Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Adware Galore...


  • This topic is locked This topic is locked
40 replies to this topic

#1 leoliger

leoliger

  • Members
  • 79 posts
  • OFFLINE
  •  
  • Gender:Not Telling
  • Local time:09:40 PM

Posted 14 March 2014 - 09:59 PM

I have recently been going around the internet trying to find a MindCraft Forge API to help me put mods into MindCraft, however what I though was a tutorial, I found an Adware program that installed some very unsavory stuff on my computer. I am running Malwarebytes now, but I need help to remove such adware. It is leaving fake advertisments all over the place. I can show you a good example, but can't upload it as it is too big to be uploaded. But I hardly doubt that you guys have a toll free number AD coming down from the top and other word shows up as some link to click. So, I really need to get rid of this.

 

So far, I have no problems, at the moment with Chrome(swr iron) browser. It is happening in the Firefox browser. But I have no idea that it will spread through the computer. I had similar problem with something called the Happli Virus where it would have a bunch of ads popping in certain places and would redirect to another site from time to time. I really do not want to make the situation worse with this. It was stupid of me to download a program from what I thought was the real program turned out to be a Adware program just in put fake ads everywhere.


Edited by leoliger, 14 March 2014 - 11:17 PM.


BC AdBot (Login to Remove)

 


#2 gringo_pr

gringo_pr

    Bleepin Gringo


  • Malware Response Team
  • 136,772 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Puerto rico
  • Local time:11:40 PM

Posted 15 March 2014 - 01:49 AM





Hello eoliger

I would like to welcome you to the Malware Removal section of the forum.

Around here they call me Gringo and I will be glad to help you with your malware problems.

Very Important --> Please read this post completely, I have spent my time to put together somethings for you to keep in mind while I am helping you to make things go easier, faster and smoother for both of us!

  • Please do not run any tools unless instructed to do so.
    • We ask you to run different tools in a specific order to ensure the malware is completely removed from your machine, and running any additional tools may detect false positives, interfere with our tools, or cause unforeseen damage or system instability.
  • Please do not attach logs or use code boxes, just copy and paste the text.
    • Due to the high volume of logs we receive it helps to receive everything in the same format, and code boxes make the logs very difficult to read. Also, attachments require us to download and open the reports when it is easier to just read the reports in your post.
  • Please read every post completely before doing anything.
    • Pay special attention to the NOTE: lines, these entries identify an individual issue or important step in the cleanup process.
  • Please provide feedback about your experience as we go.
    • A short statement describing how the computer is working helps us understand where to go next, for example: I am still getting redirected, the computer is running normally, etc. Please do not describe the computer as "the same", this requires the extra step of looking back at your previous post.
NOTE: At the top of your post, click on the "Follow This Topic" Button, make sure that the "Receive notification" box is checked and that it is set to "Instantly" - This will send you an e-mail as soon as I reply to your topic, allowing us to resolve the issue faster.

NOTE: Backup any files that cannot be replaced. Removing malware can be unpredictable and this step can save a lot of heartaches if things don't go as planed. You can put them on a CD/DVD, external drive or a pen drive, anywhere except on the computer.

NOTE: It is good practice to copy and paste the instructions into notepad and print them in case it is necessary for you to go offline during the cleanup process. To open notepad, navigate to Start Menu > All Programs > Accessories > Notepad. Please remember to copy the entire post so you do not miss any instructions.

I would like you to run this program for me.

Please download Farbar Recovery Scan Tool and save it to your desktop.

Note: You need to run the version compatibale with your system. If you are not sure which version applies to your system download both of them and try to run them. Only one of them will run on your system, that will be the right version.
  • Double-click to run it. When the tool opens click Yes to disclaimer.
  • Press Scan button.
  • It will make a log (FRST.txt) in the same directory the tool is run. Please copy and paste it to your reply.
  • The first time the tool is run, it makes also another log (Addition.txt). Please attach it to your reply.
Gringo
I Close My Topics If You Have Not Replied In 5 Days If You Will Be Longer Please Let Me Know

If I Have Not Replied To One Of My Topics In 48 Hrs Please Bump The Topic



My help is free, however, if you wish to make a small donation to show your appreciation or to help me continue the fight against Malware, then click here -->btn_donate_SM.gif<-- Don't worry every little bit helps.

Proud Graduate Of Malware Removal University

#3 leoliger

leoliger
  • Topic Starter

  • Members
  • 79 posts
  • OFFLINE
  •  
  • Gender:Not Telling
  • Local time:09:40 PM

Posted 15 March 2014 - 08:50 AM

There is was an unexpected error when the used the scanner.

 

"An unexpected error is keeping you from copying the file. If you continue to receive this error, you can use the error code to search for help with this problem.

 

Error 0x80030002: install.rdf could not be found."

 

There is a picture attached at the bottom to see what popped up. 

 

Here are the logs:

 

FRST.txt:

 

Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 13-03-2014
Ran by rolando (administrator) on ARTEMIS on 15-03-2014 08:41:38
Running from C:\Users\rolando\Desktop
Windows 7 Home Premium Service Pack 1 (X64) OS Language: English(US)
Internet Explorer Version 11
Boot Mode: Normal
 
The only official download link for FRST:
Download link from any site other than Bleeping Computer is unpermitted or outdated.
 
==================== Processes (Whitelisted) =================
 
(Emsisoft GmbH) C:\Program Files (x86)\Emsisoft Anti-Malware\a2service.exe
(AMD) C:\Windows\system32\atiesrxx.exe
(Sensible Vision ) C:\Program Files\Alienware\Command Center\AlienSense\FAService.exe
(IDT, Inc.) C:\Windows\System32\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_056607ee0106e5e8\STacSV64.exe
(AMD) C:\Windows\system32\atieclxx.exe
(Dell Inc.) C:\Program Files\Dell\DW WLAN Card\WLTRYSVC.EXE
(Microsoft Corporation) C:\Windows\system32\WLANExt.exe
(Dell Inc.) C:\Program Files\Dell\DW WLAN Card\bcmwltry.exe
(SUPERAntiSpyware.com) C:\Program Files\SUPERAntiSpyware\SASCORE64.EXE
(Absolute Software) C:\Program Files (x86)\Absolute Software\Absolute Notifier\AbsoluteNotifierService.exe
(Andrea Electronics Corporation) C:\Windows\System32\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_056607ee0106e5e8\AESTSr64.exe
(Broadcom Corporation.) C:\Windows\system32\BtwRSupportService.exe
(Fork Ltd.) C:\Prey\platform\windows\cronsvc.exe
() C:\Program Files (x86)\GNU\GnuPG\dirmngr.exe
() C:\Program Files (x86)\View-Password-soft\ViewPassword_wd.exe
() C:\Program Files\pia_manager\pia_manager.exe
(LogMeIn, Inc.) C:\Program Files (x86)\LogMeIn\x64\RaMaint.exe
(Microsoft Corporation) c:\Program Files\Microsoft SQL Server\MSSQL10.SQLEXPRESS\MSSQL\Binn\sqlservr.exe
(arvato digital services llc) c:\Program Files\Common Files\Protexis\License Service\PsiService_2.exe
() C:\ProgramData\Rpcnet\Bin\rpcld.exe
(Absolute Software Corp.) C:\Windows\SysWOW64\rpcnet.exe
(SoftThinks SAS) C:\Program Files (x86)\AlienRespawn\sftservice.EXE
(Microsoft Corporation) c:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe
() C:\Program Files (x86)\AlienRespawn\COMPONENTS\SCHEDULER\STSERVICE.EXE
() C:\Program Files (x86)\View-Password-soft\ViewPassword157.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(SoftThinks - Dell) C:\Program Files (x86)\AlienRespawn\Components\DSUpdate\DSUpd.exe
(Alienware Corporation) C:\Program Files\Alienware\Command Center\AlienwareAlienFXController.exe
(Dell Inc.) C:\Program Files\Dell\DW WLAN Card\WLTRAY.EXE
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(PeerBlock, LLC) C:\Program Files\PeerBlock\peerblock.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(Flux Software LLC) C:\Users\rolando\AppData\Local\FluxSoftware\Flux\flux.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
(SoftThinks - Dell) C:\Program Files (x86)\AlienRespawn\Toaster.exe
(Microsoft Corporation) C:\Users\rolando\AppData\Local\Microsoft\SkyDrive\SkyDrive.exe
(FileHippo.com) C:\Program Files (x86)\FileHippo.com\UpdateChecker.exe
(Skype Technologies S.A.) C:\Program Files (x86)\Skype\Phone\Skype.exe
(Microsoft Corporation) C:\Program Files\Windows Sidebar\sidebar.exe
(NTeWORKS) C:\Program Files (x86)\PicPick\picpick.exe
(The Pidgin developer community) C:\Program Files (x86)\Pidgin\pidgin.exe
() C:\Program Files\Rainmeter\Rainmeter.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe
(Absolute Software) C:\Program Files (x86)\Absolute Software\Absolute Notifier\AbsoluteNotifier.exe
(Sensible Vision ) C:\Program Files\Alienware\Command Center\AlienSense\FATrayMon.exe
(QFX Software Corporation) C:\Program Files (x86)\KeyScrambler\KeyScrambler.exe
(Sensible Vision ) C:\Program Files\Alienware\Command Center\AlienSense\FATrayAlert.exe
(Advanced Micro Devices Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
(QFX Software Corporation) C:\Program Files (x86)\KeyScrambler\x64\KeyScrambler.exe
(ATI Technologies Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
(Alienware) C:\Program Files\Alienware\Command Center\AlienFXHook32Mngr.exe
(Alienware) C:\Program Files\Alienware\Command Center\AlienFXHook64Mngr.exe
(Microsoft Corporation) C:\Windows\System32\vds.exe
(Microsoft Corporation) C:\Windows\system32\UI0Detect.exe
(http://www.ruby-lang.org/) C:\Users\rolando\AppData\Local\Temp\ocr5B39.tmp\bin\rubyw.exe
() C:\Program Files\pia_manager\pia_manager.exe
(Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\OFFICE15\CSISYNCCLIENT.EXE
(Microsoft Corporation) C:\Program Files\Microsoft Office\Office15\MsoSync.exe
(Microsoft Corporation) C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
(SRWare) C:\Program Files (x86)\SRWare Iron\chrome.exe
(SRWare) C:\Program Files (x86)\SRWare Iron\chrome.exe
(SRWare) C:\Program Files (x86)\SRWare Iron\chrome.exe
(SRWare) C:\Program Files (x86)\SRWare Iron\chrome.exe
(SRWare) C:\Program Files (x86)\SRWare Iron\chrome.exe
(SRWare) C:\Program Files (x86)\SRWare Iron\chrome.exe
(SRWare) C:\Program Files (x86)\SRWare Iron\chrome.exe
(SRWare) C:\Program Files (x86)\SRWare Iron\chrome.exe
(SRWare) C:\Program Files (x86)\SRWare Iron\chrome.exe
(SRWare) C:\Program Files (x86)\SRWare Iron\chrome.exe
(SRWare) C:\Program Files (x86)\SRWare Iron\chrome.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe
(http://www.ruby-lang.org/) C:\Users\rolando\AppData\Local\Temp\ocrAEF3.tmp\bin\rubyw.exe
() C:\Program Files\pia_manager\pia_tray\pia_tray.exe
() C:\Program Files\pia_manager\openvpn.exe
(SRWare) C:\Program Files (x86)\SRWare Iron\chrome.exe
(SRWare) C:\Program Files (x86)\SRWare Iron\chrome.exe
 
 
==================== Registry (Whitelisted) ==================
 
HKLM\...\Run: [AlienFX Controller] - C:\Program Files\Alienware\Command Center\AlienwareAlienFXController.exe [63304 2010-05-21] (Alienware Corporation)
HKLM\...\Run: [Broadcom Wireless Manager UI] - C:\Program Files\Dell\DW WLAN Card\WLTRAY.exe [5712896 2010-02-02] (Dell Inc.)
HKLM\...\Run: [SynTPEnh] - C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2108200 2010-04-01] (Synaptics Incorporated)
HKLM-x32\...\Run: [IAStorIcon] - C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe [284696 2010-03-03] (Intel Corporation)
HKLM-x32\...\Run: [FAStartup] - [X]
HKLM-x32\...\Run: [Absolute Notifier] - C:\Program Files (x86)\Absolute Software\Absolute Notifier\AbsoluteNotifier.exe [85864 2013-10-28] (Absolute Software)
HKLM-x32\...\Run: [FATrayAlert] - C:\Program Files\Alienware\Command Center\AlienSense\FATrayMon.exe [95560 2010-04-04] (Sensible Vision )
HKLM-x32\...\Run: [amd_dc_opt] - C:\Program Files (x86)\AMD\Dual-Core Optimizer\amd_dc_opt.exe [77824 2008-07-22] (AMD)
HKLM-x32\...\Run: [StartCCC] - C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [343168 2011-11-09] (Advanced Micro Devices, Inc.)
HKLM-x32\...\Run: [KeyScrambler] - C:\Program Files (x86)\KeyScrambler\keyscrambler.exe [508144 2013-11-14] (QFX Software Corporation)
HKLM-x32\...\Run: [Communicator] - C:\Program Files (x86)\Microsoft Lync\communicator.exe [12117160 2013-12-10] (Microsoft Corporation)
HKLM-x32\...\Run: [Adobe ARM] - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959904 2013-12-21] (Adobe Systems Incorporated)
Winlogon\Notify\FastAccess-x32: C:\Program Files\Alienware\Command Center\AlienSense\FALogNot.dll ()
HKU\.DEFAULT\...\Policies\Explorer: [NoDriveTypeAutoRun] 0x00000000
HKU\S-1-5-21-3154224136-66872059-3589488557-1000\...\Run: [PeerBlock] - C:\Program Files\PeerBlock\peerblock.exe [2513992 2014-01-14] (PeerBlock, LLC)
HKU\S-1-5-21-3154224136-66872059-3589488557-1000\...\Run: [F.lux] - C:\Users\rolando\AppData\Local\FluxSoftware\Flux\flux.exe [1016712 2013-10-15] (Flux Software LLC)
HKU\S-1-5-21-3154224136-66872059-3589488557-1000\...\Run: [SkyDrive] - C:\Users\rolando\AppData\Local\Microsoft\SkyDrive\SkyDrive.exe [257224 2014-02-19] (Microsoft Corporation)
HKU\S-1-5-21-3154224136-66872059-3589488557-1000\...\Run: [FileHippo.com] - C:\Program Files (x86)\FileHippo.com\UpdateChecker.exe [307712 2012-11-23] (FileHippo.com)
HKU\S-1-5-21-3154224136-66872059-3589488557-1000\...\Run: [Skype] - C:\Program Files (x86)\Skype\Phone\Skype.exe [17148552 2012-02-29] (Skype Technologies S.A.)
HKU\S-1-5-21-3154224136-66872059-3589488557-1000\...\Run: [PicPick Start] - C:\Program Files (x86)\PicPick\picpick.exe [13323608 2014-02-12] (NTeWORKS)
HKU\S-1-5-21-3154224136-66872059-3589488557-1000\...\Run: [Pidgin] - C:\Program Files (x86)\Pidgin\pidgin.exe [60216 2014-02-02] (The Pidgin developer community)
HKU\S-1-5-21-3154224136-66872059-3589488557-1000\...\Policies\system: [DisableChangePassword] 0
Lsa: [Notification Packages] scecli FAPassSync
Startup: C:\Users\rolando\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Rainmeter.lnk
ShortcutTarget: Rainmeter.lnk -> C:\Program Files\Rainmeter\Rainmeter.exe ()
 
==================== Internet (Whitelisted) ====================
 
ProxyEnable: Internet Explorer proxy is enabled.
ProxyServer: http=127.0.0.1:13828
HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKCU\Software\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = http://support.alienware.com
SearchScopes: HKLM-x32 - {c1d89ae7-449d-4929-b24b-fded04adbe06} URL = http://isearch.glarysoft.com/?q={searchTerms}&src=iesearch
SearchScopes: HKCU - {c1d89ae7-449d-4929-b24b-fded04adbe06} URL = http://isearch.glarysoft.com/?q={searchTerms}&src=iesearch
BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation)
BHO: Java™ Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO: Office Document Cache Handler - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office\Office15\URLREDIR.DLL (Microsoft Corporation)
BHO: Java™ Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
BHO-x32: Ghostery Add-On - {237EB6DA-3FEA-4DD2-8A61-A901B5C489D7} - C:\Program Files (x86)\GhosteryIEplugin\GhosteryBrowserHelperObject.dll ()
BHO-x32: Lync Browser Helper - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files (x86)\Microsoft Lync\OCHelper.dll (Microsoft Corporation)
BHO-x32: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files (x86)\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation)
BHO-x32: Office Document Cache Handler - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files (x86)\Microsoft Office\Office15\URLREDIR.DLL (Microsoft Corporation)
BHO-x32: Microsoft SkyDrive Pro Browser Helper - {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} - C:\Program Files (x86)\Microsoft Office\Office15\GROOVEEX.DLL (Microsoft Corporation)
BHO-x32: SSOIEAddonBHO Class - {DA5BCE70-D057-4D63-943D-5F3927EC59F1} - C:\Program Files\Alienware\Command Center\AlienSense\FAIESSO.dll (Sensible Vision )
DPF: HKLM-x32 {6C269571-C6D7-4818-BCA4-32A035E8C884} http://ccfiles.creative.com/Web/softwareupdate/su/ocx/15101/CTSUEng.cab
DPF: HKLM-x32 {C1F8FC10-E5DB-4112-9DBF-6C3FF728D4E3} http://support.dell.com/systemprofiler/DellSystemLite.CAB
DPF: HKLM-x32 {D4B68B83-8710-488B-A692-D74B50BA558E} http://ccfiles.creative.com/Web/softwareupdate/ocx/15113/CTPIDPDE.cab
DPF: HKLM-x32 {DC120706-9372-4B2E-AD15-F2135F51F30A} https://192.168.102.251/plugins/vkvm/ActiveXVideoViewer.cab
DPF: HKLM-x32 {F6ACF75C-C32C-447B-9BEF-46B766368D29} http://ccfiles.creative.com/Web/softwareupdate/ocx/15116/CTPID.cab
Handler: AutorunsDisabled\ms-help - {314111c7-a502-11d2-bbca-00c04f8ec294} - C:\Program Files\Common Files\Microsoft Shared\Help\hxds.dll (Microsoft Corporation)
Handler: AutorunsDisabled\osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office\Office15\MSOSB.DLL (Microsoft Corporation)
Handler: belarc - {6318E0AB-2E93-11D1-B8ED-00608CC9A71F} -  No File
Handler: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office\Office15\MSOSB.DLL (Microsoft Corporation)
Handler-x32: AutorunsDisabled\ms-help - {314111c7-a502-11d2-bbca-00c04f8ec294} - c:\Program Files (x86)\Common Files\Microsoft Shared\Help\hxds.dll (Microsoft Corporation)
Handler-x32: AutorunsDisabled\osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files (x86)\Microsoft Office\Office15\MSOSB.DLL (Microsoft Corporation)
Handler-x32: belarc - {6318E0AB-2E93-11D1-B8ED-00608CC9A71F} - C:\Program Files (x86)\Belarc\Advisor\System\BAVoilaX.dll (Belarc, Inc.)
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Filter: application/x-ica - {CFB6322E-CC85-4d1b-82C7-893888A236BC} -  No File
Filter: application/x-ica; charset=euc-jp - {CFB6322E-CC85-4d1b-82C7-893888A236BC} -  No File
Filter: application/x-ica; charset=ISO-8859-1 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} -  No File
Filter: application/x-ica; charset=MS936 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} -  No File
Filter: application/x-ica; charset=MS949 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} -  No File
Filter: application/x-ica; charset=MS950 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} -  No File
Filter: application/x-ica; charset=UTF-8 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} -  No File
Filter: application/x-ica; charset=UTF8 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} -  No File
Filter: application/x-ica;charset=euc-jp - {CFB6322E-CC85-4d1b-82C7-893888A236BC} -  No File
Filter: application/x-ica;charset=ISO-8859-1 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} -  No File
Filter: application/x-ica;charset=MS936 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} -  No File
Filter: application/x-ica;charset=MS949 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} -  No File
Filter: application/x-ica;charset=MS950 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} -  No File
Filter: application/x-ica;charset=UTF-8 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} -  No File
Filter: application/x-ica;charset=UTF8 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} -  No File
Filter: AutorunsDisabled - No CLSID Value - No File
Filter: ica - {CFB6322E-CC85-4d1b-82C7-893888A236BC} -  No File
Filter: text/html - {4459DC76-1FDE-4B16-BAD0-E4F8E7647555} -  No File
Filter-x32: application/x-ica - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll (Citrix Systems, Inc.)
Filter-x32: application/x-ica; charset=euc-jp - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll (Citrix Systems, Inc.)
Filter-x32: application/x-ica; charset=ISO-8859-1 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll (Citrix Systems, Inc.)
Filter-x32: application/x-ica; charset=MS936 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll (Citrix Systems, Inc.)
Filter-x32: application/x-ica; charset=MS949 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll (Citrix Systems, Inc.)
Filter-x32: application/x-ica; charset=MS950 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll (Citrix Systems, Inc.)
Filter-x32: application/x-ica; charset=UTF-8 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll (Citrix Systems, Inc.)
Filter-x32: application/x-ica; charset=UTF8 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll (Citrix Systems, Inc.)
Filter-x32: application/x-ica;charset=euc-jp - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll (Citrix Systems, Inc.)
Filter-x32: application/x-ica;charset=ISO-8859-1 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll (Citrix Systems, Inc.)
Filter-x32: application/x-ica;charset=MS936 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll (Citrix Systems, Inc.)
Filter-x32: application/x-ica;charset=MS949 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll (Citrix Systems, Inc.)
Filter-x32: application/x-ica;charset=MS950 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll (Citrix Systems, Inc.)
Filter-x32: application/x-ica;charset=UTF-8 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll (Citrix Systems, Inc.)
Filter-x32: application/x-ica;charset=UTF8 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll (Citrix Systems, Inc.)
Filter-x32: AutorunsDisabled - No CLSID Value - No File
Filter-x32: ica - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll (Citrix Systems, Inc.)
Filter-x32: text/html - {4459DC76-1FDE-4B16-BAD0-E4F8E7647555} - C:\Program Files (x86)\GhosteryIEplugin\GhosteryMimeFilter.dll ()
 
Hosts: Hosts file not detected in the default directory
Tcpip\Parameters: [DhcpNameServer] 75.75.75.75 75.75.76.76
Tcpip\..\Interfaces\{04D710A8-9CAD-433B-A663-B5C72D743A4F}: [NameServer]89.233.43.71,89.104.194.142
 
FireFox:
========
FF ProfilePath: C:\Users\rolando\AppData\Roaming\Mozilla\Firefox\Profiles\isrf5prv.default-1349530064513
FF user.js: detected! => C:\Users\rolando\AppData\Roaming\Mozilla\Firefox\Profiles\isrf5prv.default-1349530064513\user.js
FF NewTab: chrome://desktop/content/desktop.html
FF DefaultSearchEngine: Startpage (SSL)
FF SelectedSearchEngine: Startpage (SSL)
FF Homepage: about:home
FF NetworkProxy: "http", "127.0.0.1"
FF NetworkProxy: "http_port", 4444
FF NetworkProxy: "ssl", "127.0.0.1"
FF NetworkProxy: "ssl_port", 4445
FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF64_12_0_0_44.dll ()
FF Plugin: @java.com/DTPlugin,version=10.51.2 - C:\Program Files\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=10.51.2 - C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin: @microsoft.com/GENUINE - disabled No File
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - C:\Program Files\Microsoft Silverlight\5.1.20913.0\npctrl.dll ( Microsoft Corporation)
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 - C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF Plugin: @microsoft.com/SharePoint,version=14.0 - C:\PROGRA~1\MICROS~2\Office15\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin: @videolan.org/vlc,version=2.0.4 - C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin: @videolan.org/vlc,version=2.0.5 - C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin: @videolan.org/vlc,version=2.0.7 - C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin: @videolan.org/vlc,version=2.0.8 - C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin: @videolan.org/vlc,version=2.1.1 - C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin: @videolan.org/vlc,version=2.1.2 - C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin: @videolan.org/vlc,version=2.1.3 - C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin-x32: @adobe.com/FlashPlayer - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_12_0_0_44.dll ()
FF Plugin-x32: @adobe.com/ShockwavePlayer - C:\Windows\SysWOW64\Adobe\Director\np32dsw_1202122.dll (Adobe Systems, Inc.)
FF Plugin-x32: @Citrix.com/npican - C:\Program Files (x86)\Citrix\ICA Client\npicaN.dll (Citrix Systems, Inc.)
FF Plugin-x32: @microsoft.com/GENUINE - disabled No File
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 - C:\Program Files (x86)\Microsoft Silverlight\5.1.20913.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 - C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 - C:\PROGRA~2\MICROS~1\Office15\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll No File
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3538.0513 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll No File
FF Plugin-x32: @pandonetworks.com/PandoWebPlugin - C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll No File
FF Plugin-x32: @raidcall.com/RCplugin - C:\Users\rolando\AppData\LocalLow\raidcall\plugins\webplugin.dll (Raidcall)
FF Plugin-x32: @RIM.com/WebSLLauncher,version=1.0 - C:\Program Files (x86)\Common Files\Research In Motion\BBWebSLLauncher\NPWebSLLauncher.dll ()
FF Plugin-x32: @tools.google.com/Google Update;version=3 - C:\Program Files (x86)\Google\Update\1.3.22.5\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 - C:\Program Files (x86)\Google\Update\1.3.22.5\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @videolan.org/vlc,version=2.1.3 - C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin-x32: Adobe Reader - C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin HKCU: @tools.google.com/Google Update;version=3 - C:\Users\rolando\AppData\Local\Google\Update\1.3.22.3\npGoogleUpdate3.dll (Google Inc.)
FF Plugin HKCU: @tools.google.com/Google Update;version=9 - C:\Users\rolando\AppData\Local\Google\Update\1.3.22.3\npGoogleUpdate3.dll (Google Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npMeetingJoinPluginOC.dll ()
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\nppdf32.dll (Adobe Systems Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin2.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin3.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin4.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin5.dll (Apple Inc.)
FF SearchPlugin: C:\Users\rolando\AppData\Roaming\Mozilla\Firefox\Profiles\isrf5prv.default-1349530064513\searchplugins\anidb.xml
FF SearchPlugin: C:\Users\rolando\AppData\Roaming\Mozilla\Firefox\Profiles\isrf5prv.default-1349530064513\searchplugins\duckduckgo.xml
FF SearchPlugin: C:\Users\rolando\AppData\Roaming\Mozilla\Firefox\Profiles\isrf5prv.default-1349530064513\searchplugins\firefox-add-ons.xml
FF SearchPlugin: C:\Users\rolando\AppData\Roaming\Mozilla\Firefox\Profiles\isrf5prv.default-1349530064513\searchplugins\katph.xml
FF SearchPlugin: C:\Users\rolando\AppData\Roaming\Mozilla\Firefox\Profiles\isrf5prv.default-1349530064513\searchplugins\startpage-ssl.xml
FF SearchPlugin: C:\Users\rolando\AppData\Roaming\Mozilla\Firefox\Profiles\isrf5prv.default-1349530064513\searchplugins\twitter-.xml
FF SearchPlugin: C:\Users\rolando\AppData\Roaming\Mozilla\Firefox\Profiles\isrf5prv.default-1349530064513\searchplugins\youtube-video-search.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\avg-secure-search.xml
FF Extension: Xmarks - C:\Users\rolando\AppData\Roaming\Mozilla\Firefox\Profiles\isrf5prv.default-1349530064513\Extensions\foxmarks@kei.com [2013-05-21]
FF Extension: HTTPS-Everywhere - C:\Users\rolando\AppData\Roaming\Mozilla\Firefox\Profiles\isrf5prv.default-1349530064513\Extensions\https-everywhere@eff.org [2014-01-06]
FF Extension: Disconnect - C:\Users\rolando\AppData\Roaming\Mozilla\Firefox\Profiles\isrf5prv.default-1349530064513\Extensions\2.0@disconnect.me.xpi [2013-06-10]
FF Extension: Desktop - C:\Users\rolando\AppData\Roaming\Mozilla\Firefox\Profiles\isrf5prv.default-1349530064513\Extensions\desktop@telega.phpnet.us.xpi [2012-10-06]
FF Extension: Ghostery - C:\Users\rolando\AppData\Roaming\Mozilla\Firefox\Profiles\isrf5prv.default-1349530064513\Extensions\firefox@ghostery.com.xpi [2013-08-02]
FF Extension: AudioTube - C:\Users\rolando\AppData\Roaming\Mozilla\Firefox\Profiles\isrf5prv.default-1349530064513\Extensions\firefox@org.audiotube.xpi [2014-02-14]
FF Extension: Gliph - C:\Users\rolando\AppData\Roaming\Mozilla\Firefox\Profiles\isrf5prv.default-1349530064513\Extensions\jid0-uActZDCeqtUeamXHDFTuINr5IQM@jetpack.xpi [2013-02-08]
FF Extension: DuckDuckGo Plus - C:\Users\rolando\AppData\Roaming\Mozilla\Firefox\Profiles\isrf5prv.default-1349530064513\Extensions\jid1-ZAdIEUB7XOzOJw@jetpack.xpi [2013-11-12]
FF Extension: TinEye Reverse Image Search - C:\Users\rolando\AppData\Roaming\Mozilla\Firefox\Profiles\isrf5prv.default-1349530064513\Extensions\tineye@ideeinc.com.xpi [2013-03-05]
FF Extension: No Name - C:\Users\rolando\AppData\Roaming\Mozilla\Firefox\Profiles\isrf5prv.default-1349530064513\Extensions\twitter.address.bar.search@firefox.twitter.xpi [2013-03-13]
FF Extension: 1-Click YouTube Video Downloader - C:\Users\rolando\AppData\Roaming\Mozilla\Firefox\Profiles\isrf5prv.default-1349530064513\Extensions\YoutubeDownloader@PeterOlayev.com.xpi [2013-11-12]
FF Extension: X-notifier - C:\Users\rolando\AppData\Roaming\Mozilla\Firefox\Profiles\isrf5prv.default-1349530064513\Extensions\{37fa1426-b82d-11db-8314-0800200c9a66}.xpi [2013-12-12]
FF Extension: Stylish - C:\Users\rolando\AppData\Roaming\Mozilla\Firefox\Profiles\isrf5prv.default-1349530064513\Extensions\{46551EC9-40F0-4e47-8E18-8E5CF550CFB8}.xpi [2014-03-01]
FF Extension: Download Status Bar - C:\Users\rolando\AppData\Roaming\Mozilla\Firefox\Profiles\isrf5prv.default-1349530064513\Extensions\{6c28e999-e900-4635-a39d-b1ec90ba0c0f}.xpi [2014-02-14]
FF Extension: Adblock Plus - C:\Users\rolando\AppData\Roaming\Mozilla\Firefox\Profiles\isrf5prv.default-1349530064513\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2012-10-06]
FF Extension: BetterPrivacy - C:\Users\rolando\AppData\Roaming\Mozilla\Firefox\Profiles\isrf5prv.default-1349530064513\Extensions\{d40f5e7b-d2cf-4856-b441-cc613eeffbe3}.xpi [2012-10-06]
FF Extension: Tab Mix Plus - C:\Users\rolando\AppData\Roaming\Mozilla\Firefox\Profiles\isrf5prv.default-1349530064513\Extensions\{dc572301-7619-498c-a57d-39143191b318}.xpi [2012-10-06]
FF Extension: Adblock Edge - C:\Users\rolando\AppData\Roaming\Mozilla\Firefox\Profiles\isrf5prv.default-1349530064513\Extensions\{fe272bd1-5f76-4ea4-8501-a05d35d823fc}.xpi [2014-02-27]
FF HKLM-x32\...\Firefox\Extensions: [{1E73965B-8B48-48be-9C8D-68B920ABC1C4}] - C:\Program Files (x86)\AVG\AVG2012\Firefox4\
FF HKCU\...\Firefox\Extensions: [{367C710F-7D9E-11E1-826D-B8AC6F996F26}] - C:\Users\rolando\AppData\Local\{367C710F-7D9E-11E1-826D-B8AC6F996F26}\
FF HKCU\...\Firefox\Extensions: [{9b22c9b2-1757-442f-909b-4f139b498c8d}] - C:\Program Files (x86)\View-Password-soft\157.xpi
FF Extension: No Name - C:\Program Files (x86)\View-Password-soft\157.xpi [2014-03-14]
 
==================== Services (Whitelisted) =================
 
R2 !SASCORE; C:\Program Files\SUPERAntiSpyware\SASCORE64.EXE [144152 2013-10-10] (SUPERAntiSpyware.com)
R2 a2AntiMalware; C:\Program Files (x86)\Emsisoft Anti-Malware\a2service.exe [4163584 2014-02-15] (Emsisoft GmbH)
R2 AbsoluteNotifier; C:\Program Files (x86)\Absolute Software\Absolute Notifier\AbsoluteNotifierService.exe [11112 2013-10-28] (Absolute Software)
R2 AESTFilters; C:\Windows\System32\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_056607ee0106e5e8\AESTSr64.exe [89600 2009-03-02] (Andrea Electronics Corporation)
R2 BcmBtRSupport; C:\Windows\system32\BtwRSupportService.exe [2253016 2013-10-02] (Broadcom Corporation.)
S3 chromoting; C:\Program Files (x86)\Google\Chrome Remote Desktop\33.0.1750.125\remoting_host.exe [50504 2014-02-19] (Google Inc.)
R2 CronService; C:\Prey\platform\windows\cronsvc.exe [19968 2011-02-15] (Fork Ltd.)
R2 DirMngr; C:\Program Files (x86)\GNU\GnuPG\dirmngr.exe [218112 2013-05-28] ()
R2 FAService; C:\Program Files\Alienware\Command Center\AlienSense\FAService.exe [2409800 2010-04-04] (Sensible Vision )
S3 fussvc; C:\Program Files (x86)\Windows Kits\8.0\App Certification Kit\fussvc.exe [139776 2012-07-25] (Microsoft Corporation)
S2 libusbd; C:\Windows\SysWOW64\libusbd-nt.exe [18944 2005-03-09] (http://libusb-win32.sourceforge.net)
S4 LMIGuardianSvc; C:\Program Files (x86)\LogMeIn\x64\LMIGuardianSvc.exe [376144 2013-12-16] (LogMeIn, Inc.)
R2 LMIMaint; C:\Program Files (x86)\LogMeIn\x64\RaMaint.exe [226640 2013-12-16] (LogMeIn, Inc.)
S4 LogMeIn; C:\Program Files (x86)\LogMeIn\x64\LogMeIn.exe [407424 2010-11-08] (LogMeIn, Inc.)
R2 MSSQL$SQLEXPRESS; c:\Program Files\Microsoft SQL Server\MSSQL10.SQLEXPRESS\MSSQL\Binn\sqlservr.exe [58345832 2011-09-22] (Microsoft Corporation)
S3 OpenVPNService; C:\Program Files (x86)\OpenVPN\bin\openvpnserv.exe [14848 2011-12-15] ()
S3 OverwolfUpdaterService; C:\Program Files (x86)\Overwolf\OverwolfUpdater.exe [96184 2013-12-09] (Overwolf)
R2 PSI_SVC_2_x64; c:\Program Files\Common Files\Protexis\License Service\PsiService_2.exe [336824 2010-11-30] (arvato digital services llc)
S3 rpcapd; C:\Program Files (x86)\WinPcap\rpcapd.exe [118520 2013-02-28] (Riverbed Technology, Inc.)
S4 SQLAgent$SQLEXPRESS; c:\Program Files\Microsoft SQL Server\MSSQL10.SQLEXPRESS\MSSQL\Binn\SQLAGENT.EXE [431464 2011-09-22] (Microsoft Corporation)
R2 STacSV; C:\Windows\System32\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_056607ee0106e5e8\STacSV64.exe [240640 2009-09-15] (IDT, Inc.)
S3 Te.Service; C:\Program Files (x86)\Windows Kits\8.0\Testing\Runtimes\TAEF\Wex.Services.exe [126976 2012-07-25] (Microsoft Corporation)
R2 ViewPassword; C:\Program Files (x86)\View-Password-soft\ViewPassword157.exe [195584 2014-03-14] ()
R2 W3SVC; C:\Windows\system32\inetsrv\iisw3adm.dll [453120 2010-11-20] (Microsoft Corporation)
R2 wltrysvc; C:\Program Files\Dell\DW WLAN Card\bcmwltry.exe [5088256 2010-02-02] (Dell Inc.)
R2 rpcld; C:\ProgramData\Rpcnet\Bin\rpcld.exe [X]
S2 WinDefend; %ProgramFiles(x86)%\Windows Defender\mpsvc.dll [X]
 
==================== Drivers (Whitelisted) ====================
 
S3 a2acc; C:\PROGRAM FILES (X86)\EMSISOFT ANTI-MALWARE\a2accx64.sys [70960 2013-08-24] (Emsisoft GmbH)
R1 A2DDA; C:\Program Files (x86)\Emsisoft Anti-Malware\a2ddax64.sys [26176 2013-03-28] (Emsisoft GmbH)
U5 AppMgmt; C:\Windows\system32\svchost.exe [27136 2009-07-13] (Microsoft Corporation)
S1 ASPI32; C:\Windows\SysWow64\Drivers\ASPI32.sys [25244 1999-09-10] (Adaptec)
S3 bcbtums; C:\Windows\System32\drivers\bcbtums.sys [170712 2013-10-02] (Broadcom Corporation.)
S3 bcm; C:\Windows\System32\DRIVERS\drxvi314_64.sys [389408 2011-04-05] (Beceem communications pvt ltd.)
S3 bcmbusctr; C:\Windows\System32\DRIVERS\BcmBusCtr_64.sys [67360 2011-04-05] (Beceem communications pvt ltd.)
S3 cleanhlp; C:\Program Files (x86)\Emsisoft Anti-Malware\cleanhlp64.sys [57024 2013-12-04] (Emsisoft GmbH)
R1 dtsoftbus01; C:\Windows\System32\DRIVERS\dtsoftbus01.sys [283064 2013-11-21] (Disc Soft Ltd)
S3 HP8207_8307; C:\Windows\System32\DRIVERS\HP8207_8307.sys [15360 2010-02-04] (Windows ® Win 7 DDK provider)
S3 IAMTVE; C:\Windows\system32\DRIVERS\IAMTVE.sys [43416 2007-04-11] (Intel Corporation)
S3 IAMTXPE; C:\Windows\system32\DRIVERS\IAMTXPE.sys [51096 2007-04-11] (Intel Corporation)
R0 ioatdma; C:\Windows\System32\Drivers\ioatdma.sys [46792 2009-07-13] (Intel Corporation)
S3 iSSetup; C:\Windows\system32\DRIVERS\iSSetup.sys [178400 2009-10-13] (Intel Corporation)
R3 ITECIRfilter; C:\Windows\System32\DRIVERS\ITECIRfilter.sys [28264 2011-03-22] (ITE Tech. Inc. )
R3 KeyScrambler; C:\Windows\System32\drivers\keyscrambler.sys [222200 2013-05-31] (QFX Software Corporation)
S3 libusb0; C:\Windows\SysWOW64\drivers\libusb0.sys [33792 2005-03-09] ()
R2 LMIInfo; C:\Program Files (x86)\LogMeIn\x64\RaInfo.sys [16056 2013-08-16] (LogMeIn, Inc.)
S4 LMIRfsClientNP; No ImagePath
S3 NPF; C:\Windows\System32\drivers\npf.sys [36600 2013-02-28] (Riverbed Technology, Inc.)
S3 ogtap100; C:\Windows\System32\DRIVERS\ogtap100.sys [36736 2013-10-22] (The OpenVPN Project)
R3 pbfilter; C:\Program Files\PeerBlock\pbfilter.sys [22600 2014-01-14] ()
S3 PCTINDIS5X64; C:\Windows\system32\PCTINDIS5X64.SYS [43032 2010-08-05] (Smith Micro Inc.)
S3 RimUsb; C:\Windows\System32\Drivers\RimUsb_AMD64.sys [74240 2011-02-16] (Research In Motion Limited)
R3 RimVSerPort; C:\Windows\System32\DRIVERS\RimSerial_AMD64.sys [31744 2009-01-09] (Research in Motion Ltd)
R1 SASDIFSV; C:\Program Files\SUPERAntiSpyware\SASDIFSV64.SYS [14928 2011-07-22] (SUPERAdBlocker.com and SUPERAntiSpyware.com)
R1 SASKUTIL; C:\Program Files\SUPERAntiSpyware\SASKUTIL64.SYS [12368 2011-07-12] (SUPERAdBlocker.com and SUPERAntiSpyware.com)
S3 Serial; C:\Windows\system32\DRIVERS\serial.sys [94208 2009-07-13] (Brother Industries Ltd.)
S3 VSPerfDrv110; C:\Program Files (x86)\Microsoft Visual Studio 11.0\Team Tools\Performance Tools\x64\VSPerfDrv110.sys [70264 2012-07-13] (Microsoft Corporation)
S3 ewusbnet; system32\DRIVERS\ewusbnet.sys [X]
S3 huawei_enumerator; system32\DRIVERS\ew_jubusenum.sys [X]
S3 hwdatacard; system32\DRIVERS\ewusbmdm.sys [X]
S3 MEMSWEEP2; \??\C:\Windows\system32\EAB.tmp [X]
S3 PTUMWBus; system32\DRIVERS\PTUMWBus.sys [X]
S3 PTUMWCDF; system32\DRIVERS\PTUMWCDF.sys [X]
S3 PTUMWFLT; system32\DRIVERS\PTUMWFLT.sys [X]
S3 PTUMWMdm; system32\DRIVERS\PTUMWMdm.sys [X]
S3 PTUMWNET; system32\DRIVERS\PTUMWNET.sys [X]
S3 PTUMWVsp; system32\DRIVERS\PTUMWVsp.sys [X]
 
==================== NetSvcs (Whitelisted) ===================
 
 
==================== One Month Created Files and Folders ========
 
2014-03-15 08:41 - 2014-03-15 08:43 - 00034660 _____ () C:\Users\rolando\Desktop\FRST.txt
2014-03-15 08:41 - 2014-03-15 08:41 - 00000000 ____D () C:\FRST
2014-03-15 08:39 - 2014-03-15 08:40 - 02157056 _____ (Farbar) C:\Users\rolando\Desktop\FRST64.exe
2014-03-15 08:32 - 2014-03-15 08:32 - 00000022 _____ () C:\Windows\S.dirmngr
2014-03-14 21:24 - 2014-03-14 21:24 - 02660825 _____ () C:\Users\rolando\Desktop\forge-1.7.2-10.12.0.1024-installer-win.exe
2014-03-14 21:20 - 2014-03-15 08:35 - 00000412 _____ () C:\Windows\Tasks\View Password Update.job
2014-03-14 21:20 - 2014-03-15 08:32 - 00000416 _____ () C:\Windows\Tasks\View Password_wd.job
2014-03-14 21:20 - 2014-03-14 21:20 - 00003064 _____ () C:\Windows\System32\Tasks\View Password Update
2014-03-14 21:20 - 2014-03-14 21:20 - 00003008 _____ () C:\Windows\System32\Tasks\View Password_wd
2014-03-14 21:20 - 2014-03-14 21:20 - 00000000 ____D () C:\Program Files (x86)\View-Password-soft
2014-03-14 21:11 - 2014-03-14 21:11 - 00003186 _____ () C:\Windows\System32\Tasks\{B1045CD7-2F43-46BD-B001-AD529E41ACEC}
2014-03-14 20:59 - 2014-03-14 21:00 - 10438020 _____ () C:\Users\rolando\Desktop\Fossil-Archaeology 1.5.2 Build 5.3.zip
2014-03-14 20:41 - 2014-03-14 21:25 - 00000000 ____D () C:\Users\rolando\AppData\Roaming\.minecraft
2014-03-14 20:41 - 2014-03-14 20:41 - 00002137 _____ () C:\Users\rolando\Desktop\Minecraft.lnk
2014-03-14 20:41 - 2014-03-14 20:41 - 00000000 ____D () C:\Users\rolando\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Minecraft
2014-03-14 20:38 - 2014-03-14 20:38 - 00000718 _____ () C:\Users\rolando\AppData\Local\recently-used.xbel
2014-03-14 20:35 - 2014-03-14 20:36 - 00000000 ____D () C:\Users\rolando\Downloads\Minecraft 1.7.5 by TeamExtremeMc.com
2014-03-14 20:35 - 2014-03-14 20:35 - 00000941 _____ () C:\Users\Public\Desktop\Deluge.lnk
2014-03-14 20:34 - 2014-03-14 20:35 - 00000000 ____D () C:\Program Files (x86)\Deluge
2014-03-14 10:30 - 2014-03-14 10:30 - 00022322 _____ () C:\Users\rolando\Desktop\CIS474_TimeCard_student_name.xlsx
2014-03-14 10:22 - 2014-03-14 10:22 - 00000000 ____D () C:\Users\rolando\Desktop\CIS-474-67611 - Team A files
2014-03-14 10:21 - 2014-03-14 10:21 - 00317692 _____ () C:\Users\rolando\Desktop\CIS474_Team  DeVry Website Design_Work Schedules.zip
2014-03-11 13:26 - 2014-03-11 13:26 - 00000000 ____D () C:\Users\rolando\AppData\Local\YACReader
2014-03-11 13:23 - 2014-03-11 13:24 - 14883239 _____ ( ) C:\Users\rolando\Desktop\YACReader-7.0.0-win32.exe
2014-03-10 14:24 - 2014-01-08 21:22 - 05694464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mstscax.dll
2014-03-10 14:24 - 2014-01-03 17:44 - 06574592 _____ (Microsoft Corporation) C:\Windows\system32\mstscax.dll
2014-03-05 19:14 - 2014-03-05 19:14 - 05814000 _____ (TeamViewer GmbH) C:\Users\rolando\Desktop\TeamViewer_Setup_en.exe
2014-03-04 16:17 - 2014-03-04 16:20 - 41913952 _____ (Ciro Mattia Gonano, Paweł Jastrzębski ) C:\Users\rolando\Desktop\KindleComicConverter_win_4.0.1.exe
2014-03-03 16:32 - 2014-03-04 14:06 - 00000000 ____D () C:\Users\rolando\AppData\Roaming\I2P
2014-03-03 16:32 - 2014-03-03 16:32 - 00003160 _____ () C:\Windows\System32\Tasks\{C804D814-8D07-46F3-9EFE-1E7DDCC5955D}
2014-03-03 16:32 - 2014-03-03 16:32 - 00000000 ____D () C:\Program Files\i2p
2014-03-03 16:25 - 2014-03-03 16:26 - 13662456 _____ () C:\Users\rolando\Desktop\i2pinstall_0.9.11_windows.exe
2014-03-03 15:40 - 2014-03-03 15:40 - 00000000 ____D () C:\Users\rolando\Documents\quicksetdns
2014-03-03 12:48 - 2014-03-15 00:15 - 00000000 ____D () C:\Program Files (x86)\Emsisoft Anti-Malware
2014-03-03 11:39 - 2014-03-03 11:39 - 00629301 _____ () C:\Users\rolando\Desktop\PeStudio812.zip
2014-03-02 22:06 - 2014-03-02 22:06 - 00000000 ____D () C:\Windows\System32\Tasks\Western Digital
2014-03-02 22:05 - 2014-03-02 22:05 - 00000000 ____D () C:\Users\rolando\AppData\Local\Western_Digital_Technolog
2014-03-02 22:05 - 2014-03-02 22:05 - 00000000 ____D () C:\Users\rolando\AppData\Local\Western Digital
2014-03-02 21:53 - 2014-03-15 08:31 - 00004434 _____ () C:\Windows\PFRO.log
2014-03-02 21:51 - 2014-03-02 21:59 - 00008192 _____ () C:\Windows\SysWOW64\WDPABKP.dat
2014-03-02 21:51 - 2014-03-02 21:52 - 00010398 _____ () C:\Windows\DPINST.LOG
2014-03-02 21:41 - 2014-03-02 22:12 - 00000000 ____D () C:\ProgramData\Western Digital
2014-03-01 11:04 - 2014-03-01 11:12 - 00000000 ____D () C:\Users\rolando\Desktop\Nintendo DS Copy SD Card
2014-02-28 17:25 - 2014-02-28 17:25 - 00000000 ____D () C:\Users\rolando\AppData\Local\Arcode
2014-02-28 17:24 - 2014-02-28 17:25 - 00000000 ____D () C:\Users\rolando\AppData\Local\Inky
2014-02-28 17:24 - 2014-02-28 17:24 - 00001013 _____ () C:\Users\rolando\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Inky.lnk
2014-02-26 15:22 - 2014-02-26 15:22 - 00000000 ____D () C:\ProgramData\PicPick
2014-02-26 01:01 - 2014-03-15 08:31 - 00002566 _____ () C:\Windows\setupact.log
2014-02-26 01:01 - 2014-02-26 01:01 - 00000000 _____ () C:\Windows\setuperr.log
2014-02-26 01:00 - 2014-03-11 11:10 - 00608096 _____ () C:\Windows\system32\FNTCACHE.DAT
2014-02-25 15:17 - 2014-02-25 15:17 - 00000000 _____ () C:\Windows\SysWOW64\FAP557D.tmp
2014-02-25 15:16 - 2014-02-25 15:16 - 00000000 _____ () C:\Windows\SysWOW64\FAPAE83.tmp
2014-02-25 15:14 - 2014-02-25 15:14 - 00000000 _____ () C:\Windows\SysWOW64\FAP8936.tmp
2014-02-25 14:45 - 2014-02-25 14:45 - 00000000 _____ () C:\Windows\SysWOW64\FAP3385.tmp
2014-02-25 13:55 - 2014-02-25 13:55 - 00000000 _____ () C:\Windows\SysWOW64\FAPCC96.tmp
2014-02-25 13:15 - 2014-02-25 13:15 - 00000000 _____ () C:\Windows\SysWOW64\FAP2E71.tmp
2014-02-25 12:42 - 2014-02-25 12:42 - 00018768 _____ () C:\Users\rolando\Documents\cc_20140225_114243.reg
2014-02-19 22:32 - 2014-02-19 22:32 - 00002165 _____ () C:\Users\rolando\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Microsoft OneDrive.lnk
2014-02-18 15:00 - 2014-02-18 15:00 - 00001178 _____ () C:\Users\rolando\Desktop\10.154.4.123.crt
2014-02-17 19:16 - 2014-02-17 19:23 - 00000000 ____D () C:\Users\rolando\AppData\Local\Pokemon Showdown
2014-02-17 19:15 - 2014-02-17 19:15 - 00002022 _____ () C:\Users\rolando\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Pokemon Showdown.lnk
2014-02-17 19:15 - 2014-02-17 19:15 - 00000000 ____D () C:\Program Files (x86)\Pokemon Showdown
2014-02-17 14:10 - 2014-02-17 14:35 - 82997200 _____ () C:\Users\rolando\Desktop\R262653.exe
2014-02-16 21:16 - 2014-02-16 21:16 - 00000000 ____D () C:\Program Files (x86)\uTorrent
2014-02-16 18:45 - 2013-10-01 21:22 - 00056832 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\TsUsbFlt.sys
2014-02-16 18:45 - 2013-10-01 21:11 - 00013824 _____ (Microsoft Corporation) C:\Windows\system32\TsUsbRedirectionGroupPolicyControl.exe
2014-02-16 18:45 - 2013-10-01 21:08 - 00012800 _____ (Microsoft Corporation) C:\Windows\system32\TsUsbRedirectionGroupPolicyExtension.dll
2014-02-16 18:45 - 2013-10-01 20:48 - 00056832 _____ (Microsoft Corporation) C:\Windows\system32\MsRdpWebAccess.dll
2014-02-16 18:45 - 2013-10-01 20:48 - 00018944 _____ (Microsoft Corporation) C:\Windows\system32\wksprtPS.dll
2014-02-16 18:45 - 2013-10-01 20:29 - 00062976 _____ (Microsoft Corporation) C:\Windows\system32\tsgqec.dll
2014-02-16 18:45 - 2013-10-01 20:10 - 00044544 _____ (Microsoft Corporation) C:\Windows\system32\TsUsbGDCoInstaller.dll
2014-02-16 18:45 - 2013-10-01 19:15 - 01057280 _____ (Microsoft Corporation) C:\Windows\system32\rdvidcrl.dll
2014-02-16 18:45 - 2013-10-01 19:14 - 00050176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MsRdpWebAccess.dll
2014-02-16 18:45 - 2013-10-01 19:14 - 00017920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wksprtPS.dll
2014-02-16 18:45 - 2013-10-01 19:08 - 00083968 _____ (Microsoft Corporation) C:\Windows\system32\TSWbPrxy.exe
2014-02-16 18:45 - 2013-10-01 19:01 - 00420864 _____ (Microsoft Corporation) C:\Windows\system32\wksprt.exe
2014-02-16 18:45 - 2013-10-01 18:58 - 00053248 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tsgqec.dll
2014-02-16 18:45 - 2013-10-01 18:31 - 01147392 _____ (Microsoft Corporation) C:\Windows\system32\mstsc.exe
2014-02-16 18:45 - 2013-10-01 18:08 - 00855552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rdvidcrl.dll
2014-02-16 18:45 - 2013-10-01 17:34 - 01068544 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mstsc.exe
2014-02-16 18:37 - 2013-12-21 04:53 - 00548864 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2014-02-16 18:37 - 2013-12-21 03:56 - 00454656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2014-02-16 18:36 - 2014-02-06 07:16 - 23170048 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-02-16 18:36 - 2014-02-06 06:30 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-02-16 18:36 - 2014-02-06 06:30 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2014-02-16 18:36 - 2014-02-06 06:12 - 02765824 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2014-02-16 18:36 - 2014-02-06 06:07 - 00066048 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2014-02-16 18:36 - 2014-02-06 06:06 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2014-02-16 18:36 - 2014-02-06 05:57 - 00053760 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2014-02-16 18:36 - 2014-02-06 05:56 - 00033792 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2014-02-16 18:36 - 2014-02-06 05:52 - 00574976 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2014-02-16 18:36 - 2014-02-06 05:49 - 00139264 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2014-02-16 18:36 - 2014-02-06 05:48 - 00708608 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2014-02-16 18:36 - 2014-02-06 05:48 - 00111616 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2014-02-16 18:36 - 2014-02-06 05:38 - 17103872 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2014-02-16 18:36 - 2014-02-06 05:32 - 00218624 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2014-02-16 18:36 - 2014-02-06 05:20 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2014-02-16 18:36 - 2014-02-06 05:17 - 00195584 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2014-02-16 18:36 - 2014-02-06 05:11 - 05768704 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2014-02-16 18:36 - 2014-02-06 05:01 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2014-02-16 18:36 - 2014-02-06 05:00 - 00051200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2014-02-16 18:36 - 2014-02-06 04:57 - 02168320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2014-02-16 18:36 - 2014-02-06 04:57 - 00627200 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2014-02-16 18:36 - 2014-02-06 04:52 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2014-02-16 18:36 - 2014-02-06 04:52 - 00032768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2014-02-16 18:36 - 2014-02-06 04:50 - 02041856 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2014-02-16 18:36 - 2014-02-06 04:49 - 00440832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2014-02-16 18:36 - 2014-02-06 04:47 - 00112128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2014-02-16 18:36 - 2014-02-06 04:46 - 00553472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2014-02-16 18:36 - 2014-02-06 04:25 - 04244480 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2014-02-16 18:36 - 2014-02-06 04:25 - 00164864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2014-02-16 18:36 - 2014-02-06 04:24 - 02334208 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2014-02-16 18:36 - 2014-02-06 04:22 - 13051392 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2014-02-16 18:36 - 2014-02-06 04:13 - 00524288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2014-02-16 18:36 - 2014-02-06 04:09 - 01964032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2014-02-16 18:36 - 2014-02-06 04:03 - 11266048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2014-02-16 18:36 - 2014-02-06 03:55 - 01393664 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2014-02-16 18:36 - 2014-02-06 03:41 - 01820160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2014-02-16 18:36 - 2014-02-06 03:40 - 00817664 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2014-02-16 18:36 - 2014-02-06 03:36 - 01156096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2014-02-16 18:36 - 2014-02-06 03:34 - 00703488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2014-02-16 18:34 - 2013-12-31 18:05 - 00420008 _____ () C:\Windows\SysWOW64\locale.nls
2014-02-16 18:34 - 2013-12-31 18:04 - 00420008 _____ () C:\Windows\system32\locale.nls
2014-02-16 18:34 - 2013-12-05 21:30 - 01882112 _____ (Microsoft Corporation) C:\Windows\system32\msxml3.dll
2014-02-16 18:34 - 2013-12-05 21:30 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\msxml3r.dll
2014-02-16 18:34 - 2013-12-05 21:02 - 01237504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml3.dll
2014-02-16 18:34 - 2013-12-05 21:02 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml3r.dll
2014-02-16 18:34 - 2013-12-03 21:27 - 00488448 _____ (Microsoft Corporation) C:\Windows\system32\secproc.dll
2014-02-16 18:34 - 2013-12-03 21:27 - 00485888 _____ (Microsoft Corporation) C:\Windows\system32\secproc_isv.dll
2014-02-16 18:34 - 2013-12-03 21:27 - 00123392 _____ (Microsoft Corporation) C:\Windows\system32\secproc_ssp_isv.dll
2014-02-16 18:34 - 2013-12-03 21:27 - 00123392 _____ (Microsoft Corporation) C:\Windows\system32\secproc_ssp.dll
2014-02-16 18:34 - 2013-12-03 21:26 - 00528384 _____ (Microsoft Corporation) C:\Windows\system32\msdrm.dll
2014-02-16 18:34 - 2013-12-03 21:16 - 00658432 _____ (Microsoft Corporation) C:\Windows\system32\RMActivate_isv.exe
2014-02-16 18:34 - 2013-12-03 21:16 - 00626176 _____ (Microsoft Corporation) C:\Windows\system32\RMActivate.exe
2014-02-16 18:34 - 2013-12-03 21:16 - 00553984 _____ (Microsoft Corporation) C:\Windows\system32\RMActivate_ssp.exe
2014-02-16 18:34 - 2013-12-03 21:16 - 00552960 _____ (Microsoft Corporation) C:\Windows\system32\RMActivate_ssp_isv.exe
2014-02-16 18:34 - 2013-12-03 21:03 - 00428032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secproc.dll
2014-02-16 18:34 - 2013-12-03 21:03 - 00423936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secproc_isv.dll
2014-02-16 18:34 - 2013-12-03 21:03 - 00087040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secproc_ssp_isv.dll
2014-02-16 18:34 - 2013-12-03 21:03 - 00087040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secproc_ssp.dll
2014-02-16 18:34 - 2013-12-03 21:02 - 00390144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msdrm.dll
2014-02-16 18:34 - 2013-12-03 20:54 - 00594944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RMActivate_isv.exe
2014-02-16 18:34 - 2013-12-03 20:54 - 00572416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RMActivate.exe
2014-02-16 18:34 - 2013-12-03 20:54 - 00510976 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RMActivate_ssp.exe
2014-02-16 18:34 - 2013-12-03 20:54 - 00508928 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RMActivate_ssp_isv.exe
2014-02-16 18:34 - 2013-09-24 21:23 - 01030144 _____ (Microsoft Corporation) C:\Windows\system32\TSWorkspace.dll
2014-02-16 18:34 - 2013-09-24 20:57 - 00792576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSWorkspace.dll
2014-02-16 18:33 - 2013-12-24 18:09 - 01987584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d10warp.dll
2014-02-16 18:33 - 2013-12-24 17:48 - 02565120 _____ (Microsoft Corporation) C:\Windows\system32\d3d10warp.dll
2014-02-16 18:33 - 2013-11-26 03:16 - 03419136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d2d1.dll
2014-02-16 18:33 - 2013-11-22 17:48 - 03928064 _____ (Microsoft Corporation) C:\Windows\system32\d2d1.dll
2014-02-15 23:41 - 2014-02-15 23:41 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2014-02-14 15:33 - 2014-02-14 15:34 - 06442903 _____ () C:\Users\rolando\Desktop\twister-0.9.13-win32-bundle.zip
2014-02-13 22:43 - 2014-02-13 22:44 - 14816459 _____ () C:\Users\rolando\Desktop\Pokemon_The_Complete_Story_aka_Zensho_c0_[M-L][2F413C05].cbz
 
==================== One Month Modified Files and Folders =======
 
2014-03-15 08:43 - 2014-03-15 08:41 - 00034660 _____ () C:\Users\rolando\Desktop\FRST.txt
2014-03-15 08:43 - 2011-08-25 18:23 - 00000000 ____D () C:\Users\rolando\AppData\Roaming\.purple
2014-03-15 08:41 - 2014-03-15 08:41 - 00000000 ____D () C:\FRST
2014-03-15 08:41 - 2009-07-13 23:45 - 00014240 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-03-15 08:41 - 2009-07-13 23:45 - 00014240 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-03-15 08:40 - 2014-03-15 08:39 - 02157056 _____ (Farbar) C:\Users\rolando\Desktop\FRST64.exe
2014-03-15 08:39 - 2012-04-09 15:00 - 01376040 _____ () C:\Windows\WindowsUpdate.log
2014-03-15 08:38 - 2009-07-14 00:13 - 00916866 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-03-15 08:35 - 2014-03-14 21:20 - 00000412 _____ () C:\Windows\Tasks\View Password Update.job
2014-03-15 08:35 - 2013-07-08 17:43 - 00004964 _____ () C:\Windows\System32\Tasks\Microsoft Office 15 Sync Maintenance for ARTEMIS-rolando Artemis
2014-03-15 08:35 - 2012-12-21 20:42 - 00000000 ___RD () C:\Users\rolando\Desktop\SkyDrive
2014-03-15 08:34 - 2011-04-26 18:51 - 00000000 ____D () C:\Users\rolando\AppData\Roaming\Skype
2014-03-15 08:34 - 2011-04-13 07:48 - 00000000 ____D () C:\Program Files\PeerBlock
2014-03-15 08:33 - 2011-03-14 02:28 - 00000000 ____D () C:\Program Files (x86)\AlienRespawn
2014-03-15 08:32 - 2014-03-15 08:32 - 00000022 _____ () C:\Windows\S.dirmngr
2014-03-15 08:32 - 2014-03-14 21:20 - 00000416 _____ () C:\Windows\Tasks\View Password_wd.job
2014-03-15 08:32 - 2011-10-31 19:21 - 00069792 _____ (Absolute Software Corp.) C:\Windows\SysWOW64\rpcnet.dll
2014-03-15 08:32 - 2011-08-11 14:57 - 00065536 _____ () C:\Windows\system32\Ikeext.etl
2014-03-15 08:32 - 2011-03-22 18:44 - 00000000 ____D () C:\Users\rolando\AppData\Local\SoftThinks
2014-03-15 08:31 - 2014-03-02 21:53 - 00004434 _____ () C:\Windows\PFRO.log
2014-03-15 08:31 - 2014-02-26 01:01 - 00002566 _____ () C:\Windows\setupact.log
2014-03-15 08:31 - 2009-07-14 00:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-03-15 00:15 - 2014-03-03 12:48 - 00000000 ____D () C:\Program Files (x86)\Emsisoft Anti-Malware
2014-03-14 23:59 - 2012-02-02 18:08 - 00000000 ____D () C:\Users\rolando\AppData\Roaming\uTorrent
2014-03-14 21:37 - 2013-01-14 20:22 - 00000000 ____D () C:\Users\rolando\AppData\Roaming\Notepad++
2014-03-14 21:25 - 2014-03-14 20:41 - 00000000 ____D () C:\Users\rolando\AppData\Roaming\.minecraft
2014-03-14 21:24 - 2014-03-14 21:24 - 02660825 _____ () C:\Users\rolando\Desktop\forge-1.7.2-10.12.0.1024-installer-win.exe
2014-03-14 21:20 - 2014-03-14 21:20 - 00003064 _____ () C:\Windows\System32\Tasks\View Password Update
2014-03-14 21:20 - 2014-03-14 21:20 - 00003008 _____ () C:\Windows\System32\Tasks\View Password_wd
2014-03-14 21:20 - 2014-03-14 21:20 - 00000000 ____D () C:\Program Files (x86)\View-Password-soft
2014-03-14 21:11 - 2014-03-14 21:11 - 00003186 _____ () C:\Windows\System32\Tasks\{B1045CD7-2F43-46BD-B001-AD529E41ACEC}
2014-03-14 21:05 - 2011-04-28 18:11 - 00000000 ____D () C:\Users\rolando\Desktop\uTorrent
2014-03-14 21:00 - 2014-03-14 20:59 - 10438020 _____ () C:\Users\rolando\Desktop\Fossil-Archaeology 1.5.2 Build 5.3.zip
2014-03-14 20:41 - 2014-03-14 20:41 - 00002137 _____ () C:\Users\rolando\Desktop\Minecraft.lnk
2014-03-14 20:41 - 2014-03-14 20:41 - 00000000 ____D () C:\Users\rolando\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Minecraft
2014-03-14 20:38 - 2014-03-14 20:38 - 00000718 _____ () C:\Users\rolando\AppData\Local\recently-used.xbel
2014-03-14 20:38 - 2012-06-01 14:39 - 00000000 ____D () C:\Users\rolando\AppData\Roaming\deluge
2014-03-14 20:36 - 2014-03-14 20:35 - 00000000 ____D () C:\Users\rolando\Downloads\Minecraft 1.7.5 by TeamExtremeMc.com
2014-03-14 20:35 - 2014-03-14 20:35 - 00000941 _____ () C:\Users\Public\Desktop\Deluge.lnk
2014-03-14 20:35 - 2014-03-14 20:34 - 00000000 ____D () C:\Program Files (x86)\Deluge
2014-03-14 20:32 - 2013-06-30 17:10 - 00000000 ____D () C:\Users\rolando\AppData\Roaming\tixati
2014-03-14 10:30 - 2014-03-14 10:30 - 00022322 _____ () C:\Users\rolando\Desktop\CIS474_TimeCard_student_name.xlsx
2014-03-14 10:22 - 2014-03-14 10:22 - 00000000 ____D () C:\Users\rolando\Desktop\CIS-474-67611 - Team A files
2014-03-14 10:21 - 2014-03-14 10:21 - 00317692 _____ () C:\Users\rolando\Desktop\CIS474_Team  DeVry Website Design_Work Schedules.zip
2014-03-14 10:17 - 2011-12-26 13:06 - 00000000 ____D () C:\Users\rolando\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\YACReader
2014-03-14 10:17 - 2011-12-26 13:06 - 00000000 ____D () C:\Program Files (x86)\YACReader
2014-03-13 10:36 - 2012-02-23 13:21 - 00000000 ____D () C:\Users\rolando\AppData\Roaming\KeePass
2014-03-11 13:26 - 2014-03-11 13:26 - 00000000 ____D () C:\Users\rolando\AppData\Local\YACReader
2014-03-11 13:24 - 2014-03-11 13:23 - 14883239 _____ ( ) C:\Users\rolando\Desktop\YACReader-7.0.0-win32.exe
2014-03-11 12:32 - 2009-07-13 22:20 - 00000000 ____D () C:\Windows\rescache
2014-03-11 11:14 - 2013-01-06 14:00 - 00077547 _____ () C:\Users\rolando\.pia_manager_crash.log
2014-03-11 11:11 - 2012-02-15 15:20 - 00147856 _____ () C:\Windows\system32\GDIPFONTCACHEV1.DAT
2014-03-11 11:11 - 2012-02-15 15:19 - 00147856 _____ () C:\Windows\SysWOW64\GDIPFONTCACHEV1.DAT
2014-03-11 11:10 - 2014-02-26 01:00 - 00608096 _____ () C:\Windows\system32\FNTCACHE.DAT
2014-03-11 11:01 - 2011-04-12 19:34 - 00000000 ____D () C:\Program Files (x86)\SRWare Iron
2014-03-11 10:57 - 2011-04-19 13:21 - 00000000 ___HD () C:\ProgramData\Microsoft Help
2014-03-11 10:55 - 2009-07-13 22:20 - 00000000 ____D () C:\Program Files\Common Files\Microsoft Shared
2014-03-07 21:51 - 2012-04-17 22:00 - 00000000 ____D () C:\Program Files (x86)\TERA
2014-03-05 19:14 - 2014-03-05 19:14 - 05814000 _____ (TeamViewer GmbH) C:\Users\rolando\Desktop\TeamViewer_Setup_en.exe
2014-03-04 16:33 - 2014-01-23 10:53 - 00000000 ____D () C:\Users\rolando\AppData\Local\calibre-cache
2014-03-04 16:33 - 2014-01-23 10:51 - 00000000 ____D () C:\Users\rolando\Documents\Calibre Library
2014-03-04 16:32 - 2014-01-23 10:51 - 00000000 ____D () C:\Users\rolando\AppData\Roaming\calibre
2014-03-04 16:20 - 2014-03-04 16:17 - 41913952 _____ (Ciro Mattia Gonano, Paweł Jastrzębski ) C:\Users\rolando\Desktop\KindleComicConverter_win_4.0.1.exe
2014-03-04 16:02 - 2014-01-23 10:44 - 00000000 ____D () C:\Program Files (x86)\Calibre2
2014-03-04 14:06 - 2014-03-03 16:32 - 00000000 ____D () C:\Users\rolando\AppData\Roaming\I2P
2014-03-03 16:32 - 2014-03-03 16:32 - 00003160 _____ () C:\Windows\System32\Tasks\{C804D814-8D07-46F3-9EFE-1E7DDCC5955D}
2014-03-03 16:32 - 2014-03-03 16:32 - 00000000 ____D () C:\Program Files\i2p
2014-03-03 16:26 - 2014-03-03 16:25 - 13662456 _____ () C:\Users\rolando\Desktop\i2pinstall_0.9.11_windows.exe
2014-03-03 15:40 - 2014-03-03 15:40 - 00000000 ____D () C:\Users\rolando\Documents\quicksetdns
2014-03-03 12:52 - 2012-08-16 09:32 - 00000000 ____D () C:\Users\DefaultAppPool
2014-03-03 12:48 - 2011-05-06 16:34 - 00000000 ____D () C:\Users\rolando\Documents\Anti-Malware
2014-03-03 11:49 - 2013-01-06 10:31 - 00000000 ____D () C:\Program Files\pia_manager
2014-03-03 11:39 - 2014-03-03 11:39 - 00629301 _____ () C:\Users\rolando\Desktop\PeStudio812.zip
2014-03-03 10:40 - 2013-06-18 10:50 - 00000000 ____D () C:\Users\rolando\AppData\Roaming\gnupg
2014-03-03 01:45 - 2012-08-23 09:36 - 00000000 ____D () C:\Users\rolando\AppData\Roaming\vlc
2014-03-02 22:16 - 2014-01-28 12:26 - 00000000 ____D () C:\Program Files (x86)\Secunia
2014-03-02 22:12 - 2014-03-02 21:41 - 00000000 ____D () C:\ProgramData\Western Digital
2014-03-02 22:12 - 2013-09-20 22:48 - 00000000 ____D () C:\ProgramData\Package Cache
2014-03-02 22:06 - 2014-03-02 22:06 - 00000000 ____D () C:\Windows\System32\Tasks\Western Digital
2014-03-02 22:05 - 2014-03-02 22:05 - 00000000 ____D () C:\Users\rolando\AppData\Local\Western_Digital_Technolog
2014-03-02 22:05 - 2014-03-02 22:05 - 00000000 ____D () C:\Users\rolando\AppData\Local\Western Digital
2014-03-02 21:59 - 2014-03-02 21:51 - 00008192 _____ () C:\Windows\SysWOW64\WDPABKP.dat
2014-03-02 21:52 - 2014-03-02 21:51 - 00010398 _____ () C:\Windows\DPINST.LOG
2014-03-01 11:12 - 2014-03-01 11:04 - 00000000 ____D () C:\Users\rolando\Desktop\Nintendo DS Copy SD Card
2014-02-28 18:05 - 2011-03-22 18:44 - 00000000 ____D () C:\Users\rolando
2014-02-28 17:25 - 2014-02-28 17:25 - 00000000 ____D () C:\Users\rolando\AppData\Local\Arcode
2014-02-28 17:25 - 2014-02-28 17:24 - 00000000 ____D () C:\Users\rolando\AppData\Local\Inky
2014-02-28 17:24 - 2014-02-28 17:24 - 00001013 _____ () C:\Users\rolando\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Inky.lnk
2014-02-28 11:18 - 2014-02-12 15:51 - 00100003 _____ () C:\Users\rolando\Desktop\Work Presentation Devry.pptx
2014-02-26 15:22 - 2014-02-26 15:22 - 00000000 ____D () C:\ProgramData\PicPick
2014-02-26 15:21 - 2011-06-05 09:54 - 00000000 ____D () C:\Program Files (x86)\PicPick
2014-02-26 01:01 - 2014-02-26 01:01 - 00000000 _____ () C:\Windows\setuperr.log
2014-02-25 15:17 - 2014-02-25 15:17 - 00000000 _____ () C:\Windows\SysWOW64\FAP557D.tmp
2014-02-25 15:16 - 2014-02-25 15:16 - 00000000 _____ () C:\Windows\SysWOW64\FAPAE83.tmp
2014-02-25 15:14 - 2014-02-25 15:14 - 00000000 _____ () C:\Windows\SysWOW64\FAP8936.tmp
2014-02-25 14:45 - 2014-02-25 14:45 - 00000000 _____ () C:\Windows\SysWOW64\FAP3385.tmp
2014-02-25 13:55 - 2014-02-25 13:55 - 00000000 _____ () C:\Windows\SysWOW64\FAPCC96.tmp
2014-02-25 13:15 - 2014-02-25 13:15 - 00000000 _____ () C:\Windows\SysWOW64\FAP2E71.tmp
2014-02-25 12:45 - 2011-12-23 00:18 - 00000000 ____D () C:\Users\rolando\Desktop\AMVs
2014-02-25 12:42 - 2014-02-25 12:42 - 00018768 _____ () C:\Users\rolando\Documents\cc_20140225_114243.reg
2014-02-25 12:42 - 2012-06-25 14:25 - 00002776 _____ () C:\Windows\System32\Tasks\CCleanerSkipUAC
2014-02-25 12:42 - 2011-04-12 21:58 - 00000000 ____D () C:\Program Files\CCleaner
2014-02-24 20:43 - 2014-01-02 19:51 - 00000000 ____D () C:\Program Files (x86)\Google
2014-02-23 14:57 - 2009-07-13 22:20 - 00000000 ____D () C:\Windows\system32\NDF
2014-02-19 22:32 - 2014-02-19 22:32 - 00002165 _____ () C:\Users\rolando\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Microsoft OneDrive.lnk
2014-02-18 15:00 - 2014-02-18 15:00 - 00001178 _____ () C:\Users\rolando\Desktop\10.154.4.123.crt
2014-02-17 19:23 - 2014-02-17 19:16 - 00000000 ____D () C:\Users\rolando\AppData\Local\Pokemon Showdown
2014-02-17 19:16 - 2011-11-11 10:30 - 00000000 ____D () C:\Users\rolando\Documents\My Games
2014-02-17 19:15 - 2014-02-17 19:15 - 00002022 _____ () C:\Users\rolando\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Pokemon Showdown.lnk
2014-02-17 19:15 - 2014-02-17 19:15 - 00000000 ____D () C:\Program Files (x86)\Pokemon Showdown
2014-02-17 14:42 - 2009-07-13 22:20 - 00000000 ____D () C:\Windows\Help
2014-02-17 14:41 - 2009-07-13 22:20 - 00000000 ____D () C:\Windows\system32\zh-HK
2014-02-17 14:41 - 2009-07-13 22:20 - 00000000 ____D () C:\Windows\system32\tr-TR
2014-02-17 14:41 - 2009-07-13 22:20 - 00000000 ____D () C:\Windows\system32\th-TH
2014-02-17 14:41 - 2009-07-13 22:20 - 00000000 ____D () C:\Windows\system32\sl-SI
2014-02-17 14:41 - 2009-07-13 22:20 - 00000000 ____D () C:\Windows\system32\sk-SK
2014-02-17 14:41 - 2009-07-13 22:20 - 00000000 ____D () C:\Windows\system32\ro-RO
2014-02-17 14:41 - 2009-07-13 22:20 - 00000000 ____D () C:\Windows\system32\lv-LV
2014-02-17 14:41 - 2009-07-13 22:20 - 00000000 ____D () C:\Windows\system32\lt-LT
2014-02-17 14:41 - 2009-07-13 22:20 - 00000000 ____D () C:\Windows\system32\hr-HR
2014-02-17 14:41 - 2009-07-13 22:20 - 00000000 ____D () C:\Windows\system32\he-IL
2014-02-17 14:41 - 2009-07-13 22:20 - 00000000 ____D () C:\Windows\system32\et-EE
2014-02-17 14:41 - 2009-07-13 22:20 - 00000000 ____D () C:\Windows\system32\bg-BG
2014-02-17 14:41 - 2009-07-13 22:20 - 00000000 ____D () C:\Windows\system32\ar-SA
2014-02-17 14:35 - 2014-02-17 14:10 - 82997200 _____ () C:\Users\rolando\Desktop\R262653.exe
2014-02-16 21:16 - 2014-02-16 21:16 - 00000000 ____D () C:\Program Files (x86)\uTorrent
2014-02-16 18:55 - 2012-04-24 15:19 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service
2014-02-16 18:53 - 2013-10-17 14:29 - 00000000 ____D () C:\Program Files\Microsoft Lync
2014-02-16 18:53 - 2013-10-17 14:29 - 00000000 ____D () C:\Program Files (x86)\Microsoft Lync
2014-02-16 18:53 - 2013-07-11 12:17 - 00000000 ____D () C:\Windows\system32\MRT
2014-02-16 18:47 - 2011-04-26 18:47 - 88567024 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2014-02-16 18:40 - 2012-02-15 11:43 - 00909480 _____ () C:\Windows\SysWOW64\PerfStringBackup.INI
2014-02-16 18:37 - 2009-07-13 21:34 - 00000478 _____ () C:\Windows\win.ini
2014-02-15 23:41 - 2014-02-15 23:41 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2014-02-14 16:15 - 2011-03-14 02:28 - 00000000 ____D () C:\ProgramData\Adobe
2014-02-14 15:34 - 2014-02-14 15:33 - 06442903 _____ () C:\Users\rolando\Desktop\twister-0.9.13-win32-bundle.zip
2014-02-13 22:44 - 2014-02-13 22:43 - 14816459 _____ () C:\Users\rolando\Desktop\Pokemon_The_Complete_Story_aka_Zensho_c0_[M-L][2F413C05].cbz
 
Some content of TEMP:
====================
C:\Users\rolando\AppData\Local\Temp\exe2pin.exe
C:\Users\rolando\AppData\Local\Temp\xmlUpdater.exe
 
 
==================== Bamital & volsnap Check =================
 
C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\SysWOW64\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\rpcss.dll => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit
 
 
LastRegBack: 2014-03-10 11:33
 
==================== End Of Log ============================
 
 
Addition Log:
 
 
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 13-03-2014
Ran by rolando at 2014-03-15 08:43:41
Running from C:\Users\rolando\Desktop
Boot Mode: Normal
==========================================================
 
 
==================== Security Center ========================
 
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
 
==================== Installed Programs ======================
 
 Tools for .Net 3.5 (x32 Version: 3.11.50727 - Microsoft Corporation) Hidden
µTorrent (HKCU\...\uTorrent) (Version: 1.7.7 - )
7-Zip 9.20 (x64 edition) (HKLM\...\{23170F69-40C1-2702-0920-000001000000}) (Version: 9.20.00.0 - Igor Pavlov)
Absolute Notifier (HKLM-x32\...\{EBE939ED-4612-45FD-A39E-77AC199C4273}) (Version: 1.4.3.20 - Absolute Software)
Accidental Damage Services Agreement (HKLM-x32\...\{330B7AAD-B2FE-4989-B02A-DDA5A174FCDF}) (Version: 2.0.0 - Dell Inc.)
Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 4.0.0.1390 - Adobe Systems Incorporated)
Adobe AIR (x32 Version: 4.0.0.1390 - Adobe Systems Incorporated) Hidden
Adobe Community Help (HKLM-x32\...\chc.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1) (Version: 3.0.0.400 - Adobe Systems Incorporated)
Adobe Community Help (x32 Version: 3.0.0 - Adobe Systems Incorporated) Hidden
Adobe Dreamweaver CS5 (HKLM-x32\...\{C79312BD-3E76-4474-A10C-1435D1856A4B}) (Version: 11.0 - Adobe Systems Incorporated)
Adobe Flash Player 11 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 11.5.502.110 - Adobe Systems Incorporated)
Adobe Flash Player 12 Plugin (HKLM-x32\...\Adobe Flash Player Plugin) (Version: 12.0.0.44 - Adobe Systems Incorporated)
Adobe Media Player (HKLM-x32\...\com.adobe.amp.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1) (Version: 1.8 - Adobe Systems Incorporated)
Adobe Media Player (x32 Version: 1.8 - Adobe Systems Incorporated) Hidden
Adobe Reader XI (11.0.06) (HKLM-x32\...\{AC76BA86-7AD7-1033-7B44-AB0000000001}) (Version: 11.0.06 - Adobe Systems Incorporated)
Adobe Shockwave Player 12.0 (HKLM-x32\...\Adobe Shockwave Player) (Version: 12.0.2.122 - Adobe Systems, Inc.)
Advanced Audio FX Engine (HKLM-x32\...\Advanced Audio FX Engine) (Version: 1.12.05 - Creative Technology Ltd)
AlienRespawn - Support Software (HKLM-x32\...\{A9668246-FB70-4103-A1E3-66C9BC2EFB49}) (Version:  - Alienware)
AlienRespawn (HKLM-x32\...\{0ED7EE95-6A97-47AA-AD73-152C08A15B04}) (Version: 9.4.51 - Alienware)
AMD APP SDK Runtime (Version: 10.0.831.4 - Advanced Micro Devices Inc.) Hidden
AMD Catalyst Install Manager (HKLM\...\{35A50BE1-FDD7-4FC7-CCE5-03D2A63D4CF4}) (Version: 3.0.855.0 - Advanced Micro Devices, Inc.)
BlackBerry Desktop Software 6.1 (HKLM-x32\...\BlackBerry_Desktop) (Version: 6.1.0.35 - Research In Motion Ltd.)
BlackBerry Desktop Software 6.1 (x32 Version: 6.1.0.35 - Research In Motion Ltd.) Hidden
Blend for Visual Studio 2012 (x32 Version: 5.0.30709.0 - Microsoft Corporation) Hidden
Blend for Visual Studio 2012 ENU resources (x32 Version: 5.0.30709.0 - Microsoft Corporation) Hidden
Blend for Visual Studio Add-in for Adobe FXG Import (x32 Version: 1.0.40218.0 - Microsoft Corporation) Hidden
Blend for Visual Studio SDK for .NET 4.5 (x32 Version: 3.0.40218.0 - Microsoft Corporation) Hidden
Blend for Visual Studio SDK for Silverlight 5 (x32 Version: 3.0.40218.0 - Microsoft Corporation) Hidden
Bonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 - Apple Inc.)
Box Sync (64 bit) (HKLM\...\{C1135974-554F-476D-B04F-0B79CFE49364}) (Version: 3.4.25.0 - Box, Inc)
calibre (HKLM-x32\...\{D0AA226A-712B-4119-9B28-ABEDD936720F}) (Version: 1.26.0 - Kovid Goyal)
Catalyst Control Center - Branding (x32 Version: 1.00.0000 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center (x32 Version: 2011.1109.2212.39826 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Graphics Previews Common (x32 Version: 2011.1109.2212.39826 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center InstallProxy (x32 Version: 2011.1109.2212.39826 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Localization All (x32 Version: 2011.1109.2212.39826 - Advanced Micro Devices, Inc.) Hidden
CCC Help Chinese Standard (x32 Version: 2011.1109.2211.39826 - Advanced Micro Devices, Inc.) Hidden
CCC Help Chinese Traditional (x32 Version: 2011.1109.2211.39826 - Advanced Micro Devices, Inc.) Hidden
CCC Help Czech (x32 Version: 2011.1109.2211.39826 - Advanced Micro Devices, Inc.) Hidden
CCC Help Danish (x32 Version: 2011.1109.2211.39826 - Advanced Micro Devices, Inc.) Hidden
CCC Help Dutch (x32 Version: 2011.1109.2211.39826 - Advanced Micro Devices, Inc.) Hidden
CCC Help English (x32 Version: 2011.1109.2211.39826 - Advanced Micro Devices, Inc.) Hidden
CCC Help Finnish (x32 Version: 2011.1109.2211.39826 - Advanced Micro Devices, Inc.) Hidden
CCC Help French (x32 Version: 2011.1109.2211.39826 - Advanced Micro Devices, Inc.) Hidden
CCC Help German (x32 Version: 2011.1109.2211.39826 - Advanced Micro Devices, Inc.) Hidden
CCC Help Greek (x32 Version: 2011.1109.2211.39826 - Advanced Micro Devices, Inc.) Hidden
CCC Help Hungarian (x32 Version: 2011.1109.2211.39826 - Advanced Micro Devices, Inc.) Hidden
CCC Help Italian (x32 Version: 2011.1109.2211.39826 - Advanced Micro Devices, Inc.) Hidden
CCC Help Japanese (x32 Version: 2011.1109.2211.39826 - Advanced Micro Devices, Inc.) Hidden
CCC Help Korean (x32 Version: 2011.1109.2211.39826 - Advanced Micro Devices, Inc.) Hidden
CCC Help Norwegian (x32 Version: 2011.1109.2211.39826 - Advanced Micro Devices, Inc.) Hidden
CCC Help Polish (x32 Version: 2011.1109.2211.39826 - Advanced Micro Devices, Inc.) Hidden
CCC Help Portuguese (x32 Version: 2011.1109.2211.39826 - Advanced Micro Devices, Inc.) Hidden
CCC Help Russian (x32 Version: 2011.1109.2211.39826 - Advanced Micro Devices, Inc.) Hidden
CCC Help Spanish (x32 Version: 2011.1109.2211.39826 - Advanced Micro Devices, Inc.) Hidden
CCC Help Swedish (x32 Version: 2011.1109.2211.39826 - Advanced Micro Devices, Inc.) Hidden
CCC Help Thai (x32 Version: 2011.1109.2211.39826 - Advanced Micro Devices, Inc.) Hidden
CCC Help Turkish (x32 Version: 2011.1109.2211.39826 - Advanced Micro Devices, Inc.) Hidden
ccc-utility64 (Version: 2011.1109.2212.39826 - Advanced Micro Devices, Inc.) Hidden
CCleaner (HKLM\...\CCleaner) (Version: 4.11 - Piriform)
Chrome Remote Desktop Host (HKLM-x32\...\{D5913187-E268-4F49-BE51-BE7E2517866B}) (Version: 33.0.1750.125 - Google Inc.)
ChromecastApp (HKCU\...\{079ede36-133d-44b0-8053-c7c1fa8d2e0d}_is1) (Version: 1.1.266.0 - Google Inc.)
Cisco EAP-FAST Module (HKLM-x32\...\{64BF0187-F3D2-498B-99EA-163AF9AE6EC9}) (Version: 2.2.14 - Cisco Systems, Inc.)
Cisco LEAP Module (HKLM-x32\...\{51C7AD07-C3F6-4635-8E8A-231306D810FE}) (Version: 1.0.19 - Cisco Systems, Inc.)
Cisco PEAP Module (HKLM-x32\...\{ED5776D5-59B4-46B7-AF81-5F2D94D7C640}) (Version: 1.1.6 - Cisco Systems, Inc.)
Citrix Authentication Manager (x32 Version: 2.0.0.41479 - Citrix Systems, Inc.) Hidden
Citrix Receiver (HDX Flash Redirection) (x32 Version: 13.1.201.3 - Citrix Systems, Inc.) Hidden
Citrix Receiver (HKLM-x32\...\CitrixOnlinePluginPackWeb) (Version: 13.1.201.3 - Citrix Systems, Inc.)
Citrix Receiver Inside (x32 Version: 3.2.0.5844 - Citrix Systems, Inc.) Hidden
Citrix Receiver(Aero) (x32 Version: 13.1.201.3 - Citrix Systems, Inc.) Hidden
Citrix Receiver(DV) (x32 Version: 13.1.201.3 - Citrix Systems, Inc.) Hidden
Citrix Receiver(USB) (x32 Version: 13.1.201.3 - Citrix Systems, Inc.) Hidden
CleanMem (HKLM-x32\...\CleanMem) (Version: v2.1.1 - PcWinTech.com)
CLEAR Connection Manager (HKLM\...\{F220B286-E612-4BE3-A306-BE30099BF16C}) (Version: 2.01.0047.0 - Clearwire)
CodeStuff Starter (HKLM-x32\...\CodeStuff Starter) (Version: 5.6.2.9 - CodeStuff)
Combined Community Codec Pack 2014-01-17 (HKLM-x32\...\Combined Community Codec Pack_is1) (Version: 2014.01.17.0 - CCCP Project)
Command Center (HKLM-x32\...\InstallShield_{AE1E0DFB-A3D9-451C-AA7F-46FD390400D4}) (Version: 2.5.54.0 - Alienware Corp.)
Command Center (Version: 2.5.54.0 - Alienware Corp.) Hidden
Content Manager Assistant for PlayStation® (HKLM-x32\...\{32C46540-7693-49E1-A81E-121B09C8303B}) (Version: 3.00.7187.47 - Sony Computer Entertainment Inc.)
Corel Graphics - Windows Shell Extension (HKLM\...\_{EBDC2D0D-1E26-4EF2-BB48-C7E18F7800C6}) (Version: 16.0.0.707 - Corel Corporation)
Corel Graphics - Windows Shell Extension (Version: 16.0.707 - Corel Corporation) Hidden
Corel Graphics - Windows Shell Extension 32 Bit (Version: 16.0.707 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X5 - Windows Shell Extension 64 Bit (Version: 15.0.487 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X6 - Capture (x64) (Version: 16.0 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X6 - Common (x64) (Version: 16.0 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X6 - Connect (x64) (Version: 16.0 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X6 - Custom Data (x64) (Version: 16.0 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X6 - Draw (x64) (Version: 16.0 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X6 - EN (x64) (Version: 16.0 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X6 - Filters (x64) (Version: 16.0 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X6 - FontNav (x64) (Version: 16.0 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X6 - IPM (Version: 16.0 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X6 - PHOTO-PAINT (x64) (Version: 16.0 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X6 - Photozoom Plugin (x64) (Version: 16.0 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X6 - Redist (x64) (Version: 16.0 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X6 - Setup Files (x64) (Version: 16.0 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X6 - VBA (x64) (Version: 16.0 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X6 - VideoBrowser (x64) (Version: 16.0 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X6 - VSTA (x64) (Version: 16.0 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X6 - Writing Tools (x64) (Version: 16.0 -  Corel Corporation) Hidden
CorelDRAW Graphics Suite X6 (64-Bit) (HKLM\...\_{BDBFAC49-8877-472F-876B-75ADB7DBC955}) (Version: 16.0.0.707 - Corel Corporation)
CorelDRAW Graphics Suite X6 (x64) (Version: 16.0 - Corel Corporation) Hidden
Crystal Reports for Visual Studio (x32 Version: 12.51.0.240 - SAP) Hidden
CX (HKCU\...\CX) (Version: 1.0.3.0 - CX Inc)
D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
DAEMON Tools Lite (HKLM-x32\...\DAEMON Tools Lite) (Version: 4.48.1.0347 - Disc Soft Ltd)
DC++ 0.831 (HKLM-x32\...\DC++) (Version: 0.831 - Jacek Sieka)
Definition Update for Microsoft Office 2010 (KB982726) 64-Bit Edition (HKLM\...\{91140000-0011-0000-1000-0000000FF1CE}_Office14.PROPLUSR_{3823EC5A-1CA4-42CA-9D5B-F94ABD65410D}) (Version:  - Microsoft)
Definition Update for Microsoft Office 2010 (KB982726) 64-Bit Edition (HKLM\...\{91140000-0057-0000-1000-0000000FF1CE}_Office14.VISIOR_{3823EC5A-1CA4-42CA-9D5B-F94ABD65410D}) (Version:  - Microsoft)
Definition Update for Microsoft Office 2013 (KB2760587) 64-Bit Edition (HKLM\...\{91150000-003B-0000-1000-0000000FF1CE}_Office15.PRJPROR_{BED39C88-768C-4345-BF11-58436C984F2A}) (Version:  - Microsoft)
Dell InHome Service Agreement (HKLM-x32\...\{41AA8F20-FD30-4878-9080-6D5BE575FD41}) (Version: 2.0.0 - Dell Inc.)
Deluge 1.3.6 (HKLM-x32\...\Deluge) (Version:  - )
DirectVobSub 2.41.6609 (64-bit) (HKLM\...\vsfilter64_is1) (Version: 2.41.6609 - MPC-HC Team)
Dishonored The Brigmore Witches (HKLM-x32\...\RGlzaG9ub3JlZA==_is1) (Version: 1 - )
Dotfuscator and Analytics Community Edition (x32 Version: 5.5.4521.29298 - PreEmptive Solutions) Hidden
Dotfuscator Software Services - Community Edition (HKLM-x32\...\{1AA5BD63-6614-44B2-88A7-605191EDB835}) (Version: 5.0.2500.0 - PreEmptive Solutions)
Dragons Prophet (HKCU\...\SOE-Dragons Prophet) (Version: 1.0.3.183 - Sony Online Entertainment)
Dual-Core Optimizer (HKLM-x32\...\{9FD6F1A8-5550-46AF-8509-271DF0E768B5}) (Version: 1.1.4.0169 - AMD)
DVD Flick 1.3.0.7 (HKLM-x32\...\DVD Flick_is1) (Version: 1.3.0.7 - Dennis Meuwissen)
DVDFab 8.0.6.8 (05/01/2011) (HKLM-x32\...\DVDFab 8_is1) (Version:  - Fengtao Software Inc.)
DW WLAN Card Utility (HKLM\...\DW WLAN Card Utility) (Version: 5.60.48.35 - Dell Inc.)
eLab Client version 1.2.1.20 (HKLM-x32\...\eLab Client_is1) (Version:  - LabMentors, Inc.)
Emsisoft Anti-Malware (HKLM-x32\...\{BC30E5E7-047D-4232-A7E8-F2CB7CC7B2E0}_is1) (Version: 8.1 - Emsisoft GmbH)
Entity Framework Designer for Visual Studio 2012 - enu (HKLM-x32\...\{AFA4B0BF-3289-495A-B949-BA91F39B1A44}) (Version: 11.1.21009.00 - Microsoft Corporation)
ESET Online Scanner v3 (HKLM-x32\...\ESET Online Scanner) (Version:  - )
Exact Audio Copy 1.0beta2 (HKLM-x32\...\Exact Audio Copy) (Version: 1.0beta2 - Andre Wiethoff)
f.lux (HKCU\...\Flux) (Version:  - )
FileHippo.com Update Checker (HKLM-x32\...\FileHippo.com) (Version:  - )
FINAL FANTASY XIV - A Realm Reborn (HKLM-x32\...\{2B41E132-07DF-4925-A3D3-F2D1765CCDFE}) (Version: 1.0.0000 - SQUARE ENIX CO., LTD.)
Ghostery IE Plugin (HKLM-x32\...\Ghostery IE Plugin_is1) (Version: 2.5.2.0 - Ghostery)
Google Update Helper (x32 Version: 1.3.22.5 - Google Inc.) Hidden
Gpg4win (2.1.1) (HKLM-x32\...\GPG4Win) (Version: 2.1.1 - The Gpg4win Project)
Gtk# for .Net 2.12.9 (HKLM-x32\...\{3CB70B01-4BC8-4C0F-B28F-7C6E33F913CC}) (Version: 2.12.9 - Novell, Inc.)
HandBrake 0.9.8 (HKLM-x32\...\HandBrake) (Version: 0.9.8 - )
HashTab 5.1.0.23 (HKLM\...\HashTab) (Version: 5.1.0.23 - Implbits Software)
HP Mouse Suite (HKLM-x32\...\{213FF60A-9899-4145-8428-D144778BE117}) (Version: 1.1.2 - Hewlett-Packard)
HydraIRC (HKLM-x32\...\HydraIRC) (Version: 0.3.165 - Hydra Productions)
IIS 8.0 Express (HKLM\...\{7BF61FA9-BDFB-4563-98AD-FCB0DA28CCC7}) (Version: 8.0.1557 - Microsoft Corporation)
IIS Express Application Compatibility Database for x64 (HKLM\...\{9f4f4a9b-eec5-4906-92fe-d1f43ccf5c8d}.sdb) (Version:  - )
IIS Express Application Compatibility Database for x86 (HKLM\...\{fdfba1f3-74ae-4255-9c10-a0f552b4610f}.sdb) (Version:  - )
ImgBurn (HKLM-x32\...\ImgBurn) (Version: 2.5.8.0 - LIGHTNING UK!)
Inkscape 0.48.4 (HKLM-x32\...\Inkscape) (Version: 0.48.4 - )
Inky (HKCU\...\Inky) (Version: 1.0 - Arcode Corporation)
Integrated Webcam Live! Central (HKLM-x32\...\Integrated Webcam Live! Central) (Version: 2.00.39 - Creative Technology Ltd)
Intel® Control Center (HKLM-x32\...\{F8A9085D-4C7A-41a9-8A77-C8998A96C421}) (Version: 1.2.1.1007 - Intel Corporation)
Intel® Network Connections 14.8.43.0 (HKLM\...\PROSetDX) (Version: 14.8.43.0 - Intel)
Intel® Network Connections 14.8.43.0 (Version: 14.8.43.0 - Intel) Hidden
Intel® Rapid Storage Technology (HKLM-x32\...\{3E29EE6C-963A-4aae-86C1-DC237C4A49FC}) (Version: 9.6.0.1014 - Intel Corporation)
Java 7 Update 51 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F86417051FF}) (Version: 7.0.510 - Oracle)
Java SE Development Kit 7 Update 25 (64-bit) (HKLM\...\{64A3A4F4-B792-11D6-A78A-00B0D0170250}) (Version: 1.7.0.250 - Oracle)
JavaScript Tooling (Version: 11.0.60315 - Microsoft Corporation) Hidden
JavaScript Tooling (x32 Version: 11.0.60315 - Microsoft Corporation) Hidden
KeePass Password Safe 2.24 (HKLM-x32\...\KeePassPasswordSafe2_is1) (Version: 2.24 - Dominik Reichl)
KeyScrambler (HKLM-x32\...\KeyScrambler) (Version: 3.3.0.0 - QFX Software Corporation)
KVIrc (HKLM-x32\...\KVIrc) (Version:  - Szymon Stefanek and The KVIrc Development Team)
LibUSB-Win32-0.1.10.1 (HKLM-x32\...\LibUSB-Win32_is1) (Version: 0.1.10.1 - LibUSB-Win32)
LocalESPC (x32 Version: 8.59.25584 - Microsoft Corporation) Hidden
LocalESPCui for en-us (x32 Version: 8.59.25584 - Microsoft) Hidden
LogMeIn (HKLM-x32\...\{65179FD8-04C0-40A7-87FC-007F2CD5BF1E}) (Version: 4.1.1586 - LogMeIn, Inc.)
LogonStudio (HKLM-x32\...\LogonStudio) (Version:  - )
Malwarebytes Anti-Malware version 1.75.0.1300 (HKLM-x32\...\Malwarebytes' Anti-Malware_is1) (Version: 1.75.0.1300 - Malwarebytes Corporation)
Microsoft .NET Framework 4 Multi-Targeting Pack (HKLM-x32\...\{CFEF48A8-BFB8-3EAC-8BA5-DE4F8AA267CE}) (Version: 4.0.30319 - Microsoft Corporation)
Microsoft .NET Framework 4.5 Multi-Targeting Pack (HKLM-x32\...\{5CBFF3F3-2D40-34EE-BCA5-A95BC19E400D}) (Version: 4.5.50709 - Microsoft Corporation)
Microsoft .NET Framework 4.5 SDK (HKLM-x32\...\{1948E039-EC79-4591-951D-9867A8C14C90}) (Version: 4.5.50709 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 (Version: 4.5.50938 - Microsoft Corporation) Hidden
Microsoft Application Error Reporting (Version: 12.0.6015.5000 - Microsoft Corporation) Hidden
Microsoft Application Error Reporting (x32 Version: 12.0.6012.5000 - Microsoft Corporation) Hidden
Microsoft AppLocale (HKLM-x32\...\{394BE3D9-7F57-4638-A8D1-1D88671913B7}) (Version: 1.0.0 - MS)
Microsoft ASP.NET MVC 2 - Visual Studio 2010 Tools (HKLM-x32\...\{40416836-56CC-4C0E-A6AF-5C34BADCE483}) (Version: 2.0.50217.0 - Microsoft Corporation)
Microsoft ASP.NET MVC 2 (HKLM-x32\...\{1803A630-3C38-4D2B-9B9A-0CB37243539C}) (Version: 2.0.50217.0 - Microsoft Corporation)
Microsoft ASP.NET MVC 3 - Visual Studio 2012 Tools Update (x32 Version: 3.0.30710.0 - Microsoft Corporation) Hidden
Microsoft ASP.NET MVC 3 (HKLM-x32\...\{DCDEC776-BADD-48B9-8F9A-DFF513C3D7FA}) (Version: 3.0.20105.0 - Microsoft Corporation)
Microsoft ASP.NET MVC 4 - Visual Studio 2012 Tools - ENU (x32 Version: 4.1.20219.0 - Microsoft Corporation) Hidden
Microsoft ASP.NET MVC 4 Runtime (x32 Version: 4.0.20710.0 - Microsoft Corporation) Hidden
Microsoft ASP.NET Web Pages - Visual Studio 2012 Tools (x32 Version: 1.0.20710.0 - Microsoft Corporation) Hidden
Microsoft ASP.NET Web Pages (HKLM-x32\...\{631471BE-DEAB-454B-A9AC-CE3EB42C28B3}) (Version: 1.0.20105.0 - Microsoft Corporation)
Microsoft ASP.NET Web Pages 2 - Visual Studio 2012 Tools - ENU (x32 Version: 4.1.20219.0 - Microsoft Corporation) Hidden
Microsoft ASP.NET Web Pages 2 Runtime (x32 Version: 2.0.20715.0 - Microsoft Corporation) Hidden
Microsoft Expression Blend SDK for .NET 4 (x32 Version: 2.0.20525.0 - Microsoft Corporation) Hidden
Microsoft Expression Blend SDK for Silverlight 4 (x32 Version: 2.0.20525.0 - Microsoft Corporation) Hidden
Microsoft Games for Windows - LIVE Redistributable (HKLM-x32\...\{832D9DE0-8AFC-4689-9819-4DBBDEBD3E4F}) (Version: 3.5.92.0 - Microsoft Corporation)
Microsoft Games for Windows Marketplace (HKLM-x32\...\{4CB0307C-565E-4441-86BE-0DF2E4FB828C}) (Version: 3.5.50.0 - Microsoft Corporation)
Microsoft Help Viewer 1.1 (HKLM\...\Microsoft Help Viewer 1.1) (Version: 1.1.40219 - Microsoft Corporation)
Microsoft Help Viewer 1.1 (Version: 1.1.40219 - Microsoft Corporation) Hidden
Microsoft Help Viewer 2.0 (HKLM-x32\...\Microsoft Help Viewer 2.0) (Version: 2.0.50727 - Microsoft Corporation)
Microsoft Help Viewer 2.0 (x32 Version: 2.0.50727 - Microsoft Corporation) Hidden
Microsoft LightSwitch for Visual Studio 2012 Core (x32 Version: 11.0.50727 - Microsoft Corporation) Hidden
Microsoft LightSwitch for Visual Studio 2012 CoreRes - ENU (x32 Version: 11.0.50727 - Microsoft Corporation) Hidden
Microsoft LightSwitch for Visual Studio 2012 v3.0 Core (x32 Version: 11.0.60308 - Microsoft Corporation) Hidden
Microsoft LightSwitch for Visual Studio 2012 v3.0 CoreRes - ENU (x32 Version: 11.0.60308 - Microsoft Corporation) Hidden
Microsoft Lync 2010 (HKLM\...\{81BE0B17-563B-45D4-B198-5721E6C665CD}) (Version: 4.0.7577.4419 - Microsoft Corporation)
Microsoft NuGet - Visual Studio 2012 (x32 Version: 2.0.30625.9003 - Microsoft Corporation) Hidden
Microsoft Office 32-bit Components 2013 (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Microsoft Office Access database engine 2007 (English) (HKLM-x32\...\{90120000-00D1-0409-0000-0000000FF1CE}) (Version: 12.0.6612.1000 - Microsoft Corporation)
Microsoft Office Access MUI (English) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Access Setup Metadata MUI (English) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Excel MUI (English) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office File Validation Add-In (HKLM-x32\...\{90140000-2005-0000-0000-0000000FF1CE}) (Version: 14.0.5130.5003 - Microsoft Corporation)
Microsoft Office Groove MUI (English) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office InfoPath MUI (English) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Office 32-bit Components 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office OneNote MUI (English) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office OSM MUI (English) 2013 (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Microsoft Office Outlook MUI (English) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office PowerPoint MUI (English) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Professional Plus 2010 (HKLM\...\Office14.PROPLUSR) (Version: 14.0.7015.1000 - Microsoft Corporation)
Microsoft Office Professional Plus 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (English) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (French) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (Spanish) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Proofing (English) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Proofing (English) 2013 (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Microsoft Office Proofing Tools 2013 - English (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Microsoft Office Proofing Tools 2013 - Español (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Microsoft Office Publisher MUI (English) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared 32-bit MUI (English) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared 32-bit MUI (English) 2013 (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Microsoft Office Shared MUI (English) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared MUI (English) 2013 (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Microsoft Office Shared Setup Metadata MUI (English) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared Setup Metadata MUI (English) 2013 (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Microsoft Office Visio 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Visio MUI (English) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Word MUI (English) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft OneDrive (HKCU\...\OneDriveSetup.exe) (Version: 17.0.4029.0217 - Microsoft Corporation)
Microsoft Portable Library Multi-Targeting Pack (x32 Version: 11.0.60130.00 - Microsoft Corporation) Hidden
Microsoft Portable Library Multi-Targeting Pack Language Pack - enu (x32 Version: 11.0.50709.17929 - Microsoft Corporation) Hidden
Microsoft Project MUI (English) 2013 (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Microsoft Project Professional 2013 (HKLM\...\Office15.PRJPROR) (Version: 15.0.4569.1506 - Microsoft Corporation)
Microsoft Project Professional 2013 (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Microsoft Report Viewer Add-On for Visual Studio 2012 (x32 Version: 11.1.2802.16 - Microsoft Corporation) Hidden
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.20913.0 - Microsoft Corporation)
Microsoft Silverlight 5 SDK (HKLM-x32\...\{E1FBB3D4-ADB0-4949-B101-855DA061C735}) (Version: 5.0.61118.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft SQL Server 2008 (64-bit) (HKLM\...\Microsoft SQL Server 10 Release) (Version:  - Microsoft Corporation)
Microsoft SQL Server 2008 (64-bit) (Version:  - Microsoft Corporation) Hidden
Microsoft SQL Server 2008 Browser (HKLM-x32\...\{C688457E-03FD-4941-923B-A27F4D42A7DD}) (Version: 10.3.5500.0 - Microsoft Corporation)
Microsoft SQL Server 2008 Common Files (Version: 10.3.5500.0 - Microsoft Corporation) Hidden
Microsoft SQL Server 2008 Database Engine Services (Version: 10.3.5500.0 - Microsoft Corporation) Hidden
Microsoft SQL Server 2008 Database Engine Shared (Version: 10.3.5500.0 - Microsoft Corporation) Hidden
Microsoft SQL Server 2008 Native Client (HKLM\...\{2738C4AA-420E-4E13-ADEF-B5AB250E3EF1}) (Version: 10.3.5500.0 - Microsoft Corporation)
Microsoft SQL Server 2008 R2 Data-Tier Application Framework (HKLM-x32\...\{BC537AE0-88AF-47ED-B762-33B0D62B5188}) (Version: 10.50.1750.9 - Microsoft Corporation)
Microsoft SQL Server 2008 R2 Data-Tier Application Project (HKLM-x32\...\{7A56D81D-6406-40E7-9184-8AC1769C4D69}) (Version: 10.50.1750.9 - Microsoft Corporation)
Microsoft SQL Server 2008 R2 Management Objects (HKLM-x32\...\{77F1F8AD-51B8-4490-AEEC-BF480073E0FC}) (Version: 10.50.1750.9 - Microsoft Corporation)
Microsoft SQL Server 2008 R2 Management Objects (x64) (HKLM\...\{EAEBF166-B06A-4D7F-BAF7-6615303D5C7C}) (Version: 10.50.1750.9 - Microsoft Corporation)
Microsoft SQL Server 2008 R2 Transact-SQL Language Service (HKLM-x32\...\{09C52940-A4D1-4409-A7CC-1AAE630CF578}) (Version: 10.50.1750.9 - Microsoft Corporation)
Microsoft SQL Server 2008 RsFx Driver (Version: 10.3.5500.0 - Microsoft Corporation) Hidden
Microsoft SQL Server 2008 Setup Support Files  (HKLM\...\{6292D514-17A4-403F-98F9-E150F10C043D}) (Version: 10.3.5500.0 - Microsoft Corporation)
Microsoft SQL Server 2012 Command Line Utilities  (HKLM\...\{9D573E71-1077-4C7E-B4DB-4E22A5D2B48B}) (Version: 11.0.2100.60 - Microsoft Corporation)
Microsoft SQL Server 2012 Data-Tier App Framework  (HKLM\...\{36E619BC-A234-4EC3-849B-779A7C865A45}) (Version: 11.0.2316.0 - Microsoft Corporation)
Microsoft SQL Server 2012 Data-Tier App Framework  (HKLM-x32\...\{FBA6F90E-36EC-4FC9-9B25-3834E3BD46A8}) (Version: 11.0.2316.0 - Microsoft Corporation)
Microsoft SQL Server 2012 Express LocalDB  (HKLM\...\{13D558FE-A863-402C-B115-160007277033}) (Version: 11.0.2100.60 - Microsoft Corporation)
Microsoft SQL Server 2012 Management Objects  (HKLM-x32\...\{DA1C1761-5F4F-4332-AB9D-29EDF3F8EA0A}) (Version: 11.0.2100.60 - Microsoft Corporation)
Microsoft SQL Server 2012 Management Objects  (x64) (HKLM\...\{FA0A244E-F3C2-4589-B42A-3D522DE79A42}) (Version: 11.0.2100.60 - Microsoft Corporation)
Microsoft SQL Server 2012 Native Client  (HKLM\...\{49D665A2-4C2A-476E-9AB8-FCC425F526FC}) (Version: 11.0.2100.60 - Microsoft Corporation)
Microsoft SQL Server 2012 Transact-SQL Compiler Service  (HKLM\...\{BEB0F91E-F2EA-48A1-B938-7857ABF2A93D}) (Version: 11.0.2100.60 - Microsoft Corporation)
Microsoft SQL Server 2012 Transact-SQL ScriptDom  (HKLM\...\{0E8670B8-3965-4930-ADA6-570348B67153}) (Version: 11.0.2100.60 - Microsoft Corporation)
Microsoft SQL Server 2012 T-SQL Language Service  (HKLM-x32\...\{6D6D43E5-218C-4B05-92D3-2240810F4760}) (Version: 11.0.2100.60 - Microsoft Corporation)
Microsoft SQL Server Compact 3.5 SP2 ENU (HKLM-x32\...\{3A9FC03D-C685-4831-94CF-4EDFD3749497}) (Version: 3.5.8080.0 - Microsoft Corporation)
Microsoft SQL Server Compact 3.5 SP2 x64 ENU (HKLM\...\{D4AD39AD-091E-4D33-BB2B-59F6FCB8ADC3}) (Version: 3.5.8080.0 - Microsoft Corporation)
Microsoft SQL Server Compact 4.0 SP1 x64 ENU (HKLM\...\{78909610-D229-459C-A936-25D92283D3FD}) (Version: 4.0.8876.1 - Microsoft Corporation)
Microsoft SQL Server Data Tools - enu (11.1.20627.00) (HKLM-x32\...\{FA804794-2CCB-4301-954F-2C2894698876}) (Version: 11.1.20627.00 - Microsoft Corporation)
Microsoft SQL Server Data Tools Build Utilities - enu (11.1.20627.00) (HKLM-x32\...\{790E9425-8570-493F-9AE7-81AFC9E46930}) (Version: 11.1.20627.00 - Microsoft Corporation)
Microsoft SQL Server Database Publishing Wizard 1.4 (HKLM-x32\...\{ACE28263-76A4-4BF5-B6F4-8BD719595969}) (Version: 10.1.2512.8 - Microsoft Corporation)
Microsoft SQL Server System CLR Types (HKLM-x32\...\{877B76B2-F83F-4F5A-B28D-3F398641ADB6}) (Version: 10.50.1750.9 - Microsoft Corporation)
Microsoft SQL Server System CLR Types (x64) (HKLM\...\{1E6ED082-E32D-4B2B-8B6A-70B094815135}) (Version: 10.50.1750.9 - Microsoft Corporation)
Microsoft SQL Server VSS Writer (HKLM\...\{0826F9E4-787E-481D-83E0-BC6A57B056D5}) (Version: 10.3.5500.0 - Microsoft Corporation)
Microsoft Sync Framework Runtime v1.0 SP1 (x64) (HKLM\...\{8438EC02-B8A9-462D-AC72-1B521349C001}) (Version: 1.0.3010.0 - Microsoft Corporation)
Microsoft Sync Framework SDK v1.0 SP1 (HKLM-x32\...\{0E3DFC64-CC49-4BE2-8C9C-58EF129675DB}) (Version: 1.0.3010.0 - Microsoft Corporation)
Microsoft Sync Framework Services v1.0 SP1 (x64) (HKLM\...\{034106B5-54B7-467F-B477-5B7DBB492624}) (Version: 1.0.3010.0 - Microsoft Corporation)
Microsoft Sync Services for ADO.NET v2.0 SP1 (x64) (HKLM\...\{1D1CEEF8-3741-45BD-8E77-963E1DEBDDD3}) (Version: 2.0.3010.0 - Microsoft Corporation)
Microsoft System CLR Types for SQL Server 2012 (HKLM-x32\...\{E2082604-4BA5-44BB-BBFB-AF0F3CB8C6AB}) (Version: 11.0.2100.60 - Microsoft Corporation)
Microsoft System CLR Types for SQL Server 2012 (x64) (HKLM\...\{F1949145-EB64-4DE7-9D81-E6D27937146C}) (Version: 11.0.2100.60 - Microsoft Corporation)
Microsoft Team Foundation Server 2010 Object Model - ENU (HKLM\...\Microsoft Team Foundation Server 2010 Object Model - ENU) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Team Foundation Server 2010 Object Model - ENU (Version: 10.0.40219 - Microsoft Corporation) Hidden
Microsoft Visio Professional 2010 (HKLM\...\Office14.VISIOR) (Version: 14.0.7015.1000 - Microsoft Corporation)
Microsoft Visual Basic for Applications 7.1 (x64) (Version: 7.1.00.00 - Microsoft Corporation) Hidden
Microsoft Visual Basic for Applications 7.1 (x64) English (Version: 7.1.0.0 - Microsoft Corporation) Hidden
Microsoft Visual C++  Compilers 2010 Standard - enu - x64 (Version: 10.0.40219 - Microsoft Corporation) Hidden
Microsoft Visual C++  Compilers 2010 Standard - enu - x86 (x32 Version: 10.0.40219 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2005 ATL Update kb973923 - x64 8.0.50727.4053 (HKLM\...\{B6E3757B-5E77-3915-866A-CCFC4B8D194C}) (Version: 8.0.50727.4053 - Microsoft Corporation)
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 (HKLM-x32\...\{770657D0-A123-3C07-8E44-1C83EC895118}) (Version: 8.0.50727.4053 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) - KB2467175 (HKLM\...\{aac9fcc4-dd9e-4add-901c-b5496a07ab2e}) (Version: 8.0.51011 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{071c9b48-7c32-4621-a0ac-3f809523288f}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6E8E85E8-CE4B-4FF5-91F7-04999C9FAE6A}) (Version: 8.0.50727.42 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - KB2467174 - x64 9.0.30729.5570 (HKLM\...\{8338783A-0968-3B85-AFC7-BAAE0A63DC50}) (Version: 9.0.30729.5570 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570 (HKLM-x32\...\{86CE85E6-DBAC-3FFD-B977-E4B79F83C909}) (Version: 9.0.30729.5570 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Designtime - 10.0.30319 (HKLM\...\{F5079164-1DB9-3BDA-853B-F78AF67CE071}) (Version: 10.0.30319 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Runtime - 10.0.40219 (HKLM\...\{1C7C8AAF-A16D-32E8-89E5-F6D165DE0BCE}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Runtime - 10.0.40219 (HKLM-x32\...\{5D9ED403-94DE-3BA0-B1D6-71F4BDA412E6}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012  x64 Designtime - 11.0.50727 (Version: 11.0.50727 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 32bit Compilers - ENU Resources (x32 Version: 11.0.60315 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 Compilers - ENU Resources (x32 Version: 11.0.60315 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 Compilers (x32 Version: 11.0.60315 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 Core Libraries (x32 Version: 11.0.51106 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 Extended Libraries (x32 Version: 11.0.60315 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 Microsoft Foundation Class Libraries (x32 Version: 11.0.51106 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x64 Additional Runtime - 11.0.51106 (Version: 11.0.51106 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x64 Debug Runtime - 11.0.51106 (Version: 11.0.51106 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x64 Minimum Runtime - 11.0.51106 (Version: 11.0.51106 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x86 Additional Runtime - 11.0.51106 (x32 Version: 11.0.51106 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x86 Debug Runtime - 11.0.51106 (x32 Version: 11.0.51106 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x86 Minimum Runtime - 11.0.51106 (x32 Version: 11.0.51106 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x86-x64 Compilers (x32 Version: 11.0.60315 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.21005 (HKLM-x32\...\{ce085a78-074e-4823-8dc1-8a721b94b76d}) (Version: 12.0.21005.1 - Microsoft Corporation)
Microsoft Visual C++ 2013 x86 Additional Runtime - 12.0.21005 (x32 Version: 12.0.21005 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 x86 Minimum Runtime - 12.0.21005 (x32 Version: 12.0.21005 - Microsoft Corporation) Hidden
Microsoft Visual F# 2.0 Runtime (HKLM-x32\...\{85467CBC-7A39-33C9-8940-D72D9269B84F}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual Studio 2010 ADO.NET Entity Framework Tools (HKLM-x32\...\{14DD7530-CCD2-3798-B37D-3839ED6A441C}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual Studio 2010 Express Prerequisites x64 - ENU (HKLM\...\{BCA26999-EC22-3007-BB79-638913079C9A}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual Studio 2010 Office Developer Tools (x64) (Version: 10.0.40219 - Microsoft Corporation) Hidden
Microsoft Visual Studio 2010 Office Developer Tools (x64) (Version: 11.0.50727 - Microsoft Corporation) Hidden
Microsoft Visual Studio 2010 Professional - ENU (HKLM-x32\...\Microsoft Visual Studio 2010 Professional - ENU) (Version: 10.0.30319 - Microsoft Corporation)
Microsoft Visual Studio 2010 Professional - ENU (x32 Version: 10.0.40219 - Microsoft Corporation) Hidden
Microsoft Visual Studio 2010 Service Pack 1 (HKLM-x32\...\Microsoft Visual Studio 2010 Service Pack 1) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual Studio 2010 Service Pack 1 (x32 Version: 10.0.40219 - Microsoft Corporation) Hidden
Microsoft Visual Studio 2010 SharePoint Developer Tools (x32 Version: 10.0.40219 - Microsoft Corporation) Hidden
Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64)) (Version: 10.0.40303 - Microsoft Corporation)
Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (Version: 10.0.40308 - Microsoft Corporation) Hidden
Microsoft Visual Studio 2012 Devenv (x32 Version: 11.0.50727 - Microsoft Corporation) Hidden
Microsoft Visual Studio 2012 Devenv Resources (x32 Version: 11.0.50727 - Microsoft Corporation) Hidden
Microsoft Visual Studio 2012 Performance Collection Tools - ENU (Version: 11.0.50727 - Microsoft Corporation) Hidden
Microsoft Visual Studio 2012 Performance Collection Tools (Version: 11.0.50727 - Microsoft Corporation) Hidden
Microsoft Visual Studio 2012 Preparation (x32 Version: 11.0.50727 - Microsoft Corporation) Hidden
Microsoft Visual Studio 2012 SharePoint Developer Tools (x32 Version: 11.0.50727 - Microsoft Corporation) Hidden
Microsoft Visual Studio 2012 SharePoint Developer Tools ENU Language Pack (x32 Version: 11.0.50727 - Microsoft Corporation) Hidden
Microsoft Visual Studio 2012 Shell (Minimum) (x32 Version: 11.0.50727 - Microsoft Corporation) Hidden
Microsoft Visual Studio 2012 Shell (Minimum) Interop Assemblies (x32 Version: 11.0.50727 - Microsoft Corporation) Hidden
Microsoft Visual Studio 2012 Shell (Minimum) Resources (x32 Version: 11.0.50727 - Microsoft Corporation) Hidden
Microsoft Visual Studio 2012 Tools for SQL Server Compact 4.0 SP1 ENU (x32 Version: 4.0.8876.1 - Microsoft Corporation) Hidden
Microsoft Visual Studio Macro Tools (HKLM-x32\...\Microsoft Visual Studio Macro Tools) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual Studio Macro Tools (x32 Version: 9.0.30729 - Microsoft Corporation) Hidden
Microsoft Visual Studio Professional 2012 - ENU (x32 Version: 11.0.50727 - Microsoft Corporation) Hidden
Microsoft Visual Studio Professional 2012 (HKLM-x32\...\{20fc1ec7-3058-48d4-80f8-e1cfd52391c7}) (Version: 11.0.50727.26 - Microsoft Corporation)
Microsoft Visual Studio Professional 2012 (x32 Version: 11.0.50727 - Microsoft Corporation) Hidden
Microsoft Visual Studio Team Foundation Server 2012 Object Model (Version: 11.0.60315 - Microsoft Corporation) Hidden
Microsoft Visual Studio Team Foundation Server 2012 Object Model Language Pack - ENU (Version: 11.0.60315 - Microsoft Corporation) Hidden
Microsoft Visual Studio Team Foundation Server 2012 Team Explorer (x32 Version: 11.0.50727 - Microsoft Corporation) Hidden
Microsoft Visual Studio Team Foundation Server 2012 Team Explorer Language Pack - ENU (x32 Version: 11.0.50727 - Microsoft Corporation) Hidden
Microsoft Visual Studio Tools for Applications 2.0 - ENU (HKLM-x32\...\{AA4A4B2C-0465-3CF8-BA76-27A027D8ACAB}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual Studio Tools for Applications 2.0 Runtime (HKLM-x32\...\{299C0434-4F4E-341F-A916-4E07AEB35E79}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual Studio Ultimate 2012 XAML UI Designer Core (x32 Version: 11.0.50727 - Microsoft Corporation) Hidden
Microsoft Visual Studio Ultimate 2012 XAML UI Designer enu Resources (x32 Version: 11.0.50727 - Microsoft Corporation) Hidden
Microsoft Web Deploy 3.0 (HKLM\...\{AA72C306-30BE-4BB1-9E42-59552BAD2CDF}) (Version: 3.1236.1631 - Microsoft Corporation)
Microsoft Web Deploy dbSqlPackage Provider - enu (HKLM-x32\...\{E4C33F5B-1B2F-466E-957E-B274F08151A0}) (Version: 10.3.20225.0 - Microsoft Corporation)
Microsoft Web Developer Tools 2012.2 - Visual Studio 2012 (x32 Version: 1.2.40308.0 - Microsoft Corporation) Hidden
Microsoft Web Platform Installer 4.0 (HKLM\...\{E2B8249D-895C-4685-8C83-00F3B1A13028}) (Version: 4.0.1622 - Microsoft Corporation)
Microsoft Windows Application Compatibility Database (HKLM\...\{deb7008b-681e-4a4a-8aae-cc833e8216ce}.sdb) (Version:  - )
Microsoft Xbox 360 Accessories 1.2 (HKLM\...\{D9C50188-12D5-4D3E-8F00-682346C2AA5F}) (Version: 1.20.146.0 - Microsoft)
Microsoft_VC80_CRT_x86 (x32 Version: 1.00.0000 - Adobe) Hidden
Microsoft_VC80_MFC_x86 (x32 Version: 8.0.50727.4053 - Adobe) Hidden
Microsoft_VC80_MFCLOC_x86 (x32 Version: 8.0.50727.4053 - Adobe) Hidden
Microsoft_VC90_ATL_x86 (x32 Version: 1.00.0000 - Adobe) Hidden
Microsoft_VC90_CRT_x86 (x32 Version: 1.00.0000 - Adobe) Hidden
Microsoft_VC90_MFC_x86 (x32 Version: 1.00.0000 - Adobe) Hidden
Minecraft1.7.4 (HKLM-x32\...\Minecraft1.7.4) (Version:  - )
MobileMe Control Panel (HKLM\...\{3C5E60F1-0821-4B07-97EA-84EB5A927CF6}) (Version: 3.1.6.0 - Apple Inc.)
Mozilla Firefox 27.0.1 (x86 en-US) (HKLM-x32\...\Mozilla Firefox 27.0.1 (x86 en-US)) (Version: 27.0.1 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 27.0.1 - Mozilla)
Mozilla Thunderbird 24.3.0 (x86 en-US) (HKLM-x32\...\Mozilla Thunderbird 24.3.0 (x86 en-US)) (Version: 24.3.0 - Mozilla)
MSVCRT (x32 Version: 15.4.2862.0708 - Microsoft) Hidden
MSXML 4.0 SP2 (KB954430) (HKLM-x32\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM-x32\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
MSXML 4.0 SP3 Parser (HKLM-x32\...\{196467F1-C11F-4F76-858B-5812ADC83B94}) (Version: 4.30.2100.0 - Microsoft Corporation)
MSXML 4.0 SP3 Parser (KB2721691) (HKLM-x32\...\{355B5AC0-CEEE-42C5-AD4D-7F3CFD806C36}) (Version: 4.30.2114.0 - Microsoft Corporation)
MSXML 4.0 SP3 Parser (KB2758694) (HKLM-x32\...\{1D95BA90-F4F8-47EC-A882-441C99D30C1E}) (Version: 4.30.2117.0 - Microsoft Corporation)
MSXML 4.0 SP3 Parser (KB973685) (HKLM-x32\...\{859DFA95-E4A6-48CD-B88E-A3E483E89B44}) (Version: 4.30.2107.0 - Microsoft Corporation)
Mumble 1.2.4 (HKLM-x32\...\{E0955568-4353-4C85-8988-285A8C0F5E87}) (Version: 1.2.4 - Thorvald Natvig)
Notepad++ (HKLM-x32\...\Notepad++) (Version: 6.5.5 - Notepad++ Team)
Online Plug-in (x32 Version: 13.1.201.3 - Citrix Systems, Inc.) Hidden
OpenVPN 2.2.2 (HKLM-x32\...\OpenVPN) (Version: 2.2.2 - )
Oracle VM VirtualBox 4.1.18 (HKLM\...\{4EE61784-10C6-4B7C-A0B2-5BED17B05741}) (Version: 4.1.18 - Oracle Corporation)
OSD Setup (HKLM-x32\...\{98E5A0C3-86ED-4429-9386-F0DB49E958EA}) (Version: 1.1.2 - MyOSD)
Outils de vérification linguistique 2013 de Microsoft Office - Français (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Overwolf (HKLM-x32\...\{030F4BB3-F3C3-4A74-905C-44672D1ECB76}) (Version: 0.47.284 - Overwolf)
PCSX2 - Playstation 2 Emulator (HKLM-x32\...\pcsx2-r5875) (Version:  - )
PeerBlock 1.2 (r693) (HKLM\...\{015C5B35-B678-451C-9AEE-821E8D69621C}_is1) (Version: 1.2.0.693 - PeerBlock, LLC)
PicPick (HKLM-x32\...\PicPick) (Version: 3.3.1 - NTeWORKS)
Pidgin (HKLM-x32\...\Pidgin) (Version: 2.10.9 - )
pidgin-otr 4.0.0-1 (HKLM-x32\...\pidgin-otr) (Version: 4.0.0-1 - Cypherpunks CA)
Pokemon Showdown (HKLM-x32\...\Pokemon Showdown) (Version:  - "Pokemon Showdown")
PreEmptive Analytics Visual Studio Components (x32 Version: 1.0.2180.1 - PreEmptive Solutions) Hidden
Prerequisites for SSDT  (HKLM-x32\...\{9169C939-ED01-446A-BD0C-29873BAF4E48}) (Version: 11.0.2100.60 - Microsoft Corporation)
Private Internet Access Support Files (HKLM-x32\...\{7D72DAFF-DCB2-437B-BC22-4B2ABF21462B}) (Version: 1.0.0.0 - Private Internet Access)
PunkBuster Services (HKLM-x32\...\PunkBusterSvc) (Version: 0.991 - Even Balance, Inc.)
QuickSFV (HKLM\...\{89B56CFC-0270-4ACF-8BF1-048251FD9E08}) (Version: 3.0.0 - Totally Useful Software, Inc.)
QuickTime (HKLM-x32\...\{B67BAFBA-4C9F-48FA-9496-933E3B255044}) (Version: 7.74.80.86 - Apple Inc.)
Rainmeter (HKLM-x32\...\Rainmeter) (Version: 3.0 r2116 - )
RapidCRC 0.6.1 (HKLM-x32\...\RapidCRC) (Version: 0.6.1 - Sebastian Ewert)
RAR File Source v0.9.1 (HKLM-x32\...\RARFileSource) (Version: v0.9.1 - OctaneSnail)
Revo Uninstaller 1.95 (HKLM-x32\...\Revo Uninstaller) (Version: 1.95 - VS Revo Group)
RICOH R5C83x/84x Flash Media Controller Driver Ver.3.57.01 (HKLM-x32\...\{59F6A514-9813-47A3-948C-8A155460CC2A}) (Version: 3.57.01 - RICOH)
SDFormatter (HKLM-x32\...\{15EB20D6-5F13-41D0-BEF9-C9C44D6AC620}) (Version: 3.0.0 - SD Association)
Secure Download Manager (HKLM-x32\...\{7682DFED-23C6-44C9-B9FD-109E0B630277}) (Version: 3.1.10 - Kivuto Solutions Inc.)
Self-service Plug-in (x32 Version: 3.2.0.24226 - Citrix Systems, Inc.) Hidden
Service Pack 1 for Microsoft Office 2013 (KB2850036) 64-Bit Edition (HKLM\...\{91150000-003B-0000-1000-0000000FF1CE}_Office15.PRJPROR_{6E5C415F-1388-4BA6-B926-C19318BE6075}) (Version:  - Microsoft)
Service Pack 1 for Microsoft Office 2013 (KB2850036) 64-Bit Edition (Version:  - Microsoft) Hidden
Service Pack 2 for Microsoft Office 2010 (KB2687455) 64-Bit Edition (HKLM\...\{91140000-0011-0000-1000-0000000FF1CE}_Office14.PROPLUSR_{A3364707-2F53-4C83-8F68-C9877A9080C7}) (Version:  - Microsoft)
Service Pack 2 for Microsoft Office 2010 (KB2687455) 64-Bit Edition (HKLM\...\{91140000-0057-0000-1000-0000000FF1CE}_Office14.VISIOR_{3C578F10-F74F-4655-B2A6-9F88A6C415E8}) (Version:  - Microsoft)
Service Pack 2 for Microsoft Office 2010 (KB2687455) 64-Bit Edition (Version:  - Microsoft) Hidden
Service Pack 3 for SQL Server 2008 (KB2546951) (64-bit) (HKLM\...\KB2546951) (Version: 10.3.5500.0 - Microsoft Corporation)
Skype™ 5.8 (HKLM-x32\...\{EE7257A2-39A2-4D2F-9DAC-F9F25B8AE1D8}) (Version: 5.8.158 - Skype Technologies S.A.)
SpeedFan (remove only) (HKLM-x32\...\SpeedFan) (Version:  - )
Sql Server Customer Experience Improvement Program (Version: 10.3.5500.0 - Microsoft Corporation) Hidden
SRWare Iron version SRWare Iron 33.0.1800.0 (HKLM-x32\...\{C59CF2CE-B302-4833-AA35-E0E07D8EBC52}_is1) (Version: SRWare Iron 33.0.1800.0 - SRWare)
Steam (HKLM-x32\...\Steam) (Version:  - Valve Corporation)
SUPERAntiSpyware (HKLM\...\{CDDCBBF1-2703-46BC-938B-BCC81A1EEAAA}) (Version: 5.7.1018 - SUPERAntiSpyware.com)
swMSM (x32 Version: 12.0.0.1 - Adobe Systems, Inc) Hidden
Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 15.0.15.0 - Synaptics Incorporated)
Synkron 1.6.2 (HKLM-x32\...\Tomlein.Synkron_is1) (Version: 1.6.2 - Matúš Tomlein)
TeamSpeak 3 Client (HKCU\...\TeamSpeak 3 Client) (Version: 3.0.13 - TeamSpeak Systems GmbH)
TERA (HKLM-x32\...\{0FCDA0F8-F3E5-402E-B9B6-13CB2B01182B}) (Version: 1.38 - En Masse Entertainment)
Tixati (HKLM-x32\...\tixati) (Version:  - )
TreeSize Free V2.7 (HKLM-x32\...\TreeSize Free_is1) (Version: 2.7 - JAM Software)
TrueCrypt (HKLM-x32\...\TrueCrypt) (Version: 7.1a - TrueCrypt Foundation)
Tweetz Desktop version 0.5 (HKLM-x32\...\{FE1B7E2D-6E96-4D39-B39F-62CA62D11A79}_is1) (Version: 0.5 - Mike Ward)
Ultra Defragmenter (HKLM-x32\...\UltraDefrag) (Version: 6.0.2 - UltraDefrag Development Team)
Update for Microsoft Access 2010 (KB2553446) 64-Bit Edition (HKLM\...\{91140000-0011-0000-1000-0000000FF1CE}_Office14.PROPLUSR_{FEF4C57D-0975-4D3C-ACC7-DCD038C3788F}) (Version:  - Microsoft)
Update for Microsoft Filter Pack 2.0 (KB2810071) 64-Bit Edition (HKLM\...\{91140000-0011-0000-1000-0000000FF1CE}_Office14.PROPLUSR_{59446CD0-D49A-4154-BDD5-59CB3B6F89AC}) (Version:  - Microsoft)
Update for Microsoft Filter Pack 2.0 (KB2810071) 64-Bit Edition (HKLM\...\{91140000-0057-0000-1000-0000000FF1CE}_Office14.VISIOR_{59446CD0-D49A-4154-BDD5-59CB3B6F89AC}) (Version:  - Microsoft)
Update for Microsoft InfoPath 2010 (KB2817369) 64-Bit Edition (HKLM\...\{91140000-0011-0000-1000-0000000FF1CE}_Office14.PROPLUSR_{DB0B0CDF-77EC-47B0-94E2-4738573A1E58}) (Version:  - Microsoft)
Update for Microsoft InfoPath 2010 (KB2817396) 64-Bit Edition (HKLM\...\{91140000-0011-0000-1000-0000000FF1CE}_Office14.PROPLUSR_{1AA82E2E-7DB7-4C70-910C-BBB657A6B3A5}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2589298) 64-Bit Edition (HKLM\...\{91140000-0011-0000-1000-0000000FF1CE}_Office14.PROPLUSR_{79C725A1-3964-421C-A528-78C1C083C7C7}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2589298) 64-Bit Edition (HKLM\...\{91140000-0057-0000-1000-0000000FF1CE}_Office14.VISIOR_{79C725A1-3964-421C-A528-78C1C083C7C7}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2589352) 64-Bit Edition (HKLM\...\{90140000-0043-0000-1000-0000000FF1CE}_Office14.PROPLUSR_{95BE5D45-A3DD-4CB1-8C35-D75DD7B4D862}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2589352) 64-Bit Edition (HKLM\...\{90140000-0043-0000-1000-0000000FF1CE}_Office14.VISIOR_{95BE5D45-A3DD-4CB1-8C35-D75DD7B4D862}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2589352) 64-Bit Edition (HKLM\...\{91140000-0011-0000-1000-0000000FF1CE}_Office14.PROPLUSR_{95BE5D45-A3DD-4CB1-8C35-D75DD7B4D862}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2589352) 64-Bit Edition (HKLM\...\{91140000-0057-0000-1000-0000000FF1CE}_Office14.VISIOR_{95BE5D45-A3DD-4CB1-8C35-D75DD7B4D862}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2589375) 64-Bit Edition (HKLM\...\{91140000-0011-0000-1000-0000000FF1CE}_Office14.PROPLUSR_{EBD18DE5-BC84-4B57-9A30-097044871F9A}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2589375) 64-Bit Edition (HKLM\...\{91140000-0057-0000-1000-0000000FF1CE}_Office14.VISIOR_{EBD18DE5-BC84-4B57-9A30-097044871F9A}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2597087) 64-Bit Edition (HKLM\...\{90140000-0043-0000-1000-0000000FF1CE}_Office14.PROPLUSR_{4AD36582-256B-433D-8593-F31773A15CA4}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2597087) 64-Bit Edition (HKLM\...\{90140000-0043-0000-1000-0000000FF1CE}_Office14.VISIOR_{4AD36582-256B-433D-8593-F31773A15CA4}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2597087) 64-Bit Edition (HKLM\...\{91140000-0011-0000-1000-0000000FF1CE}_Office14.PROPLUSR_{4AD36582-256B-433D-8593-F31773A15CA4}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2597087) 64-Bit Edition (HKLM\...\{91140000-0057-0000-1000-0000000FF1CE}_Office14.VISIOR_{4AD36582-256B-433D-8593-F31773A15CA4}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2760598) 64-Bit Edition (HKLM\...\{90140000-0043-0000-1000-0000000FF1CE}_Office14.PROPLUSR_{F216169C-2B40-429B-8370-B5BA06EC5423}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2760598) 64-Bit Edition (HKLM\...\{90140000-0043-0000-1000-0000000FF1CE}_Office14.VISIOR_{F216169C-2B40-429B-8370-B5BA06EC5423}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2760598) 64-Bit Edition (HKLM\...\{91140000-0011-0000-1000-0000000FF1CE}_Office14.PROPLUSR_{F216169C-2B40-429B-8370-B5BA06EC5423}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2760598) 64-Bit Edition (HKLM\...\{91140000-0057-0000-1000-0000000FF1CE}_Office14.VISIOR_{F216169C-2B40-429B-8370-B5BA06EC5423}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2760631) 64-Bit Edition (HKLM\...\{91140000-0011-0000-1000-0000000FF1CE}_Office14.PROPLUSR_{B6AD7E27-012A-4B63-82BA-AF62893E5435}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2760631) 64-Bit Edition (HKLM\...\{91140000-0057-0000-1000-0000000FF1CE}_Office14.VISIOR_{B6AD7E27-012A-4B63-82BA-AF62893E5435}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2794737) 64-Bit Edition (HKLM\...\{91140000-0011-0000-1000-0000000FF1CE}_Office14.PROPLUSR_{07DC9C6C-E916-4F42-8677-716930ED0393}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2794737) 64-Bit Edition (HKLM\...\{91140000-0057-0000-1000-0000000FF1CE}_Office14.VISIOR_{07DC9C6C-E916-4F42-8677-716930ED0393}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2825640) 64-Bit Edition (HKLM\...\{90140000-0044-0409-1000-0000000FF1CE}_Office14.PROPLUSR_{43F59F4D-7179-497E-BE99-BC6F7D1DDCBA}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2825640) 64-Bit Edition (HKLM\...\{91140000-0011-0000-1000-0000000FF1CE}_Office14.PROPLUSR_{43F59F4D-7179-497E-BE99-BC6F7D1DDCBA}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2837583) 64-Bit Edition (HKLM\...\{90140000-0043-0000-1000-0000000FF1CE}_Office14.PROPLUSR_{FF62F7C1-9491-457C-BBAE-DBC6FD1DB968}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2837583) 64-Bit Edition (HKLM\...\{90140000-0043-0000-1000-0000000FF1CE}_Office14.VISIOR_{FF62F7C1-9491-457C-BBAE-DBC6FD1DB968}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2837583) 64-Bit Edition (HKLM\...\{91140000-0011-0000-1000-0000000FF1CE}_Office14.PROPLUSR_{FF62F7C1-9491-457C-BBAE-DBC6FD1DB968}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2837583) 64-Bit Edition (HKLM\...\{91140000-0057-0000-1000-0000000FF1CE}_Office14.VISIOR_{FF62F7C1-9491-457C-BBAE-DBC6FD1DB968}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2850079) 64-Bit Edition (HKLM\...\{90140000-001F-0409-1000-0000000FF1CE}_Office14.PROPLUSR_{BA61259D-63F0-4177-A0E1-E4064EC2B470}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2850079) 64-Bit Edition (HKLM\...\{90140000-001F-0409-1000-0000000FF1CE}_Office14.VISIOR_{BA61259D-63F0-4177-A0E1-E4064EC2B470}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2850079) 64-Bit Edition (HKLM\...\{90140000-001F-040C-1000-0000000FF1CE}_Office14.PROPLUSR_{9F6507AC-7D8F-46C1-B90F-59C7828E0E0D}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2850079) 64-Bit Edition (HKLM\...\{90140000-001F-040C-1000-0000000FF1CE}_Office14.VISIOR_{9F6507AC-7D8F-46C1-B90F-59C7828E0E0D}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2850079) 64-Bit Edition (HKLM\...\{90140000-001F-0C0A-1000-0000000FF1CE}_Office14.PROPLUSR_{E84E9B25-BEB6-4F2F-84BB-755CDA8E89C0}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2850079) 64-Bit Edition (HKLM\...\{90140000-001F-0C0A-1000-0000000FF1CE}_Office14.VISIOR_{E84E9B25-BEB6-4F2F-84BB-755CDA8E89C0}) (Version:  - Microsoft)
Update for Microsoft OneNote 2010 (KB2837595) 64-Bit Edition (HKLM\...\{90140000-0043-0000-1000-0000000FF1CE}_Office14.PROPLUSR_{3029C408-1DD1-4273-8E58-87CB1B638FC8}) (Version:  - Microsoft)
Update for Microsoft OneNote 2010 (KB2837595) 64-Bit Edition (HKLM\...\{90140000-0043-0000-1000-0000000FF1CE}_Office14.VISIOR_{3029C408-1DD1-4273-8E58-87CB1B638FC8}) (Version:  - Microsoft)
Update for Microsoft OneNote 2010 (KB2837595) 64-Bit Edition (HKLM\...\{91140000-0011-0000-1000-0000000FF1CE}_Office14.PROPLUSR_{3029C408-1DD1-4273-8E58-87CB1B638FC8}) (Version:  - Microsoft)
Update for Microsoft Outlook 2010 (KB2687567) 64-Bit Edition (HKLM\...\{90140000-001A-0409-1000-0000000FF1CE}_Office14.PROPLUSR_{DBAC8ED2-9287-499E-AD66-590C7413C7DE}) (Version:  - Microsoft)
Update for Microsoft Outlook 2010 (KB2687567) 64-Bit Edition (HKLM\...\{91140000-0011-0000-1000-0000000FF1CE}_Office14.PROPLUSR_{DDDC32A5-9528-4771-B91A-97A8E1D7957B}) (Version:  - Microsoft)
Update for Microsoft PowerPoint 2010 (KB2553145) 64-Bit Edition (HKLM\...\{90140000-0018-0409-1000-0000000FF1CE}_Office14.PROPLUSR_{55C3C61D-31E9-4ECF-B29B-C1C6A8FB68FB}) (Version:  - Microsoft)
Update for Microsoft PowerPoint 2010 (KB2775360) 64-Bit Edition (HKLM\...\{91140000-0011-0000-1000-0000000FF1CE}_Office14.PROPLUSR_{BE1D254A-E5CD-4E76-9BE8-7B2E5FDBA6AF}) (Version:  - Microsoft)
Update for Microsoft SharePoint Workspace 2010 (KB2760601) 64-Bit Edition (HKLM\...\{90140000-0043-0000-1000-0000000FF1CE}_Office14.PROPLUSR_{77374F16-2DC6-4EEF-AFAD-C59FDA2E010D}) (Version:  - Microsoft)
Update for Microsoft SharePoint Workspace 2010 (KB2760601) 64-Bit Edition (HKLM\...\{90140000-0043-0000-1000-0000000FF1CE}_Office14.VISIOR_{77374F16-2DC6-4EEF-AFAD-C59FDA2E010D}) (Version:  - Microsoft)
Update for Microsoft SharePoint Workspace 2010 (KB2760601) 64-Bit Edition (HKLM\...\{91140000-0011-0000-1000-0000000FF1CE}_Office14.PROPLUSR_{77374F16-2DC6-4EEF-AFAD-C59FDA2E010D}) (Version:  - Microsoft)
Update for Microsoft Visio Viewer 2010 (KB2810066) 64-Bit Edition (HKLM\...\{91140000-0011-0000-1000-0000000FF1CE}_Office14.PROPLUSR_{DF33B92A-5381-4F03-AB54-2D67086B357E}) (Version:  - Microsoft)
Update for Microsoft Visual Studio 2012 (KB2781514) (HKLM-x32\...\{56ef8912-352f-4fab-9c73-6f1c92a7127f}) (Version: 11.0.51219 - Microsoft Corporation)
Update for Microsoft Word 2010 (KB2837593) 64-Bit Edition (HKLM\...\{91140000-0011-0000-1000-0000000FF1CE}_Office14.PROPLUSR_{A82E26EF-680E-427D-B7D0-FD7997DDC217}) (Version:  - Microsoft)
Ventrilo Client for Windows x64 (HKLM\...\{EEB3F6BB-318D-4CE5-989F-8191FCBFB578}) (Version: 3.0.8.0 - Flagship Industries, Inc.)
View Password (HKLM-x32\...\ce2ff8b4-5372-4a8c-9589-5703ec4d0996) (Version:  - View Password)
Visual Studio 2008 x64 Redistributables (HKLM-x32\...\{FCDBEA60-79F0-4FAE-BBA8-55A26C609A49}) (Version: 10.0.0.2 - AVG Technologies)
Visual Studio 2010 Prerequisites - English (HKLM\...\{662014D2-0450-37ED-ABAE-157C88127BEB}) (Version: 10.0.40219 - Microsoft Corporation)
Visual Studio 2010 Tools for SQL Server Compact 3.5 SP2 ENU (HKLM-x32\...\{112C23F2-C036-4D40-BED4-0CB47BF5555C}) (Version: 4.0.8080.0 - Microsoft Corporation)
Visual Studio 2012 Prerequisites - ENU Language Pack (Version: 11.0.50727 - Microsoft Corporation) Hidden
Visual Studio 2012 Prerequisites (Version: 11.0.50727 - Microsoft Corporation) Hidden
Visual Studio 2012 Update 2 (KB2707250) (HKLM-x32\...\{2fba7dd0-b8eb-4185-aea3-e6910d3f8102}) (Version: 11.0.60315 - Microsoft Corporation)
Visual Studio Extensions for Windows Library for JavaScript (x32 Version: 1.0.9201.20602 - Microsoft Corporation) Hidden
VitalSource Bookshelf (HKLM-x32\...\{89BA1176-0C98-483D-9CAF-EBBC4EEE5DB3}) (Version: 6.01.0011 - Ingram Digital)
VLC media player 2.1.3 (HKLM\...\VLC media player) (Version: 2.1.3 - VideoLAN)
VLC media player 2.1.3 (HKLM-x32\...\VLC media player) (Version: 2.1.3 - VideoLAN)
Waterfox (HKLM\...\{A1C8DF8F-EC93-4404-A5AF-40975B9D7E54}) (Version: 15.0 - Waterfox Limited)
WCF Data Services 5.0 (for OData v3) Primary Components (x32 Version: 5.0.50628.0 - Microsoft Corporation) Hidden
WCF Data Services Tools for Microsoft Visual Studio 2012 (x32 Version: 5.0.50710.0 - Microsoft Corporation) Hidden
WCF RIA Services V1.0 SP2 (HKLM-x32\...\{3A523AF9-D32F-4C85-8388-0335731F3405}) (Version: 4.1.61829.0 - Microsoft Corporation)
Web Deployment Tool (HKLM\...\{0F37D969-1260-419E-B308-EF7D29ABDE20}) (Version: 1.1.0618 - Microsoft Corporation)
WIDCOMM Bluetooth Software (HKLM\...\{9E9D49A4-1DF4-4138-B7DB-5D87A893088E}) (Version: 6.2.0.9603 - Broadcom Corporation)
Windows App Certification Kit Native Components (Version: 8.59.29736 - Microsoft Corporation) Hidden
Windows App Certification Kit x64 (x32 Version: 8.59.29750 - Microsoft Corporation) Hidden
Windows Azure Tools for LightSwitch HTML Client for Visual Studio 2012 (x32 Version: 1.8.60301.1601 - Microsoft) Hidden
Windows Driver Package - Hewlett - Packard (HidUsb) HIDClass  (01/26/2010 1.12.7600.16385) (HKLM\...\63AD5694BB6DAB8863713F85AE50BA9F539D7A3E) (Version: 01/26/2010 1.12.7600.16385 - Hewlett - Packard)
Windows Driver Package - Hewlett-Packard (HidUsb) HIDClass  (01/26/2010 1.12.7600.16385) (HKLM\...\90B012BF3F529E820A22374831C4C7D340A4CD3D) (Version: 01/26/2010 1.12.7600.16385 - Hewlett-Packard)
Windows Live Communications Platform (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live ID Sign-in Assistant (Version: 7.250.4232.0 - Microsoft Corporation) Hidden
Windows Live Installer (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Language Selector (Version: 15.4.3538.0513 - Microsoft Corporation) Hidden
Windows Live Mesh ActiveX Control for Remote Connections (HKLM-x32\...\{2902F983-B4C1-44BA-B85D-5C6D52E2C441}) (Version: 15.4.5722.2 - Microsoft Corporation)
Windows Live Movie Maker (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Photo Common (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Photo Gallery (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live PIMT Platform (x32 Version: 15.4.3508.1109 - Microsoft Corporation) Hidden
Windows Live SOXE (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live SOXE Definitions (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live UX Platform (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live UX Platform Language Pack (x32 Version: 15.4.3508.1109 - Microsoft Corporation) Hidden
Windows Mobile Device Center (HKLM\...\{626672CD-BFCF-49A9-AEFE-AB0FED3BFC5B}) (Version: 6.1.6965.0 - Microsoft Corporation)
Windows Mobile Device Center Driver Update (HKLM\...\{92DBCA36-9B41-4DD1-941A-AED149DD37F0}) (Version: 6.1.6965.0 - Microsoft Corporation)
Windows Runtime Intellisense Content - en-us (x32 Version: 8.59.25584 - Microsoft Corporation) Hidden
Windows Software Development Kit (x32 Version: 8.59.25584 - Microsoft Corporation) Hidden
Windows Software Development Kit DirectX x64 Remote (Version: 8.59.25584 - Microsoft Corporation) Hidden
Windows Software Development Kit DirectX x86 Remote (x32 Version: 8.59.25584 - Microsoft Corporation) Hidden
Windows Software Development Kit for Windows Store Apps (x32 Version: 8.59.25584 - Microsoft Corporation) Hidden
Windows Software Development Kit for Windows Store Apps DirectX x64 Remote (Version: 8.59.25584 - Microsoft Corporation) Hidden
Windows Software Development Kit for Windows Store Apps DirectX x86 Remote (x32 Version: 8.59.25584 - Microsoft Corporation) Hidden
Windows XP Targeting with C++ (Version: 11.0.51106 - Microsoft Corporation) Hidden
Windows XP Targeting with C++ (x32 Version: 11.0.51106 - Microsoft Corporation) Hidden
WinPcap 4.1.3 (HKLM-x32\...\WinPcapInst) (Version: 4.1.0.2980 - Riverbed Technology, Inc.)
Wireshark 1.10.5 (64-bit) (HKLM-x32\...\Wireshark) (Version: 1.10.5 - The Wireshark developer community, http://www.wireshark.org)
XviD & MP3 Codec Pack (remove only) (HKLM-x32\...\XviD & MP3 Codec Pack_is1) (Version:  - )
YACReader 7.0.0 (HKLM-x32\...\YACReader_is1) (Version:  - )
 
==================== Restore Points  =========================
 
10-03-2014 16:39:47 Scheduled Checkpoint
10-03-2014 19:24:31 Windows Update
11-03-2014 15:53:12 Windows Update
 
==================== Scheduled Tasks (whitelisted) =============
 
Task: {17EFC8A8-CB85-465E-9D3C-38ADE4A766C3} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-01-02] (Google Inc.)
Task: {2FD9A22B-859C-4735-854F-1FCD7198FF5B} - System32\Tasks\AdobeAAMUpdater-1.0-ARTEMIS-rolando => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [2010-03-06] (Adobe Systems Incorporated)
Task: {34BB9B8E-3141-4FEE-AAAC-3D090208E4AC} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-01-02] (Google Inc.)
Task: {5198979A-D1A1-4C28-81D1-6056AAC3CECE} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack => C:\Program Files\Microsoft Office\Office15\msoia.exe [2014-01-23] (Microsoft Corporation)
Task: {624CF450-61AF-419C-B82A-957BE6D62DC7} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-3154224136-66872059-3589488557-1000Core => C:\Users\rolando\AppData\Local\Google\Update\GoogleUpdate.exe [2014-01-02] (Google Inc.)
Task: {65990486-7945-4E4D-8988-E4D9E3C1AE21} - \Scheduled Update for Ask Toolbar No Task File
Task: {782D010B-2869-435E-B749-ADF4275A54CC} - System32\Tasks\Microsoft\Office\Office 15 Subscription Heartbeat => C:\Program Files\Common Files\Microsoft Shared\Office15\OLicenseHeartbeat.exe [2014-01-23] (Microsoft Corporation)
Task: {86F3E846-ABC4-47B9-B0F1-CAE2E9C2C13B} - System32\Tasks\Clean System Memory => C:\Windows\syswow64\CleanMem.exe [2011-04-29] (PcWinTech.com)
Task: {88E418C1-E8DD-4451-8527-E64967F645F7} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2014-02-20] (Piriform Ltd)
Task: {8F9B797A-4BEA-487B-AE94-A4C7A4D7AD69} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn => C:\Program Files\Microsoft Office\Office15\msoia.exe [2014-01-23] (Microsoft Corporation)
Task: {9004F0B8-E4B1-4CC5-9366-CE6A37245122} - System32\Tasks\Launch HTC Sync Loader => C:\Program Files (x86)\HTC\HTC Sync 3.0\htcUPCTLoader.exe
Task: {91D12009-CC1E-4215-9CF8-7EBB98A40711} - System32\Tasks\{466DAE69-11A0-4563-AD68-8F50ED49FE2D} => C:\Program Files (x86)\Skype\\Phone\Skype.exe [2012-02-29] (Skype Technologies S.A.)
Task: {93ACBF44-5110-45C2-8678-71CBB1C221C6} - System32\Tasks\{0B4F9FF3-DBB6-41A1-AC63-A60C7F5362E4} => c:\program files (x86)\srware iron\iron.exe [2014-01-31] ()
Task: {A78FDCC5-E8B0-47B1-9227-67F7F215B3C0} - System32\Tasks\View Password Update => C:\Program Files (x86)\View-Password-soft\View-.exe [2014-03-14] ()
Task: {AFA311F4-3E3A-4D14-B706-C99E02E2EA15} - System32\Tasks\Microsoft Office 15 Sync Maintenance for ARTEMIS-rolando Artemis => C:\Program Files\Microsoft Office\Office15\MsoSync.exe [2014-01-23] (Microsoft Corporation)
Task: {B620B079-C680-4566-84CA-CCFDF94FC1FF} - System32\Tasks\{7ECBE8CC-75D4-4A9B-A55B-DEB634F70B42} => C:\Program Files (x86)\WB Games\Batman Arkham City\Binaries\Win32\BmLauncher.exe
Task: {B7E06773-E5BD-4761-89F7-3F7647C07B72} - System32\Tasks\View Password_wd => C:\Program Files (x86)\View-Password-soft\ViewPassword_wd.exe [2014-03-14] ()
Task: {C792F1D9-6350-4308-BEAD-F3A62009886A} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-3154224136-66872059-3589488557-1000UA => C:\Users\rolando\AppData\Local\Google\Update\GoogleUpdate.exe [2014-01-02] (Google Inc.)
Task: {E8F0AAE7-8B3A-4190-8164-214364A039C4} - System32\Tasks\Private Internet Access Startup => C:\Program Files\pia_manager\pia_manager.exe [2013-12-14] ()
Task: {F2308113-FA48-4030-878F-FBC8DF11E979} - System32\Tasks\{C2D04A14-B568-4DEB-B2B9-5ABE08AB4AA2} => F:\Halo Custom Edition Combat Evolved Portable Edition With All Maps\haloce.exe
Task: {F4E9C204-084E-4F19-844F-A016F73C2652} - System32\Tasks\{18AEC35E-A3D7-4498-B85A-B37A005C322B} => F:\Halo Custom Edition Combat Evolved Portable Edition With All Maps\haloceded.exe
Task: {FE19F388-99ED-4C61-B258-1EDF293DCA41} - System32\Tasks\{068800A9-4B5C-4C90-AE23-57D87E427F44} => C:\Program Files (x86)\WB Games\Batman Arkham City\Binaries\Win32\BmLauncher.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3154224136-66872059-3589488557-1000Core.job => C:\Users\rolando\AppData\Local\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3154224136-66872059-3589488557-1000UA.job => C:\Users\rolando\AppData\Local\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\View Password Update.job => C:\Program Files (x86)\View-Password-soft\View-.exe
Task: C:\Windows\Tasks\View Password_wd.job => C:\Program Files (x86)\View-Password-soft\ViewPassword_wd.exe
 
==================== Loaded Modules (whitelisted) =============
 
2013-05-28 11:50 - 2013-05-28 11:50 - 00218112 _____ () C:\Program Files (x86)\GNU\GnuPG\dirmngr.exe
2014-03-14 21:20 - 2014-03-14 21:20 - 00093696 _____ () C:\Program Files (x86)\View-Password-soft\ViewPassword_wd.exe
2013-01-06 10:31 - 2013-12-14 12:17 - 08757066 _____ () C:\Program Files\pia_manager\pia_manager.exe
2013-09-05 01:17 - 2013-09-05 01:17 - 04300456 _____ () C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Cultures\OFFICE.ODF
2010-10-20 16:23 - 2010-10-20 16:23 - 08801632 _____ () C:\Program Files\Microsoft Office\Office14\1033\GrooveIntlResource.dll
2011-03-14 02:28 - 2011-01-13 13:39 - 00783680 _____ () C:\Program Files (x86)\AlienRespawn\COMPONENTS\SCHEDULER\STSERVICE.EXE
2014-03-14 21:20 - 2014-03-14 21:20 - 00195584 _____ () C:\Program Files (x86)\View-Password-soft\ViewPassword157.exe
2013-10-13 11:05 - 2013-10-13 11:05 - 00038072 _____ () C:\Program Files\Rainmeter\Rainmeter.exe
2013-10-13 11:05 - 2013-10-13 11:05 - 00752824 _____ () C:\Program Files\Rainmeter\Rainmeter.dll
2013-10-13 11:04 - 2013-10-13 11:04 - 00064000 _____ () C:\Program Files\Rainmeter\Plugins\WebParser.dll
2011-11-09 23:10 - 2011-11-09 23:10 - 00369152 _____ () C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLI.Aspect.CrossDisplay.Graphics.Dashboard.dll
2011-11-09 10:55 - 2011-11-09 10:55 - 00016384 _____ () C:\Program Files (x86)\ATI Technologies\ATI.ACE\Branding\Branding.dll
2013-01-06 10:31 - 2013-12-14 12:17 - 00176128 _____ () C:\Program Files\pia_manager\pia_tray\pia_tray.exe
2013-01-06 10:31 - 2013-12-14 12:17 - 00690176 _____ () C:\Program Files\pia_manager\openvpn.exe
2013-12-14 12:17 - 2013-12-14 12:17 - 00190317 _____ () C:\Program Files\pia_manager\liblzo2-2.dll
2013-01-06 10:31 - 2013-12-14 12:17 - 00108441 _____ () C:\Program Files\pia_manager\libpkcs11-helper-1.dll
2010-04-04 13:45 - 2010-04-04 13:45 - 00094536 _____ () C:\Windows\system32\FAIEExtension.DLL
2013-05-28 11:44 - 2013-05-28 11:44 - 00221184 _____ () C:\Program Files (x86)\GNU\GnuPG\libksba-8.dll
2013-05-28 11:42 - 2013-05-28 11:42 - 00037888 _____ () C:\Program Files (x86)\GNU\GnuPG\libgpg-error-0.dll
2013-05-28 11:41 - 2013-05-28 11:41 - 00050176 _____ () C:\Program Files (x86)\GNU\GnuPG\libw32pth-0.dll
2013-05-28 11:44 - 2013-05-28 11:44 - 00069632 _____ () C:\Program Files (x86)\GNU\GnuPG\libassuan-0.dll
2013-05-28 11:45 - 2013-05-28 11:45 - 00627712 _____ () C:\Program Files (x86)\GNU\GnuPG\libgcrypt-11.dll
2011-03-14 02:28 - 2011-01-13 13:37 - 00058688 _____ () C:\Program Files (x86)\AlienRespawn\STCoreXml.dll
2011-03-14 02:28 - 2011-01-13 13:36 - 00116032 _____ () C:\Program Files (x86)\AlienRespawn\PSTVdsDisk.dll
2011-03-14 02:28 - 2011-01-13 13:37 - 00128320 _____ () C:\Program Files (x86)\AlienRespawn\STLog.dll
2011-03-14 02:28 - 2011-01-13 13:37 - 00099648 _____ () C:\Program Files (x86)\AlienRespawn\STMsXml.dll
2011-03-14 02:28 - 2011-01-13 13:36 - 01123648 _____ () C:\Program Files (x86)\AlienRespawn\LibXml2.dll
2011-03-14 02:28 - 2011-01-13 13:37 - 00079168 _____ () C:\Program Files (x86)\AlienRespawn\zlib1.dll
2011-03-14 02:28 - 2011-01-13 13:37 - 00234816 _____ () C:\Program Files (x86)\AlienRespawn\STFiles.dll
2011-03-14 02:28 - 2011-01-13 13:37 - 00075072 _____ () C:\Program Files (x86)\AlienRespawn\STRegistry.dll
2011-03-14 02:28 - 2011-01-13 13:37 - 00111936 _____ () C:\Program Files (x86)\AlienRespawn\STPE.dll
2011-03-14 02:28 - 2011-01-13 13:37 - 00121152 _____ () C:\Program Files (x86)\AlienRespawn\STNLS.dll
2010-05-21 14:39 - 2010-05-21 14:39 - 00037712 _____ () C:\Program Files\Alienware\Command Center\Alienlabs.CommandCenter.Tools.dll
2010-05-21 14:39 - 2010-05-21 14:39 - 00075056 _____ () C:\Program Files\Alienware\Command Center\AlienLabsTools.dll
2010-05-21 14:35 - 2010-05-21 14:35 - 00025408 _____ () C:\Program Files\Alienware\Command Center\AlienFX.DeviceDiscovery.dll
2010-05-21 14:35 - 2010-05-21 14:35 - 00011584 _____ () C:\Program Files\Alienware\Command Center\AlienFX.Communication.dll
2010-05-21 14:36 - 2010-05-21 14:36 - 00024904 _____ () C:\Program Files\Alienware\Command Center\AlienFX.Communication.XPS.dll
2010-05-21 14:34 - 2010-05-21 14:34 - 00028496 _____ () C:\Program Files\Alienware\Command Center\AlienFX.Communication.PID0x516.dll
2010-05-21 14:34 - 2010-05-21 14:34 - 00027984 _____ () C:\Program Files\Alienware\Command Center\AlienFX.Communication.PID0x515.dll
2010-05-21 14:36 - 2010-05-21 14:36 - 00036688 _____ () C:\Program Files\Alienware\Command Center\AlienFX.Communication.PID0x514.dll
2010-05-21 14:35 - 2010-05-21 14:35 - 00019792 _____ () C:\Program Files\Alienware\Command Center\AlienFX.Communication.PID0x513.dll
2010-05-21 14:35 - 2010-05-21 14:35 - 00036688 _____ () C:\Program Files\Alienware\Command Center\AlienFX.Communication.PID0x512.dll
2010-05-21 14:36 - 2010-05-21 14:36 - 00037200 _____ () C:\Program Files\Alienware\Command Center\AlienFX.Communication.PID0x511.dll
2010-05-21 14:34 - 2010-05-21 14:34 - 00017224 _____ () C:\Program Files\Alienware\Command Center\AlienFX.Communication.Core.dll
2011-03-14 02:28 - 2011-01-13 13:42 - 00025920 _____ () C:\Program Files (x86)\AlienRespawn\SftBRCCPiped.dll
2011-03-14 02:28 - 2011-01-13 13:37 - 00025920 _____ () C:\Program Files (x86)\AlienRespawn\STBRCCServCLR.dll
2014-01-22 04:07 - 2014-01-22 04:07 - 08878248 _____ () C:\Program Files (x86)\Microsoft Office\Office15\1033\GrooveIntlResource.dll
2013-09-05 01:14 - 2013-09-05 01:14 - 04300456 _____ () C:\Program Files (x86)\Common Files\microsoft shared\OFFICE14\Cultures\OFFICE.ODF
2010-10-20 16:45 - 2010-10-20 16:45 - 08801120 _____ () C:\Program Files (x86)\Microsoft Office\Office14\1033\GrooveIntlResource.dll
2012-02-23 13:28 - 2011-04-20 16:25 - 00334528 _____ () C:\Program Files (x86)\GhosteryIEplugin\GhosteryMimeFilter.dll
2014-02-02 19:19 - 2014-02-02 19:19 - 00036878 _____ () C:\Program Files (x86)\Pidgin\libssp-0.dll
2014-02-02 19:19 - 2014-02-02 19:19 - 00671031 _____ () C:\Program Files (x86)\Pidgin\exchndl.dll
2014-02-07 16:46 - 2014-02-07 16:46 - 00904525 _____ () C:\Program Files (x86)\Pidgin\Gtk\bin\libcairo-2.dll
2014-02-07 16:46 - 2014-02-07 16:46 - 00279059 _____ () C:\Program Files (x86)\Pidgin\Gtk\bin\libfontconfig-1.dll
2014-02-07 16:46 - 2014-02-07 16:46 - 00177586 _____ () C:\Program Files (x86)\Pidgin\Gtk\bin\libexpat-1.dll
2014-02-07 16:46 - 2014-02-07 16:46 - 00553382 _____ () C:\Program Files (x86)\Pidgin\Gtk\bin\freetype6.dll
2014-02-07 16:46 - 2014-02-07 16:46 - 00216992 _____ () C:\Program Files (x86)\Pidgin\Gtk\bin\libpng14-14.dll
2014-02-07 16:46 - 2014-02-07 16:46 - 00100352 _____ () C:\Program Files (x86)\Pidgin\Gtk\bin\zlib1.dll
2014-02-02 19:18 - 2014-02-02 19:18 - 01274655 _____ () C:\Program Files (x86)\Pidgin\libxml2-2.dll
2014-02-02 19:19 - 2014-02-02 19:19 - 00475580 _____ () C:\Program Files (x86)\Pidgin\spellcheck\libgtkspell-0.dll
2014-02-02 19:19 - 2014-02-02 19:19 - 00020997 _____ () C:\Program Files (x86)\Pidgin\plugins\autoaccept.dll
2014-02-02 19:19 - 2014-02-02 19:19 - 00013253 _____ () C:\Program Files (x86)\Pidgin\plugins\buddynote.dll
2014-02-02 19:19 - 2014-02-02 19:19 - 00024924 _____ () C:\Program Files (x86)\Pidgin\plugins\convcolors.dll
2014-02-02 19:19 - 2014-02-02 19:19 - 00015702 _____ () C:\Program Files (x86)\Pidgin\plugins\extplacement.dll
2014-02-02 19:19 - 2014-02-02 19:19 - 00014147 _____ () C:\Program Files (x86)\Pidgin\plugins\gtkbuddynote.dll
2014-02-02 19:19 - 2014-02-02 19:19 - 00018882 _____ () C:\Program Files (x86)\Pidgin\plugins\history.dll
2014-02-02 19:19 - 2014-02-02 19:19 - 00012865 _____ () C:\Program Files (x86)\Pidgin\plugins\iconaway.dll
2014-02-02 19:19 - 2014-02-02 19:19 - 00019043 _____ () C:\Program Files (x86)\Pidgin\plugins\idle.dll
2014-02-02 19:19 - 2014-02-02 19:19 - 00018555 _____ () C:\Program Files (x86)\Pidgin\plugins\joinpart.dll
2014-02-02 19:19 - 2014-02-02 19:19 - 00015074 _____ () C:\Program Files (x86)\Pidgin\plugins\libaim.dll
2014-02-02 19:19 - 2014-02-02 19:19 - 00310443 _____ () C:\Program Files (x86)\Pidgin\liboscar.dll
2014-02-02 19:19 - 2014-02-02 19:19 - 00092285 _____ () C:\Program Files (x86)\Pidgin\plugins\libbonjour.dll
2009-09-07 23:38 - 2009-09-07 23:38 - 00278906 _____ () C:\Program Files (x86)\Pidgin\libjson-glib-1.0.dll
2014-02-02 19:19 - 2014-02-02 19:19 - 00201726 _____ () C:\Program Files (x86)\Pidgin\plugins\libgg.dll
2014-02-02 19:19 - 2014-02-02 19:19 - 00016005 _____ () C:\Program Files (x86)\Pidgin\plugins\libicq.dll
2014-02-02 19:19 - 2014-02-02 19:19 - 00106712 _____ () C:\Program Files (x86)\Pidgin\plugins\libirc.dll
2014-02-02 19:18 - 2014-02-02 19:18 - 00190464 _____ () C:\Program Files (x86)\Pidgin\libsasl.dll
2014-02-02 19:19 - 2014-02-02 19:19 - 00373657 _____ () C:\Program Files (x86)\Pidgin\plugins\libmsn.dll
2014-02-02 19:19 - 2014-02-02 19:19 - 00150086 _____ () C:\Program Files (x86)\Pidgin\plugins\libmxit.dll
2014-02-02 19:19 - 2014-02-02 19:19 - 00106670 _____ () C:\Program Files (x86)\Pidgin\plugins\libmyspace.dll
2014-02-02 19:19 - 2014-02-02 19:19 - 00123540 _____ () C:\Program Files (x86)\Pidgin\plugins\libnovell.dll
2014-02-02 19:19 - 2014-02-02 19:19 - 00116583 _____ () C:\Program Files (x86)\Pidgin\plugins\libsametime.dll
2014-02-02 19:18 - 2014-02-02 19:18 - 00152852 _____ () C:\Program Files (x86)\Pidgin\libmeanwhile-1.dll
2014-02-02 19:19 - 2014-02-02 19:19 - 00171090 _____ () C:\Program Files (x86)\Pidgin\plugins\libsilc.dll
2014-02-02 19:18 - 2014-02-02 19:18 - 02097721 _____ () C:\Program Files (x86)\Pidgin\libsilc-1-1-2.dll
2014-02-02 19:18 - 2014-02-02 19:18 - 00818985 _____ () C:\Program Files (x86)\Pidgin\libsilcclient-1-1-3.dll
2014-02-02 19:19 - 2014-02-02 19:19 - 00055804 _____ () C:\Program Files (x86)\Pidgin\plugins\libsimple.dll
2014-02-02 19:18 - 2014-02-02 19:18 - 00486400 _____ () C:\Program Files (x86)\Pidgin\sqlite3.dll
2011-04-06 17:45 - 2011-04-06 17:45 - 00028160 _____ () C:\Program Files (x86)\Pidgin\plugins\libskype.dll
2014-02-02 19:19 - 2014-02-02 19:19 - 00021337 _____ () C:\Program Files (x86)\Pidgin\plugins\libxmpp.dll
2014-02-02 19:19 - 2014-02-02 19:19 - 00416065 _____ () C:\Program Files (x86)\Pidgin\libjabber.dll
2014-02-02 19:19 - 2014-02-02 19:19 - 00022832 _____ () C:\Program Files (x86)\Pidgin\plugins\libyahoo.dll
2014-02-02 19:19 - 2014-02-02 19:19 - 00237138 _____ () C:\Program Files (x86)\Pidgin\libymsg.dll
2014-02-02 19:19 - 2014-02-02 19:19 - 00019793 _____ () C:\Program Files (x86)\Pidgin\plugins\libyahoojp.dll
2014-02-02 19:19 - 2014-02-02 19:19 - 00047391 _____ () C:\Program Files (x86)\Pidgin\plugins\log_reader.dll
2014-02-02 19:19 - 2014-02-02 19:19 - 00021795 _____ () C:\Program Files (x86)\Pidgin\plugins\markerline.dll
2014-02-02 19:19 - 2014-02-02 19:19 - 00013456 _____ () C:\Program Files (x86)\Pidgin\plugins\newline.dll
2014-02-02 19:19 - 2014-02-02 19:19 - 00029225 _____ () C:\Program Files (x86)\Pidgin\plugins\notify.dll
2014-02-02 19:19 - 2014-02-02 19:19 - 00017023 _____ () C:\Program Files (x86)\Pidgin\plugins\offlinemsg.dll
2012-09-09 08:17 - 2012-09-09 08:17 - 00472576 _____ () C:\Program Files (x86)\Pidgin\plugins\pidgin-otr.dll
2014-02-02 19:19 - 2014-02-02 19:19 - 00029256 _____ () C:\Program Files (x86)\Pidgin\plugins\pidginrc.dll
2014-02-02 19:19 - 2014-02-02 19:19 - 00015380 _____ () C:\Program Files (x86)\Pidgin\plugins\psychic.dll
2014-02-02 19:19 - 2014-02-02 19:19 - 00015429 _____ () C:\Program Files (x86)\Pidgin\plugins\relnot.dll
2014-02-02 19:19 - 2014-02-02 19:19 - 00015045 _____ () C:\Program Files (x86)\Pidgin\plugins\sendbutton.dll
2014-02-02 19:19 - 2014-02-02 19:19 - 00069575 _____ () C:\Program Files (x86)\Pidgin\plugins\spellchk.dll
2014-02-02 19:19 - 2014-02-02 19:19 - 00028276 _____ () C:\Program Files (x86)\Pidgin\plugins\ssl-nss.dll
2014-02-02 19:19 - 2014-02-02 19:19 - 00012004 _____ () C:\Program Files (x86)\Pidgin\plugins\ssl.dll
2014-02-02 19:19 - 2014-02-02 19:19 - 00015978 _____ () C:\Program Files (x86)\Pidgin\plugins\statenotify.dll
2014-02-02 19:19 - 2014-02-02 19:19 - 00030353 _____ () C:\Program Files (x86)\Pidgin\plugins\themeedit.dll
2014-02-02 19:19 - 2014-02-02 19:19 - 00032020 _____ () C:\Program Files (x86)\Pidgin\plugins\ticker.dll
2014-02-02 19:19 - 2014-02-02 19:19 - 00018399 _____ () C:\Program Files (x86)\Pidgin\plugins\timestamp.dll
2014-02-02 19:19 - 2014-02-02 19:19 - 00023851 _____ () C:\Program Files (x86)\Pidgin\plugins\timestamp_format.dll
2014-02-02 19:19 - 2014-02-02 19:19 - 00029791 _____ () C:\Program Files (x86)\Pidgin\plugins\win2ktrans.dll
2014-02-02 19:19 - 2014-02-02 19:19 - 00030771 _____ () C:\Program Files (x86)\Pidgin\plugins\winprefs.dll
2014-02-02 19:19 - 2014-02-02 19:19 - 00037191 _____ () C:\Program Files (x86)\Pidgin\plugins\xmppconsole.dll
2014-02-02 19:19 - 2014-02-02 19:19 - 00044494 _____ () C:\Program Files (x86)\Pidgin\plugins\xmppdisco.dll
2014-02-02 19:18 - 2014-02-02 19:18 - 00102400 _____ () C:\Program Files (x86)\Pidgin\sasl2\saslANONYMOUS.dll
2014-02-02 19:18 - 2014-02-02 19:18 - 00115712 _____ () C:\Program Files (x86)\Pidgin\sasl2\saslCRAMMD5.dll
2014-02-02 19:18 - 2014-02-02 19:18 - 00140288 _____ () C:\Program Files (x86)\Pidgin\sasl2\saslDIGESTMD5.dll
2014-02-02 19:18 - 2014-02-02 19:18 - 00102912 _____ () C:\Program Files (x86)\Pidgin\sasl2\saslLOGIN.dll
2014-02-02 19:18 - 2014-02-02 19:18 - 00102912 _____ () C:\Program Files (x86)\Pidgin\sasl2\saslPLAIN.dll
2014-02-07 16:46 - 2014-02-07 16:46 - 00090496 _____ () C:\Program Files (x86)\Pidgin\Gtk\lib\gtk-2.0\2.10.0\engines\libwimp.dll
2014-02-02 19:19 - 2014-02-02 19:19 - 00509014 _____ () C:\Program Files (x86)\Pidgin\spellcheck\lib\enchant\libenchant_ispell.dll
2014-02-02 19:19 - 2014-02-02 19:19 - 00999501 _____ () C:\Program Files (x86)\Pidgin\spellcheck\lib\enchant\libenchant_myspell.dll
2014-03-15 08:32 - 2014-03-15 08:32 - 00012800 _____ () C:\Users\rolando\AppData\Local\Temp\ocr5B39.tmp\lib\ruby\1.9.1\i386-mingw32\enc\encdb.so
2014-03-15 08:32 - 2014-03-15 08:32 - 00009728 _____ () C:\Users\rolando\AppData\Local\Temp\ocr5B39.tmp\lib\ruby\1.9.1\i386-mingw32\enc\iso_8859_1.so
2014-03-15 08:32 - 2014-03-15 08:32 - 00014848 _____ () C:\Users\rolando\AppData\Local\Temp\ocr5B39.tmp\lib\ruby\1.9.1\i386-mingw32\enc\trans\transdb.so
2014-03-15 08:32 - 2014-03-15 08:32 - 00094208 _____ () C:\Users\rolando\AppData\Local\Temp\ocr5B39.tmp\src\rgloader\rgloader193.mswin.so
2014-03-15 08:33 - 2014-03-15 08:33 - 00009216 _____ () C:\Users\rolando\AppData\Local\Temp\ocr5B39.tmp\lib\ruby\1.9.1\i386-mingw32\etc.so
2014-03-15 08:33 - 2014-03-15 08:33 - 00094208 _____ () C:\Users\rolando\AppData\Local\Temp\ocr5B39.tmp\lib\ruby\site_ruby\1.9.1\rgloader\rgloader193.mswin.so
2014-03-15 08:33 - 2014-03-15 08:33 - 00126976 _____ () C:\Users\rolando\AppData\Local\Temp\ocr5B39.tmp\lib\ruby\1.9.1\i386-mingw32\win32ole.so
2014-03-15 08:33 - 2014-03-15 08:33 - 00087552 _____ () C:\Users\rolando\AppData\Local\Temp\ocr5B39.tmp\lib\ruby\1.9.1\i386-mingw32\dl.so
2014-03-15 08:33 - 2014-03-15 08:33 - 00016384 _____ () C:\Users\rolando\AppData\Local\Temp\ocr5B39.tmp\lib\ruby\1.9.1\i386-mingw32\fiddle.so
2014-03-15 08:32 - 2014-03-15 08:32 - 00127316 _____ () C:\Users\rolando\AppData\Local\Temp\ocr5B39.tmp\bin\libffi-6.dll
2014-03-15 08:32 - 2014-03-15 08:32 - 00008704 _____ () C:\Users\rolando\AppData\Local\Temp\ocr5B39.tmp\lib\ruby\1.9.1\i386-mingw32\enc\utf_16le.so
2014-03-15 08:33 - 2014-03-15 08:33 - 00013312 _____ () C:\Users\rolando\AppData\Local\Temp\ocr5B39.tmp\lib\ruby\1.9.1\i386-mingw32\enc\trans\utf_16_32.so
2014-03-15 08:33 - 2014-03-15 08:33 - 00095744 _____ () C:\Users\rolando\AppData\Local\Temp\ocr5B39.tmp\lib\ruby\1.9.1\i386-mingw32\enc\trans\single_byte.so
2014-03-15 08:33 - 2014-03-15 08:34 - 00027648 _____ () C:\Users\rolando\AppData\Local\Temp\ocr5B39.tmp\lib\ruby\gems\1.9.1\gems\win32-api-1.4.8-x86-mingw32\lib\win32\ruby19\win32\api.so
2014-03-11 11:01 - 2014-02-24 17:00 - 00046080 _____ () C:\Program Files (x86)\SRWare Iron\chrome_elf.dll
2011-04-12 19:34 - 2014-01-29 23:38 - 00902144 _____ () C:\Program Files (x86)\SRWare Iron\libglesv2.dll
2011-04-12 19:34 - 2014-02-24 16:51 - 00102912 _____ () C:\Program Files (x86)\SRWare Iron\libegl.dll
2013-01-25 22:29 - 2014-02-24 16:51 - 00888832 _____ () C:\Program Files (x86)\SRWare Iron\ffmpegsumo.dll
2014-02-17 22:01 - 2014-02-17 22:01 - 00170496 _____ () C:\Windows\assembly\NativeImages_v2.0.50727_32\IsdiInterop\a49f11fc4544aadc51c504f0ee3c1028\IsdiInterop.ni.dll
2011-03-14 02:08 - 2010-03-03 20:08 - 00058880 _____ () C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IsdiInterop.dll
2014-03-15 08:35 - 2014-03-15 08:35 - 00012800 _____ () C:\Users\rolando\AppData\Local\Temp\ocrAEF3.tmp\lib\ruby\1.9.1\i386-mingw32\enc\encdb.so
2014-03-15 08:35 - 2014-03-15 08:35 - 00009728 _____ () C:\Users\rolando\AppData\Local\Temp\ocrAEF3.tmp\lib\ruby\1.9.1\i386-mingw32\enc\iso_8859_1.so
2014-03-15 08:35 - 2014-03-15 08:35 - 00014848 _____ () C:\Users\rolando\AppData\Local\Temp\ocrAEF3.tmp\lib\ruby\1.9.1\i386-mingw32\enc\trans\transdb.so
2014-03-15 08:35 - 2014-03-15 08:35 - 00094208 _____ () C:\Users\rolando\AppData\Local\Temp\ocrAEF3.tmp\src\rgloader\rgloader193.mswin.so
2014-03-15 08:35 - 2014-03-15 08:35 - 00094208 _____ () C:\Users\rolando\AppData\Local\Temp\ocrAEF3.tmp\lib\ruby\site_ruby\1.9.1\rgloader\rgloader193.mswin.so
2014-03-15 08:35 - 2014-03-15 08:35 - 00118784 _____ () C:\Users\rolando\AppData\Local\Temp\ocrAEF3.tmp\lib\ruby\1.9.1\i386-mingw32\socket.so
2014-03-15 08:36 - 2014-03-15 08:36 - 00069120 _____ () C:\Users\rolando\AppData\Local\Temp\ocrAEF3.tmp\lib\ruby\1.9.1\i386-mingw32\zlib.so
2014-03-15 08:35 - 2014-03-15 08:35 - 00083968 _____ () C:\Users\rolando\AppData\Local\Temp\ocrAEF3.tmp\bin\zlib1.dll
2014-03-15 08:36 - 2014-03-15 08:36 - 00026624 _____ () C:\Users\rolando\AppData\Local\Temp\ocrAEF3.tmp\lib\ruby\1.9.1\i386-mingw32\stringio.so
2014-03-15 08:36 - 2014-03-15 08:36 - 00275968 _____ () C:\Users\rolando\AppData\Local\Temp\ocrAEF3.tmp\lib\ruby\1.9.1\i386-mingw32\openssl.so
2014-03-15 08:36 - 2014-03-15 08:36 - 00015360 _____ () C:\Users\rolando\AppData\Local\Temp\ocrAEF3.tmp\lib\ruby\1.9.1\i386-mingw32\digest.so
2014-03-15 08:36 - 2014-03-15 08:36 - 00008192 _____ () C:\Users\rolando\AppData\Local\Temp\ocrAEF3.tmp\lib\ruby\1.9.1\i386-mingw32\fcntl.so
2014-03-15 08:36 - 2014-03-15 08:36 - 00009216 _____ () C:\Users\rolando\AppData\Local\Temp\ocrAEF3.tmp\lib\ruby\1.9.1\i386-mingw32\etc.so
2014-03-15 08:36 - 2014-03-15 08:36 - 00023552 _____ () C:\Users\rolando\AppData\Local\Temp\ocrAEF3.tmp\lib\ruby\1.9.1\i386-mingw32\json\ext\parser.so
2014-03-15 08:36 - 2014-03-15 08:36 - 00008704 _____ () C:\Users\rolando\AppData\Local\Temp\ocrAEF3.tmp\lib\ruby\1.9.1\i386-mingw32\enc\utf_16be.so
2014-03-15 08:35 - 2014-03-15 08:35 - 00008704 _____ () C:\Users\rolando\AppData\Local\Temp\ocrAEF3.tmp\lib\ruby\1.9.1\i386-mingw32\enc\utf_16le.so
2014-03-15 08:36 - 2014-03-15 08:36 - 00008704 _____ () C:\Users\rolando\AppData\Local\Temp\ocrAEF3.tmp\lib\ruby\1.9.1\i386-mingw32\enc\utf_32be.so
2014-03-15 08:36 - 2014-03-15 08:36 - 00008704 _____ () C:\Users\rolando\AppData\Local\Temp\ocrAEF3.tmp\lib\ruby\1.9.1\i386-mingw32\enc\utf_32le.so
2014-03-15 08:36 - 2014-03-15 08:36 - 00036352 _____ () C:\Users\rolando\AppData\Local\Temp\ocrAEF3.tmp\lib\ruby\1.9.1\i386-mingw32\json\ext\generator.so
2014-03-15 08:36 - 2014-03-15 08:36 - 00126976 _____ () C:\Users\rolando\AppData\Local\Temp\ocrAEF3.tmp\lib\ruby\1.9.1\i386-mingw32\win32ole.so
2014-03-15 08:36 - 2014-03-15 08:36 - 00087552 _____ () C:\Users\rolando\AppData\Local\Temp\ocrAEF3.tmp\lib\ruby\1.9.1\i386-mingw32\dl.so
2014-03-15 08:36 - 2014-03-15 08:36 - 00016384 _____ () C:\Users\rolando\AppData\Local\Temp\ocrAEF3.tmp\lib\ruby\1.9.1\i386-mingw32\fiddle.so
2014-03-15 08:35 - 2014-03-15 08:35 - 00127316 _____ () C:\Users\rolando\AppData\Local\Temp\ocrAEF3.tmp\bin\libffi-6.dll
2014-03-15 08:35 - 2014-03-15 08:35 - 00013312 _____ () C:\Users\rolando\AppData\Local\Temp\ocrAEF3.tmp\lib\ruby\1.9.1\i386-mingw32\enc\trans\utf_16_32.so
2014-03-15 08:35 - 2014-03-15 08:35 - 00095744 _____ () C:\Users\rolando\AppData\Local\Temp\ocrAEF3.tmp\lib\ruby\1.9.1\i386-mingw32\enc\trans\single_byte.so
2014-03-15 08:36 - 2014-03-15 08:36 - 00027648 _____ () C:\Users\rolando\AppData\Local\Temp\ocrAEF3.tmp\lib\ruby\gems\1.9.1\gems\win32-api-1.4.8-x86-mingw32\lib\win32\ruby19\win32\api.so
2013-01-06 10:31 - 2013-12-14 12:17 - 00815104 _____ () C:\Program Files\pia_manager\pia_tray\runtime\1.2.0.RC6d\khost.dll
2013-01-06 10:31 - 2013-12-14 12:17 - 01198592 _____ () C:\Program Files\pia_manager\pia_tray\runtime\1.2.0.RC6d\PocoFoundation.dll
2013-01-06 10:31 - 2013-12-14 12:17 - 00745472 _____ () C:\Program Files\pia_manager\pia_tray\runtime\1.2.0.RC6d\CFLite.dll
2013-01-06 10:31 - 2013-12-14 12:17 - 00059904 _____ () C:\Program Files\pia_manager\pia_tray\runtime\1.2.0.RC6d\zlib1.dll
2013-01-06 10:31 - 2013-12-14 12:17 - 01234944 _____ () C:\Program Files\pia_manager\pia_tray\runtime\1.2.0.RC6d\libxml2.dll
2013-01-06 10:31 - 2013-12-14 12:17 - 00200704 _____ () C:\Program Files\pia_manager\pia_tray\modules\tiapp\1.2.0.RC6d\tiappmodule.dll
2013-01-06 10:31 - 2013-12-14 12:17 - 00290816 _____ () C:\Program Files\pia_manager\pia_tray\runtime\1.2.0.RC6d\PocoUtil.dll
2013-01-06 10:31 - 2013-12-14 12:17 - 00511488 _____ () C:\Program Files\pia_manager\pia_tray\runtime\1.2.0.RC6d\PocoXML.dll
2013-01-06 10:31 - 2013-12-14 12:17 - 00184320 _____ () C:\Program Files\pia_manager\pia_tray\modules\tifilesystem\1.2.0.RC6d\tifilesystemmodule.dll
2013-01-06 10:31 - 2013-12-14 12:17 - 00344064 _____ () C:\Program Files\pia_manager\pia_tray\modules\tiui\1.2.0.RC6d\tiuimodule.dll
2013-01-06 10:31 - 2013-12-14 12:17 - 00376832 _____ () C:\Program Files\pia_manager\pia_tray\modules\tinetwork\1.2.0.RC6d\tinetworkmodule.dll
2013-01-06 10:31 - 2013-12-14 12:17 - 00642048 _____ () C:\Program Files\pia_manager\pia_tray\runtime\1.2.0.RC6d\PocoNet.dll
2013-01-06 10:31 - 2013-12-14 12:17 - 00217088 _____ () C:\Program Files\pia_manager\pia_tray\modules\tiprocess\1.2.0.RC6d\tiprocessmodule.dll
 
==================== Alternate Data Streams (whitelisted) =========
 
AlternateDataStreams: C:\Windows\SysWOW64\zlib.dll:DocumentSummaryInformation
AlternateDataStreams: C:\Windows\SysWOW64\zlib.dll:SummaryInformation
AlternateDataStreams: C:\Windows\SysWOW64\zlib.dll:{4c8cc155-6c1e-11d1-8e41-00c04fb9386d}
 
==================== Safe Mode (whitelisted) ===================
 
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\00252534.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\23895136.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\CleanHlp => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\CleanHlp.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\rpcnet => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\00252534.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\23895136.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\CleanHlp => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\CleanHlp.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\rpcnet => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\sndappv2 => ""="service"
 
==================== Disabled items from MSCONFIG ==============
 
MSCONFIG\Services: AdobeARMservice => 2
MSCONFIG\Services: CACLEARWIRE => 3
MSCONFIG\Services: clearwireDeviceDiagnosticsService => 2
MSCONFIG\Services: CLEARWIRERcAppSvc => 3
MSCONFIG\Services: SMSI Device Launch Service => 2
MSCONFIG\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^Bluetooth.lnk => C:\Windows\pss\Bluetooth.lnk.CommonStartup
MSCONFIG\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^Box Sync.lnk => C:\Windows\pss\Box Sync.lnk.CommonStartup
MSCONFIG\startupreg: Adobe ARM => "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
MSCONFIG\startupreg: AdobeAAMUpdater-1.0 => "C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe"
MSCONFIG\startupreg: AdobeCS5ServiceManager => "C:\Program Files (x86)\Common Files\Adobe\CS5ServiceManager\CS5ServiceManager.exe" -launchedbylogin
MSCONFIG\startupreg: APSDaemon => "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"
MSCONFIG\startupreg: BoxSyncHelper => "C:\Program Files\Box Sync\BoxSyncHelper.exe"
MSCONFIG\startupreg: Clearwire Connection Manager => "C:\Program Files (x86)\Clearwire\Connection Manager\ClearwireCM.exe" -a
MSCONFIG\startupreg: ConnectionCenter => "C:\Program Files (x86)\Citrix\ICA Client\concentr.exe" /startup
MSCONFIG\startupreg: DAEMON Tools Lite => "C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe" -autorun
MSCONFIG\startupreg: iTunesHelper => "C:\Program Files (x86)\iTunes\iTunesHelper.exe"
MSCONFIG\startupreg: KeePass 2 PreLoad => "C:\Program Files (x86)\KeePass Password Safe 2\KeePass.exe" --preload
MSCONFIG\startupreg: KeyScrambler => C:\Program Files (x86)\KeyScrambler\keyscrambler.exe /a
MSCONFIG\startupreg: Overwolf => C:\Program Files (x86)\Overwolf\Overwolf.exe -silent
MSCONFIG\startupreg: PicPick Start => C:\Program Files (x86)\PicPick\picpick.exe /startup
MSCONFIG\startupreg: Windows Mobile Device Center => %windir%\WindowsMobile\wmdc.exe
MSCONFIG\startupreg: XboxStat => "C:\Program Files\Microsoft Xbox 360 Accessories\XboxStat.exe" silentrun
 
==================== Faulty Device Manager Devices =============
 
Name: facap, FastAccess Video Capture
Description: facap, FastAccess Video Capture
Class Guid: {6bdd1fc6-810f-11d0-bec7-08002be2092f}
Manufacturer: Sensible Vision
Service: FACAP
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.
 
Name: Teredo Tunneling Pseudo-Interface
Description: Microsoft Teredo Tunneling Adapter
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: tunnel
Problem: : This device cannot start. (Code10)
Resolution: Device failed to start. Click "Update Driver" to update the drivers for this device.
On the "General Properties" tab of the device, click "Troubleshoot" to start the troubleshooting wizard.
 
Name: VirtualBox Host-Only Ethernet Adapter
Description: VirtualBox Host-Only Ethernet Adapter
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Oracle Corporation
Service: VBoxNetAdp
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.
 
 
==================== Event log errors: =========================
 
Application errors:
==================
Error: (03/15/2014 08:42:22 AM) (Source: PreyCronService) (User: )
Description: The system cannot find the file specified
 
Error: (03/15/2014 08:32:25 AM) (Source: PreyCronService) (User: )
Description: The system cannot find the file specified
 
Error: (03/15/2014 00:11:57 AM) (Source: PreyCronService) (User: )
Description: The system cannot find the file specified
 
Error: (03/15/2014 00:01:58 AM) (Source: PreyCronService) (User: )
Description: The system cannot find the file specified
 
Error: (03/14/2014 11:56:21 PM) (Source: PreyCronService) (User: )
Description: The system cannot find the file specified
 
Error: (03/14/2014 11:46:21 PM) (Source: PreyCronService) (User: )
Description: The system cannot find the file specified
 
Error: (03/14/2014 11:36:21 PM) (Source: PreyCronService) (User: )
Description: The system cannot find the file specified
 
Error: (03/14/2014 11:26:21 PM) (Source: PreyCronService) (User: )
Description: The system cannot find the file specified
 
Error: (03/14/2014 11:16:21 PM) (Source: PreyCronService) (User: )
Description: The system cannot find the file specified
 
Error: (03/14/2014 11:06:21 PM) (Source: PreyCronService) (User: )
Description: The system cannot find the file specified
 
 
System errors:
=============
Error: (03/15/2014 08:36:51 AM) (Source: Microsoft-Windows-DNS-Client) (User: NT AUTHORITY)
Description: There was an error while attempting to read the local hosts file.
 
Error: (03/15/2014 08:36:47 AM) (Source: Microsoft-Windows-DNS-Client) (User: NT AUTHORITY)
Description: There was an error while attempting to read the local hosts file.
 
Error: (03/15/2014 08:34:04 AM) (Source: Service Control Manager) (User: )
Description: The following boot-start or system-start driver(s) failed to load: 
ASPI32
 
Error: (03/15/2014 08:33:06 AM) (Source: DCOM) (User: NT AUTHORITY)
Description: application-specificLocalLaunch{C97FCC79-E628-407D-AE68-A06AD6D8B4D1}{344ED43D-D086-4961-86A6-1106F4ACAD9B}NT AUTHORITYSYSTEMS-1-5-18LocalHost (Using LRPC)
 
Error: (03/15/2014 08:32:44 AM) (Source: Service Control Manager) (User: )
Description: The Windows Defender service terminated with the following error: 
%%126
 
Error: (03/15/2014 08:32:23 AM) (Source: Service Control Manager) (User: )
Description: The LibUsb-Win32 - Daemon, Version 0.1.10.1 service failed to start due to the following error: 
%%2
 
Error: (03/15/2014 08:32:06 AM) (Source: Microsoft-Windows-DNS-Client) (User: NT AUTHORITY)
Description: There was an error while attempting to read the local hosts file.
 
Error: (03/15/2014 08:32:04 AM) (Source: Microsoft-Windows-DNS-Client) (User: NT AUTHORITY)
Description: There was an error while attempting to read the local hosts file.
 
Error: (03/15/2014 08:32:03 AM) (Source: Microsoft-Windows-DNS-Client) (User: NT AUTHORITY)
Description: There was an error while attempting to read the local hosts file.
 
Error: (03/15/2014 08:31:25 AM) (Source: Application Popup) (User: )
Description: \SystemRoot\SysWow64\drivers\libusb0.sys has been blocked from loading due to incompatibility with this system. Please contact your software vendor for a compatible version of the driver.
 
 
Microsoft Office Sessions:
=========================
Error: (03/15/2014 08:42:22 AM) (Source: PreyCronService)(User: )
Description: The system cannot find the file specified
 
Error: (03/15/2014 08:32:25 AM) (Source: PreyCronService)(User: )
Description: The system cannot find the file specified
 
Error: (03/15/2014 00:11:57 AM) (Source: PreyCronService)(User: )
Description: The system cannot find the file specified
 
Error: (03/15/2014 00:01:58 AM) (Source: PreyCronService)(User: )
Description: The system cannot find the file specified
 
Error: (03/14/2014 11:56:21 PM) (Source: PreyCronService)(User: )
Description: The system cannot find the file specified
 
Error: (03/14/2014 11:46:21 PM) (Source: PreyCronService)(User: )
Description: The system cannot find the file specified
 
Error: (03/14/2014 11:36:21 PM) (Source: PreyCronService)(User: )
Description: The system cannot find the file specified
 
Error: (03/14/2014 11:26:21 PM) (Source: PreyCronService)(User: )
Description: The system cannot find the file specified
 
Error: (03/14/2014 11:16:21 PM) (Source: PreyCronService)(User: )
Description: The system cannot find the file specified
 
Error: (03/14/2014 11:06:21 PM) (Source: PreyCronService)(User: )
Description: The system cannot find the file specified
 
 
CodeIntegrity Errors:
===================================
  Date: 2013-04-12 18:39:29.684
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\EAB.tmp because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
 
  Date: 2013-04-12 18:39:29.525
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\EAB.tmp because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
 
  Date: 2012-04-10 21:57:56.917
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume3\ComboFix\catchme.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
 
  Date: 2012-04-10 21:57:56.867
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume3\ComboFix\catchme.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
 
  Date: 2011-09-09 08:24:20.757
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume3\Program Files (x86)\Unlocker\UnlockerDriver5.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
 
  Date: 2011-09-09 08:24:20.726
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume3\Program Files (x86)\Unlocker\UnlockerDriver5.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
 
  Date: 2011-09-09 08:24:20.695
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume3\Program Files (x86)\Unlocker\UnlockerDriver5.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
 
  Date: 2011-09-09 08:24:20.664
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume3\Program Files (x86)\Unlocker\UnlockerDriver5.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
 
  Date: 2011-05-06 13:40:31.416
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\1CB5.tmp because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
 
  Date: 2011-05-06 13:40:31.393
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\1CB5.tmp because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
 
 
==================== Memory info =========================== 
 
Percentage of memory in use: 38%
Total physical RAM: 8180.5 MB
Available physical RAM: 5054.4 MB
Total Pagefile: 16359.19 MB
Available Pagefile: 12383.63 MB
Total Virtual: 8192 MB
Available Virtual: 8191.32 MB
 
==================== Drives ================================
 
Drive c: (OS) (Fixed) (Total:451.07 GB) (Free:13.49 GB) NTFS
 
==================== MBR & Partition Table ==================
 
========================================================
Disk: 0 (MBR Code: Windows 7 or Vista) (Size: 466 GB) (Disk ID: 5D050B6D)
Partition 1: (Not Active) - (Size=39 MB) - (Type=DE)
Partition 2: (Active) - (Size=15 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=451 GB) - (Type=07 NTFS)
 
==================== End Of Log ============================

 

Attached Files



#4 leoliger

leoliger
  • Topic Starter

  • Members
  • 79 posts
  • OFFLINE
  •  
  • Gender:Not Telling
  • Local time:09:40 PM

Posted 15 March 2014 - 08:58 AM

The View Password is I believe the one that is causing it, as that tends to match the ads on where they are coming from. It turns out that it is under white-listed programs. 



#5 gringo_pr

gringo_pr

    Bleepin Gringo


  • Malware Response Team
  • 136,772 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Puerto rico
  • Local time:11:40 PM

Posted 15 March 2014 - 11:20 AM



Hello leoliger

These are the programs I would like you to run next, if you have any problems with one of these just skip it and move on to the next one.

-AdwCleaner-

Please download AdwCleaner by Xplode onto your desktop.
  • Close all open programs and internet browsers.
  • Double click on AdwCleaner.exe to run the tool.
  • Click on Scan.
  • After the scan is complete click on "Clean"
  • Confirm each time with Ok.
  • Your computer will be rebooted automatically. A text file will open after the restart.
  • Please post the content of that logfile with your next answer.
  • You can find the logfile at C:\AdwCleaner[S1].txt as well.
-Junkware-Removal-Tool-

Please download Junkware Removal Tool to your desktop.
  • Shut down your protection software now to avoid potential conflicts.
  • Run the tool by double-clicking it. If you are using Windows Vista, 7, or 8; instead of double-clicking, right-mouse click JRT.exe and select "Run as Administrator".
  • The tool will open and start scanning your system.
  • Please be patient as this can take a while to complete depending on your system's specifications.
  • On completion, a log (JRT.txt) is saved to your desktop and will automatically open.
  • Post the contents of JRT.txt into your next message.
When they are complete let me have the two reports and let me know how things are running.

Gringo
I Close My Topics If You Have Not Replied In 5 Days If You Will Be Longer Please Let Me Know

If I Have Not Replied To One Of My Topics In 48 Hrs Please Bump The Topic



My help is free, however, if you wish to make a small donation to show your appreciation or to help me continue the fight against Malware, then click here -->btn_donate_SM.gif<-- Don't worry every little bit helps.

Proud Graduate Of Malware Removal University

#6 leoliger

leoliger
  • Topic Starter

  • Members
  • 79 posts
  • OFFLINE
  •  
  • Gender:Not Telling
  • Local time:09:40 PM

Posted 16 March 2014 - 10:21 AM

Adware Cleaner Log:
 
 
# AdwCleaner v3.022 - Report created 16/03/2014 at 10:15:26
# Updated 13/03/2014 by Xplode
# Operating System : Windows 7 Home Premium Service Pack 1 (64 bits)
# Username : rolando - ARTEMIS
# Running from : C:\Users\rolando\Desktop\AdwCleaner.exe
# Option : Clean
 
***** [ Services ] *****
 
 
***** [ Files / Folders ] *****
 
File Deleted : C:\Program Files (x86)\Mozilla Firefox\browser\searchplugins\avg-secure-search.xml
File Deleted : C:\Users\rolando\AppData\Roaming\Mozilla\Firefox\Profiles\isrf5prv.default-1349530064513\user.js
 
***** [ Shortcuts ] *****
 
 
***** [ Registry ] *****
 
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{66EEF543-A9AC-4A9D-AA3C-1ED148AC8EEE}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{66EEF543-A9AC-4A9D-AA3C-1ED148AC8FFE}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{79FB5FC8-44B9-4AF5-BADD-CCE547F953E5}
 
***** [ Browsers ] *****
 
-\\ Internet Explorer v11.0.9600.16518
 
 
-\\ Mozilla Firefox v27.0.1 (en-US)
 
[ File : C:\Users\rolando\AppData\Roaming\Mozilla\Firefox\Profiles\isrf5prv.default-1349530064513\prefs.js ]
 
Line Deleted : user_pref("extensions.xnotifier.accounts.[hotmail#leoliger@live.com].inboxOnly", true);
 
*************************
 
AdwCleaner[R0].txt - [5843 octets] - [27/10/2013 18:45:58]
AdwCleaner[R1].txt - [1525 octets] - [31/10/2013 18:32:03]
AdwCleaner[R2].txt - [1614 octets] - [16/03/2014 10:13:56]
AdwCleaner[S0].txt - [5676 octets] - [27/10/2013 18:49:31]
AdwCleaner[S1].txt - [1479 octets] - [31/10/2013 18:39:50]
AdwCleaner[S2].txt - [1535 octets] - [16/03/2014 10:15:26]
 
########## EOF - C:\AdwCleaner\AdwCleaner[S2].txt - [1595 octets] ##########


#7 gringo_pr

gringo_pr

    Bleepin Gringo


  • Malware Response Team
  • 136,772 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Puerto rico
  • Local time:11:40 PM

Posted 16 March 2014 - 10:26 AM


Hello leoliger

I Would like you to do the following.

Please print out or make a copy in notepad of any instructions given, as sometimes it is necessary to go offline and you will lose access to them.

Run Combofix:

You may be asked to install or update the Recovery Console (Win XP Only) if this happens please allow it to do so (you will need to be connected to the internet for this)

Before you run Combofix I will need you to turn off any security software you have running, If you do not know how to do this you can find out >here< or >here<

Combofix may need to reboot your computer more than once to do its job this is normal.

You can download Combofix from one of these links. I want you to save it to the desktop and run it from there.1. Close any open browsers or any other programs that are open.
2. Close/disable all anti virus and anti malware programs so they do not interfere with the running of ComboFix.

Double click on combofix.exe & follow the prompts.
When finished, it will produce a report for you.

Note 1: Do not mouseclick combofix's window while it's running. That may cause it to stall

Note 2: If you receive an error "Illegal operation attempted on a registry key that has been marked for deletion." Please restart the computer

"information and logs"
  • In your next post I need the following
  • Log from Combofix
  • let me know of any problems you may have had
  • How is the computer doing now?
Gringo
I Close My Topics If You Have Not Replied In 5 Days If You Will Be Longer Please Let Me Know

If I Have Not Replied To One Of My Topics In 48 Hrs Please Bump The Topic



My help is free, however, if you wish to make a small donation to show your appreciation or to help me continue the fight against Malware, then click here -->btn_donate_SM.gif<-- Don't worry every little bit helps.

Proud Graduate Of Malware Removal University

#8 leoliger

leoliger
  • Topic Starter

  • Members
  • 79 posts
  • OFFLINE
  •  
  • Gender:Not Telling
  • Local time:09:40 PM

Posted 16 March 2014 - 10:32 AM

JRT Log:

 

# AdwCleaner v3.022 - Report created 16/03/2014 at 10:15:26
# Updated 13/03/2014 by Xplode
# Operating System : Windows 7 Home Premium Service Pack 1 (64 bits)
# Username : rolando - ARTEMIS
# Running from : C:\Users\rolando\Desktop\AdwCleaner.exe
# Option : Clean

***** [ Services ] *****


***** [ Files / Folders ] *****

File Deleted : C:\Program Files (x86)\Mozilla Firefox\browser\searchplugins\avg-secure-search.xml
File Deleted : C:\Users\rolando\AppData\Roaming\Mozilla\Firefox\Profiles\isrf5prv.default-1349530064513\user.js

***** [ Shortcuts ] *****


***** [ Registry ] *****

Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{66EEF543-A9AC-4A9D-AA3C-1ED148AC8EEE}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{66EEF543-A9AC-4A9D-AA3C-1ED148AC8FFE}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{79FB5FC8-44B9-4AF5-BADD-CCE547F953E5}

***** [ Browsers ] *****

-\\ Internet Explorer v11.0.9600.16518


-\\ Mozilla Firefox v27.0.1 (en-US)

[ File : C:\Users\rolando\AppData\Roaming\Mozilla\Firefox\Profiles\isrf5prv.default-1349530064513\prefs.js ]

Line Deleted : user_pref("extensions.xnotifier.accounts.[hotmail#leoliger@live.com].inboxOnly", true);

*************************

AdwCleaner[R0].txt - [5843 octets] - [27/10/2013 18:45:58]
AdwCleaner[R1].txt - [1525 octets] - [31/10/2013 18:32:03]
AdwCleaner[R2].txt - [1614 octets] - [16/03/2014 10:13:56]
AdwCleaner[S0].txt - [5676 octets] - [27/10/2013 18:49:31]
AdwCleaner[S1].txt - [1479 octets] - [31/10/2013 18:39:50]
AdwCleaner[S2].txt - [1535 octets] - [16/03/2014 10:15:26]

########## EOF - C:\AdwCleaner\AdwCleaner[S2].txt - [1595 octets] ##########
 



#9 leoliger

leoliger
  • Topic Starter

  • Members
  • 79 posts
  • OFFLINE
  •  
  • Gender:Not Telling
  • Local time:09:40 PM

Posted 16 March 2014 - 10:35 AM

So, I have ran both programs. There is still an adware popping up on the top right screen on the Forefox browser calling for tech support on the Bleeping computer site. I know there is no such thing and there are still random words underlined in green. Everytime you hover over the words with green underline a adware message pops up. So, it has not rid of the adware at the moment. Chrome (Swr Iron) does not seem to be affected. It is only affecting the Firefox and IE browser.


Edited by leoliger, 16 March 2014 - 10:36 AM.


#10 gringo_pr

gringo_pr

    Bleepin Gringo


  • Malware Response Team
  • 136,772 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Puerto rico
  • Local time:11:40 PM

Posted 16 March 2014 - 11:03 AM


Hello leoliger

I Would like you to do the following.

Please print out or make a copy in notepad of any instructions given, as sometimes it is necessary to go offline and you will lose access to them.

Run Combofix:

You may be asked to install or update the Recovery Console (Win XP Only) if this happens please allow it to do so (you will need to be connected to the internet for this)

Before you run Combofix I will need you to turn off any security software you have running, If you do not know how to do this you can find out >here< or >here<

Combofix may need to reboot your computer more than once to do its job this is normal.

You can download Combofix from one of these links. I want you to save it to the desktop and run it from there.1. Close any open browsers or any other programs that are open.
2. Close/disable all anti virus and anti malware programs so they do not interfere with the running of ComboFix.

Double click on combofix.exe & follow the prompts.
When finished, it will produce a report for you.

Note 1: Do not mouseclick combofix's window while it's running. That may cause it to stall

Note 2: If you receive an error "Illegal operation attempted on a registry key that has been marked for deletion." Please restart the computer

"information and logs"
  • In your next post I need the following
  • Log from Combofix
  • let me know of any problems you may have had
  • How is the computer doing now?
Gringo
I Close My Topics If You Have Not Replied In 5 Days If You Will Be Longer Please Let Me Know

If I Have Not Replied To One Of My Topics In 48 Hrs Please Bump The Topic



My help is free, however, if you wish to make a small donation to show your appreciation or to help me continue the fight against Malware, then click here -->btn_donate_SM.gif<-- Don't worry every little bit helps.

Proud Graduate Of Malware Removal University

#11 leoliger

leoliger
  • Topic Starter

  • Members
  • 79 posts
  • OFFLINE
  •  
  • Gender:Not Telling
  • Local time:09:40 PM

Posted 16 March 2014 - 11:03 AM

Sorry the ComboFix Log was interrpted. I restarted the computer before it can give the log, but the Combofix program still did not fix the problem though. The adware still pops up on the screen. I restarted the computer becuase of the note if the illegal registry was deleteing I should restart the computer, but the ComboFix never got a chance to send me the log. Should I run ComboFix again to receive the log?


Edited by leoliger, 16 March 2014 - 11:05 AM.


#12 gringo_pr

gringo_pr

    Bleepin Gringo


  • Malware Response Team
  • 136,772 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Puerto rico
  • Local time:11:40 PM

Posted 16 March 2014 - 11:48 AM


Hello leoliger

I would like to see the report so lets see if we can find the report this way.

Extra Combofix Report
  • push the "windows key" + "R" (between the "Ctrl" button and "Alt" Button)
  • please copy and past the following into the box
C:\ComboFix.txt
  • click ok
  • copy and paste the report into this topic for me to review
Gringo
I Close My Topics If You Have Not Replied In 5 Days If You Will Be Longer Please Let Me Know

If I Have Not Replied To One Of My Topics In 48 Hrs Please Bump The Topic



My help is free, however, if you wish to make a small donation to show your appreciation or to help me continue the fight against Malware, then click here -->btn_donate_SM.gif<-- Don't worry every little bit helps.

Proud Graduate Of Malware Removal University

#13 leoliger

leoliger
  • Topic Starter

  • Members
  • 79 posts
  • OFFLINE
  •  
  • Gender:Not Telling
  • Local time:09:40 PM

Posted 16 March 2014 - 11:52 AM

OK, I found it!

 

ComboFix 14-03-13.01 - rolando 03/16/2014  10:42:00.4.8 - x64
Microsoft Windows 7 Home Premium   6.1.7601.1.1252.1.1033.18.8181.5688 [GMT -5:00]
Running from: C:\Users\rolando\Desktop\ComboFix.exe
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}


(((((((((((((((((((((((((((((((((((((((   Other Deletions   )))))))))))))))))))))))))))))))))))))))))))))))))


C:\Windows\apppatch\AppLoc.exe
C:\Windows\AppPatch\Custom\{deb7008b-681e-4a4a-8aae-cc833e8216ce}.sdb

Infected copy of C:\Windows\SysWow64\userinit.exe was found and disinfected
Restored copy from - C:\Windows\ERDNT\cache86\userinit.exe


(((((((((((((((((((((((((   Files Created from 2014-02-16 to 2014-03-16  )))))))))))))))))))))))))))))))


2014-03-15 13:41:30 . 2014-03-15 13:44:21    --------    d-----w-    C:\FRST
2014-03-15 02:20:09 . 2014-03-15 02:20:11    --------    d-----w-    C:\Program Files (x86)\View-Password-soft
2014-03-15 01:41:05 . 2014-03-15 02:25:57    --------    d-----w-    C:\Users\rolando\AppData\Roaming\.minecraft
2014-03-15 01:34:50 . 2014-03-15 01:35:01    --------    d-----w-    C:\Program Files (x86)\Deluge
2014-03-11 18:26:36 . 2014-03-11 18:26:36    --------    d-----w-    C:\Users\rolando\AppData\Local\YACReader
2014-03-10 19:24:11 . 2014-01-09 02:22:42    5694464    ----a-w-    C:\Windows\SysWow64\mstscax.dll
2014-03-10 19:24:10 . 2014-01-03 22:44:58    6574592    ----a-w-    C:\Windows\system32\mstscax.dll
2014-03-04 17:34:08 . 2014-03-04 17:34:08    --------    d-----w-    C:\Users\rolando\AppData\Local\ElevatedDiagnostics
2014-03-03 21:32:38 . 2014-03-04 19:06:27    --------    d-----w-    C:\Users\rolando\AppData\Roaming\I2P
2014-03-03 21:32:24 . 2014-03-03 21:32:39    --------    d-----w-    C:\Program Files\i2p
2014-03-03 17:48:47 . 2014-03-16 15:50:57    --------    d-----w-    C:\Program Files (x86)\Emsisoft Anti-Malware
2014-03-03 03:05:24 . 2014-03-03 03:05:24    --------    d-----w-    C:\Users\rolando\AppData\Local\Western Digital
2014-03-03 03:05:20 . 2014-03-03 03:05:20    --------    d-----w-    C:\Users\rolando\AppData\Local\Western_Digital_Technolog
2014-03-03 02:41:09 . 2014-03-03 03:12:30    --------    d-----w-    C:\ProgramData\Western Digital
2014-02-28 22:25:02 . 2014-02-28 22:25:02    --------    d-----w-    C:\Users\rolando\AppData\Local\Arcode
2014-02-28 22:24:42 . 2014-02-28 22:25:41    --------    d-----w-    C:\Users\rolando\AppData\Local\Inky
2014-02-26 20:22:29 . 2014-02-26 20:22:29    --------    d-----w-    C:\ProgramData\PicPick
2014-02-25 20:17:06 . 2014-02-25 20:17:06    0    ----a-w-    C:\Windows\SysWow64\FAP557D.tmp
2014-02-25 20:16:23 . 2014-02-25 20:16:23    0    ----a-w-    C:\Windows\SysWow64\FAPAE83.tmp
2014-02-25 20:14:03 . 2014-02-25 20:14:03    0    ----a-w-    C:\Windows\SysWow64\FAP8936.tmp
2014-02-25 19:45:17 . 2014-02-25 19:45:17    0    ----a-w-    C:\Windows\SysWow64\FAP3385.tmp
2014-02-25 18:55:41 . 2014-02-25 18:55:41    0    ----a-w-    C:\Windows\SysWow64\FAPCC96.tmp
2014-02-25 18:15:42 . 2014-02-25 18:15:42    0    ----a-w-    C:\Windows\SysWow64\FAP2E71.tmp
2014-02-18 00:16:25 . 2014-02-18 00:23:39    --------    d-----w-    C:\Users\rolando\AppData\Local\Pokemon Showdown
2014-02-18 00:15:45 . 2014-02-18 00:15:47    --------    d-----w-    C:\Program Files (x86)\Pokemon Showdown
2014-02-17 02:16:59 . 2014-02-17 02:16:59    --------    d-----w-    C:\Program Files (x86)\uTorrent
2014-02-16 23:37:13 . 2013-12-21 09:53:45    548864    ----a-w-    C:\Windows\system32\vbscript.dll
2014-02-16 23:37:13 . 2013-12-21 08:56:47    454656    ----a-w-    C:\Windows\SysWow64\vbscript.dll
2014-02-16 23:34:34 . 2013-09-25 02:23:41    1030144    ----a-w-    C:\Windows\system32\TSWorkspace.dll
2014-02-16 23:33:23 . 2013-12-24 23:09:41    1987584    ----a-w-    C:\Windows\SysWow64\d3d10warp.dll
2014-02-16 23:33:23 . 2013-12-24 22:48:32    2565120    ----a-w-    C:\Windows\system32\d3d10warp.dll
2014-02-16 23:33:23 . 2013-11-26 08:16:50    3419136    ----a-w-    C:\Windows\SysWow64\d2d1.dll
2014-02-16 23:33:23 . 2013-11-22 22:48:21    3928064    ----a-w-    C:\Windows\system32\d2d1.dll
.


((((((((((((((((((((((((((((((((((((((((   Find3M Report   ))))))))))))))))))))))))))))))))))))))))))))))))))))

2014-03-16 15:52:18 . 2011-11-01 00:21:54    69792    ----a-w-    C:\Windows\SysWow64\rpcnet.dll
2014-02-17 06:32:00 . 2014-03-16 15:53:46    10536864    ----a-w-    C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{76720DC3-B73D-4C3E-87E4-B377B77AD2A9}\mpengine.dll
2014-02-16 23:47:51 . 2011-04-26 23:47:42    88567024    ----a-w-    C:\Windows\system32\MRT.exe
2014-02-07 21:40:17 . 2012-09-10 14:28:52    692616    ----a-w-    C:\Windows\SysWow64\FlashPlayerApp.exe
2014-02-07 21:40:17 . 2011-06-05 17:38:24    71048    ----a-w-    C:\Windows\SysWow64\FlashPlayerCPLApp.cpl
2014-02-03 17:20:54 . 2011-04-18 21:00:59    270496    ------w-    C:\Windows\system32\MpSigStub.exe
2014-01-23 21:05:00 . 2014-01-23 21:05:00    1683112    ----a-w-    C:\Windows\system32\FM20.DLL
2014-01-23 19:39:26 . 2014-01-23 19:39:26    940032    ----a-w-    C:\Windows\system32\MsSpellCheckingFacility.exe
2014-01-23 19:39:26 . 2014-01-23 19:39:26    194048    ----a-w-    C:\Windows\SysWow64\elshyph.dll
2014-01-23 19:39:21 . 2014-01-23 19:39:21    942592    ----a-w-    C:\Windows\system32\jsIntl.dll
2014-01-23 19:39:21 . 2014-01-23 19:39:21    90112    ----a-w-    C:\Windows\system32\SetIEInstalledDate.exe
2014-01-23 19:39:21 . 2014-01-23 19:39:21    86016    ----a-w-    C:\Windows\SysWow64\iesysprep.dll
2014-01-23 19:39:21 . 2014-01-23 19:39:21    86016    ----a-w-    C:\Windows\system32\RegisterIEPKEYs.exe
2014-01-23 19:39:21 . 2014-01-23 19:39:21    84992    ----a-w-    C:\Windows\system32\mshtmled.dll
2014-01-23 19:39:21 . 2014-01-23 19:39:21    83968    ----a-w-    C:\Windows\system32\MshtmlDac.dll
2014-01-23 19:39:21 . 2014-01-23 19:39:21    81408    ----a-w-    C:\Windows\system32\icardie.dll
2014-01-23 19:39:21 . 2014-01-23 19:39:21    774144    ----a-w-    C:\Windows\system32\jscript.dll
2014-01-23 19:39:21 . 2014-01-23 19:39:21    77312    ----a-w-    C:\Windows\system32\tdc.ocx
2014-01-23 19:39:21 . 2014-01-23 19:39:21    74240    ----a-w-    C:\Windows\SysWow64\SetIEInstalledDate.exe
2014-01-23 19:39:21 . 2014-01-23 19:39:21    71680    ----a-w-    C:\Windows\SysWow64\RegisterIEPKEYs.exe
2014-01-23 19:39:21 . 2014-01-23 19:39:21    645120    ----a-w-    C:\Windows\SysWow64\jsIntl.dll
2014-01-23 19:39:21 . 2014-01-23 19:39:21    62464    ----a-w-    C:\Windows\SysWow64\tdc.ocx
2014-01-23 19:39:21 . 2014-01-23 19:39:21    62464    ----a-w-    C:\Windows\system32\pngfilt.dll
2014-01-23 19:39:21 . 2014-01-23 19:39:21    61952    ----a-w-    C:\Windows\SysWow64\MshtmlDac.dll
2014-01-23 19:39:21 . 2014-01-23 19:39:21    616104    ----a-w-    C:\Windows\system32\ieapfltr.dat
2014-01-23 19:39:21 . 2014-01-23 19:39:21    52224    ----a-w-    C:\Windows\system32\msfeedsbs.dll
2014-01-23 19:39:21 . 2014-01-23 19:39:21    48640    ----a-w-    C:\Windows\SysWow64\mshtmler.dll
2014-01-23 19:39:21 . 2014-01-23 19:39:21    48640    ----a-w-    C:\Windows\system32\mshtmler.dll
2014-01-23 19:39:21 . 2014-01-23 19:39:21    48128    ----a-w-    C:\Windows\system32\imgutil.dll
2014-01-23 19:39:21 . 2014-01-23 19:39:21    453120    ----a-w-    C:\Windows\system32\dxtmsft.dll
2014-01-23 19:39:21 . 2014-01-23 19:39:21    413696    ----a-w-    C:\Windows\system32\html.iec
2014-01-23 19:39:21 . 2014-01-23 19:39:21    40448    ----a-w-    C:\Windows\system32\JavaScriptCollectionAgent.dll
2014-01-23 19:39:21 . 2014-01-23 19:39:21    36352    ----a-w-    C:\Windows\SysWow64\imgutil.dll
2014-01-23 19:39:21 . 2014-01-23 19:39:21    34816    ----a-w-    C:\Windows\SysWow64\JavaScriptCollectionAgent.dll
2014-01-23 19:39:21 . 2014-01-23 19:39:21    337408    ----a-w-    C:\Windows\SysWow64\html.iec
2014-01-23 19:39:21 . 2014-01-23 19:39:21    30208    ----a-w-    C:\Windows\system32\licmgr10.dll
2014-01-23 19:39:21 . 2014-01-23 19:39:21    296960    ----a-w-    C:\Windows\system32\dxtrans.dll
2014-01-23 19:39:21 . 2014-01-23 19:39:21    263376    ----a-w-    C:\Windows\system32\iedkcs32.dll
2014-01-23 19:39:21 . 2014-01-23 19:39:21    247808    ----a-w-    C:\Windows\system32\msls31.dll
2014-01-23 19:39:21 . 2014-01-23 19:39:21    24576    ----a-w-    C:\Windows\SysWow64\licmgr10.dll
2014-01-23 19:39:21 . 2014-01-23 19:39:21    243200    ----a-w-    C:\Windows\system32\webcheck.dll
2014-01-23 19:39:21 . 2014-01-23 19:39:21    235520    ----a-w-    C:\Windows\system32\url.dll
2014-01-23 19:39:21 . 2014-01-23 19:39:21    235008    ----a-w-    C:\Windows\system32\elshyph.dll
2014-01-23 19:39:21 . 2014-01-23 19:39:21    182272    ----a-w-    C:\Windows\SysWow64\msls31.dll
2014-01-23 19:39:21 . 2014-01-23 19:39:21    167424    ----a-w-    C:\Windows\system32\iexpress.exe
2014-01-23 19:39:21 . 2014-01-23 19:39:21    151552    ----a-w-    C:\Windows\SysWow64\iexpress.exe
2014-01-23 19:39:21 . 2014-01-23 19:39:21    147968    ----a-w-    C:\Windows\system32\occache.dll
2014-01-23 19:39:21 . 2014-01-23 19:39:21    143872    ----a-w-    C:\Windows\system32\wextract.exe
2014-01-23 19:39:21 . 2014-01-23 19:39:21    139264    ----a-w-    C:\Windows\SysWow64\wextract.exe
2014-01-23 19:39:21 . 2014-01-23 19:39:21    13824    ----a-w-    C:\Windows\system32\mshta.exe
2014-01-23 19:39:21 . 2014-01-23 19:39:21    135680    ----a-w-    C:\Windows\system32\iepeers.dll
2014-01-23 19:39:21 . 2014-01-23 19:39:21    13312    ----a-w-    C:\Windows\SysWow64\mshta.exe
2014-01-23 19:39:21 . 2014-01-23 19:39:21    13312    ----a-w-    C:\Windows\system32\msfeedssync.exe
2014-01-23 19:39:21 . 2014-01-23 19:39:21    131072    ----a-w-    C:\Windows\system32\IEAdvpack.dll
2014-01-23 19:39:21 . 2014-01-23 19:39:21    1228800    ----a-w-    C:\Windows\system32\mshtmlmedia.dll
2014-01-23 19:39:21 . 2014-01-23 19:39:21    111616    ----a-w-    C:\Windows\SysWow64\IEAdvpack.dll
2014-01-23 19:39:21 . 2014-01-23 19:39:21    105984    ----a-w-    C:\Windows\system32\iesysprep.dll
2014-01-23 19:39:21 . 2014-01-23 19:39:21    1051136    ----a-w-    C:\Windows\SysWow64\mshtmlmedia.dll
2014-01-23 19:39:21 . 2014-01-23 19:39:21    101376    ----a-w-    C:\Windows\system32\inseng.dll
2014-01-23 18:06:25 . 2012-03-02 01:53:48    2373248    ----a-w-    C:\ProgramData\Microsoft\VisualStudio\10.0\1033\ResourceCache.dll
2014-01-23 16:20:42 . 2014-01-23 16:20:49    312744    ----a-w-    C:\Windows\system32\javaws.exe
2014-01-23 16:20:42 . 2014-01-23 16:20:45    189352    ----a-w-    C:\Windows\system32\javaw.exe
2014-01-23 16:20:42 . 2014-01-23 16:20:45    189352    ----a-w-    C:\Windows\system32\java.exe
2014-01-23 16:20:42 . 2014-01-23 16:20:45    108968    ----a-w-    C:\Windows\system32\WindowsAccessBridge-64.dll
2013-12-17 04:27:21 . 2011-04-30 23:39:19    107368    ----a-w-    C:\Windows\system32\LMIRfsClientNP.dll
2013-12-17 04:27:19 . 2011-04-30 23:39:19    35656    ----a-w-    C:\Windows\system32\LMIport.dll
2013-12-17 04:27:18 . 2011-04-30 23:39:15    92488    ----a-w-    C:\Windows\system32\LMIinit.dll

 



#14 gringo_pr

gringo_pr

    Bleepin Gringo


  • Malware Response Team
  • 136,772 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Puerto rico
  • Local time:11:40 PM

Posted 16 March 2014 - 04:27 PM

Hello


In which browser do you see this at this time?


gringo
I Close My Topics If You Have Not Replied In 5 Days If You Will Be Longer Please Let Me Know

If I Have Not Replied To One Of My Topics In 48 Hrs Please Bump The Topic



My help is free, however, if you wish to make a small donation to show your appreciation or to help me continue the fight against Malware, then click here -->btn_donate_SM.gif<-- Don't worry every little bit helps.

Proud Graduate Of Malware Removal University

#15 leoliger

leoliger
  • Topic Starter

  • Members
  • 79 posts
  • OFFLINE
  •  
  • Gender:Not Telling
  • Local time:09:40 PM

Posted 16 March 2014 - 10:18 PM

At the moment is it within Firefox and IE. Chrome (Swr Iron variant) does not seem to be affected by it, however I have not used the Chrome browser only for specific purposes. I never use IE, but update the browser whenever. Firefox is my main browser and it is affecting web surfing as random words are underlined in green and when you hover over them they present some pop up ad. I don't click on it, but it had ruin my web surfing as I have to be careful on where I click. On BleepingComputer.com there is always a toll free number that drops down from the top right corner of the web page and I know that it is not part of the BleepingComputer.






0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users