Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Trying to Remove Oxy and Pilefinder


  • This topic is locked This topic is locked
18 replies to this topic

#1 fondlethebeetroot

fondlethebeetroot

  • Members
  • 11 posts
  • OFFLINE
  •  
  • Local time:09:04 AM

Posted 08 April 2014 - 09:45 AM

I have tried to remove these programmes with standard uninstall, then used the Revo Uninstaller. I keep getting a message saying that the uninstall failed, however it lets me move onto removing any left over programmes that are highlighted in bold?



BC AdBot (Login to Remove)

 


#2 TB-Psychotic

TB-Psychotic

  • Malware Response Team
  • 6,349 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:09:04 AM

Posted 08 April 2014 - 09:52 AM

Hi there,
my name is Marius and I will assist you with your malware related problems.

Before we move on, please read the following points carefully.

  • First, read my instructions completely. If there is anything that you do not understand kindly ask before proceeding.
  • Perform everything in the correct order. Sometimes one step requires the previous one.
  • If you have any problems while following my instructions, Stop there and tell me the exact nature of your problem.
  • Do not run any other scans without instruction or add/remove software unless I tell you to do so. This would change the output of our tools and could be confusing for me.
  • Post all logfiles as a reply rather than as an attachment unless I specifically ask you. If you can not post all logfiles in one reply, feel free to use more posts.
  • If I don't hear from you within 3 days from this initial or any subsequent post, then this thread will be closed.
  • Stay with me. I will give you some advice about prevention after the cleanup process. Absence of symptoms does not always mean the computer is clean.
  • My first language is not english. So please do not use slang or idioms. It could be hard for me to read. Thanks for your understanding.

 

 

 

We need to remove some programs with Revo Uninstaller Free:


Note: Revo Uninstaller is more thorough in deleting programs on your computer than using the Add/Remove option in Windows. Since it is a more powerful tool, please be sure to follow the instructions carefully.
Note: If the program you want to uninstall is not listed by Revo, let me know and we will try an altenate method of removal.

  • Please download and install Revo Uninstaller Free
    note: there is no need to click anything on that page, the download will start automatically
  • Double click Revo Uninstaller to run it
  • From the list of programs double click on the listed program(s), or anything similar, to remove it:

    PileFile reminder
    Oxy
  • When prompted if you want to uninstall click Yes
  • Be sure the Moderate option is selected then click Next
  • The program will run, If prompted again click Yes
  • When the built-in uninstaller is finished click on Next
  • Once the program has searched for leftovers click Next
  • Check the items in bold only on the list then click Delete
    note: you may have to expand some folders by clicking the "+" mark
  • When prompted click on Yes and then on Next
  • Put a check on any folders that are found and select Delete
  • When prompted select Yes then Next
  • Once done click Finish

Proud Member of UNITE & TB
 
My help is free, however, if you want to support my fight against malware, click here --> btn_donate_SM.gif <--(no worries, every little bit helps)

#3 fondlethebeetroot

fondlethebeetroot
  • Topic Starter

  • Members
  • 11 posts
  • OFFLINE
  •  
  • Local time:09:04 AM

Posted 08 April 2014 - 09:58 AM

I have followed all these steps, for both Oxy and Pile File but this message keeps getting displayed on Step 1 of the uninstall? http://imgur.com/ZXPEbhU



#4 TB-Psychotic

TB-Psychotic

  • Malware Response Team
  • 6,349 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:09:04 AM

Posted 09 April 2014 - 02:48 AM

Scan with FRST in normal mode

Please download Farbar's Recovery Scan Tool to your desktop: FRST 32bit or FRST 64bit (If not sure: Start --> Computer (right click) --> properties)

  • Run FRST.
  • Don´t change one of the checkboxes and hit Scan.
  • Logfiles are created on your desktop.
  • Poste the FRST.txt and (after the first scan only!) the Addition.txt.


Proud Member of UNITE & TB
 
My help is free, however, if you want to support my fight against malware, click here --> btn_donate_SM.gif <--(no worries, every little bit helps)

#5 fondlethebeetroot

fondlethebeetroot
  • Topic Starter

  • Members
  • 11 posts
  • OFFLINE
  •  
  • Local time:09:04 AM

Posted 10 April 2014 - 04:06 PM

FRST.txt

Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 13-03-2014 (ATTENTION: ====> FRST version is 28 days old and could be outdated)
Ran by Millar (administrator) on MILLAR on 10-04-2014 22:03:27
Running from C:\Users\Millar\Downloads
Windows 8 (X64) OS Language: English(UK)
Internet Explorer Version 10
Boot Mode: Normal
 
The only official download link for FRST:
Download link from any site other than Bleeping Computer is unpermitted or outdated.
 
==================== Processes (Whitelisted) =================
 
(HP) C:\Program Files (x86)\HP SimplePass\TrueSuiteService.exe
(AMD) C:\Windows\system32\atiesrxx.exe
(AMD) C:\Windows\system32\atieclxx.exe
(IDT, Inc.) C:\Program Files\IDT\WDM\STacSV64.exe
(The Within Network, LLC) C:\Windows\unsignedthemes.exe
(Hewlett-Packard Company) C:\Windows\system32\Hpservice.exe
(Advanced Micro Devices, Inc.) C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(IVT Corporation) C:\Program Files (x86)\Ralink Corporation\Ralink Bluetooth Stack\BlueSoleilCS.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Microsoft Corporation) C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe
(Microsoft Corporation) C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe
(Hewlett-Packard Development Company, L.P.) C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPWMISVC.exe
(Symantec Corporation) C:\Program Files (x86)\Norton 360\Engine\21.2.0.38\N360.exe
(Native Instruments GmbH) C:\Program Files\Common Files\Native Instruments\Hardware\NIHardwareService.exe
(PACE Anti-Piracy, Inc.) C:\Program Files (x86)\Common Files\PACE\Services\LicenseServices\LDSvc.exe
() C:\Windows\SysWOW64\PnkBstrA.exe
() C:\Windows\system32\valWBFPolicyService.exe
(IVT Corporation) C:\Program Files (x86)\Ralink Corporation\Ralink Bluetooth Stack\BsHelpCS.exe
(Symantec Corporation) C:\Program Files (x86)\Norton 360\Engine\21.2.0.38\N360.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Microsoft Corporation) c:\Program Files\Microsoft Mouse and Keyboard Center\ipoint.exe
(Microsoft Corporation) c:\Program Files\Microsoft Mouse and Keyboard Center\itype.exe
(AuthenTec Inc.) C:\Program Files (x86)\HP SimplePass\TouchControl.exe
(IvoSoft) C:\Program Files\Classic Shell\ClassicStartMenu.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16.4.4406.1205_x64__8wekyb3d8bbwe\LiveComm.exe
(CyberLink) C:\Program Files (x86)\CyberLink\Power2Go8\CLMLSvc_P2G8.exe
(CyberLink) C:\Program Files (x86)\CyberLink\YouCam\YCMMirage.exe
() C:\Program Files (x86)\HP SimplePass\IEWebSiteLogon.exe
(AuthenTec, Inc.) C:\Program Files\Common Files\AuthenTec\TrueService.exe
(AuthenTec, Inc.) C:\Program Files\Common Files\AuthenTec\TrueService.exe
(IDT, Inc.) C:\Program Files\IDT\WDM\sttray64.exe
(Google) C:\Program Files (x86)\Google\Drive\googledrivesync.exe
(Flux Software LLC) C:\Users\Millar\AppData\Local\FluxSoftware\Flux\flux.exe
(Spotify Ltd) C:\Users\Millar\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe
(McAfee, Inc.) C:\Program Files\McAfee Security Scan\3.8.141\SSScheduler.exe
(IVT Corporation) C:\Program Files (x86)\Ralink Corporation\Ralink Bluetooth Stack\BtTray.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Office\Office12\ONENOTEM.EXE
(CyberLink Corp.) C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe
(Hewlett-Packard Development Company, L.P.) C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPMSGSVC.exe
(Hewlett-Packard Development Company, L.P.) C:\Program Files (x86)\Hewlett-Packard\HP CoolSense\CoolSense.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\Shared\hpqWmiEx.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Google) C:\Program Files (x86)\Google\Drive\googledrivesync.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe
(Advanced Micro Devices Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
(ATI Technologies Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
(Synaptics Incorporated) C:\PROGRAM FILES\SYNAPTICS\SYNTP\SYNTPHELPER.EXE
(Hewlett-Packard) C:\Program Files (x86)\Hewlett-Packard\HP Connected Remote\HPConnectedRemoteService.exe
(Hewlett-Packard) C:\Program Files (x86)\Hewlett-Packard\HP Connected Remote\HPConnectedRemoteUser.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Outsim) C:\Program Files (x86)\Outsim\SynthMaker\SynthMaker.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(The Audacity Team) C:\Program Files (x86)\Audacity\audacity.exe
(Spotify Ltd) C:\Users\Millar\AppData\Roaming\Spotify\spotify.exe
() C:\Users\Millar\AppData\Roaming\Spotify\Data\SpotifyHelper.exe
() C:\Users\Millar\AppData\Roaming\Spotify\Data\SpotifyHelper.exe
() C:\Users\Millar\AppData\Roaming\Spotify\Data\SpotifyHelper.exe
() C:\Users\Millar\AppData\Roaming\Spotify\Data\SpotifyHelper.exe
() C:\Users\Millar\AppData\Roaming\Spotify\Data\SpotifyHelper.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
 
 
==================== Registry (Whitelisted) ==================
 
HKLM\...\Run: [SysTrayApp] - C:\Program Files\IDT\WDM\sttray64.exe [1664000 2012-10-25] (IDT, Inc.)
HKLM\...\Run: [SynTPEnh] - C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2916152 2012-08-25] (Synaptics Incorporated)
HKLM\...\Run: [CL2 Launcher] - C:\Program Files (x86)\City Life RPG\CL2 Launcher\CL2Launcher.exe [4092928 2012-09-02] (City Life RPG)
HKLM\...\Run: [Classic Start Menu] - C:\Program Files\Classic Shell\ClassicStartMenu.exe [161984 2014-01-18] (IvoSoft)
HKLM-x32\...\Run: [StartCCC] - C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [642656 2013-01-23] (Advanced Micro Devices, Inc.)
HKLM-x32\...\Run: [BtTray] - C:\Program Files (x86)\Ralink Corporation\Ralink Bluetooth Stack\BtTray.exe [371976 2012-09-19] (IVT Corporation)
HKLM-x32\...\Run: [CLVirtualDrive] - C:\Program Files (x86)\CyberLink\Power2Go8\VirtualDrive.exe [491632 2012-09-10] (CyberLink Corp.)
HKLM-x32\...\Run: [] - [X]
HKLM-x32\...\Run: [RemoteControl10] - C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe [93296 2012-07-13] (CyberLink Corp.)
HKLM-x32\...\Run: [HP Quick Launch] - C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPMSGSVC.exe [581024 2012-09-07] (Hewlett-Packard Development Company, L.P.)
HKLM-x32\...\Run: [HP CoolSense] - C:\Program Files (x86)\Hewlett-Packard\HP CoolSense\CoolSense.exe [1342008 2012-09-14] (Hewlett-Packard Development Company, L.P.)
HKLM-x32\...\Run: [APSDaemon] - C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [59720 2013-04-21] (Apple Inc.)
HKLM-x32\...\Run: [iTunesHelper] - C:\Program Files (x86)\iTunes\iTunesHelper.exe [152392 2013-09-17] (Apple Inc.)
HKLM-x32\...\Run: [GrooveMonitor] - C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe [30040 2009-02-26] (Microsoft Corporation)
HKLM-x32\...\Run: [QuickTime Task] - C:\Program Files (x86)\QuickTime\QTTask.exe [421888 2012-04-18] (Apple Inc.)
HKLM-x32\...\Run: [SunJavaUpdateSched] - C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [254336 2013-07-02] (Oracle Corporation)
HKLM-x32\...\Run: [Adobe ARM] - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959904 2013-12-21] (Adobe Systems Incorporated)
HKU\S-1-5-21-2329229836-4189106460-3123090683-1002\...\Run: [iCloudServices] - C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe [59720 2013-04-05] (Apple Inc.)
HKU\S-1-5-21-2329229836-4189106460-3123090683-1002\...\Run: [GoogleDriveSync] - C:\Program Files (x86)\Google\Drive\googledrivesync.exe [21822128 2014-01-30] (Google)
HKU\S-1-5-21-2329229836-4189106460-3123090683-1002\...\Run: [Comrade.exe] - C:\Program Files (x86)\GameSpy\Comrade\Comrade.exe [36864 2007-06-29] (IGN Entertainment Inc.)
HKU\S-1-5-21-2329229836-4189106460-3123090683-1002\...\Run: [f.lux] - C:\Users\Millar\AppData\Local\FluxSoftware\Flux\flux.exe [1017224 2013-10-23] (Flux Software LLC)
HKU\S-1-5-21-2329229836-4189106460-3123090683-1002\...\Run: [Spotify Web Helper] - C:\Users\Millar\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe [1171000 2014-04-10] (Spotify Ltd)
HKU\S-1-5-21-2329229836-4189106460-3123090683-1002\...\Run: [Spotify] - C:\Users\Millar\AppData\Roaming\Spotify\Spotify.exe [6087224 2014-04-10] (Spotify Ltd)
HKU\S-1-5-21-2329229836-4189106460-3123090683-1002\...\MountPoints2: {a123db55-e6e4-11e2-be72-806e6f6e6963} - "E:\autorun.exe" 
Startup: C:\Users\Millar\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OneNote 2007 Screen Clipper and Launcher.lnk
ShortcutTarget: OneNote 2007 Screen Clipper and Launcher.lnk -> C:\Program Files (x86)\Microsoft Office\Office12\ONENOTEM.EXE (Microsoft Corporation)
 
==================== Internet (Whitelisted) ====================
 
HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://g.uk.msn.com/HPNOT13/2
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://g.uk.msn.com/HPNOT13/2
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = http://g.uk.msn.com/HPNOT13/2
SearchScopes: HKLM - {63D69030-462C-580E-3D42-391DED276233} URL = http://www.bing.com/search?q={searchTerms}&form=IE10TR&src=IE10TR&pc=HPNTDFJS
SearchScopes: HKLM - {D944BB61-2E34-4DBF-A683-47E505C587DC} URL = http://rover.ebay.com/rover/1/710-29550-11896-25/4 ?mpre=http%3A%2F%2Fwww.ebay.com%2Fsch%2F%3F_nkw%3D{searchTerms}&keyword={searchTerms}
BHO: ExplorerBHO Class - {449D0D6E-2412-4E61-B68F-1CB625CD9E52} - C:\Program Files\Classic Shell\ClassicExplorer64.dll (IvoSoft)
BHO: Norton Identity Protection - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - C:\Program Files (x86)\Norton 360\Engine64\21.2.0.38\coIEPlg.dll (Symantec Corporation)
BHO: Skype add-on for Internet Explorer - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll (Microsoft Corporation)
BHO: ClassicIEBHO Class - {EA801577-E6AD-4BD5-8F71-4BE0154331A4} - C:\Program Files\Classic Shell\ClassicIEDLL_64.dll (IvoSoft)
BHO-x32: MSS+ Identifier - {0E8A89AD-95D7-40EB-8D9D-083EF7066A01} - C:\Program Files\McAfee Security Scan\3.8.141\McAfeeMSS_IE.dll (McAfee, Inc.)
BHO-x32: ExplorerBHO Class - {449D0D6E-2412-4E61-B68F-1CB625CD9E52} - C:\Program Files\Classic Shell\ClassicExplorer32.dll (IvoSoft)
BHO-x32: Norton Identity Protection - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - C:\Program Files (x86)\Norton 360\Engine\21.2.0.38\coIEPlg.dll (Symantec Corporation)
BHO-x32: Norton Vulnerability Protection - {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\Program Files (x86)\Norton 360\Engine\21.2.0.38\IPS\IPSBHO.DLL (Symantec Corporation)
BHO-x32: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll (Microsoft Corporation)
BHO-x32: Java™ Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO-x32: Skype Browser Helper - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll (Microsoft Corporation)
BHO-x32: Java™ Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
BHO-x32: HP Network Check Helper - {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll (Hewlett-Packard)
BHO-x32: ClassicIEBHO Class - {EA801577-E6AD-4BD5-8F71-4BE0154331A4} - C:\Program Files\Classic Shell\ClassicIEDLL_32.dll (IvoSoft)
Toolbar: HKLM - Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton 360\Engine64\21.2.0.38\coIEPlg.dll (Symantec Corporation)
Toolbar: HKLM - No Name - {ae07101b-46d4-4a98-af68-0333ea26e113} -  No File
Toolbar: HKLM - Classic Explorer Bar - {553891B7-A0D5-4526-BE18-D3CE461D6310} - C:\Program Files\Classic Shell\ClassicExplorer64.dll (IvoSoft)
Toolbar: HKLM-x32 - Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton 360\Engine\21.2.0.38\coIEPlg.dll (Symantec Corporation)
Toolbar: HKLM-x32 - No Name - {ae07101b-46d4-4a98-af68-0333ea26e113} -  No File
Toolbar: HKLM-x32 - Classic Explorer Bar - {553891B7-A0D5-4526-BE18-D3CE461D6310} - C:\Program Files\Classic Shell\ClassicExplorer32.dll (IvoSoft)
Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll (Microsoft Corporation)
Handler-x32: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll (Microsoft Corporation)
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Tcpip\Parameters: [DhcpNameServer] 192.168.1.254
 
FireFox:
========
FF ProfilePath: C:\Users\Millar\AppData\Roaming\Mozilla\Firefox\Profiles\qtsgsxxf.default
FF user.js: detected! => C:\Users\Millar\AppData\Roaming\Mozilla\Firefox\Profiles\qtsgsxxf.default\user.js
FF SelectedSearchEngine: Google
FF Homepage: about:home
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files\Microsoft Silverlight\5.1.30214.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @adobe.com/ShockwavePlayer - C:\windows\SysWOW64\Adobe\Director\np32dsw_1166636.dll (Adobe Systems, Inc.)
FF Plugin-x32: @Apple.com/iTunes,version=1.0 - C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF Plugin-x32: @authentec.com/ffwloplugin - C:\Program Files (x86)\HP SimplePass\npffwloplugin.dll ( HP)
FF Plugin-x32: @java.com/DTPlugin,version=10.51.2 - C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.51.2 - C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @mcafee.com/McAfeeMssPlugin - C:\Program Files\McAfee Security Scan\3.8.141\npMcAfeeMss.dll (McAfee, Inc.)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files (x86)\Microsoft Silverlight\5.1.30214.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3503.0728 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 - C:\Program Files (x86)\Google\Update\1.3.23.9\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 - C:\Program Files (x86)\Google\Update\1.3.23.9\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @WildTangent.com/GamesAppPresenceDetector,Version=1.0 - C:\Program Files (x86)\WildTangent Games\App\BrowserIntegration\Registered\0\NP_wtapp.dll ()
FF Plugin-x32: Adobe Reader - C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin HKCU: @unity3d.com/UnityPlayer,version=1.0 - C:\Users\Millar\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll (Unity Technologies ApS)
FF SearchPlugin: C:\Users\Millar\AppData\Roaming\Mozilla\Firefox\Profiles\qtsgsxxf.default\searchplugins\conduit-search.xml
FF HKLM-x32\...\Firefox\Extensions: [{2D3F3651-74B9-4795-BDEC-6DA2F431CB62}] - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_21.1.0.18\coFFPlgn\
FF Extension: Norton Toolbar - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_21.1.0.18\coFFPlgn\ []
FF HKLM-x32\...\Firefox\Extensions: [{BBDA0591-3099-440a-AA10-41764D9DB4DB}] - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_21.1.0.18\IPSFF
FF Extension: Norton Vulnerability Protection - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_21.1.0.18\IPSFF [2013-11-18]
 
Chrome: 
=======
CHR HomePage: hxxp://start.mysearchdial.com/?f=1&a=airmsd&cd=2XzuyEtN2Y1L1Qzu0B0CzzyDyDyC0BtCzzyDyE0F0E0BtC0BtN0D0Tzu0CyCyCtBtN1L2XzutBtFtBtFyEtFyBtAtCtN1L1Czu1T1L1C1H1B1Q&cr=119392575&ir=
CHR DefaultSearchKeyword: google.co.uk
CHR Plugin: (Shockwave Flash) - C:\Program Files (x86)\Google\Chrome\Application\34.0.1847.116\PepperFlash\pepflashplayer.dll ()
CHR Plugin: (Chrome Remote Desktop Viewer) - internal-remoting-viewer
CHR Plugin: (Native Client) - C:\Program Files (x86)\Google\Chrome\Application\34.0.1847.116\ppGoogleNaClPluginChrome.dll ()
CHR Plugin: (Chrome PDF Viewer) - C:\Program Files (x86)\Google\Chrome\Application\34.0.1847.116\pdf.dll ()
CHR Plugin: (Google Update) - C:\Program Files (x86)\Google\Update\1.3.21.153\npGoogleUpdate3.dll No File
CHR Plugin: (Simple Pass) - C:\Program Files (x86)\HP SimplePass\npffwloplugin.dll ( HP)
CHR Plugin: (WildTangent Games App V2 Presence Detector) - C:\Program Files (x86)\WildTangent Games\App\BrowserIntegration\Registered\0\NP_wtapp.dll ()
CHR Plugin: (Photo Gallery) - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
CHR Plugin: (Shockwave for Director) - C:\windows\SysWOW64\Adobe\Director\np32dsw_1166636.dll (Adobe Systems, Inc.)
CHR Extension: (Google Docs) - C:\Users\Millar\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2013-08-31]
CHR Extension: (Google Drive) - C:\Users\Millar\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2013-08-31]
CHR Extension: (YouTube Options) - C:\Users\Millar\AppData\Local\Google\Chrome\User Data\Default\Extensions\bdokagampppgbnjfdlkfpphniapiiifn [2013-12-23]
CHR Extension: (YouTube) - C:\Users\Millar\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2013-08-31]
CHR Extension: (SmoothScroll) - C:\Users\Millar\AppData\Local\Google\Chrome\User Data\Default\Extensions\cccpiddacjljmfbbgeimpelpndgpoknn [2013-11-24]
CHR Extension: (Adblock Plus) - C:\Users\Millar\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2013-12-14]
CHR Extension: (Google Search) - C:\Users\Millar\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2013-08-31]
CHR Extension: (Google News) - C:\Users\Millar\AppData\Local\Google\Chrome\User Data\Default\Extensions\dllkocilcinkggkchnjgegijklcililc [2013-11-22]
CHR Extension: (Reditr Web App - The Best Reddit Client) - C:\Users\Millar\AppData\Local\Google\Chrome\User Data\Default\Extensions\ejmiceoebcclihjdpnmmkdcmcboekibc [2014-02-03]
CHR Extension: (Website Logon) - C:\Users\Millar\AppData\Local\Google\Chrome\User Data\Default\Extensions\fegekclkdhbnfdcmomlpegkkndgnmfmo [2013-08-31]
CHR Extension: (Classic blue theme) - C:\Users\Millar\AppData\Local\Google\Chrome\User Data\Default\Extensions\gapfoeoijjkibljnhednndeabimdilek [2014-04-10]
CHR Extension: (Hola Better Internet) - C:\Users\Millar\AppData\Local\Google\Chrome\User Data\Default\Extensions\gkojfkhlekighikafcpjkiklfbnlmeio [2013-10-05]
CHR Extension: (Stencil Graffiti Creator) - C:\Users\Millar\AppData\Local\Google\Chrome\User Data\Default\Extensions\kamlhhebdhbhbnekgdbpfheacleljimo [2013-09-24]
CHR Extension: (Skype Click to Call) - C:\Users\Millar\AppData\Local\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl [2014-03-02]
CHR Extension: (Facebook Messenger) - C:\Users\Millar\AppData\Local\Google\Chrome\User Data\Default\Extensions\mdapmeleikeppmfgadilffngabfpibok [2014-03-17]
CHR Extension: (Norton Identity Protection) - C:\Users\Millar\AppData\Local\Google\Chrome\User Data\Default\Extensions\mkfokfffehpeedafpekjeddnmnjhmcmk [2013-09-15]
CHR Extension: (Google Wallet) - C:\Users\Millar\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2013-08-31]
CHR Extension: (Gmail) - C:\Users\Millar\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2013-08-31]
CHR HKLM\...\Chrome\Extension: [pflphaooapbgpeakohlggbpidpppgdff] - C:\Users\Millar\AppData\Local\mysearchdial_speedial_v9.0.2.crx [2013-10-23]
CHR HKCU\...\Chrome\Extension: [pflphaooapbgpeakohlggbpidpppgdff] - C:\Users\Millar\AppData\Local\mysearchdial_speedial_v9.0.2.crx [2013-10-23]
CHR HKLM-x32\...\Chrome\Extension: [fegekclkdhbnfdcmomlpegkkndgnmfmo] - C:\Program Files (x86)\HP SimplePass\tschrome.crx [2012-07-12]
CHR HKLM-x32\...\Chrome\Extension: [lifbcibllhkdhoafpjfnlhfpfgnpldfl] - C:\Program Files (x86)\Skype\Toolbars\ChromeExtension\skype_chrome_extension.crx [2014-01-03]
CHR HKLM-x32\...\Chrome\Extension: [mkfokfffehpeedafpekjeddnmnjhmcmk] - C:\Program Files (x86)\Norton 360\Engine\21.2.0.38\Exts\Chrome.crx [2014-03-23]
CHR HKLM-x32\...\Chrome\Extension: [pflphaooapbgpeakohlggbpidpppgdff] - C:\Users\Millar\AppData\Local\mysearchdial_speedial_v9.0.2.crx [2013-10-23]
 
==================== Services (Whitelisted) =================
 
R2 AMD FUEL Service; C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe [361984 2013-01-23] (Advanced Micro Devices, Inc.)
S3 BEService; C:\Program Files (x86)\Common Files\BattlEye\BEService.exe [49152 2014-02-16] ()
R2 BlueSoleilCS; C:\Program Files (x86)\Ralink Corporation\Ralink Bluetooth Stack\BlueSoleilCS.exe [1612552 2012-09-26] (IVT Corporation)
R3 BsHelpCS; C:\Program Files (x86)\Ralink Corporation\Ralink Bluetooth Stack\BsHelpCS.exe [146184 2012-09-19] (IVT Corporation)
R2 c2cautoupdatesvc; C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe [1363616 2014-01-03] (Microsoft Corporation)
R2 c2cpnrsvc; C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe [1748640 2014-01-03] (Microsoft Corporation)
R2 FPLService; C:\Program Files (x86)\HP SimplePass\TrueSuiteService.exe [1641320 2012-08-10] (HP)
R2 HPConnectedRemote; C:\Program Files (x86)\Hewlett-Packard\HP Connected Remote\HPConnectedRemoteService.exe [37760 2012-11-27] (Hewlett-Packard)
S3 McComponentHostService; C:\Program Files\McAfee Security Scan\3.8.141\McCHSvc.exe [289256 2014-01-16] (McAfee, Inc.)
R2 N360; C:\Program Files (x86)\Norton 360\Engine\21.2.0.38\N360.exe [265040 2014-03-12] (Symantec Corporation)
R2 PnkBstrA; C:\Windows\SysWOW64\PnkBstrA.exe [66872 2014-01-09] ()
R3 TrueService; C:\Program Files\Common Files\AuthenTec\TrueService.exe [401256 2012-07-16] (AuthenTec, Inc.)
R2 UnsignedThemes; C:\Windows\unsignedthemes.exe [13824 2013-09-23] (The Within Network, LLC)
R2 valWBFPolicyService; C:\Windows\system32\valWBFPolicyService.exe [28160 2012-09-06] ()
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [16048 2013-10-25] (Microsoft Corporation)
 
==================== Drivers (Whitelisted) ====================
 
R0 amdkmpfd; C:\Windows\System32\drivers\amdkmpfd.sys [36520 2012-09-14] (Advanced Micro Devices, Inc.)
R3 AtiHDAudioService; C:\Windows\system32\drivers\AtihdW86.sys [91648 2012-08-22] (Advanced Micro Devices)
R3 automap; C:\Windows\system32\DRIVERS\automap.sys [18776 2012-04-19] (Focusrite Audio Engineering Limited)
R1 BHDrvx64; C:\Program Files (x86)\Norton 360\NortonData\21.1.0.18\Definitions\BASHDefs\20140319.001\BHDrvx64.sys [1525976 2014-03-19] (Symantec Corporation)
U5 BlueletAudio; C:\Windows\System32\Drivers\BlueletAudio.sys [34912 2012-06-15] (Ralink Corporation.)
R3 BtAudioBusSrv; C:\Windows\System32\Drivers\BtAudioBus.sys [23136 2012-06-15] (IVT Corporation)
U4 BthAvrcpTg; 
U4 BthHFEnum; 
U4 bthhfhid; 
S3 BthL2caScoIfSrv; C:\Windows\System32\Drivers\BtL2caScoIf.sys [56904 2012-07-19] (Ralink Corporation)
S3 BthLEEnum; C:\Windows\system32\DRIVERS\BthLEEnum.sys [202752 2012-07-26] (Microsoft Corporation)
S3 btUrbFilterDrv; C:\Windows\System32\Drivers\IvtUrbBtFlt.sys [48608 2012-10-02] (Ralink Corporation)
R1 ccSet_N360; C:\Windows\system32\drivers\N360x64\1502000.026\ccSetx64.sys [162392 2013-09-26] (Symantec Corporation)
R1 CLVirtualDrive; C:\Windows\system32\DRIVERS\CLVirtualDrive.sys [92536 2012-06-25] (CyberLink)
R1 eeCtrl; C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\eeCtrl64.sys [484952 2013-11-23] (Symantec Corporation)
R3 EraserUtilRebootDrv; C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys [137648 2013-11-21] (Symantec Corporation)
S3 ffusb2audio; C:\Windows\system32\DRIVERS\ffusb2audio.sys [57688 2011-07-07] (Focusrite Audio Engineering Limited.)
R1 IDSVia64; C:\Program Files (x86)\Norton 360\NortonData\21.1.0.18\Definitions\IPSDefs\20140409.001\IDSvia64.sys [525016 2014-03-26] (Symantec Corporation)
R3 NAVENG; C:\Program Files (x86)\Norton 360\NortonData\21.1.0.18\Definitions\VirusDefs\20140410.001\ENG64.SYS [126040 2014-04-09] (Symantec Corporation)
R3 NAVEX15; C:\Program Files (x86)\Norton 360\NortonData\21.1.0.18\Definitions\VirusDefs\20140410.001\EX64.SYS [2099288 2014-04-09] (Symantec Corporation)
R3 NIWinCDEmu; C:\Windows\System32\drivers\NIWinCDEmu.sys [111696 2014-02-22] ()
R3 rtbth; C:\Windows\System32\drivers\rtbth.sys [1204424 2013-12-02] (Ralink Technology, Corp.)
R3 SmbDrv; C:\Windows\system32\DRIVERS\Smb_driver_AMDASF.sys [41272 2012-08-25] (Synaptics Incorporated)
S3 SmbDrvI; C:\Windows\System32\drivers\Smb_driver_Intel.sys [43832 2012-08-25] (Synaptics Incorporated)
R3 SRTSP; C:\Windows\System32\Drivers\N360x64\1502000.026\SRTSP64.SYS [875736 2014-02-13] (Symantec Corporation)
R1 SRTSPX; C:\Windows\system32\drivers\N360x64\1502000.026\SRTSPX64.SYS [36952 2013-09-10] (Symantec Corporation)
R0 SymDS; C:\Windows\System32\drivers\N360x64\1502000.026\SYMDS64.SYS [493656 2013-09-10] (Symantec Corporation)
R0 SymEFA; C:\Windows\System32\drivers\N360x64\1502000.026\SYMEFA64.SYS [1148120 2014-03-04] (Symantec Corporation)
S0 SymELAM; C:\Windows\System32\drivers\N360x64\1502000.026\SymELAM.sys [23568 2013-09-10] (Symantec Corporation)
R3 SymEvent; C:\Windows\system32\Drivers\SYMEVENT64x86.SYS [177752 2013-11-17] (Symantec Corporation)
R1 SymIRON; C:\Windows\system32\drivers\N360x64\1502000.026\Ironx64.SYS [264280 2013-09-27] (Symantec Corporation)
R1 SymNetS; C:\Windows\System32\Drivers\N360x64\1502000.026\SYMNETS.SYS [593112 2014-02-18] (Symantec Corporation)
R0 Tpkd; C:\Windows\SysWow64\Drivers\Tpkd.sys [70048 2005-01-12] (PACE Anti-Piracy, Inc.)
R2 uxstyle; C:\Windows\system32\Drivers\uxstyle.sys [31440 2013-09-23] (The Within Network, LLC)
R3 WirelessButtonDriver; C:\Windows\System32\drivers\WirelessButtonDriver64.sys [20800 2012-08-31] (Hewlett-Packard Development Company, L.P.)
R1 wStLibG64; C:\Windows\System32\drivers\wStLibG64.sys [61120 2014-03-25] (StdLib)
U5 BlueletAudio; C:\Windows\SysWOW64\Drivers\BlueletAudio.sys [34912 2012-06-15] (Ralink Corporation.)
 
==================== NetSvcs (Whitelisted) ===================
 
 
==================== One Month Created Files and Folders ========
 
2014-04-09 20:01 - 2014-04-09 20:01 - 00735330 _____ () C:\Users\Millar\Desktop\hammond .psd
2014-04-09 19:58 - 2014-04-09 19:58 - 00014337 _____ () C:\Users\Millar\Downloads\Know-your-product.zip
2014-04-09 19:50 - 2014-04-10 01:54 - 00048328 _____ () C:\Users\Millar\Downloads\Hammond.osm
2014-04-09 02:38 - 2014-04-09 02:38 - 00000000 ____D () C:\Users\Millar\AppData\Roaming\Unity
2014-04-09 02:27 - 2014-04-09 02:27 - 00000000 ____D () C:\Users\Millar\AppData\Local\Unity
2014-04-09 02:26 - 2014-04-09 02:26 - 01070496 _____ (Unity Technologies ApS) C:\Users\Millar\Downloads\UnityWebPlayer.exe
2014-04-08 23:51 - 2014-02-06 00:41 - 01257984 _____ (Microsoft Corporation) C:\Windows\system32\kernel32.dll
2014-04-08 23:51 - 2014-02-06 00:41 - 00978432 _____ (Microsoft Corporation) C:\Windows\system32\KernelBase.dll
2014-04-08 23:51 - 2014-02-06 00:26 - 00666112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KernelBase.dll
2014-04-08 23:51 - 2014-02-06 00:19 - 00974848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kernel32.dll
2014-04-08 21:42 - 2014-04-08 21:43 - 03996110 _____ () C:\Users\Millar\Downloads\Lab Session 11-14(1).zip
2014-04-08 21:33 - 2014-04-08 21:33 - 00005828 _____ () C:\Users\Millar\Downloads\zian.zip
2014-04-08 19:56 - 2014-04-08 20:23 - 220479777 _____ () C:\Users\Millar\Downloads\Lab Session 15-16 (1).zip
2014-04-08 19:09 - 2014-04-08 19:52 - 46550000 _____ () C:\Users\Millar\Downloads\Lab Session 10.zip
2014-04-08 19:09 - 2014-04-08 19:10 - 01661813 _____ () C:\Users\Millar\Downloads\Lab Session 17(1).zip
2014-04-08 18:48 - 2014-04-08 19:09 - 156172313 _____ () C:\Users\Millar\Downloads\Lab Session 08(1).zip
2014-04-08 18:28 - 2012-08-12 14:59 - 00001688 _____ () C:\Users\Millar\Desktop\Outsim Synthmaker Professional 2.0.5.TXT
2014-04-08 18:28 - 2012-08-03 15:59 - 00001391 _____ () C:\Users\Millar\Desktop\Premium Accounts.TXT
2014-04-08 18:28 - 2012-07-20 13:20 - 00000302 _____ () C:\Users\Millar\Desktop\Installation Instructions Full Version.txt
2014-04-08 18:28 - 2011-08-10 00:00 - 08729196 _____ () C:\Users\Millar\Desktop\setupSynthMaker_Pro_2_0_5.exe
2014-04-08 18:25 - 2014-04-08 18:28 - 08850095 _____ () C:\Users\Millar\Downloads\976205ospfl.rar
2014-04-08 15:31 - 2014-04-08 15:31 - 00001268 _____ () C:\Users\Millar\Desktop\Revo Uninstaller.lnk
2014-04-08 15:31 - 2014-04-08 15:31 - 00000000 ____D () C:\Program Files (x86)\VS Revo Group
2014-04-08 15:30 - 2014-04-08 15:31 - 00064598 _____ () C:\Users\Millar\Downloads\Addition.txt
2014-04-08 15:30 - 2014-04-08 15:30 - 02623656 _____ (VS Revo Group Ltd.) C:\Users\Millar\Downloads\revosetup.exe
2014-04-08 15:28 - 2014-04-10 22:03 - 00031344 _____ () C:\Users\Millar\Downloads\FRST.txt
2014-04-08 15:28 - 2014-04-10 22:03 - 00000000 ____D () C:\FRST
2014-04-08 15:28 - 2014-04-08 15:29 - 04118841 _____ () C:\Users\Millar\Downloads\tdsskiller.zip
2014-04-08 15:27 - 2014-04-08 15:28 - 02157056 _____ (Farbar) C:\Users\Millar\Downloads\FRST64.exe
2014-04-07 04:59 - 2014-04-08 22:45 - 00109648 _____ () C:\Users\Millar\Downloads\Updated Synth 1.8.osm
2014-04-05 16:47 - 2014-04-05 16:47 - 00001068 _____ () C:\Users\Millar\Desktop\SynthMaker.lnk
2014-04-05 16:45 - 2014-04-05 16:46 - 00000000 ____D () C:\Users\Millar\Desktop\ddddddddd
2014-04-05 16:44 - 2014-04-05 16:45 - 14955629 _____ () C:\Users\Millar\Downloads\Outsim.SynthMaker.v1.08a-AiR.rar
2014-04-05 16:05 - 2014-04-05 16:05 - 00018222 _____ () C:\Users\Millar\Downloads\danube.zip
2014-04-05 16:01 - 2014-04-05 16:56 - 00646989 _____ () C:\Users\Millar\Downloads\Updated Synth 1.osm
2014-04-04 16:09 - 2014-04-10 16:51 - 00000000 ____D () C:\Users\Millar\AppData\Local\Spotify
2014-04-04 16:09 - 2014-04-04 16:09 - 00001772 _____ () C:\Users\Millar\Desktop\Spotify.lnk
2014-04-04 16:09 - 2014-04-04 16:09 - 00001758 _____ () C:\Users\Millar\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Spotify.lnk
2014-04-04 16:07 - 2014-04-10 21:58 - 00000000 ____D () C:\Users\Millar\AppData\Roaming\Spotify
2014-04-04 16:07 - 2014-04-04 16:07 - 00127080 _____ (Spotify Ltd) C:\Users\Millar\Downloads\SpotifySetup.exe
2014-04-03 02:17 - 2014-04-03 02:25 - 220479777 _____ () C:\Users\Millar\Downloads\Lab Session 15-16.zip
2014-04-02 21:17 - 2014-04-02 21:19 - 00000000 ____D () C:\Users\Millar\Downloads\raku_massive_soundset
2014-04-02 21:16 - 2014-04-02 21:16 - 00044996 _____ () C:\Users\Millar\Downloads\raku_massive_soundset.rar
2014-03-31 22:15 - 2014-03-31 23:42 - 619100112 _____ () C:\Users\Millar\Downloads\FunctionLoops-VocalsWithLokka3.zip
2014-03-31 22:13 - 2014-04-02 23:42 - 00000000 ____D () C:\Users\Millar\AppData\Local\Reditr
2014-03-31 22:13 - 2014-03-31 22:13 - 00000983 _____ () C:\Users\Public\Desktop\reditr.lnk
2014-03-31 22:13 - 2014-03-31 22:13 - 00000000 ____D () C:\Program Files (x86)\reditr
2014-03-31 22:06 - 2014-03-31 22:12 - 26742293 _____ (Reditr Software ) C:\Users\Millar\Downloads\reditr-setup.exe
2014-03-31 20:54 - 2014-03-31 20:54 - 00003592 _____ () C:\Windows\System32\Tasks\Oxy
2014-03-31 20:54 - 2014-03-31 20:54 - 00000000 ____D () C:\Users\Millar\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Oxy
2014-03-31 20:53 - 2014-03-31 20:54 - 00000000 ____D () C:\Users\Millar\AppData\Roaming\Oxy
2014-03-31 20:53 - 2014-03-31 20:53 - 00003564 _____ () C:\Windows\System32\Tasks\PileFile reminder
2014-03-31 20:53 - 2014-03-31 20:53 - 00003152 _____ () C:\Windows\System32\Tasks\PileFile logon
2014-03-31 20:52 - 2014-03-31 20:53 - 05456976 _____ () C:\Users\Millar\Downloads\Goat_Simulator_Downloader.exe
2014-03-31 19:42 - 2014-03-31 19:42 - 00003118 _____ () C:\Windows\System32\Tasks\Microsoft_Hardware_Launch_mousekeyboardcenter_exe
2014-03-31 19:42 - 2014-03-31 19:42 - 00003092 _____ () C:\Windows\System32\Tasks\Microsoft_Hardware_Launch_ipoint_exe
2014-03-31 19:42 - 2014-03-31 19:42 - 00003090 _____ () C:\Windows\System32\Tasks\Microsoft_Hardware_Launch_itype_exe
2014-03-31 19:42 - 2014-03-31 19:42 - 00003062 _____ () C:\Windows\System32\Tasks\Microsoft_MKC_Logon_Task_ipoint.exe
2014-03-31 19:42 - 2014-03-31 19:42 - 00003060 _____ () C:\Windows\System32\Tasks\Microsoft_MKC_Logon_Task_itype.exe
2014-03-31 19:41 - 2014-03-31 19:41 - 00000000 ____D () C:\Program Files\Microsoft Mouse and Keyboard Center
2014-03-31 19:38 - 2014-03-31 19:40 - 49662160 _____ (Microsoft Corporation) C:\Users\Millar\Downloads\MouseKeyboardCenter_64bit_ENG_2.2.173.exe
2014-03-31 02:41 - 2014-04-10 22:03 - 00000000 ____D () C:\Users\Millar\AppData\Roaming\ClassicShell
2014-03-31 02:41 - 2014-03-31 02:41 - 00000000 ____D () C:\Program Files\Classic Shell
2014-03-31 02:39 - 2014-03-31 02:39 - 05631168 _____ (IvoSoft) C:\Users\Millar\Downloads\ClassicShellSetup_4_0_4.exe
2014-03-30 23:08 - 2014-03-30 23:08 - 49974199 _____ () C:\Users\Millar\Desktop\Theme Track.zip
2014-03-30 23:06 - 2014-04-10 20:55 - 00000000 ____D () C:\Users\Millar\Desktop\Theme Track
2014-03-30 22:04 - 2014-03-30 22:04 - 03962429 _____ () C:\Users\Millar\Downloads\SCI-FI Theme.m4a
2014-03-30 01:49 - 2014-03-30 01:49 - 00000000 ____D () C:\Users\Millar\Documents\Electronic Arts
2014-03-30 01:49 - 2014-03-30 01:49 - 00000000 ____D () C:\Users\Millar\AppData\Local\Electronic Arts
2014-03-30 01:41 - 2014-03-30 01:41 - 00000000 ____D () C:\Users\Millar\Desktop\New folder (2)
2014-03-30 01:41 - 2014-03-30 01:41 - 00000000 ____D () C:\Users\Millar\Desktop\eeeee
2014-03-30 01:39 - 2014-03-30 01:40 - 00000000 ____D () C:\Users\Millar\Desktop\New Folder
2014-03-30 00:58 - 2014-03-30 01:35 - 1022865769 _____ () C:\Users\Millar\Downloads\Native.Instruments.Guitar.Rig.5.Pro.STANDALONE.VST.RTAS.v5.0.2.x86.x64-ASSiGN(Murlok).rar
2014-03-29 22:24 - 2014-03-29 22:25 - 05412111 _____ () C:\Users\Millar\Downloads\attachments.zip
2014-03-28 17:24 - 2014-03-28 17:28 - 00000000 ____D () C:\Program Files (x86)\Origin Games
2014-03-28 17:24 - 2014-03-28 17:26 - 58985109 _____ () C:\Users\Millar\Downloads\Halo Soundtrack.zip
2014-03-28 17:21 - 2014-03-29 23:38 - 00000000 ____D () C:\Users\Millar\AppData\Roaming\Origin
2014-03-28 17:21 - 2014-03-28 17:27 - 00000000 ____D () C:\Users\Millar\AppData\Local\Origin
2014-03-28 17:16 - 2014-03-31 15:40 - 00000000 ____D () C:\ProgramData\Origin
2014-03-28 17:16 - 2014-03-31 15:40 - 00000000 ____D () C:\Program Files (x86)\Origin
2014-03-28 17:16 - 2014-03-30 01:49 - 00000000 ____D () C:\ProgramData\Electronic Arts
2014-03-28 17:16 - 2014-03-28 17:16 - 00000983 _____ () C:\Users\Public\Desktop\Origin.lnk
2014-03-28 17:14 - 2014-03-28 17:14 - 17009704 _____ (Electronic Arts, Inc.) C:\Users\Millar\Downloads\OriginThinSetup.exe
2014-03-27 01:34 - 2014-03-27 01:34 - 00031863 ____T () C:\Users\Millar\Desktop\DR0000_0155.wav.asd
2014-03-27 01:34 - 2014-03-27 01:33 - 03857584 _____ () C:\Users\Millar\Desktop\DR0000_0155.wav
2014-03-25 19:01 - 2014-03-25 19:01 - 00000000 ____D () C:\Windows\System32\Tasks\Norton 360
2014-03-25 01:52 - 2014-03-25 01:52 - 00061120 _____ (StdLib) C:\Windows\system32\Drivers\wStLibG64.sys
2014-03-24 21:18 - 2014-03-24 21:19 - 05819500 _____ () C:\Users\Millar\Downloads\ALL Presets & Samples ZIP.zip
2014-03-24 17:10 - 2014-03-24 17:10 - 00000000 ____D () C:\Users\Millar\Documents\Optimizer Pro
2014-03-24 17:09 - 2014-03-24 17:09 - 00004535 _____ () C:\Users\Millar\AppData\Roaming\CamStudio.cfg
2014-03-24 17:09 - 2014-03-24 17:09 - 00000408 _____ () C:\Users\Millar\AppData\Roaming\CamShapes.ini
2014-03-24 17:09 - 2014-03-24 17:09 - 00000408 _____ () C:\Users\Millar\AppData\Roaming\CamLayout.ini
2014-03-24 17:09 - 2014-03-24 17:09 - 00000046 _____ () C:\Users\Millar\AppData\Roaming\Camdata.ini
2014-03-24 17:07 - 2014-03-24 17:08 - 00000000 ____D () C:\Users\Millar\Documents\My CamStudio Temp Files
2014-03-24 17:06 - 2014-03-24 17:06 - 00000096 _____ () C:\Users\Millar\AppData\Roaming\version2.xml
2014-03-24 17:05 - 2014-03-25 18:53 - 00000000 ____D () C:\Program Files (x86)\Mega Browse
2014-03-24 17:05 - 2014-03-24 17:09 - 00000000 ____D () C:\Program Files\CamStudio 2.7
2014-03-24 17:04 - 2014-03-24 17:04 - 00665840 _____ ( ) C:\Users\Millar\Downloads\CamStudio_Setup_v2.7.2_r326_(build_19Oct2013).exe
2014-03-24 17:00 - 2014-03-24 17:02 - 00000000 ____D () C:\Users\Millar\AppData\Roaming\Gif Recorder
2014-03-24 17:00 - 2014-03-24 17:00 - 00000000 ____D () C:\Users\Millar\AppData\Local\Gif Recorder
2014-03-24 16:59 - 2014-03-24 16:59 - 01461304 _____ () C:\Users\Millar\Desktop\gifrecordersetup.exe
2014-03-24 16:59 - 2013-04-26 11:11 - 01616896 _____ () C:\Users\Millar\Downloads\gifrecorder.msi
2014-03-24 16:58 - 2014-03-24 16:58 - 00389448 _____ (Softonic ) C:\Users\Millar\Downloads\SoftonicDownloader_for_gif-recorder.exe
2014-03-22 18:11 - 2013-12-18 22:04 - 00264616 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaws.exe
2014-03-22 18:10 - 2014-03-22 18:10 - 00005175 _____ () C:\Windows\SysWOW64\jupdate-1.7.0_51-b13.log
2014-03-22 18:10 - 2013-12-18 22:09 - 00096168 _____ (Oracle Corporation) C:\Windows\SysWOW64\WindowsAccessBridge-32.dll
2014-03-22 18:10 - 2013-12-18 22:04 - 00175016 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaw.exe
2014-03-22 18:10 - 2013-12-18 22:03 - 00174504 _____ (Oracle Corporation) C:\Windows\SysWOW64\java.exe
2014-03-22 18:05 - 2014-03-22 18:06 - 457468147 _____ () C:\Users\Millar\Desktop\Deadmau5 Xfer.zip
2014-03-22 17:57 - 2014-03-22 18:01 - 00000000 ____D () C:\Users\Millar\Desktop\Deadmau5 Xfer
2014-03-20 19:57 - 2014-03-20 19:57 - 00399167 ____T () C:\Users\Millar\Downloads\Aretha Franklin - A Deeper Love (Acapella).mp3.asd
2014-03-20 00:33 - 2014-03-20 00:40 - 71201014 _____ () C:\Users\Millar\Downloads\Audio Animals - Repulsive Wavz.zip
2014-03-18 20:07 - 2014-03-18 20:07 - 00150305 _____ () C:\Users\Millar\Downloads\Myriad Apple TTF.rar
2014-03-18 05:14 - 2014-03-18 05:14 - 00000000 ____D () C:\Program Files\McAfee Security Scan
2014-03-16 23:00 - 2014-03-16 23:00 - 00272664 _____ (Trusteer Ltd.) C:\Users\Millar\Downloads\RapportSetup.exe
2014-03-16 23:00 - 2014-03-16 23:00 - 00000000 ____D () C:\ProgramData\Trusteer
2014-03-16 16:02 - 2014-04-10 13:19 - 02407896 _____ () C:\Windows\system32\FNTCACHE.DAT
2014-03-14 22:53 - 2014-03-14 22:53 - 00263293 _____ () C:\Users\Millar\Downloads\arsenal.zip
2014-03-14 22:04 - 2014-03-14 22:04 - 00220448 _____ (Premium Installer ) C:\Users\Millar\Downloads\Henry-Rollins-Get-in-the-Vanphp.exe
2014-03-14 21:46 - 2014-03-18 05:14 - 00001931 _____ () C:\Users\Public\Desktop\McAfee Security Scan Plus.lnk
2014-03-14 21:46 - 2014-03-14 21:46 - 00000000 ____D () C:\ProgramData\McAfee Security Scan
2014-03-14 21:46 - 2014-03-14 21:46 - 00000000 ____D () C:\ProgramData\McAfee
2014-03-14 21:42 - 2014-03-14 21:42 - 00002019 _____ () C:\Users\Public\Desktop\Adobe Reader XI.lnk
2014-03-14 21:39 - 2014-03-14 21:39 - 00000000 ____D () C:\Users\Millar\Documents\PDF Books
2014-03-12 20:35 - 2014-01-31 01:48 - 01339392 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WindowsCodecs.dll
2014-03-12 20:35 - 2014-01-31 01:06 - 01628160 _____ (Microsoft Corporation) C:\Windows\system32\WindowsCodecs.dll
2014-03-12 20:35 - 2013-10-25 08:34 - 00035856 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\WdBoot.sys
2014-03-12 20:35 - 2013-10-24 23:34 - 00248240 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\WdFilter.sys
2014-03-12 20:14 - 2014-02-23 09:13 - 02241536 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2014-03-12 20:14 - 2014-02-23 09:13 - 01365504 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2014-03-12 20:14 - 2014-02-23 09:13 - 00915968 _____ (Microsoft Corporation) C:\Windows\system32\uxtheme.dll
2014-03-12 20:14 - 2014-02-23 09:13 - 00053760 _____ (Microsoft Corporation) C:\Windows\system32\UXInit.dll
2014-03-12 20:14 - 2014-02-23 09:13 - 00051712 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2014-03-12 20:14 - 2014-02-23 09:12 - 19273216 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-03-12 20:14 - 2014-02-23 09:12 - 00603136 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2014-03-12 20:14 - 2014-02-23 09:12 - 00197120 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2014-03-12 20:14 - 2014-02-23 09:11 - 15404032 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2014-03-12 20:14 - 2014-02-23 09:11 - 03960320 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2014-03-12 20:14 - 2014-02-23 09:11 - 02648576 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2014-03-12 20:14 - 2014-02-23 09:11 - 00855552 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2014-03-12 20:14 - 2014-02-23 09:11 - 00136704 _____ (Microsoft Corporation) C:\Windows\system32\iesysprep.dll
2014-03-12 20:14 - 2014-02-23 09:11 - 00067072 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2014-03-12 20:14 - 2014-02-23 09:11 - 00053760 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2014-03-12 20:14 - 2014-02-23 09:11 - 00039936 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2014-03-12 20:14 - 2014-02-23 07:54 - 01767936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2014-03-12 20:14 - 2014-02-23 07:54 - 01140736 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2014-03-12 20:14 - 2014-02-23 07:54 - 00044032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\UXInit.dll
2014-03-12 20:14 - 2014-02-23 07:53 - 14358016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2014-03-12 20:14 - 2014-02-23 07:53 - 13761024 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2014-03-12 20:14 - 2014-02-23 07:53 - 02877952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2014-03-12 20:14 - 2014-02-23 07:53 - 02049024 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2014-03-12 20:14 - 2014-02-23 07:53 - 00690688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2014-03-12 20:14 - 2014-02-23 07:53 - 00493056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2014-03-12 20:14 - 2014-02-23 07:53 - 00163840 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2014-03-12 20:14 - 2014-02-23 07:53 - 00109056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesysprep.dll
2014-03-12 20:14 - 2014-02-23 07:53 - 00061440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2014-03-12 20:14 - 2014-02-23 07:53 - 00039936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2014-03-12 20:14 - 2014-02-23 07:53 - 00033280 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2014-03-12 20:14 - 2014-02-23 07:35 - 02706432 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-03-12 20:14 - 2014-02-23 07:31 - 02706432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2014-03-12 20:14 - 2014-02-23 05:06 - 00534528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\uxtheme.dll
2014-03-12 20:12 - 2014-02-08 05:34 - 04036608 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2014-03-12 20:06 - 2013-12-07 07:36 - 19751936 _____ (Microsoft Corporation) C:\Windows\system32\shell32.dll
2014-03-12 20:06 - 2013-12-07 06:15 - 17560576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\shell32.dll
2014-03-12 20:03 - 2014-02-06 00:41 - 00595968 _____ (Microsoft Corporation) C:\Windows\system32\qedit.dll
2014-03-12 20:03 - 2014-02-06 00:37 - 00496640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\qedit.dll
 
==================== One Month Modified Files and Folders =======
 
2014-04-10 22:04 - 2014-04-08 15:28 - 00031344 _____ () C:\Users\Millar\Downloads\FRST.txt
2014-04-10 22:03 - 2014-04-08 15:28 - 00000000 ____D () C:\FRST
2014-04-10 22:03 - 2014-03-31 02:41 - 00000000 ____D () C:\Users\Millar\AppData\Roaming\ClassicShell
2014-04-10 22:00 - 2013-08-31 20:34 - 00000912 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2014-04-10 22:00 - 2012-07-26 09:12 - 00000000 ____D () C:\Windows\system32\sru
2014-04-10 21:58 - 2014-04-04 16:07 - 00000000 ____D () C:\Users\Millar\AppData\Roaming\Spotify
2014-04-10 20:55 - 2014-03-30 23:06 - 00000000 ____D () C:\Users\Millar\Desktop\Theme Track
2014-04-10 20:55 - 2013-09-04 18:27 - 00000000 ____D () C:\Users\Millar\AppData\Roaming\Audacity
2014-04-10 19:00 - 2013-08-31 20:34 - 00000908 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2014-04-10 17:03 - 2013-08-31 20:48 - 00002183 _____ () C:\Users\Public\Desktop\Google Chrome.lnk
2014-04-10 16:53 - 2013-11-29 16:03 - 00000000 ___RD () C:\Users\Millar\Google Drive
2014-04-10 16:51 - 2014-04-04 16:09 - 00000000 ____D () C:\Users\Millar\AppData\Local\Spotify
2014-04-10 16:46 - 2012-09-26 09:53 - 00000950 _____ () C:\Windows\SysWOW64\bscs.ini
2014-04-10 16:45 - 2012-07-26 08:22 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-04-10 13:19 - 2014-03-16 16:02 - 02407896 _____ () C:\Windows\system32\FNTCACHE.DAT
2014-04-10 13:18 - 2012-08-03 23:23 - 00838360 _____ () C:\Windows\PFRO.log
2014-04-10 01:55 - 2012-07-26 06:26 - 00262144 ___SH () C:\Windows\system32\config\BBI
2014-04-10 01:54 - 2014-04-09 19:50 - 00048328 _____ () C:\Users\Millar\Downloads\Hammond.osm
2014-04-10 01:54 - 2013-08-31 20:16 - 02056347 _____ () C:\Windows\WindowsUpdate.log
2014-04-09 20:01 - 2014-04-09 20:01 - 00735330 _____ () C:\Users\Millar\Desktop\hammond .psd
2014-04-09 19:58 - 2014-04-09 19:58 - 00014337 _____ () C:\Users\Millar\Downloads\Know-your-product.zip
2014-04-09 02:38 - 2014-04-09 02:38 - 00000000 ____D () C:\Users\Millar\AppData\Roaming\Unity
2014-04-09 02:27 - 2014-04-09 02:27 - 00000000 ____D () C:\Users\Millar\AppData\Local\Unity
2014-04-09 02:26 - 2014-04-09 02:26 - 01070496 _____ (Unity Technologies ApS) C:\Users\Millar\Downloads\UnityWebPlayer.exe
2014-04-09 01:49 - 2013-09-27 16:30 - 00000000 ____D () C:\ProgramData\Microsoft Help
2014-04-09 01:46 - 2013-09-09 21:08 - 90655440 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2014-04-09 01:46 - 2013-09-09 21:08 - 00000000 ____D () C:\Windows\system32\MRT
2014-04-09 00:10 - 2013-12-16 12:44 - 00000000 ____D () C:\Users\Millar\Documents\Ableton Projects
2014-04-08 22:45 - 2014-04-07 04:59 - 00109648 _____ () C:\Users\Millar\Downloads\Updated Synth 1.8.osm
2014-04-08 22:02 - 1998-05-26 16:13 - 01411516 _____ () C:\Users\Millar\Desktop\Lab Session 11-14 - BAD-HABI.WAV
2014-04-08 21:43 - 2014-04-08 21:42 - 03996110 _____ () C:\Users\Millar\Downloads\Lab Session 11-14(1).zip
2014-04-08 21:33 - 2014-04-08 21:33 - 00005828 _____ () C:\Users\Millar\Downloads\zian.zip
2014-04-08 20:23 - 2014-04-08 19:56 - 220479777 _____ () C:\Users\Millar\Downloads\Lab Session 15-16 (1).zip
2014-04-08 19:52 - 2014-04-08 19:09 - 46550000 _____ () C:\Users\Millar\Downloads\Lab Session 10.zip
2014-04-08 19:10 - 2014-04-08 19:09 - 01661813 _____ () C:\Users\Millar\Downloads\Lab Session 17(1).zip
2014-04-08 19:09 - 2014-04-08 18:48 - 156172313 _____ () C:\Users\Millar\Downloads\Lab Session 08(1).zip
2014-04-08 18:28 - 2014-04-08 18:25 - 08850095 _____ () C:\Users\Millar\Downloads\976205ospfl.rar
2014-04-08 16:10 - 2013-08-31 20:28 - 00003600 _____ () C:\Windows\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-2329229836-4189106460-3123090683-1002
2014-04-08 15:31 - 2014-04-08 15:31 - 00001268 _____ () C:\Users\Millar\Desktop\Revo Uninstaller.lnk
2014-04-08 15:31 - 2014-04-08 15:31 - 00000000 ____D () C:\Program Files (x86)\VS Revo Group
2014-04-08 15:31 - 2014-04-08 15:30 - 00064598 _____ () C:\Users\Millar\Downloads\Addition.txt
2014-04-08 15:30 - 2014-04-08 15:30 - 02623656 _____ (VS Revo Group Ltd.) C:\Users\Millar\Downloads\revosetup.exe
2014-04-08 15:29 - 2014-04-08 15:28 - 04118841 _____ () C:\Users\Millar\Downloads\tdsskiller.zip
2014-04-08 15:28 - 2014-04-08 15:27 - 02157056 _____ (Farbar) C:\Users\Millar\Downloads\FRST64.exe
2014-04-08 14:58 - 2012-07-26 06:26 - 00262144 ___SH () C:\Windows\system32\config\ELAM
2014-04-07 23:43 - 2012-07-26 08:28 - 00953538 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-04-05 16:56 - 2014-04-05 16:01 - 00646989 _____ () C:\Users\Millar\Downloads\Updated Synth 1.osm
2014-04-05 16:47 - 2014-04-05 16:47 - 00001068 _____ () C:\Users\Millar\Desktop\SynthMaker.lnk
2014-04-05 16:46 - 2014-04-05 16:45 - 00000000 ____D () C:\Users\Millar\Desktop\ddddddddd
2014-04-05 16:45 - 2014-04-05 16:44 - 14955629 _____ () C:\Users\Millar\Downloads\Outsim.SynthMaker.v1.08a-AiR.rar
2014-04-05 16:05 - 2014-04-05 16:05 - 00018222 _____ () C:\Users\Millar\Downloads\danube.zip
2014-04-04 16:09 - 2014-04-04 16:09 - 00001772 _____ () C:\Users\Millar\Desktop\Spotify.lnk
2014-04-04 16:09 - 2014-04-04 16:09 - 00001758 _____ () C:\Users\Millar\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Spotify.lnk
2014-04-04 16:07 - 2014-04-04 16:07 - 00127080 _____ (Spotify Ltd) C:\Users\Millar\Downloads\SpotifySetup.exe
2014-04-03 02:25 - 2014-04-03 02:17 - 220479777 _____ () C:\Users\Millar\Downloads\Lab Session 15-16.zip
2014-04-02 23:42 - 2014-03-31 22:13 - 00000000 ____D () C:\Users\Millar\AppData\Local\Reditr
2014-04-02 22:37 - 2013-09-04 17:10 - 00000000 ____D () C:\Users\Millar\Documents\Youcam
2014-04-02 21:19 - 2014-04-02 21:17 - 00000000 ____D () C:\Users\Millar\Downloads\raku_massive_soundset
2014-04-02 21:16 - 2014-04-02 21:16 - 00044996 _____ () C:\Users\Millar\Downloads\raku_massive_soundset.rar
2014-04-01 21:25 - 2013-09-24 19:56 - 00000000 ____D () C:\Program Files (x86)\Steam
2014-04-01 18:02 - 2014-03-02 05:16 - 00000000 ____D () C:\Users\Millar\Desktop\bleep To Copy
2014-04-01 14:37 - 2012-07-26 09:12 - 00000000 ____D () C:\Windows\AUInstallAgent
2014-04-01 02:03 - 2013-09-02 16:38 - 00000000 ____D () C:\Users\Millar\Sample Packs
2014-03-31 23:42 - 2014-03-31 22:15 - 619100112 _____ () C:\Users\Millar\Downloads\FunctionLoops-VocalsWithLokka3.zip
2014-03-31 22:18 - 2012-07-26 09:14 - 00694232 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2014-03-31 22:18 - 2012-07-26 09:14 - 00078296 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2014-03-31 22:13 - 2014-03-31 22:13 - 00000983 _____ () C:\Users\Public\Desktop\reditr.lnk
2014-03-31 22:13 - 2014-03-31 22:13 - 00000000 ____D () C:\Program Files (x86)\reditr
2014-03-31 22:12 - 2014-03-31 22:06 - 26742293 _____ (Reditr Software ) C:\Users\Millar\Downloads\reditr-setup.exe
2014-03-31 20:54 - 2014-03-31 20:54 - 00003592 _____ () C:\Windows\System32\Tasks\Oxy
2014-03-31 20:54 - 2014-03-31 20:54 - 00000000 ____D () C:\Users\Millar\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Oxy
2014-03-31 20:54 - 2014-03-31 20:53 - 00000000 ____D () C:\Users\Millar\AppData\Roaming\Oxy
2014-03-31 20:53 - 2014-03-31 20:53 - 00003564 _____ () C:\Windows\System32\Tasks\PileFile reminder
2014-03-31 20:53 - 2014-03-31 20:53 - 00003152 _____ () C:\Windows\System32\Tasks\PileFile logon
2014-03-31 20:53 - 2014-03-31 20:52 - 05456976 _____ () C:\Users\Millar\Downloads\Goat_Simulator_Downloader.exe
2014-03-31 20:01 - 2012-07-26 09:12 - 00000000 ____D () C:\Windows\system32\NDF
2014-03-31 20:00 - 2013-07-07 08:43 - 00004131 _____ () C:\Windows\SysWOW64\LOCALSERVICE.INI
2014-03-31 19:56 - 2012-07-26 09:12 - 00000000 ___HD () C:\Windows\ELAMBKUP
2014-03-31 19:42 - 2014-03-31 19:42 - 00003118 _____ () C:\Windows\System32\Tasks\Microsoft_Hardware_Launch_mousekeyboardcenter_exe
2014-03-31 19:42 - 2014-03-31 19:42 - 00003092 _____ () C:\Windows\System32\Tasks\Microsoft_Hardware_Launch_ipoint_exe
2014-03-31 19:42 - 2014-03-31 19:42 - 00003090 _____ () C:\Windows\System32\Tasks\Microsoft_Hardware_Launch_itype_exe
2014-03-31 19:42 - 2014-03-31 19:42 - 00003062 _____ () C:\Windows\System32\Tasks\Microsoft_MKC_Logon_Task_ipoint.exe
2014-03-31 19:42 - 2014-03-31 19:42 - 00003060 _____ () C:\Windows\System32\Tasks\Microsoft_MKC_Logon_Task_itype.exe
2014-03-31 19:41 - 2014-03-31 19:41 - 00000000 ____D () C:\Program Files\Microsoft Mouse and Keyboard Center
2014-03-31 19:40 - 2014-03-31 19:38 - 49662160 _____ (Microsoft Corporation) C:\Users\Millar\Downloads\MouseKeyboardCenter_64bit_ENG_2.2.173.exe
2014-03-31 15:40 - 2014-03-28 17:16 - 00000000 ____D () C:\ProgramData\Origin
2014-03-31 15:40 - 2014-03-28 17:16 - 00000000 ____D () C:\Program Files (x86)\Origin
2014-03-31 02:41 - 2014-03-31 02:41 - 00000000 ____D () C:\Program Files\Classic Shell
2014-03-31 02:39 - 2014-03-31 02:39 - 05631168 _____ (IvoSoft) C:\Users\Millar\Downloads\ClassicShellSetup_4_0_4.exe
2014-03-30 23:08 - 2014-03-30 23:08 - 49974199 _____ () C:\Users\Millar\Desktop\Theme Track.zip
2014-03-30 23:07 - 2013-12-24 23:03 - 00000000 ____D () C:\Users\Millar\Desktop\Quick Bounces
2014-03-30 22:04 - 2014-03-30 22:04 - 03962429 _____ () C:\Users\Millar\Downloads\SCI-FI Theme.m4a
2014-03-30 01:49 - 2014-03-30 01:49 - 00000000 ____D () C:\Users\Millar\Documents\Electronic Arts
2014-03-30 01:49 - 2014-03-30 01:49 - 00000000 ____D () C:\Users\Millar\AppData\Local\Electronic Arts
2014-03-30 01:49 - 2014-03-28 17:16 - 00000000 ____D () C:\ProgramData\Electronic Arts
2014-03-30 01:41 - 2014-03-30 01:41 - 00000000 ____D () C:\Users\Millar\Desktop\New folder (2)
2014-03-30 01:41 - 2014-03-30 01:41 - 00000000 ____D () C:\Users\Millar\Desktop\eeeee
2014-03-30 01:40 - 2014-03-30 01:39 - 00000000 ____D () C:\Users\Millar\Desktop\New Folder
2014-03-30 01:35 - 2014-03-30 00:58 - 1022865769 _____ () C:\Users\Millar\Downloads\Native.Instruments.Guitar.Rig.5.Pro.STANDALONE.VST.RTAS.v5.0.2.x86.x64-ASSiGN(Murlok).rar
2014-03-30 00:08 - 2013-04-01 19:25 - 00369810 _____ () C:\Windows\DirectX.log
2014-03-29 23:38 - 2014-03-28 17:21 - 00000000 ____D () C:\Users\Millar\AppData\Roaming\Origin
2014-03-29 22:25 - 2014-03-29 22:24 - 05412111 _____ () C:\Users\Millar\Downloads\attachments.zip
2014-03-29 20:40 - 2013-09-27 14:43 - 00000000 ____D () C:\Users\Millar\Documents\Cubase Project Folder
2014-03-28 17:28 - 2014-03-28 17:24 - 00000000 ____D () C:\Program Files (x86)\Origin Games
2014-03-28 17:27 - 2014-03-28 17:21 - 00000000 ____D () C:\Users\Millar\AppData\Local\Origin
2014-03-28 17:26 - 2014-03-28 17:24 - 58985109 _____ () C:\Users\Millar\Downloads\Halo Soundtrack.zip
2014-03-28 17:16 - 2014-03-28 17:16 - 00000983 _____ () C:\Users\Public\Desktop\Origin.lnk
2014-03-28 17:14 - 2014-03-28 17:14 - 17009704 _____ (Electronic Arts, Inc.) C:\Users\Millar\Downloads\OriginThinSetup.exe
2014-03-27 19:55 - 2013-08-31 20:34 - 00003884 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2014-03-27 19:55 - 2013-08-31 20:34 - 00003648 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
2014-03-27 01:34 - 2014-03-27 01:34 - 00031863 ____T () C:\Users\Millar\Desktop\DR0000_0155.wav.asd
2014-03-27 01:34 - 2012-07-26 08:21 - 00053501 _____ () C:\Windows\setupact.log
2014-03-27 01:33 - 2014-03-27 01:34 - 03857584 _____ () C:\Users\Millar\Desktop\DR0000_0155.wav
2014-03-27 01:01 - 2012-02-09 23:43 - 00000000 ___HD () C:\Users\Millar\AppData\Local\R1uQ50Ba
2014-03-27 00:59 - 2013-09-23 15:09 - 00000000 ____D () C:\Users\Millar\AppData\Local\CrashDumps
2014-03-25 19:01 - 2014-03-25 19:01 - 00000000 ____D () C:\Windows\System32\Tasks\Norton 360
2014-03-25 18:55 - 2013-11-17 23:29 - 00002319 _____ () C:\Users\Public\Desktop\Norton 360.lnk
2014-03-25 18:55 - 2013-09-15 14:40 - 00003206 _____ () C:\Windows\System32\Tasks\Norton WSC Integration
2014-03-25 18:55 - 2013-09-15 14:38 - 00000000 ____D () C:\Windows\system32\Drivers\N360x64
2014-03-25 18:53 - 2014-03-24 17:05 - 00000000 ____D () C:\Program Files (x86)\Mega Browse
2014-03-25 01:52 - 2014-03-25 01:52 - 00061120 _____ (StdLib) C:\Windows\system32\Drivers\wStLibG64.sys
2014-03-24 21:19 - 2014-03-24 21:18 - 05819500 _____ () C:\Users\Millar\Downloads\ALL Presets & Samples ZIP.zip
2014-03-24 18:52 - 2012-07-26 06:26 - 00000269 _____ () C:\Windows\win.ini
2014-03-24 17:10 - 2014-03-24 17:10 - 00000000 ____D () C:\Users\Millar\Documents\Optimizer Pro
2014-03-24 17:09 - 2014-03-24 17:09 - 00004535 _____ () C:\Users\Millar\AppData\Roaming\CamStudio.cfg
2014-03-24 17:09 - 2014-03-24 17:09 - 00000408 _____ () C:\Users\Millar\AppData\Roaming\CamShapes.ini
2014-03-24 17:09 - 2014-03-24 17:09 - 00000408 _____ () C:\Users\Millar\AppData\Roaming\CamLayout.ini
2014-03-24 17:09 - 2014-03-24 17:09 - 00000046 _____ () C:\Users\Millar\AppData\Roaming\Camdata.ini
2014-03-24 17:09 - 2014-03-24 17:05 - 00000000 ____D () C:\Program Files\CamStudio 2.7
2014-03-24 17:08 - 2014-03-24 17:07 - 00000000 ____D () C:\Users\Millar\Documents\My CamStudio Temp Files
2014-03-24 17:06 - 2014-03-24 17:06 - 00000096 _____ () C:\Users\Millar\AppData\Roaming\version2.xml
2014-03-24 17:04 - 2014-03-24 17:04 - 00665840 _____ ( ) C:\Users\Millar\Downloads\CamStudio_Setup_v2.7.2_r326_(build_19Oct2013).exe
2014-03-24 17:02 - 2014-03-24 17:00 - 00000000 ____D () C:\Users\Millar\AppData\Roaming\Gif Recorder
2014-03-24 17:00 - 2014-03-24 17:00 - 00000000 ____D () C:\Users\Millar\AppData\Local\Gif Recorder
2014-03-24 16:59 - 2014-03-24 16:59 - 01461304 _____ () C:\Users\Millar\Desktop\gifrecordersetup.exe
2014-03-24 16:58 - 2014-03-24 16:58 - 00389448 _____ (Softonic ) C:\Users\Millar\Downloads\SoftonicDownloader_for_gif-recorder.exe
2014-03-22 18:11 - 2013-10-18 18:09 - 00000000 ____D () C:\ProgramData\Oracle
2014-03-22 18:10 - 2014-03-22 18:10 - 00005175 _____ () C:\Windows\SysWOW64\jupdate-1.7.0_51-b13.log
2014-03-22 18:10 - 2013-10-18 18:09 - 00000000 ____D () C:\Program Files (x86)\Java
2014-03-22 18:06 - 2014-03-22 18:05 - 457468147 _____ () C:\Users\Millar\Desktop\Deadmau5 Xfer.zip
2014-03-22 18:01 - 2014-03-22 17:57 - 00000000 ____D () C:\Users\Millar\Desktop\Deadmau5 Xfer
2014-03-20 19:57 - 2014-03-20 19:57 - 00399167 ____T () C:\Users\Millar\Downloads\Aretha Franklin - A Deeper Love (Acapella).mp3.asd
2014-03-20 00:40 - 2014-03-20 00:33 - 71201014 _____ () C:\Users\Millar\Downloads\Audio Animals - Repulsive Wavz.zip
2014-03-18 20:07 - 2014-03-18 20:07 - 00150305 _____ () C:\Users\Millar\Downloads\Myriad Apple TTF.rar
2014-03-18 05:14 - 2014-03-18 05:14 - 00000000 ____D () C:\Program Files\McAfee Security Scan
2014-03-18 05:14 - 2014-03-14 21:46 - 00001931 _____ () C:\Users\Public\Desktop\McAfee Security Scan Plus.lnk
2014-03-16 23:00 - 2014-03-16 23:00 - 00272664 _____ (Trusteer Ltd.) C:\Users\Millar\Downloads\RapportSetup.exe
2014-03-16 23:00 - 2014-03-16 23:00 - 00000000 ____D () C:\ProgramData\Trusteer
2014-03-16 19:01 - 2012-07-26 09:12 - 00000000 ____D () C:\Windows\rescache
2014-03-15 01:19 - 2013-08-31 20:20 - 00000000 ___RD () C:\Users\Millar\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
2014-03-15 01:19 - 2013-08-31 20:20 - 00000000 ___RD () C:\Users\Millar\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools
2014-03-15 01:18 - 2014-03-04 21:03 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2014-03-15 01:17 - 2013-09-18 16:17 - 00000000 ____D () C:\Program Files\Microsoft Silverlight
2014-03-15 01:17 - 2013-09-18 16:17 - 00000000 ____D () C:\Program Files (x86)\Microsoft Silverlight
2014-03-15 01:16 - 2012-07-26 09:12 - 00000000 ___RD () C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools
2014-03-15 01:16 - 2012-07-26 09:12 - 00000000 ___RD () C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools
2014-03-15 01:16 - 2012-07-26 09:12 - 00000000 ____D () C:\Program Files\Windows Defender
2014-03-15 01:16 - 2012-07-26 09:12 - 00000000 ____D () C:\Program Files (x86)\Windows Defender
2014-03-15 01:15 - 2012-07-26 09:12 - 00000000 ___RD () C:\Windows\ToastData
2014-03-14 22:53 - 2014-03-14 22:53 - 00263293 _____ () C:\Users\Millar\Downloads\arsenal.zip
2014-03-14 22:04 - 2014-03-14 22:04 - 00220448 _____ (Premium Installer ) C:\Users\Millar\Downloads\Henry-Rollins-Get-in-the-Vanphp.exe
2014-03-14 21:49 - 2013-09-07 14:55 - 00000000 ____D () C:\Users\Millar\Documents\Leeds University Music Technology
2014-03-14 21:47 - 2013-09-27 16:18 - 00000000 ____D () C:\ProgramData\Adobe
2014-03-14 21:46 - 2014-03-14 21:46 - 00000000 ____D () C:\ProgramData\McAfee Security Scan
2014-03-14 21:46 - 2014-03-14 21:46 - 00000000 ____D () C:\ProgramData\McAfee
2014-03-14 21:46 - 2013-09-27 16:24 - 00000000 ____D () C:\Users\Millar\AppData\Local\Adobe
2014-03-14 21:46 - 2013-08-31 20:20 - 00000000 ____D () C:\Users\Millar\AppData\Roaming\Adobe
2014-03-14 21:42 - 2014-03-14 21:42 - 00002019 _____ () C:\Users\Public\Desktop\Adobe Reader XI.lnk
2014-03-14 21:42 - 2013-09-27 16:13 - 00000000 ____D () C:\Program Files (x86)\Adobe
2014-03-14 21:39 - 2014-03-14 21:39 - 00000000 ____D () C:\Users\Millar\Documents\PDF Books
2014-03-12 21:57 - 2013-07-07 08:53 - 00000000 ____D () C:\Program Files (x86)\HP SimplePass
 
Files to move or delete:
====================
C:\Users\Millar\AppData\Roaming\CamLayout.ini
C:\Users\Millar\AppData\Roaming\CamShapes.ini
 
 
Some content of TEMP:
====================
C:\Users\Millar\AppData\Local\Temp\eh37bcpl.dll
C:\Users\Millar\AppData\Local\Temp\ose00000.exe
 
 
==================== Bamital & volsnap Check =================
 
C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\rpcss.dll => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit
 
 
LastRegBack: 2014-04-09 03:15
 
==================== End Of Log ============================


#6 fondlethebeetroot

fondlethebeetroot
  • Topic Starter

  • Members
  • 11 posts
  • OFFLINE
  •  
  • Local time:09:04 AM

Posted 10 April 2014 - 04:08 PM

Addition.txt

 

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 13-03-2014
Ran by Millar at 2014-04-10 22:07:05
Running from C:\Users\Millar\Downloads
Boot Mode: Normal
==========================================================
 
 
==================== Security Center ========================
 
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: Norton 360 (Enabled - Up to date) {D87FA2C0-F526-77B1-D6EC-0EDF3936CEDB}
AS: Norton 360 (Enabled - Up to date) {631E4324-D31C-783F-EC5C-35AD42B18466}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
FW: Norton 360 (Enabled) {E04423E5-BF49-76E9-FDB3-A7EAC7E589A0}
 
==================== Installed Programs ======================
 
µTorrent (HKLM-x32\...\uTorrent) (Version: 3.3.0.29126 - BitTorrent Inc.)
7-Zip 9.20 (x64 edition) (HKLM\...\{23170F69-40C1-2702-0920-000001000000}) (Version: 9.20.00.0 - Igor Pavlov)
Ableton Live 9 Suite (HKLM\...\{F6238EAB-3AD7-4B0E-B0AD-E533A93A5C32}) (Version: 9.0.0.0 - Ableton)
Adobe Anchor Service CS3 (x32 Version: 1.0 - Adobe Systems Incorporated) Hidden
Adobe Asset Services CS3 (x32 Version: 3 - Adobe Systems Incorporated) Hidden
Adobe Bridge CS3 (x32 Version: 2 - Adobe Systems Incorporated) Hidden
Adobe Bridge Start Meeting (x32 Version: 1.0 - Adobe Systems Incorporated) Hidden
Adobe Camera Raw 4.0 (x32 Version: 4.0 - Adobe Systems Incorporated) Hidden
Adobe CMaps (x32 Version: 1.0 - Adobe Systems Incorporated) Hidden
Adobe Color - Photoshop Specific (x32 Version: 1.0 - Adobe Systems Incorporated) Hidden
Adobe Color Common Settings (x32 Version: 1.0 - Adobe Systems Incorporated) Hidden
Adobe Color EU Extra Settings (x32 Version: 1.0 - Adobe Systems Incorporated) Hidden
Adobe Color JA Extra Settings (x32 Version: 1.0 - Adobe Systems Incorporated) Hidden
Adobe Color NA Recommended Settings (x32 Version: 1.0 - Adobe Systems Incorporated) Hidden
Adobe Default Language CS3 (x32 Version: 1.0 - Adobe Systems Incorporated) Hidden
Adobe Device Central CS3 (x32 Version: 1.0 - Adobe Systems Incorporated) Hidden
Adobe ExtendScript Toolkit 2 (x32 Version: 2.0 - Adobe Systems Incorporated) Hidden
Adobe Fonts All (x32 Version: 1.0 - Adobe Systems Incorporated) Hidden
Adobe Help Viewer CS3 (x32 Version: 1 - Adobe Systems Incorporated) Hidden
Adobe Linguistics CS3 (x32 Version: 3.0.0 - Adobe Systems Incorporated) Hidden
Adobe PDF Library Files (x32 Version: 8.0 - Adobe Systems Incorporated) Hidden
Adobe Photoshop CS3 (HKLM-x32\...\Adobe_2ac78060bc5856b0c1cf873bb919b58) (Version: 10.0 - Adobe Systems Incorporated)
Adobe Photoshop CS3 (x32 Version: 10 - Adobe Systems Incorporated) Hidden
Adobe Reader XI (11.0.06) (HKLM-x32\...\{AC76BA86-7AD7-1033-7B44-AB0000000001}) (Version: 11.0.06 - Adobe Systems Incorporated)
Adobe Setup (x32 Version: 1.0 - Adobe Systems Incorporated) Hidden
Adobe Shockwave Player 11.6 (HKLM-x32\...\Adobe Shockwave Player) (Version: 11.6.6.636 - Adobe Systems, Inc.)
Adobe Stock Photos CS3 (x32 Version: 1.5 - Adobe Systems Incorporated) Hidden
Adobe Type Support (x32 Version: 1.0 - Adobe Systems Incorporated) Hidden
Adobe Update Manager CS3 (x32 Version: 5.1.0 - Adobe Systems Incorporated) Hidden
Adobe Version Cue CS3 Client (x32 Version: 3 - Adobe Systems Incorporated) Hidden
Adobe WinSoft Linguistics Plugin (x32 Version: 1.0 - Adobe Systems Incorporated) Hidden
Adobe XMP Panels CS3 (x32 Version: 1.0 - Adobe Systems Incorporated) Hidden
Aloha TriPeaks (x32 Version: 2.2.0.98 - WildTangent) Hidden
AMD Accelerated Video Transcoding (Version: 12.5.100.30123 - Advanced Micro Devices, Inc.) Hidden
AMD APP SDK Runtime (Version: 10.0.1084.4 - Advanced Micro Devices Inc.) Hidden
AMD Catalyst Install Manager (HKLM\...\{7545D28D-00EC-C15D-FE18-C3E3F5EC0BDD}) (Version: 8.0.903.0 - Advanced Micro Devices, Inc.)
AMD Fuel (Version: 2013.0123.215.3900 - Advanced Micro Devices, Inc.) Hidden
AMD VISION Engine Control Center (x32 Version: 2013.0123.215.3900 - Advanced Micro Devices, Inc.) Hidden
Analog Channel (x32 Version: 2.6.4 - McDSP) Hidden
APB Reloaded (HKLM-x32\...\Steam App 113400) (Version:  - Reloaded Productions)
Apple Application Support (HKLM-x32\...\{46F044A5-CE8B-4196-984E-5BD6525E361D}) (Version: 2.3.6 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{2EF5D87E-B7BD-458F-8428-E4D0B8B4E65C}) (Version: 7.0.0.117 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)
Arma 2 (HKLM-x32\...\Steam App 33910) (Version:  - Bohemia Interactive)
Arma 2: DayZ Mod (HKLM-x32\...\Steam App 224580) (Version:  - Bohemia Interactive)
Arma 2: Operation Arrowhead (HKLM-x32\...\Steam App 33930) (Version:  - Bohemia Interactive)
Arturia Minimoog V v1.0 (HKLM-x32\...\Arturia Minimoog V v1.0) (Version:  - )
ASIO4ALL (HKLM-x32\...\ASIO4ALL) (Version: 2.10 - Michael Tippach)
Audacity 2.0.3 (HKLM-x32\...\Audacity_is1) (Version: 2.0.3 - Audacity Team)
AuthenTec TrueAPI 64-bit (Version: 1.6.0.86 - AuthenTec, Inc.) Hidden
Automap 4.7 (HKLM\...\Automap Universal_is1) (Version: 4.7 - Focusrite Audio Engineering Ltd.)
Avid Core Runtime (HKLM-x32\...\{29E44AFF-790B-46B8-8CA6-A0EE6EFC9D7A}) (Version: 6.1.0 - Avid Technology, Inc.)
Avid Effects (HKLM-x32\...\{A86F1158-A7F7-4E8C-98E3-88F4996E85EB}) (Version: 10.3.5 - Avid Technology, Inc.)
Avid HD Driver (x64) (HKLM\...\{658E112A-8776-4430-A275-D9248732DFB9}) (Version: 10.3.2 - Avid Technology, Inc.)
Avid Pro Tools (HKLM-x32\...\{8E60BB71-7EF3-42ED-9F10-AA041F25841A}) (Version: 10.3.5 - Avid Technology, Inc.)
Avid Virtual Instruments (HKLM-x32\...\{9239E44D-E688-4FF4-A1CA-3F1706B3B10B}) (Version: 10.0.0 - Avid Technology, Inc.)
AwesomiumSetup (HKLM-x32\...\{19EF99D1-7EE6-4B5E-ABEE-0B3825F703B0}) (Version: 1.00.0000 - SIX Networks GmbH)
BattlEye for OA Uninstall (HKLM-x32\...\BattlEye for OA) (Version:  - )
BattlEye Uninstall (HKLM-x32\...\BattlEye for A2) (Version:  - )
BeamNG.drive (HKCU\...\BeamNG.drive) (Version: 0.3.0.5 - beamng.com)
Bejeweled 3 (x32 Version: 2.2.0.98 - WildTangent) Hidden
Blue Cat's FreqAnalyst VST 2.02 (HKLM-x32\...\{44D94F3A-D38C-48DF-AEF7-4CD8B078F30F}) (Version: 2.02 - Blue Cat Audio)
Blue Cat's Triple EQ VST 4.02 (HKLM-x32\...\{F2D66909-5A27-4F0F-8E53-18BAE15178EC}) (Version: 4.02 - Blue Cat Audio)
Bonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 - Apple Inc.)
Build-a-lot 4 - Power Source (x32 Version: 2.2.0.98 - WildTangent) Hidden
bx_solo 1.6 (HKLM\...\bx_solo_is1) (Version:  - Plugin Alliance)
Call of Duty® 4 - Modern Warfare™ (HKLM-x32\...\InstallShield_{E48469CC-635E-4FD5-A122-1497C286D217}) (Version: 1.00.0000 - Activision)
Call of Duty® 4 - Modern Warfare™ (x32 Version: 1.00.0000 - Activision) Hidden
Camel Audio CamelCrusher (HKLM-x32\...\Camel Audio CamelCrusher) (Version: 1.01.0 - Camel Audio)
Catalyst Control Center - Branding (x32 Version: 1.00.0000 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Graphics Previews Common (x32 Version: 2013.0123.215.3900 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center InstallProxy (x32 Version: 2013.0123.215.3900 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Localization All (x32 Version: 2013.0123.215.3900 - Advanced Micro Devices, Inc.) Hidden
CCC Help Chinese Standard (x32 Version: 2013.0123.0214.3900 - Advanced Micro Devices, Inc.) Hidden
CCC Help Chinese Traditional (x32 Version: 2013.0123.0214.3900 - Advanced Micro Devices, Inc.) Hidden
CCC Help Czech (x32 Version: 2013.0123.0214.3900 - Advanced Micro Devices, Inc.) Hidden
CCC Help Danish (x32 Version: 2013.0123.0214.3900 - Advanced Micro Devices, Inc.) Hidden
CCC Help Dutch (x32 Version: 2013.0123.0214.3900 - Advanced Micro Devices, Inc.) Hidden
CCC Help English (x32 Version: 2013.0123.0214.3900 - Advanced Micro Devices, Inc.) Hidden
CCC Help Finnish (x32 Version: 2013.0123.0214.3900 - Advanced Micro Devices, Inc.) Hidden
CCC Help French (x32 Version: 2013.0123.0214.3900 - Advanced Micro Devices, Inc.) Hidden
CCC Help German (x32 Version: 2013.0123.0214.3900 - Advanced Micro Devices, Inc.) Hidden
CCC Help Greek (x32 Version: 2013.0123.0214.3900 - Advanced Micro Devices, Inc.) Hidden
CCC Help Hungarian (x32 Version: 2013.0123.0214.3900 - Advanced Micro Devices, Inc.) Hidden
CCC Help Italian (x32 Version: 2013.0123.0214.3900 - Advanced Micro Devices, Inc.) Hidden
CCC Help Japanese (x32 Version: 2013.0123.0214.3900 - Advanced Micro Devices, Inc.) Hidden
CCC Help Korean (x32 Version: 2013.0123.0214.3900 - Advanced Micro Devices, Inc.) Hidden
CCC Help Norwegian (x32 Version: 2013.0123.0214.3900 - Advanced Micro Devices, Inc.) Hidden
CCC Help Polish (x32 Version: 2013.0123.0214.3900 - Advanced Micro Devices, Inc.) Hidden
CCC Help Portuguese (x32 Version: 2013.0123.0214.3900 - Advanced Micro Devices, Inc.) Hidden
CCC Help Russian (x32 Version: 2013.0123.0214.3900 - Advanced Micro Devices, Inc.) Hidden
CCC Help Spanish (x32 Version: 2013.0123.0214.3900 - Advanced Micro Devices, Inc.) Hidden
CCC Help Swedish (x32 Version: 2013.0123.0214.3900 - Advanced Micro Devices, Inc.) Hidden
CCC Help Thai (x32 Version: 2013.0123.0214.3900 - Advanced Micro Devices, Inc.) Hidden
CCC Help Turkish (x32 Version: 2013.0123.0214.3900 - Advanced Micro Devices, Inc.) Hidden
ccc-utility64 (Version: 2013.0123.215.3900 - Advanced Micro Devices, Inc.) Hidden
Channel G (x32 Version: 1.2.4 - McDSP) Hidden
Chrome Tone (x32 Version: 1.4.4 - McDSP) Hidden
Classic Shell (HKLM\...\{2368907C-E8F6-4750-A023-254C3E2B5E8D}) (Version: 4.0.4 - IvoSoft)
CompressorBank (x32 Version: 3.6.4 - McDSP) Hidden
Connected Music powered by Universal Music Group version 1.0 (HKLM-x32\...\{46037DC7-F927-46DF-935F-D6F122BDD34B}_is1) (Version: 1.0 - Snowite)
Cradle of Rome 2 (x32 Version: 2.2.0.98 - WildTangent) Hidden
Crazy Chicken Soccer (x32 Version: 2.2.0.98 - WildTangent) Hidden
Crysis WARHEAD® (HKLM-x32\...\Crysis WARHEAD®) (Version:  - Electronic Arts)
Crysis WARHEAD® (x32 Version: 1.0 - Crytek) Hidden
Crysis® (HKLM-x32\...\{000E79B7-E725-4F01-870A-C12942B7F8E4}) (Version: 1.00.0000 - Electronic Arts)
CyberLink LabelPrint (HKLM-x32\...\InstallShield_{C59C179C-668D-49A9-B6EA-0121CCFC1243}) (Version: 2.5.2.5712 - CyberLink Corp.)
CyberLink LabelPrint (x32 Version: 2.5.2.5712 - CyberLink Corp.) Hidden
CyberLink Media Suite 10 (HKLM-x32\...\InstallShield_{1FBF6C24-C1fD-4101-A42B-0C564F9E8E79}) (Version: 10.0.2.2114 - CyberLink Corp.)
CyberLink Media Suite 10 (x32 Version: 10.0.2.2114 - CyberLink Corp.) Hidden
CyberLink PhotoDirector (HKLM-x32\...\InstallShield_{4862344A-A39C-4897-ACD4-A1BED5163C5A}) (Version: 2.0.2.3317 - CyberLink Corp.)
CyberLink PhotoDirector (x32 Version: 2.0.2.3317 - CyberLink Corp.) Hidden
CyberLink Power2Go 8 (HKLM-x32\...\InstallShield_{2A87D48D-3FDF-41fd-97CD-A1E370EFFFE2}) (Version: 8.0.2.2110 - CyberLink Corp.)
CyberLink Power2Go 8 (x32 Version: 8.0.2.2110 - CyberLink Corp.) Hidden
CyberLink PowerDirector 10 (HKLM-x32\...\InstallShield_{B0B4F6D2-F2AE-451A-9496-6F2F6A897B32}) (Version: 10.0.2.2126 - CyberLink Corp.)
CyberLink PowerDirector 10 (x32 Version: 10.0.2.2126 - CyberLink Corp.) Hidden
CyberLink PowerDVD (HKLM-x32\...\InstallShield_{DEC235ED-58A4-4517-A278-C41E8DAEAB3B}) (Version: 10.0.7.4528 - CyberLink Corp.)
CyberLink PowerDVD (x32 Version: 10.0.7.4528 - CyberLink Corp.) Hidden
CyberLink YouCam (HKLM-x32\...\InstallShield_{01FB4998-33C4-4431-85ED-079E3EEFE75D}) (Version: 3.5.5.5811 - CyberLink Corp.)
CyberLink YouCam (x32 Version: 3.5.5.5811 - CyberLink Corp.) Hidden
D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
DayZ Commander (HKLM-x32\...\{B3653588-3AC0-4A1D-950F-D96531E84374}) (Version: 0.92.91 - Dotjosh Studios)
Dead Space™ (HKLM-x32\...\{6E6F22D7-8AD6-4A87-9A47-733E6E996F50}) (Version: 1.0.0.222 - Electronic Arts)
DJ Intro version 1.1.2 (HKLM-x32\...\{36625871-9D4B-4046-A837-677974F51CAC}_is1) (Version: 1.1.2 - Serato Audio Research)
eLicenser Control (HKLM-x32\...\eLicenser Control) (Version:  - Steinberg Media Technologies GmbH)
Energy Star (HKLM-x32\...\{FC0ADA4D-8FA5-4452-8AFF-F0A0BAC97EF7}) (Version: 1.0.9 - Hewlett-Packard Company)
f.lux (HKCU\...\Flux) (Version:  - )
Far Cry 2 (HKLM-x32\...\{F2835483-37F2-4123-B4FE-0E77D58447F2}) (Version: 1.00.00 - Ubisoft)
Farm Frenzy (x32 Version: 2.2.0.98 - WildTangent) Hidden
FilterBank (x32 Version: 3.6.4 - McDSP) Hidden
Final Drive Fury (x32 Version: 2.2.0.95 - WildTangent) Hidden
FL Studio 10 (HKLM-x32\...\FL Studio 10) (Version:  - Image-Line)
Flux_StereoTool (HKLM-x32\...\{48A404E2-0A25-4CEF-AB87-8626BD1B0F2C}) (Version: 2.4.8.14315 - Flux:: sound and picture development)
Focusrite Scarlett Plug-in Suite 1.1 (HKLM-x32\...\{D7F912D4-C237-4079-966A-5044A5025CBF}}_is1) (Version: 1.1 - Focusrite Audio Engineering Ltd.)
Focusrite USB 2.0 Audio Driver 2.1 (HKLM\...\Focusrite USB 2.0 Audio Driver_is1) (Version: 2.1 - Focusrite Audio Engineering Limited.)
GameSpy Comrade (HKLM-x32\...\{5F4C776F-8CBD-4C4F-892F-B568ABDD70C8}) (Version: 1.5.0.156 - GameSpy)
Gardenscapes: Mansion Makeover (x32 Version: 3.0.2.32 - WildTangent) Hidden
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 34.0.1847.116 - Google Inc.)
Google Drive (HKLM-x32\...\{E87022D3-C8C9-4C76-8E27-BC7F18F9B8FB}) (Version: 1.14.6059.644 - Google, Inc.)
Google Update Helper (x32 Version: 1.3.23.9 - Google Inc.) Hidden
Governor of Poker 2 Premium Edition (x32 Version: 2.2.0.95 - WildTangent) Hidden
Guild Wars 2 (HKLM-x32\...\Guild Wars 2) (Version:  - NCsoft Corporation, Ltd.)
Hewlett-Packard ACLM.NET v1.2.1.1 (x32 Version: 1.00.0000 - Hewlett-Packard Company) Hidden
HP 3D DriveGuard (HKLM\...\{6821D775-9303-46DD-977A-2D97CA18B054}) (Version: 4.2.8.1 - Hewlett-Packard Company)
HP Connected Music (Meridian - installer) (HKLM-x32\...\StartHPConnectedMusic) (Version: v1.0 - Meridian Audio Ltd)
HP Connected Remote (HKLM-x32\...\{F243A34B-AB7F-4065-B770-B85B767C247C}) (Version: 1.6.3 - Hewlett-Packard)
HP CoolSense (HKLM-x32\...\{8704FEEF-A6A8-4E7E-B124-BD6122C66E2C}) (Version: 2.10.42 - Hewlett-Packard Company)
HP Customer Experience Enhancements (x32 Version: 6.0.1.7 - Hewlett-Packard) Hidden
HP Documentation (HKLM-x32\...\{92E8BC5B-6023-4846-8151-415351A4FAFF}) (Version: 1.2.0.0 - Hewlett-Packard)
HP Games (HKLM-x32\...\WildTangent hp Master Uninstall) (Version: 1.0.3.0 - WildTangent)
HP Postscript Converter (Version: 3.1.3591 - Hewlett-Packard) Hidden
HP Quick Launch (HKLM-x32\...\{E5823036-6F09-4D0A-B05C-E2BAA129288A}) (Version: 3.0.6 - Hewlett-Packard Company)
HP Recovery Manager (x32 Version: 8.00 - Hewlett-Packard) Hidden
HP Registration Service (HKLM\...\{C2E428EB-116E-41C0-9E84-B22DE9CCA42F}) (Version: 1.1.6232.4245 - Hewlett-Packard)
HP SimplePass (HKLM-x32\...\{34C821CA-6B55-44A0-8A9B-2EF471D6019E}) (Version: 6.0.100.244 - Hewlett-Packard)
HP Support Assistant (HKLM-x32\...\{EE202411-2C26-49E8-9784-1BC1DBF7DE96}) (Version: 7.0.39.15 - Hewlett-Packard Company)
HP Utility Center (HKLM-x32\...\{0C57987A-A03A-4B95-A309-D23F78F406CA}) (Version: 1.0.8 - Hewlett-Packard)
HP Wireless Button Driver (HKLM-x32\...\{941DE69D-6CEE-4171-8F1F-3D7E352AA498}) (Version: 1.0.6.1 - Hewlett-Packard Company)
iCloud (HKLM\...\{704C0303-D20C-45AF-BD2B-556EAF31BE09}) (Version: 2.1.2.8 - Apple Inc.)
IDT Audio (HKLM-x32\...\{E3A5A8AB-58F6-45FF-AFCB-C9AE18C05001}) (Version: 1.0.6433.0 - IDT)
IK Multimedia Authorization Manager version 1.0.8 (HKLM\...\{85BC0DCB-69E5-4279-AA25-F108EF896588}_is1) (Version: 1.0.8 - IK Multimedia)
IL Download Manager (HKLM-x32\...\IL Download Manager) (Version:  - Image-Line)
iTunes (HKLM\...\{F73A118B-8271-47E2-8790-0C636B2539C5}) (Version: 11.1.0.126 - Apple Inc.)
iZotope Trash 2 (HKLM-x32\...\iZotope Trash 2_is1) (Version: 2.00 - iZotope, Inc.)
Java 7 Update 51 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83217045FF}) (Version: 7.0.510 - Oracle)
Java Auto Updater (x32 Version: 2.1.9.8 - Sun Microsystems, Inc.) Hidden
JBridge (HKLM-x32\...\JBridge) (Version:  - JBridge)
Jewel Match 3 (x32 Version: 2.2.0.98 - WildTangent) Hidden
Jewel Quest II (x32 Version: 2.2.0.97 - WildTangent) Hidden
KORG M1 Le (HKLM-x32\...\{9624502C-3D39-41A0-8917-858EC16769CE}) (Version: 1.0.4 - KORG Inc.)
LAME v3.99.3 (for Windows) (HKLM-x32\...\LAME_is1) (Version:  - )
License Support (HKLM-x32\...\InstallShield_{3165EA9B-36CC-499B-96FF-36FC30E10EF4}) (Version: 1.2.0.5555 - PACE Anti-Piracy, Inc.)
License Support (Version: 1.2.0.5555 - PACE Anti-Piracy, Inc.) Hidden
Live 8.0.4 (HKLM-x32\...\Live 8.0.4) (Version:  - )
Mahjongg Artifacts (x32 Version: 2.2.0.110 - WildTangent) Hidden
MC2000 (x32 Version: 2.6.4 - McDSP) Hidden
McAfee Security Scan Plus (HKLM\...\McAfee Security Scan) (Version: 3.8.141.11 - McAfee, Inc.)
Microsoft .NET Framework 1.1 (HKLM-x32\...\{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}) (Version: 1.1.4322 - Microsoft)
Microsoft Application Error Reporting (Version: 12.0.6015.5000 - Microsoft Corporation) Hidden
Microsoft Mouse and Keyboard Center (HKLM\...\Microsoft Mouse and Keyboard Center) (Version: 2.2.173.0 - Microsoft Corporation)
Microsoft Mouse and Keyboard Center (Version: 2.2.173.0 - Microsoft Corporation) Hidden
Microsoft Office (HKLM-x32\...\{90150000-0138-0409-0000-0000000FF1CE}) (Version: 15.0.4454.1510 - Microsoft Corporation)
Microsoft Office 2007 Service Pack 3 (SP3) (HKLM-x32\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}) (Version:  - Microsoft)
Microsoft Office 2007 Service Pack 3 (SP3) (x32 Version:  - Microsoft) Hidden
Microsoft Office Access MUI (English) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Access Setup Metadata MUI (English) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Enterprise 2007 (HKLM-x32\...\ENTERPRISE) (Version: 12.0.6612.1000 - Microsoft Corporation)
Microsoft Office Enterprise 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Excel MUI (English) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Groove MUI (English) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Groove Setup Metadata MUI (English) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office InfoPath MUI (English) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Office 64-bit Components 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office OneNote MUI (English) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Outlook MUI (English) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office PowerPoint MUI (English) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (English) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (French) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (Spanish) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Proofing (English) 2007 (x32 Version: 12.0.4518.1014 - Microsoft Corporation) Hidden
Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3) (x32 Version:  - Microsoft) Hidden
Microsoft Office Publisher MUI (English) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared 64-bit MUI (English) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared 64-bit Setup Metadata MUI (English) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared MUI (English) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared Setup Metadata MUI (English) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Word MUI (English) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.30214.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft SQL Server Compact 3.5 SP2 ENU (HKLM-x32\...\{3A9FC03D-C685-4831-94CF-4EDFD3749497}) (Version: 3.5.8080.0 - Microsoft Corporation)
Microsoft SQL Server Compact 3.5 SP2 x64 ENU (HKLM\...\{D4AD39AD-091E-4D33-BB2B-59F6FCB8ADC3}) (Version: 3.5.8080.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{A49F249F-0C91-497F-86DF-B2585E8E76B7}) (Version: 8.0.50727.42 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{071c9b48-7c32-4621-a0ac-3f809523288f}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.21022 (HKLM\...\{350AA351-21FA-3270-8B7A-835434E766AD}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.30319 (HKLM\...\{DA5E371C-6333-3D8A-93A4-6FD5B20BCC6E}) (Version: 10.0.30319 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.51106 (HKLM-x32\...\{8e70e4e1-06d7-470b-9f74-a51bef21088e}) (Version: 11.0.51106.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 x86 Additional Runtime - 11.0.51106 (x32 Version: 11.0.51106 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x86 Minimum Runtime - 11.0.51106 (x32 Version: 11.0.51106 - Microsoft Corporation) Hidden
MixMeister BPM Analyzer 1.0 (HKLM-x32\...\MixMeister BPM Analyzer_is1) (Version:  - MixMeister Technology LLC)
Mixxx 1.11.0 (HKLM-x32\...\Mixxx (1.11.0)) (Version: 1.11.0 - The Mixxx Development Team)
Movie Maker (x32 Version: 16.4.3503.0728 - Microsoft Corporation) Hidden
Mozilla Firefox 27.0.1 (x86 en-US) (HKLM-x32\...\Mozilla Firefox 27.0.1 (x86 en-US)) (Version: 27.0.1 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 27.0.1 - Mozilla)
MPK mini Editor (HKLM-x32\...\MPKminiEditor) (Version:  - )
MSVCRT (x32 Version: 15.4.2862.0708 - Microsoft) Hidden
MSVCRT110 (x32 Version: 16.4.1108.0727 - Microsoft) Hidden
MSVCRT110_amd64 (Version: 16.4.1108.0727 - Microsoft) Hidden
Mystery of Mortlake Mansion (x32 Version: 2.2.0.98 - WildTangent) Hidden
NanoStudio 1.41 (HKLM-x32\...\NanoStudio_is1) (Version:  - )
Native Instruments Audio 2 DJ Driver (HKLM-x32\...\Native Instruments Audio 2 DJ Driver) (Version:  - Native Instruments)
Native Instruments Audio 2 DJ Driver (Version: 3.1.0.761 - Native Instruments) Hidden
Native Instruments Audio 4 DJ Driver (HKLM-x32\...\Native Instruments Audio 4 DJ Driver) (Version:  - Native Instruments)
Native Instruments Audio 4 DJ Driver (Version: 3.1.0.761 - Native Instruments) Hidden
Native Instruments Audio 8 DJ Driver (HKLM-x32\...\Native Instruments Audio 8 DJ Driver) (Version:  - Native Instruments)
Native Instruments Audio 8 DJ Driver (Version: 3.1.0.761 - Native Instruments) Hidden
Native Instruments Controller Editor (HKLM-x32\...\Native Instruments Controller Editor) (Version: 1.6.0.1528 - Native Instruments)
Native Instruments Controller Editor (Version: 1.6.0.1528 - Native Instruments) Hidden
Native Instruments FM8 (HKLM-x32\...\Native Instruments FM8) (Version:  - Native Instruments)
Native Instruments FM8 (Version: 1.2.0.1016 - Native Instruments) Hidden
Native Instruments Guitar Rig 5 (HKLM-x32\...\Native Instruments Guitar Rig 5) (Version:  - Native Instruments)
Native Instruments Guitar Rig 5 (Version: 5.0.2.2476 - Native Instruments) Hidden
Native Instruments Guitar Rig Factory Selection for Maschine (HKLM-x32\...\Native Instruments Guitar Rig Factory Selection for Maschine) (Version:  - Native Instruments)
Native Instruments Guitar Rig Factory Selection for Maschine (Version: 1.0.0.001 - Native Instruments) Hidden
Native Instruments Komplete 8 Players (HKLM-x32\...\Native Instruments Komplete 8 Players) (Version:  - Native Instruments)
Native Instruments Komplete 8 Players (Version: 8.0.0.003 - Native Instruments) Hidden
Native Instruments Kontakt 5 (HKLM-x32\...\Native Instruments Kontakt 5) (Version:  - Native Instruments)
Native Instruments Kontakt 5 (Version: 5.0.2.5641 - Native Instruments) Hidden
Native Instruments Kontakt Factory Selection (HKLM-x32\...\Native Instruments Kontakt Factory Selection) (Version:  - Native Instruments)
Native Instruments Kontakt Factory Selection (Version: 1.2.0.004 - Native Instruments) Hidden
Native Instruments Massive (HKLM-x32\...\Native Instruments Massive) (Version:  - Native Instruments)
Native Instruments Massive (Version: 1.3.0.2050 - Native Instruments) Hidden
Native Instruments Reaktor 5 (HKLM-x32\...\Native Instruments Reaktor 5) (Version:  - Native Instruments)
Native Instruments Reaktor 5 (Version: 5.6.1.11150 - Native Instruments) Hidden
Native Instruments Reaktor Factory Selection (HKLM-x32\...\Native Instruments Reaktor Factory Selection) (Version:  - Native Instruments)
Native Instruments Reaktor Factory Selection (Version: 1.1.0.002 - Native Instruments) Hidden
Native Instruments Service Center (HKLM-x32\...\Native Instruments Service Center) (Version: 2.4.4.1428 - Native Instruments)
Native Instruments Service Center (Version: 2.4.4.1428 - Native Instruments) Hidden
Native Instruments Traktor 2 (HKLM-x32\...\Native Instruments Traktor 2) (Version: 2.6.5.250 - Native Instruments)
Native Instruments Traktor 2 (Version: 2.6.5.250 - Native Instruments) Hidden
Native Instruments Traktor Audio 10 Driver (HKLM-x32\...\Native Instruments Traktor Audio 10 Driver) (Version:  - Native Instruments)
Native Instruments Traktor Audio 10 Driver (Version: 3.1.0.761 - Native Instruments) Hidden
Native Instruments Traktor Audio 2 Driver (HKLM-x32\...\Native Instruments Traktor Audio 2 Driver) (Version:  - Native Instruments)
Native Instruments Traktor Audio 2 Driver (Version: 3.1.0.761 - Native Instruments) Hidden
Native Instruments Traktor Audio 2 MK2 Driver (HKLM-x32\...\Native Instruments Traktor Audio 2 MK2 Driver) (Version:  - Native Instruments)
Native Instruments Traktor Audio 2 MK2 Driver (Version: 3.1.3.804 - Native Instruments) Hidden
Native Instruments Traktor Audio 6 Driver (HKLM-x32\...\Native Instruments Traktor Audio 6 Driver) (Version:  - Native Instruments)
Native Instruments Traktor Audio 6 Driver (Version: 3.1.0.761 - Native Instruments) Hidden
Native Instruments Traktor Kontrol F1 Driver (HKLM-x32\...\Native Instruments Traktor Kontrol F1 Driver) (Version:  - Native Instruments)
Native Instruments Traktor Kontrol F1 Driver (Version: 3.0.2.664 - Native Instruments) Hidden
Native Instruments Traktor Kontrol S2 Driver (HKLM-x32\...\Native Instruments Traktor Kontrol S2 Driver) (Version:  - Native Instruments)
Native Instruments Traktor Kontrol S2 Driver (Version: 3.1.0.761 - Native Instruments) Hidden
Native Instruments Traktor Kontrol S2 MK2 Driver (HKLM-x32\...\Native Instruments Traktor Kontrol S2 MK2 Driver) (Version:  - Native Instruments)
Native Instruments Traktor Kontrol S2 MK2 Driver (Version: 3.1.2.795 - Native Instruments) Hidden
Native Instruments Traktor Kontrol S4 Driver (HKLM-x32\...\Native Instruments Traktor Kontrol S4 Driver) (Version:  - Native Instruments)
Native Instruments Traktor Kontrol S4 Driver (Version: 3.1.0.761 - Native Instruments) Hidden
Native Instruments Traktor Kontrol S4 MK2 Driver (HKLM-x32\...\Native Instruments Traktor Kontrol S4 MK2 Driver) (Version:  - Native Instruments)
Native Instruments Traktor Kontrol S4 MK2 Driver (Version: 3.1.2.795 - Native Instruments) Hidden
Native Instruments Traktor Kontrol X1 Driver (HKLM-x32\...\Native Instruments Traktor Kontrol X1 Driver) (Version:  - Native Instruments)
Native Instruments Traktor Kontrol X1 Driver (Version: 3.0.1.648 - Native Instruments) Hidden
Native Instruments Traktor Kontrol X1 MK2 Driver (HKLM-x32\...\Native Instruments Traktor Kontrol X1 MK2 Driver) (Version:  - Native Instruments)
Native Instruments Traktor Kontrol X1 MK2 Driver (Version: 3.1.1.780 - Native Instruments) Hidden
Native Instruments Traktor Kontrol Z1 Driver (HKLM-x32\...\Native Instruments Traktor Kontrol Z1 Driver) (Version:  - Native Instruments)
Native Instruments Traktor Kontrol Z1 Driver (Version: 3.1.1.780 - Native Instruments) Hidden
Native Instruments Traktor Kontrol Z2 Driver (HKLM-x32\...\Native Instruments Traktor Kontrol Z2 Driver) (Version:  - Native Instruments)
Native Instruments Traktor Kontrol Z2 Driver (Version: 3.1.0.761 - Native Instruments) Hidden
Native.Instruments Battery v3.0.1.005 VSTi DXi RTAS (HKLM-x32\...\Native.Instruments Battery v3.0.1.005 VSTi DXi RTAS) (Version:  - )
Norton 360 (HKLM-x32\...\N360) (Version: 21.2.0.38 - Symantec Corporation)
Novation USB Audio Driver 2.5 (HKLM\...\Novation USB Audio Driver_is1) (Version: 2.5 - Novation DMS Ltd.)
NVIDIA PhysX (HKLM-x32\...\{DEA314C4-0929-4250-BC92-98E4C105F28D}) (Version: 9.10.0129 - NVIDIA Corporation)
OEM Application Profile (HKLM-x32\...\{C89A97B6-F991-EBB5-77B7-927BCF420EBE}) (Version: 1.00.0000 - Advanced Micro Devices, Inc.)
Ohm Force - Ohmicide RTAS (HKLM-x32\...\Ohmicide RTAS) (Version:  - )
Ohm Force - Ohmicide VST (HKLM-x32\...\Ohmicide VST) (Version:  - )
Origin (HKLM-x32\...\Origin) (Version: 9.4.6.2792 - Electronic Arts, Inc.)
Outsim Synthmaker  v1.08a (HKLM-x32\...\Outsim Synthmaker_is1) (Version:  - )
Oxy (HKCU\...\{9AAF2503-6CD5-414A-B5BA-37639B76C91F}) (Version:  - LADY'S WOOD 2013 LIMITED)
PDF Settings (x32 Version: 1.0 - Adobe Systems Incorporated) Hidden
Photo Common (x32 Version: 16.4.3503.0728 - Microsoft Corporation) Hidden
Photo Gallery (x32 Version: 16.4.3503.0728 - Microsoft Corporation) Hidden
PileFile reminder (HKCU\...\{56837588-F559-40CF-91D9-D439D405FB28}) (Version:  - LADY'S WOOD 2013 LIMITED)
Polar Bowler (x32 Version: 2.2.0.97 - WildTangent) Hidden
PSP VintageWarmer2 2.5.0 64bit (HKLM-x32\...\PSP VintageWarmer2 2.5.0 64bit) (Version: 2.5.0 64bit - PSPaudioware.com)
PunkBuster Services (HKLM-x32\...\PunkBusterSvc) (Version: 0.986 - Even Balance, Inc.)
QuickTime (HKLM-x32\...\{0E64B098-8018-4256-BA23-C316A43AD9B0}) (Version: 7.72.80.56 - Apple Inc.)
Ralink Bluetooth Stack64 (HKLM\...\{95DF815D-BE2D-9118-F549-39794C5869CF}) (Version: 9.0.725.0 - Ralink Corporation)
Ralink RT3290 802.11bgn Wi-Fi Adapter (HKLM-x32\...\{8FC4F1DD-F7FD-4766-804D-3C8FF1D309AF}) (Version: 5.0.5.0 - Ralink)
Ranch Rush 2 - Premium Edition (x32 Version: 2.2.0.98 - WildTangent) Hidden
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 8.3.730.2012 - Realtek)
Realtek PCIE Card Reader (HKLM-x32\...\{C1594429-8296-4652-BF54-9DBE4932A44C}) (Version: 6.2.8400.27025 - Realtek Semiconductor Corp.)
ReaPlugs (HKLM-x32\...\ReaPlugs) (Version:  - )
reditr version 0.3.0.0 (HKLM-x32\...\{75219F9B-0EB0-4991-852D-11349D5126F9}_is1) (Version: 0.3.0.0 - Reditr Software)
reFX Nexus VSTi RTAS v2.2.0 (HKLM-x32\...\reFX Nexus_is1) (Version:  - )
Revo Uninstaller 1.95 (HKLM-x32\...\Revo Uninstaller) (Version: 1.95 - VS Revo Group)
Rob Papen SubBoomBass 1.0.3c (HKLM-x32\...\SubBoomBass_is1) (Version:  - RPCX)
Royal Envoy 2 Collector's Edition (x32 Version: 3.0.2.32 - WildTangent) Hidden
Serato DJ  (HKLM-x32\...\{624de9f8-1dfa-405c-bca1-641a250eae48}) (Version: 1.5.2.17 - )
Serato DJ  (x32 Version: 1.5.2.17 - Serato) Hidden
Skype Click to Call (HKLM-x32\...\{BB285C9F-C821-4770-8970-56C4AB52C87E}) (Version: 7.0.14735.1561 - Microsoft Corporation)
Skype™ 6.11 (HKLM-x32\...\{4E76FF7E-AEBA-4C87-B788-CD47E5425B9D}) (Version: 6.11.102 - Skype Technologies S.A.)
Spotify (HKCU\...\Spotify) (Version: 0.9.8.296.g91f68827 - Spotify AB)
Steam (HKLM-x32\...\{048298C9-A4D3-490B-9FF9-AB023A9238F3}) (Version: 1.0.0.0 - Valve Corporation)
Steinberg Cubase 5 (HKLM-x32\...\{4A19D6AC-ADE0-4A07-80FF-9C9812C45557}) (Version: 5.1.0 - Steinberg Media Technologies GmbH)
Steinberg Groove Agent ONE Content (HKLM-x32\...\{BD86F1AC-B594-46E4-85DC-1258AC9E2232}) (Version: 1.0.0.003 - Steinberg Media Technologies GmbH)
Steinberg HALionOne (HKLM-x32\...\{E70E7159-93B1-470D-9FBD-D8E9EF34B538}) (Version: 1.1.0.457 - Steinberg Media Technologies GmbH)
Steinberg HALionOne Additional Content Set 01 (HKLM-x32\...\{F3AFD063-8BAD-485E-B641-E7F5A2C5AE71}) (Version: 1.0.0.001 - Steinberg Media Technologies GmbH)
Steinberg HALionOne Expression Set (HKLM-x32\...\{E22AD5D3-EB60-4A8F-835C-6C10E369DCE2}) (Version: 1.0.1.0 - Steinberg Media Technologies GmbH)
Steinberg HALionOne GM Drum Set (HKLM-x32\...\{AC997F93-0757-4ED4-A701-F40C2D654D09}) (Version: 1.0.1.457 - Steinberg Media Technologies GmbH)
Steinberg HALionOne GM Set (HKLM-x32\...\{F057965A-D974-4C64-ADB1-4381CD4B8956}) (Version: 1.0.1.457 - Steinberg Media Technologies GmbH)
Steinberg HALionOne Pro Set (HKLM-x32\...\{D82CDA0D-C182-42C8-8FF2-5649C98D6003}) (Version: 1.0.1.457 - Steinberg Media Technologies GmbH)
Steinberg HALionOne Studio Drum Set (HKLM-x32\...\{865D9ED1-EAC2-436D-AFA7-0B750EB5AAAB}) (Version: 1.0.1.457 - Steinberg Media Technologies GmbH)
Steinberg HALionOne Studio Set (HKLM-x32\...\{D23CBFDA-C46B-4920-BA70-FC7878A3F05A}) (Version: 1.0.1.457 - Steinberg Media Technologies GmbH)
Steinberg LoopMash Content (HKLM-x32\...\{4D454CF8-12FD-464D-B57B-B46FE27B78BB}) (Version: 1.0.0.005 - Steinberg Media Technologies GmbH)
Steinberg REVerence Content 01 (HKLM-x32\...\{532B917B-8235-4FA5-BE36-643A8BB053A5}) (Version: 1.0.0.006 - Steinberg Media Technologies GmbH)
swMSM (x32 Version: 12.0.0.1 - Adobe Systems, Inc) Hidden
Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 16.2.10.12 - Synaptics Incorporated)
Synth One (x32 Version: 3.4.4 - McDSP) Hidden
SynthMaker 1.0 (HKLM-x32\...\SynthMaker) (Version:  - Outsim)
System Requirements Lab Detection (HKLM-x32\...\{A407FC22-36BF-4C82-A516-59D94BC505A9}) (Version: 1.0.5.0 - Husdawg, LLC)
Team Fortress 2 (HKLM-x32\...\Steam App 440) (Version:  - Valve)
Trinklit Supreme (x32 Version: 2.2.0.98 - WildTangent) Hidden
Unity Web Player (HKCU\...\UnityWebPlayer) (Version:  - Unity Technologies ApS)
Update for 2007 Microsoft Office System (KB967642) (HKLM-x32\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{C444285D-5E4F-48A4-91DD-47AAAA68E92D}) (Version:  - Microsoft)
Update for Microsoft Office 2007 Help for Common Features (KB963673) (HKLM-x32\...\{90120000-006E-0409-0000-0000000FF1CE}_ENTERPRISE_{AB365889-0395-4FAD-B702-CA5985D53D42}) (Version:  - Microsoft)
Update for Microsoft Office 2007 suites (KB2596620) 32-Bit Edition (HKLM-x32\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{A024FC7B-77DE-45DE-A058-1C049A17BFB3}) (Version:  - Microsoft)
Update for Microsoft Office 2007 suites (KB2687493) 32-Bit Edition (HKLM-x32\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{6FAA03BD-2B51-4029-9AD9-64A3B8E3C84C}) (Version:  - Microsoft)
Update for Microsoft Office 2007 suites (KB2767849) 32-Bit Edition (HKLM-x32\...\{90120000-002A-0000-1000-0000000FF1CE}_ENTERPRISE_{CB68A5B0-3508-4193-AEB9-AF636DAECE0F}) (Version:  - Microsoft)
Update for Microsoft Office 2007 suites (KB2767849) 32-Bit Edition (HKLM-x32\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{CB68A5B0-3508-4193-AEB9-AF636DAECE0F}) (Version:  - Microsoft)
Update for Microsoft Office 2007 suites (KB2767916) 32-Bit Edition (HKLM-x32\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{E9A82945-BA29-4EE8-8F2A-2F49545E9CF2}) (Version:  - Microsoft)
Update for Microsoft Office Access 2007 Help (KB963663) (HKLM-x32\...\{90120000-0015-0409-0000-0000000FF1CE}_ENTERPRISE_{6B76A18A-AA1E-42AB-A7AD-6C84BBB43987}) (Version:  - Microsoft)
Update for Microsoft Office Excel 2007 Help (KB963678) (HKLM-x32\...\{90120000-0016-0409-0000-0000000FF1CE}_ENTERPRISE_{199DF7B6-169C-448C-B511-1054101BE9C9}) (Version:  - Microsoft)
Update for Microsoft Office Infopath 2007 Help (KB963662) (HKLM-x32\...\{90120000-0044-0409-0000-0000000FF1CE}_ENTERPRISE_{716B81B8-B13C-41DF-8EAC-7A2F656CAB63}) (Version:  - Microsoft)
Update for Microsoft Office OneNote 2007 Help (KB963670) (HKLM-x32\...\{90120000-00A1-0409-0000-0000000FF1CE}_ENTERPRISE_{2744EF05-38E1-4D5D-B333-E021EDAEA245}) (Version:  - Microsoft)
Update for Microsoft Office Outlook 2007 (KB2687404) 32-Bit Edition (HKLM-x32\...\{90120000-001A-0409-0000-0000000FF1CE}_ENTERPRISE_{ED38F8A3-4F61-494E-8BCA-E3AC7760C924}) (Version:  - Microsoft)
Update for Microsoft Office Outlook 2007 (KB2863811) 32-Bit Edition (HKLM-x32\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{53DEC068-4690-4F6B-9946-7D21EF02236B}) (Version:  - Microsoft)
Update for Microsoft Office Outlook 2007 Help (KB963677) (HKLM-x32\...\{90120000-001A-0409-0000-0000000FF1CE}_ENTERPRISE_{0451F231-E3E3-4943-AB9F-58EB96171784}) (Version:  - Microsoft)
Update for Microsoft Office Outlook 2007 Junk Email Filter (KB2878297) 32-Bit Edition (HKLM-x32\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{9B1DEEA3-B4ED-49F0-9EF7-4A820EEEA7F1}) (Version:  - Microsoft)
Update for Microsoft Office Powerpoint 2007 Help (KB963669) (HKLM-x32\...\{90120000-0018-0409-0000-0000000FF1CE}_ENTERPRISE_{397B1D4F-ED7B-4ACA-A637-43B670843876}) (Version:  - Microsoft)
Update for Microsoft Office Publisher 2007 Help (KB963667) (HKLM-x32\...\{90120000-0019-0409-0000-0000000FF1CE}_ENTERPRISE_{2E40DE55-B289-4C8B-8901-5D369B16814F}) (Version:  - Microsoft)
Update for Microsoft Office Script Editor Help (KB963671) (HKLM-x32\...\{90120000-006E-0409-0000-0000000FF1CE}_ENTERPRISE_{CD11C6A2-FFC6-4271-8EAB-79C3582F505C}) (Version:  - Microsoft)
Update for Microsoft Office Word 2007 Help (KB963665) (HKLM-x32\...\{90120000-001B-0409-0000-0000000FF1CE}_ENTERPRISE_{80E762AA-C921-4839-9D7D-DB62A72C0726}) (Version:  - Microsoft)
Update Installer for WildTangent Games App (x32 Version:  - WildTangent) Hidden
UxStyle (HKLM-x32\...\{05560347-3a9b-4644-a8ed-8b64cc947189}) (Version: 0.2.3.0 - The Within Network, LLC)
UxStyle (Version: 0.2.3.0 - The Within Network, LLC) Hidden
Validity WBF DDK (HKLM\...\{1F91C200-8F0F-4009-A75E-DB6CE151BD4E}) (Version: 4.4.234.0 - Validity Sensors, Inc.)
Virtual Families (x32 Version: 2.2.0.98 - WildTangent) Hidden
VirtualDJ PRO Full (HKLM-x32\...\{4769E972-2E92-49C5-B6F9-465EFD0C4D94}) (Version: 7.0.5 - Atomix Productions)
Visual C++ 64-bit Redistributables (HKLM-x32\...\InstallShield_{FB03650C-B373-4B20-ACA5-B7BA1A8EEE33}) (Version: 1.2.0.5555 - PACE Anti-Piracy, Inc.)
Visual C++ 64-bit Redistributables (Version: 1.2.0.5555 - PACE Anti-Piracy, Inc.) Hidden
Visual C++ Redistributables (HKLM-x32\...\InstallShield_{F03117FA-9270-46B0-9666-0B4BC2CDEBF5}) (Version: 1.2.0.5555 - PACE Anti-Piracy, Inc.)
Visual C++ Redistributables (x32 Version: 1.2.0.5555 - PACE Anti-Piracy, Inc.) Hidden
Visual Studio 2012 x64 Redistributables (HKLM\...\{8C775E70-A791-4DA8-BCC3-6AB7136F4484}) (Version: 14.0.0.1 - AVG Technologies)
Visual Studio 2012 x86 Redistributables (HKLM-x32\...\{98EFF19A-30AB-4E4B-B943-F06B1C63EBF8}) (Version: 14.0.0.1 - AVG Technologies CZ, s.r.o.)
Vuze (HKLM-x32\...\8461-7759-5462-8226) (Version: 5.2.0.0 - Azureus Software, Inc.)
Wedding Dash (x32 Version: 2.2.0.95 - WildTangent) Hidden
WildTangent Games (HKLM-x32\...\WildTangent wildgames Master Uninstall) (Version: 1.0.3.0 - WildTangent)
WildTangent Games App (x32 Version: 4.0.9.7 - WildTangent) Hidden
Windows Driver Package - Focusrite USB 2.0 Audio Driver (07/07/2011 15.32.4.883) (HKLM\...\F4B837225347AABC4F4DB6067C4D5642AF04B34C) (Version: 07/07/2011 15.32.4.883 - Focusrite)
Windows Live Communications Platform (x32 Version: 16.4.3503.0728 - Microsoft Corporation) Hidden
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 16.4.3503.0728 - Microsoft Corporation)
Windows Live Essentials (x32 Version: 16.4.3503.0728 - Microsoft Corporation) Hidden
Windows Live Installer (x32 Version: 16.4.3503.0728 - Microsoft Corporation) Hidden
Windows Live Photo Common (x32 Version: 16.4.3503.0728 - Microsoft Corporation) Hidden
Windows Live PIMT Platform (x32 Version: 16.4.3503.0728 - Microsoft Corporation) Hidden
Windows Live SOXE (x32 Version: 16.4.3503.0728 - Microsoft Corporation) Hidden
Windows Live SOXE Definitions (x32 Version: 16.4.3503.0728 - Microsoft Corporation) Hidden
Windows Live UX Platform (x32 Version: 16.4.3503.0728 - Microsoft Corporation) Hidden
Windows Live UX Platform Language Pack (x32 Version: 16.4.3503.0728 - Microsoft Corporation) Hidden
WinRAR 5.00 beta 8 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.00.8 - win.rar GmbH)
WOW (HKLM-x32\...\WOW) (Version: 1.0 - Sugar Bytes)
Youda Jewel Shop (x32 Version: 3.0.2.32 - WildTangent) Hidden
Zuma's Revenge (x32 Version: 2.2.0.98 - WildTangent) Hidden
 
==================== Restore Points  =========================
 
24-03-2014 15:59:41 Installed Gif Recorder
29-03-2014 23:07:10 Installed DirectX
31-03-2014 01:40:39 Installed Classic Shell
08-04-2014 14:33:18 Revo Uninstaller's restore point - Oxy
 
==================== Hosts content: ==========================
 
2012-07-26 06:26 - 2012-07-26 06:26 - 00000824 ____N C:\Windows\system32\Drivers\etc\hosts
 
==================== Scheduled Tasks (whitelisted) =============
 
Task: {0DAEBCCF-D713-4519-ABF6-FBCDD615EDDD} - System32\Tasks\PileFile reminder => C:\Users\Millar\AppData\Local\Temp\Goat SimulatorDownload_8A93\Goat_Simulator_Downloader.exe <==== ATTENTION
Task: {158B622A-E6C8-4580-93D9-3AF6C45B9BB4} - System32\Tasks\Microsoft\Windows\Setup\Windows Upgrade Notification Task => C:\Windows\system32\NotificationUI.exe [2013-08-16] (Microsoft Corporation)
Task: {1AAFF332-5C62-4558-9991-DAA649C4C9C5} - System32\Tasks\Microsoft\Windows\Sysmain\WsSwapAssessmentTask => Rundll32.exe sysmain.dll,PfSvWsSwapAssessmentTask
Task: {23A5D8BE-9196-40EB-BD89-794398B2B073} - System32\Tasks\Microsoft\Windows\WS\WSRefreshBannedAppsListTask => Rundll32.exe WSClient.dll,RefreshBannedAppsList
Task: {3C7B6220-0730-4A08-93AB-244FAD838EFD} - System32\Tasks\Norton 360\Norton Error Analyzer => C:\Program Files (x86)\Norton 360\Engine\21.2.0.38\SymErr.exe [2014-01-30] (Symantec Corporation)
Task: {407981B1-8203-43FB-88D2-6B1FDF978557} - System32\Tasks\Microsoft_MKC_Logon_Task_ipoint.exe => c:\Program Files\Microsoft Mouse and Keyboard Center\ipoint.exe [2013-05-13] (Microsoft Corporation)
Task: {419C38C0-9338-491C-994D-51AB5BE10DF4} - System32\Tasks\Microsoft_MKC_Logon_Task_itype.exe => c:\Program Files\Microsoft Mouse and Keyboard Center\itype.exe [2013-05-13] (Microsoft Corporation)
Task: {4CA0461D-2043-40CB-B559-1D4CE268DD75} - System32\Tasks\Microsoft_Hardware_Launch_mousekeyboardcenter_exe => c:\Program Files\Microsoft Mouse and Keyboard Center\mousekeyboardcenter.exe [2013-05-13] (Microsoft)
Task: {4E1B2A54-A798-4DA6-9303-C3D61EB9D138} - System32\Tasks\Hewlett-Packard\HP Support Assistant\PC Health Analysis => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe [2012-09-27] (Hewlett-Packard Company)
Task: {52D4FB09-61FF-45BC-87E6-3264D694C32C} - System32\Tasks\Hewlett-Packard\HP Support Assistant\Update Check => C:\ProgramData\Hewlett-Packard\HP Support Framework\Resources\Updater7\HPSFUpdater.exe [2012-09-05] (Hewlett-Packard Company)
Task: {55C86C6E-A5C4-4C96-B026-C575446CA944} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Assistant Quick Start => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe [2012-09-27] (Hewlett-Packard Company)
Task: {5CD4B831-3F53-4034-9152-DEFD76717101} - System32\Tasks\PileFile logon => C:\Users\Millar\AppData\Local\Temp\Goat SimulatorDownload_8A93\Goat_Simulator_Downloader.exe <==== ATTENTION
Task: {5F3BA72D-DA81-45F1-8681-170AEBDAFDCE} - System32\Tasks\CLMLSvc_P2G8 => C:\Program Files (x86)\CyberLink\Power2Go8\CLMLSvc_P2G8.exe [2012-06-08] (CyberLink)
Task: {5FF7F766-B05E-4B31-AC96-3850E584A7B3} - System32\Tasks\Synaptics TouchPad Enhancements => \Program Files\Synaptics\SynTP\SynTPEnh.exe [2012-08-25] (Synaptics Incorporated)
Task: {6E5AFE56-E97A-45A4-810D-5DF78E2FA97A} - System32\Tasks\Norton WSC Integration => C:\Program Files (x86)\Norton 360\Engine\21.2.0.38\WSCStub.exe [2014-03-12] (Symantec Corporation)
Task: {7407D4CF-A647-4B31-A879-FD9A8EC91029} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2013-08-31] (Google Inc.)
Task: {7746DB4D-5B76-4114-8B39-26149C6C5EA4} - System32\Tasks\Oxy => C:\Users\Millar\AppData\Roaming\Oxy\Updater.exe [2014-03-31] () <==== ATTENTION
Task: {78D583E0-D4CE-466E-9D50-414466A1DCBB} - System32\Tasks\MirageAgent => C:\Program Files (x86)\CyberLink\YouCam\YCMMirage.exe [2012-10-12] (CyberLink)
Task: {86DB198F-957A-41CF-91AE-065C7BD74087} - System32\Tasks\Microsoft_Hardware_Launch_ipoint_exe => c:\Program Files\Microsoft Mouse and Keyboard Center\ipoint.exe [2013-05-13] (Microsoft Corporation)
Task: {A2594AE1-83A3-4AD0-9B89-A609609CEC47} - System32\Tasks\Norton 360\Norton Error Processor => C:\Program Files (x86)\Norton 360\Engine\21.2.0.38\SymErr.exe [2014-01-30] (Symantec Corporation)
Task: {A72208BF-7A49-4FB8-B684-252375F3443A} - System32\Tasks\Microsoft\Windows\WS\License Validation => Rundll32.exe WSClient.dll,WSpTLR licensing
Task: {C24D5A28-DD6E-47F3-9984-B80A1042B0EC} - System32\Tasks\Microsoft_Hardware_Launch_itype_exe => c:\Program Files\Microsoft Mouse and Keyboard Center\itype.exe [2013-05-13] (Microsoft Corporation)
Task: {C3BC3307-48B4-4B29-AAB7-327ED9900A2A} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2013-08-31] (Google Inc.)
Task: {C6A88F2D-53D2-4805-9D69-443738A1847C} - System32\Tasks\Microsoft\Windows\ApplicationData\CleanupTemporaryState => Rundll32.exe Windows.Storage.ApplicationData.dll,CleanupTemporaryState
Task: {CA3A5EAE-B0E7-4750-91EE-FD3F61721E3D} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2011-06-01] (Apple Inc.)
Task: {CE07B964-76F7-40C3-BCBE-6BDB9646A4D2} - System32\Tasks\Microsoft\Windows\Setup\Pre-staged GDR Notification => C:\Windows\system32\NotificationUI.exe [2013-08-16] (Microsoft Corporation)
Task: {EBF06DEC-4228-4813-AC0C-62821AE4E330} - System32\Tasks\Microsoft\Windows\Application Experience\StartupAppTask => Rundll32.exe Startupscan.dll,SusRunTask
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
 
==================== Loaded Modules (whitelisted) =============
 
2013-01-23 02:27 - 2013-01-23 02:27 - 00073728 _____ () C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Container.Wlan.dll
2013-09-29 20:30 - 2014-01-09 23:46 - 00066872 _____ () C:\Windows\SysWOW64\PnkBstrA.exe
2012-09-06 01:47 - 2012-09-06 01:47 - 00028160 _____ () C:\Windows\system32\valWBFPolicyService.exe
2012-09-19 18:37 - 2012-09-19 18:37 - 00017160 _____ () C:\Windows\system32\BsHelpCSps.dll
2013-04-05 12:58 - 2013-04-05 12:58 - 00954696 _____ () C:\Program Files\Common Files\Apple\Internet Services\ShellStreams64.dll
2012-09-19 18:37 - 2012-09-19 18:37 - 00363784 _____ () C:\Windows\system32\BsExtendFunc.dll
2012-09-19 18:37 - 2012-09-19 18:37 - 00029960 _____ () C:\Windows\system32\BsTrace.dll
2012-09-19 18:37 - 2012-09-19 18:37 - 00062216 _____ () C:\Windows\system32\BlueSoleilCSps.dll
2013-04-02 03:46 - 2013-01-02 23:55 - 00175008 _____ () C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16.4.4406.1205_x64__8wekyb3d8bbwe\ModernShared\ErrorReporting\ErrorReporting.dll
2012-08-10 01:36 - 2012-08-10 01:36 - 04073320 _____ () C:\Program Files (x86)\HP SimplePass\IEWebSiteLogon.exe
2013-01-23 02:27 - 2013-01-23 02:27 - 00103424 _____ () C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Proxy.Native.dll
2012-11-27 12:56 - 2012-11-27 12:56 - 00124288 _____ () C:\Program Files (x86)\Hewlett-Packard\HP Connected Remote\HPItunesModule.dll
2012-11-27 12:56 - 2012-11-27 12:56 - 00051072 _____ () C:\Program Files (x86)\Hewlett-Packard\HP Connected Remote\HPItunesProxy.dll
2012-11-27 12:56 - 2012-11-27 12:56 - 00018432 _____ () C:\Program Files (x86)\Hewlett-Packard\HP Connected Remote\PowerDVD.dll
2013-04-01 19:29 - 2013-04-01 19:29 - 01102336 _____ () C:\Program Files (x86)\Hewlett-Packard\HP Connected Remote\System.Data.SQLite.dll
2012-11-27 12:56 - 2012-11-27 12:56 - 00180224 _____ () C:\Program Files (x86)\Hewlett-Packard\HP Connected Remote\zxing.dll
2013-08-31 20:18 - 2013-08-31 20:18 - 00124288 _____ () C:\Users\Millar\AppData\Local\assembly\dl3\94VJ20R1.2N3\EW3QRP5D.LZ3\a5175339\0085223f_96cccd01\HPItunesModule.DLL
2013-08-31 20:18 - 2013-08-31 20:18 - 00018432 _____ () C:\Users\Millar\AppData\Local\assembly\dl3\94VJ20R1.2N3\EW3QRP5D.LZ3\2e6a27d4\00df8441_96cccd01\PowerDVD.DLL
2014-04-04 16:09 - 2014-04-10 01:12 - 00602680 _____ () C:\Users\Millar\AppData\Roaming\Spotify\Data\SpotifyHelper.exe
2013-04-21 21:44 - 2013-04-21 21:44 - 00087952 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll
2013-04-21 21:44 - 2013-04-21 21:44 - 01242952 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll
2012-09-19 18:37 - 2012-09-19 18:37 - 00029960 _____ () C:\Windows\SYSTEM32\BsTrace.dll
2012-09-19 18:37 - 2012-09-19 18:37 - 00017160 _____ () C:\Windows\SYSTEM32\BsHelpCSps.dll
2012-09-19 18:37 - 2012-09-19 18:37 - 00062216 _____ () C:\Windows\SYSTEM32\BlueSoleilCSps.dll
2013-07-07 08:52 - 2012-06-08 04:34 - 00627216 _____ () C:\Program Files (x86)\CyberLink\Power2Go8\CLMediaLibrary.dll
2012-06-08 11:34 - 2012-06-08 11:34 - 00016400 _____ () C:\Program Files (x86)\CyberLink\Power2Go8\CLMLSvcPS.dll
2012-09-19 18:37 - 2012-09-19 18:37 - 00079624 _____ () C:\Windows\SYSTEM32\BsProfilefunc.dll
2012-09-19 18:37 - 2012-09-19 18:37 - 00363784 _____ () C:\Windows\SYSTEM32\BsExtendFunc.dll
2014-04-10 16:47 - 2014-04-10 16:47 - 00098816 _____ () C:\Users\Millar\AppData\Local\Temp\_MEI30282\win32api.pyd
2014-04-10 16:47 - 2014-04-10 16:47 - 00110080 _____ () C:\Users\Millar\AppData\Local\Temp\_MEI30282\pywintypes27.dll
2014-04-10 16:47 - 2014-04-10 16:47 - 00364544 _____ () C:\Users\Millar\AppData\Local\Temp\_MEI30282\pythoncom27.dll
2014-04-10 16:47 - 2014-04-10 16:47 - 00044032 _____ () C:\Users\Millar\AppData\Local\Temp\_MEI30282\_socket.pyd
2014-04-10 16:47 - 2014-04-10 16:47 - 01157120 _____ () C:\Users\Millar\AppData\Local\Temp\_MEI30282\_ssl.pyd
2014-04-10 16:47 - 2014-04-10 16:47 - 00320512 _____ () C:\Users\Millar\AppData\Local\Temp\_MEI30282\win32com.shell.shell.pyd
2014-04-10 16:47 - 2014-04-10 16:47 - 00712192 _____ () C:\Users\Millar\AppData\Local\Temp\_MEI30282\_hashlib.pyd
2014-04-10 16:47 - 2014-04-10 16:47 - 01175040 _____ () C:\Users\Millar\AppData\Local\Temp\_MEI30282\wx._core_.pyd
2014-04-10 16:47 - 2014-04-10 16:47 - 00805888 _____ () C:\Users\Millar\AppData\Local\Temp\_MEI30282\wx._gdi_.pyd
2014-04-10 16:47 - 2014-04-10 16:47 - 00811008 _____ () C:\Users\Millar\AppData\Local\Temp\_MEI30282\wx._windows_.pyd
2014-04-10 16:47 - 2014-04-10 16:47 - 01062400 _____ () C:\Users\Millar\AppData\Local\Temp\_MEI30282\wx._controls_.pyd
2014-04-10 16:47 - 2014-04-10 16:47 - 00735232 _____ () C:\Users\Millar\AppData\Local\Temp\_MEI30282\wx._misc_.pyd
2014-04-10 16:47 - 2014-04-10 16:47 - 00128512 _____ () C:\Users\Millar\AppData\Local\Temp\_MEI30282\_elementtree.pyd
2014-04-10 16:47 - 2014-04-10 16:47 - 00127488 _____ () C:\Users\Millar\AppData\Local\Temp\_MEI30282\pyexpat.pyd
2014-04-10 16:47 - 2014-04-10 16:47 - 00557056 _____ () C:\Users\Millar\AppData\Local\Temp\_MEI30282\pysqlite2._sqlite.pyd
2014-04-10 16:47 - 2014-04-10 16:47 - 00087040 _____ () C:\Users\Millar\AppData\Local\Temp\_MEI30282\_ctypes.pyd
2014-04-10 16:47 - 2014-04-10 16:47 - 00119808 _____ () C:\Users\Millar\AppData\Local\Temp\_MEI30282\win32file.pyd
2014-04-10 16:47 - 2014-04-10 16:47 - 00108544 _____ () C:\Users\Millar\AppData\Local\Temp\_MEI30282\win32security.pyd
2014-04-10 16:47 - 2014-04-10 16:47 - 00018432 _____ () C:\Users\Millar\AppData\Local\Temp\_MEI30282\win32event.pyd
2014-04-10 16:47 - 2014-04-10 16:47 - 00038912 _____ () C:\Users\Millar\AppData\Local\Temp\_MEI30282\win32inet.pyd
2014-04-10 16:47 - 2014-04-10 16:47 - 00122368 _____ () C:\Users\Millar\AppData\Local\Temp\_MEI30282\wx._wizard.pyd
2014-04-10 16:47 - 2014-04-10 16:47 - 00070656 _____ () C:\Users\Millar\AppData\Local\Temp\_MEI30282\wx._html2.pyd
2014-04-10 16:47 - 2014-04-10 16:47 - 00026624 _____ () C:\Users\Millar\AppData\Local\Temp\_MEI30282\_multiprocessing.pyd
2014-04-10 16:47 - 2014-04-10 16:47 - 00010240 _____ () C:\Users\Millar\AppData\Local\Temp\_MEI30282\select.pyd
2014-04-10 16:47 - 2014-04-10 16:47 - 00024064 _____ () C:\Users\Millar\AppData\Local\Temp\_MEI30282\win32pipe.pyd
2014-04-10 16:47 - 2014-04-10 16:47 - 00686080 _____ () C:\Users\Millar\AppData\Local\Temp\_MEI30282\unicodedata.pyd
2014-04-10 16:47 - 2014-04-10 16:47 - 00025600 _____ () C:\Users\Millar\AppData\Local\Temp\_MEI30282\win32pdh.pyd
2014-04-10 16:47 - 2014-04-10 16:47 - 00525640 _____ () C:\Users\Millar\AppData\Local\Temp\_MEI30282\windows._lib_cacheinvalidation.pyd
2014-04-10 16:47 - 2014-04-10 16:47 - 00011264 _____ () C:\Users\Millar\AppData\Local\Temp\_MEI30282\win32crypt.pyd
2014-04-10 16:47 - 2014-04-10 16:47 - 00035840 _____ () C:\Users\Millar\AppData\Local\Temp\_MEI30282\win32process.pyd
2014-04-10 16:47 - 2014-04-10 16:47 - 00017408 _____ () C:\Users\Millar\AppData\Local\Temp\_MEI30282\win32profile.pyd
2014-04-10 16:47 - 2014-04-10 16:47 - 00022528 _____ () C:\Users\Millar\AppData\Local\Temp\_MEI30282\win32ts.pyd
2014-04-10 17:03 - 2014-04-02 02:57 - 00065352 _____ () C:\Program Files (x86)\Google\Chrome\Application\34.0.1847.116\chrome_elf.dll
2014-04-10 17:03 - 2014-04-02 02:57 - 00674632 _____ () C:\Program Files (x86)\Google\Chrome\Application\34.0.1847.116\libglesv2.dll
2014-04-10 17:03 - 2014-04-02 02:57 - 00093000 _____ () C:\Program Files (x86)\Google\Chrome\Application\34.0.1847.116\libegl.dll
2014-04-10 17:03 - 2014-04-02 02:57 - 04081480 _____ () C:\Program Files (x86)\Google\Chrome\Application\34.0.1847.116\pdf.dll
2014-04-10 17:03 - 2014-04-02 02:58 - 00390472 _____ () C:\Program Files (x86)\Google\Chrome\Application\34.0.1847.116\ppGoogleNaClPluginChrome.dll
2014-04-10 17:03 - 2014-04-02 02:57 - 01647432 _____ () C:\Program Files (x86)\Google\Chrome\Application\34.0.1847.116\ffmpegsumo.dll
2014-04-10 17:03 - 2014-04-02 02:58 - 13691720 _____ () C:\Program Files (x86)\Google\Chrome\Application\34.0.1847.116\PepperFlash\pepflashplayer.dll
2013-09-04 18:26 - 2010-01-26 07:38 - 00102400 _____ () C:\Program Files (x86)\Audacity\Plug-Ins\gverb_1216.dll
2013-09-04 18:26 - 2010-01-26 07:38 - 00098304 _____ () C:\Program Files (x86)\Audacity\Plug-Ins\hard_limiter_1413.dll
2013-09-04 18:26 - 2010-01-26 07:38 - 00106496 _____ () C:\Program Files (x86)\Audacity\Plug-Ins\sc4_1882.dll
2014-04-04 16:09 - 2014-04-10 01:12 - 36966968 _____ () C:\Users\Millar\AppData\Roaming\Spotify\Data\libcef.dll
2014-04-04 16:09 - 2014-04-10 01:12 - 00886840 _____ () C:\Users\Millar\AppData\Roaming\Spotify\Data\libglesv2.dll
2014-04-04 16:09 - 2014-04-10 01:12 - 00108600 _____ () C:\Users\Millar\AppData\Roaming\Spotify\Data\libegl.dll
 
==================== Alternate Data Streams (whitelisted) =========
 
AlternateDataStreams: C:\ProgramData\Microsoft:auLN9kMBrMNXHFEjM9u28XetU
AlternateDataStreams: C:\ProgramData\Microsoft:fro5HtrzQUkFnGLu2XNEw0
AlternateDataStreams: C:\ProgramData\Microsoft:qQ6kWbnGbAwzIyGvN1EM
AlternateDataStreams: C:\ProgramData\Microsoft:wk2rwKU8wb75vjT8QqoG
AlternateDataStreams: C:\Users\Millar\AppData\Local:sbFm6s7mQH28xxCuqdlpuYAn24
AlternateDataStreams: C:\Users\Millar\AppData\Local\gqqvg8MFUDt0zP:JZm5uNRrDYn5RMWYEVbZ8tq7Zp
AlternateDataStreams: C:\Users\Millar\AppData\Local\R1uQ50Ba:0fdAx0EJ3oA9OLx9k4C
AlternateDataStreams: C:\Users\Millar\AppData\Local\Temp:hCP9U9hkjEJM4IFKCplmsmrrwj
 
==================== Safe Mode (whitelisted) ===================
 
 
==================== Disabled items from MSCONFIG ==============
 
 
==================== Faulty Device Manager Devices =============
 
Name: Validity Sensors (WBF) (PID=0018)
Description: Validity Sensors (WBF) (PID=0018)
Class Guid: {53d29ef7-377c-4d14-864b-eb3a85769359}
Manufacturer: Validity Sensors, Inc.
Service: WUDFRd
Problem: : Windows cannot start this hardware device because its configuration information (in the registry) is incomplete or damaged. (Code 19)
Resolution: A registry problem was detected.
 This can occur when more than one service is defined for a device, if there is a failure opening the service subkey, or if the driver name cannot be obtained from the service subkey. Try these options:
On the "General Properties" tab of the device, click "Troubleshoot" to start the troubleshooting wizard.
Click "Uninstall", and then click "Scan for hardware changes" to load a usable driver.
 
Name: Teredo Tunneling Pseudo-Interface
Description: Microsoft Teredo Tunneling Adapter
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: tunnel
Problem: : This device cannot start. (Code10)
Resolution: Device failed to start. Click "Update Driver" to update the drivers for this device.
On the "General Properties" tab of the device, click "Troubleshoot" to start the troubleshooting wizard.
 
Name: 
Description: 
Class Guid: 
Manufacturer: 
Service: 
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.
 
 
==================== Event log errors: =========================
 
Application errors:
==================
Error: (04/10/2014 00:57:52 AM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 16163887
 
Error: (04/10/2014 00:57:52 AM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 16163887
 
Error: (04/10/2014 00:57:52 AM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second
 
Error: (04/09/2014 03:35:50 AM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 1450
 
Error: (04/09/2014 03:35:50 AM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 1450
 
Error: (04/09/2014 03:35:50 AM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second
 
Error: (04/08/2014 02:22:49 PM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 51480096
 
Error: (04/08/2014 02:22:49 PM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 51480096
 
Error: (04/08/2014 02:22:49 PM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second
 
Error: (04/08/2014 02:22:47 PM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 51478567
 
 
System errors:
=============
Error: (04/10/2014 04:46:02 PM) (Source: Service Control Manager) (User: )
Description: The Bluetooth Support Service service failed to start due to the following error: 
%%1079
 
Error: (04/10/2014 04:45:35 PM) (Source: EventLog) (User: )
Description: The previous system shutdown at 13:59:17 on ‎10/‎04/‎2014 was unexpected.
 
Error: (04/10/2014 01:22:37 PM) (Source: Service Control Manager) (User: )
Description: The Software Protection service failed to start due to the following error: 
%%1053
 
Error: (04/10/2014 01:22:37 PM) (Source: Service Control Manager) (User: )
Description: A timeout was reached (30000 milliseconds) while waiting for the Software Protection service to connect.
 
Error: (04/10/2014 01:19:21 PM) (Source: Service Control Manager) (User: )
Description: The Bluetooth Support Service service failed to start due to the following error: 
%%1079
 
Error: (04/08/2014 03:23:14 PM) (Source: DCOM) (User: MILLAR)
Description: application-specificLocalActivation{4991D34B-80A1-4291-83B6-3328366B9097}{69AD4AEE-51BE-439B-A92C-86AE490E8B30}MillarMillarS-1-5-21-2329229836-4189106460-3123090683-1002LocalHost (Using LRPC)UnavailableUnavailable
 
Error: (04/08/2014 03:01:41 PM) (Source: DCOM) (User: MILLAR)
Description: machine-defaultLocalActivation{3EEF301F-B596-4C0B-BD92-013BEAFCE793}{3EEF301F-B596-4C0B-BD92-013BEAFCE793}MillarMillarS-1-5-21-2329229836-4189106460-3123090683-1002LocalHost (Using LRPC)UnavailableUnavailable
 
Error: (04/08/2014 02:54:47 PM) (Source: Service Control Manager) (User: )
Description: The Bluetooth Support Service service failed to start due to the following error: 
%%1079
 
Error: (04/08/2014 02:27:37 PM) (Source: DCOM) (User: MILLAR)
Description: machine-defaultLocalActivation{3EEF301F-B596-4C0B-BD92-013BEAFCE793}{3EEF301F-B596-4C0B-BD92-013BEAFCE793}MillarMillarS-1-5-21-2329229836-4189106460-3123090683-1002LocalHost (Using LRPC)UnavailableUnavailable
 
Error: (04/08/2014 02:23:41 PM) (Source: DCOM) (User: MILLAR)
Description: application-specificLocalActivation{4991D34B-80A1-4291-83B6-3328366B9097}{69AD4AEE-51BE-439B-A92C-86AE490E8B30}MillarMillarS-1-5-21-2329229836-4189106460-3123090683-1002LocalHost (Using LRPC)UnavailableUnavailable
 
 
Microsoft Office Sessions:
=========================
Error: (03/28/2014 05:13:07 AM) (Source: Microsoft Office 12 Sessions)(User: )
Description: ID: 0, Application Name: Microsoft Office Word, Application Version: 12.0.6690.5000, Microsoft Office Version: 12.0.6612.1000. This session lasted 36194 seconds with 5280 seconds of active time.  This session ended with a crash.
 
 
==================== Memory info =========================== 
 
Percentage of memory in use: 41%
Total physical RAM: 7642.25 MB
Available physical RAM: 4478.45 MB
Total Pagefile: 8794.25 MB
Available Pagefile: 4855.67 MB
Total Virtual: 8192 MB
Available Virtual: 8191.84 MB
 
==================== Drives ================================
 
Drive c: () (Fixed) (Total:904.58 GB) (Free:671.5 GB) NTFS ==>[System with boot components (obtained from reading drive)]
Drive d: (RECOVERY) (Fixed) (Total:26.16 GB) (Free:3.12 GB) NTFS ==>[System with boot components (obtained from reading drive)]
Drive e: (FARCRY2) (CDROM) (Total:3.67 GB) (Free:0 GB) UDF
 
==================== MBR & Partition Table ==================
 
========================================================
Disk: 0 (Size: 932 GB) (Disk ID: EDDF4297)
 
Partition: GPT Partition Type.
 
==================== End Of Log ============================


#7 fondlethebeetroot

fondlethebeetroot
  • Topic Starter

  • Members
  • 11 posts
  • OFFLINE
  •  
  • Local time:09:04 AM

Posted 10 April 2014 - 04:10 PM

Cheers for the quick response btw :) 



#8 TB-Psychotic

TB-Psychotic

  • Malware Response Team
  • 6,349 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:09:04 AM

Posted 11 April 2014 - 08:22 AM

Fix with FRST (normal mode)

NOTICE: This script was written specifically for this user, for use on that particular machine. Running this on another machine may cause damage to your operating system

 

  • Please download the attached fixlist.txt and save it to the same location where FRST is.
  • Run frst.exe (on 64bit, run frst64.exe) and press the Fix button just once and wait.
  • The tool will make a log (Fixlog.txt) which you find where you saved FRST. Please post it to your reply.

 

 

 

 

===================================================

Malwarebytes Anti-Malware Free and Malwarebytes Chameleon

----------

  • Download Malwarebytes Anti-Malware Free and save it to your desktop
  • Double click the desktop icon, click Run, then OK
  • Click Next
  • Select I accept the agreement then continue to click Next then finally click Install
  • Uncheck Enable free trial of Malwarebytes Anti-Malware Premium if you do not want the free trial of the paid version, then click Finish
  • If you are notified the Database is out of date click Update Now
  • Click Scan Now >>

----------

  • Note: If Malwarebytes will not launch please do the following to launch Malwarebytes Chameleon:
  • Click Start (Start, Search, All files and folders for Windows XP) then type mbam
  • Double click one of the four following files (if one does not work try the next one, and so on) - A black command window will open. Follow those instructions until the Malwarebytes program starts the scan

mbam-chameleon.scr
mbam-chameleon
mbam-chameleon.exe
mbam-chameleon.com

----------

  • When completed click the down arrow on Export Log and select Text file (*.txt)
  • Save the file to your desktop as MBAM
  • Click Apply Actions then restart your computer if requested
  • Copy and past the contents of MBAM.txt in your reply

 

 

Attached Files


Proud Member of UNITE & TB
 
My help is free, however, if you want to support my fight against malware, click here --> btn_donate_SM.gif <--(no worries, every little bit helps)

#9 fondlethebeetroot

fondlethebeetroot
  • Topic Starter

  • Members
  • 11 posts
  • OFFLINE
  •  
  • Local time:09:04 AM

Posted 17 April 2014 - 08:03 AM

Fix result of Farbar Recovery Tool (FRST written by Farbar) (x64) Version: 17-04-2014
Ran by Millar at 2014-04-17 13:57:13 Run:1
Running from C:\Users\Millar\Documents\FRST
Boot Mode: Normal
==============================================
 
Content of fixlist:
*****************
AlternateDataStreams: C:\ProgramData\Microsoft:auLN9kMBrMNXHFEjM9u28XetU
AlternateDataStreams: C:\ProgramData\Microsoft:fro5HtrzQUkFnGLu2XNEw0
AlternateDataStreams: C:\ProgramData\Microsoft:qQ6kWbnGbAwzIyGvN1EM
AlternateDataStreams: C:\ProgramData\Microsoft:wk2rwKU8wb75vjT8QqoG
AlternateDataStreams: C:\Users\Millar\AppData\Local:sbFm6s7mQH28xxCuqdlpuYAn24
AlternateDataStreams: C:\Users\Millar\AppData\Local\gqqvg8MFUDt0zP:JZm5uNRrDYn5RMWYEVbZ8tq7Zp
AlternateDataStreams: C:\Users\Millar\AppData\Local\R1uQ50Ba:0fdAx0EJ3oA9OLx9k4C
AlternateDataStreams: C:\Users\Millar\AppData\Local\Temp:hCP9U9hkjEJM4IFKCplmsmrrwj
CHR HKLM-x32\...\Chrome\Extension: [pflphaooapbgpeakohlggbpidpppgdff] - C:\Users\Millar\AppData\Local\mysearchdial_speedial_v9.0.2.crx [2013-10-23]
CHR HKLM\...\Chrome\Extension: [pflphaooapbgpeakohlggbpidpppgdff] - C:\Users\Millar\AppData\Local\mysearchdial_speedial_v9.0.2.crx [2013-10-23]
CHR HKCU\...\Chrome\Extension: [pflphaooapbgpeakohlggbpidpppgdff] - C:\Users\Millar\AppData\Local\mysearchdial_speedial_v9.0.2.crx [2013-10-23]
CHR HomePage: hxxp://start.mysearchdial.com/?f=1&a=airmsd&cd=2XzuyEtN2Y1L1Qzu0B0CzzyDyDyC0BtCzzyDyE0F0E0BtC0BtN0D0Tzu0CyCyCtBtN1L2XzutBtFtBtFyEtFyBtAtCtN1L1Czu1T1L1C1H1B1Q&cr=119392575&ir=
FF SearchPlugin: C:\Users\Millar\AppData\Roaming\Mozilla\Firefox\Profiles\qtsgsxxf.default\searchplugins\conduit-search.xml
 
Task: {7746DB4D-5B76-4114-8B39-26149C6C5EA4} - System32\Tasks\Oxy => C:\Users\Millar\AppData\Roaming\Oxy\Updater.exe [2014-03-31] () <==== ATTENTION
Task: {5CD4B831-3F53-4034-9152-DEFD76717101} - System32\Tasks\PileFile logon => C:\Users\Millar\AppData\Local\Temp\Goat SimulatorDownload_8A93\Goat_Simulator_Downloader.exe <==== ATTENTION
Task: {0DAEBCCF-D713-4519-ABF6-FBCDD615EDDD} - System32\Tasks\PileFile reminder => C:\Users\Millar\AppData\Local\Temp\Goat SimulatorDownload_8A93\Goat_Simulator_Downloader.exe <==== ATTENTION
 
C:\Users\Millar\AppData\Roaming\CamLayout.ini
C:\Users\Millar\AppData\Roaming\CamShapes.ini
C:\Users\Millar\AppData\Roaming\Oxy
C:\Users\Millar\AppData\Local\Temp\Goat SimulatorDownload_8A93
C:\Users\Millar\Documents\Optimizer Pro
2014-03-25 18:53 - 2014-03-24 17:05 - 00000000 ____D () C:\Program Files (x86)\Mega Browse
2014-03-27 01:01 - 2012-02-09 23:43 - 00000000 ___HD () C:\Users\Millar\AppData\Local\R1uQ50Ba
2014-03-31 20:54 - 2014-03-31 20:54 - 00003592 _____ () C:\Windows\System32\Tasks\Oxy
2014-03-31 20:54 - 2014-03-31 20:54 - 00000000 ____D () C:\Users\Millar\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Oxy
2014-03-31 20:54 - 2014-03-31 20:53 - 00000000 ____D () C:\Users\Millar\AppData\Roaming\Oxy
2014-03-31 20:53 - 2014-03-31 20:53 - 00003564 _____ () C:\Windows\System32\Tasks\PileFile reminder
2014-03-31 20:53 - 2014-03-31 20:53 - 00003152 _____ () C:\Windows\System32\Tasks\PileFile logon
 
REBOOT:
*****************
 
C:\ProgramData\Microsoft => ":auLN9kMBrMNXHFEjM9u28XetU" ADS removed successfully.
C:\ProgramData\Microsoft => ":fro5HtrzQUkFnGLu2XNEw0" ADS removed successfully.
C:\ProgramData\Microsoft => ":qQ6kWbnGbAwzIyGvN1EM" ADS removed successfully.
C:\ProgramData\Microsoft => ":wk2rwKU8wb75vjT8QqoG" ADS removed successfully.
C:\Users\Millar\AppData\Local => ":sbFm6s7mQH28xxCuqdlpuYAn24" ADS removed successfully.
C:\Users\Millar\AppData\Local\gqqvg8MFUDt0zP => ":JZm5uNRrDYn5RMWYEVbZ8tq7Zp" ADS removed successfully.
C:\Users\Millar\AppData\Local\R1uQ50Ba => ":0fdAx0EJ3oA9OLx9k4C" ADS removed successfully.
C:\Users\Millar\AppData\Local\Temp => ":hCP9U9hkjEJM4IFKCplmsmrrwj" ADS removed successfully.
HKLM\SOFTWARE\Wow6432Node\Google\Chrome\Extensions\pflphaooapbgpeakohlggbpidpppgdff => Key deleted successfully.
C:\Users\Millar\AppData\Local\mysearchdial_speedial_v9.0.2.crx => Moved successfully.
HKLM\SOFTWARE\Google\Chrome\Extensions\pflphaooapbgpeakohlggbpidpppgdff => Key deleted successfully.
"C:\Users\Millar\AppData\Local\mysearchdial_speedial_v9.0.2.crx" => File/Directory not found.
HKCU\SOFTWARE\Google\Chrome\Extensions\pflphaooapbgpeakohlggbpidpppgdff => Key deleted successfully.
"C:\Users\Millar\AppData\Local\mysearchdial_speedial_v9.0.2.crx" => File/Directory not found.
CHR HomePage: hxxp://start.mysearchdial.com/?f=1&a=airmsd&cd=2XzuyEtN2Y1L1Qzu0B0CzzyDyDyC0BtCzzyDyE0F0E0BtC0BtN0D0Tzu0CyCyCtBtN1L2XzutBtFtBtFyEtFyBtAtCtN1L1Czu1T1L1C1H1B1Q&cr=119392575&ir= ==> The Chrome "Settings" can be used to fix the entry.
C:\Users\Millar\AppData\Roaming\Mozilla\Firefox\Profiles\qtsgsxxf.default\searchplugins\conduit-search.xml => Moved successfully.
HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => Value was restored successfully.
HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\SearchScopes\{006ee092-9658-4fd6-bd8e-a21a348e59f5} => Key deleted successfully.
HKCR\Wow6432Node\CLSID\{006ee092-9658-4fd6-bd8e-a21a348e59f5} => Key deleted successfully.
HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} => Key deleted successfully.
HKCR\Wow6432Node\CLSID\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} => Key deleted successfully.
HKCU\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => Value deleted successfully.
HKCU\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{006ee092-9658-4fd6-bd8e-a21a348e59f5} => Key deleted successfully.
HKCR\CLSID\{006ee092-9658-4fd6-bd8e-a21a348e59f5} => Key deleted successfully.
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main\\Start Page => Value was restored successfully.
HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => Value was restored successfully.
HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} => Key deleted successfully.
HKCR\CLSID\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} => Key deleted successfully.
HKCU\Software\Microsoft\Internet Explorer\Main\\Start Page => Value was restored successfully.
HKCU\Software\Microsoft\Internet Explorer\Main\\Search Page => Value was restored successfully.
HKCU\Software\Microsoft\Internet Explorer\Main\\Search Bar => Value deleted successfully.
HKLM\Software\\Microsoft\Internet Explorer\Main\\Start Page => Value was restored successfully.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{7746DB4D-5B76-4114-8B39-26149C6C5EA4} => Key deleted successfully.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{7746DB4D-5B76-4114-8B39-26149C6C5EA4} => Key deleted successfully.
C:\Windows\System32\Tasks\Oxy => Moved successfully.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Oxy => Key deleted successfully.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{5CD4B831-3F53-4034-9152-DEFD76717101} => Key deleted successfully.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{5CD4B831-3F53-4034-9152-DEFD76717101} => Key deleted successfully.
C:\Windows\System32\Tasks\PileFile logon => Moved successfully.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\PileFile logon => Key deleted successfully.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{0DAEBCCF-D713-4519-ABF6-FBCDD615EDDD} => Key deleted successfully.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{0DAEBCCF-D713-4519-ABF6-FBCDD615EDDD} => Key deleted successfully.
C:\Windows\System32\Tasks\PileFile reminder => Moved successfully.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\PileFile reminder => Key deleted successfully.
C:\Users\Millar\AppData\Roaming\CamLayout.ini => Moved successfully.
C:\Users\Millar\AppData\Roaming\CamShapes.ini => Moved successfully.
C:\Users\Millar\AppData\Roaming\Oxy => Moved successfully.
"C:\Users\Millar\AppData\Local\Temp\Goat SimulatorDownload_8A93" => File/Directory not found.
C:\Users\Millar\Documents\Optimizer Pro => Moved successfully.
C:\Program Files (x86)\Mega Browse => Moved successfully.
C:\Users\Millar\AppData\Local\R1uQ50Ba => Moved successfully.
"C:\Windows\System32\Tasks\Oxy" => File/Directory not found.
C:\Users\Millar\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Oxy => Moved successfully.
"C:\Users\Millar\AppData\Roaming\Oxy" => File/Directory not found.
"C:\Windows\System32\Tasks\PileFile reminder" => File/Directory not found.
"C:\Windows\System32\Tasks\PileFile logon" => File/Directory not found.
 
 
The system needed a reboot. 
 
==== End of Fixlog ====


#10 TB-Psychotic

TB-Psychotic

  • Malware Response Team
  • 6,349 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:09:04 AM

Posted 17 April 2014 - 08:32 AM

And what about the MBAM scan?


Proud Member of UNITE & TB
 
My help is free, however, if you want to support my fight against malware, click here --> btn_donate_SM.gif <--(no worries, every little bit helps)

#11 fondlethebeetroot

fondlethebeetroot
  • Topic Starter

  • Members
  • 11 posts
  • OFFLINE
  •  
  • Local time:09:04 AM

Posted 17 April 2014 - 08:43 AM

Malwarebytes Anti-Malware
www.malwarebytes.org
 
Scan Date: 17/04/2014
Scan Time: 14:37:00
Logfile: MBAM.txt
Administrator: Yes
 
Version: 2.00.1.1004
Malware Database: v2014.04.17.03
Rootkit Database: v2014.03.27.01
License: Free
Malware Protection: Disabled
Malicious Website Protection: Disabled
Chameleon: Disabled
 
OS: Windows 8
CPU: x64
File System: NTFS
User: Millar
 
Scan Type: Threat Scan
Result: Completed
Objects Scanned: 310089
Time Elapsed: 28 min, 0 sec
 
Memory: Enabled
Startup: Enabled
Filesystem: Enabled
Archives: Enabled
Rootkits: Disabled
Shuriken: Enabled
PUP: Enabled
PUM: Enabled
 
Processes: 0
(No malicious items detected)
 
Modules: 0
(No malicious items detected)
 
Registry Keys: 14
PUP.Optional.MySearchDial.A, HKLM\SOFTWARE\CLASSES\APPID\{CA5CAA63-B27C-4963-9BEC-CB16A36D56F8}, , [2b3c7eadcab1d264d0143c0ed62c1ce4], 
PUP.Optional.MySearchDial.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\APPID\{CA5CAA63-B27C-4963-9BEC-CB16A36D56F8}, , [2b3c7eadcab1d264d0143c0ed62c1ce4], 
PUP.Optional.MySearchDial.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\CLSID\{D40753C7-8A59-4C1F-BE88-C300F4624D5B}, , [5c0bb378a8d3ea4cac39f4565da5a45c], 
PUP.Optional.MySearchDial.A, HKLM\SOFTWARE\CLASSES\esrv.mysearchdialESrvc.1, , [5c0bb378a8d3ea4cac39f4565da5a45c], 
PUP.Optional.MySearchDial.A, HKLM\SOFTWARE\CLASSES\esrv.mysearchdialESrvc, , [5c0bb378a8d3ea4cac39f4565da5a45c], 
PUP.Optional.MySearchDial.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\esrv.mysearchdialESrvc, , [5c0bb378a8d3ea4cac39f4565da5a45c], 
PUP.Optional.MySearchDial.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\esrv.mysearchdialESrvc.1, , [5c0bb378a8d3ea4cac39f4565da5a45c], 
PUP.Optional.MySearchDial.A, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{219046AE-358F-4CF1-B1FD-2B4DE83642A8}, , [da8dbd6e52290b2b801b88c2ab5719e7], 
PUP.Optional.MySearchDial.A, HKLM\SOFTWARE\WOW6432NODE\INSTALLCORE\mysearchdial, , [88df48e3bdbe58de8f2960321ae99a66], 
PUP.Optional.MySearchDial.A, HKU\S-1-5-21-2329229836-4189106460-3123090683-1002-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\mysearchdial, , [97d039f2f9822c0a4a1ca2f2c83b36ca], 
PUP.Optional.InstallCore.A, HKU\S-1-5-21-2329229836-4189106460-3123090683-1002-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\INSTALLCORE\1I1T1Q1S, , [87e01e0d3f3c201670bb0c71867c0ff1], 
PUP.Optional.MySearchDial.A, HKU\S-1-5-21-2329229836-4189106460-3123090683-1002-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\INSTALLCORE\mysearchdial, , [0d5a87a4e398280ec0613761cf347888], 
PUP.Optional.InstallCore.A, HKU\S-1-5-21-2329229836-4189106460-3123090683-1002-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\INSTALLCORE, , [2f38e34881fad75f69f951422fd414ec], 
PUP.Optional.Softonic.A, HKU\S-1-5-21-2329229836-4189106460-3123090683-1002-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\SOFTONIC\Universal Downloader, , [5c0b0f1c5a21c96dcd83ec7fdd251ee2], 
 
Registry Values: 1
PUP.Optional.InstallCore.A, HKU\S-1-5-21-2329229836-4189106460-3123090683-1002-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\INSTALLCORE|tb, 0H1R1Q1O0G2Z1I1E, , [2f38e34881fad75f69f951422fd414ec]
 
Registry Data: 7
PUP.Optional.MySearchDial.A, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\INTERNET EXPLORER\ABOUTURLS|Tabs, http://start.mysearchdial.com/?f=2&a=airmsd&cd=2XzuyEtN2Y1L1Qzu0B0CzzyDyDyC0BtCzzyDyE0F0E0BtC0BtN0D0Tzu0CyCyCtBtN1L2XzutBtFtBtFyEtFyBtAtCtN1L1Czu1T1L1C1H1B1Q&cr=119392575&ir=, Good: (www.google.com), Bad: (http://start.mysearchdial.com/?f=2&a=airmsd&cd=2XzuyEtN2Y1L1Qzu0B0CzzyDyDyC0BtCzzyDyE0F0E0BtC0BtN0D0Tzu0CyCyCtBtN1L2XzutBtFtBtFyEtFyBtAtCtN1L1Czu1T1L1C1H1B1Q&cr=119392575&ir=),,[392ebf6c98e342f46b4db36934d05aa6]
PUP.Optional.HelperBar.A, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\INTERNET EXPLORER\SEARCHURL|Default, http://feed.helperbar.com/?publisher=YahooOC&dpid=YahooOC&co=GB&userid=8b5c76dd-3f1d-cb2c-e269-fe0ea3bb4e08&searchtype=ds&p={searchTerms}&fr=linkury-tb&installDate=13/12/2013&type=hp1000, Good: (www.google.com), Bad: (http://feed.helperbar.com/?publisher=YahooOC&dpid=YahooOC&co=GB&userid=8b5c76dd-3f1d-cb2c-e269-fe0ea3bb4e08&searchtype=ds&p={searchTerms}&fr=linkury-tb&installDate=13/12/2013&type=hp1000),,[6403b972681372c4b009190354b0d828]
PUP.Optional.HelperBar.A, HKU\S-1-5-21-2329229836-4189106460-3123090683-1002-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCH|Default_Search_URL, http://feed.helperbar.com/?publisher=YahooOC&dpid=YahooOC&co=GB&userid=8b5c76dd-3f1d-cb2c-e269-fe0ea3bb4e08&searchtype=ds&p={searchTerms}&fr=linkury-tb&installDate=13/12/2013&type=hp1000, Good: (www.google.com), Bad: (http://feed.helperbar.com/?publisher=YahooOC&dpid=YahooOC&co=GB&userid=8b5c76dd-3f1d-cb2c-e269-fe0ea3bb4e08&searchtype=ds&p={searchTerms}&fr=linkury-tb&installDate=13/12/2013&type=hp1000),,[8bdc4fdc601b74c2843a78a4b84c0af6]
PUP.Optional.HelperBar.A, HKU\S-1-5-21-2329229836-4189106460-3123090683-1002-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCH|Default_Search_URL, http://feed.helperbar.com/?publisher=YahooOC&dpid=YahooOC&co=GB&userid=8b5c76dd-3f1d-cb2c-e269-fe0ea3bb4e08&searchtype=ds&p={searchTerms}&fr=linkury-tb&installDate=13/12/2013&type=hp1000, Good: (http://www.google.com), Bad: (http://feed.helperbar.com/?publisher=YahooOC&dpid=YahooOC&co=GB&userid=8b5c76dd-3f1d-cb2c-e269-fe0ea3bb4e08&searchtype=ds&p={searchTerms}&fr=linkury-tb&installDate=13/12/2013&type=hp1000),,[fc6b5ecd3f3c30066b3f50d6947008f8]
PUP.Optional.HelperBar.A, HKU\S-1-5-21-2329229836-4189106460-3123090683-1002-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCH|SearchAssistant, http://feed.helperbar.com/?publisher=YahooOC&dpid=YahooOC&co=GB&userid=8b5c76dd-3f1d-cb2c-e269-fe0ea3bb4e08&searchtype=ds&p={searchTerms}&fr=linkury-tb&installDate=13/12/2013&type=hp1000, Good: (www.google.com), Bad: (http://feed.helperbar.com/?publisher=YahooOC&dpid=YahooOC&co=GB&userid=8b5c76dd-3f1d-cb2c-e269-fe0ea3bb4e08&searchtype=ds&p={searchTerms}&fr=linkury-tb&installDate=13/12/2013&type=hp1000),,[2d3aab8090ebf2446e518696fa0ab64a]
PUP.Optional.HelperBar.A, HKU\S-1-5-21-2329229836-4189106460-3123090683-1002-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCH|SearchAssistant, http://feed.helperbar.com/?publisher=YahooOC&dpid=YahooOC&co=GB&userid=8b5c76dd-3f1d-cb2c-e269-fe0ea3bb4e08&searchtype=ds&p={searchTerms}&fr=linkury-tb&installDate=13/12/2013&type=hp1000, Good: (http://www.google.com), Bad: (http://feed.helperbar.com/?publisher=YahooOC&dpid=YahooOC&co=GB&userid=8b5c76dd-3f1d-cb2c-e269-fe0ea3bb4e08&searchtype=ds&p={searchTerms}&fr=linkury-tb&installDate=13/12/2013&type=hp1000),,[194e2efd57247abc46659492ee16a060]
PUP.Optional.HelperBar.A, HKU\S-1-5-21-2329229836-4189106460-3123090683-1002-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHURL|Default, http://feed.helperbar.com/?publisher=YahooOC&dpid=YahooOC&co=GB&userid=8b5c76dd-3f1d-cb2c-e269-fe0ea3bb4e08&searchtype=ds&p={searchTerms}&fr=linkury-tb&installDate=13/12/2013&type=hp1000, Good: (www.google.com), Bad: (http://feed.helperbar.com/?publisher=YahooOC&dpid=YahooOC&co=GB&userid=8b5c76dd-3f1d-cb2c-e269-fe0ea3bb4e08&searchtype=ds&p={searchTerms}&fr=linkury-tb&installDate=13/12/2013&type=hp1000),,[481f9d8ea1daae88c1f9b06c02028080]
 
Folders: 6
PUP.Optional.MySearchDial.A, C:\Users\Millar\AppData\Roaming\mysearchdial, , [0f588d9e463584b20f95b6a759a9e020], 
PUP.Optional.MySearchDial.A, C:\Users\Millar\AppData\Roaming\mysearchdial\icons_2.2.4.731, , [0f588d9e463584b20f95b6a759a9e020], 
PUP.Optional.MySearchDial.A, C:\Users\Millar\AppData\Roaming\mysearchdial\UpdateProc, , [0f588d9e463584b20f95b6a759a9e020], 
PUP.Optional.OpenCandy, C:\Users\Millar\AppData\Roaming\OpenCandy, , [d592be6dabd01620684a0b52ea182cd4], 
PUP.Optional.OpenCandy, C:\Users\Millar\AppData\Roaming\OpenCandy\3AE77573D5644528B2423EE63E11E4E0, , [d592be6dabd01620684a0b52ea182cd4], 
PUP.Optional.OpenCandy, C:\Users\Millar\AppData\Roaming\OpenCandy\C01878586E864484A51E390F56FBD23F, , [d592be6dabd01620684a0b52ea182cd4], 
 
Files: 16
PUP.Optional.Linkury.A, C:\Users\Millar\AppData\Roaming\OpenCandy\C01878586E864484A51E390F56FBD23F\Installer.exe, , [aeb977b4b6c52d09e9643eba6b9802fe], 
PUP.Optional.Softonic.A, C:\Users\Millar\Downloads\SoftonicDownloader_for_gif-recorder.exe, , [68ffd7547506ed4906bfb26845bc619f], 
PUP.Optional.Softonic.A, C:\Users\Millar\Downloads\SoftonicDownloader_for_surgeon-simulator-2013.exe, , [bcab02291c5f94a20eb71406956c60a0], 
PUP.Optional.InstallMonetizer, C:\Users\Millar\Downloads\Sugar Bytes Wow Pc__3039_i310573179_il1477845.exe, , [d88f3feca5d6340233553be8cc359e62], 
PUP.Optional.InstallMonetizer, C:\Users\Millar\Downloads\Sugar Bytes Wow Pc__3039_i310574118_il1477845.exe, , [036451da6e0d5ed8bccc3ae98879ef11], 
RiskWare.Tool.CK, C:\Users\Millar\Downloads\PSPaudioware.PSP.Vintage.Warmer.2.VST.RTAS.v2.5.0.x86.x64.Incl.Keygen-ASSiGN.rar, , [dc8b07246c0f93a3865137fdf60ebb45], 
PUP.Optional.AirInstaller, C:\Users\Millar\Downloads\MinecraftInstall.exe, , [baada4874635ef471a66ab6b8b76b54b], 
PUP.Optional.InstallMonetizer, C:\Users\Millar\Downloads\Amkicklabxxlreleased__2681_i277257489_il1042195.rar.exe, , [5b0c19124f2cd264a9df7fa403fed22e], 
PUP.Optional.OptimumInstaller.A, C:\Users\Millar\Downloads\Henry-Rollins-Get-in-the-Vanphp.exe, , [4c1bc863760589add09ece7a649d5ea2], 
PUP.Optional.PCPerformer.A, C:\Windows\System32\roboot64.exe, , [8fd876b5dba0d066677e8beb49b958a8], 
PUP.Optional.MySearchDial.A, C:\Users\Millar\AppData\Roaming\mysearchdial\icons_2.2.4.731\magnifying.ico, , [0f588d9e463584b20f95b6a759a9e020], 
PUP.Optional.MySearchDial.A, C:\Users\Millar\AppData\Roaming\mysearchdial\icons_2.2.4.731\star2.ico, , [0f588d9e463584b20f95b6a759a9e020], 
PUP.Optional.MySearchDial.A, C:\Users\Millar\AppData\Roaming\mysearchdial\UpdateProc\config.dat, , [0f588d9e463584b20f95b6a759a9e020], 
PUP.Optional.MySearchDial.A, C:\Users\Millar\AppData\Roaming\mysearchdial\UpdateProc\TTL.DAT, , [0f588d9e463584b20f95b6a759a9e020], 
PUP.Optional.OpenCandy, C:\Users\Millar\AppData\Roaming\OpenCandy\3AE77573D5644528B2423EE63E11E4E0\Trial-14.0.1000.90_en-GB_1004745_UK-15d.exe, , [d592be6dabd01620684a0b52ea182cd4], 
PUP.Optional.MySearchDial.A, C:\Users\Millar\AppData\Local\Google\Chrome\User Data\Default\Preferences, Good: (), Bad: (   "homepage": "http://start.mysearchdial.com/?f=1&a=airmsd&cd=2XzuyEtN2Y1L1Qzu0B0CzzyDyDyC0BtCzzyDyE0F0E0BtC0BtN0D0Tzu0CyCyCtBtN1L2XzutBtFtBtFyEtFyBtAtCtN1L1Czu1T1L1C1H1B1Q&cr=119392575&ir=",), ,[cc9bd259106bd4629c8659f9669e5ca4]
 
Physical Sectors: 0
(No malicious items detected)
 
 
(end)

Sorry took a while to complete that scan :)



#12 TB-Psychotic

TB-Psychotic

  • Malware Response Team
  • 6,349 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:09:04 AM

Posted 17 April 2014 - 08:44 AM

Please rescan and remove all found threats.


Proud Member of UNITE & TB
 
My help is free, however, if you want to support my fight against malware, click here --> btn_donate_SM.gif <--(no worries, every little bit helps)

#13 fondlethebeetroot

fondlethebeetroot
  • Topic Starter

  • Members
  • 11 posts
  • OFFLINE
  •  
  • Local time:09:04 AM

Posted 17 April 2014 - 09:17 AM

I rescanned, however no threats were to found to remove this time round?


And pilefile and oxy are still in my programmes list



#14 TB-Psychotic

TB-Psychotic

  • Malware Response Team
  • 6,349 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:09:04 AM

Posted 18 April 2014 - 03:22 AM

try to remove them and tell me what happens


Proud Member of UNITE & TB
 
My help is free, however, if you want to support my fight against malware, click here --> btn_donate_SM.gif <--(no worries, every little bit helps)

#15 fondlethebeetroot

fondlethebeetroot
  • Topic Starter

  • Members
  • 11 posts
  • OFFLINE
  •  
  • Local time:09:04 AM

Posted 18 April 2014 - 02:28 PM

If I try to remove them from the windows uninstall programme list, I get a message saying "You do not have sufficient access to uninstall Pilefile reminder. Please contact your system administrator". This happens for both programmes. 






0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users