Jump to content

Weird HTML Documents


Recommended Posts

I couldn't find any other place to post this in, so I posted it in here, as I believe these may be viruses.

~~~

So, I have these weird obscure HTML documents located in the oddest places. The reason why I'm saying this is because I know there are HTML documents that will infect a user's PC with a virus, malware, or trojan. I just want to know why there are HTML documents in my Documents. The only ones I've found are in two different locations.

 

The first one is located in: C:\Users\Public\Music\Sample Music This one is called "url".

 

The second and third ones are located in: Libraries\Documents The second one is called "http", and the third one is called, "theday".

 

Is it possible to scan HTML Documents with VirusTotal?

 

Also, I never recalled putting HTML Documents in my Sample Music and Documents folder. I'm not going to go to the HTML as the only TRUE web protection I have are WOT and AdBlock.

 

I'm sorry if you have to end up moving this thread. I just wanted some answers and I couldn't find any topic that resembled my issue.

Link to post
Share on other sites

I saw there was a new update to the freeware application FireAlpaca (which is my main art program.) I went to the English version of the official website and downloaded the setup. I ran it, and it asked for admin permission, and the File Location was strange, so I dropped the file into VirusTotal, and the only result I got was one AV saying it was a Trojan, yet that AV is known to have false positives quite a bit.

 

So, anyways, I open up Malwarebytes Antimalware before allowing it permission so I can go through the set-up and get the latest version of FireAlpaca. However, after pressing Accept (or whatever the button said), my computer started to lag. Badly. I went to Malwarebytes and right clicked to exit, but it took more than 10 minutes to close it, even WITH using Task Manager to kill it's process.

 

Also, the setup never came up. So I'm kind of scared.

 

Could this be a possible virus?

Link to post
Share on other sites

  • 2 weeks later...
  • Root Admin

Very sorry for the delay. The site has been very busy and there has been more demand for support than we were able handle for a while there.
I'm just now getting back to see if you still need help or not. If you do please reply back and let me know and I'll go ahead and assist you.

Thank you
 

Link to post
Share on other sites

  • Root Admin

Can you zip and attach the files please

 

Also let me get some logs please.

 

Please download Farbar Recovery Scan Tool and save it to your desktop.

Note: You need to run the version compatible with your system.
You can check here if you're not sure if your computer is 32-bit or 64-bit

  • Double-click to run it. When the tool opens click Yes to disclaimer.
  • Press Scan button.
  • It will make a log (FRST.txt) in the same directory the tool is run. Please copy and paste it to your reply.
  • The first time the tool is run, it also makes another log (Addition.txt). Please copy and paste it to your reply as well.


 

Link to post
Share on other sites

I found a fourth one called "readme" and, going to Properties, it says, "This file came from another computer and might be blocked to help protect this computer." Same with the one titled URL. The other two seem to have come from this computer. Anyways, here's the logs.

 

Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 23-08-2014
Ran by User (administrator) on USER-PC on 23-08-2014 10:46:00
Running from C:\Users\User\Downloads
Platform: Windows 7 Professional Service Pack 1 (X64) OS Language: English (United States)
Internet Explorer Version 11
Boot Mode: Normal

The only official download link for FRST:
Download link for 32-Bit version: http://www.bleepingcomputer.com/download/farbar-recovery-scan-tool/dl/81/
Download link for 64-Bit Version: http://www.bleepingcomputer.com/download/farbar-recovery-scan-tool/dl/82/
Download link from any site other than Bleeping Computer is unpermitted or outdated.
See tutorial for FRST: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2013\avgrsa.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2013\avgcsrva.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
(Acronis) C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedul2.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2013\avgidsagent.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2013\avgwdsvc.exe
(SEIKO EPSON CORPORATION) C:\ProgramData\EPSON\EPW!3 SSRP\E_S40RPB.EXE
(Ralink Technology, Corp.) C:\Program Files (x86)\Tenda\Common\RaRegistry.exe
(Ralink Technology, Corp.) C:\Program Files (x86)\Tenda\Common\RaRegistry64.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2013\avgnsa.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2013\avgemca.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2013\avgcsrva.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
(AWS Convergence Technologies, Inc.) C:\Program Files (x86)\AWS\WeatherBug\Weather.exe
(Google Inc.) C:\Users\User\AppData\Local\Google\Update\1.3.24.15\GoogleCrashHandler.exe
(Google Inc.) C:\Users\User\AppData\Local\Google\Update\1.3.24.15\GoogleCrashHandler64.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2013\avgui.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe


==================== Registry (Whitelisted) ==================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [NvBackend] => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [1797064 2014-03-20] (NVIDIA Corporation)
HKLM-x32\...\Run: [AVG_UI] => C:\Program Files (x86)\AVG\AVG2013\avgui.exe [4411952 2014-01-21] (AVG Technologies CZ, s.r.o.)
HKU\S-1-5-21-249128142-3472015813-3436885645-1001\...\Run: [Weather] => C:\Program Files (x86)\AWS\WeatherBug\Weather.exe [1653248 2009-12-29] (AWS Convergence Technologies, Inc.)
HKU\S-1-5-21-249128142-3472015813-3436885645-1001\...\Run: [AVG-Secure-Search-Update_0913a] => C:\Users\User\AppData\Roaming\AVG 0913a Campaign\AVG-Secure-Search-Update-0913a.exe /PROMPT --mid 8fd5fda688667889090e21313aa178e9-9a17500a96d428a5cdb8b2643968b9a928fc107f --CMPID 0913a
HKU\S-1-5-21-249128142-3472015813-3436885645-1001\...\Run: [Google Update] => C:\Users\User\AppData\Local\Google\Update\GoogleUpdate.exe [136176 2012-01-15] (Google Inc.)
HKU\S-1-5-21-249128142-3472015813-3436885645-1001\...\MountPoints2: {2081bf50-c04c-11e3-bdf5-90fba624d4c7} - F:\LaunchU3.exe
HKU\S-1-5-21-249128142-3472015813-3436885645-1001\...\MountPoints2: {3db28ca7-4b98-11df-bd5d-806e6f6e6963} - M:\setup_assist.exe
HKU\S-1-5-21-249128142-3472015813-3436885645-1001\...\MountPoints2: {eb794382-1d52-11e3-b9bf-90fba624d4c7} - F:\HTC_Sync_Manager_PC.exe
HKU\S-1-5-21-249128142-3472015813-3436885645-1001\...\MountPoints2: {f1336abd-3fb3-11e1-81df-90fba624d4c7} - G:\LaunchU3.exe -a
HKU\S-1-5-21-249128142-3472015813-3436885645-1003\...\Run: [Weather] => C:\Program Files (x86)\AWS\WeatherBug\Weather.exe [1653248 2009-12-29] (AWS Convergence Technologies, Inc.)
HKU\S-1-5-21-249128142-3472015813-3436885645-1003\...\Run: [EPSON Stylus Photo RX595 Series] => C:\Windows\system32\spool\DRIVERS\x64\3\E_IATICLA.EXE [213504 2007-03-30] (SEIKO EPSON CORPORATION)
HKU\S-1-5-21-249128142-3472015813-3436885645-1003\...\MountPoints2: {f1336abd-3fb3-11e1-81df-90fba624d4c7} - G:\LaunchU3.exe -a
Startup: C:\Users\User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\CurseClientStartup.ccip ()

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.yahoo.com/
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = http://www.msn.com/
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 0x5053DF5C00E0CA01
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = en-us
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Restore = http://www.yahoo.com/?ilc=2
URLSearchHook: HKCU - (No Name) - {80f6f9bf-9fd1-4f41-9ddf-6dd070f4f62f} - No File
SearchScopes: HKLM-x32 - {afdbddaa-5d3f-42ee-b79c-185a7020515b} URL = http://search.conduit.com/ResultsExt.aspx?q={searchTerms}&SearchSource=4&ctid=CT2383985
SearchScopes: HKCU - DefaultScope {DECA3892-BA8F-44b8-A993-A466AD694AE4} URL = http://search.yahoo.com/search?p={searchTerms}&fr=mkg028
SearchScopes: HKCU - {44816E91-C68A-2FF3-3D8F-8970062E5600} URL = http://www.bing.com/search?q={searchTerms}&pc=ZUGO&form=ZGAIDF
SearchScopes: HKCU - {80E207A6-563E-4BEB-B311-9895E58C47B6} URL = http://websearch.ask.com/redirect?client=ie&tb=FWV5&o=14193&src=crm&q={searchTerms}&locale=&apn_ptnrs=FM&apn_dtid=TES002U2US&apn_uid=7d95f257-876e-456e-8fe5-ee3d05456152&apn_sauid=C49DEE79-E2EC-4EDB-964A-A61950F6EAB1
SearchScopes: HKCU - {95B7759C-8C7F-4BF1-B163-73684A933233} URL = http://isearch.avg.com/search?cid={557BB68A-6AAB-403A-8972-33A3E37250FE}&mid=8fd5fda688667889090e21313aa178e9-9a17500a96d428a5cdb8b2643968b9a928fc107f〈=en&ds=ins10&pr=sa&d=2012-02-19 06:35:15&v=10.0.0.7&sap=dsp&q={searchTerms}
SearchScopes: HKCU - {afdbddaa-5d3f-42ee-b79c-185a7020515b} URL = http://search.conduit.com/ResultsExt.aspx?q={searchTerms}&SearchSource=4&ctid=CT2383985
SearchScopes: HKCU - {DECA3892-BA8F-44b8-A993-A466AD694AE4} URL = http://search.yahoo.com/search?p={searchTerms}&fr=mkg028
BHO: AVG Safe Search -> {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} ->  No File
BHO: Java Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO: Java Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
BHO-x32: Adobe PDF Link Helper -> {18DF081C-E8AD-4283-A596-FA578C2EBDC3} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll (Adobe Systems Incorporated)
BHO-x32: AVG Safe Search -> {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} ->  No File
BHO-x32: Java Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre7\bin\ssv.dll No File
BHO-x32: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO-x32: Java Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll No File
Toolbar: HKCU - No Name - {E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39} -  No File
Toolbar: HKCU - No Name - {80F6F9BF-9FD1-4F41-9DDF-6DD070F4F62F} -  No File
DPF: HKLM-x32 {233C1507-6A77-46A4-9443-F871F945D258} http://download.macromedia.com/pub/shockwave/cabs/director/sw.cab
DPF: HKLM-x32 {924B4927-D3BA-41EA-9F7E-8A89194AB3AC} http://panda-plugin.disney.go.com/plugin/win32/p3dactivex.cab
DPF: HKLM-x32 {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
DPF: HKLM-x32 {E2883E8F-472F-4FB0-9522-AC9BF37916A7} http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
Handler: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} -  No File
Handler-x32: http\0x00000001 - {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\SYSTEM\OLE DB\msdaipp.dll (Microsoft Corporation)
Handler-x32: http\oledb - {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\SYSTEM\OLE DB\msdaipp.dll (Microsoft Corporation)
Handler-x32: https\0x00000001 - {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\SYSTEM\OLE DB\msdaipp.dll (Microsoft Corporation)
Handler-x32: https\oledb - {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\SYSTEM\OLE DB\msdaipp.dll (Microsoft Corporation)
Handler-x32: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} -  No File
Handler-x32: msdaipp\0x00000001 - {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\SYSTEM\OLE DB\msdaipp.dll (Microsoft Corporation)
Handler-x32: msdaipp\oledb - {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\SYSTEM\OLE DB\msdaipp.dll (Microsoft Corporation)
Filter: text/xml - {807553E5-5146-11D5-A672-00B0D022E945} -  No File
Tcpip\Parameters: [DhcpNameServer] 24.116.0.53 24.116.2.50
Tcpip\..\Interfaces\{81613EB3-7C16-4CE2-9992-60820BC2DA7C}: [NameServer] 8.8.8.8,8.8.4.4

FireFox:
========
FF ProfilePath: C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\4c5vohb5.Default User
FF Homepage: about:home
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_14_0_0_179.dll ()
FF Plugin: @java.com/DTPlugin,version=10.65.2 -> C:\Program Files\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=10.65.2 -> C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin: @microsoft.com/GENUINE -> disabled No File
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_14_0_0_179.dll ()
FF Plugin-x32: @adobe.com/ShockwavePlayer -> C:\Windows\SysWOW64\Adobe\Director\np32dsw_1167637.dll (Adobe Systems, Inc.)
FF Plugin-x32: @Google.com/GoogleEarthPlugin -> C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF Plugin-x32: @java.com/DTPlugin,version=10.25.2 -> C:\Windows\SysWOW64\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.25.2 -> C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll No File
FF Plugin-x32: @microsoft.com/GENUINE -> disabled No File
FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3528.0331 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @nexon.net/NxGame -> C:\ProgramData\NexonUS\NGM\npNxGameUS.dll (Nexon)
FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)
FF Plugin-x32: @pandonetworks.com/PandoWebPlugin -> C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @vizzed.com/VizzedRGR -> C:\Program Files (x86)\Vizzed\Vizzed Retro Game Room\NpVizzedRgr.dll (Vizzed.com)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin HKCU: @nsroblox.roblox.com/launcher -> C:\Users\User\AppData\Local\Roblox\Versions\version-9054e3065d02489e\\NPRobloxProxy.dll ( ROBLOX Corporation)
FF Plugin HKCU: @talk.google.com/GoogleTalkPlugin -> C:\Users\User\AppData\Roaming\Mozilla\plugins\npgoogletalk.dll (Google)
FF Plugin HKCU: @talk.google.com/O1DPlugin -> C:\Users\User\AppData\Roaming\Mozilla\plugins\npo1d.dll (Google)
FF Plugin HKCU: @tools.google.com/Google Update;version=3 -> C:\Users\User\AppData\Local\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF Plugin HKCU: @tools.google.com/Google Update;version=9 -> C:\Users\User\AppData\Local\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF Plugin HKCU: @unity3d.com/UnityPlayer,version=1.0 -> C:\Users\User\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll (Unity Technologies ApS)
FF Plugin HKCU: pandonetworks.com/PandoWebPlugin -> C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\NPOFFICE.DLL (Microsoft Corporation)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\nppdf32.dll (Adobe Systems Inc.)
FF Plugin ProgramFiles/Appdata: C:\Users\User\AppData\Roaming\mozilla\plugins\npgoogletalk.dll (Google)
FF Plugin ProgramFiles/Appdata: C:\Users\User\AppData\Roaming\mozilla\plugins\npo1d.dll (Google)
FF Extension: WOT - C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\4c5vohb5.Default User\Extensions\{a0d7ccb3-214d-498b-b4aa-0e8fda9a7bf7} [2014-08-08]
FF Extension: Classic Theme Restorer - C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\4c5vohb5.Default User\Extensions\ClassicThemeRestorer@ArisT2Noia4dev.xpi [2014-08-16]
FF Extension: Adblock Plus - C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\4c5vohb5.Default User\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2014-08-05]

Chrome:
=======
Error reading preferences. Please check "preferences" file for possible corruption. <======= ATTENTION
CHR Extension: (Magic Actions for YouTube™) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\abjcfabbhafbcdfjoecdgepllmpfceif [2012-08-05]
CHR Extension: (Angry Birds) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\aknpkdffaafgjchaibgeefbgmgeghloj [2012-02-19]
CHR Extension: (Crazy Rollercoaster) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\eafhgomkapdagnpmmgilphbolnejepoc [2012-02-19]
CHR Extension: (Cut the Rope) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\gkddaofiamhgfjmaccfcfpfolpgbeomj [2012-06-27]
CHR Extension: (Farm King) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\hbgjffonecbloecgdnookagmopcmacfh [2012-02-19]
CHR Extension: (Zombieland) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\heaagkbpbhiejlennopopcfmfblgigjn [2012-02-19]
CHR Extension: (Ultimate Flash Sonic) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\hmgmfbijldhdncjcipeocgkgbjhaecfp [2012-08-06]
CHR Extension: (Roblox OBC Theme Changer) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\iaobbfadkioeagmemoalfhebogdenjnk [2012-08-05]
CHR Extension: (Sonic Super Crazy World) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\iedjhgjaojjpbjpnjafabbkilcblcpdd [2012-08-06]
CHR Extension: (Picnik) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\inmnggcpelemfookhlhkdfbechcdadfp [2012-02-15]
CHR Extension: (Love Smoke) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\jgibfhhccaknggplelmbaepoikkcnllb [2012-08-06]
CHR Extension: (No Name) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\jljbhenkepchpiknajdnfglojnccebbi [2013-06-18]
CHR Extension: (AVG Safe Search) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\jmfkcklnlgedgbglfkkgedjfmejoahla [2012-02-08]
CHR Extension: (No Name) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\kiildlbhjkdbimjfdhgfdmijommcnlpi [2012-08-11]
CHR Extension: (Zombie Pandemic) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\mhkicdgidnfmdfnhhllffoplpaldkljl [2012-02-19]
CHR Extension: (YouTube Ads Block, Skip, Remove by ScrewAds) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\mmbnjoljpgkhiaicaejkdcjbfjknipnc [2012-08-06]
CHR Extension: (Plants vs Zombies) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\mmcegpfdgcoclcdfkjahiimlikdpnina [2012-02-19]
CHR Extension: (FastestChrome - Browse Faster) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\mmffncokckfccddfenhkhnllmlobdahm [2012-02-19]
CHR Extension: (AVG Do Not Track) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\ndibdjnfmopecpmkdieinmbadjfpblof [2012-05-28]
CHR Extension: (piZap photo editor) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\occpjibghkbopohbefbejkklnfdkdmok [2012-02-15]
CHR Extension: (My Chrome Theme) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\oehpjpccmlcalbenfhnacjeocbjdonic [2012-08-06]
CHR Extension: (Gangs of Boomtown) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\pllbjhofadlgfiimfgbiifkonijklnmg [2012-02-19]
CHR CustomProfile: C:\Users\User\AppData\Local\Google\Chrome\User Data\Profile 1
CHR Extension: (Magic Actions for YouTube™) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\abjcfabbhafbcdfjoecdgepllmpfceif [2014-05-20]
CHR Extension: (ChromePoster) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\adnbbenoccfckadanalngjafokjnnilm [2014-05-20]
CHR Extension: (Angry Birds) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\aknpkdffaafgjchaibgeefbgmgeghloj [2014-08-04]
CHR Extension: (Sonic the Hedgehog) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\amlnebccipdnafkfjoefmenbaemehknk [2014-05-20]
CHR Extension: (Google Docs) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\aohghmighlieiainnegkcijnfilokake [2014-05-20]
CHR Extension: (Google Drive) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\apdfllckaahabafndbhieahigkjlhalf [2014-05-20]
CHR Extension: (Google Voice Search Hotword (Beta)) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\bepbmhgboaologfdajaanbcjmnhjmhfn [2014-05-21]
CHR Extension: (WOT) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\bhmmomiinigofkjcapegjjndpbikblnp [2014-07-27]
CHR Extension: (YouTube) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2014-05-20]
CHR Extension: (Adblock Plus) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2014-05-20]
CHR Extension: (Google Search) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2014-05-20]
CHR Extension: (Google Wallet) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2014-05-20]
CHR Extension: (Gmail) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2014-05-20]
CHR HKCU\...\Chrome\Extension: [kiildlbhjkdbimjfdhgfdmijommcnlpi] - C:\Users\User\AppData\Local\CRE\kiildlbhjkdbimjfdhgfdmijommcnlpi.crx [2012-08-07]
CHR HKLM-x32\...\Chrome\Extension: [kiildlbhjkdbimjfdhgfdmijommcnlpi] - C:\Users\User\AppData\Local\CRE\kiildlbhjkdbimjfdhgfdmijommcnlpi.crx [2012-08-07]
CHR StartMenuInternet: Google Chrome - C:\Users\User\AppData\Local\Google\Chrome\Application\chrome.exe

==================== Services (Whitelisted) =================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R2 AVGIDSAgent; C:\Program Files (x86)\AVG\AVG2013\avgidsagent.exe [4939312 2013-07-04] (AVG Technologies CZ, s.r.o.)
R2 avgwd; C:\Program Files (x86)\AVG\AVG2013\avgwdsvc.exe [283136 2013-11-20] (AVG Technologies CZ, s.r.o.)
R2 RalinkRegistryWriter; C:\Program Files (x86)\Tenda\Common\RaRegistry.exe [193888 2010-06-28] (Ralink Technology, Corp.)
R2 RalinkRegistryWriter64; C:\Program Files (x86)\Tenda\Common\RaRegistry64.exe [211808 2010-06-28] (Ralink Technology, Corp.)

==================== Drivers (Whitelisted) ====================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R1 AVGIDSDriver; C:\Windows\System32\DRIVERS\avgidsdrivera.sys [246072 2013-11-25] (AVG Technologies CZ, s.r.o.)
R0 AVGIDSHA; C:\Windows\System32\DRIVERS\avgidsha.sys [71480 2013-07-20] (AVG Technologies CZ, s.r.o.)
R1 Avgldx64; C:\Windows\System32\DRIVERS\avgldx64.sys [206648 2013-07-20] (AVG Technologies CZ, s.r.o.)
R0 Avgloga; C:\Windows\System32\DRIVERS\avgloga.sys [311608 2013-07-20] (AVG Technologies CZ, s.r.o.)
R0 Avgmfx64; C:\Windows\System32\DRIVERS\avgmfx64.sys [116536 2013-07-01] (AVG Technologies CZ, s.r.o.)
R0 Avgrkx64; C:\Windows\System32\DRIVERS\avgrkx64.sys [45880 2013-10-23] (AVG Technologies CZ, s.r.o.)
R1 Avgtdia; C:\Windows\System32\DRIVERS\avgtdia.sys [240952 2014-04-15] (AVG Technologies CZ, s.r.o.)
R3 irsir; C:\Windows\System32\DRIVERS\irsir.sys [27648 2008-01-19] (Microsoft Corporation)
S3 VMUVC; C:\Windows\System32\Drivers\VMUVC.sys [202112 2010-04-29] (Vimicro Corporation) [File not signed]
S3 vvftUVC; C:\Windows\System32\drivers\vvftUVC.sys [303616 2008-07-01] (Vimicro Corporation) [File not signed]
S3 EagleX64; \??\C:\Windows\system32\drivers\EagleX64.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)


==================== One Month Created Files and Folders ========

(If an entry is included in the fixlist, the file\folder will be moved.)

2014-08-23 10:43 - 2014-08-23 10:43 - 00000000 ____D () C:\Users\User\Downloads\FRST-OlderVersion
2014-08-23 10:42 - 2014-08-23 10:42 - 00003750 _____ () C:\Users\User\Desktop\HTML Files.zip
2014-08-23 10:42 - 2014-08-23 10:42 - 00000000 ____D () C:\Users\User\Desktop\HTML Files
2014-08-23 08:21 - 2014-05-14 11:23 - 02477536 _____ (Microsoft Corporation) C:\Windows\system32\wuaueng.dll
2014-08-23 08:21 - 2014-05-14 11:23 - 00058336 _____ (Microsoft Corporation) C:\Windows\system32\wuauclt.exe
2014-08-23 08:21 - 2014-05-14 11:23 - 00044512 _____ (Microsoft Corporation) C:\Windows\system32\wups2.dll
2014-08-23 08:21 - 2014-05-14 11:21 - 02620928 _____ (Microsoft Corporation) C:\Windows\system32\wucltux.dll
2014-08-23 08:21 - 2014-05-14 09:23 - 00198600 _____ (Microsoft Corporation) C:\Windows\system32\wuwebv.dll
2014-08-23 08:21 - 2014-05-14 09:23 - 00179656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuwebv.dll
2014-08-23 08:21 - 2014-05-14 09:20 - 00036864 _____ (Microsoft Corporation) C:\Windows\system32\wuapp.exe
2014-08-23 08:21 - 2014-05-14 09:17 - 00033792 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapp.exe
2014-08-19 16:07 - 2014-08-19 16:07 - 00051430 _____ () C:\Users\User\Desktop\CheckResults.txt
2014-08-19 16:03 - 2014-08-19 16:03 - 01682416 _____ (Malwarebytes Corporation) C:\Users\User\Desktop\mbam-check-2.1.1.1001.exe
2014-08-17 16:15 - 2014-08-19 16:06 - 00032580 _____ () C:\Users\User\Downloads\Addition.txt
2014-08-17 16:12 - 2014-08-23 10:46 - 00023025 _____ () C:\Users\User\Downloads\FRST.txt
2014-08-17 16:12 - 2014-08-23 10:46 - 00000000 ____D () C:\FRST
2014-08-17 16:11 - 2014-08-23 10:43 - 02103296 _____ (Farbar) C:\Users\User\Downloads\FRST64.exe
2014-08-15 22:09 - 2014-08-15 22:10 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2014-08-15 19:20 - 2014-08-15 19:20 - 00064285 _____ () C:\Users\User\Downloads\recording_1192867855_by_xxglitchmonsterxx-d7vbhxd.3gpp
2014-08-11 20:43 - 2014-08-11 20:44 - 32239888 _____ () C:\Users\User\Downloads\Firefox Setup 31.0.exe
2014-08-11 20:28 - 2014-08-11 20:29 - 00244120 _____ () C:\Users\User\Downloads\Firefox Setup Stub 31.0.exe
2014-08-11 18:46 - 2014-08-11 18:46 - 02176448 _____ (Reason Software Company Inc.) C:\Users\User\Downloads\ShouldIRemoveIt_Setup.exe
2014-08-11 17:57 - 2014-08-11 17:57 - 17292760 _____ (Malwarebytes Corporation ) C:\Users\User\Downloads\mbam-setup-2.0.2.1012.exe
2014-08-11 16:41 - 2014-08-11 16:41 - 07835768 _____ () C:\Users\User\Downloads\join.me.exe
2014-08-11 15:48 - 2014-08-11 15:48 - 11465728 _____ () C:\Users\User\Downloads\join.me.msi
2014-08-08 18:49 - 2014-08-08 19:33 - 00000000 ____D () C:\Users\User\Documents\RPGVXAce
2014-08-08 13:02 - 2014-08-08 13:02 - 00000000 ____D () C:\Users\User\AppData\Local\Skype
2014-08-08 13:01 - 2014-08-22 22:29 - 00000000 ____D () C:\Users\User\AppData\Roaming\Skype
2014-08-08 13:01 - 2014-08-08 13:01 - 00002515 _____ () C:\Users\Public\Desktop\Skype.lnk
2014-08-08 13:01 - 2014-08-08 13:01 - 00000000 ___RD () C:\Program Files (x86)\Skype
2014-08-08 13:01 - 2014-08-08 13:01 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype
2014-08-08 13:00 - 2014-08-08 13:01 - 00000000 ____D () C:\ProgramData\Skype
2014-08-08 12:59 - 2014-08-08 12:59 - 01677928 _____ (Skype Technologies S.A.) C:\Users\User\Downloads\SkypeSetup.exe
2014-08-07 18:17 - 2014-08-07 18:19 - 23729491 _____ (firealpaca.com ) C:\Users\User\Downloads\FireAlpaca_setup.exe
2014-08-06 15:19 - 2014-08-06 15:19 - 00000000 ____D () C:\Users\User\Downloads\desmume-0.9.9-win32
2014-08-06 15:00 - 2014-08-06 15:02 - 00000000 ____D () C:\Users\User\Documents\My Games
2014-08-05 18:32 - 2014-08-06 19:21 - 00000000 ____D () C:\Users\User\Documents\Bandicam
2014-08-05 18:32 - 2014-08-05 18:32 - 00000000 ____D () C:\Users\User\AppData\Roaming\BANDISOFT
2014-08-05 18:32 - 2014-08-05 18:32 - 00000000 ____D () C:\Program Files (x86)\Bandicam
2014-08-05 18:31 - 2014-08-05 18:32 - 00000000 ____D () C:\Program Files (x86)\BandiMPEG1
2014-08-05 18:30 - 2014-08-05 18:30 - 09318872 _____ (Bandisoft) C:\Users\User\Downloads\bdcamsetup.exe
2014-08-05 17:08 - 2014-08-05 17:08 - 00918440 _____ (Oracle Corporation) C:\Users\User\Downloads\chromeinstall-7u67.exe
2014-08-05 16:21 - 2014-08-05 16:21 - 00675988 _____ () C:\Users\User\Downloads\Minecraft (1).exe
2014-08-05 16:18 - 2014-08-05 16:18 - 00000000 ____D () C:\Users\User\Documents\My Curse
2014-08-05 13:12 - 2014-08-05 13:12 - 00319912 _____ (Oracle Corporation) C:\Windows\system32\javaws.exe
2014-08-05 13:12 - 2014-08-05 13:12 - 00189352 _____ (Oracle Corporation) C:\Windows\system32\java.exe
2014-08-05 13:12 - 2014-08-05 13:12 - 00111016 _____ (Oracle Corporation) C:\Windows\system32\WindowsAccessBridge-64.dll
2014-08-05 13:12 - 2014-08-05 13:12 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
2014-08-05 13:12 - 2014-08-05 13:12 - 00000000 ____D () C:\Program Files\Java
2014-08-05 13:01 - 2014-08-05 13:01 - 00159578 _____ () C:\Users\User\Downloads\JavaRa-2.6.zip
2014-08-04 18:18 - 2014-08-22 19:37 - 00000000 ____D () C:\Users\User\Desktop\Stuff I Want On My New Computer
2014-07-31 22:57 - 2014-07-31 22:57 - 00000000 ____D () C:\Users\User\Desktop\Video Avatars
2014-07-31 13:21 - 2014-07-31 13:21 - 00001308 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Movie Maker.lnk
2014-07-31 13:21 - 2014-07-31 13:21 - 00000000 ____D () C:\Windows\en
2014-07-31 13:20 - 2014-07-31 13:20 - 00001377 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Photo Gallery.lnk
2014-07-31 13:20 - 2014-07-31 13:20 - 00000000 ____D () C:\Program Files (x86)\Microsoft SQL Server Compact Edition
2014-07-31 13:19 - 2014-07-31 13:20 - 00000000 ____D () C:\Program Files (x86)\Windows Live
2014-07-31 13:18 - 2010-06-02 04:55 - 00527192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAudio2_7.dll
2014-07-31 13:18 - 2010-06-02 04:55 - 00518488 _____ (Microsoft Corporation) C:\Windows\system32\XAudio2_7.dll
2014-07-31 13:18 - 2010-06-02 04:55 - 00077656 _____ (Microsoft Corporation) C:\Windows\system32\XAPOFX1_5.dll
2014-07-31 13:18 - 2010-06-02 04:55 - 00074072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAPOFX1_5.dll
2014-07-31 13:18 - 2010-05-26 11:41 - 02526056 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_43.dll
2014-07-31 13:18 - 2010-05-26 11:41 - 02106216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_43.dll
2014-07-31 13:18 - 2010-05-26 11:41 - 00276832 _____ (Microsoft Corporation) C:\Windows\system32\d3dx11_43.dll
2014-07-31 13:18 - 2010-05-26 11:41 - 00248672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx11_43.dll
2014-07-31 13:17 - 2014-07-31 13:17 - 00000195 _____ () C:\Windows\DirectX.log
2014-07-31 13:17 - 2009-09-04 17:29 - 00523088 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_42.dll
2014-07-31 13:17 - 2009-09-04 17:29 - 00453456 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_42.dll
2014-07-31 13:17 - 2006-11-29 13:06 - 04398360 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_32.dll
2014-07-31 13:17 - 2006-11-29 13:06 - 03426072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_32.dll
2014-07-31 13:16 - 2014-07-31 13:16 - 01239752 _____ (Microsoft Corporation) C:\Users\User\Downloads\wlsetup-web.exe
2014-07-30 19:03 - 2014-07-30 19:03 - 00000000 ____D () C:\Users\User\Desktop\Troll Radar
2014-07-30 15:34 - 2014-08-16 15:53 - 00000000 ____D () C:\Users\User\Desktop\PaintTool SAI English Pack
2014-07-30 15:34 - 2014-07-31 21:14 - 00000000 ____D () C:\Users\User\Desktop\PaintTool_SAI_English_ver.1.10
2014-07-30 15:33 - 2014-07-30 15:33 - 04906491 _____ () C:\Users\User\Downloads\PTSXD.rar
2014-07-30 14:24 - 2014-07-30 15:29 - 00000000 ____D () C:\PaintToolSAI
2014-07-30 14:23 - 2014-07-30 14:23 - 02467617 _____ () C:\Users\User\Downloads\sai-1.2.0-ful-en.exe
2014-07-28 14:34 - 2014-07-28 14:36 - 00000000 ____D () C:\ProgramData\HitmanPro
2014-07-28 14:34 - 2014-07-28 14:34 - 00000000 ____D () C:\Program Files\HitmanPro
2014-07-27 19:09 - 2014-07-27 19:10 - 02347384 _____ (ESET) C:\Users\User\Downloads\esetsmartinstaller_enu.exe
2014-07-27 16:53 - 2014-08-19 17:56 - 00122584 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2014-07-27 14:01 - 2014-07-27 14:01 - 00001105 _____ () C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2014-07-27 14:01 - 2014-07-27 14:01 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
2014-07-27 14:01 - 2014-07-27 14:01 - 00000000 ____D () C:\Program Files (x86)\Malwarebytes Anti-Malware
2014-07-27 14:01 - 2014-05-12 07:26 - 00091352 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys
2014-07-27 14:01 - 2014-05-12 07:26 - 00063704 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys
2014-07-27 14:01 - 2014-05-12 07:25 - 00025816 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys
2014-07-24 16:36 - 2014-07-24 16:38 - 45656939 _____ () C:\Users\User\Downloads\Pokemon Mystery Dungeon - Explorers of Sky.zip

==================== One Month Modified Files and Folders =======

(If an entry is included in the fixlist, the file\folder will be moved.)

2014-08-23 10:46 - 2014-08-17 16:12 - 00023025 _____ () C:\Users\User\Downloads\FRST.txt
2014-08-23 10:46 - 2014-08-17 16:12 - 00000000 ____D () C:\FRST
2014-08-23 10:43 - 2014-08-23 10:43 - 00000000 ____D () C:\Users\User\Downloads\FRST-OlderVersion
2014-08-23 10:43 - 2014-08-17 16:11 - 02103296 _____ (Farbar) C:\Users\User\Downloads\FRST64.exe
2014-08-23 10:42 - 2014-08-23 10:42 - 00003750 _____ () C:\Users\User\Desktop\HTML Files.zip
2014-08-23 10:42 - 2014-08-23 10:42 - 00000000 ____D () C:\Users\User\Desktop\HTML Files
2014-08-23 10:34 - 2012-08-13 18:43 - 00000000 ____D () C:\Users\User\AppData\Local\Paint.NET
2014-08-23 10:30 - 2012-09-05 16:01 - 00000890 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2014-08-23 10:19 - 2012-10-16 21:00 - 00000830 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2014-08-23 10:06 - 2012-09-05 16:01 - 00000894 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2014-08-23 10:00 - 2012-01-15 15:18 - 00000904 _____ () C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-249128142-3472015813-3436885645-1001UA.job
2014-08-23 09:52 - 2010-04-20 17:49 - 00000000 ____D () C:\Users\User\AppData\Local\Deployment
2014-08-23 09:00 - 2012-01-15 15:18 - 00000852 _____ () C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-249128142-3472015813-3436885645-1001Core.job
2014-08-23 08:22 - 2010-04-19 04:47 - 01827761 _____ () C:\Windows\WindowsUpdate.log
2014-08-23 05:22 - 2010-09-30 11:38 - 00000000 ____D () C:\ProgramData\MFAData
2014-08-22 22:29 - 2014-08-08 13:01 - 00000000 ____D () C:\Users\User\AppData\Roaming\Skype
2014-08-22 19:37 - 2014-08-04 18:18 - 00000000 ____D () C:\Users\User\Desktop\Stuff I Want On My New Computer
2014-08-22 18:08 - 2013-12-26 17:41 - 00000000 ____D () C:\Program Files (x86)\Steam
2014-08-22 18:00 - 2013-03-09 13:28 - 00001169 _____ () C:\Users\User\Desktop\ROBLOX Studio 2013.lnk
2014-08-22 18:00 - 2012-07-26 10:14 - 00001350 _____ () C:\Users\User\Desktop\ROBLOX.lnk
2014-08-22 18:00 - 2011-05-09 20:05 - 00000000 ____D () C:\Users\User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Roblox
2014-08-22 17:44 - 2014-02-01 14:38 - 00002926 _____ () C:\Users\User\Desktop\blender.lnk
2014-08-20 19:51 - 2014-07-07 15:29 - 00000000 ____D () C:\Program Files (x86)\Hearthstone
2014-08-20 19:51 - 2014-06-14 14:03 - 00000000 ____D () C:\Users\User\AppData\Local\Battle.net
2014-08-20 09:11 - 2012-02-25 14:37 - 00000000 ____D () C:\Users\User\AppData\Local\join.me
2014-08-19 17:56 - 2014-07-27 16:53 - 00122584 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2014-08-19 16:07 - 2014-08-19 16:07 - 00051430 _____ () C:\Users\User\Desktop\CheckResults.txt
2014-08-19 16:06 - 2014-08-17 16:15 - 00032580 _____ () C:\Users\User\Downloads\Addition.txt
2014-08-19 16:03 - 2014-08-19 16:03 - 01682416 _____ (Malwarebytes Corporation) C:\Users\User\Desktop\mbam-check-2.1.1.1001.exe
2014-08-19 13:05 - 2014-01-06 16:44 - 00000000 ____D () C:\Users\User\AppData\Roaming\Audacity
2014-08-19 02:58 - 2009-07-13 23:45 - 00020848 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-08-19 02:58 - 2009-07-13 23:45 - 00020848 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-08-18 18:30 - 2009-07-13 22:20 - 00000000 ____D () C:\Program Files\Common Files\Microsoft Shared
2014-08-18 17:39 - 2013-12-26 17:45 - 00000000 ____D () C:\Users\User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Steam
2014-08-17 17:52 - 2012-02-27 19:36 - 00000000 ____D () C:\Users\User\AppData\Roaming\.minecraft
2014-08-16 21:36 - 2012-10-16 21:00 - 00003768 _____ () C:\Windows\System32\Tasks\Adobe Flash Player Updater
2014-08-16 21:36 - 2012-05-07 20:21 - 00699568 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2014-08-16 21:36 - 2012-01-15 14:31 - 00071344 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2014-08-16 15:53 - 2014-07-30 15:34 - 00000000 ____D () C:\Users\User\Desktop\PaintTool SAI English Pack
2014-08-16 15:19 - 2014-07-07 15:27 - 00000000 ____D () C:\Program Files (x86)\Battle.net
2014-08-16 09:40 - 2012-05-15 01:59 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service
2014-08-15 22:10 - 2014-08-15 22:09 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2014-08-15 19:53 - 2012-01-15 15:19 - 00002362 _____ () C:\Users\User\Desktop\Google Chrome.lnk
2014-08-15 19:20 - 2014-08-15 19:20 - 00064285 _____ () C:\Users\User\Downloads\recording_1192867855_by_xxglitchmonsterxx-d7vbhxd.3gpp
2014-08-15 18:57 - 2014-06-14 12:55 - 00001139 _____ () C:\lm.log
2014-08-15 18:56 - 2012-06-28 14:11 - 00027136 _____ () C:\Windows\setupact.log
2014-08-15 18:56 - 2011-06-01 22:14 - 00000000 ____D () C:\ProgramData\NVIDIA
2014-08-15 18:56 - 2009-07-14 00:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-08-11 20:44 - 2014-08-11 20:43 - 32239888 _____ () C:\Users\User\Downloads\Firefox Setup 31.0.exe
2014-08-11 20:29 - 2014-08-11 20:28 - 00244120 _____ () C:\Users\User\Downloads\Firefox Setup Stub 31.0.exe
2014-08-11 20:12 - 2012-02-19 08:37 - 00000000 __SHD () C:\AI_RecycleBin
2014-08-11 20:12 - 2012-02-19 08:35 - 00000000 __SHD () C:\Windows\SysWOW64\AI_RecycleBin
2014-08-11 18:46 - 2014-08-11 18:46 - 02176448 _____ (Reason Software Company Inc.) C:\Users\User\Downloads\ShouldIRemoveIt_Setup.exe
2014-08-11 17:57 - 2014-08-11 17:57 - 17292760 _____ (Malwarebytes Corporation ) C:\Users\User\Downloads\mbam-setup-2.0.2.1012.exe
2014-08-11 16:41 - 2014-08-11 16:41 - 07835768 _____ () C:\Users\User\Downloads\join.me.exe
2014-08-11 15:48 - 2014-08-11 15:48 - 11465728 _____ () C:\Users\User\Downloads\join.me.msi
2014-08-10 16:53 - 2009-07-14 00:13 - 00799078 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-08-08 19:33 - 2014-08-08 18:49 - 00000000 ____D () C:\Users\User\Documents\RPGVXAce
2014-08-08 18:47 - 2013-02-26 13:35 - 00000000 ____D () C:\Program Files (x86)\Enterbrain
2014-08-08 13:46 - 2013-06-22 21:03 - 00000000 ____D () C:\Users\User\AppData\Local\Screencast-O-Matic
2014-08-08 13:02 - 2014-08-08 13:02 - 00000000 ____D () C:\Users\User\AppData\Local\Skype
2014-08-08 13:01 - 2014-08-08 13:01 - 00002515 _____ () C:\Users\Public\Desktop\Skype.lnk
2014-08-08 13:01 - 2014-08-08 13:01 - 00000000 ___RD () C:\Program Files (x86)\Skype
2014-08-08 13:01 - 2014-08-08 13:01 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype
2014-08-08 13:01 - 2014-08-08 13:00 - 00000000 ____D () C:\ProgramData\Skype
2014-08-08 12:59 - 2014-08-08 12:59 - 01677928 _____ (Skype Technologies S.A.) C:\Users\User\Downloads\SkypeSetup.exe
2014-08-07 18:19 - 2014-08-07 18:17 - 23729491 _____ (firealpaca.com ) C:\Users\User\Downloads\FireAlpaca_setup.exe
2014-08-06 19:21 - 2014-08-05 18:32 - 00000000 ____D () C:\Users\User\Documents\Bandicam
2014-08-06 15:19 - 2014-08-06 15:19 - 00000000 ____D () C:\Users\User\Downloads\desmume-0.9.9-win32
2014-08-06 15:02 - 2014-08-06 15:00 - 00000000 ____D () C:\Users\User\Documents\My Games
2014-08-05 19:10 - 2011-11-02 11:50 - 00000000 ____D () C:\Users\User\AppData\Local\Windows Live
2014-08-05 18:32 - 2014-08-05 18:32 - 00000000 ____D () C:\Users\User\AppData\Roaming\BANDISOFT
2014-08-05 18:32 - 2014-08-05 18:32 - 00000000 ____D () C:\Program Files (x86)\Bandicam
2014-08-05 18:32 - 2014-08-05 18:31 - 00000000 ____D () C:\Program Files (x86)\BandiMPEG1
2014-08-05 18:30 - 2014-08-05 18:30 - 09318872 _____ (Bandisoft) C:\Users\User\Downloads\bdcamsetup.exe
2014-08-05 17:08 - 2014-08-05 17:08 - 00918440 _____ (Oracle Corporation) C:\Users\User\Downloads\chromeinstall-7u67.exe
2014-08-05 16:43 - 2013-05-31 19:57 - 00000000 ____D () C:\Users\User\AppData\Roaming\.technic
2014-08-05 16:43 - 2013-05-31 19:55 - 02346942 _____ () C:\Users\User\Documents\TechnicLauncher.exe
2014-08-05 16:32 - 2011-12-19 14:57 - 00016896 ___SH () C:\Users\User\Thumbs.db
2014-08-05 16:21 - 2014-08-05 16:21 - 00675988 _____ () C:\Users\User\Downloads\Minecraft (1).exe
2014-08-05 16:18 - 2014-08-05 16:18 - 00000000 ____D () C:\Users\User\Documents\My Curse
2014-08-05 13:12 - 2014-08-05 13:12 - 00319912 _____ (Oracle Corporation) C:\Windows\system32\javaws.exe
2014-08-05 13:12 - 2014-08-05 13:12 - 00189352 _____ (Oracle Corporation) C:\Windows\system32\java.exe
2014-08-05 13:12 - 2014-08-05 13:12 - 00111016 _____ (Oracle Corporation) C:\Windows\system32\WindowsAccessBridge-64.dll
2014-08-05 13:12 - 2014-08-05 13:12 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
2014-08-05 13:12 - 2014-08-05 13:12 - 00000000 ____D () C:\Program Files\Java
2014-08-05 13:01 - 2014-08-05 13:01 - 00159578 _____ () C:\Users\User\Downloads\JavaRa-2.6.zip
2014-08-04 23:00 - 2011-04-17 09:03 - 00783872 ___SH () C:\Users\User\Documents\Thumbs.db
2014-07-31 22:57 - 2014-07-31 22:57 - 00000000 ____D () C:\Users\User\Desktop\Video Avatars
2014-07-31 21:14 - 2014-07-30 15:34 - 00000000 ____D () C:\Users\User\Desktop\PaintTool_SAI_English_ver.1.10
2014-07-31 13:21 - 2014-07-31 13:21 - 00001308 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Movie Maker.lnk
2014-07-31 13:21 - 2014-07-31 13:21 - 00000000 ____D () C:\Windows\en
2014-07-31 13:20 - 2014-07-31 13:20 - 00001377 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Photo Gallery.lnk
2014-07-31 13:20 - 2014-07-31 13:20 - 00000000 ____D () C:\Program Files (x86)\Microsoft SQL Server Compact Edition
2014-07-31 13:20 - 2014-07-31 13:19 - 00000000 ____D () C:\Program Files (x86)\Windows Live
2014-07-31 13:17 - 2014-07-31 13:17 - 00000195 _____ () C:\Windows\DirectX.log
2014-07-31 13:16 - 2014-07-31 13:16 - 01239752 _____ (Microsoft Corporation) C:\Users\User\Downloads\wlsetup-web.exe
2014-07-30 19:03 - 2014-07-30 19:03 - 00000000 ____D () C:\Users\User\Desktop\Troll Radar
2014-07-30 15:33 - 2014-07-30 15:33 - 04906491 _____ () C:\Users\User\Downloads\PTSXD.rar
2014-07-30 15:29 - 2014-07-30 14:24 - 00000000 ____D () C:\PaintToolSAI
2014-07-30 14:23 - 2014-07-30 14:23 - 02467617 _____ () C:\Users\User\Downloads\sai-1.2.0-ful-en.exe
2014-07-29 21:43 - 2011-05-12 19:25 - 00000000 ____D () C:\Blockland
2014-07-28 22:43 - 2012-07-20 19:38 - 00228596 _____ () C:\Windows\PFRO.log
2014-07-28 14:36 - 2014-07-28 14:34 - 00000000 ____D () C:\ProgramData\HitmanPro
2014-07-28 14:34 - 2014-07-28 14:34 - 00000000 ____D () C:\Program Files\HitmanPro
2014-07-27 19:10 - 2014-07-27 19:09 - 02347384 _____ (ESET) C:\Users\User\Downloads\esetsmartinstaller_enu.exe
2014-07-27 14:01 - 2014-07-27 14:01 - 00001105 _____ () C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2014-07-27 14:01 - 2014-07-27 14:01 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
2014-07-27 14:01 - 2014-07-27 14:01 - 00000000 ____D () C:\Program Files (x86)\Malwarebytes Anti-Malware
2014-07-27 14:01 - 2010-12-26 16:08 - 00000000 ____D () C:\Users\User\AppData\Roaming\Malwarebytes
2014-07-27 14:01 - 2010-12-26 16:07 - 00000000 ____D () C:\ProgramData\Malwarebytes
2014-07-27 14:00 - 2010-12-26 16:07 - 00000000 ____D () C:\Program Files (x86)\Malwarebytes' Anti-Malware
2014-07-27 07:38 - 2014-05-16 22:40 - 00000000 ____D () C:\Users\User\Desktop\Blender Models and Projects
2014-07-26 16:23 - 2011-05-09 20:04 - 00000000 ____D () C:\Users\User\AppData\Local\Roblox
2014-07-24 16:38 - 2014-07-24 16:36 - 45656939 _____ () C:\Users\User\Downloads\Pokemon Mystery Dungeon - Explorers of Sky.zip

Files to move or delete:
====================
C:\ProgramData\hash.dat
C:\Users\User\install_flashplayer10x32_mssa_aih.exe
C:\Users\User\install_flashplayer11x32au_mssa_aaa_aih.exe
C:\Users\User\install_flashplayer11x32au_mssa_aih.exe


==================== Bamital & volsnap Check =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed


LastRegBack: 2014-08-17 00:19

==================== End Of Log ============================

Link to post
Share on other sites

Here's the Addition.txt log, along with the .zip file.

 

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 23-08-2014
Ran by User at 2014-08-23 10:46:45
Running from C:\Users\User\Downloads
Boot Mode: Normal
==========================================================


==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: AVG AntiVirus Free Edition 2013 (Enabled - Up to date) {0E9420C4-06B3-7FA0-3AB1-6E49CB52ECD9}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: AVG AntiVirus Free Edition 2013 (Enabled - Up to date) {B5F5C120-2089-702E-0001-553BB0D5A664}

==================== Installed Programs ======================

(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

Acronis True Image Home (HKLM-x32\...\{67ED38A3-4882-448B-B44D-3428AB00D7D5}) (Version: 13.0.7160 - Acronis)
Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 3.1.0.4880 - Adobe Systems Incorporated)
Adobe AIR (x32 Version: 3.1.0.4880 - Adobe Systems Incorporated) Hidden
Adobe Flash Player 14 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 14.0.0.145 - Adobe Systems Incorporated)
Adobe Flash Player 14 Plugin (HKLM-x32\...\Adobe Flash Player Plugin) (Version: 14.0.0.179 - Adobe Systems Incorporated)
Adobe Reader X (10.1.2) (HKLM-x32\...\{AC76BA86-7AD7-1033-7B44-AA1000000001}) (Version: 10.1.2 - Adobe Systems Incorporated)
Adobe Shockwave Player 11.6 (HKLM-x32\...\Adobe Shockwave Player) (Version: 11.6.7.637 - Adobe Systems, Inc.)
Audacity 2.0.5 (HKLM-x32\...\Audacity_is1) (Version: 2.0.5 - Audacity Team)
AVG 2013 (HKLM\...\AVG) (Version: 2013.0.3485 - AVG Technologies)
AVG 2013 (Version: 13.0.3485 - AVG Technologies) Hidden
AVG 2013 (Version: 13.0.3955 - AVG Technologies) Hidden
Bandicam (HKLM-x32\...\Bandicam) (Version: 2.0.2.655 - Bandisoft.com)
Bandisoft MPEG-1 Decoder (HKLM-x32\...\BandiMPEG1) (Version:  - Bandisoft.com)
Battle.net (HKLM-x32\...\Battle.net) (Version:  - Blizzard Entertainment)
Blender (HKLM\...\Blender) (Version: 2.70 - Blender Foundation)
CCleaner (HKLM\...\CCleaner) (Version: 3.19 - Piriform)
Cisco EAP-FAST Module (HKLM-x32\...\{64BF0187-F3D2-498B-99EA-163AF9AE6EC9}) (Version: 2.2.14 - Cisco Systems, Inc.)
Cisco LEAP Module (HKLM-x32\...\{51C7AD07-C3F6-4635-8E8A-231306D810FE}) (Version: 1.0.19 - Cisco Systems, Inc.)
Cisco PEAP Module (HKLM-x32\...\{ED5776D5-59B4-46B7-AF81-5F2D94D7C640}) (Version: 1.1.6 - Cisco Systems, Inc.)
Compatibility Pack for the 2007 Office system (HKLM-x32\...\{90120000-0020-0409-0000-0000000FF1CE}) (Version: 12.0.6612.1000 - Microsoft Corporation)
Curse Client (HKCU\...\101a9f93b8f0bb6f) (Version: 5.1.1.810 - Curse)
D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
Defraggler (HKLM\...\Defraggler) (Version: 2.16 - Piriform)
Epson Print CD (HKLM-x32\...\{D16A31F9-276D-4968-A753-FFEAC56995D0}) (Version: 2.00.00 - SEIKO EPSON CORPORATION)
EPSON Printer Software (HKLM\...\EPSON Printer and Utilities) (Version:  - SEIKO EPSON Corporation)
EPSON Scan (HKLM-x32\...\EPSON Scanner) (Version:  - )
FireAlpaca 1.0.51 (HKLM-x32\...\FireAlpaca_is1) (Version: 1.0.51 - firealpaca.com)
Google Chrome (HKCU\...\Google Chrome) (Version: 36.0.1985.143 - Google Inc.)
Google Earth (HKLM-x32\...\{4D2A6330-2F8B-11E3-9C40-B8AC6F97B88E}) (Version: 7.1.2.2041 - Google)
Google Talk Plugin (HKLM-x32\...\{C1E3DFE7-4EAD-3E9E-A826-E06055BA5921}) (Version: 5.4.2.18903 - Google)
Google Update Helper (x32 Version: 1.3.24.15 - Google Inc.) Hidden
Hearthstone (HKLM-x32\...\Hearthstone) (Version:  - Blizzard Entertainment)
Java 7 Update 25 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83217025FF}) (Version: 7.0.250 - Oracle)
Java 7 Update 65 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F06417065FF}) (Version: 7.0.650 - Oracle)
Java Auto Updater (x32 Version: 2.1.9.5 - Sun Microsystems, Inc.) Hidden
join.me (HKCU\...\JoinMe) (Version: 1.15.0.136 - LogMeIn, Inc.)
Malwarebytes Anti-Malware version 2.0.2.1012 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.0.2.1012 - Malwarebytes Corporation)
Microsoft .NET Framework 4.5.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 (Version: 4.5.50938 - Microsoft Corporation) Hidden
Microsoft Application Error Reporting (Version: 12.0.6015.5000 - Microsoft Corporation) Hidden
Microsoft IntelliType Pro 8.2 (HKLM\...\Microsoft IntelliType Pro 8.2) (Version: 8.20.469.0 - Microsoft Corporation)
Microsoft IntelliType Pro 8.2 (Version: 8.20.469.0 - Microsoft Corporation) Hidden
Microsoft Office File Validation Add-In (HKLM-x32\...\{90140000-2005-0000-0000-0000000FF1CE}) (Version: 14.0.5130.5003 - Microsoft Corporation)
Microsoft Office Professional Edition 2003 (HKLM-x32\...\{91110409-6000-11D3-8CFE-0150048383C9}) (Version: 11.0.8173.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft XNA Framework Redistributable 4.0 (HKLM-x32\...\{2BFC7AA0-544C-4E3A-8796-67F3BE655BE9}) (Version: 4.0.20823.0 - Microsoft Corporation)
Movie Maker (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Mozilla Firefox 31.0 (x86 en-US) (HKLM-x32\...\Mozilla Firefox 31.0 (x86 en-US)) (Version: 31.0 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 29.0 - Mozilla)
MSVCRT (x32 Version: 15.4.2862.0708 - Microsoft) Hidden
MSVCRT110 (x32 Version: 16.4.1108.0727 - Microsoft) Hidden
MSVCRT110_amd64 (Version: 16.4.1109.0912 - Microsoft) Hidden
Nexon Game Manager (HKLM-x32\...\{EA2DB6E0-72C5-4ef9-A3A0-E6705F4A6A9E}) (Version:  - )
NVIDIA 3D Vision Controller Driver (x32 Version: 275.33 - NVIDIA Corporation) Hidden
NVIDIA 3D Vision Controller Driver 275.33 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB) (Version: 275.33 - NVIDIA Corporation)
NVIDIA 3D Vision Driver 335.23 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 335.23 - NVIDIA Corporation)
NVIDIA Control Panel 335.23 (Version: 335.23 - NVIDIA Corporation) Hidden
NVIDIA Drivers (HKLM\...\NVIDIA Drivers) (Version: 1.10.62.40 - NVIDIA Corporation)
NVIDIA Graphics Driver 335.23 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 335.23 - NVIDIA Corporation)
NVIDIA Install Application (Version: 2.1002.145.1024 - NVIDIA Corporation) Hidden
NVIDIA PhysX (x32 Version: 9.10.0514 - NVIDIA Corporation) Hidden
NVIDIA PhysX System Software 9.10.0514 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.10.0514 - NVIDIA Corporation)
NVIDIA Stereoscopic 3D Driver (x32 Version: 7.17.13.3523 - NVIDIA Corporation) Hidden
NVIDIA Update 10.4.0 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update) (Version: 10.4.0 - NVIDIA Corporation)
NVIDIA Update Components (Version: 1.15.2 - NVIDIA Corporation) Hidden
NVIDIA Update Core (Version: 10.4.0 - NVIDIA Corporation) Hidden
Paint.NET v3.5.10 (HKLM\...\{529125EF-E3AC-4B74-97E6-F688A7C0F1C0}) (Version: 3.60.0 - dotPDN LLC)
Pando Media Booster (HKLM-x32\...\{980A182F-E0A2-4A40-94C1-AE0C1235902E}) (Version: 2.6.0.9 - Pando Networks Inc.)
Photo Gallery (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
PrimoPDF -- brought to you by Nitro PDF Software (HKLM-x32\...\PrimoPDF) (Version: 5 - Nitro PDF Software)
PVSonyDll (Version: 1.00.0001 - NVIDIA Corporation) Hidden
RGSS-RTP Standard (HKLM-x32\...\RGSS-RTP Standard_is1) (Version: 1.04 - Enterbrain)
ROBLOX Player for User (HKCU\...\{373B1718-8CC5-4567-8EE2-9033AD08A680}) (Version:  - ROBLOX Corporation)
ROBLOX Studio 2013 for User (HKCU\...\{2922D6F1-2865-4EFA-97A9-94EEAB3AFA14}) (Version:  - ROBLOX Corporation)
RPG Maker VX (HKLM-x32\...\RPG Maker VX_is1) (Version: 1.02 - Enterbrain)
RPG Maker VX Ace (HKLM-x32\...\RPGVXAce_E_is1) (Version: 1.02 - Enterbrain)
RPG MAKER VX Ace RTP (HKLM-x32\...\RPGVXAce_RTP_is1) (Version: 1.00 - Enterbrain)
RPG Maker VX RTP (HKLM-x32\...\RPG Maker VX RTP_is1) (Version: 1.02 - Enterbrain)
RPG Maker XP (HKLM-x32\...\RPG Maker XP_is1) (Version: 1.04 - Enterbrain)
Screencast-O-Matic (HKCU\...\Screencast-O-Matic) (Version:  - Screencast-O-Matic)
Skype™ 6.18 (HKLM-x32\...\{7A3C7E05-EE37-47D6-99E1-2EB05A3DA3F7}) (Version: 6.18.106 - Skype Technologies S.A.)
Source Filmmaker (HKLM-x32\...\Steam App 1840) (Version:  - Valve)
Spiral Knights (HKLM-x32\...\Steam App 99900) (Version:  - Three Rings)
Steam (HKLM-x32\...\Steam) (Version:  - Valve Corporation)
swMSM (x32 Version: 12.0.0.1 - Adobe Systems, Inc) Hidden
System Requirements Lab (HKLM-x32\...\SystemRequirementsLab) (Version:  - )
TEdit 3 (HKLM-x32\...\{2DA51958-95C0-4755-A993-79FC137E7DB8}) (Version: 3.5.14060.0 - BinaryConstruct)
Tenda Wireless LAN Card (HKLM-x32\...\{192BCCC6-C47B-4473-B187-5164185A413C}) (Version: 1.0.0.0 - Tenda)
Terraria (HKLM-x32\...\Steam App 105600) (Version:  - Re-Logic)
Unity Web Player (HKCU\...\UnityWebPlayer) (Version:  - Unity Technologies ApS)
Ventrilo Client for Windows x64 (HKLM\...\{EEB3F6BB-318D-4CE5-989F-8191FCBFB578}) (Version: 3.0.5.0 - Flagship Industries, Inc.)
Visual C++ 8.0 Runtime Setup Package (x64) (HKLM-x32\...\{2FDBBCEA-62DB-45F4-B6E5-0E1FB2A1F29D}) (Version: 9.0.0.623 - AVG Technologies CZ, s.r.o.)
Visual Studio 2008 x64 Redistributables (HKLM-x32\...\{FCDBEA60-79F0-4FAE-BBA8-55A26C609A49}) (Version: 10.0.0.2 - AVG Technologies)
Visual Studio 2010 x64 Redistributables (HKLM\...\{21B133D6-5979-47F0-BE1C-F6A6B304693F}) (Version: 13.0.0.1 - AVG Technologies)
Vizzed Retro Game Room (HKLM-x32\...\{6D9F35D2-1D6F-4E17-A79F-991A7BD24AAD}) (Version: 2.0.0 - Vizzed)
WeatherBug (HKLM-x32\...\{8F018A9E-56DE-4A79-A5EF-25F413F1D538}) (Version: 7.0.0.3 - AWS Convergence Technologies)
Windows 7 Codec Pack 2.5.0 (HKLM-x32\...\Windows 7 - Codec Pack) (Version:  - Windows 7 Codec Pack)
Windows Live Communications Platform (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 16.4.3528.0331 - Microsoft Corporation)
Windows Live Essentials (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Windows Live ID Sign-in Assistant (Version: 7.250.4311.0 - Microsoft Corporation) Hidden
Windows Live Installer (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Windows Live Photo Common (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Windows Live PIMT Platform (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Windows Live SOXE (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Windows Live SOXE Definitions (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Windows Live UX Platform (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Windows Live UX Platform Language Pack (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
WinRAR archiver (HKLM-x32\...\WinRAR archiver) (Version:  - )
World of Warcraft (HKLM-x32\...\World of Warcraft) (Version:  - Blizzard Entertainment)

==================== Custom CLSID (selected items): ==========================

(If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)

CustomCLSID: HKU\S-1-5-21-249128142-3472015813-3436885645-1001_Classes\CLSID\{355EC88A-02E2-4547-9DEE-F87426484BD1}\InprocServer32 -> C:\Users\User\AppData\Local\Google\Update\1.3.23.9\psuser_64.dll No File
CustomCLSID: HKU\S-1-5-21-249128142-3472015813-3436885645-1001_Classes\CLSID\{84f4687c-2b46-41e0-9ec5-bd2f181aef08}\InprocServer32 -> C:\Windows\system32\dfshim.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-249128142-3472015813-3436885645-1001_Classes\CLSID\{90B3DFBF-AF6A-4EA0-8899-F332194690F8}\InprocServer32 -> C:\Users\User\AppData\Local\Google\Update\1.3.24.15\psuser_64.dll (Google Inc.)
CustomCLSID: HKU\S-1-5-21-249128142-3472015813-3436885645-1001_Classes\CLSID\{D45F043D-F17F-4e8a-8435-70971D9FA46D}\InprocServer32 -> C:\Program Files\Blender Foundation\Blender\BlendThumb64.dll ()
CustomCLSID: HKU\S-1-5-21-249128142-3472015813-3436885645-1001_Classes\CLSID\{E8CF3E55-F919-49D9-ABC0-948E6CB34B9F}\InprocServer32 -> C:\Users\User\AppData\Local\Google\Update\1.3.24.15\psuser_64.dll (Google Inc.)
CustomCLSID: HKU\S-1-5-21-249128142-3472015813-3436885645-1001_Classes\CLSID\{ec48cb97-8875-493c-8ac2-ded9620ab619}\InprocServer32 -> C:\Windows\system32\dfshim.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-249128142-3472015813-3436885645-1001_Classes\CLSID\{f484ba87-0622-418d-9fc1-94fcf7e5128e}\InprocServer32 -> C:\Windows\system32\dfshim.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-249128142-3472015813-3436885645-1001_Classes\CLSID\{FE498BAB-CB4C-4F88-AC3F-3641AAAF5E9E}\InprocServer32 -> C:\Users\User\AppData\Local\Google\Update\1.3.24.7\psuser_64.dll No File

==================== Restore Points  =========================


==================== Hosts content: ==========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2009-07-13 21:34 - 2009-06-10 16:00 - 00000824 ____A C:\Windows\system32\Drivers\etc\hosts

==================== Scheduled Tasks (whitelisted) =============

(If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.)

Task: {139804C5-617D-451E-B388-DBA362499462} - System32\Tasks\Java Update Scheduler => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [2013-03-12] (Oracle Corporation)
Task: {3CB996BD-FFC4-41C6-815B-6A64CA1A3223} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2014-08-16] (Adobe Systems Incorporated)
Task: {463B0C88-2054-4BE7-85FE-FFF48A467FE7} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2012-09-05] (Google Inc.)
Task: {84ED6FD1-70D2-417D-8470-5D40B2C2C17E} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2012-09-05] (Google Inc.)
Task: {906EDC3E-1A29-4A63-B4E4-EACC3719AA26} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-249128142-3472015813-3436885645-1001Core => C:\Users\User\AppData\Local\Google\Update\GoogleUpdate.exe [2012-01-15] (Google Inc.)
Task: {A5CB2953-10FB-4DDC-A2C9-0178B279DD3A} - System32\Tasks\Microsoft_Hardware_Launch_IType_exe => C:\Program Files\Microsoft IntelliType Pro\IType.exe [2011-08-10] (Microsoft Corporation)
Task: {B288FC96-863E-492D-86FA-21D557AFF6CD} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-249128142-3472015813-3436885645-1001UA => C:\Users\User\AppData\Local\Google\Update\GoogleUpdate.exe [2012-01-15] (Google Inc.)
Task: {D1AEADD3-9BC2-4E1F-8948-074EDE11B396} - System32\Tasks\Google Updater and Installer => C:\Users\User\AppData\Local\Google\Update\GoogleUpdate.exe [2012-01-15] (Google Inc.)
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-249128142-3472015813-3436885645-1001Core.job => C:\Users\User\AppData\Local\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-249128142-3472015813-3436885645-1001UA.job => C:\Users\User\AppData\Local\Google\Update\GoogleUpdate.exe

==================== Loaded Modules (whitelisted) =============

2011-03-30 16:05 - 2011-02-28 17:37 - 00095008 _____ () C:\Windows\System32\Primomonnt.dll
2012-11-02 03:46 - 2014-03-04 08:05 - 00116056 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax64.dll

==================== Alternate Data Streams (whitelisted) =========

(If an entry is included in the fixlist, only the Alternate Data Streams will be removed.)


==================== Safe Mode (whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)


==================== EXE Association (whitelisted) =============

(If an entry is included in the fixlist, the default will be restored. None default entries will be removed.)


==================== MSCONFIG/TASK MANAGER disabled items =========

(Currently there is no automatic fix for this section.)

MSCONFIG\Services: afcdpsrv => 2
MSCONFIG\Services: bthserv => 3
MSCONFIG\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^aiStarter.lnk => C:\Windows\pss\aiStarter.lnk.CommonStartup
MSCONFIG\startupreg: Acronis Scheduler2 Service => "C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedhlp.exe"
MSCONFIG\startupreg: Adobe ARM => "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
MSCONFIG\startupreg: EPSON Stylus Photo RX595 Series => C:\Windows\system32\spool\DRIVERS\x64\3\E_IATICLA.EXE /FU "C:\Windows\TEMP\E_S781B.tmp" /EF "HKCU"
MSCONFIG\startupreg: Google Update => "C:\Users\User\AppData\Local\Google\Update\GoogleUpdate.exe" /c
MSCONFIG\startupreg: itype => "C:\Program Files\Microsoft IntelliType Pro\itype.exe"
MSCONFIG\startupreg: Messenger (Yahoo!) => "C:\PROGRA~2\Yahoo!\Messenger\YahooMessenger.exe" -quiet
MSCONFIG\startupreg: OutfoxTV => C:\Program Files\OutfoxTV\OutfoxTV\DesktopContainer.exe
MSCONFIG\startupreg: Pando Media Booster => C:\Program Files (x86)\Pando Networks\Media Booster\PMB.exe
MSCONFIG\startupreg: TrueImageMonitor.exe => C:\Program Files (x86)\Acronis\TrueImageHome\TrueImageMonitor.exe

==================== Faulty Device Manager Devices =============


==================== Event log errors: =========================

Application errors:
==================
Error: (08/18/2014 07:18:20 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: The program hammer.exe version 0.0.0.0 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Action Center control panel.

Process ID: 398

Start Time: 01cfbb42f52f6f60

Termination Time: 338

Application Path: C:\Program Files (x86)\Steam\steamapps\common\SourceFilmmaker\game\bin\hammer.exe

Report Id: 3faafff1-2736-11e4-b226-90fba624d4c7

Error: (08/18/2014 00:17:15 AM) (Source: SideBySide) (EventID: 80) (User: )
Description: Activation context generation failed for "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1".Error in manifest or policy file "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" on line C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3.
A component version required by the application conflicts with another component version already active.
Conflicting components are:.
Component 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Component 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.

Error: (08/17/2014 08:32:04 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: The program plugin-container.exe version 31.0.0.5310 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Action Center control panel.

Process ID: 159c

Start Time: 01cfba8410cc1f80

Termination Time: 6

Application Path: C:\Program Files (x86)\Mozilla Firefox\plugin-container.exe

Report Id:

Error: (08/11/2014 07:41:45 PM) (Source: SideBySide) (EventID: 80) (User: )
Description: Activation context generation failed for "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1".Error in manifest or policy file "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" on line C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3.
A component version required by the application conflicts with another component version already active.
Conflicting components are:.
Component 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Component 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.

Error: (08/11/2014 03:23:23 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: Skype.exe, version: 6.18.0.106, time stamp: 0x53d13f6d
Faulting module name: Skype.exe, version: 6.18.0.106, time stamp: 0x53d13f6d
Exception code: 0xc0000094
Fault offset: 0x00bdaf9b
Faulting process id: 0x158c
Faulting application start time: 0xSkype.exe0
Faulting application path: Skype.exe1
Faulting module path: Skype.exe2
Report Id: Skype.exe3

Error: (08/10/2014 00:09:39 AM) (Source: Application Hang) (EventID: 1002) (User: )
Description: The program Wow-64.exe version 5.4.8.18414 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Action Center control panel.

Process ID: 1d94

Start Time: 01cfb422ed337530

Termination Time: 12049

Application Path: E:\World of Warcraft\Wow-64.exe

Report Id: 3e60d431-204c-11e4-9e60-90fba624d4c7

Error: (08/07/2014 07:55:57 PM) (Source: Chrome) (EventID: 1) (User: User-PC)
Description: Chrome has encountered a fatal error.
ver=36.0.1985.125;lang=;guid=50A34F9347784753A8D3B71D5777BB04;is_machine=0;oop=1;upload=1;minidump=C:\Users\User\AppData\Local\Google\CrashReports\b80ccc8d-50fd-4a96-968f-75811f4fb4bd.dmp

Error: (08/05/2014 01:07:04 PM) (Source: SideBySide) (EventID: 80) (User: )
Description: Activation context generation failed for "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1".Error in manifest or policy file "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" on line C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3.
A component version required by the application conflicts with another component version already active.
Conflicting components are:.
Component 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Component 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.

Error: (07/31/2014 04:03:04 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: Flash.exe, version: 8.0.0.478, time stamp: 0x4315901b
Faulting module name: Flash.exe, version: 8.0.0.478, time stamp: 0x4315901b
Exception code: 0xc0000094
Fault offset: 0x00364f3c
Faulting process id: 0x205c
Faulting application start time: 0xFlash.exe0
Faulting application path: Flash.exe1
Faulting module path: Flash.exe2
Report Id: Flash.exe3

Error: (07/30/2014 03:16:57 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: FireAlpaca.exe, version: 0.0.0.0, time stamp: 0x5250102e
Faulting module name: FireAlpaca.exe, version: 0.0.0.0, time stamp: 0x5250102e
Exception code: 0xc0000005
Fault offset: 0x001e362b
Faulting process id: 0xac0
Faulting application start time: 0xFireAlpaca.exe0
Faulting application path: FireAlpaca.exe1
Faulting module path: FireAlpaca.exe2
Report Id: FireAlpaca.exe3


System errors:
=============
Error: (08/19/2014 06:53:25 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The Steam Client Service service failed to start due to the following error:
%%1053

Error: (08/19/2014 06:53:25 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: A timeout was reached (30000 milliseconds) while waiting for the Steam Client Service service to connect.

Error: (08/15/2014 07:28:39 PM) (Source: DCOM) (EventID: 10010) (User: )
Description: {752073A1-23F2-4396-85F0-8FDB879ED0ED}

Error: (08/15/2014 07:04:11 PM) (Source: Service Control Manager) (EventID: 7022) (User: )
Description: The Windows Update service hung on starting.

Error: (08/15/2014 07:01:36 PM) (Source: Service Control Manager) (EventID: 7022) (User: )
Description: The NVIDIA Update Service Daemon service hung on starting.

Error: (08/15/2014 06:56:56 PM) (Source: Service Control Manager) (EventID: 7026) (User: )
Description: The following boot-start or system-start driver(s) failed to load:
cdrom

Error: (08/15/2014 06:56:41 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The Windows Live ID Sign-in Assistant service failed to start due to the following error:
%%1053

Error: (08/15/2014 06:56:41 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: A timeout was reached (30000 milliseconds) while waiting for the Windows Live ID Sign-in Assistant service to connect.

Error: (08/15/2014 06:56:14 PM) (Source: Service Control Manager) (EventID: 7006) (User: )
Description: The ScRegSetValueExW call failed for FailureActions with the following error:
%%5

Error: (08/12/2014 00:40:10 PM) (Source: Service Control Manager) (EventID: 7006) (User: )
Description: The ScRegSetValueExW call failed for FailureActions with the following error:
%%5


Microsoft Office Sessions:
=========================
Error: (08/18/2014 07:18:20 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: hammer.exe0.0.0.039801cfbb42f52f6f60338C:\Program Files (x86)\Steam\steamapps\common\SourceFilmmaker\game\bin\hammer.exe3faafff1-2736-11e4-b226-90fba624d4c7

Error: (08/18/2014 00:17:15 AM) (Source: SideBySide) (EventID: 80) (User: )
Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifestc:\Users\User\downloads\esetsmartinstaller_enu.exe

Error: (08/17/2014 08:32:04 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: plugin-container.exe31.0.0.5310159c01cfba8410cc1f806C:\Program Files (x86)\Mozilla Firefox\plugin-container.exe

Error: (08/11/2014 07:41:45 PM) (Source: SideBySide) (EventID: 80) (User: )
Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifestC:\Users\User\Downloads\esetsmartinstaller_enu.exe

Error: (08/11/2014 03:23:23 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Skype.exe6.18.0.10653d13f6dSkype.exe6.18.0.10653d13f6dc000009400bdaf9b158c01cfb594a82e7d40C:\Program Files (x86)\Skype\Phone\Skype.exeC:\Program Files (x86)\Skype\Phone\Skype.exe56cfa510-2195-11e4-9e60-90fba624d4c7

Error: (08/10/2014 00:09:39 AM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Wow-64.exe5.4.8.184141d9401cfb422ed33753012049E:\World of Warcraft\Wow-64.exe3e60d431-204c-11e4-9e60-90fba624d4c7

Error: (08/07/2014 07:55:57 PM) (Source: Chrome) (EventID: 1) (User: User-PC)
Description: Chrome has encountered a fatal error.
ver=36.0.1985.125;lang=;guid=50A34F9347784753A8D3B71D5777BB04;is_machine=0;oop=1;upload=1;minidump=C:\Users\User\AppData\Local\Google\CrashReports\b80ccc8d-50fd-4a96-968f-75811f4fb4bd.dmp

Error: (08/05/2014 01:07:04 PM) (Source: SideBySide) (EventID: 80) (User: )
Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifestC:\Users\User\Downloads\esetsmartinstaller_enu.exe

Error: (07/31/2014 04:03:04 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Flash.exe8.0.0.4784315901bFlash.exe8.0.0.4784315901bc000009400364f3c205c01cfacfd8144a280C:\Users\User\AppData\Local\Temp\ir_ext_temp_3\AutoPlay\Docs\Flash.exeC:\Users\User\AppData\Local\Temp\ir_ext_temp_3\AutoPlay\Docs\Flash.exe0fce20d0-18f6-11e4-bc5c-90fba624d4c7

Error: (07/30/2014 03:16:57 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: FireAlpaca.exe0.0.0.05250102eFireAlpaca.exe0.0.0.05250102ec0000005001e362bac001cfac332c981660D:\My Documents\Jordan's Projects\Everyone else is doing it so, I guess I'll do it too! (New Profile Picture - Maybe___) - Sketchfu_files\FireAlpaca\FireAlpaca.exeD:\My Documents\Jordan's Projects\Everyone else is doing it so, I guess I'll do it too! (New Profile Picture - Maybe___) - Sketchfu_files\FireAlpaca\FireAlpaca.exe740ae360-1826-11e4-bc5c-90fba624d4c7


==================== Memory info ===========================

Processor: AMD Athlon 7550 Dual-Core Processor
Percentage of memory in use: 51%
Total physical RAM: 2046.49 MB
Available physical RAM: 993.11 MB
Total Pagefile: 6754.06 MB
Available Pagefile: 4958.53 MB
Total Virtual: 8192 MB
Available Virtual: 8191.86 MB

==================== Drives ================================

Drive c: (Sys) (Fixed) (Total:118.55 GB) (Free:6.83 GB) NTFS
Drive d: (Data) (Fixed) (Total:41.96 GB) (Free:37.61 GB) NTFS
Drive e: (Ent) (Fixed) (Total:137.48 GB) (Free:99.05 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 298.1 GB) (Disk ID: 146E9FFB)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=118.5 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=42 GB) - (Type=07 NTFS)
Partition 4: (Not Active) - (Size=137.5 GB) - (Type=OF Extended)

==================== End Of Log ============================

HTML Files.zip

Link to post
Share on other sites

  • Root Admin

Please go to your Control Panel, Add/Remove and look for and uninstall the AVG Secure Search toolbar.
Insecure AVG search tool
Vulnerability Note VU#960193 - AVG Safeguard and Secure Search ActiveX controls provides insecure methods


Temporarily disable your AVG antivirus and run the following.
 
 
 
Please go into Control Panel, Add/Remove and uninstall ALL versions of Java and then run the following.
 
Please download JavaRa-1.16 and save it to your computer.

  • Double click to open the zip file and then select all and choose Copy.
  • Create a new folder on your Desktop named RemoveJava and paste the files into this new folder.
  • Quit all browsers and other running applications.
  • Right-click on JavaRa.exe in RemoveJava folder and choose Run as administrator to start the program.
  • From the drop-down menu, choose English and click on Select.
  • JavaRa will open; click on Remove Older Versions to remove the older versions of Java installed on your computer.
  • Click Yes when prompted. When JavaRa is done, a notice will appear that a logfile has been produced. Click OK.
  • A logfile will pop up. Please save it to a convenient location and post it in your next reply.

Next:
 
Please Run TFC by OldTimer to clear temporary files:

  • Download TFC from here and save it to your desktop.
  • http://oldtimer.geekstogo.com/TFC.exe
  • Close any open programs and Internet browsers.
  • Double click TFC.exe to run it on XP (for Vista and Windows 7 right click and choose "Run as administrator") and once it opens click on the Start button on the lower left of the program to allow it to begin cleaning.
  • Please be patient as clearing out temp files may take a while.
  • Once it completes you may be prompted to restart your computer, please do so.
  • Once it's finished you may delete TFC.exe from your desktop or save it for later use for the cleaning of temporary files.

 

 

Next,

 

Please download the attached fixlist.txt file and save it to the Desktop.
NOTE. It's important that both files, FRST or FRST64 and fixlist.txt are in the same location or the fix will not work.

NOTICE: This script was written specifically for this user, for use on this particular machine. Running this on another machine may cause damage to your operating system.

Run FRST or FRST64 and press the Fix button just once and wait.
If the tool needs a restart please make sure you let the system restart normally and let the tool complete its run after restart.
The tool will make a log on the Desktop (Fixlog.txt). Please attach or post it to your next reply.

Note: If the tool warned you about an outdated version please download and run the updated version.

 

 

fixlist.txt

Link to post
Share on other sites

I couldn't find AVG Secure Toolbar in my Programs List.

 

JavaRa 1.16 Removal Log.

Report follows after line.

------------------------------------

The JavaRa removal process was started on Sun Aug 24 18:25:40 2014

There was an error removing C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-ABCDEFFDCBA}. The error returned was 124.

There was an error removing C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0001-ABCDEFFDCBA}. The error returned was 124.

There was an error removing C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0002-ABCDEFFDCBA}. The error returned was 124.

There was an error removing C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0003-ABCDEFFDCBA}. The error returned was 124.

There was an error removing C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0004-ABCDEFFDCBA}. The error returned was 124.

There was an error removing C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0005-ABCDEFFDCBA}. The error returned was 124.

There was an error removing C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0006-ABCDEFFDCBA}. The error returned was 124.

There was an error removing C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0007-ABCDEFFDCBA}. The error returned was 124.

There was an error removing C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0008-ABCDEFFDCBA}. The error returned was 124.

There was an error removing C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0009-ABCDEFFDCBA}. The error returned was 124.

There was an error removing C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0010-ABCDEFFDCBA}. The error returned was 124.

There was an error removing C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0011-ABCDEFFDCBA}. The error returned was 124.

There was an error removing C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0012-ABCDEFFDCBA}. The error returned was 124.

There was an error removing C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0013-ABCDEFFDCBA}. The error returned was 124.

There was an error removing C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0014-ABCDEFFDCBA}. The error returned was 124.

There was an error removing C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0015-ABCDEFFDCBA}. The error returned was 124.

There was an error removing C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0016-ABCDEFFDCBA}. The error returned was 124.

There was an error removing C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0017-ABCDEFFDCBA}. The error returned was 124.

There was an error removing C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0018-ABCDEFFDCBA}. The error returned was 124.

There was an error removing C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0019-ABCDEFFDCBA}. The error returned was 124.

There was an error removing C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0020-ABCDEFFDCBA}. The error returned was 124.

There was an error removing C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0021-ABCDEFFDCBA}. The error returned was 124.

There was an error removing C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0022-ABCDEFFDCBA}. The error returned was 124.

Found and removed: Applications\java.exe

Found and removed: Applications\javaw.exe

Found and removed: CLSID\{CAFEEFAC-0013-0000-0003-ABCDEFFEDCBA}

Found and removed: CLSID\{CAFEEFAC-0013-0000-0004-ABCDEFFEDCBA}

Found and removed: CLSID\{CAFEEFAC-0013-0000-0005-ABCDEFFEDCBA}

Found and removed: CLSID\{CAFEEFAC-0013-0001-0000-ABCDEFFEDCBA}

Found and removed: CLSID\{CAFEEFAC-0013-0001-0001-ABCDEFFEDCBA}

Found and removed: CLSID\{CAFEEFAC-0013-0001-0001-ABCDEFFEDCBB}

Found and removed: CLSID\{CAFEEFAC-0013-0001-0002-ABCDEFFEDCBA}

Found and removed: CLSID\{CAFEEFAC-0013-0001-0002-ABCDEFFEDCBB}

Found and removed: CLSID\{CAFEEFAC-0013-0001-0003-ABCDEFFEDCBA}

Found and removed: CLSID\{CAFEEFAC-0013-0001-0003-ABCDEFFEDCBB}

Found and removed: CLSID\{CAFEEFAC-0013-0001-0004-ABCDEFFEDCBA}

Found and removed: CLSID\{CAFEEFAC-0013-0001-0004-ABCDEFFEDCBB}

Found and removed: CLSID\{CAFEEFAC-0013-0001-0005-ABCDEFFEDCBA}

Found and removed: CLSID\{CAFEEFAC-0013-0001-0005-ABCDEFFEDCBB}

Found and removed: CLSID\{CAFEEFAC-0013-0001-0006-ABCDEFFEDCBA}

Found and removed: CLSID\{CAFEEFAC-0013-0001-0006-ABCDEFFEDCBB}

Found and removed: CLSID\{CAFEEFAC-0013-0001-0007-ABCDEFFEDCBA}

Found and removed: CLSID\{CAFEEFAC-0013-0001-0007-ABCDEFFEDCBB}

Found and removed: CLSID\{CAFEEFAC-0013-0001-0008-ABCDEFFEDCBA}

Found and removed: CLSID\{CAFEEFAC-0013-0001-0008-ABCDEFFEDCBB}

Found and removed: CLSID\{CAFEEFAC-0013-0001-0009-ABCDEFFEDCBA}

Found and removed: CLSID\{CAFEEFAC-0013-0001-0009-ABCDEFFEDCBB}

Found and removed: CLSID\{CAFEEFAC-0013-0001-0010-ABCDEFFEDCBA}

Found and removed: CLSID\{CAFEEFAC-0013-0001-0010-ABCDEFFEDCBB}

Found and removed: CLSID\{CAFEEFAC-0013-0001-0011-ABCDEFFEDCBA}

Found and removed: CLSID\{CAFEEFAC-0013-0001-0011-ABCDEFFEDCBB}

Found and removed: CLSID\{CAFEEFAC-0013-0001-0012-ABCDEFFEDCBA}

Found and removed: CLSID\{CAFEEFAC-0013-0001-0012-ABCDEFFEDCBB}

Found and removed: CLSID\{CAFEEFAC-0013-0001-0013-ABCDEFFEDCBA}

Found and removed: CLSID\{CAFEEFAC-0013-0001-0013-ABCDEFFEDCBB}

Found and removed: CLSID\{CAFEEFAC-0013-0001-0014-ABCDEFFEDCBA}

Found and removed: CLSID\{CAFEEFAC-0013-0001-0014-ABCDEFFEDCBB}

Found and removed: CLSID\{CAFEEFAC-0013-0001-0015-ABCDEFFEDCBA}

Found and removed: CLSID\{CAFEEFAC-0013-0001-0015-ABCDEFFEDCBB}

Found and removed: CLSID\{CAFEEFAC-0013-0001-0016-ABCDEFFEDCBA}

Found and removed: CLSID\{CAFEEFAC-0013-0001-0016-ABCDEFFEDCBB}

Found and removed: CLSID\{CAFEEFAC-0013-0001-0017-ABCDEFFEDCBA}

Found and removed: CLSID\{CAFEEFAC-0013-0001-0017-ABCDEFFEDCBB}

Found and removed: CLSID\{CAFEEFAC-0013-0001-0018-ABCDEFFEDCBA}

Found and removed: CLSID\{CAFEEFAC-0013-0001-0018-ABCDEFFEDCBB}

Found and removed: CLSID\{CAFEEFAC-0013-0001-0019-ABCDEFFEDCBA}

Found and removed: CLSID\{CAFEEFAC-0013-0001-0019-ABCDEFFEDCBB}

Found and removed: CLSID\{CAFEEFAC-0013-0001-0020-ABCDEFFEDCBA}

Found and removed: CLSID\{CAFEEFAC-0013-0001-0020-ABCDEFFEDCBB}

Found and removed: CLSID\{CAFEEFAC-0013-0001-0021-ABCDEFFEDCBA}

Found and removed: CLSID\{CAFEEFAC-0013-0001-0021-ABCDEFFEDCBB}

Found and removed: CLSID\{CAFEEFAC-0014-0000-0000-ABCDEFFEDCBA}

Found and removed: CLSID\{CAFEEFAC-0014-0000-0000-ABCDEFFEDCBB}

Found and removed: CLSID\{CAFEEFAC-0014-0000-0001-ABCDEFFEDCBA}

Found and removed: CLSID\{CAFEEFAC-0014-0000-0001-ABCDEFFEDCBB}

Found and removed: CLSID\{CAFEEFAC-0014-0000-0002-ABCDEFFEDCBA}

Found and removed: CLSID\{CAFEEFAC-0014-0000-0002-ABCDEFFEDCBB}

Found and removed: CLSID\{CAFEEFAC-0014-0000-0003-ABCDEFFEDCBA}

Found and removed: CLSID\{CAFEEFAC-0014-0000-0003-ABCDEFFEDCBB}

Found and removed: CLSID\{CAFEEFAC-0014-0000-0004-ABCDEFFEDCBA}

Found and removed: CLSID\{CAFEEFAC-0014-0000-0004-ABCDEFFEDCBB}

Found and removed: CLSID\{CAFEEFAC-0014-0001-0000-ABCDEFFEDCBA}

Found and removed: CLSID\{CAFEEFAC-0014-0001-0000-ABCDEFFEDCBB}

Found and removed: CLSID\{CAFEEFAC-0014-0001-0001-ABCDEFFEDCBA}

Found and removed: CLSID\{CAFEEFAC-0014-0001-0001-ABCDEFFEDCBB}

Found and removed: CLSID\{CAFEEFAC-0014-0001-0002-ABCDEFFEDCBA}

Found and removed: CLSID\{CAFEEFAC-0014-0001-0002-ABCDEFFEDCBB}

Found and removed: CLSID\{CAFEEFAC-0014-0001-0003-ABCDEFFEDCBA}

Found and removed: CLSID\{CAFEEFAC-0014-0001-0003-ABCDEFFEDCBB}

Found and removed: CLSID\{CAFEEFAC-0014-0001-0004-ABCDEFFEDCBA}

Found and removed: CLSID\{CAFEEFAC-0014-0001-0004-ABCDEFFEDCBB}

Found and removed: CLSID\{CAFEEFAC-0014-0001-0005-ABCDEFFEDCBA}

Found and removed: CLSID\{CAFEEFAC-0014-0001-0005-ABCDEFFEDCBB}

Found and removed: CLSID\{CAFEEFAC-0014-0001-0006-ABCDEFFEDCBA}

Found and removed: CLSID\{CAFEEFAC-0014-0001-0006-ABCDEFFEDCBB}

Found and removed: CLSID\{CAFEEFAC-0014-0001-0007-ABCDEFFEDCBA}

Found and removed: CLSID\{CAFEEFAC-0014-0001-0007-ABCDEFFEDCBB}

Found and removed: CLSID\{CAFEEFAC-0014-0002-0000-ABCDEFFEDCBA}

Found and removed: CLSID\{CAFEEFAC-0014-0002-0000-ABCDEFFEDCBB}

Found and removed: CLSID\{CAFEEFAC-0014-0002-0001-ABCDEFFEDCBA}

Found and removed: CLSID\{CAFEEFAC-0014-0002-0001-ABCDEFFEDCBB}

Found and removed: CLSID\{CAFEEFAC-0014-0002-0002-ABCDEFFEDCBA}

Found and removed: CLSID\{CAFEEFAC-0014-0002-0002-ABCDEFFEDCBB}

Found and removed: CLSID\{CAFEEFAC-0014-0002-0003-ABCDEFFEDCBA}

Found and removed: CLSID\{CAFEEFAC-0014-0002-0003-ABCDEFFEDCBB}

Found and removed: CLSID\{CAFEEFAC-0014-0002-0004-ABCDEFFEDCBA}

Found and removed: CLSID\{CAFEEFAC-0014-0002-0004-ABCDEFFEDCBB}

Found and removed: CLSID\{CAFEEFAC-0014-0002-0005-ABCDEFFEDCBA}

Found and removed: CLSID\{CAFEEFAC-0014-0002-0005-ABCDEFFEDCBB}

Found and removed: CLSID\{CAFEEFAC-0014-0002-0006-ABCDEFFEDCBA}

Found and removed: CLSID\{CAFEEFAC-0014-0002-0006-ABCDEFFEDCBB}

Found and removed: CLSID\{CAFEEFAC-0014-0002-0007-ABCDEFFEDCBA}

Found and removed: CLSID\{CAFEEFAC-0014-0002-0007-ABCDEFFEDCBB}

Found and removed: CLSID\{CAFEEFAC-0014-0002-0008-ABCDEFFEDCBA}

Found and removed: CLSID\{CAFEEFAC-0014-0002-0008-ABCDEFFEDCBB}

Found and removed: CLSID\{CAFEEFAC-0014-0002-0009-ABCDEFFEDCBA}

Found and removed: CLSID\{CAFEEFAC-0014-0002-0009-ABCDEFFEDCBB}

Found and removed: CLSID\{CAFEEFAC-0014-0002-0010-ABCDEFFEDCBA}

Found and removed: CLSID\{CAFEEFAC-0014-0002-0010-ABCDEFFEDCBB}

Found and removed: CLSID\{CAFEEFAC-0014-0002-0011-ABCDEFFEDCBA}

Found and removed: CLSID\{CAFEEFAC-0014-0002-0011-ABCDEFFEDCBB}

Found and removed: CLSID\{CAFEEFAC-0014-0002-0012-ABCDEFFEDCBA}

Found and removed: CLSID\{CAFEEFAC-0014-0002-0012-ABCDEFFEDCBB}

Found and removed: CLSID\{CAFEEFAC-0014-0002-0013-ABCDEFFEDCBA}

Found and removed: CLSID\{CAFEEFAC-0014-0002-0013-ABCDEFFEDCBB}

Found and removed: CLSID\{CAFEEFAC-0014-0002-0014-ABCDEFFEDCBA}

Found and removed: CLSID\{CAFEEFAC-0014-0002-0014-ABCDEFFEDCBB}

Found and removed: CLSID\{CAFEEFAC-0014-0002-0015-ABCDEFFEDCBA}

Found and removed: CLSID\{CAFEEFAC-0014-0002-0015-ABCDEFFEDCBB}

Found and removed: CLSID\{CAFEEFAC-0014-0002-0016-ABCDEFFEDCBA}

Found and removed: CLSID\{CAFEEFAC-0014-0002-0016-ABCDEFFEDCBB}

Found and removed: CLSID\{CAFEEFAC-0014-0002-0017-ABCDEFFEDCBA}

Found and removed: CLSID\{CAFEEFAC-0014-0002-0017-ABCDEFFEDCBB}

Found and removed: CLSID\{CAFEEFAC-0014-0002-0018-ABCDEFFEDCBA}

Found and removed: CLSID\{CAFEEFAC-0014-0002-0018-ABCDEFFEDCBB}

Found and removed: CLSID\{CAFEEFAC-0014-0002-0019-ABCDEFFEDCBA}

Found and removed: CLSID\{CAFEEFAC-0014-0002-0019-ABCDEFFEDCBB}

Found and removed: CLSID\{CAFEEFAC-0014-0002-0020-ABCDEFFEDCBA}

Found and removed: CLSID\{CAFEEFAC-0014-0002-0020-ABCDEFFEDCBB}

Found and removed: CLSID\{CAFEEFAC-0014-0002-0021-ABCDEFFEDCBA}

Found and removed: CLSID\{CAFEEFAC-0014-0002-0021-ABCDEFFEDCBB}

Found and removed: CLSID\{CAFEEFAC-0014-0002-0022-ABCDEFFEDCBA}

Found and removed: CLSID\{CAFEEFAC-0014-0002-0022-ABCDEFFEDCBB}

Found and removed: CLSID\{CAFEEFAC-0014-0002-0023-ABCDEFFEDCBA}

Found and removed: CLSID\{CAFEEFAC-0014-0002-0023-ABCDEFFEDCBB}

Found and removed: CLSID\{CAFEEFAC-0014-0002-0024-ABCDEFFEDCBA}

Found and removed: CLSID\{CAFEEFAC-0014-0002-0024-ABCDEFFEDCBB}

Found and removed: CLSID\{CAFEEFAC-0014-0002-0025-ABCDEFFEDCBA}

Found and removed: CLSID\{CAFEEFAC-0014-0002-0025-ABCDEFFEDCBB}

Found and removed: CLSID\{CAFEEFAC-0014-0002-0026-ABCDEFFEDCBA}

Found and removed: CLSID\{CAFEEFAC-0014-0002-0026-ABCDEFFEDCBB}

Found and removed: CLSID\{CAFEEFAC-0014-0002-0027-ABCDEFFEDCBA}

Found and removed: CLSID\{CAFEEFAC-0014-0002-0027-ABCDEFFEDCBB}

Found and removed: CLSID\{CAFEEFAC-0014-0002-0028-ABCDEFFEDCBA}

Found and removed: CLSID\{CAFEEFAC-0014-0002-0028-ABCDEFFEDCBB}

Found and removed: CLSID\{CAFEEFAC-0014-0002-0029-ABCDEFFEDCBA}

Found and removed: CLSID\{CAFEEFAC-0014-0002-0029-ABCDEFFEDCBB}

Found and removed: CLSID\{CAFEEFAC-0014-0002-0030-ABCDEFFEDCBA}

Found and removed: CLSID\{CAFEEFAC-0014-0002-0030-ABCDEFFEDCBB}

Found and removed: CLSID\{CAFEEFAC-0014-0002-0031-ABCDEFFEDCBA}

Found and removed: CLSID\{CAFEEFAC-0014-0002-0031-ABCDEFFEDCBB}

Found and removed: CLSID\{CAFEEFAC-0014-0002-0032-ABCDEFFEDCBA}

Found and removed: CLSID\{CAFEEFAC-0014-0002-0032-ABCDEFFEDCBB}

Found and removed: CLSID\{CAFEEFAC-0014-0002-0033-ABCDEFFEDCBA}

Found and removed: CLSID\{CAFEEFAC-0014-0002-0033-ABCDEFFEDCBB}

Found and removed: CLSID\{CAFEEFAC-0014-0002-0034-ABCDEFFEDCBA}

Found and removed: CLSID\{CAFEEFAC-0014-0002-0034-ABCDEFFEDCBB}

Found and removed: CLSID\{CAFEEFAC-0014-0002-0035-ABCDEFFEDCBA}

Found and removed: CLSID\{CAFEEFAC-0014-0002-0035-ABCDEFFEDCBB}

Found and removed: CLSID\{CAFEEFAC-0014-0002-0036-ABCDEFFEDCBA}

Found and removed: CLSID\{CAFEEFAC-0014-0002-0036-ABCDEFFEDCBB}

Found and removed: CLSID\{CAFEEFAC-0014-0002-0037-ABCDEFFEDCBA}

Found and removed: CLSID\{CAFEEFAC-0014-0002-0037-ABCDEFFEDCBB}

Found and removed: CLSID\{CAFEEFAC-0014-0002-0038-ABCDEFFEDCBA}

Found and removed: CLSID\{CAFEEFAC-0014-0002-0038-ABCDEFFEDCBB}

Found and removed: CLSID\{CAFEEFAC-0014-0002-FFFF-ABCDEFFEDCBA}

Found and removed: CLSID\{CAFEEFAC-0015-0000-0000-ABCDEFFEDCBA}

Found and removed: CLSID\{CAFEEFAC-0015-0000-0000-ABCDEFFEDCBB}

Found and removed: CLSID\{CAFEEFAC-0015-0000-0000-ABCDEFFEDCBC}

Found and removed: CLSID\{CAFEEFAC-0015-0000-0001-ABCDEFFEDCBA}

Found and removed: CLSID\{CAFEEFAC-0015-0000-0001-ABCDEFFEDCBB}

Found and removed: CLSID\{CAFEEFAC-0015-0000-0001-ABCDEFFEDCBC}

Found and removed: CLSID\{CAFEEFAC-0015-0000-0002-ABCDEFFEDCBA}

Found and removed: CLSID\{CAFEEFAC-0015-0000-0002-ABCDEFFEDCBB}

Found and removed: CLSID\{CAFEEFAC-0015-0000-0002-ABCDEFFEDCBC}

Found and removed: CLSID\{CAFEEFAC-0015-0000-0003-ABCDEFFEDCBA}

Found and removed: CLSID\{CAFEEFAC-0015-0000-0003-ABCDEFFEDCBB}

Found and removed: CLSID\{CAFEEFAC-0015-0000-0003-ABCDEFFEDCBC}

Found and removed: CLSID\{CAFEEFAC-0015-0000-0004-ABCDEFFEDCBA}

Found and removed: CLSID\{CAFEEFAC-0015-0000-0004-ABCDEFFEDCBB}

Found and removed: CLSID\{CAFEEFAC-0015-0000-0004-ABCDEFFEDCBC}

Found and removed: CLSID\{CAFEEFAC-0015-0000-0005-ABCDEFFEDCBA}

Found and removed: CLSID\{CAFEEFAC-0015-0000-0005-ABCDEFFEDCBB}

Found and removed: CLSID\{CAFEEFAC-0015-0000-0005-ABCDEFFEDCBC}

Found and removed: CLSID\{CAFEEFAC-0015-0000-0006-ABCDEFFEDCBA}

Found and removed: CLSID\{CAFEEFAC-0015-0000-0006-ABCDEFFEDCBB}

Found and removed: CLSID\{CAFEEFAC-0015-0000-0006-ABCDEFFEDCBC}

Found and removed: CLSID\{CAFEEFAC-0015-0000-0007-ABCDEFFEDCBA}

Found and removed: CLSID\{CAFEEFAC-0015-0000-0007-ABCDEFFEDCBB}

Found and removed: CLSID\{CAFEEFAC-0015-0000-0007-ABCDEFFEDCBC}

Found and removed: CLSID\{CAFEEFAC-0015-0000-0008-ABCDEFFEDCBA}

Found and removed: CLSID\{CAFEEFAC-0015-0000-0008-ABCDEFFEDCBB}

Found and removed: CLSID\{CAFEEFAC-0015-0000-0008-ABCDEFFEDCBC}

Found and removed: CLSID\{CAFEEFAC-0015-0000-0009-ABCDEFFEDCBA}

Found and removed: CLSID\{CAFEEFAC-0015-0000-0009-ABCDEFFEDCBB}

Found and removed: CLSID\{CAFEEFAC-0015-0000-0009-ABCDEFFEDCBC}

Found and removed: CLSID\{CAFEEFAC-0015-0000-0010-ABCDEFFEDCBA}

Found and removed: CLSID\{CAFEEFAC-0015-0000-0010-ABCDEFFEDCBB}

Found and removed: CLSID\{CAFEEFAC-0015-0000-0010-ABCDEFFEDCBC}

Found and removed: CLSID\{CAFEEFAC-0015-0000-0011-ABCDEFFEDCBA}

Found and removed: CLSID\{CAFEEFAC-0015-0000-0011-ABCDEFFEDCBB}

Found and removed: CLSID\{CAFEEFAC-0015-0000-0011-ABCDEFFEDCBC}

Found and removed: CLSID\{CAFEEFAC-0015-0000-0012-ABCDEFFEDCBA}

Found and removed: CLSID\{CAFEEFAC-0015-0000-0012-ABCDEFFEDCBB}

Found and removed: CLSID\{CAFEEFAC-0015-0000-0012-ABCDEFFEDCBC}

Found and removed: CLSID\{CAFEEFAC-0015-0000-0013-ABCDEFFEDCBA}

Found and removed: CLSID\{CAFEEFAC-0015-0000-0013-ABCDEFFEDCBB}

Found and removed: CLSID\{CAFEEFAC-0015-0000-0013-ABCDEFFEDCBC}

Found and removed: CLSID\{CAFEEFAC-0015-0000-0014-ABCDEFFEDCBA}

Found and removed: CLSID\{CAFEEFAC-0015-0000-0014-ABCDEFFEDCBB}

Found and removed: CLSID\{CAFEEFAC-0015-0000-0014-ABCDEFFEDCBC}

Found and removed: CLSID\{CAFEEFAC-0015-0000-0015-ABCDEFFEDCBA}

Found and removed: CLSID\{CAFEEFAC-0015-0000-0015-ABCDEFFEDCBB}

Found and removed: CLSID\{CAFEEFAC-0015-0000-0015-ABCDEFFEDCBC}

Found and removed: CLSID\{CAFEEFAC-0015-0000-0016-ABCDEFFEDCBA}

Found and removed: CLSID\{CAFEEFAC-0015-0000-0016-ABCDEFFEDCBB}

Found and removed: CLSID\{CAFEEFAC-0015-0000-0016-ABCDEFFEDCBC}

Found and removed: CLSID\{CAFEEFAC-0015-0000-0017-ABCDEFFEDCBA}

Found and removed: CLSID\{CAFEEFAC-0015-0000-0017-ABCDEFFEDCBB}

Found and removed: CLSID\{CAFEEFAC-0015-0000-0017-ABCDEFFEDCBC}

Found and removed: CLSID\{CAFEEFAC-0015-0000-0018-ABCDEFFEDCBA}

Found and removed: CLSID\{CAFEEFAC-0015-0000-0018-ABCDEFFEDCBB}

Found and removed: CLSID\{CAFEEFAC-0015-0000-0018-ABCDEFFEDCBC}

Found and removed: CLSID\{CAFEEFAC-0015-0000-0019-ABCDEFFEDCBA}

Found and removed: CLSID\{CAFEEFAC-0015-0000-0019-ABCDEFFEDCBB}

Found and removed: CLSID\{CAFEEFAC-0015-0000-0019-ABCDEFFEDCBC}

Found and removed: CLSID\{CAFEEFAC-0015-0000-0020-ABCDEFFEDCBA}

Found and removed: CLSID\{CAFEEFAC-0015-0000-0020-ABCDEFFEDCBB}

Found and removed: CLSID\{CAFEEFAC-0015-0000-0020-ABCDEFFEDCBC}

Found and removed: CLSID\{CAFEEFAC-0015-0000-0021-ABCDEFFEDCBA}

Found and removed: CLSID\{CAFEEFAC-0015-0000-0021-ABCDEFFEDCBB}

Found and removed: CLSID\{CAFEEFAC-0015-0000-0021-ABCDEFFEDCBC}

Found and removed: CLSID\{CAFEEFAC-0015-0000-0022-ABCDEFFEDCBA}

Found and removed: CLSID\{CAFEEFAC-0015-0000-0022-ABCDEFFEDCBB}

Found and removed: CLSID\{CAFEEFAC-0015-0000-0022-ABCDEFFEDCBC}

Found and removed: CLSID\{CAFEEFAC-0015-0000-0023-ABCDEFFEDCBA}

Found and removed: CLSID\{CAFEEFAC-0015-0000-0023-ABCDEFFEDCBB}

Found and removed: CLSID\{CAFEEFAC-0015-0000-0023-ABCDEFFEDCBC}

Found and removed: CLSID\{CAFEEFAC-0015-0000-0024-ABCDEFFEDCBA}

Found and removed: CLSID\{CAFEEFAC-0015-0000-0024-ABCDEFFEDCBB}

Found and removed: CLSID\{CAFEEFAC-0015-0000-0024-ABCDEFFEDCBC}

Found and removed: CLSID\{CAFEEFAC-0015-0000-0025-ABCDEFFEDCBA}

Found and removed: CLSID\{CAFEEFAC-0015-0000-0025-ABCDEFFEDCBB}

Found and removed: CLSID\{CAFEEFAC-0015-0000-0025-ABCDEFFEDCBC}

Found and removed: CLSID\{CAFEEFAC-0015-0000-0026-ABCDEFFEDCBA}

Found and removed: CLSID\{CAFEEFAC-0015-0000-0026-ABCDEFFEDCBB}

Found and removed: CLSID\{CAFEEFAC-0015-0000-0026-ABCDEFFEDCBC}

Found and removed: CLSID\{CAFEEFAC-0015-0000-0027-ABCDEFFEDCBA}

Found and removed: CLSID\{CAFEEFAC-0015-0000-0027-ABCDEFFEDCBB}

Found and removed: CLSID\{CAFEEFAC-0015-0000-0027-ABCDEFFEDCBC}

Found and removed: CLSID\{CAFEEFAC-0015-0000-0028-ABCDEFFEDCBA}

Found and removed: CLSID\{CAFEEFAC-0015-0000-0028-ABCDEFFEDCBB}

Found and removed: CLSID\{CAFEEFAC-0015-0000-0028-ABCDEFFEDCBC}

Found and removed: CLSID\{CAFEEFAC-0015-0000-0029-ABCDEFFEDCBA}

Found and removed: CLSID\{CAFEEFAC-0015-0000-0029-ABCDEFFEDCBB}

Found and removed: CLSID\{CAFEEFAC-0015-0000-0029-ABCDEFFEDCBC}

Found and removed: CLSID\{CAFEEFAC-0015-0000-0030-ABCDEFFEDCBA}

Found and removed: CLSID\{CAFEEFAC-0015-0000-0030-ABCDEFFEDCBB}

Found and removed: CLSID\{CAFEEFAC-0015-0000-0030-ABCDEFFEDCBC}

Found and removed: CLSID\{CAFEEFAC-0015-0000-0031-ABCDEFFEDCBA}

Found and removed: CLSID\{CAFEEFAC-0015-0000-0031-ABCDEFFEDCBB}

Found and removed: CLSID\{CAFEEFAC-0015-0000-0031-ABCDEFFEDCBC}

Found and removed: CLSID\{CAFEEFAC-0015-0000-0032-ABCDEFFEDCBA}

Found and removed: CLSID\{CAFEEFAC-0015-0000-0032-ABCDEFFEDCBB}

Found and removed: CLSID\{CAFEEFAC-0015-0000-0032-ABCDEFFEDCBC}

Found and removed: CLSID\{CAFEEFAC-0015-0000-0033-ABCDEFFEDCBA}

Found and removed: CLSID\{CAFEEFAC-0015-0000-0033-ABCDEFFEDCBB}

Found and removed: CLSID\{CAFEEFAC-0015-0000-0033-ABCDEFFEDCBC}

Found and removed: CLSID\{CAFEEFAC-0015-0000-0034-ABCDEFFEDCBA}

Found and removed: CLSID\{CAFEEFAC-0015-0000-0034-ABCDEFFEDCBB}

Found and removed: CLSID\{CAFEEFAC-0015-0000-0034-ABCDEFFEDCBC}

Found and removed: CLSID\{CAFEEFAC-0015-0000-0035-ABCDEFFEDCBA}

Found and removed: CLSID\{CAFEEFAC-0015-0000-0035-ABCDEFFEDCBB}

Found and removed: CLSID\{CAFEEFAC-0015-0000-0035-ABCDEFFEDCBC}

Found and removed: CLSID\{CAFEEFAC-0015-0000-0036-ABCDEFFEDCBA}

Found and removed: CLSID\{CAFEEFAC-0015-0000-0036-ABCDEFFEDCBB}

Found and removed: CLSID\{CAFEEFAC-0015-0000-0036-ABCDEFFEDCBC}

Found and removed: CLSID\{CAFEEFAC-0015-0000-FFFF-ABCDEFFEDCBA}

Found and removed: CLSID\{CAFEEFAC-0016-0000-0000-ABCDEFFEDCBA}

Found and removed: CLSID\{CAFEEFAC-0016-0000-0000-ABCDEFFEDCBB}

Found and removed: CLSID\{CAFEEFAC-0016-0000-0000-ABCDEFFEDCBC}

Found and removed: CLSID\{CAFEEFAC-0016-0000-FFFF-ABCDEFFEDCBA}

Found and removed: CLSID\{CAFEEFAC-0016-0000-0001-ABCDEFFEDCBA}

Found and removed: CLSID\{CAFEEFAC-0016-0000-0001-ABCDEFFEDCBB}

Found and removed: CLSID\{CAFEEFAC-0016-0000-0001-ABCDEFFEDCBC}

Found and removed: CLSID\{CAFEEFAC-0016-0000-0002-ABCDEFFEDCBA}

Found and removed: CLSID\{CAFEEFAC-0016-0000-0002-ABCDEFFEDCBB}

Found and removed: CLSID\{CAFEEFAC-0016-0000-0002-ABCDEFFEDCBC}

Found and removed: CLSID\{CAFEEFAC-0016-0000-0003-ABCDEFFEDCBA}

Found and removed: CLSID\{CAFEEFAC-0016-0000-0003-ABCDEFFEDCBB}

Found and removed: CLSID\{CAFEEFAC-0016-0000-0003-ABCDEFFEDCBC}

Found and removed: CLSID\{CAFEEFAC-0016-0000-0004-ABCDEFFEDCBA}

Found and removed: CLSID\{CAFEEFAC-0016-0000-0004-ABCDEFFEDCBB}

Found and removed: CLSID\{CAFEEFAC-0016-0000-0004-ABCDEFFEDCBC}

Found and removed: CLSID\{CAFEEFAC-0016-0000-0005-ABCDEFFEDCBA}

Found and removed: CLSID\{CAFEEFAC-0016-0000-0005-ABCDEFFEDCBB}

Found and removed: CLSID\{CAFEEFAC-0016-0000-0005-ABCDEFFEDCBC}

Found and removed: CLSID\{CAFEEFAC-0016-0000-0006-ABCDEFFEDCBA}

Found and removed: CLSID\{CAFEEFAC-0016-0000-0006-ABCDEFFEDCBB}

Found and removed: CLSID\{CAFEEFAC-0016-0000-0006-ABCDEFFEDCBC}

Found and removed: CLSID\{CAFEEFAC-0016-0000-0007-ABCDEFFEDCBA}

Found and removed: CLSID\{CAFEEFAC-0016-0000-0007-ABCDEFFEDCBB}

Found and removed: CLSID\{CAFEEFAC-0016-0000-0007-ABCDEFFEDCBC}

Found and removed: CLSID\{CAFEEFAC-0016-0000-0008-ABCDEFFEDCBA}

Found and removed: CLSID\{CAFEEFAC-0016-0000-0008-ABCDEFFEDCBB}

Found and removed: CLSID\{CAFEEFAC-0016-0000-0008-ABCDEFFEDCBC}

Found and removed: CLSID\{CAFEEFAC-0016-0000-0009-ABCDEFFEDCBA}

Found and removed: CLSID\{CAFEEFAC-0016-0000-0009-ABCDEFFEDCBB}

Found and removed: CLSID\{CAFEEFAC-0016-0000-0009-ABCDEFFEDCBC}

Found and removed: CLSID\{CAFEEFAC-0016-0000-0010-ABCDEFFEDCBA}

Found and removed: CLSID\{CAFEEFAC-0016-0000-0010-ABCDEFFEDCBB}

Found and removed: CLSID\{CAFEEFAC-0016-0000-0010-ABCDEFFEDCBC}

Found and removed: CLSID\{CAFEEFAC-0016-0000-0011-ABCDEFFEDCBA}

Found and removed: CLSID\{CAFEEFAC-0016-0000-0011-ABCDEFFEDCBB}

Found and removed: CLSID\{CAFEEFAC-0016-0000-0011-ABCDEFFEDCBC}

Found and removed: CLSID\{CAFEEFAC-0016-0000-0012-ABCDEFFEDCBA}

Found and removed: CLSID\{CAFEEFAC-0016-0000-0012-ABCDEFFEDCBB}

Found and removed: CLSID\{CAFEEFAC-0016-0000-0012-ABCDEFFEDCBC}

Found and removed: CLSID\{CAFEEFAC-0016-0000-0013-ABCDEFFEDCBA}

Found and removed: CLSID\{CAFEEFAC-0016-0000-0013-ABCDEFFEDCBB}

Found and removed: CLSID\{CAFEEFAC-0016-0000-0013-ABCDEFFEDCBC}

Found and removed: CLSID\{CAFEEFAC-0016-0000-0014-ABCDEFFEDCBA}

Found and removed: CLSID\{CAFEEFAC-0016-0000-0014-ABCDEFFEDCBB}

Found and removed: CLSID\{CAFEEFAC-0016-0000-0014-ABCDEFFEDCBC}

Found and removed: CLSID\{CAFEEFAC-0016-0000-0015-ABCDEFFEDCBA}

Found and removed: CLSID\{CAFEEFAC-0016-0000-0015-ABCDEFFEDCBB}

Found and removed: CLSID\{CAFEEFAC-0016-0000-0015-ABCDEFFEDCBC}

Found and removed: CLSID\{CAFEEFAC-0016-0000-0016-ABCDEFFEDCBA}

Found and removed: CLSID\{CAFEEFAC-0016-0000-0016-ABCDEFFEDCBB}

Found and removed: CLSID\{CAFEEFAC-0016-0000-0016-ABCDEFFEDCBC}

Found and removed: CLSID\{CAFEEFAC-0016-0000-0017-ABCDEFFEDCBA}

Found and removed: CLSID\{CAFEEFAC-0016-0000-0017-ABCDEFFEDCBB}

Found and removed: CLSID\{CAFEEFAC-0016-0000-0017-ABCDEFFEDCBC}

Found and removed: CLSID\{CAFEEFAC-0016-0000-0018-ABCDEFFEDCBA}

Found and removed: CLSID\{CAFEEFAC-0016-0000-0018-ABCDEFFEDCBB}

Found and removed: CLSID\{CAFEEFAC-0016-0000-0018-ABCDEFFEDCBC}

Found and removed: CLSID\{CAFEEFAC-0016-0000-0019-ABCDEFFEDCBA}

Found and removed: CLSID\{CAFEEFAC-0016-0000-0019-ABCDEFFEDCBB}

Found and removed: CLSID\{CAFEEFAC-0016-0000-0019-ABCDEFFEDCBC}

Found and removed: CLSID\{CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}

Found and removed: CLSID\{CAFEEFAC-0016-0000-0020-ABCDEFFEDCBB}

Found and removed: CLSID\{CAFEEFAC-0016-0000-0020-ABCDEFFEDCBC}

Found and removed: CLSID\{CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA}

Found and removed: CLSID\{CAFEEFAC-0016-0000-0021-ABCDEFFEDCBB}

Found and removed: CLSID\{CAFEEFAC-0016-0000-0021-ABCDEFFEDCBC}

Found and removed: CLSID\{CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}

Found and removed: CLSID\{CAFEEFAC-0016-0000-0022-ABCDEFFEDCBB}

Found and removed: CLSID\{CAFEEFAC-0016-0000-0022-ABCDEFFEDCBC}

Found and removed: CLSID\{CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA}

Found and removed: CLSID\{CAFEEFAC-0016-0000-0023-ABCDEFFEDCBB}

Found and removed: CLSID\{CAFEEFAC-0016-0000-0023-ABCDEFFEDCBC}

Found and removed: CLSID\{CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA}

Found and removed: CLSID\{CAFEEFAC-0016-0000-0024-ABCDEFFEDCBB}

Found and removed: CLSID\{CAFEEFAC-0016-0000-0024-ABCDEFFEDCBC}

Found and removed: CLSID\{CAFEEFAC-0016-0000-0025-ABCDEFFEDCBA}

Found and removed: CLSID\{CAFEEFAC-0016-0000-0025-ABCDEFFEDCBB}

Found and removed: CLSID\{CAFEEFAC-0016-0000-0025-ABCDEFFEDCBC}

Found and removed: CLSID\{CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA}

Found and removed: CLSID\{CAFEEFAC-0016-0000-0026-ABCDEFFEDCBB}

Found and removed: CLSID\{CAFEEFAC-0016-0000-0026-ABCDEFFEDCBC}

Found and removed: CLSID\{CAFEEFAC-0016-0000-0027-ABCDEFFEDCBA}

Found and removed: CLSID\{CAFEEFAC-0016-0000-0027-ABCDEFFEDCBB}

Found and removed: CLSID\{CAFEEFAC-0016-0000-0027-ABCDEFFEDCBC}

Found and removed: CLSID\{CAFEEFAC-0016-0000-0028-ABCDEFFEDCBA}

Found and removed: CLSID\{CAFEEFAC-0016-0000-0028-ABCDEFFEDCBB}

Found and removed: CLSID\{CAFEEFAC-0016-0000-0028-ABCDEFFEDCBC}

Found and removed: CLSID\{CAFEEFAC-0016-0000-0029-ABCDEFFEDCBA}

Found and removed: CLSID\{CAFEEFAC-0016-0000-0029-ABCDEFFEDCBB}

Found and removed: CLSID\{CAFEEFAC-0016-0000-0029-ABCDEFFEDCBC}

Found and removed: CLSID\{CAFEEFAC-0016-0000-0030-ABCDEFFEDCBB}

Found and removed: CLSID\{CAFEEFAC-0016-0000-0030-ABCDEFFEDCBC}

Found and removed: CLSID\{CAFEEFAC-0016-0000-0031-ABCDEFFEDCBB}

Found and removed: CLSID\{CAFEEFAC-0016-0000-0031-ABCDEFFEDCBC}

Found and removed: CLSID\{CAFEEFAC-0016-0000-0032-ABCDEFFEDCBB}

Found and removed: CLSID\{CAFEEFAC-0016-0000-0032-ABCDEFFEDCBC}

Found and removed: CLSID\{CAFEEFAC-0016-0000-0033-ABCDEFFEDCBB}

Found and removed: CLSID\{CAFEEFAC-0016-0000-0033-ABCDEFFEDCBC}

Found and removed: CLSID\{CAFEEFAC-0016-0000-0034-ABCDEFFEDCBB}

Found and removed: CLSID\{CAFEEFAC-0016-0000-0034-ABCDEFFEDCBC}

Found and removed: CLSID\{CAFEEFAC-0016-0000-0035-ABCDEFFEDCBB}

Found and removed: CLSID\{CAFEEFAC-0016-0000-0035-ABCDEFFEDCBC}

Found and removed: CLSID\{CAFEEFAC-0016-0000-0036-ABCDEFFEDCBB}

Found and removed: CLSID\{CAFEEFAC-0016-0000-0036-ABCDEFFEDCBC}

Found and removed: CLSID\{CAFEEFAC-0016-0000-0037-ABCDEFFEDCBB}

Found and removed: CLSID\{CAFEEFAC-0016-0000-0037-ABCDEFFEDCBC}

Found and removed: CLSID\{CAFEEFAC-0016-0000-0038-ABCDEFFEDCBB}

Found and removed: CLSID\{CAFEEFAC-0016-0000-0038-ABCDEFFEDCBC}

Found and removed: CLSID\{CAFEEFAC-0017-0000-0000-ABCDEFFEDCBA}

Found and removed: CLSID\{CAFEEFAC-0017-0000-0000-ABCDEFFEDCBB}

Found and removed: CLSID\{CAFEEFAC-0017-0000-0000-ABCDEFFEDCBC}

Found and removed: CLSID\{CAFEEFAC-0017-0000-0001-ABCDEFFEDCBA}

Found and removed: CLSID\{CAFEEFAC-0017-0000-0001-ABCDEFFEDCBB}

Found and removed: CLSID\{CAFEEFAC-0017-0000-0001-ABCDEFFEDCBC}

Found and removed: CLSID\{CAFEEFAC-0017-0000-0002-ABCDEFFEDCBA}

Found and removed: CLSID\{CAFEEFAC-0017-0000-0002-ABCDEFFEDCBB}

Found and removed: CLSID\{CAFEEFAC-0017-0000-0002-ABCDEFFEDCBC}

Found and removed: CLSID\{CAFEEFAC-0017-0000-0003-ABCDEFFEDCBA}

Found and removed: CLSID\{CAFEEFAC-0017-0000-0003-ABCDEFFEDCBB}

Found and removed: CLSID\{CAFEEFAC-0017-0000-0003-ABCDEFFEDCBC}

Found and removed: CLSID\{CAFEEFAC-0017-0000-0004-ABCDEFFEDCBA}

Found and removed: CLSID\{CAFEEFAC-0017-0000-0004-ABCDEFFEDCBB}

Found and removed: CLSID\{CAFEEFAC-0017-0000-0004-ABCDEFFEDCBC}

Found and removed: CLSID\{CAFEEFAC-0017-0000-0005-ABCDEFFEDCBA}

Found and removed: CLSID\{CAFEEFAC-0017-0000-0005-ABCDEFFEDCBB}

Found and removed: CLSID\{CAFEEFAC-0017-0000-0005-ABCDEFFEDCBC}

Found and removed: CLSID\{CAFEEFAC-0017-0000-0006-ABCDEFFEDCBA}

Found and removed: CLSID\{CAFEEFAC-0017-0000-0006-ABCDEFFEDCBB}

Found and removed: CLSID\{CAFEEFAC-0017-0000-0006-ABCDEFFEDCBC}

Found and removed: CLSID\{CAFEEFAC-0017-0000-0007-ABCDEFFEDCBA}

Found and removed: CLSID\{CAFEEFAC-0017-0000-0007-ABCDEFFEDCBB}

Found and removed: CLSID\{CAFEEFAC-0017-0000-0007-ABCDEFFEDCBC}

Found and removed: CLSID\{CAFEEFAC-0017-0000-0008-ABCDEFFEDCBA}

Found and removed: CLSID\{CAFEEFAC-0017-0000-0008-ABCDEFFEDCBB}

Found and removed: CLSID\{CAFEEFAC-0017-0000-0008-ABCDEFFEDCBC}

Found and removed: CLSID\{CAFEEFAC-0017-0000-0009-ABCDEFFEDCBA}

Found and removed: CLSID\{CAFEEFAC-0017-0000-0009-ABCDEFFEDCBB}

Found and removed: CLSID\{CAFEEFAC-0017-0000-0009-ABCDEFFEDCBC}

Found and removed: CLSID\{CAFEEFAC-0017-0000-0010-ABCDEFFEDCBA}

Found and removed: CLSID\{CAFEEFAC-0017-0000-0010-ABCDEFFEDCBB}

Found and removed: CLSID\{CAFEEFAC-0017-0000-0010-ABCDEFFEDCBC}

Found and removed: CLSID\{CAFEEFAC-0017-0000-0011-ABCDEFFEDCBA}

Found and removed: CLSID\{CAFEEFAC-0017-0000-0011-ABCDEFFEDCBB}

Found and removed: CLSID\{CAFEEFAC-0017-0000-0011-ABCDEFFEDCBC}

Found and removed: CLSID\{CAFEEFAC-0017-0000-0012-ABCDEFFEDCBA}

Found and removed: CLSID\{CAFEEFAC-0017-0000-0012-ABCDEFFEDCBB}

Found and removed: CLSID\{CAFEEFAC-0017-0000-0012-ABCDEFFEDCBC}

Found and removed: CLSID\{CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA}

Found and removed: Software\Classes\CLSID\{CAFEEFAC-0016-0000-0030-ABCDEFFEDCBA}

Found and removed: Software\Classes\CLSID\{CAFEEFAC-0016-0000-0031-ABCDEFFEDCBA}

Found and removed: Software\Classes\CLSID\{CAFEEFAC-0016-0000-0032-ABCDEFFEDCBA}

Found and removed: Software\Classes\CLSID\{CAFEEFAC-0016-0000-0033-ABCDEFFEDCBA}

Found and removed: Software\Classes\CLSID\{CAFEEFAC-0016-0000-0034-ABCDEFFEDCBA}

Found and removed: Software\Classes\CLSID\{CAFEEFAC-0016-0000-0035-ABCDEFFEDCBA}

Found and removed: Software\Classes\CLSID\{CAFEEFAC-0016-0000-0036-ABCDEFFEDCBA}

Found and removed: Software\Classes\CLSID\{CAFEEFAC-0016-0000-0037-ABCDEFFEDCBA}

Found and removed: Software\Classes\CLSID\{CAFEEFAC-0016-0000-0038-ABCDEFFEDCBA}

Found and removed: Software\Classes\CLSID\{CAFEEFAC-0017-0000-FFFF-ABCDEFFEDCBA}

Found and removed: Software\Classes\CLSID\{E19F9331-3110-11D4-991C-005004D3B3DB}

Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0013-0000-0003-ABCDEFFEDCBA}

Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0013-0000-0004-ABCDEFFEDCBA}

Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0013-0000-0005-ABCDEFFEDCBA}

Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0013-0001-0000-ABCDEFFEDCBA}

Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0013-0001-0001-ABCDEFFEDCBA}

Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0013-0001-0001-ABCDEFFEDCBB}

Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0013-0001-0002-ABCDEFFEDCBA}

Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0013-0001-0002-ABCDEFFEDCBB}

Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0013-0001-0003-ABCDEFFEDCBA}

Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0013-0001-0003-ABCDEFFEDCBB}

Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0013-0001-0004-ABCDEFFEDCBA}

Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0013-0001-0004-ABCDEFFEDCBB}

Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0013-0001-0005-ABCDEFFEDCBA}

Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0013-0001-0005-ABCDEFFEDCBB}

Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0013-0001-0006-ABCDEFFEDCBA}

Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0013-0001-0006-ABCDEFFEDCBB}

Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0013-0001-0007-ABCDEFFEDCBA}

Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0013-0001-0007-ABCDEFFEDCBB}

Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0013-0001-0008-ABCDEFFEDCBA}

Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0013-0001-0008-ABCDEFFEDCBB}

Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0013-0001-0009-ABCDEFFEDCBA}

Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0013-0001-0009-ABCDEFFEDCBB}

Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0013-0001-0010-ABCDEFFEDCBA}

Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0013-0001-0010-ABCDEFFEDCBB}

Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0013-0001-0011-ABCDEFFEDCBA}

Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0013-0001-0011-ABCDEFFEDCBB}

Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0013-0001-0012-ABCDEFFEDCBA}

Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0013-0001-0012-ABCDEFFEDCBB}

Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0013-0001-0013-ABCDEFFEDCBA}

Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0013-0001-0013-ABCDEFFEDCBB}

Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0013-0001-0014-ABCDEFFEDCBA}

Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0013-0001-0014-ABCDEFFEDCBB}

Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0013-0001-0015-ABCDEFFEDCBA}

Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0013-0001-0015-ABCDEFFEDCBB}

Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0013-0001-0016-ABCDEFFEDCBA}

Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0013-0001-0016-ABCDEFFEDCBB}

Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0013-0001-0017-ABCDEFFEDCBA}

Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0013-0001-0017-ABCDEFFEDCBB}

Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0013-0001-0018-ABCDEFFEDCBA}

Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0013-0001-0018-ABCDEFFEDCBB}

Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0013-0001-0019-ABCDEFFEDCBA}

Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0013-0001-0019-ABCDEFFEDCBB}

Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0013-0001-0020-ABCDEFFEDCBA}

Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0013-0001-0020-ABCDEFFEDCBB}

Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0013-0001-0021-ABCDEFFEDCBA}

Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0013-0001-0021-ABCDEFFEDCBB}

Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0000-0000-ABCDEFFEDCBA}

Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0000-0000-ABCDEFFEDCBB}

Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0000-0001-ABCDEFFEDCBA}

Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0000-0001-ABCDEFFEDCBB}

Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0000-0002-ABCDEFFEDCBA}

Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0000-0002-ABCDEFFEDCBB}

Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0000-0003-ABCDEFFEDCBA}

Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0000-0003-ABCDEFFEDCBB}

Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0000-0004-ABCDEFFEDCBA}

Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0000-0004-ABCDEFFEDCBB}

Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0001-0000-ABCDEFFEDCBA}

Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0001-0000-ABCDEFFEDCBB}

Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0001-0001-ABCDEFFEDCBA}

Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0001-0001-ABCDEFFEDCBB}

Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0001-0002-ABCDEFFEDCBA}

Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0001-0002-ABCDEFFEDCBB}

Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0001-0003-ABCDEFFEDCBA}

Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0001-0003-ABCDEFFEDCBB}

Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0001-0004-ABCDEFFEDCBA}

Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0001-0004-ABCDEFFEDCBB}

Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0001-0005-ABCDEFFEDCBA}

Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0001-0005-ABCDEFFEDCBB}

Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0001-0006-ABCDEFFEDCBA}

Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0001-0006-ABCDEFFEDCBB}

Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0001-0007-ABCDEFFEDCBA}

Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0001-0007-ABCDEFFEDCBB}

Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0002-0000-ABCDEFFEDCBA}

Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0002-0000-ABCDEFFEDCBB}

Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0002-0001-ABCDEFFEDCBA}

Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0002-0001-ABCDEFFEDCBB}

Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0002-0002-ABCDEFFEDCBA}

Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0002-0002-ABCDEFFEDCBB}

Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0002-0003-ABCDEFFEDCBA}

Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0002-0003-ABCDEFFEDCBB}

Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0002-0004-ABCDEFFEDCBA}

Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0002-0004-ABCDEFFEDCBB}

Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0002-0005-ABCDEFFEDCBA}

Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0002-0005-ABCDEFFEDCBB}

Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0002-0006-ABCDEFFEDCBA}

Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0002-0006-ABCDEFFEDCBB}

Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0002-0007-ABCDEFFEDCBA}

Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0002-0007-ABCDEFFEDCBB}

Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0002-0008-ABCDEFFEDCBA}

Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0002-0008-ABCDEFFEDCBB}

Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0002-0009-ABCDEFFEDCBA}

Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0002-0009-ABCDEFFEDCBB}

Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0002-0010-ABCDEFFEDCBA}

Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0002-0010-ABCDEFFEDCBB}

Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0002-0011-ABCDEFFEDCBA}

Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0002-0011-ABCDEFFEDCBB}

Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0002-0012-ABCDEFFEDCBA}

Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0002-0012-ABCDEFFEDCBB}

Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0002-0013-ABCDEFFEDCBA}

Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0002-0013-ABCDEFFEDCBB}

Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0002-0014-ABCDEFFEDCBA}

Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0002-0014-ABCDEFFEDCBB}

Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0002-0015-ABCDEFFEDCBA}

Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0002-0015-ABCDEFFEDCBB}

Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0002-0016-ABCDEFFEDCBA}

Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0002-0016-ABCDEFFEDCBB}

Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0002-0017-ABCDEFFEDCBA}

Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0002-0017-ABCDEFFEDCBB}

Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0002-0018-ABCDEFFEDCBA}

Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0002-0018-ABCDEFFEDCBB}

Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0002-0019-ABCDEFFEDCBA}

Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0002-0019-ABCDEFFEDCBB}

Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0000-ABCDEFFEDCBA}

Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0000-ABCDEFFEDCBB}

Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0001-ABCDEFFEDCBA}

Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0001-ABCDEFFEDCBB}

Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0002-ABCDEFFEDCBA}

Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0002-ABCDEFFEDCBB}

Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0003-ABCDEFFEDCBA}

Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0003-ABCDEFFEDCBB}

Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0004-ABCDEFFEDCBA}

Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0004-ABCDEFFEDCBB}

Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0005-ABCDEFFEDCBA}

Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0005-ABCDEFFEDCBB}

Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0006-ABCDEFFEDCBA}

Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0006-ABCDEFFEDCBB}

Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0007-ABCDEFFEDCBA}

Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0007-ABCDEFFEDCBB}

Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0008-ABCDEFFEDCBA}

Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0008-ABCDEFFEDCBB}

Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0009-ABCDEFFEDCBA}

Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0009-ABCDEFFEDCBB}

Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0010-ABCDEFFEDCBA}

Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0010-ABCDEFFEDCBB}

Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0011-ABCDEFFEDCBA}

Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0011-ABCDEFFEDCBB}

Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0012-ABCDEFFEDCBA}

Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0012-ABCDEFFEDCBB}

Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0013-ABCDEFFEDCBA}

Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0013-ABCDEFFEDCBB}

Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0014-ABCDEFFEDCBA}

Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0014-ABCDEFFEDCBB}

Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0015-ABCDEFFEDCBA}

Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0015-ABCDEFFEDCBB}

Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0016-ABCDEFFEDCBA}

Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0016-ABCDEFFEDCBB}

Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0017-ABCDEFFEDCBA}

Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0017-ABCDEFFEDCBB}

Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0018-ABCDEFFEDCBA}

Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0018-ABCDEFFEDCBB}

Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0019-ABCDEFFEDCBA}

Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0019-ABCDEFFEDCBB}

Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0020-ABCDEFFEDCBA}

Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0020-ABCDEFFEDCBB}

Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0021-ABCDEFFEDCBA}

Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0021-ABCDEFFEDCBB}

Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0022-ABCDEFFEDCBA}

Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0022-ABCDEFFEDCBB}

Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0000-ABCDEFFEDCBA}

Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0000-ABCDEFFEDCBB}

Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0000-ABCDEFFEDCBC}

Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0001-ABCDEFFEDCBA}

Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0001-ABCDEFFEDCBB}

Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0001-ABCDEFFEDCBC}

Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0002-ABCDEFFEDCBA}

Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0002-ABCDEFFEDCBB}

Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0002-ABCDEFFEDCBC}

Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0003-ABCDEFFEDCBA}

Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0003-ABCDEFFEDCBB}

Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0003-ABCDEFFEDCBC}

Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0004-ABCDEFFEDCBA}

Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0004-ABCDEFFEDCBB}

Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0004-ABCDEFFEDCBC}

Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0005-ABCDEFFEDCBA}

Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0005-ABCDEFFEDCBB}

Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0005-ABCDEFFEDCBC}

Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0006-ABCDEFFEDCBA}

Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0006-ABCDEFFEDCBB}

Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0006-ABCDEFFEDCBC}

Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0007-ABCDEFFEDCBA}

Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0007-ABCDEFFEDCBB}

Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0007-ABCDEFFEDCBC}

Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0008-ABCDEFFEDCBA}

Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0008-ABCDEFFEDCBB}

Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0008-ABCDEFFEDCBC}

Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0009-ABCDEFFEDCBA}

Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0009-ABCDEFFEDCBB}

Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0009-ABCDEFFEDCBC}

Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0010-ABCDEFFEDCBA}

Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0010-ABCDEFFEDCBB}

Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0010-ABCDEFFEDCBC}

Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0011-ABCDEFFEDCBA}

Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0011-ABCDEFFEDCBB}

Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0011-ABCDEFFEDCBC}

Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0012-ABCDEFFEDCBA}

Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0012-ABCDEFFEDCBB}

Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0012-ABCDEFFEDCBC}

Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0013-ABCDEFFEDCBA}

Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0013-ABCDEFFEDCBB}

Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0013-ABCDEFFEDCBC}

Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0014-ABCDEFFEDCBA}

Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0014-ABCDEFFEDCBB}

Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0014-ABCDEFFEDCBC}

Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0015-ABCDEFFEDCBA}

Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0015-ABCDEFFEDCBB}

Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0015-ABCDEFFEDCBC}

Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0016-ABCDEFFEDCBA}

Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0016-ABCDEFFEDCBB}

Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0016-ABCDEFFEDCBC}

Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0017-ABCDEFFEDCBA}

Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0017-ABCDEFFEDCBB}

Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0017-ABCDEFFEDCBC}

Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0018-ABCDEFFEDCBA}

Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0018-ABCDEFFEDCBB}

Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0018-ABCDEFFEDCBC}

Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0019-ABCDEFFEDCBA}

Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0019-ABCDEFFEDCBB}

Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0019-ABCDEFFEDCBC}

Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}

Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0020-ABCDEFFEDCBB}

Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0020-ABCDEFFEDCBC}

Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA}

Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0021-ABCDEFFEDCBB}

Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0021-ABCDEFFEDCBC}

Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}

Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0022-ABCDEFFEDCBB}

Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0022-ABCDEFFEDCBC}

Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA}

Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0023-ABCDEFFEDCBB}

Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0023-ABCDEFFEDCBC}

Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA}

Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0024-ABCDEFFEDCBB}

Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0024-ABCDEFFEDCBC}

Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0025-ABCDEFFEDCBA}

Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0025-ABCDEFFEDCBB}

Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0025-ABCDEFFEDCBC}

Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA}

Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0026-ABCDEFFEDCBB}

Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0026-ABCDEFFEDCBC}

Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0027-ABCDEFFEDCBA}

Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0027-ABCDEFFEDCBB}

Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0027-ABCDEFFEDCBC}

Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0028-ABCDEFFEDCBA}

Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0028-ABCDEFFEDCBB}

Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0028-ABCDEFFEDCBC}

Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0029-ABCDEFFEDCBA}

Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0029-ABCDEFFEDCBB}

Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0029-ABCDEFFEDCBC}

Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0030-ABCDEFFEDCBA}

Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0030-ABCDEFFEDCBB}

Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0030-ABCDEFFEDCBC}

Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0031-ABCDEFFEDCBA}

Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0031-ABCDEFFEDCBB}

Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0031-ABCDEFFEDCBC}

Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0032-ABCDEFFEDCBA}

Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0032-ABCDEFFEDCBB}

Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0032-ABCDEFFEDCBC}

Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0033-ABCDEFFEDCBA}

Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0033-ABCDEFFEDCBB}

Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0033-ABCDEFFEDCBC}

Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0034-ABCDEFFEDCBA}

Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0034-ABCDEFFEDCBB}

Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0034-ABCDEFFEDCBC}

Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0035-ABCDEFFEDCBA}

Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0035-ABCDEFFEDCBB}

Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0035-ABCDEFFEDCBC}

Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0036-ABCDEFFEDCBA}

Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0036-ABCDEFFEDCBB}

Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0036-ABCDEFFEDCBC}

Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0037-ABCDEFFEDCBA}

Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0037-ABCDEFFEDCBB}

Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0037-ABCDEFFEDCBC}

Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0038-ABCDEFFEDCBA}

Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0038-ABCDEFFEDCBB}

Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0038-ABCDEFFEDCBC}

Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0017-0000-0000-ABCDEFFEDCBA}

Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0017-0000-0000-ABCDEFFEDCBB}

Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0017-0000-0000-ABCDEFFEDCBC}

Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0017-0000-0001-ABCDEFFEDCBA}

Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0017-0000-0001-ABCDEFFEDCBB}

Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0017-0000-0001-ABCDEFFEDCBC}

Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0017-0000-0002-ABCDEFFEDCBA}

Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0017-0000-0002-ABCDEFFEDCBB}

Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0017-0000-0002-ABCDEFFEDCBC}

Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0017-0000-0003-ABCDEFFEDCBA}

Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0017-0000-0003-ABCDEFFEDCBB}

Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0017-0000-0003-ABCDEFFEDCBC}

Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0017-0000-0004-ABCDEFFEDCBA}

Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0017-0000-0004-ABCDEFFEDCBB}

Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0017-0000-0004-ABCDEFFEDCBC}

Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0017-0000-0005-ABCDEFFEDCBA}

Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0017-0000-0005-ABCDEFFEDCBB}

Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0017-0000-0005-ABCDEFFEDCBC}

Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0017-0000-0006-ABCDEFFEDCBA}

Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0017-0000-0006-ABCDEFFEDCBB}

Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0017-0000-0006-ABCDEFFEDCBC}

Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0017-0000-0007-ABCDEFFEDCBA}

Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0017-0000-0007-ABCDEFFEDCBB}

Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0017-0000-0007-ABCDEFFEDCBC}

Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0017-0000-0008-ABCDEFFEDCBA}

Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0017-0000-0008-ABCDEFFEDCBB}

Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0017-0000-0008-ABCDEFFEDCBC}

Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0017-0000-0009-ABCDEFFEDCBA}

Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0017-0000-0009-ABCDEFFEDCBB}

Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0017-0000-0009-ABCDEFFEDCBC}

Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0017-0000-0010-ABCDEFFEDCBA}

Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0017-0000-0010-ABCDEFFEDCBB}

Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0017-0000-0010-ABCDEFFEDCBC}

Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0017-0000-0011-ABCDEFFEDCBA}

Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0017-0000-0011-ABCDEFFEDCBB}

Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0017-0000-0011-ABCDEFFEDCBC}

Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0017-0000-0012-ABCDEFFEDCBA}

Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0017-0000-0012-ABCDEFFEDCBB}

Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0017-0000-0012-ABCDEFFEDCBC}

Found and removed: SOFTWARE\JavaSoft\Java Web Start\1.0.1

Found and removed: SOFTWARE\JavaSoft\Java Web Start\1.0.1_02

Found and removed: SOFTWARE\JavaSoft\Java Web Start\1.0.1_03

Found and removed: SOFTWARE\JavaSoft\Java Web Start\1.0.1_04

Found and removed: SOFTWARE\JavaSoft\Java Web Start\1.2

Found and removed: SOFTWARE\JavaSoft\Java Web Start\1.2.0_01

Found and removed: SOFTWARE\Classes\CLSID\{08B0E5C0-4FCB-11CF-AAA5-00401C608501}

Found and removed: SOFTWARE\Classes\CLSID\{5852F5ED-8BF4-11D4-A245-0080C6F74284}

Found and removed: SOFTWARE\Classes\CLSID\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}

Found and removed: SOFTWARE\Classes\CLSID\{8AD9C840-044E-11D1-B3E9-00805F499D93}

Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-DEC7-0000-0001-ABCDEFFEDCBA}

Found and removed: SOFTWARE\Classes\CLSID\{DBC80044-A445-435b-BC74-9C25C1C588A9}

Found and removed: SOFTWARE\Classes\Installer\Features\F60730A4A66673047777F5728467D401

Found and removed: SOFTWARE\Classes\Installer\Products\F60730A4A66673047777F5728467D401

Found and removed: SOFTWARE\Classes\Installer\UpgradeCodes\A5CCAAC40F5B69B47777ACF82566467C

Found and removed: SOFTWARE\Classes\Interface\{5852F5EC-8BF4-11D4-A245-0080C6F74284}

Found and removed: SOFTWARE\Classes\MIME\Database\Content Type\application/java-deployment-toolkit

Found and removed: SOFTWARE\Classes\MIME\Database\Content Type\application/x-java-applet

Found and removed: SOFTWARE\Classes\MIME\Database\Content Type\application/x-java-jnlp-file

Found and removed: SOFTWARE\Classes\TypeLib\{5852F5E0-8BF4-11D4-A245-0080C6F74284}

Found and removed: SOFTWARE\Classes\.jar

Found and removed: SOFTWARE\Classes\.jnlp

Found and removed: SOFTWARE\Classes\jarfile

Found and removed: SOFTWARE\Classes\JavaWebStart.isInstalled

Found and removed: SOFTWARE\Classes\JavaWebStart.isInstalled.1.7.0.0

Found and removed: SOFTWARE\Classes\JNLPFile

Found and removed: SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects

Found and removed: SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{4A03706F-666A-4037-7777-5F2748764D10}

Found and removed: SOFTWARE\JavaSoft

Found and removed: SOFTWARE\JreMetrics

Found and removed: SOFTWARE\MozillaPlugins

------------------------------------

Finished reporting.



JavaRa 1.16 Removal Log.

Report follows after line.

------------------------------------

The JavaRa removal process was started on Sun Aug 24 18:25:49 2014

There was an error removing C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-ABCDEFFDCBA}. The error returned was 124.

There was an error removing C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0001-ABCDEFFDCBA}. The error returned was 124.

There was an error removing C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0002-ABCDEFFDCBA}. The error returned was 124.

There was an error removing C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0003-ABCDEFFDCBA}. The error returned was 124.

There was an error removing C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0004-ABCDEFFDCBA}. The error returned was 124.

There was an error removing C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0005-ABCDEFFDCBA}. The error returned was 124.

There was an error removing C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0006-ABCDEFFDCBA}. The error returned was 124.

There was an error removing C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0007-ABCDEFFDCBA}. The error returned was 124.

There was an error removing C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0008-ABCDEFFDCBA}. The error returned was 124.

There was an error removing C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0009-ABCDEFFDCBA}. The error returned was 124.

There was an error removing C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0010-ABCDEFFDCBA}. The error returned was 124.

There was an error removing C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0011-ABCDEFFDCBA}. The error returned was 124.

There was an error removing C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0012-ABCDEFFDCBA}. The error returned was 124.

There was an error removing C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0013-ABCDEFFDCBA}. The error returned was 124.

There was an error removing C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0014-ABCDEFFDCBA}. The error returned was 124.

There was an error removing C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0015-ABCDEFFDCBA}. The error returned was 124.

There was an error removing C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0016-ABCDEFFDCBA}. The error returned was 124.

There was an error removing C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0017-ABCDEFFDCBA}. The error returned was 124.

There was an error removing C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0018-ABCDEFFDCBA}. The error returned was 124.

There was an error removing C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0019-ABCDEFFDCBA}. The error returned was 124.

There was an error removing C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0020-ABCDEFFDCBA}. The error returned was 124.

There was an error removing C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0021-ABCDEFFDCBA}. The error returned was 124.

There was an error removing C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0022-ABCDEFFDCBA}. The error returned was 124.

Found and removed: CLSID\{CAFEEFAC-0014-0002-0020-ABCDEFFEDCBA}

Found and removed: CLSID\{CAFEEFAC-0014-0002-0020-ABCDEFFEDCBB}

Found and removed: CLSID\{CAFEEFAC-0014-0002-0021-ABCDEFFEDCBA}

Found and removed: CLSID\{CAFEEFAC-0014-0002-0021-ABCDEFFEDCBB}

Found and removed: CLSID\{CAFEEFAC-0014-0002-0022-ABCDEFFEDCBA}

Found and removed: CLSID\{CAFEEFAC-0014-0002-0022-ABCDEFFEDCBB}

Found and removed: CLSID\{CAFEEFAC-0014-0002-0023-ABCDEFFEDCBA}

Found and removed: CLSID\{CAFEEFAC-0014-0002-0023-ABCDEFFEDCBB}

Found and removed: CLSID\{CAFEEFAC-0014-0002-0024-ABCDEFFEDCBA}

Found and removed: CLSID\{CAFEEFAC-0014-0002-0024-ABCDEFFEDCBB}

Found and removed: CLSID\{CAFEEFAC-0014-0002-0025-ABCDEFFEDCBA}

Found and removed: CLSID\{CAFEEFAC-0014-0002-0025-ABCDEFFEDCBB}

Found and removed: CLSID\{CAFEEFAC-0014-0002-0026-ABCDEFFEDCBA}

Found and removed: CLSID\{CAFEEFAC-0014-0002-0026-ABCDEFFEDCBB}

Found and removed: CLSID\{CAFEEFAC-0014-0002-0027-ABCDEFFEDCBA}

Found and removed: CLSID\{CAFEEFAC-0014-0002-0027-ABCDEFFEDCBB}

Found and removed: CLSID\{CAFEEFAC-0014-0002-0028-ABCDEFFEDCBA}

Found and removed: CLSID\{CAFEEFAC-0014-0002-0028-ABCDEFFEDCBB}

Found and removed: CLSID\{CAFEEFAC-0014-0002-0029-ABCDEFFEDCBA}

Found and removed: CLSID\{CAFEEFAC-0014-0002-0029-ABCDEFFEDCBB}

Found and removed: CLSID\{CAFEEFAC-0014-0002-0030-ABCDEFFEDCBA}

Found and removed: CLSID\{CAFEEFAC-0014-0002-0030-ABCDEFFEDCBB}

Found and removed: CLSID\{CAFEEFAC-0014-0002-0031-ABCDEFFEDCBA}

Found and removed: CLSID\{CAFEEFAC-0014-0002-0031-ABCDEFFEDCBB}

Found and removed: CLSID\{CAFEEFAC-0014-0002-0032-ABCDEFFEDCBA}

Found and removed: CLSID\{CAFEEFAC-0014-0002-0032-ABCDEFFEDCBB}

Found and removed: CLSID\{CAFEEFAC-0014-0002-0033-ABCDEFFEDCBA}

Found and removed: CLSID\{CAFEEFAC-0014-0002-0033-ABCDEFFEDCBB}

Found and removed: CLSID\{CAFEEFAC-0014-0002-0034-ABCDEFFEDCBA}

Found and removed: CLSID\{CAFEEFAC-0014-0002-0034-ABCDEFFEDCBB}

Found and removed: CLSID\{CAFEEFAC-0014-0002-0035-ABCDEFFEDCBA}

Found and removed: CLSID\{CAFEEFAC-0014-0002-0035-ABCDEFFEDCBB}

Found and removed: CLSID\{CAFEEFAC-0014-0002-0036-ABCDEFFEDCBA}

Found and removed: CLSID\{CAFEEFAC-0014-0002-0036-ABCDEFFEDCBB}

Found and removed: CLSID\{CAFEEFAC-0014-0002-0037-ABCDEFFEDCBA}

Found and removed: CLSID\{CAFEEFAC-0014-0002-0037-ABCDEFFEDCBB}

Found and removed: CLSID\{CAFEEFAC-0014-0002-0038-ABCDEFFEDCBA}

Found and removed: CLSID\{CAFEEFAC-0014-0002-0038-ABCDEFFEDCBB}

Found and removed: CLSID\{CAFEEFAC-0014-0002-FFFF-ABCDEFFEDCBA}

Found and removed: CLSID\{CAFEEFAC-0015-0000-0000-ABCDEFFEDCBC}

Found and removed: CLSID\{CAFEEFAC-0015-0000-0001-ABCDEFFEDCBC}

Found and removed: CLSID\{CAFEEFAC-0015-0000-0002-ABCDEFFEDCBC}

Found and removed: CLSID\{CAFEEFAC-0015-0000-0003-ABCDEFFEDCBC}

Found and removed: CLSID\{CAFEEFAC-0015-0000-0004-ABCDEFFEDCBC}

Found and removed: CLSID\{CAFEEFAC-0015-0000-0005-ABCDEFFEDCBC}

Found and removed: CLSID\{CAFEEFAC-0015-0000-0006-ABCDEFFEDCBC}

Found and removed: CLSID\{CAFEEFAC-0015-0000-0007-ABCDEFFEDCBC}

Found and removed: CLSID\{CAFEEFAC-0015-0000-0008-ABCDEFFEDCBC}

Found and removed: CLSID\{CAFEEFAC-0015-0000-0009-ABCDEFFEDCBC}

Found and removed: CLSID\{CAFEEFAC-0015-0000-0010-ABCDEFFEDCBC}

Found and removed: CLSID\{CAFEEFAC-0015-0000-0011-ABCDEFFEDCBC}

Found and removed: CLSID\{CAFEEFAC-0015-0000-0012-ABCDEFFEDCBC}

Found and removed: CLSID\{CAFEEFAC-0015-0000-0013-ABCDEFFEDCBC}

Found and removed: CLSID\{CAFEEFAC-0015-0000-0014-ABCDEFFEDCBC}

Found and removed: CLSID\{CAFEEFAC-0015-0000-0015-ABCDEFFEDCBC}

Found and removed: CLSID\{CAFEEFAC-0015-0000-0016-ABCDEFFEDCBC}

Found and removed: CLSID\{CAFEEFAC-0015-0000-0017-ABCDEFFEDCBC}

Found and removed: CLSID\{CAFEEFAC-0015-0000-0018-ABCDEFFEDCBC}

Found and removed: CLSID\{CAFEEFAC-0015-0000-0019-ABCDEFFEDCBC}

Found and removed: CLSID\{CAFEEFAC-0015-0000-0020-ABCDEFFEDCBC}

Found and removed: CLSID\{CAFEEFAC-0015-0000-0021-ABCDEFFEDCBC}

Found and removed: CLSID\{CAFEEFAC-0015-0000-0022-ABCDEFFEDCBC}

Found and removed: CLSID\{CAFEEFAC-0015-0000-0023-ABCDEFFEDCBA}

Found and removed: CLSID\{CAFEEFAC-0015-0000-0023-ABCDEFFEDCBB}

Found and removed: CLSID\{CAFEEFAC-0015-0000-0023-ABCDEFFEDCBC}

Found and removed: CLSID\{CAFEEFAC-0015-0000-0024-ABCDEFFEDCBA}

Found and removed: CLSID\{CAFEEFAC-0015-0000-0024-ABCDEFFEDCBB}

Found and removed: CLSID\{CAFEEFAC-0015-0000-0024-ABCDEFFEDCBC}

Found and removed: CLSID\{CAFEEFAC-0015-0000-0025-ABCDEFFEDCBA}

Found and removed: CLSID\{CAFEEFAC-0015-0000-0025-ABCDEFFEDCBB}

Found and removed: CLSID\{CAFEEFAC-0015-0000-0025-ABCDEFFEDCBC}

Found and removed: CLSID\{CAFEEFAC-0015-0000-0026-ABCDEFFEDCBA}

Found and removed: CLSID\{CAFEEFAC-0015-0000-0026-ABCDEFFEDCBB}

Found and removed: CLSID\{CAFEEFAC-0015-0000-0026-ABCDEFFEDCBC}

Found and removed: CLSID\{CAFEEFAC-0015-0000-0027-ABCDEFFEDCBA}

Found and removed: CLSID\{CAFEEFAC-0015-0000-0027-ABCDEFFEDCBB}

Found and removed: CLSID\{CAFEEFAC-0015-0000-0027-ABCDEFFEDCBC}

Found and removed: CLSID\{CAFEEFAC-0015-0000-0028-ABCDEFFEDCBA}

Found and removed: CLSID\{CAFEEFAC-0015-0000-0028-ABCDEFFEDCBB}

Found and removed: CLSID\{CAFEEFAC-0015-0000-0028-ABCDEFFEDCBC}

Found and removed: CLSID\{CAFEEFAC-0015-0000-0029-ABCDEFFEDCBA}

Found and removed: CLSID\{CAFEEFAC-0015-0000-0029-ABCDEFFEDCBB}

Found and removed: CLSID\{CAFEEFAC-0015-0000-0029-ABCDEFFEDCBC}

Found and removed: CLSID\{CAFEEFAC-0015-0000-0030-ABCDEFFEDCBA}

Found and removed: CLSID\{CAFEEFAC-0015-0000-0030-ABCDEFFEDCBB}

Found and removed: CLSID\{CAFEEFAC-0015-0000-0030-ABCDEFFEDCBC}

Found and removed: CLSID\{CAFEEFAC-0015-0000-0031-ABCDEFFEDCBA}

Found and removed: CLSID\{CAFEEFAC-0015-0000-0031-ABCDEFFEDCBB}

Found and removed: CLSID\{CAFEEFAC-0015-0000-0031-ABCDEFFEDCBC}

Found and removed: CLSID\{CAFEEFAC-0015-0000-0032-ABCDEFFEDCBA}

Found and removed: CLSID\{CAFEEFAC-0015-0000-0032-ABCDEFFEDCBB}

Found and removed: CLSID\{CAFEEFAC-0015-0000-0032-ABCDEFFEDCBC}

Found and removed: CLSID\{CAFEEFAC-0015-0000-0033-ABCDEFFEDCBA}

Found and removed: CLSID\{CAFEEFAC-0015-0000-0033-ABCDEFFEDCBB}

Found and removed: CLSID\{CAFEEFAC-0015-0000-0033-ABCDEFFEDCBC}

Found and removed: CLSID\{CAFEEFAC-0015-0000-0034-ABCDEFFEDCBA}

Found and removed: CLSID\{CAFEEFAC-0015-0000-0034-ABCDEFFEDCBB}

Found and removed: CLSID\{CAFEEFAC-0015-0000-0034-ABCDEFFEDCBC}

Found and removed: CLSID\{CAFEEFAC-0015-0000-0035-ABCDEFFEDCBA}

Found and removed: CLSID\{CAFEEFAC-0015-0000-0035-ABCDEFFEDCBB}

Found and removed: CLSID\{CAFEEFAC-0015-0000-0035-ABCDEFFEDCBC}

Found and removed: CLSID\{CAFEEFAC-0015-0000-0036-ABCDEFFEDCBA}

Found and removed: CLSID\{CAFEEFAC-0015-0000-0036-ABCDEFFEDCBB}

Found and removed: CLSID\{CAFEEFAC-0015-0000-0036-ABCDEFFEDCBC}

Found and removed: CLSID\{CAFEEFAC-0015-0000-FFFF-ABCDEFFEDCBA}

Found and removed: CLSID\{CAFEEFAC-0016-0000-FFFF-ABCDEFFEDCBA}

------------------------------------

Finished reporting.


 

Link to post
Share on other sites

Fix result of Farbar Recovery Tool (FRST written by Farbar) (x64) Version: 24-08-2014 03
Ran by User at 2014-08-24 18:43:58 Run:1
Running from C:\Users\User\Desktop
Boot Mode: Normal
==============================================

Content of fixlist:
*****************
HKU\S-1-5-21-249128142-3472015813-3436885645-1001\...\Run: [AVG-Secure-Search-Update_0913a] => C:\Users\User\AppData\Roaming\AVG 0913a Campaign\AVG-Secure-Search-Update-0913a.exe /PROMPT --mid 8fd5fda688667889090e21313aa178e9-9a17500a96d428a5cdb8b2643968b9a928fc107f --CMPID 0913a
HKU\S-1-5-21-249128142-3472015813-3436885645-1001\...\Run: [Google Update] => C:\Users\User\AppData\Local\Google\Update\GoogleUpdate.exe [136176 2012-01-15] (Google Inc.)
HKU\S-1-5-21-249128142-3472015813-3436885645-1001\...\MountPoints2: {2081bf50-c04c-11e3-bdf5-90fba624d4c7} - F:\LaunchU3.exe
HKU\S-1-5-21-249128142-3472015813-3436885645-1001\...\MountPoints2: {3db28ca7-4b98-11df-bd5d-806e6f6e6963} - M:\setup_assist.exe
HKU\S-1-5-21-249128142-3472015813-3436885645-1001\...\MountPoints2: {eb794382-1d52-11e3-b9bf-90fba624d4c7} - F:\HTC_Sync_Manager_PC.exe
HKU\S-1-5-21-249128142-3472015813-3436885645-1001\...\MountPoints2: {f1336abd-3fb3-11e1-81df-90fba624d4c7} - G:\LaunchU3.exe -a
HKU\S-1-5-21-249128142-3472015813-3436885645-1003\...\MountPoints2: {f1336abd-3fb3-11e1-81df-90fba624d4c7} - G:\LaunchU3.exe -a
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = http://search.condui...&ctid=CT2383985
SearchScopes: HKCU - DefaultScope {DECA3892-BA8F-44b8-A993-A466AD694AE4} URL = http://search.yahoo....erms}&fr=mkg028
SearchScopes: HKCU - {44816E91-C68A-2FF3-3D8F-8970062E5600} URL = http://websearch.ask...4A-A61950F6EAB1
SearchScopes: HKCU - {95B7759C-8C7F-4BF1-B163-73684A933233} URL = http://search.condui...&ctid=CT2383985
SearchScopes: HKCU - {DECA3892-BA8F-44b8-A993-A466AD694AE4} URL = http://search.yahoo....erms}&fr=mkg028
BHO: AVG Safe Search -> {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} ->  No File
BHO: Java™ Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO: Java™ Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
BHO-x32: AVG Safe Search -> {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} ->  No File
BHO-x32: Java™ Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre7\bin\ssv.dll No File
BHO-x32: Java™ Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll No File
Toolbar: HKCU - No Name - {E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39} -  No File
Toolbar: HKCU - No Name - {80F6F9BF-9FD1-4F41-9DDF-6DD070F4F62F} -  No File
DPF: HKLM-x32 {233C1507-6A77-46A4-9443-F871F945D258} http://download.macr...director/sw.cab
DPF: HKLM-x32 {924B4927-D3BA-41EA-9F7E-8A89194AB3AC} http://panda-plugin..../p3dactivex.cab
DPF: HKLM-x32 {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload2.m...ash/swflash.cab
DPF: HKLM-x32 {E2883E8F-472F-4FB0-9522-AC9BF37916A7} http://platformdl.ad...Plus/1.6/gp.cab
FF Plugin: @java.com/DTPlugin,version=10.65.2 -> C:\Program Files\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=10.65.2 -> C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @java.com/DTPlugin,version=10.25.2 -> C:\Windows\SysWOW64\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.25.2 -> C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll No File
FF Plugin HKCU: pandonetworks.com/PandoWebPlugin -> C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks)
C:\ProgramData\hash.dat
C:\Users\User\install_flashplayer10x32_mssa_aih.exe
C:\Users\User\install_flashplayer11x32au_mssa_aaa_aih.exe
C:\Users\User\install_flashplayer11x32au_mssa_aih.exe
Task: {139804C5-617D-451E-B388-DBA362499462} - System32\Tasks\Java Update Scheduler => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [2013-03-12] (Oracle Corporation)
Task: {463B0C88-2054-4BE7-85FE-FFF48A467FE7} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2012-09-05] (Google Inc.)
Task: {84ED6FD1-70D2-417D-8470-5D40B2C2C17E} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2012-09-05] (Google Inc.)
Task: {906EDC3E-1A29-4A63-B4E4-EACC3719AA26} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-249128142-3472015813-3436885645-1001Core => C:\Users\User\AppData\Local\Google\Update\GoogleUpdate.exe [2012-01-15] (Google Inc.)
Task: {B288FC96-863E-492D-86FA-21D557AFF6CD} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-249128142-3472015813-3436885645-1001UA => C:\Users\User\AppData\Local\Google\Update\GoogleUpdate.exe [2012-01-15] (Google Inc.)
Task: {D1AEADD3-9BC2-4E1F-8948-074EDE11B396} - System32\Tasks\Google Updater and Installer => C:\Users\User\AppData\Local\Google\Update\GoogleUpdate.exe [2012-01-15] (Google Inc.)
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-249128142-3472015813-3436885645-1001Core.job => C:\Users\User\AppData\Local\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-249128142-3472015813-3436885645-1001UA.job => C:\Users\User\AppData\Local\Google\Update\GoogleUpdate.exe


*****************

HKU\S-1-5-21-249128142-3472015813-3436885645-1001\Software\Microsoft\Windows\CurrentVersion\Run\\AVG-Secure-Search-Update_0913a => value deleted successfully.
HKU\S-1-5-21-249128142-3472015813-3436885645-1001\Software\Microsoft\Windows\CurrentVersion\Run\\Google Update => value deleted successfully.
"HKU\S-1-5-21-249128142-3472015813-3436885645-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{2081bf50-c04c-11e3-bdf5-90fba624d4c7}" => Key deleted successfully.
"HKCR\CLSID\{2081bf50-c04c-11e3-bdf5-90fba624d4c7}" => Key not found.
"HKU\S-1-5-21-249128142-3472015813-3436885645-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{3db28ca7-4b98-11df-bd5d-806e6f6e6963}" => Key deleted successfully.
"HKCR\CLSID\{3db28ca7-4b98-11df-bd5d-806e6f6e6963}" => Key not found.
"HKU\S-1-5-21-249128142-3472015813-3436885645-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{eb794382-1d52-11e3-b9bf-90fba624d4c7}" => Key deleted successfully.
"HKCR\CLSID\{eb794382-1d52-11e3-b9bf-90fba624d4c7}" => Key not found.
"HKU\S-1-5-21-249128142-3472015813-3436885645-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{f1336abd-3fb3-11e1-81df-90fba624d4c7}" => Key deleted successfully.
"HKCR\CLSID\{f1336abd-3fb3-11e1-81df-90fba624d4c7}" => Key not found.
"HKU\S-1-5-21-249128142-3472015813-3436885645-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{f1336abd-3fb3-11e1-81df-90fba624d4c7}" => Key deleted successfully.
"HKCR\CLSID\{f1336abd-3fb3-11e1-81df-90fba624d4c7}" => Key not found.
HKCU\Software\Microsoft\Internet Explorer\Main\\Start Page Redirect Cache => value deleted successfully.
HKCU\Software\Microsoft\Internet Explorer\Main\\Start Page Restore => value deleted successfully.
HKCU\Software\Microsoft\Internet Explorer\URLSearchHooks\\{80f6f9bf-9fd1-4f41-9ddf-6dd070f4f62f} => value deleted successfully.
"HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\SearchScopes\{afdbddaa-5d3f-42ee-b79c-185a7020515b}" => Key deleted successfully.
"HKCR\Wow6432Node\CLSID\{afdbddaa-5d3f-42ee-b79c-185a7020515b}" => Key not found.
HKCU\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => value deleted successfully.
"HKCU\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{44816E91-C68A-2FF3-3D8F-8970062E5600}" => Key deleted successfully.
"HKCR\CLSID\{44816E91-C68A-2FF3-3D8F-8970062E5600}" => Key not found.
"HKCU\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{80E207A6-563E-4BEB-B311-9895E58C47B6}" => Key deleted successfully.
"HKCR\CLSID\{80E207A6-563E-4BEB-B311-9895E58C47B6}" => Key not found.
"HKCU\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{95B7759C-8C7F-4BF1-B163-73684A933233}" => Key deleted successfully.
"HKCR\CLSID\{95B7759C-8C7F-4BF1-B163-73684A933233}" => Key not found.
"HKCU\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{afdbddaa-5d3f-42ee-b79c-185a7020515b}" => Key deleted successfully.
"HKCR\CLSID\{afdbddaa-5d3f-42ee-b79c-185a7020515b}" => Key not found.
"HKCU\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{DECA3892-BA8F-44b8-A993-A466AD694AE4}" => Key deleted successfully.
"HKCR\CLSID\{DECA3892-BA8F-44b8-A993-A466AD694AE4}" => Key not found.
"HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{3CA2F312-6F6E-4B53-A66E-4E65E497C8C0}" => Key deleted successfully.
"HKCR\CLSID\{3CA2F312-6F6E-4B53-A66E-4E65E497C8C0}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}" => Key not found.
"HKCR\CLSID\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}" => Key not found.
"HKCR\CLSID\{DBC80044-A445-435b-BC74-9C25C1C588A9}" => Key deleted successfully.
"HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{3CA2F312-6F6E-4B53-A66E-4E65E497C8C0}" => Key not found.
"HKCR\Wow6432Node\CLSID\{3CA2F312-6F6E-4B53-A66E-4E65E497C8C0}" => Key deleted successfully.
"HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}" => Key not found.
"HKCR\Wow6432Node\CLSID\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}" => Key not found.
"HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}" => Key not found.
"HKCR\Wow6432Node\CLSID\{DBC80044-A445-435b-BC74-9C25C1C588A9}" => Key not found.
HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39} => value deleted successfully.
"HKCR\CLSID\{E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39}" => Key not found.
HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{80F6F9BF-9FD1-4F41-9DDF-6DD070F4F62F} => value deleted successfully.
"HKCR\CLSID\{80F6F9BF-9FD1-4F41-9DDF-6DD070F4F62F}" => Key not found.
"HKLM\SOFTWARE\Wow6432Node\Microsoft\Code Store Database\Distribution Units\{233C1507-6A77-46A4-9443-F871F945D258}" => Key deleted successfully.
"HKCR\Wow6432Node\CLSID\{233C1507-6A77-46A4-9443-F871F945D258}" => Key deleted successfully.
"HKLM\SOFTWARE\Wow6432Node\Microsoft\Code Store Database\Distribution Units\{924B4927-D3BA-41EA-9F7E-8A89194AB3AC}" => Key deleted successfully.
"HKCR\Wow6432Node\CLSID\{924B4927-D3BA-41EA-9F7E-8A89194AB3AC}" => Key deleted successfully.
"HKLM\SOFTWARE\Wow6432Node\Microsoft\Code Store Database\Distribution Units\{D27CDB6E-AE6D-11CF-96B8-444553540000}" => Key deleted successfully.
"HKCR\Wow6432Node\CLSID\{D27CDB6E-AE6D-11CF-96B8-444553540000}" => Key Deleted successfully.
"HKLM\SOFTWARE\Wow6432Node\Microsoft\Code Store Database\Distribution Units\{E2883E8F-472F-4FB0-9522-AC9BF37916A7}" => Key deleted successfully.
"HKCR\Wow6432Node\CLSID\{E2883E8F-472F-4FB0-9522-AC9BF37916A7}" => Key not found.
"HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.65.2" => Key not found.
"C:\Program Files\Java\jre7\bin\dtplugin\npDeployJava1.dll" => not found.
"HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.65.2" => Key not found.
"C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll" => not found.
"HKLM\Software\Wow6432Node\MozillaPlugins\@java.com/DTPlugin,version=10.25.2" => Key not found.
C:\Windows\SysWOW64\npDeployJava1.dll => Moved successfully.
"HKLM\Software\Wow6432Node\MozillaPlugins\@java.com/JavaPlugin,version=10.25.2" => Key not found.
"HKCU\Software\MozillaPlugins\pandonetworks.com/PandoWebPlugin" => Key deleted successfully.
C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll => Moved successfully.
C:\ProgramData\hash.dat => Moved successfully.
C:\Users\User\install_flashplayer10x32_mssa_aih.exe => Moved successfully.
C:\Users\User\install_flashplayer11x32au_mssa_aaa_aih.exe => Moved successfully.
C:\Users\User\install_flashplayer11x32au_mssa_aih.exe => Moved successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{139804C5-617D-451E-B388-DBA362499462}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{139804C5-617D-451E-B388-DBA362499462}" => Key deleted successfully.
C:\Windows\System32\Tasks\Java Update Scheduler => Moved successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Java Update Scheduler" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{463B0C88-2054-4BE7-85FE-FFF48A467FE7}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{463B0C88-2054-4BE7-85FE-FFF48A467FE7}" => Key deleted successfully.
C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore => Moved successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\GoogleUpdateTaskMachineCore" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{84ED6FD1-70D2-417D-8470-5D40B2C2C17E}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{84ED6FD1-70D2-417D-8470-5D40B2C2C17E}" => Key deleted successfully.
C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA => Moved successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\GoogleUpdateTaskMachineUA" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{906EDC3E-1A29-4A63-B4E4-EACC3719AA26}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{906EDC3E-1A29-4A63-B4E4-EACC3719AA26}" => Key deleted successfully.
C:\Windows\System32\Tasks\GoogleUpdateTaskUserS-1-5-21-249128142-3472015813-3436885645-1001Core => Moved successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\GoogleUpdateTaskUserS-1-5-21-249128142-3472015813-3436885645-1001Core" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{B288FC96-863E-492D-86FA-21D557AFF6CD}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{B288FC96-863E-492D-86FA-21D557AFF6CD}" => Key deleted successfully.
C:\Windows\System32\Tasks\GoogleUpdateTaskUserS-1-5-21-249128142-3472015813-3436885645-1001UA => Moved successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\GoogleUpdateTaskUserS-1-5-21-249128142-3472015813-3436885645-1001UA" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{D1AEADD3-9BC2-4E1F-8948-074EDE11B396}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{D1AEADD3-9BC2-4E1F-8948-074EDE11B396}" => Key deleted successfully.
C:\Windows\System32\Tasks\Google Updater and Installer => Moved successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Google Updater and Installer" => Key deleted successfully.
C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => Moved successfully.
C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => Moved successfully.
C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-249128142-3472015813-3436885645-1001Core.job => Moved successfully.
C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-249128142-3472015813-3436885645-1001UA.job => Moved successfully.

==== End of Fixlog ====

Link to post
Share on other sites

  • Root Admin

Please visit this webpage and read the ComboFix User's Guide:

  • Once you've read the article and are ready to use the program you can download it directly from the link below.
  • Important! - Please make sure you save combofix to your desktop and do not run it from your browser
  • Direct download link for: ComboFix.exe
  • Please make sure you disable your security applications before running ComboFix.
  • Once Combofix has completed it will produce and open a log file.  Please be patient as it can take some time to load.
  • Please attach that log file to your next reply.
  • If needed the file can be located here:  C:\combofix.txt
  • NOTE: If you receive the message "illegal operation has been attempted on a registry key that has been marked for deletion", just reboot the computer.


 

Link to post
Share on other sites

  • Root Admin

Please just restart the computer for now. You can reinstall any software needed once we're done here.
 
Please delete this entry which is probably controlled by AutoRUNS by Microsoft.
 
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\run-]
"SunJavaUpdateSched"="c:\program files (x86)\Common Files\Java\Java Update\jusched.exe"
 
 
Next:
Please download Security Check by screen317 from HERE or HERE.

  • Save it to your Desktop.
  • Double click SecurityCheck.exe and follow the onscreen instructions inside of the black box.
  • If you get Unsupported operating system. Aborting now, just reboot and try again.
  • A Notepad document should open automatically called checkup.txt.
  • Please Post the contents of that document.
  • Do Not Attach It!!!
Link to post
Share on other sites

When I reboot my machine, as it was going to the login screen, it said something about updating things. Is this normal for what I had previously done?

 

 Results of screen317's Security Check version 0.99.87  
 Windows 7 Service Pack 1 x64 (UAC is enabled)  
 Internet Explorer 11  
``````````````Antivirus/Firewall Check:``````````````
 Windows Firewall Enabled!  
AVG AntiVirus Free Edition 2013   
 Antivirus up to date!   
`````````Anti-malware/Other Utilities Check:`````````
 Adobe Flash Player 14.0.0.179  
 Adobe Reader 10.1.2 Adobe Reader out of Date!  
 Mozilla Firefox (31.0)
 Google Chrome 36.0.1985.125  
 Google Chrome 36.0.1985.143  
````````Process Check: objlist.exe by Laurent````````  
 AVG avgwdsvc.exe
`````````````````System Health check`````````````````
 Total Fragmentation on Drive C: 0%
````````````````````End of Log``````````````````````
 

Link to post
Share on other sites

It's running good. It's not slow, but it will lag, especially with a browser and another program open.

 

Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 24-08-2014 03
Ran by User (administrator) on USER-PC on 26-08-2014 16:05:55
Running from C:\Users\User\Desktop
Platform: Windows 7 Professional Service Pack 1 (X64) OS Language: English (United States)
Internet Explorer Version 11
Boot Mode: Normal

The only official download link for FRST:
Download link for 32-Bit version: http://www.bleepingcomputer.com/download/farbar-recovery-scan-tool/dl/81/
Download link for 64-Bit Version: http://www.bleepingcomputer.com/download/farbar-recovery-scan-tool/dl/82/
Download link from any site other than Bleeping Computer is unpermitted or outdated.
See tutorial for FRST: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2013\avgrsa.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2013\avgcsrva.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
(Acronis) C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedul2.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2013\avgidsagent.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2013\avgwdsvc.exe
(SEIKO EPSON CORPORATION) C:\ProgramData\EPSON\EPW!3 SSRP\E_S40RPB.EXE
(Ralink Technology, Corp.) C:\Program Files (x86)\Tenda\Common\RaRegistry.exe
(Ralink Technology, Corp.) C:\Program Files (x86)\Tenda\Common\RaRegistry64.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2013\avgnsa.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2013\avgemca.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
(AWS Convergence Technologies, Inc.) C:\Program Files (x86)\AWS\WeatherBug\Weather.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2013\avgui.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
(VMware, Inc.) C:\Windows\SysWOW64\vmnat.exe
(VMware, Inc.) C:\Windows\SysWOW64\vmnetdhcp.exe
() C:\Program Files (x86)\VMware\VMware Workstation\vmware-hostd.exe


==================== Registry (Whitelisted) ==================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [NvBackend] => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [1797064 2014-03-20] (NVIDIA Corporation)
HKLM-x32\...\Run: [AVG_UI] => C:\Program Files (x86)\AVG\AVG2013\avgui.exe [4411952 2014-01-21] (AVG Technologies CZ, s.r.o.)
HKLM-x32\...\Run: [vmware-tray.exe] => C:\Program Files (x86)\VMware\VMware Workstation\vmware-tray.exe [112856 2014-06-12] (VMware, Inc.)
HKU\S-1-5-21-249128142-3472015813-3436885645-1001\...\Run: [Weather] => C:\Program Files (x86)\AWS\WeatherBug\Weather.exe [1653248 2009-12-29] (AWS Convergence Technologies, Inc.)
HKU\S-1-5-21-249128142-3472015813-3436885645-1003\...\Run: [Weather] => C:\Program Files (x86)\AWS\WeatherBug\Weather.exe [1653248 2009-12-29] (AWS Convergence Technologies, Inc.)
HKU\S-1-5-21-249128142-3472015813-3436885645-1003\...\Run: [EPSON Stylus Photo RX595 Series] => C:\Windows\system32\spool\DRIVERS\x64\3\E_IATICLA.EXE [213504 2007-03-30] (SEIKO EPSON CORPORATION)
Startup: C:\Users\User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\CurseClientStartup.ccip ()

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.yahoo.com/
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 0x5053DF5C00E0CA01
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = en-us
StartMenuInternet: IEXPLORE.EXE - C:\Program Files (x86)\Internet Explorer\iexplore.exe
BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
Handler: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} -  No File
Handler-x32: http\0x00000001 - {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\SYSTEM\OLE DB\msdaipp.dll (Microsoft Corporation)
Handler-x32: http\oledb - {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\SYSTEM\OLE DB\msdaipp.dll (Microsoft Corporation)
Handler-x32: https\0x00000001 - {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\SYSTEM\OLE DB\msdaipp.dll (Microsoft Corporation)
Handler-x32: https\oledb - {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\SYSTEM\OLE DB\msdaipp.dll (Microsoft Corporation)
Handler-x32: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} -  No File
Handler-x32: msdaipp\0x00000001 - {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\SYSTEM\OLE DB\msdaipp.dll (Microsoft Corporation)
Handler-x32: msdaipp\oledb - {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\SYSTEM\OLE DB\msdaipp.dll (Microsoft Corporation)
Filter: text/xml - {807553E5-5146-11D5-A672-00B0D022E945} -  No File
Tcpip\Parameters: [DhcpNameServer] 24.116.0.53 24.116.2.50
Tcpip\..\Interfaces\{81613EB3-7C16-4CE2-9992-60820BC2DA7C}: [NameServer] 8.8.8.8,8.8.4.4

FireFox:
========
FF ProfilePath: C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\4c5vohb5.Default User
FF Homepage: about:home
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_14_0_0_179.dll ()
FF Plugin: @microsoft.com/GENUINE -> disabled No File
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_14_0_0_179.dll ()
FF Plugin HKCU: @nsroblox.roblox.com/launcher -> C:\Users\User\AppData\Local\Roblox\Versions\version-9054e3065d02489e\\NPRobloxProxy.dll ( ROBLOX Corporation)
FF Plugin HKCU: @tools.google.com/Google Update;version=3 -> C:\Users\User\AppData\Local\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF Plugin HKCU: @tools.google.com/Google Update;version=9 -> C:\Users\User\AppData\Local\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF Plugin HKCU: @unity3d.com/UnityPlayer,version=1.0 -> C:\Users\User\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll (Unity Technologies ApS)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\NPOFFICE.DLL (Microsoft Corporation)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\nppdf32.dll (Adobe Systems Inc.)
FF Extension: WOT - C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\4c5vohb5.Default User\Extensions\{a0d7ccb3-214d-498b-b4aa-0e8fda9a7bf7} [2014-08-08]
FF Extension: Classic Theme Restorer - C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\4c5vohb5.Default User\Extensions\ClassicThemeRestorer@ArisT2Noia4dev.xpi [2014-08-16]
FF Extension: Adblock Plus - C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\4c5vohb5.Default User\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2014-08-05]

Chrome:
=======
Error reading preferences. Please check "preferences" file for possible corruption. <======= ATTENTION
CHR Extension: (Magic Actions for YouTube™) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\abjcfabbhafbcdfjoecdgepllmpfceif [2012-08-05]
CHR Extension: (Angry Birds) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\aknpkdffaafgjchaibgeefbgmgeghloj [2012-02-19]
CHR Extension: (Crazy Rollercoaster) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\eafhgomkapdagnpmmgilphbolnejepoc [2012-02-19]
CHR Extension: (Cut the Rope) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\gkddaofiamhgfjmaccfcfpfolpgbeomj [2012-06-27]
CHR Extension: (Farm King) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\hbgjffonecbloecgdnookagmopcmacfh [2012-02-19]
CHR Extension: (Zombieland) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\heaagkbpbhiejlennopopcfmfblgigjn [2012-02-19]
CHR Extension: (Ultimate Flash Sonic) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\hmgmfbijldhdncjcipeocgkgbjhaecfp [2012-08-06]
CHR Extension: (Roblox OBC Theme Changer) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\iaobbfadkioeagmemoalfhebogdenjnk [2012-08-05]
CHR Extension: (Sonic Super Crazy World) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\iedjhgjaojjpbjpnjafabbkilcblcpdd [2012-08-06]
CHR Extension: (Picnik) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\inmnggcpelemfookhlhkdfbechcdadfp [2012-02-15]
CHR Extension: (Love Smoke) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\jgibfhhccaknggplelmbaepoikkcnllb [2012-08-06]
CHR Extension: (No Name) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\jljbhenkepchpiknajdnfglojnccebbi [2013-06-18]
CHR Extension: (AVG Safe Search) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\jmfkcklnlgedgbglfkkgedjfmejoahla [2012-02-08]
CHR Extension: (No Name) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\kiildlbhjkdbimjfdhgfdmijommcnlpi [2012-08-11]
CHR Extension: (Zombie Pandemic) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\mhkicdgidnfmdfnhhllffoplpaldkljl [2012-02-19]
CHR Extension: (YouTube Ads Block, Skip, Remove by ScrewAds) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\mmbnjoljpgkhiaicaejkdcjbfjknipnc [2012-08-06]
CHR Extension: (Plants vs Zombies) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\mmcegpfdgcoclcdfkjahiimlikdpnina [2012-02-19]
CHR Extension: (FastestChrome - Browse Faster) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\mmffncokckfccddfenhkhnllmlobdahm [2012-02-19]
CHR Extension: (AVG Do Not Track) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\ndibdjnfmopecpmkdieinmbadjfpblof [2012-05-28]
CHR Extension: (piZap photo editor) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\occpjibghkbopohbefbejkklnfdkdmok [2012-02-15]
CHR Extension: (My Chrome Theme) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\oehpjpccmlcalbenfhnacjeocbjdonic [2012-08-06]
CHR Extension: (Gangs of Boomtown) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\pllbjhofadlgfiimfgbiifkonijklnmg [2012-02-19]
CHR CustomProfile: C:\Users\User\AppData\Local\Google\Chrome\User Data\Profile 1
CHR Extension: (Magic Actions for YouTube™) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\abjcfabbhafbcdfjoecdgepllmpfceif [2014-05-20]
CHR Extension: (ChromePoster) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\adnbbenoccfckadanalngjafokjnnilm [2014-05-20]
CHR Extension: (Angry Birds) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\aknpkdffaafgjchaibgeefbgmgeghloj [2014-08-04]
CHR Extension: (Sonic the Hedgehog) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\amlnebccipdnafkfjoefmenbaemehknk [2014-05-20]
CHR Extension: (Google Docs) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\aohghmighlieiainnegkcijnfilokake [2014-05-20]
CHR Extension: (Google Drive) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\apdfllckaahabafndbhieahigkjlhalf [2014-05-20]
CHR Extension: (Google Voice Search Hotword (Beta)) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\bepbmhgboaologfdajaanbcjmnhjmhfn [2014-05-21]
CHR Extension: (WOT) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\bhmmomiinigofkjcapegjjndpbikblnp [2014-07-27]
CHR Extension: (YouTube) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2014-05-20]
CHR Extension: (Adblock Plus) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2014-05-20]
CHR Extension: (Google Search) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2014-05-20]
CHR Extension: (Google Wallet) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2014-05-20]
CHR Extension: (Gmail) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2014-05-20]
CHR HKCU\...\Chrome\Extension: [kiildlbhjkdbimjfdhgfdmijommcnlpi] - C:\Users\User\AppData\Local\CRE\kiildlbhjkdbimjfdhgfdmijommcnlpi.crx [2012-08-07]
CHR HKLM-x32\...\Chrome\Extension: [kiildlbhjkdbimjfdhgfdmijommcnlpi] - C:\Users\User\AppData\Local\CRE\kiildlbhjkdbimjfdhgfdmijommcnlpi.crx [2012-08-07]
CHR StartMenuInternet: Google Chrome - C:\Users\User\AppData\Local\Google\Chrome\Application\chrome.exe

==================== Services (Whitelisted) =================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R2 AVGIDSAgent; C:\Program Files (x86)\AVG\AVG2013\avgidsagent.exe [4939312 2013-07-04] (AVG Technologies CZ, s.r.o.)
R2 avgwd; C:\Program Files (x86)\AVG\AVG2013\avgwdsvc.exe [283136 2013-11-20] (AVG Technologies CZ, s.r.o.)
R2 RalinkRegistryWriter; C:\Program Files (x86)\Tenda\Common\RaRegistry.exe [193888 2010-06-28] (Ralink Technology, Corp.)
R2 RalinkRegistryWriter64; C:\Program Files (x86)\Tenda\Common\RaRegistry64.exe [211808 2010-06-28] (Ralink Technology, Corp.)
R2 VMwareHostd; C:\Program Files (x86)\VMware\VMware Workstation\vmware-hostd.exe [14407384 2014-06-12] ()

==================== Drivers (Whitelisted) ====================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R1 AVGIDSDriver; C:\Windows\System32\DRIVERS\avgidsdrivera.sys [246072 2013-11-25] (AVG Technologies CZ, s.r.o.)
R0 AVGIDSHA; C:\Windows\System32\DRIVERS\avgidsha.sys [71480 2013-07-20] (AVG Technologies CZ, s.r.o.)
R1 Avgldx64; C:\Windows\System32\DRIVERS\avgldx64.sys [206648 2013-07-20] (AVG Technologies CZ, s.r.o.)
R0 Avgloga; C:\Windows\System32\DRIVERS\avgloga.sys [311608 2013-07-20] (AVG Technologies CZ, s.r.o.)
R0 Avgmfx64; C:\Windows\System32\DRIVERS\avgmfx64.sys [116536 2013-07-01] (AVG Technologies CZ, s.r.o.)
R0 Avgrkx64; C:\Windows\System32\DRIVERS\avgrkx64.sys [45880 2013-10-23] (AVG Technologies CZ, s.r.o.)
R1 Avgtdia; C:\Windows\System32\DRIVERS\avgtdia.sys [240952 2014-04-15] (AVG Technologies CZ, s.r.o.)
R3 irsir; C:\Windows\System32\DRIVERS\irsir.sys [27648 2008-01-19] (Microsoft Corporation)
R1 Serial; C:\Windows\System32\DRIVERS\serial.sys [94208 2009-07-13] (Brother Industries Ltd.)
R2 VMparport; C:\Windows\system32\drivers\VMparport.sys [32472 2014-06-12] (VMware, Inc.)
S3 VMUVC; C:\Windows\System32\Drivers\VMUVC.sys [202112 2010-04-29] (Vimicro Corporation) [File not signed]
R0 vsock; C:\Windows\System32\drivers\vsock.sys [73296 2013-10-08] (VMware, Inc.)
R2 vstor2-mntapi20-shared; C:\Windows\SysWow64\drivers\vstor2-mntapi20-shared.sys [33872 2013-02-22] (VMware, Inc.)
S3 vvftUVC; C:\Windows\System32\drivers\vvftUVC.sys [303616 2008-07-01] (Vimicro Corporation) [File not signed]
S3 catchme; \??\C:\ComboFix\catchme.sys [X]
S3 EagleX64; \??\C:\Windows\system32\drivers\EagleX64.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)


==================== One Month Created Files and Folders ========

(If an entry is included in the fixlist, the file\folder will be moved.)

2014-08-26 16:05 - 2014-08-26 16:07 - 00016799 _____ () C:\Users\User\Desktop\FRST.txt
2014-08-26 14:33 - 2014-08-26 14:33 - 00000000 ____D () C:\Users\User\Documents\Virtual Machines
2014-08-26 14:26 - 2014-06-12 18:23 - 00064728 _____ (VMware, Inc.) C:\Windows\system32\Drivers\vmx86.sys
2014-08-26 14:26 - 2014-06-12 18:22 - 00032472 _____ (VMware, Inc.) C:\Windows\system32\Drivers\VMparport.sys
2014-08-26 14:26 - 2013-10-08 18:21 - 00073296 _____ (VMware, Inc.) C:\Windows\system32\Drivers\vsock.sys
2014-08-26 14:26 - 2013-10-08 18:21 - 00067664 _____ (VMware, Inc.) C:\Windows\system32\vsocklib.dll
2014-08-26 14:26 - 2013-10-08 18:21 - 00063568 _____ (VMware, Inc.) C:\Windows\SysWOW64\vsocklib.dll
2014-08-26 14:25 - 2014-06-12 18:23 - 00359128 _____ (VMware, Inc.) C:\Windows\SysWOW64\vmnetdhcp.exe
2014-08-26 14:25 - 2014-06-12 18:22 - 00437976 _____ (VMware, Inc.) C:\Windows\SysWOW64\vmnat.exe
2014-08-26 14:25 - 2014-06-12 18:22 - 00031448 _____ (VMware, Inc.) C:\Windows\system32\Drivers\vmnetuserif.sys
2014-08-26 14:24 - 2014-06-12 18:22 - 00931032 _____ (VMware, Inc.) C:\Windows\system32\vnetlib64.dll
2014-08-26 14:24 - 2014-02-27 18:40 - 00054464 _____ (VMware, Inc.) C:\Windows\system32\Drivers\hcmon.sys
2014-08-26 14:23 - 2014-08-26 14:23 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VMware
2014-08-26 14:23 - 2014-08-26 14:23 - 00000000 ____D () C:\Program Files\Common Files\VMware
2014-08-26 14:21 - 2014-08-26 14:21 - 00000000 ____D () C:\Users\Public\Documents\Shared Virtual Machines
2014-08-26 14:21 - 2014-08-26 14:21 - 00000000 ____D () C:\Program Files (x86)\VMware
2014-08-26 14:18 - 2014-08-26 14:26 - 1028653056 _____ () C:\Users\User\Documents\ubuntu-14.04.1-desktop-amd64.iso
2014-08-26 14:17 - 2014-08-26 14:18 - 515132968 _____ (VMware, Inc.) C:\Users\User\Documents\VMware-workstation-full-10.0.3-1895310.exe
2014-08-26 13:39 - 2014-08-26 13:39 - 00000000 ____D () C:\Users\User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinDirStat
2014-08-26 13:39 - 2014-08-26 13:39 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinDirStat
2014-08-26 13:39 - 2014-08-26 13:39 - 00000000 ____D () C:\Program Files (x86)\WinDirStat
2014-08-26 13:25 - 2014-08-26 13:32 - 00000000 ____D () C:\Users\User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\RayburnSoft
2014-08-26 08:09 - 2014-08-26 08:09 - 00854417 _____ () C:\Users\User\Desktop\SecurityCheck.exe
2014-08-25 14:34 - 2014-08-26 16:04 - 00000000 ____D () C:\Users\User\AppData\Local\VMware
2014-08-25 14:34 - 2014-08-26 15:23 - 00000000 ____D () C:\Users\User\AppData\Roaming\VMware
2014-08-25 14:23 - 2014-08-26 14:24 - 00001024 _____ () C:\Windows\SysWOW64\%TMP%
2014-08-25 14:20 - 2014-08-26 15:30 - 00000000 ____D () C:\ProgramData\VMware
2014-08-25 09:34 - 2014-08-25 09:34 - 00022657 _____ () C:\ComboFix.txt
2014-08-25 09:17 - 2014-08-25 09:34 - 00000000 ____D () C:\Qoobox
2014-08-25 09:17 - 2011-06-26 01:45 - 00256000 _____ () C:\Windows\PEV.exe
2014-08-25 09:17 - 2010-11-07 12:20 - 00208896 _____ () C:\Windows\MBR.exe
2014-08-25 09:17 - 2009-04-19 23:56 - 00060416 _____ (NirSoft) C:\Windows\NIRCMD.exe
2014-08-25 09:17 - 2000-08-30 19:00 - 00518144 _____ (SteelWerX) C:\Windows\SWREG.exe
2014-08-25 09:17 - 2000-08-30 19:00 - 00406528 _____ (SteelWerX) C:\Windows\SWSC.exe
2014-08-25 09:17 - 2000-08-30 19:00 - 00098816 _____ () C:\Windows\sed.exe
2014-08-25 09:17 - 2000-08-30 19:00 - 00080412 _____ () C:\Windows\grep.exe
2014-08-25 09:17 - 2000-08-30 19:00 - 00068096 _____ () C:\Windows\zip.exe
2014-08-25 09:16 - 2014-08-25 09:32 - 00000000 ____D () C:\Windows\erdnt
2014-08-25 09:16 - 2014-08-25 09:16 - 05572212 ____R (Swearware) C:\Users\User\Desktop\ComboFix.exe
2014-08-24 19:34 - 2014-08-24 19:34 - 00000218 _____ () C:\Users\User\AppData\Local\recently-used.xbel
2014-08-24 19:30 - 2014-08-24 19:30 - 00001052 _____ () C:\Users\User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Inkscape.lnk
2014-08-24 19:30 - 2014-08-24 19:30 - 00000000 ____D () C:\Users\User\AppData\Roaming\inkscape
2014-08-24 19:29 - 2014-08-24 19:29 - 00001010 _____ () C:\Users\User\Desktop\Inkscape.lnk
2014-08-24 19:26 - 2014-08-24 19:30 - 00000000 ____D () C:\Program Files (x86)\Inkscape
2014-08-24 19:26 - 2014-08-24 19:26 - 34573304 _____ (inkscape.org) C:\Users\User\Documents\Inkscape-0.48.5-1-win32.exe
2014-08-24 18:42 - 2014-08-24 18:42 - 02103296 _____ (Farbar) C:\Users\User\Desktop\FRST64.exe
2014-08-24 18:27 - 2014-08-24 18:27 - 00448512 _____ (OldTimer Tools) C:\Users\User\Desktop\TFC.exe
2014-08-24 18:25 - 2014-08-24 18:25 - 00070486 _____ () C:\JavaRa.log
2014-08-24 18:24 - 2014-08-24 18:24 - 00000000 ____D () C:\Users\User\Desktop\RemoveJava
2014-08-23 12:17 - 2014-08-23 12:17 - 00000000 ____D () C:\Users\User\Documents\ROBLOX
2014-08-23 10:43 - 2014-08-23 10:43 - 00000000 ____D () C:\Users\User\Downloads\FRST-OlderVersion
2014-08-23 10:42 - 2014-08-25 18:37 - 00000000 ____D () C:\Users\User\Desktop\HTML Files
2014-08-23 10:42 - 2014-08-23 10:42 - 00003750 _____ () C:\Users\User\Desktop\HTML Files.zip
2014-08-23 08:21 - 2014-05-14 11:23 - 02477536 _____ (Microsoft Corporation) C:\Windows\system32\wuaueng.dll
2014-08-23 08:21 - 2014-05-14 11:23 - 00700384 _____ (Microsoft Corporation) C:\Windows\system32\wuapi.dll
2014-08-23 08:21 - 2014-05-14 11:23 - 00581600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapi.dll
2014-08-23 08:21 - 2014-05-14 11:23 - 00058336 _____ (Microsoft Corporation) C:\Windows\system32\wuauclt.exe
2014-08-23 08:21 - 2014-05-14 11:23 - 00044512 _____ (Microsoft Corporation) C:\Windows\system32\wups2.dll
2014-08-23 08:21 - 2014-05-14 11:23 - 00038880 _____ (Microsoft Corporation) C:\Windows\system32\wups.dll
2014-08-23 08:21 - 2014-05-14 11:23 - 00036320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wups.dll
2014-08-23 08:21 - 2014-05-14 11:21 - 02620928 _____ (Microsoft Corporation) C:\Windows\system32\wucltux.dll
2014-08-23 08:21 - 2014-05-14 11:20 - 00097792 _____ (Microsoft Corporation) C:\Windows\system32\wudriver.dll
2014-08-23 08:21 - 2014-05-14 11:17 - 00092672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wudriver.dll
2014-08-23 08:21 - 2014-05-14 09:23 - 00198600 _____ (Microsoft Corporation) C:\Windows\system32\wuwebv.dll
2014-08-23 08:21 - 2014-05-14 09:23 - 00179656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuwebv.dll
2014-08-23 08:21 - 2014-05-14 09:20 - 00036864 _____ (Microsoft Corporation) C:\Windows\system32\wuapp.exe
2014-08-23 08:21 - 2014-05-14 09:17 - 00033792 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapp.exe
2014-08-19 16:07 - 2014-08-19 16:07 - 00051430 _____ () C:\Users\User\Desktop\CheckResults.txt
2014-08-19 16:03 - 2014-08-19 16:03 - 01682416 _____ (Malwarebytes Corporation) C:\Users\User\Desktop\mbam-check-2.1.1.1001.exe
2014-08-17 16:15 - 2014-08-23 10:47 - 00031705 _____ () C:\Users\User\Downloads\Addition.txt
2014-08-17 16:12 - 2014-08-26 16:06 - 00000000 ____D () C:\FRST
2014-08-17 16:12 - 2014-08-23 10:47 - 00045507 _____ () C:\Users\User\Downloads\FRST.txt
2014-08-17 16:11 - 2014-08-23 10:43 - 02103296 _____ (Farbar) C:\Users\User\Downloads\FRST64.exe
2014-08-15 22:09 - 2014-08-15 22:10 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2014-08-15 19:20 - 2014-08-15 19:20 - 00064285 _____ () C:\Users\User\Downloads\recording_1192867855_by_xxglitchmonsterxx-d7vbhxd.3gpp
2014-08-11 20:43 - 2014-08-11 20:44 - 32239888 _____ () C:\Users\User\Downloads\Firefox Setup 31.0.exe
2014-08-11 20:28 - 2014-08-11 20:29 - 00244120 _____ () C:\Users\User\Downloads\Firefox Setup Stub 31.0.exe
2014-08-11 18:46 - 2014-08-11 18:46 - 02176448 _____ (Reason Software Company Inc.) C:\Users\User\Downloads\ShouldIRemoveIt_Setup.exe
2014-08-11 17:57 - 2014-08-11 17:57 - 17292760 _____ (Malwarebytes Corporation ) C:\Users\User\Downloads\mbam-setup-2.0.2.1012.exe
2014-08-11 16:41 - 2014-08-11 16:41 - 07835768 _____ () C:\Users\User\Downloads\join.me.exe
2014-08-11 15:48 - 2014-08-11 15:48 - 11465728 _____ () C:\Users\User\Downloads\join.me.msi
2014-08-08 18:49 - 2014-08-08 19:33 - 00000000 ____D () C:\Users\User\Documents\RPGVXAce
2014-08-08 13:02 - 2014-08-08 13:02 - 00000000 ____D () C:\Users\User\AppData\Local\Skype
2014-08-08 13:01 - 2014-08-26 14:06 - 00000000 ____D () C:\Users\User\AppData\Roaming\Skype
2014-08-08 13:01 - 2014-08-08 13:01 - 00002515 _____ () C:\Users\Public\Desktop\Skype.lnk
2014-08-08 13:01 - 2014-08-08 13:01 - 00000000 ___RD () C:\Program Files (x86)\Skype
2014-08-08 13:01 - 2014-08-08 13:01 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype
2014-08-08 13:00 - 2014-08-08 13:01 - 00000000 ____D () C:\ProgramData\Skype
2014-08-08 12:59 - 2014-08-08 12:59 - 01677928 _____ (Skype Technologies S.A.) C:\Users\User\Downloads\SkypeSetup.exe
2014-08-07 18:17 - 2014-08-07 18:19 - 23729491 _____ (firealpaca.com ) C:\Users\User\Downloads\FireAlpaca_setup.exe
2014-08-06 15:19 - 2014-08-06 15:19 - 00000000 ____D () C:\Users\User\Downloads\desmume-0.9.9-win32
2014-08-06 15:00 - 2014-08-06 15:02 - 00000000 ____D () C:\Users\User\Documents\My Games
2014-08-05 18:32 - 2014-08-06 19:21 - 00000000 ____D () C:\Users\User\Documents\Bandicam
2014-08-05 18:32 - 2014-08-05 18:32 - 00000000 ____D () C:\Users\User\AppData\Roaming\BANDISOFT
2014-08-05 18:32 - 2014-08-05 18:32 - 00000000 ____D () C:\Program Files (x86)\Bandicam
2014-08-05 18:31 - 2014-08-05 18:32 - 00000000 ____D () C:\Program Files (x86)\BandiMPEG1
2014-08-05 18:30 - 2014-08-05 18:30 - 09318872 _____ (Bandisoft) C:\Users\User\Downloads\bdcamsetup.exe
2014-08-05 17:08 - 2014-08-05 17:08 - 00918440 _____ (Oracle Corporation) C:\Users\User\Downloads\chromeinstall-7u67.exe
2014-08-05 16:21 - 2014-08-05 16:21 - 00675988 _____ () C:\Users\User\Downloads\Minecraft (1).exe
2014-08-05 16:18 - 2014-08-05 16:18 - 00000000 ____D () C:\Users\User\Documents\My Curse
2014-08-05 13:12 - 2014-08-05 13:12 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
2014-08-05 13:01 - 2014-08-05 13:01 - 00159578 _____ () C:\Users\User\Downloads\JavaRa-2.6.zip
2014-08-04 18:18 - 2014-08-24 11:13 - 00000000 ____D () C:\Users\User\Desktop\Stuff I Want On My New Computer
2014-07-31 22:57 - 2014-07-31 22:57 - 00000000 ____D () C:\Users\User\Desktop\Video Avatars
2014-07-31 13:21 - 2014-07-31 13:21 - 00001308 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Movie Maker.lnk
2014-07-31 13:21 - 2014-07-31 13:21 - 00000000 ____D () C:\Windows\en
2014-07-31 13:20 - 2014-07-31 13:20 - 00001377 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Photo Gallery.lnk
2014-07-31 13:20 - 2014-07-31 13:20 - 00000000 ____D () C:\Program Files (x86)\Microsoft SQL Server Compact Edition
2014-07-31 13:19 - 2014-07-31 13:20 - 00000000 ____D () C:\Program Files (x86)\Windows Live
2014-07-31 13:18 - 2010-06-02 04:55 - 00527192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAudio2_7.dll
2014-07-31 13:18 - 2010-06-02 04:55 - 00518488 _____ (Microsoft Corporation) C:\Windows\system32\XAudio2_7.dll
2014-07-31 13:18 - 2010-06-02 04:55 - 00077656 _____ (Microsoft Corporation) C:\Windows\system32\XAPOFX1_5.dll
2014-07-31 13:18 - 2010-06-02 04:55 - 00074072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAPOFX1_5.dll
2014-07-31 13:18 - 2010-05-26 11:41 - 02526056 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_43.dll
2014-07-31 13:18 - 2010-05-26 11:41 - 02106216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_43.dll
2014-07-31 13:18 - 2010-05-26 11:41 - 00276832 _____ (Microsoft Corporation) C:\Windows\system32\d3dx11_43.dll
2014-07-31 13:18 - 2010-05-26 11:41 - 00248672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx11_43.dll
2014-07-31 13:17 - 2014-07-31 13:17 - 00000195 _____ () C:\Windows\DirectX.log
2014-07-31 13:17 - 2009-09-04 17:29 - 00523088 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_42.dll
2014-07-31 13:17 - 2009-09-04 17:29 - 00453456 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_42.dll
2014-07-31 13:17 - 2006-11-29 13:06 - 04398360 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_32.dll
2014-07-31 13:17 - 2006-11-29 13:06 - 03426072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_32.dll
2014-07-31 13:16 - 2014-07-31 13:16 - 01239752 _____ (Microsoft Corporation) C:\Users\User\Downloads\wlsetup-web.exe
2014-07-30 19:03 - 2014-07-30 19:03 - 00000000 ____D () C:\Users\User\Desktop\Troll Radar
2014-07-30 15:34 - 2014-08-26 09:12 - 00000000 ____D () C:\Users\User\Desktop\PaintTool SAI English Pack
2014-07-30 15:34 - 2014-07-31 21:14 - 00000000 ____D () C:\Users\User\Desktop\PaintTool_SAI_English_ver.1.10
2014-07-30 15:33 - 2014-07-30 15:33 - 04906491 _____ () C:\Users\User\Downloads\PTSXD.rar
2014-07-30 14:24 - 2014-08-25 15:23 - 00000000 ____D () C:\PaintToolSAI
2014-07-30 14:23 - 2014-07-30 14:23 - 02467617 _____ () C:\Users\User\Downloads\sai-1.2.0-ful-en.exe
2014-07-28 14:34 - 2014-07-28 14:36 - 00000000 ____D () C:\ProgramData\HitmanPro
2014-07-28 14:34 - 2014-07-28 14:34 - 00000000 ____D () C:\Program Files\HitmanPro
2014-07-27 19:09 - 2014-07-27 19:10 - 02347384 _____ (ESET) C:\Users\User\Downloads\esetsmartinstaller_enu.exe
2014-07-27 16:53 - 2014-08-19 17:56 - 00122584 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2014-07-27 14:01 - 2014-07-27 14:01 - 00001105 _____ () C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2014-07-27 14:01 - 2014-07-27 14:01 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
2014-07-27 14:01 - 2014-07-27 14:01 - 00000000 ____D () C:\Program Files (x86)\Malwarebytes Anti-Malware
2014-07-27 14:01 - 2014-05-12 07:26 - 00091352 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys
2014-07-27 14:01 - 2014-05-12 07:26 - 00063704 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys
2014-07-27 14:01 - 2014-05-12 07:25 - 00025816 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys

==================== One Month Modified Files and Folders =======

(If an entry is included in the fixlist, the file\folder will be moved.)

2014-08-26 16:07 - 2014-08-26 16:05 - 00016799 _____ () C:\Users\User\Desktop\FRST.txt
2014-08-26 16:07 - 2014-06-14 21:57 - 00000000 ____D () C:\Users\User\Desktop\FJ Memes
2014-08-26 16:06 - 2014-08-17 16:12 - 00000000 ____D () C:\FRST
2014-08-26 16:04 - 2014-08-25 14:34 - 00000000 ____D () C:\Users\User\AppData\Local\VMware
2014-08-26 15:30 - 2014-08-25 14:20 - 00000000 ____D () C:\ProgramData\VMware
2014-08-26 15:23 - 2014-08-25 14:34 - 00000000 ____D () C:\Users\User\AppData\Roaming\VMware
2014-08-26 15:19 - 2012-10-16 21:00 - 00000830 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2014-08-26 14:33 - 2014-08-26 14:33 - 00000000 ____D () C:\Users\User\Documents\Virtual Machines
2014-08-26 14:26 - 2014-08-26 14:18 - 1028653056 _____ () C:\Users\User\Documents\ubuntu-14.04.1-desktop-amd64.iso
2014-08-26 14:24 - 2014-08-25 14:23 - 00001024 _____ () C:\Windows\SysWOW64\%TMP%
2014-08-26 14:23 - 2014-08-26 14:23 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VMware
2014-08-26 14:23 - 2014-08-26 14:23 - 00000000 ____D () C:\Program Files\Common Files\VMware
2014-08-26 14:23 - 2013-12-26 17:50 - 00816172 _____ () C:\Windows\SysWOW64\PerfStringBackup.INI
2014-08-26 14:21 - 2014-08-26 14:21 - 00000000 ____D () C:\Users\Public\Documents\Shared Virtual Machines
2014-08-26 14:21 - 2014-08-26 14:21 - 00000000 ____D () C:\Program Files (x86)\VMware
2014-08-26 14:18 - 2014-08-26 14:17 - 515132968 _____ (VMware, Inc.) C:\Users\User\Documents\VMware-workstation-full-10.0.3-1895310.exe
2014-08-26 14:06 - 2014-08-08 13:01 - 00000000 ____D () C:\Users\User\AppData\Roaming\Skype
2014-08-26 14:04 - 2010-04-19 04:47 - 01919464 _____ () C:\Windows\WindowsUpdate.log
2014-08-26 13:59 - 2009-07-13 23:45 - 00020848 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-08-26 13:59 - 2009-07-13 23:45 - 00020848 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-08-26 13:39 - 2014-08-26 13:39 - 00000000 ____D () C:\Users\User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinDirStat
2014-08-26 13:39 - 2014-08-26 13:39 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinDirStat
2014-08-26 13:39 - 2014-08-26 13:39 - 00000000 ____D () C:\Program Files (x86)\WinDirStat
2014-08-26 13:32 - 2014-08-26 13:25 - 00000000 ____D () C:\Users\User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\RayburnSoft
2014-08-26 13:06 - 2012-01-15 15:18 - 00000000 ____D () C:\Users\User\AppData\Local\Google
2014-08-26 13:06 - 2010-04-21 01:46 - 00000000 ____D () C:\Users\User\AppData\Roaming\Mozilla
2014-08-26 13:05 - 2012-09-05 16:00 - 00000000 ____D () C:\Program Files (x86)\Google
2014-08-26 10:11 - 2009-07-13 22:20 - 00000000 ____D () C:\Windows\rescache
2014-08-26 09:12 - 2014-07-30 15:34 - 00000000 ____D () C:\Users\User\Desktop\PaintTool SAI English Pack
2014-08-26 08:09 - 2014-08-26 08:09 - 00854417 _____ () C:\Users\User\Desktop\SecurityCheck.exe
2014-08-26 08:05 - 2012-06-25 20:35 - 00000000 ____D () C:\Users\User\Documents\Registry Backups
2014-08-26 08:01 - 2014-06-14 12:55 - 00001206 _____ () C:\lm.log
2014-08-26 08:01 - 2012-07-20 19:38 - 00229842 _____ () C:\Windows\PFRO.log
2014-08-26 08:01 - 2012-06-28 14:11 - 00027192 _____ () C:\Windows\setupact.log
2014-08-26 08:01 - 2012-05-15 01:59 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service
2014-08-26 08:01 - 2011-06-01 22:14 - 00000000 ____D () C:\ProgramData\NVIDIA
2014-08-26 08:01 - 2009-07-14 00:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-08-26 05:40 - 2010-09-30 11:38 - 00000000 ____D () C:\ProgramData\MFAData
2014-08-25 18:37 - 2014-08-23 10:42 - 00000000 ____D () C:\Users\User\Desktop\HTML Files
2014-08-25 16:12 - 2014-06-14 14:03 - 00000000 ____D () C:\Users\User\AppData\Local\Battle.net
2014-08-25 15:46 - 2011-12-19 14:57 - 00016896 ___SH () C:\Users\User\Thumbs.db
2014-08-25 15:23 - 2014-07-30 14:24 - 00000000 ____D () C:\PaintToolSAI
2014-08-25 09:57 - 2012-10-16 21:00 - 00003768 _____ () C:\Windows\System32\Tasks\Adobe Flash Player Updater
2014-08-25 09:57 - 2012-05-07 20:21 - 00699568 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2014-08-25 09:57 - 2012-01-15 14:31 - 00071344 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2014-08-25 09:35 - 2010-04-20 17:49 - 00000000 ____D () C:\Users\User\AppData\Local\Apps\2.0
2014-08-25 09:34 - 2014-08-25 09:34 - 00022657 _____ () C:\ComboFix.txt
2014-08-25 09:34 - 2014-08-25 09:17 - 00000000 ____D () C:\Qoobox
2014-08-25 09:34 - 2009-07-13 22:20 - 00000000 __RHD () C:\Users\Default
2014-08-25 09:32 - 2014-08-25 09:16 - 00000000 ____D () C:\Windows\erdnt
2014-08-25 09:30 - 2009-07-13 21:34 - 00000215 _____ () C:\Windows\system.ini
2014-08-25 09:27 - 2013-12-17 16:10 - 00000000 ____D () C:\ProgramData\TEMP
2014-08-25 09:16 - 2014-08-25 09:16 - 05572212 ____R (Swearware) C:\Users\User\Desktop\ComboFix.exe
2014-08-24 19:34 - 2014-08-24 19:34 - 00000218 _____ () C:\Users\User\AppData\Local\recently-used.xbel
2014-08-24 19:30 - 2014-08-24 19:30 - 00001052 _____ () C:\Users\User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Inkscape.lnk
2014-08-24 19:30 - 2014-08-24 19:30 - 00000000 ____D () C:\Users\User\AppData\Roaming\inkscape
2014-08-24 19:30 - 2014-08-24 19:26 - 00000000 ____D () C:\Program Files (x86)\Inkscape
2014-08-24 19:29 - 2014-08-24 19:29 - 00001010 _____ () C:\Users\User\Desktop\Inkscape.lnk
2014-08-24 19:26 - 2014-08-24 19:26 - 34573304 _____ (inkscape.org) C:\Users\User\Documents\Inkscape-0.48.5-1-win32.exe
2014-08-24 18:42 - 2014-08-24 18:42 - 02103296 _____ (Farbar) C:\Users\User\Desktop\FRST64.exe
2014-08-24 18:27 - 2014-08-24 18:27 - 00448512 _____ (OldTimer Tools) C:\Users\User\Desktop\TFC.exe
2014-08-24 18:25 - 2014-08-24 18:25 - 00070486 _____ () C:\JavaRa.log
2014-08-24 18:24 - 2014-08-24 18:24 - 00000000 ____D () C:\Users\User\Desktop\RemoveJava
2014-08-24 18:16 - 2014-05-16 22:40 - 00000000 ____D () C:\Users\User\Desktop\Blender Models and Projects
2014-08-24 11:13 - 2014-08-04 18:18 - 00000000 ____D () C:\Users\User\Desktop\Stuff I Want On My New Computer
2014-08-23 14:46 - 2014-07-07 15:29 - 00000000 ____D () C:\Program Files (x86)\Hearthstone
2014-08-23 12:17 - 2014-08-23 12:17 - 00000000 ____D () C:\Users\User\Documents\ROBLOX
2014-08-23 12:16 - 2011-05-09 20:04 - 00000000 ____D () C:\Users\User\AppData\Local\Roblox
2014-08-23 12:12 - 2013-03-09 13:28 - 00001362 _____ () C:\Users\User\Desktop\ROBLOX Studio 2013.lnk
2014-08-23 12:12 - 2011-05-09 20:05 - 00000000 ____D () C:\Users\User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Roblox
2014-08-23 10:53 - 2014-07-07 15:27 - 00000000 ____D () C:\Program Files (x86)\Battle.net
2014-08-23 10:47 - 2014-08-17 16:15 - 00031705 _____ () C:\Users\User\Downloads\Addition.txt
2014-08-23 10:47 - 2014-08-17 16:12 - 00045507 _____ () C:\Users\User\Downloads\FRST.txt
2014-08-23 10:43 - 2014-08-23 10:43 - 00000000 ____D () C:\Users\User\Downloads\FRST-OlderVersion
2014-08-23 10:43 - 2014-08-17 16:11 - 02103296 _____ (Farbar) C:\Users\User\Downloads\FRST64.exe
2014-08-23 10:42 - 2014-08-23 10:42 - 00003750 _____ () C:\Users\User\Desktop\HTML Files.zip
2014-08-23 10:34 - 2012-08-13 18:43 - 00000000 ____D () C:\Users\User\AppData\Local\Paint.NET
2014-08-23 09:52 - 2010-04-20 17:49 - 00000000 ____D () C:\Users\User\AppData\Local\Deployment
2014-08-22 18:08 - 2013-12-26 17:41 - 00000000 ____D () C:\Program Files (x86)\Steam
2014-08-22 18:00 - 2012-07-26 10:14 - 00001350 _____ () C:\Users\User\Desktop\ROBLOX.lnk
2014-08-22 17:44 - 2014-02-01 14:38 - 00002926 _____ () C:\Users\User\Desktop\blender.lnk
2014-08-20 09:11 - 2012-02-25 14:37 - 00000000 ____D () C:\Users\User\AppData\Local\join.me
2014-08-19 17:56 - 2014-07-27 16:53 - 00122584 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2014-08-19 16:07 - 2014-08-19 16:07 - 00051430 _____ () C:\Users\User\Desktop\CheckResults.txt
2014-08-19 16:03 - 2014-08-19 16:03 - 01682416 _____ (Malwarebytes Corporation) C:\Users\User\Desktop\mbam-check-2.1.1.1001.exe
2014-08-19 13:05 - 2014-01-06 16:44 - 00000000 ____D () C:\Users\User\AppData\Roaming\Audacity
2014-08-18 18:30 - 2009-07-13 22:20 - 00000000 ____D () C:\Program Files\Common Files\Microsoft Shared
2014-08-18 17:39 - 2013-12-26 17:45 - 00000000 ____D () C:\Users\User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Steam
2014-08-17 17:52 - 2012-02-27 19:36 - 00000000 ____D () C:\Users\User\AppData\Roaming\.minecraft
2014-08-15 22:10 - 2014-08-15 22:09 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2014-08-15 19:53 - 2012-01-15 15:19 - 00002362 _____ () C:\Users\User\Desktop\Google Chrome.lnk
2014-08-15 19:20 - 2014-08-15 19:20 - 00064285 _____ () C:\Users\User\Downloads\recording_1192867855_by_xxglitchmonsterxx-d7vbhxd.3gpp
2014-08-11 20:44 - 2014-08-11 20:43 - 32239888 _____ () C:\Users\User\Downloads\Firefox Setup 31.0.exe
2014-08-11 20:29 - 2014-08-11 20:28 - 00244120 _____ () C:\Users\User\Downloads\Firefox Setup Stub 31.0.exe
2014-08-11 20:12 - 2012-02-19 08:37 - 00000000 ____D () C:\AI_RecycleBin
2014-08-11 20:12 - 2012-02-19 08:35 - 00000000 __SHD () C:\Windows\SysWOW64\AI_RecycleBin
2014-08-11 18:46 - 2014-08-11 18:46 - 02176448 _____ (Reason Software Company Inc.) C:\Users\User\Downloads\ShouldIRemoveIt_Setup.exe
2014-08-11 17:57 - 2014-08-11 17:57 - 17292760 _____ (Malwarebytes Corporation ) C:\Users\User\Downloads\mbam-setup-2.0.2.1012.exe
2014-08-11 16:41 - 2014-08-11 16:41 - 07835768 _____ () C:\Users\User\Downloads\join.me.exe
2014-08-11 15:48 - 2014-08-11 15:48 - 11465728 _____ () C:\Users\User\Downloads\join.me.msi
2014-08-10 16:53 - 2009-07-14 00:13 - 00799078 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-08-08 19:33 - 2014-08-08 18:49 - 00000000 ____D () C:\Users\User\Documents\RPGVXAce
2014-08-08 18:47 - 2013-02-26 13:35 - 00000000 ____D () C:\Program Files (x86)\Enterbrain
2014-08-08 13:46 - 2013-06-22 21:03 - 00000000 ____D () C:\Users\User\AppData\Local\Screencast-O-Matic
2014-08-08 13:02 - 2014-08-08 13:02 - 00000000 ____D () C:\Users\User\AppData\Local\Skype
2014-08-08 13:01 - 2014-08-08 13:01 - 00002515 _____ () C:\Users\Public\Desktop\Skype.lnk
2014-08-08 13:01 - 2014-08-08 13:01 - 00000000 ___RD () C:\Program Files (x86)\Skype
2014-08-08 13:01 - 2014-08-08 13:01 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype
2014-08-08 13:01 - 2014-08-08 13:00 - 00000000 ____D () C:\ProgramData\Skype
2014-08-08 12:59 - 2014-08-08 12:59 - 01677928 _____ (Skype Technologies S.A.) C:\Users\User\Downloads\SkypeSetup.exe
2014-08-07 18:19 - 2014-08-07 18:17 - 23729491 _____ (firealpaca.com ) C:\Users\User\Downloads\FireAlpaca_setup.exe
2014-08-06 19:21 - 2014-08-05 18:32 - 00000000 ____D () C:\Users\User\Documents\Bandicam
2014-08-06 15:19 - 2014-08-06 15:19 - 00000000 ____D () C:\Users\User\Downloads\desmume-0.9.9-win32
2014-08-06 15:02 - 2014-08-06 15:00 - 00000000 ____D () C:\Users\User\Documents\My Games
2014-08-05 19:10 - 2011-11-02 11:50 - 00000000 ____D () C:\Users\User\AppData\Local\Windows Live
2014-08-05 18:32 - 2014-08-05 18:32 - 00000000 ____D () C:\Users\User\AppData\Roaming\BANDISOFT
2014-08-05 18:32 - 2014-08-05 18:32 - 00000000 ____D () C:\Program Files (x86)\Bandicam
2014-08-05 18:32 - 2014-08-05 18:31 - 00000000 ____D () C:\Program Files (x86)\BandiMPEG1
2014-08-05 18:30 - 2014-08-05 18:30 - 09318872 _____ (Bandisoft) C:\Users\User\Downloads\bdcamsetup.exe
2014-08-05 17:08 - 2014-08-05 17:08 - 00918440 _____ (Oracle Corporation) C:\Users\User\Downloads\chromeinstall-7u67.exe
2014-08-05 16:43 - 2013-05-31 19:57 - 00000000 ____D () C:\Users\User\AppData\Roaming\.technic
2014-08-05 16:43 - 2013-05-31 19:55 - 02346942 _____ () C:\Users\User\Documents\TechnicLauncher.exe
2014-08-05 16:21 - 2014-08-05 16:21 - 00675988 _____ () C:\Users\User\Downloads\Minecraft (1).exe
2014-08-05 16:18 - 2014-08-05 16:18 - 00000000 ____D () C:\Users\User\Documents\My Curse
2014-08-05 13:12 - 2014-08-05 13:12 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
2014-08-05 13:01 - 2014-08-05 13:01 - 00159578 _____ () C:\Users\User\Downloads\JavaRa-2.6.zip
2014-08-04 23:00 - 2011-04-17 09:03 - 00783872 ___SH () C:\Users\User\Documents\Thumbs.db
2014-07-31 22:57 - 2014-07-31 22:57 - 00000000 ____D () C:\Users\User\Desktop\Video Avatars
2014-07-31 21:14 - 2014-07-30 15:34 - 00000000 ____D () C:\Users\User\Desktop\PaintTool_SAI_English_ver.1.10
2014-07-31 13:21 - 2014-07-31 13:21 - 00001308 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Movie Maker.lnk
2014-07-31 13:21 - 2014-07-31 13:21 - 00000000 ____D () C:\Windows\en
2014-07-31 13:20 - 2014-07-31 13:20 - 00001377 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Photo Gallery.lnk
2014-07-31 13:20 - 2014-07-31 13:20 - 00000000 ____D () C:\Program Files (x86)\Microsoft SQL Server Compact Edition
2014-07-31 13:20 - 2014-07-31 13:19 - 00000000 ____D () C:\Program Files (x86)\Windows Live
2014-07-31 13:17 - 2014-07-31 13:17 - 00000195 _____ () C:\Windows\DirectX.log
2014-07-31 13:16 - 2014-07-31 13:16 - 01239752 _____ (Microsoft Corporation) C:\Users\User\Downloads\wlsetup-web.exe
2014-07-30 19:03 - 2014-07-30 19:03 - 00000000 ____D () C:\Users\User\Desktop\Troll Radar
2014-07-30 15:33 - 2014-07-30 15:33 - 04906491 _____ () C:\Users\User\Downloads\PTSXD.rar
2014-07-30 14:23 - 2014-07-30 14:23 - 02467617 _____ () C:\Users\User\Downloads\sai-1.2.0-ful-en.exe
2014-07-29 21:43 - 2011-05-12 19:25 - 00000000 ____D () C:\Blockland
2014-07-28 14:36 - 2014-07-28 14:34 - 00000000 ____D () C:\ProgramData\HitmanPro
2014-07-28 14:34 - 2014-07-28 14:34 - 00000000 ____D () C:\Program Files\HitmanPro
2014-07-27 19:10 - 2014-07-27 19:09 - 02347384 _____ (ESET) C:\Users\User\Downloads\esetsmartinstaller_enu.exe
2014-07-27 14:01 - 2014-07-27 14:01 - 00001105 _____ () C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2014-07-27 14:01 - 2014-07-27 14:01 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
2014-07-27 14:01 - 2014-07-27 14:01 - 00000000 ____D () C:\Program Files (x86)\Malwarebytes Anti-Malware
2014-07-27 14:01 - 2010-12-26 16:08 - 00000000 ____D () C:\Users\User\AppData\Roaming\Malwarebytes
2014-07-27 14:01 - 2010-12-26 16:07 - 00000000 ____D () C:\ProgramData\Malwarebytes
2014-07-27 14:00 - 2010-12-26 16:07 - 00000000 ____D () C:\Program Files (x86)\Malwarebytes' Anti-Malware

Some content of TEMP:
====================
C:\Users\User\AppData\Local\Temp\fp_pl_pfs_installer.exe


==================== Bamital & volsnap Check =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed


LastRegBack: 2014-08-17 00:19

==================== End Of Log ============================

Link to post
Share on other sites

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 24-08-2014 03
Ran by User at 2014-08-26 16:08:40
Running from C:\Users\User\Desktop
Boot Mode: Normal
==========================================================


==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: AVG AntiVirus Free Edition 2013 (Enabled - Up to date) {0E9420C4-06B3-7FA0-3AB1-6E49CB52ECD9}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: AVG AntiVirus Free Edition 2013 (Enabled - Up to date) {B5F5C120-2089-702E-0001-553BB0D5A664}

==================== Installed Programs ======================

(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

Acronis True Image Home (HKLM-x32\...\{67ED38A3-4882-448B-B44D-3428AB00D7D5}) (Version: 13.0.7160 - Acronis)
Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 3.1.0.4880 - Adobe Systems Incorporated)
Adobe AIR (x32 Version: 3.1.0.4880 - Adobe Systems Incorporated) Hidden
Adobe Flash Player 14 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 14.0.0.145 - Adobe Systems Incorporated)
Adobe Flash Player 14 Plugin (HKLM-x32\...\Adobe Flash Player Plugin) (Version: 14.0.0.179 - Adobe Systems Incorporated)
Adobe Reader X (10.1.2) (HKLM-x32\...\{AC76BA86-7AD7-1033-7B44-AA1000000001}) (Version: 10.1.2 - Adobe Systems Incorporated)
Adobe Shockwave Player 11.6 (HKLM-x32\...\Adobe Shockwave Player) (Version: 11.6.7.637 - Adobe Systems, Inc.)
Audacity 2.0.5 (HKLM-x32\...\Audacity_is1) (Version: 2.0.5 - Audacity Team)
AVG 2013 (HKLM\...\AVG) (Version: 2013.0.3485 - AVG Technologies)
AVG 2013 (Version: 13.0.3485 - AVG Technologies) Hidden
AVG 2013 (Version: 13.0.3955 - AVG Technologies) Hidden
Bandicam (HKLM-x32\...\Bandicam) (Version: 2.0.2.655 - Bandisoft.com)
Bandisoft MPEG-1 Decoder (HKLM-x32\...\BandiMPEG1) (Version:  - Bandisoft.com)
Battle.net (HKLM-x32\...\Battle.net) (Version:  - Blizzard Entertainment)
Blender (HKLM\...\Blender) (Version: 2.70 - Blender Foundation)
CCleaner (HKLM\...\CCleaner) (Version: 3.19 - Piriform)
Cisco EAP-FAST Module (HKLM-x32\...\{64BF0187-F3D2-498B-99EA-163AF9AE6EC9}) (Version: 2.2.14 - Cisco Systems, Inc.)
Cisco LEAP Module (HKLM-x32\...\{51C7AD07-C3F6-4635-8E8A-231306D810FE}) (Version: 1.0.19 - Cisco Systems, Inc.)
Cisco PEAP Module (HKLM-x32\...\{ED5776D5-59B4-46B7-AF81-5F2D94D7C640}) (Version: 1.1.6 - Cisco Systems, Inc.)
Compatibility Pack for the 2007 Office system (HKLM-x32\...\{90120000-0020-0409-0000-0000000FF1CE}) (Version: 12.0.6612.1000 - Microsoft Corporation)
Curse Client (HKCU\...\101a9f93b8f0bb6f) (Version: 5.1.1.810 - Curse)
D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
Defraggler (HKLM\...\Defraggler) (Version: 2.16 - Piriform)
Epson Print CD (HKLM-x32\...\{D16A31F9-276D-4968-A753-FFEAC56995D0}) (Version: 2.00.00 - SEIKO EPSON CORPORATION)
EPSON Printer Software (HKLM\...\EPSON Printer and Utilities) (Version:  - SEIKO EPSON Corporation)
EPSON Scan (HKLM-x32\...\EPSON Scanner) (Version:  - )
FireAlpaca 1.0.51 (HKLM-x32\...\FireAlpaca_is1) (Version: 1.0.51 - firealpaca.com)
Google Chrome (HKCU\...\Google Chrome) (Version: 36.0.1985.143 - Google Inc.)
Google Update Helper (x32 Version: 1.3.24.15 - Google Inc.) Hidden
Hearthstone (HKLM-x32\...\Hearthstone) (Version:  - Blizzard Entertainment)
Inkscape 0.48.5 (HKCU\...\Inkscape) (Version: 0.48.5 - )
join.me (HKCU\...\JoinMe) (Version: 1.15.0.136 - LogMeIn, Inc.)
Malwarebytes Anti-Malware version 2.0.2.1012 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.0.2.1012 - Malwarebytes Corporation)
Microsoft .NET Framework 4.5.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 (Version: 4.5.50938 - Microsoft Corporation) Hidden
Microsoft Application Error Reporting (Version: 12.0.6015.5000 - Microsoft Corporation) Hidden
Microsoft IntelliType Pro 8.2 (HKLM\...\Microsoft IntelliType Pro 8.2) (Version: 8.20.469.0 - Microsoft Corporation)
Microsoft IntelliType Pro 8.2 (Version: 8.20.469.0 - Microsoft Corporation) Hidden
Microsoft Office File Validation Add-In (HKLM-x32\...\{90140000-2005-0000-0000-0000000FF1CE}) (Version: 14.0.5130.5003 - Microsoft Corporation)
Microsoft Office Professional Edition 2003 (HKLM-x32\...\{91110409-6000-11D3-8CFE-0150048383C9}) (Version: 11.0.8173.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft XNA Framework Redistributable 4.0 (HKLM-x32\...\{2BFC7AA0-544C-4E3A-8796-67F3BE655BE9}) (Version: 4.0.20823.0 - Microsoft Corporation)
Movie Maker (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Mozilla Firefox 31.0 (x86 en-US) (HKLM-x32\...\Mozilla Firefox 31.0 (x86 en-US)) (Version: 31.0 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 29.0 - Mozilla)
MSVCRT (x32 Version: 15.4.2862.0708 - Microsoft) Hidden
MSVCRT110 (x32 Version: 16.4.1108.0727 - Microsoft) Hidden
MSVCRT110_amd64 (Version: 16.4.1109.0912 - Microsoft) Hidden
Nexon Game Manager (HKLM-x32\...\{EA2DB6E0-72C5-4ef9-A3A0-E6705F4A6A9E}) (Version:  - )
NVIDIA 3D Vision Controller Driver (x32 Version: 275.33 - NVIDIA Corporation) Hidden
NVIDIA 3D Vision Controller Driver 275.33 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB) (Version: 275.33 - NVIDIA Corporation)
NVIDIA 3D Vision Driver 335.23 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 335.23 - NVIDIA Corporation)
NVIDIA Control Panel 335.23 (Version: 335.23 - NVIDIA Corporation) Hidden
NVIDIA Drivers (HKLM\...\NVIDIA Drivers) (Version: 1.10.62.40 - NVIDIA Corporation)
NVIDIA Graphics Driver 335.23 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 335.23 - NVIDIA Corporation)
NVIDIA Install Application (Version: 2.1002.145.1024 - NVIDIA Corporation) Hidden
NVIDIA PhysX (x32 Version: 9.10.0514 - NVIDIA Corporation) Hidden
NVIDIA PhysX System Software 9.10.0514 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.10.0514 - NVIDIA Corporation)
NVIDIA Stereoscopic 3D Driver (x32 Version: 7.17.13.3523 - NVIDIA Corporation) Hidden
NVIDIA Update 10.4.0 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update) (Version: 10.4.0 - NVIDIA Corporation)
NVIDIA Update Components (Version: 1.15.2 - NVIDIA Corporation) Hidden
NVIDIA Update Core (Version: 10.4.0 - NVIDIA Corporation) Hidden
Paint.NET v3.5.10 (HKLM\...\{529125EF-E3AC-4B74-97E6-F688A7C0F1C0}) (Version: 3.60.0 - dotPDN LLC)
Pando Media Booster (HKLM-x32\...\{980A182F-E0A2-4A40-94C1-AE0C1235902E}) (Version: 2.6.0.9 - Pando Networks Inc.)
Photo Gallery (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
PrimoPDF -- brought to you by Nitro PDF Software (HKLM-x32\...\PrimoPDF) (Version: 5 - Nitro PDF Software)
PVSonyDll (Version: 1.00.0001 - NVIDIA Corporation) Hidden
RGSS-RTP Standard (HKLM-x32\...\RGSS-RTP Standard_is1) (Version: 1.04 - Enterbrain)
ROBLOX Player for User (HKCU\...\{373B1718-8CC5-4567-8EE2-9033AD08A680}) (Version:  - ROBLOX Corporation)
ROBLOX Studio 2013 for User (HKCU\...\{2922D6F1-2865-4EFA-97A9-94EEAB3AFA14}) (Version:  - ROBLOX Corporation)
RPG Maker VX (HKLM-x32\...\RPG Maker VX_is1) (Version: 1.02 - Enterbrain)
RPG Maker VX Ace (HKLM-x32\...\RPGVXAce_E_is1) (Version: 1.02 - Enterbrain)
RPG MAKER VX Ace RTP (HKLM-x32\...\RPGVXAce_RTP_is1) (Version: 1.00 - Enterbrain)
RPG Maker VX RTP (HKLM-x32\...\RPG Maker VX RTP_is1) (Version: 1.02 - Enterbrain)
RPG Maker XP (HKLM-x32\...\RPG Maker XP_is1) (Version: 1.04 - Enterbrain)
Screencast-O-Matic (HKCU\...\Screencast-O-Matic) (Version:  - Screencast-O-Matic)
Skype™ 6.18 (HKLM-x32\...\{7A3C7E05-EE37-47D6-99E1-2EB05A3DA3F7}) (Version: 6.18.106 - Skype Technologies S.A.)
Source Filmmaker (HKLM-x32\...\Steam App 1840) (Version:  - Valve)
Spiral Knights (HKLM-x32\...\Steam App 99900) (Version:  - Three Rings)
Steam (HKLM-x32\...\Steam) (Version:  - Valve Corporation)
swMSM (x32 Version: 12.0.0.1 - Adobe Systems, Inc) Hidden
System Requirements Lab (HKLM-x32\...\SystemRequirementsLab) (Version:  - )
TEdit 3 (HKLM-x32\...\{2DA51958-95C0-4755-A993-79FC137E7DB8}) (Version: 3.5.14060.0 - BinaryConstruct)
Tenda Wireless LAN Card (HKLM-x32\...\{192BCCC6-C47B-4473-B187-5164185A413C}) (Version: 1.0.0.0 - Tenda)
Terraria (HKLM-x32\...\Steam App 105600) (Version:  - Re-Logic)
tools-freebsd (x32 Version: 9.6.2.1895310 - VMware, Inc.) Hidden
tools-linux (x32 Version: 9.6.2.1895310 - VMware, Inc.) Hidden
tools-netware (x32 Version: 9.6.2.1895310 - VMware, Inc.) Hidden
tools-solaris (x32 Version: 9.6.2.1895310 - VMware, Inc.) Hidden
tools-windows (x32 Version: 9.6.2.1895310 - VMware, Inc.) Hidden
tools-winPre2k (x32 Version: 9.6.2.1895310 - VMware, Inc.) Hidden
Unity Web Player (HKCU\...\UnityWebPlayer) (Version:  - Unity Technologies ApS)
Ventrilo Client for Windows x64 (HKLM\...\{EEB3F6BB-318D-4CE5-989F-8191FCBFB578}) (Version: 3.0.5.0 - Flagship Industries, Inc.)
Visual C++ 8.0 Runtime Setup Package (x64) (HKLM-x32\...\{2FDBBCEA-62DB-45F4-B6E5-0E1FB2A1F29D}) (Version: 9.0.0.623 - AVG Technologies CZ, s.r.o.)
Visual Studio 2008 x64 Redistributables (HKLM-x32\...\{FCDBEA60-79F0-4FAE-BBA8-55A26C609A49}) (Version: 10.0.0.2 - AVG Technologies)
Visual Studio 2010 x64 Redistributables (HKLM\...\{21B133D6-5979-47F0-BE1C-F6A6B304693F}) (Version: 13.0.0.1 - AVG Technologies)
Vizzed Retro Game Room (HKLM-x32\...\{6D9F35D2-1D6F-4E17-A79F-991A7BD24AAD}) (Version: 2.0.0 - Vizzed)
VMware Workstation (HKLM-x32\...\VMware_Workstation) (Version: 10.0.3 - VMware, Inc)
VMware Workstation (Version: 10.0.3 - VMware, Inc.) Hidden
WeatherBug (HKLM-x32\...\{8F018A9E-56DE-4A79-A5EF-25F413F1D538}) (Version: 7.0.0.3 - AWS Convergence Technologies)
WinDirStat 1.1.2 (HKCU\...\WinDirStat) (Version:  - )
Windows 7 Codec Pack 2.5.0 (HKLM-x32\...\Windows 7 - Codec Pack) (Version:  - Windows 7 Codec Pack)
Windows Live Communications Platform (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 16.4.3528.0331 - Microsoft Corporation)
Windows Live Essentials (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Windows Live ID Sign-in Assistant (Version: 7.250.4311.0 - Microsoft Corporation) Hidden
Windows Live Installer (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Windows Live Photo Common (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Windows Live PIMT Platform (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Windows Live SOXE (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Windows Live SOXE Definitions (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Windows Live UX Platform (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Windows Live UX Platform Language Pack (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
WinRAR archiver (HKLM-x32\...\WinRAR archiver) (Version:  - )
World of Warcraft (HKLM-x32\...\World of Warcraft) (Version:  - Blizzard Entertainment)

==================== Custom CLSID (selected items): ==========================

(If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)

CustomCLSID: HKU\S-1-5-21-249128142-3472015813-3436885645-1001_Classes\CLSID\{355EC88A-02E2-4547-9DEE-F87426484BD1}\InprocServer32 -> C:\Users\User\AppData\Local\Google\Update\1.3.23.9\psuser_64.dll No File
CustomCLSID: HKU\S-1-5-21-249128142-3472015813-3436885645-1001_Classes\CLSID\{84f4687c-2b46-41e0-9ec5-bd2f181aef08}\InprocServer32 -> C:\Windows\system32\dfshim.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-249128142-3472015813-3436885645-1001_Classes\CLSID\{90B3DFBF-AF6A-4EA0-8899-F332194690F8}\InprocServer32 -> C:\Users\User\AppData\Local\Google\Update\1.3.24.15\psuser_64.dll (Google Inc.)
CustomCLSID: HKU\S-1-5-21-249128142-3472015813-3436885645-1001_Classes\CLSID\{D45F043D-F17F-4e8a-8435-70971D9FA46D}\InprocServer32 -> C:\Program Files\Blender Foundation\Blender\BlendThumb64.dll ()
CustomCLSID: HKU\S-1-5-21-249128142-3472015813-3436885645-1001_Classes\CLSID\{E8CF3E55-F919-49D9-ABC0-948E6CB34B9F}\InprocServer32 -> C:\Users\User\AppData\Local\Google\Update\1.3.24.15\psuser_64.dll (Google Inc.)
CustomCLSID: HKU\S-1-5-21-249128142-3472015813-3436885645-1001_Classes\CLSID\{ec48cb97-8875-493c-8ac2-ded9620ab619}\InprocServer32 -> C:\Windows\system32\dfshim.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-249128142-3472015813-3436885645-1001_Classes\CLSID\{f484ba87-0622-418d-9fc1-94fcf7e5128e}\InprocServer32 -> C:\Windows\system32\dfshim.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-249128142-3472015813-3436885645-1001_Classes\CLSID\{FE498BAB-CB4C-4F88-AC3F-3641AAAF5E9E}\InprocServer32 -> C:\Users\User\AppData\Local\Google\Update\1.3.24.7\psuser_64.dll No File

==================== Restore Points  =========================


==================== Hosts content: ==========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2009-07-13 21:34 - 2014-08-25 09:30 - 00000027 ____A C:\Windows\system32\Drivers\etc\hosts
127.0.0.1       localhost

==================== Scheduled Tasks (whitelisted) =============

(If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.)

Task: {3CB996BD-FFC4-41C6-815B-6A64CA1A3223} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2014-08-25] (Adobe Systems Incorporated)
Task: {A5CB2953-10FB-4DDC-A2C9-0178B279DD3A} - System32\Tasks\Microsoft_Hardware_Launch_IType_exe => C:\Program Files\Microsoft IntelliType Pro\IType.exe [2011-08-10] (Microsoft Corporation)
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe

==================== Loaded Modules (whitelisted) =============

2011-03-30 16:05 - 2011-02-28 17:37 - 00095008 _____ () C:\Windows\System32\Primomonnt.dll
2012-11-02 03:46 - 2014-03-04 08:05 - 00116056 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax64.dll
2014-06-12 17:44 - 2014-06-12 17:44 - 14407384 _____ () C:\Program Files (x86)\VMware\VMware Workstation\vmware-hostd.exe
2014-06-12 18:22 - 2014-06-12 18:22 - 01261272 _____ () C:\Program Files (x86)\VMware\VMware Workstation\libxml2.dll

==================== Alternate Data Streams (whitelisted) =========

(If an entry is included in the fixlist, only the Alternate Data Streams will be removed.)


==================== Safe Mode (whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)


==================== EXE Association (whitelisted) =============

(If an entry is included in the fixlist, the default will be restored. None default entries will be removed.)


==================== MSCONFIG/TASK MANAGER disabled items =========

(Currently there is no automatic fix for this section.)

MSCONFIG\Services: afcdpsrv => 2
MSCONFIG\Services: bthserv => 3
MSCONFIG\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^aiStarter.lnk => C:\Windows\pss\aiStarter.lnk.CommonStartup
MSCONFIG\startupreg: Acronis Scheduler2 Service => "C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedhlp.exe"
MSCONFIG\startupreg: Adobe ARM => "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
MSCONFIG\startupreg: EPSON Stylus Photo RX595 Series => C:\Windows\system32\spool\DRIVERS\x64\3\E_IATICLA.EXE /FU "C:\Windows\TEMP\E_S781B.tmp" /EF "HKCU"
MSCONFIG\startupreg: Google Update => "C:\Users\User\AppData\Local\Google\Update\GoogleUpdate.exe" /c
MSCONFIG\startupreg: itype => "C:\Program Files\Microsoft IntelliType Pro\itype.exe"
MSCONFIG\startupreg: Messenger (Yahoo!) => "C:\PROGRA~2\Yahoo!\Messenger\YahooMessenger.exe" -quiet
MSCONFIG\startupreg: OutfoxTV => C:\Program Files\OutfoxTV\OutfoxTV\DesktopContainer.exe
MSCONFIG\startupreg: Pando Media Booster => C:\Program Files (x86)\Pando Networks\Media Booster\PMB.exe
MSCONFIG\startupreg: TrueImageMonitor.exe => C:\Program Files (x86)\Acronis\TrueImageHome\TrueImageMonitor.exe

==================== Faulty Device Manager Devices =============


==================== Event log errors: =========================

Application errors:
==================
Error: (08/26/2014 03:01:26 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: plugin-container.exe, version: 31.0.0.5310, time stamp: 0x53c75e91
Faulting module name: mozalloc.dll, version: 31.0.0.5310, time stamp: 0x53c72e91
Exception code: 0x80000003
Fault offset: 0x0000141b
Faulting process id: 0x1470
Faulting application start time: 0xplugin-container.exe0
Faulting application path: plugin-container.exe1
Faulting module path: plugin-container.exe2
Report Id: plugin-container.exe3

Error: (08/26/2014 08:07:10 AM) (Source: Application Hang) (EventID: 1002) (User: )
Description: The program regedit.exe version 6.1.7600.16385 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Action Center control panel.

Process ID: b00

Start Time: 01cfc12e54fbacb0

Termination Time: 0

Application Path: C:\Windows\regedit.exe

Report Id: d9808a01-2d21-11e4-9243-90fba624d4c7

Error: (08/24/2014 06:41:51 PM) (Source: SideBySide) (EventID: 80) (User: )
Description: Activation context generation failed for "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1".Error in manifest or policy file "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" on line C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3.
A component version required by the application conflicts with another component version already active.
Conflicting components are:.
Component 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Component 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.

Error: (08/24/2014 01:17:42 AM) (Source: SideBySide) (EventID: 80) (User: )
Description: Activation context generation failed for "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1".Error in manifest or policy file "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" on line C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3.
A component version required by the application conflicts with another component version already active.
Conflicting components are:.
Component 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Component 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.

Error: (08/18/2014 07:18:20 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: The program hammer.exe version 0.0.0.0 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Action Center control panel.

Process ID: 398

Start Time: 01cfbb42f52f6f60

Termination Time: 338

Application Path: C:\Program Files (x86)\Steam\steamapps\common\SourceFilmmaker\game\bin\hammer.exe

Report Id: 3faafff1-2736-11e4-b226-90fba624d4c7

Error: (08/18/2014 00:17:15 AM) (Source: SideBySide) (EventID: 80) (User: )
Description: Activation context generation failed for "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1".Error in manifest or policy file "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" on line C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3.
A component version required by the application conflicts with another component version already active.
Conflicting components are:.
Component 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Component 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.

Error: (08/17/2014 08:32:04 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: The program plugin-container.exe version 31.0.0.5310 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Action Center control panel.

Process ID: 159c

Start Time: 01cfba8410cc1f80

Termination Time: 6

Application Path: C:\Program Files (x86)\Mozilla Firefox\plugin-container.exe

Report Id:

Error: (08/11/2014 07:41:45 PM) (Source: SideBySide) (EventID: 80) (User: )
Description: Activation context generation failed for "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1".Error in manifest or policy file "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" on line C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3.
A component version required by the application conflicts with another component version already active.
Conflicting components are:.
Component 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Component 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.

Error: (08/11/2014 03:23:23 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: Skype.exe, version: 6.18.0.106, time stamp: 0x53d13f6d
Faulting module name: Skype.exe, version: 6.18.0.106, time stamp: 0x53d13f6d
Exception code: 0xc0000094
Fault offset: 0x00bdaf9b
Faulting process id: 0x158c
Faulting application start time: 0xSkype.exe0
Faulting application path: Skype.exe1
Faulting module path: Skype.exe2
Report Id: Skype.exe3

Error: (08/10/2014 00:09:39 AM) (Source: Application Hang) (EventID: 1002) (User: )
Description: The program Wow-64.exe version 5.4.8.18414 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Action Center control panel.

Process ID: 1d94

Start Time: 01cfb422ed337530

Termination Time: 12049

Application Path: E:\World of Warcraft\Wow-64.exe

Report Id: 3e60d431-204c-11e4-9e60-90fba624d4c7


System errors:
=============
Error: (08/26/2014 08:01:54 AM) (Source: Service Control Manager) (EventID: 7026) (User: )
Description: The following boot-start or system-start driver(s) failed to load:
cdrom

Error: (08/26/2014 07:59:29 AM) (Source: Service Control Manager) (EventID: 7006) (User: )
Description: The ScRegSetValueExW call failed for FailureActions with the following error:
%%5

Error: (08/25/2014 09:30:54 AM) (Source: Service Control Manager) (EventID: 7030) (User: )
Description: The PEVSystemStart service is marked as an interactive service.  However, the system is configured to not allow interactive services.  This service may not function properly.

Error: (08/25/2014 09:30:08 AM) (Source: Application Popup) (EventID: 1060) (User: )
Description: \??\C:\ComboFix\catchme.sys has been blocked from loading due to incompatibility with this system. Please contact your software vendor for a compatible version of the driver.

Error: (08/25/2014 09:27:02 AM) (Source: Service Control Manager) (EventID: 7030) (User: )
Description: The PEVSystemStart service is marked as an interactive service.  However, the system is configured to not allow interactive services.  This service may not function properly.

Error: (08/24/2014 06:32:03 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: The Adobe Acrobat Update Service service terminated unexpectedly.  It has done this 1 time(s).

Error: (08/24/2014 06:29:21 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: The NVIDIA Stereoscopic 3D Driver Service service terminated unexpectedly.  It has done this 1 time(s).

Error: (08/19/2014 06:53:25 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The Steam Client Service service failed to start due to the following error:
%%1053

Error: (08/19/2014 06:53:25 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: A timeout was reached (30000 milliseconds) while waiting for the Steam Client Service service to connect.

Error: (08/15/2014 07:28:39 PM) (Source: DCOM) (EventID: 10010) (User: )
Description: {752073A1-23F2-4396-85F0-8FDB879ED0ED}


Microsoft Office Sessions:
=========================
Error: (08/26/2014 03:01:26 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: plugin-container.exe31.0.0.531053c75e91mozalloc.dll31.0.0.531053c72e91800000030000141b147001cfc1686f4d4ff8C:\Program Files (x86)\Mozilla Firefox\plugin-container.exeC:\Program Files (x86)\Mozilla Firefox\mozalloc.dllc21daca0-2d5b-11e4-9243-005056c00008

Error: (08/26/2014 08:07:10 AM) (Source: Application Hang) (EventID: 1002) (User: )
Description: regedit.exe6.1.7600.16385b0001cfc12e54fbacb00C:\Windows\regedit.exed9808a01-2d21-11e4-9243-90fba624d4c7

Error: (08/24/2014 06:41:51 PM) (Source: SideBySide) (EventID: 80) (User: )
Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifestC:\Users\User\Downloads\esetsmartinstaller_enu.exe

Error: (08/24/2014 01:17:42 AM) (Source: SideBySide) (EventID: 80) (User: )
Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifestc:\Users\User\downloads\esetsmartinstaller_enu.exe

Error: (08/18/2014 07:18:20 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: hammer.exe0.0.0.039801cfbb42f52f6f60338C:\Program Files (x86)\Steam\steamapps\common\SourceFilmmaker\game\bin\hammer.exe3faafff1-2736-11e4-b226-90fba624d4c7

Error: (08/18/2014 00:17:15 AM) (Source: SideBySide) (EventID: 80) (User: )
Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifestc:\Users\User\downloads\esetsmartinstaller_enu.exe

Error: (08/17/2014 08:32:04 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: plugin-container.exe31.0.0.5310159c01cfba8410cc1f806C:\Program Files (x86)\Mozilla Firefox\plugin-container.exe

Error: (08/11/2014 07:41:45 PM) (Source: SideBySide) (EventID: 80) (User: )
Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifestC:\Users\User\Downloads\esetsmartinstaller_enu.exe

Error: (08/11/2014 03:23:23 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Skype.exe6.18.0.10653d13f6dSkype.exe6.18.0.10653d13f6dc000009400bdaf9b158c01cfb594a82e7d40C:\Program Files (x86)\Skype\Phone\Skype.exeC:\Program Files (x86)\Skype\Phone\Skype.exe56cfa510-2195-11e4-9e60-90fba624d4c7

Error: (08/10/2014 00:09:39 AM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Wow-64.exe5.4.8.184141d9401cfb422ed33753012049E:\World of Warcraft\Wow-64.exe3e60d431-204c-11e4-9e60-90fba624d4c7


CodeIntegrity Errors:
===================================
  Date: 2014-08-25 09:30:08.030
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\ComboFix\catchme.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

  Date: 2014-08-25 09:30:07.546
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\ComboFix\catchme.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.


==================== Memory info ===========================

Processor: AMD Athlon 7550 Dual-Core Processor
Percentage of memory in use: 40%
Total physical RAM: 2046.49 MB
Available physical RAM: 1211.23 MB
Total Pagefile: 4092.98 MB
Available Pagefile: 2409.83 MB
Total Virtual: 8192 MB
Available Virtual: 8191.84 MB

==================== Drives ================================

Drive c: (Sys) (Fixed) (Total:118.55 GB) (Free:13.45 GB) NTFS
Drive d: (Data) (Fixed) (Total:41.96 GB) (Free:37.61 GB) NTFS
Drive e: (Ent) (Fixed) (Total:137.48 GB) (Free:99.05 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 298.1 GB) (Disk ID: 146E9FFB)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=118.5 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=42 GB) - (Type=07 NTFS)
Partition 4: (Not Active) - (Size=137.5 GB) - (Type=OF Extended)

==================== End Of Log ============================

Link to post
Share on other sites

  • Root Admin

Try uninstalling AVG antivirus at least temporarily for now and then try installing either Avira or Avast from below and see if that makes any difference or not.

 

http://filehippo.com/download_avira

 

http://filehippo.com/download_avast_antivirus/

 

Then let me know.

Link to post
Share on other sites

  • 2 months later...
Guest
This topic is now closed to further replies.
  • Recently Browsing   0 members

    • No registered users viewing this page.
Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.