Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

dllhost.exe com surrogate


  • This topic is locked This topic is locked
39 replies to this topic

#1 Archofangel

Archofangel

  • Members
  • 19 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:06:36 PM

Posted 29 June 2014 - 03:29 AM

Hello,

 

I have the same issue as posted here as well. - http://www.bleepingcomputer.com/forums/t/539188/dllhostexe-com-surrogate-processes/

 

I have also ran the FRST software. Would also appreciate any help.

 

If this helps, when the dllhost.exe starts producing many copy's I tried to end the processes but only one would get rid of them for a temporary fix. Before and after screen shots in attached.

 

Thanks, Alex

 

 

FRST.txt

 

Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 28-06-2014 02
Ran by Hobo (administrator) on HOBO-HP on 29-06-2014 01:50:01
Running from C:\Users\Hobo\Desktop
Platform: Windows 7 Home Premium Service Pack 1 (X64) OS Language: English (United States)
Internet Explorer Version 11
Boot Mode: Normal

The only official download link for FRST:
Download link for 32-Bit version: http://www.bleepingcomputer.com/download/farbar-recovery-scan-tool/dl/81/
Download link for 64-Bit Version: http://www.bleepingcomputer.com/download/farbar-recovery-scan-tool/dl/82/
Download link from any site other than Bleeping Computer is unpermitted or outdated.
See tutorial for FRST: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processes (Whitelisted) =================

(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2014\avguirux.exe
(Symantec Corporation) C:\Program Files (x86)\Common Files\Symantec Shared\ccSvcHst.exe
(Symantec Corporation) C:\Program Files (x86)\Symantec\Symantec Endpoint Protection\Rtvscan.exe
(Microsoft Corporation) C:\Windows\System32\taskmgr.exe
(Microsoft Corporation) C:\Program Files\Internet Explorer\iexplore.exe
(Microsoft Corporation) C:\Windows\SysWOW64\dllhost.exe
(Microsoft Corporation) C:\Windows\SysWOW64\dllhost.exe
(Microsoft Corporation) C:\Windows\SysWOW64\dllhost.exe
(Microsoft Corporation) C:\Windows\SysWOW64\dllhost.exe
(Microsoft Corporation) C:\Windows\SysWOW64\dllhost.exe

==================== Registry (Whitelisted) ==================

HKLM-x32\...\Run: [ccApp] => C:\Program Files (x86)\Common Files\Symantec Shared\ccApp.exe [115560 2010-12-10] (Symantec Corporation)
HKLM-x32\...\Run: [Razer Blackwidow Driver] => C:\Program Files (x86)\Razer\BlackWidow Ultimate\BlackWidowUltimateTray.exe [887712 2011-05-16] (Razer USA Ltd)
HKLM-x32\...\Run: [StartCCC] => C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\amd64\CLIStart.exe [767200 2014-04-17] (Advanced Micro Devices, Inc.)
HKLM-x32\...\Run: [AVG_UI] => C:\Program Files (x86)\AVG\AVG2014\avgui.exe [5179408 2014-06-17] (AVG Technologies CZ, s.r.o.)
Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)
HKLM\...\Policies\Explorer: [AllowLegacyWebView] 1
HKLM\...\Policies\Explorer: [AllowUnhashedWebView] 1
HKU\S-1-5-21-3494576438-3759727045-946588157-1000\...\Run: [Raptr] => C:\Program Files (x86)\Raptr\raptrstub.exe [55360 2014-06-24] (Raptr, Inc)

==================== Internet (Whitelisted) ====================

HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = en-US
StartMenuInternet: IEXPLORE.EXE - C:\Program Files (x86)\Internet Explorer\iexplore.exe
SearchScopes: HKLM - DefaultScope {B7971660-A1CE-4FDD-B9E0-2C37D77AFB0B} URL =
SearchScopes: HKLM - {7314BB05-1EBB-42D9-AB98-B9ECEAC052B4} URL = http://www.amazon.com/s/ref=azs_osd_iea?ie=UTF-8&tag=hp-us1-vsb-20&link%5Fcode=qs&index=aps&field-keywords={searchTerms}
SearchScopes: HKLM - {D944BB61-2E34-4DBF-A683-47E505C587DC} URL = http://rover.ebay.com/rover/1/711-30572-11896-1/4?mpre=http://shop.ebay.com/?_nkw={searchTerms}
SearchScopes: HKLM-x32 - DefaultScope value is missing.
SearchScopes: HKLM-x32 - {7314BB05-1EBB-42D9-AB98-B9ECEAC052B4} URL = http://www.amazon.com/s/ref=azs_osd_iea?ie=UTF-8&tag=hp-us1-vsb-20&link%5Fcode=qs&index=aps&field-keywords={searchTerms}
SearchScopes: HKLM-x32 - {D944BB61-2E34-4DBF-A683-47E505C587DC} URL = http://rover.ebay.com/rover/1/711-30572-11896-1/4?mpre=http://shop.ebay.com/?_nkw={searchTerms}
SearchScopes: HKCU - DefaultScope {8D8A5EF9-C573-4B8F-87CF-46110E818DD1} URL = https://www.google.com/search?q={searchTerms}
SearchScopes: HKCU - {8D8A5EF9-C573-4B8F-87CF-46110E818DD1} URL = https://www.google.com/search?q={searchTerms}
SearchScopes: HKCU - {D944BB61-2E34-4DBF-A683-47E505C587DC} URL =
BHO: Java™ Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO: TrueSuite Website Log On - {8590886E-EC8C-43C1-A32C-E4C2B0B6395B} - C:\Program Files (x86)\HP SimplePass 2011\x64\IEBHO.dll (HP)
BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO: Skype add-on for Internet Explorer - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll (Microsoft Corporation)
BHO: Java™ Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
BHO-x32: Java™ Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre6\bin\ssv.dll (Sun Microsystems, Inc.)
BHO-x32: TrueSuite Website Log On - {8590886E-EC8C-43C1-A32C-E4C2B0B6395B} - C:\Program Files (x86)\HP SimplePass 2011\IEBHO.dll (HP)
BHO-x32: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO-x32: Skype Browser Helper - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll (Microsoft Corporation)
BHO-x32: Java™ Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll (Sun Microsystems, Inc.)
Toolbar: HKCU - No Name - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} -  No File
DPF: HKLM-x32 {CF84DAC5-A4F5-419E-A0BA-C01FFD71112F} http://content.systemrequirementslab.com.s3.amazonaws.com/global/bin/srldetect_intel_4.5.13.0.cab
Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll (Microsoft Corporation)
Handler-x32: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll (Microsoft Corporation)
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Tcpip\Parameters: [DhcpNameServer] 192.168.0.1 205.171.2.25

FireFox:
========
FF ProfilePath: C:\Users\Hobo\AppData\Roaming\Mozilla\Firefox\Profiles\5n4qxvli.default
FF Homepage: hxxp://aps.blackboard.com
FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF64_13_0_0_214.dll ()
FF Plugin: @java.com/DTPlugin,version=10.9.2 - C:\Windows\system32\npDeployJava1.dll (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=10.9.2 - C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin: @microsoft.com/GENUINE - disabled No File
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files\Microsoft Silverlight\5.1.30214.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_13_0_0_214.dll ()
FF Plugin-x32: @Apple.com/iTunes,version=1.0 - C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF Plugin-x32: @java.com/DTPlugin,version=1.6.0_37 - C:\Windows\SysWOW64\npdeployJava1.dll (Sun Microsystems, Inc.)
FF Plugin-x32: @java.com/JavaPlugin - C:\Program Files (x86)\Java\jre6\bin\plugin2\npjp2.dll (Sun Microsystems, Inc.)
FF Plugin-x32: @microsoft.com/GENUINE - disabled No File
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files (x86)\Microsoft Silverlight\5.1.30214.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3508.1109 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @pandonetworks.com/PandoWebPlugin - C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks)
FF Plugin-x32: @raidcall.en/RCplugin - C:\Users\Hobo\AppData\Roaming\raidcall\plugins\nprcplugin.dll (Raidcall)
FF Plugin-x32: @WildTangent.com/GamesAppPresenceDetector,Version=1.0 - C:\Program Files (x86)\WildTangent Games\App\BrowserIntegration\Registered\7\NP_wtapp.dll ()
FF Plugin-x32: Adobe Reader - C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin HKCU: @tools.google.com/Google Update;version=3 - C:\Users\Hobo\AppData\Local\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF Plugin HKCU: @tools.google.com/Google Update;version=9 - C:\Users\Hobo\AppData\Local\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF Plugin HKCU: pandonetworks.com/PandoWebPlugin - C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks)
FF Extension: Black Generator Property Page - C:\Users\Hobo\AppData\Roaming\Mozilla\Firefox\Profiles\5n4qxvli.default\Extensions\{1C588501-281F-F986-6975-A4C9028F19EA} [2014-06-23]
FF Extension: Widevine Media Optimizer - C:\Users\Hobo\AppData\Roaming\Mozilla\Firefox\Profiles\5n4qxvli.default\Extensions\{2d3fbcf7-be69-4433-8858-c621a8d0e58d} [2014-01-12]
FF Extension: TrueSuite Website Logon - C:\Program Files (x86)\Mozilla Firefox\extensions\websitelogon@truesuite.com [2014-05-20]
FF Extension: Skype Click to Call - C:\Program Files (x86)\Mozilla Firefox\browser\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}.xpi [2014-05-15]

Chrome:
=======
Error reading preferences. Please check "preferences" file for possible corruption. <======= ATTENTION
CHR HKLM-x32\...\Chrome\Extension: [jpgfhihjicjofdejkbjgnjlaglaciobe] - C:\Program Files (x86)\HP SimplePass 2011\tschrome.crx [2011-06-03]

==================== Services (Whitelisted) =================

S2 AVGIDSAgent; C:\Program Files (x86)\AVG\AVG2014\avgidsagent.exe [3242000 2014-06-17] (AVG Technologies CZ, s.r.o.)
S2 avgwd; C:\Program Files (x86)\AVG\AVG2014\avgwdsvc.exe [289328 2014-06-17] (AVG Technologies CZ, s.r.o.)
S2 c2cautoupdatesvc; C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe [1390720 2014-04-11] (Microsoft Corporation)
S2 c2cpnrsvc; C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe [1764992 2014-04-11] (Microsoft Corporation)
R2 ccEvtMgr; C:\Program Files (x86)\Common Files\Symantec Shared\ccSvcHst.exe [108392 2010-12-10] (Symantec Corporation)
R2 ccSetMgr; C:\Program Files (x86)\Common Files\Symantec Shared\ccSvcHst.exe [108392 2010-12-10] (Symantec Corporation)
S3 fussvc; C:\Program Files (x86)\Windows Kits\8.0\App Certification Kit\fussvc.exe [139776 2012-07-25] (Microsoft Corporation) [File not signed]
S2 HiPatchService; C:\Program Files (x86)\Hi-Rez Studios\HiPatchService.exe [9216 2014-02-28] (Hi-Rez Studios) [File not signed]
S3 LiveUpdate; C:\Program Files (x86)\Symantec\LiveUpdate\LuComServer_3_3.EXE [3093880 2010-09-07] (Symantec Corporation)
S2 MDM; C:\Program Files (x86)\Common Files\Microsoft Shared\VS7DEBUG\mdm.exe [335872 2006-10-26] (Microsoft Corporation) [File not signed]
S2 SmcService; C:\Program Files (x86)\Symantec\Symantec Endpoint Protection\Smc.exe [3249768 2010-12-10] (Symantec Corporation)
S4 SNAC; C:\Program Files (x86)\Symantec\Symantec Endpoint Protection\SNAC64.EXE [428912 2010-12-10] (Symantec Corporation)
R2 Symantec AntiVirus; C:\Program Files (x86)\Symantec\Symantec Endpoint Protection\Rtvscan.exe [1839776 2010-12-10] (Symantec Corporation)
S4 Te.Service; C:\Program Files (x86)\Windows Kits\8.0\Testing\Runtimes\TAEF\Wex.Services.exe [126976 2012-07-25] (Microsoft Corporation) [File not signed]
S2 VMAuthdService; C:\Program Files (x86)\VMware\VMware Player\vmware-authd.exe [79872 2012-08-15] (VMware, Inc.) [File not signed]
S3 aspnet_state; %SystemRoot%\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe [X]

==================== Drivers (Whitelisted) ====================

U5 AppMgmt; C:\Windows\system32\svchost.exe [27136 2009-07-13] (Microsoft Corporation)
S1 Avgdiska; C:\Windows\System32\DRIVERS\avgdiska.sys [153368 2014-06-17] (AVG Technologies CZ, s.r.o.)
S1 AVGIDSDriver; C:\Windows\System32\DRIVERS\avgidsdrivera.sys [242968 2014-06-17] (AVG Technologies CZ, s.r.o.)
S0 AVGIDSHA; C:\Windows\System32\DRIVERS\avgidsha.sys [190744 2014-06-17] (AVG Technologies CZ, s.r.o.)
S1 Avgldx64; C:\Windows\System32\DRIVERS\avgldx64.sys [235800 2014-06-17] (AVG Technologies CZ, s.r.o.)
S0 Avgloga; C:\Windows\System32\DRIVERS\avgloga.sys [328984 2014-06-17] (AVG Technologies CZ, s.r.o.)
S0 Avgmfx64; C:\Windows\System32\DRIVERS\avgmfx64.sys [123672 2014-06-17] (AVG Technologies CZ, s.r.o.)
S0 Avgrkx64; C:\Windows\System32\DRIVERS\avgrkx64.sys [31512 2014-06-17] (AVG Technologies CZ, s.r.o.)
S1 Avgtdia; C:\Windows\System32\DRIVERS\avgtdia.sys [269080 2014-06-17] (AVG Technologies CZ, s.r.o.)
S1 eeCtrl; C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\eeCtrl64.sys [486192 2014-06-13] (Symantec Corporation)
S3 EraserUtilRebootDrv; C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys [142128 2014-06-13] (Symantec Corporation)
S3 NAVENG; C:\ProgramData\Symantec\Definitions\VirusDefs\20140622.003\ENG64.SYS [126040 2013-09-16] (Symantec Corporation)
S3 NAVEX15; C:\ProgramData\Symantec\Definitions\VirusDefs\20140622.003\EX64.SYS [2099288 2013-09-16] (Symantec Corporation)
S3 pmxdrv; C:\Windows\system32\drivers\pmxdrv.sys [31152 2011-09-13] ()
S3 rzendpt; C:\Windows\System32\DRIVERS\rzendpt.sys [39080 2014-05-19] (Razer Inc)
R3 RzSynapse; C:\Windows\System32\DRIVERS\RzSynapse.sys [154624 2011-05-12] (Razer USA Ltd)
S1 SRTSP; C:\Windows\System32\Drivers\SRTSP64.SYS [449072 2010-12-10] (Symantec Corporation)
S1 SRTSP; C:\Windows\SysWOW64\Drivers\SRTSP64.SYS [449072 2010-12-10] (Symantec Corporation)
S3 SRTSPL; C:\Windows\System32\Drivers\SRTSPL64.SYS [482352 2010-12-10] (Symantec Corporation)
S3 SRTSPL; C:\Windows\SysWOW64\Drivers\SRTSPL64.SYS [482352 2010-12-10] (Symantec Corporation)
S1 SRTSPX; C:\Windows\System32\Drivers\SRTSPX64.SYS [32304 2010-12-10] (Symantec Corporation)
S1 SRTSPX; C:\Windows\SysWOW64\Drivers\SRTSPX64.SYS [32304 2010-12-10] (Symantec Corporation)
S3 SymEvent; C:\Windows\system32\Drivers\SYMEVENT64x86.SYS [173616 2012-03-29] (Symantec Corporation)
R0 vsock; C:\Windows\System32\drivers\vsock.sys [70256 2012-07-06] (VMware, Inc.)
S3 VSPerfDrv110; C:\Program Files (x86)\Microsoft Visual Studio 11.0\Team Tools\Performance Tools\x64\VSPerfDrv110.sys [70264 2012-07-13] (Microsoft Corporation)
S3 ALSysIO; \??\C:\Users\Hobo\AppData\Local\Temp\ALSysIO64.sys [X]
S3 catchme; \??\C:\waffe\catchme.sys [X]

==================== NetSvcs (Whitelisted) ===================

==================== One Month Created Files and Folders ========

2014-06-29 01:50 - 2014-06-29 01:50 - 00014907 _____ () C:\Users\Hobo\Desktop\FRST.txt
2014-06-29 01:49 - 2014-06-29 01:50 - 00000000 ____D () C:\FRST
2014-06-29 01:48 - 2014-06-29 01:48 - 02083328 _____ (Farbar) C:\Users\Hobo\Desktop\FRST64.exe
2014-06-29 01:47 - 2014-06-29 01:47 - 00000000 ____D () C:\ProgramData\Comodo Downloader
2014-06-29 01:45 - 2014-06-29 01:47 - 00000000 ____D () C:\ProgramData\Comodo
2014-06-29 01:38 - 2014-06-29 01:38 - 00026805 _____ () C:\ComboFix.txt
2014-06-29 01:14 - 2014-06-29 01:14 - 00000177 _____ () C:\Users\Hobo\Desktop\avgrep.txt
2014-06-29 01:13 - 2014-06-29 01:13 - 00000967 _____ () C:\Users\Public\Desktop\AVG 2014.lnk
2014-06-29 01:13 - 2014-06-29 01:13 - 00000000 ____D () C:\Users\Hobo\AppData\Roaming\TuneUp Software
2014-06-29 01:13 - 2014-06-29 01:13 - 00000000 ____D () C:\Users\Hobo\AppData\Roaming\AVG2014
2014-06-29 01:13 - 2014-06-29 01:13 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVG
2014-06-29 01:13 - 2014-06-29 01:13 - 00000000 ____D () C:\ProgramData\AVG2014
2014-06-29 01:13 - 2014-06-29 01:13 - 00000000 ____D () C:\Program Files (x86)\AVG
2014-06-29 01:13 - 2014-06-29 01:13 - 00000000 ____D () C:\$AVG
2014-06-29 01:11 - 2014-06-29 01:14 - 00000000 ____D () C:\Users\Hobo\AppData\Local\Avg2014
2014-06-29 01:11 - 2014-06-29 01:14 - 00000000 ____D () C:\ProgramData\MFAData
2014-06-29 01:11 - 2014-06-29 01:11 - 04755192 _____ (AVG Technologies) C:\Users\Hobo\Desktop\avg_free_stb_all_2014_4714_cnet.exe
2014-06-29 01:11 - 2014-06-29 01:11 - 00000000 ____D () C:\Users\Hobo\AppData\Local\MFAData
2014-06-29 01:10 - 2014-06-29 01:10 - 04050840 _____ (Avira Operations GmbH & Co. KG) C:\Users\Hobo\Desktop\avira_en_av___dlc.exe
2014-06-29 01:10 - 2014-06-29 01:10 - 00000000 ____D () C:\OETemp
2014-06-29 00:48 - 2014-06-27 23:55 - 05212118 ____R (Swearware) C:\Users\Hobo\Desktop\Alarmsdafecwaffe.exe
2014-06-29 00:33 - 2014-06-29 00:48 - 00000000 ____D () C:\Users\Hobo\Desktop\mbar
2014-06-29 00:33 - 2014-06-29 00:48 - 00000000 ____D () C:\ProgramData\Malwarebytes' Anti-Malware (portable)
2014-06-29 00:23 - 2014-06-29 00:23 - 00200912 _____ () C:\Users\Hobo\Desktop\Extras.Txt
2014-06-29 00:22 - 2014-06-29 00:22 - 00107880 _____ () C:\Users\Hobo\Desktop\OTL.Txt
2014-06-29 00:07 - 2014-06-29 00:07 - 00000000 ____D () C:\TDSSKiller_Quarantine
2014-06-28 23:55 - 2014-06-28 23:55 - 14349744 _____ (Malwarebytes Corp.) C:\Users\Hobo\Desktop\mbar-1.07.0.1012.exe
2014-06-28 23:50 - 2014-06-28 23:50 - 00602112 _____ (OldTimer Tools) C:\Users\Hobo\Desktop\OTL.exe
2014-06-28 23:48 - 2014-06-28 23:48 - 04181856 _____ (Kaspersky Lab ZAO) C:\Users\Hobo\Desktop\tdsskiller.exe
2014-06-28 00:11 - 2014-06-29 00:33 - 00128728 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2014-06-28 00:11 - 2014-06-29 00:33 - 00092888 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys
2014-06-28 00:11 - 2014-06-28 00:11 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
2014-06-28 00:11 - 2014-06-28 00:11 - 00000000 ____D () C:\ProgramData\Malwarebytes
2014-06-28 00:11 - 2014-06-28 00:11 - 00000000 ____D () C:\Program Files (x86)\Malwarebytes Anti-Malware
2014-06-28 00:11 - 2014-05-12 07:35 - 00063704 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys
2014-06-28 00:11 - 2014-05-12 07:35 - 00025816 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys
2014-06-28 00:05 - 2010-08-30 08:34 - 00536576 _____ (SQLite Development Team) C:\Windows\SysWOW64\sqlite3.dll
2014-06-28 00:04 - 2014-06-28 01:17 - 00000000 ____D () C:\AdwCleaner
2014-06-27 23:57 - 2014-06-28 01:10 - 00002836 _____ () C:\Users\Hobo\Desktop\Rkill.txt
2014-06-27 23:56 - 2014-06-27 23:56 - 17292208 _____ (Malwarebytes Corporation ) C:\Users\Hobo\Desktop\mbam-setup.exe
2014-06-27 23:55 - 2014-06-27 23:55 - 05212118 ____R (Swearware) C:\Users\Hobo\Desktop\dewaf3ewa.exe
2014-06-27 23:55 - 2014-06-27 23:55 - 01942776 _____ (Bleeping Computer, LLC) C:\Users\Hobo\Desktop\rkill.exe
2014-06-27 23:54 - 2014-06-27 23:54 - 01342659 _____ () C:\Users\Hobo\Desktop\AdwCleaner.exe
2014-06-26 11:27 - 2014-06-29 00:08 - 00116768 _____ () C:\Users\Hobo\AppData\Local\GDIPFONTCACHEV1.DAT
2014-06-26 10:56 - 2014-06-26 11:30 - 05211571 ____R (Swearware) C:\Users\Hobo\Desktop\waffe.exe
2014-06-26 03:32 - 2014-06-26 03:32 - 00003806 _____ () C:\Windows\System32\Tasks\Security Center Update - 1062671344
2014-06-25 20:58 - 2014-06-25 20:58 - 00000000 ____H () C:\Windows\system32\Drivers\Msft_Kernel_WinUsb_01009.Wdf
2014-06-18 21:02 - 2014-06-26 05:54 - 00000536 _____ () C:\Users\Hobo\Downloads\THANKS.txt
2014-06-18 21:02 - 2014-06-26 05:09 - 00004632 _____ () C:\Users\Hobo\Downloads\README.txt
2014-06-18 21:02 - 2014-06-26 05:05 - 00037656 _____ () C:\Users\Hobo\Downloads\COPYING.txt
2014-06-18 21:02 - 2014-06-26 05:05 - 00003864 _____ () C:\Users\Hobo\Downloads\CHANGES.txt
2014-06-18 21:02 - 2014-01-10 15:09 - 00080896 _____ (GNE) C:\Users\Hobo\Downloads\DualWallpaper.exe
2014-06-18 21:02 - 2014-01-08 17:56 - 00189440 _____ (GNE) C:\Users\Hobo\Downloads\DualLauncher.exe
2014-06-18 21:02 - 2014-01-08 17:56 - 00087040 _____ (GNE) C:\Users\Hobo\Downloads\DualSnap.exe
2014-06-18 21:02 - 2014-01-08 17:55 - 00069632 _____ (GNE) C:\Users\Hobo\Downloads\DisMon.exe
2014-06-18 21:02 - 2014-01-08 17:48 - 00166912 _____ (GNE) C:\Users\Hobo\Downloads\SwapScreen.exe
2014-06-17 16:21 - 2014-06-17 16:21 - 00235800 _____ (AVG Technologies CZ, s.r.o.) C:\Windows\system32\Drivers\avgldx64.sys
2014-06-17 16:07 - 2014-06-17 16:07 - 00328984 _____ (AVG Technologies CZ, s.r.o.) C:\Windows\system32\Drivers\avgloga.sys
2014-06-17 16:06 - 2014-06-17 16:06 - 00269080 _____ (AVG Technologies CZ, s.r.o.) C:\Windows\system32\Drivers\avgtdia.sys
2014-06-17 16:06 - 2014-06-17 16:06 - 00242968 _____ (AVG Technologies CZ, s.r.o.) C:\Windows\system32\Drivers\avgidsdrivera.sys
2014-06-17 16:06 - 2014-06-17 16:06 - 00190744 _____ (AVG Technologies CZ, s.r.o.) C:\Windows\system32\Drivers\avgidsha.sys
2014-06-17 16:06 - 2014-06-17 16:06 - 00153368 _____ (AVG Technologies CZ, s.r.o.) C:\Windows\system32\Drivers\avgdiska.sys
2014-06-17 16:06 - 2014-06-17 16:06 - 00123672 _____ (AVG Technologies CZ, s.r.o.) C:\Windows\system32\Drivers\avgmfx64.sys
2014-06-17 16:06 - 2014-06-17 16:06 - 00031512 _____ (AVG Technologies CZ, s.r.o.) C:\Windows\system32\Drivers\avgrkx64.sys
2014-06-11 04:23 - 2014-05-30 04:21 - 23414784 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-06-11 04:23 - 2014-05-30 04:02 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-06-11 04:23 - 2014-05-30 04:02 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2014-06-11 04:23 - 2014-05-30 03:45 - 02768384 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2014-06-11 04:23 - 2014-05-30 03:39 - 00548352 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2014-06-11 04:23 - 2014-05-30 03:39 - 00066048 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2014-06-11 04:23 - 2014-05-30 03:38 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2014-06-11 04:23 - 2014-05-30 03:28 - 00051200 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2014-06-11 04:23 - 2014-05-30 03:27 - 00033792 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2014-06-11 04:23 - 2014-05-30 03:24 - 00574976 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2014-06-11 04:23 - 2014-05-30 03:21 - 00139264 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2014-06-11 04:23 - 2014-05-30 03:21 - 00111616 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2014-06-11 04:23 - 2014-05-30 03:20 - 00752640 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2014-06-11 04:23 - 2014-05-30 03:18 - 17271296 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2014-06-11 04:23 - 2014-05-30 03:11 - 00940032 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2014-06-11 04:23 - 2014-05-30 03:08 - 05782528 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2014-06-11 04:23 - 2014-05-30 03:06 - 00452096 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2014-06-11 04:23 - 2014-05-30 03:02 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2014-06-11 04:23 - 2014-05-30 02:55 - 00038400 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2014-06-11 04:23 - 2014-05-30 02:49 - 00195584 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2014-06-11 04:23 - 2014-05-30 02:46 - 00085504 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2014-06-11 04:23 - 2014-05-30 02:44 - 00455168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2014-06-11 04:23 - 2014-05-30 02:44 - 00295424 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2014-06-11 04:23 - 2014-05-30 02:43 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2014-06-11 04:23 - 2014-05-30 02:42 - 00051200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2014-06-11 04:23 - 2014-05-30 02:38 - 02179072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2014-06-11 04:23 - 2014-05-30 02:35 - 00608768 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2014-06-11 04:23 - 2014-05-30 02:34 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2014-06-11 04:23 - 2014-05-30 02:33 - 00032768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2014-06-11 04:23 - 2014-05-30 02:30 - 00440832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2014-06-11 04:23 - 2014-05-30 02:29 - 00631808 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2014-06-11 04:23 - 2014-05-30 02:28 - 00112128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2014-06-11 04:23 - 2014-05-30 02:27 - 00592896 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2014-06-11 04:23 - 2014-05-30 02:24 - 01249280 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2014-06-11 04:23 - 2014-05-30 02:23 - 02040832 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2014-06-11 04:23 - 2014-05-30 02:16 - 00368128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2014-06-11 04:23 - 2014-05-30 02:10 - 00032256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2014-06-11 04:23 - 2014-05-30 02:06 - 00164864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2014-06-11 04:23 - 2014-05-30 02:04 - 00069632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2014-06-11 04:23 - 2014-05-30 02:02 - 00242688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2014-06-11 04:23 - 2014-05-30 01:56 - 04244992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2014-06-11 04:23 - 2014-05-30 01:56 - 02266112 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2014-06-11 04:23 - 2014-05-30 01:54 - 00526336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2014-06-11 04:23 - 2014-05-30 01:50 - 01068032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2014-06-11 04:23 - 2014-05-30 01:49 - 01964544 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2014-06-11 04:23 - 2014-05-30 01:43 - 13522944 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2014-06-11 04:23 - 2014-05-30 01:40 - 11725312 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2014-06-11 04:23 - 2014-05-30 01:30 - 01398272 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2014-06-11 04:23 - 2014-05-30 01:21 - 01790976 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2014-06-11 04:23 - 2014-05-30 01:15 - 01143296 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2014-06-11 04:23 - 2014-05-30 01:13 - 00846336 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2014-06-11 04:23 - 2014-05-30 01:13 - 00704512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2014-06-11 04:23 - 2014-05-08 03:32 - 03178496 _____ (Microsoft Corporation) C:\Windows\system32\rdpcorets.dll
2014-06-11 04:23 - 2014-05-08 03:32 - 00016384 _____ (Microsoft Corporation) C:\Windows\system32\RdpGroupPolicyExtension.dll
2014-06-11 04:23 - 2014-04-24 20:34 - 00801280 _____ (Microsoft Corporation) C:\Windows\system32\usp10.dll
2014-06-11 04:23 - 2014-04-24 20:06 - 00626688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\usp10.dll
2014-06-11 04:23 - 2014-04-04 20:47 - 01903552 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tcpip.sys
2014-06-11 04:23 - 2014-04-04 20:47 - 00288192 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\FWPKCLNT.SYS
2014-06-11 04:23 - 2014-03-26 08:44 - 02002432 _____ (Microsoft Corporation) C:\Windows\system32\msxml6.dll
2014-06-11 04:23 - 2014-03-26 08:44 - 01882112 _____ (Microsoft Corporation) C:\Windows\system32\msxml3.dll
2014-06-11 04:23 - 2014-03-26 08:41 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\msxml6r.dll
2014-06-11 04:23 - 2014-03-26 08:41 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\msxml3r.dll
2014-06-11 04:23 - 2014-03-26 08:27 - 01389056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml6.dll
2014-06-11 04:23 - 2014-03-26 08:27 - 01237504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml3.dll
2014-06-11 04:23 - 2014-03-26 08:25 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml6r.dll
2014-06-11 04:23 - 2014-03-26 08:25 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml3r.dll
2014-06-11 04:22 - 2014-06-08 03:13 - 00506368 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll
2014-06-11 04:22 - 2014-06-08 03:08 - 00424448 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2014-06-03 09:23 - 2014-06-28 23:21 - 00000000 ____D () C:\Users\Hobo\AppData\Local\Razer
2014-06-03 09:12 - 2014-06-03 09:12 - 00002441 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader XI.lnk
2014-06-03 09:12 - 2014-06-03 09:12 - 00002021 _____ () C:\Users\Public\Desktop\Adobe Reader XI.lnk
2014-06-03 09:09 - 2014-06-03 09:09 - 00000000 ____H () C:\Windows\system32\Drivers\Msft_Kernel_rzudd_01009.Wdf
2014-06-03 09:09 - 2014-06-03 09:09 - 00000000 ____H () C:\Windows\system32\Drivers\Msft_Kernel_rzendpt_01009.Wdf
2014-06-03 09:09 - 2014-06-03 09:09 - 00000000 ____D () C:\Users\Hobo\AppData\Local\Razer_Inc
2014-06-03 09:04 - 2014-06-28 23:20 - 00000000 ____D () C:\ProgramData\Razer

==================== One Month Modified Files and Folders =======

2014-06-29 01:50 - 2014-06-29 01:50 - 00014907 _____ () C:\Users\Hobo\Desktop\FRST.txt
2014-06-29 01:50 - 2014-06-29 01:49 - 00000000 ____D () C:\FRST
2014-06-29 01:48 - 2014-06-29 01:48 - 02083328 _____ (Farbar) C:\Users\Hobo\Desktop\FRST64.exe
2014-06-29 01:47 - 2014-06-29 01:47 - 00000000 ____D () C:\ProgramData\Comodo Downloader
2014-06-29 01:47 - 2014-06-29 01:45 - 00000000 ____D () C:\ProgramData\Comodo
2014-06-29 01:38 - 2014-06-29 01:38 - 00026805 _____ () C:\ComboFix.txt
2014-06-29 01:38 - 2013-01-25 00:50 - 00000000 ____D () C:\Qoobox
2014-06-29 01:36 - 2009-07-13 20:34 - 00000215 _____ () C:\Windows\system.ini
2014-06-29 01:14 - 2014-06-29 01:14 - 00000177 _____ () C:\Users\Hobo\Desktop\avgrep.txt
2014-06-29 01:14 - 2014-06-29 01:11 - 00000000 ____D () C:\Users\Hobo\AppData\Local\Avg2014
2014-06-29 01:14 - 2014-06-29 01:11 - 00000000 ____D () C:\ProgramData\MFAData
2014-06-29 01:13 - 2014-06-29 01:13 - 00000967 _____ () C:\Users\Public\Desktop\AVG 2014.lnk
2014-06-29 01:13 - 2014-06-29 01:13 - 00000000 ____D () C:\Users\Hobo\AppData\Roaming\TuneUp Software
2014-06-29 01:13 - 2014-06-29 01:13 - 00000000 ____D () C:\Users\Hobo\AppData\Roaming\AVG2014
2014-06-29 01:13 - 2014-06-29 01:13 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVG
2014-06-29 01:13 - 2014-06-29 01:13 - 00000000 ____D () C:\ProgramData\AVG2014
2014-06-29 01:13 - 2014-06-29 01:13 - 00000000 ____D () C:\Program Files (x86)\AVG
2014-06-29 01:13 - 2014-06-29 01:13 - 00000000 ____D () C:\$AVG
2014-06-29 01:11 - 2014-06-29 01:11 - 04755192 _____ (AVG Technologies) C:\Users\Hobo\Desktop\avg_free_stb_all_2014_4714_cnet.exe
2014-06-29 01:11 - 2014-06-29 01:11 - 00000000 ____D () C:\Users\Hobo\AppData\Local\MFAData
2014-06-29 01:11 - 2011-12-25 21:31 - 01833986 _____ () C:\Windows\WindowsUpdate.log
2014-06-29 01:10 - 2014-06-29 01:10 - 04050840 _____ (Avira Operations GmbH & Co. KG) C:\Users\Hobo\Desktop\avira_en_av___dlc.exe
2014-06-29 01:10 - 2014-06-29 01:10 - 00000000 ____D () C:\OETemp
2014-06-29 01:10 - 2013-09-19 18:20 - 00000000 ____D () C:\ProgramData\Package Cache
2014-06-29 01:06 - 2010-11-20 21:47 - 00973950 _____ () C:\Windows\PFRO.log
2014-06-29 00:48 - 2014-06-29 00:33 - 00000000 ____D () C:\Users\Hobo\Desktop\mbar
2014-06-29 00:48 - 2014-06-29 00:33 - 00000000 ____D () C:\ProgramData\Malwarebytes' Anti-Malware (portable)
2014-06-29 00:33 - 2014-06-28 00:11 - 00128728 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2014-06-29 00:33 - 2014-06-28 00:11 - 00092888 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys
2014-06-29 00:23 - 2014-06-29 00:23 - 00200912 _____ () C:\Users\Hobo\Desktop\Extras.Txt
2014-06-29 00:22 - 2014-06-29 00:22 - 00107880 _____ () C:\Users\Hobo\Desktop\OTL.Txt
2014-06-29 00:08 - 2014-06-26 11:27 - 00116768 _____ () C:\Users\Hobo\AppData\Local\GDIPFONTCACHEV1.DAT
2014-06-29 00:07 - 2014-06-29 00:07 - 00000000 ____D () C:\TDSSKiller_Quarantine
2014-06-29 00:00 - 2011-09-13 20:36 - 00000000 ____D () C:\ProgramData\truesuite
2014-06-28 23:55 - 2014-06-28 23:55 - 14349744 _____ (Malwarebytes Corp.) C:\Users\Hobo\Desktop\mbar-1.07.0.1012.exe
2014-06-28 23:50 - 2014-06-28 23:50 - 00602112 _____ (OldTimer Tools) C:\Users\Hobo\Desktop\OTL.exe
2014-06-28 23:48 - 2014-06-28 23:48 - 04181856 _____ (Kaspersky Lab ZAO) C:\Users\Hobo\Desktop\tdsskiller.exe
2014-06-28 23:36 - 2009-07-13 22:45 - 00024608 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-06-28 23:36 - 2009-07-13 22:45 - 00024608 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-06-28 23:31 - 2011-12-29 15:59 - 00000000 ____D () C:\Program Files (x86)\Razer
2014-06-28 23:31 - 2011-09-13 20:35 - 00174722 _____ () C:\Windows\DPINST.LOG
2014-06-28 23:29 - 2014-05-24 05:13 - 00000000 ____D () C:\Users\Hobo\AppData\Roaming\Raptr
2014-06-28 23:27 - 2012-09-29 20:28 - 00000000 ____D () C:\ProgramData\VMware
2014-06-28 23:27 - 2009-07-13 23:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-06-28 23:26 - 2009-07-13 22:51 - 00100814 _____ () C:\Windows\setupact.log
2014-06-28 23:26 - 2009-07-13 22:45 - 00429480 _____ () C:\Windows\system32\FNTCACHE.DAT
2014-06-28 23:21 - 2014-06-03 09:23 - 00000000 ____D () C:\Users\Hobo\AppData\Local\Razer
2014-06-28 23:20 - 2014-06-03 09:04 - 00000000 ____D () C:\ProgramData\Razer
2014-06-28 23:01 - 2012-06-12 22:34 - 00000830 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2014-06-28 22:25 - 2014-01-12 07:51 - 00000904 _____ () C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3494576438-3759727045-946588157-1000UA.job
2014-06-28 21:43 - 2011-12-25 21:36 - 00003918 _____ () C:\Windows\System32\Tasks\User_Feed_Synchronization-{5C036A55-DFC3-4817-8515-595F3902B4E2}
2014-06-28 18:25 - 2014-01-12 07:51 - 00000852 _____ () C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3494576438-3759727045-946588157-1000Core.job
2014-06-28 12:47 - 2012-05-15 15:30 - 00000000 ____D () C:\Users\Hobo\Documents\Diablo III
2014-06-28 12:47 - 2011-12-25 21:01 - 00000000 ____D () C:\Users\Hobo\Documents\StarCraft II
2014-06-28 01:17 - 2014-06-28 00:04 - 00000000 ____D () C:\AdwCleaner
2014-06-28 01:10 - 2014-06-27 23:57 - 00002836 _____ () C:\Users\Hobo\Desktop\Rkill.txt
2014-06-28 00:11 - 2014-06-28 00:11 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
2014-06-28 00:11 - 2014-06-28 00:11 - 00000000 ____D () C:\ProgramData\Malwarebytes
2014-06-28 00:11 - 2014-06-28 00:11 - 00000000 ____D () C:\Program Files (x86)\Malwarebytes Anti-Malware
2014-06-27 23:57 - 2012-06-11 17:19 - 00000000 ____D () C:\Users\Hobo\Desktop\Stuff
2014-06-27 23:56 - 2014-06-27 23:56 - 17292208 _____ (Malwarebytes Corporation ) C:\Users\Hobo\Desktop\mbam-setup.exe
2014-06-27 23:55 - 2014-06-29 00:48 - 05212118 ____R (Swearware) C:\Users\Hobo\Desktop\Alarmsdafecwaffe.exe
2014-06-27 23:55 - 2014-06-27 23:55 - 05212118 ____R (Swearware) C:\Users\Hobo\Desktop\dewaf3ewa.exe
2014-06-27 23:55 - 2014-06-27 23:55 - 01942776 _____ (Bleeping Computer, LLC) C:\Users\Hobo\Desktop\rkill.exe
2014-06-27 23:54 - 2014-06-27 23:54 - 01342659 _____ () C:\Users\Hobo\Desktop\AdwCleaner.exe
2014-06-27 22:27 - 2014-04-30 16:36 - 00000000 ____D () C:\Users\Hobo\AppData\Local\Skype
2014-06-27 22:27 - 2014-01-17 23:44 - 00000000 ____D () C:\Users\Hobo\Documents\RIFT
2014-06-27 22:27 - 2013-12-28 01:14 - 00000000 ____D () C:\Users\Hobo\AppData\Roaming\Sling Media
2014-06-27 22:27 - 2013-12-06 18:23 - 00000000 ____D () C:\Users\Hobo\AppData\Roaming\Wargaming.net
2014-06-27 22:27 - 2013-11-20 21:14 - 00000000 ____D () C:\Users\Hobo\AppData\Roaming\Mozilla
2014-06-27 22:27 - 2013-11-10 21:37 - 00000000 ____D () C:\Users\Hobo\Downloads\World of Warcraft 3.3.5a (no install)
2014-06-27 22:27 - 2013-09-19 18:57 - 00000000 ____D () C:\Users\Hobo\Documents\Visual Studio 2012
2014-06-27 22:27 - 2013-08-05 18:33 - 00000000 ____D () C:\Users\Hobo\Documents\2014
2014-06-27 22:27 - 2013-07-22 06:39 - 00000000 ____D () C:\Users\Hobo\Documents\Rockstar Games
2014-06-27 22:27 - 2013-07-22 06:24 - 00000000 __SHD () C:\ProgramData\SecuROM
2014-06-27 22:27 - 2013-07-22 06:19 - 00000000 ____D () C:\Users\Hobo\AppData\Local\Rockstar Games
2014-06-27 22:27 - 2013-07-22 06:18 - 00000000 __RHD () C:\Users\Hobo\AppData\Roaming\SecuROM
2014-06-27 22:27 - 2013-07-13 01:55 - 00000000 ____D () C:\Windows\pss
2014-06-27 22:27 - 2013-07-06 21:06 - 00000000 ____D () C:\Users\Hobo\Downloads\Win64_152815
2014-06-27 22:27 - 2013-05-17 21:59 - 00000000 ____D () C:\Users\Hobo\AppData\Roaming\Virtual Dyno
2014-06-27 22:27 - 2013-04-24 22:13 - 00000000 ____D () C:\Users\Hobo\Downloads\Addons
2014-06-27 22:27 - 2013-01-27 09:01 - 00000000 ____D () C:\Users\Hobo\Documents\LDW
2014-06-27 22:27 - 2013-01-02 20:48 - 00000000 ____D () C:\ProgramData\Hi-Rez Studios
2014-06-27 22:27 - 2012-12-29 01:25 - 00000000 ____D () C:\Users\Hobo\Downloads\Runescape
2014-06-27 22:27 - 2012-12-29 01:24 - 00000000 ____D () C:\Users\Hobo\Downloads\Hacking
2014-06-27 22:27 - 2012-12-09 00:11 - 00000000 ____D () C:\Users\Hobo\AppData\Local\LogMeIn Hamachi
2014-06-27 22:27 - 2012-11-21 18:17 - 00000000 ____D () C:\Users\Hobo\Downloads\World of Warcraft - Cataclysm
2014-06-27 22:27 - 2012-11-04 18:47 - 00000000 ____D () C:\Users\Hobo\Downloads\Slender v0.9.7
2014-06-27 22:27 - 2012-09-14 21:54 - 00000000 ____D () C:\ProgramData\Wild Tangent
2014-06-27 22:27 - 2012-05-15 14:46 - 00000000 ____D () C:\ProgramData\Battle.net
2014-06-27 22:27 - 2012-05-03 20:33 - 00000000 ____D () C:\Users\Hobo\AppData\Roaming\.minecraft
2014-06-27 22:27 - 2012-04-28 18:11 - 00000000 ____D () C:\Users\Hobo\jagexcache
2014-06-27 22:27 - 2012-04-17 13:43 - 00000000 ____D () C:\Users\Hobo\AppData\Local\Skyrim
2014-06-27 22:27 - 2012-04-17 13:30 - 00000000 ____D () C:\Users\Hobo\Documents\My Games
2014-06-27 22:27 - 2012-04-04 20:37 - 00000000 ____D () C:\Users\Hobo\AppData\Roaming\Skype
2014-06-27 22:27 - 2012-03-14 22:30 - 00000000 ____D () C:\Users\Hobo\AppData\Local\Apple Computer
2014-06-27 22:27 - 2012-01-11 22:04 - 00000000 ____D () C:\Users\Hobo\AppData\Local\PMB Files
2014-06-27 22:27 - 2011-12-25 22:11 - 00000000 ____D () C:\Users\Hobo\AppData\Local\Microsoft Games
2014-06-27 22:27 - 2011-09-13 20:27 - 00000000 ____D () C:\ProgramData\Sonic
2014-06-27 22:11 - 2011-12-25 11:54 - 00000000 ____D () C:\Users\Hobo\AppData\Roaming\Adobe
2014-06-27 12:36 - 2012-04-17 12:14 - 00000000 ____D () C:\Program Files (x86)\Steam
2014-06-27 12:04 - 2012-08-19 14:33 - 00007605 _____ () C:\Users\Hobo\AppData\Local\resmon.resmoncfg
2014-06-26 11:30 - 2014-06-26 10:56 - 05211571 ____R (Swearware) C:\Users\Hobo\Desktop\waffe.exe
2014-06-26 10:46 - 2011-12-25 21:31 - 00000000 ____D () C:\Users\Hobo
2014-06-26 10:30 - 2012-01-19 20:45 - 00000000 ____D () C:\Users\Hobo\AppData\Local\CrashDumps
2014-06-26 05:54 - 2014-06-18 21:02 - 00000536 _____ () C:\Users\Hobo\Downloads\THANKS.txt
2014-06-26 05:09 - 2014-06-18 21:02 - 00004632 _____ () C:\Users\Hobo\Downloads\README.txt
2014-06-26 05:05 - 2014-06-18 21:02 - 00037656 _____ () C:\Users\Hobo\Downloads\COPYING.txt
2014-06-26 05:05 - 2014-06-18 21:02 - 00003864 _____ () C:\Users\Hobo\Downloads\CHANGES.txt
2014-06-26 04:42 - 2013-12-04 16:46 - 00094744 _____ () C:\Users\Hobo\Documents\Supreme Court.pptx
2014-06-26 03:32 - 2014-06-26 03:32 - 00003806 _____ () C:\Windows\System32\Tasks\Security Center Update - 1062671344
2014-06-25 21:09 - 2011-12-29 15:59 - 00000000 ____D () C:\Users\Hobo\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Razer
2014-06-25 21:06 - 2009-07-13 23:13 - 00800286 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-06-25 21:03 - 2014-05-24 05:13 - 00000000 ____D () C:\Program Files (x86)\Raptr
2014-06-25 20:58 - 2014-06-25 20:58 - 00000000 ____H () C:\Windows\system32\Drivers\Msft_Kernel_WinUsb_01009.Wdf
2014-06-23 15:40 - 2011-12-26 17:00 - 00000166 _____ () C:\Windows\SysWOW64\DOErrors.log
2014-06-22 18:20 - 2014-01-12 07:51 - 00003872 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskUserS-1-5-21-3494576438-3759727045-946588157-1000UA
2014-06-22 18:20 - 2014-01-12 07:51 - 00003476 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskUserS-1-5-21-3494576438-3759727045-946588157-1000Core
2014-06-19 11:50 - 2012-06-12 22:34 - 00699056 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2014-06-19 11:50 - 2012-06-12 22:34 - 00003768 _____ () C:\Windows\System32\Tasks\Adobe Flash Player Updater
2014-06-19 11:50 - 2011-09-13 20:30 - 00071344 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2014-06-17 16:21 - 2014-06-17 16:21 - 00235800 _____ (AVG Technologies CZ, s.r.o.) C:\Windows\system32\Drivers\avgldx64.sys
2014-06-17 16:07 - 2014-06-17 16:07 - 00328984 _____ (AVG Technologies CZ, s.r.o.) C:\Windows\system32\Drivers\avgloga.sys
2014-06-17 16:06 - 2014-06-17 16:06 - 00269080 _____ (AVG Technologies CZ, s.r.o.) C:\Windows\system32\Drivers\avgtdia.sys
2014-06-17 16:06 - 2014-06-17 16:06 - 00242968 _____ (AVG Technologies CZ, s.r.o.) C:\Windows\system32\Drivers\avgidsdrivera.sys
2014-06-17 16:06 - 2014-06-17 16:06 - 00190744 _____ (AVG Technologies CZ, s.r.o.) C:\Windows\system32\Drivers\avgidsha.sys
2014-06-17 16:06 - 2014-06-17 16:06 - 00153368 _____ (AVG Technologies CZ, s.r.o.) C:\Windows\system32\Drivers\avgdiska.sys
2014-06-17 16:06 - 2014-06-17 16:06 - 00123672 _____ (AVG Technologies CZ, s.r.o.) C:\Windows\system32\Drivers\avgmfx64.sys
2014-06-17 16:06 - 2014-06-17 16:06 - 00031512 _____ (AVG Technologies CZ, s.r.o.) C:\Windows\system32\Drivers\avgrkx64.sys
2014-06-14 21:53 - 2009-07-13 21:20 - 00000000 ____D () C:\Windows\rescache
2014-06-14 09:39 - 2013-08-20 06:32 - 00000000 ____D () C:\Windows\system32\MRT
2014-06-14 09:38 - 2011-12-26 01:47 - 95414520 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2014-06-14 09:38 - 2011-12-25 11:53 - 00000000 ____D () C:\ProgramData\Microsoft Help
2014-06-14 09:27 - 2014-05-21 17:45 - 00000000 ___SD () C:\Windows\system32\CompatTel
2014-06-08 03:13 - 2014-06-11 04:22 - 00506368 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll
2014-06-08 03:08 - 2014-06-11 04:22 - 00424448 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2014-06-03 09:12 - 2014-06-03 09:12 - 00002441 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader XI.lnk
2014-06-03 09:12 - 2014-06-03 09:12 - 00002021 _____ () C:\Users\Public\Desktop\Adobe Reader XI.lnk
2014-06-03 09:11 - 2011-12-25 11:56 - 00000000 ____D () C:\ProgramData\Adobe
2014-06-03 09:11 - 2011-09-13 20:31 - 00000000 ____D () C:\Program Files (x86)\Adobe
2014-06-03 09:09 - 2014-06-03 09:09 - 00000000 ____H () C:\Windows\system32\Drivers\Msft_Kernel_rzudd_01009.Wdf
2014-06-03 09:09 - 2014-06-03 09:09 - 00000000 ____H () C:\Windows\system32\Drivers\Msft_Kernel_rzendpt_01009.Wdf
2014-06-03 09:09 - 2014-06-03 09:09 - 00000000 ____D () C:\Users\Hobo\AppData\Local\Razer_Inc
2014-05-30 04:21 - 2014-06-11 04:23 - 23414784 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-05-30 04:02 - 2014-06-11 04:23 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-05-30 04:02 - 2014-06-11 04:23 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2014-05-30 03:45 - 2014-06-11 04:23 - 02768384 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2014-05-30 03:39 - 2014-06-11 04:23 - 00548352 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2014-05-30 03:39 - 2014-06-11 04:23 - 00066048 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2014-05-30 03:38 - 2014-06-11 04:23 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2014-05-30 03:28 - 2014-06-11 04:23 - 00051200 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2014-05-30 03:27 - 2014-06-11 04:23 - 00033792 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2014-05-30 03:24 - 2014-06-11 04:23 - 00574976 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2014-05-30 03:21 - 2014-06-11 04:23 - 00139264 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2014-05-30 03:21 - 2014-06-11 04:23 - 00111616 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2014-05-30 03:20 - 2014-06-11 04:23 - 00752640 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2014-05-30 03:18 - 2014-06-11 04:23 - 17271296 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2014-05-30 03:11 - 2014-06-11 04:23 - 00940032 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2014-05-30 03:08 - 2014-06-11 04:23 - 05782528 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2014-05-30 03:06 - 2014-06-11 04:23 - 00452096 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2014-05-30 03:02 - 2014-06-11 04:23 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2014-05-30 02:55 - 2014-06-11 04:23 - 00038400 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2014-05-30 02:49 - 2014-06-11 04:23 - 00195584 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2014-05-30 02:46 - 2014-06-11 04:23 - 00085504 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2014-05-30 02:44 - 2014-06-11 04:23 - 00455168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2014-05-30 02:44 - 2014-06-11 04:23 - 00295424 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2014-05-30 02:43 - 2014-06-11 04:23 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2014-05-30 02:42 - 2014-06-11 04:23 - 00051200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2014-05-30 02:38 - 2014-06-11 04:23 - 02179072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2014-05-30 02:35 - 2014-06-11 04:23 - 00608768 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2014-05-30 02:34 - 2014-06-11 04:23 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2014-05-30 02:33 - 2014-06-11 04:23 - 00032768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2014-05-30 02:30 - 2014-06-11 04:23 - 00440832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2014-05-30 02:29 - 2014-06-11 04:23 - 00631808 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2014-05-30 02:28 - 2014-06-11 04:23 - 00112128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2014-05-30 02:27 - 2014-06-11 04:23 - 00592896 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2014-05-30 02:24 - 2014-06-11 04:23 - 01249280 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2014-05-30 02:23 - 2014-06-11 04:23 - 02040832 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2014-05-30 02:16 - 2014-06-11 04:23 - 00368128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2014-05-30 02:10 - 2014-06-11 04:23 - 00032256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2014-05-30 02:06 - 2014-06-11 04:23 - 00164864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2014-05-30 02:04 - 2014-06-11 04:23 - 00069632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2014-05-30 02:02 - 2014-06-11 04:23 - 00242688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2014-05-30 01:56 - 2014-06-11 04:23 - 04244992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2014-05-30 01:56 - 2014-06-11 04:23 - 02266112 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2014-05-30 01:54 - 2014-06-11 04:23 - 00526336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2014-05-30 01:50 - 2014-06-11 04:23 - 01068032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2014-05-30 01:49 - 2014-06-11 04:23 - 01964544 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2014-05-30 01:43 - 2014-06-11 04:23 - 13522944 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2014-05-30 01:40 - 2014-06-11 04:23 - 11725312 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2014-05-30 01:30 - 2014-06-11 04:23 - 01398272 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2014-05-30 01:21 - 2014-06-11 04:23 - 01790976 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2014-05-30 01:15 - 2014-06-11 04:23 - 01143296 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2014-05-30 01:13 - 2014-06-11 04:23 - 00846336 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2014-05-30 01:13 - 2014-06-11 04:23 - 00704512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll

Files to move or delete:
====================
C:\Users\Hobo\jagex_cl_runescape_LIVE.dat
C:\Users\Hobo\random.dat

==================== Bamital & volsnap Check =================

C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed

LastRegBack: 2014-06-28 11:40

==================== End Of Log ============================

 

 

 

 

Addition.txt Log

 

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 28-06-2014 02
Ran by Hobo at 2014-06-29 01:50:27
Running from C:\Users\Hobo\Desktop
Boot Mode: Normal
==========================================================

==================== Security Center ========================

AV: Symantec Endpoint Protection (Enabled - Up to date) {88C95A36-8C3B-2F2C-1B8B-30FCCFDC4855}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Symantec Endpoint Protection (Enabled - Up to date) {33A8BBD2-AA01-20A2-213B-0B8EB45B02E8}

==================== Installed Programs ======================

 Tools for .Net 3.5 (x32 Version: 3.11.50727 - Microsoft Corporation) Hidden
 Update for Microsoft Office 2007 (KB2508958) (HKLM-x32\...\{90120000-0011-0000-0000-0000000FF1CE}_PROPLUS_{0C5823AA-7B6F-44E1-8D5B-8FD1FF0E6438}) (Version:  - Microsoft)
µTorrent (HKLM-x32\...\uTorrent) (Version: 3.3.0.29544 - BitTorrent Inc.)
7 Days to Die (HKLM-x32\...\Steam App 251570) (Version:  - The Fun Pimps)
Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 2.6.0.19120 - Adobe Systems Incorporated)
Adobe AIR (x32 Version: 2.6.0.19120 - Adobe Systems Incorporated) Hidden
Adobe Download Assistant (HKLM-x32\...\com.adobe.downloadassistant.AdobeDownloadAssistant) (Version: 1.0.6 - Adobe Systems Incorporated)
Adobe Download Assistant (x32 Version: 1.0.6 - Adobe Systems Incorporated) Hidden
Adobe Flash Player 13 Plugin (HKLM-x32\...\Adobe Flash Player Plugin) (Version: 13.0.0.214 - Adobe Systems Incorporated)
Adobe Flash Player 14 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 14.0.0.125 - Adobe Systems Incorporated)
Adobe Reader XI (11.0.07) (HKLM-x32\...\{AC76BA86-7AD7-1033-7B44-AB0000000001}) (Version: 11.0.07 - Adobe Systems Incorporated)
Agatha Christie - Peril at End House (x32 Version: 2.2.0.95 - WildTangent) Hidden
AMD Accelerated Video Transcoding (Version: 13.30.100.40417 - Advanced Micro Devices, Inc.) Hidden
AMD Catalyst Control Center (x32 Version: 2014.0417.2226.38446 - Advanced Micro Devices, Inc.) Hidden
AMD Catalyst Install Manager (HKLM\...\{6119B3A6-3603-9695-0398-CDF2AF0A13F8}) (Version: 8.0.916.0 - Advanced Micro Devices, Inc.)
AMD Drag and Drop Transcoding (Version: 2.00.0000 - Advanced Micro Devices, Inc.) Hidden
AMD Wireless Display v3.0 (Version: 1.0.0.15 - Advanced Micro Devices, Inc.) Hidden
Amnesia: The Dark Descent (HKLM-x32\...\Steam App 57300) (Version:  - Frictional Games)
Apple Application Support (HKLM-x32\...\{46F044A5-CE8B-4196-984E-5BD6525E361D}) (Version: 2.3.6 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{B8AD779A-82DA-4365-A7D0-AD3DCFC55CFF}) (Version: 5.1.1.4 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)
AuthenTec TrueAPI (Version: 1.3.0.116 - AuthenTec, Inc.) Hidden
AVG 2014 (HKLM\...\AVG) (Version: 2014.0.4714 - AVG Technologies)
AVG 2014 (Version: 14.0.3986 - AVG Technologies) Hidden
AVG 2014 (Version: 14.0.4714 - AVG Technologies) Hidden
Bejeweled 3 (x32 Version: 2.2.0.97 - WildTangent) Hidden
BioShock Infinite (HKLM-x32\...\Steam App 8870) (Version:  - Irrational Games)
Blackhawk Striker 2 (x32 Version: 2.2.0.95 - WildTangent) Hidden
Blasterball 3 (x32 Version: 2.2.0.97 - WildTangent) Hidden
Blend for Visual Studio 2012 (x32 Version: 5.0.30709.0 - Microsoft Corporation) Hidden
Blend for Visual Studio 2012 ENU resources (x32 Version: 5.0.30709.0 - Microsoft Corporation) Hidden
Bonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 - Apple Inc.)
Borderlands 2 (HKLM-x32\...\Steam App 49520) (Version:  - Gearbox Software)
Bounce Symphony (x32 Version: 2.2.0.97 - WildTangent) Hidden
Cake Mania (x32 Version: 2.2.0.95 - WildTangent) Hidden
Castle Story (HKLM-x32\...\Steam App 227860) (Version:  - Sauropod Studio)
Catalyst Control Center - Branding (x32 Version: 1.00.0000 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Graphics Previews Common (x32 Version: 2014.0417.2226.38446 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center InstallProxy (x32 Version: 2014.0417.2226.38446 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Localization All (x32 Version: 2014.0417.2226.38446 - Advanced Micro Devices, Inc.) Hidden
CCC Help Chinese Standard (x32 Version: 2014.0417.2225.38446 - Advanced Micro Devices, Inc.) Hidden
CCC Help Chinese Traditional (x32 Version: 2014.0417.2225.38446 - Advanced Micro Devices, Inc.) Hidden
CCC Help Czech (x32 Version: 2014.0417.2225.38446 - Advanced Micro Devices, Inc.) Hidden
CCC Help Danish (x32 Version: 2014.0417.2225.38446 - Advanced Micro Devices, Inc.) Hidden
CCC Help Dutch (x32 Version: 2014.0417.2225.38446 - Advanced Micro Devices, Inc.) Hidden
CCC Help English (x32 Version: 2014.0417.2225.38446 - Advanced Micro Devices, Inc.) Hidden
CCC Help Finnish (x32 Version: 2014.0417.2225.38446 - Advanced Micro Devices, Inc.) Hidden
CCC Help French (x32 Version: 2014.0417.2225.38446 - Advanced Micro Devices, Inc.) Hidden
CCC Help German (x32 Version: 2014.0417.2225.38446 - Advanced Micro Devices, Inc.) Hidden
CCC Help Greek (x32 Version: 2014.0417.2225.38446 - Advanced Micro Devices, Inc.) Hidden
CCC Help Hungarian (x32 Version: 2014.0417.2225.38446 - Advanced Micro Devices, Inc.) Hidden
CCC Help Italian (x32 Version: 2014.0417.2225.38446 - Advanced Micro Devices, Inc.) Hidden
CCC Help Japanese (x32 Version: 2014.0417.2225.38446 - Advanced Micro Devices, Inc.) Hidden
CCC Help Korean (x32 Version: 2014.0417.2225.38446 - Advanced Micro Devices, Inc.) Hidden
CCC Help Norwegian (x32 Version: 2014.0417.2225.38446 - Advanced Micro Devices, Inc.) Hidden
CCC Help Polish (x32 Version: 2014.0417.2225.38446 - Advanced Micro Devices, Inc.) Hidden
CCC Help Portuguese (x32 Version: 2014.0417.2225.38446 - Advanced Micro Devices, Inc.) Hidden
CCC Help Russian (x32 Version: 2014.0417.2225.38446 - Advanced Micro Devices, Inc.) Hidden
CCC Help Spanish (x32 Version: 2014.0417.2225.38446 - Advanced Micro Devices, Inc.) Hidden
CCC Help Swedish (x32 Version: 2014.0417.2225.38446 - Advanced Micro Devices, Inc.) Hidden
CCC Help Thai (x32 Version: 2014.0417.2225.38446 - Advanced Micro Devices, Inc.) Hidden
CCC Help Turkish (x32 Version: 2014.0417.2225.38446 - Advanced Micro Devices, Inc.) Hidden
ccc-utility64 (Version: 2014.0417.2226.38446 - Advanced Micro Devices, Inc.) Hidden
Chivalry: Medieval Warfare (HKLM-x32\...\Steam App 219640) (Version:  - Torn Banner Studios)
Chronicles of Albian (x32 Version: 2.2.0.95 - WildTangent) Hidden
Chuzzle Deluxe (x32 Version: 2.2.0.95 - WildTangent) Hidden
Core Temp 1.0 RC5 (HKLM\...\{086D343F-8E78-4AFC-81AC-D6D414AFD8AC}_is1) (Version: 1.0 - Alcpu)
Cradle of Rome 2 (x32 Version: 2.2.0.95 - WildTangent) Hidden
D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
DayZ (HKLM-x32\...\Steam App 221100) (Version:  - Bohemia Interactive)
Diablo III (HKLM-x32\...\Diablo III) (Version:  - Blizzard Entertainment)
Dotfuscator and Analytics Community Edition (x32 Version: 5.5.4521.29298 - PreEmptive Solutions) Hidden
Entity Framework Designer for Visual Studio 2012 - enu (HKLM-x32\...\{0A1A1D48-DB23-443A-BC7B-49255D138020}) (Version: 11.1.20702.00 - Microsoft Corporation)
Farm Frenzy (x32 Version: 2.2.0.95 - WildTangent) Hidden
FATE (x32 Version: 2.2.0.97 - WildTangent) Hidden
FileZilla Client 3.5.3 (HKCU\...\FileZilla Client) (Version: 3.5.3 - FileZilla Project)
GameSpy Comrade (HKLM-x32\...\{176B3593-72F1-459C-829C-5E9671E2CB35}) (Version: 1.4.3.154 - GameSpy)
Garry's Mod (HKLM-x32\...\Steam App 4000) (Version:  - Facepunch Studios)
Governor of Poker 2 Premium Edition (x32 Version: 2.2.0.95 - WildTangent) Hidden
Grand Theft Auto IV (HKLM-x32\...\Steam App 12210) (Version:  - Rockstar North)
Grand Theft Auto: Episodes from Liberty City (HKLM-x32\...\Steam App 12220) (Version:  - Rockstar North / Toronto)
Guild Wars 2 (HKLM-x32\...\Guild Wars 2) (Version:  - NCsoft Corporation, Ltd.)
Guns of Icarus (HKLM-x32\...\Steam App 49800) (Version:  - Muse Games)
Guns of Icarus Online (HKLM-x32\...\Steam App 209080) (Version:  - Muse Games)
Half-Life 2 (HKLM-x32\...\Steam App 220) (Version:  - Valve)
Half-Life 2: Lost Coast (HKLM-x32\...\Steam App 340) (Version:  - Valve)
Hewlett-Packard ACLM.NET v1.1.1.0 (x32 Version: 1.00.0000 - Hewlett-Packard) Hidden
Hi-Rez Studios Authenticate and Update Service (HKLM-x32\...\{3C87E0FF-BC0A-4F5E-951B-68DC3F8DF1FC}) (Version: 3.0.0.0 - Hi-Rez Studios)
How to Survive (HKLM-x32\...\Steam App 250400) (Version:  - )
HP Auto (Version: 1.0.12935.3667 - Hewlett-Packard Company) Hidden
HP Client Services (Version: 1.1.12938.3539 - Hewlett-Packard) Hidden
HP Customer Experience Enhancements (x32 Version: 6.0.1.7 - Hewlett-Packard) Hidden
HP Games (HKLM-x32\...\WildTangent hp Master Uninstall) (Version: 1.0.2.5 - WildTangent)
HP LinkUp (HKLM-x32\...\{DB3147AB-4024-4773-8EC0-A1FE5B44933D}) (Version: 2.01.028 - Hewlett-Packard)
HP MovieStore (HKLM-x32\...\{9008D736-35CA-40DB-A2BE-5F32D954E5AA}) (Version: 2.0 - Hewlett-Packard Company)
HP MovieStore (x32 Version: 1.0.057 - Hewlett-Packard) Hidden
HP Odometer (HKLM-x32\...\{B8AC1A89-FFD1-4F97-8051-E505A160F562}) (Version: 2.10.0000 - Hewlett-Packard)
HP Setup (HKLM-x32\...\{D35B72B6-F0E4-462B-BDEB-E08032B3B681}) (Version: 8.7.4747.3786 - Hewlett-Packard Company)
HP Setup Manager (HKLM-x32\...\{AE856388-AFAD-4753-81DF-D96B19D0A17C}) (Version: 1.1.13880.3792 - Hewlett-Packard Company)
HP SimplePass PE 2011 (HKLM-x32\...\{00FF4EB6-6AAC-4E9D-A60A-8F388691BB27}) (Version: 5.3.0.194 - Hewlett-Packard)
HP Support Assistant (HKLM-x32\...\{34681D92-5958-406A-A654-1B57E7A7B3DC}) (Version: 6.0.4.1 - Hewlett-Packard Company)
HP Support Information (HKLM-x32\...\{7F2A11F4-EAE8-4325-83EC-E3E99F85169E}) (Version: 10.1.1000 - Hewlett-Packard)
HP Update (HKLM-x32\...\{DE77FE3F-A33D-499A-87AD-5FC406617B40}) (Version: 5.002.003.003 - Hewlett-Packard)
HP Vision Hardware Diagnostics (HKLM\...\{D79A02E9-6713-4335-9668-AAC7474C0C0E}) (Version: 2.9.0.0 - Hewlett-Packard)
IIS 8.0 Express (HKLM\...\{7BF61FA9-BDFB-4563-98AD-FCB0DA28CCC7}) (Version: 8.0.1557 - Microsoft Corporation)
IIS Express Application Compatibility Database for x64 (HKLM\...\{9f4f4a9b-eec5-4906-92fe-d1f43ccf5c8d}.sdb) (Version:  - )
IIS Express Application Compatibility Database for x86 (HKLM\...\{fdfba1f3-74ae-4255-9c10-a0f552b4610f}.sdb) (Version:  - )
Intel® Control Center (HKLM-x32\...\{F8A9085D-4C7A-41a9-8A77-C8998A96C421}) (Version: 1.2.1.1007 - Intel Corporation)
Intel® Identity Protection Technology 1.1.2.0 (HKLM-x32\...\{C01A86F5-56E7-101F-9BC9-E3F1025EB779}) (Version: 1.1.2.0 - Intel Corporation)
Intel® Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 7.0.0.1144 - Intel Corporation)
Intel® Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 9.17.10.3062 - Intel Corporation)
iTunes (HKLM\...\{4BDE7544-0A08-4AD9-8A8F-4B7944471C36}) (Version: 10.6.0.40 - Apple Inc.)
Java 7 Update 9 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F86417009FF}) (Version: 7.0.90 - Oracle)
Java Auto Updater (x32 Version: 2.0.7.2 - Sun Microsystems, Inc.) Hidden
Java SE Development Kit 7 Update 7 (64-bit) (HKLM\...\{64A3A4F4-B792-11D6-A78A-00B0D0170070}) (Version: 1.7.0.70 - Oracle)
Java SE Development Kit 7 Update 9 (64-bit) (HKLM\...\{64A3A4F4-B792-11D6-A78A-00B0D0170090}) (Version: 1.7.0.90 - Oracle)
Java™ 6 Update 37 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83216032FF}) (Version: 6.0.370 - Oracle)
Jewel Quest: The Sleepless Star - Collector's Edition (x32 Version: 2.2.0.95 - WildTangent) Hidden
Junk Mail filter update (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
LabelPrint (HKLM-x32\...\InstallShield_{C59C179C-668D-49A9-B6EA-0121CCFC1243}) (Version: 2.5.3925 - CyberLink Corp.)
LabelPrint (x32 Version: 2.5.3925 - CyberLink Corp.) Hidden
League of Legends (HKLM-x32\...\League of Legends 3.0.0) (Version: 3.0.0 - Riot Games)
League of Legends (x32 Version: 3.0.0 - Riot Games) Hidden
Left 4 Dead (HKLM-x32\...\Steam App 500) (Version:  - Valve)
Left 4 Dead 2 (HKLM-x32\...\Steam App 550) (Version:  - Valve)
LiveUpdate 3.3 (Symantec Corporation) (HKLM-x32\...\LiveUpdate) (Version: 3.3.0.99 - Symantec Corporation)
LocalESPC (x32 Version: 8.59.25584 - Microsoft Corporation) Hidden
LocalESPCui for en-us (x32 Version: 8.59.25584 - Microsoft) Hidden
Magic 2014  (HKLM-x32\...\Steam App 213850) (Version:  - Stainless Games)
Mah Jong Medley (x32 Version: 2.2.0.95 - WildTangent) Hidden
Malwarebytes Anti-Malware version 2.0.2.1012 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.0.2.1012 - Malwarebytes Corporation)
Mesh Runtime (x32 Version: 15.4.5722.2 - Microsoft Corporation) Hidden
MetaFrame Presentation Server Client (HKLM-x32\...\{4E21223F-8D6C-446E-9CD3-587D206A8400}) (Version: 9.00.32649 - Citrix Systems, Inc.)
Metro 2033 (HKLM-x32\...\Steam App 43110) (Version:  - 4A Games)
Metro: Last Light (HKLM-x32\...\Steam App 43160) (Version:  - 4A Games)
Microsoft .NET Framework 1.1 (HKLM-x32\...\{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}) (Version: 1.1.4322 - Microsoft)
Microsoft .NET Framework 4 Multi-Targeting Pack (HKLM-x32\...\{CFEF48A8-BFB8-3EAC-8BA5-DE4F8AA267CE}) (Version: 4.0.30319 - Microsoft Corporation)
Microsoft .NET Framework 4.5 Multi-Targeting Pack (HKLM-x32\...\{5CBFF3F3-2D40-34EE-BCA5-A95BC19E400D}) (Version: 4.5.50709 - Microsoft Corporation)
Microsoft .NET Framework 4.5 SDK (HKLM-x32\...\{1948E039-EC79-4591-951D-9867A8C14C90}) (Version: 4.5.50709 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 (Version: 4.5.50938 - Microsoft Corporation) Hidden
Microsoft Application Error Reporting (Version: 12.0.6015.5000 - Microsoft Corporation) Hidden
Microsoft Application Error Reporting (x32 Version: 12.0.6012.5000 - Microsoft Corporation) Hidden
Microsoft ASP.NET MVC 3 - Visual Studio 2012 Tools Update (x32 Version: 3.0.30710.0 - Microsoft Corporation) Hidden
Microsoft ASP.NET MVC 3 (HKLM-x32\...\{DCDEC776-BADD-48B9-8F9A-DFF513C3D7FA}) (Version: 3.0.20105.0 - Microsoft Corporation)
Microsoft ASP.NET MVC 4 - Visual Studio 2012 Tools (x32 Version: 4.0.20710.0 - Microsoft Corporation) Hidden
Microsoft ASP.NET MVC 4 Runtime (x32 Version: 4.0.20710.0 - Microsoft Corporation) Hidden
Microsoft ASP.NET Web Pages - Visual Studio 2012 Tools (x32 Version: 1.0.20710.0 - Microsoft Corporation) Hidden
Microsoft ASP.NET Web Pages (HKLM-x32\...\{631471BE-DEAB-454B-A9AC-CE3EB42C28B3}) (Version: 1.0.20105.0 - Microsoft Corporation)
Microsoft ASP.NET Web Pages 2 - Visual Studio 2012 Tools (x32 Version: 2.0.20710.0 - Microsoft Corporation) Hidden
Microsoft ASP.NET Web Pages 2 Runtime (x32 Version: 2.0.20710.0 - Microsoft Corporation) Hidden
Microsoft Games for Windows - LIVE (HKLM-x32\...\{2C9EE786-1DDB-4C98-8FA4-B1B9B5A66B77}) (Version: 3.1.186.0 - Microsoft Corporation)
Microsoft Games for Windows - LIVE Redistributable (HKLM-x32\...\{42AA4CA8-DCD8-4308-BCAB-0B6D75856A9D}) (Version: 3.5.95.0 - Microsoft Corporation)
Microsoft Help Viewer 1.1 (HKLM\...\Microsoft Help Viewer 1.1) (Version: 1.1.40219 - Microsoft Corporation)
Microsoft Help Viewer 1.1 (Version: 1.1.40219 - Microsoft Corporation) Hidden
Microsoft Help Viewer 2.0 (HKLM-x32\...\Microsoft Help Viewer 2.0) (Version: 2.0.50727 - Microsoft Corporation)
Microsoft Help Viewer 2.0 (x32 Version: 2.0.50727 - Microsoft Corporation) Hidden
Microsoft LightSwitch for Visual Studio 2012 Core (x32 Version: 11.0.50727 - Microsoft Corporation) Hidden
Microsoft LightSwitch for Visual Studio 2012 CoreRes - ENU (x32 Version: 11.0.50727 - Microsoft Corporation) Hidden
Microsoft Mathematics (HKLM-x32\...\{4D090F70-6F08-4B60-9357-A1DFD4458F09}) (Version: 4.0 - Microsoft Corporation)
Microsoft NuGet - Visual Studio 2012 (x32 Version: 2.0.30625.9003 - Microsoft Corporation) Hidden
Microsoft Office 2007 Service Pack 3 (SP3) (HKLM-x32\...\{90120000-0011-0000-0000-0000000FF1CE}_PROPLUS_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}) (Version:  - Microsoft)
Microsoft Office 2007 Service Pack 3 (SP3) (x32 Version:  - Microsoft) Hidden
Microsoft Office 2010 (HKLM-x32\...\{95140000-0070-0000-0000-0000000FF1CE}) (Version: 14.0.4763.1000 - Microsoft Corporation)
Microsoft Office Access MUI (English) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Access Setup Metadata MUI (English) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Excel MUI (English) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office File Validation Add-In (HKLM-x32\...\{90140000-2005-0000-0000-0000000FF1CE}) (Version: 14.0.5130.5003 - Microsoft Corporation)
Microsoft Office InfoPath MUI (English) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Office 64-bit Components 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Outlook MUI (English) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office PowerPoint MUI (English) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Professional Plus 2007 (HKLM-x32\...\PROPLUS) (Version: 12.0.6612.1000 - Microsoft Corporation)
Microsoft Office Professional Plus 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (English) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (French) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (Spanish) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Proofing (English) 2007 (x32 Version: 12.0.4518.1014 - Microsoft Corporation) Hidden
Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3) (x32 Version:  - Microsoft) Hidden
Microsoft Office Publisher MUI (English) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared 64-bit MUI (English) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared 64-bit Setup Metadata MUI (English) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared MUI (English) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared Setup Metadata MUI (English) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Word MUI (English) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Portable Library Multi-Targeting Pack (x32 Version: 11.0.50709.17929 - Microsoft Corporation) Hidden
Microsoft Portable Library Multi-Targeting Pack Language Pack - enu (x32 Version: 11.0.50709.17929 - Microsoft Corporation) Hidden
Microsoft Report Viewer Add-On for Visual Studio 2012 (x32 Version: 11.1.2802.16 - Microsoft Corporation) Hidden
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.30214.0 - Microsoft Corporation)
Microsoft Silverlight 4 SDK (HKLM-x32\...\{189AEA94-DAFB-487A-8CEE-F9D3DDE0A748}) (Version: 4.0.60310.0 - Microsoft Corporation)
Microsoft Silverlight 5 SDK (HKLM-x32\...\{E1FBB3D4-ADB0-4949-B101-855DA061C735}) (Version: 5.0.61118.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft SQL Server 2008 Native Client (HKLM\...\{2738C4AA-420E-4E13-ADEF-B5AB250E3EF1}) (Version: 10.3.5500.0 - Microsoft Corporation)
Microsoft SQL Server 2008 R2 Management Objects (HKLM-x32\...\{77F1F8AD-51B8-4490-AEEC-BF480073E0FC}) (Version: 10.50.1750.9 - Microsoft Corporation)
Microsoft SQL Server 2012 Command Line Utilities  (HKLM\...\{9D573E71-1077-4C7E-B4DB-4E22A5D2B48B}) (Version: 11.0.2100.60 - Microsoft Corporation)
Microsoft SQL Server 2012 Data-Tier App Framework  (HKLM\...\{36E619BC-A234-4EC3-849B-779A7C865A45}) (Version: 11.0.2316.0 - Microsoft Corporation)
Microsoft SQL Server 2012 Data-Tier App Framework  (HKLM-x32\...\{FBA6F90E-36EC-4FC9-9B25-3834E3BD46A8}) (Version: 11.0.2316.0 - Microsoft Corporation)
Microsoft SQL Server 2012 Express LocalDB  (HKLM\...\{13D558FE-A863-402C-B115-160007277033}) (Version: 11.0.2100.60 - Microsoft Corporation)
Microsoft SQL Server 2012 Management Objects  (HKLM-x32\...\{DA1C1761-5F4F-4332-AB9D-29EDF3F8EA0A}) (Version: 11.0.2100.60 - Microsoft Corporation)
Microsoft SQL Server 2012 Management Objects  (x64) (HKLM\...\{FA0A244E-F3C2-4589-B42A-3D522DE79A42}) (Version: 11.0.2100.60 - Microsoft Corporation)
Microsoft SQL Server 2012 Native Client  (HKLM\...\{49D665A2-4C2A-476E-9AB8-FCC425F526FC}) (Version: 11.0.2100.60 - Microsoft Corporation)
Microsoft SQL Server 2012 Transact-SQL Compiler Service  (HKLM\...\{BEB0F91E-F2EA-48A1-B938-7857ABF2A93D}) (Version: 11.0.2100.60 - Microsoft Corporation)
Microsoft SQL Server 2012 Transact-SQL ScriptDom  (HKLM\...\{0E8670B8-3965-4930-ADA6-570348B67153}) (Version: 11.0.2100.60 - Microsoft Corporation)
Microsoft SQL Server 2012 T-SQL Language Service  (HKLM-x32\...\{6D6D43E5-218C-4B05-92D3-2240810F4760}) (Version: 11.0.2100.60 - Microsoft Corporation)
Microsoft SQL Server Compact 3.5 SP2 ENU (HKLM-x32\...\{3A9FC03D-C685-4831-94CF-4EDFD3749497}) (Version: 3.5.8080.0 - Microsoft Corporation)
Microsoft SQL Server Compact 3.5 SP2 x64 ENU (HKLM\...\{D4AD39AD-091E-4D33-BB2B-59F6FCB8ADC3}) (Version: 3.5.8080.0 - Microsoft Corporation)
Microsoft SQL Server Compact 4.0 SP1 x64 ENU (HKLM\...\{78909610-D229-459C-A936-25D92283D3FD}) (Version: 4.0.8876.1 - Microsoft Corporation)
Microsoft SQL Server Data Tools - enu (11.1.20627.00) (HKLM-x32\...\{FA804794-2CCB-4301-954F-2C2894698876}) (Version: 11.1.20627.00 - Microsoft Corporation)
Microsoft SQL Server Data Tools Build Utilities - enu (11.1.20627.00) (HKLM-x32\...\{790E9425-8570-493F-9AE7-81AFC9E46930}) (Version: 11.1.20627.00 - Microsoft Corporation)
Microsoft SQL Server System CLR Types (HKLM-x32\...\{877B76B2-F83F-4F5A-B28D-3F398641ADB6}) (Version: 10.50.1750.9 - Microsoft Corporation)
Microsoft SQL Server System CLR Types (x64) (HKLM\...\{4701DEDE-1888-49E0-BAE5-857875924CA2}) (Version: 10.50.1600.1 - Microsoft Corporation)
Microsoft System CLR Types for SQL Server 2012 (HKLM-x32\...\{E2082604-4BA5-44BB-BBFB-AF0F3CB8C6AB}) (Version: 11.0.2100.60 - Microsoft Corporation)
Microsoft System CLR Types for SQL Server 2012 (x64) (HKLM\...\{F1949145-EB64-4DE7-9D81-E6D27937146C}) (Version: 11.0.2100.60 - Microsoft Corporation)
Microsoft Visual Basic 2010 Express - ENU (HKLM-x32\...\Microsoft Visual Basic 2010 Express - ENU) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual Basic 2010 Express - ENU (x32 Version: 10.0.40219 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{A49F249F-0C91-497F-86DF-B2585E8E76B7}) (Version: 8.0.50727.42 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{071c9b48-7c32-4621-a0ac-3f809523288f}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}) (Version: 8.0.59192 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Runtime - 10.0.40219 (HKLM\...\{1C7C8AAF-A16D-32E8-89E5-F6D165DE0BCE}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Runtime - 10.0.40219 (HKLM-x32\...\{5D9ED403-94DE-3BA0-B1D6-71F4BDA412E6}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012  x64 Designtime - 11.0.50727 (Version: 11.0.50727 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 Compilers - ENU Resources (x32 Version: 11.0.50727 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 Compilers (x32 Version: 11.0.50727 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 Core Libraries (x32 Version: 11.0.50727 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 Extended Libraries (x32 Version: 11.0.50727 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 Microsoft Foundation Class Libraries (x32 Version: 11.0.50727 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.60610 (HKLM-x32\...\{a1909659-0a08-4554-8af1-2175904903a1}) (Version: 11.0.60610.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.60610 (HKLM-x32\...\{95716cce-fc71-413f-8ad5-56c2892d4b3a}) (Version: 11.0.60610.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 x64 Additional Runtime - 11.0.60610 (Version: 11.0.60610 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x64 Debug Runtime - 11.0.50727 (Version: 11.0.50727 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x64 Minimum Runtime - 11.0.60610 (Version: 11.0.60610 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x86 Additional Runtime - 11.0.60610 (x32 Version: 11.0.60610 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x86 Debug Runtime - 11.0.50727 (x32 Version: 11.0.50727 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x86 Minimum Runtime - 11.0.60610 (x32 Version: 11.0.60610 - Microsoft Corporation) Hidden
Microsoft Visual Studio 2010 ADO.NET Entity Framework Tools (HKLM-x32\...\{14DD7530-CCD2-3798-B37D-3839ED6A441C}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual Studio 2010 Express Prerequisites x64 - ENU (HKLM\...\{BCA26999-EC22-3007-BB79-638913079C9A}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual Studio 2010 Office Developer Tools (x64) (Version: 11.0.50727 - Microsoft Corporation) Hidden
Microsoft Visual Studio 2010 Service Pack 1 (HKLM-x32\...\Microsoft Visual Studio 2010 Service Pack 1) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual Studio 2010 Service Pack 1 (x32 Version: 10.0.40219 - Microsoft Corporation) Hidden
Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64)) (Version: 10.0.50325 - Microsoft Corporation)
Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (Version: 10.0.50330 - Microsoft Corporation) Hidden
Microsoft Visual Studio 2012 Devenv (x32 Version: 11.0.50727 - Microsoft Corporation) Hidden
Microsoft Visual Studio 2012 Devenv Resources (x32 Version: 11.0.50727 - Microsoft Corporation) Hidden
Microsoft Visual Studio 2012 Performance Collection Tools - ENU (Version: 11.0.50727 - Microsoft Corporation) Hidden
Microsoft Visual Studio 2012 Performance Collection Tools (Version: 11.0.50727 - Microsoft Corporation) Hidden
Microsoft Visual Studio 2012 Preparation (x32 Version: 11.0.50727 - Microsoft Corporation) Hidden
Microsoft Visual Studio 2012 SharePoint Developer Tools (x32 Version: 11.0.50727 - Microsoft Corporation) Hidden
Microsoft Visual Studio 2012 SharePoint Developer Tools ENU Language Pack (x32 Version: 11.0.50727 - Microsoft Corporation) Hidden
Microsoft Visual Studio 2012 Shell (Minimum) (x32 Version: 11.0.50727 - Microsoft Corporation) Hidden
Microsoft Visual Studio 2012 Shell (Minimum) Interop Assemblies (x32 Version: 11.0.50727 - Microsoft Corporation) Hidden
Microsoft Visual Studio 2012 Shell (Minimum) Resources (x32 Version: 11.0.50727 - Microsoft Corporation) Hidden
Microsoft Visual Studio 2012 Tools for SQL Server Compact 4.0 SP1 ENU (x32 Version: 4.0.8876.1 - Microsoft Corporation) Hidden
Microsoft Visual Studio Professional 2012 - ENU (x32 Version: 11.0.50727 - Microsoft Corporation) Hidden
Microsoft Visual Studio Professional 2012 (HKLM-x32\...\{c93c1c16-fd12-4b07-8926-2a4af46b6597}) (Version: 11.0.50727.26 - Microsoft Corporation)
Microsoft Visual Studio Professional 2012 (x32 Version: 11.0.50727 - Microsoft Corporation) Hidden
Microsoft Visual Studio Team Foundation Server 2012 Object Model (Version: 11.0.50727 - Microsoft Corporation) Hidden
Microsoft Visual Studio Team Foundation Server 2012 Object Model Language Pack - ENU (Version: 11.0.50727 - Microsoft Corporation) Hidden
Microsoft Visual Studio Team Foundation Server 2012 Team Explorer (x32 Version: 11.0.50727 - Microsoft Corporation) Hidden
Microsoft Visual Studio Team Foundation Server 2012 Team Explorer Language Pack - ENU (x32 Version: 11.0.50727 - Microsoft Corporation) Hidden
Microsoft Visual Studio Ultimate 2012 XAML UI Designer Core (x32 Version: 11.0.50727 - Microsoft Corporation) Hidden
Microsoft Visual Studio Ultimate 2012 XAML UI Designer enu Resources (x32 Version: 11.0.50727 - Microsoft Corporation) Hidden
Microsoft Web Deploy 3.0 (HKLM\...\{AA72C306-30BE-4BB1-9E42-59552BAD2CDF}) (Version: 3.1236.1631 - Microsoft Corporation)
Microsoft Web Deploy dbSqlPackage Provider - enu (HKLM-x32\...\{E4C33F5B-1B2F-466E-957E-B274F08151A0}) (Version: 10.3.20225.0 - Microsoft Corporation)
Microsoft Web Developer Tools - Visual Studio 2012 (x32 Version: 1.0.30710.0 - Microsoft Corporation) Hidden
Microsoft Web Platform Installer 4.0 (HKLM\...\{E2B8249D-895C-4685-8C83-00F3B1A13028}) (Version: 4.0.1622 - Microsoft Corporation)
Microsoft WSE 3.0 Runtime (x32 Version: 3.0.5305.0 - Microsoft Corp.) Hidden
Mozilla Firefox 29.0.1 (x86 en-US) (HKLM-x32\...\Mozilla Firefox 29.0.1 (x86 en-US)) (Version: 29.0.1 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 29.0.1 - Mozilla)
MSVCRT (x32 Version: 15.4.2862.0708 - Microsoft) Hidden
MSVCRT_amd64 (x32 Version: 15.4.2862.0708 - Microsoft) Hidden
MSXML 4.0 SP2 (KB954430) (HKLM-x32\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM-x32\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
Mystery of Mortlake Mansion (x32 Version: 2.2.0.97 - WildTangent) Hidden
Namco All-Stars: PAC-MAN (x32 Version: 2.2.0.95 - WildTangent) Hidden
NVIDIA PhysX (HKLM-x32\...\{8B922CF8-8A6C-41CE-A858-F1755D7F5D29}) (Version: 9.12.1031 - NVIDIA Corporation)
ORION: Dino Horde (HKLM-x32\...\Steam App 104900) (Version:  - Spiral Game Studios)
Pando Media Booster (HKLM-x32\...\{980A182F-E0A2-4A40-94C1-AE0C1235902E}) (Version: 2.6.0.1 - Pando Networks Inc.)
Path of Exile (HKLM-x32\...\{90A4562F-D4A1-4B65-906D-41F236CF6902}) (Version: 0.10.0.22770 - Grinding Gear Games)
Penguins! (x32 Version: 2.2.0.95 - WildTangent) Hidden
PL-2303 USB-to-Serial (HKLM-x32\...\{ECC3713C-08A4-40E3-95F1-7D0704F1CE5E}) (Version: 1.2.10 - Prolific Technology INC)
Plants vs. Zombies - Game of the Year (x32 Version: 2.2.0.95 - WildTangent) Hidden
PlayReady PC Runtime amd64 (HKLM\...\{BCA9334F-B6C9-4F65-9A73-AC5A329A4D04}) (Version: 1.3.0 - Microsoft Corporation)
PlayReady PC Runtime x86 (HKLM-x32\...\{CCA5EAAD-92F4-4B7A-B5EE-14294C66AB61}) (Version: 1.3.0 - Microsoft Corporation)
Poker Superstars III (x32 Version: 2.2.0.95 - WildTangent) Hidden
Polar Bowler (x32 Version: 2.2.0.97 - WildTangent) Hidden
Polar Golfer (x32 Version: 2.2.0.95 - WildTangent) Hidden
Portal (HKLM-x32\...\Steam App 400) (Version:  - Valve)
Portal 2 (HKLM-x32\...\Steam App 620) (Version:  - Valve)
Portal 2 Publishing Tool (HKLM-x32\...\Steam App 644) (Version:  - )
Power2Go (HKLM-x32\...\InstallShield_{40BF1E83-20EB-11D8-97C5-0009C5020658}) (Version: 6.1.5331 - CyberLink Corp.)
Power2Go (x32 Version: 6.1.5331 - CyberLink Corp.) Hidden
PreEmptive Analytics Visual Studio Components (x32 Version: 1.0.2180.1 - PreEmptive Solutions) Hidden
Prerequisites for SSDT  (HKLM-x32\...\{9169C939-ED01-446A-BD0C-29873BAF4E48}) (Version: 11.0.2100.60 - Microsoft Corporation)
PressReader (HKLM-x32\...\{912CED74-88D3-4C5B-ACB0-132318649765}) (Version: 5.10.1217.0 -  NewspaperDirect Inc.)
QuickTime 7 (HKLM-x32\...\{111EE7DF-FC45-40C7-98A7-753AC46B12FB}) (Version: 7.75.80.95 - Apple Inc.)
RaidCall (HKLM-x32\...\RaidCall) (Version: 7.1.6-1.0.4610.39 - raidcall.com)
Raptr (HKLM-x32\...\Raptr) (Version:  - )
Razer BlackWidow Ultimate (HKLM-x32\...\{E3AC9740-66D4-412F-AE55-DD0428F78175}) (Version: 1.04.04 - Razer USA Ltd.)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6531 - Realtek Semiconductor Corp.)
Recovery Manager (x32 Version: 5.5.0.4320 - CyberLink Corp.) Hidden
Remote Graphics Receiver (HKLM-x32\...\{16FC3056-90C0-4757-8A68-64D8DA846ADA}) (Version: 5.4.5 - Hewlett-Packard)
RIFT (HKCU\...\RIFT) (Version:  - Trion Worlds, Inc.)
RoxioNow Player (HKLM-x32\...\{0EDEB615-1A60-425E-8306-0E10519C7B55}) (Version: 1.9.5.103 - RoxioNow)
RuneScape Launcher 1.2 (HKLM-x32\...\{5D87C09F-512F-474A-A306-0FE3B89C396F}) (Version: 1.2.0 - Jagex Ltd)
Saints Row: The Third (HKLM-x32\...\Steam App 55230) (Version:  - Volition)
Sid Meier's Civilization 4 Gold (HKLM-x32\...\{55502C49-F061-428C-BF26-06ECDFB3AC29}) (Version: 1.72 - Firaxis Games)
Sid Meier's Civilization V (HKLM-x32\...\Steam App 8930) (Version:  - 2K Games, Inc.)
Skype Click to Call (HKLM-x32\...\{BB285C9F-C821-4770-8970-56C4AB52C87E}) (Version: 7.2.15747.10003 - Microsoft Corporation)
Skype™ 6.14 (HKLM-x32\...\{7A3C7E05-EE37-47D6-99E1-2EB05A3DA3F7}) (Version: 6.14.104 - Skype Technologies S.A.)
Slingo Supreme (x32 Version: 2.2.0.97 - WildTangent) Hidden
SlingPlayer for Web (HKLM-x32\...\{46994DA0-6572-4A02-9354-FC49ACE8C104}) (Version: 2.4.089 - Sling Media)
SmartTRAK (HKLM-x32\...\SmartTRAK) (Version: 2.0.8.0 - UWATEC AG)
Smite (HKLM-x32\...\{3C87E0FF-BC0A-4F5E-951B-68DC3F8DF017}) (Version: 1.0.2070.0 - Hi-Rez Studios)
Source SDK (HKLM-x32\...\Steam App 211) (Version:  - Valve)
Source SDK Base 2006 (HKLM-x32\...\Steam App 215) (Version:  - Valve)
Source SDK Base 2007 (HKLM-x32\...\Steam App 218) (Version:  - Valve)
Star Trek Online (HKLM-x32\...\Steam App 9900) (Version:  - Cryptic Studios)
Star Wars: The Old Republic (HKLM-x32\...\{3B11D799-48E0-48ED-BFD7-EA655676D8BB}) (Version: 1.00 - Electronic Arts, Inc.)
Starcraft (HKLM-x32\...\Starcraft) (Version:  - )
StarCraft II (HKLM-x32\...\StarCraft II) (Version: 2.0.11.26825 - Blizzard Entertainment)
Steam (HKLM-x32\...\{048298C9-A4D3-490B-9FF9-AB023A9238F3}) (Version: 1.0.0.0 - Valve Corporation)
Symantec Endpoint Protection (HKLM\...\{B1FB7D5C-20CE-4CB6-8F39-306EFDA8290C}) (Version: 11.0.6200.754 - Symantec Corporation)
System Requirements Lab for Intel (HKLM-x32\...\{C7CA731B-BF9A-46D9-92CF-8A8737AE9240}) (Version: 4.5.13.0 - Husdawg, LLC)
Team Fortress 2 (HKLM-x32\...\Steam App 440) (Version:  - Valve)
The Elder Scrolls V: Skyrim (HKLM-x32\...\Steam App 72850) (Version:  - Bethesda Game Studios)
The Witcher 2: Assassins of Kings Enhanced Edition (HKLM-x32\...\Steam App 20920) (Version:  - CD Projekt RED)
TI Connect 1.6 (HKLM-x32\...\{A8B94669-8654-4126-BD28-D0D2412CDED6}) (Version: 1.6 - Texas Instruments Inc)
Update for 2007 Microsoft Office System (KB967642) (HKLM-x32\...\{90120000-0011-0000-0000-0000000FF1CE}_PROPLUS_{C444285D-5E4F-48A4-91DD-47AAAA68E92D}) (Version:  - Microsoft)
Update for Microsoft Office 2007 Help for Common Features (KB963673) (HKLM-x32\...\{90120000-006E-0409-0000-0000000FF1CE}_PROPLUS_{AB365889-0395-4FAD-B702-CA5985D53D42}) (Version:  - Microsoft)
Update for Microsoft Office 2007 suites (KB2596620) 32-Bit Edition (HKLM-x32\...\{90120000-0011-0000-0000-0000000FF1CE}_PROPLUS_{A024FC7B-77DE-45DE-A058-1C049A17BFB3}) (Version:  - Microsoft)
Update for Microsoft Office 2007 suites (KB2767849) 32-Bit Edition (HKLM-x32\...\{90120000-0011-0000-0000-0000000FF1CE}_PROPLUS_{CB68A5B0-3508-4193-AEB9-AF636DAECE0F}) (Version:  - Microsoft)
Update for Microsoft Office 2007 suites (KB2767849) 32-Bit Edition (HKLM-x32\...\{90120000-002A-0000-1000-0000000FF1CE}_PROPLUS_{CB68A5B0-3508-4193-AEB9-AF636DAECE0F}) (Version:  - Microsoft)
Update for Microsoft Office 2007 suites (KB2767916) 32-Bit Edition (HKLM-x32\...\{90120000-0011-0000-0000-0000000FF1CE}_PROPLUS_{E9A82945-BA29-4EE8-8F2A-2F49545E9CF2}) (Version:  - Microsoft)
Update for Microsoft Office Access 2007 Help (KB963663) (HKLM-x32\...\{90120000-0015-0409-0000-0000000FF1CE}_PROPLUS_{6B76A18A-AA1E-42AB-A7AD-6C84BBB43987}) (Version:  - Microsoft)
Update for Microsoft Office Excel 2007 Help (KB963678) (HKLM-x32\...\{90120000-0016-0409-0000-0000000FF1CE}_PROPLUS_{199DF7B6-169C-448C-B511-1054101BE9C9}) (Version:  - Microsoft)
Update for Microsoft Office Infopath 2007 Help (KB963662) (HKLM-x32\...\{90120000-0044-0409-0000-0000000FF1CE}_PROPLUS_{716B81B8-B13C-41DF-8EAC-7A2F656CAB63}) (Version:  - Microsoft)
Update for Microsoft Office Outlook 2007 (KB2687404) 32-Bit Edition (HKLM-x32\...\{90120000-001A-0409-0000-0000000FF1CE}_PROPLUS_{ED38F8A3-4F61-494E-8BCA-E3AC7760C924}) (Version:  - Microsoft)
Update for Microsoft Office Outlook 2007 (KB2863811) 32-Bit Edition (HKLM-x32\...\{90120000-0011-0000-0000-0000000FF1CE}_PROPLUS_{53DEC068-4690-4F6B-9946-7D21EF02236B}) (Version:  - Microsoft)
Update for Microsoft Office Outlook 2007 Help (KB963677) (HKLM-x32\...\{90120000-001A-0409-0000-0000000FF1CE}_PROPLUS_{0451F231-E3E3-4943-AB9F-58EB96171784}) (Version:  - Microsoft)
Update for Microsoft Office Outlook 2007 Junk Email Filter (KB2881065) 32-Bit Edition (HKLM-x32\...\{90120000-0011-0000-0000-0000000FF1CE}_PROPLUS_{B7EF38F7-1D58-4085-A9A4-0F6C69A5AA1E}) (Version:  - Microsoft)
Update for Microsoft Office Powerpoint 2007 Help (KB963669) (HKLM-x32\...\{90120000-0018-0409-0000-0000000FF1CE}_PROPLUS_{397B1D4F-ED7B-4ACA-A637-43B670843876}) (Version:  - Microsoft)
Update for Microsoft Office Publisher 2007 Help (KB963667) (HKLM-x32\...\{90120000-0019-0409-0000-0000000FF1CE}_PROPLUS_{2E40DE55-B289-4C8B-8901-5D369B16814F}) (Version:  - Microsoft)
Update for Microsoft Office Script Editor Help (KB963671) (HKLM-x32\...\{90120000-006E-0409-0000-0000000FF1CE}_PROPLUS_{CD11C6A2-FFC6-4271-8EAB-79C3582F505C}) (Version:  - Microsoft)
Update for Microsoft Office Word 2007 Help (KB963665) (HKLM-x32\...\{90120000-001B-0409-0000-0000000FF1CE}_PROPLUS_{80E762AA-C921-4839-9D7D-DB62A72C0726}) (Version:  - Microsoft)
Update for Microsoft Visual Studio 2012 (KB2781514) (HKLM-x32\...\{56ef8912-352f-4fab-9c73-6f1c92a7127f}) (Version: 11.0.51219 - Microsoft Corporation)
Update Installer for WildTangent Games App (x32 Version:  - WildTangent) Hidden
Vacation Quest - The Hawaiian Islands (x32 Version: 2.2.0.97 - WildTangent) Hidden
Ventrilo Client for Windows x64 (HKLM\...\{EEB3F6BB-318D-4CE5-989F-8191FCBFB578}) (Version: 3.0.8.0 - Flagship Industries, Inc.)
VIP Access SDK (1.0.1.4)  (HKLM-x32\...\VIP Access SDK) (Version: 1.0.1.4 - Symantec Inc.)
Virtual Villagers 5 - New Believers (x32 Version: 2.2.0.97 - WildTangent) Hidden
Visual Studio 2010 Tools for SQL Server Compact 3.5 SP2 ENU (HKLM-x32\...\{112C23F2-C036-4D40-BED4-0CB47BF5555C}) (Version: 4.0.8080.0 - Microsoft Corporation)
Visual Studio 2012 Prerequisites - ENU Language Pack (Version: 11.0.50727 - Microsoft Corporation) Hidden
Visual Studio 2012 Prerequisites (Version: 11.0.50727 - Microsoft Corporation) Hidden
Visual Studio 2012 x64 Redistributables (HKLM\...\{8C775E70-A791-4DA8-BCC3-6AB7136F4484}) (Version: 14.0.0.1 - AVG Technologies)
Visual Studio 2012 x86 Redistributables (HKLM-x32\...\{98EFF19A-30AB-4E4B-B943-F06B1C63EBF8}) (Version: 14.0.0.1 - AVG Technologies CZ, s.r.o.)
Visual Studio Extensions for Windows Library for JavaScript (x32 Version: 1.0.8514.0 - Microsoft Corporation) Hidden
VMware Player (HKLM-x32\...\VMware_Player) (Version: 5.0.0 - VMware, Inc)
VMwarePlayer_x64 (Version: 5.0.0 - VMware, Inc.) Hidden
War Thunder (HKLM-x32\...\Steam App 236390) (Version:  - Gaijin Entertainment)
WCF Data Services 5.0 (for OData v3) Primary Components (x32 Version: 5.0.50628.0 - Microsoft Corporation) Hidden
WCF Data Services Tools for Microsoft Visual Studio 2012 (x32 Version: 5.0.50710.0 - Microsoft Corporation) Hidden
WCF RIA Services V1.0 SP2 (HKLM-x32\...\{3A523AF9-D32F-4C85-8388-0335731F3405}) (Version: 4.1.61829.0 - Microsoft Corporation)
WildTangent Games App (HP Games) (x32 Version: 4.0.10.5 - WildTangent) Hidden
Windows App Certification Kit Native Components (Version: 8.59.25584 - Microsoft Corporation) Hidden
Windows App Certification Kit x64 (x32 Version: 8.59.25584 - Microsoft Corporation) Hidden
Windows Driver Package - Texas Instruments Inc. (SilvrLnk) USB  (06/11/2009 1.0.0.0) (HKLM\...\EC3E466026556D3EB760B01C4772277614354E11) (Version: 06/11/2009 1.0.0.0 - Texas Instruments Inc.)
Windows Driver Package - Texas Instruments Inc. (TIEHDUSB) USB  (09/02/2009 1.0.0.1) (HKLM\...\7511B29C86C398B4D11A0B0E4176CAD68D1B7057) (Version: 09/02/2009 1.0.0.1 - Texas Instruments Inc.)
Windows Live Communications Platform (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 15.4.3508.1109 - Microsoft Corporation)
Windows Live Essentials (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live ID Sign-in Assistant (Version: 7.250.4225.0 - Microsoft Corporation) Hidden
Windows Live Installer (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Language Selector (Version: 15.4.3508.1109 - Microsoft Corporation) Hidden
Windows Live Mail (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Mesh (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Mesh ActiveX Control for Remote Connections (HKLM-x32\...\{2902F983-B4C1-44BA-B85D-5C6D52E2C441}) (Version: 15.4.5722.2 - Microsoft Corporation)
Windows Live Messenger (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live MIME IFilter (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Movie Maker (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Photo Common (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Photo Gallery (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live PIMT Platform (x32 Version: 15.4.3508.1109 - Microsoft Corporation) Hidden
Windows Live Remote Client (Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Windows Live Remote Client Resources (Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Windows Live Remote Service (Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Windows Live Remote Service Resources (Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Windows Live SOXE (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live SOXE Definitions (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live UX Platform (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live UX Platform Language Pack (x32 Version: 15.4.3508.1109 - Microsoft Corporation) Hidden
Windows Live Writer (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Writer Resources (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Runtime Intellisense Content - en-us (x32 Version: 8.59.25584 - Microsoft Corporation) Hidden
Windows Software Development Kit (x32 Version: 8.59.25584 - Microsoft Corporation) Hidden
Windows Software Development Kit DirectX x64 Remote (Version: 8.59.25584 - Microsoft Corporation) Hidden
Windows Software Development Kit DirectX x86 Remote (x32 Version: 8.59.25584 - Microsoft Corporation) Hidden
Windows Software Development Kit for Windows Store Apps (x32 Version: 8.59.25584 - Microsoft Corporation) Hidden
Windows Software Development Kit for Windows Store Apps DirectX x64 Remote (Version: 8.59.25584 - Microsoft Corporation) Hidden
Windows Software Development Kit for Windows Store Apps DirectX x86 Remote (x32 Version: 8.59.25584 - Microsoft Corporation) Hidden
WinRAR 5.00 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.00.0 - win.rar GmbH)
World of Tanks - Common Test (HKLM-x32\...\{1EAC1D02-C6AC-4FA6-9A44-96258C37C812CT}_is1) (Version:  - Wargaming.net)
World of Tanks (HKLM-x32\...\{1EAC1D02-C6AC-4FA6-9A44-96258C37C812NA}_is1) (Version:  - Wargaming.net)
World of Warcraft (HKLM-x32\...\World of Warcraft) (Version: 5.4.0.17371 - Blizzard Entertainment)
World of Warplanes (HKLM-x32\...\{1EAC1D02-C6AC-4FA6-9A44-96258C37C813NA}_is1) (Version:  - Wargaming.net)
Zuma Deluxe (x32 Version: 2.2.0.95 - WildTangent) Hidden

==================== Restore Points  =========================

Could not list Restore Points. Check "winmgmt" service or repair WMI.

==================== Hosts content: ==========================

2009-07-13 20:34 - 2014-06-27 21:46 - 00000027 ____A C:\Windows\system32\Drivers\etc\hosts
127.0.0.1       localhost

==================== Scheduled Tasks (whitelisted) =============

Task: {30FCECC1-0AC3-4977-B777-75E9081CEFA5} - System32\Tasks\Hewlett-Packard\HP Support Assistant\PC Health Analysis => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe [2011-06-09] (Hewlett-Packard Company)
Task: {3F421E62-2B32-4FBA-A47E-F2CA0F431CE4} - System32\Tasks\Hewlett-Packard\HP Support Assistant\Update Check => C:\ProgramData\Hewlett-Packard\HP Support Framework\Resources\Updater\HPSFUpdater.exe [2011-06-08] (Hewlett-Packard)
Task: {55AC4495-5A2A-48C4-980A-FC4D1989D6B5} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Total Care Tune-Up => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPTuneUp.exe [2011-03-22] (Hewlett-Packard Company)
Task: {6B53C544-D805-4248-ACC7-06D2C6BE7F6B} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Assistant Quick Start => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPSFMessenger\HPSFMsgr.exe [2011-06-09] (Hewlett-Packard Company)
Task: {75408574-BA99-4C56-8B45-194DA1D8C4EB} - System32\Tasks\Hewlett-Packard\HP Support Assistant\PC Tuneup => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe [2011-06-09] (Hewlett-Packard Company)
Task: {7A971684-7D02-4D40-A745-A34F541851BE} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-3494576438-3759727045-946588157-1000Core => C:\Users\Hobo\AppData\Local\Google\Update\GoogleUpdate.exe [2014-01-12] (Google Inc.)
Task: {A54657FC-2D1F-4F4A-AED9-773E2F11D0F2} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2014-06-19] (Adobe Systems Incorporated)
Task: {AD40B12B-8CF1-424F-BB1F-555783137790} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-3494576438-3759727045-946588157-1000UA => C:\Users\Hobo\AppData\Local\Google\Update\GoogleUpdate.exe [2014-01-12] (Google Inc.)
Task: {E0CD3CC1-27F0-42C9-A21A-86266EE98EB7} - System32\Tasks\Security Center Update - 2741321387 => C:\Users\Hobo\AppData\Roaming\Imezenex\ihxue.exe <==== ATTENTION
Task: {FCBA4397-86AE-4D15-A88C-F8C59F045973} - System32\Tasks\RMCreator => C:\Program Files (x86)\Hewlett-Packard\Recovery\Reminder.exe [2011-07-20] (CyberLink)
Task: {FE98210B-6C3C-46A2-AA59-F6AB4775CE89} - System32\Tasks\Security Center Update - 1062671344 => C:\Users\Hobo\AppData\Roaming\Ytyspeul\cukyzo.exe <==== ATTENTION
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3494576438-3759727045-946588157-1000Core.job => C:\Users\Hobo\AppData\Local\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3494576438-3759727045-946588157-1000UA.job => C:\Users\Hobo\AppData\Local\Google\Update\GoogleUpdate.exe

==================== Loaded Modules (whitelisted) =============

==================== Alternate Data Streams (whitelisted) =========

==================== Safe Mode (whitelisted) ===================

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\ccEvtMgr => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\ccSetMgr => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Symantec Antivirus => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\ccEvtMgr => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\ccSetMgr => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\SmcService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Symantec Antivirus => ""="Service"

==================== EXE Association (whitelisted) =============

==================== MSCONFIG/TASK MANAGER disabled items =========

MSCONFIG\Services: iPod Service => 3
MSCONFIG\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^Program Neighborhood Agent.lnk => C:\Windows\pss\Program Neighborhood Agent.lnk.CommonStartup
MSCONFIG\startupfolder: C:^Users^Hobo^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^DECRYPT_INSTRUCTION.HTML => C:\Windows\pss\DECRYPT_INSTRUCTION.HTML.Startup
MSCONFIG\startupfolder: C:^Users^Hobo^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^DECRYPT_INSTRUCTION.TXT => C:\Windows\pss\DECRYPT_INSTRUCTION.TXT.Startup
MSCONFIG\startupfolder: C:^Users^Hobo^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^DECRYPT_INSTRUCTION.URL => C:\Windows\pss\DECRYPT_INSTRUCTION.URL.Startup
MSCONFIG\startupreg: Adobe ARM => "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
MSCONFIG\startupreg: APSDaemon => "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"
MSCONFIG\startupreg: Comrade.exe => C:\Program Files (x86)\GameSpy\Comrade\Comrade.exe
MSCONFIG\startupreg: HotKeysCmds => C:\Windows\system32\hkcmd.exe
MSCONFIG\startupreg: HP Software Update => c:\Program Files (x86)\HP\HP Software Update\HPWuSchd2.exe
MSCONFIG\startupreg: hpsysdrv => c:\program files (x86)\hewlett-packard\HP odometer\hpsysdrv.exe
MSCONFIG\startupreg: IgfxTray => C:\Windows\system32\igfxtray.exe
MSCONFIG\startupreg: iTunesHelper => "C:\Program Files (x86)\iTunes\iTunesHelper.exe"
MSCONFIG\startupreg: Persistence => C:\Windows\system32\igfxpers.exe
MSCONFIG\startupreg: QuickTime Task => "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime
MSCONFIG\startupreg: ROC_ROC_NT => "C:\Program Files (x86)\AVG Secure Search\ROC_ROC_NT.exe" / /PROMPT /CMPID=ROC_NT
MSCONFIG\startupreg: Skype => "C:\Program Files (x86)\Skype\Phone\Skype.exe" /minimized /regrun

==================== Faulty Device Manager Devices =============

Name: Security Processor Loader Driver
Description: Security Processor Loader Driver
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer:
Service: spldr
Problem: : This device is not present, is not working properly, or does not have all its drivers installed. (Code 24)
Resolution: The device is installed incorrectly. The problem could be a hardware failure, or a new driver might be needed.
Devices stay in this state if they have been prepared for removal.
After you remove the device, this error disappears.Remove the device, and this error should be resolved.

Name: VMware Virtual Ethernet Adapter for VMnet1
Description: VMware Virtual Ethernet Adapter for VMnet1
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: VMware, Inc.
Service: VMnetAdapter
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.

Name: VMware Virtual Ethernet Adapter for VMnet8
Description: VMware Virtual Ethernet Adapter for VMnet8
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: VMware, Inc.
Service: VMnetAdapter
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.

Name: VMware VMCI Host Device
Description: VMware VMCI Host Device
Class Guid: {4d36e97d-e325-11ce-bfc1-08002be10318}
Manufacturer: VMware, Inc.
Service: vmci
Problem: : This device is not working properly because Windows cannot load the drivers required for this device. (Code 31)
Resolution: Update the driver

==================== Event log errors: =========================

Application errors:
==================
Error: (06/29/2014 01:50:29 AM) (Source: VSS) (EventID: 8193) (User: )
Description: Volume Shadow Copy Service error: Unexpected error calling routine CoCreateInstance.  hr = 0x8007043c, This service cannot be started in Safe Mode
.

Operation:
   Instantiating VSS server

Error: (06/29/2014 01:50:29 AM) (Source: VSS) (EventID: 18) (User: )
Description: Volume Shadow Copy Service error: The COM Server with CLSID {e579ab5f-1cc4-44b4-bed9-de0991ff0623} and name IVssCoordinatorEx2 cannot be started during Safe Mode.
The Volume Shadow Copy service cannot start while in safe mode. [0x8007043c, This service cannot be started in Safe Mode
]

Operation:
   Instantiating VSS server

Error: (06/29/2014 01:21:44 AM) (Source: System Restore) (EventID: 8193) (User: )
Description: Failed to create restore point (Process = C:\Windows\system32\wbem\wmiprvse.exe; Description = ComboFix created restore point; Error = 0x8007043c).

Error: (06/29/2014 01:21:44 AM) (Source: VSS) (EventID: 8193) (User: )
Description: Volume Shadow Copy Service error: Unexpected error calling routine CoCreateInstance.  hr = 0x8007043c, This service cannot be started in Safe Mode
.

Operation:
   Instantiating VSS server

Error: (06/29/2014 01:21:44 AM) (Source: VSS) (EventID: 18) (User: )
Description: Volume Shadow Copy Service error: The COM Server with CLSID {e579ab5f-1cc4-44b4-bed9-de0991ff0623} and name IVssCoordinatorEx2 cannot be started during Safe Mode.
The Volume Shadow Copy service cannot start while in safe mode. [0x8007043c, This service cannot be started in Safe Mode
]

Operation:
   Instantiating VSS server

Error: (06/29/2014 01:13:21 AM) (Source: System Restore) (EventID: 8193) (User: )
Description: Failed to create restore point (Process = C:\Windows\system32\msiexec.exe /V; Description = Installed AVG 2014; Error = 0x8007043c).

Error: (06/29/2014 01:13:20 AM) (Source: System Restore) (EventID: 8193) (User: )
Description: Failed to create restore point (Process = C:\Windows\system32\msiexec.exe /V; Description = Installed AVG 2014; Error = 0x8007043c).

Error: (06/29/2014 01:13:18 AM) (Source: System Restore) (EventID: 8193) (User: )
Description: Failed to create restore point (Process = C:\Windows\system32\msiexec.exe /V; Description = Installed AVG 2014; Error = 0x8007043c).

Error: (06/29/2014 01:13:18 AM) (Source: System Restore) (EventID: 8193) (User: )
Description: Failed to create restore point (Process = C:\Windows\system32\msiexec.exe /V; Description = Installed AVG 2014; Error = 0x8007043c).

Error: (06/29/2014 00:50:02 AM) (Source: System Restore) (EventID: 8193) (User: )
Description: Failed to create restore point (Process = C:\Windows\system32\wbem\wmiprvse.exe; Description = ComboFix created restore point; Error = 0x8007043c).

System errors:
=============
Error: (06/29/2014 01:50:37 AM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: The Computer Browser service depends on the Server service which failed to start because of the following error:
%%1068

Error: (06/29/2014 01:50:37 AM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: The Computer Browser service depends on the Server service which failed to start because of the following error:
%%1068

Error: (06/29/2014 01:50:37 AM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: The Computer Browser service depends on the Server service which failed to start because of the following error:
%%1068

Error: (06/29/2014 01:50:37 AM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: The Computer Browser service depends on the Server service which failed to start because of the following error:
%%1068

Error: (06/29/2014 01:50:37 AM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: The Computer Browser service depends on the Server service which failed to start because of the following error:
%%1068

Error: (06/29/2014 01:50:37 AM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: The Computer Browser service depends on the Server service which failed to start because of the following error:
%%1068

Error: (06/29/2014 01:49:36 AM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: The Computer Browser service depends on the Server service which failed to start because of the following error:
%%1068

Error: (06/29/2014 01:49:36 AM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: The Computer Browser service depends on the Server service which failed to start because of the following error:
%%1068

Error: (06/29/2014 01:49:36 AM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: The Computer Browser service depends on the Server service which failed to start because of the following error:
%%1068

Error: (06/29/2014 01:49:36 AM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: The Computer Browser service depends on the Server service which failed to start because of the following error:
%%1068

Microsoft Office Sessions:
=========================

CodeIntegrity Errors:
===================================
  Date: 2014-06-27 21:46:15.086
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\waffe\catchme.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

  Date: 2014-06-27 21:46:15.039
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\waffe\catchme.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

  Date: 2014-06-27 21:46:14.977
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\waffe\catchme.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

  Date: 2014-06-27 21:46:14.914
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\waffe\catchme.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

  Date: 2014-06-26 11:16:14.991
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\waffe\catchme.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

  Date: 2014-06-26 11:16:14.929
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\waffe\catchme.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

  Date: 2014-05-15 17:21:21.347
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\ComboFix\catchme.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

  Date: 2014-05-15 17:21:21.285
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\ComboFix\catchme.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

  Date: 2013-01-25 00:00:22.065
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\wubfix27413w\catchme.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

  Date: 2013-01-25 00:00:22.049
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\wubfix27413w\catchme.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

==================== Memory info ===========================

Percentage of memory in use: 36%
Total physical RAM: 8174.53 MB
Available physical RAM: 5199.28 MB
Total Pagefile: 16347.24 MB
Available Pagefile: 13781.38 MB
Total Virtual: 8192 MB
Available Virtual: 8191.83 MB

==================== Drives ================================

Drive c: (OS) (Fixed) (Total:1385.38 GB) (Free:737.55 GB) NTFS
Drive d: (HP_RECOVERY) (Fixed) (Total:11.78 GB) (Free:1.44 GB) NTFS ==>[System with boot components (obtained from reading drive)]

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 1397 GB) (Disk ID: 0ACC506F)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=-711479787520) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=12 GB) - (Type=07 NTFS)

==================== End Of Log ============================

 

Attached Files



BC AdBot (Login to Remove)

 


m

#2 B-boy/StyLe/

B-boy/StyLe/

    Bleepin' Freestyler


  • Malware Response Team
  • 8,285 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Bulgaria
  • Local time:02:36 AM

Posted 30 June 2014 - 04:46 AM

Hello! Welcome to BleepingComputer Forums! :welcome:
My name is Georgi and and I will be helping you with your computer problems.

Before we begin, please note the following:

  • I will working be on your Malware issues, this may or may not, solve other issues you have with your machine.
  • The logs can take some time to research, so please be patient with me.
  • Stay with the topic until I tell you that your system is clean. Missing symptoms does not mean that everything is okay.
  • Instructions that I give are for your system only!
  • Please do not run any tools until requested ! The reason for this is so I know what is going on with the machine at any time. Some programs can interfere with others and hamper the recovery process.
  • Please perform all steps in the order received. If you can't understand something don't hesitate to ask.
  • Again I would like to remind you to make no further changes to your computer unless I direct you to do so. I will not help you if you do not follow my instructions.

 

 

Please download the latest version of Farbar Recovery Scan Tool and save it to your desktop.

Note: You need to run the version compatibale with your system. If you are not sure which version applies to your system download both of them and try to run them. Only one of them will run on your system, that will be the right version.

  • Double-click to run it. When the tool opens click Yes to disclaimer.
  • Press Scan button.
  • It will make a log (FRST.txt) in the same directory the tool is run. Please copy and paste it to your reply.
  • The first time the tool is run, it makes also another log (Addition.txt). Please attach it to your reply.

 

  • Next please re-run FRST again and type the following in the edit box after Search: rpcss.dll
  • Click the Search button
  • It will make a log (Search.txt)- please post the log into your reply to me.

 

Regards,

Georgi


cXfZ4wS.png


#3 Archofangel

Archofangel
  • Topic Starter

  • Members
  • 19 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:06:36 PM

Posted 30 June 2014 - 12:22 PM

Hello,

 

Thanks for the assistance, Georgi

 

 

FRST.txt

 

Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 28-06-2014 02
Ran by Hobo (administrator) on HOBO-HP on 30-06-2014 11:15:37
Running from C:\Users\Hobo\Desktop
Platform: Windows 7 Home Premium Service Pack 1 (X64) OS Language: English (United States)
Internet Explorer Version 11
Boot Mode: Normal

The only official download link for FRST:
Download link for 32-Bit version: http://www.bleepingcomputer.com/download/farbar-recovery-scan-tool/dl/81/
Download link for 64-Bit Version: http://www.bleepingcomputer.com/download/farbar-recovery-scan-tool/dl/82/
Download link from any site other than Bleeping Computer is unpermitted or outdated.
See tutorial for FRST: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processes (Whitelisted) =================

(HP) C:\Program Files (x86)\HP SimplePass 2011\TrueSuiteService.exe
(COMODO) C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe
(AMD) C:\Windows\System32\atiesrxx.exe
(AMD) C:\Windows\System32\atieclxx.exe
(Symantec Corporation) C:\Program Files (x86)\Symantec\Symantec Endpoint Protection\Smc.exe
(Symantec Corporation) C:\Program Files (x86)\Common Files\Symantec Shared\ccSvcHst.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Microsoft Corporation) C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe
(Microsoft Corporation) C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe
(Hi-Rez Studios) C:\Program Files (x86)\Hi-Rez Studios\HiPatchService.exe
(Hewlett-Packard Company) C:\Program Files\Hewlett-Packard\HP Client Services\HPClientServices.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\Shared\HPDrvMntSvc.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Services\IPT\jhi_service.exe
(Microsoft Corporation) C:\Program Files (x86)\Common Files\microsoft shared\VS7DEBUG\mdm.exe
(Roxio) C:\Program Files (x86)\Roxio\RoxioNow Player\RNowSvc.exe
(Microsoft Corporation) C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe
(Symantec Corporation) C:\Program Files (x86)\Symantec\Symantec Endpoint Protection\Rtvscan.exe
(VMware, Inc.) C:\Windows\SysWOW64\vmnat.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
(VMware, Inc.) C:\Program Files (x86)\VMware\VMware Player\vmware-authd.exe
(VMware, Inc.) C:\Windows\SysWOW64\vmnetdhcp.exe
(COMODO) C:\Program Files\COMODO\COMODO Internet Security\cavwp.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSA_Service.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe
(HP) C:\Program Files (x86)\HP SimplePass 2011\TouchControl.exe
(HP) C:\Program Files (x86)\HP SimplePass 2011\BioMonitor.exe
(Symantec Corporation) C:\Program Files (x86)\Symantec\Symantec Endpoint Protection\SmcGui.exe
(Symantec Corporation) C:\Program Files (x86)\Symantec\Symantec Endpoint Protection\ProtectionUtilSurrogate.exe
(COMODO) C:\Program Files\COMODO\COMODO Internet Security\CisTray.exe
(Razer USA Ltd) C:\Program Files (x86)\Razer\BlackWidow Ultimate\BlackWidowUltimateTray.exe
(Symantec Corporation) C:\Program Files (x86)\Common Files\Symantec Shared\ccApp.exe
(Raptr, Inc) C:\Program Files (x86)\Raptr\raptr.exe
(Raptr, Inc) C:\Program Files (x86)\Raptr\raptr_im.exe
(COMODO) C:\Program Files\COMODO\COMODO Internet Security\cis.exe
(Raptr Inc.) C:\Program Files (x86)\Raptr\raptr_ep64.exe
(Microsoft Corporation) C:\Program Files\Internet Explorer\iexplore.exe

==================== Registry (Whitelisted) ==================

HKLM\...\Run: [COMODO Internet Security] => C:\Program Files\COMODO\COMODO Internet Security\cistray.exe [1275608 2014-03-25] (COMODO)
HKLM-x32\...\Run: [Razer Blackwidow Driver] => C:\Program Files (x86)\Razer\BlackWidow Ultimate\BlackWidowUltimateTray.exe [887712 2011-05-16] (Razer USA Ltd)
HKLM-x32\...\Run: [ccApp] => C:\Program Files (x86)\Common Files\Symantec Shared\ccApp.exe [115560 2010-12-10] (Symantec Corporation)
Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)
HKLM\...\Policies\Explorer: [AllowLegacyWebView] 1
HKLM\...\Policies\Explorer: [AllowUnhashedWebView] 1
HKU\S-1-5-21-3494576438-3759727045-946588157-1000\...\Run: [Raptr] => C:\Program Files (x86)\Raptr\raptrstub.exe [55360 2014-06-24] (Raptr, Inc)

==================== Internet (Whitelisted) ====================

HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = en-US
StartMenuInternet: IEXPLORE.EXE - C:\Program Files (x86)\Internet Explorer\iexplore.exe
SearchScopes: HKLM - DefaultScope {B7971660-A1CE-4FDD-B9E0-2C37D77AFB0B} URL =
SearchScopes: HKLM - {7314BB05-1EBB-42D9-AB98-B9ECEAC052B4} URL = http://www.amazon.com/s/ref=azs_osd_iea?ie=UTF-8&tag=hp-us1-vsb-20&link%5Fcode=qs&index=aps&field-keywords={searchTerms}
SearchScopes: HKLM - {D944BB61-2E34-4DBF-A683-47E505C587DC} URL = http://rover.ebay.com/rover/1/711-30572-11896-1/4?mpre=http://shop.ebay.com/?_nkw={searchTerms}
SearchScopes: HKLM-x32 - DefaultScope value is missing.
SearchScopes: HKLM-x32 - {7314BB05-1EBB-42D9-AB98-B9ECEAC052B4} URL = http://www.amazon.com/s/ref=azs_osd_iea?ie=UTF-8&tag=hp-us1-vsb-20&link%5Fcode=qs&index=aps&field-keywords={searchTerms}
SearchScopes: HKLM-x32 - {D944BB61-2E34-4DBF-A683-47E505C587DC} URL = http://rover.ebay.com/rover/1/711-30572-11896-1/4?mpre=http://shop.ebay.com/?_nkw={searchTerms}
SearchScopes: HKCU - DefaultScope {8D8A5EF9-C573-4B8F-87CF-46110E818DD1} URL = https://www.google.com/search?q={searchTerms}
SearchScopes: HKCU - {8D8A5EF9-C573-4B8F-87CF-46110E818DD1} URL = https://www.google.com/search?q={searchTerms}
SearchScopes: HKCU - {D944BB61-2E34-4DBF-A683-47E505C587DC} URL =
BHO: Java™ Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO: TrueSuite Website Log On - {8590886E-EC8C-43C1-A32C-E4C2B0B6395B} - C:\Program Files (x86)\HP SimplePass 2011\x64\IEBHO.dll (HP)
BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO: Skype add-on for Internet Explorer - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll (Microsoft Corporation)
BHO: Java™ Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
BHO-x32: Java™ Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre6\bin\ssv.dll (Sun Microsystems, Inc.)
BHO-x32: TrueSuite Website Log On - {8590886E-EC8C-43C1-A32C-E4C2B0B6395B} - C:\Program Files (x86)\HP SimplePass 2011\IEBHO.dll (HP)
BHO-x32: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO-x32: Skype Browser Helper - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll (Microsoft Corporation)
BHO-x32: Java™ Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll (Sun Microsystems, Inc.)
Toolbar: HKCU - No Name - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} -  No File
DPF: HKLM-x32 {CF84DAC5-A4F5-419E-A0BA-C01FFD71112F} http://content.systemrequirementslab.com.s3.amazonaws.com/global/bin/srldetect_intel_4.5.13.0.cab
Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll (Microsoft Corporation)
Handler-x32: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll (Microsoft Corporation)
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Tcpip\Parameters: [DhcpNameServer] 192.168.0.1 205.171.2.25
Tcpip\..\Interfaces\{59481BDF-EE29-4718-9FF6-7BDD7B4E20B3}: [NameServer]156.154.70.22,156.154.71.22

FireFox:
========
FF ProfilePath: C:\Users\Hobo\AppData\Roaming\Mozilla\Firefox\Profiles\5n4qxvli.default
FF Homepage: hxxp://aps.blackboard.com
FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF64_13_0_0_214.dll ()
FF Plugin: @java.com/DTPlugin,version=10.9.2 - C:\Windows\system32\npDeployJava1.dll (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=10.9.2 - C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin: @microsoft.com/GENUINE - disabled No File
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files\Microsoft Silverlight\5.1.30214.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_13_0_0_214.dll ()
FF Plugin-x32: @Apple.com/iTunes,version=1.0 - C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF Plugin-x32: @java.com/DTPlugin,version=1.6.0_37 - C:\Windows\SysWOW64\npdeployJava1.dll (Sun Microsystems, Inc.)
FF Plugin-x32: @java.com/JavaPlugin - C:\Program Files (x86)\Java\jre6\bin\plugin2\npjp2.dll (Sun Microsystems, Inc.)
FF Plugin-x32: @microsoft.com/GENUINE - disabled No File
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files (x86)\Microsoft Silverlight\5.1.30214.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3508.1109 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @pandonetworks.com/PandoWebPlugin - C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks)
FF Plugin-x32: @raidcall.en/RCplugin - C:\Users\Hobo\AppData\Roaming\raidcall\plugins\nprcplugin.dll (Raidcall)
FF Plugin-x32: @WildTangent.com/GamesAppPresenceDetector,Version=1.0 - C:\Program Files (x86)\WildTangent Games\App\BrowserIntegration\Registered\7\NP_wtapp.dll ()
FF Plugin-x32: Adobe Reader - C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin HKCU: pandonetworks.com/PandoWebPlugin - C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks)
FF Extension: Black Generator Property Page - C:\Users\Hobo\AppData\Roaming\Mozilla\Firefox\Profiles\5n4qxvli.default\Extensions\{1C588501-281F-F986-6975-A4C9028F19EA} [2014-06-23]
FF Extension: Widevine Media Optimizer - C:\Users\Hobo\AppData\Roaming\Mozilla\Firefox\Profiles\5n4qxvli.default\Extensions\{2d3fbcf7-be69-4433-8858-c621a8d0e58d} [2014-01-12]
FF Extension: TrueSuite Website Logon - C:\Program Files (x86)\Mozilla Firefox\extensions\websitelogon@truesuite.com [2014-05-20]
FF Extension: Skype Click to Call - C:\Program Files (x86)\Mozilla Firefox\browser\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}.xpi [2014-05-15]

Chrome:
=======
Error reading preferences. Please check "preferences" file for possible corruption. <======= ATTENTION
CHR HKLM-x32\...\Chrome\Extension: [jpgfhihjicjofdejkbjgnjlaglaciobe] - C:\Program Files (x86)\HP SimplePass 2011\tschrome.crx [2011-06-03]

==================== Services (Whitelisted) =================

R2 c2cautoupdatesvc; C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe [1390720 2014-04-11] (Microsoft Corporation)
R2 c2cpnrsvc; C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe [1764992 2014-04-11] (Microsoft Corporation)
R2 ccEvtMgr; C:\Program Files (x86)\Common Files\Symantec Shared\ccSvcHst.exe [108392 2010-12-10] (Symantec Corporation)
R2 ccSetMgr; C:\Program Files (x86)\Common Files\Symantec Shared\ccSvcHst.exe [108392 2010-12-10] (Symantec Corporation)
R2 CmdAgent; C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe [6817544 2014-04-16] (COMODO)
S3 cmdvirth; C:\Program Files\COMODO\COMODO Internet Security\cmdvirth.exe [2264280 2014-03-25] (COMODO)
S3 COMSysApp; C:\Windows\SysWOW64\dllhost.exe [7168 2009-07-13] () [File not signed]
S3 fussvc; C:\Program Files (x86)\Windows Kits\8.0\App Certification Kit\fussvc.exe [139776 2012-07-25] (Microsoft Corporation) [File not signed]
R2 HiPatchService; C:\Program Files (x86)\Hi-Rez Studios\HiPatchService.exe [9216 2014-02-28] (Hi-Rez Studios) [File not signed]
S3 LiveUpdate; C:\Program Files (x86)\Symantec\LiveUpdate\LuComServer_3_3.EXE [3093880 2010-09-07] (Symantec Corporation)
R2 MDM; C:\Program Files (x86)\Common Files\Microsoft Shared\VS7DEBUG\mdm.exe [335872 2006-10-26] (Microsoft Corporation) [File not signed]
R2 SmcService; C:\Program Files (x86)\Symantec\Symantec Endpoint Protection\Smc.exe [3249768 2010-12-10] (Symantec Corporation)
S4 SNAC; C:\Program Files (x86)\Symantec\Symantec Endpoint Protection\SNAC64.EXE [428912 2010-12-10] (Symantec Corporation)
R2 Symantec AntiVirus; C:\Program Files (x86)\Symantec\Symantec Endpoint Protection\Rtvscan.exe [1839776 2010-12-10] (Symantec Corporation)
S4 Te.Service; C:\Program Files (x86)\Windows Kits\8.0\Testing\Runtimes\TAEF\Wex.Services.exe [126976 2012-07-25] (Microsoft Corporation) [File not signed]
R2 VMAuthdService; C:\Program Files (x86)\VMware\VMware Player\vmware-authd.exe [79872 2012-08-15] (VMware, Inc.) [File not signed]
S3 aspnet_state; %SystemRoot%\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe [X]

==================== Drivers (Whitelisted) ====================

U5 AppMgmt; C:\Windows\system32\svchost.exe [27136 2009-07-13] (Microsoft Corporation)
R1 cmderd; C:\Windows\System32\DRIVERS\cmderd.sys [23168 2014-04-16] (COMODO)
R1 cmdGuard; C:\Windows\System32\DRIVERS\cmdguard.sys [738472 2014-04-16] (COMODO)
R1 cmdHlp; C:\Windows\System32\DRIVERS\cmdhlp.sys [48360 2014-04-16] (COMODO)
R1 eeCtrl; C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\eeCtrl64.sys [486192 2014-06-13] (Symantec Corporation)
R3 EraserUtilRebootDrv; C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys [142128 2014-06-13] (Symantec Corporation)
R1 inspect; C:\Windows\System32\DRIVERS\inspect.sys [105552 2014-04-16] (COMODO)
R3 NAVENG; C:\ProgramData\Symantec\Definitions\VirusDefs\20140622.003\ENG64.SYS [126040 2013-09-16] (Symantec Corporation)
R3 NAVEX15; C:\ProgramData\Symantec\Definitions\VirusDefs\20140622.003\EX64.SYS [2099288 2013-09-16] (Symantec Corporation)
S3 pmxdrv; C:\Windows\system32\drivers\pmxdrv.sys [31152 2011-09-13] ()
S3 rzendpt; C:\Windows\System32\DRIVERS\rzendpt.sys [39080 2014-05-19] (Razer Inc)
R3 RzSynapse; C:\Windows\System32\DRIVERS\RzSynapse.sys [154624 2011-05-12] (Razer USA Ltd)
R1 SRTSP; C:\Windows\System32\Drivers\SRTSP64.SYS [449072 2010-12-10] (Symantec Corporation)
R1 SRTSP; C:\Windows\SysWOW64\Drivers\SRTSP64.SYS [449072 2010-12-10] (Symantec Corporation)
S3 SRTSPL; C:\Windows\System32\Drivers\SRTSPL64.SYS [482352 2010-12-10] (Symantec Corporation)
S3 SRTSPL; C:\Windows\SysWOW64\Drivers\SRTSPL64.SYS [482352 2010-12-10] (Symantec Corporation)
R1 SRTSPX; C:\Windows\System32\Drivers\SRTSPX64.SYS [32304 2010-12-10] (Symantec Corporation)
R1 SRTSPX; C:\Windows\SysWOW64\Drivers\SRTSPX64.SYS [32304 2010-12-10] (Symantec Corporation)
R3 SymEvent; C:\Windows\system32\Drivers\SYMEVENT64x86.SYS [173616 2012-03-29] (Symantec Corporation)
R0 vsock; C:\Windows\System32\drivers\vsock.sys [70256 2012-07-06] (VMware, Inc.)
S3 VSPerfDrv110; C:\Program Files (x86)\Microsoft Visual Studio 11.0\Team Tools\Performance Tools\x64\VSPerfDrv110.sys [70264 2012-07-13] (Microsoft Corporation)
S3 ALSysIO; \??\C:\Users\Hobo\AppData\Local\Temp\ALSysIO64.sys [X]
S3 catchme; \??\C:\waffe\catchme.sys [X]

==================== NetSvcs (Whitelisted) ===================

==================== One Month Created Files and Folders ========

2014-06-30 11:15 - 2014-06-30 11:15 - 00016497 _____ () C:\Users\Hobo\Desktop\FRST.txt
2014-06-30 02:01 - 2014-06-30 02:01 - 00000000 ____D () C:\Users\Hobo\AppData\Local\Adobe
2014-06-29 13:12 - 2014-06-29 13:12 - 00000000 ____D () C:\Users\Hobo\AppData\Roaming\Comodo
2014-06-29 12:32 - 2014-06-29 12:32 - 00001870 _____ () C:\Users\Public\Desktop\COMODO Firewall.lnk
2014-06-29 12:32 - 2014-06-29 12:32 - 00000000 ____D () C:\Windows\System32\Tasks\COMODO
2014-06-29 12:32 - 2014-06-29 12:32 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\COMODO
2014-06-29 12:30 - 2014-06-29 12:32 - 00000000 ___SD () C:\ProgramData\Shared Space
2014-06-29 12:30 - 2014-06-29 12:30 - 00000000 ____D () C:\Program Files\COMODO
2014-06-29 12:19 - 2014-06-29 12:20 - 230403208 _____ (COMODO) C:\Users\Hobo\Desktop\cfw_installer.exe
2014-06-29 11:45 - 2014-06-29 11:47 - 00000000 ____D () C:\Users\Hobo\Desktop\Possible
2014-06-29 01:52 - 2014-06-29 01:53 - 00000815 _____ () C:\Users\Hobo\Desktop\Search.txt
2014-06-29 01:49 - 2014-06-30 11:15 - 00000000 ____D () C:\FRST
2014-06-29 01:48 - 2014-06-29 01:48 - 02083328 _____ (Farbar) C:\Users\Hobo\Desktop\FRST64.exe
2014-06-29 01:47 - 2014-06-29 01:47 - 00000000 ____D () C:\ProgramData\Comodo Downloader
2014-06-29 01:45 - 2014-06-29 13:12 - 00000000 ____D () C:\ProgramData\Comodo
2014-06-29 01:38 - 2014-06-29 01:38 - 00026805 _____ () C:\ComboFix.txt
2014-06-29 01:14 - 2014-06-29 01:14 - 00000177 _____ () C:\Users\Hobo\Desktop\avgrep.txt
2014-06-29 01:13 - 2014-06-29 01:13 - 00000000 ____D () C:\Users\Hobo\AppData\Roaming\TuneUp Software
2014-06-29 01:11 - 2014-06-29 03:47 - 00000000 ____D () C:\ProgramData\MFAData
2014-06-29 01:11 - 2014-06-29 01:11 - 04755192 _____ (AVG Technologies) C:\Users\Hobo\Desktop\avg_free_stb_all_2014_4714_cnet.exe
2014-06-29 01:11 - 2014-06-29 01:11 - 00000000 ____D () C:\Users\Hobo\AppData\Local\MFAData
2014-06-29 01:10 - 2014-06-29 01:10 - 04050840 _____ (Avira Operations GmbH & Co. KG) C:\Users\Hobo\Desktop\avira_en_av___dlc.exe
2014-06-29 01:10 - 2014-06-29 01:10 - 00000000 ____D () C:\OETemp
2014-06-29 00:48 - 2014-06-27 23:55 - 05212118 ____R (Swearware) C:\Users\Hobo\Desktop\Alarmsdafecwaffe.exe
2014-06-29 00:33 - 2014-06-29 00:48 - 00000000 ____D () C:\Users\Hobo\Desktop\mbar
2014-06-29 00:33 - 2014-06-29 00:48 - 00000000 ____D () C:\ProgramData\Malwarebytes' Anti-Malware (portable)
2014-06-29 00:23 - 2014-06-29 00:23 - 00200912 _____ () C:\Users\Hobo\Desktop\Extras.Txt
2014-06-29 00:22 - 2014-06-29 00:22 - 00107880 _____ () C:\Users\Hobo\Desktop\OTL.Txt
2014-06-29 00:07 - 2014-06-29 00:07 - 00000000 ____D () C:\TDSSKiller_Quarantine
2014-06-28 23:55 - 2014-06-28 23:55 - 14349744 _____ (Malwarebytes Corp.) C:\Users\Hobo\Desktop\mbar-1.07.0.1012.exe
2014-06-28 23:50 - 2014-06-28 23:50 - 00602112 _____ (OldTimer Tools) C:\Users\Hobo\Desktop\OTL.exe
2014-06-28 23:48 - 2014-06-28 23:48 - 04181856 _____ (Kaspersky Lab ZAO) C:\Users\Hobo\Desktop\tdsskiller.exe
2014-06-28 00:11 - 2014-06-29 00:33 - 00128728 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2014-06-28 00:11 - 2014-06-29 00:33 - 00092888 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys
2014-06-28 00:11 - 2014-06-28 00:11 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
2014-06-28 00:11 - 2014-06-28 00:11 - 00000000 ____D () C:\ProgramData\Malwarebytes
2014-06-28 00:11 - 2014-06-28 00:11 - 00000000 ____D () C:\Program Files (x86)\Malwarebytes Anti-Malware
2014-06-28 00:11 - 2014-05-12 07:35 - 00063704 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys
2014-06-28 00:11 - 2014-05-12 07:35 - 00025816 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys
2014-06-28 00:05 - 2010-08-30 08:34 - 00536576 _____ (SQLite Development Team) C:\Windows\SysWOW64\sqlite3.dll
2014-06-28 00:04 - 2014-06-28 01:17 - 00000000 ____D () C:\AdwCleaner
2014-06-27 23:57 - 2014-06-28 01:10 - 00002836 _____ () C:\Users\Hobo\Desktop\Rkill.txt
2014-06-27 23:56 - 2014-06-27 23:56 - 17292208 _____ (Malwarebytes Corporation ) C:\Users\Hobo\Desktop\mbam-setup.exe
2014-06-27 23:55 - 2014-06-27 23:55 - 05212118 ____R (Swearware) C:\Users\Hobo\Desktop\dewaf3ewa.exe
2014-06-27 23:55 - 2014-06-27 23:55 - 01942776 _____ (Bleeping Computer, LLC) C:\Users\Hobo\Desktop\rkill.exe
2014-06-27 23:54 - 2014-06-27 23:54 - 01342659 _____ () C:\Users\Hobo\Desktop\AdwCleaner.exe
2014-06-26 11:27 - 2014-06-29 00:08 - 00116768 _____ () C:\Users\Hobo\AppData\Local\GDIPFONTCACHEV1.DAT
2014-06-26 10:56 - 2014-06-26 11:30 - 05211571 ____R (Swearware) C:\Users\Hobo\Desktop\waffe.exe
2014-06-26 03:32 - 2014-06-26 03:32 - 00003806 _____ () C:\Windows\System32\Tasks\Security Center Update - 1062671344
2014-06-25 20:58 - 2014-06-25 20:58 - 00000000 ____H () C:\Windows\system32\Drivers\Msft_Kernel_WinUsb_01009.Wdf
2014-06-18 21:02 - 2014-06-26 05:54 - 00000536 _____ () C:\Users\Hobo\Downloads\THANKS.txt
2014-06-18 21:02 - 2014-06-26 05:09 - 00004632 _____ () C:\Users\Hobo\Downloads\README.txt
2014-06-18 21:02 - 2014-06-26 05:05 - 00037656 _____ () C:\Users\Hobo\Downloads\COPYING.txt
2014-06-18 21:02 - 2014-06-26 05:05 - 00003864 _____ () C:\Users\Hobo\Downloads\CHANGES.txt
2014-06-18 21:02 - 2014-01-10 15:09 - 00080896 _____ (GNE) C:\Users\Hobo\Downloads\DualWallpaper.exe
2014-06-18 21:02 - 2014-01-08 17:56 - 00189440 _____ (GNE) C:\Users\Hobo\Downloads\DualLauncher.exe
2014-06-18 21:02 - 2014-01-08 17:56 - 00087040 _____ (GNE) C:\Users\Hobo\Downloads\DualSnap.exe
2014-06-18 21:02 - 2014-01-08 17:55 - 00069632 _____ (GNE) C:\Users\Hobo\Downloads\DisMon.exe
2014-06-18 21:02 - 2014-01-08 17:48 - 00166912 _____ (GNE) C:\Users\Hobo\Downloads\SwapScreen.exe
2014-06-11 04:23 - 2014-05-30 04:21 - 23414784 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-06-11 04:23 - 2014-05-30 04:02 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-06-11 04:23 - 2014-05-30 04:02 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2014-06-11 04:23 - 2014-05-30 03:45 - 02768384 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2014-06-11 04:23 - 2014-05-30 03:39 - 00548352 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2014-06-11 04:23 - 2014-05-30 03:39 - 00066048 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2014-06-11 04:23 - 2014-05-30 03:38 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2014-06-11 04:23 - 2014-05-30 03:28 - 00051200 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2014-06-11 04:23 - 2014-05-30 03:27 - 00033792 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2014-06-11 04:23 - 2014-05-30 03:24 - 00574976 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2014-06-11 04:23 - 2014-05-30 03:21 - 00139264 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2014-06-11 04:23 - 2014-05-30 03:21 - 00111616 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2014-06-11 04:23 - 2014-05-30 03:20 - 00752640 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2014-06-11 04:23 - 2014-05-30 03:18 - 17271296 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2014-06-11 04:23 - 2014-05-30 03:11 - 00940032 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2014-06-11 04:23 - 2014-05-30 03:08 - 05782528 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2014-06-11 04:23 - 2014-05-30 03:06 - 00452096 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2014-06-11 04:23 - 2014-05-30 03:02 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2014-06-11 04:23 - 2014-05-30 02:55 - 00038400 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2014-06-11 04:23 - 2014-05-30 02:49 - 00195584 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2014-06-11 04:23 - 2014-05-30 02:46 - 00085504 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2014-06-11 04:23 - 2014-05-30 02:44 - 00455168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2014-06-11 04:23 - 2014-05-30 02:44 - 00295424 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2014-06-11 04:23 - 2014-05-30 02:43 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2014-06-11 04:23 - 2014-05-30 02:42 - 00051200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2014-06-11 04:23 - 2014-05-30 02:38 - 02179072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2014-06-11 04:23 - 2014-05-30 02:35 - 00608768 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2014-06-11 04:23 - 2014-05-30 02:34 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2014-06-11 04:23 - 2014-05-30 02:33 - 00032768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2014-06-11 04:23 - 2014-05-30 02:30 - 00440832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2014-06-11 04:23 - 2014-05-30 02:29 - 00631808 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2014-06-11 04:23 - 2014-05-30 02:28 - 00112128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2014-06-11 04:23 - 2014-05-30 02:27 - 00592896 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2014-06-11 04:23 - 2014-05-30 02:24 - 01249280 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2014-06-11 04:23 - 2014-05-30 02:23 - 02040832 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2014-06-11 04:23 - 2014-05-30 02:16 - 00368128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2014-06-11 04:23 - 2014-05-30 02:10 - 00032256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2014-06-11 04:23 - 2014-05-30 02:06 - 00164864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2014-06-11 04:23 - 2014-05-30 02:04 - 00069632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2014-06-11 04:23 - 2014-05-30 02:02 - 00242688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2014-06-11 04:23 - 2014-05-30 01:56 - 04244992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2014-06-11 04:23 - 2014-05-30 01:56 - 02266112 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2014-06-11 04:23 - 2014-05-30 01:54 - 00526336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2014-06-11 04:23 - 2014-05-30 01:50 - 01068032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2014-06-11 04:23 - 2014-05-30 01:49 - 01964544 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2014-06-11 04:23 - 2014-05-30 01:43 - 13522944 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2014-06-11 04:23 - 2014-05-30 01:40 - 11725312 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2014-06-11 04:23 - 2014-05-30 01:30 - 01398272 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2014-06-11 04:23 - 2014-05-30 01:21 - 01790976 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2014-06-11 04:23 - 2014-05-30 01:15 - 01143296 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2014-06-11 04:23 - 2014-05-30 01:13 - 00846336 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2014-06-11 04:23 - 2014-05-30 01:13 - 00704512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2014-06-11 04:23 - 2014-05-08 03:32 - 03178496 _____ (Microsoft Corporation) C:\Windows\system32\rdpcorets.dll
2014-06-11 04:23 - 2014-05-08 03:32 - 00016384 _____ (Microsoft Corporation) C:\Windows\system32\RdpGroupPolicyExtension.dll
2014-06-11 04:23 - 2014-04-24 20:34 - 00801280 _____ (Microsoft Corporation) C:\Windows\system32\usp10.dll
2014-06-11 04:23 - 2014-04-24 20:06 - 00626688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\usp10.dll
2014-06-11 04:23 - 2014-04-04 20:47 - 01903552 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tcpip.sys
2014-06-11 04:23 - 2014-04-04 20:47 - 00288192 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\FWPKCLNT.SYS
2014-06-11 04:23 - 2014-03-26 08:44 - 02002432 _____ (Microsoft Corporation) C:\Windows\system32\msxml6.dll
2014-06-11 04:23 - 2014-03-26 08:44 - 01882112 _____ (Microsoft Corporation) C:\Windows\system32\msxml3.dll
2014-06-11 04:23 - 2014-03-26 08:41 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\msxml6r.dll
2014-06-11 04:23 - 2014-03-26 08:41 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\msxml3r.dll
2014-06-11 04:23 - 2014-03-26 08:27 - 01389056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml6.dll
2014-06-11 04:23 - 2014-03-26 08:27 - 01237504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml3.dll
2014-06-11 04:23 - 2014-03-26 08:25 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml6r.dll
2014-06-11 04:23 - 2014-03-26 08:25 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml3r.dll
2014-06-11 04:22 - 2014-06-08 03:13 - 00506368 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll
2014-06-11 04:22 - 2014-06-08 03:08 - 00424448 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2014-06-03 09:23 - 2014-06-28 23:21 - 00000000 ____D () C:\Users\Hobo\AppData\Local\Razer
2014-06-03 09:12 - 2014-06-03 09:12 - 00002441 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader XI.lnk
2014-06-03 09:12 - 2014-06-03 09:12 - 00002021 _____ () C:\Users\Public\Desktop\Adobe Reader XI.lnk
2014-06-03 09:09 - 2014-06-03 09:09 - 00000000 ____H () C:\Windows\system32\Drivers\Msft_Kernel_rzudd_01009.Wdf
2014-06-03 09:09 - 2014-06-03 09:09 - 00000000 ____H () C:\Windows\system32\Drivers\Msft_Kernel_rzendpt_01009.Wdf
2014-06-03 09:09 - 2014-06-03 09:09 - 00000000 ____D () C:\Users\Hobo\AppData\Local\Razer_Inc
2014-06-03 09:04 - 2014-06-28 23:20 - 00000000 ____D () C:\ProgramData\Razer

==================== One Month Modified Files and Folders =======

2014-06-30 11:15 - 2014-06-30 11:15 - 00016497 _____ () C:\Users\Hobo\Desktop\FRST.txt
2014-06-30 11:15 - 2014-06-29 01:49 - 00000000 ____D () C:\FRST
2014-06-30 11:15 - 2012-06-11 17:19 - 00000000 ____D () C:\Users\Hobo\Desktop\Stuff
2014-06-30 11:09 - 2011-12-25 21:36 - 00003918 _____ () C:\Windows\System32\Tasks\User_Feed_Synchronization-{5C036A55-DFC3-4817-8515-595F3902B4E2}
2014-06-30 11:01 - 2012-06-12 22:34 - 00000830 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2014-06-30 08:43 - 2011-12-25 21:31 - 01888230 _____ () C:\Windows\WindowsUpdate.log
2014-06-30 02:01 - 2014-06-30 02:01 - 00000000 ____D () C:\Users\Hobo\AppData\Local\Adobe
2014-06-30 01:58 - 2014-05-24 05:13 - 00000000 ____D () C:\Users\Hobo\AppData\Roaming\Raptr
2014-06-30 00:32 - 2011-09-13 20:36 - 00000000 ____D () C:\ProgramData\truesuite
2014-06-29 21:47 - 2012-08-19 14:33 - 00007606 _____ () C:\Users\Hobo\AppData\Local\resmon.resmoncfg
2014-06-29 21:07 - 2012-05-15 15:30 - 00000000 ____D () C:\Users\Hobo\Documents\Diablo III
2014-06-29 21:07 - 2011-12-25 21:01 - 00000000 ____D () C:\Users\Hobo\Documents\StarCraft II
2014-06-29 13:58 - 2009-07-13 22:45 - 00024608 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-06-29 13:58 - 2009-07-13 22:45 - 00024608 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-06-29 13:50 - 2012-09-29 20:28 - 00000000 ____D () C:\ProgramData\VMware
2014-06-29 13:50 - 2009-07-13 23:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-06-29 13:49 - 2009-07-13 22:51 - 00101094 _____ () C:\Windows\setupact.log
2014-06-29 13:37 - 2012-04-17 12:14 - 00000000 ____D () C:\Program Files (x86)\Steam
2014-06-29 13:25 - 2012-11-11 22:57 - 00000000 ____D () C:\Users\Hobo\AppData\Local\Google
2014-06-29 13:12 - 2014-06-29 13:12 - 00000000 ____D () C:\Users\Hobo\AppData\Roaming\Comodo
2014-06-29 13:12 - 2014-06-29 01:45 - 00000000 ____D () C:\ProgramData\Comodo
2014-06-29 12:32 - 2014-06-29 12:32 - 00001870 _____ () C:\Users\Public\Desktop\COMODO Firewall.lnk
2014-06-29 12:32 - 2014-06-29 12:32 - 00000000 ____D () C:\Windows\System32\Tasks\COMODO
2014-06-29 12:32 - 2014-06-29 12:32 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\COMODO
2014-06-29 12:32 - 2014-06-29 12:30 - 00000000 ___SD () C:\ProgramData\Shared Space
2014-06-29 12:32 - 2012-12-08 23:23 - 00000000 ____D () C:\Users\hedev
2014-06-29 12:30 - 2014-06-29 12:30 - 00000000 ____D () C:\Program Files\COMODO
2014-06-29 12:20 - 2014-06-29 12:19 - 230403208 _____ (COMODO) C:\Users\Hobo\Desktop\cfw_installer.exe
2014-06-29 11:47 - 2014-06-29 11:45 - 00000000 ____D () C:\Users\Hobo\Desktop\Possible
2014-06-29 11:25 - 2010-11-20 21:47 - 00983602 _____ () C:\Windows\PFRO.log
2014-06-29 03:47 - 2014-06-29 01:11 - 00000000 ____D () C:\ProgramData\MFAData
2014-06-29 01:53 - 2014-06-29 01:52 - 00000815 _____ () C:\Users\Hobo\Desktop\Search.txt
2014-06-29 01:48 - 2014-06-29 01:48 - 02083328 _____ (Farbar) C:\Users\Hobo\Desktop\FRST64.exe
2014-06-29 01:47 - 2014-06-29 01:47 - 00000000 ____D () C:\ProgramData\Comodo Downloader
2014-06-29 01:38 - 2014-06-29 01:38 - 00026805 _____ () C:\ComboFix.txt
2014-06-29 01:38 - 2013-01-25 00:50 - 00000000 ____D () C:\Qoobox
2014-06-29 01:36 - 2009-07-13 20:34 - 00000215 _____ () C:\Windows\system.ini
2014-06-29 01:14 - 2014-06-29 01:14 - 00000177 _____ () C:\Users\Hobo\Desktop\avgrep.txt
2014-06-29 01:13 - 2014-06-29 01:13 - 00000000 ____D () C:\Users\Hobo\AppData\Roaming\TuneUp Software
2014-06-29 01:11 - 2014-06-29 01:11 - 04755192 _____ (AVG Technologies) C:\Users\Hobo\Desktop\avg_free_stb_all_2014_4714_cnet.exe
2014-06-29 01:11 - 2014-06-29 01:11 - 00000000 ____D () C:\Users\Hobo\AppData\Local\MFAData
2014-06-29 01:10 - 2014-06-29 01:10 - 04050840 _____ (Avira Operations GmbH & Co. KG) C:\Users\Hobo\Desktop\avira_en_av___dlc.exe
2014-06-29 01:10 - 2014-06-29 01:10 - 00000000 ____D () C:\OETemp
2014-06-29 01:10 - 2013-09-19 18:20 - 00000000 ____D () C:\ProgramData\Package Cache
2014-06-29 00:48 - 2014-06-29 00:33 - 00000000 ____D () C:\Users\Hobo\Desktop\mbar
2014-06-29 00:48 - 2014-06-29 00:33 - 00000000 ____D () C:\ProgramData\Malwarebytes' Anti-Malware (portable)
2014-06-29 00:33 - 2014-06-28 00:11 - 00128728 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2014-06-29 00:33 - 2014-06-28 00:11 - 00092888 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys
2014-06-29 00:23 - 2014-06-29 00:23 - 00200912 _____ () C:\Users\Hobo\Desktop\Extras.Txt
2014-06-29 00:22 - 2014-06-29 00:22 - 00107880 _____ () C:\Users\Hobo\Desktop\OTL.Txt
2014-06-29 00:08 - 2014-06-26 11:27 - 00116768 _____ () C:\Users\Hobo\AppData\Local\GDIPFONTCACHEV1.DAT
2014-06-29 00:07 - 2014-06-29 00:07 - 00000000 ____D () C:\TDSSKiller_Quarantine
2014-06-28 23:55 - 2014-06-28 23:55 - 14349744 _____ (Malwarebytes Corp.) C:\Users\Hobo\Desktop\mbar-1.07.0.1012.exe
2014-06-28 23:50 - 2014-06-28 23:50 - 00602112 _____ (OldTimer Tools) C:\Users\Hobo\Desktop\OTL.exe
2014-06-28 23:48 - 2014-06-28 23:48 - 04181856 _____ (Kaspersky Lab ZAO) C:\Users\Hobo\Desktop\tdsskiller.exe
2014-06-28 23:31 - 2011-12-29 15:59 - 00000000 ____D () C:\Program Files (x86)\Razer
2014-06-28 23:31 - 2011-09-13 20:35 - 00174722 _____ () C:\Windows\DPINST.LOG
2014-06-28 23:26 - 2009-07-13 22:45 - 00429480 _____ () C:\Windows\system32\FNTCACHE.DAT
2014-06-28 23:21 - 2014-06-03 09:23 - 00000000 ____D () C:\Users\Hobo\AppData\Local\Razer
2014-06-28 23:20 - 2014-06-03 09:04 - 00000000 ____D () C:\ProgramData\Razer
2014-06-28 01:17 - 2014-06-28 00:04 - 00000000 ____D () C:\AdwCleaner
2014-06-28 01:10 - 2014-06-27 23:57 - 00002836 _____ () C:\Users\Hobo\Desktop\Rkill.txt
2014-06-28 00:11 - 2014-06-28 00:11 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
2014-06-28 00:11 - 2014-06-28 00:11 - 00000000 ____D () C:\ProgramData\Malwarebytes
2014-06-28 00:11 - 2014-06-28 00:11 - 00000000 ____D () C:\Program Files (x86)\Malwarebytes Anti-Malware
2014-06-27 23:56 - 2014-06-27 23:56 - 17292208 _____ (Malwarebytes Corporation ) C:\Users\Hobo\Desktop\mbam-setup.exe
2014-06-27 23:55 - 2014-06-29 00:48 - 05212118 ____R (Swearware) C:\Users\Hobo\Desktop\Alarmsdafecwaffe.exe
2014-06-27 23:55 - 2014-06-27 23:55 - 05212118 ____R (Swearware) C:\Users\Hobo\Desktop\dewaf3ewa.exe
2014-06-27 23:55 - 2014-06-27 23:55 - 01942776 _____ (Bleeping Computer, LLC) C:\Users\Hobo\Desktop\rkill.exe
2014-06-27 23:54 - 2014-06-27 23:54 - 01342659 _____ () C:\Users\Hobo\Desktop\AdwCleaner.exe
2014-06-27 22:27 - 2014-04-30 16:36 - 00000000 ____D () C:\Users\Hobo\AppData\Local\Skype
2014-06-27 22:27 - 2014-01-17 23:44 - 00000000 ____D () C:\Users\Hobo\Documents\RIFT
2014-06-27 22:27 - 2013-12-28 01:14 - 00000000 ____D () C:\Users\Hobo\AppData\Roaming\Sling Media
2014-06-27 22:27 - 2013-12-06 18:23 - 00000000 ____D () C:\Users\Hobo\AppData\Roaming\Wargaming.net
2014-06-27 22:27 - 2013-11-20 21:14 - 00000000 ____D () C:\Users\Hobo\AppData\Roaming\Mozilla
2014-06-27 22:27 - 2013-11-10 21:37 - 00000000 ____D () C:\Users\Hobo\Downloads\World of Warcraft 3.3.5a (no install)
2014-06-27 22:27 - 2013-09-19 18:57 - 00000000 ____D () C:\Users\Hobo\Documents\Visual Studio 2012
2014-06-27 22:27 - 2013-08-05 18:33 - 00000000 ____D () C:\Users\Hobo\Documents\2014
2014-06-27 22:27 - 2013-07-22 06:39 - 00000000 ____D () C:\Users\Hobo\Documents\Rockstar Games
2014-06-27 22:27 - 2013-07-22 06:24 - 00000000 __SHD () C:\ProgramData\SecuROM
2014-06-27 22:27 - 2013-07-22 06:19 - 00000000 ____D () C:\Users\Hobo\AppData\Local\Rockstar Games
2014-06-27 22:27 - 2013-07-22 06:18 - 00000000 __RHD () C:\Users\Hobo\AppData\Roaming\SecuROM
2014-06-27 22:27 - 2013-07-13 01:55 - 00000000 ____D () C:\Windows\pss
2014-06-27 22:27 - 2013-07-06 21:06 - 00000000 ____D () C:\Users\Hobo\Downloads\Win64_152815
2014-06-27 22:27 - 2013-05-17 21:59 - 00000000 ____D () C:\Users\Hobo\AppData\Roaming\Virtual Dyno
2014-06-27 22:27 - 2013-04-24 22:13 - 00000000 ____D () C:\Users\Hobo\Downloads\Addons
2014-06-27 22:27 - 2013-01-27 09:01 - 00000000 ____D () C:\Users\Hobo\Documents\LDW
2014-06-27 22:27 - 2013-01-02 20:48 - 00000000 ____D () C:\ProgramData\Hi-Rez Studios
2014-06-27 22:27 - 2012-12-29 01:25 - 00000000 ____D () C:\Users\Hobo\Downloads\Runescape
2014-06-27 22:27 - 2012-12-29 01:24 - 00000000 ____D () C:\Users\Hobo\Downloads\Hacking
2014-06-27 22:27 - 2012-12-09 00:11 - 00000000 ____D () C:\Users\Hobo\AppData\Local\LogMeIn Hamachi
2014-06-27 22:27 - 2012-11-21 18:17 - 00000000 ____D () C:\Users\Hobo\Downloads\World of Warcraft - Cataclysm
2014-06-27 22:27 - 2012-11-04 18:47 - 00000000 ____D () C:\Users\Hobo\Downloads\Slender v0.9.7
2014-06-27 22:27 - 2012-09-14 21:54 - 00000000 ____D () C:\ProgramData\Wild Tangent
2014-06-27 22:27 - 2012-05-15 14:46 - 00000000 ____D () C:\ProgramData\Battle.net
2014-06-27 22:27 - 2012-05-03 20:33 - 00000000 ____D () C:\Users\Hobo\AppData\Roaming\.minecraft
2014-06-27 22:27 - 2012-04-28 18:11 - 00000000 ____D () C:\Users\Hobo\jagexcache
2014-06-27 22:27 - 2012-04-17 13:43 - 00000000 ____D () C:\Users\Hobo\AppData\Local\Skyrim
2014-06-27 22:27 - 2012-04-17 13:30 - 00000000 ____D () C:\Users\Hobo\Documents\My Games
2014-06-27 22:27 - 2012-04-04 20:37 - 00000000 ____D () C:\Users\Hobo\AppData\Roaming\Skype
2014-06-27 22:27 - 2012-03-14 22:30 - 00000000 ____D () C:\Users\Hobo\AppData\Local\Apple Computer
2014-06-27 22:27 - 2012-01-11 22:04 - 00000000 ____D () C:\Users\Hobo\AppData\Local\PMB Files
2014-06-27 22:27 - 2011-12-25 22:11 - 00000000 ____D () C:\Users\Hobo\AppData\Local\Microsoft Games
2014-06-27 22:27 - 2011-09-13 20:27 - 00000000 ____D () C:\ProgramData\Sonic
2014-06-27 22:11 - 2011-12-25 11:54 - 00000000 ____D () C:\Users\Hobo\AppData\Roaming\Adobe
2014-06-26 11:30 - 2014-06-26 10:56 - 05211571 ____R (Swearware) C:\Users\Hobo\Desktop\waffe.exe
2014-06-26 10:46 - 2011-12-25 21:31 - 00000000 ____D () C:\Users\Hobo
2014-06-26 10:30 - 2012-01-19 20:45 - 00000000 ____D () C:\Users\Hobo\AppData\Local\CrashDumps
2014-06-26 05:54 - 2014-06-18 21:02 - 00000536 _____ () C:\Users\Hobo\Downloads\THANKS.txt
2014-06-26 05:09 - 2014-06-18 21:02 - 00004632 _____ () C:\Users\Hobo\Downloads\README.txt
2014-06-26 05:05 - 2014-06-18 21:02 - 00037656 _____ () C:\Users\Hobo\Downloads\COPYING.txt
2014-06-26 05:05 - 2014-06-18 21:02 - 00003864 _____ () C:\Users\Hobo\Downloads\CHANGES.txt
2014-06-26 04:42 - 2013-12-04 16:46 - 00094744 _____ () C:\Users\Hobo\Documents\Supreme Court.pptx
2014-06-26 03:32 - 2014-06-26 03:32 - 00003806 _____ () C:\Windows\System32\Tasks\Security Center Update - 1062671344
2014-06-25 21:09 - 2011-12-29 15:59 - 00000000 ____D () C:\Users\Hobo\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Razer
2014-06-25 21:06 - 2009-07-13 23:13 - 00800286 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-06-25 21:03 - 2014-05-24 05:13 - 00000000 ____D () C:\Program Files (x86)\Raptr
2014-06-25 20:58 - 2014-06-25 20:58 - 00000000 ____H () C:\Windows\system32\Drivers\Msft_Kernel_WinUsb_01009.Wdf
2014-06-23 15:40 - 2011-12-26 17:00 - 00000166 _____ () C:\Windows\SysWOW64\DOErrors.log
2014-06-19 11:50 - 2012-06-12 22:34 - 00699056 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2014-06-19 11:50 - 2012-06-12 22:34 - 00003768 _____ () C:\Windows\System32\Tasks\Adobe Flash Player Updater
2014-06-19 11:50 - 2011-09-13 20:30 - 00071344 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2014-06-14 21:53 - 2009-07-13 21:20 - 00000000 ____D () C:\Windows\rescache
2014-06-14 09:39 - 2013-08-20 06:32 - 00000000 ____D () C:\Windows\system32\MRT
2014-06-14 09:38 - 2011-12-26 01:47 - 95414520 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2014-06-14 09:38 - 2011-12-25 11:53 - 00000000 ____D () C:\ProgramData\Microsoft Help
2014-06-14 09:27 - 2014-05-21 17:45 - 00000000 ___SD () C:\Windows\system32\CompatTel
2014-06-08 03:13 - 2014-06-11 04:22 - 00506368 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll
2014-06-08 03:08 - 2014-06-11 04:22 - 00424448 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2014-06-03 09:12 - 2014-06-03 09:12 - 00002441 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader XI.lnk
2014-06-03 09:12 - 2014-06-03 09:12 - 00002021 _____ () C:\Users\Public\Desktop\Adobe Reader XI.lnk
2014-06-03 09:11 - 2011-12-25 11:56 - 00000000 ____D () C:\ProgramData\Adobe
2014-06-03 09:11 - 2011-09-13 20:31 - 00000000 ____D () C:\Program Files (x86)\Adobe
2014-06-03 09:09 - 2014-06-03 09:09 - 00000000 ____H () C:\Windows\system32\Drivers\Msft_Kernel_rzudd_01009.Wdf
2014-06-03 09:09 - 2014-06-03 09:09 - 00000000 ____H () C:\Windows\system32\Drivers\Msft_Kernel_rzendpt_01009.Wdf
2014-06-03 09:09 - 2014-06-03 09:09 - 00000000 ____D () C:\Users\Hobo\AppData\Local\Razer_Inc

Files to move or delete:
====================
C:\Users\Hobo\jagex_cl_runescape_LIVE.dat
C:\Users\Hobo\random.dat

==================== Bamital & volsnap Check =================

C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed

LastRegBack: 2014-06-28 11:40

==================== End Of Log ============================

 

 

 

Addition.txt

 

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 28-06-2014 02
Ran by Hobo at 2014-06-30 11:16:32
Running from C:\Users\Hobo\Desktop
Boot Mode: Normal
==========================================================

==================== Security Center ========================

AV: Symantec Endpoint Protection (Enabled - Up to date) {88C95A36-8C3B-2F2C-1B8B-30FCCFDC4855}
AS: Windows Defender (Enabled - Out of date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Symantec Endpoint Protection (Enabled - Up to date) {33A8BBD2-AA01-20A2-213B-0B8EB45B02E8}
AS: COMODO Antivirus (Disabled - Out of date) {0C2D2636-923D-EE52-2A83-E643204A8275}
FW: COMODO Firewall (Enabled) {8F7746F7-FE68-E084-3B6C-7404A51E8FB3}

==================== Installed Programs ======================

 Tools for .Net 3.5 (x32 Version: 3.11.50727 - Microsoft Corporation) Hidden
 Update for Microsoft Office 2007 (KB2508958) (HKLM-x32\...\{90120000-0011-0000-0000-0000000FF1CE}_PROPLUS_{0C5823AA-7B6F-44E1-8D5B-8FD1FF0E6438}) (Version:  - Microsoft)
7 Days to Die (HKLM-x32\...\Steam App 251570) (Version:  - The Fun Pimps)
Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 2.6.0.19120 - Adobe Systems Incorporated)
Adobe AIR (x32 Version: 2.6.0.19120 - Adobe Systems Incorporated) Hidden
Adobe Download Assistant (HKLM-x32\...\com.adobe.downloadassistant.AdobeDownloadAssistant) (Version: 1.0.6 - Adobe Systems Incorporated)
Adobe Download Assistant (x32 Version: 1.0.6 - Adobe Systems Incorporated) Hidden
Adobe Flash Player 13 Plugin (HKLM-x32\...\Adobe Flash Player Plugin) (Version: 13.0.0.214 - Adobe Systems Incorporated)
Adobe Flash Player 14 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 14.0.0.125 - Adobe Systems Incorporated)
Adobe Reader XI (11.0.07) (HKLM-x32\...\{AC76BA86-7AD7-1033-7B44-AB0000000001}) (Version: 11.0.07 - Adobe Systems Incorporated)
Agatha Christie - Peril at End House (x32 Version: 2.2.0.95 - WildTangent) Hidden
AMD Accelerated Video Transcoding (Version: 13.30.100.40417 - Advanced Micro Devices, Inc.) Hidden
AMD Catalyst Control Center (x32 Version: 2014.0417.2226.38446 - Advanced Micro Devices, Inc.) Hidden
AMD Catalyst Install Manager (HKLM\...\{6119B3A6-3603-9695-0398-CDF2AF0A13F8}) (Version: 8.0.916.0 - Advanced Micro Devices, Inc.)
AMD Drag and Drop Transcoding (Version: 2.00.0000 - Advanced Micro Devices, Inc.) Hidden
AMD Wireless Display v3.0 (Version: 1.0.0.15 - Advanced Micro Devices, Inc.) Hidden
Amnesia: The Dark Descent (HKLM-x32\...\Steam App 57300) (Version:  - Frictional Games)
Apple Application Support (HKLM-x32\...\{46F044A5-CE8B-4196-984E-5BD6525E361D}) (Version: 2.3.6 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{B8AD779A-82DA-4365-A7D0-AD3DCFC55CFF}) (Version: 5.1.1.4 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)
AuthenTec TrueAPI (Version: 1.3.0.116 - AuthenTec, Inc.) Hidden
Bejeweled 3 (x32 Version: 2.2.0.97 - WildTangent) Hidden
BioShock Infinite (HKLM-x32\...\Steam App 8870) (Version:  - Irrational Games)
Blackhawk Striker 2 (x32 Version: 2.2.0.95 - WildTangent) Hidden
Blasterball 3 (x32 Version: 2.2.0.97 - WildTangent) Hidden
Blend for Visual Studio 2012 (x32 Version: 5.0.30709.0 - Microsoft Corporation) Hidden
Blend for Visual Studio 2012 ENU resources (x32 Version: 5.0.30709.0 - Microsoft Corporation) Hidden
Bonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 - Apple Inc.)
Borderlands 2 (HKLM-x32\...\Steam App 49520) (Version:  - Gearbox Software)
Bounce Symphony (x32 Version: 2.2.0.97 - WildTangent) Hidden
Cake Mania (x32 Version: 2.2.0.95 - WildTangent) Hidden
Castle Story (HKLM-x32\...\Steam App 227860) (Version:  - Sauropod Studio)
Catalyst Control Center - Branding (x32 Version: 1.00.0000 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Graphics Previews Common (x32 Version: 2014.0417.2226.38446 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center InstallProxy (x32 Version: 2014.0417.2226.38446 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Localization All (x32 Version: 2014.0417.2226.38446 - Advanced Micro Devices, Inc.) Hidden
CCC Help Chinese Standard (x32 Version: 2014.0417.2225.38446 - Advanced Micro Devices, Inc.) Hidden
CCC Help Chinese Traditional (x32 Version: 2014.0417.2225.38446 - Advanced Micro Devices, Inc.) Hidden
CCC Help Czech (x32 Version: 2014.0417.2225.38446 - Advanced Micro Devices, Inc.) Hidden
CCC Help Danish (x32 Version: 2014.0417.2225.38446 - Advanced Micro Devices, Inc.) Hidden
CCC Help Dutch (x32 Version: 2014.0417.2225.38446 - Advanced Micro Devices, Inc.) Hidden
CCC Help English (x32 Version: 2014.0417.2225.38446 - Advanced Micro Devices, Inc.) Hidden
CCC Help Finnish (x32 Version: 2014.0417.2225.38446 - Advanced Micro Devices, Inc.) Hidden
CCC Help French (x32 Version: 2014.0417.2225.38446 - Advanced Micro Devices, Inc.) Hidden
CCC Help German (x32 Version: 2014.0417.2225.38446 - Advanced Micro Devices, Inc.) Hidden
CCC Help Greek (x32 Version: 2014.0417.2225.38446 - Advanced Micro Devices, Inc.) Hidden
CCC Help Hungarian (x32 Version: 2014.0417.2225.38446 - Advanced Micro Devices, Inc.) Hidden
CCC Help Italian (x32 Version: 2014.0417.2225.38446 - Advanced Micro Devices, Inc.) Hidden
CCC Help Japanese (x32 Version: 2014.0417.2225.38446 - Advanced Micro Devices, Inc.) Hidden
CCC Help Korean (x32 Version: 2014.0417.2225.38446 - Advanced Micro Devices, Inc.) Hidden
CCC Help Norwegian (x32 Version: 2014.0417.2225.38446 - Advanced Micro Devices, Inc.) Hidden
CCC Help Polish (x32 Version: 2014.0417.2225.38446 - Advanced Micro Devices, Inc.) Hidden
CCC Help Portuguese (x32 Version: 2014.0417.2225.38446 - Advanced Micro Devices, Inc.) Hidden
CCC Help Russian (x32 Version: 2014.0417.2225.38446 - Advanced Micro Devices, Inc.) Hidden
CCC Help Spanish (x32 Version: 2014.0417.2225.38446 - Advanced Micro Devices, Inc.) Hidden
CCC Help Swedish (x32 Version: 2014.0417.2225.38446 - Advanced Micro Devices, Inc.) Hidden
CCC Help Thai (x32 Version: 2014.0417.2225.38446 - Advanced Micro Devices, Inc.) Hidden
CCC Help Turkish (x32 Version: 2014.0417.2225.38446 - Advanced Micro Devices, Inc.) Hidden
ccc-utility64 (Version: 2014.0417.2226.38446 - Advanced Micro Devices, Inc.) Hidden
Chivalry: Medieval Warfare (HKLM-x32\...\Steam App 219640) (Version:  - Torn Banner Studios)
Chronicles of Albian (x32 Version: 2.2.0.95 - WildTangent) Hidden
Chuzzle Deluxe (x32 Version: 2.2.0.95 - WildTangent) Hidden
COMODO Firewall (HKLM\...\{2736B6BD-31EC-4FC8-A48C-F0A5C914C0B6}) (Version: 7.0.55655.4142 - COMODO Security Solutions Inc.)
Core Temp 1.0 RC5 (HKLM\...\{086D343F-8E78-4AFC-81AC-D6D414AFD8AC}_is1) (Version: 1.0 - Alcpu)
Cradle of Rome 2 (x32 Version: 2.2.0.95 - WildTangent) Hidden
D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
DayZ (HKLM-x32\...\Steam App 221100) (Version:  - Bohemia Interactive)
Diablo III (HKLM-x32\...\Diablo III) (Version:  - Blizzard Entertainment)
Dotfuscator and Analytics Community Edition (x32 Version: 5.5.4521.29298 - PreEmptive Solutions) Hidden
Entity Framework Designer for Visual Studio 2012 - enu (HKLM-x32\...\{0A1A1D48-DB23-443A-BC7B-49255D138020}) (Version: 11.1.20702.00 - Microsoft Corporation)
Farm Frenzy (x32 Version: 2.2.0.95 - WildTangent) Hidden
FATE (x32 Version: 2.2.0.97 - WildTangent) Hidden
FileZilla Client 3.5.3 (HKCU\...\FileZilla Client) (Version: 3.5.3 - FileZilla Project)
GameSpy Comrade (HKLM-x32\...\{176B3593-72F1-459C-829C-5E9671E2CB35}) (Version: 1.4.3.154 - GameSpy)
Garry's Mod (HKLM-x32\...\Steam App 4000) (Version:  - Facepunch Studios)
Governor of Poker 2 Premium Edition (x32 Version: 2.2.0.95 - WildTangent) Hidden
Grand Theft Auto IV (HKLM-x32\...\Steam App 12210) (Version:  - Rockstar North)
Grand Theft Auto: Episodes from Liberty City (HKLM-x32\...\Steam App 12220) (Version:  - Rockstar North / Toronto)
Guild Wars 2 (HKLM-x32\...\Guild Wars 2) (Version:  - NCsoft Corporation, Ltd.)
Guns of Icarus (HKLM-x32\...\Steam App 49800) (Version:  - Muse Games)
Guns of Icarus Online (HKLM-x32\...\Steam App 209080) (Version:  - Muse Games)
Half-Life 2 (HKLM-x32\...\Steam App 220) (Version:  - Valve)
Half-Life 2: Lost Coast (HKLM-x32\...\Steam App 340) (Version:  - Valve)
Hewlett-Packard ACLM.NET v1.1.1.0 (x32 Version: 1.00.0000 - Hewlett-Packard) Hidden
Hi-Rez Studios Authenticate and Update Service (HKLM-x32\...\{3C87E0FF-BC0A-4F5E-951B-68DC3F8DF1FC}) (Version: 3.0.0.0 - Hi-Rez Studios)
How to Survive (HKLM-x32\...\Steam App 250400) (Version:  - )
HP Auto (Version: 1.0.12935.3667 - Hewlett-Packard Company) Hidden
HP Client Services (Version: 1.1.12938.3539 - Hewlett-Packard) Hidden
HP Customer Experience Enhancements (x32 Version: 6.0.1.7 - Hewlett-Packard) Hidden
HP Games (HKLM-x32\...\WildTangent hp Master Uninstall) (Version: 1.0.2.5 - WildTangent)
HP LinkUp (HKLM-x32\...\{DB3147AB-4024-4773-8EC0-A1FE5B44933D}) (Version: 2.01.028 - Hewlett-Packard)
HP MovieStore (HKLM-x32\...\{9008D736-35CA-40DB-A2BE-5F32D954E5AA}) (Version: 2.0 - Hewlett-Packard Company)
HP MovieStore (x32 Version: 1.0.057 - Hewlett-Packard) Hidden
HP Odometer (HKLM-x32\...\{B8AC1A89-FFD1-4F97-8051-E505A160F562}) (Version: 2.10.0000 - Hewlett-Packard)
HP Setup (HKLM-x32\...\{D35B72B6-F0E4-462B-BDEB-E08032B3B681}) (Version: 8.7.4747.3786 - Hewlett-Packard Company)
HP Setup Manager (HKLM-x32\...\{AE856388-AFAD-4753-81DF-D96B19D0A17C}) (Version: 1.1.13880.3792 - Hewlett-Packard Company)
HP SimplePass PE 2011 (HKLM-x32\...\{00FF4EB6-6AAC-4E9D-A60A-8F388691BB27}) (Version: 5.3.0.194 - Hewlett-Packard)
HP Support Assistant (HKLM-x32\...\{34681D92-5958-406A-A654-1B57E7A7B3DC}) (Version: 6.0.4.1 - Hewlett-Packard Company)
HP Support Information (HKLM-x32\...\{7F2A11F4-EAE8-4325-83EC-E3E99F85169E}) (Version: 10.1.1000 - Hewlett-Packard)
HP Update (HKLM-x32\...\{DE77FE3F-A33D-499A-87AD-5FC406617B40}) (Version: 5.002.003.003 - Hewlett-Packard)
HP Vision Hardware Diagnostics (HKLM\...\{D79A02E9-6713-4335-9668-AAC7474C0C0E}) (Version: 2.9.0.0 - Hewlett-Packard)
IIS 8.0 Express (HKLM\...\{7BF61FA9-BDFB-4563-98AD-FCB0DA28CCC7}) (Version: 8.0.1557 - Microsoft Corporation)
IIS Express Application Compatibility Database for x64 (HKLM\...\{9f4f4a9b-eec5-4906-92fe-d1f43ccf5c8d}.sdb) (Version:  - )
IIS Express Application Compatibility Database for x86 (HKLM\...\{fdfba1f3-74ae-4255-9c10-a0f552b4610f}.sdb) (Version:  - )
Intel® Control Center (HKLM-x32\...\{F8A9085D-4C7A-41a9-8A77-C8998A96C421}) (Version: 1.2.1.1007 - Intel Corporation)
Intel® Identity Protection Technology 1.1.2.0 (HKLM-x32\...\{C01A86F5-56E7-101F-9BC9-E3F1025EB779}) (Version: 1.1.2.0 - Intel Corporation)
Intel® Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 7.0.0.1144 - Intel Corporation)
Intel® Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 9.17.10.3062 - Intel Corporation)
iTunes (HKLM\...\{4BDE7544-0A08-4AD9-8A8F-4B7944471C36}) (Version: 10.6.0.40 - Apple Inc.)
Java 7 Update 9 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F86417009FF}) (Version: 7.0.90 - Oracle)
Java Auto Updater (x32 Version: 2.0.7.2 - Sun Microsystems, Inc.) Hidden
Java SE Development Kit 7 Update 7 (64-bit) (HKLM\...\{64A3A4F4-B792-11D6-A78A-00B0D0170070}) (Version: 1.7.0.70 - Oracle)
Java SE Development Kit 7 Update 9 (64-bit) (HKLM\...\{64A3A4F4-B792-11D6-A78A-00B0D0170090}) (Version: 1.7.0.90 - Oracle)
Java™ 6 Update 37 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83216032FF}) (Version: 6.0.370 - Oracle)
Jewel Quest: The Sleepless Star - Collector's Edition (x32 Version: 2.2.0.95 - WildTangent) Hidden
Junk Mail filter update (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
LabelPrint (HKLM-x32\...\InstallShield_{C59C179C-668D-49A9-B6EA-0121CCFC1243}) (Version: 2.5.3925 - CyberLink Corp.)
LabelPrint (x32 Version: 2.5.3925 - CyberLink Corp.) Hidden
League of Legends (HKLM-x32\...\League of Legends 3.0.0) (Version: 3.0.0 - Riot Games)
League of Legends (x32 Version: 3.0.0 - Riot Games) Hidden
Left 4 Dead (HKLM-x32\...\Steam App 500) (Version:  - Valve)
Left 4 Dead 2 (HKLM-x32\...\Steam App 550) (Version:  - Valve)
LiveUpdate 3.3 (Symantec Corporation) (HKLM-x32\...\LiveUpdate) (Version: 3.3.0.99 - Symantec Corporation)
LocalESPC (x32 Version: 8.59.25584 - Microsoft Corporation) Hidden
LocalESPCui for en-us (x32 Version: 8.59.25584 - Microsoft) Hidden
Magic 2014  (HKLM-x32\...\Steam App 213850) (Version:  - Stainless Games)
Mah Jong Medley (x32 Version: 2.2.0.95 - WildTangent) Hidden
Malwarebytes Anti-Malware version 2.0.2.1012 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.0.2.1012 - Malwarebytes Corporation)
Mesh Runtime (x32 Version: 15.4.5722.2 - Microsoft Corporation) Hidden
MetaFrame Presentation Server Client (HKLM-x32\...\{4E21223F-8D6C-446E-9CD3-587D206A8400}) (Version: 9.00.32649 - Citrix Systems, Inc.)
Metro 2033 (HKLM-x32\...\Steam App 43110) (Version:  - 4A Games)
Metro: Last Light (HKLM-x32\...\Steam App 43160) (Version:  - 4A Games)
Microsoft .NET Framework 1.1 (HKLM-x32\...\{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}) (Version: 1.1.4322 - Microsoft)
Microsoft .NET Framework 4 Multi-Targeting Pack (HKLM-x32\...\{CFEF48A8-BFB8-3EAC-8BA5-DE4F8AA267CE}) (Version: 4.0.30319 - Microsoft Corporation)
Microsoft .NET Framework 4.5 Multi-Targeting Pack (HKLM-x32\...\{5CBFF3F3-2D40-34EE-BCA5-A95BC19E400D}) (Version: 4.5.50709 - Microsoft Corporation)
Microsoft .NET Framework 4.5 SDK (HKLM-x32\...\{1948E039-EC79-4591-951D-9867A8C14C90}) (Version: 4.5.50709 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 (Version: 4.5.50938 - Microsoft Corporation) Hidden
Microsoft Application Error Reporting (Version: 12.0.6015.5000 - Microsoft Corporation) Hidden
Microsoft Application Error Reporting (x32 Version: 12.0.6012.5000 - Microsoft Corporation) Hidden
Microsoft ASP.NET MVC 3 - Visual Studio 2012 Tools Update (x32 Version: 3.0.30710.0 - Microsoft Corporation) Hidden
Microsoft ASP.NET MVC 3 (HKLM-x32\...\{DCDEC776-BADD-48B9-8F9A-DFF513C3D7FA}) (Version: 3.0.20105.0 - Microsoft Corporation)
Microsoft ASP.NET MVC 4 - Visual Studio 2012 Tools (x32 Version: 4.0.20710.0 - Microsoft Corporation) Hidden
Microsoft ASP.NET MVC 4 Runtime (x32 Version: 4.0.20710.0 - Microsoft Corporation) Hidden
Microsoft ASP.NET Web Pages - Visual Studio 2012 Tools (x32 Version: 1.0.20710.0 - Microsoft Corporation) Hidden
Microsoft ASP.NET Web Pages (HKLM-x32\...\{631471BE-DEAB-454B-A9AC-CE3EB42C28B3}) (Version: 1.0.20105.0 - Microsoft Corporation)
Microsoft ASP.NET Web Pages 2 - Visual Studio 2012 Tools (x32 Version: 2.0.20710.0 - Microsoft Corporation) Hidden
Microsoft ASP.NET Web Pages 2 Runtime (x32 Version: 2.0.20710.0 - Microsoft Corporation) Hidden
Microsoft Games for Windows - LIVE (HKLM-x32\...\{2C9EE786-1DDB-4C98-8FA4-B1B9B5A66B77}) (Version: 3.1.186.0 - Microsoft Corporation)
Microsoft Games for Windows - LIVE Redistributable (HKLM-x32\...\{42AA4CA8-DCD8-4308-BCAB-0B6D75856A9D}) (Version: 3.5.95.0 - Microsoft Corporation)
Microsoft Help Viewer 1.1 (HKLM\...\Microsoft Help Viewer 1.1) (Version: 1.1.40219 - Microsoft Corporation)
Microsoft Help Viewer 1.1 (Version: 1.1.40219 - Microsoft Corporation) Hidden
Microsoft Help Viewer 2.0 (HKLM-x32\...\Microsoft Help Viewer 2.0) (Version: 2.0.50727 - Microsoft Corporation)
Microsoft Help Viewer 2.0 (x32 Version: 2.0.50727 - Microsoft Corporation) Hidden
Microsoft LightSwitch for Visual Studio 2012 Core (x32 Version: 11.0.50727 - Microsoft Corporation) Hidden
Microsoft LightSwitch for Visual Studio 2012 CoreRes - ENU (x32 Version: 11.0.50727 - Microsoft Corporation) Hidden
Microsoft Mathematics (HKLM-x32\...\{4D090F70-6F08-4B60-9357-A1DFD4458F09}) (Version: 4.0 - Microsoft Corporation)
Microsoft NuGet - Visual Studio 2012 (x32 Version: 2.0.30625.9003 - Microsoft Corporation) Hidden
Microsoft Office 2007 Service Pack 3 (SP3) (HKLM-x32\...\{90120000-0011-0000-0000-0000000FF1CE}_PROPLUS_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}) (Version:  - Microsoft)
Microsoft Office 2007 Service Pack 3 (SP3) (x32 Version:  - Microsoft) Hidden
Microsoft Office 2010 (HKLM-x32\...\{95140000-0070-0000-0000-0000000FF1CE}) (Version: 14.0.4763.1000 - Microsoft Corporation)
Microsoft Office Access MUI (English) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Access Setup Metadata MUI (English) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Excel MUI (English) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office File Validation Add-In (HKLM-x32\...\{90140000-2005-0000-0000-0000000FF1CE}) (Version: 14.0.5130.5003 - Microsoft Corporation)
Microsoft Office InfoPath MUI (English) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Office 64-bit Components 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Outlook MUI (English) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office PowerPoint MUI (English) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Professional Plus 2007 (HKLM-x32\...\PROPLUS) (Version: 12.0.6612.1000 - Microsoft Corporation)
Microsoft Office Professional Plus 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (English) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (French) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (Spanish) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Proofing (English) 2007 (x32 Version: 12.0.4518.1014 - Microsoft Corporation) Hidden
Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3) (x32 Version:  - Microsoft) Hidden
Microsoft Office Publisher MUI (English) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared 64-bit MUI (English) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared 64-bit Setup Metadata MUI (English) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared MUI (English) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared Setup Metadata MUI (English) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Word MUI (English) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Portable Library Multi-Targeting Pack (x32 Version: 11.0.50709.17929 - Microsoft Corporation) Hidden
Microsoft Portable Library Multi-Targeting Pack Language Pack - enu (x32 Version: 11.0.50709.17929 - Microsoft Corporation) Hidden
Microsoft Report Viewer Add-On for Visual Studio 2012 (x32 Version: 11.1.2802.16 - Microsoft Corporation) Hidden
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.30214.0 - Microsoft Corporation)
Microsoft Silverlight 4 SDK (HKLM-x32\...\{189AEA94-DAFB-487A-8CEE-F9D3DDE0A748}) (Version: 4.0.60310.0 - Microsoft Corporation)
Microsoft Silverlight 5 SDK (HKLM-x32\...\{E1FBB3D4-ADB0-4949-B101-855DA061C735}) (Version: 5.0.61118.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft SQL Server 2008 Native Client (HKLM\...\{2738C4AA-420E-4E13-ADEF-B5AB250E3EF1}) (Version: 10.3.5500.0 - Microsoft Corporation)
Microsoft SQL Server 2008 R2 Management Objects (HKLM-x32\...\{77F1F8AD-51B8-4490-AEEC-BF480073E0FC}) (Version: 10.50.1750.9 - Microsoft Corporation)
Microsoft SQL Server 2012 Command Line Utilities  (HKLM\...\{9D573E71-1077-4C7E-B4DB-4E22A5D2B48B}) (Version: 11.0.2100.60 - Microsoft Corporation)
Microsoft SQL Server 2012 Data-Tier App Framework  (HKLM\...\{36E619BC-A234-4EC3-849B-779A7C865A45}) (Version: 11.0.2316.0 - Microsoft Corporation)
Microsoft SQL Server 2012 Data-Tier App Framework  (HKLM-x32\...\{FBA6F90E-36EC-4FC9-9B25-3834E3BD46A8}) (Version: 11.0.2316.0 - Microsoft Corporation)
Microsoft SQL Server 2012 Express LocalDB  (HKLM\...\{13D558FE-A863-402C-B115-160007277033}) (Version: 11.0.2100.60 - Microsoft Corporation)
Microsoft SQL Server 2012 Management Objects  (HKLM-x32\...\{DA1C1761-5F4F-4332-AB9D-29EDF3F8EA0A}) (Version: 11.0.2100.60 - Microsoft Corporation)
Microsoft SQL Server 2012 Management Objects  (x64) (HKLM\...\{FA0A244E-F3C2-4589-B42A-3D522DE79A42}) (Version: 11.0.2100.60 - Microsoft Corporation)
Microsoft SQL Server 2012 Native Client  (HKLM\...\{49D665A2-4C2A-476E-9AB8-FCC425F526FC}) (Version: 11.0.2100.60 - Microsoft Corporation)
Microsoft SQL Server 2012 Transact-SQL Compiler Service  (HKLM\...\{BEB0F91E-F2EA-48A1-B938-7857ABF2A93D}) (Version: 11.0.2100.60 - Microsoft Corporation)
Microsoft SQL Server 2012 Transact-SQL ScriptDom  (HKLM\...\{0E8670B8-3965-4930-ADA6-570348B67153}) (Version: 11.0.2100.60 - Microsoft Corporation)
Microsoft SQL Server 2012 T-SQL Language Service  (HKLM-x32\...\{6D6D43E5-218C-4B05-92D3-2240810F4760}) (Version: 11.0.2100.60 - Microsoft Corporation)
Microsoft SQL Server Compact 3.5 SP2 ENU (HKLM-x32\...\{3A9FC03D-C685-4831-94CF-4EDFD3749497}) (Version: 3.5.8080.0 - Microsoft Corporation)
Microsoft SQL Server Compact 3.5 SP2 x64 ENU (HKLM\...\{D4AD39AD-091E-4D33-BB2B-59F6FCB8ADC3}) (Version: 3.5.8080.0 - Microsoft Corporation)
Microsoft SQL Server Compact 4.0 SP1 x64 ENU (HKLM\...\{78909610-D229-459C-A936-25D92283D3FD}) (Version: 4.0.8876.1 - Microsoft Corporation)
Microsoft SQL Server Data Tools - enu (11.1.20627.00) (HKLM-x32\...\{FA804794-2CCB-4301-954F-2C2894698876}) (Version: 11.1.20627.00 - Microsoft Corporation)
Microsoft SQL Server Data Tools Build Utilities - enu (11.1.20627.00) (HKLM-x32\...\{790E9425-8570-493F-9AE7-81AFC9E46930}) (Version: 11.1.20627.00 - Microsoft Corporation)
Microsoft SQL Server System CLR Types (HKLM-x32\...\{877B76B2-F83F-4F5A-B28D-3F398641ADB6}) (Version: 10.50.1750.9 - Microsoft Corporation)
Microsoft SQL Server System CLR Types (x64) (HKLM\...\{4701DEDE-1888-49E0-BAE5-857875924CA2}) (Version: 10.50.1600.1 - Microsoft Corporation)
Microsoft System CLR Types for SQL Server 2012 (HKLM-x32\...\{E2082604-4BA5-44BB-BBFB-AF0F3CB8C6AB}) (Version: 11.0.2100.60 - Microsoft Corporation)
Microsoft System CLR Types for SQL Server 2012 (x64) (HKLM\...\{F1949145-EB64-4DE7-9D81-E6D27937146C}) (Version: 11.0.2100.60 - Microsoft Corporation)
Microsoft Visual Basic 2010 Express - ENU (HKLM-x32\...\Microsoft Visual Basic 2010 Express - ENU) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual Basic 2010 Express - ENU (x32 Version: 10.0.40219 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{A49F249F-0C91-497F-86DF-B2585E8E76B7}) (Version: 8.0.50727.42 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{071c9b48-7c32-4621-a0ac-3f809523288f}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}) (Version: 8.0.59192 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Runtime - 10.0.40219 (HKLM\...\{1C7C8AAF-A16D-32E8-89E5-F6D165DE0BCE}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Runtime - 10.0.40219 (HKLM-x32\...\{5D9ED403-94DE-3BA0-B1D6-71F4BDA412E6}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012  x64 Designtime - 11.0.50727 (Version: 11.0.50727 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 Compilers - ENU Resources (x32 Version: 11.0.50727 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 Compilers (x32 Version: 11.0.50727 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 Core Libraries (x32 Version: 11.0.50727 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 Extended Libraries (x32 Version: 11.0.50727 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 Microsoft Foundation Class Libraries (x32 Version: 11.0.50727 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.60610 (HKLM-x32\...\{a1909659-0a08-4554-8af1-2175904903a1}) (Version: 11.0.60610.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.60610 (HKLM-x32\...\{95716cce-fc71-413f-8ad5-56c2892d4b3a}) (Version: 11.0.60610.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 x64 Additional Runtime - 11.0.60610 (Version: 11.0.60610 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x64 Debug Runtime - 11.0.50727 (Version: 11.0.50727 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x64 Minimum Runtime - 11.0.60610 (Version: 11.0.60610 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x86 Additional Runtime - 11.0.60610 (x32 Version: 11.0.60610 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x86 Debug Runtime - 11.0.50727 (x32 Version: 11.0.50727 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x86 Minimum Runtime - 11.0.60610 (x32 Version: 11.0.60610 - Microsoft Corporation) Hidden
Microsoft Visual Studio 2010 ADO.NET Entity Framework Tools (HKLM-x32\...\{14DD7530-CCD2-3798-B37D-3839ED6A441C}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual Studio 2010 Express Prerequisites x64 - ENU (HKLM\...\{BCA26999-EC22-3007-BB79-638913079C9A}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual Studio 2010 Office Developer Tools (x64) (Version: 11.0.50727 - Microsoft Corporation) Hidden
Microsoft Visual Studio 2010 Service Pack 1 (HKLM-x32\...\Microsoft Visual Studio 2010 Service Pack 1) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual Studio 2010 Service Pack 1 (x32 Version: 10.0.40219 - Microsoft Corporation) Hidden
Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64)) (Version: 10.0.50325 - Microsoft Corporation)
Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (Version: 10.0.50330 - Microsoft Corporation) Hidden
Microsoft Visual Studio 2012 Devenv (x32 Version: 11.0.50727 - Microsoft Corporation) Hidden
Microsoft Visual Studio 2012 Devenv Resources (x32 Version: 11.0.50727 - Microsoft Corporation) Hidden
Microsoft Visual Studio 2012 Performance Collection Tools - ENU (Version: 11.0.50727 - Microsoft Corporation) Hidden
Microsoft Visual Studio 2012 Performance Collection Tools (Version: 11.0.50727 - Microsoft Corporation) Hidden
Microsoft Visual Studio 2012 Preparation (x32 Version: 11.0.50727 - Microsoft Corporation) Hidden
Microsoft Visual Studio 2012 SharePoint Developer Tools (x32 Version: 11.0.50727 - Microsoft Corporation) Hidden
Microsoft Visual Studio 2012 SharePoint Developer Tools ENU Language Pack (x32 Version: 11.0.50727 - Microsoft Corporation) Hidden
Microsoft Visual Studio 2012 Shell (Minimum) (x32 Version: 11.0.50727 - Microsoft Corporation) Hidden
Microsoft Visual Studio 2012 Shell (Minimum) Interop Assemblies (x32 Version: 11.0.50727 - Microsoft Corporation) Hidden
Microsoft Visual Studio 2012 Shell (Minimum) Resources (x32 Version: 11.0.50727 - Microsoft Corporation) Hidden
Microsoft Visual Studio 2012 Tools for SQL Server Compact 4.0 SP1 ENU (x32 Version: 4.0.8876.1 - Microsoft Corporation) Hidden
Microsoft Visual Studio Professional 2012 - ENU (x32 Version: 11.0.50727 - Microsoft Corporation) Hidden
Microsoft Visual Studio Professional 2012 (HKLM-x32\...\{c93c1c16-fd12-4b07-8926-2a4af46b6597}) (Version: 11.0.50727.26 - Microsoft Corporation)
Microsoft Visual Studio Professional 2012 (x32 Version: 11.0.50727 - Microsoft Corporation) Hidden
Microsoft Visual Studio Team Foundation Server 2012 Object Model (Version: 11.0.50727 - Microsoft Corporation) Hidden
Microsoft Visual Studio Team Foundation Server 2012 Object Model Language Pack - ENU (Version: 11.0.50727 - Microsoft Corporation) Hidden
Microsoft Visual Studio Team Foundation Server 2012 Team Explorer (x32 Version: 11.0.50727 - Microsoft Corporation) Hidden
Microsoft Visual Studio Team Foundation Server 2012 Team Explorer Language Pack - ENU (x32 Version: 11.0.50727 - Microsoft Corporation) Hidden
Microsoft Visual Studio Ultimate 2012 XAML UI Designer Core (x32 Version: 11.0.50727 - Microsoft Corporation) Hidden
Microsoft Visual Studio Ultimate 2012 XAML UI Designer enu Resources (x32 Version: 11.0.50727 - Microsoft Corporation) Hidden
Microsoft Web Deploy 3.0 (HKLM\...\{AA72C306-30BE-4BB1-9E42-59552BAD2CDF}) (Version: 3.1236.1631 - Microsoft Corporation)
Microsoft Web Deploy dbSqlPackage Provider - enu (HKLM-x32\...\{E4C33F5B-1B2F-466E-957E-B274F08151A0}) (Version: 10.3.20225.0 - Microsoft Corporation)
Microsoft Web Developer Tools - Visual Studio 2012 (x32 Version: 1.0.30710.0 - Microsoft Corporation) Hidden
Microsoft Web Platform Installer 4.0 (HKLM\...\{E2B8249D-895C-4685-8C83-00F3B1A13028}) (Version: 4.0.1622 - Microsoft Corporation)
Microsoft WSE 3.0 Runtime (x32 Version: 3.0.5305.0 - Microsoft Corp.) Hidden
Mozilla Firefox 29.0.1 (x86 en-US) (HKLM-x32\...\Mozilla Firefox 29.0.1 (x86 en-US)) (Version: 29.0.1 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 29.0.1 - Mozilla)
MSVCRT (x32 Version: 15.4.2862.0708 - Microsoft) Hidden
MSVCRT_amd64 (x32 Version: 15.4.2862.0708 - Microsoft) Hidden
MSXML 4.0 SP2 (KB954430) (HKLM-x32\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM-x32\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
Mystery of Mortlake Mansion (x32 Version: 2.2.0.97 - WildTangent) Hidden
Namco All-Stars: PAC-MAN (x32 Version: 2.2.0.95 - WildTangent) Hidden
NVIDIA PhysX (HKLM-x32\...\{8B922CF8-8A6C-41CE-A858-F1755D7F5D29}) (Version: 9.12.1031 - NVIDIA Corporation)
ORION: Dino Horde (HKLM-x32\...\Steam App 104900) (Version:  - Spiral Game Studios)
Pando Media Booster (HKLM-x32\...\{980A182F-E0A2-4A40-94C1-AE0C1235902E}) (Version: 2.6.0.1 - Pando Networks Inc.)
Path of Exile (HKLM-x32\...\{90A4562F-D4A1-4B65-906D-41F236CF6902}) (Version: 0.10.0.22770 - Grinding Gear Games)
Penguins! (x32 Version: 2.2.0.95 - WildTangent) Hidden
PL-2303 USB-to-Serial (HKLM-x32\...\{ECC3713C-08A4-40E3-95F1-7D0704F1CE5E}) (Version: 1.2.10 - Prolific Technology INC)
Plants vs. Zombies - Game of the Year (x32 Version: 2.2.0.95 - WildTangent) Hidden
PlayReady PC Runtime amd64 (HKLM\...\{BCA9334F-B6C9-4F65-9A73-AC5A329A4D04}) (Version: 1.3.0 - Microsoft Corporation)
PlayReady PC Runtime x86 (HKLM-x32\...\{CCA5EAAD-92F4-4B7A-B5EE-14294C66AB61}) (Version: 1.3.0 - Microsoft Corporation)
Poker Superstars III (x32 Version: 2.2.0.95 - WildTangent) Hidden
Polar Bowler (x32 Version: 2.2.0.97 - WildTangent) Hidden
Polar Golfer (x32 Version: 2.2.0.95 - WildTangent) Hidden
Portal (HKLM-x32\...\Steam App 400) (Version:  - Valve)
Portal 2 (HKLM-x32\...\Steam App 620) (Version:  - Valve)
Portal 2 Publishing Tool (HKLM-x32\...\Steam App 644) (Version:  - )
Power2Go (HKLM-x32\...\InstallShield_{40BF1E83-20EB-11D8-97C5-0009C5020658}) (Version: 6.1.5331 - CyberLink Corp.)
Power2Go (x32 Version: 6.1.5331 - CyberLink Corp.) Hidden
PreEmptive Analytics Visual Studio Components (x32 Version: 1.0.2180.1 - PreEmptive Solutions) Hidden
Prerequisites for SSDT  (HKLM-x32\...\{9169C939-ED01-446A-BD0C-29873BAF4E48}) (Version: 11.0.2100.60 - Microsoft Corporation)
PressReader (HKLM-x32\...\{912CED74-88D3-4C5B-ACB0-132318649765}) (Version: 5.10.1217.0 -  NewspaperDirect Inc.)
QuickTime 7 (HKLM-x32\...\{111EE7DF-FC45-40C7-98A7-753AC46B12FB}) (Version: 7.75.80.95 - Apple Inc.)
RaidCall (HKLM-x32\...\RaidCall) (Version: 7.1.6-1.0.4610.39 - raidcall.com)
Raptr (HKLM-x32\...\Raptr) (Version:  - )
Razer BlackWidow Ultimate (HKLM-x32\...\{E3AC9740-66D4-412F-AE55-DD0428F78175}) (Version: 1.04.04 - Razer USA Ltd.)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6531 - Realtek Semiconductor Corp.)
Recovery Manager (x32 Version: 5.5.0.4320 - CyberLink Corp.) Hidden
Remote Graphics Receiver (HKLM-x32\...\{16FC3056-90C0-4757-8A68-64D8DA846ADA}) (Version: 5.4.5 - Hewlett-Packard)
RIFT (HKCU\...\RIFT) (Version:  - Trion Worlds, Inc.)
RoxioNow Player (HKLM-x32\...\{0EDEB615-1A60-425E-8306-0E10519C7B55}) (Version: 1.9.5.103 - RoxioNow)
RuneScape Launcher 1.2 (HKLM-x32\...\{5D87C09F-512F-474A-A306-0FE3B89C396F}) (Version: 1.2.0 - Jagex Ltd)
Saints Row: The Third (HKLM-x32\...\Steam App 55230) (Version:  - Volition)
Sid Meier's Civilization 4 Gold (HKLM-x32\...\{55502C49-F061-428C-BF26-06ECDFB3AC29}) (Version: 1.72 - Firaxis Games)
Sid Meier's Civilization V (HKLM-x32\...\Steam App 8930) (Version:  - 2K Games, Inc.)
Skype Click to Call (HKLM-x32\...\{BB285C9F-C821-4770-8970-56C4AB52C87E}) (Version: 7.2.15747.10003 - Microsoft Corporation)
Skype™ 6.14 (HKLM-x32\...\{7A3C7E05-EE37-47D6-99E1-2EB05A3DA3F7}) (Version: 6.14.104 - Skype Technologies S.A.)
Slingo Supreme (x32 Version: 2.2.0.97 - WildTangent) Hidden
SlingPlayer for Web (HKLM-x32\...\{46994DA0-6572-4A02-9354-FC49ACE8C104}) (Version: 2.4.089 - Sling Media)
SmartTRAK (HKLM-x32\...\SmartTRAK) (Version: 2.0.8.0 - UWATEC AG)
Smite (HKLM-x32\...\{3C87E0FF-BC0A-4F5E-951B-68DC3F8DF017}) (Version: 1.0.2070.0 - Hi-Rez Studios)
Source SDK (HKLM-x32\...\Steam App 211) (Version:  - Valve)
Source SDK Base 2006 (HKLM-x32\...\Steam App 215) (Version:  - Valve)
Source SDK Base 2007 (HKLM-x32\...\Steam App 218) (Version:  - Valve)
Star Trek Online (HKLM-x32\...\Steam App 9900) (Version:  - Cryptic Studios)
Star Wars: The Old Republic (HKLM-x32\...\{3B11D799-48E0-48ED-BFD7-EA655676D8BB}) (Version: 1.00 - Electronic Arts, Inc.)
Starcraft (HKLM-x32\...\Starcraft) (Version:  - )
StarCraft II (HKLM-x32\...\StarCraft II) (Version: 2.0.11.26825 - Blizzard Entertainment)
Steam (HKLM-x32\...\{048298C9-A4D3-490B-9FF9-AB023A9238F3}) (Version: 1.0.0.0 - Valve Corporation)
Symantec Endpoint Protection (HKLM\...\{B1FB7D5C-20CE-4CB6-8F39-306EFDA8290C}) (Version: 11.0.6200.754 - Symantec Corporation)
System Requirements Lab for Intel (HKLM-x32\...\{C7CA731B-BF9A-46D9-92CF-8A8737AE9240}) (Version: 4.5.13.0 - Husdawg, LLC)
Team Fortress 2 (HKLM-x32\...\Steam App 440) (Version:  - Valve)
The Elder Scrolls V: Skyrim (HKLM-x32\...\Steam App 72850) (Version:  - Bethesda Game Studios)
The Witcher 2: Assassins of Kings Enhanced Edition (HKLM-x32\...\Steam App 20920) (Version:  - CD Projekt RED)
TI Connect 1.6 (HKLM-x32\...\{A8B94669-8654-4126-BD28-D0D2412CDED6}) (Version: 1.6 - Texas Instruments Inc)
Update for 2007 Microsoft Office System (KB967642) (HKLM-x32\...\{90120000-0011-0000-0000-0000000FF1CE}_PROPLUS_{C444285D-5E4F-48A4-91DD-47AAAA68E92D}) (Version:  - Microsoft)
Update for Microsoft Office 2007 Help for Common Features (KB963673) (HKLM-x32\...\{90120000-006E-0409-0000-0000000FF1CE}_PROPLUS_{AB365889-0395-4FAD-B702-CA5985D53D42}) (Version:  - Microsoft)
Update for Microsoft Office 2007 suites (KB2596620) 32-Bit Edition (HKLM-x32\...\{90120000-0011-0000-0000-0000000FF1CE}_PROPLUS_{A024FC7B-77DE-45DE-A058-1C049A17BFB3}) (Version:  - Microsoft)
Update for Microsoft Office 2007 suites (KB2767849) 32-Bit Edition (HKLM-x32\...\{90120000-0011-0000-0000-0000000FF1CE}_PROPLUS_{CB68A5B0-3508-4193-AEB9-AF636DAECE0F}) (Version:  - Microsoft)
Update for Microsoft Office 2007 suites (KB2767849) 32-Bit Edition (HKLM-x32\...\{90120000-002A-0000-1000-0000000FF1CE}_PROPLUS_{CB68A5B0-3508-4193-AEB9-AF636DAECE0F}) (Version:  - Microsoft)
Update for Microsoft Office 2007 suites (KB2767916) 32-Bit Edition (HKLM-x32\...\{90120000-0011-0000-0000-0000000FF1CE}_PROPLUS_{E9A82945-BA29-4EE8-8F2A-2F49545E9CF2}) (Version:  - Microsoft)
Update for Microsoft Office Access 2007 Help (KB963663) (HKLM-x32\...\{90120000-0015-0409-0000-0000000FF1CE}_PROPLUS_{6B76A18A-AA1E-42AB-A7AD-6C84BBB43987}) (Version:  - Microsoft)
Update for Microsoft Office Excel 2007 Help (KB963678) (HKLM-x32\...\{90120000-0016-0409-0000-0000000FF1CE}_PROPLUS_{199DF7B6-169C-448C-B511-1054101BE9C9}) (Version:  - Microsoft)
Update for Microsoft Office Infopath 2007 Help (KB963662) (HKLM-x32\...\{90120000-0044-0409-0000-0000000FF1CE}_PROPLUS_{716B81B8-B13C-41DF-8EAC-7A2F656CAB63}) (Version:  - Microsoft)
Update for Microsoft Office Outlook 2007 (KB2687404) 32-Bit Edition (HKLM-x32\...\{90120000-001A-0409-0000-0000000FF1CE}_PROPLUS_{ED38F8A3-4F61-494E-8BCA-E3AC7760C924}) (Version:  - Microsoft)
Update for Microsoft Office Outlook 2007 (KB2863811) 32-Bit Edition (HKLM-x32\...\{90120000-0011-0000-0000-0000000FF1CE}_PROPLUS_{53DEC068-4690-4F6B-9946-7D21EF02236B}) (Version:  - Microsoft)
Update for Microsoft Office Outlook 2007 Help (KB963677) (HKLM-x32\...\{90120000-001A-0409-0000-0000000FF1CE}_PROPLUS_{0451F231-E3E3-4943-AB9F-58EB96171784}) (Version:  - Microsoft)
Update for Microsoft Office Outlook 2007 Junk Email Filter (KB2881065) 32-Bit Edition (HKLM-x32\...\{90120000-0011-0000-0000-0000000FF1CE}_PROPLUS_{B7EF38F7-1D58-4085-A9A4-0F6C69A5AA1E}) (Version:  - Microsoft)
Update for Microsoft Office Powerpoint 2007 Help (KB963669) (HKLM-x32\...\{90120000-0018-0409-0000-0000000FF1CE}_PROPLUS_{397B1D4F-ED7B-4ACA-A637-43B670843876}) (Version:  - Microsoft)
Update for Microsoft Office Publisher 2007 Help (KB963667) (HKLM-x32\...\{90120000-0019-0409-0000-0000000FF1CE}_PROPLUS_{2E40DE55-B289-4C8B-8901-5D369B16814F}) (Version:  - Microsoft)
Update for Microsoft Office Script Editor Help (KB963671) (HKLM-x32\...\{90120000-006E-0409-0000-0000000FF1CE}_PROPLUS_{CD11C6A2-FFC6-4271-8EAB-79C3582F505C}) (Version:  - Microsoft)
Update for Microsoft Office Word 2007 Help (KB963665) (HKLM-x32\...\{90120000-001B-0409-0000-0000000FF1CE}_PROPLUS_{80E762AA-C921-4839-9D7D-DB62A72C0726}) (Version:  - Microsoft)
Update for Microsoft Visual Studio 2012 (KB2781514) (HKLM-x32\...\{56ef8912-352f-4fab-9c73-6f1c92a7127f}) (Version: 11.0.51219 - Microsoft Corporation)
Update Installer for WildTangent Games App (x32 Version:  - WildTangent) Hidden
Vacation Quest - The Hawaiian Islands (x32 Version: 2.2.0.97 - WildTangent) Hidden
Ventrilo Client for Windows x64 (HKLM\...\{EEB3F6BB-318D-4CE5-989F-8191FCBFB578}) (Version: 3.0.8.0 - Flagship Industries, Inc.)
VIP Access SDK (1.0.1.4)  (HKLM-x32\...\VIP Access SDK) (Version: 1.0.1.4 - Symantec Inc.)
Virtual Villagers 5 - New Believers (x32 Version: 2.2.0.97 - WildTangent) Hidden
Visual Studio 2010 Tools for SQL Server Compact 3.5 SP2 ENU (HKLM-x32\...\{112C23F2-C036-4D40-BED4-0CB47BF5555C}) (Version: 4.0.8080.0 - Microsoft Corporation)
Visual Studio 2012 Prerequisites - ENU Language Pack (Version: 11.0.50727 - Microsoft Corporation) Hidden
Visual Studio 2012 Prerequisites (Version: 11.0.50727 - Microsoft Corporation) Hidden
Visual Studio 2012 x64 Redistributables (HKLM\...\{8C775E70-A791-4DA8-BCC3-6AB7136F4484}) (Version: 14.0.0.1 - AVG Technologies)
Visual Studio 2012 x86 Redistributables (HKLM-x32\...\{98EFF19A-30AB-4E4B-B943-F06B1C63EBF8}) (Version: 14.0.0.1 - AVG Technologies CZ, s.r.o.)
Visual Studio Extensions for Windows Library for JavaScript (x32 Version: 1.0.8514.0 - Microsoft Corporation) Hidden
VMware Player (HKLM-x32\...\VMware_Player) (Version: 5.0.0 - VMware, Inc)
VMwarePlayer_x64 (Version: 5.0.0 - VMware, Inc.) Hidden
War Thunder (HKLM-x32\...\Steam App 236390) (Version:  - Gaijin Entertainment)
WCF Data Services 5.0 (for OData v3) Primary Components (x32 Version: 5.0.50628.0 - Microsoft Corporation) Hidden
WCF Data Services Tools for Microsoft Visual Studio 2012 (x32 Version: 5.0.50710.0 - Microsoft Corporation) Hidden
WCF RIA Services V1.0 SP2 (HKLM-x32\...\{3A523AF9-D32F-4C85-8388-0335731F3405}) (Version: 4.1.61829.0 - Microsoft Corporation)
WildTangent Games App (HP Games) (x32 Version: 4.0.10.5 - WildTangent) Hidden
Windows App Certification Kit Native Components (Version: 8.59.25584 - Microsoft Corporation) Hidden
Windows App Certification Kit x64 (x32 Version: 8.59.25584 - Microsoft Corporation) Hidden
Windows Driver Package - Texas Instruments Inc. (SilvrLnk) USB  (06/11/2009 1.0.0.0) (HKLM\...\EC3E466026556D3EB760B01C4772277614354E11) (Version: 06/11/2009 1.0.0.0 - Texas Instruments Inc.)
Windows Driver Package - Texas Instruments Inc. (TIEHDUSB) USB  (09/02/2009 1.0.0.1) (HKLM\...\7511B29C86C398B4D11A0B0E4176CAD68D1B7057) (Version: 09/02/2009 1.0.0.1 - Texas Instruments Inc.)
Windows Live Communications Platform (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 15.4.3508.1109 - Microsoft Corporation)
Windows Live Essentials (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live ID Sign-in Assistant (Version: 7.250.4225.0 - Microsoft Corporation) Hidden
Windows Live Installer (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Language Selector (Version: 15.4.3508.1109 - Microsoft Corporation) Hidden
Windows Live Mail (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Mesh (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Mesh ActiveX Control for Remote Connections (HKLM-x32\...\{2902F983-B4C1-44BA-B85D-5C6D52E2C441}) (Version: 15.4.5722.2 - Microsoft Corporation)
Windows Live Messenger (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live MIME IFilter (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Movie Maker (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Photo Common (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Photo Gallery (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live PIMT Platform (x32 Version: 15.4.3508.1109 - Microsoft Corporation) Hidden
Windows Live Remote Client (Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Windows Live Remote Client Resources (Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Windows Live Remote Service (Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Windows Live Remote Service Resources (Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Windows Live SOXE (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live SOXE Definitions (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live UX Platform (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live UX Platform Language Pack (x32 Version: 15.4.3508.1109 - Microsoft Corporation) Hidden
Windows Live Writer (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Writer Resources (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Runtime Intellisense Content - en-us (x32 Version: 8.59.25584 - Microsoft Corporation) Hidden
Windows Software Development Kit (x32 Version: 8.59.25584 - Microsoft Corporation) Hidden
Windows Software Development Kit DirectX x64 Remote (Version: 8.59.25584 - Microsoft Corporation) Hidden
Windows Software Development Kit DirectX x86 Remote (x32 Version: 8.59.25584 - Microsoft Corporation) Hidden
Windows Software Development Kit for Windows Store Apps (x32 Version: 8.59.25584 - Microsoft Corporation) Hidden
Windows Software Development Kit for Windows Store Apps DirectX x64 Remote (Version: 8.59.25584 - Microsoft Corporation) Hidden
Windows Software Development Kit for Windows Store Apps DirectX x86 Remote (x32 Version: 8.59.25584 - Microsoft Corporation) Hidden
WinRAR 5.00 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.00.0 - win.rar GmbH)
World of Tanks - Common Test (HKLM-x32\...\{1EAC1D02-C6AC-4FA6-9A44-96258C37C812CT}_is1) (Version:  - Wargaming.net)
World of Tanks (HKLM-x32\...\{1EAC1D02-C6AC-4FA6-9A44-96258C37C812NA}_is1) (Version:  - Wargaming.net)
World of Warcraft (HKLM-x32\...\World of Warcraft) (Version: 5.4.0.17371 - Blizzard Entertainment)
World of Warplanes (HKLM-x32\...\{1EAC1D02-C6AC-4FA6-9A44-96258C37C813NA}_is1) (Version:  - Wargaming.net)
Zuma Deluxe (x32 Version: 2.2.0.95 - WildTangent) Hidden

==================== Restore Points  =========================

27-06-2014 15:15:04 Scheduled Checkpoint
29-06-2014 05:19:37 Removed Razer Synapse 2.0.
29-06-2014 05:30:55 Removed Razer Mamba (2012) Firmware Updater.
29-06-2014 09:39:54 Removed AVG 2014
29-06-2014 09:46:07 Removed AVG 2014
29-06-2014 18:31:13 Device Driver Package Install: COMODO Network Service

==================== Hosts content: ==========================

2009-07-13 20:34 - 2014-06-27 21:46 - 00000027 ____A C:\Windows\system32\Drivers\etc\hosts
127.0.0.1       localhost

==================== Scheduled Tasks (whitelisted) =============

Task: {2E1C7972-80B5-4198-92F5-47E6738E9897} - System32\Tasks\COMODO\COMODO Update {A6D52E4F-569B-4756-B3D8-DF217313DA85} => C:\Program Files\COMODO\COMODO Internet Security\cfpconfg.exe [2014-04-16] (COMODO)
Task: {30FCECC1-0AC3-4977-B777-75E9081CEFA5} - System32\Tasks\Hewlett-Packard\HP Support Assistant\PC Health Analysis => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe [2011-06-09] (Hewlett-Packard Company)
Task: {3F421E62-2B32-4FBA-A47E-F2CA0F431CE4} - System32\Tasks\Hewlett-Packard\HP Support Assistant\Update Check => C:\ProgramData\Hewlett-Packard\HP Support Framework\Resources\Updater\HPSFUpdater.exe [2011-06-08] (Hewlett-Packard)
Task: {55AC4495-5A2A-48C4-980A-FC4D1989D6B5} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Total Care Tune-Up => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPTuneUp.exe [2011-03-22] (Hewlett-Packard Company)
Task: {6B53C544-D805-4248-ACC7-06D2C6BE7F6B} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Assistant Quick Start => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPSFMessenger\HPSFMsgr.exe [2011-06-09] (Hewlett-Packard Company)
Task: {75408574-BA99-4C56-8B45-194DA1D8C4EB} - System32\Tasks\Hewlett-Packard\HP Support Assistant\PC Tuneup => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe [2011-06-09] (Hewlett-Packard Company)
Task: {A54657FC-2D1F-4F4A-AED9-773E2F11D0F2} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2014-06-19] (Adobe Systems Incorporated)
Task: {E0CD3CC1-27F0-42C9-A21A-86266EE98EB7} - System32\Tasks\Security Center Update - 2741321387 => C:\Users\Hobo\AppData\Roaming\Imezenex\ihxue.exe <==== ATTENTION
Task: {E45FE5E2-B73A-42D4-88A8-FC31A12C6715} - System32\Tasks\COMODO\COMODO Signature Update {B9D5C6F9-17D2-4917-8BD0-614BAA1C6A59} => C:\Program Files\COMODO\COMODO Internet Security\cfpconfg.exe [2014-04-16] (COMODO)
Task: {FCBA4397-86AE-4D15-A88C-F8C59F045973} - System32\Tasks\RMCreator => C:\Program Files (x86)\Hewlett-Packard\Recovery\Reminder.exe [2011-07-20] (CyberLink)
Task: {FE98210B-6C3C-46A2-AA59-F6AB4775CE89} - System32\Tasks\Security Center Update - 1062671344 => C:\Users\Hobo\AppData\Roaming\Ytyspeul\cukyzo.exe <==== ATTENTION
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe

==================== Loaded Modules (whitelisted) =============

2013-07-10 00:11 - 2012-12-06 13:52 - 00136704 _____ () C:\Windows\System32\zlhp2600.dll
2009-11-19 05:01 - 2009-11-19 05:01 - 00022016 _____ () C:\Windows\System32\sugw2l6.dll
2010-01-02 08:42 - 2010-01-02 08:42 - 00098304 _____ () C:\Program Files (x86)\FileZilla FTP Client\fzshellext_64.dll
2012-02-20 21:29 - 2012-02-20 21:29 - 00087912 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll
2012-02-20 21:28 - 2012-02-20 21:28 - 01242472 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll
2012-08-15 15:18 - 2012-08-15 15:18 - 01229464 _____ () C:\Program Files (x86)\VMware\VMware Player\libxml2.dll
2010-11-22 16:56 - 2010-11-22 16:56 - 00087040 _____ () C:\Program Files (x86)\Raptr\_ctypes.pyd
2010-11-22 16:56 - 2010-11-22 16:56 - 00043008 _____ () C:\Program Files (x86)\Raptr\_socket.pyd
2010-11-22 16:56 - 2010-11-22 16:56 - 00805376 _____ () C:\Program Files (x86)\Raptr\_ssl.pyd
2014-05-13 17:26 - 2014-05-13 17:26 - 05812736 _____ () C:\Program Files (x86)\Raptr\PyQt4.QtGui.pyd
2014-05-13 17:26 - 2014-05-13 17:26 - 00067584 _____ () C:\Program Files (x86)\Raptr\sip.pyd
2014-05-13 17:26 - 2014-05-13 17:26 - 01662464 _____ () C:\Program Files (x86)\Raptr\PyQt4.QtCore.pyd
2014-05-13 17:26 - 2014-05-13 17:26 - 00494592 _____ () C:\Program Files (x86)\Raptr\PyQt4.QtNetwork.pyd
2010-11-22 16:57 - 2010-11-22 16:57 - 00096256 _____ () C:\Program Files (x86)\Raptr\win32api.pyd
2010-11-22 16:56 - 2010-11-22 16:56 - 00110592 _____ () C:\Program Files (x86)\Raptr\pywintypes26.dll
2010-11-22 16:56 - 2010-11-22 16:56 - 00010240 _____ () C:\Program Files (x86)\Raptr\select.pyd
2010-11-22 16:56 - 2010-11-22 16:56 - 00324608 _____ () C:\Program Files (x86)\Raptr\PIL._imaging.pyd
2010-11-22 16:56 - 2010-11-22 16:56 - 00356864 _____ () C:\Program Files (x86)\Raptr\_hashlib.pyd
2010-11-22 16:57 - 2010-11-22 16:57 - 00036352 _____ () C:\Program Files (x86)\Raptr\win32process.pyd
2010-11-22 16:57 - 2010-11-22 16:57 - 00111104 _____ () C:\Program Files (x86)\Raptr\win32file.pyd
2010-11-22 16:56 - 2010-11-22 16:56 - 00124928 _____ () C:\Program Files (x86)\Raptr\_elementtree.pyd
2010-11-22 16:56 - 2010-11-22 16:56 - 00127488 _____ () C:\Program Files (x86)\Raptr\pyexpat.pyd
2012-02-06 14:28 - 2012-02-06 14:28 - 00031744 _____ () C:\Program Files (x86)\Raptr\Crypto.Cipher.AES.pyd
2012-02-06 14:28 - 2012-02-06 14:28 - 00010752 _____ () C:\Program Files (x86)\Raptr\Crypto.Random.OSRNG.winrandom.pyd
2012-02-06 14:28 - 2012-02-06 14:28 - 00011264 _____ () C:\Program Files (x86)\Raptr\Crypto.Util._counter.pyd
2011-05-10 13:01 - 2011-05-10 13:01 - 00030208 _____ () C:\Program Files (x86)\Raptr\simplejson._speedups.pyd
2010-11-22 16:56 - 2010-11-22 16:56 - 00044544 _____ () C:\Program Files (x86)\Raptr\_sqlite3.pyd
2011-02-15 12:17 - 2011-02-15 12:17 - 00417501 _____ () C:\Program Files (x86)\Raptr\sqlite3.dll
2010-11-22 16:56 - 2010-11-22 16:56 - 00354304 _____ () C:\Program Files (x86)\Raptr\pythoncom26.dll
2010-11-22 16:57 - 2010-11-22 16:57 - 00016384 _____ () C:\Program Files (x86)\Raptr\win32trace.pyd
2010-11-22 16:57 - 2010-11-22 16:57 - 00167936 _____ () C:\Program Files (x86)\Raptr\win32gui.pyd
2014-05-13 17:26 - 2014-05-13 17:26 - 00313856 _____ () C:\Program Files (x86)\Raptr\PyQt4.QtWebKit.pyd
2010-11-22 16:56 - 2010-11-22 16:56 - 00009216 _____ () C:\Program Files (x86)\Raptr\winsound.pyd
2010-11-22 16:56 - 2010-11-22 16:56 - 00583680 _____ () C:\Program Files (x86)\Raptr\unicodedata.pyd
2010-11-22 16:57 - 2010-11-22 16:57 - 00263168 _____ () C:\Program Files (x86)\Raptr\win32com.shell.shell.pyd
2013-11-20 18:05 - 2013-11-20 18:05 - 00256000 _____ () C:\Program Files (x86)\Raptr\amd_ags.dll
2010-11-22 16:57 - 2010-11-22 16:57 - 00141312 _____ () C:\Program Files (x86)\Raptr\gobject._gobject.pyd
2014-06-17 18:56 - 2014-06-17 18:56 - 02717595 _____ () C:\Program Files (x86)\Raptr\heliotrope._purple.pyd
2011-02-15 12:17 - 2011-02-15 12:17 - 01213633 _____ () C:\Program Files (x86)\Raptr\libxml2-2.dll
2010-11-22 17:06 - 2010-11-22 17:06 - 00055808 _____ () C:\Program Files (x86)\Raptr\zlib1.dll
2013-05-09 17:52 - 2013-05-09 17:52 - 00495680 _____ () C:\Program Files (x86)\Raptr\plugins\libaim.dll
2013-05-09 17:52 - 2013-05-09 17:52 - 01183699 _____ () C:\Program Files (x86)\Raptr\liboscar.dll
2013-05-09 17:52 - 2013-05-09 17:52 - 00483306 _____ () C:\Program Files (x86)\Raptr\plugins\libicq.dll
2013-05-03 12:57 - 2013-05-03 12:57 - 00655356 _____ () C:\Program Files (x86)\Raptr\plugins\libirc.dll
2013-05-03 12:56 - 2013-05-03 12:56 - 01306387 _____ () C:\Program Files (x86)\Raptr\plugins\libmsn.dll
2013-05-03 12:56 - 2013-05-03 12:56 - 00565461 _____ () C:\Program Files (x86)\Raptr\plugins\libxmpp.dll
2013-05-03 12:57 - 2013-05-03 12:57 - 01640221 _____ () C:\Program Files (x86)\Raptr\libjabber.dll
2013-05-03 12:56 - 2013-05-03 12:56 - 00506276 _____ () C:\Program Files (x86)\Raptr\plugins\libyahoo.dll
2013-05-03 12:57 - 2013-05-03 12:57 - 01053730 _____ () C:\Program Files (x86)\Raptr\libymsg.dll
2013-05-03 12:57 - 2013-05-03 12:57 - 00497782 _____ () C:\Program Files (x86)\Raptr\plugins\libyahoojp.dll
2013-05-03 12:57 - 2013-05-03 12:57 - 00603326 _____ () C:\Program Files (x86)\Raptr\plugins\ssl-nss.dll
2013-05-03 12:57 - 2013-05-03 12:57 - 00474199 _____ () C:\Program Files (x86)\Raptr\plugins\ssl.dll

==================== Alternate Data Streams (whitelisted) =========

==================== Safe Mode (whitelisted) ===================

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\ccEvtMgr => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\ccSetMgr => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Symantec Antivirus => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\ccEvtMgr => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\ccSetMgr => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\SmcService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Symantec Antivirus => ""="Service"

==================== EXE Association (whitelisted) =============

==================== MSCONFIG/TASK MANAGER disabled items =========

MSCONFIG\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^Program Neighborhood Agent.lnk => C:\Windows\pss\Program Neighborhood Agent.lnk.CommonStartup
MSCONFIG\startupfolder: C:^Users^Hobo^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^DECRYPT_INSTRUCTION.HTML => C:\Windows\pss\DECRYPT_INSTRUCTION.HTML.Startup
MSCONFIG\startupfolder: C:^Users^Hobo^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^DECRYPT_INSTRUCTION.TXT => C:\Windows\pss\DECRYPT_INSTRUCTION.TXT.Startup
MSCONFIG\startupfolder: C:^Users^Hobo^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^DECRYPT_INSTRUCTION.URL => C:\Windows\pss\DECRYPT_INSTRUCTION.URL.Startup
MSCONFIG\startupreg: Adobe ARM => "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
MSCONFIG\startupreg: APSDaemon => "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"
MSCONFIG\startupreg: Comrade.exe => C:\Program Files (x86)\GameSpy\Comrade\Comrade.exe
MSCONFIG\startupreg: HotKeysCmds => C:\Windows\system32\hkcmd.exe
MSCONFIG\startupreg: HP Software Update => c:\Program Files (x86)\HP\HP Software Update\HPWuSchd2.exe
MSCONFIG\startupreg: hpsysdrv => c:\program files (x86)\hewlett-packard\HP odometer\hpsysdrv.exe
MSCONFIG\startupreg: IgfxTray => C:\Windows\system32\igfxtray.exe
MSCONFIG\startupreg: iTunesHelper => "C:\Program Files (x86)\iTunes\iTunesHelper.exe"
MSCONFIG\startupreg: Persistence => C:\Windows\system32\igfxpers.exe
MSCONFIG\startupreg: QuickTime Task => "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime
MSCONFIG\startupreg: ROC_ROC_NT => "C:\Program Files (x86)\AVG Secure Search\ROC_ROC_NT.exe" / /PROMPT /CMPID=ROC_NT
MSCONFIG\startupreg: Sidebar => C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
MSCONFIG\startupreg: Skype => "C:\Program Files (x86)\Skype\Phone\Skype.exe" /minimized /regrun
MSCONFIG\startupreg: StartCCC => "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\amd64\CLIStart.exe" MSRun

==================== Faulty Device Manager Devices =============

Name: VMware Virtual Ethernet Adapter for VMnet1
Description: VMware Virtual Ethernet Adapter for VMnet1
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: VMware, Inc.
Service: VMnetAdapter
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.

Name: VMware Virtual Ethernet Adapter for VMnet8
Description: VMware Virtual Ethernet Adapter for VMnet8
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: VMware, Inc.
Service: VMnetAdapter
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.

==================== Event log errors: =========================

Application errors:
==================
Error: (06/29/2014 03:46:07 AM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: )
Description: Cryptographic Services failed while processing the OnIdentity() call in the System Writer Object.

Details:
AddLegacyDriverFiles: Unable to back up image of binary AVGIDSDriver.

System Error:
The system cannot find the file specified.
.

Error: (06/29/2014 01:50:29 AM) (Source: VSS) (EventID: 8193) (User: )
Description: Volume Shadow Copy Service error: Unexpected error calling routine CoCreateInstance.  hr = 0x8007043c, This service cannot be started in Safe Mode
.

Operation:
   Instantiating VSS server

Error: (06/29/2014 01:50:29 AM) (Source: VSS) (EventID: 18) (User: )
Description: Volume Shadow Copy Service error: The COM Server with CLSID {e579ab5f-1cc4-44b4-bed9-de0991ff0623} and name IVssCoordinatorEx2 cannot be started during Safe Mode.
The Volume Shadow Copy service cannot start while in safe mode. [0x8007043c, This service cannot be started in Safe Mode
]

Operation:
   Instantiating VSS server

Error: (06/29/2014 01:21:44 AM) (Source: System Restore) (EventID: 8193) (User: )
Description: Failed to create restore point (Process = C:\Windows\system32\wbem\wmiprvse.exe; Description = ComboFix created restore point; Error = 0x8007043c).

Error: (06/29/2014 01:21:44 AM) (Source: VSS) (EventID: 8193) (User: )
Description: Volume Shadow Copy Service error: Unexpected error calling routine CoCreateInstance.  hr = 0x8007043c, This service cannot be started in Safe Mode
.

Operation:
   Instantiating VSS server

Error: (06/29/2014 01:21:44 AM) (Source: VSS) (EventID: 18) (User: )
Description: Volume Shadow Copy Service error: The COM Server with CLSID {e579ab5f-1cc4-44b4-bed9-de0991ff0623} and name IVssCoordinatorEx2 cannot be started during Safe Mode.
The Volume Shadow Copy service cannot start while in safe mode. [0x8007043c, This service cannot be started in Safe Mode
]

Operation:
   Instantiating VSS server

Error: (06/29/2014 01:13:21 AM) (Source: System Restore) (EventID: 8193) (User: )
Description: Failed to create restore point (Process = C:\Windows\system32\msiexec.exe /V; Description = Installed AVG 2014; Error = 0x8007043c).

Error: (06/29/2014 01:13:20 AM) (Source: System Restore) (EventID: 8193) (User: )
Description: Failed to create restore point (Process = C:\Windows\system32\msiexec.exe /V; Description = Installed AVG 2014; Error = 0x8007043c).

Error: (06/29/2014 01:13:18 AM) (Source: System Restore) (EventID: 8193) (User: )
Description: Failed to create restore point (Process = C:\Windows\system32\msiexec.exe /V; Description = Installed AVG 2014; Error = 0x8007043c).

Error: (06/29/2014 01:13:18 AM) (Source: System Restore) (EventID: 8193) (User: )
Description: Failed to create restore point (Process = C:\Windows\system32\msiexec.exe /V; Description = Installed AVG 2014; Error = 0x8007043c).

System errors:
=============
Error: (06/29/2014 02:38:49 PM) (Source: DCOM) (EventID: 10000) (User: )
Description: C:\Windows\SysWOW64\DllHost.exe /Processid:{AB8902B4-09CA-4BB6-B78D-A8F59079A8D5}5{AB8902B4-09CA-4BB6-B78D-A8F59079A8D5}

Error: (06/29/2014 02:21:56 PM) (Source: DCOM) (EventID: 10000) (User: )
Description: C:\Windows\SysWOW64\DllHost.exe /Processid:{06622D85-6856-4460-8DE1-A81921B41C4B}5{06622D85-6856-4460-8DE1-A81921B41C4B}

Error: (06/29/2014 02:12:55 PM) (Source: DCOM) (EventID: 10000) (User: )
Description: C:\Windows\SysWOW64\DllHost.exe /Processid:{AD3EDBCA-0901-415B-82E9-C16D3B65E38C}5{3519154C-227E-47F3-9CC9-12C3F05817F1}

Error: (06/29/2014 02:01:29 PM) (Source: DCOM) (EventID: 10010) (User: )
Description: {AB8902B4-09CA-4BB6-B78D-A8F59079A8D5}

Error: (06/29/2014 00:35:55 PM) (Source: DCOM) (EventID: 10010) (User: )
Description: {AB8902B4-09CA-4BB6-B78D-A8F59079A8D5}

Error: (06/29/2014 00:31:38 PM) (Source: DCOM) (EventID: 10010) (User: )
Description: {AB8902B4-09CA-4BB6-B78D-A8F59079A8D5}

Error: (06/29/2014 00:08:47 PM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: The HomeGroup Provider service depends on the Function Discovery Provider Host service which failed to start because of the following error:
%%1070

Error: (06/29/2014 00:08:47 PM) (Source: Service Control Manager) (EventID: 7022) (User: )
Description: The Function Discovery Provider Host service hung on starting.

Error: (06/29/2014 00:07:15 PM) (Source: DCOM) (EventID: 10010) (User: )
Description: {AB8902B4-09CA-4BB6-B78D-A8F59079A8D5}

Error: (06/29/2014 00:01:05 PM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: The Computer Browser service depends on the Server service which failed to start because of the following error:
%%1068

Microsoft Office Sessions:
=========================

CodeIntegrity Errors:
===================================
  Date: 2014-06-27 21:46:15.086
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\waffe\catchme.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

  Date: 2014-06-27 21:46:15.039
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\waffe\catchme.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

  Date: 2014-06-27 21:46:14.977
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\waffe\catchme.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

  Date: 2014-06-27 21:46:14.914
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\waffe\catchme.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

  Date: 2014-06-26 11:16:14.991
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\waffe\catchme.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

  Date: 2014-06-26 11:16:14.929
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\waffe\catchme.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

  Date: 2014-05-15 17:21:21.347
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\ComboFix\catchme.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

  Date: 2014-05-15 17:21:21.285
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\ComboFix\catchme.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

  Date: 2013-01-25 00:00:22.065
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\wubfix27413w\catchme.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

  Date: 2013-01-25 00:00:22.049
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\wubfix27413w\catchme.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

==================== Memory info ===========================

Percentage of memory in use: 34%
Total physical RAM: 8174.53 MB
Available physical RAM: 5371.84 MB
Total Pagefile: 16347.24 MB
Available Pagefile: 13301.11 MB
Total Virtual: 8192 MB
Available Virtual: 8191.84 MB

==================== Drives ================================

Drive c: (OS) (Fixed) (Total:1385.38 GB) (Free:734.83 GB) NTFS
Drive d: (HP_RECOVERY) (Fixed) (Total:11.78 GB) (Free:1.44 GB) NTFS ==>[System with boot components (obtained from reading drive)]

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 1397 GB) (Disk ID: 0ACC506F)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=-711479787520) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=12 GB) - (Type=07 NTFS)

==================== End Of Log ============================

 

 

Search.txt

 

Farbar Recovery Scan Tool (x64) Version: 28-06-2014 02
Ran by Hobo at 2014-06-30 11:19:25
Running from C:\Users\Hobo\Desktop
Boot Mode: Normal

================== Search Files: "rpcss.dll" =============

C:\Windows\winsxs\amd64_microsoft-windows-com-base-qfe-rpcss_31bf3856ad364e35_6.1.7601.17514_none_c7f0e16b547f887d\rpcss.dll
[2010-11-20 21:24][2010-11-20 21:24] 0512000 ____A (Microsoft Corporation) 5C627D1B1138676C0A7AB2C2C190D123 [File is signed]

C:\Windows\System32\rpcss.dll
[2010-11-20 21:24][2010-11-20 21:24] 0512000 ____A (Microsoft Corporation) 5C627D1B1138676C0A7AB2C2C190D123 [File is signed]

C:\Windows\erdnt\cache64\rpcss.dll
[2014-05-15 17:22][2010-11-20 21:24] 0512000 ____A (Microsoft Corporation) 5C627D1B1138676C0A7AB2C2C190D123 [File is signed]

====== End Of Search ======



#4 B-boy/StyLe/

B-boy/StyLe/

    Bleepin' Freestyler


  • Malware Response Team
  • 8,285 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Bulgaria
  • Local time:02:36 AM

Posted 30 June 2014 - 06:18 PM

Hello,

 

Since you have uninstalled AVG you should download and run their uninstall utility to remove the leftovers (there are a lot of them on your computer):

AVG Remover(64bit) 2014

 

 

Also I do not recommend that you have more than one anti virus product installed and running on your computer at a time.  The reason for this is that if both products have their automatic (Real-Time) protection switched on, then those products which do not encrypt the virus strings within them can cause other anti virus products to cause "false alarms".  It can also lead to a clash as both products fight for access to files which are opened again this is the resident/automatic protection. In general terms, the two programs may conflict and cause:
1) False Alarms: When the anti virus software tells you that your PC has a virus when it actually doesn't.
2) System Performance Problems: Your system may lock up due to both products attempting to access the same file at the same time.
Therefore please go to add/remove in the control panel and remove either Symantec Endpoint Protection or COMODO Firewall. I know that Comodo Firewall does not come with a antivirus but they both have proactive protection and this could leads to problems. You should choose between Symantec Endpoint Protection or install Comodo Internet Security (instead of Comodo Firewall).

 

 

Next please download the following file => and save it to the Desktop.
NOTE. It's important that both files, FRST and fixlist.txt are in the same location or the fix will not work.

Run FRST and press the Fix button just once and wait.
The tool will make a log on the Desktop (Fixlog.txt). Please post it to your reply.

 

 

  • Next please re-run FRST again and type the following in the edit box after Search: dllhost.exe
  • Click the Search button
  • It will make a log (Search.txt)- please post the log into your reply to me.

 

Regards,

Georgi


cXfZ4wS.png


#5 B-boy/StyLe/

B-boy/StyLe/

    Bleepin' Freestyler


  • Malware Response Team
  • 8,285 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Bulgaria
  • Local time:02:36 AM

Posted 07 July 2014 - 12:19 AM

Hi,

 

Are you still around?

 

 

Regards,

Georgi


cXfZ4wS.png


#6 Archofangel

Archofangel
  • Topic Starter

  • Members
  • 19 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:06:36 PM

Posted 08 July 2014 - 12:58 PM

Georgi,

 

Here are the logs.

 

Thanks, Alex

 

Attached Files



#7 B-boy/StyLe/

B-boy/StyLe/

    Bleepin' Freestyler


  • Malware Response Team
  • 8,285 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Bulgaria
  • Local time:02:36 AM

Posted 09 July 2014 - 05:29 PM

Hello,

 

 

I'd like us to scan your machine with ESET OnlineScan


  • Hold down Control and click on the following link to open ESET OnlineScan in a new window.
    ESET OnlineScan
  • Click the Run ESET Online Scanner button.
  • For alternate browsers only: (Microsoft Internet Explorer users can skip these steps)
    • Click on esetSmartInstall.png to download the ESET Smart Installer. Save it to your desktop.
    • Double click on the esetSmartInstallDesktopIcon.png icon on your desktop.
  • Check esetAcceptTerms.png
  • Click the esetStart.png button.
  • Accept any security warnings from your browser.
  • Make sure that the option Remove found threats is NOT checked, and the option Scan archives is  checked.
  • Now click on Advanced Settings and select the following:

    • Scan for potentially unwanted applications
    • Scan for potentially unsafe applications
    • Enable Anti-Stealth Technology
  • Push the Start button.
  • ESET will then download updates for itself, install itself, and begin scanning your computer. Please be patient as this can take some time.
  • When the scan completes, push esetListThreats.png
  • Push esetExport.png, and save the file to your desktop using a unique name, such as ESETScan. Include the contents of this report in your next reply.
  • Push the esetBack.png button.
  • Push esetFinish.png

 

 

 

Also please do the following:

 

  • Please download AutoRuns and save it to your desktop.
  • Right click on the downloaded file and choose Extract All Files.
  • Once extracted, open the program named Autoruns.
  • Click on Options and then Hide Microsoft and Windows Entries.
  • Press F5 to refresh the startup list.
  • Next go to File -> Save and choose the file type to Text File (.arn).
  • Please zip the file and upload it here => http://zippyshare.com/ and then post the link to the archive in your next reply.

 

 

Next please download and run K-Lite Codec Tweak Tool 5.8.3
Click on the FIXES button => check all checkbox => Click on apply & close button and remove with YES all broken filters if any.

 

 

 

Also please download the Process Explorer from the following link
Extract the zip file and double click the procexp.exe file.
From the View menu, please point to "Lower Pane view" and select DLLs.

From the View menu, please point to "Select Columns" and put a checkbox beside the following:

Description, Company Name, Image Path, Command Line, Autostart Location and click OK

Now select the process dllhost.exe

Click on the Threads tab and make a screenshot of the window.

Now click  click on Stack button and make a screenshot of the window.

Click OK and from the File menu while dllhost.exe is still selected, please select Save as to save the log file from process explorer.
Next please attach that logs along with the screenshots in your next reply for my review.

 

 

 

Finally please click Start Menu > All Programs > Accessories, right click on Command Prompt and select "Run as administrator".
 

Copy/paste the following text at the command prompt and press enter after each line:

sfc /verifyonly

findstr /c:"[SR]" %windir%\Logs\CBS\CBS.log >"%userprofile%\Desktop\sfcdetails.txt"

A txt file named sfcdetails.txt should appear on the desktop.

Upload it here and post the link to the log in your next reply.

 

 

Regards,

Georgi


cXfZ4wS.png


#8 Archofangel

Archofangel
  • Topic Starter

  • Members
  • 19 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:06:36 PM

Posted 09 July 2014 - 10:36 PM

Georgi,

 

I ran EsetScan for 3hrs but was stuck at 15% on one file so I exported what it found and moved on.

 

I ran the autoruns but it never stopped scanning for 3hrs so I moved to the next step.

 

I ran the K-lite, Process Explorer, and the commands with no problems.

 

Thanks, Alex

 

sfcdetails.txt

http://pastebin.com/w6TDuL73

 

Screenshots

http://www35.zippyshare.com/v/3251038/file.html
 

 

 

Attached Files



#9 B-boy/StyLe/

B-boy/StyLe/

    Bleepin' Freestyler


  • Malware Response Team
  • 8,285 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Bulgaria
  • Local time:02:36 AM

Posted 10 July 2014 - 05:27 PM

Hi Alex,

 

Please run Eset again and give it enough time to complete.

Also please run the following tool for me -> ListCWall and post back the results.

It is unusual for Autoruns to scan for more than 1 minutes... Try again please.

The screenshots from process explorer are too small and I can't read them...please make new screenshots as described above but make sure that the screenshots are bigger ( with high resolution).

Also please make a new log from Process Explorer for dllhost.exe but make sure that you tick the box beside View => Show Lower Pane and while you are still on the dllhost.exe (click the Ctrl + S) button and attach the new log.

 

 

Also please download Process Monitor and save it to your desktop. Extract the archive to your desktop and run the file procmon.exe

 

Make sure that you include DllHost.exe in the Process Monitor Filter and then click on the Apply button.

 

(From the drop down menu select Process Name, type dllhost.exe in the empty field, make sure that Include is selected and click on the Add button and the click Apply).

 

kmJFFqP.jpg

 

Process Monitor will begin logging from the moment it starts running. To stop this, click the "Capture" icon (ico-01.png).
 
01.png

 

Clear all the events that Process Monitor recorded by clicking the "Clear" icon (ico-03.png)

 

03.png

 

Now go in to the Options menu and select Enable Boot Logging
 
04.png

 

You will be presented with the following dialogue. Ensure that profiling events are generated every second.
 
05.png

 

Restart the computer and allow the system to fully load windows and any associated startup programs (and see if the dllhost.exe processes appeared in the Task Manager again).

 

Next double-click on the Procmon.exe file to run Process Monitor again.

 

Upon opening Procmon.exe, you will be presented with the following dialogue.
 
07.png

 

Click Yes to save the collected data. Insert in the “File name” field the desired name for the output and select the "Save" button.

 

Close Process Monitor.

 

Compress and archive (zip) the PML file and upload it here then post the link to the file in your next reply.

 

 

 

Regards,

Georgi


cXfZ4wS.png


#10 Archofangel

Archofangel
  • Topic Starter

  • Members
  • 19 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:06:36 PM

Posted 12 July 2014 - 03:26 AM

Georgi,

 

I ran the Esetscan for 15hrs but it still got stuck at 15% on one file. I will continue it after this post maybe in safe mode with networking if it might help it.

 

The Process explorer dllhost.exe text file didn't have any dlls so none showed up. I unsuspended it allowed it start the chain and suspended so theres about 6 logs to show the dlls. It'll make more sense when you open the zip file.

 

Screenshots, Autoruns log, and dllhost.exe text files link

http://www42.zippyshare.com/v/33270185/file.html

 

Process Monitor Bootlog link

http://www.filedropper.com/bootlog_3

 

 

Thanks, Alex

Attached Files



#11 B-boy/StyLe/

B-boy/StyLe/

    Bleepin' Freestyler


  • Malware Response Team
  • 8,285 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Bulgaria
  • Local time:02:36 AM

Posted 12 July 2014 - 03:58 AM

Hi Alex,

 

Please download the latest version of TDSSKiller from here and save it to your Desktop.

  • Doubleclick on TDSSKiller.exe to run the application, then click on Change parameters.
     
  • Put a checkmark beside loaded modules.
    Sbf88.png
  • A reboot will be needed to apply the changes. Do it.
  • TDSSKiller will launch automatically after the reboot. Also your computer may seem very slow and unusable. This is normal. Give it enough time to load your background programs.
  • Then click on Change parameters in TDSSKiller.
  • Check all boxes then click OK.
     
  • Click the Start Scan button.
     
  • The scan should take no longer than 2 minutes.
  • If a suspicious object is detected, the default action will be Skip, click on Continue.
    67776163.jpg
  • If malicious objects are found, they will show in the Scan results - Select action for found objects and offer three options.
    Ensure Cure (default) is selected, then click Continue > Reboot now to finish the cleaning process.
    62117367.jpg
    Note: If Cure is not available, please choose Skip instead, do not choose Delete unless instructed.
  • A report will be created in your root directory, (usually C:\ folder) in the form of "TDSSKiller.[Version]_[Date]_[Time]_log.txt". Please copy and past the results at pastebin.com and post the link to the log in your next reply.

 

Regards,

Georgi


cXfZ4wS.png


#12 Archofangel

Archofangel
  • Topic Starter

  • Members
  • 19 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:06:36 PM

Posted 12 July 2014 - 09:59 AM

Georgi,

 

Here is the log from tdsskiller.

 

http://pastebin.com/VdL6u0Bi

 

Thanks, Alex



#13 B-boy/StyLe/

B-boy/StyLe/

    Bleepin' Freestyler


  • Malware Response Team
  • 8,285 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Bulgaria
  • Local time:02:36 AM

Posted 12 July 2014 - 10:11 AM

Hi Alex,

 

 

 

Can you please temporary uninstall Symantec Endpoint Protection, COMODO Internet Security and AVG 2014.

Reboot the computer and let me know if the problem still persists.

 

Also please download TDSSQLook to your desktop. Double-click TDSSQlook.exe to run the program and select option A. This option will just scan and create a log called TDSSQ.txt on your desktop. Please open the log in Notepad and copy and paste the contents here.

 

 

Regards,

Georgi


cXfZ4wS.png


#14 Archofangel

Archofangel
  • Topic Starter

  • Members
  • 19 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:06:36 PM

Posted 12 July 2014 - 10:45 AM

Georgi,

 

TDSSQLook log

 

TDSSKiller Quarantine Information log
TDSS Qlook Version 1.0.0.5 - Hobo - Sat 07/12/2014 -  9:41:49.53.
Microsoft Windows 7 Home Premium  6.1.7601 Service Pack 1 
***** START SCAN Sat 07/12/2014  9:41:49.61 *****
 
---------- TDSSKiller logs ----------
 
TDSSKiller.3.0.0.40_12.07.2014_08.42.49_log.txt
TDSSKiller.3.0.0.40_12.07.2014_08.47.50_log.txt
 
---------- TDSSStarter logs ----------
 
 
---------- DIR LIST ----------
 
C:\TDSSKiller_Quarantine\29.06.2014_00.02.53
C:\TDSSKiller_Quarantine\29.06.2014_00.02.53\susp0004
C:\TDSSKiller_Quarantine\29.06.2014_00.02.53\susp0003
C:\TDSSKiller_Quarantine\29.06.2014_00.02.53\susp0002
C:\TDSSKiller_Quarantine\29.06.2014_00.02.53\susp0001
C:\TDSSKiller_Quarantine\29.06.2014_00.02.53\susp0000
C:\TDSSKiller_Quarantine\29.06.2014_00.02.53\susp0000\object.ini
C:\TDSSKiller_Quarantine\29.06.2014_00.02.53\susp0000\svc0000
C:\TDSSKiller_Quarantine\29.06.2014_00.02.53\susp0000\svc0000\tsk0000.dta
C:\TDSSKiller_Quarantine\29.06.2014_00.02.53\susp0000\svc0000\object.ini
C:\TDSSKiller_Quarantine\29.06.2014_00.02.53\susp0000\svc0000\tsk0000.ini
C:\TDSSKiller_Quarantine\29.06.2014_00.02.53\susp0001\object.ini
C:\TDSSKiller_Quarantine\29.06.2014_00.02.53\susp0001\svc0000
C:\TDSSKiller_Quarantine\29.06.2014_00.02.53\susp0001\svc0000\object.ini
C:\TDSSKiller_Quarantine\29.06.2014_00.02.53\susp0001\svc0000\tsk0000.dta
C:\TDSSKiller_Quarantine\29.06.2014_00.02.53\susp0001\svc0000\tsk0000.ini
C:\TDSSKiller_Quarantine\29.06.2014_00.02.53\susp0002\object.ini
C:\TDSSKiller_Quarantine\29.06.2014_00.02.53\susp0002\svc0000
C:\TDSSKiller_Quarantine\29.06.2014_00.02.53\susp0002\svc0000\object.ini
C:\TDSSKiller_Quarantine\29.06.2014_00.02.53\susp0002\svc0000\tsk0000.dta
C:\TDSSKiller_Quarantine\29.06.2014_00.02.53\susp0002\svc0000\tsk0000.ini
C:\TDSSKiller_Quarantine\29.06.2014_00.02.53\susp0003\object.ini
C:\TDSSKiller_Quarantine\29.06.2014_00.02.53\susp0003\svc0000
C:\TDSSKiller_Quarantine\29.06.2014_00.02.53\susp0003\svc0000\object.ini
C:\TDSSKiller_Quarantine\29.06.2014_00.02.53\susp0003\svc0000\tsk0000.dta
C:\TDSSKiller_Quarantine\29.06.2014_00.02.53\susp0003\svc0000\tsk0000.ini
C:\TDSSKiller_Quarantine\29.06.2014_00.02.53\susp0004\object.ini
C:\TDSSKiller_Quarantine\29.06.2014_00.02.53\susp0004\svc0000
C:\TDSSKiller_Quarantine\29.06.2014_00.02.53\susp0004\svc0000\object.ini
C:\TDSSKiller_Quarantine\29.06.2014_00.02.53\susp0004\svc0000\tsk0000.dta
C:\TDSSKiller_Quarantine\29.06.2014_00.02.53\susp0004\svc0000\tsk0000.ini
 
---------- INI FILES ----------
 
=== C:\TDSSKiller_Quarantine\29.06.2014_00.02.53\susp0000\object.ini
 
[InfectedObject]
Verdict: UnsignedFile.Multi.Generic
 
 
=== C:\TDSSKiller_Quarantine\29.06.2014_00.02.53\susp0000\svc0000\object.ini
 
[InfectedObject]
Type: Service
Name: fussvc
Type: n/a (0x10)
Start: Demand (0x3)
ImagePath: "C:\Program Files (x86)\Windows Kits\8.0\App Certification Kit\fussvc.exe"
 
 
=== C:\TDSSKiller_Quarantine\29.06.2014_00.02.53\susp0000\svc0000\tsk0000.ini
 
[InfectedFile]
Type: Raw image
Src: C:\Program Files (x86)\Windows Kits\8.0\App Certification Kit\fussvc.exe
md5: 895BA1CFF25E867CE5A52073E905C93B
sha256: A417065E831B768BD76364EC1E5FEDAADF172DCD1E6C2A134CB311EDDC2DC477
 
 
=== C:\TDSSKiller_Quarantine\29.06.2014_00.02.53\susp0001\object.ini
 
[InfectedObject]
Verdict: UnsignedFile.Multi.Generic
 
 
=== C:\TDSSKiller_Quarantine\29.06.2014_00.02.53\susp0001\svc0000\object.ini
 
[InfectedObject]
Type: Service
Name: HiPatchService
Type: n/a (0x10)
Start: Auto (0x2)
ImagePath: C:\Program Files (x86)\Hi-Rez Studios\HiPatchService.exe
 
 
=== C:\TDSSKiller_Quarantine\29.06.2014_00.02.53\susp0001\svc0000\tsk0000.ini
 
[InfectedFile]
Type: Raw image
Src: C:\Program Files (x86)\Hi-Rez Studios\HiPatchService.exe
md5: DFD1D30D8B68D883B5858748F7E35AD2
sha256: 051C9940054558DCB96746C0425A52F5294194163946B4A2A9CAEA64CFA855A1
 
 
=== C:\TDSSKiller_Quarantine\29.06.2014_00.02.53\susp0002\object.ini
 
[InfectedObject]
Verdict: UnsignedFile.Multi.Generic
 
 
=== C:\TDSSKiller_Quarantine\29.06.2014_00.02.53\susp0002\svc0000\object.ini
 
[InfectedObject]
Type: Service
Name: MDM
Type: n/a (0x110)
Start: Auto (0x2)
ImagePath: "C:\Program Files (x86)\Common Files\Microsoft Shared\VS7DEBUG\mdm.exe"
 
 
=== C:\TDSSKiller_Quarantine\29.06.2014_00.02.53\susp0002\svc0000\tsk0000.ini
 
[InfectedFile]
Type: Raw image
Src: C:\Program Files (x86)\Common Files\Microsoft Shared\VS7DEBUG\mdm.exe
md5: 7CF1B716372B89568AE4C0FE769F5869
sha256: 0D70A7A594BCFBB26D7249C0F4B0AF9EF874F2318B3FDCE44648CC61279594ED
 
 
=== C:\TDSSKiller_Quarantine\29.06.2014_00.02.53\susp0003\object.ini
 
[InfectedObject]
Verdict: UnsignedFile.Multi.Generic
 
 
=== C:\TDSSKiller_Quarantine\29.06.2014_00.02.53\susp0003\svc0000\object.ini
 
[InfectedObject]
Type: Service
Name: Te.Service
Type: n/a (0x20)
Start: Disabled (0x4)
ImagePath: "C:\Program Files (x86)\Windows Kits\8.0\Testing\Runtimes\TAEF\Wex.Services.exe"
 
 
=== C:\TDSSKiller_Quarantine\29.06.2014_00.02.53\susp0003\svc0000\tsk0000.ini
 
[InfectedFile]
Type: Raw image
Src: C:\Program Files (x86)\Windows Kits\8.0\Testing\Runtimes\TAEF\Wex.Services.exe
md5: BB676D2C7AD5E7131D12417E4691F9B9
sha256: C6DE7D8C08C2F059C696E9D63FC55692C8CB37FECF92F5A863D7D2C5AF3B425F
 
 
=== C:\TDSSKiller_Quarantine\29.06.2014_00.02.53\susp0004\object.ini
 
[InfectedObject]
Verdict: UnsignedFile.Multi.Generic
 
 
=== C:\TDSSKiller_Quarantine\29.06.2014_00.02.53\susp0004\svc0000\object.ini
 
[InfectedObject]
Type: Service
Name: VMAuthdService
Type: n/a (0x10)
Start: Auto (0x2)
ImagePath: "C:\Program Files (x86)\VMware\VMware Player\vmware-authd.exe"
 
 
=== C:\TDSSKiller_Quarantine\29.06.2014_00.02.53\susp0004\svc0000\tsk0000.ini
 
[InfectedFile]
Type: Raw image
Src: C:\Program Files (x86)\VMware\VMware Player\vmware-authd.exe
md5: 7171B884DA8BFB1CE5C8BAE46D993CB1
sha256: 41FDD5973D7F02F0C568041E959C13EF2EA42334683C718B7443FFC5810322E6
 
 
***** END SCAN Sat 07/12/2014  9:41:49.71 *****



#15 Archofangel

Archofangel
  • Topic Starter

  • Members
  • 19 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:06:36 PM

Posted 12 July 2014 - 10:50 AM

Georgi,

 

Uninstalled Symantec and Problem persists.

 

Thanks, Alex






0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users