extensions\afurladvisor@anchorfree.com
Folder Deleted : C:\Program Files (x86)\Mozilla Firefox\Extensions\ffxtlbr@babylon.com
Folder Deleted : C:\Users\WinDows7\AppData\Roaming\Mozilla\Firefox\Profiles\c7vtafrv.default\Extensions\ffxtlbr@delta.com
Folder Deleted : C:\Users\WinDows7\AppData\Roaming\Mozilla\Firefox\Profiles\c7vtafrv.default\Extensions\eu3yoy@yiejhmkw.net
Folder Deleted : C:\Users\WinDows7\AppData\Roaming\Mozilla\Firefox\Profiles\c7vtafrv.default\Extensions\gc8i_oi@ebcaoeuqe.co.uk
Folder Deleted : C:\Users\WinDows7\AppData\Roaming\Mozilla\Firefox\Profiles\extensions\Extensions\{a85b3e8c-9d4d-47f1-a5b1-7c0e4267039d}
Folder Deleted : C:\Users\WinDows7\AppData\Local\Google\Chrome\User Data\Default\Extensions\abepbblpkilpjohncjbccmdjhdhbnhdj
Folder Deleted : C:\Users\WinDows7\AppData\Local\Google\Chrome\User Data\Default\Extensions\eooncjejnppfjjklapaamhcdmjbilmde
File Deleted : C:\END
File Deleted : C:\Windows\System32\roboot64.exe
File Deleted : C:\Users\WinDows7\AppData\Roaming\Mozilla\Firefox\Profiles\c7vtafrv.default\bprotector_extensions.sqlite
File Deleted : C:\Users\WinDows7\AppData\Roaming\Mozilla\Firefox\Profiles\c7vtafrv.default\bprotector_prefs.js
File Deleted : C:\Users\WinDows7\AppData\Roaming\Mozilla\Firefox\Profiles\c7vtafrv.default\invalidprefs.js
File Deleted : C:\Users\WinDows7\AppData\Roaming\Mozilla\Firefox\Profiles\c7vtafrv.default\searchplugins\Babylon.xml
File Deleted : C:\Users\WinDows7\AppData\Roaming\Mozilla\Firefox\Profiles\c7vtafrv.default\searchplugins\BrowserProtect.xml
File Deleted : C:\Users\WinDows7\AppData\Roaming\Mozilla\Firefox\Profiles\c7vtafrv.default\searchplugins\delta.xml
File Deleted : C:\Users\WinDows7\AppData\Roaming\Mozilla\Firefox\Profiles\c7vtafrv.default\user.js
File Deleted : C:\Users\WinDows7\AppData\Roaming\Mozilla\Firefox\Profiles\extensions\user.js
File Deleted : C:\Windows\System32\Tasks\BitGuard
File Deleted : C:\Windows\System32\Tasks\EPUpdater
File Deleted : C:\Windows\System32\Tasks\Express FilesUpdate
File Deleted : C:\Windows\System32\Tasks\ProtectedSearch

***** [ Shortcuts ] *****


***** [ Registry ] *****

Value Deleted : HKCU\Software\Mozilla\Firefox\Extensions [singalong@xenophesoft.com]
Key Deleted : HKLM\SOFTWARE\Google\Chrome\Extensions\abepbblpkilpjohncjbccmdjhdhbnhdj
Key Deleted : HKLM\SOFTWARE\Google\Chrome\Extensions\dlfienamagdnkekbbbocojppncdambda
Key Deleted : HKCU\Software\Google\Chrome\Extensions\ejpbbhjlbipncjklfjjaedaieimbmdda
Key Deleted : HKLM\SOFTWARE\Google\Chrome\Extensions\ejpbbhjlbipncjklfjjaedaieimbmdda
Key Deleted : HKLM\SOFTWARE\Google\Chrome\Extensions\eooncjejnppfjjklapaamhcdmjbilmde
Key Deleted : HKLM\SOFTWARE\Google\Chrome\Extensions\gkjoindjjcmbdpbfppabdgflnkgbbcli
Key Deleted : HKLM\SOFTWARE\Google\Chrome\Extensions\jcdgjdiieiljkfkdcloehkohchhpekkn
Key Deleted : HKLM\SOFTWARE\Google\Chrome\Extensions\kdidombaedgpfiiedeimiebkmbilgmlc
Key Deleted : HKLM\SOFTWARE\Google\Chrome\Extensions\kiplfnciaokpcennlkldkdaeaaomamof
Key Deleted : HKLM\SOFTWARE\Google\Chrome\Extensions\ogccgbmabaphcakpiclgcnmcnimhokcj
Value Deleted : HKCU\Software\Microsoft\Internet Explorer\Main [bprotector start page]
Value Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes [bProtectorDefaultScope]
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\bProtectSettings
Key Deleted : HKLM\SOFTWARE\Classes\*\shell\filescout
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{C26644C4-2A12-4CA6-8F2E-0EDE6CF018F3}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\Complitly.DLL
Key Deleted : HKLM\SOFTWARE\Classes\AppID\DefaultTabBHO.DLL
Key Deleted : HKLM\SOFTWARE\Classes\AppID\escort.DLL
Key Deleted : HKLM\SOFTWARE\Classes\AppID\escortApp.DLL
Key Deleted : HKLM\SOFTWARE\Classes\AppID\escortEng.DLL
Key Deleted : HKLM\SOFTWARE\Classes\AppID\escorTlbr.DLL
Key Deleted : HKLM\SOFTWARE\Classes\AppID\esrv.EXE
Key Deleted : HKLM\SOFTWARE\Classes\AppID\secman.DLL
Key Deleted : HKLM\SOFTWARE\Classes\AppID\surfcanyon.DLL
Key Deleted : HKLM\SOFTWARE\Classes\Applications\ilividsetup.exe
Key Deleted : HKLM\SOFTWARE\Classes\d
Key Deleted : HKLM\SOFTWARE\Classes\DefaultTabBHO.DefaultTabBrowser
Key Deleted : HKLM\SOFTWARE\Classes\DefaultTabBHO.DefaultTabBrowser.1
Key Deleted : HKLM\SOFTWARE\Classes\DefaultTabBHO.DefaultTabBrowserActiveX
Key Deleted : HKLM\SOFTWARE\Classes\DefaultTabBHO.DefaultTabBrowserActiveX.1
Key Deleted : HKLM\SOFTWARE\Classes\delta.deltaappCore
Key Deleted : HKLM\SOFTWARE\Classes\delta.deltaappCore.1
Key Deleted : HKLM\SOFTWARE\Classes\delta.deltadskBnd
Key Deleted : HKLM\SOFTWARE\Classes\delta.deltadskBnd.1
Key Deleted : HKLM\SOFTWARE\Classes\delta.deltaHlpr
Key Deleted : HKLM\SOFTWARE\Classes\delta.deltaHlpr.1
Key Deleted : HKLM\SOFTWARE\Classes\escort.escortIEPane
Key Deleted : HKLM\SOFTWARE\Classes\escort.escortIEPane.1
Key Deleted : HKLM\SOFTWARE\Classes\esrv.deltaESrvc
Key Deleted : HKLM\SOFTWARE\Classes\esrv.deltaESrvc.1
Key Deleted : HKLM\SOFTWARE\Classes\FTDownloader
Key Deleted : HKLM\SOFTWARE\Classes\Prod.cap
Key Deleted : HKLM\SOFTWARE\Classes\secman.OutlookSecurityManager
Key Deleted : HKLM\SOFTWARE\Classes\secman.OutlookSecurityManager.1
Key Deleted : HKLM\SOFTWARE\Classes\speedupmypc
Key Deleted : HKLM\SOFTWARE\Classes\SuggestMeYes.SuggestMeYesBHO
Key Deleted : HKLM\SOFTWARE\Classes\SuggestMeYes.SuggestMeYesBHO.1
Key Deleted : HKLM\SOFTWARE\Classes\surfcanyon.BhoSite
Key Deleted : HKLM\SOFTWARE\Classes\surfcanyon.BhoSite.1
Key Deleted : HKLM\SOFTWARE\Classes\wtb.Band
Key Deleted : HKLM\SOFTWARE\Classes\wtb.Band.1
Key Deleted : HKLM\SOFTWARE\Classes\wtb.NotificationSource
Key Deleted : HKLM\SOFTWARE\Classes\wtb.NotificationSource.1
Key Deleted : HKLM\SOFTWARE\Classes\wtb.SourceSinkImpl
Key Deleted : HKLM\SOFTWARE\Classes\wtb.SourceSinkImpl.1
Key Deleted : HKLM\SOFTWARE\Classes\wtb.ToolbarInfo
Key Deleted : HKLM\SOFTWARE\Classes\wtb.ToolbarInfo.1
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\apnstub_RASAPI32
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\apnstub_RASMANCS
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\au__rasapi32
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\au__rasmancs
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\BingBar_RASMANCS
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\blekko_1311013_RASAPI32
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\blekko_1311013_RASMANCS
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\BundleSweetIMSetup_RASAPI32
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\BundleSweetIMSetup_RASMANCS
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\ConduitInstaller_RASAPI32
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\ConduitInstaller_RASMANCS
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\FTDownloader_RASAPI32
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\FTDownloader_RASMANCS
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\iLividSetup_RASAPI32
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\iLividSetup_RASMANCS
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\MyBabylontb_RASAPI32
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\MyBabylontb_RASMANCS
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\sweetim_rasapi32
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\sweetim_rasmancs
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\sweetpacksupdatemanager_rasapi32
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\SweetPacksUpdateManager_RASMANCS
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\systweakasp_rasapi32
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\systweakasp_rasmancs
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\SP_f2a323db
Key Deleted : HKCU\Software\5868f8db56de814
Key Deleted : HKLM\SOFTWARE\5868f8db56de814
Key Deleted : HKLM\SOFTWARE\Classes\Toolbar.CT1605787
Key Deleted : HKLM\SOFTWARE\Classes\Toolbar.CT3220468
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{09C554C3-109B-483C-A06B-F14172F1A947}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{0A18A436-2A7A-49F3-A488-30538A2F6323}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{1005247F-A178-490A-8DC3-6BAF09EA427B}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{38495740-0035-4471-851E-F5BBB86AB085}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{39CB8175-E224-4446-8746-00566302DF8D}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{3FC27B34-0C19-49DA-875E-1875DDD4A6B2}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{442F13BC-2031-42D5-9520-437F65271153}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{4D076AB4-7562-427A-B5D2-BD96E19DEE56}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{4E1E9D45-8BF9-4139-915C-9F83CC3D5921}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{608D3067-77E8-463D-9084-908966806826}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{72D89EBF-0C5D-4190-91FD-398E45F1D007}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{A2773ED4-83BD-488A-A186-73590706C916}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{A3514F71-E63F-440B-8076-14226E21B2BF}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{B12E99ED-69BD-437C-86BE-C862B9E5444D}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{C3110516-8EFC-49D6-8B72-69354F332062}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{D7EE8177-D51E-4F89-92B6-83EA2EC40800}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{EA28B360-05E0-4F93-8150-02891F1D8D3C}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{00000001-4FEF-40D3-B3FA-E0531B897F98}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{007EFBDF-8A5D-4930-97CC-A4B437CBA777}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{02478D38-C3F9-4EFB-9B51-7695ECA05670}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{058F0E48-61CA-4964-9FBA-1978A1BB060D}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{0FB6A909-6086-458F-BD92-1F8EE10042A0}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{18F33C35-8EF2-40D7-8BA4-932B0121B472}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{261DD098-8A3E-43D4-87AA-63324FA897D8}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{3C471948-F874-49F5-B338-4F214A2EE0B1}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{4FCB4630-2A1C-4AA1-B422-345E8DC8A6DE}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{5AB7104A-B71F-49AD-9154-F7F8806AE848}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{5C3B5DAA-0AFF-4808-90FB-0F2F2D760E36}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{64697678-0000-0010-8000-00AA00389B71}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{66EEF543-A9AC-4A9D-AA3C-1ED148AC8EEE}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{7825CFB6-490A-436B-9F26-4A7B5CFC01A9}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{7F6AFBF1-E065-4627-A2FD-810366367D01}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{80922EE0-8A76-46AE-95D5-BD3C3FE0708D}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{826D7151-8D99-434B-8540-082B8C2AE556}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{82E1477C-B154-48D3-9891-33D83C26BCD3}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{86838207-681D-469D-9511-D0DCC6F19F9B}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{A1E28287-1A31-4B0F-8D05-AA8C465D3C5A}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{A928E66C-F501-4E66-9953-855C712F93B2}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{C1AF5FA5-852C-4C90-812E-A7F75E011D87}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{E97A663B-81A6-49C5-A6D3-BCB05BA1DE26}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{EF99BD32-C1FB-11D2-892F-0090271D4F88}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{FD501041-8EBE-11CE-8183-00AA00577DA2}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{10DE7085-6A1E-4D41-A7BF-9AF93E351401}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{1231839B-064E-4788-B865-465A1B5266FD}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{1AD27395-1659-4DFF-A319-2CFA243861A5}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{1F8EDE97-36D5-422A-B8F0-9406E2D87C60}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{2DAC2231-CC35-482B-97C5-CED1D4185080}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{3F1CD84C-04A3-4EA0-9EA1-7D134FD66C82}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{3F83A9CA-B5F0-44EC-9357-35BB3E84B07F}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{47E520EA-CAD2-4F51-8F30-613B3A1C33EB}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{57C91446-8D81-4156-A70E-624551442DE9}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{66EEF543-A9AC-4A9D-AA3C-1ED148AC8EEE}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{66EEF543-A9AC-4A9D-AA3C-1ED148AC8FFE}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{68AD96A1-2A28-4841-ABD0-F5AA45F008C9}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{70AFB7B2-9FB5-4A70-905B-0E9576142E1D}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{7AD65FD1-79E0-406D-B03C-DD7C14726D69}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{8DA8B89E-0C65-403B-8231-AB22ECFA0687}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{97DD820D-2E20-40AD-B01E-6730B2FCE630}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{A928E66C-F501-4E66-9953-855C712F93B2}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{B0E28FA0-DF07-44B6-95CE-48BE26DB9266}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{B177446D-54A4-4869-BABC-8566110B4BE0}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{C9AE652B-8C99-4AC2-B556-8B501182874E}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{D9D1DFC5-502D-43E4-B1BB-4D0B7841489A}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{E0B07188-A528-4F9E-B2F7-C7FDE8680AE4}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{E6B4EE8F-C38E-4994-BE28-229A3F92262C}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{F05B12E1-ADE8-4485-B45B-898748B53C37}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{FCA8936E-403A-4487-A966-70F80F1D5A6A}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{01BCB858-2F62-4F06-A8F4-48F927C15333}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{11549FE4-7C5A-4C17-9FC3-56FC5162A994}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{39CB8175-E224-4446-8746-00566302DF8D}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{4599D05A-D545-4069-BB42-5895B4EAE05B}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{4E1E9D45-8BF9-4139-915C-9F83CC3D5921}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{BA3105E9-5DE6-4A1E-A819-6F5046AB67F5}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{D7EE8177-D51E-4F89-92B6-83EA2EC40800}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{E69D4A59-73DE-4E38-9FB3-740EC4D9060D}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{FEB62B15-CC00-4736-AAEC-BA046C9DFF73}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{02478D38-C3F9-4EFB-9B51-7695ECA05670}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{0FB6A909-6086-458F-BD92-1F8EE10042A0}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{5AB7104A-B71F-49AD-9154-F7F8806AE848}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{7825CFB6-490A-436B-9F26-4A7B5CFC01A9}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{7F6AFBF1-E065-4627-A2FD-810366367D01}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{C1AF5FA5-852C-4C90-812E-A7F75E011D87}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{02478D38-C3F9-4EFB-9B51-7695ECA05670}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{0FB6A909-6086-458F-BD92-1F8EE10042A0}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{5AB7104A-B71F-49AD-9154-F7F8806AE848}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{7825CFB6-490A-436B-9F26-4A7B5CFC01A9}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{7F6AFBF1-E065-4627-A2FD-810366367D01}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{82E1477C-B154-48D3-9891-33D83C26BCD3}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{C1AF5FA5-852C-4C90-812E-A7F75E011D87}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{DF7770F7-832F-4BDF-B144-100EDDD0C3AE}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{EF99BD32-C1FB-11D2-892F-0090271D4F88}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{F9E4A054-E9B1-4BC3-83A3-76A1AE736170}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{02478D38-C3F9-4EFB-9B51-7695ECA05670}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{0FB6A909-6086-458F-BD92-1F8EE10042A0}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{5AB7104A-B71F-49AD-9154-F7F8806AE848}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{7825CFB6-490A-436B-9F26-4A7B5CFC01A9}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{7F6AFBF1-E065-4627-A2FD-810366367D01}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{82E1477C-B154-48D3-9891-33D83C26BCD3}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{BAE35237-8D73-44D0-905C-8A95EA1E7E69}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{C1AF5FA5-852C-4C90-812E-A7F75E011D87}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{EECF410C-006C-4A05-AD13-6741A0814DBF}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{EEE6C35B-6118-11DC-9C72-001320C79847}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{EEE6C35C-6118-11DC-9C72-001320C79847}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{EF99BD32-C1FB-11D2-892F-0090271D4F88}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{F9E4A054-E9B1-4BC3-83A3-76A1AE736170}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{7825CFB6-490A-436B-9F26-4A7B5CFC01A9}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{02478D38-C3F9-4EFB-9B51-7695ECA05670}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{7825CFB6-490A-436B-9F26-4A7B5CFC01A9}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{7F6AFBF1-E065-4627-A2FD-810366367D01}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{A1E28287-1A31-4B0F-8D05-AA8C465D3C5A}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{EF99BD32-C1FB-11D2-892F-0090271D4F88}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{348C2DF3-1191-4C3E-92A6-B3A89A9D9C85}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{7825CFB6-490A-436B-9F26-4A7B5CFC01A9}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{CFD485F0-96BD-47CD-BB6D-CD7DDA95F102}
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{0ECDF796-C2DC-4D79-A620-CCE0C0A66CC9}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{AFDBDDAA-5D3F-42EE-B79C-185A7020515B}
Value Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{82E1477C-B154-48D3-9891-33D83C26BCD3}]
Value Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{EF99BD32-C1FB-11D2-892F-0090271D4F88}]
Key Deleted : [x64] HKLM\SOFTWARE\Classes\CLSID\{0FB6A909-6086-458F-BD92-1F8EE10042A0}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\CLSID\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\CLSID\{F9E4A054-E9B1-4BC3-83A3-76A1AE736170}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{1231839B-064E-4788-B865-465A1B5266FD}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{1F8EDE97-36D5-422A-B8F0-9406E2D87C60}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{2DAC2231-CC35-482B-97C5-CED1D4185080}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{3F1CD84C-04A3-4EA0-9EA1-7D134FD66C82}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{3F83A9CA-B5F0-44EC-9357-35BB3E84B07F}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{47E520EA-CAD2-4F51-8F30-613B3A1C33EB}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{57C91446-8D81-4156-A70E-624551442DE9}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{66EEF543-A9AC-4A9D-AA3C-1ED148AC8EEE}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{66EEF543-A9AC-4A9D-AA3C-1ED148AC8FFE}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{68AD96A1-2A28-4841-ABD0-F5AA45F008C9}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{70AFB7B2-9FB5-4A70-905B-0E9576142E1D}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{7AD65FD1-79E0-406D-B03C-DD7C14726D69}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{8DA8B89E-0C65-403B-8231-AB22ECFA0687}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{97DD820D-2E20-40AD-B01E-6730B2FCE630}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{A928E66C-F501-4E66-9953-855C712F93B2}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{B0E28FA0-DF07-44B6-95CE-48BE26DB9266}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{B177446D-54A4-4869-BABC-8566110B4BE0}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{C9AE652B-8C99-4AC2-B556-8B501182874E}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{D9D1DFC5-502D-43E4-B1BB-4D0B7841489A}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{E0B07188-A528-4F9E-B2F7-C7FDE8680AE4}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{E6B4EE8F-C38E-4994-BE28-229A3F92262C}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{F05B12E1-ADE8-4485-B45B-898748B53C37}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{FCA8936E-403A-4487-A966-70F80F1D5A6A}
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{0FB6A909-6086-458F-BD92-1F8EE10042A0}
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{F9E4A054-E9B1-4BC3-83A3-76A1AE736170}
Key Deleted : HKCU\Software\1ClickDownload
Key Deleted : HKCU\Software\anchorfree
Key Deleted : HKCU\Software\BabSolution
Key Deleted : HKCU\Software\Complitly
Key Deleted : HKCU\Software\Conduit
Key Deleted : HKCU\Software\DataMngr
[#] Key Deleted : HKCU\Software\DataMngr_Toolbar
Key Deleted : HKCU\Software\Default Tab
Key Deleted : HKCU\Software\DefaultTab
Key Deleted : HKCU\Software\Delta
Key Deleted : HKCU\Software\ExpressFiles
Key Deleted : HKCU\Software\filescout
Key Deleted : HKCU\Software\FLEXnet
Key Deleted : HKCU\Software\ilivid
Key Deleted : HKCU\Software\LiveSupport
Key Deleted : HKCU\Software\Myfree Codec
Key Deleted : HKCU\Software\ProtectedSearch
Key Deleted : HKCU\Software\simplytech
Key Deleted : HKCU\Software\Surf Canyon
Key Deleted : HKCU\Software\systweak
Key Deleted : HKCU\Software\torch
Key Deleted : HKCU\Software\AppDataLow\SProtector
Key Deleted : HKCU\Software\AppDataLow\Software\Conduit
Key Deleted : HKCU\Software\AppDataLow\Software\ConduitSearchScopes
Key Deleted : HKCU\Software\AppDataLow\Software\DefaultTab
Key Deleted : HKCU\Software\AppDataLow\Software\PriceGong
Key Deleted : HKCU\Software\AppDataLow\Software\simplytech
Key Deleted : HKCU\Software\AppDataLow\Software\SmartBar
Key Deleted : HKLM\Software\{3A7D3E19-1B79-4E4E-BD96-5467DA2C4EF0}
Key Deleted : HKLM\Software\Babylon
Key Deleted : HKLM\Software\Conduit
Key Deleted : HKLM\Software\DataMngr
Key Deleted : HKLM\Software\Default Tab
Key Deleted : HKLM\Software\DefaultTab
Key Deleted : HKLM\Software\Delta
Key Deleted : HKLM\Software\Driver-Soft
Key Deleted : HKLM\Software\ExpressFiles
Key Deleted : HKLM\Software\GS-Enabler
Key Deleted : HKLM\Software\Iminent
Key Deleted : HKLM\Software\InstallIQ
Key Deleted : HKLM\Software\Myfree Codec
Key Deleted : HKLM\Software\SimplyGen
Key Deleted : HKLM\Software\SP Global
Key Deleted : HKLM\Software\SProtector
Key Deleted : HKLM\Software\systweak
Key Deleted : HKLM\Software\torch
Key Deleted : HKLM\Software\Uniblue
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\MyFreeCodec
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{2F603A45-D956-496B-81B5-50D782424976}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{4820778D-AB0D-6D18-C316-52A6A0E1D507}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{4FFBB818-B13C-11E0-931D-B2664824019B}_is1
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{B85C4CB2-B352-4BD8-818C-BCE353599107}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{C3F3165C-74D3-6FDB-3274-14FDA8698CFA}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{CA41BB14-E67B-1653-C57B-5CA99418A866}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\1ClickDownload
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\DefaultTab
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Delta Chrome Toolbar
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Delta
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\IM
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Protected Search_is1
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Surf Canyon
Key Deleted : [x64] HKLM\SOFTWARE\Tarma Installer
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{2F603A45-D956-496B-81B5-50D782424976}
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{B85C4CB2-B352-4BD8-818C-BCE353599107}
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Optimizer Pro_is1

***** [ Browsers ] *****

-\\ Internet Explorer v11.0.9600.16428

Setting Restored : HKCU\Software\Microsoft\Internet Explorer\Main [Search Page]
Setting Restored : HKCU\Software\Microsoft\Internet Explorer\Main [Start Default_Page_URL]
Setting Restored : HKCU\Software\Microsoft\Internet Explorer\Main [Default_Search_URL]
Setting Restored : HKCU\Software\Microsoft\Internet Explorer\Main [Search Bar]
Setting Restored : HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Default_Search_URL]
Setting Restored : HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Search Page]
Setting Restored : HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Start Default_Page_URL]
Setting Restored : HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Search Bar]
Setting Restored : HKCU\Software\Microsoft\Internet Explorer\Search [Start Page]
Setting Restored : HKCU\Software\Microsoft\Internet Explorer\Search [Start Default_Page_URL]
Setting Restored : HKCU\Software\Microsoft\Internet Explorer\Search [Default_Search_URL]
Setting Restored : HKCU\Software\Microsoft\Internet Explorer\Search [Search Bar]
Setting Restored : HKCU\Software\Microsoft\Internet Explorer\Search [Search Page]
Setting Restored : HKLM\SOFTWARE\Microsoft\Internet Explorer\Search [Start Page]
Setting Restored : HKLM\SOFTWARE\Microsoft\Internet Explorer\Search [Start Default_Page_URL]
Setting Restored : HKLM\SOFTWARE\Microsoft\Internet Explorer\Search [Default_Search_URL]
Setting Restored : HKLM\SOFTWARE\Microsoft\Internet Explorer\Search [Search Bar]
Setting Restored : HKLM\SOFTWARE\Microsoft\Internet Explorer\Search [Search Page]
Setting Restored : HKCU\Software\Microsoft\Internet Explorer\SearchUrl [(Default)]
Setting Restored : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchUrl [(Default)]

-\\ Mozilla Firefox v22.0 (en-US)

[ File : C:\Users\WinDows7\AppData\Roaming\Mozilla\Firefox\Profiles\c7vtafrv.default\prefs.js ]

Line Deleted : user_pref("browser.newtab.url", "hxxp://www.delta-search.com/?babsrc=NT_ss&mntrId=30AD00FF07DFA2EE&affID=119520&tsp=4932");
Line Deleted : user_pref("browser.search.order.1", "Delta Search");
Line Deleted : user_pref("browser.search.selectedEngine", "Delta Search");
Line Deleted : user_pref("browser.startup.homepage", "hxxp://www.delta-search.com/?babsrc=HP_ss&mntrId=30AD00FF07DFA2EE&affID=119520&tsp=4932");
Line Deleted : user_pref("extensions.AcuGekO.scode", "(function(){if(window.self.location.hostname.indexOf(\"acebook.co\")>-1){return};if(window.self.location.protocol.indexOf('hxxp')>-1 && window.self==window.top &[...]
Line Deleted : user_pref("extensions.MmTzj.scode", "(function(){if(window.self.location.hostname.indexOf(\"acebook.co\")>-1){return};if(window.self.location.hostname.indexOf('mail.')==-1)\r\n{try{for(i=0;i<5;i++){wi[...]
Line Deleted : user_pref("extensions.delta.admin", false);
Line Deleted : user_pref("extensions.delta.aflt", "babsst");
Line Deleted : user_pref("extensions.delta.appId", "{C26644C4-2A12-4CA6-8F2E-0EDE6CF018F3}");
Line Deleted : user_pref("extensions.delta.autoRvrt", "false");
Line Deleted : user_pref("extensions.delta.bbDpng", "4");
Line Deleted : user_pref("extensions.delta.cntry", "SA");
Line Deleted : user_pref("extensions.delta.dfltLng", "en");
Line Deleted : user_pref("extensions.delta.excTlbr", false);
Line Deleted : user_pref("extensions.delta.ffxUnstlRst", true);
Line Deleted : user_pref("extensions.delta.hdrMd5", "7704EA69A350B4E102BE0A7DEABA7F17");
Line Deleted : user_pref("extensions.delta.id", "30ad1a4e00000000000000ff07dfa2ee");
Line Deleted : user_pref("extensions.delta.instlDay", "15889");
Line Deleted : user_pref("extensions.delta.instlRef", "sst");
Line Deleted : user_pref("extensions.delta.lastVrsnTs", "1.8.21.523:28:07");
Line Deleted : user_pref("extensions.delta.newTab", false);
Line Deleted : user_pref("extensions.delta.prdct", "delta");
Line Deleted : user_pref("extensions.delta.prtnrId", "delta");
Line Deleted : user_pref("extensions.delta.rvrt", "false");
Line Deleted : user_pref("extensions.delta.sg", "azb");
Line Deleted : user_pref("extensions.delta.smplGrp", "azb");
Line Deleted : user_pref("extensions.delta.tlbrId", "base");
Line Deleted : user_pref("extensions.delta.tlbrSrchUrl", "");
Line Deleted : user_pref("extensions.delta.vrsn", "1.8.21.5");
Line Deleted : user_pref("extensions.delta.vrsnTs", "1.8.21.523:28:07");
Line Deleted : user_pref("extensions.delta.vrsni", "1.8.21.5");
Line Deleted : user_pref("extensions.delta_i.babExt", "");
Line Deleted : user_pref("extensions.delta_i.babTrack", "affID=119520&tsp=4932");
Line Deleted : user_pref("extensions.delta_i.srcExt", "ss");
Line Deleted : user_pref("extensions.enabledAddons", "ffxtlbr%40delta.com:1.5.0,singalong%40xenophesoft.com:1.111,%7BDF153AFF-6948-45d7-AC98-4FC4AF8A08E2%7D:1.3.3,%7B972ce4c6-7e08-4474-a285-3208198ce6fd%7D:22.0");

-\\ Google Chrome v31.0.1650.63

[ File : C:\Users\WinDows7\AppData\Local\Google\Chrome\User Data\Default\preferences ]


*************************

AdwCleaner[R0].txt - [37002 octets] - [14/01/2014 23:22:54]
AdwCleaner[R1].txt - [37063 octets] - [16/01/2014 10:01:20]
AdwCleaner[S0].txt - [34454 octets] - [16/01/2014 13:01:33]

########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [34515 octets] ##########
ahlchie
Regular Member
 
Posts: 29
Joined: January 10th, 2014, 4:26 pm

Re: My folders in hard disk are appearing as shortcuts

Unread postby Gary R » January 16th, 2014, 6:55 am

No worries, we always allow people up to 3 days to reply before we get "worried".

If you've run the OTL fix, please post the log from that as well.

If you've run the ESET scan I'd like to see that as well, the ESET scan can take a long while to complete (sometimes hours) so I realise you may not have completed it yet, so post it when you've got it. Any problems let me know.
User avatar
Gary R
Administrator
Administrator
 
Posts: 21864
Joined: June 28th, 2005, 11:36 am
Location: Yorkshire

Re: My folders in hard disk are appearing as shortcuts

Unread postby ahlchie » January 16th, 2014, 8:17 am

Gary i have a problem the OLT is not responding when i click on the Run fix button i waited for a couple of hours and it is still not responding what should i do?
ahlchie
Regular Member
 
Posts: 29
Joined: January 10th, 2014, 4:26 pm

Re: My folders in hard disk are appearing as shortcuts

Unread postby Gary R » January 16th, 2014, 9:36 am

OK, just exit out of OTL, you might have to shut down your computer to do that.

Then run the scan with ESET and post me the log.

We'll use another tool to deal with the items I wanted to target with OTL, but I'll wait to see what ESET finds first.
User avatar
Gary R
Administrator
Administrator
 
Posts: 21864
Joined: June 28th, 2005, 11:36 am
Location: Yorkshire

Re: My folders in hard disk are appearing as shortcuts

Unread postby ahlchie » January 16th, 2014, 3:39 pm

ESET.txt

C:\AdwCleaner\Quarantine\C\Program Files (x86)\BrowseToSave\sprotector.dll.vir Win32/SProtector.A application
C:\AdwCleaner\Quarantine\C\Program Files (x86)\BrowseToSave\uninstall.exe.vir Win32/SProtector.B application
C:\AdwCleaner\Quarantine\C\Program Files (x86)\DefaultTab\DefaultTabSearch.exe.vir a variant of Win32/Toolbar.DefaultTab.B application
C:\AdwCleaner\Quarantine\C\Program Files (x86)\Delta\delta\1.8.21.5\deltaApp.dll.vir a variant of Win32/Toolbar.Montiera.A application
C:\AdwCleaner\Quarantine\C\Program Files (x86)\Delta\delta\1.8.21.5\deltaEng.dll.vir probably a variant of Win32/Toolbar.Montiera.A application
C:\AdwCleaner\Quarantine\C\Program Files (x86)\Delta\delta\1.8.21.5\deltasrv.exe.vir a variant of Win32/Toolbar.Montiera.A application
C:\AdwCleaner\Quarantine\C\Program Files (x86)\Delta\delta\1.8.21.5\deltaTlbr.dll.vir Win32/Toolbar.Babylon.G application
C:\AdwCleaner\Quarantine\C\Program Files (x86)\Delta\delta\1.8.21.5\bh\delta.dll.vir Win32/Toolbar.Escort.A application
C:\AdwCleaner\Quarantine\C\Program Files (x86)\OApps\SelectionLinks.dll.vir Win32/AdWare.Facetheme.F application
C:\AdwCleaner\Quarantine\C\Program Files (x86)\YoutubeAdblocker\rz5.dll.vir a variant of Win32/AdWare.MultiPlug.N application
C:\AdwCleaner\Quarantine\C\Program Files (x86)\YoutubeAdblocker\rz5.x64.dll.vir a variant of Win64/Adware.MultiPlug.A application
C:\AdwCleaner\Quarantine\C\ProgramData\apn\APN-Stub\W3IV6-G\APNIC.dll.vir Win32/Bundled.Toolbar.Ask.B application
C:\AdwCleaner\Quarantine\C\ProgramData\QuickSet\GS-Enabler\GS-Enabler.exe.vir a variant of Win32/TrojanDownloader.Agent.AFD trojan
C:\AdwCleaner\Quarantine\C\ProgramData\YoutubeAdblocker\MIcY.exe.vir a variant of Win32/AdWare.MultiPlug.K.gen application
C:\AdwCleaner\Quarantine\C\Users\WinDows7\AppData\Local\Google\Chrome\User Data\Default\Extensions\abepbblpkilpjohncjbccmdjhdhbnhdj\1.111\contentscript.js.vir Win32/Adware.AddLyrics.F application
C:\AdwCleaner\Quarantine\C\Users\WinDows7\AppData\Roaming\BabSolution\Shared\BabMaint.exe.vir Win32/Toolbar.Babylon.I application
C:\AdwCleaner\Quarantine\C\Users\WinDows7\AppData\Roaming\DefaultTab\DefaultTab\DefaultTabBHO.dll.vir a variant of Win32/Toolbar.DefaultTab.B application
C:\AdwCleaner\Quarantine\C\Users\WinDows7\AppData\Roaming\DefaultTab\DefaultTab\DefaultTabStart.exe.vir a variant of Win32/Toolbar.DefaultTab.B application
C:\AdwCleaner\Quarantine\C\Users\WinDows7\AppData\Roaming\DefaultTab\DefaultTab\DefaultTabWrap.dll.vir a variant of Win32/Toolbar.DefaultTab.B application
C:\AdwCleaner\Quarantine\C\Users\WinDows7\AppData\Roaming\DefaultTab\DefaultTab\DTUpdate.exe.vir Win32/Toolbar.DefaultTab.A application
C:\AdwCleaner\Quarantine\C\Users\WinDows7\AppData\Roaming\file scout\filescout.exe.vir Win32/FileScout.A application
C:\AdwCleaner\Quarantine\C\Users\WinDows7\AppData\Roaming\OpenCandy\1CEC0A0DDC5F4D829E14F3A36693FC73\hao123inst-saudi.exe.vir a variant of Win32/Hao123.A application
C:\Program Files\Strogino CS Portal\Dota 2\Dota_2.exe a variant of Win32/GameHack.B application
C:\Program Files (x86)\DmC Devil May Cry\Binaries\Win32\steam_api.dll a variant of Win32/HackTool.Crack.BQ application
C:\Program Files (x86)\GS-Enabler\Assistant.dll a variant of Win32/SProtector.D application
C:\Program Files (x86)\GS-Enabler\AssistantSvc.dll a variant of Win32/SProtector.D application
C:\ProgramData\InstallMate\{4F16B0EE-B2F3-4420-A6CB-FAD194F59218}\Custom.dll Win32/InstalleRex.M application
C:\Users\All Users\InstallMate\{4F16B0EE-B2F3-4420-A6CB-FAD194F59218}\Custom.dll Win32/InstalleRex.M application
C:\Users\WinDows7\AppData\Local\Google\Chrome\User Data\Profile 1\Cache\f_004d1c Win32/InstalleRex.M application
C:\Users\WinDows7\AppData\Local\Google\Chrome\User Data\Profile 1\File System\000\t\00\00000000 Win32/InstalleRex.L application
C:\Users\WinDows7\AppData\Local\Google\Chrome\User Data\Profile 1\File System\000\t\00\00000001 Win32/InstalleRex.M application
C:\Users\WinDows7\AppData\Local\Temp\tbuTo0.dll a variant of Win32/Toolbar.Conduit.B application
C:\Users\WinDows7\Downloads\Skype Premium 6.1.73.129 Full.exe Win32/InstalleRex.M application
C:\_OTL\MovedFiles\01162014_131443\C_ProgramData\Broowsee22save\515972bf7bec6.dll a variant of Win32/Adware.MultiPlug.I application
D:\rhyan\download\SaveAs.sa-1-1.exe a variant of Win32/4Shared.F application
D:\rhyan\download\SaveAs.sa-1.exe a variant of Win32/4Shared.F application
D:\rhyan\download\SaveAs.sa.exe a variant of Win32/4Shared.F application
H:\Game Installers\All 51 PopCap Games as of 2011-02-24\Farm Frenzy PACK\Farm.Frenzy.3.American.Pie.v1.0-DELiGHT\setup.exe a variant of Win32/Toolbar.Conduit.B application
H:\Game Installers\All 51 PopCap Games as of 2011-02-24\Farm Frenzy PACK\Farm.Frenzy.3.Ice.Age.v3.0.0.0-TE\FarmFrenzy3IceAge_1660.exe a variant of Win32/Toolbar.Conduit.B application
H:\Game Installers\All 51 PopCap Games as of 2011-02-24\Farm Frenzy PACK\Farm.Frenzy.3.v1.0-DELiGHT\setup.exe a variant of Win32/Toolbar.Conduit.B application
H:\Movies\G.I. Joe Retaliation 2013 TS NEWSOURCE XviD AC3 - TODE\DR SEUSS THE LORAX (2012) DVDRip [H264 MP4][RoB]\Project X {2012} DVDRIP. Jaybob\Jaybob's_Movies_Toolbar_Internet Explorer.exe a variant of Win32/Toolbar.Conduit.B application
Operating memory a variant of Win32/SProtector.D application
ahlchie
Regular Member
 
Posts: 29
Joined: January 10th, 2014, 4:26 pm

Re: My folders in hard disk are appearing as shortcuts

Unread postby ahlchie » January 16th, 2014, 3:40 pm

sorry for delayed reply gary it took me soo long to scan my laptop...
ahlchie
Regular Member
 
Posts: 29
Joined: January 10th, 2014, 4:26 pm
Advertisement
Register to Remove

Next

  • Similar Topics
    Replies
    Views
    Last post

Return to Infected? Virus, malware, adware, ransomware, oh my!



Who is online

Users browsing this forum: No registered users and 28 guests

Contact us:

Advertisements do not imply our endorsement of that product or service. Register to remove all ads. The forum is run by volunteers who donate their time and expertise. We make every attempt to ensure that the help and advice posted is accurate and will not cause harm to your computer. However, we do not guarantee that they are accurate and they are to be used at your own risk. All trademarks are the property of their respective owners.

Member site: UNITE Against Malware