Jump to content

My Malwarebytes won't start

wizjdiez
 Share

Recommended Posts

wizjdiez

wizjdiez

Posted
Posted

This has happened before where my malwarebytes won't open and last time it was due to an infestation. Could someone possibly help me?

 

FRST

Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 12-06-2014 02
Ran by John (administrator) on FLUFFYBUNNY-PC on 12-06-2014 15:49:34
Running from C:\Users\John\Downloads
Platform: Windows 7 Professional Service Pack 1 (X64) OS Language: English(US)
Internet Explorer Version 10
Boot Mode: Normal
 
The only official download link for FRST:
Download link from any site other than Bleeping Computer is unpermitted or outdated.
 
==================== Processes (Whitelisted) =================
 
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Microsoft Corporation) C:\Windows\System32\wlanext.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Broadcom Corporation.) C:\Program Files\Lenovo\Bluetooth Software\btwdins.exe
(Hi-Rez Studios) C:\Program Files (x86)\Hi-Rez Studios\HiPatchService.exe
(Intel® Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\Jhi_service.exe
(Intel® Corporation) C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe
(Intel® Corporation) C:\Program Files\Intel\WiFi\bin\EvtEng.exe
(Intel® Corporation) C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Rosetta Stone Ltd.) C:\Program Files (x86)\RosettaStoneLtdServices\RosettaStoneLtdController.exe
(Rosetta Stone Ltd.) C:\Program Files (x86)\RosettaStoneLtdServices\RosettaStoneLtdServer.exe
(SEIKO EPSON CORPORATION) C:\Program Files (x86)\Common Files\EPSON\EBAPI\eEBSvc.exe
() C:\Program Files (x86)\Canon\IJPLM\ijplmsvc.exe
(Wacom Technology, Corp.) C:\Program Files\Tablet\Wacom\WTabletServicePro.exe
() C:\Windows\SysWOW64\PnkBstrA.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(Intel Corporation) C:\Program Files\Intel\BluetoothHS\BTHSAmpPalService.exe
(Intel® Corporation) C:\Program Files\Intel\BluetoothHS\BTHSSecurityMgr.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe
(Wacom Technology, Corp.) C:\Program Files\Tablet\Wacom\Wacom_TabletUser.exe
(Wacom Technology) C:\Program Files\Tablet\Wacom\WacomHost.exe
(Lenovo (Beijing) Limited) C:\Program Files (x86)\Lenovo\Energy Management\Energy Management.exe
(Lenovo(beijing) Limited) C:\Program Files (x86)\Lenovo\Energy Management\utility.exe
(Lenovo) C:\Program Files\Lenovo\Onekey Theater\OnekeyStudio.exe
(Synaptics) C:\Program Files\Synaptics\SynTP\SynLenovoGestureMgr.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(Wacom Technology, Corp.) C:\Program Files\Tablet\Wacom\Wacom_Tablet.exe
(Wacom Technology, Corp.) C:\Program Files\Tablet\Wacom\Wacom_TouchUser.exe
( ) C:\Program Files (x86)\LockKey\LockKey.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe
(CyberLink Corp.) C:\Program Files (x86)\Lenovo\PowerDVD10\PDVD10Serv.exe
(cyberlink) C:\Program Files (x86)\Cyberlink\Shared files\brs.exe
(PowerISO Computing, Inc.) C:\Program Files (x86)\PowerISO\PWRISOVM.EXE
(Apple Inc.) C:\Program Files (x86)\iTunes\iTunesHelper.exe
(CANON INC.) C:\Program Files (x86)\Canon\Quick Menu\CNQMMAIN.EXE
(CANON INC.) C:\Program Files (x86)\Canon\IJ Network Scanner Selector EX\CNMNSST.exe
() C:\Program Files (x86)\Gameiki\Gameiki Mod Installer\Gameiki Mod Installer.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(CyberLink) C:\Program Files (x86)\Lenovo\YouCam\YCMMirage.exe
(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
() C:\Program Files\Realtek\Audio\HDA\FMAPP.exe
(Google Inc.) C:\Users\John\AppData\Local\Programs\Google\MusicManager\MusicManager.exe
(Skype Technologies S.A.) C:\Program Files (x86)\Skype\Phone\Skype.exe
(Broadcom Corporation.) C:\Program Files\Lenovo\Bluetooth Software\BTTray.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Office\Office14\ONENOTEM.EXE
(Broadcom Corporation.) C:\Program Files\Lenovo\Bluetooth Software\BTStackServer.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Broadcom Corporation.) C:\Program Files\Lenovo\Bluetooth Software\Bluetooth Headset Helper.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Windows\splwow64.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\35.0.1916.153\nacl64.exe
(CANON INC.) C:\Program Files (x86)\Canon\Quick Menu\CNQMUPDT.EXE
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\35.0.1916.153\nacl64.exe
(CANON INC.) C:\Program Files (x86)\Canon\Quick Menu\CNQMSWCS.EXE
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
 
 
==================== Registry (Whitelisted) ==================
 
HKLM\...\Run: [synLenovoGestureMgr] => C:\Program Files\Synaptics\SynTP\SynLenovoGestureMgr.exe [410896 2011-12-15] (Synaptics)
HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [12343400 2011-12-27] (Realtek Semiconductor)
HKLM\...\Run: [RtHDVBg_Dolby] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1156712 2011-11-15] (Realtek Semiconductor)
HKLM\...\Run: [OnekeyStudio] => C:\Program Files\Lenovo\Onekey Theater\OnekeyStudio.exe [4196432 2012-09-14] (Lenovo)
HKLM\...\Run: [updatePRCShortCut] => C:\Program Files\Lenovo\OneKey App\OneKey Recovery\MUITransfer\MUIStartMenu.exe [222504 2009-05-13] (CyberLink Corp.)
HKLM\...\Run: [Energy Management] => C:\Program Files (x86)\Lenovo\Energy Management\Energy Management.exe [8079408 2012-07-03] (Lenovo (Beijing) Limited)
HKLM\...\Run: [EnergyUtility] => C:\Program Files (x86)\Lenovo\Energy Management\Utility.exe [6200368 2012-07-03] (Lenovo(beijing) Limited)
HKLM\...\Run: [Lenovo EE Boot Optimizer] => C:\Program Files (x86)\Lenovo\Boot Optimizer\PopWnd.exe [206176 2012-07-03] (Lenovo)
HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [446392 2012-04-04] (Adobe Systems Incorporated)
HKLM\...\Run: [Nvtmru] => "C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\nvtmru.exe"
HKLM\...\Run: [shadowPlay] => C:\Windows\system32\nvspcap64.dll [1279480 2014-05-29] (NVIDIA Corporation)
HKLM\...\Run: [NvBackend] => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2352072 2014-05-29] (NVIDIA Corporation)
HKLM-x32\...\Run: [uSB3MON] => C:\Program Files (x86)\Intel\Intel® USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe [291608 2012-03-11] (Intel Corporation)
HKLM-x32\...\Run: [LockKey] => C:\Program Files (x86)\LockKey\LockKey.exe [337776 2011-08-25] ( )
HKLM-x32\...\Run: [iAStorIcon] => C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe [284440 2011-11-29] (Intel Corporation)
HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959904 2013-11-21] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [RemoteControl10] => C:\Program Files (x86)\Lenovo\PowerDVD10\PDVD10Serv.exe [87336 2010-02-03] (CyberLink Corp.)
HKLM-x32\...\Run: [bDRegion] => C:\Program Files (x86)\Cyberlink\Shared files\brs.exe [75048 2011-09-27] (cyberlink)
HKLM-x32\...\Run: [updateP2GShortCut] => C:\Program Files (x86)\Lenovo\Power2Go\MUITransfer\MUIStartMenu.exe [222504 2010-07-26] (CyberLink Corp.)
HKLM-x32\...\Run: [updatePRCShortCut] => C:\Program Files\Lenovo\OneKey App\OneKey Recovery\MUITransfer\MUIStartMenu.exe [222504 2009-05-13] (CyberLink Corp.)
HKLM-x32\...\Run: [PWRISOVM.EXE] => C:\Program Files (x86)\PowerISO\PWRISOVM.EXE [180224 2010-04-12] (PowerISO Computing, Inc.)
HKLM-x32\...\Run: [bCSSync] => C:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe [91520 2010-03-13] (Microsoft Corporation)
HKLM-x32\...\Run: [APSDaemon] => C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [59720 2013-09-13] (Apple Inc.)
HKLM-x32\...\Run: [switchBoard] => C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [AdobeCS6ServiceManager] => C:\Program Files (x86)\Common Files\Adobe\CS6ServiceManager\CS6ServiceManager.exe [1073312 2012-03-09] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [iTunesHelper] => C:\Program Files (x86)\iTunes\iTunesHelper.exe [152392 2013-09-17] (Apple Inc.)
HKLM-x32\...\Run: [CanonQuickMenu] => C:\Program Files (x86)\Canon\Quick Menu\CNQMMAIN.EXE [1279120 2012-09-27] (CANON INC.)
HKLM-x32\...\Run: [iJNetworkScannerSelectorEX] => C:\Program Files (x86)\Canon\IJ Network Scanner Selector EX\CNMNSST.exe [452272 2012-08-31] (CANON INC.)
HKLM-x32\...\Run: [Gameiki] => C:\Program Files (x86)\Gameiki\Gameiki Mod Installer\Gameiki Mod Installer.exe [358912 2014-02-23] ()
Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)
HKLM\...\Policies\Explorer: [AllowLegacyWebView] 1
HKLM\...\Policies\Explorer: [AllowUnhashedWebView] 1
HKU\S-1-5-21-2349498154-4169554833-2041502127-1001\...\Run: [AdobeBridge] => [X]
HKU\S-1-5-21-2349498154-4169554833-2041502127-1001\...\Run: [Google Update] => C:\Users\John\AppData\Local\Google\Update\GoogleUpdate.exe [116648 2012-08-08] (Google Inc.)
HKU\S-1-5-21-2349498154-4169554833-2041502127-1001\...\Run: [Facebook Update] => C:\Users\John\AppData\Local\Facebook\Update\FacebookUpdate.exe [138096 2013-02-24] (Facebook Inc.)
HKU\S-1-5-21-2349498154-4169554833-2041502127-1001\...\Run: [MusicManager] => C:\Users\John\AppData\Local\Programs\Google\MusicManager\MusicManager.exe [7631872 2014-05-15] (Google Inc.)
HKU\S-1-5-21-2349498154-4169554833-2041502127-1001\...\Run: [Epson Stylus Photo R3000(Network)] => C:\Windows\system32\spool\DRIVERS\x64\3\E_IATIGHA.EXE [224768 2010-01-12] (SEIKO EPSON CORPORATION)
HKU\S-1-5-21-2349498154-4169554833-2041502127-1001\...\Run: [skype] => C:\Program Files (x86)\Skype\Phone\Skype.exe [21444224 2014-05-08] (Skype Technologies S.A.)
HKU\S-1-5-21-2349498154-4169554833-2041502127-1001\...\Run: [GoogleChromeAutoLaunch_DC7C249942899F83C1747FF3FB5BD5F3] => C:\Program Files (x86)\Google\Chrome\Application\chrome.exe [860488 2014-06-05] (Google Inc.)
HKU\S-1-5-21-2349498154-4169554833-2041502127-1001\...\MountPoints2: {baa6ba92-7066-11e2-803c-08edb9d7ac70} - G:\Setup.exe
HKU\S-1-5-21-2349498154-4169554833-2041502127-1001\...\MountPoints2: {bcd693e8-8607-11e2-aea3-08edb9d7ac70} - H:\TL-Bootstrap.exe
AppInit_DLLs: C:\Windows\system32\nvinitx.dll => C:\Windows\system32\nvinitx.dll [174296 2014-03-04] (NVIDIA Corporation)
AppInit_DLLs-x32: C:\Windows\SysWOW64\nvinit.dll => C:\Windows\SysWOW64\nvinit.dll [148016 2014-03-04] (NVIDIA Corporation)
Lsa: [Notification Packages] scecli C:\Program Files\Lenovo\Bluetooth Software\BtwProximityCP.dll
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Bluetooth.lnk
ShortcutTarget: Bluetooth.lnk -> C:\Program Files\Lenovo\Bluetooth Software\BTTray.exe (Broadcom Corporation.)
Startup: C:\Users\John\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OneNote 2010 Screen Clipper and Launcher.lnk
ShortcutTarget: OneNote 2010 Screen Clipper and Launcher.lnk -> C:\Program Files (x86)\Microsoft Office\Office14\ONENOTEM.EXE (Microsoft Corporation)
 
==================== Internet (Whitelisted) ====================
 
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.msn.com/?pc=U017&ocid=U017DHP&dt=052713
HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.google.com/ig/redirectdomain?brand=LENN&bmod=LENN
HKLM\Software\Microsoft\Internet Explorer\Main,Secondary Start Pages = http://www.lenovo.com/
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Secondary Start Pages = http://www.lenovo.com/
URLSearchHook: HKLM-x32 - NewFreeScreensavers Toolbar - {535ae879-ef3b-449c-8726-e1e644ae2290} - C:\Program Files (x86)\NewFreeScreensavers\prxtbNewF.dll (Conduit Ltd.)
URLSearchHook: HKCU - NewFreeScreensavers Toolbar - {535ae879-ef3b-449c-8726-e1e644ae2290} - C:\Program Files (x86)\NewFreeScreensavers\prxtbNewF.dll (Conduit Ltd.)
SearchScopes: HKCU - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKCU - {C040541D-8AC0-418A-81EB-09CAA9D47C9D} URL = http://search.conduit.com/ResultsExt.aspx?q={searchTerms}&SearchSource=4&ctid=CT3185678
BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation)
BHO: Java Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO: Office Document Cache Handler - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
BHO-x32: Canon Easy-WebPrint EX BHO - {3785D0AD-BFFF-47F6-BF5B-A587C162FED9} - C:\Program Files (x86)\Canon\Easy-WebPrint EX\ewpexbho.dll (CANON INC.)
BHO-x32: NewFreeScreensavers Toolbar - {535ae879-ef3b-449c-8726-e1e644ae2290} - C:\Program Files (x86)\NewFreeScreensavers\prxtbNewF.dll (Conduit Ltd.)
BHO-x32: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files (x86)\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation)
BHO-x32: Java Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO-x32: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO-x32: Office Document Cache Handler - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
BHO-x32: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
Toolbar: HKLM-x32 - NewFreeScreensavers Toolbar - {535ae879-ef3b-449c-8726-e1e644ae2290} - C:\Program Files (x86)\NewFreeScreensavers\prxtbNewF.dll (Conduit Ltd.)
Toolbar: HKLM-x32 - Canon Easy-WebPrint EX - {759D9886-0C6F-4498-BAB6-4A5F47C6C72F} - C:\Program Files (x86)\Canon\Easy-WebPrint EX\ewpexhlp.dll (CANON INC.)
Toolbar: HKCU - No Name - {2318C2B1-4965-11D4-9B18-009027A5CD4F} -  No File
Toolbar: HKCU - No Name - {535AE879-EF3B-449C-8726-E1E644AE2290} -  No File
Toolbar: HKCU - No Name - {759D9886-0C6F-4498-BAB6-4A5F47C6C72F} -  No File
DPF: HKLM-x32 {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload2.macromedia.com/pub/shockwave/cabs/flash/swflash.cab
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
 
FireFox:
========
FF ProfilePath: C:\Users\John\AppData\Roaming\Mozilla\Firefox\Profiles\b4gyatfj.default
FF SearchEngineOrder.3: Bing 
FF SelectedSearchEngine: Google
FF Homepage: hxxp://www.youtube.com/feed/subscriptions
FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF64_13_0_0_214.dll ()
FF Plugin: @java.com/DTPlugin,version=10.17.2 - C:\Windows\system32\npDeployJava1.dll (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=10.17.2 - C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin: @microsoft.com/GENUINE - disabled No File
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files\Microsoft Silverlight\5.1.20913.0\npctrl.dll ( Microsoft Corporation)
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 - C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF Plugin: @wacom.com/wtPlugin,version=2.1.0.7 - C:\Program Files\TabletPlugins\npWacomTabletPlugin.dll (Wacom)
FF Plugin: wacom.com/WacomTabletPlugin - C:\Program Files\TabletPlugins\npWacomTabletPlugin.dll (Wacom)
FF Plugin-x32: @adobe.com/FlashPlayer - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_13_0_0_214.dll ()
FF Plugin-x32: @Apple.com/iTunes,version=1.0 - C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF Plugin-x32: @canon.com/EPPEX - C:\Program Files (x86)\Canon\My Image Garden\AddOn\CIG\npmigfpi.dll (CANON INC.)
FF Plugin-x32: @esn.me/esnsonar,version=0.70.4 - C:\Program Files (x86)\Battlelog Web Plugins\Sonar\0.70.4\npesnsonar.dll (ESN Social Software AB)
FF Plugin-x32: @esn/npbattlelog,version=2.3.2 - C:\Program Files (x86)\Battlelog Web Plugins\2.3.2\npbattlelog.dll (EA Digital Illusions CE AB)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=2.0.59 - C:\Program Files (x86)\Intel\Intel® Management Engine Components\IPT\npIntelWebAPIIPT.dll (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater - C:\Program Files (x86)\Intel\Intel® Management Engine Components\IPT\npIntelWebAPIUpdater.dll (Intel Corporation)
FF Plugin-x32: @java.com/DTPlugin,version=10.45.2 - C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.45.2 - C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @microsoft.com/GENUINE - disabled No File
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files (x86)\Microsoft Silverlight\5.1.20913.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 - C:\PROGRA~2\MICROS~3\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 - C:\PROGRA~2\MICROS~3\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3508.1109 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @ogplanet.com/npOGPPlugin - C:\Windows\system32\npOGPPlugin.dll No File
FF Plugin-x32: @pandonetworks.com/PandoWebPlugin - C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll No File
FF Plugin-x32: @tools.google.com/Google Update;version=3 - C:\Program Files (x86)\Google\Update\1.3.24.7\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 - C:\Program Files (x86)\Google\Update\1.3.24.7\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @videolan.org/vlc,version=2.0.5 - C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin-x32: @wacom.com/wtPlugin,version=2.1.0.7 - C:\Program Files (x86)\TabletPlugins\npWacomTabletPlugin.dll (Wacom)
FF Plugin-x32: Adobe Reader - C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin-x32: wacom.com/WacomTabletPlugin - C:\Program Files (x86)\TabletPlugins\npWacomTabletPlugin.dll (Wacom)
FF Plugin HKCU: @Skype Limited.com/Facebook Video Calling Plugin - C:\Users\John\AppData\Local\Facebook\Video\Skype\npFacebookVideoCalling.dll (Skype Limited)
FF Plugin HKCU: @tools.google.com/Google Update;version=3 - C:\Users\John\AppData\Local\Google\Update\1.3.24.7\npGoogleUpdate3.dll (Google Inc.)
FF Plugin HKCU: @tools.google.com/Google Update;version=9 - C:\Users\John\AppData\Local\Google\Update\1.3.24.7\npGoogleUpdate3.dll (Google Inc.)
FF Plugin HKCU: ubisoft.com/uplaypc - C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\npuplaypc.dll ()
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\nppdf32.dll (Adobe Systems Inc.)
FF SearchPlugin: C:\Users\John\AppData\Roaming\Mozilla\Firefox\Profiles\b4gyatfj.default\searchplugins\bingp.xml
FF Extension: NewFreeScreensavers  - C:\Users\John\AppData\Roaming\Mozilla\Firefox\Profiles\b4gyatfj.default\Extensions\{535ae879-ef3b-449c-8726-e1e644ae2290} [2013-12-12]
FF Extension: Walnut for Firefox - C:\Users\John\AppData\Roaming\Mozilla\Firefox\Profiles\b4gyatfj.default\Extensions\{5A170DD3-63CA-4c58-93B7-DE9FF536C2FF}.xpi [2012-08-31]
FF Extension: Adblock Plus - C:\Users\John\AppData\Roaming\Mozilla\Firefox\Profiles\b4gyatfj.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2013-06-27]
 
Chrome: 
=======
CHR HomePage: hxxp://www.msn.com/?pc=U017&ocid=U017DHP&dt=052713
CHR StartupUrls: "hxxp://www.youtube.com/feed/subscriptions"
CHR Plugin: (Shockwave Flash) - C:\Program Files (x86)\Google\Chrome\Application\35.0.1916.153\gcswf32.dll No File
CHR Plugin: (Adobe Acrobat) - C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Browser\nppdf32.dll (Adobe Systems Inc.)
CHR Plugin: (Silverlight Plug-In) - c:\Program Files (x86)\Microsoft Silverlight\4.0.50401.0\npctrl.dll No File
CHR Plugin: (Microsoft Office 2010) - C:\PROGRA~2\MICROS~3\Office14\NPSPWRAP.DLL (Microsoft Corporation)
CHR Plugin: (Chrome NaCl) - C:\Program Files (x86)\Google\Chrome\Application\35.0.1916.153\ppGoogleNaClPluginChrome.dll ()
CHR Plugin: (Chrome PDF Viewer) - C:\Program Files (x86)\Google\Chrome\Application\35.0.1916.153\pdf.dll ()
CHR Plugin: (McAfee SiteAdvisor) - C:\Users\John\AppData\Local\Google\Chrome\User Data\Default\Extensions\fheoggkfdfchfphceeifdbepaooicaho\3.41.123.2_0\McChPlg.dll No File
CHR Plugin: (McAfee SiteAdvisor) - C:\Program Files (x86)\McAfee\SiteAdvisor\npmcffplg32.dll No File
CHR Plugin: (Google Update) - C:\Program Files (x86)\Google\Update\1.3.21.57\npGoogleUpdate3.dll No File
CHR Plugin: (Intel® Identity Protection Technology) - C:\Program Files (x86)\Intel\Intel® Management Engine Components\IPT\npIntelWebAPIIPT.dll (Intel Corporation)
CHR Plugin: (Intel® Identity Protection Technology) - C:\Program Files (x86)\Intel\Intel® Management Engine Components\IPT\npIntelWebAPIUpdater.dll (Intel Corporation)
CHR Plugin: (Windows Live Photo Gallery) - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
CHR Plugin: (McAfee SecurityCenter) - c:\progra~2\mcafee\msc\npmcsn~1.dll No File
CHR Plugin: (Default Plug-in) - default_plugin No File
CHR Extension: (Google Voice Search Hotword (Beta)) - C:\Users\John\AppData\Local\Google\Chrome\User Data\Default\Extensions\bepbmhgboaologfdajaanbcjmnhjmhfn [2014-05-23]
CHR Extension: (Ancient Map) - C:\Users\John\AppData\Local\Google\Chrome\User Data\Default\Extensions\bjcjaemihddenoopkkhaamlcoliiiain [2014-01-20]
CHR Extension: (Adblock Plus) - C:\Users\John\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2014-01-20]
CHR Extension: (Adblock for Youtube™) - C:\Users\John\AppData\Local\Google\Chrome\User Data\Default\Extensions\cmedhionkhpnakcndndgjdbohmhepckk [2014-01-20]
CHR Extension: (Google Play Music) - C:\Users\John\AppData\Local\Google\Chrome\User Data\Default\Extensions\fahmaaghhglfmonjliepjlchgpgfmobi [2014-06-10]
CHR Extension: (AdBlock) - C:\Users\John\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2014-01-20]
CHR Extension: (Google Wallet) - C:\Users\John\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2013-11-25]
CHR Extension: (NewFreeScreensavers) - C:\Users\John\AppData\Local\Google\Chrome\User Data\Default\Extensions\obhnedkdjofgblpkmlbamogmcbhgdkdj [2012-09-30]
CHR HKCU\...\Chrome\Extension: [obhnedkdjofgblpkmlbamogmcbhgdkdj] - C:\Users\John\AppData\Local\CRE\obhnedkdjofgblpkmlbamogmcbhgdkdj.crx [2012-08-29]
CHR HKLM-x32\...\Chrome\Extension: [obhnedkdjofgblpkmlbamogmcbhgdkdj] - C:\Users\John\AppData\Local\CRE\obhnedkdjofgblpkmlbamogmcbhgdkdj.crx [2012-08-29]
 
==================== Services (Whitelisted) =================
 
S3 BEService; C:\Program Files (x86)\Common Files\BattlEye\BEService.exe [49152 2013-11-23] () [File not signed]
R2 btwdins; C:\Program Files\Lenovo\Bluetooth Software\btwdins.exe [945440 2012-02-01] (Broadcom Corporation.)
S2 CLKMSVC10_3A60B698; C:\Program Files (x86)\Lenovo\PowerDVD10\NavFilter\kmsvc.exe [241648 2011-04-20] (CyberLink)
S3 EasyAntiCheat; C:\Windows\SysWOW64\EasyAntiCheat.exe [93048 2014-06-10] (EasyAntiCheat Ltd)
R2 EpsonBidirectionalService; C:\Program Files (x86)\Common Files\EPSON\EBAPI\eEBSVC.exe [94208 2006-12-19] (SEIKO EPSON CORPORATION) [File not signed]
R2 HiPatchService; C:\Program Files (x86)\Hi-Rez Studios\HiPatchService.exe [9216 2014-02-28] (Hi-Rez Studios) [File not signed]
R2 IJPLMSVC; C:\Program Files (x86)\Canon\IJPLM\IJPLMSVC.EXE [140456 2012-03-28] ()
R2 jhi_service; C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\jhi_service.exe [161560 2012-02-28] (Intel Corporation)
S3 MyWiFiDHCPDNS; C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe [273168 2011-12-08] ()
S3 npggsvc; C:\Windows\SysWOW64\GameMon.des [5312448 2014-03-19] (INCA Internet Co., Ltd.)
S2 NSDSvc; C:\Windows\System32\NSDSvc.exe [120160 2011-12-23] (Lenovo)
R2 NvNetworkService; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1631008 2014-05-29] (NVIDIA Corporation)
R2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [21055432 2014-05-29] (NVIDIA Corporation)
R2 PnkBstrA; C:\Windows\SysWOW64\PnkBstrA.exe [76888 2014-04-19] ()
R2 RosettaStoneLtdController; C:\Program Files (x86)\RosettaStoneLtdServices\RosettaStoneLtdController.exe [352312 2008-09-16] (Rosetta Stone Ltd.) [File not signed]
S3 SwitchBoard; C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Adobe Systems Incorporated) [File not signed]
S3 vncserver; C:\Program Files\RealVNC\VNC Server\vncserver.exe [4774208 2013-03-04] (RealVNC Ltd)
R2 WTabletServicePro; C:\Program Files\Tablet\Wacom\WTabletServicePro.exe [635160 2014-04-03] (Wacom Technology, Corp.)
R2 ZeroConfigService; C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe [594704 2011-12-08] (Intel® Corporation)
 
==================== Drivers (Whitelisted) ====================
 
R3 bcbtums; C:\Windows\System32\drivers\bcbtums.sys [134696 2012-02-01] (Broadcom Corporation.)
R3 hswpan; C:\Windows\System32\DRIVERS\hswpan.sys [109056 2012-01-27] (Ozmo Inc)
R0 NSD; C:\Windows\System32\drivers\nsd.sys [24160 2011-12-23] (Lenovo Corporation")
R1 Nsdfltr; C:\Windows\System32\drivers\Nsdfltr.sys [59488 2011-12-21] (Lenovo Corporation)
R3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [20256 2014-05-29] (NVIDIA Corporation)
R3 nvvad_WaveExtensible; C:\Windows\System32\drivers\nvvad64v.sys [40392 2014-03-31] (NVIDIA Corporation)
R3 rtsuvc; C:\Windows\System32\DRIVERS\rtsuvc.sys [8208488 2011-09-06] (Realtek Semiconductor Corp.)
U3 BcmSqlStartupSvc; 
U2 CLKMSVC10_C3B3B687; 
S3 cpuz136; \??\C:\Users\John\AppData\Local\Temp\cpuz136\cpuz136_x64.sys [X]
U2 DriverService; 
S3 EagleX64; \??\C:\Windows\system32\drivers\EagleX64.sys [X]
U2 iATAgentService; 
U2 idealife Update Service; 
U3 IGRS; 
U2 IviRegMgr; 
U2 Oasis2Service; 
U2 PCCarerService; 
U2 ReadyComm.DirectRouter; 
U2 RichVideo; 
U2 RtLedService; 
U2 SeaPort; 
U2 SoftwareService; 
U3 SQLWriter; 
S3 X6va009; \??\C:\Windows\SysWOW64\Drivers\X6va009 [X]
S3 X6va010; \??\C:\Windows\SysWOW64\Drivers\X6va010 [X]
S3 X6va012; \??\C:\Windows\SysWOW64\Drivers\X6va012 [X]
 
==================== NetSvcs (Whitelisted) ===================
 
 
==================== One Month Created Files and Folders ========
 
2014-06-12 15:49 - 2014-06-12 15:50 - 00030026 _____ () C:\Users\John\Downloads\FRST.txt
2014-06-12 15:49 - 2014-06-12 15:49 - 02081792 _____ (Farbar) C:\Users\John\Downloads\FRST64.exe
2014-06-12 15:49 - 2014-06-12 15:49 - 00000000 ____D () C:\FRST
2014-06-12 15:47 - 2014-06-12 15:47 - 00001117 _____ () C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2014-06-12 15:47 - 2014-05-12 07:26 - 00091352 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys
2014-06-12 15:47 - 2014-05-12 07:25 - 00025816 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys
2014-06-12 15:45 - 2014-06-12 15:46 - 17292760 _____ (Malwarebytes Corporation ) C:\Users\John\Downloads\mbam-setup-consumer-2.0.2.1012.exe
2014-06-12 15:27 - 2014-06-12 15:28 - 00002444 _____ () C:\Users\John\Desktop\Rkill.txt
2014-06-12 15:27 - 2014-06-12 15:27 - 00000000 ____D () C:\Users\John\Desktop\rkill
2014-06-12 15:26 - 2014-06-12 15:27 - 01940216 _____ (Bleeping Computer, LLC) C:\Users\John\Downloads\rkill.exe
2014-06-10 19:25 - 2014-06-10 19:24 - 00093048 _____ (EasyAntiCheat Ltd) C:\Windows\SysWOW64\EasyAntiCheat.exe
2014-06-10 15:29 - 2014-06-10 15:29 - 02896539 _____ () C:\Users\John\Documents\secret 2.wma
2014-06-10 02:08 - 2014-06-10 02:09 - 164661561 _____ () C:\Users\John\Downloads\TRANSISTOR_BREACHED.zip
2014-06-10 01:55 - 2014-06-10 01:57 - 00000000 ____D () C:\Users\John\Downloads\[OST] Transistor OST 2014 Digital Edition (320 CBR MP3)
2014-06-10 01:53 - 2014-06-10 01:53 - 00021799 _____ () C:\Users\John\Downloads\[kickass.to]ost.transistor.ost.2014.digital.edition.320.cbr.mp3.torrent
2014-06-09 23:06 - 2014-06-09 23:08 - 00000000 ____D () C:\Users\John\Documents\Dawngate
2014-06-09 23:02 - 2014-06-09 23:02 - 00002185 _____ () C:\Users\Public\Desktop\Dawngate.lnk
2014-06-09 23:02 - 2014-06-09 23:02 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Dawngate
2014-06-09 23:00 - 2014-06-09 23:00 - 09269248 _____ () C:\Users\John\Downloads\Dawngate_en_us (2).msi
2014-06-09 22:58 - 2014-06-09 22:59 - 09269248 _____ () C:\Users\John\Downloads\Dawngate_en_us (1).msi
2014-06-03 17:29 - 2014-05-29 16:07 - 01715176 _____ (NVIDIA Corporation) C:\Windows\system32\nvspbridge64.dll
2014-06-03 17:29 - 2014-05-29 16:07 - 01291232 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvspbridge.dll
2014-06-03 13:55 - 2014-06-03 13:55 - 00000219 _____ () C:\Users\John\Desktop\Alien Swarm.url
2014-06-03 02:27 - 2014-06-03 02:27 - 44199212 _____ () C:\Users\John\Downloads\Pentakill-SmiteandIgnite.zip
2014-05-31 13:57 - 2014-05-31 13:57 - 00000000 ____D () C:\Users\John\AppData\Roaming\roi
2014-05-31 13:51 - 2014-05-31 13:51 - 00000222 _____ () C:\Users\John\Desktop\Rise of Incarnates.url
2014-05-29 19:41 - 2014-05-29 19:41 - 00000000 ____D () C:\Users\John\Documents\Steam Cloud
2014-05-29 19:39 - 2014-05-29 19:39 - 00000000 ____D () C:\Users\John\Documents\RPGVXAce
2014-05-29 19:36 - 2014-05-29 19:36 - 00000222 _____ () C:\Users\John\Desktop\RPG Maker VX Ace.url
2014-05-29 19:35 - 2014-05-29 19:37 - 535408072 _____ () C:\Users\John\Downloads\RPGMaker_FreeGamesBundle1.zip
2014-05-26 22:49 - 2014-03-31 09:42 - 00040392 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvvad64v.sys
2014-05-26 22:49 - 2014-03-31 09:42 - 00034760 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvaudcap32v.dll
2014-05-23 18:12 - 2014-05-23 18:12 - 00001919 _____ () C:\Users\John\Desktop\Supraball.lnk
2014-05-23 18:12 - 2014-05-23 18:12 - 00000000 ____D () C:\Users\John\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Supraball
2014-05-23 18:08 - 2014-05-23 18:09 - 00000000 ____D () C:\Program Files (x86)\Supraball
2014-05-23 18:07 - 2014-05-23 18:07 - 00000000 ____D () C:\Program Files\Common Files\INCA Shared
2014-05-23 18:07 - 2014-03-19 03:59 - 05312448 _____ (INCA Internet Co., Ltd.) C:\Windows\SysWOW64\GameMon.des
2014-05-23 18:04 - 2014-05-23 18:07 - 255486794 _____ () C:\Users\John\Downloads\supraball_0.2.5.exe
2014-05-23 16:37 - 2014-05-23 16:37 - 00000000 ____D () C:\Program Files (x86)\GamesCampus
2014-05-23 16:15 - 2014-05-23 16:21 - 1600956497 _____ (Nimonix Inc.) C:\Users\John\Downloads\RFR_SETUP_NA_20140518.EXE
2014-05-21 16:02 - 2014-05-21 16:02 - 00000000 ____D () C:\Users\John\AppData\Local\{3AC31F14-B96F-472A-AE90-4CB395EF76A8}
2014-05-21 00:14 - 2014-05-28 13:41 - 00000000 ____D () C:\Users\John\Documents\Macro Scheduler 12
2014-05-19 20:45 - 2014-05-19 20:45 - 00417829 _____ () C:\Users\John\Downloads\Honors History Final Review 10th grade.pages.zip
2014-05-19 16:00 - 2014-05-19 16:00 - 00001163 _____ () C:\Users\John\Desktop\Stellar Phoenix Photo Recovery.lnk
2014-05-19 16:00 - 2014-05-19 16:00 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Stellar Phoenix Photo Recovery
2014-05-19 16:00 - 2014-05-19 16:00 - 00000000 ____D () C:\Program Files (x86)\Stellar Phoenix Photo Recovery
2014-05-19 15:59 - 2014-05-19 16:00 - 10612576 _____ (Stellar Information Technology Pvt Ltd. ) C:\Users\John\Downloads\stellarphoenixphotorecovery.exe
2014-05-18 21:17 - 2014-05-18 21:17 - 00466456 _____ (Creative Labs) C:\Windows\system32\wrap_oal.dll
2014-05-18 21:17 - 2014-05-18 21:17 - 00444952 _____ (Creative Labs) C:\Windows\SysWOW64\wrap_oal.dll
2014-05-18 21:17 - 2014-05-18 21:17 - 00122904 _____ (Portions © Creative Labs Inc. and NVIDIA Corp.) C:\Windows\system32\OpenAL32.dll
2014-05-18 21:17 - 2014-05-18 21:17 - 00109080 _____ (Portions © Creative Labs Inc. and NVIDIA Corp.) C:\Windows\SysWOW64\OpenAL32.dll
2014-05-18 21:17 - 2014-05-18 21:17 - 00000000 ____D () C:\Program Files (x86)\OpenAL
2014-05-18 21:16 - 2014-05-18 21:16 - 00000222 _____ () C:\Users\John\Desktop\Hammerwatch.url
2014-05-14 19:00 - 2014-05-14 19:00 - 00005093 _____ () C:\Users\John\Downloads\TRIALSCRIPT (1)
2014-05-14 18:58 - 2014-05-14 18:58 - 00005093 _____ () C:\Users\John\Downloads\TRIALSCRIPT
2014-05-13 12:03 - 2014-05-13 12:03 - 00000000 ____D () C:\Users\John\Documents\TecmoKoei
2014-05-13 11:21 - 2014-05-13 11:21 - 00000222 _____ () C:\Users\John\Desktop\DYNASTY WARRIORS 8 Xtreme Legends Complete Edition.url
 
==================== One Month Modified Files and Folders =======
 
2014-06-12 15:50 - 2014-06-12 15:49 - 00030026 _____ () C:\Users\John\Downloads\FRST.txt
2014-06-12 15:50 - 2012-08-08 15:04 - 00000000 ____D () C:\Users\John\AppData\Local\Temp
2014-06-12 15:49 - 2014-06-12 15:49 - 02081792 _____ (Farbar) C:\Users\John\Downloads\FRST64.exe
2014-06-12 15:49 - 2014-06-12 15:49 - 00000000 ____D () C:\FRST
2014-06-12 15:49 - 2012-09-04 19:24 - 00000904 _____ () C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2349498154-4169554833-2041502127-1001UA.job
2014-06-12 15:47 - 2014-06-12 15:47 - 00001117 _____ () C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2014-06-12 15:47 - 2014-04-12 13:44 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
2014-06-12 15:47 - 2014-04-12 13:44 - 00000000 ____D () C:\Program Files (x86)\Malwarebytes Anti-Malware
2014-06-12 15:46 - 2014-06-12 15:45 - 17292760 _____ (Malwarebytes Corporation ) C:\Users\John\Downloads\mbam-setup-consumer-2.0.2.1012.exe
2014-06-12 15:46 - 2012-10-13 12:05 - 00000000 ____D () C:\Program Files (x86)\Malwarebytes' Anti-Malware
2014-06-12 15:46 - 2012-08-08 15:51 - 00000000 ____D () C:\Users\John\AppData\Roaming\Skype
2014-06-12 15:41 - 2012-07-03 16:55 - 00000912 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2014-06-12 15:40 - 2012-08-08 15:07 - 00000000 ___RD () C:\Users\John\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
2014-06-12 15:40 - 2009-07-13 21:45 - 00050640 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-06-12 15:40 - 2009-07-13 21:45 - 00050640 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-06-12 15:40 - 2009-07-13 20:20 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup
2014-06-12 15:39 - 2012-07-03 16:56 - 00219100 _____ () C:\Windows\system32\fastboot.set
2014-06-12 15:39 - 2012-07-03 16:55 - 00000908 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2014-06-12 15:39 - 2012-07-03 16:07 - 01876201 _____ () C:\Windows\WindowsUpdate.log
2014-06-12 15:33 - 2014-01-26 11:27 - 00017455 _____ () C:\Windows\setupact.log
2014-06-12 15:33 - 2009-07-13 22:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-06-12 15:28 - 2014-06-12 15:27 - 00002444 _____ () C:\Users\John\Desktop\Rkill.txt
2014-06-12 15:27 - 2014-06-12 15:27 - 00000000 ____D () C:\Users\John\Desktop\rkill
2014-06-12 15:27 - 2014-06-12 15:26 - 01940216 _____ (Bleeping Computer, LLC) C:\Users\John\Downloads\rkill.exe
2014-06-12 15:12 - 2012-08-08 15:57 - 00000830 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2014-06-12 14:05 - 2013-02-24 00:00 - 00000924 _____ () C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-2349498154-4169554833-2041502127-1001UA.job
2014-06-11 23:05 - 2013-02-24 00:00 - 00000902 _____ () C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-2349498154-4169554833-2041502127-1001Core.job
2014-06-11 20:49 - 2012-09-04 19:24 - 00000852 _____ () C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2349498154-4169554833-2041502127-1001Core.job
2014-06-11 20:45 - 2012-08-08 22:07 - 00000000 ____D () C:\Program Files (x86)\Steam
2014-06-11 19:07 - 2012-07-03 16:55 - 00002194 _____ () C:\Users\Public\Desktop\Google Chrome.lnk
2014-06-11 17:51 - 2012-08-19 20:42 - 00000426 _____ () C:\Windows\BRWMARK.INI
2014-06-11 02:22 - 2012-10-21 16:50 - 00000000 ____D () C:\Users\John\AppData\Roaming\uTorrent
2014-06-10 19:24 - 2014-06-10 19:25 - 00093048 _____ (EasyAntiCheat Ltd) C:\Windows\SysWOW64\EasyAntiCheat.exe
2014-06-10 15:33 - 2012-08-15 17:57 - 00000000 ____D () C:\Users\John\School
2014-06-10 15:29 - 2014-06-10 15:29 - 02896539 _____ () C:\Users\John\Documents\secret 2.wma
2014-06-10 02:09 - 2014-06-10 02:08 - 164661561 _____ () C:\Users\John\Downloads\TRANSISTOR_BREACHED.zip
2014-06-10 01:57 - 2014-06-10 01:55 - 00000000 ____D () C:\Users\John\Downloads\[OST] Transistor OST 2014 Digital Edition (320 CBR MP3)
2014-06-10 01:53 - 2014-06-10 01:53 - 00021799 _____ () C:\Users\John\Downloads\[kickass.to]ost.transistor.ost.2014.digital.edition.320.cbr.mp3.torrent
2014-06-09 23:08 - 2014-06-09 23:06 - 00000000 ____D () C:\Users\John\Documents\Dawngate
2014-06-09 23:02 - 2014-06-09 23:02 - 00002185 _____ () C:\Users\Public\Desktop\Dawngate.lnk
2014-06-09 23:02 - 2014-06-09 23:02 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Dawngate
2014-06-09 23:02 - 2009-07-13 22:32 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games
2014-06-09 23:00 - 2014-06-09 23:00 - 09269248 _____ () C:\Users\John\Downloads\Dawngate_en_us (2).msi
2014-06-09 22:59 - 2014-06-09 22:58 - 09269248 _____ () C:\Users\John\Downloads\Dawngate_en_us (1).msi
2014-06-06 17:57 - 2012-08-09 00:41 - 00000000 ___HD () C:\Windows\msdownld.tmp
2014-06-04 20:37 - 2013-11-26 01:01 - 00000000 ____D () C:\Users\John\AppData\Local\Battle.net
2014-06-03 17:28 - 2012-07-03 16:14 - 00000000 ____D () C:\Program Files\NVIDIA Corporation
2014-06-03 13:55 - 2014-06-03 13:55 - 00000219 _____ () C:\Users\John\Desktop\Alien Swarm.url
2014-06-03 13:55 - 2012-08-08 22:12 - 00000000 ____D () C:\Users\John\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Steam
2014-06-03 02:27 - 2014-06-03 02:27 - 44199212 _____ () C:\Users\John\Downloads\Pentakill-SmiteandIgnite.zip
2014-06-02 13:17 - 2013-10-27 23:15 - 00000000 ____D () C:\ProgramData\CanonIJPLM
2014-05-31 13:57 - 2014-05-31 13:57 - 00000000 ____D () C:\Users\John\AppData\Roaming\roi
2014-05-31 13:51 - 2014-05-31 13:51 - 00000222 _____ () C:\Users\John\Desktop\Rise of Incarnates.url
2014-05-30 14:38 - 2013-11-26 01:05 - 00000000 ____D () C:\Program Files (x86)\Hearthstone
2014-05-30 14:37 - 2013-11-26 01:01 - 00000000 ____D () C:\Program Files (x86)\Battle.net
2014-05-29 19:41 - 2014-05-29 19:41 - 00000000 ____D () C:\Users\John\Documents\Steam Cloud
2014-05-29 19:39 - 2014-05-29 19:39 - 00000000 ____D () C:\Users\John\Documents\RPGVXAce
2014-05-29 19:37 - 2014-05-29 19:35 - 535408072 _____ () C:\Users\John\Downloads\RPGMaker_FreeGamesBundle1.zip
2014-05-29 19:36 - 2014-05-29 19:36 - 00000222 _____ () C:\Users\John\Desktop\RPG Maker VX Ace.url
2014-05-29 16:07 - 2014-06-03 17:29 - 01715176 _____ (NVIDIA Corporation) C:\Windows\system32\nvspbridge64.dll
2014-05-29 16:07 - 2014-06-03 17:29 - 01291232 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvspbridge.dll
2014-05-29 16:07 - 2013-11-21 23:02 - 01279480 _____ (NVIDIA Corporation) C:\Windows\system32\nvspcap64.dll
2014-05-29 16:07 - 2013-11-21 23:02 - 01122312 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvspcap.dll
2014-05-28 22:02 - 2012-08-21 23:21 - 00000000 ____D () C:\Users\John\Documents\Outlook Files
2014-05-28 13:41 - 2014-05-21 00:14 - 00000000 ____D () C:\Users\John\Documents\Macro Scheduler 12
2014-05-26 22:50 - 2013-12-03 18:57 - 00000000 ____D () C:\Users\John\AppData\Local\NVIDIA Corporation
2014-05-26 22:50 - 2012-07-03 16:14 - 00000000 ____D () C:\ProgramData\NVIDIA Corporation
2014-05-26 22:49 - 2012-07-03 16:14 - 00000000 ____D () C:\Program Files (x86)\NVIDIA Corporation
2014-05-26 10:12 - 2014-02-28 16:57 - 00000000 ___RD () C:\Program Files (x86)\Skype
2014-05-26 10:12 - 2012-08-08 15:47 - 00000000 ____D () C:\ProgramData\Skype
2014-05-23 18:12 - 2014-05-23 18:12 - 00001919 _____ () C:\Users\John\Desktop\Supraball.lnk
2014-05-23 18:12 - 2014-05-23 18:12 - 00000000 ____D () C:\Users\John\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Supraball
2014-05-23 18:12 - 2013-12-02 18:47 - 00000000 ____D () C:\ProgramData\Package Cache
2014-05-23 18:09 - 2014-05-23 18:08 - 00000000 ____D () C:\Program Files (x86)\Supraball
2014-05-23 18:07 - 2014-05-23 18:07 - 00000000 ____D () C:\Program Files\Common Files\INCA Shared
2014-05-23 18:07 - 2014-05-23 18:04 - 255486794 _____ () C:\Users\John\Downloads\supraball_0.2.5.exe
2014-05-23 16:39 - 2012-09-26 12:31 - 00001239 _____ () C:\Users\John\Desktop\Rumble Fighter.lnk
2014-05-23 16:37 - 2014-05-23 16:37 - 00000000 ____D () C:\Program Files (x86)\GamesCampus
2014-05-23 16:21 - 2014-05-23 16:15 - 1600956497 _____ (Nimonix Inc.) C:\Users\John\Downloads\RFR_SETUP_NA_20140518.EXE
2014-05-23 06:18 - 2014-04-30 21:20 - 00000000 ____D () C:\Users\John\AppData\Local\Windows Live
2014-05-21 17:16 - 2009-07-13 22:13 - 00800382 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-05-21 16:02 - 2014-05-21 16:02 - 00000000 ____D () C:\Users\John\AppData\Local\{3AC31F14-B96F-472A-AE90-4CB395EF76A8}
2014-05-20 23:51 - 2013-11-16 23:37 - 00000000 ____D () C:\Program Files (x86)\World of Warcraft
2014-05-20 23:49 - 2012-08-09 14:50 - 00000000 ____D () C:\Program Files (x86)\StarCraft II
2014-05-19 20:45 - 2014-05-19 20:45 - 00417829 _____ () C:\Users\John\Downloads\Honors History Final Review 10th grade.pages.zip
2014-05-19 17:10 - 2012-07-03 16:52 - 00000000 ____D () C:\ProgramData\Temp
2014-05-19 16:00 - 2014-05-19 16:00 - 00001163 _____ () C:\Users\John\Desktop\Stellar Phoenix Photo Recovery.lnk
2014-05-19 16:00 - 2014-05-19 16:00 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Stellar Phoenix Photo Recovery
2014-05-19 16:00 - 2014-05-19 16:00 - 00000000 ____D () C:\Program Files (x86)\Stellar Phoenix Photo Recovery
2014-05-19 16:00 - 2014-05-19 15:59 - 10612576 _____ (Stellar Information Technology Pvt Ltd. ) C:\Users\John\Downloads\stellarphoenixphotorecovery.exe
2014-05-18 21:17 - 2014-05-18 21:17 - 00466456 _____ (Creative Labs) C:\Windows\system32\wrap_oal.dll
2014-05-18 21:17 - 2014-05-18 21:17 - 00444952 _____ (Creative Labs) C:\Windows\SysWOW64\wrap_oal.dll
2014-05-18 21:17 - 2014-05-18 21:17 - 00122904 _____ (Portions © Creative Labs Inc. and NVIDIA Corp.) C:\Windows\system32\OpenAL32.dll
2014-05-18 21:17 - 2014-05-18 21:17 - 00109080 _____ (Portions © Creative Labs Inc. and NVIDIA Corp.) C:\Windows\SysWOW64\OpenAL32.dll
2014-05-18 21:17 - 2014-05-18 21:17 - 00000000 ____D () C:\Program Files (x86)\OpenAL
2014-05-18 21:16 - 2014-05-18 21:16 - 00000222 _____ () C:\Users\John\Desktop\Hammerwatch.url
2014-05-14 19:00 - 2014-05-14 19:00 - 00005093 _____ () C:\Users\John\Downloads\TRIALSCRIPT (1)
2014-05-14 18:58 - 2014-05-14 18:58 - 00005093 _____ () C:\Users\John\Downloads\TRIALSCRIPT
2014-05-14 18:26 - 2014-03-01 14:35 - 00000000 ____D () C:\Program Files (x86)\Diablo III
2014-05-13 12:12 - 2012-08-08 15:57 - 00692400 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2014-05-13 12:12 - 2012-08-08 15:57 - 00070832 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2014-05-13 12:12 - 2012-08-08 15:57 - 00003768 _____ () C:\Windows\System32\Tasks\Adobe Flash Player Updater
2014-05-13 12:03 - 2014-05-13 12:03 - 00000000 ____D () C:\Users\John\Documents\TecmoKoei
2014-05-13 11:21 - 2014-05-13 11:21 - 00000222 _____ () C:\Users\John\Desktop\DYNASTY WARRIORS 8 Xtreme Legends Complete Edition.url
 
Some content of TEMP:
====================
C:\Users\John\AppData\Local\Temp\HiPatchSelfUpdateWindow.exe
C:\Users\John\AppData\Local\Temp\HiRezLauncherControls.dll
C:\Users\John\AppData\Local\Temp\mpa03740.exe
C:\Users\John\AppData\Local\Temp\Setup-Wacom.exe
C:\Users\John\AppData\Local\Temp\sonarinst.exe
 
 
==================== Bamital & volsnap Check =================
 
C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed
 
 
LastRegBack: 2014-05-29 00:27
 
==================== End Of Log ============================
Link to post
Share on other sites
wizjdiez

wizjdiez

Posted
  • Author
Posted
 



Additional scan result of Farbar Recovery Scan Tool (x64) Version: 12-06-2014 02

Ran by John at 2014-06-12 15:50:25

Running from C:\Users\John\Downloads

Boot Mode: Normal

==========================================================

 

 

==================== Security Center ========================

 

AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

 

==================== Installed Programs ======================

 

µTorrent (HKLM-x32\...\uTorrent) (Version: 3.2.3.28705 - BitTorrent Inc.)

Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 3.4.0.2710 - Adobe Systems Incorporated)

Adobe AIR (x32 Version: 3.4.0.2710 - Adobe Systems Incorporated) Hidden

Adobe Download Assistant (HKLM-x32\...\com.adobe.downloadassistant.AdobeDownloadAssistant) (Version: 1.2.3 - Adobe Systems Incorporated)

Adobe Download Assistant (x32 Version: 1.2.3 - Adobe Systems Incorporated) Hidden

Adobe Flash Player 13 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 13.0.0.214 - Adobe Systems Incorporated)

Adobe Flash Player 13 Plugin (HKLM-x32\...\Adobe Flash Player Plugin) (Version: 13.0.0.214 - Adobe Systems Incorporated)

Adobe Photoshop CS6 (HKLM-x32\...\{74EB3499-8B95-4B5C-96EB-7B342F3FD0C6}) (Version: 13.0 - Adobe Systems Incorporated)

Adobe Reader X (10.1.9) (HKLM-x32\...\{AC76BA86-7AD7-1033-7B44-AA1000000001}) (Version: 10.1.9 - Adobe Systems Incorporated)

Age of Wushu (HKLM-x32\...\{A0AFB64E-79E1-45BF-BA6C-18C21E007D8E}) (Version: 0.0.1.029 - Snail Games USA)

Alien Swarm (HKLM-x32\...\Steam App 630) (Version:  - Valve)

Apple Application Support (HKLM-x32\...\{46F044A5-CE8B-4196-984E-5BD6525E361D}) (Version: 2.3.6 - Apple Inc.)

Apple Mobile Device Support (HKLM\...\{2EF5D87E-B7BD-458F-8428-E4D0B8B4E65C}) (Version: 7.0.0.117 - Apple Inc.)

Apple Software Update (HKLM-x32\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)

Arma 2 (HKLM-x32\...\Steam App 33900) (Version:  - Bohemia Interactive)

Arma 2: DayZ Mod (HKLM-x32\...\Steam App 224580) (Version:  - Bohemia Interactive)

Arma 2: Operation Arrowhead (HKLM-x32\...\Steam App 33930) (Version:  - Bohemia Interactive)

Atheros Communications Inc.® AR81Family Gigabit/Fast Ethernet Driver (HKLM-x32\...\{3108C217-BE83-42E4-AE9E-A56A2A92E549}) (Version: 2.0.9.9 - Atheros Communications Inc.)

Atlantica (HKLM-x32\...\Steam App 212240) (Version:  - )

Bastion (HKLM-x32\...\Steam App 107100) (Version:  - Supergiant Games)

Battle.net (HKLM-x32\...\Battle.net) (Version:  - Blizzard Entertainment)

Battlefield 3™ (HKLM-x32\...\{76285C16-411A-488A-BCE3-C83CB933D8CF}) (Version: 1.6.0.0 - Electronic Arts)

Battlefield 4™ (HKLM-x32\...\{ABADE36E-EC37-413B-8179-B432AD3FACE7}) (Version: 1.2.0.0 - Electronic Arts)

Battlelog Web Plugins (HKLM-x32\...\Battlelog Web Plugins) (Version: 2.3.2 - EA Digital Illusions CE AB)

BattlEye for OA Uninstall (HKLM-x32\...\BattlEye for OA) (Version:  - )

BattlEye Uninstall (HKLM-x32\...\BattlEye for A2) (Version:  - )

Blacklight: Retribution (HKLM-x32\...\Steam App 209870) (Version:  - )

Bonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 - Apple Inc.)

Borderlands 2 (HKLM-x32\...\Steam App 49520) (Version:  - Gearbox Software)

Botanicula (HKLM-x32\...\Steam App 207690) (Version:  - Amanita Design)

Canon Easy-WebPrint EX (HKLM-x32\...\Easy-WebPrint EX) (Version: 1.3.5.0 - Canon Inc.)

Canon IJ Network Scanner Selector EX (HKLM-x32\...\Canon_IJ_Network_Scanner_Selector_EX) (Version:  - Canon Inc.)

Canon IJ Network Tool (HKLM-x32\...\Canon_IJ_Network_UTILITY) (Version: 3.2.0 - Canon Inc.)

Canon IJ Scan Utility (HKLM-x32\...\Canon_IJ_Scan_Utility) (Version:  - Canon Inc.)

Canon Inkjet Printer/Scanner/Fax Extended Survey Program (HKLM-x32\...\CANONIJPLM100) (Version: 4.0.0 - Canon Inc.)

Canon MX520 series MP Drivers (HKLM\...\{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_MX520_series) (Version: 1.00 - Canon Inc.)

Canon MX520 series On-screen Manual (HKLM-x32\...\Canon MX520 series On-screen Manual) (Version: 7.6.0 - Canon Inc.)

Canon My Image Garden (HKLM-x32\...\Canon My Image Garden) (Version: 1.1.0 - Canon Inc.)

Canon My Image Garden Design Files (HKLM-x32\...\Canon My Image Garden Design Files) (Version: 1.0.1 - Canon Inc.)

Canon My Printer (HKLM-x32\...\CanonMyPrinter) (Version: 3.1.0 - Canon Inc.)

Canon Quick Menu (HKLM-x32\...\CanonQuickMenu) (Version: 2.1.0 - Canon Inc.)

Canon Speed Dial Utility (HKLM-x32\...\Speed Dial Utility) (Version: 1.3.0 - Canon Inc.)

CCleaner (HKLM\...\CCleaner) (Version: 4.04 - Piriform)

Cheat Engine 6.2 (HKLM-x32\...\Cheat Engine 6.2_is1) (Version:  - Dark Byte)

Chivalry: Medieval Warfare (HKLM-x32\...\Steam App 219640) (Version:  - )

Cities XL Platinum (HKLM-x32\...\Steam App 231140) (Version:  - Focus Home Interactive)

Command and Conquer: Red Alert 3 - Uprising (HKLM-x32\...\Steam App 24800) (Version:  - EA Los Angeles)

Confrontation (HKLM-x32\...\Steam App 204560) (Version:  - Cyanide Studios)

Counter-Strike: Global Offensive (HKLM-x32\...\Steam App 730) (Version:  - Valve)

Counter-Strike: Source (HKLM-x32\...\Steam App 240) (Version:  - Valve)

Counter-Strike: Source Beta (HKLM-x32\...\Steam App 260) (Version:  - )

Crysis 2 Maximum Edition (HKLM-x32\...\Steam App 108800) (Version:  - Crytek Studios)

Cube World version 0.0.1 (HKLM-x32\...\{D692A0E0-1BBB-4E9C-826E-4254EE330830}_is1) (Version: 0.0.1 - Picroma)

D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden

Dawngate (HKLM-x32\...\{1330926C-251C-414E-A681-F8CEF84899BC}) (Version: 182.23.92.0 - Electronic Arts, Inc.)

DayZ Commander (HKLM-x32\...\{B3653588-3AC0-4A1D-950F-D96531E84374}) (Version: 0.92.91 - Dotjosh Studios)

Defender's Quest: Valley of the Forgotten (HKLM-x32\...\Steam App 218410) (Version:  - Level Up Labs, LLC)

Definition Update for Microsoft Office 2010 (KB982726) 32-Bit Edition (HKLM-x32\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{E581F27C-B798-42D8-9BD1-0A469A2C97AE}) (Version:  - Microsoft)

Diablo III (HKLM-x32\...\Diablo III) (Version:  - Blizzard Entertainment)

DivX Setup (HKLM-x32\...\DivX Setup) (Version: 2.6.1.8 - DivX, LLC)

Don't Starve (HKLM-x32\...\Steam App 219740) (Version:  - )

DOOM 3: BFG Edition (HKLM-x32\...\Steam App 208200) (Version:  - id Software)

Dota 2 (HKLM-x32\...\Steam App 570) (Version:  - )

Dungeon Defenders (HKLM-x32\...\Steam App 65800) (Version:  - )

Dungeonland (HKLM-x32\...\Steam App 218130) (Version:  - Critical Studio)

DYNASTY WARRIORS 8: Xtreme Legends Complete Edition (HKLM-x32\...\Steam App 278080) (Version:  - TECMO KOEI GAMES CO., LTD.)

Elsword version v3.0424.7.2 (HKLM-x32\...\{E655DDFC-24DB-4FC3-8474-271E911309B4}_is1) (Version: v3.0424.7.2 - Kill3rCombo)

Energy Management (HKLM-x32\...\InstallShield_{D0956C11-0F60-43FE-99AD-524E833471BB}) (Version: 7.0.3.8 - Lenovo)

Energy Management (x32 Version: 7.0.3.8 - Lenovo) Hidden

Epson Print CD (HKLM-x32\...\{D16A31F9-276D-4968-A753-FFEAC56995D0}) (Version: 2.05.00 - SEIKO EPSON CORPORATION)

Epson Professional Print Samples (HKLM-x32\...\{E88FA8EC-3D78-4879-8CA5-DCE2F3FF9BC7}) (Version:  - )

Epson Stylus Photo R3000 Printer Uninstall (HKLM\...\Epson Stylus Photo R3000) (Version:  - SEIKO EPSON Corporation)

EpsonNet Print (HKLM-x32\...\{3E31400D-274E-4647-916C-2CACC3741799}) (Version: 2.4j - SEIKO EPSON CORPORATION)

EpsonNet Setup 3.3 (HKLM-x32\...\{C9D8A041-2963-4B31-8FFC-1500F3DB9293}) (Version: 3.3b - SEIKO EPSON CORPORATION)

ESN Sonar (HKLM-x32\...\ESN Sonar-0.70.4) (Version: 0.70.4 - ESN Social Software AB)

Facebook Video Calling 2.0.0.447 (HKLM-x32\...\{8DF41A9F-FE13-43E8-A003-5F9B55A011EE}) (Version: 2.0.447 - Skype Limited)

Far Cry® 3 (HKLM-x32\...\Steam App 220240) (Version:  - Ubisoft Montreal, Massive Entertainment, and Ubisoft Shanghai)

Fraps (HKLM-x32\...\Fraps) (Version:  - )

FTL version 1.01 (HKLM-x32\...\{20E23A40-38E5-4DD6-B738-BC8097AE66B6}_is1) (Version: 1.01 - Subset Games)

FTL: Faster Than Light (HKLM-x32\...\Steam App 212680) (Version:  - Subset Games)

Game Dev Tycoon (HKLM-x32\...\Steam App 239820) (Version:  - Greenheart Games)

Gameiki Mod Installer (HKCU\...\Gameiki) (Version:  - )

Garry's Mod (HKLM-x32\...\Steam App 4000) (Version:  - Garry)

Google Chrome (HKLM-x32\...\Google Chrome) (Version: 35.0.1916.153 - Google Inc.)

Google Update Helper (x32 Version: 1.3.24.7 - Google Inc.) Hidden

Guacamelee! Gold Edition (HKLM-x32\...\Steam App 214770) (Version:  - DrinkBox Studios)

Guns of Icarus Online (HKLM-x32\...\Steam App 209080) (Version:  - Muse Games)

Half-Life 2: Lost Coast (HKLM-x32\...\Steam App 340) (Version:  - Valve)

Hammerwatch (HKLM-x32\...\Steam App 239070) (Version:  - )

Hearthstone (HKLM-x32\...\Hearthstone) (Version:  - Blizzard Entertainment)

Heroes of Newerth (HKLM-x32\...\hon) (Version: 2.3.0 - S2 Games)

Heva Clonia v130090401 (HKLM-x32\...\{AC8A182F-C216-429E-91E5-2383E1FC2938}_is1) (Version: HevaOnline 2014/09/05 - PlayBuster)

Hi-Rez Studios Authenticate and Update Service (HKLM-x32\...\{3C87E0FF-BC0A-4F5E-951B-68DC3F8DF1FC}) (Version: 3.0.0.0 - Hi-Rez Studios)

Intel PROSet Wireless (Version:  - ) Hidden

Intel® Control Center (HKLM-x32\...\{F8A9085D-4C7A-41a9-8A77-C8998A96C421}) (Version: 1.2.1.1007 - Intel Corporation)

Intel® Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 8.0.3.1427 - Intel Corporation)

Intel® OpenCL CPU Runtime (HKLM-x32\...\{FCB3772C-B7D0-4933-B1A9-3707EBACC573}) (Version:  - Intel Corporation)

Intel® Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 8.15.10.2656 - Intel Corporation)

Intel® PROSet/Wireless for Bluetooth® 3.0 + High Speed (HKLM\...\{2C0E6BD4-65B1-4E82-B2AC-43EFFC8F100C}) (Version: 15.0.0.0059 - Intel Corporation)

Intel® Rapid Storage Technology (HKLM-x32\...\{3E29EE6C-963A-4aae-86C1-DC237C4A49FC}) (Version: 11.0.0.1032 - Intel Corporation)

Intel® USB 3.0 eXtensible Host Controller Driver (HKLM-x32\...\{240C3DDD-C5E9-4029-9DF7-95650D040CF2}) (Version: 1.0.4.220 - Intel Corporation)

Intel® WiDi (HKLM-x32\...\{7FCB8D5D-9396-4D17-8CFA-349D6D49CD32}) (Version: 3.0.13.0 - Intel Corporation)

Intel® Wireless Display (HKLM\...\{28EF7372-9087-4AC3-9B9F-D9751FCDF830}) (Version:  - )

Intel® Wireless Music device driver (HKLM\...\{4169B8AC-D144-4E38-A9CA-637EA44129ED}) (Version: 1.5.5323.0 - Intel Corporation)

Intel® PROSet/Wireless WiFi Software (HKLM\...\{DF7756DD-656A-45C3-BA71-74673E8259A9}) (Version: 15.00.0000.0642 - Intel Corporation)

Intel® Trusted Connect Service Client (HKLM\...\{09536BA1-E498-4CC3-B834-D884A67D7E34}) (Version: 1.23.605.1 - Intel Corporation)

Intelligent Touchpad (HKLM-x32\...\{FDB0A81A-1173-4B15-BEA4-89FEA0474F17}) (Version: 1.00.0108 - Lenovo)

iTunes (HKLM\...\{F73A118B-8271-47E2-8790-0C636B2539C5}) (Version: 11.1.0.126 - Apple Inc.)

Java 7 Update 17 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F86417017FF}) (Version: 7.0.170 - Oracle)

Java 7 Update 45 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83217045FF}) (Version: 7.0.450 - Oracle)

Java Auto Updater (x32 Version: 2.1.9.8 - Sun Microsystems, Inc.) Hidden

JMicron Flash Media Controller Driver (HKLM-x32\...\{26604C7E-A313-4D12-867F-7C6E7820BE4C}) (Version: 1.0.64.1 - JMicron Technology Corp.)

Junk Mail filter update (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden

Just Cause 2 (HKLM-x32\...\Steam App 8190) (Version:  - Avalanche Studios)

Kingdom Rush (HKLM-x32\...\Steam App 246420) (Version:  - Ironhide Game Studio)

League of Legends (HKLM-x32\...\{92606477-9366-4D3B-8AE3-6BE4B29727AB}) (Version: 1.3 - Riot Games)

Left 4 Dead 2 (HKLM-x32\...\Steam App 550) (Version:  - Valve)

Lenovo Bluetooth with Enhanced Data Rate Software (HKLM\...\{A1439D4F-FD46-47F2-A1D3-FEE097C29A09}) (Version: 6.5.1.2300 - Broadcom Corporation)

Lenovo EasyCamera (HKLM-x32\...\{E0A7ED39-8CD6-4351-93C3-69CCA00D12B4}) (Version: 6.1.7600.117 - Realtek Semiconductor Corp.)

Lenovo EE Boot Optimizer (HKLM\...\Lenovo EE Boot Optimizer) (Version: 0.0.1.9 - Lenovo)

Lenovo OneKey Recovery (HKLM-x32\...\InstallShield_{46F4D124-20E5-4D12-BE52-EC177A7A4B42}) (Version: 7.0.0.3712 - CyberLink Corp.)

Lenovo OneKey Recovery (Version: 7.0.0.3712 - CyberLink Corp.) Hidden

Lenovo PowerDVD10 (HKLM-x32\...\InstallShield_{DEC235ED-58A4-4517-A278-C41E8DAEAB3B}) (Version: 10.0.3712.52 - CyberLink Corp.)

Lenovo PowerDVD10 (x32 Version: 10.0.3712.52 - CyberLink Corp.) Hidden

Lenovo YouCam (HKLM-x32\...\InstallShield_{01FB4998-33C4-4431-85ED-079E3EEFE75D}) (Version: 3.1.3728 - CyberLink Corp.)

Lenovo YouCam (x32 Version: 3.1.3728 - CyberLink Corp.) Hidden

Little Fighter 2 1.9c (HKLM-x32\...\Little Fighter 2) (Version: 1.9c - )

LockKey (HKLM-x32\...\InstallShield_{AF192694-4B15-4AC1-92F3-1B02E98C08BD}) (Version: 1.38.1.2 - Lenovo)

LockKey (x32 Version: 1.38.1.2 - Lenovo) Hidden

Lost Saga (HKLM-x32\...\LostSagaUS) (Version:  - OGPLANET)

Magic: The Gathering - Duels of the Planeswalkers 2013 (HKLM-x32\...\Steam App 97330) (Version:  - )

Magicka (HKLM-x32\...\Steam App 42910) (Version:  - Arrowhead Game Studios AB)

Magicka: Wizard Wars (HKLM-x32\...\Steam App 202090) (Version:  - Paradox North)

Malwarebytes Anti-Malware version 2.0.2.1012 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.0.2.1012 - Malwarebytes Corporation)

Mark of the Ninja (HKLM-x32\...\Steam App 214560) (Version:  - Klei Entertainment)

Mesh Runtime (x32 Version: 15.4.5722.2 - Microsoft Corporation) Hidden

Microsoft .NET Framework 4 Client Profile (HKLM\...\Microsoft .NET Framework 4 Client Profile) (Version: 4.0.30319 - Microsoft Corporation)

Microsoft .NET Framework 4 Client Profile (Version: 4.0.30319 - Microsoft Corporation) Hidden

Microsoft .NET Framework 4 Extended (HKLM\...\Microsoft .NET Framework 4 Extended) (Version: 4.0.30319 - Microsoft Corporation)

Microsoft .NET Framework 4 Extended (Version: 4.0.30319 - Microsoft Corporation) Hidden

Microsoft Application Error Reporting (Version: 12.0.6015.5000 - Microsoft Corporation) Hidden

Microsoft Games for Windows - LIVE Redistributable (HKLM-x32\...\{832D9DE0-8AFC-4689-9819-4DBBDEBD3E4F}) (Version: 3.5.92.0 - Microsoft Corporation)

Microsoft Games for Windows Marketplace (HKLM-x32\...\{4CB0307C-565E-4441-86BE-0DF2E4FB828C}) (Version: 3.5.50.0 - Microsoft Corporation)

Microsoft Office 2010 (HKLM-x32\...\{95140000-0070-0000-0000-0000000FF1CE}) (Version: 14.0.4763.1000 - Microsoft Corporation)

Microsoft Office 2010 Service Pack 1 (SP1) (HKLM-x32\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{047B0968-E622-4FAA-9B4B-121FA109EDDE}) (Version:  - Microsoft)

Microsoft Office 2010 Service Pack 1 (SP1) (x32 Version:  - Microsoft) Hidden

Microsoft Office Access MUI (English) 2010 (x32 Version: 14.0.6029.1000 - Microsoft Corporation) Hidden

Microsoft Office Access Setup Metadata MUI (English) 2010 (x32 Version: 14.0.6029.1000 - Microsoft Corporation) Hidden

Microsoft Office Excel MUI (English) 2010 (x32 Version: 14.0.6029.1000 - Microsoft Corporation) Hidden

Microsoft Office Groove MUI (English) 2010 (x32 Version: 14.0.6029.1000 - Microsoft Corporation) Hidden

Microsoft Office InfoPath MUI (English) 2010 (x32 Version: 14.0.6029.1000 - Microsoft Corporation) Hidden

Microsoft Office Office 64-bit Components 2010 (Version: 14.0.6029.1000 - Microsoft Corporation) Hidden

Microsoft Office OneNote MUI (English) 2010 (x32 Version: 14.0.6029.1000 - Microsoft Corporation) Hidden

Microsoft Office Outlook MUI (English) 2010 (x32 Version: 14.0.6029.1000 - Microsoft Corporation) Hidden

Microsoft Office PowerPoint MUI (English) 2010 (x32 Version: 14.0.6029.1000 - Microsoft Corporation) Hidden

Microsoft Office Professional Plus 2010 (HKLM-x32\...\Office14.PROPLUS) (Version: 14.0.6029.1000 - Microsoft Corporation)

Microsoft Office Professional Plus 2010 (x32 Version: 14.0.6029.1000 - Microsoft Corporation) Hidden

Microsoft Office Proof (English) 2010 (x32 Version: 14.0.6029.1000 - Microsoft Corporation) Hidden

Microsoft Office Proof (French) 2010 (x32 Version: 14.0.6029.1000 - Microsoft Corporation) Hidden

Microsoft Office Proof (Spanish) 2010 (x32 Version: 14.0.6029.1000 - Microsoft Corporation) Hidden

Microsoft Office Proofing (English) 2010 (x32 Version: 14.0.6029.1000 - Microsoft Corporation) Hidden

Microsoft Office Publisher MUI (English) 2010 (x32 Version: 14.0.6029.1000 - Microsoft Corporation) Hidden

Microsoft Office Shared 64-bit MUI (English) 2010 (Version: 14.0.6029.1000 - Microsoft Corporation) Hidden

Microsoft Office Shared 64-bit Setup Metadata MUI (English) 2010 (Version: 14.0.6029.1000 - Microsoft Corporation) Hidden

Microsoft Office Shared MUI (English) 2010 (x32 Version: 14.0.6029.1000 - Microsoft Corporation) Hidden

Microsoft Office Shared Setup Metadata MUI (English) 2010 (x32 Version: 14.0.6029.1000 - Microsoft Corporation) Hidden

Microsoft Office Word MUI (English) 2010 (x32 Version: 14.0.6029.1000 - Microsoft Corporation) Hidden

Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.20913.0 - Microsoft Corporation)

Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)

Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)

Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)

Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)

Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{A49F249F-0C91-497F-86DF-B2585E8E76B7}) (Version: 8.0.50727.42 - Microsoft Corporation)

Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)

Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)

Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)

Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)

Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729 (HKLM-x32\...\{887868A2-D6DE-3255-AA92-AA0B5A59B874}) (Version: 9.0.30729 - Microsoft Corporation)

Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)

Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)

Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)

Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)

Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)

Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.60610 (HKLM-x32\...\{a1909659-0a08-4554-8af1-2175904903a1}) (Version: 11.0.60610.1 - Microsoft Corporation)

Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.60610 (HKLM-x32\...\{95716cce-fc71-413f-8ad5-56c2892d4b3a}) (Version: 11.0.60610.1 - Microsoft Corporation)

Microsoft Visual C++ 2012 x64 Additional Runtime - 11.0.60610 (Version: 11.0.60610 - Microsoft Corporation) Hidden

Microsoft Visual C++ 2012 x64 Minimum Runtime - 11.0.60610 (Version: 11.0.60610 - Microsoft Corporation) Hidden

Microsoft Visual C++ 2012 x86 Additional Runtime - 11.0.60610 (x32 Version: 11.0.60610 - Microsoft Corporation) Hidden

Microsoft Visual C++ 2012 x86 Minimum Runtime - 11.0.60610 (x32 Version: 11.0.60610 - Microsoft Corporation) Hidden

Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.21005 (HKLM-x32\...\{ce085a78-074e-4823-8dc1-8a721b94b76d}) (Version: 12.0.21005.1 - Microsoft Corporation)

Microsoft Visual C++ 2013 x86 Additional Runtime - 12.0.21005 (x32 Version: 12.0.21005 - Microsoft Corporation) Hidden

Microsoft Visual C++ 2013 x86 Minimum Runtime - 12.0.21005 (x32 Version: 12.0.21005 - Microsoft Corporation) Hidden

Microsoft WSE 3.0 Runtime (HKLM-x32\...\{E3E71D07-CD27-46CB-8448-16D4FB29AA13}) (Version: 3.0.5305.0 - Microsoft Corp.)

Microsoft XNA Framework Redistributable 3.1 (HKLM-x32\...\{19BFDA5D-1FE2-4F25-97F9-1A79DD04EE20}) (Version: 3.1.10527.0 - Microsoft Corporation)

Microsoft XNA Framework Redistributable 4.0 (HKLM-x32\...\{2BFC7AA0-544C-4E3A-8796-67F3BE655BE9}) (Version: 4.0.20823.0 - Microsoft Corporation)

Microsoft XNA Framework Redistributable 4.0 Refresh (HKLM-x32\...\{D69C8EDE-BBC5-436B-8E0E-C5A6D311CF4F}) (Version: 4.0.30901.0 - Microsoft Corporation)

Microsoft_VC80_CRT_x86 (x32 Version: 8.0.50727.4053 - Adobe) Hidden

Microsoft_VC90_CRT_x86 (x32 Version: 1.00.0000 - Adobe) Hidden

Might & Magic: Duel of Champions (HKLM-x32\...\Steam App 256410) (Version:  - Ubisoft Quebec)

Might & Magic: Heroes VI (HKLM-x32\...\Steam App 48220) (Version:  - Blackhole)

Mortal Kombat Kollection (HKLM-x32\...\Steam App 205350) (Version:  - Other Ocean Interactive)

Mount & Blade: Warband (HKLM-x32\...\Steam App 48700) (Version:  - Taleworlds Entertainment)

Mount & Blade: With Fire and Sword (HKLM-x32\...\Steam App 48720) (Version:  - )

Mozilla Firefox 26.0 (x86 en-US) (HKLM-x32\...\Mozilla Firefox 26.0 (x86 en-US)) (Version: 26.0 - Mozilla)

Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 26.0 - Mozilla)

MSVCRT (x32 Version: 15.4.2862.0708 - Microsoft) Hidden

MSVCRT_amd64 (x32 Version: 15.4.2862.0708 - Microsoft) Hidden

MuseScore 1.3 (HKLM-x32\...\MuseScore) (Version: 1.3.0 - Werner Schweer and Others)

Music Manager (HKCU\...\MusicManager) (Version:  - Google, Inc.)

My Game Long Name (HKLM\...\UDK-19d8fabd-e0a9-4803-b97a-02d0264c345f) (Version:  - Epic Games, Inc.)

Neverwinter (HKLM-x32\...\Neverwinter) (Version:  - Cryptic Studios)

NewFreeScreensaver nfsSunsetSea (HKLM-x32\...\Sunset Sea New Free Screensaver_is1) (Version:  - )

NewFreeScreensavers Toolbar (HKLM-x32\...\NewFreeScreensavers Toolbar) (Version: 6.9.0.16 - NewFreeScreensavers)

Nsd (HKLM-x32\...\{4677B88C-CE16-4CBB-A2CB-B76E9D456C7F}) (Version: 1.0.1.7 - Lenovo)

NVIDIA Control Panel 335.23 (Version: 335.23 - NVIDIA Corporation) Hidden

NVIDIA GeForce Experience 2.1 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 2.1 - NVIDIA Corporation)

NVIDIA Graphics Driver 335.23 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 335.23 - NVIDIA Corporation)

NVIDIA Install Application (Version: 2.1002.157.1165 - NVIDIA Corporation) Hidden

NVIDIA LED Visualizer 1.0 (Version: 1.0 - NVIDIA Corporation) Hidden

NVIDIA Network Service (Version: 1.0 - NVIDIA Corporation) Hidden

NVIDIA Optimus Update 14.6.22 (Version: 14.6.22 - NVIDIA Corporation) Hidden

NVIDIA PhysX (x32 Version: 9.13.1220 - NVIDIA Corporation) Hidden

NVIDIA PhysX System Software 9.13.1220 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.13.1220 - NVIDIA Corporation)

NVIDIA ShadowPlay 14.6.22 (Version: 14.6.22 - NVIDIA Corporation) Hidden

NVIDIA Update 14.6.22 (Version: 14.6.22 - NVIDIA Corporation) Hidden

NVIDIA Update Core (Version: 14.6.22 - NVIDIA Corporation) Hidden

NVIDIA Virtual Audio 1.2.23 (Version: 1.2.23 - NVIDIA Corporation) Hidden

OGPlanet Game Launcher (HKLM-x32\...\OGPlanet Game Launcher US) (Version: 1.0.0 - OGPlanet, Inc.)

OGPlanet Game Launcher (HKLM-x32\...\OGPlanet Game Launcher) (Version: 1.0.0 - OGPlanet, Inc.)

Onekey Theater (HKLM-x32\...\{91CC5BAE-A098-40D3-A43B-C0DC7CE263FE}) (Version: 3.0.1.0 - Lenovo)

Onekey Theater (HKLM-x32\...\InstallShield_{D4B060B9-AD4A-4152-9D99-28B93C615AFE}) (Version: 2.0.2.9 - Lenovo)

Onekey Theater (x32 Version: 2.0.2.9 - Lenovo) Hidden

OpenAL (HKLM-x32\...\OpenAL) (Version:  - )

Origin (HKLM-x32\...\Origin) (Version: 9.3.1.4482 - Electronic Arts, Inc.)

osu! (HKLM-x32\...\{C3592426-531E-4110-911D-BFECE2CE284C}) (Version: 0.0.0.0 - peppy)

Path of Exile (HKLM-x32\...\Steam App 238960) (Version:  - Grinding Gear Games)

PDF Settings CS6 (x32 Version: 11.0 - Adobe Systems Incorporated) Hidden

PlanetSide 2 (HKLM-x32\...\Steam App 218230) (Version:  - Sony Online Entertainment)

PlanetSide 2 Beta (HKCU\...\SOE-PlanetSide 2 Beta) (Version:  - Sony Online Entertainment)

Plants vs. Zombies: Game of the Year (HKLM-x32\...\Steam App 3590) (Version:  - PopCap Games, Inc.)

Poker Night 2 (HKLM-x32\...\Steam App 234710) (Version:  - Telltale Games)

Portal (HKLM-x32\...\Steam App 400) (Version:  - Valve)

Portal 2 (HKLM-x32\...\Steam App 620) (Version:  - Valve)

Power2Go (HKLM-x32\...\{40BF1E83-20EB-11D8-97C5-0009C5020658}) (Version: 5.6.0.7303 - CyberLink Corp.)

PowerISO (HKLM-x32\...\PowerISO) (Version: 4.7 - PowerISO Computing, Inc.)

Project64 1.6 (HKLM-x32\...\{9559F7CA-5E34-4237-A2D9-D856464AD727}) (Version: 1.6 - Project64)

PunkBuster Services (HKLM-x32\...\PunkBusterSvc) (Version: 0.993 - Even Balance, Inc.)

RAW - Realms of Ancient War (HKLM-x32\...\Steam App 209730) (Version:  - Wizarbox)

Realm of the Mad God (HKLM-x32\...\Steam App 200210) (Version:  - )

Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6543 - Realtek Semiconductor Corp.)

Reus (HKLM-x32\...\GOGPACKREUS_is1) (Version: 2.0.0.10 - GOG.com)

Rise of Incarnates (HKLM-x32\...\Steam App 258160) (Version:  - )

Risk of Rain (HKLM-x32\...\Steam App 248820) (Version:  - )

Rosetta Stone Ltd Services (HKLM-x32\...\{2110AF8F-F6E9-4712-A185-1B839C60822E}) (Version: 2.2.1.1 - Rosetta Stone Ltd.)

Rosetta Stone Version 3 (HKLM-x32\...\{80F7CA44-F3A5-4853-8BA6-DDF57CD4F078}) (Version: 3.4.7.0 - Rosetta Stone Ltd.)

RPG Maker VX Ace (HKLM-x32\...\Steam App 220700) (Version:  - Enterbrain)

Rumble Fighter (HKLM-x32\...\RumbleFighter) (Version:  - )

Saints Row IV (HKLM-x32\...\Steam App 206420) (Version:  - Deep Silver Volition)

Saints Row: The Third (HKLM-x32\...\Steam App 55230) (Version:  - Volition)

Sanctum (HKLM-x32\...\Steam App 91600) (Version:  - )

Sanctum 2 (HKLM-x32\...\Steam App 210770) (Version:  - Coffee Stain Studios)

Scribblenauts Unlimited (HKLM-x32\...\Scribblenauts Unlimited_is1) (Version:  - )

Scribblenauts Unlimited (HKLM-x32\...\Steam App 218680) (Version:  - 5th Cell Media)

Sequence (HKLM-x32\...\Steam App 200910) (Version:  - Iridium Studios)

SHIELD Streaming (Version: 2.1.214 - NVIDIA Corporation) Hidden

Sid Meier's Civilization V (HKLM-x32\...\Steam App 8930) (Version:  - 2K Games, Inc.)

Skullgirls (HKLM-x32\...\Steam App 245170) (Version:  - Lab Zero Games)

Skype™ 6.16 (HKLM-x32\...\{7A3C7E05-EE37-47D6-99E1-2EB05A3DA3F7}) (Version: 6.16.105 - Skype Technologies S.A.)

Smite (HKLM-x32\...\{3C87E0FF-BC0A-4F5E-951B-68DC3F8DF017}) (Version: 1.0.2173.0 - Hi-Rez Studios)

Speccy (HKLM\...\Speccy) (Version: 1.22 - Piriform)

Spelunky (HKLM-x32\...\Steam App 239350) (Version:  - )

Spotify (HKCU\...\Spotify) (Version: 0.9.1.57.ge7405149 - Spotify AB)

Starbound (HKLM-x32\...\Steam App 211820) (Version:  - )

StarCraft II (HKLM-x32\...\StarCraft II) (Version:  - Blizzard Entertainment)

Steam (HKLM-x32\...\{048298C9-A4D3-490B-9FF9-AB023A9238F3}) (Version: 1.0.0.0 - Valve Corporation)

Stellar Phoenix Photo Recovery (HKLM-x32\...\Stellar Phoenix Photo Recovery_is1) (Version: 6.0.0.1 - Stellar Information Technology Pvt Ltd.)

Super Crate Box (HKLM-x32\...\Steam App 212800) (Version:  - )

Supraball (HKLM\...\UDK-f8e7b54f-1c9c-4b15-9e80-d71db120f723) (Version:  - Epic Games, Inc.)

Supraball (HKLM-x32\...\Supraball) (Version:  - Supra Games Gbr)

Symphony (HKLM-x32\...\Steam App 207750) (Version:  - Empty Clip Studios)

Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 15.3.38.0 - Synaptics Incorporated)

TERA (HKLM-x32\...\{0FCDA0F8-F3E5-402E-B9B6-13CB2B01182B}) (Version: 1.41 - En Masse Entertainment)

Terraria (HKLM-x32\...\Steam App 105600) (Version:  - )

The Binding of Isaac (HKLM-x32\...\Steam App 113200) (Version:  - )

The Elder Scrolls V: Skyrim (HKLM-x32\...\Steam App 72850) (Version:  - Bethesda Game Studios)

The Last Remnant Demo (HKLM-x32\...\Steam App 23330) (Version:  - Square Enix)

The Political Machine 2012 (HKLM-x32\...\Steam App 211120) (Version:  - )

The Showdown Effect (HKLM-x32\...\Steam App 204080) (Version:  - Arrowhead Game Studios)

The Sims™ 3 (HKLM-x32\...\{C05D8CDB-417D-4335-A38C-A0659EDFD6B8}) (Version: 1.50.56 - Electronic Arts)

The Witcher 2: Assassins of Kings Enhanced Edition (HKLM-x32\...\Steam App 20920) (Version:  - CD Projekt RED)

Thomas Was Alone (HKLM-x32\...\Steam App 220780) (Version:  - Mike Bithell)

TI Connect™ (HKLM-x32\...\{D06BA64C-4447-49B4-B99D-E85BEA9E1035}) (Version: 4.0.0.218 - Texas Instruments Inc.)

Titan Quest (HKLM-x32\...\Steam App 4540) (Version:  - Iron Lore Entertainment)

Titan Quest: Immortal Throne (HKLM-x32\...\Steam App 4550) (Version:  - Iron Lore Entertainment)

Titanfall™-Beta (HKLM-x32\...\{E933BD1A-9B05-42A3-A1CF-3DA81C72E454}) (Version: 1.0.0.0 - Electronic Arts)

TowerFall Ascension (HKLM-x32\...\Steam App 251470) (Version:  - Matt Thorson)

Trine 2 (HKLM-x32\...\Steam App 35720) (Version:  - Frozenbyte)

Tropico 4 (HKLM-x32\...\Steam App 57690) (Version:  - )

Ubisoft Game Launcher (HKLM-x32\...\{888F1505-C2B3-4FDE-835D-36353EBD4754}) (Version: 1.0.0.0 - UBISOFT)

Unholy Heights Demo (HKLM-x32\...\Steam App 254150) (Version:  - )

Update for Microsoft .NET Framework 4 Client Profile (KB2468871) (HKLM-x32\...\{F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}.KB2468871) (Version: 1 - Microsoft Corporation)

Update for Microsoft .NET Framework 4 Client Profile (KB2533523) (HKLM-x32\...\{F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}.KB2533523) (Version: 1 - Microsoft Corporation)

Update for Microsoft .NET Framework 4 Client Profile (KB2600217) (HKLM-x32\...\{F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}.KB2600217) (Version: 1 - Microsoft Corporation)

Update for Microsoft .NET Framework 4 Client Profile (KB2836939) (HKLM-x32\...\{F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}.KB2836939) (Version: 1 - Microsoft Corporation)

Update for Microsoft .NET Framework 4 Client Profile (KB2836939v3) (HKLM-x32\...\{F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}.KB2836939v3) (Version: 3 - Microsoft Corporation)

Update for Microsoft .NET Framework 4 Extended (KB2468871) (HKLM-x32\...\{8E34682C-8118-31F1-BC4C-98CD9675E1C2}.KB2468871) (Version: 1 - Microsoft Corporation)

Update for Microsoft .NET Framework 4 Extended (KB2533523) (HKLM-x32\...\{8E34682C-8118-31F1-BC4C-98CD9675E1C2}.KB2533523) (Version: 1 - Microsoft Corporation)

Update for Microsoft .NET Framework 4 Extended (KB2600217) (HKLM-x32\...\{8E34682C-8118-31F1-BC4C-98CD9675E1C2}.KB2600217) (Version: 1 - Microsoft Corporation)

Update for Microsoft .NET Framework 4 Extended (KB2836939) (HKLM-x32\...\{8E34682C-8118-31F1-BC4C-98CD9675E1C2}.KB2836939) (Version: 1 - Microsoft Corporation)

Update for Microsoft .NET Framework 4 Extended (KB2836939v3) (HKLM-x32\...\{8E34682C-8118-31F1-BC4C-98CD9675E1C2}.KB2836939v3) (Version: 3 - Microsoft Corporation)

Update for Microsoft Access 2010 (KB2553446) 32-Bit Edition (HKLM-x32\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{B4A38370-2ADB-46B0-A1B0-0C4A2F7DCA31}) (Version:  - Microsoft)

Update for Microsoft Filter Pack 2.0 (KB2810071) 32-Bit Edition (HKLM-x32\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{001E8BF3-EDC3-4D5E-9C11-1D0E599B6497}) (Version:  - Microsoft)

Update for Microsoft Filter Pack 2.0 (KB2810071) 32-Bit Edition (HKLM-x32\...\{90140000-002A-0000-1000-0000000FF1CE}_Office14.PROPLUS_{001E8BF3-EDC3-4D5E-9C11-1D0E599B6497}) (Version:  - Microsoft)

Update for Microsoft Office 2010 (KB2553065) (HKLM-x32\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{A8686D24-1E89-43A1-973E-05A258D2B3F8}) (Version:  - Microsoft)

Update for Microsoft Office 2010 (KB2553181) 32-Bit Edition (HKLM-x32\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{48E1B6C2-7299-4F3F-AA63-42F0ACE55AA4}) (Version:  - Microsoft)

Update for Microsoft Office 2010 (KB2553267) 32-Bit Edition (HKLM-x32\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{18B3CF2A-73F7-4716-B1AE-86D68726D408}) (Version:  - Microsoft)

Update for Microsoft Office 2010 (KB2553310) 32-Bit Edition (HKLM-x32\...\{90140000-006E-0409-0000-0000000FF1CE}_Office14.PROPLUS_{73E67A3A-8D61-44EF-90C2-1697C3DBE668}) (Version:  - Microsoft)

Update for Microsoft Office 2010 (KB2566458) (HKLM-x32\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{EFB525A0-E1C0-4E32-9968-FE401BC87363}) (Version:  - Microsoft)

Update for Microsoft Office 2010 (KB2589298) 32-Bit Edition (HKLM-x32\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{DADF7E25-FFA4-4D02-BE84-1DAE62C18516}) (Version:  - Microsoft)

Update for Microsoft Office 2010 (KB2589375) 32-Bit Edition (HKLM-x32\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{287A1E92-9E41-4BC1-8920-B3D0E9220800}) (Version:  - Microsoft)

Update for Microsoft Office 2010 (KB2596964) 32-Bit Edition (HKLM-x32\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{ED31DE9A-3E13-4E2C-9106-E0D8AFFB9FA6}) (Version:  - Microsoft)

Update for Microsoft Office 2010 (KB2598242) 32-Bit Edition (HKLM-x32\...\{90140000-001F-0409-0000-0000000FF1CE}_Office14.PROPLUS_{C4F26A9B-B121-4135-8084-A0D9C780C7C8}) (Version:  - Microsoft)

Update for Microsoft Office 2010 (KB2598242) 32-Bit Edition (HKLM-x32\...\{90140000-001F-040C-0000-0000000FF1CE}_Office14.PROPLUS_{460FF681-BC66-4C38-99DF-7012E03F1EBA}) (Version:  - Microsoft)

Update for Microsoft Office 2010 (KB2598242) 32-Bit Edition (HKLM-x32\...\{90140000-001F-0C0A-0000-0000000FF1CE}_Office14.PROPLUS_{C633216E-FF30-45B6-B2AB-21922A9353EF}) (Version:  - Microsoft)

Update for Microsoft Office 2010 (KB2687503) 32-Bit Edition (HKLM-x32\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{B1FA5E8C-2342-45AF-8A62-5E860042F8DF}) (Version:  - Microsoft)

Update for Microsoft Office 2010 (KB2760598) 32-Bit Edition (HKLM-x32\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{ECFE33A3-B8B7-439A-ADE4-59FBD29EF9B8}) (Version:  - Microsoft)

Update for Microsoft Office 2010 (KB2760598) 32-Bit Edition (HKLM-x32\...\{90140000-002A-0000-1000-0000000FF1CE}_Office14.PROPLUS_{ECFE33A3-B8B7-439A-ADE4-59FBD29EF9B8}) (Version:  - Microsoft)

Update for Microsoft Office 2010 (KB2760631) 32-Bit Edition (HKLM-x32\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{35698CB7-AAA2-4577-B505-DBFF504AEF23}) (Version:  - Microsoft)

Update for Microsoft Office 2010 (KB2767886) 32-Bit Edition (HKLM-x32\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{9CFD026D-EB1C-48C2-9DD2-8E8875F251B2}) (Version:  - Microsoft)

Update for Microsoft Office 2010 (KB2794737) 32-Bit Edition (HKLM-x32\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{5AA578BB-759C-40FD-9661-A737C0884541}) (Version:  - Microsoft)

Update for Microsoft Office 2010 (KB2825640) 32-Bit Edition (HKLM-x32\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{BA610006-2C39-4419-9834-CF61AB24810A}) (Version:  - Microsoft)

Update for Microsoft Office 2010 (KB2826026) 32-Bit Edition (HKLM-x32\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{D7D96A96-F61F-48AD-B2DC-4F4B6938D2AB}) (Version:  - Microsoft)

Update for Microsoft OneNote 2010 (KB2553290) 32-Bit Edition (HKLM-x32\...\{90140000-00A1-0409-0000-0000000FF1CE}_Office14.PROPLUS_{9865DC3A-2898-48D9-B96A-46397571C934}) (Version:  - Microsoft)

Update for Microsoft OneNote 2010 (KB2810072) 32-Bit Edition (HKLM-x32\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{3EFF1957-7DEA-4C7A-8E9C-2D6D58E4B2ED}) (Version:  - Microsoft)

Update for Microsoft OneNote 2010 (KB2810072) 32-Bit Edition (HKLM-x32\...\{90140000-002A-0000-1000-0000000FF1CE}_Office14.PROPLUS_{3EFF1957-7DEA-4C7A-8E9C-2D6D58E4B2ED}) (Version:  - Microsoft)

Update for Microsoft Outlook 2010 (KB2687623) 32-Bit Edition (HKLM-x32\...\{90140000-001A-0409-0000-0000000FF1CE}_Office14.PROPLUS_{47894754-0FEC-4920-9A65-6C1E732587AC}) (Version:  - Microsoft)

Update for Microsoft Outlook Social Connector 2010 (KB2553406) 32-Bit Edition (HKLM-x32\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{BC6DFBFD-16DD-47E1-A7EF-2C062930FA4F}) (Version:  - Microsoft)

Update for Microsoft Outlook Social Connector 2010 (KB2553406) 32-Bit Edition (HKLM-x32\...\{90140000-001A-0409-0000-0000000FF1CE}_Office14.PROPLUS_{1EEFF749-6F29-4F0B-AB08-4C6EA52AA110}) (Version:  - Microsoft)

Update for Microsoft PowerPoint 2010 (KB2553145) 32-Bit Edition (HKLM-x32\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{190EC86F-5867-4D7A-B9F3-D14D82C26F3D}) (Version:  - Microsoft)

Update for Microsoft PowerPoint 2010 (KB2553145) 32-Bit Edition (HKLM-x32\...\{90140000-0018-0409-0000-0000000FF1CE}_Office14.PROPLUS_{DA2F7ECE-6629-4A80-9CDE-EC95261B75E2}) (Version:  - Microsoft)

Update for Microsoft SharePoint Workspace 2010 (KB2589371) 32-Bit Edition (HKLM-x32\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{5DA2D071-A54C-47C0-83E5-43C63DBFD936}) (Version:  - Microsoft)

Update for Microsoft SharePoint Workspace 2010 (KB2589371) 32-Bit Edition (HKLM-x32\...\{90140000-002A-0000-1000-0000000FF1CE}_Office14.PROPLUS_{5DA2D071-A54C-47C0-83E5-43C63DBFD936}) (Version:  - Microsoft)

Update for Microsoft Visio Viewer 2010 (KB2810066) 32-Bit Edition (HKLM-x32\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{8C55AA83-54C2-4236-A622-78440A411DC5}) (Version:  - Microsoft)

Update for Microsoft Word 2010 (KB2827323) 32-Bit Edition (HKLM-x32\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{2B7EA7DF-B822-4C58-B90A-961B6BAF454B}) (Version:  - Microsoft)

UserGuide (HKLM-x32\...\InstallShield_{F07C2CF8-4C53-4EC3-8162-A6221E36EB88}) (Version: 1.0.0.6 - Lenovo)

UserGuide (x32 Version: 1.0.0.6 - Lenovo) Hidden

VC80CRTRedist - 8.0.50727.6195 (x32 Version: 1.2.0 - DivX, Inc) Hidden

VLC media player 2.0.5 (HKLM-x32\...\VLC media player) (Version: 2.0.5 - VideoLAN)

VNC Mirror Driver 1.8.0 (HKLM\...\VNCMirror_is1) (Version: 1.8.0 - RealVNC Ltd.)

VNC Printer Driver 1.8.0 (HKLM\...\VNCPrinter_is1) (Version: 1.8.0 - RealVNC Ltd.)

VNC Server 5.0.5 (HKLM\...\RealVNC_is1) (Version: 5.0.5 - RealVNC Ltd)

VNC Viewer 5.0.5 (HKLM\...\RealVNCViewer_is1) (Version: 5.0.5 - RealVNC Ltd)

Wacom Tablet (HKLM\...\Wacom Tablet Driver) (Version: 6.3.8-3 - Wacom Technology Corp.)

WebM Media Foundation Components (HKLM-x32\...\webmmf) (Version: 1.0.1.1 - WebM Project)

WebTablet FB Plugin 32 bit (HKLM-x32\...\Wacom WebTabletPlugin for Internet Explorer and Netscape) (Version: 2.1.0.7 - Wacom Technology Corp.)

WebTablet FB Plugin 64 bit (HKLM\...\Wacom WebTabletPlugin for Internet Explorer and Netscape) (Version: 2.1.0.7 - Wacom Technology Corp.)

WildStar (HKLM-x32\...\WildStar) (Version:  - NCSOFT)

Windows Driver Package - Lenovo (ACPIVPC) System  (12/15/2011 7.1.0.1) (HKLM\...\99841829BE839365AA67B2AD0E50D371F59F8A1E) (Version: 12/15/2011 7.1.0.1 - Lenovo)

Windows Driver Package - Texas Instruments Inc. (SilvrLnk) USB  (06/11/2009 1.0.0.0) (HKLM\...\EC3E466026556D3EB760B01C4772277614354E11) (Version: 06/11/2009 1.0.0.0 - Texas Instruments Inc.)

Windows Driver Package - Texas Instruments Inc. (TIEHDUSB) USB  (09/02/2009 1.0.0.1) (HKLM\...\7511B29C86C398B4D11A0B0E4176CAD68D1B7057) (Version: 09/02/2009 1.0.0.1 - Texas Instruments Inc.)

Windows Live Communications Platform (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden

Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 15.4.3508.1109 - Microsoft Corporation)

Windows Live Essentials (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden

Windows Live Family Safety (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden

Windows Live ID Sign-in Assistant (Version: 7.250.4225.0 - Microsoft Corporation) Hidden

Windows Live Installer (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden

Windows Live Language Selector (Version: 15.4.3508.1109 - Microsoft Corporation) Hidden

Windows Live Mail (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden

Windows Live Mesh (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden

Windows Live Mesh ActiveX Control for Remote Connections (HKLM-x32\...\{2902F983-B4C1-44BA-B85D-5C6D52E2C441}) (Version: 15.4.5722.2 - Microsoft Corporation)

Windows Live Messenger (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden

Windows Live MIME IFilter (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden

Windows Live Movie Maker (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden

Windows Live Photo Common (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden

Windows Live Photo Gallery (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden

Windows Live PIMT Platform (x32 Version: 15.4.3508.1109 - Microsoft Corporation) Hidden

Windows Live Remote Client (Version: 15.4.5722.2 - Microsoft Corporation) Hidden

Windows Live Remote Client Resources (Version: 15.4.5722.2 - Microsoft Corporation) Hidden

Windows Live Remote Service (Version: 15.4.5722.2 - Microsoft Corporation) Hidden

Windows Live Remote Service Resources (Version: 15.4.5722.2 - Microsoft Corporation) Hidden

Windows Live SOXE (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden

Windows Live SOXE Definitions (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden

Windows Live UX Platform (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden

Windows Live UX Platform Language Pack (x32 Version: 15.4.3508.1109 - Microsoft Corporation) Hidden

Windows Live Writer (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden

Windows Live Writer Resources (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden

WinRAR 4.20 (32-bit) (HKLM-x32\...\WinRAR archiver) (Version: 4.20.0 - win.rar GmbH)

World of Warcraft (HKLM-x32\...\World of Warcraft) (Version:  - Blizzard Entertainment)

Worms Armageddon (HKLM-x32\...\Steam App 217200) (Version:  - Team17 Digital Ltd.)

Worms Revolution (HKLM-x32\...\Steam App 200170) (Version:  - Team17 Digital Ltd.)

Worms Ultimate Mayhem (HKLM-x32\...\Steam App 70600) (Version:  - Team17 Software Ltd.)

 

==================== Restore Points  =========================

 

04-06-2014 00:29:58 Installed DirectX

07-06-2014 11:04:06 Windows Update

10-06-2014 06:00:39 Installed Dawngate

 

==================== Hosts content: ==========================

 

2009-07-13 19:34 - 2009-06-10 14:00 - 00000824 ____A C:\Windows\system32\Drivers\etc\hosts

 

==================== Scheduled Tasks (whitelisted) =============

 

Task: {25593442-E70A-4748-878E-F3664D5308EA} - System32\Tasks\FacebookUpdateTaskUserS-1-5-21-2349498154-4169554833-2041502127-1001Core => C:\Users\John\AppData\Local\Facebook\Update\FacebookUpdate.exe [2013-02-24] (Facebook Inc.)

Task: {3584D08B-B212-484F-B802-B48FC0547499} - System32\Tasks\{552518DF-7DF9-4136-9866-85BF1D05DBCB} => Firefox.exe http://ui.skype.com/ui/0/5.10.0.116.259/en/go/help.faq.installer?LastError=1618

Task: {486114E3-AC73-4D9F-93E2-E351ABA0A1B0} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2013-07-22] (Piriform Ltd)

Task: {55A2FF56-2F40-4A56-907B-58D289015931} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2012-07-03] (Google Inc.)

Task: {5C74F159-665D-4F85-BD48-640D4868CFFC} - System32\Tasks\MirageAgent => C:\Program Files (x86)\Lenovo\YouCam\YCMMirage.exe [2011-01-28] (CyberLink)

Task: {6081E000-3DB1-4F3E-86FE-D9D20444B95A} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2014-05-13] (Adobe Systems Incorporated)

Task: {72E97B4C-F4B4-4315-939E-3AF52D87D255} - System32\Tasks\FacebookUpdateTaskUserS-1-5-21-2349498154-4169554833-2041502127-1001UA => C:\Users\John\AppData\Local\Facebook\Update\FacebookUpdate.exe [2013-02-24] (Facebook Inc.)

Task: {962E9427-D03E-4E6A-BDE3-7508363901BB} - System32\Tasks\{58FA7D96-7FDB-4449-8D43-08C5EF3D8BC2} => Firefox.exe http://www.skype.com/go/downloading?source=lightinstaller&ver=5.10.0.116.259&LastError=12002

Task: {A385C16F-7960-440A-9EDB-4BA484CFB885} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-2349498154-4169554833-2041502127-1001UA => C:\Users\John\AppData\Local\Google\Update\GoogleUpdate.exe [2012-08-08] (Google Inc.)

Task: {A74DFF90-C480-4BA6-8FC1-F91211E71A58} - System32\Tasks\DSite => C:\Users\John\AppData\Roaming\DSite\UPDATE~1\UPDATE~1.EXE <==== ATTENTION

Task: {A9B298CF-3CDD-4D75-AB1F-5FAB7DE3779E} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2011-06-01] (Apple Inc.)

Task: {B2BAC390-22A9-4EA6-BCBA-AADD6BFBF963} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2012-07-03] (Google Inc.)

Task: {C2C5EA02-EE2E-4828-B331-26117D4D5D5E} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-2349498154-4169554833-2041502127-1001Core => C:\Users\John\AppData\Local\Google\Update\GoogleUpdate.exe [2012-08-08] (Google Inc.)

Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe

Task: C:\Windows\Tasks\DSite.job => C:\Users\John\AppData\Roaming\DSite\UPDATE~1\UPDATE~1.EXE <==== ATTENTION

Task: C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-2349498154-4169554833-2041502127-1001Core.job => C:\Users\John\AppData\Local\Facebook\Update\FacebookUpdate.exe

Task: C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-2349498154-4169554833-2041502127-1001UA.job => C:\Users\John\AppData\Local\Facebook\Update\FacebookUpdate.exe

Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2349498154-4169554833-2041502127-1001Core.job => C:\Users\John\AppData\Local\Google\Update\GoogleUpdate.exe

Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2349498154-4169554833-2041502127-1001UA.job => C:\Users\John\AppData\Local\Google\Update\GoogleUpdate.exe

 

==================== Loaded Modules (whitelisted) =============

 

2012-07-03 16:14 - 2014-03-04 07:35 - 00013088 _____ () C:\Program Files\NVIDIA Corporation\CoProcManager\detoured.dll

2012-07-03 16:14 - 2014-03-04 06:05 - 00116056 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax64.dll

2013-10-27 23:27 - 2012-03-28 06:19 - 00140456 _____ () C:\Program Files (x86)\Canon\IJPLM\IJPLMSVC.EXE

2012-09-15 20:45 - 2014-04-19 15:06 - 00076888 _____ () C:\Windows\SysWOW64\PnkBstrA.exe

2013-09-05 01:17 - 2013-09-05 01:17 - 04300456 _____ () C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Cultures\OFFICE.ODF

2010-10-20 15:23 - 2010-10-20 15:23 - 08801632 _____ () C:\Program Files\Microsoft Office\Office14\1033\GrooveIntlResource.dll

2008-12-20 03:20 - 2012-07-03 16:56 - 00054088 _____ () C:\Program Files (x86)\Lenovo\Energy Management\HookLib.dll

2012-03-28 14:34 - 2012-07-03 16:56 - 01509936 _____ () C:\Program Files (x86)\Lenovo\Energy Management\EMWpfUI.dll

2008-12-20 03:20 - 2012-07-03 16:56 - 00054088 _____ () C:\Program Files (x86)\Lenovo\Energy Management\kbdhook.dll

2014-04-18 20:37 - 2014-04-03 16:55 - 01356568 _____ () C:\Program Files\Tablet\Wacom\libxml2.dll

2014-02-23 13:34 - 2014-02-23 13:34 - 00358912 _____ () C:\Program Files (x86)\Gameiki\Gameiki Mod Installer\Gameiki Mod Installer.exe

2012-03-12 01:43 - 2012-02-17 09:21 - 00094208 _____ () C:\Windows\system32\IccLibDll_x64.dll

2012-07-03 16:29 - 2010-10-25 22:40 - 00049056 _____ () C:\Program Files\Realtek\Audio\HDA\FMAPP.exe

2012-05-30 20:06 - 2012-05-30 20:06 - 00087912 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll

2012-05-30 20:06 - 2012-05-30 20:06 - 01242512 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll

2013-11-12 15:49 - 2013-11-12 15:49 - 00172032 _____ () C:\Windows\assembly\NativeImages_v2.0.50727_32\IsdiInterop\991a8d378a3e64b31c0f4770ba9ae071\IsdiInterop.ni.dll

2012-07-03 16:21 - 2011-11-29 20:00 - 00059392 _____ () C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IsdiInterop.dll

2012-07-03 16:21 - 2012-02-20 21:09 - 01198872 _____ () C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\ACE.dll

2012-07-03 16:14 - 2014-03-04 07:35 - 00014280 _____ () C:\Program Files (x86)\NVIDIA Corporation\CoProcManager\detoured.dll

2013-12-10 14:06 - 2013-12-10 14:06 - 10683392 _____ () C:\Users\John\AppData\Local\Programs\Google\MusicManager\QtWebKit4.dll

2013-12-10 14:06 - 2013-12-10 14:06 - 07741952 _____ () C:\Users\John\AppData\Local\Programs\Google\MusicManager\QtGui4.dll

2013-12-10 14:06 - 2013-12-10 14:06 - 02248192 _____ () C:\Users\John\AppData\Local\Programs\Google\MusicManager\QtCore4.dll

2013-12-10 14:06 - 2013-12-10 14:06 - 01681408 _____ () C:\Users\John\AppData\Local\Programs\Google\MusicManager\QtNetwork4.dll

2014-05-15 14:20 - 2014-05-15 14:20 - 00117248 _____ () C:\Users\John\AppData\Local\Programs\Google\MusicManager\libaacdec.dll

2014-05-15 14:20 - 2014-05-15 14:20 - 00231936 _____ () C:\Users\John\AppData\Local\Programs\Google\MusicManager\libmpgdec.dll

2014-05-15 14:21 - 2014-05-15 14:21 - 00253440 _____ () C:\Users\John\AppData\Local\Programs\Google\MusicManager\libid3tag.dll

2014-05-15 14:24 - 2014-05-15 14:24 - 00344064 _____ () C:\Users\John\AppData\Local\Programs\Google\MusicManager\libaudioenc.dll

2013-12-10 14:06 - 2013-12-10 14:06 - 00026624 _____ () C:\Users\John\AppData\Local\Programs\Google\MusicManager\imageformats\qgif4.dll

2013-09-05 01:14 - 2013-09-05 01:14 - 04300456 _____ () C:\Program Files (x86)\Common Files\microsoft shared\OFFICE14\Cultures\OFFICE.ODF

2010-10-20 15:45 - 2010-10-20 15:45 - 08801120 _____ () C:\Program Files (x86)\Microsoft Office\Office14\1033\GrooveIntlResource.dll

2014-06-11 19:07 - 2014-06-05 06:58 - 00716616 _____ () C:\Program Files (x86)\Google\Chrome\Application\35.0.1916.153\libglesv2.dll

2014-06-11 19:07 - 2014-06-05 06:58 - 00126280 _____ () C:\Program Files (x86)\Google\Chrome\Application\35.0.1916.153\libegl.dll

2014-06-11 19:07 - 2014-06-05 06:58 - 04217672 _____ () C:\Program Files (x86)\Google\Chrome\Application\35.0.1916.153\pdf.dll

2014-06-11 19:07 - 2014-06-05 06:58 - 00414536 _____ () C:\Program Files (x86)\Google\Chrome\Application\35.0.1916.153\ppGoogleNaClPluginChrome.dll

2014-06-11 19:07 - 2014-06-05 06:58 - 01732424 _____ () C:\Program Files (x86)\Google\Chrome\Application\35.0.1916.153\ffmpegsumo.dll

 

==================== Alternate Data Streams (whitelisted) =========

 

AlternateDataStreams: C:\ProgramData\Temp:F0D7EE30

 

==================== Safe Mode (whitelisted) ===================

 

 

==================== EXE Association (whitelisted) =============

 

 

==================== MSCONFIG/TASK MANAGER disabled items =========

 

MSCONFIG\Services: AVP => 2

MSCONFIG\Services: MBAMScheduler => 3

MSCONFIG\Services: MBAMService => 2

MSCONFIG\Services: RosettaStoneLtdController => 3

MSCONFIG\Services: wuauserv => 2

MSCONFIG\startupreg: AVP => "C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\avp.exe"

MSCONFIG\startupreg: DivXMediaServer => C:\Program Files (x86)\DivX\DivX Media Server\DivXMediaServer.exe

MSCONFIG\startupreg: EA Core => "C:\Program Files (x86)\Electronic Arts\EADM\Core.exe" -silent

MSCONFIG\startupreg: Intelligent Touchpad => C:\Program Files\Lenovo\Intelligent Touchpad\TouchZone.exe

MSCONFIG\startupreg: MusicManager => "C:\Users\John\AppData\Local\Programs\Google\MusicManager\MusicManager.exe"

MSCONFIG\startupreg: Spotify => "C:\Users\John\AppData\Roaming\Spotify\Spotify.exe" /uri spotify:autostart

MSCONFIG\startupreg: Spotify Web Helper => "C:\Users\John\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe"

MSCONFIG\startupreg: SynTPEnh => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe

MSCONFIG\startupreg: YouCam Mirage => "C:\Program Files (x86)\Lenovo\YouCam\YCMMirage.exe"

MSCONFIG\startupreg: YouCam Tray => "C:\Program Files (x86)\Lenovo\YouCam\YouCam.exe" /s

 

==================== Faulty Device Manager Devices =============

 

Name: D-Link Network Storage Enclosure

Description: D-Link Network Storage Enclosure

Class Guid: 

Manufacturer: 

Service: 

Problem: : The drivers for this device are not installed. (Code 28)

Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.

 

 

==================== Event log errors: =========================

 

Application errors:

==================

Error: (06/12/2014 03:47:21 PM) (Source: Application Error) (EventID: 1000) (User: )

Description: Faulting application name: mbam.exe, version: 1.0.0.532, time stamp: 0x53518532

Faulting module name: MSVCR100.dll, version: 10.0.40219.325, time stamp: 0x4df2be1e

Exception code: 0x40000015

Fault offset: 0x0008d6fd

Faulting process id: 0x1b48

Faulting application start time: 0xmbam.exe0

Faulting application path: mbam.exe1

Faulting module path: mbam.exe2

Report Id: mbam.exe3

 

Error: (06/12/2014 03:42:28 PM) (Source: Application Error) (EventID: 1000) (User: )

Description: Faulting application name: mbam.exe.exe, version: 1.0.0.532, time stamp: 0x53518532

Faulting module name: MSVCR100.dll, version: 10.0.40219.325, time stamp: 0x4df2be1e

Exception code: 0x40000015

Fault offset: 0x0008d6fd

Faulting process id: 0x1abc

Faulting application start time: 0xmbam.exe.exe0

Faulting application path: mbam.exe.exe1

Faulting module path: mbam.exe.exe2

Report Id: mbam.exe.exe3

 

Error: (06/12/2014 03:41:21 PM) (Source: Application Error) (EventID: 1000) (User: )

Description: Faulting application name: mbam.exe.exe, version: 1.0.0.532, time stamp: 0x53518532

Faulting module name: MSVCR100.dll, version: 10.0.40219.325, time stamp: 0x4df2be1e

Exception code: 0x40000015

Fault offset: 0x0008d6fd

Faulting process id: 0x19f4

Faulting application start time: 0xmbam.exe.exe0

Faulting application path: mbam.exe.exe1

Faulting module path: mbam.exe.exe2

Report Id: mbam.exe.exe3

 

Error: (06/12/2014 03:33:45 PM) (Source: NSDSvc) (EventID: 256) (User: )

Description: An error has occurred (---query POLICYVT key success failed with 0, The Code is:0x424.).

 

Error: (06/12/2014 03:33:45 PM) (Source: NSDSvc) (EventID: 256) (User: )

Description: An error has occurred (---Get Poicy Open key suc failed with 0, The Code is:0x422.).

 

Error: (06/12/2014 03:33:45 PM) (Source: NSDSvc) (EventID: 256) (User: )

Description: An error has occurred (---query POLICYVT key success failed with 0, The Code is:0x424.).

 

Error: (06/12/2014 03:33:45 PM) (Source: NSDSvc) (EventID: 256) (User: )

Description: An error has occurred (---Get Poicy Open key suc failed with 0, The Code is:0x422.).

 

Error: (06/12/2014 03:33:45 PM) (Source: NSDSvc) (EventID: 256) (User: )

Description: An error has occurred (---query POLICYVT key success failed with 0, The Code is:0x424.).

 

Error: (06/12/2014 03:33:45 PM) (Source: NSDSvc) (EventID: 256) (User: )

Description: An error has occurred (---Get Poicy Open key suc failed with 0, The Code is:0x422.).

 

Error: (06/12/2014 03:33:45 PM) (Source: NSDSvc) (EventID: 256) (User: )

Description: An error has occurred (---query POLICYVT key success failed with 0, The Code is:0x424.).

 

 

System errors:

=============

Error: (06/12/2014 03:33:44 PM) (Source: Service Control Manager) (EventID: 7023) (User: )

Description: The Offline Files service terminated with the following error: 

%%3

 

Error: (06/12/2014 03:33:34 PM) (Source: Service Control Manager) (EventID: 7023) (User: )

Description: The Offline Files service terminated with the following error: 

%%3

 

Error: (06/11/2014 01:23:06 PM) (Source: Service Control Manager) (EventID: 7023) (User: )

Description: The Offline Files service terminated with the following error: 

%%3

 

Error: (06/11/2014 01:22:54 PM) (Source: Service Control Manager) (EventID: 7023) (User: )

Description: The Offline Files service terminated with the following error: 

%%3

 

Error: (06/08/2014 01:53:50 PM) (Source: Service Control Manager) (EventID: 7023) (User: )

Description: The Offline Files service terminated with the following error: 

%%3

 

Error: (06/08/2014 01:53:43 PM) (Source: Service Control Manager) (EventID: 7023) (User: )

Description: The Offline Files service terminated with the following error: 

%%3

 

Error: (06/08/2014 04:11:21 AM) (Source: Service Control Manager) (EventID: 7023) (User: )

Description: The Windows Time service terminated with the following error: 

%%1115

 

Error: (06/08/2014 04:09:54 AM) (Source: Service Control Manager) (EventID: 7011) (User: )

Description: A timeout (30000 milliseconds) was reached while waiting for a transaction response from the NvStreamSvc service.

 

Error: (06/07/2014 10:33:21 PM) (Source: NetBT) (EventID: 4321) (User: )

Description: The name "WORKGROUP      :1d" could not be registered on the interface with IP address 192.168.1.76.

The computer with the IP address 192.168.1.28 did not allow the name to be claimed by

this computer.

 

Error: (06/07/2014 10:08:48 PM) (Source: bowser) (EventID: 8003) (User: )

Description: The master browser has received a server announcement from the computer JOVE-PC

that believes that it is the master browser for the domain on transport NetBT_Tcpip_{A5F37D2A-73F4-4910-ABA6-BB1056FF228F}.

The master browser is stopping or an election is being forced.

 

 

Microsoft Office Sessions:

=========================

Error: (06/12/2014 03:47:21 PM) (Source: Application Error) (EventID: 1000) (User: )

Description: mbam.exe1.0.0.53253518532MSVCR100.dll10.0.40219.3254df2be1e400000150008d6fd1b4801cf869043f29249C:\Program Files (x86)\Malwarebytes Anti-Malware\mbam.exeC:\Program Files (x86)\Malwarebytes Anti-Malware\MSVCR100.dll82e6308c-f283-11e3-8a8e-08edb9d7ac70

 

Error: (06/12/2014 03:42:28 PM) (Source: Application Error) (EventID: 1000) (User: )

Description: mbam.exe.exe1.0.0.53253518532MSVCR100.dll10.0.40219.3254df2be1e400000150008d6fd1abc01cf868f96986c3cC:\Program Files (x86)\Malwarebytes Anti-Malware\mbam.exe.exeC:\Program Files (x86)\Malwarebytes Anti-Malware\MSVCR100.dlld45867fe-f282-11e3-8a8e-08edb9d7ac70

 

Error: (06/12/2014 03:41:21 PM) (Source: Application Error) (EventID: 1000) (User: )

Description: mbam.exe.exe1.0.0.53253518532MSVCR100.dll10.0.40219.3254df2be1e400000150008d6fd19f401cf868f5ff25613C:\Program Files (x86)\Malwarebytes Anti-Malware\mbam.exe.exeC:\Program Files (x86)\Malwarebytes Anti-Malware\MSVCR100.dllac5f1140-f282-11e3-8a8e-08edb9d7ac70

 

Error: (06/12/2014 03:33:45 PM) (Source: NSDSvc) (EventID: 256) (User: )

Description: NSDSvc---query POLICYVT key success failed with 0, The Code is:0x424.

 

Error: (06/12/2014 03:33:45 PM) (Source: NSDSvc) (EventID: 256) (User: )

Description: NSDSvc---Get Poicy Open key suc failed with 0, The Code is:0x422.

 

Error: (06/12/2014 03:33:45 PM) (Source: NSDSvc) (EventID: 256) (User: )

Description: NSDSvc---query POLICYVT key success failed with 0, The Code is:0x424.

 

Error: (06/12/2014 03:33:45 PM) (Source: NSDSvc) (EventID: 256) (User: )

Description: NSDSvc---Get Poicy Open key suc failed with 0, The Code is:0x422.

 

Error: (06/12/2014 03:33:45 PM) (Source: NSDSvc) (EventID: 256) (User: )

Description: NSDSvc---query POLICYVT key success failed with 0, The Code is:0x424.

 

Error: (06/12/2014 03:33:45 PM) (Source: NSDSvc) (EventID: 256) (User: )

Description: NSDSvc---Get Poicy Open key suc failed with 0, The Code is:0x422.

 

Error: (06/12/2014 03:33:45 PM) (Source: NSDSvc) (EventID: 256) (User: )

Description: NSDSvc---query POLICYVT key success failed with 0, The Code is:0x424.

 

 

CodeIntegrity Errors:

===================================

  Date: 2014-06-12 15:43:42.068

  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\dsound.dll because the set of per-page image hashes could not be found on the system.

 

  Date: 2014-06-12 15:43:41.786

  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\dsound.dll because the set of per-page image hashes could not be found on the system.

 

  Date: 2014-06-11 23:42:54.319

  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\dsound.dll because the set of per-page image hashes could not be found on the system.

 

  Date: 2014-06-11 23:42:54.174

  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\dsound.dll because the set of per-page image hashes could not be found on the system.

 

  Date: 2014-06-11 20:56:12.270

  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\dsound.dll because the set of per-page image hashes could not be found on the system.

 

  Date: 2014-06-11 20:56:09.851

  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\dsound.dll because the set of per-page image hashes could not be found on the system.

 

  Date: 2014-06-11 20:54:59.260

  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\dsound.dll because the set of per-page image hashes could not be found on the system.

 

  Date: 2014-06-11 20:54:58.886

  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\dsound.dll because the set of per-page image hashes could not be found on the system.

 

  Date: 2014-06-11 20:52:38.745

  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\dsound.dll because the set of per-page image hashes could not be found on the system.

 

  Date: 2014-06-11 20:52:38.060

  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\dsound.dll because the set of per-page image hashes could not be found on the system.

 

 

==================== Memory info =========================== 

 

Percentage of memory in use: 39%

Total physical RAM: 8094.36 MB

Available physical RAM: 4877.59 MB

Total Pagefile: 16186.89 MB

Available Pagefile: 12446.68 MB

Total Virtual: 8192 MB

Available Virtual: 8191.82 MB

 

==================== Drives ================================

 

Drive c: (Windows7_OS) (Fixed) (Total:886.32 GB) (Free:201.93 GB) NTFS ==>[system with boot components (obtained from reading drive)]

Drive d: (LENOVO) (Fixed) (Total:25.47 GB) (Free:21.72 GB) NTFS

 

==================== MBR & Partition Table ==================

 

========================================================

Disk: 0 (MBR Code: Windows 7 or 8) (Size: 932 GB) (Disk ID: 3111D70E)

Partition 1: (Active) - (Size=200 MB) - (Type=07 NTFS)

Partition 2: (Not Active) - (Size=886 GB) - (Type=07 NTFS)

Partition 3: (Not Active) - (Size=25 GB) - (Type=07 NTFS)

Partition 4: (Not Active) - (Size=20 GB) - (Type=12)

 

==================== End Of Log ============================



 

Link to post
Share on other sites
  • 1 month later...
  • Root Admin
AdvancedSetup

AdvancedSetup

Posted
  • Root Admin
Posted

Hello and :welcome:

Please read the following and post back the logs when ready and we'll see about getting you cleaned up.

General P2P/Piracy Warning:
 
 

 
If you're using
Peer 2 Peer
software such as
uTorrent, BitTorrent
or similar you must either fully uninstall them or completely disable them from running while being assisted here.

Failure to remove or disable such software will result in your topic being closed and no further assistance being provided.

If you have
illegal/cracked software, cracks, keygens etc
. on the system, please remove or uninstall them now and read the policy on
Piracy
.



 
Before we proceed further, please read all of the following instructions carefully.
If there is anything that you do not understand kindly ask before proceeding.
If needed please print out these instructions.
  • Please do not post logs using CODE, QUOTE, or FONT tags. Just paste them as direct text.
  • If the log is too large then you can use attachments by clicking on the More Reply Options button.
  • Please enable your system to show hidden files: How to see hidden files in Windows
  • Make sure you're subscribed to this topic:
    • Click on the Follow This Topic Button (at the top right of this page), make sure that the Receive notification box is checked and that it is set to Instantly

    [*]Removing malware can be unpredictable...It is unlikely but things can go very wrong! Please make sure you Backup all files that cannot be replaced if something were to happen. You can copy them to a CD/DVD, external drive or a pen drive [*]Please don't run any other scans, download, install or uninstall any programs unless requested by me while I'm working with you. [*]The removal of malware is not instantaneous, please be patient. Often we are also on a different Time Zone. [*]Perform everything in the correct order. Sometimes one step requires the previous one. [*]If you have any problems while following my instructions, Stop there and tell me the exact nature of the issue. [*]You can check here if you're not sure if your computer is 32-bit or 64-bit [*]Please disable your antivirus while running any requested scanners so that they do not interfere with the scanners. [*]When we are done, I'll give you instructions on how to cleanup all the tools and logs [*]Please stick with me until I give you the "all clear" and Please don't waste my time by leaving before that. [*]Your topic will be closed if you haven't replied within 3 days [*](If I have not responded within 24 hours, please send me a Private Message as a reminder)


 
STEP 0
RKill is a program that was developed at BleepingComputer.com that attempts to terminate known malware processes
so that your normal security software can then run and clean your computer of infections.
When RKill runs it will kill malware processes and then removes incorrect executable associations and fixes policies
that stop us from using certain tools. When finished it will display a log file that shows the processes that were
terminated while the program was running.

As RKill only terminates a program's running process, and does not delete any files, after running it you should not reboot
your computer as any malware processes that are configured to start automatically will just be started again.
Instead, after running RKill you should immediately scan your computer using the requested scans I've included.

Please download Rkill by Grinler from one of the links below and save it to your desktop.
 


Link 2

  • On Windows XP double-click on the Rkill desktop icon to run the tool.
  • On Windows Vista/Windows 7 or 8, right-click on the Rkill desktop icon and select Run As Administrator
  • A black DOS box will briefly flash and then disappear. This is normal and indicates the tool ran successfully.
  • If not, delete the file, then download and use the one provided in Link 2.
  • If it does not work, repeat the process and attempt to use one of the remaining links until the tool runs.
  • If the tool does not run from any of the links provided, please let me know.
  • Do not reboot the computer, you will need to run the application again.

STEP 01
Backup the Registry:
Modifying the Registry can create unforeseen problems, so it always wise to create a backup before doing so.
  • Please download ERUNT from one of the following links: Link1 | Link2 | Link3
  • ERUNT (Emergency Recovery Utility NT) is a free program that allows you to keep a complete backup of your registry and restore it when needed.
  • Double click on erunt-setup.exe to Install ERUNT by following the prompts.
  • NOTE: Do not choose to allow ERUNT to add an Entry to the Startup folder. Click NO.
  • Start ERUNT either by double clicking on the desktop icon or choosing to start the program at the end of the setup process.
  • Choose a location for the backup.
    • Note: the default location is C:\Windows\ERDNT which is acceptable.

    [*]Make sure that at least the first two check boxes are selected. [*]Click on OK [*]Then click on YES to create the folder. [*]Note: if it is necessary to restore the registry, open the backup folder and start ERDNT.exe


STEP 02
Please run a Threat Scan with MBAM.  If you're unable to run or complete the scan as shown below please see the following:  MBAM Clean Removal Process 2x
When reinstalling the program please try the latest version.

Right click and choose "Run as administrator" to open Malwarebytes Anti-Malware and from the Dashboard please Check for Updates by clicking the Update Now... link
Open up Malwarebytes > Settings > Detection and Protection > Enable Scan for rootkit and Under Non Malware Protection set both PUP and PUM to Treat detections as malware.
Click on the SCAN button and run a Threat Scan with Malwarebytes Anti-Malware by clicking the Scan Now>> button.
Once completed please click on the History > Application Logs and find your scan log and open it and then click on the "copy to clipboard" button and post back the results on your next reply.
 
 
STEP 03
Please download RogueKiller and save it to your desktop.

You can check here if you're not sure if your computer is 32-bit or 64-bit

  • RogueKiller 32-bit | RogueKiller 64-bit
  • Quit all running programs.
  • For Windows XP, double-click to start.
  • For Vista,Windows 7/8, Right-click on the program and select Run as Administrator to start and when prompted allow it to run.
  • Read and accept the EULA (End User Licene Agreement)
  • Click Scan to scan the system.
  • When the scan completes Close the program > Don't Fix anything!
  • Don't run any other options, they're not all bad!!
  • Post back the report which should be located on your desktop.


Thank you
 

Link to post
Share on other sites
  • 1 month later...
  • Root Admin
AdvancedSetup

AdvancedSetup

Posted
  • Root Admin
Posted

Due to the lack of feedback this topic is closed to prevent others from posting here. If you need this topic reopened, please send a Private Message to any one of the moderating team members. Please include a link to this thread with your request. This applies only to the originator of this thread.

Other members who need assistance please start your own topic in a new thread. Thanks!

Link to post
Share on other sites
Guest
This topic is now closed to further replies.
 Share
Go to topic listing

  • Recently Browsing   0 members

    • No registered users viewing this page.
Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.

  I accept