latop is verry slooow [page 2/2]

Advertise at AfterDawn.com

Link to us!

Private messages

Compose a private message

List of all updated threads

Threads without replies

Search messages

Thursday 21.11.2024 / 07:36

Search AfterDawn Forums:

afterdawn.com > forums > software, operating systems and more > windows - virus and spyware problems > latop is verry slooow

Browse by topic

Forums

Start a new thread

latop is verry slooow

Jump to:

Posted

Message

Page:	< Previous	1	2

tali1

Junior Member

30. October 2013 @ 17:26

Link to this message

THANKS V MUCH .Done all that.
Also can i use all the above tools to quick clean my other Pcs- or would i need logs analysis?
So what is best preventative software to use ?
Is it worth using a VPN or TOR?( i just understand the very basics of these nothing more)
Also in those logs what is the tell sign of malware /dodgy /corrupt entries?
:)

[ + quote]

http://www.cslregister.com/forum/image.php?u=329&dateline=1297283151&type=thumb

2oldGeek

AfterDawn Addict

30. October 2013 @ 18:50

Link to this message

Originally posted by tali1:
THANKS V MUCH .Done all that.
Also can i use all the above tools to quick clean my other Pcs- or would i need logs analysis?
So what is best preventative software to use ?
Is it worth using a VPN or TOR?( i just understand the very basics of these nothing more)
Also in those logs what is the tell sign of malware /dodgy /corrupt entries?
:)

You know, I just thought I was through with you:)

I went back and looked over the logs real close and found a few things buried in all those games that I missed the first time.

Tell you what, run OTL again and post the new log, now that the other stuff has been cleaned out and I'll go over it for a final...Then I'll let you know what you need to delete and what you can keep and use. OK?

2oG

[ + quote]

tali1

Junior Member

31. October 2013 @ 14:23

Link to this message

Ok , here are OTL logs-i hope these are last ones! :)

OTL logfile created on: 31/10/2013 18:08:04 - Run 2
OTL by OldTimer - Version 3.2.69.0 Folder = c:\Users\iza\Downloads
Windows Vista Home Basic Edition Service Pack 1 (Version = 6.0.6001) - Type = NTWorkstation
Internet Explorer (Version = 7.0.6001.18000)
Locale: 00000809 | Country: United Kingdom | Language: ENG | Date Format: dd/MM/yyyy

1.75 Gb Total Physical Memory | 0.61 Gb Available Physical Memory | 35.04% Memory free
3.74 Gb Paging File | 2.33 Gb Available in Paging File | 62.16% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\windows | %ProgramFiles% = C:\Program Files
Drive C: | 139.05 Gb Total Space | 42.01 Gb Free Space | 30.22% Space Free | Partition Type: NTFS
Drive D: | 9.00 Gb Total Space | 1.86 Gb Free Space | 20.62% Space Free | Partition Type: NTFS
Drive E: | 695.53 Mb Total Space | 0.00 Mb Free Space | 0.00% Space Free | Partition Type: CDFS
Drive F: | 1020.00 Mb Total Space | 1017.74 Mb Free Space | 99.78% Space Free | Partition Type: FAT32

Computer Name: IZA-PC | User Name: iza | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

[color=#E56717]========== Processes (SafeList) ==========[/color]

PRC - [2013/10/23 21:50:20 | 000,602,112 | ---- | M] (OldTimer Tools) -- c:\Users\iza\Downloads\OTL.exe
PRC - [2013/10/11 20:16:13 | 000,540,160 | ---- | M] () -- c:\ProgramData\SummerSoft\OptimizerPro\OptimizerPro.exe
PRC - [2013/10/09 00:02:45 | 000,844,752 | ---- | M] (Google Inc.) -- C:\Program Files\Google\Chrome\Application\chrome.exe
PRC - [2013/10/01 12:14:40 | 005,087,584 | ---- | M] (TeamViewer GmbH) -- C:\Program Files\TeamViewer\Version8\TeamViewer_Service.exe
PRC - [2013/06/25 16:00:32 | 002,878,504 | ---- | M] (GamersFirst) -- C:\Users\iza\AppData\Local\GamersFirst\LIVE!\Live.exe
PRC - [2013/06/06 21:59:45 | 001,925,656 | ---- | M] (Aeria Games & Entertainment) -- C:\Program Files\Aeria Games\Ignite\aeriaignite.exe
PRC - [2013/05/02 04:53:14 | 000,069,792 | ---- | M] (Absolute Software Corp.) -- C:\Windows\System32\rpcnet.exe
PRC - [2008/10/29 06:29:41 | 002,927,104 | ---- | M] (Microsoft Corporation) -- C:\Windows\explorer.exe
PRC - [2008/07/23 13:55:02 | 000,341,280 | ---- | M] () -- C:\Program Files\SiteAdvisor\6173\SAService.exe
PRC - [2008/06/02 17:32:16 | 000,018,944 | ---- | M] (Hewlett-Packard Development Company, L.P) -- c:\Program Files\Hewlett-Packard\HP ProtectTools Security Manager\PTChangeFilterService.exe
PRC - [2008/05/30 16:36:20 | 000,256,512 | ---- | M] (SafeBoot International) -- c:\Program Files\Hewlett-Packard\Drive Encryption\HpFkCrypt.exe
PRC - [2008/05/23 08:50:10 | 000,202,048 | ---- | M] (McAfee, Inc.) -- C:\Program Files\McAfee\Managed VirusScan\Agent\myAgtSvc.exe
PRC - [2008/05/23 08:50:04 | 000,271,680 | ---- | M] (McAfee, Inc.) -- C:\Program Files\McAfee\Managed VirusScan\Agent\myAgtTry.exe
PRC - [2008/05/21 00:47:18 | 000,065,296 | ---- | M] (Bioscrypt Inc.) -- c:\Program Files\Hewlett-Packard\IAM\Bin\asghost.exe
PRC - [2008/05/14 17:55:14 | 000,077,824 | ---- | M] (Hewlett-Packard) -- C:\Program Files\Hewlett-Packard\File Sanitizer\HPFSService.exe
PRC - [2008/05/13 23:47:28 | 000,727,592 | ---- | M] (Broadcom Corporation.) -- C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe
PRC - [2008/05/12 13:28:12 | 000,576,024 | ---- | M] (PDF Complete Inc) -- C:\Program Files\PDF Complete\pdfsvc.exe
PRC - [2008/04/28 23:18:04 | 000,013,632 | ---- | M] (McAfee, Inc.) -- C:\Program Files\McAfee\Managed VirusScan\VScan\EngineServer.exe
PRC - [2008/01/21 02:33:24 | 000,117,248 | ---- | M] () -- \\?\C:\windows\System32\wbem\WMIADAP.EXE
PRC - [2007/12/11 12:15:04 | 000,012,800 | ---- | M] (Agere Systems) -- C:\Windows\System32\agrsmsvc.exe
PRC - [2007/10/19 07:28:24 | 000,086,016 | ---- | M] (Andrea Electronics Corporation) -- C:\Windows\System32\AEADISRV.EXE
PRC - [2007/08/28 20:07:32 | 000,036,640 | ---- | M] () -- C:\Program Files\SiteAdvisor\6173\SiteAdv.exe
PRC - [2007/05/23 22:30:32 | 000,841,256 | ---- | M] (McAfee, Inc.) -- C:\Program Files\McAfee\MPF\MpfSrv.exe
PRC - [2007/05/15 23:08:40 | 000,182,576 | ---- | M] (ActivIdentity) -- c:\Program Files\ActivIdentity\ActivClient\accoca.exe
PRC - [2007/05/15 23:08:38 | 000,095,024 | ---- | M] (ActivIdentity) -- c:\Program Files\ActivIdentity\ActivClient\acevents.exe
PRC - [2007/05/15 23:08:08 | 000,293,168 | ---- | M] (ActivIdentity) -- C:\Program Files\ActivIdentity\ActivClient\accrdsub.exe
PRC - [2007/02/13 19:09:12 | 000,540,776 | ---- | M] (McAfee, Inc.) -- C:\Program Files\Common Files\McAfee\HackerWatch\HWAPI.exe
PRC - [2007/01/05 02:48:52 | 000,112,152 | R--- | M] (InterVideo) -- C:\Program Files\Common Files\InterVideo\RegMgr\iviRegMgr.exe

[color=#E56717]========== Modules (No Company Name) ==========[/color]

MOD - [2013/10/09 00:02:43 | 000,415,184 | ---- | M] () -- C:\Program Files\Google\Chrome\Application\30.0.1599.101\ppgooglenaclpluginchrome.dll
MOD - [2013/10/09 00:02:42 | 013,584,336 | ---- | M] () -- C:\Program Files\Google\Chrome\Application\30.0.1599.101\PepperFlash\pepflashplayer.dll
MOD - [2013/10/09 00:02:41 | 004,055,504 | ---- | M] () -- C:\Program Files\Google\Chrome\Application\30.0.1599.101\pdf.dll
MOD - [2013/10/09 00:01:47 | 001,604,560 | ---- | M] () -- C:\Program Files\Google\Chrome\Application\30.0.1599.101\ffmpegsumo.dll
MOD - [2013/05/12 21:13:55 | 001,218,560 | ---- | M] () -- C:\windows\assembly\NativeImages_v4.0.30319_32\System.Management\71aec26781d7e59678f478eb0d829cca\System.Management.ni.dll
MOD - [2013/05/12 21:11:35 | 000,786,944 | ---- | M] () -- C:\windows\assembly\NativeImages_v4.0.30319_32\System.EnterpriseSe#\b4b3499aefaf0be2481e26bf1b3cf05c\System.EnterpriseServices.ni.dll
MOD - [2013/05/12 21:11:35 | 000,236,032 | ---- | M] () -- C:\windows\assembly\NativeImages_v4.0.30319_32\System.EnterpriseSe#\b4b3499aefaf0be2481e26bf1b3cf05c\System.EnterpriseServices.Wrapper.dll
MOD - [2013/05/12 21:11:34 | 000,646,656 | ---- | M] () -- C:\windows\assembly\NativeImages_v4.0.30319_32\System.Transactions\05cdc2d6fb30991b33e4d8c275a3ef7c\System.Transactions.ni.dll
MOD - [2013/05/12 21:11:31 | 002,637,312 | ---- | M] () -- C:\windows\assembly\NativeImages_v4.0.30319_32\System.Runtime.Seri#\933c05c80f64460a6c332ead830b4313\System.Runtime.Serialization.ni.dll
MOD - [2013/05/12 21:11:26 | 001,781,760 | ---- | M] () -- C:\windows\assembly\NativeImages_v4.0.30319_32\System.Xaml\bc3b4596da878455664b10f8f5a3eea9\System.Xaml.ni.dll
MOD - [2013/05/12 19:08:03 | 000,284,160 | ---- | M] () -- C:\windows\assembly\NativeImages_v4.0.30319_32\PresentationFramewo#\e4d910883d184867c46cbd22e55335bd\PresentationFramework.Classic.ni.dll
MOD - [2013/05/12 19:07:52 | 013,137,920 | ---- | M] () -- C:\windows\assembly\NativeImages_v4.0.30319_32\System.Windows.Forms\81408cc3ba17ae98c1977f435a491e00\System.Windows.Forms.ni.dll
MOD - [2013/05/12 19:07:25 | 017,671,168 | ---- | M] () -- C:\windows\assembly\NativeImages_v4.0.30319_32\PresentationFramewo#\ff91a03e0ff9f9885b735db6734d568c\PresentationFramework.ni.dll
MOD - [2013/05/12 19:07:00 | 011,106,816 | ---- | M] () -- C:\windows\assembly\NativeImages_v4.0.30319_32\PresentationCore\942925bd6f724122cb4b3c71acbdcb04\PresentationCore.ni.dll
MOD - [2013/05/12 19:06:43 | 003,798,016 | ---- | M] () -- C:\windows\assembly\NativeImages_v4.0.30319_32\WindowsBase\39ad17570cd9b350f3191c46af747f0a\WindowsBase.ni.dll
MOD - [2013/05/12 19:06:28 | 006,798,336 | ---- | M] () -- C:\windows\assembly\NativeImages_v4.0.30319_32\System.Data\9fea2a740d10da358757079ce9a25a8e\System.Data.ni.dll
MOD - [2013/05/12 19:05:56 | 005,618,176 | ---- | M] () -- C:\windows\assembly\NativeImages_v4.0.30319_32\System.Xml\ccaccea2516d5479f2267ed40ad51f2c\System.Xml.ni.dll
MOD - [2013/05/12 19:05:47 | 000,980,480 | ---- | M] () -- C:\windows\assembly\NativeImages_v4.0.30319_32\System.Configuration\666c9ef4162700495e504025c20caacd\System.Configuration.ni.dll
MOD - [2013/05/12 19:05:41 | 007,054,336 | ---- | M] () -- C:\windows\assembly\NativeImages_v4.0.30319_32\System.Core\ca04626157aebf0f25378a2489d08d00\System.Core.ni.dll
MOD - [2013/05/12 19:05:29 | 001,652,736 | ---- | M] () -- C:\windows\assembly\NativeImages_v4.0.30319_32\System.Drawing\5b5dbf8a469be467c6f3a1ef97ff22cd\System.Drawing.ni.dll
MOD - [2013/05/12 19:05:24 | 009,085,440 | ---- | M] () -- C:\windows\assembly\NativeImages_v4.0.30319_32\System\4532468deac0fdeff26329333c7642b6\System.ni.dll
MOD - [2013/05/12 18:43:17 | 014,408,704 | ---- | M] () -- C:\windows\assembly\NativeImages_v4.0.30319_32\mscorlib\dc0b188b244ec4a4ccec59ac6f1620ad\mscorlib.ni.dll
MOD - [2012/04/26 22:38:30 | 020,758,016 | ---- | M] () -- C:\Users\iza\AppData\Local\GamersFirst\LIVE!\libcef.dll
MOD - [2008/05/21 11:48:56 | 000,024,576 | ---- | M] () -- C:\Program Files\McAfee\Managed VirusScan\Agent\Res\0409\AgtRes_l.dll
MOD - [2008/05/21 09:38:12 | 000,159,744 | ---- | M] () -- C:\Windows\System32\atitmmxx.dll
MOD - [2008/05/13 23:40:50 | 000,126,976 | ---- | M] () -- C:\Program Files\WIDCOMM\Bluetooth Software\BTKeyInd.dll
MOD - [2007/08/28 20:07:32 | 000,036,640 | ---- | M] () -- C:\Program Files\SiteAdvisor\6173\SiteAdv.exe
MOD - [2007/08/28 20:06:54 | 000,910,624 | ---- | M] () -- C:\Program Files\SiteAdvisor\6173\SiteAdv.dll

[color=#E56717]========== Services (SafeList) ==========[/color]

SRV - [2013/10/01 12:14:40 | 005,087,584 | ---- | M] (TeamViewer GmbH) [Auto | Running] -- C:\Program Files\TeamViewer\Version8\TeamViewer_Service.exe -- (TeamViewer8)
SRV - [2013/09/06 20:55:40 | 000,565,672 | ---- | M] (Valve Corporation) [On_Demand | Stopped] -- C:\Program Files\Common Files\Steam\SteamService.exe -- (Steam Client Service)
SRV - [2013/05/02 04:53:14 | 000,069,792 | ---- | M] (Absolute Software Corp.) [Auto | Running] -- C:\Windows\System32\rpcnet.exe -- (rpcnet)
SRV - [2009/08/24 12:16:12 | 000,378,368 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- winhttp.dll -- (WinHttpAutoProxySvc)
SRV - [2008/07/23 13:55:02 | 000,341,280 | ---- | M] () [Auto | Running] -- C:\Program Files\SiteAdvisor\6173\SAService.exe -- (SiteAdvisor Service)
SRV - [2008/06/02 17:32:16 | 000,018,944 | ---- | M] (Hewlett-Packard Development Company, L.P) [Auto | Running] -- c:\Program Files\Hewlett-Packard\HP ProtectTools Security Manager\PTChangeFilterService.exe -- (HP ProtectTools Service)
SRV - [2008/05/30 16:36:20 | 000,256,512 | ---- | M] (SafeBoot International) [Auto | Running] -- c:\Program Files\Hewlett-Packard\Drive Encryption\HpFkCrypt.exe -- (HpFkCryptService)
SRV - [2008/05/23 08:50:10 | 000,202,048 | ---- | M] (McAfee, Inc.) [Auto | Running] -- C:\Program Files\McAfee\Managed VirusScan\Agent\myAgtSvc.Exe -- (myAgtSvc)
SRV - [2008/05/21 00:42:40 | 000,111,888 | ---- | M] (Bioscrypt Inc.) [Auto | Running] -- c:\Program Files\Hewlett-Packard\IAM\Bin\ASWLNPkg.dll -- (ASBroker)
SRV - [2008/05/21 00:42:34 | 000,137,488 | ---- | M] (Bioscrypt Inc.) [Auto | Running] -- c:\Program Files\Hewlett-Packard\IAM\Bin\ASChnl.dll -- (ASChannel)
SRV - [2008/05/14 17:55:14 | 000,077,824 | ---- | M] (Hewlett-Packard) [Auto | Running] -- C:\Program Files\Hewlett-Packard\File Sanitizer\HPFSService.exe -- (HPFSService)
SRV - [2008/05/12 13:28:12 | 000,576,024 | ---- | M] (PDF Complete Inc) [Auto | Running] -- C:\Program Files\PDF Complete\pdfsvc.exe -- (pdfcDispatcher)
SRV - [2008/04/28 23:21:28 | 000,144,704 | ---- | M] (McAfee, Inc.) [On_Demand | Stopped] -- C:\Program Files\McAfee\Managed VirusScan\VScan\McShield.exe -- (McShield)
SRV - [2008/04/28 23:18:04 | 000,013,632 | ---- | M] (McAfee, Inc.) [Auto | Running] -- C:\Program Files\McAfee\Managed VirusScan\VScan\EngineServer.exe -- (EngineServer)
SRV - [2008/01/21 02:33:00 | 000,272,952 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV - [2007/12/11 12:15:04 | 000,012,800 | ---- | M] (Agere Systems) [Auto | Running] -- C:\Windows\System32\agrsmsvc.exe -- (AgereModemAudio)
SRV - [2007/10/19 07:28:24 | 000,086,016 | ---- | M] (Andrea Electronics Corporation) [Auto | Running] -- C:\Windows\System32\AEADISRV.EXE -- (AEADIFilters)
SRV - [2007/05/23 22:30:32 | 000,841,256 | ---- | M] (McAfee, Inc.) [Auto | Running] -- C:\Program Files\McAfee\MPF\MpfSrv.exe -- (MpfService)
SRV - [2007/05/15 23:08:40 | 000,182,576 | ---- | M] (ActivIdentity) [Auto | Running] -- c:\Program Files\ActivIdentity\ActivClient\accoca.exe -- (accoca)
SRV - [2007/02/13 19:09:12 | 000,540,776 | ---- | M] (McAfee, Inc.) [Auto | Running] -- C:\Program Files\Common Files\McAfee\HackerWatch\HWAPI.exe -- (McAfee HackerWatch Service)
SRV - [2007/01/05 02:48:52 | 000,112,152 | R--- | M] (InterVideo) [Auto | Running] -- C:\Program Files\Common Files\InterVideo\RegMgr\iviRegMgr.exe -- (IviRegMgr)

[color=#E56717]========== Driver Services (SafeList) ==========[/color]

DRV - File not found [Kernel | On_Demand | Stopped] -- C:\windows\system32\XDva404.sys -- (XDva404)
DRV - File not found [Kernel | On_Demand | Stopped] -- C:\windows\system32\XDva403.sys -- (XDva403)
DRV - File not found [Kernel | On_Demand | Stopped] -- C:\windows\system32\XDva401.sys -- (XDva401)
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\nwlnkfwd.sys -- (NwlnkFwd)
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\nwlnkflt.sys -- (NwlnkFlt)
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\ipinip.sys -- (IpInIp)
DRV - File not found [Kernel | On_Demand | Stopped] -- C:\ProgramData\MTA San Andreas All\Common\temp\FairplayKD.sys -- (FairplayKD)
DRV - File not found [Kernel | On_Demand | Stopped] -- C:\windows\system32\drivers\EagleXNt.sys -- (EagleXNt)
DRV - [2013/10/27 21:31:09 | 000,031,744 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Users\iza\AppData\Local\Temp\catchme.sys -- (catchme)
DRV - [2013/10/25 18:05:49 | 000,026,624 | ---- | M] () [Kernel | On_Demand | Unknown] -- C:\Windows\System32\TrueSight.sys -- (TrueSight)
DRV - [2013/08/12 12:51:35 | 000,243,128 | ---- | M] (Disc Soft Ltd) [Kernel | System | Running] -- C:\Windows\System32\drivers\dtsoftbus01.sys -- (dtsoftbus01)
DRV - [2013/07/22 02:19:44 | 000,113,336 | ---- | M] (Power Software Ltd) [Kernel | System | Running] -- C:\windows\System32\drivers\scdemu.sys -- (SCDEmu)
DRV - [2011/11/10 17:32:00 | 000,095,304 | ---- | M] (MotioninJoy) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\MijXfilt.sys -- (MotioninJoyXFilter)
DRV - [2008/05/30 16:37:06 | 000,051,376 | ---- | M] (SafeBoot N.V.) [Kernel | Boot | Running] -- C:\windows\System32\drivers\SbAlg.sys -- (SbAlg)
DRV - [2008/05/30 16:37:02 | 000,012,928 | ---- | M] (SafeBoot International) [File_System | Boot | Running] -- C:\windows\System32\drivers\SbFsLock.sys -- (SbFsLock)
DRV - [2008/05/30 16:37:00 | 000,012,496 | ---- | M] (SafeBoot International) [Kernel | System | Running] -- C:\windows\System32\drivers\rsvlock.sys -- (RsvLock)
DRV - [2008/05/30 16:36:58 | 000,108,752 | ---- | M] () [Kernel | Boot | Running] -- C:\windows\System32\drivers\SafeBoot.sys -- (SafeBoot)
DRV - [2008/05/21 10:35:06 | 003,552,768 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\atikmdag.sys -- (atikmdag)
DRV - [2008/04/28 23:25:00 | 000,055,112 | ---- | M] (McAfee, Inc.) [Kernel | System | Running] -- C:\Windows\System32\drivers\mfetdik.sys -- (mfetdik)
DRV - [2008/04/28 23:23:22 | 000,034,088 | ---- | M] (McAfee, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\MfeRKDK.sys -- (MfeRKDK)
DRV - [2008/04/28 23:22:44 | 000,205,608 | ---- | M] (McAfee, Inc.) [Kernel | System | Running] -- C:\Windows\System32\drivers\mfehidk.sys -- (mfehidk)
DRV - [2008/04/28 23:22:18 | 000,035,240 | ---- | M] (McAfee, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\MfeBOPK.sys -- (MfeBOPK)
DRV - [2008/04/28 23:22:10 | 000,079,560 | ---- | M] (McAfee, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\MfeAVFK.sys -- (MfeAVFK)
DRV - [2008/04/28 09:26:42 | 000,014,352 | ---- | M] (ATI Technologies Inc.) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\AtiPcie.sys -- (AtiPcie)
DRV - [2008/04/14 21:39:06 | 000,009,344 | ---- | M] (Hewlett-Packard Development Company, L.P.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\CPQBttn.sys -- (HBtnKey)
DRV - [2008/04/07 18:13:46 | 000,025,448 | ---- | M] (Hewlett-Packard Corporation) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\hpdskflt.sys -- (hpdskflt)
DRV - [2008/04/07 18:13:42 | 000,034,664 | ---- | M] (Hewlett-Packard Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\Accelerometer.sys -- (Accelerometer)
DRV - [2008/02/29 16:13:38 | 001,202,560 | ---- | M] (Agere Systems) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\AGRSM.sys -- (AgereSoftModem)
DRV - [2008/01/21 02:32:52 | 000,045,624 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\tpm.sys -- (TPM)
DRV - [2007/06/19 00:12:04 | 000,016,768 | ---- | M] (Hewlett-Packard Development Company, L.P.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\HpqKbFiltr.sys -- (HpqKbFiltr)
DRV - [2007/03/02 21:17:34 | 000,120,360 | ---- | M] (McAfee, Inc.) [Kernel | System | Running] -- C:\Windows\System32\drivers\Mpfp.sys -- (MPFP)
DRV - [2005/07/28 07:18:40 | 000,685,056 | ---- | M] (Aladdin Knowledge Systems Ltd.) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\hardlock.sys -- (Hardlock)

[color=#E56717]========== Standard Registry (SafeList) ==========[/color]

[color=#E56717]========== Internet Explorer ==========[/color]

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.google.com
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com
IE - HKLM\..\SearchScopes,DefaultScope =
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.google.com
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.co.uk/
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,StartPageCache = 1
IE - HKCU\..\SearchScopes,DefaultScope =
IE - HKCU\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE - HKCU\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = <local>
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyServer" = localhost:8080

[color=#E56717]========== FireFox ==========[/color]

FF - HKLM\Software\MozillaPlugins\@divx.com/DivX Plus Web Player Plug-In,version=1.0.0: C:\Program Files\DivX\DivX Plus Web Player\npdivx32.dll (DivX, LLC)
FF - HKLM\Software\MozillaPlugins\@divx.com/DivX VOD Helper,version=1.0.0: C:\Program Files\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)
FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.45.2: C:\Program Files\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.45.2: C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files\Microsoft Silverlight\5.1.20913.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: C:\windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@ngm.nexoneu.com/NxGame: C:\ProgramData\NexonEU\NGM\npNxGameEU.dll (Nexon)
FF - HKLM\Software\MozillaPlugins\@pandonetworks.com/PandoWebPlugin: null\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files\Google\Update\1.3.21.165\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files\Google\Update\1.3.21.165\npGoogleUpdate3.dll (Google Inc.)
FF - HKCU\Software\MozillaPlugins\@nsroblox.roblox.com/launcher: C:\Users\iza\AppData\Local\Roblox\Versions\version-8049d9622c164956\\NPRobloxProxy.dll ()
FF - HKCU\Software\MozillaPlugins\@unity3d.com/UnityPlayer,version=1.0: C:\Users\iza\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll (Unity Technologies ApS)
FF - HKCU\Software\MozillaPlugins\pandonetworks.com/PandoWebPlugin: C:\windows\system32\null\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks)

FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{23fcfd51-4958-4f00-80a3-ae97e717ed8b}: C:\Program Files\DivX\DivX Plus Web Player\firefox\DivXHTML5 [2013/05/19 21:22:05 | 000,000,000 | ---D | M]

[2013/10/18 19:51:50 | 000,000,000 | ---D | M] (No name found) -- C:\Users\iza\AppData\Roaming\Mozilla\Extensions
[2013/10/19 19:03:44 | 000,000,000 | ---D | M] (No name found) -- C:\Users\iza\AppData\Roaming\Mozilla\Firefox\Profiles\894786sj.default\extensions
[2013/10/18 21:16:47 | 000,007,523 | ---- | M] () (No name found) -- C:\Users\iza\AppData\Roaming\Mozilla\Firefox\Profiles\894786sj.default\extensions\firefox@glindorus.net.xpi
[2013/10/18 17:41:43 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\browser\extensions
[2013/10/18 17:41:44 | 000,000,000 | ---D | M] (Default) -- C:\Program Files\Mozilla Firefox\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}

[color=#E56717]========== Chrome ==========[/color]

CHR - default_search_provider: Google (Enabled)
CHR - default_search_provider: search_url = {google:baseURL}search?q={searchTerms}&{google:RLZ}{google:originalQueryForSuggestion}{google:assistedQueryStats}{google:searchFieldtrialParameter}{google:searchClient}{google:sourceId}{google:instantExtendedEnabledParameter}{google:omniboxStartMarginParameter}ie={inputEncoding}
CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client={google:suggestClient}&q={searchTerms}&{google:cursorPosition}{google:zeroPrefixUrl}{google:pageClassification}sugkey={google:suggestAPIKeyParameter},
CHR - homepage:
CHR - plugin: Shockwave Flash (Enabled) = C:\Users\iza\AppData\Local\Google\Chrome\User Data\PepperFlash\11.9.900.117\pepflashplayer.dll
CHR - plugin: Chrome Remote Desktop Viewer (Disabled) = internal-remoting-viewer
CHR - plugin: Native Client (Disabled) = C:\Program Files\Google\Chrome\Application\30.0.1599.101\ppGoogleNaClPluginChrome.dll
CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Program Files\Google\Chrome\Application\30.0.1599.101\pdf.dll
CHR - plugin: DivX VOD Helper Plug-in (Disabled) = C:\Program Files\DivX\DivX OVS Helper\npovshelper.dll
CHR - plugin: DivX Plus Web Player (Enabled) = C:\Program Files\DivX\DivX Plus Web Player\npdivx32.dll
CHR - plugin: Google Update (Enabled) = C:\Program Files\Google\Update\1.3.21.165\npGoogleUpdate3.dll
CHR - plugin: Nexon Game Controller (Disabled) = C:\ProgramData\NexonEU\NGM\npNxGameEU.dll
CHR - plugin: Unity Player (Disabled) = C:\Users\iza\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll
CHR - plugin: Roblox Launcher Plugin (Disabled) = C:\Users\iza\AppData\Local\Roblox\Versions\version-8049d9622c164956\\NPRobloxProxy.dll
CHR - plugin: Windows Presentation Foundation (Disabled) = C:\windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll
CHR - plugin: Shockwave for Director (Disabled) = C:\windows\system32\Adobe\Director\np32dsw_1204144.dll
CHR - plugin: Silverlight Plug-In (Disabled) = c:\Program Files\Microsoft Silverlight\5.1.20913.0\npctrl.dll
CHR - Extension: DowwnLoad keeeper = C:\Users\iza\AppData\Local\Google\Chrome\User Data\Default\Extensions\afjpmfombidbiadoceeionjfpafodhni\1.6\
CHR - Extension: Google Docs = C:\Users\iza\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake\0.5_0\
CHR - Extension: Google Drive = C:\Users\iza\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\6.3_0\
CHR - Extension: YouTube = C:\Users\iza\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.6_0\
CHR - Extension: Google Search = C:\Users\iza\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.20_0\
CHR - Extension: Tampermonkey = C:\Users\iza\AppData\Local\Google\Chrome\User Data\Default\Extensions\dhdgffkkebhmkfjojejmpbldmpobfkfo\3.5.3630.66_0\
CHR - Extension: Hide My Ass = C:\Users\iza\AppData\Local\Google\Chrome\User Data\Default\Extensions\jmjonpeiaiacbgfgemlchebljmfgjnmh\3.7_0\
CHR - Extension: DivX Plus Web Player HTML5 \u003Cvideo\u003E = C:\Users\iza\AppData\Local\Google\Chrome\User Data\Default\Extensions\nneajnkjbffgblleaoojgaacokifdkhm\2.1.2.172_0\
CHR - Extension: Temple Run 2 HD NEW = C:\Users\iza\AppData\Local\Google\Chrome\User Data\Default\Extensions\oonebondjnigdjfehefgmjbhglbcblao\1.0_0\
CHR - Extension: Gmail = C:\Users\iza\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0\

O1 HOSTS File: ([2006/09/18 21:41:30 | 000,000,761 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O1 - Hosts: ::1 localhost
O2 - BHO: (Reg Error: Value error.) - {089FD14D-132B-48FC-8861-0048AE113215} - C:\Program Files\SiteAdvisor\6173\SiteAdv.dll ()
O2 - BHO: (BHO_Startup Class) - {3134413B-49B4-425C-98A5-893C1F195601} - C:\Program Files\Hewlett-Packard\File Sanitizer\IEBHO.dll (Hewlett-Packard)
O2 - BHO: (DivX Plus Web Player HTML5 <video>) - {326E768D-4182-46FD-9C16-1449A49795F4} - C:\Program Files\DivX\DivX Plus Web Player\ie\DivXHTML5\DivXHTML5.dll (DivX, LLC)
O2 - BHO: (DowwnLoad keeeper) - {39F5029A-459C-A08C-BF8A-625FBE476B83} - C:\ProgramData\DowwnLoad keeeper\Jt6Rwqk.dll File not found
O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
O2 - BHO: (AOL Toolbar BHO) - {7C554162-8CB7-45A4-B8F4-8EA1C75885F9} - C:\Program Files\AOL\AOL Toolbar 5.0\aoltb.dll (AOL LLC)
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - No CLSID value found.
O2 - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
O2 - BHO: (Credential Manager for HP ProtectTools) - {DF21F1DB-80C6-11D3-9483-B03D0EC10000} - c:\Program Files\Hewlett-Packard\IAM\Bin\ItIEAddIn.dll (Bioscrypt Inc.)
O3 - HKLM\..\Toolbar: (McAfee SiteAdvisor) - {0BF43445-2F28-4351-9252-17FE6E806AA0} - C:\Program Files\SiteAdvisor\6173\SiteAdv.dll ()
O3 - HKLM\..\Toolbar: (AOL Toolbar) - {DE9C389F-3316-41A7-809B-AA305ED9D922} - C:\Program Files\AOL\AOL Toolbar 5.0\aoltb.dll (AOL LLC)
O3 - HKCU\..\Toolbar\WebBrowser: (AOL Toolbar) - {DE9C389F-3316-41A7-809B-AA305ED9D922} - C:\Program Files\AOL\AOL Toolbar 5.0\aoltb.dll (AOL LLC)
O4 - HKLM..\Run: [] File not found
O4 - HKLM..\Run: [accrdsub] c:\Program Files\ActivIdentity\ActivClient\accrdsub.exe (ActivIdentity)
O4 - HKLM..\Run: [Aeria Ignite] C:\Program Files\Aeria Games\Ignite\aeriaignite.exe (Aeria Games & Entertainment)
O4 - HKLM..\Run: [CognizanceTS] c:\Program Files\Hewlett-Packard\IAM\Bin\ASTSVCC.dll (Bioscrypt Inc.)
O4 - HKLM..\Run: [McAfee Managed Services Tray] C:\Program Files\McAfee\Managed VirusScan\Agent\StartMyAgtTry.exe (McAfee, Inc.)
O4 - HKLM..\Run: [MVS Splash] C:\Program Files\McAfee\Managed VirusScan\Agent\Splash.Exe (McAfee, Inc.)
O4 - HKLM..\Run: [PDF Complete] C:\Program Files\PDF Complete\pdfsty.exe (PDF Complete Inc)
O4 - HKLM..\Run: [SiteAdvisor] C:\Program Files\SiteAdvisor\6173\SiteAdv.exe ()
O4 - HKLM..\Run: [SoundMAX] C:\Program Files\Analog Devices\SoundMAX\soundmax.exe (Analog Devices, Inc.)
O4 - HKLM..\Run: [WatchDog] C:\Program Files\InterVideo\DVD Check\DVDCheck.exe (InterVideo Inc.)
O4 - HKLM..\Run: [Windows Defender] C:\Program Files\Windows Defender\MSASCui.exe (Microsoft Corporation)
O4 - HKCU..\Run: [Akamai NetSession Interface] File not found
O4 - HKCU..\Run: [Pando Media Booster] null\Pando Networks\Media Booster\PMB.exe ()
O4 - HKCU..\Run: [WindowsWelcomeCenter] C:\windows\System32\oobefldr.dll (Microsoft Corporation)
O4 - Startup: C:\Users\iza\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\GamersFirst LIVE!.lnk = C:\Users\iza\AppData\Local\GamersFirst\LIVE!\Live.exe (GamersFirst)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLUA = 0
O8 - Extra context menu item: &AOL Toolbar Search - C:\ProgramData\AOL\ieToolbar\resources\en-GB\local\search.html ()
O8 - Extra context menu item: Send image to &Bluetooth Device... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm ()
O8 - Extra context menu item: Send page to &Bluetooth Device... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
O9 - Extra Button: @btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
O9 - Extra 'Tools' menuitem : @btrez.dll,-12650 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
O13 - gopher Prefix: missing
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 194.168.4.100 194.168.8.100
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{4D22213C-7E51-4A42-AA09-6637DB2300FD}: DhcpNameServer = 194.168.4.100 194.168.8.100
O18 - Protocol\Handler\myrm {4D034FC3-013F-4b95-B544-44D49ABE3E76} - C:\Program Files\McAfee\Managed VirusScan\Agent\myRmProt4.9.0.316.dll (McAfee, Inc.)
O18 - Protocol\Handler\siteadvisor {3A5DC592-7723-4EAA-9EE6-AF4222BCF879} - C:\Program Files\SiteAdvisor\6173\SiteAdv.dll ()
O18 - Protocol\Filter\application/octet-stream {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - mscoree.dll (Microsoft Corporation)
O18 - Protocol\Filter\application/x-complus {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - mscoree.dll (Microsoft Corporation)
O18 - Protocol\Filter\application/x-msdownload {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - mscoree.dll (Microsoft Corporation)
O20 - AppInit_DLLs: (C:\Windows\System32\APSHook.dll) - C:\Windows\System32\APSHook.dll (Bioscrypt Inc.)
O20 - AppInit_DLLs: (APSHook.dll) - APSHook.dll (Bioscrypt Inc.)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\windows\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\System32\userinit.exe (Microsoft Corporation)
O24 - Desktop WallPaper: C:\Users\iza\AppData\Roaming\Microsoft\Windows Photo Gallery\Windows Photo Gallery Wallpaper.jpg
O24 - Desktop BackupWallPaper: C:\Users\iza\AppData\Roaming\Microsoft\Windows Photo Gallery\Windows Photo Gallery Wallpaper.jpg
O29 - HKLM SecurityProviders - (credssp.dll) - credssp.dll (Microsoft Corporation)
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2004/02/17 10:37:31 | 000,000,034 | R--- | M] () - E:\AUTORUN.INF -- [ CDFS ]
O33 - MountPoints2\{453b8ec8-b2af-11e2-a02c-806e6f6e6963}\Shell - "" = AutoRun
O33 - MountPoints2\{453b8ec8-b2af-11e2-a02c-806e6f6e6963}\Shell\AutoRun\command - "" = E:\SUPERCD.EXE -- [2004/02/17 10:37:50 | 000,088,299 | R--- | M] ()
O34 - HKLM BootExecute: (autocheck autochk *)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)

[color=#E56717]========== Files/Folders - Created Within 30 Days ==========[/color]

[2013/10/28 19:48:27 | 000,000,000 | ---D | C] -- C:\Users\iza\AppData\Local\PAYDAY
[2013/10/28 19:28:53 | 000,000,000 | ---D | C] -- C:\Users\iza\Desktop\Payday The Heist
[2013/10/28 00:10:49 | 000,000,000 | ---D | C] -- C:\Program Files\Trend Micro
[2013/10/28 00:10:49 | 000,000,000 | ---D | C] -- C:\Users\iza\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\HiJackThis
[2013/10/28 00:08:40 | 000,000,000 | ---D | C] -- C:\windows\Sun
[2013/10/28 00:07:37 | 000,000,000 | ---D | C] -- C:\ProgramData\Oracle
[2013/10/28 00:07:14 | 000,000,000 | ---D | C] -- C:\ProgramData\Sun
[2013/10/28 00:07:14 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Java
[2013/10/28 00:07:01 | 000,264,616 | ---- | C] (Oracle Corporation) -- C:\windows\System32\javaws.exe
[2013/10/28 00:06:46 | 000,175,016 | ---- | C] (Oracle Corporation) -- C:\windows\System32\javaw.exe
[2013/10/28 00:06:46 | 000,174,504 | ---- | C] (Oracle Corporation) -- C:\windows\System32\java.exe
[2013/10/28 00:06:46 | 000,094,632 | ---- | C] (Oracle Corporation) -- C:\windows\System32\WindowsAccessBridge.dll
[2013/10/28 00:06:46 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
[2013/10/27 21:34:42 | 000,000,000 | ---D | C] -- C:\windows\Minidump
[2013/10/27 21:33:59 | 000,000,000 | -HSD | C] -- C:\$RECYCLE.BIN
[2013/10/27 21:27:42 | 000,518,144 | ---- | C] (SteelWerX) -- C:\windows\SWREG.exe
[2013/10/27 21:27:42 | 000,406,528 | ---- | C] (SteelWerX) -- C:\windows\SWSC.exe
[2013/10/27 21:27:42 | 000,060,416 | ---- | C] (NirSoft) -- C:\windows\NIRCMD.exe
[2013/10/27 21:27:34 | 000,000,000 | --SD | C] -- C:\ComboFix
[2013/10/27 21:26:27 | 000,000,000 | ---D | C] -- C:\Users\iza\Documents\ProcAlyzer Dumps
[2013/10/27 21:20:47 | 000,000,000 | ---D | C] -- C:\Qoobox
[2013/10/27 21:19:31 | 000,000,000 | ---D | C] -- C:\windows\erdnt
[2013/10/25 18:21:38 | 000,000,000 | ---D | C] -- C:\_OTL
[2013/10/25 18:03:05 | 000,000,000 | ---D | C] -- C:\Users\iza\Desktop\RK_Quarantine
[2013/10/24 21:50:56 | 000,000,000 | ---D | C] -- C:\windows\ERUNT
[2013/10/24 21:33:29 | 000,000,000 | ---D | C] -- C:\AdwCleaner
[2013/10/20 15:58:33 | 000,000,000 | ---D | C] -- C:\Users\iza\AppData\Roaming\Anvisoft
[2013/10/20 15:58:17 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Anvisoft
[2013/10/20 15:58:16 | 000,000,000 | ---D | C] -- C:\ProgramData\Anvisoft
[2013/10/20 15:57:56 | 000,000,000 | ---D | C] -- C:\Program Files\Anvisoft
[2013/10/19 19:37:13 | 000,000,000 | ---D | C] -- C:\Users\iza\AppData\Roaming\AVAST Software
[2013/10/19 19:31:44 | 000,000,000 | ---D | C] -- C:\Program Files\AVAST Software
[2013/10/19 19:30:21 | 000,000,000 | ---D | C] -- C:\Users\iza\AppData\Local\MFAData
[2013/10/19 19:30:21 | 000,000,000 | ---D | C] -- C:\ProgramData\MFAData
[2013/10/19 19:30:21 | 000,000,000 | ---D | C] -- C:\ProgramData\Common Files
[2013/10/19 19:30:21 | 000,000,000 | ---D | C] -- C:\Users\iza\AppData\Local\Avg2014
[2013/10/19 19:28:43 | 000,000,000 | ---D | C] -- C:\ProgramData\AVAST Software
[2013/10/18 17:53:07 | 000,000,000 | ---D | C] -- C:\Users\iza\AppData\Roaming\Mozilla
[2013/10/18 17:53:07 | 000,000,000 | ---D | C] -- C:\Users\iza\AppData\Local\Mozilla
[2013/10/18 17:42:00 | 000,000,000 | ---D | C] -- C:\ProgramData\Mozilla
[2013/10/18 17:41:34 | 000,000,000 | ---D | C] -- C:\Program Files\Mozilla Firefox
[2013/10/17 21:19:29 | 000,000,000 | ---D | C] -- C:\Program Files\Bohemia Interactive
[2013/10/17 20:57:00 | 000,000,000 | ---D | C] -- C:\Program Files\ESET
[2013/10/16 17:36:45 | 000,000,000 | ---D | C] -- C:\windows\System32\Adobe
[2013/10/16 14:57:00 | 000,000,000 | ---D | C] -- C:\Users\iza\Documents\ArmA 2 Demo
[2013/10/16 14:57:00 | 000,000,000 | ---D | C] -- C:\Users\iza\AppData\Local\ArmA 2 Demo
[2013/10/16 12:28:03 | 000,000,000 | ---D | C] -- C:\Users\iza\.onlineboxing3d
[2013/10/16 12:08:38 | 000,685,056 | ---- | C] (Aladdin Knowledge Systems Ltd.) -- C:\windows\System32\drivers\hardlock.sys
[2013/10/16 12:06:46 | 001,060,864 | --S- | C] (Microsoft Corporation) -- C:\windows\System32\mfc71.dll
[2013/10/15 23:57:19 | 000,000,000 | ---D | C] -- C:\Users\iza\AppData\Local\Spirited_Machine
[2013/10/15 23:10:48 | 000,000,000 | ---D | C] -- C:\Users\iza\AppData\Roaming\Spirited Machine
[2013/10/15 22:58:30 | 000,000,000 | ---D | C] -- C:\Program Files\Spirited Machine
[2013/10/15 22:58:24 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ArmA II Launcher
[2013/10/15 17:37:07 | 000,000,000 | ---D | C] -- C:\Users\iza\Desktop\ARMA 2 Operation Arrowhead
[2013/10/15 12:51:19 | 000,000,000 | ---D | C] -- C:\Users\iza\Documents\ArmA 2 OA Demo
[2013/10/15 12:51:18 | 000,000,000 | ---D | C] -- C:\Users\iza\AppData\Local\ArmA 2 OA DEMO
[2013/10/15 12:05:00 | 000,000,000 | ---D | C] -- C:\Users\iza\AppData\Local\ArmA 2
[2013/10/14 23:28:20 | 000,000,000 | ---D | C] -- C:\Users\iza\Documents\ArmA 2 Other Profiles
[2013/10/14 21:18:28 | 000,000,000 | ---D | C] -- C:\Users\iza\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\ArmA 2
[2013/10/14 16:33:30 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PowerISO
[2013/10/14 16:14:17 | 000,000,000 | ---D | C] -- C:\Program Files\PowerISO
[2013/10/13 21:51:59 | 000,000,000 | ---D | C] -- C:\Users\iza\AppData\Local\ArmA 2 OA
[2013/10/12 21:39:50 | 000,000,000 | ---D | C] -- C:\Users\iza\AppData\Local\CastleMinerZ
[2013/10/12 21:38:40 | 000,000,000 | ---D | C] -- C:\Users\iza\AppData\Local\DigitalDNA Games
[2013/10/12 21:30:33 | 000,000,000 | ---D | C] -- C:\Users\iza\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\DigitalDNA Games
[2013/10/12 21:25:18 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft XNA
[2013/10/12 19:09:15 | 000,000,000 | ---D | C] -- C:\Users\iza\AppData\Local\ArmaAddonSync2009
[2013/10/12 19:08:38 | 000,000,000 | ---D | C] -- C:\Users\iza\AppData\Local\Yoma_Tools
[2013/10/12 19:08:16 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\YomaTools
[2013/10/12 19:08:15 | 000,000,000 | ---D | C] -- C:\Program Files\YomaTools
[2013/10/12 17:27:34 | 000,000,000 | ---D | C] -- C:\Program Files\Quadriga Games
[2013/10/12 12:51:13 | 000,000,000 | ---D | C] -- C:\Users\iza\Desktop\Garry's Mod
[2013/10/11 20:26:21 | 000,000,000 | ---D | C] -- C:\ProgramData\TEMP
[2013/10/11 20:16:13 | 000,000,000 | ---D | C] -- C:\ProgramData\SummerSoft
[2013/10/11 20:15:57 | 000,000,000 | ---D | C] -- C:\Program Files\Ss-Helper
[2013/10/11 20:15:25 | 000,000,000 | ---D | C] -- C:\ProgramData\InstallMate
[2013/10/10 21:26:56 | 000,000,000 | ---D | C] -- C:\ProgramData\Google
[2013/10/10 21:26:55 | 000,000,000 | ---D | C] -- C:\Users\iza\AppData\Roaming\Google
[2013/10/10 21:23:13 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SketchUp 8
[2013/10/10 21:09:34 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Xvid
[2013/10/10 21:09:34 | 000,000,000 | ---D | C] -- C:\Program Files\Xvid
[2013/10/10 19:12:23 | 000,000,000 | ---D | C] -- C:\Users\iza\AppData\Local\Quadriga Games
[2013/10/10 19:12:06 | 000,000,000 | ---D | C] -- C:\Users\iza\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Portable Programs
[2013/10/10 19:12:06 | 000,000,000 | ---D | C] -- C:\Users\iza\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\1-click run
[2013/10/10 18:54:53 | 000,000,000 | ---D | C] -- C:\Program Files\1-click run
[2013/10/08 17:23:28 | 000,000,000 | ---D | C] -- C:\Users\iza\AppData\Roaming\TeamViewer
[2013/10/08 17:18:57 | 000,000,000 | ---D | C] -- C:\Program Files\TeamViewer
[2013/10/06 11:40:48 | 000,000,000 | -HSD | C] -- C:\windows\ftpcache
[2013/10/06 10:21:52 | 000,000,000 | ---D | C] -- C:\Users\iza\AppData\Local\PointBlank
[2013/10/06 00:14:44 | 000,000,000 | ---D | C] -- C:\Program Files\BandiMPEG1
[2013/10/06 00:08:53 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Tahadi Games
[2013/10/06 00:05:51 | 000,000,000 | ---D | C] -- C:\Program Files\Tahadi Games
[2013/10/06 00:02:09 | 000,000,000 | ---D | C] -- C:\Users\iza\AppData\Local\GamersFirst LIVE!
[2013/10/05 23:26:37 | 000,000,000 | ---D | C] -- C:\ProgramData\Nexon
[2013/10/05 23:11:14 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Nexon
[2013/10/05 22:54:05 | 000,000,000 | ---D | C] -- C:\Program Files\Warrock EU
[2013/10/05 22:38:42 | 000,000,000 | ---D | C] -- C:\ProgramData\NexonEU
[2013/10/05 22:33:58 | 000,000,000 | ---D | C] -- C:\Users\iza\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\GamersFirst
[2013/10/05 22:33:44 | 000,000,000 | ---D | C] -- C:\Users\iza\AppData\Local\GamersFirst
[2013/10/05 17:54:48 | 000,000,000 | ---D | C] -- C:\AeriaGames
[2013/10/05 13:04:46 | 000,000,000 | ---D | C] -- C:\Users\iza\AppData\Local\Aeria Games
[2013/10/05 13:02:33 | 000,000,000 | ---D | C] -- C:\Users\iza\AppData\Local\Akamai
[2013/10/05 13:02:18 | 000,000,000 | ---D | C] -- C:\ProgramData\Aeria Games
[2013/10/05 13:01:29 | 000,000,000 | ---D | C] -- C:\Program Files\Aeria Games
[2013/10/05 13:01:25 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AeriaGames
[2013/10/04 22:14:33 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Cheat Engine 5.5
[2013/10/04 22:14:31 | 000,679,936 | ---- | C] (Generated by JEDI) -- C:\windows\System32\D3DX81ab.dll
[2013/10/04 22:14:30 | 000,000,000 | ---D | C] -- C:\Program Files\Cheat Engine
[2013/10/04 22:04:31 | 000,000,000 | ---D | C] -- C:\Users\iza\Documents\My Cheat Tables
[2013/10/04 22:03:19 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Cheat Engine 6.3

[color=#E56717]========== Files - Modified Within 30 Days ==========[/color]

[2013/10/31 18:08:39 | 000,668,940 | ---- | M] () -- C:\windows\System32\perfh009.dat
[2013/10/31 18:08:39 | 000,133,356 | ---- | M] () -- C:\windows\System32\perfc009.dat
[2013/10/31 18:03:14 | 000,003,216 | -H-- | M] () -- C:\windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
[2013/10/31 18:03:14 | 000,003,216 | -H-- | M] () -- C:\windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
[2013/10/31 18:02:57 | 000,000,876 | ---- | M] () -- C:\windows\tasks\GoogleUpdateTaskMachineCore.job
[2013/10/31 18:02:46 | 000,017,408 | ---- | M] () -- C:\windows\System32\rpcnetp.exe
[2013/10/31 18:02:45 | 000,000,360 | ---- | M] () -- C:\windows\tasks\Happy Lyrics Update.job
[2013/10/31 18:02:42 | 000,000,460 | -H-- | M] () -- C:\windows\tasks\OptimizerPro-S-480333868.job
[2013/10/31 18:02:21 | 000,017,408 | ---- | M] () -- C:\windows\System32\rpcnetp.dll
[2013/10/31 18:02:20 | 000,069,792 | ---- | M] (Absolute Software Corp.) -- C:\windows\System32\rpcnet.dll
[2013/10/31 18:02:18 | 008,405,015 | ---- | M] () -- C:\windows\TempFile
[2013/10/31 18:02:07 | 000,067,584 | --S- | M] () -- C:\windows\bootstat.dat
[2013/10/31 00:20:03 | 000,000,880 | ---- | M] () -- C:\windows\tasks\GoogleUpdateTaskMachineUA.job
[2013/10/30 17:39:38 | 000,000,414 | -H-- | M] () -- C:\windows\tasks\User_Feed_Synchronization-{83CD2159-3CC1-4F4F-B7FA-20A7B75D19BE}.job
[2013/10/29 23:14:28 | 000,009,707 | ---- | M] () -- C:\windows\System32\Config.MPF
[2013/10/29 23:14:28 | 000,000,012 | ---- | M] () -- C:\windows\bthservsdp.dat
[2013/10/28 19:46:14 | 000,001,585 | ---- | M] () -- C:\Users\iza\Desktop\Play Payday The Heist.lnk
[2013/10/28 00:10:49 | 000,001,944 | ---- | M] () -- C:\Users\iza\Desktop\HiJackThis.lnk
[2013/10/28 00:06:29 | 000,094,632 | ---- | M] (Oracle Corporation) -- C:\windows\System32\WindowsAccessBridge.dll
[2013/10/28 00:06:27 | 000,264,616 | ---- | M] (Oracle Corporation) -- C:\windows\System32\javaws.exe
[2013/10/28 00:06:27 | 000,175,016 | ---- | M] (Oracle Corporation) -- C:\windows\System32\javaw.exe
[2013/10/28 00:06:27 | 000,174,504 | ---- | M] (Oracle Corporation) -- C:\windows\System32\java.exe
[2013/10/28 00:01:11 | 000,000,079 | ---- | M] () -- C:\windows\wininit.ini
[2013/10/27 21:34:42 | 227,627,570 | ---- | M] () -- C:\windows\MEMORY.DMP
[2013/10/25 18:05:49 | 000,026,624 | ---- | M] () -- C:\windows\System32\TrueSight.sys
[2013/10/20 21:29:55 | 000,002,019 | ---- | M] () -- C:\Users\Public\Desktop\Google Chrome.lnk
[2013/10/18 00:16:54 | 000,335,550 | ---- | M] () -- C:\Users\iza\AppData\Local\census.cache
[2013/10/18 00:16:05 | 000,196,571 | ---- | M] () -- C:\Users\iza\AppData\Local\ars.cache
[2013/10/17 23:08:09 | 000,000,036 | ---- | M] () -- C:\Users\iza\AppData\Local\housecall.guid.cache
[2013/10/16 14:17:32 | 000,070,004 | ---- | M] () -- C:\Users\iza\Desktop\TeenageMutantNinjaPuppets.zip
[2013/10/16 13:50:05 | 000,000,073 | ---- | M] () -- C:\Users\iza\onlineboxing3dgame.properties
[2013/10/16 13:04:25 | 000,000,596 | ---- | M] () -- C:\windows\System32\InstallUtil.InstallLog
[2013/10/15 22:58:34 | 000,002,021 | ---- | M] () -- C:\Users\Public\Desktop\ArmA II Launcher.lnk
[2013/10/14 16:33:31 | 000,000,804 | ---- | M] () -- C:\Users\Public\Desktop\PowerISO.lnk
[2013/10/12 22:35:45 | 011,649,024 | ---- | M] () -- C:\Users\iza\Desktop\ffb7219618e24d57a9a0962c8a3ac9170 (1)
[2013/10/10 21:23:14 | 000,001,902 | ---- | M] () -- C:\Users\Public\Desktop\SketchUp 8.lnk
[2013/10/09 23:57:36 | 000,024,323 | ---- | M] () -- C:\Users\iza\Desktop\1239758_1399579076935295_765875614_n.jpg
[2013/10/09 23:56:16 | 000,043,283 | ---- | M] () -- C:\Users\iza\Desktop\skeleton_middle_finger1.jpg
[2013/10/09 22:34:35 | 000,001,722 | ---- | M] () -- C:\Users\iza\Documents\Default.rdp
[2013/10/09 14:51:16 | 000,383,344 | ---- | M] () -- C:\windows\System32\FNTCACHE.DAT
[2013/10/08 17:19:04 | 000,000,955 | ---- | M] () -- C:\Users\Public\Desktop\TeamViewer 8.lnk
[2013/10/06 00:08:54 | 000,000,983 | ---- | M] () -- C:\Users\Public\Desktop\PointBlank.lnk
[2013/10/05 23:11:15 | 000,000,182 | ---- | M] () -- C:\Users\Public\Desktop\WarRock.url
[2013/10/05 22:33:58 | 000,000,990 | ---- | M] () -- C:\Users\iza\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\GamersFirst LIVE!.lnk
[2013/10/05 22:33:58 | 000,000,960 | ---- | M] () -- C:\Users\iza\Desktop\GamersFirst LIVE!.lnk
[2013/10/05 13:01:30 | 000,001,893 | ---- | M] () -- C:\Users\Public\Desktop\Aeria Ignite.lnk
[2013/10/05 12:48:59 | 000,000,104 | ---- | M] () -- C:\Users\iza\Desktop\Recycle Bin.lnk
[2013/10/04 22:14:33 | 000,000,792 | ---- | M] () -- C:\Users\iza\Desktop\Cheat Engine.lnk

[color=#E56717]========== Files Created - No Company Name ==========[/color]

[2013/10/28 19:46:14 | 000,003,153 | ---- | C] () -- C:\Users\iza\Desktop\visit-nosteam.ro.html
[2013/10/28 19:46:14 | 000,001,585 | ---- | C] () -- C:\Users\iza\Desktop\Play Payday The Heist.lnk
[2013/10/28 19:46:14 | 000,000,083 | ---- | C] () -- C:\Users\iza\Desktop\update-PAYDAY.bat
[2013/10/28 00:10:49 | 000,001,944 | ---- | C] () -- C:\Users\iza\Desktop\HiJackThis.lnk
[2013/10/28 00:00:51 | 000,000,079 | ---- | C] () -- C:\windows\wininit.ini
[2013/10/27 21:32:56 | 227,627,570 | ---- | C] () -- C:\windows\MEMORY.DMP
[2013/10/27 21:27:42 | 000,256,000 | ---- | C] () -- C:\windows\PEV.exe
[2013/10/27 21:27:42 | 000,208,896 | ---- | C] () -- C:\windows\MBR.exe
[2013/10/27 21:27:42 | 000,098,816 | ---- | C] () -- C:\windows\sed.exe
[2013/10/27 21:27:42 | 000,080,412 | ---- | C] () -- C:\windows\grep.exe
[2013/10/27 21:27:42 | 000,068,096 | ---- | C] () -- C:\windows\zip.exe
[2013/10/25 18:05:49 | 000,026,624 | ---- | C] () -- C:\windows\System32\TrueSight.sys
[2013/10/18 00:16:54 | 000,335,550 | ---- | C] () -- C:\Users\iza\AppData\Local\census.cache
[2013/10/18 00:16:05 | 000,196,571 | ---- | C] () -- C:\Users\iza\AppData\Local\ars.cache
[2013/10/17 23:08:09 | 000,000,036 | ---- | C] () -- C:\Users\iza\AppData\Local\housecall.guid.cache
[2013/10/16 14:17:04 | 000,070,004 | ---- | C] () -- C:\Users\iza\Desktop\TeenageMutantNinjaPuppets.zip
[2013/10/16 13:04:10 | 000,000,596 | ---- | C] () -- C:\windows\System32\InstallUtil.InstallLog
[2013/10/16 12:30:39 | 000,000,073 | ---- | C] () -- C:\Users\iza\onlineboxing3dgame.properties
[2013/10/16 12:09:13 | 008,405,015 | ---- | C] () -- C:\windows\TempFile
[2013/10/16 12:06:47 | 000,860,211 | --S- | C] () -- C:\windows\System32\XSIFtk-3.6.2.1.dll
[2013/10/15 22:58:34 | 000,002,021 | ---- | C] () -- C:\Users\Public\Desktop\ArmA II Launcher.lnk
[2013/10/14 16:33:31 | 000,000,804 | ---- | C] () -- C:\Users\Public\Desktop\PowerISO.lnk
[2013/10/12 22:36:05 | 011,649,024 | ---- | C] () -- C:\Users\iza\Desktop\ffb7219618e24d57a9a0962c8a3ac9170 (1)
[2013/10/11 20:16:13 | 000,000,460 | -H-- | C] () -- C:\windows\tasks\OptimizerPro-S-480333868.job
[2013/10/10 21:23:14 | 000,001,902 | ---- | C] () -- C:\Users\Public\Desktop\SketchUp 8.lnk
[2013/10/10 21:09:34 | 000,650,752 | ---- | C] () -- C:\windows\System32\xvidcore.dll
[2013/10/10 21:09:34 | 000,240,640 | ---- | C] () -- C:\windows\System32\xvidvfw.dll
[2013/10/10 21:09:34 | 000,152,064 | ---- | C] () -- C:\windows\System32\xvid.ax
[2013/10/09 23:57:36 | 000,024,323 | ---- | C] () -- C:\Users\iza\Desktop\1239758_1399579076935295_765875614_n.jpg
[2013/10/09 23:56:16 | 000,043,283 | ---- | C] () -- C:\Users\iza\Desktop\skeleton_middle_finger1.jpg
[2013/10/09 22:01:02 | 000,001,722 | ---- | C] () -- C:\Users\iza\Documents\Default.rdp
[2013/10/08 17:19:04 | 000,000,967 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TeamViewer 8.lnk
[2013/10/08 17:19:04 | 000,000,955 | ---- | C] () -- C:\Users\Public\Desktop\TeamViewer 8.lnk
[2013/10/06 00:08:54 | 000,000,983 | ---- | C] () -- C:\Users\Public\Desktop\PointBlank.lnk
[2013/10/05 23:11:15 | 000,000,182 | ---- | C] () -- C:\Users\Public\Desktop\WarRock.url
[2013/10/05 22:33:58 | 000,000,990 | ---- | C] () -- C:\Users\iza\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\GamersFirst LIVE!.lnk
[2013/10/05 22:33:58 | 000,000,960 | ---- | C] () -- C:\Users\iza\Desktop\GamersFirst LIVE!.lnk
[2013/10/05 13:01:30 | 000,001,893 | ---- | C] () -- C:\Users\Public\Desktop\Aeria Ignite.lnk
[2013/10/05 12:48:59 | 000,000,104 | ---- | C] () -- C:\Users\iza\Desktop\Recycle Bin.lnk
[2013/10/04 22:14:33 | 000,000,792 | ---- | C] () -- C:\Users\iza\Desktop\Cheat Engine.lnk
[2013/10/04 22:14:31 | 001,970,176 | ---- | C] () -- C:\windows\System32\d3dx9.dll
[2013/07/22 22:58:58 | 000,000,680 | ---- | C] () -- C:\Users\iza\AppData\Local\d3d9caps.dat
[2013/05/02 11:46:04 | 000,018,904 | ---- | C] () -- C:\windows\System32\StructuredQuerySchemaTrivial.bin
[2013/05/02 11:46:03 | 000,106,605 | ---- | C] () -- C:\windows\System32\StructuredQuerySchema.bin
[2013/05/01 22:39:50 | 000,000,012 | ---- | C] () -- C:\windows\bthservsdp.dat

[color=#E56717]========== ZeroAccess Check ==========[/color]

[2006/11/02 12:51:16 | 000,000,227 | RHS- | M] () -- C:\windows\assembly\Desktop.ini

[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]

[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2011/01/21 15:46:32 | 011,582,464 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2009/03/03 04:36:24 | 000,615,424 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]
"" = %systemroot%\system32\wbem\wbemess.dll -- [2008/01/21 02:33:39 | 000,347,648 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both

[color=#E56717]========== LOP Check ==========[/color]

[2013/09/10 16:18:05 | 000,000,000 | ---D | M] -- C:\Users\iza\AppData\Roaming\.minecraft
[2013/10/27 23:59:28 | 000,000,000 | ---D | M] -- C:\Users\iza\AppData\Roaming\Anvisoft
[2013/10/19 19:37:13 | 000,000,000 | ---D | M] -- C:\Users\iza\AppData\Roaming\AVAST Software
[2013/08/21 20:21:31 | 000,000,000 | ---D | M] -- C:\Users\iza\AppData\Roaming\Bioshock
[2013/08/12 13:19:48 | 000,000,000 | ---D | M] -- C:\Users\iza\AppData\Roaming\DAEMON Tools Lite
[2013/09/06 21:51:51 | 000,000,000 | ---D | M] -- C:\Users\iza\AppData\Roaming\fltk.org
[2013/05/16 16:41:23 | 000,000,000 | ---D | M] -- C:\Users\iza\AppData\Roaming\InterVideo
[2013/09/19 15:04:32 | 000,000,000 | ---D | M] -- C:\Users\iza\AppData\Roaming\MotioninJoy
[2013/08/27 14:18:15 | 000,000,000 | ---D | M] -- C:\Users\iza\AppData\Roaming\MW3 FoV Changer
[2013/10/15 23:10:48 | 000,000,000 | ---D | M] -- C:\Users\iza\AppData\Roaming\Spirited Machine
[2013/10/09 21:45:25 | 000,000,000 | ---D | M] -- C:\Users\iza\AppData\Roaming\TeamViewer
[2013/10/24 21:39:40 | 000,000,000 | ---D | M] -- C:\Users\iza\AppData\Roaming\Uniblue
[2013/05/18 15:40:19 | 000,000,000 | ---D | M] -- C:\Users\iza\AppData\Roaming\Unity
[2013/10/28 20:20:18 | 000,000,000 | ---D | M] -- C:\Users\iza\AppData\Roaming\uTorrent

[color=#E56717]========== Purity Check ==========[/color]

[color=#E56717]========== Alternate Data Streams ==========[/color]

@Alternate Data Stream - 40 bytes -> C:\ProgramData\MTA San Andreas All:NT
@Alternate Data Stream - 40 bytes -> C:\ProgramData:NT
@Alternate Data Stream - 120 bytes -> C:\ProgramData\TEMP:373E1720

< End of report >

OTL Extras logfile created on: 31/10/2013 18:08:04 - Run 2
OTL by OldTimer - Version 3.2.69.0 Folder = c:\Users\iza\Downloads
Windows Vista Home Basic Edition Service Pack 1 (Version = 6.0.6001) - Type = NTWorkstation
Internet Explorer (Version = 7.0.6001.18000)
Locale: 00000809 | Country: United Kingdom | Language: ENG | Date Format: dd/MM/yyyy

1.75 Gb Total Physical Memory | 0.61 Gb Available Physical Memory | 35.04% Memory free
3.74 Gb Paging File | 2.33 Gb Available in Paging File | 62.16% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\windows | %ProgramFiles% = C:\Program Files
Drive C: | 139.05 Gb Total Space | 42.01 Gb Free Space | 30.22% Space Free | Partition Type: NTFS
Drive D: | 9.00 Gb Total Space | 1.86 Gb Free Space | 20.62% Space Free | Partition Type: NTFS
Drive E: | 695.53 Mb Total Space | 0.00 Mb Free Space | 0.00% Space Free | Partition Type: CDFS
Drive F: | 1020.00 Mb Total Space | 1017.74 Mb Free Space | 99.78% Space Free | Partition Type: FAT32

Computer Name: IZA-PC | User Name: iza | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

[color=#E56717]========== Extra Registry (SafeList) ==========[/color]

[color=#E56717]========== File Associations ==========[/color]

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*
.hlp [@ = hlpfile] -- C:\windows\winhlp32.exe (Microsoft Corporation)
.url [@ = InternetShortcut] -- rundll32.exe ieframe.dll,OpenURL %l

[HKEY_CURRENT_USER\SOFTWARE\Classes\<extension>]
.html [@ = ChromeHTML] -- Reg Error: Key error. File not found

[color=#E56717]========== Shell Spawning ==========[/color]

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
hlpfile [open] -- %SystemRoot%\winhlp32.exe %1 (Microsoft Corporation)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
InternetShortcut [open] -- rundll32.exe ieframe.dll,OpenURL %l
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe /separate,/idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /separate,/e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

[color=#E56717]========== Security Center Settings ==========[/color]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeAntiSpyware]
"DisableMonitoring" = 1

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeAntiVirus]
"DisableMonitoring" = 1

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeFirewall]
"DisableMonitoring" = 1

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
"VistaSp1" = Reg Error: Unknown registry data type -- File not found

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]

[color=#E56717]========== System Restore Settings ==========[/color]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"DisableSR" = 0

[color=#E56717]========== Firewall Settings ==========[/color]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0
"DefaultOutboundAction" = 0
"DefaultInboundAction" = 1

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0
"DefaultOutboundAction" = 0
"DefaultInboundAction" = 1

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0

[color=#E56717]========== Authorized Applications List ==========[/color]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]

[color=#E56717]========== Vista Active Open Ports Exception List ==========[/color]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{44511208-0329-4EC5-B367-5574C3138068}" = lport=6004 | protocol=17 | dir=in | app=c:\program files\microsoft office\office12\outlook.exe |
"{64EF3FBE-7897-4AB3-807C-D19D9B18B28E}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=svchost.exe |
"{D70C6D2D-14AF-4688-A726-13381EBD1859}" = lport=808 | protocol=6 | dir=in | svc=nettcpactivator | app=c:\windows\microsoft.net\framework\v4.0.30319\smsvchost.exe |
"{D7B989A0-A624-4134-ACF1-B4D70248E3B7}" = lport=2869 | protocol=6 | dir=in | app=system |

[color=#E56717]========== Vista Active Application Exception List ==========[/color]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{0969ED13-2E1B-4639-AFCF-A91C0464538F}" = protocol=6 | dir=in | app=c:\program files\bohemia interactive\arma 2 demo\arma2demo.exe |
"{130A7EA5-D20F-43E2-9262-8A62C596D310}" = protocol=6 | dir=in | app=c:\users\iza\desktop\downloaded games\utorrent.exe |
"{235E93EE-F6F2-49D8-8513-CEC62B0E3A01}" = protocol=6 | dir=in | app=c:\program files\bohemia interactive\arma 2 free\arma2free.exe |
"{3431F158-217E-4C73-9C38-2BD53873285B}" = protocol=17 | dir=in | app=c:\program files\bohemia interactive\arma 2 demo\arma2demo.exe |
"{37D148B0-2673-4302-946C-7E478B885F17}" = protocol=6 | dir=in | app=c:\program files\steam\steamapps\common\arma 2 operation arrowhead demo\arma2oa_demo.exe |
"{3DC94B2B-9DCC-4583-8CD3-CED11F52F370}" = protocol=6 | dir=in | app=c:\program files\bohemia interactive\arma 2 operation arrowhead demo\arma2oa_demo.exe |
"{3EDAF54F-7C98-4CED-AE07-74330C04C8C2}" = protocol=6 | dir=in | app=c:\program files\steam\steam.exe |
"{41D7550D-3B58-44D4-B7DD-5EE75473EBF0}" = protocol=17 | dir=in | app=c:\program files\tahadi games\pointblank\pointblank.exe |
"{455AAFE8-4FC1-4274-9422-CA09E05DC7B8}" = protocol=6 | dir=in | app=c:\program files\teamviewer\version8\teamviewer_service.exe |
"{4567C814-7276-4AEC-84BE-75B4BFD96B59}" = protocol=17 | dir=in | app=c:\program files\bohemia interactive\arma 2 free\arma2free.exe |
"{5245C2AC-F35A-4E79-95A3-71645FC86656}" = protocol=17 | dir=in | app=c:\program files\bohemia interactive\arma 2 operation arrowhead\arma2oa.exe |
"{5797C31F-F616-4577-815D-B33F2F5D90DC}" = protocol=17 | dir=in | app=c:\program files\bohemia interactive\arma 2 operation arrowhead demo\arma2oa_demo.exe |
"{6242029F-7318-43EF-A348-DC6FAB3A8F7F}" = protocol=17 | dir=in | app=c:\program files\steam\steam.exe |
"{67AC8050-B003-4877-AFC6-5BDD126E5274}" = protocol=17 | dir=in | app=c:\games\scribblenauts unmasked a dc comics adventure\scribble.exe |
"{69B53EB3-22E2-4D27-AF94-F88A8DBE398E}" = protocol=17 | dir=in | app=c:\windows\system32\null\pando networks\media booster\pmb.exe |
"{76A321D2-F23B-4942-BFC3-44E42661DF68}" = protocol=6 | dir=in | app=c:\games\scribblenauts unmasked a dc comics adventure\scribble.exe |
"{7E2E124C-4ACC-496C-8DDE-5B580CE94A4A}" = protocol=6 | dir=in | app=c:\program files\steam\steamapps\common\source sdk base 2007\hl2.exe |
"{A20BBA7E-9A2E-434E-B39B-D6C618DF2EBC}" = protocol=6 | dir=in | app=c:\programdata\nexoneu\ngm\ngm.exe |
"{AF2EAB0F-523C-4578-8984-D64EC936114C}" = protocol=6 | dir=in | app=c:\program files\tahadi games\pointblank\pointblank.exe |
"{B133FFDD-301A-4410-9A88-18835BC36506}" = protocol=6 | dir=in | app=c:\windows\system32\null\pando networks\media booster\pmb.exe |
"{B4F7DFAE-12A3-4B54-95EC-6A684ECBD4C8}" = protocol=17 | dir=in | app=c:\program files\steam\steamapps\common\source sdk base 2007\hl2.exe |
"{B5FC8974-E5EE-4483-BB3D-972DA0826C2E}" = protocol=6 | dir=in | app=c:\program files\mcafee\managed virusscan\agent\myagtsvc.exe |
"{B84E0F36-6B65-466D-A479-5BA7C9A26030}" = dir=in | app=c:\program files\msn messenger\msnmsgr.exe |
"{BA1EED55-1D39-4853-BA78-DEB8EDA480A0}" = protocol=6 | dir=in | app=c:\program files\teamviewer\version8\teamviewer.exe |
"{BB17B6E2-EE79-48EB-BD16-CA62E384664F}" = protocol=17 | dir=in | app=c:\program files\mcafee\managed virusscan\agent\myagtsvc.exe |
"{BB3ACA3D-67ED-4096-8925-F2452EB64242}" = protocol=17 | dir=in | app=c:\program files\steam\steamapps\common\arma 2 operation arrowhead demo\arma2oa_demo.exe |
"{CC2FA603-44D9-421A-9F13-BEA7F4A1068E}" = dir=in | app=c:\program files\msn messenger\livecall.exe |
"{D6180919-3A3F-4185-ADA3-2C89AF89741C}" = protocol=6 | dir=in | app=c:\program files\bohemia interactive\arma 2 operation arrowhead\arma2oa.exe |
"{DC595585-E714-4969-B9A4-577E4D87C2A1}" = protocol=17 | dir=in | app=c:\programdata\nexoneu\ngm\ngm.exe |
"{DFEDC94A-967D-4ABF-B27E-37D2EC3054AC}" = protocol=17 | dir=in | app=c:\windows\system32\null\pando networks\media booster\pmb.exe |
"{EF362F44-0232-42AE-B110-17FB6233FD35}" = protocol=6 | dir=in | app=c:\windows\system32\null\pando networks\media booster\pmb.exe |
"{F0BEBA28-EDC8-43B8-8D01-64A2C187EAEE}" = dir=in | app=null\pando networks\media booster\pmb.exe |
"{F2E2477A-BE4A-47F3-98AE-44B7602E119A}" = protocol=17 | dir=in | app=c:\program files\teamviewer\version8\teamviewer.exe |
"{F3F071C8-5F06-4B83-826E-E75EDDEA8A67}" = dir=in | app=c:\program files\iminent\iminent.exe |
"{F5A53108-8FC6-4383-AE97-EA4D70212F89}" = protocol=17 | dir=in | app=c:\program files\teamviewer\version8\teamviewer_service.exe |
"{FCB9C15F-B1C3-4F4C-8958-C836EAF89E3F}" = protocol=17 | dir=in | app=c:\users\iza\desktop\downloaded games\utorrent.exe |
"{FFA742D6-5864-4ACF-AB10-0CB367DCF6EE}" = dir=in | app=c:\program files\iminent\iminent.messengers.exe |
"TCP Query User{0C8B4D28-4182-44B5-AF88-826388B78986}C:\program files\steam\steamapps\izaali10\source sdk base\hl2.exe" = protocol=6 | dir=in | app=c:\program files\steam\steamapps\izaali10\source sdk base\hl2.exe |
"TCP Query User{18B7533B-C4D3-457D-8520-A8422637754B}C:\windows\system32\javaw.exe" = protocol=6 | dir=in | app=c:\windows\system32\javaw.exe |
"TCP Query User{2BF56D3F-8FB0-4096-BD5F-6E7A2678CAC4}C:\games\dishonored nosteam\binaries\win32\dishonored.exe" = protocol=6 | dir=in | app=c:\games\dishonored nosteam\binaries\win32\dishonored.exe |
"TCP Query User{3E879BDD-B14F-4A28-83B1-A3B73DC069B6}C:\games\gta san andreas\proxy_sa.exe" = protocol=6 | dir=in | app=c:\games\gta san andreas\proxy_sa.exe |
"TCP Query User{4999F9D3-406C-4FD2-9590-109E94C3DA14}C:\games\call of duty modern warfare 3 multiplayer 4d1\iw5m.dat" = protocol=6 | dir=in | app=c:\games\call of duty modern warfare 3 multiplayer 4d1\iw5m.dat |
"TCP Query User{4B9ADC66-FC55-441C-B260-47ADF5080D60}C:\users\iza\appdata\local\akamai\netsession_win.exe" = protocol=6 | dir=in | app=c:\users\iza\appdata\local\akamai\netsession_win.exe |
"TCP Query User{4BC6354C-BB7F-4344-B204-31600004DAD4}C:\program files\arma 2\arma2.exe" = protocol=6 | dir=in | app=c:\program files\arma 2\arma2.exe |
"TCP Query User{4C82DA05-BE3E-4BDE-B1CC-B6E394182840}C:\users\iza\desktop\garry's mod\hl2.exe" = protocol=6 | dir=in | app=c:\users\iza\desktop\garry's mod\hl2.exe |
"TCP Query User{521235CE-EF11-426C-861A-210E30D159D7}C:\users\iza\appdata\local\temp\rar$exa0.807\7 days to die\7daystodie.exe" = protocol=6 | dir=in | app=c:\users\iza\appdata\local\temp\rar$exa0.807\7 days to die\7daystodie.exe |
"TCP Query User{55AA17BF-5D49-494C-BCF0-B2629E8E36AD}C:\users\iza\desktop\arma 2 operation arrowhead\arma2oa_demo.exe" = protocol=6 | dir=in | app=c:\users\iza\desktop\arma 2 operation arrowhead\arma2oa_demo.exe |
"TCP Query User{5A1365AC-3822-4A4E-9CB3-C025295B9604}C:\games\payday 2 beta\payday2_win32_release.exe" = protocol=6 | dir=in | app=c:\games\payday 2 beta\payday2_win32_release.exe |
"TCP Query User{7CF118F9-B06E-4C24-97C5-D500B788121D}C:\users\iza\downloads\garrys.mod.13.v159\garry's mod\hl2.exe" = protocol=6 | dir=in | app=c:\users\iza\downloads\garrys.mod.13.v159\garry's mod\hl2.exe |
"TCP Query User{8C457147-9E5D-49B4-AF37-95233C42D265}C:\program files\steam\steamapps\zeshaanali122\source sdk base\hl2.exe" = protocol=6 | dir=in | app=c:\program files\steam\steamapps\zeshaanali122\source sdk base\hl2.exe |
"TCP Query User{A307BF4D-B391-4D12-9B66-91AED9CEE4FD}C:\program files\arma 2\arma2oa.exe" = protocol=6 | dir=in | app=c:\program files\arma 2\arma2oa.exe |
"TCP Query User{A75BBB4C-5EC3-43D2-9F0C-3015742E9BA4}C:\users\iza\desktop\boxing3d\jre6\bin\java.exe" = protocol=6 | dir=in | app=c:\users\iza\desktop\boxing3d\jre6\bin\java.exe |
"TCP Query User{B3E439A8-6B54-4831-ABAE-E2C782BA048B}C:\users\iza\downloads\counter-strike\hl.exe" = protocol=6 | dir=in | app=c:\users\iza\downloads\counter-strike\hl.exe |
"TCP Query User{CB70C4AF-7561-4B75-8931-29AE530304B5}C:\program files\bohemia interactive\arma 2 operation arrowhead\arma2oaserver.exe" = protocol=6 | dir=in | app=c:\program files\bohemia interactive\arma 2 operation arrowhead\arma2oaserver.exe |
"TCP Query User{D8662BB2-A56E-4BB8-9918-5499A7540DB3}C:\program files\arma 2\arma2oaserver.exe" = protocol=6 | dir=in | app=c:\program files\arma 2\arma2oaserver.exe |
"TCP Query User{F339E686-5F89-419F-A437-F1C90E8E218B}C:\users\iza\desktop\payday the heist\payday_win32_release.exe" = protocol=6 | dir=in | app=c:\users\iza\desktop\payday the heist\payday_win32_release.exe |
"TCP Query User{FD75B0BF-529F-431F-8F1F-61F2F2E7F76B}C:\users\iza\desktop\downloaded games\utorrent.exe" = protocol=6 | dir=in | app=c:\users\iza\desktop\downloaded games\utorrent.exe |
"UDP Query User{025F768A-92C4-4782-97ED-E26A80CBCE69}C:\users\iza\appdata\local\akamai\netsession_win.exe" = protocol=17 | dir=in | app=c:\users\iza\appdata\local\akamai\netsession_win.exe |
"UDP Query User{08E40B5E-9131-407E-8B4F-6F71E093BD5D}C:\users\iza\desktop\downloaded games\utorrent.exe" = protocol=17 | dir=in | app=c:\users\iza\desktop\downloaded games\utorrent.exe |
"UDP Query User{196492E3-5F59-4AF6-9E27-2EC80C8C621B}C:\games\dishonored nosteam\binaries\win32\dishonored.exe" = protocol=17 | dir=in | app=c:\games\dishonored nosteam\binaries\win32\dishonored.exe |
"UDP Query User{2A9CC8AF-D811-4350-88A5-C4DCF12D9305}C:\program files\steam\steamapps\zeshaanali122\source sdk base\hl2.exe" = protocol=17 | dir=in | app=c:\program files\steam\steamapps\zeshaanali122\source sdk base\hl2.exe |
"UDP Query User{3A0B625E-C74D-49AA-9AB6-DD06E8BAA4D5}C:\games\call of duty modern warfare 3 multiplayer 4d1\iw5m.dat" = protocol=17 | dir=in | app=c:\games\call of duty modern warfare 3 multiplayer 4d1\iw5m.dat |
"UDP Query User{4C287850-3AAB-48F9-9C05-FC99EBD50D07}C:\windows\system32\javaw.exe" = protocol=17 | dir=in | app=c:\windows\system32\javaw.exe |
"UDP Query User{515F9EA3-1185-4B26-A075-F8113E131938}C:\users\iza\appdata\local\temp\rar$exa0.807\7 days to die\7daystodie.exe" = protocol=17 | dir=in | app=c:\users\iza\appdata\local\temp\rar$exa0.807\7 days to die\7daystodie.exe |
"UDP Query User{5FBCF63E-6ECA-4C0A-B79E-8176F26D8308}C:\program files\arma 2\arma2oaserver.exe" = protocol=17 | dir=in | app=c:\program files\arma 2\arma2oaserver.exe |
"UDP Query User{68055253-8135-487F-8C60-38BCB936D4CE}C:\program files\arma 2\arma2.exe" = protocol=17 | dir=in | app=c:\program files\arma 2\arma2.exe |
"UDP Query User{695673B9-18DC-4CEF-8955-3FDB9AF2D708}C:\users\iza\desktop\garry's mod\hl2.exe" = protocol=17 | dir=in | app=c:\users\iza\desktop\garry's mod\hl2.exe |
"UDP Query User{6C4DAB9D-903A-4353-BE21-24273392BC6A}C:\games\payday 2 beta\payday2_win32_release.exe" = protocol=17 | dir=in | app=c:\games\payday 2 beta\payday2_win32_release.exe |
"UDP Query User{7847512B-698A-4600-B683-704288AA188B}C:\program files\arma 2\arma2oa.exe" = protocol=17 | dir=in | app=c:\program files\arma 2\arma2oa.exe |
"UDP Query User{8588E711-DF70-430D-863E-10D4674FDAD2}C:\program files\steam\steamapps\izaali10\source sdk base\hl2.exe" = protocol=17 | dir=in | app=c:\program files\steam\steamapps\izaali10\source sdk base\hl2.exe |
"UDP Query User{88501D9D-1D72-4316-8A00-B731C9CF3B53}C:\users\iza\downloads\garrys.mod.13.v159\garry's mod\hl2.exe" = protocol=17 | dir=in | app=c:\users\iza\downloads\garrys.mod.13.v159\garry's mod\hl2.exe |
"UDP Query User{92056C4D-A467-43C5-97DC-D199C8A57A38}C:\users\iza\desktop\payday the heist\payday_win32_release.exe" = protocol=17 | dir=in | app=c:\users\iza\desktop\payday the heist\payday_win32_release.exe |
"UDP Query User{B0C43906-FAE4-41BA-9E73-7CA0E8BD403F}C:\games\gta san andreas\proxy_sa.exe" = protocol=17 | dir=in | app=c:\games\gta san andreas\proxy_sa.exe |
"UDP Query User{D701E9C8-2059-42BB-BDE5-3BED15434401}C:\program files\bohemia interactive\arma 2 operation arrowhead\arma2oaserver.exe" = protocol=17 | dir=in | app=c:\program files\bohemia interactive\arma 2 operation arrowhead\arma2oaserver.exe |
"UDP Query User{E0A7C098-FEBE-43E4-944F-21BB13DA71D1}C:\users\iza\downloads\counter-strike\hl.exe" = protocol=17 | dir=in | app=c:\users\iza\downloads\counter-strike\hl.exe |
"UDP Query User{E82A0350-5DF2-485F-84CF-1A66690B3199}C:\users\iza\desktop\boxing3d\jre6\bin\java.exe" = protocol=17 | dir=in | app=c:\users\iza\desktop\boxing3d\jre6\bin\java.exe |
"UDP Query User{FEDB3BED-8CA5-4A6A-A6DA-6651B7314185}C:\users\iza\desktop\arma 2 operation arrowhead\arma2oa_demo.exe" = protocol=17 | dir=in | app=c:\users\iza\desktop\arma 2 operation arrowhead\arma2oa_demo.exe |

[color=#E56717]========== HKEY_LOCAL_MACHINE Uninstall List ==========[/color]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{004C5DA2-2051-4D25-94BA-51CF810C91EB}" = LightScribe System Software 1.12.37.1
"{01F81577-D786-49D7-BAAF-B8A8B44CE251}" = ESU for Microsoft Vista SP1
"{03D1988F-469F-4843-8E6E-E5FE9D17889D}" = HP Integrated Module with Bluetooth wireless technology 6.0.1.6202
"{048298C9-A4D3-490B-9FF9-AB023A9238F3}" = Steam
"{082702D5-5DD8-4600-BCE5-48B15174687F}" = HP Doc Viewer
"{0840B4D6-7DD1-4187-8523-E6FC0007EFB7}" = Windows Live ID Sign-in Assistant
"{084D80A0-A897-F435-CE63-A3A7CDB46D9A}" = CCC Help Danish
"{0A0CADCF-78DA-33C4-A350-CD51849B9702}" = Microsoft .NET Framework 4 Extended
"{0AEB967F-1D12-43C8-A59C-D93DA8EE4A4E}" = Duty Calls
"{0E485D10-139A-21B6-471C-7856AF893F42}" = Catalyst Control Center Localization Spanish
"{0F98662A-EA83-414F-8766-3FCE46A32641}" = Credential Manager for HP ProtectTools
"{12D61C9C-5E84-47F0-BD81-A48DF61A86D7}" = Vista Default Settings
"{196A2093-817C-7237-9FB8-7223FF8D3424}" = Catalyst Control Center Localization Portuguese
"{19C6BC99-B7D0-E36A-3F72-24501D2FF8F0}" = Catalyst Control Center Localization Thai
"{228C6B46-64E2-404E-898A-EF0830603EF4}" = HPNetworkAssistant
"{2462B5A9-CDE0-A51C-5646-6863B445B717}" = CCC Help Dutch
"{2472CC23-7C6E-F1A5-F439-B93CC198D0E2}" = Catalyst Control Center Graphics Light
"{254C37AA-6B72-4300-84F6-98A82419187E}" = Hewlett-Packard Active Check for Health Check
"{26A24AE4-039D-4CA4-87B4-2F83217045FF}" = Java 7 Update 45
"{27AB9B63-70B4-3444-7FE7-EAAF837286B6}" = Catalyst Control Center Localization Turkish
"{2ACA66D0-7C67-4235-90B5-7AB382FF8633}" = HP 3D DriveGuard
"{2B01122D-645A-7A29-5F98-025F3F920EEE}" = CCC Help Thai
"{2BFC7AA0-544C-4E3A-8796-67F3BE655BE9}" = Microsoft XNA Framework Redistributable 4.0
"{2E8A56E1-8421-623F-7D27-5B0D64052D35}" = CCC Help Swedish
"{3032FE9D-1EF0-2B28-E28F-D14123A54091}" = CCC Help Norwegian
"{30BF4E6C-D866-46F7-A4F6-81A45E97706E}" = Catalyst Control Center - Branding
"{32D95F2D-17A3-9457-667D-DC603227295F}" = ATI Catalyst Install Manager
"{330DAC67-5B62-452A-A0E4-6B4A5923940F}_is1" = MotioninJoy ds3 driver version 0.6.0005
"{34D2AB40-150D-475D-AE32-BD23FB5EE355}" = HP Quick Launch Buttons 6.40 E1
"{3C3901C5-3455-3E0A-A214-0B093A5070A6}" = Microsoft .NET Framework 4 Client Profile
"{3FE45683-E0A6-8887-BA46-93846D76A571}" = Catalyst Control Center Localization Japanese
"{420BBA1D-B275-4891-838C-EA88FE87A632}" = HP Customer Experience Enhancements
"{4343080E-91B7-4388-AB4D-FB1000008200}" = Dead Rising 2
"{45A66726-69BC-466B-A7A4-12FCBA4883D7}" = HiJackThis
"{47D6F3E4-D158-4E47-84C4-0D6452DB2488}_is1" = Call of Duty Black Ops 2
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{4B8CE04B-567D-A6D1-C8C3-55151585051A}" = Catalyst Control Center Localization Hungarian
"{4BBB1697-A0C0-C00D-CC3B-2A3D8D7ED8E1}" = CCC Help Czech
"{4BDBFEB0-784B-8FBB-E323-17F4B8C3450D}" = Catalyst Control Center Core Implementation
"{4CB0307C-565E-4441-86BE-0DF2E4FB828C}" = Microsoft Games for Windows Marketplace
"{4DEB1738-EE2D-9415-B1F3-99FE75519BB8}" = Catalyst Control Center Localization Norwegian
"{4E3AA543-09D7-401E-9DF2-2591D24C7C49}" = Addon Sync 2009
"{571700F0-DB9D-4B3A-B03D-35A14BB5939F}" = Windows Live Messenger
"{5D97A4A7-C274-4B63-86D9-07A33435F505}" = InterVideo DVD Check
"{5FEB063B-B9A0-7677-8D4B-5DE1397BBC7F}" = Catalyst Control Center Localization Swedish
"{6079977A-C216-0ED5-7E82-5E94A7683EB1}" = Catalyst Control Center Localization Chinese Traditional
"{609C59C0-2920-B88F-AC4E-8434CEEA093F}" = CCC Help Chinese Standard
"{62A07DAC-EE36-7C2D-28D4-18A4B8F55EC9}" = Catalyst Control Center Localization Greek
"{64467D47-FFE4-4FBC-ABBA-A0DB829A17EB}" = NVIDIA PhysX
"{669D4A35-146B-4314-89F1-1AC3D7B88367}" = Hewlett-Packard Asset Agent for Health Check
"{6716796A-DD6E-8B10-AF22-D30ECB25C682}" = CCC Help Portuguese
"{69333A04-5134-40A5-A055-9166A7AA1EC8}" =
"{6F854740-01D1-46A4-C809-D73B14F9FAA2}" = ccc-utility
"{70CEFEBA-F757-4DBE-8A21-027C326137CE}" = HP Software Setup 5.00.A.7
"{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable
"{75D7BB3A-9AB7-4ad1-AD5E-0059B90C624B}" = HP ProtectTools Security Manager Suite
"{779D8CA1-03DD-4AD4-B21F-3E20BFE7BEDE}" = SketchUp 8
"{789C97CE-9E17-4126-BDF4-11FF458BF705}" = File Sanitizer For HP ProtectTools
"{7BE6A272-9078-5035-FB61-D2D1C15D1EA0}" = Catalyst Control Center Localization Russian
"{8253DB6F-C883-93A4-435F-9526DC07C17F}" = CCC Help Italian
"{832D9DE0-8AFC-4689-9819-4DBBDEBD3E4F}" = Microsoft Games for Windows - LIVE Redistributable
"{837b34e3-7c30-493c-8f6a-2b0f04e2912c}" = Microsoft Visual C++ 2005 Redistributable
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8BB128BE-2670-485D-A221-B00715BCEBCF}" = HP Easy Setup - Frontend
"{8EC7AB5C-7128-B1CD-CA1D-74190D31313E}" = Catalyst Control Center Localization Chinese Standard
"{8FB91814-FE42-4B62-9B54-4B677A420715}_is1" = CLEO v3.0.950
"{90120000-0015-0407-0000-0000000FF1CE}" = Microsoft Office Access MUI (German) 2007
"{90120000-0015-0407-0000-0000000FF1CE}_PROHYBRIDR_{DB2ACBD1-65B1-4FC5-881E-4E75C668E7E2}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0015-0409-0000-0000000FF1CE}" = Microsoft Office Access MUI (English) 2007
"{90120000-0015-0409-0000-0000000FF1CE}_PROHYBRIDR_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0015-040C-0000-0000000FF1CE}" = Microsoft Office Access MUI (French) 2007
"{90120000-0015-040C-0000-0000000FF1CE}_PROHYBRIDR_{CF3C20A6-47B7-48DA-95C1-6FBB5A439AF8}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0015-0410-0000-0000000FF1CE}" = Microsoft Office Access MUI (Italian) 2007
"{90120000-0015-0410-0000-0000000FF1CE}_PROHYBRIDR_{7F40286D-09A7-4DC0-A2A4-AA18D026D369}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0015-0413-0000-0000000FF1CE}" = Microsoft Office Access MUI (Dutch) 2007
"{90120000-0015-0413-0000-0000000FF1CE}_PROHYBRIDR_{26257879-B20D-4D30-A429-B387A4890929}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0016-0407-0000-0000000FF1CE}" = Microsoft Office Excel MUI (German) 2007
"{90120000-0016-0407-0000-0000000FF1CE}_PROHYBRIDR_{DB2ACBD1-65B1-4FC5-881E-4E75C668E7E2}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0016-0409-0000-0000000FF1CE}" = Microsoft Office Excel MUI (English) 2007
"{90120000-0016-0409-0000-0000000FF1CE}_PROHYBRIDR_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0016-040C-0000-0000000FF1CE}" = Microsoft Office Excel MUI (French) 2007
"{90120000-0016-040C-0000-0000000FF1CE}_PROHYBRIDR_{CF3C20A6-47B7-48DA-95C1-6FBB5A439AF8}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0016-0410-0000-0000000FF1CE}" = Microsoft Office Excel MUI (Italian) 2007
"{90120000-0016-0410-0000-0000000FF1CE}_PROHYBRIDR_{7F40286D-09A7-4DC0-A2A4-AA18D026D369}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0016-0413-0000-0000000FF1CE}" = Microsoft Office Excel MUI (Dutch) 2007
"{90120000-0016-0413-0000-0000000FF1CE}_PROHYBRIDR_{26257879-B20D-4D30-A429-B387A4890929}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0018-0407-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (German) 2007
"{90120000-0018-0407-0000-0000000FF1CE}_PROHYBRIDR_{DB2ACBD1-65B1-4FC5-881E-4E75C668E7E2}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0018-0409-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (English) 2007
"{90120000-0018-0409-0000-0000000FF1CE}_PROHYBRIDR_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0018-040C-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (French) 2007
"{90120000-0018-040C-0000-0000000FF1CE}_PROHYBRIDR_{CF3C20A6-47B7-48DA-95C1-6FBB5A439AF8}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0018-0410-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (Italian) 2007
"{90120000-0018-0410-0000-0000000FF1CE}_PROHYBRIDR_{7F40286D-09A7-4DC0-A2A4-AA18D026D369}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0018-0413-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (Dutch) 2007
"{90120000-0018-0413-0000-0000000FF1CE}_PROHYBRIDR_{26257879-B20D-4D30-A429-B387A4890929}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0019-0407-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (German) 2007
"{90120000-0019-0407-0000-0000000FF1CE}_PROHYBRIDR_{DB2ACBD1-65B1-4FC5-881E-4E75C668E7E2}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0019-0409-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (English) 2007
"{90120000-0019-0409-0000-0000000FF1CE}_PROHYBRIDR_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0019-040C-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (French) 2007
"{90120000-0019-040C-0000-0000000FF1CE}_PROHYBRIDR_{CF3C20A6-47B7-48DA-95C1-6FBB5A439AF8}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0019-0410-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (Italian) 2007
"{90120000-0019-0410-0000-0000000FF1CE}_PROHYBRIDR_{7F40286D-09A7-4DC0-A2A4-AA18D026D369}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0019-0413-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (Dutch) 2007
"{90120000-0019-0413-0000-0000000FF1CE}_PROHYBRIDR_{26257879-B20D-4D30-A429-B387A4890929}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-001A-0407-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (German) 2007
"{90120000-001A-0407-0000-0000000FF1CE}_PROHYBRIDR_{DB2ACBD1-65B1-4FC5-881E-4E75C668E7E2}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-001A-0409-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (English) 2007
"{90120000-001A-0409-0000-0000000FF1CE}_PROHYBRIDR_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-001A-040C-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (French) 2007
"{90120000-001A-040C-0000-0000000FF1CE}_PROHYBRIDR_{CF3C20A6-47B7-48DA-95C1-6FBB5A439AF8}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-001A-0410-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (Italian) 2007
"{90120000-001A-0410-0000-0000000FF1CE}_PROHYBRIDR_{7F40286D-09A7-4DC0-A2A4-AA18D026D369}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-001A-0413-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (Dutch) 2007
"{90120000-001A-0413-0000-0000000FF1CE}_PROHYBRIDR_{26257879-B20D-4D30-A429-B387A4890929}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-001B-0407-0000-0000000FF1CE}" = Microsoft Office Word MUI (German) 2007
"{90120000-001B-0407-0000-0000000FF1CE}_PROHYBRIDR_{DB2ACBD1-65B1-4FC5-881E-4E75C668E7E2}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-001B-0409-0000-0000000FF1CE}" = Microsoft Office Word MUI (English) 2007
"{90120000-001B-0409-0000-0000000FF1CE}_PROHYBRIDR_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-001B-040C-0000-0000000FF1CE}" = Microsoft Office Word MUI (French) 2007
"{90120000-001B-040C-0000-0000000FF1CE}_PROHYBRIDR_{CF3C20A6-47B7-48DA-95C1-6FBB5A439AF8}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-001B-0410-0000-0000000FF1CE}" = Microsoft Office Word MUI (Italian) 2007
"{90120000-001B-0410-0000-0000000FF1CE}_PROHYBRIDR_{7F40286D-09A7-4DC0-A2A4-AA18D026D369}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-001B-0413-0000-0000000FF1CE}" = Microsoft Office Word MUI (Dutch) 2007
"{90120000-001B-0413-0000-0000000FF1CE}_PROHYBRIDR_{26257879-B20D-4D30-A429-B387A4890929}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-001F-0401-0000-0000000FF1CE}" = Microsoft Office Proof (Arabic) 2007
"{90120000-001F-0401-0000-0000000FF1CE}_PROHYBRIDR_{3E8EA473-ECCE-405F-A9CA-59446AEADD3A}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-001F-0407-0000-0000000FF1CE}" = Microsoft Office Proof (German) 2007
"{90120000-001F-0407-0000-0000000FF1CE}_PROHYBRIDR_{928D7B99-2BEA-49F9-83B8-20FA57860643}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007
"{90120000-001F-0409-0000-0000000FF1CE}_PROHYBRIDR_{1FF96026-A04A-4C3E-B50A-BB7022654D0F}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2007
"{90120000-001F-040C-0000-0000000FF1CE}_PROHYBRIDR_{71F055E8-E2C6-4214-BB3D-BFE03561B89E}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-001F-0410-0000-0000000FF1CE}" = Microsoft Office Proof (Italian) 2007
"{90120000-001F-0410-0000-0000000FF1CE}_PROHYBRIDR_{A23BFC95-4A73-410F-9248-4C2B48E38C49}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-001F-0413-0000-0000000FF1CE}" = Microsoft Office Proof (Dutch) 2007
"{90120000-001F-0413-0000-0000000FF1CE}_PROHYBRIDR_{2C95E7EE-FEA7-4B3A-A6E5-DF90A88B816A}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-001F-0C0A-0000-0000000FF1CE}" = Microsoft Office Proof (Spanish) 2007
"{90120000-001F-0C0A-0000-0000000FF1CE}_PROHYBRIDR_{2314F9A1-126F-45CC-8A5E-DFAF866F3FBC}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-002C-0407-0000-0000000FF1CE}" = Microsoft Office Proofing (German) 2007
"{90120000-002C-0409-0000-0000000FF1CE}" = Microsoft Office Proofing (English) 2007
"{90120000-002C-040C-0000-0000000FF1CE}" = Microsoft Office Proofing (French) 2007
"{90120000-002C-0410-0000-0000000FF1CE}" = Microsoft Office Proofing (Italian) 2007
"{90120000-002C-0413-0000-0000000FF1CE}" = Microsoft Office Proofing (Dutch) 2007
"{90120000-006E-0407-0000-0000000FF1CE}" = Microsoft Office Shared MUI (German) 2007
"{90120000-006E-0407-0000-0000000FF1CE}_PROHYBRIDR_{A6353E8F-5B8D-47CC-8737-DFF032ED3973}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-006E-0409-0000-0000000FF1CE}" = Microsoft Office Shared MUI (English) 2007
"{90120000-006E-0409-0000-0000000FF1CE}_PROHYBRIDR_{98333358-268C-4164-B6D4-C96DF5153727}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-006E-040C-0000-0000000FF1CE}" = Microsoft Office Shared MUI (French) 2007
"{90120000-006E-040C-0000-0000000FF1CE}_PROHYBRIDR_{8283FD64-6A3B-4104-9E12-7CA25EF29A1A}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-006E-0410-0000-0000000FF1CE}" = Microsoft Office Shared MUI (Italian) 2007
"{90120000-006E-0410-0000-0000000FF1CE}_PROHYBRIDR_{C0C7E58F-D0A1-4102-855B-0B7AA2E8F1C1}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-006E-0413-0000-0000000FF1CE}" = Microsoft Office Shared MUI (Dutch) 2007
"{90120000-006E-0413-0000-0000000FF1CE}_PROHYBRIDR_{1D12BC91-360E-424C-97C4-813651313660}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0115-0409-0000-0000000FF1CE}" = Microsoft Office Shared Setup Metadata MUI (English) 2007
"{90120000-0115-0409-0000-0000000FF1CE}_PROHYBRIDR_{98333358-268C-4164-B6D4-C96DF5153727}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0117-0409-0000-0000000FF1CE}" = Microsoft Office Access Setup Metadata MUI (English) 2007
"{90120000-0117-0409-0000-0000000FF1CE}_PROHYBRIDR_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{91120000-0031-0000-0000-0000000FF1CE}" = Microsoft Office Professional Hybrid 2007
"{91120000-0031-0000-0000-0000000FF1CE}_PROHYBRIDR_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{91810AFC-A4F8-4EBA-A5AA-B198BBC81144}" = InterVideo WinDVD
"{9320B364-EF7F-90E6-63F8-C58EEB9AE517}" = Catalyst Control Center Graphics Full New
"{933B4015-4618-4716-A828-5289FC03165F}" = VC80CRTRedist - 8.0.50727.6195
"{959B8759-D31A-CE42-6BA1-A8F7812C040B}" = CCC Help Finnish
"{959BAC64-7722-EBD6-660E-C74ED44CA0D3}" = Catalyst Control Center Localization Danish
"{967E55B4-6DDD-4A2F-BFC7-07F1E327971E}_is1" = 7 Days to Die - Alpha version 0.9.1
"{980A182F-E0A2-4A40-94C1-AE0C1235902E}" = Pando Media Booster
"{99A5C123-2741-45BA-276A-8BDA52303CAD}" = CCC Help German
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9ADABDDE-9644-461B-9E73-83FA3EFCAB50}" = HP Wireless Assistant
"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
"{9CDB5063-D699-42BA-9135-7B8C4ECAC856}" = BIOS Configuration for HP ProtectTools
"{9DEE62F7-3C8A-A6E8-6D00-99BB99B0A19C}" = CCC Help French
"{9E2CCD5E-1990-4EF2-9B61-32F0BBACC29B}" = HP Active Support Library
"{A3EB6C7C-F959-9258-3A35-2A6EDB9CA176}" = CCC Help Hungarian
"{A4B50564-9B8D-49DF-4A90-C6EC349A6538}" = Catalyst Control Center Localization Korean
"{A55C2FF6-4217-F05B-E603-0544CB9EBD93}" = Catalyst Control Center Localization French
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{AC194855-F7AC-4D04-B4C9-07BA46FCB697}" = ActivClient 6.1 x86
"{ACE9FB2A-31A5-4285-9510-43F1636EAB21}" = EasyLife Gadget
"{B076BAB8-B78C-053A-FAC2-0A9CCD802E0A}" = CCC Help Korean
"{B1508FDD-AFC7-373B-8B96-6A6BEC48A9A8}" = Catalyst Control Center Localization Polish
"{B3B36E34-2E5A-20E8-AF99-A2D40E84CC6F}" = CCC Help Turkish
"{B57BC333-F983-C25E-4C04-834548DF8607}" = Catalyst Control Center Localization Italian
"{B79DB290-9F72-4B20-9776-848D7832705B}" = HP User Guides 0108
"{BC9BDD06-5674-4FAB-A30F-559C2DB171CA}" = UK-Info 2004 SE
"{BECF6C08-ED85-7F05-E2CD-43A18DA0B3D7}" = CCC Help Spanish
"{BEEA5BCB-CCA1-6FBA-764C-625239FE0F50}" = CCC Help Polish
"{C09C13C7-B636-01CC-D5A1-A7411F858891}" = Catalyst Control Center Localization Czech
"{C19BD21C-AF1A-CBC1-3B73-938B37F6B0E6}" = CCC Help Chinese Traditional
"{C1A27135-69EB-8D44-7358-34727DD7B820}" = DowwnLoad keeeper
"{C8FD5BC1-92EF-4C15-92A9-F9AC7F61985F}" = HP Update
"{C9EF2D75-ECB0-602D-6700-977702AD7CCF}" = Catalyst Control Center Graphics Full Existing
"{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}" = Microsoft .NET Framework 1.1
"{CBC24502-5EB5-45B6-9E56-E6A2F6AFA367}" = HP JavaCard for HP ProtectTools
"{CC8128C5-EC9A-0167-65F5-305E78F1A535}" = CCC Help Russian
"{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1
"{D0FF1E97-85BA-C735-1D4C-636293B0E9F0}" = CCC Help Greek
"{D405A9E1-5D02-46FB-A2B3-796F1F218B32}" = HP ProtectTools Security Manager
"{D4C5185C-A8DF-8466-FE8A-1692E08ECBF7}" = Skins
"{D7FD9036-5EE1-A970-B981-BF46AF433380}" = Catalyst Control Center Localization German
"{E333CA5F-00ED-4EEF-90E5-6A33A8FE969F}" = HP Help and Support
"{E50AE784-FABE-46DA-A1F8-7B6B56DCB22E}" = Microsoft Office Suite Activation Assistant
"{EACFCDA4-3286-4DEB-92D8-53006239F347}" = ArmA II Launcher
"{EF3C3C9A-C96B-051E-99D1-72D7CE823DA8}" = ccc-core-static
"{F0A37341-D692-11D4-A984-009027EC0A9C}" = SoundMAX
"{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}" = Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219
"{F173C2B3-296F-458C-98FF-1676A42EBA02}" = HP Wallpaper
"{F18DB86D-BC16-4E01-BCCE-63F62B931D82}" = InterVideo Register Manager
"{F46CBAC2-20F4-98DA-D890-81F4DE2BF3BA}" = Catalyst Control Center Localization Finnish
"{F545FAC8-4D05-229A-E1A3-3DF671518DC3}" = CCC Help English
"{F657EF23-08BB-4C8D-B688-78C20FA657EA}" = Drive Encryption for HP ProtectTools
"{F7B0E599-C114-4493-BC4D-D8FC7CBBABBB}" = 32 Bit HP CIO Components Installer
"{FE2D627E-D7E0-46EA-93A6-8583420285FA}" = Aeria Ignite
"{FF165D48-1562-B757-E006-69197226E903}" = CCC Help Japanese
"{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022
"{FFCA8569-F139-54BF-A9EF-092A3DFDFB4B}" = Catalyst Control Center Localization Dutch
"7-Zip" = 7-Zip 9.20
"Adobe Flash Player ActiveX" = Adobe Flash Player ActiveX
"Aeria Ignite" = Aeria Ignite
"Aeria Ignite 1.13.3296" = Aeria Ignite
"Agere Systems Soft Modem" = Agere Systems HDA Modem
"AOL Toolbar" = AOL Toolbar 5.0
"ArmA 2" = ArmA 2 Free Uninstall
"ARMA 2 Operation Arrowhead" = ARMA 2 Operation Arrowhead Uninstall
"ArmA2 Demo" = ArmA2 Demo Uninstall
"ArnA 2: Combined Operations" = ArnA 2: Combined Operations
"BandiMPEG1" = Bandisoft MPEG-1 Decoder
"BattlEye A2 Free" = BattlEye (A2Free) Uninstall
"BattlEye for OA" = BattlEye for OA Uninstall
"BLACKSHADES" = Black Shades (remove only)
"Cheat Engine 5.5_is1" = Cheat Engine 5.5
"Cheat Engine 6.3_is1" = Cheat Engine 6.3
"Cross Fire_is1" = Cross Fire En
"DAEMON Tools Lite" = DAEMON Tools Lite
"Die Polizei" = Police Force
"DivX Setup" = DivX Setup
"F.E.A.R. Online" = F.E.A.R. Online
"Family Guy Back to the Multiverse_is1" = Family Guy Back to the Multiverse
"GFWL_{4343080E-91B7-4388-AB4D-FB1000008200}" = Dead Rising 2
"glindorus" = glindorus 1.0.0
"Google Chrome" = Google Chrome
"happylyrics@hpyproductions.net" = Happy Lyrics
"McAfee Managed Firewall" = McAfee Firewall Protection Service
"McAfee SiteAdvisor" = McAfee Browser Protection Service
"Microsoft .NET Framework 1.1 (1033)" = Microsoft .NET Framework 1.1
"Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"Microsoft .NET Framework 4 Extended" = Microsoft .NET Framework 4 Extended
"Minecraft1.5.2" = Minecraft1.5.2
"MTA:SA 1.3" = MTA:SA v1.3.4
"MVS" = McAfee Virus and Spyware Protection Service
"PCSU-SL_is1" = PC Speed Up
"PDF Complete" = PDF Complete
"PointBlank_is1" = PointBlank
"Police Force 22" = Police Force 2
"Police Pursuit Mod 7.6d 7.6d" = Police Pursuit Mod 7.6d 7.6d
"Police Simulator 2" = Police Simulator 2
"PowerISO" = PowerISO
"PROHYBRIDR" = 2007 Microsoft Office system
"S-480333868" = OptimizerPro
"San Andreas First Response v2.0" = San Andreas First Response v2.0
"San Andreas Mod Installer1.1" = San Andreas Mod Installer
"San Andreas Police Department First Response v2.5" = San Andreas Police Department First Response v2.5
"Scribblenauts Unmasked A DC Comics Adventure_is1" = Scribblenauts Unmasked A DC Comics Adventure
"Steam App 17500" = Zombie Panic Source
"Steam App 215" = Source SDK Base 2006
"Steam App 33970" = Arma 2: Operation Arrowhead Demo
"Sumotori Full Version" = Sumotori Full Version
"SynTPDeinstKey" = Synaptics Pointing Device Driver
"TeamViewer 8" = TeamViewer 8
"uTorrent" = µTorrent
"Warrock EU" = WarRock
"WinRAR archiver" = WinRAR 5.00 (32-bit)
"Xvid Video Codec 1.3.1" = Xvid Video Codec
"Zombie Panic!_is1" = Zombie Panic! 0.91a

[color=#E56717]========== HKEY_CURRENT_USER Uninstall List ==========[/color]

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{373B1718-8CC5-4567-8EE2-9033AD08A680}" = ROBLOX Player for iza
"97f28be79b4a4109" = CastleMiner Z
"Akamai" = Akamai NetSession Interface
"GamersFirst LIVE!" = GamersFirst LIVE!
"UnityWebPlayer" = Unity Web Player

[color=#E56717]========== Last 20 Event Log Errors ==========[/color]

[ Application Events ]
Error - 27/10/2013 17:19:59 | Computer Name = iza-PC | Source = Application Error | ID = 1000
Description = Faulting application iexplore.exe, version 0.0.0.0, time stamp 0x4e06cfe8,
faulting module unknown, version 0.0.0.0, time stamp 0x00000000, exception code
0xc0000005, fault offset 0x00020fdf, process id 0xf98, application start time 0x01ced35a4a43fec3.

Error - 27/10/2013 17:19:59 | Computer Name = iza-PC | Source = Application Error | ID = 1000
Description = Faulting application iexplore.exe, version 0.0.0.0, time stamp 0x4e06cfe8,
faulting module unknown, version 0.0.0.0, time stamp 0x00000000, exception code
0xc0000005, fault offset 0x00020fdf, process id 0x1850, application start time 0x01ced35a4a419d63.

Error - 27/10/2013 17:19:59 | Computer Name = iza-PC | Source = Application Error | ID = 1000
Description = Faulting application iexplore.exe, version 0.0.0.0, time stamp 0x4e06cfe8,
faulting module unknown, version 0.0.0.0, time stamp 0x00000000, exception code
0xc0000005, fault offset 0x00020fdf, process id 0x1a28, application start time 0x01ced35a4a3f3c03.

Error - 27/10/2013 17:20:00 | Computer Name = iza-PC | Source = Application Error | ID = 1000
Description = Faulting application iexplore.exe, version 0.0.0.0, time stamp 0x4e06cfe8,
faulting module unknown, version 0.0.0.0, time stamp 0x00000000, exception code
0xc0000005, fault offset 0x00020fdf, process id 0x7cc, application start time 0x01ced35a4a3817e3.

Error - 27/10/2013 17:33:26 | Computer Name = iza-PC | Source = WinMgmt | ID = 10
Description =

Error - 27/10/2013 20:15:41 | Computer Name = iza-PC | Source = WinMgmt | ID = 10
Description =

Error - 28/10/2013 08:05:56 | Computer Name = iza-PC | Source = WinMgmt | ID = 10
Description =

Error - 29/10/2013 08:01:49 | Computer Name = iza-PC | Source = WinMgmt | ID = 10
Description =

Error - 30/10/2013 13:37:37 | Computer Name = iza-PC | Source = WinMgmt | ID = 10
Description =

Error - 31/10/2013 14:03:21 | Computer Name = iza-PC | Source = WinMgmt | ID = 10
Description =

[ System Events ]
Error - 29/10/2013 08:01:54 | Computer Name = iza-PC | Source = Service Control Manager | ID = 7000
Description =

Error - 29/10/2013 08:04:25 | Computer Name = iza-PC | Source = Microsoft-Windows-LanguagePackSetup | ID = 1001
Description =

Error - 29/10/2013 19:14:15 | Computer Name = iza-PC | Source = DCOM | ID = 10010
Description =

Error - 30/10/2013 13:36:48 | Computer Name = iza-PC | Source = HTTP | ID = 15016
Description =

Error - 30/10/2013 13:37:38 | Computer Name = iza-PC | Source = Service Control Manager | ID = 7000
Description =

Error - 30/10/2013 13:40:37 | Computer Name = iza-PC | Source = Microsoft-Windows-LanguagePackSetup | ID = 1001
Description =

Error - 31/10/2013 14:02:09 | Computer Name = iza-PC | Source = EventLog | ID = 6008
Description = The previous system shutdown at 01:34:22 on 31/10/2013 was unexpected.

Error - 31/10/2013 14:02:16 | Computer Name = iza-PC | Source = HTTP | ID = 15016
Description =

Error - 31/10/2013 14:03:21 | Computer Name = iza-PC | Source = Service Control Manager | ID = 7000
Description =

Error - 31/10/2013 14:05:47 | Computer Name = iza-PC | Source = Microsoft-Windows-LanguagePackSetup | ID = 1001
Description =

< End of report >

[ + quote]

http://www.cslregister.com/forum/image.php?u=329&dateline=1297283151&type=thumb

2oldGeek

AfterDawn Addict

31. October 2013 @ 20:05

Link to this message

Originally posted by tali1:
Ok , here are OTL logs-i hope these are last ones! :)

LOL That should be it. I just didn't have a final log and got a little confused.

Originally posted by tali1:
THANKS V MUCH .Done all that.
1.) Also can i use all the above tools to quick clean my other Pcs- or would i need logs analysis?
2.) So what is best preventative software to use ?
3.) Is it worth using a VPN or TOR?( i just understand the very basics of these nothing more)
4.) Also in those logs what is the tell sign of malware /dodgy /corrupt entries?
:)

Quote:
1.) Also can i use all the above tools to quick clean my other Pcs- or would i need logs analysis?

Most of the tools you can use. Except OTL and Combofix. They require Advanced computer knowledge and special training?.

A little clean up to do....

Please Uninstall ComboFix:

Press the Windows logo key + R to bring up the "run box"

Copy and paste next command in the field:

ComboFix /uninstall

Make sure there's a space between Combofix and /

Then hit enter.
This will uninstall Combofix, delete its related folders and files, hide file extensions, hide the system/hidden files and clears System Restore cache and create new Restore point

(If that doesn't work.....you can simply rename ComboFix.exe to Uninstall.exe and double click it to complete the uninstall or download and run the uninstaller)

Double-click OTC to run it. (Vista and up users, please right click on OTC and select "Run as an Administrator")
Click on the CleanUp! button and follow the prompts.
(If you get a warning from your firewall or other security programs regarding OTC attempting to contact the Internet, please allow the connection.)
You will be asked to reboot the machine to finish the Cleanup process, choose Yes.
After the reboot all the tools we used should be gone.
Note: Some more recently created tools may not yet be removed by OTC. Feel free to manually delete any tools it leaves behind.

Any other programs or logs it misses you can manually delete.

You can keep and use:
Malwarebytes free ? I prefer the Pro (paid) version. It has a realtime scanner. The free ver does a good job though.
AdwCleaner
JRT
RogueKiller

Quote:
2.) So what is best preventative software to use ?

Use a good AV, Firewall and malware scanner.
Paid AV?s
McAfee
Bitdefender
Kaspersky

Free AV?s
Avast
Bitdefender
Panda

Vista Firewall is OK.

Scan regularly with Malwarebytes Antimalware

Quote:
3.) Is it worth using a VPN or TOR?( i just understand the very basics of these nothing more)

Unless you are really deep into privacy.. Don?t mess with it.

Quote:
4.) Also in those logs what is the tell sign of malware /dodgy /corrupt entries?
:)

Knowledge and a lot of experience.
Good judgment comes from Experience, Experience comes from a lot of Bad judgement.
I have been working with computers and fighting malware since the internet came into service in 1965 and am still learning?

Please let me know how you are doing and if I can further assist you?.

2oG

[ + quote]

There are three kinds of men: The ones that learn by reading; The few who learn by observation;
The rest of them have to pee on the electric fence and find out for themselves...

tali1

Junior Member

1. November 2013 @ 16:59

Link to this message

Just wondering is it actually essential to remove all those tools ?

[ + quote]

http://www.cslregister.com/forum/image.php?u=329&dateline=1297283151&type=thumb

2oldGeek

AfterDawn Addict

1. November 2013 @ 21:11

Link to this message

Originally posted by tali1:
Just wondering is it actually essential to remove all those tools ?

LOL, There is no law against keeping them and the geek police are not going to fine you or throw you in jail. If you play with them and make a bum call it can turn your computer into a paper weight.:( There is a tutorial for OTL but none for Combofix. It does not explain how to analyze or use it to fix things. It's basically a text book for the instructors to teach from. It does require Advanced computer knowledge and a lot of training in order to use it correctly...

Keep them if you wish but keep it in mind that you're playing with something that can wreck your computer.

Here is the master tutoral for OTL that is used for the classes. Look it over then maybe enroll at Geekstogo:

http://www.geekstogo.com/forum/topic/27...ldtimer-listit/

Enjoy reading it. Just don't pee on the electric fence

2oG

[ + quote]

There are three kinds of men: The ones that learn by reading; The few who learn by observation;
The rest of them have to pee on the electric fence and find out for themselves...

Page:	< Previous	1	2

Start a new thread

afterdawn.com > forums > software, operating systems and more > windows - virus and spyware problems > latop is verry slooow


		User name	Password

		Not registered yet? Register here. Lost your password? Click here.