Jump to content
Due to inclement weather in Southwest Florida, our Clearwater support team is offline. Our other offices are available to assist you, however their responses may be delayed. We appreciate your patience and understanding during this time. ×

Malware in Registry is coming back after I remove it!


Recommended Posts

Title says it all. I've used RogueKiller, MalwareBytes, AdwCleaner, and others, but it just won't seem to make the viruses go away! They're located in the registry. Here's the most recent log I've got from RogueKiller:

 

¤¤¤ Registry : 8 ¤¤¤
[PUM.Proxy] (X64) HKEY_USERS\S-1-5-21-3947115814-391582577-3851701547-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings | ProxyEnable : 1  -> Found
[PUM.Proxy] (X86) HKEY_USERS\S-1-5-21-3947115814-391582577-3851701547-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings | ProxyEnable : 1  -> Found
[PUM.Proxy] (X64) HKEY_USERS\S-1-5-21-3947115814-391582577-3851701547-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings | ProxyServer : http=127.0.0.1:9880;https=127.0.0.1:9880  -> Found
[PUM.Proxy] (X86) HKEY_USERS\S-1-5-21-3947115814-391582577-3851701547-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings | ProxyServer : http=127.0.0.1:9880;https=127.0.0.1:9880  -> Found
[PUM.Dns] (X64) HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\Tcpip\Parameters | DhcpNameServer : 209.18.47.61 209.18.47.62 [uNITED STATES (US)][uNITED STATES (US)]  -> Found
[PUM.Dns] (X64) HKEY_LOCAL_MACHINE\System\ControlSet001\Services\Tcpip\Parameters | DhcpNameServer : 209.18.47.61 209.18.47.62 [uNITED STATES (US)][uNITED STATES (US)]  -> Found
[PUM.Dns] (X64) HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\Tcpip\Parameters\Interfaces\{DC165870-5533-494C-A007-93E673C686C7} | DhcpNameServer : 209.18.47.61 209.18.47.62 [uNITED STATES (US)][uNITED STATES (US)]  -> Found
[PUM.Dns] (X64) HKEY_LOCAL_MACHINE\System\ControlSet001\Services\Tcpip\Parameters\Interfaces\{DC165870-5533-494C-A007-93E673C686C7} | DhcpNameServer : 209.18.47.61 209.18.47.62 [uNITED STATES (US)][uNITED STATES (US)]  -> Found
 
¤¤¤ Tasks : 0 ¤¤¤
 
¤¤¤ Files : 0 ¤¤¤
 
¤¤¤ Hosts File : 0 ¤¤¤
 
¤¤¤ Antirootkit : 0 (Driver: Loaded) ¤¤¤
 
¤¤¤ Web browsers : 0 ¤¤¤
 
¤¤¤ MBR Check : ¤¤¤
+++++ PhysicalDrive0: ST31000524AS +++++
--- User ---
[MBR] 246be7e08a648f48194db83fc7919f5c
[bSP] d14c526c4b03f2922f0c0f8a07d63a03 : Unknown MBR Code
Partition table:
0 - [ACTIVE] NTFS (0x7) [VISIBLE] Offset (sectors): 2048 | Size: 100 MB
1 - [XXXXXX] NTFS (0x7) [VISIBLE] Offset (sectors): 206848 | Size: 942413 MB
2 - [XXXXXX] NTFS (0x7) [VISIBLE] Offset (sectors): 1930268672 | Size: 11354 MB
User = LL1 ... OK
User = LL2 ... OK
 
+++++ PhysicalDrive1: Generic- SD/MMC USB Device +++++
Error reading User MBR! ([15] The device is not ready. )
Error reading LL1 MBR! NOT VALID!
Error reading LL2 MBR! ([32] The request is not supported. )
 
+++++ PhysicalDrive2: Generic- Compact Flash USB Device +++++
Error reading User MBR! ([15] The device is not ready. )
Error reading LL1 MBR! NOT VALID!
Error reading LL2 MBR! ([32] The request is not supported. )
 
+++++ PhysicalDrive3: Generic- SM/xD-Picture USB Device +++++
Error reading User MBR! ([15] The device is not ready. )
Error reading LL1 MBR! NOT VALID!
Error reading LL2 MBR! ([32] The request is not supported. )
 
+++++ PhysicalDrive4: Generic- MS/MS-Pro USB Device +++++
Error reading User MBR! ([15] The device is not ready. )
Error reading LL1 MBR! NOT VALID!
Error reading LL2 MBR! ([32] The request is not supported. )
 
 
============================================
RKreport_SCN_12192014_182405.log - RKreport_DEL_12192014_182548.log - RKreport_SCN_12192014_182928.log - RKreport_DEL_12192014_183007.log
Link to post
Share on other sites

Hello Nintendo4an1, welcome to Malwarebytes' Malware Removal forum!
 
My username is LiquidTension, but you can call me Adam. I will be assisting you with your malware-related problems.
If you would allow me to call you by your first name I would prefer that. :)
 
General P2P/Piracy Notice: 
 

If you are using Peer to Peer (P2P) filesharing software such as uTorrent, BitTorrent or similar you must either fully uninstall or completely disable the programme(s) from running whilst receiving assistance at this forum. 
Failure to remove or disable such software will result in your topic being closed and no further assistance being provided.
If you have illegal/cracked/keygen or similar software on the computer, please remove/uninstall the software now and read the policy on Piracy. Failure to do so will also result in your topic being closed.

 
======================================================
 
Please read through the points below to ensure this process moves as quickly and efficiently as possible.

  • Please ensure you read through my instructions thoroughly, and carry out each step in the order specified.
  • If you are unable to copy/paste your logs directly into your post, please attach the file. 
  • Please do not run any tools or take any steps other than those I provide for you. Independent efforts may make matters worse, and will affect my ability in ascertaining the current situation and providing the best set of instructions for you.
  • Please backup important files before proceeding with my instructions. Malware removal can be unpredictable.
  • If you come across any issues whilst following my instructions, please stop and inform me of the issue in as much detail as possible. Please do not hesitate to ask before proceeding.
  • Topics are locked if no response is made after 4 days. Please inform me if you will require additional time to complete my instructions.
  • Ensure you are following this topic. Click xetYzdbu.png.pagespeed.ic.U7AjmRUewW.png at the top of the page. 
     

======================================================

STEP 1
GfiJrQ9.png Malwarebytes Anti-Malware (MBAM)

  • Open Malwarebytes Anti-Malware and click Update Now.
  • Once updated, click the Settings tab, followed by Detection and Protection and tick Scan for rootkits.
  • Click the Scan tab, ensure Threat Scan is checked and click Scan Now.
  • Note: You may see the following message, "Could not load DDA driver". Click Yes, allow your PC to reboot and continue afterwards. 
  • If threats are detected, click the Apply Actions button. You will now be prompted to reboot. Click Yes.
  • Upon completion of the scan (or after the reboot), click the History tab.
  • Click Application Logs and double-click the Scan Log.
  • Click Copy to Clipboard and paste the log in your next reply. 
     

STEP 2
xlK5Hdb.png Farbar Recovery Scan Tool (FRST) Scan

  • Please download Farbar Recovery Scan Tool (x32) or Farbar Recovery Scan Tool (x64) and save the file to your Desktop.
  • Note: Download and run the version compatible with your system (32 or 64-bit). Download both if you're unsure; only one will run.
  • Right-Click FRST.exe / FRST64.exe and select AVOiBNU.jpg Run as administrator to run the programme.
  • Click Yes to the disclaimer.
  • Ensure the Addition.txt box is checked.
  • Click the Scan button and let the programme run.
  • Upon completion, click OK, then OK on the Addition.txt pop up screen.
  • Two logs (FRST.txt & Addition.txt) will now be open on your Desktop. Copy the contents of both logs and paste in your next reply. 
     

STEP 3
YARWD1t.png.pagespeed.ce.nvhmVeYDe3.png TDSSKiller Scan

  • Please download TDSSKiller and save the file to your Desktop.
  • Right-Click TDSSKiller.exe and select xAVOiBNU.jpg.pagespeed.ic.H5HC6LkiJX.jpg Run as administrator to run the programme.
  • Click Change parameters. Place a checkmark next to Detect TDLFS file system and Verify file digital signatures.
  • ​Click Start Scan. Do not use the computer during the scan.
  • If objects are found, change the action to skip.
  • Click Continue and close the window.
  • A log will be created and saved to the root directory (usually C:\). Attach the file in your next reply.
     

======================================================
 
STEP 4
pfNZP4A.png Logs
In your next reply please include the following logs. Please be sure to copy and paste the requested logs, as well as provide information on any questions I may have asked.

  • MBAM scan log
  • FRST.txt
  • Addition.txt
  • TDSSKiller log (attached!)
Link to post
Share on other sites

Thanks, Adam. I also want to inform you while I'm doing the things that you said to do, that the proxy server on Internet Explorer is constantly being redirected to 127.0.0.1:9***. I looked in registry and saw there was a ProxyOverride file on top of the ProxyServer. I don't know if that's supposed to be there, but I suppose we'll find out in the log files. 

Link to post
Share on other sites

MALWAREBYTES

 

Malwarebytes Anti-Malware
www.malwarebytes.org
 
Scan Date: 12/20/2014
Scan Time: 9:02:34 AM
Logfile: 
Administrator: Yes
 
Version: 2.00.4.1028
Malware Database: v2014.12.20.04
Rootkit Database: v2014.12.14.01
License: Trial
Malware Protection: Enabled
Malicious Website Protection: Enabled
Self-protection: Disabled
 
OS: Windows 7 Service Pack 1
CPU: x64
File System: NTFS
User: Grizzell
 
Scan Type: Threat Scan
Result: Completed
Objects Scanned: 407176
Time Elapsed: 51 min, 48 sec
 
Memory: Enabled
Startup: Enabled
Filesystem: Enabled
Archives: Enabled
Rootkits: Enabled
Heuristics: Enabled
PUP: Enabled
PUM: Enabled
 
Processes: 0
(No malicious items detected)
 
Modules: 0
(No malicious items detected)
 
Registry Keys: 1
PUP.Optional.CouponBar.A, HKLM\SOFTWARE\WOW6432NODE\GOOGLE\CHROME\EXTENSIONS\cnpkmcjgpcihgfnkcjapiaabbbplkcmf, Quarantined, [6bb289da6d0fc86e1bdddd78a261b24e], 
 
Registry Values: 2
PUM.Bad.Proxy, HKU\S-1-5-21-3947115814-391582577-3851701547-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\INTERNET SETTINGS|ProxyServer, http=127.0.0.1:9880;https=127.0.0.1:9880, Quarantined, [d449075c3547b0867ce92e3ad72c27d9]
PUP.Optional.ObronaBlockAds.A, HKU\S-1-5-21-3947115814-391582577-3851701547-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\RUN|Obrona Block Ads, "C:\Users\Grizzell\AppData\Local\Obrona Block Ads\ObronaBlockAds.exe" --hidden, Quarantined, [bb62c2a1a3d944f2ab50e7f18a7a06fa]
 
Registry Data: 0
(No malicious items detected)
 
Folders: 0
(No malicious items detected)
 
Files: 4
PUP.Optional.ShoppingGate.A, C:\Users\Grizzell\AppData\Local\Google\Chrome\User Data\Default\Local Storage\https_inst.shoppingate.info_0.localstorage, Quarantined, [829ba5be1963b2846946097739ca1be5], 
PUP.Optional.ShoppingGate.A, C:\Users\Grizzell\AppData\Local\Google\Chrome\User Data\Default\Local Storage\https_inst.shoppingate.info_0.localstorage-journal, Quarantined, [2af30a59adcf55e1595690f0b35030d0], 
PUP.Optional.ReMarkable.A, C:\Users\Grizzell\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_static.re-markable00.re-markable.net_0.localstorage, Quarantined, [0f0eacb7d3a9de58388ca92a5ea642be], 
PUP.Optional.ReMarkable.A, C:\Users\Grizzell\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_static.re-markable00.re-markable.net_0.localstorage-journal, Quarantined, [ae6fb7ac2d4fcc6a289cab28fd0745bb], 
 
Physical Sectors: 0
(No malicious items detected)
 
 
(end)
Link to post
Share on other sites

FARBAR GENERAL SCAN

 

Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 20-12-2014
Ran by Grizzell (administrator) on GRIZZELL-HP on 20-12-2014 09:04:20
Running from C:\Users\Grizzell\Downloads
Loaded Profiles: Grizzell &  (Available profiles: Grizzell)
Platform: Windows 7 Home Premium Service Pack 1 (X64) OS Language: English (United States)
Internet Explorer Version 11
Boot Mode: Normal
 
==================== Processes (Whitelisted) =================
 
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
 
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\MsMpEng.exe
(Affinegy, Inc.) C:\Program Files (x86)\Time Warner Cable\TWC WiFi\AffinegyService.exe
(BlueStack Systems, Inc.) C:\Program Files (x86)\BlueStacks\HD-LogRotatorService.exe
(Microsoft Corporation) C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe
(Microsoft Corporation) C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe
() C:\Program Files (x86)\Dyyno\Dyyno Broadcaster\launcherd.exe
(MAGIX AG) C:\Program Files (x86)\Common Files\MAGIX Services\Database\bin\FABS.exe
(Hi-Rez Studios) C:\Program Files (x86)\Hi-Rez Studios\HiPatchService.exe
() C:\Program Files (x86)\Hmicroboidin\Hmicroboidin.exe
(Hewlett-Packard Company) C:\Program Files\Hewlett-Packard\HP Client Services\HPClientServices.exe
(LogMeIn, Inc.) C:\Program Files (x86)\LogMeIn Hamachi\LMIGuardianSvc.exe
(PDF Complete Inc) C:\Program Files (x86)\PDF Complete\pdfsvc.exe
() C:\Program Files (x86)\Hmicroboidin\HmicroboidinHelper.exe
() C:\Windows\SysWOW64\PnkBstrA.exe
(Roxio) C:\Program Files (x86)\Roxio\RoxioNow Player\RNowSvc.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft\BingBar\SeaPort.EXE
(WeGame.com, Inc.) C:\Program Files (x86)\WeGame\wgclientservice.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Yahoo! Inc.) C:\Program Files (x86)\Yahoo!\SoftwareUpdate\YahooAUService.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
(LogMeIn Inc.) C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2.exe
(LogMeIn Inc.) C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe
(Hewlett-Packard) C:\Program Files (x86)\Hewlett-Packard\HP Odometer\hpsysdrv.exe
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\msseces.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Integrated Clock Controller Service\ICCProxy.exe
(Valve Corporation) C:\Program Files (x86)\Steam\Steam.exe
(Dropbox, Inc.) C:\Users\Grizzell\AppData\Roaming\Dropbox\bin\Dropbox.exe
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\NisSrv.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Valve Corporation) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
(Valve Corporation) C:\Program Files (x86)\Common Files\Steam\SteamService.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSA_Service.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbam.exe
 
 
==================== Registry (Whitelisted) ==================
 
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
 
HKLM\...\Run: [hpsysdrv] => c:\program files (x86)\hewlett-packard\HP odometer\hpsysdrv.exe [62768 2008-11-20] (Hewlett-Packard)
HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [472984 2013-06-13] (Adobe Systems Incorporated)
HKLM\...\Run: [MSC] => c:\Program Files\Microsoft Security Client\msseces.exe [1331288 2014-08-22] (Microsoft Corporation)
HKLM-x32\...\Run: [QuickTime Task] => C:\Program Files (x86)\QuickTime\QTTask.exe [413696 2008-09-06] (Apple Inc.)
HKLM-x32\...\Run: [LogMeIn Hamachi Ui] => C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe [3838800 2014-12-13] (LogMeIn Inc.)
HKLM\...\RunOnce: [NCPluginUpdater] => C:\Program Files (x86)\Hewlett-Packard\HP Health Check\ActiveCheck\product_line\NCPluginUpdater.exe [21720 2014-06-10] (Hewlett-Packard)
Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)
HKU\S-1-5-21-3947115814-391582577-3851701547-1000\...\Run: [steam] => C:\Program Files (x86)\Steam\steam.exe [1941696 2014-12-19] (Valve Corporation)
HKU\S-1-5-21-3947115814-391582577-3851701547-1000\...\Run: [Obrona Block Ads] => "C:\Users\Grizzell\AppData\Local\Obrona Block Ads\ObronaBlockAds.exe" --hidden
HKU\S-1-5-21-3947115814-391582577-3851701547-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\Run: [steam] => C:\Program Files (x86)\Steam\steam.exe [1941696 2014-12-19] (Valve Corporation)
HKU\S-1-5-21-3947115814-391582577-3851701547-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\Run: [Obrona Block Ads] => "C:\Users\Grizzell\AppData\Local\Obrona Block Ads\ObronaBlockAds.exe" --hidden
AppInit_DLLs: C:\PROGRA~3\FASTAN~1\FASTAN~2.DLL => C:\PROGRA~3\FASTAN~1\FASTAN~2.DLL File Not Found
AppInit_DLLs-x32: c:\progra~3\fastan~1\fastan~1.dll => "c:\progra~3\fastan~1\fastan~1.dll" File Not Found
Startup: C:\Users\Grizzell\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk
ShortcutTarget: Dropbox.lnk -> C:\Users\Grizzell\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ AccExtIco1] -> {AB9CF9F8-8A96-4F9D-BF21-CE85714C3A47} => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSync\CoreSync_v_1_1_0_x64.dll ()
ShellIconOverlayIdentifiers: [ AccExtIco2] -> {853B7E05-C47D-4985-909A-D0DC5C6D7303} => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSync\CoreSync_v_1_1_0_x64.dll ()
ShellIconOverlayIdentifiers: [ AccExtIco3] -> {42D38F2E-98E9-4382-B546-E24E4D6D04BB} => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSync\CoreSync_v_1_1_0_x64.dll ()
CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION
 
==================== Internet (Whitelisted) ====================
 
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
 
ProxyEnable: [.DEFAULT] => Internet Explorer proxy is enabled.
ProxyServer: [.DEFAULT] => http=127.0.0.1:64567;https=127.0.0.1:64567
ProxyEnable: [s-1-5-21-3947115814-391582577-3851701547-1000] => Internet Explorer proxy is enabled.
ProxyServer: [s-1-5-21-3947115814-391582577-3851701547-1000] => http=127.0.0.1:9880;https=127.0.0.1:9880
ProxyEnable: [s-1-5-21-3947115814-391582577-3851701547-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0] => Internet Explorer proxy is enabled.
ProxyServer: [s-1-5-21-3947115814-391582577-3851701547-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0] => http=127.0.0.1:9880;https=127.0.0.1:9880
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com
HKU\S-1-5-21-3947115814-391582577-3851701547-1000\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://g.msn.com/HPDSK/1
HKU\S-1-5-21-3947115814-391582577-3851701547-1000\Software\Microsoft\Internet Explorer\Main,Start Page Restore = http://my.msn.com/
HKU\S-1-5-21-3947115814-391582577-3851701547-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://g.msn.com/HPDSK/1
HKU\S-1-5-21-3947115814-391582577-3851701547-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\Software\Microsoft\Internet Explorer\Main,Start Page Restore = http://my.msn.com/
StartMenuInternet: IEXPLORE.EXE - iexplore.exe
SearchScopes: HKLM -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = http://www.bing.com/search?q={searchTerms}&form=HPDTDF&pc=HPDTDF&src=IE-SearchBox
SearchScopes: HKLM -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = http://www.bing.com/search?q={searchTerms}&form=HPDTDF&pc=HPDTDF&src=IE-SearchBox
SearchScopes: HKLM -> {CC865B26-C31D-4D23-B17B-96548EEF03F6} URL = 
SearchScopes: HKLM -> {D944BB61-2E34-4DBF-A683-47E505C587DC} URL = http://rover.ebay.com/rover/1/711-30572-11896-1/4?mpre=http://shop.ebay.com/?_nkw={searchTerms}
SearchScopes: HKLM-x32 -> DefaultScope value is missing.
SearchScopes: HKLM-x32 -> {D944BB61-2E34-4DBF-A683-47E505C587DC} URL = http://rover.ebay.com/rover/1/711-30572-11896-1/4?mpre=http://shop.ebay.com/?_nkw={searchTerms}
SearchScopes: HKU\S-1-5-21-3947115814-391582577-3851701547-1000 -> DEA9A6185EFB4E3E9B8775B383B1A737 URL = http://mystart.incredibar.com/mb128/?search={searchTerms}&loc=IB_DS&a=6OyKLQYvLH&i=26
SearchScopes: HKU\S-1-5-21-3947115814-391582577-3851701547-1000 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKU\S-1-5-21-3947115814-391582577-3851701547-1000 -> {95B7759C-8C7F-4BF1-B163-73684A933233} URL = http://mysearch.avg.com/search?cid={AEF44082-AE3E-4591-A7F0-B308872E8CF4}&mid=cdaf2b40057c47d281d6d156807bb3b9-19de18beaac1274897fcbb4a0f0fb2aa7a8d5cc1〈=en&ds=oc011&coid=avgtbdisoc&cmpid=&pr=sa&d=2014-07-2412:07:18&v=18.1.8.643&pid=safeguard&sg=&sap=dsp&q={searchTerms}
SearchScopes: HKU\S-1-5-21-3947115814-391582577-3851701547-1000 -> {9F1B4852-253F-424D-87F3-9838F348AED6} URL = http://www.amazon.com/s/ref=azs_osd_iea?ie=UTF-8&tag=hp-us1-vsb-20&link%5Fcode=qs&index=aps&field-keywords={searchTerms}
SearchScopes: HKU\S-1-5-21-3947115814-391582577-3851701547-1000 -> {D944BB61-2E34-4DBF-A683-47E505C587DC} URL = http://rover.ebay.com/rover/1/711-30572-11896-1/4?mpre=http://shop.ebay.com/?_nkw={searchTerms}
SearchScopes: HKU\S-1-5-21-3947115814-391582577-3851701547-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0 -> DEA9A6185EFB4E3E9B8775B383B1A737 URL = http://mystart.incredibar.com/mb128/?search={searchTerms}&loc=IB_DS&a=6OyKLQYvLH&i=26
SearchScopes: HKU\S-1-5-21-3947115814-391582577-3851701547-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKU\S-1-5-21-3947115814-391582577-3851701547-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0 -> {3DB05299-4984-431B-A7BE-318FDC45148A} URL = http://websearch.ask.com/redirect?client=ie&tb=ARCD&o=102810&src=kw&q={searchTerms}&locale=en_US&apn_ptnrs=8W&apn_dtid=YYYYYYUXUS&apn_uid=d49bb555-a504-4614-9d18-9d11e4b73534&apn_sauid=124EAF3B-51BC-4CB7-B35A-D3A712600B6E
SearchScopes: HKU\S-1-5-21-3947115814-391582577-3851701547-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0 -> {95B7759C-8C7F-4BF1-B163-73684A933233} URL = http://mysearch.avg.com/search?cid={AEF44082-AE3E-4591-A7F0-B308872E8CF4}&mid=cdaf2b40057c47d281d6d156807bb3b9-19de18beaac1274897fcbb4a0f0fb2aa7a8d5cc1〈=en&ds=oc011&coid=avgtbdisoc&cmpid=&pr=sa&d=2014-07-2412:07:18&v=18.1.8.643&pid=safeguard&sg=&sap=dsp&q={searchTerms}
SearchScopes: HKU\S-1-5-21-3947115814-391582577-3851701547-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0 -> {9F1B4852-253F-424D-87F3-9838F348AED6} URL = http://www.amazon.com/s/ref=azs_osd_iea?ie=UTF-8&tag=hp-us1-vsb-20&link%5Fcode=qs&index=aps&field-keywords={searchTerms}
SearchScopes: HKU\S-1-5-21-3947115814-391582577-3851701547-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0 -> {D944BB61-2E34-4DBF-A683-47E505C587DC} URL = http://rover.ebay.com/rover/1/711-30572-11896-1/4?mpre=http://shop.ebay.com/?_nkw={searchTerms}
BHO: Java Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO: Skype Click to Call for Internet Explorer -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll (Microsoft Corporation)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
BHO: Java Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
BHO: HP Network Check Helper -> {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} -> C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPluginx64.dll (Hewlett-Packard)
BHO-x32: Java Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO-x32: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO-x32: Windows Live Messenger Companion Helper -> {9FDDE16B-836F-4806-AB1F-1455CBEFF289} -> C:\Program Files (x86)\Windows Live\Companion\companioncore.dll (Microsoft Corporation)
BHO-x32: Skype Click to Call for Internet Explorer -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll (Microsoft Corporation)
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
BHO-x32: No Name -> {B530A9A4-1722-4D16-AAD6-AA85E3AD2ADE} ->  No File
BHO-x32: Bing Bar Helper -> {d2ce3e00-f94a-4740-988e-03dc2f38c34f} -> C:\Program Files (x86)\Microsoft\BingBar\BingExt.dll (Microsoft Corporation.)
BHO-x32: Java Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
BHO-x32: HP Network Check Helper -> {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} -> C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll (Hewlett-Packard)
Toolbar: HKLM-x32 - Bing Bar - {8dcb7100-df86-4384-8842-8fa844297b3f} - C:\Program Files (x86)\Microsoft\BingBar\BingExt.dll (Microsoft Corporation.)
Toolbar: HKU\.DEFAULT -> No Name - {2318C2B1-4965-11D4-9B18-009027A5CD4F} -  No File
Toolbar: HKU\S-1-5-21-3947115814-391582577-3851701547-1000 -> No Name - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} -  No File
Toolbar: HKU\S-1-5-21-3947115814-391582577-3851701547-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0 -> No Name - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} -  No File
DPF: HKLM-x32 {6A060448-60F9-11D5-A6CD-0002B31F7455} 
DPF: HKLM-x32 {C8BC46C7-921C-4102-B67D-F1F7E65FB0BE} https://battlefield.play4free.com/static/updater/BP4FUpdater_1.0.80.2.cab
Handler: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files (x86)\Windows Live\Messenger\msgrapp.dll No File
Handler: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files (x86)\Windows Live\Messenger\msgrapp.dll No File
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Handler: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll (Microsoft Corporation)
Handler-x32: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll (Microsoft Corporation)
Hosts: 127.0.0.1 d3oxij66pru1i3.cloudfront.net
Tcpip\Parameters: [NameServer] 184.172.114.130,208.43.110.90
Tcpip\..\Interfaces\{A7A580A0-E914-4C48-85E9-1FA78A5AE966}: [NameServer] 184.172.114.130,208.43.110.90
Tcpip\..\Interfaces\{DC165870-5533-494C-A007-93E673C686C7}: [NameServer] 184.172.114.130,208.43.110.90
 
FireFox:
========
FF ProfilePath: C:\Users\Grizzell\AppData\Roaming\Mozilla\Firefox\Profiles\8co3y9az.default
FF SearchEngineOrder.3: Bing 
FF SelectedSearchEngine: Groovorio
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_15_0_0_246.dll ()
FF Plugin: @java.com/DTPlugin,version=10.21.2 -> C:\Windows\system32\npDeployJava1.dll (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=10.21.2 -> C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin: @microsoft.com/GENUINE -> disabled No File
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.31211.0\npctrl.dll ( Microsoft Corporation)
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF Plugin: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect64.dll (Adobe Systems)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_15_0_0_246.dll ()
FF Plugin-x32: @adobe.com/ShockwavePlayer -> C:\Windows\SysWOW64\Adobe\Director\np32dsw_1168638.dll (Adobe Systems, Inc.)
FF Plugin-x32: @Google.com/GoogleEarthPlugin -> C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF Plugin-x32: @idsoftware.com/QuakeLive -> C:\ProgramData\id Software\QuakeLive\npquakezero.dll (id Software Inc.)
FF Plugin-x32: @java.com/DTPlugin,version=10.21.2 -> C:\Windows\SysWOW64\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.21.2 -> C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @microsoft.com/GENUINE -> disabled No File
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.31211.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3508.1109 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3538.0513 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3555.0308 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @nexon.net/NxGame -> C:\ProgramData\NexonUS\NGM\npNxGameUS.dll (Nexon)
FF Plugin-x32: @nielsen/FirefoxTracker -> C:\Program Files (x86)\NetRatingsNetSight\NetSight\meter1\FirefoxAddOns\npfirefoxtracker.dll No File
FF Plugin-x32: @pandonetworks.com/PandoWebPlugin -> C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.25.11\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.25.11\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @WildTangent.com/GamesAppPresenceDetector,Version=1.0 -> C:\Program Files (x86)\WildTangent Games\App\BrowserIntegration\Registered\11\NP_wtapp.dll No File
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin-x32: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect32.dll (Adobe Systems)
FF Plugin HKU\S-1-5-21-3947115814-391582577-3851701547-1000: @hulu.com/Hulu Desktop -> C:\Users\Grizzell\AppData\Local\HuluDesktop\instances\0.9.14.1\nphdplg.dll (Hulu LLC)
FF Plugin HKU\S-1-5-21-3947115814-391582577-3851701547-1000: @lightspark.github.com/Lightspark;version=1 -> C:\Program Files (x86)\Lightspark 0.5.3-git\nplightsparkplugin.dll No File
FF Plugin HKU\S-1-5-21-3947115814-391582577-3851701547-1000: @nsroblox.roblox.com/launcher -> C:\Users\Grizzell\AppData\Local\Roblox\Versions\version-d11d3bd1dfae46fa\\NPRobloxProxy.dll ( ROBLOX Corporation)
FF Plugin HKU\S-1-5-21-3947115814-391582577-3851701547-1000: @nsroblox.roblox.com/launcher64 -> C:\Users\Grizzell\AppData\Local\Roblox\Versions\version-d11d3bd1dfae46fa\\NPRobloxProxy64.dll ( ROBLOX Corporation)
FF Plugin HKU\S-1-5-21-3947115814-391582577-3851701547-1000: @Skype Limited.com/Facebook Video Calling Plugin -> C:\Users\Grizzell\AppData\Local\Facebook\Video\Skype\npFacebookVideoCalling.dll (Skype Limited)
FF Plugin HKU\S-1-5-21-3947115814-391582577-3851701547-1000: @unity3d.com/UnityPlayer,version=1.0 -> C:\Users\Grizzell\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll (Unity Technologies ApS)
FF Plugin HKU\S-1-5-21-3947115814-391582577-3851701547-1000: pandonetworks.com/PandoWebPlugin -> C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks)
FF Plugin HKU\S-1-5-21-3947115814-391582577-3851701547-1000: thehappycloud.com/HappyCloudPlugin -> C:\ProgramData\HappyCloud\Application\npHappyCloudPlugin.dll (The Happy Cloud)
FF Plugin HKU\S-1-5-21-3947115814-391582577-3851701547-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0: @hulu.com/Hulu Desktop -> C:\Users\Grizzell\AppData\Local\HuluDesktop\instances\0.9.14.1\nphdplg.dll (Hulu LLC)
FF Plugin HKU\S-1-5-21-3947115814-391582577-3851701547-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0: @lightspark.github.com/Lightspark;version=1 -> C:\Program Files (x86)\Lightspark 0.5.3-git\nplightsparkplugin.dll No File
FF Plugin HKU\S-1-5-21-3947115814-391582577-3851701547-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0: @nsroblox.roblox.com/launcher -> C:\Users\Grizzell\AppData\Local\Roblox\Versions\version-d11d3bd1dfae46fa\\NPRobloxProxy.dll ( ROBLOX Corporation)
FF Plugin HKU\S-1-5-21-3947115814-391582577-3851701547-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0: @nsroblox.roblox.com/launcher64 -> C:\Users\Grizzell\AppData\Local\Roblox\Versions\version-d11d3bd1dfae46fa\\NPRobloxProxy64.dll ( ROBLOX Corporation)
FF Plugin HKU\S-1-5-21-3947115814-391582577-3851701547-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0: @Skype Limited.com/Facebook Video Calling Plugin -> C:\Users\Grizzell\AppData\Local\Facebook\Video\Skype\npFacebookVideoCalling.dll (Skype Limited)
FF Plugin HKU\S-1-5-21-3947115814-391582577-3851701547-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0: @unity3d.com/UnityPlayer,version=1.0 -> C:\Users\Grizzell\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll (Unity Technologies ApS)
FF Plugin HKU\S-1-5-21-3947115814-391582577-3851701547-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0: pandonetworks.com/PandoWebPlugin -> C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks)
FF Plugin HKU\S-1-5-21-3947115814-391582577-3851701547-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0: thehappycloud.com/HappyCloudPlugin -> C:\ProgramData\HappyCloud\Application\npHappyCloudPlugin.dll (The Happy Cloud)
FF user.js: detected! => C:\Users\Grizzell\AppData\Roaming\Mozilla\Firefox\Profiles\8co3y9az.default\user.js
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npCouponPrinter.dll (Coupons, Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npMozCouponPrinter.dll (Coupons, Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\nppdf32.dll (Adobe Systems Inc.)
FF SearchPlugin: C:\Users\Grizzell\AppData\Roaming\Mozilla\Firefox\Profiles\8co3y9az.default\searchplugins\yahoo_ff.xml
FF Extension: No Name - C:\Users\Grizzell\AppData\Roaming\Mozilla\Firefox\Profiles\8co3y9az.default\Extensions\euyu_yeuyk@p-xynmk.edu [2014-07-27]
FF Extension: No Name - C:\Users\Grizzell\AppData\Roaming\Mozilla\Firefox\Profiles\8co3y9az.default\Extensions\zyxrrsf@oyaot.net [2014-06-18]
FF Extension: Skype Click to Call - C:\Program Files (x86)\Mozilla Firefox\browser\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}.xpi [2014-06-21]
FF HKLM-x32\...\Firefox\Extensions: [netsight@nielsen.com] - C:\Program Files (x86)\NetRatingsNetSight\NetSight\meter1\FirefoxAddOns\netsight@nielsen.xpi
FF HKU\S-1-5-21-3947115814-391582577-3851701547-1000\...\Firefox\Extensions: [pp@perk.com] - C:\Program Files (x86)\Perk Prize Panel\FF
FF HKU\S-1-5-21-3947115814-391582577-3851701547-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\Firefox\Extensions: [pp@perk.com] - C:\Program Files (x86)\Perk Prize Panel\FF
FF Extension: No Name - C:\Users\Grizzell\AppData\Roaming\Mozilla\Firefox\Profiles\8co3y9az.default\extensions\firefox@smarterpowerunite.com.xpi [Not Found]
FF Extension: No Name - firefox@smarterpowerunite.com [Not Found]
 
Chrome: 
=======
CHR HomePage: Default -> hxxp://my.myway.com/
CHR StartupUrls: Default -> "hxxp://my.yahoo.com/", "hxxp://my.myway.com/"
CHR DefaultSuggestURL: Default -> {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client={google:suggestClient}&gs_ri={google:suggestRid}&xssi=t&q={searchTerms}&{google:inputType}{google:cursorPosition}{google:currentPageUrl}{google:pageClassification}{google:searchVersion}{google:sessionToken}{google:prefetchQuery}sugkey={google:suggestAPIKeyParameter}
CHR Profile: C:\Users\Grizzell\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Angry Birds) - C:\Users\Grizzell\AppData\Local\Google\Chrome\User Data\Default\Extensions\aknpkdffaafgjchaibgeefbgmgeghloj [2014-12-06]
CHR Extension: (Google Voice Search Hotword (Beta)) - C:\Users\Grizzell\AppData\Local\Google\Chrome\User Data\Default\Extensions\bepbmhgboaologfdajaanbcjmnhjmhfn [2014-05-21]
CHR Extension: (Adblock Plus) - C:\Users\Grizzell\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2014-12-19]
CHR Extension: (Realm of the Mad God) - C:\Users\Grizzell\AppData\Local\Google\Chrome\User Data\Default\Extensions\dhjfmaldpppkmjjgkmadddbanpabfflp [2014-12-06]
CHR Extension: (SlingPlayer for DISH Anywhere) - C:\Users\Grizzell\AppData\Local\Google\Chrome\User Data\Default\Extensions\jcnpmlegoehfgohpkmjhpohjchokamnn [2014-09-29]
CHR Extension: (Pokemon Card Maker) - C:\Users\Grizzell\AppData\Local\Google\Chrome\User Data\Default\Extensions\klanmedmjgiebagececoekdajmcgmikl [2014-12-06]
CHR Extension: (Until AM Web App) - C:\Users\Grizzell\AppData\Local\Google\Chrome\User Data\Default\Extensions\kodigjkcpaoeodlnmcnekemakpnmegnk [2014-12-06]
CHR Extension: (Plants vs Zombies) - C:\Users\Grizzell\AppData\Local\Google\Chrome\User Data\Default\Extensions\mmcegpfdgcoclcdfkjahiimlikdpnina [2014-12-06]
CHR Extension: (Google Wallet) - C:\Users\Grizzell\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2013-08-21]
CHR Extension: (Canvas Rider) - C:\Users\Grizzell\AppData\Local\Google\Chrome\User Data\Default\Extensions\poknhlcknimnnbfcombaooklofipaibk [2014-12-06]
CHR HKLM-x32\...\Chrome\Extension: [cnpkmcjgpcihgfnkcjapiaabbbplkcmf] - C:\Program Files (x86)\Coupons.com CouponBar\chrome\Coupons.com.crx [Not Found]
CHR HKLM-x32\...\Chrome\Extension: [lifbcibllhkdhoafpjfnlhfpfgnpldfl] - C:\Program Files (x86)\Skype\Toolbars\ChromeExtension\skype_chrome_extension.crx [2014-07-14]
 
==================== Services (Whitelisted) =================
 
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
 
S2 Adobe Licensing Console; C:\Windows\SysWOW64\msvfd32.exe [818169 2012-08-23] () [File not signed] <==== ATTENTION
R2 AffinegyService; C:\Program Files (x86)\Time Warner Cable\TWC WiFi\AffinegyService.exe [592720 2013-02-27] (Affinegy, Inc.)
S2 BstHdAndroidSvc; C:\Program Files (x86)\BlueStacks\HD-Service.exe [402192 2013-12-20] (BlueStack Systems, Inc.)
R2 BstHdLogRotatorSvc; C:\Program Files (x86)\BlueStacks\HD-LogRotatorService.exe [385808 2013-12-20] (BlueStack Systems, Inc.)
R2 c2cautoupdatesvc; C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe [1390176 2014-07-14] (Microsoft Corporation)
R2 c2cpnrsvc; C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe [1767520 2014-07-14] (Microsoft Corporation)
R2 Dyyno Launcher; C:\Program Files (x86)\Dyyno\Dyyno Broadcaster\launcherd.exe [415072 2011-01-14] ()
S3 EvoSvc; C:\Program Files\Echobit\Evolve\EvoSvc.exe [1580448 2014-12-06] (Echobit LLC)
R2 Fabs; C:\Program Files (x86)\Common Files\MAGIX Services\Database\bin\FABS.exe [1253376 2009-08-27] (MAGIX AG) [File not signed]
S3 FirebirdServerMAGIXInstance; C:\Program Files (x86)\Common Files\MAGIX Services\Database\bin\fbserver.exe [3276800 2008-08-07] (MAGIX®) [File not signed]
R2 HiPatchService; C:\Program Files (x86)\Hi-Rez Studios\HiPatchService.exe [9216 2014-08-22] (Hi-Rez Studios) [File not signed]
R2 Hmicroboidin; C:\Program Files (x86)\Hmicroboidin\Hmicroboidin.exe [3985408 2014-12-12] () [File not signed]
R2 HP Support Assistant Service; C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe [92160 2013-11-04] (Hewlett-Packard Company) [File not signed]
R2 LMIGuardianSvc; C:\Program Files (x86)\LogMeIn Hamachi\LMIGuardianSvc.exe [417552 2014-12-02] (LogMeIn, Inc.)
R2 MBAMScheduler; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe [1871160 2014-11-21] (Malwarebytes Corporation)
R2 MBAMService; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe [969016 2014-11-21] (Malwarebytes Corporation)
R2 MsMpSvc; c:\Program Files\Microsoft Security Client\MsMpEng.exe [23784 2014-08-22] (Microsoft Corporation)
R3 NisSrv; c:\Program Files\Microsoft Security Client\NisSrv.exe [368624 2014-08-22] (Microsoft Corporation)
S3 npggsvc; C:\Windows\SysWOW64\GameMon.des [3804120 2011-08-07] (INCA Internet Co., Ltd.) [File not signed]
R2 pdfcDispatcher; C:\Program Files (x86)\PDF Complete\pdfsvc.exe [1127448 2011-02-01] (PDF Complete Inc)
R2 PnkBstrA; C:\Windows\SysWOW64\PnkBstrA.exe [76888 2012-10-16] ()
S3 SwitchBoard; C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Adobe Systems Incorporated) [File not signed]
S3 TunngleService; C:\Program Files (x86)\Tunngle\TnglCtrl.exe [743320 2012-10-02] (Tunngle.net GmbH) [File not signed]
R2 WeGameClientService; C:\Program Files (x86)\WeGame\WGClientService.exe [18472 2011-07-28] (WeGame.com, Inc.)
S3 xsherlock; C:\Windows\SysWOW64\xsherlock.xem [677984 2012-03-28] (Wellbia.com Co., Ltd.) [File not signed]
S3 GamesAppIntegrationService; "C:\Program Files (x86)\WildTangent Games\App\GamesAppIntegrationService.exe" [X]
S3 GamesAppService; "C:\Program Files (x86)\WildTangent Games\App\GamesAppService.exe" [X]
 
==================== Drivers (Whitelisted) ====================
 
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
 
R2 BstHdDrv; C:\Program Files (x86)\BlueStacks\HD-Hypervisor-amd64.sys [114448 2013-12-20] (BlueStack Systems)
R3 EvolveVirtualAdapter; C:\Windows\System32\DRIVERS\evolve.sys [21656 2014-07-21] (Echobit, LLC)
S3 LVPr2M64; C:\Windows\System32\DRIVERS\LVPr2M64.sys [30232 2009-04-30] ()
R3 ManyCam; C:\Windows\System32\DRIVERS\mcvidrv.sys [42016 2013-11-26] (Visicom Media Inc.)
R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25816 2014-11-21] (Malwarebytes Corporation)
R3 MBAMSwissArmy; C:\Windows\system32\drivers\MBAMSwissArmy.sys [129752 2014-12-20] (Malwarebytes Corporation)
R3 MBAMWebAccessControl; C:\Windows\system32\drivers\mwac.sys [63704 2014-11-21] (Malwarebytes Corporation)
R3 mcaudrv_simple; C:\Windows\System32\drivers\mcaudrv_x64.sys [35232 2013-12-06] (Visicom Media Inc.)
R0 MpFilter; C:\Windows\System32\DRIVERS\MpFilter.sys [269008 2014-07-17] (Microsoft Corporation)
R1 netfilter64; C:\Windows\System32\drivers\netfilter64.sys [46376 2014-07-11] (NetFilterSDK.com)
R2 NisDrv; C:\Windows\System32\DRIVERS\NisDrvWFP.sys [125584 2014-07-17] (Microsoft Corporation)
S3 NPPTNT2; C:\Windows\SysWOW64\npptNT2.sys [4682 2005-01-04] (INCA Internet Co., Ltd.) [File not signed]
S3 Serial; C:\Windows\system32\drivers\serial.sys [94208 2009-07-13] (Brother Industries Ltd.)
R3 tap0901t; C:\Windows\System32\DRIVERS\tap0901t.sys [31232 2009-09-16] (Tunngle.net)
R4 WinDivert1.1; C:\Program Files (x86)\Hmicroboidin\WinDivert64.sys [37432 2014-12-11] (Basil)
S3 EagleX64; \??\C:\Windows\system32\drivers\EagleX64.sys [X]
S1 lygzpwvb; \??\C:\Windows\system32\drivers\lygzpwvb.sys [X]
S3 sjcst; \??\C:\AeriaGames\EdenEternal\avital\sjcsu64.sys [X]
S3 usj; \??\C:\AeriaGames\EdenEternal\avital\ussjcs64.sys [X]
S3 vtany; \??\C:\Windows\vtany.sys [X]
S3 X6va005; \??\C:\Users\Grizzell\AppData\Local\Temp\00594CB.tmp [X]
S3 X6va007; \??\C:\Users\Grizzell\AppData\Local\Temp\0073E7D.tmp [X]
S3 X6va008; \??\C:\Windows\SysWOW64\Drivers\X6va008 [X]
S3 X6va009; \??\C:\Windows\SysWOW64\Drivers\X6va009 [X]
S3 X6va012; \??\C:\Windows\SysWOW64\Drivers\X6va012 [X]
S3 X6va013; \??\C:\Windows\SysWOW64\Drivers\X6va013 [X]
S3 X6va022; \??\C:\Windows\SysWOW64\Drivers\X6va022 [X]
S3 xhunter1; \??\C:\Windows\xhunter1.sys [X]
S3 xspirit; \??\C:\Windows\xspirit.sys [X]
 
==================== NetSvcs (Whitelisted) ===================
 
(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)
 
 
==================== One Month Created Files and Folders ========
 
(If an entry is included in the fixlist, the file\folder will be moved.)
 
2014-12-20 09:04 - 2014-12-20 09:05 - 00037508 _____ () C:\Users\Grizzell\Downloads\FRST.txt
2014-12-20 09:03 - 2014-12-20 09:04 - 00000000 ____D () C:\FRST
2014-12-20 09:03 - 2014-12-20 09:03 - 02122240 _____ (Farbar) C:\Users\Grizzell\Downloads\FRST64.exe
2014-12-20 09:01 - 2014-12-20 09:02 - 00129752 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2014-12-20 09:00 - 2014-12-20 09:00 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
2014-12-20 09:00 - 2014-12-20 09:00 - 00000000 ____D () C:\ProgramData\Malwarebytes
2014-12-20 09:00 - 2014-12-20 09:00 - 00000000 ____D () C:\Program Files (x86)\Malwarebytes Anti-Malware
2014-12-20 09:00 - 2014-11-21 06:14 - 00093400 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys
2014-12-20 09:00 - 2014-11-21 06:14 - 00063704 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys
2014-12-20 09:00 - 2014-11-21 06:14 - 00025816 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys
2014-12-20 08:59 - 2014-12-20 09:00 - 20447072 _____ (Malwarebytes Corporation ) C:\Users\Grizzell\Downloads\mbam-setup-2.0.4.1028.exe
2014-12-20 08:52 - 2014-12-20 08:52 - 00321848 _____ (Malwarebytes Corporation) C:\Users\Grizzell\Downloads\mbam-clean-2.1.1.1001.exe
2014-12-20 08:48 - 2014-12-20 08:48 - 00002257 _____ () C:\Users\Public\Desktop\Google Chrome.lnk
2014-12-20 08:48 - 2014-12-20 08:48 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome
2014-12-20 08:41 - 2014-12-20 08:41 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\LogMeIn Hamachi
2014-12-20 08:41 - 2014-12-20 08:41 - 00000000 ____D () C:\Program Files (x86)\LogMeIn Hamachi
2014-12-19 21:12 - 2014-12-12 21:09 - 00144384 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2014-12-19 21:12 - 2014-12-12 19:33 - 00115712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2014-12-19 18:19 - 2014-12-19 20:54 - 00000000 ____D () C:\ProgramData\RogueKiller
2014-12-19 18:13 - 2014-12-19 20:54 - 00000000 ____D () C:\Program Files (x86)\ERUNT
2014-12-19 18:13 - 2014-12-19 18:13 - 00000000 ____D () C:\Windows\ERDNT
2014-12-19 18:10 - 2014-12-19 20:53 - 00000000 ____D () C:\Users\Grizzell\Desktop\rkill
2014-12-19 16:56 - 2014-12-19 16:56 - 00000000 _____ () C:\autoexec.bat
2014-12-19 16:55 - 2014-12-19 16:55 - 00000000 ____D () C:\sh4ldr
2014-12-19 16:54 - 2014-12-19 16:54 - 00000000 ____D () C:\Program Files\Enigma Software Group
2014-12-18 17:50 - 2014-12-18 17:52 - 00000292 _____ () C:\Users\Grizzell\Downloads\save2.sav
2014-12-18 13:52 - 2014-12-18 13:52 - 00000000 ____D () C:\Users\Grizzell\Downloads\Livesplit_1.4.51 (1)
2014-12-18 13:51 - 2014-12-18 13:51 - 03704077 _____ () C:\Users\Grizzell\Downloads\Livesplit_1.4.51 (1).zip
2014-12-16 19:17 - 2014-12-16 19:17 - 00007129 _____ () C:\Users\Grizzell\Downloads\Cave Story +.lsl
2014-12-16 18:46 - 2014-12-16 18:46 - 00003929 _____ () C:\Users\Grizzell\Downloads\cave-story.zip
2014-12-16 18:39 - 2014-12-16 18:39 - 00000000 ____D () C:\Users\Grizzell\Downloads\Livesplit_1.4.51
2014-12-16 18:37 - 2014-12-16 18:37 - 03704077 _____ () C:\Users\Grizzell\Downloads\Livesplit_1.4.51.zip
2014-12-15 16:08 - 2014-12-15 16:08 - 00000000 __SHD () C:\Users\Grizzell\AppData\Local\EmieBrowserModeList
2014-12-13 07:59 - 2014-12-13 07:59 - 00000000 __SHD () C:\Program Files (x86)\Hmicroboidin
2014-12-13 07:52 - 2014-12-13 07:52 - 00814735 _____ () C:\Users\Grizzell\Downloads\OptiFine_1.7.9_HD_U_D2.jar
2014-12-10 17:11 - 2014-12-13 07:20 - 00000000 ____D () C:\Users\Grizzell\Downloads\WSplit 1.5.2
2014-12-10 15:57 - 2014-12-13 07:20 - 00000000 ____D () C:\Windows\system32\appraiser
2014-12-10 01:12 - 2014-10-17 18:05 - 04121600 _____ (Microsoft Corporation) C:\Windows\system32\mf.dll
2014-12-10 01:12 - 2014-10-17 17:33 - 03209728 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mf.dll
2014-12-09 12:27 - 2014-12-03 18:50 - 00830976 _____ (Microsoft Corporation) C:\Windows\system32\appraiser.dll
2014-12-09 12:27 - 2014-12-03 18:50 - 00741376 _____ (Microsoft Corporation) C:\Windows\system32\invagent.dll
2014-12-09 12:27 - 2014-12-03 18:50 - 00413184 _____ (Microsoft Corporation) C:\Windows\system32\generaltel.dll
2014-12-09 12:27 - 2014-12-03 18:50 - 00396800 _____ (Microsoft Corporation) C:\Windows\system32\devinv.dll
2014-12-09 12:27 - 2014-12-03 18:50 - 00227328 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll
2014-12-09 12:27 - 2014-12-03 18:50 - 00192000 _____ (Microsoft Corporation) C:\Windows\system32\aepic(28).dll
2014-12-09 12:27 - 2014-12-03 18:44 - 01083392 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2014-12-09 12:27 - 2014-12-01 15:28 - 01232040 _____ (Microsoft Corporation) C:\Windows\system32\aitstatic.exe
2014-12-09 12:27 - 2014-11-26 17:43 - 00389296 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2014-12-09 12:27 - 2014-11-26 17:10 - 00342200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2014-12-09 12:27 - 2014-11-21 19:13 - 25059840 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-12-09 12:27 - 2014-11-21 19:06 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-12-09 12:27 - 2014-11-21 19:06 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2014-12-09 12:27 - 2014-11-21 18:50 - 00580096 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2014-12-09 12:27 - 2014-11-21 18:50 - 00066560 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2014-12-09 12:27 - 2014-11-21 18:49 - 02885120 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2014-12-09 12:27 - 2014-11-21 18:49 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2014-12-09 12:27 - 2014-11-21 18:48 - 00088064 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2014-12-09 12:27 - 2014-11-21 18:41 - 00054784 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2014-12-09 12:27 - 2014-11-21 18:40 - 00034304 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2014-12-09 12:27 - 2014-11-21 18:37 - 00633856 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2014-12-09 12:27 - 2014-11-21 18:35 - 00114688 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2014-12-09 12:27 - 2014-11-21 18:34 - 06039552 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2014-12-09 12:27 - 2014-11-21 18:34 - 00814080 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2014-12-09 12:27 - 2014-11-21 18:26 - 00968704 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2014-12-09 12:27 - 2014-11-21 18:22 - 19749376 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2014-12-09 12:27 - 2014-11-21 18:22 - 00490496 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2014-12-09 12:27 - 2014-11-21 18:20 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2014-12-09 12:27 - 2014-11-21 18:14 - 00077824 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2014-12-09 12:27 - 2014-11-21 18:09 - 00199680 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2014-12-09 12:27 - 2014-11-21 18:08 - 00092160 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2014-12-09 12:27 - 2014-11-21 18:07 - 00501248 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2014-12-09 12:27 - 2014-11-21 18:07 - 00062464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2014-12-09 12:27 - 2014-11-21 18:06 - 00047616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2014-12-09 12:27 - 2014-11-21 18:05 - 00316928 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2014-12-09 12:27 - 2014-11-21 18:05 - 00064000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2014-12-09 12:27 - 2014-11-21 18:01 - 02277888 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2014-12-09 12:27 - 2014-11-21 17:59 - 00047104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2014-12-09 12:27 - 2014-11-21 17:58 - 00030720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2014-12-09 12:27 - 2014-11-21 17:56 - 00478208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2014-12-09 12:27 - 2014-11-21 17:54 - 00620032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2014-12-09 12:27 - 2014-11-21 17:49 - 00800768 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2014-12-09 12:27 - 2014-11-21 17:49 - 00718848 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2014-12-09 12:27 - 2014-11-21 17:47 - 01359360 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2014-12-09 12:27 - 2014-11-21 17:46 - 02125312 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2014-12-09 12:27 - 2014-11-21 17:45 - 00418304 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2014-12-09 12:27 - 2014-11-21 17:43 - 14412800 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2014-12-09 12:27 - 2014-11-21 17:40 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2014-12-09 12:27 - 2014-11-21 17:36 - 00168960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2014-12-09 12:27 - 2014-11-21 17:35 - 00076288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2014-12-09 12:27 - 2014-11-21 17:33 - 00285696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2014-12-09 12:27 - 2014-11-21 17:29 - 04299264 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2014-12-09 12:27 - 2014-11-21 17:28 - 02358272 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2014-12-09 12:27 - 2014-11-21 17:23 - 00688640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2014-12-09 12:27 - 2014-11-21 17:22 - 02052096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2014-12-09 12:27 - 2014-11-21 17:21 - 01155072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2014-12-09 12:27 - 2014-11-21 17:15 - 01548288 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2014-12-09 12:27 - 2014-11-21 17:13 - 12836864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2014-12-09 12:27 - 2014-11-21 17:03 - 00800768 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2014-12-09 12:27 - 2014-11-21 17:00 - 01888256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2014-12-09 12:27 - 2014-11-21 16:56 - 01307136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2014-12-09 12:27 - 2014-11-21 16:54 - 00710144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2014-12-09 12:27 - 2014-11-10 19:09 - 01424384 _____ (Microsoft Corporation) C:\Windows\system32\WindowsCodecs.dll
2014-12-09 12:27 - 2014-11-10 18:44 - 01230336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WindowsCodecs.dll
2014-12-09 12:27 - 2014-11-10 17:46 - 00119296 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tdx.sys
2014-12-09 12:26 - 2014-11-07 19:16 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\tzres.dll
2014-12-09 12:26 - 2014-11-07 18:45 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tzres.dll
2014-12-09 12:26 - 2014-10-29 18:03 - 00165888 _____ (Microsoft Corporation) C:\Windows\system32\charmap.exe
2014-12-09 12:26 - 2014-10-29 17:45 - 00155136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\charmap.exe
2014-12-09 12:26 - 2014-10-02 18:12 - 02020352 _____ (Microsoft Corporation) C:\Windows\system32\WsmSvc.dll
2014-12-09 12:26 - 2014-10-02 18:12 - 00346624 _____ (Microsoft Corporation) C:\Windows\system32\WSManMigrationPlugin.dll
2014-12-09 12:26 - 2014-10-02 18:12 - 00310272 _____ (Microsoft Corporation) C:\Windows\system32\WsmWmiPl.dll
2014-12-09 12:26 - 2014-10-02 18:12 - 00181248 _____ (Microsoft Corporation) C:\Windows\system32\WsmAuto.dll
2014-12-09 12:26 - 2014-10-02 18:11 - 00266240 _____ (Microsoft Corporation) C:\Windows\system32\WSManHTTPConfig.exe
2014-12-09 12:26 - 2014-10-02 17:45 - 01177088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WsmSvc.dll
2014-12-09 12:26 - 2014-10-02 17:45 - 00248832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WSManMigrationPlugin.dll
2014-12-09 12:26 - 2014-10-02 17:45 - 00214016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WsmWmiPl.dll
2014-12-09 12:26 - 2014-10-02 17:45 - 00145920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WsmAuto.dll
2014-12-09 12:26 - 2014-10-02 17:44 - 00198656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WSManHTTPConfig.exe
2014-12-08 20:37 - 2014-12-20 08:57 - 00000000 ___RD () C:\Users\Grizzell\Dropbox
2014-12-08 20:37 - 2014-12-10 16:04 - 00001033 _____ () C:\Users\Grizzell\Desktop\Dropbox.lnk
2014-12-08 20:35 - 2014-12-13 07:20 - 00000000 ____D () C:\Users\Grizzell\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dropbox
2014-12-08 20:34 - 2014-12-20 08:57 - 00000000 ____D () C:\Users\Grizzell\AppData\Roaming\Dropbox
2014-12-08 20:33 - 2014-12-08 20:33 - 00324168 _____ (Dropbox, Inc.) C:\Users\Grizzell\Downloads\DropboxInstaller.exe
2014-12-08 13:31 - 2014-12-08 13:36 - 00112004 _____ () C:\Users\Grizzell\Downloads\OptiFine Mod Installer 1.6.4.exe
2014-12-08 13:28 - 2014-12-13 08:51 - 00000000 ____D () C:\Users\Grizzell\AppData\Roaming\.minecraft
2014-12-07 14:03 - 2014-12-18 17:50 - 00000117 _____ () C:\Users\Grizzell\Downloads\trophy.sav
2014-12-07 14:03 - 2014-12-07 14:05 - 00000603 _____ () C:\Users\Grizzell\Downloads\config.ini
2014-12-07 14:02 - 2014-12-07 14:03 - 46683648 _____ () C:\Users\Grizzell\Downloads\iwbtggv1d2b.exe
2014-12-07 09:50 - 2014-12-07 09:50 - 00191687 _____ () C:\Users\Grizzell\Desktop\ModLoader.zip
2014-12-07 09:43 - 2014-12-07 09:43 - 00675988 _____ () C:\Users\Grizzell\Downloads\Minecraft_User.exe
2014-12-06 23:15 - 2014-12-06 23:15 - 00683424 _____ (Opera Software) C:\Users\Grizzell\Downloads\Opera_NI_stable(2).exe
2014-12-06 23:13 - 2014-12-06 23:13 - 00683424 _____ (Opera Software) C:\Users\Grizzell\Downloads\Opera_NI_stable.exe
2014-12-06 23:13 - 2014-12-06 23:13 - 00683424 _____ (Opera Software) C:\Users\Grizzell\Downloads\Opera_NI_stable(1).exe
2014-12-06 23:10 - 2014-12-06 23:10 - 00001161 ____N () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
2014-12-06 23:10 - 2014-12-06 23:10 - 00001149 _____ () C:\Users\Public\Desktop\Mozilla Firefox.lnk
2014-12-06 23:08 - 2014-12-06 23:09 - 00244104 _____ () C:\Users\Grizzell\Downloads\Firefox Setup Stub 34.0.5.exe
2014-12-06 17:14 - 2014-12-06 17:18 - 317954292 _____ () C:\Users\Grizzell\Downloads\Mario_Kart_Double_Dash_USA_NGC-STARCUBE.rar
2014-12-05 19:55 - 2014-12-06 11:57 - 00165416 _____ () C:\Users\Grizzell\Documents\UNVH Trailer - Azrael.veg
2014-12-05 19:55 - 2014-12-05 19:55 - 00013552 _____ () C:\Users\Grizzell\Documents\UNVH Trailer - Azrael.veg.bak
2014-12-05 19:53 - 2014-12-05 19:53 - 00017278 _____ () C:\Users\Grizzell\Downloads\bebas.zip
2014-12-05 19:47 - 2014-12-05 19:48 - 00285328 _____ () C:\Users\Grizzell\Downloads\Azrael - Tune Out.mp3.sfk
2014-12-05 06:29 - 2014-12-05 06:30 - 00245024 _____ () C:\Users\Grizzell\Downloads\ddddx2 game_10924_i4413352_il345.exe
2014-12-02 18:44 - 2014-12-02 18:44 - 00131116 _____ () C:\Users\Grizzell\Downloads\frankerz.wav
2014-12-01 08:46 - 2014-12-01 08:46 - 00000000 ____D () C:\Users\Grizzell\Downloads\IWBTB
2014-12-01 08:44 - 2014-12-01 08:45 - 135173140 _____ () C:\Users\Grizzell\Downloads\IWBTB.zip
2014-11-30 16:33 - 2014-11-30 16:33 - 00663301 _____ () C:\Users\Grizzell\Downloads\dou_sfx.zip
2014-11-30 16:32 - 2014-11-30 16:32 - 00002528 _____ () C:\Users\Grizzell\Downloads\people_of_the_root.zip
2014-11-30 16:26 - 2014-11-30 16:26 - 00000000 ____D () C:\Users\Grizzell\Downloads\Bfxr_WIN
2014-11-30 16:26 - 2014-11-30 16:26 - 00000000 ____D () C:\Users\Grizzell\AppData\Roaming\com.increpare.bfxr
2014-11-30 16:24 - 2014-11-30 16:25 - 19352502 _____ () C:\Users\Grizzell\Downloads\Bfxr_WIN.zip
2014-11-29 19:34 - 2014-11-29 19:34 - 00010618 _____ () C:\Users\Grizzell\Downloads\Furore.zip
2014-11-29 14:18 - 2014-11-29 14:18 - 00775672 _____ ( ) C:\Users\Grizzell\Downloads\Minecraft (2).exe
2014-11-29 09:45 - 2014-12-13 08:51 - 00000000 ____D () C:\Users\Grizzell\Desktop\DoctorCraft
2014-11-29 09:45 - 2014-11-29 09:45 - 08297745 _____ () C:\Users\Grizzell\Downloads\minecraft_server.1.8.1.exe
2014-11-28 09:15 - 2014-11-28 09:15 - 02332316 _____ () C:\Users\Grizzell\Downloads\forge-1.5.2-7.8.1.738-installer (1).jar
2014-11-28 09:12 - 2014-11-28 09:12 - 00000000 ____D () C:\Users\Grizzell\Downloads\Gulliver Mod Installer (Forge)
2014-11-28 09:10 - 2014-11-28 09:10 - 02331578 _____ () C:\Users\Grizzell\Downloads\forge-1.5.2-7.8.1.737-installer (1).jar
2014-11-28 09:09 - 2014-11-28 09:09 - 01165824 _____ () C:\Users\Grizzell\Downloads\Gulliver Mod Installer (Forge) (1).exe
2014-11-28 09:08 - 2014-11-28 09:08 - 00596979 _____ () C:\Users\Grizzell\Downloads\Gulliver Mod Installer.zip
2014-11-28 09:07 - 2014-11-28 09:07 - 00596803 _____ () C:\Users\Grizzell\Downloads\Gulliver Mod Installer (Forge).zip
2014-11-27 10:08 - 2014-11-27 10:08 - 00000044 _____ () C:\Users\Grizzell\AppData\Roaming\WB.CFG
2014-11-27 08:11 - 2014-11-27 08:11 - 00098385 _____ () C:\Users\Grizzell\Downloads\EPIC MUSIC-Gothic Storm (Epic Emotional) - Allegiance.aup
2014-11-25 21:25 - 2014-11-25 21:25 - 32841360 _____ () C:\Users\Grizzell\Downloads\Banjo-Tooie (USA).zip
2014-11-25 20:10 - 2014-11-25 20:10 - 00002366 _____ () C:\Users\Grizzell\Downloads\Event_Vehicle.zip
2014-11-25 19:57 - 2014-11-25 19:57 - 00184102 _____ () C:\Users\Grizzell\Downloads\Ai_Dogs.zip
2014-11-25 13:22 - 2014-11-25 13:22 - 00000030 _____ () C:\Users\Grizzell\Downloads\frick.avi.sfl
2014-11-25 13:18 - 2014-11-25 13:22 - 2667165696 _____ () C:\Users\Grizzell\Downloads\frick.avi
2014-11-25 13:16 - 2014-11-25 13:22 - 00023616 _____ () C:\Users\Grizzell\Downloads\Dust_Wave.mp4.sfk
2014-11-25 13:16 - 2014-11-25 13:16 - 18037059 _____ () C:\Users\Grizzell\Downloads\Dust_Wave.mp4
2014-11-25 13:13 - 2014-11-25 13:14 - 64275846 _____ () C:\Users\Grizzell\Downloads\Atmosphere_04.mov
2014-11-25 13:01 - 2014-11-25 13:01 - 110004884 _____ () C:\Users\Grizzell\Downloads\Welding_Out-of-Focus_01.mov
2014-11-25 13:00 - 2014-11-25 13:00 - 11904004 _____ () C:\Users\Grizzell\Downloads\Fireball_Wide_01.mov
2014-11-24 18:21 - 2014-11-27 08:11 - 00000000 ____D () C:\Users\Grizzell\Downloads\EPIC MUSIC-Gothic Storm (Epic Emotional) - Allegiance_data
2014-11-23 16:26 - 2014-11-23 16:26 - 00274267 _____ () C:\Users\Grizzell\Downloads\Megaman X (USA).zst
2014-11-23 15:46 - 2014-11-23 15:47 - 00050096 _____ () C:\Users\Grizzell\Documents\(Unknown) - Clip 002.avi.sfk
2014-11-23 15:45 - 2014-11-23 15:46 - 505441792 _____ () C:\Users\Grizzell\Documents\(Unknown) - Clip 002.avi
2014-11-23 12:50 - 2014-11-23 12:50 - 00032824 _____ () C:\Users\Grizzell\Downloads\ggggg.mp3.sfk
2014-11-23 07:40 - 2014-11-23 07:40 - 00426188 _____ () C:\Users\Grizzell\Downloads\OptiFine_1.6.4_HD_D1.jar
2014-11-22 22:18 - 2014-11-22 22:19 - 64057441 _____ () C:\Users\Grizzell\Downloads\Renard - NO.zip
2014-11-22 18:31 - 2014-11-22 18:31 - 00068530 _____ () C:\Users\Grizzell\Downloads\games.htm
2014-11-22 09:53 - 2014-11-22 09:53 - 00018336 _____ () C:\Users\Grizzell\Downloads\silkscreen.ttf
2014-11-22 08:43 - 2014-11-22 08:43 - 01183008 _____ () C:\Users\Grizzell\Downloads\GLSL Shaders Mod Installer 1.6.4.exe
2014-11-22 08:31 - 2014-11-22 08:31 - 01161504 _____ () C:\Users\Grizzell\Downloads\Furniture Mod Installer 1.6.4.exe
2014-11-22 07:41 - 2014-11-22 07:41 - 02269863 _____ () C:\Users\Grizzell\Downloads\forge-1.6.4-9.11.1.965-installer (2).jar
2014-11-22 07:37 - 2014-11-22 07:38 - 01155072 _____ () C:\Users\Grizzell\Downloads\My People Mod Installer.exe
2014-11-22 07:27 - 2014-11-22 07:27 - 02331578 _____ () C:\Users\Grizzell\Downloads\forge-1.5.2-7.8.1.737-installer.jar
2014-11-21 20:37 - 2014-11-21 20:37 - 00065448 _____ () C:\Users\Grizzell\Documents\the master.veg
2014-11-21 20:34 - 2014-11-21 20:36 - 00288568 _____ () C:\Users\Grizzell\Downloads\The X-Files Theme.mp3.sfk
2014-11-21 20:22 - 2014-11-21 20:23 - 00000160 _____ () C:\Users\Grizzell\Downloads\Hitmarker sound stuff.sfk
2014-11-21 20:22 - 2014-11-21 20:22 - 00011752 _____ () C:\Users\Grizzell\Downloads\Hitmarker sound stuff.wav
2014-11-21 20:11 - 2014-11-21 20:11 - 00000537 _____ () C:\Users\Grizzell\Downloads\the master.aup
2014-11-21 20:10 - 2014-11-24 10:14 - 00000000 ____D () C:\Users\Grizzell\Downloads\the master_data
2014-11-21 11:35 - 2014-11-21 20:08 - 00000000 ____D () C:\Users\Grizzell\Downloads\every time i play touhou_data
2014-11-21 11:35 - 2014-11-21 11:35 - 00000548 _____ () C:\Users\Grizzell\Downloads\every time i play touhou.aup
 
==================== One Month Modified Files and Folders =======
 
(If an entry is included in the fixlist, the file\folder will be moved.)
 
2014-12-20 09:02 - 2009-07-13 20:45 - 00024608 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-12-20 09:02 - 2009-07-13 20:45 - 00024608 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-12-20 08:59 - 2011-08-19 13:43 - 01670945 _____ () C:\Windows\WindowsUpdate.log
2014-12-20 08:55 - 2014-08-31 11:20 - 00000000 ____D () C:\Users\Grizzell\AppData\Local\LogMeIn Hamachi
2014-12-20 08:55 - 2011-11-05 06:44 - 00000000 ____D () C:\Program Files (x86)\Steam
2014-12-20 08:55 - 2011-08-17 13:16 - 00000000 ____D () C:\ProgramData\PDFC
2014-12-20 08:54 - 2011-12-03 20:52 - 00000416 _____ () C:\Windows\Tasks\PC Optimizer Pro64 startups.job
2014-12-20 08:54 - 2011-10-12 07:32 - 00000898 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2014-12-20 08:54 - 2011-08-20 18:39 - 00000000 _____ () C:\Windows\system32\Drivers\lvuvc.hs
2014-12-20 08:54 - 2010-11-20 19:47 - 02691280 _____ () C:\Windows\PFRO.log
2014-12-20 08:54 - 2009-07-13 21:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-12-20 08:54 - 2009-07-13 20:51 - 00146629 _____ () C:\Windows\setupact.log
2014-12-20 08:52 - 2011-10-12 07:32 - 00000902 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2014-12-20 08:47 - 2012-06-05 19:15 - 00000000 ____D () C:\Users\Grizzell\AppData\Local\Deployment
2014-12-20 08:47 - 2011-10-12 07:32 - 00003898 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2014-12-20 08:47 - 2011-10-12 07:32 - 00003646 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
2014-12-20 08:45 - 2011-08-19 19:07 - 00000000 ____D () C:\Users\Grizzell\AppData\Local\CrashDumps
2014-12-20 08:45 - 2011-08-19 14:14 - 00000000 ____D () C:\Users\Grizzell\AppData\Local\Google
2014-12-20 08:39 - 2013-03-13 14:43 - 00000000 ____D () C:\Program Files\Microsoft Silverlight
2014-12-20 08:39 - 2013-03-13 14:43 - 00000000 ____D () C:\Program Files (x86)\Microsoft Silverlight
2014-12-20 08:12 - 2012-04-26 08:53 - 00000830 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2014-12-20 08:02 - 2012-08-15 18:57 - 00000940 _____ () C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-3947115814-391582577-3851701547-1000UA.job
2014-12-20 08:02 - 2011-08-20 18:58 - 00000000 ____D () C:\Users\Grizzell\AppData\Roaming\Skype
2014-12-20 07:39 - 2011-08-19 19:36 - 00003950 _____ () C:\Windows\System32\Tasks\User_Feed_Synchronization-{88A50B67-E20D-40F0-B029-53838B175FBC}
2014-12-20 03:05 - 2013-03-13 14:44 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight
2014-12-20 02:04 - 2012-02-05 19:07 - 00000000 ____D () C:\Users\Grizzell\AppData\Local\Adobe
2014-12-19 23:55 - 2011-12-03 17:09 - 00003204 _____ () C:\Windows\System32\Tasks\HPCeeScheduleForGrizzell
2014-12-19 23:55 - 2011-12-03 17:09 - 00000344 _____ () C:\Windows\Tasks\HPCeeScheduleForGrizzell.job
2014-12-19 21:27 - 2011-08-17 13:03 - 00000000 ___HD () C:\Program Files (x86)\InstallShield Installation Information
2014-12-19 21:25 - 2011-08-17 13:09 - 00000000 ____D () C:\ProgramData\CyberLink
2014-12-19 20:56 - 2014-06-26 11:21 - 00000000 ____D () C:\Program Files (x86)\6E6B36EB-9156-411B-B951-C735F4747DCF
2014-12-19 20:56 - 2011-08-19 13:43 - 00000000 ____D () C:\Users\Grizzell
2014-12-19 20:54 - 2014-09-20 08:56 - 00000000 ____D () C:\Program Files (x86)\NCH Software
2014-12-19 20:54 - 2014-09-03 18:16 - 00000000 ____D () C:\Program Files (x86)\GreenGamesAndHam
2014-12-19 20:54 - 2014-07-24 11:06 - 00000000 ____D () C:\ProgramData\AVG Secure Search
2014-12-19 20:54 - 2014-06-15 01:02 - 00000000 ____D () C:\ProgramData\dd380b4786a204e1
2014-12-19 20:54 - 2014-05-07 16:41 - 00000000 ____D () C:\Program Files (x86)\Perk Prize Panel
2014-12-19 20:54 - 2013-09-15 15:19 - 00000000 ____D () C:\Program Files (x86)\osu!
2014-12-19 20:54 - 2012-12-09 18:20 - 00000000 ____D () C:\Users\Grizzell\Documents\Bandicam
2014-12-19 20:54 - 2011-08-20 18:58 - 00000000 ___RD () C:\Program Files (x86)\Skype
2014-12-19 20:54 - 2011-08-17 13:09 - 00000000 ____D () C:\ProgramData\RoxioNow
2014-12-19 20:53 - 2009-07-13 19:20 - 00000000 ____D () C:\Windows\registration
2014-12-19 20:52 - 2011-08-20 18:58 - 00000000 ____D () C:\ProgramData\Skype
2014-12-19 20:50 - 2011-10-12 07:32 - 00000000 ____D () C:\Program Files (x86)\Google
2014-12-17 18:31 - 2011-08-19 13:51 - 00130896 _____ () C:\Users\Grizzell\AppData\Local\GDIPFONTCACHEV1.DAT
2014-12-17 18:29 - 2011-09-06 07:16 - 00000000 ___HD () C:\Windows\msdownld.tmp
2014-12-17 18:28 - 2014-10-28 14:30 - 00000000 ____D () C:\Users\Grizzell\AppData\Local\Eclipse
2014-12-17 18:28 - 2013-07-02 14:06 - 00000000 ____D () C:\Users\Grizzell\Desktop\Techne
2014-12-16 17:21 - 2011-08-17 13:17 - 00000000 ____D () C:\Windows\PCHEALTH
2014-12-15 16:16 - 2014-10-27 16:16 - 00000000 ____D () C:\Users\Grizzell\AppData\Local\Techne
2014-12-14 12:39 - 2013-11-22 19:14 - 00000000 ____D () C:\Program Files\CamStudio 2.7
2014-12-14 03:23 - 2009-07-13 21:32 - 00000000 ____D () C:\Windows\Offline Web Pages
2014-12-13 20:02 - 2012-08-15 18:57 - 00000918 _____ () C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-3947115814-391582577-3851701547-1000Core.job
2014-12-13 11:33 - 2011-10-29 16:46 - 00000000 _____ () C:\Windows\system32\HP_ActiveX_Patch_NOT_DETECTED.txt
2014-12-13 11:33 - 2011-08-20 16:35 - 00000052 _____ () C:\Windows\SysWOW64\DOErrors.log
2014-12-13 11:14 - 2014-10-26 16:32 - 00000000 ____D () C:\Users\Grizzell\Documents\Roblox Things
2014-12-13 11:13 - 2012-06-18 14:15 - 00000000 ____D () C:\Users\Grizzell\AppData\Local\Paint.NET
2014-12-13 07:48 - 2009-07-13 21:13 - 00006444 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-12-13 07:20 - 2014-05-07 02:02 - 00000000 ___SD () C:\Windows\system32\CompatTel
2014-12-13 07:20 - 2012-05-12 07:06 - 00000000 ____D () C:\Users\Grizzell\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Roblox
2014-12-13 07:20 - 2012-04-14 19:40 - 00000000 ____D () C:\Users\Grizzell\AppData\Roaming\Audacity
2014-12-13 07:20 - 2009-07-13 19:20 - 00000000 ____D () C:\Windows\servicing
2014-12-13 07:20 - 2009-07-13 19:20 - 00000000 ____D () C:\Windows\rescache
2014-12-13 07:20 - 2009-07-13 19:20 - 00000000 ____D () C:\Windows\PolicyDefinitions
2014-12-13 07:20 - 2009-07-13 19:20 - 00000000 ____D () C:\Windows\AppCompat
2014-12-13 07:20 - 2009-07-13 19:20 - 00000000 ____D () C:\Program Files\Common Files\Microsoft Shared
2014-12-13 07:18 - 2013-12-24 14:10 - 00000000 ____D () C:\Users\Grizzell\AppData\Local\WSplitTimer
2014-12-13 07:05 - 2011-08-19 16:10 - 00000000 ____D () C:\ProgramData\Recovery
2014-12-10 17:56 - 2014-08-16 15:47 - 00012411 _____ () C:\Users\Grizzell\Downloads\Furbeee.pdn
2014-12-10 01:25 - 2011-08-19 14:22 - 00000000 ____D () C:\ProgramData\Microsoft Help
2014-12-10 01:23 - 2013-07-15 02:01 - 00000000 ____D () C:\Windows\system32\MRT
2014-12-10 01:13 - 2011-08-19 22:45 - 112710672 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2014-12-09 11:12 - 2012-04-26 08:53 - 00701104 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2014-12-09 11:12 - 2012-04-26 08:53 - 00003768 _____ () C:\Windows\System32\Tasks\Adobe Flash Player Updater
2014-12-09 11:12 - 2011-08-19 16:55 - 00071344 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2014-12-08 19:31 - 2014-06-02 17:25 - 00000000 ____D () C:\PaintToolSAI
2014-12-08 19:08 - 2014-07-28 11:26 - 00611647 _____ () C:\Users\Grizzell\Downloads\Beta Tester.pdn
2014-12-07 09:03 - 2014-10-27 16:16 - 00000000 ____D () C:\Users\Grizzell\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\ZeuX and r4wk
2014-12-06 23:10 - 2014-06-21 15:12 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2014-12-06 23:10 - 2012-11-23 13:14 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service
2014-12-06 23:06 - 2013-02-17 12:48 - 00000000 ____D () C:\Users\Grizzell\Desktop\ExBuilder1's stuff
2014-12-06 23:03 - 2009-07-13 20:45 - 05072016 _____ () C:\Windows\system32\FNTCACHE.DAT
2014-12-06 20:48 - 2013-06-18 10:05 - 00000000 ____D () C:\Users\Grizzell\Documents\NGC Games
2014-12-01 18:58 - 2013-02-02 15:34 - 00000000 ____D () C:\Users\Grizzell\Documents\ROBLOX
2014-12-01 16:38 - 2013-02-02 11:15 - 00000000 ____D () C:\Users\Grizzell\Documents\TrackMania
2014-11-30 13:07 - 2013-01-02 13:25 - 00000000 ____D () C:\Users\Grizzell\Documents\N64 Games
2014-11-26 17:59 - 2013-05-04 15:35 - 00000000 ____D () C:\Users\Grizzell\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Steam
2014-11-25 18:53 - 2013-11-08 12:34 - 00000000 ____D () C:\Users\Grizzell\AppData\Local\ManyCam
2014-11-25 09:49 - 2013-11-07 14:31 - 00033512 _____ () C:\Users\Grizzell\Documents\Megaman X Part 1.veg
2014-11-24 17:36 - 2013-11-07 14:31 - 00034104 _____ () C:\Users\Grizzell\Documents\Megaman X Part 1.veg.bak
2014-11-24 17:24 - 2014-03-20 09:17 - 00021759 _____ () C:\Users\Grizzell\Downloads\zsnesw.cfg
2014-11-24 17:24 - 2014-03-20 09:17 - 00003806 _____ () C:\Users\Grizzell\Downloads\zinput.cfg
2014-11-24 17:17 - 2014-03-20 09:17 - 00002480 _____ () C:\Users\Grizzell\Downloads\zmovie.cfg
2014-11-24 17:17 - 2013-09-19 13:59 - 00000253 _____ () C:\Users\Grizzell\Downloads\rominfo.txt
2014-11-23 16:44 - 2013-03-08 19:09 - 00000000 ____D () C:\Users\Grizzell\Documents\Nintendo4an1's Video Audio
2014-11-23 16:00 - 2014-08-22 19:49 - 00000000 ____D () C:\Games
2014-11-23 15:55 - 2012-01-06 14:02 - 00000000 ____D () C:\Program Files\FileIO Plug-Ins
2014-11-23 15:50 - 2011-08-19 18:06 - 00000000 ____D () C:\Nexon
2014-11-21 18:23 - 2014-10-03 21:09 - 00338552 _____ () C:\Users\Grizzell\Documents\MARIO KARTALYMPICS SEASON 1.veg
2014-11-21 11:48 - 2014-10-03 21:09 - 00338552 _____ () C:\Users\Grizzell\Documents\MARIO KARTALYMPICS SEASON 1.veg.bak
 
Files to move or delete:
====================
C:\ProgramData\hash.dat
C:\Users\Grizzell\jagex_cl_runescape_LIVE.dat
C:\Users\Grizzell\random.dat
 
 
Some content of TEMP:
====================
C:\Users\Grizzell\AppData\Local\Temp\1371786419_Cloud_Backup_Setup.exe
C:\Users\Grizzell\AppData\Local\Temp\1397546401_2040_2061_BetterMarkIt.exe
C:\Users\Grizzell\AppData\Local\Temp\bbchcabebebaa.exe
C:\Users\Grizzell\AppData\Local\Temp\ChangeIcon.exe
C:\Users\Grizzell\AppData\Local\Temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmp3tggvr.dll
C:\Users\Grizzell\AppData\Local\Temp\dsp_ipp.dll
C:\Users\Grizzell\AppData\Local\Temp\insHalgk4.exe
C:\Users\Grizzell\AppData\Local\Temp\jansi-32-git-Bukkit-1.7.9-R0.1-10-g8688bd4-b3092jnks.dll
C:\Users\Grizzell\AppData\Local\Temp\jansi-32-git-Bukkit-1.7.9-R0.2-1-ga6e0bfd-b3095jnks.dll
C:\Users\Grizzell\AppData\Local\Temp\jansi-64-git-Bukkit-1.5.2-R0.1-b2771jnks.dll
C:\Users\Grizzell\AppData\Local\Temp\nsa4FC6.exe
C:\Users\Grizzell\AppData\Local\Temp\nsa7428.exe
C:\Users\Grizzell\AppData\Local\Temp\nsaC2AB.exe
C:\Users\Grizzell\AppData\Local\Temp\nsd44BC.exe
C:\Users\Grizzell\AppData\Local\Temp\nsd4817.exe
C:\Users\Grizzell\AppData\Local\Temp\nsf5BC9.exe
C:\Users\Grizzell\AppData\Local\Temp\nsfBD9B.exe
C:\Users\Grizzell\AppData\Local\Temp\nsh59A7.tmp.exe
C:\Users\Grizzell\AppData\Local\Temp\nsi99E4.exe
C:\Users\Grizzell\AppData\Local\Temp\nslC867.exe
C:\Users\Grizzell\AppData\Local\Temp\nsn4151.exe
C:\Users\Grizzell\AppData\Local\Temp\nss931E.exe
C:\Users\Grizzell\AppData\Local\Temp\nsv56AA.exe
C:\Users\Grizzell\AppData\Local\Temp\nsy964B.exe
C:\Users\Grizzell\AppData\Local\Temp\ObronaBlockAds.exe
C:\Users\Grizzell\AppData\Local\Temp\oi_{9BBE9EF8-C3A4-41E3-9E3A-A60EF055A921}.exe
C:\Users\Grizzell\AppData\Local\Temp\Quarantine.exe
C:\Users\Grizzell\AppData\Local\Temp\SendMsg.dll
C:\Users\Grizzell\AppData\Local\Temp\SkypeSetup.exe
C:\Users\Grizzell\AppData\Local\Temp\sp_downloader.exe
C:\Users\Grizzell\AppData\Local\Temp\System.Data.SQLite.dll
C:\Users\Grizzell\AppData\Local\Temp\System.Data.SQLite10076.dll
C:\Users\Grizzell\AppData\Local\Temp\System.Data.SQLite10861.dll
C:\Users\Grizzell\AppData\Local\Temp\System.Data.SQLite11069.dll
C:\Users\Grizzell\AppData\Local\Temp\System.Data.SQLite11074.dll
C:\Users\Grizzell\AppData\Local\Temp\System.Data.SQLite11228.dll
C:\Users\Grizzell\AppData\Local\Temp\System.Data.SQLite11269.dll
C:\Users\Grizzell\AppData\Local\Temp\System.Data.SQLite11437.dll
C:\Users\Grizzell\AppData\Local\Temp\System.Data.SQLite11485.dll
C:\Users\Grizzell\AppData\Local\Temp\System.Data.SQLite11867.dll
C:\Users\Grizzell\AppData\Local\Temp\System.Data.SQLite12039.dll
C:\Users\Grizzell\AppData\Local\Temp\System.Data.SQLite12147.dll
C:\Users\Grizzell\AppData\Local\Temp\System.Data.SQLite12406.dll
C:\Users\Grizzell\AppData\Local\Temp\System.Data.SQLite13502.dll
C:\Users\Grizzell\AppData\Local\Temp\System.Data.SQLite14393.dll
C:\Users\Grizzell\AppData\Local\Temp\System.Data.SQLite15782.dll
C:\Users\Grizzell\AppData\Local\Temp\System.Data.SQLite15904.dll
C:\Users\Grizzell\AppData\Local\Temp\System.Data.SQLite16011.dll
C:\Users\Grizzell\AppData\Local\Temp\System.Data.SQLite16425.dll
C:\Users\Grizzell\AppData\Local\Temp\System.Data.SQLite17451.dll
C:\Users\Grizzell\AppData\Local\Temp\System.Data.SQLite18280.dll
C:\Users\Grizzell\AppData\Local\Temp\System.Data.SQLite18424.dll
C:\Users\Grizzell\AppData\Local\Temp\System.Data.SQLite18473.dll
C:\Users\Grizzell\AppData\Local\Temp\System.Data.SQLite19736.dll
C:\Users\Grizzell\AppData\Local\Temp\System.Data.SQLite20307.dll
C:\Users\Grizzell\AppData\Local\Temp\System.Data.SQLite20703.dll
C:\Users\Grizzell\AppData\Local\Temp\System.Data.SQLite21019.dll
C:\Users\Grizzell\AppData\Local\Temp\System.Data.SQLite21502.dll
C:\Users\Grizzell\AppData\Local\Temp\System.Data.SQLite21595.dll
C:\Users\Grizzell\AppData\Local\Temp\System.Data.SQLite22555.dll
C:\Users\Grizzell\AppData\Local\Temp\System.Data.SQLite22636.dll
C:\Users\Grizzell\AppData\Local\Temp\System.Data.SQLite22800.dll
C:\Users\Grizzell\AppData\Local\Temp\System.Data.SQLite22878.dll
C:\Users\Grizzell\AppData\Local\Temp\System.Data.SQLite23163.dll
C:\Users\Grizzell\AppData\Local\Temp\System.Data.SQLite24138.dll
C:\Users\Grizzell\AppData\Local\Temp\System.Data.SQLite24323.dll
C:\Users\Grizzell\AppData\Local\Temp\System.Data.SQLite24379.dll
C:\Users\Grizzell\AppData\Local\Temp\System.Data.SQLite24479.dll
C:\Users\Grizzell\AppData\Local\Temp\System.Data.SQLite24518.dll
C:\Users\Grizzell\AppData\Local\Temp\System.Data.SQLite26364.dll
C:\Users\Grizzell\AppData\Local\Temp\System.Data.SQLite26919.dll
C:\Users\Grizzell\AppData\Local\Temp\System.Data.SQLite27398.dll
C:\Users\Grizzell\AppData\Local\Temp\System.Data.SQLite27535.dll
C:\Users\Grizzell\AppData\Local\Temp\System.Data.SQLite27857.dll
C:\Users\Grizzell\AppData\Local\Temp\System.Data.SQLite28989.dll
C:\Users\Grizzell\AppData\Local\Temp\System.Data.SQLite29473.dll
C:\Users\Grizzell\AppData\Local\Temp\System.Data.SQLite30129.dll
C:\Users\Grizzell\AppData\Local\Temp\System.Data.SQLite30159.dll
C:\Users\Grizzell\AppData\Local\Temp\System.Data.SQLite30336.dll
C:\Users\Grizzell\AppData\Local\Temp\System.Data.SQLite30541.dll
C:\Users\Grizzell\AppData\Local\Temp\System.Data.SQLite31995.dll
C:\Users\Grizzell\AppData\Local\Temp\System.Data.SQLite32060.dll
C:\Users\Grizzell\AppData\Local\Temp\System.Data.SQLite32626.dll
C:\Users\Grizzell\AppData\Local\Temp\System.Data.SQLite32852.dll
C:\Users\Grizzell\AppData\Local\Temp\System.Data.SQLite33032.dll
C:\Users\Grizzell\AppData\Local\Temp\System.Data.SQLite33375.dll
C:\Users\Grizzell\AppData\Local\Temp\System.Data.SQLite33771.dll
C:\Users\Grizzell\AppData\Local\Temp\System.Data.SQLite34133.dll
C:\Users\Grizzell\AppData\Local\Temp\System.Data.SQLite36210.dll
C:\Users\Grizzell\AppData\Local\Temp\System.Data.SQLite36809.dll
C:\Users\Grizzell\AppData\Local\Temp\System.Data.SQLite37092.dll
C:\Users\Grizzell\AppData\Local\Temp\System.Data.SQLite37469.dll
C:\Users\Grizzell\AppData\Local\Temp\System.Data.SQLite37696.dll
C:\Users\Grizzell\AppData\Local\Temp\System.Data.SQLite37811.dll
C:\Users\Grizzell\AppData\Local\Temp\System.Data.SQLite39042.dll
C:\Users\Grizzell\AppData\Local\Temp\System.Data.SQLite39110.dll
C:\Users\Grizzell\AppData\Local\Temp\System.Data.SQLite40712.dll
C:\Users\Grizzell\AppData\Local\Temp\System.Data.SQLite41195.dll
C:\Users\Grizzell\AppData\Local\Temp\System.Data.SQLite41263.dll
C:\Users\Grizzell\AppData\Local\Temp\System.Data.SQLite41649.dll
C:\Users\Grizzell\AppData\Local\Temp\System.Data.SQLite41813.dll
C:\Users\Grizzell\AppData\Local\Temp\System.Data.SQLite42329.dll
C:\Users\Grizzell\AppData\Local\Temp\System.Data.SQLite42501.dll
C:\Users\Grizzell\AppData\Local\Temp\System.Data.SQLite43480.dll
C:\Users\Grizzell\AppData\Local\Temp\System.Data.SQLite43485.dll
C:\Users\Grizzell\AppData\Local\Temp\System.Data.SQLite44550.dll
C:\Users\Grizzell\AppData\Local\Temp\System.Data.SQLite44615.dll
C:\Users\Grizzell\AppData\Local\Temp\System.Data.SQLite46042.dll
C:\Users\Grizzell\AppData\Local\Temp\System.Data.SQLite46180.dll
C:\Users\Grizzell\AppData\Local\Temp\System.Data.SQLite46485.dll
C:\Users\Grizzell\AppData\Local\Temp\System.Data.SQLite46763.dll
C:\Users\Grizzell\AppData\Local\Temp\System.Data.SQLite47020.dll
C:\Users\Grizzell\AppData\Local\Temp\System.Data.SQLite47722.dll
C:\Users\Grizzell\AppData\Local\Temp\System.Data.SQLite48133.dll
C:\Users\Grizzell\AppData\Local\Temp\System.Data.SQLite48663.dll
C:\Users\Grizzell\AppData\Local\Temp\System.Data.SQLite49244.dll
C:\Users\Grizzell\AppData\Local\Temp\System.Data.SQLite49858.dll
C:\Users\Grizzell\AppData\Local\Temp\System.Data.SQLite50659.dll
C:\Users\Grizzell\AppData\Local\Temp\System.Data.SQLite50781.dll
C:\Users\Grizzell\AppData\Local\Temp\System.Data.SQLite51305.dll
C:\Users\Grizzell\AppData\Local\Temp\System.Data.SQLite52253.dll
C:\Users\Grizzell\AppData\Local\Temp\System.Data.SQLite52949.dll
C:\Users\Grizzell\AppData\Local\Temp\System.Data.SQLite53270.dll
C:\Users\Grizzell\AppData\Local\Temp\System.Data.SQLite54378.dll
C:\Users\Grizzell\AppData\Local\Temp\System.Data.SQLite54466.dll
C:\Users\Grizzell\AppData\Local\Temp\System.Data.SQLite54784.dll
C:\Users\Grizzell\AppData\Local\Temp\System.Data.SQLite54795.dll
C:\Users\Grizzell\AppData\Local\Temp\System.Data.SQLite55238.dll
C:\Users\Grizzell\AppData\Local\Temp\System.Data.SQLite55584.dll
C:\Users\Grizzell\AppData\Local\Temp\System.Data.SQLite55828.dll
C:\Users\Grizzell\AppData\Local\Temp\System.Data.SQLite56035.dll
C:\Users\Grizzell\AppData\Local\Temp\System.Data.SQLite56396.dll
C:\Users\Grizzell\AppData\Local\Temp\System.Data.SQLite56560.dll
C:\Users\Grizzell\AppData\Local\Temp\System.Data.SQLite56661.dll
C:\Users\Grizzell\AppData\Local\Temp\System.Data.SQLite57333.dll
C:\Users\Grizzell\AppData\Local\Temp\System.Data.SQLite57407.dll
C:\Users\Grizzell\AppData\Local\Temp\System.Data.SQLite59387.dll
C:\Users\Grizzell\AppData\Local\Temp\System.Data.SQLite59883.dll
C:\Users\Grizzell\AppData\Local\Temp\System.Data.SQLite60601.dll
C:\Users\Grizzell\AppData\Local\Temp\System.Data.SQLite61171.dll
C:\Users\Grizzell\AppData\Local\Temp\System.Data.SQLite61566.dll
C:\Users\Grizzell\AppData\Local\Temp\System.Data.SQLite61629.dll
C:\Users\Grizzell\AppData\Local\Temp\System.Data.SQLite62025.dll
C:\Users\Grizzell\AppData\Local\Temp\System.Data.SQLite62068.dll
C:\Users\Grizzell\AppData\Local\Temp\System.Data.SQLite62080.dll
C:\Users\Grizzell\AppData\Local\Temp\System.Data.SQLite62476.dll
C:\Users\Grizzell\AppData\Local\Temp\System.Data.SQLite62519.dll
C:\Users\Grizzell\AppData\Local\Temp\System.Data.SQLite64114.dll
C:\Users\Grizzell\AppData\Local\Temp\System.Data.SQLite64542.dll
C:\Users\Grizzell\AppData\Local\Temp\System.Data.SQLite65212.dll
C:\Users\Grizzell\AppData\Local\Temp\System.Data.SQLite66117.dll
C:\Users\Grizzell\AppData\Local\Temp\System.Data.SQLite66445.dll
C:\Users\Grizzell\AppData\Local\Temp\System.Data.SQLite66509.dll
C:\Users\Grizzell\AppData\Local\Temp\System.Data.SQLite66706.dll
C:\Users\Grizzell\AppData\Local\Temp\System.Data.SQLite66725.dll
C:\Users\Grizzell\AppData\Local\Temp\System.Data.SQLite66886.dll
C:\Users\Grizzell\AppData\Local\Temp\System.Data.SQLite67043.dll
C:\Users\Grizzell\AppData\Local\Temp\System.Data.SQLite67095.dll
C:\Users\Grizzell\AppData\Local\Temp\System.Data.SQLite67348.dll
C:\Users\Grizzell\AppData\Local\Temp\System.Data.SQLite67525.dll
C:\Users\Grizzell\AppData\Local\Temp\System.Data.SQLite69318.dll
C:\Users\Grizzell\AppData\Local\Temp\System.Data.SQLite69802.dll
C:\Users\Grizzell\AppData\Local\Temp\System.Data.SQLite70265.dll
C:\Users\Grizzell\AppData\Local\Temp\System.Data.SQLite70836.dll
C:\Users\Grizzell\AppData\Local\Temp\System.Data.SQLite70991.dll
C:\Users\Grizzell\AppData\Local\Temp\System.Data.SQLite71374.dll
C:\Users\Grizzell\AppData\Local\Temp\System.Data.SQLite71384.dll
C:\Users\Grizzell\AppData\Local\Temp\System.Data.SQLite71465.dll
C:\Users\Grizzell\AppData\Local\Temp\System.Data.SQLite72261.dll
C:\Users\Grizzell\AppData\Local\Temp\System.Data.SQLite72542.dll
C:\Users\Grizzell\AppData\Local\Temp\System.Data.SQLite73574.dll
C:\Users\Grizzell\AppData\Local\Temp\System.Data.SQLite73579.dll
C:\Users\Grizzell\AppData\Local\Temp\System.Data.SQLite73766.dll
C:\Users\Grizzell\AppData\Local\Temp\System.Data.SQLite74020.dll
C:\Users\Grizzell\AppData\Local\Temp\System.Data.SQLite74144.dll
C:\Users\Grizzell\AppData\Local\Temp\System.Data.SQLite74762.dll
C:\Users\Grizzell\AppData\Local\Temp\System.Data.SQLite75664.dll
C:\Users\Grizzell\AppData\Local\Temp\System.Data.SQLite75732.dll
C:\Users\Grizzell\AppData\Local\Temp\System.Data.SQLite75814.dll
C:\Users\Grizzell\AppData\Local\Temp\System.Data.SQLite76563.dll
C:\Users\Grizzell\AppData\Local\Temp\System.Data.SQLite76616.dll
C:\Users\Grizzell\AppData\Local\Temp\System.Data.SQLite77643.dll
C:\Users\Grizzell\AppData\Local\Temp\System.Data.SQLite78119.dll
C:\Users\Grizzell\AppData\Local\Temp\System.Data.SQLite78826.dll
C:\Users\Grizzell\AppData\Local\Temp\System.Data.SQLite79130.dll
C:\Users\Grizzell\AppData\Local\Temp\System.Data.SQLite79292.dll
C:\Users\Grizzell\AppData\Local\Temp\System.Data.SQLite80082.dll
C:\Users\Grizzell\AppData\Local\Temp\System.Data.SQLite80204.dll
C:\Users\Grizzell\AppData\Local\Temp\System.Data.SQLite80242.dll
C:\Users\Grizzell\AppData\Local\Temp\System.Data.SQLite80760.dll
C:\Users\Grizzell\AppData\Local\Temp\System.Data.SQLite80771.dll
C:\Users\Grizzell\AppData\Local\Temp\System.Data.SQLite81913.dll
C:\Users\Grizzell\AppData\Local\Temp\System.Data.SQLite83347.dll
C:\Users\Grizzell\AppData\Local\Temp\System.Data.SQLite83640.dll
C:\Users\Grizzell\AppData\Local\Temp\System.Data.SQLite83682.dll
C:\Users\Grizzell\AppData\Local\Temp\System.Data.SQLite83689.dll
C:\Users\Grizzell\AppData\Local\Temp\System.Data.SQLite84505.dll
C:\Users\Grizzell\AppData\Local\Temp\System.Data.SQLite84938.dll
C:\Users\Grizzell\AppData\Local\Temp\System.Data.SQLite85614.dll
C:\Users\Grizzell\AppData\Local\Temp\System.Data.SQLite85737.dll
C:\Users\Grizzell\AppData\Local\Temp\System.Data.SQLite86141.dll
C:\Users\Grizzell\AppData\Local\Temp\System.Data.SQLite86331.dll
C:\Users\Grizzell\AppData\Local\Temp\System.Data.SQLite86465.dll
C:\Users\Grizzell\AppData\Local\Temp\System.Data.SQLite86767.dll
C:\Users\Grizzell\AppData\Local\Temp\System.Data.SQLite86777.dll
C:\Users\Grizzell\AppData\Local\Temp\System.Data.SQLite86782.dll
C:\Users\Grizzell\AppData\Local\Temp\System.Data.SQLite87484.dll
C:\Users\Grizzell\AppData\Local\Temp\System.Data.SQLite87640.dll
C:\Users\Grizzell\AppData\Local\Temp\System.Data.SQLite88288.dll
C:\Users\Grizzell\AppData\Local\Temp\System.Data.SQLite89143.dll
C:\Users\Grizzell\AppData\Local\Temp\System.Data.SQLite89680.dll
C:\Users\Grizzell\AppData\Local\Temp\System.Data.SQLite89855.dll
C:\Users\Grizzell\AppData\Local\Temp\System.Data.SQLite91816.dll
C:\Users\Grizzell\AppData\Local\Temp\System.Data.SQLite91918.dll
C:\Users\Grizzell\AppData\Local\Temp\System.Data.SQLite92033.dll
C:\Users\Grizzell\AppData\Local\Temp\System.Data.SQLite92460.dll
C:\Users\Grizzell\AppData\Local\Temp\System.Data.SQLite94645.dll
C:\Users\Grizzell\AppData\Local\Temp\System.Data.SQLite94887.dll
C:\Users\Grizzell\AppData\Local\Temp\System.Data.SQLite95455.dll
C:\Users\Grizzell\AppData\Local\Temp\System.Data.SQLite95565.dll
C:\Users\Grizzell\AppData\Local\Temp\System.Data.SQLite95841.dll
C:\Users\Grizzell\AppData\Local\Temp\System.Data.SQLite95990.dll
C:\Users\Grizzell\AppData\Local\Temp\System.Data.SQLite96152.dll
C:\Users\Grizzell\AppData\Local\Temp\System.Data.SQLite96186.dll
C:\Users\Grizzell\AppData\Local\Temp\System.Data.SQLite97343.dll
C:\Users\Grizzell\AppData\Local\Temp\System.Data.SQLite97456.dll
C:\Users\Grizzell\AppData\Local\Temp\System.Data.SQLite97575.dll
C:\Users\Grizzell\AppData\Local\Temp\System.Data.SQLite99708.dll
C:\Users\Grizzell\AppData\Local\Temp\uninst.exe
C:\Users\Grizzell\AppData\Local\Temp\UNINSTALL.EXE
C:\Users\Grizzell\AppData\Local\Temp\vbmz10.exe
C:\Users\Grizzell\AppData\Local\Temp\xmlUpdater.exe
 
 
==================== Bamital & volsnap Check =================
 
(There is no automatic fix for files that do not pass verification.)
 
C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed
 
 
LastRegBack: 2014-12-15 07:18
 

 

==================== End Of Log ============================

 

Link to post
Share on other sites

FARBAR ADDITIONAL SCAN

 

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 20-12-2014
Ran by Grizzell at 2014-12-20 09:07:46
Running from C:\Users\Grizzell\Downloads
Boot Mode: Normal
==========================================================
 
 
==================== Security Center ========================
 
(If an entry is included in the fixlist, it will be removed.)
 
AV: Microsoft Security Essentials (Enabled - Up to date) {4F35CFC4-45A3-FC37-EF17-759A02E39AB1}
AS: Microsoft Security Essentials (Enabled - Up to date) {F4542E20-6399-F3B9-D5A7-4EE87964D00C}
AS: Windows Defender (Disabled - Out of date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
 
==================== Installed Programs ======================
 
(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
 
7-Zip 9.22beta (HKLM-x32\...\7-Zip) (Version:  - )
8BitMMO (HKLM-x32\...\Steam App 250420) (Version:  - Archive Entertainment)
Ace of Spades (HKLM-x32\...\Steam App 224540) (Version:  - )
Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 3.1.0.4880 - Adobe Systems Incorporated)
Adobe Community Help (HKLM-x32\...\chc.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1) (Version: 3.4.980 - Adobe Systems Incorporated.)
Adobe Creative Cloud (HKLM-x32\...\Adobe Creative Cloud) (Version: 2.1.1.220 - Adobe Systems Incorporated)
Adobe Download Assistant (HKLM-x32\...\com.adobe.downloadassistant.AdobeDownloadAssistant) (Version: 1.0.6 - Adobe Systems Incorporated)
Adobe Flash Media Live Encoder 3.1 (HKLM-x32\...\{37491A3D-B2A6-402D-898E-5C4EF3984C29}) (Version: 3.1.0 - Adobe Systems Incorporated)
Adobe Flash Player 13 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 13.0.0.214 - Adobe Systems Incorporated)
Adobe Flash Player 15 Plugin (HKLM-x32\...\Adobe Flash Player Plugin) (Version: 15.0.0.246 - Adobe Systems Incorporated)
Adobe Photoshop CS6 (HKLM-x32\...\{74EB3499-8B95-4B5C-96EB-7B342F3FD0C6}) (Version: 13.0 - Adobe Systems Incorporated)
Adobe Reader XI (11.0.07) (HKLM-x32\...\{AC76BA86-7AD7-1033-7B44-AB0000000001}) (Version: 11.0.07 - Adobe Systems Incorporated)
Adobe Shockwave Player 11.6 (HKLM-x32\...\Adobe Shockwave Player) (Version: 11.6.8.638 - Adobe Systems, Inc.)
Agatha Christie - Peril at End House (x32 Version: 2.2.0.95 - WildTangent) Hidden
Akamai NetSession Interface (HKU\S-1-5-21-3947115814-391582577-3851701547-1000\...\Akamai) (Version:  - Akamai Technologies, Inc)
Akamai NetSession Interface (HKU\S-1-5-21-3947115814-391582577-3851701547-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\Akamai) (Version:  - Akamai Technologies, Inc)
Alliance of Valiant Arms (HKLM-x32\...\Steam App 102700) (Version:  - )
Amnesia: The Dark Descent Demo  (HKLM-x32\...\Steam App 57310) (Version:  - )
Apple Application Support (HKLM-x32\...\{A83279FD-CA4B-4206-9535-90974DE76654}) (Version: 2.1.5 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)
Arctic Combat (HKLM-x32\...\Steam App 212370) (Version:  - )
Arma 3 Alpha Lite (HKLM-x32\...\Steam App 228800) (Version:  - Bohemia Interactive)
Astro Tripper Demo (HKLM-x32\...\Steam App 201170) (Version:  - )
Atlantica (HKLM-x32\...\Steam App 212240) (Version:  - )
Audacity 2.0 (HKLM-x32\...\Audacity_is1) (Version:  - Audacity Team)
Audiosurf (HKLM-x32\...\Steam App 12900) (Version:  - BestGameEver)
Autodesk MatchMover 2012 64-bit (HKLM\...\{4529F749-C362-4119-AFA0-0A3F1CA924AB}) (Version: 14.00.0000 - Autodesk)
Autodesk Maya 2012 64-bit (HKLM\...\Autodesk Maya 2012 64-bit) (Version: 14.0.0.0 - Autodesk)
Autodesk Maya 2012 64-bit (Version: 14.0.0.0 - Autodesk) Hidden
Bandicam (HKLM-x32\...\Bandicam) (Version:  - Bandisoft.com)
Bandisoft MPEG-1 Decoder (HKLM-x32\...\BandiMPEG1) (Version:  - )
BattleBlock Theater (HKLM-x32\...\Steam App 238460) (Version:  - The Behemoth)
Battlefield Play4Free (HKU\S-1-5-21-3947115814-391582577-3851701547-1000\...\{87686C21-8A15-4b4d-A3F1-11141D9BE094}) (Version:  - EA Digital illusions)
Battlefield Play4Free (HKU\S-1-5-21-3947115814-391582577-3851701547-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\{87686C21-8A15-4b4d-A3F1-11141D9BE094}) (Version:  - EA Digital illusions)
BeatBuddy (HKLM-x32\...\Steam App 213410) (Version:  - )
Bejeweled 2 Deluxe (x32 Version: 2.2.0.95 - WildTangent) Hidden
Bejeweled 3 (x32 Version: 2.2.0.95 - WildTangent) Hidden
Bing Bar (HKLM-x32\...\{449CE12D-E2C7-4B97-B19E-55D163EA9435}) (Version: 7.0.619.0 - Microsoft Corporation)
Bing Rewards Client Installer (x32 Version: 16.0.345.0 - Microsoft Corporation) Hidden
BitTorrent (HKU\S-1-5-21-3947115814-391582577-3851701547-1000\...\BitTorrent) (Version: 7.9.2.34947 - BitTorrent Inc.)
BitTorrent (HKU\S-1-5-21-3947115814-391582577-3851701547-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\BitTorrent) (Version: 7.9.2.34947 - BitTorrent Inc.)
Blackhawk Striker 2 (x32 Version: 2.2.0.95 - WildTangent) Hidden
Blacklight: Retribution (HKLM-x32\...\Steam App 209870) (Version:  - )
Blasterball 3 (x32 Version: 2.2.0.95 - WildTangent) Hidden
Blender (HKLM\...\Blender) (Version: 2.72b - Blender Foundation)
Blockland (HKLM-x32\...\Steam App 250340) (Version:  - Eric Hartman)
Blocks That Matter Demo (HKLM-x32\...\Steam App 200570) (Version:  - )
Bloodline Champions (HKLM-x32\...\Steam App 6370) (Version:  - Stunlock Studios)
BlueStacks App Player (HKLM-x32\...\BlueStacks App Player) (Version: 0.8.4.3036 - BlueStack Systems, Inc.)
BlueStacks Notification Center (HKLM-x32\...\{44181DF6-2751-48C7-B918-72F14508F127}) (Version: 0.8.4.3036 - BlueStack Systems, Inc.)
Borderlands 2 Repack (HKLM-x32\...\Borderlands 2_is1) (Version: 1.8.2 - 2K Games, Repack by Joker_RETURNS)
Bounce Symphony (x32 Version: 2.2.0.95 - WildTangent) Hidden
Breath of Death VII  (HKLM-x32\...\Steam App 107300) (Version:  - )
BrickForce 1.4.40 (HKLM-x32\...\BrickForce) (Version: 1.4.40 - Infernum Productions AG)
Brink (HKLM-x32\...\Steam App 22350) (Version:  - Splash Damage)
Build-a-lot 2 (x32 Version: 2.2.0.95 - WildTangent) Hidden
C9 (HKLM-x32\...\Steam App 212390) (Version:  - )
Cake Mania (x32 Version: 2.2.0.95 - WildTangent) Hidden
Call of Duty: Modern Warfare 3 (HKLM-x32\...\Steam App 42680) (Version:  - Infinity Ward - Sledgehammer Games)
CameraHelperMsi (x32 Version: 13.25.1010.0 - Logitech) Hidden
CamStudio 2.7.2 (HKLM\...\{04B83666-3A62-452B-85D3-70F8117F2329}_is1) (Version: 2.7.2 - CamStudio Open Source)
CamStudio OSS Desktop Recorder (HKLM-x32\...\{FD9C31B6-F572-414D-81E3-89368C97A125}_is1) (Version: 2.6 Beta r294 - CamStudio Open Source Dev Team)
Cave Story+ (HKLM-x32\...\Steam App 200900) (Version:  - Nicalis)
Champions of Regnum (HKLM-x32\...\Steam App 222520) (Version:  - )
Champions Online: Free For All (HKLM-x32\...\Steam App 9880) (Version:  - Cryptic Studios)
Chuzzle Deluxe (x32 Version: 2.2.0.95 - WildTangent) Hidden
Cisco Connect (HKLM-x32\...\Cisco Connect) (Version: 1.4.11299.0 - Cisco Consumer Products LLC)
Combat Arms (HKLM-x32\...\Combat Arms) (Version:  - )
Combat Arms (HKLM-x32\...\Steam App 212180) (Version:  - )
Composite 2012 64-bit (HKLM\...\{EA234BC3-39FE-4734-B72F-076086889F6D}) (Version: 7.0.0 - Autodesk)
Counter-Strike: Global Offensive (HKLM-x32\...\Steam App 730) (Version:  - Valve)
Counter-Strike: Source (HKLM-x32\...\Steam App 240) (Version:  - Valve)
Counter-Strike: Source Beta (HKLM-x32\...\Steam App 260) (Version:  - )
Coupon Printer for Windows (HKLM-x32\...\Coupon Printer for Windows5.0.0.2) (Version: 5.0.0.2 - Coupons.com Incorporated)
Creation Kit (HKLM-x32\...\Steam App 202480) (Version:  - )
Cthulhu Saves the World  (HKLM-x32\...\Steam App 107310) (Version:  - )
D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
Data Jammers: FastForward Demo (HKLM-x32\...\Steam App 110520) (Version:  - )
DC Universe Online (HKLM-x32\...\Steam App 24200) (Version:  - Sony Online Entertainment)
DCS World (HKLM-x32\...\Steam App 223750) (Version:  - Eagle Dynamics)
Dead Island Riptide (HKLM-x32\...\Steam App 216250) (Version:  - Techland)
Debut Video Capture Software (HKLM-x32\...\Debut) (Version:  - NCH Software)
Defiance (HKLM-x32\...\Steam App 224600) (Version:  - Trion Worlds, Inc.)
Diner Dash 2 Restaurant Rescue (x32 Version: 2.2.0.95 - WildTangent) Hidden
DLC Quest (HKLM-x32\...\Steam App 230050) (Version:  - Going Loud Studios)
Dora's World Adventure (x32 Version: 2.2.0.95 - WildTangent) Hidden
Dota 2 (HKLM-x32\...\Steam App 570) (Version:  - Valve)
Dragon Nest (HKLM-x32\...\Steam App 11610) (Version:  - )
DragonNest (HKLM-x32\...\DragonNest) (Version:  - )
Dragons Prophet (HKU\S-1-5-21-3947115814-391582577-3851701547-1000\...\SOE-Dragons Prophet) (Version:  - Sony Online Entertainment)
Dragons Prophet (HKU\S-1-5-21-3947115814-391582577-3851701547-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\SOE-Dragons Prophet) (Version:  - Sony Online Entertainment)
Dropbox (HKU\S-1-5-21-3947115814-391582577-3851701547-1000\...\Dropbox) (Version: 3.0.3 - Dropbox, Inc.)
Dropbox (HKU\S-1-5-21-3947115814-391582577-3851701547-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\Dropbox) (Version: 3.0.3 - Dropbox, Inc.)
Dual-Core Optimizer (HKLM-x32\...\{9FD6F1A8-5550-46AF-8509-271DF0E768B5}) (Version: 1.1.4.0169 - AMD)
Dungeon Defenders (HKLM-x32\...\Steam App 65800) (Version:  - )
Dungeon Defenders Demo (HKLM-x32\...\Steam App 201680) (Version:  - )
Dungeon Fighter Online (HKLM-x32\...\Steam App 212220) (Version:  - )
Dungeons & Dragons Online ®:  Eberron Unlimited ™ v01.14.00.802 (HKLM-x32\...\bc8a6440-918f-11dd-ad8b-0800200c9a66_is1) (Version: 01.14.00.8025 - Atari, Inc.)
Dungeons & Dragons Online® (HKLM-x32\...\Steam App 206480) (Version:  - )
Dwarfs F2P (HKLM-x32\...\Steam App 213650) (Version:  - )
Dyyno Broadcaster (HKLM-x32\...\Dyyno Broadcaster) (Version:  - Dyyno, Inc.)
E.Y.E: Divine Cybermancy (HKLM-x32\...\Steam App 91700) (Version:  - Streum On Studio)
EdenEternal (HKLM-x32\...\EdenEternal) (Version:  - )
EDGE Demo (HKLM-x32\...\Steam App 38750) (Version:  - Two Tribes)
Elsword version v3.0710.7.1 (HKLM-x32\...\{E655DDFC-24DB-4FC3-8474-271E911309B4}_is1) (Version: v3.0710.7.1 - Kill3rCombo)
erLT (x32 Version: 1.20.138.34 - Logitech, Inc.) Hidden
EVE Online (remove only) (HKLM-x32\...\EVE) (Version:  - CCP Games Ltd.)
EverQuest II (HKLM-x32\...\Steam App 201230) (Version:  - Sony Online Entertainment)
Evolve (HKLM\...\{670B1B49-9FD3-4827-9B41-471EFF580AA8}) (Version: 1.8.9 - Echobit, LLC)
Express Burn Disc Burning Software (HKLM-x32\...\ExpressBurn) (Version:  - NCH Software)
Express Zip File Compression Software (HKLM-x32\...\ExpressZip) (Version:  - NCH Software)
Ezvid (HKLM-x32\...\{F96D619D-99D6-4C9C-A393-0CD22DE1CA66}_is1) (Version: 0.8.9.5 - Ezvid, inc.)
F1 2012 Demo (HKLM-x32\...\Steam App 211940) (Version:  - )
Facebook Video Calling 3.1.0.521 (HKLM-x32\...\{2091F234-EB58-4B80-8C96-8EB78C808CF7}) (Version: 3.1.521 - Skype Limited)
FaceReader  (HKLM-x32\...\FaceReader) (Version:  - Digipop-Media)
Farm Frenzy (x32 Version: 2.2.0.95 - WildTangent) Hidden
FATE - The Traitor Soul (x32 Version: 2.2.0.95 - WildTangent) Hidden
Firebird SQL Server - MAGIX Edition (HKLM-x32\...\{34EB6245-C8D0-4D8A-B8D8-EEBFF7A91485}) (Version: 2.1.27.0 - MAGIX AG)
Firefall (HKLM-x32\...\Steam App 227700) (Version:  - Red 5 Studios)
FL Studio 10 (HKLM-x32\...\FL Studio 10) (Version:  - Image-Line)
FL Studio 11 (HKLM-x32\...\FL Studio 11) (Version:  - Image-Line)
FlowStone FL 3.0 (HKLM-x32\...\FlowStone) (Version:  - )
FormatFactory 3.2.0.1 (HKLM-x32\...\FormatFactory) (Version: 3.2.0.1 - Free Time)
Fraps (remove only) (HKLM-x32\...\Fraps) (Version:  - )
Friendship is Memories (HKLM-x32\...\Friendship is Memories_is1) (Version:  - Fghik)
Frontline Tactics (HKLM-x32\...\Steam App 218310) (Version:  - )
Game Dev Tycoon v1.4.16 build 240714 (HKLM-x32\...\Game Dev Tycoon v1.4.16 build 2407141.4.16) (Version: 1.4.16 - Friends in War)
Game Dev Tycoon version 1.4.16 (HKLM-x32\...\{BAAB62B3-52E6-4478-BE93-46AC955300FE}_is1) (Version: 1.4.16 - )
GameMaker: Studio (HKLM-x32\...\Steam App 214850) (Version:  - )
GameMaker-Studio 1.2 (HKU\S-1-5-21-3947115814-391582577-3851701547-1000\...\GameMaker-Studio12) (Version:  - YoYo Games Ltd.)
GameMaker-Studio 1.2 (HKU\S-1-5-21-3947115814-391582577-3851701547-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\GameMaker-Studio12) (Version:  - YoYo Games Ltd.)
Garry's Mod (HKLM-x32\...\Steam App 4000) (Version:  - Team Garry)
Garry's Mod 13 Beta (HKLM-x32\...\Steam App 4010) (Version:  - TEAM GARRY)
GCFScape 1.8.3 (HKLM\...\GCFScape_is1) (Version:  - Ryan Gregg)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 39.0.2171.95 - Google Inc.)
Google Earth Plug-in (HKLM-x32\...\{4AB54F11-2F8C-11E3-B09F-B8AC6F97B88E}) (Version: 7.1.2.2041 - Google)
Google Update Helper (x32 Version: 1.3.25.11 - Google Inc.) Hidden
Half Minute Hero: Super Mega Neo Climax Ultimate Boy (HKLM-x32\...\Steam App 214830) (Version:  - )
Half-Life 2 (HKLM-x32\...\Steam App 220) (Version:  - Valve)
Half-Life 2: Episode One (HKLM-x32\...\Steam App 380) (Version:  - Valve)
Happy Cloud Client (HKU\S-1-5-21-3947115814-391582577-3851701547-1000\...\HappyCloud) (Version: 3.72 - Happy Cloud, Inc.)
Happy Cloud Client (HKU\S-1-5-21-3947115814-391582577-3851701547-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\HappyCloud) (Version: 3.72 - Happy Cloud, Inc.)
HAWKEN (HKLM-x32\...\Steam App 271290) (Version:  - Adhesive Games)
Hewlett-Packard ACLM.NET v1.2.2.3 (x32 Version: 1.00.0000 - Hewlett-Packard Company) Hidden
Hi-Rez Studios Authenticate and Update Service (HKLM-x32\...\{3C87E0FF-BC0A-4F5E-951B-68DC3F8DF1FC}) (Version: 3.0.0.0 - Hi-Rez Studios)
HP Deskjet 1000 J110 series Basic Device Software (HKLM\...\{883B114D-BD3E-498F-9DAD-5E4A8E1C43BA}) (Version: 22.50.231.0 - Hewlett-Packard Co.)
HP Deskjet 1000 J110 series Help (HKLM-x32\...\{DDDFCC77-7F9C-45E9-B38E-721BA599BA0C}) (Version: 140.0.65.65 - Hewlett Packard)
HP Games (HKLM-x32\...\WildTangent hp Master Uninstall) (Version: 1.0.2.4 - WildTangent)
HP LinkUp (HKLM-x32\...\{C1AD9241-3ADD-483F-914D-071F3E50855A}) (Version: 2.01.026 - Hewlett-Packard)
HP MediaSmart/TouchSmart Netflix (HKLM-x32\...\{BB760C1D-98F4-4E38-8CC4-3B67329AA981}) (Version: 1.0.6.0 - Hewlett-Packard)
HP MovieStore (HKLM-x32\...\{9008D736-35CA-40DB-A2BE-5F32D954E5AA}) (Version: 2.0 - Hewlett-Packard)
HP Odometer (HKLM-x32\...\{B8AC1A89-FFD1-4F97-8051-E505A160F562}) (Version: 2.10.0000 - Hewlett-Packard)
HP Setup (HKLM-x32\...\{210A03F5-B2ED-4947-B27E-516F50CBB292}) (Version: 8.6.4530.3651 - Hewlett-Packard Company)
HP Setup Manager (HKLM-x32\...\{AE856388-AFAD-4753-81DF-D96B19D0A17C}) (Version: 1.1.13253.3682 - Hewlett-Packard Company)
HP Support Assistant (HKLM-x32\...\{E35A3B13-78CD-4967-8AC8-AA9FDA693EDE}) (Version: 7.4.45.4 - Hewlett-Packard Company)
HP Support Information (HKLM-x32\...\{7F2A11F4-EAE8-4325-83EC-E3E99F85169E}) (Version: 10.1.1000 - Hewlett-Packard)
HP Update (HKLM-x32\...\{DE77FE3F-A33D-499A-87AD-5FC406617B40}) (Version: 5.002.003.003 - Hewlett-Packard)
HP Vision Hardware Diagnostics (HKLM\...\{D79A02E9-6713-4335-9668-AAC7474C0C0E}) (Version: 2.5.0.0 - Hewlett-Packard)
HPDiagnosticAlert (x32 Version: 1.00.0000 - Microsoft) Hidden
Hulu Desktop (HKU\S-1-5-21-3947115814-391582577-3851701547-1000\...\HuluDesktop) (Version: 0.9.14 - Hulu LLC)
Hulu Desktop (HKU\S-1-5-21-3947115814-391582577-3851701547-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\HuluDesktop) (Version: 0.9.14 - Hulu LLC)
HyperCam 2 (HKLM-x32\...\HyperCam 2) (Version: 2.25.01 - Hyperionics Technology LLC)
IL Download Manager (HKLM-x32\...\IL Download Manager) (Version:  - Image-Line)
IL Minihost Modular (HKLM-x32\...\IL Minihost Modular) (Version:  - Image-Line)
IL Shared Libraries (HKLM-x32\...\IL Shared Libraries) (Version:  - Image-Line)
IL Vocodex (HKLM-x32\...\IL Vocodex) (Version:  - Image-Line)
Intel® Control Center (HKLM-x32\...\{F8A9085D-4C7A-41a9-8A77-C8998A96C421}) (Version: 1.2.1.1007 - Intel Corporation)
Intel® Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 7.0.0.1144 - Intel Corporation)
Intel® Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 9.17.10.3223 - Intel Corporation)
Intel® SDK for OpenCL - CPU Only Runtime Package (HKLM-x32\...\{FCB3772C-B7D0-4933-B1A9-3707EBACC573}) (Version: 2.0.0.37149 - Intel Corporation)
Internet TV for Windows Media Center (HKLM-x32\...\{9D318C86-AF4C-409F-A6AC-7183FF4CF424}) (Version: 4.2.2.0 - Microsoft Corporation)
Java 7 Update 21 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F86417021FF}) (Version: 7.0.210 - Oracle)
Java 7 Update 21 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83217021FF}) (Version: 7.0.210 - Oracle)
Java SE Development Kit 7 Update 21 (64-bit) (HKLM\...\{64A3A4F4-B792-11D6-A78A-00B0D0170210}) (Version: 1.7.0.210 - Oracle)
Java 6 Update 31 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83216031FF}) (Version: 6.0.310 - Oracle)
Junk Mail filter update (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Killing Floor (HKLM-x32\...\Steam App 1250) (Version:  - Tripwire Interactive)
Kobo (HKLM-x32\...\Kobo) (Version: 1.6 - Kobo Inc.)
Lagarith lossless video codec (Remove Only) (HKLM-x32\...\LAGARITH) (Version:  - )
LAME v3.99.3 (for Windows) (HKLM-x32\...\LAME_is1) (Version:  - )
League of Legends (HKLM-x32\...\{92606477-9366-4D3B-8AE3-6BE4B29727AB}) (Version: 1.3 - Riot Games)
Left 4 Dead 2 (HKLM-x32\...\Steam App 550) (Version:  - Valve)
Left 4 Dead 2 Add-on Support (HKLM-x32\...\Steam App 564) (Version:  - Valve)
Lernout & Hauspie TruVoice American English TTS Engine (HKLM-x32\...\tv_enua) (Version:  - )
Lightworks (HKLM-x32\...\{E94DD4E4-7746-472c-AA7B-1242FED0CFC8}) (Version: 10.0.35.2 - Lightworks)
Loadout (HKLM-x32\...\Steam App 208090) (Version:  - Edge of Reality)
Logitech Vid HD (HKLM-x32\...\Logitech Vid) (Version: 7.2 (7248) - Logitech Inc..)
Logitech Webcam Software (HKLM-x32\...\{D40EB009-0499-459c-A8AF-C9C110766215}) (Version: 2.0 - Logitech Inc.)
Logitech Webcam Software Driver Package (HKLM\...\lvdrivers_12.0) (Version: 12.0.1278 - Logitech Inc.)
LogMeIn Hamachi (HKLM-x32\...\LogMeIn Hamachi) (Version: 2.2.0.291 - LogMeIn, Inc.)
LogMeIn Hamachi (x32 Version: 2.2.0.291 - LogMeIn, Inc.) Hidden
LWS VideoEffects (Version: 13.25.1005.0 - Logitech) Hidden
Mabinogi (HKLM-x32\...\Mabinogi) (Version:  - devCAT)
Magic 2014  (HKLM-x32\...\Steam App 213850) (Version:  - Stainless Games)
MAGIX Music Maker 16 Premium Download Version (HKLM-x32\...\MAGIX Music Maker 16 Premium Download Version UK) (Version: 16.0.0.30 - MAGIX AG)
MAGIX Screenshare (HKLM-x32\...\MAGIX Screenshare UK) (Version: 4.3.6.1987 - MAGIX AG)
MAGIX Speed burnR (HKLM-x32\...\MAGIX Speed burnR UK) (Version: 6.0.1.2 - MAGIX AG)
Mah Jong Medley (x32 Version: 2.2.0.95 - WildTangent) Hidden
Malwarebytes Anti-Malware version 2.0.4.1028 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.0.4.1028 - Malwarebytes Corporation)
ManyCam 4.0.77 (HKLM-x32\...\ManyCam) (Version: 4.0.77 - Visicom Media Inc.)
MapleStory (HKLM-x32\...\Steam App 216150) (Version:  - )
Marble Blast Gold (HKLM-x32\...\Marble Blast Gold) (Version:  - )
Marble Blast Ultra version 1.6 Beta 2 (HKLM-x32\...\{B841E8D2-153F-4CF2-8C6B-3E2ADCEE0F47}_is1) (Version: 1.6 Beta 2 - GarageGames)
Mass Effect 2 Demo (HKLM-x32\...\Steam App 47760) (Version:  - BioWare)
McPixel version 1.0.4 (HKLM-x32\...\McPixel_is1) (Version: 1.0.4 - Sos)
Mesh Runtime (x32 Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Messenger Companion (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Microsoft .NET Framework 1.1 (HKLM-x32\...\Microsoft .NET Framework 1.1  (1033)) (Version:  - )
Microsoft .NET Framework 4.5.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft AppLocale (HKLM-x32\...\{394BE3D9-7F57-4638-A8D1-1D88671913B7}) (Version: 1.0.0 - MS)
Microsoft Camera Codec Pack (HKLM\...\{D553E8CC-5C56-4B06-AC1A-A443DFF31092}) (Version: 6.3.9723.0 - Microsoft Corporation)
Microsoft Chart Controls for Microsoft .NET Framework 3.5 (KB2500170) (HKLM-x32\...\{41785C66-90F2-40CE-8CB5-1C94BFC97280}) (Version: 3.5.30730.0 - Microsoft Corporation)
Microsoft Office Home and Student 2010 (HKLM-x32\...\Office14.SingleImage) (Version: 14.0.7015.1000 - Microsoft Corporation)
Microsoft Office Outlook Connector (HKLM-x32\...\{95140000-007A-0409-0000-0000000FF1CE}) (Version: 14.0.5118.5000 - Microsoft Corporation)
Microsoft Outlook Social Connector Provider for Windows Live Messenger 32-bit (HKLM-x32\...\{95140000-007D-0409-0000-0000000FF1CE}) (Version: 14.0.5120.5000 - Microsoft Corporation)
Microsoft Security Essentials (HKLM\...\Microsoft Security Client) (Version: 4.6.305.0 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.31211.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft SQL Server Compact 3.5 SP2 ENU (HKLM-x32\...\{3A9FC03D-C685-4831-94CF-4EDFD3749497}) (Version: 3.5.8080.0 - Microsoft Corporation)
Microsoft SQL Server Compact 3.5 SP2 x64 ENU (HKLM\...\{D4AD39AD-091E-4D33-BB2B-59F6FCB8ADC3}) (Version: 3.5.8080.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 ATL Update kb973923 - x64 8.0.50727.4053 (HKLM\...\{B6E3757B-5E77-3915-866A-CCFC4B8D194C}) (Version: 8.0.50727.4053 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{A49F249F-0C91-497F-86DF-B2585E8E76B7}) (Version: 8.0.50727.42 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{071c9b48-7c32-4621-a0ac-3f809523288f}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}) (Version: 8.0.59192 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.21022 (HKLM\...\{350AA351-21FA-3270-8B7A-835434E766AD}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729 (HKLM-x32\...\{887868A2-D6DE-3255-AA92-AA0B5A59B874}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.60610 (HKLM-x32\...\{a1909659-0a08-4554-8af1-2175904903a1}) (Version: 11.0.60610.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.60610 (HKLM-x32\...\{95716cce-fc71-413f-8ad5-56c2892d4b3a}) (Version: 11.0.60610.1 - Microsoft Corporation)
Microsoft Windows Application Compatibility Database (HKLM\...\{deb7008b-681e-4a4a-8aae-cc833e8216ce}.sdb) (Version:  - )
Microsoft XNA Framework Redistributable 4.0 Refresh (HKLM-x32\...\{D69C8EDE-BBC5-436B-8E0E-C5A6D311CF4F}) (Version: 4.0.30901.0 - Microsoft Corporation)
MixPad Audio Mixer (HKLM-x32\...\MixPad) (Version:  - NCH Software)
Mixxx 1.11.0 (HKLM-x32\...\Mixxx (1.11.0)) (Version: 1.11.0 - The Mixxx Development Team)
Monaco (HKLM-x32\...\Steam App 113020) (Version:  - Pocketwatch Games)
Moonbase Alpha (HKLM-x32\...\Steam App 39000) (Version:  - Virtual Heroes)
Mozilla Firefox 34.0.5 (x86 en-US) (HKLM-x32\...\Mozilla Firefox 34.0.5 (x86 en-US)) (Version: 34.0.5 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 34.0.5 - Mozilla)
MPlayer (remove only) (HKLM-x32\...\MPlayer) (Version:  - )
MSVCRT Redists (Version: 1.0 - Sony Creative Software Inc.) Hidden
MSXML 4.0 SP2 (KB954430) (HKLM-x32\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM-x32\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
Mystery P.I. - Stolen in San Francisco (x32 Version: 2.2.0.95 - WildTangent) Hidden
Namco All-Stars PAC-MAN (x32 Version: 2.2.0.95 - WildTangent) Hidden
Nexon Game Manager (HKLM-x32\...\{EA2DB6E0-72C5-4ef9-A3A0-E6705F4A6A9E}) (Version:  - )
No-IP DUC (HKLM-x32\...\NoIPDUC) (Version: 4.0.1 - Vitalwerks Internet Solutions LLC)
Notepad++ (HKLM-x32\...\Notepad++) (Version: 6.6.2 - Notepad++ Team)
Nuclear Dawn (HKLM-x32\...\Steam App 17710) (Version:  - Interwave)
NVIDIA PhysX (HKLM-x32\...\{8B922CF8-8A6C-41CE-A858-F1755D7F5D29}) (Version: 9.12.1031 - NVIDIA Corporation)
OpenAL (HKLM-x32\...\OpenAL) (Version:  - )
Opera 11.50 (HKLM-x32\...\Opera 11.50.1074) (Version: 11.50.1074 - Opera Software ASA)
Opera 11.51 (HKLM-x32\...\Opera 11.51.1087) (Version: 11.51.1087 - Opera Software ASA)
osu! (HKLM-x32\...\{cc44ca16-317e-4fd2-8847-f7f31b9bfe89}) (Version: latest - ppy Pty Ltd)
PAC-MAN Championship Edition DX+ (HKLM-x32\...\Steam App 236450) (Version:  - Mine Loader Software Co., Ltd.)
Paint.NET v3.5.10 (HKLM\...\{529125EF-E3AC-4B74-97E6-F688A7C0F1C0}) (Version: 3.60.0 - dotPDN LLC)
PaintTool SAI Ver.1 (HKLM-x32\...\PaintToolSAI) (Version:  - )
Pando Media Booster (HKLM-x32\...\{980A182F-E0A2-4A40-94C1-AE0C1235902E}) (Version: 2.6.0.8 - Pando Networks Inc.)
Path of Exile (HKLM-x32\...\Steam App 238960) (Version:  - Grinding Gear Games)
PAYDAY: The Heist (HKLM-x32\...\Steam App 24240) (Version:  - OVERKILL Software)
PDF Complete Special Edition (HKLM-x32\...\PDF Complete) (Version: 4.0.35 - PDF Complete, Inc)
PDF Settings CS6 (x32 Version: 11.0 - Adobe Systems Incorporated) Hidden
Penguins! (x32 Version: 2.2.0.95 - WildTangent) Hidden
PlanetSide 2 (HKLM-x32\...\Steam App 218230) (Version:  - Sony Online Entertainment)
Plants vs. Zombies - Game of the Year (x32 Version: 2.2.0.95 - WildTangent) Hidden
PlayReady PC Runtime amd64 (HKLM\...\{BCA9334F-B6C9-4F65-9A73-AC5A329A4D04}) (Version: 1.3.0 - Microsoft Corporation)
PlayReady PC Runtime x86 (HKLM-x32\...\{CCA5EAAD-92F4-4B7A-B5EE-14294C66AB61}) (Version: 1.3.0 - Microsoft Corporation)
Pokemon Mystery Universe Client (HKLM\...\Pokemon Mystery Universe Client) (Version:  - PMU Team)
Pokemon Mystery Universe Map Editor (HKLM\...\Pokemon Mystery Universe Map Editor) (Version:  - PMU Team)
Pokemon Online 2.4.1 (HKLM-x32\...\{2C08D7E7-9EE1-4A08-AFE0-745F02DCD6A4}_is1) (Version:  - Dreambelievers)
Poker Superstars III (x32 Version: 2.2.0.95 - WildTangent) Hidden
Polar Bowler (x32 Version: 2.2.0.95 - WildTangent) Hidden
Polar Golfer (x32 Version: 2.2.0.95 - WildTangent) Hidden
Portal (HKLM-x32\...\Steam App 400) (Version:  - Valve)
PowerISO (HKLM-x32\...\PowerISO) (Version: 5.4 - Power Software Ltd)
PressReader (HKLM-x32\...\{912CED74-88D3-4C5B-ACB0-132318649765}) (Version: 5.10.1217.0 -  NewspaperDirect Inc.)
Project64 1.6 (HKLM-x32\...\{9559F7CA-5E34-4237-A2D9-D856464AD727}) (Version: 1.6 - Project64)
PunkBuster Services (HKLM-x32\...\PunkBusterSvc) (Version: 0.990 - Even Balance, Inc.)
Quake Live (HKLM-x32\...\Quake Live) (Version:  - id Software)
Quake Live (HKLM-x32\...\Steam App 282440) (Version:  - id Software)
Quake Live Mozilla Plugin (HKLM-x32\...\{FA66CFD7-0977-4C45-AACD-A8BB994B1A05}) (Version: 1.0.520 - id Software)
QuickTime (HKLM-x32\...\{8DC42D05-680B-41B0-8878-6C14D24602DB}) (Version: 7.55.90.70 - Apple Inc.)
RaceRoom Racing Experience  (HKLM-x32\...\Steam App 211500) (Version:  - )
RaceRoom Racing Experience Launcher (HKLM-x32\...\{1FD9F07F-7BBF-4C91-B3F0-A23714A3A913}_is1) (Version: 1.0 - SimBin)
RaiderZ (HKLM-x32\...\Steam App 218470) (Version:  - )
Realm of the Mad God (HKLM-x32\...\Steam App 200210) (Version:  - )
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6251 - Realtek Semiconductor Corp.)
Recovery Manager (x32 Version: 5.5.3621 - CyberLink Corp.) Hidden
reFX Nexus VSTi RTAS v2.2.0 (HKLM-x32\...\reFX Nexus_is1) (Version:  - )
Remote Graphics Receiver (HKLM-x32\...\{16FC3056-90C0-4757-8A68-64D8DA846ADA}) (Version: 5.4.5 - Hewlett-Packard)
RIFT™ (HKLM-x32\...\Steam App 39120) (Version:  - Trion Worlds)
Roblox (HKLM-x32\...\{373B1718-8CC5-4567-8EE2-9033AD08A680}) (Version:  - ROBLOX Corporation)
ROBLOX Player for Grizzell (HKU\S-1-5-21-3947115814-391582577-3851701547-1000\...\{373B1718-8CC5-4567-8EE2-9033AD08A680}) (Version:  - ROBLOX Corporation)
ROBLOX Player for Grizzell (HKU\S-1-5-21-3947115814-391582577-3851701547-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\{373B1718-8CC5-4567-8EE2-9033AD08A680}) (Version:  - ROBLOX Corporation)
ROBLOX Studio for Grizzell (HKU\S-1-5-21-3947115814-391582577-3851701547-1000\...\{2922D6F1-2865-4EFA-97A9-94EEAB3AFA14}) (Version:  - ROBLOX Corporation)
ROBLOX Studio for Grizzell (HKU\S-1-5-21-3947115814-391582577-3851701547-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\{2922D6F1-2865-4EFA-97A9-94EEAB3AFA14}) (Version:  - ROBLOX Corporation)
Rogue Legacy (HKLM-x32\...\Steam App 241600) (Version:  - Cellar Door Games)
RoxioNow Player (HKLM-x32\...\{0EDEB615-1A60-425E-8306-0E10519C7B55}) (Version: 1.9.5.103 - RoxioNow)
RPG Maker 2003 v1.08 (HKLM-x32\...\RPG Maker 2003_is1) (Version:  - Enterbrain, Inc.)
RPG Maker VX (HKLM-x32\...\RPG Maker VX_is1) (Version: 1.02 - Enterbrain)
RPG Maker VX Ace (HKLM-x32\...\RPGVXAce_E_is1) (Version: 1.02 - Enterbrain)
RPG MAKER VX Ace RTP (HKLM-x32\...\RPGVXAce_RTP_is1) (Version: 1.00 - Enterbrain)
RPG Maker VX RTP (HKLM-x32\...\RPG Maker VX RTP_is1) (Version: 1.02 - Enterbrain)
RuneScape Launcher 1.2.3 (HKLM-x32\...\{FAE99C85-0732-4C58-9C6B-10B5B12FA2E9}) (Version: 1.2.3 - Jagex Ltd)
Sanctum (HKLM-x32\...\Steam App 91600) (Version:  - )
Screencheat Public Beta (HKLM-x32\...\Steam App 317420) (Version:  - )
Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{DE28B448-32E8-4E8F-84F0-A52B21A49B5B}) (Version:  - Microsoft)
Ship Simulator Extremes Demo (HKLM-x32\...\ShipSimExtremesDemo) (Version:  - )
Skulltag (HKLM-x32\...\Skulltag) (Version: 98d - Skulltag) <==== ATTENTION!
Skype Click to Call (HKLM-x32\...\{6D1221A9-17BF-4EC0-81F2-27D30EC30701}) (Version: 7.3.16540.9015 - Microsoft Corporation)
Skype™ 6.22 (HKLM-x32\...\{24991BA0-F0EE-44AD-9CC8-5EC50AECF6B7}) (Version: 6.22.107 - Skype Technologies S.A.)
Slingo Supreme (x32 Version: 2.2.0.95 - WildTangent) Hidden
Sniper Elite V2 (HKLM-x32\...\Steam App 63380) (Version:  - Rebellion)
Soldier Front 2 (HKLM-x32\...\Steam App 239660) (Version:  - Dragonfly)
Sonic Generations Demo (HKLM-x32\...\Steam App 202290) (Version:  - Sega)
Source Filmmaker (HKLM-x32\...\Steam App 1840) (Version:  - )
Source SDK (HKLM-x32\...\Steam App 211) (Version:  - Valve)
Speakonia (HKLM-x32\...\Speakonia_is1) (Version: 1.0.3.5 - CFS-Technologies)
Spiral Knights (HKLM-x32\...\Steam App 99900) (Version:  - Three Rings)
Star Conflict (HKLM-x32\...\Steam App 212070) (Version:  - )
Starbound (HKLM-x32\...\Steam App 211820) (Version:  - )
StarCraft II (HKLM-x32\...\StarCraft II) (Version:  - Blizzard Entertainment)
Steam (HKLM-x32\...\Steam) (Version:  - Valve Corporation)
StepMania v5.0 beta 3 (remove only) (HKLM-x32\...\StepMania 5) (Version:  - StepMania Team)
SuddenAttack (HKLM-x32\...\SuddenAttackNA) (Version:  - )
Super Crate Box (HKLM-x32\...\Steam App 212800) (Version:  - )
Super Meat Boy (HKLM-x32\...\Steam App 40800) (Version:  - Team Meat)
Super Meat Boy Editor (HKLM-x32\...\Steam App 40810) (Version:  - )
Super Monday Night Combat (HKLM-x32\...\Steam App 104700) (Version:  - )
swMSM (x32 Version: 12.0.0.1 - Adobe Systems, Inc) Hidden
Synthesia (remove only) (HKLM-x32\...\Synthesia) (Version:  - )
Team Fortress 2 (HKLM-x32\...\Steam App 440) (Version:  - Valve)
Team Fortress 2 Beta (HKLM-x32\...\Steam App 520) (Version:  - Valve)
TeamSpeak 3 Client (HKLM\...\TeamSpeak 3 Client) (Version: 3.0.11 - TeamSpeak Systems GmbH)
Techne (HKU\S-1-5-21-3947115814-391582577-3851701547-1000\...\244a1e8693fd9c7e) (Version: 1.3.0.15 - ZeuX and r4wk)
Techne (HKU\S-1-5-21-3947115814-391582577-3851701547-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\244a1e8693fd9c7e) (Version: 1.3.0.15 - ZeuX and r4wk)
Terraria (HKLM-x32\...\Steam App 105600) (Version:  - )
Text-To-Speech-Runtime (HKLM-x32\...\{7B3F0113-E63C-4D6D-AF19-111A3165CCA2}) (Version: 1.0.0.0 - Magix Development GmbH)
The Elder Scrolls V: Skyrim (HKLM-x32\...\Steam App 72850) (Version:  - Bethesda Game Studios)
The Lord of the Rings Online™ v03.07.01.8015 (HKLM-x32\...\12bbe590-c890-11d9-9669-0800200c9a66_is1) (Version: 03.07.01.8015 - Turbine, Inc.)
The Stanley Parable (HKLM-x32\...\Steam App 221910) (Version:  - Galactic Cafe)
The Stanley Parable Demo (HKLM-x32\...\Steam App 247750) (Version:  - Galactic Cafe)
Toribash (HKLM-x32\...\Steam App 248570) (Version:  - Nabi Studios)
TrackMania Nations Forever (HKLM-x32\...\Steam App 11020) (Version:  - Nadeo)
Tribes: Ascend (HKLM-x32\...\Steam App 17080) (Version:  - )
Tunngle beta (HKLM-x32\...\Tunngle beta_is1) (Version:  - Tunngle.net GmbH)
Turbo Dismount (HKLM-x32\...\Steam App 263760) (Version:  - Secret Exit Ltd.)
TWC WiFi (HKLM-x32\...\TWC WiFi_is1) (Version:  - )
UltraISO Premium V9.62 (HKLM-x32\...\UltraISO_is1) (Version:  - )
Unity Web Player (HKU\S-1-5-21-3947115814-391582577-3851701547-1000\...\UnityWebPlayer) (Version:  - Unity Technologies ApS)
Unity Web Player (HKU\S-1-5-21-3947115814-391582577-3851701547-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\UnityWebPlayer) (Version:  - Unity Technologies ApS)
Unreal Development Kit: 2013-02 (HKLM\...\UDK-2ac8a576-a340-485e-9e69-a65ccddaadf0) (Version:  - Epic Games, Inc.)
Unturned (HKLM-x32\...\Steam App 304930) (Version:  - Nelson Sexton)
Update Installer for WildTangent Games App (x32 Version:  - WildTangent) Hidden
Vegas Pro 11.0 (HKLM-x32\...\{E6F012B0-E930-11E0-A67A-F04DA23A5C58}) (Version: 11.0.370 - Sony)
Vegas Pro 12.0 (64-bit) (HKLM\...\{87CEB7C0-1D35-11E2-8F19-F04DA23A5C58}) (Version: 12.0.394 - Sony)
Verbose Text to Speech (HKLM-x32\...\Verbose) (Version:  - NCH Software)
VideoPad Video Editor (HKLM-x32\...\VideoPad) (Version:  - NCH Software)
Vindictus (HKLM-x32\...\Steam App 212160) (Version:  - Nexon)
Virtual Audio Cable 4.10 (HKLM\...\Virtual Audio Cable 4.10) (Version:  - )
Virtual Villagers 4 - The Tree of Life (x32 Version: 2.2.0.95 - WildTangent) Hidden
VirtualDJ Home FREE (HKLM-x32\...\{77C2D5D4-ADC5-49F9-B36E-5992FCF35EA3}) (Version: 7.4.1 - Atomix Productions)
Warframe (HKLM-x32\...\Steam App 230410) (Version:  - Digital Extremes)
Warhammer® 40,000®: Dawn of War® II – Retribution™ (HKLM-x32\...\Steam App 56400) (Version:  - Relic)
WavePad Sound Editor (HKLM-x32\...\WavePad) (Version:  - NCH Software)
WeGame Client 2.4.3.0 (HKLM-x32\...\12345_is1) (Version: 2.4.3.0 - WeGame.com, Inc.)
Wheel of Fortune 2 (x32 Version: 2.2.0.95 - WildTangent) Hidden
WildTangent Games App for HP (x32 Version: 4.0.11.2 - WildTangent) Hidden
Winamp (HKLM-x32\...\Winamp) (Version: 5.66  - Nullsoft, Inc)
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 15.4.3555.0308 - Microsoft Corporation)
Windows Live Mesh ActiveX Control for Remote Connections (HKLM-x32\...\{2902F983-B4C1-44BA-B85D-5C6D52E2C441}) (Version: 15.4.5722.2 - Microsoft Corporation)
WinRAR 4.10 (32-bit) (HKLM-x32\...\WinRAR archiver) (Version: 4.10.0 - win.rar GmbH)
XCOM: Enemy Unknown (HKLM-x32\...\Steam App 200510) (Version:  - Firaxis Games)
XSplit Broadcaster (HKLM-x32\...\{6459F338-FE52-4034-BCA7-74772DA0F24D}) (Version: 1.3.1403.1202 - SplitMediaLabs)
Yahoo! Detect (HKLM-x32\...\YTdetect) (Version:  - )
Yahoo! Software Update (HKLM-x32\...\Yahoo! Software Update) (Version:  - )
You Have to Win the Game (HKLM-x32\...\Steam App 286100) (Version:  - Minor Key Games)
Zandronum (HKLM-x32\...\Zandronum) (Version: 1.0 - Zandronum) <==== ATTENTION!
Zinio Reader 4 (HKLM-x32\...\ZinioReader4.9310D8F796442B71068C511E15D70529A702D19D.1) (Version: 4.0.3184 - Zinio LLC)
Zinio Reader 4 (x32 Version: 4.0.3184 - Zinio LLC) Hidden
Zulu DJ Software (HKLM-x32\...\Zulu) (Version: 3.34 - NCH Software)
Zuma Deluxe (x32 Version: 2.2.0.95 - WildTangent) Hidden
 
==================== Custom CLSID (selected items): ==========================
 
(If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)
 
CustomCLSID: HKU\S-1-5-21-3947115814-391582577-3851701547-1000_Classes\CLSID\{005A3A96-BAC4-4B0A-94EA-C0CE100EA736}\localserver32 -> C:\Users\Grizzell\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3947115814-391582577-3851701547-1000_Classes\CLSID\{2d0fc176-141d-4c67-a65c-70baefe87c86}\InprocServer32 -> C:\Windows\system32\dfshim.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-3947115814-391582577-3851701547-1000_Classes\CLSID\{355EC88A-02E2-4547-9DEE-F87426484BD1}\InprocServer32 -> C:\Users\Grizzell\AppData\Local\Google\Update\1.3.23.9\psuser_64.dll No File
CustomCLSID: HKU\S-1-5-21-3947115814-391582577-3851701547-1000_Classes\CLSID\{D45F043D-F17F-4e8a-8435-70971D9FA46D}\InprocServer32 -> C:\Program Files\Blender Foundation\Blender\BlendThumb64.dll No File
CustomCLSID: HKU\S-1-5-21-3947115814-391582577-3851701547-1000_Classes\CLSID\{DEE03C2B-0C0C-41A9-9877-FD4B4D7B6EA3}\InprocServer32 -> C:\Users\Grizzell\AppData\Local\Roblox\Versions\version-d11d3bd1dfae46fa\RobloxProxy64.dll (ROBLOX Corporation)
CustomCLSID: HKU\S-1-5-21-3947115814-391582577-3851701547-1000_Classes\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Grizzell\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3947115814-391582577-3851701547-1000_Classes\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Grizzell\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3947115814-391582577-3851701547-1000_Classes\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Grizzell\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3947115814-391582577-3851701547-1000_Classes\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Grizzell\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3947115814-391582577-3851701547-1000_Classes\CLSID\{FB314EDD-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Grizzell\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3947115814-391582577-3851701547-1000_Classes\CLSID\{FB314EDE-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Grizzell\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3947115814-391582577-3851701547-1000_Classes\CLSID\{FB314EDF-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Grizzell\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3947115814-391582577-3851701547-1000_Classes\CLSID\{FB314EE0-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Grizzell\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)
 
==================== Restore Points  =========================
 
17-12-2014 18:34:48 Windows Update
18-12-2014 03:00:12 Windows Update
19-12-2014 19:47:51 Windows Backup
19-12-2014 20:33:13 Restore Operation
19-12-2014 21:22:47 Configured Power2Go
19-12-2014 21:28:22 Windows Update
20-12-2014 03:00:21 Windows Update
 
==================== Hosts content: ==========================
 
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
 
2009-07-13 18:34 - 2014-06-27 15:41 - 00000867 ____A C:\Windows\system32\Drivers\etc\hosts
127.0.0.1 d3oxij66pru1i3.cloudfront.net
 
==================== Scheduled Tasks (whitelisted) =============
 
(If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.)
 
Task: {04C4A1AD-A3AB-4A4E-8E43-FD159C8B85F0} - System32\Tasks\{D7EC59C2-6C34-421D-B678-97FB32CAA664} => pcalua.exe -a "c:\program files (x86)\steam\steamapps\common\lord of the rings online\unins000.exe"
Task: {12E37DF6-DD7D-4D71-985F-D5F7C11F27F2} - System32\Tasks\5032 => Wscript.exe C:\Users\Grizzell\AppData\Local\Temp\launchie.vbs //B <==== ATTENTION
Task: {17E29CE7-D609-49F6-9BDD-2CF4BB769A4F} - System32\Tasks\{7ED7BD20-3266-49EA-8A76-F55AA89B67CD} => Iexplore.exe http://ui.skype.com/ui/0/5.1.0.104.399/en/abandoninstall?page=tsMain&installinfo=google-toolbar:notoffered;notincluded,google-chrome:notoffered;disabled
Task: {1AE494C2-ABC6-4635-87F8-DA3CBC4FB3A1} - System32\Tasks\{616FB1DA-536A-4042-B9CA-037A164B75F7} => msiexec.exe /package "C:\Users\Grizzell\Downloads\apploc.msi"
Task: {20A97C6E-3884-4BE8-B353-4F4027B4CFF9} - System32\Tasks\Optimum_LogOn => C:\Program Files (x86)\Optimum PC Boost\OptimumPCBoost.exe <==== ATTENTION
Task: {2976A490-86A5-4448-8B3C-59B7323A3D8F} - \ea727281-8281-467f-bafd-cf5fb6f1777a-1 No Task File <==== ATTENTION
Task: {32DD7E70-2D14-4135-91D2-CE9980A9BBFB} - System32\Tasks\{A881DDC6-6CAA-4983-8D97-F5568EB2B7E8} => Chrome.exe http://ui.skype.com/ui/0/6.18.73.106.456/en/abandoninstall?page=tsProgressBar
Task: {393076AD-EDD8-4ABC-A2A7-818C3585A143} - System32\Tasks\RunAsStdUser Task => C:\Users\Grizzell\AppData\Local\gigglinggamesSA\bin\1.0.6.0\GigglingGamesSA.exe <==== ATTENTION
Task: {3CE0248E-0E25-4563-9FDE-D281E3B74694} - System32\Tasks\Hewlett-Packard\HP Support Assistant\Warranty Opt-In(Yes) => c:\program files (x86)\hewlett-packard\hp health check\activecheck\product_line\Detection_PostWarrantyAlert.exe
Task: {444B4237-4CAC-4619-BD67-CFF024677D39} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2014-12-09] (Adobe Systems Incorporated)
Task: {44CA8CC9-27C9-4A1C-9818-50BCD0562B4E} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2011-06-01] (Apple Inc.)
Task: {54A11768-EE3C-410F-99F6-0DE0D9DACC1B} - System32\Tasks\FacebookUpdateTaskUserS-1-5-21-3947115814-391582577-3851701547-1000UA => C:\Users\Grizzell\AppData\Local\Facebook\Update\FacebookUpdate.exe [2012-08-15] (Facebook Inc.)
Task: {5A463D2C-BEE1-4DA1-B460-BFEBB92B6850} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-12-20] (Google Inc.)
Task: {60AF0D28-F2CB-428B-B842-D556F2557D95} - System32\Tasks\{CC76F3FC-8F11-411D-A641-FA4FBB2A2EF2} => Iexplore.exe http://ui.skype.com/ui/0/5.10.0.115/en/abandoninstall?page=tsProgressBar
Task: {655E08F4-116E-463C-83F3-2671EE4936FD} - System32\Tasks\{6E10486E-3689-4B65-9F81-01FE916DA28F} => pcalua.exe -a "C:\Program Files (x86)\BlueStacks\HD-RuntimeUninstaller.exe"
Task: {712FA028-D968-4263-A225-AD07CC000DE4} - System32\Tasks\NCH Software\expresszipShakeIcon => C:\Program Files (x86)\NCH Software\ExpressZip\ExpressZip.exe
Task: {734BC44A-5446-443B-A20F-FAC485377472} - System32\Tasks\Hewlett-Packard\HP Support Assistant\WarrantyChecker => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPWarrantyCheck\HPWarrantyChecker.exe [2014-10-21] (Hewlett-Packard)
Task: {7665AAC8-2BB3-4CDA-B6BD-61FB0CA71159} - System32\Tasks\NCH Software\VerboseReminder => C:\Program Files (x86)\NCH Software\Verbose\Verbose.exe
Task: {8F94E3D8-DDD6-4459-9274-34EB2E94EFA8} - System32\Tasks\{D4237FDA-5DD7-4CEE-8599-0BF78B008E3C} => Iexplore.exe http://ui.skype.com/ui/0/5.9.0.123/en/go/help.faq.installer?LastError=1618
Task: {93E6B216-8117-425D-BA62-71CF4C693B30} - System32\Tasks\HPCeeScheduleForGrizzell => C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe [2011-07-15] (Hewlett-Packard)
Task: {A68C7261-4436-4DA7-9FA0-4F646D4CCC8A} - System32\Tasks\AdobeAAMUpdater-1.0-Grizzell-HP-Grizzell => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [2013-06-13] (Adobe Systems Incorporated)
Task: {AA3F5D8B-A069-4003-BAD8-E646BB54160B} - System32\Tasks\Hewlett-Packard\HP Support Assistant\Warranty Opt-In(No) => c:\program files (x86)\hewlett-packard\hp health check\activecheck\product_line\Detection_PostWarrantyAlert.exe
Task: {B1A30861-CE42-4687-A777-1D3362D5FA5B} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Assistant Quick Start => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe [2013-11-04] (Hewlett-Packard Company)
Task: {B8C05657-AF92-4E1C-B86A-5DF4BB5221BF} - System32\Tasks\Hewlett-Packard\HP Support Assistant\PC Health Analysis => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe [2013-11-04] (Hewlett-Packard Company)
Task: {BF66E851-5191-4CF6-A314-B4EC62D44C2C} - System32\Tasks\Optimum_Daily => C:\Program Files (x86)\Optimum PC Boost\OptimumPCBoost.exe <==== ATTENTION
Task: {C8B35B74-718C-4CA5-BDFB-34C56C996AA0} - System32\Tasks\{E62F1E53-5196-47C0-9BDD-DB9C604CFB71} => pcalua.exe -a "C:\Users\Grizzell\Downloads\speakoniasetup-1.0 (1).exe" -d C:\Users\Grizzell\Downloads
Task: {CEEBED90-4C6E-4B10-A10E-81136170F710} - System32\Tasks\0 => Iexplore.exe  <==== ATTENTION
Task: {DEF1067D-6F52-4B1D-A1BF-46537AF50759} - System32\Tasks\{68C3097C-C649-4B07-AD24-D09125D72FF5} => pcalua.exe -a "C:\Program Files (x86)\Turbine\DDO Unlimited\unins000.exe"
Task: {E5EADE5E-8B02-437D-B139-0A0C13D4AE3C} - System32\Tasks\{8AD39E0C-80BA-431B-AA35-9B6B53173810} => pcalua.exe -a C:\Users\Grizzell\Downloads\EvolveSetup.exe -d C:\Users\Grizzell\Downloads
Task: {E7C03319-4E56-479E-A040-9ED1DBFC534F} - System32\Tasks\{861F6F79-027F-444A-BD7E-2FC9C398C6D1} => Iexplore.exe http://ui.skype.com/ui/0/6.6.73.106.456/en/abandoninstall?page=tsBing
Task: {E9ED023A-EBF5-4750-A9E4-E10F0F7957B5} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-12-20] (Google Inc.)
Task: {EAB01C10-F4D1-4A85-9293-67442E6DB83A} - System32\Tasks\Hewlett-Packard\HP Support Assistant\Update Check => C:\ProgramData\Hewlett-Packard\HP Support Framework\Resources\Updater7\HPSFUpdater.exe [2014-05-12] (Hewlett-Packard Company)
Task: {EB1375F4-FB9F-4772-B6E8-11C83A2B5CC4} - System32\Tasks\{559D7439-DE52-4B5B-894F-C757FD740999} => Iexplore.exe http://ui.skype.com/ui/0/6.9.73.106.456/en/go/help.faq.installer?LastError=1618
Task: {EC105082-DBF2-4935-82CA-E5C26B59BD0E} - System32\Tasks\PC Optimizer Pro64 startups => C:\Program Files\PC Optimizer Pro\StartApps.exe <==== ATTENTION
Task: {F9AB1FF1-B053-430D-8C0E-6CC10B90D988} - System32\Tasks\Hewlett-Packard\HP Support Assistant\WarrantyChecker_DeviceScan => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPWarrantyCheck\HPWarrantyChecker.exe [2014-10-21] (Hewlett-Packard)
Task: {F9DA659F-7257-49B2-9876-6B46F1D93DAE} - System32\Tasks\FacebookUpdateTaskUserS-1-5-21-3947115814-391582577-3851701547-1000Core => C:\Users\Grizzell\AppData\Local\Facebook\Update\FacebookUpdate.exe [2012-08-15] (Facebook Inc.)
Task: {FBC00D83-B606-4F5F-847F-E31EA05196DC} - System32\Tasks\OfficeSoftwareProtectionPlatform\SvcRestartTask => Sc.exe start osppsvc
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-3947115814-391582577-3851701547-1000Core.job => C:\Users\Grizzell\AppData\Local\Facebook\Update\FacebookUpdate.exe
Task: C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-3947115814-391582577-3851701547-1000UA.job => C:\Users\Grizzell\AppData\Local\Facebook\Update\FacebookUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\HPCeeScheduleForGrizzell.job => C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe
Task: C:\Windows\Tasks\PC Optimizer Pro64 startups.job => C:\Program Files\PC Optimizer Pro\StartApps.exe <==== ATTENTION
 
==================== Loaded Modules (whitelisted) =============
 
2013-08-16 23:32 - 2013-08-16 23:32 - 03357040 _____ () C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSync\CoreSync_v_1_1_0_x64.dll
2011-01-14 18:20 - 2011-01-14 18:20 - 00415072 _____ () C:\Program Files (x86)\Dyyno\Dyyno Broadcaster\launcherd.exe
2014-12-13 07:59 - 2014-12-12 11:12 - 03985408 ___SH () C:\Program Files (x86)\Hmicroboidin\Hmicroboidin.exe
2014-12-13 07:59 - 2014-12-13 07:59 - 00049664 ____R () C:\Program Files (x86)\Hmicroboidin\HmicroboidinHelper.exe
2012-10-16 16:43 - 2012-10-16 16:49 - 00076888 _____ () C:\Windows\SysWOW64\PnkBstrA.exe
2011-08-17 12:55 - 2011-01-26 18:11 - 00094208 _____ () C:\Windows\System32\IccLibDll_x64.dll
2014-12-13 07:59 - 2014-12-11 15:19 - 00016896 ___SH () C:\Program Files (x86)\Hmicroboidin\WinDivert.dll
2014-08-21 15:22 - 2014-12-01 13:31 - 02396672 _____ () C:\Program Files (x86)\Steam\libavcodec-56.dll
2014-08-21 15:22 - 2014-12-01 13:31 - 00442880 _____ () C:\Program Files (x86)\Steam\libavutil-54.dll
2014-08-21 15:22 - 2014-12-01 13:31 - 00479744 _____ () C:\Program Files (x86)\Steam\libavformat-56.dll
2014-08-21 15:22 - 2014-12-01 13:31 - 00332800 _____ () C:\Program Files (x86)\Steam\libavresample-2.dll
2013-02-28 10:52 - 2014-11-11 10:47 - 00774656 _____ () C:\Program Files (x86)\Steam\SDL2.dll
2014-12-02 14:55 - 2014-12-01 16:29 - 05002752 _____ () C:\Program Files (x86)\Steam\v8.dll
2014-12-02 14:55 - 2014-12-01 16:29 - 01612800 _____ () C:\Program Files (x86)\Steam\icui18n.dll
2014-12-02 14:55 - 2014-12-01 16:29 - 01210368 _____ () C:\Program Files (x86)\Steam\icuuc.dll
2014-05-02 18:01 - 2014-12-19 15:38 - 02226880 _____ () C:\Program Files (x86)\Steam\video.dll
2014-08-21 15:22 - 2014-12-01 13:31 - 00485888 _____ () C:\Program Files (x86)\Steam\libswscale-3.dll
2013-03-27 13:23 - 2014-12-19 15:38 - 00696000 _____ () C:\Program Files (x86)\Steam\bin\chromehtml.DLL
2014-10-21 16:22 - 2014-10-21 16:22 - 00750080 _____ () C:\Users\Grizzell\AppData\Roaming\Dropbox\bin\libGLESv2.dll
2014-12-20 08:56 - 2014-12-20 08:56 - 00043008 _____ () c:\users\grizzell\appdata\local\temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmp3tggvr.dll
2014-10-21 16:22 - 2014-10-21 16:22 - 00047616 _____ () C:\Users\Grizzell\AppData\Roaming\Dropbox\bin\libEGL.dll
2014-10-21 16:22 - 2014-10-21 16:22 - 00863744 _____ () C:\Users\Grizzell\AppData\Roaming\Dropbox\bin\plugins\platforms\qwindows.dll
2014-10-21 16:22 - 2014-10-21 16:22 - 00200704 _____ () C:\Users\Grizzell\AppData\Roaming\Dropbox\bin\plugins\imageformats\qjpeg.dll
2014-01-03 03:03 - 2014-01-03 03:03 - 07816192 _____ () C:\Program Files (x86)\SplitMediaLabs\XSplit\avcodec-54.dll
2014-01-03 03:03 - 2014-01-03 03:03 - 00188416 _____ () C:\Program Files (x86)\SplitMediaLabs\XSplit\avutil-52.dll
2014-01-03 03:03 - 2014-01-03 03:03 - 01425920 _____ () C:\Program Files (x86)\SplitMediaLabs\XSplit\avformat-54.dll
2014-01-03 03:03 - 2014-01-03 03:03 - 00336896 _____ () C:\Program Files (x86)\SplitMediaLabs\XSplit\swscale-2.dll
2014-01-03 03:03 - 2014-01-03 03:03 - 00096256 _____ () C:\Program Files (x86)\SplitMediaLabs\XSplit\swresample-0.dll
2014-12-20 08:48 - 2014-12-05 17:50 - 01077064 _____ () C:\Program Files (x86)\Google\Chrome\Application\39.0.2171.95\libglesv2.dll
2014-12-20 08:48 - 2014-12-05 17:50 - 00211272 _____ () C:\Program Files (x86)\Google\Chrome\Application\39.0.2171.95\libegl.dll
2014-12-20 08:48 - 2014-12-05 17:50 - 09009480 _____ () C:\Program Files (x86)\Google\Chrome\Application\39.0.2171.95\pdf.dll
2014-12-20 08:48 - 2014-12-05 17:50 - 01677128 _____ () C:\Program Files (x86)\Google\Chrome\Application\39.0.2171.95\ffmpegsumo.dll
2013-03-27 13:23 - 2014-12-19 15:38 - 34641288 _____ () C:\Program Files (x86)\Steam\bin\libcef.dll
2014-12-20 08:48 - 2014-12-05 17:50 - 14913352 _____ () C:\Program Files (x86)\Google\Chrome\Application\39.0.2171.95\PepperFlash\pepflashplayer.dll
 
==================== Alternate Data Streams (whitelisted) =========
 
(If an entry is included in the fixlist, only the Alternate Data Streams will be removed.)
 
AlternateDataStreams: C:\ProgramData\Temp:373E1720
 
==================== Safe Mode (whitelisted) ===================
 
(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
 
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Hamachi2Svc => ""="Service"
 
==================== EXE Association (whitelisted) =============
 
(If an entry is included in the fixlist, the default will be restored. None default entries will be removed.)
 
 
==================== MSCONFIG/TASK MANAGER disabled items =========
 
(Currently there is no automatic fix for this section.)
 
 
========================= Accounts: ==========================
 
Administrator (S-1-5-21-3947115814-391582577-3851701547-500 - Administrator - Disabled)
ASPNET (S-1-5-21-3947115814-391582577-3851701547-1004 - Limited - Enabled)
Grizzell (S-1-5-21-3947115814-391582577-3851701547-1000 - Administrator - Enabled) => C:\Users\Grizzell
Guest (S-1-5-21-3947115814-391582577-3851701547-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-3947115814-391582577-3851701547-1002 - Limited - Enabled)
 
==================== Faulty Device Manager Devices =============
 
Name: Microsoft Teredo Tunneling Adapter
Description: Microsoft Teredo Tunneling Adapter
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: tunnel
Problem: : This device cannot start. (Code10)
Resolution: Device failed to start. Click "Update Driver" to update the drivers for this device.
On the "General Properties" tab of the device, click "Troubleshoot" to start the troubleshooting wizard.
 
 
==================== Event log errors: =========================
 
Application errors:
==================
Error: (12/20/2014 08:56:32 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
 
Error: (12/20/2014 08:55:12 AM) (Source: BstHdAndroidSvc) (EventID: 0) (User: )
Description: Service cannot be started. System.ApplicationException: Cannot start service.  Service did not stop gracefully the last time it was run.
   at BlueStacks.hyperDroid.Service.Service.OnStart(String[] args)
   at System.ServiceProcess.ServiceBase.ServiceQueuedMainCallback(Object state)
 
Error: (12/20/2014 08:45:26 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: chrome.exe, version: 35.0.1916.153, time stamp: 0x538fb354
Faulting module name: chrome.dll, version: 35.0.1916.153, time stamp: 0x538fb051
Exception code: 0x80000003
Fault offset: 0x00485166
Faulting process id: 0x1798
Faulting application start time: 0xchrome.exe0
Faulting application path: chrome.exe1
Faulting module path: chrome.exe2
Report Id: chrome.exe3
 
Error: (12/20/2014 08:42:30 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: chrome.exe, version: 35.0.1916.153, time stamp: 0x538fb354
Faulting module name: chrome.dll, version: 35.0.1916.153, time stamp: 0x538fb051
Exception code: 0x80000003
Fault offset: 0x00485166
Faulting process id: 0x130c
Faulting application start time: 0xchrome.exe0
Faulting application path: chrome.exe1
Faulting module path: chrome.exe2
Report Id: chrome.exe3
 
Error: (12/20/2014 08:42:30 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: chrome.exe, version: 35.0.1916.153, time stamp: 0x538fb354
Faulting module name: chrome.dll, version: 35.0.1916.153, time stamp: 0x538fb051
Exception code: 0x80000003
Fault offset: 0x00485166
Faulting process id: 0xb54
Faulting application start time: 0xchrome.exe0
Faulting application path: chrome.exe1
Faulting module path: chrome.exe2
Report Id: chrome.exe3
 
Error: (12/20/2014 08:42:10 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: chrome.exe, version: 35.0.1916.153, time stamp: 0x538fb354
Faulting module name: chrome.dll, version: 35.0.1916.153, time stamp: 0x538fb051
Exception code: 0x80000003
Fault offset: 0x00485166
Faulting process id: 0x1030
Faulting application start time: 0xchrome.exe0
Faulting application path: chrome.exe1
Faulting module path: chrome.exe2
Report Id: chrome.exe3
 
Error: (12/20/2014 08:41:12 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
 
Error: (12/20/2014 08:41:10 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: chrome.exe, version: 35.0.1916.153, time stamp: 0x538fb354
Faulting module name: chrome.dll, version: 35.0.1916.153, time stamp: 0x538fb051
Exception code: 0x80000003
Fault offset: 0x00485166
Faulting process id: 0x1200
Faulting application start time: 0xchrome.exe0
Faulting application path: chrome.exe1
Faulting module path: chrome.exe2
Report Id: chrome.exe3
 
Error: (12/20/2014 08:40:06 AM) (Source: BstHdAndroidSvc) (EventID: 0) (User: )
Description: Service cannot be started. System.ApplicationException: Cannot start service.  Service did not stop gracefully the last time it was run.
   at BlueStacks.hyperDroid.Service.Service.OnStart(String[] args)
   at System.ServiceProcess.ServiceBase.ServiceQueuedMainCallback(Object state)
 
Error: (12/20/2014 08:38:14 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: chrome.exe, version: 35.0.1916.153, time stamp: 0x538fb354
Faulting module name: chrome.dll, version: 35.0.1916.153, time stamp: 0x538fb051
Exception code: 0x80000003
Fault offset: 0x00485166
Faulting process id: 0x3d90
Faulting application start time: 0xchrome.exe0
Faulting application path: chrome.exe1
Faulting module path: chrome.exe2
Report Id: chrome.exe3
 
 
System errors:
=============
Error: (12/20/2014 08:55:12 AM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: The BlueStacks Android Service service terminated with the following error: 
%%1064
 
Error: (12/20/2014 08:54:55 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The Adobe Licensing Console service failed to start due to the following error: 
%%2
 
Error: (12/20/2014 08:41:57 AM) (Source: Service Control Manager) (EventID: 7030) (User: )
Description: The LogMeIn Hamachi Tunneling Engine service is marked as an interactive service.  However, the system is configured to not allow interactive services.  This service may not function properly.
 
Error: (12/20/2014 08:40:06 AM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: The BlueStacks Android Service service terminated with the following error: 
%%1064
 
Error: (12/20/2014 08:39:40 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The Adobe Licensing Console service failed to start due to the following error: 
%%2
 
Error: (12/19/2014 09:40:18 PM) (Source: DCOM) (EventID: 10016) (User: Grizzell-HP)
Description: machine-defaultLocalActivation{9BA05972-F6A8-11CF-A442-00A0C90A8F39}{9BA05972-F6A8-11CF-A442-00A0C90A8F39}Grizzell-HPGrizzellS-1-5-21-3947115814-391582577-3851701547-1000LocalHost (Using LRPC)
 
Error: (12/19/2014 09:40:02 PM) (Source: DCOM) (EventID: 10016) (User: Grizzell-HP)
Description: machine-defaultLocalActivation{9BA05972-F6A8-11CF-A442-00A0C90A8F39}{9BA05972-F6A8-11CF-A442-00A0C90A8F39}Grizzell-HPGrizzellS-1-5-21-3947115814-391582577-3851701547-1000LocalHost (Using LRPC)
 
Error: (12/19/2014 09:01:12 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The Steam Client Service service failed to start due to the following error: 
%%1053
 
Error: (12/19/2014 09:01:12 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: A timeout was reached (30000 milliseconds) while waiting for the Steam Client Service service to connect.
 
Error: (12/19/2014 08:57:11 PM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: The BlueStacks Android Service service terminated with the following error: 
%%1064
 
 
Microsoft Office Sessions:
=========================
Error: (12/20/2014 08:56:32 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
 
Error: (12/20/2014 08:55:12 AM) (Source: BstHdAndroidSvc) (EventID: 0) (User: )
Description: Service cannot be started. System.ApplicationException: Cannot start service.  Service did not stop gracefully the last time it was run.
   at BlueStacks.hyperDroid.Service.Service.OnStart(String[] args)
   at System.ServiceProcess.ServiceBase.ServiceQueuedMainCallback(Object state)
 
Error: (12/20/2014 08:45:26 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: chrome.exe35.0.1916.153538fb354chrome.dll35.0.1916.153538fb0518000000300485166179801d01c745aa5e776C:\Users\Grizzell\AppData\Local\Google\Chrome\Application\chrome.exeC:\Users\Grizzell\AppData\Local\Google\Chrome\Application\35.0.1916.153\chrome.dll9903bdc2-8867-11e4-af6a-001fc69f5a4a
 
Error: (12/20/2014 08:42:30 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: chrome.exe35.0.1916.153538fb354chrome.dll35.0.1916.153538fb0518000000300485166130c01d01c73f11911f2C:\Users\Grizzell\AppData\Local\Google\Chrome\Application\chrome.exeC:\Users\Grizzell\AppData\Local\Google\Chrome\Application\35.0.1916.153\chrome.dll2ec955f8-8867-11e4-af6a-001fc69f5a4a
 
Error: (12/20/2014 08:42:30 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: chrome.exe35.0.1916.153538fb354chrome.dll35.0.1916.153538fb0518000000300485166b5401d01c73f171f433C:\Users\Grizzell\AppData\Local\Google\Chrome\Application\chrome.exeC:\Users\Grizzell\AppData\Local\Google\Chrome\Application\35.0.1916.153\chrome.dll2f21d691-8867-11e4-af6a-001fc69f5a4a
 
Error: (12/20/2014 08:42:10 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: chrome.exe35.0.1916.153538fb354chrome.dll35.0.1916.153538fb0518000000300485166103001d01c73e67332a9C:\Users\Grizzell\AppData\Local\Google\Chrome\Application\chrome.exeC:\Users\Grizzell\AppData\Local\Google\Chrome\Application\35.0.1916.153\chrome.dll2424fd51-8867-11e4-af6a-001fc69f5a4a
 
Error: (12/20/2014 08:41:12 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
 
Error: (12/20/2014 08:41:10 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: chrome.exe35.0.1916.153538fb354chrome.dll35.0.1916.153538fb0518000000300485166120001d01c73ac541fb7C:\Users\Grizzell\AppData\Local\Google\Chrome\Application\chrome.exeC:\Users\Grizzell\AppData\Local\Google\Chrome\Application\35.0.1916.153\chrome.dll00613198-8867-11e4-af6a-001fc69f5a4a
 
Error: (12/20/2014 08:40:06 AM) (Source: BstHdAndroidSvc) (EventID: 0) (User: )
Description: Service cannot be started. System.ApplicationException: Cannot start service.  Service did not stop gracefully the last time it was run.
   at BlueStacks.hyperDroid.Service.Service.OnStart(String[] args)
   at System.ServiceProcess.ServiceBase.ServiceQueuedMainCallback(Object state)
 
Error: (12/20/2014 08:38:14 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: chrome.exe35.0.1916.153538fb354chrome.dll35.0.1916.153538fb05180000003004851663d9001d01c7359b8751aC:\Users\Grizzell\AppData\Local\Google\Chrome\Application\chrome.exeC:\Users\Grizzell\AppData\Local\Google\Chrome\Application\35.0.1916.153\chrome.dll976a3fc1-8866-11e4-a89d-001fc69f5a4a
 
 
==================== Memory info =========================== 
 
Processor: Intel® Core i3-2100 CPU @ 3.10GHz
Percentage of memory in use: 56%
Total physical RAM: 6050.52 MB
Available physical RAM: 2604.08 MB
Total Pagefile: 12099.21 MB
Available Pagefile: 8353.53 MB
Total Virtual: 8192 MB
Available Virtual: 8191.81 MB
 
==================== Drives ================================
 
Drive c: (OS) (Fixed) (Total:920.33 GB) (Free:123.11 GB) NTFS
Drive d: (HP_RECOVERY) (Fixed) (Total:11.09 GB) (Free:1.35 GB) NTFS ==>[system with boot components (obtained from reading drive)]
Drive e: (Recovery - Boshy) (CDROM) (Total:4.37 GB) (Free:4.37 GB) UDF
 
==================== MBR & Partition Table ==================
 
========================================================
Disk: 0 (Size: 931.5 GB) (Disk ID: A6E91BB3)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=920.3 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=11.1 GB) - (Type=07 NTFS)
 
==================== End Of Log ============================
 
I do not know how to attach files. If you or anyone else viewing this could instruct me, please do so. Thanks! -Ninty
Link to post
Share on other sites

Hi Ninty, 

 

Thank you for the log. 

Unfortunately, this computer is in quite a mess.

 

------------

 

Do you recognise this? C:\Program Files (x86)\Hmicroboidin
 
STEP 1
6JO0hXH.png Revo Uninstaller

  • Please download and install Revo Uninstaller Free.
  • Double-click Revo Uninstaller to run the programme. 
  • From the list of programmes, locate the following, or anything similar and carry out the steps below one at a time.
    • Coupon Printer for Windows
    • Pando Media Booster
    • Skulltag
    • Yahoo! Software Update
    • Zandronum
  • Double-click the programme. 
  • When prompted if you want to uninstall click Yes.
  • Ensure the Moderate option is selected and click Next.
  • The programme uninstaller will run. If prompted again click Yes.
  • Work your way through the uninstaller, ensuring you read each page thoroughly.
  • Note: Ensure you decline offers of additional software if applicable. 
  • Once the built-in uninstaller is finished click Next.
  • Once the programme has searched for leftovers click Next.
  • Check items in bold only in the list and click Delete. You may have to expand folders by clicking the "+" mark.
  • When prompted click Yes, followed by Next.
  • Click Select all, followed by Delete.
  • When prompted click Yes, followed by Next.
  • Once done click Finish.
     

STEP 2
xlK5Hdb.png Farbar Recovery Scan Tool (FRST) Script

  • Press the Windows Key pdKOQKY.png + r on your keyboard at the same time. Type Notepad and click OK.
  • Copy the entire contents of the codebox below and paste into the Notepad document.
    startHKU\S-1-5-21-3947115814-391582577-3851701547-1000\...\Run: [Obrona Block Ads] => "C:\Users\Grizzell\AppData\Local\Obrona Block Ads\ObronaBlockAds.exe" --hiddenC:\Users\Grizzell\AppData\Local\Obrona Block AdsHKU\S-1-5-21-3947115814-391582577-3851701547-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\Run: [Obrona Block Ads] => "C:\Users\Grizzell\AppData\Local\Obrona Block Ads\ObronaBlockAds.exe" --hiddenAppInit_DLLs: C:\PROGRA~3\FASTAN~1\FASTAN~2.DLL => C:\PROGRA~3\FASTAN~1\FASTAN~2.DLL File Not FoundAppInit_DLLs-x32: c:\progra~3\fastan~1\fastan~1.dll => "c:\progra~3\fastan~1\fastan~1.dll" File Not FoundCHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION ProxyEnable: [.DEFAULT] => Internet Explorer proxy is enabled.ProxyServer: [.DEFAULT] => http=127.0.0.1:64567;https=127.0.0.1:64567ProxyEnable: [S-1-5-21-3947115814-391582577-3851701547-1000] => Internet Explorer proxy is enabled.ProxyServer: [S-1-5-21-3947115814-391582577-3851701547-1000] => http=127.0.0.1:9880;https=127.0.0.1:9880ProxyEnable: [S-1-5-21-3947115814-391582577-3851701547-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0] => Internet Explorer proxy is enabled.ProxyServer: [S-1-5-21-3947115814-391582577-3851701547-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0] => http=127.0.0.1:9880;https=127.0.0.1:9880SearchScopes: HKLM-x32 -> DefaultScope value is missing.SearchScopes: HKU\.DEFAULT -> {62808335-E49D-4331-BCDC-5E2960203639} URL = http://websearch.ask...5A-D3A712600B6ESearchScopes: HKU\S-1-5-21-3947115814-391582577-3851701547-1000 -> DefaultScope {3E327735-F3E6-4800-88B6-9B7017D1CD50} URL = http://groovorio.com...=1923447767&ir=SearchScopes: HKU\S-1-5-21-3947115814-391582577-3851701547-1000 -> DEA9A6185EFB4E3E9B8775B383B1A737 URL = http://mystart.incre...6OyKLQYvLH&i=26SearchScopes: HKU\S-1-5-21-3947115814-391582577-3851701547-1000 -> {3DB05299-4984-431B-A7BE-318FDC45148A} URL = http://websearch.ask...5A-D3A712600B6ESearchScopes: HKU\S-1-5-21-3947115814-391582577-3851701547-1000 -> {3E327735-F3E6-4800-88B6-9B7017D1CD50} URL = http://groovorio.com...=1923447767&ir=SearchScopes: HKU\S-1-5-21-3947115814-391582577-3851701547-1000 -> {95B7759C-8C7F-4BF1-B163-73684A933233} URL = http://mysearch.avg....sa&d=2014-07-2412:07:18&v=18.1.8.643&pid=safeguard&sg=&sap=dsp&q={searchTerms}SearchScopes: HKU\S-1-5-21-3947115814-391582577-3851701547-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0 -> DefaultScope {3E327735-F3E6-4800-88B6-9B7017D1CD50} URL = http://groovorio.com...=1923447767&ir=SearchScopes: HKU\S-1-5-21-3947115814-391582577-3851701547-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0 -> DEA9A6185EFB4E3E9B8775B383B1A737 URL = http://mystart.incre...6OyKLQYvLH&i=26SearchScopes: HKU\S-1-5-21-3947115814-391582577-3851701547-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0 -> {3DB05299-4984-431B-A7BE-318FDC45148A} URL = http://websearch.ask...5A-D3A712600B6ESearchScopes: HKU\S-1-5-21-3947115814-391582577-3851701547-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0 -> {3E327735-F3E6-4800-88B6-9B7017D1CD50} URL = http://groovorio.com...=1923447767&ir=SearchScopes: HKU\S-1-5-21-3947115814-391582577-3851701547-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0 -> {95B7759C-8C7F-4BF1-B163-73684A933233} URL = http://mysearch.avg....sa&d=2014-07-2412:07:18&v=18.1.8.643&pid=safeguard&sg=&sap=dsp&q={searchTerms}BHO-x32: No Name -> {B530A9A4-1722-4D16-AAD6-AA85E3AD2ADE} ->  No FileToolbar: HKU\.DEFAULT -> No Name - {2318C2B1-4965-11D4-9B18-009027A5CD4F} -  No FileToolbar: HKU\S-1-5-21-3947115814-391582577-3851701547-1000 -> No Name - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} -  No FileToolbar: HKU\S-1-5-21-3947115814-391582577-3851701547-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0 -> No Name - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} -  No FileFF SelectedSearchEngine: GroovorioFF Keyword.URL: https://search.yahoo...&type=599486&p=FF Plugin-x32: @nielsen/FirefoxTracker -> C:\Program Files (x86)\NetRatingsNetSight\NetSight\meter1\FirefoxAddOns\npfirefoxtracker.dll No FileFF Plugin-x32: @pandonetworks.com/PandoWebPlugin -> C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks)FF Plugin HKU\S-1-5-21-3947115814-391582577-3851701547-1000: @lightspark.github.com/Lightspark;version=1 -> C:\Program Files (x86)\Lightspark 0.5.3-git\nplightsparkplugin.dll No FileC:\Program Files (x86)\Lightspark 0.5.3-gitFF Plugin HKU\S-1-5-21-3947115814-391582577-3851701547-1000: pandonetworks.com/PandoWebPlugin -> C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks)FF Plugin HKU\S-1-5-21-3947115814-391582577-3851701547-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0: @lightspark.github.com/Lightspark;version=1 -> C:\Program Files (x86)\Lightspark 0.5.3-git\nplightsparkplugin.dll No FileFF Plugin HKU\S-1-5-21-3947115814-391582577-3851701547-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0: pandonetworks.com/PandoWebPlugin -> C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks)FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npCouponPrinter.dll (Coupons, Inc.)FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npMozCouponPrinter.dll (Coupons, Inc.)FF SearchPlugin: C:\Users\Grizzell\AppData\Roaming\Mozilla\Firefox\Profiles\8co3y9az.default\searchplugins\yahoo_ff.xmlFF Extension: No Name - C:\Users\Grizzell\AppData\Roaming\Mozilla\Firefox\Profiles\8co3y9az.default\Extensions\euyu_yeuyk@p-xynmk.edu [2014-07-27]FF Extension: No Name - C:\Users\Grizzell\AppData\Roaming\Mozilla\Firefox\Profiles\8co3y9az.default\Extensions\zyxrrsf@oyaot.net [2014-06-18]FF HKU\S-1-5-21-3947115814-391582577-3851701547-1000\...\Firefox\Extensions: [pp@perk.com] - C:\Program Files (x86)\Perk Prize Panel\FFFF HKU\S-1-5-21-3947115814-391582577-3851701547-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\Firefox\Extensions: [pp@perk.com] - C:\Program Files (x86)\Perk Prize Panel\FFFF Extension: No Name - C:\Users\Grizzell\AppData\Roaming\Mozilla\Firefox\Profiles\8co3y9az.default\extensions\firefox@smarterpowerunite.com.xpi [Not Found]FF Extension: No Name - firefox@smarterpowerunite.com [Not Found]CHR HomePage: Default -> hxxp://my.myway.com/CHR StartupUrls: Default -> "hxxp://my.yahoo.com/", "hxxp://my.myway.com/"CHR HKLM-x32\...\Chrome\Extension: [cnpkmcjgpcihgfnkcjapiaabbbplkcmf] - C:\Program Files (x86)\Coupons.com CouponBar\chrome\Coupons.com.crx [Not Found]C:\Program Files (x86)\Coupons.com CouponBarS2 Adobe Licensing Console; C:\Windows\SysWOW64\msvfd32.exe [818169 2012-08-23] () [File not signed] <==== ATTENTIONC:\Windows\SysWOW64\msvfd32.exeS3 GamesAppIntegrationService; "C:\Program Files (x86)\WildTangent Games\App\GamesAppIntegrationService.exe" [X]S3 GamesAppService; "C:\Program Files (x86)\WildTangent Games\App\GamesAppService.exe" [X]R1 netfilter64; C:\Windows\System32\drivers\netfilter64.sys [46376 2014-07-11] (NetFilterSDK.com)C:\Windows\System32\drivers\netfilter64.sysS3 EagleX64; \??\C:\Windows\system32\drivers\EagleX64.sys [X]S1 lygzpwvb; \??\C:\Windows\system32\drivers\lygzpwvb.sys [X]S3 sjcst; \??\C:\AeriaGames\EdenEternal\avital\sjcsu64.sys [X]S3 usj; \??\C:\AeriaGames\EdenEternal\avital\ussjcs64.sys [X]S3 vtany; \??\C:\Windows\vtany.sys [X]S3 X6va005; \??\C:\Users\Grizzell\AppData\Local\Temp\00594CB.tmp [X]S3 X6va007; \??\C:\Users\Grizzell\AppData\Local\Temp\0073E7D.tmp [X]S3 X6va008; \??\C:\Windows\SysWOW64\Drivers\X6va008 [X]S3 X6va009; \??\C:\Windows\SysWOW64\Drivers\X6va009 [X]S3 X6va012; \??\C:\Windows\SysWOW64\Drivers\X6va012 [X]S3 X6va013; \??\C:\Windows\SysWOW64\Drivers\X6va013 [X]S3 X6va022; \??\C:\Windows\SysWOW64\Drivers\X6va022 [X]S3 xhunter1; \??\C:\Windows\xhunter1.sys [X]S3 xspirit; \??\C:\Windows\xspirit.sys [X]2014-12-19 16:56 - 2014-12-19 16:56 - 00000000 _____ () C:\autoexec.bat2014-12-19 16:55 - 2014-12-19 16:55 - 00000000 ____D () C:\sh4ldr2014-12-19 16:54 - 2014-12-19 16:54 - 00000000 ____D () C:\Program Files\Enigma Software Group2014-12-15 16:08 - 2014-12-15 16:08 - 00000000 __SHD () C:\Users\Grizzell\AppData\Local\EmieBrowserModeList2014-12-19 20:56 - 2014-06-26 11:21 - 00000000 ____D () C:\Program Files (x86)\6E6B36EB-9156-411B-B951-C735F4747DCF2014-12-19 20:54 - 2014-09-03 18:16 - 00000000 ____D () C:\Program Files (x86)\GreenGamesAndHam2014-12-19 20:54 - 2014-07-24 11:06 - 00000000 ____D () C:\ProgramData\AVG Secure Search2014-12-19 20:54 - 2014-06-15 01:02 - 00000000 ____D () C:\ProgramData\dd380b4786a204e12014-12-19 20:54 - 2014-05-07 16:41 - 00000000 ____D () C:\Program Files (x86)\Perk Prize Panel2014-12-20 08:54 - 2011-12-03 20:52 - 00000416 _____ () C:\Windows\Tasks\PC Optimizer Pro64 startups.jobC:\ProgramData\hash.datC:\Users\Grizzell\AppData\Local\Temp\1371786419_Cloud_Backup_Setup.exeC:\Users\Grizzell\AppData\Local\Temp\1397546401_2040_2061_BetterMarkIt.exeC:\Users\Grizzell\AppData\Local\Temp\bbchcabebebaa.exeC:\Users\Grizzell\AppData\Local\Temp\ChangeIcon.exeC:\Users\Grizzell\AppData\Local\Temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmp3tggvr.dllC:\Users\Grizzell\AppData\Local\Temp\dsp_ipp.dllC:\Users\Grizzell\AppData\Local\Temp\insHalgk4.exeC:\Users\Grizzell\AppData\Local\Temp\jansi-32-git-Bukkit-1.7.9-R0.1-10-g8688bd4-b3092jnks.dllC:\Users\Grizzell\AppData\Local\Temp\jansi-32-git-Bukkit-1.7.9-R0.2-1-ga6e0bfd-b3095jnks.dllC:\Users\Grizzell\AppData\Local\Temp\jansi-64-git-Bukkit-1.5.2-R0.1-b2771jnks.dllC:\Users\Grizzell\AppData\Local\Temp\nsa4FC6.exeC:\Users\Grizzell\AppData\Local\Temp\nsa7428.exeC:\Users\Grizzell\AppData\Local\Temp\nsaC2AB.exeC:\Users\Grizzell\AppData\Local\Temp\nsd44BC.exeC:\Users\Grizzell\AppData\Local\Temp\nsd4817.exeC:\Users\Grizzell\AppData\Local\Temp\nsf5BC9.exeC:\Users\Grizzell\AppData\Local\Temp\nsfBD9B.exeC:\Users\Grizzell\AppData\Local\Temp\nsh59A7.tmp.exeC:\Users\Grizzell\AppData\Local\Temp\nsi99E4.exeC:\Users\Grizzell\AppData\Local\Temp\nslC867.exeC:\Users\Grizzell\AppData\Local\Temp\nsn4151.exeC:\Users\Grizzell\AppData\Local\Temp\nss931E.exeC:\Users\Grizzell\AppData\Local\Temp\nsv56AA.exeC:\Users\Grizzell\AppData\Local\Temp\nsy964B.exeC:\Users\Grizzell\AppData\Local\Temp\ObronaBlockAds.exeC:\Users\Grizzell\AppData\Local\Temp\oi_{9BBE9EF8-C3A4-41E3-9E3A-A60EF055A921}.exeC:\Users\Grizzell\AppData\Local\Temp\Quarantine.exeC:\Users\Grizzell\AppData\Local\Temp\SendMsg.dllC:\Users\Grizzell\AppData\Local\Temp\SkypeSetup.exeC:\Users\Grizzell\AppData\Local\Temp\sp_downloader.exeC:\Users\Grizzell\AppData\Local\Temp\uninst.exeC:\Users\Grizzell\AppData\Local\Temp\UNINSTALL.EXEC:\Users\Grizzell\AppData\Local\Temp\vbmz10.exeC:\Users\Grizzell\AppData\Local\Temp\xmlUpdater.exeCustomCLSID: HKU\S-1-5-21-3947115814-391582577-3851701547-1000_Classes\CLSID\{355EC88A-02E2-4547-9DEE-F87426484BD1}\InprocServer32 -> C:\Users\Grizzell\AppData\Local\Google\Update\1.3.23.9\psuser_64.dll No FileCustomCLSID: HKU\S-1-5-21-3947115814-391582577-3851701547-1000_Classes\CLSID\{D45F043D-F17F-4e8a-8435-70971D9FA46D}\InprocServer32 -> C:\Program Files\Blender Foundation\Blender\BlendThumb64.dll No FileTask: {12E37DF6-DD7D-4D71-985F-D5F7C11F27F2} - System32\Tasks\5032 => Wscript.exe C:\Users\Grizzell\AppData\Local\Temp\launchie.vbs //B <==== ATTENTIONTask: {20A97C6E-3884-4BE8-B353-4F4027B4CFF9} - System32\Tasks\Optimum_LogOn => C:\Program Files (x86)\Optimum PC Boost\OptimumPCBoost.exe <==== ATTENTIONC:\Program Files (x86)\Optimum PC BoostTask: {2976A490-86A5-4448-8B3C-59B7323A3D8F} - \ea727281-8281-467f-bafd-cf5fb6f1777a-1 No Task File <==== ATTENTIONTask: {393076AD-EDD8-4ABC-A2A7-818C3585A143} - System32\Tasks\RunAsStdUser Task => C:\Users\Grizzell\AppData\Local\gigglinggamesSA\bin\1.0.6.0\GigglingGamesSA.exe <==== ATTENTIONC:\Users\Grizzell\AppData\Local\gigglinggamesSATask: {BF66E851-5191-4CF6-A314-B4EC62D44C2C} - System32\Tasks\Optimum_Daily => C:\Program Files (x86)\Optimum PC Boost\OptimumPCBoost.exe <==== ATTENTIONTask: {CEEBED90-4C6E-4B10-A10E-81136170F710} - System32\Tasks\0 => Iexplore.exe  <==== ATTENTIONTask: {EC105082-DBF2-4935-82CA-E5C26B59BD0E} - System32\Tasks\PC Optimizer Pro64 startups => C:\Program Files\PC Optimizer Pro\StartApps.exe <==== ATTENTIONTask: C:\Windows\Tasks\PC Optimizer Pro64 startups.job => C:\Program Files\PC Optimizer Pro\StartApps.exe <==== ATTENTIONC:\Program Files\PC Optimizer ProAlternateDataStreams: C:\ProgramData\Temp:373E1720CMD: ipconfig /flushdnsCMD: netsh winsock reset allCMD: netsh int ipv4 resetCMD: netsh int ipv6 resetEmptyTemp:end
  • Click FileSave As and type fixlist.txt as the File Name
  • Important: The file must be saved in the same location as FRST64.exe. 

NOTICE: This script is intended for use on this particular machine. Do not use this script on any other machine; doing so may cause damage to your Operating System.

  • Right-Click FRST64.exe and select AVOiBNU.jpg Run as administrator to run the programme.
  • Click Fix.
  • A log (Fixlog.txt) will open on your desktop. Copy the contents of the log and paste in your next reply.
     

======================================================
 
STEP 3
xpfNZP4A.png.pagespeed.ic.bp5cRl1pJg.jpg Logs
In your next reply please include the following logs. Please be sure to copy and paste the requested logs, as well as provide information on any questions I may have asked.

  • Do you recognise the folder?
  • Did the programmes uninstall OK?
  • Fixlog.txt
Link to post
Share on other sites

  • Root Admin

Due to the lack of feedback this topic is closed to prevent others from posting here. If you need this topic reopened, please send a Private Message to any one of the moderating team members. Please include a link to this thread with your request. This applies only to the originator of this thread.

Other members who need assistance please start your own topic in a new thread. Thanks!

Link to post
Share on other sites

Guest
This topic is now closed to further replies.
 Share

  • Recently Browsing   0 members

    • No registered users viewing this page.
Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.