Bleepingcomputer Logs 2

-------Malwarebytes log-------

Malwarebytes Anti-Malware 1.70.0.1100
www.malwarebytes.org

Database version: v2013.03.01.02

Windows 7 Service Pack 1 x86 NTFS
Internet Explorer 8.0.7601.17514
PC :: PC-PC [administrator]

3/1/2013 12:39:20 PM
mbam-log-2013-03-01 (12-39-20).txt

Scan type: Quick scan
Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM
Scan options disabled: P2P
Objects scanned: 213268
Time elapsed: 18 minute(s), 5 second(s)

Memory Processes Detected: 0
(No malicious items detected)

Memory Modules Detected: 0
(No malicious items detected)

Registry Keys Detected: 0
(No malicious items detected)

Registry Values Detected: 0
(No malicious items detected)

Registry Data Items Detected: 0
(No malicious items detected)

Folders Detected: 0
(No malicious items detected)

Files Detected: 2
C:\Users\PC\AppData\Roaming\desktop.ini (Rootkit.0access) -> Quarantined and deleted successfully.
C:\Users\PC\AppData\Roaming\ntuser.dat (Misused.Legit) -> Quarantined and deleted successfully.

(end)


-------MiniToolBox Log-------

MiniToolBox by Farbar  Version:10-01-2013
Ran by PC (administrator) on 01-03-2013 at 13:06:26
Running from "C:\Users\PC\Desktop"
Windows 7 Home Basic Service Pack 1 (X86)
Boot Mode: Normal
***************************************************************************

========================= Flush DNS: ===================================

Windows IP Configuration

Successfully flushed the DNS Resolver Cache.

========================= IE Proxy Settings: ==============================

Proxy is not enabled.
No Proxy Server is set.

"Reset IE Proxy Settings": IE Proxy Settings were reset.

========================= FF Proxy Settings: ==============================

"network.proxy.http", "203.114.105.243"
"network.proxy.http_port", 8080
"network.proxy.type", 0

"Reset FF Proxy Settings": Firefox Proxy settings were reset.

========================= Hosts content: =================================


127.0.0.1	secure.tune-up.com
127.0.0.1	secure.tune-up.com

========================= IP Configuration: ================================

Realtek RTL8168D/8111D Family PCI-E Gigabit Ethernet NIC (NDIS 6.20) = Local Area Connection (Connected)
Atheros AR5007G Wireless Network Adapter = Wireless Network Connection (Hardware not present)


# ----------------------------------
# IPv4 Configuration
# ----------------------------------
pushd interface ipv4

reset
set global icmpredirects=enabled


popd
# End of IPv4 configuration


Windows IP Configuration

   Host Name . . . . . . . . . . . . : PC-PC
   Primary Dns Suffix  . . . . . . . :
   Node Type . . . . . . . . . . . . : Hybrid
   IP Routing Enabled. . . . . . . . : No
   WINS Proxy Enabled. . . . . . . . : No

Ethernet adapter Local Area Connection:

   Connection-specific DNS Suffix  . :
   Description . . . . . . . . . . . : Realtek RTL8168D/8111D Family PCI-E Gigabit Ethernet NIC (NDIS 6.20)
   Physical Address. . . . . . . . . : 00-E0-B6-0D-78-D3
   DHCP Enabled. . . . . . . . . . . : Yes
   Autoconfiguration Enabled . . . . : Yes
   Link-local IPv6 Address . . . . . : fe80::c5f3:748f:1dbf:3bf9%10(Preferred)
   IPv4 Address. . . . . . . . . . . : 192.168.1.33(Preferred)
   Subnet Mask . . . . . . . . . . . : 255.255.255.0
   Lease Obtained. . . . . . . . . . : Friday, March 01, 2013 1:02:04 PM
   Lease Expires . . . . . . . . . . : Monday, March 04, 2013 1:02:04 PM
   Default Gateway . . . . . . . . . : 192.168.1.1
   DHCP Server . . . . . . . . . . . : 192.168.1.1
   DHCPv6 IAID . . . . . . . . . . . : 234938550
   DHCPv6 Client DUID. . . . . . . . : 00-01-00-01-16-8D-17-50-00-E0-B6-0D-78-D3
   DNS Servers . . . . . . . . . . . : 192.168.1.1
   NetBIOS over Tcpip. . . . . . . . : Enabled

Tunnel adapter isatap.{F31D1DDB-A102-47AD-84D7-CE255FD58D48}:

   Media State . . . . . . . . . . . : Media disconnected
   Connection-specific DNS Suffix  . :
   Description . . . . . . . . . . . : Microsoft ISATAP Adapter
   Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
   DHCP Enabled. . . . . . . . . . . : No
   Autoconfiguration Enabled . . . . : Yes

Tunnel adapter isatap.{E926C10D-0FD1-4EE7-8742-B2B42BB67BCC}:

   Media State . . . . . . . . . . . : Media disconnected
   Connection-specific DNS Suffix  . :
   Description . . . . . . . . . . . : Microsoft ISATAP Adapter #2
   Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
   DHCP Enabled. . . . . . . . . . . : No
   Autoconfiguration Enabled . . . . : Yes

Tunnel adapter Teredo Tunneling Pseudo-Interface:

   Media State . . . . . . . . . . . : Media disconnected
   Connection-specific DNS Suffix  . :
   Description . . . . . . . . . . . : Teredo Tunneling Pseudo-Interface
   Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
   DHCP Enabled. . . . . . . . . . . : No
   Autoconfiguration Enabled . . . . : Yes

Tunnel adapter 6TO4 Adapter:

   Media State . . . . . . . . . . . : Media disconnected
   Connection-specific DNS Suffix  . :
   Description . . . . . . . . . . . : Microsoft 6to4 Adapter
   Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
   DHCP Enabled. . . . . . . . . . . : No
   Autoconfiguration Enabled . . . . : Yes
Server:  UnKnown
Address:  192.168.1.1

DNS request timed out.
    timeout was 2 seconds.
Name:    google.com
Addresses:  74.125.128.100
	  74.125.128.101
	  74.125.128.102
	  74.125.128.113
	  74.125.128.138
	  74.125.128.139


Pinging google.com [74.125.128.138] with 32 bytes of data:
Reply from 74.125.128.138: bytes=32 time=54ms TTL=249
Reply from 74.125.128.138: bytes=32 time=62ms TTL=48

Ping statistics for 74.125.128.138:
    Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
    Minimum = 54ms, Maximum = 62ms, Average = 58ms
Server:  UnKnown
Address:  192.168.1.1

DNS request timed out.
    timeout was 2 seconds.
Name:    yahoo.com
Addresses:  98.139.183.24
	  206.190.36.45
	  98.138.253.109


Pinging yahoo.com [98.139.183.24] with 32 bytes of data:
Reply from 98.139.183.24: bytes=32 time=269ms TTL=249
Reply from 98.139.183.24: bytes=32 time=344ms TTL=249

Ping statistics for 98.139.183.24:
    Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
    Minimum = 269ms, Maximum = 344ms, Average = 306ms

Pinging 127.0.0.1 with 32 bytes of data:
Reply from 127.0.0.1: bytes=32 time<1ms TTL=128
Reply from 127.0.0.1: bytes=32 time<1ms TTL=128

Ping statistics for 127.0.0.1:
    Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
    Minimum = 0ms, Maximum = 0ms, Average = 0ms
===========================================================================
Interface List
 10...00 e0 b6 0d 78 d3 ......Realtek RTL8168D/8111D Family PCI-E Gigabit Ethernet NIC (NDIS 6.20)
  1...........................Software Loopback Interface 1
 20...00 00 00 00 00 00 00 e0 Microsoft ISATAP Adapter
 15...00 00 00 00 00 00 00 e0 Microsoft ISATAP Adapter #2
 12...00 00 00 00 00 00 00 e0 Teredo Tunneling Pseudo-Interface
 14...00 00 00 00 00 00 00 e0 Microsoft 6to4 Adapter
===========================================================================

IPv4 Route Table
===========================================================================
Active Routes:
Network Destination        Netmask          Gateway       Interface  Metric
          0.0.0.0          0.0.0.0      192.168.1.1     192.168.1.33     20
        127.0.0.0        255.0.0.0         On-link         127.0.0.1    306
        127.0.0.1  255.255.255.255         On-link         127.0.0.1    306
  127.255.255.255  255.255.255.255         On-link         127.0.0.1    306
      192.168.1.0    255.255.255.0         On-link      192.168.1.33    276
     192.168.1.33  255.255.255.255         On-link      192.168.1.33    276
    192.168.1.255  255.255.255.255         On-link      192.168.1.33    276
        224.0.0.0        240.0.0.0         On-link         127.0.0.1    306
        224.0.0.0        240.0.0.0         On-link      192.168.1.33    276
  255.255.255.255  255.255.255.255         On-link         127.0.0.1    306
  255.255.255.255  255.255.255.255         On-link      192.168.1.33    276
===========================================================================
Persistent Routes:
  None

IPv6 Route Table
===========================================================================
Active Routes:
 If Metric Network Destination      Gateway
  1    306 ::1/128                  On-link
 10    276 fe80::/64                On-link
 10    276 fe80::c5f3:748f:1dbf:3bf9/128
                                    On-link
  1    306 ff00::/8                 On-link
 10    276 ff00::/8                 On-link
===========================================================================
Persistent Routes:
  None
========================= Winsock entries =====================================

Catalog5 01 C:\Windows\system32\NLAapi.dll [52224] (Microsoft Corporation)
Catalog5 02 C:\Windows\system32\napinsp.dll [52224] (Microsoft Corporation)
Catalog5 03 C:\Windows\system32\pnrpnsp.dll [65024] (Microsoft Corporation)
Catalog5 04 C:\Windows\system32\pnrpnsp.dll [65024] (Microsoft Corporation)
Catalog5 05 C:\Windows\System32\mswsock.dll [232448] (Microsoft Corporation)
Catalog5 06 C:\Windows\System32\winrnr.dll [20992] (Microsoft Corporation)
Catalog5 07 C:\Program Files\Bonjour\mdnsNSP.dll [121704] (Apple Inc.)
Catalog5 08 C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [145280] (Microsoft Corp.)
Catalog5 09 C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [145280] (Microsoft Corp.)
Catalog9 01 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 02 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 03 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 04 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 05 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 06 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 07 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 08 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 09 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 10 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 11 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 12 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 13 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 14 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 15 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 16 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 17 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 18 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 19 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 20 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 21 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 22 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 23 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 24 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 25 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 26 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 27 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 28 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 29 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 30 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 31 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 32 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 33 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 34 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 35 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 36 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 37 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 38 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 39 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 40 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 41 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 42 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)

========================= Event log errors: ===============================

Application errors:
==================
Error: (03/01/2013 03:42:03 AM) (Source: Application Error) (User: )
Description: Faulting application name: steam.exe, version: 1.66.83.42, time stamp: 0x511af576
Faulting module name: unknown, version: 0.0.0.0, time stamp: 0x00000000
Exception code: 0xc0000005
Fault offset: 0x31504247
Faulting process id: 0x99c
Faulting application start time: 0xsteam.exe0
Faulting application path: steam.exe1
Faulting module path: steam.exe2
Report Id: steam.exe3

Error: (03/01/2013 03:38:34 AM) (Source: Application Error) (User: )
Description: Faulting application name: Steam.exe, version: 1.66.83.42, time stamp: 0x511af576
Faulting module name: unknown, version: 0.0.0.0, time stamp: 0x00000000
Exception code: 0xc0000005
Fault offset: 0x31504247
Faulting process id: 0x1230
Faulting application start time: 0xSteam.exe0
Faulting application path: Steam.exe1
Faulting module path: Steam.exe2
Report Id: Steam.exe3

Error: (02/26/2013 09:17:37 PM) (Source: MsgPlusService) (User: )
Description: MsgPlusServiceService failed to shut down.

Error: (02/26/2013 09:17:37 PM) (Source: MsgPlusService) (User: )
Description: MsgPlusServiceReceiving shutdown message.

Error: (02/26/2013 10:49:33 AM) (Source: Application Error) (User: )
Description: Faulting application name: msnmsgr.exe, version: 15.4.3555.308, time stamp: 0x4f596cbb
Faulting module name: UXCore.dll, version: 15.4.3555.308, time stamp: 0x4f5960dc
Exception code: 0xc0000005
Fault offset: 0x000a8670
Faulting process id: 0xd94
Faulting application start time: 0xmsnmsgr.exe0
Faulting application path: msnmsgr.exe1
Faulting module path: msnmsgr.exe2
Report Id: msnmsgr.exe3

Error: (02/24/2013 09:12:55 AM) (Source: Application Error) (User: )
Description: Faulting application name: MikuMikuDance.exe, version: 0.0.0.0, time stamp: 0x4ea5d6b3
Faulting module name: MMEffect.dll, version: 0.0.0.0, time stamp: 0x4dd8fd14
Exception code: 0xc0000005
Fault offset: 0x00058660
Faulting process id: 0x15a4
Faulting application start time: 0xMikuMikuDance.exe0
Faulting application path: MikuMikuDance.exe1
Faulting module path: MikuMikuDance.exe2
Report Id: MikuMikuDance.exe3

Error: (02/24/2013 08:51:52 AM) (Source: Application Error) (User: )
Description: Faulting application name: MikuMikuDance.exe, version: 0.0.0.0, time stamp: 0x4ea5d6b3
Faulting module name: MMEffect.dll, version: 0.0.0.0, time stamp: 0x4dd8fd14
Exception code: 0xc0000005
Fault offset: 0x00058660
Faulting process id: 0x16f8
Faulting application start time: 0xMikuMikuDance.exe0
Faulting application path: MikuMikuDance.exe1
Faulting module path: MikuMikuDance.exe2
Report Id: MikuMikuDance.exe3

Error: (02/23/2013 10:08:43 AM) (Source: MsiInstaller) (User: PC-PC)
Description: ?? : ILLUSION ???????? -- ??? 1309?  ???? C:\Users\PC\AppData\Local\Temp\$PowerISO$\WinRoot\illusion\????????\data\save\????1?1?.sav ??????????????? ???? ??? 3? ???????????????????????????????????????????????

Error: (02/23/2013 10:05:54 AM) (Source: MsiInstaller) (User: PC-PC)
Description: ?? : ILLUSION ???????? -- ??? 1309?  ???? C:\Users\PC\AppData\Local\Temp\$PowerISO$\WinRoot\illusion\????????\data\save\????1?1?.sav ??????????????? ???? ??? 3? ???????????????????????????????????????????????

Error: (02/23/2013 10:05:54 AM) (Source: MsiInstaller) (User: PC-PC)
Description: ?? : ILLUSION ???????? -- ??? 1309?  ???? C:\Users\PC\AppData\Local\Temp\$PowerISO$\WinRoot\illusion\????????\data\save\????1?1?.sav ??????????????? ???? ??? 3? ???????????????????????????????????????????????


System errors:
=============
Error: (03/01/2013 01:02:39 PM) (Source: Service Control Manager) (User: )
Description: The HomeGroup Provider service depends on the Function Discovery Resource Publication service which failed to start because of the following error:
%%-2147024891

Error: (03/01/2013 01:02:39 PM) (Source: Service Control Manager) (User: )
Description: The Function Discovery Resource Publication service terminated with the following error:
%%-2147024891

Error: (03/01/2013 01:02:09 PM) (Source: Service Control Manager) (User: )
Description: The Windows Firewall service terminated with service-specific error %%5.

Error: (03/01/2013 01:00:19 PM) (Source: DCOM) (User: )
Description: {E10F6C3A-F1AE-4ADC-AA9D-2FE65525666E}

Error: (03/01/2013 06:31:16 AM) (Source: Service Control Manager) (User: )
Description: The HomeGroup Provider service depends on the Function Discovery Resource Publication service which failed to start because of the following error:
%%-2147024891

Error: (03/01/2013 06:31:16 AM) (Source: Service Control Manager) (User: )
Description: The Function Discovery Resource Publication service terminated with the following error:
%%-2147024891

Error: (03/01/2013 06:30:55 AM) (Source: Service Control Manager) (User: )
Description: The Windows Firewall service terminated with service-specific error %%5.

Error: (03/01/2013 06:29:34 AM) (Source: DCOM) (User: )
Description: {E10F6C3A-F1AE-4ADC-AA9D-2FE65525666E}

Error: (03/01/2013 06:24:48 AM) (Source: Service Control Manager) (User: )
Description: The Function Discovery Resource Publication service terminated with the following error:
%%-2147024891

Error: (03/01/2013 06:24:48 AM) (Source: Service Control Manager) (User: )
Description: The HomeGroup Provider service depends on the Function Discovery Resource Publication service which failed to start because of the following error:
%%-2147024891


Microsoft Office Sessions:
=========================

=========================== Installed Programs ============================

 Update for Microsoft Office 2007 (KB2508958)
µTorrent (Version: 3.1.3)
7-Zip 9.20
Acoustica Effects Pack (Version: 3.0)
Adobe AIR (Version: 2.5.1.17730)
Adobe Community Help (Version: 3.4.980)
Adobe Flash Player 11 ActiveX (Version: 11.6.602.171)
Adobe Flash Player 11 Plugin (Version: 11.6.602.171)
Adobe Media Player (Version: 1.8)
Adobe Reader X (10.1.6) (Version: 10.1.6)
Aion
Akamai NetSession Interface
Apple Application Support (Version: 2.3.2)
Apple Mobile Device Support (Version: 6.0.1.3)
Apple Software Update (Version: 2.1.3.127)
Audacity 2.0
Autodesk SketchBook Copic Edition (Version: 1.50.0000)
AVG Security Toolbar (Version: 14.2.0.1)
Bandicam
Bandisoft MPEG-1 Decoder
Black & White® 2 (Version: 1.00.0000)
Blackwell's Asylum
Blades of Time
Bonjour (Version: 3.0.0.10)
Brother MFL-Pro Suite (Version: 1.00)
CameraHelperMsi (Version: 13.50.854.0)
D3DX10 (Version: 15.4.2368.0902)
Dandelion -Wishes brought to you- Demo 1.0 (Version: 1.0)
Dragon Age II (Version: 1.00)
Dragon Age: Origins (Version: 1.00)
Dreamfall (Version: 1.00.0000)
Dropbox (Version: 1.6.16)
erLT (Version: 1.20.138.34)
ESET Online Scanner v3
Fable - The Lost Chapters (Version: 1.00.0000)
Façade (Version: 1.1.2)
FlashGet 3.3 (Version: 3.3.0.1092)
Fraps (remove only)
Garena - MStar
Garena Plus (Version: 2011)
Globe Tattoo Broadband (Version: 21.005.11.00.158)
Google Chrome (Version: 25.0.1364.97)
Google Update Helper (Version: 1.3.21.135)
HyperCam 2 (Version: 2.25.01)
Ini3Mstar (Version: 1.00.0000)
iTunes (Version: 11.0.1.12)
Java Auto Updater (Version: 2.1.6.0)
Java(TM) 6 Update 31 (Version: 6.0.310)
Java(TM) 7 Update 5 (Version: 7.0.50)
JavaFX 2.1.1 (Version: 2.1.1)
join.me (Version: 1.5.2.214)
Junk Mail filter update (Version: 15.4.3502.0922)
LAME v3.99.3 (for Windows)
Left 4 Dead 2
Left 4 Dead 2 Add-On Installer (Version: 1.0.0)
Left 4 Dead 2 Add-on Support
Livestream Procaster (Version: 20.2.69)
Logitech Vid HD (Version: 7.2 (7248))
Logitech Webcam Software (Version: 2.0)
LWS Facebook (Version: 13.50.854.0)
LWS Gallery (Version: 13.50.854.0)
LWS Help_main (Version: 13.50.862.0)
LWS Launcher (Version: 13.50.859.0)
LWS Motion Detection (Version: 13.30.1395.0)
LWS Pictures And Video (Version: 13.50.861.0)
LWS Twitter (Version: 13.30.1346.0)
LWS Video Mask Maker (Version: 13.30.1379.0)
LWS VideoEffects (Version: 13.30.1379.0)
LWS Webcam Software (Version: 13.31.1038.0)
LWS WLM Plugin (Version: 1.30.1201.0)
LWS YouTube Plugin (Version: 13.31.1038.0)
Malwarebytes Anti-Malware version 1.70.0.1100 (Version: 1.70.0.1100)
Media Player Classic - Home Cinema v1.5.2.3456 (Version: 1.5.2.3456)
Messenger Plus! (Version: 6.00.0.774)
Messenger Plus! for Skype (Version: 1.5.0.122)
Microsoft .NET Framework 4 Client Profile (Version: 4.0.30319)
Microsoft .NET Framework 4 Extended (Version: 4.0.30319)
Microsoft Application Error Reporting (Version: 12.0.6012.5000)
Microsoft Office 2007 Service Pack 3 (SP3)
Microsoft Office Access MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office Access Setup Metadata MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office Enterprise 2007 (Version: 12.0.6612.1000)
Microsoft Office Excel MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office File Validation Add-In (Version: 14.0.5130.5003)
Microsoft Office Groove MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office Groove Setup Metadata MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office InfoPath MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office OneNote MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office Outlook MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office PowerPoint MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office Proof (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office Proof (French) 2007 (Version: 12.0.6612.1000)
Microsoft Office Proof (Spanish) 2007 (Version: 12.0.6612.1000)
Microsoft Office Proofing (English) 2007 (Version: 12.0.4518.1014)
Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
Microsoft Office Publisher MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office Shared MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office Shared Setup Metadata MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office Word MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Security Client (Version: 4.2.0223.1)
Microsoft Security Essentials (Version: 4.2.223.1)
Microsoft Silverlight (Version: 4.1.10329.0)
Microsoft SOAP Toolkit 3.0 (Version: 3.0.1325.4)
Microsoft SQL Server 2005 Compact Edition [ENU] (Version: 3.1.0000)
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 (Version: 8.0.50727.4053)
Microsoft Visual C++ 2005 Redistributable (Version: 8.0.56336)
Microsoft Visual C++ 2005 Redistributable (Version: 8.0.59193)
Microsoft Visual C++ 2005 Redistributable (Version: 8.0.61001)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (Version: 9.0.30729)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (Version: 9.0.30729.4148)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (Version: 9.0.30729.6161)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (Version: 10.0.40219)
Microsoft WSE 3.0 Runtime (Version: 3.0.5305.0)
Microsoft_VC80_ATL_x86 (Version: 8.0.50727.4053)
Microsoft_VC80_CRT_x86 (Version: 8.0.50727.4053)
Microsoft_VC80_MFC_x86 (Version: 8.0.50727.4053)
Microsoft_VC80_MFCLOC_x86 (Version: 8.0.50727.4053)
Microsoft_VC90_ATL_x86 (Version: 1.00.0000)
Microsoft_VC90_CRT_x86 (Version: 1.00.0000)
Microsoft_VC90_MFC_x86 (Version: 1.00.0000)
Microsoft_VC90_MFCLOC_x86 (Version: 1.00.0000)
Mozilla Firefox 19.0 (x86 en-US) (Version: 19.0)
Mozilla Maintenance Service (Version: 19.0)
MSVCRT (Version: 15.4.2862.0708)
MSVCRT Redists (Version: 1.0)
MSXML 4.0 SP2 (KB954430) (Version: 4.20.9870.0)
MSXML 4.0 SP2 (KB973688) (Version: 4.20.9876.0)
NCsoft Launcher (Version: 1.5.19002)
NotAnotherRO
NVIDIA PhysX (Version: 9.10.0514)
Origin (Version: 8.2.2.2413)
osu! (Version: 0.0.0.0)
Overlord (Version: 1.00.0606)
Pando Media Booster (Version: 2.6.0.7)
Pcsx2 0.9.6 (Version: 1.0.0)
Pen Pad Driver with Macro Key Manager
Portal 2
PowerISO (Version: 5.3)
Rainmeter (Version: 2.4 r1678)
Realtek High Definition Audio Driver (Version: 6.0.1.6526)
RPG Maker VX RTP (Version: 1.02)
S4 League_EU (Version: 1.00.0000)
Skype Click to Call (Version: 6.6.11664)
Skype™ 6.1 (Version: 6.1.129)
Speccy (Version: 1.14)
Spiral Knights
SPORE™ (Version: 1.00.0000)
Starry™Sky`in Spring` (Version: 1.00.0000)
Steam (Version: 1.0.0.0)
STOnline (Version: 1.0000)
Supertintin 1.2.0.8 (Version: =1.2.0.8)
System Requirements Lab CYRI (Version: 4.5.1.0)
TERA (Version: 19.04.02.03.hf3)
TeraCopy 2.27
The Elder Scrolls V: SKYRIM (Version: 1.1.21.0)
The Elder Scrolls V: SKYRIM Update 1 + Crack
The Sims Medieval (Version: 2.0.109)
The Sims Medieval Pirates and Nobles (Version: 2.0.109)
The Sims™ 3 (Version: 1.26.89)
The Sims™ 3 Pets (Version: 10.0.96)
trakAxPC (Version: 3.01.1)
Update for 2007 Microsoft Office System (KB967642)
Update for Microsoft .NET Framework 4 Client Profile (KB2468871) (Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2533523) (Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2600217) (Version: 1)
Update for Microsoft .NET Framework 4 Extended (KB2468871) (Version: 1)
Update for Microsoft .NET Framework 4 Extended (KB2533523) (Version: 1)
Update for Microsoft .NET Framework 4 Extended (KB2600217) (Version: 1)
Update for Microsoft Office 2007 Help for Common Features (KB963673)
Update for Microsoft Office 2007 suites (KB2596620) 32-Bit Edition
Update for Microsoft Office 2007 suites (KB2596660) 32-Bit Edition
Update for Microsoft Office 2007 suites (KB2596802) 32-Bit Edition
Update for Microsoft Office 2007 suites (KB2596848) 32-Bit Edition
Update for Microsoft Office 2007 suites (KB2767916) 32-Bit Edition
Update for Microsoft Office Access 2007 Help (KB963663)
Update for Microsoft Office Excel 2007 Help (KB963678)
Update for Microsoft Office Infopath 2007 Help (KB963662)
Update for Microsoft Office OneNote 2007 Help (KB963670)
Update for Microsoft Office Outlook 2007 (KB2687404) 32-Bit Edition
Update for Microsoft Office Outlook 2007 Help (KB963677)
Update for Microsoft Office Outlook 2007 Junk Email Filter (KB2767848) 32-Bit Edition
Update for Microsoft Office Powerpoint 2007 Help (KB963669)
Update for Microsoft Office Publisher 2007 Help (KB963667)
Update for Microsoft Office Script Editor Help (KB963671)
Update for Microsoft Office Word 2007 Help (KB963665)
USB Video Camera (Version: 3.1.3.3)
VC80CRTRedist - 8.0.50727.6195 (Version: 1.2.0)
Vegas Pro 10.0 (Version: 10.0.469)
Web Assistant 2.0.0.573 (Version: 2.0.0.573)
Windows Live Communications Platform (Version: 15.4.3502.0922)
Windows Live Essentials (Version: 15.4.3502.0922)
Windows Live Essentials (Version: 15.4.3555.0308)
Windows Live ID Sign-in Assistant (Version: 7.250.4232.0)
Windows Live Installer (Version: 15.4.3502.0922)
Windows Live Mail (Version: 15.4.3502.0922)
Windows Live Messenger (Version: 15.4.3538.0513)
Windows Live MIME IFilter (Version: 15.4.3502.0922)
Windows Live Movie Maker (Version: 15.4.3502.0922)
Windows Live Photo Common (Version: 15.4.3502.0922)
Windows Live Photo Gallery (Version: 15.4.3502.0922)
Windows Live PIMT Platform (Version: 15.4.3508.1109)
Windows Live SOXE (Version: 15.4.3502.0922)
Windows Live SOXE Definitions (Version: 15.4.3502.0922)
Windows Live Sync (Version: 14.0.8117.416)
Windows Live UX Platform (Version: 15.4.3502.0922)
Windows Live UX Platform Language Pack (Version: 15.4.3508.1109)
Windows Live Writer (Version: 15.4.3502.0922)
Windows Live Writer Resources (Version: 15.4.3502.0922)
Windows Mobile Device Center (Version: 6.1.6965.0)
WinRAR 4.10 beta 5 (32-bit) (Version: 4.10.5)
Xvid Video Codec (Version: 1.3.2)
YouTube Downloader Toolbar v6.0 (Version: 6.0)
YTD Video Downloader 3.9.6 (Version: 3.9.6)

========================= Devices: ================================

Name: Atheros AR5007G Wireless Network Adapter
Description: Atheros AR5007G Wireless Network Adapter
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Atheros Communications Inc.
Service: athr
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.

Name: MpKsl836e99db
Description: MpKsl836e99db
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer:
Service: MpKsl836e99db
Problem: : This device is not present, is not working properly, or does not have all its drivers installed. (Code 24)
Resolution: The device is installed incorrectly. The problem could be a hardware failure, or a new driver might be needed.
Devices stay in this state if they have been prepared for removal.
After you remove the device, this error disappears.Remove the device, and this error should be resolved.


========================= Memory info: ===================================

Percentage of memory in use: 80%
Total physical RAM: 2047.3 MB
Available physical RAM: 393.73 MB
Total Pagefile: 4094.61 MB
Available Pagefile: 1580.55 MB
Total Virtual: 2047.88 MB
Available Virtual: 1932.67 MB

========================= Partitions: =====================================

1 Drive c: () (Fixed) (Total:146.39 GB) (Free:61.82 GB) NTFS
2 Drive d: () (Fixed) (Total:319.28 GB) (Free:44.24 GB) NTFS

========================= Users: ========================================

User accounts for \\PC-PC

Administrator            Guest                    PC


**** End of log ****


-------Farbar's Service Scanner log-------

Farbar Service Scanner Version: 20-02-2013
Ran by PC (administrator) on 01-03-2013 at 13:09:32
Running from "C:\Users\PC\Desktop"
Windows 7 Home Basic Service Pack 1 (X86)
Boot Mode: Normal
****************************************************************

Internet Services:
============

Connection Status:
==============
Localhost is accessible.
LAN connected.
Google IP is accessible.
Google.com is accessible.
Yahoo IP is accessible.
Yahoo.com is accessible.


Windows Firewall:
=============
MpsSvc Service is not running. Checking service configuration:
The start type of MpsSvc service is OK.
The ImagePath of MpsSvc service is OK.
The ServiceDll of MpsSvc service is OK.


Firewall Disabled Policy:
==================


System Restore:
============

System Restore Disabled Policy:
========================


Action Center:
============

Windows Update:
============

Windows Autoupdate Disabled Policy:
============================


Windows Defender:
==============
WinDefend Service is not running. Checking service configuration:
Checking Start type: ATTENTION!=====> Unable to retrieve start type of WinDefend. The value does not exist.
Checking ImagePath: ATTENTION!=====> Unable to retrieve ImagePath of WinDefend. The value does not exist.
Unable to retrieve ServiceDll of WinDefend. The value does not exist.


Other Services:
==============
Checking Start type of SharedAccess: ATTENTION!=====> Unable to retrieve start type of SharedAccess. The value does not exist.
Checking ImagePath of SharedAccess: ATTENTION!=====> Unable to retrieve ImagePath of SharedAccess. The value does not exist.
Checking ServiceDll of SharedAccess: ATTENTION!=====> Unable to retrieve ServiceDll of SharedAccess. The value does not exist.
Checking Start type of iphlpsvc: ATTENTION!=====> Unable to open iphlpsvc registry key. The service key does not exist.
Checking ImagePath of iphlpsvc: ATTENTION!=====> Unable to open iphlpsvc registry key. The service key does not exist.
Checking ServiceDll of iphlpsvc: ATTENTION!=====> Unable to open iphlpsvc registry key. The service key does not exist.


File Check:
========
C:\Windows\system32\nsisvc.dll => MD5 is legit
C:\Windows\system32\Drivers\nsiproxy.sys => MD5 is legit
C:\Windows\system32\dhcpcore.dll => MD5 is legit
C:\Windows\system32\Drivers\afd.sys => MD5 is legit
C:\Windows\system32\Drivers\tdx.sys => MD5 is legit
C:\Windows\system32\Drivers\tcpip.sys
[2013-02-14 08:21] - [2013-01-03 13:05] - 1293672 ____A (Microsoft Corporation) 7C0507D2391AF5933600CBCED799F277

C:\Windows\system32\dnsrslvr.dll => MD5 is legit
C:\Windows\system32\mpssvc.dll => MD5 is legit
C:\Windows\system32\bfe.dll => MD5 is legit
C:\Windows\system32\Drivers\mpsdrv.sys => MD5 is legit
C:\Windows\system32\SDRSVC.dll => MD5 is legit
C:\Windows\system32\vssvc.exe => MD5 is legit
C:\Windows\system32\wscsvc.dll => MD5 is legit
C:\Windows\system32\wbem\WMIsvc.dll => MD5 is legit
C:\Windows\system32\wuaueng.dll => MD5 is legit
C:\Windows\system32\qmgr.dll => MD5 is legit
C:\Windows\system32\es.dll => MD5 is legit
C:\Windows\system32\cryptsvc.dll => MD5 is legit
C:\Program Files\Windows Defender\MpSvc.dll => MD5 is legit
C:\Windows\system32\ipnathlp.dll => MD5 is legit
C:\Windows\system32\iphlpsvc.dll => MD5 is legit
C:\Windows\system32\svchost.exe => MD5 is legit
C:\Windows\system32\rpcss.dll => MD5 is legit


**** End of log ****


-------AdwCleaner log-------

# AdwCleaner v2.113 - Logfile created 03/01/2013 at 13:11:14
# Updated 23/02/2013 by Xplode
# Operating system : Windows 7 Home Basic Service Pack 1 (32 bits)
# User : PC - PC-PC
# Boot Mode : Normal
# Running from : C:\Users\PC\Desktop\AdwCleaner.exe
# Option [Delete]


***** [Services] *****

Stopped & Deleted : Application Updater
Stopped & Deleted : Web Assistant Updater

***** [Files / Folders] *****

Deleted on reboot : C:\Program Files\Common Files\AVG Secure Search
File Deleted : C:\Program Files\Mozilla Firefox\searchplugins\avg-secure-search.xml
Folder Deleted : C:\Program Files\Application Updater
Folder Deleted : C:\Program Files\AVG Secure Search
Folder Deleted : C:\Program Files\Common Files\spigot
Folder Deleted : C:\Program Files\Web Assistant
Folder Deleted : C:\Program Files\YouTube Downloader Toolbar
Folder Deleted : C:\ProgramData\AVG Secure Search
Folder Deleted : C:\Users\PC\AppData\Local\AVG Secure Search
Folder Deleted : C:\Users\PC\AppData\Local\Google\Chrome\User Data\Default\Extensions\dlnembnfbcpjnepmfjmngjenhhajpdfd
Folder Deleted : C:\Users\PC\AppData\LocalLow\AVG Secure Search
Folder Deleted : C:\Users\PC\AppData\LocalLow\incredibar.com
Folder Deleted : C:\Users\PC\AppData\LocalLow\Search Settings
Folder Deleted : C:\Users\PC\AppData\LocalLow\Toolbar4
Folder Deleted : C:\Users\PC\AppData\Roaming\AVG Secure Search

***** [Registry] *****

Key Deleted : HKCU\Software\APN PIP
Key Deleted : HKCU\Software\AppDataLow\Software\Search Settings
Key Deleted : HKCU\Software\AVG Secure Search
Key Deleted : HKCU\Software\GreenTree Applications
Key Deleted : HKCU\Software\IGearSettings
Key Deleted : HKCU\Software\IM
Key Deleted : HKCU\Software\ImInstaller
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{95B7759C-8C7F-4BF1-B163-73684A933233}
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{CFF4DB9B-135F-47C0-9269-B4C6572FD61A}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{336D0C35-8A85-403A-B9D2-65C292C39087}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{338B4DFE-2E2C-4338-9E41-E176D497299E}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{95B7759C-8C7F-4BF1-B163-73684A933233}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{F3FEE66E-E034-436A-86E4-9690573BEE8A}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{FCBCCB87-9224-4B8D-B117-F56D924BEB18}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{336D0C35-8A85-403A-B9D2-65C292C39087}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{338B4DFE-2E2C-4338-9E41-E176D497299E}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{95B7759C-8C7F-4BF1-B163-73684A933233}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{F25AF245-4A81-40DC-92F9-E9021F207706}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{F3FEE66E-E034-436A-86E4-9690573BEE8A}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{FCBCCB87-9224-4B8D-B117-F56D924BEB18}
Key Deleted : HKCU\Software\Search Settings
Key Deleted : HKCU\Software\Softonic
Key Deleted : HKCU\Software\Web Assistant
Key Deleted : HKLM\Software\Application Updater
Key Deleted : HKLM\Software\AVG Secure Search
Key Deleted : HKLM\Software\AVG Security Toolbar
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{1FDFF5A2-7BB1-48E1-8081-7236812B12B2}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{4CE516A7-F7AC-4628-B411-8F886DC5733E}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{608D3067-77E8-463D-9084-908966806826}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{628F3201-34D0-49C0-BB9A-82A26AEFB291}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{B302A1BD-0157-49FA-90F1-4E94F22C7B4B}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{BB711CB0-C70B-482E-9852-EC05EBD71DBB}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\Extension.DLL
Key Deleted : HKLM\SOFTWARE\Classes\AppID\ScriptHelper.EXE
Key Deleted : HKLM\SOFTWARE\Classes\AppID\TbCommonUtils.DLL
Key Deleted : HKLM\SOFTWARE\Classes\AppID\TbHelper.EXE
Key Deleted : HKLM\SOFTWARE\Classes\AppID\ViProtocol.DLL
Key Deleted : HKLM\SOFTWARE\Classes\AVG Secure Search.BrowserWndAPI
Key Deleted : HKLM\SOFTWARE\Classes\AVG Secure Search.BrowserWndAPI.1
Key Deleted : HKLM\SOFTWARE\Classes\AVG Secure Search.PugiObj
Key Deleted : HKLM\SOFTWARE\Classes\AVG Secure Search.PugiObj.1
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{1C950DE5-D31E-42FB-AFB9-91B0161633D8}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{336D0C35-8A85-403A-B9D2-65C292C39087}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{3BDF4CE9-E81D-432B-A55E-9F0570CE811F}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{4E92DB5F-AAD9-49D3-8EAB-B40CBE5B1FF7}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{95B7759C-8C7F-4BF1-B163-73684A933233}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{A9A56B8E-2DEB-4ED3-BC92-1FA450BCE1A5}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{AE338F6D-5A7C-4D1D-86E3-C618532079B5}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{B658800C-F66E-4EF3-AB85-6C0C227862A9}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{C339D489-FABC-41DD-B39D-276101667C70}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{CC5AD34C-6F10-4CB3-B74A-C2DD4D5060A3}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{D89031C2-10DA-4C90-9A62-FCED012BC46B}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{F25AF245-4A81-40DC-92F9-E9021F207706}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{F3FEE66E-E034-436A-86E4-9690573BEE8A}
Key Deleted : HKLM\SOFTWARE\Classes\Extension.ExtensionHelperObject
Key Deleted : HKLM\SOFTWARE\Classes\Extension.ExtensionHelperObject.1
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{01221FCC-4BFB-461C-B08C-F6D2DF309921}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{03E2A1F3-4402-4121-8B35-733216D61217}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{452AE416-9A97-44CA-93DA-D0F15C36254F}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{45CDA4F7-594C-49A0-AAD1-8224517FE979}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{4E92DB5F-AAD9-49D3-8EAB-B40CBE5B1FF7}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{81E852CC-1FD5-4004-8761-79A48B975E29}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{9E3B11F6-4179-4603-A71B-A55F4BCB0BEC}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{A36867C6-302D-49FC-9D8E-1EB037B5F1AB}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{B2CA345D-ADB8-4F5D-AC64-4AB34322F659}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{B9F43021-60D4-42A6-A065-9BA37F38AC47}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{BF921DD3-732A-4A11-933B-A5EA49F2FD2C}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{C401D2CE-DC27-45C7-BC0C-8E6EA7F085D6}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{D83B296A-2FA6-425B-8AE8-A1F33D99FBD6}
Key Deleted : HKLM\SOFTWARE\Classes\PROTOCOLS\Handler\viprotocol
Key Deleted : HKLM\SOFTWARE\Classes\ScriptHelper.ScriptHelperApi
Key Deleted : HKLM\SOFTWARE\Classes\ScriptHelper.ScriptHelperApi.1
Key Deleted : HKLM\SOFTWARE\Classes\TbCommonUtils.CommonUtils
Key Deleted : HKLM\SOFTWARE\Classes\TbCommonUtils.CommonUtils.1
Key Deleted : HKLM\SOFTWARE\Classes\TbHelper.TbDownloadManager
Key Deleted : HKLM\SOFTWARE\Classes\TbHelper.TbDownloadManager.1
Key Deleted : HKLM\SOFTWARE\Classes\TbHelper.TbPropertyManager
Key Deleted : HKLM\SOFTWARE\Classes\TbHelper.TbPropertyManager.1
Key Deleted : HKLM\SOFTWARE\Classes\TbHelper.TbRequest
Key Deleted : HKLM\SOFTWARE\Classes\TbHelper.TbRequest.1
Key Deleted : HKLM\SOFTWARE\Classes\TbHelper.TbTask
Key Deleted : HKLM\SOFTWARE\Classes\TbHelper.TbTask.1
Key Deleted : HKLM\SOFTWARE\Classes\TbHelper.ToolbarHelper
Key Deleted : HKLM\SOFTWARE\Classes\TbHelper.ToolbarHelper.1
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{1D5A4199-956E-49BC-B89F-6A35C57C0D13}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{74FB6AFD-DD77-4CEB-83BD-AB2B63E63C93}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{9C049BA6-EA47-4AC3-AED6-A66D8DC9E1D8}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{C2AC8A0E-E48E-484B-A71C-C7A937FAAB94}
Key Deleted : HKLM\SOFTWARE\Classes\ViProtocol.ViProtocolOLE
Key Deleted : HKLM\SOFTWARE\Classes\ViProtocol.ViProtocolOLE.1
Key Deleted : HKLM\SOFTWARE\Google\Chrome\Extensions\dlnembnfbcpjnepmfjmngjenhhajpdfd
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{628F3201-34D0-49C0-BB9A-82A26AEFB291}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{F25AF245-4A81-40DC-92F9-E9021F207706}
Key Deleted : HKLM\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\SearchSettings
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\IncredibarToolbar_RASAPI32
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\IncredibarToolbar_RASMANCS
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\NEW_CORRECT_incredibar_install_RASAPI32
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\NEW_CORRECT_incredibar_install_RASMANCS
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{336D0C35-8A85-403A-B9D2-65C292C39087}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{95B7759C-8C7F-4BF1-B163-73684A933233}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{F3FEE66E-E034-436A-86E4-9690573BEE8A}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{C6FDD0C3-266A-4DC3-B459-28C697C44CDC}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{F25AF245-4A81-40DC-92F9-E9021F207706}
Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\063A857434EDED11A893800002C0A966
Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\ED1CAE30F47D14B41B5FC8FA53658044
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{1a413f37-ed88-4fec-9666-5c48dc4b7bb7}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{336D0C35-8A85-403a-B9D2-65C292C39087}_is1
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\AVG Secure Search
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\IM
Key Deleted : HKLM\SOFTWARE\MozillaPlugins\@avg.com/AVG SiteSafety plugin,version=11.0.0.1,application/x-avg-sitesafety-plugin
Key Deleted : HKLM\Software\PIP
Key Deleted : HKLM\Software\Search Settings
Key Deleted : HKLM\SOFTWARE\Software
Key Deleted : HKLM\Software\Web Assistant
Value Deleted : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39}]
Value Deleted : HKCU\Software\Microsoft\Internet Explorer\URLSearchHooks [{F3FEE66E-E034-436A-86E4-9690573BEE8A}]
Value Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{95B7759C-8C7F-4BF1-B163-73684A933233}]
Value Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{F3FEE66E-E034-436A-86E4-9690573BEE8A}]
Value Deleted : HKLM\SOFTWARE\Mozilla\Firefox\extensions [{336D0C35-8A85-403a-B9D2-65C292C39087}]
Value Deleted : HKLM\SOFTWARE\Mozilla\Firefox\Extensions [Avg@toolbar]

***** [Internet Browsers] *****

-\\ Internet Explorer v8.0.7601.17514

Replaced : [HKLM\SOFTWARE\Microsoft\Internet Explorer\AboutURls - Tabs] = hxxp://isearch.avg.com/tab?cid={2DE7600D-BF44-46AB-8AEB-CD3B9E3F4EED}&mid=875ebd4bf54047d0a55dd1a9f0e99120-ad1491be2ce6c122f6b66faa90e70c2decf7d34c&lang=en&ds=tt014&pr=sa&d=2012-07-01 13:59:39&pid=avg&sg=&v=14.2.0.1&sap=nt --> hxxp://www.google.com

-\\ Mozilla Firefox v19.0 (en-US)

File : C:\Users\PC\AppData\Roaming\Mozilla\Firefox\Profiles\cxxgtq6s.default-1353561571812\prefs.js

C:\Users\PC\AppData\Roaming\Mozilla\Firefox\Profiles\cxxgtq6s.default-1353561571812\user.js ... Deleted !

Deleted : user_pref("{FE1DEEEA-DB6D-44b8-83F0-34FC0F9D1052}.ScriptData_WSG_blackList", "form=CONTLB|babsrc=too[...]
Deleted : user_pref("{FE1DEEEA-DB6D-44b8-83F0-34FC0F9D1052}.ScriptData_WSG_whiteList", "{\"search.babylon.com\[...]

-\\ Google Chrome v25.0.1364.97

File : C:\Users\PC\AppData\Local\Google\Chrome\User Data\Default\Preferences

[OK] File is clean.

*************************

AdwCleaner[S1].txt - [12441 octets] - [01/03/2013 13:11:14]

########## EOF - C:\AdwCleaner[S1].txt - [12502 octets] ##########


-------Junkware Removal Tool log-------

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 4.6.6 (02.27.2013:1)
OS: Windows 7 Home Basic x86
Ran by PC on Fri 03/01/2013 at 13:18:08.20
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~


~~~ Services


~~~ Registry Values


~~~ Registry Keys

Successfully deleted: [Registry Key] "hkey_current_user\software\microsoft\internet explorer\internetregistry\registry\user\S-1-5-21-3320378739-1617770387-1012950681-1000\software\web assistant"
Successfully deleted: [Registry Key] hkey_classes_root\clsid\{0055c089-8582-441b-a0bf-17b458c2a3a8}
Successfully deleted: [Registry Key] hkey_current_user\software\microsoft\internet explorer\searchscopes\{6a1806cd-94d4-4689-ba73-e35ea1ea9990}


~~~ Files


~~~ Folders

Successfully deleted: [Folder] "C:\ProgramData\ytd video downloader"
Successfully deleted: [Folder] "C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ytd video downloader"


~~~ FireFox

Emptied folder: C:\Users\PC\AppData\Roaming\mozilla\firefox\profiles\cxxgtq6s.default-1353561571812\minidumps [14 files]


~~~ Chrome

Successfully deleted: [Folder] C:\Users\PC\appdata\local\Google\Chrome\User Data\Default\Extensions\dlnembnfbcpjnepmfjmngjenhhajpdfd


~~~ Event Viewer Logs were cleared


~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on Fri 03/01/2013 at 13:20:42.76
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~


-------Rkill log-------

Rkill 2.4.7 by Lawrence Abrams (Grinler)
http://www.bleepingcomputer.com/
Copyright 2008-2013 BleepingComputer.com
More Information about Rkill can be found at this link:
 http://www.bleepingcomputer.com/forums/topic308364.html

Program started at: 03/01/2013 01:28:17 PM in x86 mode.
Windows Version: Windows 7 Home Basic Service Pack 1

Checking for Windows services to stop:

 * No malware services found to stop.

Checking for processes to terminate:

 * C:\ProgramData\DatacardService\HWDeviceService.exe (PID: 2268) [AU-HEUR]
 * C:\ProgramData\DatacardService\DCSHelper.exe (PID: 2304) [AU-HEUR]
 * C:\Windows\system32\NlsSrv32.exe (PID: 2460) [WD-HEUR]
 * C:\Windows\system32\atwtusb.exe (PID: 2748) [WD-HEUR]
 * C:\Windows\system32\atwtusb.exe (PID: 2852) [WD-HEUR]
 * C:\Windows\System32\WTMKM.exe (PID: 2908) [WD-HEUR]

6 proccesses terminated!

Checking Registry for malware related settings:

 * No issues found in the Registry.

Resetting .EXE, .COM, & .BAT associations in the Windows Registry.

Performing miscellaneous checks:

 * No issues found.

Checking Windows Service Integrity:

 * Windows Firewall (MpsSvc) is not Running.
   Startup Type set to: Automatic

 * iphlpsvc [Missing Service]

 * SharedAccess [Missing ImagePath]
 * WinDefend [Missing ImagePath]

Searching for Missing Digital Signatures:

 * No issues found.

Checking HOSTS File:

 * HOSTS file entries found:

  127.0.0.1	secure.tune-up.com

Program finished at: 03/01/2013 01:28:41 PM
Execution time: 0 hours(s), 0 minute(s), and 23 seconds(s)


------Autoruns log-------

"HKLM\System\CurrentControlSet\Control\Terminal Server\Wds\rdpwd\StartupPrograms"	""	""	""
+ "rdpclip"	""	""	"File not found: rdpclip"
"HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run"	""	""	""
+ "Adobe ARM"	"Adobe Reader and Acrobat Manager"	"Adobe Systems Incorporated"	"c:\program files\common files\adobe\arm\1.0\adobearm.exe"
+ "APSDaemon"	"Apple Push"	"Apple Inc."	"c:\program files\common files\apple\apple application support\apsdaemon.exe"
+ "ControlCenter3"	"ControlCenter Program"	"Brother Industries, Ltd."	"c:\program files\brother\controlcenter3\brctrcen.exe"
+ "GrooveMonitor"	"GrooveMonitor Utility"	"Microsoft Corporation"	"c:\program files\microsoft office\office12\groovemonitor.exe"
+ "Installation Diagnostics"	"Installation Diagnostics"	"Brother Industries, Ltd."	"c:\program files\brother\brmfl06a\brinstck.exe"
+ "LWS"	"Logitech Webcam Software"	"Logitech Inc."	"c:\program files\logitech\lws\webcam software\lws.exe"
+ "MacrokeyManager"	"Macro Key Manager MFC Application"	""	"c:\windows\system32\wtmkm.exe"
+ "MessengerPlusForSkypeService"	"Service - Messenger Plus! for Skype"	"Yuna Software"	"c:\program files\yuna software\messenger plus! for skype\msgplusforskypeservice.exe"
+ "MouseDriver"	"pximouse"	"Pixart Imaging Inc"	"c:\windows\system32\tiltwheelmouse.exe"
+ "MSC"	"Microsoft Security Client User Interface"	"Microsoft Corporation"	"c:\program files\microsoft security client\msseces.exe"
+ "PlusService"	"Messenger Plus! 6"	"Yuna Software"	"c:\program files\yuna software\messenger plus!\plusservice.exe"
+ "PWRISOVM.EXE"	"PowerISO Virtual Drive Manager"	"Power Software Ltd"	"c:\program files\poweriso\pwrisovm.exe"
+ "SetDefPrt"	"BrStDvPt"	"Brother Industories, Ltd."	"c:\program files\brother\brmfl06a\brstdvpt.exe"
+ "vProt"	""	""	"File not found: C:\Program Files\AVG Secure Search\vprot.exe"
"C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup"	""	""	""
+ "Monitor.lnk"	"BACK Monitor Application"	""	"c:\program files\usb video camera\monitor.exe"
"C:\Users\PC\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup"	""	""	""
+ "Dropbox.lnk"	"Dropbox"	"Dropbox, Inc."	"c:\users\pc\appdata\roaming\dropbox\bin\dropbox.exe"
"HKLM\SOFTWARE\Microsoft\Active Setup\Installed Components"	""	""	""
+ "Google Chrome"	"Google Chrome"	"Google Inc."	"c:\program files\google\chrome\application\25.0.1364.97\installer\chrmstp.exe"
+ "Microsoft Windows"	"Windows Mail"	"Microsoft Corporation"	"c:\program files\windows mail\winmail.exe"
"HKCU\Software\Microsoft\Windows\CurrentVersion\Run"	""	""	""
+ "Akamai NetSession Interface"	"Akamai NetSession Client"	"Akamai Technologies, Inc."	"c:\users\pc\appdata\local\akamai\netsession_win.exe"
+ "Logitech Vid"	"Logitech Vid HD"	"Logitech Inc."	"c:\program files\logitech\vid hd\vid.exe"
+ "msnmsgr"	"Windows Live Messenger"	"Microsoft Corporation"	"c:\program files\windows live\messenger\msnmsgr.exe"
+ "supertintin_skype"	"Supertintin Skype Video Call Recorder"	"Imtiger Software Inc."	"c:\program files\supertintin for skype\supertintin_skype.exe"
"HKLM\SOFTWARE\Classes\Protocols\Filter"	""	""	""
+ "text/xml"	"Microsoft Office XML MIME Filter"	"Microsoft Corporation"	"c:\program files\common files\microsoft shared\office12\msoxmlmf.dll"
"HKLM\SOFTWARE\Classes\Protocols\Handler"	""	""	""
+ "grooveLocalGWS"	"GrooveSystemServices Module"	"Microsoft Corporation"	"c:\program files\microsoft office\office12\groovesystemservices.dll"
+ "livecall"	"Windows Live Messenger Protocol Handler Module"	"Microsoft Corporation"	"c:\program files\windows live\messenger\msgrapp.dll"
+ "ms-help"	"Microsoft® Help Data Services Module"	"Microsoft Corporation"	"c:\program files\common files\microsoft shared\help\hxds.dll"
+ "msnim"	"Windows Live Messenger Protocol Handler Module"	"Microsoft Corporation"	"c:\program files\windows live\messenger\msgrapp.dll"
+ "skype-ie-addon-data"	"Skype Click to Call for Internet Explorer"	"Skype Technologies S.A."	"c:\program files\skype\toolbars\internet explorer\skypeieplugin.dll"
+ "skype4com"	"Skype for COM API"	"Skype Technologies"	"c:\program files\common files\skype\skype4com.dll"
+ "wlmailhtml"	"Windows Live Mail"	"Microsoft Corporation"	"c:\program files\windows live\mail\mailcomm.dll"
+ "wlpg"	"Windows Live Album Download Protocol Handler"	"Microsoft Corporation"	"c:\program files\windows live\photo gallery\albumdownloadprotocolhandler.dll"
"HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\SharedTaskScheduler"	""	""	""
+ "Ave's FolderBg"	""	""	"c:\windows\w7fbc\dll.dll"
"HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks"	""	""	""
+ "Groove GFS Stub Execution Hook"	"GrooveShellExtensions Module"	"Microsoft Corporation"	"c:\program files\microsoft office\office12\grooveshellextensions.dll"
"HKCU\Software\Classes\*\ShellEx\ContextMenuHandlers"	""	""	""
+ "DropboxExt"	"Dropbox Shell Extension"	"Dropbox, Inc."	"c:\users\pc\appdata\roaming\dropbox\bin\dropboxext.17.dll"
"HKLM\Software\Classes\*\ShellEx\ContextMenuHandlers"	""	""	""
+ "7-Zip"	"7-Zip Shell Extension"	"Igor Pavlov"	"c:\program files\7-zip\7-zip.dll"
+ "EPP"	"Microsoft Security Client Shell Extension"	"Microsoft Corporation"	"c:\program files\microsoft security client\shellext.dll"
+ "PowerISO"	"PowerISOShell DLL"	"Power Software Ltd"	"c:\program files\poweriso\pwrisosh.dll"
+ "TeraCopy"	""	""	"c:\program files\teracopy\teracopyext.dll"
+ "WinRAR"	""	""	"c:\program files\winrar\rarext.dll"
+ "XXX Groove GFS Context Menu Handler XXX"	"GrooveShellExtensions Module"	"Microsoft Corporation"	"c:\program files\microsoft office\office12\grooveshellextensions.dll"
"HKLM\Software\Classes\AllFileSystemObjects\ShellEx\ContextMenuHandlers"	""	""	""
+ "MBAMShlExt"	"Malwarebytes Anti-Malware"	"Malwarebytes Corporation"	"c:\program files\malwarebytes' anti-malware\mbamext.dll"
+ "XXX Groove GFS Context Menu Handler XXX"	"GrooveShellExtensions Module"	"Microsoft Corporation"	"c:\program files\microsoft office\office12\grooveshellextensions.dll"
"HKCU\Software\Classes\Directory\ShellEx\ContextMenuHandlers"	""	""	""
+ "DropboxExt"	"Dropbox Shell Extension"	"Dropbox, Inc."	"c:\users\pc\appdata\roaming\dropbox\bin\dropboxext.17.dll"
"HKLM\Software\Classes\Directory\ShellEx\ContextMenuHandlers"	""	""	""
+ "7-Zip"	"7-Zip Shell Extension"	"Igor Pavlov"	"c:\program files\7-zip\7-zip.dll"
+ "EPP"	"Microsoft Security Client Shell Extension"	"Microsoft Corporation"	"c:\program files\microsoft security client\shellext.dll"
+ "PowerISO"	"PowerISOShell DLL"	"Power Software Ltd"	"c:\program files\poweriso\pwrisosh.dll"
+ "TeraCopy"	""	""	"c:\program files\teracopy\teracopyext.dll"
+ "WinRAR"	""	""	"c:\program files\winrar\rarext.dll"
+ "XXX Groove GFS Context Menu Handler XXX"	"GrooveShellExtensions Module"	"Microsoft Corporation"	"c:\program files\microsoft office\office12\grooveshellextensions.dll"
"HKLM\Software\Classes\Directory\Shellex\DragDropHandlers"	""	""	""
+ "7-Zip"	"7-Zip Shell Extension"	"Igor Pavlov"	"c:\program files\7-zip\7-zip.dll"
+ "TeraCopy"	""	""	"c:\program files\teracopy\teracopy.dll"
+ "WinRAR"	""	""	"c:\program files\winrar\rarext.dll"
"HKCU\Software\Classes\Directory\Background\ShellEx\ContextMenuHandlers"	""	""	""
+ "DropboxExt"	"Dropbox Shell Extension"	"Dropbox, Inc."	"c:\users\pc\appdata\roaming\dropbox\bin\dropboxext.17.dll"
"HKLM\Software\Classes\Directory\Background\ShellEx\ContextMenuHandlers"	""	""	""
+ "Gadgets"	"Sidebar droptarget"	"Microsoft Corporation"	"c:\program files\windows sidebar\sbdrop.dll"
+ "TeraCopy"	""	""	"c:\program files\teracopy\teracopyext.dll"
+ "XXX Groove GFS Context Menu Handler XXX"	"GrooveShellExtensions Module"	"Microsoft Corporation"	"c:\program files\microsoft office\office12\grooveshellextensions.dll"
"HKLM\Software\Classes\Folder\Shellex\ColumnHandlers"	""	""	""
+ "PDF Shell Extension"	"PDF Shell Extension"	"Adobe Systems, Inc."	"c:\program files\common files\adobe\acrobat\activex\pdfshell.dll"
"HKLM\Software\Classes\Folder\ShellEx\ContextMenuHandlers"	""	""	""
+ "MBAMShlExt"	"Malwarebytes Anti-Malware"	"Malwarebytes Corporation"	"c:\program files\malwarebytes' anti-malware\mbamext.dll"
+ "PowerISO"	"PowerISOShell DLL"	"Power Software Ltd"	"c:\program files\poweriso\pwrisosh.dll"
+ "TeraCopy"	""	""	"c:\program files\teracopy\teracopyext.dll"
+ "WinRAR"	""	""	"c:\program files\winrar\rarext.dll"
+ "XXX Groove GFS Context Menu Handler XXX"	"GrooveShellExtensions Module"	"Microsoft Corporation"	"c:\program files\microsoft office\office12\grooveshellextensions.dll"
"HKLM\Software\Classes\Folder\ShellEx\DragDropHandlers"	""	""	""
+ "TeraCopy"	""	""	"c:\program files\teracopy\teracopy.dll"
+ "WinRAR"	""	""	"c:\program files\winrar\rarext.dll"
"HKLM\Software\Classes\Folder\ShellEx\PropertySheetHandlers"	""	""	""
+ "AveFolderBg"	""	""	"c:\windows\w7fbc\dll.dll"
"HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers"	""	""	""
+ "DropboxExt1"	"Dropbox Shell Extension"	"Dropbox, Inc."	"c:\users\pc\appdata\roaming\dropbox\bin\dropboxext.17.dll"
+ "DropboxExt2"	"Dropbox Shell Extension"	"Dropbox, Inc."	"c:\users\pc\appdata\roaming\dropbox\bin\dropboxext.17.dll"
+ "DropboxExt3"	"Dropbox Shell Extension"	"Dropbox, Inc."	"c:\users\pc\appdata\roaming\dropbox\bin\dropboxext.17.dll"
+ "Groove Explorer Icon Overlay 1 (GFS Unread Stub)"	"GrooveShellExtensions Module"	"Microsoft Corporation"	"c:\program files\microsoft office\office12\grooveshellextensions.dll"
+ "Groove Explorer Icon Overlay 2 (GFS Stub)"	"GrooveShellExtensions Module"	"Microsoft Corporation"	"c:\program files\microsoft office\office12\grooveshellextensions.dll"
+ "Groove Explorer Icon Overlay 2.5 (GFS Unread Folder)"	"GrooveShellExtensions Module"	"Microsoft Corporation"	"c:\program files\microsoft office\office12\grooveshellextensions.dll"
+ "Groove Explorer Icon Overlay 3 (GFS Folder)"	"GrooveShellExtensions Module"	"Microsoft Corporation"	"c:\program files\microsoft office\office12\grooveshellextensions.dll"
+ "Groove Explorer Icon Overlay 4 (GFS Unread Mark)"	"GrooveShellExtensions Module"	"Microsoft Corporation"	"c:\program files\microsoft office\office12\grooveshellextensions.dll"
"HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects"	""	""	""
+ "Adobe PDF Link Helper"	"Adobe PDF Helper for Internet Explorer"	"Adobe Systems Incorporated"	"c:\program files\common files\adobe\acrobat\activex\acroiehelpershim.dll"
+ "FlashGetBHO"	"FlashGet Browser Helper Object"	"Trend Media Group"	"c:\users\pc\appdata\roaming\flashgetbho\flashgetbho3.dll"
+ "Groove GFS Browser Helper"	"GrooveShellExtensions Module"	"Microsoft Corporation"	"c:\program files\microsoft office\office12\grooveshellextensions.dll"
+ "Java(tm) Plug-In 2 SSV Helper"	"Java(TM) Platform SE binary"	"Oracle Corporation"	"c:\program files\oracle\javafx 2.1 runtime\bin\jp2ssv.dll"
+ "Java(tm) Plug-In SSV Helper"	"Java(TM) Platform SE binary"	"Oracle Corporation"	"c:\program files\oracle\javafx 2.1 runtime\bin\ssv.dll"
+ "Skype Browser Helper"	"Skype Click to Call for Internet Explorer"	"Skype Technologies S.A."	"c:\program files\skype\toolbars\internet explorer\skypeieplugin.dll"
+ "Windows Live ID Sign-in Helper"	"Microsoft® Windows Live ID Login Helper"	"Microsoft Corp."	"c:\program files\common files\microsoft shared\windows live\windowslivelogin.dll"
"HKLM\Software\Microsoft\Internet Explorer\Extensions"	""	""	""
+ "S&end to OneNote"	"Microsoft Office OneNote Internet Explorer Add-in"	"Microsoft Corporation"	"c:\program files\microsoft office\office12\onbttnie.dll"
+ "Skype Click to Call"	"Skype Click to Call for Internet Explorer"	"Skype Technologies S.A."	"c:\program files\skype\toolbars\internet explorer\skypeieplugin.dll"
"Task Scheduler"	""	""	""
+ "\Adobe Flash Player Updater"	"Adobe® Flash® Player Update Service 11.6 r602"	"Adobe Systems Incorporated"	"c:\windows\system32\macromed\flash\flashplayerupdateservice.exe"
+ "\Adobe online update program"	"Adobe Reader and Acrobat Manager"	"Adobe Systems Incorporated"	"c:\program files\common files\adobe\arm\1.0\adobearm.exe"
+ "\Divx online update program"	""	""	"File not found: C:\Program Files\DivX\DivX Update\DivXUpdate.exe"
+ "\Game_Booster_AutoUpdate"	""	""	"File not found: C:\Program Files\IObit\Game Booster 3\AutoUpdate.exe"
+ "\gg_uac_daemon_PC"	""	""	"c:\program files\garena plus\ggspawn.dll"
+ "\Google Updater and Installer"	""	""	"File not found: C:\Users\PC\AppData\Local\Google\Update\GoogleUpdate.exe"
+ "\GoogleUpdateTaskMachineCore"	"Google Installer"	"Google Inc."	"c:\program files\google\update\googleupdate.exe"
+ "\GoogleUpdateTaskMachineUA"	"Google Installer"	"Google Inc."	"c:\program files\google\update\googleupdate.exe"
+ "\Java Update Scheduler"	"Java(TM) Update Scheduler"	"Sun Microsystems, Inc."	"c:\program files\common files\java\java update\jusched.exe"
+ "\Microsoft\Microsoft Antimalware\Microsoft Antimalware Scheduled Scan"	"Microsoft Malware Protection Command Line Utility"	"Microsoft Corporation"	"c:\program files\microsoft security client\mpcmdrun.exe"
+ "\Microsoft\Windows Defender\MP Scheduled Scan"	"Microsoft Malware Protection Command Line Utility"	"Microsoft Corporation"	"c:\program files\windows defender\mpcmdrun.exe"
+ "\Microsoft\Windows Live\SOXE\Extractor Definitions Update Task"	"Windows Live Social Object Extractor Engine"	"Microsoft Corporation"	"c:\program files\windows live\soxe\wlsoxe.dll"
+ "\Microsoft\Windows\NetTrace\GatherNetworkInfo"	""	""	"c:\windows\system32\gathernetworkinfo.vbs"
+ "\Microsoft\Windows\Windows Media Sharing\UpdateLibrary"	"Windows Media Player Network Sharing Service Configuration Application"	"Microsoft Corporation"	"c:\program files\windows media player\wmpnscfg.exe"
+ "\{060D79F6-17D6-4303-9E97-0BF9EA96A591}"	""	""	"File not found: c:\users\pc\appdata\local\google\chrome\application\chrome.exe"
+ "\{CA63318E-4074-4983-8019-37D9DBB0BB66}"	""	""	"File not found: c:\users\pc\appdata\local\google\chrome\application\chrome.exe"
+ "\{CB9DAE40-6AF4-444E-A9BE-1B04DF0604AE}"	""	""	"File not found: c:\users\pc\appdata\local\google\chrome\application\chrome.exe"
+ "\{CDC24B21-EBE1-4951-926D-5C7741AF2DA5}"	""	""	"File not found: c:\users\pc\appdata\local\google\chrome\application\chrome.exe"
"HKLM\System\CurrentControlSet\Services"	""	""	""
+ "AdobeARMservice"	"Adobe Acrobat Updater keeps your Adobe software up to date."	"Adobe Systems Incorporated"	"c:\program files\common files\adobe\arm\1.0\armsvc.exe"
+ "AdobeFlashPlayerUpdateSvc"	"This service keeps your Adobe Flash Player installation up to date with the latest enhancements and security fixes."	"Adobe Systems Incorporated"	"c:\windows\system32\macromed\flash\flashplayerupdateservice.exe"
+ "Akamai"	"Provides networking protocol and file transfer technologies. If the service is stopped, those applications that depend on the service may fail to transfer files or otherwise function properly."	"Akamai Technologies, Inc."	"c:\program files\common files\akamai/netsession_win_ce5ba24.dll"
+ "AMD External Events Utility"	"AMD External Events Service Module"	"AMD"	"c:\windows\system32\atiesrxx.exe"
+ "Apple Mobile Device"	"Provides the interface to Apple mobile devices."	"Apple Inc."	"c:\program files\common files\apple\mobile device support\applemobiledeviceservice.exe"
+ "Bonjour Service"	"Enables hardware devices and software services to automatically configure themselves on the network and advertise their presence."	"Apple Inc."	"c:\program files\bonjour\mdnsresponder.exe"
+ "gupdate"	"Keeps your Google software up to date. If this service is disabled or stopped, your Google software will not be kept up to date, meaning security vulnerabilities that may arise cannot be fixed and features may not work. This service uninstalls itself when there is no Google software using it."	"Google Inc."	"c:\program files\google\update\googleupdate.exe"
+ "gupdatem"	"Keeps your Google software up to date. If this service is disabled or stopped, your Google software will not be kept up to date, meaning security vulnerabilities that may arise cannot be fixed and features may not work. This service uninstalls itself when there is no Google software using it."	"Google Inc."	"c:\program files\google\update\googleupdate.exe"
+ "HWDeviceService.exe"	"Service for runing Mobile applications autorun."	""	"c:\programdata\datacardservice\hwdeviceservice.exe"
+ "IDriverT"	"Provides support for the Running Object Table for InstallShield Drivers"	"Macrovision Corporation"	"c:\program files\common files\installshield\driver\1050\intel 32\idrivert.exe"
+ "iPod Service"	"iPod hardware management services"	"Apple Inc."	"c:\program files\ipod\bin\ipodservice.exe"
+ "MBAMScheduler"	"Malwarebytes Anti-Malware scheduler"	"Malwarebytes Corporation"	"c:\program files\malwarebytes' anti-malware\mbamscheduler.exe"
+ "MBAMService"	"Malwarebytes Anti-Malware service"	"Malwarebytes Corporation"	"c:\program files\malwarebytes' anti-malware\mbamservice.exe"
+ "Microsoft Office Groove Audit Service"	"Groove Audit Service"	"Microsoft Corporation"	"c:\program files\microsoft office\office12\grooveauditservice.exe"
+ "MsgPlusService"	"Service - Messenger Plus! for Skype"	"Yuna Software"	"c:\program files\yuna software\messenger plus! for skype\msgplusforskypeservice.exe"
+ "MsMpSvc"	"Helps protect users from malware and other potentially unwanted software"	"Microsoft Corporation"	"c:\program files\microsoft security client\msmpeng.exe"
+ "NisSrv"	"Helps guard against intrusion attempts targeting known and newly discovered vulnerabilities in network protocols"	"Microsoft Corporation"	"c:\program files\microsoft security client\nissrv.exe"
+ "nlsX86cc"	"This service enables products that use the Nalpeiron Licensing System "	"Nalpeiron Ltd."	"c:\windows\system32\nlssrv32.exe"
+ "npggsvc"	"nProtect GameGuard Service"	"INCA Internet Co., Ltd."	"c:\windows\system32\gamemon.des"
+ "odserv"	"Run portions of Microsoft Office Diagnostics."	"Microsoft Corporation"	"c:\program files\common files\microsoft shared\office12\odserv.exe"
+ "ose"	"Saves installation files used for updates and repairs and is required for the downloading of Setup updates and Watson error reports."	"Microsoft Corporation"	"c:\program files\common files\microsoft shared\source engine\ose.exe"
+ "Skype C2C Service"	"Skype Click to Call Update Service"	"Skype Technologies S.A."	"c:\programdata\skype\toolbars\skype c2c service\c2c_service.exe"
+ "SkypeUpdate"	"Enables the detection, download and installation of updates for Skype."	"Skype Technologies"	"c:\program files\skype\updater\updater.exe"
+ "Steam Client Service"	"Steam Client Service monitors and updates Steam content"	"Valve Corporation"	"c:\program files\common files\steam\steamservice.exe"
+ "UMVPFSrv"	"UMVPF is a user mode Logitech driver"	"Logitech Inc."	"c:\program files\common files\logishrd\lvmvfm\umvpfsrv.exe"
+ "vToolbarUpdater14.2.0"	"ToolbarU Application"	""	"c:\program files\common files\avg secure search\vtoolbarupdater\14.2.0\toolbarupdater.exe"
+ "wlidsvc"	"Enables Windows Live ID authentication."	"Microsoft Corp."	"c:\program files\common files\microsoft shared\windows live\wlidsvc.exe"
+ "WMPNetworkSvc"	"Shares Windows Media Player libraries to other networked players and media devices using Universal Plug and Play"	"Microsoft Corporation"	"c:\program files\windows media player\wmpnetwk.exe"
+ "WTService"	"User Mode Tablet Driver"	""	"c:\windows\system32\atwtusb.exe"
"HKLM\System\CurrentControlSet\Services"	""	""	""
+ "adp94xx"	"Adaptec Windows SAS/SATA Storport Driver"	"Adaptec, Inc."	"c:\windows\system32\drivers\adp94xx.sys"
+ "adpahci"	"Adaptec Windows SATA Storport Driver"	"Adaptec, Inc."	"c:\windows\system32\drivers\adpahci.sys"
+ "adpu320"	"Adaptec StorPort Ultra320 SCSI Driver"	"Adaptec, Inc."	"c:\windows\system32\drivers\adpu320.sys"
+ "aic78xx"	"Adaptec Ultra SCSI miniport"	"Adaptec, Inc."	"c:\windows\system32\drivers\djsvs.sys"
+ "aliide"	"ALi mini IDE Driver"	"Acer Laboratories Inc."	"c:\windows\system32\drivers\aliide.sys"
+ "amdkmdag"	"ATI Radeon Kernel Mode Driver"	"ATI Technologies Inc."	"c:\windows\system32\drivers\atikmdag.sys"
+ "amdkmdap"	"AMD multi-vendor Miniport Driver"	"Advanced Micro Devices, Inc."	"c:\windows\system32\drivers\atikmpag.sys"
+ "amdsata"	"AHCI 1.2 Device Driver"	"Advanced Micro Devices"	"c:\windows\system32\drivers\amdsata.sys"
+ "amdsbs"	"AMD Technology AHCI Compatible Controller Driver for Windows family"	"AMD Technologies Inc."	"c:\windows\system32\drivers\amdsbs.sys"
+ "amdxata"	"Storage Filter Driver"	"Advanced Micro Devices"	"c:\windows\system32\drivers\amdxata.sys"
+ "apf003"	""	""	"c:\windows\system32\apf003.sys"
+ "arc"	"Adaptec RAID Storport Driver"	"Adaptec, Inc."	"c:\windows\system32\drivers\arc.sys"
+ "arcsas"	"Adaptec SAS RAID WS03 Driver"	"Adaptec, Inc."	"c:\windows\system32\drivers\arcsas.sys"
+ "athr"	"Atheros Extensible Wireless LAN device driver"	"Atheros Communications, Inc."	"c:\windows\system32\drivers\athr.sys"
+ "avgtp"	""	"AVG Technologies"	"c:\windows\system32\drivers\avgtpx86.sys"
+ "b06bdrv"	"Broadcom NetXtreme II GigE VBD"	"Broadcom Corporation"	"c:\windows\system32\drivers\bxvbdx.sys"
+ "b57nd60x"	"Broadcom NetXtreme Gigabit Ethernet NDIS6.x Unified Driver."	"Broadcom Corporation"	"c:\windows\system32\drivers\b57nd60x.sys"
+ "BrFiltLo"	"Windows ME USB Mass-Storage Bulk-Only Lower Filter Driver"	"Brother Industries, Ltd."	"c:\windows\system32\drivers\brfiltlo.sys"
+ "BrFiltUp"	"Windows ME USB Mass-Storage Bulk-Only Upper Filter Driver"	"Brother Industries, Ltd."	"c:\windows\system32\drivers\brfiltup.sys"
+ "Brserid"	"Brotehr Serial I/F Driver (WDM)"	"Brother Industries Ltd."	"c:\windows\system32\drivers\brserid.sys"
+ "BrSerWdm"	"Brother Serial driver (WDM version)"	"Brother Industries Ltd."	"c:\windows\system32\drivers\brserwdm.sys"
+ "BrUsbMdm"	"Brother USB MDM Driver "	"Brother Industries Ltd."	"c:\windows\system32\drivers\brusbmdm.sys"
+ "BrUsbSer"	"Brother USB Serial Driver"	"Brother Industries Ltd."	"c:\windows\system32\drivers\brusbser.sys"
+ "Ca2001v"	"Digital Camera Driver "	"Digital Camera"	"c:\windows\system32\drivers\ca2001v.sys"
+ "cmdide"	"CMD PCI IDE Bus Driver"	"CMD Technology, Inc."	"c:\windows\system32\drivers\cmdide.sys"
+ "EagleXNt"	""	""	"File not found: C:\Windows\system32\drivers\EagleXNt.sys"
+ "ebdrv"	"Broadcom NetXtreme II 10 GigE VBD"	"Broadcom Corporation"	"c:\windows\system32\drivers\evbdx.sys"
+ "elxstor"	"Storport Miniport Driver for LightPulse HBAs"	"Emulex"	"c:\windows\system32\drivers\elxstor.sys"
+ "ew_hwusbdev"	"USB Modem/Serial Device Driver"	"Huawei Technologies Co., Ltd."	"c:\windows\system32\drivers\ew_hwusbdev.sys"
+ "ewusbnet"	"USB NDIS Miniport Driver"	"Huawei Technologies Co., Ltd."	"c:\windows\system32\drivers\ewusbnet.sys"
+ "GEARAspiWDM"	"CD DVD Filter"	"GEAR Software Inc."	"c:\windows\system32\drivers\gearaspiwdm.sys"
+ "hamachi"	"Hamachi Virtual Network Interface Driver"	"LogMeIn, Inc."	"c:\windows\system32\drivers\hamachi.sys"
+ "hcw85cir"	"Hauppauge WinTV 885 Consumer IR Driver for eHome"	"Hauppauge Computer Works, Inc."	"c:\windows\system32\drivers\hcw85cir.sys"
+ "HpSAMD"	"Smart Array SAS/SATA Controller Media Driver"	"Hewlett-Packard Company"	"c:\windows\system32\drivers\hpsamd.sys"
+ "huawei_enumerator"	"ew_jubusenum Driver"	"Huawei Technologies Co., Ltd."	"c:\windows\system32\drivers\ew_jubusenum.sys"
+ "hwdatacard"	"USB Modem/Serial Device Driver"	"Huawei Technologies Co., Ltd."	"c:\windows\system32\drivers\ewusbmdm.sys"
+ "iaStorV"	"Intel Matrix Storage Manager driver - ia32"	"Intel Corporation"	"c:\windows\system32\drivers\iastorv.sys"
+ "iirsp"	"Intel/ICP Raid Storport Driver"	"Intel Corp./ICP vortex GmbH"	"c:\windows\system32\drivers\iirsp.sys"
+ "IntcAzAudAddService"	"Realtek(r) High Definition Audio Function Driver"	"Realtek Semiconductor Corp."	"c:\windows\system32\drivers\rtkvhda.sys"
+ "LSI_FC"	"LSI Fusion-MPT FC Driver (StorPort)"	"LSI Corporation"	"c:\windows\system32\drivers\lsi_fc.sys"
+ "LSI_SAS"	"LSI Fusion-MPT SAS Driver (StorPort)"	"LSI Corporation"	"c:\windows\system32\drivers\lsi_sas.sys"
+ "LSI_SAS2"	"LSI SAS Gen2 Driver (StorPort)"	"LSI Corporation"	"c:\windows\system32\drivers\lsi_sas2.sys"
+ "LSI_SCSI"	"LSI Fusion-MPT SCSI Driver (StorPort)"	"LSI Corporation"	"c:\windows\system32\drivers\lsi_scsi.sys"
+ "LVRS"	"Logitech Kernel Audio Improvement Filter Driver"	"Logitech Inc."	"c:\windows\system32\drivers\lvrs.sys"
+ "LVUVC"	"Logitech USB Video Class Driver"	"Logitech Inc."	"c:\windows\system32\drivers\lvuvc.sys"
+ "MBAMProtector"	"Malwarebytes Anti-Malware"	"Malwarebytes Corporation"	"c:\windows\system32\drivers\mbam.sys"
+ "megasas"	"MEGASAS RAID Controller Driver for Windows 7 for x86"	"LSI Corporation"	"c:\windows\system32\drivers\megasas.sys"
+ "MegaSR"	"LSI MegaRAID Software RAID Driver"	"LSI Corporation, Inc."	"c:\windows\system32\drivers\megasr.sys"
+ "MpKsl836e99db"	""	""	"File not found: c:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{6AB0376F-11B4-4490-AE5A-2AF08BD388D0}\MpKsl836e99db.sys"
+ "nfrd960"	"IBM ServeRAID Controller Driver"	"IBM Corporation"	"c:\windows\system32\drivers\nfrd960.sys"
+ "npkcrypt"	"nProtect KeyCrypt Driver"	"INCA Internet Co., Ltd."	"d:\games ol\orig ragnarok online\npkcrypt.sys"
+ "npkcusb"	"nProtect KeyCrypt Driver"	"INCA Internet Co., Ltd."	"d:\games ol\orig ragnarok online\npkcusb.sys"
+ "nvraid"	"NVIDIA® nForce(TM) RAID Driver"	"NVIDIA Corporation"	"c:\windows\system32\drivers\nvraid.sys"
+ "nvstor"	"NVIDIA® nForce(TM) Sata Performance Driver"	"NVIDIA Corporation"	"c:\windows\system32\drivers\nvstor.sys"
+ "ql2300"	"QLogic Fibre Channel Stor Miniport Driver"	"QLogic Corporation"	"c:\windows\system32\drivers\ql2300.sys"
+ "ql40xx"	"QLogic iSCSI Storport Miniport Driver"	"QLogic Corporation"	"c:\windows\system32\drivers\ql40xx.sys"
+ "RTL8167"	"Realtek 8101E/8168/8169 NDIS 6.20 32-bit Driver                "	"Realtek Corporation                                            "	"c:\windows\system32\drivers\rt86win7.sys"
+ "SCDEmu"	"PowerISO Virtual Drive"	"Power Software Ltd"	"c:\windows\system32\drivers\scdemu.sys"
+ "secdrv"	"Macrovision SECURITY Driver"	"Macrovision Corporation, Macrovision Europe Limited, and Macrovision Japan and Asia K.K."	"c:\windows\system32\drivers\secdrv.sys"
+ "SiSRaid2"	"SiS RAID Stor Miniport Driver"	"Silicon Integrated Systems Corp."	"c:\windows\system32\drivers\sisraid2.sys"
+ "SiSRaid4"	"SiS AHCI Stor-Miniport Driver"	"Silicon Integrated Systems"	"c:\windows\system32\drivers\sisraid4.sys"
+ "stexstor"	"Promise  SuperTrak EX Series Driver for Windows "	"Promise Technology"	"c:\windows\system32\drivers\stexstor.sys"
+ "t_mouse.sys"	""	""	"c:\windows\system32\drivers\t_mouse.sys"
+ "USBAAPL"	"Apple Mobile Device USB Driver"	"Apple, Inc."	"c:\windows\system32\drivers\usbaapl.sys"
+ "viaide"	"VIA Generic PCI IDE Bus Driver"	"VIA Technologies, Inc."	"c:\windows\system32\drivers\viaide.sys"
+ "vsmraid"	"VIA RAID DRIVER FOR AMD-X86-64"	"VIA Technologies Inc.,Ltd"	"c:\windows\system32\drivers\vsmraid.sys"
+ "WinRing0_1_2_0"	""	""	"File not found: C:\Program Files\IObit\Game Booster 3\Driver\WinRing0.sys"
+ "XDva390"	""	""	"File not found: C:\Windows\system32\XDva390.sys"
+ "XDva391"	""	""	"File not found: C:\Windows\system32\XDva391.sys"
+ "XDva393"	""	""	"File not found: C:\Windows\system32\XDva393.sys"
+ "XDva399"	""	""	"File not found: C:\Windows\system32\XDva399.sys"
+ "XDva400"	""	""	"File not found: C:\Windows\system32\XDva400.sys"
+ "XDva401"	""	""	"File not found: C:\Windows\system32\XDva401.sys"
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Drivers32"	""	""	""
+ "msacm.bdmpeg"	""	""	"c:\windows\system32\bdmpega.acm"
+ "msacm.l3acm"	"MPEG Audio Layer-3 Codec for MSACM"	"Fraunhofer Institut Integrierte Schaltungen IIS"	"c:\windows\system32\l3codecp.acm"
+ "vidc.cvid"	"Cinepak® Codec"	"Radius Inc."	"c:\windows\system32\iccvid.dll"
+ "VIDC.FPS1"	"Fraps"	"Beepa P/L"	"c:\windows\system32\frapsvid.dll"
+ "vidc.i420"	"Video Codec"	"Logitech Inc."	"c:\windows\system32\lvcodec2.dll"
+ "vidc.mjpg"	""	""	"c:\windows\system32\bdmjpeg.dll"
+ "vidc.mpeg"	""	""	"c:\windows\system32\bdmpegv.dll"
+ "vidc.VP60"	"VP6 VIDEO FOR WINDOWS CODEC "	"On2.com"	"c:\windows\system32\vp6vfw.dll"
+ "vidc.VP61"	"VP6 VIDEO FOR WINDOWS CODEC "	"On2.com"	"c:\windows\system32\vp6vfw.dll"
+ "vidc.XVID"	""	""	"c:\windows\system32\xvidvfw.dll"
"HKLM\Software\Classes\Filter"	""	""	""
+ "Blue Cat FreqAnalyst (Stereo)"	""	""	"c:\program files\highandes\trakaxpc\bluecataudio\blue cat freqanalyst dx(stereo).dll"
+ "Blue Cat FreqAnalyst (Stereo)"	""	""	"c:\program files\highandes\trakaxpc\bluecataudio\blue cat freqanalyst dx(stereo).dll"
+ "Blue Cat Phaser (Stereo)"	""	""	"c:\program files\highandes\trakaxpc\bluecataudio\blue cat phaser dx(stereo).dll"
+ "Blue Cat Phaser (Stereo)"	""	""	"c:\program files\highandes\trakaxpc\bluecataudio\blue cat phaser dx(stereo).dll"
+ "Blue Cat Stereo Chorus"	""	""	"c:\program files\highandes\trakaxpc\bluecataudio\blue cat stereo chorus dx.dll"
+ "Blue Cat Stereo Chorus"	""	""	"c:\program files\highandes\trakaxpc\bluecataudio\blue cat stereo chorus dx.dll"
+ "Blue Cat Stereo Flanger"	""	""	"c:\program files\highandes\trakaxpc\bluecataudio\blue cat stereo flanger dx.dll"
+ "Blue Cat Stereo Flanger"	""	""	"c:\program files\highandes\trakaxpc\bluecataudio\blue cat stereo flanger dx.dll"
+ "Blue Cat Stereo Gain"	""	""	"c:\program files\highandes\trakaxpc\bluecataudio\blue cat stereo gain dx.dll"
+ "Blue Cat Stereo Gain"	""	""	"c:\program files\highandes\trakaxpc\bluecataudio\blue cat stereo gain dx.dll"
+ "Blue Cat Triple EQ (Stereo)"	""	""	"c:\program files\highandes\trakaxpc\bluecataudio\blue cat triple eq dx(stereo).dll"
+ "Blue Cat Triple EQ (Stereo)"	""	""	"c:\program files\highandes\trakaxpc\bluecataudio\blue cat triple eq dx(stereo).dll"
+ "Blue Cat Widening Gain"	""	""	"c:\program files\highandes\trakaxpc\bluecataudio\blue cat widening gain dx.dll"
+ "Blue Cat Widening Gain"	""	""	"c:\program files\highandes\trakaxpc\bluecataudio\blue cat widening gain dx.dll"
+ "Sony Amplitude Modulation"	"Sony XFX 3 Plug-In Pack"	"Sony Creative Software Inc."	"c:\program files\sony\shared plug-ins\audio\sfppack3.dll"
+ "Sony Amplitude Modulation"	"Sony XFX 3 Plug-In Pack"	"Sony Creative Software Inc."	"c:\program files\sony\shared plug-ins\audio\sfppack3.dll"
+ "Sony Chorus"	"Sony XFX 1 Plug-In Pack "	"Sony Creative Software Inc."	"c:\program files\sony\shared plug-ins\audio\sfppack1.dll"
+ "Sony Chorus"	"Sony XFX 1 Plug-In Pack "	"Sony Creative Software Inc."	"c:\program files\sony\shared plug-ins\audio\sfppack1.dll"
+ "Sony Distortion"	"Sony XFX 3 Plug-In Pack"	"Sony Creative Software Inc."	"c:\program files\sony\shared plug-ins\audio\sfppack3.dll"
+ "Sony Distortion"	"Sony XFX 3 Plug-In Pack"	"Sony Creative Software Inc."	"c:\program files\sony\shared plug-ins\audio\sfppack3.dll"
+ "Sony Dither"	"Sony TrackFX 1"	"Sony Creative Software Inc."	"c:\program files\sony\shared plug-ins\audio\sftrkfx1.dll"
+ "Sony Dither"	"Sony TrackFX 1"	"Sony Creative Software Inc."	"c:\program files\sony\shared plug-ins\audio\sftrkfx1.dll"
+ "Sony ExpressFX Amplitude Modulation"	"Sony ExpressFX 2 "	"Sony Creative Software Inc."	"c:\program files\sony\shared plug-ins\audio\sfxpfx2.dll"
+ "Sony ExpressFX Amplitude Modulation"	"Sony ExpressFX 2 "	"Sony Creative Software Inc."	"c:\program files\sony\shared plug-ins\audio\sfxpfx2.dll"
+ "Sony ExpressFX Audio Restoration"	"Sony ExpressFX Audio Restoration"	"Sony Creative Software Inc."	"c:\program files\sony\shared plug-ins\audio\xpvinyl.dll"
+ "Sony ExpressFX Audio Restoration"	"Sony ExpressFX Audio Restoration"	"Sony Creative Software Inc."	"c:\program files\sony\shared plug-ins\audio\xpvinyl.dll"
+ "Sony ExpressFX Chorus"	"Sony ExpressFX 2 "	"Sony Creative Software Inc."	"c:\program files\sony\shared plug-ins\audio\sfxpfx2.dll"
+ "Sony ExpressFX Chorus"	"Sony ExpressFX 2 "	"Sony Creative Software Inc."	"c:\program files\sony\shared plug-ins\audio\sfxpfx2.dll"
+ "Sony ExpressFX Delay"	"Sony ExpressFX 2 "	"Sony Creative Software Inc."	"c:\program files\sony\shared plug-ins\audio\sfxpfx2.dll"
+ "Sony ExpressFX Delay"	"Sony ExpressFX 2 "	"Sony Creative Software Inc."	"c:\program files\sony\shared plug-ins\audio\sfxpfx2.dll"
+ "Sony ExpressFX Distortion"	"Sony ExpressFX 1"	"Sony Creative Software Inc."	"c:\program files\sony\shared plug-ins\audio\sfxpfx1.dll"
+ "Sony ExpressFX Distortion"	"Sony ExpressFX 1"	"Sony Creative Software Inc."	"c:\program files\sony\shared plug-ins\audio\sfxpfx1.dll"
+ "Sony ExpressFX Dynamics"	"Sony ExpressFX 3 "	"Sony Creative Software Inc."	"c:\program files\sony\shared plug-ins\audio\sfxpfx3.dll"
+ "Sony ExpressFX Dynamics"	"Sony ExpressFX 3 "	"Sony Creative Software Inc."	"c:\program files\sony\shared plug-ins\audio\sfxpfx3.dll"
+ "Sony ExpressFX Equalization"	"Sony ExpressFX 2 "	"Sony Creative Software Inc."	"c:\program files\sony\shared plug-ins\audio\sfxpfx2.dll"
+ "Sony ExpressFX Equalization"	"Sony ExpressFX 2 "	"Sony Creative Software Inc."	"c:\program files\sony\shared plug-ins\audio\sfxpfx2.dll"
+ "Sony ExpressFX Flange/Wah-Wah"	"Sony ExpressFX 1"	"Sony Creative Software Inc."	"c:\program files\sony\shared plug-ins\audio\sfxpfx1.dll"
+ "Sony ExpressFX Flange/Wah-Wah"	"Sony ExpressFX 1"	"Sony Creative Software Inc."	"c:\program files\sony\shared plug-ins\audio\sfxpfx1.dll"
+ "Sony ExpressFX Graphic EQ"	"Sony ExpressFX 3 "	"Sony Creative Software Inc."	"c:\program files\sony\shared plug-ins\audio\sfxpfx3.dll"
+ "Sony ExpressFX Graphic EQ"	"Sony ExpressFX 3 "	"Sony Creative Software Inc."	"c:\program files\sony\shared plug-ins\audio\sfxpfx3.dll"
+ "Sony ExpressFX Noise Gate"	"Sony ExpressFX 3 "	"Sony Creative Software Inc."	"c:\program files\sony\shared plug-ins\audio\sfxpfx3.dll"
+ "Sony ExpressFX Noise Gate"	"Sony ExpressFX 3 "	"Sony Creative Software Inc."	"c:\program files\sony\shared plug-ins\audio\sfxpfx3.dll"
+ "Sony ExpressFX Reverb"	"Sony ExpressFX 1"	"Sony Creative Software Inc."	"c:\program files\sony\shared plug-ins\audio\sfxpfx1.dll"
+ "Sony ExpressFX Reverb"	"Sony ExpressFX 1"	"Sony Creative Software Inc."	"c:\program files\sony\shared plug-ins\audio\sfxpfx1.dll"
+ "Sony ExpressFX Stutter"	"Sony ExpressFX 1"	"Sony Creative Software Inc."	"c:\program files\sony\shared plug-ins\audio\sfxpfx1.dll"
+ "Sony ExpressFX Stutter"	"Sony ExpressFX 1"	"Sony Creative Software Inc."	"c:\program files\sony\shared plug-ins\audio\sfxpfx1.dll"
+ "Sony ExpressFX Time Stretch"	"Sony ExpressFX 3 "	"Sony Creative Software Inc."	"c:\program files\sony\shared plug-ins\audio\sfxpfx3.dll"
+ "Sony ExpressFX Time Stretch"	"Sony ExpressFX 3 "	"Sony Creative Software Inc."	"c:\program files\sony\shared plug-ins\audio\sfxpfx3.dll"
+ "Sony Flange/Wah-wah"	"Sony XFX 3 Plug-In Pack"	"Sony Creative Software Inc."	"c:\program files\sony\shared plug-ins\audio\sfppack3.dll"
+ "Sony Flange/Wah-wah"	"Sony XFX 3 Plug-In Pack"	"Sony Creative Software Inc."	"c:\program files\sony\shared plug-ins\audio\sfppack3.dll"
+ "Sony Gapper/Snipper"	"Sony XFX 3 Plug-In Pack"	"Sony Creative Software Inc."	"c:\program files\sony\shared plug-ins\audio\sfppack3.dll"
+ "Sony Gapper/Snipper"	"Sony XFX 3 Plug-In Pack"	"Sony Creative Software Inc."	"c:\program files\sony\shared plug-ins\audio\sfppack3.dll"
+ "Sony Graphic Dynamics"	"Sony XFX 2 Plug-In Pack"	"Sony Creative Software Inc."	"c:\program files\sony\shared plug-ins\audio\sfppack2.dll"
+ "Sony Graphic Dynamics"	"Sony XFX 2 Plug-In Pack"	"Sony Creative Software Inc."	"c:\program files\sony\shared plug-ins\audio\sfppack2.dll"
+ "Sony Graphic EQ"	"Sony XFX 2 Plug-In Pack"	"Sony Creative Software Inc."	"c:\program files\sony\shared plug-ins\audio\sfppack2.dll"
+ "Sony Graphic EQ"	"Sony XFX 2 Plug-In Pack"	"Sony Creative Software Inc."	"c:\program files\sony\shared plug-ins\audio\sfppack2.dll"
+ "Sony Multi-Band Dynamics"	"Sony XFX 2 Plug-In Pack"	"Sony Creative Software Inc."	"c:\program files\sony\shared plug-ins\audio\sfppack2.dll"
+ "Sony Multi-Band Dynamics"	"Sony XFX 2 Plug-In Pack"	"Sony Creative Software Inc."	"c:\program files\sony\shared plug-ins\audio\sfppack2.dll"
+ "Sony Multi-Tap Delay"	"Sony XFX 1 Plug-In Pack "	"Sony Creative Software Inc."	"c:\program files\sony\shared plug-ins\audio\sfppack1.dll"
+ "Sony Multi-Tap Delay"	"Sony XFX 1 Plug-In Pack "	"Sony Creative Software Inc."	"c:\program files\sony\shared plug-ins\audio\sfppack1.dll"
+ "Sony Noise Gate"	"Sony XFX 2 Plug-In Pack"	"Sony Creative Software Inc."	"c:\program files\sony\shared plug-ins\audio\sfppack2.dll"
+ "Sony Noise Gate"	"Sony XFX 2 Plug-In Pack"	"Sony Creative Software Inc."	"c:\program files\sony\shared plug-ins\audio\sfppack2.dll"
+ "Sony Pan"	"Sound Forge Pro Pan and Volume 1"	"Sony Creative Software Inc."	"c:\program files\sony\shared plug-ins\audio\sffrgpnv.dll"
+ "Sony Pan"	"Sound Forge Pro Pan and Volume 1"	"Sony Creative Software Inc."	"c:\program files\sony\shared plug-ins\audio\sffrgpnv.dll"
+ "Sony Paragraphic EQ"	"Sony XFX 2 Plug-In Pack"	"Sony Creative Software Inc."	"c:\program files\sony\shared plug-ins\audio\sfppack2.dll"
+ "Sony Paragraphic EQ"	"Sony XFX 2 Plug-In Pack"	"Sony Creative Software Inc."	"c:\program files\sony\shared plug-ins\audio\sfppack2.dll"
+ "Sony Parametric EQ"	"Sony XFX 2 Plug-In Pack"	"Sony Creative Software Inc."	"c:\program files\sony\shared plug-ins\audio\sfppack2.dll"
+ "Sony Parametric EQ"	"Sony XFX 2 Plug-In Pack"	"Sony Creative Software Inc."	"c:\program files\sony\shared plug-ins\audio\sfppack2.dll"
+ "Sony Pitch Shift"	"Sony XFX 1 Plug-In Pack "	"Sony Creative Software Inc."	"c:\program files\sony\shared plug-ins\audio\sfppack1.dll"
+ "Sony Pitch Shift"	"Sony XFX 1 Plug-In Pack "	"Sony Creative Software Inc."	"c:\program files\sony\shared plug-ins\audio\sfppack1.dll"
+ "Sony Resonant Filter"	"Sony Resonant Filter"	"Sony Creative Software Inc."	"c:\program files\sony\shared plug-ins\audio\sfresfilter.dll"
+ "Sony Resonant Filter"	"Sony Resonant Filter"	"Sony Creative Software Inc."	"c:\program files\sony\shared plug-ins\audio\sfresfilter.dll"
+ "Sony Reverb"	"Sony XFX 1 Plug-In Pack "	"Sony Creative Software Inc."	"c:\program files\sony\shared plug-ins\audio\sfppack1.dll"
+ "Sony Reverb"	"Sony XFX 1 Plug-In Pack "	"Sony Creative Software Inc."	"c:\program files\sony\shared plug-ins\audio\sfppack1.dll"
+ "Sony Simple Delay"	"Sony XFX 1 Plug-In Pack "	"Sony Creative Software Inc."	"c:\program files\sony\shared plug-ins\audio\sfppack1.dll"
+ "Sony Simple Delay"	"Sony XFX 1 Plug-In Pack "	"Sony Creative Software Inc."	"c:\program files\sony\shared plug-ins\audio\sfppack1.dll"
+ "Sony Smooth/Enhance"	"Sony XFX 3 Plug-In Pack"	"Sony Creative Software Inc."	"c:\program files\sony\shared plug-ins\audio\sfppack3.dll"
+ "Sony Smooth/Enhance"	"Sony XFX 3 Plug-In Pack"	"Sony Creative Software Inc."	"c:\program files\sony\shared plug-ins\audio\sfppack3.dll"
+ "Sony Time Stretch"	"Sony XFX 1 Plug-In Pack "	"Sony Creative Software Inc."	"c:\program files\sony\shared plug-ins\audio\sfppack1.dll"
+ "Sony Time Stretch"	"Sony XFX 1 Plug-In Pack "	"Sony Creative Software Inc."	"c:\program files\sony\shared plug-ins\audio\sfppack1.dll"
+ "Sony Track Compressor"	"Sony TrackFX 1"	"Sony Creative Software Inc."	"c:\program files\sony\shared plug-ins\audio\sftrkfx1.dll"
+ "Sony Track Compressor"	"Sony TrackFX 1"	"Sony Creative Software Inc."	"c:\program files\sony\shared plug-ins\audio\sftrkfx1.dll"
+ "Sony Track EQ"	"Sony TrackFX 1"	"Sony Creative Software Inc."	"c:\program files\sony\shared plug-ins\audio\sftrkfx1.dll"
+ "Sony Track EQ"	"Sony TrackFX 1"	"Sony Creative Software Inc."	"c:\program files\sony\shared plug-ins\audio\sftrkfx1.dll"
+ "Sony Track Noise Gate"	"Sony TrackFX 1"	"Sony Creative Software Inc."	"c:\program files\sony\shared plug-ins\audio\sftrkfx1.dll"
+ "Sony Track Noise Gate"	"Sony TrackFX 1"	"Sony Creative Software Inc."	"c:\program files\sony\shared plug-ins\audio\sftrkfx1.dll"
+ "Sony Vibrato"	"Sony XFX 3 Plug-In Pack"	"Sony Creative Software Inc."	"c:\program files\sony\shared plug-ins\audio\sfppack3.dll"
+ "Sony Vibrato"	"Sony XFX 3 Plug-In Pack"	"Sony Creative Software Inc."	"c:\program files\sony\shared plug-ins\audio\sfppack3.dll"
+ "Sony Volume"	"Sound Forge Pro Pan and Volume 1"	"Sony Creative Software Inc."	"c:\program files\sony\shared plug-ins\audio\sffrgpnv.dll"
+ "Sony Volume"	"Sound Forge Pro Pan and Volume 1"	"Sony Creative Software Inc."	"c:\program files\sony\shared plug-ins\audio\sffrgpnv.dll"
"HKLM\Software\Classes\CLSID\{083863F1-70DE-11d0-BD40-00A0C911CE86}\Instance"	""	""	""
+ "Bandisoft MPEG-1 Audio Decoder"	"Bandisoft Directshow Filter"	"www.Bandisoft.com"	"c:\program files\bandimpeg1\bdfilters.dll"
+ "Bandisoft MPEG-1 Video Decoder"	"Bandisoft Directshow Filter"	"www.Bandisoft.com"	"c:\program files\bandimpeg1\bdfilters.dll"
+ "Capture File Writer"	"Windows Live Video Acquisition Filters"	"Microsoft Corporation"	"c:\program files\windows live\photo gallery\wlxvafilt.dll"
+ "Record Queue"	"Windows Live Video Acquisition Filters"	"Microsoft Corporation"	"c:\program files\windows live\photo gallery\wlxvafilt.dll"
+ "Sony Wave Hammer Surround"	"Sony Wave Hammer 5.1"	"Sony Creative Software Inc."	"c:\program files\sony\shared plug-ins\audio\mchammer.dll"
+ "VCam Renderer"	"VCam filters"	"e2eSoft"	"c:\program files\yuna software\messenger plus! for skype\vcamfilter.ax"
+ "VCamWLM Renderer"	"VCamWLM filters"	"e2eSoft"	"c:\program files\yuna software\messenger plus!\vcamwlmfilter.ax"
+ "VD Effects"	"Video effects"	"Kimahri Software"	"c:\program files\yuna software\messenger plus! for skype\vdeffects.ax"
+ "VD Effects WLM"	"Video effects"	"Kimahri Software"	"c:\program files\yuna software\messenger plus!\vdeffectswlm.ax"
+ "WM VIH2 Fix"	"Windows Live Video Acquisition Filters"	"Microsoft Corporation"	"c:\program files\windows live\photo gallery\wlxvafilt.dll"
+ "WMT DV Extract Filter"	"Windows Live Video Acquisition Filters"	"Microsoft Corporation"	"c:\program files\windows live\photo gallery\wlxvafilt.dll"
+ "WMT Sample Info Filter"	"Windows Live Video Acquisition Filters"	"Microsoft Corporation"	"c:\program files\windows live\photo gallery\wlxvafilt.dll"
+ "WMT Switch Filter"	"Windows Live Video Acquisition Filters"	"Microsoft Corporation"	"c:\program files\windows live\photo gallery\wlxvafilt.dll"
+ "WMT Virtual Renderer"	"Windows Live Video Acquisition Filters"	"Microsoft Corporation"	"c:\program files\windows live\photo gallery\wlxvafilt.dll"
+ "WMT Virtual Source"	"Windows Live Video Acquisition Filters"	"Microsoft Corporation"	"c:\program files\windows live\photo gallery\wlxvafilt.dll"
+ "Xvid MPEG-4 Video Decoder"	""	""	"c:\windows\system32\xvid.ax"
"HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Authentication\Credential Providers"	""	""	""
+ "WLIDCredentialProvider"	"Microsoft® Windows Live ID Credential Provider"	"Microsoft Corp."	"c:\program files\common files\microsoft shared\windows live\wlidcredprov.dll"
"HKLM\System\CurrentControlSet\Services\WinSock2\Parameters\NameSpace_Catalog5\Catalog_Entries"	""	""	""
+ "mdnsNSP"	"Bonjour Namespace Provider"	"Apple Inc."	"c:\program files\bonjour\mdnsnsp.dll"
+ "WindowsLive Local NSP"	"Microsoft® Windows Live ID Namespace Provider"	"Microsoft Corp."	"c:\program files\common files\microsoft shared\windows live\wlidnsp.dll"
+ "WindowsLive NSP"	"Microsoft® Windows Live ID Namespace Provider"	"Microsoft Corp."	"c:\program files\common files\microsoft shared\windows live\wlidnsp.dll"