1. This site uses cookies. By continuing to use this site, you are agreeing to our use of cookies. Learn More.

Adware/Malware removal = Window bomb

Discussion in 'Windows - Virus and spyware problems' started by jaymacc81, Mar 24, 2014.

  1. jaymacc81

    jaymacc81 Member

    Joined:
    Sep 30, 2010
    Messages:
    15
    Likes Received:
    0
    Trophy Points:
    11
    OK, I have a decent gaming computer I built myself last year and recently Ive been letting my son on my comp to do "homework" etc. Turns out hes been downloading jailbreaks and mod menus etc for his ps3. I had conduit, a few search adware issues (safe search etc) installed and some supersavings crap installed as well. Took me a couple days of cleaning with malwarebytes, ccleaner, and Norton and some reg key deletions to get them gone. I BELIEVE.... lol. Now im getting window bombed at random. No specific program or anything. Example, I open up Chrome or IE and multiple windows open up, screen is flickering and when I try to ctrl alt del to end process its flickering there to and freezes comp. Malwarebytes and Norton arent finding anything now,Ive been reading up here and I ran OTL, heres what came up:

    OTL logfile created on: 3/24/2014 1:00:45 PM - Run 1
    OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\B Fizzle\Desktop
    64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
    Internet Explorer (Version = 9.11.9600.16521)
    Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

    15.90 Gb Total Physical Memory | 12.96 Gb Available Physical Memory | 81.53% Memory free
    32.09 Gb Paging File | 28.94 Gb Available in Paging File | 90.18% Paging File free
    Paging file location(s): ?:\pagefile.sys [binary data]

    %SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
    Drive C: | 919.32 Gb Total Space | 637.08 Gb Free Space | 69.30% Space Free | Partition Type: NTFS
    Drive D: | 12.09 Gb Total Space | 1.46 Gb Free Space | 12.11% Space Free | Partition Type: NTFS
    Drive G: | 149.05 Gb Total Space | 72.71 Gb Free Space | 48.78% Space Free | Partition Type: NTFS

    Computer Name: BFIZZLE-PC | User Name: B Fizzle | Logged in as Administrator.
    Boot Mode: Normal | Scan Mode: All users | Include 64bit Scans
    Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

    ========== Processes (SafeList) ==========

    PRC - [2014/03/24 12:59:45 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\B Fizzle\Desktop\OTL.exe
    PRC - [2014/03/07 13:39:00 | 000,444,760 | ---- | M] (Razer Inc.) -- C:\Program Files (x86)\Razer\Synapse\RzSynapse.exe
    PRC - [2014/01/31 15:25:10 | 000,389,120 | ---- | M] (AMD) -- C:\Program Files (x86)\ATI Technologies\HydraVision\HydraDM.exe
    PRC - [2013/12/21 00:04:16 | 000,065,432 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
    PRC - [2013/11/11 15:13:10 | 000,076,888 | ---- | M] () -- C:\Windows\SysWOW64\PnkBstrA.exe
    PRC - [2013/10/08 06:05:13 | 000,264,360 | R--- | M] (Symantec Corporation) -- C:\Program Files (x86)\Norton 360\Engine\21.1.0.18\N360.exe
    PRC - [2013/04/24 13:45:34 | 001,190,096 | ---- | M] (M-Audio) -- C:\Program Files (x86)\M-Audio\M-Track\MAPanel.exe
    PRC - [2013/04/24 13:45:30 | 000,546,816 | ---- | M] (M-Audio) -- C:\Program Files (x86)\M-Audio\M-Track\AudioDevMon.exe
    PRC - [2013/04/04 14:50:32 | 000,418,376 | ---- | M] (Malwarebytes Corporation) -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe
    PRC - [2012/12/10 17:01:54 | 000,082,792 | ---- | M] (Sendori, Inc.) -- C:\Program Files (x86)\Sendori\SendoriTray.exe
    PRC - [2012/09/23 20:43:40 | 000,040,592 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files (x86)\Adobe\Reader 11.0\Reader\reader_sl.exe
    PRC - [2012/08/20 13:43:20 | 000,550,272 | ---- | M] (ASUSTek Computer Inc.) -- C:\Program Files (x86)\InstallShield Installation Information\{E6931688-DA2B-4E16-8539-3D323D69C677}\AiChargerPlus.exe
    PRC - [2012/08/08 18:17:52 | 003,101,056 | ---- | M] (ASUSTeK Computer Inc.) -- C:\Program Files (x86)\ASUS\AI Suite II\Network iControl\NetSvcHelp\NetSvcHelp.exe
    PRC - [2012/08/07 13:42:12 | 001,504,640 | ---- | M] (ASUSTeK Computer Inc.) -- C:\Program Files (x86)\ASUS\AI Suite II\AI Suite II.exe
    PRC - [2012/08/01 16:39:04 | 001,112,064 | ---- | M] (ASUSTeK Computer Inc.) -- C:\Program Files (x86)\ASUS\AI Suite II\TurboV EVO\TurboVHelp.exe
    PRC - [2012/07/23 20:20:10 | 001,190,400 | ---- | M] (ASUSTeK Computer Inc.) -- C:\Program Files (x86)\ASUS\AI Suite II\DIGI+ Power Control\PowerControlHelp.exe
    PRC - [2012/07/16 22:01:20 | 000,658,080 | ---- | M] (ASUSTeK Computer Inc.) -- C:\Program Files (x86)\ASUS\AI Suite II\Remote GO!\AsDLNAServerReal.exe
    PRC - [2012/07/12 17:36:06 | 003,984,032 | ---- | M] (ASUSTeK Computer Inc.) -- C:\Program Files (x86)\ASUS\AI Suite II\Remote GO!\AssistTools\WiFi GO! Server.exe
    PRC - [2012/06/13 01:41:06 | 001,457,152 | R--- | M] (ASUSTeK Computer Inc.) -- C:\Program Files (x86)\ASUS\AsusFanControlService\1.01.14\AsusFanControlService.exe
    PRC - [2012/06/01 03:42:18 | 000,951,936 | R--- | M] (ASUSTeK Computer Inc.) -- C:\Program Files (x86)\ASUS\AAHM\1.00.20\aaHMSvc.exe
    PRC - [2012/06/01 03:42:18 | 000,920,736 | ---- | M] () -- C:\Program Files (x86)\ASUS\AXSP\1.00.19\atkexComSvc.exe
    PRC - [2012/03/13 12:34:12 | 002,935,424 | ---- | M] (ASUSTeK Computer Inc.) -- C:\Program Files (x86)\ASUS\AI Suite II\AsRoutineController.exe
    PRC - [2012/02/17 00:26:00 | 000,149,120 | R--- | M] (ASUSTeK Computer Inc.) -- C:\Program Files (x86)\ASUS\AsSysCtrlService\1.00.13\AsSysCtrlService.exe
    PRC - [2012/02/02 15:20:32 | 000,889,984 | ---- | M] (ASUSTeK Computer Inc.) -- C:\Program Files (x86)\ASUS\AI Suite II\Network iControl\NetSvcHelp\NetiCtrlTray.exe
    PRC - [2011/11/07 11:49:23 | 000,126,392 | R--- | M] (Symantec Corporation) -- C:\Program Files (x86)\Norton PC Checkup\Engine\2.0.15.96\ccSvcHst.exe
    PRC - [2011/10/01 01:30:22 | 000,219,496 | ---- | M] (Microsoft Corporation) -- C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe
    PRC - [2011/10/01 01:30:18 | 000,508,776 | ---- | M] (Microsoft Corporation) -- C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe
    PRC - [2011/09/08 21:29:12 | 001,112,704 | ---- | M] (ASUSTeK Computer Inc.) -- C:\Program Files (x86)\ASUS\AI Suite II\Sensor\AlertHelper\AlertHelper.exe
    PRC - [2010/11/20 06:17:55 | 000,257,536 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\wbem\WmiPrvSE.exe


    ========== Modules (No Company Name) ==========

    MOD - [2014/02/12 03:12:09 | 000,018,944 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\Presentatio49d6fefe#\47e7fc401facd4a5d3f2237f16948f36\PresentationFramework-SystemXml.ni.dll
    MOD - [2014/02/12 03:12:09 | 000,014,336 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\Presentatio4b37ff64#\0d3cb1df8b6af32cebdc6e2cc4948c69\PresentationFramework-SystemXmlLinq.ni.dll
    MOD - [2014/02/12 03:11:10 | 000,399,872 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Xml.Linq\b6c7a1ca929c1b10f36b683c9f1a0517\System.Xml.Linq.ni.dll
    MOD - [2014/02/12 03:11:05 | 000,190,976 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\UIAutomationTypes\75b6a68103e1b76063d9f69b8275ae61\UIAutomationTypes.ni.dll
    MOD - [2014/02/12 03:11:05 | 000,100,864 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\UIAutomationProvider\c94c36c9ae776de930f2aacb6dd51c38\UIAutomationProvider.ni.dll
    MOD - [2014/02/12 03:06:09 | 018,813,440 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\Presentatio5ae0f00f#\a4b45c44490c75bc2fb22780e7ef087d\PresentationFramework.ni.dll
    MOD - [2014/02/12 03:05:58 | 012,894,208 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Windows.Forms\f4f6ee0df2aa4189bf36e6335cb92761\System.Windows.Forms.ni.dll
    MOD - [2014/02/12 03:05:58 | 011,025,920 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\PresentationCore\a74542efbeb46445949a39026c501132\PresentationCore.ni.dll
    MOD - [2014/02/12 03:05:54 | 001,889,792 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Xaml\3fe705796c6a41d4889d9001d1c56af8\System.Xaml.ni.dll
    MOD - [2014/02/12 03:05:53 | 007,662,080 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Xml\bada32953bb6b16a53d653eae23d78dc\System.Xml.ni.dll
    MOD - [2014/02/12 03:05:53 | 006,990,336 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Core\dce99d8de14d8a015313db98c72552ee\System.Core.ni.dll
    MOD - [2014/02/12 03:05:53 | 001,180,672 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Management\0893e0e7137e3b2da905da6216b75344\System.Management.ni.dll
    MOD - [2014/02/12 03:05:51 | 003,950,080 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\WindowsBase\acf97bfe2a931d4a47253b26b7218991\WindowsBase.ni.dll
    MOD - [2014/02/12 03:05:51 | 002,825,216 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Runteb92aa12#\f6d7bb59f318c130d68816a89335d05e\System.Runtime.Serialization.ni.dll
    MOD - [2014/02/12 03:05:51 | 001,644,544 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Drawing\5cd2aee5e7c07227c694d89219688ab3\System.Drawing.ni.dll
    MOD - [2014/02/12 03:05:50 | 000,806,400 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Servd1dec626#\34b53ecafa1d7ccc7ca961d722b5d983\System.ServiceModel.Internals.ni.dll
    MOD - [2014/02/12 03:05:50 | 000,122,880 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\SMDiagnostics\78652b7fa68ee058bff6a118c657f565\SMDiagnostics.ni.dll
    MOD - [2014/02/12 03:05:49 | 000,976,384 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Configuration\bbc48ec4245e502ae19b0601d3799c9e\System.Configuration.ni.dll
    MOD - [2014/02/12 03:05:49 | 000,470,528 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\Presentatio1c9175f8#\75f8bc4cf08030c4a53b6d5e0ae20046\PresentationFramework.Aero.ni.dll
    MOD - [2014/02/12 03:05:48 | 010,060,800 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System\ff26cc03e6d57d8abd13b990332e67c6\System.ni.dll
    MOD - [2014/02/12 03:05:43 | 016,953,856 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\mscorlib\ce5f61c5754789df97be8dc991c47d07\mscorlib.ni.dll
    MOD - [2012/08/08 16:45:52 | 000,786,432 | ---- | M] () -- C:\Program Files (x86)\ASUS\AI Suite II\Network iControl\NetSvcHelp\func.dll
    MOD - [2012/07/31 15:21:32 | 000,152,064 | ---- | M] () -- C:\Program Files (x86)\ASUS\AI Suite II\Network iControl\NetSvcHelp\gep.dll
    MOD - [2012/07/25 09:56:42 | 001,124,864 | ---- | M] () -- C:\Program Files (x86)\ASUS\AI Suite II\Network iControl\Network iControl.dll
    MOD - [2012/07/10 17:55:30 | 001,625,600 | ---- | M] () -- C:\Program Files (x86)\ASUS\AI Suite II\Remote GO!\WiFiGO.dll
    MOD - [2012/07/05 12:05:48 | 000,253,952 | ---- | M] () -- C:\Program Files (x86)\ASUS\AI Suite II\TurboV EVO\pngio.dll
    MOD - [2012/06/22 13:32:10 | 000,184,320 | ---- | M] () -- C:\Program Files (x86)\ASUS\AI Suite II\Remote GO!\AssistTools\DLCapPP.dll
    MOD - [2012/06/19 12:56:22 | 001,305,600 | ---- | M] () -- C:\Program Files (x86)\ASUS\AI Suite II\MyLogo\MyLogo.dll
    MOD - [2012/05/28 21:27:04 | 001,622,528 | ---- | M] () -- C:\Program Files (x86)\ASUS\AI Suite II\Sensor Graph\SensorGraph.dll
    MOD - [2012/05/25 10:33:10 | 000,883,712 | ---- | M] () -- C:\Program Files (x86)\ASUS\AI Suite II\Sensor\Sensor.dll
    MOD - [2012/05/17 04:57:10 | 000,043,520 | ---- | M] () -- C:\Program Files (x86)\ASUS\AI Suite II\TurboV EVO\HookKey32.dll
    MOD - [2012/05/02 18:04:30 | 000,233,472 | ---- | M] () -- C:\Program Files (x86)\ASUS\AI Suite II\Remote GO!\AssistTools\AudioProjection.dll
    MOD - [2012/04/25 14:47:54 | 000,659,456 | ---- | M] () -- C:\Program Files (x86)\ASUS\AI Suite II\Remote GO!\AssistTools\PhoneCtrlAPI.dll
    MOD - [2012/04/20 16:24:08 | 000,716,800 | ---- | M] () -- C:\Program Files (x86)\ASUS\AI Suite II\Remote GO!\AssistTools\WiMoveHelp.dll
    MOD - [2012/03/21 12:07:44 | 000,972,288 | ---- | M] () -- C:\Program Files (x86)\ASUS\AI Suite II\BarGadget\BarGadget.dll
    MOD - [2012/01/19 09:39:30 | 000,028,672 | ---- | M] () -- C:\Program Files (x86)\ASUS\AI Suite II\USB BIOS Flashback\PEInfo.dll
    MOD - [2012/01/12 16:44:02 | 000,475,136 | ---- | M] () -- C:\Program Files (x86)\ASUS\AI Suite II\Remote GO!\AssistTools\WiFiGO_HookKey.dll
    MOD - [2011/10/14 20:03:22 | 000,885,248 | ---- | M] () -- C:\Program Files (x86)\ASUS\AI Suite II\TabGadget\TabGadget.dll
    MOD - [2011/09/26 19:36:24 | 000,869,376 | ---- | M] () -- C:\Program Files (x86)\ASUS\AI Suite II\AI Charger+\AIChargerPlus.dll
    MOD - [2011/09/19 20:18:20 | 001,243,136 | ---- | M] () -- C:\Program Files (x86)\ASUS\AI Suite II\Settings\Settings.dll
    MOD - [2011/08/09 14:52:50 | 000,425,984 | ---- | M] () -- C:\Program Files (x86)\ASUS\AI Suite II\Remote GO!\AssistTools\awiscale.dll
    MOD - [2011/07/21 09:06:44 | 000,846,848 | ---- | M] () -- C:\Program Files (x86)\ASUS\AI Suite II\Splitter\Splitter.dll
    MOD - [2011/07/12 19:14:52 | 000,147,456 | ---- | M] () -- C:\Program Files (x86)\ASUS\AI Suite II\AssistFunc.dll
    MOD - [2011/06/08 11:15:44 | 000,651,264 | ---- | M] () -- C:\Program Files (x86)\ASUS\AI Suite II\Thermal Radar\ThermalRadar.dll
    MOD - [2010/12/14 17:46:32 | 000,067,584 | ---- | M] () -- C:\Program Files (x86)\ASUS\AI Suite II\Remote GO!\AssistTools\CoreAudioCap.dll
    MOD - [2010/10/05 08:22:50 | 000,253,952 | ---- | M] () -- C:\Program Files (x86)\ASUS\AI Suite II\pngio.dll
    MOD - [2010/10/05 08:22:50 | 000,253,952 | ---- | M] () -- C:\Program Files (x86)\ASUS\AI Suite II\Network iControl\NetSvcHelp\pngio.dll
    MOD - [2010/10/05 08:22:50 | 000,208,896 | ---- | M] () -- C:\Program Files (x86)\ASUS\AI Suite II\ImageHelper.dll
    MOD - [2010/09/23 11:51:36 | 000,114,688 | ---- | M] () -- C:\Program Files (x86)\ASUS\AI Suite II\USB BIOS Flashback\AsIdxParser.dll
    MOD - [2010/08/22 20:17:40 | 000,662,016 | R--- | M] () -- C:\Program Files (x86)\ASUS\AAHM\1.00.20\aaHMLib.dll
    MOD - [2010/02/25 14:01:30 | 000,139,264 | ---- | M] () -- C:\Program Files (x86)\ASUS\AI Suite II\USB BIOS Flashback\AsZip.dll
    MOD - [2009/08/12 20:15:52 | 000,253,952 | ---- | M] () -- C:\Program Files (x86)\ASUS\AI Suite II\Sensor\AlertHelper\pngio.dll


    ========== Services (SafeList) ==========

    SRV:64bit: - [2014/02/28 22:33:34 | 000,111,616 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\IEEtwCollector.exe -- (IEEtwCollectorService)
    SRV:64bit: - [2014/01/31 15:38:04 | 000,344,064 | ---- | M] (Advanced Micro Devices, Inc.) [Auto | Running] -- C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe -- (AMD FUEL Service)
    SRV:64bit: - [2014/01/31 14:05:12 | 000,240,128 | ---- | M] (AMD) [Auto | Running] -- C:\Windows\SysNative\atiesrxx.exe -- (AMD External Events Utility)
    SRV:64bit: - [2013/09/01 22:04:35 | 002,252,504 | ---- | M] (Broadcom Corporation.) [Auto | Running] -- C:\Windows\SysNative\BtwRSupportService.exe -- (BcmBtRSupport)
    SRV:64bit: - [2013/05/26 23:50:47 | 001,011,712 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
    SRV:64bit: - [2012/04/01 12:21:52 | 000,957,216 | ---- | M] (Broadcom Corporation.) [Auto | Running] -- C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe -- (btwdins)
    SRV:64bit: - [2011/04/19 16:31:16 | 000,181,760 | ---- | M] () [Auto | Running] -- C:\Program Files\Belkin\Belkin USB Print and Storage Center\BkBackupScheduler.exe -- (Belkin Local Backup Service)
    SRV:64bit: - [2010/02/09 15:55:52 | 000,055,296 | ---- | M] () [Auto | Running] -- C:\Program Files\Belkin\Belkin USB Print and Storage Center\Bkapcs.exe -- (Belkin Network USB Helper)
    SRV - [2014/03/03 16:21:34 | 000,257,928 | ---- | M] (Adobe Systems Incorporated) [Disabled | Stopped] -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)
    SRV - [2014/02/25 15:57:46 | 000,568,512 | ---- | M] (Valve Corporation) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Steam\SteamService.exe -- (Steam Client Service)
    SRV - [2013/12/21 00:04:16 | 000,065,432 | ---- | M] (Adobe Systems Incorporated) [Auto | Running] -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe -- (AdobeARMservice)
    SRV - [2013/11/11 15:13:10 | 000,076,888 | ---- | M] () [Auto | Running] -- C:\Windows\SysWOW64\PnkBstrA.exe -- (PnkBstrA)
    SRV - [2013/10/08 06:05:13 | 000,264,360 | R--- | M] (Symantec Corporation) [Auto | Running] -- C:\Program Files (x86)\Norton 360\Engine\21.1.0.18\N360.exe -- (N360)
    SRV - [2013/09/11 21:21:54 | 000,105,144 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32)
    SRV - [2013/05/31 16:10:15 | 000,049,152 | ---- | M] () [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\BattlEye\BEService.exe -- (BEService)
    SRV - [2013/04/24 13:45:30 | 000,546,816 | ---- | M] (M-Audio) [Auto | Running] -- C:\Program Files (x86)\M-Audio\M-Track\AudioDevMon.exe -- (MTrackAudioDevMon)
    SRV - [2013/04/04 14:50:32 | 000,701,512 | ---- | M] (Malwarebytes Corporation) [Auto | Stopped] -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe -- (MBAMService)
    SRV - [2013/04/04 14:50:32 | 000,418,376 | ---- | M] (Malwarebytes Corporation) [Auto | Running] -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe -- (MBAMScheduler)
    SRV - [2012/12/10 17:01:54 | 003,569,512 | ---- | M] (Sendori) [Disabled | Stopped] -- C:\Program Files (x86)\Sendori\sndappv2.exe -- (sndappv2)
    SRV - [2012/12/10 17:01:54 | 000,118,632 | ---- | M] (Sendori, Inc.) [Disabled | Stopped] -- C:\Program Files (x86)\Sendori\SendoriSvc.exe -- (Application Sendori)
    SRV - [2012/12/10 17:01:54 | 000,014,696 | ---- | M] (sendori) [Disabled | Stopped] -- C:\Program Files (x86)\Sendori\Sendori.Service.exe -- (Service Sendori)
    SRV - [2012/06/13 01:41:06 | 001,457,152 | R--- | M] (ASUSTeK Computer Inc.) [Auto | Start_Pending] -- C:\Program Files (x86)\ASUS\AsusFanControlService\1.01.14\AsusFanControlService.exe -- (AsusFanControlService)
    SRV - [2012/06/01 03:42:18 | 000,951,936 | R--- | M] (ASUSTeK Computer Inc.) [Auto | Running] -- C:\Program Files (x86)\ASUS\AAHM\1.00.20\aaHMSvc.exe -- (asHmComSvc)
    SRV - [2012/06/01 03:42:18 | 000,920,736 | ---- | M] () [Auto | Running] -- C:\Program Files (x86)\ASUS\AXSP\1.00.19\atkexComSvc.exe -- (asComSvc)
    SRV - [2012/02/17 00:26:00 | 000,149,120 | R--- | M] (ASUSTeK Computer Inc.) [Auto | Running] -- C:\Program Files (x86)\ASUS\AsSysCtrlService\1.00.13\AsSysCtrlService.exe -- (AsSysCtrlService)
    SRV - [2011/11/07 11:49:23 | 000,126,392 | R--- | M] (Symantec Corporation) [Auto | Running] -- C:\Program Files (x86)\Norton PC Checkup\Engine\2.0.15.96\ccSvcHst.exe -- (PCCUJobMgr)
    SRV - [2011/11/07 11:44:48 | 000,123,320 | R--- | M] (Symantec Corporation) [Disabled | Stopped] -- C:\Program Files (x86)\Norton PC Checkup\Engine\2.0.15.96\SymcPCCULaunchSvc.exe -- (Norton PC Checkup Application Launcher)
    SRV - [2011/10/01 01:30:22 | 000,219,496 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe -- (sftvsa)
    SRV - [2011/10/01 01:30:18 | 000,508,776 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe -- (sftlist)
    SRV - [2011/09/14 22:06:38 | 000,169,624 | ---- | M] (Adobe Systems Incorporated) [Disabled | Stopped] -- C:\Program Files (x86)\Adobe\Elements 10 Organizer\PhotoshopElementsFileAgent.exe -- (AdobeActiveFileMonitor10.0)
    SRV - [2010/02/19 13:37:14 | 000,517,096 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe -- (SwitchBoard)
    SRV - [2010/02/18 14:01:06 | 000,462,632 | ---- | M] (Nero AG) [Disabled | Stopped] -- C:\Program Files (x86)\Nero\Update\NASvc.exe -- (NAUpdate)
    SRV - [2009/06/10 15:23:09 | 000,066,384 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32)
    SRV - [2003/01/24 17:34:24 | 000,001,856 | ---- | M] () [Unknown (-1) | Unknown] -- C:\Windows\SysWOW64\drivers\papyjoy.sys -- (papyjoy)
    SRV - [2003/01/24 17:34:22 | 000,001,984 | ---- | M] () [Unknown (-1) | Unknown] -- C:\Windows\SysWOW64\drivers\papycpu2.sys -- (papycpu2)


    ========== Driver Services (SafeList) ==========

    DRV:64bit: - [2014/02/05 17:13:12 | 000,058,256 | ---- | M] (Quiknowledge) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\qknfd.sys -- (qknfd)
    DRV:64bit: - [2014/01/31 14:57:20 | 013,929,472 | ---- | M] (Advanced Micro Devices, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\atikmdag.sys -- (amdkmdag)
    DRV:64bit: - [2014/01/31 13:28:50 | 000,636,928 | ---- | M] (Advanced Micro Devices, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\atikmpag.sys -- (amdkmdap)
    DRV:64bit: - [2014/01/25 14:06:19 | 000,039,168 | ---- | M] (Scarlet.Crush Productions) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\ScpVBus.sys -- (ScpVBus)
    DRV:64bit: - [2014/01/22 21:21:06 | 000,206,080 | ---- | M] (DEVGURU Co., LTD.(www.devguru.co.kr)) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ssudmdm.sys -- (ssudmdm)
    DRV:64bit: - [2014/01/22 21:21:06 | 000,108,800 | ---- | M] (DEVGURU Co., LTD.(www.devguru.co.kr)) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ssudbus.sys -- (dg_ssudbus)
    DRV:64bit: - [2014/01/07 22:35:31 | 000,564,824 | ---- | M] (Duplex Secure Ltd.) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\sptd.sys -- (sptd)
    DRV:64bit: - [2013/12/19 10:45:50 | 000,094,720 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\AtihdW76.sys -- (AtiHDAudioService)
    DRV:64bit: - [2013/11/15 00:37:16 | 000,039,080 | ---- | M] (Razer Inc) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\rzendpt.sys -- (rzendpt)
    DRV:64bit: - [2013/11/15 00:37:14 | 000,149,160 | ---- | M] (Razer Inc) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\rzudd.sys -- (rzudd)
    DRV:64bit: - [2013/11/04 09:50:54 | 000,059,648 | ---- | M] (Advanced Micro Devices) [Kernel | Auto | Stopped] -- C:\Program Files\ATI Technologies\ATI.ACE\Fuel\amd64\aoddriver2.sys -- (AODDriver4.3)
    DRV:64bit: - [2013/11/04 09:50:54 | 000,059,648 | ---- | M] (Advanced Micro Devices) [Kernel | Auto | Running] -- C:\Program Files\ATI Technologies\ATI.ACE\Fuel\amd64\aoddriver2.sys -- (AODDriver4.2.0)
    DRV:64bit: - [2013/10/30 17:28:08 | 000,177,752 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\SYMEVENT64x86.SYS -- (SymEvent)
    DRV:64bit: - [2013/10/01 20:22:20 | 000,056,832 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbFlt.sys -- (TsUsbFlt)
    DRV:64bit: - [2013/09/26 21:18:30 | 001,147,480 | R--- | M] (Symantec Corporation) [File_System | Boot | Running] -- C:\Windows\SysNative\drivers\N360x64\1501000.012\SymEFA64.sys -- (SymEFA)
    DRV:64bit: - [2013/09/26 20:45:56 | 000,264,280 | R--- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\N360x64\1501000.012\Ironx64.sys -- (SymIRON)
    DRV:64bit: - [2013/09/26 20:26:03 | 000,858,200 | R--- | M] (Symantec Corporation) [File_System | System | Running] -- C:\Windows\SysNative\drivers\N360x64\1501000.012\srtsp64.sys -- (SRTSP)
    DRV:64bit: - [2013/09/26 15:08:22 | 000,883,928 | ---- | M] (Realtek ) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Rt64win7.sys -- (RTL8167)
    DRV:64bit: - [2013/09/25 21:28:00 | 000,590,936 | R--- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\N360x64\1501000.012\symnets.sys -- (SymNetS)
    DRV:64bit: - [2013/09/25 20:50:25 | 000,162,392 | R--- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\N360x64\1501000.012\ccSetx64.sys -- (ccSet_N360)
    DRV:64bit: - [2013/09/12 20:01:24 | 000,082,240 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amd_sata.sys -- (amd_sata)
    DRV:64bit: - [2013/09/12 20:01:24 | 000,042,304 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amd_xata.sys -- (amd_xata)
    DRV:64bit: - [2013/09/12 19:59:26 | 000,036,096 | ---- | M] (Advanced Micro Devices, Inc.) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdkmpfd.sys -- (amdkmpfd)
    DRV:64bit: - [2013/09/09 20:47:43 | 000,078,936 | R--- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\SymIMV.sys -- (SymIM)
    DRV:64bit: - [2013/09/09 20:47:26 | 000,493,656 | R--- | M] (Symantec Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\N360x64\1501000.012\SymDS64.sys -- (SymDS)
    DRV:64bit: - [2013/09/09 19:49:49 | 000,036,952 | R--- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\N360x64\1501000.012\srtspx64.sys -- (SRTSPX)
    DRV:64bit: - [2013/09/01 22:04:35 | 000,170,712 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bcbtums.sys -- (bcbtums)
    DRV:64bit: - [2013/09/01 22:04:35 | 000,166,104 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\btwampfl.sys -- (btwampfl)
    DRV:64bit: - [2013/07/04 17:43:36 | 000,192,072 | ---- | M] (Hauppauge, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcwhdpvr.sys -- (hcwhdpvr)
    DRV:64bit: - [2013/06/05 18:24:22 | 000,418,632 | ---- | M] (ASMedia Technology Inc) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\asmtxhci.sys -- (asmtxhci)
    DRV:64bit: - [2013/06/05 18:24:05 | 000,139,592 | ---- | M] (ASMedia Technology Inc) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\asmthub3.sys -- (asmthub3)
    DRV:64bit: - [2013/06/05 18:20:29 | 000,021,160 | ---- | M] (Advanced Micro Devices, Inc.) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\amdkmafd.sys -- (amdkmafd)
    DRV:64bit: - [2013/06/05 18:15:39 | 000,047,512 | ---- | M] (Asmedia Technology) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\asahci64.sys -- (asahci64)
    DRV:64bit: - [2013/06/05 18:14:39 | 000,014,720 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\gmhidlow.sys -- (gmhidlow)
    DRV:64bit: - [2013/04/24 10:31:04 | 000,471,040 | ---- | M] (M-Audio) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\MAudioMTrack.sys -- (MTRACK)
    DRV:64bit: - [2013/04/04 14:50:32 | 000,025,928 | ---- | M] (Malwarebytes Corporation) [File_System | On_Demand | Running] -- C:\Windows\SysNative\drivers\mbam.sys -- (MBAMProtector)
    DRV:64bit: - [2013/02/13 12:12:06 | 000,085,864 | ---- | M] (FTDI Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ftser2k.sys -- (FTSER2K)
    DRV:64bit: - [2013/02/13 12:12:06 | 000,076,648 | ---- | M] (FTDI Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ftdibus.sys -- (FTDIBUS)
    DRV:64bit: - [2013/01/03 02:17:38 | 000,079,240 | ---- | M] (Logitech, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\LEqdUsb.sys -- (LEqdUsb)
    DRV:64bit: - [2013/01/03 02:17:38 | 000,077,192 | ---- | M] (Logitech, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\LHidFilt.Sys -- (LHidFilt)
    DRV:64bit: - [2013/01/03 02:17:38 | 000,061,832 | ---- | M] (Logitech, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\LMouFilt.Sys -- (LMouFilt)
    DRV:64bit: - [2013/01/03 02:17:38 | 000,015,752 | ---- | M] (Logitech, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\LHidEqd.sys -- (LHidEqd)
    DRV:64bit: - [2012/12/13 13:50:36 | 000,054,784 | ---- | M] (Apple, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\usbaapl64.sys -- (USBAAPL64)
    DRV:64bit: - [2012/10/15 12:03:22 | 000,055,104 | ---- | M] (Ploytec GmbH) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\akaiacv1m.sys -- (AKAI_ACV1_MIDI)
    DRV:64bit: - [2012/08/23 08:10:20 | 000,019,456 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\rdpvideominiport.sys -- (RdpVideoMiniport)
    DRV:64bit: - [2012/08/21 13:01:20 | 000,033,240 | ---- | M] (GEAR Software Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\GEARAspiWDM.sys -- (GEARAspiWDM)
    DRV:64bit: - [2012/08/07 01:39:34 | 000,210,984 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\btwavdt.sys -- (btwavdt)
    DRV:64bit: - [2012/08/07 01:39:34 | 000,184,872 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\btwaudio.sys -- (btwaudio)
    DRV:64bit: - [2012/08/07 01:39:34 | 000,039,976 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\btwl2cap.sys -- (btwl2cap)
    DRV:64bit: - [2012/08/07 01:39:34 | 000,021,544 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\btwrchid.sys -- (btwrchid)
    DRV:64bit: - [2012/05/30 21:06:14 | 000,032,400 | R--- | M] (NT Kernel Resources) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\ndisrd.sys -- (ndisrd)
    DRV:64bit: - [2012/05/12 12:31:00 | 000,121,416 | ---- | M] (MotioninJoy) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\MijXfilt.sys -- (MotioninJoyXFilter)
    DRV:64bit: - [2012/03/26 14:50:12 | 000,022,528 | ---- | M] (Apple Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\netaapl64.sys -- (Netaapl)
    DRV:64bit: - [2012/03/01 00:46:16 | 000,023,408 | ---- | M] (Microsoft Corporation) [Recognizer | Boot | Unknown] -- C:\Windows\SysNative\drivers\fs_rec.sys -- (Fs_Rec)
    DRV:64bit: - [2011/11/03 03:01:00 | 000,056,208 | ---- | M] (Rovi Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\PxHlpa64.sys -- (PxHlpa64)
    DRV:64bit: - [2011/10/01 01:30:22 | 000,022,376 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Sftvolwin7.sys -- (Sftvol)
    DRV:64bit: - [2011/10/01 01:30:18 | 000,268,648 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Sftplaywin7.sys -- (Sftplay)
    DRV:64bit: - [2011/10/01 01:30:18 | 000,025,960 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Running] -- C:\Windows\SysNative\drivers\Sftredirwin7.sys -- (Sftredir)
    DRV:64bit: - [2011/10/01 01:30:16 | 000,765,288 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Sftfswin7.sys -- (Sftfs)
    DRV:64bit: - [2011/09/14 22:33:32 | 000,141,896 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\ASUSumsc.sys -- (ASUSumsc)
    DRV:64bit: - [2011/09/14 22:33:32 | 000,024,648 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\ASUSstpt.sys -- (ASUSstpt)
    DRV:64bit: - [2011/08/08 12:13:12 | 000,198,480 | ---- | M] (SysProgs.org) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\BazisVirtualCDBus.sys -- (BazisVirtualCDBus)
    DRV:64bit: - [2010/11/29 04:50:38 | 000,044,672 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\usbfilter.sys -- (usbfilter)
    DRV:64bit: - [2010/11/20 07:33:35 | 000,078,720 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD)
    DRV:64bit: - [2010/07/21 11:57:22 | 001,002,848 | ---- | M] (Ralink Technology, Corp.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\netr28x.sys -- (netr28x)
    DRV:64bit: - [2010/02/18 09:18:24 | 000,046,136 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\amdiox64.sys -- (amdiox64)
    DRV:64bit: - [2010/02/05 14:34:06 | 000,028,728 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata)
    DRV:64bit: - [2010/02/05 14:34:04 | 000,070,712 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata)
    DRV:64bit: - [2009/08/13 22:10:18 | 000,073,984 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\xusb21.sys -- (xusb21)
    DRV:64bit: - [2009/07/13 19:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs)
    DRV:64bit: - [2009/07/13 19:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2)
    DRV:64bit: - [2009/07/13 19:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor)
    DRV:64bit: - [2009/06/22 16:50:00 | 000,291,352 | ---- | M] (silex technology, Inc.) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\sxuptp.sys -- (sxuptp)
    DRV:64bit: - [2009/06/10 14:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv)
    DRV:64bit: - [2009/06/10 14:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv)
    DRV:64bit: - [2009/06/10 14:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a)
    DRV:64bit: - [2009/06/10 14:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir)
    DRV:64bit: - [2009/02/24 18:35:44 | 000,255,552 | ---- | M] (MagicISO, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\mcdbus.sys -- (mcdbus)
    DRV - [2014/03/05 20:17:19 | 000,524,504 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Program Files (x86)\Norton 360\NortonData\21.1.0.18\Definitions\IPSDefs\20140321.001\IDSviA64.sys -- (IDSVia64)
    DRV - [2014/01/21 19:28:07 | 002,099,288 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\Program Files (x86)\Norton 360\NortonData\21.1.0.18\Definitions\VirusDefs\20140321.023\ex64.sys -- (NAVEX15)
    DRV - [2014/01/21 19:28:07 | 000,126,040 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\Program Files (x86)\Norton 360\NortonData\21.1.0.18\Definitions\VirusDefs\20140321.023\eng64.sys -- (NAVENG)
    DRV - [2013/12/17 18:32:10 | 001,526,488 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Program Files (x86)\Norton 360\NortonData\21.1.0.18\Definitions\BASHDefs\20140214.001\BHDrvx64.sys -- (BHDrvx64)
    DRV - [2013/11/22 02:00:17 | 000,484,952 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\eeCtrl64.sys -- (eeCtrl)
    DRV - [2013/11/22 02:00:17 | 000,137,648 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys -- (EraserUtilRebootDrv)
    DRV - [2010/10/22 10:37:36 | 000,014,136 | ---- | M] (MSI) [Kernel | On_Demand | Stopped] -- C:\Program Files (x86)\MSI\Live Update 5\NTIOLib_X64.sys -- (NTIOLib_1_0_4)
    DRV - [2009/07/13 19:19:10 | 000,019,008 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\wimmount.sys -- (WIMMount)
    DRV - [2009/02/24 18:35:44 | 000,255,552 | ---- | M] (MagicISO, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysWOW64\drivers\mcdbus.sys -- (mcdbus)
    DRV - [2003/01/24 17:34:24 | 000,001,856 | ---- | M] () [Unknown (-1) | Unknown (-1) | Stopped] -- C:\Windows\SysWOW64\drivers\papyjoy.sys -- (papyjoy)
    DRV - [2003/01/24 17:34:22 | 000,001,984 | ---- | M] () [Unknown (-1) | Unknown (-1) | Stopped] -- C:\Windows\SysWOW64\drivers\papycpu2.sys -- (papycpu2)


    ========== Standard Registry (SafeList) ==========


    ========== Internet Explorer ==========

    IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com
    IE:64bit: - HKLM\..\SearchScopes,DefaultScope = {6A1806CD-94D4-4689-BA73-E35EA1EA9990}
    IE:64bit: - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
    IE:64bit: - HKLM\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = http://www.google.com/search?q={sea...putEncoding}&oe={outputEncoding}&sourceid=ie7
    IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
    IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com
    IE - HKLM\..\SearchScopes,DefaultScope =
    IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
    IE - HKLM\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = http://www.google.com/search?q={sea...putEncoding}&oe={outputEncoding}&sourceid=ie7


    IE - HKU\.DEFAULT\..\SearchScopes,DefaultScope =
    IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

    IE - HKU\S-1-5-18\..\SearchScopes,DefaultScope =
    IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

    IE - HKU\S-1-5-19\..\SearchScopes,DefaultScope =

    IE - HKU\S-1-5-20\..\SearchScopes,DefaultScope =

    IE - HKU\S-1-5-21-3318628717-2039210978-2398495989-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com/
    IE - HKU\S-1-5-21-3318628717-2039210978-2398495989-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = http://www.msn.com/
    IE - HKU\S-1-5-21-3318628717-2039210978-2398495989-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = en-US
    IE - HKU\S-1-5-21-3318628717-2039210978-2398495989-1000\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
    IE - HKU\S-1-5-21-3318628717-2039210978-2398495989-1000\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE11SR
    IE - HKU\S-1-5-21-3318628717-2039210978-2398495989-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0


    ========== FireFox ==========

    FF:64bit: - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF64_11_6_602_171.dll File not found
    FF:64bit: - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.7.2: C:\Windows\system32\npDeployJava1.dll File not found
    FF:64bit: - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.7.2: C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
    FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
    FF:64bit: - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files\Microsoft Silverlight\5.1.30214.0\npctrl.dll ( Microsoft Corporation)
    FF:64bit: - HKLM\Software\MozillaPlugins\adobe.com/AdobeAAMDetect: C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect64.dll (Adobe Systems)
    FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_6_602_171.dll ()
    FF - HKLM\Software\MozillaPlugins\@adobe.com/ShockwavePlayer: C:\Windows\SysWOW64\Adobe\Director\np32dsw_1205146.dll (Adobe Systems, Inc.)
    FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=: File not found
    FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
    FF - HKLM\Software\MozillaPlugins\@esn.me/esnsonar,version=0.70.4: C:\Program Files (x86)\Battlelog Web Plugins\Sonar\0.70.4\npesnsonar.dll (ESN Social Software AB)
    FF - HKLM\Software\MozillaPlugins\@esn/esnlaunch,version=2.1.2: C:\Program Files (x86)\Battlelog Web Plugins\2.1.2\npesnlaunch.dll File not found
    FF - HKLM\Software\MozillaPlugins\@esn/esnlaunch,version=2.1.4: C:\Program Files (x86)\Battlelog Web Plugins\2.1.4\npesnlaunch.dll File not found
    FF - HKLM\Software\MozillaPlugins\@esn/npbattlelog,version=2.3.1: C:\Program Files (x86)\Battlelog Web Plugins\2.3.1\npbattlelog.dll (EA Digital Illusions CE AB)
    FF - HKLM\Software\MozillaPlugins\@esn/npbattlelog,version=2.3.2: C:\Program Files (x86)\Battlelog Web Plugins\2.3.2\npbattlelog.dll (EA Digital Illusions CE AB)
    FF - HKLM\Software\MozillaPlugins\@Google.com/GoogleEarthPlugin: C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google)
    FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.51.2: C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
    FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.51.2: C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
    FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
    FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files (x86)\Microsoft Silverlight\5.1.30214.0\npctrl.dll ( Microsoft Corporation)
    FF - HKLM\Software\MozillaPlugins\@microsoft.com/SharePoint,version=14.0: C:\PROGRA~2\MICROS~2\Office14\NPSPWRAP.DLL (Microsoft Corporation)
    FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files (x86)\Google\Update\1.3.22.5\npGoogleUpdate3.dll (Google Inc.)
    FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files (x86)\Google\Update\1.3.22.5\npGoogleUpdate3.dll (Google Inc.)
    FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
    FF - HKLM\Software\MozillaPlugins\adobe.com/AdobeAAMDetect: C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect32.dll (Adobe Systems)

    FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{2D3F3651-74B9-4795-BDEC-6DA2F431CB62}: C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_21.1.0.18\coFFPlgn\ [2014/03/24 12:52:15 | 000,000,000 | ---D | M]
    FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{BBDA0591-3099-440a-AA10-41764D9DB4DB}: C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_21.1.0.18\IPSFF [2013/10/30 17:30:10 | 000,000,000 | ---D | M]
    FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\speedtest137@SpeedAnalysis: C:\Users\B Fizzle\AppData\Roaming\Mozilla\Extensions\speedtest137@SpeedAnalysis [2013/12/21 21:27:39 | 000,000,000 | ---D | M]
    FF - HKEY_CURRENT_USER\software\mozilla\Firefox\Extensions\\speedtest137@SpeedAnalysis: C:\Users\B Fizzle\AppData\Roaming\Mozilla\Extensions\speedtest137@SpeedAnalysis [2013/12/21 21:27:39 | 000,000,000 | ---D | M]

    [2013/12/21 21:27:39 | 000,000,000 | ---D | M] (No name found) -- C:\Users\B Fizzle\AppData\Roaming\Mozilla\Extensions
    [2013/12/21 21:27:39 | 000,000,000 | ---D | M] (Speed Test 137) -- C:\Users\B Fizzle\AppData\Roaming\Mozilla\Extensions\speedtest137@SpeedAnalysis
    [2013/12/22 12:51:31 | 000,000,000 | ---D | M] (No name found) -- C:\Users\B Fizzle\AppData\Roaming\Mozilla\Firefox\extensions
    [2012/06/30 13:53:34 | 000,000,000 | ---D | M] (BitTorrentBar Community Toolbar) -- C:\Users\B Fizzle\AppData\Roaming\Mozilla\Firefox\extensions\{88c7f2aa-f93f-432c-8f0e-b7d85967a527}

    ========== Chrome ==========

    CHR - default_search_provider: Google (Enabled)
    CHR - default_search_provider: search_url = {google:baseURL}search?q={searchTerms}&{google:RLZ}{google:eek:riginalQueryForSuggestion}{google:assistedQueryStats}{google:searchFieldtrialParameter}{google:bookmarkBarPinned}{google:searchClient}{google:sourceId}{google:instantExtendedEnabledParameter}{google:eek:mniboxStartMarginParameter}ie={inputEncoding}
    CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client={google:suggestClient}&q={searchTerms}&{google:cursorPosition}{google:zeroPrefixUrl}{google:pageClassification}sugkey={google:suggestAPIKeyParameter},
    CHR - homepage: http://www.google.com/
    CHR - plugin: Shockwave Flash (Enabled) = C:\Program Files (x86)\Google\Chrome\Application\31.0.1650.63\PepperFlash\pepflashplayer.dll
    CHR - plugin: Shockwave Flash (Enabled) = C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_4_402_287.dll
    CHR - plugin: Chrome Remote Desktop Viewer (Enabled) = internal-remoting-viewer
    CHR - plugin: Native Client (Enabled) = C:\Program Files (x86)\Google\Chrome\Application\31.0.1650.63\ppGoogleNaClPluginChrome.dll
    CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Program Files (x86)\Google\Chrome\Application\31.0.1650.63\pdf.dll
    CHR - plugin: Norton Confidential (Enabled) = C:\Users\B Fizzle\AppData\Local\Google\Chrome\User Data\Default\Extensions\mkfokfffehpeedafpekjeddnmnjhmcmk\2012.5.6.10_0\npcoplgn.dll
    CHR - plugin: registryAccess (Enabled) = C:\Users\B Fizzle\AppData\Local\Google\Chrome\User Data\Default\Extensions\aaaaaaooaijelonlmbcbjkocdnicdfmo\7.15.4.0_0\background/registryAccess.dll
    CHR - plugin: Adobe Acrobat (Enabled) = C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Browser\nppdf32.dll
    CHR - plugin: QuickTime Plug-in 7.7.2 (Enabled) = C:\Program Files (x86)\QuickTime\plugins\npqtplugin.dll
    CHR - plugin: QuickTime Plug-in 7.7.2 (Enabled) = C:\Program Files (x86)\QuickTime\plugins\npqtplugin2.dll
    CHR - plugin: QuickTime Plug-in 7.7.2 (Enabled) = C:\Program Files (x86)\QuickTime\plugins\npqtplugin3.dll
    CHR - plugin: QuickTime Plug-in 7.7.2 (Enabled) = C:\Program Files (x86)\QuickTime\plugins\npqtplugin4.dll
    CHR - plugin: QuickTime Plug-in 7.7.2 (Enabled) = C:\Program Files (x86)\QuickTime\plugins\npqtplugin5.dll
    CHR - plugin: QuickTime Plug-in 7.7.2 (Enabled) = C:\Program Files (x86)\QuickTime\plugins\npqtplugin6.dll
    CHR - plugin: QuickTime Plug-in 7.7.2 (Enabled) = C:\Program Files (x86)\QuickTime\plugins\npqtplugin7.dll
    CHR - plugin: Microsoft Office 2010 (Enabled) = C:\PROGRA~2\MICROS~2\Office14\NPSPWRAP.DLL
    CHR - plugin: ESN Launch Mozilla Plugin (Enabled) = C:\Program Files (x86)\Battlelog Web Plugins\1.122.0\npesnlaunch.dll
    CHR - plugin: ESN Sonar API (Enabled) = C:\Program Files (x86)\Battlelog Web Plugins\Sonar\0.70.4\npesnsonar.dll
    CHR - plugin: Google Earth Plugin (Enabled) = C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll
    CHR - plugin: Google Update (Enabled) = C:\Program Files (x86)\Google\Update\1.3.21.123\npGoogleUpdate3.dll
    CHR - plugin: iTunes Application Detector (Enabled) = C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll
    CHR - plugin: Silverlight Plug-In (Enabled) = c:\Program Files (x86)\Microsoft Silverlight\5.1.10411.0\npctrl.dll
    CHR - Extension: Norton Identity Protection = C:\Users\B Fizzle\AppData\Local\Google\Chrome\User Data\Default\Extensions\mkfokfffehpeedafpekjeddnmnjhmcmk\2014.6.4.11_0\
    CHR - Extension: Google Wallet = C:\Users\B Fizzle\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.6.1_0\

    O1 HOSTS File: ([2014/03/08 01:53:03 | 000,001,354 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts
    O1 - Hosts: 127.0.0.1 activate.adobe.com
    O1 - Hosts: 127.0.0.1 practivate.adobe.com
    O1 - Hosts: 127.0.0.1 ereg.adobe.com
    O1 - Hosts: 127.0.0.1 activate.wip3.adobe.com
    O1 - Hosts: 127.0.0.1 wip3.adobe.com
    O1 - Hosts: 127.0.0.1 3dns-3.adobe.com
    O1 - Hosts: 127.0.0.1 3dns-2.adobe.com
    O1 - Hosts: 127.0.0.1 adobe-dns.adobe.com
    O1 - Hosts: 127.0.0.1 adobe-dns-2.adobe.com
    O1 - Hosts: 127.0.0.1 adobe-dns-3.adobe.com
    O1 - Hosts: 127.0.0.1 ereg.wip3.adobe.com
    O1 - Hosts: 127.0.0.1 activate-sea.adobe.com
    O1 - Hosts: 127.0.0.1 wwis-dubc1-vip60.adobe.com
    O1 - Hosts: 127.0.0.1 activate-sjc0.adobe.com
    O1 - Hosts: 54.225.95.126 ajakpekbmnkgnjbpajgkdhimcbeoocam
    O2 - BHO: (Norton Identity Protection) - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - C:\Program Files (x86)\Norton 360\Engine\21.1.0.18\coieplg.dll (Symantec Corporation)
    O2 - BHO: (Norton Vulnerability Protection) - {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\Program Files (x86)\Norton 360\Engine\21.1.0.18\IPS\ipsbho.dll (Symantec Corporation)
    O3:64bit: - HKLM\..\Toolbar: (Google Toolbar) - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
    O3:64bit: - HKLM\..\Toolbar: (Norton Toolbar) - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton 360\Engine64\21.1.0.18\CoIEPlg.dll (Symantec Corporation)
    O3:64bit: - HKLM\..\Toolbar: (no name) - 10 - No CLSID value found.
    O3 - HKLM\..\Toolbar: (Norton Toolbar) - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton 360\Engine\21.1.0.18\coieplg.dll (Symantec Corporation)
    O3 - HKLM\..\Toolbar: (no name) - 10 - No CLSID value found.
    O3:64bit: - HKU\S-1-5-21-3318628717-2039210978-2398495989-1000\..\Toolbar\WebBrowser: (Google Toolbar) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
    O4:64bit: - HKLM..\Run: [AdobeAAMUpdater-1.0] C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe (Adobe Systems Incorporated)
    O4:64bit: - HKLM..\Run: [Logitech Download Assistant] C:\Windows\SysNative\LogiLDA.dll (Logitech, Inc.)
    O4:64bit: - HKLM..\Run: [RTHDVCPL] C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe (Realtek Semiconductor)
    O4 - HKLM..\Run: [] File not found
    O4 - HKLM..\Run: [ASUS AiChargerPlus Execute] C:\Program Files (x86)\InstallShield Installation Information\{E6931688-DA2B-4E16-8539-3D323D69C677}\AiChargerPlus.exe (ASUSTek Computer Inc.)
    O4 - HKLM..\Run: [M-Audio Panel Launcher] C:\Program Files (x86)\M-Audio\M-Track\MAPanel.exe (M-Audio)
    O4 - HKLM..\Run: [Razer Synapse] C:\Program Files (x86)\Razer\Synapse\RzSynapse.exe (Razer Inc.)
    O4 - HKLM..\Run: [Sendori Tray] C:\Program Files (x86)\Sendori\SendoriTray.exe (Sendori, Inc.)
    O4 - HKLM..\Run: [StartCCC] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\amd64\CLIStart.exe (Advanced Micro Devices, Inc.)
    O4 - HKLM..\Run: [SwitchBoard] C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe (Adobe Systems Incorporated)
    O4 - HKU\S-1-5-19..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation)
    O4 - HKU\S-1-5-20..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation)
    O4 - HKU\S-1-5-21-3318628717-2039210978-2398495989-1000..\Run: [CAHeadless] C:\Program Files (x86)\Adobe\Elements 10 Organizer\CAHeadless\ElementsAutoAnalyzer.exe (Adobe Systems Incorporated)
    O4 - HKU\S-1-5-21-3318628717-2039210978-2398495989-1000..\Run: [HydraVisionDesktopManager] C:\Program Files (x86)\ATI Technologies\HydraVision\HydraDM.exe (AMD)
    O4 - HKU\S-1-5-19..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found
    O4 - HKU\S-1-5-20..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found
    O4 - HKU\S-1-5-21-3318628717-2039210978-2398495989-1000..\RunOnce: [FlashPlayerUpdate] C:\Windows\system32\Macromed\Flash\FlashUtil64_12_0_0_70_ActiveX.exe -update activex File not found
    O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
    O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
    O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
    O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
    O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: PromptOnSecureDesktop = 0
    O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLinkedConnections = 1
    O9 - Extra 'Tools' menuitem : Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - Reg Error: Key error. File not found
    O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000008 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
    O10 - NameSpace_Catalog5\Catalog_Entries\000000000008 [] - C:\Program Files (x86)\Bonjour\mdnsNSP.dll (Apple Inc.)
    O10 - Protocol_Catalog9\Catalog_Entries\000000000001 - C:\Windows\SysWow64\Sendori.dll (Sendori)
    O10 - Protocol_Catalog9\Catalog_Entries\000000000002 - C:\Windows\SysWow64\Sendori.dll (Sendori)
    O10 - Protocol_Catalog9\Catalog_Entries\000000000003 - C:\Windows\SysWow64\Sendori.dll (Sendori)
    O10 - Protocol_Catalog9\Catalog_Entries\000000000004 - C:\Windows\SysWow64\Sendori.dll (Sendori)
    O10 - Protocol_Catalog9\Catalog_Entries\000000000016 - C:\Windows\SysWow64\Sendori.dll (Sendori)
    O1364bit: - gopher Prefix: missing
    O13 - gopher Prefix: missing
    O15 - HKU\.DEFAULT\..Trusted Domains: clonewarsadventures.com ([]* in Trusted sites)
    O15 - HKU\.DEFAULT\..Trusted Domains: freerealms.com ([]* in Trusted sites)
    O15 - HKU\.DEFAULT\..Trusted Domains: soe.com ([]* in Trusted sites)
    O15 - HKU\.DEFAULT\..Trusted Domains: sony.com ([]* in Trusted sites)
    O15 - HKU\S-1-5-18\..Trusted Domains: clonewarsadventures.com ([]* in Trusted sites)
    O15 - HKU\S-1-5-18\..Trusted Domains: freerealms.com ([]* in Trusted sites)
    O15 - HKU\S-1-5-18\..Trusted Domains: soe.com ([]* in Trusted sites)
    O15 - HKU\S-1-5-18\..Trusted Domains: sony.com ([]* in Trusted sites)
    O15 - HKU\S-1-5-19\..Trusted Domains: clonewarsadventures.com ([]* in )
    O15 - HKU\S-1-5-19\..Trusted Domains: freerealms.com ([]* in )
    O15 - HKU\S-1-5-19\..Trusted Domains: soe.com ([]* in )
    O15 - HKU\S-1-5-19\..Trusted Domains: sony.com ([]* in )
    O15 - HKU\S-1-5-20\..Trusted Domains: clonewarsadventures.com ([]* in )
    O15 - HKU\S-1-5-20\..Trusted Domains: freerealms.com ([]* in )
    O15 - HKU\S-1-5-20\..Trusted Domains: soe.com ([]* in )
    O15 - HKU\S-1-5-20\..Trusted Domains: sony.com ([]* in )
    O15 - HKU\S-1-5-21-3318628717-2039210978-2398495989-1000\..Trusted Domains: clonewarsadventures.com ([]* in Trusted sites)
    O15 - HKU\S-1-5-21-3318628717-2039210978-2398495989-1000\..Trusted Domains: freerealms.com ([]* in Trusted sites)
    O15 - HKU\S-1-5-21-3318628717-2039210978-2398495989-1000\..Trusted Domains: genieo.com ([search] http in Trusted sites)
    O15 - HKU\S-1-5-21-3318628717-2039210978-2398495989-1000\..Trusted Domains: soe.com ([]* in Trusted sites)
    O15 - HKU\S-1-5-21-3318628717-2039210978-2398495989-1000\..Trusted Domains: sony.com ([]* in Trusted sites)
    O16:64bit: - DPF: {73ECB3AA-4717-450C-A2AB-D00DAD9EE203} http://h20614.www2.hp.com/ediags/gmd/Install/Cab/hpdetect121.cab (Reg Error: Key error.)
    O16:64bit: - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab (Shockwave Flash Object)
    O16 - DPF: {02BCC737-B171-4746-94C9-0D8A0B2C0089} http://office.microsoft.com/_layouts/ClientBin/ieawsdc32.cab (Microsoft Office Template and Media Control)
    O16 - DPF: {0D41B8C5-2599-4893-8183-00195EC8D5F9} https://www.asus.com/support/asusTek_sys_ctrl3.cab (asusTek_sysctrl Class)
    O16 - DPF: {C8BC46C7-921C-4102-B67D-F1F7E65FB0BE} https://battlefield.play4free.com/static/updater/BP4FUpdater_1.0.80.2.cab (Battlefield Play4Free Updater)
    O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 75.75.75.75 75.75.76.76
    O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{2BC2B0F6-EAC6-49A2-9D36-A09A0D27FFEE}: DhcpNameServer = 75.75.75.75 75.75.76.76
    O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{BDB9F3D2-7516-4535-B3E8-2D9AFAE9656E}: DhcpNameServer = 192.168.1.254
    O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{BDB9F3D2-7516-4535-B3E8-2D9AFAE9656E}: NameServer = 192.168.1.254
    O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{C5C30413-21F0-4668-B975-51815C124BF3}: DhcpNameServer = 192.168.1.254
    O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{C5C30413-21F0-4668-B975-51815C124BF3}: NameServer = 192.168.1.254
    O18:64bit: - Protocol\Filter\video/mp4 {20C75730-7C25-476B-95DC-C65810F9E489} - C:\Program Files\AMD\SteadyVideo\VideoMIMEFilter.dll (Advanced Micro Devices)
    O18:64bit: - Protocol\Filter\video/x-flv {20C75730-7C25-476B-95DC-C65810F9E489} - C:\Program Files\AMD\SteadyVideo\VideoMIMEFilter.dll (Advanced Micro Devices)
    O18 - Protocol\Filter\video/mp4 {20C75730-7C25-476B-95DC-C65810F9E489} - C:\Program Files (x86)\AMD\SteadyVideo\VideoMIMEFilter.dll (Advanced Micro Devices)
    O18 - Protocol\Filter\video/x-flv {20C75730-7C25-476B-95DC-C65810F9E489} - C:\Program Files (x86)\AMD\SteadyVideo\VideoMIMEFilter.dll (Advanced Micro Devices)
    O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
    O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
    O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
    O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysWOW64\userinit.exe (Microsoft Corporation)
    O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
    O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
    O32 - HKLM CDRom: AutoRun - 1
    O33 - MountPoints2\{42d7cfdd-2470-11e2-bc60-d48564bbbe89}\Shell - "" = AutoRun
    O33 - MountPoints2\{42d7cfdd-2470-11e2-bc60-d48564bbbe89}\Shell\AutoRun\command - "" = F:\setup.exe
    O33 - MountPoints2\{56741a2c-82fe-11e3-b211-08606e8231e4}\Shell - "" = AutoRun
    O33 - MountPoints2\{56741a2c-82fe-11e3-b211-08606e8231e4}\Shell\AutoRun\command - "" = W:\Autorun.exe
    O33 - MountPoints2\{56741a36-82fe-11e3-b211-08606e8231e4}\Shell - "" = AutoRun
    O33 - MountPoints2\{56741a36-82fe-11e3-b211-08606e8231e4}\Shell\AutoRun\command - "" = W:\Autorun.exe
    O33 - MountPoints2\{56741a37-82fe-11e3-b211-08606e8231e4}\Shell - "" = AutoRun
    O33 - MountPoints2\{56741a37-82fe-11e3-b211-08606e8231e4}\Shell\AutoRun\command - "" = V:\Autorun.exe
    O33 - MountPoints2\{56741b83-82fe-11e3-b211-08606e8231e4}\Shell - "" = AutoRun
    O33 - MountPoints2\{56741b83-82fe-11e3-b211-08606e8231e4}\Shell\AutoRun\command - "" = V:\Autorun.exe
    O33 - MountPoints2\{7740ef55-7453-11e2-b395-806e6f6e6963}\Shell - "" = AutoRun
    O33 - MountPoints2\{7740ef55-7453-11e2-b395-806e6f6e6963}\Shell\AutoRun\command - "" = E:\.\Bin\ASSETUP.exe
    O33 - MountPoints2\{7ad6104d-29d1-11e2-9bd2-d48564bbbe89}\Shell - "" = AutoRun
    O33 - MountPoints2\{7ad6104d-29d1-11e2-9bd2-d48564bbbe89}\Shell\AutoRun\command - "" = L:\LaunchU3.exe -a
    O33 - MountPoints2\{a1e25331-b46b-11e2-b04d-000272238983}\Shell - "" = AutoRun
    O33 - MountPoints2\{a1e25331-b46b-11e2-b04d-000272238983}\Shell\AutoRun\command - "" = F:\LaunchU3.exe -a
    O33 - MountPoints2\{ae4f53c3-781f-11e3-ab51-08606e8231e4}\Shell - "" = AutoRun
    O33 - MountPoints2\{ae4f53c3-781f-11e3-ab51-08606e8231e4}\Shell\AutoRun\command - "" = V:\Install/Setup.exe
    O33 - MountPoints2\{ea78472e-bcbf-11e1-9738-806e6f6e6963}\Shell - "" = AutoRun
    O33 - MountPoints2\{ea78472e-bcbf-11e1-9738-806e6f6e6963}\Shell\AutoRun\command - "" = E:\Setup.exe
    O33 - MountPoints2\V\Shell - "" = AutoRun
    O33 - MountPoints2\V\Shell\AutoRun\command - "" = V:\Autorun.exe
    O34 - HKLM BootExecute: (autocheck autochk *)
    O35:64bit: - HKLM\..comfile [open] -- "%1" %*
    O35:64bit: - HKLM\..exefile [open] -- "%1" %*
    O35 - HKLM\..comfile [open] -- "%1" %*
    O35 - HKLM\..exefile [open] -- "%1" %*
    O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
    O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
    O37 - HKLM\...com [@ = comfile] -- "%1" %*
    O37 - HKLM\...exe [@ = exefile] -- "%1" %*
    O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
    O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
    O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)

    ========== Files/Folders - Created Within 30 Days ==========

    [2014/03/24 13:02:06 | 005,192,353 | ---- | C] (Swearware) -- C:\Users\B Fizzle\Desktop\ComboFix.exe
    [2014/03/24 12:59:21 | 000,602,112 | ---- | C] (OldTimer Tools) -- C:\Users\B Fizzle\Desktop\OTL.exe
    [2014/03/20 14:29:11 | 006,574,592 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mstscax.dll
    [2014/03/20 14:29:11 | 005,694,464 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mstscax.dll
    [2014/03/19 21:30:22 | 000,044,544 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\TsUsbGDCoInstaller.dll
    [2014/03/19 21:30:17 | 000,056,832 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\TsUsbFlt.sys
    [2014/03/19 21:30:17 | 000,013,824 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\TsUsbRedirectionGroupPolicyControl.exe
    [2014/03/19 21:30:17 | 000,012,800 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\TsUsbRedirectionGroupPolicyExtension.dll
    [2014/03/19 21:30:16 | 001,147,392 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mstsc.exe
    [2014/03/19 21:30:16 | 001,068,544 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mstsc.exe
    [2014/03/19 21:30:16 | 000,420,864 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wksprt.exe
    [2014/03/19 21:30:16 | 000,083,968 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\TSWbPrxy.exe
    [2014/03/19 21:30:16 | 000,062,976 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\tsgqec.dll
    [2014/03/19 21:30:16 | 000,056,832 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\MsRdpWebAccess.dll
    [2014/03/19 21:30:16 | 000,053,248 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\tsgqec.dll
    [2014/03/19 21:30:16 | 000,050,176 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\MsRdpWebAccess.dll
    [2014/03/19 21:30:16 | 000,018,944 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wksprtPS.dll
    [2014/03/19 21:30:16 | 000,017,920 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wksprtPS.dll
    [2014/03/19 21:30:15 | 001,057,280 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\rdvidcrl.dll
    [2014/03/19 21:30:15 | 000,855,552 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\rdvidcrl.dll
    [2014/03/19 21:29:34 | 001,030,144 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\TSWorkspace.dll
    [2014/03/19 21:29:34 | 000,792,576 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\TSWorkspace.dll
    [2014/03/12 16:22:39 | 000,000,000 | ---D | C] -- C:\Users\B Fizzle\Documents\Astro-Update-A50-v4142.exe
    [2014/03/12 16:19:33 | 000,000,000 | ---D | C] -- C:\Users\B Fizzle\Documents\Astro-Update-TXD-v4193.exe
    [2014/03/12 06:54:33 | 000,000,000 | ---D | C] -- C:\AdwCleaner
    [2014/03/11 18:20:46 | 000,484,864 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wer.dll
    [2014/03/11 18:20:46 | 000,381,440 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wer.dll
    [2014/03/11 18:20:44 | 000,051,200 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieetwproxystub.dll
    [2014/03/11 18:20:44 | 000,032,768 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\iernonce.dll
    [2014/03/11 18:20:44 | 000,004,096 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieetwcollectorres.dll
    [2014/03/11 18:20:43 | 001,964,032 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\inetcpl.cpl
    [2014/03/11 18:20:43 | 000,553,472 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\jscript9diag.dll
    [2014/03/11 18:20:43 | 000,061,952 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\iesetup.dll
    [2014/03/11 18:20:43 | 000,048,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieetwproxystub.dll
    [2014/03/11 18:20:43 | 000,033,792 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\iernonce.dll
    [2014/03/11 18:20:42 | 000,627,200 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msfeeds.dll
    [2014/03/11 18:20:42 | 000,440,832 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieui.dll
    [2014/03/11 18:20:41 | 002,041,856 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\inetcpl.cpl
    [2014/03/11 18:20:41 | 000,703,488 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieapfltr.dll
    [2014/03/11 18:20:41 | 000,218,624 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ie4uinit.exe
    [2014/03/11 18:20:41 | 000,112,128 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieUnatt.exe
    [2014/03/11 18:20:41 | 000,066,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\iesetup.dll
    [2014/03/11 18:20:40 | 005,768,704 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\jscript9.dll
    [2014/03/11 18:20:40 | 000,708,608 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\jscript9diag.dll
    [2014/03/11 18:20:40 | 000,574,976 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieui.dll
    [2014/03/11 18:20:40 | 000,164,864 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msrating.dll
    [2014/03/11 18:20:40 | 000,139,264 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieUnatt.exe
    [2014/03/11 18:20:40 | 000,111,616 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieetwcollector.exe
    [2014/03/11 18:20:39 | 000,940,032 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\MsSpellCheckingFacility.exe
    [2014/03/11 18:20:39 | 000,817,664 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieapfltr.dll
    [2014/03/11 18:20:39 | 000,195,584 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msrating.dll
    [2014/03/11 18:18:21 | 000,624,128 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\qedit.dll
    [2014/03/11 18:18:21 | 000,509,440 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\qedit.dll
    [2014/03/11 18:18:20 | 001,424,384 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\WindowsCodecs.dll
    [2014/03/08 16:42:13 | 000,000,000 | ---D | C] -- C:\ProgramData\Roblox
    [2014/03/08 16:42:09 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Roblox
    [2014/03/08 02:11:47 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes' Anti-Malware (portable)
    [2014/03/08 02:11:25 | 000,091,352 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\mbamchameleon.sys
    [2014/03/07 21:39:04 | 000,000,000 | ---D | C] -- C:\Users\B Fizzle\AppData\Local\BeamNG
    [2014/03/04 14:02:53 | 000,000,000 | ---D | C] -- C:\Program Files\Quiknowledge
    [2014/03/01 10:17:42 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes
    [2014/03/01 10:16:13 | 000,033,240 | ---- | C] (GEAR Software Inc.) -- C:\Windows\SysNative\drivers\GEARAspiWDM.sys
    [2014/03/01 10:15:57 | 000,000,000 | ---D | C] -- C:\Program Files\iTunes
    [2014/03/01 10:15:57 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\iTunes
    [2014/03/01 10:15:57 | 000,000,000 | ---D | C] -- C:\Program Files\iPod
    [2014/03/01 10:15:57 | 000,000,000 | ---D | C] -- C:\ProgramData\34BE82C4-E596-4e99-A191-52C6199EBF69
    [2014/02/25 03:34:47 | 000,000,000 | ---D | C] -- C:\Users\B Fizzle\AppData\Roaming\Malwarebytes
    [2014/02/25 03:34:38 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes' Anti-Malware
    [2014/02/25 03:34:38 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes
    [2014/02/25 03:34:37 | 000,025,928 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\mbam.sys
    [2014/02/25 03:34:37 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Malwarebytes' Anti-Malware
    [2014/02/25 03:12:16 | 000,000,000 | ---D | C] -- C:\Users\B Fizzle\AppData\Local\Wondershare
    [2014/02/25 03:12:15 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Wondershare
    [2014/02/25 03:12:08 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Wondershare
    [2014/02/25 03:12:06 | 000,000,000 | ---D | C] -- C:\Users\B Fizzle\AppData\Roaming\Wondershare
    [2014/02/25 03:12:06 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Wondershare
    [2014/02/25 03:03:43 | 000,000,000 | ---D | C] -- C:\Users\B Fizzle\Documents\SelfMV
    [2014/02/25 02:52:12 | 000,206,080 | ---- | C] (DEVGURU Co., LTD.(www.devguru.co.kr)) -- C:\Windows\SysNative\drivers\ssudmdm.sys
    [2014/02/25 02:52:11 | 000,108,800 | ---- | C] (DEVGURU Co., LTD.(www.devguru.co.kr)) -- C:\Windows\SysNative\drivers\ssudbus.sys
    [2014/02/25 02:15:54 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MSI
    [2013/08/09 11:29:39 | 000,940,544 | ---- | C] (Apache Software Foundation) -- C:\Users\B Fizzle\AppData\Local\log4cxx.dll
    [1 C:\Windows\SysWow64\*.tmp files -> C:\Windows\SysWow64\*.tmp -> ]
    [1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]

    ========== Files - Modified Within 30 Days ==========

    [2014/03/24 13:02:22 | 000,019,424 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
    [2014/03/24 13:02:22 | 000,019,424 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
    [2014/03/24 13:02:06 | 005,192,353 | ---- | M] (Swearware) -- C:\Users\B Fizzle\Desktop\ComboFix.exe
    [2014/03/24 12:59:45 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\B Fizzle\Desktop\OTL.exe
    [2014/03/24 12:59:44 | 000,000,000 | ---- | M] () -- C:\Windows\Path.idx
    [2014/03/24 12:54:37 | 001,048,576 | ---- | M] () -- C:\Windows\PE_Rom.dll
    [2014/03/24 12:51:57 | 000,000,898 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
    [2014/03/24 12:50:38 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
    [2014/03/24 12:50:19 | 4214,337,534 | -HS- | M] () -- C:\hiberfil.sys
    [2014/03/22 08:11:35 | 000,000,902 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
    [2014/03/20 19:12:18 | 004,936,896 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT
    [2014/03/20 14:24:07 | 002,141,205 | ---- | M] () -- C:\Windows\SysNative\drivers\N360x64\1501000.012\Cat.DB
    [2014/03/19 03:35:12 | 000,030,281 | ---- | M] () -- C:\Windows\SysNative\drivers\N360x64\1501000.012\VT20140319.007
    [2014/03/12 10:41:55 | 000,000,917 | ---- | M] () -- C:\Users\B Fizzle\Desktop\MPC.lnk
    [2014/03/12 02:09:16 | 000,000,172 | ---- | M] () -- C:\Windows\SysNative\drivers\N360x64\1502000.026\isolate.ini
    [2014/03/09 02:17:44 | 000,007,168 | ---- | M] () -- C:\Users\B Fizzle\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
    [2014/03/08 02:11:25 | 000,091,352 | ---- | M] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\mbamchameleon.sys
    [2014/03/08 01:53:04 | 000,000,258 | RHS- | M] () -- C:\ProgramData\ntuser.pol
    [2014/03/08 01:15:00 | 000,000,824 | ---- | M] () -- C:\Users\Public\Desktop\CCleaner.lnk
    [2014/03/05 20:05:56 | 000,000,092 | ---- | M] () -- C:\Users\B Fizzle\AppData\Roaming\WB.CFG
    [2014/03/03 22:18:12 | 001,148,120 | ---- | M] (Symantec Corporation) -- C:\Windows\SysNative\drivers\N360x64\1502000.026\symefa64.sys
    [2014/03/03 22:18:12 | 000,030,068 | ---- | M] () -- C:\Windows\SysNative\drivers\N360x64\1502000.026\symvtcer.dat
    [2014/03/03 22:18:12 | 000,008,194 | ---- | M] () -- C:\Windows\SysNative\drivers\N360x64\1502000.026\symefa64.cat
    [2014/03/03 22:18:12 | 000,003,433 | ---- | M] () -- C:\Windows\SysNative\drivers\N360x64\1502000.026\symefa.inf
    [2014/03/03 16:21:34 | 000,692,616 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerApp.exe
    [2014/03/03 16:21:33 | 000,071,048 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl
    [2014/02/28 23:16:26 | 000,004,096 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\ieetwcollectorres.dll
    [2014/02/28 22:52:55 | 000,066,048 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\iesetup.dll
    [2014/02/28 22:51:59 | 000,048,640 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\ieetwproxystub.dll
    [2014/02/28 22:40:43 | 000,033,792 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\iernonce.dll
    [2014/02/28 22:37:12 | 000,574,976 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\ieui.dll
    [2014/02/28 22:33:52 | 000,139,264 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\ieUnatt.exe
    [2014/02/28 22:33:34 | 000,111,616 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\ieetwcollector.exe
    [2014/02/28 22:32:59 | 000,708,608 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\jscript9diag.dll
    [2014/02/28 22:23:49 | 000,940,032 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\MsSpellCheckingFacility.exe
    [2014/02/28 22:17:43 | 000,218,624 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\ie4uinit.exe
    [2014/02/28 22:02:07 | 000,195,584 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\msrating.dll
    [2014/02/28 21:54:33 | 005,768,704 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\jscript9.dll
    [2014/02/28 21:52:43 | 000,061,952 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\iesetup.dll
    [2014/02/28 21:51:53 | 000,051,200 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\ieetwproxystub.dll
    [2014/02/28 21:43:28 | 000,032,768 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\iernonce.dll
    [2014/02/28 21:42:12 | 000,627,200 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\msfeeds.dll
    [2014/02/28 21:40:17 | 000,440,832 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\ieui.dll
    [2014/02/28 21:38:26 | 000,112,128 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\ieUnatt.exe
    [2014/02/28 21:37:35 | 000,553,472 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\jscript9diag.dll
    [2014/02/28 21:35:11 | 002,041,856 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\inetcpl.cpl
    [2014/02/28 21:16:09 | 000,164,864 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\msrating.dll
    [2014/02/28 21:00:08 | 001,964,032 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\inetcpl.cpl
    [2014/02/28 20:25:42 | 000,703,488 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\ieapfltr.dll
    [2014/02/28 20:25:22 | 000,817,664 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\ieapfltr.dll
    [2014/02/28 16:34:49 | 000,783,336 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
    [2014/02/28 16:34:49 | 000,662,828 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
    [2014/02/28 16:34:49 | 000,122,438 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
    [2014/02/25 03:34:40 | 000,001,115 | ---- | M] () -- C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
    [2014/02/25 03:12:09 | 000,001,273 | ---- | M] () -- C:\Users\B Fizzle\Application Data\Microsoft\Internet Explorer\Quick Launch\Wondershare MobileGo for Android.lnk
    [2014/02/25 03:12:09 | 000,001,249 | ---- | M] () -- C:\Users\Public\Desktop\Wondershare MobileGo for Android.lnk
    [2014/02/25 03:03:31 | 000,001,975 | ---- | M] () -- C:\Users\Public\Desktop\Samsung Kies 3.lnk
    [2014/02/25 03:03:28 | 000,001,999 | ---- | M] () -- C:\Users\B Fizzle\Application Data\Microsoft\Internet Explorer\Quick Launch\Samsung Kies 3.lnk
    [2014/02/25 02:43:22 | 000,001,067 | ---- | M] () -- C:\Users\B Fizzle\Desktop\PS3ThemeCreator - Shortcut.lnk
    [2014/02/25 02:15:55 | 000,002,013 | ---- | M] () -- C:\Users\Public\Desktop\Live Update 5.lnk
    [1 C:\Windows\SysWow64\*.tmp files -> C:\Windows\SysWow64\*.tmp -> ]
    [1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]

    ========== Files Created - No Company Name ==========

    [2014/03/20 19:11:30 | 004,936,896 | ---- | C] () -- C:\Windows\SysNative\FNTCACHE.DAT
    [2014/03/04 14:03:12 | 000,000,092 | ---- | C] () -- C:\Users\B Fizzle\AppData\Roaming\WB.CFG
    [2014/02/25 03:34:40 | 000,001,115 | ---- | C] () -- C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
    [2014/02/25 03:12:09 | 000,001,273 | ---- | C] () -- C:\Users\B Fizzle\Application Data\Microsoft\Internet Explorer\Quick Launch\Wondershare MobileGo for Android.lnk
    [2014/02/25 03:12:09 | 000,001,249 | ---- | C] () -- C:\Users\Public\Desktop\Wondershare MobileGo for Android.lnk
    [2014/02/25 03:03:30 | 000,001,975 | ---- | C] () -- C:\Users\Public\Desktop\Samsung Kies 3.lnk
    [2014/02/25 03:03:28 | 000,001,999 | ---- | C] () -- C:\Users\B Fizzle\Application Data\Microsoft\Internet Explorer\Quick Launch\Samsung Kies 3.lnk
    [2014/02/25 02:43:22 | 000,001,067 | ---- | C] () -- C:\Users\B Fizzle\Desktop\PS3ThemeCreator - Shortcut.lnk
    [2014/02/25 02:15:55 | 000,002,013 | ---- | C] () -- C:\Users\Public\Desktop\Live Update 5.lnk
    [2014/01/31 18:07:03 | 000,000,298 | ---- | C] () -- C:\ProgramData\Microsoft.SqlServer.Compact.400.32.bc
    [2014/01/31 15:49:02 | 000,038,912 | ---- | C] () -- C:\Windows\SysWow64\kdbsdk32.dll
    [2014/01/31 14:43:24 | 000,995,342 | ---- | C] () -- C:\Windows\SysWow64\amdocl_as32.exe
    [2014/01/31 14:43:24 | 000,798,734 | ---- | C] () -- C:\Windows\SysWow64\amdocl_ld32.exe
    [2014/01/31 13:40:48 | 000,204,952 | ---- | C] () -- C:\Windows\SysWow64\ativvsvl.dat
    [2014/01/31 13:40:48 | 000,157,144 | ---- | C] () -- C:\Windows\SysWow64\ativvsva.dat
    [2014/01/24 17:49:36 | 000,000,037 | -HS- | C] () -- C:\Users\B Fizzle\AppData\Local\70149b02515b3bb20dd492.47983420
    [2014/01/15 17:56:18 | 000,055,808 | ---- | C] () -- C:\Windows\SysWow64\zlib1.dll
    [2014/01/04 21:12:32 | 000,007,168 | ---- | C] () -- C:\Users\B Fizzle\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
    [2013/12/12 16:35:53 | 000,001,984 | ---- | C] () -- C:\Windows\SysWow64\drivers\papycpu2.sys
    [2013/12/12 16:35:53 | 000,001,856 | ---- | C] () -- C:\Windows\SysWow64\drivers\papyjoy.sys
    [2013/12/12 16:35:35 | 000,000,019 | ---- | C] () -- C:\Windows\Sierra.ini
    [2013/11/11 15:13:11 | 000,214,392 | ---- | C] () -- C:\Windows\SysWow64\PnkBstrB.exe
    [2013/11/11 15:13:10 | 000,076,888 | ---- | C] () -- C:\Windows\SysWow64\PnkBstrA.exe
    [2013/11/11 15:13:09 | 003,894,632 | ---- | C] () -- C:\Windows\SysWow64\pbsvc.exe
    [2013/09/23 13:50:55 | 000,000,000 | -H-- | C] () -- C:\ProgramData\DP45977C.lfl
    [2013/08/12 16:47:22 | 145,754,407 | ---- | C] () -- C:\Users\B Fizzle\AppData\Local\ACCCx2_1_0_213.zip.aamdownload
    [2013/08/12 16:47:22 | 000,001,732 | ---- | C] () -- C:\Users\B Fizzle\AppData\Local\ACCCx2_1_0_213.zip.aamdownload.aamd
    [2013/08/09 11:29:39 | 000,196,608 | ---- | C] () -- C:\Users\B Fizzle\AppData\Local\common_functions.dll
    [2013/06/05 18:16:19 | 000,000,561 | ---- | C] () -- C:\Windows\BRWMARK.INI
    [2013/06/05 18:16:19 | 000,000,034 | ---- | C] () -- C:\Windows\SysWow64\BD2170W.DAT
    [2013/05/22 20:43:48 | 000,974,848 | ---- | C] () -- C:\Windows\SysWow64\cis-2.4.dll
    [2013/05/22 20:43:48 | 000,081,920 | ---- | C] () -- C:\Windows\SysWow64\issacapi_bs-2.3.dll
    [2013/05/22 20:43:48 | 000,065,536 | ---- | C] () -- C:\Windows\SysWow64\issacapi_pe-2.3.dll
    [2013/05/22 20:43:48 | 000,057,344 | ---- | C] () -- C:\Windows\SysWow64\issacapi_se-2.3.dll
    [2013/03/04 19:49:15 | 005,371,952 | ---- | C] () -- C:\Windows\PE_File.dll
    [2013/02/12 13:20:58 | 000,007,607 | ---- | C] () -- C:\Users\B Fizzle\AppData\Local\Resmon.ResmonCfg
    [2013/02/10 10:24:05 | 001,048,576 | ---- | C] () -- C:\Windows\PE_Rom.dll
    [2013/02/10 10:05:00 | 000,013,440 | R--- | C] () -- C:\Windows\SysWow64\drivers\AsIO.sys
    [2013/02/10 10:04:51 | 000,011,832 | ---- | C] () -- C:\Windows\SysWow64\drivers\AsInsHelp64.sys
    [2013/02/10 08:36:21 | 000,043,376 | ---- | C] () -- C:\Windows\Ascd_log.ini
    [2013/02/10 08:34:43 | 000,001,769 | ---- | C] () -- C:\Windows\Language_trs.ini
    [2013/02/10 08:34:27 | 000,032,336 | ---- | C] () -- C:\Windows\Ascd_tmp.ini
    [2012/11/23 06:54:40 | 000,114,688 | ---- | C] () -- C:\Users\B Fizzle\AppData\Local\ie_runner_app.exe
    [2012/09/17 02:48:22 | 000,000,258 | RHS- | C] () -- C:\ProgramData\ntuser.pol
    [2012/08/20 09:27:47 | 000,000,496 | ---- | C] () -- C:\Users\B Fizzle\AppData\Roaming\UserMetrics.osl
    [2012/07/02 14:11:02 | 000,016,384 | ---- | C] () -- C:\Windows\SysWow64\theowl.dll
    [2012/06/23 10:10:10 | 000,775,458 | ---- | C] () -- C:\Windows\SysWow64\PerfStringBackup.INI
    [2012/06/22 17:46:41 | 000,000,000 | ---- | C] () -- C:\Windows\ativpsrm.bin
    [2012/06/22 17:13:28 | 000,065,536 | ---- | C] () -- C:\Windows\SysWow64\dmcrypto.dll
    [2012/06/22 17:12:09 | 000,002,432 | ---- | C] () -- C:\Windows\HCWPNP.INI

    ========== ZeroAccess Check ==========

    [2009/07/13 22:55:00 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini

    [HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64

    [HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]

    [HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] /64

    [HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]

    [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
    "" = C:\Windows\SysNative\shell32.dll -- [2013/07/25 20:24:57 | 014,172,672 | ---- | M] (Microsoft Corporation)
    "ThreadingModel" = Apartment

    [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
    "" = %SystemRoot%\system32\shell32.dll -- [2013/07/25 19:55:59 | 012,872,704 | ---- | M] (Microsoft Corporation)
    "ThreadingModel" = Apartment

    [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] /64
    "" = C:\Windows\SysNative\wbem\fastprox.dll -- [2009/07/13 19:40:51 | 000,909,312 | ---- | M] (Microsoft Corporation)
    "ThreadingModel" = Free

    [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
    "" = %systemroot%\system32\wbem\fastprox.dll -- [2010/11/20 06:19:02 | 000,606,208 | ---- | M] (Microsoft Corporation)
    "ThreadingModel" = Free

    [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] /64
    "" = C:\Windows\SysNative\wbem\wbemess.dll -- [2009/07/13 19:41:56 | 000,505,856 | ---- | M] (Microsoft Corporation)
    "ThreadingModel" = Both

    [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]

    ========== LOP Check ==========

    [2014/03/09 15:44:08 | 000,000,000 | ---D | M] -- C:\Users\B Fizzle\AppData\Roaming\.minecraft
    [2014/01/04 23:39:36 | 000,000,000 | ---D | M] -- C:\Users\B Fizzle\AppData\Roaming\Ableton
    [2013/02/10 10:22:15 | 000,000,000 | ---D | M] -- C:\Users\B Fizzle\AppData\Roaming\ASUS WebStorage
    [2014/02/12 17:13:01 | 000,000,000 | ---D | M] -- C:\Users\B Fizzle\AppData\Roaming\BitTorrent
    [2014/01/07 23:22:57 | 000,000,000 | ---D | M] -- C:\Users\B Fizzle\AppData\Roaming\Cakewalk
    [2013/01/21 16:09:09 | 000,000,000 | ---D | M] -- C:\Users\B Fizzle\AppData\Roaming\Canon
    [2013/06/18 18:19:40 | 000,000,000 | ---D | M] -- C:\Users\B Fizzle\AppData\Roaming\com.adobe.downloadassistant.AdobeDownloadAssistant
    [2013/02/14 12:54:50 | 000,000,000 | ---D | M] -- C:\Users\B Fizzle\AppData\Roaming\DAEMON Tools Lite
    [2014/01/08 19:26:22 | 000,000,000 | ---D | M] -- C:\Users\B Fizzle\AppData\Roaming\DAEMON Tools Pro
    [2014/01/07 20:26:14 | 000,000,000 | ---D | M] -- C:\Users\B Fizzle\AppData\Roaming\FlowStone
    [2014/01/07 20:26:31 | 000,000,000 | ---D | M] -- C:\Users\B Fizzle\AppData\Roaming\Image-Line
    [2013/03/09 23:47:59 | 000,000,000 | ---D | M] -- C:\Users\B Fizzle\AppData\Roaming\Leadertech
    [2013/10/30 17:22:57 | 000,000,000 | ---D | M] -- C:\Users\B Fizzle\AppData\Roaming\library_dir
    [2014/01/08 19:23:58 | 000,000,000 | ---D | M] -- C:\Users\B Fizzle\AppData\Roaming\MAXON
    [2013/04/17 14:05:16 | 000,000,000 | ---D | M] -- C:\Users\B Fizzle\AppData\Roaming\MotioninJoy
    [2014/02/24 09:12:15 | 000,000,000 | ---D | M] -- C:\Users\B Fizzle\AppData\Roaming\MPC
    [2013/08/08 04:59:24 | 000,000,000 | ---D | M] -- C:\Users\B Fizzle\AppData\Roaming\MusicNet
    [2013/02/02 19:33:48 | 000,000,000 | ---D | M] -- C:\Users\B Fizzle\AppData\Roaming\Oberon Media
    [2013/08/02 14:08:14 | 000,000,000 | ---D | M] -- C:\Users\B Fizzle\AppData\Roaming\Origin
    [2014/01/07 23:23:01 | 000,000,000 | ---D | M] -- C:\Users\B Fizzle\AppData\Roaming\Overloud
    [2012/10/04 20:30:28 | 000,000,000 | ---D | M] -- C:\Users\B Fizzle\AppData\Roaming\Play withSIX
    [2012/06/29 18:12:55 | 000,000,000 | ---D | M] -- C:\Users\B Fizzle\AppData\Roaming\Publish Providers
    [2014/02/03 18:18:22 | 000,000,000 | ---D | M] -- C:\Users\B Fizzle\AppData\Roaming\Raptr
    [2014/03/19 02:38:19 | 000,000,000 | ---D | M] -- C:\Users\B Fizzle\AppData\Roaming\Samsung
    [2013/09/15 10:17:19 | 000,000,000 | ---D | M] -- C:\Users\B Fizzle\AppData\Roaming\SBG-SVG
    [2012/08/14 13:58:13 | 000,000,000 | ---D | M] -- C:\Users\B Fizzle\AppData\Roaming\six-updater
    [2012/08/06 13:58:58 | 000,000,000 | ---D | M] -- C:\Users\B Fizzle\AppData\Roaming\six-zsync
    [2014/03/20 22:28:28 | 000,000,000 | ---D | M] -- C:\Users\B Fizzle\AppData\Roaming\SoftGrid Client
    [2013/03/19 07:30:22 | 000,000,000 | ---D | M] -- C:\Users\B Fizzle\AppData\Roaming\Sony
    [2012/06/30 18:28:48 | 000,000,000 | ---D | M] -- C:\Users\B Fizzle\AppData\Roaming\StageManager.BD092818F67280F4B42B04877600987F0111B594.1
    [2014/02/07 15:16:39 | 000,000,000 | ---D | M] -- C:\Users\B Fizzle\AppData\Roaming\ToguAudioLine
    [2012/06/23 10:11:35 | 000,000,000 | ---D | M] -- C:\Users\B Fizzle\AppData\Roaming\TP
    [2014/03/19 19:08:30 | 000,000,000 | ---D | M] -- C:\Users\B Fizzle\AppData\Roaming\TS3Client
    [2013/01/05 21:12:31 | 000,000,000 | ---D | M] -- C:\Users\B Fizzle\AppData\Roaming\ts3overlay
    [2013/02/02 19:33:39 | 000,000,000 | ---D | M] -- C:\Users\B Fizzle\AppData\Roaming\VisicomToolBar
    [2013/08/10 03:40:33 | 000,000,000 | ---D | M] -- C:\Users\B Fizzle\AppData\Roaming\Wargaming.net
    [2012/08/18 20:02:41 | 000,000,000 | ---D | M] -- C:\Users\B Fizzle\AppData\Roaming\WinBatch
    [2014/02/25 03:12:06 | 000,000,000 | ---D | M] -- C:\Users\B Fizzle\AppData\Roaming\Wondershare

    ========== Purity Check ==========



    ========== Alternate Data Streams ==========

    @Alternate Data Stream - 118 bytes -> C:\ProgramData\Temp:373E1720
    @Alternate Data Stream - 1030 bytes -> C:\Users\B Fizzle\AppData\Local\Temp:CExGEznTqg1VC2PvGEI7rli

    < End of report >


    OTL Extras logfile created on: 3/24/2014 1:00:45 PM - Run 1
    OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\B Fizzle\Desktop
    64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
    Internet Explorer (Version = 9.11.9600.16521)
    Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

    15.90 Gb Total Physical Memory | 12.96 Gb Available Physical Memory | 81.53% Memory free
    32.09 Gb Paging File | 28.94 Gb Available in Paging File | 90.18% Paging File free
    Paging file location(s): ?:\pagefile.sys [binary data]

    %SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
    Drive C: | 919.32 Gb Total Space | 637.08 Gb Free Space | 69.30% Space Free | Partition Type: NTFS
    Drive D: | 12.09 Gb Total Space | 1.46 Gb Free Space | 12.11% Space Free | Partition Type: NTFS
    Drive G: | 149.05 Gb Total Space | 72.71 Gb Free Space | 48.78% Space Free | Partition Type: NTFS

    Computer Name: BFIZZLE-PC | User Name: B Fizzle | Logged in as Administrator.
    Boot Mode: Normal | Scan Mode: All users | Include 64bit Scans
    Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

    ========== Extra Registry (SafeList) ==========


    ========== File Associations ==========

    64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
    .html[@ = ChromeHTML] -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.)
    .url[@ = InternetShortcut] -- C:\Windows\SysNative\rundll32.exe (Microsoft Corporation)

    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
    .cpl [@ = cplfile] -- C:\Windows\SysWow64\control.exe (Microsoft Corporation)
    .html [@ = ChromeHTML] -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.)

    [HKEY_USERS\S-1-5-21-3318628717-2039210978-2398495989-1000\SOFTWARE\Classes\<extension>]
    .html [@ = ChromeHTML] -- Reg Error: Key error. File not found

    ========== Shell Spawning ==========

    64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
    batfile [open] -- "%1" %*
    cmdfile [open] -- "%1" %*
    comfile [open] -- "%1" %*
    exefile [open] -- "%1" %*
    helpfile [open] -- Reg Error: Key error.
    htmlfile [edit] -- Reg Error: Key error.
    htmlfile [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
    htmlfile [opennew] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
    htmlfile [print] -- "%systemroot%\system32\rundll32.exe" "%systemroot%\system32\mshtml.dll",PrintHTML "%1"
    http [open] -- "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" -- "%1" (Google Inc.)
    https [open] -- "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" -- "%1" (Google Inc.)
    inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
    InternetShortcut [open] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll",OpenURL %l (Microsoft Corporation)
    InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
    piffile [open] -- "%1" %*
    regfile [merge] -- Reg Error: Key error.
    scrfile [config] -- "%1"
    scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
    scrfile [open] -- "%1" /S
    txtfile [edit] -- Reg Error: Key error.
    Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
    Directory [Bridge] -- C:\Program Files\Adobe\Adobe Bridge CS6 (64 Bit)\Bridge.exe "%L" (Adobe Systems, Inc.)
    Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
    Directory [Digital Photo Professional] -- C:\Program Files (x86)\Canon\Digital Photo Professional\DPPViewer.exe /path "%1" (CANON INC.)
    Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
    Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
    Folder [explore] -- Reg Error: Value error.
    Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
    Applications\iexplore.exe [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
    CLSID\{871C5380-42A0-1069-A2EA-08002B30309D} [OpenHomePage] -- "C:\Program Files\Internet Explorer\iexplore.exe" (Microsoft Corporation)

    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
    batfile [open] -- "%1" %*
    cmdfile [open] -- "%1" %*
    comfile [open] -- "%1" %*
    cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
    exefile [open] -- "%1" %*
    helpfile [open] -- Reg Error: Key error.
    htmlfile [edit] -- Reg Error: Key error.
    htmlfile [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
    htmlfile [opennew] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
    htmlfile [print] -- "%systemroot%\system32\rundll32.exe" "%systemroot%\system32\mshtml.dll",PrintHTML "%1"
    http [open] -- "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" -- "%1" (Google Inc.)
    https [open] -- "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" -- "%1" (Google Inc.)
    inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
    piffile [open] -- "%1" %*
    regfile [merge] -- Reg Error: Key error.
    scrfile [config] -- "%1"
    scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
    scrfile [open] -- "%1" /S
    txtfile [edit] -- Reg Error: Key error.
    Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
    Directory [Bridge] -- C:\Program Files\Adobe\Adobe Bridge CS6 (64 Bit)\Bridge.exe "%L" (Adobe Systems, Inc.)
    Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
    Directory [Digital Photo Professional] -- C:\Program Files (x86)\Canon\Digital Photo Professional\DPPViewer.exe /path "%1" (CANON INC.)
    Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
    Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
    Folder [explore] -- Reg Error: Value error.
    Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
    Applications\iexplore.exe [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
    CLSID\{871C5380-42A0-1069-A2EA-08002B30309D} [OpenHomePage] -- Reg Error: Value error.

    ========== Security Center Settings ==========

    64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
    "cval" = 1

    64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

    64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
    "VistaSp1" = 28 4D B2 76 41 04 CA 01 [binary data]
    "AntiVirusOverride" = 0
    "AntiSpywareOverride" = 0
    "FirewallOverride" = 0

    64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]

    ========== Firewall Settings ==========

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
    "DisableNotifications" = 0
    "EnableFirewall" = 1

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
    "DisableNotifications" = 0
    "EnableFirewall" = 1

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
    "DisableNotifications" = 0
    "EnableFirewall" = 1

    ========== Authorized Applications List ==========


    ========== Vista Active Open Ports Exception List ==========

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
    "{0371DD45-9744-4B28-BCD4-EA913A7900AA}" = lport=7777 | protocol=17 | dir=in | app=%systemroot%\ehome\ehshell.exe |
    "{0A663127-F957-4595-94B8-41A90453524E}" = rport=445 | protocol=6 | dir=out | app=system |
    "{18A135D7-5A69-46CD-BEA8-E6068500A4B1}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
    "{192F7E14-3ECC-4D1C-A73F-375990FA3EDB}" = lport=10243 | protocol=6 | dir=in | app=system |
    "{1AA4424B-ED14-4B0D-9B43-6917398631C3}" = lport=7777 | protocol=17 | dir=in | app=%systemroot%\ehome\ehshell.exe |
    "{1E902D85-75C0-4174-8941-C37C6F42D34E}" = lport=554 | protocol=6 | dir=in | app=%systemroot%\ehome\ehshell.exe |
    "{21826C76-6936-4B87-B66E-74D95CEFBC2D}" = lport=3390 | protocol=6 | dir=in | app=system |
    "{2368F2BB-AFBA-4B35-AE15-589BD451AE9D}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe |
    "{23A0FFE0-2DE3-4EC6-BB62-AEDB3C0DF978}" = lport=3702 | protocol=17 | dir=in | svc=fdphost | app=%systemroot%\system32\svchost.exe |
    "{3356ED74-4B55-4CF4-9AA6-1D099F2F25EF}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe |
    "{36C08FE1-5396-477B-861D-48EA97540AE0}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
    "{46BE190F-7405-433E-98F8-322263B9D3BA}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
    "{46F156B2-8A92-4A4A-885A-0EC49F24BC46}" = rport=3702 | protocol=17 | dir=out | svc=fdphost | app=%systemroot%\system32\svchost.exe |
    "{525A0A91-A078-427C-894D-0A6B301DD4FB}" = lport=2869 | protocol=6 | dir=in | name=upnp tcp 2869 |
    "{52B0FE6B-A740-4E7E-A7BA-E654C8ED2062}" = rport=137 | protocol=17 | dir=out | app=system |
    "{53F035C7-A77F-49FF-8EF5-CDF61F591FB1}" = lport=1900 | protocol=17 | dir=in | name=upnp udp 1900 |
    "{5F3DFF54-2D06-4B7F-BB19-086773FE12BA}" = lport=rpc | protocol=6 | dir=in | svc=spooler | app=%systemroot%\system32\spoolsv.exe |
    "{6012A6AA-18FC-4F15-9D87-3E80F925F3C1}" = lport=138 | protocol=17 | dir=in | app=system |
    "{60C9F55A-2FD4-4393-B735-7B937BFEF75E}" = lport=2869 | protocol=6 | dir=in | app=system |
    "{620077F5-259E-451E-9697-6D52BFE2076B}" = lport=3702 | protocol=17 | dir=in | svc=fdrespub | app=%systemroot%\system32\svchost.exe |
    "{6AEF9F6E-D4D5-4304-8417-0EFB2908FF8F}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | name=@firewallapi.dll,-28539 |
    "{6C29172B-67CE-44D4-8DBC-A749F6F07E48}" = lport=445 | protocol=6 | dir=in | app=system |
    "{6CF5EA37-5F4D-4F4D-8268-BD7FA0B6631E}" = rport=2177 | protocol=17 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
    "{6E9E8D33-9F38-4483-8C54-6DF17CE0D242}" = lport=1900 | protocol=17 | dir=in | name=upnp udp 1900 |
    "{71B39C0C-130D-4D70-B85A-87F9647A17F5}" = lport=2869 | protocol=6 | dir=in | name=upnp tcp 2869 |
    "{72622892-0A10-48D5-B469-D3FB7D4EB513}" = lport=2869 | protocol=6 | dir=in | app=system |
    "{7376DEF8-6DFA-4EE2-9598-7E5D13D5EAF5}" = rport=10243 | protocol=6 | dir=out | app=system |
    "{79185EB4-C8EC-4E90-9E31-E0FBEA29A552}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
    "{7A12CB34-370B-414A-AA18-AD252F25D17A}" = lport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
    "{7A56C16F-7B9F-494B-8BE8-78D5458B1E75}" = lport=2177 | protocol=17 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
    "{80B345F6-A489-48DE-93F4-2E17E2326206}" = lport=10244 | protocol=6 | dir=in | app=system |
    "{857C65BA-6E5D-4C11-AE0B-CD95538860C2}" = lport=10244 | protocol=6 | dir=in | app=system |
    "{9A603E01-562E-4C29-9272-9E02761DA914}" = rport=2177 | protocol=17 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
    "{A476D1FC-CBDB-40E2-8F4B-4A2655B45D97}" = lport=139 | protocol=6 | dir=in | app=system |
    "{A66ACBBD-32B4-472C-91E6-69B1AEC48088}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe |
    "{AF611610-F7E2-44CB-ABD8-19F59F1EADEB}" = lport=2177 | protocol=6 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
    "{B195FBBA-9F53-4827-8F11-ABE2A7797F3E}" = lport=2177 | protocol=17 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
    "{B1DAA4BF-777C-49CE-9703-A95FE968410C}" = lport=2869 | protocol=6 | dir=in | app=system |
    "{B1E26FD6-B4DC-48E2-8C80-E24ED34FBE4A}" = lport=137 | protocol=17 | dir=in | app=system |
    "{B3439FA9-9603-46CD-9D23-DAA528B51F75}" = rport=2177 | protocol=17 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
    "{B4B5D9E0-A576-4CC2-B3D6-B4F6828AEDBE}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
    "{B9D4B34A-89A2-438F-9BF9-3C5FE1CF4678}" = rport=2177 | protocol=6 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
    "{BE0CE537-D32E-4F1D-94FF-373F55A67818}" = rport=2177 | protocol=6 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
    "{BF4CEE14-F7CA-4969-927D-156E7E541BE4}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe |
    "{C8FE5F6E-A6C6-4C9E-BB95-D351C4440A6D}" = rport=3702 | protocol=17 | dir=out | svc=fdrespub | app=%systemroot%\system32\svchost.exe |
    "{CD557D03-C1D0-4C55-BBDE-592F65265055}" = lport=2177 | protocol=6 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
    "{D1295D0A-1B6B-4FAB-A72E-C34F984E554E}" = lport=2177 | protocol=6 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
    "{D2CBA325-2A9A-416A-A45D-C0D3CE5209C1}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
    "{D33D6F40-96CD-44B1-96A5-C5CFA3A13EF5}" = lport=554 | protocol=6 | dir=in | app=%systemroot%\ehome\ehshell.exe |
    "{D6D28F67-B6B6-4E1B-BE9B-228A33970533}" = lport=19540 | protocol=17 | dir=in | name=sxuptp |
    "{D74859BA-82EF-4267-BFB8-E9508BE2C308}" = lport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
    "{DB568B17-D469-4D00-9098-77D55D060FCC}" = lport=3390 | protocol=6 | dir=in | app=system |
    "{DDAF6146-92CA-4364-BEF8-2B8FC1FCA28B}" = rport=2177 | protocol=6 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
    "{E832B9F6-204C-43BA-9905-77B44238AE17}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
    "{EA1EBC1E-65AC-4ECE-9592-0034D7804450}" = rport=139 | protocol=6 | dir=out | app=system |
    "{F1634C45-0D6F-46B9-B083-1A8EDBE72CF2}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe |
    "{F5373E72-0A4A-4592-9333-ACE4D0C974BD}" = rport=138 | protocol=17 | dir=out | app=system |
    "{F5C96A8A-F520-4E84-B226-1C4F9D8D878B}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe |
    "{F8D9D19B-4BB2-4CB6-8971-F2806B21FA79}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
    "{FD04DB34-806E-46C8-88E9-D0918E392658}" = lport=2177 | protocol=17 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |

    ========== Vista Active Application Exception List ==========

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
    "{04CE6497-96F3-406A-95D9-30F9A3CD702D}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\arma 2 operation arrowhead\besetup\setup_battleyearma2oa.exe |
    "{0ABB90EE-FB9D-45FD-A011-1530A8E7D6CA}" = protocol=6 | dir=out | app=system |
    "{0B73C5FB-9EB0-474D-82C8-8119CF4C144A}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steam.exe |
    "{1110C26A-20D1-4273-9860-08A8EEADFE56}" = dir=in | app=c:\program files (x86)\itunes\itunes.exe |
    "{13CE7426-7BD9-40DD-96FB-E96703688038}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
    "{145CAF95-E4D3-4BE3-AEC3-0F4F6A95E4FE}" = protocol=17 | dir=in | app=%programfiles(x86)%\windows media player\wmplayer.exe |
    "{145EAAA9-31D4-403B-A05A-C6063D332910}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\dayz\dayz.exe |
    "{169BDAD9-C878-4B69-8E85-C9C9F070FA53}" = protocol=6 | dir=out | svc=mcx2svc | app=%systemroot%\system32\svchost.exe |
    "{21AEF571-8518-47CD-8081-5919D211953A}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\arma 2\arma2.exe |
    "{22EDBDCF-59AE-4B6A-976E-C4C6BA29D7FE}" = protocol=6 | dir=in | app=c:\windows\syswow64\pnkbstrb.exe |
    "{240D5A44-0DD8-4188-8706-D5B3B32B244A}" = protocol=6 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe |
    "{25EB268D-52F1-4536-91D3-9A5F8050E38E}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\arma 2\arma2.exe |
    "{2B53A960-B714-4B8E-96E3-01E0B048F7FB}" = protocol=17 | dir=in | app=c:\program files (x86)\origin games\battlefield 4\bf4_x86.exe |
    "{2B685CA7-B90E-4254-A781-2358A0A90695}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
    "{2BF94A3E-D3AE-4C87-830F-85C1825DE622}" = protocol=6 | dir=in | app=c:\program files (x86)\origin games\battlefield 4\bf4_x86.exe |
    "{31656696-9EB1-4EB5-B11B-FD122B193A11}" = protocol=17 | dir=in | app=c:\program files (x86)\battlelog web plugins\sonar\0.70.4\sonarhost.exe |
    "{37EE0441-5CA2-417C-AAFA-D7495198438E}" = protocol=6 | dir=in | app=c:\users\b fizzle\appdata\roaming\bittorrent\bittorrent.exe |
    "{3A24C1FE-2F49-46F4-82D4-E0CAF8331811}" = protocol=6 | dir=in | app=c:\program files (x86)\bonjour\mdnsresponder.exe |
    "{3F820AD4-FA22-4E38-A016-10C25D787906}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe |
    "{4130F544-650D-40E9-9AFE-B60E82EFD6FB}" = protocol=6 | dir=in | app=c:\program files (x86)\battlelog web plugins\sonar\0.70.4\sonarhost.exe |
    "{480CCA21-8B7C-4C4E-A627-F3E0703A0796}" = protocol=6 | dir=in | app=c:\windows\syswow64\muzapp.exe |
    "{490B8619-6B86-42F6-96BC-B62D33091A01}" = protocol=17 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe |
    "{499716CA-C8B1-4C99-8F21-4C821A4C17D1}" = protocol=6 | dir=in | app=c:\program files (x86)\asus\ai suite ii\ai suite ii.exe |
    "{49EE3604-E9A5-46FA-AB38-3652F6F8CCBE}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\arma 2 operation arrowhead\arma2oa.exe |
    "{4A82E904-D390-4528-BF3D-E12298465D80}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\loadout\loadout.exe |
    "{4C8B6CE0-886C-4F83-B745-AB61C5C5EC5A}" = protocol=17 | dir=out | app=%systemroot%\ehome\ehshell.exe |
    "{4D058BE1-8041-4FE6-B5FB-E1A4A07F2A59}" = protocol=6 | dir=out | svc=fdphost | app=%systemroot%\system32\svchost.exe |
    "{4EAF62B7-FB9F-4BEB-BE72-C38DF8CE0653}" = protocol=17 | dir=in | app=c:\program files (x86)\origin games\battlefield 4\bf4.exe |
    "{538591D6-AB4B-4D1A-98EA-A42E00FFEA8B}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
    "{538DD63F-BADD-443D-B7C4-9BE399C6B961}" = protocol=17 | dir=in | app=c:\program files (x86)\battlelog web plugins\sonar\0.70.4\sonarhost.exe |
    "{547E8CDA-7DE7-4281-AC32-3170BAC457CB}" = protocol=17 | dir=in | app=c:\program files (x86)\raptr\raptr_im.exe |
    "{55DF8A8B-1855-47E7-BC03-E32541A1C629}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\aceofspades\aos.exe |
    "{56CBBDFE-10A5-44FD-9A1C-549DB6EE7973}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\arma 3\arma3.exe |
    "{57BF5747-E116-42B4-9673-DF573576A039}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe |
    "{6239CB44-F1DE-4831-AD0D-1BFF3569D698}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\bugbear entertainment\next car game.exe |
    "{64B2D109-2334-42D0-9DA9-A3D9D0EA6107}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe |
    "{6662FDE9-D79A-48A8-9C4F-8F0FD4B1D70F}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\arma 3\arma3.exe |
    "{68395C8A-491B-4EC5-BB39-21A0AD236F8A}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\arma 2 operation arrowhead\arma2oa.exe |
    "{6C0A8CB2-A710-49FF-8DDF-683C0AAF9E90}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
    "{6CF030C5-7576-452E-A6F8-72F8143723C5}" = protocol=6 | dir=in | app=c:\program files (x86)\raptr\raptr_im.exe |
    "{72911DD5-4365-4D4C-AFBC-DCE0977B5697}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\arma 3\arma3.exe |
    "{76AEC962-2E20-4B3A-905C-0AF20811218B}" = protocol=17 | dir=in | app=c:\program files (x86)\bonjour\mdnsresponder.exe |
    "{7C1623D1-AE32-4FF4-9CCC-433E773806DA}" = protocol=6 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe |
    "{7D5F1B6F-5476-48A8-8585-B426AD331FC9}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
    "{7F44BE7E-B8E5-4D5C-8BFF-90D36C672FFE}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
    "{7F683DEE-8095-49B9-94CD-F38946E61E8C}" = protocol=17 | dir=in | app=c:\program files (x86)\asus\ai suite ii\remote go!\assisttools\wifi go! server.exe |
    "{8013F1EC-4235-4727-8B3D-A8C59ABF2332}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\dayz\dayz.exe |
    "{80D2DA6E-9333-4C4F-AE03-0AC82C18958B}" = protocol=17 | dir=in | app=c:\program files (x86)\raptr\raptr.exe |
    "{8225A148-A474-4BB0-A22F-5BAAB2D9A436}" = protocol=6 | dir=out | app=%systemroot%\ehome\ehshell.exe |
    "{83233CAF-EF4F-47C0-8CDC-C69C4AD29ECD}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\loadout\loadout.exe |
    "{834A29B7-BB9D-494E-A836-BAB7B43AA2C0}" = protocol=17 | dir=in | app=c:\windows\syswow64\muzapp.exe |
    "{8453C3A1-35AD-4740-B39D-392999C8BF76}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\arma 3\arma3.exe |
    "{85D11CB3-82CE-4F68-A46F-DFEC927DA9D3}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\planetside 2\launchpad.exe |
    "{87F41965-57BD-459D-BBBD-2DA1FA1AAB5F}" = protocol=6 | dir=out | app=%systemroot%\ehome\mcrmgr.exe |
    "{889A7F4E-7844-4F16-8FBC-76F51EDA72A9}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\dayz\dayz.exe |
    "{889CFC3A-8ECE-439A-ABA5-43785C8391EA}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe |
    "{88D1344C-37A2-4997-AB6D-0FC3F3C2F809}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\arma 2 operation arrowhead\_runa2co.cmd |
    "{8E4C1F12-B8F2-40E6-819A-9C0D9A0F3554}" = protocol=1 | dir=out | name=@firewallapi.dll,-28544 |
    "{8F3ACCB7-D802-492A-8186-385E354D2FF1}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
    "{911A8CDB-F6E9-4FDB-9CEB-C2DBF4BB5B33}" = protocol=6 | dir=out | app=%systemroot%\ehome\ehshell.exe |
    "{92949CFA-21C3-4F02-8125-A6EBBDAD8E40}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\bugbear entertainment\next car game.exe |
    "{92F2FEE8-4A1C-4F65-A2EB-7ACCE8360AD5}" = protocol=17 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe |
    "{9596BEED-DCB0-41D7-8C0D-B70436C4570E}" = protocol=58 | dir=out | name=@firewallapi.dll,-28546 |
    "{98D723BA-56B3-458E-9668-F1F37CF1D184}" = dir=in | app=c:\program files\belkin\belkin usb print and storage center\connect.exe |
    "{9B8AA9BE-342C-4908-986A-8B48526C4FFC}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\dayz\dayz.exe |
    "{9C8B90F1-51DF-4B3A-B59B-7C6C5552E890}" = protocol=6 | dir=in | app=c:\program files (x86)\raptr\raptr.exe |
    "{9E08EDB4-426F-4F3D-BD31-D04F2D038E49}" = protocol=6 | dir=in | app=c:\program files (x86)\battlelog web plugins\sonar\0.70.4\sonarhost.exe |
    "{9EB3FB0E-B0BC-47CA-81A1-70EFAB6C4F48}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\aceofspades\aos.exe |
    "{A587AF9C-4F4D-4186-ABD0-DA3CA6D1CFF8}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\dayz\dayz.exe |
    "{A8C7A754-AE96-429E-8B74-2603A4A62158}" = protocol=58 | dir=in | name=@firewallapi.dll,-28545 |
    "{AD1768FF-4101-4C44-8147-45C0E408A030}" = protocol=17 | dir=in | app=c:\program files (x86)\asus\ai suite ii\ai suite ii.exe |
    "{B28E3C74-F41F-41C5-A792-53DAB22DBA8B}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\loadout\loadout.exe |
    "{B3FE5C5E-A1D2-4125-8FC5-11A9BF7A4BA0}" = protocol=17 | dir=in | app=c:\windows\syswow64\pnkbstrb.exe |
    "{B720EA08-A3E2-4FD8-BC77-C35095066F28}" = protocol=6 | dir=in | app=c:\program files (x86)\asus\ai suite ii\remote go!\assisttools\wifi go! server.exe |
    "{B8EBCCAA-DDAD-49CB-8D8F-C86535384ABF}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\dayz\dayz.exe |
    "{BA98186A-7055-4412-95F9-9F1B87C1F1EC}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\dayz\dayz.exe |
    "{BB321D80-69FD-4E8C-9AD3-C86490C671B7}" = protocol=6 | dir=out | app=%systemroot%\ehome\mcrmgr.exe |
    "{BBD29DCE-C6DB-4856-99BD-B820128292BB}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
    "{BF17AEB1-A108-449D-B870-379F1DA45682}" = protocol=6 | dir=out | svc=mcx2svc | app=%systemroot%\system32\svchost.exe |
    "{C11B237C-51BE-4B5E-961B-7FB33A0A273B}" = protocol=1 | dir=in | name=@firewallapi.dll,-28543 |
    "{C674923B-5BB1-46FC-877D-523D7E3D2B15}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\next car game sneak peek 2.0\next car game technology sneak peek.exe |
    "{D0FA8A20-1244-4F47-9913-3EBFB6F89A6D}" = protocol=6 | dir=out | app=%systemroot%\ehome\mcx2prov.exe |
    "{D24B5AA2-B419-4A8A-A380-919C902D14CC}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
    "{D2990D4F-EAB4-4D36-8D14-C8B3E381BB27}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\dayz\dayz.exe |
    "{D318D7F4-AA23-42B5-A4C5-34D929AE3EF5}" = protocol=6 | dir=in | app=c:\windows\syswow64\pnkbstra.exe |
    "{D41F94AF-279A-4F3D-A444-C0984A65BA09}" = protocol=6 | dir=in | app=c:\program files (x86)\origin games\battlefield 4\bf4.exe |
    "{DE209CAB-92ED-46BE-8A50-03679DA8FA6A}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steam.exe |
    "{DF243D4E-B7F3-4ECA-BADD-0A5F5BB33C3A}" = protocol=17 | dir=in | app=c:\program files (x86)\origin games\battlefield 3\bf3.exe |
    "{E1701748-47B7-4150-BB95-ED6439A8BF3B}" = protocol=17 | dir=out | app=%systemroot%\ehome\ehshell.exe |
    "{E85C5857-E618-47FF-8762-0C4D909C9746}" = protocol=6 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
    "{E8A37F87-9941-42B8-A3D2-2633724FA48F}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\loadout\loadout.exe |
    "{EA0A8BA5-F2B7-4CF7-8DEB-180FE170297C}" = protocol=6 | dir=in | app=c:\program files (x86)\origin games\battlefield 3\bf3.exe |
    "{EC202966-3350-4777-846F-D4C3B7E15D95}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\arma 2 operation arrowhead\besetup\setup_battleyearma2oa.exe |
    "{ED155341-C55D-45F3-B511-BCD6C0BCF6B1}" = protocol=17 | dir=in | app=c:\users\b fizzle\appdata\roaming\bittorrent\bittorrent.exe |
    "{EE36B84B-7EA0-41D3-877D-3158F514AF53}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\planetside 2\launchpad.exe |
    "{F792D57D-3BEF-4023-8E63-6ABD37B4F167}" = protocol=6 | dir=out | svc=fdphost | app=%systemroot%\system32\svchost.exe |
    "{FB0ACCEF-F8FA-4698-9BCE-ACD4FBAF6A49}" = protocol=6 | dir=out | app=%systemroot%\ehome\mcx2prov.exe |
    "{FB0FF160-FA6B-4624-87D3-1FDF6A32912B}" = protocol=17 | dir=in | app=c:\windows\syswow64\pnkbstra.exe |
    "{FD79C367-6B2A-4773-9CF1-FDD10809316F}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\arma 2 operation arrowhead\_runa2co.cmd |
    "{FDA78AEE-0862-4465-A6BD-E443D6CEE353}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\next car game sneak peek 2.0\next car game technology sneak peek.exe |
    "TCP Query User{3AF62706-BE0E-4802-9305-B5BDE88DBB3F}C:\program files (x86)\steam\steamapps\common\arma 2 operation arrowhead\expansion\beta\arma2oa.exe" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\arma 2 operation arrowhead\expansion\beta\arma2oa.exe |
    "TCP Query User{66157761-6A1F-4742-9352-F698BE1876A0}C:\program files (x86)\wondershare\mobilego for android\mobilegoservice.exe" = protocol=6 | dir=in | app=c:\program files (x86)\wondershare\mobilego for android\mobilegoservice.exe |
    "TCP Query User{C10BD827-687D-4A4F-A324-97D67F2EE94A}C:\program files (x86)\steam\steamapps\common\arma 2 operation arrowhead\expansion\beta\arma2oa.exe" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\arma 2 operation arrowhead\expansion\beta\arma2oa.exe |
    "TCP Query User{E2F9082E-EEDB-475E-A78F-6F447C003F1A}C:\program files (x86)\steam\steam.exe" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steam.exe |
    "TCP Query User{E5DFFE06-262D-4E2E-9B65-25773AD74029}C:\program files (x86)\origin games\battlefield 3\bf3.exe" = protocol=6 | dir=in | app=c:\program files (x86)\origin games\battlefield 3\bf3.exe |
    "UDP Query User{2A2F9BE0-02A6-41D1-8D44-B470F85B58C3}C:\program files (x86)\wondershare\mobilego for android\mobilegoservice.exe" = protocol=17 | dir=in | app=c:\program files (x86)\wondershare\mobilego for android\mobilegoservice.exe |
    "UDP Query User{58695D81-B47D-4A7A-BBBF-3C90146F0445}C:\program files (x86)\steam\steamapps\common\arma 2 operation arrowhead\expansion\beta\arma2oa.exe" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\arma 2 operation arrowhead\expansion\beta\arma2oa.exe |
    "UDP Query User{8FB7CE39-0B32-4B88-ABAF-454C59946E22}C:\program files (x86)\steam\steam.exe" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steam.exe |
    "UDP Query User{A391788D-7991-4C7C-AE6A-2F6CC850B053}C:\program files (x86)\steam\steamapps\common\arma 2 operation arrowhead\expansion\beta\arma2oa.exe" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\arma 2 operation arrowhead\expansion\beta\arma2oa.exe |
    "UDP Query User{E130B840-A377-420B-A903-2A02A65280BD}C:\program files (x86)\origin games\battlefield 3\bf3.exe" = protocol=17 | dir=in | app=c:\program files (x86)\origin games\battlefield 3\bf3.exe |

    ========== HKEY_LOCAL_MACHINE Uninstall List ==========

    64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
    "{071c9b48-7c32-4621-a0ac-3f809523288f}" = Microsoft Visual C++ 2005 Redistributable (x64)
    "{15C339CD-5C22-1B4F-8F72-19597C95E00A}" = AMD Wireless Display v3.0
    "{1D8E6291-B0D5-35EC-8441-6616F567A0F7}" = Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219
    "{1E9FC118-651D-4934-97BE-E53CAE5C7D45}" = Microsoft_VC80_MFCLOC_x86_x64
    "{26A24AE4-039D-4CA4-87B4-2F86417007FF}" = Java 7 Update 7 (64-bit)
    "{26F481C6-8DBE-4F8B-9D8D-715081C23ADE}" = Adobe Premiere Elements 10
    "{2C637DB1-3E0A-4089-8366-C6C0B01E5C2B}" = AMD Steady Video Plug-In
    "{2EDC2FA3-1F34-34E5-9085-588C9EFD1CC6}" = Microsoft Visual C++ 2012 x64 Minimum Runtime - 11.0.60610
    "{330DAC67-5B62-452A-A0E4-6B4A5923940F}_is1" = MotioninJoy Gamepad tool 0.7.1001
    "{33C19CDE-E935-11E0-A0DA-F04DA23A5C58}" = MSVCRT Redists
    "{3DAE9A67-DD8D-4EDB-91F7-7B5132B1864D}" = SmartSound Premiere Elements 10 x64 Plugin
    "{44610EE0-C908-D8F1-425D-914A5B745DEA}" = AMD Drag and Drop Transcoding
    "{4569AD91-47F4-4D9E-8FC9-717EC32D7AE1}" = Microsoft_VC80_CRT_x86_x64
    "{49F6DFDE-8DF7-11E1-9E5F-F04DA23A5C58}" = MSVCRT Redists
    "{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148
    "{4F22FDBD-EEDF-B559-BA51-CEC596807240}" = AMD Fuel
    "{4FFA2088-8317-3B14-93CD-4C699DB37843}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729
    "{503F672D-6C84-448A-8F8F-4BC35AC83441}" = AMD APP SDK Runtime
    "{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161
    "{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}" = Microsoft Visual C++ 2005 Redistributable (x64)
    "{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}" = Bonjour
    "{764384C5-BCA9-307C-9AAC-FD443662686A}" = Microsoft Visual C++ 2012 x64 Additional Runtime - 11.0.60610
    "{787136D2-F0F8-4625-AA3F-72D7795AC842}" = Apple Mobile Device Support
    "{7DEBE4EB-6B40-3766-BB35-5CBBC385DA37}" = Microsoft .NET Framework 4.5.1
    "{7E76C229-D68D-480E-BB99-DAF73BE3C67B}" = M-Audio M-Track Driver 1.0.6 (x64)
    "{8220EEFE-38CD-377E-8595-13398D740ACE}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17
    "{8557397C-A42D-486F-97B3-A2CBC2372593}" = Microsoft_VC90_ATL_x86_x64
    "{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
    "{8D2C98CB-7D5D-25CE-C72B-3F2C257F0284}" = AMD Catalyst Install Manager
    "{90140000-006D-0409-1000-0000000FF1CE}" = Microsoft Office Click-to-Run 2010
    "{925D058B-564A-443A-B4B2-7E90C6432E55}" = Microsoft_VC80_ATL_x86_x64
    "{92A3CA0D-55CD-4C5D-BA95-5C2600C20F26}" = Microsoft_VC90_CRT_x86_x64
    "{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033" = Microsoft .NET Framework 4.5.1
    "{93674606-6B77-DE6D-8237-71B5901FED2D}" = AMD Media Foundation Decoders
    "{A1439D4F-FD46-47F2-A1D3-FEE097C29A09}" = WIDCOMM Bluetooth Software
    "{A2CB1ACB-94A2-32BA-A15E-7D80319F7589}" = Microsoft Visual C++ 2012 x64 Minimum Runtime - 11.0.50727
    "{A472B9E4-0AFF-4F7B-B25D-F64F8E928AAB}" = Microsoft_VC90_MFC_x86_x64
    "{AC53FC8B-EE18-3F9C-9B59-60937D0B182C}" = Microsoft Visual C++ 2012 x64 Additional Runtime - 11.0.50727
    "{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}" = Microsoft Visual C++ 2005 Redistributable (x64)
    "{AFD76129-7F24-8171-5E6C-D6C4CFB271B3}" = AMD Accelerated Video Transcoding
    "{B31DF24E-BF27-4797-B72E-174382E7898F}" = TAL-BassLine-101 (64bit)
    "{B8BA155B-1E75-405F-9CB4-8A99615D09DC}" = iTunes
    "{B98B0D8F-F4DC-1F77-BF90-55DB27FFF0AF}" = AMD Wireless Display v3.0
    "{C8C1BAD5-54E6-4146-AD07-3A8AD36569C3}" = Microsoft_VC80_MFC_x86_x64
    "{D0795B21-0CDA-4a92-AB9E-6E92D8111E44}" = SAMSUNG USB Driver for Mobile Phones
    "{DE02D760-9D68-49BA-A1CE-FDEC5892608D}" = Trapcode Suite 64-bit
    "{E6F86221-D822-547E-39D3-67F728F9AF88}" = AMD Wireless Display v3.0
    "{E8C64028-08E5-4BF0-B1C0-DBAAC6A77DF1}" = PowerDirector
    "{F7BC3509-7EFD-4BA8-32DB-0A794AEA786C}" = ccc-utility64
    "A106663FD3361BDFACB045D83EBA03858EB1E411" = Windows Driver Package - FTDI CDM Driver Package (03/13/2008 2.04.06)
    "Belkin USB Print and Storage Center" = Belkin USB Print and Storage Center
    "CCleaner" = CCleaner
    "com.akaipro.mpc.standard_is1" = MPC 1.6.0
    "CPUID ASUS CPU-Z_is1" = CPUID ASUS CPU-Z 1.61
    "F2F24872454C7CAEAABD8BB063F70FBEFF01989D" = Windows Driver Package - FTDI CDM Driver Package (03/13/2008 2.04.06)
    "PremElem100" = Adobe Premiere Elements 10
    "USB_AUDIO_DEusb-audio.deAkaiACV1" = MPC Studio driver
    "WinRAR archiver" = WinRAR 4.20 (64-bit)

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
    "{024521CF-C07E-4F8E-8481-0D75695E03AF}" = PxMergeModule
    "{033E378E-6AD3-4AD5-BDEB-CBD69B31046C}" = Microsoft_VC90_ATL_x86
    "{048298C9-A4D3-490B-9FF9-AB023A9238F3}" = Steam
    "{08C8666B-C502-4AB3-B4CB-D74AC42D14FE}" = Nero BackItUp 10 Help (CHM)
    "{08D2E121-7F6A-43EB-97FD-629B44903403}" = Microsoft_VC90_CRT_x86
    "{0B7C79A5-5CB2-4ABD-A9C1-92A6213CE8DD}_is1" = MSI Kombustor 2.5.1
    "{0D78BEE2-F8FF-4498-AF1A-3FF81CED8AC6}" = Razer Synapse 2.0
    "{0F3647F8-E51D-4FCC-8862-9A8D0C5ACF25}" = Microsoft_VC80_ATL_x86
    "{11D08055-939C-432b-98C3-E072478A0CD7}" = PSE10 STI Installer
    "{15134cb0-b767-4960-a911-f2d16ae54797}" = Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.50727
    "{15FEDA5F-141C-4127-8D7E-B962D1742728}" = Adobe Photoshop CS5
    "{16987E99-C95C-4513-9239-7B44A0A71DB5}" = Nero SoundTrax 10 Help (CHM)
    "{17699980-496B-47D6-B0B1-9A83085B4739}" = Tuner Internet Update Application
    "{18455581-E099-4BA8-BC6B-F34B2F06600C}" = Google Toolbar for Internet Explorer
    "{185F9795-9663-4F13-9EF9-307A282ADB5A}" = ph
    "{1D273D91-D7D5-4036-8B84-EB4615FF5F81}" = SmartSound Sonicfire Pro 5
    "{1E04C795-7359-4E05-8A0E-5644F777AA08}_is1" = Wondershare MobileGo for Android ( Version 4.3.0 )
    "{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
    "{1F7FB68F-52F6-46A3-B42F-38CE46295AE5}" = Nero MediaHub 10
    "{22154f09-719a-4619-bb71-5b3356999fbf}" = Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.50727
    "{22D3A614-482C-444A-932C-9DA1B8ECDFD2}" = Elements 10 Organizer
    "{2318C2B1-4965-11d4-9B18-009027A5CD4F}" = Google Toolbar for Internet Explorer
    "{237CCB62-8454-43E3-B158-3ACD0134852E}" = High-Definition Video Playback 10
    "{2436F2A8-4B7E-4B6C-AE4E-604C84AA6A4F}" = Nero Core Components 10
    "{24EA0F76-0E1E-8C63-717D-85EE1564434A}" = CCC Help German
    "{26A24AE4-039D-4CA4-87B4-2F83217025FF}" = Java 7 Update 51
    "{276B495F-9DB0-4FC6-BEB0-85C91FC0F5E2}" = PX5 Advanced Sound Editor
    "{277C1559-4CF7-44FF-8D07-98AA9C13AABD}" = Nero Multimedia Suite 10
    "{2987EE84-C4EE-4FF5-8160-32DE00D6ABC6}" = GTA2
    "{2A075BB4-E976-4278-BF3F-E5C6945D84C0}" = bl
    "{2D8CED57-CCDB-4D86-9087-3BBCAE8F8F22}" = Six Updater
    "{2F73A7B2-E50E-39A6-9ABC-EF89E4C62E36}" = Microsoft Visual C++ 2012 x86 Minimum Runtime - 11.0.50727
    "{2F8BA3FD-1FA9-4279-B696-712ABB12F09F}" = SmartSound Quicktracks 5
    "{329411A0-19F3-4740-874F-17400B126F27}" = Nero Vision 10 Help (CHM)
    "{32DFE754-743F-CFB4-A021-BACC3E7726EF}" = CCC Help Greek
    "{33643918-7957-4839-92C7-EA96CB621A98}" = Nero Express 10 Help (CHM)
    "{34292CEC-11BE-5C33-D628-3F300F4441A5}" = CCC Help Polish
    "{34490F4E-48D0-492E-8249-B48BECF0537C}" = Nero DiscSpeed 10
    "{34D3688E-A737-44C5-9E2A-FF73618728E1}" = AI Suite II
    "{36A9226A-894E-1549-6613-08E99B73BE4F}" = CCC Help Norwegian
    "{3D6AD258-61EA-35F5-812C-B7A02152996E}" = Microsoft Visual C++ 2012 x86 Additional Runtime - 11.0.60610
    "{3EE9BCAE-E9A9-45E5-9B1C-83A4D357E05C}" = eReg
    "{428F725D-F572-B3BA-C50E-7D76021D760E}" = Catalyst Control Center Graphics Previews Common
    "{42C8B7DF-FEB0-4D51-B169-506B6BEC5797}" = Nero 10 Menu TemplatePack 1
    "{43FBAB46-5969-4200-9958-1FF81FEE506F}" = Nero 10 Movie ThemePack 1
    "{49BE9B8A-E858-4533-A74A-64306C13DB59}" = ASUS Product Register Program
    "{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
    "{4D2A6330-2F8B-11E3-9C40-B8AC6F97B88E}" = Google Earth
    "{555868C6-49FB-484F-BB43-8980651A1B00}" = Nero BurnRights 10 Help (CHM)
    "{5B146109-B0FD-5587-87E4-8AD4F5EE0CB4}" = CCC Help Finnish
    "{612C34C7-5E90-47D8-9B5C-0F717DD82726}" = swMSM
    "{61942EF5-2CD8-47D4-869C-2E9A8BB085F1}" = Asmedia ASM106x SATA Host Controller Driver
    "{635FED5B-2C6D-49BE-87E6-7A6FCD22BC5A}" = Microsoft_VC90_MFC_x86
    "{63AA3EAB-23BB-48B2-9AD0-44F878075604}" = Nero 10 Menu TemplatePack Basic
    "{65BB0407-4CC8-4DC7-952E-3EEFDF05602A}" = Nero Update
    "{66049135-9659-4AAD-9169-9CCA269EBB3E}" = Nero InfoTool 10 Help (CHM)
    "{68AB6930-5BFF-4FF6-923B-516A91984FE6}" = Nero BackItUp 10
    "{6DFB899F-17A2-48F0-A533-ED8D6866CF38}" = Nero Control Center 10
    "{6e8f74e0-43bd-4dce-8477-6ff6828acc07}" = Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.51106
    "{70050E19-6EFD-43CD-174D-4E352C5DD69B}" = CCC Help Danish
    "{70550193-1C22-445C-8FA4-564E155DB1A7}" = Nero Express 10
    "{70F19404-B96C-4EBB-AD2B-3574F8736197}" = Nero 10 Movie ThemePack 2
    "{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable
    "{7176B973-6011-43C1-AEBC-2D73FE7C6982}" = Adobe Premiere Pro CS6
    "{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable
    "{730E03E4-350E-48E5-9D3E-4329903D454D}" = Itibiti RTC
    "{74393E01-7143-5F27-608B-76CC5A852518}" = CCC Help Hungarian
    "{76285C16-411A-488A-BCE3-C83CB933D8CF}" = Battlefield 3™
    "{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}" = Apple Software Update
    "{790412BB-B6CE-459B-9E17-7DA7C20FC98C}" = DayZ Commander
    "{7A295D8F-484B-4FFB-89AB-C1FD497591FE}" = Nero WaveEditor 10 Help (CHM)
    "{7A5D731D-B4B3-490E-B339-75685712BAAB}" = Nero Burning ROM 10
    "{7AAE9187-C24F-4073-A951-36C370E7A3A5}" = ASUS Boot Setting
    "{82EF29B1-9B60-4142-A155-0599216DD053}" = LightScribe System Software
    "{837b34e3-7c30-493c-8f6a-2b0f04e2912c}" = Microsoft Visual C++ 2005 Redistributable
    "{8833FFB6-5B0C-4764-81AA-06DFEED9A476}" = Realtek Ethernet Controller Driver
    "{88547073-C566-4895-9005-EBE98EA3F7C7}" = Samsung Kies3
    "{8BA5F911-5A08-2D67-7202-3D76BFDAE004}" = CCC Help Chinese Standard
    "{8E634921-4547-4CA9-AF79-08B735431C12}" = Play withSIX
    "{8e70e4e1-06d7-470b-9f74-a51bef21088e}" = Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.51106
    "{8ECEC853-5C3D-4B10-B5C7-FF11FF724807}" = Nero Recode 10
    "{90140011-0061-0409-0000-0000000FF1CE}" = Microsoft Office Home and Student 2010 - English
    "{92146419-AE44-4C8B-A48B-0ABB1B5EC026}" = Nero 10 Menu TemplatePack 3
    "{92A10E9D-EA00-4A46-8F22-EEA660992D61}" = Nero 10 Sample Videos
    "{92D58719-BBC1-4CC3-A08B-56C9E884CC2C}" = Microsoft_VC80_CRT_x86
    "{92E25238-61A3-4ACD-A407-3C480EEF47A7}" = Nero RescueAgent 10 Help (CHM)
    "{943CFD7D-5336-47AF-9418-E02473A5A517}" = Nero BurnRights 10
    "{95716cce-fc71-413f-8ad5-56c2892d4b3a}" = Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.60610
    "{95CD070C-F114-9BE4-22AA-EEDEC178ACA4}" = CCC Help Spanish
    "{96ED4B78-300E-4033-AE6C-C115CEB4DF07}" = Nero 10 ClipartPack
    "{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
    "{9A4297F3-2A51-4ED9-92CA-4BCB8380947E}" = Nero Vision 10
    "{9B6B24BE-80E7-46C4-9FA5-B167D5E0F345}" = Nero BurningROM 10 Help (CHM)
    "{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
    "{9CBA43D3-A0E7-993C-8193-C7A4DAA0B8F7}" = CCC Help Japanese
    "{9F06F464-479A-403E-AF92-70CBB8D674A1}" = PRE10STI64Installer
    "{A0087DDE-69D0-11E2-AD57-43CA6188709B}" = Adobe AIR
    "{a1909659-0a08-4554-8af1-2175904903a1}" = Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.60610
    "{A1D0178D-9973-4D1D-E7D2-45B10BC012CD}" = CCC Help Thai
    "{A231A6F2-2C80-6203-ED35-2CFB96B25A38}" = Application Profiles
    "{A35FF3A9-1FD3-DEA5-FA0D-5D9544303214}" = CCC Help French
    "{A78FE97A-C0C8-49CE-89D0-EDD524A17392}" = PDF Settings CS5
    "{A856A146-7F74-A7A0-22DC-B3D135807ED1}" = AMD Catalyst Control Center
    "{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
    "{AA6E018D-ACEC-D5CD-80B4-65806663453A}" = CCC Help Russian
    "{AAC5D43E-816D-4C2D-8E51-55FFF35BE301}" = Apple Application Support
    "{AAEBADE3-D8AD-8BF3-899D-AEAC0BDAC0BE}" = CCC Help Portuguese
    "{ABADE36E-EC37-413B-8179-B432AD3FACE7}" = Battlefield 4™
    "{AC76BA86-7AD7-1033-7B44-AB0000000001}" = Adobe Reader XI (11.0.06)
    "{ACD15FDF-FC42-4175-B477-576F92FF2256}" = Nero 10 Sample ImagePack
    "{AF37176A-78CA-545B-34EF-8B6A21514DD1}" = Adobe Help Manager
    "{B67BAFBA-4C9F-48FA-9496-933E3B255044}" = QuickTime
    "{B6D38690-755E-4F40-A35A-23F8BC2B86AC}" = Microsoft_VC90_MFCLOC_x86
    "{B8A2869E-30CA-40C5-9CF8-BD7354E57EF8}" = SmartSound Common Data
    "{BB1E996E-35EA-90F7-9FC3-DECE73220E85}" = CCC Help Turkish
    "{C18A0418-442A-4186-AF98-D08F5054A2FC}" = Nero DiscSpeed 10 Help (CHM)
    "{C28DD992-5B7B-D195-6841-4EC57DF512BD}" = Adobe Story
    "{C3273C55-E1E4-41FF-8D69-0158090DB8D8}" = Nero CoverDesigner 10 Help (CHM)
    "{C3580AC4-C827-4332-B935-9A282ED5BB97}" = Nero Dolby Files 10
    "{CB79256B-C0E0-40C6-8EB7-BDD796203581}" = Catalyst Control Center - Branding
    "{D1A19B02-817E-4296-A45B-07853FD74D57}" = Microsoft_VC80_MFC_x86
    "{D24DB8B9-BB6C-4334-9619-BA1C650E13D3}" = Microsoft Primary Interoperability Assemblies 2005
    "{D3AD0074-E6F5-9DE2-308E-E13B0D03F5DD}" = CCC Help Korean
    "{D3BEF677-31E8-E79F-A38B-B1D40E2CF9F2}" = CCC Help English
    "{D54516B9-5572-8579-3233-BB5EC5E4F45E}" = Catalyst Control Center Localization All
    "{D92BBB52-82FF-42ED-8A3C-4E062F944AB7}" = Microsoft_VC80_MFCLOC_x86
    "{D93A0612-9F83-9F43-B1E2-372D2282FF3E}" = CCC Help Chinese Traditional
    "{DB7C1D4A-08BA-4C7E-A8AA-B7F9BB372DCF}" = Nero Recode 10 Help (CHM)
    "{DBD3859A-59E2-B520-29B5-77B8465CBE6E}" = CCC Help Italian
    "{DC8FA1C1-BE26-4889-85F1-A98AE6E37979}" = Content Manager Assistant for PlayStation(R)
    "{DE3A9DC5-9A5D-6485-9662-347162C7E4CA}" = Adobe Media Player
    "{DF92BC15-34F5-EC1A-DD85-CC55AD5B37F3}" = Catalyst Control Center InstallProxy
    "{E15BC10F-04AA-0AFD-A6C9-476730195F8B}" = Adobe Download Assistant
    "{E1EE5339-5D32-458F-BAAB-B19F6301BCE2}" = Nero SoundTrax 10
    "{E337E787-CF61-4B7B-B84F-509202A54023}" = Nero RescueAgent 10
    "{E3764345-3270-FFB3-3BE1-C428B2F64582}" = CCC Help Czech
    "{E4423885-66EA-3FDA-ECC2-118BFD9045D6}" = CCC Help Dutch
    "{E4FB0B39-C991-4EE7-95DD-1A1A7857D33D}" = Asmedia ASM104x USB 3.0 Host Controller Driver
    "{E712C273-7564-4C8E-AA59-0FA19BC35117}" = Nero 10 Menu TemplatePack 2
    "{E7A1B94F-A981-49B2-868F-DFEA471AB17D}" = ArcSoft TotalMedia Extreme
    "{E7D4E834-93EB-351F-B8FB-82CDAE623003}" = Microsoft Visual C++ 2012 x86 Minimum Runtime - 11.0.60610
    "{E82097B9-A3B8-404A-9A92-AC16A8AC9576}" = Adobe After Effects CS5.5
    "{E8BAA541-D161-4C9B-85BF-01F05A56BD7F}}_is1" = Live Update 5
    "{EC8282AB-48DD-91D2-7387-01CD6E100A5D}" = Adobe Photoshop.com Inspiration Browser
    "{EE549AF9-8FAA-4584-83B2-ECF1BC9DC1FF}" = Adobe Photoshop Elements 10
    "{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}" = Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219
    "{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
    "{F412B4AF-388C-4FF5-9B2F-33DB1C536953}" = Nero InfoTool 10
    "{F467862A-D9CA-47ED-8D81-B4B3C9399272}" = Nero MediaHub 10 Help (CHM)
    "{F5CB822F-B365-43D1-BCC0-4FDA1A2017A7}" = Nero 10 Movie ThemePack Basic
    "{F6117F9C-ADB5-4590-9BE4-12C7BEC28702}" = Nero StartSmart 10 Help (CHM)
    "{F61D489E-6C44-49AC-AD02-7DA8ACA73A65}" = Nero StartSmart 10
    "{F72DE0E8-956A-7EB7-0DA2-0F9F686E1957}" = HydraVision
    "{F8F12043-9C0F-5C5C-644A-C915F437AD75}" = CCC Help Swedish
    "{FCF00A6E-FB58-477A-ABE9-232907105521}" = Nero CoverDesigner 10
    "{FDB30193-FDA0-3DAA-ACCA-A75EEFE53607}" = Microsoft Visual C++ 2012 x86 Additional Runtime - 11.0.50727
    "{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022
    "7-Zip 9.20" = 7-Zip 9.20
    "Adobe AIR" = Adobe AIR
    "Adobe Flash Player ActiveX" = Adobe Flash Player 12 ActiveX
    "Adobe Flash Player Plugin" = Adobe Flash Player 11 Plugin
    "Adobe Photoshop Elements 10" = Adobe Photoshop Elements 10
    "Adobe Shockwave Player" = Adobe Shockwave Player 12.0
    "Afterburner" = MSI Afterburner 2.1.0
    "Akai The809_is1" = Akai THE 809
    "Akai TheBANK_is1" = Akai THE BANK
    "Battlelog Web Plugins" = Battlelog Web Plugins
    "BattlEye for A2" = BattlEye Uninstall
    "BattlEye for OA" = BattlEye for OA Uninstall
    "Bruteforce Save Data" = Bruteforce Save Data
    "CameraWindowDVC6" = Canon Utilities CameraWindow DC_DV 6 for ZoomBrowser EX
    "CameraWindowLauncher" = Canon Utilities CameraWindow
    "chc.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1" = Adobe Help Manager
    "com.adobe.AdobeStory.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1" = Adobe Story
    "com.adobe.amp.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1" = Adobe Media Player
    "com.adobe.downloadassistant.AdobeDownloadAssistant" = Adobe Download Assistant
    "DPP" = Canon Utilities Digital Photo Professional 3.2
    "EOS Utility" = Canon Utilities EOS Utility
    "ESN Sonar-0.70.4" = ESN Sonar
    "FL Studio 11" = FL Studio 11
    "FlowStone" = FlowStone FL 3.0
    "Fraps" = Fraps (remove only)
    "Google Chrome" = Google Chrome
    "Grand Theft Auto" = Grand Theft Auto
    "Hauppauge HDPVR Scheduler" = Hauppauge HDPVR Scheduler
    "Hauppauge WinTV Scheduler" = Hauppauge WinTV Scheduler
    "IL Download Manager" = IL Download Manager
    "IL Shared Libraries" = IL Shared Libraries
    "InstallShield_{1D273D91-D7D5-4036-8B84-EB4615FF5F81}" = SmartSound Sonicfire Pro 5
    "InstallShield_{2F8BA3FD-1FA9-4279-B696-712ABB12F09F}" = SmartSound Quicktracks 5
    "InstallShield_{88547073-C566-4895-9005-EBE98EA3F7C7}" = Samsung Kies3
    "InstallShield_{B8A2869E-30CA-40C5-9CF8-BD7354E57EF8}" = SmartSound Common Data
    "InstallShield_{DE02D760-9D68-49BA-A1CE-FDEC5892608D}" = Trapcode Suite 64-bit
    "Malwarebytes' Anti-Malware_is1" = Malwarebytes Anti-Malware version 1.75.0.1300
    "MPC Factory Content_is1" = MPC Factory Content 1.2.0
    "MPC_is1" = MPC 1.2.0
    "MyCamera" = Canon Utilities MyCamera
    "N360" = Norton 360
    "nfoViewerLite" = nfoViewerLite 1.0.0.0
    "NortonPCCheckup" = Norton PC Checkup
    "Office14.Click2Run" = Microsoft Office Click-to-Run 2010
    "Origin" = Origin
    "PhotoshopdotcomInspirationBrowser.4C35C4D325D350FE0114230CBADCA2DDD0AC8D25.1" = Adobe Photoshop.com Inspiration Browser
    "PhotoStitch" = Canon Utilities PhotoStitch
    "Picture Style Editor" = Canon Utilities Picture Style Editor
    "PunkBusterSvc" = PunkBuster Services
    "Raptr" = Raptr
    "Rapture_x64_is1" = Rapture 1.2.2
    "RAW Image Task" = Canon RAW Image Task for ZoomBrowser EX
    "reFX Nexus_is1" = reFX Nexus VSTi RTAS v2.2.0
    "RemoteCaptureTask" = Canon Utilities RemoteCapture Task for ZoomBrowser EX
    "Sendori" = Sendori
    "SONARX2Producer_x64_is1" = SONAR X2 Producer x64
    "Steam App 107410" = Arma 3 Alpha
    "Steam App 208090" = Loadout
    "Steam App 218230" = PlanetSide 2
    "Steam App 221100" = DayZ
    "Steam App 224540" = Ace of Spades
    "Steam App 228380" = Next Car Game
    "Steam App 272860" = Next Car Game Sneak Peek 2.0
    "Steam App 33900" = ARMA 2
    "Steam App 33930" = ARMA 2: Operation Arrowhead
    "Steinberg Hypersonic VSTi DXi_is1" = Steinberg Hypersonic VSTi DXi v2.0
    "TeamSpeak 3 Client" = TeamSpeak 3 Client
    "WFTK" = Canon Utilities WFT-E1/E2/E3 Utility
    "WinCDEmu" = WinCDEmu
    "ZoomBrowser EX" = Canon Utilities ZoomBrowser EX
    "ZoomBrowser EX Memory Card Utility" = Canon ZoomBrowser EX Memory Card Utility

    ========== HKEY_USERS Uninstall List ==========

    [HKEY_USERS\S-1-5-21-3318628717-2039210978-2398495989-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
    "BitTorrent" = BitTorrent

    ========== Last 20 Event Log Errors ==========

    [ Application Events ]
    Error - 3/21/2014 6:56:02 PM | Computer Name = BFizzle-PC | Source = Bonjour Service | ID = 100
    Description = Task Scheduling Error: Continuously busy for more than a second

    Error - 3/21/2014 6:56:02 PM | Computer Name = BFizzle-PC | Source = Bonjour Service | ID = 100
    Description = Task Scheduling Error: m->NextScheduledEvent 5991

    Error - 3/21/2014 6:56:02 PM | Computer Name = BFizzle-PC | Source = Bonjour Service | ID = 100
    Description = Task Scheduling Error: m->NextScheduledSPRetry 5991

    Error - 3/21/2014 6:56:03 PM | Computer Name = BFizzle-PC | Source = Bonjour Service | ID = 100
    Description = Task Scheduling Error: Continuously busy for more than a second

    Error - 3/21/2014 6:56:03 PM | Computer Name = BFizzle-PC | Source = Bonjour Service | ID = 100
    Description = Task Scheduling Error: m->NextScheduledEvent 6989

    Error - 3/21/2014 6:56:03 PM | Computer Name = BFizzle-PC | Source = Bonjour Service | ID = 100
    Description = Task Scheduling Error: m->NextScheduledSPRetry 6989

    Error - 3/21/2014 6:56:04 PM | Computer Name = BFizzle-PC | Source = Bonjour Service | ID = 100
    Description = Task Scheduling Error: Continuously busy for more than a second

    Error - 3/21/2014 6:56:04 PM | Computer Name = BFizzle-PC | Source = Bonjour Service | ID = 100
    Description = Task Scheduling Error: m->NextScheduledEvent 8003

    Error - 3/21/2014 6:56:04 PM | Computer Name = BFizzle-PC | Source = Bonjour Service | ID = 100
    Description = Task Scheduling Error: m->NextScheduledSPRetry 8003

    Error - 3/22/2014 10:09:31 AM | Computer Name = BFizzle-PC | Source = Application Hang | ID = 1002
    Description = The program IEXPLORE.EXE version 11.0.9600.16521 stopped interacting
    with Windows and was closed. To see if more information about the problem is available,
    check the problem history in the Action Center control panel. Process ID: 1628 Start
    Time: 01cf45d84ecf846b Termination Time: 4 Application Path: C:\Program Files (x86)\Internet
    Explorer\IEXPLORE.EXE Report Id:

    [ System Events ]
    Error - 3/22/2014 10:01:28 AM | Computer Name = BFizzle-PC | Source = Application Popup | ID = 1060
    Description = \SystemRoot\SysWow64\DRIVERS\papyjoy.sys has been blocked from loading
    due to incompatibility with this system. Please contact your software vendor for
    a compatible version of the driver.

    Error - 3/22/2014 10:02:45 AM | Computer Name = BFizzle-PC | Source = Service Control Manager | ID = 7000
    Description = The AODDriver4.3 service failed to start due to the following error:
    %%2

    Error - 3/22/2014 10:05:04 AM | Computer Name = BFizzle-PC | Source = Service Control Manager | ID = 7022
    Description = The AsusFanControlService service hung on starting.

    Error - 3/22/2014 10:05:09 AM | Computer Name = BFizzle-PC | Source = Service Control Manager | ID = 7022
    Description = The Common Client Job Manager Service service hung on starting.

    Error - 3/22/2014 10:05:09 AM | Computer Name = BFizzle-PC | Source = Service Control Manager | ID = 7026
    Description = The following boot-start or system-start driver(s) failed to load:
    amdkmafd papycpu2 papyjoy

    Error - 3/24/2014 2:49:40 PM | Computer Name = BFizzle-PC | Source = Application Popup | ID = 1060
    Description = \SystemRoot\SysWow64\DRIVERS\papycpu2.sys has been blocked from loading
    due to incompatibility with this system. Please contact your software vendor for
    a compatible version of the driver.

    Error - 3/24/2014 2:49:40 PM | Computer Name = BFizzle-PC | Source = Application Popup | ID = 1060
    Description = \SystemRoot\SysWow64\DRIVERS\papyjoy.sys has been blocked from loading
    due to incompatibility with this system. Please contact your software vendor for
    a compatible version of the driver.

    Error - 3/24/2014 2:50:59 PM | Computer Name = BFizzle-PC | Source = Service Control Manager | ID = 7000
    Description = The AODDriver4.3 service failed to start due to the following error:
    %%2

    Error - 3/24/2014 2:54:05 PM | Computer Name = BFizzle-PC | Source = Service Control Manager | ID = 7022
    Description = The AsusFanControlService service hung on starting.

    Error - 3/24/2014 2:54:05 PM | Computer Name = BFizzle-PC | Source = Service Control Manager | ID = 7026
    Description = The following boot-start or system-start driver(s) failed to load:
    amdkmafd papycpu2 papyjoy


    < End of report >
     
  2. jaymacc81

    jaymacc81 Member

    Joined:
    Sep 30, 2010
    Messages:
    15
    Likes Received:
    0
    Trophy Points:
    11
    also ran combofix:

    ComboFix 14-03-24.01 - B Fizzle 03/24/2014 13:26:20.1.8 - x64
    Microsoft Windows 7 Home Premium 6.1.7601.1.1252.1.1033.18.16281.13603 [GMT -6:00]
    Running from: c:\users\B Fizzle\Desktop\ComboFix.exe
    AV: Norton 360 *Disabled/Updated* {63DF5164-9100-186D-2187-8DC619EFD8BF}
    FW: Norton 360 *Disabled* {5BE4D041-DB6F-1935-0AD8-24F3E73C9FC4}
    SP: Norton 360 *Disabled/Updated* {D8BEB080-B73A-17E3-1B37-B6B462689202}
    SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
    * Created a new restore point
    .
    .
    ((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
    .
    .
    c:\users\B Fizzle\AppData\Local\common_functions.dll
    c:\users\B Fizzle\AppData\Local\ie_runner_app.exe
    .
    .
    ((((((((((((((((((((((((( Files Created from 2014-02-24 to 2014-03-24 )))))))))))))))))))))))))))))))
    .
    .
    2014-03-20 23:45 . 2014-03-20 23:45 -------- d-----w- c:\windows\system32\drivers\N360x64\1502000.026
    2014-03-20 20:29 . 2014-01-09 02:22 5694464 ----a-w- c:\windows\SysWow64\mstscax.dll
    2014-03-20 20:29 . 2014-01-03 22:44 6574592 ----a-w- c:\windows\system32\mstscax.dll
    2014-03-20 03:29 . 2013-09-25 02:23 1030144 ----a-w- c:\windows\system32\TSWorkspace.dll
    2014-03-20 03:29 . 2013-09-25 01:57 792576 ----a-w- c:\windows\SysWow64\TSWorkspace.dll
    2014-03-12 12:54 . 2014-03-12 12:55 -------- d-----w- C:\AdwCleaner
    2014-03-12 00:18 . 2014-02-04 02:32 624128 ----a-w- c:\windows\system32\qedit.dll
    2014-03-12 00:18 . 2014-02-04 02:04 509440 ----a-w- c:\windows\SysWow64\qedit.dll
    2014-03-12 00:18 . 2014-02-04 02:32 1424384 ----a-w- c:\windows\system32\WindowsCodecs.dll
    2014-03-12 00:18 . 2014-02-04 02:04 1230336 ----a-w- c:\windows\SysWow64\WindowsCodecs.dll
    2014-03-08 22:42 . 2014-03-08 22:42 -------- d-----w- c:\programdata\Roblox
    2014-03-08 08:11 . 2014-03-08 08:25 -------- d-----w- c:\programdata\Malwarebytes' Anti-Malware (portable)
    2014-03-08 08:11 . 2014-03-08 08:11 91352 ----a-w- c:\windows\system32\drivers\mbamchameleon.sys
    2014-03-08 03:39 . 2014-03-20 03:24 -------- d-----w- c:\users\B Fizzle\AppData\Local\BeamNG
    2014-03-04 20:02 . 2014-03-04 20:02 -------- d-----w- c:\program files\Quiknowledge
    2014-03-01 16:16 . 2012-08-21 19:01 33240 ----a-w- c:\windows\system32\drivers\GEARAspiWDM.sys
    2014-03-01 16:15 . 2014-03-01 16:16 -------- d-----w- c:\programdata\34BE82C4-E596-4e99-A191-52C6199EBF69
    2014-03-01 16:15 . 2014-03-01 16:16 -------- d-----w- c:\program files\iTunes
    2014-03-01 16:15 . 2014-03-01 16:16 -------- d-----w- c:\program files (x86)\iTunes
    2014-03-01 16:15 . 2014-03-01 16:15 -------- d-----w- c:\program files\iPod
    2014-02-25 09:34 . 2014-02-25 09:34 -------- d-----w- c:\users\B Fizzle\AppData\Roaming\Malwarebytes
    2014-02-25 09:34 . 2014-02-25 09:34 -------- d-----w- c:\programdata\Malwarebytes
    2014-02-25 09:34 . 2014-03-11 00:19 -------- d-----w- c:\program files (x86)\Malwarebytes' Anti-Malware
    2014-02-25 09:34 . 2013-04-04 20:50 25928 ----a-w- c:\windows\system32\drivers\mbam.sys
    2014-02-25 09:12 . 2014-02-25 09:12 -------- d-----w- c:\users\B Fizzle\AppData\Local\Wondershare
    2014-02-25 09:12 . 2014-02-25 09:12 -------- d-----w- c:\program files (x86)\Common Files\Wondershare
    2014-02-25 09:12 . 2014-02-25 09:12 -------- d-----w- c:\users\B Fizzle\AppData\Roaming\Wondershare
    2014-02-25 09:12 . 2014-02-25 09:12 -------- d-----w- c:\program files (x86)\Wondershare
    2014-02-25 08:52 . 2014-01-23 03:21 206080 ----a-w- c:\windows\system32\drivers\ssudmdm.sys
    2014-02-25 08:52 . 2014-01-23 03:21 108800 ----a-w- c:\windows\system32\drivers\ssudbus.sys
    .
    .
    .
    (((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
    .
    2014-03-24 19:37 . 2013-02-10 16:24 1048576 ----a-w- c:\windows\PE_Rom.dll
    2014-03-12 16:43 . 2012-06-22 23:58 90015360 ----a-w- c:\windows\system32\MRT.exe
    2014-03-03 22:21 . 2012-06-23 16:17 692616 ----a-w- c:\windows\SysWow64\FlashPlayerApp.exe
    2014-03-03 22:21 . 2012-06-23 16:17 71048 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl
    2014-02-10 06:04 . 2013-11-11 21:13 214392 ----a-w- c:\windows\SysWow64\PnkBstrB.exe
    2014-02-05 23:13 . 2014-02-05 23:13 58256 ----a-w- c:\windows\system32\drivers\qknfd.sys
    2014-02-03 03:37 . 2013-02-25 21:55 214392 ----a-w- c:\windows\SysWow64\PnkBstrB.ex0
    2014-01-31 21:53 . 2014-01-31 21:53 51200 ----a-w- c:\windows\system32\kdbsdk64.dll
    2014-01-31 21:49 . 2014-01-31 21:49 38912 ----a-w- c:\windows\SysWow64\kdbsdk32.dll
    2014-01-31 21:07 . 2014-01-31 21:07 127872 ----a-w- c:\windows\system32\amdhcp64.dll
    2014-01-31 21:07 . 2014-01-31 21:07 117560 ----a-w- c:\windows\SysWow64\amdhcp32.dll
    2014-01-31 21:07 . 2014-01-31 21:07 78432 ----a-w- c:\windows\system32\atimpc64.dll
    2014-01-31 21:07 . 2014-01-31 21:07 78432 ----a-w- c:\windows\system32\amdpcom64.dll
    2014-01-31 21:07 . 2014-01-31 21:07 71704 ----a-w- c:\windows\SysWow64\atimpc32.dll
    2014-01-31 21:07 . 2014-01-31 21:07 71704 ----a-w- c:\windows\SysWow64\amdpcom32.dll
    2014-01-31 21:07 . 2014-01-31 21:07 143304 ----a-w- c:\windows\system32\atiuxp64.dll
    2014-01-31 21:07 . 2014-01-31 21:07 126336 ----a-w- c:\windows\SysWow64\atiuxpag.dll
    2014-01-31 21:07 . 2014-01-31 21:07 116024 ----a-w- c:\windows\system32\atiu9p64.dll
    2014-01-31 21:07 . 2014-01-31 21:07 98496 ----a-w- c:\windows\SysWow64\atiu9pag.dll
    2014-01-31 21:07 . 2014-01-31 21:07 1328328 ----a-w- c:\windows\system32\aticfx64.dll
    2014-01-31 21:07 . 2014-01-31 21:07 1106360 ----a-w- c:\windows\SysWow64\aticfx32.dll
    2014-01-31 21:07 . 2014-01-31 21:07 10171456 ----a-w- c:\windows\system32\atidxx64.dll
    2014-01-31 21:07 . 2014-01-31 21:07 8760320 ----a-w- c:\windows\SysWow64\atidxx32.dll
    2014-01-31 21:07 . 2014-01-31 21:07 10145128 ----a-w- c:\windows\SysWow64\atiumdva.dll
    2014-01-31 21:06 . 2014-01-31 21:06 6716264 ----a-w- c:\windows\SysWow64\atiumdag.dll
    2014-01-31 21:06 . 2014-01-31 21:06 10899624 ----a-w- c:\windows\system32\atiumd6a.dll
    2014-01-31 21:06 . 2014-01-31 21:06 7892000 ----a-w- c:\windows\system32\atiumd64.dll
    2014-01-31 20:57 . 2014-01-31 20:57 13929472 ----a-w- c:\windows\system32\drivers\atikmdag.sys
    2014-01-31 20:43 . 2014-01-31 20:43 230912 ----a-w- c:\windows\system32\clinfo.exe
    2014-01-31 20:43 . 2014-01-31 20:43 1187342 ----a-w- c:\windows\system32\amdocl_as64.exe
    2014-01-31 20:43 . 2014-01-31 20:43 1061902 ----a-w- c:\windows\system32\amdocl_ld64.exe
    2014-01-31 20:43 . 2014-01-31 20:43 995342 ----a-w- c:\windows\SysWow64\amdocl_as32.exe
    2014-01-31 20:43 . 2014-01-31 20:43 798734 ----a-w- c:\windows\SysWow64\amdocl_ld32.exe
    2014-01-31 20:43 . 2014-01-31 20:43 98816 ----a-w- c:\windows\system32\OpenVideo64.dll
    2014-01-31 20:43 . 2014-01-31 20:43 83456 ----a-w- c:\windows\SysWow64\OpenVideo.dll
    2014-01-31 20:43 . 2014-01-31 20:43 86528 ----a-w- c:\windows\system32\OVDecode64.dll
    2014-01-31 20:43 . 2014-01-31 20:43 73216 ----a-w- c:\windows\SysWow64\OVDecode.dll
    2014-01-31 20:42 . 2014-01-31 20:42 28424704 ----a-w- c:\windows\system32\amdocl64.dll
    2014-01-31 20:40 . 2014-01-31 20:40 23903232 ----a-w- c:\windows\SysWow64\amdocl.dll
    2014-01-31 20:38 . 2014-01-31 20:38 65024 ----a-w- c:\windows\system32\OpenCL.dll
    2014-01-31 20:38 . 2014-01-31 20:38 58880 ----a-w- c:\windows\SysWow64\OpenCL.dll
    2014-01-31 20:26 . 2014-01-31 20:26 368640 ----a-w- c:\windows\system32\atiapfxx.exe
    2014-01-31 20:26 . 2014-01-31 20:26 62464 ----a-w- c:\windows\system32\aticalrt64.dll
    2014-01-31 20:26 . 2014-01-31 20:26 52224 ----a-w- c:\windows\SysWow64\aticalrt.dll
    2014-01-31 20:26 . 2014-01-31 20:26 55808 ----a-w- c:\windows\system32\aticalcl64.dll
    2014-01-31 20:26 . 2014-01-31 20:26 49152 ----a-w- c:\windows\SysWow64\aticalcl.dll
    2014-01-31 20:26 . 2014-01-31 20:26 15716352 ----a-w- c:\windows\system32\aticaldd64.dll
    2014-01-31 20:24 . 2014-01-31 20:24 126464 ----a-w- c:\windows\system32\mantle64.dll
    2014-01-31 20:24 . 2014-01-31 20:24 113152 ----a-w- c:\windows\SysWow64\mantle32.dll
    2014-01-31 20:23 . 2014-01-31 20:23 5350400 ----a-w- c:\windows\system32\amdmantle64.dll
    2014-01-31 20:22 . 2014-01-31 20:22 14302208 ----a-w- c:\windows\SysWow64\aticaldd.dll
    2014-01-31 20:22 . 2014-01-31 20:22 27152384 ----a-w- c:\windows\system32\atio6axx.dll
    2014-01-31 20:10 . 2014-01-31 20:10 4286976 ----a-w- c:\windows\SysWow64\amdmantle32.dll
    2014-01-31 20:06 . 2014-01-31 20:06 442368 ----a-w- c:\windows\system32\atidemgy.dll
    2014-01-31 20:06 . 2014-01-31 20:06 31232 ----a-w- c:\windows\system32\atimuixx.dll
    2014-01-31 20:06 . 2014-01-31 20:06 586240 ----a-w- c:\windows\system32\atieclxx.exe
    2014-01-31 20:05 . 2014-01-31 20:05 240128 ----a-w- c:\windows\system32\atiesrxx.exe
    2014-01-31 20:03 . 2014-01-31 20:03 190976 ----a-w- c:\windows\system32\atitmm64.dll
    2014-01-31 20:03 . 2014-01-31 20:03 22834688 ----a-w- c:\windows\SysWow64\atioglxx.dll
    2014-01-31 19:59 . 2014-01-31 19:59 81920 ----a-w- c:\windows\system32\mantleaxl64.dll
    2014-01-31 19:59 . 2014-01-31 19:59 79360 ----a-w- c:\windows\SysWow64\mantleaxl32.dll
    2014-01-31 19:48 . 2014-01-31 19:48 44544 ----a-w- c:\windows\system32\amdmmcl6.dll
    2014-01-31 19:47 . 2014-01-31 19:47 35840 ----a-w- c:\windows\SysWow64\amdmmcl.dll
    2014-01-31 19:37 . 2014-01-31 19:37 806912 ----a-w- c:\windows\system32\coinst_13.350.dll
    2014-01-31 19:30 . 2014-01-31 19:30 1148416 ----a-w- c:\windows\system32\atiadlxx.dll
    2014-01-31 19:30 . 2014-01-31 19:30 828416 ----a-w- c:\windows\SysWow64\atiadlxy.dll
    2014-01-31 19:29 . 2014-01-31 19:29 75264 ----a-w- c:\windows\system32\atig6pxx.dll
    2014-01-31 19:29 . 2014-01-31 19:29 69632 ----a-w- c:\windows\SysWow64\atiglpxx.dll
    2014-01-31 19:29 . 2014-01-31 19:29 69632 ----a-w- c:\windows\system32\atiglpxx.dll
    2014-01-31 19:29 . 2014-01-31 19:29 146432 ----a-w- c:\windows\system32\atig6txx.dll
    2014-01-31 19:29 . 2014-01-31 19:29 133120 ----a-w- c:\windows\SysWow64\atigktxx.dll
    2014-01-31 19:28 . 2014-01-31 19:28 636928 ----a-w- c:\windows\system32\drivers\atikmpag.sys
    2014-01-31 19:25 . 2014-01-31 19:25 43520 ----a-w- c:\windows\system32\drivers\ati2erec.dll
    2014-01-31 19:23 . 2014-01-31 19:23 95744 ----a-w- c:\windows\system32\amdave64.dll
    2014-01-31 19:23 . 2014-01-31 19:23 90112 ----a-w- c:\windows\SysWow64\amdave32.dll
    2014-01-31 19:23 . 2014-01-31 19:23 89088 ----a-w- c:\windows\system32\atisamu64.dll
    2014-01-31 19:23 . 2014-01-31 19:23 80896 ----a-w- c:\windows\SysWow64\atisamu32.dll
    2014-01-25 20:06 . 2013-05-05 22:32 39168 ----a-w- c:\windows\system32\drivers\ScpVBus.sys
    2014-01-14 01:53 . 2014-01-14 01:53 88576 ----a-w- c:\windows\SysWow64\rzdevinfo.dll
    2014-01-14 01:53 . 2014-01-14 01:53 296448 ----a-w- c:\windows\SysWow64\rzaudiodll.dll
    2014-01-08 04:35 . 2013-02-10 16:26 564824 ----a-w- c:\windows\system32\drivers\sptd.sys
    2013-12-26 21:06 . 2013-12-26 21:06 3698904 ----a-w- c:\windows\system32\drivers\RTKVHD64.sys
    2013-12-26 21:06 . 2013-12-26 21:06 2103040 ----a-w- c:\windows\system32\WavesGUILib64.dll
    2013-12-26 21:06 . 2013-12-26 21:06 151256 ----a-w- c:\windows\system32\RCoInstII64.dll
    2013-12-26 21:06 . 2013-12-26 21:06 1021656 ----a-w- c:\windows\system32\RtkApi64.dll
    2013-12-26 21:06 . 2013-12-26 21:06 38251008 ----a-w- c:\windows\system32\RCoRes64.dat
    2013-12-26 21:06 . 2013-12-26 21:06 3714304 ----a-w- c:\windows\system32\MaxxAudioVnN64.dll
    2013-12-26 21:06 . 2013-12-26 21:06 27644160 ----a-w- c:\windows\system32\MaxxAudioVnA64.dll
    2013-12-26 21:06 . 2013-12-26 21:06 2036992 ----a-w- c:\windows\system32\MaxxAudioEQ64.dll
    2013-12-26 21:06 . 2013-12-26 21:06 1921792 ----a-w- c:\windows\system32\MaxxAudioRealtek264.dll
    2013-12-26 21:06 . 2013-12-26 21:06 14152960 ----a-w- c:\windows\system32\MaxxAudioRealtek64.dll
    2013-12-26 21:06 . 2013-12-26 21:06 1345280 ----a-w- c:\windows\system32\MaxxAudioAPO5064.dll
    2013-12-26 21:06 . 2013-12-26 21:06 1286400 ----a-w- c:\windows\system32\MaxxSpeechAPO64.dll
    2013-12-26 21:06 . 2013-12-26 21:06 1012992 ----a-w- c:\windows\system32\MaxxAudioAPOShell64.dll
    2013-12-24 23:09 . 2014-02-12 08:10 1987584 ----a-w- c:\windows\SysWow64\d3d10warp.dll
    2013-12-24 22:48 . 2014-02-12 08:10 2565120 ----a-w- c:\windows\system32\d3d10warp.dll
    .
    .
    ((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
    .
    .
    *Note* empty entries & legit default entries are not shown
    REGEDIT4
    .
    [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
    "CAHeadless"="c:\program files (x86)\Adobe\Elements 10 Organizer\CAHeadless\ElementsAutoAnalyzer.exe" [2011-09-15 835224]
    "HydraVisionDesktopManager"="c:\program files (x86)\ATI Technologies\HydraVision\HydraDM.exe" [2014-01-31 389120]
    .
    [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
    "SwitchBoard"="c:\program files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe" [2010-02-19 517096]
    "Sendori Tray"="c:\program files (x86)\Sendori\SendoriTray.exe" [2012-12-10 82792]
    "ASUS AiChargerPlus Execute"="c:\program files (x86)\InstallShield Installation Information\{E6931688-DA2B-4E16-8539-3D323D69C677}\AiChargerPlus.exe" [2012-08-20 550272]
    "M-Audio Panel Launcher"="c:\progra~2\M-Audio\M-Track\MAPanel.exe" [2013-04-24 1190096]
    "StartCCC"="c:\program files (x86)\ATI Technologies\ATI.ACE\Core-Static\amd64\CLIStart.exe" [2014-01-31 767200]
    "Razer Synapse"="c:\program files (x86)\Razer\Synapse\RzSynapse.exe" [2014-03-07 444760]
    .
    [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
    "ConsentPromptBehaviorAdmin"= 5 (0x5)
    "ConsentPromptBehaviorUser"= 3 (0x3)
    "EnableUIADesktopToggle"= 0 (0x0)
    "PromptOnSecureDesktop"= 0 (0x0)
    "EnableLinkedConnections"= 1 (0x1)
    .
    [HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\windows]
    "LoadAppInit_DLLs"=1 (0x1)
    .
    [HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa]
    Notification Packages REG_MULTI_SZ scecli c:\program files\WIDCOMM\Bluetooth Software\BtwProximityCP.dll
    .
    2;2 AsusFanControlService;AsusFanControlService;c:\program files (x86)\ASUS\AsusFanControlService\1.01.14\AsusFanControlService.exe;c:\program files (x86)\ASUS\AsusFanControlService\1.01.14\AsusFanControlService.exe [x]
    R0 amdkmafd;AMD Audio Bus Lower Filter;c:\windows\system32\DRIVERS\amdkmafd.sys;c:\windows\SYSNATIVE\DRIVERS\amdkmafd.sys [x]
    R2 AODDriver4.3;AODDriver4.3;c:\program files\ATI Technologies\ATI.ACE\Fuel\amd64\AODDriver2.sys;c:\program files\ATI Technologies\ATI.ACE\Fuel\amd64\AODDriver2.sys [x]
    R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [x]
    R2 MBAMService;MBAMService;c:\program files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe;c:\program files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [x]
    R3 AKAI_ACV1_MIDI;Ploytec MIDI driver for Akai MPC Studio;c:\windows\system32\drivers\akaiacv1m.sys;c:\windows\SYSNATIVE\drivers\akaiacv1m.sys [x]
    R3 bcbtums;Bluetooth USB LD Filter;c:\windows\system32\drivers\bcbtums.sys;c:\windows\SYSNATIVE\drivers\bcbtums.sys [x]
    R3 BEService;BattlEye Service;c:\program files (x86)\Common Files\BattlEye\BEService.exe;c:\program files (x86)\Common Files\BattlEye\BEService.exe [x]
    R3 btwampfl;btwampfl;c:\windows\system32\DRIVERS\btwampfl.sys;c:\windows\SYSNATIVE\DRIVERS\btwampfl.sys [x]
    R3 btwl2cap;Bluetooth L2CAP Service;c:\windows\system32\DRIVERS\btwl2cap.sys;c:\windows\SYSNATIVE\DRIVERS\btwl2cap.sys [x]
    R3 dg_ssudbus;SAMSUNG Mobile USB Composite Device Driver (DEVGURU Ver.);c:\windows\system32\DRIVERS\ssudbus.sys;c:\windows\SYSNATIVE\DRIVERS\ssudbus.sys [x]
    R3 gmhidlow;HID Mouse Lower Filter;c:\windows\system32\DRIVERS\gmhidlow.sys;c:\windows\SYSNATIVE\DRIVERS\gmhidlow.sys [x]
    R3 hcwhdpvr;Hauppauge HD PVR Capture Service;c:\windows\system32\DRIVERS\hcwhdpvr.sys;c:\windows\SYSNATIVE\DRIVERS\hcwhdpvr.sys [x]
    R3 IEEtwCollectorService;Internet Explorer ETW Collector Service;c:\windows\system32\IEEtwCollector.exe;c:\windows\SYSNATIVE\IEEtwCollector.exe [x]
    R3 LEqdUsb;Logitech SetPoint Unifying KMDF USB Filter;c:\windows\system32\DRIVERS\LEqdUsb.Sys;c:\windows\SYSNATIVE\DRIVERS\LEqdUsb.Sys [x]
    R3 LHidEqd;Logitech SetPoint Unifying KMDF HID Filter;c:\windows\system32\DRIVERS\LHidEqd.Sys;c:\windows\SYSNATIVE\DRIVERS\LHidEqd.Sys [x]
    R3 MSI_MSIBIOS_010507;MSI_MSIBIOS_010507;c:\program files (x86)\MSI\Live Update 5\msibios64_100507.sys;c:\program files (x86)\MSI\Live Update 5\msibios64_100507.sys [x]
    R3 MSICDSetup;MSICDSetup;e:\cdriver64.sys;e:\CDriver64.sys [x]
    R3 Netaapl;Apple Mobile Device Ethernet Service;c:\windows\system32\DRIVERS\netaapl64.sys;c:\windows\SYSNATIVE\DRIVERS\netaapl64.sys [x]
    R3 netr28x;Ralink 802.11n Extensible Wireless Driver;c:\windows\system32\DRIVERS\netr28x.sys;c:\windows\SYSNATIVE\DRIVERS\netr28x.sys [x]
    R3 NTIOLib_1_0_3;NTIOLib_1_0_3;c:\program files (x86)\MSI\Super-Charger\NTIOLib_X64.sys;c:\program files (x86)\MSI\Super-Charger\NTIOLib_X64.sys [x]
    R3 NTIOLib_1_0_4;NTIOLib_1_0_4;c:\program files (x86)\MSI\Live Update 5\NTIOLib_X64.sys;c:\program files (x86)\MSI\Live Update 5\NTIOLib_X64.sys [x]
    R3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;c:\windows\system32\drivers\rdpvideominiport.sys;c:\windows\SYSNATIVE\drivers\rdpvideominiport.sys [x]
    R3 ssudmdm;SAMSUNG Mobile USB Modem Drivers (DEVGURU Ver.);c:\windows\system32\DRIVERS\ssudmdm.sys;c:\windows\SYSNATIVE\DRIVERS\ssudmdm.sys [x]
    R3 SwitchBoard;Adobe SwitchBoard;c:\program files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe;c:\program files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [x]
    R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys;c:\windows\SYSNATIVE\drivers\tsusbflt.sys [x]
    R3 USBAAPL64;Apple Mobile USB Driver;c:\windows\system32\Drivers\usbaapl64.sys;c:\windows\SYSNATIVE\Drivers\usbaapl64.sys [x]
    R3 WatAdminSvc;Windows Activation Technologies Service;c:\windows\system32\Wat\WatAdminSvc.exe;c:\windows\SYSNATIVE\Wat\WatAdminSvc.exe [x]
    R4 AdobeActiveFileMonitor10.0;Adobe Active File Monitor V10;c:\program files (x86)\Adobe\Elements 10 Organizer\PhotoshopElementsFileAgent.exe;c:\program files (x86)\Adobe\Elements 10 Organizer\PhotoshopElementsFileAgent.exe [x]
    R4 Application Sendori;Application Sendori;c:\program files (x86)\Sendori\SendoriSvc.exe;c:\program files (x86)\Sendori\SendoriSvc.exe [x]
    R4 NAUpdate;Nero Update;c:\program files (x86)\Nero\Update\NASvc.exe;c:\program files (x86)\Nero\Update\NASvc.exe [x]
    R4 Norton PC Checkup Application Launcher;Norton PC Checkup Application Launcher;c:\program files (x86)\Norton PC Checkup\Engine\2.0.15.96\SymcPCCULaunchSvc.exe;c:\program files (x86)\Norton PC Checkup\Engine\2.0.15.96\SymcPCCULaunchSvc.exe [x]
    R4 Service Sendori;Service Sendori;c:\program files (x86)\Sendori\Sendori.Service.exe;c:\program files (x86)\Sendori\Sendori.Service.exe [x]
    R4 sndappv2;sndappv2;c:\program files (x86)\Sendori\sndappv2.exe;c:\program files (x86)\Sendori\sndappv2.exe [x]
    S0 amd_sata;amd_sata;c:\windows\system32\DRIVERS\amd_sata.sys;c:\windows\SYSNATIVE\DRIVERS\amd_sata.sys [x]
    S0 amd_xata;amd_xata;c:\windows\system32\DRIVERS\amd_xata.sys;c:\windows\SYSNATIVE\DRIVERS\amd_xata.sys [x]
    S0 amdkmpfd;AMD PCI Root Bus Lower Filter;c:\windows\system32\DRIVERS\amdkmpfd.sys;c:\windows\SYSNATIVE\DRIVERS\amdkmpfd.sys [x]
    S0 asahci64;asahci64;c:\windows\system32\DRIVERS\asahci64.sys;c:\windows\SYSNATIVE\DRIVERS\asahci64.sys [x]
    S0 PxHlpa64;PxHlpa64;c:\windows\System32\Drivers\PxHlpa64.sys;c:\windows\SYSNATIVE\Drivers\PxHlpa64.sys [x]
    S0 sptd;sptd;c:\windows\\SystemRoot\System32\Drivers\sptd.sys;c:\windows\\SystemRoot\System32\Drivers\sptd.sys [x]
    S0 SymDS;Symantec Data Store;c:\windows\system32\drivers\N360x64\1501000.012\SYMDS64.SYS;c:\windows\SYSNATIVE\drivers\N360x64\1501000.012\SYMDS64.SYS [x]
    S0 SymEFA;Symantec Extended File Attributes;c:\windows\system32\drivers\N360x64\1501000.012\SYMEFA64.SYS;c:\windows\SYSNATIVE\drivers\N360x64\1501000.012\SYMEFA64.SYS [x]
    S1 AsUpIO;AsUpIO;SysWow64\drivers\AsUpIO.sys;SysWow64\drivers\AsUpIO.sys [x]
    S1 BHDrvx64;BHDrvx64;c:\program files (x86)\Norton 360\NortonData\21.1.0.18\Definitions\BASHDefs\20140319.001\BHDrvx64.sys;c:\program files (x86)\Norton 360\NortonData\21.1.0.18\Definitions\BASHDefs\20140319.001\BHDrvx64.sys [x]
    S1 ccSet_N360;N360 Settings Manager;c:\windows\system32\drivers\N360x64\1501000.012\ccSetx64.sys;c:\windows\SYSNATIVE\drivers\N360x64\1501000.012\ccSetx64.sys [x]
    S1 IDSVia64;IDSVia64;c:\program files (x86)\Norton 360\NortonData\21.1.0.18\Definitions\IPSDefs\20140321.001\IDSvia64.sys;c:\program files (x86)\Norton 360\NortonData\21.1.0.18\Definitions\IPSDefs\20140321.001\IDSvia64.sys [x]
    S1 ndisrd;WinpkFilter LightWeight Filter;c:\windows\system32\DRIVERS\ndisrd.sys;c:\windows\SYSNATIVE\DRIVERS\ndisrd.sys [x]
    S1 qknfd;qknfd;c:\windows\system32\drivers\qknfd.sys;c:\windows\SYSNATIVE\drivers\qknfd.sys [x]
    S1 SymIRON;Symantec Iron Driver;c:\windows\system32\drivers\N360x64\1501000.012\Ironx64.SYS;c:\windows\SYSNATIVE\drivers\N360x64\1501000.012\Ironx64.SYS [x]
    S1 SymNetS;Symantec Network Security WFP Driver;c:\windows\System32\Drivers\N360x64\1501000.012\SYMNETS.SYS;c:\windows\SYSNATIVE\Drivers\N360x64\1501000.012\SYMNETS.SYS [x]
    S2 AMD External Events Utility;AMD External Events Utility;c:\windows\system32\atiesrxx.exe;c:\windows\SYSNATIVE\atiesrxx.exe [x]
    S2 AMD FUEL Service;AMD FUEL Service;c:\program files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe;c:\program files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe [x]
    S2 AODDriver4.2.0;AODDriver4.2.0;c:\program files\ATI Technologies\ATI.ACE\Fuel\amd64\AODDriver2.sys;c:\program files\ATI Technologies\ATI.ACE\Fuel\amd64\AODDriver2.sys [x]
    S2 asComSvc;ASUS Com Service;c:\program files (x86)\ASUS\AXSP\1.00.19\atkexComSvc.exe;c:\program files (x86)\ASUS\AXSP\1.00.19\atkexComSvc.exe [x]
    S2 asHmComSvc;ASUS HM Com Service;c:\program files (x86)\ASUS\AAHM\1.00.20\aaHMSvc.exe;c:\program files (x86)\ASUS\AAHM\1.00.20\aaHMSvc.exe [x]
    S2 AsSysCtrlService;ASUS System Control Service;c:\program files (x86)\ASUS\AsSysCtrlService\1.00.13\AsSysCtrlService.exe;c:\program files (x86)\ASUS\AsSysCtrlService\1.00.13\AsSysCtrlService.exe [x]
    S2 BcmBtRSupport;Bluetooth Driver Management Service;c:\windows\system32\BtwRSupportService.exe;c:\windows\SYSNATIVE\BtwRSupportService.exe [x]
    S2 Belkin Local Backup Service;Belkin Local Backup Service;c:\program files\Belkin\Belkin USB Print and Storage Center\BkBackupScheduler.exe;c:\program files\Belkin\Belkin USB Print and Storage Center\BkBackupScheduler.exe [x]
    S2 Belkin Network USB Helper;Belkin Network USB Helper;c:\program files\Belkin\Belkin USB Print and Storage Center\Bkapcs.exe;c:\program files\Belkin\Belkin USB Print and Storage Center\Bkapcs.exe [x]
    S2 cvhsvc;Client Virtualization Handler;c:\program files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE;c:\program files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE [x]
    S2 MBAMScheduler;MBAMScheduler;c:\program files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe;c:\program files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe [x]
    S2 MTrackAudioDevMon;M-Track Audio Device Monitor;c:\program files (x86)\M-Audio\M-Track\AudioDevMon.exe;c:\program files (x86)\M-Audio\M-Track\AudioDevMon.exe [x]
    S2 N360;Norton 360;c:\program files (x86)\Norton 360\Engine\21.1.0.18\N360.exe;c:\program files (x86)\Norton 360\Engine\21.1.0.18\N360.exe [x]
    S2 PCCUJobMgr;Common Client Job Manager Service;c:\program files (x86)\Norton PC Checkup\Engine\2.0.15.96\ccSvcHst.exe;c:\program files (x86)\Norton PC Checkup\Engine\2.0.15.96\ccSvcHst.exe [x]
    S2 sftlist;Application Virtualization Client;c:\program files (x86)\Microsoft Application Virtualization Client\sftlist.exe;c:\program files (x86)\Microsoft Application Virtualization Client\sftlist.exe [x]
    S2 sxuptp;SXUPTP Driver;c:\windows\system32\DRIVERS\sxuptp.sys;c:\windows\SYSNATIVE\DRIVERS\sxuptp.sys [x]
    S3 AiChargerPlus;AiChargerPlus;SysWow64\drivers\AiChargerPlus.sys;SysWow64\drivers\AiChargerPlus.sys [x]
    S3 amdiox64;AMD IO Driver;c:\windows\system32\DRIVERS\amdiox64.sys;c:\windows\SYSNATIVE\DRIVERS\amdiox64.sys [x]
    S3 asmthub3;ASMedia USB3 Hub Service;c:\windows\system32\DRIVERS\asmthub3.sys;c:\windows\SYSNATIVE\DRIVERS\asmthub3.sys [x]
    S3 asmtxhci;ASMEDIA XHCI Service;c:\windows\system32\DRIVERS\asmtxhci.sys;c:\windows\SYSNATIVE\DRIVERS\asmtxhci.sys [x]
    S3 ASUSFILTER;ASUSFILTER;SysWow64\drivers\ASUSFILTER.sys;SysWow64\drivers\ASUSFILTER.sys [x]
    S3 ASUSstpt;ASUS USB 3.0 Boost Storage Driver (Storage Driver);c:\windows\system32\DRIVERS\ASUSstpt.sys;c:\windows\SYSNATIVE\DRIVERS\ASUSstpt.sys [x]
    S3 ASUSumsc;ASUS USB 3.0 Boost Storage Driver (WDM);c:\windows\system32\DRIVERS\ASUSumsc.sys;c:\windows\SYSNATIVE\DRIVERS\ASUSumsc.sys [x]
    S3 AtiHDAudioService;AMD Function Driver for HD Audio Service;c:\windows\system32\drivers\AtihdW76.sys;c:\windows\SYSNATIVE\drivers\AtihdW76.sys [x]
    S3 BazisVirtualCDBus;WinCDEmu Virtual Bus Driver;c:\windows\system32\DRIVERS\BazisVirtualCDBus.sys;c:\windows\SYSNATIVE\DRIVERS\BazisVirtualCDBus.sys [x]
    S3 EraserUtilRebootDrv;EraserUtilRebootDrv;c:\program files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys;c:\program files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys [x]
    S3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys;c:\windows\SYSNATIVE\drivers\mbam.sys [x]
    S3 MotioninJoyXFilter;MotioninJoy Virtual Xinput device Filter Driver;c:\windows\system32\DRIVERS\MijXfilt.sys;c:\windows\SYSNATIVE\DRIVERS\MijXfilt.sys [x]
    S3 MTRACK;Service for M-Audio M-Track;c:\windows\system32\DRIVERS\MAudioMTrack.sys;c:\windows\SYSNATIVE\DRIVERS\MAudioMTrack.sys [x]
    S3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt64win7.sys;c:\windows\SYSNATIVE\DRIVERS\Rt64win7.sys [x]
    S3 rzendpt;rzendpt;c:\windows\system32\DRIVERS\rzendpt.sys;c:\windows\SYSNATIVE\DRIVERS\rzendpt.sys [x]
    S3 rzudd;Razer Mouse Driver;c:\windows\system32\DRIVERS\rzudd.sys;c:\windows\SYSNATIVE\DRIVERS\rzudd.sys [x]
    S3 ScpVBus;Scp Virtual Bus Driver;c:\windows\system32\DRIVERS\ScpVBus.sys;c:\windows\SYSNATIVE\DRIVERS\ScpVBus.sys [x]
    S3 Sftfs;Sftfs;c:\windows\system32\DRIVERS\Sftfswin7.sys;c:\windows\SYSNATIVE\DRIVERS\Sftfswin7.sys [x]
    S3 Sftplay;Sftplay;c:\windows\system32\DRIVERS\Sftplaywin7.sys;c:\windows\SYSNATIVE\DRIVERS\Sftplaywin7.sys [x]
    S3 Sftredir;Sftredir;c:\windows\system32\DRIVERS\Sftredirwin7.sys;c:\windows\SYSNATIVE\DRIVERS\Sftredirwin7.sys [x]
    S3 Sftvol;Sftvol;c:\windows\system32\DRIVERS\Sftvolwin7.sys;c:\windows\SYSNATIVE\DRIVERS\Sftvolwin7.sys [x]
    S3 sftvsa;Application Virtualization Service Agent;c:\program files (x86)\Microsoft Application Virtualization Client\sftvsa.exe;c:\program files (x86)\Microsoft Application Virtualization Client\sftvsa.exe [x]
    S3 usbfilter;AMD USB Filter Driver;c:\windows\system32\DRIVERS\usbfilter.sys;c:\windows\SYSNATIVE\DRIVERS\usbfilter.sys [x]
    .
    .
    [HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\active setup\installed components\{10880D85-AAD9-4558-ABDC-2AB1552D831F}]
    2009-06-17 18:11 451872 ----a-w- c:\program files (x86)\Common Files\LightScribe\LSRunOnce.exe
    .
    [HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\active setup\installed components\{8A69D345-D564-463c-AFF1-A69D9E530F96}]
    2013-12-06 20:14 1210320 ----a-w- c:\program files (x86)\Google\Chrome\Application\31.0.1650.63\Installer\chrmstp.exe
    .
    Contents of the 'Scheduled Tasks' folder
    .
    2014-03-24 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
    - c:\program files (x86)\Google\Update\GoogleUpdate.exe [2012-06-24 21:08]
    .
    2014-03-24 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
    - c:\program files (x86)\Google\Update\GoogleUpdate.exe [2012-06-24 21:08]
    .
    .
    --------- X64 Entries -----------
    .
    .
    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
    "Logitech Download Assistant"="c:\windows\System32\LogiLDA.dll" [2012-09-20 1832760]
    "AdobeAAMUpdater-1.0"="c:\program files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe" [2012-09-20 444904]
    "RTHDVCPL"="c:\program files\Realtek\Audio\HDA\RtkNGUI64.exe" [2013-12-26 7203032]
    .
    ------- Supplementary Scan -------
    .
    uLocal Page = c:\windows\system32\blank.htm
    uStart Page = hxxp://www.google.com/
    mStart Page = hxxp://www.google.com
    mLocal Page = c:\windows\SysWOW64\blank.htm
    Trusted Zone: clonewarsadventures.com
    Trusted Zone: freerealms.com
    Trusted Zone: genieo.com\search
    Trusted Zone: soe.com
    Trusted Zone: sony.com
    TCP: DhcpNameServer = 75.75.75.75 75.75.76.76
    TCP: Interfaces\{BDB9F3D2-7516-4535-B3E8-2D9AFAE9656E}: NameServer = 192.168.1.254
    TCP: Interfaces\{C5C30413-21F0-4668-B975-51815C124BF3}: NameServer = 192.168.1.254
    .
    - - - - ORPHANS REMOVED - - - -
    .
    Toolbar-10 - (no file)
    Wow6432Node-HKLM-Run-<NO NAME> - (no file)
    Toolbar-10 - (no file)
    WebBrowser-{88C7F2AA-F93F-432C-8F0E-B7D85967A527} - (no file)
    AddRemove-PunkBusterSvc - c:\windows\system32\pbsvc.exe
    AddRemove-{0B8565BA-BAD5-4732-B122-5FD78EFC50A9} - c:\programdata\{95B4F0ED-951F-4D36-B068-5EC1C4C19C14}\Service Center Setup PC.exe
    AddRemove-{50134717-1FF3-4395-883A-EAC66E3F4735} - c:\programdata\{A14F0035-D7A2-4A5A-9963-0AA58C4B4983}\Kontakt 5 Demo Content Setup PC.exe
    AddRemove-{5552453B-BB76-45E3-973D-F95E458ED780} - c:\programdata\{A9158F4E-7914-4019-808A-D4D4993E9958}\Kontakt 5 Setup PC.exe
    .
    .
    .
    [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\N360]
    "ImagePath"="\"c:\program files (x86)\Norton 360\Engine\21.1.0.18\N360.exe\" /s \"N360\" /m \"c:\program files (x86)\Norton 360\Engine\21.1.0.18\diMaster.dll\" /prefetch:1"
    --
    .
    [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\PCCUJobMgr]
    "ImagePath"="\"c:\program files (x86)\Norton PC Checkup\Engine\2.0.15.96\ccSvcHst.exe\" /s \"PCCUJobMgr\" /m \"c:\program files (x86)\Norton PC Checkup\Engine\2.0.15.96\diMaster.dll\" /prefetch:1"
    "ImagePath"="\SystemRoot\System32\Drivers\N360x64\1501000.012\SYMNETS.SYS"
    "TrustedImagePaths"="c:\program files (x86)\Norton 360\Engine\21.1.0.18;c:\program files (x86)\Norton 360\Engine64\21.1.0.18"
    .
    --------------------- LOCKED REGISTRY KEYS ---------------------
    .
    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
    @Denied: (A 2) (Everyone)
    @="FlashBroker"
    "LocalizedString"="@c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_12_0_0_70_ActiveX.exe,-101"
    .
    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
    "Enabled"=dword:00000001
    .
    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
    @="c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_12_0_0_70_ActiveX.exe"
    .
    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
    @="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
    .
    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
    @Denied: (A 2) (Everyone)
    @="IFlashBroker5"
    .
    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
    @="{00020424-0000-0000-C000-000000000046}"
    .
    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
    @="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
    "Version"="1.0"
    .
    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
    @Denied: (A 2) (Everyone)
    @="FlashBroker"
    "LocalizedString"="@c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_12_0_0_70_ActiveX.exe,-101"
    .
    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
    "Enabled"=dword:00000001
    .
    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
    @="c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_12_0_0_70_ActiveX.exe"
    .
    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
    @="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
    .
    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
    @Denied: (A 2) (Everyone)
    @="Shockwave Flash Object"
    .
    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
    @="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_12_0_0_70.ocx"
    "ThreadingModel"="Apartment"
    .
    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
    @="0"
    .
    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
    @="ShockwaveFlash.ShockwaveFlash.12"
    .
    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
    @="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_12_0_0_70.ocx, 1"
    .
    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
    @="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
    .
    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
    @="1.0"
    .
    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
    @="ShockwaveFlash.ShockwaveFlash"
    .
    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
    @Denied: (A 2) (Everyone)
    @="Macromedia Flash Factory Object"
    .
    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
    @="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_12_0_0_70.ocx"
    "ThreadingModel"="Apartment"
    .
    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
    @="FlashFactory.FlashFactory.1"
    .
    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
    @="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_12_0_0_70.ocx, 1"
    .
    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
    @="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
    .
    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
    @="1.0"
    .
    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
    @="FlashFactory.FlashFactory"
    .
    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
    @Denied: (A 2) (Everyone)
    @="IFlashBroker5"
    .
    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
    @="{00020424-0000-0000-C000-000000000046}"
    .
    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
    @="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
    "Version"="1.0"
    .
    [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
    @Denied: (A) (Users)
    @Denied: (A) (Everyone)
    @Allowed: (B 1 2 3 4 5) (S-1-5-20)
    "BlindDial"=dword:00000000
    .
    [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
    @Denied: (Full) (Everyone)
    .
    ------------------------ Other Running Processes ------------------------
    .
    c:\program files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
    c:\program files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
    c:\program files (x86)\ASUS\AI Suite II\AsRoutineController.exe
    c:\program files (x86)\ASUS\AI Suite II\DIGI+ Power Control\PowerControlHelp.exe
    c:\program files (x86)\M-Audio\M-Track\MAPanel.exe
    c:\windows\SysWOW64\PnkBstrA.exe
    c:\program files (x86)\ASUS\AI Suite II\TurboV EVO\TurboVHelp.exe
    c:\program files (x86)\ASUS\AI Suite II\AI Suite II.exe
    c:\program files (x86)\ASUS\AI Suite II\Sensor\AlertHelper\AlertHelper.exe
    c:\program files (x86)\ASUS\AI Suite II\Network iControl\NetSvcHelp\NetSvcHelp.exe
    c:\program files (x86)\ASUS\AI Suite II\Network iControl\NetSvcHelp\NetiCtrlTray.exe
    .
    **************************************************************************
    .
    Completion time: 2014-03-24 13:43:15 - machine was rebooted
    ComboFix-quarantined-files.txt 2014-03-24 19:43
    .
    Pre-Run: 689,972,441,088 bytes free
    Post-Run: 689,290,711,040 bytes free
    .
    - - End Of File - - 3C9026D1D7A374D94335E03DA217C84D
    A36C5E4F47E84449FF07ED3517B43A31
     
  3. 2oldGeek

    2oldGeek Active member

    Joined:
    Jun 16, 2005
    Messages:
    3,687
    Likes Received:
    35
    Trophy Points:
    78
    jaymacc81,

    Have looked over your OTL scan and find NO Malware, just a lot of suspicious files.

    You say you have ran MBAM and Norton. Norton is an antivirus (not a very good one) and Not a scanner…

    Maybe I can help you, I’ll give it a try if you stick with me and just do what I tell you.

    First run these cleaners and post the logs:

    -Security Check-

    Download Security Check by screen317.
    Save it to your Desktop.

    Double click SecurityCheck.exe and follow the onscreen instructions inside of the black box.
    A Notepad document should open automatically called checkup.txt; please post the contents of that document.




    --AdwCleaner--

    Please download AdwCleaner by Xplode to your Desktop.

    • Close all open programs and internet browsers.
    • Double click on AdwCleaner.exe to run the tool.
    • Click on Scan and then click Clean when finished scanning.
    • A log file will automatically open after the scan has finished.
    • Please post the content of that log file with your next answer.
    • You can find the log file at C:\AdwCleaner[Rn].txt (n is a number).



    [​IMG] —Junkware Removal Tool--

    Please download Junkware Removal Tool to your Desktop.
    Please close your security software to avoid potential conflicts.
    • Run the tool by double-clicking it. If you are using Windows Vista or 7, right-mouse click it and select Run as administrator.
    • The tool will open and start scanning your system.
    • Please be patient as this can take a while to complete, depending on your system's specifications.
    • On completion, a log (JRT.txt) is saved to your Desktop and will automatically open.
    • Please post the contents of JRT.txt into your reply.




    --RogueKiller--

    • Download & SAVE to your Desktop RogueKiller for 32bit or Roguekiller for 64bit
    • Quit all programs that you may have started.
    • Please disconnect any USB or external drives from the computer before you run this scan!
    • For Vista or Windows 7, right-click and select "Run as Administrator to start"
    • For Windows XP, double-click to start.
    • Wait until pre-scan has finished ...
    • Then Click on "Scan" button
    • Wait until the Status box shows "Scan Finished"
    • click on "delete"
    • Wait until the Status box shows "Deleting Finished"
    • Click on "Report" and copy/paste the content of the Notepad into your next reply.
    • The log should be found in RKreport[1].txt on your Desktop
    • Exit/Close RogueKiller+


    Please paste the logs in your next reply.
    Let me know what problem persists.

    After this first run we can maybe see what is happening..

    2oG
     
  4. jaymacc81

    jaymacc81 Member

    Joined:
    Sep 30, 2010
    Messages:
    15
    Likes Received:
    0
    Trophy Points:
    11
    Security Check:
    Results of screen317's Security Check version 0.99.81
    Windows 7 Service Pack 1 x64 (UAC is enabled)
    Internet Explorer 11
    ``````````````Antivirus/Firewall Check:``````````````
    Windows Firewall Enabled!
    Norton 360
    WMI entry may not exist for antivirus; attempting automatic update.
    `````````Anti-malware/Other Utilities Check:`````````
    Malwarebytes Anti-Malware version 1.75.0.1300
    Java 7 Update 51
    Adobe Flash Player 11.6.602.171 Flash Player out of Date!
    Adobe Reader XI
    Google Chrome 31.0.1650.57
    Google Chrome 31.0.1650.63
    ````````Process Check: objlist.exe by Laurent````````
    Norton ccSvcHst.exe
    `````````````````System Health check`````````````````
    Total Fragmentation on Drive C:
    ````````````````````End of Log``````````````````````

    Junk Removal Tool:
    ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
    Junkware Removal Tool (JRT) by Thisisu
    Version: 6.1.3 (03.23.2014:1)
    OS: Windows 7 Home Premium x64
    Ran by B Fizzle on Mon 03/24/2014 at 18:28:02.83
    ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~




    ~~~ Services

    Failed to stop: [Service] qknfd



    ~~~ Registry Values



    ~~~ Registry Keys



    ~~~ Files

    Successfully deleted: [File] C:\Windows\syswow64\shoA756.tmp



    ~~~ Folders

    Successfully deleted: [Folder] "C:\Users\B Fizzle\appdata\local\cre"
    Successfully deleted: [Folder] "C:\Users\B Fizzle\appdata\locallow\datamngr"
    Successfully deleted: [Folder] "C:\Program Files (x86)\gamesagogo_w3i"



    ~~~ Event Viewer Logs were cleared





    ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
    Scan was completed on Mon 03/24/2014 at 18:33:22.96
    End of JRT log
    ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

    ADW Cleaner:
    # AdwCleaner v3.022 - Report created 24/03/2014 at 18:37:04
    # Updated 13/03/2014 by Xplode
    # Operating System : Windows 7 Home Premium Service Pack 1 (64 bits)
    # Username : B Fizzle - BFIZZLE-PC
    # Running from : C:\Users\B Fizzle\Desktop\adwcleaner.exe
    # Option : Clean

    ***** [ Services ] *****


    ***** [ Files / Folders ] *****


    ***** [ Shortcuts ] *****


    ***** [ Registry ] *****

    Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{AE07101B-46D4-4A98-AF68-0333EA26E113}

    ***** [ Browsers ] *****

    -\\ Internet Explorer v11.0.9600.16521


    -\\ Google Chrome v31.0.1650.63

    [ File : C:\Users\B Fizzle\AppData\Local\Google\Chrome\User Data\Default\preferences ]


    *************************

    AdwCleaner[R0].txt - [13797 octets] - [12/03/2014 06:54:35]
    AdwCleaner[R1].txt - [1005 octets] - [24/03/2014 18:34:36]
    AdwCleaner[S0].txt - [12186 octets] - [12/03/2014 06:55:47]
    AdwCleaner[S1].txt - [930 octets] - [24/03/2014 18:37:04]

    ########## EOF - C:\AdwCleaner\AdwCleaner[S1].txt - [989 octets] ##########

    Rogue Killer:
    RogueKiller V8.8.12 _x64_ [Mar 20 2014] by Adlice Software
    mail : http://www.adlice.com/contact/
    Feedback : http://forum.adlice.com
    Website : http://www.adlice.com/softwares/roguekiller/
    Blog : http://www.adlice.com

    Operating System : Windows 7 (6.1.7601 Service Pack 1) 64 bits version
    Started in : Normal mode
    User : B Fizzle [Admin rights]
    Mode : Remove -- Date : 03/24/2014 18:49:00
    | ARK || FAK || MBR |

    ¤¤¤ Bad processes : 0 ¤¤¤

    ¤¤¤ Registry Entries : 6 ¤¤¤
    [HJ POL][PUM] HKCU\[...]\System : DisableTaskMgr (0) -> DELETED
    [HJ POL][PUM] HKCU\[...]\System : DisableRegistryTools (0) -> DELETED
    [HJ POL][PUM] HKLM\[...]\System : DisableRegistryTools (0) -> DELETED
    [HJ POL][PUM] HKLM\[...]\Wow6432Node\[...]\System : DisableRegistryTools (0) -> [0x2] The system cannot find the file specified.
    [HJ DESK][PUM] HKLM\[...]\NewStartPanel : {59031a47-3f72-44a7-89c5-5595fe6b30ee} (1) -> REPLACED (0)
    [HJ DESK][PUM] HKLM\[...]\NewStartPanel : {20D04FE0-3AEA-1069-A2D8-08002B30309D} (1) -> REPLACED (0)

    ¤¤¤ Scheduled tasks : 0 ¤¤¤

    ¤¤¤ Startup Entries : 0 ¤¤¤

    ¤¤¤ Web browsers : 0 ¤¤¤

    ¤¤¤ Browser Addons : 0 ¤¤¤

    ¤¤¤ Particular Files / Folders: ¤¤¤

    ¤¤¤ Driver : [NOT LOADED 0x0] ¤¤¤

    ¤¤¤ External Hives: ¤¤¤

    ¤¤¤ Infection : ¤¤¤

    ¤¤¤ HOSTS File: ¤¤¤
    --> %SystemRoot%\System32\drivers\etc\hosts


    127.0.0.1 localhost


    ¤¤¤ MBR Check: ¤¤¤

    +++++ PhysicalDrive0: (\\.\PHYSICALDRIVE0 @ IDE) WDC WD1001FAES-60Z2A0 ATA Device +++++
    --- User ---
    [MBR] c30229bbad3a72e358be38bba35c40b5
    [BSP] f4029c628b235df5f1a7aeae77e7fc34 : Windows 7/8 MBR Code
    Partition table:
    0 - [ACTIVE] NTFS (0x07) [VISIBLE] Offset (sectors): 2048 | Size: 100 MB
    1 - [XXXXXX] NTFS (0x07) [VISIBLE] Offset (sectors): 206848 | Size: 941386 MB
    2 - [XXXXXX] NTFS (0x07) [VISIBLE] Offset (sectors): 1928165376 | Size: 12381 MB
    User = LL1 ... OK!
    User = LL2 ... OK!

    Finished : << RKreport[0]_D_03242014_184900.txt >>
    RKreport[0]_S_03242014_184645.txt
     
  5. 2oldGeek

    2oldGeek Active member

    Joined:
    Jun 16, 2005
    Messages:
    3,687
    Likes Received:
    35
    Trophy Points:
    78
    @jaymacc81,
    Well that picked up a little. I see a few things in OTL that I am trying to figure out right now. OTL is a little out dated so please run a scan for me with FRST:

    Please download Farbar Recovery Scan Tool and save it to your Desktop.

    Note: You need to run the version compatible with your system. If you are not sure which version applies to your system download both of them and try to run them. Only one of them will run on your system, which will be the right version.


    * Right click to run as administrator (XP users click run after receipt of Windows Security Warning - Open File). When the tool opens click Yes to disclaimer.
    * Press Scan button.
    * It will produce a log called FRST.txt in the same directory the tool is run from.
    * Please copy and paste log back here.
    * The first time the tool is run it generates another log (Addition.txt - also located in the same directory as FRST.exe/FRST64.exe). Please also paste that along with the FRST.txt into your reply.



    TNX 2oG
     
  6. jaymacc81

    jaymacc81 Member

    Joined:
    Sep 30, 2010
    Messages:
    15
    Likes Received:
    0
    Trophy Points:
    11
    Heres the results, also instead of Norton, which antivirus/firewall would you suggest??


    Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 13-03-2014
    Ran by B Fizzle (administrator) on BFIZZLE-PC on 24-03-2014 21:02:55
    Running from C:\Users\B Fizzle\Desktop
    Windows 7 Home Premium Service Pack 1 (X64) OS Language: English(US)
    Internet Explorer Version 11
    Boot Mode: Normal

    The only official download link for FRST:
    Download link for 32-Bit version: http://www.bleepingcomputer.com/download/farbar-recovery-scan-tool/dl/81/
    Download link for 64-Bit Version: http://www.bleepingcomputer.com/download/farbar-recovery-scan-tool/dl/82/
    Download link from any site other than Bleeping Computer is unpermitted or outdated.
    See tutorial for FRST: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

    ==================== Processes (Whitelisted) =================

    (AMD) C:\Windows\system32\atiesrxx.exe
    (AMD) C:\Windows\system32\atieclxx.exe
    (Advanced Micro Devices, Inc.) C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe
    () C:\Program Files (x86)\ASUS\AXSP\1.00.19\atkexComSvc.exe
    (ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\AI Suite II\AsRoutineController.exe
    (ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\AI Suite II\DIGI+ Power Control\PowerControlHelp.exe
    (ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\AI Suite II\Remote GO!\AssistTools\WiFi GO! Server.exe
    (ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\AAHM\1.00.20\aaHMSvc.exe
    (ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\AsSysCtrlService\1.00.13\AsSysCtrlService.exe
    (ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\AsusFanControlService\1.01.14\AsusFanControlService.exe
    (Broadcom Corporation.) C:\Windows\system32\BtwRSupportService.exe
    () C:\Program Files\Belkin\Belkin USB Print and Storage Center\BkBackupScheduler.exe
    () C:\Program Files\Belkin\Belkin USB Print and Storage Center\Bkapcs.exe
    (Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
    (Broadcom Corporation.) C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe
    (Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe
    (Microsoft Corporation) C:\Windows\system32\msiexec.exe
    (M-Audio) C:\Program Files (x86)\M-Audio\M-Track\AudioDevMon.exe
    (Symantec Corporation) C:\Program Files (x86)\Norton 360\Engine\21.2.0.38\N360.exe
    (M-Audio) C:\Program Files (x86)\M-Audio\M-Track\MAPanel.exe
    (Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
    (Symantec Corporation) C:\Program Files (x86)\Norton PC Checkup\Engine\2.0.15.96\ccSvcHst.exe
    (AMD) C:\Program Files (x86)\ATI Technologies\HydraVision\HydraDM.exe
    () C:\Windows\SysWOW64\PnkBstrA.exe
    (Symantec Corporation) C:\Program Files (x86)\Norton 360\Engine\21.2.0.38\N360.exe
    (Sendori, Inc.) C:\Program Files (x86)\Sendori\SendoriTray.exe
    (ASUSTek Computer Inc.) C:\Program Files (x86)\InstallShield Installation Information\{E6931688-DA2B-4E16-8539-3D323D69C677}\AiChargerPlus.exe
    (AMD) C:\Program Files (x86)\ATI Technologies\HydraVision\HydraDM64.exe
    (Razer Inc.) C:\Program Files (x86)\Razer\Synapse\RzSynapse.exe
    (Advanced Micro Devices Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
    (ATI Technologies Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
    (Microsoft Corporation) C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe
    (Microsoft Corporation) C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe
    (ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\AI Suite II\USB 3.0 Boost\U3BoostSvr64.exe
    (Symantec Corporation) C:\Program Files (x86)\Norton PC Checkup\Engine\2.0.15.96\ccSvcHst.exe
    (Microsoft Corporation) C:\Program Files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE
    (ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\AI Suite II\Network iControl\NetSvcHelp\NetSvcHelp.exe
    (ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\AI Suite II\Network iControl\NetSvcHelp\NetiCtrlTray.exe
    (ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\AI Suite II\TurboV EVO\TurboVHelp.exe
    (Microsoft Corporation) C:\Windows\sysWOW64\wbem\wmiprvse.exe
    (ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\AI Suite II\AI Suite II.exe
    (ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\AI Suite II\Sensor\AlertHelper\AlertHelper.exe
    (ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\AI Suite II\Remote GO!\AsDLNAServerReal.exe
    (Micro-Star International) C:\Program Files (x86)\MSI\Live Update 5\LU5.exe


    ==================== Registry (Whitelisted) ==================

    HKLM\...\Run: [Logitech Download Assistant] - C:\Windows\System32\LogiLDA.dll [1832760 2012-09-20] (Logitech, Inc.)
    HKLM\...\Run: [AdobeAAMUpdater-1.0] - C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [444904 2012-09-20] (Adobe Systems Incorporated)
    HKLM\...\Run: [RTHDVCPL] - C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [7506136 2013-12-06] (Realtek Semiconductor)
    HKLM-x32\...\Run: [SwitchBoard] - C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Adobe Systems Incorporated)
    HKLM-x32\...\Run: [Sendori Tray] - C:\Program Files (x86)\Sendori\SendoriTray.exe [82792 2012-12-10] (Sendori, Inc.)
    HKLM-x32\...\Run: [ASUS AiChargerPlus Execute] - C:\Program Files (x86)\InstallShield Installation Information\{E6931688-DA2B-4E16-8539-3D323D69C677}\AiChargerPlus.exe [550272 2012-08-20] (ASUSTek Computer Inc.)
    HKLM-x32\...\Run: [M-Audio Panel Launcher] - C:\Program Files (x86)\M-Audio\M-Track\MAPanel.exe [1190096 2013-04-24] (M-Audio)
    HKLM-x32\...\Run: [] - [X]
    HKLM-x32\...\Run: [StartCCC] - C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\amd64\CLIStart.exe [767200 2014-01-31] (Advanced Micro Devices, Inc.)
    HKLM-x32\...\Run: [Razer Synapse] - C:\Program Files (x86)\Razer\Synapse\RzSynapse.exe [444760 2014-03-07] (Razer Inc.)
    HKLM-x32\...\Run: [LiveUpdate 5] - C:\Program Files (x86)\MSI\Live Update 5\BootStartLiveupdate.exe [322544 2014-03-05] ()
    HKU\S-1-5-21-3318628717-2039210978-2398495989-1000\...\Run: [CAHeadless] - C:\Program Files (x86)\Adobe\Elements 10 Organizer\CAHeadless\ElementsAutoAnalyzer.exe [835224 2011-09-14] (Adobe Systems Incorporated)
    HKU\S-1-5-21-3318628717-2039210978-2398495989-1000\...\Run: [HydraVisionDesktopManager] - C:\Program Files (x86)\ATI Technologies\HydraVision\HydraDM.exe [389120 2014-01-31] (AMD)
    Lsa: [Notification Packages] scecli C:\Program Files\WIDCOMM\Bluetooth Software\BtwProximityCP.dll

    ==================== Internet (Whitelisted) ====================

    HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
    HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = en-US
    StartMenuInternet: IEXPLORE.EXE - C:\Program Files (x86)\Internet Explorer\iexplore.exe
    SearchScopes: HKCU - DefaultScope {6A1806CD-94D4-4689-BA73-E35EA1EA9990} URL = https://www.google.com/search?q={searchTerms}
    SearchScopes: HKCU - {6A1806CD-94D4-4689-BA73-E35EA1EA9990} URL = https://www.google.com/search?q={searchTerms}
    BHO: Norton Identity Protection - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - C:\Program Files (x86)\Norton 360\Engine64\21.2.0.38\coIEPlg.dll (Symantec Corporation)
    BHO-x32: Norton Identity Protection - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - C:\Program Files (x86)\Norton 360\Engine\21.2.0.38\coIEPlg.dll (Symantec Corporation)
    BHO-x32: Norton Vulnerability Protection - {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\Program Files (x86)\Norton 360\Engine\21.2.0.38\IPS\IPSBHO.DLL (Symantec Corporation)
    Toolbar: HKLM - Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton 360\Engine64\21.2.0.38\coIEPlg.dll (Symantec Corporation)
    Toolbar: HKLM - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
    Toolbar: HKLM-x32 - Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton 360\Engine\21.2.0.38\coIEPlg.dll (Symantec Corporation)
    Toolbar: HKLM-x32 - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
    Toolbar: HKCU - No Name - {88C7F2AA-F93F-432C-8F0E-B7D85967A527} - No File
    Toolbar: HKCU - Google Toolbar - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
    DPF: HKLM {73ECB3AA-4717-450C-A2AB-D00DAD9EE203} http://h20614.www2.hp.com/ediags/gmd/Install/Cab/hpdetect121.cab
    DPF: HKLM {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
    DPF: HKLM-x32 {02BCC737-B171-4746-94C9-0D8A0B2C0089} http://office.microsoft.com/_layouts/ClientBin/ieawsdc32.cab
    DPF: HKLM-x32 {0D41B8C5-2599-4893-8183-00195EC8D5F9} https://www.asus.com/support/asusTek_sys_ctrl3.cab
    DPF: HKLM-x32 {C8BC46C7-921C-4102-B67D-F1F7E65FB0BE} https://battlefield.play4free.com/static/updater/BP4FUpdater_1.0.80.2.cab
    Filter: video/mp4 - {20C75730-7C25-476B-95DC-C65810F9E489} - C:\Program Files\AMD\SteadyVideo\VideoMIMEFilter.dll (Advanced Micro Devices)
    Filter: video/x-flv - {20C75730-7C25-476B-95DC-C65810F9E489} - C:\Program Files\AMD\SteadyVideo\VideoMIMEFilter.dll (Advanced Micro Devices)
    Filter-x32: video/mp4 - {20C75730-7C25-476B-95DC-C65810F9E489} - C:\Program Files (x86)\amd\SteadyVideo\VideoMIMEFilter.dll (Advanced Micro Devices)
    Filter-x32: video/x-flv - {20C75730-7C25-476B-95DC-C65810F9E489} - C:\Program Files (x86)\amd\SteadyVideo\VideoMIMEFilter.dll (Advanced Micro Devices)
    Tcpip\Parameters: [DhcpNameServer] 75.75.75.75 75.75.76.76
    Tcpip\..\Interfaces\{BDB9F3D2-7516-4535-B3E8-2D9AFAE9656E}: [NameServer]192.168.1.254
    Tcpip\..\Interfaces\{C5C30413-21F0-4668-B975-51815C124BF3}: [NameServer]192.168.1.254

    Chrome:
    =======
    CHR HomePage: hxxp://www.google.com/
    CHR Plugin: (Shockwave Flash) - C:\Program Files (x86)\Google\Chrome\Application\31.0.1650.63\PepperFlash\pepflashplayer.dll ()
    CHR Plugin: (Shockwave Flash) - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_4_402_287.dll No File
    CHR Plugin: (Chrome Remote Desktop Viewer) - internal-remoting-viewer
    CHR Plugin: (Native Client) - C:\Program Files (x86)\Google\Chrome\Application\31.0.1650.63\ppGoogleNaClPluginChrome.dll ()
    CHR Plugin: (Chrome PDF Viewer) - C:\Program Files (x86)\Google\Chrome\Application\31.0.1650.63\pdf.dll ()
    CHR Plugin: (Norton Confidential) - C:\Users\B Fizzle\AppData\Local\Google\Chrome\User Data\Default\Extensions\mkfokfffehpeedafpekjeddnmnjhmcmk\2012.5.6.10_0\npcoplgn.dll No File
    CHR Plugin: (registryAccess) - C:\Users\B Fizzle\AppData\Local\Google\Chrome\User Data\Default\Extensions\aaaaaaooaijelonlmbcbjkocdnicdfmo\7.15.4.0_0\background/registryAccess.dll No File
    CHR Plugin: (Adobe Acrobat) - C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Browser\nppdf32.dll No File
    CHR Plugin: (QuickTime Plug-in 7.7.2) - C:\Program Files (x86)\QuickTime\plugins\npqtplugin.dll (Apple Inc.)
    CHR Plugin: (QuickTime Plug-in 7.7.2) - C:\Program Files (x86)\QuickTime\plugins\npqtplugin2.dll (Apple Inc.)
    CHR Plugin: (QuickTime Plug-in 7.7.2) - C:\Program Files (x86)\QuickTime\plugins\npqtplugin3.dll (Apple Inc.)
    CHR Plugin: (QuickTime Plug-in 7.7.2) - C:\Program Files (x86)\QuickTime\plugins\npqtplugin4.dll (Apple Inc.)
    CHR Plugin: (QuickTime Plug-in 7.7.2) - C:\Program Files (x86)\QuickTime\plugins\npqtplugin5.dll (Apple Inc.)
    CHR Plugin: (QuickTime Plug-in 7.7.2) - C:\Program Files (x86)\QuickTime\plugins\npqtplugin6.dll No File
    CHR Plugin: (QuickTime Plug-in 7.7.2) - C:\Program Files (x86)\QuickTime\plugins\npqtplugin7.dll No File
    CHR Plugin: (Microsoft Office 2010) - C:\PROGRA~2\MICROS~2\Office14\NPSPWRAP.DLL (Microsoft Corporation)
    CHR Plugin: (ESN Launch Mozilla Plugin) - C:\Program Files (x86)\Battlelog Web Plugins\1.122.0\npesnlaunch.dll No File
    CHR Plugin: (ESN Sonar API) - C:\Program Files (x86)\Battlelog Web Plugins\Sonar\0.70.4\npesnsonar.dll (ESN Social Software AB)
    CHR Plugin: (Google Earth Plugin) - C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google)
    CHR Plugin: (Google Update) - C:\Program Files (x86)\Google\Update\1.3.21.123\npGoogleUpdate3.dll No File
    CHR Plugin: (iTunes Application Detector) - C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
    CHR Plugin: (Silverlight Plug-In) - c:\Program Files (x86)\Microsoft Silverlight\5.1.10411.0\npctrl.dll No File
    CHR Extension: (Norton Identity Protection) - C:\Users\B Fizzle\AppData\Local\Google\Chrome\User Data\Default\Extensions\mkfokfffehpeedafpekjeddnmnjhmcmk [2012-08-28]
    CHR Extension: (Google Wallet) - C:\Users\B Fizzle\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2013-09-05]
    CHR HKCU\...\Chrome\Extension: [gahpidfnpjlikfplofgcckpplbhopgpp] - C:\Users\B Fizzle\AppData\Local\CRE\gahpidfnpjlikfplofgcckpplbhopgpp.crx [2013-09-05]
    CHR HKCU\...\Chrome\Extension: [kicbefokomboipccpmfmeomobpijbnie] - C:\Users\B Fizzle\AppData\Local\CRE\kicbefokomboipccpmfmeomobpijbnie.crx [2013-09-05]
    CHR HKCU\...\Chrome\Extension: [lipgolpfajiadodbcbljdpmbmbdmfcil] - C:\Users\B Fizzle\AppData\Local\CRE\lipgolpfajiadodbcbljdpmbmbdmfcil.crx [2013-09-05]
    CHR HKCU\...\Chrome\Extension: [mhfdcmehmjcclgopdodkjdicohagipid] - C:\Users\B Fizzle\AppData\Local\CRE\mhfdcmehmjcclgopdodkjdicohagipid.crx [2013-09-05]
    CHR HKLM-x32\...\Chrome\Extension: [gahpidfnpjlikfplofgcckpplbhopgpp] - C:\Users\B Fizzle\AppData\Local\CRE\gahpidfnpjlikfplofgcckpplbhopgpp.crx [2013-09-05]
    CHR HKLM-x32\...\Chrome\Extension: [kicbefokomboipccpmfmeomobpijbnie] - C:\Users\B Fizzle\AppData\Local\CRE\kicbefokomboipccpmfmeomobpijbnie.crx [2013-09-05]
    CHR HKLM-x32\...\Chrome\Extension: [lipgolpfajiadodbcbljdpmbmbdmfcil] - C:\Users\B Fizzle\AppData\Local\CRE\lipgolpfajiadodbcbljdpmbmbdmfcil.crx [2013-09-05]
    CHR HKLM-x32\...\Chrome\Extension: [mhfdcmehmjcclgopdodkjdicohagipid] - C:\Users\B Fizzle\AppData\Local\CRE\mhfdcmehmjcclgopdodkjdicohagipid.crx [2013-09-05]
    CHR HKLM-x32\...\Chrome\Extension: [mkfokfffehpeedafpekjeddnmnjhmcmk] - C:\Program Files (x86)\Norton 360\Engine\21.2.0.38\Exts\Chrome.crx [2014-03-20]
    CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION

    ==================== Services (Whitelisted) =================

    S4 AdobeActiveFileMonitor10.0; C:\Program Files (x86)\Adobe\Elements 10 Organizer\PhotoshopElementsFileAgent.exe [169624 2011-09-14] (Adobe Systems Incorporated)
    R2 AMD FUEL Service; C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe [344064 2014-01-31] (Advanced Micro Devices, Inc.)
    S4 Application Sendori; C:\Program Files (x86)\Sendori\SendoriSvc.exe [118632 2012-12-10] (Sendori, Inc.)
    R2 asComSvc; C:\Program Files (x86)\ASUS\AXSP\1.00.19\atkexComSvc.exe [920736 2012-06-01] ()
    R2 asHmComSvc; C:\Program Files (x86)\ASUS\AAHM\1.00.20\aaHMSvc.exe [951936 2012-06-01] (ASUSTeK Computer Inc.)
    R2 AsSysCtrlService; C:\Program Files (x86)\ASUS\AsSysCtrlService\1.00.13\AsSysCtrlService.exe [149120 2012-02-17] (ASUSTeK Computer Inc.)
    U2 AsusFanControlService; C:\Program Files (x86)\ASUS\AsusFanControlService\1.01.14\AsusFanControlService.exe [1457152 2012-06-13] (ASUSTeK Computer Inc.)
    R2 BcmBtRSupport; C:\Windows\system32\BtwRSupportService.exe [2252504 2013-09-01] (Broadcom Corporation.)
    R2 Belkin Local Backup Service; C:\Program Files\Belkin\Belkin USB Print and Storage Center\BkBackupScheduler.exe [181760 2011-04-19] ()
    R2 Belkin Network USB Helper; C:\Program Files\Belkin\Belkin USB Print and Storage Center\Bkapcs.exe [55296 2010-02-09] ()
    S3 BEService; C:\Program Files (x86)\Common Files\BattlEye\BEService.exe [49152 2013-05-31] ()
    R2 MBAMScheduler; C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe [418376 2013-04-04] (Malwarebytes Corporation)
    S2 MBAMService; C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [701512 2013-04-04] (Malwarebytes Corporation)
    R2 MTrackAudioDevMon; C:\Program Files (x86)\M-Audio\M-Track\AudioDevMon.exe [546816 2013-04-24] (M-Audio)
    R2 N360; C:\Program Files (x86)\Norton 360\Engine\21.2.0.38\N360.exe [265040 2014-03-12] (Symantec Corporation)
    S4 Norton PC Checkup Application Launcher; C:\Program Files (x86)\Norton PC Checkup\Engine\2.0.15.96\SymcPCCULaunchSvc.exe [123320 2011-11-07] (Symantec Corporation)
    R2 PCCUJobMgr; C:\Program Files (x86)\Norton PC Checkup\Engine\2.0.15.96\ccSvcHst.exe [126392 2011-11-07] (Symantec Corporation)
    R2 PnkBstrA; C:\Windows\SysWOW64\PnkBstrA.exe [76888 2013-11-11] ()
    S4 Service Sendori; C:\Program Files (x86)\Sendori\Sendori.Service.exe [14696 2012-12-10] (sendori)
    S4 sndappv2; C:\Program Files (x86)\Sendori\sndappv2.exe [3569512 2012-12-10] (Sendori)

    ==================== Drivers (Whitelisted) ====================

    R3 AiChargerPlus; C:\Windows\SysWow64\drivers\AiChargerPlus.sys [14848 2012-04-19] (ASUSTek Computer Inc.)
    S3 AKAI_ACV1_MIDI; C:\Windows\System32\drivers\akaiacv1m.sys [55104 2012-10-15] (Ploytec GmbH)
    S0 amdkmafd; C:\Windows\System32\DRIVERS\amdkmafd.sys [21160 2013-06-05] (Advanced Micro Devices, Inc.)
    R0 amdkmpfd; C:\Windows\System32\DRIVERS\amdkmpfd.sys [36096 2013-09-12] (Advanced Micro Devices, Inc.)
    R2 AODDriver4.2.0; C:\Program Files\ATI Technologies\ATI.ACE\Fuel\amd64\AODDriver2.sys [59648 2013-11-04] (Advanced Micro Devices)
    S2 AODDriver4.3; C:\Program Files\ATI Technologies\ATI.ACE\Fuel\amd64\AODDriver2.sys [59648 2013-11-04] (Advanced Micro Devices)
    U5 AppMgmt; C:\Windows\system32\svchost.exe [27136 2009-07-13] (Microsoft Corporation)
    R0 asahci64; C:\Windows\System32\DRIVERS\asahci64.sys [47512 2013-06-05] (Asmedia Technology)
    R1 AsIO; C:\Windows\SysWow64\drivers\AsIO.sys [13440 2010-08-24] ()
    R1 AsUpIO; C:\Windows\SysWow64\drivers\AsUpIO.sys [14464 2010-08-02] ()
    R3 ASUSFILTER; C:\Windows\SysWow64\drivers\ASUSFILTER.sys [46152 2011-09-19] (MCCI Corporation)
    S3 ASUSstpt; C:\Windows\System32\DRIVERS\ASUSstpt.sys [24648 2011-09-14] (MCCI Corporation)
    S3 ASUSumsc; C:\Windows\System32\DRIVERS\ASUSumsc.sys [141896 2011-09-14] (MCCI Corporation)
    S3 bcbtums; C:\Windows\System32\drivers\bcbtums.sys [170712 2013-09-01] (Broadcom Corporation.)
    R1 BHDrvx64; C:\Program Files (x86)\Norton 360\NortonData\21.1.0.18\Definitions\BASHDefs\20140319.001\BHDrvx64.sys [1525976 2014-03-18] (Symantec Corporation)
    R1 ccSet_N360; C:\Windows\system32\drivers\N360x64\1502000.026\ccSetx64.sys [162392 2013-09-25] (Symantec Corporation)
    R1 eeCtrl; C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\eeCtrl64.sys [484952 2013-11-22] (Symantec Corporation)
    R3 EraserUtilRebootDrv; C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys [137648 2013-11-22] (Symantec Corporation)
    S3 gmhidlow; C:\Windows\System32\DRIVERS\gmhidlow.sys [14720 2013-06-05] ()
    S3 hcwhdpvr; C:\Windows\System32\DRIVERS\hcwhdpvr.sys [192072 2013-07-04] (Hauppauge, Inc.)
    R1 IDSVia64; C:\Program Files (x86)\Norton 360\NortonData\21.1.0.18\Definitions\IPSDefs\20140321.001\IDSvia64.sys [524504 2014-03-05] (Symantec Corporation)
    R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25928 2013-04-04] (Malwarebytes Corporation)
    R3 MTRACK; C:\Windows\System32\DRIVERS\MAudioMTrack.sys [471040 2013-04-24] (M-Audio)
    R3 NAVENG; C:\Program Files (x86)\Norton 360\NortonData\21.1.0.18\Definitions\VirusDefs\20140324.008\ENG64.SYS [126040 2014-01-21] (Symantec Corporation)
    R3 NAVEX15; C:\Program Files (x86)\Norton 360\NortonData\21.1.0.18\Definitions\VirusDefs\20140324.008\EX64.SYS [2099288 2014-01-21] (Symantec Corporation)
    R3 NTIOLib_1_0_4; C:\Program Files (x86)\MSI\Live Update 5\NTIOLib_X64.sys [14136 2010-10-22] (MSI)
    R1 qknfd; C:\Windows\System32\drivers\qknfd.sys [58256 2014-02-05] (Quiknowledge)
    R3 rzendpt; C:\Windows\System32\DRIVERS\rzendpt.sys [39080 2013-11-15] (Razer Inc)
    R3 ScpVBus; C:\Windows\System32\DRIVERS\ScpVBus.sys [39168 2014-01-25] (Scarlet.Crush Productions)
    R1 Serial; C:\Windows\System32\DRIVERS\serial.sys [94208 2009-07-13] (Brother Industries Ltd.)
    R3 Sftfs; C:\Windows\System32\DRIVERS\Sftfswin7.sys [765288 2011-10-01] (Microsoft Corporation)
    R3 Sftplay; C:\Windows\System32\DRIVERS\Sftplaywin7.sys [268648 2011-10-01] (Microsoft Corporation)
    R3 Sftredir; C:\Windows\System32\DRIVERS\Sftredirwin7.sys [25960 2011-10-01] (Microsoft Corporation)
    R3 Sftvol; C:\Windows\System32\DRIVERS\Sftvolwin7.sys [22376 2011-10-01] (Microsoft Corporation)
    R0 sptd; C:\Windows\System32\Drivers\sptd.sys [564824 2014-01-07] (Duplex Secure Ltd.)
    R3 SRTSP; C:\Windows\System32\Drivers\N360x64\1502000.026\SRTSP64.SYS [875736 2014-02-12] (Symantec Corporation)
    R1 SRTSPX; C:\Windows\system32\drivers\N360x64\1502000.026\SRTSPX64.SYS [36952 2013-09-09] (Symantec Corporation)
    R2 sxuptp; C:\Windows\System32\DRIVERS\sxuptp.sys [291352 2009-06-22] (silex technology, Inc.)
    R0 SymDS; C:\Windows\System32\drivers\N360x64\1502000.026\SYMDS64.SYS [493656 2013-09-09] (Symantec Corporation)
    R0 SymEFA; C:\Windows\System32\drivers\N360x64\1502000.026\SYMEFA64.SYS [1148120 2014-03-03] (Symantec Corporation)
    R3 SymEvent; C:\Windows\system32\Drivers\SYMEVENT64x86.SYS [177752 2013-10-30] (Symantec Corporation)
    R1 SymIM; C:\Windows\System32\DRIVERS\SymIMv.sys [78936 2013-09-09] (Symantec Corporation)
    R1 SymIRON; C:\Windows\system32\drivers\N360x64\1502000.026\Ironx64.SYS [264280 2013-09-26] (Symantec Corporation)
    R1 SymNetS; C:\Windows\System32\Drivers\N360x64\1502000.026\SYMNETS.SYS [593112 2014-02-17] (Symantec Corporation)
    S3 catchme; \??\C:\ComboFix\catchme.sys [X]
    S3 MSICDSetup; \??\E:\CDriver64.sys [X]
    S3 MSI_MSIBIOS_010507; \??\C:\Program Files (x86)\MSI\Live Update 5\msibios64_100507.sys [X]
    S3 NTIOLib_1_0_3; \??\C:\Program Files (x86)\MSI\Super-Charger\NTIOLib_X64.sys [X]
    S0x01000000 papycpu2; \SystemRoot\System32\DRIVERS\papycpu2.sys [X]
    S0x01000000 papyjoy; \SystemRoot\System32\DRIVERS\papyjoy.sys [X]

    ==================== NetSvcs (Whitelisted) ===================


    ==================== One Month Created Files and Folders ========

    2014-03-24 21:02 - 2014-03-24 21:03 - 00022116 _____ () C:\Users\B Fizzle\Desktop\FRST.txt
    2014-03-24 21:02 - 2014-03-24 21:02 - 02157056 _____ (Farbar) C:\Users\B Fizzle\Desktop\FRST64.exe
    2014-03-24 21:02 - 2014-03-24 21:02 - 00000000 ____D () C:\FRST
    2014-03-24 18:48 - 2014-03-24 18:48 - 00000000 ____D () C:\Windows\System32\Tasks\Norton 360
    2014-03-24 18:27 - 2014-03-24 18:27 - 00000000 ____D () C:\Windows\ERUNT
    2014-03-24 18:25 - 2014-03-24 18:50 - 00005011 _____ () C:\Users\B Fizzle\Desktop\New Text Document.txt
    2014-03-24 18:13 - 2014-03-24 19:04 - 00000000 ____D () C:\Users\B Fizzle\Desktop\AntiVirus Stuff
    2014-03-24 17:39 - 2014-03-24 18:02 - 00000000 ____D () C:\Windows\SysWOW64\RTCOM
    2014-03-24 17:39 - 2014-03-24 17:39 - 00000000 ____D () C:\Program Files\Realtek
    2014-03-24 17:38 - 2013-12-10 20:35 - 43342848 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RCoRes64.dat
    2014-03-24 17:38 - 2013-12-10 20:20 - 03771352 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\Drivers\RTKVHD64.sys
    2014-03-24 17:38 - 2013-12-10 10:17 - 00693385 _____ () C:\Windows\system32\Drivers\RTAIODAT.DAT
    2014-03-24 17:38 - 2013-12-05 20:21 - 00153304 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RCoInstII64.dll
    2014-03-24 17:38 - 2013-12-04 16:27 - 01958616 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RTSnMg64.cpl
    2014-03-24 17:38 - 2013-12-02 16:55 - 05681196 _____ () C:\Windows\system32\Drivers\rtvienna.dat
    2014-03-24 17:38 - 2013-11-26 17:26 - 00618200 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RtDataProc64.dll
    2014-03-24 17:38 - 2013-11-25 15:59 - 02810072 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RtPgEx64.dll
    2014-03-24 17:38 - 2013-11-25 15:59 - 02588888 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RtkAPO64.dll
    2014-03-24 17:38 - 2013-11-14 15:49 - 01286872 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RTCOM64.dll
    2014-03-24 17:38 - 2013-11-13 18:52 - 01013504 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxAudioAPOShell64.dll
    2014-03-24 17:38 - 2013-11-13 18:41 - 14153984 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxAudioRealtek64.dll
    2014-03-24 17:38 - 2013-11-13 18:10 - 02103040 _____ (Waves Audio Ltd.) C:\Windows\system32\WavesGUILib64.dll
    2014-03-24 17:38 - 2013-11-13 18:07 - 03899648 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxAudioVnN64.dll
    2014-03-24 17:38 - 2013-11-13 18:07 - 02036992 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxAudioEQ64.dll
    2014-03-24 17:38 - 2013-11-13 17:52 - 01922304 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxAudioRealtek264.dll
    2014-03-24 17:38 - 2013-11-13 17:52 - 01345280 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxAudioAPO5064.dll
    2014-03-24 17:38 - 2013-11-05 11:22 - 00912184 _____ (Nahimic Inc) C:\Windows\system32\NAHIMICAPOSettingsIPC.dll
    2014-03-24 17:38 - 2013-11-05 11:19 - 05753112 _____ (Nahimic Inc) C:\Windows\system32\NAHIMICAPOlfx.dll
    2014-03-24 17:38 - 2013-10-28 17:29 - 01021656 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RtkApi64.dll
    2014-03-24 17:38 - 2013-10-16 03:43 - 00209096 _____ (Andrea Electronics Corporation) C:\Windows\system32\AERTAC64.dll
    2014-03-24 17:38 - 2013-10-11 12:47 - 00113576 _____ (Real Sound Lab SIA) C:\Windows\system32\CONEQMSAPOGUILibrary.dll
    2014-03-24 17:38 - 2013-10-11 11:31 - 00947760 _____ (Sony Corporation) C:\Windows\system32\SFSS_APO.dll
    2014-03-24 17:38 - 2013-10-09 20:13 - 01286400 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxSpeechAPO64.dll
    2014-03-24 17:38 - 2013-10-09 20:12 - 27644160 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxAudioVnA64.dll
    2014-03-24 17:38 - 2013-10-07 00:26 - 00501184 _____ (DTS) C:\Windows\system32\DTSU2PLFX64.dll
    2014-03-24 17:38 - 2013-10-07 00:26 - 00487360 _____ (DTS) C:\Windows\system32\DTSU2PGFX64.dll
    2014-03-24 17:38 - 2013-10-07 00:26 - 00415680 _____ (DTS) C:\Windows\system32\DTSU2PREC64.dll
    2014-03-24 17:38 - 2013-09-10 04:02 - 06217904 _____ (Dolby Laboratories) C:\Windows\system32\DDPP64A.dll
    2014-03-24 17:38 - 2013-09-10 04:02 - 00313520 _____ (Dolby Laboratories) C:\Windows\system32\DDPO64A.dll
    2014-03-24 17:38 - 2013-09-10 04:01 - 01938608 _____ (Dolby Laboratories) C:\Windows\system32\DDPD64A.dll
    2014-03-24 17:38 - 2013-09-10 04:01 - 00260272 _____ (Dolby Laboratories) C:\Windows\system32\DDPA64.dll
    2014-03-24 17:38 - 2013-08-24 03:14 - 01014016 _____ (SRS Labs, Inc.) C:\Windows\system32\slcnt64.dll
    2014-03-24 17:38 - 2013-08-24 03:14 - 00897792 _____ (DTS, Inc.) C:\Windows\system32\sl3apo64.dll
    2014-03-24 17:38 - 2013-08-24 03:14 - 00722688 _____ (DTS, Inc.) C:\Windows\system32\sltech64.dll
    2014-03-24 17:38 - 2013-08-24 03:14 - 00244480 _____ (TODO: <Company name>) C:\Windows\system32\slprp64.dll
    2014-03-24 17:38 - 2013-08-20 17:37 - 00605496 _____ () C:\Windows\system32\audioLibVc.dll
    2014-03-24 17:38 - 2013-08-14 16:36 - 00662784 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxVolumeSDAPO.dll
    2014-03-24 17:38 - 2013-08-14 16:35 - 01084160 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxAudioAPO4064.dll
    2014-03-24 17:38 - 2013-08-14 16:35 - 00907008 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxVoiceAPO2064.dll
    2014-03-24 17:38 - 2013-08-14 16:35 - 00663296 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxAudioAPO30.dll
    2014-03-24 17:38 - 2013-08-05 18:11 - 02743328 _____ (Fortemedia Corporation) C:\Windows\system32\FMAPO64.dll
    2014-03-24 17:38 - 2013-07-23 15:39 - 00790272 _____ (Waves Audio Ltd.) C:\Windows\SysWOW64\MaxxAudioAPOShell.dll
    2014-03-24 17:38 - 2013-06-25 12:47 - 00871856 _____ (TOSHIBA Corporation) C:\Windows\system32\tossaeapo64.dll
    2014-03-24 17:38 - 2013-06-25 12:47 - 00162224 _____ (TOSHIBA Corporation) C:\Windows\system32\toseaeapo64.dll
    2014-03-24 17:38 - 2013-06-25 12:46 - 00582056 _____ (TOSHIBA Corporation) C:\Windows\system32\tosasfapo64.dll
    2014-03-24 17:38 - 2013-06-21 11:01 - 00109848 _____ () C:\Windows\system32\AcpiServiceVnA64.dll
    2014-03-24 17:38 - 2013-04-03 14:13 - 00906800 _____ (Sony Corporation) C:\Windows\system32\MISS_APO.dll
    2014-03-24 17:38 - 2012-08-31 19:18 - 07164176 _____ (Dolby Laboratories) C:\Windows\system32\R4EEP64A.dll
    2014-03-24 17:38 - 2012-08-31 19:17 - 00434960 _____ (Dolby Laboratories) C:\Windows\system32\R4EED64A.dll
    2014-03-24 17:38 - 2012-08-31 19:17 - 00141584 _____ (Dolby Laboratories) C:\Windows\system32\R4EEL64A.dll
    2014-03-24 17:38 - 2012-08-31 19:17 - 00124176 _____ (Dolby Laboratories) C:\Windows\system32\R4EEA64A.dll
    2014-03-24 17:38 - 2012-08-31 19:17 - 00075024 _____ (Dolby Laboratories) C:\Windows\system32\R4EEG64A.dll
    2014-03-24 17:38 - 2012-03-08 11:47 - 00108640 _____ (Andrea Electronics Corporation) C:\Windows\system32\AERTAR64.dll
    2014-03-24 17:38 - 2012-01-30 11:43 - 00836544 _____ (TOSHIBA Corporation) C:\Windows\system32\tadefxapo264.dll
    2014-03-24 17:38 - 2012-01-10 10:20 - 00065944 _____ (TOSHIBA CORPORATION.) C:\Windows\system32\tepeqapo64.dll
    2014-03-24 17:38 - 2011-12-20 15:32 - 00331880 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RtlCPAPI64.dll
    2014-03-24 17:38 - 2011-11-22 16:28 - 00014952 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RtkCoLDR64.dll
    2014-03-24 17:38 - 2011-09-02 14:21 - 00221024 _____ (Synopsys, Inc.) C:\Windows\system32\SFNHK64.dll
    2014-03-24 17:38 - 2011-09-02 14:21 - 00081248 _____ (Synopsys, Inc.) C:\Windows\system32\SFCOM64.dll
    2014-03-24 17:38 - 2011-09-02 14:21 - 00078688 _____ (Synopsys, Inc.) C:\Windows\system32\SFAPO64.dll
    2014-03-24 17:38 - 2011-08-23 17:00 - 00603984 _____ (Knowles Acoustics ) C:\Windows\system32\KAAPORT64.dll
    2014-03-24 17:38 - 2011-05-31 09:42 - 01756264 _____ (DTS) C:\Windows\system32\DTSS2SpeakerDLL64.dll
    2014-03-24 17:38 - 2011-05-31 09:42 - 01568360 _____ (DTS) C:\Windows\system32\DTSS2HeadphoneDLL64.dll
    2014-03-24 17:38 - 2011-05-31 09:42 - 01486952 _____ (DTS) C:\Windows\system32\DTSBoostDLL64.dll
    2014-03-24 17:38 - 2011-05-31 09:42 - 00728680 _____ (DTS) C:\Windows\system32\DTSBassEnhancementDLL64.dll
    2014-03-24 17:38 - 2011-05-31 09:42 - 00712296 _____ (DTS) C:\Windows\system32\DTSSymmetryDLL64.dll
    2014-03-24 17:38 - 2011-05-31 09:42 - 00693352 _____ (DTS) C:\Windows\system32\DTSVoiceClarityDLL64.dll
    2014-03-24 17:38 - 2011-05-31 09:42 - 00491112 _____ (DTS) C:\Windows\system32\DTSNeoPCDLL64.dll
    2014-03-24 17:38 - 2011-05-31 09:42 - 00432744 _____ (DTS) C:\Windows\system32\DTSLimiterDLL64.dll
    2014-03-24 17:38 - 2011-05-31 09:42 - 00428648 _____ (DTS) C:\Windows\system32\DTSGainCompensatorDLL64.dll
    2014-03-24 17:38 - 2011-05-31 09:42 - 00242792 _____ (DTS) C:\Windows\system32\DTSLFXAPO64.dll
    2014-03-24 17:38 - 2011-05-31 09:42 - 00242792 _____ (DTS) C:\Windows\system32\DTSGFXAPO64.dll
    2014-03-24 17:38 - 2011-05-31 09:42 - 00241768 _____ (DTS) C:\Windows\system32\DTSGFXAPONS64.dll
    2014-03-24 17:38 - 2011-03-17 12:17 - 01361336 _____ (TOSHIBA Corporation) C:\Windows\system32\tosade.dll
    2014-03-24 17:38 - 2011-03-07 17:11 - 00148416 _____ (TOSHIBA Corporation) C:\Windows\system32\tadefxapo.dll
    2014-03-24 17:38 - 2010-11-08 07:31 - 00375128 _____ (Dolby Laboratories, Inc.) C:\Windows\system32\RTEEP64A.dll
    2014-03-24 17:38 - 2010-11-08 07:31 - 00310104 _____ (Dolby Laboratories, Inc.) C:\Windows\system32\RP3DHT64.dll
    2014-03-24 17:38 - 2010-11-08 07:31 - 00310104 _____ (Dolby Laboratories, Inc.) C:\Windows\system32\RP3DAA64.dll
    2014-03-24 17:38 - 2010-11-08 07:31 - 00204120 _____ (Dolby Laboratories, Inc.) C:\Windows\system32\RTEED64A.dll
    2014-03-24 17:38 - 2010-11-08 07:31 - 00101208 _____ (Dolby Laboratories, Inc.) C:\Windows\system32\RTEEL64A.dll
    2014-03-24 17:38 - 2010-11-08 07:31 - 00078680 _____ (Dolby Laboratories, Inc.) C:\Windows\system32\RTEEG64A.dll
    2014-03-24 17:38 - 2010-11-03 18:30 - 00149608 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RtkCfg64.dll
    2014-03-24 17:38 - 2010-09-27 09:34 - 00318808 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxAudioAPO20.dll
    2014-03-24 17:38 - 2010-07-22 16:48 - 00074064 _____ (Virage Logic Corporation / Sonic Focus) C:\Windows\SysWOW64\SFCOM.dll
    2014-03-24 17:38 - 2009-11-24 09:55 - 00518896 _____ (SRS Labs, Inc.) C:\Windows\system32\SRSTSX64.dll
    2014-03-24 17:38 - 2009-11-24 09:55 - 00211184 _____ (SRS Labs, Inc.) C:\Windows\system32\SRSTSH64.dll
    2014-03-24 17:38 - 2009-11-24 09:55 - 00198896 _____ (SRS Labs, Inc.) C:\Windows\system32\SRSHP64.dll
    2014-03-24 17:38 - 2009-11-24 09:55 - 00155888 _____ (SRS Labs, Inc.) C:\Windows\system32\SRSWOW64.dll
    2014-03-24 14:50 - 2013-11-26 15:49 - 00888536 _____ (Realtek ) C:\Windows\system32\Drivers\Rt64win7.sys
    2014-03-24 14:50 - 2013-11-26 15:49 - 00073800 _____ (Realtek Semiconductor Corporation) C:\Windows\system32\RtNicProp64.dll
    2014-03-24 14:46 - 2014-03-24 14:46 - 00015824 _____ () C:\Windows\DPINST.LOG
    2014-03-24 14:46 - 2014-03-24 14:46 - 00000000 ____D () C:\Program Files (x86)\ASM104xUSB3
    2014-03-24 14:26 - 2014-03-24 14:26 - 00002013 _____ () C:\Users\Public\Desktop\Live Update 5.lnk
    2014-03-24 14:03 - 2014-03-24 14:03 - 4187497859 _____ () C:\Windows\MEMORY.DMP
    2014-03-24 13:43 - 2014-03-24 13:43 - 00036483 _____ () C:\ComboFix.txt
    2014-03-24 13:35 - 2014-03-24 17:34 - 00141912 _____ () C:\Windows\PFRO.log
    2014-03-24 13:24 - 2011-06-26 00:45 - 00256000 _____ () C:\Windows\PEV.exe
    2014-03-24 13:24 - 2010-11-07 11:20 - 00208896 _____ () C:\Windows\MBR.exe
    2014-03-24 13:24 - 2009-04-19 22:56 - 00060416 _____ (NirSoft) C:\Windows\NIRCMD.exe
    2014-03-24 13:24 - 2000-08-30 18:00 - 00518144 _____ (SteelWerX) C:\Windows\SWREG.exe
    2014-03-24 13:24 - 2000-08-30 18:00 - 00406528 _____ (SteelWerX) C:\Windows\SWSC.exe
    2014-03-24 13:24 - 2000-08-30 18:00 - 00098816 _____ () C:\Windows\sed.exe
    2014-03-24 13:24 - 2000-08-30 18:00 - 00080412 _____ () C:\Windows\grep.exe
    2014-03-24 13:24 - 2000-08-30 18:00 - 00068096 _____ () C:\Windows\zip.exe
    2014-03-24 13:21 - 2014-03-24 13:43 - 00000000 ____D () C:\Qoobox
    2014-03-24 13:21 - 2014-03-24 13:41 - 00000000 ____D () C:\Windows\erdnt
    2014-03-24 13:02 - 2014-03-24 13:02 - 05192353 ____R (Swearware) C:\Users\B Fizzle\Desktop\ComboFix.exe
    2014-03-20 19:14 - 2014-03-20 19:14 - 00069544 _____ () C:\Users\B Fizzle\AppData\Local\GDIPFONTCACHEV1.DAT
    2014-03-20 19:11 - 2014-03-24 20:57 - 00002707 _____ () C:\Windows\setupact.log
    2014-03-20 19:11 - 2014-03-20 19:12 - 04936896 _____ () C:\Windows\system32\FNTCACHE.DAT
    2014-03-20 19:11 - 2014-03-20 19:11 - 00000000 _____ () C:\Windows\setuperr.log
    2014-03-20 17:45 - 2013-09-09 20:47 - 00078936 ____R (Symantec Corporation) C:\Windows\system32\Drivers\SymIMV.sys
    2014-03-20 17:35 - 2014-03-20 17:36 - 01933048 _____ (Bleeping Computer, LLC) C:\Users\B Fizzle\Downloads\rkill.exe
    2014-03-20 14:29 - 2014-01-08 20:22 - 05694464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mstscax.dll
    2014-03-20 14:29 - 2014-01-03 16:44 - 06574592 _____ (Microsoft Corporation) C:\Windows\system32\mstscax.dll
    2014-03-19 21:30 - 2013-10-01 20:22 - 00056832 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\TsUsbFlt.sys
    2014-03-19 21:30 - 2013-10-01 20:11 - 00013824 _____ (Microsoft Corporation) C:\Windows\system32\TsUsbRedirectionGroupPolicyControl.exe
    2014-03-19 21:30 - 2013-10-01 20:08 - 00012800 _____ (Microsoft Corporation) C:\Windows\system32\TsUsbRedirectionGroupPolicyExtension.dll
    2014-03-19 21:30 - 2013-10-01 19:48 - 00056832 _____ (Microsoft Corporation) C:\Windows\system32\MsRdpWebAccess.dll
    2014-03-19 21:30 - 2013-10-01 19:48 - 00018944 _____ (Microsoft Corporation) C:\Windows\system32\wksprtPS.dll
    2014-03-19 21:30 - 2013-10-01 19:29 - 00062976 _____ (Microsoft Corporation) C:\Windows\system32\tsgqec.dll
    2014-03-19 21:30 - 2013-10-01 19:10 - 00044544 _____ (Microsoft Corporation) C:\Windows\system32\TsUsbGDCoInstaller.dll
    2014-03-19 21:30 - 2013-10-01 18:15 - 01057280 _____ (Microsoft Corporation) C:\Windows\system32\rdvidcrl.dll
    2014-03-19 21:30 - 2013-10-01 18:14 - 00050176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MsRdpWebAccess.dll
    2014-03-19 21:30 - 2013-10-01 18:14 - 00017920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wksprtPS.dll
    2014-03-19 21:30 - 2013-10-01 18:08 - 00083968 _____ (Microsoft Corporation) C:\Windows\system32\TSWbPrxy.exe
    2014-03-19 21:30 - 2013-10-01 18:01 - 00420864 _____ (Microsoft Corporation) C:\Windows\system32\wksprt.exe
    2014-03-19 21:30 - 2013-10-01 17:58 - 00053248 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tsgqec.dll
    2014-03-19 21:30 - 2013-10-01 17:31 - 01147392 _____ (Microsoft Corporation) C:\Windows\system32\mstsc.exe
    2014-03-19 21:30 - 2013-10-01 17:08 - 00855552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rdvidcrl.dll
    2014-03-19 21:30 - 2013-10-01 16:34 - 01068544 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mstsc.exe
    2014-03-19 21:29 - 2013-09-24 20:23 - 01030144 _____ (Microsoft Corporation) C:\Windows\system32\TSWorkspace.dll
    2014-03-19 21:29 - 2013-09-24 19:57 - 00792576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSWorkspace.dll
    2014-03-19 21:08 - 2014-03-24 21:03 - 00202186 _____ () C:\Windows\WindowsUpdate.log
    2014-03-12 16:22 - 2014-03-12 16:22 - 00000000 ____D () C:\Users\B Fizzle\Documents\Astro-Update-A50-v4142.exe
    2014-03-12 16:19 - 2014-03-12 16:19 - 00000000 ____D () C:\Users\B Fizzle\Documents\Astro-Update-TXD-v4193.exe
    2014-03-12 06:54 - 2014-03-24 18:37 - 00000000 ____D () C:\AdwCleaner
    2014-03-11 18:20 - 2014-03-01 00:05 - 23133696 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
    2014-03-11 18:20 - 2014-02-28 23:17 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
    2014-03-11 18:20 - 2014-02-28 23:16 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
    2014-03-11 18:20 - 2014-02-28 22:58 - 02765824 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
    2014-03-11 18:20 - 2014-02-28 22:52 - 00066048 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
    2014-03-11 18:20 - 2014-02-28 22:51 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
    2014-03-11 18:20 - 2014-02-28 22:42 - 00053760 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
    2014-03-11 18:20 - 2014-02-28 22:40 - 00033792 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
    2014-03-11 18:20 - 2014-02-28 22:37 - 00574976 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
    2014-03-11 18:20 - 2014-02-28 22:33 - 00139264 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
    2014-03-11 18:20 - 2014-02-28 22:33 - 00111616 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
    2014-03-11 18:20 - 2014-02-28 22:32 - 00708608 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
    2014-03-11 18:20 - 2014-02-28 22:30 - 17074688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
    2014-03-11 18:20 - 2014-02-28 22:23 - 00940032 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
    2014-03-11 18:20 - 2014-02-28 22:17 - 00218624 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
    2014-03-11 18:20 - 2014-02-28 22:11 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
    2014-03-11 18:20 - 2014-02-28 22:02 - 00195584 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
    2014-03-11 18:20 - 2014-02-28 21:54 - 05768704 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
    2014-03-11 18:20 - 2014-02-28 21:52 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
    2014-03-11 18:20 - 2014-02-28 21:51 - 00051200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
    2014-03-11 18:20 - 2014-02-28 21:47 - 02168320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
    2014-03-11 18:20 - 2014-02-28 21:43 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
    2014-03-11 18:20 - 2014-02-28 21:43 - 00032768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
    2014-03-11 18:20 - 2014-02-28 21:42 - 00627200 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
    2014-03-11 18:20 - 2014-02-28 21:40 - 00440832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
    2014-03-11 18:20 - 2014-02-28 21:38 - 00112128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
    2014-03-11 18:20 - 2014-02-28 21:37 - 00553472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
    2014-03-11 18:20 - 2014-02-28 21:35 - 02041856 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
    2014-03-11 18:20 - 2014-02-28 21:18 - 13051904 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
    2014-03-11 18:20 - 2014-02-28 21:16 - 00164864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
    2014-03-11 18:20 - 2014-02-28 21:14 - 04244480 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
    2014-03-11 18:20 - 2014-02-28 21:10 - 02334208 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
    2014-03-11 18:20 - 2014-02-28 21:03 - 00524288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
    2014-03-11 18:20 - 2014-02-28 21:00 - 01964032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
    2014-03-11 18:20 - 2014-02-28 20:57 - 11266048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
    2014-03-11 18:20 - 2014-02-28 20:38 - 01393664 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
    2014-03-11 18:20 - 2014-02-28 20:32 - 01820160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
    2014-03-11 18:20 - 2014-02-28 20:27 - 01156096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
    2014-03-11 18:20 - 2014-02-28 20:25 - 00817664 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
    2014-03-11 18:20 - 2014-02-28 20:25 - 00703488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
    2014-03-11 18:20 - 2014-02-06 19:23 - 03156480 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
    2014-03-11 18:20 - 2014-01-28 20:32 - 00484864 _____ (Microsoft Corporation) C:\Windows\system32\wer.dll
    2014-03-11 18:20 - 2014-01-28 20:06 - 00381440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wer.dll
    2014-03-11 18:20 - 2014-01-27 20:32 - 00228864 _____ (Microsoft Corporation) C:\Windows\system32\wwansvc.dll
    2014-03-11 18:18 - 2014-02-03 20:32 - 01424384 _____ (Microsoft Corporation) C:\Windows\system32\WindowsCodecs.dll
    2014-03-11 18:18 - 2014-02-03 20:32 - 00624128 _____ (Microsoft Corporation) C:\Windows\system32\qedit.dll
    2014-03-11 18:18 - 2014-02-03 20:04 - 01230336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WindowsCodecs.dll
    2014-03-11 18:18 - 2014-02-03 20:04 - 00509440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\qedit.dll
    2014-03-08 16:42 - 2014-03-08 16:42 - 00000000 ____D () C:\ProgramData\Roblox
    2014-03-08 02:44 - 2014-03-08 02:44 - 00659968 _____ () C:\Users\B Fizzle\Downloads\MicrosoftFixit50195.msi
    2014-03-08 02:11 - 2014-03-08 02:25 - 00000000 ____D () C:\ProgramData\Malwarebytes' Anti-Malware (portable)
    2014-03-08 02:11 - 2014-03-08 02:11 - 12589848 _____ (Malwarebytes Corp.) C:\Users\B Fizzle\Downloads\mbar-1.07.0.1009.exe
    2014-03-08 02:11 - 2014-03-08 02:11 - 00091352 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys
    2014-03-08 01:24 - 2014-03-08 01:25 - 58080904 _____ (Microsoft Corporation) C:\Users\B Fizzle\Downloads\EIE11_EN-US_WOL_WIN764.EXE
    2014-03-08 01:14 - 2014-03-08 01:14 - 04765152 _____ (Piriform Ltd) C:\Users\B Fizzle\Downloads\ccsetup411.exe
    2014-03-07 21:39 - 2014-03-19 21:24 - 00000000 ____D () C:\Users\B Fizzle\AppData\Local\BeamNG
    2014-03-04 14:03 - 2014-03-05 20:05 - 00000092 _____ () C:\Users\B Fizzle\AppData\Roaming\WB.CFG
    2014-03-04 14:02 - 2014-03-04 14:02 - 00000000 ____D () C:\Program Files\Quiknowledge
    2014-03-01 10:16 - 2012-08-21 13:01 - 00033240 _____ (GEAR Software Inc.) C:\Windows\system32\Drivers\GEARAspiWDM.sys
    2014-03-01 10:15 - 2014-03-01 10:16 - 00000000 ____D () C:\ProgramData\34BE82C4-E596-4e99-A191-52C6199EBF69
    2014-03-01 10:15 - 2014-03-01 10:16 - 00000000 ____D () C:\Program Files\iTunes
    2014-03-01 10:15 - 2014-03-01 10:16 - 00000000 ____D () C:\Program Files (x86)\iTunes
    2014-03-01 10:15 - 2014-03-01 10:15 - 00000000 ____D () C:\Program Files\iPod
    2014-02-25 03:46 - 2014-02-25 03:46 - 00000020 ___SH () C:\Users\B Fizzle\ntuser.ini
    2014-02-25 03:34 - 2014-03-10 18:19 - 00000000 ____D () C:\Program Files (x86)\Malwarebytes' Anti-Malware
    2014-02-25 03:34 - 2014-02-25 03:34 - 00001115 _____ () C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
    2014-02-25 03:34 - 2014-02-25 03:34 - 00000000 ____D () C:\Users\B Fizzle\AppData\Roaming\Malwarebytes
    2014-02-25 03:34 - 2014-02-25 03:34 - 00000000 ____D () C:\ProgramData\Malwarebytes
    2014-02-25 03:34 - 2013-04-04 14:50 - 00025928 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys
    2014-02-25 03:12 - 2014-02-25 03:12 - 00001249 _____ () C:\Users\Public\Desktop\Wondershare MobileGo for Android.lnk
    2014-02-25 03:12 - 2014-02-25 03:12 - 00000000 ____D () C:\Users\B Fizzle\AppData\Roaming\Wondershare
    2014-02-25 03:12 - 2014-02-25 03:12 - 00000000 ____D () C:\Users\B Fizzle\AppData\Local\Wondershare
    2014-02-25 03:12 - 2014-02-25 03:12 - 00000000 ____D () C:\Program Files (x86)\Wondershare
    2014-02-25 03:03 - 2014-02-25 03:03 - 00001975 _____ () C:\Users\Public\Desktop\Samsung Kies 3.lnk
    2014-02-25 03:03 - 2014-02-25 03:03 - 00000000 ____D () C:\Users\B Fizzle\Documents\SelfMV
    2014-02-25 02:52 - 2014-01-22 21:21 - 00206080 _____ (DEVGURU Co., LTD.(www.devguru.co.kr)) C:\Windows\system32\Drivers\ssudmdm.sys
    2014-02-25 02:52 - 2014-01-22 21:21 - 00108800 _____ (DEVGURU Co., LTD.(www.devguru.co.kr)) C:\Windows\system32\Drivers\ssudbus.sys
    2014-02-25 02:43 - 2014-02-25 02:43 - 00001067 _____ () C:\Users\B Fizzle\Desktop\PS3ThemeCreator - Shortcut.lnk

    ==================== One Month Modified Files and Folders =======

    2014-03-24 21:03 - 2014-03-24 21:02 - 00022116 _____ () C:\Users\B Fizzle\Desktop\FRST.txt
    2014-03-24 21:03 - 2014-03-19 21:08 - 00202186 _____ () C:\Windows\WindowsUpdate.log
    2014-03-24 21:02 - 2014-03-24 21:02 - 02157056 _____ (Farbar) C:\Users\B Fizzle\Desktop\FRST64.exe
    2014-03-24 21:02 - 2014-03-24 21:02 - 00000000 ____D () C:\FRST
    2014-03-24 21:00 - 2013-02-10 10:24 - 01048576 _____ () C:\Windows\PE_Rom.dll
    2014-03-24 20:59 - 2012-06-24 15:08 - 00000898 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
    2014-03-24 20:57 - 2014-03-20 19:11 - 00002707 _____ () C:\Windows\setupact.log
    2014-03-24 20:57 - 2009-07-13 23:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
    2014-03-24 20:11 - 2012-06-24 15:08 - 00000902 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
    2014-03-24 19:04 - 2014-03-24 18:13 - 00000000 ____D () C:\Users\B Fizzle\Desktop\AntiVirus Stuff
    2014-03-24 18:50 - 2014-03-24 18:25 - 00005011 _____ () C:\Users\B Fizzle\Desktop\New Text Document.txt
    2014-03-24 18:49 - 2009-07-13 22:45 - 00019424 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
    2014-03-24 18:49 - 2009-07-13 22:45 - 00019424 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
    2014-03-24 18:48 - 2014-03-24 18:48 - 00000000 ____D () C:\Windows\System32\Tasks\Norton 360
    2014-03-24 18:48 - 2013-02-10 10:29 - 00000000 _____ () C:\Windows\Path.idx
    2014-03-24 18:42 - 2013-04-12 16:19 - 00003206 _____ () C:\Windows\System32\Tasks\Norton WSC Integration
    2014-03-24 18:42 - 2013-04-12 16:18 - 00000000 ____D () C:\Windows\system32\Drivers\N360x64
    2014-03-24 18:41 - 2013-04-12 16:19 - 00002240 _____ () C:\Users\Public\Desktop\Norton 360.lnk
    2014-03-24 18:37 - 2014-03-12 06:54 - 00000000 ____D () C:\AdwCleaner
    2014-03-24 18:27 - 2014-03-24 18:27 - 00000000 ____D () C:\Windows\ERUNT
    2014-03-24 18:02 - 2014-03-24 17:39 - 00000000 ____D () C:\Windows\SysWOW64\RTCOM
    2014-03-24 17:39 - 2014-03-24 17:39 - 00000000 ____D () C:\Program Files\Realtek
    2014-03-24 17:37 - 2012-06-22 17:22 - 00000000 ___HD () C:\Program Files (x86)\InstallShield Installation Information
    2014-03-24 17:34 - 2014-03-24 13:35 - 00141912 _____ () C:\Windows\PFRO.log
    2014-03-24 14:51 - 2009-07-13 23:13 - 00783336 _____ () C:\Windows\system32\PerfStringBackup.INI
    2014-03-24 14:50 - 2013-02-10 08:36 - 00000000 ____D () C:\Program Files (x86)\Realtek
    2014-03-24 14:46 - 2014-03-24 14:46 - 00015824 _____ () C:\Windows\DPINST.LOG
    2014-03-24 14:46 - 2014-03-24 14:46 - 00000000 ____D () C:\Program Files (x86)\ASM104xUSB3
    2014-03-24 14:26 - 2014-03-24 14:26 - 00002013 _____ () C:\Users\Public\Desktop\Live Update 5.lnk
    2014-03-24 14:04 - 2013-03-09 02:30 - 00000000 ____D () C:\Windows\Minidump
    2014-03-24 14:03 - 2014-03-24 14:03 - 4187497859 _____ () C:\Windows\MEMORY.DMP
    2014-03-24 13:43 - 2014-03-24 13:43 - 00036483 _____ () C:\ComboFix.txt
    2014-03-24 13:43 - 2014-03-24 13:21 - 00000000 ____D () C:\Qoobox
    2014-03-24 13:41 - 2014-03-24 13:21 - 00000000 ____D () C:\Windows\erdnt
    2014-03-24 13:38 - 2009-07-13 20:34 - 00000215 _____ () C:\Windows\system.ini
    2014-03-24 13:36 - 2009-07-13 23:08 - 00032556 _____ () C:\Windows\Tasks\SCHEDLGU.TXT
    2014-03-24 13:02 - 2014-03-24 13:02 - 05192353 ____R (Swearware) C:\Users\B Fizzle\Desktop\ComboFix.exe
    2014-03-20 22:28 - 2012-06-23 10:11 - 00000000 ____D () C:\Users\B Fizzle\AppData\Roaming\SoftGrid Client
    2014-03-20 22:26 - 2014-01-27 20:10 - 00000000 ____D () C:\Users\B Fizzle\Documents\LACYE RESUME
    2014-03-20 19:39 - 2009-07-13 21:20 - 00000000 ____D () C:\Windows\rescache
    2014-03-20 19:14 - 2014-03-20 19:14 - 00069544 _____ () C:\Users\B Fizzle\AppData\Local\GDIPFONTCACHEV1.DAT
    2014-03-20 19:12 - 2014-03-20 19:11 - 04936896 _____ () C:\Windows\system32\FNTCACHE.DAT
    2014-03-20 19:11 - 2014-03-20 19:11 - 00000000 _____ () C:\Windows\setuperr.log
    2014-03-20 17:58 - 2014-01-23 13:58 - 00000000 ____D () C:\Users\B Fizzle\AppData\Local\NPE
    2014-03-20 17:53 - 2013-12-09 18:47 - 00000000 ____D () C:\Users\B Fizzle\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\BeamNG-Techdemo-0.3
    2014-03-20 17:53 - 2012-06-24 14:17 - 00000000 ____D () C:\Users\B Fizzle\Desktop\Games
    2014-03-20 17:36 - 2014-03-20 17:35 - 01933048 _____ (Bleeping Computer, LLC) C:\Users\B Fizzle\Downloads\rkill.exe
    2014-03-19 21:24 - 2014-03-07 21:39 - 00000000 ____D () C:\Users\B Fizzle\AppData\Local\BeamNG
    2014-03-19 21:08 - 2012-06-23 14:44 - 00000000 ____D () C:\Program Files (x86)\Steam
    2014-03-19 19:08 - 2012-08-15 08:06 - 00000000 ____D () C:\Users\B Fizzle\AppData\Roaming\TS3Client
    2014-03-19 19:07 - 2012-08-15 08:05 - 00000000 ____D () C:\Program Files (x86)\TeamSpeak 3 Client
    2014-03-19 18:20 - 2013-10-18 00:34 - 00000000 ____D () C:\Program Files (x86)\MarkAny
    2014-03-19 02:38 - 2013-06-22 16:11 - 00000000 ____D () C:\Users\B Fizzle\AppData\Roaming\Samsung
    2014-03-19 02:38 - 2013-06-22 16:06 - 00000000 ____D () C:\Program Files (x86)\Samsung
    2014-03-19 02:38 - 2013-06-04 02:55 - 00000000 ____D () C:\ProgramData\Samsung
    2014-03-19 02:36 - 2013-01-11 18:00 - 00000000 ____D () C:\ProgramData\Skype
    2014-03-18 14:36 - 2012-06-22 18:45 - 00000000 ____D () C:\ProgramData\Norton
    2014-03-18 14:28 - 2013-12-12 17:10 - 00000000 ____D () C:\Program Files (x86)\OpenDownloaderManager
    2014-03-18 12:57 - 2013-06-09 23:07 - 00000000 ____D () C:\Users\B Fizzle\AppData\Local\Nero
    2014-03-14 05:14 - 2012-08-06 10:58 - 00000000 ____D () C:\Users\B Fizzle\AppData\Local\ArmA 2 OA
    2014-03-12 16:22 - 2014-03-12 16:22 - 00000000 ____D () C:\Users\B Fizzle\Documents\Astro-Update-A50-v4142.exe
    2014-03-12 16:19 - 2014-03-12 16:19 - 00000000 ____D () C:\Users\B Fizzle\Documents\Astro-Update-TXD-v4193.exe
    2014-03-12 10:44 - 2013-07-23 10:58 - 00000000 ____D () C:\Windows\system32\MRT
    2014-03-12 10:43 - 2012-06-22 17:58 - 90015360 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
    2014-03-12 10:41 - 2014-01-15 17:31 - 00000917 _____ () C:\Users\B Fizzle\Desktop\MPC.lnk
    2014-03-12 06:28 - 2012-06-24 01:04 - 00000000 ____D () C:\Program Files\Microsoft Silverlight
    2014-03-12 06:28 - 2012-06-24 01:04 - 00000000 ____D () C:\Program Files (x86)\Microsoft Silverlight
    2014-03-10 19:30 - 2009-07-13 21:20 - 00000000 ___HD () C:\Windows\system32\GroupPolicy
    2014-03-10 18:19 - 2014-02-25 03:34 - 00000000 ____D () C:\Program Files (x86)\Malwarebytes' Anti-Malware
    2014-03-10 17:55 - 2012-08-20 09:42 - 00000000 ____D () C:\Users\B Fizzle\AppData\Local\CrashDumps
    2014-03-09 15:44 - 2012-09-07 02:04 - 00000000 ____D () C:\Users\B Fizzle\AppData\Roaming\.minecraft
    2014-03-09 02:17 - 2014-01-04 21:12 - 00007168 _____ () C:\Users\B Fizzle\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
    2014-03-08 16:42 - 2014-03-08 16:42 - 00000000 ____D () C:\ProgramData\Roblox
    2014-03-08 02:44 - 2014-03-08 02:44 - 00659968 _____ () C:\Users\B Fizzle\Downloads\MicrosoftFixit50195.msi
    2014-03-08 02:25 - 2014-03-08 02:11 - 00000000 ____D () C:\ProgramData\Malwarebytes' Anti-Malware (portable)
    2014-03-08 02:11 - 2014-03-08 02:11 - 12589848 _____ (Malwarebytes Corp.) C:\Users\B Fizzle\Downloads\mbar-1.07.0.1009.exe
    2014-03-08 02:11 - 2014-03-08 02:11 - 00091352 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys
    2014-03-08 01:53 - 2012-09-17 02:48 - 00000258 __RSH () C:\ProgramData\ntuser.pol
    2014-03-08 01:25 - 2014-03-08 01:24 - 58080904 _____ (Microsoft Corporation) C:\Users\B Fizzle\Downloads\EIE11_EN-US_WOL_WIN764.EXE
    2014-03-08 01:25 - 2013-02-08 14:56 - 00000000 ___HD () C:\Windows\msdownld.tmp
    2014-03-08 01:15 - 2013-02-14 12:52 - 00000824 _____ () C:\Users\Public\Desktop\CCleaner.lnk
    2014-03-08 01:14 - 2014-03-08 01:14 - 04765152 _____ (Piriform Ltd) C:\Users\B Fizzle\Downloads\ccsetup411.exe
    2014-03-08 01:14 - 2013-02-14 12:52 - 00000000 ____D () C:\Program Files\CCleaner
    2014-03-08 01:04 - 2012-06-22 17:39 - 00000000 ___RD () C:\Users\B Fizzle\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
    2014-03-07 21:54 - 2009-07-13 21:20 - 00000000 ____D () C:\Windows\SysWOW64\GroupPolicy
    2014-03-05 20:05 - 2014-03-04 14:03 - 00000092 _____ () C:\Users\B Fizzle\AppData\Roaming\WB.CFG
    2014-03-04 14:02 - 2014-03-04 14:02 - 00000000 ____D () C:\Program Files\Quiknowledge
    2014-03-03 16:23 - 2014-01-22 22:38 - 00000000 ____D () C:\Program Files\Common Files\Native Instruments
    2014-03-03 16:21 - 2012-06-23 10:17 - 00692616 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
    2014-03-03 16:21 - 2012-06-23 10:17 - 00071048 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
    2014-03-02 13:47 - 2012-11-12 16:10 - 00000000 ____D () C:\Users\B Fizzle\Documents\LACYE
    2014-03-01 10:16 - 2014-03-01 10:15 - 00000000 ____D () C:\ProgramData\34BE82C4-E596-4e99-A191-52C6199EBF69
    2014-03-01 10:16 - 2014-03-01 10:15 - 00000000 ____D () C:\Program Files\iTunes
    2014-03-01 10:16 - 2014-03-01 10:15 - 00000000 ____D () C:\Program Files (x86)\iTunes
    2014-03-01 10:15 - 2014-03-01 10:15 - 00000000 ____D () C:\Program Files\iPod
    2014-03-01 10:14 - 2012-06-23 21:07 - 00000000 ____D () C:\ProgramData\Apple
    2014-03-01 00:05 - 2014-03-11 18:20 - 23133696 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
    2014-02-28 23:17 - 2014-03-11 18:20 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
    2014-02-28 23:16 - 2014-03-11 18:20 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
    2014-02-28 22:58 - 2014-03-11 18:20 - 02765824 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
    2014-02-28 22:52 - 2014-03-11 18:20 - 00066048 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
    2014-02-28 22:51 - 2014-03-11 18:20 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
    2014-02-28 22:42 - 2014-03-11 18:20 - 00053760 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
    2014-02-28 22:40 - 2014-03-11 18:20 - 00033792 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
    2014-02-28 22:37 - 2014-03-11 18:20 - 00574976 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
    2014-02-28 22:33 - 2014-03-11 18:20 - 00139264 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
    2014-02-28 22:33 - 2014-03-11 18:20 - 00111616 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
    2014-02-28 22:32 - 2014-03-11 18:20 - 00708608 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
    2014-02-28 22:30 - 2014-03-11 18:20 - 17074688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
    2014-02-28 22:23 - 2014-03-11 18:20 - 00940032 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
    2014-02-28 22:17 - 2014-03-11 18:20 - 00218624 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
    2014-02-28 22:11 - 2014-03-11 18:20 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
    2014-02-28 22:02 - 2014-03-11 18:20 - 00195584 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
    2014-02-28 21:54 - 2014-03-11 18:20 - 05768704 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
    2014-02-28 21:52 - 2014-03-11 18:20 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
    2014-02-28 21:51 - 2014-03-11 18:20 - 00051200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
    2014-02-28 21:47 - 2014-03-11 18:20 - 02168320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
    2014-02-28 21:43 - 2014-03-11 18:20 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
    2014-02-28 21:43 - 2014-03-11 18:20 - 00032768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
    2014-02-28 21:42 - 2014-03-11 18:20 - 00627200 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
    2014-02-28 21:40 - 2014-03-11 18:20 - 00440832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
    2014-02-28 21:38 - 2014-03-11 18:20 - 00112128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
    2014-02-28 21:37 - 2014-03-11 18:20 - 00553472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
    2014-02-28 21:35 - 2014-03-11 18:20 - 02041856 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
    2014-02-28 21:18 - 2014-03-11 18:20 - 13051904 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
    2014-02-28 21:16 - 2014-03-11 18:20 - 00164864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
    2014-02-28 21:14 - 2014-03-11 18:20 - 04244480 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
    2014-02-28 21:10 - 2014-03-11 18:20 - 02334208 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
    2014-02-28 21:03 - 2014-03-11 18:20 - 00524288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
    2014-02-28 21:00 - 2014-03-11 18:20 - 01964032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
    2014-02-28 20:57 - 2014-03-11 18:20 - 11266048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
    2014-02-28 20:38 - 2014-03-11 18:20 - 01393664 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
    2014-02-28 20:32 - 2014-03-11 18:20 - 01820160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
    2014-02-28 20:27 - 2014-03-11 18:20 - 01156096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
    2014-02-28 20:25 - 2014-03-11 18:20 - 00817664 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
    2014-02-28 20:25 - 2014-03-11 18:20 - 00703488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
    2014-02-25 03:46 - 2014-02-25 03:46 - 00000020 ___SH () C:\Users\B Fizzle\ntuser.ini
    2014-02-25 03:46 - 2012-06-22 17:39 - 00000000 ____D () C:\Users\B Fizzle
    2014-02-25 03:34 - 2014-02-25 03:34 - 00001115 _____ () C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
    2014-02-25 03:34 - 2014-02-25 03:34 - 00000000 ____D () C:\Users\B Fizzle\AppData\Roaming\Malwarebytes
    2014-02-25 03:34 - 2014-02-25 03:34 - 00000000 ____D () C:\ProgramData\Malwarebytes
    2014-02-25 03:12 - 2014-02-25 03:12 - 00001249 _____ () C:\Users\Public\Desktop\Wondershare MobileGo for Android.lnk
    2014-02-25 03:12 - 2014-02-25 03:12 - 00000000 ____D () C:\Users\B Fizzle\AppData\Roaming\Wondershare
    2014-02-25 03:12 - 2014-02-25 03:12 - 00000000 ____D () C:\Users\B Fizzle\AppData\Local\Wondershare
    2014-02-25 03:12 - 2014-02-25 03:12 - 00000000 ____D () C:\Program Files (x86)\Wondershare
    2014-02-25 03:12 - 2013-06-04 02:46 - 00000000 ____D () C:\Users\B Fizzle\.android
    2014-02-25 03:03 - 2014-02-25 03:03 - 00001975 _____ () C:\Users\Public\Desktop\Samsung Kies 3.lnk
    2014-02-25 03:03 - 2014-02-25 03:03 - 00000000 ____D () C:\Users\B Fizzle\Documents\SelfMV
    2014-02-25 03:02 - 2012-07-03 15:49 - 00000000 ____D () C:\Users\B Fizzle\AppData\Local\Downloaded Installations
    2014-02-25 02:43 - 2014-02-25 02:43 - 00001067 _____ () C:\Users\B Fizzle\Desktop\PS3ThemeCreator - Shortcut.lnk
    2014-02-24 09:12 - 2014-01-15 18:14 - 00000000 ____D () C:\Users\B Fizzle\AppData\Roaming\MPC

    Some content of TEMP:
    ====================
    C:\Users\B Fizzle\AppData\Local\Temp\ntdll_dump.dll
    C:\Users\B Fizzle\AppData\Local\Temp\Quarantine.exe


    ==================== Bamital & volsnap Check =================

    C:\Windows\System32\winlogon.exe => MD5 is legit
    C:\Windows\System32\wininit.exe => MD5 is legit
    C:\Windows\SysWOW64\wininit.exe => MD5 is legit
    C:\Windows\explorer.exe => MD5 is legit
    C:\Windows\SysWOW64\explorer.exe => MD5 is legit
    C:\Windows\System32\svchost.exe => MD5 is legit
    C:\Windows\SysWOW64\svchost.exe => MD5 is legit
    C:\Windows\System32\services.exe => MD5 is legit
    C:\Windows\System32\User32.dll => MD5 is legit
    C:\Windows\SysWOW64\User32.dll => MD5 is legit
    C:\Windows\System32\userinit.exe => MD5 is legit
    C:\Windows\SysWOW64\userinit.exe => MD5 is legit
    C:\Windows\System32\rpcss.dll => MD5 is legit
    C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit


    LastRegBack: 2014-03-11 18:53

    ==================== End Of Log ============================
     
  7. 2oldGeek

    2oldGeek Active member

    Joined:
    Jun 16, 2005
    Messages:
    3,687
    Likes Received:
    35
    Trophy Points:
    78
    I’ll give you some suggestions when we finish this….

    Looks like you have picked up something that I haven’t seen since about 2004. I’ll have to do some research and maybe go through some of my old notes. lol

    Looks like your Hosts file has been hijacked, I just know that you didn’t install these:

    O1 HOSTS File: ([2014/03/08 01:53:03 | 000,001,354 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts
    O1 - Hosts: 127.0.0.1 activate.adobe.com
    O1 - Hosts: 127.0.0.1 practivate.adobe.com
    O1 - Hosts: 127.0.0.1 ereg.adobe.com
    O1 - Hosts: 127.0.0.1 activate.wip3.adobe.com
    O1 - Hosts: 127.0.0.1 wip3.adobe.com
    O1 - Hosts: 127.0.0.1 3dns-3.adobe.com
    O1 - Hosts: 127.0.0.1 3dns-2.adobe.com
    O1 - Hosts: 127.0.0.1 adobe-dns.adobe.com
    O1 - Hosts: 127.0.0.1 adobe-dns-2.adobe.com
    O1 - Hosts: 127.0.0.1 adobe-dns-3.adobe.com
    O1 - Hosts: 127.0.0.1 ereg.wip3.adobe.com
    O1 - Hosts: 127.0.0.1 activate-sea.adobe.com
    O1 - Hosts: 127.0.0.1 wwis-dubc1-vip60.adobe.com
    O1 - Hosts: 127.0.0.1 activate-sjc0.adobe.com
    O1 - Hosts: 54.225.95.126 ajakpekbmnkgnjbpajgkdhimcbeoocam

    The last line points to a site that is blocked in my machine but I don’t remember just why.

    It’s late and I’m old… Let me see what I can find out and I’ll get back to you tomorrow.

    2oG
     
  8. 2oldGeek

    2oldGeek Active member

    Joined:
    Jun 16, 2005
    Messages:
    3,687
    Likes Received:
    35
    Trophy Points:
    78
    Hi jaymacc81,

    You have a lot in that gaming box that I am unfamiliar with so this may take a while.

    I missed getting the second log from FRST which I will need.

    Please check if you have the addition.txt log and if you do please post it for me.
    If not then re-run FRST and check the box for addition.txt (lower right) and scan again then please post the addition.txt..

    Looks like you have hijacks that the malware scanners missed. It may take me a little while to dig them out so please bare with me. :)

    2oG
     
  9. jaymacc81

    jaymacc81 Member

    Joined:
    Sep 30, 2010
    Messages:
    15
    Likes Received:
    0
    Trophy Points:
    11
    As for the HOSTS file, I may or may not have altered them a while back to keep adobe updater from updating :/ lol...... Just to throw that out there. But it was a long time ago and Ive had no problems until recently. Also seems the window bomb has stopped and that now alls well unless the computer goes to sleep, then it crashes. Everytime I turn on my computer im at the black screen where it says windows encountered a error and gives me a option to start in safe mode or normal. But it also was doing this when the window bomb started, this isn't a new problem.

    Heres the second log:
    Additional scan result of Farbar Recovery Scan Tool (x64) Version: 13-03-2014
    Ran by B Fizzle at 2014-03-24 21:03:49
    Running from C:\Users\B Fizzle\Desktop
    Boot Mode: Normal
    ==========================================================


    ==================== Security Center ========================

    AV: Norton 360 (Enabled - Up to date) {D87FA2C0-F526-77B1-D6EC-0EDF3936CEDB}
    AS: Norton 360 (Enabled - Up to date) {631E4324-D31C-783F-EC5C-35AD42B18466}
    AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
    FW: Norton 360 (Enabled) {E04423E5-BF49-76E9-FDB3-A7EAC7E589A0}

    ==================== Installed Programs ======================

    7-Zip 9.20 (HKLM-x32\...\7-Zip 9.20) (Version: - )
    Ace of Spades (HKLM-x32\...\Steam App 224540) (Version: - Jagex Limited)
    Adobe After Effects CS5.5 (HKLM-x32\...\{E82097B9-A3B8-404A-9A92-AC16A8AC9576}) (Version: 10.5 - Adobe Systems Incorporated)
    Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 3.7.0.2090 - Adobe Systems Incorporated)
    Adobe AIR (x32 Version: 3.7.0.2090 - Adobe Systems Incorporated) Hidden
    Adobe Download Assistant (HKLM-x32\...\com.adobe.downloadassistant.AdobeDownloadAssistant) (Version: 1.2.6 - Adobe Systems Incorporated)
    Adobe Download Assistant (x32 Version: 1.2.6 - Adobe Systems Incorporated) Hidden
    Adobe Flash Player 11 Plugin (HKLM-x32\...\Adobe Flash Player Plugin) (Version: 11.6.602.171 - Adobe Systems Incorporated)
    Adobe Flash Player 12 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 12.0.0.70 - Adobe Systems Incorporated)
    Adobe Help Manager (HKLM-x32\...\chc.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1) (Version: 4.0.244 - Adobe Systems Incorporated)
    Adobe Help Manager (x32 Version: 4.0.244 - Adobe Systems Incorporated) Hidden
    Adobe Media Player (HKLM-x32\...\com.adobe.amp.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1) (Version: 1.8 - Adobe Systems Incorporated)
    Adobe Media Player (x32 Version: 1.8 - Adobe Systems Incorporated) Hidden
    Adobe Photoshop CS5 (HKLM-x32\...\{15FEDA5F-141C-4127-8D7E-B962D1742728}) (Version: 12.0 - Adobe Systems Incorporated)
    Adobe Photoshop Elements 10 (HKLM-x32\...\Adobe Photoshop Elements 10) (Version: 10.0 - Adobe Systems Incorporated)
    Adobe Photoshop Elements 10 (x32 Version: 10.0 - Adobe Systems Incorporated) Hidden
    Adobe Photoshop.com Inspiration Browser (HKLM-x32\...\PhotoshopdotcomInspirationBrowser.4C35C4D325D350FE0114230CBADCA2DDD0AC8D25.1) (Version: 3.07 - Adobe Systems Incorporated)
    Adobe Photoshop.com Inspiration Browser (x32 Version: 3.07 - Adobe Systems Incorporated) Hidden
    Adobe Premiere Elements 10 (HKLM\...\PremElem100) (Version: 10.0 - Adobe Systems Incorporated)
    Adobe Premiere Elements 10 (Version: 10.0 - Adobe Systems Incorporated) Hidden
    Adobe Premiere Pro CS6 (HKLM-x32\...\{7176B973-6011-43C1-AEBC-2D73FE7C6982}) (Version: 6.0 - Adobe Systems Incorporated)
    Adobe Reader XI (11.0.06) (HKLM-x32\...\{AC76BA86-7AD7-1033-7B44-AB0000000001}) (Version: 11.0.06 - Adobe Systems Incorporated)
    Adobe Shockwave Player 12.0 (HKLM-x32\...\Adobe Shockwave Player) (Version: 12.0.5.146 - Adobe Systems, Inc.)
    Adobe Story (HKLM-x32\...\com.adobe.AdobeStory.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1) (Version: 1.0.571 - Adobe Systems Incorporated)
    Adobe Story (x32 Version: 1.0.571 - Adobe Systems Incorporated) Hidden
    AI Suite II (HKLM-x32\...\{34D3688E-A737-44C5-9E2A-FF73618728E1}) (Version: 2.00.01 - ASUSTeK Computer Inc.)
    Akai THE 809 (HKLM-x32\...\Akai The809_is1) (Version: - )
    Akai THE BANK (HKLM-x32\...\Akai TheBANK_is1) (Version: - )
    AMD Accelerated Video Transcoding (Version: 13.30.100.40131 - Advanced Micro Devices, Inc.) Hidden
    AMD APP SDK Runtime (Version: 10.0.1124.2 - Advanced Micro Devices Inc.) Hidden
    AMD Catalyst Control Center (x32 Version: 2014.0131.1535.27922 - Advanced Micro Devices, Inc.) Hidden
    AMD Catalyst Install Manager (HKLM\...\{8D2C98CB-7D5D-25CE-C72B-3F2C257F0284}) (Version: 8.0.916.0 - Advanced Micro Devices, Inc.)
    AMD Drag and Drop Transcoding (Version: 2.00.0000 - Advanced Micro Devices, Inc.) Hidden
    AMD Fuel (Version: 2014.0131.1535.27922 - Advanced Micro Devices, Inc.) Hidden
    AMD Media Foundation Decoders (Version: 1.0.81206.1620 - Advanced Micro Devices, Inc.) Hidden
    AMD Steady Video Plug-In (Version: 2.07.0000 - AMD) Hidden
    AMD Wireless Display v3.0 (Version: 1.0.0.14 - Advanced Micro Devices, Inc.) Hidden
    AMD Wireless Display v3.0 (Version: 1.0.0.15 - Advanced Micro Devices, Inc.) Hidden
    Apple Application Support (HKLM-x32\...\{AAC5D43E-816D-4C2D-8E51-55FFF35BE301}) (Version: 3.0.1 - Apple Inc.)
    Apple Mobile Device Support (HKLM\...\{787136D2-F0F8-4625-AA3F-72D7795AC842}) (Version: 7.1.1.3 - Apple Inc.)
    Application Profiles (HKLM-x32\...\{A231A6F2-2C80-6203-ED35-2CFB96B25A38}) (Version: 2.0.4719.35969 - Advanced Micro Devices, Inc.)
    ArcSoft TotalMedia Extreme (HKLM-x32\...\{E7A1B94F-A981-49B2-868F-DFEA471AB17D}) (Version: 2.0.45.12 - ArcSoft)
    ARMA 2 (HKLM-x32\...\Steam App 33900) (Version: - Bohemia Interactive)
    ARMA 2: Operation Arrowhead (HKLM-x32\...\Steam App 33930) (Version: - Bohemia Interactive)
    Arma 3 Alpha (HKLM-x32\...\Steam App 107410) (Version: - )
    Asmedia ASM104x USB 3.0 Host Controller Driver (HKLM-x32\...\{E4FB0B39-C991-4EE7-95DD-1A1A7857D33D}) (Version: 1.16.2.0 - Asmedia Technology)
    Asmedia ASM106x SATA Host Controller Driver (HKLM-x32\...\{61942EF5-2CD8-47D4-869C-2E9A8BB085F1}) (Version: 1.3.4.000 - Asmedia Technology)
    ASUS Boot Setting (HKLM-x32\...\{7AAE9187-C24F-4073-A951-36C370E7A3A5}) (Version: 1.00.09 - ASUSTeK Computer Inc.)
    ASUS Product Register Program (HKLM-x32\...\{49BE9B8A-E858-4533-A74A-64306C13DB59}) (Version: 1.0.014 - ASUS)
    Battlefield 3™ (HKLM-x32\...\{76285C16-411A-488A-BCE3-C83CB933D8CF}) (Version: 1.5.0.0 - Electronic Arts)
    Battlefield 4™ (HKLM-x32\...\{ABADE36E-EC37-413B-8179-B432AD3FACE7}) (Version: 1.1.0.0 - Electronic Arts)
    Battlelog Web Plugins (HKLM-x32\...\Battlelog Web Plugins) (Version: 2.3.2 - EA Digital Illusions CE AB)
    BattlEye for OA Uninstall (HKLM-x32\...\BattlEye for OA) (Version: - )
    BattlEye Uninstall (HKLM-x32\...\BattlEye for A2) (Version: - )
    Belkin USB Print and Storage Center (HKLM\...\Belkin USB Print and Storage Center) (Version: 1.1.4 - Belkin International, Inc.)
    BitTorrent (HKCU\...\BitTorrent) (Version: 7.8.2.30332 - BitTorrent Inc.)
    bl (x32 Version: 1.0.0 - Your Company Name) Hidden
    Bonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 - Apple Inc.)
    Bruteforce Save Data (HKLM-x32\...\Bruteforce Save Data) (Version: - )
    Canon RAW Image Task for ZoomBrowser EX (HKLM-x32\...\RAW Image Task) (Version: 3.1.0.22 - Canon Inc.)
    Canon Utilities CameraWindow (HKLM-x32\...\CameraWindowLauncher) (Version: 7.0.0.8 - Canon Inc.)
    Canon Utilities CameraWindow DC_DV 6 for ZoomBrowser EX (HKLM-x32\...\CameraWindowDVC6) (Version: 6.4.1.15 - Canon Inc.)
    Canon Utilities Digital Photo Professional 3.2 (HKLM-x32\...\DPP) (Version: 3.2.1.5 - Canon Inc.)
    Canon Utilities EOS Utility (HKLM-x32\...\EOS Utility) (Version: 2.2.1.3 - Canon Inc.)
    Canon Utilities MyCamera (HKLM-x32\...\MyCamera) (Version: 6.4.0.5 - Canon Inc.)
    Canon Utilities PhotoStitch (HKLM-x32\...\PhotoStitch) (Version: 3.1.20.44 - Canon Inc.)
    Canon Utilities Picture Style Editor (HKLM-x32\...\Picture Style Editor) (Version: 1.1.0.2 - Canon Inc.)
    Canon Utilities RemoteCapture Task for ZoomBrowser EX (HKLM-x32\...\RemoteCaptureTask) (Version: 1.7.1.9 - Canon Inc.)
    Canon Utilities WFT-E1/E2/E3 Utility (HKLM-x32\...\WFTK) (Version: 3.2.0.0 - Canon Inc.)
    Canon Utilities ZoomBrowser EX (HKLM-x32\...\ZoomBrowser EX) (Version: 6.0.1.248 - Canon Inc.)
    Canon ZoomBrowser EX Memory Card Utility (HKLM-x32\...\ZoomBrowser EX Memory Card Utility) (Version: 1.0.0.19 - Canon Inc.)
    Catalyst Control Center - Branding (x32 Version: 1.00.0000 - Advanced Micro Devices, Inc.) Hidden
    Catalyst Control Center Graphics Previews Common (x32 Version: 2014.0131.1535.27922 - Advanced Micro Devices, Inc.) Hidden
    Catalyst Control Center InstallProxy (x32 Version: 2014.0131.1535.27922 - Advanced Micro Devices, Inc.) Hidden
    Catalyst Control Center Localization All (x32 Version: 2014.0131.1535.27922 - Advanced Micro Devices, Inc.) Hidden
    CCC Help Chinese Standard (x32 Version: 2014.0131.1534.27922 - Advanced Micro Devices, Inc.) Hidden
    CCC Help Chinese Traditional (x32 Version: 2014.0131.1534.27922 - Advanced Micro Devices, Inc.) Hidden
    CCC Help Czech (x32 Version: 2014.0131.1534.27922 - Advanced Micro Devices, Inc.) Hidden
    CCC Help Danish (x32 Version: 2014.0131.1534.27922 - Advanced Micro Devices, Inc.) Hidden
    CCC Help Dutch (x32 Version: 2014.0131.1534.27922 - Advanced Micro Devices, Inc.) Hidden
    CCC Help English (x32 Version: 2014.0131.1534.27922 - Advanced Micro Devices, Inc.) Hidden
    CCC Help Finnish (x32 Version: 2014.0131.1534.27922 - Advanced Micro Devices, Inc.) Hidden
    CCC Help French (x32 Version: 2014.0131.1534.27922 - Advanced Micro Devices, Inc.) Hidden
    CCC Help German (x32 Version: 2014.0131.1534.27922 - Advanced Micro Devices, Inc.) Hidden
    CCC Help Greek (x32 Version: 2014.0131.1534.27922 - Advanced Micro Devices, Inc.) Hidden
    CCC Help Hungarian (x32 Version: 2014.0131.1534.27922 - Advanced Micro Devices, Inc.) Hidden
    CCC Help Italian (x32 Version: 2014.0131.1534.27922 - Advanced Micro Devices, Inc.) Hidden
    CCC Help Japanese (x32 Version: 2014.0131.1534.27922 - Advanced Micro Devices, Inc.) Hidden
    CCC Help Korean (x32 Version: 2014.0131.1534.27922 - Advanced Micro Devices, Inc.) Hidden
    CCC Help Norwegian (x32 Version: 2014.0131.1534.27922 - Advanced Micro Devices, Inc.) Hidden
    CCC Help Polish (x32 Version: 2014.0131.1534.27922 - Advanced Micro Devices, Inc.) Hidden
    CCC Help Portuguese (x32 Version: 2014.0131.1534.27922 - Advanced Micro Devices, Inc.) Hidden
    CCC Help Russian (x32 Version: 2014.0131.1534.27922 - Advanced Micro Devices, Inc.) Hidden
    CCC Help Spanish (x32 Version: 2014.0131.1534.27922 - Advanced Micro Devices, Inc.) Hidden
    CCC Help Swedish (x32 Version: 2014.0131.1534.27922 - Advanced Micro Devices, Inc.) Hidden
    CCC Help Thai (x32 Version: 2014.0131.1534.27922 - Advanced Micro Devices, Inc.) Hidden
    CCC Help Turkish (x32 Version: 2014.0131.1534.27922 - Advanced Micro Devices, Inc.) Hidden
    ccc-utility64 (Version: 2014.0131.1535.27922 - Advanced Micro Devices, Inc.) Hidden
    CCleaner (HKLM\...\CCleaner) (Version: 4.11 - Piriform)
    Content Manager Assistant for PlayStation(R) (HKLM-x32\...\{DC8FA1C1-BE26-4889-85F1-A98AE6E37979}) (Version: 1.20.5157.38 - Sony Computer Entertainment Inc.)
    CPUID ASUS CPU-Z 1.61 (HKLM\...\CPUID ASUS CPU-Z_is1) (Version: 1.61 - CPUID, Inc.)
    DayZ (HKLM-x32\...\Steam App 221100) (Version: - Bohemia Interactive)
    DayZ Commander (HKLM-x32\...\{790412BB-B6CE-459B-9E17-7DA7C20FC98C}) (Version: 0.9.124 - Dotjosh Studios)
    Elements 10 Organizer (x32 Version: 10.0 - Adobe Systems Incorporated) Hidden
    eReg (x32 Version: 1.20.138.34 - Logitech, Inc.) Hidden
    ESN Sonar (HKLM-x32\...\ESN Sonar-0.70.4) (Version: 0.70.4 - ESN Social Software AB)
    FL Studio 11 (HKLM-x32\...\FL Studio 11) (Version: - Image-Line)
    FlowStone FL 3.0 (HKLM-x32\...\FlowStone) (Version: - )
    Fraps (remove only) (HKLM-x32\...\Fraps) (Version: - )
    Google Chrome (HKLM-x32\...\Google Chrome) (Version: 31.0.1650.63 - Google Inc.)
    Google Earth (HKLM-x32\...\{4D2A6330-2F8B-11E3-9C40-B8AC6F97B88E}) (Version: 7.1.2.2041 - Google)
    Google Toolbar for Internet Explorer (HKLM-x32\...\{2318C2B1-4965-11d4-9B18-009027A5CD4F}) (Version: 7.5.4601.54 - Google Inc.)
    Google Toolbar for Internet Explorer (x32 Version: 1.0.0 - Google Inc.) Hidden
    Google Update Helper (x32 Version: 1.3.22.5 - Google Inc.) Hidden
    Grand Theft Auto (HKLM-x32\...\Grand Theft Auto) (Version: - )
    GTA2 (HKLM-x32\...\{2987EE84-C4EE-4FF5-8160-32DE00D6ABC6}) (Version: 1.00.001 - )
    Hauppauge HDPVR Scheduler (HKLM-x32\...\Hauppauge HDPVR Scheduler) (Version: - Hauppauge Computer Works)
    Hauppauge WinTV Scheduler (HKLM-x32\...\Hauppauge WinTV Scheduler) (Version: - )
    High-Definition Video Playback 10 (x32 Version: 7.0.11000.25.1 - Nero AG) Hidden
    HydraVision (x32 Version: 4.2.252.0 - Advanced Micro Devices, Inc.) Hidden
    IL Download Manager (HKLM-x32\...\IL Download Manager) (Version: - Image-Line)
    IL Shared Libraries (HKLM-x32\...\IL Shared Libraries) (Version: - Image-Line)
    Itibiti RTC (x32 Version: 0.0.1 - Itibiti Inc) Hidden
    iTunes (HKLM\...\{B8BA155B-1E75-405F-9CB4-8A99615D09DC}) (Version: 11.1.5.5 - Apple Inc.)
    Java 7 Update 51 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83217025FF}) (Version: 7.0.510 - Oracle)
    Java 7 Update 7 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F86417007FF}) (Version: 7.0.70 - Oracle)
    Java Auto Updater (x32 Version: 2.1.9.8 - Sun Microsystems, Inc.) Hidden
    LightScribe System Software (HKLM-x32\...\{82EF29B1-9B60-4142-A155-0599216DD053}) (Version: 1.18.6.1 - LightScribe)
    Live Update 5 (HKLM-x32\...\{E8BAA541-D161-4C9B-85BF-01F05A56BD7F}}_is1) (Version: 5.0.114 - MSI)
    Loadout (HKLM-x32\...\Steam App 208090) (Version: - )
    Malwarebytes Anti-Malware version 1.75.0.1300 (HKLM-x32\...\Malwarebytes' Anti-Malware_is1) (Version: 1.75.0.1300 - Malwarebytes Corporation)
    M-Audio M-Track Driver 1.0.6 (x64) (HKLM\...\{7E76C229-D68D-480E-BB99-DAF73BE3C67B}) (Version: 1.0.6 - M-Audio)
    Microsoft .NET Framework 4.5.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50938 - Microsoft Corporation)
    Microsoft .NET Framework 4.5.1 (Version: 4.5.50938 - Microsoft Corporation) Hidden
    Microsoft Office Click-to-Run 2010 (HKLM-x32\...\Office14.Click2Run) (Version: 14.0.6120.5004 - Microsoft Corporation)
    Microsoft Office Click-to-Run 2010 (Version: 14.0.6120.5004 - Microsoft Corporation) Hidden
    Microsoft Office Home and Student 2010 - English (HKLM-x32\...\{90140011-0061-0409-0000-0000000FF1CE}) (Version: 14.0.6120.5005 - Microsoft Corporation)
    Microsoft Primary Interoperability Assemblies 2005 (HKLM-x32\...\{D24DB8B9-BB6C-4334-9619-BA1C650E13D3}) (Version: 8.0.50727.42 - Microsoft Corporation)
    Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.30214.0 - Microsoft Corporation)
    Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
    Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
    Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
    Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{071c9b48-7c32-4621-a0ac-3f809523288f}) (Version: 8.0.56336 - Microsoft Corporation)
    Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}) (Version: 8.0.59192 - Microsoft Corporation)
    Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
    Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729 (HKLM\...\{4FFA2088-8317-3B14-93CD-4C699DB37843}) (Version: 9.0.30729 - Microsoft Corporation)
    Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
    Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
    Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
    Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
    Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
    Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
    Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
    Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
    Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
    Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.50727 (HKLM-x32\...\{15134cb0-b767-4960-a911-f2d16ae54797}) (Version: 11.0.50727.1 - Microsoft Corporation)
    Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.51106 (HKLM-x32\...\{6e8f74e0-43bd-4dce-8477-6ff6828acc07}) (Version: 11.0.51106.1 - Microsoft Corporation)
    Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.60610 (HKLM-x32\...\{a1909659-0a08-4554-8af1-2175904903a1}) (Version: 11.0.60610.1 - Microsoft Corporation)
    Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.50727 (HKLM-x32\...\{22154f09-719a-4619-bb71-5b3356999fbf}) (Version: 11.0.50727.1 - Microsoft Corporation)
    Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.51106 (HKLM-x32\...\{8e70e4e1-06d7-470b-9f74-a51bef21088e}) (Version: 11.0.51106.1 - Microsoft Corporation)
    Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.60610 (HKLM-x32\...\{95716cce-fc71-413f-8ad5-56c2892d4b3a}) (Version: 11.0.60610.1 - Microsoft Corporation)
    Microsoft Visual C++ 2012 x64 Additional Runtime - 11.0.50727 (Version: 11.0.50727 - Microsoft Corporation) Hidden
    Microsoft Visual C++ 2012 x64 Additional Runtime - 11.0.60610 (Version: 11.0.60610 - Microsoft Corporation) Hidden
    Microsoft Visual C++ 2012 x64 Minimum Runtime - 11.0.50727 (Version: 11.0.50727 - Microsoft Corporation) Hidden
    Microsoft Visual C++ 2012 x64 Minimum Runtime - 11.0.60610 (Version: 11.0.60610 - Microsoft Corporation) Hidden
    Microsoft Visual C++ 2012 x86 Additional Runtime - 11.0.50727 (x32 Version: 11.0.50727 - Microsoft Corporation) Hidden
    Microsoft Visual C++ 2012 x86 Additional Runtime - 11.0.60610 (x32 Version: 11.0.60610 - Microsoft Corporation) Hidden
    Microsoft Visual C++ 2012 x86 Minimum Runtime - 11.0.50727 (x32 Version: 11.0.50727 - Microsoft Corporation) Hidden
    Microsoft Visual C++ 2012 x86 Minimum Runtime - 11.0.60610 (x32 Version: 11.0.60610 - Microsoft Corporation) Hidden
    Microsoft_VC80_ATL_x86 (x32 Version: 8.0.50727.4053 - Adobe) Hidden
    Microsoft_VC80_ATL_x86_x64 (Version: 8.0.50727.4053 - Adobe) Hidden
    Microsoft_VC80_CRT_x86 (x32 Version: 8.0.50727.4053 - Adobe) Hidden
    Microsoft_VC80_CRT_x86_x64 (Version: 8.0.50727.4053 - Adobe) Hidden
    Microsoft_VC80_MFC_x86 (x32 Version: 8.0.50727.4053 - Adobe) Hidden
    Microsoft_VC80_MFC_x86_x64 (Version: 8.0.50727.4053 - Adobe) Hidden
    Microsoft_VC80_MFCLOC_x86 (x32 Version: 8.0.50727.4053 - Adobe) Hidden
    Microsoft_VC80_MFCLOC_x86_x64 (Version: 80.50727.4053 - Adobe) Hidden
    Microsoft_VC90_ATL_x86 (x32 Version: 1.00.0000 - Adobe) Hidden
    Microsoft_VC90_ATL_x86_x64 (Version: 1.00.0000 - Adobe) Hidden
    Microsoft_VC90_CRT_x86 (x32 Version: 1.00.0000 - Adobe) Hidden
    Microsoft_VC90_CRT_x86_x64 (Version: 1.00.0000 - Adobe) Hidden
    Microsoft_VC90_MFC_x86 (x32 Version: 1.00.0000 - Adobe) Hidden
    Microsoft_VC90_MFC_x86_x64 (Version: 1.00.0000 - Adobe) Hidden
    Microsoft_VC90_MFCLOC_x86 (x32 Version: 1.00.0000 - Adobe) Hidden
    MotioninJoy Gamepad tool 0.7.1001 (HKLM\...\{330DAC67-5B62-452A-A0E4-6B4A5923940F}_is1) (Version: 0.7.1001 - www.motioninjoy.com)
    MPC 1.2.0 (HKLM-x32\...\MPC_is1) (Version: 1.2.0 - Akai Professional)
    MPC 1.6.0 (HKLM\...\com.akaipro.mpc.standard_is1) (Version: 1.6.0 - Akai Professional)
    MPC Factory Content 1.2.0 (HKLM-x32\...\MPC Factory Content_is1) (Version: 1.2.0 - Akai Professional)
    MPC Studio driver (HKLM\...\USB_AUDIO_DEusb-audio.deAkaiACV1) (Version: - )
    MSI Afterburner 2.1.0 (HKLM-x32\...\Afterburner) (Version: 2.1.0 - MSI Co., LTD)
    MSI Kombustor 2.5.1 (HKLM-x32\...\{0B7C79A5-5CB2-4ABD-A9C1-92A6213CE8DD}_is1) (Version: - MSI Co., LTD)
    MSVCRT Redists (Version: 1.0 - Sony Creative Software Inc.) Hidden
    MSXML 4.0 SP2 (KB954430) (HKLM-x32\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
    MSXML 4.0 SP2 (KB973688) (HKLM-x32\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
    Nero 10 ClipartPack (HKLM-x32\...\{96ED4B78-300E-4033-AE6C-C115CEB4DF07}) (Version: 10.0.10300.0.0 - Nero AG)
    Nero 10 Menu TemplatePack 1 (HKLM-x32\...\{42C8B7DF-FEB0-4D51-B169-506B6BEC5797}) (Version: 10.0.10300.0.0 - Nero AG)
    Nero 10 Menu TemplatePack 2 (HKLM-x32\...\{E712C273-7564-4C8E-AA59-0FA19BC35117}) (Version: 10.0.10300.0.0 - Nero AG)
    Nero 10 Menu TemplatePack 3 (HKLM-x32\...\{92146419-AE44-4C8B-A48B-0ABB1B5EC026}) (Version: 10.0.10300.0.0 - Nero AG)
    Nero 10 Menu TemplatePack Basic (x32 Version: 10.0.10300.0.0 - Nero AG) Hidden
    Nero 10 Movie ThemePack 1 (HKLM-x32\...\{43FBAB46-5969-4200-9958-1FF81FEE506F}) (Version: 10.0.10300.1.0 - Nero AG)
    Nero 10 Movie ThemePack 2 (HKLM-x32\...\{70F19404-B96C-4EBB-AD2B-3574F8736197}) (Version: 10.0.10300.1.0 - Nero AG)
    Nero 10 Movie ThemePack Basic (x32 Version: 10.0.10300.1.0 - Nero AG) Hidden
    Nero 10 Sample ImagePack (HKLM-x32\...\{ACD15FDF-FC42-4175-B477-576F92FF2256}) (Version: 10.0.10300.0.0 - Nero AG)
    Nero 10 Sample Videos (HKLM-x32\...\{92A10E9D-EA00-4A46-8F22-EEA660992D61}) (Version: 10.0.10300.2.0 - Nero AG)
    Nero BackItUp 10 (HKLM-x32\...\{68AB6930-5BFF-4FF6-923B-516A91984FE6}) (Version: 5.4.11100.14.101 - Nero AG)
    Nero BackItUp 10 Help (CHM) (x32 Version: 1.0.10500 - Nero AG) Hidden
    Nero Burning ROM 10 (HKLM-x32\...\{7A5D731D-B4B3-490E-B339-75685712BAAB}) (Version: 10.0.10700.7.100 - Nero AG)
    Nero BurningROM 10 Help (CHM) (x32 Version: 1.0.10500 - Nero AG) Hidden
    Nero BurnRights 10 (HKLM-x32\...\{943CFD7D-5336-47AF-9418-E02473A5A517}) (Version: 4.0.10600.9.100 - Nero AG)
    Nero BurnRights 10 Help (CHM) (x32 Version: 1.0.10500 - Nero AG) Hidden
    Nero Control Center 10 (x32 Version: 10.0.11500.1.0 - Nero AG) Hidden
    Nero Core Components 10 (x32 Version: 2.0.13100.0.1 - Nero AG) Hidden
    Nero CoverDesigner 10 (HKLM-x32\...\{FCF00A6E-FB58-477A-ABE9-232907105521}) (Version: 5.0.10500.7.100 - Nero AG)
    Nero CoverDesigner 10 Help (CHM) (x32 Version: 1.0.10500 - Nero AG) Hidden
    Nero DiscSpeed 10 (HKLM-x32\...\{34490F4E-48D0-492E-8249-B48BECF0537C}) (Version: 6.0.10400.4.100 - Nero AG)
    Nero DiscSpeed 10 Help (CHM) (x32 Version: 1.0.10500 - Nero AG) Hidden
    Nero Dolby Files 10 (x32 Version: 2.0.11000.0.10 - Nero AG) Hidden
    Nero Express 10 (HKLM-x32\...\{70550193-1C22-445C-8FA4-564E155DB1A7}) (Version: 10.0.10500.7.100 - Nero AG)
    Nero Express 10 Help (CHM) (x32 Version: 1.0.10500 - Nero AG) Hidden
    Nero InfoTool 10 (HKLM-x32\...\{F412B4AF-388C-4FF5-9B2F-33DB1C536953}) (Version: 7.0.10400.5.100 - Nero AG)
    Nero InfoTool 10 Help (CHM) (x32 Version: 1.0.10500 - Nero AG) Hidden
    Nero MediaHub 10 (HKLM-x32\...\{1F7FB68F-52F6-46A3-B42F-38CE46295AE5}) (Version: 1.0.11000.6.100 - Nero AG)
    Nero MediaHub 10 Help (CHM) (x32 Version: 1.0.10500 - Nero AG) Hidden
    Nero Multimedia Suite 10 (HKLM-x32\...\{277C1559-4CF7-44FF-8D07-98AA9C13AABD}) (Version: 10.0.11200 - Nero AG)
    Nero Recode 10 (HKLM-x32\...\{8ECEC853-5C3D-4B10-B5C7-FF11FF724807}) (Version: 4.6.10600.1.100 - Nero AG)
    Nero Recode 10 Help (CHM) (x32 Version: 1.0.10500 - Nero AG) Hidden
    Nero RescueAgent 10 (HKLM-x32\...\{E337E787-CF61-4B7B-B84F-509202A54023}) (Version: 3.0.10500.5.100 - Nero AG)
    Nero RescueAgent 10 Help (CHM) (x32 Version: 1.0.10500 - Nero AG) Hidden
    Nero SoundTrax 10 (HKLM-x32\...\{E1EE5339-5D32-458F-BAAB-B19F6301BCE2}) (Version: 4.6.10500.1.100 - Nero AG)
    Nero SoundTrax 10 Help (CHM) (x32 Version: 1.0.10500 - Nero AG) Hidden
    Nero StartSmart 10 (HKLM-x32\...\{F61D489E-6C44-49AC-AD02-7DA8ACA73A65}) (Version: 10.0.10500.4.100 - Nero AG)
    Nero StartSmart 10 Help (CHM) (x32 Version: 1.0.10500 - Nero AG) Hidden
    Nero Update (HKLM-x32\...\{65BB0407-4CC8-4DC7-952E-3EEFDF05602A}) (Version: 1.0.0012 - Nero AG)
    Nero Vision 10 (HKLM-x32\...\{9A4297F3-2A51-4ED9-92CA-4BCB8380947E}) (Version: 7.0.10700.4.100 - Nero AG)
    Nero Vision 10 Help (CHM) (x32 Version: 1.0.10500 - Nero AG) Hidden
    Nero WaveEditor 10 Help (CHM) (x32 Version: 1.0.10500 - Nero AG) Hidden
    Next Car Game (HKLM-x32\...\Steam App 228380) (Version: - Bugbear)
    Next Car Game Sneak Peek 2.0 (HKLM-x32\...\Steam App 272860) (Version: - Bugbear)
    nfoViewerLite 1.0.0.0 (HKLM-x32\...\nfoViewerLite) (Version: 1.0.0.0 - Amnis Technology Ltd)
    Norton 360 (HKLM-x32\...\N360) (Version: 21.2.0.38 - Symantec Corporation)
    Norton PC Checkup (HKLM-x32\...\NortonPCCheckup) (Version: 2.0.15.96 - Symantec Corporation)
    Origin (HKLM-x32\...\Origin) (Version: 8.6.0.357 - Electronic Arts, Inc.)
    PDF Settings CS5 (x32 Version: 10.0 - Adobe Systems Incorporated) Hidden
    ph (x32 Version: 1.0.0 - Your Company Name) Hidden
    PlanetSide 2 (HKLM-x32\...\Steam App 218230) (Version: - Sony Online Entertainment)
    Play withSIX (HKLM-x32\...\{8E634921-4547-4CA9-AF79-08B735431C12}) (Version: 1.00.0102 - SIX Networks)
    PowerDirector (Version: 10.00.0000 - CyberLink Corp.) Hidden
    PRE10STI64Installer (x32 Version: 1.0 - Adobe Systems Incorporated) Hidden
    PSE10 STI Installer (x32 Version: 10.0 - Adobe Systems Incorporated) Hidden
    PunkBuster Services (HKLM-x32\...\PunkBusterSvc) (Version: 0.993 - Even Balance, Inc.)
    PX5 Advanced Sound Editor (HKLM-x32\...\{276B495F-9DB0-4FC6-BEB0-85C91FC0F5E2}) (Version: 1.0.0.1 - Turtle Beach)
    PxMergeModule (x32 Version: 1.00.0000 - Your Company Name) Hidden
    QuickTime (HKLM-x32\...\{B67BAFBA-4C9F-48FA-9496-933E3B255044}) (Version: 7.74.80.86 - Apple Inc.)
    Raptr (HKLM-x32\...\Raptr) (Version: - )
    Rapture 1.2.2 (HKLM-x32\...\Rapture_x64_is1) (Version: 18.0 - Cakewalk Music Software)
    Razer Synapse 2.0 (HKLM-x32\...\{0D78BEE2-F8FF-4498-AF1A-3FF81CED8AC6}) (Version: 1.17.22 - Razer Inc.)
    Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 7.77.1126.2013 - Realtek)
    Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7111 - Realtek Semiconductor Corp.)
    reFX Nexus VSTi RTAS v2.2.0 (HKLM-x32\...\reFX Nexus_is1) (Version: - )
    Samsung Kies3 (HKLM-x32\...\InstallShield_{88547073-C566-4895-9005-EBE98EA3F7C7}) (Version: 3.2.14013.45 - Samsung Electronics Co., Ltd.)
    Samsung Kies3 (x32 Version: 3.2.14013.45 - Samsung Electronics Co., Ltd.) Hidden
    SAMSUNG USB Driver for Mobile Phones (HKLM\...\{D0795B21-0CDA-4a92-AB9E-6E92D8111E44}) (Version: 1.5.34.0 - SAMSUNG Electronics Co., Ltd.)
    Sendori (HKLM-x32\...\Sendori) (Version: 2.0.6 - Sendori, Inc.)
    Six Updater (HKLM-x32\...\{2D8CED57-CCDB-4D86-9087-3BBCAE8F8F22}) (Version: 2.09.7038 - Six Projects)
    SmartSound Common Data (HKLM-x32\...\InstallShield_{B8A2869E-30CA-40C5-9CF8-BD7354E57EF8}) (Version: 1.1.0 - SmartSound Software Inc.)
    SmartSound Common Data (x32 Version: 1.1.0 - SmartSound Software Inc.) Hidden
    SmartSound Premiere Elements 10 x64 Plugin (HKLM\...\{3DAE9A67-DD8D-4EDB-91F7-7B5132B1864D}) (Version: 5.70.0001 - SmartSound Software Inc.)
    SmartSound Quicktracks 5 (HKLM-x32\...\InstallShield_{2F8BA3FD-1FA9-4279-B696-712ABB12F09F}) (Version: 5.1.8 - SmartSound Software Inc.)
    SmartSound Quicktracks 5 (x32 Version: 5.1.8 - SmartSound Software Inc.) Hidden
    SmartSound Sonicfire Pro 5 (HKLM-x32\...\InstallShield_{1D273D91-D7D5-4036-8B84-EB4615FF5F81}) (Version: 5.7.1 - SmartSound Software Inc.)
    SmartSound Sonicfire Pro 5 (x32 Version: 5.7.1 - SmartSound Software Inc.) Hidden
    SONAR X2 Producer x64 (HKLM-x32\...\SONARX2Producer_x64_is1) (Version: 19.0 - Cakewalk Music Software)
    Steam (HKLM-x32\...\{048298C9-A4D3-490B-9FF9-AB023A9238F3}) (Version: 1.0.0.0 - Valve Corporation)
    Steinberg Hypersonic VSTi DXi v2.0 (HKLM-x32\...\Steinberg Hypersonic VSTi DXi_is1) (Version: - )
    swMSM (x32 Version: 12.0.0.1 - Adobe Systems, Inc) Hidden
    TAL-BassLine-101 (64bit) (HKLM\...\{B31DF24E-BF27-4797-B72E-174382E7898F}) (Version: 1.3.6 - TAL - Togu Audio Line)
    TeamSpeak 3 Client (HKLM-x32\...\TeamSpeak 3 Client) (Version: 3.0.14 - TeamSpeak Systems GmbH)
    Trapcode Suite 64-bit (HKLM-x32\...\InstallShield_{DE02D760-9D68-49BA-A1CE-FDEC5892608D}) (Version: 11.0.2 - Red Giant Software)
    Trapcode Suite 64-bit (Version: 11.0.2 - Red Giant Software) Hidden
    Tuner Internet Update Application (HKLM-x32\...\{17699980-496B-47D6-B0B1-9A83085B4739}) (Version: 9.1.0 - Tuner Updates)
    WIDCOMM Bluetooth Software (HKLM\...\{A1439D4F-FD46-47F2-A1D3-FEE097C29A09}) (Version: 6.5.1.2700 - Broadcom Corporation)
    WinCDEmu (HKLM-x32\...\WinCDEmu) (Version: 3.6 - Bazis)
    Windows Driver Package - FTDI CDM Driver Package (03/13/2008 2.04.06) (HKLM\...\A106663FD3361BDFACB045D83EBA03858EB1E411) (Version: 03/13/2008 2.04.06 - FTDI)
    Windows Driver Package - FTDI CDM Driver Package (03/13/2008 2.04.06) (HKLM\...\F2F24872454C7CAEAABD8BB063F70FBEFF01989D) (Version: 03/13/2008 2.04.06 - FTDI)
    WinRAR 4.20 (64-bit) (HKLM\...\WinRAR archiver) (Version: 4.20.0 - win.rar GmbH)
    Wondershare MobileGo for Android ( Version 4.3.0 ) (HKLM-x32\...\{1E04C795-7359-4E05-8A0E-5644F777AA08}_is1) (Version: 4.3.0 - Wondershare)

    ==================== Restore Points =========================

    19-03-2014 08:34:38 Removed Skype Click to Call
    19-03-2014 08:35:26 Removed Skype™ 6.11
    19-03-2014 08:36:55 Removed Samsung Kies
    20-03-2014 03:29:47 Windows Update
    21-03-2014 00:28:00 Windows Update
    24-03-2014 19:24:10 ComboFix created restore point
    24-03-2014 19:58:52 Removed Apple Software Update
    24-03-2014 19:59:22 Removed Apple Mobile Device Support
    24-03-2014 20:49:46 Installed Realtek Ethernet Controller Driver

    ==================== Hosts content: ==========================

    2009-07-13 20:34 - 2014-03-24 13:38 - 00000027 ____A C:\Windows\system32\Drivers\etc\hosts
    127.0.0.1 localhost

    ==================== Scheduled Tasks (whitelisted) =============

    Task: {04C8F769-39DC-4FB9-8DF5-CB3E36EE6395} - System32\Tasks\Microsoft\Windows\Media Center\Extender\Update media permissions for Mcx1-BFIZZLE-PC => C:\Windows\ehome\McxTask.exe [2009-07-13] (Microsoft Corporation)
    Task: {09E532B0-90BC-4FDB-BF82-15FB0B772295} - \GoforFilesUpdate No Task File
    Task: {1F1095DB-9661-4A2F-B82E-BC96CD83310C} - System32\Tasks\ASUS\ASUS AI Suite II Execute => C:\Program Files (x86)\ASUS\AI Suite II\AsRoutineController.exe [2012-03-13] (ASUSTeK Computer Inc.)
    Task: {2F042EB8-9D1A-461A-AD92-F88ABED21573} - System32\Tasks\Norton 360\Norton Error Analyzer => C:\Program Files (x86)\Norton 360\Engine\21.2.0.38\SymErr.exe [2014-01-30] (Symantec Corporation)
    Task: {3BE4C619-1933-499E-93E5-1BCAE883628B} - \BackgroundContainer Startup Task No Task File
    Task: {5D1DBD59-420B-4A75-A4D2-EBBA732B0B8C} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2012-06-24] (Google Inc.)
    Task: {5FCF9B7F-A3D5-47F8-9DF2-736BCDA278EB} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2014-02-20] (Piriform Ltd)
    Task: {60F427EB-3E2E-477A-AB71-7AD049E85CAE} - \dsmonitor No Task File
    Task: {7B9C6ED0-CC90-4A83-877B-69CBF7655ACE} - System32\Tasks\ASUS\ASUS WiFi GO! Server Execute => C:\Program Files (x86)\ASUS\AI Suite II\Remote GO!\AssistTools\WiFi GO! Server.exe [2012-07-12] (ASUSTeK Computer Inc.)
    Task: {908D0121-C1E9-4944-AFEC-0B35450E5592} - \MySearchDial No Task File
    Task: {AA72F51E-EF9D-4DAF-956F-889C683AD6F8} - System32\Tasks\Norton 360\Norton Error Processor => C:\Program Files (x86)\Norton 360\Engine\21.2.0.38\SymErr.exe [2014-01-30] (Symantec Corporation)
    Task: {C5BE521F-4BF6-419A-AB4E-DF2B1422D2D7} - System32\Tasks\ASUS\ASUS Network iControl Help Execute => C:\Program Files (x86)\ASUS\AI Suite II\Network iControl\NetSvcHelp\NetSvcHelpEntry.exe [2012-05-02] (ASUSTeK Computer Inc.)
    Task: {CBBB48BA-DA88-4CBF-9F3E-319C7DAC3AB7} - System32\Tasks\ASUS\ASUS DigiPowerControl Help => C:\Program Files (x86)\ASUS\AI Suite II\DIGI+ Power Control\PowerControlHelp.exe [2012-07-23] (ASUSTeK Computer Inc.)
    Task: {CD7967EF-B6B4-4EBB-9D6D-6CA452633C35} - System32\Tasks\ASUS\USB 3.0 Boost Service => C:\Program Files (x86)\ASUS\AI Suite II\USB 3.0 Boost\U3BoostSvr.exe [2011-09-09] ()
    Task: {E0976BAF-429E-4D60-AC40-7D2002F13C89} - System32\Tasks\Norton WSC Integration => C:\Program Files (x86)\Norton 360\Engine\21.2.0.38\WSCStub.exe [2014-03-11] (Symantec Corporation)
    Task: {E6742044-4D74-443F-B8BB-68D2788BB6F5} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2012-06-24] (Google Inc.)
    Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
    Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

    ==================== Loaded Modules (whitelisted) =============

    2013-07-16 15:43 - 2011-04-19 16:31 - 00150016 ____N () C:\Program Files\Belkin\Belkin USB Print and Storage Center\BkLocalBackup.dll
    2014-01-31 15:38 - 2014-01-31 15:38 - 00214528 _____ () C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Container.PerformanceTuning.dll
    2013-11-04 15:03 - 2013-11-04 15:03 - 00818688 _____ () C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Device.dll
    2013-11-04 15:03 - 2013-11-04 15:03 - 03650560 _____ () C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Platform.dll
    2012-06-01 03:42 - 2012-06-01 03:42 - 00920736 ____N () C:\Program Files (x86)\ASUS\AXSP\1.00.19\atkexComSvc.exe
    2013-07-16 15:43 - 2011-04-19 16:31 - 00181760 ____N () C:\Program Files\Belkin\Belkin USB Print and Storage Center\BkBackupScheduler.exe
    2013-07-16 15:43 - 2010-02-09 15:55 - 00055296 ____N () C:\Program Files\Belkin\Belkin USB Print and Storage Center\Bkapcs.exe
    2013-11-11 15:13 - 2013-11-11 15:13 - 00076888 _____ () C:\Windows\SysWOW64\PnkBstrA.exe
    2014-01-31 15:38 - 2014-01-31 15:38 - 00102400 _____ () C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Proxy.Native.dll
    2013-02-10 10:05 - 2014-03-24 20:58 - 00037376 _____ () C:\Program Files (x86)\ASUS\AXSP\1.00.19\PEbiosinterface32.dll
    2013-02-10 10:05 - 2010-06-28 20:58 - 00104448 ____N () C:\Program Files (x86)\ASUS\AXSP\1.00.19\ATKEX.dll
    2013-02-10 10:09 - 2012-05-02 18:04 - 00233472 _____ () C:\Program Files (x86)\ASUS\AI Suite II\Remote GO!\AssistTools\AudioProjection.dll
    2013-02-10 10:09 - 2010-12-14 17:46 - 00067584 _____ () C:\Program Files (x86)\ASUS\AI Suite II\Remote GO!\AssistTools\CoreAudioCap.dll
    2013-02-10 10:09 - 2012-06-22 13:32 - 00184320 _____ () C:\Program Files (x86)\ASUS\AI Suite II\Remote GO!\AssistTools\DLCapPP.dll
    2013-02-10 10:09 - 2011-08-09 14:52 - 00425984 _____ () C:\Program Files (x86)\ASUS\AI Suite II\Remote GO!\AssistTools\awiscale.DLL
    2013-02-10 10:09 - 2012-01-12 16:44 - 00475136 _____ () C:\Program Files (x86)\ASUS\AI Suite II\Remote GO!\AssistTools\WiFiGO_HookKey.dll
    2013-02-10 10:09 - 2012-04-20 16:24 - 00716800 _____ () C:\Program Files (x86)\ASUS\AI Suite II\Remote GO!\AssistTools\WiMoveHelp.dll
    2013-02-10 10:09 - 2012-04-25 14:47 - 00659456 _____ () C:\Program Files (x86)\ASUS\AI Suite II\Remote GO!\AssistTools\PhoneCtrlAPI.dll
    2013-02-10 10:08 - 2012-07-31 15:21 - 00152064 _____ () C:\Program Files (x86)\ASUS\AI Suite II\Network iControl\NetSvcHelp\gep.dll
    2013-02-10 10:08 - 2012-08-08 16:45 - 00786432 _____ () C:\Program Files (x86)\ASUS\AI Suite II\Network iControl\NetSvcHelp\func.dll
    2013-02-10 10:08 - 2010-10-05 08:22 - 00253952 _____ () C:\Program Files (x86)\ASUS\AI Suite II\Network iControl\NetSvcHelp\pngio.dll
    2013-02-10 10:12 - 2012-05-17 04:57 - 00043520 ____N () C:\Program Files (x86)\ASUS\AI Suite II\TurboV EVO\HookKey32.dll
    2013-02-10 10:12 - 2012-07-05 12:05 - 00253952 _____ () C:\Program Files (x86)\ASUS\AI Suite II\TurboV EVO\pngio.dll
    2013-02-10 10:06 - 2011-07-12 19:14 - 00147456 _____ () C:\Program Files (x86)\ASUS\AI Suite II\AssistFunc.dll
    2013-02-10 10:06 - 2010-10-05 08:22 - 00253952 _____ () C:\Program Files (x86)\ASUS\AI Suite II\pngio.dll
    2013-02-10 10:07 - 2011-09-26 19:36 - 00869376 _____ () C:\Program Files (x86)\ASUS\AI Suite II\AI Charger+\AIChargerPlus.dll
    2013-02-10 10:06 - 2012-03-21 12:07 - 00972288 _____ () C:\Program Files (x86)\ASUS\AI Suite II\BarGadget\BarGadget.dll
    2013-02-10 10:08 - 2012-06-19 12:56 - 01305600 _____ () C:\Program Files (x86)\ASUS\AI Suite II\MyLogo\MyLogo.dll
    2013-02-10 10:08 - 2012-07-25 09:56 - 01124864 _____ () C:\Program Files (x86)\ASUS\AI Suite II\Network iControl\Network iControl.dll
    2013-02-10 10:09 - 2012-07-10 17:55 - 01625600 _____ () C:\Program Files (x86)\ASUS\AI Suite II\Remote GO!\WiFiGO.dll
    2013-02-10 10:06 - 2012-05-25 10:33 - 00883712 _____ () C:\Program Files (x86)\ASUS\AI Suite II\Sensor\Sensor.dll
    2013-02-10 10:06 - 2012-05-28 21:27 - 01622528 _____ () C:\Program Files (x86)\ASUS\AI Suite II\Sensor Graph\SensorGraph.dll
    2013-02-10 10:06 - 2011-09-19 20:18 - 01243136 _____ () C:\Program Files (x86)\ASUS\AI Suite II\Settings\Settings.dll
    2013-02-10 10:06 - 2011-07-21 09:06 - 00846848 _____ () C:\Program Files (x86)\ASUS\AI Suite II\Splitter\Splitter.dll
    2013-02-10 10:06 - 2011-10-14 20:03 - 00885248 _____ () C:\Program Files (x86)\ASUS\AI Suite II\TabGadget\TabGadget.dll
    2013-02-10 10:11 - 2011-06-08 11:15 - 00651264 _____ () C:\Program Files (x86)\ASUS\AI Suite II\Thermal Radar\ThermalRadar.dll
    2013-02-10 10:05 - 2010-08-22 20:17 - 00662016 ____R () C:\Program Files (x86)\ASUS\AAHM\1.00.20\aaHMLib.dll
    2013-02-10 10:06 - 2010-10-05 08:22 - 00208896 _____ () C:\Program Files (x86)\ASUS\AI Suite II\ImageHelper.dll
    2013-02-10 10:13 - 2012-01-19 09:39 - 00028672 _____ () C:\Program Files (x86)\ASUS\AI Suite II\USB BIOS Flashback\PEInfo.dll
    2013-02-10 10:06 - 2009-08-12 20:15 - 00253952 _____ () C:\Program Files (x86)\ASUS\AI Suite II\Sensor\AlertHelper\pngio.dll

    ==================== Alternate Data Streams (whitelisted) =========

    AlternateDataStreams: C:\ProgramData\Temp:373E1720
    AlternateDataStreams: C:\Users\B Fizzle\Local Settings:SD0GNCEJwjrJjHeaLxuWshkrWtM
    AlternateDataStreams: C:\Users\B Fizzle\AppData\Local:SD0GNCEJwjrJjHeaLxuWshkrWtM
    AlternateDataStreams: C:\Users\B Fizzle\AppData\Local\Application Data:SD0GNCEJwjrJjHeaLxuWshkrWtM
    AlternateDataStreams: C:\Users\B Fizzle\AppData\Local\Temp:CExGEznTqg1VC2PvGEI7rli

    ==================== Safe Mode (whitelisted) ===================

    HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\sndappv2 => ""="service"

    ==================== Disabled items from MSCONFIG ==============

    MSCONFIG\Services: AdobeActiveFileMonitor10.0 => 2
    MSCONFIG\Services: AdobeARMservice => 2
    MSCONFIG\Services: AdobeFlashPlayerUpdateSvc => 3
    MSCONFIG\Services: Apple Mobile Device => 2
    MSCONFIG\Services: Application Sendori => 2
    MSCONFIG\Services: Bonjour Service => 2
    MSCONFIG\Services: BstHdAndroidSvc => 2
    MSCONFIG\Services: BstHdLogRotatorSvc => 2
    MSCONFIG\Services: DefaultTabUpdate => 2
    MSCONFIG\Services: gusvc => 3
    MSCONFIG\Services: iPod Service => 3
    MSCONFIG\Services: L4301_Solar => 2
    MSCONFIG\Services: LightScribeService => 2
    MSCONFIG\Services: NAUpdate => 2
    MSCONFIG\Services: Norton PC Checkup Application Launcher => 2
    MSCONFIG\Services: rpcapd => 3
    MSCONFIG\Services: Service Sendori => 2
    MSCONFIG\Services: sndappv2 => 2
    MSCONFIG\Services: SwitchBoard => 3
    MSCONFIG\startupreg: Live Update 5 => C:\Program Files (x86)\MSI\Live Update 5\BootStartLiveupdate.exe /reminder

    ==================== Faulty Device Manager Devices =============


    ==================== Event log errors: =========================

    Application errors:
    ==================

    System errors:
    =============
    Error: (03/24/2014 09:00:30 PM) (Source: Service Control Manager) (User: )
    Description: The following boot-start or system-start driver(s) failed to load:
    amdkmafd
    papycpu2
    papyjoy

    Error: (03/24/2014 09:00:30 PM) (Source: Service Control Manager) (User: )
    Description: The AsusFanControlService service hung on starting.

    Error: (03/24/2014 08:57:57 PM) (Source: Service Control Manager) (User: )
    Description: The AODDriver4.3 service failed to start due to the following error:
    %%2

    Error: (03/24/2014 08:55:31 PM) (Source: Application Popup) (User: )
    Description: \SystemRoot\SysWow64\DRIVERS\papyjoy.sys has been blocked from loading due to incompatibility with this system. Please contact your software vendor for a compatible version of the driver.

    Error: (03/24/2014 08:55:30 PM) (Source: Application Popup) (User: )
    Description: \SystemRoot\SysWow64\DRIVERS\papycpu2.sys has been blocked from loading due to incompatibility with this system. Please contact your software vendor for a compatible version of the driver.

    Error: (03/24/2014 08:57:33 PM) (Source: EventLog) (User: )
    Description: The previous system shutdown at 8:28:05 PM on &#8206;3/&#8206;24/&#8206;2014 was unexpected.

    Error: (03/24/2014 06:42:38 PM) (Source: Service Control Manager) (User: )
    Description: The following boot-start or system-start driver(s) failed to load:
    amdkmafd
    papycpu2
    papyjoy

    Error: (03/24/2014 06:42:38 PM) (Source: Service Control Manager) (User: )
    Description: The AsusFanControlService service hung on starting.

    Error: (03/24/2014 06:40:10 PM) (Source: Service Control Manager) (User: )
    Description: The AODDriver4.3 service failed to start due to the following error:
    %%2

    Error: (03/24/2014 06:38:25 PM) (Source: Application Popup) (User: )
    Description: \SystemRoot\SysWow64\DRIVERS\papyjoy.sys has been blocked from loading due to incompatibility with this system. Please contact your software vendor for a compatible version of the driver.


    Microsoft Office Sessions:
    =========================

    CodeIntegrity Errors:
    ===================================
    Date: 2014-03-24 13:33:20.302
    Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\ComboFix\catchme.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

    Date: 2014-03-24 13:33:20.236
    Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\ComboFix\catchme.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

    Date: 2013-10-30 11:57:53.992
    Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files\ATI Technologies\ATI.ACE\Fuel\amd64\aoddriver2.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

    Date: 2013-10-30 11:57:53.930
    Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files\ATI Technologies\ATI.ACE\Fuel\amd64\aoddriver2.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

    Date: 2013-10-30 11:56:03.217
    Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files\ATI Technologies\ATI.ACE\Fuel\amd64\aoddriver2.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

    Date: 2013-10-30 11:56:03.154
    Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files\ATI Technologies\ATI.ACE\Fuel\amd64\aoddriver2.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

    Date: 2013-10-30 08:28:21.851
    Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files\ATI Technologies\ATI.ACE\Fuel\amd64\aoddriver2.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

    Date: 2013-10-30 08:28:21.798
    Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files\ATI Technologies\ATI.ACE\Fuel\amd64\aoddriver2.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

    Date: 2013-10-30 08:25:38.817
    Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files\ATI Technologies\ATI.ACE\Fuel\amd64\aoddriver2.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

    Date: 2013-10-30 08:25:38.755
    Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files\ATI Technologies\ATI.ACE\Fuel\amd64\aoddriver2.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.


    ==================== Memory info ===========================

    Percentage of memory in use: 15%
    Total physical RAM: 16281.48 MB
    Available physical RAM: 13772.57 MB
    Total Pagefile: 32861.13 MB
    Available Pagefile: 30203.62 MB
    Total Virtual: 8192 MB
    Available Virtual: 8191.82 MB

    ==================== Drives ================================

    Drive c: (OS) (Fixed) (Total:919.32 GB) (Free:624.16 GB) NTFS
    Drive d: (HP_RECOVERY) (Fixed) (Total:12.09 GB) (Free:1.46 GB) NTFS ==>[System with boot components (obtained from reading drive)]

    ==================== MBR & Partition Table ==================

    ========================================================
    Disk: 0 (MBR Code: Windows 7 or 8) (Size: 932 GB) (Disk ID: 2423728E)
    Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
    Partition 2: (Not Active) - (Size=919 GB) - (Type=07 NTFS)
    Partition 3: (Not Active) - (Size=12 GB) - (Type=07 NTFS)

    ==================== End Of Log ============================
     
  10. 2oldGeek

    2oldGeek Active member

    Joined:
    Jun 16, 2005
    Messages:
    3,687
    Likes Received:
    35
    Trophy Points:
    78
    Did you reset your HOSTS file? It looks like you did..
    Code:
    ==================== Hosts content: ========================== 
    
    2009-07-13 20:34 - 2014-03-24 13:38 - 00000027 ____A C:\Windows\system32\Drivers\etc\hosts 
    127.0.0.1 localhost
    
    I am guessing but, I assume you stoped updateing Adobe Flash because you were using the Chorme version.

    'sendori' is considered a bad guy and it shows up in the windsock in OTL log. Found the app and service but haven't found the windsock in FRST.. I hate to mess with the windsock without the proper tool, it has a tendency to screw up if not real careful.
    There are some other findings that I need to research before building a Fixlist..

    Please be patient and I'll get back with you ASAP

    just FYI, I am 71yo and have been Geeking for almost 50 years now. Started in 1965 on an IBM '65.... Will continue until I get patted on the belly with a shovel. LOL


    2oG
     
  11. 2oldGeek

    2oldGeek Active member

    Joined:
    Jun 16, 2005
    Messages:
    3,687
    Likes Received:
    35
    Trophy Points:
    78
    Hi jaymacc81,

    Do the following:

    Please open Notepad. Ensure that word wrap is turned off. Click on Format and make sure that there is not a tick next to Word Wrap. If there's one, click on Word Wrap to remove it. Copy and paste the following in the code box into Notepad:

    Code:
    CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION 
    C:\Users\B Fizzle\AppData\Local\Temp\ntdll_dump.dll
    C:\Users\B Fizzle\AppData\Local\Temp\Quarantine.exe 
    2009-07-13 20:34 - 2014-03-24 13:38 - 00000027 ____A C:\Windows\system32\Drivers\etc\hosts 
    S3 catchme; \??\C:\ComboFix\catchme.sys [X]
    S3 MSICDSetup; \??\E:\CDriver64.sys [X]
    S3 MSI_MSIBIOS_010507; \??\C:\Program Files (x86)\MSI\Live Update 5\msibios64_100507.sys [X]
    S3 NTIOLib_1_0_3; \??\C:\Program Files (x86)\MSI\Super-Charger\NTIOLib_X64.sys [X]
    S0x01000000 papycpu2; \SystemRoot\System32\DRIVERS\papycpu2.sys [X]
    S0x01000000 papyjoy; \SystemRoot\System32\DRIVERS\papyjoy.sys [X]
    HKLM-x32\...\Run: [] - [X] 
    



    Click on File > Save As....

    In the File Name box, copy and paste in fixlist.txt

    Click Save and save it to the same folder containing FRST (desktop?).

    Double click on FRST.exe click the Fix button then OK.

    Now reboot and see if anything has changed.
    I still haven't located the windsock so, we may have to reset your Chrome. We'll see.

    2oG

    P.S. Please post the Fixlog.txt for me :)
     
    Last edited: Mar 25, 2014
  12. jaymacc81

    jaymacc81 Member

    Joined:
    Sep 30, 2010
    Messages:
    15
    Likes Received:
    0
    Trophy Points:
    11
    71 yrs old? Wow! Way to hang in there lol. No worries about response time. I work 12-16hr days and nights, swing shift. So I may not be able to reply immediately. I rarely use Chrome ever, so I can delete it if need be no worries. I get off work at 6am central so I won't be able to run the script u til I get home in the am. Again thanks for all your time. It's well appreciated brother. I'll be in touch as soon as I run the script in the am. Thanks
     
  13. 2oldGeek

    2oldGeek Active member

    Joined:
    Jun 16, 2005
    Messages:
    3,687
    Likes Received:
    35
    Trophy Points:
    78
    i'll be here.
     
  14. 2oldGeek

    2oldGeek Active member

    Joined:
    Jun 16, 2005
    Messages:
    3,687
    Likes Received:
    35
    Trophy Points:
    78
    Are you pulling the wool over my eyes? I'm an old cattleman and that is hard to take. LOL

    In the OTL log, sent first, has a bad HOSTS file, a bad windsock, Firefox and Chrome.

    In the FRST log, has a good HOSTS file, windsock is OK and has NO Firefox, Chrome only. Plus 1 less hdd.. and other dis-similarities..

    The 2 computers are very close but no cigar.. So Wats-Up?


    2oG
     
  15. jaymacc81

    jaymacc81 Member

    Joined:
    Sep 30, 2010
    Messages:
    15
    Likes Received:
    0
    Trophy Points:
    11
    I can assure you I don't know enough to fool anyone lol. I know enough to build on the hardware side but not software or Windows. As for the hdd I was told by I believe it was Rogue Killer to Unplug any USB devices. It's a external drive. So that's why it didn't show up. I still haven't plugged it back up yet. Firefox? I've never used... Haven't never downloaded it so that I can't answer. Windsock I don't even know what that is... But yes I can promise you this is very much the same computer. I can run more scans if you wish. Maybe I need not touch anything else whilst your helping me. Lol sorry
     
  16. jaymacc81

    jaymacc81 Member

    Joined:
    Sep 30, 2010
    Messages:
    15
    Likes Received:
    0
    Trophy Points:
    11
    Also I'll add the only fixes or manipulation on my end were from the programs you told me to download. I haven't taken anything upon myself.
     
  17. 2oldGeek

    2oldGeek Active member

    Joined:
    Jun 16, 2005
    Messages:
    3,687
    Likes Received:
    35
    Trophy Points:
    78
    from the OTL log:
    I think maybe you have a ghost living in there. lol because I got no idea......

    Run another OTL and let's see what comes out this time....

    2oG

    # later: after looking over the OTL log I think OTL is the culprit that's trying to give me hell.. looks like Firefox had been on there at one time and OTL is picking up the leftovers. That's very strange and was driving me up the wall last night.
    Re run the OTL and then run FRST with the addition box checked and maybe I can make some sense out of it now that I think I know what it's doing. lol
     
    Last edited: Mar 26, 2014
  18. jaymacc81

    jaymacc81 Member

    Joined:
    Sep 30, 2010
    Messages:
    15
    Likes Received:
    0
    Trophy Points:
    11
    Just woke up from my night shift slumber.. Do you want me to run the script first? Or just run OTL now?
    Also the wife told me today that she downloaded Firefox to use with her schooling as it was suggested. Then later deleted it... I figured it was something to that nature
     
    Last edited: Mar 26, 2014
  19. 2oldGeek

    2oldGeek Active member

    Joined:
    Jun 16, 2005
    Messages:
    3,687
    Likes Received:
    35
    Trophy Points:
    78
    I guess that explains the confusion.. :) I figured it was something like that, I didn't really think you were spoofing me but, I have had malware victims that have attempted to repair two computers at the same time... lmao

    Forget OTL and just run that little fix then post the fixlog.txt.. After that let me know what problems you are having and what browser is having the problems...

    2oG
     
  20. jaymacc81

    jaymacc81 Member

    Joined:
    Sep 30, 2010
    Messages:
    15
    Likes Received:
    0
    Trophy Points:
    11
    I deleted Norton as well..... you weren't the first that told me it as crap. I downloaded Avast Free and it found a few things on deep scan Norton didn't pick up. That sealed the deal. So now currently im running avast free

    heres fix log:
    Fix result of Farbar Recovery Tool (FRST written by Farbar) (x64) Version: 13-03-2014
    Ran by B Fizzle at 2014-03-26 12:28:10 Run:1
    Running from C:\Users\B Fizzle\Desktop\AntiVirus Stuff
    Boot Mode: Normal
    ==============================================

    Content of fixlist:
    *****************
    CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION
    C:\Users\B Fizzle\AppData\Local\Temp\ntdll_dump.dll
    C:\Users\B Fizzle\AppData\Local\Temp\Quarantine.exe
    2009-07-13 20:34 - 2014-03-24 13:38 - 00000027 ____A C:\Windows\system32\Drivers\etc\hosts
    S3 catchme; \??\C:\ComboFix\catchme.sys [X]
    S3 MSICDSetup; \??\E:\CDriver64.sys [X]
    S3 MSI_MSIBIOS_010507; \??\C:\Program Files (x86)\MSI\Live Update 5\msibios64_100507.sys [X]
    S3 NTIOLib_1_0_3; \??\C:\Program Files (x86)\MSI\Super-Charger\NTIOLib_X64.sys [X]
    S0x01000000 papycpu2; \SystemRoot\System32\DRIVERS\papycpu2.sys [X]
    S0x01000000 papyjoy; \SystemRoot\System32\DRIVERS\papyjoy.sys [X]
    HKLM-x32\...\Run: [] - [X]
    *****************

    HKLM\SOFTWARE\Policies\Google => Key deleted successfully.
    "C:\Users\B Fizzle\AppData\Local\Temp\ntdll_dump.dll" => File/Directory not found.
    "C:\Users\B Fizzle\AppData\Local\Temp\Quarantine.exe" => File/Directory not found.
    C:\Windows\system32\Drivers\etc\hosts => Moved successfully.
    catchme => Service deleted successfully.
    MSICDSetup => Service deleted successfully.
    MSI_MSIBIOS_010507 => Service deleted successfully.
    NTIOLib_1_0_3 => Service deleted successfully.
    HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\ => Value deleted successfully.

    ==== End of Fixlog ====
     

Share This Page