Cant Uninstall Freeven Adware

A

Alex Neuchterlien

New Member
Thread author
May 14, 2014
1
Spotify
Steam
SVW322P
TweetDeck
VLC media player 2.1.3
WinRAR 4.20 (32-bit)
WinRAR 4.20 (64-bit)

==== Running Processes ======================

C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
C:\Program Files (x86)\AVG\AVG2013\avgwdsvc.exe
C:\Program Files (x86)\Mobogenie\MgAssist.exe
C:\Program Files (x86)\MediaPlayerplus\MediaPlayerplus-nova.exe
C:\Program Files (x86)\Freeven pro\Freeven pro-nova.exe
C:\Program Files (x86)\GIGABYTE\ET6\GUI.exe
C:\Users\ANeuchterlien\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe
C:\Program Files (x86)\ATI Technologies\HydraVision\HydraDM.exe
C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\AAM Updates Notifier.exe
C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
C:\Program Files (x86)\iTunes\iTunesHelper.exe
C:\Program Files (x86)\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe
C:\Program Files (x86)\AVG\AVG2013\avgui.exe
C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\IPC\AdobeIPCBroker.exe
C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSync\CoreSync.exe
C:\Program Files (x86)\AVG\AVG2013\avgcfgex.exe
C:\Users\ANeuchterlien\Downloads\zoek.exe
C:\Windows\SysWOW64\cmd.exe
C:\Windows\SysWOW64\cmd.exe
C:\Windows\SysWOW64\cmd.exe

==== Folders Found ======================


==== Files Found ======================


--- C:\Windows\System32\GroupPolicy\GPT.INI ---
Company: ------
File Description: ------
File Version: ------
Product Name: ------
Copyright: ------
Original Filename: ------
File type: ----a-w-
File size: 11
Created time: 2013-10-28 13:01:01
Modified time: 2014-01-29 17:27:19
MD5: EC3584F3DB838942EC3669DB02DC908E
SHA1: 8DCEB96874D5C6425EBB81BFEE587244C89416DA


--- C:\Windows\SysWOW64\GroupPolicy\gpt.ini ---
Company: ------
File Description: ------
File Version: ------
Product Name: ------
Copyright: ------
Original Filename: ------
File type: ----a-w-
File size: 11
Created time: 2013-10-28 13:01:01
Modified time: 2014-01-29 17:27:19
MD5: EC3584F3DB838942EC3669DB02DC908E
SHA1: 8DCEB96874D5C6425EBB81BFEE587244C89416DA


==== Folders Found In C:\Windows\System32\GroupPolicy ======================

2013-10-28 13:01:01 d-----w- C:\Windows\System32\GroupPolicy\Machine
2013-10-28 13:01:01 d-----w- C:\Windows\System32\GroupPolicy\User

==== Files Found In C:\Windows\System32\GroupPolicy ======================

2014-01-29 17:27:19 233 ----a-w- B95AD23DE123E981D7FE29C4CBA0C276 C:\Windows\System32\GroupPolicy\GPT.INI

==== Files Found In C:\Windows\SysWOW64\GroupPolicy ======================

2014-01-29 17:27:19 11 ----a-w- EC3584F3DB838942EC3669DB02DC908E C:\Windows\SysWOW64\GroupPolicy\gpt.ini

==== System Specs ======================

Windows: Windows 7 Home Premium Edition (64-bit) Service Pack 1 (Build 7601)
Memory (RAM): 16366 MB
CPU Info: AMD FX(tm)-4100 Quad-Core Processor
CPU Speed: 3631.5 MHz
Sound Card: Headset Earphone (3- ASTRO MixA |
Headset (Realtek High Definitio |
Realtek Digital Output (Realtek |
Display Adapters: AMD Radeon HD 6450 | AMD Radeon HD 6450 | RDPDD Chained DD | RDP Encoder Mirror Driver | RDP Reflector Display Driver
Monitors: 1x; SyncMaster SB300_S24B300HL/S24B300EL (HDMI) |
Screen Resolution: 1920 X 1080 - 32 bit
Network: Network Present
Network Adapters: Realtek PCIe GBE Family Controller | Sumvision SVW322P Wireless N 300Mbps PCI adapter
CD / DVD Drives: 1x (D: | ) D: TSSTcorpCDDVDW SH-224BB
Ports: COM1 LPT1
Mouse: 16 Button Wheel Mouse Present
Hard Disks: C: 931.4GB
Hard Disks - Free: C: 732.2GB
Manufacturer *: Award Software International, Inc.
BIOS Info: AT/AT COMPATIBLE | 08/10/12 | GBT - 42302e31
Time Zone: GMT Standard Time
Motherboard *: Gigabyte Technology Co., Ltd. GA-78LMT-USB3
Country: United States
Language: ENU

==== System Specs (Software) ======================

Anti-Virus: AVG AntiVirus Free Edition 2013 On-access scanning disabled (Outdated)
Anti-Spyware: Windows Defender disabled (Outdated)
Anti-Spyware: AVG AntiVirus Free Edition 2013 disabled (Outdated)
Default Browser: Google Chrome 34.0.1847.131
Internet Explorer Version: 11.0.9600.17105
Google Chrome version: 34.0.1847.131
Sun Java version: 1.7.0_55 (32-bit)
Sun Java version: 1.7.0_40 (64-bit)
Flash Player version: 13.0.0.214

==== Files Recently Created / Modified ======================

====== C:\Windows ====
====== C:\Users\ANEUCH~1\AppData\Local\Temp ====
2014-05-06 15:16:59 0188533C67B18F7FD4BC1F88F0BB5095 7071384 ----a-w- C:\Users\ANeuchterlien\AppData\Local\Temp\ab957f62-821c-4a71-bf50-8b2b2f093af6\software\mediaplayerplus.exe
2014-05-06 15:16:58 AC1E1FE274C2BA03427C4003C196D7F9 208848 ----a-w- C:\Users\ANeuchterlien\AppData\Local\Temp\ab957f62-821c-4a71-bf50-8b2b2f093af6\software\DesktopWeatherAlertsSetup.exe
2014-05-06 15:16:42 AE3383357ED04692EBDF851455D6DEF3 6977872 ----a-w- C:\Users\ANeuchterlien\AppData\Local\Temp\ab957f62-821c-4a71-bf50-8b2b2f093af6\software\freeven-pro.exe
2014-05-06 15:16:38 96521425A6F0589333A051723F39DDFE 1386329 ----a-w- C:\Users\ANeuchterlien\AppData\Local\Temp\ab957f62-821c-4a71-bf50-8b2b2f093af6\software\F978377C-B7D4-4536-8E10-14CA97B13394.exe
====== Java Cache =====
====== C:\Windows\SysWOW64 =====
2014-05-07 21:38:55 5869FBC754578A59C8C8635B99DB79DE 17384448 ----a-w- C:\Windows\SysWOW64\mshtml.dll
2014-05-07 21:38:55 2518D1922371892ADEF1F07147DBD72A 2724864 ----a-w- C:\Windows\SysWOW64\mshtml.tlb
2014-05-06 22:26:21 CE6921D33682C6C3DB8A45853CC69402 455168 ----a-w- C:\Windows\SysWOW64\vbscript.dll
2014-05-06 22:26:21 AA12D7A960DB78DD9690AB5B5DAE6586 440832 ----a-w- C:\Windows\SysWOW64\ieui.dll
2014-05-06 22:26:17 EDACA6C44D9CE200F899B7DB0F201DFF 164864 ----a-w- C:\Windows\SysWOW64\msrating.dll
2014-05-06 22:26:17 7E9FE7DB43BC204E44F159F843E35C15 367616 ----a-w- C:\Windows\SysWOW64\dxtmsft.dll
2014-05-06 22:26:17 34FC79C948EE2C5FD0CD699E7D7F91B7 244224 ----a-w- C:\Windows\SysWOW64\dxtrans.dll
2014-05-06 22:26:16 EBC35FE64056910A84485BEEB6DCCAC6 524288 ----a-w- C:\Windows\SysWOW64\msfeeds.dll
2014-05-06 22:26:16 C9CA9803299EB6AFA34CB520BAAB083D 32256 ----a-w- C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2014-05-06 22:26:16 82287FCFFA4A2D60FD744E3FEB3192C5 61952 ----a-w- C:\Windows\SysWOW64\iesetup.dll
2014-05-06 22:26:16 31385A6CAA31BE9D07B0B32E5AA99ABB 43008 ----a-w- C:\Windows\SysWOW64\jsproxy.dll
2014-05-06 22:26:16 21BF6759685FD193715B483F2B3F21B1 112128 ----a-w- C:\Windows\SysWOW64\ieUnatt.exe
2014-05-06 22:26:16 0FDC1A576A3F40420882C0F7C4A66EAD 32768 ----a-w- C:\Windows\SysWOW64\iernonce.dll
2014-05-06 22:26:14 BB185D4A9362AA17CBCEC0768CDBF249 704512 ----a-w- C:\Windows\SysWOW64\ieapfltr.dll
2014-05-06 22:26:14 6557B48D53D653CFCCE3CB1CFA53A8E1 51200 ----a-w- C:\Windows\SysWOW64\ieetwproxystub.dll
2014-05-06 22:26:14 0F4A295516781897FFB09B4CCF2E8798 592896 ----a-w- C:\Windows\SysWOW64\jscript9diag.dll
2014-05-06 22:26:13 E4E829EE073E046B0EB19B5FECB19B8C 1789440 ----a-w- C:\Windows\SysWOW64\wininet.dll
2014-05-06 22:26:13 05BD47136DE62FAFE9F95B40E4100144 2178048 ----a-w- C:\Windows\SysWOW64\iertutil.dll
2014-05-06 22:26:12 C4A383FD50FBD7E274DD41CF571DF898 1967104 ----a-w- C:\Windows\SysWOW64\inetcpl.cpl
2014-05-06 22:26:12 76F58DB8F85C125E0D6B3AA42F3BF1D0 1143808 ----a-w- C:\Windows\SysWOW64\urlmon.dll
2014-05-06 22:26:11 2AFBB91BBD2378933B26E6D68C140D1B 11745792 ----a-w- C:\Windows\SysWOW64\ieframe.dll
2014-05-06 22:26:10 8C46360D6EF9D4C563FE834C4F287DA3 4254720 ----a-w- C:\Windows\SysWOW64\jscript9.dll
====== C:\Windows\SysWOW64\drivers =====
====== C:\Windows\Sysnative =====
2014-05-07 21:38:55 DE5DE05946D6FC2DC494C55BC7BC4C6E 2724864 ----a-w- C:\Windows\Sysnative\mshtml.tlb
2014-05-07 21:38:55 A98DA2EC1E56CF52C682D072F77D9874 23547904 ----a-w- C:\Windows\Sysnative\mshtml.dll
2014-05-06 22:26:22 7446786E7092ABE122D372F95E6ED74B 574976 ----a-w- C:\Windows\Sysnative\ieui.dll
2014-05-06 22:26:21 FFF555C177D9F2B79B5C3146BED09FB1 548352 ----a-w- C:\Windows\Sysnative\vbscript.dll
2014-05-06 22:26:18 D6067F7EE060C5D6D79008AD591B4E3B 33792 ----a-w- C:\Windows\Sysnative\iernonce.dll
2014-05-06 22:26:18 964C89BC8A52A260D68C90FDDEB862E2 38400 ----a-w- C:\Windows\Sysnative\JavaScriptCollectionAgent.dll
2014-05-06 22:26:18 72116CC377FF4281B0132C397026D911 4096 ----a-w- C:\Windows\Sysnative\ieetwcollectorres.dll
2014-05-06 22:26:18 3F498856C68725717195C16568FE19D0 586240 ----a-w- C:\Windows\Sysnative\ie4uinit.exe
2014-05-06 22:26:17 E0D95345D1EBB54F28E958782B9C0CE0 453120 ----a-w- C:\Windows\Sysnative\dxtmsft.dll
2014-05-06 22:26:17 CFBA793F678EB3855052ECF99357A9A1 296960 ----a-w- C:\Windows\Sysnative\dxtrans.dll
2014-05-06 22:26:17 3F547245C78F4847B73EDDFD4A2F7E12 752640 ----a-w- C:\Windows\Sysnative\jscript9diag.dll
2014-05-06 22:26:16 E7161E2C66FF9B1E87C30FC9D2497ABB 195584 ----a-w- C:\Windows\Sysnative\msrating.dll
2014-05-06 22:26:16 CB57E934280D346AE0A9B053DAA284C5 51200 ----a-w- C:\Windows\Sysnative\jsproxy.dll
2014-05-06 22:26:16 A3F9A9E46BDDBB8B20B7CF3EEDB990F2 66048 ----a-w- C:\Windows\Sysnative\iesetup.dll
2014-05-06 22:26:16 75AD355828187145A60E3DC7BAF7B0F3 628736 ----a-w- C:\Windows\Sysnative\msfeeds.dll
2014-05-06 22:26:16 1BF215FF4DF6DE10D2F81A2CE85157D2 139264 ----a-w- C:\Windows\Sysnative\ieUnatt.exe
2014-05-06 22:26:14 EBAD8A4D048ED257E4A45F6356541F86 846336 ----a-w- C:\Windows\Sysnative\ieapfltr.dll
2014-05-06 22:26:14 A3A132CBE48AF0324466469F2CAAE8A2 111616 ----a-w- C:\Windows\Sysnative\ieetwcollector.exe
2014-05-06 22:26:14 915D8A9E112C97C90C654F792B6B28B9 48640 ----a-w- C:\Windows\Sysnative\ieetwproxystub.dll
2014-05-06 22:26:14 710FD0E362A1A5C087DB90C1BAC46411 940032 ----a-w- C:\Windows\Sysnative\MsSpellCheckingFacility.exe
2014-05-06 22:26:13 1F8534A19A66275C863DE17645CB2A13 2767360 ----a-w- C:\Windows\Sysnative\iertutil.dll
2014-05-06 22:26:12 F220BA78AB542C70211D73AE4729B2CD 2260480 ----a-w- C:\Windows\Sysnative\wininet.dll
2014-05-06 22:26:12 A14BB2F5F6457738AAA11367F5172A05 13551104 ----a-w- C:\Windows\Sysnative\ieframe.dll
2014-05-06 22:26:12 32417AE8280276968E5C551ED85D3525 1400832 ----a-w- C:\Windows\Sysnative\urlmon.dll
2014-05-06 22:26:12 1654093C8BD3342997D27B71684ACCE8 2043904 ----a-w- C:\Windows\Sysnative\inetcpl.cpl
2014-05-06 22:26:10 BF25489459C7A762DD7B3186C7E3984D 5784064 ----a-w- C:\Windows\Sysnative\jscript9.dll
2014-05-06 14:52:11 84ED099009EF0DF82A37D4FEAE012655 465408 ----a-w- C:\Windows\Sysnative\aepdu.dll
2014-05-06 14:52:11 5513F4766C9987D6B0D49D51BB2E5EE4 424448 ----a-w- C:\Windows\Sysnative\aeinv.dll
====== C:\Windows\Sysnative\drivers =====
2014-04-15 12:35:26 11E6217CEC418B2B16FB457A02C07004 240952 ----a-w- C:\Windows\Sysnative\drivers\avgtdia.sys
====== C:\Windows\Tasks ======
2014-05-10 21:47:39 4BDF6B8A2D601094812D1A29FBD821DE 3150 ----a-w- C:\Windows\Sysnative\Tasks\{DCED6E8E-1145-4546-B292-B80024CB8DB3}
2014-05-10 21:46:58 7C0889379048570540C2E079ACD319DA 3142 ----a-w- C:\Windows\Sysnative\Tasks\{156F131D-038C-421A-B991-DDA7F117F560}
2014-05-06 15:18:18 E810AFC0E0E2EFDA155DC8C6C93A14D2 4578 ----a-w- C:\Windows\Sysnative\Tasks\26459eb6-b3d8-428b-a1af-ec8faad6aed4-5
2014-05-06 15:18:17 79DE8049AC427BE43CE3DBC5AD4AF0D7 1548 ----a-w- C:\Windows\Tasks\26459eb6-b3d8-428b-a1af-ec8faad6aed4-5.job
2014-05-06 15:18:15 EFD587B39670D83DB94A5A8ED7B95128 1468 ----a-w- C:\Windows\Tasks\26459eb6-b3d8-428b-a1af-ec8faad6aed4-1.job
2014-05-06 15:18:15 E9DABB6C9B26707A4EE624518DCB4B42 4498 ----a-w- C:\Windows\Sysnative\Tasks\26459eb6-b3d8-428b-a1af-ec8faad6aed4-1
2014-05-06 15:18:13 A474C4F7505F3E76145F227C00C3D93C 5260 ----a-w- C:\Windows\Sysnative\Tasks\26459eb6-b3d8-428b-a1af-ec8faad6aed4-4
2014-05-06 15:18:12 B1A883ED15C2654730E62BC1886317E7 2230 ----a-w- C:\Windows\Tasks\26459eb6-b3d8-428b-a1af-ec8faad6aed4-4.job
2014-05-06 15:18:08 54015381A39B6248515A7D02B9257B1B 4442 ----a-w- C:\Windows\Sysnative\Tasks\26459eb6-b3d8-428b-a1af-ec8faad6aed4-7
2014-05-06 15:18:08 065CF96FE43B1B4B85F5D459FF3074FF 1414 ----a-w- C:\Windows\Tasks\26459eb6-b3d8-428b-a1af-ec8faad6aed4-7.job
2014-05-06 15:18:07 BE056501F14FF4D12385914889CA344B 1476 ----a-w- C:\Windows\Tasks\26459eb6-b3d8-428b-a1af-ec8faad6aed4-6.job
2014-05-06 15:18:07 526A8075B03FEFB96603FBFC6D2FB051 4506 ----a-w- C:\Windows\Sysnative\Tasks\26459eb6-b3d8-428b-a1af-ec8faad6aed4-6
2014-05-06 15:17:33 011BD344871B4318F1F921555386A507 6166 ----a-w- C:\Windows\Sysnative\Tasks\26459eb6-b3d8-428b-a1af-ec8faad6aed4-3
2014-05-06 15:17:31 CCF7EC7C2DF475748E2E45905FCF3460 3136 ----a-w- C:\Windows\Tasks\26459eb6-b3d8-428b-a1af-ec8faad6aed4-3.job
2014-05-06 15:17:30 8293DBC90CDE501BFDE82E2C4A36EF87 4496 ----a-w- C:\Windows\Sysnative\Tasks\d360fa68-721c-4fbf-8573-f3301fdd3d2b-5
2014-05-06 15:17:29 6ED184E91B1C3CC9C738EAD705D13C12 1466 ----a-w- C:\Windows\Tasks\d360fa68-721c-4fbf-8573-f3301fdd3d2b-5.job
2014-05-06 15:17:27 BA66E28A44A952D846925F5B41DBC53D 1378 ----a-w- C:\Windows\Tasks\d360fa68-721c-4fbf-8573-f3301fdd3d2b-1.job
2014-05-06 15:17:27 A06B62497C69DEF9605CBA89FFC5A268 4408 ----a-w- C:\Windows\Sysnative\Tasks\d360fa68-721c-4fbf-8573-f3301fdd3d2b-1
2014-05-06 15:17:21 96CFB2E99DA980EF77A080E65A0132A6 5154 ----a-w- C:\Windows\Sysnative\Tasks\d360fa68-721c-4fbf-8573-f3301fdd3d2b-4
2014-05-06 15:17:20 D505447C3BD9E6B6B9438E4ABFE2A932 2124 ----a-w- C:\Windows\Tasks\d360fa68-721c-4fbf-8573-f3301fdd3d2b-4.job
2014-05-06 15:17:15 FD40C52B33EEE49CE5E53B9D3AAEC1B6 1324 ----a-w- C:\Windows\Tasks\d360fa68-721c-4fbf-8573-f3301fdd3d2b-7.job
2014-05-06 15:17:15 6FF4FD07AD822D9B311AB07383B376C9 4352 ----a-w- C:\Windows\Sysnative\Tasks\d360fa68-721c-4fbf-8573-f3301fdd3d2b-7
2014-05-06 15:17:14 5E0B04CF15A0C920C85254771C801CC2 4416 ----a-w- C:\Windows\Sysnative\Tasks\d360fa68-721c-4fbf-8573-f3301fdd3d2b-6
2014-05-06 15:17:13 9192FA4E9F425BE6D1C74EFCEE64AE23 1386 ----a-w- C:\Windows\Tasks\d360fa68-721c-4fbf-8573-f3301fdd3d2b-6.job
2014-05-06 15:17:08 56A55C0D22D32F50A39E38A68B6604CD 6158 ----a-w- C:\Windows\Sysnative\Tasks\d360fa68-721c-4fbf-8573-f3301fdd3d2b-3
2014-05-06 15:17:08 2BAABEAC4E91482818D6CD1F3EAE16C7 3128 ----a-w- C:\Windows\Tasks\d360fa68-721c-4fbf-8573-f3301fdd3d2b-3.job
====== C:\Windows\Temp ======
======= C:\Program Files =====
2014-05-06 15:16:42 -------- d-----w- C:\Program Files\003
======= C:\PROGRA~2 =====
2014-05-06 15:17:30 -------- d-----w- C:\PROGRA~2\MediaPlayerplus
2014-05-06 15:17:06 -------- d-----w- C:\PROGRA~2\Freeven pro
2014-04-20 18:40:15 -------- d-----w- C:\PROGRA~2\VideoLAN
======= C: =====
====== C:\Users\ANeuchterlien\AppData\Roaming ======
2014-04-20 18:40:31 -------- d-----w- C:\Users\ANeuchterlien\AppData\Roaming\vlc
====== C:\Users\ANeuchterlien ======
2014-05-13 04:04:53 -------- d-----r- C:\Windows\SysNative\config\systemprofile\Searches
2014-05-10 22:31:46 B6AB65F2AD07E6B502BEAB673621B28D 26747104 ----a-w- C:\Users\ANeuchterlien\Downloads\Windows-KB890830-x64-V5.11.exe
2014-05-10 22:13:08 3F9C12E62A0AE1D7A9DBB252195C4C54 4210920 ----a-w- C:\Users\ANeuchterlien\Downloads\rcsetup151.exe
2014-04-26 18:00:50 -------- d-----w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVG
2014-04-20 18:40:23 -------- d-----w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VideoLAN

====== C: exe-files ==
2014-05-10 23:44:27 646A2CE7104674BCDA3AFAC1D4936B76 544 ----a-w- C:\$Recycle.Bin\S-1-5-21-2049491913-1101272940-3547743518-1000\$IBFOLEY.exe
2014-05-10 22:31:46 B6AB65F2AD07E6B502BEAB673621B28D 26747104 ----a-w- C:\Users\ANeuchterlien\Downloads\Windows-KB890830-x64-V5.11.exe
2014-05-10 22:19:42 2ED2319F3DE13495AAA49B70A1467055 1285120 ----a-w- C:\$Recycle.Bin\S-1-5-21-2049491913-1101272940-3547743518-1000\$RBFOLEY.exe
2014-05-10 22:13:08 3F9C12E62A0AE1D7A9DBB252195C4C54 4210920 ----a-w- C:\Users\ANeuchterlien\Downloads\rcsetup151.exe
2014-05-09 20:01:16 BE472797288F53AA9F56974B1A1FC18F 918672 ----a-w- C:\Program Files (x86)\Google\Update\1.3.24.7\GoogleUpdateSetup.exe
2014-05-09 20:01:16 6FC454773ABF8DE9A33B35E03525140D 51080 ----atw- C:\Program Files (x86)\Google\Update\1.3.24.7\GoogleUpdateOnDemand.exe
2014-05-09 20:01:16 49B70FBEEC01A69CA9AC115C109E9CDD 51080 ----atw- C:\Program Files (x86)\Google\Update\1.3.24.7\GoogleUpdateBroker.exe
2014-05-09 20:01:11 D893431503D5112DC3B799DF963D2AC8 114568 ----atw- C:\Program Files (x86)\Google\Update\1.3.24.7\GoogleUpdateComRegisterShell64.exe
2014-05-09 20:01:10 D5A444B63637EC0932172C6719A10252 263048 ----atw- C:\Program Files (x86)\Google\Update\1.3.24.7\GoogleCrashHandler.exe
2014-05-09 20:01:10 720546B84ED5229E1584C8F3533A2F12 328072 ----atw- C:\Program Files (x86)\Google\Update\1.3.24.7\GoogleCrashHandler64.exe
2014-05-09 20:01:10 506708142BC63DABA64F2D3AD1DCD5BF 116648 ----atw- C:\Program Files (x86)\Google\Update\1.3.24.7\GoogleUpdate.exe
2014-05-09 20:01:07 BE472797288F53AA9F56974B1A1FC18F 918672 ----a-w- C:\Program Files (x86)\Google\Update\Download\{430FD4D0-B729-4F61-AA34-91526481799D}\1.3.24.7\GoogleUpdateSetup.exe
=== C: other files ==
2014-05-10 22:08:56 07A47383C3F79E900420DE4BEDB9A377 110634 ----a-w- C:\Users\ANeuchterlien\Downloads\all.zip
2014-05-10 22:04:53 6B53C7F589F4417FFA602861DF648E93 403450 ----a-w- C:\Users\ANeuchterlien\Downloads\qtnetwork4.zip
2014-05-10 21:54:32 8B6157F4A5BA966BB715A151BF0F78B1 1040624 ----a-w- C:\Users\ANeuchterlien\Downloads\qtcore4.zip
2014-05-10 21:47:31 20ABA6786CC18F657E9E1EDA8BC06BF3 4233147 ----a-w- C:\ProgramData\AVG2013\IDS\quarantine\f18729c4-ce97-47d2-8be7-4162724c76c9.zip
2014-05-10 21:47:04 44B599841634950A80AA3615EA25CF02 2119572 ----a-w- C:\ProgramData\AVG2013\IDS\quarantine\cf4fe9e7-ce97-47d2-8be7-4162724c76c9.zip
2014-05-10 21:46:47 868D966954FCA93ACC290E076253B6E9 2555168 ----a-w- C:\ProgramData\AVG2013\IDS\quarantine\765c104b-c99b-47d2-8be7-4162724c76c9.zip

==== Startup Registry Enabled ======================

[HKEY_USERS\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\Run]
"Sidebar"="%ProgramFiles%\Windows\Sidebar.exe /autoRun"

[HKEY_USERS\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\Run]
"Sidebar"="%ProgramFiles%\Windows\Sidebar.exe /autoRun"

[HKEY_USERS\S-1-5-21-2049491913-1101272940-3547743518-1000\Software\Microsoft\Windows\CurrentVersion\Run]
"Spotify Web Helper"="C:\Users\ANeuchterlien\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe"
"HydraVisionDesktopManager"="C:\Program Files (x86)\ATI Technologies\HydraVision\HydraDM.exe"
"GoogleChromeAutoLaunch_F84D0492B1EDE16DAC281FB97DC09EFB"="C:\Program Files (x86)\Google\Chrome\Application\chrome.exe --no-startup-window"

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\RunOnce]

[HKEY_USERS\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\RunOnce]
"mctadmin"="C:\Windows\System32\mctadmin.exe"

[HKEY_USERS\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\RunOnce]
"mctadmin"="C:\Windows\System32\mctadmin.exe"

[HKEY_USERS\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\RunOnce]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"SunJavaUpdateSched"="C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
"QuickTime Task"="C:\Program Files (x86)\QuickTime\QTTask.exe -atboottime"
"iTunesHelper"="C:\Program Files (x86)\iTunes\iTunesHelper.exe"
"mobilegeni daemon"="C:\Program Files (x86)\Mobogenie\DaemonProcess.exe"
"Adobe Creative Cloud"="C:\Program Files (x86)\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe --showwindow=false --onOSstartup=true"
"AVG_UI"="C:\Program Files (x86)\AVG\AVG2013\avgui.exe /TRAYONLY"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\RunOnce]
"EasyTuneVI"="C:\Program Files (x86)\GIGABYTE\ET6\ETCall.exe"

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"Spotify Web Helper"="C:\Users\ANeuchterlien\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe"
"HydraVisionDesktopManager"="C:\Program Files (x86)\ATI Technologies\HydraVision\HydraDM.exe"
"GoogleChromeAutoLaunch_F84D0492B1EDE16DAC281FB97DC09EFB"="C:\Program Files (x86)\Google\Chrome\Application\chrome.exe --no-startup-window"

==== Startup Registry Enabled x64 ======================

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"AdobeAAMUpdater-1.0"="C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe"

==== Startup Registry Disabled x64 ======================

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\Adobe Creative Cloud]
"key"="SOFTWARE\\Wow6432Node\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"="Adobe Creative Cloud"
"hkey"="HKLM"
"command"="\"C:\\Program Files (x86)\\Adobe\\Adobe Creative Cloud\\ACC\\Creative Cloud.exe\" --showwindow=false --onOSstartup=true"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\ApnTBMon]
"key"="SOFTWARE\\Wow6432Node\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"="ApnTBMon"
"hkey"="HKLM"
"command"="\"C:\\Program Files (x86)\\AskPartnerNetwork\\Toolbar\\Updater\\TBNotifier.exe\""

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\ApplePhotoStreams]
"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"="ApplePhotoStreams"
"hkey"="HKCU"
"command"="C:\\Program Files (x86)\\Common Files\\Apple\\Internet Services\\ApplePhotoStreams.exe"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\APSDaemon]
"key"="SOFTWARE\\Wow6432Node\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"="APSDaemon"
"hkey"="HKLM"
"command"="\"C:\\Program Files (x86)\\Common Files\\Apple\\Apple Application Support\\APSDaemon.exe\""

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\AVG_UI]
"key"="SOFTWARE\\Wow6432Node\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"="AVG_UI"
"hkey"="HKLM"
"command"="\"C:\\Program Files (x86)\\AVG\\AVG2013\\avgui.exe\" /TRAYONLY"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\Computer Updater]
"key"="SOFTWARE\\Wow6432Node\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"="Computer Updater"
"hkey"="HKLM"
"command"="\"C:\\Program Files (x86)\\Computer Updater\\ComputerUp-dater.Exe\" /boot"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\CorelCreatorClient]
"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"="CorelCreatorClient"
"hkey"="HKLM"
"command"="C:\\Program Files (x86)\\Corel\\Corel PDF Fusion\\CorelCreatorClient.exe"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\Gyazo]
"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"="Gyazo"
"hkey"="HKCU"
"command"="C:\\Program Files (x86)\\Gyazo\\GyStation.exe"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\HydraVisionDesktopManager]
"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"="HydraVisionDesktopManager"
"hkey"="HKCU"
"command"="\"C:\\Program Files (x86)\\ATI Technologies\\HydraVision\\HydraDM.exe\""

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\iCloudServices]
"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"="iCloudServices"
"hkey"="HKCU"
"command"="C:\\Program Files (x86)\\Common Files\\Apple\\Internet Services\\iCloudServices.exe"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\iTunesHelper]
"key"="SOFTWARE\\Wow6432Node\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"="iTunesHelper"
"hkey"="HKLM"
"command"="\"C:\\Program Files (x86)\\iTunes\\iTunesHelper.exe\""

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\OscarEditor]
"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"="OscarEditor"
"hkey"="HKCU"
"command"="\"C:\\Program Files (x86)\\MOUSE Editor\\MouseEditor.exe\" Minimum"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\Pando Media Booster]
"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"="Pando Media Booster"
"hkey"="HKCU"
"command"="C:\\Program Files (x86)\\Pando Networks\\Media Booster\\PMB.exe"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\QuickTime Task]
"key"="SOFTWARE\\Wow6432Node\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"="QuickTime Task"
"hkey"="HKLM"
"command"="\"C:\\Program Files (x86)\\QuickTime\\QTTask.exe\" -atboottime"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\RtHDVCpl]
"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"="RtHDVCpl"
"hkey"="HKLM"
"command"="C:\\Program Files\\Realtek\\Audio\\HDA\\RAVCpl64.exe -s"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\SearchProtect]
"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"="SearchProtect"
"hkey"="HKCU"
"command"="C:\\Users\\ANeuchterlien\\AppData\\Roaming\\SearchProtect\\bin\\cltmng.exe"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\SearchProtectAll]
"key"="SOFTWARE\\Wow6432Node\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"="SearchProtectAll"
"hkey"="HKLM"
"command"="C:\\Program Files (x86)\\SearchProtect\\bin\\cltmng.exe"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\Spotify]
"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"="Spotify"
"hkey"="HKCU"
"command"="\"C:\\Users\\ANeuchterlien\\AppData\\Roaming\\Spotify\\Spotify.exe\" /uri spotify:autostart"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\Spotify Web Helper]
"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"="Spotify Web Helper"
"hkey"="HKCU"
"command"="\"C:\\Users\\ANeuchterlien\\AppData\\Roaming\\Spotify\\Data\\SpotifyWebHelper.exe\""

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\StartCCC]
"key"="SOFTWARE\\Wow6432Node\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"="StartCCC"
"hkey"="HKLM"
"command"="\"C:\\Program Files (x86)\\ATI Technologies\\ATI.ACE\\Core-Static\\CLIStart.exe\" MSRun"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\SunJavaUpdateSched]
"key"="SOFTWARE\\Wow6432Node\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"="SunJavaUpdateSched"
"hkey"="HKLM"
"command"="\"C:\\Program Files (x86)\\Common Files\\Java\\Java Update\\jusched.exe\""

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\swg]
"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"="swg"
"hkey"="HKCU"
"command"="\"C:\\Program Files (x86)\\Google\\GoogleToolbarNotifier\\GoogleToolbarNotifier.exe\""

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\Tenda_UI]
"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"="Tenda_UI"
"hkey"="HKCU"
"command"="C:\\Program Files (x86)\\SUMVISION\\SVW322P\\UI.exe /EndPrevInst /AutoHide"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\Yontoo Desktop]
"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"="Yontoo Desktop"
"hkey"="HKCU"
"command"="\"C:\\Users\\ANeuchterlien\\AppData\\Roaming\\Yontoo\\YontooDesktop.exe\""


[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupfolder]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupfolder\C:^Users^ANeuchterlien^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^BBC iPlayer Desktop.lnk]
"path"="C:\\Users\\ANeuchterlien\\AppData\\Roaming\\Microsoft\\Windows\\Start Menu\\Programs\\Startup\\BBC iPlayer Desktop.lnk"
"backup"="C:\\Windows\\pss\\BBC iPlayer Desktop.lnk.Startup"
"backupExtension"=".Startup"
"command"="C:\\Program Files (x86)\\BBC iPlayer Desktop\\BBC iPlayer Desktop.exe "
"item"="BBC iPlayer Desktop"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupfolder\C:^Users^ANeuchterlien^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^GamersFirst LIVE!.lnk]
"path"="C:\\Users\\ANeuchterlien\\AppData\\Roaming\\Microsoft\\Windows\\Start Menu\\Programs\\Startup\\GamersFirst LIVE!.lnk"
"backup"="C:\\Windows\\pss\\GamersFirst LIVE!.lnk.Startup"
"backupExtension"=".Startup"
"command"="C:\\Users\\ANEUCH~1\\AppData\\Local\\GAMERS~1\\LIVE!\\Live.exe /silent"
"item"="GamersFirst LIVE!"


==== Task Scheduler Jobs ======================

C:\Windows\tasks\26459eb6-b3d8-428b-a1af-ec8faad6aed4-1.job --a------ C:\Program Files (x86)\MediaPlayerplus\MediaPlayerplus-codedownloader.exe []
C:\Windows\tasks\26459eb6-b3d8-428b-a1af-ec8faad6aed4-3.job --a------ C:\Program Files (x86)\MediaPlayerplus\26459eb6-b3d8-428b-a1af-ec8faad6aed4-3.exe [06-May-14 04:17 PM]
C:\Windows\tasks\26459eb6-b3d8-428b-a1af-ec8faad6aed4-4.job --a------ C:\Program Files (x86)\MediaPlayerplus\26459eb6-b3d8-428b-a1af-ec8faad6aed4-4.exe [06-May-14 04:18 PM]
C:\Windows\tasks\26459eb6-b3d8-428b-a1af-ec8faad6aed4-5.job --a------ C:\Program Files (x86)\MediaPlayerplus\26459eb6-b3d8-428b-a1af-ec8faad6aed4-5.exe [06-May-14 04:18 PM]
C:\Windows\tasks\26459eb6-b3d8-428b-a1af-ec8faad6aed4-6.job --a------ C:\Program Files (x86)\MediaPlayerplus\MediaPlayerplus-novainstaller.exe []
C:\Windows\tasks\26459eb6-b3d8-428b-a1af-ec8faad6aed4-7.job --a------ [Undetermined Task]
C:\Windows\tasks\Adobe Flash Player Updater.job --a------ C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [14-May-14 05:05 PM]
C:\Windows\tasks\d360fa68-721c-4fbf-8573-f3301fdd3d2b-1.job --a------ C:\Program Files (x86)\Freeven pro\Freeven pro-codedownloader.exe []
C:\Windows\tasks\d360fa68-721c-4fbf-8573-f3301fdd3d2b-3.job --a------ C:\Program Files (x86)\Freeven pro\d360fa68-721c-4fbf-8573-f3301fdd3d2b-3.exe [06-May-14 04:17 PM]
C:\Windows\tasks\d360fa68-721c-4fbf-8573-f3301fdd3d2b-4.job --a------ [Undetermined Task]
C:\Windows\tasks\d360fa68-721c-4fbf-8573-f3301fdd3d2b-5.job --a------ C:\Program Files (x86)\Freeven pro\d360fa68-721c-4fbf-8573-f3301fdd3d2b-5.exe [06-May-14 04:17 PM]
C:\Windows\tasks\d360fa68-721c-4fbf-8573-f3301fdd3d2b-6.job --a------ C:\Program Files (x86)\Freeven pro\Freeven pro-novainstaller.exe []
C:\Windows\tasks\d360fa68-721c-4fbf-8573-f3301fdd3d2b-7.job --a------ C:\Program Files (x86)\Freeven pro\Freeven pro-nova.exe [06-May-14 04:17 PM]
C:\Windows\tasks\GoogleUpdateTaskMachineCore.job --a------ C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [16-Feb-13 07:27 PM]
C:\Windows\tasks\GoogleUpdateTaskMachineUA.job --a------ C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [16-Feb-13 07:27 PM]
C:\Windows\tasks\System Speedup_DEFAULT.job --a------ C:\Program Files (x86)\System Speedup\SystemSpeedup.exe []
C:\Windows\tasks\System Speedup_UPDATES.job --a------ C:\Program Files (x86)\System Speedup\SystemSpeedup.exe []

==== Other Scheduled Tasks ======================

"C:\Windows\SysNative\tasks\26459eb6-b3d8-428b-a1af-ec8faad6aed4-1" [C:\Program Files (x86)\MediaPlayerplus\MediaPlayerplus-codedownloader.exe]
"C:\Windows\SysNative\tasks\26459eb6-b3d8-428b-a1af-ec8faad6aed4-3" [C:\Program Files (x86)\MediaPlayerplus\26459eb6-b3d8-428b-a1af-ec8faad6aed4-3.exe]
"C:\Windows\SysNative\tasks\26459eb6-b3d8-428b-a1af-ec8faad6aed4-4" [C:\Program Files (x86)\MediaPlayerplus\26459eb6-b3d8-428b-a1af-ec8faad6aed4-4.exe]
"C:\Windows\SysNative\tasks\26459eb6-b3d8-428b-a1af-ec8faad6aed4-5" [C:\Program Files (x86)\MediaPlayerplus\26459eb6-b3d8-428b-a1af-ec8faad6aed4-5.exe]
"C:\Windows\SysNative\tasks\26459eb6-b3d8-428b-a1af-ec8faad6aed4-6" [C:\Program Files (x86)\MediaPlayerplus\MediaPlayerplus-novainstaller.exe]
"C:\Windows\SysNative\tasks\26459eb6-b3d8-428b-a1af-ec8faad6aed4-7" [C:\Program Files (x86)\MediaPlayerplus\MediaPlayerplus-nova.exe]
"C:\Windows\SysNative\tasks\Adobe Flash Player Updater" [C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe]
"C:\Windows\SysNative\tasks\AdobeAAMUpdater-1.0-ANeuchterliens-ANeuchterlien" [C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe]
"C:\Windows\SysNative\tasks\AdobeFlashPlayerUpdate" [C:\Windows\SysWOW64\FlashPlayerUpdateService.exe]
"C:\Windows\SysNative\tasks\AdobeFlashPlayerUpdate 2" [C:\Windows\SysWOW64\FlashPlayerUpdateService.exe]
"C:\Windows\SysNative\tasks\Advanced System Protector" ["C:\Program Files (x86)\RegClean Pro\SystweakASP.exe"]
"C:\Windows\SysNative\tasks\Advanced System Protector_startup" [C:\Program Files (x86)\Advanced System Protector\AdvancedSystemProtector.exe]
"C:\Windows\SysNative\tasks\Apple Diagnostics" [C:\Program Files (x86)\Common Files\Apple\Internet Services\EReporter.exe]
"C:\Windows\SysNative\tasks\d360fa68-721c-4fbf-8573-f3301fdd3d2b-1" [C:\Program Files (x86)\Freeven pro\Freeven pro-codedownloader.exe]
"C:\Windows\SysNative\tasks\d360fa68-721c-4fbf-8573-f3301fdd3d2b-3" [C:\Program Files (x86)\Freeven pro\d360fa68-721c-4fbf-8573-f3301fdd3d2b-3.exe]
"C:\Windows\SysNative\tasks\d360fa68-721c-4fbf-8573-f3301fdd3d2b-4" [C:\Program Files (x86)\Freeven pro\d360fa68-721c-4fbf-8573-f3301fdd3d2b-4.exe]
"C:\Windows\SysNative\tasks\d360fa68-721c-4fbf-8573-f3301fdd3d2b-5" [C:\Program Files (x86)\Freeven pro\d360fa68-721c-4fbf-8573-f3301fdd3d2b-5.exe]
"C:\Windows\SysNative\tasks\d360fa68-721c-4fbf-8573-f3301fdd3d2b-6" [C:\Program Files (x86)\Freeven pro\Freeven pro-novainstaller.exe]
"C:\Windows\SysNative\tasks\d360fa68-721c-4fbf-8573-f3301fdd3d2b-7" [C:\Program Files (x86)\Freeven pro\Freeven pro-nova.exe]
"C:\Windows\SysNative\tasks\GoogleUpdateTaskMachineCore" [C:\Program Files (x86)\Google\Update\GoogleUpdate.exe]
"C:\Windows\SysNative\tasks\GoogleUpdateTaskMachineUA" [C:\Program Files (x86)\Google\Update\GoogleUpdate.exe]
"C:\Windows\SysNative\tasks\RealPlayerRealUpgradeLogonTaskS-1-5-21-2049491913-1101272940-3547743518-1000" [C:\Program Files (x86)\Real\RealUpgrade\RealUpgrade.exe]
"C:\Windows\SysNative\tasks\RealPlayerRealUpgradeScheduledTaskS-1-5-21-2049491913-1101272940-3547743518-1000" [C:\Program Files (x86)\Real\RealUpgrade\RealUpgrade.exe]
"C:\Windows\SysNative\tasks\SidebarExecute" [C:\Program Files\Windows Sidebar\sidebar.exe]
"C:\Windows\SysNative\tasks\System Speedup" [C:\Program Files (x86)\System Speedup\SystemSpeedup.exe]
"C:\Windows\SysNative\tasks\System Speedup_DEFAULT" [C:\Program Files (x86)\System Speedup\SystemSpeedup.exe]
"C:\Windows\SysNative\tasks\System Speedup_UPDATES" [C:\Program Files (x86)\System Speedup\SystemSpeedup.exe]
"C:\Windows\SysNative\tasks\User_Feed_Synchronization-{7F1498CA-88CD-4917-BBDD-DB92BD837EC7}" [C:\Windows\system32\msfeedssync.exe]
"C:\Windows\SysNative\tasks\{68E197D3-FFF6-485B-B896-519594FA8323}" [C:\Program Files (x86)\BBC iPlayer Desktop\BBC iPlayer Desktop.exe]
"C:\Windows\SysNative\tasks\Apple\AppleSoftwareUpdate" [C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe]

==== Firefox Extensions Registry ======================

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Mozilla\Firefox\Extensions]
"bubbledock@nosibay.com"="C:\Program Files (x86)\Nosibay\Bubble Dock\extensions\FFSurfMatch" [07-Mar-14 07:39 PM]
[HKEY_CURRENT_USER\Software\Mozilla\Firefox\Extensions]
"{5a95a9e0-59dd-4314-bd84-4d18ca83a0e2}"="C:\Program Files (x86)\Wajam\Firefox\{5a95a9e0-59dd-4314-bd84-4d18ca83a0e2}.xpi" []

==== Chrome Look ======================

HKEY_LOCAL_MACHINE\SOFTWARE\Google\Chrome\Extensions
fdkednngfjmpnljkolbapdednncafhen - C:\Users\ANeuchterlien\AppData\Local\CRE\fdkednngfjmpnljkolbapdednncafhen.crx[]
kbjlipmgfoamgjaogmbihaffnpkpjajp - C:\Program Files (x86)\Nosibay\Bubble Dock\extensions\GCSurfMatch.crx[16-Jan-14 03:05 PM]
klibnahbojhkanfgaglnlalfkgpcppfi - C:\Users\ANeuchterlien\AppData\Local\CRE\klibnahbojhkanfgaglnlalfkgpcppfi.crx[18-Dec-13 09:20 AM]

HKEY_CURRENT_USER\SOFTWARE\Google\Chrome\Extensions
fdkednngfjmpnljkolbapdednncafhen - C:\Users\ANeuchterlien\AppData\Local\CRE\fdkednngfjmpnljkolbapdednncafhen.crx[]
klibnahbojhkanfgaglnlalfkgpcppfi - C:\Users\ANeuchterlien\AppData\Local\CRE\klibnahbojhkanfgaglnlalfkgpcppfi.crx[18-Dec-13 09:20 AM]

Google Drive - ANeuchterlien\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\apdfllckaahabafndbhieahigkjlhalf
YouTube - ANeuchterlien\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo
Google Search - ANeuchterlien\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\coobgpohoikkiipiblmjeljniedjpjpf
AdBlock - ANeuchterlien\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\gighmmpiobklfepjocnamgkkbiglidom
Hola Better Internet - ANeuchterlien\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\gkojfkhlekighikafcpjkiklfbnlmeio
TweetDeck by Twitter - ANeuchterlien\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\hbdpomandigafcibbmofojjchbcdagbl
Refresh for Twitter - ANeuchterlien\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\hdpiilkeoldobfomlhipnnfanmgfllmp
Freeven pro - ANeuchterlien\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\imonhoeiopfgoncjdldhhfjgocghkbbl
MediaPlayerplus - ANeuchterlien\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\majjphhgppkndjjkmhhnbgafooenebhd
Google Wallet - ANeuchterlien\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\nmmhkkegccagdldgiimedpiccmgmieda
Gmail - ANeuchterlien\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\pjkljhegncpnkpknbcohdijeoejaedia
Freeven pro - C:\Windows\sysWoW64\config\systemprofile\AppData\Local\Google\Chrome\User Data\Default\Extensions\imonhoeiopfgoncjdldhhfjgocghkbbl
DefaultTab - C:\Windows\sysWoW64\config\systemprofile\AppData\Local\Google\Chrome\User Data\Default\Extensions\kdidombaedgpfiiedeimiebkmbilgmlc
MediaPlayerplus - C:\Windows\sysWoW64\config\systemprofile\AppData\Local\Google\Chrome\User Data\Default\Extensions\majjphhgppkndjjkmhhnbgafooenebhd

==== IE Start and Search Settings ======================

[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Start Page"="http://search.conduit.com/?ctid=CT3...=SPAA89EBA0-6366-415E-9986-BC283B7B0681&SSPV="
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes]
No DefaultScope Set For HKCU

==== All HKCU SearchScopes ======================

HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes
{0633EE93-D776-472f-A0FF-E1416B8B2E3A} Bing Url="http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE11SR"
{0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9} Babylon Url="http://search.babylon.com/?q={searc...c_&babsrc=SP_ss_din2g&mntrId=F0B4902B34A89F3A"
{460C3D19-B3D4-4964-A550-77D263B0CCCB} Unknown Url="Not_Found"
{460C3D19-B3D4-4964-A550-77D263B0CCCB} Unknown Url="Not_Found"
{460C3D19-B3D4-4964-A550-77D263B0CCCB} Unknown Url="Not_Found"
{460C3D19-B3D4-4964-A550-77D263B0CCCB} Unknown Url="Not_Found"
{460C3D19-B3D4-4964-A550-77D263B0CCCB} Unknown Url="Not_Found"
{460C3D19-B3D4-4964-A550-77D263B0CCCB} Unknown Url="Not_Found"
{460C3D19-B3D4-4964-A550-77D263B0CCCB} Unknown Url="Not_Found"
{460C3D19-B3D4-4964-A550-77D263B0CCCB} Unknown Url="Not_Found"
{460C3D19-B3D4-4964-A550-77D263B0CCCB} Unknown Url="Not_Found"
{460C3D19-B3D4-4964-A550-77D263B0CCCB} Unknown Url="Not_Found"
{460C3D19-B3D4-4964-A550-77D263B0CCCB} Unknown Url="Not_Found"
{460C3D19-B3D4-4964-A550-77D263B0CCCB} Unknown Url="Not_Found"
{460C3D19-B3D4-4964-A550-77D263B0CCCB} Unknown Url="Not_Found"
{460C3D19-B3D4-4964-A550-77D263B0CCCB} Unknown Url="Not_Found"
{460C3D19-B3D4-4964-A550-77D263B0CCCB} Unknown Url="Not_Found"
{460C3D19-B3D4-4964-A550-77D263B0CCCB} Unknown Url="Not_Found"
{460C3D19-B3D4-4964-A550-77D263B0CCCB} Unknown Url="Not_Found"
{460C3D19-B3D4-4964-A550-77D263B0CCCB} Unknown Url="Not_Found"
{460C3D19-B3D4-4964-A550-77D263B0CCCB} Unknown Url="Not_Found"
{460C3D19-B3D4-4964-A550-77D263B0CCCB} Unknown Url="Not_Found"
{460C3D19-B3D4-4964-A550-77D263B0CCCB} Unknown Url="Not_Found"
{460C3D19-B3D4-4964-A550-77D263B0CCCB} Unknown Url="Not_Found"
{460C3D19-B3D4-4964-A550-77D263B0CCCB} Unknown Url="Not_Found"
{460C3D19-B3D4-4964-A550-77D263B0CCCB} Unknown Url="Not_Found"
{460C3D19-B3D4-4964-A550-77D263B0CCCB} Unknown Url="Not_Found"
{460C3D19-B3D4-4964-A550-77D263B0CCCB} Unknown Url="Not_Found"
{460C3D19-B3D4-4964-A550-77D263B0CCCB} Unknown Url="Not_Found"
{460C3D19-B3D4-4964-A550-77D263B0CCCB} Unknown Url="Not_Found"
{460C3D19-B3D4-4964-A550-77D263B0CCCB} Unknown Url="Not_Found"
{460C3D19-B3D4-4964-A550-77D263B0CCCB} Unknown Url="Not_Found"
{460C3D19-B3D4-4964-A550-77D263B0CCCB} Unknown Url="Not_Found"
{460C3D19-B3D4-4964-A550-77D263B0CCCB} Unknown Url="Not_Found"
{460C3D19-B3D4-4964-A550-77D263B0CCCB} Unknown Url="Not_Found"
{460C3D19-B3D4-4964-A550-77D263B0CCCB} Unknown Url="Not_Found"
{460C3D19-B3D4-4964-A550-77D263B0CCCB} Unknown Url="Not_Found"
{460C3D19-B3D4-4964-A550-77D263B0CCCB} Unknown Url="Not_Found"
{460C3D19-B3D4-4964-A550-77D263B0CCCB} Unknown Url="Not_Found"
{460C3D19-B3D4-4964-A550-77D263B0CCCB} Unknown Url="Not_Found"
{460C3D19-B3D4-4964-A550-77D263B0CCCB} Unknown Url="Not_Found"
{460C3D19-B3D4-4964-A550-77D263B0CCCB} Unknown Url="Not_Found"
{460C3D19-B3D4-4964-A550-77D263B0CCCB} Unknown Url="Not_Found"
{460C3D19-B3D4-4964-A550-77D263B0CCCB} Unknown Url="Not_Found"
{460C3D19-B3D4-4964-A550-77D263B0CCCB} Unknown Url="Not_Found"
{460C3D19-B3D4-4964-A550-77D263B0CCCB} Unknown Url="Not_Found"
{460C3D19-B3D4-4964-A550-77D263B0CCCB} Unknown Url="Not_Found"
{460C3D19-B3D4-4964-A550-77D263B0CCCB} Unknown Url="Not_Found"
{460C3D19-B3D4-4964-A550-77D263B0CCCB} Unknown Url="Not_Found"
{460C3D19-B3D4-4964-A550-77D263B0CCCB} Unknown Url="Not_Found"
{460C3D19-B3D4-4964-A550-77D263B0CCCB} Unknown Url="Not_Found"
{460C3D19-B3D4-4964-A550-77D263B0CCCB} Unknown Url="Not_Found"
{460C3D19-B3D4-4964-A550-77D263B0CCCB} Unknown Url="Not_Found"
{460C3D19-B3D4-4964-A550-77D263B0CCCB} Unknown Url="Not_Found"
{460C3D19-B3D4-4964-A550-77D263B0CCCB} Unknown Url="Not_Found"
{460C3D19-B3D4-4964-A550-77D263B0CCCB} Unknown Url="Not_Found"
{460C3D19-B3D4-4964-A550-77D263B0CCCB} Unknown Url="Not_Found"
{460C3D19-B3D4-4964-A550-77D263B0CCCB} Unknown Url="Not_Found"
{460C3D19-B3D4-4964-A550-77D263B0CCCB} Unknown Url="Not_Found"
{460C3D19-B3D4-4964-A550-77D263B0CCCB} Unknown Url="Not_Found"
{460C3D19-B3D4-4964-A550-77D263B0CCCB} Unknown Url="Not_Found"
{460C3D19-B3D4-4964-A550-77D263B0CCCB} Unknown Url="Not_Found"
{460C3D19-B3D4-4964-A550-77D263B0CCCB} Unknown Url="Not_Found"
{460C3D19-B3D4-4964-A550-77D263B0CCCB} Unknown Url="Not_Found"
{460C3D19-B3D4-4964-A550-77D263B0CCCB} Unknown Url="Not_Found"
{460C3D19-B3D4-4964-A550-77D263B0CCCB} Unknown Url="Not_Found"
{460C3D19-B3D4-4964-A550-77D263B0CCCB} Unknown Url="Not_Found"
{460C3D19-B3D4-4964-A550-77D263B0CCCB} Unknown Url="Not_Found"
{460C3D19-B3D4-4964-A550-77D263B0CCCB} Unknown Url="Not_Found"
{460C3D19-B3D4-4964-A550-77D263B0CCCB} Unknown Url="Not_Found"
{460C3D19-B3D4-4964-A550-77D263B0CCCB} Unknown Url="Not_Found"
{460C3D19-B3D4-4964-A550-77D263B0CCCB} Unknown Url="Not_Found"
{460C3D19-B3D4-4964-A550-77D263B0CCCB} Unknown Url="Not_Found"
{460C3D19-B3D4-4964-A550-77D263B0CCCB} Unknown Url="Not_Found"
{460C3D19-B3D4-4964-A550-77D263B0CCCB} Unknown Url="Not_Found"
{460C3D19-B3D4-4964-A550-77D263B0CCCB} Unknown Url="Not_Found"
{460C3D19-B3D4-4964-A550-77D263B0CCCB} Unknown Url="Not_Found"
{460C3D19-B3D4-4964-A550-77D263B0CCCB} Unknown Url="Not_Found"
{460C3D19-B3D4-4964-A550-77D263B0CCCB} Unknown Url="Not_Found"
{460C3D19-B3D4-4964-A550-77D263B0CCCB} Unknown Url="Not_Found"
{460C3D19-B3D4-4964-A550-77D263B0CCCB} Unknown Url="Not_Found"
{460C3D19-B3D4-4964-A550-77D263B0CCCB} Unknown Url="Not_Found"
{460C3D19-B3D4-4964-A550-77D263B0CCCB} Unknown Url="Not_Found"
{460C3D19-B3D4-4964-A550-77D263B0CCCB} Unknown Url="Not_Found"
{460C3D19-B3D4-4964-A550-77D263B0CCCB} Unknown Url="Not_Found"
{460C3D19-B3D4-4964-A550-77D263B0CCCB} Unknown Url="Not_Found"
{460C3D19-B3D4-4964-A550-77D263B0CCCB} Unknown Url="Not_Found"
{460C3D19-B3D4-4964-A550-77D263B0CCCB} Unknown Url="Not_Found"
{460C3D19-B3D4-4964-A550-77D263B0CCCB} Unknown Url="Not_Found"
{460C3D19-B3D4-4964-A550-77D263B0CCCB} Unknown Url="Not_Found"
{460C3D19-B3D4-4964-A550-77D263B0CCCB} Unknown Url="Not_Found"
{460C3D19-B3D4-4964-A550-77D263B0CCCB} Unknown Url="Not_Found"
{460C3D19-B3D4-4964-A550-77D263B0CCCB} Unknown Url="Not_Found"
{460C3D19-B3D4-4964-A550-77D263B0CCCB} Unknown Url="Not_Found"
{460C3D19-B3D4-4964-A550-77D263B0CCCB} Unknown Url="Not_Found"
{460C3D19-B3D4-4964-A550-77D263B0CCCB} Unknown Url="Not_Found"
{460C3D19-B3D4-4964-A550-77D263B0CCCB} Unknown Url="Not_Found"
{460C3D19-B3D4-4964-A550-77D263B0CCCB} Unknown Url="Not_Found"
{460C3D19-B3D4-4964-A550-77D263B0CCCB} Unknown Url="Not_Found"
{460C3D19-B3D4-4964-A550-77D263B0CCCB} Unknown Url="Not_Found"
{460C3D19-B3D4-4964-A550-77D263B0CCCB} Unknown Url="Not_Found"
{460C3D19-B3D4-4964-A550-77D263B0CCCB} Unknown Url="Not_Found"
{460C3D19-B3D4-4964-A550-77D263B0CCCB} Unknown Url="Not_Found"
{460C3D19-B3D4-4964-A550-77D263B0CCCB} Unknown Url="Not_Found"
{460C3D19-B3D4-4964-A550-77D263B0CCCB} Unknown Url="Not_Found"
{460C3D19-B3D4-4964-A550-77D263B0CCCB} Unknown Url="Not_Found"
{460C3D19-B3D4-4964-A550-77D263B0CCCB} Unknown Url="Not_Found"
{460C3D19-B3D4-4964-A550-77D263B0CCCB} Unknown Url="Not_Found"
{460C3D19-B3D4-4964-A550-77D263B0CCCB} Unknown Url="Not_Found"
{460C3D19-B3D4-4964-A550-77D263B0CCCB} Unknown Url="Not_Found"
{460C3D19-B3D4-4964-A550-77D263B0CCCB} Unknown Url="Not_Found"
{460C3D19-B3D4-4964-A550-77D263B0CCCB} Unknown Url="Not_Found"
{460C3D19-B3D4-4964-A550-77D263B0CCCB} Unknown Url="Not_Found"
{460C3D19-B3D4-4964-A550-77D263B0CCCB} Unknown Url="Not_Found"
{460C3D19-B3D4-4964-A550-77D263B0CCCB} Unknown Url="Not_Found"
{460C3D19-B3D4-4964-A550-77D263B0CCCB} Unknown Url="Not_Found"
{460C3D19-B3D4-4964-A550-77D263B0CCCB} Unknown Url="Not_Found"
{460C3D19-B3D4-4964-A550-77D263B0CCCB} Unknown Url="Not_Found"
{460C3D19-B3D4-4964-A550-77D263B0CCCB} Unknown Url="Not_Found"
{460C3D19-B3D4-4964-A550-77D263B0CCCB} Unknown Url="Not_Found"
{460C3D19-B3D4-4964-A550-77D263B0CCCB} Unknown Url="Not_Found"
{460C3D19-B3D4-4964-A550-77D263B0CCCB} Unknown Url="Not_Found"
{460C3D19-B3D4-4964-A550-77D263B0CCCB} Unknown Url="Not_Found"
{460C3D19-B3D4-4964-A550-77D263B0CCCB} Unknown Url="Not_Found"
{460C3D19-B3D4-4964-A550-77D263B0CCCB} Unknown Url="Not_Found"
{460C3D19-B3D4-4964-A550-77D263B0CCCB} Unknown Url="Not_Found"
{460C3D19-B3D4-4964-A550-77D263B0CCCB} Unknown Url="Not_Found"
{460C3D19-B3D4-4964-A550-77D263B0CCCB} Unknown Url="Not_Found"
{460C3D19-B3D4-4964-A550-77D263B0CCCB} Unknown Url="Not_Found"
{460C3D19-B3D4-4964-A550-77D263B0CCCB} Unknown Url="Not_Found"
{460C3D19-B3D4-4964-A550-77D263B0CCCB} Unknown Url="Not_Found"
{460C3D19-B3D4-4964-A550-77D263B0CCCB} Unknown Url="Not_Found"
{460C3D19-B3D4-4964-A550-77D263B0CCCB} Unknown Url="Not_Found"
{460C3D19-B3D4-4964-A550-77D263B0CCCB} Unknown Url="Not_Found"
{460C3D19-B3D4-4964-A550-77D263B0CCCB} Unknown Url="Not_Found"
{460C3D19-B3D4-4964-A550-77D263B0CCCB} Unknown Url="Not_Found"
{460C3D19-B3D4-4964-A550-77D263B0CCCB} Unknown Url="Not_Found"
{460C3D19-B3D4-4964-A550-77D263B0CCCB} Unknown Url="Not_Found"
{460C3D19-B3D4-4964-A550-77D263B0CCCB} Unknown Url="Not_Found"
{460C3D19-B3D4-4964-A550-77D263B0CCCB} Unknown Url="Not_Found"
{460C3D19-B3D4-4964-A550-77D263B0CCCB} Unknown Url="Not_Found"
{460C3D19-B3D4-4964-A550-77D263B0CCCB} Unknown Url="Not_Found"
{460C3D19-B3D4-4964-A550-77D263B0CCCB} Unknown Url="Not_Found"
{460C3D19-B3D4-4964-A550-77D263B0CCCB} Unknown Url="Not_Found"
{460C3D19-B3D4-4964-A550-77D263B0CCCB} Unknown Url="Not_Found"
{460C3D19-B3D4-4964-A550-77D263B0CCCB} Unknown Url="Not_Found"
{460C3D19-B3D4-4964-A550-77D263B0CCCB} Unknown Url="Not_Found"
{460C3D19-B3D4-4964-A550-77D263B0CCCB} Unknown Url="Not_Found"
{460C3D19-B3D4-4964-A550-77D263B0CCCB} Unknown Url="Not_Found"
{460C3D19-B3D4-4964-A550-77D263B0CCCB} Unknown Url="Not_Found"
{460C3D19-B3D4-4964-A550-77D263B0CCCB} Unknown Url="Not_Found"
{460C3D19-B3D4-4964-A550-77D263B0CCCB} Unknown Url="Not_Found"
{460C3D19-B3D4-4964-A550-77D263B0CCCB} Unknown Url="Not_Found"
{460C3D19-B3D4-4964-A550-77D263B0CCCB} Unknown Url="Not_Found"
{460C3D19-B3D4-4964-A550-77D263B0CCCB} Unknown Url="Not_Found"
{460C3D19-B3D4-4964-A550-77D263B0CCCB} Unknown Url="Not_Found"
{460C3D19-B3D4-4964-A550-77D263B0CCCB} Unknown Url="Not_Found"
{460C3D19-B3D4-4964-A550-77D263B0CCCB} Unknown Url="Not_Found"
{460C3D19-B3D4-4964-A550-77D263B0CCCB} Unknown Url="Not_Found"
{460C3D19-B3D4-4964-A550-77D263B0CCCB} Unknown Url="Not_Found"
{460C3D19-B3D4-4964-A550-77D263B0CCCB} Unknown Url="Not_Found"
{460C3D19-B3D4-4964-A550-77D263B0CCCB} Unknown Url="Not_Found"
{460C3D19-B3D4-4964-A550-77D263B0CCCB} Unknown Url="Not_Found"
{460C3D19-B3D4-4964-A550-77D263B0CCCB} Unknown Url="Not_Found"
{460C3D19-B3D4-4964-A550-77D263B0CCCB} Unknown Url="Not_Found"
{460C3D19-B3D4-4964-A550-77D263B0CCCB} Unknown Url="Not_Found"
{460C3D19-B3D4-4964-A550-77D263B0CCCB} Unknown Url="Not_Found"
{460C3D19-B3D4-4964-A550-77D263B0CCCB} Unknown Url="Not_Found"
{460C3D19-B3D4-4964-A550-77D263B0CCCB} Unknown Url="Not_Found"
{460C3D19-B3D4-4964-A550-77D263B0CCCB} Unknown Url="Not_Found"
{460C3D19-B3D4-4964-A550-77D263B0CCCB} Unknown Url="Not_Found"
{460C3D19-B3D4-4964-A550-77D263B0CCCB} Unknown Url="Not_Found"
{460C3D19-B3D4-4964-A550-77D263B0CCCB} Unknown Url="Not_Found"
{460C3D19-B3D4-4964-A550-77D263B0CCCB} Unknown Url="Not_Found"
{460C3D19-B3D4-4964-A550-77D263B0CCCB} Unknown Url="Not_Found"
{460C3D19-B3D4-4964-A550-77D263B0CCCB} Unknown Url="Not_Found"
{460C3D19-B3D4-4964-A550-77D263B0CCCB} Unknown Url="Not_Found"
{460C3D19-B3D4-4964-A550-77D263B0CCCB} Unknown Url="Not_Found"
{460C3D19-B3D4-4964-A550-77D263B0CCCB} Unknown Url="Not_Found"
{460C3D19-B3D4-4964-A550-77D263B0CCCB} Unknown Url="Not_Found"
{460C3D19-B3D4-4964-A550-77D263B0CCCB} Unknown Url="Not_Found"
{460C3D19-B3D4-4964-A550-77D263B0CCCB} Unknown Url="Not_Found"
{460C3D19-B3D4-4964-A550-77D263B0CCCB} Unknown Url="Not_Found"
{460C3D19-B3D4-4964-A550-77D263B0CCCB} Unknown Url="Not_Found"
{460C3D19-B3D4-4964-A550-77D263B0CCCB} Unknown Url="Not_Found"
{460C3D19-B3D4-4964-A550-77D263B0CCCB} Unknown Url="Not_Found"
{460C3D19-B3D4-4964-A550-77D263B0CCCB} Unknown Url="Not_Found"
{460C3D19-B3D4-4964-A550-77D263B0CCCB} Unknown Url="Not_Found"
{460C3D19-B3D4-4964-A550-77D263B0CCCB} Unknown Url="Not_Found"
{460C3D19-B3D4-4964-A550-77D263B0CCCB} Unknown Url="Not_Found"
{460C3D19-B3D4-4964-A550-77D263B0CCCB} Unknown Url="Not_Found"
{460C3D19-B3D4-4964-A550-77D263B0CCCB} Unknown Url="Not_Found"
{460C3D19-B3D4-4964-A550-77D263B0CCCB} Unknown Url="Not_Found"

==== Uninstall List x64 ======================

@BIOS [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{B2DC3F08-2EB2-49A5-AA24-15DFC8B1CB83}]
3TB+Unlock B11.0919.1 [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{17630FD1-B14A-4CA5-A627-B6B5F7DD41CF}]
Adobe AIR [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{A0087DDE-69D0-11E2-AD57-43CA6188709B}]
Adobe AIR [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\Adobe AIR]
Adobe Creative Cloud [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\Adobe Creative Cloud]
Adobe Flash Player 13 ActiveX [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\Adobe Flash Player ActiveX]
Adobe Flash Player 13 Plugin [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\Adobe Flash Player Plugin]
Adobe Photoshop CC [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{2D99B50E-431D-4AA8-85C1-172A6F8BCF09}]
AMD Accelerated Video Transcoding [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{89EE4A30-080F-2C95-6F78-C98D18FBD74D}]
AMD APP SDK Runtime [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{503F672D-6C84-448A-8F8F-4BC35AC83441}]
AMD Catalyst Install Manager [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{5E03A267-415E-5383-FA8F-3CE4145663B9}]
AMD Drag and Drop Transcoding [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{E9FEA3E7-500C-5E1A-046C-C691EF13FD56}]
AMD Fuel [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{3145731D-C578-70ED-899F-7A670D2A6662}]
AMD Media Foundation Decoders [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{4975DE61-6BF6-B9BC-1FDE-C04C5EC78E4C}]
AMD VISION Engine Control Center [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{63326924-3CAF-C858-3A8F-8598C87019D7}]
Apple Application Support [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{AAC5D43E-816D-4C2D-8E51-55FFF35BE301}]
Apple Mobile Device Support [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{787136D2-F0F8-4625-AA3F-72D7795AC842}]
Apple Software Update [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}]
ATI AVIVO64 Codecs [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{D7B3B493-7B68-28CE-5931-89A5125C45D3}]
AutoGreen B12.0206.1 [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{C75FAD21-EC08-42F3-92D6-C9C0AB355345}]
AutoGreen B12.0206.1 [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\InstallShield_{C75FAD21-EC08-42F3-92D6-C9C0AB355345}]
AVG 2013 [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{0987D7D5-747E-455A-84AF-80F058492FAD}]
AVG 2013 [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{EF13DB20-03BE-4EDD-9C48-05ED03E3E852}]
AVG 2013 [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\AVG]
Blacklight Retribution [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\Blacklight Retribution]
Call of Duty(R) - World at War(TM) [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{D80A6A73-E58A-4673-AFF5-F12D7110661F}]
Call of Duty(R) - World at War(TM) [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\InstallShield_{D80A6A73-E58A-4673-AFF5-F12D7110661F}]
Call of Duty(R) - World at War(TM) 1.1 Patch [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{AFAE2B15-89A0-4215-A030-F7B5B478886B}]
Call of Duty(R) - World at War(TM) 1.1 Patch [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\InstallShield_{AFAE2B15-89A0-4215-A030-F7B5B478886B}]
Call of Duty(R) - World at War(TM) 1.2 Patch [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{2BF0AE92-C3BC-4112-9066-1546342B1FAE}]
Call of Duty(R) - World at War(TM) 1.2 Patch [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\InstallShield_{2BF0AE92-C3BC-4112-9066-1546342B1FAE}]
Call of Duty(R) - World at War(TM) 1.3 Patch [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{149464D9-B06F-4505-9968-FD1206F67AD3}]
Call of Duty(R) - World at War(TM) 1.3 Patch [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\InstallShield_{149464D9-B06F-4505-9968-FD1206F67AD3}]
Call of Duty(R) - World at War(TM) 1.4 Patch [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{9F01A67B-7D67-482F-9D4F-D5980A440FD4}]
Call of Duty(R) - World at War(TM) 1.4 Patch [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\InstallShield_{9F01A67B-7D67-482F-9D4F-D5980A440FD4}]
Call of Duty(R) - World at War(TM) 1.5 Patch [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{C3DC2DF5-EFAC-4055-9010-31F7C545DD9E}]
Call of Duty(R) - World at War(TM) 1.5 Patch [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\InstallShield_{C3DC2DF5-EFAC-4055-9010-31F7C545DD9E}]
Call of Duty(R) - World at War(TM) 1.6 Patch [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{064DC64E-7A2F-4FDF-B598-E3C0747BBB9C}]
Call of Duty(R) - World at War(TM) 1.6 Patch [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\InstallShield_{064DC64E-7A2F-4FDF-B598-E3C0747BBB9C}]
Call of Duty(R) - World at War(TM) 1.7 Patch [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{750C87B8-AF19-4C3C-B791-50D9C83AE572}]
Call of Duty(R) - World at War(TM) 1.7 Patch [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\InstallShield_{750C87B8-AF19-4C3C-B791-50D9C83AE572}]
Call of Duty: Black Ops II - Multiplayer [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\Steam App 202990]
Catalyst Control Center - Branding [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{E2F0AF23-FE2F-4222-9A43-55E63CC41EF1}]
Catalyst Control Center Graphics Previews Common [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{D4B457B2-260F-C561-CA87-703BD3B724CA}]
Catalyst Control Center InstallProxy [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{769F2A4B-84A3-9486-ADD2-9E5AB4B4E1E3}]
Catalyst Control Center Localization All [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{ECFD508E-68A2-91B2-46DD-1D03D783D94B}]
ccc-utility64 [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{9CF11D16-ECEB-90A5-A028-CA9E068D848B}]
CCC Help Chinese Standard [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{A9C64319-932F-D02B-B14C-FFFC3EC49E77}]
CCC Help Chinese Traditional [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{D6CDB506-297D-AE70-0EF6-DE5185F961BE}]
CCC Help Czech [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{054E9A1C-3EA2-C657-E787-FD8DCF5C3D3B}]
CCC Help Danish [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{224E8FEB-5C1F-077F-6FC5-602AC1AE644D}]
CCC Help Dutch [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{F56F54DD-BCB2-1221-2CB7-E983A5CF9D15}]
CCC Help English [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{3F1EB155-F96E-EB7B-2EF2-7375490E0FA9}]
CCC Help Finnish [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{F1E7DD6A-AE2D-D706-BEB3-937F76CA6AE9}]
CCC Help French [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{017F8447-2A1D-0DDB-B5D7-CA2BFACE2886}]
CCC Help German [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{1DE2BD51-0300-772D-5E18-F337D95D5687}]
CCC Help Greek [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{63822E89-11AA-F8EC-D433-F72A85799EC0}]
CCC Help Hungarian [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{EDE361D5-35A5-DA7D-3462-C3DABD24029B}]
CCC Help Italian [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{4B023D7B-9E67-795D-FB31-B5E1F6DCA451}]
CCC Help Japanese [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{275E9C49-C72F-D754-DEB7-77F10A9C00D8}]
CCC Help Korean [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{C09DB932-7619-7B56-30E3-C0454811D6D7}]
CCC Help Norwegian [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{8773DD1C-5FB2-95B5-5A93-0EFEAC900A4D}]
CCC Help Polish [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{66361420-4905-AEB8-17AE-172FDD164A7E}]
CCC Help Portuguese [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{8CCBB0BF-9CC1-1A65-BB93-56012A460EE6}]
CCC Help Russian [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{55F6C486-8C75-2A72-DAFE-CE78A624C9F7}]
CCC Help Spanish [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{30049739-BE95-6591-B504-E6D7057D49CC}]
CCC Help Swedish [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{C22A4697-BD77-ACB1-744F-1FD0A0BFF798}]
CCC Help Thai [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{5AF23993-7152-1620-E43F-1B4542FB4F84}]
CCC Help Turkish [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{A0A3CE05-96CB-52E9-434E-074F3BB7807E}]
Counter-Strike [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\Steam App 10]
Counter-Strike: Condition Zero [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\Steam App 80]
Counter-Strike: Condition Zero Deleted Scenes [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\Steam App 100]
Counter-Strike: Global Offensive [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\Steam App 730]
Counter-Strike: Source [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\Steam App 240]
Counter-Strike: Source Beta [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\Steam App 260]
Dota 2 [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\Steam App 570]
Easy Tune 6 B12.0509.1 [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{457D7505-D665-4F95-91C3-ECB8C56E9ACA}]
Easy Tune 6 B12.0509.1 [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\InstallShield_{457D7505-D665-4F95-91C3-ECB8C56E9ACA}]
Etron USB3.0 Host Controller [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{DFBB738C-71D8-4DC5-B8D2-D65C37680E27}]
Freeven pro [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\Freeven pro]
Garry's Mod [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\Steam App 4000]
Google Chrome [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\Google Chrome]
Google Update Helper [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}]
Gyazo 2.0.2 [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{6DB8C365-E719-4BA5-9594-10DFC244D3FD}_is1]
HydraVision [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{31CA2FC8-BBCC-A59C-3211-345EF6EDCCE1}]
iCloud [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{81E20D41-C277-4526-934D-F2380AF91B78}]
iTunes [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{B8BA155B-1E75-405F-9CB4-8A99615D09DC}]
Java 7 Update 40 (64-bit) [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{26A24AE4-039D-4CA4-87B4-2F86417040FF}]
Java 7 Update 55 [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{26A24AE4-039D-4CA4-87B4-2F83217051FF}]
Java Auto Updater [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{4A03706F-666A-4037-7777-5F2748764D10}]
League of Legends [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{92606477-9366-4D3B-8AE3-6BE4B29727AB}]
Leawo DVD Creator version 5.3.0.0 [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{29312768-5795-483C-805A-7D01B8FC7C0E}_is1]
Left 4 Dead 2 [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\Steam App 550]
Logitech Touch Mouse Server 1.0 [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\Logitech Touch Mouse Server]
MediaPlayerplus [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\MediaPlayerplus]
Microsoft .NET Framework 4.5.1 [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{7DEBE4EB-6B40-3766-BB35-5CBBC385DA37}]
Microsoft .NET Framework 4.5.1 [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033]
Microsoft Silverlight [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}]
Microsoft Visual C++ 2005 Redistributable (x64) [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}]
Microsoft Visual C++ 2005 Redistributable (x64) [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}]
Microsoft Visual C++ 2005 Redistributable [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}]
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{8220EEFE-38CD-377E-8595-13398D740ACE}]
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}]
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}]
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}]
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{9A25302D-30C0-39D9-BD6F-21E6EC160475}]
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}]
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{9BE518E6-ECC6-35A9-88E4-87755C07200F}]
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}]
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}]
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.51106 [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{8e70e4e1-06d7-470b-9f74-a51bef21088e}]
Microsoft Visual C++ 2012 x86 Additional Runtime - 11.0.51106 [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{6C772996-BFF3-3C8C-860B-B3D48FF05D65}]
Microsoft Visual C++ 2012 x86 Minimum Runtime - 11.0.51106 [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{E824E81C-80A4-3DFF-B5F9-4842A9FF5F7F}]
MOUSE Editor [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{8496B9A5-F260-4DF0-BCB3-4BA59FDC10BB}]
Mouse Editor [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\InstallShield_{8496B9A5-F260-4DF0-BCB3-4BA59FDC10BB}]
NirSoft BlueScreenView [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\NirSoft BlueScreenView]
NVIDIA PhysX [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{3F5C371F-8EA2-4F25-9D3D-D0B4526E3AEA}]
ON_OFF Charge B11.1102.1 [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{3DECD372-76A1-4483-BF10-B547790A3261}]
Open Broadcaster Software [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\Open Broadcaster Software]
PDF Settings CC [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{1FBAE18D-4DE4-47AA-83EC-D1B046F262DC}]
PDFCreator [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{0001B4FD-9EA3-4D90-A79E-FD14BA3AB01D}]
PlanetSide 2 [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\Steam App 218230]
QuickTime 7 [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{111EE7DF-FC45-40C7-98A7-753AC46B12FB}]
Realtek Ethernet Controller Driver [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}]
Realtek HDMI Audio Driver for ATI [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{5449FB4F-1802-4D5B-A6D8-087DB1142147}]
Realtek High Definition Audio Driver [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}]
Samsung_MonSetup [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{8EA79DBF-D637-448A-89D6-410A087A4493}]
SkypeT 6.14 [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{7A3C7E05-EE37-47D6-99E1-2EB05A3DA3F7}]
Spotify [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Uninstall\Spotify]
Steam [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{048298C9-A4D3-490B-9FF9-AB023A9238F3}]
SVW322P [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{3A560BD8-FDB0-45ED-A1C7-9D44EA29F744}]
TweetDeck [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{C4ADB67B-C908-4D94-B85E-585D2F3F9118}]
VLC media player 2.1.3 [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\VLC media player]
WinRAR 4.20 (32-bit) [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\WinRAR archiver]
WinRAR 4.20 (64-bit) [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\WinRAR archiver]

==== HijackThis Entries ======================

R3 - URLSearchHook: (no name) - {84FF7BD6-B47F-46F8-9130-01B2696B36CB} - (no file)
F2 - REG:system.ini: UserInit=userinit.exe
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll
O2 - BHO: DefaultTabBHO - {7F6AFBF1-E065-4627-A2FD-810366367D01} - C:\Users\ANeuchterlien\AppData\Roaming\DefaultTab\DefaultTab\DefaultTabBHO.dll (file missing)
O2 - BHO: (no name) - {84FF7BD6-B47F-46F8-9130-01B2696B36CB} - (no file)
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll
O2 - BHO: Yontoo Layers - {FD72061E-9FDE-484D-A58A-0BAB4151CAD8} - C:\Program Files (x86)\Yontoo\YontooIEClient.dll (file missing)
O3 - Toolbar: (no name) - {ae07101b-46d4-4a98-af68-0333ea26e113} - (no file)
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files (x86)\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [mobilegeni daemon] C:\Program Files (x86)\Mobogenie\DaemonProcess.exe
O4 - HKLM\..\Run: [Adobe Creative Cloud] "C:\Program Files (x86)\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe" --showwindow=false --onOSstartup=true
O4 - HKLM\..\Run: [AVG_UI] "C:\Program Files (x86)\AVG\AVG2013\avgui.exe" /TRAYONLY
O4 - HKLM\..\RunOnce: [EasyTuneVI] C:\Program Files (x86)\GIGABYTE\ET6\ETCall.exe
O4 - HKCU\..\Run: [Spotify Web Helper] "C:\Users\ANeuchterlien\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe"
O4 - HKCU\..\Run: [HydraVisionDesktopManager] "C:\Program Files (x86)\ATI Technologies\HydraVision\HydraDM.exe"
O4 - HKCU\..\Run: [GoogleChromeAutoLaunch_F84D0492B1EDE16DAC281FB97DC09EFB] "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --no-startup-window
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-18\..\RunOnce: [SpUninstallDeleteDir] rmdir /s /q "\SearchProtect" (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\RunOnce: [SpUninstallDeleteDir] rmdir /s /q "\SearchProtect" (User 'Default user')
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O15 - Trusted Zone: *.clonewarsadventures.com
O15 - Trusted Zone: *.freerealms.com
O15 - Trusted Zone: *.soe.com
O15 - Trusted Zone: *.sony.com
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: AMD External Events Utility - Unknown owner - C:\Windows\system32\atiesrxx.exe (file missing)
O23 - Service: AMD FUEL Service - Advanced Micro Devices, Inc. - C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
O23 - Service: AppleChargerSrv - Unknown owner - C:\Windows\system32\AppleChargerSrv.exe (file missing)
O23 - Service: AVGIDSAgent - AVG Technologies CZ, s.r.o. - C:\Program Files (x86)\AVG\AVG2013\avgidsagent.exe
O23 - Service: AVG WatchDog (avgwd) - AVG Technologies CZ, s.r.o. - C:\Program Files (x86)\AVG\AVG2013\avgwdsvc.exe
O23 - Service: buuoujqmrk64 - Unknown owner - C:\Program Files\003\buuoujqmrk64.exe
O23 - Service: CorelCreatorMessages - Unknown owner - C:\Windows\system32\CorelCreatorMessages.exe (file missing)
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: Google Update Service (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Google Update Service (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Intel(R) Integrated Clock Controller Service - Intel(R) ICCS (ICCS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Integrated Clock Controller Service\ICCProxy.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\Windows\system32\IEEtwCollector.exe (file missing)
O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Level Quality Watcher - Unknown owner - C:\Program Files\Level Quality Watcher\v1.01\levelqualitywatcher64.exe
O23 - Service: MgAssist Service (MgAssistService) - Unknown owner - C:\Program Files (x86)\Mobogenie\MgAssist.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files (x86)\Skype\Updater\Updater.exe
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files (x86)\Common Files\Steam\SteamService.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)

==== C:\zoek_backup content ======================

C:\zoek_backup (files=0 folders=0 0 bytes)

==== EOF on 14-May-14 at 20:51:44.13 ======================
 
TwinHeadedEagle

TwinHeadedEagle

Level 41
Verified
Mar 8, 2013
22,627
> Re-run zoek with the script below and attach here fresh zoek log results.
NOTICE: This script was written specifically for this user, for use on that particular machine. Running this on another machine may cause damage to the operating system

Code: 
C:\Windows\System32\GroupPolicy\GPT.INI;f
C:\Windows\SysWOW64\GroupPolicy\gpt.ini;f
C:\Windows\System32\GroupPolicy\Machine;fs
C:\Windows\System32\GroupPolicy\User;fs
C:\PROGRA~2\MediaPlayerplus;fs
C:\PROGRA~2\Freeven pro;fs
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run];r
"mobilegeni daemon"=-;r
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\SearchProtect];r
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\SearchProtectAll];r
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\Yontoo Desktop];r
C:\\Users\\ANeuchterlien\\AppData\\Roaming\\Yontoo;fs
C:\\Users\\ANeuchterlien\\AppData\\Roaming\\SearchProtect;fs
C:\Program Files (x86)\Freeven pro;fs
C:\Program Files (x86)\MediaPlayerplus;fs
C:\Program Files (x86)\System Speedup;fs
C:\Program Files (x86)\Wajam;fs
fdkednngfjmpnljkolbapdednncafhen;chr
klibnahbojhkanfgaglnlalfkgpcppfi;chr
imonhoeiopfgoncjdldhhfjgocghkbbl;chr
majjphhgppkndjjkmhhnbgafooenebhd;chr
kdidombaedgpfiiedeimiebkmbilgmlc;chr
autoclean;
emptyalltemp;
emptyclsid;
ipconfig /flushdns;b
 

Similar threads

Mr.X
Question [TemplatePModPaths] in Templates.ini
Replies
6
Views
676
Sandboxie
Mr.X
Mr.X
K
  • Locked
PowerShell/MaleficAms Powershell Infection Please Help
Replies
2
Views
2,001
Windows Malware Removal Help & Support
nasdaq
nasdaq
F
    • Like
  • Locked
Service Host: Network List Service...Virus?
Replies
11
Views
1,873
Windows Malware Removal Help & Support
nasdaq
nasdaq

About us

  • MalwareTips is a community-driven platform providing the latest information and resources on malware and cyber threats. Our team of experienced professionals and passionate volunteers work to keep the internet safe and secure. We provide accurate, up-to-date information and strive to build a strong and supportive community dedicated to cybersecurity.

Quick Navigation

Forum Rules Warning System Welcome Guide Two-factor Authentication

User Menu

Login

Follow us

Follow us on Facebook or Twitter to know first about the latest cybersecurity incidents and malware threats.

Top