Jump to content

REGSVCS.exe VIRUS

walia6

By walia6
in Resolved Malware Removal Logs

 Share

Recommended Posts

walia6

walia6

Posted
Posted

I have no idea where this program is on my computer, I just know that it needs to go, i accidently installed the virus 2 days ago, it blocks of google chrome, malware antibites and a wholer bunch of other stuff I bet.

Please tell me how I can help you help me on removing this malware.

Link to post
Share on other sites
walia6

walia6

Posted
  • Author
Posted
Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 05-08-2014

Ran by Andre (administrator) on -THE_BEST_EVER- on 07-08-2014 18:23:57

Running from E:\

Platform: Windows 7 Home Premium Service Pack 1 (X64) OS Language: English (United States)

Internet Explorer Version 9

Boot Mode: Normal

 

The only official download link for FRST:



Download link from any site other than Bleeping Computer is unpermitted or outdated.


 

==================== Processes (Whitelisted) =================

 

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

 

(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe

(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe

(Logitech Inc.) C:\Program Files (x86)\Common Files\logishrd\LVMVFM\UMVPFSrv.exe

(Creative Technology Ltd) C:\Program Files (x86)\Creative\Shared Files\CTAudSvc.exe

(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe

(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe

(Microsoft Corporation) C:\Windows\System32\wlanext.exe

(Microsoft Corporation) C:\Windows\System32\rundll32.exe

(Microsoft Corporation) C:\Windows\SysWOW64\rundll32.exe

(Adobe Systems Incorporated) C:\Program Files (x86)\Adobe\Elements 10 Organizer\PhotoshopElementsFileAgent.exe

(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe

(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe

(Intel Corporation) C:\Program Files (x86)\Intel\Bluetooth\devmonsrv.exe

(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe

(BlueStack Systems, Inc.) C:\Program Files (x86)\BlueStacks\HD-LogRotatorService.exe

(BlueStack Systems, Inc.) C:\Program Files (x86)\BlueStacks\HD-UpdaterService.exe

(Microsoft Corporation) C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe

(Microsoft Corporation) C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe

(Creative Technology Ltd) C:\Windows\SysWOW64\CtHdaSvc.exe

(Intel® Corporation) C:\Program Files\Intel\WiFi\bin\EvtEng.exe

(Freemake) C:\Program Files (x86)\Freemake\CaptureLib\CaptureLibService.exe

(LogMeIn, Inc.) C:\Program Files (x86)\LogMeIn\x64\LogMeInSystray.exe

(PC Utilities Pro) C:\Program Files (x86)\Optimizer Pro\OptProSmartScan.exe

(PC Utilities Pro) C:\Program Files (x86)\Optimizer Pro\OptProReminder.exe

(Curse) C:\Users\Andre\AppData\Local\Apps\2.0\PXG7Q190.YP7\NXTGM6Q8.C21\curs..tion_9e9e83ddf3ed3ead_0005.0001_36a9b6290e21932c\CurseClient.exe

(Intel® Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe

(http://tortoisesvn.net) C:\Program Files\TortoiseSVN\bin\TSVNCache.exe

(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\Jhi_service.exe

(LogMeIn, Inc.) C:\Program Files (x86)\LogMeIn\x64\LMIGuardianSvc.exe

(LogMeIn, Inc.) C:\Program Files (x86)\LogMeIn\x64\ramaint.exe

() C:\Program Files (x86)\LPT\srpts.exe

() C:\Program Files\MySQL\MySQL Server 5.5\bin\mysqld.exe

() C:\Windows\SysWOW64\PnkBstrA.exe

(Intel® Corporation) C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe

(Google Inc.) C:\Users\Andre\AppData\Local\Google\Chrome\Application\old_chrome.exe

(Razer Inc.) C:\Program Files (x86)\Razer\Razer Game Booster\RzKLService.exe

(SafeNet, Inc.) C:\Program Files (x86)\Common Files\SafeNet Sentinel\Sentinel Keys Server\sntlkeyssrvr.exe

(SafeNet, Inc) C:\Program Files (x86)\Common Files\SafeNet Sentinel\Sentinel Protection Server\WinNT\spnsrvnt.exe

(SafeNet, Inc.) C:\Program Files (x86)\Common Files\SafeNet Sentinel\Sentinel Security Runtime\sntlsrtsrvr.exe

(SoftThinks SAS) C:\Program Files (x86)\AlienRespawn\SftService.exe

(Google Inc.) C:\Users\Andre\AppData\Local\Google\Chrome\Application\old_chrome.exe

(SoftThinks - Dell) C:\Program Files (x86)\AlienRespawn\Components\DSUpdate\DSUpd.exe

(SpeedBit Ltd.) C:\Program Files (x86)\SpeedBit Video Accelerator\VideoAcceleratorService.exe

(SoftThinks - Dell) C:\Program Files (x86)\AlienRespawn\Toaster.exe

(Google Inc.) C:\Users\Andre\AppData\Local\Google\Chrome\Application\old_chrome.exe

(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE

() C:\Program Files (x86)\AlienRespawn\Components\Scheduler\STService.exe

(Intel Corporation) C:\Program Files (x86)\Intel\Bluetooth\obexsrv.exe

(Google Inc.) C:\Users\Andre\AppData\Local\Google\Chrome\Application\old_chrome.exe

(Google Inc.) C:\Users\Andre\AppData\Local\Google\Chrome\Application\old_chrome.exe

(Google Inc.) C:\Users\Andre\AppData\Local\Google\Chrome\Application\old_chrome.exe

(Google Inc.) C:\Users\Andre\AppData\Local\Google\Chrome\Application\old_chrome.exe

(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE

(LogMeIn, Inc.) C:\Program Files (x86)\LogMeIn\x64\LogMeIn.exe

(Google Inc.) C:\Users\Andre\AppData\Local\Google\Chrome\Application\old_chrome.exe

(Google Inc.) C:\Users\Andre\AppData\Local\Google\Chrome\Application\old_chrome.exe

() C:\Users\Andre\AppData\Local\LPT\srptm.exe

(Alienware) C:\Program Files\Alienware\Command Center\AlienFusionService.exe

(Intel Corporation) C:\Program Files\Intel\BluetoothHS\BTHSAmpPalService.exe

(Intel® Corporation) C:\Program Files\Intel\BluetoothHS\BTHSSecurityMgr.exe

(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.22.3\GoogleCrashHandler.exe

(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe

(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.22.3\GoogleCrashHandler64.exe

(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe

(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe

(Alienware) C:\Program Files\Alienware\Command Center\AlienFusionController.exe

(Google Inc.) C:\Users\Andre\AppData\Local\Google\Chrome\Application\old_chrome.exe

(Google Inc.) C:\Users\Andre\AppData\Local\Google\Chrome\Application\old_chrome.exe

(Google Inc.) C:\Users\Andre\AppData\Local\Google\Chrome\Application\old_chrome.exe

(Skype Technologies S.A.) C:\Program Files (x86)\Skype\Phone\Skype.exe

(Google Inc.) C:\Users\Andre\AppData\Local\Google\Chrome\Application\old_chrome.exe

(Google Inc.) C:\Users\Andre\AppData\Local\Google\Chrome\Application\old_chrome.exe

(Google Inc.) C:\Users\Andre\AppData\Local\Google\Chrome\Application\old_chrome.exe

(Google Inc.) C:\Users\Andre\AppData\Local\Google\Chrome\Application\old_chrome.exe

(Google Inc.) C:\Users\Andre\AppData\Local\Google\Chrome\Application\old_chrome.exe

(Google Inc.) C:\Users\Andre\AppData\Local\Google\Chrome\Application\old_chrome.exe

(Microsoft Corporation) C:\Windows\System32\wbem\WMIADAP.exe

 

 

==================== Registry (Whitelisted) ==================

 

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

 

HKLM\...\Run: [] => [X]

HKLM\...\Run: [LogMeIn GUI] => C:\Program Files (x86)\LogMeIn\x64\LogMeInSystray.exe [57928 2012-04-02] (LogMeIn, Inc.)

Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)

HKU\S-1-5-21-1126745806-3093530448-7569978-1001\...\Run: [Optimizer Pro] => C:\Program Files (x86)\Optimizer Pro\OptProLauncher.exe [81912 2012-01-02] (PC Utilities Pro)

HKU\S-1-5-21-1126745806-3093530448-7569978-1001\...\Policies\system: [LogonHoursAction] 2

HKU\S-1-5-21-1126745806-3093530448-7569978-1001\...\Policies\system: [DontDisplayLogonHoursWarnings] 1

HKU\S-1-5-21-1126745806-3093530448-7569978-1001\...\Winlogon: [shell] explorer.exe,"C:\Windows\Microsoft.NET\Framework\v2.0.50727\RegSvcs.exe" <==== ATTENTION 

AppInit_DLLs: c:\windows\system32\nvinitx.dll => c:\windows\system32\nvinitx.dll [260928 2012-03-25] (NVIDIA Corporation)

AppInit_DLLs:  C:\PROGRA~3\ASSIST~1\ASSIST~2.DLL => C:\ProgramData\Assistant\Assistant_x64.dll [4395520 2014-03-30] ()

AppInit_DLLs-x32: c:\windows\syswow64\nvinit.dll => c:\windows\syswow64\nvinit.dll [215360 2012-03-25] (NVIDIA Corporation)

AppInit_DLLs-x32:  c:\progra~3\assist~1\assist~1.dll => c:\ProgramData\Assistant\Assistant.dll [4221952 2014-03-30] ()

IFEO\AvastSvc.exe: [Debugger] nqij.exe

IFEO\AvastUI.exe: [Debugger] nqij.exe

IFEO\avcenter.exe: [Debugger] nqij.exe

IFEO\avconfig.exe: [Debugger] nqij.exe

IFEO\avgcsrvx.exe: [Debugger] nqij.exe

IFEO\avgidsagent.exe: [Debugger] nqij.exe

IFEO\avgnt.exe: [Debugger] nqij.exe

IFEO\avgrsx.exe: [Debugger] nqij.exe

IFEO\avguard.exe: [Debugger] nqij.exe

IFEO\avgui.exe: [Debugger] nqij.exe

IFEO\avgwdsvc.exe: [Debugger] nqij.exe

IFEO\avp.exe: [Debugger] nqij.exe

IFEO\avscan.exe: [Debugger] nqij.exe

IFEO\bdagent.exe: [Debugger] nqij.exe

IFEO\blindman.exe: [Debugger] nqij.exe

IFEO\ccuac.exe: [Debugger] nqij.exe

IFEO\ComboFix.exe: [Debugger] nqij.exe

IFEO\egui.exe: [Debugger] nqij.exe

IFEO\hijackthis.exe: [Debugger] nqij.exe

IFEO\instup.exe: [Debugger] nqij.exe

IFEO\keyscrambler.exe: [Debugger] nqij.exe

IFEO\mbam.exe: [Debugger] nqij.exe

IFEO\mbamgui.exe: [Debugger] nqij.exe

IFEO\mbampt.exe: [Debugger] nqij.exe

IFEO\mbamscheduler.exe: [Debugger] nqij.exe

IFEO\mbamservice.exe: [Debugger] nqij.exe

IFEO\MpCmdRun.exe: [Debugger] nqij.exe

IFEO\MSASCui.exe: [Debugger] nqij.exe

IFEO\MsMpEng.exe: [Debugger] nqij.exe

IFEO\msseces.exe: [Debugger] nqij.exe

IFEO\NisSrv.exe: [Debugger] nqij.exe

IFEO\rstrui.exe: [Debugger] nqij.exe

IFEO\SDFiles.exe: [Debugger] nqij.exe

IFEO\SDMain.exe: [Debugger] nqij.exe

IFEO\SDWinSec.exe: [Debugger] nqij.exe

IFEO\spybotsd.exe: [Debugger] nqij.exe

IFEO\wireshark.exe: [Debugger] nqij.exe

IFEO\zlclient.exe: [Debugger] nqij.exe

Startup: C:\Users\Andre\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\CurseClientStartup.ccip ()

SSODL: EldosMountNotificator - {5FF49FE8-B332-4CB9-B102-FB6951629E55} - C:\Windows\system32\CbFsMntNtf3.dll (EldoS Corporation)

SSODL-x32: EldosMountNotificator - {5FF49FE8-B332-4CB9-B102-FB6951629E55} - C:\Windows\SysWOW64\CbFsMntNtf3.dll (EldoS Corporation)

ShellIconOverlayIdentifiers:  AccExtIco1 -> {AB9CF9F8-8A96-4F9D-BF21-CE85714C3A47} => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSync\CoreSync_v_1_1_0_x64.dll ()

ShellIconOverlayIdentifiers:  AccExtIco2 -> {853B7E05-C47D-4985-909A-D0DC5C6D7303} => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSync\CoreSync_v_1_1_0_x64.dll ()

ShellIconOverlayIdentifiers:  AccExtIco3 -> {42D38F2E-98E9-4382-B546-E24E4D6D04BB} => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSync\CoreSync_v_1_1_0_x64.dll ()

ShellIconOverlayIdentifiers:  SkyDrive1 -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => C:\Users\Andre\AppData\Local\Microsoft\SkyDrive\16.4.6013.0910\amd64\SkyDriveShell64.dll (Microsoft Corporation)

ShellIconOverlayIdentifiers:  SkyDrive2 -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => C:\Users\Andre\AppData\Local\Microsoft\SkyDrive\16.4.6013.0910\amd64\SkyDriveShell64.dll (Microsoft Corporation)

ShellIconOverlayIdentifiers:  SkyDrive3 -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => C:\Users\Andre\AppData\Local\Microsoft\SkyDrive\16.4.6013.0910\amd64\SkyDriveShell64.dll (Microsoft Corporation)

ShellIconOverlayIdentifiers: 1TortoiseNormal -> {C5994560-53D9-4125-87C9-F193FC689CB2} => C:\Program Files\Common Files\TortoiseOverlays\TortoiseOverlays.dll (http://tortoisesvn.net)

ShellIconOverlayIdentifiers: 2TortoiseModified -> {C5994561-53D9-4125-87C9-F193FC689CB2} => C:\Program Files\Common Files\TortoiseOverlays\TortoiseOverlays.dll (http://tortoisesvn.net)

ShellIconOverlayIdentifiers: 3TortoiseConflict -> {C5994562-53D9-4125-87C9-F193FC689CB2} => C:\Program Files\Common Files\TortoiseOverlays\TortoiseOverlays.dll (http://tortoisesvn.net)

ShellIconOverlayIdentifiers: 4TortoiseLocked -> {C5994563-53D9-4125-87C9-F193FC689CB2} => C:\Program Files\Common Files\TortoiseOverlays\TortoiseOverlays.dll (http://tortoisesvn.net)

ShellIconOverlayIdentifiers: 5TortoiseReadOnly -> {C5994564-53D9-4125-87C9-F193FC689CB2} => C:\Program Files\Common Files\TortoiseOverlays\TortoiseOverlays.dll (http://tortoisesvn.net)

ShellIconOverlayIdentifiers: 6TortoiseDeleted -> {C5994565-53D9-4125-87C9-F193FC689CB2} => C:\Program Files\Common Files\TortoiseOverlays\TortoiseOverlays.dll (http://tortoisesvn.net)

ShellIconOverlayIdentifiers: 7TortoiseAdded -> {C5994566-53D9-4125-87C9-F193FC689CB2} => C:\Program Files\Common Files\TortoiseOverlays\TortoiseOverlays.dll (http://tortoisesvn.net)

ShellIconOverlayIdentifiers: 8TortoiseIgnored -> {C5994567-53D9-4125-87C9-F193FC689CB2} => C:\Program Files\Common Files\TortoiseOverlays\TortoiseOverlays.dll (http://tortoisesvn.net)

ShellIconOverlayIdentifiers: 9TortoiseUnversioned -> {C5994568-53D9-4125-87C9-F193FC689CB2} => C:\Program Files\Common Files\TortoiseOverlays\TortoiseOverlays.dll (http://tortoisesvn.net)

ShellIconOverlayIdentifiers: DropboxExt1 -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Andre\AppData\Roaming\Dropbox\bin\DropboxExt64.22.dll (Dropbox, Inc.)

ShellIconOverlayIdentifiers: DropboxExt2 -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Andre\AppData\Roaming\Dropbox\bin\DropboxExt64.22.dll (Dropbox, Inc.)

ShellIconOverlayIdentifiers: DropboxExt3 -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Andre\AppData\Roaming\Dropbox\bin\DropboxExt64.22.dll (Dropbox, Inc.)

ShellIconOverlayIdentifiers: DropboxExt4 -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Andre\AppData\Roaming\Dropbox\bin\DropboxExt64.22.dll (Dropbox, Inc.)

ShellIconOverlayIdentifiers: EldosIconOverlay -> {5BB532A2-BF14-4CCC-86B7-71B81EF6F8BC} => C:\Windows\system32\CbFsMntNtf3.dll (EldoS Corporation)

ShellIconOverlayIdentifiers-x32:  SkyDrive1 -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => C:\Users\Andre\AppData\Local\Microsoft\SkyDrive\16.4.6013.0910\SkyDriveShell.dll (Microsoft Corporation)

ShellIconOverlayIdentifiers-x32:  SkyDrive2 -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => C:\Users\Andre\AppData\Local\Microsoft\SkyDrive\16.4.6013.0910\SkyDriveShell.dll (Microsoft Corporation)

ShellIconOverlayIdentifiers-x32:  SkyDrive3 -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => C:\Users\Andre\AppData\Local\Microsoft\SkyDrive\16.4.6013.0910\SkyDriveShell.dll (Microsoft Corporation)

ShellIconOverlayIdentifiers-x32: 1TortoiseNormal -> {C5994560-53D9-4125-87C9-F193FC689CB2} => C:\Program Files (x86)\Common Files\TortoiseOverlays\TortoiseOverlays.dll (http://tortoisesvn.net)

ShellIconOverlayIdentifiers-x32: 2TortoiseModified -> {C5994561-53D9-4125-87C9-F193FC689CB2} => C:\Program Files (x86)\Common Files\TortoiseOverlays\TortoiseOverlays.dll (http://tortoisesvn.net)

ShellIconOverlayIdentifiers-x32: 3TortoiseConflict -> {C5994562-53D9-4125-87C9-F193FC689CB2} => C:\Program Files (x86)\Common Files\TortoiseOverlays\TortoiseOverlays.dll (http://tortoisesvn.net)

ShellIconOverlayIdentifiers-x32: 4TortoiseLocked -> {C5994563-53D9-4125-87C9-F193FC689CB2} => C:\Program Files (x86)\Common Files\TortoiseOverlays\TortoiseOverlays.dll (http://tortoisesvn.net)

ShellIconOverlayIdentifiers-x32: 5TortoiseReadOnly -> {C5994564-53D9-4125-87C9-F193FC689CB2} => C:\Program Files (x86)\Common Files\TortoiseOverlays\TortoiseOverlays.dll (http://tortoisesvn.net)

ShellIconOverlayIdentifiers-x32: 6TortoiseDeleted -> {C5994565-53D9-4125-87C9-F193FC689CB2} => C:\Program Files (x86)\Common Files\TortoiseOverlays\TortoiseOverlays.dll (http://tortoisesvn.net)

ShellIconOverlayIdentifiers-x32: 7TortoiseAdded -> {C5994566-53D9-4125-87C9-F193FC689CB2} => C:\Program Files (x86)\Common Files\TortoiseOverlays\TortoiseOverlays.dll (http://tortoisesvn.net)

ShellIconOverlayIdentifiers-x32: 8TortoiseIgnored -> {C5994567-53D9-4125-87C9-F193FC689CB2} => C:\Program Files (x86)\Common Files\TortoiseOverlays\TortoiseOverlays.dll (http://tortoisesvn.net)

ShellIconOverlayIdentifiers-x32: 9TortoiseUnversioned -> {C5994568-53D9-4125-87C9-F193FC689CB2} => C:\Program Files (x86)\Common Files\TortoiseOverlays\TortoiseOverlays.dll (http://tortoisesvn.net)

ShellIconOverlayIdentifiers-x32: DropboxExt1 -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Andre\AppData\Roaming\Dropbox\bin\DropboxExt.22.dll (Dropbox, Inc.)

ShellIconOverlayIdentifiers-x32: DropboxExt2 -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Andre\AppData\Roaming\Dropbox\bin\DropboxExt.22.dll (Dropbox, Inc.)

ShellIconOverlayIdentifiers-x32: DropboxExt3 -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Andre\AppData\Roaming\Dropbox\bin\DropboxExt.22.dll (Dropbox, Inc.)

ShellIconOverlayIdentifiers-x32: DropboxExt4 -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Andre\AppData\Roaming\Dropbox\bin\DropboxExt.22.dll (Dropbox, Inc.)

ShellIconOverlayIdentifiers-x32: EldosIconOverlay -> {5BB532A2-BF14-4CCC-86B7-71B81EF6F8BC} => C:\Windows\SysWOW64\CbFsMntNtf3.dll (EldoS Corporation)

GroupPolicy: Group Policy on Chrome detected <======= ATTENTION

GroupPolicyUsers\S-1-5-21-1126745806-3093530448-7569978-1000\User: Group Policy restriction detected <======= ATTENTION

 

==================== Internet (Whitelisted) ====================

 

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

 

ProxyServer:




HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://AlienwareArena.com

HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://searchy.easylifeapp.com/

HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = http://AlienwareArena.com

HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = http://AlienwareArena.com

HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Secondary Start Pages = 

StartMenuInternet: IEXPLORE.EXE - C:\Program Files (x86)\Internet Explorer\iexplore.exe





SearchScopes: HKCU - DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 


BHO: greaatsaver -> {1DA6681B-A5A8-5914-3AC7-956981B7A907} -> C:\Program Files (x86)\greaatsaver\v8hYu.x64.dll No File

BHO: SmartbarInternetExplorerBHOEngine -> {31ad400d-1b06-4e33-a59a-90c2c140cba0} -> C:\Windows\system32\mscoree.dll (Microsoft Corporation)

BHO: No Name -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} ->  No File

BHO: DigiSaver -> {32C7CEDA-CB8B-3E5F-39EE-424868841A59} -> C:\ProgramData\DigiSaver\KZX.x64.dll ()

BHO: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation)

BHO: BBITSaver -> {75420E1A-EA44-E9E1-8CBE-91ABFEA85A95} -> C:\ProgramData\BBITSaver\K.x64.dll ()

BHO: Java Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)

BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)

BHO: TidyNetwork -> {A5BFBCA7-BB24-32B8-DDD9-C297FF1DF128} -> C:\Program Files (x86)\TidyNetwork\petn64.dll ()

BHO: DDiscouuntEaxteNsi -> {AB4AB13C-341D-D7B8-CBDF-4D46C2624E5F} -> C:\ProgramData\DDiscouuntEaxteNsi\fJ.x64.dll ()

BHO: ReaguLaarDeals -> {AC8510C9-E032-CE40-D602-7DAC54049F07} -> C:\ProgramData\ReaguLaarDeals\HGBu8WEX.x64.dll ()

BHO: Skype Click to Call for Internet Explorer -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll (Microsoft Corporation)

BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)

BHO: No Name -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} ->  No File

BHO: Greattsaver -> {D343E8E3-B418-E1BE-D712-8FB10F7F4030} -> C:\Program Files (x86)\Greattsaver\cEV8YKpEgS.x64.dll No File

BHO: Java Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)

BHO: ShopuDrop -> {FBD99D9E-C256-47EF-03D5-5364990CB346} -> C:\ProgramData\ShopuDrop\Tkh.x64.dll ()

BHO-x32: No Name -> {0E1230F8-EA50-42A9-983C-D22ABC2EED3B} ->  No File

BHO-x32: Adobe PDF Link Helper -> {18DF081C-E8AD-4283-A596-FA578C2EBDC3} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll (Adobe Systems Incorporated)

BHO-x32: greaatsaver -> {1DA6681B-A5A8-5914-3AC7-956981B7A907} -> C:\Program Files (x86)\greaatsaver\v8hYu.dll No File

BHO-x32: SmartbarInternetExplorerBHOEngine -> {31ad400d-1b06-4e33-a59a-90c2c140cba0} -> C:\Windows\SysWOW64\mscoree.dll (Microsoft Corporation)

BHO-x32: DigiSaver -> {32C7CEDA-CB8B-3E5F-39EE-424868841A59} -> C:\ProgramData\DigiSaver\KZX.dll ()

BHO-x32: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files (x86)\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation)

BHO-x32: BBITSaver -> {75420E1A-EA44-E9E1-8CBE-91ABFEA85A95} -> C:\ProgramData\BBITSaver\K.dll ()

BHO-x32: Java Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)

BHO-x32: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)

BHO-x32: TidyNetwork -> {A5BFBCA7-BB24-32B8-DDD9-C297FF1DF128} -> C:\Program Files (x86)\TidyNetwork\petn.dll ()

BHO-x32: DDiscouuntEaxteNsi -> {AB4AB13C-341D-D7B8-CBDF-4D46C2624E5F} -> C:\ProgramData\DDiscouuntEaxteNsi\fJ.dll ()

BHO-x32: ReaguLaarDeals -> {AC8510C9-E032-CE40-D602-7DAC54049F07} -> C:\ProgramData\ReaguLaarDeals\HGBu8WEX.dll ()

BHO-x32: Skype Click to Call for Internet Explorer -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll (Microsoft Corporation)

BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)

BHO-x32: Greattsaver -> {D343E8E3-B418-E1BE-D712-8FB10F7F4030} -> C:\Program Files (x86)\Greattsaver\cEV8YKpEgS.dll No File

BHO-x32: Java Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)

BHO-x32: Freemake.YoutubeButton -> {e9e8eb35-ff77-455d-b677-91e5e4fc06c2} -> C:\Windows\SysWOW64\mscoree.dll (Microsoft Corporation)

BHO-x32: SweetPacks Browser Helper -> {EEE6C35C-6118-11DC-9C72-001320C79847} -> C:\Program Files (x86)\SweetIM\Toolbars\Internet Explorer\mgToolbarIE.dll (SweetIM Technologies Ltd.)

BHO-x32: ShopuDrop -> {FBD99D9E-C256-47EF-03D5-5364990CB346} -> C:\ProgramData\ShopuDrop\Tkh.dll ()

Toolbar: HKLM - SavePass Smartbar - {ae07101b-46d4-4a98-af68-0333ea26e113} - C:\Windows\system32\mscoree.dll (Microsoft Corporation)

Toolbar: HKLM-x32 - SweetPacks Toolbar for Internet Explorer - {EEE6C35B-6118-11DC-9C72-001320C79847} - C:\Program Files (x86)\SweetIM\Toolbars\Internet Explorer\mgToolbarIE.dll (SweetIM Technologies Ltd.)

Toolbar: HKLM-x32 - SavePass Smartbar - {ae07101b-46d4-4a98-af68-0333ea26e113} - C:\Windows\SysWOW64\mscoree.dll (Microsoft Corporation)

Toolbar: HKCU - No Name - {37483B40-C254-4A72-BDA4-22EE90182C1E} -  No File

Handler: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll (Microsoft Corporation)

Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)

Handler-x32: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll (Microsoft Corporation)

Winsock: Catalog9 01 C:\Program Files (x86)\SpeedBit Video Accelerator\SBLSP.dll [168136] (SpeedBit)

Winsock: Catalog9 02 C:\Program Files (x86)\SpeedBit Video Accelerator\SBLSP.dll [168136] (SpeedBit)

Winsock: Catalog9 03 C:\Program Files (x86)\SpeedBit Video Accelerator\SBLSP.dll [168136] (SpeedBit)

Winsock: Catalog9 04 C:\Program Files (x86)\SpeedBit Video Accelerator\SBLSP.dll [168136] (SpeedBit)

Winsock: Catalog9 05 C:\Program Files (x86)\SpeedBit Video Accelerator\SBLSP.dll [168136] (SpeedBit)

Winsock: Catalog9 06 C:\Program Files (x86)\SpeedBit Video Accelerator\SBLSP.dll [168136] (SpeedBit)

Winsock: Catalog9 07 C:\Program Files (x86)\SpeedBit Video Accelerator\SBLSP.dll [168136] (SpeedBit)

Winsock: Catalog9 08 C:\Program Files (x86)\SpeedBit Video Accelerator\SBLSP.dll [168136] (SpeedBit)

Winsock: Catalog9 20 C:\Program Files (x86)\SpeedBit Video Accelerator\SBLSP.dll [168136] (SpeedBit)

Tcpip\Parameters: [DhcpNameServer] 192.168.1.254

 

FireFox:

========

FF ProfilePath: C:\Users\Andre\AppData\Roaming\Mozilla\Firefox\Profiles\coidgl52.default

FF NewTab: hxxp://feed.helperbar.com/?p=mKO_AwFzXIpYRbPPq_NcKDZkQXPy4TZR44LspvC9sb99JtP_8ppO11zBlE0vSwAF7Y427VRNSixQ_aBoKQt8ZzrFdaF6XXC9JlY-3WgTCwzNoF0GxMIn_cziLFHmnZY45xtcEZCP9GPQvnEW51PDqdOHlYzBMfvmweKpAPXqMwBoIE6Fe0NCDtHCymTF

FF DefaultSearchEngine: Web Search

FF SelectedSearchEngine: Web Search

FF Homepage: hxxp://feed.helperbar.com/?p=mKO_AwFzXIpYRbPPq_NcKDZkQXPy4TZR44LspvC9sb99JtP_8ppO11zBlE0vSwAF7Y427VRNSixQ_aBoKQt8ZzrFdaF6XXC9JlY-3WgTCwzNoF0GxMIn_cziLFHmnZAsN-JQb7_yfxbqxx64jqvGdl5qepFWUqRog_R4Qhi-FxBp2tnpFk7Aeqj3FOC_

FF Keyword.URL: hxxp://feed.helperbar.com/?p=mKO_AwFzXIpYRbPPq_NcKDZkQXPy4TZR44LspvC9sb99JtP_8ppO11zBlE0vSwAF7Y427VRNSixQ_aBoKQt8ZzrFdaF6XXC9JlY-3WgTCwzNoF0GxMIn_cziLFHmnZzjdTYLTwyqHyzq_-5Zv-Do8h2z0fYIg2uLT19NbdtAh1v9bD2QJNH_osFCRZI8&q=

FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_13_0_0_214.dll ()

FF Plugin: @java.com/DTPlugin,version=10.10.2 -> C:\Windows\system32\npDeployJava1.dll (Oracle Corporation)

FF Plugin: @java.com/JavaPlugin,version=10.10.2 -> C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)

FF Plugin: @microsoft.com/GENUINE -> disabled No File

FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.20513.0\npctrl.dll ( Microsoft Corporation)

FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~1\MIF5BA~1\Office14\NPAUTHZ.DLL (Microsoft Corporation)

FF Plugin: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect64.dll (Adobe Systems)

FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_13_0_0_214.dll ()

FF Plugin-x32: @Apple.com/iTunes,version=1.0 -> C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()

FF Plugin-x32: @garmin.com/GpsControl -> C:\Program Files (x86)\Garmin GPS Plugin\npGarmin.dll (GARMIN Corp.)

FF Plugin-x32: @Google.com/GoogleEarthPlugin -> C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google)

FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=2.0.59 -> C:\Program Files (x86)\Intel\Intel® Management Engine Components\IPT\npIntelWebAPIIPT.dll (Intel Corporation)

FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel® Management Engine Components\IPT\npIntelWebAPIUpdater.dll (Intel Corporation)

FF Plugin-x32: @java.com/DTPlugin,version=10.21.2 -> C:\Windows\SysWOW64\npDeployJava1.dll (Oracle Corporation)

FF Plugin-x32: @java.com/JavaPlugin,version=10.21.2 -> C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)

FF Plugin-x32: @microsoft.com/GENUINE -> disabled No File

FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.20513.0\npctrl.dll ( Microsoft Corporation)

FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~2\MIF5BA~1\Office14\NPAUTHZ.DLL (Microsoft Corporation)

FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MIF5BA~1\Office14\NPSPWRAP.DLL (Microsoft Corporation)

FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3508.0205 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)

FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)

FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)

FF Plugin-x32: @pandonetworks.com/PandoWebPlugin -> C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks)

FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.22.3\npGoogleUpdate3.dll (Google Inc.)

FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.22.3\npGoogleUpdate3.dll (Google Inc.)

FF Plugin-x32: @wolfram.com/Mathematica -> C:\Program Files (x86)\Common Files\Wolfram Research\Browser\9.0.1.4055459\npmathplugin.dll (Wolfram Research, Inc.)

FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)

FF Plugin-x32: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect32.dll (Adobe Systems)

FF Plugin HKCU: @nsroblox.roblox.com/launcher - C:\Program Files (x86)\Roblox\Versions\version-a21a1def88774149\\NPRobloxProxy.dll ( ROBLOX Corporation)

FF Plugin HKCU: @tools.google.com/Google Update;version=3 - C:\Users\Andre\AppData\Local\Google\Update\1.3.22.3\npGoogleUpdate3.dll (Google Inc.)

FF Plugin HKCU: @tools.google.com/Google Update;version=9 - C:\Users\Andre\AppData\Local\Google\Update\1.3.22.3\npGoogleUpdate3.dll (Google Inc.)

FF Plugin HKCU: @unity3d.com/UnityPlayer,version=1.0 - C:\Users\Andre\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll (Unity Technologies ApS)

FF Plugin HKCU: pandonetworks.com/PandoWebPlugin - C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks)

FF user.js: detected! => C:\Users\Andre\AppData\Roaming\Mozilla\Firefox\Profiles\coidgl52.default\user.js

FF SearchPlugin: C:\Users\Andre\AppData\Roaming\Mozilla\Firefox\Profiles\coidgl52.default\searchplugins\Web Search.xml

FF Extension: ReGualarDEals - C:\Users\Andre\AppData\Roaming\Mozilla\Firefox\Profiles\coidgl52.default\Extensions\kpqo.3aai@zks-eiii.org [2014-07-02]

FF Extension: FunnDEals - C:\Users\Andre\AppData\Roaming\Mozilla\Firefox\Profiles\coidgl52.default\Extensions\v_h@euoauaue.com [2014-06-13]

FF Extension: Adblock Plus - C:\Users\Andre\AppData\Roaming\Mozilla\Firefox\Profiles\coidgl52.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2012-11-18]

FF Extension: Skype Click to Call - C:\Program Files (x86)\Mozilla Firefox\browser\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}.xpi [2014-07-14]

FF HKLM\...\Firefox\Extensions: [{336D0C35-8A85-403a-B9D2-65C292C39087}] - C:\Program Files\Web Assistant\Firefox

FF HKLM\...\Firefox\Extensions: [{FE1DEEEA-DB6D-44b8-83F0-34FC0F9D1052}] - C:\Program Files\Web Assistant\Firefox

FF HKLM-x32\...\Firefox\Extensions: [{336D0C35-8A85-403a-B9D2-65C292C39087}] - C:\Program Files\Web Assistant\Firefox

FF HKLM-x32\...\Firefox\Extensions: [fmdownloader@gmail.com] - C:\Program Files (x86)\Freemake\Freemake Video Downloader\BrowserPlugin\Firefox\fmdownloader@gmail.com

FF Extension: Freemake Video Downloader Plugin - C:\Program Files (x86)\Freemake\Freemake Video Downloader\BrowserPlugin\Firefox\fmdownloader@gmail.com [2012-11-12]

FF HKLM-x32\...\Firefox\Extensions: [ytfmdownloader@gmail.com] - C:\Program Files (x86)\Freemake\Freemake Video Downloader\BrowserPlugin\Firefox\ytfmdownloader@gmail.com

FF Extension: Freemake Youtube Download Button - C:\Program Files (x86)\Freemake\Freemake Video Downloader\BrowserPlugin\Firefox\ytfmdownloader@gmail.com [2012-11-12]

FF HKLM-x32\...\Firefox\Extensions: [{FE1DEEEA-DB6D-44b8-83F0-34FC0F9D1052}] - C:\Program Files\Web Assistant\Firefox

 

Chrome: 

=======

CHR HomePage: hxxp://www.google.com/

CHR StartupUrls: "hxxp://search.conduit.com/?ctid=CT2801948&SearchSource=48", "hxxp://www.searchamong.com/", "hxxp://home.sweetim.com/?st=6&barid={7689942F-62CB-11E2-AD0A-685D43608735}", "hxxp://www.google.com/", "hxxp://searchy.easylifeapp.com/"

CHR NewTab: "chrome-extension://icpgjfneehieebagbmdbhnlpiopdcmna/main.html"

CHR Extension: (Google Docs) - C:\Users\Andre\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2014-07-30]

CHR Extension: (Google Drive) - C:\Users\Andre\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2013-03-19]

CHR Extension: (YouTube) - C:\Users\Andre\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2013-03-19]

CHR Extension: (Adblock Plus) - C:\Users\Andre\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2014-07-31]

CHR Extension: (AdBlock+) - C:\Users\Andre\AppData\Local\Google\Chrome\User Data\Default\Extensions\chmimgmjdabgiilljdjfbonifbhiglao [2014-07-31]

CHR Extension: (Google Search) - C:\Users\Andre\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2013-03-19]

CHR Extension: (Lamborghini Cherry ) - C:\Users\Andre\AppData\Local\Google\Chrome\User Data\Default\Extensions\dkkklbgbfaeockpgbkleblklmcjdbnbj [2014-07-31]

CHR Extension: (WebFilter Pro - The best filtering addon!) - C:\Users\Andre\AppData\Local\Google\Chrome\User Data\Default\Extensions\ejgfoklefkbjadjcgjmnhfbdfjolojnn [2014-07-31]

CHR Extension: (Stylish) - C:\Users\Andre\AppData\Local\Google\Chrome\User Data\Default\Extensions\fjnbnpbmkenffdnngjfgmeleoegfcffe [2014-07-31]

CHR Extension: (AdBlock) - C:\Users\Andre\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2014-07-31]

CHR Extension: (New Tab Redirect) - C:\Users\Andre\AppData\Local\Google\Chrome\User Data\Default\Extensions\icpgjfneehieebagbmdbhnlpiopdcmna [2014-07-31]

CHR Extension: (Skype Click to Call) - C:\Users\Andre\AppData\Local\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl [2014-03-03]

CHR Extension: (Gmail) - C:\Users\Andre\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2013-03-19]

CHR HKLM\...\Chrome\Extension: [bbjciahceamgodcoidkjpchnokgfpphh] - C:\Users\Andre\AppData\Local\funmoods.crx [2013-03-19]

CHR HKLM\...\Chrome\Extension: [dlnembnfbcpjnepmfjmngjenhhajpdfd] - C:\Program Files\Web Assistant\source.crx [2013-03-19]

CHR HKCU\...\Chrome\Extension: [gclijllifhfpomppedeljakfegbcpojn] - C:\Users\Andre\AppData\Local\CRE\gclijllifhfpomppedeljakfegbcpojn.crx [2012-09-20]

CHR HKLM-x32\...\Chrome\Extension: [bpegkgagfojjbcpkihigfmkojdmmimdf] - C:\Program Files (x86)\Freemake\Freemake Video Downloader\BrowserPlugin\Chrome\Freemake.Plugin.Chrome.crx [2012-11-12]

CHR HKLM-x32\...\Chrome\Extension: [dlnembnfbcpjnepmfjmngjenhhajpdfd] - C:\Program Files\Web Assistant\source.crx [2012-11-12]

CHR HKLM-x32\...\Chrome\Extension: [ehgldbbpchgpcfagfpfjgoomddhccfgh] - C:\Program Files (x86)\Freemake\Freemake Video Downloader\BrowserPlugin\Chrome\ChromeYoutubePlugin.crx [2012-11-12]

CHR HKLM-x32\...\Chrome\Extension: [gclijllifhfpomppedeljakfegbcpojn] - C:\Users\Andre\AppData\Local\CRE\gclijllifhfpomppedeljakfegbcpojn.crx [2012-09-20]

CHR HKLM-x32\...\Chrome\Extension: [glnobgflmgdgipgcdgjpfbhinmhdpbce] - C:\ProgramData\ADDICT-THING\glnobgflmgdgipgcdgjpfbhinmhdpbce.crx [2012-06-24]

CHR HKLM-x32\...\Chrome\Extension: [lifbcibllhkdhoafpjfnlhfpfgnpldfl] - C:\Program Files (x86)\Skype\Toolbars\ChromeExtension\skype_chrome_extension.crx [2014-07-14]

CHR HKLM-x32\...\Chrome\Extension: [ogccgbmabaphcakpiclgcnmcnimhokcj] - C:\Users\Andre\AppData\Local\Google\Chrome\User Data\Default\External Extensions\{EEE6C373-6118-11DC-9C72-001320C79847}\SweetNT.crx [2014-07-14]

CHR StartMenuInternet: Google Chrome - C:\Users\Andre\AppData\Local\Google\Chrome\Application\chrome.exe

CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION

 

==================== Services (Whitelisted) =================

 

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

 

R2 699fd52f; c:\ProgramData\Assistant\AssistantSvc.dll [177488 2014-03-30] () [File not signed]

R2 AdobeActiveFileMonitor10.0; C:\Program Files (x86)\Adobe\Elements 10 Organizer\PhotoshopElementsFileAgent.exe [169624 2011-09-14] (Adobe Systems Incorporated)

S2 BstHdAndroidSvc; C:\Program Files (x86)\BlueStacks\HD-Service.exe [402192 2014-03-13] (BlueStack Systems, Inc.)

R2 BstHdLogRotatorSvc; C:\Program Files (x86)\BlueStacks\HD-LogRotatorService.exe [385808 2014-03-13] (BlueStack Systems, Inc.)

R2 BstHdUpdaterSvc; C:\Program Files (x86)\BlueStacks\HD-UpdaterService.exe [770832 2014-03-13] (BlueStack Systems, Inc.)

R2 c2cautoupdatesvc; C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe [1390176 2014-07-14] (Microsoft Corporation)

R2 c2cpnrsvc; C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe [1767520 2014-07-14] (Microsoft Corporation)

S2 CLKMSVC10_9EC60124; c:\Program Files (x86)\CyberLink\PowerDVD9\NavFilter\kmsvc.exe [248304 2011-12-16] (CyberLink)

S3 Creative ALchemy AL6 Licensing Service; C:\Program Files (x86)\Common Files\Creative Labs Shared\Service\AL6Licensing.exe [79360 2012-06-10] (Creative Labs) [File not signed]

S3 Creative Audio Engine Licensing Service; C:\Program Files (x86)\Common Files\Creative Labs Shared\Service\CTAELicensing.exe [79360 2012-06-10] (Creative Labs) [File not signed]

R2 CTAudSvcService; c:\Program Files (x86)\Creative\Shared Files\CTAudSvc.exe [423424 2011-10-19] (Creative Technology Ltd) [File not signed]

R2 CtHdaSvc; C:\Windows\sysWow64\CtHdaSvc.exe [122880 2012-03-27] (Creative Technology Ltd)

R2 FreemakeVideoCapture; C:\Program Files (x86)\Freemake\CaptureLib\CaptureLibService.exe [8704 2012-09-07] (Freemake) [File not signed]

S3 IDriverT; C:\Program Files (x86)\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe [73728 2004-10-22] (Macrovision Corporation) [File not signed]

R2 jhi_service; C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\jhi_service.exe [161560 2012-02-01] (Intel Corporation)

R2 LMIGuardianSvc; C:\Program Files (x86)\LogMeIn\x64\LMIGuardianSvc.exe [376144 2014-07-16] (LogMeIn, Inc.)

R2 LMIMaint; C:\Program Files (x86)\LogMeIn\x64\RaMaint.exe [226640 2014-07-16] (LogMeIn, Inc.)

R2 LogMeIn; C:\Program Files (x86)\LogMeIn\x64\LogMeIn.exe [407424 2012-04-02] (LogMeIn, Inc.)

R2 LPTSystemUpdater; C:\Program Files (x86)\LPT\srpts.exe [35872 2014-03-02] ()

S2 MsMpSvc; c:\Program Files\Microsoft Security Client\MsMpEng.exe [22056 2013-01-27] () [File not signed]

R2 MySQLAndre; C:\ProgramData\MySQL\MySQL Server 5.5\my.ini [9177 2012-07-18] () [File not signed]

S3 MyWiFiDHCPDNS; C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe [273168 2012-02-26] ()

S3 NisSrv; c:\Program Files\Microsoft Security Client\NisSrv.exe [379360 2013-01-27] () [File not signed]

R2 PnkBstrA; C:\Windows\SysWOW64\PnkBstrA.exe [76888 2012-09-23] ()

R2 RzKLService; C:\Program Files (x86)\Razer\Razer Game Booster\RzKLService.exe [105448 2014-02-25] (Razer Inc.)

R2 SentinelKeysServer; C:\Program Files (x86)\Common Files\SafeNet Sentinel\Sentinel Keys Server\sntlkeyssrvr.exe [369952 2009-09-17] (SafeNet, Inc.)

R2 SentinelProtectionServer; C:\Program Files (x86)\Common Files\SafeNet Sentinel\Sentinel Protection Server\WinNT\spnsrvnt.exe [1246496 2009-09-17] (SafeNet, Inc)

R2 SentinelSecurityRuntime; C:\Program Files (x86)\Common Files\SafeNet Sentinel\Sentinel Security Runtime\sntlsrtsrvr.exe [292128 2009-09-17] (SafeNet, Inc.)

S3 SwitchBoard; C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Adobe Systems Incorporated) [File not signed]

R2 VideoAcceleratorService; C:\Program Files (x86)\SpeedBit Video Accelerator\VideoAcceleratorService.exe [265928 2012-06-28] (SpeedBit Ltd.)

S2 ZeroConfigService; C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe [2669840 2012-02-26] (Intel® Corporation)

S4 McComponentHostService; "C:\Program Files (x86)\McAfee Security Scan\3.0.207\McCHSvc.exe" [X]

S4 Web Assistant Updater; C:\Program Files\Web Assistant\ExtensionUpdaterService.exe [X]

S2 WebOptimizer; %SystemRoot%\system32\dmwu.exe [X]

 

==================== Drivers (Whitelisted) ====================

 

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

 

R2 BstHdDrv; C:\Program Files (x86)\BlueStacks\HD-Hypervisor-amd64.sys [121616 2014-03-13] (BlueStack Systems)

R3 cbfs3; C:\Windows\System32\DRIVERS\cbfs3.sys [352144 2012-04-09] (EldoS Corporation)

S3 cpudrv64; C:\Program Files (x86)\SystemRequirementsLab\cpudrv64.sys [17864 2011-06-02] ()

R3 cthda; C:\Windows\System32\drivers\cthda.sys [1052760 2012-03-27] (Creative Technology Ltd)

R2 LMIInfo; C:\Program Files (x86)\LogMeIn\x64\RaInfo.sys [16056 2014-02-07] (LogMeIn, Inc.)

S4 LMIRfsClientNP; No ImagePath

R0 MpFilter; C:\Windows\System32\DRIVERS\MpFilter.sys [230320 2013-01-20] (Microsoft Corporation)

R2 NisDrv; C:\Windows\System32\DRIVERS\NisDrvWFP.sys [130008 2013-01-20] (Microsoft Corporation)

R2 npf; C:\Windows\System32\drivers\npf.sys [35344 2011-02-11] (CACE Technologies, Inc.)

R1 nvkflt; C:\Windows\System32\DRIVERS\nvkflt.sys [249152 2012-03-25] (NVIDIA Corporation)

R2 Sentinel64; C:\Windows\System32\Drivers\Sentinel64.sys [145448 2009-09-17] (SafeNet, Inc.)

S3 Serial; C:\Windows\system32\drivers\serial.sys [94208 2009-07-13] (Brother Industries Ltd.)

R3 ST_ACCEL; C:\Windows\System32\DRIVERS\ST_ACCEL.sys [67184 2012-01-03] (STMicroelectronics)

S3 amdkmdap; system32\DRIVERS\atikmpag.sys [X]

S3 CEDRIVER60; \??\C:\Program Files (x86)\Cheat Engine 6.1\dbk64.sys [X]

S0x01000000 papycpu2; \SystemRoot\System32\DRIVERS\papycpu2.sys [X]

S0x01000000 papyjoy; \SystemRoot\System32\DRIVERS\papyjoy.sys [X]

S3 WinRing0_1_2_0; \??\C:\Program Files (x86)\IObit\Game Booster 3\Driver\WinRing0x64.sys [X]

 

==================== NetSvcs (Whitelisted) ===================

 

(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)

 

 

==================== One Month Created Files and Folders ========

 

(If an entry is included in the fixlist, the file\folder will be moved.)

 

2018-03-02 00:33 - 2018-03-02 00:33 - 00000000 ____D () C:\Users\Andre\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dell

2014-08-07 18:23 - 2014-08-07 18:24 - 00000000 ____D () C:\FRST

2014-08-07 17:39 - 2014-08-07 17:39 - 02094080 _____ (Farbar) C:\Users\Andre\Downloads\FRST64.exe

2014-08-07 17:39 - 2014-08-07 17:39 - 02094080 _____ (Farbar) C:\Users\Andre\Downloads\FRST64(1).exe

2014-08-07 17:28 - 2014-08-07 17:28 - 00000000 ____D () C:\Users\Andre\Downloads\Avatar [720p]

2014-08-06 22:42 - 2013-03-02 16:59 - 00000318 _____ () C:\Users\Andre\Desktop\Curse Client.appref-ms

2014-08-06 22:41 - 2014-08-07 16:45 - 00001006 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\LogMeIn Client.lnk

2014-08-06 22:41 - 2014-08-07 16:45 - 00000990 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\LogMeIn Control Panel.lnk

2014-08-06 22:39 - 2014-08-06 22:39 - 00000000 ____D () C:\Users\Andre\AppData\Roaming\library_dir

2014-08-06 22:36 - 2014-08-06 22:36 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CyberLink PowerDVD 9.6

2014-08-06 20:14 - 2014-08-06 20:14 - 00000071 _____ () C:\Windows\wininit.ini

2014-08-06 20:13 - 2014-08-06 22:14 - 00000000 ____D () C:\Users\Andre\Desktop\New folder (5)

2014-08-06 20:13 - 2014-08-06 21:36 - 00005184 _____ () C:\Users\Andre\AppData\Roaming\msconfig.ini

2014-08-06 20:13 - 2014-08-06 20:15 - 00000000 __SHD () C:\Windows\SysWOW64\sys

2014-08-06 20:13 - 2014-08-06 20:14 - 00000000 _RSHD () C:\Users\Andre\c4u2s7y68

2014-08-06 20:11 - 2014-08-06 20:11 - 00362664 _____ () C:\Users\Andre\Downloads\MediaPlayerClassic_RocketFuelInstaller.exe

2014-08-06 20:10 - 2014-08-06 20:10 - 01028961 _____ () C:\Users\Andre\Downloads\Call of Duty Ghosts Hack.rar

2014-08-06 20:06 - 2014-08-06 20:06 - 03578764 _____ () C:\Users\Andre\Downloads\Call-of-Duty-Ghosts-Multihack-v3.0.rar

2014-08-06 20:04 - 2014-08-06 20:04 - 00003426 _____ () C:\Windows\System32\Tasks\AmiUpdXp

2014-08-06 20:04 - 2014-08-06 20:04 - 00000374 _____ () C:\Windows\Tasks\AmiUpdXp.job

2014-08-06 20:04 - 2014-08-06 20:04 - 00000000 ____D () C:\Users\Andre\AppData\Local\13677

2014-08-06 20:02 - 2014-08-06 20:02 - 00577728 _____ () C:\Users\Andre\Downloads\COD Ghosts Aimbot Downloader__3687_i1135729148_il1417854.exe

2014-08-05 00:55 - 2014-08-05 00:55 - 00000001 _____ () C:\Users\Andre\Desktop\New Text Document (2).txt

2014-08-04 20:14 - 2014-08-04 20:14 - 00017506 _____ () C:\Users\Andre\Downloads\topic,16.0 (5).html

2014-08-04 20:14 - 2014-08-04 20:14 - 00000162 ____H () C:\Users\Andre\Downloads\~$pic,16.0 (5).html

2014-08-04 18:19 - 2014-08-04 18:20 - 01649360 _____ () C:\Users\Andre\ts3_recording_14_08_04_18_19_47.wav

2014-07-30 16:27 - 2014-07-30 16:27 - 00000230 _____ () C:\Users\Andre\Desktop\Robocraft.url

2014-07-29 22:29 - 2014-07-29 22:29 - 00000230 _____ () C:\Users\Andre\Desktop\Terraria.url

2014-07-28 15:55 - 2014-07-28 15:55 - 00053830 _____ () C:\Users\Andre\Downloads\SlimevoidLib-Universal-v2.0.2.0.zip

2014-07-28 15:45 - 2014-07-28 15:45 - 01227779 _____ () C:\Users\Andre\Downloads\gulliver-forged-871-installer-0.14.2-MC1.6.2.jar

2014-07-28 15:42 - 2014-07-28 15:43 - 00173459 _____ () C:\Users\Andre\Downloads\LittleBlocks-MC1.6.2-Optifine.zip

2014-07-27 17:14 - 2014-07-27 17:14 - 00000230 _____ () C:\Users\Andre\Desktop\Call of Duty Ghosts.url

2014-07-27 17:14 - 2014-07-27 17:14 - 00000230 _____ () C:\Users\Andre\Desktop\Call of Duty Ghosts - Multiplayer.url

2014-07-27 11:15 - 2014-07-27 11:16 - 43843119 _____ () C:\Users\Andre\Downloads\Tropicraft v5.1.7 for MC v1.6.4.zip

2014-07-27 11:15 - 2014-07-27 11:15 - 02269863 _____ () C:\Users\Andre\Downloads\forge-1.6.4-9.11.1.965-installer.jar

2014-07-26 09:31 - 2014-07-26 09:38 - 00000000 ____D () C:\Users\Andre\Desktop\New folder (4)

2014-07-26 09:31 - 2014-07-26 09:31 - 07964793 _____ () C:\Users\Andre\Downloads\faithful32packOptiFine.zip

2014-07-26 09:31 - 2014-07-26 09:31 - 00850340 _____ () C:\Users\Andre\Downloads\OCD pack 1.7.2.zip

2014-07-24 18:40 - 2014-07-24 18:40 - 00000229 _____ () C:\Users\Andre\Desktop\Call of Duty Modern Warfare 3 - Multiplayer.url

2014-07-23 21:28 - 2014-07-23 21:29 - 00000000 ____D () C:\Users\Andre\Desktop\Movies

2014-07-22 20:29 - 2014-07-23 21:28 - 00000000 ____D () C:\Users\Andre\Downloads\8 Mile[2002]DvDrip[Eng]-BugZ

2014-07-19 21:22 - 2014-07-19 21:22 - 00135322 _____ () C:\Users\Andre\Desktop\skse scripts.zip

2014-07-19 21:18 - 2014-07-19 21:22 - 00000000 ____D () C:\Users\Andre\Desktop\skse_1_07_01

2014-07-19 21:18 - 2014-07-19 21:18 - 00557387 _____ () C:\Users\Andre\Downloads\skse_1_07_01.7z

2014-07-19 17:09 - 2014-07-19 17:09 - 00313875 _____ () C:\Users\Andre\Downloads\skse_1_07_01_installer.exe

2014-07-19 17:09 - 2014-07-19 17:09 - 00002266 _____ () C:\Users\UpdatusUser\Desktop\Skyrim (SKSE).lnk

2014-07-19 17:09 - 2014-07-19 17:09 - 00002248 _____ () C:\Users\Andre\Desktop\Skyrim (SKSE).lnk

2014-07-19 14:11 - 2014-07-19 14:11 - 00000000 ____D () C:\Users\Andre\Documents\Razer

2014-07-19 14:11 - 2014-07-19 14:11 - 00000000 ____D () C:\Users\Andre\AppData\Local\Razer_Inc

2014-07-19 13:16 - 2014-07-19 13:16 - 00002123 _____ () C:\Users\Public\Desktop\Razer Game Booster.lnk

2014-07-19 13:11 - 2014-07-19 13:13 - 41954352 _____ (Razer Inc. ) C:\Users\Andre\Downloads\RazerGameBoosterSetup_4.2.45.0 (2).exe

2014-07-19 13:07 - 2014-07-19 13:08 - 41954352 _____ (Razer Inc. ) C:\Users\Andre\Downloads\RazerGameBoosterSetup_4.2.45.0 (1).exe

2014-07-19 13:06 - 2014-07-19 13:07 - 41954352 _____ (Razer Inc. ) C:\Users\Andre\Downloads\RazerGameBoosterSetup_4.2.45.0.exe

2014-07-19 13:00 - 2014-07-19 13:00 - 00667648 _____ () C:\Users\Andre\Downloads\Detection.msi

2014-07-19 12:59 - 2014-07-19 12:59 - 00000000 ____D () C:\ProgramData\SystemRequirementsLab

2014-07-19 12:04 - 2014-07-19 12:04 - 00000128 _____ () C:\Users\Andre\Desktop\Generic Spoiler.url

2014-07-19 08:20 - 2014-07-19 08:20 - 00000000 _____ () C:\Users\Andre\Desktop\The Elder Scrolls V

2014-07-17 19:36 - 2014-07-17 19:39 - 00003903 _____ () C:\Users\Andre\Desktop\Color.java

2014-07-17 19:04 - 2014-07-17 19:04 - 00001366 _____ () C:\Users\Andre\Desktop\Robocode.lnk

2014-07-17 19:04 - 2014-07-17 19:04 - 00000000 ____D () C:\Users\Andre\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Robocode

2014-07-17 19:04 - 2014-07-17 19:04 - 00000000 ____D () C:\robocode

2014-07-17 18:51 - 2014-07-17 18:52 - 05436039 _____ () C:\Users\Andre\Downloads\robocode-1.9.2.1-setup.jar

2014-07-17 18:50 - 2004-02-24 00:11 - 00004734 _____ () C:\Users\Andre\Desktop\Aristocles.class

2014-07-17 18:48 - 2004-02-24 00:11 - 00005808 _____ () C:\Users\Andre\Desktop\Aristocles.java

2014-07-17 18:47 - 2014-07-17 19:39 - 00006464 _____ () C:\Users\Andre\Downloads\Andre.java

2014-07-17 18:47 - 2014-07-17 18:47 - 00006340 _____ () C:\Users\Andre\Downloads\pez.micro.Aristocles_0.3.7.jar

2014-07-08 18:15 - 2014-07-08 18:15 - 00783208 _____ (MurGee.com ) C:\Users\Andre\Downloads\setup.exe

2014-07-08 18:15 - 2014-07-08 18:15 - 00001102 _____ () C:\Users\Andre\Desktop\Auto Clicker.lnk

2014-07-08 18:15 - 2014-07-08 18:15 - 00000000 ____D () C:\Users\Andre\AppData\Local\Auto Clicker

2014-07-08 18:15 - 2014-07-08 18:15 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Auto Clicker

 

==================== One Month Modified Files and Folders =======

 

(If an entry is included in the fixlist, the file\folder will be moved.)

 

2018-03-02 00:33 - 2018-03-02 00:33 - 00000000 ____D () C:\Users\Andre\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dell

2014-08-07 18:24 - 2014-08-07 18:23 - 00000000 ____D () C:\FRST

2014-08-07 18:22 - 2013-05-09 12:07 - 00052666 _____ () C:\Windows\setupact.log

2014-08-07 18:21 - 2012-10-20 00:10 - 00000000 ____D () C:\Users\Andre\AppData\Roaming\Skype

2014-08-07 18:04 - 2012-06-20 18:58 - 00000000 ____D () C:\Users\Andre\AppData\Local\Deployment

2014-08-07 17:44 - 2012-06-10 11:41 - 01500155 _____ () C:\Windows\WindowsUpdate.log

2014-08-07 17:39 - 2014-08-07 17:39 - 02094080 _____ (Farbar) C:\Users\Andre\Downloads\FRST64.exe

2014-08-07 17:39 - 2014-08-07 17:39 - 02094080 _____ (Farbar) C:\Users\Andre\Downloads\FRST64(1).exe

2014-08-07 17:28 - 2014-08-07 17:28 - 00000000 ____D () C:\Users\Andre\Downloads\Avatar [720p]

2014-08-07 17:28 - 2012-08-14 17:36 - 00000000 ____D () C:\Users\Andre\AppData\Roaming\uTorrent

2014-08-07 17:04 - 2013-07-02 21:01 - 00000000 ____D () C:\Users\Andre\AppData\Roaming\.minecraft

2014-08-07 16:52 - 2009-07-13 23:45 - 00021296 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0

2014-08-07 16:52 - 2009-07-13 23:45 - 00021296 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0

2014-08-07 16:49 - 2009-07-14 00:13 - 00006394 _____ () C:\Windows\system32\PerfStringBackup.INI

2014-08-07 16:45 - 2014-08-06 22:41 - 00001006 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\LogMeIn Client.lnk

2014-08-07 16:45 - 2014-08-06 22:41 - 00000990 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\LogMeIn Control Panel.lnk

2014-08-07 16:45 - 2012-06-10 10:11 - 00000000 ____D () C:\Program Files (x86)\AlienRespawn

2014-08-07 16:44 - 2012-06-10 10:17 - 00000000 ____D () C:\Users\Default\AppData\Local\SoftThinks

2014-08-07 16:44 - 2012-06-10 10:17 - 00000000 ____D () C:\Users\Default User\AppData\Local\SoftThinks

2014-08-07 16:42 - 2012-06-10 11:39 - 00000000 ____D () C:\ProgramData\NVIDIA

2014-08-07 16:42 - 2010-11-20 22:47 - 00332810 _____ () C:\Windows\PFRO.log

2014-08-07 06:58 - 2014-03-03 10:01 - 00000000 ____D () C:\Users\Andre\AppData\Local\WeatherAlerts

2014-08-07 00:13 - 2012-06-20 23:47 - 00000000 ____D () C:\ProgramData\LogMeIn

2014-08-06 23:46 - 2013-03-23 00:39 - 00000000 ____D () C:\Users\Andre\AppData\Roaming\steam

2014-08-06 22:41 - 2012-11-06 15:10 - 00000000 ____D () C:\Windows\pss

2014-08-06 22:41 - 2012-10-15 18:46 - 00000000 ____D () C:\Users\Andre\AppData\Roaming\Raptr

2014-08-06 22:41 - 2012-06-20 23:47 - 00001024 _____ () C:\.rnd

2014-08-06 22:40 - 2012-10-20 00:10 - 00000000 ___RD () C:\Program Files (x86)\Skype

2014-08-06 22:40 - 2012-10-20 00:10 - 00000000 ____D () C:\ProgramData\Skype

2014-08-06 22:40 - 2012-06-20 23:47 - 00000000 ____D () C:\Program Files (x86)\LogMeIn

2014-08-06 22:39 - 2014-08-06 22:39 - 00000000 ____D () C:\Users\Andre\AppData\Roaming\library_dir

2014-08-06 22:39 - 2012-10-15 18:46 - 00000000 ____D () C:\Program Files (x86)\Raptr

2014-08-06 22:37 - 2013-01-01 21:47 - 00000160 _____ () C:\Users\Andre\AppData\Roaming\settings.set

2014-08-06 22:36 - 2014-08-06 22:36 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CyberLink PowerDVD 9.6

2014-08-06 22:36 - 2014-01-20 12:22 - 00000000 ____D () C:\Users\Andre\AppData\Local\TSVNCache

2014-08-06 22:27 - 2013-01-02 21:13 - 01372672 ___SH () C:\Users\Andre\Desktop\Thumbs.db

2014-08-06 22:14 - 2014-08-06 20:13 - 00000000 ____D () C:\Users\Andre\Desktop\New folder (5)

2014-08-06 21:58 - 2012-06-20 18:58 - 00000908 _____ () C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1126745806-3093530448-7569978-1001UA.job

2014-08-06 21:36 - 2014-08-06 20:13 - 00005184 _____ () C:\Users\Andre\AppData\Roaming\msconfig.ini

2014-08-06 21:28 - 2012-06-20 18:58 - 00000856 _____ () C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1126745806-3093530448-7569978-1001Core.job

2014-08-06 21:26 - 2013-01-08 23:06 - 00000896 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job

2014-08-06 21:12 - 2012-11-06 14:41 - 00000830 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job

2014-08-06 20:26 - 2013-01-08 23:06 - 00000892 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job

2014-08-06 20:15 - 2014-08-06 20:13 - 00000000 __SHD () C:\Windows\SysWOW64\sys

2014-08-06 20:14 - 2014-08-06 20:14 - 00000071 _____ () C:\Windows\wininit.ini

2014-08-06 20:14 - 2014-08-06 20:13 - 00000000 _RSHD () C:\Users\Andre\c4u2s7y68

2014-08-06 20:13 - 2012-06-20 18:23 - 00000000 ____D () C:\Users\Andre

2014-08-06 20:11 - 2014-08-06 20:11 - 00362664 _____ () C:\Users\Andre\Downloads\MediaPlayerClassic_RocketFuelInstaller.exe

2014-08-06 20:10 - 2014-08-06 20:10 - 01028961 _____ () C:\Users\Andre\Downloads\Call of Duty Ghosts Hack.rar

2014-08-06 20:06 - 2014-08-06 20:06 - 03578764 _____ () C:\Users\Andre\Downloads\Call-of-Duty-Ghosts-Multihack-v3.0.rar

2014-08-06 20:04 - 2014-08-06 20:04 - 00003426 _____ () C:\Windows\System32\Tasks\AmiUpdXp

2014-08-06 20:04 - 2014-08-06 20:04 - 00000374 _____ () C:\Windows\Tasks\AmiUpdXp.job

2014-08-06 20:04 - 2014-08-06 20:04 - 00000000 ____D () C:\Users\Andre\AppData\Local\13677

2014-08-06 20:02 - 2014-08-06 20:02 - 00577728 _____ () C:\Users\Andre\Downloads\COD Ghosts Aimbot Downloader__3687_i1135729148_il1417854.exe

2014-08-06 19:28 - 2014-02-25 18:27 - 00000444 ____H () C:\Windows\Tasks\WS.Booster-S-1431105474.job

2014-08-06 19:28 - 2014-01-19 15:23 - 00000464 ____H () C:\Windows\Tasks\GS.Enabler-S-1824435291.job

2014-08-06 19:28 - 2009-07-14 00:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT

2014-08-06 17:49 - 2012-08-01 02:09 - 00000000 ____D () C:\Users\Andre\AppData\Local\Adobe

2014-08-05 18:18 - 2014-03-08 22:48 - 00000000 ____D () C:\Users\Andre\AppData\Local\Skyrim

2014-08-05 15:01 - 2014-03-03 10:01 - 00000276 _____ () C:\Windows\Tasks\RegClean Pro_DEFAULT.job

2014-08-05 13:02 - 2013-05-21 21:26 - 00003460 _____ () C:\Windows\System32\Tasks\PCDEventLauncherTask

2014-08-05 01:15 - 2012-07-08 08:32 - 00560640 ___SH () C:\Users\Andre\Documents\Thumbs.db

2014-08-05 00:55 - 2014-08-05 00:55 - 00000001 _____ () C:\Users\Andre\Desktop\New Text Document (2).txt

2014-08-04 20:14 - 2014-08-04 20:14 - 00017506 _____ () C:\Users\Andre\Downloads\topic,16.0 (5).html

2014-08-04 20:14 - 2014-08-04 20:14 - 00000162 ____H () C:\Users\Andre\Downloads\~$pic,16.0 (5).html

2014-08-04 20:14 - 2013-02-20 17:13 - 00000000 ____D () C:\Users\Andre\AppData\Roaming\TS3Client

2014-08-04 18:20 - 2014-08-04 18:19 - 01649360 _____ () C:\Users\Andre\ts3_recording_14_08_04_18_19_47.wav

2014-07-31 23:05 - 2012-12-04 16:25 - 00000000 ____D () C:\Users\Andre\AppData\Local\CrashDumps

2014-07-30 16:27 - 2014-07-30 16:27 - 00000230 _____ () C:\Users\Andre\Desktop\Robocraft.url

2014-07-30 16:27 - 2012-06-24 13:07 - 00000000 ____D () C:\Users\Andre\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Steam

2014-07-30 16:07 - 2012-06-21 12:03 - 00000000 ____D () C:\Program Files\AlienAutopsy

2014-07-30 16:05 - 2012-06-21 12:00 - 00000000 ____D () C:\ProgramData\PCDr

2014-07-30 09:01 - 2014-03-03 10:01 - 00000284 _____ () C:\Windows\Tasks\RegClean Pro_UPDATES.job

2014-07-29 22:29 - 2014-07-29 22:29 - 00000230 _____ () C:\Users\Andre\Desktop\Terraria.url

2014-07-29 22:26 - 2013-05-07 14:04 - 00000000 ____D () C:\Users\Andre\Documents\Universe Sandbox

2014-07-28 16:36 - 2013-07-11 19:31 - 00000000 ____D () C:\Program Files (x86)\Razer

2014-07-28 15:55 - 2014-07-28 15:55 - 00053830 _____ () C:\Users\Andre\Downloads\SlimevoidLib-Universal-v2.0.2.0.zip

2014-07-28 15:45 - 2014-07-28 15:45 - 01227779 _____ () C:\Users\Andre\Downloads\gulliver-forged-871-installer-0.14.2-MC1.6.2.jar

2014-07-28 15:43 - 2014-07-28 15:42 - 00173459 _____ () C:\Users\Andre\Downloads\LittleBlocks-MC1.6.2-Optifine.zip

2014-07-27 17:38 - 2013-04-08 18:49 - 00000000 ____D () C:\Program Files (x86)\War Thunder

2014-07-27 17:16 - 2012-11-01 18:20 - 00000000 ____D () C:\Program Files\Adobe

2014-07-27 17:16 - 2012-08-01 03:08 - 00000000 ____D () C:\Program Files\Common Files\Adobe

2014-07-27 17:14 - 2014-07-27 17:14 - 00000230 _____ () C:\Users\Andre\Desktop\Call of Duty Ghosts.url

2014-07-27 17:14 - 2014-07-27 17:14 - 00000230 _____ () C:\Users\Andre\Desktop\Call of Duty Ghosts - Multiplayer.url

2014-07-27 11:16 - 2014-07-27 11:15 - 43843119 _____ () C:\Users\Andre\Downloads\Tropicraft v5.1.7 for MC v1.6.4.zip

2014-07-27 11:15 - 2014-07-27 11:15 - 02269863 _____ () C:\Users\Andre\Downloads\forge-1.6.4-9.11.1.965-installer.jar

2014-07-26 09:38 - 2014-07-26 09:31 - 00000000 ____D () C:\Users\Andre\Desktop\New folder (4)

2014-07-26 09:31 - 2014-07-26 09:31 - 07964793 _____ () C:\Users\Andre\Downloads\faithful32packOptiFine.zip

2014-07-26 09:31 - 2014-07-26 09:31 - 00850340 _____ () C:\Users\Andre\Downloads\OCD pack 1.7.2.zip

2014-07-24 18:40 - 2014-07-24 18:40 - 00000229 _____ () C:\Users\Andre\Desktop\Call of Duty Modern Warfare 3 - Multiplayer.url

2014-07-23 21:29 - 2014-07-23 21:28 - 00000000 ____D () C:\Users\Andre\Desktop\Movies

2014-07-23 21:28 - 2014-07-22 20:29 - 00000000 ____D () C:\Users\Andre\Downloads\8 Mile[2002]DvDrip[Eng]-BugZ

2014-07-23 19:24 - 2009-07-14 00:08 - 00032632 _____ () C:\Windows\Tasks\SCHEDLGU.TXT

2014-07-21 16:43 - 2014-07-07 17:34 - 00000000 ____D () C:\Users\Andre\AppData\Roaming\.ccemuredux

2014-07-20 22:40 - 2014-02-23 22:28 - 00000000 ____D () C:\Program Files (x86)\PursuePoint

2014-07-19 21:22 - 2014-07-19 21:22 - 00135322 _____ () C:\Users\Andre\Desktop\skse scripts.zip

2014-07-19 21:22 - 2014-07-19 21:18 - 00000000 ____D () C:\Users\Andre\Desktop\skse_1_07_01

2014-07-19 21:22 - 2014-03-10 18:47 - 00000000 ____D () C:\Users\Andre\Documents\Nexus Mod Manager

2014-07-19 21:18 - 2014-07-19 21:18 - 00557387 _____ () C:\Users\Andre\Downloads\skse_1_07_01.7z

2014-07-19 17:09 - 2014-07-19 17:09 - 00313875 _____ () C:\Users\Andre\Downloads\skse_1_07_01_installer.exe

2014-07-19 17:09 - 2014-07-19 17:09 - 00002266 _____ () C:\Users\UpdatusUser\Desktop\Skyrim (SKSE).lnk

2014-07-19 17:09 - 2014-07-19 17:09 - 00002248 _____ () C:\Users\Andre\Desktop\Skyrim (SKSE).lnk

2014-07-19 14:19 - 2012-09-03 10:25 - 00003074 _____ () C:\Windows\System32\Tasks\Game_Booster_Startup

2014-07-19 14:11 - 2014-07-19 14:11 - 00000000 ____D () C:\Users\Andre\Documents\Razer

2014-07-19 14:11 - 2014-07-19 14:11 - 00000000 ____D () C:\Users\Andre\AppData\Local\Razer_Inc

2014-07-19 14:06 - 2013-07-11 19:35 - 00000000 ____D () C:\Users\Andre\AppData\Local\Razer

2014-07-19 13:16 - 2014-07-19 13:16 - 00002123 _____ () C:\Users\Public\Desktop\Razer Game Booster.lnk

2014-07-19 13:16 - 2013-07-11 19:31 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Razer

2014-07-19 13:15 - 2013-07-11 19:31 - 00000000 ____D () C:\ProgramData\Razer

2014-07-19 13:13 - 2014-07-19 13:11 - 41954352 _____ (Razer Inc. ) C:\Users\Andre\Downloads\RazerGameBoosterSetup_4.2.45.0 (2).exe

2014-07-19 13:08 - 2014-07-19 13:07 - 41954352 _____ (Razer Inc. ) C:\Users\Andre\Downloads\RazerGameBoosterSetup_4.2.45.0 (1).exe

2014-07-19 13:07 - 2014-07-19 13:06 - 41954352 _____ (Razer Inc. ) C:\Users\Andre\Downloads\RazerGameBoosterSetup_4.2.45.0.exe

2014-07-19 13:01 - 2013-07-11 12:10 - 00000000 ____D () C:\Program Files (x86)\SystemRequirementsLab

2014-07-19 13:00 - 2014-07-19 13:00 - 00667648 _____ () C:\Users\Andre\Downloads\Detection.msi

2014-07-19 12:59 - 2014-07-19 12:59 - 00000000 ____D () C:\ProgramData\SystemRequirementsLab

2014-07-19 12:04 - 2014-07-19 12:04 - 00000128 _____ () C:\Users\Andre\Desktop\Generic Spoiler.url

2014-07-19 08:20 - 2014-07-19 08:20 - 00000000 _____ () C:\Users\Andre\Desktop\The Elder Scrolls V

2014-07-17 19:39 - 2014-07-17 19:36 - 00003903 _____ () C:\Users\Andre\Desktop\Color.java

2014-07-17 19:39 - 2014-07-17 18:47 - 00006464 _____ () C:\Users\Andre\Downloads\Andre.java

2014-07-17 19:04 - 2014-07-17 19:04 - 00001366 _____ () C:\Users\Andre\Desktop\Robocode.lnk

2014-07-17 19:04 - 2014-07-17 19:04 - 00000000 ____D () C:\Users\Andre\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Robocode

2014-07-17 19:04 - 2014-07-17 19:04 - 00000000 ____D () C:\robocode

2014-07-17 19:01 - 2012-12-30 07:20 - 00000000 ____D () C:\Users\Andre\AppData\Local\Eclipse

2014-07-17 18:52 - 2014-07-17 18:51 - 05436039 _____ () C:\Users\Andre\Downloads\robocode-1.9.2.1-setup.jar

2014-07-17 18:47 - 2014-07-17 18:47 - 00006340 _____ () C:\Users\Andre\Downloads\pez.micro.Aristocles_0.3.7.jar

2014-07-16 17:11 - 2012-06-20 23:47 - 00107368 _____ (LogMeIn, Inc.) C:\Windows\system32\LMIRfsClientNP.dll

2014-07-16 17:11 - 2012-06-20 23:47 - 00092488 _____ (LogMeIn, Inc.) C:\Windows\system32\LMIinit.dll

2014-07-16 17:11 - 2012-06-20 23:47 - 00035656 _____ (LogMeIn, Inc.) C:\Windows\system32\LMIport.dll

2014-07-08 18:15 - 2014-07-08 18:15 - 00783208 _____ (MurGee.com ) C:\Users\Andre\Downloads\setup.exe

2014-07-08 18:15 - 2014-07-08 18:15 - 00001102 _____ () C:\Users\Andre\Desktop\Auto Clicker.lnk

2014-07-08 18:15 - 2014-07-08 18:15 - 00000000 ____D () C:\Users\Andre\AppData\Local\Auto Clicker

2014-07-08 18:15 - 2014-07-08 18:15 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Auto Clicker

2014-07-08 13:01 - 2013-06-30 18:51 - 00071952 _____ () C:\Windows\system32\lvcoinst.log

 

Files to move or delete:

====================

C:\Users\Andre\hammer.exe

C:\Users\Andre\AppData\Roaming\msconfig.ini

 

 

Some content of TEMP:

====================

C:\Users\Andre\AppData\Local\Temp\6_Offer_9.exe

C:\Users\Andre\AppData\Local\Temp\AAMHelper.exe

C:\Users\Andre\AppData\Local\Temp\AdobeApplicationManager.exe

C:\Users\Andre\AppData\Local\Temp\BackupSetup.exe

C:\Users\Andre\AppData\Local\Temp\bitool.dll

C:\Users\Andre\AppData\Local\Temp\CommandCenterSetupSetup.exe

C:\Users\Andre\AppData\Local\Temp\CreativeCloudSet-Up.exe

C:\Users\Andre\AppData\Local\Temp\DM1393858784.exe

C:\Users\Andre\AppData\Local\Temp\DM1393888978.exe

C:\Users\Andre\AppData\Local\Temp\DM1393889372.exe

C:\Users\Andre\AppData\Local\Temp\jansi-32-git-Bukkit-1.4.5-R1.0-b2543jnks.dll

C:\Users\Andre\AppData\Local\Temp\jansi-32-git-Bukkit-1.7.2-R0.2-40-g6e27629-b3011jnks.dll

C:\Users\Andre\AppData\Local\Temp\jansi-64-git-Bukkit-1.6.2-R1.0-6-g7d680d3.dll

C:\Users\Andre\AppData\Local\Temp\jansi-64-git-Bukkit-1.7.2-R0.2-40-g6e27629-b3011jnks.dll

C:\Users\Andre\AppData\Local\Temp\jansi-64-git-Bukkit-1.7.2-R0.2-b2974jnks.dll

C:\Users\Andre\AppData\Local\Temp\JingSetup.exe

C:\Users\Andre\AppData\Local\Temp\nsg7B9F.exe

C:\Users\Andre\AppData\Local\Temp\nsh6FAD.exe

C:\Users\Andre\AppData\Local\Temp\nsh7A59.exe

C:\Users\Andre\AppData\Local\Temp\nshCFAD.exe

C:\Users\Andre\AppData\Local\Temp\nsl7CF7.exe

C:\Users\Andre\AppData\Local\Temp\nsmD597.exe

C:\Users\Andre\AppData\Local\Temp\nsr751A.exe

C:\Users\Andre\AppData\Local\Temp\nsxDB05.exe

C:\Users\Andre\AppData\Local\Temp\OpenComputersMod-native.64.dll

C:\Users\Andre\AppData\Local\Temp\Paint.NET.3.5.11.Install.exe

C:\Users\Andre\AppData\Local\Temp\PreExe_ID_5853.exe

C:\Users\Andre\AppData\Local\Temp\SearchProtectChecker.exe

C:\Users\Andre\AppData\Local\Temp\SearchProtectINT.exe

C:\Users\Andre\AppData\Local\Temp\setup.exe

C:\Users\Andre\AppData\Local\Temp\setup__3813.exe

C:\Users\Andre\AppData\Local\Temp\sqlite-3.7.2-sqlitejdbc.dll

C:\Users\Andre\AppData\Local\Temp\SRLDetectionLibrary8112108768895091717.dll

C:\Users\Andre\AppData\Local\Temp\System.Data.SQLite.dll

C:\Users\Andre\AppData\Local\Temp\System.Data.SQLite50181.dll

C:\Users\Andre\AppData\Local\Temp\utt8C72.tmp.exe

 

 

==================== Bamital & volsnap Check =================

 

(There is no automatic fix for files that do not pass verification.)

 

C:\Windows\System32\winlogon.exe => File is digitally signed

C:\Windows\System32\wininit.exe => File is digitally signed

C:\Windows\SysWOW64\wininit.exe => File is digitally signed

C:\Windows\explorer.exe => File is digitally signed

C:\Windows\SysWOW64\explorer.exe

[2012-06-10 11:33] - [2012-06-10 11:33] - 2595328 ____A (Microsoft Corporation) 98B46845D7374EFE5E7ADCD7440ECABA

 

C:\Windows\System32\svchost.exe => File is digitally signed

C:\Windows\SysWOW64\svchost.exe => File is digitally signed

C:\Windows\System32\services.exe => File is digitally signed

C:\Windows\System32\User32.dll => File is digitally signed

C:\Windows\SysWOW64\User32.dll => File is digitally signed

C:\Windows\System32\userinit.exe => File is digitally signed

C:\Windows\SysWOW64\userinit.exe => File is digitally signed

C:\Windows\System32\rpcss.dll => File is digitally signed

C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed

 

 

LastRegBack: 2014-07-28 20:14

 

==================== End Of Log ============================

Link to post
Share on other sites
walia6

walia6

Posted
  • Author
Posted
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 05-08-2014

Ran by Andre at 2014-08-07 18:25:37

Running from E:\

Boot Mode: Normal

==========================================================

 

 

==================== Security Center ========================

 

(If an entry is included in the fixlist, it will be removed.)

 

AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

 

==================== Installed Programs ======================

 

(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

 

µTorrent (HKCU\...\uTorrent) (Version: 3.4.2.32239 - BitTorrent Inc.)

7-Zip 9.20 (HKLM-x32\...\7-Zip) (Version:  - )

Ace of Spades (HKLM-x32\...\{6037B8AD-7D5B-4D50-9BCA-A586C44EEF34}) (Version: 0.75.015 - Ben Aksoy)

Ace of Spades (HKLM-x32\...\Steam App 224540) (Version:  - )

ADDICT-THING (HKLM-x32\...\{71277DC4-4217-462A-9FF4-62D7815B2C69}) (Version:  - ADDICT-THING) <==== ATTENTION

Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 3.4.0.2710 - Adobe Systems Incorporated)

Adobe AIR (x32 Version: 3.4.0.2710 - Adobe Systems Incorporated) Hidden

Adobe Creative Cloud (HKLM-x32\...\Adobe Creative Cloud) (Version: 2.1.2.232 - Adobe Systems Incorporated)

Adobe Download Assistant (HKLM-x32\...\com.adobe.downloadassistant.AdobeDownloadAssistant) (Version: 1.2.3 - Adobe Systems Incorporated)

Adobe Download Assistant (x32 Version: 1.2.3 - Adobe Systems Incorporated) Hidden

Adobe Flash Player 11 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 11.6.602.180 - Adobe Systems Incorporated)

Adobe Flash Player 13 Plugin (HKLM-x32\...\Adobe Flash Player Plugin) (Version: 13.0.0.214 - Adobe Systems Incorporated)

Adobe Flash Professional CS6 (HKLM-x32\...\{BD5669B5-49FF-4490-B956-E9D7CB9B0ADC}) (Version: 12.0 - Adobe Systems Incorporated)

Adobe Help Manager (HKLM-x32\...\chc.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1) (Version: 4.0.244 - Adobe Systems Incorporated)

Adobe Help Manager (x32 Version: 4.0.244 - Adobe Systems Incorporated) Hidden

Adobe Photoshop Elements 10 (HKLM-x32\...\Adobe Photoshop Elements 10) (Version: 10.0 - Adobe Systems Incorporated)

Adobe Photoshop Elements 10 (x32 Version: 10.0 - Adobe Systems Incorporated) Hidden

Adobe Photoshop.com Inspiration Browser (HKLM-x32\...\PhotoshopdotcomInspirationBrowser.4C35C4D325D350FE0114230CBADCA2DDD0AC8D25.1) (Version: 3.07 - Adobe Systems Incorporated)

Adobe Photoshop.com Inspiration Browser (x32 Version: 3.07 - Adobe Systems Incorporated) Hidden

Adobe Reader X (10.1.4) MUI (HKLM-x32\...\{AC76BA86-7AD7-FFFF-7B44-AA0000000001}) (Version: 10.1.4 - Adobe Systems Incorporated)

Advanced Audio FX Engine (HKLM-x32\...\Advanced Audio FX Engine) (Version: 1.12.05 - Creative Technology Ltd)

Advanced System Protector (HKLM-x32\...\00212D92-C5D8-4ff4-AE50-B20F0F85C40A_Systweak_Ad~B9F029BF_is1) (Version: 2.1.1000.12594 - Systweak Software) <==== ATTENTION

AlienAutopsy (HKLM\...\PC-Doctor for Windows) (Version: 3.4.6422.14 - PC-Doctor, Inc.)

AlienRespawn - Support Software (HKLM-x32\...\{A9668246-FB70-4103-A1E3-66C9BC2EFB49}) (Version: 9.4.67 - Alienware)

AlienRespawn (HKLM-x32\...\{0ED7EE95-6A97-47AA-AD73-152C08A15B04}) (Version: 9.4.67 - Alienware)

Alienware Command Center (HKLM-x32\...\InstallShield_{FD1AE10F-163C-4D4B-9FCE-AC667AF1DC6E}) (Version: 2.8.8.0 - Alienware Corp.)

Alienware Command Center (Version: 2.8.8.0 - Alienware Corp.) Hidden

Alienware On-Screen Display (HKLM-x32\...\InstallShield_{0D69462F-99CC-4F8D-942E-666E21CE59F8}) (Version: 0.32.0.2C - )

Alienware On-Screen Display (x32 Version: 0.32.0.2C - ) Hidden

AmazingMIDI (HKLM-x32\...\AmazingMIDI) (Version:  - )

Anvil Studio 2012 (HKLM-x32\...\{FE2E5EDF-550A-4CAB-91F2-7F19D35D4C19}) (Version: 12.10.07 - Willow Software)

Apple Application Support (HKLM-x32\...\{21FC2093-6E43-460B-B9B0-5F5AA35BBB0F}) (Version: 3.0 - Apple Inc.)

Apple Mobile Device Support (HKLM\...\{FE86CB0C-FCB3-4358-B4B0-B0A41E33B3DD}) (Version: 7.1.0.32 - Apple Inc.)

Apple Software Update (HKLM-x32\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)

Arena (HKLM-x32\...\ArenaSetup_is1) (Version:  - Bethesda Softworks)

Armagetron Advanced 0.2.8.3.2 (HKLM-x32\...\Armagetron Advanced) (Version: 0.2.8.3.2 - Armagetron Advanced Team)

Assistant (HKLM-x32\...\{5F189DF5-2D05-472B-9091-84D9848AE48B}{699fd52f}) (Version:  - Verified Publisher) <==== ATTENTION

Audio Evolution 5 (HKLM-x32\...\{5BD1E7E0-4D22-4B2F-B14B-417F6D9F61D0}) (Version: 5.3.4 - eXtream Software Development)

Auto Clicker v1.6 (HKLM-x32\...\{C0A7E4F3-82CC-416B-82C6-BA06AACFD635}_is1) (Version: 1.6 - MurGee.com)

Auto Typer by MurGee v1.3 (HKLM-x32\...\{D04D8636-FB60-47FD-8F8C-18D475C52456}_is1) (Version: 1.3 - MurGee.com)

Banished (HKLM-x32\...\Steam App 242920) (Version:  - Shining Rock Software LLC)

BBITSaver (HKLM-x32\...\{A3FC46A0-9B62-0EF3-B475-743B3A2762B1}) (Version:  - BItSaver) <==== ATTENTION

BeamNG-Techdemo-0.3 (remove only) (HKCU\...\BeamNG-Techdemo-0.3) (Version:  - )

Bfxr (HKLM-x32\...\com.increpare.bfxr) (Version: 1.3.3 - UNKNOWN)

Bfxr (x32 Version: 1.3.3 - UNKNOWN) Hidden

Blender (HKLM\...\Blender) (Version: 2.63-release - Blender Foundation)

BlueStacks App Player (HKLM-x32\...\BlueStacks App Player) (Version: 0.8.7.3069 - BlueStack Systems, Inc.)

BlueStacks Notification Center (HKLM-x32\...\{FE5ABB0E-EDEA-4023-B0FB-9DEA39A98D76}) (Version: 0.8.7.3069 - BlueStack Systems, Inc.)

Bonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 - Apple Inc.)

BrowserSafeguard with Rockettab (HKLM-x32\...\Browsersafeguard) (Version:  - Browsersafeguard) <==== ATTENTION

BSR Screen Recorder 6 (HKLM-x32\...\BSRScreenRecorder5) (Version:  - )

Call of Duty: Ghosts - Multiplayer (HKLM-x32\...\Steam App 209170) (Version:  - Infinity Ward)

Call of Duty: Ghosts (HKLM-x32\...\Steam App 209160) (Version:  - Infinity Ward)

Call of Duty: Modern Warfare 3 - Multiplayer (HKLM-x32\...\Steam App 42690) (Version:  - Infinity Ward)

CamStudio OSS Desktop Recorder (HKLM-x32\...\{FD9C31B6-F572-414D-81E3-89368C97A125}_is1) (Version: 2.6 Beta r294 - CamStudio Open Source Dev Team)

Camtasia Studio 8 (HKLM-x32\...\{56E884B5-B9B6-4432-B209-3A3EF41C7A01}) (Version: 8.0.3.1018 - TechSmith Corporation)

Cheat Engine 6.1 (HKLM-x32\...\Cheat Engine 6.1_is1) (Version:  - Dark Byte)

Curse Client (HKCU\...\101a9f93b8f0bb6f) (Version: 5.1.1.810 - Curse)

CustoPackTools (HKLM\...\CustoPackTools) (Version:  - neOceane)

CyberLink PowerDVD 9.6 (HKLM-x32\...\InstallShield_{A8516AC9-AAF1-47F9-9766-03E2D4CDBCF8}) (Version: 9.6.1.4827 - CyberLink Corp.)

CyberLink PowerDVD 9.6 (x32 Version: 9.6.1.4827 - CyberLink Corp.) Hidden

D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden

DDiscouuntEaxteNsi (HKLM-x32\...\{B138259A-351E-33FA-2726-8D71704F1DA9}) (Version:  - DiscounntuExxtensi)

Debut Video Capture Software (HKLM-x32\...\Debut) (Version:  - NCH Software)

Definition Update for Microsoft Office 2010 (KB982726) 64-Bit Edition (HKLM\...\{91140000-0011-0000-1000-0000000FF1CE}_Office14.PROPLUSR_{FEE83E48-5D21-4EEC-A345-5C5887869DBE}) (Version:  - Microsoft)

Dell System Detect (HKCU\...\9204f5692a8faf3b) (Version: 5.7.0.6 - Dell)

DesktopWeatherAlerts (HKCU\...\DesktopWeatherAlerts) (Version: 1.0.29.0 - Local Weather LLC)

Dev-C++ 5 beta 9 release (4.9.9.2) (HKLM-x32\...\Dev-C++) (Version:  - )

DigiSaver (HKLM-x32\...\{7223EDAC-E091-B3C1-BD91-B66CE557800F}) (Version:  - DiGiSaver)

Dropbox (HKCU\...\Dropbox) (Version: 2.4.10 - Dropbox, Inc.)

Dual-Core Optimizer (HKLM-x32\...\{9FD6F1A8-5550-46AF-8509-271DF0E768B5}) (Version: 1.1.4.0169 - AMD)

Dxtory 2.0.108 (HKLM-x32\...\Dxtory2.0_is1) (Version: 2.0.108 - Dxtory Software)

Elements 10 Organizer (x32 Version: 10.0 - Adobe Systems Incorporated) Hidden

EMSC (x32 Version: 0.0.0.22C - Compal Electronics, Inc.) Hidden

EVE Online (remove only) (HKLM-x32\...\EVE) (Version:  - CCP Games Ltd.)

Express Burn (HKLM-x32\...\ExpressBurn) (Version:  - NCH Software)

ffdshow [rev 3154] [2009-12-09] (HKLM-x32\...\ffdshow_is1) (Version: 1.0 - )

Fraps (HKLM-x32\...\Fraps) (Version:  - )

Freemake Video Downloader (HKLM-x32\...\Freemake Video Downloader_is1) (Version: 3.3.0 - Ellora Assets Corporation)

FTL version 1.03.1 (HKLM-x32\...\{20E23A40-38E5-4DD6-B738-BC8097AE66B6}_is1) (Version: 1.03.1 - Subset Games)

FTL: Faster Than Light (HKLM-x32\...\Steam App 212680) (Version:  - Subset Games)

Game Dev Tycoon version 1.4.5 (HKLM-x32\...\{5BBB8682-1335-410F-A79F-8E5611A54BD0}_is1) (Version: 1.4.5 - Greenheart Games Pty. Ltd.)

Garmin Communicator Plugin (HKLM-x32\...\{647BB978-2876-487B-9B0E-FDB73F0EA4A2}) (Version: 4.0.4 - Garmin Ltd or its subsidiaries)

Garmin Communicator Plugin x64 (HKLM\...\{237D687E-9E50-4A30-B810-262764CC491B}) (Version: 4.0.4 - Garmin Ltd or its subsidiaries)

Garry's Mod (HKLM-x32\...\Steam App 4000) (Version:  - Garry)

GitHub (HKCU\...\68c6678448324991) (Version: 1.0.29.9 - GitHub, Inc.)

Google Chrome (HKCU\...\Google Chrome) (Version: 32.0.1700.102 - Google Inc.)

Google Earth (HKLM-x32\...\{4D2A6330-2F8B-11E3-9C40-B8AC6F97B88E}) (Version: 7.1.2.2041 - Google)

Google Update Helper (x32 Version: 1.3.22.3 - Google Inc.) Hidden

greaatsaver (HKLM-x32\...\{CA41BB14-E67B-1653-C57B-5CA99418A866}) (Version: 3.1.0.1281 - greaatsavere) <==== ATTENTION

GS.Enabler (HKLM-x32\...\S-1824435291) (Version: 2.2.0.1935 - PremiumSoft) <==== ATTENTION

Horizon v2.7.7.0 (HKLM-x32\...\d4cfeebc-b821-40b7-9f81-d366b1466f03_is1) (Version: 2.7.7.0 - Daring Development Inc.)

HyperCam 2 (HKLM-x32\...\HyperCam 2) (Version: 2.27.00 - Hyperionics Technology LLC)

iExplorer 3.1.1.0 (HKLM-x32\...\{7FD8B0C1-CDDA-4B4D-A577-B2E3570EA3A3}_is1) (Version:  - Macroplant LLC)

iFunbox (v2.0.2150.728), iFunbox DevTeam (HKLM-x32\...\iFunbox_is1) (Version: v2.0.2150.728 - )

iLivid (HKLM-x32\...\iLivid) (Version: 4.0.0.2208 - Bandoo Media Inc) <==== ATTENTION

Integrated Webcam Live! Central (HKLM-x32\...\Integrated Webcam Live! Central) (Version: 2.00.44 - Creative Technology Ltd)

Intel PROSet Wireless (Version:  - ) Hidden

Intel® Control Center (HKLM-x32\...\{F8A9085D-4C7A-41a9-8A77-C8998A96C421}) (Version: 1.2.1.1007 - Intel Corporation)

Intel® Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 8.0.1.1399 - Intel Corporation)

Intel® Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 8.15.10.2653 - Intel Corporation)

Intel® PROSet/Wireless for Bluetooth® + High Speed (HKLM\...\{37EC048A-81A2-452A-8D1F-3BE2018E767D}) (Version: 15.1.0.0096 - Intel Corporation)

Intel® PROSet/Wireless Software for Bluetooth® Technology (HKLM\...\{520C4DD4-2BC7-409B-BA48-E1A4F832662D}) (Version: 2.1.0.0140 - Intel Corporation)

Intel® Rapid Storage Technology (HKLM-x32\...\{3E29EE6C-963A-4aae-86C1-DC237C4A49FC}) (Version: 11.0.0.1032 - Intel Corporation)

Intel® USB 3.0 eXtensible Host Controller Driver (HKLM-x32\...\{240C3DDD-C5E9-4029-9DF7-95650D040CF2}) (Version: 1.0.3.214 - Intel Corporation)

Intel® PROSet/Wireless WiFi Software (HKLM\...\{E97F409F-9E1C-42A0-B72D-765A78DF3696}) (Version: 15.01.0000.0830 - Intel Corporation)

Intel® Trusted Connect Service Client (HKLM\...\{538B98C3-773F-4F20-9C66-802D104DCBE2}) (Version: 1.23.219.2 - Intel Corporation)

iTunes (HKLM\...\{96B53CA8-5ABB-49D8-96F1-F6C0D73A76C6}) (Version: 11.1.4.62 - Apple Inc.)

Java 7 Update 10 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F86417010FF}) (Version: 7.0.100 - Oracle)

Java 7 Update 21 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83217021FF}) (Version: 7.0.210 - Oracle)

Java Auto Updater (x32 Version: 2.1.9.5 - Sun Microsystems, Inc.) Hidden

Java SE Development Kit 7 Update 10 (64-bit) (HKLM\...\{64A3A4F4-B792-11D6-A78A-00B0D0170100}) (Version: 1.7.0.100 - Oracle)

Java SE Development Kit 7 Update 6 (64-bit) (HKLM\...\{64A3A4F4-B792-11D6-A78A-00B0D0170060}) (Version: 1.7.0.60 - Oracle)

JavaFX 2.1.1 (HKLM-x32\...\{1111706F-666A-4037-7777-211328764D10}) (Version: 2.1.1 - Oracle Corporation)

JC2-MP version 0.0.16 (Build 546) (HKLM-x32\...\{7F12FECB-1D75-42D7-9074-D6FEA6D91E65}_is1) (Version: 0.0.16 (Build 546) - )

Jing (HKLM-x32\...\{8CC9F4D8-D938-412B-B67D-A28FA7BDB8AA}) (Version: 2.7.12205.4 - TechSmith Corporation)

Just Cause 2 (HKLM-x32\...\Steam App 8190) (Version:  - Avalanche)

Just Cause 2: Multiplayer Mod (HKLM-x32\...\Steam App 259080) (Version:  - JC2-MP Team)

JustCloud  (HKLM\...\JustCloud) (Version:  - JustCloud)

Kerbal Space Program (HKLM-x32\...\Steam App 220200) (Version:  - Squad)

LEGO Digital Designer (HKLM-x32\...\New LEGO Digital Designer) (Version:  - LEGO A/S)

Lifeless Planet (HKLM-x32\...\Steam App 261530) (Version:  - Stage 2 Studios)

LightWave 11.0 64-bit (HKLM-x32\...\LightWave 11.0 64-bit 11.0) (Version: 11.0 - NewTek, Inc.)

LimeWire 5.6.2 (HKLM-x32\...\LimeWire) (Version: 5.6.2 - Lime Wire, LLC)

LogMeIn (HKLM-x32\...\{EE4CA5AF-4A55-418C-8CB8-74435814207B}) (Version: 4.1.2450 - LogMeIn, Inc.)

LOVE (remove only) (HKLM-x32\...\LOVE) (Version:  - )

LPT System Updater Service (x32 Version: 1.0.0.0 - LPT) Hidden <==== ATTENTION

Lua for Windows 5.1.4-46 (HKLM-x32\...\Lua_is1) (Version: 5.1.4.46 - The Lua for Windows Project and Lua and Tecgraf, PUC-Rio)

Malwarebytes Anti-Malware version 1.75.0.1300 (HKLM-x32\...\Malwarebytes' Anti-Malware_is1) (Version: 1.75.0.1300 - Malwarebytes Corporation)

Mathematica Extras 9.0 (4055459) (HKLM\...\A-WIN-Extras 9.0.1 4055459_is1) (Version: 9.0.1 - Wolfram Research, Inc.)

McAfee Security Scan Plus (HKLM-x32\...\McAfee Security Scan) (Version: 3.0.207.4 - McAfee, Inc.)

Microsoft .NET Framework 4 Multi-Targeting Pack (HKLM-x32\...\{CFEF48A8-BFB8-3EAC-8BA5-DE4F8AA267CE}) (Version: 4.0.30319 - Microsoft Corporation)

Microsoft .NET Framework 4.5 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50709 - Microsoft Corporation)

Microsoft .NET Framework 4.5 (Version: 4.5.50709 - Microsoft Corporation) Hidden

Microsoft Application Error Reporting (Version: 12.0.6015.5000 - Microsoft Corporation) Hidden

Microsoft Application Error Reporting (x32 Version: 12.0.6012.5000 - Microsoft Corporation) Hidden

Microsoft Flight (HKLM-x32\...\Steam App 203850) (Version:  - Microsoft Studios)

Microsoft Games for Windows - LIVE Redistributable (HKLM-x32\...\{42AA4CA8-DCD8-4308-BCAB-0B6D75856A9D}) (Version: 3.5.95.0 - Microsoft Corporation)

Microsoft Games for Windows Marketplace (HKLM-x32\...\{4CB0307C-565E-4441-86BE-0DF2E4FB828C}) (Version: 3.5.50.0 - Microsoft Corporation)

Microsoft Help Viewer 1.0 (HKLM\...\Microsoft Help Viewer 1.0) (Version: 1.0.30319 - Microsoft Corporation)

Microsoft Help Viewer 1.0 (Version: 1.0.30319 - Microsoft Corporation) Hidden

Microsoft Office 2010 Service Pack 1 (SP1) (HKLM\...\{91140000-0011-0000-1000-0000000FF1CE}_Office14.PROPLUSR_{7BC9B5EB-125A-4E9B-97E1-8D85B5E960B8}) (Version:  - Microsoft)

Microsoft Office 2010 Service Pack 1 (SP1) (Version:  - Microsoft) Hidden

Microsoft Office Access MUI (English) 2010 (Version: 14.0.6029.1000 - Microsoft Corporation) Hidden

Microsoft Office Access Setup Metadata MUI (English) 2010 (Version: 14.0.6029.1000 - Microsoft Corporation) Hidden

Microsoft Office Excel MUI (English) 2010 (Version: 14.0.6029.1000 - Microsoft Corporation) Hidden

Microsoft Office Groove MUI (English) 2010 (Version: 14.0.6029.1000 - Microsoft Corporation) Hidden

Microsoft Office InfoPath MUI (English) 2010 (Version: 14.0.6029.1000 - Microsoft Corporation) Hidden

Microsoft Office Office 32-bit Components 2010 (Version: 14.0.6029.1000 - Microsoft Corporation) Hidden

Microsoft Office OneNote MUI (English) 2010 (Version: 14.0.6029.1000 - Microsoft Corporation) Hidden

Microsoft Office Outlook MUI (English) 2010 (Version: 14.0.6029.1000 - Microsoft Corporation) Hidden

Microsoft Office PowerPoint MUI (English) 2010 (Version: 14.0.6029.1000 - Microsoft Corporation) Hidden

Microsoft Office Professional Plus 2010 (HKLM\...\Office14.PROPLUSR) (Version: 14.0.6029.1000 - Microsoft Corporation)

Microsoft Office Professional Plus 2010 (Version: 14.0.6029.1000 - Microsoft Corporation) Hidden

Microsoft Office Proof (English) 2010 (Version: 14.0.6029.1000 - Microsoft Corporation) Hidden

Microsoft Office Proof (French) 2010 (Version: 14.0.6029.1000 - Microsoft Corporation) Hidden

Microsoft Office Proof (Spanish) 2010 (Version: 14.0.6029.1000 - Microsoft Corporation) Hidden

Microsoft Office Proofing (English) 2010 (Version: 14.0.6029.1000 - Microsoft Corporation) Hidden

Microsoft Office Publisher MUI (English) 2010 (Version: 14.0.6029.1000 - Microsoft Corporation) Hidden

Microsoft Office Shared 32-bit MUI (English) 2010 (Version: 14.0.6029.1000 - Microsoft Corporation) Hidden

Microsoft Office Shared MUI (English) 2010 (Version: 14.0.6029.1000 - Microsoft Corporation) Hidden

Microsoft Office Shared Setup Metadata MUI (English) 2010 (Version: 14.0.6029.1000 - Microsoft Corporation) Hidden

Microsoft Office Word MUI (English) 2010 (Version: 14.0.6029.1000 - Microsoft Corporation) Hidden

Microsoft Security Client (Version: 4.2.0223.1 - Microsoft Corporation) Hidden

Microsoft Security Essentials (HKLM\...\Microsoft Security Client) (Version: 4.2.223.1 - Microsoft Corporation)

Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.20513.0 - Microsoft Corporation)

Microsoft SkyDrive (HKCU\...\SkyDriveSetup.exe) (Version: 16.4.6013.0910 - Microsoft Corporation)

Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)

Microsoft SQL Server 2008 R2 Management Objects (HKLM-x32\...\{4E968D9C-21A7-4915-B698-F7AEB913541D}) (Version: 10.50.1447.4 - Microsoft Corporation)

Microsoft SQL Server Compact 3.5 SP2 ENU (HKLM-x32\...\{3A9FC03D-C685-4831-94CF-4EDFD3749497}) (Version: 3.5.8080.0 - Microsoft Corporation)

Microsoft SQL Server Compact 3.5 SP2 x64 ENU (HKLM\...\{D4AD39AD-091E-4D33-BB2B-59F6FCB8ADC3}) (Version: 3.5.8080.0 - Microsoft Corporation)

Microsoft SQL Server System CLR Types (HKLM-x32\...\{2A2F3AE8-246A-4252-BB26-1BEB45627074}) (Version: 10.50.1447.4 - Microsoft Corporation)

Microsoft Visual C# 2010 Express - ENU (HKLM-x32\...\Microsoft Visual C# 2010 Express - ENU) (Version: 10.0.30319 - Microsoft Corporation)

Microsoft Visual C# 2010 Express - ENU (x32 Version: 10.0.30319 - Microsoft Corporation) Hidden

Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)

Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)

Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)

Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)

Microsoft Visual C++ 2008 Redistributable - x64 9.0.21022 (HKLM\...\{350AA351-21FA-3270-8B7A-835434E766AD}) (Version: 9.0.21022 - Microsoft Corporation)

Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)

Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)

Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)

Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)

Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729 (HKLM-x32\...\{820B6609-4C97-3A2B-B644-573B06A0F0CC}) (Version: 9.0.30729 - Microsoft Corporation)

Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (x32 Version: 9.0.30729 - Microsoft Corporation) Hidden

Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)

Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4974 (HKLM-x32\...\{B7E38540-E355-3503-AFD7-635B2F2F76E1}) (Version: 9.0.30729.4974 - Microsoft Corporation)

Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)

Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)

Microsoft Visual C++ 2010  x64 Runtime - 10.0.30319 (HKLM\...\{94D70749-4281-39AC-AD90-B56A0E0A402E}) (Version: 10.0.30319 - Microsoft Corporation)

Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)

Microsoft Visual C++ 2010 Express - ENU (HKLM-x32\...\Microsoft Visual C++ 2010 Express - ENU) (Version: 10.0.30319 - Microsoft Corporation)

Microsoft Visual C++ 2010 Express - ENU (x32 Version: 10.0.30319 - Microsoft Corporation) Hidden

Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.60610 (HKLM-x32\...\{a1909659-0a08-4554-8af1-2175904903a1}) (Version: 11.0.60610.1 - Microsoft Corporation)

Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.60610 (HKLM-x32\...\{95716cce-fc71-413f-8ad5-56c2892d4b3a}) (Version: 11.0.60610.1 - Microsoft Corporation)

Microsoft Visual C++ 2012 x64 Additional Runtime - 11.0.60610 (Version: 11.0.60610 - Microsoft Corporation) Hidden

Microsoft Visual C++ 2012 x64 Minimum Runtime - 11.0.60610 (Version: 11.0.60610 - Microsoft Corporation) Hidden

Microsoft Visual C++ 2012 x86 Additional Runtime - 11.0.60610 (x32 Version: 11.0.60610 - Microsoft Corporation) Hidden

Microsoft Visual C++ 2012 x86 Minimum Runtime - 11.0.60610 (x32 Version: 11.0.60610 - Microsoft Corporation) Hidden

Microsoft Visual Studio 2010 ADO.NET Entity Framework Tools (HKLM-x32\...\{14DD7530-CCD2-3798-B37D-3839ED6A441C}) (Version: 10.0.30319 - Microsoft Corporation)

Microsoft Visual Studio 2010 Express Prerequisites x64 - ENU (HKLM\...\{BCA26999-EC22-3007-BB79-638913079C9A}) (Version: 10.0.30319 - Microsoft Corporation)

Microsoft XNA Framework Redistributable 4.0 (HKLM-x32\...\{2BFC7AA0-544C-4E3A-8796-67F3BE655BE9}) (Version: 4.0.20823.0 - Microsoft Corporation)

Microsoft_VC80_CRT_x86 (x32 Version: 8.0.50727.4053 - Adobe) Hidden

Microsoft_VC90_CRT_x86 (x32 Version: 1.00.0000 - Adobe) Hidden

MIDI to MP3 Converter (HKLM-x32\...\MIDI to MP3 Converter) (Version: 2.0 - FileConv Studio)

Minecraft Note Block Studio version 3.1.3 (HKLM-x32\...\{85725958-E3A1-4D0F-862B-4CE4EDC71A5E}_is1) (Version: 3.1.3 - David Norgren)

Mousotron 8.0 (HKLM-x32\...\Mousotron_is1) (Version: 8.0 - Blacksun Software)

Movie Maker (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden

Mozilla Firefox 30.0 (x86 en-US) (HKLM-x32\...\Mozilla Firefox 30.0 (x86 en-US)) (Version: 30.0 - Mozilla)

Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 29.0.1 - Mozilla)

MP3 2 Ogg Lab 2004 (HKLM-x32\...\MP3 2 Ogg Lab 2004_is1) (Version:  - MP3 Surgeon)

MP3Converter.Me (HKLM-x32\...\{C3E3CDCC-18D7-49FA-8596-90CED7327F46}) (Version: 1.0.0 - MP3Converter.Me)

MSVCRT (x32 Version: 15.4.2862.0708 - Microsoft) Hidden

MSVCRT Redists (Version: 1.0 - Sony Creative Software Inc.) Hidden

MSVCRT110 (x32 Version: 16.4.1108.0727 - Microsoft) Hidden

MSVCRT110_amd64 (Version: 16.4.1109.0912 - Microsoft) Hidden

MSXML 4.0 SP2 (KB954430) (HKLM-x32\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)

MSXML 4.0 SP2 (KB973688) (HKLM-x32\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)

MySQL Installer (HKLM-x32\...\{AE38A781-109B-428B-B695-F6F9DA05E292}) (Version: 1.0.19.0 - Oracle Corporation)

MySQL Server 5.5 (HKLM\...\{04D42880-78A6-43EC-BAA8-7B1D1B2BB3E7}) (Version: 5.5.26 - Oracle Corporation)

NASCAR® Racing 2003 Season Demo (HKLM-x32\...\{5193711F-4F46-418D-AE18-C453599807EE}) (Version:  - Sierra Entertainment)

NaturalReaderFree (HKLM-x32\...\{C5E7BF75-007E-44AD-8962-627ED44CB63B}) (Version: 11 - NaturalSoft)

Nexus Mod Manager (HKLM\...\6af12c54-643b-4752-87d0-8335503010de_is1) (Version: 0.48.2 - Black Tree Gaming)

Notepad++ (HKLM-x32\...\Notepad++) (Version: 6.1.6 - )

NVIDIA 3D Vision Driver 296.39 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 296.39 - NVIDIA Corporation)

NVIDIA Control Panel 296.39 (Version: 296.39 - NVIDIA Corporation) Hidden

NVIDIA Graphics Driver 296.39 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 296.39 - NVIDIA Corporation)

NVIDIA Install Application (Version: 2.1002.62.312 - NVIDIA Corporation) Hidden

NVIDIA Optimus 1.7.12 (Version: 1.7.12 - NVIDIA Corporation) Hidden

NVIDIA PhysX (x32 Version: 9.12.0213 - NVIDIA Corporation) Hidden

NVIDIA PhysX System Software 9.12.0213 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.12.0213 - NVIDIA Corporation)

NVIDIA Stereoscopic 3D Driver (x32 Version: 7.17.12.9639 - NVIDIA Corporation) Hidden

NVIDIA Update 1.7.12 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update) (Version: 1.7.12 - NVIDIA Corporation)

NVIDIA Update Components (Version: 1.7.12 - NVIDIA Corporation) Hidden

Optimizer Pro v3.0 (HKLM-x32\...\Optimizer Pro_is1) (Version: 3.0 - PC Utilities Pro) <==== ATTENTION

Oracle VM VirtualBox 4.3.12 (HKLM\...\{B5121457-0126-4E62-BCBF-6DC7C73D9E4A}) (Version: 4.3.12 - Oracle Corporation)

Paint.NET v3.5.10 (HKLM\...\{529125EF-E3AC-4B74-97E6-F688A7C0F1C0}) (Version: 3.60.0 - dotPDN LLC)

Pando Media Booster (HKLM-x32\...\{980A182F-E0A2-4A40-94C1-AE0C1235902E}) (Version: 2.6.0.8 - Pando Networks Inc.)

Pastebin Desktop (HKLM-x32\...\Pastebin Desktop) (Version:  - )

PDF Settings CS6 (x32 Version: 11.0 - Adobe Systems Incorporated) Hidden

Photo Gallery (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden

Pirate101 (HKLM-x32\...\{662140BE-138C-4DC1-B4CD-B62C6C855A25}) (Version: 1.0.0 - KingsIsle Entertainment, Inc.)

Pixillion Image Converter (HKLM-x32\...\Pixillion) (Version:  - NCH Software)

Plague Inc: Evolved (HKLM-x32\...\Steam App 246620) (Version:  - Ndemic Creations)

Port Forward Network Utilities 2.0.1 (HKLM-x32\...\Port Forward Network Utilities) (Version: 2.0.1 - Portforward.com)

Prism Video File Converter (HKLM-x32\...\Prism) (Version:  - NCH Software)

PrivitizeVPN (HKLM-x32\...\PrivitizeVPN) (Version: 1.0.0 - OOO Industry) <==== ATTENTION

PSE10 STI Installer (x32 Version: 10.0 - Adobe Systems Incorporated) Hidden

PunkBuster Services (HKLM-x32\...\PunkBusterSvc) (Version: 0.988 - Even Balance, Inc.)

PursuePoint (HKLM\...\PursuePoint) (Version: 2014.02.20.000351 - PursuePoint) <==== ATTENTION

Python 3.3.0 (64-bit) (HKLM\...\{290329c4-a276-3aec-b633-9f5a39d8dd96}) (Version: 3.3.150 - Python Software Foundation)

QualxServ Service Agreement (HKLM-x32\...\{18401E1E-1E44-461A-A4B2-E48B1A727818}) (Version: 2.0.0 - Dell Inc.)

QuickTime (HKLM-x32\...\{B67BAFBA-4C9F-48FA-9496-933E3B255044}) (Version: 7.74.80.86 - Apple Inc.)

Rainmeter (HKLM-x32\...\Rainmeter) (Version: 3.0 beta r2022 - )

Raptr (HKLM-x32\...\Raptr) (Version:  - )

RAR Password Cracker (HKLM-x32\...\RAR Password Cracker) (Version: 4.12 - dnSoft Research Group)

Razer Game Booster (HKLM-x32\...\Razer Game Booster_is1) (Version: 4.2.45.0 - Razer Inc.)

Razer Synapse 2.0 (HKLM-x32\...\{0D78BEE2-F8FF-4498-AF1A-3FF81CED8AC6}) (Version: 1.11.3 - Razer Inc.)

ReaguLaarDeals (HKLM-x32\...\{76DEE3DC-2B8B-E212-2126-D31D9E73DFE4}) (Version:  - RegularDeaLs)

RegClean Pro (HKLM-x32\...\RegClean Pro_is1) (Version: 6.21 - Systweak Inc) <==== ATTENTION

RegInOut System Utilities (HKLM-x32\...\RegInOut System Utilities4.0.0.1) (Version: 4.0.0.1 - SORCIM Technologies)

Rigs of Rods 0.38.67 (HKLM-x32\...\Rigs of Rods 0.38.67) (Version: 0.38.67 - Rigs of Rods Team)

ROBLOX Player (HKLM-x32\...\{373B1718-8CC5-4567-8EE2-9033AD08A680}) (Version:  - ROBLOX Corporation)

ROBLOX Studio 2013 (HKLM-x32\...\{2922D6F1-2865-4EFA-97A9-94EEAB3AFA14}) (Version:  - ROBLOX Corporation)

Robocraft (HKLM-x32\...\Steam App 301520) (Version:  - Freejam)

SavePass Smartbar (HKLM-x32\...\{5823C449-6868-4154-B496-21E40C5F09DA}) (Version: 10.212.76.15578 - PinWid Ltd.) <==== ATTENTION

SavePass Smartbar Engine (HKCU\...\{94228965-2539-4f3c-a297-fafbf3f8b6e1}) (Version: 10.212.76.15578 - PinWid Ltd.) <==== ATTENTION

Scratch (HKLM-x32\...\Scratch) (Version: 1.4.0.0 - MIT Media Lab Lifelong Kindergarten Group)

Search Protect (HKLM-x32\...\SearchProtect) (Version: 2.10.30.15 - Conduit) <==== ATTENTION

Sentinel Protection Installer 7.6.1 (HKLM-x32\...\{7B1AA2AB-ACD2-45C7-B1B1-364BEA40615F}) (Version: 7.6.1 - SafeNet, Inc.)

Ship Simulator Extremes (HKLM-x32\...\Steam App 48800) (Version:  - VStep)

ShopuDrop (HKLM-x32\...\{B6D700D3-3D0D-FEEB-D675-2CE78F9EC5D6}) (Version:  - ShhoPDraop)

Skype Click to Call (HKLM-x32\...\{6D1221A9-17BF-4EC0-81F2-27D30EC30701}) (Version: 7.3.16540.9015 - Microsoft Corporation)

Skype™ 6.16 (HKLM-x32\...\{7A3C7E05-EE37-47D6-99E1-2EB05A3DA3F7}) (Version: 6.16.105 - Skype Technologies S.A.)

Software Version Updater (HKLM-x32\...\{99C91FC5-DB5B-4AA0-BB70-5D89C5A4DF96}) (Version: 1.1.3.8 - ) <==== ATTENTION

Sound Blaster Recon3Di (HKLM-x32\...\{C8AAFCDC-CD3A-40AD-9FA9-07FB70F08224}) (Version: 1.00.08 - Creative Technology Limited)

Sound Blaster Recon3Di Extras (HKLM-x32\...\{C45E715E-442E-4D82-BD46-A08A0870957C}) (Version: 1.0 - Creative Technology Limited)

SpeedBit Video Accelerator (HKLM-x32\...\SpeedBit Video Accelerator) (Version: 3310(build_3019) - SpeedBit Ltd.)

SpeedCap 1.0 (HKLM-x32\...\{6DB8C365-E719-4BA5-9594-10DFC244D3FD}_is1) (Version:  - )

Spintires (HKLM-x32\...\Steam App 263280) (Version:  - Oovee® Game Studios)

ST Microelectronics 3 Axis Digital Accelerometer Solution (HKLM-x32\...\{9C24F411-9CA7-4A8A-91F3-F08A4A38EB31}) (Version: 4.12.0018 - ST Microelectronics)

Star Trek Online (HKLM-x32\...\Star Trek Online) (Version:  - Cryptic Studios)

Star wars Battlefront II version 1.3 (HKLM-x32\...\{2EF34761-F147-4984-8AF1-BB9F8DA76CDD}_is1) (Version: 1.3 - )

Steam (HKLM-x32\...\{048298C9-A4D3-490B-9FF9-AB023A9238F3}) (Version: 1.0.0.0 - Valve Corporation)

Sumotori Dreams (HKLM-x32\...\Sumotori Dreams) (Version:  - )

Sumotori Full Version (HKLM-x32\...\Sumotori Full Version) (Version:  - )

SweetIM Bundle by SweetPacks (HKLM-x32\...\SweetIM Bundle by SweetPacks) (Version: 1.0.0.0 - SweetPacks LTD) <==== ATTENTION

SweetIM for Messenger 3.7 (x32 Version: 3.7.0007 - SweetIM Technologies Ltd.) Hidden <==== ATTENTION

SWF to AVI (HKLM-x32\...\{3315B802-84C6-47BC-907A-9B77A4646197}_is1) (Version:  - www.swftoavi.com)

Switch Sound File Converter (HKLM-x32\...\Switch) (Version:  - NCH Software)

Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 16.0.4.0 - Synaptics Incorporated)

Synthesia (HKLM-x32\...\Synthesia) (Version: 9 - Synthesia LLC)

System Requirements Lab CYRI (HKLM-x32\...\{19B0831B-0C18-4103-86E4-90FCD04CD3B9}) (Version: 6.0.12.5 - Husdawg, LLC)

System Requirements Lab Detection (HKLM-x32\...\{33CCDAF8-9F2C-4F03-8536-B146EF06AC08}) (Version: 2.0.0.0 - Husdawg, LLC)

System Requirements Lab for Intel (HKLM-x32\...\{C7CA731B-BF9A-46D9-92CF-8A8737AE9240}) (Version: 4.5.13.0 - Husdawg, LLC)

TeamSpeak 3 Client (HKCU\...\TeamSpeak 3 Client) (Version: 3.0.15 - TeamSpeak Systems GmbH)

TeamSpeak 3 Client (HKLM\...\TeamSpeak 3 Client) (Version: 3.0.6 - TeamSpeak Systems GmbH)

Terraria (HKLM-x32\...\Steam App 105600) (Version:  - Re-Logic)

The Elder Scrolls V: Skyrim (HKLM-x32\...\Steam App 72850) (Version:  - Bethesda Game Studios)

TidyNetwork (HKCU\...\TidyNetwork) (Version:  - TidyNetwork)

Toolbar 4.7 by SweetPacks (x32 Version: 4.7.0004 - SweetIM Technologies Ltd.) Hidden <==== ATTENTION

TortoiseSVN 1.8.4.24972 (64 bit) (HKLM\...\{A2EFDE01-96B3-4E55-8834-81617ED6BCBE}) (Version: 1.8.24972 - TortoiseSVN)

Total Screen Recorder Gold 1.5 (HKLM-x32\...\{9BF42FDC-FFD3-4F30-B0D5-DA8A6E5316F7}_is1) (Version: 1.5 - Total Screen Recorder, Inc.)

Unity (HKLM-x32\...\Unity) (Version:  - Unity Technologies ApS)

Unity Web Player (HKCU\...\UnityWebPlayer) (Version:  - Unity Technologies ApS)

Universe Sandbox (HKLM-x32\...\Steam App 72200) (Version:  - Giant Army)

Update for Microsoft Office 2010 (KB2553065) (HKLM\...\{91140000-0011-0000-1000-0000000FF1CE}_Office14.PROPLUSR_{57CEB66B-DD29-4883-92A2-671331657B52}) (Version:  - Microsoft)

Update for Microsoft Office 2010 (KB2553092) (HKLM\...\{90140000-0044-0409-1000-0000000FF1CE}_Office14.PROPLUSR_{E636FE63-842B-4F4B-9884-DA189ACC0B91}) (Version:  - Microsoft)

Update for Microsoft Office 2010 (KB2553092) (HKLM\...\{91140000-0011-0000-1000-0000000FF1CE}_Office14.PROPLUSR_{E636FE63-842B-4F4B-9884-DA189ACC0B91}) (Version:  - Microsoft)

Update for Microsoft Office 2010 (KB2553181) 64-Bit Edition (HKLM\...\{90140000-0043-0000-1000-0000000FF1CE}_Office14.PROPLUSR_{E24F10E6-7D9B-4E3A-B6CF-4C3257A382CD}) (Version:  - Microsoft)

Update for Microsoft Office 2010 (KB2553181) 64-Bit Edition (HKLM\...\{91140000-0011-0000-1000-0000000FF1CE}_Office14.PROPLUSR_{E24F10E6-7D9B-4E3A-B6CF-4C3257A382CD}) (Version:  - Microsoft)

Update for Microsoft Office 2010 (KB2553267) 64-Bit Edition (HKLM\...\{91140000-0011-0000-1000-0000000FF1CE}_Office14.PROPLUSR_{3E381AC3-30C3-41D7-9B27-B3F3E17BDCB8}) (Version:  - Microsoft)

Update for Microsoft Office 2010 (KB2553310) 64-Bit Edition (HKLM\...\{90140000-006E-0409-1000-0000000FF1CE}_Office14.PROPLUSR_{D9CF6D64-9342-4C83-A9C1-F45DE139F2A7}) (Version:  - Microsoft)

Update for Microsoft Office 2010 (KB2553378) 64-Bit Edition (HKLM\...\{91140000-0011-0000-1000-0000000FF1CE}_Office14.PROPLUSR_{CABC3FE9-02BD-47C8-8576-EA3E8BB1BE1A}) (Version:  - Microsoft)

Update for Microsoft Office 2010 (KB2566458) (HKLM\...\{90140000-0043-0000-1000-0000000FF1CE}_Office14.PROPLUSR_{A6C194EA-C6CB-4314-9E43-AD1F4A1E9D74}) (Version:  - Microsoft)

Update for Microsoft Office 2010 (KB2598242) 64-Bit Edition (HKLM\...\{90140000-001F-0409-1000-0000000FF1CE}_Office14.PROPLUSR_{A8EC00BF-EDF5-46F0-B466-C4312722D8F3}) (Version:  - Microsoft)

Update for Microsoft Office 2010 (KB2598242) 64-Bit Edition (HKLM\...\{90140000-001F-040C-1000-0000000FF1CE}_Office14.PROPLUSR_{02A7E7E4-15FB-4240-963D-61E9029E0135}) (Version:  - Microsoft)

Update for Microsoft Office 2010 (KB2598242) 64-Bit Edition (HKLM\...\{90140000-001F-0C0A-1000-0000000FF1CE}_Office14.PROPLUSR_{BE0D098C-1F21-481C-BA71-ECAD0F770E23}) (Version:  - Microsoft)

Update for Microsoft Office 2010 (KB2687509) 64-Bit Edition (HKLM\...\{90140000-0043-0000-1000-0000000FF1CE}_Office14.PROPLUSR_{7750DF63-F5DC-4198-8B8B-AE03B212F462}) (Version:  - Microsoft)

Update for Microsoft Office 2010 (KB2687509) 64-Bit Edition (HKLM\...\{91140000-0011-0000-1000-0000000FF1CE}_Office14.PROPLUSR_{7750DF63-F5DC-4198-8B8B-AE03B212F462}) (Version:  - Microsoft)

Update for Microsoft Office 2010 (KB2760631) 64-Bit Edition (HKLM\...\{91140000-0011-0000-1000-0000000FF1CE}_Office14.PROPLUSR_{B6AD7E27-012A-4B63-82BA-AF62893E5435}) (Version:  - Microsoft)

Update for Microsoft Office 2010 (KB2767886) 64-Bit Edition (HKLM\...\{91140000-0011-0000-1000-0000000FF1CE}_Office14.PROPLUSR_{204B60A2-CCEA-4075-9F58-B7BC1BA5E742}) (Version:  - Microsoft)

Update for Microsoft OneNote 2010 (KB2553290) 64-Bit Edition (HKLM\...\{90140000-00A1-0409-1000-0000000FF1CE}_Office14.PROPLUSR_{8D07F876-D93A-4CF7-B801-1D41AB2BF60B}) (Version:  - Microsoft)

Update for Microsoft Outlook 2010 (KB2597090) 64-Bit Edition (HKLM\...\{91140000-0011-0000-1000-0000000FF1CE}_Office14.PROPLUSR_{0977F620-BD31-41EC-B18C-31E341D5935E}) (Version:  - Microsoft)

Update for Microsoft Outlook 2010 (KB2687623) 64-Bit Edition (HKLM\...\{90140000-001A-0409-1000-0000000FF1CE}_Office14.PROPLUSR_{0B6EF241-90CC-4AC7-B36F-2EECB12E61CF}) (Version:  - Microsoft)

Update for Microsoft Outlook Social Connector 2010 (KB2553406) 64-Bit Edition (HKLM\...\{90140000-001A-0409-1000-0000000FF1CE}_Office14.PROPLUSR_{4C975BB2-B3EE-4F66-A8E7-5C917B7C439D}) (Version:  - Microsoft)

Update for Microsoft Outlook Social Connector 2010 (KB2553406) 64-Bit Edition (HKLM\...\{91140000-0011-0000-1000-0000000FF1CE}_Office14.PROPLUSR_{7861C766-2AA2-4A50-AB75-A57D451CEA76}) (Version:  - Microsoft)

Update for Microsoft PowerPoint 2010 (KB2598240) 64-Bit Edition (HKLM\...\{91140000-0011-0000-1000-0000000FF1CE}_Office14.PROPLUSR_{AF61D314-0E39-485E-A603-2B2F03AB7376}) (Version:  - Microsoft)

Update for Microsoft SharePoint Workspace 2010 (KB2589371) 64-Bit Edition (HKLM\...\{90140000-0043-0000-1000-0000000FF1CE}_Office14.PROPLUSR_{E1757044-ECB2-4551-B1D5-5E39F7E109CE}) (Version:  - Microsoft)

Update for Microsoft SharePoint Workspace 2010 (KB2589371) 64-Bit Edition (HKLM\...\{91140000-0011-0000-1000-0000000FF1CE}_Office14.PROPLUSR_{E1757044-ECB2-4551-B1D5-5E39F7E109CE}) (Version:  - Microsoft)

Update Manager for SweetPacks 1.1 (x32 Version: 1.1.0008 - SweetIM Technologies Ltd.) Hidden <==== ATTENTION

Vegas Pro 11.0 (64-bit) (HKLM\...\{43EBA222-8DF7-11E1-862B-F04DA23A5C58}) (Version: 11.0.683 - Sony)

VideoPad Video Editor (HKLM-x32\...\VideoPad) (Version:  - NCH Software)

VIO Player version 1.2 (HKLM-x32\...\{2A9009E1-122C-4692-B442-A750C0DE7BA1}_is1) (Version: 1.2 - VIO Player)

Visual Studio 2008 x64 Redistributables (HKLM-x32\...\{FCDBEA60-79F0-4FAE-BBA8-55A26C609A49}) (Version: 10.0.0.2 - AVG Technologies)

Visual Studio 2010 Tools for SQL Server Compact 3.5 SP2 ENU (HKLM-x32\...\{112C23F2-C036-4D40-BED4-0CB47BF5555C}) (Version: 4.0.8080.0 - Microsoft Corporation)

VLC media player 2.0.3 (HKLM-x32\...\VLC media player) (Version: 2.0.3 - VideoLAN)

VO Package (HKLM-x32\...\VOPackage) (Version: 1.0.0.0 - ) <==== ATTENTION

Voxatron 0.2.9 (HKLM-x32\...\Voxatron) (Version: 0.2.9 - Lexaloffle Games)

WavePad Sound Editor (HKLM-x32\...\WavePad) (Version:  - NCH Software)

Windows Live Communications Platform (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden

Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 16.4.3508.0205 - Microsoft Corporation)

Windows Live Essentials (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden

Windows Live ID Sign-in Assistant (Version: 7.250.4311.0 - Microsoft Corporation) Hidden

Windows Live Installer (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden

Windows Live Photo Common (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden

Windows Live PIMT Platform (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden

Windows Live SOXE (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden

Windows Live SOXE Definitions (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden

Windows Live UX Platform (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden

Windows Live UX Platform Language Pack (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden

WinPcap 4.1.2 (HKLM-x32\...\WinPcapInst) (Version: 4.1.0.2001 - CACE Technologies)

WinRAR 4.20 (32-bit) (HKLM-x32\...\WinRAR archiver) (Version: 4.20.0 - win.rar GmbH)

Wizard101 (HKLM-x32\...\{A9E27FF5-6294-46A8-B8FD-77B1DECA3021}) (Version: 1.0.0 - KingsIsle Entertainment, Inc.)

Wolfram Mathematica 9 (M-WIN-L 9.0.1 4055652) (HKLM\...\M-WIN-L 9.0.1 4055652_is1) (Version: 9.0.1 - Wolfram Research, Inc.)

World of Warcraft (HKLM-x32\...\World of Warcraft) (Version:  - Blizzard Entertainment)

WS.Booster (HKLM-x32\...\S-1431105474) (Version: 4.0.0.1513 - PremiumSoft) <==== ATTENTION

Xilisoft Audio Converter 6 (HKLM-x32\...\Xilisoft Audio Converter 6) (Version: 6.4.0.20121010 - Xilisoft)

Xvid Video Codec (HKLM-x32\...\Xvid Video Codec 1.3.2) (Version: 1.3.2 - Xvid Team)

Youbooster Pro Edition 2.3 (HKLM-x32\...\Youbooster Pro Edition) (Version: 2.3 - Youtube Bots) <==== ATTENTION

 

==================== Custom CLSID (selected items): ==========================

 

(If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)

 

CustomCLSID: HKU\S-1-5-21-1126745806-3093530448-7569978-1001_Classes\CLSID\{005A3A96-BAC4-4B0A-94EA-C0CE100EA736}\localserver32 -> C:\Users\Andre\AppData\Roaming\Dropbox\bin\Dropbox.exe ()

CustomCLSID: HKU\S-1-5-21-1126745806-3093530448-7569978-1001_Classes\CLSID\{4c542487-eae3-4ed5-8b97-b47c782733a7}\InprocServer32 -> C:\Windows\system32\dfshim.dll (Microsoft Corporation)

CustomCLSID: HKU\S-1-5-21-1126745806-3093530448-7569978-1001_Classes\CLSID\{A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E}\InprocServer32 -> C:\Users\Andre\AppData\Local\Microsoft\SkyDrive\16.4.6013.0910\amd64\SkyDriveShell64.dll (Microsoft Corporation)

CustomCLSID: HKU\S-1-5-21-1126745806-3093530448-7569978-1001_Classes\CLSID\{BBACC218-34EA-4666-9D7A-C78F2274A524}\InprocServer32 -> C:\Users\Andre\AppData\Local\Microsoft\SkyDrive\16.4.6013.0910\amd64\SkyDriveShell64.dll (Microsoft Corporation)

CustomCLSID: HKU\S-1-5-21-1126745806-3093530448-7569978-1001_Classes\CLSID\{D45F043D-F17F-4e8a-8435-70971D9FA46D}\InprocServer32 -> C:\Program Files (x86)\Blender Foundation\Blender\BlendThumb64.dll ()

CustomCLSID: HKU\S-1-5-21-1126745806-3093530448-7569978-1001_Classes\CLSID\{F241C880-6982-4CE5-8CF7-7085BA96DA5A}\InprocServer32 -> C:\Users\Andre\AppData\Local\Microsoft\SkyDrive\16.4.6013.0910\amd64\SkyDriveShell64.dll (Microsoft Corporation)

CustomCLSID: HKU\S-1-5-21-1126745806-3093530448-7569978-1001_Classes\CLSID\{F8071786-1FD0-4A66-81A1-3CBE29274458}\InprocServer32 -> C:\Users\Andre\AppData\Local\Microsoft\SkyDrive\16.4.6013.0910\amd64\FileSyncApi64.dll (Microsoft Corporation)

CustomCLSID: HKU\S-1-5-21-1126745806-3093530448-7569978-1001_Classes\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Andre\AppData\Roaming\Dropbox\bin\DropboxExt64.22.dll (Dropbox, Inc.)

CustomCLSID: HKU\S-1-5-21-1126745806-3093530448-7569978-1001_Classes\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Andre\AppData\Roaming\Dropbox\bin\DropboxExt64.22.dll (Dropbox, Inc.)

CustomCLSID: HKU\S-1-5-21-1126745806-3093530448-7569978-1001_Classes\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Andre\AppData\Roaming\Dropbox\bin\DropboxExt64.22.dll (Dropbox, Inc.)

CustomCLSID: HKU\S-1-5-21-1126745806-3093530448-7569978-1001_Classes\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Andre\AppData\Roaming\Dropbox\bin\DropboxExt64.22.dll (Dropbox, Inc.)

 

==================== Restore Points  =========================

 

04-08-2014 01:26:16 Scheduled Checkpoint

04-08-2014 14:15:25 Windows Update

 

==================== Hosts content: ==========================

 

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

 

2009-07-13 21:34 - 2009-06-10 16:00 - 00000824 ____A C:\Windows\system32\Drivers\etc\hosts

 

==================== Scheduled Tasks (whitelisted) =============

 

(If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.)

 

Task: {04094ACA-6101-41B4-B6CE-8486E1886143} - System32\Tasks\{EF0B6366-FE86-4BAA-A172-C69E2CAD85E5} => C:\Users\Andre\Desktop\Simfam\INFO.EXE

Task: {047AB952-D89D-451F-B345-AC1FE9B48005} - System32\Tasks\{2128E508-3F8C-477D-9996-68719DE10D31} => C:\Users\Andre\KSP_win\Patcher.exe [2013-05-23] ()

Task: {10667766-430C-43F1-84D0-D473C13FDC3F} - System32\Tasks\{9753B072-F2D9-48B4-8C42-62A87730ECA1} => C:\Users\Andre\Desktop\Simfam\INFO.EXE

Task: {12980C63-8E5F-48E7-BE5F-425855036FD4} - System32\Tasks\RegClean Pro => C:\Program Files (x86)\RegClean Pro\RegCleanPro.exe <==== ATTENTION

Task: {14D6D5F6-7862-4A84-899C-E7747AD3FAD4} - System32\Tasks\{AED7ADA7-C265-4B08-A2B2-D9712A3B6B43} => C:\Users\Andre\Desktop\Simfam\INFO.EXE

Task: {1B545489-AC70-453C-85B6-F1E3B7A0D0CA} - System32\Tasks\{220CE8D8-2646-4E92-A100-08CBDE168701} => C:\Users\Andre\KSP_win\Patcher.exe [2013-05-23] ()

Task: {2B9E2916-88AB-4C7A-A799-4D92BC2F9970} - System32\Tasks\{B9CA4FED-DBEA-4BEC-B3C8-D59CD2CB04B6} => C:\Users\Andre\Desktop\Simfam\INFO.EXE

Task: {2DE4C538-0620-4237-9848-7731E21980E8} - System32\Tasks\Game_Booster_Startup => C:\Program Files (x86)\IObit\Game Booster 3\gbtray.exe

Task: {2EE372F2-0D7F-49CA-BB15-541DD5574C90} - System32\Tasks\LaunchApp => C:\Program Files (x86)\JustCloud\JustCloud.exe [2012-12-25] (JustCloud.com)

Task: {2FC974EF-8F48-4806-8531-552A19B1365A} - System32\Tasks\{98BE2DA4-2C66-434A-9AF4-F15514CE0D62} => C:\Users\Andre\Desktop\Simfam\INSTALL.EXE

Task: {32DFA58F-C694-4240-A3A1-1478A519A067} - System32\Tasks\{19063F75-0959-4D28-9CCE-21E07ED590AB} => C:\Users\Andre\Desktop\Simfam\INSTALL.EXE

Task: {33AC5F18-5C7B-4AFF-917F-A080CDE2EAE2} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2011-06-01] (Apple Inc.)

Task: {3FDEC9F4-60C1-4F6E-9AD7-5FB52323A1D5} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-1126745806-3093530448-7569978-1001Core => C:\Users\Andre\AppData\Local\Google\Update\GoogleUpdate.exe [2014-08-06] ()

Task: {497AE90B-1857-47B1-B961-494F0A4C272E} - System32\Tasks\{19367B33-1531-4BC6-A496-C1F946B8AD83} => C:\Users\Andre\Desktop\Simfam\INFO.EXE

Task: {4C7B89EF-BFC1-42A4-86C8-13741B9843C9} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2014-05-27] (Adobe Systems Incorporated)

Task: {4D09757B-4D27-40A9-B659-1FDC2D26602D} - System32\Tasks\{3A5CBD49-A919-40E8-B888-2928FAB450D6} => C:\Users\Andre\Desktop\Simfam\INFO.EXE

Task: {5473DDA1-B2B1-4AEA-BC71-49BE7E30B046} - System32\Tasks\{B8C35793-8A81-4BEE-8306-3D852013A7A6} => C:\Users\Andre\Desktop\Simfam\INSTALL.EXE

Task: {55888F78-89A8-4D03-AC55-0CEBE3029D67} - System32\Tasks\RegClean Pro_UPDATES => C:\Program Files (x86)\RegClean Pro\RegCleanPro.exe <==== ATTENTION

Task: {5FCCCC57-3E0D-44A7-BABB-CD0818B95A88} - System32\Tasks\{7A6AAEBC-E74F-47B2-A7D4-FA2EEFAFA357} => C:\Users\Andre\Desktop\Simfam\INSTALL.EXE

Task: {62616E1B-A1FF-41B8-B5CF-E473301A868F} - System32\Tasks\PCDoctorBackgroundMonitorTask => C:\Program Files\AlienAutopsy\uaclauncher.exe [2013-12-19] (PC-Doctor, Inc.)

Task: {6694A963-ED41-4EC9-AD85-580DB6A322F6} - System32\Tasks\WS.Booster-S-1431105474 => c:\programdata\safesoft\ws.booster\WS.Booster.exe [2013-02-25] () <==== ATTENTION

Task: {68C0B7D4-D33C-4608-BB42-0448A4E18F66} - System32\Tasks\Games\UpdateCheck_S-1-5-21-1126745806-3093530448-7569978-1001

Task: {6C336170-79FB-48CE-9A02-4790A353805C} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-1126745806-3093530448-7569978-1001UA => C:\Users\Andre\AppData\Local\Google\Update\GoogleUpdate.exe [2014-08-06] ()

Task: {6E3E3987-1F5A-4895-AB27-A380D9BE12E7} - System32\Tasks\GS.Enabler-S-1824435291 => c:\programdata\house of soft\gs.enabler\GS.Enabler.exe [2013-01-21] () <==== ATTENTION

Task: {79020356-AF92-4328-A861-83BC1AE15DF6} - System32\Tasks\{C21BC4F0-51FC-4C44-80BD-2AD23FD39AC2} => C:\Users\Andre\Desktop\Simfam\INSTALL.EXE

Task: {7BD8787E-948B-47EC-AB1E-7DE05C4265C6} - System32\Tasks\{3A64882A-99E1-4258-8FF0-3AB0B72318A5} => C:\Users\Andre\Desktop\Simfam\INFO.EXE

Task: {7F8AA49B-5D12-4732-BC9C-A3F5E8B3DAAA} - System32\Tasks\{6A6A65C7-C6CA-457E-A4C6-189FCABC668F} => C:\Users\Andre\Desktop\Simfam\INSTALL.EXE

Task: {81686180-B7C8-407C-B227-E106122DA13C} - System32\Tasks\TidyNetwork Update => C:\Users\Andre\AppData\Local\TidyNetwork\petnupdate.exe [2014-02-23] ()

Task: {9085836D-C2F9-4196-8A61-EBC8C994CD67} - System32\Tasks\RunMCServerOnStartup\Server => C:\Users\Andre\Desktop\Games\Minecraft\Minecraft server\Survival\run.bat

Task: {9532A307-75DE-41D0-9034-F9CFDA8D3088} - System32\Tasks\RunMCServerOnStartup\MinecraftOnStartup => C:\Users\Andre\Desktop\Minecraft.bat

Task: {97FB33F0-51CE-4A17-86C3-D2440119072F} - System32\Tasks\{62EDE147-40F2-47BE-AB31-1B983F2A28EC} => C:\Users\Andre\Desktop\Simfam\INFO.EXE

Task: {98CE077E-35CE-47D6-9EC9-3D966A338003} - System32\Tasks\{A8954C34-BB1F-430B-8663-A4D9D9DB6B2A} => C:\Users\Andre\Desktop\Simfam\SIMFARM.EXE

Task: {9ACD3557-34C8-44AC-9072-8400190025B0} - System32\Tasks\AmiUpdXp => C:\Users\Andre\AppData\Local\13677\a7110.exe [2014-08-06] ()

Task: {9AE8C160-A5DA-43DB-BCF3-6A55EFF3B63F} - System32\Tasks\{ABCAD76E-5206-463C-86D0-1FAF5E17D0A6} => C:\Users\Andre\Desktop\Simfam\SIMFARM.EXE

Task: {A097E6EA-774F-482D-9592-9D87D14E505C} - System32\Tasks\{0A2A9BA1-182A-4020-B530-187FAE0DE36E} => C:\Users\Andre\Desktop\Simfam\INFO.EXE

Task: {A45793B2-CE40-479E-A5D2-24B5B9D36143} - System32\Tasks\{31303B82-9526-4B72-A0EB-7AFE64971E4C} => C:\Users\Andre\Desktop\SimFarm\SIMFARM.EXE

Task: {A6570D74-4D21-4AAB-971F-CA7126005C7E} - System32\Tasks\PCDEventLauncherTask => C:\Program Files\AlienAutopsy\sessionchecker.exe [2013-12-19] (PC-Doctor, Inc.)

Task: {AA5C3D34-8119-4033-A3C7-42290EA029FF} - System32\Tasks\{615CC3CB-A1B9-4EB6-9CFE-6DCD4E3E0A83} => C:\Users\Andre\Desktop\Simfam\INFO.EXE

Task: {AB9C5E5F-98E3-4F4A-9C4B-9C8419698F51} - System32\Tasks\{7848507E-1E01-46B5-888F-8D19BB2D1B61} => C:\Users\Andre\Desktop\Simfam\INFO.EXE

Task: {AD6C6D35-08A5-4158-B373-4A07830DE7B4} - System32\Tasks\{75FAAA6A-FDF1-45E8-8117-07E99D0E1B5F} => C:\Users\Andre\Desktop\Simfam\INSTALL.EXE

Task: {AF6F7B6C-2427-4584-9578-2D1621903D37} - System32\Tasks\{0DA96CDC-FA39-478D-89A9-E39CA2F0AE4D} => C:\Users\Andre\Desktop\evasi0n7.exe

Task: {B42B6D92-8B9D-4ED3-A299-B4C16642CA2E} - System32\Tasks\{7010F12A-1B74-4526-AEFB-4C10E45CC8D6} => C:\Users\Andre\Desktop\Simfam\INFO.EXE

Task: {B624389D-7786-484D-B114-8E5A6A63E76A} - System32\Tasks\{1926A9AA-2879-4FA6-8EB2-89B2A4BF412E} => C:\Users\Andre\Desktop\Simfam\INFO.EXE

Task: {B9450B50-D4A1-47E0-9A58-A35220C36DBB} - System32\Tasks\{AF7AEEDA-8305-4E6E-9DEA-723D8ABDFE4D} => C:\Users\Andre\Desktop\Simfam\INSTALL.EXE

Task: {BA7468E2-6E88-462F-883D-080FE060C382} - System32\Tasks\{76586A39-AC58-4E45-8511-FCF0AB0DE33F} => C:\Users\Andre\Desktop\Simfam\INFO.EXE

Task: {BAB19E4D-5D5F-4C36-B5A4-92A59B7F2E9A} - System32\Tasks\{31807671-3F8B-4282-AC7A-F274140FD4E2} => C:\Users\Andre\Desktop\Simfam\INSTALL.EXE

Task: {BE41D78A-7562-4B34-BCA3-39D1CE7AA914} - System32\Tasks\Advanced System Protector_startup => C:\Program Files (x86)\Advanced System Protector\AdvancedSystemProtector.exe <==== ATTENTION

Task: {BE57E2AA-2FEA-4646-AAD9-262F7A59B6A3} - System32\Tasks\{CFBCA889-77E5-422D-8A93-7C2F77E93C80} => C:\Users\Andre\Desktop\Simfam\INSTALL.EXE

Task: {C42A0188-EC72-42A0-BE16-18B95F1EF854} - System32\Tasks\{7FE72F68-C137-4AF9-BD59-03A6095518FF} => C:\Users\Andre\Desktop\SimFarm\SIMFARM.EXE

Task: {C84DFF45-3EC4-409F-80C4-2E8F97B58FBB} - System32\Tasks\{EBE108D8-7866-4C19-A037-801AB520125E} => C:\Users\Andre\Desktop\Simfam\INFO.EXE

Task: {CD9ACCEC-CF63-4180-A3ED-EBA1E9034FFC} - System32\Tasks\{9E9D8172-3161-4E30-A9CC-1290DDBE0057} => C:\Users\Andre\Desktop\Simfam\INSTALL.EXE

Task: {CE0326A6-113D-4E57-94DC-B44C4EBE6EE8} - System32\Tasks\Microsoft\Windows\WindowsBackup\AutomaticBackup => Rundll32.exe /d sdengin2.dll,ExecuteScheduledBackup

Task: {D633D47B-0947-4433-A6C5-7B1E2BD2AD82} - System32\Tasks\{19A46CE7-48AF-4D9A-AB45-FDCB1A07B9E7} => C:\Users\Andre\KSP_win\Patcher.exe [2013-05-23] ()

Task: {E1FF6492-89C7-4133-B274-87F1A04F0267} - System32\Tasks\{937DB1C8-95F9-42EC-8E0D-62DE57CEB502} => C:\Users\Andre\Desktop\Simfam\INSTALL.EXE

Task: {E2FCF5C2-B02F-4525-9ED5-826A051E7CB6} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2013-01-08] (Google Inc.)

Task: {E38A918E-C112-4D6D-A7AF-7ECB1D1C95D7} - System32\Tasks\AdobeAAMUpdater-1.0--The_Best_EVER--Andre => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [2013-06-13] (Adobe Systems Incorporated)

Task: {E619CCC0-8580-4D1B-8727-C37AFB9AD9D4} - System32\Tasks\Game_Booster_AutoUpdate => C:\Program Files (x86)\IObit\Game Booster 3\AutoUpdate.exe

Task: {E76A2661-32F8-4971-B7E6-A56E5DB62FC4} - System32\Tasks\{4C24591A-1ADD-440F-B434-2B29BBC02411} => C:\Users\Andre\Desktop\Simfam\INFO.EXE

Task: {ECA7A8FE-A30F-460B-A3BC-C10893700F41} - System32\Tasks\RegClean Pro_DEFAULT => C:\Program Files (x86)\RegClean Pro\RegCleanPro.exe <==== ATTENTION

Task: {F00FEF6C-0A31-49F8-8E27-67DBEB768BF1} - System32\Tasks\{0EB25245-50AB-4B65-9ECC-0A91B272AA7C} => C:\Users\Andre\Desktop\Simfam\INFO.EXE

Task: {F6663880-7813-4037-B867-505AE4392333} - System32\Tasks\{89A4A35F-9CE5-4665-A312-9E6E8D183F6B} => C:\Users\Andre\Desktop\Simfam\INSTALL.EXE

Task: {F674FCEA-F084-4AC6-855B-4218E2BC2125} - System32\Tasks\{378DD97D-FF24-45D9-B51B-80BCF6361EAA} => C:\Users\Andre\Desktop\Simfam\INFO.EXE

Task: {F7725BE2-A34A-4190-BA6B-3E1ACFAEC0A0} - System32\Tasks\{B56661F3-2395-447D-A658-FAE42036D932} => C:\Users\Andre\Desktop\Simfam\INSTALL.EXE

Task: {F7BC99CA-CC8E-4A18-BDC3-2ECF06D17447} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2013-01-08] (Google Inc.)

Task: {F913202B-85A8-4813-B56A-BCD657E6BED7} - System32\Tasks\BrowserSafeguard Update Task => C:\Program Files (x86)\Browsersafeguard\uninstall.BrowserSafeguard.exe <==== ATTENTION

Task: {FAEDDCC2-E971-4319-9D6F-9C5F89B27E19} - System32\Tasks\SystemToolsDailyTest => uaclauncher.exe

Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe

Task: C:\Windows\Tasks\AmiUpdXp.job => C:\Users\Andre\AppData\Local\13677\a7110.exe <==== ATTENTION

Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1126745806-3093530448-7569978-1001Core.job => C:\Users\Andre\AppData\Local\Google\Update\GoogleUpdate.exe

Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1126745806-3093530448-7569978-1001UA.job => C:\Users\Andre\AppData\Local\Google\Update\GoogleUpdate.exe

Task: C:\Windows\Tasks\GS.Enabler-S-1824435291.job => c:\programdata\house of soft\gs.enabler\GS.Enabler.exe <==== ATTENTION

Task: C:\Windows\Tasks\RegClean Pro_DEFAULT.job => C:\Program Files (x86)\RegClean Pro\RegCleanPro.exe <==== ATTENTION

Task: C:\Windows\Tasks\RegClean Pro_UPDATES.job => C:\Program Files (x86)\RegClean Pro\RegCleanPro.exe <==== ATTENTION

Task: C:\Windows\Tasks\WS.Booster-S-1431105474.job => c:\programdata\safesoft\ws.booster\WS.Booster.exe <==== ATTENTION

 

==================== Loaded Modules (whitelisted) =============

 

2014-03-30 16:43 - 2014-03-30 16:43 - 04395520 _____ () C:\ProgramData\Assistant\Assistant_x64.dll

2013-08-30 10:01 - 2013-08-30 10:01 - 03358064 _____ () C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSync\CoreSync_v_1_1_0_x64.dll

2013-11-24 14:37 - 2013-11-24 14:37 - 00075504 _____ () C:\Program Files\TortoiseSVN\bin\TortoiseStub.dll

2013-11-24 14:36 - 2013-11-24 14:36 - 00088304 _____ () C:\Program Files\TortoiseSVN\bin\libsasl.dll

2010-10-20 16:23 - 2010-10-20 16:23 - 08801632 _____ () C:\Program Files\Microsoft Office\Office14\1033\GrooveIntlResource.dll

2012-06-18 10:24 - 2012-06-18 10:24 - 00222720 _____ () C:\Program Files (x86)\Notepad++\NppShell_05.dll

2014-08-06 22:42 - 2014-08-06 22:41 - 00014848 ____N () C:\Users\Andre\AppData\Local\Apps\2.0\PXG7Q190.YP7\NXTGM6Q8.C21\curs..tion_9e9e83ddf3ed3ead_0005.0001_36a9b6290e21932c\Curse.CurseClient.WowDb.dll

2014-08-06 22:42 - 2014-08-06 22:41 - 00035840 ____N () C:\Users\Andre\AppData\Local\Apps\2.0\PXG7Q190.YP7\NXTGM6Q8.C21\curs..tion_9e9e83ddf3ed3ead_0005.0001_36a9b6290e21932c\Curse.Advertising.dll

2014-08-06 22:42 - 2014-08-06 22:41 - 00099840 ____N () C:\Users\Andre\AppData\Local\Apps\2.0\PXG7Q190.YP7\NXTGM6Q8.C21\curs..tion_9e9e83ddf3ed3ead_0005.0001_36a9b6290e21932c\Curse.CurseClient.CMOD2.dll

2014-03-02 15:28 - 2014-03-02 15:28 - 00035872 _____ () C:\Program Files (x86)\LPT\srpts.exe

2012-07-02 22:12 - 2012-07-02 22:12 - 09696768 _____ () C:\Program Files\MySQL\MySQL Server 5.5\bin\mysqld.exe

2012-09-23 01:06 - 2012-09-23 01:22 - 00076888 _____ () C:\Windows\SysWOW64\PnkBstrA.exe

2012-06-10 10:12 - 2012-01-26 21:49 - 02751808 ____N () C:\Program Files (x86)\AlienRespawn\COMPONENTS\SCHEDULER\STSERVICE.EXE

2014-03-02 15:28 - 2014-03-02 15:28 - 00022560 _____ () C:\Users\Andre\AppData\Local\LPT\srptm.exe

2014-03-30 16:43 - 2014-03-30 16:43 - 04221952 _____ () c:\ProgramData\Assistant\Assistant.dll

2014-03-28 20:23 - 2014-03-30 16:43 - 00177488 _____ () c:\ProgramData\Assistant\AssistantSvc.dll

2014-02-06 01:52 - 2014-02-06 01:52 - 00073544 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll

2014-02-06 01:52 - 2014-02-06 01:52 - 01044808 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll

2014-03-02 15:28 - 2014-03-02 15:28 - 00072224 _____ () C:\Program Files (x86)\LPT\srpt.dll

2014-03-02 15:28 - 2014-03-02 15:28 - 00023072 _____ () C:\Program Files (x86)\LPT\srptc.dll

2014-03-02 15:27 - 2014-03-02 15:27 - 00018976 _____ () C:\Program Files (x86)\LPT\Smartbar.Common.dll

2013-11-24 13:48 - 2013-11-24 13:48 - 00065264 _____ () C:\Program Files\TortoiseSVN\bin\TortoiseStub32.dll

2013-11-24 13:48 - 2013-11-24 13:48 - 00071408 _____ () C:\Program Files\TortoiseSVN\bin\libsasl32.dll

2014-01-16 05:01 - 2014-01-11 05:28 - 00715544 _____ () C:\Users\Andre\AppData\Local\Google\Chrome\Application\32.0.1700.76\libglesv2.dll

2014-01-16 05:01 - 2014-01-11 05:28 - 00100120 _____ () C:\Users\Andre\AppData\Local\Google\Chrome\Application\32.0.1700.76\libegl.dll

2014-01-16 05:01 - 2014-01-11 05:29 - 04055320 _____ () C:\Users\Andre\AppData\Local\Google\Chrome\Application\32.0.1700.76\pdf.dll

2014-01-16 05:01 - 2014-01-11 05:29 - 00399640 _____ () C:\Users\Andre\AppData\Local\Google\Chrome\Application\32.0.1700.76\ppGoogleNaClPluginChrome.dll

2014-01-16 05:01 - 2014-01-11 05:28 - 01634584 _____ () C:\Users\Andre\AppData\Local\Google\Chrome\Application\32.0.1700.76\ffmpegsumo.dll

2014-02-20 07:53 - 2014-02-20 07:53 - 13632904 _____ () C:\Users\Andre\AppData\Local\Google\Chrome\User Data\PepperFlash\12.0.0.70\pepflashplayer.dll

2014-03-02 15:28 - 2014-03-02 15:28 - 00072224 _____ () C:\Users\Andre\AppData\Local\LPT\srpt.dll

2014-03-02 15:28 - 2014-03-02 15:28 - 00023072 _____ () C:\Users\Andre\AppData\Local\LPT\srptc.dll

2014-03-02 15:26 - 2014-03-02 15:26 - 00018976 _____ () C:\Users\Andre\AppData\Local\LPT\Smartbar.Common.dll

2014-03-02 15:28 - 2014-03-02 15:28 - 00056352 _____ () C:\Users\Andre\AppData\Local\LPT\srut.dll

2014-03-02 15:27 - 2014-03-02 15:27 - 00060960 _____ () C:\Users\Andre\AppData\Local\LPT\sppsm.dll

2014-03-02 15:27 - 2014-03-02 15:27 - 00154656 _____ () C:\Users\Andre\AppData\Local\LPT\Smartbar.Resources.HistoryAndStatsWrapper.dll

2014-03-02 15:27 - 2014-03-02 15:27 - 00026656 _____ () C:\Users\Andre\AppData\Local\LPT\Smartbar.Personalization.Common.dll

2014-03-02 15:27 - 2014-03-02 15:27 - 00165408 _____ () C:\Users\Andre\AppData\Local\LPT\Smartbar.Infrastructure.Utilities.dll

2014-03-02 15:27 - 2014-03-02 15:27 - 00043552 _____ () C:\Users\Andre\AppData\Local\LPT\srbu.dll

2014-03-02 15:27 - 2014-03-02 15:27 - 00024608 _____ () C:\Users\Andre\AppData\Local\LPT\srpdm.dll

2014-03-03 18:24 - 2014-03-03 18:24 - 00904704 _____ () C:\Windows\assembly\GAC_32\System.Data.SQLite\1.0.66.0__db937bc2d44ff139\System.Data.SQLite.dll

2013-07-11 14:27 - 2013-07-11 14:27 - 00172032 _____ () C:\Windows\assembly\NativeImages_v2.0.50727_32\IsdiInterop\ef71e8c18fb10fed101ea14f12988e9b\IsdiInterop.ni.dll

2012-06-10 10:02 - 2011-11-29 20:00 - 00059392 _____ () C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IsdiInterop.dll

2012-06-10 10:06 - 2012-02-01 17:44 - 01198872 _____ () C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\ACE.dll

 

==================== Alternate Data Streams (whitelisted) =========

 

(If an entry is included in the fixlist, only the Alternate Data Streams will be removed.)

 

AlternateDataStreams: C:\Program Files\Common Files\Microsoft Shared:2QUXbLK6zDB0i0lt4wrkSQMAl

AlternateDataStreams: C:\ProgramData\Microsoft:AZBGFz6tHfGvaOY15EbUlmLiJOOc

AlternateDataStreams: C:\ProgramData\Microsoft:rn31mvAYMdMrCZ8j3R904Pp7

AlternateDataStreams: C:\ProgramData\Microsoft:W2dcBDElv84N3Sok2a3kfwjK

AlternateDataStreams: C:\ProgramData\Microsoft:Wg5qmF62QadD9fRWJxNdNdF

AlternateDataStreams: C:\ProgramData\Microsoft:ZFTwQZ6jdPrxDrSD3IeqieBk

AlternateDataStreams: C:\Users\Andre\Desktop\The Elder Scrolls V: Skyrim.lnk

AlternateDataStreams: C:\Users\Andre\AppData\Local\NZeRnB7bQfe0cI:8O9tOXSoxeXnhPggOqJOwK

AlternateDataStreams: C:\Users\Andre\AppData\Local\p3mH7u0j06LOaL:WAtExphT4JHiNGSA0V083c2o

 

==================== Safe Mode (whitelisted) ===================

 

(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)

 

 

==================== EXE Association (whitelisted) =============

 

(If an entry is included in the fixlist, the default will be restored. None default entries will be removed.)

 

 

==================== MSCONFIG/TASK MANAGER disabled items =========

 

(Currently there is no automatic fix for this section.)

 

MSCONFIG\Services: avgwd => 2

MSCONFIG\Services: BackupStack => 2

MSCONFIG\Services: McComponentHostService => 3

MSCONFIG\Services: vToolbarUpdater14.2.0 => 2

MSCONFIG\Services: Web Assistant Updater => 2

MSCONFIG\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^McAfee Security Scan Plus.lnk => C:\Windows\pss\McAfee Security Scan Plus.lnk.CommonStartup

MSCONFIG\startupfolder: C:^Users^Andre^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^CurseClientStartup.ccip => C:\Windows\pss\CurseClientStartup.ccip.Startup

MSCONFIG\startupfolder: C:^Users^Andre^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^DesktopWeatherAlerts.lnk => C:\Windows\pss\DesktopWeatherAlerts.lnk.Startup

MSCONFIG\startupfolder: C:^Users^Andre^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^Dropbox.lnk => C:\Windows\pss\Dropbox.lnk.Startup

MSCONFIG\startupfolder: C:^Users^Andre^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^JustCloud.lnk => C:\Windows\pss\JustCloud.lnk.Startup

MSCONFIG\startupfolder: C:^Users^Andre^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^Pastebin Desktop.lnk => C:\Windows\pss\Pastebin Desktop.lnk.Startup

MSCONFIG\startupfolder: C:^Users^Andre^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^Rainmeter.lnk => C:\Windows\pss\Rainmeter.lnk.Startup

MSCONFIG\startupfolder: C:^Users^Andre^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^Weather Alerts.lnk => C:\Windows\pss\Weather Alerts.lnk.Startup

MSCONFIG\startupreg: Adobe ARM => "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"

MSCONFIG\startupreg: Adobe Creative Cloud => "C:\Program Files (x86)\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe" --showwindow=false --onOSstartup=true

MSCONFIG\startupreg: Adobe Reader Speed Launcher => "C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Reader_sl.exe"

MSCONFIG\startupreg: AdobeCS6ServiceManager => "C:\Program Files (x86)\Common Files\Adobe\CS6ServiceManager\CS6ServiceManager.exe" -launchedbylogin

MSCONFIG\startupreg: AlienwareOn-ScreenDisplay => C:\Program Files (x86)\Alienware On-Screen Display\AlienwareOn-ScreenDisplay.exe

MSCONFIG\startupreg: amd_dc_opt => C:\Program Files (x86)\AMD\Dual-Core Optimizer\amd_dc_opt.exe

MSCONFIG\startupreg: APSDaemon => "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"

MSCONFIG\startupreg: AutoTyperMurGee => C:\Program Files (x86)\Auto Typer\AutoTyper.exe :settings

MSCONFIG\startupreg: AVG_TRAY => "C:\Program Files (x86)\AVG\AVG2012\avgtray.exe"

MSCONFIG\startupreg: BCSSync => "C:\Program Files\Microsoft Office\Office14\BCSSync.exe" /DelayServices

MSCONFIG\startupreg: BDRegion => c:\Program Files (x86)\Cyberlink\Shared Files\brs.exe

MSCONFIG\startupreg: BLEServicesCtrl => C:\Program Files (x86)\Intel\Bluetooth\BleServicesCtrl.exe

MSCONFIG\startupreg: BlueStacks Agent => C:\Program Files (x86)\BlueStacks\HD-Agent.exe

MSCONFIG\startupreg: boincmgr => "C:\Program Files\BOINC\boincmgr.exe" /a /s

MSCONFIG\startupreg: boinctray => "C:\Program Files\BOINC\boinctray.exe"

MSCONFIG\startupreg: Browser Infrastructure Helper => C:\Users\Andre\AppData\Local\Smartbar\Application\SavePass.exe startup

MSCONFIG\startupreg: BrowserSafeguard => "C:\Program Files (x86)\Browsersafeguard\BrowserSafeguard.exe"

MSCONFIG\startupreg: BTMTrayAgent => rundll32.exe "C:\Program Files (x86)\Intel\Bluetooth\btmshell.dll",TrayApp

MSCONFIG\startupreg: Dxtory Update Checker 2.0 => C:\Program Files (x86)\Dxtory Software\Dxtory2.0\UpdateChecker.exe

MSCONFIG\startupreg: Google Update => "C:\Users\Andre\AppData\Local\Google\Update\GoogleUpdate.exe" /c

MSCONFIG\startupreg: GoogleChromeAutoLaunch_CDE9B9A3C1D351C05B61B6CB536D0894 => "C:\Users\Andre\AppData\Local\Google\Chrome\Application\chrome.exe" --no-startup-window

MSCONFIG\startupreg: IAStorIcon => C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe

MSCONFIG\startupreg: Integrated Webcam Live! Central => "C:\Program Files (x86)\Integrated Webcam\Live! Central\WebcamInt.exe" /mode2

MSCONFIG\startupreg: IntelPROSet => "C:\Program Files\Common Files\Intel\WirelessCommon\iFrmewrk.exe" /tf Intel PROSet/Wireless

MSCONFIG\startupreg: iTunesHelper => "C:\Program Files (x86)\iTunes\iTunesHelper.exe"

MSCONFIG\startupreg: Jing => C:\Program Files (x86)\TechSmith\Jing\Jing.exe

MSCONFIG\startupreg: LogMeIn GUI => "C:\Program Files (x86)\LogMeIn\x64\LogMeInSystray.exe"

MSCONFIG\startupreg: MSC => "c:\Program Files\Microsoft Security Client\msseces.exe" -hide -runkey

MSCONFIG\startupreg: Optimizer Pro => C:\Program Files (x86)\Optimizer Pro\OptProLauncher.exe

MSCONFIG\startupreg: PDVD9LanguageShortcut => "c:\Program Files (x86)\CyberLink\PowerDVD9\Language\Language.exe"

MSCONFIG\startupreg: PhotoshopElements8SyncAgent => C:\Program Files (x86)\Adobe\Elements 10 Organizer\ElementsOrganizerSyncAgent.exe

MSCONFIG\startupreg: PrivitizeVPN => C:\Program Files (x86)\PrivitizeVPN\PrivitizeVPN.exe /autorun

MSCONFIG\startupreg: QuickTime Task => "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime

MSCONFIG\startupreg: Raptr => C:\PROGRA~2\Raptr\raptrstub.exe --startup

MSCONFIG\startupreg: RemoteControl9 => "c:\Program Files (x86)\CyberLink\PowerDVD9\PDVD9Serv.exe"

MSCONFIG\startupreg: RocketDock => "C:\Program Files (x86)\CustoPackTools\utils\RocketDock\RocketDock.exe"

MSCONFIG\startupreg: ROC_ROC_JULY_P1 => "C:\Program Files (x86)\AVG Secure Search\ROC_ROC_JULY_P1.exe" / /PROMPT /CMPID=ROC_JULY_P1

MSCONFIG\startupreg: Skype => "C:\Program Files (x86)\Skype\Phone\Skype.exe" /minimized /regrun

MSCONFIG\startupreg: Sound Blaster Recon3Di Control Panel => "c:\Program Files (x86)\Creative\Sound Blaster Recon3Di\Sound Blaster Recon3Di Control Panel\SBRcni.exe" /r

MSCONFIG\startupreg: SpeedBitVideoAccelerator => "C:\Program Files (x86)\SpeedBit Video Accelerator\VideoAccelerator.exe" /startup

MSCONFIG\startupreg: Steam => "C:\Users\Andre\AppData\Roaming\steam\steam.exe" -silent

MSCONFIG\startupreg: SunJavaUpdateSched => "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"

MSCONFIG\startupreg: SweetIM => C:\Program Files (x86)\SweetIM\Messenger\SweetIM.exe

MSCONFIG\startupreg: Sweetpacks Communicator => C:\Program Files (x86)\SweetIM\Communicator\SweetPacksUpdateManager.exe

MSCONFIG\startupreg: SwitchBoard => C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe

MSCONFIG\startupreg: SynTPEnh => %ProgramFiles%\Synaptics\SynTP\SynTPEnh.exe

MSCONFIG\startupreg: UpdReg => C:\Windows\UpdReg.EXE

MSCONFIG\startupreg: USB3MON => "C:\Program Files (x86)\Intel\Intel® USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe"

MSCONFIG\startupreg: vProt => "C:\Program Files (x86)\AVG Secure Search\vprot.exe"

MSCONFIG\startupreg: Xvid => C:\Program Files (x86)\Xvid\CheckUpdate.exe

 

==================== Faulty Device Manager Devices =============

 

 

==================== Event log errors: =========================

 

Application errors:

==================

Error: (08/07/2014 06:25:47 PM) (Source: Microsoft-Windows-LoadPerf) (EventID: 3011) (User: NT AUTHORITY)

Description: Unloading the performance counter strings for service WmiApRpl (WmiApRpl) failed. The first DWORD in the Data section contains the error code.

 

Error: (08/07/2014 06:25:47 PM) (Source: Microsoft-Windows-LoadPerf) (EventID: 3012) (User: NT AUTHORITY)

Description: The performance strings in the Performance registry value is corrupted when process Performance extension counter provider. The BaseIndex value from the Performance registry is the first DWORD in the Data section, LastCounter value is the second DWORD in the Data section, and LastHelp value is the third DWORD in the Data section.

 

Error: (08/07/2014 04:49:35 PM) (Source: Microsoft-Windows-LoadPerf) (EventID: 3011) (User: NT AUTHORITY)

Description: Unloading the performance counter strings for service WmiApRpl (WmiApRpl) failed. The first DWORD in the Data section contains the error code.

 

Error: (08/07/2014 04:49:35 PM) (Source: Microsoft-Windows-LoadPerf) (EventID: 3012) (User: NT AUTHORITY)

Description: The performance strings in the Performance registry value is corrupted when process Performance extension counter provider. The BaseIndex value from the Performance registry is the first DWORD in the Data section, LastCounter value is the second DWORD in the Data section, and LastHelp value is the third DWORD in the Data section.

 

Error: (08/07/2014 04:45:16 PM) (Source: WinMgmt) (EventID: 10) (User: )

Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

 

Error: (08/07/2014 04:44:53 PM) (Source: BstHdAndroidSvc) (EventID: 0) (User: )

Description: Service cannot be started. System.ApplicationException: Cannot start service.  Service did not stop gracefully the last time it was run.

   at BlueStacks.hyperDroid.Service.Service.OnStart(String[] args)

   at System.ServiceProcess.ServiceBase.ServiceQueuedMainCallback(Object state)

 

Error: (08/06/2014 10:43:36 PM) (Source: Microsoft-Windows-LoadPerf) (EventID: 3011) (User: NT AUTHORITY)

Description: Unloading the performance counter strings for service WmiApRpl (WmiApRpl) failed. The first DWORD in the Data section contains the error code.

 

Error: (08/06/2014 10:43:36 PM) (Source: Microsoft-Windows-LoadPerf) (EventID: 3012) (User: NT AUTHORITY)

Description: The performance strings in the Performance registry value is corrupted when process Performance extension counter provider. The BaseIndex value from the Performance registry is the first DWORD in the Data section, LastCounter value is the second DWORD in the Data section, and LastHelp value is the third DWORD in the Data section.

 

Error: (08/06/2014 10:42:01 PM) (Source: Application Hang) (EventID: 1002) (User: )

Description: The program raptr.exe version 4.0.1.0 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Action Center control panel.

 

Process ID: bfc

 

Start Time: 01cfb1f167c57f98

 

Termination Time: 8

 

Application Path: C:\PROGRA~2\Raptr\raptr.exe

 

Report Id: c2f0b783-1de4-11e4-8d0e-685d43608735

 

Error: (08/06/2014 10:40:45 PM) (Source: Application Error) (EventID: 1000) (User: )

Description: Faulting application name: c2c_service.exe, version: 6.8.0.12323, time stamp: 0x516c1c64

Faulting module name: unknown, version: 0.0.0.0, time stamp: 0x00000000

Exception code: 0xc0000005

Fault offset: 0x00000000

Faulting process id: 0x159c

Faulting application start time: 0xc2c_service.exe0

Faulting application path: c2c_service.exe1

Faulting module path: c2c_service.exe2

Report Id: c2c_service.exe3

 

 

System errors:

=============

Error: (08/07/2014 06:17:10 PM) (Source: Ntfs) (EventID: 55) (User: )

Description: The file system structure on the disk is corrupt and unusable.

Please run the chkdsk utility on the volume OS.

 

Error: (08/07/2014 06:17:10 PM) (Source: Ntfs) (EventID: 55) (User: )

Description: The file system structure on the disk is corrupt and unusable.

Please run the chkdsk utility on the volume OS.

 

Error: (08/07/2014 06:17:10 PM) (Source: Ntfs) (EventID: 55) (User: )

Description: The file system structure on the disk is corrupt and unusable.

Please run the chkdsk utility on the volume OS.

 

Error: (08/07/2014 06:17:10 PM) (Source: Ntfs) (EventID: 55) (User: )

Description: The file system structure on the disk is corrupt and unusable.

Please run the chkdsk utility on the volume OS.

 

Error: (08/07/2014 06:17:10 PM) (Source: Ntfs) (EventID: 55) (User: )

Description: The file system structure on the disk is corrupt and unusable.

Please run the chkdsk utility on the volume OS.

 

Error: (08/07/2014 06:17:10 PM) (Source: Ntfs) (EventID: 55) (User: )

Description: The file system structure on the disk is corrupt and unusable.

Please run the chkdsk utility on the volume OS.

 

Error: (08/07/2014 06:17:10 PM) (Source: Ntfs) (EventID: 55) (User: )

Description: The file system structure on the disk is corrupt and unusable.

Please run the chkdsk utility on the volume OS.

 

Error: (08/07/2014 06:17:10 PM) (Source: Ntfs) (EventID: 55) (User: )

Description: The file system structure on the disk is corrupt and unusable.

Please run the chkdsk utility on the volume OS.

 

Error: (08/07/2014 06:17:10 PM) (Source: Ntfs) (EventID: 55) (User: )

Description: The file system structure on the disk is corrupt and unusable.

Please run the chkdsk utility on the volume OS.

 

Error: (08/07/2014 06:17:10 PM) (Source: Ntfs) (EventID: 55) (User: )

Description: The file system structure on the disk is corrupt and unusable.

Please run the chkdsk utility on the volume OS.

 

 

Microsoft Office Sessions:

=========================

Error: (08/07/2014 06:25:47 PM) (Source: Microsoft-Windows-LoadPerf) (EventID: 3011) (User: NT AUTHORITY)

Description: WmiApRplWmiApRpl8F20300004D070000

 

Error: (08/07/2014 06:25:47 PM) (Source: Microsoft-Windows-LoadPerf) (EventID: 3012) (User: NT AUTHORITY)

Description: Performance1637070000000000000000000009030000

 

Error: (08/07/2014 04:49:35 PM) (Source: Microsoft-Windows-LoadPerf) (EventID: 3011) (User: NT AUTHORITY)

Description: WmiApRplWmiApRpl8F20300004D070000

 

Error: (08/07/2014 04:49:35 PM) (Source: Microsoft-Windows-LoadPerf) (EventID: 3012) (User: NT AUTHORITY)

Description: Performance1637070000000000000000000009030000

 

Error: (08/07/2014 04:45:16 PM) (Source: WinMgmt) (EventID: 10) (User: )

Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

 

Error: (08/07/2014 04:44:53 PM) (Source: BstHdAndroidSvc) (EventID: 0) (User: )

Description: Service cannot be started. System.ApplicationException: Cannot start service.  Service did not stop gracefully the last time it was run.

   at BlueStacks.hyperDroid.Service.Service.OnStart(String[] args)

   at System.ServiceProcess.ServiceBase.ServiceQueuedMainCallback(Object state)

 

Error: (08/06/2014 10:43:36 PM) (Source: Microsoft-Windows-LoadPerf) (EventID: 3011) (User: NT AUTHORITY)

Description: WmiApRplWmiApRpl8F20300004D070000

 

Error: (08/06/2014 10:43:36 PM) (Source: Microsoft-Windows-LoadPerf) (EventID: 3012) (User: NT AUTHORITY)

Description: Performance1637070000000000000000000009030000

 

Error: (08/06/2014 10:42:01 PM) (Source: Application Hang) (EventID: 1002) (User: )

Description: raptr.exe4.0.1.0bfc01cfb1f167c57f988C:\PROGRA~2\Raptr\raptr.exec2f0b783-1de4-11e4-8d0e-685d43608735

 

Error: (08/06/2014 10:40:45 PM) (Source: Application Error) (EventID: 1000) (User: )

Description: c2c_service.exe6.8.0.12323516c1c64unknown0.0.0.000000000c000000500000000159c01cfb1f0e81ff574C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exeunknown9c9e4538-1de4-11e4-8d0e-685d43608735

 

 

CodeIntegrity Errors:

===================================

  Date: 2014-01-05 16:22:22.735

  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume3\Program Files (x86)\Cheat Engine 6.1\dbk64.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

 

  Date: 2014-01-05 16:22:22.613

  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume3\Program Files (x86)\Cheat Engine 6.1\dbk64.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

 

  Date: 2014-01-05 16:09:19.903

  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume3\Program Files (x86)\Cheat Engine 6.1\dbk64.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

 

  Date: 2014-01-05 16:09:19.762

  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume3\Program Files (x86)\Cheat Engine 6.1\dbk64.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

 

  Date: 2014-01-05 15:57:08.760

  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume3\Program Files (x86)\Cheat Engine 6.1\dbk64.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

 

  Date: 2014-01-05 15:57:08.653

  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume3\Program Files (x86)\Cheat Engine 6.1\dbk64.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

 

 

==================== Memory info =========================== 

 

Percentage of memory in use: 51%

Total physical RAM: 8094.31 MB

Available physical RAM: 3938.14 MB

Total Pagefile: 34566.49 MB

Available Pagefile: 29336.09 MB

Total Virtual: 8192 MB

Available Virtual: 8191.8 MB

 

==================== Drives ================================

 

Drive c: (OS) (Fixed) (Total:456.98 GB) (Free:41.53 GB) NTFS

Drive d: (PERCY_JACKSON_LIGHTENING_THIEF) (CDROM) (Total:7.31 GB) (Free:0 GB) UDF

Drive e: (CENTON USB) (Removable) (Total:7.48 GB) (Free:5.75 GB) FAT32

 

==================== MBR & Partition Table ==================

 

========================================================

Disk: 0 (MBR Code: Windows 7 or Vista) (Size: 466 GB) (Disk ID: A67C0D91)

Partition 1: (Not Active) - (Size=39 MB) - (Type=DE)

Partition 2: (Active) - (Size=9 GB) - (Type=07 NTFS)

Partition 3: (Not Active) - (Size=457 GB) - (Type=07 NTFS)

 

========================================================

Disk: 1 (MBR Code: Windows XP) (Size: 7 GB) (Disk ID: C3072E18)

Partition 1: (Active) - (Size=7 GB) - (Type=0C)

 

==================== End Of Log ============================

Link to post
Share on other sites
deeprybka

deeprybka

Posted
Posted

Hi & :welcome:
My name is Jürgen and I will be assisting you with your Malware related problems.

Before we move on, please read the following points carefully. :excl:

  • My native language isn't English. So please do not use slang or idioms. It could be hard for me to read. Thanks for your understanding.
  • Please read my instructions completely. If there is anything that you do not understand kindly ask before proceeding.
  • Perform everything in the correct order. Sometimes one step requires the previous one.
  • If you have any problems while you are follow my instructions, Stop there and tell me the exact nature of your problem.
  • Do not run any other scans without instruction or Add/ Remove Software unless I tell you to do so. This would change the output of our tools and could be confusing for me.
  • Post all Logfiles as a reply rather than as an attachment unless I specifically ask you. If you can not post all logfiles in one reply, feel free to use more posts.
  • If I don't hear from you within 3 days from this initial or any subsequent post, then this thread will be closed.
  • Stay with me. I will give you some advice about prevention after the cleanup process. Absence of symptoms does not always mean the computer is clean.

P2P/Piracy Warning:

  • If you're using Peer 2 Peer software such as uTorrent, BitTorrent or similar you must either fully uninstall them or completely disable them from running while being assisted here.
  • Failure to remove or disable such software will result in your topic being closed and no further assistance being provided.
  • If you have illegal/cracked software, cracks, keygens, etc. on the system, please remove or uninstall them now and read the policy on Piracy.

 

Step 1

 

Please uninstall every program, which is flagged at Addition.txt with

<==== ATTENTION

Step 2

frst.pngfrstfix.png
Please download the attached fixlist txt.gif and save it in the same directory as FRST.

  • Start FRST with Administrator privileges.
  • Press the Fix button.
  • When finished, a log file (Fixlog.txt) pops up and is saved to the same location the tool was run from.
    Please copy and paste its contents in your next reply.

fixlist.txt

After Reboot:

Step 3

frst.pngfrstscan.png

Start FRST with administator privileges.

  • Press the Scan button.
  • When finished, FRST will produce a log (FRST.txt) in the same directory the tool was run from.
    Please copy and paste the log in your next reply.
Link to post
Share on other sites
walia6

walia6

Posted
  • Author
Posted
Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 05-08-2014

Ran by Andre (administrator) on -THE_BEST_EVER- on 07-08-2014 22:37:24

Running from E:\

Platform: Windows 7 Home Premium Service Pack 1 (X64) OS Language: English (United States)

Internet Explorer Version 9

Boot Mode: Normal

 

The only official download link for FRST:



Download link from any site other than Bleeping Computer is unpermitted or outdated.


 

==================== Processes (Whitelisted) =================

 

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

 

(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe

(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe

(Logitech Inc.) C:\Program Files (x86)\Common Files\logishrd\LVMVFM\UMVPFSrv.exe

(Creative Technology Ltd) C:\Program Files (x86)\Creative\Shared Files\CTAudSvc.exe

(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe

(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe

(Microsoft Corporation) C:\Windows\System32\wlanext.exe

(Adobe Systems Incorporated) C:\Program Files (x86)\Adobe\Elements 10 Organizer\PhotoshopElementsFileAgent.exe

(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe

(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe

(Intel Corporation) C:\Program Files (x86)\Intel\Bluetooth\devmonsrv.exe

(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe

(BlueStack Systems, Inc.) C:\Program Files (x86)\BlueStacks\HD-LogRotatorService.exe

(BlueStack Systems, Inc.) C:\Program Files (x86)\BlueStacks\HD-UpdaterService.exe

(Microsoft Corporation) C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe

(Microsoft Corporation) C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe

(Creative Technology Ltd) C:\Windows\SysWOW64\CtHdaSvc.exe

(Intel® Corporation) C:\Program Files\Intel\WiFi\bin\EvtEng.exe

(Freemake) C:\Program Files (x86)\Freemake\CaptureLib\CaptureLibService.exe

(LogMeIn, Inc.) C:\Program Files (x86)\LogMeIn\x64\LogMeInSystray.exe

(Curse) C:\Users\Andre\AppData\Local\Apps\2.0\PXG7Q190.YP7\NXTGM6Q8.C21\curs..tion_9e9e83ddf3ed3ead_0005.0001_36a9b6290e21932c\CurseClient.exe

(Intel® Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe

(http://tortoisesvn.net) C:\Program Files\TortoiseSVN\bin\TSVNCache.exe

(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\Jhi_service.exe

(LogMeIn, Inc.) C:\Program Files (x86)\LogMeIn\x64\LMIGuardianSvc.exe

(LogMeIn, Inc.) C:\Program Files (x86)\LogMeIn\x64\ramaint.exe

() C:\Program Files\MySQL\MySQL Server 5.5\bin\mysqld.exe

() C:\Windows\SysWOW64\PnkBstrA.exe

(Intel® Corporation) C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe

(Razer Inc.) C:\Program Files (x86)\Razer\Razer Game Booster\RzKLService.exe

(SafeNet, Inc.) C:\Program Files (x86)\Common Files\SafeNet Sentinel\Sentinel Keys Server\sntlkeyssrvr.exe

(SafeNet, Inc) C:\Program Files (x86)\Common Files\SafeNet Sentinel\Sentinel Protection Server\WinNT\spnsrvnt.exe

(SafeNet, Inc.) C:\Program Files (x86)\Common Files\SafeNet Sentinel\Sentinel Security Runtime\sntlsrtsrvr.exe

(SoftThinks SAS) C:\Program Files (x86)\AlienRespawn\SftService.exe

(SoftThinks - Dell) C:\Program Files (x86)\AlienRespawn\Components\DSUpdate\DSUpd.exe

(SpeedBit Ltd.) C:\Program Files (x86)\SpeedBit Video Accelerator\VideoAcceleratorService.exe

(SoftThinks - Dell) C:\Program Files (x86)\AlienRespawn\Toaster.exe

(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE

() C:\Program Files (x86)\AlienRespawn\Components\Scheduler\STService.exe

(Intel Corporation) C:\Program Files (x86)\Intel\Bluetooth\obexsrv.exe

(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE

(LogMeIn, Inc.) C:\Program Files (x86)\LogMeIn\x64\LogMeIn.exe

(Alienware) C:\Program Files\Alienware\Command Center\AlienFusionService.exe

(Intel Corporation) C:\Program Files\Intel\BluetoothHS\BTHSAmpPalService.exe

(Intel® Corporation) C:\Program Files\Intel\BluetoothHS\BTHSSecurityMgr.exe

(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.22.3\GoogleCrashHandler.exe

(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe

(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.22.3\GoogleCrashHandler64.exe

(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe

(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe

(Alienware) C:\Program Files\Alienware\Command Center\AlienFusionController.exe

(Don HO don.h@free.fr) C:\Program Files (x86)\Notepad++\notepad++.exe

(Microsoft Corporation) C:\Windows\System32\taskmgr.exe

(Skype Technologies S.A.) C:\Program Files (x86)\Skype\Phone\Skype.exe

(Google Inc.) C:\Users\Andre\AppData\Local\Google\Chrome\Application\old_chrome.exe

(Google Inc.) C:\Users\Andre\AppData\Local\Google\Chrome\Application\old_chrome.exe

(Google Inc.) C:\Users\Andre\AppData\Local\Google\Chrome\Application\old_chrome.exe

(Google Inc.) C:\Users\Andre\AppData\Local\Google\Chrome\Application\old_chrome.exe

(Google Inc.) C:\Users\Andre\AppData\Local\Google\Chrome\Application\old_chrome.exe

(Google Inc.) C:\Users\Andre\AppData\Local\Google\Chrome\Application\old_chrome.exe

(Google Inc.) C:\Users\Andre\AppData\Local\Google\Chrome\Application\old_chrome.exe

(Google Inc.) C:\Users\Andre\AppData\Local\Google\Chrome\Application\old_chrome.exe

(Valve Corporation) C:\Users\Andre\AppData\Roaming\steam\Steam.exe

(Valve Corporation) C:\Users\Andre\AppData\Roaming\steam\bin\steamwebhelper.exe

(Valve Corporation) C:\Users\Andre\AppData\Roaming\steam\bin\steamwebhelper.exe

(Google Inc.) C:\Users\Andre\AppData\Local\Google\Chrome\Application\old_chrome.exe

(Valve Corporation) C:\Users\Andre\AppData\Roaming\steam\bin\steamwebhelper.exe

(Google Inc.) C:\Users\Andre\AppData\Local\Google\Chrome\Application\old_chrome.exe

(Google Inc.) C:\Users\Andre\AppData\Local\Google\Chrome\Application\old_chrome.exe

(Google Inc.) C:\Users\Andre\AppData\Local\Google\Chrome\Application\old_chrome.exe

(Microsoft Corporation) C:\Windows\System32\dllhost.exe

 

 

==================== Registry (Whitelisted) ==================

 

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

 

HKLM\...\Run: [] => [X]

HKLM\...\Run: [LogMeIn GUI] => C:\Program Files (x86)\LogMeIn\x64\LogMeInSystray.exe [57928 2012-04-02] (LogMeIn, Inc.)

Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)

HKU\S-1-5-21-1126745806-3093530448-7569978-1001\...\Policies\system: [LogonHoursAction] 2

HKU\S-1-5-21-1126745806-3093530448-7569978-1001\...\Policies\system: [DontDisplayLogonHoursWarnings] 1

HKU\S-1-5-21-1126745806-3093530448-7569978-1001\...\Winlogon: [shell] explorer.exe,"C:\Windows\Microsoft.NET\Framework\v2.0.50727\RegSvcs.exe" <==== ATTENTION 

AppInit_DLLs: c:\windows\system32\nvinitx.dll => c:\windows\system32\nvinitx.dll [260928 2012-03-25] (NVIDIA Corporation)

AppInit_DLLs-x32: c:\windows\syswow64\nvinit.dll => c:\windows\syswow64\nvinit.dll [215360 2012-03-25] (NVIDIA Corporation)

IFEO\AvastSvc.exe: [Debugger] nqij.exe

IFEO\AvastUI.exe: [Debugger] nqij.exe

IFEO\avcenter.exe: [Debugger] nqij.exe

IFEO\avconfig.exe: [Debugger] nqij.exe

IFEO\avgcsrvx.exe: [Debugger] nqij.exe

IFEO\avgidsagent.exe: [Debugger] nqij.exe

IFEO\avgnt.exe: [Debugger] nqij.exe

IFEO\avgrsx.exe: [Debugger] nqij.exe

IFEO\avguard.exe: [Debugger] nqij.exe

IFEO\avgui.exe: [Debugger] nqij.exe

IFEO\avgwdsvc.exe: [Debugger] nqij.exe

IFEO\avp.exe: [Debugger] nqij.exe

IFEO\avscan.exe: [Debugger] nqij.exe

IFEO\bdagent.exe: [Debugger] nqij.exe

IFEO\blindman.exe: [Debugger] nqij.exe

IFEO\ccuac.exe: [Debugger] nqij.exe

IFEO\ComboFix.exe: [Debugger] nqij.exe

IFEO\egui.exe: [Debugger] nqij.exe

IFEO\hijackthis.exe: [Debugger] nqij.exe

IFEO\instup.exe: [Debugger] nqij.exe

IFEO\keyscrambler.exe: [Debugger] nqij.exe

IFEO\mbam.exe: [Debugger] nqij.exe

IFEO\mbamgui.exe: [Debugger] nqij.exe

IFEO\mbampt.exe: [Debugger] nqij.exe

IFEO\mbamscheduler.exe: [Debugger] nqij.exe

IFEO\mbamservice.exe: [Debugger] nqij.exe

IFEO\MpCmdRun.exe: [Debugger] nqij.exe

IFEO\MSASCui.exe: [Debugger] nqij.exe

IFEO\MsMpEng.exe: [Debugger] nqij.exe

IFEO\msseces.exe: [Debugger] nqij.exe

IFEO\NisSrv.exe: [Debugger] nqij.exe

IFEO\rstrui.exe: [Debugger] nqij.exe

IFEO\SDFiles.exe: [Debugger] nqij.exe

IFEO\SDMain.exe: [Debugger] nqij.exe

IFEO\SDWinSec.exe: [Debugger] nqij.exe

IFEO\spybotsd.exe: [Debugger] nqij.exe

IFEO\wireshark.exe: [Debugger] nqij.exe

IFEO\zlclient.exe: [Debugger] nqij.exe

Startup: C:\Users\Andre\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\CurseClientStartup.ccip ()

SSODL: EldosMountNotificator - {5FF49FE8-B332-4CB9-B102-FB6951629E55} - C:\Windows\system32\CbFsMntNtf3.dll (EldoS Corporation)

SSODL-x32: EldosMountNotificator - {5FF49FE8-B332-4CB9-B102-FB6951629E55} - C:\Windows\SysWOW64\CbFsMntNtf3.dll (EldoS Corporation)

ShellIconOverlayIdentifiers:  AccExtIco1 -> {AB9CF9F8-8A96-4F9D-BF21-CE85714C3A47} => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSync\CoreSync_v_1_1_0_x64.dll ()

ShellIconOverlayIdentifiers:  AccExtIco2 -> {853B7E05-C47D-4985-909A-D0DC5C6D7303} => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSync\CoreSync_v_1_1_0_x64.dll ()

ShellIconOverlayIdentifiers:  AccExtIco3 -> {42D38F2E-98E9-4382-B546-E24E4D6D04BB} => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSync\CoreSync_v_1_1_0_x64.dll ()

ShellIconOverlayIdentifiers:  SkyDrive1 -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => C:\Users\Andre\AppData\Local\Microsoft\SkyDrive\16.4.6013.0910\amd64\SkyDriveShell64.dll (Microsoft Corporation)

ShellIconOverlayIdentifiers:  SkyDrive2 -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => C:\Users\Andre\AppData\Local\Microsoft\SkyDrive\16.4.6013.0910\amd64\SkyDriveShell64.dll (Microsoft Corporation)

ShellIconOverlayIdentifiers:  SkyDrive3 -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => C:\Users\Andre\AppData\Local\Microsoft\SkyDrive\16.4.6013.0910\amd64\SkyDriveShell64.dll (Microsoft Corporation)

ShellIconOverlayIdentifiers: 1TortoiseNormal -> {C5994560-53D9-4125-87C9-F193FC689CB2} => C:\Program Files\Common Files\TortoiseOverlays\TortoiseOverlays.dll (http://tortoisesvn.net)

ShellIconOverlayIdentifiers: 2TortoiseModified -> {C5994561-53D9-4125-87C9-F193FC689CB2} => C:\Program Files\Common Files\TortoiseOverlays\TortoiseOverlays.dll (http://tortoisesvn.net)

ShellIconOverlayIdentifiers: 3TortoiseConflict -> {C5994562-53D9-4125-87C9-F193FC689CB2} => C:\Program Files\Common Files\TortoiseOverlays\TortoiseOverlays.dll (http://tortoisesvn.net)

ShellIconOverlayIdentifiers: 4TortoiseLocked -> {C5994563-53D9-4125-87C9-F193FC689CB2} => C:\Program Files\Common Files\TortoiseOverlays\TortoiseOverlays.dll (http://tortoisesvn.net)

ShellIconOverlayIdentifiers: 5TortoiseReadOnly -> {C5994564-53D9-4125-87C9-F193FC689CB2} => C:\Program Files\Common Files\TortoiseOverlays\TortoiseOverlays.dll (http://tortoisesvn.net)

ShellIconOverlayIdentifiers: 6TortoiseDeleted -> {C5994565-53D9-4125-87C9-F193FC689CB2} => C:\Program Files\Common Files\TortoiseOverlays\TortoiseOverlays.dll (http://tortoisesvn.net)

ShellIconOverlayIdentifiers: 7TortoiseAdded -> {C5994566-53D9-4125-87C9-F193FC689CB2} => C:\Program Files\Common Files\TortoiseOverlays\TortoiseOverlays.dll (http://tortoisesvn.net)

ShellIconOverlayIdentifiers: 8TortoiseIgnored -> {C5994567-53D9-4125-87C9-F193FC689CB2} => C:\Program Files\Common Files\TortoiseOverlays\TortoiseOverlays.dll (http://tortoisesvn.net)

ShellIconOverlayIdentifiers: 9TortoiseUnversioned -> {C5994568-53D9-4125-87C9-F193FC689CB2} => C:\Program Files\Common Files\TortoiseOverlays\TortoiseOverlays.dll (http://tortoisesvn.net)

ShellIconOverlayIdentifiers: DropboxExt1 -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Andre\AppData\Roaming\Dropbox\bin\DropboxExt64.22.dll (Dropbox, Inc.)

ShellIconOverlayIdentifiers: DropboxExt2 -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Andre\AppData\Roaming\Dropbox\bin\DropboxExt64.22.dll (Dropbox, Inc.)

ShellIconOverlayIdentifiers: DropboxExt3 -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Andre\AppData\Roaming\Dropbox\bin\DropboxExt64.22.dll (Dropbox, Inc.)

ShellIconOverlayIdentifiers: DropboxExt4 -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Andre\AppData\Roaming\Dropbox\bin\DropboxExt64.22.dll (Dropbox, Inc.)

ShellIconOverlayIdentifiers: EldosIconOverlay -> {5BB532A2-BF14-4CCC-86B7-71B81EF6F8BC} => C:\Windows\system32\CbFsMntNtf3.dll (EldoS Corporation)

ShellIconOverlayIdentifiers-x32:  SkyDrive1 -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => C:\Users\Andre\AppData\Local\Microsoft\SkyDrive\16.4.6013.0910\SkyDriveShell.dll (Microsoft Corporation)

ShellIconOverlayIdentifiers-x32:  SkyDrive2 -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => C:\Users\Andre\AppData\Local\Microsoft\SkyDrive\16.4.6013.0910\SkyDriveShell.dll (Microsoft Corporation)

ShellIconOverlayIdentifiers-x32:  SkyDrive3 -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => C:\Users\Andre\AppData\Local\Microsoft\SkyDrive\16.4.6013.0910\SkyDriveShell.dll (Microsoft Corporation)

ShellIconOverlayIdentifiers-x32: 1TortoiseNormal -> {C5994560-53D9-4125-87C9-F193FC689CB2} => C:\Program Files (x86)\Common Files\TortoiseOverlays\TortoiseOverlays.dll (http://tortoisesvn.net)

ShellIconOverlayIdentifiers-x32: 2TortoiseModified -> {C5994561-53D9-4125-87C9-F193FC689CB2} => C:\Program Files (x86)\Common Files\TortoiseOverlays\TortoiseOverlays.dll (http://tortoisesvn.net)

ShellIconOverlayIdentifiers-x32: 3TortoiseConflict -> {C5994562-53D9-4125-87C9-F193FC689CB2} => C:\Program Files (x86)\Common Files\TortoiseOverlays\TortoiseOverlays.dll (http://tortoisesvn.net)

ShellIconOverlayIdentifiers-x32: 4TortoiseLocked -> {C5994563-53D9-4125-87C9-F193FC689CB2} => C:\Program Files (x86)\Common Files\TortoiseOverlays\TortoiseOverlays.dll (http://tortoisesvn.net)

ShellIconOverlayIdentifiers-x32: 5TortoiseReadOnly -> {C5994564-53D9-4125-87C9-F193FC689CB2} => C:\Program Files (x86)\Common Files\TortoiseOverlays\TortoiseOverlays.dll (http://tortoisesvn.net)

ShellIconOverlayIdentifiers-x32: 6TortoiseDeleted -> {C5994565-53D9-4125-87C9-F193FC689CB2} => C:\Program Files (x86)\Common Files\TortoiseOverlays\TortoiseOverlays.dll (http://tortoisesvn.net)

ShellIconOverlayIdentifiers-x32: 7TortoiseAdded -> {C5994566-53D9-4125-87C9-F193FC689CB2} => C:\Program Files (x86)\Common Files\TortoiseOverlays\TortoiseOverlays.dll (http://tortoisesvn.net)

ShellIconOverlayIdentifiers-x32: 8TortoiseIgnored -> {C5994567-53D9-4125-87C9-F193FC689CB2} => C:\Program Files (x86)\Common Files\TortoiseOverlays\TortoiseOverlays.dll (http://tortoisesvn.net)

ShellIconOverlayIdentifiers-x32: 9TortoiseUnversioned -> {C5994568-53D9-4125-87C9-F193FC689CB2} => C:\Program Files (x86)\Common Files\TortoiseOverlays\TortoiseOverlays.dll (http://tortoisesvn.net)

ShellIconOverlayIdentifiers-x32: DropboxExt1 -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Andre\AppData\Roaming\Dropbox\bin\DropboxExt.22.dll (Dropbox, Inc.)

ShellIconOverlayIdentifiers-x32: DropboxExt2 -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Andre\AppData\Roaming\Dropbox\bin\DropboxExt.22.dll (Dropbox, Inc.)

ShellIconOverlayIdentifiers-x32: DropboxExt3 -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Andre\AppData\Roaming\Dropbox\bin\DropboxExt.22.dll (Dropbox, Inc.)

ShellIconOverlayIdentifiers-x32: DropboxExt4 -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Andre\AppData\Roaming\Dropbox\bin\DropboxExt.22.dll (Dropbox, Inc.)

ShellIconOverlayIdentifiers-x32: EldosIconOverlay -> {5BB532A2-BF14-4CCC-86B7-71B81EF6F8BC} => C:\Windows\SysWOW64\CbFsMntNtf3.dll (EldoS Corporation)

GroupPolicy: Group Policy on Chrome detected <======= ATTENTION

GroupPolicyUsers\S-1-5-21-1126745806-3093530448-7569978-1000\User: Group Policy restriction detected <======= ATTENTION

 

==================== Internet (Whitelisted) ====================

 

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

 

ProxyServer:




HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://AlienwareArena.com

HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://searchy.easylifeapp.com/

HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = http://AlienwareArena.com

HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = http://AlienwareArena.com

HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Secondary Start Pages = 

StartMenuInternet: IEXPLORE.EXE - C:\Program Files (x86)\Internet Explorer\iexplore.exe





SearchScopes: HKCU - DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 


BHO: No Name -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} ->  No File

BHO: DigiSaver -> {32C7CEDA-CB8B-3E5F-39EE-424868841A59} -> C:\ProgramData\DigiSaver\KZX.x64.dll ()

BHO: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation)

BHO: Java Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)

BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)

BHO: TidyNetwork -> {A5BFBCA7-BB24-32B8-DDD9-C297FF1DF128} -> C:\Program Files (x86)\TidyNetwork\petn64.dll ()

BHO: DDiscouuntEaxteNsi -> {AB4AB13C-341D-D7B8-CBDF-4D46C2624E5F} -> C:\ProgramData\DDiscouuntEaxteNsi\fJ.x64.dll ()

BHO: ReaguLaarDeals -> {AC8510C9-E032-CE40-D602-7DAC54049F07} -> C:\ProgramData\ReaguLaarDeals\HGBu8WEX.x64.dll ()

BHO: Skype Click to Call for Internet Explorer -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll (Microsoft Corporation)

BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)

BHO: No Name -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} ->  No File

BHO: Greattsaver -> {D343E8E3-B418-E1BE-D712-8FB10F7F4030} -> C:\Program Files (x86)\Greattsaver\cEV8YKpEgS.x64.dll No File

BHO: Java Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)

BHO: ShopuDrop -> {FBD99D9E-C256-47EF-03D5-5364990CB346} -> C:\ProgramData\ShopuDrop\Tkh.x64.dll ()

BHO-x32: No Name -> {0E1230F8-EA50-42A9-983C-D22ABC2EED3B} ->  No File

BHO-x32: Adobe PDF Link Helper -> {18DF081C-E8AD-4283-A596-FA578C2EBDC3} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll (Adobe Systems Incorporated)

BHO-x32: DigiSaver -> {32C7CEDA-CB8B-3E5F-39EE-424868841A59} -> C:\ProgramData\DigiSaver\KZX.dll ()

BHO-x32: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files (x86)\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation)

BHO-x32: Java Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)

BHO-x32: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)

BHO-x32: TidyNetwork -> {A5BFBCA7-BB24-32B8-DDD9-C297FF1DF128} -> C:\Program Files (x86)\TidyNetwork\petn.dll ()

BHO-x32: DDiscouuntEaxteNsi -> {AB4AB13C-341D-D7B8-CBDF-4D46C2624E5F} -> C:\ProgramData\DDiscouuntEaxteNsi\fJ.dll ()

BHO-x32: ReaguLaarDeals -> {AC8510C9-E032-CE40-D602-7DAC54049F07} -> C:\ProgramData\ReaguLaarDeals\HGBu8WEX.dll ()

BHO-x32: Skype Click to Call for Internet Explorer -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll (Microsoft Corporation)

BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)

BHO-x32: Greattsaver -> {D343E8E3-B418-E1BE-D712-8FB10F7F4030} -> C:\Program Files (x86)\Greattsaver\cEV8YKpEgS.dll No File

BHO-x32: Java Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)

BHO-x32: Freemake.YoutubeButton -> {e9e8eb35-ff77-455d-b677-91e5e4fc06c2} -> C:\Windows\SysWOW64\mscoree.dll (Microsoft Corporation)

BHO-x32: ShopuDrop -> {FBD99D9E-C256-47EF-03D5-5364990CB346} -> C:\ProgramData\ShopuDrop\Tkh.dll ()

Toolbar: HKLM - No Name - {ae07101b-46d4-4a98-af68-0333ea26e113} -  No File

Toolbar: HKLM-x32 - No Name - {ae07101b-46d4-4a98-af68-0333ea26e113} -  No File

Toolbar: HKCU - No Name - {37483B40-C254-4A72-BDA4-22EE90182C1E} -  No File

Handler: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll (Microsoft Corporation)

Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)

Handler-x32: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll (Microsoft Corporation)

Winsock: Catalog9 01 C:\Program Files (x86)\SpeedBit Video Accelerator\SBLSP.dll [168136] (SpeedBit)

Winsock: Catalog9 02 C:\Program Files (x86)\SpeedBit Video Accelerator\SBLSP.dll [168136] (SpeedBit)

Winsock: Catalog9 03 C:\Program Files (x86)\SpeedBit Video Accelerator\SBLSP.dll [168136] (SpeedBit)

Winsock: Catalog9 04 C:\Program Files (x86)\SpeedBit Video Accelerator\SBLSP.dll [168136] (SpeedBit)

Winsock: Catalog9 05 C:\Program Files (x86)\SpeedBit Video Accelerator\SBLSP.dll [168136] (SpeedBit)

Winsock: Catalog9 06 C:\Program Files (x86)\SpeedBit Video Accelerator\SBLSP.dll [168136] (SpeedBit)

Winsock: Catalog9 07 C:\Program Files (x86)\SpeedBit Video Accelerator\SBLSP.dll [168136] (SpeedBit)

Winsock: Catalog9 08 C:\Program Files (x86)\SpeedBit Video Accelerator\SBLSP.dll [168136] (SpeedBit)

Winsock: Catalog9 20 C:\Program Files (x86)\SpeedBit Video Accelerator\SBLSP.dll [168136] (SpeedBit)

Tcpip\Parameters: [DhcpNameServer] 192.168.1.254

 

FireFox:

========

FF ProfilePath: C:\Users\Andre\AppData\Roaming\Mozilla\Firefox\Profiles\coidgl52.default

FF NewTab: about:blank

FF DefaultSearchEngine: Web Search

FF SelectedSearchEngine: Web Search

FF Homepage: hxxp://feed.helperbar.com/?p=mKO_AwFzXIpYRbPPq_NcKDZkQXPy4TZR44LspvC9sb99JtP_8ppO11zBlE0vSwAF7Y427VRNSixQ_aBoKQt8ZzrFdaF6XXC9JlY-3WgTCwzNoF0GxMIn_cziLFHmnZAsN-JQb7_yfxbqxx64jqvGdl5qepFWUqRog_R4Qhi-FxBp2tnpFk7Aeqj3FOC4

FF Keyword.URL: hxxp://feed.helperbar.com/?p=mKO_AwFzXIpYRbPPq_NcKDZkQXPy4TZR44LspvC9sb99JtP_8ppO11zBlE0vSwAF7Y427VRNSixQ_aBoKQt8ZzrFdaF6XXC9JlY-3WgTCwzNoF0GxMIn_cziLFHmnZzjdTYLTwyqHyzq_-5Zv-Do8h2z0fYIg2uLT19NbdtAh1v9bD2QJNH_osFCRZI7&q=

FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_13_0_0_214.dll ()

FF Plugin: @java.com/DTPlugin,version=10.10.2 -> C:\Windows\system32\npDeployJava1.dll (Oracle Corporation)

FF Plugin: @java.com/JavaPlugin,version=10.10.2 -> C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)

FF Plugin: @microsoft.com/GENUINE -> disabled No File

FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.20513.0\npctrl.dll ( Microsoft Corporation)

FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~1\MIF5BA~1\Office14\NPAUTHZ.DLL (Microsoft Corporation)

FF Plugin: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect64.dll (Adobe Systems)

FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_13_0_0_214.dll ()

FF Plugin-x32: @Apple.com/iTunes,version=1.0 -> C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()

FF Plugin-x32: @garmin.com/GpsControl -> C:\Program Files (x86)\Garmin GPS Plugin\npGarmin.dll (GARMIN Corp.)

FF Plugin-x32: @Google.com/GoogleEarthPlugin -> C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google)

FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=2.0.59 -> C:\Program Files (x86)\Intel\Intel® Management Engine Components\IPT\npIntelWebAPIIPT.dll (Intel Corporation)

FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel® Management Engine Components\IPT\npIntelWebAPIUpdater.dll (Intel Corporation)

FF Plugin-x32: @java.com/DTPlugin,version=10.21.2 -> C:\Windows\SysWOW64\npDeployJava1.dll (Oracle Corporation)

FF Plugin-x32: @java.com/JavaPlugin,version=10.21.2 -> C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)

FF Plugin-x32: @microsoft.com/GENUINE -> disabled No File

FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.20513.0\npctrl.dll ( Microsoft Corporation)

FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~2\MIF5BA~1\Office14\NPAUTHZ.DLL (Microsoft Corporation)

FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MIF5BA~1\Office14\NPSPWRAP.DLL (Microsoft Corporation)

FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3508.0205 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)

FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)

FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)

FF Plugin-x32: @pandonetworks.com/PandoWebPlugin -> C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks)

FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.22.3\npGoogleUpdate3.dll (Google Inc.)

FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.22.3\npGoogleUpdate3.dll (Google Inc.)

FF Plugin-x32: @wolfram.com/Mathematica -> C:\Program Files (x86)\Common Files\Wolfram Research\Browser\9.0.1.4055459\npmathplugin.dll (Wolfram Research, Inc.)

FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)

FF Plugin-x32: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect32.dll (Adobe Systems)

FF Plugin HKCU: @nsroblox.roblox.com/launcher - C:\Program Files (x86)\Roblox\Versions\version-a21a1def88774149\\NPRobloxProxy.dll ( ROBLOX Corporation)

FF Plugin HKCU: @tools.google.com/Google Update;version=3 - C:\Users\Andre\AppData\Local\Google\Update\1.3.22.3\npGoogleUpdate3.dll (Google Inc.)

FF Plugin HKCU: @tools.google.com/Google Update;version=9 - C:\Users\Andre\AppData\Local\Google\Update\1.3.22.3\npGoogleUpdate3.dll (Google Inc.)

FF Plugin HKCU: @unity3d.com/UnityPlayer,version=1.0 - C:\Users\Andre\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll (Unity Technologies ApS)

FF Plugin HKCU: pandonetworks.com/PandoWebPlugin - C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks)

FF user.js: detected! => C:\Users\Andre\AppData\Roaming\Mozilla\Firefox\Profiles\coidgl52.default\user.js

FF SearchPlugin: C:\Users\Andre\AppData\Roaming\Mozilla\Firefox\Profiles\coidgl52.default\searchplugins\Web Search.xml

FF Extension: ReGualarDEals - C:\Users\Andre\AppData\Roaming\Mozilla\Firefox\Profiles\coidgl52.default\Extensions\kpqo.3aai@zks-eiii.org [2014-07-02]

FF Extension: FunnDEals - C:\Users\Andre\AppData\Roaming\Mozilla\Firefox\Profiles\coidgl52.default\Extensions\v_h@euoauaue.com [2014-06-13]

FF Extension: Adblock Plus - C:\Users\Andre\AppData\Roaming\Mozilla\Firefox\Profiles\coidgl52.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2012-11-18]

FF Extension: Skype Click to Call - C:\Program Files (x86)\Mozilla Firefox\browser\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}.xpi [2014-07-14]

FF HKLM\...\Firefox\Extensions: [{336D0C35-8A85-403a-B9D2-65C292C39087}] - C:\Program Files\Web Assistant\Firefox

FF HKLM\...\Firefox\Extensions: [{FE1DEEEA-DB6D-44b8-83F0-34FC0F9D1052}] - C:\Program Files\Web Assistant\Firefox

FF HKLM-x32\...\Firefox\Extensions: [{336D0C35-8A85-403a-B9D2-65C292C39087}] - C:\Program Files\Web Assistant\Firefox

FF HKLM-x32\...\Firefox\Extensions: [fmdownloader@gmail.com] - C:\Program Files (x86)\Freemake\Freemake Video Downloader\BrowserPlugin\Firefox\fmdownloader@gmail.com

FF Extension: Freemake Video Downloader Plugin - C:\Program Files (x86)\Freemake\Freemake Video Downloader\BrowserPlugin\Firefox\fmdownloader@gmail.com [2012-11-12]

FF HKLM-x32\...\Firefox\Extensions: [ytfmdownloader@gmail.com] - C:\Program Files (x86)\Freemake\Freemake Video Downloader\BrowserPlugin\Firefox\ytfmdownloader@gmail.com

FF Extension: Freemake Youtube Download Button - C:\Program Files (x86)\Freemake\Freemake Video Downloader\BrowserPlugin\Firefox\ytfmdownloader@gmail.com [2012-11-12]

FF HKLM-x32\...\Firefox\Extensions: [{FE1DEEEA-DB6D-44b8-83F0-34FC0F9D1052}] - C:\Program Files\Web Assistant\Firefox

 

Chrome: 

=======

CHR HomePage: hxxp://www.google.com/

CHR StartupUrls: "hxxp://search.conduit.com/?ctid=CT2801948&SearchSource=48", "hxxp://www.searchamong.com/", "hxxp://home.sweetim.com/?st=6&barid={7689942F-62CB-11E2-AD0A-685D43608735}", "hxxp://www.google.com/", "hxxp://searchy.easylifeapp.com/"

CHR Extension: (Google Docs) - C:\Users\Andre\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2014-07-30]

CHR Extension: (Google Drive) - C:\Users\Andre\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2013-03-19]

CHR Extension: (YouTube) - C:\Users\Andre\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2013-03-19]

CHR Extension: (Adblock Plus) - C:\Users\Andre\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2014-07-31]

CHR Extension: (AdBlock+) - C:\Users\Andre\AppData\Local\Google\Chrome\User Data\Default\Extensions\chmimgmjdabgiilljdjfbonifbhiglao [2014-07-31]

CHR Extension: (Google Search) - C:\Users\Andre\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2013-03-19]

CHR Extension: (Lamborghini Cherry ) - C:\Users\Andre\AppData\Local\Google\Chrome\User Data\Default\Extensions\dkkklbgbfaeockpgbkleblklmcjdbnbj [2014-07-31]

CHR Extension: (WebFilter Pro - The best filtering addon!) - C:\Users\Andre\AppData\Local\Google\Chrome\User Data\Default\Extensions\ejgfoklefkbjadjcgjmnhfbdfjolojnn [2014-07-31]

CHR Extension: (Stylish) - C:\Users\Andre\AppData\Local\Google\Chrome\User Data\Default\Extensions\fjnbnpbmkenffdnngjfgmeleoegfcffe [2014-07-31]

CHR Extension: (AdBlock) - C:\Users\Andre\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2014-07-31]

CHR Extension: (New Tab Redirect) - C:\Users\Andre\AppData\Local\Google\Chrome\User Data\Default\Extensions\icpgjfneehieebagbmdbhnlpiopdcmna [2014-07-31]

CHR Extension: (Skype Click to Call) - C:\Users\Andre\AppData\Local\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl [2014-03-03]

CHR Extension: (Gmail) - C:\Users\Andre\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2013-03-19]

CHR HKLM\...\Chrome\Extension: [bbjciahceamgodcoidkjpchnokgfpphh] - C:\Users\Andre\AppData\Local\funmoods.crx [2013-03-19]

CHR HKLM\...\Chrome\Extension: [dlnembnfbcpjnepmfjmngjenhhajpdfd] - C:\Program Files\Web Assistant\source.crx [2013-03-19]

CHR HKCU\...\Chrome\Extension: [gclijllifhfpomppedeljakfegbcpojn] - C:\Users\Andre\AppData\Local\CRE\gclijllifhfpomppedeljakfegbcpojn.crx [2012-09-20]

CHR HKLM-x32\...\Chrome\Extension: [bpegkgagfojjbcpkihigfmkojdmmimdf] - C:\Program Files (x86)\Freemake\Freemake Video Downloader\BrowserPlugin\Chrome\Freemake.Plugin.Chrome.crx [2012-11-12]

CHR HKLM-x32\...\Chrome\Extension: [dlnembnfbcpjnepmfjmngjenhhajpdfd] - C:\Program Files\Web Assistant\source.crx [2012-11-12]

CHR HKLM-x32\...\Chrome\Extension: [ehgldbbpchgpcfagfpfjgoomddhccfgh] - C:\Program Files (x86)\Freemake\Freemake Video Downloader\BrowserPlugin\Chrome\ChromeYoutubePlugin.crx [2012-11-12]

CHR HKLM-x32\...\Chrome\Extension: [gclijllifhfpomppedeljakfegbcpojn] - C:\Users\Andre\AppData\Local\CRE\gclijllifhfpomppedeljakfegbcpojn.crx [2012-09-20]

CHR HKLM-x32\...\Chrome\Extension: [glnobgflmgdgipgcdgjpfbhinmhdpbce] - C:\ProgramData\ADDICT-THING\glnobgflmgdgipgcdgjpfbhinmhdpbce.crx [2012-06-24]

CHR HKLM-x32\...\Chrome\Extension: [lifbcibllhkdhoafpjfnlhfpfgnpldfl] - C:\Program Files (x86)\Skype\Toolbars\ChromeExtension\skype_chrome_extension.crx [2014-07-14]

CHR HKLM-x32\...\Chrome\Extension: [ogccgbmabaphcakpiclgcnmcnimhokcj] - C:\Users\Andre\AppData\Local\Google\Chrome\User Data\Default\External Extensions\{EEE6C373-6118-11DC-9C72-001320C79847}\SweetNT.crx [2014-07-14]

CHR StartMenuInternet: Google Chrome - C:\Users\Andre\AppData\Local\Google\Chrome\Application\chrome.exe

CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION

 

==================== Services (Whitelisted) =================

 

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

 

R2 AdobeActiveFileMonitor10.0; C:\Program Files (x86)\Adobe\Elements 10 Organizer\PhotoshopElementsFileAgent.exe [169624 2011-09-14] (Adobe Systems Incorporated)

S2 BstHdAndroidSvc; C:\Program Files (x86)\BlueStacks\HD-Service.exe [402192 2014-03-13] (BlueStack Systems, Inc.)

R2 BstHdLogRotatorSvc; C:\Program Files (x86)\BlueStacks\HD-LogRotatorService.exe [385808 2014-03-13] (BlueStack Systems, Inc.)

R2 BstHdUpdaterSvc; C:\Program Files (x86)\BlueStacks\HD-UpdaterService.exe [770832 2014-03-13] (BlueStack Systems, Inc.)

R2 c2cautoupdatesvc; C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe [1390176 2014-07-14] (Microsoft Corporation)

R2 c2cpnrsvc; C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe [1767520 2014-07-14] (Microsoft Corporation)

S2 CLKMSVC10_9EC60124; c:\Program Files (x86)\CyberLink\PowerDVD9\NavFilter\kmsvc.exe [248304 2011-12-16] (CyberLink)

S3 Creative ALchemy AL6 Licensing Service; C:\Program Files (x86)\Common Files\Creative Labs Shared\Service\AL6Licensing.exe [79360 2012-06-10] (Creative Labs) [File not signed]

S3 Creative Audio Engine Licensing Service; C:\Program Files (x86)\Common Files\Creative Labs Shared\Service\CTAELicensing.exe [79360 2012-06-10] (Creative Labs) [File not signed]

R2 CTAudSvcService; c:\Program Files (x86)\Creative\Shared Files\CTAudSvc.exe [423424 2011-10-19] (Creative Technology Ltd) [File not signed]

R2 CtHdaSvc; C:\Windows\sysWow64\CtHdaSvc.exe [122880 2012-03-27] (Creative Technology Ltd)

R2 FreemakeVideoCapture; C:\Program Files (x86)\Freemake\CaptureLib\CaptureLibService.exe [8704 2012-09-07] (Freemake) [File not signed]

S3 IDriverT; C:\Program Files (x86)\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe [73728 2004-10-22] (Macrovision Corporation) [File not signed]

R2 jhi_service; C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\jhi_service.exe [161560 2012-02-01] (Intel Corporation)

R2 LMIGuardianSvc; C:\Program Files (x86)\LogMeIn\x64\LMIGuardianSvc.exe [376144 2014-07-16] (LogMeIn, Inc.)

R2 LMIMaint; C:\Program Files (x86)\LogMeIn\x64\RaMaint.exe [226640 2014-07-16] (LogMeIn, Inc.)

R2 LogMeIn; C:\Program Files (x86)\LogMeIn\x64\LogMeIn.exe [407424 2012-04-02] (LogMeIn, Inc.)

S2 MsMpSvc; c:\Program Files\Microsoft Security Client\MsMpEng.exe [22056 2013-01-27] () [File not signed]

R2 MySQLAndre; C:\ProgramData\MySQL\MySQL Server 5.5\my.ini [9177 2012-07-18] () [File not signed]

S3 MyWiFiDHCPDNS; C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe [273168 2012-02-26] ()

S3 NisSrv; c:\Program Files\Microsoft Security Client\NisSrv.exe [379360 2013-01-27] () [File not signed]

R2 PnkBstrA; C:\Windows\SysWOW64\PnkBstrA.exe [76888 2012-09-23] ()

R2 RzKLService; C:\Program Files (x86)\Razer\Razer Game Booster\RzKLService.exe [105448 2014-02-25] (Razer Inc.)

R2 SentinelKeysServer; C:\Program Files (x86)\Common Files\SafeNet Sentinel\Sentinel Keys Server\sntlkeyssrvr.exe [369952 2009-09-17] (SafeNet, Inc.)

R2 SentinelProtectionServer; C:\Program Files (x86)\Common Files\SafeNet Sentinel\Sentinel Protection Server\WinNT\spnsrvnt.exe [1246496 2009-09-17] (SafeNet, Inc)

R2 SentinelSecurityRuntime; C:\Program Files (x86)\Common Files\SafeNet Sentinel\Sentinel Security Runtime\sntlsrtsrvr.exe [292128 2009-09-17] (SafeNet, Inc.)

S3 SwitchBoard; C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Adobe Systems Incorporated) [File not signed]

R2 VideoAcceleratorService; C:\Program Files (x86)\SpeedBit Video Accelerator\VideoAcceleratorService.exe [265928 2012-06-28] (SpeedBit Ltd.)

S2 ZeroConfigService; C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe [2669840 2012-02-26] (Intel® Corporation)

S4 McComponentHostService; "C:\Program Files (x86)\McAfee Security Scan\3.0.207\McCHSvc.exe" [X]

S4 Web Assistant Updater; C:\Program Files\Web Assistant\ExtensionUpdaterService.exe [X]

S2 WebOptimizer; %SystemRoot%\system32\dmwu.exe [X]

 

==================== Drivers (Whitelisted) ====================

 

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

 

R2 BstHdDrv; C:\Program Files (x86)\BlueStacks\HD-Hypervisor-amd64.sys [121616 2014-03-13] (BlueStack Systems)

R3 cbfs3; C:\Windows\System32\DRIVERS\cbfs3.sys [352144 2012-04-09] (EldoS Corporation)

S3 cpudrv64; C:\Program Files (x86)\SystemRequirementsLab\cpudrv64.sys [17864 2011-06-02] ()

R3 cthda; C:\Windows\System32\drivers\cthda.sys [1052760 2012-03-27] (Creative Technology Ltd)

R2 LMIInfo; C:\Program Files (x86)\LogMeIn\x64\RaInfo.sys [16056 2014-02-07] (LogMeIn, Inc.)

S4 LMIRfsClientNP; No ImagePath

R0 MpFilter; C:\Windows\System32\DRIVERS\MpFilter.sys [230320 2013-01-20] (Microsoft Corporation)

R2 NisDrv; C:\Windows\System32\DRIVERS\NisDrvWFP.sys [130008 2013-01-20] (Microsoft Corporation)

R2 npf; C:\Windows\System32\drivers\npf.sys [35344 2011-02-11] (CACE Technologies, Inc.)

R1 nvkflt; C:\Windows\System32\DRIVERS\nvkflt.sys [249152 2012-03-25] (NVIDIA Corporation)

R2 Sentinel64; C:\Windows\System32\Drivers\Sentinel64.sys [145448 2009-09-17] (SafeNet, Inc.)

S3 Serial; C:\Windows\system32\drivers\serial.sys [94208 2009-07-13] (Brother Industries Ltd.)

R3 ST_ACCEL; C:\Windows\System32\DRIVERS\ST_ACCEL.sys [67184 2012-01-03] (STMicroelectronics)

S3 amdkmdap; system32\DRIVERS\atikmpag.sys [X]

S3 CEDRIVER60; \??\C:\Program Files (x86)\Cheat Engine 6.1\dbk64.sys [X]

S0x01000000 papycpu2; \SystemRoot\System32\DRIVERS\papycpu2.sys [X]

S0x01000000 papyjoy; \SystemRoot\System32\DRIVERS\papyjoy.sys [X]

S3 WinRing0_1_2_0; \??\C:\Program Files (x86)\IObit\Game Booster 3\Driver\WinRing0x64.sys [X]

 

==================== NetSvcs (Whitelisted) ===================

 

(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)

 

 

==================== One Month Created Files and Folders ========

 

(If an entry is included in the fixlist, the file\folder will be moved.)

 

2018-03-02 00:33 - 2018-03-02 00:33 - 00000000 ____D () C:\Users\Andre\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dell

2014-08-07 21:41 - 2014-08-07 21:41 - 00000200 _____ () C:\Users\Andre\Desktop\Call of Duty.url

2014-08-07 21:33 - 2014-08-07 21:42 - 00000058 _____ () C:\Users\Andre\Desktop\kk.txt

2014-08-07 18:56 - 2014-08-07 18:56 - 00000000 ____D () C:\Program Files (x86)\greaatsaver

2014-08-07 18:56 - 2014-08-07 18:56 - 00000000 ____D () C:\Program Files (x86)\BBITSaver

2014-08-07 18:23 - 2014-08-07 22:37 - 00000000 ____D () C:\FRST

2014-08-07 17:39 - 2014-08-07 17:39 - 02094080 _____ (Farbar) C:\Users\Andre\Downloads\FRST64.exe

2014-08-07 17:39 - 2014-08-07 17:39 - 02094080 _____ (Farbar) C:\Users\Andre\Downloads\FRST64(1).exe

2014-08-07 17:28 - 2014-08-07 17:28 - 00000000 ____D () C:\Users\Andre\Downloads\Avatar [720p]

2014-08-06 22:42 - 2013-03-02 16:59 - 00000318 _____ () C:\Users\Andre\Desktop\Curse Client.appref-ms

2014-08-06 22:41 - 2014-08-07 16:45 - 00001006 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\LogMeIn Client.lnk

2014-08-06 22:41 - 2014-08-07 16:45 - 00000990 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\LogMeIn Control Panel.lnk

2014-08-06 22:39 - 2014-08-06 22:39 - 00000000 ____D () C:\Users\Andre\AppData\Roaming\library_dir

2014-08-06 22:36 - 2014-08-06 22:36 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CyberLink PowerDVD 9.6

2014-08-06 20:14 - 2014-08-06 20:14 - 00000071 _____ () C:\Windows\wininit.ini

2014-08-06 20:13 - 2014-08-06 22:14 - 00000000 ____D () C:\Users\Andre\Desktop\New folder (5)

2014-08-06 20:13 - 2014-08-06 21:36 - 00005184 _____ () C:\Users\Andre\AppData\Roaming\msconfig.ini

2014-08-06 20:13 - 2014-08-06 20:15 - 00000000 __SHD () C:\Windows\SysWOW64\sys

2014-08-06 20:13 - 2014-08-06 20:14 - 00000000 _RSHD () C:\Users\Andre\c4u2s7y68

2014-08-06 20:11 - 2014-08-06 20:11 - 00362664 _____ () C:\Users\Andre\Downloads\MediaPlayerClassic_RocketFuelInstaller.exe

2014-08-06 20:10 - 2014-08-06 20:10 - 01028961 _____ () C:\Users\Andre\Downloads\Call of Duty Ghosts Hack.rar

2014-08-06 20:06 - 2014-08-06 20:06 - 03578764 _____ () C:\Users\Andre\Downloads\Call-of-Duty-Ghosts-Multihack-v3.0.rar

2014-08-06 20:04 - 2014-08-06 20:04 - 00003426 _____ () C:\Windows\System32\Tasks\AmiUpdXp

2014-08-06 20:04 - 2014-08-06 20:04 - 00000374 _____ () C:\Windows\Tasks\AmiUpdXp.job

2014-08-06 20:04 - 2014-08-06 20:04 - 00000000 ____D () C:\Users\Andre\AppData\Local\13677

2014-08-06 20:02 - 2014-08-06 20:02 - 00577728 _____ () C:\Users\Andre\Downloads\COD Ghosts Aimbot Downloader__3687_i1135729148_il1417854.exe

2014-08-05 00:55 - 2014-08-05 00:55 - 00000001 _____ () C:\Users\Andre\Desktop\New Text Document (2).txt

2014-08-04 20:14 - 2014-08-04 20:14 - 00017506 _____ () C:\Users\Andre\Downloads\topic,16.0 (5).html

2014-08-04 20:14 - 2014-08-04 20:14 - 00000162 ____H () C:\Users\Andre\Downloads\~$pic,16.0 (5).html

2014-08-04 18:19 - 2014-08-04 18:20 - 01649360 _____ () C:\Users\Andre\ts3_recording_14_08_04_18_19_47.wav

2014-07-30 16:27 - 2014-07-30 16:27 - 00000230 _____ () C:\Users\Andre\Desktop\Robocraft.url

2014-07-29 22:29 - 2014-07-29 22:29 - 00000230 _____ () C:\Users\Andre\Desktop\Terraria.url

2014-07-28 15:55 - 2014-07-28 15:55 - 00053830 _____ () C:\Users\Andre\Downloads\SlimevoidLib-Universal-v2.0.2.0.zip

2014-07-28 15:45 - 2014-07-28 15:45 - 01227779 _____ () C:\Users\Andre\Downloads\gulliver-forged-871-installer-0.14.2-MC1.6.2.jar

2014-07-28 15:42 - 2014-07-28 15:43 - 00173459 _____ () C:\Users\Andre\Downloads\LittleBlocks-MC1.6.2-Optifine.zip

2014-07-27 17:14 - 2014-07-27 17:14 - 00000230 _____ () C:\Users\Andre\Desktop\Call of Duty Ghosts.url

2014-07-27 17:14 - 2014-07-27 17:14 - 00000230 _____ () C:\Users\Andre\Desktop\Call of Duty Ghosts - Multiplayer.url

2014-07-27 11:15 - 2014-07-27 11:16 - 43843119 _____ () C:\Users\Andre\Downloads\Tropicraft v5.1.7 for MC v1.6.4.zip

2014-07-27 11:15 - 2014-07-27 11:15 - 02269863 _____ () C:\Users\Andre\Downloads\forge-1.6.4-9.11.1.965-installer.jar

2014-07-26 09:31 - 2014-07-26 09:38 - 00000000 ____D () C:\Users\Andre\Desktop\New folder (4)

2014-07-26 09:31 - 2014-07-26 09:31 - 07964793 _____ () C:\Users\Andre\Downloads\faithful32packOptiFine.zip

2014-07-26 09:31 - 2014-07-26 09:31 - 00850340 _____ () C:\Users\Andre\Downloads\OCD pack 1.7.2.zip

2014-07-24 18:40 - 2014-07-24 18:40 - 00000229 _____ () C:\Users\Andre\Desktop\Call of Duty Modern Warfare 3 - Multiplayer.url

2014-07-23 21:28 - 2014-07-23 21:29 - 00000000 ____D () C:\Users\Andre\Desktop\Movies

2014-07-22 20:29 - 2014-07-23 21:28 - 00000000 ____D () C:\Users\Andre\Downloads\8 Mile[2002]DvDrip[Eng]-BugZ

2014-07-19 21:22 - 2014-07-19 21:22 - 00135322 _____ () C:\Users\Andre\Desktop\skse scripts.zip

2014-07-19 21:18 - 2014-07-19 21:22 - 00000000 ____D () C:\Users\Andre\Desktop\skse_1_07_01

2014-07-19 21:18 - 2014-07-19 21:18 - 00557387 _____ () C:\Users\Andre\Downloads\skse_1_07_01.7z

2014-07-19 17:09 - 2014-07-19 17:09 - 00313875 _____ () C:\Users\Andre\Downloads\skse_1_07_01_installer.exe

2014-07-19 17:09 - 2014-07-19 17:09 - 00002266 _____ () C:\Users\UpdatusUser\Desktop\Skyrim (SKSE).lnk

2014-07-19 17:09 - 2014-07-19 17:09 - 00002248 _____ () C:\Users\Andre\Desktop\Skyrim (SKSE).lnk

2014-07-19 14:11 - 2014-07-19 14:11 - 00000000 ____D () C:\Users\Andre\Documents\Razer

2014-07-19 14:11 - 2014-07-19 14:11 - 00000000 ____D () C:\Users\Andre\AppData\Local\Razer_Inc

2014-07-19 13:16 - 2014-07-19 13:16 - 00002123 _____ () C:\Users\Public\Desktop\Razer Game Booster.lnk

2014-07-19 13:11 - 2014-07-19 13:13 - 41954352 _____ (Razer Inc. ) C:\Users\Andre\Downloads\RazerGameBoosterSetup_4.2.45.0 (2).exe

2014-07-19 13:07 - 2014-07-19 13:08 - 41954352 _____ (Razer Inc. ) C:\Users\Andre\Downloads\RazerGameBoosterSetup_4.2.45.0 (1).exe

2014-07-19 13:06 - 2014-07-19 13:07 - 41954352 _____ (Razer Inc. ) C:\Users\Andre\Downloads\RazerGameBoosterSetup_4.2.45.0.exe

2014-07-19 13:00 - 2014-07-19 13:00 - 00667648 _____ () C:\Users\Andre\Downloads\Detection.msi

2014-07-19 12:59 - 2014-07-19 12:59 - 00000000 ____D () C:\ProgramData\SystemRequirementsLab

2014-07-19 12:04 - 2014-07-19 12:04 - 00000128 _____ () C:\Users\Andre\Desktop\Generic Spoiler.url

2014-07-19 08:20 - 2014-07-19 08:20 - 00000000 _____ () C:\Users\Andre\Desktop\The Elder Scrolls V

2014-07-17 19:36 - 2014-07-17 19:39 - 00003903 _____ () C:\Users\Andre\Desktop\Color.java

2014-07-17 19:04 - 2014-07-17 19:04 - 00001366 _____ () C:\Users\Andre\Desktop\Robocode.lnk

2014-07-17 19:04 - 2014-07-17 19:04 - 00000000 ____D () C:\Users\Andre\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Robocode

2014-07-17 19:04 - 2014-07-17 19:04 - 00000000 ____D () C:\robocode

2014-07-17 18:51 - 2014-07-17 18:52 - 05436039 _____ () C:\Users\Andre\Downloads\robocode-1.9.2.1-setup.jar

2014-07-17 18:50 - 2004-02-24 00:11 - 00004734 _____ () C:\Users\Andre\Desktop\Aristocles.class

2014-07-17 18:48 - 2004-02-24 00:11 - 00005808 _____ () C:\Users\Andre\Desktop\Aristocles.java

2014-07-17 18:47 - 2014-07-17 19:39 - 00006464 _____ () C:\Users\Andre\Downloads\Andre.java

2014-07-17 18:47 - 2014-07-17 18:47 - 00006340 _____ () C:\Users\Andre\Downloads\pez.micro.Aristocles_0.3.7.jar

2014-07-08 18:15 - 2014-07-08 18:15 - 00783208 _____ (MurGee.com ) C:\Users\Andre\Downloads\setup.exe

2014-07-08 18:15 - 2014-07-08 18:15 - 00001102 _____ () C:\Users\Andre\Desktop\Auto Clicker.lnk

2014-07-08 18:15 - 2014-07-08 18:15 - 00000000 ____D () C:\Users\Andre\AppData\Local\Auto Clicker

2014-07-08 18:15 - 2014-07-08 18:15 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Auto Clicker

 

==================== One Month Modified Files and Folders =======

 

(If an entry is included in the fixlist, the file\folder will be moved.)

 

2018-03-02 00:33 - 2018-03-02 00:33 - 00000000 ____D () C:\Users\Andre\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dell

2014-08-07 22:37 - 2014-08-07 18:23 - 00000000 ____D () C:\FRST

2014-08-07 22:34 - 2012-10-20 00:10 - 00000000 ____D () C:\Users\Andre\AppData\Roaming\Skype

2014-08-07 22:05 - 2013-03-23 00:39 - 00000000 ____D () C:\Users\Andre\AppData\Roaming\steam

2014-08-07 22:05 - 2013-01-20 03:39 - 00000000 ____D () C:\Users\Andre\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Games

2014-08-07 22:04 - 2012-06-20 18:58 - 00000000 ____D () C:\Users\Andre\AppData\Local\Deployment

2014-08-07 22:02 - 2013-10-15 21:40 - 00000000 ____D () C:\Users\Andre\Documents\Outlook Files

2014-08-07 21:42 - 2014-08-07 21:33 - 00000058 _____ () C:\Users\Andre\Desktop\kk.txt

2014-08-07 21:41 - 2014-08-07 21:41 - 00000200 _____ () C:\Users\Andre\Desktop\Call of Duty.url

2014-08-07 21:41 - 2012-06-24 13:07 - 00000000 ____D () C:\Users\Andre\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Steam

2014-08-07 19:11 - 2014-02-23 22:28 - 00000000 ____D () C:\Program Files (x86)\PursuePoint

2014-08-07 18:56 - 2014-08-07 18:56 - 00000000 ____D () C:\Program Files (x86)\greaatsaver

2014-08-07 18:56 - 2014-08-07 18:56 - 00000000 ____D () C:\Program Files (x86)\BBITSaver

2014-08-07 18:56 - 2014-04-13 14:16 - 00000000 ____D () C:\ProgramData\BBITSaver

2014-08-07 18:56 - 2014-01-21 15:46 - 00000000 ____D () C:\ProgramData\greaatsaver

2014-08-07 18:56 - 2014-01-19 15:23 - 00000000 ____D () C:\ProgramData\41ee6789b6c5a1f6

2014-08-07 18:54 - 2012-08-14 17:37 - 00000000 ____D () C:\Program Files (x86)\uTorrent

2014-08-07 18:54 - 2012-06-24 01:23 - 00000000 ____D () C:\ProgramData\ADDICT-THING

2014-08-07 18:53 - 2014-03-03 10:02 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Advanced System Protector

2014-08-07 18:45 - 2012-06-10 11:41 - 01503093 _____ () C:\Windows\WindowsUpdate.log

2014-08-07 18:25 - 2009-07-14 00:13 - 00006394 _____ () C:\Windows\system32\PerfStringBackup.INI

2014-08-07 18:22 - 2013-05-09 12:07 - 00052666 _____ () C:\Windows\setupact.log

2014-08-07 17:39 - 2014-08-07 17:39 - 02094080 _____ (Farbar) C:\Users\Andre\Downloads\FRST64.exe

2014-08-07 17:39 - 2014-08-07 17:39 - 02094080 _____ (Farbar) C:\Users\Andre\Downloads\FRST64(1).exe

2014-08-07 17:28 - 2014-08-07 17:28 - 00000000 ____D () C:\Users\Andre\Downloads\Avatar [720p]

2014-08-07 17:04 - 2013-07-02 21:01 - 00000000 ____D () C:\Users\Andre\AppData\Roaming\.minecraft

2014-08-07 16:52 - 2009-07-13 23:45 - 00021296 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0

2014-08-07 16:52 - 2009-07-13 23:45 - 00021296 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0

2014-08-07 16:45 - 2014-08-06 22:41 - 00001006 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\LogMeIn Client.lnk

2014-08-07 16:45 - 2014-08-06 22:41 - 00000990 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\LogMeIn Control Panel.lnk

2014-08-07 16:45 - 2012-06-10 10:11 - 00000000 ____D () C:\Program Files (x86)\AlienRespawn

2014-08-07 16:44 - 2012-06-10 10:17 - 00000000 ____D () C:\Users\Default\AppData\Local\SoftThinks

2014-08-07 16:44 - 2012-06-10 10:17 - 00000000 ____D () C:\Users\Default User\AppData\Local\SoftThinks

2014-08-07 16:42 - 2012-06-10 11:39 - 00000000 ____D () C:\ProgramData\NVIDIA

2014-08-07 16:42 - 2010-11-20 22:47 - 00332810 _____ () C:\Windows\PFRO.log

2014-08-07 06:58 - 2014-03-03 10:01 - 00000000 ____D () C:\Users\Andre\AppData\Local\WeatherAlerts

2014-08-07 00:13 - 2012-06-20 23:47 - 00000000 ____D () C:\ProgramData\LogMeIn

2014-08-06 22:41 - 2012-11-06 15:10 - 00000000 ____D () C:\Windows\pss

2014-08-06 22:41 - 2012-10-15 18:46 - 00000000 ____D () C:\Users\Andre\AppData\Roaming\Raptr

2014-08-06 22:41 - 2012-06-20 23:47 - 00001024 _____ () C:\.rnd

2014-08-06 22:40 - 2012-10-20 00:10 - 00000000 ___RD () C:\Program Files (x86)\Skype

2014-08-06 22:40 - 2012-10-20 00:10 - 00000000 ____D () C:\ProgramData\Skype

2014-08-06 22:40 - 2012-06-20 23:47 - 00000000 ____D () C:\Program Files (x86)\LogMeIn

2014-08-06 22:39 - 2014-08-06 22:39 - 00000000 ____D () C:\Users\Andre\AppData\Roaming\library_dir

2014-08-06 22:39 - 2012-10-15 18:46 - 00000000 ____D () C:\Program Files (x86)\Raptr

2014-08-06 22:37 - 2013-01-01 21:47 - 00000160 _____ () C:\Users\Andre\AppData\Roaming\settings.set

2014-08-06 22:36 - 2014-08-06 22:36 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CyberLink PowerDVD 9.6

2014-08-06 22:36 - 2014-01-20 12:22 - 00000000 ____D () C:\Users\Andre\AppData\Local\TSVNCache

2014-08-06 22:27 - 2013-01-02 21:13 - 01372672 ___SH () C:\Users\Andre\Desktop\Thumbs.db

2014-08-06 22:14 - 2014-08-06 20:13 - 00000000 ____D () C:\Users\Andre\Desktop\New folder (5)

2014-08-06 21:58 - 2012-06-20 18:58 - 00000908 _____ () C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1126745806-3093530448-7569978-1001UA.job

2014-08-06 21:36 - 2014-08-06 20:13 - 00005184 _____ () C:\Users\Andre\AppData\Roaming\msconfig.ini

2014-08-06 21:28 - 2012-06-20 18:58 - 00000856 _____ () C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1126745806-3093530448-7569978-1001Core.job

2014-08-06 21:26 - 2013-01-08 23:06 - 00000896 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job

2014-08-06 21:12 - 2012-11-06 14:41 - 00000830 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job

2014-08-06 20:26 - 2013-01-08 23:06 - 00000892 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job

2014-08-06 20:15 - 2014-08-06 20:13 - 00000000 __SHD () C:\Windows\SysWOW64\sys

2014-08-06 20:14 - 2014-08-06 20:14 - 00000071 _____ () C:\Windows\wininit.ini

2014-08-06 20:14 - 2014-08-06 20:13 - 00000000 _RSHD () C:\Users\Andre\c4u2s7y68

2014-08-06 20:13 - 2012-06-20 18:23 - 00000000 ____D () C:\Users\Andre

2014-08-06 20:11 - 2014-08-06 20:11 - 00362664 _____ () C:\Users\Andre\Downloads\MediaPlayerClassic_RocketFuelInstaller.exe

2014-08-06 20:10 - 2014-08-06 20:10 - 01028961 _____ () C:\Users\Andre\Downloads\Call of Duty Ghosts Hack.rar

2014-08-06 20:06 - 2014-08-06 20:06 - 03578764 _____ () C:\Users\Andre\Downloads\Call-of-Duty-Ghosts-Multihack-v3.0.rar

2014-08-06 20:04 - 2014-08-06 20:04 - 00003426 _____ () C:\Windows\System32\Tasks\AmiUpdXp

2014-08-06 20:04 - 2014-08-06 20:04 - 00000374 _____ () C:\Windows\Tasks\AmiUpdXp.job

2014-08-06 20:04 - 2014-08-06 20:04 - 00000000 ____D () C:\Users\Andre\AppData\Local\13677

2014-08-06 20:02 - 2014-08-06 20:02 - 00577728 _____ () C:\Users\Andre\Downloads\COD Ghosts Aimbot Downloader__3687_i1135729148_il1417854.exe

2014-08-06 19:28 - 2009-07-14 00:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT

2014-08-06 17:49 - 2012-08-01 02:09 - 00000000 ____D () C:\Users\Andre\AppData\Local\Adobe

2014-08-05 18:18 - 2014-03-08 22:48 - 00000000 ____D () C:\Users\Andre\AppData\Local\Skyrim

2014-08-05 15:01 - 2014-03-03 10:01 - 00000276 _____ () C:\Windows\Tasks\RegClean Pro_DEFAULT.job

2014-08-05 13:02 - 2013-05-21 21:26 - 00003460 _____ () C:\Windows\System32\Tasks\PCDEventLauncherTask

2014-08-05 01:15 - 2012-07-08 08:32 - 00560640 ___SH () C:\Users\Andre\Documents\Thumbs.db

2014-08-05 00:55 - 2014-08-05 00:55 - 00000001 _____ () C:\Users\Andre\Desktop\New Text Document (2).txt

2014-08-04 20:14 - 2014-08-04 20:14 - 00017506 _____ () C:\Users\Andre\Downloads\topic,16.0 (5).html

2014-08-04 20:14 - 2014-08-04 20:14 - 00000162 ____H () C:\Users\Andre\Downloads\~$pic,16.0 (5).html

2014-08-04 20:14 - 2013-02-20 17:13 - 00000000 ____D () C:\Users\Andre\AppData\Roaming\TS3Client

2014-08-04 18:20 - 2014-08-04 18:19 - 01649360 _____ () C:\Users\Andre\ts3_recording_14_08_04_18_19_47.wav

2014-07-31 23:05 - 2012-12-04 16:25 - 00000000 ____D () C:\Users\Andre\AppData\Local\CrashDumps

2014-07-30 16:27 - 2014-07-30 16:27 - 00000230 _____ () C:\Users\Andre\Desktop\Robocraft.url

2014-07-30 16:07 - 2012-06-21 12:03 - 00000000 ____D () C:\Program Files\AlienAutopsy

2014-07-30 16:05 - 2012-06-21 12:00 - 00000000 ____D () C:\ProgramData\PCDr

2014-07-30 09:01 - 2014-03-03 10:01 - 00000284 _____ () C:\Windows\Tasks\RegClean Pro_UPDATES.job

2014-07-29 22:29 - 2014-07-29 22:29 - 00000230 _____ () C:\Users\Andre\Desktop\Terraria.url

2014-07-29 22:26 - 2013-05-07 14:04 - 00000000 ____D () C:\Users\Andre\Documents\Universe Sandbox

2014-07-28 16:36 - 2013-07-11 19:31 - 00000000 ____D () C:\Program Files (x86)\Razer

2014-07-28 15:55 - 2014-07-28 15:55 - 00053830 _____ () C:\Users\Andre\Downloads\SlimevoidLib-Universal-v2.0.2.0.zip

2014-07-28 15:45 - 2014-07-28 15:45 - 01227779 _____ () C:\Users\Andre\Downloads\gulliver-forged-871-installer-0.14.2-MC1.6.2.jar

2014-07-28 15:43 - 2014-07-28 15:42 - 00173459 _____ () C:\Users\Andre\Downloads\LittleBlocks-MC1.6.2-Optifine.zip

2014-07-27 17:38 - 2013-04-08 18:49 - 00000000 ____D () C:\Program Files (x86)\War Thunder

2014-07-27 17:16 - 2012-11-01 18:20 - 00000000 ____D () C:\Program Files\Adobe

2014-07-27 17:16 - 2012-08-01 03:08 - 00000000 ____D () C:\Program Files\Common Files\Adobe

2014-07-27 17:14 - 2014-07-27 17:14 - 00000230 _____ () C:\Users\Andre\Desktop\Call of Duty Ghosts.url

2014-07-27 17:14 - 2014-07-27 17:14 - 00000230 _____ () C:\Users\Andre\Desktop\Call of Duty Ghosts - Multiplayer.url

2014-07-27 11:16 - 2014-07-27 11:15 - 43843119 _____ () C:\Users\Andre\Downloads\Tropicraft v5.1.7 for MC v1.6.4.zip

2014-07-27 11:15 - 2014-07-27 11:15 - 02269863 _____ () C:\Users\Andre\Downloads\forge-1.6.4-9.11.1.965-installer.jar

2014-07-26 09:38 - 2014-07-26 09:31 - 00000000 ____D () C:\Users\Andre\Desktop\New folder (4)

2014-07-26 09:31 - 2014-07-26 09:31 - 07964793 _____ () C:\Users\Andre\Downloads\faithful32packOptiFine.zip

2014-07-26 09:31 - 2014-07-26 09:31 - 00850340 _____ () C:\Users\Andre\Downloads\OCD pack 1.7.2.zip

2014-07-24 18:40 - 2014-07-24 18:40 - 00000229 _____ () C:\Users\Andre\Desktop\Call of Duty Modern Warfare 3 - Multiplayer.url

2014-07-23 21:29 - 2014-07-23 21:28 - 00000000 ____D () C:\Users\Andre\Desktop\Movies

2014-07-23 21:28 - 2014-07-22 20:29 - 00000000 ____D () C:\Users\Andre\Downloads\8 Mile[2002]DvDrip[Eng]-BugZ

2014-07-23 19:24 - 2009-07-14 00:08 - 00032632 _____ () C:\Windows\Tasks\SCHEDLGU.TXT

2014-07-21 16:43 - 2014-07-07 17:34 - 00000000 ____D () C:\Users\Andre\AppData\Roaming\.ccemuredux

2014-07-19 21:22 - 2014-07-19 21:22 - 00135322 _____ () C:\Users\Andre\Desktop\skse scripts.zip

2014-07-19 21:22 - 2014-07-19 21:18 - 00000000 ____D () C:\Users\Andre\Desktop\skse_1_07_01

2014-07-19 21:22 - 2014-03-10 18:47 - 00000000 ____D () C:\Users\Andre\Documents\Nexus Mod Manager

2014-07-19 21:18 - 2014-07-19 21:18 - 00557387 _____ () C:\Users\Andre\Downloads\skse_1_07_01.7z

2014-07-19 17:09 - 2014-07-19 17:09 - 00313875 _____ () C:\Users\Andre\Downloads\skse_1_07_01_installer.exe

2014-07-19 17:09 - 2014-07-19 17:09 - 00002266 _____ () C:\Users\UpdatusUser\Desktop\Skyrim (SKSE).lnk

2014-07-19 17:09 - 2014-07-19 17:09 - 00002248 _____ () C:\Users\Andre\Desktop\Skyrim (SKSE).lnk

2014-07-19 14:19 - 2012-09-03 10:25 - 00003074 _____ () C:\Windows\System32\Tasks\Game_Booster_Startup

2014-07-19 14:11 - 2014-07-19 14:11 - 00000000 ____D () C:\Users\Andre\Documents\Razer

2014-07-19 14:11 - 2014-07-19 14:11 - 00000000 ____D () C:\Users\Andre\AppData\Local\Razer_Inc

2014-07-19 14:06 - 2013-07-11 19:35 - 00000000 ____D () C:\Users\Andre\AppData\Local\Razer

2014-07-19 13:16 - 2014-07-19 13:16 - 00002123 _____ () C:\Users\Public\Desktop\Razer Game Booster.lnk

2014-07-19 13:16 - 2013-07-11 19:31 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Razer

2014-07-19 13:15 - 2013-07-11 19:31 - 00000000 ____D () C:\ProgramData\Razer

2014-07-19 13:13 - 2014-07-19 13:11 - 41954352 _____ (Razer Inc. ) C:\Users\Andre\Downloads\RazerGameBoosterSetup_4.2.45.0 (2).exe

2014-07-19 13:08 - 2014-07-19 13:07 - 41954352 _____ (Razer Inc. ) C:\Users\Andre\Downloads\RazerGameBoosterSetup_4.2.45.0 (1).exe

2014-07-19 13:07 - 2014-07-19 13:06 - 41954352 _____ (Razer Inc. ) C:\Users\Andre\Downloads\RazerGameBoosterSetup_4.2.45.0.exe

2014-07-19 13:01 - 2013-07-11 12:10 - 00000000 ____D () C:\Program Files (x86)\SystemRequirementsLab

2014-07-19 13:00 - 2014-07-19 13:00 - 00667648 _____ () C:\Users\Andre\Downloads\Detection.msi

2014-07-19 12:59 - 2014-07-19 12:59 - 00000000 ____D () C:\ProgramData\SystemRequirementsLab

2014-07-19 12:04 - 2014-07-19 12:04 - 00000128 _____ () C:\Users\Andre\Desktop\Generic Spoiler.url

2014-07-19 08:20 - 2014-07-19 08:20 - 00000000 _____ () C:\Users\Andre\Desktop\The Elder Scrolls V

2014-07-17 19:39 - 2014-07-17 19:36 - 00003903 _____ () C:\Users\Andre\Desktop\Color.java

2014-07-17 19:39 - 2014-07-17 18:47 - 00006464 _____ () C:\Users\Andre\Downloads\Andre.java

2014-07-17 19:04 - 2014-07-17 19:04 - 00001366 _____ () C:\Users\Andre\Desktop\Robocode.lnk

2014-07-17 19:04 - 2014-07-17 19:04 - 00000000 ____D () C:\Users\Andre\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Robocode

2014-07-17 19:04 - 2014-07-17 19:04 - 00000000 ____D () C:\robocode

2014-07-17 19:01 - 2012-12-30 07:20 - 00000000 ____D () C:\Users\Andre\AppData\Local\Eclipse

2014-07-17 18:52 - 2014-07-17 18:51 - 05436039 _____ () C:\Users\Andre\Downloads\robocode-1.9.2.1-setup.jar

2014-07-17 18:47 - 2014-07-17 18:47 - 00006340 _____ () C:\Users\Andre\Downloads\pez.micro.Aristocles_0.3.7.jar

2014-07-16 17:11 - 2012-06-20 23:47 - 00107368 _____ (LogMeIn, Inc.) C:\Windows\system32\LMIRfsClientNP.dll

2014-07-16 17:11 - 2012-06-20 23:47 - 00092488 _____ (LogMeIn, Inc.) C:\Windows\system32\LMIinit.dll

2014-07-16 17:11 - 2012-06-20 23:47 - 00035656 _____ (LogMeIn, Inc.) C:\Windows\system32\LMIport.dll

2014-07-08 18:15 - 2014-07-08 18:15 - 00783208 _____ (MurGee.com ) C:\Users\Andre\Downloads\setup.exe

2014-07-08 18:15 - 2014-07-08 18:15 - 00001102 _____ () C:\Users\Andre\Desktop\Auto Clicker.lnk

2014-07-08 18:15 - 2014-07-08 18:15 - 00000000 ____D () C:\Users\Andre\AppData\Local\Auto Clicker

2014-07-08 18:15 - 2014-07-08 18:15 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Auto Clicker

2014-07-08 13:01 - 2013-06-30 18:51 - 00071952 _____ () C:\Windows\system32\lvcoinst.log

 

Files to move or delete:

====================

C:\Users\Andre\hammer.exe

C:\Users\Andre\AppData\Roaming\msconfig.ini

 

 

Some content of TEMP:

====================

C:\Users\Andre\AppData\Local\Temp\6_Offer_9.exe

C:\Users\Andre\AppData\Local\Temp\AAMHelper.exe

C:\Users\Andre\AppData\Local\Temp\AdobeApplicationManager.exe

C:\Users\Andre\AppData\Local\Temp\BackupSetup.exe

C:\Users\Andre\AppData\Local\Temp\bitool.dll

C:\Users\Andre\AppData\Local\Temp\CommandCenterSetupSetup.exe

C:\Users\Andre\AppData\Local\Temp\CreativeCloudSet-Up.exe

C:\Users\Andre\AppData\Local\Temp\DM1393858784.exe

C:\Users\Andre\AppData\Local\Temp\DM1393888978.exe

C:\Users\Andre\AppData\Local\Temp\DM1393889372.exe

C:\Users\Andre\AppData\Local\Temp\jansi-32-git-Bukkit-1.4.5-R1.0-b2543jnks.dll

C:\Users\Andre\AppData\Local\Temp\jansi-32-git-Bukkit-1.7.2-R0.2-40-g6e27629-b3011jnks.dll

C:\Users\Andre\AppData\Local\Temp\jansi-64-git-Bukkit-1.6.2-R1.0-6-g7d680d3.dll

C:\Users\Andre\AppData\Local\Temp\jansi-64-git-Bukkit-1.7.2-R0.2-40-g6e27629-b3011jnks.dll

C:\Users\Andre\AppData\Local\Temp\jansi-64-git-Bukkit-1.7.2-R0.2-b2974jnks.dll

C:\Users\Andre\AppData\Local\Temp\JingSetup.exe

C:\Users\Andre\AppData\Local\Temp\nsg7B9F.exe

C:\Users\Andre\AppData\Local\Temp\nsh6FAD.exe

C:\Users\Andre\AppData\Local\Temp\nsh7A59.exe

C:\Users\Andre\AppData\Local\Temp\nshCFAD.exe

C:\Users\Andre\AppData\Local\Temp\nsl7CF7.exe

C:\Users\Andre\AppData\Local\Temp\nsmD597.exe

C:\Users\Andre\AppData\Local\Temp\nsr751A.exe

C:\Users\Andre\AppData\Local\Temp\nsxDB05.exe

C:\Users\Andre\AppData\Local\Temp\OpenComputersMod-native.64.dll

C:\Users\Andre\AppData\Local\Temp\Paint.NET.3.5.11.Install.exe

C:\Users\Andre\AppData\Local\Temp\PreExe_ID_5853.exe

C:\Users\Andre\AppData\Local\Temp\SearchProtectChecker.exe

C:\Users\Andre\AppData\Local\Temp\SearchProtectINT.exe

C:\Users\Andre\AppData\Local\Temp\setup.exe

C:\Users\Andre\AppData\Local\Temp\setup__3813.exe

C:\Users\Andre\AppData\Local\Temp\sqlite-3.7.2-sqlitejdbc.dll

C:\Users\Andre\AppData\Local\Temp\SRLDetectionLibrary8112108768895091717.dll

C:\Users\Andre\AppData\Local\Temp\System.Data.SQLite.dll

C:\Users\Andre\AppData\Local\Temp\System.Data.SQLite50181.dll

C:\Users\Andre\AppData\Local\Temp\utt8C72.tmp.exe

 

 

==================== Bamital & volsnap Check =================

 

(There is no automatic fix for files that do not pass verification.)

 

C:\Windows\System32\winlogon.exe => File is digitally signed

C:\Windows\System32\wininit.exe => File is digitally signed

C:\Windows\SysWOW64\wininit.exe => File is digitally signed

C:\Windows\explorer.exe => File is digitally signed

C:\Windows\SysWOW64\explorer.exe

[2012-06-10 11:33] - [2012-06-10 11:33] - 2595328 ____A (Microsoft Corporation) 98B46845D7374EFE5E7ADCD7440ECABA

 

C:\Windows\System32\svchost.exe => File is digitally signed

C:\Windows\SysWOW64\svchost.exe => File is digitally signed

C:\Windows\System32\services.exe => File is digitally signed

C:\Windows\System32\User32.dll => File is digitally signed

C:\Windows\SysWOW64\User32.dll => File is digitally signed

C:\Windows\System32\userinit.exe => File is digitally signed

C:\Windows\SysWOW64\userinit.exe => File is digitally signed

C:\Windows\System32\rpcss.dll => File is digitally signed

C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed

 

 

LastRegBack: 2014-07-28 20:14

 

==================== End Of Log ============================

Link to post
Share on other sites
walia6

walia6

Posted
  • Author
Posted
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 05-08-2014

Ran by Andre at 2014-08-07 22:38:45

Running from E:\

Boot Mode: Normal

==========================================================

 

 

==================== Security Center ========================

 

(If an entry is included in the fixlist, it will be removed.)

 

AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

 

==================== Installed Programs ======================

 

(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

 

7-Zip 9.20 (HKLM-x32\...\7-Zip) (Version:  - )

Ace of Spades (HKLM-x32\...\{6037B8AD-7D5B-4D50-9BCA-A586C44EEF34}) (Version: 0.75.015 - Ben Aksoy)

Ace of Spades (HKLM-x32\...\Steam App 224540) (Version:  - )

Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 3.4.0.2710 - Adobe Systems Incorporated)

Adobe AIR (x32 Version: 3.4.0.2710 - Adobe Systems Incorporated) Hidden

Adobe Creative Cloud (HKLM-x32\...\Adobe Creative Cloud) (Version: 2.1.2.232 - Adobe Systems Incorporated)

Adobe Download Assistant (HKLM-x32\...\com.adobe.downloadassistant.AdobeDownloadAssistant) (Version: 1.2.3 - Adobe Systems Incorporated)

Adobe Download Assistant (x32 Version: 1.2.3 - Adobe Systems Incorporated) Hidden

Adobe Flash Player 11 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 11.6.602.180 - Adobe Systems Incorporated)

Adobe Flash Player 13 Plugin (HKLM-x32\...\Adobe Flash Player Plugin) (Version: 13.0.0.214 - Adobe Systems Incorporated)

Adobe Flash Professional CS6 (HKLM-x32\...\{BD5669B5-49FF-4490-B956-E9D7CB9B0ADC}) (Version: 12.0 - Adobe Systems Incorporated)

Adobe Help Manager (HKLM-x32\...\chc.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1) (Version: 4.0.244 - Adobe Systems Incorporated)

Adobe Help Manager (x32 Version: 4.0.244 - Adobe Systems Incorporated) Hidden

Adobe Photoshop Elements 10 (HKLM-x32\...\Adobe Photoshop Elements 10) (Version: 10.0 - Adobe Systems Incorporated)

Adobe Photoshop Elements 10 (x32 Version: 10.0 - Adobe Systems Incorporated) Hidden

Adobe Photoshop.com Inspiration Browser (HKLM-x32\...\PhotoshopdotcomInspirationBrowser.4C35C4D325D350FE0114230CBADCA2DDD0AC8D25.1) (Version: 3.07 - Adobe Systems Incorporated)

Adobe Photoshop.com Inspiration Browser (x32 Version: 3.07 - Adobe Systems Incorporated) Hidden

Adobe Reader X (10.1.4) MUI (HKLM-x32\...\{AC76BA86-7AD7-FFFF-7B44-AA0000000001}) (Version: 10.1.4 - Adobe Systems Incorporated)

Advanced Audio FX Engine (HKLM-x32\...\Advanced Audio FX Engine) (Version: 1.12.05 - Creative Technology Ltd)

AlienAutopsy (HKLM\...\PC-Doctor for Windows) (Version: 3.4.6422.14 - PC-Doctor, Inc.)

AlienRespawn - Support Software (HKLM-x32\...\{A9668246-FB70-4103-A1E3-66C9BC2EFB49}) (Version: 9.4.67 - Alienware)

AlienRespawn (HKLM-x32\...\{0ED7EE95-6A97-47AA-AD73-152C08A15B04}) (Version: 9.4.67 - Alienware)

Alienware Command Center (HKLM-x32\...\InstallShield_{FD1AE10F-163C-4D4B-9FCE-AC667AF1DC6E}) (Version: 2.8.8.0 - Alienware Corp.)

Alienware Command Center (Version: 2.8.8.0 - Alienware Corp.) Hidden

Alienware On-Screen Display (HKLM-x32\...\InstallShield_{0D69462F-99CC-4F8D-942E-666E21CE59F8}) (Version: 0.32.0.2C - )

Alienware On-Screen Display (x32 Version: 0.32.0.2C - ) Hidden

AmazingMIDI (HKLM-x32\...\AmazingMIDI) (Version:  - )

Anvil Studio 2012 (HKLM-x32\...\{FE2E5EDF-550A-4CAB-91F2-7F19D35D4C19}) (Version: 12.10.07 - Willow Software)

Apple Application Support (HKLM-x32\...\{21FC2093-6E43-460B-B9B0-5F5AA35BBB0F}) (Version: 3.0 - Apple Inc.)

Apple Mobile Device Support (HKLM\...\{FE86CB0C-FCB3-4358-B4B0-B0A41E33B3DD}) (Version: 7.1.0.32 - Apple Inc.)

Apple Software Update (HKLM-x32\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)

Arena (HKLM-x32\...\ArenaSetup_is1) (Version:  - Bethesda Softworks)

Armagetron Advanced 0.2.8.3.2 (HKLM-x32\...\Armagetron Advanced) (Version: 0.2.8.3.2 - Armagetron Advanced Team)

Audio Evolution 5 (HKLM-x32\...\{5BD1E7E0-4D22-4B2F-B14B-417F6D9F61D0}) (Version: 5.3.4 - eXtream Software Development)

Auto Clicker v1.6 (HKLM-x32\...\{C0A7E4F3-82CC-416B-82C6-BA06AACFD635}_is1) (Version: 1.6 - MurGee.com)

Auto Typer by MurGee v1.3 (HKLM-x32\...\{D04D8636-FB60-47FD-8F8C-18D475C52456}_is1) (Version: 1.3 - MurGee.com)

Banished (HKLM-x32\...\Steam App 242920) (Version:  - Shining Rock Software LLC)

BeamNG-Techdemo-0.3 (remove only) (HKCU\...\BeamNG-Techdemo-0.3) (Version:  - )

Bfxr (HKLM-x32\...\com.increpare.bfxr) (Version: 1.3.3 - UNKNOWN)

Bfxr (x32 Version: 1.3.3 - UNKNOWN) Hidden

Blender (HKLM\...\Blender) (Version: 2.63-release - Blender Foundation)

BlueStacks App Player (HKLM-x32\...\BlueStacks App Player) (Version: 0.8.7.3069 - BlueStack Systems, Inc.)

BlueStacks Notification Center (HKLM-x32\...\{FE5ABB0E-EDEA-4023-B0FB-9DEA39A98D76}) (Version: 0.8.7.3069 - BlueStack Systems, Inc.)

Bonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 - Apple Inc.)

BSR Screen Recorder 6 (HKLM-x32\...\BSRScreenRecorder5) (Version:  - )

Call of Duty (HKLM-x32\...\Steam App 2620) (Version:  - Infinity Ward)

Call of Duty: Ghosts - Multiplayer (HKLM-x32\...\Steam App 209170) (Version:  - Infinity Ward)

Call of Duty: Ghosts (HKLM-x32\...\Steam App 209160) (Version:  - Infinity Ward)

Call of Duty: Modern Warfare 3 - Multiplayer (HKLM-x32\...\Steam App 42690) (Version:  - Infinity Ward)

CamStudio OSS Desktop Recorder (HKLM-x32\...\{FD9C31B6-F572-414D-81E3-89368C97A125}_is1) (Version: 2.6 Beta r294 - CamStudio Open Source Dev Team)

Camtasia Studio 8 (HKLM-x32\...\{56E884B5-B9B6-4432-B209-3A3EF41C7A01}) (Version: 8.0.3.1018 - TechSmith Corporation)

Cheat Engine 6.1 (HKLM-x32\...\Cheat Engine 6.1_is1) (Version:  - Dark Byte)

Curse Client (HKCU\...\101a9f93b8f0bb6f) (Version: 5.1.1.810 - Curse)

CustoPackTools (HKLM\...\CustoPackTools) (Version:  - neOceane)

CyberLink PowerDVD 9.6 (HKLM-x32\...\InstallShield_{A8516AC9-AAF1-47F9-9766-03E2D4CDBCF8}) (Version: 9.6.1.4827 - CyberLink Corp.)

CyberLink PowerDVD 9.6 (x32 Version: 9.6.1.4827 - CyberLink Corp.) Hidden

D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden

DDiscouuntEaxteNsi (HKLM-x32\...\{B138259A-351E-33FA-2726-8D71704F1DA9}) (Version:  - DiscounntuExxtensi)

Debut Video Capture Software (HKLM-x32\...\Debut) (Version:  - NCH Software)

Definition Update for Microsoft Office 2010 (KB982726) 64-Bit Edition (HKLM\...\{91140000-0011-0000-1000-0000000FF1CE}_Office14.PROPLUSR_{FEE83E48-5D21-4EEC-A345-5C5887869DBE}) (Version:  - Microsoft)

Dell System Detect (HKCU\...\9204f5692a8faf3b) (Version: 5.7.0.6 - Dell)

DesktopWeatherAlerts (HKCU\...\DesktopWeatherAlerts) (Version: 1.0.29.0 - Local Weather LLC)

Dev-C++ 5 beta 9 release (4.9.9.2) (HKLM-x32\...\Dev-C++) (Version:  - )

DigiSaver (HKLM-x32\...\{7223EDAC-E091-B3C1-BD91-B66CE557800F}) (Version:  - DiGiSaver)

Dropbox (HKCU\...\Dropbox) (Version: 2.4.10 - Dropbox, Inc.)

Dual-Core Optimizer (HKLM-x32\...\{9FD6F1A8-5550-46AF-8509-271DF0E768B5}) (Version: 1.1.4.0169 - AMD)

Dxtory 2.0.108 (HKLM-x32\...\Dxtory2.0_is1) (Version: 2.0.108 - Dxtory Software)

Elements 10 Organizer (x32 Version: 10.0 - Adobe Systems Incorporated) Hidden

EMSC (x32 Version: 0.0.0.22C - Compal Electronics, Inc.) Hidden

EVE Online (remove only) (HKLM-x32\...\EVE) (Version:  - CCP Games Ltd.)

Express Burn (HKLM-x32\...\ExpressBurn) (Version:  - NCH Software)

ffdshow [rev 3154] [2009-12-09] (HKLM-x32\...\ffdshow_is1) (Version: 1.0 - )

Fraps (HKLM-x32\...\Fraps) (Version:  - )

Freemake Video Downloader (HKLM-x32\...\Freemake Video Downloader_is1) (Version: 3.3.0 - Ellora Assets Corporation)

FTL version 1.03.1 (HKLM-x32\...\{20E23A40-38E5-4DD6-B738-BC8097AE66B6}_is1) (Version: 1.03.1 - Subset Games)

FTL: Faster Than Light (HKLM-x32\...\Steam App 212680) (Version:  - Subset Games)

Game Dev Tycoon version 1.4.5 (HKLM-x32\...\{5BBB8682-1335-410F-A79F-8E5611A54BD0}_is1) (Version: 1.4.5 - Greenheart Games Pty. Ltd.)

Garmin Communicator Plugin (HKLM-x32\...\{647BB978-2876-487B-9B0E-FDB73F0EA4A2}) (Version: 4.0.4 - Garmin Ltd or its subsidiaries)

Garmin Communicator Plugin x64 (HKLM\...\{237D687E-9E50-4A30-B810-262764CC491B}) (Version: 4.0.4 - Garmin Ltd or its subsidiaries)

Garry's Mod (HKLM-x32\...\Steam App 4000) (Version:  - Garry)

GitHub (HKCU\...\68c6678448324991) (Version: 1.0.29.9 - GitHub, Inc.)

Google Chrome (HKCU\...\Google Chrome) (Version: 32.0.1700.102 - Google Inc.)

Google Earth (HKLM-x32\...\{4D2A6330-2F8B-11E3-9C40-B8AC6F97B88E}) (Version: 7.1.2.2041 - Google)

Google Update Helper (x32 Version: 1.3.22.3 - Google Inc.) Hidden

Horizon v2.7.7.0 (HKLM-x32\...\d4cfeebc-b821-40b7-9f81-d366b1466f03_is1) (Version: 2.7.7.0 - Daring Development Inc.)

HyperCam 2 (HKLM-x32\...\HyperCam 2) (Version: 2.27.00 - Hyperionics Technology LLC)

iExplorer 3.1.1.0 (HKLM-x32\...\{7FD8B0C1-CDDA-4B4D-A577-B2E3570EA3A3}_is1) (Version:  - Macroplant LLC)

iFunbox (v2.0.2150.728), iFunbox DevTeam (HKLM-x32\...\iFunbox_is1) (Version: v2.0.2150.728 - )

Integrated Webcam Live! Central (HKLM-x32\...\Integrated Webcam Live! Central) (Version: 2.00.44 - Creative Technology Ltd)

Intel PROSet Wireless (Version:  - ) Hidden

Intel® Control Center (HKLM-x32\...\{F8A9085D-4C7A-41a9-8A77-C8998A96C421}) (Version: 1.2.1.1007 - Intel Corporation)

Intel® Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 8.0.1.1399 - Intel Corporation)

Intel® Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 8.15.10.2653 - Intel Corporation)

Intel® PROSet/Wireless for Bluetooth® + High Speed (HKLM\...\{37EC048A-81A2-452A-8D1F-3BE2018E767D}) (Version: 15.1.0.0096 - Intel Corporation)

Intel® PROSet/Wireless Software for Bluetooth® Technology (HKLM\...\{520C4DD4-2BC7-409B-BA48-E1A4F832662D}) (Version: 2.1.0.0140 - Intel Corporation)

Intel® Rapid Storage Technology (HKLM-x32\...\{3E29EE6C-963A-4aae-86C1-DC237C4A49FC}) (Version: 11.0.0.1032 - Intel Corporation)

Intel® USB 3.0 eXtensible Host Controller Driver (HKLM-x32\...\{240C3DDD-C5E9-4029-9DF7-95650D040CF2}) (Version: 1.0.3.214 - Intel Corporation)

Intel® PROSet/Wireless WiFi Software (HKLM\...\{E97F409F-9E1C-42A0-B72D-765A78DF3696}) (Version: 15.01.0000.0830 - Intel Corporation)

Intel® Trusted Connect Service Client (HKLM\...\{538B98C3-773F-4F20-9C66-802D104DCBE2}) (Version: 1.23.219.2 - Intel Corporation)

iTunes (HKLM\...\{96B53CA8-5ABB-49D8-96F1-F6C0D73A76C6}) (Version: 11.1.4.62 - Apple Inc.)

Java 7 Update 10 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F86417010FF}) (Version: 7.0.100 - Oracle)

Java 7 Update 21 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83217021FF}) (Version: 7.0.210 - Oracle)

Java Auto Updater (x32 Version: 2.1.9.5 - Sun Microsystems, Inc.) Hidden

Java SE Development Kit 7 Update 10 (64-bit) (HKLM\...\{64A3A4F4-B792-11D6-A78A-00B0D0170100}) (Version: 1.7.0.100 - Oracle)

Java SE Development Kit 7 Update 6 (64-bit) (HKLM\...\{64A3A4F4-B792-11D6-A78A-00B0D0170060}) (Version: 1.7.0.60 - Oracle)

JavaFX 2.1.1 (HKLM-x32\...\{1111706F-666A-4037-7777-211328764D10}) (Version: 2.1.1 - Oracle Corporation)

JC2-MP version 0.0.16 (Build 546) (HKLM-x32\...\{7F12FECB-1D75-42D7-9074-D6FEA6D91E65}_is1) (Version: 0.0.16 (Build 546) - )

Jing (HKLM-x32\...\{8CC9F4D8-D938-412B-B67D-A28FA7BDB8AA}) (Version: 2.7.12205.4 - TechSmith Corporation)

Just Cause 2 (HKLM-x32\...\Steam App 8190) (Version:  - Avalanche)

Just Cause 2: Multiplayer Mod (HKLM-x32\...\Steam App 259080) (Version:  - JC2-MP Team)

JustCloud  (HKLM\...\JustCloud) (Version:  - JustCloud)

Kerbal Space Program (HKLM-x32\...\Steam App 220200) (Version:  - Squad)

LEGO Digital Designer (HKLM-x32\...\New LEGO Digital Designer) (Version:  - LEGO A/S)

Lifeless Planet (HKLM-x32\...\Steam App 261530) (Version:  - Stage 2 Studios)

LightWave 11.0 64-bit (HKLM-x32\...\LightWave 11.0 64-bit 11.0) (Version: 11.0 - NewTek, Inc.)

LimeWire 5.6.2 (HKLM-x32\...\LimeWire) (Version: 5.6.2 - Lime Wire, LLC)

LogMeIn (HKLM-x32\...\{EE4CA5AF-4A55-418C-8CB8-74435814207B}) (Version: 4.1.2450 - LogMeIn, Inc.)

LOVE (remove only) (HKLM-x32\...\LOVE) (Version:  - )

Lua for Windows 5.1.4-46 (HKLM-x32\...\Lua_is1) (Version: 5.1.4.46 - The Lua for Windows Project and Lua and Tecgraf, PUC-Rio)

Malwarebytes Anti-Malware version 1.75.0.1300 (HKLM-x32\...\Malwarebytes' Anti-Malware_is1) (Version: 1.75.0.1300 - Malwarebytes Corporation)

Mathematica Extras 9.0 (4055459) (HKLM\...\A-WIN-Extras 9.0.1 4055459_is1) (Version: 9.0.1 - Wolfram Research, Inc.)

McAfee Security Scan Plus (HKLM-x32\...\McAfee Security Scan) (Version: 3.0.207.4 - McAfee, Inc.)

Microsoft .NET Framework 4 Multi-Targeting Pack (HKLM-x32\...\{CFEF48A8-BFB8-3EAC-8BA5-DE4F8AA267CE}) (Version: 4.0.30319 - Microsoft Corporation)

Microsoft .NET Framework 4.5 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50709 - Microsoft Corporation)

Microsoft .NET Framework 4.5 (Version: 4.5.50709 - Microsoft Corporation) Hidden

Microsoft Application Error Reporting (Version: 12.0.6015.5000 - Microsoft Corporation) Hidden

Microsoft Application Error Reporting (x32 Version: 12.0.6012.5000 - Microsoft Corporation) Hidden

Microsoft Flight (HKLM-x32\...\Steam App 203850) (Version:  - Microsoft Studios)

Microsoft Games for Windows - LIVE Redistributable (HKLM-x32\...\{42AA4CA8-DCD8-4308-BCAB-0B6D75856A9D}) (Version: 3.5.95.0 - Microsoft Corporation)

Microsoft Games for Windows Marketplace (HKLM-x32\...\{4CB0307C-565E-4441-86BE-0DF2E4FB828C}) (Version: 3.5.50.0 - Microsoft Corporation)

Microsoft Help Viewer 1.0 (HKLM\...\Microsoft Help Viewer 1.0) (Version: 1.0.30319 - Microsoft Corporation)

Microsoft Help Viewer 1.0 (Version: 1.0.30319 - Microsoft Corporation) Hidden

Microsoft Office 2010 Service Pack 1 (SP1) (HKLM\...\{91140000-0011-0000-1000-0000000FF1CE}_Office14.PROPLUSR_{7BC9B5EB-125A-4E9B-97E1-8D85B5E960B8}) (Version:  - Microsoft)

Microsoft Office 2010 Service Pack 1 (SP1) (Version:  - Microsoft) Hidden

Microsoft Office Access MUI (English) 2010 (Version: 14.0.6029.1000 - Microsoft Corporation) Hidden

Microsoft Office Access Setup Metadata MUI (English) 2010 (Version: 14.0.6029.1000 - Microsoft Corporation) Hidden

Microsoft Office Excel MUI (English) 2010 (Version: 14.0.6029.1000 - Microsoft Corporation) Hidden

Microsoft Office Groove MUI (English) 2010 (Version: 14.0.6029.1000 - Microsoft Corporation) Hidden

Microsoft Office InfoPath MUI (English) 2010 (Version: 14.0.6029.1000 - Microsoft Corporation) Hidden

Microsoft Office Office 32-bit Components 2010 (Version: 14.0.6029.1000 - Microsoft Corporation) Hidden

Microsoft Office OneNote MUI (English) 2010 (Version: 14.0.6029.1000 - Microsoft Corporation) Hidden

Microsoft Office Outlook MUI (English) 2010 (Version: 14.0.6029.1000 - Microsoft Corporation) Hidden

Microsoft Office PowerPoint MUI (English) 2010 (Version: 14.0.6029.1000 - Microsoft Corporation) Hidden

Microsoft Office Professional Plus 2010 (HKLM\...\Office14.PROPLUSR) (Version: 14.0.6029.1000 - Microsoft Corporation)

Microsoft Office Professional Plus 2010 (Version: 14.0.6029.1000 - Microsoft Corporation) Hidden

Microsoft Office Proof (English) 2010 (Version: 14.0.6029.1000 - Microsoft Corporation) Hidden

Microsoft Office Proof (French) 2010 (Version: 14.0.6029.1000 - Microsoft Corporation) Hidden

Microsoft Office Proof (Spanish) 2010 (Version: 14.0.6029.1000 - Microsoft Corporation) Hidden

Microsoft Office Proofing (English) 2010 (Version: 14.0.6029.1000 - Microsoft Corporation) Hidden

Microsoft Office Publisher MUI (English) 2010 (Version: 14.0.6029.1000 - Microsoft Corporation) Hidden

Microsoft Office Shared 32-bit MUI (English) 2010 (Version: 14.0.6029.1000 - Microsoft Corporation) Hidden

Microsoft Office Shared MUI (English) 2010 (Version: 14.0.6029.1000 - Microsoft Corporation) Hidden

Microsoft Office Shared Setup Metadata MUI (English) 2010 (Version: 14.0.6029.1000 - Microsoft Corporation) Hidden

Microsoft Office Word MUI (English) 2010 (Version: 14.0.6029.1000 - Microsoft Corporation) Hidden

Microsoft Security Client (Version: 4.2.0223.1 - Microsoft Corporation) Hidden

Microsoft Security Essentials (HKLM\...\Microsoft Security Client) (Version: 4.2.223.1 - Microsoft Corporation)

Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.20513.0 - Microsoft Corporation)

Microsoft SkyDrive (HKCU\...\SkyDriveSetup.exe) (Version: 16.4.6013.0910 - Microsoft Corporation)

Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)

Microsoft SQL Server 2008 R2 Management Objects (HKLM-x32\...\{4E968D9C-21A7-4915-B698-F7AEB913541D}) (Version: 10.50.1447.4 - Microsoft Corporation)

Microsoft SQL Server Compact 3.5 SP2 ENU (HKLM-x32\...\{3A9FC03D-C685-4831-94CF-4EDFD3749497}) (Version: 3.5.8080.0 - Microsoft Corporation)

Microsoft SQL Server Compact 3.5 SP2 x64 ENU (HKLM\...\{D4AD39AD-091E-4D33-BB2B-59F6FCB8ADC3}) (Version: 3.5.8080.0 - Microsoft Corporation)

Microsoft SQL Server System CLR Types (HKLM-x32\...\{2A2F3AE8-246A-4252-BB26-1BEB45627074}) (Version: 10.50.1447.4 - Microsoft Corporation)

Microsoft Visual C# 2010 Express - ENU (HKLM-x32\...\Microsoft Visual C# 2010 Express - ENU) (Version: 10.0.30319 - Microsoft Corporation)

Microsoft Visual C# 2010 Express - ENU (x32 Version: 10.0.30319 - Microsoft Corporation) Hidden

Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)

Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)

Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)

Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)

Microsoft Visual C++ 2008 Redistributable - x64 9.0.21022 (HKLM\...\{350AA351-21FA-3270-8B7A-835434E766AD}) (Version: 9.0.21022 - Microsoft Corporation)

Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)

Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)

Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)

Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)

Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729 (HKLM-x32\...\{820B6609-4C97-3A2B-B644-573B06A0F0CC}) (Version: 9.0.30729 - Microsoft Corporation)

Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (x32 Version: 9.0.30729 - Microsoft Corporation) Hidden

Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)

Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4974 (HKLM-x32\...\{B7E38540-E355-3503-AFD7-635B2F2F76E1}) (Version: 9.0.30729.4974 - Microsoft Corporation)

Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)

Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)

Microsoft Visual C++ 2010  x64 Runtime - 10.0.30319 (HKLM\...\{94D70749-4281-39AC-AD90-B56A0E0A402E}) (Version: 10.0.30319 - Microsoft Corporation)

Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)

Microsoft Visual C++ 2010 Express - ENU (HKLM-x32\...\Microsoft Visual C++ 2010 Express - ENU) (Version: 10.0.30319 - Microsoft Corporation)

Microsoft Visual C++ 2010 Express - ENU (x32 Version: 10.0.30319 - Microsoft Corporation) Hidden

Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.60610 (HKLM-x32\...\{a1909659-0a08-4554-8af1-2175904903a1}) (Version: 11.0.60610.1 - Microsoft Corporation)

Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.60610 (HKLM-x32\...\{95716cce-fc71-413f-8ad5-56c2892d4b3a}) (Version: 11.0.60610.1 - Microsoft Corporation)

Microsoft Visual C++ 2012 x64 Additional Runtime - 11.0.60610 (Version: 11.0.60610 - Microsoft Corporation) Hidden

Microsoft Visual C++ 2012 x64 Minimum Runtime - 11.0.60610 (Version: 11.0.60610 - Microsoft Corporation) Hidden

Microsoft Visual C++ 2012 x86 Additional Runtime - 11.0.60610 (x32 Version: 11.0.60610 - Microsoft Corporation) Hidden

Microsoft Visual C++ 2012 x86 Minimum Runtime - 11.0.60610 (x32 Version: 11.0.60610 - Microsoft Corporation) Hidden

Microsoft Visual Studio 2010 ADO.NET Entity Framework Tools (HKLM-x32\...\{14DD7530-CCD2-3798-B37D-3839ED6A441C}) (Version: 10.0.30319 - Microsoft Corporation)

Microsoft Visual Studio 2010 Express Prerequisites x64 - ENU (HKLM\...\{BCA26999-EC22-3007-BB79-638913079C9A}) (Version: 10.0.30319 - Microsoft Corporation)

Microsoft XNA Framework Redistributable 4.0 (HKLM-x32\...\{2BFC7AA0-544C-4E3A-8796-67F3BE655BE9}) (Version: 4.0.20823.0 - Microsoft Corporation)

Microsoft_VC80_CRT_x86 (x32 Version: 8.0.50727.4053 - Adobe) Hidden

Microsoft_VC90_CRT_x86 (x32 Version: 1.00.0000 - Adobe) Hidden

MIDI to MP3 Converter (HKLM-x32\...\MIDI to MP3 Converter) (Version: 2.0 - FileConv Studio)

Minecraft Note Block Studio version 3.1.3 (HKLM-x32\...\{85725958-E3A1-4D0F-862B-4CE4EDC71A5E}_is1) (Version: 3.1.3 - David Norgren)

Mousotron 8.0 (HKLM-x32\...\Mousotron_is1) (Version: 8.0 - Blacksun Software)

Movie Maker (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden

Mozilla Firefox 30.0 (x86 en-US) (HKLM-x32\...\Mozilla Firefox 30.0 (x86 en-US)) (Version: 30.0 - Mozilla)

Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 29.0.1 - Mozilla)

MP3 2 Ogg Lab 2004 (HKLM-x32\...\MP3 2 Ogg Lab 2004_is1) (Version:  - MP3 Surgeon)

MP3Converter.Me (HKLM-x32\...\{C3E3CDCC-18D7-49FA-8596-90CED7327F46}) (Version: 1.0.0 - MP3Converter.Me)

MSVCRT (x32 Version: 15.4.2862.0708 - Microsoft) Hidden

MSVCRT Redists (Version: 1.0 - Sony Creative Software Inc.) Hidden

MSVCRT110 (x32 Version: 16.4.1108.0727 - Microsoft) Hidden

MSVCRT110_amd64 (Version: 16.4.1109.0912 - Microsoft) Hidden

MSXML 4.0 SP2 (KB954430) (HKLM-x32\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)

MSXML 4.0 SP2 (KB973688) (HKLM-x32\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)

MySQL Installer (HKLM-x32\...\{AE38A781-109B-428B-B695-F6F9DA05E292}) (Version: 1.0.19.0 - Oracle Corporation)

MySQL Server 5.5 (HKLM\...\{04D42880-78A6-43EC-BAA8-7B1D1B2BB3E7}) (Version: 5.5.26 - Oracle Corporation)

NASCAR® Racing 2003 Season Demo (HKLM-x32\...\{5193711F-4F46-418D-AE18-C453599807EE}) (Version:  - Sierra Entertainment)

NaturalReaderFree (HKLM-x32\...\{C5E7BF75-007E-44AD-8962-627ED44CB63B}) (Version: 11 - NaturalSoft)

Nexus Mod Manager (HKLM\...\6af12c54-643b-4752-87d0-8335503010de_is1) (Version: 0.48.2 - Black Tree Gaming)

Notepad++ (HKLM-x32\...\Notepad++) (Version: 6.1.6 - )

NVIDIA 3D Vision Driver 296.39 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 296.39 - NVIDIA Corporation)

NVIDIA Control Panel 296.39 (Version: 296.39 - NVIDIA Corporation) Hidden

NVIDIA Graphics Driver 296.39 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 296.39 - NVIDIA Corporation)

NVIDIA Install Application (Version: 2.1002.62.312 - NVIDIA Corporation) Hidden

NVIDIA Optimus 1.7.12 (Version: 1.7.12 - NVIDIA Corporation) Hidden

NVIDIA PhysX (x32 Version: 9.12.0213 - NVIDIA Corporation) Hidden

NVIDIA PhysX System Software 9.12.0213 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.12.0213 - NVIDIA Corporation)

NVIDIA Stereoscopic 3D Driver (x32 Version: 7.17.12.9639 - NVIDIA Corporation) Hidden

NVIDIA Update 1.7.12 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update) (Version: 1.7.12 - NVIDIA Corporation)

NVIDIA Update Components (Version: 1.7.12 - NVIDIA Corporation) Hidden

Oracle VM VirtualBox 4.3.12 (HKLM\...\{B5121457-0126-4E62-BCBF-6DC7C73D9E4A}) (Version: 4.3.12 - Oracle Corporation)

Paint.NET v3.5.10 (HKLM\...\{529125EF-E3AC-4B74-97E6-F688A7C0F1C0}) (Version: 3.60.0 - dotPDN LLC)

Pando Media Booster (HKLM-x32\...\{980A182F-E0A2-4A40-94C1-AE0C1235902E}) (Version: 2.6.0.8 - Pando Networks Inc.)

Pastebin Desktop (HKLM-x32\...\Pastebin Desktop) (Version:  - )

PDF Settings CS6 (x32 Version: 11.0 - Adobe Systems Incorporated) Hidden

Photo Gallery (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden

Pirate101 (HKLM-x32\...\{662140BE-138C-4DC1-B4CD-B62C6C855A25}) (Version: 1.0.0 - KingsIsle Entertainment, Inc.)

Pixillion Image Converter (HKLM-x32\...\Pixillion) (Version:  - NCH Software)

Plague Inc: Evolved (HKLM-x32\...\Steam App 246620) (Version:  - Ndemic Creations)

Port Forward Network Utilities 2.0.1 (HKLM-x32\...\Port Forward Network Utilities) (Version: 2.0.1 - Portforward.com)

Prism Video File Converter (HKLM-x32\...\Prism) (Version:  - NCH Software)

PSE10 STI Installer (x32 Version: 10.0 - Adobe Systems Incorporated) Hidden

PunkBuster Services (HKLM-x32\...\PunkBusterSvc) (Version: 0.988 - Even Balance, Inc.)

Python 3.3.0 (64-bit) (HKLM\...\{290329c4-a276-3aec-b633-9f5a39d8dd96}) (Version: 3.3.150 - Python Software Foundation)

QualxServ Service Agreement (HKLM-x32\...\{18401E1E-1E44-461A-A4B2-E48B1A727818}) (Version: 2.0.0 - Dell Inc.)

QuickTime (HKLM-x32\...\{B67BAFBA-4C9F-48FA-9496-933E3B255044}) (Version: 7.74.80.86 - Apple Inc.)

Rainmeter (HKLM-x32\...\Rainmeter) (Version: 3.0 beta r2022 - )

Raptr (HKLM-x32\...\Raptr) (Version:  - )

RAR Password Cracker (HKLM-x32\...\RAR Password Cracker) (Version: 4.12 - dnSoft Research Group)

Razer Game Booster (HKLM-x32\...\Razer Game Booster_is1) (Version: 4.2.45.0 - Razer Inc.)

Razer Synapse 2.0 (HKLM-x32\...\{0D78BEE2-F8FF-4498-AF1A-3FF81CED8AC6}) (Version: 1.11.3 - Razer Inc.)

ReaguLaarDeals (HKLM-x32\...\{76DEE3DC-2B8B-E212-2126-D31D9E73DFE4}) (Version:  - RegularDeaLs)

RegInOut System Utilities (HKLM-x32\...\RegInOut System Utilities4.0.0.1) (Version: 4.0.0.1 - SORCIM Technologies)

Rigs of Rods 0.38.67 (HKLM-x32\...\Rigs of Rods 0.38.67) (Version: 0.38.67 - Rigs of Rods Team)

ROBLOX Player (HKLM-x32\...\{373B1718-8CC5-4567-8EE2-9033AD08A680}) (Version:  - ROBLOX Corporation)

ROBLOX Studio 2013 (HKLM-x32\...\{2922D6F1-2865-4EFA-97A9-94EEAB3AFA14}) (Version:  - ROBLOX Corporation)

Robocraft (HKLM-x32\...\Steam App 301520) (Version:  - Freejam)

Scratch (HKLM-x32\...\Scratch) (Version: 1.4.0.0 - MIT Media Lab Lifelong Kindergarten Group)

Sentinel Protection Installer 7.6.1 (HKLM-x32\...\{7B1AA2AB-ACD2-45C7-B1B1-364BEA40615F}) (Version: 7.6.1 - SafeNet, Inc.)

Ship Simulator Extremes (HKLM-x32\...\Steam App 48800) (Version:  - VStep)

ShopuDrop (HKLM-x32\...\{B6D700D3-3D0D-FEEB-D675-2CE78F9EC5D6}) (Version:  - ShhoPDraop)

Skype Click to Call (HKLM-x32\...\{6D1221A9-17BF-4EC0-81F2-27D30EC30701}) (Version: 7.3.16540.9015 - Microsoft Corporation)

Skype™ 6.16 (HKLM-x32\...\{7A3C7E05-EE37-47D6-99E1-2EB05A3DA3F7}) (Version: 6.16.105 - Skype Technologies S.A.)

Software Version Updater (HKLM-x32\...\{99C91FC5-DB5B-4AA0-BB70-5D89C5A4DF96}) (Version: 1.1.3.8 - ) <==== ATTENTION

Sound Blaster Recon3Di (HKLM-x32\...\{C8AAFCDC-CD3A-40AD-9FA9-07FB70F08224}) (Version: 1.00.08 - Creative Technology Limited)

Sound Blaster Recon3Di Extras (HKLM-x32\...\{C45E715E-442E-4D82-BD46-A08A0870957C}) (Version: 1.0 - Creative Technology Limited)

SpeedBit Video Accelerator (HKLM-x32\...\SpeedBit Video Accelerator) (Version: 3310(build_3019) - SpeedBit Ltd.)

SpeedCap 1.0 (HKLM-x32\...\{6DB8C365-E719-4BA5-9594-10DFC244D3FD}_is1) (Version:  - )

Spintires (HKLM-x32\...\Steam App 263280) (Version:  - Oovee® Game Studios)

ST Microelectronics 3 Axis Digital Accelerometer Solution (HKLM-x32\...\{9C24F411-9CA7-4A8A-91F3-F08A4A38EB31}) (Version: 4.12.0018 - ST Microelectronics)

Star Trek Online (HKLM-x32\...\Star Trek Online) (Version:  - Cryptic Studios)

Star wars Battlefront II version 1.3 (HKLM-x32\...\{2EF34761-F147-4984-8AF1-BB9F8DA76CDD}_is1) (Version: 1.3 - )

Steam (HKLM-x32\...\{048298C9-A4D3-490B-9FF9-AB023A9238F3}) (Version: 1.0.0.0 - Valve Corporation)

Sumotori Dreams (HKLM-x32\...\Sumotori Dreams) (Version:  - )

Sumotori Full Version (HKLM-x32\...\Sumotori Full Version) (Version:  - )

SWF to AVI (HKLM-x32\...\{3315B802-84C6-47BC-907A-9B77A4646197}_is1) (Version:  - www.swftoavi.com)

Switch Sound File Converter (HKLM-x32\...\Switch) (Version:  - NCH Software)

Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 16.0.4.0 - Synaptics Incorporated)

Synthesia (HKLM-x32\...\Synthesia) (Version: 9 - Synthesia LLC)

System Requirements Lab CYRI (HKLM-x32\...\{19B0831B-0C18-4103-86E4-90FCD04CD3B9}) (Version: 6.0.12.5 - Husdawg, LLC)

System Requirements Lab Detection (HKLM-x32\...\{33CCDAF8-9F2C-4F03-8536-B146EF06AC08}) (Version: 2.0.0.0 - Husdawg, LLC)

System Requirements Lab for Intel (HKLM-x32\...\{C7CA731B-BF9A-46D9-92CF-8A8737AE9240}) (Version: 4.5.13.0 - Husdawg, LLC)

TeamSpeak 3 Client (HKCU\...\TeamSpeak 3 Client) (Version: 3.0.15 - TeamSpeak Systems GmbH)

TeamSpeak 3 Client (HKLM\...\TeamSpeak 3 Client) (Version: 3.0.6 - TeamSpeak Systems GmbH)

Terraria (HKLM-x32\...\Steam App 105600) (Version:  - Re-Logic)

The Elder Scrolls V: Skyrim (HKLM-x32\...\Steam App 72850) (Version:  - Bethesda Game Studios)

TidyNetwork (HKCU\...\TidyNetwork) (Version:  - TidyNetwork)

TortoiseSVN 1.8.4.24972 (64 bit) (HKLM\...\{A2EFDE01-96B3-4E55-8834-81617ED6BCBE}) (Version: 1.8.24972 - TortoiseSVN)

Total Screen Recorder Gold 1.5 (HKLM-x32\...\{9BF42FDC-FFD3-4F30-B0D5-DA8A6E5316F7}_is1) (Version: 1.5 - Total Screen Recorder, Inc.)

Unity (HKLM-x32\...\Unity) (Version:  - Unity Technologies ApS)

Unity Web Player (HKCU\...\UnityWebPlayer) (Version:  - Unity Technologies ApS)

Universe Sandbox (HKLM-x32\...\Steam App 72200) (Version:  - Giant Army)

Update for Microsoft Office 2010 (KB2553065) (HKLM\...\{91140000-0011-0000-1000-0000000FF1CE}_Office14.PROPLUSR_{57CEB66B-DD29-4883-92A2-671331657B52}) (Version:  - Microsoft)

Update for Microsoft Office 2010 (KB2553092) (HKLM\...\{90140000-0044-0409-1000-0000000FF1CE}_Office14.PROPLUSR_{E636FE63-842B-4F4B-9884-DA189ACC0B91}) (Version:  - Microsoft)

Update for Microsoft Office 2010 (KB2553092) (HKLM\...\{91140000-0011-0000-1000-0000000FF1CE}_Office14.PROPLUSR_{E636FE63-842B-4F4B-9884-DA189ACC0B91}) (Version:  - Microsoft)

Update for Microsoft Office 2010 (KB2553181) 64-Bit Edition (HKLM\...\{90140000-0043-0000-1000-0000000FF1CE}_Office14.PROPLUSR_{E24F10E6-7D9B-4E3A-B6CF-4C3257A382CD}) (Version:  - Microsoft)

Update for Microsoft Office 2010 (KB2553181) 64-Bit Edition (HKLM\...\{91140000-0011-0000-1000-0000000FF1CE}_Office14.PROPLUSR_{E24F10E6-7D9B-4E3A-B6CF-4C3257A382CD}) (Version:  - Microsoft)

Update for Microsoft Office 2010 (KB2553267) 64-Bit Edition (HKLM\...\{91140000-0011-0000-1000-0000000FF1CE}_Office14.PROPLUSR_{3E381AC3-30C3-41D7-9B27-B3F3E17BDCB8}) (Version:  - Microsoft)

Update for Microsoft Office 2010 (KB2553310) 64-Bit Edition (HKLM\...\{90140000-006E-0409-1000-0000000FF1CE}_Office14.PROPLUSR_{D9CF6D64-9342-4C83-A9C1-F45DE139F2A7}) (Version:  - Microsoft)

Update for Microsoft Office 2010 (KB2553378) 64-Bit Edition (HKLM\...\{91140000-0011-0000-1000-0000000FF1CE}_Office14.PROPLUSR_{CABC3FE9-02BD-47C8-8576-EA3E8BB1BE1A}) (Version:  - Microsoft)

Update for Microsoft Office 2010 (KB2566458) (HKLM\...\{90140000-0043-0000-1000-0000000FF1CE}_Office14.PROPLUSR_{A6C194EA-C6CB-4314-9E43-AD1F4A1E9D74}) (Version:  - Microsoft)

Update for Microsoft Office 2010 (KB2598242) 64-Bit Edition (HKLM\...\{90140000-001F-0409-1000-0000000FF1CE}_Office14.PROPLUSR_{A8EC00BF-EDF5-46F0-B466-C4312722D8F3}) (Version:  - Microsoft)

Update for Microsoft Office 2010 (KB2598242) 64-Bit Edition (HKLM\...\{90140000-001F-040C-1000-0000000FF1CE}_Office14.PROPLUSR_{02A7E7E4-15FB-4240-963D-61E9029E0135}) (Version:  - Microsoft)

Update for Microsoft Office 2010 (KB2598242) 64-Bit Edition (HKLM\...\{90140000-001F-0C0A-1000-0000000FF1CE}_Office14.PROPLUSR_{BE0D098C-1F21-481C-BA71-ECAD0F770E23}) (Version:  - Microsoft)

Update for Microsoft Office 2010 (KB2687509) 64-Bit Edition (HKLM\...\{90140000-0043-0000-1000-0000000FF1CE}_Office14.PROPLUSR_{7750DF63-F5DC-4198-8B8B-AE03B212F462}) (Version:  - Microsoft)

Update for Microsoft Office 2010 (KB2687509) 64-Bit Edition (HKLM\...\{91140000-0011-0000-1000-0000000FF1CE}_Office14.PROPLUSR_{7750DF63-F5DC-4198-8B8B-AE03B212F462}) (Version:  - Microsoft)

Update for Microsoft Office 2010 (KB2760631) 64-Bit Edition (HKLM\...\{91140000-0011-0000-1000-0000000FF1CE}_Office14.PROPLUSR_{B6AD7E27-012A-4B63-82BA-AF62893E5435}) (Version:  - Microsoft)

Update for Microsoft Office 2010 (KB2767886) 64-Bit Edition (HKLM\...\{91140000-0011-0000-1000-0000000FF1CE}_Office14.PROPLUSR_{204B60A2-CCEA-4075-9F58-B7BC1BA5E742}) (Version:  - Microsoft)

Update for Microsoft OneNote 2010 (KB2553290) 64-Bit Edition (HKLM\...\{90140000-00A1-0409-1000-0000000FF1CE}_Office14.PROPLUSR_{8D07F876-D93A-4CF7-B801-1D41AB2BF60B}) (Version:  - Microsoft)

Update for Microsoft Outlook 2010 (KB2597090) 64-Bit Edition (HKLM\...\{91140000-0011-0000-1000-0000000FF1CE}_Office14.PROPLUSR_{0977F620-BD31-41EC-B18C-31E341D5935E}) (Version:  - Microsoft)

Update for Microsoft Outlook 2010 (KB2687623) 64-Bit Edition (HKLM\...\{90140000-001A-0409-1000-0000000FF1CE}_Office14.PROPLUSR_{0B6EF241-90CC-4AC7-B36F-2EECB12E61CF}) (Version:  - Microsoft)

Update for Microsoft Outlook Social Connector 2010 (KB2553406) 64-Bit Edition (HKLM\...\{90140000-001A-0409-1000-0000000FF1CE}_Office14.PROPLUSR_{4C975BB2-B3EE-4F66-A8E7-5C917B7C439D}) (Version:  - Microsoft)

Update for Microsoft Outlook Social Connector 2010 (KB2553406) 64-Bit Edition (HKLM\...\{91140000-0011-0000-1000-0000000FF1CE}_Office14.PROPLUSR_{7861C766-2AA2-4A50-AB75-A57D451CEA76}) (Version:  - Microsoft)

Update for Microsoft PowerPoint 2010 (KB2598240) 64-Bit Edition (HKLM\...\{91140000-0011-0000-1000-0000000FF1CE}_Office14.PROPLUSR_{AF61D314-0E39-485E-A603-2B2F03AB7376}) (Version:  - Microsoft)

Update for Microsoft SharePoint Workspace 2010 (KB2589371) 64-Bit Edition (HKLM\...\{90140000-0043-0000-1000-0000000FF1CE}_Office14.PROPLUSR_{E1757044-ECB2-4551-B1D5-5E39F7E109CE}) (Version:  - Microsoft)

Update for Microsoft SharePoint Workspace 2010 (KB2589371) 64-Bit Edition (HKLM\...\{91140000-0011-0000-1000-0000000FF1CE}_Office14.PROPLUSR_{E1757044-ECB2-4551-B1D5-5E39F7E109CE}) (Version:  - Microsoft)

Vegas Pro 11.0 (64-bit) (HKLM\...\{43EBA222-8DF7-11E1-862B-F04DA23A5C58}) (Version: 11.0.683 - Sony)

VideoPad Video Editor (HKLM-x32\...\VideoPad) (Version:  - NCH Software)

VIO Player version 1.2 (HKLM-x32\...\{2A9009E1-122C-4692-B442-A750C0DE7BA1}_is1) (Version: 1.2 - VIO Player)

Visual Studio 2008 x64 Redistributables (HKLM-x32\...\{FCDBEA60-79F0-4FAE-BBA8-55A26C609A49}) (Version: 10.0.0.2 - AVG Technologies)

Visual Studio 2010 Tools for SQL Server Compact 3.5 SP2 ENU (HKLM-x32\...\{112C23F2-C036-4D40-BED4-0CB47BF5555C}) (Version: 4.0.8080.0 - Microsoft Corporation)

VLC media player 2.0.3 (HKLM-x32\...\VLC media player) (Version: 2.0.3 - VideoLAN)

Voxatron 0.2.9 (HKLM-x32\...\Voxatron) (Version: 0.2.9 - Lexaloffle Games)

WavePad Sound Editor (HKLM-x32\...\WavePad) (Version:  - NCH Software)

Windows Live Communications Platform (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden

Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 16.4.3508.0205 - Microsoft Corporation)

Windows Live Essentials (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden

Windows Live ID Sign-in Assistant (Version: 7.250.4311.0 - Microsoft Corporation) Hidden

Windows Live Installer (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden

Windows Live Photo Common (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden

Windows Live PIMT Platform (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden

Windows Live SOXE (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden

Windows Live SOXE Definitions (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden

Windows Live UX Platform (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden

Windows Live UX Platform Language Pack (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden

WinPcap 4.1.2 (HKLM-x32\...\WinPcapInst) (Version: 4.1.0.2001 - CACE Technologies)

WinRAR 4.20 (32-bit) (HKLM-x32\...\WinRAR archiver) (Version: 4.20.0 - win.rar GmbH)

Wizard101 (HKLM-x32\...\{A9E27FF5-6294-46A8-B8FD-77B1DECA3021}) (Version: 1.0.0 - KingsIsle Entertainment, Inc.)

Wolfram Mathematica 9 (M-WIN-L 9.0.1 4055652) (HKLM\...\M-WIN-L 9.0.1 4055652_is1) (Version: 9.0.1 - Wolfram Research, Inc.)

World of Warcraft (HKLM-x32\...\World of Warcraft) (Version:  - Blizzard Entertainment)

Xilisoft Audio Converter 6 (HKLM-x32\...\Xilisoft Audio Converter 6) (Version: 6.4.0.20121010 - Xilisoft)

Xvid Video Codec (HKLM-x32\...\Xvid Video Codec 1.3.2) (Version: 1.3.2 - Xvid Team)

 

==================== Custom CLSID (selected items): ==========================

 

(If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)

 

CustomCLSID: HKU\S-1-5-21-1126745806-3093530448-7569978-1001_Classes\CLSID\{005A3A96-BAC4-4B0A-94EA-C0CE100EA736}\localserver32 -> C:\Users\Andre\AppData\Roaming\Dropbox\bin\Dropbox.exe ()

CustomCLSID: HKU\S-1-5-21-1126745806-3093530448-7569978-1001_Classes\CLSID\{4c542487-eae3-4ed5-8b97-b47c782733a7}\InprocServer32 -> C:\Windows\system32\dfshim.dll (Microsoft Corporation)

CustomCLSID: HKU\S-1-5-21-1126745806-3093530448-7569978-1001_Classes\CLSID\{A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E}\InprocServer32 -> C:\Users\Andre\AppData\Local\Microsoft\SkyDrive\16.4.6013.0910\amd64\SkyDriveShell64.dll (Microsoft Corporation)

CustomCLSID: HKU\S-1-5-21-1126745806-3093530448-7569978-1001_Classes\CLSID\{BBACC218-34EA-4666-9D7A-C78F2274A524}\InprocServer32 -> C:\Users\Andre\AppData\Local\Microsoft\SkyDrive\16.4.6013.0910\amd64\SkyDriveShell64.dll (Microsoft Corporation)

CustomCLSID: HKU\S-1-5-21-1126745806-3093530448-7569978-1001_Classes\CLSID\{D45F043D-F17F-4e8a-8435-70971D9FA46D}\InprocServer32 -> C:\Program Files (x86)\Blender Foundation\Blender\BlendThumb64.dll ()

CustomCLSID: HKU\S-1-5-21-1126745806-3093530448-7569978-1001_Classes\CLSID\{F241C880-6982-4CE5-8CF7-7085BA96DA5A}\InprocServer32 -> C:\Users\Andre\AppData\Local\Microsoft\SkyDrive\16.4.6013.0910\amd64\SkyDriveShell64.dll (Microsoft Corporation)

CustomCLSID: HKU\S-1-5-21-1126745806-3093530448-7569978-1001_Classes\CLSID\{F8071786-1FD0-4A66-81A1-3CBE29274458}\InprocServer32 -> C:\Users\Andre\AppData\Local\Microsoft\SkyDrive\16.4.6013.0910\amd64\FileSyncApi64.dll (Microsoft Corporation)

CustomCLSID: HKU\S-1-5-21-1126745806-3093530448-7569978-1001_Classes\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Andre\AppData\Roaming\Dropbox\bin\DropboxExt64.22.dll (Dropbox, Inc.)

CustomCLSID: HKU\S-1-5-21-1126745806-3093530448-7569978-1001_Classes\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Andre\AppData\Roaming\Dropbox\bin\DropboxExt64.22.dll (Dropbox, Inc.)

CustomCLSID: HKU\S-1-5-21-1126745806-3093530448-7569978-1001_Classes\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Andre\AppData\Roaming\Dropbox\bin\DropboxExt64.22.dll (Dropbox, Inc.)

CustomCLSID: HKU\S-1-5-21-1126745806-3093530448-7569978-1001_Classes\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Andre\AppData\Roaming\Dropbox\bin\DropboxExt64.22.dll (Dropbox, Inc.)

 

==================== Restore Points  =========================

 

04-08-2014 01:26:16 Scheduled Checkpoint

04-08-2014 14:15:25 Windows Update

 

==================== Hosts content: ==========================

 

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

 

2009-07-13 21:34 - 2009-06-10 16:00 - 00000824 ____A C:\Windows\system32\Drivers\etc\hosts

 

==================== Scheduled Tasks (whitelisted) =============

 

(If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.)

 

Task: {04094ACA-6101-41B4-B6CE-8486E1886143} - System32\Tasks\{EF0B6366-FE86-4BAA-A172-C69E2CAD85E5} => C:\Users\Andre\Desktop\Simfam\INFO.EXE

Task: {047AB952-D89D-451F-B345-AC1FE9B48005} - System32\Tasks\{2128E508-3F8C-477D-9996-68719DE10D31} => C:\Users\Andre\KSP_win\Patcher.exe [2013-05-23] ()

Task: {10667766-430C-43F1-84D0-D473C13FDC3F} - System32\Tasks\{9753B072-F2D9-48B4-8C42-62A87730ECA1} => C:\Users\Andre\Desktop\Simfam\INFO.EXE

Task: {12980C63-8E5F-48E7-BE5F-425855036FD4} - System32\Tasks\RegClean Pro => C:\Program Files (x86)\RegClean Pro\RegCleanPro.exe <==== ATTENTION

Task: {14D6D5F6-7862-4A84-899C-E7747AD3FAD4} - System32\Tasks\{AED7ADA7-C265-4B08-A2B2-D9712A3B6B43} => C:\Users\Andre\Desktop\Simfam\INFO.EXE

Task: {1B545489-AC70-453C-85B6-F1E3B7A0D0CA} - System32\Tasks\{220CE8D8-2646-4E92-A100-08CBDE168701} => C:\Users\Andre\KSP_win\Patcher.exe [2013-05-23] ()

Task: {2B9E2916-88AB-4C7A-A799-4D92BC2F9970} - System32\Tasks\{B9CA4FED-DBEA-4BEC-B3C8-D59CD2CB04B6} => C:\Users\Andre\Desktop\Simfam\INFO.EXE

Task: {2DE4C538-0620-4237-9848-7731E21980E8} - System32\Tasks\Game_Booster_Startup => C:\Program Files (x86)\IObit\Game Booster 3\gbtray.exe

Task: {2EE372F2-0D7F-49CA-BB15-541DD5574C90} - System32\Tasks\LaunchApp => C:\Program Files (x86)\JustCloud\JustCloud.exe [2012-12-25] (JustCloud.com)

Task: {2FC974EF-8F48-4806-8531-552A19B1365A} - System32\Tasks\{98BE2DA4-2C66-434A-9AF4-F15514CE0D62} => C:\Users\Andre\Desktop\Simfam\INSTALL.EXE

Task: {32DFA58F-C694-4240-A3A1-1478A519A067} - System32\Tasks\{19063F75-0959-4D28-9CCE-21E07ED590AB} => C:\Users\Andre\Desktop\Simfam\INSTALL.EXE

Task: {33AC5F18-5C7B-4AFF-917F-A080CDE2EAE2} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2011-06-01] (Apple Inc.)

Task: {3FDEC9F4-60C1-4F6E-9AD7-5FB52323A1D5} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-1126745806-3093530448-7569978-1001Core => C:\Users\Andre\AppData\Local\Google\Update\GoogleUpdate.exe [2014-08-06] ()

Task: {497AE90B-1857-47B1-B961-494F0A4C272E} - System32\Tasks\{19367B33-1531-4BC6-A496-C1F946B8AD83} => C:\Users\Andre\Desktop\Simfam\INFO.EXE

Task: {4C7B89EF-BFC1-42A4-86C8-13741B9843C9} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2014-05-27] (Adobe Systems Incorporated)

Task: {4D09757B-4D27-40A9-B659-1FDC2D26602D} - System32\Tasks\{3A5CBD49-A919-40E8-B888-2928FAB450D6} => C:\Users\Andre\Desktop\Simfam\INFO.EXE

Task: {5473DDA1-B2B1-4AEA-BC71-49BE7E30B046} - System32\Tasks\{B8C35793-8A81-4BEE-8306-3D852013A7A6} => C:\Users\Andre\Desktop\Simfam\INSTALL.EXE

Task: {55888F78-89A8-4D03-AC55-0CEBE3029D67} - System32\Tasks\RegClean Pro_UPDATES => C:\Program Files (x86)\RegClean Pro\RegCleanPro.exe <==== ATTENTION

Task: {5FCCCC57-3E0D-44A7-BABB-CD0818B95A88} - System32\Tasks\{7A6AAEBC-E74F-47B2-A7D4-FA2EEFAFA357} => C:\Users\Andre\Desktop\Simfam\INSTALL.EXE

Task: {62616E1B-A1FF-41B8-B5CF-E473301A868F} - System32\Tasks\PCDoctorBackgroundMonitorTask => C:\Program Files\AlienAutopsy\uaclauncher.exe [2013-12-19] (PC-Doctor, Inc.)

Task: {6694A963-ED41-4EC9-AD85-580DB6A322F6} - System32\Tasks\WS.Booster-S-1431105474 => c:\programdata\safesoft\ws.booster\WS.Booster.exe [2013-02-25] () <==== ATTENTION

Task: {68C0B7D4-D33C-4608-BB42-0448A4E18F66} - System32\Tasks\Games\UpdateCheck_S-1-5-21-1126745806-3093530448-7569978-1001

Task: {6C336170-79FB-48CE-9A02-4790A353805C} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-1126745806-3093530448-7569978-1001UA => C:\Users\Andre\AppData\Local\Google\Update\GoogleUpdate.exe [2014-08-06] ()

Task: {6E3E3987-1F5A-4895-AB27-A380D9BE12E7} - System32\Tasks\GS.Enabler-S-1824435291 => c:\programdata\house of soft\gs.enabler\GS.Enabler.exe [2013-01-21] () <==== ATTENTION

Task: {79020356-AF92-4328-A861-83BC1AE15DF6} - System32\Tasks\{C21BC4F0-51FC-4C44-80BD-2AD23FD39AC2} => C:\Users\Andre\Desktop\Simfam\INSTALL.EXE

Task: {7BD8787E-948B-47EC-AB1E-7DE05C4265C6} - System32\Tasks\{3A64882A-99E1-4258-8FF0-3AB0B72318A5} => C:\Users\Andre\Desktop\Simfam\INFO.EXE

Task: {7F8AA49B-5D12-4732-BC9C-A3F5E8B3DAAA} - System32\Tasks\{6A6A65C7-C6CA-457E-A4C6-189FCABC668F} => C:\Users\Andre\Desktop\Simfam\INSTALL.EXE

Task: {81686180-B7C8-407C-B227-E106122DA13C} - System32\Tasks\TidyNetwork Update => C:\Users\Andre\AppData\Local\TidyNetwork\petnupdate.exe [2014-02-23] ()

Task: {9085836D-C2F9-4196-8A61-EBC8C994CD67} - System32\Tasks\RunMCServerOnStartup\Server => C:\Users\Andre\Desktop\Games\Minecraft\Minecraft server\Survival\run.bat

Task: {9532A307-75DE-41D0-9034-F9CFDA8D3088} - System32\Tasks\RunMCServerOnStartup\MinecraftOnStartup => C:\Users\Andre\Desktop\Minecraft.bat

Task: {97FB33F0-51CE-4A17-86C3-D2440119072F} - System32\Tasks\{62EDE147-40F2-47BE-AB31-1B983F2A28EC} => C:\Users\Andre\Desktop\Simfam\INFO.EXE

Task: {98CE077E-35CE-47D6-9EC9-3D966A338003} - System32\Tasks\{A8954C34-BB1F-430B-8663-A4D9D9DB6B2A} => C:\Users\Andre\Desktop\Simfam\SIMFARM.EXE

Task: {9ACD3557-34C8-44AC-9072-8400190025B0} - System32\Tasks\AmiUpdXp => C:\Users\Andre\AppData\Local\13677\a7110.exe [2014-08-06] ()

Task: {9AE8C160-A5DA-43DB-BCF3-6A55EFF3B63F} - System32\Tasks\{ABCAD76E-5206-463C-86D0-1FAF5E17D0A6} => C:\Users\Andre\Desktop\Simfam\SIMFARM.EXE

Task: {A097E6EA-774F-482D-9592-9D87D14E505C} - System32\Tasks\{0A2A9BA1-182A-4020-B530-187FAE0DE36E} => C:\Users\Andre\Desktop\Simfam\INFO.EXE

Task: {A45793B2-CE40-479E-A5D2-24B5B9D36143} - System32\Tasks\{31303B82-9526-4B72-A0EB-7AFE64971E4C} => C:\Users\Andre\Desktop\SimFarm\SIMFARM.EXE

Task: {A6570D74-4D21-4AAB-971F-CA7126005C7E} - System32\Tasks\PCDEventLauncherTask => C:\Program Files\AlienAutopsy\sessionchecker.exe [2013-12-19] (PC-Doctor, Inc.)

Task: {AA5C3D34-8119-4033-A3C7-42290EA029FF} - System32\Tasks\{615CC3CB-A1B9-4EB6-9CFE-6DCD4E3E0A83} => C:\Users\Andre\Desktop\Simfam\INFO.EXE

Task: {AB9C5E5F-98E3-4F4A-9C4B-9C8419698F51} - System32\Tasks\{7848507E-1E01-46B5-888F-8D19BB2D1B61} => C:\Users\Andre\Desktop\Simfam\INFO.EXE

Task: {AD6C6D35-08A5-4158-B373-4A07830DE7B4} - System32\Tasks\{75FAAA6A-FDF1-45E8-8117-07E99D0E1B5F} => C:\Users\Andre\Desktop\Simfam\INSTALL.EXE

Task: {AF6F7B6C-2427-4584-9578-2D1621903D37} - System32\Tasks\{0DA96CDC-FA39-478D-89A9-E39CA2F0AE4D} => C:\Users\Andre\Desktop\evasi0n7.exe

Task: {B42B6D92-8B9D-4ED3-A299-B4C16642CA2E} - System32\Tasks\{7010F12A-1B74-4526-AEFB-4C10E45CC8D6} => C:\Users\Andre\Desktop\Simfam\INFO.EXE

Task: {B624389D-7786-484D-B114-8E5A6A63E76A} - System32\Tasks\{1926A9AA-2879-4FA6-8EB2-89B2A4BF412E} => C:\Users\Andre\Desktop\Simfam\INFO.EXE

Task: {B9450B50-D4A1-47E0-9A58-A35220C36DBB} - System32\Tasks\{AF7AEEDA-8305-4E6E-9DEA-723D8ABDFE4D} => C:\Users\Andre\Desktop\Simfam\INSTALL.EXE

Task: {BA7468E2-6E88-462F-883D-080FE060C382} - System32\Tasks\{76586A39-AC58-4E45-8511-FCF0AB0DE33F} => C:\Users\Andre\Desktop\Simfam\INFO.EXE

Task: {BAB19E4D-5D5F-4C36-B5A4-92A59B7F2E9A} - System32\Tasks\{31807671-3F8B-4282-AC7A-F274140FD4E2} => C:\Users\Andre\Desktop\Simfam\INSTALL.EXE

Task: {BE41D78A-7562-4B34-BCA3-39D1CE7AA914} - System32\Tasks\Advanced System Protector_startup => C:\Program Files (x86)\Advanced System Protector\AdvancedSystemProtector.exe <==== ATTENTION

Task: {BE57E2AA-2FEA-4646-AAD9-262F7A59B6A3} - System32\Tasks\{CFBCA889-77E5-422D-8A93-7C2F77E93C80} => C:\Users\Andre\Desktop\Simfam\INSTALL.EXE

Task: {C42A0188-EC72-42A0-BE16-18B95F1EF854} - System32\Tasks\{7FE72F68-C137-4AF9-BD59-03A6095518FF} => C:\Users\Andre\Desktop\SimFarm\SIMFARM.EXE

Task: {C84DFF45-3EC4-409F-80C4-2E8F97B58FBB} - System32\Tasks\{EBE108D8-7866-4C19-A037-801AB520125E} => C:\Users\Andre\Desktop\Simfam\INFO.EXE

Task: {CD9ACCEC-CF63-4180-A3ED-EBA1E9034FFC} - System32\Tasks\{9E9D8172-3161-4E30-A9CC-1290DDBE0057} => C:\Users\Andre\Desktop\Simfam\INSTALL.EXE

Task: {CE0326A6-113D-4E57-94DC-B44C4EBE6EE8} - System32\Tasks\Microsoft\Windows\WindowsBackup\AutomaticBackup => Rundll32.exe /d sdengin2.dll,ExecuteScheduledBackup

Task: {D633D47B-0947-4433-A6C5-7B1E2BD2AD82} - System32\Tasks\{19A46CE7-48AF-4D9A-AB45-FDCB1A07B9E7} => C:\Users\Andre\KSP_win\Patcher.exe [2013-05-23] ()

Task: {E1FF6492-89C7-4133-B274-87F1A04F0267} - System32\Tasks\{937DB1C8-95F9-42EC-8E0D-62DE57CEB502} => C:\Users\Andre\Desktop\Simfam\INSTALL.EXE

Task: {E2FCF5C2-B02F-4525-9ED5-826A051E7CB6} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2013-01-08] (Google Inc.)

Task: {E38A918E-C112-4D6D-A7AF-7ECB1D1C95D7} - System32\Tasks\AdobeAAMUpdater-1.0--The_Best_EVER--Andre => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [2013-06-13] (Adobe Systems Incorporated)

Task: {E619CCC0-8580-4D1B-8727-C37AFB9AD9D4} - System32\Tasks\Game_Booster_AutoUpdate => C:\Program Files (x86)\IObit\Game Booster 3\AutoUpdate.exe

Task: {E76A2661-32F8-4971-B7E6-A56E5DB62FC4} - System32\Tasks\{4C24591A-1ADD-440F-B434-2B29BBC02411} => C:\Users\Andre\Desktop\Simfam\INFO.EXE

Task: {ECA7A8FE-A30F-460B-A3BC-C10893700F41} - System32\Tasks\RegClean Pro_DEFAULT => C:\Program Files (x86)\RegClean Pro\RegCleanPro.exe <==== ATTENTION

Task: {F00FEF6C-0A31-49F8-8E27-67DBEB768BF1} - System32\Tasks\{0EB25245-50AB-4B65-9ECC-0A91B272AA7C} => C:\Users\Andre\Desktop\Simfam\INFO.EXE

Task: {F6663880-7813-4037-B867-505AE4392333} - System32\Tasks\{89A4A35F-9CE5-4665-A312-9E6E8D183F6B} => C:\Users\Andre\Desktop\Simfam\INSTALL.EXE

Task: {F674FCEA-F084-4AC6-855B-4218E2BC2125} - System32\Tasks\{378DD97D-FF24-45D9-B51B-80BCF6361EAA} => C:\Users\Andre\Desktop\Simfam\INFO.EXE

Task: {F7725BE2-A34A-4190-BA6B-3E1ACFAEC0A0} - System32\Tasks\{B56661F3-2395-447D-A658-FAE42036D932} => C:\Users\Andre\Desktop\Simfam\INSTALL.EXE

Task: {F7BC99CA-CC8E-4A18-BDC3-2ECF06D17447} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2013-01-08] (Google Inc.)

Task: {F913202B-85A8-4813-B56A-BCD657E6BED7} - System32\Tasks\BrowserSafeguard Update Task => C:\Program Files (x86)\Browsersafeguard\uninstall.BrowserSafeguard.exe <==== ATTENTION

Task: {FAEDDCC2-E971-4319-9D6F-9C5F89B27E19} - System32\Tasks\SystemToolsDailyTest => uaclauncher.exe

Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe

Task: C:\Windows\Tasks\AmiUpdXp.job => C:\Users\Andre\AppData\Local\13677\a7110.exe <==== ATTENTION

Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1126745806-3093530448-7569978-1001Core.job => C:\Users\Andre\AppData\Local\Google\Update\GoogleUpdate.exe

Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1126745806-3093530448-7569978-1001UA.job => C:\Users\Andre\AppData\Local\Google\Update\GoogleUpdate.exe

Task: C:\Windows\Tasks\RegClean Pro_DEFAULT.job => C:\Program Files (x86)\RegClean Pro\RegCleanPro.exe <==== ATTENTION

Task: C:\Windows\Tasks\RegClean Pro_UPDATES.job => C:\Program Files (x86)\RegClean Pro\RegCleanPro.exe <==== ATTENTION

 

==================== Loaded Modules (whitelisted) =============

 

2013-08-30 10:01 - 2013-08-30 10:01 - 03358064 _____ () C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSync\CoreSync_v_1_1_0_x64.dll

2013-11-24 14:37 - 2013-11-24 14:37 - 00075504 _____ () C:\Program Files\TortoiseSVN\bin\TortoiseStub.dll

2013-11-24 14:36 - 2013-11-24 14:36 - 00088304 _____ () C:\Program Files\TortoiseSVN\bin\libsasl.dll

2010-10-20 16:23 - 2010-10-20 16:23 - 08801632 _____ () C:\Program Files\Microsoft Office\Office14\1033\GrooveIntlResource.dll

2014-08-06 22:42 - 2014-08-06 22:41 - 00014848 ____N () C:\Users\Andre\AppData\Local\Apps\2.0\PXG7Q190.YP7\NXTGM6Q8.C21\curs..tion_9e9e83ddf3ed3ead_0005.0001_36a9b6290e21932c\Curse.CurseClient.WowDb.dll

2014-08-06 22:42 - 2014-08-06 22:41 - 00035840 ____N () C:\Users\Andre\AppData\Local\Apps\2.0\PXG7Q190.YP7\NXTGM6Q8.C21\curs..tion_9e9e83ddf3ed3ead_0005.0001_36a9b6290e21932c\Curse.Advertising.dll

2014-08-06 22:42 - 2014-08-06 22:41 - 00099840 ____N () C:\Users\Andre\AppData\Local\Apps\2.0\PXG7Q190.YP7\NXTGM6Q8.C21\curs..tion_9e9e83ddf3ed3ead_0005.0001_36a9b6290e21932c\Curse.CurseClient.CMOD2.dll

2012-07-02 22:12 - 2012-07-02 22:12 - 09696768 _____ () C:\Program Files\MySQL\MySQL Server 5.5\bin\mysqld.exe

2012-09-23 01:06 - 2012-09-23 01:22 - 00076888 _____ () C:\Windows\SysWOW64\PnkBstrA.exe

2012-06-10 10:12 - 2012-01-26 21:49 - 02751808 ____N () C:\Program Files (x86)\AlienRespawn\COMPONENTS\SCHEDULER\STSERVICE.EXE

2014-02-06 01:52 - 2014-02-06 01:52 - 00073544 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll

2014-02-06 01:52 - 2014-02-06 01:52 - 01044808 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll

2013-07-11 14:27 - 2013-07-11 14:27 - 00172032 _____ () C:\Windows\assembly\NativeImages_v2.0.50727_32\IsdiInterop\ef71e8c18fb10fed101ea14f12988e9b\IsdiInterop.ni.dll

2012-06-10 10:02 - 2011-11-29 20:00 - 00059392 _____ () C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IsdiInterop.dll

2012-06-10 10:06 - 2012-02-01 17:44 - 01198872 _____ () C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\ACE.dll

2011-07-18 16:07 - 2011-07-18 16:07 - 00014336 _____ () C:\Program Files (x86)\Notepad++\plugins\NppExport.dll

2011-09-21 15:46 - 2011-09-21 15:46 - 01673728 _____ () C:\Program Files (x86)\Notepad++\plugins\NppFTP.dll

2013-11-24 13:48 - 2013-11-24 13:48 - 00065264 _____ () C:\Program Files\TortoiseSVN\bin\TortoiseStub32.dll

2013-11-24 13:48 - 2013-11-24 13:48 - 00071408 _____ () C:\Program Files\TortoiseSVN\bin\libsasl32.dll

2014-01-16 05:01 - 2014-01-11 05:28 - 00715544 _____ () C:\Users\Andre\AppData\Local\Google\Chrome\Application\32.0.1700.76\libglesv2.dll

2014-01-16 05:01 - 2014-01-11 05:28 - 00100120 _____ () C:\Users\Andre\AppData\Local\Google\Chrome\Application\32.0.1700.76\libegl.dll

2014-01-16 05:01 - 2014-01-11 05:29 - 04055320 _____ () C:\Users\Andre\AppData\Local\Google\Chrome\Application\32.0.1700.76\pdf.dll

2014-01-16 05:01 - 2014-01-11 05:29 - 00399640 _____ () C:\Users\Andre\AppData\Local\Google\Chrome\Application\32.0.1700.76\ppGoogleNaClPluginChrome.dll

2014-01-16 05:01 - 2014-01-11 05:28 - 01634584 _____ () C:\Users\Andre\AppData\Local\Google\Chrome\Application\32.0.1700.76\ffmpegsumo.dll

2014-05-11 16:41 - 2014-08-04 14:19 - 01171456 _____ () C:\Users\Andre\AppData\Roaming\steam\libavcodec-55.dll

2014-03-08 19:26 - 2014-08-04 14:19 - 00441856 _____ () C:\Users\Andre\AppData\Roaming\steam\libavutil-53.dll

2014-01-08 00:29 - 2014-08-04 14:19 - 00332288 _____ () C:\Users\Andre\AppData\Roaming\steam\libavresample-1.dll

2013-03-12 18:10 - 2014-08-04 14:18 - 00769024 _____ () C:\Users\Andre\AppData\Roaming\steam\SDL2.dll

2014-05-11 16:41 - 2014-08-07 18:12 - 02144448 _____ () C:\Users\Andre\AppData\Roaming\steam\video.dll

2014-05-11 16:41 - 2014-08-04 14:19 - 00403968 _____ () C:\Users\Andre\AppData\Roaming\steam\libavformat-55.dll

2014-05-11 16:41 - 2014-07-30 21:51 - 00519168 _____ () C:\Users\Andre\AppData\Roaming\steam\libswscale-2.dll

2013-03-15 18:29 - 2014-08-07 18:12 - 00677056 _____ () C:\Users\Andre\AppData\Roaming\steam\bin\chromehtml.DLL

2013-03-14 22:19 - 2014-08-04 14:18 - 34586816 _____ () C:\Users\Andre\AppData\Roaming\steam\bin\libcef.dll

2014-07-24 18:37 - 2014-08-04 14:18 - 00837824 _____ () C:\Users\Andre\AppData\Roaming\steam\bin\ffmpegsumo.dll

2014-02-20 07:53 - 2014-02-20 07:53 - 13632904 _____ () C:\Users\Andre\AppData\Local\Google\Chrome\User Data\PepperFlash\12.0.0.70\pepflashplayer.dll

 

==================== Alternate Data Streams (whitelisted) =========

 

(If an entry is included in the fixlist, only the Alternate Data Streams will be removed.)

 

AlternateDataStreams: C:\Program Files\Common Files\Microsoft Shared:2QUXbLK6zDB0i0lt4wrkSQMAl

AlternateDataStreams: C:\ProgramData\Microsoft:AZBGFz6tHfGvaOY15EbUlmLiJOOc

AlternateDataStreams: C:\ProgramData\Microsoft:rn31mvAYMdMrCZ8j3R904Pp7

AlternateDataStreams: C:\ProgramData\Microsoft:W2dcBDElv84N3Sok2a3kfwjK

AlternateDataStreams: C:\ProgramData\Microsoft:Wg5qmF62QadD9fRWJxNdNdF

AlternateDataStreams: C:\ProgramData\Microsoft:ZFTwQZ6jdPrxDrSD3IeqieBk

AlternateDataStreams: C:\Users\Andre\Desktop\The Elder Scrolls V: Skyrim.lnk

AlternateDataStreams: C:\Users\Andre\AppData\Local\NZeRnB7bQfe0cI:8O9tOXSoxeXnhPggOqJOwK

AlternateDataStreams: C:\Users\Andre\AppData\Local\p3mH7u0j06LOaL:WAtExphT4JHiNGSA0V083c2o

 

==================== Safe Mode (whitelisted) ===================

 

(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)

 

 

==================== EXE Association (whitelisted) =============

 

(If an entry is included in the fixlist, the default will be restored. None default entries will be removed.)

 

 

==================== MSCONFIG/TASK MANAGER disabled items =========

 

(Currently there is no automatic fix for this section.)

 

MSCONFIG\Services: avgwd => 2

MSCONFIG\Services: BackupStack => 2

MSCONFIG\Services: McComponentHostService => 3

MSCONFIG\Services: vToolbarUpdater14.2.0 => 2

MSCONFIG\Services: Web Assistant Updater => 2

MSCONFIG\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^McAfee Security Scan Plus.lnk => C:\Windows\pss\McAfee Security Scan Plus.lnk.CommonStartup

MSCONFIG\startupfolder: C:^Users^Andre^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^CurseClientStartup.ccip => C:\Windows\pss\CurseClientStartup.ccip.Startup

MSCONFIG\startupfolder: C:^Users^Andre^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^DesktopWeatherAlerts.lnk => C:\Windows\pss\DesktopWeatherAlerts.lnk.Startup

MSCONFIG\startupfolder: C:^Users^Andre^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^Dropbox.lnk => C:\Windows\pss\Dropbox.lnk.Startup

MSCONFIG\startupfolder: C:^Users^Andre^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^JustCloud.lnk => C:\Windows\pss\JustCloud.lnk.Startup

MSCONFIG\startupfolder: C:^Users^Andre^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^Pastebin Desktop.lnk => C:\Windows\pss\Pastebin Desktop.lnk.Startup

MSCONFIG\startupfolder: C:^Users^Andre^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^Rainmeter.lnk => C:\Windows\pss\Rainmeter.lnk.Startup

MSCONFIG\startupfolder: C:^Users^Andre^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^Weather Alerts.lnk => C:\Windows\pss\Weather Alerts.lnk.Startup

MSCONFIG\startupreg: Adobe ARM => "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"

MSCONFIG\startupreg: Adobe Creative Cloud => "C:\Program Files (x86)\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe" --showwindow=false --onOSstartup=true

MSCONFIG\startupreg: Adobe Reader Speed Launcher => "C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Reader_sl.exe"

MSCONFIG\startupreg: AdobeCS6ServiceManager => "C:\Program Files (x86)\Common Files\Adobe\CS6ServiceManager\CS6ServiceManager.exe" -launchedbylogin

MSCONFIG\startupreg: AlienwareOn-ScreenDisplay => C:\Program Files (x86)\Alienware On-Screen Display\AlienwareOn-ScreenDisplay.exe

MSCONFIG\startupreg: amd_dc_opt => C:\Program Files (x86)\AMD\Dual-Core Optimizer\amd_dc_opt.exe

MSCONFIG\startupreg: APSDaemon => "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"

MSCONFIG\startupreg: AutoTyperMurGee => C:\Program Files (x86)\Auto Typer\AutoTyper.exe :settings

MSCONFIG\startupreg: AVG_TRAY => "C:\Program Files (x86)\AVG\AVG2012\avgtray.exe"

MSCONFIG\startupreg: BCSSync => "C:\Program Files\Microsoft Office\Office14\BCSSync.exe" /DelayServices

MSCONFIG\startupreg: BDRegion => c:\Program Files (x86)\Cyberlink\Shared Files\brs.exe

MSCONFIG\startupreg: BLEServicesCtrl => C:\Program Files (x86)\Intel\Bluetooth\BleServicesCtrl.exe

MSCONFIG\startupreg: BlueStacks Agent => C:\Program Files (x86)\BlueStacks\HD-Agent.exe

MSCONFIG\startupreg: boincmgr => "C:\Program Files\BOINC\boincmgr.exe" /a /s

MSCONFIG\startupreg: boinctray => "C:\Program Files\BOINC\boinctray.exe"

MSCONFIG\startupreg: Browser Infrastructure Helper => C:\Users\Andre\AppData\Local\Smartbar\Application\SavePass.exe startup

MSCONFIG\startupreg: BrowserSafeguard => "C:\Program Files (x86)\Browsersafeguard\BrowserSafeguard.exe"

MSCONFIG\startupreg: BTMTrayAgent => rundll32.exe "C:\Program Files (x86)\Intel\Bluetooth\btmshell.dll",TrayApp

MSCONFIG\startupreg: Dxtory Update Checker 2.0 => C:\Program Files (x86)\Dxtory Software\Dxtory2.0\UpdateChecker.exe

MSCONFIG\startupreg: Google Update => "C:\Users\Andre\AppData\Local\Google\Update\GoogleUpdate.exe" /c

MSCONFIG\startupreg: GoogleChromeAutoLaunch_CDE9B9A3C1D351C05B61B6CB536D0894 => "C:\Users\Andre\AppData\Local\Google\Chrome\Application\chrome.exe" --no-startup-window

MSCONFIG\startupreg: IAStorIcon => C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe

MSCONFIG\startupreg: Integrated Webcam Live! Central => "C:\Program Files (x86)\Integrated Webcam\Live! Central\WebcamInt.exe" /mode2

MSCONFIG\startupreg: IntelPROSet => "C:\Program Files\Common Files\Intel\WirelessCommon\iFrmewrk.exe" /tf Intel PROSet/Wireless

MSCONFIG\startupreg: iTunesHelper => "C:\Program Files (x86)\iTunes\iTunesHelper.exe"

MSCONFIG\startupreg: Jing => C:\Program Files (x86)\TechSmith\Jing\Jing.exe

MSCONFIG\startupreg: LogMeIn GUI => "C:\Program Files (x86)\LogMeIn\x64\LogMeInSystray.exe"

MSCONFIG\startupreg: MSC => "c:\Program Files\Microsoft Security Client\msseces.exe" -hide -runkey

MSCONFIG\startupreg: Optimizer Pro => C:\Program Files (x86)\Optimizer Pro\OptProLauncher.exe

MSCONFIG\startupreg: PDVD9LanguageShortcut => "c:\Program Files (x86)\CyberLink\PowerDVD9\Language\Language.exe"

MSCONFIG\startupreg: PhotoshopElements8SyncAgent => C:\Program Files (x86)\Adobe\Elements 10 Organizer\ElementsOrganizerSyncAgent.exe

MSCONFIG\startupreg: PrivitizeVPN => C:\Program Files (x86)\PrivitizeVPN\PrivitizeVPN.exe /autorun

MSCONFIG\startupreg: QuickTime Task => "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime

MSCONFIG\startupreg: Raptr => C:\PROGRA~2\Raptr\raptrstub.exe --startup

MSCONFIG\startupreg: RemoteControl9 => "c:\Program Files (x86)\CyberLink\PowerDVD9\PDVD9Serv.exe"

MSCONFIG\startupreg: RocketDock => "C:\Program Files (x86)\CustoPackTools\utils\RocketDock\RocketDock.exe"

MSCONFIG\startupreg: ROC_ROC_JULY_P1 => "C:\Program Files (x86)\AVG Secure Search\ROC_ROC_JULY_P1.exe" / /PROMPT /CMPID=ROC_JULY_P1

MSCONFIG\startupreg: Skype => "C:\Program Files (x86)\Skype\Phone\Skype.exe" /minimized /regrun

MSCONFIG\startupreg: Sound Blaster Recon3Di Control Panel => "c:\Program Files (x86)\Creative\Sound Blaster Recon3Di\Sound Blaster Recon3Di Control Panel\SBRcni.exe" /r

MSCONFIG\startupreg: SpeedBitVideoAccelerator => "C:\Program Files (x86)\SpeedBit Video Accelerator\VideoAccelerator.exe" /startup

MSCONFIG\startupreg: Steam => "C:\Users\Andre\AppData\Roaming\steam\steam.exe" -silent

MSCONFIG\startupreg: SunJavaUpdateSched => "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"

MSCONFIG\startupreg: SweetIM => C:\Program Files (x86)\SweetIM\Messenger\SweetIM.exe

MSCONFIG\startupreg: Sweetpacks Communicator => C:\Program Files (x86)\SweetIM\Communicator\SweetPacksUpdateManager.exe

MSCONFIG\startupreg: SwitchBoard => C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe

MSCONFIG\startupreg: SynTPEnh => %ProgramFiles%\Synaptics\SynTP\SynTPEnh.exe

MSCONFIG\startupreg: UpdReg => C:\Windows\UpdReg.EXE

MSCONFIG\startupreg: USB3MON => "C:\Program Files (x86)\Intel\Intel® USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe"

MSCONFIG\startupreg: vProt => "C:\Program Files (x86)\AVG Secure Search\vprot.exe"

MSCONFIG\startupreg: Xvid => C:\Program Files (x86)\Xvid\CheckUpdate.exe

 

==================== Faulty Device Manager Devices =============

 

 

==================== Event log errors: =========================

 

Application errors:

==================

Error: (08/07/2014 07:13:37 PM) (Source: Microsoft-Windows-RestartManager) (EventID: 10006) (User: -The_Best_EVER-)

Description: Application or service 'linmsl' could not be shut down.

 

Error: (08/07/2014 07:11:12 PM) (Source: Application Hang) (EventID: 1002) (User: )

Description: The program Au_.exe version 0.0.0.0 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Action Center control panel.

 

Process ID: 8fc

 

Start Time: 01cfb29d11357c8b

 

Termination Time: 15

 

Application Path: C:\Users\Andre\AppData\Local\Temp\~nsu.tmp\Au_.exe

 

Report Id:

 

Error: (08/07/2014 07:06:32 PM) (Source: Application Hang) (EventID: 1002) (User: )

Description: The program Au_.exe version 0.0.0.0 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Action Center control panel.

 

Process ID: d04

 

Start Time: 01cfb29c5b232a83

 

Termination Time: 10

 

Application Path: C:\Users\Andre\AppData\Local\Temp\~nsu.tmp\Au_.exe

 

Report Id:

 

Error: (08/07/2014 07:04:37 PM) (Source: Application Hang) (EventID: 1002) (User: )

Description: The program Au_.exe version 0.0.0.0 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Action Center control panel.

 

Process ID: 7ec

 

Start Time: 01cfb29bf5b1a9c2

 

Termination Time: 5

 

Application Path: C:\Users\Andre\AppData\Local\Temp\~nsu.tmp\Au_.exe

 

Report Id:

 

Error: (08/07/2014 06:25:47 PM) (Source: Microsoft-Windows-LoadPerf) (EventID: 3011) (User: NT AUTHORITY)

Description: Unloading the performance counter strings for service WmiApRpl (WmiApRpl) failed. The first DWORD in the Data section contains the error code.

 

Error: (08/07/2014 06:25:47 PM) (Source: Microsoft-Windows-LoadPerf) (EventID: 3012) (User: NT AUTHORITY)

Description: The performance strings in the Performance registry value is corrupted when process Performance extension counter provider. The BaseIndex value from the Performance registry is the first DWORD in the Data section, LastCounter value is the second DWORD in the Data section, and LastHelp value is the third DWORD in the Data section.

 

Error: (08/07/2014 04:49:35 PM) (Source: Microsoft-Windows-LoadPerf) (EventID: 3011) (User: NT AUTHORITY)

Description: Unloading the performance counter strings for service WmiApRpl (WmiApRpl) failed. The first DWORD in the Data section contains the error code.

 

Error: (08/07/2014 04:49:35 PM) (Source: Microsoft-Windows-LoadPerf) (EventID: 3012) (User: NT AUTHORITY)

Description: The performance strings in the Performance registry value is corrupted when process Performance extension counter provider. The BaseIndex value from the Performance registry is the first DWORD in the Data section, LastCounter value is the second DWORD in the Data section, and LastHelp value is the third DWORD in the Data section.

 

Error: (08/07/2014 04:45:16 PM) (Source: WinMgmt) (EventID: 10) (User: )

Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

 

Error: (08/07/2014 04:44:53 PM) (Source: BstHdAndroidSvc) (EventID: 0) (User: )

Description: Service cannot be started. System.ApplicationException: Cannot start service.  Service did not stop gracefully the last time it was run.

   at BlueStacks.hyperDroid.Service.Service.OnStart(String[] args)

   at System.ServiceProcess.ServiceBase.ServiceQueuedMainCallback(Object state)

 

 

System errors:

=============

Error: (08/07/2014 10:32:09 PM) (Source: Ntfs) (EventID: 55) (User: )

Description: The file system structure on the disk is corrupt and unusable.

Please run the chkdsk utility on the volume OS.

 

Error: (08/07/2014 10:32:09 PM) (Source: Ntfs) (EventID: 55) (User: )

Description: The file system structure on the disk is corrupt and unusable.

Please run the chkdsk utility on the volume OS.

 

Error: (08/07/2014 10:32:09 PM) (Source: Ntfs) (EventID: 55) (User: )

Description: The file system structure on the disk is corrupt and unusable.

Please run the chkdsk utility on the volume OS.

 

Error: (08/07/2014 10:32:09 PM) (Source: Ntfs) (EventID: 55) (User: )

Description: The file system structure on the disk is corrupt and unusable.

Please run the chkdsk utility on the volume OS.

 

Error: (08/07/2014 10:32:09 PM) (Source: Ntfs) (EventID: 55) (User: )

Description: The file system structure on the disk is corrupt and unusable.

Please run the chkdsk utility on the volume OS.

 

Error: (08/07/2014 10:32:09 PM) (Source: Ntfs) (EventID: 55) (User: )

Description: The file system structure on the disk is corrupt and unusable.

Please run the chkdsk utility on the volume OS.

 

Error: (08/07/2014 10:32:09 PM) (Source: Ntfs) (EventID: 55) (User: )

Description: The file system structure on the disk is corrupt and unusable.

Please run the chkdsk utility on the volume OS.

 

Error: (08/07/2014 10:32:09 PM) (Source: Ntfs) (EventID: 55) (User: )

Description: The file system structure on the disk is corrupt and unusable.

Please run the chkdsk utility on the volume C:.

 

Error: (08/07/2014 10:32:09 PM) (Source: Ntfs) (EventID: 55) (User: )

Description: The file system structure on the disk is corrupt and unusable.

Please run the chkdsk utility on the volume OS.

 

Error: (08/07/2014 10:32:09 PM) (Source: Ntfs) (EventID: 55) (User: )

Description: The file system structure on the disk is corrupt and unusable.

Please run the chkdsk utility on the volume OS.

 

 

Microsoft Office Sessions:

=========================

Error: (08/07/2014 07:13:37 PM) (Source: Microsoft-Windows-RestartManager) (EventID: 10006) (User: -The_Best_EVER-)

Description: 1C:\Program Files (x86)\LPT\linmsl.exelinmsl0511719360

 

Error: (08/07/2014 07:11:12 PM) (Source: Application Hang) (EventID: 1002) (User: )

Description: Au_.exe0.0.0.08fc01cfb29d11357c8b15C:\Users\Andre\AppData\Local\Temp\~nsu.tmp\Au_.exe

 

Error: (08/07/2014 07:06:32 PM) (Source: Application Hang) (EventID: 1002) (User: )

Description: Au_.exe0.0.0.0d0401cfb29c5b232a8310C:\Users\Andre\AppData\Local\Temp\~nsu.tmp\Au_.exe

 

Error: (08/07/2014 07:04:37 PM) (Source: Application Hang) (EventID: 1002) (User: )

Description: Au_.exe0.0.0.07ec01cfb29bf5b1a9c25C:\Users\Andre\AppData\Local\Temp\~nsu.tmp\Au_.exe

 

Error: (08/07/2014 06:25:47 PM) (Source: Microsoft-Windows-LoadPerf) (EventID: 3011) (User: NT AUTHORITY)

Description: WmiApRplWmiApRpl8F20300004D070000

 

Error: (08/07/2014 06:25:47 PM) (Source: Microsoft-Windows-LoadPerf) (EventID: 3012) (User: NT AUTHORITY)

Description: Performance1637070000000000000000000009030000

 

Error: (08/07/2014 04:49:35 PM) (Source: Microsoft-Windows-LoadPerf) (EventID: 3011) (User: NT AUTHORITY)

Description: WmiApRplWmiApRpl8F20300004D070000

 

Error: (08/07/2014 04:49:35 PM) (Source: Microsoft-Windows-LoadPerf) (EventID: 3012) (User: NT AUTHORITY)

Description: Performance1637070000000000000000000009030000

 

Error: (08/07/2014 04:45:16 PM) (Source: WinMgmt) (EventID: 10) (User: )

Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

 

Error: (08/07/2014 04:44:53 PM) (Source: BstHdAndroidSvc) (EventID: 0) (User: )

Description: Service cannot be started. System.ApplicationException: Cannot start service.  Service did not stop gracefully the last time it was run.

   at BlueStacks.hyperDroid.Service.Service.OnStart(String[] args)

   at System.ServiceProcess.ServiceBase.ServiceQueuedMainCallback(Object state)

 

 

CodeIntegrity Errors:

===================================

  Date: 2014-01-05 16:22:22.735

  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume3\Program Files (x86)\Cheat Engine 6.1\dbk64.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

 

  Date: 2014-01-05 16:22:22.613

  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume3\Program Files (x86)\Cheat Engine 6.1\dbk64.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

 

  Date: 2014-01-05 16:09:19.903

  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume3\Program Files (x86)\Cheat Engine 6.1\dbk64.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

 

  Date: 2014-01-05 16:09:19.762

  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume3\Program Files (x86)\Cheat Engine 6.1\dbk64.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

 

  Date: 2014-01-05 15:57:08.760

  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume3\Program Files (x86)\Cheat Engine 6.1\dbk64.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

 

  Date: 2014-01-05 15:57:08.653

  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume3\Program Files (x86)\Cheat Engine 6.1\dbk64.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

 

 

==================== Memory info =========================== 

 

Percentage of memory in use: 53%

Total physical RAM: 8094.31 MB

Available physical RAM: 3725.59 MB

Total Pagefile: 34566.49 MB

Available Pagefile: 29361.18 MB

Total Virtual: 8192 MB

Available Virtual: 8191.81 MB

 

==================== Drives ================================

 

Drive c: (OS) (Fixed) (Total:456.98 GB) (Free:40.41 GB) NTFS

Drive d: (PERCY_JACKSON_LIGHTENING_THIEF) (CDROM) (Total:7.31 GB) (Free:0 GB) UDF

Drive e: (CENTON USB) (Removable) (Total:7.48 GB) (Free:5.75 GB) FAT32

 

==================== MBR & Partition Table ==================

 

========================================================

Disk: 0 (MBR Code: Windows 7 or Vista) (Size: 466 GB) (Disk ID: A67C0D91)

Partition 1: (Not Active) - (Size=39 MB) - (Type=DE)

Partition 2: (Active) - (Size=9 GB) - (Type=07 NTFS)

Partition 3: (Not Active) - (Size=457 GB) - (Type=07 NTFS)

 

========================================================

Disk: 1 (MBR Code: Windows XP) (Size: 7 GB) (Disk ID: C3072E18)

Partition 1: (Active) - (Size=7 GB) - (Type=0C)

 

==================== End Of Log ============================

Link to post
Share on other sites
deeprybka

deeprybka

Posted
Posted

Hi,

my idea for downloading the fixlist was the same way as you used for FRST. :)

Please try this:

 

Please download Rkill by Grinler with an other computer and save it to your flash drive. Copy RKill from there to the desktop of your infected PC.

  • Link 1
  • Link 2
    • Double-click on the Rkill desktop icon to run the tool.
    • If using Vista, right-click on it and Run As Administrator.
    • A black DOS box will briefly flash and then disappear. This is normal and indicates the tool ran successfully.
    • If not, delete the file, then download and use the one provided in Link 2.
    • If it does not work, repeat the process and attempt to use one of the remaining links until the tool runs.
    • If the tool does not run from any of the links provided, please let me know.
  • Do not reboot the computer, you will need to run the application again.
Link to post
Share on other sites
walia6

walia6

Posted
  • Author
Posted

sorry i had to go, here it is

 

Fix result of Farbar Recovery Tool (FRST written by Farbar) (x64) Version: 05-08-2014
Ran by Andre at 2014-08-07 23:22:05 Run:1
Running from E:\
Boot Mode: Normal
==============================================
 
Content of fixlist:
*****************
IFEO\AvastSvc.exe: [Debugger] nqij.exe
IFEO\AvastUI.exe: [Debugger] nqij.exe
IFEO\avcenter.exe: [Debugger] nqij.exe
IFEO\avconfig.exe: [Debugger] nqij.exe
IFEO\avgcsrvx.exe: [Debugger] nqij.exe
IFEO\avgidsagent.exe: [Debugger] nqij.exe
IFEO\avgnt.exe: [Debugger] nqij.exe
IFEO\avgrsx.exe: [Debugger] nqij.exe
IFEO\avguard.exe: [Debugger] nqij.exe
IFEO\avgui.exe: [Debugger] nqij.exe
IFEO\avgwdsvc.exe: [Debugger] nqij.exe
IFEO\avp.exe: [Debugger] nqij.exe
IFEO\avscan.exe: [Debugger] nqij.exe
IFEO\bdagent.exe: [Debugger] nqij.exe
IFEO\blindman.exe: [Debugger] nqij.exe
IFEO\ccuac.exe: [Debugger] nqij.exe
IFEO\ComboFix.exe: [Debugger] nqij.exe
IFEO\egui.exe: [Debugger] nqij.exe
IFEO\hijackthis.exe: [Debugger] nqij.exe
IFEO\instup.exe: [Debugger] nqij.exe
IFEO\keyscrambler.exe: [Debugger] nqij.exe
IFEO\mbam.exe: [Debugger] nqij.exe
IFEO\mbamgui.exe: [Debugger] nqij.exe
IFEO\mbampt.exe: [Debugger] nqij.exe
IFEO\mbamscheduler.exe: [Debugger] nqij.exe
IFEO\mbamservice.exe: [Debugger] nqij.exe
IFEO\MpCmdRun.exe: [Debugger] nqij.exe
IFEO\MSASCui.exe: [Debugger] nqij.exe
IFEO\MsMpEng.exe: [Debugger] nqij.exe
IFEO\msseces.exe: [Debugger] nqij.exe
IFEO\NisSrv.exe: [Debugger] nqij.exe
IFEO\rstrui.exe: [Debugger] nqij.exe
IFEO\SDFiles.exe: [Debugger] nqij.exe
IFEO\SDMain.exe: [Debugger] nqij.exe
IFEO\SDWinSec.exe: [Debugger] nqij.exe
IFEO\spybotsd.exe: [Debugger] nqij.exe
IFEO\wireshark.exe: [Debugger] nqij.exe
IFEO\zlclient.exe: [Debugger] nqij.exe
Reboot:
*****************
 
"HKLM\Software\microsoft\windows nt\currentversion\Image File Execution Options\AvastSvc.exe" => Key deleted successfully.
"HKLM\Software\microsoft\windows nt\currentversion\Image File Execution Options\AvastUI.exe" => Key deleted successfully.
"HKLM\Software\microsoft\windows nt\currentversion\Image File Execution Options\avcenter.exe" => Key deleted successfully.
"HKLM\Software\microsoft\windows nt\currentversion\Image File Execution Options\avconfig.exe" => Key deleted successfully.
"HKLM\Software\microsoft\windows nt\currentversion\Image File Execution Options\avgcsrvx.exe" => Key deleted successfully.
"HKLM\Software\microsoft\windows nt\currentversion\Image File Execution Options\avgidsagent.exe" => Key deleted successfully.
"HKLM\Software\microsoft\windows nt\currentversion\Image File Execution Options\avgnt.exe" => Key deleted successfully.
"HKLM\Software\microsoft\windows nt\currentversion\Image File Execution Options\avgrsx.exe" => Key deleted successfully.
"HKLM\Software\microsoft\windows nt\currentversion\Image File Execution Options\avguard.exe" => Key deleted successfully.
"HKLM\Software\microsoft\windows nt\currentversion\Image File Execution Options\avgui.exe" => Key deleted successfully.
"HKLM\Software\microsoft\windows nt\currentversion\Image File Execution Options\avgwdsvc.exe" => Key deleted successfully.
"HKLM\Software\microsoft\windows nt\currentversion\Image File Execution Options\avp.exe" => Key deleted successfully.
"HKLM\Software\microsoft\windows nt\currentversion\Image File Execution Options\avscan.exe" => Key deleted successfully.
"HKLM\Software\microsoft\windows nt\currentversion\Image File Execution Options\bdagent.exe" => Key deleted successfully.
"HKLM\Software\microsoft\windows nt\currentversion\Image File Execution Options\blindman.exe" => Key deleted successfully.
"HKLM\Software\microsoft\windows nt\currentversion\Image File Execution Options\ccuac.exe" => Key deleted successfully.
"HKLM\Software\microsoft\windows nt\currentversion\Image File Execution Options\ComboFix.exe" => Key deleted successfully.
"HKLM\Software\microsoft\windows nt\currentversion\Image File Execution Options\egui.exe" => Key deleted successfully.
"HKLM\Software\microsoft\windows nt\currentversion\Image File Execution Options\hijackthis.exe" => Key deleted successfully.
"HKLM\Software\microsoft\windows nt\currentversion\Image File Execution Options\instup.exe" => Key deleted successfully.
"HKLM\Software\microsoft\windows nt\currentversion\Image File Execution Options\keyscrambler.exe" => Key deleted successfully.
"HKLM\Software\microsoft\windows nt\currentversion\Image File Execution Options\mbam.exe" => Key deleted successfully.
"HKLM\Software\microsoft\windows nt\currentversion\Image File Execution Options\mbamgui.exe" => Key deleted successfully.
"HKLM\Software\microsoft\windows nt\currentversion\Image File Execution Options\mbampt.exe" => Key deleted successfully.
"HKLM\Software\microsoft\windows nt\currentversion\Image File Execution Options\mbamscheduler.exe" => Key deleted successfully.
"HKLM\Software\microsoft\windows nt\currentversion\Image File Execution Options\mbamservice.exe" => Key deleted successfully.
"HKLM\Software\microsoft\windows nt\currentversion\Image File Execution Options\MpCmdRun.exe" => Key deleted successfully.
"HKLM\Software\microsoft\windows nt\currentversion\Image File Execution Options\MSASCui.exe" => Key deleted successfully.
"HKLM\Software\microsoft\windows nt\currentversion\Image File Execution Options\MsMpEng.exe" => Key deleted successfully.
"HKLM\Software\microsoft\windows nt\currentversion\Image File Execution Options\msseces.exe" => Key deleted successfully.
"HKLM\Software\microsoft\windows nt\currentversion\Image File Execution Options\NisSrv.exe" => Key deleted successfully.
"HKLM\Software\microsoft\windows nt\currentversion\Image File Execution Options\rstrui.exe" => Key deleted successfully.
"HKLM\Software\microsoft\windows nt\currentversion\Image File Execution Options\SDFiles.exe" => Key deleted successfully.
"HKLM\Software\microsoft\windows nt\currentversion\Image File Execution Options\SDMain.exe" => Key deleted successfully.
"HKLM\Software\microsoft\windows nt\currentversion\Image File Execution Options\SDWinSec.exe" => Key deleted successfully.
"HKLM\Software\microsoft\windows nt\currentversion\Image File Execution Options\spybotsd.exe" => Key deleted successfully.
"HKLM\Software\microsoft\windows nt\currentversion\Image File Execution Options\wireshark.exe" => Key deleted successfully.
"HKLM\Software\microsoft\windows nt\currentversion\Image File Execution Options\zlclient.exe" => Key deleted successfully.
 
 
The system needed a reboot. 
 
==== End of Fixlog ====
Link to post
Share on other sites
deeprybka

deeprybka

Posted
Posted

OK,

Step 1

frst.pngfrstscan.png

Start FRST with administator privileges.

  • Make sure the following option is checked: addition.png
  • Press the Scan button.
  • When finished, FRST will produce two logs (FRST.txt and Addition.txt) in the same directory the tool was run from.

    Please copy and paste these logs in your next reply.

Link to post
Share on other sites
walia6

walia6

Posted
  • Author
Posted
Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 05-08-2014

Ran by Andre (administrator) on -THE_BEST_EVER- on 08-08-2014 17:02:33

Running from E:\

Platform: Windows 7 Home Premium Service Pack 1 (X64) OS Language: English (United States)

Internet Explorer Version 9

Boot Mode: Normal

 

The only official download link for FRST:



Download link from any site other than Bleeping Computer is unpermitted or outdated.


 

==================== Processes (Whitelisted) =================

 

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

 

(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe

(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe

(Logitech Inc.) C:\Program Files (x86)\Common Files\logishrd\LVMVFM\UMVPFSrv.exe

(Creative Technology Ltd) C:\Program Files (x86)\Creative\Shared Files\CTAudSvc.exe

(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe

(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe

(Microsoft Corporation) C:\Windows\System32\wlanext.exe

(Adobe Systems Incorporated) C:\Program Files (x86)\Adobe\Elements 10 Organizer\PhotoshopElementsFileAgent.exe

(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe

(Intel Corporation) C:\Program Files (x86)\Intel\Bluetooth\devmonsrv.exe

(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe

(BlueStack Systems, Inc.) C:\Program Files (x86)\BlueStacks\HD-LogRotatorService.exe

(BlueStack Systems, Inc.) C:\Program Files (x86)\BlueStacks\HD-UpdaterService.exe

(Microsoft Corporation) C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe

(Microsoft Corporation) C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe

(Creative Technology Ltd) C:\Windows\SysWOW64\CtHdaSvc.exe

(Intel® Corporation) C:\Program Files\Intel\WiFi\bin\EvtEng.exe

(Freemake) C:\Program Files (x86)\Freemake\CaptureLib\CaptureLibService.exe

(Intel® Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe

(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\Jhi_service.exe

(LogMeIn, Inc.) C:\Program Files (x86)\LogMeIn\x64\LMIGuardianSvc.exe

(LogMeIn, Inc.) C:\Program Files (x86)\LogMeIn\x64\ramaint.exe

() C:\Program Files\MySQL\MySQL Server 5.5\bin\mysqld.exe

() C:\Windows\SysWOW64\PnkBstrA.exe

(Intel® Corporation) C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe

(Razer Inc.) C:\Program Files (x86)\Razer\Razer Game Booster\RzKLService.exe

(SafeNet, Inc.) C:\Program Files (x86)\Common Files\SafeNet Sentinel\Sentinel Keys Server\sntlkeyssrvr.exe

(SafeNet, Inc) C:\Program Files (x86)\Common Files\SafeNet Sentinel\Sentinel Protection Server\WinNT\spnsrvnt.exe

(SafeNet, Inc.) C:\Program Files (x86)\Common Files\SafeNet Sentinel\Sentinel Security Runtime\sntlsrtsrvr.exe

(SoftThinks SAS) C:\Program Files (x86)\AlienRespawn\SftService.exe

(SpeedBit Ltd.) C:\Program Files (x86)\SpeedBit Video Accelerator\VideoAcceleratorService.exe

(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE

(Intel® Corporation) C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe

(Intel Corporation) C:\Program Files (x86)\Intel\Bluetooth\obexsrv.exe

(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE

(LogMeIn, Inc.) C:\Program Files (x86)\LogMeIn\x64\LogMeIn.exe

(LogMeIn, Inc.) C:\Program Files (x86)\LogMeIn\x64\LogMeInSystray.exe

(Curse) C:\Users\Andre\AppData\Local\Apps\2.0\PXG7Q190.YP7\NXTGM6Q8.C21\curs..tion_9e9e83ddf3ed3ead_0005.0001_36a9b6290e21932c\CurseClient.exe

(http://tortoisesvn.net) C:\Program Files\TortoiseSVN\bin\TSVNCache.exe

(SoftThinks - Dell) C:\Program Files (x86)\AlienRespawn\Toaster.exe

(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe

(SoftThinks - Dell) C:\Program Files (x86)\AlienRespawn\Components\DSUpdate\DSUpd.exe

() C:\Program Files (x86)\AlienRespawn\Components\Scheduler\STService.exe

(Google Inc.) C:\Users\Andre\AppData\Local\Google\Chrome\Application\old_chrome.exe

(Google Inc.) C:\Users\Andre\AppData\Local\Google\Chrome\Application\old_chrome.exe

(Google Inc.) C:\Users\Andre\AppData\Local\Google\Chrome\Application\old_chrome.exe

(Google Inc.) C:\Users\Andre\AppData\Local\Google\Chrome\Application\old_chrome.exe

(Google Inc.) C:\Users\Andre\AppData\Local\Google\Chrome\Application\old_chrome.exe

(Google Inc.) C:\Users\Andre\AppData\Local\Google\Chrome\Application\old_chrome.exe

(Google Inc.) C:\Users\Andre\AppData\Local\Google\Chrome\Application\old_chrome.exe

(Google Inc.) C:\Users\Andre\AppData\Local\Google\Chrome\Application\old_chrome.exe

(Google Inc.) C:\Users\Andre\AppData\Local\Google\Chrome\Application\old_chrome.exe

(Google Inc.) C:\Users\Andre\AppData\Local\Google\Chrome\Application\old_chrome.exe

(Alienware) C:\Program Files\Alienware\Command Center\AlienFusionService.exe

(Intel Corporation) C:\Program Files\Intel\BluetoothHS\BTHSAmpPalService.exe

(Intel® Corporation) C:\Program Files\Intel\BluetoothHS\BTHSSecurityMgr.exe

(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.22.3\GoogleCrashHandler.exe

(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe

(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.22.3\GoogleCrashHandler64.exe

(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe

(Alienware) C:\Program Files\Alienware\Command Center\AlienFusionController.exe

(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe

(Microsoft Corporation) C:\Windows\HelpPane.exe

(Google Inc.) C:\Users\Andre\AppData\Local\Google\Chrome\Application\old_chrome.exe

(Skype Technologies S.A.) C:\Program Files (x86)\Skype\Phone\Skype.exe

 

 

==================== Registry (Whitelisted) ==================

 

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

 

HKLM\...\Run: [] => [X]

HKLM\...\Run: [LogMeIn GUI] => C:\Program Files (x86)\LogMeIn\x64\LogMeInSystray.exe [57928 2012-04-02] (LogMeIn, Inc.)

Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)

HKU\S-1-5-21-1126745806-3093530448-7569978-1001\...\Policies\system: [LogonHoursAction] 2

HKU\S-1-5-21-1126745806-3093530448-7569978-1001\...\Policies\system: [DontDisplayLogonHoursWarnings] 1

HKU\S-1-5-21-1126745806-3093530448-7569978-1001\...\Winlogon: [shell] explorer.exe,"C:\Windows\Microsoft.NET\Framework\v2.0.50727\RegSvcs.exe" <==== ATTENTION 

AppInit_DLLs: c:\windows\system32\nvinitx.dll => c:\windows\system32\nvinitx.dll [260928 2012-03-25] (NVIDIA Corporation)

AppInit_DLLs-x32: c:\windows\syswow64\nvinit.dll => c:\windows\syswow64\nvinit.dll [215360 2012-03-25] (NVIDIA Corporation)

Startup: C:\Users\Andre\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\CurseClientStartup.ccip ()

SSODL: EldosMountNotificator - {5FF49FE8-B332-4CB9-B102-FB6951629E55} - C:\Windows\system32\CbFsMntNtf3.dll (EldoS Corporation)

SSODL-x32: EldosMountNotificator - {5FF49FE8-B332-4CB9-B102-FB6951629E55} - C:\Windows\SysWOW64\CbFsMntNtf3.dll (EldoS Corporation)

ShellIconOverlayIdentifiers:  AccExtIco1 -> {AB9CF9F8-8A96-4F9D-BF21-CE85714C3A47} => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSync\CoreSync_v_1_1_0_x64.dll ()

ShellIconOverlayIdentifiers:  AccExtIco2 -> {853B7E05-C47D-4985-909A-D0DC5C6D7303} => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSync\CoreSync_v_1_1_0_x64.dll ()

ShellIconOverlayIdentifiers:  AccExtIco3 -> {42D38F2E-98E9-4382-B546-E24E4D6D04BB} => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSync\CoreSync_v_1_1_0_x64.dll ()

ShellIconOverlayIdentifiers:  SkyDrive1 -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => C:\Users\Andre\AppData\Local\Microsoft\SkyDrive\16.4.6013.0910\amd64\SkyDriveShell64.dll (Microsoft Corporation)

ShellIconOverlayIdentifiers:  SkyDrive2 -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => C:\Users\Andre\AppData\Local\Microsoft\SkyDrive\16.4.6013.0910\amd64\SkyDriveShell64.dll (Microsoft Corporation)

ShellIconOverlayIdentifiers:  SkyDrive3 -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => C:\Users\Andre\AppData\Local\Microsoft\SkyDrive\16.4.6013.0910\amd64\SkyDriveShell64.dll (Microsoft Corporation)

ShellIconOverlayIdentifiers: 1TortoiseNormal -> {C5994560-53D9-4125-87C9-F193FC689CB2} => C:\Program Files\Common Files\TortoiseOverlays\TortoiseOverlays.dll (http://tortoisesvn.net)

ShellIconOverlayIdentifiers: 2TortoiseModified -> {C5994561-53D9-4125-87C9-F193FC689CB2} => C:\Program Files\Common Files\TortoiseOverlays\TortoiseOverlays.dll (http://tortoisesvn.net)

ShellIconOverlayIdentifiers: 3TortoiseConflict -> {C5994562-53D9-4125-87C9-F193FC689CB2} => C:\Program Files\Common Files\TortoiseOverlays\TortoiseOverlays.dll (http://tortoisesvn.net)

ShellIconOverlayIdentifiers: 4TortoiseLocked -> {C5994563-53D9-4125-87C9-F193FC689CB2} => C:\Program Files\Common Files\TortoiseOverlays\TortoiseOverlays.dll (http://tortoisesvn.net)

ShellIconOverlayIdentifiers: 5TortoiseReadOnly -> {C5994564-53D9-4125-87C9-F193FC689CB2} => C:\Program Files\Common Files\TortoiseOverlays\TortoiseOverlays.dll (http://tortoisesvn.net)

ShellIconOverlayIdentifiers: 6TortoiseDeleted -> {C5994565-53D9-4125-87C9-F193FC689CB2} => C:\Program Files\Common Files\TortoiseOverlays\TortoiseOverlays.dll (http://tortoisesvn.net)

ShellIconOverlayIdentifiers: 7TortoiseAdded -> {C5994566-53D9-4125-87C9-F193FC689CB2} => C:\Program Files\Common Files\TortoiseOverlays\TortoiseOverlays.dll (http://tortoisesvn.net)

ShellIconOverlayIdentifiers: 8TortoiseIgnored -> {C5994567-53D9-4125-87C9-F193FC689CB2} => C:\Program Files\Common Files\TortoiseOverlays\TortoiseOverlays.dll (http://tortoisesvn.net)

ShellIconOverlayIdentifiers: 9TortoiseUnversioned -> {C5994568-53D9-4125-87C9-F193FC689CB2} => C:\Program Files\Common Files\TortoiseOverlays\TortoiseOverlays.dll (http://tortoisesvn.net)

ShellIconOverlayIdentifiers: DropboxExt1 -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Andre\AppData\Roaming\Dropbox\bin\DropboxExt64.22.dll (Dropbox, Inc.)

ShellIconOverlayIdentifiers: DropboxExt2 -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Andre\AppData\Roaming\Dropbox\bin\DropboxExt64.22.dll (Dropbox, Inc.)

ShellIconOverlayIdentifiers: DropboxExt3 -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Andre\AppData\Roaming\Dropbox\bin\DropboxExt64.22.dll (Dropbox, Inc.)

ShellIconOverlayIdentifiers: DropboxExt4 -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Andre\AppData\Roaming\Dropbox\bin\DropboxExt64.22.dll (Dropbox, Inc.)

ShellIconOverlayIdentifiers: EldosIconOverlay -> {5BB532A2-BF14-4CCC-86B7-71B81EF6F8BC} => C:\Windows\system32\CbFsMntNtf3.dll (EldoS Corporation)

ShellIconOverlayIdentifiers-x32:  SkyDrive1 -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => C:\Users\Andre\AppData\Local\Microsoft\SkyDrive\16.4.6013.0910\SkyDriveShell.dll (Microsoft Corporation)

ShellIconOverlayIdentifiers-x32:  SkyDrive2 -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => C:\Users\Andre\AppData\Local\Microsoft\SkyDrive\16.4.6013.0910\SkyDriveShell.dll (Microsoft Corporation)

ShellIconOverlayIdentifiers-x32:  SkyDrive3 -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => C:\Users\Andre\AppData\Local\Microsoft\SkyDrive\16.4.6013.0910\SkyDriveShell.dll (Microsoft Corporation)

ShellIconOverlayIdentifiers-x32: 1TortoiseNormal -> {C5994560-53D9-4125-87C9-F193FC689CB2} => C:\Program Files (x86)\Common Files\TortoiseOverlays\TortoiseOverlays.dll (http://tortoisesvn.net)

ShellIconOverlayIdentifiers-x32: 2TortoiseModified -> {C5994561-53D9-4125-87C9-F193FC689CB2} => C:\Program Files (x86)\Common Files\TortoiseOverlays\TortoiseOverlays.dll (http://tortoisesvn.net)

ShellIconOverlayIdentifiers-x32: 3TortoiseConflict -> {C5994562-53D9-4125-87C9-F193FC689CB2} => C:\Program Files (x86)\Common Files\TortoiseOverlays\TortoiseOverlays.dll (http://tortoisesvn.net)

ShellIconOverlayIdentifiers-x32: 4TortoiseLocked -> {C5994563-53D9-4125-87C9-F193FC689CB2} => C:\Program Files (x86)\Common Files\TortoiseOverlays\TortoiseOverlays.dll (http://tortoisesvn.net)

ShellIconOverlayIdentifiers-x32: 5TortoiseReadOnly -> {C5994564-53D9-4125-87C9-F193FC689CB2} => C:\Program Files (x86)\Common Files\TortoiseOverlays\TortoiseOverlays.dll (http://tortoisesvn.net)

ShellIconOverlayIdentifiers-x32: 6TortoiseDeleted -> {C5994565-53D9-4125-87C9-F193FC689CB2} => C:\Program Files (x86)\Common Files\TortoiseOverlays\TortoiseOverlays.dll (http://tortoisesvn.net)

ShellIconOverlayIdentifiers-x32: 7TortoiseAdded -> {C5994566-53D9-4125-87C9-F193FC689CB2} => C:\Program Files (x86)\Common Files\TortoiseOverlays\TortoiseOverlays.dll (http://tortoisesvn.net)

ShellIconOverlayIdentifiers-x32: 8TortoiseIgnored -> {C5994567-53D9-4125-87C9-F193FC689CB2} => C:\Program Files (x86)\Common Files\TortoiseOverlays\TortoiseOverlays.dll (http://tortoisesvn.net)

ShellIconOverlayIdentifiers-x32: 9TortoiseUnversioned -> {C5994568-53D9-4125-87C9-F193FC689CB2} => C:\Program Files (x86)\Common Files\TortoiseOverlays\TortoiseOverlays.dll (http://tortoisesvn.net)

ShellIconOverlayIdentifiers-x32: DropboxExt1 -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Andre\AppData\Roaming\Dropbox\bin\DropboxExt.22.dll (Dropbox, Inc.)

ShellIconOverlayIdentifiers-x32: DropboxExt2 -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Andre\AppData\Roaming\Dropbox\bin\DropboxExt.22.dll (Dropbox, Inc.)

ShellIconOverlayIdentifiers-x32: DropboxExt3 -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Andre\AppData\Roaming\Dropbox\bin\DropboxExt.22.dll (Dropbox, Inc.)

ShellIconOverlayIdentifiers-x32: DropboxExt4 -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Andre\AppData\Roaming\Dropbox\bin\DropboxExt.22.dll (Dropbox, Inc.)

ShellIconOverlayIdentifiers-x32: EldosIconOverlay -> {5BB532A2-BF14-4CCC-86B7-71B81EF6F8BC} => C:\Windows\SysWOW64\CbFsMntNtf3.dll (EldoS Corporation)

GroupPolicy: Group Policy on Chrome detected <======= ATTENTION

GroupPolicyUsers\S-1-5-21-1126745806-3093530448-7569978-1000\User: Group Policy restriction detected <======= ATTENTION

 

==================== Internet (Whitelisted) ====================

 

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

 

ProxyServer:




HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://AlienwareArena.com

HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://searchy.easylifeapp.com/

HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = http://AlienwareArena.com

HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = http://AlienwareArena.com

HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Secondary Start Pages = 

StartMenuInternet: IEXPLORE.EXE - C:\Program Files (x86)\Internet Explorer\iexplore.exe





SearchScopes: HKCU - DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 


BHO: No Name -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} ->  No File

BHO: DigiSaver -> {32C7CEDA-CB8B-3E5F-39EE-424868841A59} -> C:\ProgramData\DigiSaver\KZX.x64.dll ()

BHO: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation)

BHO: Java Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)

BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)

BHO: TidyNetwork -> {A5BFBCA7-BB24-32B8-DDD9-C297FF1DF128} -> C:\Program Files (x86)\TidyNetwork\petn64.dll ()

BHO: DDiscouuntEaxteNsi -> {AB4AB13C-341D-D7B8-CBDF-4D46C2624E5F} -> C:\ProgramData\DDiscouuntEaxteNsi\fJ.x64.dll ()

BHO: ReaguLaarDeals -> {AC8510C9-E032-CE40-D602-7DAC54049F07} -> C:\ProgramData\ReaguLaarDeals\HGBu8WEX.x64.dll ()

BHO: Skype Click to Call for Internet Explorer -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll (Microsoft Corporation)

BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)

BHO: No Name -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} ->  No File

BHO: Greattsaver -> {D343E8E3-B418-E1BE-D712-8FB10F7F4030} -> C:\Program Files (x86)\Greattsaver\cEV8YKpEgS.x64.dll No File

BHO: Java Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)

BHO: ShopuDrop -> {FBD99D9E-C256-47EF-03D5-5364990CB346} -> C:\ProgramData\ShopuDrop\Tkh.x64.dll ()

BHO-x32: No Name -> {0E1230F8-EA50-42A9-983C-D22ABC2EED3B} ->  No File

BHO-x32: Adobe PDF Link Helper -> {18DF081C-E8AD-4283-A596-FA578C2EBDC3} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll (Adobe Systems Incorporated)

BHO-x32: DigiSaver -> {32C7CEDA-CB8B-3E5F-39EE-424868841A59} -> C:\ProgramData\DigiSaver\KZX.dll ()

BHO-x32: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files (x86)\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation)

BHO-x32: Java Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)

BHO-x32: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)

BHO-x32: TidyNetwork -> {A5BFBCA7-BB24-32B8-DDD9-C297FF1DF128} -> C:\Program Files (x86)\TidyNetwork\petn.dll ()

BHO-x32: DDiscouuntEaxteNsi -> {AB4AB13C-341D-D7B8-CBDF-4D46C2624E5F} -> C:\ProgramData\DDiscouuntEaxteNsi\fJ.dll ()

BHO-x32: ReaguLaarDeals -> {AC8510C9-E032-CE40-D602-7DAC54049F07} -> C:\ProgramData\ReaguLaarDeals\HGBu8WEX.dll ()

BHO-x32: Skype Click to Call for Internet Explorer -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll (Microsoft Corporation)

BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)

BHO-x32: Greattsaver -> {D343E8E3-B418-E1BE-D712-8FB10F7F4030} -> C:\Program Files (x86)\Greattsaver\cEV8YKpEgS.dll No File

BHO-x32: Java Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)

BHO-x32: Freemake.YoutubeButton -> {e9e8eb35-ff77-455d-b677-91e5e4fc06c2} -> C:\Windows\SysWOW64\mscoree.dll (Microsoft Corporation)

BHO-x32: ShopuDrop -> {FBD99D9E-C256-47EF-03D5-5364990CB346} -> C:\ProgramData\ShopuDrop\Tkh.dll ()

Toolbar: HKLM - No Name - {ae07101b-46d4-4a98-af68-0333ea26e113} -  No File

Toolbar: HKLM-x32 - No Name - {ae07101b-46d4-4a98-af68-0333ea26e113} -  No File

Toolbar: HKCU - No Name - {37483B40-C254-4A72-BDA4-22EE90182C1E} -  No File

Handler: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll (Microsoft Corporation)

Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)

Handler-x32: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll (Microsoft Corporation)

Winsock: Catalog9 01 C:\Program Files (x86)\SpeedBit Video Accelerator\SBLSP.dll [168136] (SpeedBit)

Winsock: Catalog9 02 C:\Program Files (x86)\SpeedBit Video Accelerator\SBLSP.dll [168136] (SpeedBit)

Winsock: Catalog9 03 C:\Program Files (x86)\SpeedBit Video Accelerator\SBLSP.dll [168136] (SpeedBit)

Winsock: Catalog9 04 C:\Program Files (x86)\SpeedBit Video Accelerator\SBLSP.dll [168136] (SpeedBit)

Winsock: Catalog9 05 C:\Program Files (x86)\SpeedBit Video Accelerator\SBLSP.dll [168136] (SpeedBit)

Winsock: Catalog9 06 C:\Program Files (x86)\SpeedBit Video Accelerator\SBLSP.dll [168136] (SpeedBit)

Winsock: Catalog9 07 C:\Program Files (x86)\SpeedBit Video Accelerator\SBLSP.dll [168136] (SpeedBit)

Winsock: Catalog9 08 C:\Program Files (x86)\SpeedBit Video Accelerator\SBLSP.dll [168136] (SpeedBit)

Winsock: Catalog9 20 C:\Program Files (x86)\SpeedBit Video Accelerator\SBLSP.dll [168136] (SpeedBit)

Tcpip\Parameters: [DhcpNameServer] 192.168.1.254

 

FireFox:

========

FF ProfilePath: C:\Users\Andre\AppData\Roaming\Mozilla\Firefox\Profiles\coidgl52.default

FF NewTab: about:blank

FF DefaultSearchEngine: Web Search

FF SelectedSearchEngine: Web Search

FF Homepage: hxxp://feed.helperbar.com/?p=mKO_AwFzXIpYRbPPq_NcKDZkQXPy4TZR44LspvC9sb99JtP_8ppO11zBlE0vSwAF7Y427VRNSixQ_aBoKQt8ZzrFdaF6XXC9JlY-3WgTCwzNoF0GxMIn_cziLFHmnZAsN-JQb7_yfxbqxx64jqvGdl5qepFWUqRog_R4Qhi-FxBp2tnpFk7Aeqj3FOC4

FF Keyword.URL: hxxp://feed.helperbar.com/?p=mKO_AwFzXIpYRbPPq_NcKDZkQXPy4TZR44LspvC9sb99JtP_8ppO11zBlE0vSwAF7Y427VRNSixQ_aBoKQt8ZzrFdaF6XXC9JlY-3WgTCwzNoF0GxMIn_cziLFHmnZzjdTYLTwyqHyzq_-5Zv-Do8h2z0fYIg2uLT19NbdtAh1v9bD2QJNH_osFCRZI7&q=

FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_13_0_0_214.dll ()

FF Plugin: @java.com/DTPlugin,version=10.10.2 -> C:\Windows\system32\npDeployJava1.dll (Oracle Corporation)

FF Plugin: @java.com/JavaPlugin,version=10.10.2 -> C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)

FF Plugin: @microsoft.com/GENUINE -> disabled No File

FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.20513.0\npctrl.dll ( Microsoft Corporation)

FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~1\MIF5BA~1\Office14\NPAUTHZ.DLL (Microsoft Corporation)

FF Plugin: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect64.dll (Adobe Systems)

FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_13_0_0_214.dll ()

FF Plugin-x32: @Apple.com/iTunes,version=1.0 -> C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()

FF Plugin-x32: @garmin.com/GpsControl -> C:\Program Files (x86)\Garmin GPS Plugin\npGarmin.dll (GARMIN Corp.)

FF Plugin-x32: @Google.com/GoogleEarthPlugin -> C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google)

FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=2.0.59 -> C:\Program Files (x86)\Intel\Intel® Management Engine Components\IPT\npIntelWebAPIIPT.dll (Intel Corporation)

FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel® Management Engine Components\IPT\npIntelWebAPIUpdater.dll (Intel Corporation)

FF Plugin-x32: @java.com/DTPlugin,version=10.21.2 -> C:\Windows\SysWOW64\npDeployJava1.dll (Oracle Corporation)

FF Plugin-x32: @java.com/JavaPlugin,version=10.21.2 -> C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)

FF Plugin-x32: @microsoft.com/GENUINE -> disabled No File

FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.20513.0\npctrl.dll ( Microsoft Corporation)

FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~2\MIF5BA~1\Office14\NPAUTHZ.DLL (Microsoft Corporation)

FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MIF5BA~1\Office14\NPSPWRAP.DLL (Microsoft Corporation)

FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3508.0205 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)

FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)

FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)

FF Plugin-x32: @pandonetworks.com/PandoWebPlugin -> C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks)

FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.22.3\npGoogleUpdate3.dll (Google Inc.)

FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.22.3\npGoogleUpdate3.dll (Google Inc.)

FF Plugin-x32: @wolfram.com/Mathematica -> C:\Program Files (x86)\Common Files\Wolfram Research\Browser\9.0.1.4055459\npmathplugin.dll (Wolfram Research, Inc.)

FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)

FF Plugin-x32: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect32.dll (Adobe Systems)

FF Plugin HKCU: @nsroblox.roblox.com/launcher - C:\Program Files (x86)\Roblox\Versions\version-a21a1def88774149\\NPRobloxProxy.dll ( ROBLOX Corporation)

FF Plugin HKCU: @tools.google.com/Google Update;version=3 - C:\Users\Andre\AppData\Local\Google\Update\1.3.22.3\npGoogleUpdate3.dll (Google Inc.)

FF Plugin HKCU: @tools.google.com/Google Update;version=9 - C:\Users\Andre\AppData\Local\Google\Update\1.3.22.3\npGoogleUpdate3.dll (Google Inc.)

FF Plugin HKCU: @unity3d.com/UnityPlayer,version=1.0 - C:\Users\Andre\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll (Unity Technologies ApS)

FF Plugin HKCU: pandonetworks.com/PandoWebPlugin - C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks)

FF user.js: detected! => C:\Users\Andre\AppData\Roaming\Mozilla\Firefox\Profiles\coidgl52.default\user.js

FF SearchPlugin: C:\Users\Andre\AppData\Roaming\Mozilla\Firefox\Profiles\coidgl52.default\searchplugins\Web Search.xml

FF Extension: ReGualarDEals - C:\Users\Andre\AppData\Roaming\Mozilla\Firefox\Profiles\coidgl52.default\Extensions\kpqo.3aai@zks-eiii.org [2014-07-02]

FF Extension: FunnDEals - C:\Users\Andre\AppData\Roaming\Mozilla\Firefox\Profiles\coidgl52.default\Extensions\v_h@euoauaue.com [2014-06-13]

FF Extension: Adblock Plus - C:\Users\Andre\AppData\Roaming\Mozilla\Firefox\Profiles\coidgl52.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2012-11-18]

FF Extension: Skype Click to Call - C:\Program Files (x86)\Mozilla Firefox\browser\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}.xpi [2014-07-14]

FF HKLM\...\Firefox\Extensions: [{336D0C35-8A85-403a-B9D2-65C292C39087}] - C:\Program Files\Web Assistant\Firefox

FF HKLM\...\Firefox\Extensions: [{FE1DEEEA-DB6D-44b8-83F0-34FC0F9D1052}] - C:\Program Files\Web Assistant\Firefox

FF HKLM-x32\...\Firefox\Extensions: [{336D0C35-8A85-403a-B9D2-65C292C39087}] - C:\Program Files\Web Assistant\Firefox

FF HKLM-x32\...\Firefox\Extensions: [fmdownloader@gmail.com] - C:\Program Files (x86)\Freemake\Freemake Video Downloader\BrowserPlugin\Firefox\fmdownloader@gmail.com

FF Extension: Freemake Video Downloader Plugin - C:\Program Files (x86)\Freemake\Freemake Video Downloader\BrowserPlugin\Firefox\fmdownloader@gmail.com [2012-11-12]

FF HKLM-x32\...\Firefox\Extensions: [ytfmdownloader@gmail.com] - C:\Program Files (x86)\Freemake\Freemake Video Downloader\BrowserPlugin\Firefox\ytfmdownloader@gmail.com

FF Extension: Freemake Youtube Download Button - C:\Program Files (x86)\Freemake\Freemake Video Downloader\BrowserPlugin\Firefox\ytfmdownloader@gmail.com [2012-11-12]

FF HKLM-x32\...\Firefox\Extensions: [{FE1DEEEA-DB6D-44b8-83F0-34FC0F9D1052}] - C:\Program Files\Web Assistant\Firefox

 

Chrome: 

=======

CHR HomePage: hxxp://www.google.com/

CHR StartupUrls: "hxxp://search.conduit.com/?ctid=CT2801948&SearchSource=48", "hxxp://www.searchamong.com/", "hxxp://home.sweetim.com/?st=6&barid={7689942F-62CB-11E2-AD0A-685D43608735}", "hxxp://www.google.com/", "hxxp://searchy.easylifeapp.com/"

CHR Extension: (Google Docs) - C:\Users\Andre\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2014-07-30]

CHR Extension: (Google Drive) - C:\Users\Andre\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2013-03-19]

CHR Extension: (YouTube) - C:\Users\Andre\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2013-03-19]

CHR Extension: (Adblock Plus) - C:\Users\Andre\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2014-07-31]

CHR Extension: (AdBlock+) - C:\Users\Andre\AppData\Local\Google\Chrome\User Data\Default\Extensions\chmimgmjdabgiilljdjfbonifbhiglao [2014-07-31]

CHR Extension: (Google Search) - C:\Users\Andre\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2013-03-19]

CHR Extension: (Lamborghini Cherry ) - C:\Users\Andre\AppData\Local\Google\Chrome\User Data\Default\Extensions\dkkklbgbfaeockpgbkleblklmcjdbnbj [2014-07-31]

CHR Extension: (WebFilter Pro - The best filtering addon!) - C:\Users\Andre\AppData\Local\Google\Chrome\User Data\Default\Extensions\ejgfoklefkbjadjcgjmnhfbdfjolojnn [2014-07-31]

CHR Extension: (Stylish) - C:\Users\Andre\AppData\Local\Google\Chrome\User Data\Default\Extensions\fjnbnpbmkenffdnngjfgmeleoegfcffe [2014-07-31]

CHR Extension: (AdBlock) - C:\Users\Andre\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2014-07-31]

CHR Extension: (New Tab Redirect) - C:\Users\Andre\AppData\Local\Google\Chrome\User Data\Default\Extensions\icpgjfneehieebagbmdbhnlpiopdcmna [2014-07-31]

CHR Extension: (Skype Click to Call) - C:\Users\Andre\AppData\Local\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl [2014-03-03]

CHR Extension: (Gmail) - C:\Users\Andre\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2013-03-19]

CHR HKLM\...\Chrome\Extension: [bbjciahceamgodcoidkjpchnokgfpphh] - C:\Users\Andre\AppData\Local\funmoods.crx [2013-03-19]

CHR HKLM\...\Chrome\Extension: [dlnembnfbcpjnepmfjmngjenhhajpdfd] - C:\Program Files\Web Assistant\source.crx [2013-03-19]

CHR HKCU\...\Chrome\Extension: [gclijllifhfpomppedeljakfegbcpojn] - C:\Users\Andre\AppData\Local\CRE\gclijllifhfpomppedeljakfegbcpojn.crx [2012-09-20]

CHR HKLM-x32\...\Chrome\Extension: [bpegkgagfojjbcpkihigfmkojdmmimdf] - C:\Program Files (x86)\Freemake\Freemake Video Downloader\BrowserPlugin\Chrome\Freemake.Plugin.Chrome.crx [2012-11-12]

CHR HKLM-x32\...\Chrome\Extension: [dlnembnfbcpjnepmfjmngjenhhajpdfd] - C:\Program Files\Web Assistant\source.crx [2012-11-12]

CHR HKLM-x32\...\Chrome\Extension: [ehgldbbpchgpcfagfpfjgoomddhccfgh] - C:\Program Files (x86)\Freemake\Freemake Video Downloader\BrowserPlugin\Chrome\ChromeYoutubePlugin.crx [2012-11-12]

CHR HKLM-x32\...\Chrome\Extension: [gclijllifhfpomppedeljakfegbcpojn] - C:\Users\Andre\AppData\Local\CRE\gclijllifhfpomppedeljakfegbcpojn.crx [2012-09-20]

CHR HKLM-x32\...\Chrome\Extension: [glnobgflmgdgipgcdgjpfbhinmhdpbce] - C:\ProgramData\ADDICT-THING\glnobgflmgdgipgcdgjpfbhinmhdpbce.crx [2012-06-24]

CHR HKLM-x32\...\Chrome\Extension: [lifbcibllhkdhoafpjfnlhfpfgnpldfl] - C:\Program Files (x86)\Skype\Toolbars\ChromeExtension\skype_chrome_extension.crx [2014-07-14]

CHR HKLM-x32\...\Chrome\Extension: [ogccgbmabaphcakpiclgcnmcnimhokcj] - C:\Users\Andre\AppData\Local\Google\Chrome\User Data\Default\External Extensions\{EEE6C373-6118-11DC-9C72-001320C79847}\SweetNT.crx [2014-07-14]

CHR StartMenuInternet: Google Chrome - C:\Users\Andre\AppData\Local\Google\Chrome\Application\chrome.exe

CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION

 

==================== Services (Whitelisted) =================

 

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

 

R2 AdobeActiveFileMonitor10.0; C:\Program Files (x86)\Adobe\Elements 10 Organizer\PhotoshopElementsFileAgent.exe [169624 2011-09-14] (Adobe Systems Incorporated)

S2 BstHdAndroidSvc; C:\Program Files (x86)\BlueStacks\HD-Service.exe [402192 2014-03-13] (BlueStack Systems, Inc.)

R2 BstHdLogRotatorSvc; C:\Program Files (x86)\BlueStacks\HD-LogRotatorService.exe [385808 2014-03-13] (BlueStack Systems, Inc.)

R2 BstHdUpdaterSvc; C:\Program Files (x86)\BlueStacks\HD-UpdaterService.exe [770832 2014-03-13] (BlueStack Systems, Inc.)

R2 c2cautoupdatesvc; C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe [1390176 2014-07-14] (Microsoft Corporation)

R2 c2cpnrsvc; C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe [1767520 2014-07-14] (Microsoft Corporation)

S2 CLKMSVC10_9EC60124; c:\Program Files (x86)\CyberLink\PowerDVD9\NavFilter\kmsvc.exe [248304 2011-12-16] (CyberLink)

S3 Creative ALchemy AL6 Licensing Service; C:\Program Files (x86)\Common Files\Creative Labs Shared\Service\AL6Licensing.exe [79360 2012-06-10] (Creative Labs) [File not signed]

S3 Creative Audio Engine Licensing Service; C:\Program Files (x86)\Common Files\Creative Labs Shared\Service\CTAELicensing.exe [79360 2012-06-10] (Creative Labs) [File not signed]

R2 CTAudSvcService; c:\Program Files (x86)\Creative\Shared Files\CTAudSvc.exe [423424 2011-10-19] (Creative Technology Ltd) [File not signed]

R2 CtHdaSvc; C:\Windows\sysWow64\CtHdaSvc.exe [122880 2012-03-27] (Creative Technology Ltd)

R2 FreemakeVideoCapture; C:\Program Files (x86)\Freemake\CaptureLib\CaptureLibService.exe [8704 2012-09-07] (Freemake) [File not signed]

S3 IDriverT; C:\Program Files (x86)\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe [73728 2004-10-22] (Macrovision Corporation) [File not signed]

R2 jhi_service; C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\jhi_service.exe [161560 2012-02-01] (Intel Corporation)

R2 LMIGuardianSvc; C:\Program Files (x86)\LogMeIn\x64\LMIGuardianSvc.exe [376144 2014-07-16] (LogMeIn, Inc.)

R2 LMIMaint; C:\Program Files (x86)\LogMeIn\x64\RaMaint.exe [226640 2014-07-16] (LogMeIn, Inc.)

R2 LogMeIn; C:\Program Files (x86)\LogMeIn\x64\LogMeIn.exe [407424 2012-04-02] (LogMeIn, Inc.)

S2 MsMpSvc; c:\Program Files\Microsoft Security Client\MsMpEng.exe [22056 2013-01-27] () [File not signed]

R2 MySQLAndre; C:\ProgramData\MySQL\MySQL Server 5.5\my.ini [9177 2012-07-18] () [File not signed]

S3 MyWiFiDHCPDNS; C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe [273168 2012-02-26] ()

S3 NisSrv; c:\Program Files\Microsoft Security Client\NisSrv.exe [379360 2013-01-27] () [File not signed]

R2 PnkBstrA; C:\Windows\SysWOW64\PnkBstrA.exe [76888 2012-09-23] ()

R2 RzKLService; C:\Program Files (x86)\Razer\Razer Game Booster\RzKLService.exe [105448 2014-02-25] (Razer Inc.)

R2 SentinelKeysServer; C:\Program Files (x86)\Common Files\SafeNet Sentinel\Sentinel Keys Server\sntlkeyssrvr.exe [369952 2009-09-17] (SafeNet, Inc.)

R2 SentinelProtectionServer; C:\Program Files (x86)\Common Files\SafeNet Sentinel\Sentinel Protection Server\WinNT\spnsrvnt.exe [1246496 2009-09-17] (SafeNet, Inc)

R2 SentinelSecurityRuntime; C:\Program Files (x86)\Common Files\SafeNet Sentinel\Sentinel Security Runtime\sntlsrtsrvr.exe [292128 2009-09-17] (SafeNet, Inc.)

S3 SwitchBoard; C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Adobe Systems Incorporated) [File not signed]

R2 VideoAcceleratorService; C:\Program Files (x86)\SpeedBit Video Accelerator\VideoAcceleratorService.exe [265928 2012-06-28] (SpeedBit Ltd.)

R2 ZeroConfigService; C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe [2669840 2012-02-26] (Intel® Corporation)

S4 McComponentHostService; "C:\Program Files (x86)\McAfee Security Scan\3.0.207\McCHSvc.exe" [X]

S4 Web Assistant Updater; C:\Program Files\Web Assistant\ExtensionUpdaterService.exe [X]

S2 WebOptimizer; %SystemRoot%\system32\dmwu.exe [X]

 

==================== Drivers (Whitelisted) ====================

 

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

 

R2 BstHdDrv; C:\Program Files (x86)\BlueStacks\HD-Hypervisor-amd64.sys [121616 2014-03-13] (BlueStack Systems)

R3 cbfs3; C:\Windows\System32\DRIVERS\cbfs3.sys [352144 2012-04-09] (EldoS Corporation)

S3 cpudrv64; C:\Program Files (x86)\SystemRequirementsLab\cpudrv64.sys [17864 2011-06-02] ()

R3 cthda; C:\Windows\System32\drivers\cthda.sys [1052760 2012-03-27] (Creative Technology Ltd)

R2 LMIInfo; C:\Program Files (x86)\LogMeIn\x64\RaInfo.sys [16056 2014-02-07] (LogMeIn, Inc.)

S4 LMIRfsClientNP; No ImagePath

R0 MpFilter; C:\Windows\System32\DRIVERS\MpFilter.sys [230320 2013-01-20] (Microsoft Corporation)

R2 NisDrv; C:\Windows\System32\DRIVERS\NisDrvWFP.sys [130008 2013-01-20] (Microsoft Corporation)

R2 npf; C:\Windows\System32\drivers\npf.sys [35344 2011-02-11] (CACE Technologies, Inc.)

R1 nvkflt; C:\Windows\System32\DRIVERS\nvkflt.sys [249152 2012-03-25] (NVIDIA Corporation)

R2 Sentinel64; C:\Windows\System32\Drivers\Sentinel64.sys [145448 2009-09-17] (SafeNet, Inc.)

S3 Serial; C:\Windows\system32\drivers\serial.sys [94208 2009-07-13] (Brother Industries Ltd.)

R3 ST_ACCEL; C:\Windows\System32\DRIVERS\ST_ACCEL.sys [67184 2012-01-03] (STMicroelectronics)

S3 amdkmdap; system32\DRIVERS\atikmpag.sys [X]

S3 CEDRIVER60; \??\C:\Program Files (x86)\Cheat Engine 6.1\dbk64.sys [X]

S0x01000000 papycpu2; \SystemRoot\System32\DRIVERS\papycpu2.sys [X]

S0x01000000 papyjoy; \SystemRoot\System32\DRIVERS\papyjoy.sys [X]

S3 WinRing0_1_2_0; \??\C:\Program Files (x86)\IObit\Game Booster 3\Driver\WinRing0x64.sys [X]

 

==================== NetSvcs (Whitelisted) ===================

 

(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)

 

 

==================== One Month Created Files and Folders ========

 

(If an entry is included in the fixlist, the file\folder will be moved.)

 

2018-03-02 00:33 - 2018-03-02 00:33 - 00000000 ____D () C:\Users\Andre\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dell

2014-08-07 21:41 - 2014-08-07 21:41 - 00000200 _____ () C:\Users\Andre\Desktop\Call of Duty.url

2014-08-07 21:33 - 2014-08-07 21:42 - 00000058 _____ () C:\Users\Andre\Desktop\kk.txt

2014-08-07 18:56 - 2014-08-07 18:56 - 00000000 ____D () C:\Program Files (x86)\greaatsaver

2014-08-07 18:56 - 2014-08-07 18:56 - 00000000 ____D () C:\Program Files (x86)\BBITSaver

2014-08-07 18:23 - 2014-08-08 17:02 - 00000000 ____D () C:\FRST

2014-08-07 17:39 - 2014-08-07 17:39 - 02094080 _____ (Farbar) C:\Users\Andre\Downloads\FRST64.exe

2014-08-07 17:39 - 2014-08-07 17:39 - 02094080 _____ () C:\Users\Andre\Downloads\FRST64(1).exe

2014-08-07 17:28 - 2014-08-07 17:28 - 00000000 ____D () C:\Users\Andre\Downloads\Avatar [720p]

2014-08-06 22:42 - 2013-03-02 16:59 - 00000318 _____ () C:\Users\Andre\Desktop\Curse Client.appref-ms

2014-08-06 22:41 - 2014-08-08 15:50 - 00001006 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\LogMeIn Client.lnk

2014-08-06 22:41 - 2014-08-08 15:50 - 00000990 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\LogMeIn Control Panel.lnk

2014-08-06 22:39 - 2014-08-06 22:39 - 00000000 ____D () C:\Users\Andre\AppData\Roaming\library_dir

2014-08-06 22:36 - 2014-08-06 22:36 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CyberLink PowerDVD 9.6

2014-08-06 20:14 - 2014-08-06 20:14 - 00000071 _____ () C:\Windows\wininit.ini

2014-08-06 20:13 - 2014-08-06 22:14 - 00000000 ____D () C:\Users\Andre\Desktop\New folder (5)

2014-08-06 20:13 - 2014-08-06 21:36 - 00005184 _____ () C:\Users\Andre\AppData\Roaming\msconfig.ini

2014-08-06 20:13 - 2014-08-06 20:15 - 00000000 __SHD () C:\Windows\SysWOW64\sys

2014-08-06 20:13 - 2014-08-06 20:14 - 00000000 _RSHD () C:\Users\Andre\c4u2s7y68

2014-08-06 20:11 - 2014-08-06 20:11 - 00362664 _____ () C:\Users\Andre\Downloads\MediaPlayerClassic_RocketFuelInstaller.exe

2014-08-06 20:10 - 2014-08-06 20:10 - 01028961 _____ () C:\Users\Andre\Downloads\Call of Duty Ghosts Hack.rar

2014-08-06 20:06 - 2014-08-06 20:06 - 03578764 _____ () C:\Users\Andre\Downloads\Call-of-Duty-Ghosts-Multihack-v3.0.rar

2014-08-06 20:04 - 2014-08-06 20:04 - 00003426 _____ () C:\Windows\System32\Tasks\AmiUpdXp

2014-08-06 20:04 - 2014-08-06 20:04 - 00000374 _____ () C:\Windows\Tasks\AmiUpdXp.job

2014-08-06 20:04 - 2014-08-06 20:04 - 00000000 ____D () C:\Users\Andre\AppData\Local\13677

2014-08-06 20:02 - 2014-08-06 20:02 - 00577728 _____ () C:\Users\Andre\Downloads\COD Ghosts Aimbot Downloader__3687_i1135729148_il1417854.exe

2014-08-05 00:55 - 2014-08-05 00:55 - 00000001 _____ () C:\Users\Andre\Desktop\New Text Document (2).txt

2014-08-04 20:14 - 2014-08-04 20:14 - 00017506 _____ () C:\Users\Andre\Downloads\topic,16.0 (5).html

2014-08-04 20:14 - 2014-08-04 20:14 - 00000162 ____H () C:\Users\Andre\Downloads\~$pic,16.0 (5).html

2014-08-04 18:19 - 2014-08-04 18:20 - 01649360 _____ () C:\Users\Andre\ts3_recording_14_08_04_18_19_47.wav

2014-07-30 16:27 - 2014-07-30 16:27 - 00000230 _____ () C:\Users\Andre\Desktop\Robocraft.url

2014-07-29 22:29 - 2014-07-29 22:29 - 00000230 _____ () C:\Users\Andre\Desktop\Terraria.url

2014-07-28 15:55 - 2014-07-28 15:55 - 00053830 _____ () C:\Users\Andre\Downloads\SlimevoidLib-Universal-v2.0.2.0.zip

2014-07-28 15:45 - 2014-07-28 15:45 - 01227779 _____ () C:\Users\Andre\Downloads\gulliver-forged-871-installer-0.14.2-MC1.6.2.jar

2014-07-28 15:42 - 2014-07-28 15:43 - 00173459 _____ () C:\Users\Andre\Downloads\LittleBlocks-MC1.6.2-Optifine.zip

2014-07-27 17:14 - 2014-07-27 17:14 - 00000230 _____ () C:\Users\Andre\Desktop\Call of Duty Ghosts.url

2014-07-27 17:14 - 2014-07-27 17:14 - 00000230 _____ () C:\Users\Andre\Desktop\Call of Duty Ghosts - Multiplayer.url

2014-07-27 11:15 - 2014-07-27 11:16 - 43843119 _____ () C:\Users\Andre\Downloads\Tropicraft v5.1.7 for MC v1.6.4.zip

2014-07-27 11:15 - 2014-07-27 11:15 - 02269863 _____ () C:\Users\Andre\Downloads\forge-1.6.4-9.11.1.965-installer.jar

2014-07-26 09:31 - 2014-07-26 09:38 - 00000000 ____D () C:\Users\Andre\Desktop\New folder (4)

2014-07-26 09:31 - 2014-07-26 09:31 - 07964793 _____ () C:\Users\Andre\Downloads\faithful32packOptiFine.zip

2014-07-26 09:31 - 2014-07-26 09:31 - 00850340 _____ () C:\Users\Andre\Downloads\OCD pack 1.7.2.zip

2014-07-24 18:40 - 2014-07-24 18:40 - 00000229 _____ () C:\Users\Andre\Desktop\Call of Duty Modern Warfare 3 - Multiplayer.url

2014-07-23 21:28 - 2014-07-23 21:29 - 00000000 ____D () C:\Users\Andre\Desktop\Movies

2014-07-22 20:29 - 2014-07-23 21:28 - 00000000 ____D () C:\Users\Andre\Downloads\8 Mile[2002]DvDrip[Eng]-BugZ

2014-07-19 21:22 - 2014-07-19 21:22 - 00135322 _____ () C:\Users\Andre\Desktop\skse scripts.zip

2014-07-19 21:18 - 2014-07-19 21:22 - 00000000 ____D () C:\Users\Andre\Desktop\skse_1_07_01

2014-07-19 21:18 - 2014-07-19 21:18 - 00557387 _____ () C:\Users\Andre\Downloads\skse_1_07_01.7z

2014-07-19 17:09 - 2014-07-19 17:09 - 00313875 _____ () C:\Users\Andre\Downloads\skse_1_07_01_installer.exe

2014-07-19 17:09 - 2014-07-19 17:09 - 00002266 _____ () C:\Users\UpdatusUser\Desktop\Skyrim (SKSE).lnk

2014-07-19 17:09 - 2014-07-19 17:09 - 00002248 _____ () C:\Users\Andre\Desktop\Skyrim (SKSE).lnk

2014-07-19 14:11 - 2014-07-19 14:11 - 00000000 ____D () C:\Users\Andre\Documents\Razer

2014-07-19 14:11 - 2014-07-19 14:11 - 00000000 ____D () C:\Users\Andre\AppData\Local\Razer_Inc

2014-07-19 13:16 - 2014-07-19 13:16 - 00002123 _____ () C:\Users\Public\Desktop\Razer Game Booster.lnk

2014-07-19 13:11 - 2014-07-19 13:13 - 41954352 _____ (Razer Inc. ) C:\Users\Andre\Downloads\RazerGameBoosterSetup_4.2.45.0 (2).exe

2014-07-19 13:07 - 2014-07-19 13:08 - 41954352 _____ (Razer Inc. ) C:\Users\Andre\Downloads\RazerGameBoosterSetup_4.2.45.0 (1).exe

2014-07-19 13:06 - 2014-07-19 13:07 - 41954352 _____ (Razer Inc. ) C:\Users\Andre\Downloads\RazerGameBoosterSetup_4.2.45.0.exe

2014-07-19 13:00 - 2014-07-19 13:00 - 00667648 _____ () C:\Users\Andre\Downloads\Detection.msi

2014-07-19 12:59 - 2014-07-19 12:59 - 00000000 ____D () C:\ProgramData\SystemRequirementsLab

2014-07-19 12:04 - 2014-07-19 12:04 - 00000128 _____ () C:\Users\Andre\Desktop\Generic Spoiler.url

2014-07-19 08:20 - 2014-07-19 08:20 - 00000000 _____ () C:\Users\Andre\Desktop\The Elder Scrolls V

2014-07-17 19:36 - 2014-07-17 19:39 - 00003903 _____ () C:\Users\Andre\Desktop\Color.java

2014-07-17 19:04 - 2014-07-17 19:04 - 00001366 _____ () C:\Users\Andre\Desktop\Robocode.lnk

2014-07-17 19:04 - 2014-07-17 19:04 - 00000000 ____D () C:\Users\Andre\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Robocode

2014-07-17 19:04 - 2014-07-17 19:04 - 00000000 ____D () C:\robocode

2014-07-17 18:51 - 2014-07-17 18:52 - 05436039 _____ () C:\Users\Andre\Downloads\robocode-1.9.2.1-setup.jar

2014-07-17 18:50 - 2004-02-24 00:11 - 00004734 _____ () C:\Users\Andre\Desktop\Aristocles.class

2014-07-17 18:48 - 2004-02-24 00:11 - 00005808 _____ () C:\Users\Andre\Desktop\Aristocles.java

2014-07-17 18:47 - 2014-07-17 19:39 - 00006464 _____ () C:\Users\Andre\Downloads\Andre.java

2014-07-17 18:47 - 2014-07-17 18:47 - 00006340 _____ () C:\Users\Andre\Downloads\pez.micro.Aristocles_0.3.7.jar

 

==================== One Month Modified Files and Folders =======

 

(If an entry is included in the fixlist, the file\folder will be moved.)

 

2018-03-02 00:33 - 2018-03-02 00:33 - 00000000 ____D () C:\Users\Andre\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dell

2014-08-08 17:03 - 2012-10-20 00:10 - 00000000 ____D () C:\Users\Andre\AppData\Roaming\Skype

2014-08-08 17:02 - 2014-08-07 18:23 - 00000000 ____D () C:\FRST

2014-08-08 15:56 - 2009-07-13 23:45 - 00021296 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0

2014-08-08 15:56 - 2009-07-13 23:45 - 00021296 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0

2014-08-08 15:55 - 2009-07-14 00:13 - 00006394 _____ () C:\Windows\system32\PerfStringBackup.INI

2014-08-08 15:51 - 2012-06-10 11:41 - 01536071 _____ () C:\Windows\WindowsUpdate.log

2014-08-08 15:50 - 2014-08-06 22:41 - 00001006 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\LogMeIn Client.lnk

2014-08-08 15:50 - 2014-08-06 22:41 - 00000990 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\LogMeIn Control Panel.lnk

2014-08-08 15:49 - 2012-06-20 18:58 - 00000000 ____D () C:\Users\Andre\AppData\Local\Deployment

2014-08-08 15:49 - 2012-06-10 10:17 - 00000000 ____D () C:\Users\Default\AppData\Local\SoftThinks

2014-08-08 15:49 - 2012-06-10 10:17 - 00000000 ____D () C:\Users\Default User\AppData\Local\SoftThinks

2014-08-08 15:49 - 2012-06-10 10:11 - 00000000 ____D () C:\Program Files (x86)\AlienRespawn

2014-08-08 15:48 - 2013-05-09 12:07 - 00052890 _____ () C:\Windows\setupact.log

2014-08-08 15:48 - 2012-06-10 11:39 - 00000000 ____D () C:\ProgramData\NVIDIA

2014-08-08 02:33 - 2012-06-20 23:47 - 00000000 ____D () C:\ProgramData\LogMeIn

2014-08-08 00:08 - 2013-03-23 00:39 - 00000000 ____D () C:\Users\Andre\AppData\Roaming\steam

2014-08-07 23:27 - 2014-01-20 12:22 - 00000000 ____D () C:\Users\Andre\AppData\Local\TSVNCache

2014-08-07 23:24 - 2014-04-13 14:16 - 00000000 ____D () C:\ProgramData\BBITSaver

2014-08-07 23:24 - 2014-01-21 15:46 - 00000000 ____D () C:\ProgramData\greaatsaver

2014-08-07 23:24 - 2010-11-20 22:47 - 00336628 _____ () C:\Windows\PFRO.log

2014-08-07 22:05 - 2013-01-20 03:39 - 00000000 ____D () C:\Users\Andre\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Games

2014-08-07 22:02 - 2013-10-15 21:40 - 00000000 ____D () C:\Users\Andre\Documents\Outlook Files

2014-08-07 21:42 - 2014-08-07 21:33 - 00000058 _____ () C:\Users\Andre\Desktop\kk.txt

2014-08-07 21:41 - 2014-08-07 21:41 - 00000200 _____ () C:\Users\Andre\Desktop\Call of Duty.url

2014-08-07 21:41 - 2012-06-24 13:07 - 00000000 ____D () C:\Users\Andre\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Steam

2014-08-07 19:11 - 2014-02-23 22:28 - 00000000 ____D () C:\Program Files (x86)\PursuePoint

2014-08-07 18:56 - 2014-08-07 18:56 - 00000000 ____D () C:\Program Files (x86)\greaatsaver

2014-08-07 18:56 - 2014-08-07 18:56 - 00000000 ____D () C:\Program Files (x86)\BBITSaver

2014-08-07 18:56 - 2014-01-19 15:23 - 00000000 ____D () C:\ProgramData\41ee6789b6c5a1f6

2014-08-07 18:54 - 2012-08-14 17:37 - 00000000 ____D () C:\Program Files (x86)\uTorrent

2014-08-07 18:54 - 2012-06-24 01:23 - 00000000 ____D () C:\ProgramData\ADDICT-THING

2014-08-07 18:53 - 2014-03-03 10:02 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Advanced System Protector

2014-08-07 17:39 - 2014-08-07 17:39 - 02094080 _____ (Farbar) C:\Users\Andre\Downloads\FRST64.exe

2014-08-07 17:39 - 2014-08-07 17:39 - 02094080 _____ () C:\Users\Andre\Downloads\FRST64(1).exe

2014-08-07 17:28 - 2014-08-07 17:28 - 00000000 ____D () C:\Users\Andre\Downloads\Avatar [720p]

2014-08-07 17:04 - 2013-07-02 21:01 - 00000000 ____D () C:\Users\Andre\AppData\Roaming\.minecraft

2014-08-07 06:58 - 2014-03-03 10:01 - 00000000 ____D () C:\Users\Andre\AppData\Local\WeatherAlerts

2014-08-06 22:41 - 2012-11-06 15:10 - 00000000 ____D () C:\Windows\pss

2014-08-06 22:41 - 2012-10-15 18:46 - 00000000 ____D () C:\Users\Andre\AppData\Roaming\Raptr

2014-08-06 22:41 - 2012-06-20 23:47 - 00001024 _____ () C:\.rnd

2014-08-06 22:40 - 2012-10-20 00:10 - 00000000 ___RD () C:\Program Files (x86)\Skype

2014-08-06 22:40 - 2012-10-20 00:10 - 00000000 ____D () C:\ProgramData\Skype

2014-08-06 22:40 - 2012-06-20 23:47 - 00000000 ____D () C:\Program Files (x86)\LogMeIn

2014-08-06 22:39 - 2014-08-06 22:39 - 00000000 ____D () C:\Users\Andre\AppData\Roaming\library_dir

2014-08-06 22:39 - 2012-10-15 18:46 - 00000000 ____D () C:\Program Files (x86)\Raptr

2014-08-06 22:37 - 2013-01-01 21:47 - 00000160 _____ () C:\Users\Andre\AppData\Roaming\settings.set

2014-08-06 22:36 - 2014-08-06 22:36 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CyberLink PowerDVD 9.6

2014-08-06 22:27 - 2013-01-02 21:13 - 01372672 ___SH () C:\Users\Andre\Desktop\Thumbs.db

2014-08-06 22:14 - 2014-08-06 20:13 - 00000000 ____D () C:\Users\Andre\Desktop\New folder (5)

2014-08-06 21:58 - 2012-06-20 18:58 - 00000908 _____ () C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1126745806-3093530448-7569978-1001UA.job

2014-08-06 21:36 - 2014-08-06 20:13 - 00005184 _____ () C:\Users\Andre\AppData\Roaming\msconfig.ini

2014-08-06 21:28 - 2012-06-20 18:58 - 00000856 _____ () C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1126745806-3093530448-7569978-1001Core.job

2014-08-06 21:26 - 2013-01-08 23:06 - 00000896 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job

2014-08-06 21:12 - 2012-11-06 14:41 - 00000830 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job

2014-08-06 20:26 - 2013-01-08 23:06 - 00000892 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job

2014-08-06 20:15 - 2014-08-06 20:13 - 00000000 __SHD () C:\Windows\SysWOW64\sys

2014-08-06 20:14 - 2014-08-06 20:14 - 00000071 _____ () C:\Windows\wininit.ini

2014-08-06 20:14 - 2014-08-06 20:13 - 00000000 _RSHD () C:\Users\Andre\c4u2s7y68

2014-08-06 20:13 - 2012-06-20 18:23 - 00000000 ____D () C:\Users\Andre

2014-08-06 20:11 - 2014-08-06 20:11 - 00362664 _____ () C:\Users\Andre\Downloads\MediaPlayerClassic_RocketFuelInstaller.exe

2014-08-06 20:10 - 2014-08-06 20:10 - 01028961 _____ () C:\Users\Andre\Downloads\Call of Duty Ghosts Hack.rar

2014-08-06 20:06 - 2014-08-06 20:06 - 03578764 _____ () C:\Users\Andre\Downloads\Call-of-Duty-Ghosts-Multihack-v3.0.rar

2014-08-06 20:04 - 2014-08-06 20:04 - 00003426 _____ () C:\Windows\System32\Tasks\AmiUpdXp

2014-08-06 20:04 - 2014-08-06 20:04 - 00000374 _____ () C:\Windows\Tasks\AmiUpdXp.job

2014-08-06 20:04 - 2014-08-06 20:04 - 00000000 ____D () C:\Users\Andre\AppData\Local\13677

2014-08-06 20:02 - 2014-08-06 20:02 - 00577728 _____ () C:\Users\Andre\Downloads\COD Ghosts Aimbot Downloader__3687_i1135729148_il1417854.exe

2014-08-06 19:28 - 2009-07-14 00:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT

2014-08-06 17:49 - 2012-08-01 02:09 - 00000000 ____D () C:\Users\Andre\AppData\Local\Adobe

2014-08-05 18:18 - 2014-03-08 22:48 - 00000000 ____D () C:\Users\Andre\AppData\Local\Skyrim

2014-08-05 15:01 - 2014-03-03 10:01 - 00000276 _____ () C:\Windows\Tasks\RegClean Pro_DEFAULT.job

2014-08-05 13:02 - 2013-05-21 21:26 - 00003460 _____ () C:\Windows\System32\Tasks\PCDEventLauncherTask

2014-08-05 01:15 - 2012-07-08 08:32 - 00560640 ___SH () C:\Users\Andre\Documents\Thumbs.db

2014-08-05 00:55 - 2014-08-05 00:55 - 00000001 _____ () C:\Users\Andre\Desktop\New Text Document (2).txt

2014-08-04 20:14 - 2014-08-04 20:14 - 00017506 _____ () C:\Users\Andre\Downloads\topic,16.0 (5).html

2014-08-04 20:14 - 2014-08-04 20:14 - 00000162 ____H () C:\Users\Andre\Downloads\~$pic,16.0 (5).html

2014-08-04 20:14 - 2013-02-20 17:13 - 00000000 ____D () C:\Users\Andre\AppData\Roaming\TS3Client

2014-08-04 18:20 - 2014-08-04 18:19 - 01649360 _____ () C:\Users\Andre\ts3_recording_14_08_04_18_19_47.wav

2014-07-31 23:05 - 2012-12-04 16:25 - 00000000 ____D () C:\Users\Andre\AppData\Local\CrashDumps

2014-07-30 16:27 - 2014-07-30 16:27 - 00000230 _____ () C:\Users\Andre\Desktop\Robocraft.url

2014-07-30 16:07 - 2012-06-21 12:03 - 00000000 ____D () C:\Program Files\AlienAutopsy

2014-07-30 16:05 - 2012-06-21 12:00 - 00000000 ____D () C:\ProgramData\PCDr

2014-07-30 09:01 - 2014-03-03 10:01 - 00000284 _____ () C:\Windows\Tasks\RegClean Pro_UPDATES.job

2014-07-29 22:29 - 2014-07-29 22:29 - 00000230 _____ () C:\Users\Andre\Desktop\Terraria.url

2014-07-29 22:26 - 2013-05-07 14:04 - 00000000 ____D () C:\Users\Andre\Documents\Universe Sandbox

2014-07-28 16:36 - 2013-07-11 19:31 - 00000000 ____D () C:\Program Files (x86)\Razer

2014-07-28 15:55 - 2014-07-28 15:55 - 00053830 _____ () C:\Users\Andre\Downloads\SlimevoidLib-Universal-v2.0.2.0.zip

2014-07-28 15:45 - 2014-07-28 15:45 - 01227779 _____ () C:\Users\Andre\Downloads\gulliver-forged-871-installer-0.14.2-MC1.6.2.jar

2014-07-28 15:43 - 2014-07-28 15:42 - 00173459 _____ () C:\Users\Andre\Downloads\LittleBlocks-MC1.6.2-Optifine.zip

2014-07-27 17:38 - 2013-04-08 18:49 - 00000000 ____D () C:\Program Files (x86)\War Thunder

2014-07-27 17:16 - 2012-11-01 18:20 - 00000000 ____D () C:\Program Files\Adobe

2014-07-27 17:16 - 2012-08-01 03:08 - 00000000 ____D () C:\Program Files\Common Files\Adobe

2014-07-27 17:14 - 2014-07-27 17:14 - 00000230 _____ () C:\Users\Andre\Desktop\Call of Duty Ghosts.url

2014-07-27 17:14 - 2014-07-27 17:14 - 00000230 _____ () C:\Users\Andre\Desktop\Call of Duty Ghosts - Multiplayer.url

2014-07-27 11:16 - 2014-07-27 11:15 - 43843119 _____ () C:\Users\Andre\Downloads\Tropicraft v5.1.7 for MC v1.6.4.zip

2014-07-27 11:15 - 2014-07-27 11:15 - 02269863 _____ () C:\Users\Andre\Downloads\forge-1.6.4-9.11.1.965-installer.jar

2014-07-26 09:38 - 2014-07-26 09:31 - 00000000 ____D () C:\Users\Andre\Desktop\New folder (4)

2014-07-26 09:31 - 2014-07-26 09:31 - 07964793 _____ () C:\Users\Andre\Downloads\faithful32packOptiFine.zip

2014-07-26 09:31 - 2014-07-26 09:31 - 00850340 _____ () C:\Users\Andre\Downloads\OCD pack 1.7.2.zip

2014-07-24 18:40 - 2014-07-24 18:40 - 00000229 _____ () C:\Users\Andre\Desktop\Call of Duty Modern Warfare 3 - Multiplayer.url

2014-07-23 21:29 - 2014-07-23 21:28 - 00000000 ____D () C:\Users\Andre\Desktop\Movies

2014-07-23 21:28 - 2014-07-22 20:29 - 00000000 ____D () C:\Users\Andre\Downloads\8 Mile[2002]DvDrip[Eng]-BugZ

2014-07-23 19:24 - 2009-07-14 00:08 - 00032632 _____ () C:\Windows\Tasks\SCHEDLGU.TXT

2014-07-21 16:43 - 2014-07-07 17:34 - 00000000 ____D () C:\Users\Andre\AppData\Roaming\.ccemuredux

2014-07-19 21:22 - 2014-07-19 21:22 - 00135322 _____ () C:\Users\Andre\Desktop\skse scripts.zip

2014-07-19 21:22 - 2014-07-19 21:18 - 00000000 ____D () C:\Users\Andre\Desktop\skse_1_07_01

2014-07-19 21:22 - 2014-03-10 18:47 - 00000000 ____D () C:\Users\Andre\Documents\Nexus Mod Manager

2014-07-19 21:18 - 2014-07-19 21:18 - 00557387 _____ () C:\Users\Andre\Downloads\skse_1_07_01.7z

2014-07-19 17:09 - 2014-07-19 17:09 - 00313875 _____ () C:\Users\Andre\Downloads\skse_1_07_01_installer.exe

2014-07-19 17:09 - 2014-07-19 17:09 - 00002266 _____ () C:\Users\UpdatusUser\Desktop\Skyrim (SKSE).lnk

2014-07-19 17:09 - 2014-07-19 17:09 - 00002248 _____ () C:\Users\Andre\Desktop\Skyrim (SKSE).lnk

2014-07-19 14:19 - 2012-09-03 10:25 - 00003074 _____ () C:\Windows\System32\Tasks\Game_Booster_Startup

2014-07-19 14:11 - 2014-07-19 14:11 - 00000000 ____D () C:\Users\Andre\Documents\Razer

2014-07-19 14:11 - 2014-07-19 14:11 - 00000000 ____D () C:\Users\Andre\AppData\Local\Razer_Inc

2014-07-19 14:06 - 2013-07-11 19:35 - 00000000 ____D () C:\Users\Andre\AppData\Local\Razer

2014-07-19 13:16 - 2014-07-19 13:16 - 00002123 _____ () C:\Users\Public\Desktop\Razer Game Booster.lnk

2014-07-19 13:16 - 2013-07-11 19:31 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Razer

2014-07-19 13:15 - 2013-07-11 19:31 - 00000000 ____D () C:\ProgramData\Razer

2014-07-19 13:13 - 2014-07-19 13:11 - 41954352 _____ (Razer Inc. ) C:\Users\Andre\Downloads\RazerGameBoosterSetup_4.2.45.0 (2).exe

2014-07-19 13:08 - 2014-07-19 13:07 - 41954352 _____ (Razer Inc. ) C:\Users\Andre\Downloads\RazerGameBoosterSetup_4.2.45.0 (1).exe

2014-07-19 13:07 - 2014-07-19 13:06 - 41954352 _____ (Razer Inc. ) C:\Users\Andre\Downloads\RazerGameBoosterSetup_4.2.45.0.exe

2014-07-19 13:01 - 2013-07-11 12:10 - 00000000 ____D () C:\Program Files (x86)\SystemRequirementsLab

2014-07-19 13:00 - 2014-07-19 13:00 - 00667648 _____ () C:\Users\Andre\Downloads\Detection.msi

2014-07-19 12:59 - 2014-07-19 12:59 - 00000000 ____D () C:\ProgramData\SystemRequirementsLab

2014-07-19 12:04 - 2014-07-19 12:04 - 00000128 _____ () C:\Users\Andre\Desktop\Generic Spoiler.url

2014-07-19 08:20 - 2014-07-19 08:20 - 00000000 _____ () C:\Users\Andre\Desktop\The Elder Scrolls V

2014-07-17 19:39 - 2014-07-17 19:36 - 00003903 _____ () C:\Users\Andre\Desktop\Color.java

2014-07-17 19:39 - 2014-07-17 18:47 - 00006464 _____ () C:\Users\Andre\Downloads\Andre.java

2014-07-17 19:04 - 2014-07-17 19:04 - 00001366 _____ () C:\Users\Andre\Desktop\Robocode.lnk

2014-07-17 19:04 - 2014-07-17 19:04 - 00000000 ____D () C:\Users\Andre\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Robocode

2014-07-17 19:04 - 2014-07-17 19:04 - 00000000 ____D () C:\robocode

2014-07-17 19:01 - 2012-12-30 07:20 - 00000000 ____D () C:\Users\Andre\AppData\Local\Eclipse

2014-07-17 18:52 - 2014-07-17 18:51 - 05436039 _____ () C:\Users\Andre\Downloads\robocode-1.9.2.1-setup.jar

2014-07-17 18:47 - 2014-07-17 18:47 - 00006340 _____ () C:\Users\Andre\Downloads\pez.micro.Aristocles_0.3.7.jar

2014-07-16 17:11 - 2012-06-20 23:47 - 00107368 _____ (LogMeIn, Inc.) C:\Windows\system32\LMIRfsClientNP.dll

2014-07-16 17:11 - 2012-06-20 23:47 - 00092488 _____ (LogMeIn, Inc.) C:\Windows\system32\LMIinit.dll

2014-07-16 17:11 - 2012-06-20 23:47 - 00035656 _____ (LogMeIn, Inc.) C:\Windows\system32\LMIport.dll

 

Files to move or delete:

====================

C:\Users\Andre\hammer.exe

C:\Users\Andre\AppData\Roaming\msconfig.ini

 

 

Some content of TEMP:

====================

C:\Users\Andre\AppData\Local\Temp\6_Offer_9.exe

C:\Users\Andre\AppData\Local\Temp\AAMHelper.exe

C:\Users\Andre\AppData\Local\Temp\AdobeApplicationManager.exe

C:\Users\Andre\AppData\Local\Temp\BackupSetup.exe

C:\Users\Andre\AppData\Local\Temp\bitool.dll

C:\Users\Andre\AppData\Local\Temp\CommandCenterSetupSetup.exe

C:\Users\Andre\AppData\Local\Temp\CreativeCloudSet-Up.exe

C:\Users\Andre\AppData\Local\Temp\DM1393858784.exe

C:\Users\Andre\AppData\Local\Temp\DM1393888978.exe

C:\Users\Andre\AppData\Local\Temp\DM1393889372.exe

C:\Users\Andre\AppData\Local\Temp\jansi-32-git-Bukkit-1.4.5-R1.0-b2543jnks.dll

C:\Users\Andre\AppData\Local\Temp\jansi-32-git-Bukkit-1.7.2-R0.2-40-g6e27629-b3011jnks.dll

C:\Users\Andre\AppData\Local\Temp\jansi-64-git-Bukkit-1.6.2-R1.0-6-g7d680d3.dll

C:\Users\Andre\AppData\Local\Temp\jansi-64-git-Bukkit-1.7.2-R0.2-40-g6e27629-b3011jnks.dll

C:\Users\Andre\AppData\Local\Temp\jansi-64-git-Bukkit-1.7.2-R0.2-b2974jnks.dll

C:\Users\Andre\AppData\Local\Temp\JingSetup.exe

C:\Users\Andre\AppData\Local\Temp\nsg7B9F.exe

C:\Users\Andre\AppData\Local\Temp\nsh6FAD.exe

C:\Users\Andre\AppData\Local\Temp\nsh7A59.exe

C:\Users\Andre\AppData\Local\Temp\nshCFAD.exe

C:\Users\Andre\AppData\Local\Temp\nsl7CF7.exe

C:\Users\Andre\AppData\Local\Temp\nsmD597.exe

C:\Users\Andre\AppData\Local\Temp\nsr751A.exe

C:\Users\Andre\AppData\Local\Temp\nsxDB05.exe

C:\Users\Andre\AppData\Local\Temp\OpenComputersMod-native.64.dll

C:\Users\Andre\AppData\Local\Temp\Paint.NET.3.5.11.Install.exe

C:\Users\Andre\AppData\Local\Temp\PreExe_ID_5853.exe

C:\Users\Andre\AppData\Local\Temp\SearchProtectChecker.exe

C:\Users\Andre\AppData\Local\Temp\SearchProtectINT.exe

C:\Users\Andre\AppData\Local\Temp\setup.exe

C:\Users\Andre\AppData\Local\Temp\setup__3813.exe

C:\Users\Andre\AppData\Local\Temp\sqlite-3.7.2-sqlitejdbc.dll

C:\Users\Andre\AppData\Local\Temp\SRLDetectionLibrary8112108768895091717.dll

C:\Users\Andre\AppData\Local\Temp\System.Data.SQLite.dll

C:\Users\Andre\AppData\Local\Temp\System.Data.SQLite50181.dll

C:\Users\Andre\AppData\Local\Temp\utt8C72.tmp.exe

 

 

==================== Bamital & volsnap Check =================

 

(There is no automatic fix for files that do not pass verification.)

 

C:\Windows\System32\winlogon.exe => File is digitally signed

C:\Windows\System32\wininit.exe => File is digitally signed

C:\Windows\SysWOW64\wininit.exe => File is digitally signed

C:\Windows\explorer.exe => File is digitally signed

C:\Windows\SysWOW64\explorer.exe

[2012-06-10 11:33] - [2012-06-10 11:33] - 2595328 ____A (Microsoft Corporation) 98B46845D7374EFE5E7ADCD7440ECABA

 

C:\Windows\System32\svchost.exe => File is digitally signed

C:\Windows\SysWOW64\svchost.exe => File is digitally signed

C:\Windows\System32\services.exe => File is digitally signed

C:\Windows\System32\User32.dll => File is digitally signed

C:\Windows\SysWOW64\User32.dll => File is digitally signed

C:\Windows\System32\userinit.exe => File is digitally signed

C:\Windows\SysWOW64\userinit.exe => File is digitally signed

C:\Windows\System32\rpcss.dll => File is digitally signed

C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed

 

 

LastRegBack: 2014-07-28 20:14

 

==================== End Of Log ============================

Link to post
Share on other sites
walia6

walia6

Posted
  • Author
Posted
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 05-08-2014

Ran by Andre at 2014-08-08 17:04:05

Running from E:\

Boot Mode: Normal

==========================================================

 

 

==================== Security Center ========================

 

(If an entry is included in the fixlist, it will be removed.)

 

AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

 

==================== Installed Programs ======================

 

(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

 

7-Zip 9.20 (HKLM-x32\...\7-Zip) (Version:  - )

Ace of Spades (HKLM-x32\...\{6037B8AD-7D5B-4D50-9BCA-A586C44EEF34}) (Version: 0.75.015 - Ben Aksoy)

Ace of Spades (HKLM-x32\...\Steam App 224540) (Version:  - )

Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 3.4.0.2710 - Adobe Systems Incorporated)

Adobe AIR (x32 Version: 3.4.0.2710 - Adobe Systems Incorporated) Hidden

Adobe Creative Cloud (HKLM-x32\...\Adobe Creative Cloud) (Version: 2.1.2.232 - Adobe Systems Incorporated)

Adobe Download Assistant (HKLM-x32\...\com.adobe.downloadassistant.AdobeDownloadAssistant) (Version: 1.2.3 - Adobe Systems Incorporated)

Adobe Download Assistant (x32 Version: 1.2.3 - Adobe Systems Incorporated) Hidden

Adobe Flash Player 11 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 11.6.602.180 - Adobe Systems Incorporated)

Adobe Flash Player 13 Plugin (HKLM-x32\...\Adobe Flash Player Plugin) (Version: 13.0.0.214 - Adobe Systems Incorporated)

Adobe Flash Professional CS6 (HKLM-x32\...\{BD5669B5-49FF-4490-B956-E9D7CB9B0ADC}) (Version: 12.0 - Adobe Systems Incorporated)

Adobe Help Manager (HKLM-x32\...\chc.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1) (Version: 4.0.244 - Adobe Systems Incorporated)

Adobe Help Manager (x32 Version: 4.0.244 - Adobe Systems Incorporated) Hidden

Adobe Photoshop Elements 10 (HKLM-x32\...\Adobe Photoshop Elements 10) (Version: 10.0 - Adobe Systems Incorporated)

Adobe Photoshop Elements 10 (x32 Version: 10.0 - Adobe Systems Incorporated) Hidden

Adobe Photoshop.com Inspiration Browser (HKLM-x32\...\PhotoshopdotcomInspirationBrowser.4C35C4D325D350FE0114230CBADCA2DDD0AC8D25.1) (Version: 3.07 - Adobe Systems Incorporated)

Adobe Photoshop.com Inspiration Browser (x32 Version: 3.07 - Adobe Systems Incorporated) Hidden

Adobe Reader X (10.1.4) MUI (HKLM-x32\...\{AC76BA86-7AD7-FFFF-7B44-AA0000000001}) (Version: 10.1.4 - Adobe Systems Incorporated)

Advanced Audio FX Engine (HKLM-x32\...\Advanced Audio FX Engine) (Version: 1.12.05 - Creative Technology Ltd)

AlienAutopsy (HKLM\...\PC-Doctor for Windows) (Version: 3.4.6422.14 - PC-Doctor, Inc.)

AlienRespawn - Support Software (HKLM-x32\...\{A9668246-FB70-4103-A1E3-66C9BC2EFB49}) (Version: 9.4.67 - Alienware)

AlienRespawn (HKLM-x32\...\{0ED7EE95-6A97-47AA-AD73-152C08A15B04}) (Version: 9.4.67 - Alienware)

Alienware Command Center (HKLM-x32\...\InstallShield_{FD1AE10F-163C-4D4B-9FCE-AC667AF1DC6E}) (Version: 2.8.8.0 - Alienware Corp.)

Alienware Command Center (Version: 2.8.8.0 - Alienware Corp.) Hidden

Alienware On-Screen Display (HKLM-x32\...\InstallShield_{0D69462F-99CC-4F8D-942E-666E21CE59F8}) (Version: 0.32.0.2C - )

Alienware On-Screen Display (x32 Version: 0.32.0.2C - ) Hidden

AmazingMIDI (HKLM-x32\...\AmazingMIDI) (Version:  - )

Anvil Studio 2012 (HKLM-x32\...\{FE2E5EDF-550A-4CAB-91F2-7F19D35D4C19}) (Version: 12.10.07 - Willow Software)

Apple Application Support (HKLM-x32\...\{21FC2093-6E43-460B-B9B0-5F5AA35BBB0F}) (Version: 3.0 - Apple Inc.)

Apple Mobile Device Support (HKLM\...\{FE86CB0C-FCB3-4358-B4B0-B0A41E33B3DD}) (Version: 7.1.0.32 - Apple Inc.)

Apple Software Update (HKLM-x32\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)

Arena (HKLM-x32\...\ArenaSetup_is1) (Version:  - Bethesda Softworks)

Armagetron Advanced 0.2.8.3.2 (HKLM-x32\...\Armagetron Advanced) (Version: 0.2.8.3.2 - Armagetron Advanced Team)

Audio Evolution 5 (HKLM-x32\...\{5BD1E7E0-4D22-4B2F-B14B-417F6D9F61D0}) (Version: 5.3.4 - eXtream Software Development)

Auto Clicker v1.6 (HKLM-x32\...\{C0A7E4F3-82CC-416B-82C6-BA06AACFD635}_is1) (Version: 1.6 - MurGee.com)

Auto Typer by MurGee v1.3 (HKLM-x32\...\{D04D8636-FB60-47FD-8F8C-18D475C52456}_is1) (Version: 1.3 - MurGee.com)

Banished (HKLM-x32\...\Steam App 242920) (Version:  - Shining Rock Software LLC)

BeamNG-Techdemo-0.3 (remove only) (HKCU\...\BeamNG-Techdemo-0.3) (Version:  - )

Bfxr (HKLM-x32\...\com.increpare.bfxr) (Version: 1.3.3 - UNKNOWN)

Bfxr (x32 Version: 1.3.3 - UNKNOWN) Hidden

Blender (HKLM\...\Blender) (Version: 2.63-release - Blender Foundation)

BlueStacks App Player (HKLM-x32\...\BlueStacks App Player) (Version: 0.8.7.3069 - BlueStack Systems, Inc.)

BlueStacks Notification Center (HKLM-x32\...\{FE5ABB0E-EDEA-4023-B0FB-9DEA39A98D76}) (Version: 0.8.7.3069 - BlueStack Systems, Inc.)

Bonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 - Apple Inc.)

BSR Screen Recorder 6 (HKLM-x32\...\BSRScreenRecorder5) (Version:  - )

Call of Duty (HKLM-x32\...\Steam App 2620) (Version:  - Infinity Ward)

Call of Duty: Ghosts - Multiplayer (HKLM-x32\...\Steam App 209170) (Version:  - Infinity Ward)

Call of Duty: Ghosts (HKLM-x32\...\Steam App 209160) (Version:  - Infinity Ward)

Call of Duty: Modern Warfare 3 - Multiplayer (HKLM-x32\...\Steam App 42690) (Version:  - Infinity Ward)

CamStudio OSS Desktop Recorder (HKLM-x32\...\{FD9C31B6-F572-414D-81E3-89368C97A125}_is1) (Version: 2.6 Beta r294 - CamStudio Open Source Dev Team)

Camtasia Studio 8 (HKLM-x32\...\{56E884B5-B9B6-4432-B209-3A3EF41C7A01}) (Version: 8.0.3.1018 - TechSmith Corporation)

Cheat Engine 6.1 (HKLM-x32\...\Cheat Engine 6.1_is1) (Version:  - Dark Byte)

Curse Client (HKCU\...\101a9f93b8f0bb6f) (Version: 5.1.1.810 - Curse)

CustoPackTools (HKLM\...\CustoPackTools) (Version:  - neOceane)

CyberLink PowerDVD 9.6 (HKLM-x32\...\InstallShield_{A8516AC9-AAF1-47F9-9766-03E2D4CDBCF8}) (Version: 9.6.1.4827 - CyberLink Corp.)

CyberLink PowerDVD 9.6 (x32 Version: 9.6.1.4827 - CyberLink Corp.) Hidden

D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden

DDiscouuntEaxteNsi (HKLM-x32\...\{B138259A-351E-33FA-2726-8D71704F1DA9}) (Version:  - DiscounntuExxtensi)

Debut Video Capture Software (HKLM-x32\...\Debut) (Version:  - NCH Software)

Definition Update for Microsoft Office 2010 (KB982726) 64-Bit Edition (HKLM\...\{91140000-0011-0000-1000-0000000FF1CE}_Office14.PROPLUSR_{FEE83E48-5D21-4EEC-A345-5C5887869DBE}) (Version:  - Microsoft)

Dell System Detect (HKCU\...\9204f5692a8faf3b) (Version: 5.7.0.6 - Dell)

DesktopWeatherAlerts (HKCU\...\DesktopWeatherAlerts) (Version: 1.0.29.0 - Local Weather LLC)

Dev-C++ 5 beta 9 release (4.9.9.2) (HKLM-x32\...\Dev-C++) (Version:  - )

DigiSaver (HKLM-x32\...\{7223EDAC-E091-B3C1-BD91-B66CE557800F}) (Version:  - DiGiSaver)

Dropbox (HKCU\...\Dropbox) (Version: 2.4.10 - Dropbox, Inc.)

Dual-Core Optimizer (HKLM-x32\...\{9FD6F1A8-5550-46AF-8509-271DF0E768B5}) (Version: 1.1.4.0169 - AMD)

Dxtory 2.0.108 (HKLM-x32\...\Dxtory2.0_is1) (Version: 2.0.108 - Dxtory Software)

Elements 10 Organizer (x32 Version: 10.0 - Adobe Systems Incorporated) Hidden

EMSC (x32 Version: 0.0.0.22C - Compal Electronics, Inc.) Hidden

EVE Online (remove only) (HKLM-x32\...\EVE) (Version:  - CCP Games Ltd.)

Express Burn (HKLM-x32\...\ExpressBurn) (Version:  - NCH Software)

ffdshow [rev 3154] [2009-12-09] (HKLM-x32\...\ffdshow_is1) (Version: 1.0 - )

Fraps (HKLM-x32\...\Fraps) (Version:  - )

Freemake Video Downloader (HKLM-x32\...\Freemake Video Downloader_is1) (Version: 3.3.0 - Ellora Assets Corporation)

FTL version 1.03.1 (HKLM-x32\...\{20E23A40-38E5-4DD6-B738-BC8097AE66B6}_is1) (Version: 1.03.1 - Subset Games)

FTL: Faster Than Light (HKLM-x32\...\Steam App 212680) (Version:  - Subset Games)

Game Dev Tycoon version 1.4.5 (HKLM-x32\...\{5BBB8682-1335-410F-A79F-8E5611A54BD0}_is1) (Version: 1.4.5 - Greenheart Games Pty. Ltd.)

Garmin Communicator Plugin (HKLM-x32\...\{647BB978-2876-487B-9B0E-FDB73F0EA4A2}) (Version: 4.0.4 - Garmin Ltd or its subsidiaries)

Garmin Communicator Plugin x64 (HKLM\...\{237D687E-9E50-4A30-B810-262764CC491B}) (Version: 4.0.4 - Garmin Ltd or its subsidiaries)

Garry's Mod (HKLM-x32\...\Steam App 4000) (Version:  - Garry)

GitHub (HKCU\...\68c6678448324991) (Version: 1.0.29.9 - GitHub, Inc.)

Google Chrome (HKCU\...\Google Chrome) (Version: 32.0.1700.102 - Google Inc.)

Google Earth (HKLM-x32\...\{4D2A6330-2F8B-11E3-9C40-B8AC6F97B88E}) (Version: 7.1.2.2041 - Google)

Google Update Helper (x32 Version: 1.3.22.3 - Google Inc.) Hidden

Horizon v2.7.7.0 (HKLM-x32\...\d4cfeebc-b821-40b7-9f81-d366b1466f03_is1) (Version: 2.7.7.0 - Daring Development Inc.)

HyperCam 2 (HKLM-x32\...\HyperCam 2) (Version: 2.27.00 - Hyperionics Technology LLC)

iExplorer 3.1.1.0 (HKLM-x32\...\{7FD8B0C1-CDDA-4B4D-A577-B2E3570EA3A3}_is1) (Version:  - Macroplant LLC)

iFunbox (v2.0.2150.728), iFunbox DevTeam (HKLM-x32\...\iFunbox_is1) (Version: v2.0.2150.728 - )

Integrated Webcam Live! Central (HKLM-x32\...\Integrated Webcam Live! Central) (Version: 2.00.44 - Creative Technology Ltd)

Intel PROSet Wireless (Version:  - ) Hidden

Intel® Control Center (HKLM-x32\...\{F8A9085D-4C7A-41a9-8A77-C8998A96C421}) (Version: 1.2.1.1007 - Intel Corporation)

Intel® Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 8.0.1.1399 - Intel Corporation)

Intel® Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 8.15.10.2653 - Intel Corporation)

Intel® PROSet/Wireless for Bluetooth® + High Speed (HKLM\...\{37EC048A-81A2-452A-8D1F-3BE2018E767D}) (Version: 15.1.0.0096 - Intel Corporation)

Intel® PROSet/Wireless Software for Bluetooth® Technology (HKLM\...\{520C4DD4-2BC7-409B-BA48-E1A4F832662D}) (Version: 2.1.0.0140 - Intel Corporation)

Intel® Rapid Storage Technology (HKLM-x32\...\{3E29EE6C-963A-4aae-86C1-DC237C4A49FC}) (Version: 11.0.0.1032 - Intel Corporation)

Intel® USB 3.0 eXtensible Host Controller Driver (HKLM-x32\...\{240C3DDD-C5E9-4029-9DF7-95650D040CF2}) (Version: 1.0.3.214 - Intel Corporation)

Intel® PROSet/Wireless WiFi Software (HKLM\...\{E97F409F-9E1C-42A0-B72D-765A78DF3696}) (Version: 15.01.0000.0830 - Intel Corporation)

Intel® Trusted Connect Service Client (HKLM\...\{538B98C3-773F-4F20-9C66-802D104DCBE2}) (Version: 1.23.219.2 - Intel Corporation)

iTunes (HKLM\...\{96B53CA8-5ABB-49D8-96F1-F6C0D73A76C6}) (Version: 11.1.4.62 - Apple Inc.)

Java 7 Update 10 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F86417010FF}) (Version: 7.0.100 - Oracle)

Java 7 Update 21 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83217021FF}) (Version: 7.0.210 - Oracle)

Java Auto Updater (x32 Version: 2.1.9.5 - Sun Microsystems, Inc.) Hidden

Java SE Development Kit 7 Update 10 (64-bit) (HKLM\...\{64A3A4F4-B792-11D6-A78A-00B0D0170100}) (Version: 1.7.0.100 - Oracle)

Java SE Development Kit 7 Update 6 (64-bit) (HKLM\...\{64A3A4F4-B792-11D6-A78A-00B0D0170060}) (Version: 1.7.0.60 - Oracle)

JavaFX 2.1.1 (HKLM-x32\...\{1111706F-666A-4037-7777-211328764D10}) (Version: 2.1.1 - Oracle Corporation)

JC2-MP version 0.0.16 (Build 546) (HKLM-x32\...\{7F12FECB-1D75-42D7-9074-D6FEA6D91E65}_is1) (Version: 0.0.16 (Build 546) - )

Jing (HKLM-x32\...\{8CC9F4D8-D938-412B-B67D-A28FA7BDB8AA}) (Version: 2.7.12205.4 - TechSmith Corporation)

Just Cause 2 (HKLM-x32\...\Steam App 8190) (Version:  - Avalanche)

Just Cause 2: Multiplayer Mod (HKLM-x32\...\Steam App 259080) (Version:  - JC2-MP Team)

JustCloud  (HKLM\...\JustCloud) (Version:  - JustCloud)

Kerbal Space Program (HKLM-x32\...\Steam App 220200) (Version:  - Squad)

LEGO Digital Designer (HKLM-x32\...\New LEGO Digital Designer) (Version:  - LEGO A/S)

Lifeless Planet (HKLM-x32\...\Steam App 261530) (Version:  - Stage 2 Studios)

LightWave 11.0 64-bit (HKLM-x32\...\LightWave 11.0 64-bit 11.0) (Version: 11.0 - NewTek, Inc.)

LimeWire 5.6.2 (HKLM-x32\...\LimeWire) (Version: 5.6.2 - Lime Wire, LLC)

LogMeIn (HKLM-x32\...\{EE4CA5AF-4A55-418C-8CB8-74435814207B}) (Version: 4.1.2450 - LogMeIn, Inc.)

LOVE (remove only) (HKLM-x32\...\LOVE) (Version:  - )

Lua for Windows 5.1.4-46 (HKLM-x32\...\Lua_is1) (Version: 5.1.4.46 - The Lua for Windows Project and Lua and Tecgraf, PUC-Rio)

Malwarebytes Anti-Malware version 1.75.0.1300 (HKLM-x32\...\Malwarebytes' Anti-Malware_is1) (Version: 1.75.0.1300 - Malwarebytes Corporation)

Mathematica Extras 9.0 (4055459) (HKLM\...\A-WIN-Extras 9.0.1 4055459_is1) (Version: 9.0.1 - Wolfram Research, Inc.)

McAfee Security Scan Plus (HKLM-x32\...\McAfee Security Scan) (Version: 3.0.207.4 - McAfee, Inc.)

Microsoft .NET Framework 4 Multi-Targeting Pack (HKLM-x32\...\{CFEF48A8-BFB8-3EAC-8BA5-DE4F8AA267CE}) (Version: 4.0.30319 - Microsoft Corporation)

Microsoft .NET Framework 4.5 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50709 - Microsoft Corporation)

Microsoft .NET Framework 4.5 (Version: 4.5.50709 - Microsoft Corporation) Hidden

Microsoft Application Error Reporting (Version: 12.0.6015.5000 - Microsoft Corporation) Hidden

Microsoft Application Error Reporting (x32 Version: 12.0.6012.5000 - Microsoft Corporation) Hidden

Microsoft Flight (HKLM-x32\...\Steam App 203850) (Version:  - Microsoft Studios)

Microsoft Games for Windows - LIVE Redistributable (HKLM-x32\...\{42AA4CA8-DCD8-4308-BCAB-0B6D75856A9D}) (Version: 3.5.95.0 - Microsoft Corporation)

Microsoft Games for Windows Marketplace (HKLM-x32\...\{4CB0307C-565E-4441-86BE-0DF2E4FB828C}) (Version: 3.5.50.0 - Microsoft Corporation)

Microsoft Help Viewer 1.0 (HKLM\...\Microsoft Help Viewer 1.0) (Version: 1.0.30319 - Microsoft Corporation)

Microsoft Help Viewer 1.0 (Version: 1.0.30319 - Microsoft Corporation) Hidden

Microsoft Office 2010 Service Pack 1 (SP1) (HKLM\...\{91140000-0011-0000-1000-0000000FF1CE}_Office14.PROPLUSR_{7BC9B5EB-125A-4E9B-97E1-8D85B5E960B8}) (Version:  - Microsoft)

Microsoft Office 2010 Service Pack 1 (SP1) (Version:  - Microsoft) Hidden

Microsoft Office Access MUI (English) 2010 (Version: 14.0.6029.1000 - Microsoft Corporation) Hidden

Microsoft Office Access Setup Metadata MUI (English) 2010 (Version: 14.0.6029.1000 - Microsoft Corporation) Hidden

Microsoft Office Excel MUI (English) 2010 (Version: 14.0.6029.1000 - Microsoft Corporation) Hidden

Microsoft Office Groove MUI (English) 2010 (Version: 14.0.6029.1000 - Microsoft Corporation) Hidden

Microsoft Office InfoPath MUI (English) 2010 (Version: 14.0.6029.1000 - Microsoft Corporation) Hidden

Microsoft Office Office 32-bit Components 2010 (Version: 14.0.6029.1000 - Microsoft Corporation) Hidden

Microsoft Office OneNote MUI (English) 2010 (Version: 14.0.6029.1000 - Microsoft Corporation) Hidden

Microsoft Office Outlook MUI (English) 2010 (Version: 14.0.6029.1000 - Microsoft Corporation) Hidden

Microsoft Office PowerPoint MUI (English) 2010 (Version: 14.0.6029.1000 - Microsoft Corporation) Hidden

Microsoft Office Professional Plus 2010 (HKLM\...\Office14.PROPLUSR) (Version: 14.0.6029.1000 - Microsoft Corporation)

Microsoft Office Professional Plus 2010 (Version: 14.0.6029.1000 - Microsoft Corporation) Hidden

Microsoft Office Proof (English) 2010 (Version: 14.0.6029.1000 - Microsoft Corporation) Hidden

Microsoft Office Proof (French) 2010 (Version: 14.0.6029.1000 - Microsoft Corporation) Hidden

Microsoft Office Proof (Spanish) 2010 (Version: 14.0.6029.1000 - Microsoft Corporation) Hidden

Microsoft Office Proofing (English) 2010 (Version: 14.0.6029.1000 - Microsoft Corporation) Hidden

Microsoft Office Publisher MUI (English) 2010 (Version: 14.0.6029.1000 - Microsoft Corporation) Hidden

Microsoft Office Shared 32-bit MUI (English) 2010 (Version: 14.0.6029.1000 - Microsoft Corporation) Hidden

Microsoft Office Shared MUI (English) 2010 (Version: 14.0.6029.1000 - Microsoft Corporation) Hidden

Microsoft Office Shared Setup Metadata MUI (English) 2010 (Version: 14.0.6029.1000 - Microsoft Corporation) Hidden

Microsoft Office Word MUI (English) 2010 (Version: 14.0.6029.1000 - Microsoft Corporation) Hidden

Microsoft Security Client (Version: 4.2.0223.1 - Microsoft Corporation) Hidden

Microsoft Security Essentials (HKLM\...\Microsoft Security Client) (Version: 4.2.223.1 - Microsoft Corporation)

Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.20513.0 - Microsoft Corporation)

Microsoft SkyDrive (HKCU\...\SkyDriveSetup.exe) (Version: 16.4.6013.0910 - Microsoft Corporation)

Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)

Microsoft SQL Server 2008 R2 Management Objects (HKLM-x32\...\{4E968D9C-21A7-4915-B698-F7AEB913541D}) (Version: 10.50.1447.4 - Microsoft Corporation)

Microsoft SQL Server Compact 3.5 SP2 ENU (HKLM-x32\...\{3A9FC03D-C685-4831-94CF-4EDFD3749497}) (Version: 3.5.8080.0 - Microsoft Corporation)

Microsoft SQL Server Compact 3.5 SP2 x64 ENU (HKLM\...\{D4AD39AD-091E-4D33-BB2B-59F6FCB8ADC3}) (Version: 3.5.8080.0 - Microsoft Corporation)

Microsoft SQL Server System CLR Types (HKLM-x32\...\{2A2F3AE8-246A-4252-BB26-1BEB45627074}) (Version: 10.50.1447.4 - Microsoft Corporation)

Microsoft Visual C# 2010 Express - ENU (HKLM-x32\...\Microsoft Visual C# 2010 Express - ENU) (Version: 10.0.30319 - Microsoft Corporation)

Microsoft Visual C# 2010 Express - ENU (x32 Version: 10.0.30319 - Microsoft Corporation) Hidden

Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)

Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)

Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)

Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)

Microsoft Visual C++ 2008 Redistributable - x64 9.0.21022 (HKLM\...\{350AA351-21FA-3270-8B7A-835434E766AD}) (Version: 9.0.21022 - Microsoft Corporation)

Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)

Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)

Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)

Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)

Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729 (HKLM-x32\...\{820B6609-4C97-3A2B-B644-573B06A0F0CC}) (Version: 9.0.30729 - Microsoft Corporation)

Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (x32 Version: 9.0.30729 - Microsoft Corporation) Hidden

Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)

Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4974 (HKLM-x32\...\{B7E38540-E355-3503-AFD7-635B2F2F76E1}) (Version: 9.0.30729.4974 - Microsoft Corporation)

Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)

Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)

Microsoft Visual C++ 2010  x64 Runtime - 10.0.30319 (HKLM\...\{94D70749-4281-39AC-AD90-B56A0E0A402E}) (Version: 10.0.30319 - Microsoft Corporation)

Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)

Microsoft Visual C++ 2010 Express - ENU (HKLM-x32\...\Microsoft Visual C++ 2010 Express - ENU) (Version: 10.0.30319 - Microsoft Corporation)

Microsoft Visual C++ 2010 Express - ENU (x32 Version: 10.0.30319 - Microsoft Corporation) Hidden

Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.60610 (HKLM-x32\...\{a1909659-0a08-4554-8af1-2175904903a1}) (Version: 11.0.60610.1 - Microsoft Corporation)

Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.60610 (HKLM-x32\...\{95716cce-fc71-413f-8ad5-56c2892d4b3a}) (Version: 11.0.60610.1 - Microsoft Corporation)

Microsoft Visual C++ 2012 x64 Additional Runtime - 11.0.60610 (Version: 11.0.60610 - Microsoft Corporation) Hidden

Microsoft Visual C++ 2012 x64 Minimum Runtime - 11.0.60610 (Version: 11.0.60610 - Microsoft Corporation) Hidden

Microsoft Visual C++ 2012 x86 Additional Runtime - 11.0.60610 (x32 Version: 11.0.60610 - Microsoft Corporation) Hidden

Microsoft Visual C++ 2012 x86 Minimum Runtime - 11.0.60610 (x32 Version: 11.0.60610 - Microsoft Corporation) Hidden

Microsoft Visual Studio 2010 ADO.NET Entity Framework Tools (HKLM-x32\...\{14DD7530-CCD2-3798-B37D-3839ED6A441C}) (Version: 10.0.30319 - Microsoft Corporation)

Microsoft Visual Studio 2010 Express Prerequisites x64 - ENU (HKLM\...\{BCA26999-EC22-3007-BB79-638913079C9A}) (Version: 10.0.30319 - Microsoft Corporation)

Microsoft XNA Framework Redistributable 4.0 (HKLM-x32\...\{2BFC7AA0-544C-4E3A-8796-67F3BE655BE9}) (Version: 4.0.20823.0 - Microsoft Corporation)

Microsoft_VC80_CRT_x86 (x32 Version: 8.0.50727.4053 - Adobe) Hidden

Microsoft_VC90_CRT_x86 (x32 Version: 1.00.0000 - Adobe) Hidden

MIDI to MP3 Converter (HKLM-x32\...\MIDI to MP3 Converter) (Version: 2.0 - FileConv Studio)

Minecraft Note Block Studio version 3.1.3 (HKLM-x32\...\{85725958-E3A1-4D0F-862B-4CE4EDC71A5E}_is1) (Version: 3.1.3 - David Norgren)

Mousotron 8.0 (HKLM-x32\...\Mousotron_is1) (Version: 8.0 - Blacksun Software)

Movie Maker (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden

Mozilla Firefox 30.0 (x86 en-US) (HKLM-x32\...\Mozilla Firefox 30.0 (x86 en-US)) (Version: 30.0 - Mozilla)

Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 29.0.1 - Mozilla)

MP3 2 Ogg Lab 2004 (HKLM-x32\...\MP3 2 Ogg Lab 2004_is1) (Version:  - MP3 Surgeon)

MP3Converter.Me (HKLM-x32\...\{C3E3CDCC-18D7-49FA-8596-90CED7327F46}) (Version: 1.0.0 - MP3Converter.Me)

MSVCRT (x32 Version: 15.4.2862.0708 - Microsoft) Hidden

MSVCRT Redists (Version: 1.0 - Sony Creative Software Inc.) Hidden

MSVCRT110 (x32 Version: 16.4.1108.0727 - Microsoft) Hidden

MSVCRT110_amd64 (Version: 16.4.1109.0912 - Microsoft) Hidden

MSXML 4.0 SP2 (KB954430) (HKLM-x32\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)

MSXML 4.0 SP2 (KB973688) (HKLM-x32\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)

MySQL Installer (HKLM-x32\...\{AE38A781-109B-428B-B695-F6F9DA05E292}) (Version: 1.0.19.0 - Oracle Corporation)

MySQL Server 5.5 (HKLM\...\{04D42880-78A6-43EC-BAA8-7B1D1B2BB3E7}) (Version: 5.5.26 - Oracle Corporation)

NASCAR® Racing 2003 Season Demo (HKLM-x32\...\{5193711F-4F46-418D-AE18-C453599807EE}) (Version:  - Sierra Entertainment)

NaturalReaderFree (HKLM-x32\...\{C5E7BF75-007E-44AD-8962-627ED44CB63B}) (Version: 11 - NaturalSoft)

Nexus Mod Manager (HKLM\...\6af12c54-643b-4752-87d0-8335503010de_is1) (Version: 0.48.2 - Black Tree Gaming)

Notepad++ (HKLM-x32\...\Notepad++) (Version: 6.1.6 - )

NVIDIA 3D Vision Driver 296.39 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 296.39 - NVIDIA Corporation)

NVIDIA Control Panel 296.39 (Version: 296.39 - NVIDIA Corporation) Hidden

NVIDIA Graphics Driver 296.39 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 296.39 - NVIDIA Corporation)

NVIDIA Install Application (Version: 2.1002.62.312 - NVIDIA Corporation) Hidden

NVIDIA Optimus 1.7.12 (Version: 1.7.12 - NVIDIA Corporation) Hidden

NVIDIA PhysX (x32 Version: 9.12.0213 - NVIDIA Corporation) Hidden

NVIDIA PhysX System Software 9.12.0213 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.12.0213 - NVIDIA Corporation)

NVIDIA Stereoscopic 3D Driver (x32 Version: 7.17.12.9639 - NVIDIA Corporation) Hidden

NVIDIA Update 1.7.12 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update) (Version: 1.7.12 - NVIDIA Corporation)

NVIDIA Update Components (Version: 1.7.12 - NVIDIA Corporation) Hidden

Oracle VM VirtualBox 4.3.12 (HKLM\...\{B5121457-0126-4E62-BCBF-6DC7C73D9E4A}) (Version: 4.3.12 - Oracle Corporation)

Paint.NET v3.5.10 (HKLM\...\{529125EF-E3AC-4B74-97E6-F688A7C0F1C0}) (Version: 3.60.0 - dotPDN LLC)

Pando Media Booster (HKLM-x32\...\{980A182F-E0A2-4A40-94C1-AE0C1235902E}) (Version: 2.6.0.8 - Pando Networks Inc.)

Pastebin Desktop (HKLM-x32\...\Pastebin Desktop) (Version:  - )

PDF Settings CS6 (x32 Version: 11.0 - Adobe Systems Incorporated) Hidden

Photo Gallery (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden

Pirate101 (HKLM-x32\...\{662140BE-138C-4DC1-B4CD-B62C6C855A25}) (Version: 1.0.0 - KingsIsle Entertainment, Inc.)

Pixillion Image Converter (HKLM-x32\...\Pixillion) (Version:  - NCH Software)

Plague Inc: Evolved (HKLM-x32\...\Steam App 246620) (Version:  - Ndemic Creations)

Port Forward Network Utilities 2.0.1 (HKLM-x32\...\Port Forward Network Utilities) (Version: 2.0.1 - Portforward.com)

Prism Video File Converter (HKLM-x32\...\Prism) (Version:  - NCH Software)

PSE10 STI Installer (x32 Version: 10.0 - Adobe Systems Incorporated) Hidden

PunkBuster Services (HKLM-x32\...\PunkBusterSvc) (Version: 0.988 - Even Balance, Inc.)

Python 3.3.0 (64-bit) (HKLM\...\{290329c4-a276-3aec-b633-9f5a39d8dd96}) (Version: 3.3.150 - Python Software Foundation)

QualxServ Service Agreement (HKLM-x32\...\{18401E1E-1E44-461A-A4B2-E48B1A727818}) (Version: 2.0.0 - Dell Inc.)

QuickTime (HKLM-x32\...\{B67BAFBA-4C9F-48FA-9496-933E3B255044}) (Version: 7.74.80.86 - Apple Inc.)

Rainmeter (HKLM-x32\...\Rainmeter) (Version: 3.0 beta r2022 - )

Raptr (HKLM-x32\...\Raptr) (Version:  - )

RAR Password Cracker (HKLM-x32\...\RAR Password Cracker) (Version: 4.12 - dnSoft Research Group)

Razer Game Booster (HKLM-x32\...\Razer Game Booster_is1) (Version: 4.2.45.0 - Razer Inc.)

Razer Synapse 2.0 (HKLM-x32\...\{0D78BEE2-F8FF-4498-AF1A-3FF81CED8AC6}) (Version: 1.11.3 - Razer Inc.)

ReaguLaarDeals (HKLM-x32\...\{76DEE3DC-2B8B-E212-2126-D31D9E73DFE4}) (Version:  - RegularDeaLs)

RegInOut System Utilities (HKLM-x32\...\RegInOut System Utilities4.0.0.1) (Version: 4.0.0.1 - SORCIM Technologies)

Rigs of Rods 0.38.67 (HKLM-x32\...\Rigs of Rods 0.38.67) (Version: 0.38.67 - Rigs of Rods Team)

ROBLOX Player (HKLM-x32\...\{373B1718-8CC5-4567-8EE2-9033AD08A680}) (Version:  - ROBLOX Corporation)

ROBLOX Studio 2013 (HKLM-x32\...\{2922D6F1-2865-4EFA-97A9-94EEAB3AFA14}) (Version:  - ROBLOX Corporation)

Robocraft (HKLM-x32\...\Steam App 301520) (Version:  - Freejam)

Scratch (HKLM-x32\...\Scratch) (Version: 1.4.0.0 - MIT Media Lab Lifelong Kindergarten Group)

Sentinel Protection Installer 7.6.1 (HKLM-x32\...\{7B1AA2AB-ACD2-45C7-B1B1-364BEA40615F}) (Version: 7.6.1 - SafeNet, Inc.)

Ship Simulator Extremes (HKLM-x32\...\Steam App 48800) (Version:  - VStep)

ShopuDrop (HKLM-x32\...\{B6D700D3-3D0D-FEEB-D675-2CE78F9EC5D6}) (Version:  - ShhoPDraop)

Skype Click to Call (HKLM-x32\...\{6D1221A9-17BF-4EC0-81F2-27D30EC30701}) (Version: 7.3.16540.9015 - Microsoft Corporation)

Skype™ 6.16 (HKLM-x32\...\{7A3C7E05-EE37-47D6-99E1-2EB05A3DA3F7}) (Version: 6.16.105 - Skype Technologies S.A.)

Software Version Updater (HKLM-x32\...\{99C91FC5-DB5B-4AA0-BB70-5D89C5A4DF96}) (Version: 1.1.3.8 - ) <==== ATTENTION

Sound Blaster Recon3Di (HKLM-x32\...\{C8AAFCDC-CD3A-40AD-9FA9-07FB70F08224}) (Version: 1.00.08 - Creative Technology Limited)

Sound Blaster Recon3Di Extras (HKLM-x32\...\{C45E715E-442E-4D82-BD46-A08A0870957C}) (Version: 1.0 - Creative Technology Limited)

SpeedBit Video Accelerator (HKLM-x32\...\SpeedBit Video Accelerator) (Version: 3310(build_3019) - SpeedBit Ltd.)

SpeedCap 1.0 (HKLM-x32\...\{6DB8C365-E719-4BA5-9594-10DFC244D3FD}_is1) (Version:  - )

Spintires (HKLM-x32\...\Steam App 263280) (Version:  - Oovee® Game Studios)

ST Microelectronics 3 Axis Digital Accelerometer Solution (HKLM-x32\...\{9C24F411-9CA7-4A8A-91F3-F08A4A38EB31}) (Version: 4.12.0018 - ST Microelectronics)

Star Trek Online (HKLM-x32\...\Star Trek Online) (Version:  - Cryptic Studios)

Star wars Battlefront II version 1.3 (HKLM-x32\...\{2EF34761-F147-4984-8AF1-BB9F8DA76CDD}_is1) (Version: 1.3 - )

Steam (HKLM-x32\...\{048298C9-A4D3-490B-9FF9-AB023A9238F3}) (Version: 1.0.0.0 - Valve Corporation)

Sumotori Dreams (HKLM-x32\...\Sumotori Dreams) (Version:  - )

Sumotori Full Version (HKLM-x32\...\Sumotori Full Version) (Version:  - )

SWF to AVI (HKLM-x32\...\{3315B802-84C6-47BC-907A-9B77A4646197}_is1) (Version:  - www.swftoavi.com)

Switch Sound File Converter (HKLM-x32\...\Switch) (Version:  - NCH Software)

Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 16.0.4.0 - Synaptics Incorporated)

Synthesia (HKLM-x32\...\Synthesia) (Version: 9 - Synthesia LLC)

System Requirements Lab CYRI (HKLM-x32\...\{19B0831B-0C18-4103-86E4-90FCD04CD3B9}) (Version: 6.0.12.5 - Husdawg, LLC)

System Requirements Lab Detection (HKLM-x32\...\{33CCDAF8-9F2C-4F03-8536-B146EF06AC08}) (Version: 2.0.0.0 - Husdawg, LLC)

System Requirements Lab for Intel (HKLM-x32\...\{C7CA731B-BF9A-46D9-92CF-8A8737AE9240}) (Version: 4.5.13.0 - Husdawg, LLC)

TeamSpeak 3 Client (HKCU\...\TeamSpeak 3 Client) (Version: 3.0.15 - TeamSpeak Systems GmbH)

TeamSpeak 3 Client (HKLM\...\TeamSpeak 3 Client) (Version: 3.0.6 - TeamSpeak Systems GmbH)

Terraria (HKLM-x32\...\Steam App 105600) (Version:  - Re-Logic)

The Elder Scrolls V: Skyrim (HKLM-x32\...\Steam App 72850) (Version:  - Bethesda Game Studios)

TidyNetwork (HKCU\...\TidyNetwork) (Version:  - TidyNetwork)

TortoiseSVN 1.8.4.24972 (64 bit) (HKLM\...\{A2EFDE01-96B3-4E55-8834-81617ED6BCBE}) (Version: 1.8.24972 - TortoiseSVN)

Total Screen Recorder Gold 1.5 (HKLM-x32\...\{9BF42FDC-FFD3-4F30-B0D5-DA8A6E5316F7}_is1) (Version: 1.5 - Total Screen Recorder, Inc.)

Unity (HKLM-x32\...\Unity) (Version:  - Unity Technologies ApS)

Unity Web Player (HKCU\...\UnityWebPlayer) (Version:  - Unity Technologies ApS)

Universe Sandbox (HKLM-x32\...\Steam App 72200) (Version:  - Giant Army)

Update for Microsoft Office 2010 (KB2553065) (HKLM\...\{91140000-0011-0000-1000-0000000FF1CE}_Office14.PROPLUSR_{57CEB66B-DD29-4883-92A2-671331657B52}) (Version:  - Microsoft)

Update for Microsoft Office 2010 (KB2553092) (HKLM\...\{90140000-0044-0409-1000-0000000FF1CE}_Office14.PROPLUSR_{E636FE63-842B-4F4B-9884-DA189ACC0B91}) (Version:  - Microsoft)

Update for Microsoft Office 2010 (KB2553092) (HKLM\...\{91140000-0011-0000-1000-0000000FF1CE}_Office14.PROPLUSR_{E636FE63-842B-4F4B-9884-DA189ACC0B91}) (Version:  - Microsoft)

Update for Microsoft Office 2010 (KB2553181) 64-Bit Edition (HKLM\...\{90140000-0043-0000-1000-0000000FF1CE}_Office14.PROPLUSR_{E24F10E6-7D9B-4E3A-B6CF-4C3257A382CD}) (Version:  - Microsoft)

Update for Microsoft Office 2010 (KB2553181) 64-Bit Edition (HKLM\...\{91140000-0011-0000-1000-0000000FF1CE}_Office14.PROPLUSR_{E24F10E6-7D9B-4E3A-B6CF-4C3257A382CD}) (Version:  - Microsoft)

Update for Microsoft Office 2010 (KB2553267) 64-Bit Edition (HKLM\...\{91140000-0011-0000-1000-0000000FF1CE}_Office14.PROPLUSR_{3E381AC3-30C3-41D7-9B27-B3F3E17BDCB8}) (Version:  - Microsoft)

Update for Microsoft Office 2010 (KB2553310) 64-Bit Edition (HKLM\...\{90140000-006E-0409-1000-0000000FF1CE}_Office14.PROPLUSR_{D9CF6D64-9342-4C83-A9C1-F45DE139F2A7}) (Version:  - Microsoft)

Update for Microsoft Office 2010 (KB2553378) 64-Bit Edition (HKLM\...\{91140000-0011-0000-1000-0000000FF1CE}_Office14.PROPLUSR_{CABC3FE9-02BD-47C8-8576-EA3E8BB1BE1A}) (Version:  - Microsoft)

Update for Microsoft Office 2010 (KB2566458) (HKLM\...\{90140000-0043-0000-1000-0000000FF1CE}_Office14.PROPLUSR_{A6C194EA-C6CB-4314-9E43-AD1F4A1E9D74}) (Version:  - Microsoft)

Update for Microsoft Office 2010 (KB2598242) 64-Bit Edition (HKLM\...\{90140000-001F-0409-1000-0000000FF1CE}_Office14.PROPLUSR_{A8EC00BF-EDF5-46F0-B466-C4312722D8F3}) (Version:  - Microsoft)

Update for Microsoft Office 2010 (KB2598242) 64-Bit Edition (HKLM\...\{90140000-001F-040C-1000-0000000FF1CE}_Office14.PROPLUSR_{02A7E7E4-15FB-4240-963D-61E9029E0135}) (Version:  - Microsoft)

Update for Microsoft Office 2010 (KB2598242) 64-Bit Edition (HKLM\...\{90140000-001F-0C0A-1000-0000000FF1CE}_Office14.PROPLUSR_{BE0D098C-1F21-481C-BA71-ECAD0F770E23}) (Version:  - Microsoft)

Update for Microsoft Office 2010 (KB2687509) 64-Bit Edition (HKLM\...\{90140000-0043-0000-1000-0000000FF1CE}_Office14.PROPLUSR_{7750DF63-F5DC-4198-8B8B-AE03B212F462}) (Version:  - Microsoft)

Update for Microsoft Office 2010 (KB2687509) 64-Bit Edition (HKLM\...\{91140000-0011-0000-1000-0000000FF1CE}_Office14.PROPLUSR_{7750DF63-F5DC-4198-8B8B-AE03B212F462}) (Version:  - Microsoft)

Update for Microsoft Office 2010 (KB2760631) 64-Bit Edition (HKLM\...\{91140000-0011-0000-1000-0000000FF1CE}_Office14.PROPLUSR_{B6AD7E27-012A-4B63-82BA-AF62893E5435}) (Version:  - Microsoft)

Update for Microsoft Office 2010 (KB2767886) 64-Bit Edition (HKLM\...\{91140000-0011-0000-1000-0000000FF1CE}_Office14.PROPLUSR_{204B60A2-CCEA-4075-9F58-B7BC1BA5E742}) (Version:  - Microsoft)

Update for Microsoft OneNote 2010 (KB2553290) 64-Bit Edition (HKLM\...\{90140000-00A1-0409-1000-0000000FF1CE}_Office14.PROPLUSR_{8D07F876-D93A-4CF7-B801-1D41AB2BF60B}) (Version:  - Microsoft)

Update for Microsoft Outlook 2010 (KB2597090) 64-Bit Edition (HKLM\...\{91140000-0011-0000-1000-0000000FF1CE}_Office14.PROPLUSR_{0977F620-BD31-41EC-B18C-31E341D5935E}) (Version:  - Microsoft)

Update for Microsoft Outlook 2010 (KB2687623) 64-Bit Edition (HKLM\...\{90140000-001A-0409-1000-0000000FF1CE}_Office14.PROPLUSR_{0B6EF241-90CC-4AC7-B36F-2EECB12E61CF}) (Version:  - Microsoft)

Update for Microsoft Outlook Social Connector 2010 (KB2553406) 64-Bit Edition (HKLM\...\{90140000-001A-0409-1000-0000000FF1CE}_Office14.PROPLUSR_{4C975BB2-B3EE-4F66-A8E7-5C917B7C439D}) (Version:  - Microsoft)

Update for Microsoft Outlook Social Connector 2010 (KB2553406) 64-Bit Edition (HKLM\...\{91140000-0011-0000-1000-0000000FF1CE}_Office14.PROPLUSR_{7861C766-2AA2-4A50-AB75-A57D451CEA76}) (Version:  - Microsoft)

Update for Microsoft PowerPoint 2010 (KB2598240) 64-Bit Edition (HKLM\...\{91140000-0011-0000-1000-0000000FF1CE}_Office14.PROPLUSR_{AF61D314-0E39-485E-A603-2B2F03AB7376}) (Version:  - Microsoft)

Update for Microsoft SharePoint Workspace 2010 (KB2589371) 64-Bit Edition (HKLM\...\{90140000-0043-0000-1000-0000000FF1CE}_Office14.PROPLUSR_{E1757044-ECB2-4551-B1D5-5E39F7E109CE}) (Version:  - Microsoft)

Update for Microsoft SharePoint Workspace 2010 (KB2589371) 64-Bit Edition (HKLM\...\{91140000-0011-0000-1000-0000000FF1CE}_Office14.PROPLUSR_{E1757044-ECB2-4551-B1D5-5E39F7E109CE}) (Version:  - Microsoft)

Vegas Pro 11.0 (64-bit) (HKLM\...\{43EBA222-8DF7-11E1-862B-F04DA23A5C58}) (Version: 11.0.683 - Sony)

VideoPad Video Editor (HKLM-x32\...\VideoPad) (Version:  - NCH Software)

VIO Player version 1.2 (HKLM-x32\...\{2A9009E1-122C-4692-B442-A750C0DE7BA1}_is1) (Version: 1.2 - VIO Player)

Visual Studio 2008 x64 Redistributables (HKLM-x32\...\{FCDBEA60-79F0-4FAE-BBA8-55A26C609A49}) (Version: 10.0.0.2 - AVG Technologies)

Visual Studio 2010 Tools for SQL Server Compact 3.5 SP2 ENU (HKLM-x32\...\{112C23F2-C036-4D40-BED4-0CB47BF5555C}) (Version: 4.0.8080.0 - Microsoft Corporation)

VLC media player 2.0.3 (HKLM-x32\...\VLC media player) (Version: 2.0.3 - VideoLAN)

Voxatron 0.2.9 (HKLM-x32\...\Voxatron) (Version: 0.2.9 - Lexaloffle Games)

WavePad Sound Editor (HKLM-x32\...\WavePad) (Version:  - NCH Software)

Windows Live Communications Platform (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden

Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 16.4.3508.0205 - Microsoft Corporation)

Windows Live Essentials (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden

Windows Live ID Sign-in Assistant (Version: 7.250.4311.0 - Microsoft Corporation) Hidden

Windows Live Installer (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden

Windows Live Photo Common (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden

Windows Live PIMT Platform (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden

Windows Live SOXE (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden

Windows Live SOXE Definitions (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden

Windows Live UX Platform (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden

Windows Live UX Platform Language Pack (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden

WinPcap 4.1.2 (HKLM-x32\...\WinPcapInst) (Version: 4.1.0.2001 - CACE Technologies)

WinRAR 4.20 (32-bit) (HKLM-x32\...\WinRAR archiver) (Version: 4.20.0 - win.rar GmbH)

Wizard101 (HKLM-x32\...\{A9E27FF5-6294-46A8-B8FD-77B1DECA3021}) (Version: 1.0.0 - KingsIsle Entertainment, Inc.)

Wolfram Mathematica 9 (M-WIN-L 9.0.1 4055652) (HKLM\...\M-WIN-L 9.0.1 4055652_is1) (Version: 9.0.1 - Wolfram Research, Inc.)

World of Warcraft (HKLM-x32\...\World of Warcraft) (Version:  - Blizzard Entertainment)

Xilisoft Audio Converter 6 (HKLM-x32\...\Xilisoft Audio Converter 6) (Version: 6.4.0.20121010 - Xilisoft)

Xvid Video Codec (HKLM-x32\...\Xvid Video Codec 1.3.2) (Version: 1.3.2 - Xvid Team)

 

==================== Custom CLSID (selected items): ==========================

 

(If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)

 

CustomCLSID: HKU\S-1-5-21-1126745806-3093530448-7569978-1001_Classes\CLSID\{005A3A96-BAC4-4B0A-94EA-C0CE100EA736}\localserver32 -> C:\Users\Andre\AppData\Roaming\Dropbox\bin\Dropbox.exe ()

CustomCLSID: HKU\S-1-5-21-1126745806-3093530448-7569978-1001_Classes\CLSID\{4c542487-eae3-4ed5-8b97-b47c782733a7}\InprocServer32 -> C:\Windows\system32\dfshim.dll (Microsoft Corporation)

CustomCLSID: HKU\S-1-5-21-1126745806-3093530448-7569978-1001_Classes\CLSID\{A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E}\InprocServer32 -> C:\Users\Andre\AppData\Local\Microsoft\SkyDrive\16.4.6013.0910\amd64\SkyDriveShell64.dll (Microsoft Corporation)

CustomCLSID: HKU\S-1-5-21-1126745806-3093530448-7569978-1001_Classes\CLSID\{BBACC218-34EA-4666-9D7A-C78F2274A524}\InprocServer32 -> C:\Users\Andre\AppData\Local\Microsoft\SkyDrive\16.4.6013.0910\amd64\SkyDriveShell64.dll (Microsoft Corporation)

CustomCLSID: HKU\S-1-5-21-1126745806-3093530448-7569978-1001_Classes\CLSID\{D45F043D-F17F-4e8a-8435-70971D9FA46D}\InprocServer32 -> C:\Program Files (x86)\Blender Foundation\Blender\BlendThumb64.dll ()

CustomCLSID: HKU\S-1-5-21-1126745806-3093530448-7569978-1001_Classes\CLSID\{F241C880-6982-4CE5-8CF7-7085BA96DA5A}\InprocServer32 -> C:\Users\Andre\AppData\Local\Microsoft\SkyDrive\16.4.6013.0910\amd64\SkyDriveShell64.dll (Microsoft Corporation)

CustomCLSID: HKU\S-1-5-21-1126745806-3093530448-7569978-1001_Classes\CLSID\{F8071786-1FD0-4A66-81A1-3CBE29274458}\InprocServer32 -> C:\Users\Andre\AppData\Local\Microsoft\SkyDrive\16.4.6013.0910\amd64\FileSyncApi64.dll (Microsoft Corporation)

CustomCLSID: HKU\S-1-5-21-1126745806-3093530448-7569978-1001_Classes\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Andre\AppData\Roaming\Dropbox\bin\DropboxExt64.22.dll (Dropbox, Inc.)

CustomCLSID: HKU\S-1-5-21-1126745806-3093530448-7569978-1001_Classes\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Andre\AppData\Roaming\Dropbox\bin\DropboxExt64.22.dll (Dropbox, Inc.)

CustomCLSID: HKU\S-1-5-21-1126745806-3093530448-7569978-1001_Classes\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Andre\AppData\Roaming\Dropbox\bin\DropboxExt64.22.dll (Dropbox, Inc.)

CustomCLSID: HKU\S-1-5-21-1126745806-3093530448-7569978-1001_Classes\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Andre\AppData\Roaming\Dropbox\bin\DropboxExt64.22.dll (Dropbox, Inc.)

 

==================== Restore Points  =========================

 

04-08-2014 01:26:16 Scheduled Checkpoint

04-08-2014 14:15:25 Windows Update

 

==================== Hosts content: ==========================

 

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

 

2009-07-13 21:34 - 2009-06-10 16:00 - 00000824 ____A C:\Windows\system32\Drivers\etc\hosts

 

==================== Scheduled Tasks (whitelisted) =============

 

(If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.)

 

Task: {04094ACA-6101-41B4-B6CE-8486E1886143} - System32\Tasks\{EF0B6366-FE86-4BAA-A172-C69E2CAD85E5} => C:\Users\Andre\Desktop\Simfam\INFO.EXE

Task: {047AB952-D89D-451F-B345-AC1FE9B48005} - System32\Tasks\{2128E508-3F8C-477D-9996-68719DE10D31} => C:\Users\Andre\KSP_win\Patcher.exe [2013-05-23] ()

Task: {10667766-430C-43F1-84D0-D473C13FDC3F} - System32\Tasks\{9753B072-F2D9-48B4-8C42-62A87730ECA1} => C:\Users\Andre\Desktop\Simfam\INFO.EXE

Task: {12980C63-8E5F-48E7-BE5F-425855036FD4} - System32\Tasks\RegClean Pro => C:\Program Files (x86)\RegClean Pro\RegCleanPro.exe <==== ATTENTION

Task: {14D6D5F6-7862-4A84-899C-E7747AD3FAD4} - System32\Tasks\{AED7ADA7-C265-4B08-A2B2-D9712A3B6B43} => C:\Users\Andre\Desktop\Simfam\INFO.EXE

Task: {1B545489-AC70-453C-85B6-F1E3B7A0D0CA} - System32\Tasks\{220CE8D8-2646-4E92-A100-08CBDE168701} => C:\Users\Andre\KSP_win\Patcher.exe [2013-05-23] ()

Task: {2B9E2916-88AB-4C7A-A799-4D92BC2F9970} - System32\Tasks\{B9CA4FED-DBEA-4BEC-B3C8-D59CD2CB04B6} => C:\Users\Andre\Desktop\Simfam\INFO.EXE

Task: {2DE4C538-0620-4237-9848-7731E21980E8} - System32\Tasks\Game_Booster_Startup => C:\Program Files (x86)\IObit\Game Booster 3\gbtray.exe

Task: {2EE372F2-0D7F-49CA-BB15-541DD5574C90} - System32\Tasks\LaunchApp => C:\Program Files (x86)\JustCloud\JustCloud.exe [2012-12-25] (JustCloud.com)

Task: {2FC974EF-8F48-4806-8531-552A19B1365A} - System32\Tasks\{98BE2DA4-2C66-434A-9AF4-F15514CE0D62} => C:\Users\Andre\Desktop\Simfam\INSTALL.EXE

Task: {32DFA58F-C694-4240-A3A1-1478A519A067} - System32\Tasks\{19063F75-0959-4D28-9CCE-21E07ED590AB} => C:\Users\Andre\Desktop\Simfam\INSTALL.EXE

Task: {33AC5F18-5C7B-4AFF-917F-A080CDE2EAE2} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2011-06-01] (Apple Inc.)

Task: {3FDEC9F4-60C1-4F6E-9AD7-5FB52323A1D5} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-1126745806-3093530448-7569978-1001Core => C:\Users\Andre\AppData\Local\Google\Update\GoogleUpdate.exe [2014-08-06] ()

Task: {497AE90B-1857-47B1-B961-494F0A4C272E} - System32\Tasks\{19367B33-1531-4BC6-A496-C1F946B8AD83} => C:\Users\Andre\Desktop\Simfam\INFO.EXE

Task: {4C7B89EF-BFC1-42A4-86C8-13741B9843C9} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2014-05-27] (Adobe Systems Incorporated)

Task: {4D09757B-4D27-40A9-B659-1FDC2D26602D} - System32\Tasks\{3A5CBD49-A919-40E8-B888-2928FAB450D6} => C:\Users\Andre\Desktop\Simfam\INFO.EXE

Task: {5473DDA1-B2B1-4AEA-BC71-49BE7E30B046} - System32\Tasks\{B8C35793-8A81-4BEE-8306-3D852013A7A6} => C:\Users\Andre\Desktop\Simfam\INSTALL.EXE

Task: {55888F78-89A8-4D03-AC55-0CEBE3029D67} - System32\Tasks\RegClean Pro_UPDATES => C:\Program Files (x86)\RegClean Pro\RegCleanPro.exe <==== ATTENTION

Task: {5FCCCC57-3E0D-44A7-BABB-CD0818B95A88} - System32\Tasks\{7A6AAEBC-E74F-47B2-A7D4-FA2EEFAFA357} => C:\Users\Andre\Desktop\Simfam\INSTALL.EXE

Task: {62616E1B-A1FF-41B8-B5CF-E473301A868F} - System32\Tasks\PCDoctorBackgroundMonitorTask => C:\Program Files\AlienAutopsy\uaclauncher.exe [2013-12-19] (PC-Doctor, Inc.)

Task: {6694A963-ED41-4EC9-AD85-580DB6A322F6} - System32\Tasks\WS.Booster-S-1431105474 => c:\programdata\safesoft\ws.booster\WS.Booster.exe <==== ATTENTION

Task: {68C0B7D4-D33C-4608-BB42-0448A4E18F66} - System32\Tasks\Games\UpdateCheck_S-1-5-21-1126745806-3093530448-7569978-1001

Task: {6C336170-79FB-48CE-9A02-4790A353805C} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-1126745806-3093530448-7569978-1001UA => C:\Users\Andre\AppData\Local\Google\Update\GoogleUpdate.exe [2014-08-06] ()

Task: {6E3E3987-1F5A-4895-AB27-A380D9BE12E7} - System32\Tasks\GS.Enabler-S-1824435291 => c:\programdata\house of soft\gs.enabler\GS.Enabler.exe <==== ATTENTION

Task: {79020356-AF92-4328-A861-83BC1AE15DF6} - System32\Tasks\{C21BC4F0-51FC-4C44-80BD-2AD23FD39AC2} => C:\Users\Andre\Desktop\Simfam\INSTALL.EXE

Task: {7BD8787E-948B-47EC-AB1E-7DE05C4265C6} - System32\Tasks\{3A64882A-99E1-4258-8FF0-3AB0B72318A5} => C:\Users\Andre\Desktop\Simfam\INFO.EXE

Task: {7F8AA49B-5D12-4732-BC9C-A3F5E8B3DAAA} - System32\Tasks\{6A6A65C7-C6CA-457E-A4C6-189FCABC668F} => C:\Users\Andre\Desktop\Simfam\INSTALL.EXE

Task: {81686180-B7C8-407C-B227-E106122DA13C} - System32\Tasks\TidyNetwork Update => C:\Users\Andre\AppData\Local\TidyNetwork\petnupdate.exe [2014-02-23] ()

Task: {9085836D-C2F9-4196-8A61-EBC8C994CD67} - System32\Tasks\RunMCServerOnStartup\Server => C:\Users\Andre\Desktop\Games\Minecraft\Minecraft server\Survival\run.bat

Task: {9532A307-75DE-41D0-9034-F9CFDA8D3088} - System32\Tasks\RunMCServerOnStartup\MinecraftOnStartup => C:\Users\Andre\Desktop\Minecraft.bat

Task: {97FB33F0-51CE-4A17-86C3-D2440119072F} - System32\Tasks\{62EDE147-40F2-47BE-AB31-1B983F2A28EC} => C:\Users\Andre\Desktop\Simfam\INFO.EXE

Task: {98CE077E-35CE-47D6-9EC9-3D966A338003} - System32\Tasks\{A8954C34-BB1F-430B-8663-A4D9D9DB6B2A} => C:\Users\Andre\Desktop\Simfam\SIMFARM.EXE

Task: {9ACD3557-34C8-44AC-9072-8400190025B0} - System32\Tasks\AmiUpdXp => C:\Users\Andre\AppData\Local\13677\a7110.exe [2014-08-06] ()

Task: {9AE8C160-A5DA-43DB-BCF3-6A55EFF3B63F} - System32\Tasks\{ABCAD76E-5206-463C-86D0-1FAF5E17D0A6} => C:\Users\Andre\Desktop\Simfam\SIMFARM.EXE

Task: {A097E6EA-774F-482D-9592-9D87D14E505C} - System32\Tasks\{0A2A9BA1-182A-4020-B530-187FAE0DE36E} => C:\Users\Andre\Desktop\Simfam\INFO.EXE

Task: {A45793B2-CE40-479E-A5D2-24B5B9D36143} - System32\Tasks\{31303B82-9526-4B72-A0EB-7AFE64971E4C} => C:\Users\Andre\Desktop\SimFarm\SIMFARM.EXE

Task: {A6570D74-4D21-4AAB-971F-CA7126005C7E} - System32\Tasks\PCDEventLauncherTask => C:\Program Files\AlienAutopsy\sessionchecker.exe [2013-12-19] (PC-Doctor, Inc.)

Task: {AA5C3D34-8119-4033-A3C7-42290EA029FF} - System32\Tasks\{615CC3CB-A1B9-4EB6-9CFE-6DCD4E3E0A83} => C:\Users\Andre\Desktop\Simfam\INFO.EXE

Task: {AB9C5E5F-98E3-4F4A-9C4B-9C8419698F51} - System32\Tasks\{7848507E-1E01-46B5-888F-8D19BB2D1B61} => C:\Users\Andre\Desktop\Simfam\INFO.EXE

Task: {AD6C6D35-08A5-4158-B373-4A07830DE7B4} - System32\Tasks\{75FAAA6A-FDF1-45E8-8117-07E99D0E1B5F} => C:\Users\Andre\Desktop\Simfam\INSTALL.EXE

Task: {AF6F7B6C-2427-4584-9578-2D1621903D37} - System32\Tasks\{0DA96CDC-FA39-478D-89A9-E39CA2F0AE4D} => C:\Users\Andre\Desktop\evasi0n7.exe

Task: {B42B6D92-8B9D-4ED3-A299-B4C16642CA2E} - System32\Tasks\{7010F12A-1B74-4526-AEFB-4C10E45CC8D6} => C:\Users\Andre\Desktop\Simfam\INFO.EXE

Task: {B624389D-7786-484D-B114-8E5A6A63E76A} - System32\Tasks\{1926A9AA-2879-4FA6-8EB2-89B2A4BF412E} => C:\Users\Andre\Desktop\Simfam\INFO.EXE

Task: {B9450B50-D4A1-47E0-9A58-A35220C36DBB} - System32\Tasks\{AF7AEEDA-8305-4E6E-9DEA-723D8ABDFE4D} => C:\Users\Andre\Desktop\Simfam\INSTALL.EXE

Task: {BA7468E2-6E88-462F-883D-080FE060C382} - System32\Tasks\{76586A39-AC58-4E45-8511-FCF0AB0DE33F} => C:\Users\Andre\Desktop\Simfam\INFO.EXE

Task: {BAB19E4D-5D5F-4C36-B5A4-92A59B7F2E9A} - System32\Tasks\{31807671-3F8B-4282-AC7A-F274140FD4E2} => C:\Users\Andre\Desktop\Simfam\INSTALL.EXE

Task: {BE41D78A-7562-4B34-BCA3-39D1CE7AA914} - System32\Tasks\Advanced System Protector_startup => C:\Program Files (x86)\Advanced System Protector\AdvancedSystemProtector.exe <==== ATTENTION

Task: {BE57E2AA-2FEA-4646-AAD9-262F7A59B6A3} - System32\Tasks\{CFBCA889-77E5-422D-8A93-7C2F77E93C80} => C:\Users\Andre\Desktop\Simfam\INSTALL.EXE

Task: {C42A0188-EC72-42A0-BE16-18B95F1EF854} - System32\Tasks\{7FE72F68-C137-4AF9-BD59-03A6095518FF} => C:\Users\Andre\Desktop\SimFarm\SIMFARM.EXE

Task: {C84DFF45-3EC4-409F-80C4-2E8F97B58FBB} - System32\Tasks\{EBE108D8-7866-4C19-A037-801AB520125E} => C:\Users\Andre\Desktop\Simfam\INFO.EXE

Task: {CD9ACCEC-CF63-4180-A3ED-EBA1E9034FFC} - System32\Tasks\{9E9D8172-3161-4E30-A9CC-1290DDBE0057} => C:\Users\Andre\Desktop\Simfam\INSTALL.EXE

Task: {CE0326A6-113D-4E57-94DC-B44C4EBE6EE8} - System32\Tasks\Microsoft\Windows\WindowsBackup\AutomaticBackup => Rundll32.exe /d sdengin2.dll,ExecuteScheduledBackup

Task: {D633D47B-0947-4433-A6C5-7B1E2BD2AD82} - System32\Tasks\{19A46CE7-48AF-4D9A-AB45-FDCB1A07B9E7} => C:\Users\Andre\KSP_win\Patcher.exe [2013-05-23] ()

Task: {E1FF6492-89C7-4133-B274-87F1A04F0267} - System32\Tasks\{937DB1C8-95F9-42EC-8E0D-62DE57CEB502} => C:\Users\Andre\Desktop\Simfam\INSTALL.EXE

Task: {E2FCF5C2-B02F-4525-9ED5-826A051E7CB6} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2013-01-08] (Google Inc.)

Task: {E38A918E-C112-4D6D-A7AF-7ECB1D1C95D7} - System32\Tasks\AdobeAAMUpdater-1.0--The_Best_EVER--Andre => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [2013-06-13] (Adobe Systems Incorporated)

Task: {E619CCC0-8580-4D1B-8727-C37AFB9AD9D4} - System32\Tasks\Game_Booster_AutoUpdate => C:\Program Files (x86)\IObit\Game Booster 3\AutoUpdate.exe

Task: {E76A2661-32F8-4971-B7E6-A56E5DB62FC4} - System32\Tasks\{4C24591A-1ADD-440F-B434-2B29BBC02411} => C:\Users\Andre\Desktop\Simfam\INFO.EXE

Task: {ECA7A8FE-A30F-460B-A3BC-C10893700F41} - System32\Tasks\RegClean Pro_DEFAULT => C:\Program Files (x86)\RegClean Pro\RegCleanPro.exe <==== ATTENTION

Task: {F00FEF6C-0A31-49F8-8E27-67DBEB768BF1} - System32\Tasks\{0EB25245-50AB-4B65-9ECC-0A91B272AA7C} => C:\Users\Andre\Desktop\Simfam\INFO.EXE

Task: {F6663880-7813-4037-B867-505AE4392333} - System32\Tasks\{89A4A35F-9CE5-4665-A312-9E6E8D183F6B} => C:\Users\Andre\Desktop\Simfam\INSTALL.EXE

Task: {F674FCEA-F084-4AC6-855B-4218E2BC2125} - System32\Tasks\{378DD97D-FF24-45D9-B51B-80BCF6361EAA} => C:\Users\Andre\Desktop\Simfam\INFO.EXE

Task: {F7725BE2-A34A-4190-BA6B-3E1ACFAEC0A0} - System32\Tasks\{B56661F3-2395-447D-A658-FAE42036D932} => C:\Users\Andre\Desktop\Simfam\INSTALL.EXE

Task: {F7BC99CA-CC8E-4A18-BDC3-2ECF06D17447} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2013-01-08] (Google Inc.)

Task: {F913202B-85A8-4813-B56A-BCD657E6BED7} - System32\Tasks\BrowserSafeguard Update Task => C:\Program Files (x86)\Browsersafeguard\uninstall.BrowserSafeguard.exe <==== ATTENTION

Task: {FAEDDCC2-E971-4319-9D6F-9C5F89B27E19} - System32\Tasks\SystemToolsDailyTest => uaclauncher.exe

Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe

Task: C:\Windows\Tasks\AmiUpdXp.job => C:\Users\Andre\AppData\Local\13677\a7110.exe <==== ATTENTION

Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1126745806-3093530448-7569978-1001Core.job => C:\Users\Andre\AppData\Local\Google\Update\GoogleUpdate.exe

Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1126745806-3093530448-7569978-1001UA.job => C:\Users\Andre\AppData\Local\Google\Update\GoogleUpdate.exe

Task: C:\Windows\Tasks\RegClean Pro_DEFAULT.job => C:\Program Files (x86)\RegClean Pro\RegCleanPro.exe <==== ATTENTION

Task: C:\Windows\Tasks\RegClean Pro_UPDATES.job => C:\Program Files (x86)\RegClean Pro\RegCleanPro.exe <==== ATTENTION

 

==================== Loaded Modules (whitelisted) =============

 

2012-07-02 22:12 - 2012-07-02 22:12 - 09696768 _____ () C:\Program Files\MySQL\MySQL Server 5.5\bin\mysqld.exe

2012-09-23 01:06 - 2012-09-23 01:22 - 00076888 _____ () C:\Windows\SysWOW64\PnkBstrA.exe

2013-08-30 10:01 - 2013-08-30 10:01 - 03358064 _____ () C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSync\CoreSync_v_1_1_0_x64.dll

2013-11-24 14:37 - 2013-11-24 14:37 - 00075504 _____ () C:\Program Files\TortoiseSVN\bin\TortoiseStub.dll

2013-11-24 14:36 - 2013-11-24 14:36 - 00088304 _____ () C:\Program Files\TortoiseSVN\bin\libsasl.dll

2012-06-10 10:12 - 2012-01-26 21:49 - 02751808 ____N () C:\Program Files (x86)\AlienRespawn\COMPONENTS\SCHEDULER\STSERVICE.EXE

2014-02-06 01:52 - 2014-02-06 01:52 - 00073544 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll

2014-02-06 01:52 - 2014-02-06 01:52 - 01044808 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll

2014-01-16 05:01 - 2014-01-11 05:28 - 00715544 _____ () C:\Users\Andre\AppData\Local\Google\Chrome\Application\32.0.1700.76\libglesv2.dll

2014-01-16 05:01 - 2014-01-11 05:28 - 00100120 _____ () C:\Users\Andre\AppData\Local\Google\Chrome\Application\32.0.1700.76\libegl.dll

2014-01-16 05:01 - 2014-01-11 05:29 - 04055320 _____ () C:\Users\Andre\AppData\Local\Google\Chrome\Application\32.0.1700.76\pdf.dll

2014-01-16 05:01 - 2014-01-11 05:29 - 00399640 _____ () C:\Users\Andre\AppData\Local\Google\Chrome\Application\32.0.1700.76\ppGoogleNaClPluginChrome.dll

2014-01-16 05:01 - 2014-01-11 05:28 - 01634584 _____ () C:\Users\Andre\AppData\Local\Google\Chrome\Application\32.0.1700.76\ffmpegsumo.dll

2013-07-11 14:27 - 2013-07-11 14:27 - 00172032 _____ () C:\Windows\assembly\NativeImages_v2.0.50727_32\IsdiInterop\ef71e8c18fb10fed101ea14f12988e9b\IsdiInterop.ni.dll

2012-06-10 10:02 - 2011-11-29 20:00 - 00059392 _____ () C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IsdiInterop.dll

2012-06-10 10:06 - 2012-02-01 17:44 - 01198872 _____ () C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\ACE.dll

2014-02-20 07:53 - 2014-02-20 07:53 - 13632904 _____ () C:\Users\Andre\AppData\Local\Google\Chrome\User Data\PepperFlash\12.0.0.70\pepflashplayer.dll

2013-11-24 13:48 - 2013-11-24 13:48 - 00065264 _____ () C:\Program Files\TortoiseSVN\bin\TortoiseStub32.dll

2013-11-24 13:48 - 2013-11-24 13:48 - 00071408 _____ () C:\Program Files\TortoiseSVN\bin\libsasl32.dll

 

==================== Alternate Data Streams (whitelisted) =========

 

(If an entry is included in the fixlist, only the Alternate Data Streams will be removed.)

 

AlternateDataStreams: C:\Program Files\Common Files\Microsoft Shared:2QUXbLK6zDB0i0lt4wrkSQMAl

AlternateDataStreams: C:\ProgramData\Microsoft:AZBGFz6tHfGvaOY15EbUlmLiJOOc

AlternateDataStreams: C:\ProgramData\Microsoft:rn31mvAYMdMrCZ8j3R904Pp7

AlternateDataStreams: C:\ProgramData\Microsoft:W2dcBDElv84N3Sok2a3kfwjK

AlternateDataStreams: C:\ProgramData\Microsoft:Wg5qmF62QadD9fRWJxNdNdF

AlternateDataStreams: C:\ProgramData\Microsoft:ZFTwQZ6jdPrxDrSD3IeqieBk

AlternateDataStreams: C:\Users\Andre\Desktop\The Elder Scrolls V: Skyrim.lnk

AlternateDataStreams: C:\Users\Andre\AppData\Local\NZeRnB7bQfe0cI:8O9tOXSoxeXnhPggOqJOwK

AlternateDataStreams: C:\Users\Andre\AppData\Local\p3mH7u0j06LOaL:WAtExphT4JHiNGSA0V083c2o

 

==================== Safe Mode (whitelisted) ===================

 

(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)

 

 

==================== EXE Association (whitelisted) =============

 

(If an entry is included in the fixlist, the default will be restored. None default entries will be removed.)

 

 

==================== MSCONFIG/TASK MANAGER disabled items =========

 

(Currently there is no automatic fix for this section.)

 

MSCONFIG\Services: avgwd => 2

MSCONFIG\Services: BackupStack => 2

MSCONFIG\Services: McComponentHostService => 3

MSCONFIG\Services: vToolbarUpdater14.2.0 => 2

MSCONFIG\Services: Web Assistant Updater => 2

MSCONFIG\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^McAfee Security Scan Plus.lnk => C:\Windows\pss\McAfee Security Scan Plus.lnk.CommonStartup

MSCONFIG\startupfolder: C:^Users^Andre^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^CurseClientStartup.ccip => C:\Windows\pss\CurseClientStartup.ccip.Startup

MSCONFIG\startupfolder: C:^Users^Andre^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^DesktopWeatherAlerts.lnk => C:\Windows\pss\DesktopWeatherAlerts.lnk.Startup

MSCONFIG\startupfolder: C:^Users^Andre^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^Dropbox.lnk => C:\Windows\pss\Dropbox.lnk.Startup

MSCONFIG\startupfolder: C:^Users^Andre^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^JustCloud.lnk => C:\Windows\pss\JustCloud.lnk.Startup

MSCONFIG\startupfolder: C:^Users^Andre^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^Pastebin Desktop.lnk => C:\Windows\pss\Pastebin Desktop.lnk.Startup

MSCONFIG\startupfolder: C:^Users^Andre^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^Rainmeter.lnk => C:\Windows\pss\Rainmeter.lnk.Startup

MSCONFIG\startupfolder: C:^Users^Andre^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^Weather Alerts.lnk => C:\Windows\pss\Weather Alerts.lnk.Startup

MSCONFIG\startupreg: Adobe ARM => "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"

MSCONFIG\startupreg: Adobe Creative Cloud => "C:\Program Files (x86)\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe" --showwindow=false --onOSstartup=true

MSCONFIG\startupreg: Adobe Reader Speed Launcher => "C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Reader_sl.exe"

MSCONFIG\startupreg: AdobeCS6ServiceManager => "C:\Program Files (x86)\Common Files\Adobe\CS6ServiceManager\CS6ServiceManager.exe" -launchedbylogin

MSCONFIG\startupreg: AlienwareOn-ScreenDisplay => C:\Program Files (x86)\Alienware On-Screen Display\AlienwareOn-ScreenDisplay.exe

MSCONFIG\startupreg: amd_dc_opt => C:\Program Files (x86)\AMD\Dual-Core Optimizer\amd_dc_opt.exe

MSCONFIG\startupreg: APSDaemon => "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"

MSCONFIG\startupreg: AutoTyperMurGee => C:\Program Files (x86)\Auto Typer\AutoTyper.exe :settings

MSCONFIG\startupreg: AVG_TRAY => "C:\Program Files (x86)\AVG\AVG2012\avgtray.exe"

MSCONFIG\startupreg: BCSSync => "C:\Program Files\Microsoft Office\Office14\BCSSync.exe" /DelayServices

MSCONFIG\startupreg: BDRegion => c:\Program Files (x86)\Cyberlink\Shared Files\brs.exe

MSCONFIG\startupreg: BLEServicesCtrl => C:\Program Files (x86)\Intel\Bluetooth\BleServicesCtrl.exe

MSCONFIG\startupreg: BlueStacks Agent => C:\Program Files (x86)\BlueStacks\HD-Agent.exe

MSCONFIG\startupreg: boincmgr => "C:\Program Files\BOINC\boincmgr.exe" /a /s

MSCONFIG\startupreg: boinctray => "C:\Program Files\BOINC\boinctray.exe"

MSCONFIG\startupreg: Browser Infrastructure Helper => C:\Users\Andre\AppData\Local\Smartbar\Application\SavePass.exe startup

MSCONFIG\startupreg: BrowserSafeguard => "C:\Program Files (x86)\Browsersafeguard\BrowserSafeguard.exe"

MSCONFIG\startupreg: BTMTrayAgent => rundll32.exe "C:\Program Files (x86)\Intel\Bluetooth\btmshell.dll",TrayApp

MSCONFIG\startupreg: Dxtory Update Checker 2.0 => C:\Program Files (x86)\Dxtory Software\Dxtory2.0\UpdateChecker.exe

MSCONFIG\startupreg: Google Update => "C:\Users\Andre\AppData\Local\Google\Update\GoogleUpdate.exe" /c

MSCONFIG\startupreg: GoogleChromeAutoLaunch_CDE9B9A3C1D351C05B61B6CB536D0894 => "C:\Users\Andre\AppData\Local\Google\Chrome\Application\chrome.exe" --no-startup-window

MSCONFIG\startupreg: IAStorIcon => C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe

MSCONFIG\startupreg: Integrated Webcam Live! Central => "C:\Program Files (x86)\Integrated Webcam\Live! Central\WebcamInt.exe" /mode2

MSCONFIG\startupreg: IntelPROSet => "C:\Program Files\Common Files\Intel\WirelessCommon\iFrmewrk.exe" /tf Intel PROSet/Wireless

MSCONFIG\startupreg: iTunesHelper => "C:\Program Files (x86)\iTunes\iTunesHelper.exe"

MSCONFIG\startupreg: Jing => C:\Program Files (x86)\TechSmith\Jing\Jing.exe

MSCONFIG\startupreg: LogMeIn GUI => "C:\Program Files (x86)\LogMeIn\x64\LogMeInSystray.exe"

MSCONFIG\startupreg: MSC => "c:\Program Files\Microsoft Security Client\msseces.exe" -hide -runkey

MSCONFIG\startupreg: Optimizer Pro => C:\Program Files (x86)\Optimizer Pro\OptProLauncher.exe

MSCONFIG\startupreg: PDVD9LanguageShortcut => "c:\Program Files (x86)\CyberLink\PowerDVD9\Language\Language.exe"

MSCONFIG\startupreg: PhotoshopElements8SyncAgent => C:\Program Files (x86)\Adobe\Elements 10 Organizer\ElementsOrganizerSyncAgent.exe

MSCONFIG\startupreg: PrivitizeVPN => C:\Program Files (x86)\PrivitizeVPN\PrivitizeVPN.exe /autorun

MSCONFIG\startupreg: QuickTime Task => "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime

MSCONFIG\startupreg: Raptr => C:\PROGRA~2\Raptr\raptrstub.exe --startup

MSCONFIG\startupreg: RemoteControl9 => "c:\Program Files (x86)\CyberLink\PowerDVD9\PDVD9Serv.exe"

MSCONFIG\startupreg: RocketDock => "C:\Program Files (x86)\CustoPackTools\utils\RocketDock\RocketDock.exe"

MSCONFIG\startupreg: ROC_ROC_JULY_P1 => "C:\Program Files (x86)\AVG Secure Search\ROC_ROC_JULY_P1.exe" / /PROMPT /CMPID=ROC_JULY_P1

MSCONFIG\startupreg: Skype => "C:\Program Files (x86)\Skype\Phone\Skype.exe" /minimized /regrun

MSCONFIG\startupreg: Sound Blaster Recon3Di Control Panel => "c:\Program Files (x86)\Creative\Sound Blaster Recon3Di\Sound Blaster Recon3Di Control Panel\SBRcni.exe" /r

MSCONFIG\startupreg: SpeedBitVideoAccelerator => "C:\Program Files (x86)\SpeedBit Video Accelerator\VideoAccelerator.exe" /startup

MSCONFIG\startupreg: Steam => "C:\Users\Andre\AppData\Roaming\steam\steam.exe" -silent

MSCONFIG\startupreg: SunJavaUpdateSched => "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"

MSCONFIG\startupreg: SweetIM => C:\Program Files (x86)\SweetIM\Messenger\SweetIM.exe

MSCONFIG\startupreg: Sweetpacks Communicator => C:\Program Files (x86)\SweetIM\Communicator\SweetPacksUpdateManager.exe

MSCONFIG\startupreg: SwitchBoard => C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe

MSCONFIG\startupreg: SynTPEnh => %ProgramFiles%\Synaptics\SynTP\SynTPEnh.exe

MSCONFIG\startupreg: UpdReg => C:\Windows\UpdReg.EXE

MSCONFIG\startupreg: USB3MON => "C:\Program Files (x86)\Intel\Intel® USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe"

MSCONFIG\startupreg: vProt => "C:\Program Files (x86)\AVG Secure Search\vprot.exe"

MSCONFIG\startupreg: Xvid => C:\Program Files (x86)\Xvid\CheckUpdate.exe

 

==================== Faulty Device Manager Devices =============

 

 

==================== Event log errors: =========================

 

Application errors:

==================

Error: (08/08/2014 03:55:03 PM) (Source: Microsoft-Windows-LoadPerf) (EventID: 3011) (User: NT AUTHORITY)

Description: Unloading the performance counter strings for service WmiApRpl (WmiApRpl) failed. The first DWORD in the Data section contains the error code.

 

Error: (08/08/2014 03:55:03 PM) (Source: Microsoft-Windows-LoadPerf) (EventID: 3012) (User: NT AUTHORITY)

Description: The performance strings in the Performance registry value is corrupted when process Performance extension counter provider. The BaseIndex value from the Performance registry is the first DWORD in the Data section, LastCounter value is the second DWORD in the Data section, and LastHelp value is the third DWORD in the Data section.

 

Error: (08/08/2014 03:48:59 PM) (Source: BstHdAndroidSvc) (EventID: 0) (User: )

Description: Service cannot be started. System.ApplicationException: Cannot start service.  Service did not stop gracefully the last time it was run.

   at BlueStacks.hyperDroid.Service.Service.OnStart(String[] args)

   at System.ServiceProcess.ServiceBase.ServiceQueuedMainCallback(Object state)

 

Error: (08/08/2014 03:48:58 PM) (Source: WinMgmt) (EventID: 10) (User: )

Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

 

Error: (08/08/2014 09:25:45 AM) (Source: Microsoft-Windows-LoadPerf) (EventID: 3011) (User: NT AUTHORITY)

Description: Unloading the performance counter strings for service WmiApRpl (WmiApRpl) failed. The first DWORD in the Data section contains the error code.

 

Error: (08/08/2014 09:25:45 AM) (Source: Microsoft-Windows-LoadPerf) (EventID: 3012) (User: NT AUTHORITY)

Description: The performance strings in the Performance registry value is corrupted when process Performance extension counter provider. The BaseIndex value from the Performance registry is the first DWORD in the Data section, LastCounter value is the second DWORD in the Data section, and LastHelp value is the third DWORD in the Data section.

 

Error: (08/08/2014 09:19:18 AM) (Source: Microsoft-Windows-LoadPerf) (EventID: 3011) (User: NT AUTHORITY)

Description: Unloading the performance counter strings for service WmiApRpl (WmiApRpl) failed. The first DWORD in the Data section contains the error code.

 

Error: (08/08/2014 09:19:18 AM) (Source: Microsoft-Windows-LoadPerf) (EventID: 3012) (User: NT AUTHORITY)

Description: The performance strings in the Performance registry value is corrupted when process Performance extension counter provider. The BaseIndex value from the Performance registry is the first DWORD in the Data section, LastCounter value is the second DWORD in the Data section, and LastHelp value is the third DWORD in the Data section.

 

Error: (08/08/2014 03:00:38 AM) (Source: Microsoft-Windows-LoadPerf) (EventID: 3011) (User: NT AUTHORITY)

Description: Unloading the performance counter strings for service WmiApRpl (WmiApRpl) failed. The first DWORD in the Data section contains the error code.

 

Error: (08/08/2014 03:00:38 AM) (Source: Microsoft-Windows-LoadPerf) (EventID: 3012) (User: NT AUTHORITY)

Description: The performance strings in the Performance registry value is corrupted when process Performance extension counter provider. The BaseIndex value from the Performance registry is the first DWORD in the Data section, LastCounter value is the second DWORD in the Data section, and LastHelp value is the third DWORD in the Data section.

 

 

System errors:

=============

Error: (08/08/2014 04:57:40 PM) (Source: Ntfs) (EventID: 55) (User: )

Description: The file system structure on the disk is corrupt and unusable.

Please run the chkdsk utility on the volume OS.

 

Error: (08/08/2014 04:57:40 PM) (Source: Ntfs) (EventID: 55) (User: )

Description: The file system structure on the disk is corrupt and unusable.

Please run the chkdsk utility on the volume C:.

 

Error: (08/08/2014 04:57:28 PM) (Source: Ntfs) (EventID: 55) (User: )

Description: The file system structure on the disk is corrupt and unusable.

Please run the chkdsk utility on the volume OS.

 

Error: (08/08/2014 04:57:28 PM) (Source: Ntfs) (EventID: 55) (User: )

Description: The file system structure on the disk is corrupt and unusable.

Please run the chkdsk utility on the volume C:.

 

Error: (08/08/2014 04:57:04 PM) (Source: Ntfs) (EventID: 55) (User: )

Description: The file system structure on the disk is corrupt and unusable.

Please run the chkdsk utility on the volume OS.

 

Error: (08/08/2014 04:57:04 PM) (Source: Ntfs) (EventID: 55) (User: )

Description: The file system structure on the disk is corrupt and unusable.

Please run the chkdsk utility on the volume C:.

 

Error: (08/08/2014 04:56:01 PM) (Source: Ntfs) (EventID: 55) (User: )

Description: The file system structure on the disk is corrupt and unusable.

Please run the chkdsk utility on the volume OS.

 

Error: (08/08/2014 04:56:01 PM) (Source: Ntfs) (EventID: 55) (User: )

Description: The file system structure on the disk is corrupt and unusable.

Please run the chkdsk utility on the volume OS.

 

Error: (08/08/2014 04:56:01 PM) (Source: Ntfs) (EventID: 55) (User: )

Description: The file system structure on the disk is corrupt and unusable.

Please run the chkdsk utility on the volume OS.

 

Error: (08/08/2014 04:56:01 PM) (Source: Ntfs) (EventID: 55) (User: )

Description: The file system structure on the disk is corrupt and unusable.

Please run the chkdsk utility on the volume OS.

 

 

Microsoft Office Sessions:

=========================

Error: (08/08/2014 03:55:03 PM) (Source: Microsoft-Windows-LoadPerf) (EventID: 3011) (User: NT AUTHORITY)

Description: WmiApRplWmiApRpl8F20300004D070000

 

Error: (08/08/2014 03:55:03 PM) (Source: Microsoft-Windows-LoadPerf) (EventID: 3012) (User: NT AUTHORITY)

Description: Performance1637070000000000000000000009030000

 

Error: (08/08/2014 03:48:59 PM) (Source: BstHdAndroidSvc) (EventID: 0) (User: )

Description: Service cannot be started. System.ApplicationException: Cannot start service.  Service did not stop gracefully the last time it was run.

   at BlueStacks.hyperDroid.Service.Service.OnStart(String[] args)

   at System.ServiceProcess.ServiceBase.ServiceQueuedMainCallback(Object state)

 

Error: (08/08/2014 03:48:58 PM) (Source: WinMgmt) (EventID: 10) (User: )

Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

 

Error: (08/08/2014 09:25:45 AM) (Source: Microsoft-Windows-LoadPerf) (EventID: 3011) (User: NT AUTHORITY)

Description: WmiApRplWmiApRpl8F20300004D070000

 

Error: (08/08/2014 09:25:45 AM) (Source: Microsoft-Windows-LoadPerf) (EventID: 3012) (User: NT AUTHORITY)

Description: Performance1637070000000000000000000009030000

 

Error: (08/08/2014 09:19:18 AM) (Source: Microsoft-Windows-LoadPerf) (EventID: 3011) (User: NT AUTHORITY)

Description: WmiApRplWmiApRpl8F20300004D070000

 

Error: (08/08/2014 09:19:18 AM) (Source: Microsoft-Windows-LoadPerf) (EventID: 3012) (User: NT AUTHORITY)

Description: Performance1637070000000000000000000009030000

 

Error: (08/08/2014 03:00:38 AM) (Source: Microsoft-Windows-LoadPerf) (EventID: 3011) (User: NT AUTHORITY)

Description: WmiApRplWmiApRpl8F20300004D070000

 

Error: (08/08/2014 03:00:38 AM) (Source: Microsoft-Windows-LoadPerf) (EventID: 3012) (User: NT AUTHORITY)

Description: Performance1637070000000000000000000009030000

 

 

CodeIntegrity Errors:

===================================

  Date: 2014-01-05 16:22:22.735

  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume3\Program Files (x86)\Cheat Engine 6.1\dbk64.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

 

  Date: 2014-01-05 16:22:22.613

  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume3\Program Files (x86)\Cheat Engine 6.1\dbk64.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

 

  Date: 2014-01-05 16:09:19.903

  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume3\Program Files (x86)\Cheat Engine 6.1\dbk64.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

 

  Date: 2014-01-05 16:09:19.762

  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume3\Program Files (x86)\Cheat Engine 6.1\dbk64.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

 

  Date: 2014-01-05 15:57:08.760

  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume3\Program Files (x86)\Cheat Engine 6.1\dbk64.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

 

  Date: 2014-01-05 15:57:08.653

  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume3\Program Files (x86)\Cheat Engine 6.1\dbk64.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

 

 

==================== Memory info =========================== 

 

Percentage of memory in use: 39%

Total physical RAM: 8094.31 MB

Available physical RAM: 4861.11 MB

Total Pagefile: 34566.49 MB

Available Pagefile: 30506.3 MB

Total Virtual: 8192 MB

Available Virtual: 8191.81 MB

 

==================== Drives ================================

 

Drive c: (OS) (Fixed) (Total:456.98 GB) (Free:40.25 GB) NTFS

Drive d: (PERCY_JACKSON_LIGHTENING_THIEF) (CDROM) (Total:7.31 GB) (Free:0 GB) UDF

Drive e: (CENTON USB) (Removable) (Total:7.48 GB) (Free:5.75 GB) FAT32

 

==================== MBR & Partition Table ==================

 

========================================================

Disk: 0 (MBR Code: Windows 7 or Vista) (Size: 466 GB) (Disk ID: A67C0D91)

Partition 1: (Not Active) - (Size=39 MB) - (Type=DE)

Partition 2: (Active) - (Size=9 GB) - (Type=07 NTFS)

Partition 3: (Not Active) - (Size=457 GB) - (Type=07 NTFS)

 

========================================================

Disk: 1 (MBR Code: Windows XP) (Size: 7 GB) (Disk ID: C3072E18)

Partition 1: (Active) - (Size=7 GB) - (Type=0C)

 

==================== End Of Log ============================

Link to post
Share on other sites
deeprybka

deeprybka

Posted
Posted

Hi, please try this:

Please download mbam.pngMalwarebytes Anti-Malware and save it to your desktop.

  • Please open Malwarebytes Anti-Malware.
  • Please update the database by clicking on the "Update Now" button.
  • Following the update and click "Settings" and go to "Detection and Protection"
  • Make sure "Scan for Rootkits" is checked.
  • Click on Dashboard, then click on Scan Now to start the scan.

    (If Malware or Potentially Unwanted Programs [PUPs] are found, you will receive a prompt so that you can decide what you want to do. I suggest "Quarantine". Click the button: Apply All Actions.)

  • A window with an option to view the detailed log will appear. Click on "View Detailed Log".
  • After viewing the results, please click on the "Copy to Clipboard" button and then OK.
  • Return to our forum. Paste your log into your next reply.
Link to post
Share on other sites
walia6

walia6

Posted
  • Author
Posted

Hmm, i have ran the kill thing, 

Rkill 2.6.8 by Lawrence Abrams (Grinler)
Copyright 2008-2014 BleepingComputer.com
More Information about Rkill can be found at this link:
 
Program started at: 08/08/2014 05:28:16 PM in x64 mode.
Windows Version: Windows 7 Home Premium Service Pack 1
 
Checking for Windows services to stop:
 
 * No malware services found to stop.
 
Checking for processes to terminate:
 
 * No malware processes found to kill.
 
Checking Registry for malware related settings:
 
 * No issues found in the Registry.
 
Resetting .EXE, .COM, & .BAT associations in the Windows Registry.
 
Performing miscellaneous checks:
 
 * Modified HKCU\...\Winlogon: [shell] => explorer.exe,"C:\Windows\Microsoft.NET\Framework\v2.0.50727\RegSvcs.exe"
 
 * No issues found.
 
Checking Windows Service Integrity: 
 
 * No issues found.
 
Searching for Missing Digital Signatures: 
 
 * No issues found.
 
Checking HOSTS File: 
 
 * No issues found.
 
Program finished at: 08/08/2014 05:28:40 PM
Execution time: 0 hours(s), 0 minute(s), and 23 seconds(s)
 
I used a flashdrive to open up malwarebytes antimalware and it wouldnt let me
Link to post
Share on other sites
deeprybka

deeprybka

Posted
Posted

I used a flashdrive to open up malwarebytes antimalware and it wouldnt let me

Hi,

if you have problems to download Combofix, then download it with an other PC to the flashdrive and move it (=copy&paste) to the desktop(!) of the infected pc.

Please download combofix.pngCombofix (by sUBs) and save it to your Desktop.

  • Disable the realtime-protection of your antivirus and anti-malware programs because they might interfere with the scan.
  • Start Combofix.exe and follow its instructions.
  • Do not use the computer while the scan is running. This may cause the program to stall.
  • When finished, a log file will be displayed (that can also be found at C:\Combofix.txt).

    Please copy and paste the contents of this file into your next post.

Note: If you receive an error "Illegal operation attempted on a registry key that has been marked for deletion." after the scan, just restart the computer.
Link to post
Share on other sites
walia6

walia6

Posted
  • Author
Posted

Wow that took longer then expected, here ya go ComboFix 14-08-12.01 - Andre 08/12/2014  13:23:43.1.8 - x64

Microsoft Windows 7 Home Premium   6.1.7601.1.1252.1.1033.18.8094.5503 [GMT -5:00]
Running from: c:\users\Andre\Downloads\ComboFix.exe
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
 * Created a new restore point
.
.
(((((((((((((((((((((((((((((((((((((((   Other Deletions   )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\program files (x86)\love\love.exe
c:\users\Administrator\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\cdfhbeeflakipmefmjgahigbedkefhmg\2.7\background.html
c:\users\Administrator\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\cdfhbeeflakipmefmjgahigbedkefhmg\2.7\content.js
c:\users\Administrator\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\cdfhbeeflakipmefmjgahigbedkefhmg\2.7\e8kOvA8qe4jz.js
c:\users\Administrator\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\cdfhbeeflakipmefmjgahigbedkefhmg\2.7\lsdb.js
c:\users\Administrator\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\cdfhbeeflakipmefmjgahigbedkefhmg\2.7\manifest.json
c:\users\Administrator\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\glimhnjbcgoonhdnlgjfdjhhimfpjbcj\2.7\background.html
c:\users\Administrator\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\glimhnjbcgoonhdnlgjfdjhhimfpjbcj\2.7\content.js
c:\users\Administrator\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\glimhnjbcgoonhdnlgjfdjhhimfpjbcj\2.7\lsdb.js
c:\users\Administrator\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\glimhnjbcgoonhdnlgjfdjhhimfpjbcj\2.7\manifest.json
c:\users\Administrator\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\glimhnjbcgoonhdnlgjfdjhhimfpjbcj\2.7\ZGA.js
c:\users\Administrator\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\gnjmmnhhnpcdfgccpeniklgobfhaoece\2.7\background.html
c:\users\Administrator\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\gnjmmnhhnpcdfgccpeniklgobfhaoece\2.7\content.js
c:\users\Administrator\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\gnjmmnhhnpcdfgccpeniklgobfhaoece\2.7\cR8jA8X.js
c:\users\Administrator\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\gnjmmnhhnpcdfgccpeniklgobfhaoece\2.7\lsdb.js
c:\users\Administrator\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\gnjmmnhhnpcdfgccpeniklgobfhaoece\2.7\manifest.json
c:\users\Administrator\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\oaaegiieefcgbjglhohcdljfjplinbfo\3.18\background.html
c:\users\Administrator\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\oaaegiieefcgbjglhohcdljfjplinbfo\3.18\content.js
c:\users\Administrator\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\oaaegiieefcgbjglhohcdljfjplinbfo\3.18\JqD_Ni8soFz.js
c:\users\Administrator\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\oaaegiieefcgbjglhohcdljfjplinbfo\3.18\lsdb.js
c:\users\Administrator\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\oaaegiieefcgbjglhohcdljfjplinbfo\3.18\manifest.json
c:\users\Administrator\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\cdfhbeeflakipmefmjgahigbedkefhmg\2.7\background.html
c:\users\Administrator\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\cdfhbeeflakipmefmjgahigbedkefhmg\2.7\content.js
c:\users\Administrator\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\cdfhbeeflakipmefmjgahigbedkefhmg\2.7\e8kOvA8qe4jz.js
c:\users\Administrator\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\cdfhbeeflakipmefmjgahigbedkefhmg\2.7\lsdb.js
c:\users\Administrator\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\cdfhbeeflakipmefmjgahigbedkefhmg\2.7\manifest.json
c:\users\Administrator\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\glimhnjbcgoonhdnlgjfdjhhimfpjbcj\2.7\background.html
c:\users\Administrator\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\glimhnjbcgoonhdnlgjfdjhhimfpjbcj\2.7\content.js
c:\users\Administrator\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\glimhnjbcgoonhdnlgjfdjhhimfpjbcj\2.7\lsdb.js
c:\users\Administrator\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\glimhnjbcgoonhdnlgjfdjhhimfpjbcj\2.7\manifest.json
c:\users\Administrator\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\glimhnjbcgoonhdnlgjfdjhhimfpjbcj\2.7\ZGA.js
c:\users\Administrator\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\gnjmmnhhnpcdfgccpeniklgobfhaoece\2.7\background.html
c:\users\Administrator\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\gnjmmnhhnpcdfgccpeniklgobfhaoece\2.7\content.js
c:\users\Administrator\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\gnjmmnhhnpcdfgccpeniklgobfhaoece\2.7\cR8jA8X.js
c:\users\Administrator\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\gnjmmnhhnpcdfgccpeniklgobfhaoece\2.7\lsdb.js
c:\users\Administrator\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\gnjmmnhhnpcdfgccpeniklgobfhaoece\2.7\manifest.json
c:\users\Administrator\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\oaaegiieefcgbjglhohcdljfjplinbfo\3.18\background.html
c:\users\Administrator\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\oaaegiieefcgbjglhohcdljfjplinbfo\3.18\content.js
c:\users\Administrator\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\oaaegiieefcgbjglhohcdljfjplinbfo\3.18\JqD_Ni8soFz.js
c:\users\Administrator\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\oaaegiieefcgbjglhohcdljfjplinbfo\3.18\lsdb.js
c:\users\Administrator\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\oaaegiieefcgbjglhohcdljfjplinbfo\3.18\manifest.json
c:\users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\cdfhbeeflakipmefmjgahigbedkefhmg\2.7\background.html
c:\users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\cdfhbeeflakipmefmjgahigbedkefhmg\2.7\content.js
c:\users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\cdfhbeeflakipmefmjgahigbedkefhmg\2.7\e8kOvA8qe4jz.js
c:\users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\cdfhbeeflakipmefmjgahigbedkefhmg\2.7\lsdb.js
c:\users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\cdfhbeeflakipmefmjgahigbedkefhmg\2.7\manifest.json
c:\users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\glimhnjbcgoonhdnlgjfdjhhimfpjbcj\2.7\background.html
c:\users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\glimhnjbcgoonhdnlgjfdjhhimfpjbcj\2.7\content.js
c:\users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\glimhnjbcgoonhdnlgjfdjhhimfpjbcj\2.7\lsdb.js
c:\users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\glimhnjbcgoonhdnlgjfdjhhimfpjbcj\2.7\manifest.json
c:\users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\glimhnjbcgoonhdnlgjfdjhhimfpjbcj\2.7\ZGA.js
c:\users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\gnjmmnhhnpcdfgccpeniklgobfhaoece\2.7\background.html
c:\users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\gnjmmnhhnpcdfgccpeniklgobfhaoece\2.7\content.js
c:\users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\gnjmmnhhnpcdfgccpeniklgobfhaoece\2.7\cR8jA8X.js
c:\users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\gnjmmnhhnpcdfgccpeniklgobfhaoece\2.7\lsdb.js
c:\users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\gnjmmnhhnpcdfgccpeniklgobfhaoece\2.7\manifest.json
c:\users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\oaaegiieefcgbjglhohcdljfjplinbfo\3.18\background.html
c:\users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\oaaegiieefcgbjglhohcdljfjplinbfo\3.18\content.js
c:\users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\oaaegiieefcgbjglhohcdljfjplinbfo\3.18\JqD_Ni8soFz.js
c:\users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\oaaegiieefcgbjglhohcdljfjplinbfo\3.18\lsdb.js
c:\users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\oaaegiieefcgbjglhohcdljfjplinbfo\3.18\manifest.json
c:\users\Administrator\AppData\Local\Torch\User Data\Default\Extensions\cdfhbeeflakipmefmjgahigbedkefhmg\2.7\background.html
c:\users\Administrator\AppData\Local\Torch\User Data\Default\Extensions\cdfhbeeflakipmefmjgahigbedkefhmg\2.7\content.js
c:\users\Administrator\AppData\Local\Torch\User Data\Default\Extensions\cdfhbeeflakipmefmjgahigbedkefhmg\2.7\e8kOvA8qe4jz.js
c:\users\Administrator\AppData\Local\Torch\User Data\Default\Extensions\cdfhbeeflakipmefmjgahigbedkefhmg\2.7\lsdb.js
c:\users\Administrator\AppData\Local\Torch\User Data\Default\Extensions\cdfhbeeflakipmefmjgahigbedkefhmg\2.7\manifest.json
c:\users\Administrator\AppData\Local\Torch\User Data\Default\Extensions\glimhnjbcgoonhdnlgjfdjhhimfpjbcj\2.7\background.html
c:\users\Administrator\AppData\Local\Torch\User Data\Default\Extensions\glimhnjbcgoonhdnlgjfdjhhimfpjbcj\2.7\content.js
c:\users\Administrator\AppData\Local\Torch\User Data\Default\Extensions\glimhnjbcgoonhdnlgjfdjhhimfpjbcj\2.7\lsdb.js
c:\users\Administrator\AppData\Local\Torch\User Data\Default\Extensions\glimhnjbcgoonhdnlgjfdjhhimfpjbcj\2.7\manifest.json
c:\users\Administrator\AppData\Local\Torch\User Data\Default\Extensions\glimhnjbcgoonhdnlgjfdjhhimfpjbcj\2.7\ZGA.js
c:\users\Administrator\AppData\Local\Torch\User Data\Default\Extensions\gnjmmnhhnpcdfgccpeniklgobfhaoece\2.7\background.html
c:\users\Administrator\AppData\Local\Torch\User Data\Default\Extensions\gnjmmnhhnpcdfgccpeniklgobfhaoece\2.7\content.js
c:\users\Administrator\AppData\Local\Torch\User Data\Default\Extensions\gnjmmnhhnpcdfgccpeniklgobfhaoece\2.7\cR8jA8X.js
c:\users\Administrator\AppData\Local\Torch\User Data\Default\Extensions\gnjmmnhhnpcdfgccpeniklgobfhaoece\2.7\lsdb.js
c:\users\Administrator\AppData\Local\Torch\User Data\Default\Extensions\gnjmmnhhnpcdfgccpeniklgobfhaoece\2.7\manifest.json
c:\users\Administrator\AppData\Local\Torch\User Data\Default\Extensions\oaaegiieefcgbjglhohcdljfjplinbfo\3.18\background.html
c:\users\Administrator\AppData\Local\Torch\User Data\Default\Extensions\oaaegiieefcgbjglhohcdljfjplinbfo\3.18\content.js
c:\users\Administrator\AppData\Local\Torch\User Data\Default\Extensions\oaaegiieefcgbjglhohcdljfjplinbfo\3.18\JqD_Ni8soFz.js
c:\users\Administrator\AppData\Local\Torch\User Data\Default\Extensions\oaaegiieefcgbjglhohcdljfjplinbfo\3.18\lsdb.js
c:\users\Administrator\AppData\Local\Torch\User Data\Default\Extensions\oaaegiieefcgbjglhohcdljfjplinbfo\3.18\manifest.json
c:\users\Andre\AppData\Local\Adobe\gccheck.exe
c:\users\Andre\AppData\Local\Adobe\gtbcheck.exe
c:\users\Andre\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_anbdomiakhhfiennkeholjhaombbggdk_0.localstorage-journal
c:\users\Andre\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_anbdomiakhhfiennkeholjhaombbggdk_0.localstorage
c:\users\Andre\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_cjcffiloghnjgikjdchmnfcmhgahnagj_0.localstorage-journal
c:\users\Andre\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_cjcffiloghnjgikjdchmnfcmhgahnagj_0.localstorage
c:\users\Andre\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_oagfpooejhkamddjgdcdnkflhagehdne_0.localstorage-journal
c:\users\Andre\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_oagfpooejhkamddjgdcdnkflhagehdne_0.localstorage
c:\users\Andre\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_phgeinbhkkkphnnmndcnefpgocjmdnnc_0.localstorage-journal
c:\users\Andre\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_phgeinbhkkkphnnmndcnefpgocjmdnnc_0.localstorage
c:\users\Andre\AppData\Local\Google\Chrome\User Data\Default\Preferences
c:\users\Andre\AppData\Roaming\For Florida.exe
c:\users\Andre\AppData\Roaming\msconfig.ini
c:\users\Guest\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\cdfhbeeflakipmefmjgahigbedkefhmg\2.7\background.html
c:\users\Guest\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\cdfhbeeflakipmefmjgahigbedkefhmg\2.7\content.js
c:\users\Guest\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\cdfhbeeflakipmefmjgahigbedkefhmg\2.7\e8kOvA8qe4jz.js
c:\users\Guest\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\cdfhbeeflakipmefmjgahigbedkefhmg\2.7\lsdb.js
c:\users\Guest\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\cdfhbeeflakipmefmjgahigbedkefhmg\2.7\manifest.json
c:\users\Guest\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\glimhnjbcgoonhdnlgjfdjhhimfpjbcj\2.7\background.html
c:\users\Guest\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\glimhnjbcgoonhdnlgjfdjhhimfpjbcj\2.7\content.js
c:\users\Guest\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\glimhnjbcgoonhdnlgjfdjhhimfpjbcj\2.7\lsdb.js
c:\users\Guest\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\glimhnjbcgoonhdnlgjfdjhhimfpjbcj\2.7\manifest.json
c:\users\Guest\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\glimhnjbcgoonhdnlgjfdjhhimfpjbcj\2.7\ZGA.js
c:\users\Guest\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\gnjmmnhhnpcdfgccpeniklgobfhaoece\2.7\background.html
c:\users\Guest\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\gnjmmnhhnpcdfgccpeniklgobfhaoece\2.7\content.js
c:\users\Guest\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\gnjmmnhhnpcdfgccpeniklgobfhaoece\2.7\cR8jA8X.js
c:\users\Guest\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\gnjmmnhhnpcdfgccpeniklgobfhaoece\2.7\lsdb.js
c:\users\Guest\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\gnjmmnhhnpcdfgccpeniklgobfhaoece\2.7\manifest.json
c:\users\Guest\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\oaaegiieefcgbjglhohcdljfjplinbfo\3.18\background.html
c:\users\Guest\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\oaaegiieefcgbjglhohcdljfjplinbfo\3.18\content.js
c:\users\Guest\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\oaaegiieefcgbjglhohcdljfjplinbfo\3.18\JqD_Ni8soFz.js
c:\users\Guest\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\oaaegiieefcgbjglhohcdljfjplinbfo\3.18\lsdb.js
c:\users\Guest\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\oaaegiieefcgbjglhohcdljfjplinbfo\3.18\manifest.json
c:\users\Guest\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\cdfhbeeflakipmefmjgahigbedkefhmg\2.7\background.html
c:\users\Guest\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\cdfhbeeflakipmefmjgahigbedkefhmg\2.7\content.js
c:\users\Guest\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\cdfhbeeflakipmefmjgahigbedkefhmg\2.7\e8kOvA8qe4jz.js
c:\users\Guest\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\cdfhbeeflakipmefmjgahigbedkefhmg\2.7\lsdb.js
c:\users\Guest\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\cdfhbeeflakipmefmjgahigbedkefhmg\2.7\manifest.json
c:\users\Guest\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\glimhnjbcgoonhdnlgjfdjhhimfpjbcj\2.7\background.html
c:\users\Guest\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\glimhnjbcgoonhdnlgjfdjhhimfpjbcj\2.7\content.js
c:\users\Guest\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\glimhnjbcgoonhdnlgjfdjhhimfpjbcj\2.7\lsdb.js
c:\users\Guest\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\glimhnjbcgoonhdnlgjfdjhhimfpjbcj\2.7\manifest.json
c:\users\Guest\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\glimhnjbcgoonhdnlgjfdjhhimfpjbcj\2.7\ZGA.js
c:\users\Guest\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\gnjmmnhhnpcdfgccpeniklgobfhaoece\2.7\background.html
c:\users\Guest\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\gnjmmnhhnpcdfgccpeniklgobfhaoece\2.7\content.js
c:\users\Guest\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\gnjmmnhhnpcdfgccpeniklgobfhaoece\2.7\cR8jA8X.js
c:\users\Guest\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\gnjmmnhhnpcdfgccpeniklgobfhaoece\2.7\lsdb.js
c:\users\Guest\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\gnjmmnhhnpcdfgccpeniklgobfhaoece\2.7\manifest.json
c:\users\Guest\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\oaaegiieefcgbjglhohcdljfjplinbfo\3.18\background.html
c:\users\Guest\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\oaaegiieefcgbjglhohcdljfjplinbfo\3.18\content.js
c:\users\Guest\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\oaaegiieefcgbjglhohcdljfjplinbfo\3.18\JqD_Ni8soFz.js
c:\users\Guest\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\oaaegiieefcgbjglhohcdljfjplinbfo\3.18\lsdb.js
c:\users\Guest\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\oaaegiieefcgbjglhohcdljfjplinbfo\3.18\manifest.json
c:\users\Guest\AppData\Local\Google\Chrome\User Data\Default\Extensions\cdfhbeeflakipmefmjgahigbedkefhmg\2.7\background.html
c:\users\Guest\AppData\Local\Google\Chrome\User Data\Default\Extensions\cdfhbeeflakipmefmjgahigbedkefhmg\2.7\content.js
c:\users\Guest\AppData\Local\Google\Chrome\User Data\Default\Extensions\cdfhbeeflakipmefmjgahigbedkefhmg\2.7\e8kOvA8qe4jz.js
c:\users\Guest\AppData\Local\Google\Chrome\User Data\Default\Extensions\cdfhbeeflakipmefmjgahigbedkefhmg\2.7\lsdb.js
c:\users\Guest\AppData\Local\Google\Chrome\User Data\Default\Extensions\cdfhbeeflakipmefmjgahigbedkefhmg\2.7\manifest.json
c:\users\Guest\AppData\Local\Google\Chrome\User Data\Default\Extensions\glimhnjbcgoonhdnlgjfdjhhimfpjbcj\2.7\background.html
c:\users\Guest\AppData\Local\Google\Chrome\User Data\Default\Extensions\glimhnjbcgoonhdnlgjfdjhhimfpjbcj\2.7\content.js
c:\users\Guest\AppData\Local\Google\Chrome\User Data\Default\Extensions\glimhnjbcgoonhdnlgjfdjhhimfpjbcj\2.7\lsdb.js
c:\users\Guest\AppData\Local\Google\Chrome\User Data\Default\Extensions\glimhnjbcgoonhdnlgjfdjhhimfpjbcj\2.7\manifest.json
c:\users\Guest\AppData\Local\Google\Chrome\User Data\Default\Extensions\glimhnjbcgoonhdnlgjfdjhhimfpjbcj\2.7\ZGA.js
c:\users\Guest\AppData\Local\Google\Chrome\User Data\Default\Extensions\gnjmmnhhnpcdfgccpeniklgobfhaoece\2.7\background.html
c:\users\Guest\AppData\Local\Google\Chrome\User Data\Default\Extensions\gnjmmnhhnpcdfgccpeniklgobfhaoece\2.7\content.js
c:\users\Guest\AppData\Local\Google\Chrome\User Data\Default\Extensions\gnjmmnhhnpcdfgccpeniklgobfhaoece\2.7\cR8jA8X.js
c:\users\Guest\AppData\Local\Google\Chrome\User Data\Default\Extensions\gnjmmnhhnpcdfgccpeniklgobfhaoece\2.7\lsdb.js
c:\users\Guest\AppData\Local\Google\Chrome\User Data\Default\Extensions\gnjmmnhhnpcdfgccpeniklgobfhaoece\2.7\manifest.json
c:\users\Guest\AppData\Local\Google\Chrome\User Data\Default\Extensions\oaaegiieefcgbjglhohcdljfjplinbfo\3.18\background.html
c:\users\Guest\AppData\Local\Google\Chrome\User Data\Default\Extensions\oaaegiieefcgbjglhohcdljfjplinbfo\3.18\content.js
c:\users\Guest\AppData\Local\Google\Chrome\User Data\Default\Extensions\oaaegiieefcgbjglhohcdljfjplinbfo\3.18\JqD_Ni8soFz.js
c:\users\Guest\AppData\Local\Google\Chrome\User Data\Default\Extensions\oaaegiieefcgbjglhohcdljfjplinbfo\3.18\lsdb.js
c:\users\Guest\AppData\Local\Google\Chrome\User Data\Default\Extensions\oaaegiieefcgbjglhohcdljfjplinbfo\3.18\manifest.json
c:\users\Guest\AppData\Local\Torch\User Data\Default\Extensions\cdfhbeeflakipmefmjgahigbedkefhmg\2.7\background.html
c:\users\Guest\AppData\Local\Torch\User Data\Default\Extensions\cdfhbeeflakipmefmjgahigbedkefhmg\2.7\content.js
c:\users\Guest\AppData\Local\Torch\User Data\Default\Extensions\cdfhbeeflakipmefmjgahigbedkefhmg\2.7\e8kOvA8qe4jz.js
c:\users\Guest\AppData\Local\Torch\User Data\Default\Extensions\cdfhbeeflakipmefmjgahigbedkefhmg\2.7\lsdb.js
c:\users\Guest\AppData\Local\Torch\User Data\Default\Extensions\cdfhbeeflakipmefmjgahigbedkefhmg\2.7\manifest.json
c:\users\Guest\AppData\Local\Torch\User Data\Default\Extensions\glimhnjbcgoonhdnlgjfdjhhimfpjbcj\2.7\background.html
c:\users\Guest\AppData\Local\Torch\User Data\Default\Extensions\glimhnjbcgoonhdnlgjfdjhhimfpjbcj\2.7\content.js
c:\users\Guest\AppData\Local\Torch\User Data\Default\Extensions\glimhnjbcgoonhdnlgjfdjhhimfpjbcj\2.7\lsdb.js
c:\users\Guest\AppData\Local\Torch\User Data\Default\Extensions\glimhnjbcgoonhdnlgjfdjhhimfpjbcj\2.7\manifest.json
c:\users\Guest\AppData\Local\Torch\User Data\Default\Extensions\glimhnjbcgoonhdnlgjfdjhhimfpjbcj\2.7\ZGA.js
c:\users\Guest\AppData\Local\Torch\User Data\Default\Extensions\gnjmmnhhnpcdfgccpeniklgobfhaoece\2.7\background.html
c:\users\Guest\AppData\Local\Torch\User Data\Default\Extensions\gnjmmnhhnpcdfgccpeniklgobfhaoece\2.7\content.js
c:\users\Guest\AppData\Local\Torch\User Data\Default\Extensions\gnjmmnhhnpcdfgccpeniklgobfhaoece\2.7\cR8jA8X.js
c:\users\Guest\AppData\Local\Torch\User Data\Default\Extensions\gnjmmnhhnpcdfgccpeniklgobfhaoece\2.7\lsdb.js
c:\users\Guest\AppData\Local\Torch\User Data\Default\Extensions\gnjmmnhhnpcdfgccpeniklgobfhaoece\2.7\manifest.json
c:\users\Guest\AppData\Local\Torch\User Data\Default\Extensions\oaaegiieefcgbjglhohcdljfjplinbfo\3.18\background.html
c:\users\Guest\AppData\Local\Torch\User Data\Default\Extensions\oaaegiieefcgbjglhohcdljfjplinbfo\3.18\content.js
c:\users\Guest\AppData\Local\Torch\User Data\Default\Extensions\oaaegiieefcgbjglhohcdljfjplinbfo\3.18\JqD_Ni8soFz.js
c:\users\Guest\AppData\Local\Torch\User Data\Default\Extensions\oaaegiieefcgbjglhohcdljfjplinbfo\3.18\lsdb.js
c:\users\Guest\AppData\Local\Torch\User Data\Default\Extensions\oaaegiieefcgbjglhohcdljfjplinbfo\3.18\manifest.json
c:\users\HomeGroupUser$\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\cdfhbeeflakipmefmjgahigbedkefhmg\2.7\background.html
c:\users\HomeGroupUser$\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\cdfhbeeflakipmefmjgahigbedkefhmg\2.7\content.js
c:\users\HomeGroupUser$\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\cdfhbeeflakipmefmjgahigbedkefhmg\2.7\e8kOvA8qe4jz.js
c:\users\HomeGroupUser$\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\cdfhbeeflakipmefmjgahigbedkefhmg\2.7\lsdb.js
c:\users\HomeGroupUser$\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\cdfhbeeflakipmefmjgahigbedkefhmg\2.7\manifest.json
c:\users\HomeGroupUser$\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\glimhnjbcgoonhdnlgjfdjhhimfpjbcj\2.7\background.html
c:\users\HomeGroupUser$\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\glimhnjbcgoonhdnlgjfdjhhimfpjbcj\2.7\content.js
c:\users\HomeGroupUser$\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\glimhnjbcgoonhdnlgjfdjhhimfpjbcj\2.7\lsdb.js
c:\users\HomeGroupUser$\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\glimhnjbcgoonhdnlgjfdjhhimfpjbcj\2.7\manifest.json
c:\users\HomeGroupUser$\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\glimhnjbcgoonhdnlgjfdjhhimfpjbcj\2.7\ZGA.js
c:\users\HomeGroupUser$\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\gnjmmnhhnpcdfgccpeniklgobfhaoece\2.7\background.html
c:\users\HomeGroupUser$\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\gnjmmnhhnpcdfgccpeniklgobfhaoece\2.7\content.js
c:\users\HomeGroupUser$\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\gnjmmnhhnpcdfgccpeniklgobfhaoece\2.7\cR8jA8X.js
c:\users\HomeGroupUser$\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\gnjmmnhhnpcdfgccpeniklgobfhaoece\2.7\lsdb.js
c:\users\HomeGroupUser$\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\gnjmmnhhnpcdfgccpeniklgobfhaoece\2.7\manifest.json
c:\users\HomeGroupUser$\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\oaaegiieefcgbjglhohcdljfjplinbfo\3.18\background.html
c:\users\HomeGroupUser$\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\oaaegiieefcgbjglhohcdljfjplinbfo\3.18\content.js
c:\users\HomeGroupUser$\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\oaaegiieefcgbjglhohcdljfjplinbfo\3.18\JqD_Ni8soFz.js
c:\users\HomeGroupUser$\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\oaaegiieefcgbjglhohcdljfjplinbfo\3.18\lsdb.js
c:\users\HomeGroupUser$\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\oaaegiieefcgbjglhohcdljfjplinbfo\3.18\manifest.json
c:\users\HomeGroupUser$\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\cdfhbeeflakipmefmjgahigbedkefhmg\2.7\background.html
c:\users\HomeGroupUser$\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\cdfhbeeflakipmefmjgahigbedkefhmg\2.7\content.js
c:\users\HomeGroupUser$\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\cdfhbeeflakipmefmjgahigbedkefhmg\2.7\e8kOvA8qe4jz.js
c:\users\HomeGroupUser$\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\cdfhbeeflakipmefmjgahigbedkefhmg\2.7\lsdb.js
c:\users\HomeGroupUser$\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\cdfhbeeflakipmefmjgahigbedkefhmg\2.7\manifest.json
c:\users\HomeGroupUser$\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\glimhnjbcgoonhdnlgjfdjhhimfpjbcj\2.7\background.html
c:\users\HomeGroupUser$\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\glimhnjbcgoonhdnlgjfdjhhimfpjbcj\2.7\content.js
c:\users\HomeGroupUser$\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\glimhnjbcgoonhdnlgjfdjhhimfpjbcj\2.7\lsdb.js
c:\users\HomeGroupUser$\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\glimhnjbcgoonhdnlgjfdjhhimfpjbcj\2.7\manifest.json
c:\users\HomeGroupUser$\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\glimhnjbcgoonhdnlgjfdjhhimfpjbcj\2.7\ZGA.js
c:\users\HomeGroupUser$\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\gnjmmnhhnpcdfgccpeniklgobfhaoece\2.7\background.html
c:\users\HomeGroupUser$\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\gnjmmnhhnpcdfgccpeniklgobfhaoece\2.7\content.js
c:\users\HomeGroupUser$\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\gnjmmnhhnpcdfgccpeniklgobfhaoece\2.7\cR8jA8X.js
c:\users\HomeGroupUser$\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\gnjmmnhhnpcdfgccpeniklgobfhaoece\2.7\lsdb.js
c:\users\HomeGroupUser$\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\gnjmmnhhnpcdfgccpeniklgobfhaoece\2.7\manifest.json
c:\users\HomeGroupUser$\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\oaaegiieefcgbjglhohcdljfjplinbfo\3.18\background.html
c:\users\HomeGroupUser$\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\oaaegiieefcgbjglhohcdljfjplinbfo\3.18\content.js
c:\users\HomeGroupUser$\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\oaaegiieefcgbjglhohcdljfjplinbfo\3.18\JqD_Ni8soFz.js
c:\users\HomeGroupUser$\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\oaaegiieefcgbjglhohcdljfjplinbfo\3.18\lsdb.js
c:\users\HomeGroupUser$\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\oaaegiieefcgbjglhohcdljfjplinbfo\3.18\manifest.json
c:\users\HomeGroupUser$\AppData\Local\Google\Chrome\User Data\Default\Extensions\cdfhbeeflakipmefmjgahigbedkefhmg\2.7\background.html
c:\users\HomeGroupUser$\AppData\Local\Google\Chrome\User Data\Default\Extensions\cdfhbeeflakipmefmjgahigbedkefhmg\2.7\content.js
c:\users\HomeGroupUser$\AppData\Local\Google\Chrome\User Data\Default\Extensions\cdfhbeeflakipmefmjgahigbedkefhmg\2.7\e8kOvA8qe4jz.js
c:\users\HomeGroupUser$\AppData\Local\Google\Chrome\User Data\Default\Extensions\cdfhbeeflakipmefmjgahigbedkefhmg\2.7\lsdb.js
c:\users\HomeGroupUser$\AppData\Local\Google\Chrome\User Data\Default\Extensions\cdfhbeeflakipmefmjgahigbedkefhmg\2.7\manifest.json
c:\users\HomeGroupUser$\AppData\Local\Google\Chrome\User Data\Default\Extensions\glimhnjbcgoonhdnlgjfdjhhimfpjbcj\2.7\background.html
c:\users\HomeGroupUser$\AppData\Local\Google\Chrome\User Data\Default\Extensions\glimhnjbcgoonhdnlgjfdjhhimfpjbcj\2.7\content.js
c:\users\HomeGroupUser$\AppData\Local\Google\Chrome\User Data\Default\Extensions\glimhnjbcgoonhdnlgjfdjhhimfpjbcj\2.7\lsdb.js
c:\users\HomeGroupUser$\AppData\Local\Google\Chrome\User Data\Default\Extensions\glimhnjbcgoonhdnlgjfdjhhimfpjbcj\2.7\manifest.json
c:\users\HomeGroupUser$\AppData\Local\Google\Chrome\User Data\Default\Extensions\glimhnjbcgoonhdnlgjfdjhhimfpjbcj\2.7\ZGA.js
c:\users\HomeGroupUser$\AppData\Local\Google\Chrome\User Data\Default\Extensions\gnjmmnhhnpcdfgccpeniklgobfhaoece\2.7\background.html
c:\users\HomeGroupUser$\AppData\Local\Google\Chrome\User Data\Default\Extensions\gnjmmnhhnpcdfgccpeniklgobfhaoece\2.7\content.js
c:\users\HomeGroupUser$\AppData\Local\Google\Chrome\User Data\Default\Extensions\gnjmmnhhnpcdfgccpeniklgobfhaoece\2.7\cR8jA8X.js
c:\users\HomeGroupUser$\AppData\Local\Google\Chrome\User Data\Default\Extensions\gnjmmnhhnpcdfgccpeniklgobfhaoece\2.7\lsdb.js
c:\users\HomeGroupUser$\AppData\Local\Google\Chrome\User Data\Default\Extensions\gnjmmnhhnpcdfgccpeniklgobfhaoece\2.7\manifest.json
c:\users\HomeGroupUser$\AppData\Local\Google\Chrome\User Data\Default\Extensions\oaaegiieefcgbjglhohcdljfjplinbfo\3.18\background.html
c:\users\HomeGroupUser$\AppData\Local\Google\Chrome\User Data\Default\Extensions\oaaegiieefcgbjglhohcdljfjplinbfo\3.18\content.js
c:\users\HomeGroupUser$\AppData\Local\Google\Chrome\User Data\Default\Extensions\oaaegiieefcgbjglhohcdljfjplinbfo\3.18\JqD_Ni8soFz.js
c:\users\HomeGroupUser$\AppData\Local\Google\Chrome\User Data\Default\Extensions\oaaegiieefcgbjglhohcdljfjplinbfo\3.18\lsdb.js
c:\users\HomeGroupUser$\AppData\Local\Google\Chrome\User Data\Default\Extensions\oaaegiieefcgbjglhohcdljfjplinbfo\3.18\manifest.json
c:\users\HomeGroupUser$\AppData\Local\Torch\User Data\Default\Extensions\cdfhbeeflakipmefmjgahigbedkefhmg\2.7\background.html
c:\users\HomeGroupUser$\AppData\Local\Torch\User Data\Default\Extensions\cdfhbeeflakipmefmjgahigbedkefhmg\2.7\content.js
c:\users\HomeGroupUser$\AppData\Local\Torch\User Data\Default\Extensions\cdfhbeeflakipmefmjgahigbedkefhmg\2.7\e8kOvA8qe4jz.js
c:\users\HomeGroupUser$\AppData\Local\Torch\User Data\Default\Extensions\cdfhbeeflakipmefmjgahigbedkefhmg\2.7\lsdb.js
c:\users\HomeGroupUser$\AppData\Local\Torch\User Data\Default\Extensions\cdfhbeeflakipmefmjgahigbedkefhmg\2.7\manifest.json
c:\users\HomeGroupUser$\AppData\Local\Torch\User Data\Default\Extensions\glimhnjbcgoonhdnlgjfdjhhimfpjbcj\2.7\background.html
c:\users\HomeGroupUser$\AppData\Local\Torch\User Data\Default\Extensions\glimhnjbcgoonhdnlgjfdjhhimfpjbcj\2.7\content.js
c:\users\HomeGroupUser$\AppData\Local\Torch\User Data\Default\Extensions\glimhnjbcgoonhdnlgjfdjhhimfpjbcj\2.7\lsdb.js
c:\users\HomeGroupUser$\AppData\Local\Torch\User Data\Default\Extensions\glimhnjbcgoonhdnlgjfdjhhimfpjbcj\2.7\manifest.json
c:\users\HomeGroupUser$\AppData\Local\Torch\User Data\Default\Extensions\glimhnjbcgoonhdnlgjfdjhhimfpjbcj\2.7\ZGA.js
c:\users\HomeGroupUser$\AppData\Local\Torch\User Data\Default\Extensions\gnjmmnhhnpcdfgccpeniklgobfhaoece\2.7\background.html
c:\users\HomeGroupUser$\AppData\Local\Torch\User Data\Default\Extensions\gnjmmnhhnpcdfgccpeniklgobfhaoece\2.7\content.js
c:\users\HomeGroupUser$\AppData\Local\Torch\User Data\Default\Extensions\gnjmmnhhnpcdfgccpeniklgobfhaoece\2.7\cR8jA8X.js
c:\users\HomeGroupUser$\AppData\Local\Torch\User Data\Default\Extensions\gnjmmnhhnpcdfgccpeniklgobfhaoece\2.7\lsdb.js
c:\users\HomeGroupUser$\AppData\Local\Torch\User Data\Default\Extensions\gnjmmnhhnpcdfgccpeniklgobfhaoece\2.7\manifest.json
c:\users\HomeGroupUser$\AppData\Local\Torch\User Data\Default\Extensions\oaaegiieefcgbjglhohcdljfjplinbfo\3.18\background.html
c:\users\HomeGroupUser$\AppData\Local\Torch\User Data\Default\Extensions\oaaegiieefcgbjglhohcdljfjplinbfo\3.18\content.js
c:\users\HomeGroupUser$\AppData\Local\Torch\User Data\Default\Extensions\oaaegiieefcgbjglhohcdljfjplinbfo\3.18\JqD_Ni8soFz.js
c:\users\HomeGroupUser$\AppData\Local\Torch\User Data\Default\Extensions\oaaegiieefcgbjglhohcdljfjplinbfo\3.18\lsdb.js
c:\users\HomeGroupUser$\AppData\Local\Torch\User Data\Default\Extensions\oaaegiieefcgbjglhohcdljfjplinbfo\3.18\manifest.json
c:\windows\SysWow64\Packet.dll
c:\windows\SysWow64\pthreadVC.dll
c:\windows\SysWow64\wpcap.dll
c:\windows\wininit.ini
.
.
(((((((((((((((((((((((((((((((((((((((   Drivers/Services   )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
-------\Legacy_NPF
-------\Service_npf
.
.
(((((((((((((((((((((((((   Files Created from 2014-07-12 to 2014-08-12  )))))))))))))))))))))))))))))))
.
.
2014-08-12 18:43 . 2014-08-12 18:43 -------- d-----w- c:\users\Default\AppData\Local\temp
2014-08-12 18:43 . 2014-08-12 18:43 -------- d-----w- c:\users\UpdatusUser\AppData\Local\temp
2014-08-12 10:50 . 2013-04-04 19:50 25928 ----a-w- c:\windows\system32\drivers\mbam.sys
2014-08-12 10:49 . 2014-08-12 10:50 -------- d-----w- C:\mbam
2014-08-10 19:20 . 2014-08-10 19:21 -------- d-----w- c:\users\Andre\AppData\Roaming\SpaceEngineers
2014-08-10 18:30 . 2014-08-10 18:30 -------- d-----w- c:\users\Andre\AppData\Local\Bizarre Creations
2014-08-07 23:56 . 2014-08-07 23:56 -------- d-----w- c:\program files (x86)\greaatsaver
2014-08-07 23:56 . 2014-08-07 23:56 -------- d-----w- c:\program files (x86)\BBITSaver
2014-08-07 23:23 . 2014-08-08 22:04 -------- d-----w- C:\FRST
2014-08-07 03:39 . 2014-08-07 03:39 -------- d-----w- c:\users\Andre\AppData\Roaming\library_dir
2014-08-07 01:13 . 2014-08-07 01:15 -------- d-sh--w- c:\windows\SysWow64\sys
2014-08-07 01:13 . 2014-08-07 01:14 -------- d-sh--r- c:\users\Andre\c4u2s7y68
2014-08-07 01:04 . 2014-08-07 01:04 -------- d-----w- c:\users\Andre\AppData\Local\13677
2014-08-07 01:02 . 2014-08-07 01:02 75888 ----a-w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{25C60FB5-D63B-4492-989E-02506E708EE0}\offreg.dll
2014-08-06 22:52 . 2014-07-02 03:09 10924376 ----a-w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{25C60FB5-D63B-4492-989E-02506E708EE0}\mpengine.dll
2014-08-05 22:48 . 2014-07-02 03:09 10924376 ----a-w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\Backup\mpengine.dll
2014-08-03 05:22 . 2014-05-05 03:37 1031560 ------w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{5B83E54C-7140-4BD9-A157-8B70EB2D132F}\gapaengine.dll
2014-07-19 19:11 . 2014-07-19 19:11 -------- d-----w- c:\users\Andre\AppData\Local\Razer_Inc
2014-07-19 17:59 . 2014-07-19 17:59 -------- d-----w- c:\programdata\SystemRequirementsLab
2014-07-18 00:04 . 2014-07-18 00:04 -------- d-----w- C:\robocode
.
.
.
((((((((((((((((((((((((((((((((((((((((   Find3M Report   ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2014-07-16 22:11 . 2012-06-21 04:47 107368 ----a-w- c:\windows\system32\LMIRfsClientNP.dll
2014-07-16 22:11 . 2012-06-21 04:47 35656 ----a-w- c:\windows\system32\LMIport.dll
2014-07-16 22:11 . 2012-06-21 04:47 92488 ----a-w- c:\windows\system32\LMIinit.dll
2014-05-29 12:32 . 2014-05-29 12:32 80384 ----a-w- c:\windows\system32\RazerCoinstaller.dll
2014-05-27 22:15 . 2012-06-10 14:49 70832 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2014-05-27 22:15 . 2012-06-10 14:49 692400 ----a-w- c:\windows\SysWow64\FlashPlayerApp.exe
2014-05-16 19:04 . 2014-07-04 04:14 254240 ----a-w- c:\windows\system32\drivers\VBoxDrv.sys
2014-05-16 19:03 . 2014-07-04 04:13 128288 ----a-w- c:\windows\system32\drivers\VBoxUSBMon.sys
2014-05-16 19:03 . 2014-05-16 19:03 156448 ----a-w- c:\windows\system32\drivers\VBoxNetFlt.sys
2014-05-16 19:03 . 2014-05-16 19:03 141600 ----a-w- c:\windows\system32\drivers\VBoxNetAdp.sys
2014-05-16 19:01 . 2014-05-16 19:01 204064 ----a-w- c:\windows\system32\VBoxNetFltNobj.dll
.
.
(((((((((((((((((((((((((((((((((((((   Reg Loading Points   ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown 
REGEDIT4
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\~\Browser Helper Objects\{32C7CEDA-CB8B-3E5F-39EE-424868841A59}]
2014-06-11 17:18 370688 ----a-w- c:\programdata\DigiSaver\KZX.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\~\Browser Helper Objects\{A5BFBCA7-BB24-32B8-DDD9-C297FF1DF128}]
2014-02-24 03:27 106496 ----a-w- c:\program files (x86)\TidyNetwork\petn.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\~\Browser Helper Objects\{AB4AB13C-341D-D7B8-CBDF-4D46C2624E5F}]
2014-02-27 23:51 425984 ----a-w- c:\programdata\DDiscouuntEaxteNsi\fJ.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\~\Browser Helper Objects\{AC8510C9-E032-CE40-D602-7DAC54049F07}]
2014-07-02 21:40 456192 ----a-w- c:\programdata\ReaguLaarDeals\HGBu8WEX.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\~\Browser Helper Objects\{e9e8eb35-ff77-455d-b677-91e5e4fc06c2}]
2010-11-21 03:24 297808 ----a-w- c:\windows\System32\mscoree.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\~\Browser Helper Objects\{FBD99D9E-C256-47EF-03D5-5364990CB346}]
2014-05-25 19:38 372224 ----a-w- c:\programdata\ShopuDrop\Tkh.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrive1]
@="{F241C880-6982-4CE5-8CF7-7085BA96DA5A}"
[HKEY_CLASSES_ROOT\CLSID\{F241C880-6982-4CE5-8CF7-7085BA96DA5A}]
2013-07-06 15:33 220632 ----a-w- c:\users\Andre\AppData\Local\Microsoft\SkyDrive\16.4.6013.0910\SkyDriveShell.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrive2]
@="{A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E}"
[HKEY_CLASSES_ROOT\CLSID\{A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E}]
2013-07-06 15:33 220632 ----a-w- c:\users\Andre\AppData\Local\Microsoft\SkyDrive\16.4.6013.0910\SkyDriveShell.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrive3]
@="{BBACC218-34EA-4666-9D7A-C78F2274A524}"
[HKEY_CLASSES_ROOT\CLSID\{BBACC218-34EA-4666-9D7A-C78F2274A524}]
2013-07-06 15:33 220632 ----a-w- c:\users\Andre\AppData\Local\Microsoft\SkyDrive\16.4.6013.0910\SkyDriveShell.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\1TortoiseNormal]
@="{C5994560-53D9-4125-87C9-F193FC689CB2}"
[HKEY_CLASSES_ROOT\CLSID\{C5994560-53D9-4125-87C9-F193FC689CB2}]
2011-06-13 16:20 64792 ----a-w- c:\program files (x86)\Common Files\TortoiseOverlays\TortoiseOverlays.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\2TortoiseModified]
@="{C5994561-53D9-4125-87C9-F193FC689CB2}"
[HKEY_CLASSES_ROOT\CLSID\{C5994561-53D9-4125-87C9-F193FC689CB2}]
2011-06-13 16:20 64792 ----a-w- c:\program files (x86)\Common Files\TortoiseOverlays\TortoiseOverlays.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\3TortoiseConflict]
@="{C5994562-53D9-4125-87C9-F193FC689CB2}"
[HKEY_CLASSES_ROOT\CLSID\{C5994562-53D9-4125-87C9-F193FC689CB2}]
2011-06-13 16:20 64792 ----a-w- c:\program files (x86)\Common Files\TortoiseOverlays\TortoiseOverlays.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\4TortoiseLocked]
@="{C5994563-53D9-4125-87C9-F193FC689CB2}"
[HKEY_CLASSES_ROOT\CLSID\{C5994563-53D9-4125-87C9-F193FC689CB2}]
2011-06-13 16:20 64792 ----a-w- c:\program files (x86)\Common Files\TortoiseOverlays\TortoiseOverlays.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\5TortoiseReadOnly]
@="{C5994564-53D9-4125-87C9-F193FC689CB2}"
[HKEY_CLASSES_ROOT\CLSID\{C5994564-53D9-4125-87C9-F193FC689CB2}]
2011-06-13 16:20 64792 ----a-w- c:\program files (x86)\Common Files\TortoiseOverlays\TortoiseOverlays.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\6TortoiseDeleted]
@="{C5994565-53D9-4125-87C9-F193FC689CB2}"
[HKEY_CLASSES_ROOT\CLSID\{C5994565-53D9-4125-87C9-F193FC689CB2}]
2011-06-13 16:20 64792 ----a-w- c:\program files (x86)\Common Files\TortoiseOverlays\TortoiseOverlays.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\7TortoiseAdded]
@="{C5994566-53D9-4125-87C9-F193FC689CB2}"
[HKEY_CLASSES_ROOT\CLSID\{C5994566-53D9-4125-87C9-F193FC689CB2}]
2011-06-13 16:20 64792 ----a-w- c:\program files (x86)\Common Files\TortoiseOverlays\TortoiseOverlays.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\8TortoiseIgnored]
@="{C5994567-53D9-4125-87C9-F193FC689CB2}"
[HKEY_CLASSES_ROOT\CLSID\{C5994567-53D9-4125-87C9-F193FC689CB2}]
2011-06-13 16:20 64792 ----a-w- c:\program files (x86)\Common Files\TortoiseOverlays\TortoiseOverlays.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\9TortoiseUnversioned]
@="{C5994568-53D9-4125-87C9-F193FC689CB2}"
[HKEY_CLASSES_ROOT\CLSID\{C5994568-53D9-4125-87C9-F193FC689CB2}]
2011-06-13 16:20 64792 ----a-w- c:\program files (x86)\Common Files\TortoiseOverlays\TortoiseOverlays.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt1]
@="{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}]
2013-09-11 02:09 131248 ----a-w- c:\users\Andre\AppData\Roaming\Dropbox\bin\DropboxExt.22.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt2]
@="{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}]
2013-09-11 02:09 131248 ----a-w- c:\users\Andre\AppData\Roaming\Dropbox\bin\DropboxExt.22.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt3]
@="{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}]
2013-09-11 02:09 131248 ----a-w- c:\users\Andre\AppData\Roaming\Dropbox\bin\DropboxExt.22.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt4]
@="{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}]
2013-09-11 02:09 131248 ----a-w- c:\users\Andre\AppData\Roaming\Dropbox\bin\DropboxExt.22.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\EldosIconOverlay]
@="{5BB532A2-BF14-4CCC-86B7-71B81EF6F8BC}"
[HKEY_CLASSES_ROOT\CLSID\{5BB532A2-BF14-4CCC-86B7-71B81EF6F8BC}]
2012-04-09 22:27 158224 ----a-w- c:\windows\SysWOW64\CbFsMntNtf3.dll
.
c:\users\Andre\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
CurseClientStartup.ccip [2014-8-6 0]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 0 (0x0)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableLUA"= 0 (0x0)
"EnableUIADesktopToggle"= 0 (0x0)
"PromptOnSecureDesktop"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\windows]
"LoadAppInit_DLLs"=1 (0x1)
"AppInit_DLLs"=c:\windows\SysWOW64\nvinit.dll
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MsMpSvc]
@="Service"
.
R2 AlienFusionService;Alienware Fusion Service;c:\program files\Alienware\Command Center\AlienFusionService.exe;c:\program files\Alienware\Command Center\AlienFusionService.exe [x]
R2 BstHdAndroidSvc;BlueStacks Android Service;c:\program files (x86)\BlueStacks\HD-Service.exe BstHdAndroidSvc Android;c:\program files (x86)\BlueStacks\HD-Service.exe BstHdAndroidSvc Android [x]
R2 CLKMSVC10_9EC60124;CyberLink Product - 2012/06/10 10:18;c:\program files (x86)\CyberLink\PowerDVD9\NavFilter\kmsvc.exe;c:\program files (x86)\CyberLink\PowerDVD9\NavFilter\kmsvc.exe [x]
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [x]
R2 SkypeUpdate;Skype Updater;c:\program files (x86)\Skype\Updater\Updater.exe;c:\program files (x86)\Skype\Updater\Updater.exe [x]
R2 WebOptimizer;WebOptimizer;c:\windows\system32\dmwu.exe;c:\windows\SYSNATIVE\dmwu.exe [x]
R3 AMPPALP;Intel® Centrino® Wireless Bluetooth® + High Speed Protocol;c:\windows\system32\DRIVERS\amppal.sys;c:\windows\SYSNATIVE\DRIVERS\amppal.sys [x]
R3 Bluetooth Media Service;Bluetooth Media Service;c:\program files (x86)\Intel\Bluetooth\mediasrv.exe;c:\program files (x86)\Intel\Bluetooth\mediasrv.exe [x]
R3 CEDRIVER60;CEDRIVER60;c:\program files (x86)\Cheat Engine 6.1\dbk64.sys;c:\program files (x86)\Cheat Engine 6.1\dbk64.sys [x]
R3 cpudrv64;cpudrv64;c:\program files (x86)\SystemRequirementsLab\cpudrv64.sys;c:\program files (x86)\SystemRequirementsLab\cpudrv64.sys [x]
R3 Creative ALchemy AL6 Licensing Service;Creative ALchemy AL6 Licensing Service;c:\program files (x86)\Common Files\Creative Labs Shared\Service\AL6Licensing.exe;c:\program files (x86)\Common Files\Creative Labs Shared\Service\AL6Licensing.exe [x]
R3 Creative Audio Engine Licensing Service;Creative Audio Engine Licensing Service;c:\program files (x86)\Common Files\Creative Labs Shared\Service\CTAELicensing.exe;c:\program files (x86)\Common Files\Creative Labs Shared\Service\CTAELicensing.exe [x]
R3 intelkmd;intelkmd;c:\windows\system32\DRIVERS\igdpmd64.sys;c:\windows\SYSNATIVE\DRIVERS\igdpmd64.sys [x]
R3 LVRS64;Logitech RightSound Filter Driver;c:\windows\system32\DRIVERS\lvrs64.sys;c:\windows\SYSNATIVE\DRIVERS\lvrs64.sys [x]
R3 LVUVC64;Logitech HD Webcam C615(UVC);c:\windows\system32\DRIVERS\lvuvc64.sys;c:\windows\SYSNATIVE\DRIVERS\lvuvc64.sys [x]
R3 MyWiFiDHCPDNS;Wireless PAN DHCP Server;c:\program files\Intel\WiFi\bin\PanDhcpDns.exe;c:\program files\Intel\WiFi\bin\PanDhcpDns.exe [x]
R3 Netaapl;Apple Mobile Device Ethernet Service;c:\windows\system32\DRIVERS\netaapl64.sys;c:\windows\SYSNATIVE\DRIVERS\netaapl64.sys [x]
R3 NisSrv;Microsoft Network Inspection;c:\program files\Microsoft Security Client\NisSrv.exe;c:\program files\Microsoft Security Client\NisSrv.exe [x]
R3 NvStUSB;NVIDIA Stereoscopic 3D USB driver;c:\windows\system32\drivers\nvstusb.sys;c:\windows\SYSNATIVE\drivers\nvstusb.sys [x]
R3 ose64;Office 64 Source Engine;c:\program files\Common Files\Microsoft Shared\Source Engine\OSE.EXE;c:\program files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [x]
R3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;c:\windows\system32\drivers\rdpvideominiport.sys;c:\windows\SYSNATIVE\drivers\rdpvideominiport.sys [x]
R3 SwitchBoard;Adobe SwitchBoard;c:\program files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe;c:\program files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [x]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys;c:\windows\SYSNATIVE\drivers\tsusbflt.sys [x]
R3 TsUsbGD;Remote Desktop Generic USB Device;c:\windows\system32\drivers\TsUsbGD.sys;c:\windows\SYSNATIVE\drivers\TsUsbGD.sys [x]
R3 USBAAPL64;Apple Mobile USB Driver;c:\windows\system32\Drivers\usbaapl64.sys;c:\windows\SYSNATIVE\Drivers\usbaapl64.sys [x]
R3 WatAdminSvc;Windows Activation Technologies Service;c:\windows\system32\Wat\WatAdminSvc.exe;c:\windows\SYSNATIVE\Wat\WatAdminSvc.exe [x]
R3 WinRing0_1_2_0;WinRing0_1_2_0;c:\program files (x86)\IObit\Game Booster 3\Driver\WinRing0x64.sys;c:\program files (x86)\IObit\Game Booster 3\Driver\WinRing0x64.sys [x]
R4 McComponentHostService;McAfee Security Scan Component Host Service;c:\program files (x86)\McAfee Security Scan\3.0.207\McCHSvc.exe;c:\program files (x86)\McAfee Security Scan\3.0.207\McCHSvc.exe [x]
R4 Web Assistant Updater;Web Assistant Updater;c:\program files\Web Assistant\ExtensionUpdaterService.exe;c:\program files\Web Assistant\ExtensionUpdaterService.exe [x]
S0 EMSC;COMPAL Embedded System Control;c:\windows\system32\DRIVERS\EMSC.SYS;c:\windows\SYSNATIVE\DRIVERS\EMSC.SYS [x]
S0 iusb3hcs;Intel® USB 3.0 Host Controller Switch Driver;c:\windows\system32\DRIVERS\iusb3hcs.sys;c:\windows\SYSNATIVE\DRIVERS\iusb3hcs.sys [x]
S0 nvpciflt;nvpciflt;c:\windows\system32\DRIVERS\nvpciflt.sys;c:\windows\SYSNATIVE\DRIVERS\nvpciflt.sys [x]
S0 PxHlpa64;PxHlpa64;c:\windows\System32\Drivers\PxHlpa64.sys;c:\windows\SYSNATIVE\Drivers\PxHlpa64.sys [x]
S0 stdcfltn;Disk Class Filter Driver for Accelerometer;c:\windows\system32\DRIVERS\stdcfltn.sys;c:\windows\SYSNATIVE\DRIVERS\stdcfltn.sys [x]
S1 nvkflt;nvkflt;c:\windows\system32\DRIVERS\nvkflt.sys;c:\windows\SYSNATIVE\DRIVERS\nvkflt.sys [x]
S1 VBoxDrv;VirtualBox Service;c:\windows\system32\DRIVERS\VBoxDrv.sys;c:\windows\SYSNATIVE\DRIVERS\VBoxDrv.sys [x]
S1 VBoxUSBMon;VirtualBox USB Monitor Driver;c:\windows\system32\DRIVERS\VBoxUSBMon.sys;c:\windows\SYSNATIVE\DRIVERS\VBoxUSBMon.sys [x]
S2 AdobeActiveFileMonitor10.0;Adobe Active File Monitor V10;c:\program files (x86)\Adobe\Elements 10 Organizer\PhotoshopElementsFileAgent.exe;c:\program files (x86)\Adobe\Elements 10 Organizer\PhotoshopElementsFileAgent.exe [x]
S2 AMPPALR3;Intel® Centrino® Wireless Bluetooth® + High Speed Service;c:\program files\Intel\BluetoothHS\BTHSAmpPalService.exe;c:\program files\Intel\BluetoothHS\BTHSAmpPalService.exe [x]
S2 Bluetooth Device Monitor;Bluetooth Device Monitor;c:\program files (x86)\Intel\Bluetooth\devmonsrv.exe;c:\program files (x86)\Intel\Bluetooth\devmonsrv.exe [x]
S2 Bluetooth OBEX Service;Bluetooth OBEX Service;c:\program files (x86)\Intel\Bluetooth\obexsrv.exe;c:\program files (x86)\Intel\Bluetooth\obexsrv.exe [x]
S2 BstHdDrv;BlueStacks Hypervisor;c:\program files (x86)\BlueStacks\HD-Hypervisor-amd64.sys;c:\program files (x86)\BlueStacks\HD-Hypervisor-amd64.sys [x]
S2 BstHdLogRotatorSvc;BlueStacks Log Rotator Service;c:\program files (x86)\BlueStacks\HD-LogRotatorService.exe;c:\program files (x86)\BlueStacks\HD-LogRotatorService.exe [x]
S2 BstHdUpdaterSvc;BlueStacks Updater Service;c:\program files (x86)\BlueStacks\HD-UpdaterService.exe;c:\program files (x86)\BlueStacks\HD-UpdaterService.exe [x]
S2 BTHSSecurityMgr;Intel® Centrino® Wireless Bluetooth® + High Speed Security Service;c:\program files\Intel\BluetoothHS\BTHSSecurityMgr.exe;c:\program files\Intel\BluetoothHS\BTHSSecurityMgr.exe [x]
S2 c2cautoupdatesvc;Skype Click to Call Updater;c:\program files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe;c:\program files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe [x]
S2 c2cpnrsvc;Skype Click to Call PNR Service;c:\program files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe;c:\program files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe [x]
S2 CtHdaSvc;Sound Core3D Service;c:\windows\sysWow64\CtHdaSvc.exe;c:\windows\sysWow64\CtHdaSvc.exe [x]
S2 FreemakeVideoCapture;FreemakeVideoCapture;c:\program files (x86)\Freemake\CaptureLib\CaptureLibService.exe;c:\program files (x86)\Freemake\CaptureLib\CaptureLibService.exe [x]
S2 IAStorDataMgrSvc;Intel® Rapid Storage Technology;c:\program files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe;c:\program files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe [x]
S2 Intel® Capability Licensing Service Interface;Intel® Capability Licensing Service Interface;c:\program files\Intel\iCLS Client\HeciServer.exe;c:\program files\Intel\iCLS Client\HeciServer.exe [x]
S2 jhi_service;Intel® Dynamic Application Loader Host Interface Service;c:\program files (x86)\Intel\Intel® Management Engine Components\DAL\jhi_service.exe;c:\program files (x86)\Intel\Intel® Management Engine Components\DAL\jhi_service.exe [x]
S2 LMIGuardianSvc;LMIGuardianSvc;c:\program files (x86)\LogMeIn\x64\LMIGuardianSvc.exe;c:\program files (x86)\LogMeIn\x64\LMIGuardianSvc.exe [x]
S2 LMIInfo;LogMeIn Kernel Information Provider;c:\program files (x86)\LogMeIn\x64\RaInfo.sys;c:\program files (x86)\LogMeIn\x64\RaInfo.sys [x]
S2 MySQLAndre;MySQLAndre;c:\program files\MySQL\MySQL Server 5.5\bin\mysqld --defaults-file=c:\programdata\MySQL\MySQL Server 5.5\my.ini MySQLAndre;c:\program files\MySQL\MySQL Server 5.5\bin\mysqld --defaults-file=c:\programdata\MySQL\MySQL Server 5.5\my.ini MySQLAndre [x]
S2 NisDrv;Microsoft Network Inspection System;c:\windows\system32\DRIVERS\NisDrvWFP.sys;c:\windows\SYSNATIVE\DRIVERS\NisDrvWFP.sys [x]
S2 RzKLService;RzKLService;c:\program files (x86)\Razer\Razer Game Booster\RzKLService.exe;c:\program files (x86)\Razer\Razer Game Booster\RzKLService.exe [x]
S2 Sentinel64;Sentinel64;c:\windows\System32\Drivers\Sentinel64.sys;c:\windows\SYSNATIVE\Drivers\Sentinel64.sys [x]
S2 SentinelKeysServer;Sentinel Keys Server;c:\program files (x86)\Common Files\SafeNet Sentinel\Sentinel Keys Server\sntlkeyssrvr.exe;c:\program files (x86)\Common Files\SafeNet Sentinel\Sentinel Keys Server\sntlkeyssrvr.exe [x]
S2 SentinelSecurityRuntime;Sentinel Security Runtime;c:\program files (x86)\Common Files\SafeNet Sentinel\Sentinel Security Runtime\sntlsrtsrvr.exe;c:\program files (x86)\Common Files\SafeNet Sentinel\Sentinel Security Runtime\sntlsrtsrvr.exe [x]
S2 SftService;SoftThinks Agent Service;c:\program files (x86)\AlienRespawn\sftservice.EXE;c:\program files (x86)\AlienRespawn\sftservice.EXE [x]
S2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service;c:\program files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe;c:\program files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [x]
S2 UMVPFSrv;UMVPFSrv;c:\program files (x86)\Common Files\logishrd\LVMVFM\UMVPFSrv.exe;c:\program files (x86)\Common Files\logishrd\LVMVFM\UMVPFSrv.exe [x]
S2 UNS;Intel® Management and Security Application User Notification Service;c:\program files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe;c:\program files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe [x]
S2 VideoAcceleratorService;VideoAcceleratorService;c:\progra~2\SPEEDB~1\VideoAcceleratorService.exe;c:\progra~2\SPEEDB~1\VideoAcceleratorService.exe [x]
S2 ZeroConfigService;Intel® PROSet/Wireless Zero Configuration Service;c:\program files\Intel\WiFi\bin\ZeroConfigService.exe;c:\program files\Intel\WiFi\bin\ZeroConfigService.exe [x]
S3 AMPPAL;Intel® Centrino® Wireless Bluetooth® + High Speed Virtual Adapter;c:\windows\system32\DRIVERS\AMPPAL.sys;c:\windows\SYSNATIVE\DRIVERS\AMPPAL.sys [x]
S3 btmaux;Intel Bluetooth Auxiliary Service;c:\windows\system32\DRIVERS\btmaux.sys;c:\windows\SYSNATIVE\DRIVERS\btmaux.sys [x]
S3 btmhsf;btmhsf;c:\windows\system32\DRIVERS\btmhsf.sys;c:\windows\SYSNATIVE\DRIVERS\btmhsf.sys [x]
S3 cbfs3;EldoS Callback File System driver v3;c:\windows\system32\DRIVERS\cbfs3.sys;c:\windows\SYSNATIVE\DRIVERS\cbfs3.sys [x]
S3 CtClsFlt;Creative Camera Class Upper Filter Driver;c:\windows\system32\DRIVERS\CtClsFlt.sys;c:\windows\SYSNATIVE\DRIVERS\CtClsFlt.sys [x]
S3 cthda;Sound Core3D(CtHda.sys);c:\windows\system32\drivers\cthda.sys;c:\windows\SYSNATIVE\drivers\cthda.sys [x]
S3 ibtfltcoex;ibtfltcoex;c:\windows\system32\DRIVERS\iBtFltCoex.sys;c:\windows\SYSNATIVE\DRIVERS\iBtFltCoex.sys [x]
S3 IntcDAud;Intel® Display Audio;c:\windows\system32\DRIVERS\IntcDAud.sys;c:\windows\SYSNATIVE\DRIVERS\IntcDAud.sys [x]
S3 iusb3hub;Intel® USB 3.0 Hub Driver;c:\windows\system32\DRIVERS\iusb3hub.sys;c:\windows\SYSNATIVE\DRIVERS\iusb3hub.sys [x]
S3 iusb3xhc;Intel® USB 3.0 eXtensible Host Controller Driver;c:\windows\system32\DRIVERS\iusb3xhc.sys;c:\windows\SYSNATIVE\DRIVERS\iusb3xhc.sys [x]
S3 L1C;NDIS Miniport Driver for Atheros AR81xx PCI-E Ethernet Controller;c:\windows\system32\DRIVERS\L1C62x64.sys;c:\windows\SYSNATIVE\DRIVERS\L1C62x64.sys [x]
S3 RSPCIESTOR;Realtek PCIE CardReader Driver;c:\windows\system32\DRIVERS\RtsPStor.sys;c:\windows\SYSNATIVE\DRIVERS\RtsPStor.sys [x]
S3 rzudd;Razer Keyboard Driver;c:\windows\system32\DRIVERS\rzudd.sys;c:\windows\SYSNATIVE\DRIVERS\rzudd.sys [x]
S3 ST_ACCEL;STMicroelectronics Accelerometer Service;c:\windows\system32\DRIVERS\ST_ACCEL.sys;c:\windows\SYSNATIVE\DRIVERS\ST_ACCEL.sys [x]
S3 VBoxNetAdp;VirtualBox Host-Only Ethernet Adapter;c:\windows\system32\DRIVERS\VBoxNetAdp.sys;c:\windows\SYSNATIVE\DRIVERS\VBoxNetAdp.sys [x]
S3 VBoxNetFlt;VirtualBox Bridged Networking Service;c:\windows\system32\DRIVERS\VBoxNetFlt.sys;c:\windows\SYSNATIVE\DRIVERS\VBoxNetFlt.sys [x]
.
.
--- Other Services/Drivers In Memory ---
.
*Deregistered* - CLKMDRV10_9EC60124
.
Contents of the 'Scheduled Tasks' folder
.
2014-08-07 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-06-10 22:15]
.
2014-08-07 c:\windows\Tasks\AmiUpdXp.job
- c:\users\Andre\AppData\Local\13677\a7110.exe [2014-08-07 01:03]
.
2014-08-07 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2013-01-09 04:06]
.
2014-08-07 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2013-01-09 04:06]
.
2014-08-07 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1126745806-3093530448-7569978-1001Core.job
- c:\users\Andre\AppData\Local\Google\Update\GoogleUpdate.exe [2012-06-20 02:28]
.
2014-08-07 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1126745806-3093530448-7569978-1001UA.job
- c:\users\Andre\AppData\Local\Google\Update\GoogleUpdate.exe [2012-06-20 02:28]
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{32C7CEDA-CB8B-3E5F-39EE-424868841A59}]
2014-06-11 17:18 404992 ----a-w- c:\programdata\DigiSaver\KZX.x64.dll
.
[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{A5BFBCA7-BB24-32B8-DDD9-C297FF1DF128}]
2014-02-24 03:27 110592 ----a-w- c:\program files (x86)\TidyNetwork\petn64.dll
.
[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{AB4AB13C-341D-D7B8-CBDF-4D46C2624E5F}]
2014-02-27 23:51 475136 ----a-w- c:\programdata\DDiscouuntEaxteNsi\fJ.x64.dll
.
[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{AC8510C9-E032-CE40-D602-7DAC54049F07}]
2014-07-02 21:40 513536 ----a-w- c:\programdata\ReaguLaarDeals\HGBu8WEX.x64.dll
.
[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{FBD99D9E-C256-47EF-03D5-5364990CB346}]
2014-05-25 19:38 403968 ----a-w- c:\programdata\ShopuDrop\Tkh.x64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ AccExtIco1]
@="{AB9CF9F8-8A96-4F9D-BF21-CE85714C3A47}"
[HKEY_CLASSES_ROOT\CLSID\{AB9CF9F8-8A96-4F9D-BF21-CE85714C3A47}]
2013-08-30 15:01 3358064 ----a-w- c:\program files (x86)\Adobe\Adobe Creative Cloud\CoreSync\CoreSync_v_1_1_0_x64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ AccExtIco2]
@="{853B7E05-C47D-4985-909A-D0DC5C6D7303}"
[HKEY_CLASSES_ROOT\CLSID\{853B7E05-C47D-4985-909A-D0DC5C6D7303}]
2013-08-30 15:01 3358064 ----a-w- c:\program files (x86)\Adobe\Adobe Creative Cloud\CoreSync\CoreSync_v_1_1_0_x64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ AccExtIco3]
@="{42D38F2E-98E9-4382-B546-E24E4D6D04BB}"
[HKEY_CLASSES_ROOT\CLSID\{42D38F2E-98E9-4382-B546-E24E4D6D04BB}]
2013-08-30 15:01 3358064 ----a-w- c:\program files (x86)\Adobe\Adobe Creative Cloud\CoreSync\CoreSync_v_1_1_0_x64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrive1]
@="{F241C880-6982-4CE5-8CF7-7085BA96DA5A}"
[HKEY_CLASSES_ROOT\CLSID\{F241C880-6982-4CE5-8CF7-7085BA96DA5A}]
2013-07-06 15:33 244696 ----a-w- c:\users\Andre\AppData\Local\Microsoft\SkyDrive\16.4.6013.0910\amd64\SkyDriveShell64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrive2]
@="{A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E}"
[HKEY_CLASSES_ROOT\CLSID\{A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E}]
2013-07-06 15:33 244696 ----a-w- c:\users\Andre\AppData\Local\Microsoft\SkyDrive\16.4.6013.0910\amd64\SkyDriveShell64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrive3]
@="{BBACC218-34EA-4666-9D7A-C78F2274A524}"
[HKEY_CLASSES_ROOT\CLSID\{BBACC218-34EA-4666-9D7A-C78F2274A524}]
2013-07-06 15:33 244696 ----a-w- c:\users\Andre\AppData\Local\Microsoft\SkyDrive\16.4.6013.0910\amd64\SkyDriveShell64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\1TortoiseNormal]
@="{C5994560-53D9-4125-87C9-F193FC689CB2}"
[HKEY_CLASSES_ROOT\CLSID\{C5994560-53D9-4125-87C9-F193FC689CB2}]
2011-06-13 16:20 75544 ----a-w- c:\program files\Common Files\TortoiseOverlays\TortoiseOverlays.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\2TortoiseModified]
@="{C5994561-53D9-4125-87C9-F193FC689CB2}"
[HKEY_CLASSES_ROOT\CLSID\{C5994561-53D9-4125-87C9-F193FC689CB2}]
2011-06-13 16:20 75544 ----a-w- c:\program files\Common Files\TortoiseOverlays\TortoiseOverlays.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\3TortoiseConflict]
@="{C5994562-53D9-4125-87C9-F193FC689CB2}"
[HKEY_CLASSES_ROOT\CLSID\{C5994562-53D9-4125-87C9-F193FC689CB2}]
2011-06-13 16:20 75544 ----a-w- c:\program files\Common Files\TortoiseOverlays\TortoiseOverlays.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\4TortoiseLocked]
@="{C5994563-53D9-4125-87C9-F193FC689CB2}"
[HKEY_CLASSES_ROOT\CLSID\{C5994563-53D9-4125-87C9-F193FC689CB2}]
2011-06-13 16:20 75544 ----a-w- c:\program files\Common Files\TortoiseOverlays\TortoiseOverlays.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\5TortoiseReadOnly]
@="{C5994564-53D9-4125-87C9-F193FC689CB2}"
[HKEY_CLASSES_ROOT\CLSID\{C5994564-53D9-4125-87C9-F193FC689CB2}]
2011-06-13 16:20 75544 ----a-w- c:\program files\Common Files\TortoiseOverlays\TortoiseOverlays.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\6TortoiseDeleted]
@="{C5994565-53D9-4125-87C9-F193FC689CB2}"
[HKEY_CLASSES_ROOT\CLSID\{C5994565-53D9-4125-87C9-F193FC689CB2}]
2011-06-13 16:20 75544 ----a-w- c:\program files\Common Files\TortoiseOverlays\TortoiseOverlays.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\7TortoiseAdded]
@="{C5994566-53D9-4125-87C9-F193FC689CB2}"
[HKEY_CLASSES_ROOT\CLSID\{C5994566-53D9-4125-87C9-F193FC689CB2}]
2011-06-13 16:20 75544 ----a-w- c:\program files\Common Files\TortoiseOverlays\TortoiseOverlays.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\8TortoiseIgnored]
@="{C5994567-53D9-4125-87C9-F193FC689CB2}"
[HKEY_CLASSES_ROOT\CLSID\{C5994567-53D9-4125-87C9-F193FC689CB2}]
2011-06-13 16:20 75544 ----a-w- c:\program files\Common Files\TortoiseOverlays\TortoiseOverlays.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\9TortoiseUnversioned]
@="{C5994568-53D9-4125-87C9-F193FC689CB2}"
[HKEY_CLASSES_ROOT\CLSID\{C5994568-53D9-4125-87C9-F193FC689CB2}]
2011-06-13 16:20 75544 ----a-w- c:\program files\Common Files\TortoiseOverlays\TortoiseOverlays.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt1]
@="{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}]
2013-09-11 02:09 164016 ----a-w- c:\users\Andre\AppData\Roaming\Dropbox\bin\DropboxExt64.22.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt2]
@="{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}]
2013-09-11 02:09 164016 ----a-w- c:\users\Andre\AppData\Roaming\Dropbox\bin\DropboxExt64.22.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt3]
@="{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}]
2013-09-11 02:09 164016 ----a-w- c:\users\Andre\AppData\Roaming\Dropbox\bin\DropboxExt64.22.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt4]
@="{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}]
2013-09-11 02:09 164016 ----a-w- c:\users\Andre\AppData\Roaming\Dropbox\bin\DropboxExt64.22.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\EldosIconOverlay]
@="{5BB532A2-BF14-4CCC-86B7-71B81EF6F8BC}"
[HKEY_CLASSES_ROOT\CLSID\{5BB532A2-BF14-4CCC-86B7-71B81EF6F8BC}]
2012-04-09 22:27 190480 ----a-w- c:\windows\System32\CbFsMntNtf3.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"LogMeIn GUI"="c:\program files (x86)\LogMeIn\x64\LogMeInSystray.exe" [2012-04-02 57928]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"AppInit_DLLs"=c:\windows\System32\nvinitx.dll
.
------- Supplementary Scan -------
.
uLocal Page = c:\windows\system32\blank.htm
uStart Page = hxxp://feed.helperbar.com/?p=mKO_AwFzXIpYRbPPq_NcKDZkQXPy4TZR44LspvC9sb99JtP_8ppO11zBlE0vSwAF7Y427VRNSixQ_aBoKQt8ZzrFdaF6XXC9JlY-3WgTCwzNoF0GxMIn_cziLFHmnZAsN-JQb7_yfxbqxx64jqvGdl5qepFWUqRog_R4Qhi-FxBp2tnpFk7Aeqj3FOC4
mDefault_Page_URL = hxxp://AlienwareArena.com
mStart Page = hxxp://AlienwareArena.com
mLocal Page = c:\windows\system32\blank.htm
uInternet Settings,ProxyServer =
uSearchAssistant = hxxp://feed.helperbar.com/?p=mKO_AwFzXIpYRbPPq_NcKDZkQXPy4TZR44LspvC9sb99JtP_8ppO11zBlE0vSwAF7Y427VRNSixQ_aBoKQt8ZzrFdaF6XXC9JlY-3WgTCwzNoF0GxMIn_cziLFHmnZzjdTYLTwyqHyzq_-5Zv-Do8h2z0fYIg2uLT19NbdtAh1v9bD2QJNH_osFCRZI7&q={searchTerms}
LSP: c:\program files (x86)\SpeedBit Video Accelerator\SBLSP.dll
Trusted Zone: dell.com
TCP: DhcpNameServer = 192.168.1.254
FF - ProfilePath - c:\users\Andre\AppData\Roaming\Mozilla\Firefox\Profiles\coidgl52.default\
FF - prefs.js: browser.search.defaulturl - 
FF - prefs.js: browser.search.selectedEngine - Web Search
FF - prefs.js: browser.startup.homepage - hxxp://feed.helperbar.com/?p=mKO_AwFzXIpYRbPPq_NcKDZkQXPy4TZR44LspvC9sb99JtP_8ppO11zBlE0vSwAF7Y427VRNSixQ_aBoKQt8ZzrFdaF6XXC9JlY-3WgTCwzNoF0GxMIn_cziLFHmnZAsN-JQb7_yfxbqxx64jqvGdl5qepFWUqRog_R4Qhi-FxBp2tnpFk7Aeqj3FOC4
FF - prefs.js: keyword.URL - hxxp://feed.helperbar.com/?p=mKO_AwFzXIpYRbPPq_NcKDZkQXPy4TZR44LspvC9sb99JtP_8ppO11zBlE0vSwAF7Y427VRNSixQ_aBoKQt8ZzrFdaF6XXC9JlY-3WgTCwzNoF0GxMIn_cziLFHmnZzjdTYLTwyqHyzq_-5Zv-Do8h2z0fYIg2uLT19NbdtAh1v9bD2QJNH_osFCRZI7&q=
FF - user.js: extensions.shownSelectionUI - true
.
- - - - ORPHANS REMOVED - - - -
.
BHO-{D343E8E3-B418-E1BE-D712-8FB10F7F4030} - c:\program files (x86)\Greattsaver\cEV8YKpEgS.dll
Toolbar-Locked - (no file)
BHO-{D343E8E3-B418-E1BE-D712-8FB10F7F4030} - c:\program files (x86)\Greattsaver\cEV8YKpEgS.x64.dll
Toolbar-Locked - (no file)
WebBrowser-{37483B40-C254-4A72-BDA4-22EE90182C1E} - (no file)
AddRemove-7-Zip - c:\program files (x86)\7-Zip\Uninstall.exe
AddRemove-ArenaSetup_is1 - c:\users\andre\desktop\TES\arena\unins000.exe
AddRemove-Cheat Engine 6.1_is1 - c:\program files (x86)\Cheat Engine 6.1\unins000.exe
AddRemove-iFunbox_is1 - c:\program files (x86)\i-Funbox DevTeam\unins000.exe
AddRemove-LimeWire - c:\program files (x86)\LimeWire\uninstall.exe
AddRemove-McAfee Security Scan - c:\program files (x86)\McAfee Security Scan\uninstall.exe
AddRemove-PunkBusterSvc - c:\windows\system32\pbsvc_bc2.exe
.
.
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\MySQLAndre]
"ImagePath"="\"c:\program files\MySQL\MySQL Server 5.5\bin\mysqld\" --defaults-file=\"c:\programdata\MySQL\MySQL Server 5.5\my.ini\" MySQLAndre"
.
--------------------- LOCKED REGISTRY KEYS ---------------------
.
[HKEY_USERS\S-1-5-21-1126745806-3093530448-7569978-1001\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{A67176F4-C338-4ADD-B8D1-F2D8792D445C}*ALID*]
"AppName"="Roblox.exe"
"Policy"=dword:00000003
"AppPath"="c:\\Users\\Andre\\AppData\\Local\\Roblox\\Versions\\version-3f2bb30af20140a4\\"
.
[HKEY_USERS\S-1-5-21-1126745806-3093530448-7569978-1001_Classes\Wow6432Node\CLSID\{5b681969-7404-46fe-aa2e-675e6f0521d0}]
@Denied: (Full) (Everyone)
@Allowed: (Read) (RestrictedCode)
"Model"=dword:000000d1
"Therad"=dword:0000001f
"MData"=hex(0):2b,8f,78,29,5a,0c,ce,ec,48,d4,68,e5,9f,6a,96,3e,ab,de,c5,81,26,
   38,95,44,5a,fd,31,6d,b3,71,61,86,f6,31,d2,ea,9f,4d,69,78,f1,b1,58,44,a6,a7,\
.
[HKEY_USERS\S-1-5-21-1126745806-3093530448-7569978-1001_Classes\Wow6432Node\CLSID\{5ED60779-4DE2-4E07-B862-974CA4FF2E9C}]
@Denied: (Full) (Everyone)
@Allowed: (Read) (RestrictedCode)
"scansk"=hex(0):b8,d6,ef,be,17,6c,6e,f7,fb,c1,f7,86,bd,3a,57,f9,a2,1f,af,53,50,
   6f,99,d6,b0,4b,7b,3b,a0,5c,20,ed,57,41,cb,16,c8,50,65,e0,00,00,00,00,00,00,\
.
[HKEY_LOCAL_MACHINE\SOFTWARE\BlueStacks]
"SymbolicLinkValue"=hex(6):5c,00,52,00,65,00,67,00,69,00,73,00,74,00,72,00,79,
   00,5c,00,4d,00,61,00,63,00,68,00,69,00,6e,00,65,00,5c,00,53,00,6f,00,66,00,\
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_11_6_602_180_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
@="c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_11_6_602_180_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{BEB3C0C7-B648-4257-96D9-B5D024816E27}\Version*Version]
"Version"=hex:e5,14,fd,67,bf,2e,91,b6,e9,ba,9f,54,a8,1b,a8,9b,8c,63,80,6e,ad,
   a7,61,31,c3,bb,47,b6,cf,3e,5f,19,43,eb,be,59,fb,51,df,e6,8b,2c,59,22,b2,e4,\
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="IFlashBroker5"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_6_602_180_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_6_602_180_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Shockwave Flash Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_6_602_180.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
@="0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
@="ShockwaveFlash.ShockwaveFlash.11"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_6_602_180.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="ShockwaveFlash.ShockwaveFlash"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Macromedia Flash Factory Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_6_602_180.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
@="FlashFactory.FlashFactory.1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_6_602_180.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="FlashFactory.FlashFactory"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="IFlashBroker5"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Office\Common\Smart Tag\Actions\{B7EFF951-E52F-45CC-9EF7-57124F2177CC}]
@Denied: (A) (Everyone)
"Solution"="{15727DE6-F92D-4E46-ACB4-0E2C58B31A18}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Schema Library\ActionsPane3]
@Denied: (A) (Everyone)
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Schema Library\ActionsPane3\0]
"Key"="ActionsPane3"
"Location"="c:\\Program Files (x86)\\Common Files\\Microsoft Shared\\VSTO\\ActionsPane3.xsd"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
------------------------ Other Running Processes ------------------------
.
c:\program files (x86)\Creative\Shared Files\CTAudSvc.exe
c:\program files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
c:\program files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
c:\windows\SysWOW64\PnkBstrA.exe
c:\program files (x86)\Common Files\SafeNet Sentinel\Sentinel Protection Server\WinNT\spnsrvnt.exe
c:\program files (x86)\AlienRespawn\TOASTER.EXE
c:\program files (x86)\AlienRespawn\Components\DSUpdate\DSUpd.exe
c:\program files (x86)\AlienRespawn\COMPONENTS\SCHEDULER\STSERVICE.EXE
c:\program files (x86)\Google\Update\1.3.22.3\GoogleCrashHandler.exe
c:\program files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe
.
**************************************************************************
.
Completion time: 2014-08-12  13:56:04 - machine was rebooted
ComboFix-quarantined-files.txt  2014-08-12 18:56
.
Pre-Run: 41,627,394,048 bytes free
Post-Run: 62,203,052,032 bytes free
.
- - End Of File - - 9AD38235246CAC8D22E39E25CD135B76
Link to post
Share on other sites
Guest
This topic is now closed to further replies.
 Share
Go to topic listing

  • Recently Browsing   0 members

    • No registered users viewing this page.
Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.