may be infected, advice please

cero · October 1, 2014

here are some logs

Logfile of Trend Micro HijackThis v2.0.5Scan saved at 12:03:10 PM, on 10/1/2014Platform: Windows 7 SP1 (WinNT 6.00.3505)MSIE: Internet Explorer v11.0 (11.00.9600.16518)FIREFOX: 32.0.3 (x86 en-US)Boot mode: NormalRunning processes:C:\Windows\system32\taskhost.exeC:\Windows\system32\Dwm.exeC:\Windows\Explorer.EXEC:\Program Files\Microsoft Security Client\msseces.exeC:\Program Files\iTunes\iTunesHelper.exeC:\Program Files\DAEMON Tools Pro\DTShellHlp.exeC:\Windows\system32\taskeng.exec:\Program Files\Microsoft Mouse and Keyboard Center\ipoint.exec:\Program Files\Microsoft Mouse and Keyboard Center\itype.exeC:\Program Files\VideoLAN\VLC\vlc.exeC:\Program Files\Mozilla Firefox\firefox.exeC:\Program Files\Opera\21.0.1432.67\opera.exeC:\Program Files\Opera\21.0.1432.67\opera_crashreporter.exeC:\Program Files\Opera\21.0.1432.67\opera.exeC:\Program Files\Opera\21.0.1432.67\opera.exeC:\Program Files\Opera\21.0.1432.67\opera.exeC:\Program Files\Opera\21.0.1432.67\opera.exeC:\Program Files\Mozilla Firefox\plugin-container.exeC:\Windows\system32\Macromed\Flash\FlashPlayerPlugin_15_0_0_152.exeC:\Windows\system32\Macromed\Flash\FlashPlayerPlugin_15_0_0_152.exeC:\Users\nots0\Downloads\HijackThis.exeC:\Program Files\Opera\21.0.1432.67\opera.exeC:\Program Files\Opera\21.0.1432.67\opera.exeR0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = www.google.comR1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.localR0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = O2 - BHO: ExplorerWnd Helper - {10921475-03CE-4E04-90CE-E2E7EF20C814} - (no file)O2 - BHO: Drop Pad Web Backup - {25DA541F-6ACF-4052-A8AA-1D58284729C7} - mscoree.dll (file missing)O2 - BHO: Lync Click to Call BHO - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files\Microsoft Office\Office15\OCHelper.dllO2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dllO2 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dllO2 - BHO: URLRedirectionBHO - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~1\MICROS~3\Office15\URLREDIR.DLLO2 - BHO: Microsoft SkyDrive Pro Browser Helper - {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} - C:\PROGRA~1\MICROS~3\Office15\GROOVEEX.DLLO2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dllO4 - HKLM\..\Run: [MSC] "c:\Program Files\Microsoft Security Client\msseces.exe" -hide -runkeyO4 - HKLM\..\Run: [AdobeAAMUpdater-1.0] "C:\Program Files\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe"O4 - HKLM\..\Run: [AdobeCEPServiceManager] "C:\Program Files\Common Files\Adobe\CEPServiceManager4\CEPServiceManager.exe" -launchedbyloginO4 - HKLM\..\Run: [APSDaemon] "C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe"O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"O4 - HKCU\..\Run: [DAEMON Tools Pro Agent] "C:\Program Files\DAEMON Tools Pro\DTAgent.exe" -autorunO4 - Startup: CurseClientStartup.ccipO8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~3\Office15\EXCEL.EXE/3000O8 - Extra context menu item: Se&nd to OneNote - res://C:\PROGRA~1\MICROS~3\Office15\ONBttnIE.dll/105O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office15\ONBttnIE.dllO9 - Extra 'Tools' menuitem: Se&nd to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office15\ONBttnIE.dllO9 - Extra button: Lync Click to Call - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files\Microsoft Office\Office15\OCHelper.dllO9 - Extra 'Tools' menuitem: Lync Click to Call - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files\Microsoft Office\Office15\OCHelper.dllO9 - Extra button: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office\Office15\ONBttnIELinkedNotes.dllO9 - Extra 'Tools' menuitem: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office\Office15\ONBttnIELinkedNotes.dllO10 - Unknown file in Winsock LSP: c:\program files\common files\microsoft shared\windows live\wlidnsp.dllO10 - Unknown file in Winsock LSP: c:\program files\common files\microsoft shared\windows live\wlidnsp.dllO11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphicsO15 - Trusted Zone: *.clonewarsadventures.comO15 - Trusted Zone: *.freerealms.comO15 - Trusted Zone: *.soe.comO15 - Trusted Zone: *.sony.comO18 - Protocol: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office\Office15\MSOSB.DLLO18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLLO18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dllO18 - Filter hijack: text/xml - {807583E5-5146-11D5-A672-00B0D022E945} - C:\Program Files\Common Files\Microsoft Shared\OFFICE15\MSOXMLMF.DLLO23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exeO23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exeO23 - Service: Bonjour Service - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exeO23 - Service: @comres.dll,-947 (COMSysApp) - Unknown owner - C:\Windows\system32\dllhost.exeO23 - Service: Folder Size (FolderSize) - Brio - C:\Program Files\FolderSize\FolderSizeSvc.exeO23 - Service: Google Update Service (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exeO23 - Service: Google Update Service (gupdatem) (gupdatem) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exeO23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exeO23 - Service: MBAMScheduler - Malwarebytes Corporation - C:\Program Files\Malwarebytes Anti-Malware\mbamscheduler.exeO23 - Service: MBAMService - Malwarebytes Corporation - C:\Program Files\Malwarebytes Anti-Malware\mbamservice.exeO23 - Service: NVIDIA Display Driver Service (nvsvc) - NVIDIA Corporation - C:\Windows\system32\nvvsvc.exeO23 - Service: PP Assistant Service - Unknown owner - C:\Program Files\PP??2.0\adevicehelpersvr.exe (file missing)O23 - Service: NVIDIA Stereoscopic 3D Driver Service (Stereo Service) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe--End of file - 7226 bytes

Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 30-09-2014Ran by nots0 (administrator) on NOTS0-PC on 01-10-2014 11:20:15Running from C:\Users\nots0\DownloadsLoaded Profile: nots0 (Available profiles: nots0)Platform: Microsoft Windows 7 Ultimate  Service Pack 1 (X86) OS Language: English (United States)Internet Explorer Version 11Boot Mode: NormalTutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/==================== Processes (Whitelisted) =================(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe(Microsoft Corporation) C:\Program Files\Microsoft Security Client\MsMpEng.exe(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe(Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe(Brio) C:\Program Files\FolderSize\FolderSizeSvc.exe(Malwarebytes Corporation) C:\Program Files\Malwarebytes Anti-Malware\mbamscheduler.exe(Malwarebytes Corporation) C:\Program Files\Malwarebytes Anti-Malware\mbamservice.exe() C:\Program Files\PP助手2.0\adevicehelpersvr.exe(Microsoft Corporation) C:\Program Files\Microsoft Security Client\NisSrv.exe(Malwarebytes Corporation) C:\Program Files\Malwarebytes Anti-Malware\mbam.exe(广州铁人网络科技有限公司) C:\Program Files\PP助手2.0\adevicehelpermon.exe(Microsoft Corporation) C:\Windows\System32\dllhost.exe(Microsoft Corporation) C:\Program Files\Microsoft Security Client\msseces.exe(Apple Inc.) C:\Program Files\iTunes\iTunesHelper.exe(DT Soft Ltd) C:\Program Files\DAEMON Tools Pro\DTShellHlp.exe(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe(Microsoft Corporation) C:\Program Files\Microsoft Mouse and Keyboard Center\ipoint.exe(Microsoft Corporation) C:\Program Files\Microsoft Mouse and Keyboard Center\itype.exe(VideoLAN) C:\Program Files\VideoLAN\VLC\vlc.exe(Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe(Opera Software) C:\Program Files\Opera\21.0.1432.67\opera.exe() C:\Program Files\Opera\21.0.1432.67\opera_crashreporter.exe(Opera Software) C:\Program Files\Opera\21.0.1432.67\opera.exe(Opera Software) C:\Program Files\Opera\21.0.1432.67\opera.exe(Opera Software) C:\Program Files\Opera\21.0.1432.67\opera.exe(Opera Software) C:\Program Files\Opera\21.0.1432.67\opera.exe(Mozilla Corporation) C:\Program Files\Mozilla Firefox\plugin-container.exe(Adobe Systems, Inc.) C:\Windows\System32\Macromed\Flash\FlashPlayerPlugin_15_0_0_152.exe(Adobe Systems, Inc.) C:\Windows\System32\Macromed\Flash\FlashPlayerPlugin_15_0_0_152.exe() C:\Users\nots0\Downloads\RogueKiller.exe(Symantec Corporation) C:\Users\nots0\Downloads\FixWelch.exe(Opera Software) C:\Program Files\Opera\21.0.1432.67\opera.exe(Trend Micro Inc.) C:\Users\nots0\Downloads\HijackThis.exe(Microsoft Corporation) C:\Windows\regedit.exe==================== Registry (Whitelisted) ==================(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)HKLM\...\Run: [MSC] => c:\Program Files\Microsoft Security Client\msseces.exe [951576 2014-03-11] (Microsoft Corporation)HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [472992 2013-03-21] (Adobe Systems Incorporated)HKLM\...\Run: [AdobeCEPServiceManager] => C:\Program Files\Common Files\Adobe\CEPServiceManager4\CEPServiceManager.exe [1039248 2013-03-13] (Adobe Systems Incorporated)HKLM\...\Run: [APSDaemon] => C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe [43848 2014-02-12] (Apple Inc.)HKLM\...\Run: [iTunesHelper] => C:\Program Files\iTunes\iTunesHelper.exe [152392 2014-02-21] (Apple Inc.)HKLM\...\Run: [] => [X]HKU\S-1-5-21-2709076479-299211639-3247174901-1000\...\Run: [DAEMON Tools Pro Agent] => C:\Program Files\DAEMON Tools Pro\DTAgent.exe [3108480 2012-10-23] (DT Soft Ltd)Startup: C:\Users\nots0\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\CurseClientStartup.ccip ()ShellIconOverlayIdentifiers: [ SkyDrivePro1 (ErrorConflict)] -> {8BA85C75-763B-4103-94EB-9470F12FE0F7} => C:\Program Files\Microsoft Office\Office15\GROOVEEX.DLL (Microsoft Corporation)ShellIconOverlayIdentifiers: [ SkyDrivePro2 (SyncInProgress)] -> {CD55129A-B1A1-438E-A425-CEBC7DC684EE} => C:\Program Files\Microsoft Office\Office15\GROOVEEX.DLL (Microsoft Corporation)ShellIconOverlayIdentifiers: [ SkyDrivePro3 (InSync)] -> {E768CD3B-BDDC-436D-9C13-E1B39CA257B1} => C:\Program Files\Microsoft Office\Office15\GROOVEEX.DLL (Microsoft Corporation)ShellIconOverlayIdentifiers: [EnhancedStorageShell] -> {D9144DCD-E998-4ECA-AB6A-DCD83CCBA16D} => C:\Windows\system32\EhStorShell.dll (Microsoft Corporation)ShellIconOverlayIdentifiers: [Offline Files] -> {4E77131D-3629-431c-9818-C5679DC83E81} => C:\Windows\System32\cscui.dll (Microsoft Corporation)ShellIconOverlayIdentifiers: [SharingPrivate] -> {08244EE6-92F0-47f2-9FC9-929BAA2E7235} => C:\Windows\system32\ntshrui.dll (Microsoft Corporation)==================== Internet (Whitelisted) ====================(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearchHKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 0xF2D628CCF41CCE01HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = en-usHKCU\Software\Microsoft\Internet Explorer\Main,Start Page = www.google.comSearchScopes: HKLM - DefaultScope {17C35237-2C6F-452E-B85E-66267434CAB2} URL = SearchScopes: HKLM - {afdbddaa-5d3f-42ee-b79c-185a7020515b} URL = http://search.conduit.com/ResultsExt.aspx?q={searchTerms}&SearchSource=4&ctid=CT3281675&CUI=UN40636566492054128SearchScopes: HKCU - DefaultScope {1BD93CF8-CB61-4E9C-BF3C-395BAB0FDB65} URL = http://search.yahoo.com/search?fr=chr-greentree_ie&ei=utf-8&ilc=12&type=937811&p={searchTerms}SearchScopes: HKCU - {1BD93CF8-CB61-4E9C-BF3C-395BAB0FDB65} URL = http://search.yahoo.com/search?fr=chr-greentree_ie&ei=utf-8&ilc=12&type=937811&p={searchTerms}BHO: No Name -> {10921475-03CE-4E04-90CE-E2E7EF20C814} ->  No FileBHO: Drop Pad Web Backup -> {25DA541F-6ACF-4052-A8AA-1D58284729C7} -> C:\Windows\system32\mscoree.dll (Microsoft Corporation)BHO: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\Office15\OCHelper.dll (Microsoft Corporation)BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office15\URLREDIR.DLL (Microsoft Corporation)BHO: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office\Office15\GROOVEEX.DLL (Microsoft Corporation)BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)Handler: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office\Office15\MSOSB.DLL (Microsoft Corporation)Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies)Winsock: Catalog5 09 C:\Program Files\Bonjour\mdnsNSP.dll [121704] (Apple Inc.)Tcpip\Parameters: [DhcpNameServer] 75.75.75.75 75.75.76.76FireFox:========FF ProfilePath: C:\Users\nots0\AppData\Roaming\Mozilla\Firefox\Profiles\tz0ans2l.defaultFF Homepage: hxxp://www.google.comFF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF32_15_0_0_152.dll ()FF Plugin: @Apple.com/iTunes,version=1.0 -> C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll ()FF Plugin: @java.com/DTPlugin,version=10.51.2 -> C:\Program Files\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)FF Plugin: @java.com/JavaPlugin,version=10.51.2 -> C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)FF Plugin: @microsoft.com/Lync,version=15.0 -> C:\Program Files\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll (Microsoft Corporation)FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.30214.0\npctrl.dll ( Microsoft Corporation)FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~1\MICROS~3\Office15\NPSPWRAP.DLL (Microsoft Corporation)FF Plugin: @microsoft.com/WLPG,version=16.4.3505.0912 -> C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)FF Plugin: @nvidia.com/3DVision -> C:\Program Files\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)FF Plugin: @nvidia.com/3DVisionStreaming -> C:\Program Files\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)FF Plugin: @tools.google.com/Google Update;version=3 -> C:\Program Files\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)FF Plugin: @tools.google.com/Google Update;version=9 -> C:\Program Files\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)FF Plugin: @videolan.org/vlc,version=2.1.0 -> C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN)FF Plugin: adobe.com/AdobeAAMDetect -> C:\Program Files\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect32.dll (Adobe Systems)FF Plugin HKCU: ubisoft.com/uplaypc -> C:\Program Files\Ubisoft\Ubisoft Game Launcher\npuplaypc.dll (Ubisoft)FF user.js: detected! => C:\Users\nots0\AppData\Roaming\Mozilla\Firefox\Profiles\tz0ans2l.default\user.jsFF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npMeetingJoinPluginOC.dll (Microsoft Corporation)FF SearchPlugin: C:\Users\nots0\AppData\Roaming\Mozilla\Firefox\Profiles\tz0ans2l.default\searchplugins\google-ssl.xmlFF SearchPlugin: C:\Users\nots0\AppData\Roaming\Mozilla\Firefox\Profiles\tz0ans2l.default\searchplugins\yahoo_ff.xmlFF Extension: Ant Video Downloader - C:\Users\nots0\AppData\Roaming\Mozilla\Firefox\Profiles\tz0ans2l.default\Extensions\anttoolbar@ant.com [2014-08-02]FF Extension: Flash Video Downloader - YouTube Full HD Download - C:\Users\nots0\AppData\Roaming\Mozilla\Firefox\Profiles\tz0ans2l.default\Extensions\artur.dubovoy@gmail.com [2014-07-31]FF Extension: DoNotTrackMe: Online Privacy Protection - C:\Users\nots0\AppData\Roaming\Mozilla\Firefox\Profiles\tz0ans2l.default\Extensions\donottrackplus@abine.com [2014-07-10]FF Extension: LastPass - C:\Users\nots0\AppData\Roaming\Mozilla\Firefox\Profiles\tz0ans2l.default\Extensions\support@lastpass.com [2014-08-22]FF Extension: Flash and Video Download - C:\Users\nots0\AppData\Roaming\Mozilla\Firefox\Profiles\tz0ans2l.default\Extensions\{bee6eb20-01e0-ebd1-da83-080329fb9a3a} [2014-09-20]FF Extension: Custom New Tab - C:\Users\nots0\AppData\Roaming\Mozilla\Firefox\Profiles\tz0ans2l.default\Extensions\CNT@ednovak.net.xpi [2014-04-05]FF Extension: ImageBlock - C:\Users\nots0\AppData\Roaming\Mozilla\Firefox\Profiles\tz0ans2l.default\Extensions\imageblock@hemantvats.com.xpi [2013-09-28]FF Extension: InstantFox - C:\Users\nots0\AppData\Roaming\Mozilla\Firefox\Profiles\tz0ans2l.default\Extensions\searchy@searchy.xpi [2013-03-09]FF Extension: YouTube to MP3 - C:\Users\nots0\AppData\Roaming\Mozilla\Firefox\Profiles\tz0ans2l.default\Extensions\youtube2mp3@mondayx.de.xpi [2014-01-27]FF Extension: Gmail S/MIME - C:\Users\nots0\AppData\Roaming\Mozilla\Firefox\Profiles\tz0ans2l.default\Extensions\{4c197c8f-a50f-4b49-a2d2-ed922c95612f}.xpi [2013-03-12]FF Extension: Encrypted Communication - C:\Users\nots0\AppData\Roaming\Mozilla\Firefox\Profiles\tz0ans2l.default\Extensions\{52a7f893-d228-412e-9b28-bc61491462f6}.xpi [2013-03-12]FF Extension: Quick Translator - C:\Users\nots0\AppData\Roaming\Mozilla\Firefox\Profiles\tz0ans2l.default\Extensions\{5C655500-E712-41e7-9349-CE462F844B19}.xpi [2013-12-08]FF Extension: Downloads Window - C:\Users\nots0\AppData\Roaming\Mozilla\Firefox\Profiles\tz0ans2l.default\Extensions\{a7213cf2-fa1e-4373-88ff-255d0abd3020}.xpi [2014-01-27]FF Extension: Adblock Plus - C:\Users\nots0\AppData\Roaming\Mozilla\Firefox\Profiles\tz0ans2l.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2014-04-25]FF Extension: Google Privacy - C:\Users\nots0\AppData\Roaming\Mozilla\Firefox\Profiles\tz0ans2l.default\Extensions\{ea61041c-1e22-4400-99a0-aea461e69d04}.xpi [2013-03-12]Chrome: =======CHR DefaultSuggestURL: Default -> {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client={google:suggestClient}&gs_ri={google:suggestRid}&xssi=t&q={searchTerms}&{google:cursorPosition}{google:currentPageUrl}{google:pageClassification}sugkey={google:suggestAPIKeyParameter}CHR CustomProfile: C:\Users\nots0\AppData\Local\Google\Chrome\User Data\DefaultCHR Extension: (Google Docs) - C:\Users\nots0\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2014-04-17]CHR Extension: (Google Drive) - C:\Users\nots0\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2014-04-17]CHR Extension: (Google Voice Search Hotword (Beta)) - C:\Users\nots0\AppData\Local\Google\Chrome\User Data\Default\Extensions\bepbmhgboaologfdajaanbcjmnhjmhfn [2014-07-11]CHR Extension: (YouTube) - C:\Users\nots0\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2014-04-17]CHR Extension: (Google Search) - C:\Users\nots0\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2014-04-17]CHR Extension: (Google Wallet) - C:\Users\nots0\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2014-04-17]CHR Extension: (Gmail) - C:\Users\nots0\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2014-04-17]========================== Services (Whitelisted) =================(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)R2 FolderSize; C:\Program Files\FolderSize\FolderSizeSvc.exe [114688 2013-02-13] (Brio) [File not signed]S4 LiveUpdateSvc; C:\Program Files\IObit\LiveUpdate\LiveUpdate.exe [2151200 2013-12-03] (IObit)R2 MBAMScheduler; C:\Program Files\Malwarebytes Anti-Malware\mbamscheduler.exe [1809720 2014-05-12] (Malwarebytes Corporation)R2 MBAMService; C:\Program Files\Malwarebytes Anti-Malware\mbamservice.exe [860472 2014-05-12] (Malwarebytes Corporation)R2 MsMpSvc; C:\Program Files\Microsoft Security Client\MsMpEng.exe [22216 2014-03-11] (Microsoft Corporation)R3 NisSrv; C:\Program Files\Microsoft Security Client\NisSrv.exe [279776 2014-03-11] (Microsoft Corporation)R2 PP Assistant Service; C:\Program Files\PP助手2.0\adevicehelpersvr.exe [118496 2014-08-14] () [File not signed]R2 Themes; C:\Windows\system32\themeservice.dll [37376 2014-01-27] (Microsoft Corporation) [File not signed]==================== Drivers (Whitelisted) ====================(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)R1 AsIO; C:\Windows\System32\drivers\AsIO.sys [11296 2009-08-04] ()R1 dtsoftbus01; C:\Windows\System32\DRIVERS\dtsoftbus01.sys [242240 2013-03-09] (DT Soft Ltd)R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [23256 2014-05-12] (Malwarebytes Corporation)R3 MBAMSwissArmy; C:\Windows\system32\drivers\MBAMSwissArmy.sys [110296 2014-10-01] (Malwarebytes Corporation)S3 MBAMWebAccessControl; C:\Windows\system32\drivers\mwac.sys [51928 2014-05-12] (Malwarebytes Corporation)R0 MpFilter; C:\Windows\System32\DRIVERS\MpFilter.sys [231960 2014-01-25] (Microsoft Corporation)R1 MpKsld5c8bc61; c:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{3AC102B6-99F5-4BDC-878F-6A6946893CD0}\MpKsld5c8bc61.sys [39464 2014-10-01] (Microsoft Corporation)R3 MTsensor; C:\Windows\System32\DRIVERS\ASACPI.sys [13216 2009-07-16] ()S3 taphss; C:\Windows\System32\DRIVERS\taphss.sys [33512 2012-07-24] (AnchorFree Inc)S3 taphss6; C:\Windows\System32\DRIVERS\taphss6.sys [37064 2013-04-24] (Anchorfree Inc.)U3 TrueSight; C:\Windows\System32\drivers\TrueSight.sys [34808 2014-10-01] ()R3 VIAHdAudAddService; C:\Windows\System32\drivers\viahduaa.sys [1150880 2013-03-09] (VIA Technologies, Inc.)R1 WinFLAdrv; C:\Windows\System32\WinFLAdrv.sys [29184 2013-03-10] ()S1 AntiLog32; \??\C:\Windows\system32\drivers\AntiLog32.sys [X]S3 catchme; \??\C:\Users\nots0\AppData\Local\Temp\catchme.sys [X]S3 keycrypt; system32\DRIVERS\KeyCrypt32.sys [X]S3 Synth3dVsc; System32\drivers\synth3dvsc.sys [X]S3 tsusbhub; system32\drivers\tsusbhub.sys [X]S3 VGPU; System32\drivers\rdvgkmd.sys [X]==================== NetSvcs (Whitelisted) ===================(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)==================== One Month Created Files and Folders ========(If an entry is included in the fixlist, the file\folder will be moved.)2014-10-01 11:20 - 2014-10-01 11:21 - 00017767 _____ () C:\Users\nots0\Downloads\FRST.txt2014-10-01 11:19 - 2014-10-01 11:20 - 00000000 ____D () C:\FRST2014-10-01 11:19 - 2014-10-01 11:19 - 01100288 _____ (Farbar) C:\Users\nots0\Downloads\FRST.exe2014-10-01 11:07 - 2014-10-01 11:07 - 00007180 _____ () C:\Users\nots0\Downloads\hijackthis.log2014-10-01 11:01 - 2014-10-01 11:01 - 00388608 _____ (Trend Micro Inc.) C:\Users\nots0\Downloads\HijackThis.exe2014-10-01 10:45 - 2014-10-01 10:45 - 00000000 _____ () C:\Users\nots0\Downloads\FixWelch.log2014-10-01 10:44 - 2014-10-01 10:44 - 00175256 _____ (Symantec Corporation) C:\Users\nots0\Downloads\FixWelch.exe2014-10-01 10:38 - 2014-10-01 10:38 - 00034808 _____ () C:\Windows\system32\Drivers\TrueSight.sys2014-10-01 10:38 - 2014-10-01 10:38 - 00000000 ____D () C:\ProgramData\RogueKiller2014-10-01 10:37 - 2014-10-01 10:42 - 183376808 _____ (BeyondTrust, Inc.) C:\Users\nots0\Downloads\RetinaNetworkCommunity_EN.exe2014-10-01 10:31 - 2014-10-01 10:31 - 04893784 _____ () C:\Users\nots0\Downloads\RogueKiller.exe2014-10-01 08:48 - 2014-10-01 13:53 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TuneUp Utilities 20142014-10-01 08:48 - 2014-10-01 13:53 - 00000000 ____D () C:\Program Files\TuneUp Utilities 20142014-10-01 08:48 - 2014-10-01 08:48 - 00000000 ____D () C:\Users\nots0\AppData\Local\TuneUp Software2014-10-01 08:29 - 2014-10-01 08:29 - 00000000 ____D () C:\ProgramData\Martau2014-10-01 08:28 - 2014-10-01 13:53 - 00000000 ____D () C:\Program Files\Total Uninstall 62014-10-01 08:16 - 2014-10-01 08:16 - 00347816 _____ (Microsoft Corporation) C:\Users\nots0\Downloads\MicrosoftFixit.ProgramInstallUninstall.MATSKB.Run(1).exe2014-09-28 06:54 - 2014-09-28 06:54 - 00001571 _____ () C:\Users\Public\Desktop\sine mora.lnk2014-09-28 06:53 - 2014-09-28 06:53 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Kalypso Media2014-09-27 21:55 - 2014-09-27 21:55 - 00000000 ____D () C:\ProgramData\RELOADED2014-09-27 20:52 - 2014-09-27 20:52 - 00001853 _____ () C:\Users\Public\Desktop\mark of the ninja.lnk2014-09-27 20:52 - 2014-09-27 20:52 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Studios2014-09-27 20:47 - 2014-09-27 20:47 - 00000587 _____ () C:\Users\Public\Desktop\torchlight 2.lnk2014-09-27 20:35 - 2014-09-27 20:35 - 00001104 _____ () C:\Users\nots0\Desktop\dust an elysian tail.lnk2014-09-27 16:45 - 2014-09-27 16:45 - 00000703 _____ () C:\Users\nots0\Desktop\metal slug.lnk2014-09-27 16:44 - 2014-09-27 16:44 - 00000000 ____D () C:\Users\nots0\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\SNK PLAYMORE2014-09-27 14:16 - 2014-09-27 14:16 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PP助手2.02014-09-27 14:16 - 2014-09-27 14:16 - 00000000 ____D () C:\Program Files\PP助手2.02014-09-27 14:15 - 2014-09-27 14:15 - 19521328 _____ (广州铁人网络科技有限公司) C:\Users\nots0\Downloads\ppsetup(1).exe2014-09-27 14:05 - 2014-09-27 14:05 - 21933992 _____ () C:\Users\nots0\Downloads\Tongbu_Setup_2.19.2_zsgw.exe2014-09-27 10:48 - 2014-09-27 10:48 - 00000000 ____D () C:\ProgramData\FaceOnBody22014-09-27 10:43 - 2014-09-27 10:45 - 00000000 ____D () C:\Program Files\FaceOnBody22014-09-27 10:43 - 2014-09-27 10:43 - 00000000 ____D () C:\Users\nots0\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\FaceOnBody22014-09-27 10:43 - 2014-09-27 10:43 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\FaceOnBody22014-09-26 23:21 - 2014-09-26 23:21 - 00402696 _____ () C:\Users\nots0\Downloads\setup(1).exe2014-09-25 20:32 - 2014-10-01 13:53 - 00000000 ____D () C:\Users\nots0\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\SaveSense2014-09-25 20:32 - 2014-09-25 20:34 - 00000000 ____D () C:\Program Files\SaveSense2014-09-25 20:30 - 2014-09-25 20:30 - 00699016 _____ (CNET Download.com) C:\Users\nots0\Downloads\cbsidlm-cbsi213-Always_On_Top-SEO-10674027.exe2014-09-24 21:02 - 2014-09-27 16:46 - 00000895 _____ () C:\Users\nots0\Desktop\btd 5.lnk2014-09-24 21:01 - 2014-09-24 21:01 - 00000000 ____D () C:\Users\nots0\AppData\Roaming\com.ninjakiwi.BloonsTD5Deluxe2014-09-24 21:00 - 2014-09-24 21:00 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Bloons TD 5 Deluxe2014-09-04 14:26 - 2014-09-04 14:26 - 00000663 _____ () C:\Users\nots0\Desktop\left 4 dead 2.lnk2014-09-04 11:31 - 2014-09-04 11:31 - 00000008 _____ () C:\Users\nots0\Desktop\toysrus.txt==================== One Month Modified Files and Folders =======(If an entry is included in the fixlist, the file\folder will be moved.)2014-10-01 13:53 - 2014-03-22 11:57 - 00000000 ____D () C:\NVIDIA2014-10-01 13:53 - 2013-03-10 00:49 - 00000000 ____D () C:\Program Files\Microsoft Baseline Security Analyzer 22014-10-01 13:53 - 2013-03-09 18:31 - 00000000 ____D () C:\Users\nots0\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Curse2014-10-01 13:53 - 2013-03-09 14:36 - 00000000 ____D () C:\Users\nots0\AppData\Roaming\uTorrent2014-10-01 13:53 - 2009-07-13 22:37 - 00000000 ____D () C:\Windows\system32\wfp2014-10-01 13:53 - 2009-07-13 22:37 - 00000000 ____D () C:\Windows\registration2014-10-01 13:53 - 2009-07-13 22:37 - 00000000 ____D () C:\Windows\AppCompat2014-10-01 13:52 - 2013-12-19 17:35 - 00000000 ____D () C:\ProgramData\Apple Computer2014-10-01 13:52 - 2013-12-19 17:34 - 00000000 ____D () C:\Users\nots0\AppData\Local\Apple2014-10-01 13:52 - 2013-12-19 17:34 - 00000000 ____D () C:\ProgramData\Apple2014-10-01 11:01 - 2014-03-18 09:57 - 00000830 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job2014-10-01 10:48 - 2014-04-17 19:33 - 00000884 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job2014-10-01 10:43 - 2009-07-14 00:34 - 00010016 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A02014-10-01 10:43 - 2009-07-14 00:34 - 00010016 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A02014-10-01 10:05 - 2013-03-09 14:27 - 01566723 _____ () C:\Windows\WindowsUpdate.log2014-10-01 09:58 - 2014-07-06 06:33 - 00110296 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys2014-10-01 09:58 - 2014-04-17 19:33 - 00000880 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job2014-10-01 09:58 - 2013-03-09 14:28 - 00000000 ____D () C:\Users\nots02014-10-01 09:55 - 2014-04-08 09:25 - 00009234 _____ () C:\Windows\setupact.log2014-10-01 09:55 - 2013-03-09 14:40 - 00000000 ____D () C:\ProgramData\NVIDIA2014-10-01 09:55 - 2009-07-14 00:53 - 00000006 ____H () C:\Windows\Tasks\SA.DAT2014-10-01 08:57 - 2014-01-26 08:10 - 00000000 __SHD () C:\ProgramData\{FE8D473A-6F06-4F99-B5F4-BED72B2A038C}2014-10-01 08:49 - 2013-03-09 18:27 - 00000000 ____D () C:\Users\nots0\AppData\Local\Deployment2014-09-30 10:17 - 2014-04-06 19:10 - 00000000 ____D () C:\Users\nots0\AppData\Local\Battle.net2014-09-30 08:29 - 2014-04-08 09:24 - 00019192 _____ () C:\Windows\PFRO.log2014-09-30 08:29 - 2013-05-06 00:36 - 00000000 ____D () C:\Windows\pss2014-09-30 08:29 - 2013-04-11 21:54 - 00000000 ____D () C:\Program Files\Mozilla Maintenance Service2014-09-29 08:04 - 2013-07-12 13:37 - 00000000 ____D () C:\Users\nots0\My Books2014-09-28 17:36 - 2014-07-30 04:12 - 00000000 ____D () C:\Users\nots0\AppData\Local\CrashDumps2014-09-28 17:36 - 2014-04-29 17:41 - 00000000 ____D () C:\Users\nots0\Documents\ihelper2014-09-28 09:05 - 2013-03-14 15:57 - 00000000 ____D () C:\Users\nots0\AppData\Roaming\mIRC2014-09-28 06:55 - 2013-06-29 14:41 - 00000000 ___RD () C:\Users\nots0\Desktop\incoming2014-09-28 06:50 - 2013-05-22 12:52 - 00000000 ____D () C:\Games2014-09-27 22:55 - 2013-03-10 09:04 - 00000000 ____D () C:\Users\nots0\AppData\Roaming\vlc2014-09-27 21:55 - 2013-06-19 16:28 - 00000000 ____D () C:\Users\nots0\Documents\My Games2014-09-27 20:56 - 2013-09-14 20:48 - 00000000 ____D () C:\Users\nots0\AppData\Local\SKIDROW2014-09-27 16:37 - 2013-03-09 22:11 - 00000000 ____D () C:\Users\nots0\AppData\Roaming\DAEMON Tools Pro2014-09-27 14:08 - 2014-08-26 17:52 - 00000000 ____D () C:\Users\nots0\Documents\Tongbu2014-09-27 10:50 - 2014-03-31 14:08 - 00000000 ____D () C:\Program Files\Mozilla Firefox2014-09-24 11:01 - 2013-03-09 14:44 - 00701104 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerApp.exe2014-09-24 11:01 - 2013-03-09 14:44 - 00071344 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerCPLApp.cpl2014-09-19 21:36 - 2014-08-08 15:28 - 00000000 ____D () C:\Users\nots0\AppData\Roaming\.minecraft2014-09-12 15:09 - 2014-04-06 19:09 - 00000000 ____D () C:\Program Files\Battle.net2014-09-04 18:10 - 2013-03-09 14:34 - 00782578 _____ () C:\Windows\system32\PerfStringBackup.INI2014-09-01 13:41 - 2014-04-06 19:22 - 00000000 ____D () C:\Program Files\Diablo III2014-09-01 13:41 - 2013-03-09 17:36 - 00000000 ____D () C:\Program Files\Common Files\Blizzard EntertainmentFiles to move or delete:====================C:\ProgramData\win_mpwd_sys.datSome content of TEMP:====================C:\Users\nots0\AppData\Local\Temp\GLF53D9.tmp.dllC:\Users\nots0\AppData\Local\Temp\SkypeSetup.exe==================== Bamital & volsnap Check =================(There is no automatic fix for files that do not pass verification.)C:\Windows\explorer.exe => File is digitally signedC:\Windows\system32\winlogon.exe => File is digitally signedC:\Windows\system32\wininit.exe => File is digitally signedC:\Windows\system32\svchost.exe => File is digitally signedC:\Windows\system32\services.exe => File is digitally signedC:\Windows\system32\User32.dll => File is digitally signedC:\Windows\system32\userinit.exe => File is digitally signedC:\Windows\system32\rpcss.dll => File is digitally signedC:\Windows\system32\Drivers\volsnap.sys => File is digitally signedLastRegBack: 2014-09-27 04:21==================== End Of Log ============================

cero · October 1, 2014

Additional scan result of Farbar Recovery Scan Tool (x86) Version: 30-09-2014

Ran by nots0 at 2014-10-01 11:21:34

Running from C:\Users\nots0\Downloads

Boot Mode: Normal

==========================================================

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Microsoft Security Essentials (Enabled - Up to date) {641105E6-77ED-3F35-A304-765193BCB75F}

AS: Windows Defender (Disabled - Out of date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

AS: Microsoft Security Essentials (Enabled - Up to date) {DF70E402-51D7-30BB-99B4-4D23E83BFDE2}

==================== Installed Programs ======================

(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

µTorrent (HKCU\...\uTorrent) (Version: 3.4.2.32354 - BitTorrent Inc.)

Adobe AIR (HKLM\...\Adobe AIR) (Version: 3.1.0.4880 - Adobe Systems Incorporated)

Adobe AIR (Version: 3.1.0.4880 - Adobe Systems Incorporated) Hidden

Adobe Dreamweaver CC (HKLM\...\{00E094E1-A852-11E2-803D-ACEA632352B4}) (Version: 13 - Adobe Systems Incorporated)

Adobe Fireworks CS6 (HKLM\...\{CA7C485C-7A89-11E1-B2C8-CD54B377BC52}) (Version: 12.0.0 - Adobe Systems Incorporated)

Adobe Flash Player 15 ActiveX (HKLM\...\Adobe Flash Player ActiveX) (Version: 15.0.0.167 - Adobe Systems Incorporated)

Adobe Flash Player 15 Plugin (HKLM\...\Adobe Flash Player Plugin) (Version: 15.0.0.152 - Adobe Systems Incorporated)

Adobe Photoshop CC (HKLM\...\{2D99B50E-431D-4AA8-85C1-172A6F8BCF09}) (Version: 14.0 - Adobe Systems Incorporated)

Adobe Update Management Tool (HKLM\...\{534A7A1A-7102-4AF6-23EA-7CD279C7B625}_is1) (Version: 6.2 - PainteR)

Adobe Widget Browser (HKLM\...\com.adobe.WidgetBrowser) (Version: 2.0 Build 348 - Adobe Systems Incorporated.)

Adobe Widget Browser (Version: 2.0.348 - Adobe Systems Incorporated.) Hidden

Angry Birds Star Wars II 1.0.4 (HKLM\...\Angry Birds Star Wars II 1.0.4) (Version: 1.0.4 - Cat-A-Cat)

Apple Application Support (HKLM\...\{AAC5D43E-816D-4C2D-8E51-55FFF35BE301}) (Version: 3.0.1 - Apple Inc.)

Apple Mobile Device Support (HKLM\...\{18D47FA1-0440-48D3-A7E0-DA09537FF471}) (Version: 7.1.1.3 - Apple Inc.)

Apple Software Update (HKLM\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)

AV Voice Changer Software DIAMOND 7.0 (HKLM\...\AV Voice Changer Software DIAMOND 7.0) (Version: 7.0.29 - Avnex Ltd.)

Battle.net (HKLM\...\Battle.net) (Version: - Blizzard Entertainment)

Bejeweled 3 (HKLM\...\Bejeweled 3) (Version: - )

Better File Rename 5.44 (HKLM\...\Better File Rename_is1) (Version: - publicspace.net)

Bloons TD 5 Deluxe version 1.21 (HKLM\...\Bloons TD 5 Deluxe_is1) (Version: 1.21 - )

Bonjour (HKLM\...\{79155F2B-9895-49D7-8612-D92580E0DE5B}) (Version: 3.0.0.10 - Apple Inc.)

CCleaner (HKLM\...\CCleaner) (Version: 4.13 - Piriform)

Curse Client (HKCU\...\101a9f93b8f0bb6f) (Version: 5.1.1.810 - Curse)

D3DX10 (Version: 15.4.2368.0902 - Microsoft) Hidden

DAEMON Tools Pro (HKLM\...\DAEMON Tools Pro) (Version: 5.2.0.0348 - DT Soft Ltd)

Definition Update for Microsoft Office 2013 (KB2760587) 32-Bit Edition (HKLM\...\{90150000-0011-0000-0000-0000000FF1CE}_Office15.PROPLUS_{9D8D67FD-8FAB-4B98-A121-4CFA10380058}) (Version: - Microsoft)

Diablo III (HKLM\...\Diablo III) (Version: - Blizzard Entertainment)

Dust: An Elysian Tail (HKLM\...\Dust: An Elysian Tail_is1) (Version: - Microsoft Studios)

Folder Size (HKLM\...\{FC8D21C8-7B29-4104-ADB0-FEE9CA1C7922}) (Version: 2.6 - Brio)

Foxit Advanced PDF Editor 3 (HKLM\...\B521582C-6BE3-491D-BCC8-FFB8301298E9_is1) (Version: 3.0.5.0 - Foxit Corporation)

Ghostbuster (HKCU\...\585841693e8401e3) (Version: 1.0.0.0 - Ghostbuster)

Google Chrome (HKLM\...\Google Chrome) (Version: 37.0.2062.124 - Google Inc.)

Google Update Helper (Version: 1.3.23.9 - Google Inc.) Hidden

ImgBurn (HKLM\...\ImgBurn) (Version: 2.5.7.0 - LIGHTNING UK!)

iTunes (HKLM\...\{2F21564D-DE05-4C6D-B21E-08B9D313FAB3}) (Version: 11.1.5.5 - Apple Inc.)

Java 7 Update 51 (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F83217025FF}) (Version: 7.0.510 - Oracle)

Java Auto Updater (Version: 2.1.9.8 - Sun Microsystems, Inc.) Hidden

MakeTorrent v2.1 (HKLM\...\MakeTorrent 2) (Version: - )

Malwarebytes Anti-Malware version 2.0.2.1012 (HKLM\...\Malwarebytes Anti-Malware_is1) (Version: 2.0.2.1012 - Malwarebytes Corporation)

Mark of the Ninja Special Edition (HKLM\...\Mark of the Ninja Special Edition_is1) (Version: - )

Metal Slug Complete PC 1.0 (HKLM\...\Metal Slug Complete PC) (Version: 1.0 - SNK PLAYMORE)

Microsoft .NET Framework 4.5 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50709 - Microsoft Corporation)

Microsoft .NET Framework 4.5 (Version: 4.5.50709 - Microsoft Corporation) Hidden

Microsoft Access MUI (English) 2013 (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden

Microsoft Access Setup Metadata MUI (English) 2013 (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden

Microsoft Application Error Reporting (Version: 12.0.6012.5000 - Microsoft Corporation) Hidden

Microsoft Baseline Security Analyzer 2.2 (HKLM\...\{13CD417D-F1F1-4AC4-945D-FDDEB884756F}) (Version: 2.2.2170 - Microsoft Corporation)

Microsoft DCF MUI (English) 2013 (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden

Microsoft Excel MUI (English) 2013 (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden

Microsoft Games for Windows - LIVE Redistributable (HKLM\...\{8FB1B528-E260-451E-9B55-E9152F94B80B}) (Version: 3.2.3.0 - Microsoft Corporation)

Microsoft Groove MUI (English) 2013 (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden

Microsoft InfoPath MUI (English) 2013 (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden

Microsoft Lync MUI (English) 2013 (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden

Microsoft Mouse and Keyboard Center (HKLM\...\Microsoft Mouse and Keyboard Center) (Version: 2.2.173.0 - Microsoft Corporation)

Microsoft Mouse and Keyboard Center (Version: 2.2.173.0 - Microsoft Corporation) Hidden

Microsoft Office OSM MUI (English) 2013 (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden

Microsoft Office OSM UX MUI (English) 2013 (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden

Microsoft Office Professional Plus 2013 (HKLM\...\Office15.PROPLUS) (Version: 15.0.4569.1506 - Microsoft Corporation)

Microsoft Office Professional Plus 2013 (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden

Microsoft Office Proofing (English) 2013 (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden

Microsoft Office Proofing Tools 2013 - English (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden

Microsoft Office Proofing Tools 2013 - Español (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden

Microsoft Office Shared MUI (English) 2013 (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden

Microsoft Office Shared Setup Metadata MUI (English) 2013 (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden

Microsoft OneNote MUI (English) 2013 (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden

Microsoft Outlook MUI (English) 2013 (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden

Microsoft PowerPoint MUI (English) 2013 (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden

Microsoft Publisher MUI (English) 2013 (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden

Microsoft Report Viewer Redistributable 2005 (HKLM\...\Microsoft Report Viewer Redistributable 2005) (Version: - Microsoft Corporation)

Microsoft Report Viewer Redistributable 2005 (Version: 8.0.56405 - Microsoft Corporation) Hidden

Microsoft Security Client (Version: 4.5.0216.0 - Microsoft Corporation) Hidden

Microsoft Security Essentials (HKLM\...\Microsoft Security Client) (Version: 4.5.216.0 - Microsoft Corporation)

Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.30214.0 - Microsoft Corporation)

Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)

Microsoft Visual C++ 2005 Redistributable (HKLM\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)

Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)

Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)

Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)

Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)

Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.21005 (HKLM\...\{ce085a78-074e-4823-8dc1-8a721b94b76d}) (Version: 12.0.21005.1 - Microsoft Corporation)

Microsoft Visual C++ 2013 x86 Additional Runtime - 12.0.21005 (Version: 12.0.21005 - Microsoft Corporation) Hidden

Microsoft Visual C++ 2013 x86 Minimum Runtime - 12.0.21005 (Version: 12.0.21005 - Microsoft Corporation) Hidden

Microsoft Word MUI (English) 2013 (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden

Minecraft1.7.2 (HKLM\...\Minecraft1.7.2) (Version: - )

Movie Maker (Version: 16.4.3505.0912 - Microsoft Corporation) Hidden

Mozilla Firefox 32.0.3 (x86 en-US) (HKLM\...\Mozilla Firefox 32.0.3 (x86 en-US)) (Version: 32.0.3 - Mozilla)

Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 30.0 - Mozilla)

MSVCRT (Version: 15.4.2862.0708 - Microsoft) Hidden

MSVCRT110 (Version: 16.4.1108.0727 - Microsoft) Hidden

MSXML 4.0 SP2 (KB954430) (HKLM\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)

MSXML 4.0 SP2 (KB973688) (HKLM\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)

NVIDIA 3D Vision Driver 335.23 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 335.23 - NVIDIA Corporation)

NVIDIA Control Panel 335.23 (Version: 335.23 - NVIDIA Corporation) Hidden

NVIDIA Graphics Driver 335.23 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 335.23 - NVIDIA Corporation)

NVIDIA Install Application (Version: 2.1002.147.1067 - NVIDIA Corporation) Hidden

NVIDIA Stereoscopic 3D Driver (Version: 7.17.13.3523 - NVIDIA Corporation) Hidden

Opera Stable 21.0.1432.67 (HKLM\...\Opera 21.0.1432.67) (Version: 21.0.1432.67 - Opera Software ASA)

Outils de vérification linguistique 2013 de Microsoft Office - Français (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden

PDF Settings CC (Version: 12.0 - Adobe Systems Incorporated) Hidden

Photo Gallery (Version: 16.4.3505.0912 - Microsoft Corporation) Hidden

Pidgin (HKLM\...\Pidgin) (Version: 2.10.9 - )

pidgin-otr 4.0.0-1 (HKLM\...\pidgin-otr) (Version: 4.0.0-1 - Cypherpunks CA)

Platform (Version: 1.34 - VIA Technologies, Inc.) Hidden

PP助手2.0 (HKLM\...\PP助手2.0 Win版) (Version: 2.2.1.4268 - 广州铁人网络科技有限公司)

Project64 1.6 (HKLM\...\{9559F7CA-5E34-4237-A2D9-D856464AD727}) (Version: 1.6 - Project64)

QuickPar 0.9 (HKLM\...\QuickPar) (Version: 0.9 - Peter B. Clements)

Rainmeter (HKLM\...\Rainmeter) (Version: 3.1 beta r2255 - )

Service Pack 1 for Microsoft Office 2013 (KB2850036) 32-Bit Edition (HKLM\...\{90150000-0011-0000-0000-0000000FF1CE}_Office15.PROPLUS_{7F6C4883-A18C-459A-82C1-A2F9403F2DA6}) (Version: - Microsoft)

Service Pack 1 for Microsoft Office 2013 (KB2850036) 32-Bit Edition (Version: - Microsoft) Hidden

Sesame Street - Learn, Play & Grow (HKLM\...\{33785AE7-2203-4D93-B6B3-35B7CC3C4906}) (Version: 1.0.2.2 - Nova Development)

Shovel Knight (HKLM\...\1207664823_is1) (Version: 2.3.0.9 - GOG.com)

Sine Mora (HKLM\...\Sine Mora_is1) (Version: - )

Skype™ 6.14 (HKLM\...\{7A3C7E05-EE37-47D6-99E1-2EB05A3DA3F7}) (Version: 6.14.104 - Skype Technologies S.A.)

SpongeBob SquarePants Typing version 1.0 (HKLM\...\{C57EA3D6-3B9F-4369-8231-53990AE74510}_is1) (Version: 1.0 - Encore Software)

Subway Surfers 1.0 (HKLM\...\Subway Surfers 1.0) (Version: 1.0 - Cat-A-Cat)

Tag&Rename 3.6.6 (HKLM\...\Tag&Rename_is1) (Version: 3.6.6 - Softpointer Inc)

TopMost (HKLM\...\{EC11C41E-536B-4B39-BB35-812728C0218E}) (Version: 1.0.0 - Alon Kadury)

Torchlight II (c) Runic Games version 1 (HKLM\...\Torchlight II (c) Runic Games_is1) (Version: 1 - )

TuneUp Utilities Language Pack (en-US) (Version: 13.0.2013.194 - TuneUp Software) Hidden

Ulead GIF Animator 5 (HKLM\...\{8AF3E926-ED59-11D4-A44B-0000E86D2305}) (Version: - )

Update for Microsoft Excel 2013 (KB2752087) 32-Bit Edition (HKLM\...\{90150000-0011-0000-0000-0000000FF1CE}_Office15.PROPLUS_{90060D4D-6BB2-4B29-B804-3C23563EEA6B}) (Version: - Microsoft)

Update for Microsoft Excel 2013 (KB2752087) 32-Bit Edition (HKLM\...\{90150000-0016-0409-0000-0000000FF1CE}_Office15.PROPLUS_{90060D4D-6BB2-4B29-B804-3C23563EEA6B}) (Version: - Microsoft)

Update for Microsoft Excel 2013 (KB2752087) 32-Bit Edition (HKLM\...\{90150000-0018-0409-0000-0000000FF1CE}_Office15.PROPLUS_{90060D4D-6BB2-4B29-B804-3C23563EEA6B}) (Version: - Microsoft)

Update for Microsoft Excel 2013 (KB2752087) 32-Bit Edition (HKLM\...\{90150000-001B-0409-0000-0000000FF1CE}_Office15.PROPLUS_{90060D4D-6BB2-4B29-B804-3C23563EEA6B}) (Version: - Microsoft)

Update for Microsoft Lync 2013 (KB2817678) 32-Bit Edition (HKLM\...\{90150000-012B-0409-0000-0000000FF1CE}_Office15.PROPLUS_{AC57CF13-C24E-4C00-969F-5394DAE589C5}) (Version: - Microsoft)

Update for Microsoft Lync 2013 (KB2863908) 32-Bit Edition (HKLM\...\{90150000-0011-0000-0000-0000000FF1CE}_Office15.PROPLUS_{6764E50D-D076-41BC-B069-08DD488AE88B}) (Version: - Microsoft)

Update for Microsoft Lync 2013 (KB2863908) 32-Bit Edition (HKLM\...\{90150000-012B-0409-0000-0000000FF1CE}_Office15.PROPLUS_{E9F5EDF4-654C-40A3-8181-D558AD8EFFE6}) (Version: - Microsoft)

Update for Microsoft Office 2013 (KB2760344) 32-Bit Edition (HKLM\...\{90150000-0011-0000-0000-0000000FF1CE}_Office15.PROPLUS_{A7610F07-E844-4444-8E1D-D5BC8AD0B4C5}) (Version: - Microsoft)

Update for Microsoft Office 2013 (KB2760544) 32-Bit Edition (HKLM\...\{90150000-0011-0000-0000-0000000FF1CE}_Office15.PROPLUS_{45B7D395-EB9B-414F-9E46-5849B42326E2}) (Version: - Microsoft)

Update for Microsoft Office 2013 (KB2768012) 32-Bit Edition (HKLM\...\{90150000-0011-0000-0000-0000000FF1CE}_Office15.PROPLUS_{66421820-D3CA-450A-898C-78D7E40108E6}) (Version: - Microsoft)

Update for Microsoft Office 2013 (KB2817636) 32-Bit Edition (HKLM\...\{90150000-0011-0000-0000-0000000FF1CE}_Office15.PROPLUS_{2D355F71-076A-42AD-8747-6132105441F4}) (Version: - Microsoft)

Update for Microsoft Office 2013 (KB2817636) 32-Bit Edition (HKLM\...\{90150000-006E-0409-0000-0000000FF1CE}_Office15.PROPLUS_{2D355F71-076A-42AD-8747-6132105441F4}) (Version: - Microsoft)

Update for Microsoft Office 2013 (KB2825631) 32-Bit Edition (HKLM\...\{90150000-0011-0000-0000-0000000FF1CE}_Office15.PROPLUS_{E458713D-E208-4098-A155-EA1152F9B301}) (Version: - Microsoft)

Update for Microsoft Office 2013 (KB2825631) 32-Bit Edition (HKLM\...\{90150000-006E-0409-0000-0000000FF1CE}_Office15.PROPLUS_{E458713D-E208-4098-A155-EA1152F9B301}) (Version: - Microsoft)

Update for Microsoft Office 2013 (KB2827272) 32-Bit Edition (HKLM\...\{90150000-0011-0000-0000-0000000FF1CE}_Office15.PROPLUS_{5A645CF3-3C40-4172-BCEB-19E3FC855266}) (Version: - Microsoft)

Update for Microsoft Office 2013 (KB2827272) 32-Bit Edition (HKLM\...\{90150000-0016-0409-0000-0000000FF1CE}_Office15.PROPLUS_{5A645CF3-3C40-4172-BCEB-19E3FC855266}) (Version: - Microsoft)

Update for Microsoft Office 2013 (KB2827272) 32-Bit Edition (HKLM\...\{90150000-0090-0409-0000-0000000FF1CE}_Office15.PROPLUS_{5A645CF3-3C40-4172-BCEB-19E3FC855266}) (Version: - Microsoft)

Update for Microsoft Office 2013 (KB2863825) 32-Bit Edition (HKLM\...\{90150000-0011-0000-0000-0000000FF1CE}_Office15.PROPLUS_{96754DD8-5AF9-4CF8-A5A9-19770CD9AFBC}) (Version: - Microsoft)

Update for Microsoft Office 2013 (KB2863843) 32-Bit Edition (HKLM\...\{90150000-0011-0000-0000-0000000FF1CE}_Office15.PROPLUS_{AD7045B8-1D75-4B4C-8120-12F045D206C7}) (Version: - Microsoft)

Update for Microsoft Office 2013 (KB2863844) 32-Bit Edition (HKLM\...\{90150000-0011-0000-0000-0000000FF1CE}_Office15.PROPLUS_{8AEAF88E-A488-4C1E-B10D-F00143BA650F}) (Version: - Microsoft)

Update for Microsoft Office 2013 (KB2863860) 32-Bit Edition (HKLM\...\{90150000-0011-0000-0000-0000000FF1CE}_Office15.PROPLUS_{4E47A3B9-D863-4CE7-9488-847F2981361B}) (Version: - Microsoft)

Update for Microsoft OneDrive for Business (KB2863864) 32-Bit Edition (HKLM\...\{90150000-0011-0000-0000-0000000FF1CE}_Office15.PROPLUS_{48D4C003-065C-460C-A864-BB18A159F3D6}) (Version: - Microsoft)

Update for Microsoft OneDrive for Business (KB2863864) 32-Bit Edition (HKLM\...\{90150000-00BA-0409-0000-0000000FF1CE}_Office15.PROPLUS_{48D4C003-065C-460C-A864-BB18A159F3D6}) (Version: - Microsoft)

Update for Microsoft OneNote 2013 (KB2817628) 32-Bit Edition (HKLM\...\{90150000-0011-0000-0000-0000000FF1CE}_Office15.PROPLUS_{DF36A224-4C72-4FF4-9961-CD4873DDAE6C}) (Version: - Microsoft)

Update for Microsoft OneNote 2013 (KB2817628) 32-Bit Edition (HKLM\...\{90150000-00A1-0409-0000-0000000FF1CE}_Office15.PROPLUS_{DF36A224-4C72-4FF4-9961-CD4873DDAE6C}) (Version: - Microsoft)

Update for Microsoft Outlook 2013 (KB2863911) 32-Bit Edition (HKLM\...\{90150000-0011-0000-0000-0000000FF1CE}_Office15.PROPLUS_{6022B459-32A4-4318-A9A4-815C0BCEF977}) (Version: - Microsoft)

Update for Microsoft Outlook 2013 (KB2863911) 32-Bit Edition (HKLM\...\{90150000-001A-0409-0000-0000000FF1CE}_Office15.PROPLUS_{84AA6F34-E9B5-46EC-BFE6-AFB45509AF40}) (Version: - Microsoft)

Update for Microsoft PowerPoint 2013 (KB2837627) 32-Bit Edition (HKLM\...\{90150000-0011-0000-0000-0000000FF1CE}_Office15.PROPLUS_{CA8215E2-4E68-4BCA-BBEB-D4ED8140F037}) (Version: - Microsoft)

Update for Microsoft PowerPoint 2013 (KB2837627) 32-Bit Edition (HKLM\...\{90150000-0018-0409-0000-0000000FF1CE}_Office15.PROPLUS_{CA8215E2-4E68-4BCA-BBEB-D4ED8140F037}) (Version: - Microsoft)

Update for Microsoft Visio Viewer 2013 (KB2817301) 32-Bit Edition (HKLM\...\{90150000-0011-0000-0000-0000000FF1CE}_Office15.PROPLUS_{25C61889-2E44-4BE1-9E96-9364BFDCF501}) (Version: - Microsoft)

Update for Microsoft Visio Viewer 2013 (KB2817301) 32-Bit Edition (HKLM\...\{90150000-006E-0409-0000-0000000FF1CE}_Office15.PROPLUS_{25C61889-2E44-4BE1-9E96-9364BFDCF501}) (Version: - Microsoft)

Update for Microsoft Word 2013 (KB2863909) 32-Bit Edition (HKLM\...\{90150000-0011-0000-0000-0000000FF1CE}_Office15.PROPLUS_{FF3BD143-BA46-4948-A71F-5B07AA1706BB}) (Version: - Microsoft)

Uplay (HKLM\...\Uplay) (Version: 2.0 - Ubisoft)

Ventrilo Client (HKLM\...\{789289CA-F73A-4A16-A331-54D498CE069F}) (Version: 3.0.8 - Flagship Industries, Inc.)

VIA Platform Device Manager (HKLM\...\InstallShield_{20D4A895-748C-4D88-871C-FDB1695B0169}) (Version: 1.34 - VIA Technologies, Inc.)

VirtualDUB Pack (HKLM\...\VirtualDUB Pack) (Version: - )

VLC media player 2.1.0 (HKLM\...\VLC media player) (Version: 2.1.0 - VideoLAN)

VSO ConvertXToDVD (HKLM\...\{CE1F93C0-4353-4C9D-84DA-AB4E7C63ED32}_is1) (Version: 5.0.0.74 - VSO Software)

Winamp (HKLM\...\Winamp) (Version: 5.666 - Nullsoft, Inc)

Window Hide Tool 2.0 (HKLM\...\Window Hide Tool_is1) (Version: - FOMINE SOFTWARE)

Windows 7 USB/DVD Download Tool (HKLM\...\{3577E42B-3347-4EB8-BFDA-D36E8ED3C519}) (Version: 1.0.24.0 - Microsoft Corporation)

Windows Live Communications Platform (Version: 16.4.3505.0912 - Microsoft Corporation) Hidden

Windows Live Essentials (HKLM\...\WinLiveSuite) (Version: 16.4.3505.0912 - Microsoft Corporation)

Windows Live Essentials (Version: 16.4.3505.0912 - Microsoft Corporation) Hidden

Windows Live ID Sign-in Assistant (Version: 7.250.4311.0 - Microsoft Corporation) Hidden

Windows Live Installer (Version: 16.4.3505.0912 - Microsoft Corporation) Hidden

Windows Live Photo Common (Version: 16.4.3505.0912 - Microsoft Corporation) Hidden

Windows Live PIMT Platform (Version: 16.4.3505.0912 - Microsoft Corporation) Hidden

Windows Live SOXE (Version: 16.4.3505.0912 - Microsoft Corporation) Hidden

Windows Live SOXE Definitions (Version: 16.4.3505.0912 - Microsoft Corporation) Hidden

Windows Live UX Platform (Version: 16.4.3505.0912 - Microsoft Corporation) Hidden

Windows Live UX Platform Language Pack (Version: 16.4.3505.0912 - Microsoft Corporation) Hidden

Windows Mobile Device Updater Component (Version: 04.08.2345.00 - Microsoft Corporation) Hidden

WinRAR 4.20 (32-bit) (HKLM\...\WinRAR archiver) (Version: 4.20.0 - win.rar GmbH)

World of Warcraft (HKLM\...\World of Warcraft) (Version: - Blizzard Entertainment)

World of Warcraft Public Test (HKLM\...\World of Warcraft Public Test) (Version: - Blizzard Entertainment)

Xilisoft iPhone Ringtone Maker (HKLM\...\Xilisoft iPhone Ringtone Maker) (Version: 3.0.6.20120613 - Xilisoft)

Xvid Video Codec (HKLM\...\Xvid Video Codec 1.3.2) (Version: 1.3.2 - Xvid Team)

YTD Toolbar v9.0 (HKLM\...\{9D47532D-59B3-4E15-8069-2E3FC4DA3E92}) (Version: 9.0 - Spigot, Inc.) <==== ATTENTION

YTD Video Downloader 4.8 (HKLM\...\{1a413f37-ed88-4fec-9666-5c48dc4b7bb7}) (Version: 4.8 - GreenTree Applications SRL)

Zune (HKLM\...\Zune) (Version: 04.08.2345.00 - Microsoft Corporation)

Zune (Version: 04.08.2345.00 - Microsoft Corporation) Hidden

Zune Language Pack (CHS) (Version: 04.08.2345.00 - Microsoft Corporation) Hidden

Zune Language Pack (CHT) (Version: 04.08.2345.00 - Microsoft Corporation) Hidden

Zune Language Pack (CSY) (Version: 04.08.2345.00 - Microsoft Corporation) Hidden

Zune Language Pack (DAN) (Version: 04.08.2345.00 - Microsoft Corporation) Hidden

Zune Language Pack (DEU) (Version: 04.08.2345.00 - Microsoft Corporation) Hidden

Zune Language Pack (ELL) (Version: 04.08.2345.00 - Microsoft Corporation) Hidden

Zune Language Pack (ESP) (Version: 04.08.2345.00 - Microsoft Corporation) Hidden

Zune Language Pack (FIN) (Version: 04.08.2345.00 - Microsoft Corporation) Hidden

Zune Language Pack (FRA) (Version: 04.08.2345.00 - Microsoft Corporation) Hidden

Zune Language Pack (HUN) (Version: 04.08.2345.00 - Microsoft Corporation) Hidden

Zune Language Pack (IND) (Version: 04.08.2345.00 - Microsoft Corporation) Hidden

Zune Language Pack (ITA) (Version: 04.08.2345.00 - Microsoft Corporation) Hidden

Zune Language Pack (JPN) (Version: 04.08.2345.00 - Microsoft Corporation) Hidden

Zune Language Pack (KOR) (Version: 04.08.2345.00 - Microsoft Corporation) Hidden

Zune Language Pack (MSL) (Version: 04.08.2345.00 - Microsoft Corporation) Hidden

Zune Language Pack (NLD) (Version: 04.08.2345.00 - Microsoft Corporation) Hidden

Zune Language Pack (NOR) (Version: 04.08.2345.00 - Microsoft Corporation) Hidden

Zune Language Pack (PLK) (Version: 04.08.2345.00 - Microsoft Corporation) Hidden

Zune Language Pack (PTB) (Version: 04.08.2345.00 - Microsoft Corporation) Hidden

Zune Language Pack (PTG) (Version: 04.08.2345.00 - Microsoft Corporation) Hidden

Zune Language Pack (RUS) (Version: 04.08.2345.00 - Microsoft Corporation) Hidden

Zune Language Pack (SVE) (Version: 04.08.2345.00 - Microsoft Corporation) Hidden

==================== Custom CLSID (selected items): ==========================

(If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)

CustomCLSID: HKU\S-1-5-21-2709076479-299211639-3247174901-1000_Classes\CLSID\{006a54e5-f216-42b7-aab2-d8fc515c9cec}\InprocServer32 -> C:\Windows\system32\dfshim.dll (Microsoft Corporation)

CustomCLSID: HKU\S-1-5-21-2709076479-299211639-3247174901-1000_Classes\CLSID\{03bb1944-9f5c-4a4b-944e-13d04065dd89}\InprocServer32 -> C:\Windows\system32\dfshim.dll (Microsoft Corporation)

CustomCLSID: HKU\S-1-5-21-2709076479-299211639-3247174901-1000_Classes\CLSID\{04a5907b-4487-41c1-aab6-2b151d7e0445}\InprocServer32 -> C:\Windows\system32\dfshim.dll (Microsoft Corporation)

CustomCLSID: HKU\S-1-5-21-2709076479-299211639-3247174901-1000_Classes\CLSID\{083f5ae0-2b0a-11dd-bd0b-0800200c9a66}\InprocServer32 -> C:\Windows\system32\mscoree.dll (Microsoft Corporation)

CustomCLSID: HKU\S-1-5-21-2709076479-299211639-3247174901-1000_Classes\CLSID\{0a7197a2-c054-4489-b3d9-14a4d7899ac2}\InprocServer32 -> C:\Windows\system32\dfshim.dll (Microsoft Corporation)

CustomCLSID: HKU\S-1-5-21-2709076479-299211639-3247174901-1000_Classes\CLSID\{0c03a24f-e0ae-49d6-bd33-3b0f1b76abd1}\InprocServer32 -> C:\Windows\system32\dfshim.dll (Microsoft Corporation)

CustomCLSID: HKU\S-1-5-21-2709076479-299211639-3247174901-1000_Classes\CLSID\{0e3dd277-8f99-4c79-98a9-daab888bbded}\InprocServer32 -> C:\Windows\system32\dfshim.dll (Microsoft Corporation)

CustomCLSID: HKU\S-1-5-21-2709076479-299211639-3247174901-1000_Classes\CLSID\{10417cbf-0903-413f-941d-bdbb8e733bbc}\InprocServer32 -> C:\Windows\system32\dfshim.dll (Microsoft Corporation)

CustomCLSID: HKU\S-1-5-21-2709076479-299211639-3247174901-1000_Classes\CLSID\{11ee3f03-d4fb-4464-be4e-2714141969cc}\InprocServer32 -> C:\Windows\system32\dfshim.dll (Microsoft Corporation)

CustomCLSID: HKU\S-1-5-21-2709076479-299211639-3247174901-1000_Classes\CLSID\{1c492e6a-2803-5ed7-83e1-1b1d4d41eb39}\InprocServer32 -> C:\Program Files\Ubisoft\Ubisoft Game Launcher\npuplaypc.dll (Ubisoft)

CustomCLSID: HKU\S-1-5-21-2709076479-299211639-3247174901-1000_Classes\CLSID\{1d092695-9610-4a8e-b14f-25036476e9e5}\InprocServer32 -> C:\Windows\system32\dfshim.dll (Microsoft Corporation)

CustomCLSID: HKU\S-1-5-21-2709076479-299211639-3247174901-1000_Classes\CLSID\{2be61b4e-1566-4c71-a117-99c9c85ef2a0}\InprocServer32 -> C:\Windows\system32\dfshim.dll (Microsoft Corporation)

CustomCLSID: HKU\S-1-5-21-2709076479-299211639-3247174901-1000_Classes\CLSID\{2fbe8a6b-18b8-45d3-9bcb-3e5f4397c665}\InprocServer32 -> C:\Windows\system32\dfshim.dll (Microsoft Corporation)

CustomCLSID: HKU\S-1-5-21-2709076479-299211639-3247174901-1000_Classes\CLSID\{33a402f9-889f-403f-9862-7e5d363338d4}\InprocServer32 -> C:\Windows\system32\dfshim.dll (Microsoft Corporation)

CustomCLSID: HKU\S-1-5-21-2709076479-299211639-3247174901-1000_Classes\CLSID\{3ed7ba09-6333-4714-9f34-7fbb3270d1db}\InprocServer32 -> C:\Windows\system32\dfshim.dll (Microsoft Corporation)

CustomCLSID: HKU\S-1-5-21-2709076479-299211639-3247174901-1000_Classes\CLSID\{4445060a-61df-42fa-8aa3-307ab0e2bec7}\InprocServer32 -> C:\Windows\system32\dfshim.dll (Microsoft Corporation)

CustomCLSID: HKU\S-1-5-21-2709076479-299211639-3247174901-1000_Classes\CLSID\{47314919-e76d-4f59-a72e-5dc3e205b2df}\InprocServer32 -> C:\Windows\system32\dfshim.dll (Microsoft Corporation)

CustomCLSID: HKU\S-1-5-21-2709076479-299211639-3247174901-1000_Classes\CLSID\{47ffaf2b-3914-46bb-94e0-4eab7c4ebd69}\InprocServer32 -> C:\Windows\system32\dfshim.dll (Microsoft Corporation)

CustomCLSID: HKU\S-1-5-21-2709076479-299211639-3247174901-1000_Classes\CLSID\{4bd74af1-49cd-4054-bfa5-91d0aa412839}\InprocServer32 -> C:\Windows\system32\dfshim.dll (Microsoft Corporation)

CustomCLSID: HKU\S-1-5-21-2709076479-299211639-3247174901-1000_Classes\CLSID\{4d798a3d-a8c1-47d4-8c61-8c3fe23e88c2}\InprocServer32 -> C:\Windows\system32\dfshim.dll (Microsoft Corporation)

CustomCLSID: HKU\S-1-5-21-2709076479-299211639-3247174901-1000_Classes\CLSID\{4dd31cec-6235-4649-9f6c-dc31fb660923}\InprocServer32 -> C:\Windows\system32\dfshim.dll (Microsoft Corporation)

CustomCLSID: HKU\S-1-5-21-2709076479-299211639-3247174901-1000_Classes\CLSID\{4e5077a9-ca06-41af-8394-254edddfb102}\InprocServer32 -> C:\Windows\system32\dfshim.dll (Microsoft Corporation)

CustomCLSID: HKU\S-1-5-21-2709076479-299211639-3247174901-1000_Classes\CLSID\{515068f1-a99b-4ac1-9a66-d0165b1142c5}\InprocServer32 -> C:\Windows\system32\dfshim.dll (Microsoft Corporation)

CustomCLSID: HKU\S-1-5-21-2709076479-299211639-3247174901-1000_Classes\CLSID\{51fc9280-d9ab-480b-8a0c-eb0b8438022f}\InprocServer32 -> C:\Windows\system32\dfshim.dll (Microsoft Corporation)

CustomCLSID: HKU\S-1-5-21-2709076479-299211639-3247174901-1000_Classes\CLSID\{5aaaac67-2535-4c7a-9060-9e4123e49be1}\InprocServer32 -> C:\Windows\system32\dfshim.dll (Microsoft Corporation)

CustomCLSID: HKU\S-1-5-21-2709076479-299211639-3247174901-1000_Classes\CLSID\{5b01473f-97a7-40f0-b281-9083010c6712}\InprocServer32 -> C:\Windows\system32\dfshim.dll (Microsoft Corporation)

CustomCLSID: HKU\S-1-5-21-2709076479-299211639-3247174901-1000_Classes\CLSID\{5b67ef2a-4cfe-4831-bf6f-d86008fadabe}\InprocServer32 -> C:\Windows\system32\dfshim.dll (Microsoft Corporation)

CustomCLSID: HKU\S-1-5-21-2709076479-299211639-3247174901-1000_Classes\CLSID\{67458a4a-7d25-4fbc-b691-5ceabf367772}\InprocServer32 -> C:\Windows\system32\dfshim.dll (Microsoft Corporation)

CustomCLSID: HKU\S-1-5-21-2709076479-299211639-3247174901-1000_Classes\CLSID\{676909ec-0ada-4a01-9ae3-59aae818ba45}\InprocServer32 -> C:\Windows\system32\dfshim.dll (Microsoft Corporation)

CustomCLSID: HKU\S-1-5-21-2709076479-299211639-3247174901-1000_Classes\CLSID\{6c580f86-eba0-4870-b65d-79eaa516583e}\InprocServer32 -> C:\Windows\system32\dfshim.dll (Microsoft Corporation)

CustomCLSID: HKU\S-1-5-21-2709076479-299211639-3247174901-1000_Classes\CLSID\{71f0a88e-7519-471b-bd4f-6154fcbdd8f7}\InprocServer32 -> C:\Windows\system32\dfshim.dll (Microsoft Corporation)

CustomCLSID: HKU\S-1-5-21-2709076479-299211639-3247174901-1000_Classes\CLSID\{723645cd-d184-4af1-b76c-fdfd891acc30}\InprocServer32 -> C:\Windows\system32\dfshim.dll (Microsoft Corporation)

CustomCLSID: HKU\S-1-5-21-2709076479-299211639-3247174901-1000_Classes\CLSID\{778c029c-ca67-4139-a713-03f2be36542d}\InprocServer32 -> C:\Windows\system32\dfshim.dll (Microsoft Corporation)

CustomCLSID: HKU\S-1-5-21-2709076479-299211639-3247174901-1000_Classes\CLSID\{78ba11d6-a818-4806-8cc5-6744097d6348}\InprocServer32 -> C:\Windows\system32\dfshim.dll (Microsoft Corporation)

CustomCLSID: HKU\S-1-5-21-2709076479-299211639-3247174901-1000_Classes\CLSID\{7bb2769a-9ab5-40d0-afb4-c5de7349dfd4}\InprocServer32 -> C:\Windows\system32\dfshim.dll (Microsoft Corporation)

CustomCLSID: HKU\S-1-5-21-2709076479-299211639-3247174901-1000_Classes\CLSID\{7e8785f2-08a9-4c29-989c-bce037d2ed15}\InprocServer32 -> C:\Windows\system32\dfshim.dll (Microsoft Corporation)

CustomCLSID: HKU\S-1-5-21-2709076479-299211639-3247174901-1000_Classes\CLSID\{7eed2dd2-6d0c-4fd2-a26d-7f2b00ed7113}\InprocServer32 -> C:\Windows\system32\dfshim.dll (Microsoft Corporation)

CustomCLSID: HKU\S-1-5-21-2709076479-299211639-3247174901-1000_Classes\CLSID\{7f5df0b5-1189-47c2-9bff-dd630da51e3e}\InprocServer32 -> C:\Windows\system32\dfshim.dll (Microsoft Corporation)

CustomCLSID: HKU\S-1-5-21-2709076479-299211639-3247174901-1000_Classes\CLSID\{8d64261b-2d59-4e29-b18f-28e7e3b9e8cb}\InprocServer32 -> C:\Windows\system32\dfshim.dll (Microsoft Corporation)

CustomCLSID: HKU\S-1-5-21-2709076479-299211639-3247174901-1000_Classes\CLSID\{8e7bd6af-b76e-40c4-a83e-b250ee23d24c}\InprocServer32 -> C:\Windows\system32\dfshim.dll (Microsoft Corporation)

CustomCLSID: HKU\S-1-5-21-2709076479-299211639-3247174901-1000_Classes\CLSID\{9c2bfcf0-77c5-4a55-a276-2055e28a3a44}\InprocServer32 -> C:\Windows\system32\dfshim.dll (Microsoft Corporation)

CustomCLSID: HKU\S-1-5-21-2709076479-299211639-3247174901-1000_Classes\CLSID\{a6e89bf4-d816-4b96-9c6f-deee4934db93}\InprocServer32 -> C:\Windows\system32\dfshim.dll (Microsoft Corporation)

CustomCLSID: HKU\S-1-5-21-2709076479-299211639-3247174901-1000_Classes\CLSID\{b602a86c-da71-43e4-afb9-06949ad636d5}\InprocServer32 -> C:\Windows\system32\dfshim.dll (Microsoft Corporation)

CustomCLSID: HKU\S-1-5-21-2709076479-299211639-3247174901-1000_Classes\CLSID\{b6b6718f-6599-42ab-b6ab-d49e9bdb499c}\InprocServer32 -> C:\Windows\system32\dfshim.dll (Microsoft Corporation)

CustomCLSID: HKU\S-1-5-21-2709076479-299211639-3247174901-1000_Classes\CLSID\{b7379dd7-40b6-4a39-92c5-0d435e0e9954}\InprocServer32 -> C:\Windows\system32\dfshim.dll (Microsoft Corporation)

CustomCLSID: HKU\S-1-5-21-2709076479-299211639-3247174901-1000_Classes\CLSID\{c6e50c7e-4ae2-4265-946c-bcc05ba7b17d}\InprocServer32 -> C:\Windows\system32\dfshim.dll (Microsoft Corporation)

CustomCLSID: HKU\S-1-5-21-2709076479-299211639-3247174901-1000_Classes\CLSID\{cb454c5c-4681-46d2-a50d-c56a9cbe7927}\InprocServer32 -> C:\Windows\system32\dfshim.dll (Microsoft Corporation)

CustomCLSID: HKU\S-1-5-21-2709076479-299211639-3247174901-1000_Classes\CLSID\{cdc7dd1a-89f8-4d4a-b828-48ba76d650dc}\InprocServer32 -> C:\Windows\system32\dfshim.dll (Microsoft Corporation)

CustomCLSID: HKU\S-1-5-21-2709076479-299211639-3247174901-1000_Classes\CLSID\{e32cca19-be55-42c8-9fdd-7a1f5303c802}\InprocServer32 -> C:\Windows\system32\dfshim.dll (Microsoft Corporation)

CustomCLSID: HKU\S-1-5-21-2709076479-299211639-3247174901-1000_Classes\CLSID\{e7652ce6-d2b1-4397-ab10-003ea39478bd}\InprocServer32 -> C:\Windows\system32\dfshim.dll (Microsoft Corporation)

CustomCLSID: HKU\S-1-5-21-2709076479-299211639-3247174901-1000_Classes\CLSID\{f325ce13-5a39-4d46-9acb-1400813405ef}\InprocServer32 -> C:\Windows\system32\dfshim.dll (Microsoft Corporation)

==================== Restore Points =========================

01-10-2014 11:10:46 Scheduled Checkpoint

01-10-2014 12:46:56 Installed TuneUp Utilities 2014

01-10-2014 12:56:11 Uninstalled with Total Uninstall "My Web Backups"

01-10-2014 13:08:19 Uninstalled with Total Uninstall "Microsoft Baseline Security Analyzer 2.2"

01-10-2014 13:09:36 Uninstalled with Total Uninstall "Microsoft Baseline Security Analyzer 2.2"

==================== Hosts content: ==========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2013-03-15 15:03 - 2014-02-25 16:31 - 00000027 ____A C:\Windows\system32\Drivers\etc\hosts

127.0.0.1 localhost

==================== Scheduled Tasks (whitelisted) =============

(If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.)

Task: {0C343FF1-74A7-4274-B269-20B6B7EF1784} - System32\Tasks\Microsoft\Office\Office 15 Subscription Heartbeat => C:\Program Files\Common Files\Microsoft Shared\Office15\OLicenseHeartbeat.exe [2014-01-23] (Microsoft Corporation)

Task: {1E6848C7-1221-46B8-8AE5-CA3B389494C5} - System32\Tasks\Microsoft_Hardware_Launch_itype_exe => c:\Program Files\Microsoft Mouse and Keyboard Center\itype.exe [2013-05-13] (Microsoft Corporation)

Task: {2AF1FCE4-D637-4B73-8CB0-FE4091A2B03A} - System32\Tasks\Microsoft_Hardware_Launch_mousekeyboardcenter_exe => c:\Program Files\Microsoft Mouse and Keyboard Center\mousekeyboardcenter.exe [2013-05-13] (Microsoft)

Task: {423A45D9-6F1D-43A2-9CEC-9FC1BD0889F4} - System32\Tasks\{ED73FD79-A505-4641-8AE9-D1CA9064280F} => Firefox.exe http://ui.skype.com/ui/0/6.14.0.104/en/go/help.faq.installer?LastError=1601

Task: {43788222-0CA6-4714-921A-5BFA2D994FDF} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2014-09-24] (Adobe Systems Incorporated)

Task: {47855562-A8E8-433E-B112-2AEA161694F4} - System32\Tasks\Java Update Scheduler => C:\Program Files\Common Files\Java\Java Update\jusched.exe [2013-07-02] (Oracle Corporation)

Task: {505AE972-9AD0-491F-BCF3-FDF03BBCD6A6} - System32\Tasks\Microsoft_Hardware_Launch_ipoint_exe => c:\Program Files\Microsoft Mouse and Keyboard Center\ipoint.exe [2013-05-13] (Microsoft Corporation)

Task: {532414CF-EE5D-44FA-AF39-74857BE48C37} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files\Apple Software Update\SoftwareUpdate.exe [2011-06-01] (Apple Inc.)

Task: {6F7C0640-20C2-473B-B0B5-37D5178F18D0} - System32\Tasks\{C52B7ADB-1D46-4852-ACD8-82FD7A505E4C} => Firefox.exe http://ui.skype.com/ui/0/6.3.0.107/en/go/help.faq.installer?source=lightinstaller&LastError=1601

Task: {8CC16C9F-C0E2-4837-A00A-9570202E65C5} - System32\Tasks\Microsoft_MKC_Logon_Task_ipoint.exe => c:\Program Files\Microsoft Mouse and Keyboard Center\ipoint.exe [2013-05-13] (Microsoft Corporation)

Task: {B5635BDE-0D64-48AD-A7C3-3F13FBB30EE8} - System32\Tasks\Microsoft_MKC_Logon_Task_itype.exe => c:\Program Files\Microsoft Mouse and Keyboard Center\itype.exe [2013-05-13] (Microsoft Corporation)

Task: {C6B80DC8-9E88-4379-B804-A8899718823E} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files\Google\Update\GoogleUpdate.exe [2014-04-17] (Google Inc.)

Task: {C9F91AB3-C24A-4BEF-A4E9-309306A02B79} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files\Google\Update\GoogleUpdate.exe [2014-04-17] (Google Inc.)

Task: {D988972E-4207-4315-8666-E7BD8FA642AB} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2014-04-17] (Piriform Ltd)

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)

Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe

Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files\Google\Update\GoogleUpdate.exe

Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files\Google\Update\GoogleUpdate.exe

==================== Loaded Modules (whitelisted) =============

2013-03-09 14:40 - 2014-03-04 08:34 - 00109000 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax.dll

2014-01-20 14:17 - 2014-01-20 14:17 - 00073544 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll

2014-01-20 14:16 - 2014-01-20 14:16 - 01044808 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\libxml2.dll

2014-08-14 01:52 - 2014-08-14 01:52 - 00118496 _____ () C:\Program Files\PP助手2.0\adevicehelpersvr.exe

2014-08-14 01:52 - 2014-08-14 01:52 - 00166624 _____ () C:\Program Files\PP助手2.0\monconfigapi.dll

2014-03-12 20:07 - 2014-03-12 20:07 - 08884904 _____ () C:\Program Files\Microsoft Office\Office15\1033\GrooveIntlResource.dll

2014-08-14 01:52 - 2014-08-14 01:52 - 00282336 _____ () C:\Program Files\PP助手2.0\pppclogger.dll

2014-08-14 01:52 - 2014-08-14 01:52 - 00376032 _____ () C:\Program Files\PP助手2.0\DevHelper.dll

2014-08-14 01:52 - 2014-08-14 01:52 - 00329440 _____ () C:\Program Files\PP助手2.0\DriverTools.dll

2013-03-09 22:18 - 2013-03-09 22:04 - 00107520 _____ () C:\Program Files\DAEMON Tools Pro\BRD.dll

2013-09-22 19:18 - 2013-09-22 19:18 - 00113664 _____ () C:\Program Files\VideoLAN\VLC\libvlc.dll

2013-09-22 19:19 - 2013-09-22 19:19 - 02341888 _____ () C:\Program Files\VideoLAN\VLC\libvlccore.dll

2013-09-22 19:18 - 2013-09-22 19:18 - 00246784 _____ () C:\Program Files\VideoLAN\VLC\plugins\access\libdshow_plugin.dll

2013-09-22 19:19 - 2013-09-22 19:19 - 00047616 _____ () C:\Program Files\VideoLAN\VLC\plugins\audio_output\libdirectsound_plugin.dll

2013-09-22 19:19 - 2013-09-22 19:19 - 00050688 _____ () C:\Program Files\VideoLAN\VLC\plugins\audio_output\libwaveout_plugin.dll

2013-09-22 19:19 - 2013-09-22 19:19 - 11749376 _____ () C:\Program Files\VideoLAN\VLC\plugins\gui\libqt4_plugin.dll

2013-09-22 19:18 - 2013-09-22 19:18 - 01283584 _____ () C:\Program Files\VideoLAN\VLC\plugins\misc\libxml_plugin.dll

2013-09-22 19:18 - 2013-09-22 19:18 - 00079360 _____ () C:\Program Files\VideoLAN\VLC\plugins\video_output\libdirectdraw_plugin.dll

2013-09-22 19:18 - 2013-09-22 19:18 - 02029568 _____ () C:\Program Files\VideoLAN\VLC\plugins\access\liblibbluray_plugin.dll

2013-09-22 19:18 - 2013-09-22 19:18 - 00100352 _____ () C:\Program Files\VideoLAN\VLC\plugins\access\libaccess_bd_plugin.dll

2013-09-22 19:18 - 2013-09-22 19:18 - 00258560 _____ () C:\Program Files\VideoLAN\VLC\plugins\access\libdvdnav_plugin.dll

2013-09-22 19:18 - 2013-09-22 19:18 - 00076288 _____ () C:\Program Files\VideoLAN\VLC\plugins\access\libaccess_vdr_plugin.dll

2013-09-22 19:18 - 2013-09-22 19:18 - 00046592 _____ () C:\Program Files\VideoLAN\VLC\plugins\access\libfilesystem_plugin.dll

2013-09-22 19:18 - 2013-09-22 19:18 - 00061440 _____ () C:\Program Files\VideoLAN\VLC\plugins\stream_filter\libsmooth_plugin.dll

2013-09-22 19:18 - 2013-09-22 19:18 - 00465920 _____ () C:\Program Files\VideoLAN\VLC\plugins\stream_filter\libhttplive_plugin.dll

2013-09-22 19:18 - 2013-09-22 19:18 - 00719872 _____ () C:\Program Files\VideoLAN\VLC\plugins\stream_filter\libdash_plugin.dll

2013-09-22 19:18 - 2013-09-22 19:18 - 00114688 _____ () C:\Program Files\VideoLAN\VLC\plugins\access\libzip_plugin.dll

2013-09-22 19:18 - 2013-09-22 19:18 - 00039936 _____ () C:\Program Files\VideoLAN\VLC\plugins\access\libstream_filter_rar_plugin.dll

2013-09-22 19:18 - 2013-09-22 19:18 - 00136704 _____ () C:\Program Files\VideoLAN\VLC\plugins\demux\libplaylist_plugin.dll

2013-09-22 19:18 - 2013-09-22 19:18 - 01409536 _____ () C:\Program Files\VideoLAN\VLC\plugins\meta_engine\libtaglib_plugin.dll

2013-09-22 19:18 - 2013-09-22 19:18 - 00300032 _____ () C:\Program Files\VideoLAN\VLC\plugins\lua\liblua_plugin.dll

2013-09-22 19:18 - 2013-09-22 19:18 - 00056320 _____ () C:\Program Files\VideoLAN\VLC\plugins\control\libhotkeys_plugin.dll

2013-09-22 19:18 - 2013-09-22 19:18 - 00038912 _____ () C:\Program Files\VideoLAN\VLC\plugins\control\libglobalhotkeys_plugin.dll

2013-09-22 19:18 - 2013-09-22 19:18 - 00378368 _____ () C:\Program Files\VideoLAN\VLC\plugins\services_discovery\libupnp_plugin.dll

2013-09-22 19:18 - 2013-09-22 19:18 - 00118272 _____ () C:\Program Files\VideoLAN\VLC\plugins\services_discovery\libsap_plugin.dll

2013-09-22 19:18 - 2013-09-22 19:18 - 00043520 _____ () C:\Program Files\VideoLAN\VLC\plugins\services_discovery\libpodcast_plugin.dll

2013-09-22 19:18 - 2013-09-22 19:18 - 00039936 _____ () C:\Program Files\VideoLAN\VLC\plugins\services_discovery\libmediadirs_plugin.dll

2013-09-22 19:18 - 2013-09-22 19:18 - 00037376 _____ () C:\Program Files\VideoLAN\VLC\plugins\services_discovery\libwindrive_plugin.dll

2013-09-22 19:18 - 2013-09-22 19:18 - 00192000 _____ () C:\Program Files\VideoLAN\VLC\plugins\demux\libmp4_plugin.dll

2013-09-22 19:18 - 2013-09-22 19:18 - 00091136 _____ () C:\Program Files\VideoLAN\VLC\plugins\demux\libavi_plugin.dll

2013-09-22 19:19 - 2013-09-22 19:19 - 00292864 _____ () C:\Program Files\VideoLAN\VLC\plugins\codec\libpng_plugin.dll

2013-09-22 19:19 - 2013-09-22 19:19 - 00040448 _____ () C:\Program Files\VideoLAN\VLC\plugins\codec\libcdg_plugin.dll

2013-09-22 19:18 - 2013-09-22 19:18 - 01297920 _____ () C:\Program Files\VideoLAN\VLC\plugins\codec\libschroedinger_plugin.dll

2013-09-22 19:19 - 2013-09-22 19:19 - 00041472 _____ () C:\Program Files\VideoLAN\VLC\plugins\codec\libdts_plugin.dll

2013-09-22 19:19 - 2013-09-22 19:19 - 00350720 _____ () C:\Program Files\VideoLAN\VLC\plugins\codec\libtheora_plugin.dll

2013-09-22 19:18 - 2013-09-22 19:18 - 00359424 _____ () C:\Program Files\VideoLAN\VLC\plugins\codec\libfaad_plugin.dll

2013-09-22 19:18 - 2013-09-22 19:18 - 00209408 _____ () C:\Program Files\VideoLAN\VLC\plugins\codec\libflac_plugin.dll

2013-09-22 19:19 - 2013-09-22 19:19 - 00049152 _____ () C:\Program Files\VideoLAN\VLC\plugins\codec\libg711_plugin.dll

2013-09-22 19:19 - 2013-09-22 19:19 - 00037888 _____ () C:\Program Files\VideoLAN\VLC\plugins\codec\libaes3_plugin.dll

2013-09-22 19:19 - 2013-09-22 19:19 - 01381376 _____ () C:\Program Files\VideoLAN\VLC\plugins\codec\liblibass_plugin.dll

2013-09-22 19:18 - 2013-09-22 19:18 - 00144896 _____ () C:\Program Files\VideoLAN\VLC\plugins\codec\libspeex_plugin.dll

2013-09-22 19:18 - 2013-09-22 19:18 - 00044032 _____ () C:\Program Files\VideoLAN\VLC\plugins\codec\liblpcm_plugin.dll

2013-09-22 19:18 - 2013-09-22 19:18 - 01723904 _____ () C:\Program Files\VideoLAN\VLC\plugins\codec\libvorbis_plugin.dll

2013-09-22 19:19 - 2013-09-22 19:19 - 00041472 _____ () C:\Program Files\VideoLAN\VLC\plugins\codec\libmpeg_audio_plugin.dll

2013-09-22 19:18 - 2013-09-22 19:18 - 00048640 _____ () C:\Program Files\VideoLAN\VLC\plugins\codec\libaraw_plugin.dll

2013-09-22 19:19 - 2013-09-22 19:19 - 00311296 _____ () C:\Program Files\VideoLAN\VLC\plugins\codec\libopus_plugin.dll

2013-09-22 19:19 - 2013-09-22 19:19 - 00040448 _____ () C:\Program Files\VideoLAN\VLC\plugins\codec\liba52_plugin.dll

2013-09-22 19:18 - 2013-09-22 19:18 - 00042496 _____ () C:\Program Files\VideoLAN\VLC\plugins\codec\libspudec_plugin.dll

2013-09-22 19:18 - 2013-09-22 19:18 - 09987584 _____ () C:\Program Files\VideoLAN\VLC\plugins\codec\libavcodec_plugin.dll

2013-09-22 19:18 - 2013-09-22 19:18 - 00731648 _____ () C:\Program Files\VideoLAN\VLC\plugins\text_renderer\libfreetype_plugin.dll

2013-09-22 19:18 - 2013-09-22 19:18 - 00034816 _____ () C:\Program Files\VideoLAN\VLC\plugins\audio_mixer\libfloat_mixer_plugin.dll

2013-09-22 19:18 - 2013-09-22 19:18 - 00040960 _____ () C:\Program Files\VideoLAN\VLC\plugins\audio_filter\libscaletempo_plugin.dll

2013-09-22 19:18 - 2013-09-22 19:18 - 00130560 _____ () C:\Program Files\VideoLAN\VLC\plugins\audio_filter\libmpgatofixed32_plugin.dll

2013-09-22 19:18 - 2013-09-22 19:18 - 00183808 _____ () C:\Program Files\VideoLAN\VLC\plugins\audio_filter\libdtstofloat32_plugin.dll

2013-09-22 19:18 - 2013-09-22 19:18 - 00073728 _____ () C:\Program Files\VideoLAN\VLC\plugins\audio_filter\liba52tofloat32_plugin.dll

2013-09-22 19:18 - 2013-09-22 19:18 - 00052224 _____ () C:\Program Files\VideoLAN\VLC\plugins\sse2\libi420_yuy2_sse2_plugin.dll

2013-09-22 19:18 - 2013-09-22 19:18 - 01518592 _____ () C:\Program Files\VideoLAN\VLC\plugins\audio_filter\libsamplerate_plugin.dll

2013-09-22 19:18 - 2013-09-22 19:18 - 00044032 _____ () C:\Program Files\VideoLAN\VLC\plugins\mmx\libi420_yuy2_mmx_plugin.dll

2013-09-22 19:18 - 2013-09-22 19:18 - 00541184 _____ () C:\Program Files\VideoLAN\VLC\plugins\video_filter\libswscale_plugin.dll

2013-09-22 19:18 - 2013-09-22 19:18 - 00040960 _____ () C:\Program Files\VideoLAN\VLC\plugins\audio_filter\libsimple_channel_mixer_plugin.dll

2013-09-22 19:18 - 2013-09-22 19:18 - 00035328 _____ () C:\Program Files\VideoLAN\VLC\plugins\audio_filter\liba52tospdif_plugin.dll

2013-09-22 19:18 - 2013-09-22 19:18 - 00037376 _____ () C:\Program Files\VideoLAN\VLC\plugins\audio_filter\libdtstospdif_plugin.dll

2013-09-22 19:18 - 2013-09-22 19:18 - 00137728 _____ () C:\Program Files\VideoLAN\VLC\plugins\sse2\libi420_rgb_sse2_plugin.dll

2013-09-22 19:18 - 2013-09-22 19:18 - 00036352 _____ () C:\Program Files\VideoLAN\VLC\plugins\audio_filter\libdolby_surround_decoder_plugin.dll

2013-09-22 19:18 - 2013-09-22 19:18 - 00051712 _____ () C:\Program Files\VideoLAN\VLC\plugins\sse2\libi422_yuy2_sse2_plugin.dll

2013-09-22 19:18 - 2013-09-22 19:18 - 00036352 _____ () C:\Program Files\VideoLAN\VLC\plugins\audio_filter\libugly_resampler_plugin.dll

2013-09-22 19:18 - 2013-09-22 19:18 - 00043008 _____ () C:\Program Files\VideoLAN\VLC\plugins\mmx\libi422_yuy2_mmx_plugin.dll

2013-09-22 19:18 - 2013-09-22 19:18 - 00076800 _____ () C:\Program Files\VideoLAN\VLC\plugins\mmx\libi420_rgb_mmx_plugin.dll

2013-09-22 19:18 - 2013-09-22 19:18 - 00036864 _____ () C:\Program Files\VideoLAN\VLC\plugins\audio_filter\libtrivial_channel_mixer_plugin.dll

2013-09-22 19:18 - 2013-09-22 19:18 - 00038912 _____ () C:\Program Files\VideoLAN\VLC\plugins\video_chroma\libyuy2_i422_plugin.dll

2013-09-22 19:18 - 2013-09-22 19:18 - 00046080 _____ () C:\Program Files\VideoLAN\VLC\plugins\audio_filter\libaudio_format_plugin.dll

2013-09-22 19:18 - 2013-09-22 19:18 - 00037376 _____ () C:\Program Files\VideoLAN\VLC\plugins\video_chroma\libgrey_yuv_plugin.dll

2013-09-22 19:18 - 2013-09-22 19:18 - 00055808 _____ () C:\Program Files\VideoLAN\VLC\plugins\video_chroma\libi420_rgb_plugin.dll

2013-09-22 19:18 - 2013-09-22 19:18 - 00041984 _____ () C:\Program Files\VideoLAN\VLC\plugins\video_chroma\libi420_yuy2_plugin.dll

2013-09-22 19:18 - 2013-09-22 19:18 - 00043008 _____ () C:\Program Files\VideoLAN\VLC\plugins\video_chroma\libyuy2_i420_plugin.dll

2013-09-22 19:18 - 2013-09-22 19:18 - 00040448 _____ () C:\Program Files\VideoLAN\VLC\plugins\video_chroma\libi422_yuy2_plugin.dll

2013-09-22 19:18 - 2013-09-22 19:18 - 00037376 _____ () C:\Program Files\VideoLAN\VLC\plugins\video_chroma\libi422_i420_plugin.dll

2013-09-22 19:18 - 2013-09-22 19:18 - 00036864 _____ () C:\Program Files\VideoLAN\VLC\plugins\video_filter\libscale_plugin.dll

2013-09-22 19:18 - 2013-09-22 19:18 - 00035840 _____ () C:\Program Files\VideoLAN\VLC\plugins\video_filter\libyuvp_plugin.dll

2013-09-22 19:18 - 2013-09-22 19:18 - 00079872 _____ () C:\Program Files\VideoLAN\VLC\plugins\video_output\libdirect3d_plugin.dll

2014-03-31 14:08 - 2014-09-27 10:50 - 03715184 _____ () C:\Program Files\Mozilla Firefox\mozjs.dll

2014-08-19 02:02 - 2014-08-19 02:02 - 01020928 _____ () C:\Users\nots0\AppData\Roaming\Mozilla\Firefox\Profiles\tz0ans2l.default\extensions\support@lastpass.com\platform\WINNT_x86-msvc\components\lpxpcom.dll

2014-05-24 16:06 - 2014-05-12 01:51 - 01397880 _____ () C:\Program Files\Opera\21.0.1432.67\opera_crashreporter.exe

2014-05-24 16:06 - 2014-05-12 01:51 - 00877688 _____ () C:\Program Files\Opera\21.0.1432.67\libglesv2.dll

2014-05-24 16:06 - 2014-05-12 01:51 - 00135800 _____ () C:\Program Files\Opera\21.0.1432.67\libegl.dll

2014-05-24 16:06 - 2014-05-12 01:51 - 00957048 _____ () C:\Program Files\Opera\21.0.1432.67\ffmpegsumo.dll

2014-09-10 23:01 - 2014-09-10 23:01 - 16825520 _____ () C:\Windows\system32\Macromed\Flash\NPSWF32_15_0_0_152.dll

2014-10-01 10:31 - 2014-10-01 10:31 - 04893784 _____ () C:\Users\nots0\Downloads\RogueKiller.exe

==================== Alternate Data Streams (whitelisted) =========

(If an entry is included in the fixlist, only the Alternate Data Streams will be removed.)

AlternateDataStreams: C:\ProgramData\TEMP:9A870F8B

AlternateDataStreams: C:\ProgramData\TEMP:D1B5B4F1

==================== Safe Mode (whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WinFLAdrv.sys => ""="Driver"

==================== EXE Association (whitelisted) =============

(If an entry is included in the fixlist, the default will be restored. None default entries will be removed.)

==================== MSCONFIG/TASK MANAGER disabled items =========

(Currently there is no automatic fix for this section.)

MSCONFIG\Services: AxInstSV => 3

MSCONFIG\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^StrongVaultApp.exe.lnk => C:\Windows\pss\StrongVaultApp.exe.lnk.CommonStartup

MSCONFIG\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^Who Is On My Wifi.lnk => C:\Windows\pss\Who Is On My Wifi.lnk.CommonStartup

MSCONFIG\startupfolder: C:^Users^nots0^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^CurseClientStartup.ccip => C:\Windows\pss\CurseClientStartup.ccipStartup

MSCONFIG\startupfolder: C:^Users^nots0^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^Rainmeter.lnk => C:\Windows\pss\Rainmeter.lnkStartup

MSCONFIG\startupfolder: C:^Users^nots0^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^Send to OneNote.lnk => C:\Windows\pss\Send to OneNote.lnkStartup

MSCONFIG\startupreg: AdobeAAMUpdater-1.0 => "C:\Program Files\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe"

MSCONFIG\startupreg: AdobeCS6ServiceManager => "C:\Program Files\Common Files\Adobe\CS6ServiceManager\CS6ServiceManager.exe" -launchedbylogin

MSCONFIG\startupreg: HDAudDeck => C:\Program Files\VIA\VIAudioi\VDeck\VDeck.exe -r

MSCONFIG\startupreg: Skype => "C:\Program Files\Skype\Phone\Skype.exe" /minimized /regrun

MSCONFIG\startupreg: SunJavaUpdateSched => "C:\Program Files\Common Files\Java\Java Update\jusched.exe"

MSCONFIG\startupreg: Zune Launcher => "C:\Program Files\Zune\ZuneLauncher.exe"

========================= Accounts: ==========================

Administrator (S-1-5-21-2709076479-299211639-3247174901-500 - Administrator - Disabled)

Guest (S-1-5-21-2709076479-299211639-3247174901-501 - Limited - Disabled)

nots0 (S-1-5-21-2709076479-299211639-3247174901-1000 - Administrator - Enabled) => C:\Users\nots0

==================== Faulty Device Manager Devices =============

Name: WAN Miniport (PPPOE)

Description: WAN Miniport (PPPOE)

Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}

Manufacturer: Microsoft

Service: RasPppoe

Problem: : This device is disabled. (Code 22)

Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.

Name: WAN Miniport (PPTP)

Description: WAN Miniport (PPTP)

Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}

Manufacturer: Microsoft

Service: PptpMiniport

Problem: : This device is disabled. (Code 22)

Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.

Name: WAN Miniport (SSTP)

Description: WAN Miniport (SSTP)

Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}

Manufacturer: Microsoft

Service: RasSstp

Problem: : This device is disabled. (Code 22)

Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.

Name: Microsoft ISATAP Adapter

Description: Microsoft ISATAP Adapter

Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}

Manufacturer: Microsoft

Service: tunnel

Problem: : This device is disabled. (Code 22)

Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.

Name: Microsoft ISATAP Adapter #2

Description: Microsoft ISATAP Adapter

Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}

Manufacturer: Microsoft

Service: tunnel

Problem: : This device is disabled. (Code 22)

Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.

Name: Microsoft ISATAP Adapter #3

Description: Microsoft ISATAP Adapter

Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}

Manufacturer: Microsoft

Service: tunnel

Problem: : This device is disabled. (Code 22)

Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.

Name: siCk

Description: Zune

Class Guid: {eec5ad98-8080-425f-922a-dabf3de3f69a}

Manufacturer: Microsoft

Service: WUDFRd

Problem: : Windows has stopped this device because it has reported problems. (Code 43)

Resolution: One of the drivers controlling the device notified the operating system that the device failed in some manner. For more information about how to diagnose the problem, see the hardware documentation.

Name: WAN Miniport (IKEv2)

Description: WAN Miniport (IKEv2)

Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}

Manufacturer: Microsoft

Service: RasAgileVpn

Problem: : This device is disabled. (Code 22)

Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.

Name: WAN Miniport (L2TP)

Description: WAN Miniport (L2TP)

Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}

Manufacturer: Microsoft

Service: Rasl2tp

Problem: : This device is disabled. (Code 22)

Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.

Name: WAN Miniport (Network Monitor)

Description: WAN Miniport (Network Monitor)

Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}

Manufacturer: Microsoft

Service: NdisWan

Problem: : This device is disabled. (Code 22)

Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.

Name: WAN Miniport (IP)

Description: WAN Miniport (IP)

Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}

Manufacturer: Microsoft

Service: NdisWan

Problem: : This device is disabled. (Code 22)

Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.

Name: WAN Miniport (IPv6)

Description: WAN Miniport (IPv6)

Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}

Manufacturer: Microsoft

Service: NdisWan

Problem: : This device is disabled. (Code 22)

Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.

==================== Event log errors: =========================

Application errors:

==================

Error: (10/01/2014 09:12:45 AM) (Source: ESENT) (EventID: 104) (User: )

Description: Windows (3708) Windows: The database engine stopped the instance (0) with error (-1090).

Error: (10/01/2014 09:12:13 AM) (Source: ESENT) (EventID: 471) (User: )

Description: Windows (3708) Windows: Unable to rollback operation #406168 on database C:\ProgramData\Microsoft\Search\Data\Applications\Windows\Windows.edb. Error: -510. All future database updates will be rejected.

Error: (10/01/2014 09:12:13 AM) (Source: ESENT) (EventID: 492) (User: )

Description: Windows (3708) Windows: The logfile sequence in "C:\ProgramData\Microsoft\Search\Data\Applications\Windows\" has been halted due to a fatal error. No further updates are possible for the databases that use this logfile sequence. Please correct the problem and restart or restore from backup.

Error: (10/01/2014 09:12:13 AM) (Source: ESENT) (EventID: 413) (User: )

Description: Windows (3708) Windows: Unable to create a new logfile because the database cannot write to the log drive. The drive may be read-only, out of disk space, misconfigured, or corrupted. Error -1023.

Error: (10/01/2014 09:12:13 AM) (Source: ESENT) (EventID: 486) (User: )

Description: Windows (3708) Windows: An attempt to move the file "C:\ProgramData\Microsoft\Search\Data\Applications\Windows\MSS.log" to "C:\ProgramData\Microsoft\Search\Data\Applications\Windows\MSS008D0.log" failed with system error 3 (0x00000003): "The system cannot find the path specified. ". The move file operation will fail with error -1023 (0xfffffc01).

Error: (10/01/2014 09:12:13 AM) (Source: ESENT) (EventID: 439) (User: )

Description: Windows (3708) Windows: Unable to write a shadowed header for file C:\ProgramData\Microsoft\Search\Data\Applications\Windows\MSS.chk. Error -1023.

Error: (10/01/2014 09:12:06 AM) (Source: ESENT) (EventID: 439) (User: )

Description: Windows (3708) Windows: Unable to write a shadowed header for file C:\ProgramData\Microsoft\Search\Data\Applications\Windows\MSS.chk. Error -1023.

Error: (10/01/2014 07:29:28 AM) (Source: Office 2013 Licensing Service) (EventID: 0) (User: )

Description: Subscription licensing service failed: -2147023838

Error: (09/30/2014 01:54:03 PM) (Source: Bonjour Service) (EventID: 100) (User: )

Description: Task Scheduling Error: m->NextScheduledSPRetry 11185

Error: (09/30/2014 01:54:03 PM) (Source: Bonjour Service) (EventID: 100) (User: )

Description: Task Scheduling Error: m->NextScheduledEvent 11185

System errors:

=============

Error: (10/01/2014 10:05:29 AM) (Source: Microsoft Antimalware) (EventID: 2001) (User: )

Description: %NT AUTHORITY60 has encountered an error trying to update signatures.

New Signature Version:

Previous Signature Version: 1.185.1458.0

Update Source: %NT AUTHORITY59

Update Stage: 4.5.0216.00

Source Path: 4.5.0216.01

Signature Type: %NT AUTHORITY602

Update Type: %NT AUTHORITY604

User: NT AUTHORITY\SYSTEM

Current Engine Version: %NT AUTHORITY605

Previous Engine Version: %NT AUTHORITY606

Error code: %NT AUTHORITY607

Error description: %NT AUTHORITY608

Error: (10/01/2014 09:58:33 AM) (Source: DCOM) (EventID: 10000) (User: )

Description: C:\Windows\system32\DllHost.exe /Processid:{AB8902B4-09CA-4BB6-B78D-A8F59079A8D5}5{AB8902B4-09CA-4BB6-B78D-A8F59079A8D5}

Error: (10/01/2014 09:58:29 AM) (Source: DCOM) (EventID: 10001) (User: )

Description: C:\Windows\system32\DllHost.exe /Processid:{F9717507-6651-4EDB-BFF7-AE615179BCCF}5{C39EE728-D419-4BD4-A3EF-EDA059DBD935}

Error: (10/01/2014 09:55:20 AM) (Source: Service Control Manager) (EventID: 7001) (User: )

Description: The Internet Connection Sharing (ICS) service depends on the Remote Access Connection Manager service which failed to start because of the following error:

%%1058

Error: (10/01/2014 09:13:17 AM) (Source: Service Control Manager) (EventID: 7034) (User: )

Description: The PP Assistant Service service terminated unexpectedly. It has done this 1 time(s).

Error: (10/01/2014 09:13:15 AM) (Source: Service Control Manager) (EventID: 7000) (User: )

Description: The Windows Search service failed to start due to the following error:

%%2

Error: (10/01/2014 08:31:06 AM) (Source: DCOM) (EventID: 10000) (User: )

Description: C:\Windows\system32\DllHost.exe /Processid:{AB8902B4-09CA-4BB6-B78D-A8F59079A8D5}5{AB8902B4-09CA-4BB6-B78D-A8F59079A8D5}

Error: (10/01/2014 08:29:54 AM) (Source: DCOM) (EventID: 10001) (User: )

Description: C:\Windows\system32\DllHost.exe /Processid:{F9717507-6651-4EDB-BFF7-AE615179BCCF}5{C39EE728-D419-4BD4-A3EF-EDA059DBD935}

Error: (09/30/2014 11:16:25 PM) (Source: Microsoft Antimalware) (EventID: 2001) (User: )

Description: %NT AUTHORITY60 has encountered an error trying to update signatures.

New Signature Version:

Previous Signature Version: 1.185.1458.0

Update Source: %NT AUTHORITY59

Update Stage: 4.5.0216.00

Source Path: 4.5.0216.01

Signature Type: %NT AUTHORITY602

Update Type: %NT AUTHORITY604

User: NT AUTHORITY\SYSTEM

Current Engine Version: %NT AUTHORITY605

Previous Engine Version: %NT AUTHORITY606

Error code: %NT AUTHORITY607

Error description: %NT AUTHORITY608

Error: (09/30/2014 01:26:08 PM) (Source: DCOM) (EventID: 10000) (User: )

Description: C:\Windows\system32\DllHost.exe /Processid:{16D99191-6280-4B33-A2F5-04805A0FC582}5{BB46F03E-7CD2-489F-8F95-BB950F395FDB}

Microsoft Office Sessions:

=========================

Error: (10/01/2014 09:12:45 AM) (Source: ESENT) (EventID: 104) (User: )

Description: Windows3708Windows: 0-1090

Error: (10/01/2014 09:12:13 AM) (Source: ESENT) (EventID: 471) (User: )

Description: Windows3708Windows: 406168C:\ProgramData\Microsoft\Search\Data\Applications\Windows\Windows.edb-510

Error: (10/01/2014 09:12:13 AM) (Source: ESENT) (EventID: 492) (User: )

Description: Windows3708Windows: C:\ProgramData\Microsoft\Search\Data\Applications\Windows\

Error: (10/01/2014 09:12:13 AM) (Source: ESENT) (EventID: 413) (User: )

Description: Windows3708Windows: -1023

Error: (10/01/2014 09:12:13 AM) (Source: ESENT) (EventID: 486) (User: )

Description: Windows3708Windows: C:\ProgramData\Microsoft\Search\Data\Applications\Windows\MSS.logC:\ProgramData\Microsoft\Search\Data\Applications\Windows\MSS008D0.log-1023 (0xfffffc01)3 (0x00000003)The system cannot find the path specified.

Error: (10/01/2014 09:12:13 AM) (Source: ESENT) (EventID: 439) (User: )

Description: Windows3708Windows: C:\ProgramData\Microsoft\Search\Data\Applications\Windows\MSS.chk-1023