========== Standard Registry (SafeList) ==========
========== Internet Explorer ==========
IE:
64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page =
http://g.uk.msn.com/HPDSK13/2
IE:
64bit: - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE:
64bit: - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" =
http://www.bing.com/search?q={searchTerms}&form=IE10TR&src=IE10TR&pc=HPDTDFJS
IE:
64bit: - HKLM\..\SearchScopes\{71E01001-99FF-498B-B93A-7206E88B8338}: "URL" =
http://www.amazon.co.uk/s/ref=azs_o...ode=qs&index=aps&field-keywords={searchTerms}
IE:
64bit: - HKLM\..\SearchScopes\{D944BB61-2E34-4DBF-A683-47E505C587DC}: "URL" =
http://rover.ebay.com/rover/1/710-29550-11896-25/4 ?mpre=http%3A%2F%2Fwww.ebay.com%2Fsch%2F%3F_nkw%3D{searchTerms}&keyword={searchTerms}
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL =
http://g.uk.msn.com/HPDSK13/2
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page =
http://g.uk.msn.com/HPDSK13/2
IE - HKLM\..\SearchScopes,DefaultScope =
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" =
http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE - HKU\.DEFAULT\..\SearchScopes,DefaultScope =
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-18\..\SearchScopes,DefaultScope =
IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-19\..\SearchScopes,DefaultScope =
IE - HKU\S-1-5-20\..\SearchScopes,DefaultScope =
IE - HKU\S-1-5-21-3048388059-1154103495-501387454-1001\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL =
http://www.google.com/ie
IE - HKU\S-1-5-21-3048388059-1154103495-501387454-1001\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page =
http://www.google.com/
IE - HKU\S-1-5-21-3048388059-1154103495-501387454-1001\SOFTWARE\Microsoft\Internet Explorer\Search,Default_Search_URL =
http://www.google.com/ie
IE - HKU\S-1-5-21-3048388059-1154103495-501387454-1001\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant =
http://www.google.com/ie
IE - HKU\S-1-5-21-3048388059-1154103495-501387454-1001\..\SearchScopes,DefaultScope =
IE - HKU\S-1-5-21-3048388059-1154103495-501387454-1001\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" =
http://www.google.com/search?q={sear
IE - HKU\S-1-5-21-3048388059-1154103495-501387454-1001\..\SearchScopes\{8C8FB876-16BA-43EB-8378-B038D9F30862}: "URL" =
http://www.google.com/search?q={searchTerms}&sourceid=ie7&rls=com.microsoft:en-US&ie=utf8&oe=utf8
IE - HKU\S-1-5-21-3048388059-1154103495-501387454-1001\..\SearchScopes\{F8CD277C-A6AA-4DAD-9D89-AC406EE10781}: "URL" =
http://uk.search.yahoo.com/search?fr=mcafee&type=A011GB739&p={SearchTerms}
IE - HKU\S-1-5-21-3048388059-1154103495-501387454-1001\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
========== FireFox ==========
FF - prefs.js..browser.search.defaultenginename: "Secure Search"
FF - prefs.js..browser.search.order.1: "Secure Search"
FF - prefs.js..browser.search.selectedEngine: "Secure Search"
FF - prefs.js..browser.startup.homepage: "
https://www.google.co.uk"
FF - prefs.js..extensions.enabledAddons: %7B195A3098-0BD5-4e90-AE22-BA1C540AFD1E%7D:4.1.0
FF - prefs.js..extensions.enabledAddons: %7B4ED1F68A-5463-4931-9384-8FFF5ED91D92%7D:3.6.4
FF - prefs.js..extensions.enabledAddons: %7B972ce4c6-7e08-4474-a285-3208198ce6fd%7D:26.0
FF - prefs.js..keyword.URL: "
http://uk.search.yahoo.com/search?fr=mcafee&type=A111GB739&p="
FF - user.js - File not found
FF:
64bit: - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\windows\system32\Macromed\Flash\NPSWF64_11_7_700_224.dll File not found
FF:
64bit: - HKLM\Software\MozillaPlugins\@mcafee.com/MSC,version=10: c:\PROGRA~1\mcafee\msc\NPMCSN~1.DLL ()
FF:
64bit: - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files\Microsoft Silverlight\5.1.20913.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\windows\SysWOW64\Macromed\Flash\NPSWF32_11_7_700_224.dll ()
FF - HKLM\Software\MozillaPlugins\@adobe.com/ShockwavePlayer: C:\windows\SysWOW64\Adobe\Director\np32dsw_1202122.dll (Adobe Systems, Inc.)
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=: File not found
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF - HKLM\Software\MozillaPlugins\@Google.com/GoogleEarthPlugin: C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.45.2: C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.45.2: C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@mcafee.com/McAfeeMssPlugin: C:\Program Files\McAfee Security Scan\3.8.130\npMcAfeeMss.dll (McAfee, Inc.)
FF - HKLM\Software\MozillaPlugins\@mcafee.com/MSC,version=10: c:\PROGRA~2\mcafee\msc\NPMCSN~1.DLL ()
FF - HKLM\Software\MozillaPlugins\@mcafee.com/SAFFPlugin: C:\Program Files (x86)\McAfee\SiteAdvisor\npmcffplg32.dll (McAfee, Inc.)
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files (x86)\Microsoft Silverlight\5.1.20913.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=16.4.3505.0912: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files (x86)\Google\Update\1.3.22.3\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files (x86)\Google\Update\1.3.22.3\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@WildTangent.com/GamesAppPresenceDetector,Version=1.0: C:\Program Files (x86)\WildTangent Games\App\BrowserIntegration\Registered\1\NP_wtapp.dll ()
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{4ED1F68A-5463-4931-9384-8FFF5ED91D92}: C:\Program Files (x86)\McAfee\SiteAdvisor [2014/01/13 22:16:00 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 26.0\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 26.0\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins
FF - HKEY_LOCAL_MACHINE\software\mozilla\Thunderbird\Extensions\\
msktbird@mcafee.com: C:\Program Files\McAfee\MSK [2013/12/28 17:15:59 | 000,000,000 | ---D | M]
[2013/06/17 11:03:59 | 000,000,000 | ---D | M] (No name found) -- C:\Users\sarah\AppData\Roaming\mozilla\Extensions
[2013/12/20 01:26:35 | 000,000,000 | ---D | M] (No name found) -- C:\Users\sarah\AppData\Roaming\mozilla\Firefox\Profiles\f9jbdcic.default\extensions
[2013/11/20 14:27:38 | 000,000,000 | ---D | M] (Garmin Communicator) -- C:\Users\sarah\AppData\Roaming\mozilla\Firefox\Profiles\f9jbdcic.default\extensions\{195A3098-0BD5-4e90-AE22-BA1C540AFD1E}
[2013/12/20 01:26:35 | 000,000,000 | ---D | M] (iCloud Bookmarks) -- C:\Users\sarah\AppData\Roaming\mozilla\Firefox\Profiles\f9jbdcic.default\extensions\
firefoxdav@icloud.com
[2013/12/20 12:34:26 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\Mozilla Firefox\browser\extensions
[2013/12/20 12:34:32 | 000,000,000 | ---D | M] (Default) -- C:\Program Files (x86)\Mozilla Firefox\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
[2014/01/13 22:16:00 | 000,000,000 | ---D | M] (McAfee SiteAdvisor) -- C:\PROGRAM FILES (X86)\MCAFEE\SITEADVISOR
========== Chrome ==========
CHR - default_search_provider: Google (Enabled)
CHR - default_search_provider: search_url = {google:baseURL}search?q={searchTerms}&{google:RLZ}{google
riginalQueryForSuggestion}{google:assistedQueryStats}{google:searchFieldtrialParameter}{google:bookmarkBarPinned}{google:searchClient}{google:sourceId}{google:instantExtendedEnabledParameter}{google
mniboxStartMarginParameter}ie={inputEncoding}
CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client={google:suggestClient}&xssi=t&q={searchTerms}&{google:cursorPosition}{google:zeroPrefixUrl}{google
ageClassification}sugkey={google:suggestAPIKeyParameter},
CHR - homepage:
https://www.google.co.uk/
CHR - Extension: Google Docs = C:\Users\sarah\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake\0.5_1\
CHR - Extension: Google Drive = C:\Users\sarah\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\6.3_1\
CHR - Extension: YouTube = C:\Users\sarah\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.6_1\
CHR - Extension: Google Search = C:\Users\sarah\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.20_1\
CHR - Extension: SiteAdvisor = C:\Users\sarah\AppData\Local\Google\Chrome\User Data\Default\Extensions\fheoggkfdfchfphceeifdbepaooicaho\3.6.4.1311_0\
CHR - Extension: Google Wallet = C:\Users\sarah\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.6.0_0\
CHR - Extension: Gmail = C:\Users\sarah\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_2\
O1 HOSTS File: ([2014/02/02 22:02:25 | 000,000,027 | ---- | M]) - C:\Windows\SysNative\Drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O2:
64bit: - BHO: (McAfee SiteAdvisor BHO) - {B164E929-A1B6-4A06-B104-2CD0E90A88FF} - c:\Program Files (x86)\McAfee\SiteAdvisor\x64\McIEPlg.dll (McAfee, Inc.)
O2:
64bit: - BHO: (HP Network Check Helper) - {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPluginx64.dll (Hewlett-Packard)
O2 - BHO: (MSS+ Identifier) - {0E8A89AD-95D7-40EB-8D9D-083EF7066A01} - C:\Program Files\McAfee Security Scan\3.8.130\McAfeeMSS_IE.dll (McAfee, Inc.)
O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
O2 - BHO: (McAfee SiteAdvisor BHO) - {B164E929-A1B6-4A06-B104-2CD0E90A88FF} - c:\Program Files (x86)\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.)
O2 - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
O2 - BHO: (HP Network Check Helper) - {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll (Hewlett-Packard)
O3:
64bit: - HKLM\..\Toolbar: (McAfee SiteAdvisor Toolbar) - {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\Program Files (x86)\McAfee\SiteAdvisor\x64\McIEPlg.dll (McAfee, Inc.)
O3 - HKLM\..\Toolbar: (McAfee SiteAdvisor Toolbar) - {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\Program Files (x86)\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.)
O3 - HKU\S-1-5-21-3048388059-1154103495-501387454-1001\..\Toolbar\WebBrowser: (no name) - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - No CLSID value found.
O4:
64bit: - HKLM..\Run: [BeatsOSDApp] C:\Program Files\IDT\WDM\Beats64.exe (Hewlett-Packard )
O4:
64bit: - HKLM..\Run: [SysTrayApp] C:\Program Files\IDT\WDM\sttray64.exe (IDT, Inc.)
O4 - HKLM..\Run: [APSDaemon] C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe (Apple Inc.)
O4 - HKLM..\Run: [BATINDICATOR] C:\Program Files (x86)\Hewlett-Packard\HP Keyboard\BATINDICATOR.exe (Hewlett-Packard)
O4 - HKLM..\Run: [BATINDICATORHL] C:\Program Files (x86)\Hewlett-Packard\HP Keyboard\BATINDICATOR_HIDList.exe (Hewlett-Packard)
O4 - HKLM..\Run: [BingDesktop] C:\Program Files (x86)\Microsoft\BingDesktop\BingDesktop.exe (Microsoft Corp.)
O4 - HKLM..\Run: [KiesTrayAgent] C:\Program Files (x86)\Samsung\Kies\KiesTrayAgent.exe (Samsung Electronics Co., Ltd.)
O4 - HKLM..\Run: [mcpltui_exe] C:\Program Files\McAfee.com\Agent\mcagent.exe (McAfee, Inc.)
O4 - HKLM..\Run: [mcui_exe] C:\Program Files\McAfee.com\Agent\mcagent.exe (McAfee, Inc.)
O4 - HKLM..\Run: [OSDTool] C:\Program Files (x86)\Hewlett-Packard\HP Keyboard\CNYHKEY.exe (Hewlett-Packard)
O4 - HKU\S-1-5-21-3048388059-1154103495-501387454-1001..\Run: [ANT Agent] C:\Program Files (x86)\Garmin\ANT Agent\ANT Agent.exe (GARMIN Corp.)
O4 - HKU\S-1-5-21-3048388059-1154103495-501387454-1001..\Run: [ApplePhotoStreams] C:\Program Files (x86)\Common Files\Apple\Internet Services\ApplePhotoStreams.exe (Apple Inc.)
O4 - HKU\S-1-5-21-3048388059-1154103495-501387454-1001..\Run: [iCloudServices] C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe (Apple Inc.)
O4 - HKU\S-1-5-21-3048388059-1154103495-501387454-1001..\Run: [KiesAirMessage] C:\Program Files (x86)\Samsung\Kies\KiesAirMessage.exe (Samsung Electronics)
O4 - HKU\S-1-5-21-3048388059-1154103495-501387454-1001..\Run: [KiesPreload] C:\Program Files (x86)\Samsung\Kies\Kies.exe (Samsung)
O4:
64bit: - HKLM..\RunOnce: [NCPluginUpdater] c:\program files (x86)\hewlett-packard\hp health check\activecheck\product_line\NCPluginUpdater.exe (Hewlett-Packard)
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoControlPanel = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableCursorSuppression = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O7 - HKU\.DEFAULT\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-18\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-19\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-20\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-21-3048388059-1154103495-501387454-1001\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-21-3048388059-1154103495-501387454-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O9:
64bit: - Extra Button: @C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPluginx64.dll,-103 - {25510184-5A38-4A99-B273-DCA8EEF6CD08} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\NCLauncherFromIE.exe (Hewlett-Packard)
O9:
64bit: - Extra 'Tools' menuitem : @C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPluginx64.dll,-102 - {25510184-5A38-4A99-B273-DCA8EEF6CD08} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\NCLauncherFromIE.exe (Hewlett-Packard)
O9 - Extra Button: @C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll,-103 - {25510184-5A38-4A99-B273-DCA8EEF6CD08} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\NCLauncherFromIE.exe (Hewlett-Packard)
O9 - Extra 'Tools' menuitem : @C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll,-102 - {25510184-5A38-4A99-B273-DCA8EEF6CD08} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\NCLauncherFromIE.exe (Hewlett-Packard)
O10:
64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000007 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000007 [] - C:\Program Files (x86)\Bonjour\mdnsNSP.dll (Apple Inc.)
O13 - gopher Prefix: missing
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.254 192.168.1.254
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{C78E59CE-E374-45F7-9183-6DBA27383EC7}: DhcpNameServer = 192.168.1.254 192.168.1.254
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{FB33815A-B733-4E7B-8B5F-6A2E595E8F63}: DhcpNameServer = 192.168.1.254 192.168.1.254
O18:
64bit: - Protocol\Handler\dssrequest {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files (x86)\McAfee\SiteAdvisor\x64\McIEPlg.dll (McAfee, Inc.)
O18:
64bit: - Protocol\Handler\grooveLocalGWS - No CLSID value found
O18:
64bit: - Protocol\Handler\ms-help - No CLSID value found
O18:
64bit: - Protocol\Handler\sacore {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files (x86)\McAfee\SiteAdvisor\x64\McIEPlg.dll (McAfee, Inc.)
O18:
64bit: - Protocol\Handler\wlpg - No CLSID value found
O18 - Protocol\Handler\dssrequest {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files (x86)\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.)
O18 - Protocol\Handler\sacore {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files (x86)\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.)
O18:
64bit: - Protocol\Filter\application/x-mfe-ipt {3EF5086B-5478-4598-A054-786C45D75692} - c:\Program Files\McAfee\MSC\McSnIePl64.dll (McAfee, Inc.)
O18 - Protocol\Filter\application/x-mfe-ipt {3EF5086B-5478-4598-A054-786C45D75692} - c:\Program Files (x86)\McAfee\MSC\McSnIePl.dll (McAfee, Inc.)
O20:
64bit: - HKLM Winlogon: Shell - (Explorer.exe) - C:\windows\explorer.exe (Microsoft Corporation)
O20:
64bit: - HKLM Winlogon: UserInit - (C:\windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\windows\system32\userinit.exe) - C:\Windows\SysWOW64\userinit.exe (Microsoft Corporation)
O21:
64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O30 - LSA: Security Packages - (livessp) - File not found
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2013/12/19 14:37:53 | 000,000,000 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O34 - HKLM BootExecute: (autocheck autochk *)
O35:
64bit: - HKLM\..comfile [open] -- "%1" %*
O35:
64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:
64bit: - HKLM\...com [@ = ComFile] -- "%1" %*
O37:
64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = ComFile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)
========== Files/Folders - Created Within 30 Days ==========
[2014/02/04 22:53:26 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\McAfee
[2014/02/04 22:52:04 | 001,037,530 | ---- | C] (Thisisu) -- C:\Users\sarah\Desktop\JRT_NEW.exe
[2014/02/02 22:05:20 | 000,000,000 | -HSD | C] -- C:\$RECYCLE.BIN
[2014/02/02 21:16:31 | 000,117,464 | ---- | C] (Malwarebytes Corporation) -- C:\windows\SysNative\drivers\MBAMSwissArmy.sys
[2014/02/02 21:03:18 | 000,089,304 | ---- | C] (Malwarebytes Corporation) -- C:\windows\SysNative\drivers\mbamchameleon.sys.bak
[2014/01/28 21:58:34 | 000,000,000 | ---D | C] -- C:\ProgramData\HP
[2014/01/22 18:00:33 | 000,197,704 | ---- | C] (McAfee, Inc.) -- C:\windows\SysNative\drivers\HipShieldK.sys
[2014/01/16 07:31:19 | 000,000,000 | ---D | C] -- C:\ProgramData\Recovery
[2014/01/15 22:53:58 | 000,000,000 | ---D | C] -- C:\_OTL
[2014/01/14 16:15:54 | 000,000,000 | ---D | C] -- C:\ProgramData\Package Cache
[2014/01/13 22:28:20 | 000,000,000 | ---D | C] -- C:\windows\ERUNT
[2014/01/13 22:11:05 | 000,000,000 | ---D | C] -- C:\AdwCleaner
[2014/01/08 18:58:44 | 000,518,144 | ---- | C] (SteelWerX) -- C:\windows\SWREG.exe
[2014/01/08 18:58:44 | 000,406,528 | ---- | C] (SteelWerX) -- C:\windows\SWSC.exe
[2014/01/08 18:58:44 | 000,212,480 | ---- | C] (SteelWerX) -- C:\windows\SWXCACLS.exe
[2014/01/08 18:58:44 | 000,060,416 | ---- | C] (NirSoft) -- C:\windows\NIRCMD.exe
[2014/01/08 18:57:52 | 000,000,000 | ---D | C] -- C:\Qoobox
[2014/01/08 18:57:19 | 000,000,000 | ---D | C] -- C:\windows\erdnt
[2014/01/06 13:25:43 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes' Anti-Malware (portable)
[2014/01/06 13:23:57 | 000,089,304 | ---- | C] (Malwarebytes Corporation) -- C:\windows\SysNative\drivers\mbamchameleon.sys
[2014/01/06 13:23:55 | 000,000,000 | ---D | C] -- C:\Users\sarah\Desktop\mbar
[2014/01/06 13:17:34 | 000,322,800 | ---- | C] (VIA Corporation) -- C:\windows\SysNative\drivers\VSTXRAID.SYS.bak
[2014/01/06 13:17:13 | 000,550,912 | ---- | C] (IDT, Inc.) -- C:\windows\SysNative\drivers\stwrt64.sys.bak
[2014/01/06 13:17:11 | 000,204,568 | ---- | C] (DEVGURU Co., LTD.(
www.devguru.co.kr)) -- C:\windows\SysNative\drivers\ssudmdm.sys.bak
[2014/01/06 13:17:10 | 000,107,288 | ---- | C] (DEVGURU Co., LTD.(
www.devguru.co.kr)) -- C:\windows\SysNative\drivers\ssudbus.sys.bak
[2014/01/06 13:16:48 | 002,482,960 | ---- | C] (Ralink Technology, Corp.) -- C:\windows\SysNative\drivers\netr28x.sys.bak
[2014/01/06 13:16:43 | 000,064,240 | ---- | C] (Marvell Semiconductor, Inc.) -- C:\windows\SysNative\drivers\mvumis.sys.bak
[2014/01/06 13:16:35 | 000,066,040 | ---- | C] (Mozy, Inc.) -- C:\windows\SysNative\drivers\MOBK.sys.bak
[2014/01/06 13:16:34 | 000,411,944 | ---- | C] (McAfee, Inc.) -- C:\windows\SysNative\drivers\mfencbdc.sys.bak
[2014/01/06 13:16:34 | 000,343,696 | ---- | C] (McAfee, Inc.) -- C:\windows\SysNative\drivers\mfewfpk.sys.bak
[2014/01/06 13:16:34 | 000,096,112 | ---- | C] (McAfee, Inc.) -- C:\windows\SysNative\drivers\mfencrk.sys.bak
[2014/01/06 13:16:33 | 000,782,616 | ---- | C] (McAfee, Inc.) -- C:\windows\SysNative\drivers\mfehidk.sys.bak
[2014/01/06 13:16:33 | 000,519,576 | ---- | C] (McAfee, Inc.) -- C:\windows\SysNative\drivers\mfefirek.sys.bak
[2014/01/06 13:16:33 | 000,069,344 | ---- | C] (McAfee, Inc.) -- C:\windows\SysNative\drivers\mfeelamk.sys.bak
[2014/01/06 13:16:32 | 000,311,120 | ---- | C] (McAfee, Inc.) -- C:\windows\SysNative\drivers\mfeavfk.sys.bak
[2014/01/06 13:16:32 | 000,010,856 | ---- | C] (McAfee, Inc.) -- C:\windows\SysNative\drivers\mfeclnrk.sys.bak
[2014/01/06 13:16:31 | 000,179,792 | ---- | C] (McAfee, Inc.) -- C:\windows\SysNative\drivers\mfeapfk.sys.bak
[2014/01/06 13:16:30 | 000,074,560 | ---- | C] (McAfee, Inc.) -- C:\windows\SysNative\drivers\McPvDrv.sys.bak
[2014/01/06 13:16:29 | 000,025,928 | ---- | C] (Malwarebytes Corporation) -- C:\windows\SysNative\drivers\mbam.sys.bak
[2014/01/06 13:16:28 | 000,081,136 | ---- | C] (LSI Corporation) -- C:\windows\SysNative\drivers\lsi_sss.sys.bak
[2014/01/06 13:16:27 | 000,092,400 | ---- | C] (LSI Corporation) -- C:\windows\SysNative\drivers\lsi_sas2.sys.bak
[2014/01/06 13:16:26 | 000,044,480 | ---- | C] (
http://libusb-win32.sourceforge.net) -- C:\windows\SysNative\drivers\libusb0.sys.bak
[2014/01/06 13:16:25 | 000,110,744 | ---- | C] (Qualcomm Atheros Co., Ltd.) -- C:\windows\SysNative\drivers\L1C63x64.sys.bak
[2014/01/06 13:16:16 | 000,197,704 | ---- | C] (McAfee, Inc.) -- C:\windows\SysNative\drivers\HipShieldK.sys.bak
[2014/01/06 13:16:12 | 000,078,192 | ---- | C] (Hauppauge Computer Works, Inc.) -- C:\windows\SysNative\drivers\hcw17b64.sys.bak
[2014/01/06 13:15:58 | 000,027,456 | ---- | C] (Windows (R) Codename Longhorn DDK provider) -- C:\windows\SysNative\drivers\cpqdfw.sys.bak
[2014/01/06 13:15:57 | 000,092,536 | ---- | C] (CyberLink) -- C:\windows\SysNative\drivers\CLVirtualDrive.sys.bak
[2014/01/06 13:15:55 | 000,070,112 | ---- | C] (McAfee, Inc.) -- C:\windows\SysNative\drivers\cfwids.sys.bak
[2014/01/06 13:15:48 | 000,258,288 | ---- | C] (AMD Technologies Inc.) -- C:\windows\SysNative\drivers\amdsbs.sys.bak
[2014/01/06 13:15:43 | 000,106,736 | ---- | C] (LSI) -- C:\windows\SysNative\drivers\3ware.sys.bak
[2014/01/06 13:11:19 | 000,000,000 | ---D | C] -- C:\Users\sarah\Desktop\RK_Quarantine
[2 C:\windows\*.tmp files -> C:\windows\*.tmp -> ]
========== Files - Modified Within 30 Days ==========
[2014/02/04 23:02:00 | 000,000,912 | ---- | M] () -- C:\windows\tasks\GoogleUpdateTaskMachineUA.job
[2014/02/04 22:53:26 | 000,001,846 | ---- | M] () -- C:\Users\Public\Desktop\McAfee Total Protection.lnk
[2014/02/04 22:53:23 | 000,847,336 | ---- | M] () -- C:\windows\SysNative\PerfStringBackup.INI
[2014/02/04 22:53:23 | 000,710,038 | ---- | M] () -- C:\windows\SysNative\perfh009.dat
[2014/02/04 22:53:23 | 000,147,664 | ---- | M] () -- C:\windows\SysNative\perfc009.dat
[2014/02/04 22:50:25 | 000,000,908 | ---- | M] () -- C:\windows\tasks\GoogleUpdateTaskMachineCore.job
[2014/02/04 22:50:17 | 000,067,584 | --S- | M] () -- C:\windows\bootstat.dat
[2014/02/04 22:48:22 | 000,000,348 | ---- | M] () -- C:\windows\tasks\HPCeeScheduleForsarah.job
[2014/02/04 22:48:16 | 268,435,456 | -HS- | M] () -- C:\swapfile.sys
[2014/02/04 22:48:11 | 2489,155,583 | -HS- | M] () -- C:\hiberfil.sys
[2014/02/04 16:04:16 | 000,002,185 | ---- | M] () -- C:\Users\Public\Desktop\Google Chrome.lnk
[2014/02/04 07:38:30 | 001,037,530 | ---- | M] (Thisisu) -- C:\Users\sarah\Desktop\JRT_NEW.exe
[2014/02/02 22:02:25 | 000,000,027 | ---- | M] () -- C:\windows\SysNative\drivers\etc\hosts
[2014/02/02 21:16:31 | 000,117,464 | ---- | M] (Malwarebytes Corporation) -- C:\windows\SysNative\drivers\MBAMSwissArmy.sys
[2014/02/02 21:15:48 | 000,089,304 | ---- | M] (Malwarebytes Corporation) -- C:\windows\SysNative\drivers\mbamchameleon.sys
[2014/02/02 21:04:05 | 000,322,800 | ---- | M] (VIA Corporation) -- C:\windows\SysNative\drivers\VSTXRAID.SYS.bak
[2014/02/02 21:03:51 | 000,550,912 | ---- | M] (IDT, Inc.) -- C:\windows\SysNative\drivers\stwrt64.sys.bak
[2014/02/02 21:03:49 | 000,204,568 | ---- | M] (DEVGURU Co., LTD.(
www.devguru.co.kr)) -- C:\windows\SysNative\drivers\ssudmdm.sys.bak
[2014/02/02 21:03:49 | 000,107,288 | ---- | M] (DEVGURU Co., LTD.(
www.devguru.co.kr)) -- C:\windows\SysNative\drivers\ssudbus.sys.bak
[2014/02/02 21:03:32 | 002,482,960 | ---- | M] (Ralink Technology, Corp.) -- C:\windows\SysNative\drivers\netr28x.sys.bak
[2014/02/02 21:03:28 | 000,064,240 | ---- | M] (Marvell Semiconductor, Inc.) -- C:\windows\SysNative\drivers\mvumis.sys.bak
[2014/02/02 21:03:22 | 000,066,040 | ---- | M] (Mozy, Inc.) -- C:\windows\SysNative\drivers\MOBK.sys.bak
[2014/02/02 21:03:21 | 000,782,616 | ---- | M] (McAfee, Inc.) -- C:\windows\SysNative\drivers\mfehidk.sys.bak
[2014/02/02 21:03:21 | 000,411,944 | ---- | M] (McAfee, Inc.) -- C:\windows\SysNative\drivers\mfencbdc.sys.bak
[2014/02/02 21:03:21 | 000,343,696 | ---- | M] (McAfee, Inc.) -- C:\windows\SysNative\drivers\mfewfpk.sys.bak
[2014/02/02 21:03:21 | 000,096,112 | ---- | M] (McAfee, Inc.) -- C:\windows\SysNative\drivers\mfencrk.sys.bak
[2014/02/02 21:03:20 | 000,519,576 | ---- | M] (McAfee, Inc.) -- C:\windows\SysNative\drivers\mfefirek.sys.bak
[2014/02/02 21:03:20 | 000,311,120 | ---- | M] (McAfee, Inc.) -- C:\windows\SysNative\drivers\mfeavfk.sys.bak
[2014/02/02 21:03:20 | 000,179,792 | ---- | M] (McAfee, Inc.) -- C:\windows\SysNative\drivers\mfeapfk.sys.bak
[2014/02/02 21:03:20 | 000,069,344 | ---- | M] (McAfee, Inc.) -- C:\windows\SysNative\drivers\mfeelamk.sys.bak
[2014/02/02 21:03:20 | 000,010,856 | ---- | M] (McAfee, Inc.) -- C:\windows\SysNative\drivers\mfeclnrk.sys.bak
[2014/02/02 21:03:19 | 000,089,304 | ---- | M] (Malwarebytes Corporation) -- C:\windows\SysNative\drivers\mbamchameleon.sys.bak
[2014/02/02 21:03:19 | 000,074,560 | ---- | M] (McAfee, Inc.) -- C:\windows\SysNative\drivers\McPvDrv.sys.bak
[2014/02/02 21:03:18 | 000,025,928 | ---- | M] (Malwarebytes Corporation) -- C:\windows\SysNative\drivers\mbam.sys.bak
[2014/02/02 21:03:17 | 000,092,400 | ---- | M] (LSI Corporation) -- C:\windows\SysNative\drivers\lsi_sas2.sys.bak
[2014/02/02 21:03:17 | 000,081,136 | ---- | M] (LSI Corporation) -- C:\windows\SysNative\drivers\lsi_sss.sys.bak
[2014/02/02 21:03:16 | 000,110,744 | ---- | M] (Qualcomm Atheros Co., Ltd.) -- C:\windows\SysNative\drivers\L1C63x64.sys.bak
[2014/02/02 21:03:16 | 000,044,480 | ---- | M] (
http://libusb-win32.sourceforge.net) -- C:\windows\SysNative\drivers\libusb0.sys.bak
[2014/02/02 21:03:08 | 000,197,704 | ---- | M] (McAfee, Inc.) -- C:\windows\SysNative\drivers\HipShieldK.sys.bak
[2014/02/02 21:03:05 | 000,078,192 | ---- | M] (Hauppauge Computer Works, Inc.) -- C:\windows\SysNative\drivers\hcw17b64.sys.bak
[2014/02/02 21:03:02 | 000,022,704 | ---- | M] () -- C:\windows\SysNative\drivers\EsgScanner.sys.bak
[2014/02/02 21:02:56 | 000,027,456 | ---- | M] (Windows (R) Codename Longhorn DDK provider) -- C:\windows\SysNative\drivers\cpqdfw.sys.bak
[2014/02/02 21:02:54 | 000,092,536 | ---- | M] (CyberLink) -- C:\windows\SysNative\drivers\CLVirtualDrive.sys.bak
[2014/02/02 21:02:53 | 000,070,112 | ---- | M] (McAfee, Inc.) -- C:\windows\SysNative\drivers\cfwids.sys.bak
[2014/02/02 21:02:47 | 000,258,288 | ---- | M] (AMD Technologies Inc.) -- C:\windows\SysNative\drivers\amdsbs.sys.bak
[2014/02/02 21:02:45 | 000,106,736 | ---- | M] (LSI) -- C:\windows\SysNative\drivers\3ware.sys.bak
[2 C:\windows\*.tmp files -> C:\windows\*.tmp -> ]
========== Files Created - No Company Name ==========
[2014/01/08 18:58:44 | 000,256,000 | ---- | C] () -- C:\windows\PEV.exe
[2014/01/08 18:58:44 | 000,208,896 | ---- | C] () -- C:\windows\MBR.exe
[2014/01/08 18:58:44 | 000,098,816 | ---- | C] () -- C:\windows\sed.exe
[2014/01/08 18:58:44 | 000,080,412 | ---- | C] () -- C:\windows\grep.exe
[2014/01/08 18:58:44 | 000,068,096 | ---- | C] () -- C:\windows\zip.exe
[2014/01/06 13:16:06 | 000,022,704 | ---- | C] () -- C:\windows\SysNative\drivers\EsgScanner.sys.bak
[2013/09/11 14:28:29 | 000,083,968 | ---- | C] () -- C:\windows\SysWow64\OEMLicense.dll
[2013/06/19 09:47:35 | 000,000,604 | -H-- | C] () -- C:\Program Files (x86)\STFT Notifier
[2013/06/17 10:21:41 | 000,000,141 | ---- | C] () -- C:\ProgramData\Microsoft.SqlServer.Compact.351.64.bc
[2013/05/23 00:50:10 | 000,000,401 | ---- | C] () -- C:\windows\ODBCINST.INI
[2013/05/23 00:50:10 | 000,000,135 | ---- | C] () -- C:\windows\ODBC.INI
[2013/05/23 00:49:47 | 000,142,337 | ---- | C] () -- C:\windows\SysWow64\Wait.exe
[2013/05/23 00:49:40 | 000,006,026 | ---- | C] () -- C:\windows\HCWPNP.INI
[2013/05/22 19:43:52 | 000,030,568 | ---- | C] () -- C:\windows\MusiccityDownload.exe
[2013/05/22 19:43:48 | 000,974,848 | ---- | C] () -- C:\windows\SysWow64\cis-2.4.dll
[2013/05/22 19:43:48 | 000,081,920 | ---- | C] () -- C:\windows\SysWow64\issacapi_bs-2.3.dll
[2013/05/22 19:43:48 | 000,065,536 | ---- | C] () -- C:\windows\SysWow64\issacapi_pe-2.3.dll
[2013/05/22 19:43:48 | 000,057,344 | ---- | C] () -- C:\windows\SysWow64\issacapi_se-2.3.dll
[2013/03/27 21:56:16 | 000,165,480 | ---- | C] () -- C:\windows\SysWow64\AirfoilInject3.dll
[2012/10/26 15:42:24 | 000,336,232 | ---- | C] () -- C:\windows\SysWow64\DevManagerCore.dll
[2012/10/26 15:42:22 | 010,919,784 | ---- | C] () -- C:\windows\SysWow64\LogiDPP.dll
[2012/10/26 15:42:22 | 000,103,272 | ---- | C] () -- C:\windows\SysWow64\LogiDPPApp.exe
[2012/08/10 15:10:05 | 000,915,038 | ---- | C] () -- C:\windows\SysWow64\PerfStringBackup.INI
[2012/07/26 08:13:10 | 000,215,943 | ---- | C] () -- C:\windows\SysWow64\dssec.dat
[2012/07/26 08:13:09 | 000,000,741 | ---- | C] () -- C:\windows\SysWow64\NOISE.DAT
[2012/07/26 07:21:26 | 000,067,584 | --S- | C] () -- C:\windows\bootstat.dat
[2012/07/26 01:17:42 | 000,043,520 | ---- | C] () -- C:\windows\SysWow64\BWContextHandler.dll
[2012/07/25 20:37:29 | 000,043,131 | ---- | C] () -- C:\windows\mib.bin
[2012/07/25 20:28:31 | 000,364,544 | ---- | C] () -- C:\windows\SysWow64\msjetoledb40.dll
[2012/07/25 20:22:54 | 000,982,240 | ---- | C] () -- C:\windows\SysWow64\igkrng500.bin
[2012/07/25 20:22:54 | 000,439,308 | ---- | C] () -- C:\windows\SysWow64\igcompkrng500.bin
[2012/07/25 20:22:54 | 000,092,356 | ---- | C] () -- C:\windows\SysWow64\igfcg500m.bin
[2012/07/02 20:11:02 | 000,016,384 | ---- | C] () -- C:\windows\SysWow64\theowl.dll
[2012/06/02 14:31:19 | 000,673,088 | ---- | C] () -- C:\windows\SysWow64\mlang.dat
========== ZeroAccess Check ==========
[2013/05/23 00:45:16 | 000,000,227 | RHS- | M] () -- C:\windows\assembly\Desktop.ini
[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] /64
[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
"" = C:\Windows\SysNative\shell32.dll -- [2013/08/02 06:28:20 | 019,758,080 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2013/08/02 05:08:10 | 017,561,088 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\fastprox.dll -- [2012/07/26 03:05:38 | 001,004,544 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2012/07/26 03:18:27 | 000,784,896 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\wbemess.dll -- [2012/07/26 03:07:41 | 000,455,680 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]
========== LOP Check ==========
[2013/12/18 22:25:57 | 000,000,000 | ---D | M] -- C:\Users\Fred\AppData\Roaming\Audacity
[2013/12/18 19:45:58 | 000,000,000 | ---D | M] -- C:\Users\Fred\AppData\Roaming\Music Editor Free
[2013/07/02 17:56:19 | 000,000,000 | ---D | M] -- C:\Users\Fred\AppData\Roaming\WebApp
[2014/02/04 15:58:01 | 000,000,000 | ---D | M] -- C:\Users\George\AppData\Roaming\.minecraft
[2013/09/04 20:58:36 | 000,000,000 | ---D | M] -- C:\Users\George\AppData\Roaming\Amazon
[2013/12/15 22:45:08 | 000,000,000 | ---D | M] -- C:\Users\George\AppData\Roaming\AnvSoft
[2014/01/24 17:29:23 | 000,000,000 | ---D | M] -- C:\Users\George\AppData\Roaming\Audacity
[2013/07/19 15:33:03 | 000,000,000 | ---D | M] -- C:\Users\George\AppData\Roaming\Samsung
[2013/12/19 14:56:05 | 000,000,000 | ---D | M] -- C:\Users\George\AppData\Roaming\WebApp
[2013/06/28 17:05:52 | 000,000,000 | ---D | M] -- C:\Users\George\AppData\Roaming\WildTangent
[2013/06/25 15:26:48 | 000,000,000 | ---D | M] -- C:\Users\sarah\AppData\Roaming\Blue Cat Audio
[2013/09/25 17:15:33 | 000,000,000 | ---D | M] -- C:\Users\sarah\AppData\Roaming\FlowStone
[2013/07/02 09:56:36 | 000,000,000 | ---D | M] -- C:\Users\sarah\AppData\Roaming\Garmin
[2013/09/25 17:15:50 | 000,000,000 | ---D | M] -- C:\Users\sarah\AppData\Roaming\Image-Line
[2013/06/20 20:21:33 | 000,000,000 | ---D | M] -- C:\Users\sarah\AppData\Roaming\WebApp
[2013/06/25 14:34:42 | 000,000,000 | ---D | M] -- C:\Users\sarah\AppData\Roaming\WinBatch
========== Purity Check ==========
< End of report >